1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved. 24 * Copyright 2013 Nexenta Systems, Inc. All rights reserved. 25 */ 26 27 /* 28 * Local Security Authority RPC (LSAR) server-side interface. 29 */ 30 31 #include <unistd.h> 32 #include <strings.h> 33 #include <pwd.h> 34 #include <grp.h> 35 36 #include <smbsrv/libsmb.h> 37 #include <smbsrv/libmlrpc.h> 38 #include <smbsrv/libmlsvc.h> 39 #include <smbsrv/ndl/lsarpc.ndl> 40 #include <lsalib.h> 41 #include <smbsrv/smbinfo.h> 42 #include <smbsrv/nmpipes.h> 43 #include <smbsrv/ntlocale.h> 44 45 struct local_group_table { 46 WORD sid_name_use; 47 WORD domain_ix; 48 char *sid; 49 char *name; 50 }; 51 52 static int lsarpc_key_domain; 53 static int lsarpc_key_account; 54 55 static int lsarpc_call_stub(ndr_xa_t *mxa); 56 57 static int lsarpc_s_CloseHandle(void *, ndr_xa_t *); 58 static int lsarpc_s_QuerySecurityObject(void *, ndr_xa_t *); 59 static int lsarpc_s_EnumAccounts(void *, ndr_xa_t *); 60 static int lsarpc_s_EnumTrustedDomain(void *, ndr_xa_t *); 61 static int lsarpc_s_EnumTrustedDomainsEx(void *, ndr_xa_t *); 62 static int lsarpc_s_OpenAccount(void *, ndr_xa_t *); 63 static int lsarpc_s_EnumPrivsAccount(void *, ndr_xa_t *); 64 static int lsarpc_s_LookupPrivValue(void *, ndr_xa_t *); 65 static int lsarpc_s_LookupPrivName(void *, ndr_xa_t *); 66 static int lsarpc_s_LookupPrivDisplayName(void *, ndr_xa_t *); 67 static int lsarpc_s_CreateSecret(void *, ndr_xa_t *); 68 static int lsarpc_s_OpenSecret(void *, ndr_xa_t *); 69 static int lsarpc_s_QueryInfoPolicy(void *, ndr_xa_t *); 70 static int lsarpc_s_OpenDomainHandle(void *, ndr_xa_t *); 71 static int lsarpc_s_OpenDomainHandle(void *, ndr_xa_t *); 72 static int lsarpc_s_LookupSids(void *, ndr_xa_t *); 73 static int lsarpc_s_LookupNames(void *, ndr_xa_t *); 74 static int lsarpc_s_GetConnectedUser(void *, ndr_xa_t *); 75 static int lsarpc_s_LookupSids2(void *, ndr_xa_t *); 76 static int lsarpc_s_LookupSids3(void *, ndr_xa_t *); 77 static int lsarpc_s_LookupNames2(void *, ndr_xa_t *); 78 static int lsarpc_s_LookupNames3(void *, ndr_xa_t *); 79 static int lsarpc_s_LookupNames4(void *, ndr_xa_t *); 80 81 static DWORD lsarpc_s_PrimaryDomainInfo(struct mslsa_PrimaryDomainInfo *, 82 ndr_xa_t *); 83 static DWORD lsarpc_s_AccountDomainInfo(struct mslsa_AccountDomainInfo *, 84 ndr_xa_t *); 85 static int lsarpc_s_UpdateDomainTable(ndr_xa_t *, 86 smb_account_t *, struct mslsa_domain_table *, DWORD *); 87 88 static ndr_stub_table_t lsarpc_stub_table[] = { 89 { lsarpc_s_CloseHandle, LSARPC_OPNUM_CloseHandle }, 90 { lsarpc_s_QuerySecurityObject, LSARPC_OPNUM_QuerySecurityObject }, 91 { lsarpc_s_EnumAccounts, LSARPC_OPNUM_EnumerateAccounts }, 92 { lsarpc_s_EnumTrustedDomain, LSARPC_OPNUM_EnumTrustedDomain }, 93 { lsarpc_s_EnumTrustedDomainsEx, LSARPC_OPNUM_EnumTrustedDomainsEx }, 94 { lsarpc_s_OpenAccount, LSARPC_OPNUM_OpenAccount }, 95 { lsarpc_s_EnumPrivsAccount, LSARPC_OPNUM_EnumPrivsAccount }, 96 { lsarpc_s_LookupPrivValue, LSARPC_OPNUM_LookupPrivValue }, 97 { lsarpc_s_LookupPrivName, LSARPC_OPNUM_LookupPrivName }, 98 { lsarpc_s_LookupPrivDisplayName, LSARPC_OPNUM_LookupPrivDisplayName }, 99 { lsarpc_s_CreateSecret, LSARPC_OPNUM_CreateSecret }, 100 { lsarpc_s_OpenSecret, LSARPC_OPNUM_OpenSecret }, 101 { lsarpc_s_QueryInfoPolicy, LSARPC_OPNUM_QueryInfoPolicy }, 102 { lsarpc_s_OpenDomainHandle, LSARPC_OPNUM_OpenPolicy }, 103 { lsarpc_s_OpenDomainHandle, LSARPC_OPNUM_OpenPolicy2 }, 104 { lsarpc_s_LookupSids, LSARPC_OPNUM_LookupSids }, 105 { lsarpc_s_LookupNames, LSARPC_OPNUM_LookupNames }, 106 { lsarpc_s_GetConnectedUser, LSARPC_OPNUM_GetConnectedUser }, 107 { lsarpc_s_LookupSids2, LSARPC_OPNUM_LookupSids2 }, 108 { lsarpc_s_LookupSids3, LSARPC_OPNUM_LookupSids3 }, 109 { lsarpc_s_LookupNames2, LSARPC_OPNUM_LookupNames2 }, 110 { lsarpc_s_LookupNames3, LSARPC_OPNUM_LookupNames3 }, 111 { lsarpc_s_LookupNames4, LSARPC_OPNUM_LookupNames4 }, 112 {0} 113 }; 114 115 static ndr_service_t lsarpc_service = { 116 "LSARPC", /* name */ 117 "Local Security Authority", /* desc */ 118 "\\lsarpc", /* endpoint */ 119 PIPE_LSASS, /* sec_addr_port */ 120 "12345778-1234-abcd-ef00-0123456789ab", 0, /* abstract */ 121 NDR_TRANSFER_SYNTAX_UUID, 2, /* transfer */ 122 0, /* no bind_instance_size */ 123 NULL, /* no bind_req() */ 124 NULL, /* no unbind_and_close() */ 125 lsarpc_call_stub, /* call_stub() */ 126 &TYPEINFO(lsarpc_interface), /* interface ti */ 127 lsarpc_stub_table /* stub_table */ 128 }; 129 130 /* 131 * lsarpc_initialize 132 * 133 * This function registers the LSA RPC interface with the RPC runtime 134 * library. It must be called in order to use either the client side 135 * or the server side functions. 136 */ 137 void 138 lsarpc_initialize(void) 139 { 140 (void) ndr_svc_register(&lsarpc_service); 141 } 142 143 /* 144 * Custom call_stub to set the stream string policy. 