bool pdb_set_group_sid(struct samu *sampass, const DOM_SID *g_sid, enum pdb_value_state flag) { gid_t gid; if (!g_sid) return False; if ( !(sampass->group_sid = TALLOC_P( sampass, DOM_SID )) ) { return False; } /* if we cannot resolve the SID to gid, then just ignore it and store DOMAIN_USERS as the primary groupSID */ if ( sid_to_gid( g_sid, &gid ) ) { sid_copy(sampass->group_sid, g_sid); } else { sid_compose(sampass->group_sid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS); } DEBUG(10, ("pdb_set_group_sid: setting group sid %s\n", sid_string_dbg(sampass->group_sid))); return pdb_set_init_flags(sampass, PDB_GROUPSID, flag); }
UNISTR2* ucs2_to_unistr2(TALLOC_CTX *ctx, UNISTR2* dst, smb_ucs2_t* src) { size_t len; if (!src) { return NULL; } len = strlen_w(src); /* allocate UNISTR2 destination if not given */ if (!dst) { dst = TALLOC_P(ctx, UNISTR2); if (!dst) return NULL; } if (!dst->buffer) { dst->buffer = TALLOC_ARRAY(ctx, uint16, len + 1); if (!dst->buffer) return NULL; } /* set UNISTR2 parameters */ dst->uni_max_len = len + 1; dst->offset = 0; dst->uni_str_len = len; /* copy the actual unicode string */ strncpy_w(dst->buffer, src, dst->uni_max_len); return dst; }
DOM_SID *string_sid_talloc(TALLOC_CTX *mem_ctx, const char *sidstr) { DOM_SID *result = TALLOC_P(mem_ctx, DOM_SID); if (result == NULL) return NULL; if (!string_to_sid(result, sidstr)) return NULL; return result; }
void init_unistr4_w( TALLOC_CTX *ctx, UNISTR4 *uni4, const smb_ucs2_t *buf ) { uni4->string = TALLOC_P( ctx, UNISTR2 ); if (!uni4->string) { smb_panic("init_unistr4_w: talloc fail\n"); return; } init_unistr2_w( ctx, uni4->string, buf ); uni4->length = 2 * (uni4->string->uni_str_len); uni4->size = 2 * (uni4->string->uni_max_len); }
void init_unistr4(UNISTR4 *uni4, const char *buf, enum unistr2_term_codes flags) { uni4->string = TALLOC_P( get_talloc_ctx(), UNISTR2 ); if (!uni4->string) { smb_panic("init_unistr4: talloc fail\n"); return; } init_unistr2( uni4->string, buf, flags ); uni4->length = 2 * (uni4->string->uni_str_len); uni4->size = 2 * (uni4->string->uni_max_len); }
WERROR rpccli_svcctl_open_scm(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hSCM, uint32 access_desired ) { SVCCTL_Q_OPEN_SCMANAGER in; SVCCTL_R_OPEN_SCMANAGER out; prs_struct qbuf, rbuf; fstring server; ZERO_STRUCT(in); ZERO_STRUCT(out); /* leave the database name NULL to get the default service db */ in.database = NULL; /* set the server name */ if ( !(in.servername = TALLOC_P( mem_ctx, UNISTR2 )) ) return WERR_NOMEM; fstr_sprintf( server, "\\\\%s", cli->cli->desthost ); init_unistr2( in.servername, server, UNI_STR_TERMINATE ); in.access = access_desired; CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SCMANAGER_W, in, out, qbuf, rbuf, svcctl_io_q_open_scmanager, svcctl_io_r_open_scmanager, WERR_GENERAL_FAILURE ); if ( !W_ERROR_IS_OK( out.status ) ) return out.status; memcpy( hSCM, &out.handle, sizeof(POLICY_HND) ); return out.status; }
NTSTATUS rpccli_ds_getprimarydominfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint16 level, DS_DOMINFO_CTR *ctr) { prs_struct qbuf, rbuf; DS_Q_GETPRIMDOMINFO q; DS_R_GETPRIMDOMINFO r; NTSTATUS result; ZERO_STRUCT(q); ZERO_STRUCT(r); q.level = level; CLI_DO_RPC( cli, mem_ctx, PI_LSARPC_DS, DS_GETPRIMDOMINFO, q, r, qbuf, rbuf, ds_io_q_getprimdominfo, ds_io_r_getprimdominfo, NT_STATUS_UNSUCCESSFUL); /* Return basic info - if we are requesting at info != 1 then there could be trouble. */ result = r.status; if ( r.ptr && ctr ) { ctr->basic = TALLOC_P(mem_ctx, DSROLE_PRIMARY_DOMAIN_INFO_BASIC); if (!ctr->basic) goto done; memcpy(ctr->basic, r.info.basic, sizeof(DSROLE_PRIMARY_DOMAIN_INFO_BASIC)); } done: return result; }
static BOOL parse_share_modes(TDB_DATA dbuf, struct share_mode_lock *lck) { struct locking_data *data; int i; if (dbuf.dsize < sizeof(struct locking_data)) { smb_panic("PANIC: parse_share_modes: buffer too short.\n"); } data = (struct locking_data *)dbuf.dptr; lck->delete_on_close = data->u.s.delete_on_close; lck->initial_delete_on_close = data->u.s.initial_delete_on_close; lck->num_share_modes = data->u.s.num_share_mode_entries; DEBUG(10, ("parse_share_modes: delete_on_close: %d, " "initial_delete_on_close: %d, " "num_share_modes: %d\n", lck->delete_on_close, lck->initial_delete_on_close, lck->num_share_modes)); if ((lck->num_share_modes < 0) || (lck->num_share_modes > 1000000)) { DEBUG(0, ("invalid number of share modes: %d\n", lck->num_share_modes)); smb_panic("PANIC: invalid number of share modes"); } lck->share_modes = NULL; if (lck->num_share_modes != 0) { if (dbuf.dsize < (sizeof(struct locking_data) + (lck->num_share_modes * sizeof(struct share_mode_entry)))) { smb_panic("PANIC: parse_share_modes: buffer too short.