From 54abd2aa66069e6baf7769c496f46d9dba18db39 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 30 Sep 2005 17:13:37 +0000 Subject: r10656: BIG merge from trunk. Features not copied over * \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3) --- source3/rpc_client/cli_dfs.c | 136 +- source3/rpc_client/cli_ds.c | 81 +- source3/rpc_client/cli_echo.c | 125 +- source3/rpc_client/cli_lsarpc.c | 723 ++----- source3/rpc_client/cli_netlogon.c | 860 ++++----- source3/rpc_client/cli_pipe.c | 3161 ++++++++++++++++++++----------- source3/rpc_client/cli_reg.c | 101 +- source3/rpc_client/cli_samr.c | 1164 +++--------- source3/rpc_client/cli_shutdown.c | 107 +- source3/rpc_client/cli_spoolss.c | 198 +- source3/rpc_client/cli_spoolss_notify.c | 129 +- source3/rpc_client/cli_srvsvc.c | 302 ++- source3/rpc_client/cli_svcctl.c | 74 +- source3/rpc_client/cli_wkssvc.c | 63 +- 14 files changed, 3289 insertions(+), 3935 deletions(-) (limited to 'source3/rpc_client') diff --git a/source3/rpc_client/cli_dfs.c b/source3/rpc_client/cli_dfs.c index 79335191183..78df220ac2a 100644 --- a/source3/rpc_client/cli_dfs.c +++ b/source3/rpc_client/cli_dfs.c @@ -2,6 +2,7 @@ Unix SMB/CIFS implementation. RPC pipe client Copyright (C) Tim Potter 2000-2001, + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,7 +23,7 @@ /* Query DFS support */ -NTSTATUS cli_dfs_exist(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_dfs_exist(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, BOOL *dfs_exists) { prs_struct qbuf, rbuf; @@ -33,25 +34,16 @@ NTSTATUS cli_dfs_exist(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_dfs_q_dfs_exist(&q); - if (!dfs_io_q_dfs_exist("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETDFS, DFS_EXIST, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!dfs_io_r_dfs_exist("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_NETDFS, DFS_EXIST, + q, r, + qbuf, rbuf, + dfs_io_q_dfs_exist, + dfs_io_r_dfs_exist, + NT_STATUS_UNSUCCESSFUL); /* Return result */ @@ -59,14 +51,10 @@ NTSTATUS cli_dfs_exist(struct cli_state *cli, TALLOC_CTX *mem_ctx, result = NT_STATUS_OK; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_dfs_add(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_dfs_add(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *entrypath, const char *servername, const char *sharename, const char *comment, uint32 flags) { @@ -78,39 +66,26 @@ NTSTATUS cli_dfs_add(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_dfs_q_dfs_add(&q, entrypath, servername, sharename, comment, flags); - if (!dfs_io_q_dfs_add("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETDFS, DFS_ADD, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!dfs_io_r_dfs_add("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_NETDFS, DFS_ADD, + q, r, + qbuf, rbuf, + dfs_io_q_dfs_add, + dfs_io_r_dfs_add, + NT_STATUS_UNSUCCESSFUL); /* Return result */ result = werror_to_ntstatus(r.status); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_dfs_remove(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_dfs_remove(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *entrypath, const char *servername, const char *sharename) { @@ -122,38 +97,25 @@ NTSTATUS cli_dfs_remove(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_dfs_q_dfs_remove(&q, entrypath, servername, sharename); - if (!dfs_io_q_dfs_remove("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETDFS, DFS_REMOVE, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!dfs_io_r_dfs_remove("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_NETDFS, DFS_REMOVE, + q, r, + qbuf, rbuf, + dfs_io_q_dfs_remove, + dfs_io_r_dfs_remove, + NT_STATUS_UNSUCCESSFUL); /* Return result */ result = werror_to_ntstatus(r.status); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_dfs_get_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_dfs_get_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *entrypath, const char *servername, const char *sharename, uint32 info_level, DFS_INFO_CTR *ctr) @@ -167,42 +129,29 @@ NTSTATUS cli_dfs_get_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_dfs_q_dfs_get_info(&q, entrypath, servername, sharename, info_level); - if (!dfs_io_q_dfs_get_info("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETDFS, DFS_GET_INFO, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!dfs_io_r_dfs_get_info("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_NETDFS, DFS_GET_INFO, + q, r, + qbuf, rbuf, + dfs_io_q_dfs_get_info, + dfs_io_r_dfs_get_info, + NT_STATUS_UNSUCCESSFUL); /* Return result */ result = werror_to_ntstatus(r.status); *ctr = r.ctr; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Enumerate dfs shares */ -NTSTATUS cli_dfs_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_dfs_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 info_level, DFS_INFO_CTR *ctr) { prs_struct qbuf, rbuf; @@ -213,35 +162,22 @@ NTSTATUS cli_dfs_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_dfs_q_dfs_enum(&q, info_level, ctr); - if (!dfs_io_q_dfs_enum("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETDFS, DFS_ENUM, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - r.ctr = ctr; - if (!dfs_io_r_dfs_enum("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_NETDFS, DFS_ENUM, + q, r, + qbuf, rbuf, + dfs_io_q_dfs_enum, + dfs_io_r_dfs_enum, + NT_STATUS_UNSUCCESSFUL); /* Return result */ result = werror_to_ntstatus(r.status); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } diff --git a/source3/rpc_client/cli_ds.c b/source3/rpc_client/cli_ds.c index 41063a5d7fb..8d1945f7698 100644 --- a/source3/rpc_client/cli_ds.c +++ b/source3/rpc_client/cli_ds.c @@ -2,6 +2,7 @@ Unix SMB/CIFS implementation. RPC pipe client Copyright (C) Gerald Carter 2002, + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -38,30 +39,14 @@ NTSTATUS rpccli_ds_getprimarydominfo(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - if (!prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY; - } - if (!prs_init(&rbuf, 0, mem_ctx, UNMARSHALL)) { - prs_mem_free(&qbuf); - return NT_STATUS_NO_MEMORY; - } - q.level = level; - if (!ds_io_q_getprimdominfo("", &qbuf, 0, &q) - || !rpc_api_pipe_req_int(cli, DS_GETPRIMDOMINFO, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!ds_io_r_getprimdominfo("", &rbuf, 0, &r)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC_DS, DS_GETPRIMDOMINFO, + q, r, + qbuf, rbuf, + ds_io_q_getprimdominfo, + ds_io_r_getprimdominfo, + NT_STATUS_UNSUCCESSFUL); /* Return basic info - if we are requesting at info != 1 then there could be trouble. */ @@ -76,20 +61,10 @@ NTSTATUS rpccli_ds_getprimarydominfo(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_ds_getprimarydominfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, - uint16 level, DS_DOMINFO_CTR *ctr) -{ - return rpccli_ds_getprimarydominfo(&cli->pipes[PI_LSARPC_DS], mem_ctx, - level, ctr); -} - - /******************************************************************** Enumerate trusted domains in an AD forest ********************************************************************/ @@ -108,30 +83,14 @@ NTSTATUS rpccli_ds_enum_domain_trusts(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - if (!prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY;; - } - if (!prs_init(&rbuf, 0, mem_ctx, UNMARSHALL)) { - prs_mem_free(&qbuf); - return NT_STATUS_NO_MEMORY; - } - init_q_ds_enum_domain_trusts( &q, server, flags ); - if (!ds_io_q_enum_domain_trusts("", &qbuf, 0, &q) - || !rpc_api_pipe_req_int(cli, DS_ENUM_DOM_TRUSTS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!ds_io_r_enum_domain_trusts("", &rbuf, 0, &r)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC_DS, DS_ENUM_DOM_TRUSTS, + q, r, + qbuf, rbuf, + ds_io_q_enum_domain_trusts, + ds_io_r_enum_domain_trusts, + NT_STATUS_UNSUCCESSFUL); result = r.status; @@ -168,19 +127,5 @@ NTSTATUS rpccli_ds_enum_domain_trusts(struct rpc_pipe_client *cli, } } -done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } - -NTSTATUS cli_ds_enum_domain_trusts(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const char *server, uint32 flags, - struct ds_domain_trust **trusts, - uint32 *num_domains) -{ - return rpccli_ds_enum_domain_trusts(&cli->pipes[PI_NETLOGON], mem_ctx, - server, flags, trusts, - num_domains); -} diff --git a/source3/rpc_client/cli_echo.c b/source3/rpc_client/cli_echo.c index cd7e21f918f..89de6cec941 100644 --- a/source3/rpc_client/cli_echo.c +++ b/source3/rpc_client/cli_echo.c @@ -4,6 +4,7 @@ RPC pipe client Copyright (C) Tim Potter 2003 + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,7 +23,7 @@ #include "includes.h" -NTSTATUS cli_echo_add_one(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_echo_add_one(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 request, uint32 *response) { prs_struct qbuf, rbuf; @@ -33,42 +34,26 @@ NTSTATUS cli_echo_add_one(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - if (!prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY; - } - if (!prs_init(&rbuf, 0, mem_ctx, UNMARSHALL)) { - prs_mem_free(&qbuf); - return NT_STATUS_NO_MEMORY; - } - /* Marshall data and send request */ init_echo_q_add_one(&q, request); - if (!echo_io_q_add_one("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_ECHO, ECHO_ADD_ONE, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!echo_io_r_add_one("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC( cli, mem_ctx, PI_ECHO, ECHO_ADD_ONE, + q, r, + qbuf, rbuf, + echo_io_q_add_one, + echo_io_r_add_one, + NT_STATUS_UNSUCCESSFUL); if (response) *response = r.response; result = True; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } -NTSTATUS cli_echo_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_echo_data(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 size, char *in_data, char **out_data) { prs_struct qbuf, rbuf; @@ -79,28 +64,16 @@ NTSTATUS cli_echo_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - if (!prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY; - } - if (!prs_init(&rbuf, 0, mem_ctx, UNMARSHALL)) { - prs_mem_free(&qbuf); - return NT_STATUS_NO_MEMORY; - } - /* Marshall data and send request */ init_echo_q_echo_data(&q, size, in_data); - if (!echo_io_q_echo_data("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_ECHO, ECHO_DATA, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!echo_io_r_echo_data("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC( cli, mem_ctx, PI_ECHO, ECHO_DATA, + q, r, + qbuf, rbuf, + echo_io_q_echo_data, + echo_io_r_echo_data, + NT_STATUS_UNSUCCESSFUL); result = True; @@ -109,14 +82,10 @@ NTSTATUS cli_echo_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, memcpy(*out_data, r.data, size); } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } -NTSTATUS cli_echo_sink_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_echo_sink_data(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 size, char *in_data) { prs_struct qbuf, rbuf; @@ -127,41 +96,23 @@ NTSTATUS cli_echo_sink_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - if (!prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY; - } - if (!prs_init(&rbuf, 0, mem_ctx, UNMARSHALL)) { - prs_mem_free(&qbuf); - return NT_STATUS_NO_MEMORY; - } - /* Marshall data and send request */ init_echo_q_sink_data(&q, size, in_data); - if (!echo_io_q_sink_data("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_ECHO, ECHO_SINK_DATA, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!echo_io_r_sink_data("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_ECHO, ECHO_SINK_DATA, + q, r, + qbuf, rbuf, + echo_io_q_sink_data, + echo_io_r_sink_data, + NT_STATUS_UNSUCCESSFUL); result = True; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } -NTSTATUS cli_echo_source_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_echo_source_data(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 size, char **out_data) { prs_struct qbuf, rbuf; @@ -172,36 +123,18 @@ NTSTATUS cli_echo_source_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - if (!prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { - return NT_STATUS_NO_MEMORY; - } - if (!prs_init(&rbuf, 0, mem_ctx, UNMARSHALL)) { - prs_mem_free(&qbuf); - return NT_STATUS_NO_MEMORY; - } - /* Marshall data and send request */ init_echo_q_source_data(&q, size); - if (!echo_io_q_source_data("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_ECHO, ECHO_SOURCE_DATA, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!echo_io_r_source_data("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_ECHO, ECHO_SOURCE_DATA, + q, r, + qbuf, rbuf, + echo_io_q_source_data, + echo_io_r_source_data, + NT_STATUS_UNSUCCESSFUL); result = True; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result ? NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 26f82cdfbe3..d7dcda72e3f 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -3,10 +3,8 @@ RPC pipe client Copyright (C) Tim Potter 2000-2001, Copyright (C) Andrew Tridgell 1992-1997,2000, - Copyright (C) Luke Kenneth Casson Leighton 1996-1997,2000, - Copyright (C) Paul Ashton 1997,2000, - Copyright (C) Elrond 2000, Copyright (C) Rafal Szczesniak 2002 + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -24,7 +22,6 @@ */ #include "includes.h" -#include "rpc_client.h" /** @defgroup lsa LSA - Local Security Architecture * @ingroup rpc_client @@ -54,16 +51,9 @@ NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli, LSA_SEC_QOS qos; NTSTATUS result; - SMB_ASSERT(cli->pipe_idx == PI_LSARPC); - ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ if (sec_qos) { @@ -75,18 +65,12 @@ NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli, /* Marshall data and send request */ - if (!lsa_io_q_open_pol("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_OPENPOLICY, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_open_pol("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY, + q, r, + qbuf, rbuf, + lsa_io_q_open_pol, + lsa_io_r_open_pol, + NT_STATUS_UNSUCCESSFUL ); /* Return output parameters */ @@ -97,20 +81,9 @@ NTSTATUS rpccli_lsa_open_policy(struct rpc_pipe_client *cli, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_lsa_open_policy(struct cli_state *cli, TALLOC_CTX *mem_ctx, - BOOL sec_qos, uint32 des_access, POLICY_HND *pol) -{ - return rpccli_lsa_open_policy(&cli->pipes[PI_LSARPC], mem_ctx, - sec_qos, des_access, pol); -} - /** Open a LSA policy handle * * @param cli Handle on an initialised SMB connection @@ -125,40 +98,24 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli, LSA_R_OPEN_POL2 r; LSA_SEC_QOS qos; NTSTATUS result; + char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost); ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Initialise input parameters */ - if (sec_qos) { init_lsa_sec_qos(&qos, 2, 1, 0); - init_q_open_pol2(&q, cli->cli->srv_name_slash, 0, des_access, - &qos); + init_q_open_pol2(&q, srv_name_slash, 0, des_access, &qos); } else { - init_q_open_pol2(&q, cli->cli->srv_name_slash, 0, des_access, - NULL); + init_q_open_pol2(&q, srv_name_slash, 0, des_access, NULL); } - /* Marshall data and send request */ - - if (!lsa_io_q_open_pol2("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_OPENPOLICY2, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_open_pol2("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENPOLICY2, + q, r, + qbuf, rbuf, + lsa_io_q_open_pol2, + lsa_io_r_open_pol2, + NT_STATUS_UNSUCCESSFUL ); /* Return output parameters */ @@ -169,21 +126,9 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_lsa_open_policy2(struct cli_state *cli, TALLOC_CTX *mem_ctx, - BOOL sec_qos, uint32 des_access, POLICY_HND *pol) -{ - return rpccli_lsa_open_policy2(&cli->pipes[PI_LSARPC], mem_ctx, - sec_qos, des_access, pol); -} - - /** Close a LSA policy handle */ NTSTATUS rpccli_lsa_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, @@ -194,32 +139,17 @@ NTSTATUS rpccli_lsa_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, LSA_R_CLOSE r; NTSTATUS result; - SMB_ASSERT(cli->pipe_idx == PI_LSARPC); - ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_lsa_q_close(&q, pol); - if (!lsa_io_q_close("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_CLOSE, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_close("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CLOSE, + q, r, + qbuf, rbuf, + lsa_io_q_close, + lsa_io_r_close, + NT_STATUS_UNSUCCESSFUL ); /* Return output parameters */ @@ -230,19 +160,9 @@ NTSTATUS rpccli_lsa_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, *pol = r.pol; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_lsa_close(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol) -{ - return rpccli_lsa_close(&cli->pipes[PI_LSARPC], mem_ctx, pol); -} - /** Lookup a list of sids */ NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli, @@ -256,46 +176,32 @@ NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli, LSA_R_LOOKUP_SIDS r; DOM_R_REF ref; LSA_TRANS_NAME_ENUM t_names; - NTSTATUS result; + NTSTATUS result = NT_STATUS_OK; int i; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_q_lookup_sids(mem_ctx, &q, pol, num_sids, sids, 1); - if (!lsa_io_q_lookup_sids("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_LOOKUPSIDS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - ZERO_STRUCT(ref); ZERO_STRUCT(t_names); r.dom_ref = &ref; r.names = &t_names; - if (!lsa_io_r_lookup_sids("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - result = r.status; + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPSIDS, + q, r, + qbuf, rbuf, + lsa_io_q_lookup_sids, + lsa_io_r_lookup_sids, + NT_STATUS_UNSUCCESSFUL ); - if (!NT_STATUS_IS_OK(result) && - NT_STATUS_V(result) != NT_STATUS_V(STATUS_SOME_UNMAPPED)) { + if (!NT_STATUS_IS_OK(r.status) && + NT_STATUS_V(r.status) != NT_STATUS_V(STATUS_SOME_UNMAPPED)) { /* An actual error occured */ + result = r.status; goto done; } @@ -356,22 +262,10 @@ NTSTATUS rpccli_lsa_lookup_sids(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_lsa_lookup_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, int num_sids, - const DOM_SID *sids, - char ***domains, char ***names, uint32 **types) -{ - return rpccli_lsa_lookup_sids(&cli->pipes[PI_LSARPC], mem_ctx, - pol, num_sids, sids, - domains, names, types); -} - /** Lookup a list of names */ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli, @@ -390,30 +284,17 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - - init_q_lookup_names(mem_ctx, &q, pol, num_names, names); - - if (!lsa_io_q_lookup_names("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_LOOKUPNAMES, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - ZERO_STRUCT(ref); r.dom_ref = &ref; - if (!lsa_io_r_lookup_names("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + init_q_lookup_names(mem_ctx, &q, pol, num_names, names); + + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPNAMES, + q, r, + qbuf, rbuf, + lsa_io_q_lookup_names, + lsa_io_r_lookup_names, + NT_STATUS_UNSUCCESSFUL); result = r.status; @@ -468,21 +349,10 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_lsa_lookup_names(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, int num_names, - const char **names, DOM_SID **sids, - uint32 **types) -{ - return rpccli_lsa_lookup_names(&cli->pipes[PI_LSARPC], mem_ctx, - pol, num_names, names, sids, types); -} - /** Query info policy * * @param domain_sid - returned remote server's domain sid */ @@ -497,32 +367,17 @@ NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli, LSA_R_QUERY_INFO r; NTSTATUS result; - SMB_ASSERT(cli->pipe_idx == PI_LSARPC); - ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_q_query(&q, pol, info_class); - if (!lsa_io_q_query("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_QUERYINFOPOLICY, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_query("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY, + q, r, + qbuf, rbuf, + lsa_io_q_query, + lsa_io_r_query, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -570,21 +425,10 @@ NTSTATUS rpccli_lsa_query_info_policy(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_lsa_query_info_policy(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint16 info_class, - char **domain_name, DOM_SID **domain_sid) -{ - return rpccli_lsa_query_info_policy(&cli->pipes[PI_LSARPC], mem_ctx, - pol, info_class, domain_name, - domain_sid); -} - /** Query info policy2 * * @param domain_name - returned remote server's domain name @@ -612,27 +456,14 @@ NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_q_query2(&q, pol, info_class); - if (!lsa_io_q_query_info2("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, LSA_QUERYINFO2, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_query_info2("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2, + q, r, + qbuf, rbuf, + lsa_io_q_query_info2, + lsa_io_r_query_info2, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -674,25 +505,10 @@ NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_lsa_query_info_policy2(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint16 info_class, - char **domain_name, char **dns_name, - char **forest_name, - struct uuid **domain_guid, - DOM_SID **domain_sid) -{ - return rpccli_lsa_query_info_policy2(&cli->pipes[PI_LSARPC], mem_ctx, - pol, info_class, domain_name, - dns_name, forest_name, - domain_guid, domain_sid); -} - /** * Enumerate list of trusted domains * @@ -720,7 +536,6 @@ NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli, int i; fstring tmp; - ZERO_STRUCT(in); ZERO_STRUCT(out); @@ -728,7 +543,7 @@ NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli, init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000); - CLI_DO_RPC_EX( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM, + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM, in, out, qbuf, rbuf, lsa_io_q_enum_trust_dom, @@ -779,19 +594,9 @@ NTSTATUS rpccli_lsa_enum_trust_dom(struct rpc_pipe_client *cli, return out.status; } -NTSTATUS cli_lsa_enum_trust_dom(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint32 *enum_ctx, - uint32 *num_domains, - char ***domain_names, DOM_SID **domain_sids) -{ - return rpccli_lsa_enum_trust_dom(&cli->pipes[PI_LSARPC], mem_ctx, - pol, enum_ctx, num_domains, - domain_names, domain_sids); -} - /** Enumerate privileges*/ -NTSTATUS cli_lsa_enum_privilege(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_enum_privilege(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 *enum_context, uint32 pref_max_length, uint32 *count, char ***privs_name, uint32 **privs_high, uint32 **privs_low) { @@ -804,27 +609,14 @@ NTSTATUS cli_lsa_enum_privilege(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_q_enum_privs(&q, pol, *enum_context, pref_max_length); - if (!lsa_io_q_enum_privs("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_ENUM_PRIVS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_enum_privs("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_PRIVS, + q, r, + qbuf, rbuf, + lsa_io_q_enum_privs, + lsa_io_r_enum_privs, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -865,15 +657,13 @@ NTSTATUS cli_lsa_enum_privilege(struct cli_state *cli, TALLOC_CTX *mem_ctx, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /** Get privilege name */ -NTSTATUS cli_lsa_get_dispname(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_get_dispname(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, const char *name, uint16 lang_id, uint16 lang_id_sys, fstring description, uint16 *lang_id_desc) @@ -886,27 +676,14 @@ NTSTATUS cli_lsa_get_dispname(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_lsa_priv_get_dispname(&q, pol, name, lang_id, lang_id_sys); - if (!lsa_io_q_priv_get_dispname("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_PRIV_GET_DISPNAME, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_priv_get_dispname("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_PRIV_GET_DISPNAME, + q, r, + qbuf, rbuf, + lsa_io_q_priv_get_dispname, + lsa_io_r_priv_get_dispname, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -918,15 +695,13 @@ NTSTATUS cli_lsa_get_dispname(struct cli_state *cli, TALLOC_CTX *mem_ctx, *lang_id_desc = r.lang_id; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /** Enumerate list of SIDs */ -NTSTATUS cli_lsa_enum_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_enum_sids(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 *enum_ctx, uint32 pref_max_length, uint32 *num_sids, DOM_SID **sids) { @@ -939,27 +714,14 @@ NTSTATUS cli_lsa_enum_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - /* Marshall data and send request */ - init_lsa_q_enum_accounts(&q, pol, *enum_ctx, pref_max_length); - if (!lsa_io_q_enum_accounts("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_ENUM_ACCOUNTS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_enum_accounts("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUM_ACCOUNTS, + q, r, + qbuf, rbuf, + lsa_io_q_enum_accounts, + lsa_io_r_enum_accounts, + NT_STATUS_UNSUCCESSFUL); result = r.status; @@ -989,8 +751,6 @@ NTSTATUS cli_lsa_enum_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, *enum_ctx = r.enum_context; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } @@ -1004,7 +764,7 @@ NTSTATUS cli_lsa_enum_sids(struct cli_state *cli, TALLOC_CTX *mem_ctx, * * */ -NTSTATUS cli_lsa_create_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_create_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *dom_pol, DOM_SID *sid, uint32 desired_access, POLICY_HND *user_pol) { @@ -1016,29 +776,16 @@ NTSTATUS cli_lsa_create_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ init_lsa_q_create_account(&q, dom_pol, sid, desired_access); - /* Marshall data and send request */ - - if (!lsa_io_q_create_account("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_CREATEACCOUNT, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_create_account("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_CREATEACCOUNT, + q, r, + qbuf, rbuf, + lsa_io_q_create_account, + lsa_io_r_create_account, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1046,10 +793,6 @@ NTSTATUS cli_lsa_create_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, *user_pol = r.pol; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -1057,7 +800,7 @@ NTSTATUS cli_lsa_create_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, * * @param cli Handle on an initialised SMB connection */ -NTSTATUS cli_lsa_open_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_open_account(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *dom_pol, DOM_SID *sid, uint32 des_access, POLICY_HND *user_pol) { @@ -1069,29 +812,16 @@ NTSTATUS cli_lsa_open_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ init_lsa_q_open_account(&q, dom_pol, sid, des_access); - /* Marshall data and send request */ - - if (!lsa_io_q_open_account("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_OPENACCOUNT, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_open_account("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENACCOUNT, + q, r, + qbuf, rbuf, + lsa_io_q_open_account, + lsa_io_r_open_account, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1099,10 +829,6 @@ NTSTATUS cli_lsa_open_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, *user_pol = r.pol; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -1110,7 +836,7 @@ NTSTATUS cli_lsa_open_account(struct cli_state *cli, TALLOC_CTX *mem_ctx, * * @param cli Handle on an initialised SMB connection */ -NTSTATUS cli_lsa_enum_privsaccount(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_enum_privsaccount(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 *count, LUID_ATTR **set) { prs_struct qbuf, rbuf; @@ -1122,29 +848,16 @@ NTSTATUS cli_lsa_enum_privsaccount(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ init_lsa_q_enum_privsaccount(&q, pol); - /* Marshall data and send request */ - - if (!lsa_io_q_enum_privsaccount("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_ENUMPRIVSACCOUNT, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_enum_privsaccount("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMPRIVSACCOUNT, + q, r, + qbuf, rbuf, + lsa_io_q_enum_privsaccount, + lsa_io_r_enum_privsaccount, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1169,15 +882,13 @@ NTSTATUS cli_lsa_enum_privsaccount(struct cli_state *cli, TALLOC_CTX *mem_ctx, *count=r.count; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /** Get a privilege value given its name */ -NTSTATUS cli_lsa_lookup_priv_value(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_lookup_priv_value(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, const char *name, LUID *luid) { prs_struct qbuf, rbuf; @@ -1188,27 +899,16 @@ NTSTATUS cli_lsa_lookup_priv_value(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_lsa_q_lookup_priv_value(&q, pol, name); - if (!lsa_io_q_lookup_priv_value("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_LOOKUPPRIVVALUE, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_lookup_priv_value("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_LOOKUPPRIVVALUE, + q, r, + qbuf, rbuf, + lsa_io_q_lookup_priv_value, + lsa_io_r_lookup_priv_value, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1220,15 +920,13 @@ NTSTATUS cli_lsa_lookup_priv_value(struct cli_state *cli, TALLOC_CTX *mem_ctx, (*luid).high=r.luid.high; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /** Query LSA security object */ -NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_query_secobj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 sec_info, SEC_DESC_BUF **psdb) { @@ -1240,27 +938,16 @@ NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_q_query_sec_obj(&q, pol, sec_info); - if (!lsa_io_q_query_sec_obj("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_QUERYSECOBJ, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_query_sec_obj("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYSECOBJ, + q, r, + qbuf, rbuf, + lsa_io_q_query_sec_obj, + lsa_io_r_query_sec_obj, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1272,8 +959,6 @@ NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, *psdb = r.buf; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } @@ -1283,7 +968,7 @@ NTSTATUS cli_lsa_query_secobj(struct cli_state *cli, TALLOC_CTX *mem_ctx, takes a SID directly, avoiding the open_account call. */ -NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_enum_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, DOM_SID *sid, uint32 *count, char ***priv_names) { @@ -1298,24 +983,15 @@ NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_q_enum_acct_rights(&q, pol, 2, sid); - if (!lsa_io_q_enum_acct_rights("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_ENUMACCTRIGHTS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - if (!lsa_io_r_enum_acct_rights("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMACCTRIGHTS, + q, r, + qbuf, rbuf, + lsa_io_q_enum_acct_rights, + lsa_io_r_enum_acct_rights, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1353,10 +1029,9 @@ done: /* add account rights to an account. */ -NTSTATUS cli_lsa_add_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_add_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, DOM_SID sid, - -uint32 count, const char **privs_name) + uint32 count, const char **privs_name) { prs_struct qbuf, rbuf; LSA_Q_ADD_ACCT_RIGHTS q; @@ -1364,26 +1039,17 @@ uint32 count, const char **privs_name) NTSTATUS result; ZERO_STRUCT(q); - - /* Initialise parse structures */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + ZERO_STRUCT(r); /* Marshall data and send request */ init_q_add_acct_rights(&q, pol, &sid, count, privs_name); - if (!lsa_io_q_add_acct_rights("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_ADDACCTRIGHTS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_add_acct_rights("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ADDACCTRIGHTS, + q, r, + qbuf, rbuf, + lsa_io_q_add_acct_rights, + lsa_io_r_add_acct_rights, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1396,7 +1062,7 @@ done: /* remove account rights for an account. */ -NTSTATUS cli_lsa_remove_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_remove_account_rights(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, DOM_SID sid, BOOL removeall, uint32 count, const char **privs_name) { @@ -1406,26 +1072,17 @@ NTSTATUS cli_lsa_remove_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ct NTSTATUS result; ZERO_STRUCT(q); - - /* Initialise parse structures */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + ZERO_STRUCT(r); /* Marshall data and send request */ init_q_remove_acct_rights(&q, pol, &sid, removeall?1:0, count, privs_name); - if (!lsa_io_q_remove_acct_rights("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_REMOVEACCTRIGHTS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_remove_acct_rights("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_REMOVEACCTRIGHTS, + q, r, + qbuf, rbuf, + lsa_io_q_remove_acct_rights, + lsa_io_r_remove_acct_rights, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1539,7 +1196,7 @@ Error was : %s.