archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/ds/netapi/svcdlls/logonsrv/server/nlldap.cxx

657 lines
21 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*--
  4. Copyright (c) 1996-1997 Microsoft Corporation
  6. Module Name:
  8. nlldap.cxx
  10. Abstract:
  12. Routines the use the DS's ldap filter.
  14. This is actually in a .cxx file by itself to work around a compiler bug
  15. where .c files cannot include ldap.h
  17. Author:
  20. Environment:
  22. User mode only.
  23. Contains NT-specific code.
  24. Requires ANSI C extensions: slash-slash comments, long external names.
  26. Revision History:
  28. --*/
  31. #ifdef __cplusplus
  32. extern "C" {
  33. #endif /* __cplusplus */
  34. #include <nt.h> // LARGE_INTEGER definition
  35. #include <ntrtl.h> // LARGE_INTEGER definition
  36. #include <nturtl.h> // LARGE_INTEGER definition
  37. #include <ntlsa.h> // Needed by lsrvdata.h
  38. #include <ntddbrow.h> // Needed by nlcommon.h
  40. #define NOMINMAX // Avoid redefinition of min and max in stdlib.h
  41. #include <rpc.h> // Needed by logon_s.h
  42. #include <logon_s.h> // includes lmcons.h, lmaccess.h, netlogon.h, ssi.h, windef.h
  43. //
  44. #include <windows.h>
  45. #include <winsock2.h> // Winsock support
  46. #include <lmapibuf.h> // NetApiBufferFree
  47. #include <logonp.h> // NetpLogon routines
  48. #include <lsarpc.h> // Needed by lsrvdata.h and logonsrv.h
  49. #include <lsaisrv.h> // Needed by changelg.h
  50. #include <wincrypt.h> // CryptoAPI, needed by lsrvdata.h
  51. #ifdef __cplusplus
  52. } /* extern "C" */
  53. #endif /* __cplusplus */
  54. #include <netlib.h> // Needed by nlcommon.h
  55. #ifdef __cplusplus
  56. extern "C" {
  57. #endif /* __cplusplus */
  58. #include <samrpc.h> // Needed by lsrvdata.h and logonsrv.h
  59. #include <ntdsa.h> // THSave/THRestore
  60. #include <wmistr.h> // Needed by lsrvdata.h
  61. #include <evntrace.h> // Needed by lsrvdata.h
  62. #include <sspi.h> // Needed by ssiinit.h
  64. //
  65. // Netlogon specific header files.
  66. //
  68. #define _AVOID_REPL_API 1
  69. #include <nlrepl.h> // I_Net*
  70. #include "worker.h" // Worker routines
  71. #include "nlcommon.h" // Routines shared with logonsrv\common
  72. #include "domain.h" // Hosted domain definitions
  73. #include "changelg.h" // Change Log support
  74. #include "chutil.h" // Change Log utilities
  75. #include "iniparm.h" // registry parameters
  76. #include "windns.h" // needed by ssiinit.h
  77. #include "ssiinit.h" // Misc global definitions
  78. #include "nldebug.h" // Netlogon debugging
  79. #include "lsrvdata.h" // Globals
  81. // #include <string.h> // strnicmp ...
  82. #include <ldap.h> // Filter for LDAP query
  84. #define NL_MAXIMUM_USER_NAME_LENGTH 20 // The max SAM allows
  86. BOOLEAN
  87. IsFilterName(
  88. IN Filter *CurrentFilter,
  89. IN LPSTR NameToMatch
  90. )
