Exemplo n.º 1
0
/****************************************************************************
 display sec_desc structure
 ****************************************************************************/
void display_sec_desc(struct security_descriptor *sec)
{
	char *sid_str;

	if (!sec) {
		printf("NULL\n");
		return;
	}

	printf("revision: %d\n", sec->revision);
	display_acl_type(sec->type);

	if (sec->sacl) {
		printf("SACL\n");
		display_sec_acl(sec->sacl);
	}

	if (sec->dacl) {
		printf("DACL\n");
		display_sec_acl(sec->dacl);
	}

	if (sec->owner_sid) {
		sid_str = dom_sid_string(NULL, sec->owner_sid);
		printf("\tOwner SID:\t%s\n", sid_str);
		talloc_free(sid_str);
	}

	if (sec->group_sid) {
		sid_str = dom_sid_string(NULL, sec->group_sid);
		printf("\tGroup SID:\t%s\n", sid_str);
		talloc_free(sid_str);
	}
}
Exemplo n.º 2
0
/*
  encode a sid in SDDL format
*/
static char *sddl_encode_sid(TALLOC_CTX *mem_ctx, const struct dom_sid *sid,
			     const struct dom_sid *domain_sid)
{
	int i;
	char *sidstr;

	sidstr = dom_sid_string(mem_ctx, sid);
	if (sidstr == NULL) return NULL;

	/* seen if its a well known sid */ 
	for (i=0;sid_codes[i].sid;i++) {
		if (strcmp(sidstr, sid_codes[i].sid) == 0) {
			talloc_free(sidstr);
			return talloc_strdup(mem_ctx, sid_codes[i].code);
		}
	}

	/* or a well known rid in our domain */
	if (dom_sid_in_domain(domain_sid, sid)) {
		uint32_t rid = sid->sub_auths[sid->num_auths-1];
		for (;i<ARRAY_SIZE(sid_codes);i++) {
			if (rid == sid_codes[i].rid) {
				talloc_free(sidstr);
				return talloc_strdup(mem_ctx, sid_codes[i].code);
			}
		}
	}
	
	talloc_free(sidstr);

	/* TODO: encode well known sids as two letter codes */
	return dom_sid_string(mem_ctx, sid);
}
Exemplo n.º 3
0
/****************************************************************************
 prints a struct security_token to debug output.
****************************************************************************/
void security_token_debug(int dbg_lev, const struct security_token *token)
{
	TALLOC_CTX *mem_ctx;
	int i;

	if (!token) {
		DEBUG(dbg_lev, ("Security token: (NULL)\n"));
		return;
	}

	mem_ctx = talloc_init("security_token_debug()");
	if (!mem_ctx) {
		return;
	}

	DEBUG(dbg_lev, ("Security token of user %s\n",
				    dom_sid_string(mem_ctx, token->user_sid) ));
	DEBUGADD(dbg_lev, (" SIDs (%lu):\n", 
				       (unsigned long)token->num_sids));
	for (i = 0; i < token->num_sids; i++) {
		DEBUGADD(dbg_lev, ("  SID[%3lu]: %s\n", (unsigned long)i, 
			   dom_sid_string(mem_ctx, token->sids[i])));
	}

	security_token_debug_privileges(dbg_lev, token);

	talloc_free(mem_ctx);
}
Exemplo n.º 4
0
static struct MprVar mprAliases(struct samba3_groupdb *db)
{
	struct MprVar mpv = mprObject("array"), a, am;
	int i, j;

	for (i = 0; i < db->alias_count; i++) {
		char *tmp;
		a = mprObject("alias");

		tmp = dom_sid_string(NULL, db->aliases[i].sid);
		mprSetVar(&a, "sid", mprString(tmp));
		talloc_free(tmp);

		am = mprArray("array");

		for (j = 0; j < db->aliases[i].member_count; j++) {
			tmp = dom_sid_string(NULL, db->aliases[i].members[j]);
			mprAddArray(&am, j, mprString(tmp));
			talloc_free(tmp);
		}

		mprSetVar(&a, "members", am);
	}

	if (i == 0) {
		mprSetVar(&mpv, "length", mprCreateIntegerVar(i));
	}

	return mpv;
}
static void init_domain_recv_queryinfo(struct tevent_req *subreq)
{
	struct init_domain_state *state =
		tevent_req_callback_data(subreq,
		struct init_domain_state);
	struct lsa_DomainInfo *dominfo;
	struct composite_context *ctx;
	uint32_t lflags;

	state->ctx->status = dcerpc_lsa_QueryInfoPolicy_r_recv(subreq, state);
	TALLOC_FREE(subreq);
	if (!composite_is_ok(state->ctx)) return;
	state->ctx->status = state->queryinfo.out.result;
	if (!composite_is_ok(state->ctx)) return;

	if (!dom_sid_equal(state->domain->info->sid, &global_sid_Builtin)) {
		dominfo = &(*state->queryinfo.out.info)->account_domain;
		
		if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) {
			DEBUG(2, ("Expected domain name %s, DC %s said %s\n",
				  state->domain->info->name,
				  dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
				  dominfo->name.string));
			composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
			return;
		}
		
		if (!dom_sid_equal(state->domain->info->sid, dominfo->sid)) {
			DEBUG(2, ("Expected domain sid %s, DC %s said %s\n",
				  dom_sid_string(state, state->domain->info->sid),
				  dcerpc_server_name(state->domain->libnet_ctx->lsa.pipe),
				  dom_sid_string(state, dominfo->sid)));
			composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
			return;
		}
	}

	state->domain->samr_binding = init_domain_binding(state, &ndr_table_samr);

