lsa_lookup_sids command added. severe debugging needed on lookup_sids

code.  added "quality of service" capability to lsa_open_policy code.

different lsa_open_policy queries are *not* dealt with in the server code.
answers like "0xC000 0022" - access denied - will have to be made to
lsa_lookup_sids calls when a "quality of service" request is *not* specified
in the lsa_open_policy call.
(This used to be commit 299a723d4e55712beb12362dfff3846d82b8516b)

1 files changed, 192 insertions, 53 deletions

diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c
index 9db41b58b6..40f05e0c3a 100644
--- a/source3/rpc_parse/parse_lsa.c
+++ b/source3/rpc_parse/parse_lsa.c
@@ -37,7 +37,6 @@ void make_lsa_trans_name(LSA_TRANS_NAME *trn, uint32 sid_name_use, char *name, u
 
 	trn->sid_name_use = sid_name_use;
 	make_uni_hdr(&(trn->hdr_name), len_name, len_name, len_name != 0);
-	make_unistr2(&(trn->uni_name), name, len_name);
 	trn->domain_idx = idx;
 }
 
@@ -54,10 +53,7 @@ static void lsa_io_trans_name(char *desc, LSA_TRANS_NAME *trn, prs_struct *ps, i
 	prs_align(ps);
 	
 	prs_uint32("sid_name_use", ps, depth, &(trn->sid_name_use));
-
 	smb_io_unihdr ("hdr_name", &(trn->hdr_name), ps, depth);
-	smb_io_unistr2("uni_name", &(trn->uni_name), trn->hdr_name.buffer, ps, depth);
-
 	prs_uint32("domain_idx  ", ps, depth, &(trn->domain_idx  ));
 }
 
@@ -66,7 +62,7 @@ reads or writes a DOM_R_REF structure.
 ********************************************************************/
 static void lsa_io_dom_r_ref(char *desc,  DOM_R_REF *r_r, prs_struct *ps, int depth)
 {
-	int i;
+	int i, s, n;
 
 	prs_debug(ps, depth, desc, "smb_io_dom_r_ref");
 	depth++;
@@ -75,28 +71,93 @@ static void lsa_io_dom_r_ref(char *desc,  DOM_R_REF *r_r, prs_struct *ps, int de
 
 	prs_align(ps);
 	
-	prs_uint32("undoc_buffer   ", ps, depth, &(r_r->undoc_buffer)); /* undocumented buffer pointer. */
-	prs_uint32("num_ref_doms_1 ", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */
-	prs_uint32("buffer_dom_name", ps, depth, &(r_r->buffer_dom_name)); /* undocumented domain name buffer pointer. */
-	prs_uint32("max_entries    ", ps, depth, &(r_r->max_entries)); /* 32 - max number of entries */
-	prs_uint32("num_ref_doms_2 ", ps, depth, &(r_r->num_ref_doms_2)); /* 4 - num referenced domains? */
-
-	smb_io_unihdr2("", &(r_r->hdr_dom_name), ps, depth); /* domain name unicode string header */
+	prs_uint32("undoc_buffer  ", ps, depth, &(r_r->undoc_buffer  )); /* undocumented buffer pointer. */
+	prs_uint32("num_ref_doms_1", ps, depth, &(r_r->num_ref_doms_1)); /* num referenced domains? */
+	prs_uint32("undoc_buffer2 ", ps, depth, &(r_r->undoc_buffer2 )); /* undocumented buffer pointer. */
+	prs_uint32("max_entries   ", ps, depth, &(r_r->max_entries   )); /* 32 - max number of entries */
+	prs_uint32("num_ref_doms_2", ps, depth, &(r_r->num_ref_doms_2)); /* 4 - num referenced domains? */
 
 	SMB_ASSERT_ARRAY(r_r->hdr_ref_dom, r_r->num_ref_doms_1-1);
+	SMB_ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2);
 
