dcerpc_netlogon.c

来自「samba最新软件」· C语言 代码 · 共 1,270 行 · 第 1/3 页

				       struct ldb_message *ref_res,
				       struct netr_DomainTrustInfo *info, 
				       bool is_local)
{
	ZERO_STRUCTP(info);

	if (is_local) {
		info->domainname.string = samdb_result_string(ref_res, "nETBIOSName", NULL);
		info->fulldomainname.string = samdb_result_string(ref_res, "dnsRoot", NULL);
		info->forest.string = NULL;
		info->guid = samdb_result_guid(res, "objectGUID");
		info->sid = samdb_result_dom_sid(mem_ctx, res, "objectSid");
	} else {
		info->domainname.string = samdb_result_string(res, "flatName", NULL);
		info->fulldomainname.string = samdb_result_string(res, "trustPartner", NULL);
		info->forest.string = NULL;
		info->guid = samdb_result_guid(res, "objectGUID");
		info->sid = samdb_result_dom_sid(mem_ctx, res, "securityIdentifier");
	}

	return NT_STATUS_OK;
}

/* 
  netr_LogonGetDomainInfo
  this is called as part of the ADS domain logon procedure.

  It has an important role in convaying details about the client, such
  as Operating System, Version, Service Pack etc.
*/
static NTSTATUS dcesrv_netr_LogonGetDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
					struct netr_LogonGetDomainInfo *r)
{
	const char * const attrs[] = { "objectSid", 
				       "objectGUID", "flatName", "securityIdentifier",
				       "trustPartner", NULL };
	const char * const ref_attrs[] = { "nETBIOSName", "dnsRoot", NULL };
	struct ldb_context *sam_ctx;
	struct ldb_message **res1, **res2, **ref_res;
	struct netr_DomainInfo1 *info1;
	int ret, ret1, ret2, i;
	NTSTATUS status;
	struct ldb_dn *partitions_basedn;

	const char *local_domain;

	status = dcesrv_netr_creds_server_step_check(dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx,
						     r->in.computer_name, mem_ctx, 
					      r->in.credential, 
					      r->out.return_authenticator,
					      NULL);
	NT_STATUS_NOT_OK_RETURN(status);

	sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info);
	if (sam_ctx == NULL) {
		return NT_STATUS_INVALID_SYSTEM_SERVICE;
	}

	partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx);

	/* we need to do two searches. The first will pull our primary
	   domain and the second will pull any trusted domains. Our
	   primary domain is also a "trusted" domain, so we need to
	   put the primary domain into the lists of returned trusts as
	   well */
	ret1 = gendb_search_dn(sam_ctx, mem_ctx, samdb_base_dn(sam_ctx), &res1, attrs);
	if (ret1 != 1) {
		return NT_STATUS_INTERNAL_DB_CORRUPTION;
	}

	/* try and find the domain */
	ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn, 
			   &ref_res, ref_attrs, 
			   "(&(objectClass=crossRef)(ncName=%s))", 
			   ldb_dn_get_linearized(res1[0]->dn));
	if (ret != 1) {
		return NT_STATUS_INTERNAL_DB_CORRUPTION;
	}

	local_domain = samdb_result_string(ref_res[0], "nETBIOSName", NULL);

	ret2 = gendb_search(sam_ctx, mem_ctx, NULL, &res2, attrs, "(objectClass=trustedDomain)");
	if (ret2 == -1) {
		return NT_STATUS_INTERNAL_DB_CORRUPTION;
	}

	info1 = talloc(mem_ctx, struct netr_DomainInfo1);
	NT_STATUS_HAVE_NO_MEMORY(info1);

	ZERO_STRUCTP(info1);

	info1->num_trusts = ret2 + 1;
	info1->trusts = talloc_array(mem_ctx, struct netr_DomainTrustInfo, 
				       info1->num_trusts);
	NT_STATUS_HAVE_NO_MEMORY(info1->trusts);

	status = fill_domain_trust_info(mem_ctx, res1[0], ref_res[0], &info1->domaininfo, true);
	NT_STATUS_NOT_OK_RETURN(status);

	for (i=0;i<ret2;i++) {
		status = fill_domain_trust_info(mem_ctx, res2[i], NULL, &info1->trusts[i], false);
		NT_STATUS_NOT_OK_RETURN(status);
	}

	status = fill_domain_trust_info(mem_ctx, res1[0], ref_res[0], &info1->trusts[i], true);
	NT_STATUS_NOT_OK_RETURN(status);

	r->out.info.info1 = info1;

	return NT_STATUS_OK;
}



/*
  netr_ServerPasswordGet
*/
static WERROR dcesrv_netr_ServerPasswordGet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_ServerPasswordGet *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_NETRLOGONSENDTOSAM 
*/
static WERROR dcesrv_netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_NETRLOGONSENDTOSAM *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_DsRAddressToSitenamesW 
*/
static WERROR dcesrv_netr_DsRAddressToSitenamesW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_DsRAddressToSitenamesW *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_DsRGetDCNameEx2
*/
static WERROR dcesrv_netr_DsRGetDCNameEx2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
				   struct netr_DsRGetDCNameEx2 *r)
{
	const char * const attrs[] = { "dnsDomain", "objectGUID", NULL };
	void *sam_ctx;
	struct ldb_message **res;
	struct ldb_dn *domain_dn;
	int ret;