\n", remote_machine, cli_errstr(&cli) )); #endif -NTSTATUS cli_lsa_open_trusted_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_open_trusted_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, DOM_SID *dom_sid, uint32 access_mask, POLICY_HND *trustdom_pol) { @@ -1551,29 +1208,18 @@ NTSTATUS cli_lsa_open_trusted_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ init_lsa_q_open_trusted_domain(&q, pol, dom_sid, access_mask); /* Marshall data and send request */ - if (!lsa_io_q_open_trusted_domain("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_OPENTRUSTDOM, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_open_trusted_domain("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_OPENTRUSTDOM, + q, r, + qbuf, rbuf, + lsa_io_q_open_trusted_domain, + lsa_io_r_open_trusted_domain, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1581,14 +1227,10 @@ NTSTATUS cli_lsa_open_trusted_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, *trustdom_pol = r.handle; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_lsa_query_trusted_domain_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_query_trusted_domain_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint16 info_class, DOM_SID *dom_sid, LSA_TRUSTED_DOMAIN_INFO **info) @@ -1601,27 +1243,16 @@ NTSTATUS cli_lsa_query_trusted_domain_info(struct cli_state *cli, TALLOC_CTX *me ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_q_query_trusted_domain_info(&q, pol, info_class); - if (!lsa_io_q_query_trusted_domain_info("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_QUERYTRUSTDOMINFO, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_query_trusted_domain_info("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFO, + q, r, + qbuf, rbuf, + lsa_io_q_query_trusted_domain_info, + lsa_io_r_query_trusted_domain_info, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1630,14 +1261,11 @@ NTSTATUS cli_lsa_query_trusted_domain_info(struct cli_state *cli, TALLOC_CTX *me *info = r.info; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_lsa_query_trusted_domain_info_by_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_query_trusted_domain_info_by_sid(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint16 info_class, DOM_SID *dom_sid, LSA_TRUSTED_DOMAIN_INFO **info) @@ -1650,27 +1278,16 @@ NTSTATUS cli_lsa_query_trusted_domain_info_by_sid(struct cli_state *cli, TALLOC_ ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_q_query_trusted_domain_info_by_sid(&q, pol, info_class, dom_sid); - if (!lsa_io_q_query_trusted_domain_info_by_sid("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYSID, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_query_trusted_domain_info("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYSID, + q, r, + qbuf, rbuf, + lsa_io_q_query_trusted_domain_info_by_sid, + lsa_io_r_query_trusted_domain_info, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1679,13 +1296,11 @@ NTSTATUS cli_lsa_query_trusted_domain_info_by_sid(struct cli_state *cli, TALLOC_ *info = r.info; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_lsa_query_trusted_domain_info_by_name(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_lsa_query_trusted_domain_info_by_name(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint16 info_class, const char *domain_name, LSA_TRUSTED_DOMAIN_INFO **info) @@ -1698,27 +1313,16 @@ NTSTATUS cli_lsa_query_trusted_domain_info_by_name(struct cli_state *cli, TALLOC ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_q_query_trusted_domain_info_by_name(&q, pol, info_class, domain_name); - if (!lsa_io_q_query_trusted_domain_info_by_name("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYNAME, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!lsa_io_r_query_trusted_domain_info("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_QUERYTRUSTDOMINFOBYNAME, + q, r, + qbuf, rbuf, + lsa_io_q_query_trusted_domain_info_by_name, + lsa_io_r_query_trusted_domain_info, + NT_STATUS_UNSUCCESSFUL); if (!NT_STATUS_IS_OK(result = r.status)) { goto done; @@ -1727,11 +1331,6 @@ NTSTATUS cli_lsa_query_trusted_domain_info_by_name(struct cli_state *cli, TALLOC *info = r.info; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } - -/** @} **/ - diff --git a/source3/rpc_client/cli_netlogon.c b/source3/rpc_client/cli_netlogon.c index fad60dbc20d..88b6c792ebf 100644 --- a/source3/rpc_client/cli_netlogon.c +++ b/source3/rpc_client/cli_netlogon.c @@ -2,12 +2,9 @@ Unix SMB/CIFS implementation. NT Domain Authentication SMB / MSRPC client Copyright (C) Andrew Tridgell 1992-2000 - Copyright (C) Luke Kenneth Casson Leighton 1996-2000 - Copyright (C) Tim Potter 2001 - Copyright (C) Paul Ashton 1997. Copyright (C) Jeremy Allison 1998. - Copyright (C) Andrew Bartlett 2001. - + Largely re-written by Jeremy Allison (C) 2005. + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or @@ -26,104 +23,52 @@ #include "includes.h" /* LSA Request Challenge. Sends our challenge to server, then gets - server response. These are used to generate the credentials. */ - -NTSTATUS cli_net_req_chal(struct cli_state *cli, DOM_CHAL *clnt_chal, - DOM_CHAL *srv_chal) -{ - prs_struct qbuf, rbuf; - NET_Q_REQ_CHAL q; - NET_R_REQ_CHAL r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL); - prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL); - - /* create and send a MSRPC command with api NET_REQCHAL */ - - DEBUG(4,("cli_net_req_chal: LSA Request Challenge from %s to %s: %s\n", - global_myname(), cli->desthost, credstr(clnt_chal->data))); - - /* store the parameters */ - init_q_req_chal(&q, cli->srv_name_slash, global_myname(), clnt_chal); - - /* Marshall data and send request */ - - if (!net_io_q_req_chal("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_REQCHAL, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarhall response */ - - if (!net_io_r_req_chal("", &r, &rbuf, 0)) { - goto done; - } - - result = r.status; - - /* Return result */ - - if (NT_STATUS_IS_OK(result)) { - memcpy(srv_chal, r.srv_chal.data, sizeof(srv_chal->data)); - } - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - - return result; -} + server response. These are used to generate the credentials. + The sent and received challenges are stored in the netlog pipe + private data. Only call this via rpccli_netlogon_setup_creds(). JRA. +*/ -NTSTATUS rpccli_net_req_chal(struct rpc_pipe_client *cli, - const char *server_name, - const char *computer_name, - DOM_CHAL *clnt_chal, DOM_CHAL *srv_chal) +static NTSTATUS rpccli_net_req_chal(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name, + const char *clnt_name, + const DOM_CHAL *clnt_chal_in, + DOM_CHAL *srv_chal_out) { - prs_struct qbuf, rbuf; - NET_Q_REQ_CHAL q; - NET_R_REQ_CHAL r; - NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + prs_struct qbuf, rbuf; + NET_Q_REQ_CHAL q; + NET_R_REQ_CHAL r; + NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - prs_init(&qbuf, MAX_PDU_FRAG_LEN, cli->cli->mem_ctx, MARSHALL); - prs_init(&rbuf, 0, cli->cli->mem_ctx, UNMARSHALL); - - /* create and send a MSRPC command with api NET_REQCHAL */ + /* create and send a MSRPC command with api NET_REQCHAL */ - DEBUG(4,("cli_net_req_chal: LSA Request Challenge from %s to %s\n", - computer_name, server_name)); - - /* store the parameters */ - init_q_req_chal(&q, server_name, computer_name, clnt_chal); + DEBUG(4,("cli_net_req_chal: LSA Request Challenge from %s to %s\n", + clnt_name, server_name)); - /* Marshall data and send request */ + /* store the parameters */ + init_q_req_chal(&q, server_name, clnt_name, clnt_chal_in); - if (!net_io_q_req_chal("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, NET_REQCHAL, &qbuf, &rbuf)) { - goto done; - } + /* Marshall data and send request */ + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_REQCHAL, + q, r, + qbuf, rbuf, + net_io_q_req_chal, + net_io_r_req_chal, + NT_STATUS_UNSUCCESSFUL); - /* Unmarhall response */ + result = r.status; - if (!net_io_r_req_chal("", &r, &rbuf, 0)) { - goto done; - } + /* Return result */ - result = r.status; - - /* Return result */ + if (NT_STATUS_IS_OK(result)) { + /* Store the returned server challenge. */ + *srv_chal_out = r.srv_chal; + } - if (NT_STATUS_IS_OK(result)) { - memcpy(srv_chal, r.srv_chal.data, sizeof(srv_chal->data)); - } - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - - return result; + return result; } +#if 0 /**************************************************************************** LSA Authenticate 2 @@ -132,7 +77,7 @@ Ensure that the server credential returned matches the session key encrypt of the server challenge originally received. JRA. ****************************************************************************/ -NTSTATUS cli_net_auth2(struct cli_state *cli, + NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli, uint16 sec_chan, uint32 *neg_flags, DOM_CHAL *srv_chal) { @@ -142,9 +87,6 @@ NTSTATUS cli_net_auth2(struct cli_state *cli, NTSTATUS result = NT_STATUS_UNSUCCESSFUL; fstring machine_acct; - prs_init(&qbuf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL); - prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL); - if ( sec_chan == SEC_CHAN_DOMAIN ) fstr_sprintf( machine_acct, "%s$", lp_workgroup() ); else @@ -164,16 +106,12 @@ NTSTATUS cli_net_auth2(struct cli_state *cli, /* turn parameters into data stream */ - if (!net_io_q_auth_2("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_AUTH2, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!net_io_r_auth_2("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH2, + q, r, + qbuf, rbuf, + net_io_q_auth_2, + net_io_r_auth_2, + NT_STATUS_UNSUCCESSFUL); result = r.status; @@ -186,259 +124,257 @@ NTSTATUS cli_net_auth2(struct cli_state *cli, */ zerotime.time = 0; - if (cred_assert( &r.srv_chal, cli->sess_key, srv_chal, - zerotime) == 0) { + if (cred_assert( &r.srv_chal, cli->sess_key, srv_chal, zerotime) == 0) { /* * Server replied with bad credential. Fail. */ DEBUG(0,("cli_net_auth2: server %s replied with bad credential (bad machine \ -password ?).\n", cli->desthost )); - result = NT_STATUS_ACCESS_DENIED; - goto done; +password ?).\n", cli->cli->desthost )); + return NT_STATUS_ACCESS_DENIED; } *neg_flags = r.srv_flgs.neg_flags; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } +#endif + +/**************************************************************************** + LSA Authenticate 2 -NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli, - const char *server_name, - const char *account_name, - uint16 sec_chan_type, - const char *computer_name, - const DOM_CHAL *credentials, - uint32 *neg_flags, - DOM_CHAL *srv_chal) + Send the client credential, receive back a server credential. + The caller *must* ensure that the server credential returned matches the session key + encrypt of the server challenge originally received. JRA. +****************************************************************************/ + +static NTSTATUS rpccli_net_auth2(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name, + const char *account_name, + uint16 sec_chan_type, + const char *computer_name, + uint32 *neg_flags_inout, + const DOM_CHAL *clnt_chal_in, + DOM_CHAL *srv_chal_out) { prs_struct qbuf, rbuf; NET_Q_AUTH_2 q; NET_R_AUTH_2 r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - prs_init(&qbuf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL); - prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL); - /* create and send a MSRPC command with api NET_AUTH2 */ DEBUG(4,("cli_net_auth2: srv:%s acct:%s sc:%x mc: %s neg: %x\n", server_name, account_name, sec_chan_type, computer_name, - *neg_flags)); + *neg_flags_inout)); /* store the parameters */ init_q_auth_2(&q, server_name, account_name, sec_chan_type, - computer_name, credentials, *neg_flags); + computer_name, clnt_chal_in, *neg_flags_inout); /* turn parameters into data stream */ - if (!net_io_q_auth_2("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, NET_AUTH2, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!net_io_r_auth_2("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH2, + q, r, + qbuf, rbuf, + net_io_q_auth_2, + net_io_r_auth_2, + NT_STATUS_UNSUCCESSFUL); result = r.status; if (NT_STATUS_IS_OK(result)) { - *srv_chal = r.srv_chal; - *neg_flags = r.srv_flgs.neg_flags; + *srv_chal_out = r.srv_chal; + *neg_flags_inout = r.srv_flgs.neg_flags; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } +#if 0 /* not currebntly used */ /**************************************************************************** -LSA Authenticate 3 + LSA Authenticate 3 -Send the client credential, receive back a server credential. -Ensure that the server credential returned matches the session key -encrypt of the server challenge originally received. JRA. + Send the client credential, receive back a server credential. + The caller *must* ensure that the server credential returned matches the session key + encrypt of the server challenge originally received. JRA. ****************************************************************************/ -NTSTATUS cli_net_auth3(struct cli_state *cli, - uint16 sec_chan, - uint32 *neg_flags, DOM_CHAL *srv_chal) +static NTSTATUS rpccli_net_auth3(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *server_name, + const char *account_name, + uint16 sec_chan_type, + const char *computer_name, + uint32 *neg_flags_inout, + const DOM_CHAL *clnt_chal_in, + DOM_CHAL *srv_chal_out) { prs_struct qbuf, rbuf; NET_Q_AUTH_3 q; NET_R_AUTH_3 r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - prs_init(&qbuf, MAX_PDU_FRAG_LEN, cli->mem_ctx, MARSHALL); - prs_init(&rbuf, 0, cli->mem_ctx, UNMARSHALL); - /* create and send a MSRPC command with api NET_AUTH2 */ DEBUG(4,("cli_net_auth3: srv:%s acct:%s sc:%x mc: %s chal %s neg: %x\n", - cli->srv_name_slash, cli->mach_acct, sec_chan, global_myname(), - credstr(cli->clnt_cred.challenge.data), *neg_flags)); + server_name, account_name, sec_chan_type, computer_name, + credstr(clnt_chal_in->data), *neg_flags_inout)); /* store the parameters */ - init_q_auth_3(&q, cli->srv_name_slash, cli->mach_acct, - sec_chan, global_myname(), &cli->clnt_cred.challenge, - *neg_flags); + init_q_auth_3(&q, server_name, account_name, sec_chan_type, + computer_name, clnt_chal_in, *neg_flags_inout); /* turn parameters into data stream */ - if (!net_io_q_auth_3("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_AUTH3, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!net_io_r_auth_3("", &r, &rbuf, 0)) { - goto done; - } - - result = r.status; + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_AUTH3, + q, r, + qbuf, rbuf, + net_io_q_auth_3, + net_io_r_auth_3, + NT_STATUS_UNSUCCESSFUL); if (NT_STATUS_IS_OK(result)) { - UTIME zerotime; - - /* - * Check the returned value using the initial - * server received challenge. - */ - - zerotime.time = 0; - if (cred_assert( &r.srv_chal, cli->sess_key, srv_chal, - zerotime) == 0) { - - /* - * Server replied with bad credential. Fail. - */ - DEBUG(0,("cli_net_auth3: server %s replied with bad credential (bad machine \ -password ?).\n", cli->desthost )); - result = NT_STATUS_ACCESS_DENIED; - goto done; - } - *neg_flags = r.srv_flgs.neg_flags; + *srv_chal_out = r.srv_chal; + *neg_flags_inout = r.srv_flgs.neg_flags; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } +#endif /* not currebntly used */ -/* Initialize domain session credentials */ +/**************************************************************************** + Wrapper function that uses the auth and auth2 calls to set up a NETLOGON + credentials chain. Stores the credentials in the struct dcinfo in the + netlogon pipe struct. +****************************************************************************/ -NTSTATUS cli_nt_setup_creds(struct cli_state *cli, - uint16 sec_chan, - const unsigned char mach_pwd[16], uint32 *neg_flags, int level) +NTSTATUS rpccli_netlogon_setup_creds(struct rpc_pipe_client *cli, + const char *server_name, + const char *domain, + const char *machine_account, + const char machine_pwd[16], + uint32 sec_chan_type, + uint32 *neg_flags_inout) { - DOM_CHAL clnt_chal; - DOM_CHAL srv_chal; - UTIME zerotime; - NTSTATUS result; + NTSTATUS result; + DOM_CHAL clnt_chal_send; + DOM_CHAL srv_chal_recv; + struct dcinfo *dc; - /******************* Request Challenge ********************/ + SMB_ASSERT(cli->pipe_idx == PI_NETLOGON); - generate_random_buffer(clnt_chal.data, 8); - - /* send a client challenge; receive a server challenge */ - result = cli_net_req_chal(cli, &clnt_chal, &srv_chal); + dc = cli->dc; + if (!dc) { + return NT_STATUS_INVALID_PARAMETER; + } - if (!NT_STATUS_IS_OK(result)) { - DEBUG(0,("cli_nt_setup_creds: request challenge failed\n")); - return result; - } - - /**************** Long-term Session key **************/ + /* Ensure we don't reuse any of this state. */ + ZERO_STRUCTP(dc); + + /* Store the machine account password we're going to use. */ + memcpy(dc->mach_pw, machine_pwd, 16); - /* calculate the session key */ - cred_session_key(&clnt_chal, &srv_chal, mach_pwd, - cli->sess_key); - memset((char *)cli->sess_key+8, '\0', 8); + fstrcpy(dc->remote_machine, "\\\\"); + fstrcat(dc->remote_machine, server_name); - /******************* Authenticate 2/3 ********************/ + fstrcpy(dc->domain, domain); - /* calculate auth-2/3 credentials */ - zerotime.time = 0; - cred_create(cli->sess_key, &clnt_chal, zerotime, &cli->clnt_cred.challenge); + fstr_sprintf( dc->mach_acct, "%s$", machine_account); + + /* Create the client challenge. */ + generate_random_buffer(clnt_chal_send.data, 8); + + /* Get the server challenge. */ + result = rpccli_net_req_chal(cli, + cli->mem_ctx, + dc->remote_machine, + machine_account, + &clnt_chal_send, + &srv_chal_recv); + + if (!NT_STATUS_IS_OK(result)) { + return result; + } + + /* Calculate the session key and client credentials */ + creds_client_init(dc, + &clnt_chal_send, + &srv_chal_recv, + machine_pwd, + &clnt_chal_send); /* - * Send client auth-2/3 challenge. - * Receive an auth-2/3 challenge response and check it. + * Send client auth-2 challenge and receive server repy. */ - switch (level) { - case 2: - result = cli_net_auth2(cli, sec_chan, neg_flags, &srv_chal); - break; - case 3: - result = cli_net_auth3(cli, sec_chan, neg_flags, &srv_chal); - break; - default: - DEBUG(1,("cli_nt_setup_creds: unsupported auth level: %d\n", level)); - break; + + result = rpccli_net_auth2(cli, + cli->mem_ctx, + dc->remote_machine, + dc->mach_acct, + sec_chan_type, + machine_account, + neg_flags_inout, + &clnt_chal_send, /* input. */ + &srv_chal_recv); /* output */ + + if (!NT_STATUS_IS_OK(result)) { + return result; } - if (!NT_STATUS_IS_OK(result)) - DEBUG(3,("cli_nt_setup_creds: auth%d challenge failed %s\n", level, nt_errstr(result))); + /* + * Check the returned value using the initial + * server received challenge. + */ - return result; + if (!creds_client_check(dc, &srv_chal_recv)) { + /* + * Server replied with bad credential. Fail. + */ + DEBUG(0,("rpccli_netlogon_setup_creds: server %s " + "replied with bad credential\n", + cli->cli->desthost )); + return NT_STATUS_ACCESS_DENIED; + } + + DEBUG(5,("rpccli_netlogon_setup_creds: server %s credential " + "chain established.\n", + cli->cli->desthost )); + + return NT_STATUS_OK; } /* Logon Control 2 */ -NTSTATUS cli_netlogon_logon_ctrl2(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_netlogon_logon_ctrl2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 query_level) { prs_struct qbuf, rbuf; NET_Q_LOGON_CTRL2 q; NET_R_LOGON_CTRL2 r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_net_q_logon_ctrl2(&q, cli->srv_name_slash, query_level); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + init_net_q_logon_ctrl2(&q, server, query_level); /* Marshall data and send request */ - if (!net_io_q_logon_ctrl2("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_LOGON_CTRL2, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!net_io_r_logon_ctrl2("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_LOGON_CTRL2, + q, r, + qbuf, rbuf, + net_io_q_logon_ctrl2, + net_io_r_logon_ctrl2, + NT_STATUS_UNSUCCESSFUL); result = r.status; - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -456,72 +392,29 @@ NTSTATUS rpccli_netlogon_getdcname(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ init_net_q_getdcname(&q, mydcname, domainname); /* Marshall data and send request */ - if (!net_io_q_getdcname("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, NET_GETDCNAME, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!net_io_r_getdcname("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - result = r.status; + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_GETDCNAME, + q, r, + qbuf, rbuf, + net_io_q_getdcname, + net_io_r_getdcname, + NT_STATUS_UNSUCCESSFUL); - if (NT_STATUS_IS_OK(result)) + if (NT_STATUS_IS_OK(result)) { rpcstr_pull_unistr2_fstring(newdcname, &r.uni_dcname); - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + } return result; } -NTSTATUS cli_netlogon_getdcname(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const char *domainname, fstring dcname) -{ - return rpccli_netlogon_getdcname(&cli->pipes[PI_NETLOGON], mem_ctx, - cli->srv_name_slash, domainname, - dcname); -} - -/**************************************************************************** -Generate the next creds to use. -****************************************************************************/ - -static void gen_next_creds( struct cli_state *cli, DOM_CRED *new_clnt_cred) -{ - /* - * Create the new client credentials. - */ - - cli->clnt_cred.timestamp.time = time(NULL); - - memcpy(new_clnt_cred, &cli->clnt_cred, sizeof(*new_clnt_cred)); - - /* Calculate the new credentials. */ - cred_create(cli->sess_key, &(cli->clnt_cred.challenge), - new_clnt_cred->timestamp, &(new_clnt_cred->challenge)); -} - /* Sam synchronisation */ -NTSTATUS cli_netlogon_sam_sync(struct cli_state *cli, TALLOC_CTX *mem_ctx, DOM_CRED *ret_creds, +NTSTATUS rpccli_netlogon_sam_sync(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 database_id, uint32 next_rid, uint32 *num_deltas, SAM_DELTA_HDR **hdr_deltas, SAM_DELTA_CTR **deltas) @@ -531,36 +424,31 @@ NTSTATUS cli_netlogon_sam_sync(struct cli_state *cli, TALLOC_CTX *mem_ctx, DOM_C NET_R_SAM_SYNC r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; DOM_CRED clnt_creds; + DOM_CRED ret_creds; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + ZERO_STRUCT(ret_creds); /* Initialise input parameters */ - gen_next_creds(cli, &clnt_creds); + creds_client_step(cli->dc, &clnt_creds); - init_net_q_sam_sync(&q, cli->srv_name_slash, cli->clnt_name_slash + 2, - &clnt_creds, ret_creds, database_id, next_rid); + prs_set_session_key(&qbuf, cli->dc->sess_key); + prs_set_session_key(&rbuf, cli->dc->sess_key); - /* Marshall data and send request */ - - if (!net_io_q_sam_sync("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_SAM_SYNC, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + init_net_q_sam_sync(&q, cli->dc->remote_machine, global_myname(), + &clnt_creds, &ret_creds, database_id, next_rid); - /* Unmarshall response */ + /* Marshall data and send request */ - if (!net_io_r_sam_sync("", cli->sess_key, &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_SYNC, + q, r, + qbuf, rbuf, + net_io_q_sam_sync, + net_io_r_sam_sync, + NT_STATUS_UNSUCCESSFUL); /* Return results */ @@ -569,18 +457,20 @@ NTSTATUS cli_netlogon_sam_sync(struct cli_state *cli, TALLOC_CTX *mem_ctx, DOM_C *hdr_deltas = r.hdr_deltas; *deltas = r.deltas; - memcpy(ret_creds, &r.srv_creds, sizeof(*ret_creds)); - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + if (!NT_STATUS_IS_ERR(result)) { + /* Check returned credentials. */ + if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) { + DEBUG(0,("cli_netlogon_sam_sync: credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + } return result; } /* Sam synchronisation */ -NTSTATUS cli_netlogon_sam_deltas(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_netlogon_sam_deltas(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 database_id, UINT64_S seqnum, uint32 *num_deltas, SAM_DELTA_HDR **hdr_deltas, @@ -595,33 +485,22 @@ NTSTATUS cli_netlogon_sam_deltas(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - gen_next_creds(cli, &clnt_creds); + creds_client_step(cli->dc, &clnt_creds); - init_net_q_sam_deltas(&q, cli->srv_name_slash, - cli->clnt_name_slash + 2, &clnt_creds, + init_net_q_sam_deltas(&q, cli->dc->remote_machine, + global_myname(), &clnt_creds, database_id, seqnum); /* Marshall data and send request */ - if (!net_io_q_sam_deltas("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_SAM_DELTAS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!net_io_r_sam_deltas("", cli->sess_key, &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAM_DELTAS, + q, r, + qbuf, rbuf, + net_io_q_sam_deltas, + net_io_r_sam_deltas, + NT_STATUS_UNSUCCESSFUL); /* Return results */ @@ -630,47 +509,49 @@ NTSTATUS cli_netlogon_sam_deltas(struct cli_state *cli, TALLOC_CTX *mem_ctx, *hdr_deltas = r.hdr_deltas; *deltas = r.deltas; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + if (!NT_STATUS_IS_ERR(result)) { + /* Check returned credentials. */ + if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) { + DEBUG(0,("cli_netlogon_sam_sync: credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + } return result; } /* Logon domain user */ -NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx, - DOM_CRED *ret_creds, - const char *username, const char *password, +NTSTATUS rpccli_netlogon_sam_logon(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + const char *domain, + const char *username, + const char *password, int logon_type) { prs_struct qbuf, rbuf; NET_Q_SAM_LOGON q; NET_R_SAM_LOGON r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - DOM_CRED clnt_creds, dummy_rtn_creds; + DOM_CRED clnt_creds; + DOM_CRED ret_creds; NET_ID_INFO_CTR ctr; NET_USER_INFO_3 user; int validation_level = 3; + fstring clnt_name_slash; ZERO_STRUCT(q); ZERO_STRUCT(r); - ZERO_STRUCT(dummy_rtn_creds); - - /* Initialise parse structures */ + ZERO_STRUCT(ret_creds); - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + fstr_sprintf( clnt_name_slash, "\\\\%s", global_myname() ); /* Initialise input parameters */ - gen_next_creds(cli, &clnt_creds); + creds_client_step(cli->dc, &clnt_creds); q.validation_level = validation_level; - if (ret_creds == NULL) - ret_creds = &dummy_rtn_creds; - ctr.switch_value = logon_type; switch (logon_type) { @@ -679,11 +560,11 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx, nt_lm_owf_gen(password, nt_owf_user_pwd, lm_owf_user_pwd); - init_id_info1(&ctr.auth.id1, lp_workgroup(), + init_id_info1(&ctr.auth.id1, domain, 0, /* param_ctrl */ 0xdead, 0xbeef, /* LUID? */ - username, cli->clnt_name_slash, - (const char *)cli->sess_key, lm_owf_user_pwd, + username, clnt_name_slash, + cli->dc->sess_key, lm_owf_user_pwd, nt_owf_user_pwd); break; @@ -698,46 +579,45 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx, SMBencrypt(password, chal, local_lm_response); SMBNTencrypt(password, chal, local_nt_response); - init_id_info2(&ctr.auth.id2, lp_workgroup(), + init_id_info2(&ctr.auth.id2, domain, 0, /* param_ctrl */ 0xdead, 0xbeef, /* LUID? */ - username, cli->clnt_name_slash, chal, + username, clnt_name_slash, chal, local_lm_response, 24, local_nt_response, 24); break; } default: DEBUG(0, ("switch value %d not supported\n", ctr.switch_value)); - goto done; + return NT_STATUS_INVALID_INFO_CLASS; } - init_sam_info(&q.sam_id, cli->srv_name_slash, global_myname(), - &clnt_creds, ret_creds, logon_type, + r.user = &user; + + init_sam_info(&q.sam_id, cli->dc->remote_machine, global_myname(), + &clnt_creds, &ret_creds, logon_type, &ctr); /* Marshall data and send request */ - if (!net_io_q_sam_logon("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_NETLOGON, NET_SAMLOGON, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - r.user = &user; - - if (!net_io_r_sam_logon("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON, + q, r, + qbuf, rbuf, + net_io_q_sam_logon, + net_io_r_sam_logon, + NT_STATUS_UNSUCCESSFUL); /* Return results */ result = r.status; - memcpy(ret_creds, &r.srv_creds, sizeof(*ret_creds)); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + if (r.buffer_creds) { + /* Check returned credentials if present. */ + if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) { + DEBUG(0,("rpccli_netlogon_sam_logon: credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + } return result; } @@ -751,52 +631,55 @@ NTSTATUS cli_netlogon_sam_logon(struct cli_state *cli, TALLOC_CTX *mem_ctx, NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - const char *server_name_slash, - DOM_CRED *clnt_creds, - DOM_CRED *ret_creds, + const char *server, const char *username, const char *domain, const char *workstation, const uint8 chal[8], DATA_BLOB lm_response, DATA_BLOB nt_response, - NET_USER_INFO_3 *info3, - const uint8 *session_key) + NET_USER_INFO_3 *info3) { prs_struct qbuf, rbuf; NET_Q_SAM_LOGON q; NET_R_SAM_LOGON r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - DOM_CRED dummy_rtn_creds; NET_ID_INFO_CTR ctr; int validation_level = 3; - char *workstation_name_slash; - uint8 netlogon_sess_key[16]; + const char *workstation_name_slash; + const char *server_name_slash; static uint8 zeros[16]; + DOM_CRED clnt_creds; + DOM_CRED ret_creds; int i; ZERO_STRUCT(q); ZERO_STRUCT(r); - ZERO_STRUCT(dummy_rtn_creds); + ZERO_STRUCT(ret_creds); - workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation); - if (!workstation_name_slash) { - DEBUG(0, ("talloc_asprintf failed!\n")); - return NT_STATUS_NO_MEMORY; + creds_client_step(cli->dc, &clnt_creds); + + if (server[0] != '\\' && server[1] != '\\') { + server_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", server); + } else { + server_name_slash = server; } - /* Initialise parse structures */ + if (workstation[0] != '\\' && workstation[1] != '\\') { + workstation_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", workstation); + } else { + workstation_name_slash = workstation; + } - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + if (!workstation_name_slash || !server_name_slash) { + DEBUG(0, ("talloc_asprintf failed!\n")); + return NT_STATUS_NO_MEMORY; + } /* Initialise input parameters */ q.validation_level = validation_level; - if (ret_creds == NULL) - ret_creds = &dummy_rtn_creds; - ctr.switch_value = NET_LOGON_TYPE; init_id_info2(&ctr.auth.id2, domain, @@ -806,35 +689,28 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, lm_response.data, lm_response.length, nt_response.data, nt_response.length); init_sam_info(&q.sam_id, server_name_slash, global_myname(), - clnt_creds, ret_creds, NET_LOGON_TYPE, + &clnt_creds, &ret_creds, NET_LOGON_TYPE, &ctr); - /* Marshall data and send request */ - - if (!net_io_q_sam_logon("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, NET_SAMLOGON, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - r.user = info3; - if (!net_io_r_sam_logon("", &r, &rbuf, 0)) { - goto done; - } + /* Marshall data and send request */ + + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SAMLOGON, + q, r, + qbuf, rbuf, + net_io_q_sam_logon, + net_io_r_sam_logon, + NT_STATUS_UNSUCCESSFUL); - ZERO_STRUCT(netlogon_sess_key); - memcpy(netlogon_sess_key, session_key, 8); - if (memcmp(zeros, info3->user_sess_key, 16) != 0) { - SamOEMhash(info3->user_sess_key, netlogon_sess_key, 16); + SamOEMhash(info3->user_sess_key, cli->dc->sess_key, 16); } else { memset(info3->user_sess_key, '\0', 16); } if (memcmp(zeros, info3->lm_sess_key, 8) != 0) { - SamOEMhash(info3->lm_sess_key, netlogon_sess_key, 8); + SamOEMhash(info3->lm_sess_key, cli->dc->sess_key, 8); } else { memset(info3->lm_sess_key, '\0', 8); } @@ -847,108 +723,62 @@ NTSTATUS rpccli_netlogon_sam_network_logon(struct rpc_pipe_client *cli, /* Return results */ result = r.status; - memcpy(ret_creds, &r.srv_creds, sizeof(*ret_creds)); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + if (r.buffer_creds) { + /* Check returned credentials if present. */ + if (!creds_client_check(cli->dc, &r.srv_creds.challenge)) { + DEBUG(0,("rpccli_netlogon_sam_network_logon: credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + } return result; } -NTSTATUS cli_netlogon_sam_network_logon(struct cli_state *cli, - TALLOC_CTX *mem_ctx, - DOM_CRED *ret_creds, - const char *username, - const char *domain, - const char *workstation, - const uint8 chal[8], - DATA_BLOB lm_response, - DATA_BLOB nt_response, - NET_USER_INFO_3 *info3) -{ - DOM_CRED clnt_creds; - - gen_next_creds(cli, &clnt_creds); - - return rpccli_netlogon_sam_network_logon(&cli->pipes[PI_NETLOGON], - mem_ctx, cli->srv_name_slash, - &clnt_creds, - ret_creds, username, - domain, workstation, chal, - lm_response, nt_response, - info3, cli->sess_key); -} - /*************************************************************************** LSA Server Password Set. ****************************************************************************/ -NTSTATUS cli_net_srv_pwset(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_net_srv_pwset(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *machine_name, uint8 hashed_mach_pwd[16]) { prs_struct rbuf; prs_struct qbuf; - DOM_CRED new_clnt_cred; - NET_Q_SRV_PWSET q_s; + DOM_CRED clnt_creds; + NET_Q_SRV_PWSET q; + NET_R_SRV_PWSET r; uint16 sec_chan_type = 2; - NTSTATUS nt_status; + NTSTATUS result; - gen_next_creds( cli, &new_clnt_cred); - - prs_init(&qbuf , 1024, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + creds_client_step(cli->dc, &clnt_creds); - DEBUG(4,("cli_net_srv_pwset: srv:%s acct:%s sc: %d mc: %s clnt %s %x\n", - cli->srv_name_slash, cli->mach_acct, sec_chan_type, machine_name, - credstr(new_clnt_cred.challenge.data), new_clnt_cred.timestamp.time)); + DEBUG(4,("cli_net_srv_pwset: srv:%s acct:%s sc: %d mc: %s\n", + cli->dc->remote_machine, cli->dc->mach_acct, sec_chan_type, machine_name)); /* store the parameters */ - init_q_srv_pwset(&q_s, cli->srv_name_slash, (const char *)cli->sess_key, - cli->mach_acct, sec_chan_type, machine_name, - &new_clnt_cred, hashed_mach_pwd); - - /* turn parameters into data stream */ - if(!net_io_q_srv_pwset("", &q_s, &qbuf, 0)) { - DEBUG(0,("cli_net_srv_pwset: Error : failed to marshall NET_Q_SRV_PWSET struct.\n")); - nt_status = NT_STATUS_UNSUCCESSFUL; - goto done; - } + init_q_srv_pwset(&q, cli->dc->remote_machine, (const char *)cli->dc->sess_key, + cli->dc->mach_acct, sec_chan_type, machine_name, + &clnt_creds, hashed_mach_pwd); - /* send the data on \PIPE\ */ - if (rpc_api_pipe_req(cli, PI_NETLOGON, NET_SRVPWSET, &qbuf, &rbuf)) - { - NET_R_SRV_PWSET r_s; - - if (!net_io_r_srv_pwset("", &r_s, &rbuf, 0)) { - nt_status = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - nt_status = r_s.status; + CLI_DO_RPC(cli, mem_ctx, PI_NETLOGON, NET_SRVPWSET, + q, r, + qbuf, rbuf, + net_io_q_srv_pwset, + net_io_r_srv_pwset, + NT_STATUS_UNSUCCESSFUL); - if (!NT_STATUS_IS_OK(r_s.status)) - { - /* report error code */ - DEBUG(0,("cli_net_srv_pwset: %s\n", nt_errstr(nt_status))); - } + result = r.status; - /* Update the credentials. */ - if (!clnt_deal_with_creds(cli->sess_key, &(cli->clnt_cred), &(r_s.srv_cred))) - { - /* - * Server replied with bad credential. Fail. - */ - DEBUG(0,("cli_net_srv_pwset: server %s replied with bad credential (bad machine \ -password ?).\n", cli->desthost )); - nt_status = NT_STATUS_UNSUCCESSFUL; - } + if (!NT_STATUS_IS_OK(result)) { + /* report error code */ + DEBUG(0,("cli_net_srv_pwset: %s\n", nt_errstr(result))); } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - - return nt_status; -} + /* Always check returned credentials. */ + if (!creds_client_check(cli->dc, &r.srv_cred.challenge)) { + DEBUG(0,("rpccli_net_srv_pwset: credentials chain check failed\n")); + return NT_STATUS_ACCESS_DENIED; + } + return result; +} diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c index 230750817a9..df34b1c3d95 100644 --- a/source3/rpc_client/cli_pipe.c +++ b/source3/rpc_client/cli_pipe.c @@ -1,11 +1,7 @@ /* * Unix SMB/CIFS implementation. * RPC Pipe client / server routines - * Copyright (C) Andrew Tridgell 1992-1998, - * Copyright (C) Luke Kenneth Casson Leighton 1996-1998, - * Copyright (C) Paul Ashton 1998. - * Copyright (C) Jeremy Allison 1999. - * Copyright (C) Andrew Bartlett 2003. + * Largely rewritten by Jeremy Allison 2005. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -29,23 +25,37 @@ extern struct pipe_id_info pipe_names[]; -/* convert pipe auth flags into the RPC auth type and level */ +/******************************************************************** + Map internal value to wire value. + ********************************************************************/ -void get_auth_type_level(int pipe_auth_flags, int *auth_type, int *auth_level) +static int map_pipe_auth_type_to_rpc_auth_type(enum pipe_auth_type auth_type) { - *auth_type = 0; - *auth_level = 0; - if (pipe_auth_flags & AUTH_PIPE_SEAL) { - *auth_level = RPC_PIPE_AUTH_SEAL_LEVEL; - } else if (pipe_auth_flags & AUTH_PIPE_SIGN) { - *auth_level = RPC_PIPE_AUTH_SIGN_LEVEL; - } - - if (pipe_auth_flags & AUTH_PIPE_NETSEC) { - *auth_type = NETSEC_AUTH_TYPE; - } else if (pipe_auth_flags & AUTH_PIPE_NTLMSSP) { - *auth_type = NTLMSSP_AUTH_TYPE; + switch (auth_type) { + + case PIPE_AUTH_TYPE_NONE: + return RPC_ANONYMOUS_AUTH_TYPE; + + case PIPE_AUTH_TYPE_NTLMSSP: + return RPC_NTLMSSP_AUTH_TYPE; + + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + case PIPE_AUTH_TYPE_SPNEGO_KRB5: + return RPC_SPNEGO_AUTH_TYPE; + + case PIPE_AUTH_TYPE_SCHANNEL: + return RPC_SCHANNEL_AUTH_TYPE; + + case PIPE_AUTH_TYPE_KRB5: + return RPC_KRB5_AUTH_TYPE; + + default: + DEBUG(0,("map_pipe_auth_type_to_rpc_type: unknown pipe " + "auth type %u\n", + (unsigned int)auth_type )); + break; } + return -1; } /******************************************************************** @@ -60,55 +70,81 @@ static uint32 get_rpc_call_id(void) /******************************************************************* Use SMBreadX to get rest of one fragment's worth of rpc data. + Will expand the current_pdu struct to the correct size. ********************************************************************/ -static BOOL rpc_read(struct rpc_pipe_client *cli, prs_struct *rdata, - uint32 data_to_read, uint32 *rdata_offset) +static NTSTATUS rpc_read(struct rpc_pipe_client *cli, + prs_struct *current_pdu, + uint32 data_to_read, + uint32 *current_pdu_offset) { size_t size = (size_t)cli->max_recv_frag; - int stream_offset = 0; - int num_read; + uint32 stream_offset = 0; + ssize_t num_read; char *pdata; - int extra_data_size = ((int)*rdata_offset) + ((int)data_to_read) - (int)prs_data_size(rdata); + ssize_t extra_data_size = ((ssize_t)*current_pdu_offset) + ((ssize_t)data_to_read) - (ssize_t)prs_data_size(current_pdu); - DEBUG(5,("rpc_read: data_to_read: %u rdata offset: %u extra_data_size: %d\n", - (int)data_to_read, (unsigned int)*rdata_offset, extra_data_size)); + DEBUG(5,("rpc_read: data_to_read: %u current_pdu offset: %u extra_data_size: %d\n", + (unsigned int)data_to_read, (unsigned int)*current_pdu_offset, (int)extra_data_size )); /* * Grow the buffer if needed to accommodate the data to be read. */ if (extra_data_size > 0) { - if(!prs_force_grow(rdata, (uint32)extra_data_size)) { - DEBUG(0,("rpc_read: Failed to grow parse struct by %d bytes.\n", extra_data_size )); - return False; + if(!prs_force_grow(current_pdu, (uint32)extra_data_size)) { + DEBUG(0,("rpc_read: Failed to grow parse struct by %d bytes.\n", (int)extra_data_size )); + return NT_STATUS_NO_MEMORY; } - DEBUG(5,("rpc_read: grew buffer by %d bytes to %u\n", extra_data_size, prs_data_size(rdata) )); + DEBUG(5,("rpc_read: grew buffer by %d bytes to %u\n", (int)extra_data_size, prs_data_size(current_pdu) )); } - pdata = prs_data_p(rdata) + *rdata_offset; + pdata = prs_data_p(current_pdu) + *current_pdu_offset; - do /* read data using SMBreadX */ - { - uint32 ecode; - uint8 eclass; - - if (size > (size_t)data_to_read) + do { + /* read data using SMBreadX */ + if (size > (size_t)data_to_read) { size = (size_t)data_to_read; + } - num_read = (int)cli_read(cli->cli, cli->fnum, pdata, + num_read = cli_read(cli->cli, cli->fnum, pdata, (off_t)stream_offset, size); - DEBUG(5,("rpc_read: num_read = %d, read offset: %d, to read: %d\n", - num_read, stream_offset, data_to_read)); + DEBUG(5,("rpc_read: num_read = %d, read offset: %u, to read: %u\n", + (int)num_read, (unsigned int)stream_offset, (unsigned int)data_to_read)); + /* + * A dos error of ERRDOS/ERRmoredata is not an error. + */ if (cli_is_dos_error(cli->cli)) { - cli_dos_error(cli->cli, &eclass, &ecode); - if (eclass != ERRDOS && ecode != ERRmoredata) { - DEBUG(0,("rpc_read: Error %d/%u in cli_read\n", - eclass, (unsigned int)ecode)); - return False; - } + uint32 ecode; + uint8 eclass; + cli_dos_error(cli->cli, &eclass, &ecode); + if (eclass != ERRDOS && ecode != ERRmoredata) { + DEBUG(0,("rpc_read: DOS Error %d/%u (%s) in cli_read on pipe %s\n", + eclass, (unsigned int)ecode, + cli_errstr(cli->cli), + cli->pipe_name )); + return dos_to_ntstatus(eclass, ecode); + } + } + + /* + * Likewise for NT_STATUS_BUFFER_TOO_SMALL + */ + if (cli_is_nt_error(cli->cli)) { + if (!NT_STATUS_EQUAL(cli_nt_error(cli->cli), NT_STATUS_BUFFER_TOO_SMALL)) { + DEBUG(0,("rpc_read: Error (%s) in cli_read on pipe %s\n", + nt_errstr(cli_nt_error(cli->cli)), + cli->pipe_name )); + return cli_nt_error(cli->cli); + } + } + + if (num_read == -1) { + DEBUG(0,("rpc_read: Error - cli_read on pipe %s returned -1\n", + cli->pipe_name )); + return cli_get_nt_error(cli->cli); } data_to_read -= num_read; @@ -119,262 +155,565 @@ static BOOL rpc_read(struct rpc_pipe_client *cli, prs_struct *rdata, /* && err == (0x80000000 | STATUS_BUFFER_OVERFLOW)); */ /* - * Update the current offset into rdata by the amount read. + * Update the current offset into current_pdu by the amount read. */ - *rdata_offset += stream_offset; - - return True; + *current_pdu_offset += stream_offset; + return NT_STATUS_OK; } /**************************************************************************** - Checks the header. This will set the endian bit in the rdata prs_struct. JRA. + Try and get a PDU's worth of data from current_pdu. If not, then read more + from the wire. ****************************************************************************/ -static BOOL rpc_check_hdr(prs_struct *rdata, RPC_HDR *rhdr, - BOOL *first, BOOL *last, uint32 *len) +static NTSTATUS cli_pipe_get_current_pdu(struct rpc_pipe_client *cli, RPC_HDR *prhdr, prs_struct *current_pdu) { - DEBUG(5,("rpc_check_hdr: rdata->data_size = %u\n", (uint32)prs_data_size(rdata) )); - - /* Next call sets endian bit. */ + NTSTATUS ret = NT_STATUS_OK; + uint32 current_pdu_len = prs_data_size(current_pdu); + + /* Ensure we have at least RPC_HEADER_LEN worth of data to parse. */ + if (current_pdu_len < RPC_HEADER_LEN) { + /* rpc_read expands the current_pdu struct as neccessary. */ + ret = rpc_read(cli, current_pdu, RPC_HEADER_LEN - current_pdu_len, ¤t_pdu_len); + if (!NT_STATUS_IS_OK(ret)) { + return ret; + } + } - if(!smb_io_rpc_hdr("rpc_hdr ", rhdr, rdata, 0)) { - DEBUG(0,("rpc_check_hdr: Failed to unmarshall RPC_HDR.