added samr_QuerySecurity() call that displays the ACL for any handle.

(This used to be commit 5bbeaaa3d13c838d014e7689b0fcf7374c8c7f57)

4 files changed, 87 insertions, 1 deletions

diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl
index 82794a28e1..a9891c9a19 100644
--- a/source4/librpc/idl/samr.idl
+++ b/source4/librpc/idl/samr.idl
@@ -29,7 +29,12 @@
 
 	/******************/
 	/* Function: 0x03 */
-	NTSTATUS samr_QuerySecurity ();
+	NTSTATUS samr_QuerySecurity (
+		[in,ref]          policy_handle *handle,
+		[in]              uint32 sec_info,
+		[out]             uint32 *length,
+		[out,subcontext]  security_descriptor *sd
+		);
 
 	/******************/
 	/* Function: 0x04 */
diff --git a/source4/librpc/ndr/ndr_samr.c b/source4/librpc/ndr/ndr_samr.c
index 8e9956618b..f043a92484 100644
--- a/source4/librpc/ndr/ndr_samr.c
+++ b/source4/librpc/ndr/ndr_samr.c
@@ -28,6 +28,8 @@ NTSTATUS ndr_push_samr_SetSecurity(struct ndr_push *ndr, struct samr_SetSecurity
 
 NTSTATUS ndr_push_samr_QuerySecurity(struct ndr_push *ndr, struct samr_QuerySecurity *r)
 {
+	NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
+	NDR_CHECK(ndr_push_uint32(ndr, r->in.sec_info));
 
 	return NT_STATUS_OK;
 }
@@ -500,6 +502,26 @@ NTSTATUS ndr_pull_samr_SetSecurity(struct ndr_pull *ndr, struct samr_SetSecurity
 
 NTSTATUS ndr_pull_samr_QuerySecurity(struct ndr_pull *ndr, struct samr_QuerySecurity *r)
 {
+	uint32 _ptr_length;
+	uint32 _ptr_sd;
+	NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_length));
+	if (_ptr_length) {
+		NDR_ALLOC(ndr, r->out.length);
+	} else {
+		r->out.length = NULL;
+	}
+	if (r->out.length) {
+		NDR_CHECK(ndr_pull_uint32(ndr, r->out.length));
+	}
+	NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sd));
+	if (_ptr_sd) {
+		NDR_ALLOC(ndr, r->out.sd);
+	} else {
+		r->out.sd = NULL;
+	}
+	if (r->out.sd) {
+	NDR_CHECK(ndr_pull_subcontext_flags_fn(ndr, r->out.sd, (ndr_pull_flags_fn_t) ndr_pull_security_descriptor));
+	}
 	NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
 
 	return NT_STATUS_OK;
@@ -2359,11 +2381,28 @@ void ndr_print_samr_QuerySecurity(struct ndr_print *ndr, const char *name, int f
 	if (flags & NDR_IN) {
 		ndr_print_struct(ndr, "in", "samr_QuerySecurity");
 	ndr->depth++;
+	ndr_print_ptr(ndr, "handle", r->in.handle);
+	ndr->depth++;
+		ndr_print_policy_handle(ndr, "handle", r->in.handle);
+	ndr->depth--;
+	ndr_print_uint32(ndr, "sec_info", r->in.sec_info);
 	ndr->depth--;
 	}
 	if (flags & NDR_OUT) {
 		ndr_print_struct(ndr, "out", "samr_QuerySecurity");
 	ndr->depth++;
+	ndr_print_ptr(ndr, "length", r->out.length);
+	ndr->depth++;
+	if (r->out.length) {
+		ndr_print_uint32(ndr, "length", *r->out.length);
+	}
+	ndr->depth--;
+	ndr_print_ptr(ndr, "sd", r->out.sd);
+	ndr->depth++;
+	if (r->out.sd) {
+		ndr_print_security_descriptor(ndr, "sd", r->out.sd);
+	}
+	ndr->depth--;
 	ndr_print_NTSTATUS(ndr, "result", &r->out.result);
 	ndr->depth--;
 	}
diff --git a/source4/librpc/ndr/ndr_samr.h b/source4/librpc/ndr/ndr_samr.h
index ed32d3d9f4..2542396341 100644
--- a/source4/librpc/ndr/ndr_samr.h
+++ b/source4/librpc/ndr/ndr_samr.h
@@ -111,9 +111,13 @@ struct samr_SetSecurity {
 
 struct samr_QuerySecurity {
 	struct {
+		struct policy_handle *handle;
+		uint32 sec_info;
 	} in;
 
 	struct {
+		uint32 *length;
+		struct security_descriptor *sd;
 		NTSTATUS result;
 	} out;
 
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index fddf97ef74..346a073723 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -40,6 +40,24 @@ static BOOL test_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 }
 
 
+static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
+			       struct policy_handle *handle)
+{
+	NTSTATUS status;
+	struct samr_QuerySecurity r;
+
+	r.in.handle = handle;
+	r.in.sec_info = 7;
+
+	status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("QuerySecurity failed - %s\n", nt_errstr(status));
+		return False;
+	}
+
+	return True;
+}
+
 
 static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
 				struct policy_handle *handle)
@@ -141,6 +159,10 @@ static BOOL test_OpenUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return False;
 	}
 
+	if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
+		ret = False;
+	}
+
 	if (!test_QueryUserInfo(p, mem_ctx, &acct_handle)) {
 		ret = False;
 	}
@@ -173,6 +195,10 @@ static BOOL test_OpenGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return False;
 	}
 
+	if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
+		ret = False;
+	}
+
 	if (!test_QueryGroupInfo(p, mem_ctx, &acct_handle)) {
 		ret = False;
 	}
@@ -205,6 +231,10 @@ static BOOL test_OpenAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return False;
 	}
 
+	if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
+		ret = False;
+	}
+
 	if (!test_QueryAliasInfo(p, mem_ctx, &acct_handle)) {
 		ret = False;
 	}
@@ -370,6 +400,10 @@ static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return False;
 	}
 
+	if (!test_QuerySecurity(p, mem_ctx, &domain_handle)) {
+		ret = False;
+	}
+
 	if (!test_QueryDomainInfo(p, mem_ctx, &domain_handle)) {
 		ret = False;
 	}
@@ -511,6 +545,10 @@ BOOL torture_rpc_samr(int dummy)
 		ret = False;
 	}
 
+	if (!test_QuerySecurity(p, mem_ctx, &handle)) {
+		ret = False;
+	}
+
 	if (!test_EnumDomains(p, mem_ctx, &handle)) {
 		ret = False;
 	}