	ZERO_STRUCT(r->out);

	sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info);
	if (sam_ctx == NULL) {
		return WERR_DS_SERVICE_UNAVAILABLE;
	}

	domain_dn = samdb_dns_domain_to_dn(sam_ctx, mem_ctx,
					   r->in.domain_name);   
	if (domain_dn == NULL) {
		return WERR_DS_SERVICE_UNAVAILABLE;
	}

	ret = gendb_search_dn(sam_ctx, mem_ctx, domain_dn, &res, attrs);
	if (ret != 1) {
		return WERR_NO_SUCH_DOMAIN;
	}

	r->out.info = talloc(mem_ctx, struct netr_DsRGetDCNameInfo);
	W_ERROR_HAVE_NO_MEMORY(r->out.info);

	/* TODO: - return real IP address
	 *       - check all r->in.* parameters (server_unc is ignored by w2k3!)
	 */
	r->out.info->dc_unc		= talloc_asprintf(mem_ctx, "\\\\%s.%s", 
							  lp_netbios_name(dce_call->conn->dce_ctx->lp_ctx), 
							  lp_realm(dce_call->conn->dce_ctx->lp_ctx));
	W_ERROR_HAVE_NO_MEMORY(r->out.info->dc_unc);
	r->out.info->dc_address		= talloc_strdup(mem_ctx, "\\\\0.0.0.0");
	W_ERROR_HAVE_NO_MEMORY(r->out.info->dc_address);
	r->out.info->dc_address_type	= DS_ADDRESS_TYPE_INET;
	r->out.info->domain_guid	= samdb_result_guid(res[0], "objectGUID");
	r->out.info->domain_name	= samdb_result_string(res[0], "dnsDomain", NULL);
	r->out.info->forest_name	= samdb_result_string(res[0], "dnsDomain", NULL);
	r->out.info->dc_flags		= DS_DNS_FOREST |
					  DS_DNS_DOMAIN |
					  DS_DNS_CONTROLLER |
					  DS_SERVER_WRITABLE |
					  DS_SERVER_CLOSEST |
					  DS_SERVER_TIMESERV |
					  DS_SERVER_KDC |
					  DS_SERVER_DS |
					  DS_SERVER_LDAP |
					  DS_SERVER_GC |
					  DS_SERVER_PDC;
	r->out.info->dc_site_name	= talloc_strdup(mem_ctx, "Default-First-Site-Name");
	W_ERROR_HAVE_NO_MEMORY(r->out.info->dc_site_name);
	r->out.info->client_site_name	= talloc_strdup(mem_ctx, "Default-First-Site-Name");
	W_ERROR_HAVE_NO_MEMORY(r->out.info->client_site_name);

	return WERR_OK;
}

/* 
  netr_DsRGetDCNameEx
*/
static WERROR dcesrv_netr_DsRGetDCNameEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
				  struct netr_DsRGetDCNameEx *r)
{
	struct netr_DsRGetDCNameEx2 r2;
	WERROR werr;

	ZERO_STRUCT(r2);

	r2.in.server_unc = r->in.server_unc;
	r2.in.client_account = NULL;
	r2.in.mask = 0;
	r2.in.domain_guid = r->in.domain_guid;
	r2.in.domain_name = r->in.domain_name;
	r2.in.site_name = r->in.site_name;
	r2.in.flags = r->in.flags;
	r2.out.info = NULL;

	werr = dcesrv_netr_DsRGetDCNameEx2(dce_call, mem_ctx, &r2);
	
	r->out.info = r2.out.info;
	
	return werr;
}

/* 
  netr_DsRGetDCName
*/
static WERROR dcesrv_netr_DsRGetDCName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
				struct netr_DsRGetDCName *r)
{
	struct netr_DsRGetDCNameEx2 r2;
	WERROR werr;