\n")); - return False; + /* This next call sets the endian bit correctly in current_pdu. */ + /* We will propagate this to rbuf later. */ + if(!smb_io_rpc_hdr("rpc_hdr ", prhdr, current_pdu, 0)) { + DEBUG(0,("cli_pipe_get_current_pdu: Failed to unmarshall RPC_HDR.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; } - if (prs_offset(rdata) != RPC_HEADER_LEN) { - DEBUG(0,("rpc_check_hdr: offset was %x, should be %x.\n", prs_offset(rdata), RPC_HEADER_LEN)); - return False; + /* Ensure we have frag_len bytes of data. */ + if (current_pdu_len < prhdr->frag_len) { + /* rpc_read expands the current_pdu struct as neccessary. */ + ret = rpc_read(cli, current_pdu, (uint32)prhdr->frag_len - current_pdu_len, ¤t_pdu_len); + if (!NT_STATUS_IS_OK(ret)) { + return ret; + } } - (*first) = ((rhdr->flags & RPC_FLG_FIRST) != 0); - (*last) = ((rhdr->flags & RPC_FLG_LAST ) != 0); - (*len) = (uint32)rhdr->frag_len - prs_data_size(rdata); + if (current_pdu_len < prhdr->frag_len) { + return NT_STATUS_BUFFER_TOO_SMALL; + } - return (rhdr->pkt_type != RPC_FAULT); + return NT_STATUS_OK; } /**************************************************************************** - Verify data on an rpc pipe. - The VERIFY & SEAL code is only executed on packets that look like this : + NTLMSSP specific sign/seal. + Virtually identical to rpc_server/srv_pipe.c:api_pipe_ntlmssp_auth_process. + In fact I should probably abstract these into identical pieces of code... JRA. + ****************************************************************************/ - Request/Response PDU's look like the following... +static NTSTATUS cli_pipe_verify_ntlmssp(struct rpc_pipe_client *cli, RPC_HDR *prhdr, + prs_struct *current_pdu, + uint8 *p_ss_padding_len) +{ + RPC_HDR_AUTH auth_info; + uint32 save_offset = prs_offset(current_pdu); + uint32 auth_len = prhdr->auth_len; + NTLMSSP_STATE *ntlmssp_state = cli->auth.a_u.ntlmssp_state; + unsigned char *data = NULL; + size_t data_len; + unsigned char *full_packet_data = NULL; + size_t full_packet_data_len; + DATA_BLOB auth_blob; + NTSTATUS status; + + if (cli->auth.auth_level == PIPE_AUTH_LEVEL_NONE || cli->auth.auth_level == PIPE_AUTH_LEVEL_CONNECT) { + return NT_STATUS_OK; + } - |<------------------PDU len----------------------------------------------->| - |<-HDR_LEN-->|<--REQ LEN------>|.............|<-AUTH_HDRLEN->|<-AUTH_LEN-->| + if (!ntlmssp_state) { + return NT_STATUS_INVALID_PARAMETER; + } - +------------+-----------------+-------------+---------------+-------------+ - | RPC HEADER | REQ/RESP HEADER | DATA ...... | AUTH_HDR | AUTH DATA | - +------------+-----------------+-------------+---------------+-------------+ + /* Ensure there's enough data for an authenticated response. */ + if ((auth_len > RPC_MAX_SIGN_SIZE) || + (RPC_HEADER_LEN + RPC_HDR_RESP_LEN + RPC_HDR_AUTH_LEN + auth_len > prhdr->frag_len)) { + DEBUG(0,("cli_pipe_verify_ntlmssp: auth_len %u is too large.\n", + (unsigned int)auth_len )); + return NT_STATUS_BUFFER_TOO_SMALL; + } - Never on bind requests/responses. - ****************************************************************************/ + /* + * We need the full packet data + length (minus auth stuff) as well as the packet data + length + * after the RPC header. + * We need to pass in the full packet (minus auth len) to the NTLMSSP sign and check seal + * functions as NTLMv2 checks the rpc headers also. + */ + + data = (unsigned char *)(prs_data_p(current_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN); + data_len = (size_t)(prhdr->frag_len - RPC_HEADER_LEN - RPC_HDR_RESP_LEN - RPC_HDR_AUTH_LEN - auth_len); + + full_packet_data = prs_data_p(current_pdu); + full_packet_data_len = prhdr->frag_len - auth_len; + + /* Pull the auth header and the following data into a blob. */ + if(!prs_set_offset(current_pdu, RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len)) { + DEBUG(0,("cli_pipe_verify_ntlmssp: cannot move offset to %u.\n", + (unsigned int)RPC_HEADER_LEN + (unsigned int)RPC_HDR_RESP_LEN + (unsigned int)data_len )); + return NT_STATUS_BUFFER_TOO_SMALL; + } + + if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, current_pdu, 0)) { + DEBUG(0,("cli_pipe_verify_ntlmssp: failed to unmarshall RPC_HDR_AUTH.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; + } + + auth_blob.data = prs_data_p(current_pdu) + prs_offset(current_pdu); + auth_blob.length = auth_len; + + switch (cli->auth.auth_level) { + case PIPE_AUTH_LEVEL_PRIVACY: + /* Data is encrypted. */ + status = ntlmssp_unseal_packet(ntlmssp_state, + data, data_len, + full_packet_data, + full_packet_data_len, + &auth_blob); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("cli_pipe_verify_ntlmssp: failed to unseal " + "packet from remote machine %s on pipe %s " + "fnum 0x%x. Error was %s.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + nt_errstr(status) )); + return status; + } + break; + case PIPE_AUTH_LEVEL_INTEGRITY: + /* Data is signed. */ + status = ntlmssp_check_packet(ntlmssp_state, + data, data_len, + full_packet_data, + full_packet_data_len, + &auth_blob); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0,("cli_pipe_verify_ntlmssp: check signing failed on " + "packet from remote machine %s on pipe %s " + "fnum 0x%x. Error was %s.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + nt_errstr(status) )); + return status; + } + break; + default: + DEBUG(0,("cli_pipe_verify_ntlmssp: unknown internal auth level %d\n", + cli->auth.auth_level )); + return NT_STATUS_INVALID_INFO_CLASS; + } -static BOOL rpc_auth_pipe(struct rpc_pipe_client *cli, prs_struct *rdata, - uint32 fragment_start, int len, int auth_len, uint8 pkt_type, - int *pauth_padding_len) -{ - /* - * The following is that length of the data we must sign or seal. - * This doesn't include the RPC headers or the auth_len or the RPC_HDR_AUTH_LEN - * preceeding the auth_data. + * Return the current pointer to the data offset. */ - int data_len = len - RPC_HEADER_LEN - RPC_HDR_RESP_LEN - RPC_HDR_AUTH_LEN - auth_len; + if(!prs_set_offset(current_pdu, save_offset)) { + DEBUG(0,("api_pipe_auth_process: failed to set offset back to %u\n", + (unsigned int)save_offset )); + return NT_STATUS_BUFFER_TOO_SMALL; + } /* - * The start of the data to sign/seal is just after the RPC headers. + * Remember the padding length. We must remove it from the real data + * stream once the sign/seal is done. */ - char *reply_data = prs_data_p(rdata) + fragment_start + RPC_HEADER_LEN + RPC_HDR_REQ_LEN; - RPC_HDR_AUTH rhdr_auth; + *p_ss_padding_len = auth_info.auth_pad_len; + + return NT_STATUS_OK; +} + +/**************************************************************************** + schannel specific sign/seal. + ****************************************************************************/ - char *dp = prs_data_p(rdata) + fragment_start + len - - RPC_HDR_AUTH_LEN - auth_len; - prs_struct auth_verf; +static NTSTATUS cli_pipe_verify_schannel(struct rpc_pipe_client *cli, RPC_HDR *prhdr, + prs_struct *current_pdu, + uint8 *p_ss_padding_len) +{ + RPC_HDR_AUTH auth_info; + RPC_AUTH_SCHANNEL_CHK schannel_chk; + uint32 auth_len = prhdr->auth_len; + uint32 save_offset = prs_offset(current_pdu); + struct schannel_auth_struct *schannel_auth = cli->auth.a_u.schannel_auth; + uint32 data_len; + + if (cli->auth.auth_level == PIPE_AUTH_LEVEL_NONE || cli->auth.auth_level == PIPE_AUTH_LEVEL_CONNECT) { + return NT_STATUS_OK; + } - *pauth_padding_len = 0; + if (auth_len != RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN) { + DEBUG(0,("cli_pipe_verify_schannel: auth_len %u.\n", (unsigned int)auth_len )); + return NT_STATUS_INVALID_PARAMETER; + } - if (auth_len == 0) { - if (cli->pipe_auth_flags == 0) { - /* move along, nothing to see here */ - return True; - } + if (!schannel_auth) { + return NT_STATUS_INVALID_PARAMETER; + } - DEBUG(2, ("No authenticaton header recienved on reply, but this pipe is authenticated\n")); - return False; + /* Ensure there's enough data for an authenticated response. */ + if ((auth_len > RPC_MAX_SIGN_SIZE) || + (RPC_HEADER_LEN + RPC_HDR_RESP_LEN + RPC_HDR_AUTH_LEN + auth_len > prhdr->frag_len)) { + DEBUG(0,("cli_pipe_verify_schannel: auth_len %u is too large.\n", + (unsigned int)auth_len )); + return NT_STATUS_INVALID_PARAMETER; } - DEBUG(5,("rpc_auth_pipe: pkt_type: %d len: %d auth_len: %d NTLMSSP %s schannel %s sign %s seal %s \n", - pkt_type, len, auth_len, - BOOLSTR(cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP), - BOOLSTR(cli->pipe_auth_flags & AUTH_PIPE_NETSEC), - BOOLSTR(cli->pipe_auth_flags & AUTH_PIPE_SIGN), - BOOLSTR(cli->pipe_auth_flags & AUTH_PIPE_SEAL))); + data_len = prhdr->frag_len - RPC_HEADER_LEN - RPC_HDR_RESP_LEN - RPC_HDR_AUTH_LEN - auth_len; - if (dp - prs_data_p(rdata) > prs_data_size(rdata)) { - DEBUG(0,("rpc_auth_pipe: schannel auth data > data size !\n")); - return False; + if(!prs_set_offset(current_pdu, RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len)) { + DEBUG(0,("cli_pipe_verify_schannel: cannot move offset to %u.\n", + (unsigned int)RPC_HEADER_LEN + RPC_HDR_RESP_LEN + data_len )); + return NT_STATUS_BUFFER_TOO_SMALL; + } + + if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, current_pdu, 0)) { + DEBUG(0,("cli_pipe_verify_schannel: failed to unmarshall RPC_HDR_AUTH.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; } - DEBUG(10,("rpc_auth_pipe: packet:\n")); - dump_data(100, dp, auth_len); + if (auth_info.auth_type != RPC_SCHANNEL_AUTH_TYPE) { + DEBUG(0,("cli_pipe_verify_schannel: Invalid auth info %d on schannel\n", + auth_info.auth_type)); + return NT_STATUS_BUFFER_TOO_SMALL; + } - prs_init(&auth_verf, 0, cli->cli->mem_ctx, UNMARSHALL); - - /* The endinness must be preserved. JRA. */ - prs_set_endian_data( &auth_verf, rdata->bigendian_data); - - /* Point this new parse struct at the auth section of the main - parse struct - rather than copying it. Avoids needing to - free it on every error - */ - prs_give_memory(&auth_verf, dp, RPC_HDR_AUTH_LEN + auth_len, False /* not dynamic */); - prs_set_offset(&auth_verf, 0); + if(!smb_io_rpc_auth_schannel_chk("", RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN, + &schannel_chk, current_pdu, 0)) { + DEBUG(0,("cli_pipe_verify_schannel: failed to unmarshal RPC_AUTH_SCHANNEL_CHK.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; + } - { - int auth_type; - int auth_level; - if (!smb_io_rpc_hdr_auth("auth_hdr", &rhdr_auth, &auth_verf, 0)) { - DEBUG(0, ("rpc_auth_pipe: Could not parse auth header\n")); - return False; - } + if (!schannel_decode(schannel_auth, + cli->auth.auth_level, + SENDER_IS_ACCEPTOR, + &schannel_chk, + prs_data_p(current_pdu)+RPC_HEADER_LEN+RPC_HDR_RESP_LEN, + data_len)) { + DEBUG(3,("cli_pipe_verify_schannel: failed to decode PDU " + "Connection to remote machine %s " + "pipe %s fnum 0x%x.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum )); + return NT_STATUS_INVALID_PARAMETER; + } - /* Let the caller know how much padding at the end of the data */ - *pauth_padding_len = rhdr_auth.auth_pad_len; - - /* Check it's the type of reply we were expecting to decode */ + /* The sequence number gets incremented on both send and receive. */ + schannel_auth->seq_num++; - get_auth_type_level(cli->pipe_auth_flags, &auth_type, &auth_level); - if (rhdr_auth.auth_type != auth_type) { - DEBUG(0, ("BAD auth type %d (should be %d)\n", - rhdr_auth.auth_type, auth_type)); - return False; - } - - if (rhdr_auth.auth_level != auth_level) { - DEBUG(0, ("BAD auth level %d (should be %d)\n", - rhdr_auth.auth_level, auth_level)); - return False; - } + /* + * Return the current pointer to the data offset. + */ + + if(!prs_set_offset(current_pdu, save_offset)) { + DEBUG(0,("api_pipe_auth_process: failed to set offset back to %u\n", + (unsigned int)save_offset )); + return NT_STATUS_BUFFER_TOO_SMALL; } - if (pkt_type == RPC_BINDACK) { - if (cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) { - /* copy the next auth_len bytes into a buffer for - later use */ + /* + * Remember the padding length. We must remove it from the real data + * stream once the sign/seal is done. + */ + + *p_ss_padding_len = auth_info.auth_pad_len; + + return NT_STATUS_OK; +} - DATA_BLOB ntlmssp_verf = data_blob(NULL, auth_len); - BOOL store_ok; +/**************************************************************************** + Do the authentication checks on an incoming pdu. Check sign and unseal etc. + ****************************************************************************/ - /* save the reply away, for use a little later */ - prs_copy_data_out((char *)ntlmssp_verf.data, &auth_verf, auth_len); +static NTSTATUS cli_pipe_validate_rpc_response(struct rpc_pipe_client *cli, RPC_HDR *prhdr, + prs_struct *current_pdu, + uint8 *p_ss_padding_len) +{ + NTSTATUS ret = NT_STATUS_OK; - store_ok = (NT_STATUS_IS_OK(ntlmssp_store_response(cli->ntlmssp_pipe_state, - ntlmssp_verf))); + /* Paranioa checks for auth_len. */ + if (prhdr->auth_len) { + if (prhdr->auth_len > prhdr->frag_len) { + return NT_STATUS_INVALID_PARAMETER; + } - data_blob_free(&ntlmssp_verf); - return store_ok; - } - else if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - /* nothing to do here - we don't seem to be able to - validate the bindack based on VL's comments */ - return True; + if (prhdr->auth_len + RPC_HDR_AUTH_LEN < prhdr->auth_len || + prhdr->auth_len + RPC_HDR_AUTH_LEN < RPC_HDR_AUTH_LEN) { + /* Integer wrap attempt. */ + return NT_STATUS_INVALID_PARAMETER; } } - - if (cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) { - NTSTATUS nt_status; - DATA_BLOB sig; - if ((cli->pipe_auth_flags & AUTH_PIPE_SIGN) || - (cli->pipe_auth_flags & AUTH_PIPE_SEAL)) { - if (auth_len != RPC_AUTH_NTLMSSP_CHK_LEN) { - DEBUG(0,("rpc_auth_pipe: wrong ntlmssp auth len %d\n", auth_len)); - return False; + + /* + * Now we have a complete RPC request PDU fragment, try and verify any auth data. + */ + + switch(cli->auth.auth_type) { + case PIPE_AUTH_TYPE_NONE: + if (prhdr->auth_len) { + DEBUG(3, ("cli_pipe_validate_rpc_response: Connection to remote machine %s " + "pipe %s fnum 0x%x - got non-zero auth len %u.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + (unsigned int)prhdr->auth_len )); + return NT_STATUS_INVALID_PARAMETER; } - sig = data_blob(NULL, auth_len); - prs_copy_data_out((char *)sig.data, &auth_verf, auth_len); - } - - /* - * Unseal any sealed data in the PDU, not including the - * 8 byte auth_header or the auth_data. - */ + break; - /* - * Now unseal and check the auth verifier in the auth_data at - * the end of the packet. - */ + case PIPE_AUTH_TYPE_NTLMSSP: + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + ret = cli_pipe_verify_ntlmssp(cli, prhdr, current_pdu, p_ss_padding_len); + if (!NT_STATUS_IS_OK(ret)) { + return ret; + } + break; - if (cli->pipe_auth_flags & AUTH_PIPE_SEAL) { - if (data_len < 0) { - DEBUG(1, ("Can't unseal - data_len < 0!!\n")); - return False; + case PIPE_AUTH_TYPE_SCHANNEL: + ret = cli_pipe_verify_schannel(cli, prhdr, current_pdu, p_ss_padding_len); + if (!NT_STATUS_IS_OK(ret)) { + return ret; } - nt_status = ntlmssp_unseal_packet(cli->ntlmssp_pipe_state, - (unsigned char *)reply_data, data_len, - &sig); - } - else if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - nt_status = ntlmssp_check_packet(cli->ntlmssp_pipe_state, - (const unsigned char *)reply_data, data_len, - &sig); - } + break; + + case PIPE_AUTH_TYPE_KRB5: + case PIPE_AUTH_TYPE_SPNEGO_KRB5: + default: + DEBUG(3, ("cli_pipe_validate_rpc_response: Connection to remote machine %s " + "pipe %s fnum %x - unknown internal auth type %u.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + cli->auth.auth_type )); + return NT_STATUS_INVALID_INFO_CLASS; + } - data_blob_free(&sig); + return NT_STATUS_OK; +} - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(0, ("rpc_auth_pipe: could not validate " - "incoming NTLMSSP packet!\n")); - return False; - } +/**************************************************************************** + Do basic authentication checks on an incoming pdu. + ****************************************************************************/ + +static NTSTATUS cli_pipe_validate_current_pdu(struct rpc_pipe_client *cli, RPC_HDR *prhdr, + prs_struct *current_pdu, + uint8 expected_pkt_type, + char **ppdata, + uint32 *pdata_len, + prs_struct *return_data) +{ + + NTSTATUS ret = NT_STATUS_OK; + uint32 current_pdu_len = prs_data_size(current_pdu); + + if (current_pdu_len != prhdr->frag_len) { + DEBUG(5,("cli_pipe_validate_current_pdu: incorrect pdu length %u, expected %u\n", + (unsigned int)current_pdu_len, (unsigned int)prhdr->frag_len )); + return NT_STATUS_INVALID_PARAMETER; } - if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - RPC_AUTH_NETSEC_CHK chk; + /* + * Point the return values at the real data including the RPC + * header. Just in case the caller wants it. + */ + *ppdata = prs_data_p(current_pdu); + *pdata_len = current_pdu_len; - if ( (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) - && (auth_len != RPC_AUTH_NETSEC_SIGN_ONLY_CHK_LEN) ) - { - DEBUG(0,("rpc_auth_pipe: wrong schannel auth len %d\n", auth_len)); - return False; - } + /* Ensure we have the correct type. */ + switch (prhdr->pkt_type) { + case RPC_ALTCONTRESP: + case RPC_BINDACK: + + /* Alter context and bind ack share the same packet definitions. */ + break; - /* can't seal with no nonce */ - if ( (cli->pipe_auth_flags & AUTH_PIPE_SEAL) - && (auth_len != RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN) ) + + case RPC_RESPONSE: { - DEBUG(0,("rpc_auth_pipe: sealing not supported with schannel auth len %d\n", auth_len)); - return False; + RPC_HDR_RESP rhdr_resp; + uint8 ss_padding_len = 0; + + if(!smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, current_pdu, 0)) { + DEBUG(5,("cli_pipe_validate_current_pdu: failed to unmarshal RPC_HDR_RESP.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; + } + + /* Here's where we deal with incoming sign/seal. */ + ret = cli_pipe_validate_rpc_response(cli, prhdr, + current_pdu, &ss_padding_len); + if (!NT_STATUS_IS_OK(ret)) { + return ret; + } + + /* Point the return values at the NDR data. Remember to remove any ss padding. */ + *ppdata = prs_data_p(current_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN; + + if (current_pdu_len < RPC_HEADER_LEN + RPC_HDR_RESP_LEN + ss_padding_len) { + return NT_STATUS_BUFFER_TOO_SMALL; + } + + *pdata_len = current_pdu_len - RPC_HEADER_LEN - RPC_HDR_RESP_LEN - ss_padding_len; + + /* Remember to remove the auth footer. */ + if (prhdr->auth_len) { + /* We've already done integer wrap tests on auth_len in + cli_pipe_validate_rpc_response(). */ + if (*pdata_len < RPC_HDR_AUTH_LEN + prhdr->auth_len) { + return NT_STATUS_BUFFER_TOO_SMALL; + } + *pdata_len -= (RPC_HDR_AUTH_LEN + prhdr->auth_len); + } + + DEBUG(10,("cli_pipe_validate_current_pdu: got pdu len %u, data_len %u, ss_len %u\n", + current_pdu_len, *pdata_len, ss_padding_len )); + + /* + * If this is the first reply, and the allocation hint is reasonably, try and + * set up the return_data parse_struct to the correct size. + */ + + if ((prs_data_size(return_data) == 0) && rhdr_resp.alloc_hint && (rhdr_resp.alloc_hint < 15*1024*1024)) { + if (!prs_set_buffer_size(return_data, rhdr_resp.alloc_hint)) { + DEBUG(0,("cli_pipe_validate_current_pdu: reply alloc hint %u " + "too large to allocate\n", + (unsigned int)rhdr_resp.alloc_hint )); + return NT_STATUS_NO_MEMORY; + } + } + + break; } - - if (!smb_io_rpc_auth_netsec_chk("schannel_auth_sign", auth_len, &chk, &auth_verf, 0)) + case RPC_BINDNACK: + DEBUG(1, ("cli_pipe_validate_current_pdu: Bind NACK received from remote machine %s " + "pipe %s fnum 0x%x!\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); + /* Use this for now... */ + return NT_STATUS_NETWORK_ACCESS_DENIED; + + case RPC_FAULT: { - DEBUG(0, ("rpc_auth_pipe: schannel unmarshalling " - "RPC_AUTH_NETSECK_CHK failed\n")); - return False; - } + RPC_HDR_RESP rhdr_resp; + RPC_HDR_FAULT fault_resp; + + if(!smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, current_pdu, 0)) { + DEBUG(5,("cli_pipe_validate_current_pdu: failed to unmarshal RPC_HDR_RESP.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; + } + + if(!smb_io_rpc_hdr_fault("fault", &fault_resp, current_pdu, 0)) { + DEBUG(5,("cli_pipe_validate_current_pdu: failed to unmarshal RPC_HDR_FAULT.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; + } - if (!netsec_decode(&cli->auth_info, - cli->pipe_auth_flags, - SENDER_IS_ACCEPTOR, - &chk, reply_data, data_len)) { - DEBUG(0, ("rpc_auth_pipe: Could not decode schannel\n")); - return False; + DEBUG(1, ("cli_pipe_validate_current_pdu: RPC fault code %s received from remote machine %s " + "pipe %s fnum 0x%x!\n", + nt_errstr(fault_resp.status), + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); + if (NT_STATUS_IS_OK(fault_resp.status)) { + return NT_STATUS_UNSUCCESSFUL; + } else { + return fault_resp.status; + } + } - cli->auth_info.seq_num++; + default: + DEBUG(0, ("cli_pipe_validate_current_pdu: unknown packet type %u received " + "from remote machine %s pipe %s fnum 0x%x!\n", + (unsigned int)prhdr->pkt_type, + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); + return NT_STATUS_INVALID_INFO_CLASS; + } + if (prhdr->pkt_type != expected_pkt_type) { + DEBUG(3, ("cli_pipe_validate_current_pdu: Connection to remote machine %s " + "pipe %s fnum %x got an unexpected RPC packet " + "type - %u, not %u\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + prhdr->pkt_type, + expected_pkt_type)); + return NT_STATUS_INVALID_INFO_CLASS; } - return True; + + /* Do this just before return - we don't want to modify any rpc header + data before now as we may have needed to do cryptographic actions on + it before. */ + + if ((prhdr->pkt_type == RPC_BINDACK) && !(prhdr->flags & RPC_FLG_LAST)) { + DEBUG(5,("cli_pipe_validate_current_pdu: bug in server (AS/U?), " + "setting fragment first/last ON.\n")); + prhdr->flags |= RPC_FLG_FIRST|RPC_FLG_LAST; + } + + return NT_STATUS_OK; } +/**************************************************************************** + Ensure we eat the just processed pdu from the current_pdu prs_struct. + Normally the frag_len and buffer size will match, but on the first trans + reply there is a theoretical chance that buffer size > frag_len, so we must + deal with that. + ****************************************************************************/ + +static NTSTATUS cli_pipe_reset_current_pdu(struct rpc_pipe_client *cli, RPC_HDR *prhdr, prs_struct *current_pdu) +{ + uint32 current_pdu_len = prs_data_size(current_pdu); + + if (current_pdu_len < prhdr->frag_len) { + return NT_STATUS_BUFFER_TOO_SMALL; + } + + /* Common case. */ + if (current_pdu_len == (uint32)prhdr->frag_len) { + prs_mem_free(current_pdu); + prs_init(current_pdu, 0, prs_get_mem_context(current_pdu), UNMARSHALL); + /* Make current_pdu dynamic with no memory. */ + prs_give_memory(current_pdu, 0, 0, True); + return NT_STATUS_OK; + } + + /* + * Oh no ! More data in buffer than we processed in current pdu. + * Cheat. Move the data down and shrink the buffer. + */ + + memcpy(prs_data_p(current_pdu), prs_data_p(current_pdu) + prhdr->frag_len, + current_pdu_len - prhdr->frag_len); + + /* Remember to set the read offset back to zero. */ + prs_set_offset(current_pdu, 0); + + /* Shrink the buffer. */ + if (!prs_set_buffer_size(current_pdu, current_pdu_len - prhdr->frag_len)) { + return NT_STATUS_BUFFER_TOO_SMALL; + } + + return NT_STATUS_OK; +} /**************************************************************************** - Send data on an rpc pipe via trans, which *must* be the last fragment. - receive response data from an rpc pipe, which may be large... + Send data on an rpc pipe via trans. The prs_struct data must be the last + pdu fragment of an NDR data stream. + + Receive response data from an rpc pipe, which may be large... Read the first fragment: unfortunately have to use SMBtrans for the first bit, then SMBreadX for subsequent bits. @@ -391,41 +730,50 @@ static BOOL rpc_auth_pipe(struct rpc_pipe_client *cli, prs_struct *rdata, | RPC HEADER | REQ/RESP HEADER | DATA ...... | AUTH_HDR | AUTH DATA | +------------+-----------------+-------------+---------------+-------------+ - Where the presence of the AUTH_HDR and AUTH are dependent on the + Where the presence of the AUTH_HDR and AUTH DATA are dependent on the signing & sealing being negotiated. ****************************************************************************/ -static BOOL rpc_api_pipe(struct rpc_pipe_client *cli, prs_struct *data, prs_struct *rdata, - uint8 expected_pkt_type) +static NTSTATUS rpc_api_pipe(struct rpc_pipe_client *cli, + prs_struct *data, /* Outgoing pdu fragment, already formatted for send. */ + prs_struct *rbuf, /* Incoming reply - return as an NDR stream. */ + uint8 expected_pkt_type) { - uint32 len; + NTSTATUS ret = NT_STATUS_UNSUCCESSFUL; char *rparam = NULL; uint32 rparam_len = 0; uint16 setup[2]; - BOOL first = True; - BOOL last = True; - RPC_HDR rhdr; char *pdata = data ? prs_data_p(data) : NULL; uint32 data_len = data ? prs_offset(data) : 0; char *prdata = NULL; uint32 rdata_len = 0; - uint32 current_offset = 0; - uint32 fragment_start = 0; uint32 max_data = cli->max_xmit_frag ? cli->max_xmit_frag : 1024; - int auth_padding_len = 0; + uint32 current_rbuf_offset = 0; + prs_struct current_pdu; + +#ifdef DEVELOPER + /* Ensure we're not sending too much. */ + SMB_ASSERT(data_len <= max_data); +#endif - /* Create setup parameters - must be in native byte order. */ + /* Set up the current pdu parse struct. */ + prs_init(¤t_pdu, 0, prs_get_mem_context(rbuf), UNMARSHALL); + /* Create setup parameters - must be in native byte order. */ setup[0] = TRANSACT_DCERPCCMD; setup[1] = cli->fnum; /* Pipe file handle. */ - DEBUG(5,("rpc_api_pipe: fnum:%x\n", (int)cli->fnum)); + DEBUG(5,("rpc_api_pipe: Remote machine %s pipe %s fnum 0x%x\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum )); - /* Send the RPC request and receive a response. For short RPC - calls (about 1024 bytes or so) the RPC request and response - appears in a SMBtrans request and response. Larger RPC - responses are received further on. */ + /* + * Send the last (or only) fragment of an RPC request. For small + * amounts of data (about 1024 bytes or so) the RPC request and response + * appears in a SMBtrans request and response. + */ if (!cli_api_pipe(cli->cli, "\\PIPE\\", setup, 2, 0, /* Setup, length, max */ @@ -434,9 +782,14 @@ static BOOL rpc_api_pipe(struct rpc_pipe_client *cli, prs_struct *data, prs_stru &rparam, &rparam_len, /* return params, len */ &prdata, &rdata_len)) /* return data, len */ { - DEBUG(0, ("cli_pipe: return critical error. Error was %s\n", - cli_errstr(cli->cli))); - return False; + DEBUG(0, ("rpc_api_pipe: Remote machine %s pipe %s fnum 0x%x" + "returned critical error. Error was %s\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + cli_errstr(cli->cli))); + ret = cli_get_nt_error(cli->cli); + goto err; } /* Throw away returned params - we know we won't use them. */ @@ -444,327 +797,343 @@ static BOOL rpc_api_pipe(struct rpc_pipe_client *cli, prs_struct *data, prs_stru SAFE_FREE(rparam); if (prdata == NULL) { - DEBUG(0,("rpc_api_pipe: pipe %x failed to return data.\n", - (int)cli->fnum)); - return False; + DEBUG(3,("rpc_api_pipe: Remote machine %s pipe %s " + "fnum 0x%x failed to return data.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); + /* Yes - some calls can truely return no data... */ + prs_mem_free(¤t_pdu); + return NT_STATUS_OK; } /* - * Give this memory as dynamically allocated to the return parse - * struct. + * Give this memory as dynamic to the current pdu. */ - prs_give_memory(rdata, prdata, rdata_len, True); - current_offset = rdata_len; - - /* This next call sets the endian bit correctly in rdata. */ + prs_give_memory(¤t_pdu, prdata, rdata_len, True); - if (!rpc_check_hdr(rdata, &rhdr, &first, &last, &len)) { - prs_mem_free(rdata); - return False; - } + /* Ensure we can mess with the return prs_struct. */ + SMB_ASSERT(UNMARSHALLING(rbuf)); + SMB_ASSERT(prs_data_size(rbuf) == 0); - if (rhdr.pkt_type == RPC_BINDACK) { - if (!last && !first) { - DEBUG(5,("rpc_api_pipe: bug in server (AS/U?), setting fragment first/last ON.\n")); - first = True; - last = True; - } - } + /* Make rbuf dynamic with no memory. */ + prs_give_memory(rbuf, 0, 0, True); - if (rhdr.pkt_type == RPC_BINDNACK) { - DEBUG(3, ("Bind NACK received on pipe %x!\n", (int)cli->fnum)); - prs_mem_free(rdata); - return False; - } + while(1) { + RPC_HDR rhdr; + char *ret_data; + uint32 ret_data_len; - if (rhdr.pkt_type == RPC_RESPONSE) { - RPC_HDR_RESP rhdr_resp; - if(!smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, rdata, 0)) { - DEBUG(5,("rpc_api_pipe: failed to unmarshal RPC_HDR_RESP.\n")); - prs_mem_free(rdata); - return False; + /* Ensure we have enough data for a pdu. */ + ret = cli_pipe_get_current_pdu(cli, &rhdr, ¤t_pdu); + if (!NT_STATUS_IS_OK(ret)) { + goto err; } - } - if (rhdr.pkt_type != expected_pkt_type) { - DEBUG(3, ("Connection to pipe %x got an unexpected RPC packet " - "type - %d, not %d\n", (int)cli->fnum, - rhdr.pkt_type, expected_pkt_type)); - prs_mem_free(rdata); - return False; - } + /* We pass in rbuf here so if the alloc hint is set correctly + we can set the output size and avoid reallocs. */ + + ret = cli_pipe_validate_current_pdu(cli, &rhdr, ¤t_pdu, expected_pkt_type, + &ret_data, &ret_data_len, rbuf); - DEBUG(5,("rpc_api_pipe: len left: %u smbtrans read: %u\n", - (unsigned int)len, (unsigned int)rdata_len )); + DEBUG(10,("rpc_api_pipe: got PDU len of %u at offset %u\n", + prs_data_size(¤t_pdu), current_rbuf_offset )); - /* check if data to be sent back was too large for one SMBtrans */ - /* err status is only informational: the _real_ check is on the - length */ + if (!NT_STATUS_IS_OK(ret)) { + goto err; + } - if (len > 0) { - /* || err == (0x80000000 | STATUS_BUFFER_OVERFLOW)) */ + if ((rhdr.flags & RPC_FLG_FIRST)) { + if (rhdr.pack_type[0] == 0) { + /* Set the data type correctly for big-endian data on the first packet. */ + DEBUG(10,("rpc_api_pipe: On machine %s pipe %s fnum 0x%x " + "PDU data format is big-endian.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); + + prs_set_endian_data(rbuf, RPC_BIG_ENDIAN); + } else { + /* Check endianness on subsequent packets. */ + if (current_pdu.bigendian_data != rbuf->bigendian_data) { + DEBUG(0,("rpc_api_pipe: Error : Endianness changed from %s to %s\n", + rbuf->bigendian_data ? "big" : "little", + current_pdu.bigendian_data ? "big" : "little" )); + ret = NT_STATUS_INVALID_PARAMETER; + goto err; + } + } + } - /* Read the remaining part of the first response fragment */ + /* Now copy the data portion out of the pdu into rbuf. */ + if (!prs_force_grow(rbuf, ret_data_len)) { + ret = NT_STATUS_NO_MEMORY; + goto err; + } + memcpy(prs_data_p(rbuf)+current_rbuf_offset, ret_data, (size_t)ret_data_len); + current_rbuf_offset += ret_data_len; + + /* See if we've finished with all the data in current_pdu yet ? */ + ret = cli_pipe_reset_current_pdu(cli, &rhdr, ¤t_pdu); + if (!NT_STATUS_IS_OK(ret)) { + goto err; + } - if (!rpc_read(cli, rdata, len, ¤t_offset)) { - prs_mem_free(rdata); - return False; + if (rhdr.flags & RPC_FLG_LAST) { + break; /* We're done. */ } } - /* - * Now we have a complete PDU, check the auth struct if any was sent. - */ + DEBUG(10,("rpc_api_pipe: Remote machine %s pipe %s fnum 0x%x returned %u bytes.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum, + (unsigned int)prs_data_size(rbuf) )); - if(!rpc_auth_pipe(cli, rdata, fragment_start, rhdr.frag_len, - rhdr.auth_len, rhdr.pkt_type, &auth_padding_len)) { - prs_mem_free(rdata); - return False; - } + prs_mem_free(¤t_pdu); + return NT_STATUS_OK; - if (rhdr.auth_len != 0) { - /* - * Drop the auth footers from the current offset. - * We need this if there are more fragments. - * The auth footers consist of the auth_data and the - * preceeding 8 byte auth_header. - */ - current_offset -= (auth_padding_len + RPC_HDR_AUTH_LEN + rhdr.auth_len); - } - - /* - * Only one rpc fragment, and it has been read. - */ + err: - if (first && last) { - DEBUG(6,("rpc_api_pipe: fragment first and last both set\n")); - return True; - } + prs_mem_free(¤t_pdu); + prs_mem_free(rbuf); + return ret; +} - /* - * Read more fragments using SMBreadX until we get one with the - * last bit set. - */ +/******************************************************************* + Creates krb5 auth bind. + ********************************************************************/ - while (!last) { - RPC_HDR_RESP rhdr_resp; - int num_read; - char hdr_data[RPC_HEADER_LEN+RPC_HDR_RESP_LEN]; - prs_struct hps; - uint8 eclass; - uint32 ecode; - - /* - * First read the header of the next PDU. - */ +static NTSTATUS create_krb5_auth_bind_req( struct rpc_pipe_client *cli, + enum pipe_auth_level auth_level, + RPC_HDR_AUTH *pauth_out, + prs_struct *auth_data) +{ +#ifdef HAVE_KRB5 + int ret; + struct kerberos_auth_struct *a = cli->auth.a_u.kerberos_auth; + DATA_BLOB tkt = data_blob(NULL, 0); + DATA_BLOB tkt_wrapped = data_blob(NULL, 0); - prs_init(&hps, 0, cli->cli->mem_ctx, UNMARSHALL); - prs_give_memory(&hps, hdr_data, sizeof(hdr_data), False); + /* We may change the pad length before marshalling. */ + init_rpc_hdr_auth(pauth_out, RPC_KRB5_AUTH_TYPE, (int)auth_level, 0, 1); - num_read = cli_read(cli->cli, cli->fnum, hdr_data, 0, - RPC_HEADER_LEN+RPC_HDR_RESP_LEN); - if (cli_is_dos_error(cli->cli)) { - cli_dos_error(cli->cli, &eclass, &ecode); - if (eclass != ERRDOS && ecode != ERRmoredata) { - DEBUG(0,("rpc_api_pipe: cli_read error : %d/%d\n", eclass, ecode)); - return False; - } - } + DEBUG(5, ("create_krb5_auth_bind_req: creating a service ticket for principal %s\n", + a->service_principal )); - DEBUG(5,("rpc_api_pipe: read header (size:%d)\n", num_read)); + /* Create the ticket for the service principal and return it in a gss-api wrapped blob. */ - if (num_read != RPC_HEADER_LEN+RPC_HDR_RESP_LEN) { - DEBUG(0,("rpc_api_pipe: Error : requested %d bytes, got %d.\n", - RPC_HEADER_LEN+RPC_HDR_RESP_LEN, num_read )); - return False; - } + ret = cli_krb5_get_ticket(a->service_principal, 0, &tkt, + &a->session_key, (uint32)AP_OPTS_MUTUAL_REQUIRED); - /* This call sets the endianness in hps. */ + if (ret) { + DEBUG(1,("create_krb5_auth_bind_req: cli_krb5_get_ticket for principal %s " + "failed with %s\n", + a->service_principal, + error_message(ret) )); - if (!rpc_check_hdr(&hps, &rhdr, &first, &last, &len)) - return False; + data_blob_free(&tkt); + prs_mem_free(auth_data); + return NT_STATUS_INVALID_PARAMETER; + } - /* Ensure the endianness in rdata is set correctly - must be same as hps. */ + /* wrap that up in a nice GSS-API wrapping */ + tkt_wrapped = spnego_gen_krb5_wrap(tkt, TOK_ID_KRB_AP_REQ); - if (hps.bigendian_data != rdata->bigendian_data) { - DEBUG(0,("rpc_api_pipe: Error : Endianness changed from %s to %s\n", - rdata->bigendian_data ? "big" : "little", - hps.bigendian_data ? "big" : "little" )); - return False; - } + data_blob_free(&tkt); - if(!smb_io_rpc_hdr_resp("rpc_hdr_resp", &rhdr_resp, &hps, 0)) { - DEBUG(0,("rpc_api_pipe: Error in unmarshalling RPC_HDR_RESP.\n")); - return False; - } + /* Auth len in the rpc header doesn't include auth_header. */ + if (!prs_copy_data_in(auth_data, (char *)tkt_wrapped.data, tkt_wrapped.length)) { + data_blob_free(&tkt_wrapped); + prs_mem_free(auth_data); + return NT_STATUS_NO_MEMORY; + } - if (first) { - DEBUG(0,("rpc_api_pipe: secondary PDU rpc header has 'first' set !