145 */ 146 static int 147 lsarpc_call_stub(ndr_xa_t *mxa) 148 { 149 NDS_SETF(&mxa->send_nds, NDS_F_NOTERM); 150 NDS_SETF(&mxa->recv_nds, NDS_F_NOTERM); 151 152 return (ndr_generic_call_stub(mxa)); 153 } 154 155 /* 156 * lsarpc_s_OpenDomainHandle opnum=0x06 157 * 158 * This is a request to open the LSA (OpenPolicy and OpenPolicy2). 159 * The client is looking for an LSA domain handle. 160 */ 161 static int 162 lsarpc_s_OpenDomainHandle(void *arg, ndr_xa_t *mxa) 163 { 164 struct mslsa_OpenPolicy2 *param = arg; 165 ndr_hdid_t *id; 166 167 if ((id = ndr_hdalloc(mxa, &lsarpc_key_domain)) != NULL) { 168 bcopy(id, ¶m->domain_handle, sizeof (mslsa_handle_t)); 169 param->status = NT_STATUS_SUCCESS; 170 } else { 171 bzero(¶m->domain_handle, sizeof (mslsa_handle_t)); 172 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 173 } 174 175 return (NDR_DRC_OK); 176 } 177 178 /* 179 * lsarpc_s_CloseHandle opnum=0x00 180 * 181 * This is a request to close the LSA interface specified by the handle. 182 * We don't track handles (yet), so just zero out the handle and return 183 * NDR_DRC_OK. Setting the handle to zero appears to be standard 184 * behaviour and someone may rely on it, i.e. we do on the client side. 185 */ 186 static int 187 lsarpc_s_CloseHandle(void *arg, ndr_xa_t *mxa) 188 { 189 struct mslsa_CloseHandle *param = arg; 190 ndr_hdid_t *id = (ndr_hdid_t *)¶m->handle; 191 192 ndr_hdfree(mxa, id); 193 194 bzero(¶m->result_handle, sizeof (param->result_handle)); 195 param->status = NT_STATUS_SUCCESS; 196 return (NDR_DRC_OK); 197 } 198 199 /* 200 * lsarpc_s_QuerySecurityObject 201 */ 202 /*ARGSUSED*/ 203 static int 204 lsarpc_s_QuerySecurityObject(void *arg, ndr_xa_t *mxa) 205 { 206 struct mslsa_QuerySecurityObject *param = arg; 207 208 bzero(param, sizeof (struct mslsa_QuerySecurityObject)); 209 param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); 210 211 return (NDR_DRC_OK); 212 } 213 214 /* 215 * lsarpc_s_EnumAccounts 216 * 217 * Enumerate the list of local accounts SIDs. The client should supply 218 * a valid OpenPolicy2 handle. The enum_context is used to support 219 * multiple enumeration calls to obtain the complete list of SIDs. 220 * It should be set to 0 on the first call and passed unchanged on 221 * subsequent calls until there are no more accounts - the server will 222 * return STATUS_NO_MORE_ENTRIES. 223 * 224 * For now just set the status to access-denied. Note that we still have 225 * to provide a valid address for enum_buf because it's a reference and 226 * the marshalling rules require that references must not be null. 227 * The enum_context is used to support multiple 228 */ 229 static int 230 lsarpc_s_EnumAccounts(void *arg, ndr_xa_t *mxa) 231 { 232 struct mslsa_EnumerateAccounts *param = arg; 233 struct mslsa_EnumAccountBuf *enum_buf; 234 235 bzero(param, sizeof (struct mslsa_EnumerateAccounts)); 236 237 enum_buf = NDR_NEW(mxa, struct mslsa_EnumAccountBuf); 238 if (enum_buf == NULL) { 239 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 240 return (NDR_DRC_OK); 241 } 242 243 bzero(enum_buf, sizeof (struct mslsa_EnumAccountBuf)); 244 param->enum_buf = enum_buf; 245 param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); 246 return (NDR_DRC_OK); 247 } 248 249 250 /* 251 * lsarpc_s_EnumTrustedDomain 252 * 253 * This is the server side function for handling requests to enumerate 254 * the list of trusted domains: currently held in the NT domain database. 255 * This call requires an OpenPolicy2 handle. The enum_context is used to 256 * support multiple enumeration calls to obtain the complete list. 257 * It should be set to 0 on the first call and passed unchanged on 258 * subsequent calls until there are no more accounts - the server will 259 * return STATUS_NO_MORE_ENTRIES. 260 * 261 * For now just set the status to access-denied. Note that we still have 262 * to provide a valid address for enum_buf because it's a reference and 263 * the marshalling rules require that references must not be null. 264 */ 265 static int 266 lsarpc_s_EnumTrustedDomain(void *arg, ndr_xa_t *mxa) 267 { 268 struct mslsa_EnumTrustedDomain *param = arg; 269 struct mslsa_EnumTrustedDomainBuf *enum_buf; 270 271 bzero(param, sizeof (struct mslsa_EnumTrustedDomain)); 272 273 enum_buf = NDR_NEW(mxa, struct mslsa_EnumTrustedDomainBuf); 274 if (enum_buf == NULL) { 275 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 276 return (NDR_DRC_OK); 277 } 278 279 bzero(enum_buf, sizeof (struct mslsa_EnumTrustedDomainBuf)); 280 param->enum_buf = enum_buf; 281 param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); 282 return (NDR_DRC_OK); 283 } 284 285 /* 286 * lsarpc_s_EnumTrustedDomainsEx 287 * 288 * This is the server side function for handling requests to enumerate 289 * the list of trusted domains: currently held in the NT domain database. 290 * This call requires an OpenPolicy2 handle. The enum_context is used to 291 * support multiple enumeration calls to obtain the complete list. 292 * It should be set to 0 on the first call and passed unchanged on 293 * subsequent calls until there are no more accounts - the server will 294 * return STATUS_NO_MORE_ENTRIES. 