r937: - added a simple QuerySecurity implementation in samr server

 - moved some sec desc defines into misc.idl

 - fixed pw_len field in UserInfo26

 - made some pipes available on TCP

 - added netr_DsrEnumerateDomainTrusts() to netlogon

 - added templates for remaining netlogon IDL calls (from ethereal)

 - added a unistr_noterm vs unistr error detector in ndr basic decoder

 - added torture test for netr_DsrEnumerateDomainTrusts()
(This used to be commit ae5a5113fb83640dcb9ae4642c1b9eaf28487956)

3 files changed, 354 insertions, 1 deletions

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 4481df6aa8..7cf2965323 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -598,5 +598,331 @@ static WERROR netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CT
 }
 
 
+/* 
+  netr_NETRENUMERATETRUSTEDDOMAINS 
+*/
+static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCNAME 
+*/
+static WERROR netr_DSRGETDCNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRGETDCNAME *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONDUMMYROUTINE1 
+*/
+static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONDUMMYROUTINE1 *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSETSERVICEBITS 
+*/
+static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONSETSERVICEBITS *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONGETTRUSTRID 
+*/
+static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONGETTRUSTRID *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONCOMPUTESERVERDIGEST 
+*/
+static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONCOMPUTECLIENTDIGEST 
+*/
+static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERAUTHENTICATE3 
+*/
+static WERROR netr_NETRSERVERAUTHENTICATE3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRSERVERAUTHENTICATE3 *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCNAMEX 
+*/
+static WERROR netr_DSRGETDCNAMEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRGETDCNAMEX *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETSITENAME 
+*/
+static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRGETSITENAME *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONGETDOMAININFO 
+*/
+static WERROR netr_NETRLOGONGETDOMAININFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONGETDOMAININFO *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERPASSWORDSET2 
+*/
+static WERROR netr_NETRSERVERPASSWORDSET2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRSERVERPASSWORDSET2 *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERPASSWORDGET 
+*/
+static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRSERVERPASSWORDGET *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSENDTOSAM 
+*/
+static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONSENDTOSAM *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRADDRESSTOSITENAMESW 
+*/
+static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRADDRESSTOSITENAMESW *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCNAMEEX2 
+*/
+static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRGETDCNAMEEX2 *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN 
+*/
+static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRENUMERATETRUSTEDDOMAINSEX 
+*/
+static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRADDRESSTOSITENAMESEXW 
+*/
+static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRADDRESSTOSITENAMESEXW *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCSITECOVERAGEW 
+*/
+static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRGETDCSITECOVERAGEW *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSAMLOGONEX 
+*/
+static WERROR netr_NETRLOGONSAMLOGONEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONSAMLOGONEX *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DsrEnumerateDomainTrusts 
+*/
+static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+					      struct netr_DsrEnumerateDomainTrusts *r)
+{
+	struct netr_DomainTrust *trusts;
+	void *sam_ctx;
+	int ret, i;
+	struct ldb_message **res;
+	const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
+
+	ZERO_STRUCT(r->out);
+
+	sam_ctx = samdb_connect();
+	if (sam_ctx == NULL) {
+		return WERR_GENERAL_FAILURE;
+	}
+
+	ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
+	if (ret == -1) {
+		samdb_close(sam_ctx);
+		return WERR_GENERAL_FAILURE;		
+	}
+
+	if (ret == 0) {
+		return WERR_OK;
+	}
+
+	trusts = talloc_array_p(mem_ctx, struct netr_DomainTrust, ret);
+	if (trusts == NULL) {
+		return WERR_NOMEM;
+	}
+	
+	r->out.count = ret;
+	r->out.trusts = trusts;
+
+	for (i=0;i<ret;i++) {
+		trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
+		trusts[i].dns_name     = samdb_result_string(res[i], "dnsDomain", NULL);
+		trusts[i].trust_flags = 
+			NETR_TRUST_FLAG_TREEROOT | 
+			NETR_TRUST_FLAG_IN_FOREST | 
+			NETR_TRUST_FLAG_PRIMARY;
+		trusts[i].parent_index = 0;
+		trusts[i].trust_type = 2;
+		trusts[i].trust_attributes = 0;
+		trusts[i].sid  = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
+		trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
+	}
+	
+
+	return WERR_OK;
+}
+
+
+/* 
+  netr_DSRDEREGISTERDNSHOSTRECORDS 
+*/
+static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERTRUSTPASSWORDSGET 
+*/
+static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETFORESTTRUSTINFORMATION 
+*/
+static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_DSRGETFORESTTRUSTINFORMATION *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRGETFORESTTRUSTINFORMATION 
+*/
+static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRGETFORESTTRUSTINFORMATION *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSAMLOGONWITHFLAGS 
+*/
+static WERROR netr_NETRLOGONSAMLOGONWITHFLAGS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRLOGONSAMLOGONWITHFLAGS *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERGETTRUSTINFO 
+*/
+static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+		       struct netr_NETRSERVERGETTRUSTINFO *r)
+{
+	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
 /* include the generated boilerplate */
 #include "librpc/gen_ndr/ndr_netlogon_s.c"
diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index eba36e53fa..2811a09534 100644
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -135,7 +135,23 @@ static NTSTATUS samr_SetSecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX
 static NTSTATUS samr_QuerySecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
 				   struct samr_QuerySecurity *r)
 {
-	DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+	struct dcesrv_handle *h;
+	struct samr_SdBuf *sd;
+
+	r->out.sdbuf = NULL;
+
+	DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
+
+	sd = talloc_p(mem_ctx, struct samr_SdBuf);
+	if (sd == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	sd->sd = samdb_default_security_descriptor(mem_ctx);
+
+	r->out.sdbuf = sd;
+
+	return NT_STATUS_OK;
 }
 
 
diff --git a/source4/rpc_server/samr/samdb.c b/source4/rpc_server/samr/samdb.c
index ed76a4fc60..37063b551d 100644
--- a/source4/rpc_server/samr/samdb.c
+++ b/source4/rpc_server/samr/samdb.c
@@ -965,3 +965,14 @@ int samdb_replace(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg)
 	return samdb_modify(ctx, mem_ctx, msg);
 }
 
+/*
+  return a default security descriptor
+*/
+struct security_descriptor *samdb_default_security_descriptor(TALLOC_CTX *mem_ctx)
+{
+	struct security_descriptor *sd;
+
+	sd = sd_initialise(mem_ctx);
+
+	return sd;
+}