Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 :
4 : Name lookup.
5 :
6 : Copyright (C) Jeremy Allison 2005
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include "includes.h"
23 : #include "utils/net.h"
24 : #include "rpc_client/cli_pipe.h"
25 : #include "../librpc/gen_ndr/ndr_lsa.h"
26 : #include "rpc_client/cli_lsarpc.h"
27 : #include "libsmb/libsmb.h"
28 :
29 : /********************************************************
30 : Connection cachine struct. Goes away when ctx destroyed.
31 : ********************************************************/
32 :
33 : struct con_struct {
34 : bool failed_connect;
35 : NTSTATUS err;
36 : struct cli_state *cli;
37 : struct rpc_pipe_client *lsapipe;
38 : struct policy_handle pol;
39 : };
40 :
41 : static struct con_struct *cs;
42 :
43 : /********************************************************
44 : Close connection on context destruction.
45 : ********************************************************/
46 :
47 2 : static int cs_destructor(struct con_struct *p)
48 : {
49 2 : if (cs->cli) {
50 0 : cli_shutdown(cs->cli);
51 : }
52 2 : cs = NULL;
53 2 : return 0;
54 : }
55 :
56 : /********************************************************
57 : Create the connection to localhost.
58 : ********************************************************/
59 :
60 2 : static struct con_struct *create_cs(struct net_context *c,
61 : TALLOC_CTX *ctx, NTSTATUS *perr)
62 : {
63 0 : NTSTATUS nt_status;
64 0 : struct sockaddr_storage loopback_ss;
65 2 : struct cli_credentials *anon_creds = NULL;
66 :
67 2 : *perr = NT_STATUS_OK;
68 :
69 2 : if (!interpret_string_addr(&loopback_ss, "127.0.0.1", AI_NUMERICHOST)) {
70 0 : *perr = NT_STATUS_INVALID_PARAMETER;
71 0 : return NULL;
72 : }
73 :
74 2 : if (cs) {
75 0 : if (cs->failed_connect) {
76 0 : *perr = cs->err;
77 0 : return NULL;
78 : }
79 0 : return cs;
80 : }
81 :
82 2 : cs = talloc(ctx, struct con_struct);
83 2 : if (!cs) {
84 0 : *perr = NT_STATUS_NO_MEMORY;
85 0 : return NULL;
86 : }
87 :
88 2 : anon_creds = cli_credentials_init_anon(cs);
89 2 : if (anon_creds == NULL) {
90 0 : TALLOC_FREE(cs);
91 0 : *perr = NT_STATUS_NO_MEMORY;
92 0 : return NULL;
93 : }
94 :
95 2 : ZERO_STRUCTP(cs);
96 2 : talloc_set_destructor(cs, cs_destructor);
97 :
98 2 : nt_status = cli_full_connection_creds(&cs->cli, lp_netbios_name(), lp_netbios_name(),
99 : &loopback_ss, 0,
100 : "IPC$", "IPC",
101 : anon_creds,
102 : CLI_FULL_CONNECTION_IPC);
103 :
104 2 : if (!NT_STATUS_IS_OK(nt_status)) {
105 2 : DEBUG(2,("create_cs: Connect failed. Error was %s\n", nt_errstr(nt_status)));
106 2 : cs->failed_connect = true;
107 2 : cs->err = nt_status;
108 2 : *perr = nt_status;
109 2 : return NULL;
110 : }
111 :
112 0 : nt_status = cli_rpc_pipe_open_noauth(cs->cli,
113 : &ndr_table_lsarpc,
114 0 : &cs->lsapipe);
115 :
116 0 : if (!NT_STATUS_IS_OK(nt_status)) {
117 0 : DEBUG(2,("create_cs: open LSA pipe failed. Error was %s\n", nt_errstr(nt_status)));
118 0 : cs->failed_connect = true;
119 0 : cs->err = nt_status;
120 0 : *perr = nt_status;
121 0 : return NULL;
122 : }
123 :
124 0 : nt_status = rpccli_lsa_open_policy(cs->lsapipe, ctx, true,
125 : SEC_FLAG_MAXIMUM_ALLOWED,
126 0 : &cs->pol);
127 :
128 0 : if (!NT_STATUS_IS_OK(nt_status)) {
129 0 : DEBUG(2,("create_cs: rpccli_lsa_open_policy failed. Error was %s\n", nt_errstr(nt_status)));
130 0 : cs->failed_connect = true;
131 0 : cs->err = nt_status;
132 0 : *perr = nt_status;
133 0 : return NULL;
134 : }
135 :
136 0 : return cs;
137 : }
138 :
139 : /********************************************************
140 : Do a lookup_sids call to localhost.
141 : Check if the local machine is authoritative for this sid. We can't
142 : check if this is our SID as that's stored in the root-read-only
143 : secrets.tdb.
144 : The local smbd will also ask winbindd for us, so we don't have to.
145 : ********************************************************/
146 :
147 2 : NTSTATUS net_lookup_name_from_sid(struct net_context *c,
148 : TALLOC_CTX *ctx,
149 : struct dom_sid *psid,
150 : const char **ppdomain,
151 : const char **ppname)
152 : {
153 0 : NTSTATUS nt_status;
154 2 : struct con_struct *csp = NULL;
155 0 : char **domains;
156 0 : char **names;
157 0 : enum lsa_SidType *types;
158 :
159 2 : *ppdomain = NULL;
160 2 : *ppname = NULL;
161 :
162 2 : csp = create_cs(c, ctx, &nt_status);
163 2 : if (csp == NULL) {
164 2 : return nt_status;
165 : }
166 :
167 0 : nt_status = rpccli_lsa_lookup_sids(csp->lsapipe, ctx,
168 : &csp->pol,
169 : 1, psid,
170 : &domains,
171 : &names,
172 : &types);
173 :
174 0 : if (!NT_STATUS_IS_OK(nt_status)) {
175 0 : return nt_status;
176 : }
177 :
178 0 : *ppdomain = domains[0];
179 0 : *ppname = names[0];
180 : /* Don't care about type here. */
181 :
182 : /* Converted OK */
183 0 : return NT_STATUS_OK;
184 : }
185 :
186 : /********************************************************
187 : Do a lookup_names call to localhost.
188 : ********************************************************/
189 :
190 0 : NTSTATUS net_lookup_sid_from_name(struct net_context *c, TALLOC_CTX *ctx,
191 : const char *full_name, struct dom_sid *pret_sid)
192 : {
193 0 : NTSTATUS nt_status;
194 0 : struct con_struct *csp = NULL;
195 0 : struct dom_sid *sids = NULL;
196 0 : enum lsa_SidType *types = NULL;
197 :
198 0 : csp = create_cs(c, ctx, &nt_status);
199 0 : if (csp == NULL) {
200 0 : return nt_status;
201 : }
202 :
203 0 : nt_status = rpccli_lsa_lookup_names(csp->lsapipe, ctx,
204 : &csp->pol,
205 : 1,
206 : &full_name,
207 : NULL, 1,
208 : &sids, &types);
209 :
210 0 : if (!NT_STATUS_IS_OK(nt_status)) {
211 0 : return nt_status;
212 : }
213 :
214 0 : *pret_sid = sids[0];
215 :
216 : /* Converted OK */
217 0 : return NT_STATUS_OK;
218 : }
|