	/* We want to use the same flags as the LSA pipe did (so, if
	 * it needed schannel, then we need that here too) */
	lflags = dcerpc_binding_get_flags(state->domain->lsa_binding);
	state->ctx->status = dcerpc_binding_set_flags(state->domain->samr_binding,
						      lflags, 0);
	if (!composite_is_ok(state->ctx)) return;

	state->domain->libnet_ctx->samr.pipe = NULL;
	state->domain->libnet_ctx->samr.samr_handle = NULL;

	ctx = wb_connect_samr_send(state, state->domain);
	composite_continue(state->ctx, ctx, init_domain_recv_samr, state);
}
Exemplo n.º 6
0
static void uid2sid_recv(struct composite_context *ctx)
{
	struct wbsrv_samba3_call *s3call =
		talloc_get_type(ctx->async.private_data,
				struct wbsrv_samba3_call);
	NTSTATUS status;
	struct dom_sid *sid;
	char *sid_str;

	DEBUG(5, ("uid2sid_recv called\n"));

	status = wb_uid2sid_recv(ctx, s3call, &sid);
	if(NT_STATUS_IS_OK(status)) {
		sid_str = dom_sid_string(s3call, sid);

		/* If the conversion failed, bail out with a failure. */
		if (sid_str == NULL)
			wbsrv_samba3_async_epilogue(NT_STATUS_NO_MEMORY,s3call);

		/* But we assume this worked, so we'll set the string. Work
		 * done. */
		WBSRV_SAMBA3_SET_STRING(s3call->response.data.sid.sid, sid_str);
		s3call->response.data.sid.type = SID_NAME_USER;
	}

	wbsrv_samba3_async_epilogue(status, s3call);
}
Exemplo n.º 7
0
static void generate_sambaPrimaryGroupSID(struct ldb_module *module, const char *local_attr, const struct ldb_message *local, struct ldb_message *remote_mp, struct ldb_message *remote_fb)
{
	const struct ldb_val *sidval;
	char *sidstring;
	struct dom_sid *sid;
	NTSTATUS status;

	/* We need the domain, so we get it from the objectSid that we hope is here... */
	sidval = ldb_msg_find_ldb_val(local, "objectSid");

	if (!sidval)
		return; /* Sorry, no SID today.. */

	sid = talloc(remote_mp, struct dom_sid);
	if (sid == NULL) {
		return;
	}
	status = ndr_pull_struct_blob(sidval, sid, sid, (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
	if (!NT_STATUS_IS_OK(status)) {
		talloc_free(sid);
		return;
	}

	if (!ldb_msg_find_ldb_val(local, "primaryGroupID"))
		return; /* Sorry, no SID today.. */

	sid->num_auths--;

	sidstring = dom_sid_string(remote_mp, sid);
	talloc_free(sid);
	ldb_msg_add_fmt(remote_mp, "sambaPrimaryGroupSID", "%s-%d", sidstring, ldb_msg_find_attr_as_uint(local, "primaryGroupID", 0));
	talloc_free(sidstring);
}
Exemplo n.º 8
0
static struct MprVar mprIdmapDb(struct samba3_idmapdb *db)
{
	struct MprVar mpv = mprObject("idmapdb"), mps, mp;
	int i;

	mprSetVar(&mpv, "user_hwm", mprCreateIntegerVar(db->user_hwm));
	mprSetVar(&mpv, "group_hwm", mprCreateIntegerVar(db->group_hwm));

	mps = mprArray("array");

	for (i = 0; i < db->mapping_count; i++) {
		char *tmp;
		mp = mprObject("idmap");

		mprSetVar(&mp, "IDMAP_GROUP", mprCreateIntegerVar(IDMAP_GROUP));
		mprSetVar(&mp, "IDMAP_USER", mprCreateIntegerVar(IDMAP_USER));
		mprSetVar(&mp, "type", mprCreateIntegerVar(db->mappings[i].type));
		mprSetVar(&mp, "unix_id", mprCreateIntegerVar(db->mappings[i].unix_id));

		tmp = dom_sid_string(NULL, db->mappings[i].sid);
		mprSetVar(&mp, "sid", mprString(tmp));
		talloc_free(tmp);

		mprAddArray(&mps, i, mp);
	}

	if (i == 0) {
		mprSetVar(&mpv, "length", mprCreateIntegerVar(i));
	}


	mprSetVar(&mpv, "mappings", mps);

	return mpv;
}
Exemplo n.º 9
0
static struct MprVar mprDomainSecrets(struct samba3_domainsecrets *ds)
{
	struct MprVar v, e = mprObject("domainsecrets");
	char *tmp;
	DATA_BLOB blob;

	mprSetVar(&e, "name", mprString(ds->name));

	tmp = dom_sid_string(NULL, &ds->sid);
	mprSetVar(&e, "sid", mprString(tmp));
	talloc_free(tmp);

	tmp = GUID_string(NULL, &ds->guid);
	mprSetVar(&e, "guid", mprString(tmp));
	talloc_free(tmp);

	mprSetVar(&e, "plaintext_pw", mprString(ds->plaintext_pw));