\n")); - return False; - } + DEBUG(5, ("create_krb5_auth_bind_req: Created krb5 GSS blob :\n")); + dump_data(5, (const char *)tkt_wrapped.data, tkt_wrapped.length); - /* - * Now read the rest of the PDU. - */ + data_blob_free(&tkt_wrapped); + return NT_STATUS_OK; +#else + return NT_STATUS_INVALID_PARAMETER; +#endif +} - if (!rpc_read(cli, rdata, len, ¤t_offset)) { - prs_mem_free(rdata); - return False; - } +/******************************************************************* + Creates SPNEGO NTLMSSP auth bind. + ********************************************************************/ + +static NTSTATUS create_spnego_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli, + enum pipe_auth_level auth_level, + RPC_HDR_AUTH *pauth_out, + prs_struct *auth_data) +{ + NTSTATUS nt_status; + DATA_BLOB null_blob = data_blob(NULL, 0); + DATA_BLOB request = data_blob(NULL, 0); + DATA_BLOB spnego_msg = data_blob(NULL, 0); - fragment_start = current_offset - len - RPC_HEADER_LEN - RPC_HDR_RESP_LEN; + /* We may change the pad length before marshalling. */ + init_rpc_hdr_auth(pauth_out, RPC_SPNEGO_AUTH_TYPE, (int)auth_level, 0, 1); - /* - * Verify any authentication footer. - */ + DEBUG(5, ("create_spnego_ntlmssp_auth_rpc_bind_req: Processing NTLMSSP Negotiate\n")); + nt_status = ntlmssp_update(cli->auth.a_u.ntlmssp_state, + null_blob, + &request); - - if(!rpc_auth_pipe(cli, rdata, fragment_start, rhdr.frag_len, - rhdr.auth_len, rhdr.pkt_type, &auth_padding_len)) { - prs_mem_free(rdata); - return False; - } - - if (rhdr.auth_len != 0 ) { - - /* - * Drop the auth footers from the current offset. - * The auth footers consist of the auth_data and the - * preceeding 8 byte auth_header. - * We need this if there are more fragments. - */ - current_offset -= (auth_padding_len + RPC_HDR_AUTH_LEN + rhdr.auth_len); - } + if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + data_blob_free(&request); + prs_mem_free(auth_data); + return nt_status; } - return True; -} + /* Wrap this in SPNEGO. */ + spnego_msg = gen_negTokenInit(OID_NTLMSSP, request); -/******************************************************************* - creates a DCE/RPC bind request + data_blob_free(&request); - - initialises the parse structure. - - dynamically allocates the header data structure - - caller is expected to free the header data structure once used. + /* Auth len in the rpc header doesn't include auth_header. */ + if (!prs_copy_data_in(auth_data, (char *)spnego_msg.data, spnego_msg.length)) { + data_blob_free(&spnego_msg); + prs_mem_free(auth_data); + return NT_STATUS_NO_MEMORY; + } - ********************************************************************/ + DEBUG(5, ("create_spnego_ntlmssp_auth_rpc_bind_req: NTLMSSP Negotiate:\n")); + dump_data(5, (const char *)spnego_msg.data, spnego_msg.length); -static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli, - prs_struct *rpc_out, - uint32 rpc_call_id, - RPC_IFACE *abstract, RPC_IFACE *transfer, - const char *my_name, const char *domain) + data_blob_free(&spnego_msg); + return NT_STATUS_OK; +} + +/******************************************************************* + Creates NTLMSSP auth bind. + ********************************************************************/ + +static NTSTATUS create_ntlmssp_auth_rpc_bind_req( struct rpc_pipe_client *cli, + enum pipe_auth_level auth_level, + RPC_HDR_AUTH *pauth_out, + prs_struct *auth_data) { - RPC_HDR hdr; - RPC_HDR_RB hdr_rb; - RPC_HDR_AUTH hdr_auth; - RPC_CONTEXT rpc_ctx; - int auth_len = 0; - int auth_type, auth_level; - size_t saved_hdr_offset = 0; + NTSTATUS nt_status; + DATA_BLOB null_blob = data_blob(NULL, 0); + DATA_BLOB request = data_blob(NULL, 0); - prs_struct auth_info; - prs_init(&auth_info, RPC_HDR_AUTH_LEN, /* we will need at least this much */ - prs_get_mem_context(rpc_out), MARSHALL); - - if (cli->pipe_auth_flags) { - get_auth_type_level(cli->pipe_auth_flags, &auth_type, &auth_level); - - /* - * Create the auth structs we will marshall. - */ - - init_rpc_hdr_auth(&hdr_auth, auth_type, auth_level, 0x00, 1); - - /* - * Now marshall the data into the temporary parse_struct. - */ - - if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, &auth_info, 0)) { - DEBUG(0,("create_rpc_bind_req: failed to marshall RPC_HDR_AUTH.\n")); - prs_mem_free(&auth_info); - return NT_STATUS_NO_MEMORY; - } - saved_hdr_offset = prs_offset(&auth_info); - } - - if (cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) { + /* We may change the pad length before marshalling. */ + init_rpc_hdr_auth(pauth_out, RPC_NTLMSSP_AUTH_TYPE, (int)auth_level, 0, 1); - NTSTATUS nt_status; - DATA_BLOB null_blob = data_blob(NULL, 0); - DATA_BLOB request; + DEBUG(5, ("create_ntlmssp_auth_rpc_bind_req: Processing NTLMSSP Negotiate\n")); + nt_status = ntlmssp_update(cli->auth.a_u.ntlmssp_state, + null_blob, + &request); - DEBUG(5, ("Processing NTLMSSP Negotiate\n")); - nt_status = ntlmssp_update(cli->ntlmssp_pipe_state, - null_blob, - &request); + if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { + data_blob_free(&request); + prs_mem_free(auth_data); + return nt_status; + } - if (!NT_STATUS_EQUAL(nt_status, - NT_STATUS_MORE_PROCESSING_REQUIRED)) { - prs_mem_free(&auth_info); - return nt_status; - } + /* Auth len in the rpc header doesn't include auth_header. */ + if (!prs_copy_data_in(auth_data, (char *)request.data, request.length)) { + data_blob_free(&request); + prs_mem_free(auth_data); + return NT_STATUS_NO_MEMORY; + } - /* Auth len in the rpc header doesn't include auth_header. */ - auth_len = request.length; - prs_copy_data_in(&auth_info, (char *)request.data, request.length); + DEBUG(5, ("create_ntlmssp_auth_rpc_bind_req: NTLMSSP Negotiate:\n")); + dump_data(5, (const char *)request.data, request.length); - DEBUG(5, ("NTLMSSP Negotiate:\n")); - dump_data(5, (const char *)request.data, request.length); + data_blob_free(&request); + return NT_STATUS_OK; +} - data_blob_free(&request); +/******************************************************************* + Creates schannel auth bind. + ********************************************************************/ - } else if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - RPC_AUTH_NETSEC_NEG netsec_neg; +static NTSTATUS create_schannel_auth_rpc_bind_req( struct rpc_pipe_client *cli, + enum pipe_auth_level auth_level, + RPC_HDR_AUTH *pauth_out, + prs_struct *auth_data) +{ + RPC_AUTH_SCHANNEL_NEG schannel_neg; - /* Use lp_workgroup() if domain not specified */ + /* We may change the pad length before marshalling. */ + init_rpc_hdr_auth(pauth_out, RPC_SCHANNEL_AUTH_TYPE, (int)auth_level, 0, 1); - if (!domain || !domain[0]) { - DEBUG(10,("create_rpc_bind_req: no domain; assuming my own\n")); - domain = lp_workgroup(); - } + /* Use lp_workgroup() if domain not specified */ - init_rpc_auth_netsec_neg(&netsec_neg, domain, my_name); + if (!cli->domain || !cli->domain[0]) { + cli->domain = lp_workgroup(); + } - /* - * Now marshall the data into the temporary parse_struct. - */ + init_rpc_auth_schannel_neg(&schannel_neg, cli->domain, global_myname()); - if(!smb_io_rpc_auth_netsec_neg("netsec_neg", - &netsec_neg, &auth_info, 0)) { - DEBUG(0,("Failed to marshall RPC_AUTH_NETSEC_NEG.\n")); - prs_mem_free(&auth_info); - return NT_STATUS_NO_MEMORY; - } + /* + * Now marshall the data into the auth parse_struct. + */ - /* Auth len in the rpc header doesn't include auth_header. */ - auth_len = prs_offset(&auth_info) - saved_hdr_offset; + if(!smb_io_rpc_auth_schannel_neg("schannel_neg", + &schannel_neg, auth_data, 0)) { + DEBUG(0,("Failed to marshall RPC_AUTH_SCHANNEL_NEG.\n")); + prs_mem_free(auth_data); + return NT_STATUS_NO_MEMORY; } + return NT_STATUS_OK; +} + +/******************************************************************* + Creates the internals of a DCE/RPC bind request or alter context PDU. + ********************************************************************/ + +static NTSTATUS create_bind_or_alt_ctx_internal(uint8 pkt_type, + prs_struct *rpc_out, + uint32 rpc_call_id, + RPC_IFACE *abstract, + RPC_IFACE *transfer, + RPC_HDR_AUTH *phdr_auth, + prs_struct *pauth_info) +{ + RPC_HDR hdr; + RPC_HDR_RB hdr_rb; + RPC_CONTEXT rpc_ctx; + uint16 auth_len = prs_offset(pauth_info); + uint8 ss_padding_len = 0; + uint16 frag_len = 0; + /* create the RPC context. */ - init_rpc_context(&rpc_ctx, 0 /* context id */, - abstract, transfer); + init_rpc_context(&rpc_ctx, 0 /* context id */, abstract, transfer); /* create the bind request RPC_HDR_RB */ - init_rpc_hdr_rb(&hdr_rb, MAX_PDU_FRAG_LEN, MAX_PDU_FRAG_LEN, 0x0, &rpc_ctx); + init_rpc_hdr_rb(&hdr_rb, RPC_MAX_PDU_FRAG_LEN, RPC_MAX_PDU_FRAG_LEN, 0x0, &rpc_ctx); + + /* Start building the frag length. */ + frag_len = RPC_HEADER_LEN + RPC_HDR_RB_LEN(&hdr_rb); + + /* Do we need to pad ? */ + if (auth_len) { + uint16 data_len = RPC_HEADER_LEN + RPC_HDR_RB_LEN(&hdr_rb); + if (data_len % 8) { + ss_padding_len = 8 - (data_len % 8); + phdr_auth->auth_pad_len = ss_padding_len; + } + frag_len += RPC_HDR_AUTH_LEN + auth_len + ss_padding_len; + } /* Create the request RPC_HDR */ - init_rpc_hdr(&hdr, RPC_BIND, 0x3, rpc_call_id, - RPC_HEADER_LEN + RPC_HDR_RB_LEN(&hdr_rb) + prs_offset(&auth_info), - auth_len); + init_rpc_hdr(&hdr, pkt_type, RPC_FLG_FIRST|RPC_FLG_LAST, rpc_call_id, frag_len, auth_len); /* Marshall the RPC header */ if(!smb_io_rpc_hdr("hdr" , &hdr, rpc_out, 0)) { - DEBUG(0,("create_rpc_bind_req: failed to marshall RPC_HDR.\n")); - prs_mem_free(&auth_info); + DEBUG(0,("create_bind_or_alt_ctx_internal: failed to marshall RPC_HDR.\n")); return NT_STATUS_NO_MEMORY; } /* Marshall the bind request data */ if(!smb_io_rpc_hdr_rb("", &hdr_rb, rpc_out, 0)) { - DEBUG(0,("create_rpc_bind_req: failed to marshall RPC_HDR_RB.\n")); - prs_mem_free(&auth_info); + DEBUG(0,("create_bind_or_alt_ctx_internal: failed to marshall RPC_HDR_RB.\n")); return NT_STATUS_NO_MEMORY; } @@ -773,363 +1142,453 @@ static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli, */ if(auth_len != 0) { - if(!prs_append_prs_data( rpc_out, &auth_info)) { - DEBUG(0,("create_rpc_bind_req: failed to grow parse struct to add auth.\n")); - prs_mem_free(&auth_info); + if (ss_padding_len) { + unsigned char pad[8]; + memset(pad, '\0', 8); + if (!prs_copy_data_in(rpc_out, pad, ss_padding_len)) { + DEBUG(0,("create_bind_or_alt_ctx_internal: failed to marshall padding.\n")); + return NT_STATUS_NO_MEMORY; + } + } + + if(!smb_io_rpc_hdr_auth("hdr_auth", phdr_auth, rpc_out, 0)) { + DEBUG(0,("create_bind_or_alt_ctx_internal: failed to marshall RPC_HDR_AUTH.\n")); + return NT_STATUS_NO_MEMORY; + } + + + if(!prs_append_prs_data( rpc_out, pauth_info)) { + DEBUG(0,("create_bind_or_alt_ctx_internal: failed to grow parse struct to add auth.\n")); return NT_STATUS_NO_MEMORY; } } - prs_mem_free(&auth_info); + return NT_STATUS_OK; } /******************************************************************* - Creates a DCE/RPC bind authentication response. - This is the packet that is sent back to the server once we - have received a BIND-ACK, to finish the third leg of - the authentication handshake. + Creates a DCE/RPC bind request. ********************************************************************/ -static NTSTATUS create_rpc_bind_resp(struct rpc_pipe_client *cli, - uint32 rpc_call_id, - prs_struct *rpc_out) +static NTSTATUS create_rpc_bind_req(struct rpc_pipe_client *cli, + prs_struct *rpc_out, + uint32 rpc_call_id, + RPC_IFACE *abstract, RPC_IFACE *transfer, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level) { - NTSTATUS nt_status; - RPC_HDR hdr; RPC_HDR_AUTH hdr_auth; - RPC_HDR_AUTHA hdr_autha; - DATA_BLOB ntlmssp_null_response = data_blob(NULL, 0); - DATA_BLOB ntlmssp_reply; - int auth_type, auth_level; - - /* The response is picked up from the internal cache, - where it was placed by the rpc_auth_pipe() code */ - nt_status = ntlmssp_update(cli->ntlmssp_pipe_state, - ntlmssp_null_response, - &ntlmssp_reply); - - if (!NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { - return nt_status; - } + prs_struct auth_info; + NTSTATUS ret = NT_STATUS_OK; - /* Create the request RPC_HDR */ - init_rpc_hdr(&hdr, RPC_BINDRESP, 0x0, rpc_call_id, - RPC_HEADER_LEN + RPC_HDR_AUTHA_LEN + ntlmssp_reply.length, - ntlmssp_reply.length ); - - /* Marshall it. */ - if(!smb_io_rpc_hdr("hdr", &hdr, rpc_out, 0)) { - DEBUG(0,("create_rpc_bind_resp: failed to marshall RPC_HDR.\n")); - data_blob_free(&ntlmssp_reply); - return NT_STATUS_NO_MEMORY; - } + ZERO_STRUCT(hdr_auth); + prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL); - get_auth_type_level(cli->pipe_auth_flags, &auth_type, &auth_level); - - /* Create the request RPC_HDR_AUTHA */ - init_rpc_hdr_auth(&hdr_auth, auth_type, auth_level, 0, 0x0014a0c0); - init_rpc_hdr_autha(&hdr_autha, MAX_PDU_FRAG_LEN, MAX_PDU_FRAG_LEN, &hdr_auth); + switch (auth_type) { + case PIPE_AUTH_TYPE_SCHANNEL: + ret = create_schannel_auth_rpc_bind_req(cli, auth_level, &hdr_auth, &auth_info); + if (!NT_STATUS_IS_OK(ret)) { + prs_mem_free(&auth_info); + return ret; + } + break; - if(!smb_io_rpc_hdr_autha("hdr_autha", &hdr_autha, rpc_out, 0)) { - DEBUG(0,("create_rpc_bind_resp: failed to marshall RPC_HDR_AUTHA.\n")); - data_blob_free(&ntlmssp_reply); - return NT_STATUS_NO_MEMORY; - } + case PIPE_AUTH_TYPE_NTLMSSP: + ret = create_ntlmssp_auth_rpc_bind_req(cli, auth_level, &hdr_auth, &auth_info); + if (!NT_STATUS_IS_OK(ret)) { + prs_mem_free(&auth_info); + return ret; + } + break; - /* - * Append the auth data to the outgoing buffer. - */ + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + ret = create_spnego_ntlmssp_auth_rpc_bind_req(cli, auth_level, &hdr_auth, &auth_info); + if (!NT_STATUS_IS_OK(ret)) { + prs_mem_free(&auth_info); + return ret; + } + break; - if(!prs_copy_data_in(rpc_out, (char *)ntlmssp_reply.data, ntlmssp_reply.length)) { - DEBUG(0,("create_rpc_bind_req: failed to grow parse struct to add auth.\n")); - data_blob_free(&ntlmssp_reply); - return NT_STATUS_NO_MEMORY; + case PIPE_AUTH_TYPE_KRB5: + ret = create_krb5_auth_bind_req(cli, auth_level, &hdr_auth, &auth_info); + if (!NT_STATUS_IS_OK(ret)) { + prs_mem_free(&auth_info); + return ret; + } + break; + + case PIPE_AUTH_TYPE_NONE: + break; + + default: + /* "Can't" happen. */ + return NT_STATUS_INVALID_INFO_CLASS; } - data_blob_free(&ntlmssp_reply); - return NT_STATUS_OK; -} + ret = create_bind_or_alt_ctx_internal(RPC_BIND, + rpc_out, + rpc_call_id, + abstract, + transfer, + &hdr_auth, + &auth_info); + prs_mem_free(&auth_info); + return ret; +} /******************************************************************* - Creates a DCE/RPC request. + Create and add the NTLMSSP sign/seal auth header and data. ********************************************************************/ -static uint32 create_rpc_request(prs_struct *rpc_out, uint8 op_num, int data_len, int auth_len, uint8 flags, uint32 oldid, uint32 data_left) +static NTSTATUS add_ntlmssp_auth_footer(struct rpc_pipe_client *cli, + RPC_HDR *phdr, + uint32 ss_padding_len, + prs_struct *outgoing_pdu) { - uint32 alloc_hint; - RPC_HDR hdr; - RPC_HDR_REQ hdr_req; - uint32 callid = oldid ? oldid : get_rpc_call_id(); + RPC_HDR_AUTH auth_info; + NTSTATUS status; + DATA_BLOB auth_blob = data_blob(NULL, 0); + uint16 data_and_pad_len = prs_offset(outgoing_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN; - DEBUG(5,("create_rpc_request: opnum: 0x%x data_len: 0x%x\n", op_num, data_len)); + if (!cli->auth.a_u.ntlmssp_state) { + return NT_STATUS_INVALID_PARAMETER; + } - /* create the rpc header RPC_HDR */ - init_rpc_hdr(&hdr, RPC_REQUEST, flags, - callid, data_len, auth_len); + /* Init and marshall the auth header. */ + init_rpc_hdr_auth(&auth_info, + map_pipe_auth_type_to_rpc_auth_type(cli->auth.auth_type), + cli->auth.auth_level, + ss_padding_len, + 1 /* context id. */); - /* - * The alloc hint should be the amount of data, not including - * RPC headers & footers. - */ + if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, outgoing_pdu, 0)) { + DEBUG(0,("add_ntlmssp_auth_footer: failed to marshall RPC_HDR_AUTH.\n")); + data_blob_free(&auth_blob); + return NT_STATUS_NO_MEMORY; + } + + switch (cli->auth.auth_level) { + case PIPE_AUTH_LEVEL_PRIVACY: + /* Data portion is encrypted. */ + status = ntlmssp_seal_packet(cli->auth.a_u.ntlmssp_state, + prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN, + data_and_pad_len, + prs_data_p(outgoing_pdu), + (size_t)prs_offset(outgoing_pdu), + &auth_blob); + if (!NT_STATUS_IS_OK(status)) { + data_blob_free(&auth_blob); + return status; + } + break; + + case PIPE_AUTH_LEVEL_INTEGRITY: + /* Data is signed. */ + status = ntlmssp_sign_packet(cli->auth.a_u.ntlmssp_state, + prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN, + data_and_pad_len, + prs_data_p(outgoing_pdu), + (size_t)prs_offset(outgoing_pdu), + &auth_blob); + if (!NT_STATUS_IS_OK(status)) { + data_blob_free(&auth_blob); + return status; + } + break; + + default: + /* Can't happen. */ + smb_panic("bad auth level"); + /* Notreached. */ + return NT_STATUS_INVALID_PARAMETER; + } - if (auth_len != 0) - alloc_hint = data_len - RPC_HEADER_LEN - RPC_HDR_AUTH_LEN - auth_len; - else - alloc_hint = data_len - RPC_HEADER_LEN; + /* Finally marshall the blob. */ + + if (!prs_copy_data_in(outgoing_pdu, auth_blob.data, NTLMSSP_SIG_SIZE)) { + DEBUG(0,("add_ntlmssp_auth_footer: failed to add %u bytes auth blob.\n", + (unsigned int)NTLMSSP_SIG_SIZE)); + data_blob_free(&auth_blob); + return NT_STATUS_NO_MEMORY; + } + + data_blob_free(&auth_blob); + return NT_STATUS_OK; +} - DEBUG(10,("create_rpc_request: data_len: %x auth_len: %x alloc_hint: %x\n", - data_len, auth_len, alloc_hint)); +/******************************************************************* + Create and add the schannel sign/seal auth header and data. + ********************************************************************/ - /* Create the rpc request RPC_HDR_REQ */ - init_rpc_hdr_req(&hdr_req, alloc_hint, op_num); +static NTSTATUS add_schannel_auth_footer(struct rpc_pipe_client *cli, + RPC_HDR *phdr, + uint32 ss_padding_len, + prs_struct *outgoing_pdu) +{ + RPC_HDR_AUTH auth_info; + RPC_AUTH_SCHANNEL_CHK verf; + struct schannel_auth_struct *sas = cli->auth.a_u.schannel_auth; + char *data_p = prs_data_p(outgoing_pdu) + RPC_HEADER_LEN + RPC_HDR_RESP_LEN; + size_t data_and_pad_len = prs_offset(outgoing_pdu) - RPC_HEADER_LEN - RPC_HDR_RESP_LEN; + + if (!sas) { + return NT_STATUS_INVALID_PARAMETER; + } - /* stream-time... */ - if(!smb_io_rpc_hdr("hdr ", &hdr, rpc_out, 0)) - return 0; + /* Init and marshall the auth header. */ + init_rpc_hdr_auth(&auth_info, + map_pipe_auth_type_to_rpc_auth_type(cli->auth.auth_type), + cli->auth.auth_level, + ss_padding_len, + 1 /* context id. */); - if(!smb_io_rpc_hdr_req("hdr_req", &hdr_req, rpc_out, 0)) - return 0; + if(!smb_io_rpc_hdr_auth("hdr_auth", &auth_info, outgoing_pdu, 0)) { + DEBUG(0,("add_schannel_auth_footer: failed to marshall RPC_HDR_AUTH.\n")); + return NT_STATUS_NO_MEMORY; + } - if (prs_offset(rpc_out) != RPC_HEADER_LEN + RPC_HDR_REQ_LEN) - return 0; + switch (cli->auth.auth_level) { + case PIPE_AUTH_LEVEL_PRIVACY: + case PIPE_AUTH_LEVEL_INTEGRITY: + DEBUG(10,("add_schannel_auth_footer: SCHANNEL seq_num=%d\n", + sas->seq_num)); + + schannel_encode(sas, + cli->auth.auth_level, + SENDER_IS_INITIATOR, + &verf, + data_p, + data_and_pad_len); + + sas->seq_num++; + break; + + default: + /* Can't happen. */ + smb_panic("bad auth level"); + /* Notreached. */ + return NT_STATUS_INVALID_PARAMETER; + } - return callid; + /* Finally marshall the blob. */ + smb_io_rpc_auth_schannel_chk("", + RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN, + &verf, + outgoing_pdu, + 0); + + return NT_STATUS_OK; } /******************************************************************* - Puts an auth header into an rpc request. + Calculate how much data we're going to send in this packet, also + work out any sign/seal padding length. ********************************************************************/ -static BOOL create_auth_hdr(prs_struct *outgoing_packet, - int auth_type, - int auth_level, int padding) +static uint32 calculate_data_len_tosend(struct rpc_pipe_client *cli, + uint32 data_left, + uint16 *p_frag_len, + uint16 *p_auth_len, + uint32 *p_ss_padding) { - RPC_HDR_AUTH hdr_auth; + uint32 data_space, data_len; + + switch (cli->auth.auth_level) { + case PIPE_AUTH_LEVEL_NONE: + case PIPE_AUTH_LEVEL_CONNECT: + data_space = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN; + data_len = MIN(data_space, data_left); + *p_ss_padding = 0; + *p_auth_len = 0; + *p_frag_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + data_len; + return data_len; + + case PIPE_AUTH_LEVEL_INTEGRITY: + case PIPE_AUTH_LEVEL_PRIVACY: + /* Treat the same for all authenticated rpc requests. */ + switch(cli->auth.auth_type) { + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + case PIPE_AUTH_TYPE_NTLMSSP: + *p_auth_len = NTLMSSP_SIG_SIZE; + break; + case PIPE_AUTH_TYPE_SCHANNEL: + *p_auth_len = RPC_AUTH_SCHANNEL_SIGN_OR_SEAL_CHK_LEN; + break; + default: + smb_panic("bad auth type"); + break; + } - init_rpc_hdr_auth(&hdr_auth, auth_type, auth_level, - padding, 1); - if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, - outgoing_packet, 0)) { - DEBUG(0,("create_auth_hdr:Failed to marshal RPC_HDR_AUTH.\n")); - return False; + data_space = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN - + RPC_HDR_AUTH_LEN - *p_auth_len; + + data_len = MIN(data_space, data_left); + if (data_len % 8) { + *p_ss_padding = 8 - (data_len % 8); + } + *p_frag_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + /* Normal headers. */ + data_len + *p_ss_padding + /* data plus padding. */ + RPC_HDR_AUTH_LEN + *p_auth_len; /* Auth header and auth data. */ + return data_len; + + default: + smb_panic("bad auth level"); + /* Notreached. */ + return 0; } - return True; } -/** - * Send a request on an RPC pipe and get a response. - * - * @param data NDR contents of the request to be sent. - * @param rdata Unparsed NDR response data. -**/ +/******************************************************************* + External interface. + Does an rpc request on a pipe. Incoming data is NDR encoded in in_data. + Reply is NDR encoded in out_data. Splits the data stream into RPC PDU's + and deals with signing/sealing details. + ********************************************************************/ -BOOL rpc_api_pipe_req_int(struct rpc_pipe_client *cli, uint8 op_num, - prs_struct *data, prs_struct *rdata) +NTSTATUS rpc_api_pipe_req(struct rpc_pipe_client *cli, + uint8 op_num, + prs_struct *in_data, + prs_struct *out_data) { - uint32 auth_len, real_auth_len, auth_hdr_len, max_data, data_left, data_sent; - NTSTATUS nt_status; - BOOL ret = False; - uint32 callid = 0; - fstring dump_name; - - auth_len = 0; - real_auth_len = 0; - auth_hdr_len = 0; + NTSTATUS ret; + uint32 data_left = prs_offset(in_data); + uint32 alloc_hint = prs_offset(in_data); + uint32 data_sent_thistime = 0; + uint32 current_data_offset = 0; + uint32 call_id = get_rpc_call_id(); + char pad[8]; + prs_struct outgoing_pdu; + + memset(pad, '\0', 8); + + if (cli->max_xmit_frag < RPC_HEADER_LEN + RPC_HDR_REQ_LEN + RPC_MAX_SIGN_SIZE) { + /* Server is screwed up ! */ + return NT_STATUS_INVALID_PARAMETER; + } - if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - if (cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) { - auth_len = RPC_AUTH_NTLMSSP_CHK_LEN; - } - if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - auth_len = RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN; - } - auth_hdr_len = RPC_HDR_AUTH_LEN; + if (data_left == 0) { + /* Caller is screwed up ! */ + return NT_STATUS_INVALID_PARAMETER; } - /* - * calc how much actual data we can send in a PDU fragment - */ - max_data = cli->max_xmit_frag - RPC_HEADER_LEN - RPC_HDR_REQ_LEN - - auth_hdr_len - auth_len - 8; - - for (data_left = prs_offset(data), data_sent = 0; data_left > 0;) { - prs_struct outgoing_packet; - prs_struct sec_blob; - uint32 data_len, send_size; + prs_init(&outgoing_pdu, cli->max_xmit_frag, prs_get_mem_context(in_data), MARSHALL); + + while (1) { + RPC_HDR hdr; + RPC_HDR_REQ hdr_req; + uint16 auth_len = 0; + uint16 frag_len = 0; uint8 flags = 0; - uint32 auth_padding = 0; - DATA_BLOB sign_blob; + uint32 ss_padding = 0; - /* - * how much will we send this time - */ - send_size = MIN(data_left, max_data); + data_sent_thistime = calculate_data_len_tosend(cli, data_left, + &frag_len, &auth_len, &ss_padding); - if (!prs_init(&sec_blob, send_size, /* will need at least this much */ - cli->cli->mem_ctx, MARSHALL)) { - DEBUG(0,("Could not malloc %u bytes", - send_size+auth_padding)); - return False; + if (current_data_offset == 0) { + flags = RPC_FLG_FIRST; } - if(!prs_append_some_prs_data(&sec_blob, data, - data_sent, send_size)) { - DEBUG(0,("Failed to append data to netsec blob\n")); - prs_mem_free(&sec_blob); - return False; + if (data_sent_thistime == data_left) { + flags |= RPC_FLG_LAST; } - /* - * NT expects the data that is sealed to be 8-byte - * aligned. The padding must be encrypted as well and - * taken into account when generating the - * authentication verifier. The amount of padding must - * be stored in the auth header. - */ + /* Create and marshall the header and request header. */ + init_rpc_hdr(&hdr, RPC_REQUEST, flags, call_id, frag_len, auth_len); - if (cli->pipe_auth_flags) { - size_t data_and_padding_size; - int auth_type; - int auth_level; - prs_align_uint64(&sec_blob); + if(!smb_io_rpc_hdr("hdr ", &hdr, &outgoing_pdu, 0)) { + prs_mem_free(&outgoing_pdu); + return NT_STATUS_NO_MEMORY; + } - get_auth_type_level(cli->pipe_auth_flags, &auth_type, &auth_level); + /* Create the rpc request RPC_HDR_REQ */ + init_rpc_hdr_req(&hdr_req, alloc_hint, op_num); + + if(!smb_io_rpc_hdr_req("hdr_req", &hdr_req, &outgoing_pdu, 0)) { + prs_mem_free(&outgoing_pdu); + return NT_STATUS_NO_MEMORY; + } - data_and_padding_size = prs_offset(&sec_blob); - auth_padding = data_and_padding_size - send_size; + /* Copy in the data, plus any ss padding. */ + if (!prs_append_some_prs_data(&outgoing_pdu, in_data, current_data_offset, data_sent_thistime)) { + prs_mem_free(&outgoing_pdu); + return NT_STATUS_NO_MEMORY; + } - /* insert the auth header */ - - if(!create_auth_hdr(&sec_blob, auth_type, auth_level, auth_padding)) { - prs_mem_free(&sec_blob); - return False; + /* Copy the sign/seal padding data. */ + if (ss_padding) { + if (!prs_copy_data_in(&outgoing_pdu, pad, ss_padding)) { + prs_mem_free(&outgoing_pdu); + return NT_STATUS_NO_MEMORY; } - - /* create an NTLMSSP signature */ - if (cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) { - /* - * Seal the outgoing data if requested. - */ - if (cli->pipe_auth_flags & AUTH_PIPE_SEAL) { - - nt_status = ntlmssp_seal_packet(cli->ntlmssp_pipe_state, - (unsigned char*)prs_data_p(&sec_blob), - data_and_padding_size, - &sign_blob); - if (!NT_STATUS_IS_OK(nt_status)) { - prs_mem_free(&sec_blob); - return False; + } + + /* Generate any auth sign/seal and add the auth footer. */ + if (auth_len) { + switch (cli->auth.auth_type) { + case PIPE_AUTH_TYPE_NONE: + break; + case PIPE_AUTH_TYPE_NTLMSSP: + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + ret = add_ntlmssp_auth_footer(cli, &hdr, ss_padding, &outgoing_pdu); + if (!NT_STATUS_IS_OK(ret)) { + prs_mem_free(&outgoing_pdu); + return ret; } - } - else if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - - nt_status = ntlmssp_sign_packet(cli->ntlmssp_pipe_state, - (unsigned char*)prs_data_p(&sec_blob), - data_and_padding_size, &sign_blob); - if (!NT_STATUS_IS_OK(nt_status)) { - prs_mem_free(&sec_blob); - return False; + break; + case PIPE_AUTH_TYPE_SCHANNEL: + ret = add_schannel_auth_footer(cli, &hdr, ss_padding, &outgoing_pdu); + if (!NT_STATUS_IS_OK(ret)) { + prs_mem_free(&outgoing_pdu); + return ret; } - } - - - /* write auth footer onto the packet */ - real_auth_len = sign_blob.length; - - prs_copy_data_in(&sec_blob, (char *)sign_blob.data, sign_blob.length); - data_blob_free(&sign_blob); - - } - else if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - size_t parse_offset_marker; - RPC_AUTH_NETSEC_CHK verf; - DEBUG(10,("SCHANNEL seq_num=%d\n", cli->auth_info.seq_num)); - - netsec_encode(&cli->auth_info, - cli->pipe_auth_flags, - SENDER_IS_INITIATOR, - &verf, - prs_data_p(&sec_blob), - data_and_padding_size); - - cli->auth_info.seq_num++; - - /* write auth footer onto the packet */ - - parse_offset_marker = prs_offset(&sec_blob); - if (!smb_io_rpc_auth_netsec_chk("", RPC_AUTH_NETSEC_SIGN_OR_SEAL_CHK_LEN, - &verf, &sec_blob, 0)) - { - prs_mem_free(&sec_blob); - return False; - } - real_auth_len = prs_offset(&sec_blob) - parse_offset_marker; + break; + default: + smb_panic("bad auth type"); + break; /* notreached */ } } - data_len = RPC_HEADER_LEN + RPC_HDR_REQ_LEN + prs_offset(&sec_blob); + /* Actually send the packet. */ + if (flags & RPC_FLG_LAST) { + /* Last packet - send the data, get the reply and return. */ + ret = rpc_api_pipe(cli, &outgoing_pdu, out_data, RPC_RESPONSE); + prs_mem_free(&outgoing_pdu); - /* - * Malloc parse struct to hold it (and enough for alignments). - */ - if(!prs_init(&outgoing_packet, data_len + 8, - cli->cli->mem_ctx, MARSHALL)) { - DEBUG(0,("rpc_api_pipe_req: Failed to malloc %u bytes.\n", (unsigned int)data_len )); - return False; - } - - if (data_left == prs_offset(data)) - flags |= RPC_FLG_FIRST; + + if (DEBUGLEVEL >= 50) { + pstring dump_name; + /* Also capture received data */ + slprintf(dump_name, sizeof(dump_name) - 1, "%s/reply_%s_%d", + dyn_LOGFILEBASE, cli->pipe_name, op_num); + prs_dump(dump_name, op_num, out_data); + } - if (data_left <= max_data) - flags |= RPC_FLG_LAST; - /* - * Write out the RPC header and the request header. - */ - if(!(callid = create_rpc_request(&outgoing_packet, op_num, - data_len, real_auth_len, flags, - callid, data_left))) { - DEBUG(0,("rpc_api_pipe_req: Failed to create RPC request.\n")); - prs_mem_free(&outgoing_packet); - prs_mem_free(&sec_blob); - return False; + return ret; + } else { + /* More packets to come - write and continue. */ + ssize_t num_written = cli_write(cli->cli, cli->fnum, 8, /* 8 means message mode. */ + prs_data_p(&outgoing_pdu), + (off_t)0, + (size_t)hdr.frag_len); + + if (num_written != hdr.frag_len) { + prs_mem_free(&outgoing_pdu); + return cli_get_nt_error(cli->cli); + } } - prs_append_prs_data(&outgoing_packet, &sec_blob); - prs_mem_free(&sec_blob); - - DEBUG(100,("data_len: %x data_calc_len: %x\n", data_len, - prs_offset(&outgoing_packet))); - - if (flags & RPC_FLG_LAST) - ret = rpc_api_pipe(cli, &outgoing_packet, - rdata, RPC_RESPONSE); - else { - cli_write(cli->cli, cli->fnum, 0x0008, - prs_data_p(&outgoing_packet), - data_sent, data_len); + current_data_offset += data_sent_thistime; + data_left -= data_sent_thistime; + + /* Reset the marshalling position back to zero. */ + if (!prs_set_offset(&outgoing_pdu, 0)) { + prs_mem_free(&outgoing_pdu); + return NT_STATUS_NO_MEMORY; } - prs_mem_free(&outgoing_packet); - data_sent += send_size; - data_left -= send_size; } - /* Also capture received data */ - slprintf(dump_name, sizeof(dump_name) - 1, "reply_%s", - cli_pipe_get_name(cli->cli)); - prs_dump(dump_name, op_num, rdata); - - return ret; -} - -BOOL rpc_api_pipe_req(struct cli_state *cli, int pipe_idx, uint8 op_num, - prs_struct *data, prs_struct *rdata) -{ - return rpc_api_pipe_req_int(&cli->pipes[pipe_idx], op_num, - data, rdata); } - - +#if 0 /**************************************************************************** Set the handle state. ****************************************************************************/ @@ -1174,56 +1633,10 @@ static BOOL rpc_pipe_set_hnd_state(struct rpc_pipe_client *cli, return state_set; } +#endif /**************************************************************************** - check the rpc bind acknowledge response -****************************************************************************/ - -int get_pipe_index( const char *pipe_name ) -{ - int pipe_idx = 0; - - while (pipe_names[pipe_idx].client_pipe != NULL) { - if (strequal(pipe_name, pipe_names[pipe_idx].client_pipe )) - return pipe_idx; - pipe_idx++; - }; - - return -1; -} - - -/**************************************************************************** - check the rpc bind acknowledge response -****************************************************************************/ - -const char* get_pipe_name_from_index( const int pipe_index ) -{ - - if ( (pipe_index < 0) || (pipe_index >= PI_MAX_PIPES) ) - return NULL; - - return pipe_names[pipe_index].client_pipe; -} - -/**************************************************************************** - Check to see if this pipe index points to one of - the pipes only supported by Win2k - ****************************************************************************/ - -BOOL is_win2k_pipe( const int pipe_idx ) -{ - switch ( pipe_idx ) - { - case PI_LSARPC_DS: - return True; - } - - return False; -} - -/**************************************************************************** - check the rpc bind acknowledge response + Check the rpc bind acknowledge response. ****************************************************************************/ static BOOL valid_pipe_name(const int pipe_idx, RPC_IFACE *abstract, RPC_IFACE *transfer) @@ -1235,10 +1648,10 @@ static BOOL valid_pipe_name(const int pipe_idx, RPC_IFACE *abstract, RPC_IFACE * } DEBUG(5,("Bind Abstract Syntax: ")); - dump_data(5, (char*)&(pipe_names[pipe_idx].abstr_syntax), + dump_data(5, (char*)&pipe_names[pipe_idx].abstr_syntax, sizeof(pipe_names[pipe_idx].abstr_syntax)); DEBUG(5,("Bind Transfer Syntax: ")); - dump_data(5, (char*)&(pipe_names[pipe_idx].trans_syntax), + dump_data(5, (char*)&pipe_names[pipe_idx].trans_syntax, sizeof(pipe_names[pipe_idx].trans_syntax)); /* copy the required syntaxes out so we can do the right bind */ @@ -1250,7 +1663,7 @@ static BOOL valid_pipe_name(const int pipe_idx, RPC_IFACE *abstract, RPC_IFACE * } /**************************************************************************** - check the rpc bind acknowledge response + Check the rpc bind acknowledge response. ****************************************************************************/ static BOOL check_bind_response(RPC_HDR_BA *hdr_ba, const int pipe_idx, RPC_IFACE *transfer) @@ -1259,7 +1672,6 @@ static BOOL check_bind_response(RPC_HDR_BA *hdr_ba, const int pipe_idx, RPC_IFAC DEBUG(4,("Ignoring length check -- ASU bug (server didn't fill in the pipe name correctly)")); } - # if 0 /* JERRY -- apparently ASU forgets to fill in the server pipe name sometimes */ if ( !strequal(hdr_ba->addr.str, pipe_names[pipe_idx].client_pipe) && !strequal(hdr_ba->addr.str, pipe_names[pipe_idx].server_pipe) ) @@ -1284,396 +1696,500 @@ static BOOL check_bind_response(RPC_HDR_BA *hdr_ba, const int pipe_idx, RPC_IFAC return False; } - /* lkclXXXX only accept one result: check the result(s) */ if (hdr_ba->res.num_results != 0x1 || hdr_ba->res.result != 0) { DEBUG(2,("bind_rpc_pipe: bind denied results: %d reason: %x\n", hdr_ba->res.num_results, hdr_ba->res.reason)); } - DEBUG(5,("bind_rpc_pipe: accepted!\n")); + DEBUG(5,("check_bind_response: accepted!\n")); return True; } -/**************************************************************************** - Create and send the third packet in an RPC auth. -****************************************************************************/ +/******************************************************************* + Creates a DCE/RPC bind authentication response. + This is the packet that is sent back to the server once we + have received a BIND-ACK, to finish the third leg of + the authentication handshake. + ********************************************************************/ -static BOOL rpc_send_auth_reply(struct rpc_pipe_client *cli, - prs_struct *rdata, uint32 rpc_call_id) +static NTSTATUS create_rpc_bind_auth3(struct rpc_pipe_client *cli, + uint32 rpc_call_id, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level, + DATA_BLOB *pauth_blob, + prs_struct *rpc_out) { - prs_struct rpc_out; - ssize_t ret; + RPC_HDR hdr; + RPC_HDR_AUTH hdr_auth; + uint32 pad = 0; + + /* Create the request RPC_HDR */ + init_rpc_hdr(&hdr, RPC_AUTH3, RPC_FLG_FIRST|RPC_FLG_LAST, rpc_call_id, + RPC_HEADER_LEN + 4 /* pad */ + RPC_HDR_AUTH_LEN + pauth_blob->length, + pauth_blob->length ); + + /* Marshall it. */ + if(!smb_io_rpc_hdr("hdr", &hdr, rpc_out, 0)) { + DEBUG(0,("create_rpc_bind_auth3: failed to marshall RPC_HDR.\n")); + return NT_STATUS_NO_MEMORY; + } - prs_init(&rpc_out, RPC_HEADER_LEN + RPC_HDR_AUTHA_LEN, /* need at least this much */ - cli->cli->mem_ctx, MARSHALL); + /* + I'm puzzled about this - seems to violate the DCE RPC auth rules, + about padding - shouldn't this pad to length 8 ? JRA. + */ - if (!NT_STATUS_IS_OK(create_rpc_bind_resp(cli, rpc_call_id, - &rpc_out))) { - return False; + /* 4 bytes padding. */ + if (!prs_uint32("pad", rpc_out, 0, &pad)) { + DEBUG(0,("create_rpc_bind_auth3: failed to marshall 4 byte pad.\n")); + return NT_STATUS_NO_MEMORY; } - if ((ret = cli_write(cli->cli, cli->fnum, 0x8, prs_data_p(&rpc_out), - 0, (size_t)prs_offset(&rpc_out))) != (ssize_t)prs_offset(&rpc_out)) { - DEBUG(0,("rpc_send_auth_reply: cli_write failed. Return was %d\n", (int)ret)); - prs_mem_free(&rpc_out); - return False; + /* Create the request RPC_HDR_AUTHA */ + init_rpc_hdr_auth(&hdr_auth, + map_pipe_auth_type_to_rpc_auth_type(auth_type), + auth_level, 0, 1); + + if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rpc_out, 0)) { + DEBUG(0,("create_rpc_bind_auth3: failed to marshall RPC_HDR_AUTHA.\n")); + return NT_STATUS_NO_MEMORY; } - prs_mem_free(&rpc_out); - return True; + /* + * Append the auth data to the outgoing buffer. + */ + + if(!prs_copy_data_in(rpc_out, (char *)pauth_blob->data, pauth_blob->length)) { + DEBUG(0,("create_rpc_bind_auth3: failed to marshall auth blob.\n")); + return NT_STATUS_NO_MEMORY; + } + + return NT_STATUS_OK; } /**************************************************************************** - Do an rpc bind. + Create and send the third packet in an RPC auth. ****************************************************************************/ -static BOOL rpc_pipe_bind(struct rpc_pipe_client *cli) +static NTSTATUS rpc_finish_auth3_bind(struct rpc_pipe_client *cli, + RPC_HDR *phdr, + prs_struct *rbuf, + uint32 rpc_call_id, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level) { - RPC_IFACE abstract; - RPC_IFACE transfer; + DATA_BLOB server_response = data_blob(NULL,0); + DATA_BLOB client_reply = data_blob(NULL,0); + RPC_HDR_AUTH hdr_auth; + NTSTATUS nt_status; prs_struct rpc_out; - prs_struct rdata; - uint32 rpc_call_id; - char buffer[MAX_PDU_FRAG_LEN]; + ssize_t ret; - if ( (cli->pipe_idx < 0) || (cli->pipe_idx >= PI_MAX_PIPES) ) - return False; + if (!phdr->auth_len || (phdr->frag_len < phdr->auth_len + RPC_HDR_AUTH_LEN)) { + return NT_STATUS_INVALID_PARAMETER; + } - DEBUG(5,("Bind RPC Pipe[%x]: %s\n", cli->fnum, - pipe_names[cli->pipe_idx].client_pipe)); + /* Process the returned NTLMSSP blob first. */ + if (!prs_set_offset(rbuf, phdr->frag_len - phdr->auth_len - RPC_HDR_AUTH_LEN)) { + return NT_STATUS_INVALID_PARAMETER; + } - if (!valid_pipe_name(cli->pipe_idx, &abstract, &transfer)) - return False; + if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rbuf, 0)) { + return NT_STATUS_INVALID_PARAMETER; + } - prs_init(&rpc_out, 0, cli->cli->mem_ctx, MARSHALL); + /* TODO - check auth_type/auth_level match. */ - /* - * Use the MAX_PDU_FRAG_LEN buffer to store the bind request. - */ + server_response = data_blob(NULL, phdr->auth_len); + prs_copy_data_out((char *)server_response.data, rbuf, phdr->auth_len); + + nt_status = ntlmssp_update(cli->auth.a_u.ntlmssp_state, + server_response, + &client_reply); + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(0,("rpc_finish_auth3_bind: NTLMSSP update using server blob failed.