static struct wkssvc_NetWkstaInfo102 *create_wks_info_102(TALLOC_CTX *mem_ctx)
{
struct wkssvc_NetWkstaInfo102 *info102;
char **users;
info102 = talloc(mem_ctx, struct wkssvc_NetWkstaInfo102);
if (info102 == NULL) {
return NULL;
}
info102->platform_id = PLATFORM_ID_NT; /* unknown */
info102->version_major = SAMBA_MAJOR_NBT_ANNOUNCE_VERSION;
info102->version_minor = SAMBA_MINOR_NBT_ANNOUNCE_VERSION;
info102->server_name = talloc_asprintf_strupper_m(
info102, "%s", lp_netbios_name());
info102->domain_name = talloc_asprintf_strupper_m(
info102, "%s", lp_workgroup());
info102->lan_root = "";
users = get_logged_on_userlist(talloc_tos());
info102->logged_on_users = talloc_array_length(users);
TALLOC_FREE(users);
return info102;
}
static bool fetch_map_from_gencache(TALLOC_CTX *ctx,
const char *user_in,
char **p_user_out)
{
char *key, *value;
bool found;
if (lp_username_map_cache_time() == 0) {
return false;
}
key = talloc_asprintf_strupper_m(ctx, "USERNAME_MAP/%s",
user_in);
if (key == NULL) {
return false;
}
found = gencache_get(key, &value, NULL);
TALLOC_FREE(key);
if (!found) {
return false;
}
TALLOC_FREE(*p_user_out);
*p_user_out = talloc_strdup(ctx, value);
SAFE_FREE(value);
if (!*p_user_out) {
return false;
}
return true;
}
static char *dsgetdcname_cache_key(TALLOC_CTX *mem_ctx, const char *domain)
{
if (!domain) {
return NULL;
}
return talloc_asprintf_strupper_m(mem_ctx, DSGETDCNAME_FMT, domain);
}
/**
* Form a key for fetching the domain sid
*
* @param domain domain name
*
* @return keystring
**/
static const char *domain_sid_keystr(const char *domain)
{
char *keystr;
keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
SECRETS_DOMAIN_SID, domain);
SMB_ASSERT(keystr != NULL);
return keystr;
}
/**
* Form a key for fetching the machine trust account password
*
* @param domain domain name
*
* @return stored password's key
**/
static const char *trust_keystr(const char *domain)
{
char *keystr;
keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
SECRETS_MACHINE_ACCT_PASS, domain);
SMB_ASSERT(keystr != NULL);
return keystr;
}
/**
* Form a key for fetching the machine trust account password
*
* @param domain domain name
*
* @return keystring
**/
static const char *machine_password_keystr(const char *domain)
{
char *keystr;
keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
SECRETS_MACHINE_PASSWORD, domain);
SMB_ASSERT(keystr != NULL);
return keystr;
}
/**
* Form a key for fetching the machine trust account last change time
*
* @param domain domain name
*
* @return keystring
**/
static const char *machine_last_change_time_keystr(const char *domain)
{
char *keystr;
keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
SECRETS_MACHINE_LAST_CHANGE_TIME,
domain);
SMB_ASSERT(keystr != NULL);
return keystr;
}
/**
* Form a key for fetching the machine trust account sec channel type
*
* @param domain domain name
*
* @return keystring
**/
static const char *machine_sec_channel_type_keystr(const char *domain)
{
char *keystr;
keystr = talloc_asprintf_strupper_m(talloc_tos(), "%s/%s",
SECRETS_MACHINE_SEC_CHANNEL_TYPE,
domain);
SMB_ASSERT(keystr != NULL);
return keystr;
}
static struct wkssvc_NetWkstaInfo100 *create_wks_info_100(TALLOC_CTX *mem_ctx)
{
struct wkssvc_NetWkstaInfo100 *info100;
info100 = talloc(mem_ctx, struct wkssvc_NetWkstaInfo100);
if (info100 == NULL) {
return NULL;
}