295 * 296 * For now just set the status to access-denied. Note that we still have 297 * to provide a valid address for enum_buf because it's a reference and 298 * the marshalling rules require that references must not be null. 299 */ 300 static int 301 lsarpc_s_EnumTrustedDomainsEx(void *arg, ndr_xa_t *mxa) 302 { 303 struct mslsa_EnumTrustedDomainEx *param = arg; 304 struct mslsa_EnumTrustedDomainBufEx *enum_buf; 305 306 bzero(param, sizeof (struct mslsa_EnumTrustedDomainEx)); 307 308 enum_buf = NDR_NEW(mxa, struct mslsa_EnumTrustedDomainBufEx); 309 if (enum_buf == NULL) { 310 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 311 return (NDR_DRC_OK); 312 } 313 314 bzero(enum_buf, sizeof (struct mslsa_EnumTrustedDomainBufEx)); 315 param->enum_buf = enum_buf; 316 param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); 317 return (NDR_DRC_OK); 318 } 319 320 /* 321 * lsarpc_s_OpenAccount 322 * 323 * This is a request to open an account handle. 324 */ 325 static int 326 lsarpc_s_OpenAccount(void *arg, ndr_xa_t *mxa) 327 { 328 struct mslsa_OpenAccount *param = arg; 329 ndr_hdid_t *id = (ndr_hdid_t *)¶m->handle; 330 ndr_handle_t *hd; 331 332 hd = ndr_hdlookup(mxa, id); 333 if ((hd == NULL) || (hd->nh_data != &lsarpc_key_domain)) { 334 bzero(param, sizeof (struct mslsa_OpenAccount)); 335 param->status = NT_SC_ERROR(NT_STATUS_INVALID_HANDLE); 336 return (NDR_DRC_OK); 337 } 338 339 if ((id = ndr_hdalloc(mxa, &lsarpc_key_account)) != NULL) { 340 bcopy(id, ¶m->account_handle, sizeof (mslsa_handle_t)); 341 param->status = NT_STATUS_SUCCESS; 342 } else { 343 bzero(¶m->account_handle, sizeof (mslsa_handle_t)); 344 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 345 } 346 347 return (NDR_DRC_OK); 348 } 349 350 351 /* 352 * lsarpc_s_EnumPrivsAccount 353 * 354 * This is the server side function for handling requests for account 355 * privileges. For now just set the status to not-supported status and 356 * return NDR_DRC_OK. Note that we still have to provide a valid 357 * address for enum_buf because it's a reference and the marshalling 358 * rules require that references must not be null. 359 */ 360 /*ARGSUSED*/ 361 static int 362 lsarpc_s_EnumPrivsAccount(void *arg, ndr_xa_t *mxa) 363 { 364 struct mslsa_EnumPrivsAccount *param = arg; 365 366 bzero(param, sizeof (struct mslsa_EnumPrivsAccount)); 367 param->status = NT_SC_ERROR(NT_STATUS_NOT_SUPPORTED); 368 return (NDR_DRC_OK); 369 } 370 371 /* 372 * lsarpc_s_LookupPrivValue 373 * 374 * Server side function used to map a privilege name to a locally unique 375 * identifier (LUID). 376 */ 377 /*ARGSUSED*/ 378 static int 379 lsarpc_s_LookupPrivValue(void *arg, ndr_xa_t *mxa) 380 { 381 struct mslsa_LookupPrivValue *param = arg; 382 smb_privinfo_t *pi; 383 384 if ((pi = smb_priv_getbyname((char *)param->name.str)) == NULL) { 385 bzero(param, sizeof (struct mslsa_LookupPrivValue)); 386 param->status = NT_SC_ERROR(NT_STATUS_NO_SUCH_PRIVILEGE); 387 return (NDR_DRC_OK); 388 } 389 390 param->luid.low_part = pi->id; 391 param->luid.high_part = 0; 392 param->status = NT_STATUS_SUCCESS; 393 return (NDR_DRC_OK); 394 } 395 396 /* 397 * lsarpc_s_LookupPrivName 398 * 399 * Server side function used to map a locally unique identifier (LUID) 400 * to the appropriate privilege name string. 401 */ 402 static int 403 lsarpc_s_LookupPrivName(void *arg, ndr_xa_t *mxa) 404 { 405 struct mslsa_LookupPrivName *param = arg; 406 smb_privinfo_t *pi; 407 int rc; 408 409 if ((pi = smb_priv_getbyvalue(param->luid.low_part)) == NULL) { 410 bzero(param, sizeof (struct mslsa_LookupPrivName)); 411 param->status = NT_SC_ERROR(NT_STATUS_NO_SUCH_PRIVILEGE); 412 return (NDR_DRC_OK); 413 } 414 415 param->name = NDR_NEW(mxa, mslsa_string_t); 416 if (param->name == NULL) { 417 bzero(param, sizeof (struct mslsa_LookupPrivName)); 418 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 419 return (NDR_DRC_OK); 420 } 421 422 rc = NDR_MSTRING(mxa, pi->name, (ndr_mstring_t *)param->name); 423 if (rc == -1) { 424 bzero(param, sizeof (struct mslsa_LookupPrivName)); 425 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 426 return (NDR_DRC_OK); 427 } 428 429 param->status = NT_STATUS_SUCCESS; 430 return (NDR_DRC_OK); 431 } 432 433 /* 434 * lsarpc_s_LookupPrivDisplayName 435 * 436 * This is the server side function for handling requests for account 437 * privileges. For now just set the status to not-supported status and 438 * return NDR_DRC_OK. 439 */ 440 static int 441 lsarpc_s_LookupPrivDisplayName(void *arg, ndr_xa_t *mxa) 442 { 443 struct mslsa_LookupPrivDisplayName *param = arg; 444 smb_privinfo_t *pi; 445 int rc; 446 447 if ((pi = smb_priv_getbyname((char *)param->name.str)) == NULL) { 448 bzero(param, sizeof (struct mslsa_LookupPrivDisplayName)); 449 param->status = NT_SC_ERROR(NT_STATUS_NO_SUCH_PRIVILEGE); 450 return (NDR_DRC_OK); 451 } 452 453 param->display_name = NDR_NEW(mxa, mslsa_string_t); 454 if (param->display_name == NULL) { 455 bzero(param, sizeof (struct