-	for (i = 0; i < r_r->num_ref_doms_1-1; i++)
+	for (i = 0; i < r_r->num_ref_doms_1; i++)
 	{
-		smb_io_unihdr2("", &(r_r->hdr_ref_dom[i]), ps, depth);
+		fstring t;
+
+		slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i);
+		smb_io_unihdr(t, &(r_r->hdr_ref_dom[i].hdr_dom_name), ps, depth);
+
+		slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i);
+		prs_uint32(t, ps, depth, &(r_r->hdr_ref_dom[i].ptr_dom_sid));
 	}
 
-	smb_io_unistr("", &(r_r->uni_dom_name), ps, depth); /* domain name unicode string */
+	for (i = 0, n = 0, s = 0; i < r_r->num_ref_doms_2; i++)
+	{
+		fstring t;
 
-	SMB_ASSERT_ARRAY(r_r->ref_dom, r_r->num_ref_doms_2);
+		if (r_r->hdr_ref_dom[i].hdr_dom_name.buffer != 0)
+		{
+			slprintf(t, sizeof(t) - 1, "dom_ref[%d] ", i);
+			smb_io_unistr2(t, &(r_r->ref_dom[n].uni_dom_name), True, ps, depth); /* domain name unicode string */
+			n++;
+		}
+
+		if (r_r->hdr_ref_dom[i].ptr_dom_sid != 0)
+		{
+			slprintf(t, sizeof(t) - 1, "sid_ptr[%d] ", i);
+			smb_io_dom_sid2("", &(r_r->ref_dom[s].ref_dom), ps, depth); /* referenced domain SIDs */
+			s++;
+		}
+	}
+}
+
+
+/*******************************************************************
+makes an LSA_SEC_QOS structure.
+********************************************************************/
+void make_lsa_sec_qos(LSA_SEC_QOS *qos, uint16 imp_lev, uint8 ctxt, uint8 eff,
+				uint32 unknown)
+{
+	if (qos == NULL) return;
+
+	DEBUG(5,("make_lsa_sec_qos\n"));
+
+	qos->len = 0x0c; /* length of quality of service block, in bytes */
+	qos->sec_imp_level = imp_lev;
+	qos->sec_ctxt_mode = ctxt;
+	qos->effective_only = eff;
+	qos->unknown = unknown;
+}
 
-	for (i = 0; i < r_r->num_ref_doms_2; i++)
+/*******************************************************************
+reads or writes an LSA_SEC_QOS structure.
+********************************************************************/
+static void lsa_io_sec_qos(char *desc,  LSA_SEC_QOS *qos, prs_struct *ps, int depth)
+{
+	int start;
+
+	if (qos == NULL) return;
+
+	prs_debug(ps, depth, desc, "lsa_io_obj_qos");
+	depth++;
+
+	prs_align(ps);
+	
+	start = ps->offset;
+
+	/* these pointers had _better_ be zero, because we don't know
+	   what they point to!
+	 */
+	prs_uint32("len           ", ps, depth, &(qos->len           )); /* 0x18 - length (in bytes) inc. the length field. */
+	prs_uint16("sec_imp_level ", ps, depth, &(qos->sec_imp_level )); 
+	prs_uint8 ("sec_ctxt_mode ", ps, depth, &(qos->sec_ctxt_mode )); 
+	prs_uint8 ("effective_only", ps, depth, &(qos->effective_only)); 
+	prs_uint32("unknown       ", ps, depth, &(qos->unknown       )); 
+
+	if (qos->len != ps->offset - start)
 	{
-		smb_io_dom_sid2("", &(r_r->ref_dom[i]), ps, depth); /* referenced domain SIDs */
+		DEBUG(3,("lsa_io_sec_qos: length %x does not match size %x\n",
+		         qos->len, ps->offset - start));
 	}
 }
 
@@ -104,7 +165,7 @@ static void lsa_io_dom_r_ref(char *desc,  DOM_R_REF *r_r, prs_struct *ps, int de
 /*******************************************************************
 makes an LSA_OBJ_ATTR structure.
 ********************************************************************/
-void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos)
+void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, LSA_SEC_QOS *qos)
 {
 	if (attr == NULL) return;
 
