From: Stefan Metzmacher Date: Tue, 5 Jun 2018 00:44:28 +0000 (+0200) Subject: libcli/lsarpc: add trust_forest_info_{from,to}_lsa() X-Git-Tag: tevent-0.17.0~718 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2bf1e671684639b32438ac05805d3fa4d847f2b6;p=thirdparty%2Fsamba.git libcli/lsarpc: add trust_forest_info_{from,to}_lsa() They will replace the dsdb_trust_forest_info_{from,to}_lsa() functions. They are just copied over. Signed-off-by: Stefan Metzmacher Reviewed-by: Ralph Boehme --- diff --git a/libcli/lsarpc/util_lsarpc.c b/libcli/lsarpc/util_lsarpc.c index 96c98487a7e..7f62b025471 100644 --- a/libcli/lsarpc/util_lsarpc.c +++ b/libcli/lsarpc/util_lsarpc.c @@ -21,6 +21,7 @@ #include "../librpc/gen_ndr/ndr_drsblobs.h" #include "../librpc/gen_ndr/ndr_lsa.h" #include "libcli/lsarpc/util_lsarpc.h" +#include "libcli/security/dom_sid.h" static NTSTATUS ai_array_2_trust_domain_info_buffer(TALLOC_CTX *mem_ctx, uint32_t count, @@ -357,3 +358,232 @@ NTSTATUS auth_info_2_auth_blob(TALLOC_CTX *mem_ctx, return NT_STATUS_OK; } + +NTSTATUS trust_forest_info_from_lsa(TALLOC_CTX *mem_ctx, + const struct lsa_ForestTrustInformation *lfti, + struct ForestTrustInfo **_fti) +{ + struct ForestTrustInfo *fti; + uint32_t i; + + *_fti = NULL; + + fti = talloc_zero(mem_ctx, struct ForestTrustInfo); + if (fti == NULL) { + return NT_STATUS_NO_MEMORY; + } + + fti->version = 1; + fti->count = lfti->count; + fti->records = talloc_zero_array(mem_ctx, + struct ForestTrustInfoRecordArmor, + fti->count); + if (fti->records == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_NO_MEMORY; + } + + for (i = 0; i < fti->count; i++) { + const struct lsa_ForestTrustRecord *lftr = lfti->entries[i]; + struct ForestTrustInfoRecord *ftr = &fti->records[i].record; + struct ForestTrustString *str = NULL; + const struct lsa_StringLarge *lstr = NULL; + const struct lsa_ForestTrustDomainInfo *linfo = NULL; + struct ForestTrustDataDomainInfo *info = NULL; + + if (lftr == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_INVALID_PARAMETER; + } + + ftr->flags = lftr->flags; + ftr->timestamp = lftr->time; + ftr->type = (enum ForestTrustInfoRecordType)lftr->type; + + switch (lftr->type) { + case LSA_FOREST_TRUST_TOP_LEVEL_NAME: + lstr = &lftr->forest_trust_data.top_level_name; + str = &ftr->data.name; + + str->string = talloc_strdup(mem_ctx, lstr->string); + if (str->string == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_NO_MEMORY; + } + + break; + + case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX: + lstr = &lftr->forest_trust_data.top_level_name_ex; + str = &ftr->data.name; + + str->string = talloc_strdup(mem_ctx, lstr->string); + if (str->string == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_NO_MEMORY; + } + + break; + + case LSA_FOREST_TRUST_DOMAIN_INFO: + linfo = &lftr->forest_trust_data.domain_info; + info = &ftr->data.info; + + if (linfo->domain_sid == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_INVALID_PARAMETER; + } + info->sid = *linfo->domain_sid; + + lstr = &linfo->dns_domain_name; + str = &info->dns_name; + str->string = talloc_strdup(mem_ctx, lstr->string); + if (str->string == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_NO_MEMORY; + } + + lstr = &linfo->netbios_domain_name; + str = &info->netbios_name; + str->string = talloc_strdup(mem_ctx, lstr->string); + if (str->string == NULL) { + TALLOC_FREE(fti); + return NT_STATUS_NO_MEMORY; + } + + break; + + default: + return NT_STATUS_NOT_SUPPORTED; + } + } + + *_fti = fti; + return NT_STATUS_OK; +} + +static NTSTATUS trust_forest_record_to_lsa(TALLOC_CTX *mem_ctx, + const struct ForestTrustInfoRecord *ftr, + struct lsa_ForestTrustRecord **_lftr) +{ + struct lsa_ForestTrustRecord *lftr = NULL; + const struct ForestTrustString *str = NULL; + struct lsa_StringLarge *lstr = NULL; + const struct ForestTrustDataDomainInfo *info = NULL; + struct lsa_ForestTrustDomainInfo *linfo = NULL; + + *_lftr = NULL; + + lftr = talloc_zero(mem_ctx, struct lsa_ForestTrustRecord); + if (lftr == NULL) { + return NT_STATUS_NO_MEMORY; + } + + lftr->flags = ftr->flags; + lftr->time = ftr->timestamp; + lftr->type = (enum lsa_ForestTrustRecordType)ftr->type; + + switch (lftr->type) { + case LSA_FOREST_TRUST_TOP_LEVEL_NAME: + lstr = &lftr->forest_trust_data.top_level_name; + str = &ftr->data.name; + + lstr->string = talloc_strdup(mem_ctx, str->string); + if (lstr->string == NULL) { + TALLOC_FREE(lftr); + return NT_STATUS_NO_MEMORY; + } + + break; + + case LSA_FOREST_TRUST_TOP_LEVEL_NAME_EX: + lstr = &lftr->forest_trust_data.top_level_name_ex; + str = &ftr->data.name; + + lstr->string = talloc_strdup(mem_ctx, str->string); + if (lstr->string == NULL) { + TALLOC_FREE(lftr); + return NT_STATUS_NO_MEMORY; + } + + break; + + case LSA_FOREST_TRUST_DOMAIN_INFO: + linfo = &lftr->forest_trust_data.domain_info; + info = &ftr->data.info; + + linfo->domain_sid = dom_sid_dup(lftr, &info->sid); + if (linfo->domain_sid == NULL) { + TALLOC_FREE(lftr); + return NT_STATUS_NO_MEMORY; + } + + lstr = &linfo->dns_domain_name; + str = &info->dns_name; + lstr->string = talloc_strdup(mem_ctx, str->string); + if (lstr->string == NULL) { + TALLOC_FREE(lftr); + return NT_STATUS_NO_MEMORY; + } + + lstr = &linfo->netbios_domain_name; + str = &info->netbios_name; + lstr->string = talloc_strdup(mem_ctx, str->string); + if (lstr->string == NULL) { + TALLOC_FREE(lftr); + return NT_STATUS_NO_MEMORY; + } + + break; + + default: + return NT_STATUS_NOT_SUPPORTED; + } + + *_lftr = lftr; + return NT_STATUS_OK; +} + +NTSTATUS trust_forest_info_to_lsa(TALLOC_CTX *mem_ctx, + const struct ForestTrustInfo *fti, + struct lsa_ForestTrustInformation **_lfti) +{ + struct lsa_ForestTrustInformation *lfti; + uint32_t i; + + *_lfti = NULL; + + if (fti->version != 1) { + return NT_STATUS_INVALID_PARAMETER; + } + + lfti = talloc_zero(mem_ctx, struct lsa_ForestTrustInformation); + if (lfti == NULL) { + return NT_STATUS_NO_MEMORY; + } + + lfti->count = fti->count; + lfti->entries = talloc_zero_array(mem_ctx, + struct lsa_ForestTrustRecord *, + lfti->count); + if (lfti->entries == NULL) { + TALLOC_FREE(lfti); + return NT_STATUS_NO_MEMORY; + } + + for (i = 0; i < fti->count; i++) { + struct ForestTrustInfoRecord *ftr = &fti->records[i].record; + struct lsa_ForestTrustRecord *lftr = NULL; + NTSTATUS status; + + status = trust_forest_record_to_lsa(lfti->entries, ftr, &lftr); + if (!NT_STATUS_IS_OK(status)) { + TALLOC_FREE(lfti); + return NT_STATUS_NO_MEMORY; + } + lfti->entries[i] = lftr; + } + + *_lfti = lfti; + return NT_STATUS_OK; +} diff --git a/libcli/lsarpc/util_lsarpc.h b/libcli/lsarpc/util_lsarpc.h index 4dc65467436..6795c148357 100644 --- a/libcli/lsarpc/util_lsarpc.h +++ b/libcli/lsarpc/util_lsarpc.h @@ -24,6 +24,8 @@ struct lsa_TrustDomainInfoAuthInfo; struct lsa_TrustDomainInfoBuffer; struct trustAuthInOutBlob; +struct ForestTrustInfo; +struct lsa_ForestTrustInformation; NTSTATUS auth_blob_2_auth_info(TALLOC_CTX *mem_ctx, DATA_BLOB incoming, DATA_BLOB outgoing, @@ -37,4 +39,11 @@ NTSTATUS auth_info_2_auth_blob(TALLOC_CTX *mem_ctx, struct lsa_TrustDomainInfoAuthInfo *auth_info, DATA_BLOB *incoming, DATA_BLOB *outgoing); +NTSTATUS trust_forest_info_from_lsa(TALLOC_CTX *mem_ctx, + const struct lsa_ForestTrustInformation *lfti, + struct ForestTrustInfo **_fti); +NTSTATUS trust_forest_info_to_lsa(TALLOC_CTX *mem_ctx, + const struct ForestTrustInfo *fti, + struct lsa_ForestTrustInformation **_lfti); + #endif /* _LIBCLI_AUTH_UTIL_LSARPC_H_ */ diff --git a/libcli/lsarpc/wscript_build b/libcli/lsarpc/wscript_build index c613d66a8c2..6bb815b342b 100644 --- a/libcli/lsarpc/wscript_build +++ b/libcli/lsarpc/wscript_build @@ -2,4 +2,4 @@ bld.SAMBA_SUBSYSTEM('UTIL_LSARPC', source='util_lsarpc.c', - deps='NDR_LSA NDR_DRSBLOBS'); + deps='samba-security NDR_LSA NDR_DRSBLOBS');