  92. /*++
  94. Routine Description:
  96. If the CurrentFilter is for NameToMatch, return TRUE
  98. Arguments:
  100. Filter - Pointer to an equalityMatch Filter element.
  102. NameToMatch - Specifies the name to compare with the filter element.
  104. Return Value:
  106. TRUE name matches.
  108. --*/
  109. {
  110. ULONG NameLength;
  112. NameLength = strlen( NameToMatch );
  113. if ( NameLength != CurrentFilter->u.equalityMatch.attributeDesc.length ) {
  114. return FALSE;
  115. }
  116. if ( _strnicmp( NameToMatch,
  117. (LPSTR)CurrentFilter->u.equalityMatch.attributeDesc.value,
  118. NameLength ) != 0 ) {
  119. return FALSE;
  120. }
  121. return TRUE;
  122. }
  124. NET_API_STATUS
  125. FilterString(
  126. IN Filter *CurrentFilter,
  127. IN ULONG UnicodeStringBufferSize,
  128. OUT LPWSTR UnicodeStringBuffer OPTIONAL,
  129. OUT LPWSTR *UnicodeString
  130. )
  132. /*++
  134. Routine Description:
  136. Return a zero terminated unicode string containing the value of the
  137. current equalityMatch filter element.
  139. The value of the element is expected to be in UTF-8.
  141. Arguments:
  143. Filter - Pointer to an equalityMatch Filter element.
  145. UnicodeStringBuffer -- Buffer to copy the covnverted string to.
  146. If NULL, the function will allocate the needed memory and
  147. return it in UnicodeString.
  149. UnicodeStringSize - Size in wide charactes of UnicodeStringBuffer.
  150. If this size is less than what's needed to store the resulting
  151. NULL terminated unicode string, the function will allocate the
  152. needed memory and return it in UnicodeString.
  154. UnicodeString - Returns a pointer to the resulting string.
  155. If the passed in buffer for the resulting unicode string isn't
  156. large enough, the function will allocate the needed memory and
  157. the pointer to the allocated memory will be returned in this
  158. parameter. If NULL and the passed in buffer isn't large enough
  159. to store the resulting NULL terminated string, the function
  160. returns ERROR_INSUFFICIENT_BUFFER. On successful return, the
  161. caller should check whether UnicodeString != UnicodeStringBuffer
  162. and, if so, free the allocated buffer using NetApiBufferFree.
  164. Return Value:
  166. Error returned by NetpAllocWStrFromUtf8StrAsRequired.
  168. --*/
  169. {
  170. NET_API_STATUS NetStatus;
  171. LPWSTR AllocatedUnicodeString = NULL;
  173. //
  174. // Call the worker routine
  175. //
  177. NetStatus = NetpAllocWStrFromUtf8StrAsRequired(
  178. (LPSTR)CurrentFilter->u.equalityMatch.assertionValue.value,
  179. CurrentFilter->u.equalityMatch.assertionValue.length,
  180. UnicodeStringBufferSize,
  181. UnicodeStringBuffer,
  182. &AllocatedUnicodeString );
  184. //
  185. // Set the return pointer to point to the appropriate buffer
  186. //
  188. if ( NetStatus == NO_ERROR ) {
  189. if ( AllocatedUnicodeString != NULL ) {
  190. NlAssert( AllocatedUnicodeString != UnicodeStringBuffer );
  191. *UnicodeString = AllocatedUnicodeString;
  192. } else {
  193. *UnicodeString = UnicodeStringBuffer;
  194. }
  195. }
  197. return NetStatus;
  198. }
  200. NET_API_STATUS
  201. FilterBinary(
  202. IN Filter *CurrentFilter,
  203. IN ULONG BufferSize,
  204. OUT PVOID Buffer,
  205. OUT PULONG DataSize
  206. )