mslsa_LookupPrivDisplayName)); 456 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 457 return (NDR_DRC_OK); 458 } 459 460 rc = NDR_MSTRING(mxa, pi->display_name, 461 (ndr_mstring_t *)param->display_name); 462 if (rc == -1) { 463 bzero(param, sizeof (struct mslsa_LookupPrivDisplayName)); 464 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 465 return (NDR_DRC_OK); 466 } 467 468 param->language_ret = MAKELANGID(LANG_NEUTRAL, SUBLANG_NEUTRAL); 469 param->status = NT_STATUS_SUCCESS; 470 return (NDR_DRC_OK); 471 } 472 473 static int 474 lsarpc_s_CreateSecret(void *arg, ndr_xa_t *mxa) 475 { 476 struct mslsa_CreateSecret *param = arg; 477 ndr_hdid_t *id = (ndr_hdid_t *)¶m->handle; 478 ndr_handle_t *hd; 479 480 hd = ndr_hdlookup(mxa, id); 481 if ((hd == NULL) || (hd->nh_data != &lsarpc_key_domain)) { 482 bzero(param, sizeof (struct mslsa_OpenAccount)); 483 param->status = NT_SC_ERROR(NT_STATUS_INVALID_HANDLE); 484 return (NDR_DRC_OK); 485 } 486 487 bzero(¶m->secret_handle, sizeof (mslsa_handle_t)); 488 param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); 489 return (NDR_DRC_OK); 490 } 491 492 static int 493 lsarpc_s_OpenSecret(void *arg, ndr_xa_t *mxa) 494 { 495 struct mslsa_OpenSecret *param = arg; 496 ndr_hdid_t *id = (ndr_hdid_t *)¶m->handle; 497 ndr_handle_t *hd; 498 499 hd = ndr_hdlookup(mxa, id); 500 if ((hd == NULL) || (hd->nh_data != &lsarpc_key_domain)) { 501 bzero(param, sizeof (struct mslsa_OpenAccount)); 502 param->status = NT_SC_ERROR(NT_STATUS_INVALID_HANDLE); 503 return (NDR_DRC_OK); 504 } 505 506 bzero(¶m->secret_handle, sizeof (mslsa_handle_t)); 507 param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); 508 return (NDR_DRC_OK); 509 } 510 511 /* 512 * lsarpc_s_GetConnectedUser 513 * 514 * Return the account name and NetBIOS domain name for the user making 515 * the request. The hostname field should be ignored by the server. 516 * 517 * Note: MacOS uses this, whether we're a domain member or not. 518 */ 519 static int 520 lsarpc_s_GetConnectedUser(void *arg, ndr_xa_t *mxa) 521 { 522 struct mslsa_GetConnectedUser *param = arg; 523 smb_netuserinfo_t *user = mxa->pipe->np_user; 524 DWORD status = NT_STATUS_SUCCESS; 525 int rc1; 526 int rc2; 527 528 param->owner = NDR_NEW(mxa, struct mslsa_string_desc); 529 param->domain = NDR_NEW(mxa, struct mslsa_DomainName); 530 if (param->owner == NULL || param->domain == NULL) { 531 status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 532 param->status = status; 533 return (NDR_DRC_OK); 534 } 535 536 param->domain->name = NDR_NEW(mxa, struct mslsa_string_desc); 537 if (param->domain->name == NULL) { 538 status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 539 param->status = status; 540 return (NDR_DRC_OK); 541 } 542 543 rc1 = NDR_MSTRING(mxa, user->ui_account, 544 (ndr_mstring_t *)param->owner); 545 rc2 = NDR_MSTRING(mxa, user->ui_domain, 546 (ndr_mstring_t *)param->domain->name); 547 548 if (rc1 == -1 || rc2 == -1) 549 status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 550 551 param->status = status; 552 return (NDR_DRC_OK); 553 } 554 555 556 /* 557 * lsarpc_s_QueryInfoPolicy 558 * 559 * This is the server side function for handling LSA information policy 560 * queries. Currently, we only support primary domain and account 561 * domain queries. This is just a front end to switch on the request 562 * and hand it off to the appropriate function to actually deal with 563 * obtaining and building the response. 564 */ 565 static int 566 lsarpc_s_QueryInfoPolicy(void *arg, ndr_xa_t *mxa) 567 { 568 struct mslsa_QueryInfoPolicy *param = arg; 569 union mslsa_PolicyInfoResUnion *ru = ¶m->ru; 570 int security_mode; 571 DWORD status; 572 573 param->switch_value = param->info_class; 574 575 switch (param->info_class) { 576 case MSLSA_POLICY_AUDIT_EVENTS_INFO: 577 ru->audit_events.enabled = 0; 578 ru->audit_events.count = 1; 579 ru->audit_events.settings 580 = NDR_MALLOC(mxa, sizeof (DWORD)); 581 bzero(ru->audit_events.settings, sizeof (DWORD)); 582 status = NT_STATUS_SUCCESS; 583 break; 584 585 case MSLSA_POLICY_PRIMARY_DOMAIN_INFO: 586 status = lsarpc_s_PrimaryDomainInfo(&ru->pd_info, mxa); 587 break; 588 589 case MSLSA_POLICY_ACCOUNT_DOMAIN_INFO: 590 status = lsarpc_s_AccountDomainInfo(&ru->ad_info, mxa); 591 break; 592 593 case MSLSA_POLICY_SERVER_ROLE_INFO: 594 security_mode = smb_config_get_secmode(); 595 596 if (security_mode == SMB_SECMODE_DOMAIN) 597 ru->server_role.role = LSA_ROLE_MEMBER_SERVER; 598 else 599 ru->server_role.role = LSA_ROLE_STANDALONE_SERVER; 600 601 ru->server_role.pad = 0; 602 status = NT_STATUS_SUCCESS; 603 break; 604 605 default: 606 bzero(param, sizeof (struct mslsa_QueryInfoPolicy)); 607 param->status = NT_SC_ERROR(NT_STATUS_INVALID_INFO_CLASS); 608 return (NDR_DRC_OK); 609 } 610 611 if (status != NT_STATUS_SUCCESS) 612 param->status = NT_SC_ERROR(status); 613 else 614 param->status = NT_STATUS_SUCCESS; 615 param->address = (DWORD)(uintptr_t)ru; 616 617 return (NDR_DRC_OK); 618 } 619 620 621 /* 622 * lsarpc_s_PrimaryDomainInfo 623 * 624 * Service primary domain policy queries. In domain mode, return the 625 * primary domain name and SID. In workgroup mode, return the local 626 * hostname and local domain SID. 627 * 628 * Note: info is zeroed on entry to ensure the SID and name do not 629 * contain spurious values if an error is returned. 