	mprSetVar(&e, "last_change_time", mprCreateIntegerVar(ds->last_change_time));
	mprSetVar(&e, "sec_channel_type", mprCreateIntegerVar(ds->sec_channel_type));

	v = mprObject("hash_pw");

	blob.data = ds->hash_pw.hash;
	blob.length = 16;
	mprSetVar(&v, "hash", mprDataBlob(blob));

	mprSetVar(&v, "mod_time", mprCreateIntegerVar(ds->hash_pw.mod_time));

	mprSetVar(&e, "hash_pw", v);

	return e;
}
Exemplo n.º 10
0
static struct MprVar mprGroupMappings(struct samba3_groupdb *db)
{
	struct MprVar mpv = mprArray("array"), g;
	int i;

	for (i = 0; i < db->groupmap_count; i++) {
		char *tmp;
		g = mprObject("group");

		mprSetVar(&g, "gid", mprCreateIntegerVar(db->groupmappings[i].gid));

		tmp = dom_sid_string(NULL, db->groupmappings[i].sid);
		mprSetVar(&g, "sid", mprString(tmp));
		talloc_free(tmp);

		mprSetVar(&g, "sid_name_use", mprCreateIntegerVar(db->groupmappings[i].sid_name_use));
		mprSetVar(&g, "nt_name", mprString(db->groupmappings[i].nt_name));
		mprSetVar(&g, "comment", mprString(db->groupmappings[i].comment));

		mprAddArray(&mpv, i, g);
	}

	if (i == 0) {
		mprSetVar(&mpv, "length", mprCreateIntegerVar(i));
	}


	return mpv;
}
Exemplo n.º 11
0
static PyObject *py_samdb_get_domain_sid(PyLdbObject *self, PyObject *args)
{ 
	PyObject *py_ldb;
	struct ldb_context *ldb;
	const struct dom_sid *sid;
	PyObject *ret;
	char *retstr;

	if (!PyArg_ParseTuple(args, "O", &py_ldb))
		return NULL;

	PyErr_LDB_OR_RAISE(py_ldb, ldb);

	sid = samdb_domain_sid(ldb);
	if (!sid) {
		PyErr_SetString(PyExc_RuntimeError, "samdb_domain_sid failed");
		return NULL;
	}

	retstr = dom_sid_string(NULL, sid);
	if (retstr == NULL) {
		PyErr_NoMemory();
		return NULL;
	}
	ret = PyString_FromString(retstr);
	talloc_free(retstr);
	return ret;
}
Exemplo n.º 12
0
NTSTATUS libnet_SamDump(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, 
			struct libnet_SamDump *r)
{
	NTSTATUS nt_status;
	struct libnet_SamSync r2;
	struct samdump_state *samdump_state = talloc(mem_ctx, struct samdump_state);

	struct samdump_trusted_domain *t;
	struct samdump_secret *s;

	if (!samdump_state) {
		return NT_STATUS_NO_MEMORY;
	}

	samdump_state->secrets         = NULL;
	samdump_state->trusted_domains = NULL;

	r2.out.error_string            = NULL;
	r2.in.binding_string           = r->in.binding_string;
	r2.in.init_fn                  = NULL;
	r2.in.delta_fn                 = libnet_samdump_fn;
	r2.in.fn_ctx                   = samdump_state;
	r2.in.machine_account          = r->in.machine_account;
	nt_status                      = libnet_SamSync_netlogon(ctx, samdump_state, &r2);
	r->out.error_string            = r2.out.error_string;
	talloc_steal(mem_ctx, r->out.error_string);

	if (!NT_STATUS_IS_OK(nt_status)) {
		talloc_free(samdump_state);
		return nt_status;
	}

	printf("Trusted domains, sids and secrets:\n");
	for (t=samdump_state->trusted_domains; t; t=t->next) {
		char *secret_name = talloc_asprintf(mem_ctx, "G$$%s", t->name);
		for (s=samdump_state->secrets; s; s=s->next) {
			size_t converted_size = 0;
			char *secret_string;
			if (strcasecmp_m(s->name, secret_name) != 0) {
				continue;
			}
			if (!convert_string_talloc_handle(mem_ctx, lpcfg_iconv_handle(ctx->lp_ctx), CH_UTF16, CH_UNIX,
						  s->secret.data, s->secret.length, 
						  (void **)&secret_string, &converted_size)) {
				r->out.error_string = talloc_asprintf(mem_ctx, 
								      "Could not convert secret for domain %s to a string",
								      t->name);
				talloc_free(samdump_state);
				return NT_STATUS_INVALID_PARAMETER;
			}
			printf("%s\t%s\t%s\n", 
			       t->name, dom_sid_string(mem_ctx, t->sid), 
			       secret_string);
		}
	}
	talloc_free(samdump_state);
	return nt_status;
}
Exemplo n.º 13
0
static void init_domain_recv_queryinfo(struct rpc_request *req)
{
	struct init_domain_state *state =
		talloc_get_type(req->async.private_data, struct init_domain_state);
	struct lsa_DomainInfo *dominfo;
	struct composite_context *ctx;

	state->ctx->status = dcerpc_ndr_request_recv(req);
	if (!composite_is_ok(state->ctx)) return;
	state->ctx->status = state->queryinfo.out.result;
	if (!composite_is_ok(state->ctx)) return;