  208. /*++
  210. Routine Description:
  212. Returns a properly aligned pointer to the binary data.
  214. Arguments:
  216. Filter - Pointer to an equalityMatch Filter element.
  218. Buffer - Buffer to copy the data into.
  220. BufferSize - The size of the passed buffer. If the
  221. buffer isn't large enough to store the data,
  222. ERROR_INSUFFICIENT_BUFFER is returned.
  224. DataSize - Size of the data copied
  226. Return Value:
  228. NO_ERROR - The data has been successfully coppied.
  230. ERROR_INSUFFICIENT_BUFFER - The passed in buffer is too small.
  232. --*/
  233. {
  234. if ( BufferSize < CurrentFilter->u.equalityMatch.assertionValue.length ) {
  235. return ERROR_INSUFFICIENT_BUFFER;
  236. }
  238. RtlCopyMemory( Buffer,
  239. CurrentFilter->u.equalityMatch.assertionValue.value,
  240. CurrentFilter->u.equalityMatch.assertionValue.length );
  242. *DataSize = CurrentFilter->u.equalityMatch.assertionValue.length;
  244. return NO_ERROR;
  245. }
  248. NTSTATUS
  249. I_NetLogonLdapLookupEx(
  250. IN PVOID FilterParam,
  251. IN PVOID ClientSockAddr,
  252. OUT PVOID *Response,
  253. OUT PULONG ResponseSize
  254. )
  256. /*++
  258. Routine Description:
  260. This routine builds a response to an LDAP ping of a DC. DsGetDcName does
  261. such a ping to ensure the DC is functional and still meets the requirements
  262. of the DsGetDcName. DsGetDcName does an LDAP lookup of the NULL DN asking
  263. for attribute "Netlogon". The DS turns that into a call to this routine
  264. passing in the filter parameter.
  266. The DS is expected to save the DS thread state before calling. This routine
  267. calls SAM which expects to have its own DS thread state.
  269. Arguments:
  271. Filter - Filter describing the query. The filter is built by the DsGetDcName
  272. client, so we can limit the flexibility significantly.
  274. SockAddr - Socket Address of the client this request came in on.
  276. Response - Returns a pointer to an allocated buffer containing
  277. the response to return to the caller. This response is a binary blob
  278. which should be returned to the caller bit-for-bit intact.
  279. The buffer should be freed be calling I_NetLogonFree.
  281. ResponseSize - Size (in bytes) of the returned message.
  283. Return Value:
  285. STATUS_SUCCESS -- The response was returned in the supplied buffer.
  287. STATUS_INVALID_PARAMETER -- The filter was invalid.
  289. --*/
  290. {
  291. NTSTATUS Status = STATUS_SUCCESS;
  292. NET_API_STATUS NetStatus = NO_ERROR;
  294. Filter *LdapFilter = (Filter *) FilterParam;
  295. Filter *CurrentFilter;
  296. struct _setof3_ *CurrentAnd;
  298. LPSTR DnsDomainName = NULL;
  299. GUID DomainGuid;
  300. GUID *DomainGuidPtr = NULL;
  301. // The domain SID buffer must be DWORD alligned. Avoid any buffer overflow problem
  302. // due to truncation in case SECURITY_MAX_SID_SIZE isn't evenly divisible by 4
  303. ULONG DomainSid[SECURITY_MAX_SID_SIZE/sizeof(ULONG)+1];
  304. PSID DomainSidPtr = NULL;
  305. WCHAR UnicodeComputerNameBuffer[MAX_COMPUTERNAME_LENGTH+1];
  306. LPWSTR UnicodeComputerName = NULL;
  307. WCHAR UnicodeUserNameBuffer[NL_MAXIMUM_USER_NAME_LENGTH+1];
  308. LPWSTR UnicodeUserName = NULL;
  309. ULONG AllowableAccountControlBits = 0;
  310. DWORD NtVersion = LMNT_MESSAGE;
  311. DWORD NtVersionFlags = NETLOGON_NT_VERSION_5;
  312. ULONG Length = 0;
  313. SOCKADDR_IN SockAddrIn;
  315. //
  316. // Initialization.
  317. //
  319. *Response = NULL;
  320. *ResponseSize = 0;
  322. //
  323. // If caller is calling when the netlogon service isn't running,
  324. // tell it so.