\n")); + return nt_status; + } - prs_give_memory( &rpc_out, buffer, sizeof(buffer), False); + prs_init(&rpc_out, 0, prs_get_mem_context(rbuf), MARSHALL); - rpc_call_id = get_rpc_call_id(); + nt_status = create_rpc_bind_auth3(cli, rpc_call_id, + auth_type, auth_level, + &client_reply, &rpc_out); - if (cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) { - NTSTATUS nt_status; - fstring password; + if (!NT_STATUS_IS_OK(nt_status)) { + prs_mem_free(&rpc_out); + data_blob_free(&client_reply); + data_blob_free(&server_response); + return nt_status; + } - DEBUG(5, ("NTLMSSP authenticated pipe selected\n")); + /* 8 here is named pipe message mode. */ + ret = cli_write(cli->cli, cli->fnum, 0x8, prs_data_p(&rpc_out), 0, + (size_t)prs_offset(&rpc_out)); - nt_status = ntlmssp_client_start(&cli->ntlmssp_pipe_state); - - if (!NT_STATUS_IS_OK(nt_status)) - return False; + if (ret != (ssize_t)prs_offset(&rpc_out)) { + DEBUG(0,("rpc_send_auth_auth3: cli_write failed. Return was %d\n", (int)ret)); + prs_mem_free(&rpc_out); + data_blob_free(&client_reply); + data_blob_free(&server_response); + return cli_get_nt_error(cli->cli); + } - /* Currently the NTLMSSP code does not implement NTLM2 correctly for signing or sealing */ + DEBUG(5,("rpc_send_auth_auth3: Remote machine %s pipe %s " + "fnum 0x%x sent auth3 response ok.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); - cli->ntlmssp_pipe_state->neg_flags &= ~NTLMSSP_NEGOTIATE_NTLM2; + prs_mem_free(&rpc_out); + data_blob_free(&client_reply); + data_blob_free(&server_response); + return NT_STATUS_OK; +} - nt_status = ntlmssp_set_username(cli->ntlmssp_pipe_state, - cli->user_name); - if (!NT_STATUS_IS_OK(nt_status)) - return False; +/******************************************************************* + Creates a DCE/RPC bind alter context authentication request which + may contain a spnego auth blobl + ********************************************************************/ - nt_status = ntlmssp_set_domain(cli->ntlmssp_pipe_state, - cli->domain); - if (!NT_STATUS_IS_OK(nt_status)) - return False; +static NTSTATUS create_rpc_alter_context(uint32 rpc_call_id, + RPC_IFACE *abstract, + RPC_IFACE *transfer, + enum pipe_auth_level auth_level, + const DATA_BLOB *pauth_blob, /* spnego auth blob already created. */ + prs_struct *rpc_out) +{ + RPC_HDR_AUTH hdr_auth; + prs_struct auth_info; + NTSTATUS ret = NT_STATUS_OK; - if (cli->pwd.null_pwd) { - nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state, - NULL); - if (!NT_STATUS_IS_OK(nt_status)) - return False; - } else { - pwd_get_cleartext(&cli->pwd, password); - nt_status = ntlmssp_set_password(cli->ntlmssp_pipe_state, - password); - if (!NT_STATUS_IS_OK(nt_status)) - return False; - } + ZERO_STRUCT(hdr_auth); + prs_init(&auth_info, RPC_HDR_AUTH_LEN, prs_get_mem_context(rpc_out), MARSHALL); - if (cli->pipe_auth_flags & AUTH_PIPE_SIGN) { - cli->ntlmssp_pipe_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; - } + /* We may change the pad length before marshalling. */ + init_rpc_hdr_auth(&hdr_auth, RPC_SPNEGO_AUTH_TYPE, (int)auth_level, 0, 1); - if (cli->pipe_auth_flags & AUTH_PIPE_SEAL) { - cli->ntlmssp_pipe_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL; + if (pauth_blob->length) { + if (!prs_copy_data_in(&auth_info, (const char *)pauth_blob->data, pauth_blob->length)) { + prs_mem_free(&auth_info); + return NT_STATUS_NO_MEMORY; } - } else if (cli->pipe_auth_flags & AUTH_PIPE_NETSEC) { - cli->auth_info.seq_num = 0; } - /* Marshall the outgoing data. */ - create_rpc_bind_req(cli, &rpc_out, rpc_call_id, - &abstract, &transfer, - global_myname(), cli->domain); - - /* Initialize the incoming data struct. */ - prs_init(&rdata, 0, cli->cli->mem_ctx, UNMARSHALL); - - /* send data on \PIPE\. receive a response */ - if (rpc_api_pipe(cli, &rpc_out, &rdata, RPC_BINDACK)) { - RPC_HDR_BA hdr_ba; - - DEBUG(5, ("rpc_pipe_bind: rpc_api_pipe returned OK.\n")); - - if(!smb_io_rpc_hdr_ba("", &hdr_ba, &rdata, 0)) { - DEBUG(0,("rpc_pipe_bind: Failed to unmarshall RPC_HDR_BA.\n")); - prs_mem_free(&rdata); - return False; - } + ret = create_bind_or_alt_ctx_internal(RPC_ALTCONT, + rpc_out, + rpc_call_id, + abstract, + transfer, + &hdr_auth, + &auth_info); + prs_mem_free(&auth_info); + return ret; +} - if(!check_bind_response(&hdr_ba, cli->pipe_idx, &transfer)) { - DEBUG(2,("rpc_pipe_bind: check_bind_response failed.\n")); - prs_mem_free(&rdata); - return False; - } +/******************************************************************* + Third leg of the SPNEGO bind mechanism - sends alter context PDU + and gets a response. + ********************************************************************/ - cli->max_xmit_frag = hdr_ba.bba.max_tsize; - cli->max_recv_frag = hdr_ba.bba.max_rsize; +static NTSTATUS rpc_finish_spnego_ntlmssp_bind(struct rpc_pipe_client *cli, + RPC_HDR *phdr, + prs_struct *rbuf, + uint32 rpc_call_id, + RPC_IFACE *abstract, + RPC_IFACE *transfer, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level) +{ + DATA_BLOB server_spnego_response = data_blob(NULL,0); + DATA_BLOB server_ntlm_response = data_blob(NULL,0); + DATA_BLOB client_reply = data_blob(NULL,0); + DATA_BLOB tmp_blob = data_blob(NULL, 0); + RPC_HDR_AUTH hdr_auth; + NTSTATUS nt_status; + prs_struct rpc_out; - /* - * If we're doing NTLMSSP auth we need to send a reply to - * the bind-ack to complete the 3-way challenge response - * handshake. - */ + if (!phdr->auth_len || (phdr->frag_len < phdr->auth_len + RPC_HDR_AUTH_LEN)) { + return NT_STATUS_INVALID_PARAMETER; + } - if ((cli->pipe_auth_flags & AUTH_PIPE_NTLMSSP) - && !rpc_send_auth_reply(cli, &rdata, rpc_call_id)) { - DEBUG(0,("rpc_pipe_bind: rpc_send_auth_reply failed.\n")); - prs_mem_free(&rdata); - return False; - } - prs_mem_free(&rdata); - return True; + /* Process the returned NTLMSSP blob first. */ + if (!prs_set_offset(rbuf, phdr->frag_len - phdr->auth_len - RPC_HDR_AUTH_LEN)) { + return NT_STATUS_INVALID_PARAMETER; } - return False; -} + if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rbuf, 0)) { + return NT_STATUS_INVALID_PARAMETER; + } -/**************************************************************************** - Open a session. - ****************************************************************************/ + server_spnego_response = data_blob(NULL, phdr->auth_len); + prs_copy_data_out((char *)server_spnego_response.data, rbuf, phdr->auth_len); + + /* The server might give us back two challenges - tmp_blob is for the second. */ + if (!spnego_parse_challenge(server_spnego_response, &server_ntlm_response, &tmp_blob)) { + data_blob_free(&server_spnego_response); + data_blob_free(&server_ntlm_response); + data_blob_free(&tmp_blob); + return NT_STATUS_INVALID_PARAMETER; + } -BOOL cli_nt_session_open(struct cli_state *cli, const int pipe_idx) -{ - int fnum; - struct rpc_pipe_client *cli_pipe; + /* We're finished with the server spnego response and the tmp_blob. */ + data_blob_free(&server_spnego_response); + data_blob_free(&tmp_blob); - SMB_ASSERT(cli->pipes[pipe_idx].fnum == 0); + nt_status = ntlmssp_update(cli->auth.a_u.ntlmssp_state, + server_ntlm_response, + &client_reply); - /* The pipe index must fall within our array */ + /* Finished with the server_ntlm response */ + data_blob_free(&server_ntlm_response); - SMB_ASSERT((pipe_idx >= 0) && (pipe_idx < PI_MAX_PIPES)); + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(0,("rpc_finish_spnego_ntlmssp_bind: NTLMSSP update using server blob failed.\n")); + data_blob_free(&client_reply); + return nt_status; + } - if (cli->capabilities & CAP_NT_SMBS) { - if ((fnum = cli_nt_create(cli, &pipe_names[pipe_idx].client_pipe[5], DESIRED_ACCESS_PIPE)) == -1) { - DEBUG(0,("cli_nt_session_open: cli_nt_create failed on pipe %s to machine %s. Error was %s\n", - &pipe_names[pipe_idx].client_pipe[5], cli->desthost, cli_errstr(cli))); - return False; - } + /* SPNEGO wrap the client reply. */ + tmp_blob = spnego_gen_auth(client_reply); + data_blob_free(&client_reply); + client_reply = tmp_blob; + tmp_blob = data_blob(NULL,0); /* Ensure it's safe to free this just in case. */ - cli->pipes[pipe_idx].fnum = (uint16)fnum; - } else { - if ((fnum = cli_open(cli, pipe_names[pipe_idx].client_pipe, O_CREAT|O_RDWR, DENY_NONE)) == -1) { - DEBUG(1,("cli_nt_session_open: cli_open failed on pipe %s to machine %s. Error was %s\n", - pipe_names[pipe_idx].client_pipe, cli->desthost, cli_errstr(cli))); - return False; - } + /* Now prepare the alter context pdu. */ + prs_init(&rpc_out, 0, prs_get_mem_context(rbuf), MARSHALL); - cli->pipes[pipe_idx].fnum = (uint16)fnum; + nt_status = create_rpc_alter_context(rpc_call_id, + abstract, + transfer, + auth_level, + &client_reply, + &rpc_out); - /**************** Set Named Pipe State ***************/ - if (!rpc_pipe_set_hnd_state(&cli->pipes[pipe_idx], pipe_names[pipe_idx].client_pipe, 0x4300)) { - DEBUG(0,("cli_nt_session_open: pipe hnd state failed. Error was %s\n", - cli_errstr(cli))); - cli_close(cli, cli->pipes[pipe_idx].fnum); - cli->pipes[pipe_idx].fnum = 0; - return False; - } + data_blob_free(&client_reply); + + if (!NT_STATUS_IS_OK(nt_status)) { + prs_mem_free(&rpc_out); + return nt_status; } - cli_pipe = &cli->pipes[pipe_idx]; - cli_pipe->pipe_idx = pipe_idx; - cli_pipe->cli = cli; - cli_pipe->pipe_auth_flags = cli->pipe_auth_flags; - memcpy(&cli_pipe->auth_info.sess_key, - cli->sess_key, sizeof(cli->sess_key)); + /* Initialize the returning data struct. */ + prs_mem_free(rbuf); + prs_init(rbuf, 0, cli->cli->mem_ctx, UNMARSHALL); - /******************* bind request on pipe *****************/ + nt_status = rpc_api_pipe(cli, &rpc_out, rbuf, RPC_ALTCONTRESP); + if (!NT_STATUS_IS_OK(nt_status)) { + prs_mem_free(&rpc_out); + return nt_status; + } - if (!rpc_pipe_bind(&cli->pipes[pipe_idx])) { - DEBUG(2,("cli_nt_session_open: rpc bind to %s failed\n", - get_pipe_name_from_index(pipe_idx))); - cli_close(cli, cli->pipes[pipe_idx].fnum); - cli->pipes[pipe_idx].fnum = 0; - return False; + prs_mem_free(&rpc_out); + + /* Get the auth blob from the reply. */ + if(!smb_io_rpc_hdr("rpc_hdr ", phdr, rbuf, 0)) { + DEBUG(0,("rpc_finish_spnego_ntlmssp_bind: Failed to unmarshall RPC_HDR.\n")); + return NT_STATUS_BUFFER_TOO_SMALL; } - cli->pipe_idx = pipe_idx; + if (!prs_set_offset(rbuf, phdr->frag_len - phdr->auth_len - RPC_HDR_AUTH_LEN)) { + return NT_STATUS_INVALID_PARAMETER; + } - /* - * Setup the remote server name prefixed by \ and the machine account name. - */ + if(!smb_io_rpc_hdr_auth("hdr_auth", &hdr_auth, rbuf, 0)) { + return NT_STATUS_INVALID_PARAMETER; + } - fstrcpy(cli->srv_name_slash, "\\\\"); - fstrcat(cli->srv_name_slash, cli->desthost); - strupper_m(cli->srv_name_slash); + server_spnego_response = data_blob(NULL, phdr->auth_len); + prs_copy_data_out((char *)server_spnego_response.data, rbuf, phdr->auth_len); - fstrcpy(cli->clnt_name_slash, "\\\\"); - fstrcat(cli->clnt_name_slash, global_myname()); - strupper_m(cli->clnt_name_slash); + /* Check we got a valid auth response. */ + if (!spnego_parse_auth_response(server_spnego_response, NT_STATUS_OK, &tmp_blob)) { + data_blob_free(&server_spnego_response); + data_blob_free(&tmp_blob); + return NT_STATUS_INVALID_PARAMETER; + } - fstrcpy(cli->mach_acct, global_myname()); - fstrcat(cli->mach_acct, "$"); - strupper_m(cli->mach_acct); + data_blob_free(&server_spnego_response); + data_blob_free(&tmp_blob); - /* Remember which pipe we're talking to */ - fstrcpy(cli->pipe_name, pipe_names[pipe_idx].client_pipe); + DEBUG(5,("rpc_finish_spnego_ntlmssp_bind: alter context request to " + "remote machine %s pipe %s fnum 0x%x.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); - return True; + return NT_STATUS_OK; } - /**************************************************************************** - Open a session to the NETLOGON pipe using schannel. - - (Assumes that the netlogon pipe is already open) - ****************************************************************************/ + Do an rpc bind. +****************************************************************************/ -NTSTATUS cli_nt_establish_netlogon(struct cli_state *cli, int sec_chan, - const uchar trust_password[16]) +static NTSTATUS rpc_pipe_bind(struct rpc_pipe_client *cli, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level) { - NTSTATUS result; - uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS; - - cli_nt_netlogon_netsec_session_close(cli); - - if (lp_client_schannel() != False) - neg_flags |= NETLOGON_NEG_SCHANNEL; + RPC_HDR hdr; + RPC_HDR_BA hdr_ba; + RPC_IFACE abstract; + RPC_IFACE transfer; + prs_struct rpc_out; + prs_struct rbuf; + uint32 rpc_call_id; + NTSTATUS status; - result = cli_nt_setup_creds(cli, sec_chan, trust_password, - &neg_flags, 2); + DEBUG(5,("Bind RPC Pipe[%x]: %s auth_type %u, auth_level %u\n", + (unsigned int)cli->fnum, + cli->pipe_name, + (unsigned int)auth_type, + (unsigned int)auth_level )); - if (!NT_STATUS_IS_OK(result)) { - cli_nt_session_close(cli); - return result; + if (!valid_pipe_name(cli->pipe_idx, &abstract, &transfer)) { + return NT_STATUS_INVALID_PARAMETER; } - if ((lp_client_schannel() == True) && - ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0)) { + prs_init(&rpc_out, 0, cli->cli->mem_ctx, MARSHALL); - DEBUG(3, ("Server did not offer schannel\n")); - cli_nt_session_close(cli); - return NT_STATUS_UNSUCCESSFUL; - } + rpc_call_id = get_rpc_call_id(); - if ((lp_client_schannel() == False) || - ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0)) { - return NT_STATUS_OK; - - /* keep the existing connection to NETLOGON open */ + /* Marshall the outgoing data. */ + status = create_rpc_bind_req(cli, &rpc_out, rpc_call_id, + &abstract, &transfer, + auth_type, + auth_level); + if (!NT_STATUS_IS_OK(status)) { + prs_mem_free(&rpc_out); + return status; } - cli->netlogon_pipe = cli->pipes[PI_NETLOGON]; - ZERO_STRUCT(cli->pipes[PI_NETLOGON]); + /* Initialize the incoming data struct. */ + prs_init(&rbuf, 0, cli->cli->mem_ctx, UNMARSHALL); - /* Server offered schannel, so try it. */ + /* send data on \PIPE\. receive a response */ + status = rpc_api_pipe(cli, &rpc_out, &rbuf, RPC_BINDACK); + if (!NT_STATUS_IS_OK(status)) { + prs_mem_free(&rpc_out); + return status; + } - memcpy(cli->pipes[PI_NETLOGON].auth_info.sess_key, cli->sess_key, - sizeof(cli->pipes[PI_NETLOGON].auth_info.sess_key)); + prs_mem_free(&rpc_out); - cli->pipe_auth_flags = AUTH_PIPE_NETSEC; - cli->pipe_auth_flags |= AUTH_PIPE_SIGN; - cli->pipe_auth_flags |= AUTH_PIPE_SEAL; + DEBUG(3,("rpc_pipe_bind: Remote machine %s pipe %s " + "fnum 0x%x bind request returned ok.\n", + cli->cli->desthost, + cli->pipe_name, + (unsigned int)cli->fnum)); + + /* Unmarshall the RPC header */ + if(!smb_io_rpc_hdr("hdr" , &hdr, &rbuf, 0)) { + DEBUG(0,("rpc_pipe_bind: failed to unmarshall RPC_HDR.\n")); + prs_mem_free(&rbuf); + return NT_STATUS_BUFFER_TOO_SMALL; + } - return cli_nt_session_open(cli, PI_NETLOGON) ? - NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; -} + if(!smb_io_rpc_hdr_ba("", &hdr_ba, &rbuf, 0)) { + DEBUG(0,("rpc_pipe_bind: Failed to unmarshall RPC_HDR_BA.\n")); + prs_mem_free(&rbuf); + return NT_STATUS_BUFFER_TOO_SMALL; + } + if(!check_bind_response(&hdr_ba, cli->pipe_idx, &transfer)) { + DEBUG(2,("rpc_pipe_bind: check_bind_response failed.\n")); + prs_mem_free(&rbuf); + return NT_STATUS_BUFFER_TOO_SMALL; + } -NTSTATUS cli_nt_setup_netsec(struct cli_state *cli, int sec_chan, int auth_flags, - const uchar trust_password[16]) -{ - NTSTATUS result; - uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS; - cli->pipe_auth_flags = 0; + cli->max_xmit_frag = hdr_ba.bba.max_tsize; + cli->max_recv_frag = hdr_ba.bba.max_rsize; - if (lp_client_schannel() == False) { - return NT_STATUS_OK; - } + /* For authenticated binds we may need to do 3 or 4 leg binds. */ + switch(auth_type) { - if (!cli_nt_session_open(cli, PI_NETLOGON)) { - DEBUG(0, ("Could not initialise %s\n", - get_pipe_name_from_index(PI_NETLOGON))); - return NT_STATUS_UNSUCCESSFUL; - } + case PIPE_AUTH_TYPE_NONE: + case PIPE_AUTH_TYPE_SCHANNEL: + /* Bind complete. */ + break; - neg_flags |= NETLOGON_NEG_SCHANNEL; + case PIPE_AUTH_TYPE_NTLMSSP: + /* Need to send AUTH3 packet - no reply. */ + status = rpc_finish_auth3_bind(cli, &hdr, &rbuf, rpc_call_id, + auth_type, auth_level); + if (!NT_STATUS_IS_OK(status)) { + prs_mem_free(&rbuf); + return status; + } + break; + + case PIPE_AUTH_TYPE_SPNEGO_NTLMSSP: + /* Need to send alter context request and reply. */ + status = rpc_finish_spnego_ntlmssp_bind(cli, &hdr, &rbuf, rpc_call_id, + &abstract, &transfer, + auth_type, auth_level); + if (!NT_STATUS_IS_OK(status)) { + prs_mem_free(&rbuf); + return status; + } + break; - result = cli_nt_setup_creds(cli, sec_chan, trust_password, - &neg_flags, 2); + case PIPE_AUTH_TYPE_KRB5: + /* */ - if (!(neg_flags & NETLOGON_NEG_SCHANNEL) - && lp_client_schannel() == True) { - DEBUG(1, ("Could not negotiate SCHANNEL with the DC!\n")); - result = NT_STATUS_UNSUCCESSFUL; + default: + DEBUG(0,("cli_finish_bind_auth: unknown auth type %u\n", + (unsigned int)auth_type )); + prs_mem_free(&rbuf); + return NT_STATUS_INVALID_INFO_CLASS; } - if (!NT_STATUS_IS_OK(result)) { - ZERO_STRUCT(cli->pipes[cli->pipe_idx].auth_info.sess_key); - ZERO_STRUCT(cli->sess_key); - cli->pipe_auth_flags = 0; - cli_nt_session_close(cli); - return result; - } + /* Pipe is bound - set up auth_type and auth_level data. */ - memcpy(cli->pipes[PI_NETLOGON].auth_info.sess_key, cli->sess_key, - sizeof(cli->pipes[PI_NETLOGON].auth_info.sess_key)); - - cli_close(cli, cli->pipes[PI_NETLOGON].fnum); - cli->pipes[PI_NETLOGON].fnum = 0; - cli->pipe_idx = -1; - - /* doing schannel, not per-user auth */ - cli->pipe_auth_flags = auth_flags; + cli->auth.auth_type = auth_type; + cli->auth.auth_level = auth_level; + prs_mem_free(&rbuf); return NT_STATUS_OK; } -const char *cli_pipe_get_name(struct cli_state *cli) -{ - return cli->pipe_name; -} +/**************************************************************************** + Open a named pipe over SMB to a remote server. + ****************************************************************************/ -static struct rpc_pipe_client *cli_rpc_open(struct cli_state *cli, - int pipe_idx) +static struct rpc_pipe_client *cli_rpc_pipe_open(struct cli_state *cli, int pipe_idx, NTSTATUS *perr) { TALLOC_CTX *mem_ctx; struct rpc_pipe_client *result; int fnum; - /* The pipe index must fall within our array */ + *perr = NT_STATUS_NO_MEMORY; + + /* The pipe name index must fall within our array */ SMB_ASSERT((pipe_idx >= 0) && (pipe_idx < PI_MAX_PIPES)); mem_ctx = talloc_init("struct rpc_pipe_client"); - if (mem_ctx == NULL) return NULL; + if (mem_ctx == NULL) { + return NULL; + } - result = TALLOC_P(mem_ctx, struct rpc_pipe_client); - if (result == NULL) return NULL; + result = TALLOC_ZERO_P(mem_ctx, struct rpc_pipe_client); + if (result == NULL) { + return NULL; + } result->mem_ctx = mem_ctx; - fnum = cli_nt_create(cli, &pipe_names[pipe_idx].client_pipe[5], - DESIRED_ACCESS_PIPE); + result->pipe_name = cli_get_pipe_name(pipe_idx); + + fnum = cli_nt_create(cli, result->pipe_name, DESIRED_ACCESS_PIPE); if (fnum == -1) { - DEBUG(0,("cli_rpc_open failed on pipe %s " + DEBUG(0,("cli_rpc_pipe_open: cli_nt_create failed on pipe %s " "to machine %s. Error was %s\n", - &pipe_names[pipe_idx].client_pipe[5], cli->desthost, + result->pipe_name, cli->desthost, cli_errstr(cli))); + *perr = cli_get_nt_error(cli); talloc_destroy(result->mem_ctx); return NULL; } @@ -1681,91 +2197,440 @@ static struct rpc_pipe_client *cli_rpc_open(struct cli_state *cli, result->fnum = fnum; result->cli = cli; result->pipe_idx = pipe_idx; + result->auth.auth_type = PIPE_AUTH_TYPE_NONE; + result->auth.auth_level = PIPE_AUTH_LEVEL_NONE; + + if (pipe_idx == PI_NETLOGON) { + /* Set up a netlogon credential chain for a netlogon pipe. */ + result->dc = TALLOC_ZERO_P(mem_ctx, struct dcinfo); + if (result->dc == NULL) { + talloc_destroy(result->mem_ctx); + return NULL; + } + } + + DLIST_ADD(cli->pipe_list, result); + *perr = NT_STATUS_OK; return result; } -struct rpc_pipe_client *cli_rpc_open_noauth(struct cli_state *cli, - int pipe_idx) +/**************************************************************************** + Open a named pipe to an SMB server and bind anonymously. + ****************************************************************************/ + +struct rpc_pipe_client *cli_rpc_pipe_open_noauth(struct cli_state *cli, int pipe_idx, NTSTATUS *perr) { struct rpc_pipe_client *result; - result = cli_rpc_open(cli, pipe_idx); - if (result == NULL) return NULL; - - result->max_xmit_frag = 0; - result->pipe_auth_flags = 0; + result = cli_rpc_pipe_open(cli, pipe_idx, perr); + if (result == NULL) { + return NULL; + } - if (!rpc_pipe_bind(result)) { - DEBUG(0, ("rpc_pipe_bind failed\n")); - talloc_destroy(result->mem_ctx); + *perr = rpc_pipe_bind(result, PIPE_AUTH_TYPE_NONE, PIPE_AUTH_LEVEL_NONE); + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(0, ("cli_rpc_pipe_open_noauth: rpc_pipe_bind for pipe %s failed with error %s\n", + cli_get_pipe_name(pipe_idx), nt_errstr(*perr) )); + cli_rpc_pipe_close(result); return NULL; } + DEBUG(10,("cli_rpc_pipe_open_noauth: opened pipe %s to machine %s and bound anonymously.\n", + result->pipe_name, cli->desthost )); + return result; } -struct rpc_pipe_client *cli_rpc_open_ntlmssp(struct cli_state *cli, - int pipe_idx, - const char *domain, - const char *username, - const char *password) +/**************************************************************************** + Free function for NTLMSSP auth. + ****************************************************************************/ + +static void cli_ntlmssp_auth_free(struct cli_pipe_auth_data *auth) +{ + if (auth->a_u.ntlmssp_state) { + ntlmssp_end(&auth->a_u.ntlmssp_state); + auth->a_u.ntlmssp_state = NULL; + } +} + +/**************************************************************************** + Open a named pipe to an SMB server and bind using NTLMSSP or SPNEGO NTLMSSP + ****************************************************************************/ + +static struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp_internal(struct cli_state *cli, + int pipe_idx, + enum pipe_auth_type auth_type, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) { struct rpc_pipe_client *result; + NTLMSSP_STATE *ntlmssp_state = NULL; - result = cli_rpc_open(cli, pipe_idx); - if (result == NULL) return NULL; + result = cli_rpc_pipe_open(cli, pipe_idx, perr); + if (result == NULL) { + return NULL; + } - result->max_xmit_frag = 0; - result->pipe_auth_flags = - AUTH_PIPE_NTLMSSP|AUTH_PIPE_SIGN|AUTH_PIPE_SEAL; + result->auth.cli_auth_data_free_func = cli_ntlmssp_auth_free; + result->domain = domain; result->user_name = username; pwd_set_cleartext(&result->pwd, password); - if (!rpc_pipe_bind(result)) { - DEBUG(0, ("cli_rpc_pipe_bind failed\n")); - talloc_destroy(result->mem_ctx); - return NULL; + *perr = ntlmssp_client_start(&ntlmssp_state); + if (!NT_STATUS_IS_OK(*perr)) { + goto err; + } + + result->auth.a_u.ntlmssp_state = ntlmssp_state; + + *perr = ntlmssp_set_username(ntlmssp_state, cli->user_name); + if (!NT_STATUS_IS_OK(*perr)) { + goto err; + } + + *perr = ntlmssp_set_domain(ntlmssp_state, cli->domain); + if (!NT_STATUS_IS_OK(*perr)) { + goto err; } + if (cli->pwd.null_pwd) { + *perr = ntlmssp_set_password(ntlmssp_state, NULL); + if (!NT_STATUS_IS_OK(*perr)) { + goto err; + } + } else { + *perr = ntlmssp_set_password(ntlmssp_state, password); + if (!NT_STATUS_IS_OK(*perr)) { + goto err; + } + } + + /* Turn off sign+seal to allow selected auth level to turn it back on. */ + ntlmssp_state->neg_flags &= ~(NTLMSSP_NEGOTIATE_SIGN|NTLMSSP_NEGOTIATE_SEAL); + + if (auth_level == PIPE_AUTH_LEVEL_INTEGRITY) { + ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SIGN; + } else if (auth_level == PIPE_AUTH_LEVEL_PRIVACY) { + ntlmssp_state->neg_flags |= NTLMSSP_NEGOTIATE_SEAL | NTLMSSP_NEGOTIATE_SIGN; + } + + *perr = rpc_pipe_bind(result, auth_type, auth_level); + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(0, ("cli_rpc_pipe_open_ntlmssp_internal: cli_rpc_pipe_bind failed with error %s\n", + nt_errstr(*perr) )); + goto err; + } + + DEBUG(10,("cli_rpc_pipe_open_ntlmssp_internal: opened pipe %s to machine %s and" + "bound NTLMSSP as user %s\\%s.\n", + result->pipe_name, cli->desthost, + domain, username )); + return result; + + err: + + cli_rpc_pipe_close(result); + return NULL; } -struct rpc_pipe_client *cli_rpc_open_schannel(struct cli_state *cli, - int pipe_idx, - const uchar session_key[16], - const char *domain) +/**************************************************************************** + External interface. + Open a named pipe to an SMB server and bind using NTLMSSP (bind type 10) + ****************************************************************************/ + +struct rpc_pipe_client *cli_rpc_pipe_open_ntlmssp(struct cli_state *cli, + int pipe_idx, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) +{ + return cli_rpc_pipe_open_ntlmssp_internal(cli, + pipe_idx, + PIPE_AUTH_TYPE_NTLMSSP, + auth_level, + domain, + username, + password, + perr); +} + +/**************************************************************************** + External interface. + Open a named pipe to an SMB server and bind using spnego NTLMSSP (bind type 9) + ****************************************************************************/ + +struct rpc_pipe_client *cli_rpc_pipe_open_spnego_ntlmssp(struct cli_state *cli, + int pipe_idx, + enum pipe_auth_level auth_level, + const char *domain, + const char *username, + const char *password, + NTSTATUS *perr) +{ + return cli_rpc_pipe_open_ntlmssp_internal(cli, + pipe_idx, + PIPE_AUTH_TYPE_SPNEGO_NTLMSSP, + auth_level, + domain, + username, + password, + perr); +} + +/**************************************************************************** + Open a netlogon pipe and get the schannel session key. + ****************************************************************************/ + +static struct rpc_pipe_client *get_schannel_session_key(struct cli_state *cli, + const char *domain, + NTSTATUS *perr) +{ + uint32 neg_flags = NETLOGON_NEG_AUTH2_FLAGS|NETLOGON_NEG_SCHANNEL; + struct rpc_pipe_client *netlogon_pipe = NULL; + uint32 sec_chan_type = 0; + char machine_pwd[16]; + fstring machine_account; + + netlogon_pipe = cli_rpc_pipe_open_noauth(cli, PI_NETLOGON, perr); + if (!netlogon_pipe) { + return NULL; + } + + /* Get the machine account credentials from secrets.tdb. */ + if (!get_trust_pw(domain, machine_pwd, &sec_chan_type)) { + DEBUG(0, ("get_schannel_session_key: could not fetch " + "trust account password for domain '%s'\n", + domain)); + cli_rpc_pipe_close(netlogon_pipe); + *perr = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + return NULL; + } + + if ( IS_DC ) { + fstrcpy( machine_account, lp_workgroup() ); + } else { + /* Hmmm. Is this correct for trusted domains when we're a member server ? JRA. */ + if (strequal(domain, lp_workgroup())) { + fstrcpy(machine_account, global_myname()); + } else { + fstrcpy(machine_account, domain); + } + } + + *perr = rpccli_netlogon_setup_creds(netlogon_pipe, + cli->desthost, + domain, + machine_account, + machine_pwd, + sec_chan_type, + &neg_flags); + + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(3,("get_schannel_session_key: rpccli_netlogon_setup_creds " + "failed with result %s\n", + nt_errstr(*perr) )); + cli_rpc_pipe_close(netlogon_pipe); + return NULL; + } + + if ((neg_flags & NETLOGON_NEG_SCHANNEL) == 0) { + DEBUG(3, ("get_schannel_session_key: Server %s did not offer schannel\n", + cli->desthost)); + cli_rpc_pipe_close(netlogon_pipe); + *perr = NT_STATUS_INVALID_NETWORK_RESPONSE; + return NULL; + } + + return netlogon_pipe; +} + +/**************************************************************************** + External interface. + Open a named pipe to an SMB server and bind using schannel (bind type 68) + using session_key. sign and seal. + ****************************************************************************/ + +struct rpc_pipe_client *cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, + int pipe_idx, + enum pipe_auth_level auth_level, + const char *domain, + const struct dcinfo *pdc, + NTSTATUS *perr) { struct rpc_pipe_client *result; - result = cli_rpc_open(cli, pipe_idx); - if (result == NULL) return NULL; - - result->max_xmit_frag = 0; - result->pipe_auth_flags = - AUTH_PIPE_NETSEC | AUTH_PIPE_SIGN | AUTH_PIPE_SEAL; + result = cli_rpc_pipe_open(cli, pipe_idx, perr); + if (result == NULL) { + return NULL; + } + + result->auth.a_u.schannel_auth = TALLOC_ZERO_P(result->mem_ctx, struct schannel_auth_struct); + if (!result->auth.a_u.schannel_auth) { + cli_rpc_pipe_close(result); + *perr = NT_STATUS_NO_MEMORY; + return NULL; + } + result->domain = domain; - memcpy(result->auth_info.sess_key, session_key, 16); + memcpy(result->auth.a_u.schannel_auth->sess_key, pdc->sess_key, 16); - if (!rpc_pipe_bind(result)) { - DEBUG(0, ("cli_rpc_pipe_bind failed\n")); - talloc_destroy(result->mem_ctx); + *perr = rpc_pipe_bind(result, PIPE_AUTH_TYPE_SCHANNEL, auth_level); + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(0, ("cli_rpc_pipe_open_schannel_with_key: cli_rpc_pipe_bind failed with error %s\n", + nt_errstr(*perr) )); + cli_rpc_pipe_close(result); return NULL; } + /* The credentials on a new netlogon pipe are the ones we are passed in - copy them over. */ + if (result->dc) { + *result->dc = *pdc; + } + + DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s " + "for domain %s " + "and bound using schannel.\n", + result->pipe_name, cli->desthost, domain )); + return result; } -void cli_rpc_close(struct rpc_pipe_client *cli_pipe) +/**************************************************************************** + Open a named pipe to an SMB server and bind using schannel (bind type 68). + Fetch the session key ourselves using a temporary netlogon pipe. + ****************************************************************************/ + +struct rpc_pipe_client *cli_rpc_pipe_open_schannel(struct cli_state *cli, + int pipe_idx, + enum pipe_auth_level auth_level, + const char *domain, + NTSTATUS *perr) { - if (!cli_close(cli_pipe->cli, cli_pipe->fnum)) - DEBUG(0,("cli_rpc_open failed on pipe %s " - "to machine %s. Error was %s\n", - &pipe_names[cli_pipe->pipe_idx].client_pipe[5], - cli_pipe->cli->desthost, - cli_errstr(cli_pipe->cli))); + struct rpc_pipe_client *netlogon_pipe = NULL; + struct rpc_pipe_client *result = NULL; + + netlogon_pipe = get_schannel_session_key(cli, domain, perr); + if (!netlogon_pipe) { + DEBUG(0,("cli_rpc_pipe_open_schannel: failed to get schannel session " + "key from server %s for domain %s.\n", + cli->desthost, domain )); + return NULL; + } + + result = cli_rpc_pipe_open_schannel_with_key(cli, pipe_idx, + auth_level, + domain, netlogon_pipe->dc, perr); + + /* Now we've bound using the session key we can close the netlog pipe. */ + cli_rpc_pipe_close(netlogon_pipe); + + return result; +} + +/**************************************************************************** + Free function for the kerberos spcific data. + ****************************************************************************/ + +static void kerberos_auth_struct_free(struct cli_pipe_auth_data *a) +{ + data_blob_free(&a->a_u.kerberos_auth->session_key); +} - talloc_destroy(cli_pipe->mem_ctx); +/**************************************************************************** + Open a named pipe to an SMB server and bind using krb5 (bind type 16). + ****************************************************************************/ + +struct rpc_pipe_client *cli_rpc_pipe_open_krb5(struct cli_state *cli, + int pipe_idx, + enum pipe_auth_level auth_level, + const char *service_princ, + const char *username, + const char *password, + NTSTATUS *perr) +{ +#ifdef HAVE_KRB5 + struct rpc_pipe_client *result; + + result = cli_rpc_pipe_open(cli, pipe_idx, perr); + if (result == NULL) { + return NULL; + } + + /* Default service principal is "host/server@realm" */ + if (!service_princ) { + service_princ = talloc_asprintf(result->mem_ctx, "host/%s@%s", + cli->desthost, lp_realm() ); + if (!service_princ) { + cli_rpc_pipe_close(result); + return NULL; + } + } + + /* Only get a new TGT if username/password are given. */ + if (username && password) { + int ret = kerberos_kinit_password(username, password, 0, NULL, NULL); + if (ret) { + cli_rpc_pipe_close(result); + return NULL; + } + } + + result->auth.a_u.kerberos_auth = TALLOC_ZERO_P(cli->mem_ctx, struct kerberos_auth_struct); + if (!result->auth.a_u.kerberos_auth) { + cli_rpc_pipe_close(result); + *perr = NT_STATUS_NO_MEMORY; + return NULL; + } + + result->auth.a_u.kerberos_auth->service_principal = service_princ; + result->auth.cli_auth_data_free_func = kerberos_auth_struct_free; + + *perr = rpc_pipe_bind(result, PIPE_AUTH_TYPE_KRB5, auth_level); + if (!NT_STATUS_IS_OK(*perr)) { + DEBUG(0, ("cli_rpc_pipe_open_krb5: cli_rpc_pipe_bind failed with error %s\n", + nt_errstr(*perr) )); + cli_rpc_pipe_close(result); + return NULL; + } + + return result; +#else + DEBUG(0,("cli_rpc_pipe_open_krb5: kerberos not found at compile time.