@@ -115,7 +176,17 @@ void make_lsa_obj_attr(LSA_OBJ_ATTR *attr, uint32 attributes, uint32 sec_qos)
 	attr->ptr_obj_name = 0;
 	attr->attributes = attributes;
 	attr->ptr_sec_desc = 0;
-	attr->sec_qos = sec_qos;
+	
+	if (qos != NULL)
+	{
+		attr->ptr_sec_qos = 1;
+		attr->sec_qos = qos;
+	}
+	else
+	{
+		attr->ptr_sec_qos = 0;
+		attr->sec_qos = NULL;
+	}
 }
 
 /*******************************************************************
@@ -137,37 +208,46 @@ static void lsa_io_obj_attr(char *desc,  LSA_OBJ_ATTR *attr, prs_struct *ps, int
 	/* these pointers had _better_ be zero, because we don't know
 	   what they point to!
 	 */
-	prs_uint32("len"         , ps, depth, &(attr->len         )); /* 0x18 - length (in bytes) inc. the length field. */
+	prs_uint32("len         ", ps, depth, &(attr->len         )); /* 0x18 - length (in bytes) inc. the length field. */
 	prs_uint32("ptr_root_dir", ps, depth, &(attr->ptr_root_dir)); /* 0 - root directory (pointer) */
 	prs_uint32("ptr_obj_name", ps, depth, &(attr->ptr_obj_name)); /* 0 - object name (pointer) */
-	prs_uint32("attributes"  , ps, depth, &(attr->attributes  )); /* 0 - attributes (undocumented) */
+	prs_uint32("attributes  ", ps, depth, &(attr->attributes  )); /* 0 - attributes (undocumented) */
 	prs_uint32("ptr_sec_desc", ps, depth, &(attr->ptr_sec_desc)); /* 0 - security descriptior (pointer) */
-	prs_uint32("sec_qos"     , ps, depth, &(attr->sec_qos     )); /* 0 - security quality of service */
+	prs_uint32("ptr_sec_qos ", ps, depth, &(attr->ptr_sec_qos )); /* security quality of service (pointer) */
 
 	if (attr->len != ps->offset - start)
 	{
 		DEBUG(3,("lsa_io_obj_attr: length %x does not match size %x\n",
 		         attr->len, ps->offset - start));
 	}
+
+	if (attr->ptr_sec_qos != 0 && attr->sec_qos != NULL)
+	{
+		lsa_io_sec_qos("sec_qos", attr->sec_qos, ps, depth);
+	}
 }
 
 /*******************************************************************
 makes an LSA_Q_OPEN_POL structure.
 ********************************************************************/
 void make_q_open_pol(LSA_Q_OPEN_POL *r_q, char *server_name,
-			uint32 attributes, uint32 sec_qos,
-			uint32 desired_access)
+			uint32 attributes,
+			uint32 desired_access,
+			LSA_SEC_QOS *qos)
 {
 	if (r_q == NULL) return;
 
-	DEBUG(5,("make_open_pol\n"));
+	DEBUG(5,("make_open_pol: attr:%d da:%d\n", attributes, desired_access));
 
 	r_q->ptr = 1; /* undocumented pointer */
 
-	make_unistr2     (&(r_q->uni_server_name), server_name, strlen(server_name));
-	make_lsa_obj_attr(&(r_q->attr           ), attributes, sec_qos);
+	if (qos == NULL)
+	{
+		r_q->des_access = desired_access;
+	}
 
-	r_q->des_access = desired_access;
+	make_unistr2     (&(r_q->uni_server_name), server_name, strlen(server_name));
+	make_lsa_obj_attr(&(r_q->attr           ), attributes, qos);
 }
 
 /*******************************************************************
@@ -185,7 +265,10 @@ void lsa_io_q_open_pol(char *desc,  LSA_Q_OPEN_POL *r_q, prs_struct *ps, int dep
 	smb_io_unistr2 ("", &(r_q->uni_server_name), r_q->ptr, ps, depth);
 	lsa_io_obj_attr("", &(r_q->attr           ), ps, depth);
 