	dominfo = &state->queryinfo.out.info->account_domain;

	if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) {
		DEBUG(2, ("Expected domain name %s, DC %s said %s\n",
			  state->domain->info->name,
			  dcerpc_server_name(state->domain->lsa_pipe),
			  dominfo->name.string));
		composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
		return;
	}

	if (!dom_sid_equal(state->domain->info->sid, dominfo->sid)) {
		DEBUG(2, ("Expected domain sid %s, DC %s said %s\n",
			  dom_sid_string(state, state->domain->info->sid),
			  dcerpc_server_name(state->domain->lsa_pipe),
			  dom_sid_string(state, dominfo->sid)));
		composite_error(state->ctx, NT_STATUS_INVALID_DOMAIN_STATE);
		return;
	}

	state->domain->samr_binding = init_domain_binding(state, &dcerpc_table_samr);

	/* We want to use the same flags as the LSA pipe did (so, if
	 * it needed schannel, then we need that here too) */
	state->domain->samr_binding->flags = state->domain->lsa_binding->flags;

	state->domain->samr_pipe = NULL;

	ctx = wb_connect_samr_send(state, state->domain);
	composite_continue(state->ctx, ctx, init_domain_recv_samr, state);
}
Exemplo n.º 14
0
int net_vampire(struct net_context *ctx, int argc, const char **argv) 
{
	NTSTATUS status;
	struct libnet_context *libnetctx;
	struct libnet_Vampire *r;
	char *tmp, *targetdir = NULL;
	const char *domain_name;

	switch (argc) {
		case 0: /* no args -> fail */
			return net_vampire_usage(ctx, argc, argv);
		case 1: /* only DOMAIN */
			tmp = talloc_strdup(ctx, argv[0]);
			break;
		case 2: /* domain and target dir */
			tmp = talloc_strdup(ctx, argv[0]);
			targetdir = talloc_strdup(ctx, argv[1]);
			break;
		default: /* too many args -> fail */
			return net_vampire_usage(ctx, argc, argv);
	}

	domain_name = tmp;

	libnetctx = libnet_context_init(ctx->event_ctx, ctx->lp_ctx);
	if (!libnetctx) {
		return -1;	
	}
	libnetctx->cred = ctx->credentials;
	r = talloc(ctx, struct libnet_Vampire);
	if (!r) {
		return -1;
	}
	/* prepare parameters for the vampire */
	r->in.netbios_name  = lp_netbios_name(ctx->lp_ctx);
	r->in.domain_name   = domain_name;
	r->in.targetdir	    = targetdir;
	r->out.error_string = NULL;

	/* do the domain vampire */
	status = libnet_Vampire(libnetctx, r, r);
	
	if (!NT_STATUS_IS_OK(status)) {
		d_fprintf(stderr, "Vampire of domain failed: %s\n",
			  r->out.error_string ? r->out.error_string : nt_errstr(status));
		talloc_free(r);
		talloc_free(libnetctx);
		return -1;
	}
	d_printf("Vampired domain %s (%s)\n", r->out.domain_name, dom_sid_string(ctx, r->out.domain_sid));

	talloc_free(libnetctx);
	return 0;
}
Exemplo n.º 15
0
static bool test_userinfo_async(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
				struct policy_handle *domain_handle,
				struct dom_sid2 *domain_sid, const char* user_name,
				uint32_t *rid)
{
	const uint16_t level = 10;
	NTSTATUS status;
	struct composite_context *c;
	struct libnet_rpc_userinfo user;
	struct dom_sid *user_sid;

	user_sid = dom_sid_add_rid(mem_ctx, domain_sid, *rid);

	user.in.domain_handle = *domain_handle;
	user.in.sid           = dom_sid_string(mem_ctx, user_sid);
	user.in.level         = level;       /* this should be extended */

	printf("Testing async libnet_rpc_userinfo (SID argument)\n");

	c = libnet_rpc_userinfo_send(p, &user, msg_handler);
	if (!c) {
		printf("Failed to call sync libnet_rpc_userinfo_send\n");
		return false;
	}

	status = libnet_rpc_userinfo_recv(c, mem_ctx, &user);
	if (!NT_STATUS_IS_OK(status)) {
		printf("Calling async libnet_rpc_userinfo failed - %s\n", nt_errstr(status));
		return false;
	}

	ZERO_STRUCT(user);

	user.in.domain_handle = *domain_handle;
	user.in.sid           = NULL;
	user.in.username      = TEST_USERNAME;
	user.in.level         = level;

	printf("Testing async libnet_rpc_userinfo (username argument)\n");

	c = libnet_rpc_userinfo_send(p, &user, msg_handler);
	if (!c) {
		printf("Failed to call sync libnet_rpc_userinfo_send\n");
		return false;
	}

	status = libnet_rpc_userinfo_recv(c, mem_ctx, &user);
	if (!NT_STATUS_IS_OK(status)) {
		printf("Calling async libnet_rpc_userinfo failed - %s\n", nt_errstr(status));
		return false;
	}

	return true;
}
Exemplo n.º 16
0
/**
  find an internal handle given a wire handle. If the wire handle is NULL then
  allocate a new handle
*/
_PUBLIC_ struct dcesrv_handle *dcesrv_handle_fetch(
					  struct dcesrv_connection_context *context, 
					  struct policy_handle *p,
					  uint8_t handle_type)
{
	struct dcesrv_handle *h;
	struct dom_sid *sid;

