source3/utils/netlookup.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3
   4    Name lookup.
   5
   6    Copyright (C) Jeremy Allison 2005
   7
   8    This program is free software; you can redistribute it and/or modify
   9    it under the terms of the GNU General Public License as published by
  10    the Free Software Foundation; either version 3 of the License, or
  11    (at your option) any later version.
  12
  13    This program is distributed in the hope that it will be useful,
  14    but WITHOUT ANY WARRANTY; without even the implied warranty of
  15    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16    GNU General Public License for more details.
  17
  18    You should have received a copy of the GNU General Public License
  19    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  20 */
  21
  22 #include "includes.h"
  23 #include "utils/net.h"
  24
  25 /********************************************************
  26  Connection cachine struct. Goes away when ctx destroyed.
  27 ********************************************************/
  28
  29 struct con_struct {
  30         BOOL failed_connect;
  31         NTSTATUS err;
  32         struct cli_state *cli;
  33         struct rpc_pipe_client *lsapipe;
  34         POLICY_HND pol;
  35 };
  36
  37 static struct con_struct *cs;
  38
  39 /********************************************************
  40  Close connection on context destruction.
  41 ********************************************************/
  42
  43 static int cs_destructor(struct con_struct *p)
  44 {
  45         if (cs->cli) {
  46                 cli_shutdown(cs->cli);
  47         }
  48         cs = NULL;
  49         return 0;
  50 }
  51
  52 /********************************************************
  53  Create the connection to localhost.
  54 ********************************************************/
  55
  56 static struct con_struct *create_cs(TALLOC_CTX *ctx, NTSTATUS *perr)
  57 {
  58         NTSTATUS nt_status;
  59         struct in_addr loopback_ip = *interpret_addr2("127.0.0.1");
  60
  61         *perr = NT_STATUS_OK;
  62
  63         if (cs) {
  64                 if (cs->failed_connect) {
  65                         *perr = cs->err;
  66                         return NULL;
  67                 }
  68                 return cs;
  69         }
  70
  71         cs = TALLOC_P(ctx, struct con_struct);
  72         if (!cs) {
  73                 *perr = NT_STATUS_NO_MEMORY;
  74                 return NULL;
  75         }
  76
  77         ZERO_STRUCTP(cs);
  78         talloc_set_destructor(cs, cs_destructor);
  79
  80         /* Connect to localhost with given username/password. */
  81         /* JRA. Pretty sure we can just do this anonymously.... */
  82 #if 0
  83         if (!opt_password && !opt_machine_pass) {
  84                 char *pass = getpass("Password:");
  85                 if (pass) {
  86                         opt_password = SMB_STRDUP(pass);
  87                 }
  88         }
  89 #endif
  90
  91         nt_status = cli_full_connection(&cs->cli, global_myname(), global_myname(),
  92                                         &loopback_ip, 0,
  93                                         "IPC$", "IPC",
  94 #if 0
  95                                         opt_user_name,
  96                                         opt_workgroup,
  97                                         opt_password,
  98 #else
  99                                         "",
 100                                         opt_workgroup,
 101                                         "",
 102 #endif
 103                                         0,
 104                                         Undefined,
 105                                         NULL);
 106
 107         if (!NT_STATUS_IS_OK(nt_status)) {
 108                 DEBUG(2,("create_cs: Connect failed. Error was %s\n", nt_errstr(nt_status)));
 109                 cs->failed_connect = True;
 110                 cs->err = nt_status;
 111                 *perr = nt_status;
 112                 return NULL;
 113         }
 114
 115         cs->lsapipe = cli_rpc_pipe_open_noauth(cs->cli,
 116                                         PI_LSARPC,
 117                                         &nt_status);
 118
 119         if (cs->lsapipe == NULL) {
 120                 DEBUG(2,("create_cs: open LSA pipe failed. Error was %s\n", nt_errstr(nt_status)));
 121                 cs->failed_connect = True;
 122                 cs->err = nt_status;
 123                 *perr = nt_status;
 124                 return NULL;
 125         }
 126
 127         nt_status = rpccli_lsa_open_policy(cs->lsapipe, ctx, True,
 128                                 SEC_RIGHTS_MAXIMUM_ALLOWED,
 129                                 &cs->pol);
 130
 131         if (!NT_STATUS_IS_OK(nt_status)) {
 132                 DEBUG(2,("create_cs: rpccli_lsa_open_policy failed. Error was %s\n", nt_errstr(nt_status)));
 133                 cs->failed_connect = True;
 134                 cs->err = nt_status;
 135                 *perr = nt_status;
 136                 return NULL;
 137         }
 138
 139         return cs;
 140 }
 141
 142 /********************************************************
 143  Do a lookup_sids call to localhost.
 144  Check if the local machine is authoritative for this sid. We can't
 145  check if this is our SID as that's stored in the root-read-only
 146  secrets.tdb.
 147  The local smbd will also ask winbindd for us, so we don't have to.
 148 ********************************************************/
 149
 150 NTSTATUS net_lookup_name_from_sid(TALLOC_CTX *ctx,
 151                                 DOM_SID *psid,
 152                                 const char **ppdomain,
 153                                 const char **ppname)
 154 {
 155         NTSTATUS nt_status;
 156         struct con_struct *csp = NULL;
 157         char **domains;
 158         char **names;
 159         enum lsa_SidType *types;
 160
 161         *ppdomain = NULL;
 162         *ppname = NULL;
 163
 164         csp = create_cs(ctx, &nt_status);
 165         if (csp == NULL) {
 166                 return nt_status;
 167         }
 168
 169         nt_status = rpccli_lsa_lookup_sids(csp->lsapipe, ctx,
 170                                                 &csp->pol,
 171                                                 1, psid,
 172                                                 &domains,
 173                                                 &names,
 174                                                 &types);
 175
 176         if (!NT_STATUS_IS_OK(nt_status)) {
 177                 return nt_status;
 178         }
 179
 180         *ppdomain = domains[0];
 181         *ppname = names[0];
 182         /* Don't care about type here. */
 183
 184         /* Converted OK */
 185         return NT_STATUS_OK;
 186 }
 187
 188 /********************************************************
 189  Do a lookup_names call to localhost.
 190 ********************************************************/
 191
 192 NTSTATUS net_lookup_sid_from_name(TALLOC_CTX *ctx, const char *full_name, DOM_SID *pret_sid)
 193 {
 194         NTSTATUS nt_status;
 195         struct con_struct *csp = NULL;
 196         DOM_SID *sids = NULL;
 197         enum lsa_SidType *types = NULL;
 198
 199         csp = create_cs(ctx, &nt_status);
 200         if (csp == NULL) {
 201                 return nt_status;
 202         }
 203
 204         nt_status = rpccli_lsa_lookup_names(csp->lsapipe, ctx,
 205                                                 &csp->pol,
 206                                                 1,
 207                                                 &full_name,
 208                                                 NULL, 1,
 209                                                 &sids, &types);
 210
 211         if (!NT_STATUS_IS_OK(nt_status)) {
 212                 return nt_status;
 213         }
 214
 215         *pret_sid = sids[0];
 216
 217         /* Converted OK */
 218         return NT_STATUS_OK;
 219 }