-	prs_uint32("des_access", ps, depth, &(r_q->des_access));
+	if (r_q->attr.ptr_sec_qos == 0)
+	{
+		prs_uint32("des_access", ps, depth, &(r_q->des_access));
+	}
 }
 
 /*******************************************************************
@@ -198,7 +281,6 @@ void lsa_io_r_open_pol(char *desc,  LSA_R_OPEN_POL *r_p, prs_struct *ps, int dep
 	prs_debug(ps, depth, desc, "lsa_io_r_open_pol");
 	depth++;
 
-
 	smb_io_pol_hnd("", &(r_p->pol), ps, depth);
 
 	prs_uint32("status", ps, depth, &(r_p->status));
@@ -349,9 +431,41 @@ void lsa_io_r_query(char *desc,  LSA_R_QUERY_INFO *r_q, prs_struct *ps, int dept
 }
 
 /*******************************************************************
+makes a LSA_SID_ENUM structure.
+********************************************************************/
+void make_lsa_sid_enum(LSA_SID_ENUM *sen, int num_entries, DOM_SID **sids)
+{
+	int i, i2;
+	if (sen == NULL || sids == NULL) return;
+
+	DEBUG(5,("make_lsa_sid_enum\n"));
+
+	sen->num_entries  = num_entries;
+	sen->ptr_sid_enum = num_entries != 0 ? 1 : 0;
+	sen->num_entries2 = num_entries;
+
+	SMB_ASSERT_ARRAY(sen->sid, sen->num_entries);
+
+	for (i = 0, i2 = 0; i < num_entries; i++)
+	{
+		if (sids[i] != NULL)
+		{
+			sen->ptr_sid[i] = 1;
+			make_dom_sid2(&(sen->sid[i2]), sids[i]);
+			i2++;
+		}
+		else
+		{
+			sen->ptr_sid[i] = 0;
+		}
+	}
+}
+
+/*******************************************************************
 reads or writes a LSA_SID_ENUM structure.
 ********************************************************************/
-static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int depth)
+static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen,
+				prs_struct *ps, int depth)
 {
 	int i;
 
@@ -386,6 +500,27 @@ static void lsa_io_sid_enum(char *desc, LSA_SID_ENUM *sen, prs_struct *ps, int d
 }
 
 /*******************************************************************
+makes an LSA_R_ENUM_TRUST_DOM structure.
+********************************************************************/
+void make_q_lookup_sids(LSA_Q_LOOKUP_SIDS *q_l, POLICY_HND *hnd,
+				int num_sids, DOM_SID **sids,
+				uint16 level)
+{
+	if (q_l == NULL) return;
+
+	DEBUG(5,("make_r_enum_trust_dom\n"));
+
+	memcpy(&(q_l->pol), hnd, sizeof(q_l->pol));
+	make_lsa_sid_enum(&(q_l->sids), num_sids, sids);
+
+	q_l->names.num_entries     = 0;
+	q_l->names.ptr_trans_names = 0;
+	q_l->names.num_entries2    = 0;
+
+	q_l->level.value = level;
+}
+
+/*******************************************************************
 reads or writes a LSA_Q_LOOKUP_SIDS structure.
 ********************************************************************/
 void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, int depth)
@@ -397,10 +532,10 @@ void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, in
 
 	prs_align(ps);
 	
