int c_s(int32_t mid, int32_t sid) { void *p; lt_packet out_packet; client_func_checks(); makepacket(&out_packet, T_S); p = &out_packet.payload; if (!put_mid(&p, mid, &PLength(&out_packet), &PArgc(&out_packet))) return 1; if (!put_sid(&p, sid, &PLength(&out_packet), &PArgc(&out_packet))) return 1; return (sendpacket(neighbor_table[1][1][1], &out_packet)); }
static int enum_local_groups (domlist_t *mach, const char *sep, DWORD id_offset, char *disp_groupname, int print_builtin, int print_current) { WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1]; LOCALGROUP_INFO_0 *buffer; DWORD entriesread = 0; DWORD totalentries = 0; DWORD_PTR resume_handle = 0; WCHAR gname[GNLEN + 1]; DWORD rc; int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1); if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1) { fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n", program_invocation_short_name, mach->str); return 1; } do { DWORD i; if (disp_groupname) { mbstowcs (gname, disp_groupname, GNLEN + 1); rc = NetLocalGroupGetInfo (machine, gname, 0, (void *) &buffer); if (rc == ERROR_SUCCESS) entriesread = 1; /* Allow further searching for the group and avoid annoying error messages just because the group is not a local group or the group hasn't been found. */ else if (rc == ERROR_NO_SUCH_ALIAS || rc == NERR_GroupNotFound) return 0; } else rc = NetLocalGroupEnum (machine, 0, (void *) &buffer, MAX_PREFERRED_LENGTH, &entriesread, &totalentries, &resume_handle); switch (rc) { case ERROR_ACCESS_DENIED: print_win_error (rc); return 1; case ERROR_MORE_DATA: case ERROR_SUCCESS: break; default: print_win_error (rc); return 1; } for (i = 0; i < entriesread; i++) { WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1]; DWORD domname_len = MAX_DOMAIN_NAME_LEN + 1; char psid_buffer[MAX_SID_LEN]; PSID psid = (PSID) psid_buffer; DWORD sid_length = MAX_SID_LEN; DWORD gid; SID_NAME_USE acc_type; PDBGSID pdsid; BOOL is_builtin = FALSE; if (!LookupAccountNameW (machine, buffer[i].lgrpi0_name, psid, &sid_length, domain_name, &domname_len, &acc_type)) { print_win_error (GetLastError ()); fprintf (stderr, " (%ls)\n", buffer[i].lgrpi0_name); continue; } else if (acc_type == SidTypeDomain) { WCHAR domname[MAX_DOMAIN_NAME_LEN + GNLEN + 2]; wcscpy (domname, domain_name); wcscat (domname, L"\\"); wcscat (domname, buffer[i].lgrpi0_name); sid_length = MAX_SID_LEN; domname_len = MAX_DOMAIN_NAME_LEN + 1; if (!LookupAccountNameW (machine, domname, psid, &sid_length, domain_name, &domname_len, &acc_type)) { print_win_error (GetLastError ()); fprintf(stderr, " (%ls)\n", domname); continue; } } /* Store all local SIDs with prefix "S-1-5-32-" and check if it has been printed already. This allows to get all builtin groups exactly once and not once per domain. */ pdsid = (PDBGSID) psid; if (pdsid->IdentifierAuthority.Value[5] == sid_nt_auth.Value[5] && pdsid->SubAuthority[0] == SECURITY_BUILTIN_DOMAIN_RID) { int b; if (!print_builtin) goto skip_group; is_builtin = TRUE; if (builtin_sid_cnt) for (b = 0; b < builtin_sid_cnt; b++) if (EqualSid (&builtin_sid_list[b], psid)) goto skip_group; if (builtin_sid_cnt < MAX_BUILTIN_SIDS) CopySid (sizeof (DBGSID), &builtin_sid_list[builtin_sid_cnt++], psid); } if (!print_current) /* fall through */; else if (EqualSid (curr_pgrp.psid, psid)) got_curr_pgrp = TRUE; gid = *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1); printf ("%ls%s%ls:%s:%" PRIu32 ":\n", mach->with_dom && !is_builtin ? domain_name : L"", mach->with_dom || is_builtin ? sep : "", buffer[i].lgrpi0_name, put_sid (psid), (unsigned int) (gid + (is_builtin ? 0 : id_offset))); skip_group: ; } NetApiBufferFree (buffer); } while (rc == ERROR_MORE_DATA); /* Return 1 if the single group we're looking for has been found here to avoid calling enum_groups for the same group, thus avoiding a spurious error message "group name could not be found" in enum_groups. */ return disp_groupname && entriesread ? 1 : 0; }
