summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/librpc/idl/samr.idl7
-rw-r--r--source4/librpc/ndr/ndr_samr.c39
-rw-r--r--source4/librpc/ndr/ndr_samr.h4
-rw-r--r--source4/torture/rpc/samr.c38
4 files changed, 87 insertions, 1 deletions
diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl
index 82794a28e1..a9891c9a19 100644
--- a/source4/librpc/idl/samr.idl
+++ b/source4/librpc/idl/samr.idl
@@ -29,7 +29,12 @@
/******************/
/* Function: 0x03 */
- NTSTATUS samr_QuerySecurity ();
+ NTSTATUS samr_QuerySecurity (
+ [in,ref] policy_handle *handle,
+ [in] uint32 sec_info,
+ [out] uint32 *length,
+ [out,subcontext] security_descriptor *sd
+ );
/******************/
/* Function: 0x04 */
diff --git a/source4/librpc/ndr/ndr_samr.c b/source4/librpc/ndr/ndr_samr.c
index 8e9956618b..f043a92484 100644
--- a/source4/librpc/ndr/ndr_samr.c
+++ b/source4/librpc/ndr/ndr_samr.c
@@ -28,6 +28,8 @@ NTSTATUS ndr_push_samr_SetSecurity(struct ndr_push *ndr, struct samr_SetSecurity
NTSTATUS ndr_push_samr_QuerySecurity(struct ndr_push *ndr, struct samr_QuerySecurity *r)
{
+ NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
+ NDR_CHECK(ndr_push_uint32(ndr, r->in.sec_info));
return NT_STATUS_OK;
}
@@ -500,6 +502,26 @@ NTSTATUS ndr_pull_samr_SetSecurity(struct ndr_pull *ndr, struct samr_SetSecurity
NTSTATUS ndr_pull_samr_QuerySecurity(struct ndr_pull *ndr, struct samr_QuerySecurity *r)
{
+ uint32 _ptr_length;
+ uint32 _ptr_sd;
+ NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_length));
+ if (_ptr_length) {
+ NDR_ALLOC(ndr, r->out.length);
+ } else {
+ r->out.length = NULL;
+ }
+ if (r->out.length) {
+ NDR_CHECK(ndr_pull_uint32(ndr, r->out.length));
+ }
+ NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sd));
+ if (_ptr_sd) {
+ NDR_ALLOC(ndr, r->out.sd);
+ } else {
+ r->out.sd = NULL;
+ }
+ if (r->out.sd) {
+ NDR_CHECK(ndr_pull_subcontext_flags_fn(ndr, r->out.sd, (ndr_pull_flags_fn_t) ndr_pull_security_descriptor));
+ }
NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
return NT_STATUS_OK;
@@ -2359,11 +2381,28 @@ void ndr_print_samr_QuerySecurity(struct ndr_print *ndr, const char *name, int f
if (flags & NDR_IN) {
ndr_print_struct(ndr, "in", "samr_QuerySecurity");
ndr->depth++;
+ ndr_print_ptr(ndr, "handle", r->in.handle);
+ ndr->depth++;
+ ndr_print_policy_handle(ndr, "handle", r->in.handle);
+ ndr->depth--;
+ ndr_print_uint32(ndr, "sec_info", r->in.sec_info);
ndr->depth--;
}
if (flags & NDR_OUT) {
ndr_print_struct(ndr, "out", "samr_QuerySecurity");
ndr->depth++;
+ ndr_print_ptr(ndr, "length", r->out.length);
+ ndr->depth++;
+ if (r->out.length) {
+ ndr_print_uint32(ndr, "length", *r->out.length);
+ }
+ ndr->depth--;
+ ndr_print_ptr(ndr, "sd", r->out.sd);
+ ndr->depth++;
+ if (r->out.sd) {
+ ndr_print_security_descriptor(ndr, "sd", r->out.sd);
+ }
+ ndr->depth--;
ndr_print_NTSTATUS(ndr, "result", &r->out.result);
ndr->depth--;
}
diff --git a/source4/librpc/ndr/ndr_samr.h b/source4/librpc/ndr/ndr_samr.h
index ed32d3d9f4..2542396341 100644
--- a/source4/librpc/ndr/ndr_samr.h
+++ b/source4/librpc/ndr/ndr_samr.h
@@ -111,9 +111,13 @@ struct samr_SetSecurity {
struct samr_QuerySecurity {
struct {
+ struct policy_handle *handle;
+ uint32 sec_info;
} in;
struct {
+ uint32 *length;
+ struct security_descriptor *sd;
NTSTATUS result;
} out;
diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index fddf97ef74..346a073723 100644
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -40,6 +40,24 @@ static BOOL test_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
}
+static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle)
+{
+ NTSTATUS status;
+ struct samr_QuerySecurity r;
+
+ r.in.handle = handle;
+ r.in.sec_info = 7;
+
+ status = dcerpc_samr_QuerySecurity(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("QuerySecurity failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
static BOOL test_QueryAliasInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
struct policy_handle *handle)
@@ -141,6 +159,10 @@ static BOOL test_OpenUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
+ if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
+ ret = False;
+ }
+
if (!test_QueryUserInfo(p, mem_ctx, &acct_handle)) {
ret = False;
}
@@ -173,6 +195,10 @@ static BOOL test_OpenGroup(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
+ if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
+ ret = False;
+ }
+
if (!test_QueryGroupInfo(p, mem_ctx, &acct_handle)) {
ret = False;
}
@@ -205,6 +231,10 @@ static BOOL test_OpenAlias(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
+ if (!test_QuerySecurity(p, mem_ctx, &acct_handle)) {
+ ret = False;
+ }
+
if (!test_QueryAliasInfo(p, mem_ctx, &acct_handle)) {
ret = False;
}
@@ -370,6 +400,10 @@ static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
return False;
}
+ if (!test_QuerySecurity(p, mem_ctx, &domain_handle)) {
+ ret = False;
+ }
+
if (!test_QueryDomainInfo(p, mem_ctx, &domain_handle)) {
ret = False;
}
@@ -511,6 +545,10 @@ BOOL torture_rpc_samr(int dummy)
ret = False;
}
+ if (!test_QuerySecurity(p, mem_ctx, &handle)) {
+ ret = False;
+ }
+
if (!test_EnumDomains(p, mem_ctx, &handle)) {
ret = False;
}