	sid = context->conn->auth_state.session_info->security_token->user_sid;

	if (policy_handle_empty(p)) {
		/* TODO: we should probably return a NULL handle here */
		return dcesrv_handle_new(context, handle_type);
	}

	for (h=context->assoc_group->handles; h; h=h->next) {
		if (h->wire_handle.handle_type == p->handle_type &&
		    GUID_equal(&p->uuid, &h->wire_handle.uuid)) {
			if (handle_type != DCESRV_HANDLE_ANY &&
			    p->handle_type != handle_type) {
				DEBUG(0,("client gave us the wrong handle type (%d should be %d)\n",
					 p->handle_type, handle_type));
				return NULL;
			}
			if (!dom_sid_equal(h->sid, sid)) {
				DEBUG(0,(__location__ ": Attempt to use invalid sid %s - %s\n",
					 dom_sid_string(context, h->sid),
					 dom_sid_string(context, sid)));
				return NULL;
			}
			if (h->iface != context->iface) {
				DEBUG(0,(__location__ ": Attempt to use invalid iface\n"));
				return NULL;
			}
			return h;
		}
	}

	return NULL;
}
Exemplo n.º 17
0
static bool test_connect_service(struct torture_context *tctx,
				 struct libnet_context *ctx,
				 const struct ndr_interface_table *iface,
				 const char *binding_string,
				 const char *hostname,
				 const enum libnet_RpcConnect_level level,
				 bool badcreds, NTSTATUS expected_status)
{
	NTSTATUS status;
	struct libnet_RpcConnect connect_r;
	ZERO_STRUCT(connect_r);

	connect_r.level            = level;
	connect_r.in.binding       = binding_string;
	connect_r.in.name          = hostname;
	connect_r.in.dcerpc_iface  = iface;

	/* if bad credentials are needed, set baduser%badpassword instead
	   of default commandline-passed credentials */
	if (badcreds) {
		cli_credentials_set_username(ctx->cred, "baduser", CRED_SPECIFIED);
		cli_credentials_set_password(ctx->cred, "badpassword", CRED_SPECIFIED);
	}

	status = libnet_RpcConnect(ctx, ctx, &connect_r);

	if (!NT_STATUS_EQUAL(status, expected_status)) {
		torture_comment(tctx, "Connecting to rpc service %s on %s.\n\tFAILED. Expected: %s."
		       "Received: %s\n",
		       connect_r.in.dcerpc_iface->name, connect_r.in.binding, nt_errstr(expected_status),
		       nt_errstr(status));

		return false;
	}

	torture_comment(tctx, "PASSED. Expected: %s, received: %s\n", nt_errstr(expected_status),
	       nt_errstr(status));

	if (connect_r.level == LIBNET_RPC_CONNECT_DC_INFO && NT_STATUS_IS_OK(status)) {
		torture_comment(tctx, "Domain Controller Info:\n");
		torture_comment(tctx, "\tDomain Name:\t %s\n", connect_r.out.domain_name);
		torture_comment(tctx, "\tDomain SID:\t %s\n", dom_sid_string(ctx, connect_r.out.domain_sid));
		torture_comment(tctx, "\tRealm:\t\t %s\n", connect_r.out.realm);
		torture_comment(tctx, "\tGUID:\t\t %s\n", GUID_string(ctx, connect_r.out.guid));

	} else if (!NT_STATUS_IS_OK(status)) {
		torture_comment(tctx, "Error string: %s\n", connect_r.out.error_string);
	}

	return true;
}
Exemplo n.º 18
0
/*
  reply to a ADS style GETDC request
 */
static void nbtd_netlogon_samlogon(struct dgram_mailslot_handler *dgmslot,
				   struct nbtd_interface *iface,
				   struct nbt_dgram_packet *packet, 
				   const struct socket_address *src,
				   struct nbt_netlogon_packet *netlogon)
{
	struct nbt_name *name = &packet->data.msg.dest_name;
	struct nbtd_interface *reply_iface = nbtd_find_reply_iface(iface, src->addr, false);
	struct ldb_context *samctx;
	const char *my_ip = reply_iface->ip_address; 
	struct dom_sid *sid;
	struct nbt_netlogon_response netlogon_response;
	NTSTATUS status;

	if (!my_ip) {
		DEBUG(0, ("Could not obtain own IP address for datagram socket\n"));
		return;
	}

	/* only answer getdc requests on the PDC or LOGON names */
	if (name->type != NBT_NAME_PDC && name->type != NBT_NAME_LOGON) {
		return;
	}

	samctx = iface->nbtsrv->sam_ctx;

	if (netlogon->req.logon.sid_size) {
		sid = &netlogon->req.logon.sid;
	} else {
		sid = NULL;
	}

	status = fill_netlogon_samlogon_response(samctx, packet, NULL, name->name, sid, NULL, 
						 netlogon->req.logon.user_name, netlogon->req.logon.acct_control, src->addr, 
						 netlogon->req.logon.nt_version, iface->nbtsrv->task->lp_ctx, &netlogon_response.data.samlogon, false);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(2,("NBT netlogon query failed domain=%s sid=%s version=%d - %s\n",
			 name->name, dom_sid_string(packet, sid), netlogon->req.logon.nt_version, nt_errstr(status)));
		return;
	}

	netlogon_response.response_type = NETLOGON_SAMLOGON;