630 */ 631 static DWORD 632 lsarpc_s_PrimaryDomainInfo(struct mslsa_PrimaryDomainInfo *info, 633 ndr_xa_t *mxa) 634 { 635 smb_domain_t di; 636 boolean_t found; 637 int rc; 638 639 bzero(info, sizeof (struct mslsa_PrimaryDomainInfo)); 640 641 if (smb_config_get_secmode() != SMB_SECMODE_DOMAIN) 642 found = smb_domain_lookup_type(SMB_DOMAIN_LOCAL, &di); 643 else 644 found = smb_domain_lookup_type(SMB_DOMAIN_PRIMARY, &di); 645 646 if (!found) 647 return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); 648 649 rc = NDR_MSTRING(mxa, di.di_nbname, (ndr_mstring_t *)&info->name); 650 info->sid = (struct mslsa_sid *)NDR_SIDDUP(mxa, di.di_binsid); 651 652 if ((rc == -1) || (info->sid == NULL)) 653 return (NT_STATUS_NO_MEMORY); 654 655 return (NT_STATUS_SUCCESS); 656 } 657 658 659 /* 660 * lsarpc_s_AccountDomainInfo 661 * 662 * Service account domain policy queries. We return our local domain 663 * information so that the client knows who to query for information 664 * on local names and SIDs. The domain name is the local hostname. 665 * 666 * Note: info is zeroed on entry to ensure the SID and name do not 667 * contain spurious values if an error is returned. 668 */ 669 static DWORD 670 lsarpc_s_AccountDomainInfo(struct mslsa_AccountDomainInfo *info, 671 ndr_xa_t *mxa) 672 { 673 smb_domain_t di; 674 int rc; 675 676 bzero(info, sizeof (struct mslsa_AccountDomainInfo)); 677 678 if (!smb_domain_lookup_type(SMB_DOMAIN_LOCAL, &di)) 679 return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); 680 681 rc = NDR_MSTRING(mxa, di.di_nbname, (ndr_mstring_t *)&info->name); 682 info->sid = (struct mslsa_sid *)NDR_SIDDUP(mxa, di.di_binsid); 683 684 if ((rc == -1) || (info->sid == NULL)) 685 return (NT_STATUS_NO_MEMORY); 686 687 return (NT_STATUS_SUCCESS); 688 } 689 690 /* 691 * lsarpc_s_LookupNames 692 * 693 * This is the service side function for handling name lookup requests. 694 * Currently, we only support lookups of a single name. This is also a 695 * pass through interface so all we do is act as a proxy between the 696 * client and the DC. 697 */ 698 static int 699 lsarpc_s_LookupNames(void *arg, ndr_xa_t *mxa) 700 { 701 struct mslsa_LookupNames *param = arg; 702 struct mslsa_rid_entry *rids; 703 struct mslsa_domain_table *domain_table; 704 struct mslsa_domain_entry *domain_entry; 705 smb_account_t account; 706 uint32_t status; 707 char *accname; 708 int rc = 0; 709 710 if (param->name_table->n_entry != 1) 711 return (NDR_DRC_FAULT_PARAM_0_UNIMPLEMENTED); 712 713 rids = NDR_NEW(mxa, struct mslsa_rid_entry); 714 domain_table = NDR_NEW(mxa, struct mslsa_domain_table); 715 domain_entry = NDR_NEW(mxa, struct mslsa_domain_entry); 716 717 if (rids == NULL || domain_table == NULL || domain_entry == NULL) { 718 bzero(param, sizeof (struct mslsa_LookupNames)); 719 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 720 return (NDR_DRC_OK); 721 } 722 723 accname = (char *)param->name_table->names->str; 724 status = lsa_lookup_name(accname, SidTypeUnknown, &account); 725 if (status != NT_STATUS_SUCCESS) { 726 bzero(param, sizeof (struct mslsa_LookupNames)); 727 param->status = NT_SC_ERROR(status); 728 return (NDR_DRC_OK); 729 } 730 731 /* 732 * Set up the rid table. 733 */ 734 rids[0].sid_name_use = account.a_type; 735 rids[0].rid = account.a_rid; 736 rids[0].domain_index = 0; 737 param->translated_sids.n_entry = 1; 738 param->translated_sids.rids = rids; 739 740 /* 741 * Set up the domain table. 742 */ 743 domain_table->entries = domain_entry; 744 domain_table->n_entry = 1; 745 domain_table->max_n_entry = MLSVC_DOMAIN_MAX; 746 747 rc = NDR_MSTRING(mxa, account.a_domain, 748 (ndr_mstring_t *)&domain_entry->domain_name); 749 domain_entry->domain_sid = 750 (struct mslsa_sid *)NDR_SIDDUP(mxa, account.a_domsid); 751 752 if (rc == -1 || domain_entry->domain_sid == NULL) { 753 smb_account_free(&account); 754 bzero(param, sizeof (struct mslsa_LookupNames)); 755 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 756 return (NDR_DRC_OK); 757 } 758 759 param->domain_table = domain_table; 760 param->mapped_count = 1; 761 param->status = NT_STATUS_SUCCESS; 762 763 smb_account_free(&account); 764 return (NDR_DRC_OK); 765 } 766 767 /* 768 * lsarpc_s_LookupSids 769 * 770 * This is the service side function for handling sid lookup requests. 771 * We have to set up both the name table and the domain table in the 772 * response. For each SID, we check for UNIX domain (local lookup) or 773 * NT domain (DC lookup) and call the appropriate lookup function. This 774 * should resolve the SID to a name. Then we need to update the domain 775 * table and make the name entry point at the appropriate domain table 776 * entry. 