NTSTATUS
LsaSrvInitAuthInfo(
IN handle_t hBinding,
OUT PPOLICY_CONTEXT pPolCtx
)
{
NTSTATUS ntStatus = STATUS_SUCCESS;
unsigned32 rpcStatus = 0;
rpc_transport_info_handle_t hTransportInfo = NULL;
DWORD dwProtSeq = rpc_c_invalid_protseq_id;
rpc_binding_inq_access_token_caller(
hBinding,
&pPolCtx->pUserToken,
&rpcStatus);
ntStatus = LwRpcStatusToNtStatus(rpcStatus);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
rpc_binding_inq_transport_info(hBinding,
&hTransportInfo,
&rpcStatus);
ntStatus = LwRpcStatusToNtStatus(rpcStatus);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
if (hTransportInfo)
{
rpc_binding_inq_prot_seq(hBinding,
(unsigned32*)&dwProtSeq,
&rpcStatus);
ntStatus = LwRpcStatusToNtStatus(rpcStatus);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
switch (dwProtSeq)
{
case rpc_c_protseq_id_ncacn_np:
ntStatus = LsaSrvInitNpAuthInfo(hTransportInfo,
pPolCtx);
BAIL_ON_NTSTATUS_ERROR(ntStatus);
break;
}
}
cleanup:
return ntStatus;
error:
LsaSrvFreeAuthInfo(pPolCtx);
goto cleanup;
}
INTERNAL int is_unpriv_handle( handle_t h, error_status_t *st )
{
error_status_t status,status1;
rpc_binding_vector_p_t bv;
handle_t binding;
unsigned_char_p_t stb,our_netaddr,client_netaddr;
unsigned32 i;
static unsigned_char_p_t *local_netaddr = NULL;
static unsigned32 addr_count = 0;
unsigned32 prot_seq = 0;
rpc_transport_info_handle_t info;
unsigned32 uid = (unsigned32) -1;
unsigned32 gid = (unsigned32) -1;
rpc_binding_inq_prot_seq(h, &prot_seq, &status);
if (! STATUS_OK(&status))
{
*st = status;
return(1);
}
if (prot_seq == rpc_c_protseq_id_ncalrpc)
{
rpc_binding_inq_transport_info(h, &info, &status);
if (! STATUS_OK(&status))
{
*st = status;
return(1);
}
rpc_lrpc_transport_info_inq_peer_eid(info, &uid, &gid);
*st = rpc_s_ok;
return (uid != 0);
}
/* Get client network address from binding handle (client_netaddr) */
rpc_binding_server_from_client(h,&binding,&status);
if (! STATUS_OK(&status))
{
*st = status;
return(1);
}
rpc_binding_to_string_binding(binding,&stb,&status);
if (! STATUS_OK(&status))
{
rpc_binding_free(&binding,&status1);
*st = status;
return(1);
}
rpc_binding_free(&binding,&status1);
rpc_string_binding_parse(stb,NULL,NULL,&client_netaddr,NULL,NULL,&status);
if (! STATUS_OK(&status))
{
rpc_string_free(&stb,&status1);
*st = status;
return(1);
}
rpc_string_free(&stb,&status1);
/*
* Lookup all of the addresses which this node answers to.
* Cache these in static storage so we only do this work once.
*/
if (addr_count == 0)
{
rpc_server_inq_bindings(&bv,&status);
if (! STATUS_OK(&status))
{
rpc_string_free(&client_netaddr,&status1);
*st = status;
return(1);
}
addr_count = bv->count;
local_netaddr = (unsigned_char_p_t *) malloc(
(size_t) (addr_count * sizeof(unsigned_char_p_t)));
if (local_netaddr == NULL)
{
rpc_string_free(&client_netaddr,&status1);
rpc_binding_vector_free(&bv,&status1);
*st = ept_s_no_memory;
return(1);
}
for ( i=0; i < bv->count; i++ )
{
rpc_binding_to_string_binding(bv->binding_h[i],&stb,&status);
if (! STATUS_OK(&status))
{
rpc_binding_vector_free(&bv,&status1);
rpc_string_free(&client_netaddr,&status1);
*st = status;
return(1);
}
rpc_string_binding_parse(stb,NULL,NULL,
&our_netaddr,NULL,NULL,&status);
if (! STATUS_OK(&status))
{
rpc_binding_vector_free(&bv,&status1);
rpc_string_free(&stb,&status1);
rpc_string_free(&client_netaddr,&status1);
*st = status;
return(1);
}
local_netaddr[i] = our_netaddr;
rpc_string_free(&stb,&status1);
}
rpc_binding_vector_free(&bv,&status1);
}
/*
* Compare the addresses with the client address
*/
*st = rpc_s_ok;
for ( i=0; i < addr_count; i++ )
{
if(strcmp((char*) client_netaddr, (char*) local_netaddr[i]) == 0)
{
rpc_string_free(&client_netaddr,&status1);
return(0);
}
}
rpc_string_free(&client_netaddr,&status1);
return(1);
}