	ZERO_STRUCT(r2);

	r2.in.server_unc = r->in.server_unc;
	r2.in.client_account = NULL;
	r2.in.mask = 0;
	r2.in.domain_name = r->in.domain_name;
	r2.in.domain_guid = r->in.domain_guid;
	
	r2.in.site_name = NULL; /* should fill in from site GUID */
	r2.in.flags = r->in.flags;
	r2.out.info = NULL;

	werr = dcesrv_netr_DsRGetDCNameEx2(dce_call, mem_ctx, &r2);
	
	r->out.info = r2.out.info;
	
	return werr;
}

/* 
  netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN 
*/
static WERROR dcesrv_netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/*
  netr_NetrEnumerateTrustedDomainsEx
*/
static WERROR dcesrv_netr_NetrEnumerateTrustedDomainsEx(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_NetrEnumerateTrustedDomainsEx *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_DsRAddressToSitenamesExW 
*/
static WERROR dcesrv_netr_DsRAddressToSitenamesExW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_DsRAddressToSitenamesExW *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_DsrGetDcSiteCoverageW
*/
static WERROR dcesrv_netr_DsrGetDcSiteCoverageW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_DsrGetDcSiteCoverageW *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_DsrEnumerateDomainTrusts 
*/
static WERROR dcesrv_netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
					      struct netr_DsrEnumerateDomainTrusts *r)
{
	struct netr_DomainTrust *trusts;
	void *sam_ctx;
	int ret;
	struct ldb_message **dom_res, **ref_res;
	const char * const dom_attrs[] = { "objectSid", "objectGUID", NULL };
	const char * const ref_attrs[] = { "nETBIOSName", "dnsRoot", NULL };
	struct ldb_dn *partitions_basedn;

	ZERO_STRUCT(r->out);

	sam_ctx = samdb_connect(mem_ctx, dce_call->event_ctx, dce_call->conn->dce_ctx->lp_ctx, dce_call->conn->auth_state.session_info);
	if (sam_ctx == NULL) {
		return WERR_GENERAL_FAILURE;
	}

	partitions_basedn = samdb_partitions_dn(sam_ctx, mem_ctx);

	ret = gendb_search_dn(sam_ctx, mem_ctx, NULL, &dom_res, dom_attrs);
	if (ret == -1) {
		return WERR_GENERAL_FAILURE;		
	}
	if (ret != 1) {
		return WERR_GENERAL_FAILURE;
	}

	ret = gendb_search(sam_ctx, mem_ctx, partitions_basedn, &ref_res, ref_attrs,
			   "(&(objectClass=crossRef)(ncName=%s))",
			   ldb_dn_get_linearized(dom_res[0]->dn));
	if (ret == -1) {
		return WERR_GENERAL_FAILURE;
	}
	if (ret != 1) {
		return WERR_GENERAL_FAILURE;
	}

	trusts = talloc_array(mem_ctx, struct netr_DomainTrust, ret);
	W_ERROR_HAVE_NO_MEMORY(trusts);
	
	r->out.count = 1;
	r->out.trusts = trusts;

	/* TODO: add filtering by trust_flags, and correct trust_type
	   and attributes */
	trusts[0].netbios_name = samdb_result_string(ref_res[0], "nETBIOSName", NULL);
	trusts[0].dns_name     = samdb_result_string(ref_res[0], "dnsRoot", NULL);
	trusts[0].trust_flags = 
		NETR_TRUST_FLAG_TREEROOT | 
		NETR_TRUST_FLAG_IN_FOREST | 
		NETR_TRUST_FLAG_PRIMARY;
	trusts[0].parent_index = 0;
	trusts[0].trust_type = 2;
	trusts[0].trust_attributes = 0;
	trusts[0].sid  = samdb_result_dom_sid(mem_ctx, dom_res[0], "objectSid");
	trusts[0].guid = samdb_result_guid(dom_res[0], "objectGUID");

	return WERR_OK;
}


/*
  netr_DsrDeregisterDNSHostRecords
*/
static WERROR dcesrv_netr_DsrDeregisterDNSHostRecords(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_DsrDeregisterDNSHostRecords *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/*
  netr_ServerTrustPasswordsGet
*/
static NTSTATUS dcesrv_netr_ServerTrustPasswordsGet(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_ServerTrustPasswordsGet *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_DsRGetForestTrustInformation 
*/
static WERROR dcesrv_netr_DsRGetForestTrustInformation(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_DsRGetForestTrustInformation *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/*
  netr_GetForestTrustInformation
*/
static WERROR dcesrv_netr_GetForestTrustInformation(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_GetForestTrustInformation *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* 
  netr_NETRSERVERGETTRUSTINFO 
*/
static WERROR dcesrv_netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
		       struct netr_NETRSERVERGETTRUSTINFO *r)
{
	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}


/* include the generated boilerplate */
#include "librpc/gen_ndr/ndr_netlogon_s.c"