777 * 778 * 779 * This RPC should behave as if LookupOptions is LSA_LOOKUP_OPT_ALL and 780 * ClientRevision is LSA_CLIENT_REVISION_NT. 781 * 782 * On success return 0. Otherwise return an RPC specific error code. 783 */ 784 785 static int 786 lsarpc_s_LookupSids(void *arg, ndr_xa_t *mxa) 787 { 788 struct mslsa_LookupSids *param = arg; 789 struct mslsa_domain_table *domain_table; 790 struct mslsa_domain_entry *domain_entry; 791 struct mslsa_name_entry *names; 792 struct mslsa_name_entry *name; 793 smb_account_t account; 794 smb_sid_t *sid; 795 DWORD n_entry; 796 DWORD n_mapped; 797 char sidstr[SMB_SID_STRSZ]; 798 int result; 799 int i; 800 801 bzero(&account, sizeof (smb_account_t)); 802 n_mapped = 0; 803 n_entry = param->lup_sid_table.n_entry; 804 805 names = NDR_NEWN(mxa, struct mslsa_name_entry, n_entry); 806 domain_table = NDR_NEW(mxa, struct mslsa_domain_table); 807 domain_entry = NDR_NEWN(mxa, struct mslsa_domain_entry, 808 MLSVC_DOMAIN_MAX); 809 810 if (names == NULL || domain_table == NULL || domain_entry == NULL) 811 goto lookup_sid_failed; 812 813 domain_table->entries = domain_entry; 814 domain_table->n_entry = 0; 815 domain_table->max_n_entry = MLSVC_DOMAIN_MAX; 816 817 name = names; 818 for (i = 0; i < n_entry; ++i, name++) { 819 bzero(name, sizeof (struct mslsa_name_entry)); 820 sid = (smb_sid_t *)param->lup_sid_table.entries[i].psid; 821 822 result = lsa_lookup_sid(sid, &account); 823 if ((result != NT_STATUS_SUCCESS) || 824 (account.a_name == NULL) || (*account.a_name == '\0')) { 825 account.a_type = SidTypeUnknown; 826 smb_sid_tostr(sid, sidstr); 827 828 if (NDR_MSTRING(mxa, sidstr, 829 (ndr_mstring_t *)&name->name) == -1) 830 goto lookup_sid_failed; 831 832 } else { 833 if (NDR_MSTRING(mxa, account.a_name, 834 (ndr_mstring_t *)&name->name) == -1) 835 goto lookup_sid_failed; 836 837 ++n_mapped; 838 } 839 840 name->sid_name_use = account.a_type; 841 842 result = lsarpc_s_UpdateDomainTable(mxa, &account, 843 domain_table, &name->domain_ix); 844 if (result == -1) 845 goto lookup_sid_failed; 846 847 smb_account_free(&account); 848 } 849 850 param->domain_table = domain_table; 851 param->name_table.n_entry = n_entry; 852 param->name_table.entries = names; 853 param->mapped_count = n_mapped; 854 855 if (n_mapped == n_entry) 856 param->status = NT_STATUS_SUCCESS; 857 else if (n_mapped == 0) 858 param->status = NT_STATUS_NONE_MAPPED; 859 else 860 param->status = NT_STATUS_SOME_NOT_MAPPED; 861 862 return (NDR_DRC_OK); 863 864 lookup_sid_failed: 865 smb_account_free(&account); 866 bzero(param, sizeof (struct mslsa_LookupSids)); 867 return (NDR_DRC_FAULT_OUT_OF_MEMORY); 868 } 869 870 /* 871 * lsarpc_s_UpdateDomainTable 872 * 873 * This routine is responsible for maintaining the domain table which 874 * will be returned from a SID lookup. Whenever a name is added to the 875 * name table, this function should be called with the corresponding 876 * domain name. If the domain information is not already in the table, 877 * it is added. On success return 0; Otherwise -1 is returned. 878 */ 879 static int 880 lsarpc_s_UpdateDomainTable(ndr_xa_t *mxa, 881 smb_account_t *account, struct mslsa_domain_table *domain_table, 882 DWORD *domain_idx) 883 { 884 struct mslsa_domain_entry *dentry; 885 DWORD n_entry; 886 DWORD i; 887 int rc; 888 889 if (account->a_type == SidTypeUnknown || 890 account->a_type == SidTypeInvalid) { 891 /* 892 * These types don't need to reference an entry in the 893 * domain table. So return -1. 894 */ 895 *domain_idx = (DWORD)-1; 896 return (0); 897 } 898 899 if ((dentry = domain_table->entries) == NULL) 900 return (-1); 901 902 if ((n_entry = domain_table->n_entry) >= MLSVC_DOMAIN_MAX) 903 return (-1); 904 905 for (i = 0; i < n_entry; ++i) { 906 if (smb_sid_cmp((smb_sid_t *)dentry[i].domain_sid, 907 account->a_domsid)) { 908 *domain_idx = i; 909 return (0); 910 } 911 } 912 913 if (i == MLSVC_DOMAIN_MAX) 914 return (-1); 915 916 rc = NDR_MSTRING(mxa, account->a_domain, 917 (ndr_mstring_t *)&dentry[i].domain_name); 918 dentry[i].domain_sid = 919 (struct mslsa_sid *)NDR_SIDDUP(mxa, account->a_domsid); 920 921 if (rc == -1 || dentry[i].domain_sid == NULL) 922 return (-1); 923 924 ++domain_table->n_entry; 925 *domain_idx = i; 926 return (0); 927 } 928 929 /* 930 * lsarpc_s_LookupSids2 931 * 932 * Other than the use of lsar_lookup_sids2 and lsar_name_entry2, this 933 * is identical to lsarpc_s_LookupSids. 