root/source4/libnet/userinfo.c

/* [<][>][^][v][top][bottom][index][help] */

DEFINITIONS

This source file includes following definitions.
  1. continue_userinfo_lookup
  2. continue_userinfo_openuser
  3. continue_userinfo_getuser
  4. continue_userinfo_closeuser
  5. libnet_rpc_userinfo_send
  6. libnet_rpc_userinfo_recv
  7. libnet_rpc_userinfo

   1 /* 
   2    Unix SMB/CIFS implementation.
   3 
   4    Copyright (C) Rafal Szczesniak 2005
   5    
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10    
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15    
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19 
  20 /*
  21   a composite function for getting user information via samr pipe
  22 */
  23 
  24 #include "includes.h"
  25 #include "libcli/composite/composite.h"
  26 #include "librpc/gen_ndr/security.h"
  27 #include "libcli/security/security.h"
  28 #include "libnet/libnet.h"
  29 #include "librpc/gen_ndr/ndr_samr_c.h"
  30 
  31 
  32 struct userinfo_state {
  33         struct dcerpc_pipe        *pipe;
  34         struct policy_handle      domain_handle;
  35         struct policy_handle      user_handle;
  36         uint16_t                  level;
  37         struct samr_LookupNames   lookup;
  38         struct samr_OpenUser      openuser;
  39         struct samr_QueryUserInfo queryuserinfo;
  40         struct samr_Close         samrclose;    
  41         union  samr_UserInfo      *info;
  42 
  43         /* information about the progress */
  44         void (*monitor_fn)(struct monitor_msg *);
  45 };
  46 
  47 
  48 static void continue_userinfo_lookup(struct rpc_request *req);
  49 static void continue_userinfo_openuser(struct rpc_request *req);
  50 static void continue_userinfo_getuser(struct rpc_request *req);
  51 static void continue_userinfo_closeuser(struct rpc_request *req);
  52 
  53 
  54 /**
  55  * Stage 1 (optional): Look for a username in SAM server.
  56  */
  57 static void continue_userinfo_lookup(struct rpc_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
  58 {
  59         struct composite_context *c;
  60         struct userinfo_state *s;
  61         struct rpc_request *openuser_req;
  62         struct monitor_msg msg;
  63         struct msg_rpc_lookup_name *msg_lookup;
  64 
  65         c = talloc_get_type(req->async.private_data, struct composite_context);
  66         s = talloc_get_type(c->private_data, struct userinfo_state);
  67 
  68         /* receive samr_Lookup reply */
  69         c->status = dcerpc_ndr_request_recv(req);
  70         if (!composite_is_ok(c)) return;
  71         
  72         /* there could be a problem with name resolving itself */
  73         if (!NT_STATUS_IS_OK(s->lookup.out.result)) {
  74                 composite_error(c, s->lookup.out.result);
  75                 return;
  76         }
  77 
  78         /* issue a monitor message */
  79         if (s->monitor_fn) {
  80                 msg.type = mon_SamrLookupName;
  81                 msg_lookup = talloc(s, struct msg_rpc_lookup_name);
  82                 msg_lookup->rid = s->lookup.out.rids->ids;
  83                 msg_lookup->count = s->lookup.out.rids->count;
  84                 msg.data = (void*)msg_lookup;
  85                 msg.data_size = sizeof(*msg_lookup);
  86                 
  87                 s->monitor_fn(&msg);
  88         }
  89         
  90 
  91         /* have we actually got name resolved
  92            - we're looking for only one at the moment */
  93         if (s->lookup.out.rids->count == 0) {
  94                 composite_error(c, NT_STATUS_NO_SUCH_USER);
  95         }
  96 
  97         /* TODO: find proper status code for more than one rid found */
  98 
  99         /* prepare parameters for LookupNames */
 100         s->openuser.in.domain_handle  = &s->domain_handle;
 101         s->openuser.in.access_mask    = SEC_FLAG_MAXIMUM_ALLOWED;
 102         s->openuser.in.rid            = s->lookup.out.rids->ids[0];
 103         s->openuser.out.user_handle   = &s->user_handle;
 104 
 105         /* send request */
 106         openuser_req = dcerpc_samr_OpenUser_send(s->pipe, c, &s->openuser);
 107         if (composite_nomem(openuser_req, c)) return;
 108 
 109         composite_continue_rpc(c, openuser_req, continue_userinfo_openuser, c);
 110 }
 111 
 112 
 113 /**
 114  * Stage 2: Open user policy handle.
 115  */
 116 static void continue_userinfo_openuser(struct rpc_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 117 {
 118         struct composite_context *c;
 119         struct userinfo_state *s;
 120         struct rpc_request *queryuser_req;
 121         struct monitor_msg msg;
 122         struct msg_rpc_open_user *msg_open;
 123 
 124         c = talloc_get_type(req->async.private_data, struct composite_context);
 125         s = talloc_get_type(c->private_data, struct userinfo_state);
 126 
 127         /* receive samr_OpenUser reply */