\n"); } lck->share_modes = talloc_memdup(lck, dbuf.dptr+sizeof(*data), lck->num_share_modes * sizeof(struct share_mode_entry)); if (lck->share_modes == NULL) { smb_panic("talloc failed\n"); } } /* Get any delete token. */ if (data->u.s.delete_token_size) { char *p = dbuf.dptr + sizeof(*data) + (lck->num_share_modes * sizeof(struct share_mode_entry)); if ((data->u.s.delete_token_size < sizeof(uid_t) + sizeof(gid_t)) || ((data->u.s.delete_token_size - sizeof(uid_t)) % sizeof(gid_t)) != 0) { DEBUG(0, ("parse_share_modes: invalid token size %d\n", data->u.s.delete_token_size)); smb_panic("parse_share_modes: invalid token size\n"); } lck->delete_token = TALLOC_P(lck, UNIX_USER_TOKEN); if (!lck->delete_token) { smb_panic("talloc failed\n"); } /* Copy out the uid and gid. */ memcpy(&lck->delete_token->uid, p, sizeof(uid_t)); p += sizeof(uid_t); memcpy(&lck->delete_token->gid, p, sizeof(gid_t)); p += sizeof(gid_t); /* Any supplementary groups ? */ lck->delete_token->ngroups = (data->u.s.delete_token_size > (sizeof(uid_t) + sizeof(gid_t))) ? ((data->u.s.delete_token_size - (sizeof(uid_t) + sizeof(gid_t)))/sizeof(gid_t)) : 0; if (lck->delete_token->ngroups) { /* Make this a talloc child of lck->delete_token. */ lck->delete_token->groups = TALLOC_ARRAY(lck->delete_token, gid_t, lck->delete_token->ngroups); if (!lck->delete_token) { smb_panic("talloc failed\n"); } for (i = 0; i < lck->delete_token->ngroups; i++) { memcpy(&lck->delete_token->groups[i], p, sizeof(gid_t)); p += sizeof(gid_t); } } } else { lck->delete_token = NULL; } /* Save off the associated service path and filename. */ lck->servicepath = talloc_strdup(lck, dbuf.dptr + sizeof(*data) + (lck->num_share_modes * sizeof(struct share_mode_entry)) + data->u.s.delete_token_size ); lck->filename = talloc_strdup(lck, dbuf.dptr + sizeof(*data) + (lck->num_share_modes * sizeof(struct share_mode_entry)) + data->u.s.delete_token_size + strlen(lck->servicepath) + 1 ); /* * Ensure that each entry has a real process attached. */ for (i = 0; i < lck->num_share_modes; i++) { struct share_mode_entry *entry_p = &lck->share_modes[i]; DEBUG(10,("parse_share_modes: %s\n", share_mode_str(i, entry_p) )); if (!process_exists(entry_p->pid)) { DEBUG(10,("parse_share_modes: deleted %s\n", share_mode_str(i, entry_p) )); entry_p->op_type = UNUSED_SHARE_MODE_ENTRY; lck->modified = True; } } return True; }
const DOM_SID *pdb_get_group_sid(struct samu *sampass) { DOM_SID *gsid; struct passwd *pwd; /* Return the cached group SID if we have that */ if ( sampass->group_sid ) { return sampass->group_sid; } /* generate the group SID from the user's primary Unix group */ if ( !(gsid = TALLOC_P( sampass, DOM_SID )) ) { return NULL; } /* No algorithmic mapping, meaning that we have to figure out the primary group SID according to group mapping and the user SID must be a newly allocated one. We rely on the user's Unix primary gid. We have no choice but to fail if we can't find it. */ if ( sampass->unix_pw ) { pwd = sampass->unix_pw; } else { pwd = Get_Pwnam_alloc( sampass, pdb_get_username(sampass) ); } if ( !pwd ) { DEBUG(0,("pdb_get_group_sid: Failed to find Unix account for %s\n", pdb_get_username(sampass) )); return NULL; } if ( pdb_gid_to_sid(pwd->pw_gid, gsid) ) { enum lsa_SidType type = SID_NAME_UNKNOWN; TALLOC_CTX *mem_ctx = talloc_init("pdb_get_group_sid"); bool lookup_ret; if (!mem_ctx) { return NULL; } /* Now check that it's actually a domain group and not something else */ lookup_ret = lookup_sid(mem_ctx, gsid, NULL, NULL, &type); TALLOC_FREE( mem_ctx ); if ( lookup_ret && (type == SID_NAME_DOM_GRP) ) { sampass->group_sid = gsid; return sampass->group_sid; } DEBUG(3, ("Primary group for user %s is a %s and not a domain group\n", pwd->pw_name, sid_type_lookup(type))); } /* Just set it to the 'Domain Users' RID of 512 which will always resolve to a name */ sid_compose(gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS); sampass->group_sid = gsid; return sampass->group_sid; }