\n")); + return NULL; +#endif } +#if 0 /* Moved to libsmb/clientgen.c */ +/**************************************************************************** + External interface. + Close an open named pipe over SMB. Free any authentication data. + ****************************************************************************/ + +void cli_rpc_pipe_close(struct rpc_pipe_client *cli) +{ + if (!cli_close(cli->cli, cli->fnum)) { + DEBUG(0,("cli_rpc_pipe_close: cli_close failed on pipe %s " + "to machine %s. Error was %s\n", + cli->pipe_name), + cli->cli->desthost, + cli_errstr(cli->cli))); + } + + if (cli->auth.cli_auth_data_free_func) { + (*cli->auth.cli_auth_data_free_func)(&cli->auth); + } + DEBUG(10,("cli_rpc_pipe_close: closed pipe %s to machine %s\n", + cli->pipe_name, cli->cli->desthost )); + + DLIST_REMOVE(cli->cli->pipe_list, cli); + talloc_destroy(cli->mem_ctx); +} +#endif diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c index 97ae8b29e7d..87ab5dc9dad 100644 --- a/source3/rpc_client/cli_reg.c +++ b/source3/rpc_client/cli_reg.c @@ -3,9 +3,7 @@ RPC Pipe client Copyright (C) Andrew Tridgell 1992-2000, - Copyright (C) Luke Kenneth Casson Leighton 1996-2000, - Copyright (C) Paul Ashton 1997-2000. - Copyright (C) Jeremy Allison 1999. + Copyright (C) Jeremy Allison 1999 - 2005 Copyright (C) Simo Sorce 2001 Copyright (C) Jeremy Cooper 2004 Copyright (C) Gerald (Jerry) Carter 2005 @@ -34,7 +32,7 @@ internal connect to a registry hive root (open a registry policy) *******************************************************************/ -static WERROR cli_reg_open_hive_int(struct cli_state *cli, +static WERROR rpccli_reg_open_hive_int(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint16 op_code, const char *op_name, uint32 access_mask, POLICY_HND *hnd) @@ -48,7 +46,7 @@ static WERROR cli_reg_open_hive_int(struct cli_state *cli, init_reg_q_open_hive(&in, access_mask); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, op_code, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, op_code, in, out, qbuf, rbuf, reg_io_q_open_hive, @@ -67,7 +65,7 @@ static WERROR cli_reg_open_hive_int(struct cli_state *cli, connect to a registry hive root (open a registry policy) *******************************************************************/ -WERROR cli_reg_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_reg_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 reg_type, uint32 access_mask, POLICY_HND *reg_hnd) { uint16 op_code; @@ -97,7 +95,7 @@ WERROR cli_reg_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx, return WERR_INVALID_PARAM; } - return cli_reg_open_hive_int(cli, mem_ctx, op_code, op_name, + return rpccli_reg_open_hive_int(cli, mem_ctx, op_code, op_name, access_mask, reg_hnd); } @@ -105,7 +103,7 @@ WERROR cli_reg_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************* *******************************************************************/ -WERROR cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_reg_shutdown(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *msg, uint32 timeout, BOOL do_reboot, BOOL force) { @@ -123,7 +121,7 @@ WERROR cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx, init_reg_q_shutdown(&in, msg, timeout, do_reboot, force); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_SHUTDOWN, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_SHUTDOWN, in, out, qbuf, rbuf, reg_io_q_shutdown, @@ -136,7 +134,7 @@ WERROR cli_reg_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx, /******************************************************************* *******************************************************************/ -WERROR cli_reg_abort_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx) +WERROR rpccli_reg_abort_shutdown(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx) { REG_Q_ABORT_SHUTDOWN in; REG_R_ABORT_SHUTDOWN out; @@ -145,7 +143,7 @@ WERROR cli_reg_abort_shutdown(struct cli_state * cli, TALLOC_CTX *mem_ctx) ZERO_STRUCT (in); ZERO_STRUCT (out); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_ABORT_SHUTDOWN, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_ABORT_SHUTDOWN, in, out, qbuf, rbuf, reg_io_q_abort_shutdown, @@ -161,7 +159,8 @@ do a REG Unknown 0xB command. sent after a create key or create value. this might be some sort of "sync" or "refresh" command, sent after modification of the registry... ****************************************************************************/ -WERROR cli_reg_flush_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_flush_key(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd) { REG_Q_FLUSH_KEY in; @@ -173,7 +172,7 @@ WERROR cli_reg_flush_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_flush_key(&in, hnd); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_FLUSH_KEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_FLUSH_KEY, in, out, qbuf, rbuf, reg_io_q_flush_key, @@ -186,7 +185,8 @@ WERROR cli_reg_flush_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Query Key ****************************************************************************/ -WERROR cli_reg_query_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_query_key(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *key_class, uint32 *class_len, uint32 *num_subkeys, uint32 *max_subkeylen, @@ -204,7 +204,7 @@ WERROR cli_reg_query_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_query_key( &in, hnd, key_class ); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_QUERY_KEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_QUERY_KEY, in, out, qbuf, rbuf, reg_io_q_query_key, @@ -227,7 +227,7 @@ WERROR cli_reg_query_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT (out); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_QUERY_KEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_QUERY_KEY, in, out, qbuf, rbuf, reg_io_q_query_key, @@ -255,7 +255,7 @@ WERROR cli_reg_query_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** ****************************************************************************/ -WERROR cli_reg_getversion(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_reg_getversion(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 *version) { REG_Q_GETVERSION in; @@ -267,7 +267,7 @@ WERROR cli_reg_getversion(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_getversion(&in, hnd); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_GETVERSION, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_GETVERSION, in, out, qbuf, rbuf, reg_io_q_getversion, @@ -286,7 +286,8 @@ WERROR cli_reg_getversion(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Query Info ****************************************************************************/ -WERROR cli_reg_query_value(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_query_value(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, const char *val_name, uint32 *type, REGVAL_BUFFER *buffer) { @@ -299,7 +300,7 @@ WERROR cli_reg_query_value(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_query_value(&in, hnd, val_name, buffer); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_QUERY_VALUE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_QUERY_VALUE, in, out, qbuf, rbuf, reg_io_q_query_value, @@ -319,7 +320,8 @@ WERROR cli_reg_query_value(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Set Key Security ****************************************************************************/ -WERROR cli_reg_set_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_set_key_sec(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 sec_info, size_t secdesc_size, SEC_DESC *sec_desc) { @@ -338,7 +340,7 @@ WERROR cli_reg_set_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_set_key_sec(&in, hnd, sec_info, sec_desc_buf); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_SET_KEY_SEC, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_SET_KEY_SEC, in, out, qbuf, rbuf, reg_io_q_set_key_sec, @@ -353,7 +355,8 @@ WERROR cli_reg_set_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Query Key Security ****************************************************************************/ -WERROR cli_reg_get_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_get_key_sec(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 sec_info, uint32 *sec_buf_size, SEC_DESC_BUF *sec_buf) { @@ -366,7 +369,7 @@ WERROR cli_reg_get_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_get_key_sec(&in, hnd, sec_info, *sec_buf_size, sec_buf); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_GET_KEY_SEC, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_GET_KEY_SEC, in, out, qbuf, rbuf, reg_io_q_get_key_sec, @@ -388,7 +391,8 @@ WERROR cli_reg_get_key_sec(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Delete Value ****************************************************************************/ -WERROR cli_reg_delete_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_delete_val(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *val_name) { REG_Q_DELETE_VALUE in; @@ -400,7 +404,7 @@ WERROR cli_reg_delete_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_delete_val(&in, hnd, val_name); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_DELETE_VALUE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_DELETE_VALUE, in, out, qbuf, rbuf, reg_io_q_delete_value, @@ -413,7 +417,8 @@ WERROR cli_reg_delete_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Delete Key ****************************************************************************/ -WERROR cli_reg_delete_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_delete_key(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *key_name) { REG_Q_DELETE_KEY in; @@ -425,7 +430,7 @@ WERROR cli_reg_delete_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_delete_key(&in, hnd, key_name); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_DELETE_KEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_DELETE_KEY, in, out, qbuf, rbuf, reg_io_q_delete_key, @@ -438,7 +443,8 @@ WERROR cli_reg_delete_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Create Key ****************************************************************************/ -WERROR cli_reg_create_key_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_create_key_ex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *key_name, char *key_class, uint32 access_desired, POLICY_HND *key) { @@ -453,8 +459,7 @@ WERROR cli_reg_create_key_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT (out); if ( !(sec = make_sec_desc(mem_ctx, 1, SEC_DESC_SELF_RELATIVE, - NULL, NULL, NULL, NULL, &sec_len)) ) - { + NULL, NULL, NULL, NULL, &sec_len)) ) { return WERR_GENERAL_FAILURE; } @@ -463,7 +468,7 @@ WERROR cli_reg_create_key_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_create_key_ex(&in, hnd, key_name, key_class, access_desired, sec_buf); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_CREATE_KEY_EX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_CREATE_KEY_EX, in, out, qbuf, rbuf, reg_io_q_create_key_ex, @@ -482,7 +487,8 @@ WERROR cli_reg_create_key_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Enum Key ****************************************************************************/ -WERROR cli_reg_enum_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_enum_key(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, int key_index, fstring key_name, fstring class_name, time_t *mod_time) { @@ -495,7 +501,7 @@ WERROR cli_reg_enum_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_enum_key(&in, hnd, key_index); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_ENUM_KEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_ENUM_KEY, in, out, qbuf, rbuf, reg_io_q_enum_key, @@ -523,7 +529,8 @@ WERROR cli_reg_enum_key(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Create Value ****************************************************************************/ -WERROR cli_reg_set_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_set_val(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *val_name, uint32 type, RPC_DATA_BLOB *data) { @@ -536,7 +543,7 @@ WERROR cli_reg_set_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_set_val(&in, hnd, val_name, type, data); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_SET_VALUE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_SET_VALUE, in, out, qbuf, rbuf, reg_io_q_set_value, @@ -549,7 +556,8 @@ WERROR cli_reg_set_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Enum Value ****************************************************************************/ -WERROR cli_reg_enum_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_enum_val(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, int idx, fstring val_name, uint32 *type, REGVAL_BUFFER *value) { @@ -562,7 +570,7 @@ WERROR cli_reg_enum_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_enum_val(&in, hnd, idx, 0x0100, 0x1000); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_ENUM_VALUE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_ENUM_VALUE, in, out, qbuf, rbuf, reg_io_q_enum_val, @@ -577,7 +585,7 @@ WERROR cli_reg_enum_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT (out); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_ENUM_VALUE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_ENUM_VALUE, in, out, qbuf, rbuf, reg_io_q_enum_val, @@ -598,7 +606,7 @@ WERROR cli_reg_enum_val(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** ****************************************************************************/ -WERROR cli_reg_open_entry(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_reg_open_entry(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *key_name, uint32 access_desired, POLICY_HND *key_hnd) { @@ -611,7 +619,7 @@ WERROR cli_reg_open_entry(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_open_entry(&in, hnd, key_name, access_desired); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_OPEN_ENTRY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_OPEN_ENTRY, in, out, qbuf, rbuf, reg_io_q_open_entry, @@ -629,7 +637,7 @@ WERROR cli_reg_open_entry(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** ****************************************************************************/ -WERROR cli_reg_close(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_reg_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd) { REG_Q_CLOSE in; @@ -641,7 +649,7 @@ WERROR cli_reg_close(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_reg_q_close(&in, hnd); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_CLOSE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_CLOSE, in, out, qbuf, rbuf, reg_io_q_close, @@ -654,7 +662,8 @@ WERROR cli_reg_close(struct cli_state *cli, TALLOC_CTX *mem_ctx, /**************************************************************************** do a REG Query Info ****************************************************************************/ -WERROR cli_reg_save_key( struct cli_state *cli, TALLOC_CTX *mem_ctx, + +WERROR rpccli_reg_save_key(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, const char *filename ) { REG_Q_SAVE_KEY in; @@ -666,7 +675,7 @@ WERROR cli_reg_save_key( struct cli_state *cli, TALLOC_CTX *mem_ctx, init_q_reg_save_key( &in, hnd, filename ); - CLI_DO_RPC( cli, mem_ctx, PI_WINREG, REG_SAVE_KEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_WINREG, REG_SAVE_KEY, in, out, qbuf, rbuf, reg_io_q_save_key, @@ -720,5 +729,3 @@ BOOL reg_split_hive(const char *full_keyname, uint32 *reg_type, pstring key_name return True; } - - diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index 01ec0bd51eb..d68c72e20c8 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -3,10 +3,8 @@ RPC pipe client Copyright (C) Tim Potter 2000-2001, Copyright (C) Andrew Tridgell 1992-1997,2000, - Copyright (C) Luke Kenneth Casson Leighton 1996-1997,2000, - Copyright (C) Paul Ashton 1997,2000, - Copyright (C) Elrond 2000, Copyright (C) Rafal Szczesniak 2002. + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -40,24 +38,16 @@ NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_connect(&q, cli->cli->desthost, access_mask); - if (!samr_io_q_connect("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_CONNECT, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_connect("", &r, &rbuf, 0)) - goto done; - + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT, + q, r, + qbuf, rbuf, + samr_io_q_connect, + samr_io_r_connect, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ if (NT_STATUS_IS_OK(result = r.status)) { @@ -67,22 +57,12 @@ NTSTATUS rpccli_samr_connect(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_connect(struct cli_state *cli, TALLOC_CTX *mem_ctx, - uint32 access_mask, POLICY_HND *connect_pol) -{ - return rpccli_samr_connect(&cli->pipes[PI_SAMR], mem_ctx, - access_mask, connect_pol); -} /* Connect to SAMR database */ -NTSTATUS cli_samr_connect4(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_connect4(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 access_mask, POLICY_HND *connect_pol) { prs_struct qbuf, rbuf; @@ -90,28 +70,19 @@ NTSTATUS cli_samr_connect4(struct cli_state *cli, TALLOC_CTX *mem_ctx, SAMR_R_CONNECT4 r; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - DEBUG(10,("cli_samr_connect4 to %s\n", cli->desthost)); - ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ - init_samr_q_connect4(&q, cli->desthost, access_mask); - - if (!samr_io_q_connect4("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_CONNECT4, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ + init_samr_q_connect4(&q, cli->cli->desthost, access_mask); - if (!samr_io_r_connect4("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CONNECT4, + q, r, + qbuf, rbuf, + samr_io_q_connect4, + samr_io_r_connect4, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -122,10 +93,6 @@ NTSTATUS cli_samr_connect4(struct cli_state *cli, TALLOC_CTX *mem_ctx, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -144,23 +111,16 @@ NTSTATUS rpccli_samr_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_close_hnd(&q, connect_pol); - if (!samr_io_q_close_hnd("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_CLOSE_HND, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_close_hnd("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CLOSE_HND, + q, r, + qbuf, rbuf, + samr_io_q_close_hnd, + samr_io_r_close_hnd, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -171,19 +131,9 @@ NTSTATUS rpccli_samr_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, *connect_pol = r.pol; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_close(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *connect_pol) -{ - return rpccli_samr_close(&cli->pipes[PI_SAMR], mem_ctx, connect_pol); -} - /* Open handle on a domain */ NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, @@ -201,23 +151,16 @@ NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ct ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_open_domain(&q, connect_pol, access_mask, domain_sid); - if (!samr_io_q_open_domain("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_OPEN_DOMAIN, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_open_domain("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_DOMAIN, + q, r, + qbuf, rbuf, + samr_io_q_open_domain, + samr_io_r_open_domain, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -228,26 +171,9 @@ NTSTATUS rpccli_samr_open_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ct #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -/* Open handle on a user */ - -NTSTATUS cli_samr_open_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *connect_pol, uint32 access_mask, - const DOM_SID *domain_sid, - POLICY_HND *domain_pol) -{ - return rpccli_samr_open_domain(&cli->pipes[PI_SAMR], mem_ctx, - connect_pol, access_mask, domain_sid, - domain_pol); -} - - NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, uint32 access_mask, @@ -263,23 +189,16 @@ NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_open_user(&q, domain_pol, access_mask, user_rid); - if (!samr_io_q_open_user("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_OPEN_USER, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_open_user("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_USER, + q, r, + qbuf, rbuf, + samr_io_q_open_user, + samr_io_r_open_user, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -290,22 +209,9 @@ NTSTATUS rpccli_samr_open_user(struct rpc_pipe_client *cli, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_open_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 access_mask, - uint32 user_rid, POLICY_HND *user_pol) -{ - return rpccli_samr_open_user(&cli->pipes[PI_SAMR], mem_ctx, domain_pol, - access_mask, user_rid, user_pol); -} - - /* Open handle on a group */ NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli, @@ -323,23 +229,16 @@ NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_open_group(&q, domain_pol, access_mask, group_rid); - if (!samr_io_q_open_group("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_OPEN_GROUP, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_open_group("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_GROUP, + q, r, + qbuf, rbuf, + samr_io_q_open_group, + samr_io_r_open_group, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -350,25 +249,12 @@ NTSTATUS rpccli_samr_open_group(struct rpc_pipe_client *cli, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_open_group(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 access_mask, - uint32 group_rid, POLICY_HND *group_pol) -{ - return rpccli_samr_open_group(&cli->pipes[PI_SAMR], mem_ctx, - domain_pol, access_mask, group_rid, - group_pol); -} - /* Create domain group */ -NTSTATUS cli_samr_create_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_create_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, const char *group_name, uint32 access_mask, POLICY_HND *group_pol) @@ -383,23 +269,16 @@ NTSTATUS cli_samr_create_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_create_dom_group(&q, domain_pol, group_name, access_mask); - if (!samr_io_q_create_dom_group("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_CREATE_DOM_GROUP, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_create_dom_group("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_GROUP, + q, r, + qbuf, rbuf, + samr_io_q_create_dom_group, + samr_io_r_create_dom_group, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -408,16 +287,12 @@ NTSTATUS cli_samr_create_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx, if (NT_STATUS_IS_OK(result)) *group_pol = r.pol; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Add a domain group member */ -NTSTATUS cli_samr_add_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_add_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *group_pol, uint32 rid) { prs_struct qbuf, rbuf; @@ -430,38 +305,27 @@ NTSTATUS cli_samr_add_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_add_groupmem(&q, group_pol, rid); - if (!samr_io_q_add_groupmem("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_ADD_GROUPMEM, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_add_groupmem("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_GROUPMEM, + q, r, + qbuf, rbuf, + samr_io_q_add_groupmem, + samr_io_r_add_groupmem, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Delete a domain group member */ -NTSTATUS cli_samr_del_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_del_groupmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *group_pol, uint32 rid) { prs_struct qbuf, rbuf; @@ -474,32 +338,21 @@ NTSTATUS cli_samr_del_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_del_groupmem(&q, group_pol, rid); - if (!samr_io_q_del_groupmem("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_DEL_GROUPMEM, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_del_groupmem("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_GROUPMEM, + q, r, + qbuf, rbuf, + samr_io_q_del_groupmem, + samr_io_r_del_groupmem, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -520,47 +373,28 @@ NTSTATUS rpccli_samr_query_userinfo(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_userinfo(&q, user_pol, switch_value); - if (!samr_io_q_query_userinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_QUERY_USERINFO, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_query_userinfo("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERINFO, + q, r, + qbuf, rbuf, + samr_io_q_query_userinfo, + samr_io_r_query_userinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; *ctr = r.ctr; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_query_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol, uint16 switch_value, - SAM_USERINFO_CTR **ctr) -{ - return rpccli_samr_query_userinfo(&cli->pipes[PI_SAMR], mem_ctx, - user_pol, switch_value, ctr); -} - /* Set group info */ -NTSTATUS cli_samr_set_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_set_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *group_pol, GROUP_INFO_CTR *ctr) { prs_struct qbuf, rbuf; @@ -573,38 +407,27 @@ NTSTATUS cli_samr_set_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_set_groupinfo(&q, group_pol, ctr); - if (!samr_io_q_set_groupinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_SET_GROUPINFO, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_set_groupinfo("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_GROUPINFO, + q, r, + qbuf, rbuf, + samr_io_q_set_groupinfo, + samr_io_r_set_groupinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Query group info */ -NTSTATUS cli_samr_query_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_query_groupinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *group_pol, uint32 info_level, GROUP_INFO_CTR **ctr) { @@ -618,23 +441,16 @@ NTSTATUS cli_samr_query_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_groupinfo(&q, group_pol, info_level); - if (!samr_io_q_query_groupinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_QUERY_GROUPINFO, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_query_groupinfo("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPINFO, + q, r, + qbuf, rbuf, + samr_io_q_query_groupinfo, + samr_io_r_query_groupinfo, + NT_STATUS_UNSUCCESSFUL); *ctr = r.ctr; @@ -642,10 +458,6 @@ NTSTATUS cli_samr_query_groupinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -667,23 +479,16 @@ NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_usergroups(&q, user_pol); - if (!samr_io_q_query_usergroups("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_QUERY_USERGROUPS, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_query_usergroups("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERGROUPS, + q, r, + qbuf, rbuf, + samr_io_q_query_usergroups, + samr_io_r_query_usergroups, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -692,24 +497,12 @@ NTSTATUS rpccli_samr_query_usergroups(struct rpc_pipe_client *cli, *gid = r.gid; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_query_usergroups(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *user_pol, uint32 *num_groups, - DOM_GID **gid) -{ - return rpccli_samr_query_usergroups(&cli->pipes[PI_SAMR], mem_ctx, - user_pol, num_groups, gid); -} - /* Set alias info */ -NTSTATUS cli_samr_set_aliasinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_set_aliasinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *alias_pol, ALIAS_INFO_CTR *ctr) { prs_struct qbuf, rbuf; @@ -722,32 +515,21 @@ NTSTATUS cli_samr_set_aliasinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_set_aliasinfo(&q, alias_pol, ctr); - if (!samr_io_q_set_aliasinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_SET_ALIASINFO, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_set_aliasinfo("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_ALIASINFO, + q, r, + qbuf, rbuf, + samr_io_q_set_aliasinfo, + samr_io_r_set_aliasinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -771,11 +553,6 @@ NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - sid_ptrs = TALLOC_ARRAY(mem_ctx, uint32, num_sids); if (sid_ptrs == NULL) return NT_STATUS_NO_MEMORY; @@ -787,14 +564,12 @@ NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli, init_samr_q_query_useraliases(&q, dom_pol, num_sids, sid_ptrs, sid); - if (!samr_io_q_query_useraliases("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_QUERY_USERALIASES, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_query_useraliases("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_USERALIASES, + q, r, + qbuf, rbuf, + samr_io_q_query_useraliases, + samr_io_r_query_useraliases, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -803,25 +578,9 @@ NTSTATUS rpccli_samr_query_useraliases(struct rpc_pipe_client *cli, *als_rids = r.rid; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_query_useraliases(struct cli_state *cli, - TALLOC_CTX *mem_ctx, - POLICY_HND *dom_pol, uint32 num_sids, - DOM_SID2 *sid, - uint32 *num_aliases, uint32 **als_rids) -{ - return rpccli_samr_query_useraliases(&cli->pipes[PI_SAMR], mem_ctx, - dom_pol, num_sids, sid, - num_aliases, als_rids); -} - - /* Query user groups */ NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli, @@ -839,23 +598,16 @@ NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_groupmem(&q, group_pol); - if (!samr_io_q_query_groupmem("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_QUERY_GROUPMEM, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_query_groupmem("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_GROUPMEM, + q, r, + qbuf, rbuf, + samr_io_q_query_groupmem, + samr_io_r_query_groupmem, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -865,22 +617,9 @@ NTSTATUS rpccli_samr_query_groupmem(struct rpc_pipe_client *cli, *attr = r.attr; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_query_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *group_pol, uint32 *num_mem, - uint32 **rid, uint32 **attr) -{ - return rpccli_samr_query_groupmem(&cli->pipes[PI_SAMR], mem_ctx, - group_pol, num_mem, rid, attr); -} - - /** * Enumerate domain users * @@ -898,7 +637,8 @@ NTSTATUS cli_samr_query_groupmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, * * @return NTSTATUS returned in rpc response **/ -NTSTATUS cli_samr_enum_dom_users(struct cli_state *cli, TALLOC_CTX *mem_ctx, + +NTSTATUS rpccli_samr_enum_dom_users(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 *start_idx, uint16 acb_mask, uint32 size, char ***dom_users, uint32 **rids, uint32 *num_dom_users) @@ -918,25 +658,17 @@ NTSTATUS cli_samr_enum_dom_users(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* always init this */ *num_dom_users = 0; - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Fill query structure with parameters */ init_samr_q_enum_dom_users(&q, pol, *start_idx, acb_mask, 0, size); - if (!samr_io_q_enum_dom_users("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_ENUM_DOM_USERS, &qbuf, &rbuf)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_USERS, + q, r, + qbuf, rbuf, + samr_io_q_enum_dom_users, + samr_io_r_enum_dom_users, + NT_STATUS_UNSUCCESSFUL); - /* unpack received stream */ - - if(!samr_io_r_enum_dom_users("", &r, &rbuf, 0)) - goto done; - result = r.status; if (!NT_STATUS_IS_OK(result) && @@ -971,9 +703,6 @@ NTSTATUS cli_samr_enum_dom_users(struct cli_state *cli, TALLOC_CTX *mem_ctx, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -996,23 +725,16 @@ NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_enum_dom_groups(&q, pol, *start_idx, size); - if (!samr_io_q_enum_dom_groups("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_ENUM_DOM_GROUPS, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_enum_dom_groups("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_GROUPS, + q, r, + qbuf, rbuf, + samr_io_q_enum_dom_groups, + samr_io_r_enum_dom_groups, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1051,22 +773,9 @@ NTSTATUS rpccli_samr_enum_dom_groups(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_enum_dom_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint32 *start_idx, - uint32 size, struct acct_info **dom_groups, - uint32 *num_dom_groups) -{ - return rpccli_samr_enum_dom_groups(&cli->pipes[PI_SAMR], mem_ctx, - pol, start_idx, size, dom_groups, - num_dom_groups); -} - /* Enumerate domain groups */ NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli, @@ -1086,25 +795,16 @@ NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_enum_dom_aliases(&q, pol, *start_idx, size); - if (!samr_io_q_enum_dom_aliases("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_ENUM_DOM_ALIASES, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_enum_dom_aliases("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ENUM_DOM_ALIASES, + q, r, + qbuf, rbuf, + samr_io_q_enum_dom_aliases, + samr_io_r_enum_dom_aliases, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1144,27 +844,15 @@ NTSTATUS rpccli_samr_enum_als_groups(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_enum_als_groups(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint32 *start_idx, - uint32 size, struct acct_info **dom_aliases, - uint32 *num_dom_aliases) -{ - return rpccli_samr_enum_als_groups(&cli->pipes[PI_SAMR], mem_ctx, - pol, start_idx, size, dom_aliases, - num_dom_aliases); -} - /* Query alias members */ -NTSTATUS cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *alias_pol, uint32 *num_mem, - DOM_SID **sids) +NTSTATUS rpccli_samr_query_aliasmem(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + POLICY_HND *alias_pol, uint32 *num_mem, + DOM_SID **sids) { prs_struct qbuf, rbuf; SAMR_Q_QUERY_ALIASMEM q; @@ -1177,25 +865,16 @@ NTSTATUS cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_aliasmem(&q, alias_pol); - if (!samr_io_q_query_aliasmem("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_QUERY_ALIASMEM, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_query_aliasmem("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASMEM, + q, r, + qbuf, rbuf, + samr_io_q_query_aliasmem, + samr_io_r_query_aliasmem, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1221,17 +900,15 @@ NTSTATUS cli_samr_query_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Open handle on an alias */ -NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 access_mask, - uint32 alias_rid, POLICY_HND *alias_pol) +NTSTATUS rpccli_samr_open_alias(struct rpc_pipe_client *cli, + TALLOC_CTX *mem_ctx, + POLICY_HND *domain_pol, uint32 access_mask, + uint32 alias_rid, POLICY_HND *alias_pol) { prs_struct qbuf, rbuf; SAMR_Q_OPEN_ALIAS q; @@ -1243,27 +920,16 @@ NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_open_alias(&q, domain_pol, access_mask, alias_rid); - if (!samr_io_q_open_alias("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_OPEN_ALIAS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_open_alias("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_OPEN_ALIAS, + q, r, + qbuf, rbuf, + samr_io_q_open_alias, + samr_io_r_open_alias, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1274,16 +940,12 @@ NTSTATUS cli_samr_open_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, #endif } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Create an alias */ -NTSTATUS cli_samr_create_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_create_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, const char *name, POLICY_HND *alias_pol) { @@ -1297,27 +959,16 @@ NTSTATUS cli_samr_create_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_create_dom_alias(&q, domain_pol, name); - if (!samr_io_q_create_dom_alias("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_CREATE_DOM_ALIAS, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_create_dom_alias("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_DOM_ALIAS, + q, r, + qbuf, rbuf, + samr_io_q_create_dom_alias, + samr_io_r_create_dom_alias, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1325,16 +976,12 @@ NTSTATUS cli_samr_create_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, *alias_pol = r.alias_pol; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Add an alias member */ -NTSTATUS cli_samr_add_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_add_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *alias_pol, DOM_SID *member) { prs_struct qbuf, rbuf; @@ -1347,40 +994,25 @@ NTSTATUS cli_samr_add_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_add_aliasmem(&q, alias_pol, member); - if (!samr_io_q_add_aliasmem("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_ADD_ALIASMEM, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_add_aliasmem("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_ADD_ALIASMEM, + q, r, + qbuf, rbuf, + samr_io_q_add_aliasmem, + samr_io_r_add_aliasmem, + NT_STATUS_UNSUCCESSFUL); result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Delete an alias member */ -NTSTATUS cli_samr_del_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_del_aliasmem(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *alias_pol, DOM_SID *member) { prs_struct qbuf, rbuf; @@ -1393,40 +1025,25 @@ NTSTATUS cli_samr_del_aliasmem(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_del_aliasmem(&q, alias_pol, member); - if (!samr_io_q_del_aliasmem("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_DEL_ALIASMEM, &qbuf, &rbuf)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_del_aliasmem("", &r, &rbuf, 0)) { - result = NT_STATUS_UNSUCCESSFUL; - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DEL_ALIASMEM, + q, r, + qbuf, rbuf, + samr_io_q_del_aliasmem, + samr_io_r_del_aliasmem, + NT_STATUS_UNSUCCESSFUL); result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Query alias info */ -NTSTATUS cli_samr_query_alias_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_query_alias_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *alias_pol, uint16 switch_value, ALIAS_INFO_CTR *ctr) { @@ -1440,25 +1057,16 @@ NTSTATUS cli_samr_query_alias_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_aliasinfo(&q, alias_pol, switch_value); - if (!samr_io_q_query_aliasinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_QUERY_ALIASINFO, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_query_aliasinfo("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_ALIASINFO, + q, r, + qbuf, rbuf, + samr_io_q_query_aliasinfo, + samr_io_r_query_aliasinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1468,9 +1076,7 @@ NTSTATUS cli_samr_query_alias_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, *ctr = *r.ctr; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + done: return result; } @@ -1493,27 +1099,18 @@ NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_dom_info(&q, domain_pol, switch_value); - if (!samr_io_q_query_dom_info("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_QUERY_DOMAIN_INFO, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - r.ctr = ctr; - if (!samr_io_r_query_dom_info("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DOMAIN_INFO, + q, r, + qbuf, rbuf, + samr_io_q_query_dom_info, + samr_io_r_query_dom_info, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1522,20 +1119,10 @@ NTSTATUS rpccli_samr_query_dom_info(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_samr_query_dom_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint16 switch_value, - SAM_UNK_CTR *ctr) -{ - return rpccli_samr_query_dom_info(&cli->pipes[PI_SAMR], mem_ctx, - domain_pol, switch_value, ctr); -} - /* User change password */ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, @@ -1559,7 +1146,9 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, uchar new_nt_hash[16]; uchar new_lanman_hash[16]; - DEBUG(10,("cli_samr_query_dom_info\n")); + char *srv_name_slash = talloc_asprintf(mem_ctx, "\\\\%s", cli->cli->desthost); + + DEBUG(10,("rpccli_samr_chgpasswd_user\n")); ZERO_STRUCT(q); ZERO_STRUCT(r); @@ -1590,29 +1179,20 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, SamOEMhash( new_nt_password, old_nt_hash, 516); E_old_pw_hash( new_nt_hash, old_nt_hash, old_nt_hash_enc); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ - init_samr_q_chgpasswd_user(&q, cli->cli->srv_name_slash, username, + init_samr_q_chgpasswd_user(&q, srv_name_slash, username, new_nt_password, old_nt_hash_enc, new_lm_password, old_lanman_hash_enc); - if (!samr_io_q_chgpasswd_user("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_CHGPASSWD_USER, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_chgpasswd_user("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CHGPASSWD_USER, + q, r, + qbuf, rbuf, + samr_io_q_chgpasswd_user, + samr_io_r_chgpasswd_user, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1621,21 +1201,10 @@ NTSTATUS rpccli_samr_chgpasswd_user(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_samr_chgpasswd_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, - const char *username, - const char *newpassword, - const char *oldpassword ) -{ - return rpccli_samr_chgpasswd_user(&cli->pipes[PI_SAMR], mem_ctx, - username, newpassword, oldpassword); -} - /* This function returns the bizzare set of (max_entries, max_size) required for the QueryDisplayInfo RPC to actually work against a domain controller with large (10k and higher) numbers of users. These