diff options
| author | Luke Leighton <lkcl@samba.org> | 1998-09-30 19:09:57 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 1998-09-30 19:09:57 +0000 |
| commit | d8f609aeeb9ce70a97193d9e6709b82b78b39c39 (patch) | |
| tree | 85e286f08c1db95835b726f2350971ba0da9e1dc /source3/rpc_client | |
| parent | 88460e63c5934ab3d00db2a8521d5ebd33dbefc3 (diff) | |
| download | samba-d8f609aeeb9ce70a97193d9e6709b82b78b39c39.tar.gz samba-d8f609aeeb9ce70a97193d9e6709b82b78b39c39.tar.bz2 samba-d8f609aeeb9ce70a97193d9e6709b82b78b39c39.zip | |
lsa_lookup_sids command added. severe debugging needed on lookup_sids
code. added "quality of service" capability to lsa_open_policy code.
different lsa_open_policy queries are *not* dealt with in the server code.
answers like "0xC000 0022" - access denied - will have to be made to
lsa_lookup_sids calls when a "quality of service" request is *not* specified
in the lsa_open_policy call.
(This used to be commit 299a723d4e55712beb12362dfff3846d82b8516b)
Diffstat (limited to 'source3/rpc_client')
| -rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 81 |
1 files changed, 77 insertions, 4 deletions
diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 2f9952f5cb..d010ae4e29 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -36,12 +36,14 @@ extern int DEBUGLEVEL; do a LSA Open Policy ****************************************************************************/ BOOL do_lsa_open_policy(struct cli_state *cli, - char *server_name, POLICY_HND *hnd) + char *server_name, POLICY_HND *hnd, + BOOL sec_qos) { prs_struct rbuf; prs_struct buf; LSA_Q_OPEN_POL q_o; - BOOL valid_pol = False; + LSA_SEC_QOS qos; + BOOL valid_pol = False; if (hnd == NULL) return False; @@ -53,7 +55,15 @@ BOOL do_lsa_open_policy(struct cli_state *cli, DEBUG(4,("LSA Open Policy\n")); /* store the parameters */ - make_q_open_pol(&q_o, server_name, 0, 0, 0x1); + if (sec_qos) + { + make_lsa_sec_qos(&qos, 2, 1, 0, 0x20000000); + make_q_open_pol(&q_o, server_name, 0, 0, &qos); + } + else + { + make_q_open_pol(&q_o, server_name, 0, 0x1, NULL); + } /* turn parameters into data stream */ lsa_io_q_open_pol("", &q_o, &buf, 0); @@ -89,6 +99,69 @@ BOOL do_lsa_open_policy(struct cli_state *cli, } /**************************************************************************** +do a LSA Lookup SIDs +****************************************************************************/ +BOOL do_lsa_lookup_sids(struct cli_state *cli, + POLICY_HND *hnd, + int num_sids, + DOM_SID **sids, + char **names) +{ + prs_struct rbuf; + prs_struct buf; + LSA_Q_LOOKUP_SIDS q_l; + BOOL valid_response = False; + + if (hnd == NULL || num_sids == 0 || sids == NULL) return False; + + prs_init(&buf , 1024, 4, SAFETY_MARGIN, False); + prs_init(&rbuf, 0 , 4, SAFETY_MARGIN, True ); + + /* create and send a MSRPC command with api LSA_LOOKUP_SIDS */ + + DEBUG(4,("LSA Lookup SIDs\n")); + + /* store the parameters */ + make_q_lookup_sids(&q_l, hnd, num_sids, sids, 1); + + /* turn parameters into data stream */ + lsa_io_q_lookup_sids("", &q_l, &buf, 0); + + /* send the data on \PIPE\ */ + if (rpc_api_pipe_req(cli, LSA_LOOKUPSIDS, &buf, &rbuf)) + { + LSA_R_LOOKUP_SIDS r_l; + DOM_R_REF ref; + LSA_TRANS_NAME_ENUM t_names; + BOOL p; + + r_l.dom_ref = &ref; + r_l.names = &t_names; + + lsa_io_r_lookup_sids("", &r_l, &rbuf, 0); + p = rbuf.offset != 0; + + if (p && r_l.status != 0) + { + /* report error code */ + DEBUG(0,("LSA_LOOKUP_SIDS: %s\n", get_nt_error_msg(r_l.status))); + p = False; + } + + if (p) + { + valid_response = True; + *names = NULL; + } + } + + prs_mem_free(&rbuf); + prs_mem_free(&buf ); + + return valid_response; +} + +/**************************************************************************** do a LSA Query Info Policy ****************************************************************************/ BOOL do_lsa_query_info_pol(struct cli_state *cli, @@ -98,7 +171,7 @@ BOOL do_lsa_query_info_pol(struct cli_state *cli, prs_struct rbuf; prs_struct buf; LSA_Q_QUERY_INFO q_q; - BOOL valid_response = False; + BOOL valid_response = False; if (hnd == NULL || domain_name == NULL || domain_sid == NULL) return False; |