934 * 935 * Ignore lookup_level, it is reserved and should be zero. 936 */ 937 static int 938 lsarpc_s_LookupSids2(void *arg, ndr_xa_t *mxa) 939 { 940 struct lsar_lookup_sids2 *param = arg; 941 struct lsar_name_entry2 *names; 942 struct lsar_name_entry2 *name; 943 struct mslsa_domain_table *domain_table; 944 struct mslsa_domain_entry *domain_entry; 945 smb_account_t account; 946 smb_sid_t *sid; 947 DWORD n_entry; 948 DWORD n_mapped; 949 char sidstr[SMB_SID_STRSZ]; 950 int result; 951 int i; 952 953 bzero(&account, sizeof (smb_account_t)); 954 n_mapped = 0; 955 n_entry = param->lup_sid_table.n_entry; 956 957 names = NDR_NEWN(mxa, struct lsar_name_entry2, n_entry); 958 domain_table = NDR_NEW(mxa, struct mslsa_domain_table); 959 domain_entry = NDR_NEWN(mxa, struct mslsa_domain_entry, 960 MLSVC_DOMAIN_MAX); 961 962 if (names == NULL || domain_table == NULL || domain_entry == NULL) 963 goto lookup_sid_failed; 964 965 domain_table->entries = domain_entry; 966 domain_table->n_entry = 0; 967 domain_table->max_n_entry = MLSVC_DOMAIN_MAX; 968 969 name = names; 970 for (i = 0; i < n_entry; ++i, name++) { 971 bzero(name, sizeof (struct lsar_name_entry2)); 972 sid = (smb_sid_t *)param->lup_sid_table.entries[i].psid; 973 974 result = lsa_lookup_sid(sid, &account); 975 if ((result != NT_STATUS_SUCCESS) || 976 (account.a_name == NULL) || (*account.a_name == '\0')) { 977 account.a_type = SidTypeUnknown; 978 smb_sid_tostr(sid, sidstr); 979 980 if (NDR_MSTRING(mxa, sidstr, 981 (ndr_mstring_t *)&name->name) == -1) 982 goto lookup_sid_failed; 983 984 } else { 985 if (NDR_MSTRING(mxa, account.a_name, 986 (ndr_mstring_t *)&name->name) == -1) 987 goto lookup_sid_failed; 988 989 ++n_mapped; 990 } 991 992 name->sid_name_use = account.a_type; 993 994 result = lsarpc_s_UpdateDomainTable(mxa, &account, 995 domain_table, &name->domain_ix); 996 if (result == -1) 997 goto lookup_sid_failed; 998 999 smb_account_free(&account); 1000 } 1001 1002 param->domain_table = domain_table; 1003 param->name_table.n_entry = n_entry; 1004 param->name_table.entries = names; 1005 param->mapped_count = n_mapped; 1006 1007 if (n_mapped == n_entry) 1008 param->status = NT_STATUS_SUCCESS; 1009 else if (n_mapped == 0) 1010 param->status = NT_STATUS_NONE_MAPPED; 1011 else 1012 param->status = NT_STATUS_SOME_NOT_MAPPED; 1013 1014 return (NDR_DRC_OK); 1015 1016 lookup_sid_failed: 1017 smb_account_free(&account); 1018 bzero(param, sizeof (struct lsar_lookup_sids2)); 1019 return (NDR_DRC_FAULT_OUT_OF_MEMORY); 1020 } 1021 1022 /* 1023 * LookupSids3 is only valid on domain controllers. 1024 * Other servers must return NT_STATUS_INVALID_SERVER_STATE. 1025 */ 1026 /*ARGSUSED*/ 1027 static int 1028 lsarpc_s_LookupSids3(void *arg, ndr_xa_t *mxa) 1029 { 1030 struct lsar_lookup_sids3 *param = arg; 1031 1032 bzero(param, sizeof (struct lsar_lookup_sids3)); 1033 param->status = NT_SC_ERROR(NT_STATUS_INVALID_SERVER_STATE); 1034 return (NDR_DRC_OK); 1035 } 1036 1037 /* 1038 * lsarpc_s_LookupNames2 1039 * 1040 * Other than the use of lsar_LookupNames2 and lsar_rid_entry2, this 1041 * is identical to lsarpc_s_LookupNames. 1042 * 1043 * If LookupOptions contains LSA_LOOKUP_OPT_LOCAL and LookupLevel is not 1044 * LSA_LOOKUP_WKSTA, return STATUS_INVALID_PARAMETER. 1045 */ 1046 static int 1047 lsarpc_s_LookupNames2(void *arg, ndr_xa_t *mxa) 1048 { 1049 struct lsar_LookupNames2 *param = arg; 1050 struct lsar_rid_entry2 *rids; 1051 struct mslsa_domain_table *domain_table; 1052 struct mslsa_domain_entry *domain_entry; 1053 smb_account_t account; 1054 uint32_t status; 1055 char *accname; 1056 int rc = 0; 1057 1058 if (param->name_table->n_entry != 1) 1059 return (NDR_DRC_FAULT_PARAM_0_UNIMPLEMENTED); 1060 1061 if ((param->lookup_options & LSA_LOOKUP_OPT_LOCAL) && 1062 param->lookup_level != LSA_LOOKUP_WKSTA) { 1063 bzero(param, sizeof (struct lsar_LookupNames2)); 1064 param->status = NT_SC_ERROR(NT_STATUS_INVALID_PARAMETER); 1065 return (NDR_DRC_OK); 1066 } 1067 1068 rids = NDR_NEW(mxa, struct lsar_rid_entry2); 1069 domain_table = NDR_NEW(mxa, struct mslsa_domain_table); 1070 domain_entry = NDR_NEW(mxa, struct mslsa_domain_entry); 1071 1072 if (rids == NULL || domain_table == NULL || domain_entry == NULL) { 1073 bzero(param, sizeof (struct lsar_LookupNames2)); 1074 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 1075 return (NDR_DRC_OK); 1076 } 1077 1078 accname = (char *)param->name_table->names->str; 1079 status = lsa_lookup_name(accname, SidTypeUnknown, &account); 1080 if (status != NT_STATUS_SUCCESS) { 1081 bzero(param, sizeof (struct lsar_LookupNames2)); 1082 param->status = NT_SC_ERROR(status); 1083 return (NDR_DRC_OK); 1084 } 1085 1086 /* 1087 * Set up the rid table. 1088 */ 1089 bzero(rids, sizeof (struct lsar_rid_entry2)); 1090 rids[0].sid_name_use = account.a_type; 1091 rids[0].rid = account.a_rid; 1092 rids[0].domain_index = 0; 1093 param->translated_sids.n_entry = 1; 1094 param->translated_sids.rids = rids; 1095 1096 /* 1097 * Set up the domain table. 1098 */ 1099 domain_table->entries = domain_entry; 1100 domain_table->n_entry = 1; 1101 domain_table->max_n_entry = MLSVC_DOMAIN_MAX; 1102 1103 rc = NDR_MSTRING(mxa, account.a_domain, 1104 (ndr_mstring_t *)&domain_entry->domain_name); 1105 1106 domain_entry->domain_sid = 1107 (struct mslsa_sid *)NDR_SIDDUP(mxa, account.a_domsid); 1108 1109 if (rc == -1 || domain_entry->domain_sid == NULL) { 1110 smb_account_free(&account); 1111 bzero(param, sizeof (struct lsar_LookupNames2)); 1112 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 1113 return (NDR_DRC_OK); 1114 } 1115 1116 param->domain_table = domain_table; 1117 param->mapped_count = 1; 1118 param->status = NT_STATUS_SUCCESS; 1119 1120 smb_account_free(&account); 1121 return (NDR_DRC_OK); 1122 } 1123 1124 /* 1125 * Other than the use of lsar_LookupNames2 and lsar_rid_entry2, this 1126 * is identical to lsarpc_s_LookupNames. 