info100->platform_id = PLATFORM_ID_NT; /* unknown */
info100->version_major = SAMBA_MAJOR_NBT_ANNOUNCE_VERSION;
info100->version_minor = SAMBA_MINOR_NBT_ANNOUNCE_VERSION;
info100->server_name = talloc_asprintf_strupper_m(
info100, "%s", lp_netbios_name());
info100->domain_name = talloc_asprintf_strupper_m(
info100, "%s", lp_workgroup());
return info100;
}
static void store_map_in_gencache(TALLOC_CTX *ctx, const char *from, const char *to)
{
char *key;
int cache_time = lp_username_map_cache_time();
if (cache_time == 0) {
return;
}
key = talloc_asprintf_strupper_m(ctx, "USERNAME_MAP/%s",
from);
if (key == NULL) {
return;
}
gencache_set(key, to, cache_time + time(NULL));
TALLOC_FREE(key);
}
static NTSTATUS mymachinepw(uint8_t pwd[16])
{
TALLOC_CTX *frame = talloc_stackframe();
struct tldap_context *ld = NULL;
struct tldap_message *rootdse, **msg;
const char *attrs[1] = { "unicodePwd" };
char *default_nc, *myname;
int rc, num_msg;
DATA_BLOB pwdblob;
NTSTATUS status;
status = get_ldapi_ctx(talloc_tos(), &ld);
if (!NT_STATUS_IS_OK(status)) {
goto fail;
}
rootdse = tldap_rootdse(ld);
if (rootdse == NULL) {
DEBUG(10, ("Could not get rootdse\n"));
status = NT_STATUS_INTERNAL_ERROR;
goto fail;
}
default_nc = tldap_talloc_single_attribute(
rootdse, "defaultNamingContext", talloc_tos());
if (default_nc == NULL) {
DEBUG(10, ("Could not get defaultNamingContext\n"));
status = NT_STATUS_NO_MEMORY;
goto fail;
}
DEBUG(10, ("default_nc = %s\n", default_nc));
myname = talloc_asprintf_strupper_m(talloc_tos(), "%s$",
global_myname());
if (myname == NULL) {
DEBUG(10, ("talloc failed\n"));
status = NT_STATUS_NO_MEMORY;
goto fail;
}
rc = tldap_search_fmt(
ld, default_nc, TLDAP_SCOPE_SUB, attrs, ARRAY_SIZE(attrs), 0,
talloc_tos(), &msg,
"(&(sAMAccountName=%s)(objectClass=computer))", myname);
if (rc != TLDAP_SUCCESS) {
DEBUG(10, ("Could not retrieve our account: %s\n",
tldap_errstr(talloc_tos(), ld, rc)));
status = NT_STATUS_LDAP(rc);
goto fail;
}
num_msg = talloc_array_length(msg);
if (num_msg != 1) {
DEBUG(10, ("Got %d accounts, expected one\n", num_msg));
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto fail;
}
if (!tldap_get_single_valueblob(msg[0], "unicodePwd", &pwdblob)) {
char *dn = NULL;
tldap_entry_dn(msg[0], &dn);
DEBUG(10, ("No unicodePwd attribute in %s\n",
dn ? dn : "<unknown DN>"));
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto fail;
}
if (pwdblob.length != 16) {
DEBUG(10, ("Password hash hash has length %d, expected 16\n",
(int)pwdblob.length));
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto fail;
}
memcpy(pwd, pwdblob.data, 16);
fail:
TALLOC_FREE(frame);
return status;
}
static struct wkssvc_NetWkstaEnumUsersCtr1 *create_enum_users1(
TALLOC_CTX *mem_ctx)
{
struct wkssvc_NetWkstaEnumUsersCtr1 *ctr1;
char **users;
struct dom_usr *dom_users;
const char *pwd_server;
char *pwd_tmp;
int i, j, num_users, num_dom_users;
ctr1 = talloc(mem_ctx, struct wkssvc_NetWkstaEnumUsersCtr1);
if (ctr1 == NULL) {
return NULL;
}
users = get_logged_on_userlist(talloc_tos());
if (users == NULL && errno != 0) {
DEBUG(1,("get_logged_on_userlist error %d: %s\n",
errno, strerror(errno)));
TALLOC_FREE(ctr1);
return NULL;
}
num_users = talloc_array_length(users);
dom_users = get_domain_userlist(talloc_tos());
if (dom_users == NULL && errno != 0) {
TALLOC_FREE(ctr1);
TALLOC_FREE(users);
return NULL;
}