-    smb_io_pol_hnd     ("pol_hnd", &(q_s->pol_hnd), ps, depth); /* policy handle */
-    lsa_io_sid_enum    ("sids   ", &(q_s->sids   ), ps, depth); /* sids to be looked up */
-    lsa_io_trans_names ("names  ", &(q_s->names  ), ps, depth); /* translated names */
-    smb_io_lookup_level("switch ", &(q_s->level  ), ps, depth); /* lookup level */
+	smb_io_pol_hnd     ("pol_hnd", &(q_s->pol), ps, depth); /* policy handle */
+	lsa_io_sid_enum    ("sids   ", &(q_s->sids   ), ps, depth); /* sids to be looked up */
+	lsa_io_trans_names ("names  ", &(q_s->names  ), ps, depth); /* translated names */
+	smb_io_lookup_level("switch ", &(q_s->level  ), ps, depth); /* lookup level */
 
 	prs_uint32("mapped_count", ps, depth, &(q_s->mapped_count));
 }
@@ -408,7 +543,8 @@ void lsa_io_q_lookup_sids(char *desc, LSA_Q_LOOKUP_SIDS *q_s, prs_struct *ps, in
 /*******************************************************************
 reads or writes a structure.
 ********************************************************************/
-static void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct *ps, int depth)
+static void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn,
+				prs_struct *ps, int depth)
 {
 	int i;
 	int i2;
@@ -422,25 +558,26 @@ static void lsa_io_trans_names(char *desc, LSA_TRANS_NAME_ENUM *trn, prs_struct
 	
 	prs_uint32("num_entries    ", ps, depth, &(trn->num_entries));
 	prs_uint32("ptr_trans_names", ps, depth, &(trn->ptr_trans_names));
-	prs_uint32("num_entries2   ", ps, depth, &(trn->num_entries2));
 
-	SMB_ASSERT_ARRAY(trn->ptr_name, trn->num_entries);
+	if (trn->ptr_trans_names != 0)
+	{
+		prs_uint32("num_entries2   ", ps, depth, &(trn->num_entries2));
 
-	for (i = 0; i < trn->num_entries; i++)
-	{	
-		fstring temp;
-		slprintf(temp, sizeof(temp) - 1, "ptr_name[%d] ", i);
-		prs_uint32(temp, ps, depth, &(trn->ptr_name[i])); /* pointer to translated name */
-	}
+		SMB_ASSERT_ARRAY(trn->name, trn->num_entries);
 
-	for (i = 0, i2 = 0; i < trn->num_entries2; i++)
-	{
-		if (trn->ptr_name[i] != 0)
+		for (i = 0, i2 = 0; i < trn->num_entries2; i++)
 		{
-			fstring temp;
-			slprintf(temp, sizeof(temp) - 1, "name[%d] ", i);
-			lsa_io_trans_name(temp, &(trn->name[i2]), ps, depth); /* translated name */
-			i2++;
+			fstring t;
+			slprintf(t, sizeof(t) - 1, "name[%d] ", i);
+
+			lsa_io_trans_name(t, &(trn->name[i]), ps, depth); /* translated name */
+
+			if (trn->name[i].hdr_name.buffer != 0)
+			{
+				smb_io_unistr2(t, &(trn->uni_name[i2]), 1, ps, depth);
+				prs_align(ps);
+				i2++;
+			}
 		}
 	}
 }
@@ -460,6 +597,8 @@ void lsa_io_r_lookup_sids(char *desc,  LSA_R_LOOKUP_SIDS *r_s, prs_struct *ps, i
 	lsa_io_dom_r_ref  ("dom_ref", r_s->dom_ref, ps, depth); /* domain reference info */
 	lsa_io_trans_names("names  ", r_s->names  , ps, depth); /* translated names */
 
+	prs_align(ps);
+
 	prs_uint32("mapped_count", ps, depth, &(r_s->mapped_count));
 
 	prs_uint32("status      ", ps, depth, &(r_s->status));
@@ -479,7 +618,7 @@ void lsa_io_q_lookup_rids(char *desc,  LSA_Q_LOOKUP_RIDS *q_r, prs_struct *ps, i
 
 	prs_align(ps);
 	
-    smb_io_pol_hnd("", &(q_r->pol_hnd), ps, depth); /* policy handle */
+ 	smb_io_pol_hnd("", &(q_r->pol), ps, depth); /* policy handle */
 
 	prs_uint32("num_entries    ", ps, depth, &(q_r->num_entries));
 	prs_uint32("num_entries2   ", ps, depth, &(q_r->num_entries2));