  325. //
  327. if ( !NlStartNetlogonCall() ) {
  328. return STATUS_INVALID_PARAMETER;
  329. }
  331. //
  332. // Validate the client socket address.
  333. //
  335. if ( ClientSockAddr != NULL ) {
  336. if ( ((PSOCKADDR)ClientSockAddr)->sa_family != AF_INET ) {
  337. NlPrint((NL_CRITICAL,
  338. "I_NetlogonLdapLookupEx: DS passed us a SOCKADDR that wasn't AF_INET (ignoring it)\n" ));
  339. ClientSockAddr = NULL;
  340. } else {
  341. //
  342. // Force the port number to zero to avoid confusion later.
  343. SockAddrIn = *((PSOCKADDR_IN)ClientSockAddr);
  344. SockAddrIn.sin_port = 0;
  345. ClientSockAddr = &SockAddrIn;
  347. }
  348. }
  352. //
  353. // Parse the filter.
  354. //
  356. if ( LdapFilter != NULL ) {
  358. //
  359. // The first element of the filter must be an AND.
  360. //
  362. if ( LdapFilter->choice != and_chosen ) {
  363. NlPrint((NL_CRITICAL,
  364. "I_NetlogonLdapLookup: Filter doesn't have AND %ld\n",
  365. LdapFilter->choice ));
  366. Status = STATUS_INVALID_PARAMETER;
  367. goto Cleanup;
  368. }
  370. //
  371. // Loop through the AND'ed attributes.
  372. //
  373. //
  375. for ( CurrentAnd = LdapFilter->u.and;
  376. CurrentAnd != NULL;
  377. CurrentAnd = CurrentAnd->next ) {
  379. CurrentFilter = &CurrentAnd->value;
  381. if ( CurrentFilter->choice != equalityMatch_chosen ) {
  382. NlPrint((NL_CRITICAL,
  383. "I_NetlogonLdapLookup: Filter doesn't have EqualityMatch %ld\n",
  384. LdapFilter->choice ));
  385. Status = STATUS_INVALID_PARAMETER;
  386. goto Cleanup;
  387. }
  389. //
  390. // Handle DnsDomainName parameter.
  391. //
  393. if ( IsFilterName( CurrentFilter, NL_FILTER_DNS_DOMAIN_NAME ) ) {
  395. if ( CurrentFilter->u.equalityMatch.assertionValue.length == 0 ) {
  396. NlPrint((NL_CRITICAL,
  397. "I_NetlogonLdapLookup: Bad DnsDomainName\n" ));
  398. Status = STATUS_INVALID_PARAMETER;
  399. goto Cleanup;
  400. }
  402. //
  403. // Avoid leaking memory - there must be only one domain name specified
  404. //
  406. if ( DnsDomainName != NULL ) {
  407. NlPrint(( NL_CRITICAL,
  408. "I_NetlogonLdapLookup: Bad ping from %ws: multiple DnsDomainName\n",
  409. UnicodeComputerName ));
  410. Status = STATUS_INVALID_PARAMETER;
  411. goto Cleanup;
  412. }
  414. NetStatus = NetApiBufferAllocate(
  415. CurrentFilter->u.equalityMatch.assertionValue.length + sizeof(CHAR),
  416. (LPVOID *) &DnsDomainName );
  418. if ( NetStatus != NO_ERROR ) {
  419. Status = STATUS_NO_MEMORY;
  420. goto Cleanup;
  421. }
  423. RtlCopyMemory( DnsDomainName,
  424. CurrentFilter->u.equalityMatch.assertionValue.value,
  425. CurrentFilter->u.equalityMatch.assertionValue.length );
  427. DnsDomainName[ CurrentFilter->u.equalityMatch.assertionValue.length ] = '\0';
  429. //
  430. // Handle Host parameter.
