diff options
| author | Luke Leighton <lkcl@samba.org> | 1998-09-30 19:09:57 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1998-09-30 19:09:57 +0000 |
| commit | d8f609aeeb9ce70a97193d9e6709b82b78b39c39 (patch) | |
| tree | 85e286f08c1db95835b726f2350971ba0da9e1dc /source3/include | |
| parent | 88460e63c5934ab3d00db2a8521d5ebd33dbefc3 (diff) | |
| download | samba-d8f609aeeb9ce70a97193d9e6709b82b78b39c39.tar.gz samba-d8f609aeeb9ce70a97193d9e6709b82b78b39c39.tar.bz2 samba-d8f609aeeb9ce70a97193d9e6709b82b78b39c39.zip | |
lsa_lookup_sids command added. severe debugging needed on lookup_sids
code. added "quality of service" capability to lsa_open_policy code.
different lsa_open_policy queries are *not* dealt with in the server code.
answers like "0xC000 0022" - access denied - will have to be made to
lsa_lookup_sids calls when a "quality of service" request is *not* specified
in the lsa_open_policy call.
(This used to be commit 299a723d4e55712beb12362dfff3846d82b8516b)
Diffstat (limited to 'source3/include')
| -rw-r--r-- | source3/include/proto.h | 22 | ||||
| -rw-r--r-- | source3/include/rpc_lsa.h | 59 |
2 files changed, 58 insertions, 23 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index c706cbd2c5..fe090e8e25 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1204,7 +1204,13 @@ BOOL cli_nt_logoff(struct cli_state *cli, NET_ID_INFO_CTR *ctr); /*The following definitions come from rpc_client/cli_lsarpc.c */ BOOL do_lsa_open_policy(struct cli_state *cli, - char *server_name, POLICY_HND *hnd); + char *server_name, POLICY_HND *hnd, + BOOL sec_qos); +BOOL do_lsa_lookup_sids(struct cli_state *cli, + POLICY_HND *hnd, + int num_sids, + DOM_SID **sids, + char **names); BOOL do_lsa_query_info_pol(struct cli_state *cli, POLICY_HND *hnd, uint16 info_class, fstring domain_name, fstring domain_sid); @@ -1274,10 +1280,13 @@ BOOL do_wks_query_info(struct cli_state *cli, /*The following definitions come from rpc_parse/parse_lsa.c */ void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, uint32 idx); -void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos); +void make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff, + uint32 unknown); +void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos); void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name, - uint32 attributes, uint32 sec_qos, - uint32 desired_access); + uint32 attributes, + uint32 desired_access, + LSA_SEC_QOS *qos); void lsa_io_q_open_pol(char *desc, LSA_Q_OPEN_POL *r_q, prs_struct *ps, int depth); void lsa_io_r_open_pol(char *desc, LSA_R_OPEN_POL *r_p, prs_struct *ps, int depth); void make_q_query(LSA_Q_QUERY_INFO *q_q, POLICY_HND *hnd, uint16 info_class); @@ -1288,6 +1297,10 @@ void make_r_enum_trust_dom(LSA_R_ENUM_TRUST_DOM *r_e, uint32 status); void lsa_io_r_enum_trust_dom(char *desc, LSA_R_ENUM_TRUST_DOM *r_e, prs_struct *ps, int depth); void lsa_io_r_query(char *desc, LSA_R_QUERY_INFO *r_q, prs_struct *ps, int depth); +void make_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids); +void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd, + int num_sids, DOM_SID **sids, + uint16 level); void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth); void lsa_io_r_lookup_sids(char *desc, LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, int depth); void lsa_io_q_lookup_rids(char *desc, LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, int depth); @@ -1779,6 +1792,7 @@ BOOL api_wkssvc_rpc(pipes_struct *p, prs_struct *data); /*The following definitions come from rpcclient/cmd_lsarpc.c */ void cmd_lsa_query_info(struct client_info *info); +void cmd_lsa_lookup_sids(struct client_info *info); /*The following definitions come from rpcclient/cmd_samr.c */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index ff87ed1bfb..fe4d018dbb 