	packet->data.msg.dest_name.type = 0;

	dgram_mailslot_netlogon_reply(reply_iface->dgmsock, 
				      packet, 
				      lpcfg_netbios_name(iface->nbtsrv->task->lp_ctx),
				      netlogon->req.logon.mailslot_name,
				      &netlogon_response);
}
Exemplo n.º 19
0
/****************************************************************************
 display sec_ace structure
 ****************************************************************************/
void display_sec_ace(struct security_ace *ace)
{
	char *sid_str;

	printf("\tACE\n\t\ttype: ");
	switch (ace->type) {
		case SEC_ACE_TYPE_ACCESS_ALLOWED:
			printf("ACCESS ALLOWED");
			break;
		case SEC_ACE_TYPE_ACCESS_DENIED:
			printf("ACCESS DENIED");
			break;
		case SEC_ACE_TYPE_SYSTEM_AUDIT:
			printf("SYSTEM AUDIT");
			break;
		case SEC_ACE_TYPE_SYSTEM_ALARM:
			printf("SYSTEM ALARM");
			break;
		case SEC_ACE_TYPE_ALLOWED_COMPOUND:
			printf("SEC_ACE_TYPE_ALLOWED_COMPOUND");
			break;
		case SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT:
			printf("SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT");
			break;
		case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
			printf("SEC_ACE_TYPE_ACCESS_DENIED_OBJECT");
			break;
		case SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT:
			printf("SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT");
			break;
		case SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT:
			printf("SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT");
			break;
		default:
			printf("????");
			break;
	}

	printf(" (%d) flags: 0x%02x ", ace->type, ace->flags);
	display_sec_ace_flags(ace->flags);
	display_sec_access(&ace->access_mask);
	sid_str = dom_sid_string(NULL, &ace->trustee);
	printf("\t\tSID: %s\n\n", sid_str);
	talloc_free(sid_str);

	if (sec_ace_object(ace->type)) {
		disp_sec_ace_object(&ace->object.object);
	}

}
Exemplo n.º 20
0
static void usersids_recv_sids(struct composite_context *ctx)
{
	struct wbsrv_samba3_call *s3call =
		talloc_get_type(ctx->async.private_data,
				struct wbsrv_samba3_call);
	int i, num_sids;
	struct dom_sid **sids;
	char *sids_string;
	NTSTATUS status;

	status = wb_cmd_usersids_recv(ctx, s3call, &num_sids, &sids);
	if (!NT_STATUS_IS_OK(status)) goto done;

	sids_string = talloc_strdup(s3call, "");
	if (sids_string == NULL) {
		status = NT_STATUS_NO_MEMORY;
		goto done;
	}

	for (i=0; i<num_sids; i++) {
		sids_string = talloc_asprintf_append_buffer(
			sids_string, "%s\n", dom_sid_string(s3call, sids[i]));
		if (sids_string == NULL) {
			status = NT_STATUS_NO_MEMORY;
			goto done;
		}
	}

	s3call->response.result = WINBINDD_OK;
	s3call->response.extra_data.data = sids_string;
	s3call->response.length += strlen(sids_string);
	s3call->response.data.num_entries = num_sids;

	/* Hmmmm. Nasty protocol -- who invented the zeros between the
	 * SIDs? Hmmm. Could have been me -- vl */

	while (*sids_string != '\0') {
		if ((*sids_string) == '\n') {
			*sids_string = '\0';
		}
		sids_string += 1;
	}

 done:
	wbsrv_samba3_async_epilogue(status, s3call);
}
Exemplo n.º 21
0
static bool test_userinfo_async(struct torture_context *tctx,
				struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
				struct policy_handle *domain_handle,
				struct dom_sid2 *domain_sid, const char* user_name,
				uint32_t *rid)
{
	const uint16_t level = 10;
	NTSTATUS status;
	struct composite_context *c;
	struct libnet_rpc_userinfo user;
	struct dom_sid *user_sid;

	user_sid = dom_sid_add_rid(mem_ctx, domain_sid, *rid);

	ZERO_STRUCT(user);

	user.in.domain_handle = *domain_handle;
	user.in.sid           = dom_sid_string(mem_ctx, user_sid);
	user.in.level         = level;       /* this should be extended */

	torture_comment(tctx, "Testing async libnet_rpc_userinfo (SID argument)\n");

	c = libnet_rpc_userinfo_send(mem_ctx, tctx->ev, p->binding_handle, &user, msg_handler);
	torture_assert(tctx, c != NULL, "Failed to call async libnet_rpc_userinfo_send");

	status = libnet_rpc_userinfo_recv(c, mem_ctx, &user);
	torture_assert_ntstatus_ok(tctx, status, "Calling async libnet_rpc_userinfo_recv failed");

	ZERO_STRUCT(user);

	user.in.domain_handle = *domain_handle;
	user.in.sid           = NULL;
	user.in.username      = user_name;
	user.in.level         = level;

	torture_comment(tctx, "Testing async libnet_rpc_userinfo (username argument)\n");

	c = libnet_rpc_userinfo_send(mem_ctx, tctx->ev, p->binding_handle, &user, msg_handler);
	torture_assert(tctx, c != NULL, "Failed to call async libnet_rpc_userinfo_send");

	status = libnet_rpc_userinfo_recv(c, mem_ctx, &user);
	torture_assert_ntstatus_ok(tctx, status, "Calling async libnet_rpc_userinfo_recv failed");

	return true;
}
Exemplo n.º 22
0
static NTSTATUS gpo_sd_check_ace_denied_object(const struct security_ace *ace,
					       const struct security_token *token)
{
	char *sid_str;

	if (gpo_sd_check_agp_object(ace) &&
	    gpo_sd_check_agp_access_bits(ace->access_mask) &&
	    nt_token_check_sid(&ace->trustee, token)) {
		sid_str = dom_sid_string(NULL, &ace->trustee);
		DEBUG(10,("gpo_sd_check_ace_denied_object: "
			"Access denied as of ace for %s\n",
			sid_str));
		talloc_free(sid_str);
		return NT_STATUS_ACCESS_DENIED;
	}

	return STATUS_MORE_ENTRIES;
}
Exemplo n.º 23
0
static void lookupname_recv_sid(struct composite_context *ctx)
{
	struct wbsrv_samba3_call *s3call =
		talloc_get_type(ctx->async.private_data,
				struct wbsrv_samba3_call);
	struct wb_sid_object *sid;
	NTSTATUS status;

	status = wb_cmd_lookupname_recv(ctx, s3call, &sid);
	if (!NT_STATUS_IS_OK(status)) goto done;

	s3call->response.result = WINBINDD_OK;
	s3call->response.data.sid.type = sid->type;
	WBSRV_SAMBA3_SET_STRING(s3call->response.data.sid.sid,
				dom_sid_string(s3call, sid->sid));

 done:
	wbsrv_samba3_async_epilogue(status, s3call);
}
Exemplo n.º 24
0
static void list_trustdom_recv_doms(struct composite_context *ctx)
{
	struct wbsrv_samba3_call *s3call =
		talloc_get_type(ctx->async.private_data,
				struct wbsrv_samba3_call);
	int i, num_domains;
	struct wb_dom_info **domains;
	NTSTATUS status;
	char *result;

	status = wb_cmd_list_trustdoms_recv(ctx, s3call, &num_domains,
					    &domains);
	if (!NT_STATUS_IS_OK(status)) goto done;

	result = talloc_strdup(s3call, "");
	if (result == NULL) {
		status = NT_STATUS_NO_MEMORY;
		goto done;
	}

	for (i=0; i<num_domains; i++) {
		result = talloc_asprintf_append_buffer(
			result, "%s\\%s\\%s",
			domains[i]->name, domains[i]->name,
			dom_sid_string(s3call, domains[i]->sid));
	}

	if (result == NULL) {
		status = NT_STATUS_NO_MEMORY;
		goto done;
	}

	s3call->response.result = WINBINDD_OK;
	if (num_domains > 0) {
		s3call->response.extra_data.data = result;
		s3call->response.length += strlen(result)+1;
	}

 done:
	wbsrv_samba3_async_epilogue(status, s3call);
}
Exemplo n.º 25
0
static bool test_groupinfo(struct torture_context *tctx,
			   struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
			   struct policy_handle *domain_handle,
			   struct dom_sid2 *domain_sid, const char* group_name,
			   uint32_t *rid)
{
	const uint16_t level = 5;
	NTSTATUS status;
	struct libnet_rpc_groupinfo group;
	struct dom_sid *group_sid;

	group_sid = dom_sid_add_rid(mem_ctx, domain_sid, *rid);

	group.in.domain_handle = *domain_handle;
	group.in.sid           = dom_sid_string(mem_ctx, group_sid);
	group.in.level         = level;       /* this should be extended */

	torture_comment(tctx, "Testing sync libnet_rpc_groupinfo (SID argument)\n");
	status = libnet_rpc_groupinfo(p, mem_ctx, &group);
	if (!NT_STATUS_IS_OK(status)) {
		torture_comment(tctx, "Failed to call sync libnet_rpc_userinfo - %s\n", nt_errstr(status));
		return false;
	}

	ZERO_STRUCT(group);

	group.in.domain_handle  = *domain_handle;
	group.in.sid            = NULL;
	group.in.groupname      = TEST_GROUPNAME;
	group.in.level          = level;

	printf("Testing sync libnet_rpc_groupinfo (groupname argument)\n");
	status = libnet_rpc_groupinfo(p, mem_ctx, &group);
	if (!NT_STATUS_IS_OK(status)) {
		torture_comment(tctx, "Failed to call sync libnet_rpc_groupinfo - %s\n", nt_errstr(status));
		return false;
	}

	return true;
}
Exemplo n.º 26
0
/*
   A user password change

   Return true if there is a valid error packet (or sucess) formed in
   the error_blob
*/
static bool kpasswdd_change_password(struct kdc_server *kdc,
				     TALLOC_CTX *mem_ctx,
				     struct auth_session_info *session_info,
				     const DATA_BLOB *password,
				     DATA_BLOB *reply)
{
	NTSTATUS status;
	enum samPwdChangeReason reject_reason;
	struct samr_DomInfo1 *dominfo;
	struct ldb_context *samdb;

	samdb = samdb_connect(mem_ctx, kdc->task->event_ctx, kdc->task->lp_ctx, system_session(kdc->task->lp_ctx));
	if (!samdb) {
		return kpasswdd_make_error_reply(kdc, mem_ctx,
						KRB5_KPASSWD_HARDERROR,
						"Failed to open samdb",
						reply);
	}