static void enum_groups (domlist_t *mach, const char *sep, DWORD id_offset, char *disp_groupname, int print_current) { WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1]; GROUP_INFO_2 *buffer; DWORD entriesread = 0; DWORD totalentries = 0; DWORD_PTR resume_handle = 0; WCHAR gname[GNLEN + 1]; DWORD rc; int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1); if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1) { fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n", program_invocation_short_name, mach->str); return; } do { DWORD i; if (disp_groupname != NULL) { mbstowcs (gname, disp_groupname, GNLEN + 1); rc = NetGroupGetInfo (machine, (LPWSTR) & gname, 2, (void *) &buffer); entriesread=1; /* Avoid annoying error messages just because the group hasn't been found. */ if (rc == NERR_GroupNotFound) return; } else rc = NetGroupEnum (machine, 2, (void *) & buffer, MAX_PREFERRED_LENGTH, &entriesread, &totalentries, &resume_handle); switch (rc) { case ERROR_ACCESS_DENIED: print_win_error (rc); return; case ERROR_MORE_DATA: case ERROR_SUCCESS: break; default: print_win_error (rc); return; } for (i = 0; i < entriesread; i++) { WCHAR domain_name[MAX_DOMAIN_NAME_LEN + 1]; DWORD domname_len = MAX_DOMAIN_NAME_LEN + 1; char psid_buffer[MAX_SID_LEN]; PSID psid = (PSID) psid_buffer; DWORD sid_length = MAX_SID_LEN; SID_NAME_USE acc_type; int gid = buffer[i].grpi2_group_id; if (!LookupAccountNameW (machine, buffer[i].grpi2_name, psid, &sid_length, domain_name, &domname_len, &acc_type)) { print_win_error (GetLastError ()); fprintf(stderr, " (%ls)\n", buffer[i].grpi2_name); continue; } else if (acc_type == SidTypeDomain) { WCHAR domname[MAX_DOMAIN_NAME_LEN + GNLEN + 2]; wcscpy (domname, machine); wcscat (domname, L"\\"); wcscat (domname, buffer[i].grpi2_name); sid_length = MAX_SID_LEN; domname_len = MAX_DOMAIN_NAME_LEN + 1; if (!LookupAccountNameW (machine, domname, psid, &sid_length, domain_name, &domname_len, &acc_type)) { print_win_error (GetLastError ()); fprintf(stderr, " (%ls)\n", domname); continue; } } if (!print_current) /* fall through */; else if (EqualSid (curr_pgrp.psid, psid)) got_curr_pgrp = TRUE; printf ("%ls%s%ls:%s:%" PRIu32 ":\n", mach->with_dom ? domain_name : L"", mach->with_dom ? sep : "", buffer[i].grpi2_name, put_sid (psid), (unsigned int) (id_offset + gid)); } NetApiBufferFree (buffer); } while (rc == ERROR_MORE_DATA); }
static void enum_unix_groups (domlist_t *mach, const char *sep, DWORD id_offset, char *unix_grp_list) { WCHAR machine[INTERNET_MAX_HOST_NAME_LENGTH + 1]; SID_IDENTIFIER_AUTHORITY auth = { { 0, 0, 0, 0, 0, 22 } }; char *gstr, *grp_list; WCHAR grp[GNLEN + sizeof ("Unix Group\\") + 1]; WCHAR dom[MAX_DOMAIN_NAME_LEN + 1]; DWORD glen, dlen, sidlen; PSID psid; char psid_buffer[MAX_SID_LEN]; SID_NAME_USE acc_type; int ret = mbstowcs (machine, mach->str, INTERNET_MAX_HOST_NAME_LENGTH + 1); if (ret < 1 || ret >= INTERNET_MAX_HOST_NAME_LENGTH + 1) { fprintf (stderr, "%s: Invalid machine name '%s'. Skipping...\n", program_invocation_short_name, mach->str); return; } if (!AllocateAndInitializeSid (&auth, 2, 2, 0, 0, 0, 0, 0, 0, 0, &psid)) return; if (!(grp_list = strdup (unix_grp_list))) { FreeSid (psid); return; } for (gstr = strtok (grp_list, ","); gstr; gstr = strtok (NULL, ",")) { if (!isdigit ((unsigned char) gstr[0]) && gstr[0] != '-') { PWCHAR p = wcpcpy (grp, L"Unix Group\\"); ret = mbstowcs (p, gstr, GNLEN + 1); if (ret < 1 || ret >= GNLEN + 1) fprintf (stderr, "%s: Invalid group name '%s'. Skipping...\n", program_invocation_short_name, gstr); else if (LookupAccountNameW (machine, grp, psid = (PSID) psid_buffer, (sidlen = MAX_SID_LEN, &sidlen), dom, (dlen = MAX_DOMAIN_NAME_LEN + 1, &dlen), &acc_type)) printf ("%s%s%ls:%s:%" PRIu32 ":\n", mach->with_dom ? "Unix_Group" : "", mach->with_dom ? sep : "", p, put_sid (psid), (unsigned int) (id_offset + *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1))); } else { DWORD start, stop; char *p = gstr; if (*p == '-') start = 0; else start = strtol (p, &p, 10); if (!*p) stop = start; else if (*p++ != '-' || !isdigit ((unsigned char) *p) || (stop = strtol (p, &p, 10)) < start || *p) { fprintf (stderr, "%s: Malformed unix group list entry '%s'. " "Skipping...\n", program_invocation_short_name, gstr); continue; } for (; start <= stop; ++ start) { *GetSidSubAuthority (psid, *GetSidSubAuthorityCount(psid) - 1) = start; if (LookupAccountSidW (machine, psid, grp, (glen = GNLEN + 1, &glen), dom, (dlen = MAX_DOMAIN_NAME_LEN + 1, &dlen), &acc_type) && !iswdigit (grp[0])) printf ("%s%s%ls:%s:%" PRIu32 ":\n", mach->with_dom ? "Unix_Group" : "", mach->with_dom ? sep : "", grp, put_sid (psid), (unsigned int) (id_offset + start)); } } } free (grp_list); FreeSid (psid); }