BOOL lsa_domain_opened(struct libnet_context *ctx, const char *domain_name, struct composite_context **parent_ctx, struct libnet_DomainOpen *domain_open, void (*continue_fn)(struct composite_context*), void (*monitor)(struct monitor_msg*)) { struct composite_context *domopen_req; if (parent_ctx == NULL || *parent_ctx == NULL) return False; if (domain_name == NULL) { /* * Try to guess the domain name from credentials, * if it's not been explicitly specified. */ if (policy_handle_empty(&ctx->lsa.handle)) { domain_open->in.type = DOMAIN_LSA; domain_open->in.domain_name = cli_credentials_get_domain(ctx->cred); domain_open->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; } else { composite_error(*parent_ctx, NT_STATUS_INVALID_PARAMETER); /* this ensures the calling function exits and composite function error gets noticed quickly */ return True; } } else { /* * The domain name has been specified, so check whether the same * domain is already opened. If it is - just return NULL. Start * opening a new domain otherwise. */ if (policy_handle_empty(&ctx->lsa.handle) || !strequal(domain_name, ctx->lsa.name)) { domain_open->in.type = DOMAIN_LSA; domain_open->in.domain_name = domain_name; domain_open->in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; } else { /* domain has already been opened and it's the same domain as requested */ return True; } } /* send request to open the domain */ domopen_req = libnet_DomainOpen_send(ctx, domain_open, monitor); /* see the comment above to find out why true is returned here */ if (composite_nomem(domopen_req, *parent_ctx)) return True; composite_continue(*parent_ctx, domopen_req, continue_fn, *parent_ctx); return False; }
static BOOL test_Lookup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx) { NTSTATUS status; struct epm_Lookup r; struct GUID uuid; struct rpc_if_id_t iface; struct policy_handle handle; ZERO_STRUCT(handle); r.in.inquiry_type = 0; r.in.object = &uuid; r.in.interface_id = &iface; r.in.vers_option = 0; r.in.entry_handle = &handle; r.out.entry_handle = &handle; r.in.max_ents = 10; do { int i; ZERO_STRUCT(uuid); ZERO_STRUCT(iface); status = dcerpc_epm_Lookup(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status) || r.out.result != 0) { break; } printf("epm_Lookup returned %d events GUID %s\n", *r.out.num_ents, GUID_string(mem_ctx, &handle.uuid)); for (i=0;i<*r.out.num_ents;i++) { printf("\nFound '%s'\n", r.out.entries[i].annotation); display_tower(mem_ctx, &r.out.entries[i].tower->tower); if (r.out.entries[i].tower->tower.num_floors == 5) { test_Map(p, mem_ctx, r.out.entries[i].tower); } } } while (NT_STATUS_IS_OK(status) && r.out.result == 0 && *r.out.num_ents == r.in.max_ents && !policy_handle_empty(&handle)); if (!NT_STATUS_IS_OK(status)) { printf("Lookup failed - %s\n", nt_errstr(status)); return False; } return True; }
static bool test_Lookup(struct torture_context *tctx, struct dcerpc_pipe *p) { NTSTATUS status; struct epm_Lookup r; struct GUID uuid; struct rpc_if_id_t iface; struct policy_handle handle; uint32_t num_ents; ZERO_STRUCT(handle); r.in.inquiry_type = 0; r.in.object = &uuid; r.in.interface_id = &iface; r.in.vers_option = 0; r.in.entry_handle = &handle; r.out.entry_handle = &handle; r.in.max_ents = 10; r.out.num_ents = &num_ents; do { int i; ZERO_STRUCT(uuid); ZERO_STRUCT(iface); status = dcerpc_epm_Lookup(p, tctx, &r); if (!NT_STATUS_IS_OK(status) || r.out.result != 0) { break; } printf("epm_Lookup returned %d events GUID %s\n", *r.out.num_ents, GUID_string(tctx, &handle.uuid)); for (i=0;i<*r.out.num_ents;i++) { printf("\nFound '%s'\n", r.out.entries[i].annotation); display_tower(tctx, &r.out.entries[i].tower->tower); if (r.out.entries[i].tower->tower.num_floors == 5) { test_Map(p, tctx, r.out.entries[i].tower); } } } while (NT_STATUS_IS_OK(status) && r.out.result == 0 && *r.out.num_ents == r.in.max_ents && !policy_handle_empty(&handle)); torture_assert_ntstatus_ok(tctx, status, "Lookup failed"); return true; }
/** find an internal handle given a wire handle. If the wire handle is NULL then allocate a new handle */ _PUBLIC_ struct dcesrv_handle *dcesrv_handle_fetch( struct dcesrv_connection_context *context, struct policy_handle *p, uint8_t handle_type) { struct dcesrv_handle *h; struct dom_sid *sid; sid = context->conn->auth_state.session_info->security_token->user_sid; if (policy_handle_empty(p)) { /* TODO: we should probably return a NULL handle here */ return dcesrv_handle_new(context, handle_type); } for (h=context->assoc_group->handles; h; h=h->next) { if (h->wire_handle.handle_type == p->handle_type && GUID_equal(&p->uuid, &h->wire_handle.uuid)) { if (handle_type != DCESRV_HANDLE_ANY && p->handle_type != handle_type) { DEBUG(0,("client gave us the wrong handle type (%d should be %d)\n", p->handle_type, handle_type)); return NULL; } if (!dom_sid_equal(h->sid, sid)) { DEBUG(0,(__location__ ": Attempt to use invalid sid %s - %s\n", dom_sid_string(context, h->sid), dom_sid_string(context, sid))); return NULL; } if (h->iface != context->iface) { DEBUG(0,(__location__ ": Attempt to use invalid iface\n")); return NULL; } return h; } } return NULL; }