 128         c->status = dcerpc_ndr_request_recv(req);
 129         if (!composite_is_ok(c)) return;
 130 
 131         if (!NT_STATUS_IS_OK(s->queryuserinfo.out.result)) {
 132                 composite_error(c, s->queryuserinfo.out.result);
 133                 return;
 134         }
 135 
 136         /* issue a monitor message */
 137         if (s->monitor_fn) {
 138                 msg.type = mon_SamrOpenUser;
 139                 msg_open = talloc(s, struct msg_rpc_open_user);
 140                 msg_open->rid = s->openuser.in.rid;
 141                 msg_open->access_mask = s->openuser.in.access_mask;
 142                 msg.data = (void*)msg_open;
 143                 msg.data_size = sizeof(*msg_open);
 144                 
 145                 s->monitor_fn(&msg);
 146         }
 147         
 148         /* prepare parameters for QueryUserInfo call */
 149         s->queryuserinfo.in.user_handle = &s->user_handle;
 150         s->queryuserinfo.in.level       = s->level;
 151         s->queryuserinfo.out.info       = talloc(s, union samr_UserInfo *);
 152         if (composite_nomem(s->queryuserinfo.out.info, c)) return;
 153         
 154         /* queue rpc call, set event handling and new state */
 155         queryuser_req = dcerpc_samr_QueryUserInfo_send(s->pipe, c, &s->queryuserinfo);
 156         if (composite_nomem(queryuser_req, c)) return;
 157         
 158         composite_continue_rpc(c, queryuser_req, continue_userinfo_getuser, c);
 159 }
 160 
 161 
 162 /**
 163  * Stage 3: Get requested user information.
 164  */
 165 static void continue_userinfo_getuser(struct rpc_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 166 {
 167         struct composite_context *c;
 168         struct userinfo_state *s;
 169         struct rpc_request *close_req;
 170         struct monitor_msg msg;
 171         struct msg_rpc_query_user *msg_query;
 172 
 173         c = talloc_get_type(req->async.private_data, struct composite_context);
 174         s = talloc_get_type(c->private_data, struct userinfo_state);
 175 
 176         /* receive samr_QueryUserInfo reply */
 177         c->status = dcerpc_ndr_request_recv(req);
 178         if (!composite_is_ok(c)) return;
 179 
 180         /* check if queryuser itself went ok */
 181         if (!NT_STATUS_IS_OK(s->queryuserinfo.out.result)) {
 182                 composite_error(c, s->queryuserinfo.out.result);
 183                 return;
 184         }
 185 
 186         s->info = talloc_steal(s, *(s->queryuserinfo.out.info));
 187 
 188         /* issue a monitor message */
 189         if (s->monitor_fn) {
 190                 msg.type = mon_SamrQueryUser;
 191                 msg_query = talloc(s, struct msg_rpc_query_user);
 192                 msg_query->level = s->queryuserinfo.in.level;
 193                 msg.data = (void*)msg_query;
 194                 msg.data_size = sizeof(*msg_query);
 195                 
 196                 s->monitor_fn(&msg);
 197         }
 198         
 199         /* prepare arguments for Close call */
 200         s->samrclose.in.handle  = &s->user_handle;
 201         s->samrclose.out.handle = &s->user_handle;
 202         
 203         /* queue rpc call, set event handling and new state */
 204         close_req = dcerpc_samr_Close_send(s->pipe, c, &s->samrclose);
 205         if (composite_nomem(close_req, c)) return;
 206         
 207         composite_continue_rpc(c, close_req, continue_userinfo_closeuser, c);
 208 }
 209 
 210 
 211 /**
 212  * Stage 4: Close policy handle associated with opened user.
 213  */
 214 static void continue_userinfo_closeuser(struct rpc_request *req)
     /* [<][>][^][v][top][bottom][index][help] */
 215 {
 216         struct composite_context *c;
 217         struct userinfo_state *s;
 218         struct monitor_msg msg;
 219         struct msg_rpc_close_user *msg_close;
 220 
 221         c = talloc_get_type(req->async.private_data, struct composite_context);
 222         s = talloc_get_type(c->private_data, struct userinfo_state);
 223 
 224         /* receive samr_Close reply */
 225         c->status = dcerpc_ndr_request_recv(req);
 226         if (!composite_is_ok(c)) return;
 227 
 228         if (!NT_STATUS_IS_OK(s->samrclose.out.result)) {
 229                 composite_error(c, s->samrclose.out.result);
 230                 return;
 231         }
 232 
 233         /* issue a monitor message */
 234         if (s->monitor_fn) {
 235                 msg.type = mon_SamrClose;
 236                 msg_close = talloc(s, struct msg_rpc_close_user);
 237                 msg_close->rid = s->openuser.in.rid;
 238                 msg.data = (void*)msg_close;
 239                 msg.data_size = sizeof(*msg_close);
 240 
 241                 s->monitor_fn(&msg);
 242         }
 243 
 244         composite_done(c);
 245 }
 246 
 247 
 248 /**
 249  * Sends asynchronous userinfo request
 250  *
 251  * @param p dce/rpc call pipe 