values were @@ -1689,28 +1258,19 @@ NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli, *num_entries = 0; - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_dispinfo(&q, domain_pol, switch_value, *start_idx, max_entries, max_size); - if (!samr_io_q_query_dispinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_QUERY_DISPINFO, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - r.ctr = ctr; - if (!samr_io_r_query_dispinfo("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_DISPINFO, + q, r, + qbuf, rbuf, + samr_io_q_query_dispinfo, + samr_io_r_query_dispinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1725,23 +1285,9 @@ NTSTATUS rpccli_samr_query_dispinfo(struct rpc_pipe_client *cli, *start_idx += r.num_entries; /* No next_idx in this structure! */ done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -NTSTATUS cli_samr_query_dispinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, uint32 *start_idx, - uint16 switch_value, uint32 *num_entries, - uint32 max_entries, uint32 max_size, - SAM_DISPINFO_CTR *ctr) -{ - return rpccli_samr_query_dispinfo(&cli->pipes[PI_SAMR], mem_ctx, - domain_pol, start_idx, switch_value, - num_entries, max_entries, max_size, ctr); -} - /* Lookup rids. Note that NT4 seems to crash if more than ~1000 rids are looked up in one packet. */ @@ -1768,25 +1314,16 @@ NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_lookup_rids(mem_ctx, &q, domain_pol, 1000, num_rids, rids); - if (!samr_io_q_lookup_rids("", &q, &qbuf, 0) || - !rpc_api_pipe_req_int(cli, SAMR_LOOKUP_RIDS, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_lookup_rids("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_RIDS, + q, r, + qbuf, rbuf, + samr_io_q_lookup_rids, + samr_io_r_lookup_rids, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1815,26 +1352,13 @@ NTSTATUS rpccli_samr_lookup_rids(struct rpc_pipe_client *cli, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } -NTSTATUS cli_samr_lookup_rids(struct cli_state *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *domain_pol, - uint32 num_rids, uint32 *rids, - uint32 *num_names, char ***names, - uint32 **name_types) -{ - return rpccli_samr_lookup_rids(&cli->pipes[PI_SAMR], mem_ctx, - domain_pol, num_rids, rids, - num_names, names, name_types); -} - /* Lookup names */ -NTSTATUS cli_samr_lookup_names(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_lookup_names(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, uint32 flags, uint32 num_names, const char **names, uint32 *num_rids, uint32 **rids, @@ -1851,26 +1375,17 @@ NTSTATUS cli_samr_lookup_names(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_lookup_names(mem_ctx, &q, domain_pol, flags, num_names, names); - if (!samr_io_q_lookup_names("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_LOOKUP_NAMES, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_lookup_names("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_NAMES, + q, r, + qbuf, rbuf, + samr_io_q_lookup_names, + samr_io_r_lookup_names, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1893,15 +1408,13 @@ NTSTATUS cli_samr_lookup_names(struct cli_state *cli, TALLOC_CTX *mem_ctx, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /* Create a domain user */ -NTSTATUS cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_create_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *domain_pol, const char *acct_name, uint32 acb_info, uint32 unknown, POLICY_HND *user_pol, uint32 *rid) @@ -1916,25 +1429,16 @@ NTSTATUS cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_create_user(&q, domain_pol, acct_name, acb_info, unknown); - if (!samr_io_q_create_user("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_CREATE_USER, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_create_user("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_CREATE_USER, + q, r, + qbuf, rbuf, + samr_io_q_create_user, + samr_io_r_create_user, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -1949,15 +1453,13 @@ NTSTATUS cli_samr_create_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, *rid = r.user_rid; done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /* Set userinfo */ -NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_set_userinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, uint16 switch_value, DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr) { @@ -1978,7 +1480,7 @@ NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Initialise parse structures */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); + prs_init(&qbuf, RPC_MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); /* Marshall data and send request */ @@ -1988,16 +1490,12 @@ NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, init_samr_q_set_userinfo(&q, user_pol, sess_key, switch_value, ctr->info.id); - if (!samr_io_q_set_userinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_SET_USERINFO, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_set_userinfo("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO, + q, r, + qbuf, rbuf, + samr_io_q_set_userinfo, + samr_io_r_set_userinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -2006,15 +1504,13 @@ NTSTATUS cli_samr_set_userinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /* Set userinfo2 */ -NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_set_userinfo2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, uint16 switch_value, DATA_BLOB *sess_key, SAM_USERINFO_CTR *ctr) { @@ -2033,25 +1529,16 @@ NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_set_userinfo2(&q, user_pol, sess_key, switch_value, ctr); - if (!samr_io_q_set_userinfo2("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_SET_USERINFO2, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_set_userinfo2("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_USERINFO2, + q, r, + qbuf, rbuf, + samr_io_q_set_userinfo2, + samr_io_r_set_userinfo2, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -2060,15 +1547,13 @@ NTSTATUS cli_samr_set_userinfo2(struct cli_state *cli, TALLOC_CTX *mem_ctx, } done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } /* Delete domain group */ -NTSTATUS cli_samr_delete_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_delete_dom_group(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *group_pol) { prs_struct qbuf, rbuf; @@ -2081,40 +1566,27 @@ NTSTATUS cli_samr_delete_dom_group(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_delete_dom_group(&q, group_pol); - if (!samr_io_q_delete_dom_group("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_DELETE_DOM_GROUP, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_delete_dom_group("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_GROUP, + q, r, + qbuf, rbuf, + samr_io_q_delete_dom_group, + samr_io_r_delete_dom_group, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Delete domain alias */ -NTSTATUS cli_samr_delete_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_delete_dom_alias(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *alias_pol) { prs_struct qbuf, rbuf; @@ -2127,40 +1599,27 @@ NTSTATUS cli_samr_delete_dom_alias(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_delete_dom_alias(&q, alias_pol); - if (!samr_io_q_delete_dom_alias("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_DELETE_DOM_ALIAS, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_delete_dom_alias("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_ALIAS, + q, r, + qbuf, rbuf, + samr_io_q_delete_dom_alias, + samr_io_r_delete_dom_alias, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Delete domain user */ -NTSTATUS cli_samr_delete_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_delete_dom_user(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol) { prs_struct qbuf, rbuf; @@ -2173,40 +1632,27 @@ NTSTATUS cli_samr_delete_dom_user(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_delete_dom_user(&q, user_pol); - if (!samr_io_q_delete_dom_user("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_DELETE_DOM_USER, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_delete_dom_user("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_DELETE_DOM_USER, + q, r, + qbuf, rbuf, + samr_io_q_delete_dom_user, + samr_io_r_delete_dom_user, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Remove foreign SID */ -NTSTATUS cli_samr_remove_sid_foreign_domain(struct cli_state *cli, +NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, DOM_SID *sid) @@ -2221,40 +1667,27 @@ NTSTATUS cli_samr_remove_sid_foreign_domain(struct cli_state *cli, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_remove_sid_foreign_domain(&q, user_pol, sid); - if (!samr_io_q_remove_sid_foreign_domain("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_remove_sid_foreign_domain("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_REMOVE_SID_FOREIGN_DOMAIN, + q, r, + qbuf, rbuf, + samr_io_q_remove_sid_foreign_domain, + samr_io_r_remove_sid_foreign_domain, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Query user security object */ -NTSTATUS cli_samr_query_sec_obj(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, uint16 switch_value, TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf) { @@ -2268,41 +1701,28 @@ NTSTATUS cli_samr_query_sec_obj(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_query_sec_obj(&q, user_pol, switch_value); - if (!samr_io_q_query_sec_obj("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_QUERY_SEC_OBJECT, &qbuf, &rbuf)) { - goto done; - } - - /* Unmarshall response */ - - if (!samr_io_r_query_sec_obj("", &r, &rbuf, 0)) { - goto done; - } + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT, + q, r, + qbuf, rbuf, + samr_io_q_query_sec_obj, + samr_io_r_query_sec_obj, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ result = r.status; *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Get domain password info */ -NTSTATUS cli_samr_get_dom_pwinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_get_dom_pwinfo(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint16 *unk_0, uint16 *unk_1) { prs_struct qbuf, rbuf; @@ -2315,23 +1735,16 @@ NTSTATUS cli_samr_get_dom_pwinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ - init_samr_q_get_dom_pwinfo(&q, cli->desthost); - - if (!samr_io_q_get_dom_pwinfo("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_GET_DOM_PWINFO, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ + init_samr_q_get_dom_pwinfo(&q, cli->cli->desthost); - if (!samr_io_r_get_dom_pwinfo("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_GET_DOM_PWINFO, + q, r, + qbuf, rbuf, + samr_io_q_get_dom_pwinfo, + samr_io_r_get_dom_pwinfo, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -2344,16 +1757,12 @@ NTSTATUS cli_samr_get_dom_pwinfo(struct cli_state *cli, TALLOC_CTX *mem_ctx, *unk_1 = r.unk_1; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Lookup Domain Name */ -NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *user_pol, char *domain_name, DOM_SID *sid) { @@ -2367,23 +1776,16 @@ NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ init_samr_q_lookup_domain(&q, user_pol, domain_name); - if (!samr_io_q_lookup_domain("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SAMR, SAMR_LOOKUP_DOMAIN, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!samr_io_r_lookup_domain("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_LOOKUP_DOMAIN, + q, r, + qbuf, rbuf, + samr_io_q_lookup_domain, + samr_io_r_lookup_domain, + NT_STATUS_UNSUCCESSFUL); /* Return output parameters */ @@ -2392,9 +1794,5 @@ NTSTATUS cli_samr_lookup_domain(struct cli_state *cli, TALLOC_CTX *mem_ctx, if (NT_STATUS_IS_OK(result)) sid_copy(sid, &r.dom_sid.sid); - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } diff --git a/source3/rpc_client/cli_shutdown.c b/source3/rpc_client/cli_shutdown.c index c342f255a9f..c06586e98ab 100644 --- a/source3/rpc_client/cli_shutdown.c +++ b/source3/rpc_client/cli_shutdown.c @@ -3,10 +3,7 @@ RPC Pipe client Copyright (C) Andrew Tridgell 1992-1998, - Copyright (C) Luke Kenneth Casson Leighton 1996-1998, - Copyright (C) Paul Ashton 1997-1998. - Copyright (C) Jeremy Allison 1999, - Copyright (C) Simo Sorce 2001, + Largely rewritten by Jeremy Allison (C) 2005. Copyright (C) Jim McDonough (jmcd@us.ibm.com) 2003. This program is free software; you can redistribute it and/or modify @@ -28,119 +25,95 @@ /* Shutdown a server */ -NTSTATUS cli_shutdown_init(struct cli_state * cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_shutdown_init(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *msg, uint32 timeout, BOOL do_reboot, BOOL force) { prs_struct qbuf; prs_struct rbuf; - SHUTDOWN_Q_INIT q_s; - SHUTDOWN_R_INIT r_s; + SHUTDOWN_Q_INIT q; + SHUTDOWN_R_INIT r; WERROR result = WERR_GENERAL_FAILURE; if (msg == NULL) return NT_STATUS_INVALID_PARAMETER; - ZERO_STRUCT (q_s); - ZERO_STRUCT (r_s); - - prs_init(&qbuf , MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + ZERO_STRUCT (q); + ZERO_STRUCT (r); /* Marshall data and send request */ - init_shutdown_q_init(&q_s, msg, timeout, do_reboot, force); - - if (!shutdown_io_q_init("", &q_s, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SHUTDOWN, SHUTDOWN_INIT, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if(shutdown_io_r_init("", &r_s, &rbuf, 0)) - result = r_s.status; + init_shutdown_q_init(&q, msg, timeout, do_reboot, force); -done: - prs_mem_free(&rbuf); - prs_mem_free(&qbuf); + CLI_DO_RPC(cli, mem_ctx, PI_SHUTDOWN, SHUTDOWN_INIT, + q, r, + qbuf, rbuf, + shutdown_io_q_init, + shutdown_io_r_init, + NT_STATUS_UNSUCCESSFUL); + result = r.status; return werror_to_ntstatus(result); } /* Shutdown a server */ -NTSTATUS cli_shutdown_init_ex(struct cli_state * cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_shutdown_init_ex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *msg, uint32 timeout, BOOL do_reboot, BOOL force, uint32 reason) { prs_struct qbuf; prs_struct rbuf; - SHUTDOWN_Q_INIT_EX q_s; - SHUTDOWN_R_INIT_EX r_s; + SHUTDOWN_Q_INIT_EX q; + SHUTDOWN_R_INIT_EX r; WERROR result = WERR_GENERAL_FAILURE; if (msg == NULL) return NT_STATUS_INVALID_PARAMETER; - ZERO_STRUCT (q_s); - ZERO_STRUCT (r_s); - - prs_init(&qbuf , MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); + ZERO_STRUCT (q); + ZERO_STRUCT (r); /* Marshall data and send request */ - init_shutdown_q_init_ex(&q_s, msg, timeout, do_reboot, force, reason); + init_shutdown_q_init_ex(&q, msg, timeout, do_reboot, force, reason); - if (!shutdown_io_q_init_ex("", &q_s, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SHUTDOWN, SHUTDOWN_INIT_EX, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if(shutdown_io_r_init_ex("", &r_s, &rbuf, 0)) - result = r_s.status; - -done: - prs_mem_free(&rbuf); - prs_mem_free(&qbuf); + CLI_DO_RPC(cli, mem_ctx, PI_SHUTDOWN, SHUTDOWN_INIT_EX, + q, r, + qbuf, rbuf, + shutdown_io_q_init_ex, + shutdown_io_r_init_ex, + NT_STATUS_UNSUCCESSFUL); + result = r.status; return werror_to_ntstatus(result); } /* Abort a server shutdown */ -NTSTATUS cli_shutdown_abort(struct cli_state * cli, TALLOC_CTX *mem_ctx) +NTSTATUS rpccli_shutdown_abort(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx) { prs_struct rbuf; prs_struct qbuf; - SHUTDOWN_Q_ABORT q_s; - SHUTDOWN_R_ABORT r_s; + SHUTDOWN_Q_ABORT q; + SHUTDOWN_R_ABORT r; WERROR result = WERR_GENERAL_FAILURE; - ZERO_STRUCT (q_s); - ZERO_STRUCT (r_s); + ZERO_STRUCT (q); + ZERO_STRUCT (r); - prs_init(&qbuf , MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Marshall data and send request */ - init_shutdown_q_abort(&q_s); - - if (!shutdown_io_q_abort("", &q_s, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SHUTDOWN, SHUTDOWN_ABORT, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (shutdown_io_r_abort("", &r_s, &rbuf, 0)) - result = r_s.status; + init_shutdown_q_abort(&q); -done: - prs_mem_free(&rbuf); - prs_mem_free(&qbuf ); + CLI_DO_RPC(cli, mem_ctx, PI_SHUTDOWN, SHUTDOWN_ABORT, + q, r, + qbuf, rbuf, + shutdown_io_q_abort, + shutdown_io_r_abort, + NT_STATUS_UNSUCCESSFUL); + result = r.status; return werror_to_ntstatus(result); } diff --git a/source3/rpc_client/cli_spoolss.c b/source3/rpc_client/cli_spoolss.c index 271382b71fe..4322bacfc87 100644 --- a/source3/rpc_client/cli_spoolss.c +++ b/source3/rpc_client/cli_spoolss.c @@ -5,8 +5,8 @@ Copyright (C) Gerald Carter 2001-2005, Copyright (C) Tim Potter 2000-2002, Copyright (C) Andrew Tridgell 1994-2000, - Copyright (C) Luke Kenneth Casson Leighton 1996-2000, Copyright (C) Jean-Francois Micouleau 1999-2000. + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -301,7 +301,7 @@ static void decode_forms_1(TALLOC_CTX *mem_ctx, RPC_BUFFER *buffer, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_open_printer_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_open_printer_ex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *printername, const char *datatype, uint32 access_required, const char *station, const char *username, POLICY_HND *pol) { @@ -315,7 +315,7 @@ WERROR cli_spoolss_open_printer_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_open_printer_ex( &in, printername, datatype, access_required, station, username ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_OPENPRINTEREX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_OPENPRINTEREX, in, out, qbuf, rbuf, spoolss_io_q_open_printer_ex, @@ -330,7 +330,7 @@ WERROR cli_spoolss_open_printer_ex(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_close_printer(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_close_printer(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol) { prs_struct qbuf, rbuf; @@ -342,7 +342,7 @@ WERROR cli_spoolss_close_printer(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_closeprinter( &in, pol ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_CLOSEPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_CLOSEPRINTER, in, out, qbuf, rbuf, spoolss_io_q_closeprinter, @@ -355,7 +355,7 @@ WERROR cli_spoolss_close_printer(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enum_printers(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enum_printers(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, char *name, uint32 flags, uint32 level, uint32 *num_printers, PRINTER_INFO_CTR *ctr) { @@ -372,7 +372,7 @@ WERROR cli_spoolss_enum_printers(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_enumprinters( &in, flags, name, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERS, in, out, qbuf, rbuf, spoolss_io_q_enumprinters, @@ -388,7 +388,7 @@ WERROR cli_spoolss_enum_printers(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_enumprinters( &in, flags, name, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERS, in, out, qbuf, rbuf, spoolss_io_q_enumprinters, @@ -422,7 +422,7 @@ WERROR cli_spoolss_enum_printers(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enum_ports(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enum_ports(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 level, uint32 *num_ports, PORT_INFO_CTR *ctr) { prs_struct qbuf, rbuf; @@ -435,14 +435,14 @@ WERROR cli_spoolss_enum_ports(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); offered = 0; rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_enumports( &in, server, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPORTS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPORTS, in, out, qbuf, rbuf, spoolss_io_q_enumports, @@ -458,7 +458,7 @@ WERROR cli_spoolss_enum_ports(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_enumports( &in, server, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPORTS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPORTS, in, out, qbuf, rbuf, spoolss_io_q_enumports, @@ -486,7 +486,7 @@ WERROR cli_spoolss_enum_ports(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_getprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 level, PRINTER_INFO_CTR *ctr) { @@ -505,7 +505,7 @@ WERROR cli_spoolss_getprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_getprinter( mem_ctx, &in, pol, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTER, in, out, qbuf, rbuf, spoolss_io_q_getprinter, @@ -521,7 +521,7 @@ WERROR cli_spoolss_getprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_getprinter( mem_ctx, &in, pol, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTER, in, out, qbuf, rbuf, spoolss_io_q_getprinter, @@ -556,7 +556,7 @@ WERROR cli_spoolss_getprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_setprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_setprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 level, PRINTER_INFO_CTR *ctr, uint32 command) { @@ -569,7 +569,7 @@ WERROR cli_spoolss_setprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_setprinter( mem_ctx, &in, pol, level, ctr, command ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETPRINTER, in, out, qbuf, rbuf, spoolss_io_q_setprinter, @@ -582,7 +582,7 @@ WERROR cli_spoolss_setprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getprinterdriver(struct cli_state *cli, +WERROR rpccli_spoolss_getprinterdriver(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 level, const char *env, int version, PRINTER_DRIVER_CTR *ctr) @@ -597,7 +597,7 @@ WERROR cli_spoolss_getprinterdriver(struct cli_state *cli, ZERO_STRUCT(in); ZERO_STRUCT(out); - fstrcpy(server, cli->desthost); + fstrcpy(server, cli->cli->desthost); strupper_m(server); offered = 0; @@ -605,7 +605,7 @@ WERROR cli_spoolss_getprinterdriver(struct cli_state *cli, make_spoolss_q_getprinterdriver2( &in, pol, env, level, version, 2, &buffer, offered); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVER2, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVER2, in, out, qbuf, rbuf, spoolss_io_q_getprinterdriver2, @@ -622,7 +622,7 @@ WERROR cli_spoolss_getprinterdriver(struct cli_state *cli, make_spoolss_q_getprinterdriver2( &in, pol, env, level, version, 2, &buffer, offered); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVER2, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVER2, in, out, qbuf, rbuf, spoolss_io_q_getprinterdriver2, @@ -651,7 +651,7 @@ WERROR cli_spoolss_getprinterdriver(struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enumprinterdrivers (struct cli_state *cli, +WERROR rpccli_spoolss_enumprinterdrivers (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 level, const char *env, uint32 *num_drivers, @@ -667,7 +667,7 @@ WERROR cli_spoolss_enumprinterdrivers (struct cli_state *cli, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); offered = 0; @@ -675,7 +675,7 @@ WERROR cli_spoolss_enumprinterdrivers (struct cli_state *cli, make_spoolss_q_enumprinterdrivers( &in, server, env, level, &buffer, offered); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDRIVERS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDRIVERS, in, out, qbuf, rbuf, spoolss_io_q_enumprinterdrivers, @@ -692,7 +692,7 @@ WERROR cli_spoolss_enumprinterdrivers (struct cli_state *cli, make_spoolss_q_enumprinterdrivers( &in, server, env, level, &buffer, offered); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDRIVERS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDRIVERS, in, out, qbuf, rbuf, spoolss_io_q_enumprinterdrivers, @@ -727,7 +727,7 @@ WERROR cli_spoolss_enumprinterdrivers (struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getprinterdriverdir (struct cli_state *cli, +WERROR rpccli_spoolss_getprinterdriverdir (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 level, char *env, DRIVER_DIRECTORY_CTR *ctr) @@ -742,7 +742,7 @@ WERROR cli_spoolss_getprinterdriverdir (struct cli_state *cli, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); offered = 0; @@ -750,7 +750,7 @@ WERROR cli_spoolss_getprinterdriverdir (struct cli_state *cli, make_spoolss_q_getprinterdriverdir( &in, server, env, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVERDIRECTORY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVERDIRECTORY, in, out, qbuf, rbuf, spoolss_io_q_getprinterdriverdir, @@ -767,7 +767,7 @@ WERROR cli_spoolss_getprinterdriverdir (struct cli_state *cli, make_spoolss_q_getprinterdriverdir( &in, server, env, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVERDIRECTORY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDRIVERDIRECTORY, in, out, qbuf, rbuf, spoolss_io_q_getprinterdriverdir, @@ -786,7 +786,7 @@ WERROR cli_spoolss_getprinterdriverdir (struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_addprinterdriver (struct cli_state *cli, +WERROR rpccli_spoolss_addprinterdriver (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 level, PRINTER_DRIVER_CTR *ctr) { @@ -798,12 +798,12 @@ WERROR cli_spoolss_addprinterdriver (struct cli_state *cli, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); make_spoolss_q_addprinterdriver( mem_ctx, &in, server, level, ctr ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ADDPRINTERDRIVER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ADDPRINTERDRIVER, in, out, qbuf, rbuf, spoolss_io_q_addprinterdriver, @@ -816,7 +816,7 @@ WERROR cli_spoolss_addprinterdriver (struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_addprinterex (struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_addprinterex (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 level, PRINTER_INFO_CTR*ctr) { prs_struct qbuf, rbuf; @@ -827,8 +827,8 @@ WERROR cli_spoolss_addprinterex (struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(client, sizeof(fstring)-1, "\\\\%s", cli->desthost); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(client, sizeof(fstring)-1, "\\\\%s", global_myname()); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(client); strupper_m(server); @@ -838,7 +838,7 @@ WERROR cli_spoolss_addprinterex (struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_addprinterex( mem_ctx, &in, server, client, user, level, ctr); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ADDPRINTEREX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ADDPRINTEREX, in, out, qbuf, rbuf, spoolss_io_q_addprinterex, @@ -851,7 +851,7 @@ WERROR cli_spoolss_addprinterex (struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_deleteprinterdriverex(struct cli_state *cli, +WERROR rpccli_spoolss_deleteprinterdriverex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *arch, const char *driver, int version) { @@ -863,12 +863,12 @@ WERROR cli_spoolss_deleteprinterdriverex(struct cli_state *cli, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); make_spoolss_q_deleteprinterdriverex( mem_ctx, &in, server, arch, driver, version ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDRIVEREX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDRIVEREX, in, out, qbuf, rbuf, spoolss_io_q_deleteprinterdriverex, @@ -881,7 +881,7 @@ WERROR cli_spoolss_deleteprinterdriverex(struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_deleteprinterdriver (struct cli_state *cli, +WERROR rpccli_spoolss_deleteprinterdriver (struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *arch, const char *driver) { @@ -893,12 +893,12 @@ WERROR cli_spoolss_deleteprinterdriver (struct cli_state *cli, ZERO_STRUCT(in); ZERO_STRUCT(out); - slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->desthost); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); strupper_m(server); make_spoolss_q_deleteprinterdriver( mem_ctx, &in, server, arch, driver ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDRIVER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDRIVER, in, out, qbuf, rbuf, spoolss_io_q_deleteprinterdriver, @@ -911,7 +911,7 @@ WERROR cli_spoolss_deleteprinterdriver (struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getprintprocessordirectory(struct cli_state *cli, +WERROR rpccli_spoolss_getprintprocessordirectory(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, char *name, char *environment, fstring procdir) @@ -931,7 +931,7 @@ WERROR cli_spoolss_getprintprocessordirectory(struct cli_state *cli, make_spoolss_q_getprintprocessordirectory( &in, name, environment, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTPROCESSORDIRECTORY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTPROCESSORDIRECTORY, in, out, qbuf, rbuf, spoolss_io_q_getprintprocessordirectory, @@ -948,7 +948,7 @@ WERROR cli_spoolss_getprintprocessordirectory(struct cli_state *cli, make_spoolss_q_getprintprocessordirectory( &in, name, environment, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTPROCESSORDIRECTORY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTPROCESSORDIRECTORY, in, out, qbuf, rbuf, spoolss_io_q_getprintprocessordirectory, @@ -967,7 +967,7 @@ WERROR cli_spoolss_getprintprocessordirectory(struct cli_state *cli, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_addform(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_addform(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *handle, uint32 level, FORM *form) { prs_struct qbuf, rbuf; @@ -979,7 +979,7 @@ WERROR cli_spoolss_addform(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_addform( &in, handle, level, form ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ADDFORM, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ADDFORM, in, out, qbuf, rbuf, spoolss_io_q_addform, @@ -992,7 +992,7 @@ WERROR cli_spoolss_addform(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_setform(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_setform(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *handle, uint32 level, const char *form_name, FORM *form) { @@ -1005,7 +1005,7 @@ WERROR cli_spoolss_setform(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_setform( &in, handle, level, form_name, form ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETFORM, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETFORM, in, out, qbuf, rbuf, spoolss_io_q_setform, @@ -1018,7 +1018,7 @@ WERROR cli_spoolss_setform(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getform(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_getform(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *handle, const char *formname, uint32 level, FORM_1 *form) { @@ -1035,7 +1035,7 @@ WERROR cli_spoolss_getform(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_getform( &in, handle, formname, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETFORM, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETFORM, in, out, qbuf, rbuf, spoolss_io_q_getform, @@ -1051,7 +1051,7 @@ WERROR cli_spoolss_getform(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_getform( &in, handle, formname, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETFORM, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETFORM, in, out, qbuf, rbuf, spoolss_io_q_getform, @@ -1070,7 +1070,7 @@ WERROR cli_spoolss_getform(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_deleteform(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_deleteform(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *handle, const char *form_name) { prs_struct qbuf, rbuf; @@ -1082,7 +1082,7 @@ WERROR cli_spoolss_deleteform(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_deleteform( &in, handle, form_name ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEFORM, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEFORM, in, out, qbuf, rbuf, spoolss_io_q_deleteform, @@ -1095,7 +1095,7 @@ WERROR cli_spoolss_deleteform(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enumforms(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enumforms(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *handle, int level, uint32 *num_forms, FORM_1 **forms) { @@ -1112,7 +1112,7 @@ WERROR cli_spoolss_enumforms(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_enumforms( &in, handle, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMFORMS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMFORMS, in, out, qbuf, rbuf, spoolss_io_q_enumforms, @@ -1128,7 +1128,7 @@ WERROR cli_spoolss_enumforms(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_enumforms( &in, handle, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMFORMS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMFORMS, in, out, qbuf, rbuf, spoolss_io_q_enumforms, @@ -1149,7 +1149,7 @@ WERROR cli_spoolss_enumforms(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enumjobs(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enumjobs(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 level, uint32 firstjob, uint32 num_jobs, uint32 *returned, JOB_INFO_CTR *ctr) { @@ -1167,7 +1167,7 @@ WERROR cli_spoolss_enumjobs(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enumjobs( &in, hnd, firstjob, num_jobs, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMJOBS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMJOBS, in, out, qbuf, rbuf, spoolss_io_q_enumjobs, @@ -1184,7 +1184,7 @@ WERROR cli_spoolss_enumjobs(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enumjobs( &in, hnd, firstjob, num_jobs, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMJOBS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMJOBS, in, out, qbuf, rbuf, spoolss_io_q_enumjobs, @@ -1215,7 +1215,7 @@ WERROR cli_spoolss_enumjobs(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_setjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_setjob(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 jobid, uint32 level, uint32 command) { @@ -1228,7 +1228,7 @@ WERROR cli_spoolss_setjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_setjob( &in, hnd, jobid, level, command ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETJOB, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETJOB, in, out, qbuf, rbuf, spoolss_io_q_setjob, @@ -1241,7 +1241,7 @@ WERROR cli_spoolss_setjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_getjob(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 jobid, uint32 level, JOB_INFO_CTR *ctr) { @@ -1258,7 +1258,7 @@ WERROR cli_spoolss_getjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_getjob( &in, hnd, jobid, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETJOB, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETJOB, in, out, qbuf, rbuf, spoolss_io_q_getjob, @@ -1274,7 +1274,7 @@ WERROR cli_spoolss_getjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, rpcbuf_init(&buffer, offered, mem_ctx); make_spoolss_q_getjob( &in, hnd, jobid, level, &buffer, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETJOB, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETJOB, in, out, qbuf, rbuf, spoolss_io_q_getjob, @@ -1300,7 +1300,7 @@ WERROR cli_spoolss_getjob(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_startpageprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_startpageprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd) { prs_struct qbuf, rbuf; @@ -1312,7 +1312,7 @@ WERROR cli_spoolss_startpageprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_startpageprinter( &in, hnd ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_STARTPAGEPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_STARTPAGEPRINTER, in, out, qbuf, rbuf, spoolss_io_q_startpageprinter, @@ -1325,7 +1325,7 @@ WERROR cli_spoolss_startpageprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_endpageprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_endpageprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd) { prs_struct qbuf, rbuf; @@ -1337,7 +1337,7 @@ WERROR cli_spoolss_endpageprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_endpageprinter( &in, hnd ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENDPAGEPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENDPAGEPRINTER, in, out, qbuf, rbuf, spoolss_io_q_endpageprinter, @@ -1350,7 +1350,7 @@ WERROR cli_spoolss_endpageprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_startdocprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_startdocprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *docname, char *outputfile, char *datatype, uint32 *jobid) @@ -1366,7 +1366,7 @@ WERROR cli_spoolss_startdocprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_startdocprinter( &in, hnd, level, docname, outputfile, datatype ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_STARTDOCPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_STARTDOCPRINTER, in, out, qbuf, rbuf, spoolss_io_q_startdocprinter, @@ -1381,7 +1381,7 @@ WERROR cli_spoolss_startdocprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enddocprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enddocprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd) { prs_struct qbuf, rbuf; @@ -1393,7 +1393,7 @@ WERROR cli_spoolss_enddocprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enddocprinter( &in, hnd ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENDDOCPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENDDOCPRINTER, in, out, qbuf, rbuf, spoolss_io_q_enddocprinter, @@ -1406,7 +1406,7 @@ WERROR cli_spoolss_enddocprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_getprinterdata(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, const char *valuename, REGISTRY_VALUE *value) { @@ -1421,7 +1421,7 @@ WERROR cli_spoolss_getprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, offered = 0; make_spoolss_q_getprinterdata( &in, hnd, valuename, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATA, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATA, in, out, qbuf, rbuf, spoolss_io_q_getprinterdata, @@ -1436,7 +1436,7 @@ WERROR cli_spoolss_getprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_getprinterdata( &in, hnd, valuename, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATA, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATA, in, out, qbuf, rbuf, spoolss_io_q_getprinterdata, @@ -1459,7 +1459,7 @@ WERROR cli_spoolss_getprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_getprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_getprinterdataex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, const char *keyname, const char *valuename, REGISTRY_VALUE *value) @@ -1474,7 +1474,7 @@ WERROR cli_spoolss_getprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_getprinterdataex( &in, hnd, keyname, valuename, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATAEX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATAEX, in, out, qbuf, rbuf, spoolss_io_q_getprinterdataex, @@ -1489,7 +1489,7 @@ WERROR cli_spoolss_getprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_getprinterdataex( &in, hnd, keyname, valuename, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATAEX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_GETPRINTERDATAEX, in, out, qbuf, rbuf, spoolss_io_q_getprinterdataex, @@ -1512,7 +1512,7 @@ WERROR cli_spoolss_getprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_setprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_setprinterdata(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, REGISTRY_VALUE *value) { prs_struct qbuf, rbuf; @@ -1525,7 +1525,7 @@ WERROR cli_spoolss_setprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_setprinterdata( &in, hnd, value->valuename, value->type, (char *)value->data_p, value->size); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETPRINTERDATA, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETPRINTERDATA, in, out, qbuf, rbuf, spoolss_io_q_setprinterdata, @@ -1538,7 +1538,7 @@ WERROR cli_spoolss_setprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_setprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_setprinterdataex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *keyname, REGISTRY_VALUE *value) { @@ -1552,7 +1552,7 @@ WERROR cli_spoolss_setprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_setprinterdataex( &in, hnd, keyname, value->valuename, value->type, (char *)value->data_p, value->size); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETPRINTERDATAEX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_SETPRINTERDATAEX, in, out, qbuf, rbuf, spoolss_io_q_setprinterdataex, @@ -1565,7 +1565,7 @@ WERROR cli_spoolss_setprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enumprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enumprinterdata(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 ndx, uint32 value_offered, uint32 data_offered, uint32 *value_needed, uint32 *data_needed, @@ -1580,7 +1580,7 @@ WERROR cli_spoolss_enumprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enumprinterdata( &in, hnd, ndx, value_offered, data_offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDATA, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDATA, in, out, qbuf, rbuf, spoolss_io_q_enumprinterdata, @@ -1609,7 +1609,7 @@ WERROR cli_spoolss_enumprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enumprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enumprinterdataex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, const char *keyname, REGVAL_CTR *ctr) { @@ -1625,7 +1625,7 @@ WERROR cli_spoolss_enumprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, offered = 0; make_spoolss_q_enumprinterdataex( &in, hnd, keyname, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDATAEX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDATAEX, in, out, qbuf, rbuf, spoolss_io_q_enumprinterdataex, @@ -1640,7 +1640,7 @@ WERROR cli_spoolss_enumprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enumprinterdataex( &in, hnd, keyname, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDATAEX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERDATAEX, in, out, qbuf, rbuf, spoolss_io_q_enumprinterdataex, @@ -1666,7 +1666,7 @@ WERROR cli_spoolss_enumprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_writeprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_writeprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, uint32 data_size, char *data, uint32 *num_written) { @@ -1679,7 +1679,7 @@ WERROR cli_spoolss_writeprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_writeprinter( &in, hnd, data_size, data ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_WRITEPRINTER, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_WRITEPRINTER, in, out, qbuf, rbuf, spoolss_io_q_writeprinter, @@ -1695,7 +1695,7 @@ WERROR cli_spoolss_writeprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_deleteprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_deleteprinterdata(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *valuename) { prs_struct qbuf, rbuf; @@ -1707,7 +1707,7 @@ WERROR cli_spoolss_deleteprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_deleteprinterdata( &in, hnd, valuename ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDATA, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDATA, in, out, qbuf, rbuf, spoolss_io_q_deleteprinterdata, @@ -1720,7 +1720,7 @@ WERROR cli_spoolss_deleteprinterdata(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_deleteprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_deleteprinterdataex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *keyname, char *valuename) { @@ -1733,7 +1733,7 @@ WERROR cli_spoolss_deleteprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ct make_spoolss_q_deleteprinterdataex( &in, hnd, keyname, valuename ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDATAEX, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERDATAEX, in, out, qbuf, rbuf, spoolss_io_q_deleteprinterdataex, @@ -1746,7 +1746,7 @@ WERROR cli_spoolss_deleteprinterdataex(struct cli_state *cli, TALLOC_CTX *mem_ct /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_enumprinterkey(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, const char *keyname, uint16 **keylist, uint32 *len) { @@ -1760,7 +1760,7 @@ WERROR cli_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enumprinterkey( &in, hnd, keyname, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERKEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERKEY, in, out, qbuf, rbuf, spoolss_io_q_enumprinterkey, @@ -1775,7 +1775,7 @@ WERROR cli_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_enumprinterkey( &in, hnd, keyname, offered ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERKEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ENUMPRINTERKEY, in, out, qbuf, rbuf, spoolss_io_q_enumprinterkey, @@ -1799,7 +1799,7 @@ WERROR cli_spoolss_enumprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, /********************************************************************** **********************************************************************/ -WERROR cli_spoolss_deleteprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_deleteprinterkey(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hnd, char *keyname) { prs_struct qbuf, rbuf; @@ -1811,7 +1811,7 @@ WERROR cli_spoolss_deleteprinterkey(struct cli_state *cli, TALLOC_CTX *mem_ctx, make_spoolss_q_deleteprinterkey( &in, hnd, keyname ); - CLI_DO_RPC( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERKEY, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_DELETEPRINTERKEY, in, out, qbuf, rbuf, spoolss_io_q_deleteprinterkey, diff --git a/source3/rpc_client/cli_spoolss_notify.c b/source3/rpc_client/cli_spoolss_notify.c index d6bcc8ba9c0..f8098943dbf 100644 --- a/source3/rpc_client/cli_spoolss_notify.c +++ b/source3/rpc_client/cli_spoolss_notify.c @@ -5,8 +5,8 @@ Copyright (C) Gerald Carter 2001-2002, Copyright (C) Tim Potter 2000-2002, Copyright (C) Andrew Tridgell 1994-2000, - Copyright (C) Luke Kenneth Casson Leighton 1996-2000, Copyright (C) Jean-Francois Micouleau 1999-2000. + Copyright (C) Jeremy Allison 2005. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -36,7 +36,7 @@ value) and this rpc establishes a back-channel over which printer notifications are performed. */ -WERROR cli_spoolss_reply_open_printer(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_reply_open_printer(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *printer, uint32 printerlocal, uint32 type, POLICY_HND *handle) { @@ -47,37 +47,28 @@ WERROR cli_spoolss_reply_open_printer(struct cli_state *cli, TALLOC_CTX *mem_ctx /* Initialise input parameters */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - make_spoolss_q_replyopenprinter(&q, printer, printerlocal, type); /* Marshall data and send request */ - if (!spoolss_io_q_replyopenprinter("", &q, &qbuf, 0) || - !rpc_api_pipe_req (cli, PI_SPOOLSS, SPOOLSS_REPLYOPENPRINTER, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!spoolss_io_r_replyopenprinter("", &r, &rbuf, 0)) - goto done; - + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_REPLYOPENPRINTER, + q, r, + qbuf, rbuf, + spoolss_io_q_replyopenprinter, + spoolss_io_r_replyopenprinter, + WERR_GENERAL_FAILURE ); + /* Return result */ memcpy(handle, &r.handle, sizeof(r.handle)); result = r.status; -done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /* Close a back-channel notification connection */ -WERROR cli_spoolss_reply_close_printer(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_reply_close_printer(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *handle) { prs_struct qbuf, rbuf; @@ -87,30 +78,20 @@ WERROR cli_spoolss_reply_close_printer(struct cli_state *cli, TALLOC_CTX *mem_ct /* Initialise input parameters */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - make_spoolss_q_reply_closeprinter(&q, handle); /* Marshall data and send request */ - if (!spoolss_io_q_replycloseprinter("", &q, &qbuf, 0) || - !rpc_api_pipe_req (cli, PI_SPOOLSS, SPOOLSS_REPLYCLOSEPRINTER, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!spoolss_io_r_replycloseprinter("", &r, &rbuf, 0)) - goto done; - + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_REPLYCLOSEPRINTER, + q, r, + qbuf, rbuf, + spoolss_io_q_replycloseprinter, + spoolss_io_r_replycloseprinter, + WERR_GENERAL_FAILURE ); + /* Return result */ result = r.status; - -done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -121,7 +102,7 @@ done: Also see cli_spolss_reply_rrpcn() *********************************************************************/ -WERROR cli_spoolss_routerreplyprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_routerreplyprinter(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 condition, uint32 change_id) { prs_struct qbuf, rbuf; @@ -131,30 +112,20 @@ WERROR cli_spoolss_routerreplyprinter(struct cli_state *cli, TALLOC_CTX *mem_ctx /* Initialise input parameters */ - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - make_spoolss_q_routerreplyprinter(&q, pol, condition, change_id); /* Marshall data and send request */ - if (!spoolss_io_q_routerreplyprinter("", &q, &qbuf, 0) || - !rpc_api_pipe_req (cli, PI_SPOOLSS, SPOOLSS_ROUTERREPLYPRINTER, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!spoolss_io_r_routerreplyprinter("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_ROUTERREPLYPRINTER, + q, r, + qbuf, rbuf, + spoolss_io_q_routerreplyprinter, + spoolss_io_r_routerreplyprinter, + WERR_GENERAL_FAILURE ); /* Return output parameters */ result = r.status; - -done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } @@ -165,7 +136,7 @@ done: Also see cli_spoolss_routereplyprinter() *********************************************************************/ -WERROR cli_spoolss_rrpcn(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_rrpcn(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 notify_data_len, SPOOL_NOTIFY_INFO_DATA *notify_data, uint32 change_low, uint32 change_high) @@ -179,11 +150,6 @@ WERROR cli_spoolss_rrpcn(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - ZERO_STRUCT(notify_info); /* Initialise input parameters */ @@ -201,14 +167,12 @@ WERROR cli_spoolss_rrpcn(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Marshall data and send request */ - if(!spoolss_io_q_reply_rrpcn("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SPOOLSS, SPOOLSS_RRPCN, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if(!spoolss_io_r_reply_rrpcn("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_RRPCN, + q, r, + qbuf, rbuf, + spoolss_io_q_reply_rrpcn, + spoolss_io_r_reply_rrpcn, + WERR_GENERAL_FAILURE ); if (r.unknown0 == 0x00080000) DEBUG(8,("cli_spoolss_reply_rrpcn: I think the spooler resonded that the notification was ignored.\n")); @@ -216,18 +180,13 @@ WERROR cli_spoolss_rrpcn(struct cli_state *cli, TALLOC_CTX *mem_ctx, DEBUG(8,("cli_spoolss_reply_rrpcn: unknown0 is non-zero [0x%x]\n", r.unknown0)); result = r.status; - -done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } /********************************************************************* *********************************************************************/ -WERROR cli_spoolss_rffpcnex(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_spoolss_rffpcnex(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, uint32 flags, uint32 options, const char *localmachine, uint32 printerlocal, SPOOL_NOTIFY_OPTION *option) @@ -240,11 +199,6 @@ WERROR cli_spoolss_rffpcnex(struct cli_state *cli, TALLOC_CTX *mem_ctx, ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ make_spoolss_q_rffpcnex( @@ -253,20 +207,13 @@ WERROR cli_spoolss_rffpcnex(struct cli_state *cli, TALLOC_CTX *mem_ctx, /* Marshall data and send request */ - if(!spoolss_io_q_rffpcnex("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SPOOLSS, SPOOLSS_RFFPCNEX, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if(!spoolss_io_r_rffpcnex("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SPOOLSS, SPOOLSS_RFFPCNEX, + q, r, + qbuf, rbuf, + spoolss_io_q_rffpcnex, + spoolss_io_r_rffpcnex, + WERR_GENERAL_FAILURE ); result = r.status; - -done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } diff --git a/source3/rpc_client/cli_srvsvc.c b/source3/rpc_client/cli_srvsvc.c index b2449a79038..2c71d6b18ea 100644 --- a/source3/rpc_client/cli_srvsvc.c +++ b/source3/rpc_client/cli_srvsvc.c @@ -2,10 +2,10 @@ Unix SMB/CIFS implementation. NT Domain Authentication SMB / MSRPC client Copyright (C) Andrew Tridgell 1994-2000 - Copyright (C) Luke Kenneth Casson Leighton 1996-2000 Copyright (C) Tim Potter 2001 Copyright (C) Jim McDonough 2002 - + Copyright (C) Jeremy Allison 2005. + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or @@ -23,7 +23,7 @@ #include "includes.h" -WERROR cli_srvsvc_net_srv_get_info(struct cli_state *cli, +WERROR rpccli_srvsvc_net_srv_get_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 switch_value, SRV_INFO_CTR *ctr) { @@ -31,42 +31,33 @@ WERROR cli_srvsvc_net_srv_get_info(struct cli_state *cli, SRV_Q_NET_SRV_GET_INFO q; SRV_R_NET_SRV_GET_INFO r; WERROR result = W_ERROR(ERRgeneral); + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_srv_get_info(&q, cli->srv_name_slash, switch_value); - - /* Marshall data and send request */ - - if (!srv_io_q_net_srv_get_info("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_SRV_GET_INFO, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); + init_srv_q_net_srv_get_info(&q, server, switch_value); r.ctr = ctr; - if (!srv_io_r_net_srv_get_info("", &r, &rbuf, 0)) - goto done; - - result = r.status; + /* Marshall data and send request */ - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SRV_GET_INFO, + q, r, + qbuf, rbuf, + srv_io_q_net_srv_get_info, + srv_io_r_net_srv_get_info, + WERR_GENERAL_FAILURE); + result = r.status; return result; } -WERROR cli_srvsvc_net_share_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_srvsvc_net_share_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 info_level, SRV_SHARE_INFO_CTR *ctr, int preferred_len, ENUM_HND *hnd) { @@ -74,31 +65,27 @@ WERROR cli_srvsvc_net_share_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, SRV_Q_NET_SHARE_ENUM q; SRV_R_NET_SHARE_ENUM r; WERROR result = W_ERROR(ERRgeneral); + fstring server; int i; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_share_enum( - &q, cli->srv_name_slash, info_level, preferred_len, hnd); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); - /* Marshall data and send request */ + init_srv_q_net_share_enum(&q, server, info_level, preferred_len, hnd); - if (!srv_io_q_net_share_enum("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_SHARE_ENUM_ALL, &qbuf, &rbuf)) - goto done; + /* Marshall data and send request */ - /* Unmarshall response */ - - if (!srv_io_r_net_share_enum("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SHARE_ENUM_ALL, + q, r, + qbuf, rbuf, + srv_io_q_net_share_enum, + srv_io_r_net_share_enum, + WERR_GENERAL_FAILURE); result = r.status; @@ -215,14 +202,13 @@ WERROR cli_srvsvc_net_share_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, } break; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + + done: return result; } -WERROR cli_srvsvc_net_share_get_info(struct cli_state *cli, +WERROR rpccli_srvsvc_net_share_get_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *sharename, uint32 info_level, @@ -232,30 +218,26 @@ WERROR cli_srvsvc_net_share_get_info(struct cli_state *cli, SRV_Q_NET_SHARE_GET_INFO q; SRV_R_NET_SHARE_GET_INFO r; WERROR result = W_ERROR(ERRgeneral); + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_share_get_info(&q, cli->srv_name_slash, sharename, - info_level); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); - /* Marshall data and send request */ + init_srv_q_net_share_get_info(&q, server, sharename, info_level); - if (!srv_io_q_net_share_get_info("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_SHARE_GET_INFO, &qbuf, &rbuf)) - goto done; + /* Marshall data and send request */ - /* Unmarshall response */ - - if (!srv_io_r_net_share_get_info("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SHARE_GET_INFO, + q, r, + qbuf, rbuf, + srv_io_q_net_share_get_info, + srv_io_r_net_share_get_info, + WERR_GENERAL_FAILURE); result = r.status; @@ -363,14 +345,12 @@ WERROR cli_srvsvc_net_share_get_info(struct cli_state *cli, break; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + done: return result; } -WERROR cli_srvsvc_net_share_set_info(struct cli_state *cli, +WERROR rpccli_srvsvc_net_share_set_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *sharename, uint32 info_level, @@ -380,84 +360,64 @@ WERROR cli_srvsvc_net_share_set_info(struct cli_state *cli, SRV_Q_NET_SHARE_SET_INFO q; SRV_R_NET_SHARE_SET_INFO r; WERROR result = W_ERROR(ERRgeneral); + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_share_set_info(&q, cli->srv_name_slash, sharename, - info_level, info); - - /* Marshall data and send request */ + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); - if (!srv_io_q_net_share_set_info("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_SHARE_SET_INFO, &qbuf, &rbuf)) - goto done; + init_srv_q_net_share_set_info(&q, server, sharename, info_level, info); - /* Unmarshall response */ + /* Marshall data and send request */ - if (!srv_io_r_net_share_set_info("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SHARE_SET_INFO, + q, r, + qbuf, rbuf, + srv_io_q_net_share_set_info, + srv_io_r_net_share_set_info, + WERR_GENERAL_FAILURE); result = r.status; - - if (!W_ERROR_IS_OK(result)) - goto done; - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -WERROR cli_srvsvc_net_share_del(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_srvsvc_net_share_del(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *sharename) { prs_struct qbuf, rbuf; SRV_Q_NET_SHARE_DEL q; SRV_R_NET_SHARE_DEL r; WERROR result = W_ERROR(ERRgeneral); + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_share_del(&q, cli->srv_name_slash, sharename); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); - /* Marshall data and send request */ + init_srv_q_net_share_del(&q, server, sharename); - if (!srv_io_q_net_share_del("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_SHARE_DEL, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ + /* Marshall data and send request */ - if (!srv_io_r_net_share_del("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SHARE_DEL, + q, r, + qbuf, rbuf, + srv_io_q_net_share_del, + srv_io_r_net_share_del, + WERR_GENERAL_FAILURE); result = r.status; - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -WERROR cli_srvsvc_net_share_add(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_srvsvc_net_share_add(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, const char *netname, uint32 type, const char *remark, uint32 perms, uint32 max_uses, uint32 num_uses, @@ -468,85 +428,65 @@ WERROR cli_srvsvc_net_share_add(struct cli_state *cli, TALLOC_CTX *mem_ctx, SRV_Q_NET_SHARE_ADD q; SRV_R_NET_SHARE_ADD r; WERROR result = W_ERROR(ERRgeneral); + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - - init_srv_q_net_share_add(&q,cli->srv_name_slash, netname, type, remark, + init_srv_q_net_share_add(&q,server, netname, type, remark, perms, max_uses, num_uses, path, passwd, level, sd); /* Marshall data and send request */ - if (!srv_io_q_net_share_add("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_SHARE_ADD, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!srv_io_r_net_share_add("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_SHARE_ADD, + q, r, + qbuf, rbuf, + srv_io_q_net_share_add, + srv_io_r_net_share_add, + WERR_GENERAL_FAILURE); result = r.status; - - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - return result; } -WERROR cli_srvsvc_net_remote_tod(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_srvsvc_net_remote_tod(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, char *server, TIME_OF_DAY_INFO *tod) { prs_struct qbuf, rbuf; SRV_Q_NET_REMOTE_TOD q; SRV_R_NET_REMOTE_TOD r; WERROR result = W_ERROR(ERRgeneral); + fstring server_slash; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_remote_tod(&q, cli->srv_name_slash); - - /* Marshall data and send request */ - - if (!srv_io_q_net_remote_tod("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_REMOTE_TOD, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ + slprintf(server_slash, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server_slash); + init_srv_q_net_remote_tod(&q, server_slash); r.tod = tod; - if (!srv_io_r_net_remote_tod("", &r, &rbuf, 0)) - goto done; - - result = r.status; - - if (!W_ERROR_IS_OK(result)) - goto done; + /* Marshall data and send request */ - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_REMOTE_TOD, + q, r, + qbuf, rbuf, + srv_io_q_net_remote_tod, + srv_io_r_net_remote_tod, + WERR_GENERAL_FAILURE); + result = r.status; return result; } -WERROR cli_srvsvc_net_file_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_srvsvc_net_file_enum(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 file_level, const char *user_name, SRV_FILE_INFO_CTR *ctr, int preferred_len, ENUM_HND *hnd) @@ -555,31 +495,28 @@ WERROR cli_srvsvc_net_file_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, SRV_Q_NET_FILE_ENUM q; SRV_R_NET_FILE_ENUM r; WERROR result = W_ERROR(ERRgeneral); + fstring server; int i; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_file_enum(&q, cli->srv_name_slash, NULL, user_name, + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); + + init_srv_q_net_file_enum(&q, server, NULL, user_name, file_level, ctr, preferred_len, hnd); /* Marshall data and send request */ - if (!srv_io_q_net_file_enum("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_FILE_ENUM, &qbuf, &rbuf)) - goto done; - - /* Unmarshall response */ - - if (!srv_io_r_net_file_enum("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_FILE_ENUM, + q, r, + qbuf, rbuf, + srv_io_q_net_file_enum, + srv_io_r_net_file_enum, + WERR_GENERAL_FAILURE); result = r.status; @@ -625,47 +562,38 @@ WERROR cli_srvsvc_net_file_enum(struct cli_state *cli, TALLOC_CTX *mem_ctx, break; } - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); - + done: return result; } -WERROR cli_srvsvc_net_file_close(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_srvsvc_net_file_close(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, uint32 file_id) { prs_struct qbuf, rbuf; SRV_Q_NET_FILE_CLOSE q; SRV_R_NET_FILE_CLOSE r; WERROR result = W_ERROR(ERRgeneral); + fstring server; ZERO_STRUCT(q); ZERO_STRUCT(r); - /* Initialise parse structures */ - - prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - /* Initialise input parameters */ - init_srv_q_net_file_close(&q, cli->srv_name_slash, file_id); + slprintf(server, sizeof(fstring)-1, "\\\\%s", cli->cli->desthost); + strupper_m(server); - /* Marshall data and send request */ - - if (!srv_io_q_net_file_close("", &q, &qbuf, 0) || - !rpc_api_pipe_req(cli, PI_SRVSVC, SRV_NET_FILE_CLOSE, &qbuf, &rbuf)) - goto done; + init_srv_q_net_file_close(&q, server, file_id); - /* Unmarshall response */ + /* Marshall data and send request */ - if (!srv_io_r_net_file_close("", &r, &rbuf, 0)) - goto done; + CLI_DO_RPC_WERR(cli, mem_ctx, PI_SRVSVC, SRV_NET_FILE_CLOSE, + q, r, + qbuf, rbuf, + srv_io_q_net_file_close, + srv_io_r_net_file_close, + WERR_GENERAL_FAILURE); result = r.status; - done: - prs_mem_free(&qbuf); - prs_mem_free(&rbuf); return result; } diff --git a/source3/rpc_client/cli_svcctl.c b/source3/rpc_client/cli_svcctl.c index 9f80bb79a39..2df27c2da5b 100644 --- a/source3/rpc_client/cli_svcctl.c +++ b/source3/rpc_client/cli_svcctl.c @@ -61,7 +61,7 @@ const char* svc_status_string( uint32 state ) /******************************************************************** ********************************************************************/ -WERROR cli_svcctl_open_scm( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_open_scm(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hSCM, uint32 access_desired ) { SVCCTL_Q_OPEN_SCMANAGER in; @@ -80,12 +80,12 @@ WERROR cli_svcctl_open_scm( struct cli_state *cli, TALLOC_CTX *mem_ctx, if ( !(in.servername = TALLOC_P( mem_ctx, UNISTR2 )) ) return WERR_NOMEM; - fstr_sprintf( server, "\\\\%s", cli->desthost ); + fstr_sprintf( server, "\\\\%s", cli->cli->desthost ); init_unistr2( in.servername, server, UNI_STR_TERMINATE ); in.access = access_desired; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SCMANAGER_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SCMANAGER_W, in, out, qbuf, rbuf, svcctl_io_q_open_scmanager, @@ -103,7 +103,7 @@ WERROR cli_svcctl_open_scm( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************** ********************************************************************/ -WERROR cli_svcctl_open_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_open_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hSCM, POLICY_HND *hService, const char *servicename, uint32 access_desired ) { @@ -118,7 +118,7 @@ WERROR cli_svcctl_open_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, init_unistr2( &in.servicename, servicename, UNI_STR_TERMINATE ); in.access = access_desired; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SERVICE_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_OPEN_SERVICE_W, in, out, qbuf, rbuf, svcctl_io_q_open_service, @@ -136,7 +136,7 @@ WERROR cli_svcctl_open_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************** ********************************************************************/ -WERROR cli_svcctl_close_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService ) +WERROR rpccli_svcctl_close_service(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService ) { SVCCTL_Q_CLOSE_SERVICE in; SVCCTL_R_CLOSE_SERVICE out; @@ -147,7 +147,7 @@ WERROR cli_svcctl_close_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, POL memcpy( &in.handle, hService, sizeof(POLICY_HND) ); - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_CLOSE_SERVICE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_CLOSE_SERVICE, in, out, qbuf, rbuf, svcctl_io_q_close_service, @@ -160,7 +160,7 @@ WERROR cli_svcctl_close_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, POL /******************************************************************* *******************************************************************/ -WERROR cli_svcctl_enumerate_services( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_enumerate_services( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hSCM, uint32 type, uint32 state, uint32 *returned, ENUM_SERVICES_STATUS **service_array ) { @@ -185,7 +185,7 @@ WERROR cli_svcctl_enumerate_services( struct cli_state *cli, TALLOC_CTX *mem_ctx /* first time is to get the buffer size */ in.buffer_size = 0; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_ENUM_SERVICES_STATUS_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_ENUM_SERVICES_STATUS_W, in, out, qbuf, rbuf, svcctl_io_q_enum_services_status, @@ -197,7 +197,7 @@ WERROR cli_svcctl_enumerate_services( struct cli_state *cli, TALLOC_CTX *mem_ctx if ( W_ERROR_EQUAL( out.status, WERR_MORE_DATA ) ) { in.buffer_size = out.needed; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_ENUM_SERVICES_STATUS_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_ENUM_SERVICES_STATUS_W, in, out, qbuf, rbuf, svcctl_io_q_enum_services_status, @@ -225,7 +225,7 @@ WERROR cli_svcctl_enumerate_services( struct cli_state *cli, TALLOC_CTX *mem_ctx /******************************************************************* *******************************************************************/ -WERROR cli_svcctl_query_status( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_query_status( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService, SERVICE_STATUS *status ) { SVCCTL_Q_QUERY_STATUS in; @@ -237,7 +237,7 @@ WERROR cli_svcctl_query_status( struct cli_state *cli, TALLOC_CTX *mem_ctx, memcpy( &in.handle, hService, sizeof(POLICY_HND) ); - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_STATUS, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_STATUS, in, out, qbuf, rbuf, svcctl_io_q_query_status, @@ -255,7 +255,7 @@ WERROR cli_svcctl_query_status( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************* *******************************************************************/ -WERROR cli_svcctl_query_config(struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_query_config(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService, SERVICE_CONFIG *config ) { SVCCTL_Q_QUERY_SERVICE_CONFIG in; @@ -269,7 +269,7 @@ WERROR cli_svcctl_query_config(struct cli_state *cli, TALLOC_CTX *mem_ctx, in.buffer_size = 0; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_SERVICE_CONFIG_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_SERVICE_CONFIG_W, in, out, qbuf, rbuf, svcctl_io_q_query_service_config, @@ -279,7 +279,7 @@ WERROR cli_svcctl_query_config(struct cli_state *cli, TALLOC_CTX *mem_ctx, if ( W_ERROR_EQUAL( out.status, WERR_INSUFFICIENT_BUFFER ) ) { in.buffer_size = out.needed; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_SERVICE_CONFIG_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_QUERY_SERVICE_CONFIG_W, in, out, qbuf, rbuf, svcctl_io_q_query_service_config, @@ -298,11 +298,30 @@ WERROR cli_svcctl_query_config(struct cli_state *cli, TALLOC_CTX *mem_ctx, config->startname = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); config->displayname = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); - copy_unistr2( config->executablepath, out.config.executablepath ); - copy_unistr2( config->loadordergroup, out.config.loadordergroup ); - copy_unistr2( config->dependencies, out.config.dependencies ); - copy_unistr2( config->startname, out.config.startname ); - copy_unistr2( config->displayname, out.config.displayname ); + if ( out.config.executablepath ) { + config->executablepath = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); + copy_unistr2( config->executablepath, out.config.executablepath ); + } + + if ( out.config.loadordergroup ) { + config->loadordergroup = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); + copy_unistr2( config->loadordergroup, out.config.loadordergroup ); + } + + if ( out.config.dependencies ) { + config->dependencies = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); + copy_unistr2( config->dependencies, out.config.dependencies ); + } + + if ( out.config.startname ) { + config->startname = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); + copy_unistr2( config->startname, out.config.startname ); + } + + if ( out.config.displayname ) { + config->displayname = TALLOC_ZERO_P( mem_ctx, UNISTR2 ); + copy_unistr2( config->displayname, out.config.displayname ); + } return out.status; } @@ -310,7 +329,7 @@ WERROR cli_svcctl_query_config(struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************* *******************************************************************/ -WERROR cli_svcctl_start_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_start_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService, const char **parm_array, uint32 parmcount ) { @@ -326,7 +345,7 @@ WERROR cli_svcctl_start_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, in.parmcount = 0; in.parameters = NULL; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_START_SERVICE_W, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_START_SERVICE_W, in, out, qbuf, rbuf, svcctl_io_q_start_service, @@ -339,7 +358,7 @@ WERROR cli_svcctl_start_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************* *******************************************************************/ -WERROR cli_svcctl_control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_control_service( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService, uint32 control, SERVICE_STATUS *status ) { @@ -353,7 +372,7 @@ WERROR cli_svcctl_control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, memcpy( &in.handle, hService, sizeof(POLICY_HND) ); in.control = control; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_CONTROL_SERVICE, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_CONTROL_SERVICE, in, out, qbuf, rbuf, svcctl_io_q_control_service, @@ -372,7 +391,7 @@ WERROR cli_svcctl_control_service( struct cli_state *cli, TALLOC_CTX *mem_ctx, /******************************************************************* *******************************************************************/ -WERROR cli_svcctl_get_dispname( struct cli_state *cli, TALLOC_CTX *mem_ctx, +WERROR rpccli_svcctl_get_dispname( struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, POLICY_HND *hService, fstring displayname ) { SVCCTL_Q_GET_DISPLAY_NAME in; @@ -385,7 +404,7 @@ WERROR cli_svcctl_get_dispname( struct cli_state *cli, TALLOC_CTX *mem_ctx, memcpy( &in.handle, hService, sizeof(POLICY_HND) ); in.display_name_len = 0; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME, in, out, qbuf, rbuf, svcctl_io_q_get_display_name, @@ -397,7 +416,7 @@ WERROR cli_svcctl_get_dispname( struct cli_state *cli, TALLOC_CTX *mem_ctx, if ( W_ERROR_EQUAL( out.status, WERR_INSUFFICIENT_BUFFER ) ) { in.display_name_len = out.display_name_len; - CLI_DO_RPC( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME, + CLI_DO_RPC_WERR( cli, mem_ctx, PI_SVCCTL, SVCCTL_GET_DISPLAY_NAME, in, out, qbuf, rbuf, svcctl_io_q_get_display_name, @@ -412,4 +431,3 @@ WERROR cli_svcctl_get_dispname( struct cli_state *cli, TALLOC_CTX *mem_ctx, return out.status; } - diff --git a/source3/rpc_client/cli_wkssvc.c b/source3/rpc_client/cli_wkssvc.c index aea47443988..d8e97beb649 100644 --- a/source3/rpc_client/cli_wkssvc.c +++ b/source3/rpc_client/cli_wkssvc.c @@ -2,10 +2,10 @@ Unix SMB/CIFS implementation. NT Domain Authentication SMB / MSRPC client Copyright (C) Andrew Tridgell 1994-2000 - Copyright (C) Luke Kenneth Casson Leighton 1996-2000 Copyright (C) Tim Potter 2001 - Copytight (C) Rafal Szczesniak 2002 - + Copyright (C) Rafal Szczesniak 2002 + Copyright (C) Jeremy Allison 2005. + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or @@ -33,61 +33,36 @@ * @return NTSTATUS of rpc call */ -NTSTATUS cli_wks_query_info(struct cli_state *cli, TALLOC_CTX *mem_ctx, +NTSTATUS rpccli_wks_query_info(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, WKS_INFO_100 *wks100) { - prs_struct buf; + prs_struct qbuf; prs_struct rbuf; - WKS_Q_QUERY_INFO q_o; - WKS_R_QUERY_INFO r_o; + WKS_Q_QUERY_INFO q; + WKS_R_QUERY_INFO r; if (cli == NULL || wks100 == NULL) return NT_STATUS_UNSUCCESSFUL; - /* init rpc parse structures */ - prs_init(&buf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); - prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - DEBUG(4, ("WksQueryInfo\n")); /* init query structure with rpc call arguments */ - init_wks_q_query_info(&q_o, cli->desthost, 100); - - /* marshall data */ - if (!wks_io_q_query_info("", &q_o, &buf, 0)) { - prs_mem_free(&buf); - prs_mem_free(&rbuf); - return NT_STATUS_UNSUCCESSFUL; - } - - /* actual rpc call over \PIPE\wkssvc */ - if (!rpc_api_pipe_req(cli, PI_WKSSVC, WKS_QUERY_INFO, &buf, &rbuf)) { - prs_mem_free(&buf); - prs_mem_free(&rbuf); - return NT_STATUS_UNSUCCESSFUL; - } - - prs_mem_free(&buf); + init_wks_q_query_info(&q, cli->cli->desthost, 100); + r.wks100 = wks100; - r_o.wks100 = wks100; - - /* get call results from response buffer */ - if (!wks_io_r_query_info("", &r_o, &rbuf, 0)) { - prs_mem_free(&rbuf); - return NT_STATUS_UNSUCCESSFUL; - } - + CLI_DO_RPC(cli, mem_ctx, PI_WKSSVC, WKS_QUERY_INFO, + q, r, + qbuf, rbuf, + wks_io_q_query_info, + wks_io_r_query_info, + NT_STATUS_UNSUCCESSFUL); + /* check returnet status code */ - if (NT_STATUS_IS_ERR(r_o.status)) { + if (NT_STATUS_IS_ERR(r.status)) { /* report the error */ - DEBUG(0,("WKS_R_QUERY_INFO: %s\n", nt_errstr(r_o.status))); - prs_mem_free(&rbuf); - return r_o.status; + DEBUG(0,("WKS_R_QUERY_INFO: %s\n", nt_errstr(r.status))); + return r.status; } - /* do clean up */ - prs_mem_free(&rbuf); - return NT_STATUS_OK; } - -- cgit