num_dom_users = talloc_array_length(dom_users);
ctr1->user1 = talloc_array(ctr1, struct wkssvc_NetrWkstaUserInfo1,
num_users+num_dom_users);
if (ctr1->user1 == NULL) {
TALLOC_FREE(ctr1);
TALLOC_FREE(users);
TALLOC_FREE(dom_users);
return NULL;
}
pwd_server = "";
if ((pwd_tmp = talloc_strdup(ctr1->user1, lp_passwordserver()))) {
/* The configured password server is a full DNS name but
* for the logon server we need to return just the first
* component (machine name) of it in upper-case */
char *p = strchr(pwd_tmp, '.');
if (p) {
*p = '\0';
} else {
p = pwd_tmp + strlen(pwd_tmp);
}
while (--p >= pwd_tmp) {
*p = toupper(*p);
}
pwd_server = pwd_tmp;
}
/* Put in local users first */
for (i=0; i<num_users; i++) {
ctr1->user1[i].user_name = talloc_move(ctr1->user1, &users[i]);
/* For a local user the domain name and logon server are
* both returned as the local machine's NetBIOS name */
ctr1->user1[i].logon_domain = ctr1->user1[i].logon_server =
talloc_asprintf_strupper_m(ctr1->user1, "%s", lp_netbios_name());
ctr1->user1[i].other_domains = NULL; /* Maybe in future? */
}
/* Now domain users */
for (j=0; j<num_dom_users; j++) {
ctr1->user1[i].user_name =
talloc_strdup(ctr1->user1, dom_users[j].name);
ctr1->user1[i].logon_domain =
talloc_strdup(ctr1->user1, dom_users[j].domain);
ctr1->user1[i].logon_server = pwd_server;
ctr1->user1[i++].other_domains = NULL; /* Maybe in future? */
}
ctr1->entries_read = i;
TALLOC_FREE(users);
TALLOC_FREE(dom_users);
return ctr1;
}
static struct dom_usr *get_domain_userlist(TALLOC_CTX *mem_ctx)
{
struct sessionid *session_list = NULL;
char *machine_name, *p, *nm;
const char *sep;
struct dom_usr *users, *tmp;
int i, num_users, num_sessions;
sep = lp_winbind_separator();
if (!sep) {
sep = "\\";
}
num_sessions = list_sessions(mem_ctx, &session_list);
if (num_sessions == 0) {
errno = 0;
return NULL;
}
users = talloc_array(mem_ctx, struct dom_usr, num_sessions);
if (users == NULL) {
TALLOC_FREE(session_list);
return NULL;
}
for (i=num_users=0; i<num_sessions; i++) {
if (!session_list[i].username
|| !session_list[i].remote_machine) {
continue;
}
p = strpbrk(session_list[i].remote_machine, "./");
if (p) {
*p = '\0';
}
machine_name = talloc_asprintf_strupper_m(
users, "%s", session_list[i].remote_machine);
if (machine_name == NULL) {
DEBUG(10, ("talloc_asprintf failed\n"));
continue;
}
if (strcmp(machine_name, lp_netbios_name()) == 0) {
p = session_list[i].username;
nm = strstr(p, sep);
if (nm) {
/*
* "domain+name" format so split domain and
* name components
*/
*nm = '\0';
nm += strlen(sep);
users[num_users].domain =
talloc_asprintf_strupper_m(users,
"%s", p);
users[num_users].name = talloc_strdup(users,
nm);
} else {
/*
* Simple user name so get domain from smb.conf
*/
users[num_users].domain =
talloc_strdup(users, lp_workgroup());
users[num_users].name = talloc_strdup(users,
p);
}
users[num_users].login_time =
session_list[i].connect_start;
num_users++;
}
TALLOC_FREE(machine_name);
}
TALLOC_FREE(session_list);
tmp = talloc_realloc(mem_ctx, users, struct dom_usr, num_users);
if (tmp == NULL) {
return NULL;
}
users = tmp;
/* Sort the user list by time, oldest first */
TYPESAFE_QSORT(users, num_users, dom_user_cmp);
errno = 0;
return users;
}
static char *lsa_secret_key(TALLOC_CTX *mem_ctx,
const char *secret_name)
{
return talloc_asprintf_strupper_m(mem_ctx, "SECRETS/LSA/%s",
secret_name);
}