 252  * @param io arguments and results of the call
 253  */
 254 struct composite_context *libnet_rpc_userinfo_send(struct dcerpc_pipe *p,
     /* [<][>][^][v][top][bottom][index][help] */
 255                                                    struct libnet_rpc_userinfo *io,
 256                                                    void (*monitor)(struct monitor_msg*))
 257 {
 258         struct composite_context *c;
 259         struct userinfo_state *s;
 260         struct dom_sid *sid;
 261         struct rpc_request *openuser_req, *lookup_req;
 262 
 263         if (!p || !io) return NULL;
 264         
 265         c = composite_create(p, dcerpc_event_context(p));
 266         if (c == NULL) return c;
 267         
 268         s = talloc_zero(c, struct userinfo_state);
 269         if (composite_nomem(s, c)) return c;
 270 
 271         c->private_data = s;
 272 
 273         s->level         = io->in.level;
 274         s->pipe          = p;
 275         s->domain_handle = io->in.domain_handle;
 276         s->monitor_fn    = monitor;
 277 
 278         if (io->in.sid) {
 279                 sid = dom_sid_parse_talloc(s, io->in.sid);
 280                 if (composite_nomem(sid, c)) return c;
 281 
 282                 s->openuser.in.domain_handle  = &s->domain_handle;
 283                 s->openuser.in.access_mask    = SEC_FLAG_MAXIMUM_ALLOWED;
 284                 s->openuser.in.rid            = sid->sub_auths[sid->num_auths - 1];
 285                 s->openuser.out.user_handle   = &s->user_handle;
 286                 
 287                 /* send request */
 288                 openuser_req = dcerpc_samr_OpenUser_send(p, c, &s->openuser);
 289                 if (composite_nomem(openuser_req, c)) return c;
 290 
 291                 composite_continue_rpc(c, openuser_req, continue_userinfo_openuser, c);
 292 
 293         } else {
 294                 /* preparing parameters to send rpc request */
 295                 s->lookup.in.domain_handle    = &s->domain_handle;
 296                 s->lookup.in.num_names        = 1;
 297                 s->lookup.in.names            = talloc_array(s, struct lsa_String, 1);
 298                 if (composite_nomem(s->lookup.in.names, c)) return c;
 299                 s->lookup.out.rids         = talloc_zero(s, struct samr_Ids);
 300                 s->lookup.out.types        = talloc_zero(s, struct samr_Ids);
 301                 if (composite_nomem(s->lookup.out.rids, c)) return c;
 302                 if (composite_nomem(s->lookup.out.types, c)) return c;
 303 
 304                 s->lookup.in.names[0].string  = talloc_strdup(s, io->in.username);
 305                 if (composite_nomem(s->lookup.in.names[0].string, c)) return c;
 306                 
 307                 /* send request */
 308                 lookup_req = dcerpc_samr_LookupNames_send(p, c, &s->lookup);
 309                 if (composite_nomem(lookup_req, c)) return c;
 310                 
 311                 composite_continue_rpc(c, lookup_req, continue_userinfo_lookup, c);
 312         }
 313 
 314         return c;
 315 }
 316 
 317 
 318 /**
 319  * Waits for and receives result of asynchronous userinfo call
 320  * 
 321  * @param c composite context returned by asynchronous userinfo call
 322  * @param mem_ctx memory context of the call
 323  * @param io pointer to results (and arguments) of the call
 324  * @return nt status code of execution
 325  */
 326 
 327 NTSTATUS libnet_rpc_userinfo_recv(struct composite_context *c, TALLOC_CTX *mem_ctx,
     /* [<][>][^][v][top][bottom][index][help] */
 328                                   struct libnet_rpc_userinfo *io)
 329 {
 330         NTSTATUS status;
 331         struct userinfo_state *s;
 332         
 333         /* wait for results of sending request */
 334         status = composite_wait(c);
 335         
 336         if (NT_STATUS_IS_OK(status) && io) {
 337                 s = talloc_get_type(c->private_data, struct userinfo_state);
 338                 talloc_steal(mem_ctx, s->info);
 339                 io->out.info = *s->info;
 340         }
 341         
 342         /* memory context associated to composite context is no longer needed */
 343         talloc_free(c);
 344         return status;
 345 }
 346 
 347 
 348 /**
 349  * Synchronous version of userinfo call
 350  *
 351  * @param pipe dce/rpc call pipe
 352  * @param mem_ctx memory context for the call
 353  * @param io arguments and results of the call
 354  * @return nt status code of execution
 355  */
 356 
 357 NTSTATUS libnet_rpc_userinfo(struct dcerpc_pipe *p,
     /* [<][>][^][v][top][bottom][index][help] */
 358                              TALLOC_CTX *mem_ctx,
 359                              struct libnet_rpc_userinfo *io)
 360 {
 361         struct composite_context *c = libnet_rpc_userinfo_send(p, io, NULL);
 362         return libnet_rpc_userinfo_recv(c, mem_ctx, io);
 363 }

/* [<][>][^][v][top][bottom][index][help] */