Update RPC-LSA to (almost) pass against Windows 2008.

(This used to be commit a17cb558c23142e522de3ed56d65c7694477395f)

2 files changed, 92 insertions, 27 deletions

diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 93cfdee201..408956b3fa 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -14,6 +14,7 @@ import "misc.idl", "security.idl";
 ] interface lsarpc
 {
 	typedef bitmap security_secinfo security_secinfo;
+	typedef bitmap kerb_EncTypes kerb_EncTypes;
 
 	typedef [public,noejs] struct {
 		[value(2*strlen_m(string))] uint16 length;
@@ -507,22 +508,53 @@ import "misc.idl", "security.idl";
 	} lsa_DATA_BUF2;
 
 	typedef enum {
-		LSA_TRUSTED_DOMAIN_INFO_NAME             = 1,
-		LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS_INFO = 2,
-		LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET     = 3,
-		LSA_TRUSTED_DOMAIN_INFO_PASSWORD         = 4,
-		LSA_TRUSTED_DOMAIN_INFO_BASIC            = 5,
-		LSA_TRUSTED_DOMAIN_INFO_INFO_EX          = 6,
-		LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO        = 7,
-		LSA_TRUSTED_DOMAIN_INFO_FULL_INFO        = 8,
-		LSA_TRUSTED_DOMAIN_INFO_11               = 11,
-		LSA_TRUSTED_DOMAIN_INFO_INFO_ALL         = 12
+		LSA_TRUSTED_DOMAIN_INFO_NAME                  = 1,
+		LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS           = 2,
+		LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET          = 3,
+		LSA_TRUSTED_DOMAIN_INFO_PASSWORD              = 4,
+		LSA_TRUSTED_DOMAIN_INFO_BASIC                 = 5,
+		LSA_TRUSTED_DOMAIN_INFO_INFO_EX               = 6,
+		LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO             = 7,
+		LSA_TRUSTED_DOMAIN_INFO_FULL_INFO             = 8,
+		LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL    = 9,
+		LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL    = 10,
+		LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL     = 11,
+		LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL  = 12,
+		LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES = 13
 	} lsa_TrustDomInfoEnum;
 
+	typedef [public,bitmap32bit] bitmap {
+		LSA_TRUST_DIRECTION_INBOUND  = 0x00000001,
+		LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
+	} lsa_TrustDirection;
+
+	typedef [v1_enum] enum {
+		LSA_TRUST_TYPE_DOWNLEVEL  = 0x00000001,
+		LSA_TRUST_TYPE_UPLEVEL    = 0x00000002,
+		LSA_TRUST_TYPE_MIT        = 0x00000003
+	} lsa_TrustType;
+
+	typedef [public,bitmap32bit] bitmap {
+		LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE      = 0x00000001,
+		LSA_TRUST_ATTRIBUTE_UPLEVEL_ONLY        = 0x00000002,
+		LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN  = 0x00000004,
+		LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE   = 0x00000008,
+		LSA_TRUST_ATTRIBUTE_CROSS_ORGANIZATION  = 0x00000010,
+		LSA_TRUST_ATTRIBUTE_WITHIN_FOREST       = 0x00000020,
+		LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL   = 0x00000040,
+		LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION = 0x00000080
+	} lsa_TrustAttributes;
+
 	typedef struct {
 		lsa_StringLarge  netbios_name;
 	} lsa_TrustDomainInfoName;
 
+
+	typedef struct {
+		uint32 entries;
+		[size_is(entries)] lsa_StringLarge  *netbios_names;
+	} lsa_TrustDomainInfoControllers;
+
 	typedef struct {
 		uint32         posix_offset;
 	} lsa_TrustDomainInfoPosixOffset;
@@ -540,10 +572,10 @@ import "misc.idl", "security.idl";
 	typedef struct {
 		lsa_StringLarge     domain_name;
 		lsa_StringLarge     netbios_name;
-		dom_sid2      *sid;
-		uint32         trust_direction;
-		uint32         trust_type;
-		uint32         trust_attributes;
+		dom_sid2           *sid;
+		lsa_TrustDirection  trust_direction;
+		lsa_TrustType       trust_type;
+		lsa_TrustAttributes trust_attributes;
 	} lsa_TrustDomainInfoInfoEx;
 
 	typedef struct {
@@ -570,25 +602,46 @@ import "misc.idl", "security.idl";
 	typedef struct {
 		lsa_TrustDomainInfoInfoEx      info_ex;
 		lsa_DATA_BUF2                  data1;
-	} lsa_TrustDomainInfo11;
+	} lsa_TrustDomainInfoInfoEx2Internal;
 
