|
|
Author: vlendec
Date: 2005-11-23 15:52:23 +0000 (Wed, 23 Nov 2005)
New Revision: 11883
WebSVN:
http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11883
Log:
Also look up the membership in the domain local groups.
Volker
Modified:
branches/SAMBA_4_0/source/torture/rpc/xplogin.c
Changeset:
Modified: branches/SAMBA_4_0/source/torture/rpc/xplogin.c
===================================================================
--- branches/SAMBA_4_0/source/torture/rpc/xplogin.c 2005-11-23 12:30:57 UTC
(rev 11882)
+++ branches/SAMBA_4_0/source/torture/rpc/xplogin.c 2005-11-23 15:52:23 UTC
(rev 11883)
@@ -1147,6 +1147,10 @@
struct samr_Close c;
struct samr_GetGroupsForUser g;
+ struct lsa_SidArray sids;
+ struct samr_GetAliasMembership ga;
+ struct samr_Ids samr_ids;
+
uint32_t *rids;
struct samr_LookupRids r;
};
@@ -1214,7 +1218,7 @@
composite_continue_rpc(c, req, memberships_recv_closeuser, c);
}
-static void memberships_recv_mem(struct rpc_request *req)
+static void memberships_recv_aliases(struct rpc_request *req)
{
struct composite_context *c =
talloc_get_type(req->async.private,
@@ -1222,23 +1226,36 @@
struct memberships_state *state =
talloc_get_type(c->private_data,
struct memberships_state);
- int i, num_rids;
+ int i, rid_index, num_rids;
c->status = dcerpc_ndr_request_recv(req);
if (!composite_is_ok(c)) return;
- c->status = state->g.out.result;
+ c->status = state->ga.out.result;
if (!composite_is_ok(c)) return;
- num_rids = state->g.out.rids->count;
+ num_rids = state->g.out.rids->count +
+ state->ga.out.rids->count + 1;
+
state->rids = talloc_array(state, uint32_t, num_rids);
if (composite_nomem(state->rids, c)) return;
- for (i=0; i<num_rids; i++) {
- state->rids[i] = state->g.out.rids->rids[i].rid;
+ rid_index = 0;
+
+ /* User */
+ state->rids[rid_index++] = state->l.out.rids.ids[0];
+
+ /* Groups */
+ for (i=0; i<state->g.out.rids->count; i++) {
+ state->rids[rid_index++] = state->g.out.rids->rids[i].rid;
}
+ /* Aliases (aka domain local groups) */
+ for (i=0; i<state->ga.out.rids->count; i++) {
+ state->rids[rid_index++] = state->ga.out.rids->ids[i];
+ }
+
state->r.in.domain_handle = &state->domain_handle;
- state->r.in.num_rids = state->g.out.rids->count;
+ state->r.in.num_rids = num_rids;
state->r.in.rids = state->rids;
req = dcerpc_samr_LookupRids_send(state->samr_pipe, state,
@@ -1246,6 +1263,48 @@
composite_continue_rpc(c, req, memberships_recv_names, c);
}
+static void memberships_recv_mem(struct rpc_request *req)
+{
+ struct composite_context *c =
+ talloc_get_type(req->async.private,
+ struct composite_context);
+ struct memberships_state *state =
+ talloc_get_type(c->private_data,
+ struct memberships_state);
+ int i;
+
+ c->status = dcerpc_ndr_request_recv(req);
+ if (!composite_is_ok(c)) return;
+ c->status = state->g.out.result;
+ if (!composite_is_ok(c)) return;
+
+ state->sids.num_sids = state->g.out.rids->count+1;
+ state->sids.sids = talloc_array(state, struct lsa_SidPtr,
+ state->sids.num_sids);
+
+ if (composite_nomem(state->sids.sids, c)) return;
+
+ state->sids.sids[0].sid = dom_sid_add_rid(state->sids.sids,
+ state->domain_sid,
+ state->l.out.rids.ids[0]);
+ if (composite_nomem(state->sids.sids[0].sid, c)) return;
+
+ for (i=0; i<state->g.out.rids->count; i++) {
+ state->sids.sids[i+1].sid = dom_sid_add_rid(
+ state->sids.sids, state->domain_sid,
+ state->g.out.rids->rids[i].rid);
+ if (composite_nomem(state->sids.sids[i+1].sid, c)) return;
+ }
+
+ state->ga.in.sids = &state->sids;
+ state->ga.in.domain_handle = &state->domain_handle;
+ state->ga.out.rids = &state->samr_ids;
+
+ req = dcerpc_samr_GetAliasMembership_send(state->samr_pipe, state,
+ &state->ga);
+ composite_continue_rpc(c, req, memberships_recv_aliases, c);
+}
+
static void memberships_recv_user(struct rpc_request *req)
{
struct composite_context *c =
@@ -1393,6 +1452,8 @@
int num_domadmins;
struct wb_sid_object **domadmins;
+ int num_memberships_done;
+
struct smb_composite_connect conn;
struct cli_credentials *wks_creds;
struct dcerpc_pipe *netlogon_pipe;
@@ -1731,6 +1792,8 @@
&state->domadmins);
if (!composite_is_ok(c)) return;
+ state->num_memberships_done = 0;
+
creq = memberships_send(state,
dcerpc_smb_tree(state->netlogon_pipe->conn),
state->user_name);
@@ -1742,11 +1805,23 @@
struct composite_context *c =
talloc_get_type(creq->async.private_data,
struct composite_context);
+ struct xp_login_state *state =
+ talloc_get_type(c->private_data, struct xp_login_state);
c->status = memberships_recv(creq);
-
if (!composite_is_ok(c)) return;
+ state->num_memberships_done += 1;
+
+ if (state->num_memberships_done < 3) {
+ /* Yes, this is ususally done more than once. It might be due
+ to ntconfig.pol and local security policy settings. */
+ creq = memberships_send(
+ state, dcerpc_smb_tree(state->netlogon_pipe->conn),
+ state->user_name);
+ composite_continue(c, creq, xp_login_recv_memberships, c);
+ return;
+ }
composite_done(c);
}
|
|