  431. //
  433. } else if ( IsFilterName( CurrentFilter, NL_FILTER_HOST_NAME ) ) {
  435. //
  436. // Avoid leaking memory - there must be only one host name specified
  437. //
  439. if ( UnicodeComputerName != NULL ) {
  440. NlPrint(( NL_CRITICAL,
  441. "I_NetlogonLdapLookup: Bad ping from %ws: multiple UnicodeComputerName\n",
  442. UnicodeComputerName ));
  443. Status = STATUS_INVALID_PARAMETER;
  444. goto Cleanup;
  445. }
  447. NetStatus = FilterString( CurrentFilter,
  448. MAX_COMPUTERNAME_LENGTH+1,
  449. UnicodeComputerNameBuffer,
  450. &UnicodeComputerName );
  452. if ( NetStatus != NO_ERROR ) {
  453. NlPrint((NL_CRITICAL,
  454. "I_NetlogonLdapLookup: Bad UnicodeComputerName 0x%lx\n",
  455. NetStatus ));
  456. Status = STATUS_INVALID_PARAMETER;
  457. goto Cleanup;
  458. }
  460. //
  461. // Handle User parameter.
  462. //
  464. } else if ( IsFilterName( CurrentFilter, NL_FILTER_USER_NAME ) ) {
  466. //
  467. // Avoid leaking memory - there must be only one user name specified
  468. //
  470. if ( UnicodeUserName != NULL ) {
  471. NlPrint(( NL_CRITICAL,
  472. "I_NetlogonLdapLookup: Bad ping from %ws: multiple UnicodeUserName\n",
  473. UnicodeComputerName ));
  474. Status = STATUS_INVALID_PARAMETER;
  475. goto Cleanup;
  476. }
  478. NetStatus = FilterString( CurrentFilter,
  479. NL_MAXIMUM_USER_NAME_LENGTH+1,
  480. UnicodeUserNameBuffer,
  481. &UnicodeUserName );
  483. if ( NetStatus != NO_ERROR ) {
  484. NlPrint((NL_CRITICAL,
  485. "I_NetlogonLdapLookup: Bad UnicodeUserName 0x%lx\n",
  486. NetStatus ));
  487. Status = STATUS_INVALID_PARAMETER;
  488. goto Cleanup;
  489. }
  491. //
  492. // Handle AccountControlBits parameter.
  493. //
  494. } else if ( IsFilterName( CurrentFilter, NL_FILTER_ALLOWABLE_ACCOUNT_CONTROL ) ) {
  496. NetStatus = FilterBinary( CurrentFilter,
  497. sizeof(AllowableAccountControlBits),
  498. &AllowableAccountControlBits,
  499. &Length );
  501. if ( NetStatus != NO_ERROR || Length != sizeof(AllowableAccountControlBits) ) {
  502. NlPrint((NL_CRITICAL,
  503. "I_NetlogonLdapLookup: Bad AllowableAccountControl 0x%lx %lu\n",
  504. NetStatus,
  505. Length ));
  507. Status = STATUS_INVALID_PARAMETER;
  508. goto Cleanup;
  509. }
  511. //
  512. // Handle DomainSid parameter.
  513. //
  514. } else if ( IsFilterName( CurrentFilter, NL_FILTER_DOMAIN_SID ) ) {
  516. NetStatus = FilterBinary( CurrentFilter,
  517. sizeof(DomainSid),
  518. DomainSid,
  519. &Length );
  521. //
  522. // Check the length
  523. //
  524. if ( NetStatus != NO_ERROR ||
  525. !RtlValidSid(DomainSid) ||
  526. RtlLengthSid(DomainSid) != Length ) {
  528. NlPrint((NL_CRITICAL,
  529. "I_NetlogonLdapLookup: Bad DomainSid 0x%lx %ld\n",
  530. NetStatus,
  531. Length ));
  533. Status = STATUS_INVALID_PARAMETER;
  534. goto Cleanup;
  535. }
  537. DomainSidPtr = DomainSid;
  539. //
  540. // Handle DomainGuid parameter.