 	typedef struct {
 		lsa_TrustDomainInfoInfoEx      info_ex;
 		lsa_DATA_BUF2                  data1;
 		lsa_TrustDomainInfoPosixOffset posix_offset;
 		lsa_TrustDomainInfoAuthInfo    auth_info;
-	} lsa_TrustDomainInfoInfoAll;
+	} lsa_TrustDomainInfoInfo2Internal;
+
+	typedef struct {
+		kerb_EncTypes enc_types;
+	} lsa_TrustDomainInfoSupportedEncTypes;
 
 	typedef [switch_type(lsa_TrustDomInfoEnum)] union {
-		[case(LSA_TRUSTED_DOMAIN_INFO_NAME)]         lsa_TrustDomainInfoName        name;
-		[case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)] lsa_TrustDomainInfoPosixOffset posix_offset;
-		[case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]     lsa_TrustDomainInfoPassword    password;
-		[case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]        lsa_TrustDomainInfoBasic       info_basic;
-		[case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]      lsa_TrustDomainInfoInfoEx      info_ex;
-		[case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]    lsa_TrustDomainInfoAuthInfo    auth_info;
-		[case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]    lsa_TrustDomainInfoFullInfo    full_info;
-		[case(LSA_TRUSTED_DOMAIN_INFO_11)]           lsa_TrustDomainInfo11          info11;
-		[case(LSA_TRUSTED_DOMAIN_INFO_INFO_ALL)]     lsa_TrustDomainInfoInfoAll     info_all;
+		[case(LSA_TRUSTED_DOMAIN_INFO_NAME)]
+		        lsa_TrustDomainInfoName              name;
+		[case(LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS)]
+		        lsa_TrustDomainInfoControllers   controllers;
+		[case(LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET)]
+		        lsa_TrustDomainInfoPosixOffset       posix_offset;
+		[case(LSA_TRUSTED_DOMAIN_INFO_PASSWORD)]
+		        lsa_TrustDomainInfoPassword          password;
+		[case(LSA_TRUSTED_DOMAIN_INFO_BASIC)]
+		        lsa_TrustDomainInfoBasic             info_basic;
+		[case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX)]
+		        lsa_TrustDomainInfoInfoEx            info_ex;
+		[case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO)]
+		        lsa_TrustDomainInfoAuthInfo          auth_info;
+		[case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)]
+		        lsa_TrustDomainInfoFullInfo          full_info;
+		[case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)]
+		        lsa_TrustDomainInfoAuthInfo          auth_info_internal;
+		[case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)]
+		        lsa_TrustDomainInfoFullInfo          full_info_internal;
+		[case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)]
+		        lsa_TrustDomainInfoInfoEx2Internal   info_ex2_internal;
+		[case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)]
+		        lsa_TrustDomainInfoInfo2Internal     info2_internal;
+		[case(LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES)]
+		        lsa_TrustDomainInfoSupportedEncTypes enc_types;
 	} lsa_TrustedDomainInfo;
 
 	/* Function:       0x1a */
@@ -658,8 +711,12 @@ import "misc.idl", "security.idl";
 		[in]         uint16 unknown
 		);
 
-	/* Function:        0x22 */
-	[todo] NTSTATUS lsa_DeleteObject();
+	/*******************/
+	/* Function:  0x22 */
+	NTSTATUS lsa_DeleteObject (
+		[in,out]     policy_handle *handle
+		);
+
 
 	
 	/*******************/
diff --git a/source4/librpc/idl/security.idl b/source4/librpc/idl/security.idl
index f8e9e9e110..80efe46453 100644
--- a/source4/librpc/idl/security.idl
+++ b/source4/librpc/idl/security.idl
@@ -386,4 +386,12 @@ interface security
 		SECINFO_PROTECTED_SACL	     = 0x40000000,
 		SECINFO_PROTECTED_DACL	     = 0x80000000
 	} security_secinfo;
+
+	typedef [public,bitmap32bit] bitmap {
+		KERB_ENCTYPE_DES_CBC_CRC             = 0x00000001,
+		KERB_ENCTYPE_DES_CBC_MD5             = 0x00000002,
+		KERB_ENCTYPE_RC4_HMAC_MD5            = 0x00000004,
+		KERB_ENCTYPE_AES128_CTS_HMAC_SHA1_96 = 0x00000008,
+		KERB_ENCTYPE_AES256_CTS_HMAC_SHA1_96 = 0x00000010
+	} kerb_EncTypes;
 }