1127 * 1128 * If LookupOptions contains LSA_LOOKUP_OPT_LOCAL and LookupLevel is not 1129 * LSA_LOOKUP_WKSTA, return STATUS_INVALID_PARAMETER. 1130 */ 1131 static int 1132 lsarpc_s_LookupNames3(void *arg, ndr_xa_t *mxa) 1133 { 1134 struct lsar_LookupNames3 *param = arg; 1135 struct lsar_translated_sid_ex2 *sids; 1136 struct mslsa_domain_table *domain_table; 1137 struct mslsa_domain_entry *domain_entry; 1138 smb_account_t account; 1139 uint32_t status; 1140 char *accname; 1141 int rc = 0; 1142 1143 if (param->name_table->n_entry != 1) 1144 return (NDR_DRC_FAULT_PARAM_0_UNIMPLEMENTED); 1145 1146 if ((param->lookup_options & LSA_LOOKUP_OPT_LOCAL) && 1147 param->lookup_level != LSA_LOOKUP_WKSTA) { 1148 bzero(param, sizeof (struct lsar_LookupNames3)); 1149 param->status = NT_SC_ERROR(NT_STATUS_INVALID_PARAMETER); 1150 return (NDR_DRC_OK); 1151 } 1152 1153 sids = NDR_NEW(mxa, struct lsar_translated_sid_ex2); 1154 domain_table = NDR_NEW(mxa, struct mslsa_domain_table); 1155 domain_entry = NDR_NEW(mxa, struct mslsa_domain_entry); 1156 1157 if (sids == NULL || domain_table == NULL || domain_entry == NULL) { 1158 bzero(param, sizeof (struct lsar_LookupNames3)); 1159 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 1160 return (NDR_DRC_OK); 1161 } 1162 1163 accname = (char *)param->name_table->names->str; 1164 status = lsa_lookup_name(accname, SidTypeUnknown, &account); 1165 if (status != NT_STATUS_SUCCESS) { 1166 bzero(param, sizeof (struct lsar_LookupNames3)); 1167 param->status = NT_SC_ERROR(status); 1168 return (NDR_DRC_OK); 1169 } 1170 1171 /* 1172 * Set up the SID table. 1173 */ 1174 bzero(sids, sizeof (struct lsar_translated_sid_ex2)); 1175 sids[0].sid_name_use = account.a_type; 1176 sids[0].sid = (struct mslsa_sid *)NDR_SIDDUP(mxa, account.a_sid); 1177 sids[0].domain_index = 0; 1178 param->translated_sids.n_entry = 1; 1179 param->translated_sids.sids = sids; 1180 1181 /* 1182 * Set up the domain table. 1183 */ 1184 domain_table->entries = domain_entry; 1185 domain_table->n_entry = 1; 1186 domain_table->max_n_entry = MLSVC_DOMAIN_MAX; 1187 1188 rc = NDR_MSTRING(mxa, account.a_domain, 1189 (ndr_mstring_t *)&domain_entry->domain_name); 1190 1191 domain_entry->domain_sid = 1192 (struct mslsa_sid *)NDR_SIDDUP(mxa, account.a_domsid); 1193 1194 if (rc == -1 || domain_entry->domain_sid == NULL) { 1195 smb_account_free(&account); 1196 bzero(param, sizeof (struct lsar_LookupNames3)); 1197 param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); 1198 return (NDR_DRC_OK); 1199 } 1200 1201 param->domain_table = domain_table; 1202 param->mapped_count = 1; 1203 param->status = NT_STATUS_SUCCESS; 1204 1205 smb_account_free(&account); 1206 return (NDR_DRC_OK); 1207 } 1208 1209 /* 1210 * LookupNames4 is only valid on domain controllers. 1211 * Other servers must return NT_STATUS_INVALID_SERVER_STATE. 1212 */ 1213 /*ARGSUSED*/ 1214 static int 1215 lsarpc_s_LookupNames4(void *arg, ndr_xa_t *mxa) 1216 { 1217 struct lsar_LookupNames4 *param = arg; 1218 1219 bzero(param, sizeof (struct lsar_LookupNames4)); 1220 param->status = NT_SC_ERROR(NT_STATUS_INVALID_SERVER_STATE); 1221 return (NDR_DRC_OK); 1222 } 1223 1224 /* 1225 * There is a bug in the way that ndrgen and the marshalling code handles 1226 * unions so we need to fix some of the data offsets at runtime. The 1227 * following macros and the fixup functions handle the corrections. 1228 */ 1229 1230 DECL_FIXUP_STRUCT(mslsa_PolicyInfoResUnion); 1231 DECL_FIXUP_STRUCT(mslsa_PolicyInfoRes); 1232 DECL_FIXUP_STRUCT(mslsa_QueryInfoPolicy); 1233 void 1234 fixup_mslsa_QueryInfoPolicy(struct mslsa_QueryInfoPolicy *val) 1235 { 1236 unsigned short size1 = 0; 1237 unsigned short size2 = 0; 1238 unsigned short size3 = 0; 1239 1240 switch (val->info_class) { 1241 case MSLSA_POLICY_AUDIT_EVENTS_INFO: 1242 size1 = sizeof (struct mslsa_AuditEventsInfo); 1243 break; 1244 1245 case MSLSA_POLICY_PRIMARY_DOMAIN_INFO: 1246 size1 = sizeof (struct mslsa_PrimaryDomainInfo); 1247 break; 1248 1249 case MSLSA_POLICY_ACCOUNT_DOMAIN_INFO: 1250 size1 = sizeof (struct mslsa_AccountDomainInfo); 1251 break; 1252 1253 case MSLSA_POLICY_SERVER_ROLE_INFO: 1254 size1 = sizeof (struct mslsa_ServerRoleInfo); 1255 break; 1256 1257 case MSLSA_POLICY_DNS_DOMAIN_INFO: 1258 size1 = sizeof (struct mslsa_DnsDomainInfo); 1259 break; 1260 1261 default: 1262 return; 1263 }; 1264 1265 size2 = size1 + (2 * sizeof (DWORD)); 1266 size3 = size2 + sizeof (ndr_request_hdr_t) + sizeof (DWORD); 1267 1268 FIXUP_PDU_SIZE(mslsa_PolicyInfoResUnion, size1); 1269 FIXUP_PDU_SIZE(mslsa_PolicyInfoRes, size2); 1270 FIXUP_PDU_SIZE(mslsa_QueryInfoPolicy, size3); 1271 } 1272