  541. //
  542. } else if ( IsFilterName( CurrentFilter, NL_FILTER_DOMAIN_GUID ) ) {
  544. NetStatus = FilterBinary( CurrentFilter,
  545. sizeof(DomainGuid),
  546. &DomainGuid,
  547. &Length );
  549. //
  550. // Check the length
  551. //
  552. if ( NetStatus != NO_ERROR ||
  553. Length != sizeof(GUID) ) {
  555. NlPrint((NL_CRITICAL,
  556. "I_NetlogonLdapLookup: Bad DomainGuid 0x%lx %ld\n",
  557. NetStatus,
  558. Length ));
  560. Status = STATUS_INVALID_PARAMETER;
  561. goto Cleanup;
  562. }
  564. DomainGuidPtr = &DomainGuid;
  566. //
  567. // Handle NtVersion parameter.
  568. //
  569. } else if ( IsFilterName( CurrentFilter, NL_FILTER_NT_VERSION ) ) {
  571. NetStatus = FilterBinary( CurrentFilter,
  572. sizeof(NtVersionFlags),
  573. &NtVersionFlags,
  574. &Length );
  576. if ( NetStatus != NO_ERROR || Length != sizeof(NtVersionFlags) ) {
  577. NlPrint((NL_CRITICAL,
  578. "I_NetlogonLdapLookup: Bad NtVersionFlags 0x%lx %ld\n",
  579. NetStatus,
  580. Length ));
  582. Status = STATUS_INVALID_PARAMETER;
  583. goto Cleanup;
  584. }
  586. //
  587. // Attributes we don't understand are ignored. That way clients
  588. // that are newer than this version can pass additional information
  589. // to newer DCs and not worry about breaking older DCs.
  590. //
  592. } else {
  593. NlPrint((NL_CRITICAL,
  594. "I_NetlogonLdapLookup: unrecognized parameter %.*s\n",
  595. CurrentFilter->u.equalityMatch.attributeDesc.length,
  596. CurrentFilter->u.equalityMatch.attributeDesc.value ));
  597. }
  599. }
  601. }
  604. //
  605. // Build the ping based on the queried information.
  606. //
  608. NetStatus = NlGetLocalPingResponse(
  609. L"UDP LDAP",
  610. TRUE, // LDAP ping
  611. NULL, // No Netbios domain name
  612. DnsDomainName,
  613. DomainGuidPtr,
  614. DomainSidPtr,
  615. FALSE, // Not PDC only
  616. UnicodeComputerName,
  617. UnicodeUserName,
  618. AllowableAccountControlBits,
  619. NtVersion,
  620. NtVersionFlags,
  621. (PSOCKADDR)ClientSockAddr,
  622. Response,
  623. ResponseSize );
  625. if ( NetStatus != NO_ERROR ) {
  626. Status = STATUS_INVALID_PARAMETER;
  627. goto Cleanup;
  628. }
  630. #if NETLOGONDBG
  631. NlpDumpBuffer( NL_MAILSLOT_TEXT, *Response, *ResponseSize );
  632. #endif // NETLOGONDBG
  634. Status = STATUS_SUCCESS;
  636. Cleanup:
  637. if ( DnsDomainName != NULL ) {
  638. NetApiBufferFree( DnsDomainName );
  639. }
  640. if ( UnicodeComputerName != NULL &&
  641. UnicodeComputerName != UnicodeComputerNameBuffer ) {
  642. NetApiBufferFree( UnicodeComputerName );
  643. }
  644. if ( UnicodeUserName != NULL &&
  645. UnicodeUserName != UnicodeUserNameBuffer ) {
  646. NetApiBufferFree( UnicodeUserName );
  647. }
  649. // Let netlogon service exit.
  650. NlEndNetlogonCall();
  651. return Status;
  654. }
  655. #ifdef __cplusplus
  656. } /* extern "C" */
  657. #endif /* __cplusplus */