	DEBUG(3, ("Changing password of %s\\%s (%s)\n",
		  session_info->server_info->domain_name,
		  session_info->server_info->account_name,
		  dom_sid_string(mem_ctx, session_info->security_token->user_sid)));

	/* User password change */
	status = samdb_set_password_sid(samdb, mem_ctx,
					session_info->security_token->user_sid,
					password, NULL, NULL,
					true, /* this is a user password change */
					&reject_reason,
					&dominfo);
	return kpasswd_make_pwchange_reply(kdc, mem_ctx,
					   status,
					   reject_reason,
					   dominfo,
					   reply);

}
Exemplo n.º 27
0
static bool test_lookupsids(struct torture_context *tctx,
			    struct dcerpc_binding_handle *b,
			    struct policy_handle *handle,
			    struct dom_sid **sids, uint32_t num_sids,
			    int level, NTSTATUS expected_result, 
			    enum lsa_SidType *types)
{
	struct lsa_TransNameArray names;
	NTSTATUS status;
	uint32_t i;
	bool ret = true;

	status = lookup_sids(tctx, level, b, handle, sids, num_sids,
			     &names);
	if (!NT_STATUS_EQUAL(status, expected_result)) {
		printf("For level %d expected %s, got %s\n",
		       level, nt_errstr(expected_result),
		       nt_errstr(status));
		return false;
	}

	if (!NT_STATUS_EQUAL(status, NT_STATUS_OK) &&
	    !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
		return true;
	}

	for (i=0; i<num_sids; i++) {
		if (names.names[i].sid_type != types[i]) {
			printf("In level %d, for sid %s expected %s, "
			       "got %s\n", level,
			       dom_sid_string(tctx, sids[i]),
			       sid_type_lookup(types[i]),
			       sid_type_lookup(names.names[i].sid_type));
			ret = false;
		}
	}
	return ret;
}
Exemplo n.º 28
0
/*
  convert a NDR formatted blob to a ldif formatted objectSid
*/
int ldif_write_objectSid(struct ldb_context *ldb, void *mem_ctx,
				const struct ldb_val *in, struct ldb_val *out)
{
	struct dom_sid *sid;
	enum ndr_err_code ndr_err;

	sid = talloc(mem_ctx, struct dom_sid);
	if (sid == NULL) {
		return -1;
	}
	ndr_err = ndr_pull_struct_blob_all(in, sid, sid,
					   (ndr_pull_flags_fn_t)ndr_pull_dom_sid);
	if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
		talloc_free(sid);
		return -1;
	}
	*out = data_blob_string_const(dom_sid_string(mem_ctx, sid));
	talloc_free(sid);
	if (out->data == NULL) {
		return -1;
	}
	return 0;
}
Exemplo n.º 29
0
static void userdomgroups_recv_groups(struct composite_context *ctx)
{
	struct wbsrv_samba3_call *s3call =
		talloc_get_type(ctx->async.private_data,
				struct wbsrv_samba3_call);
	int i, num_sids;
	struct dom_sid **sids;
	char *sids_string;
	NTSTATUS status;

	status = wb_cmd_userdomgroups_recv(ctx, s3call, &num_sids, &sids);
	if (!NT_STATUS_IS_OK(status)) goto done;

	sids_string = talloc_strdup(s3call, "");
	if (sids_string == NULL) {
		status = NT_STATUS_NO_MEMORY;
		goto done;
	}

	for (i=0; i<num_sids; i++) {
		sids_string = talloc_asprintf_append_buffer(
			sids_string, "%s\n", dom_sid_string(s3call, sids[i]));
	}

	if (sids_string == NULL) {
		status = NT_STATUS_NO_MEMORY;
		goto done;
	}

	s3call->response.result = WINBINDD_OK;
	s3call->response.extra_data.data = sids_string;
	s3call->response.length += strlen(sids_string)+1;
	s3call->response.data.num_entries = num_sids;

 done:
	wbsrv_samba3_async_epilogue(status, s3call);
}
Exemplo n.º 30
0
static BOOL test_lookupsids(TALLOC_CTX *mem_ctx, struct dcerpc_pipe *p,
			    struct policy_handle *handle,
			    struct dom_sid **sids, uint32_t num_sids,
			    int level, NTSTATUS expected_result, 
			    enum lsa_SidType *types)
{
	struct lsa_TransNameArray names;
	NTSTATUS status;
	uint32_t i;
	BOOL ret = True;

	status = lookup_sids(mem_ctx, level, p, handle, sids, num_sids,
			     &names);
	if (!NT_STATUS_EQUAL(status, expected_result)) {
		printf("For level %d expected %s, got %s\n",
		       level, nt_errstr(expected_result),
		       nt_errstr(status));
		return False;
	}

	if (!NT_STATUS_EQUAL(status, NT_STATUS_OK) &&
	    !NT_STATUS_EQUAL(status, STATUS_SOME_UNMAPPED)) {
		return True;
	}

	for (i=0; i<num_sids; i++) {
		if (names.names[i].sid_type != types[i]) {
			printf("In level %d, for sid %s expected %s, "
			       "got %s\n", level,
			       dom_sid_string(mem_ctx, sids[i]),
			       sid_type_lookup(types[i]),
			       sid_type_lookup(names.names[i].sid_type));
			ret = False;
		}
	}
	return ret;
}