lsar_open.c revision a0aa776e20803c84edd153d9cb584fd67163aef3
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2009 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* Local Security Authority RPC (LSARPC) library interface functions for
* open and close calls.
*/
#include <stdio.h>
#include <strings.h>
#include <smbsrv/libmlsvc.h>
#include <smbsrv/ntaccess.h>
#include <smbsrv/ntstatus.h>
#include <lsalib.h>
/*
* lsar_open
*
* This is a wrapper round lsar_open_policy2 to ensure that we connect
* using the appropriate domain information.
*
* If username argument is NULL, an anonymous connection will be established.
* Otherwise, an authenticated connection will be established.
*
* On success 0 is returned. Otherwise a -ve error code.
*/
{
return (-1);
}
/*
* lsar_open_policy2
*
* Obtain an LSA policy handle. A policy handle is required to access
* LSA resources on a remote server. The server name supplied here does
* not need the double backslash prefix; it is added here. Call this
* function via lsar_open to ensure that the appropriate connection is
* in place.
*
* I'm not sure if it makes a difference whether we use GENERIC_EXECUTE
* or STANDARD_RIGHTS_EXECUTE. For a long time I used the standard bit
* and then I added the generic bit while working on privileges because
* NT sets that bit. I don't think it matters.
*
* Returns 0 on success. Otherwise non-zero to indicate a failure.
*/
int
{
struct mslsa_OpenPolicy2 arg;
int opnum;
int len;
int rc;
if (rc != 0)
return (-1);
return (-1);
}
} else {
}
return (-1);
}
rc = -1;
} else {
sizeof (ndr_hdid_t));
if (ndr_is_null_handle(lsa_handle))
rc = -1;
}
if (rc != 0)
return (rc);
}
/*
* lsar_open_account
*
* Obtain an LSA account handle. The lsa_handle must be a valid handle
* obtained via lsar_open_policy2. The main thing to remember here is
* to set up the context in the lsa_account_handle. I'm not sure what
* the requirements are for desired access. Some values require admin
* access.
*
* Returns 0 on success. Otherwise non-zero to indicate a failure.
*/
int
{
struct mslsa_OpenAccount arg;
int opnum;
int rc;
return (-1);
#if 0
#endif
return (-1);
rc = -1;
} else {
rc = -1;
}
return (rc);
}
/*
* lsar_close
*
* Close the LSA connection associated with the handle. The lsa_handle
* must be a valid handle obtained via a call to lsar_open_policy2 or
* lsar_open_account. On success the handle will be zeroed out to
* ensure that it is not used again. If this is the top level handle
* (i.e. the one obtained via lsar_open_policy2) the pipe is closed.
*
* Returns 0 on success. Otherwise non-zero to indicate a failure.
*/
int
{
struct mslsa_CloseHandle arg;
int opnum;
if (ndr_is_null_handle(lsa_handle))
return (-1);
if (ndr_is_bind_handle(lsa_handle))
return (0);
}