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -64,6 +64,15 @@ typedef struct dom_query_info typedef DOM_QUERY DOM_QUERY_3; typedef DOM_QUERY DOM_QUERY_5; +typedef struct seq_qos_info +{ + uint32 len; /* 12 */ + uint16 sec_imp_level; /* 0x02 - impersonation level */ + uint8 sec_ctxt_mode; /* 0x01 - context tracking mode */ + uint8 effective_only; /* 0x00 - effective only */ + uint32 unknown; /* 0x2000 0000 - not known */ + +} LSA_SEC_QOS; typedef struct obj_attr_info { @@ -72,7 +81,8 @@ typedef struct obj_attr_info uint32 ptr_obj_name; /* 0 - object name (pointer) */ uint32 attributes; /* 0 - attributes (undocumented) */ uint32 ptr_sec_desc; /* 0 - security descriptior (pointer) */ - uint32 sec_qos; /* 0 - security quality of service */ + uint32 ptr_sec_qos; /* security quality of service */ + LSA_SEC_QOS *sec_qos; } LSA_OBJ_ATTR; @@ -165,33 +175,44 @@ typedef struct lsa_r_close_info #define MAX_REF_DOMAINS 10 +/* DOM_TRUST_HDR */ +typedef struct dom_trust_hdr +{ + UNIHDR hdr_dom_name; /* referenced domain unicode string headers */ + uint32 ptr_dom_sid; + +} DOM_TRUST_HDR; + +/* DOM_TRUST_INFO */ +typedef struct dom_trust_info +{ + UNISTR2 uni_dom_name; /* domain name unicode string */ + DOM_SID2 ref_dom ; /* referenced domain SID */ + +} DOM_TRUST_INFO; + /* DOM_R_REF */ typedef struct dom_ref_info { uint32 undoc_buffer; /* undocumented buffer pointer. */ uint32 num_ref_doms_1; /* num referenced domains */ - uint32 buffer_dom_name; /* undocumented domain name buffer pointer. */ + uint32 undoc_buffer2; /* undocumented domain name buffer pointer. */ uint32 max_entries; /* 32 - max number of entries */ uint32 num_ref_doms_2; /* num referenced domains */ - - UNIHDR2 hdr_dom_name; /* domain name unicode string header */ - UNIHDR2 hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domain unicode string headers */ - - UNISTR uni_dom_name; /* domain name unicode string */ - DOM_SID2 ref_dom[MAX_REF_DOMAINS]; /* referenced domain SIDs */ + DOM_TRUST_HDR hdr_ref_dom[MAX_REF_DOMAINS]; /* referenced domains */ + DOM_TRUST_INFO ref_dom [MAX_REF_DOMAINS]; /* referenced domains */ } DOM_R_REF; +/* the domain_idx points to a SID associated with the name */ + /* LSA_TRANS_NAME - translated name */ typedef struct lsa_trans_name_info { uint32 sid_name_use; /* value is 5 for a well-known group; 2 for a domain group; 1 for a user... */ - - UNIHDR hdr_name; - UNISTR2 uni_name; - - uint32 domain_idx; + UNIHDR hdr_name; + uint32 domain_idx; /* index into DOM_R_REF array of SIDs */ } LSA_TRANS_NAME; @@ -204,8 +225,8 @@ typedef struct lsa_trans_name_enum_info uint32 ptr_trans_names; uint32 num_entries2; - uint32 ptr_name[MAX_LOOKUP_SIDS]; /* translated name pointers */ - LSA_TRANS_NAME name [MAX_LOOKUP_SIDS]; /* translated names */ + LSA_TRANS_NAME name [MAX_LOOKUP_SIDS]; /* translated names */ + UNISTR2 uni_name[MAX_LOOKUP_SIDS]; } LSA_TRANS_NAME_ENUM; @@ -216,15 +237,15 @@ typedef struct lsa_sid_enum_info uint32 ptr_sid_enum; uint32 num_entries2; - uint32 ptr_sid[MAX_LOOKUP_SIDS]; /* domain SID pointers to be looked up. */ - DOM_SID2 sid [MAX_LOOKUP_SIDS]; /* domain SIDs to be looked up. */ + uint32 ptr_sid[MAX_LOOKUP_SIDS]; /* domain SID pointers to be looked up. */ + DOM_SID2 sid [MAX_LOOKUP_SIDS]; /* domain SIDs to be looked up. */ } LSA_SID_ENUM; /* LSA_Q_LOOKUP_SIDS - LSA Lookup SIDs */ typedef struct lsa_q_lookup_sids { - POLICY_HND pol_hnd; /* policy handle */ + POLICY_HND pol; /* policy handle */ LSA_SID_ENUM sids; LSA_TRANS_NAME_ENUM names; LOOKUP_LEVEL level; @@ -257,7 +278,7 @@ typedef struct dom_name_info /* LSA_Q_LOOKUP_RIDS - LSA Lookup RIDs */ typedef struct lsa_q_lookup_rids { - POLICY_HND pol_hnd; /* policy handle */ + POLICY_HND pol; /* policy handle */ uint32 num_entries; uint32 num_entries2; uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */ |