diff options
-rw-r--r-- | source4/librpc/idl/lsa.idl | 35 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_lsa.c | 139 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_lsa.h | 29 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 78 |
4 files changed, 230 insertions, 51 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 8a1b4d546f..7d652e2449 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -16,11 +16,36 @@ /******************/ /* Function: 0x01 */ - NTSTATUS lsa_Delete (); + NTSTATUS lsa_Delete ( + [in,ref] policy_handle *handle + ); /******************/ /* Function: 0x02 */ - NTSTATUS lsa_EnumPrivs (); + + typedef struct { + uint16 name_len; + uint16 name_size; + unistr_noterm *name; + } lsa_Name; + + typedef struct { + lsa_Name name; + uint32 luid_low; + uint32 luid_high; + } lsa_PrivEntry; + + typedef struct { + uint32 count; + [size_is(count)] lsa_PrivEntry *privs; + } lsa_PrivArray; + + NTSTATUS lsa_EnumPrivs ( + [in,ref] policy_handle *handle, + [in,out,ref] uint32 *resume_handle, + [in] uint32 max_count, + [out,ref] lsa_PrivArray *privs + ); /******************/ /* Function: 0x03 */ @@ -113,12 +138,6 @@ /* Function: 0x0e */ typedef struct { - uint16 name_len; - uint16 name_size; - unistr_noterm *name; - } lsa_Name; - - typedef struct { uint16 sid_type; uint32 rid; uint32 sid_index; diff --git a/source4/librpc/ndr/ndr_lsa.c b/source4/librpc/ndr/ndr_lsa.c index 54c81d2b49..b0ce82885d 100644 --- a/source4/librpc/ndr/ndr_lsa.c +++ b/source4/librpc/ndr/ndr_lsa.c @@ -18,6 +18,7 @@ NTSTATUS ndr_pull_lsa_Close(struct ndr_pull *ndr, struct lsa_Close *r) NTSTATUS ndr_push_lsa_Delete(struct ndr_push *ndr, struct lsa_Delete *r) { + NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); return NT_STATUS_OK; } @@ -29,14 +30,116 @@ NTSTATUS ndr_pull_lsa_Delete(struct ndr_pull *ndr, struct lsa_Delete *r) return NT_STATUS_OK; } +static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct lsa_Name *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_uint16(ndr, r->name_len)); + NDR_CHECK(ndr_push_uint16(ndr, r->name_size)); + NDR_CHECK(ndr_push_ptr(ndr, r->name)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->name) { + NDR_CHECK(ndr_push_unistr_noterm(ndr, r->name)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_Name(struct ndr_pull *ndr, int ndr_flags, struct lsa_Name *r) +{ + uint32 _ptr_name; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint16(ndr, &r->name_len)); + NDR_CHECK(ndr_pull_uint16(ndr, &r->name_size)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_name)); + if (_ptr_name) { + NDR_ALLOC(ndr, r->name); + } else { + r->name = NULL; + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->name) { + NDR_CHECK(ndr_pull_unistr_noterm(ndr, &r->name)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_PrivEntry(struct ndr_push *ndr, int ndr_flags, struct lsa_PrivEntry *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_push_uint32(ndr, r->luid_low)); + NDR_CHECK(ndr_push_uint32(ndr, r->luid_high)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name)); +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_PrivEntry(struct ndr_pull *ndr, int ndr_flags, struct lsa_PrivEntry *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->luid_low)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->luid_high)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name)); +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_PrivArray(struct ndr_push *ndr, int ndr_flags, struct lsa_PrivArray *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_uint32(ndr, r->count)); + NDR_CHECK(ndr_push_ptr(ndr, r->privs)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->privs) { + NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->privs, sizeof(r->privs[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_PrivEntry)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_PrivArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_PrivArray *r) +{ + uint32 _ptr_privs; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint32(ndr, &r->count)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_privs)); + if (_ptr_privs) { + NDR_ALLOC(ndr, r->privs); + } else { + r->privs = NULL; + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->privs) { + NDR_ALLOC_N_SIZE(ndr, r->privs, r->count, sizeof(r->privs[0])); + NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->privs, sizeof(r->privs[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_PrivEntry)); + } +done: + return NT_STATUS_OK; +} + NTSTATUS ndr_push_lsa_EnumPrivs(struct ndr_push *ndr, struct lsa_EnumPrivs *r) { + NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); + NDR_CHECK(ndr_push_uint32(ndr, *r->in.resume_handle)); + NDR_CHECK(ndr_push_uint32(ndr, r->in.max_count)); return NT_STATUS_OK; } NTSTATUS ndr_pull_lsa_EnumPrivs(struct ndr_pull *ndr, struct lsa_EnumPrivs *r) { + NDR_CHECK(ndr_pull_uint32(ndr, r->out.resume_handle)); + NDR_CHECK(ndr_pull_lsa_PrivArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.privs)); NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); return NT_STATUS_OK; @@ -396,42 +499,6 @@ NTSTATUS ndr_pull_lsa_EnumTrustDom(struct ndr_pull *ndr, struct lsa_EnumTrustDom return NT_STATUS_OK; } -static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct lsa_Name *r) -{ - if (!(ndr_flags & NDR_SCALARS)) goto buffers; - NDR_CHECK(ndr_push_uint16(ndr, r->name_len)); - NDR_CHECK(ndr_push_uint16(ndr, r->name_size)); - NDR_CHECK(ndr_push_ptr(ndr, r->name)); -buffers: - if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->name) { - NDR_CHECK(ndr_push_unistr_noterm(ndr, r->name)); - } -done: - return NT_STATUS_OK; -} - -static NTSTATUS ndr_pull_lsa_Name(struct ndr_pull *ndr, int ndr_flags, struct lsa_Name *r) -{ - uint32 _ptr_name; - if (!(ndr_flags & NDR_SCALARS)) goto buffers; - NDR_CHECK(ndr_pull_uint16(ndr, &r->name_len)); - NDR_CHECK(ndr_pull_uint16(ndr, &r->name_size)); - NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_name)); - if (_ptr_name) { - NDR_ALLOC(ndr, r->name); - } else { - r->name = NULL; - } -buffers: - if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->name) { - NDR_CHECK(ndr_pull_unistr_noterm(ndr, &r->name)); - } -done: - return NT_STATUS_OK; -} - static NTSTATUS ndr_push_lsa_TranslatedSid(struct ndr_push *ndr, int ndr_flags, struct lsa_TranslatedSid *r) { if (!(ndr_flags & NDR_SCALARS)) goto buffers; diff --git a/source4/librpc/ndr/ndr_lsa.h b/source4/librpc/ndr/ndr_lsa.h index 92f596b692..1436c8cfab 100644 --- a/source4/librpc/ndr/ndr_lsa.h +++ b/source4/librpc/ndr/ndr_lsa.h @@ -13,6 +13,7 @@ struct lsa_Close { struct lsa_Delete { struct { + struct policy_handle *handle; } in; struct { @@ -21,11 +22,33 @@ struct lsa_Delete { }; +struct lsa_Name { + uint16 name_len; + uint16 name_size; + const char *name; +}; + +struct lsa_PrivEntry { + struct lsa_Name name; + uint32 luid_low; + uint32 luid_high; +}; + +struct lsa_PrivArray { + uint32 count; + struct lsa_PrivEntry *privs; +}; + struct lsa_EnumPrivs { struct { + struct policy_handle *handle; + uint32 *resume_handle; + uint32 max_count; } in; struct { + uint32 *resume_handle; + struct lsa_PrivArray *privs; NTSTATUS result; } out; @@ -173,12 +196,6 @@ struct lsa_EnumTrustDom { }; -struct lsa_Name { - uint16 name_len; - uint16 name_size; - const char *name; -}; - struct lsa_TranslatedSid { uint16 sid_type; uint32 rid; diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index a22e2d6e32..8e3a36bb74 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -330,6 +330,65 @@ static BOOL test_EnumAccounts(struct dcerpc_pipe *p, } +static BOOL test_EnumPrivs(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct lsa_EnumPrivs r; + struct lsa_PrivArray privs1; + uint32 resume_handle = 0; + int i; + + printf("\ntesting EnumPrivs\n"); + + r.in.handle = handle; + r.in.resume_handle = &resume_handle; + r.in.max_count = 1000; + r.out.resume_handle = &resume_handle; + r.out.privs = &privs1; + + resume_handle = 0; + status = dcerpc_lsa_EnumPrivs(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("EnumPrivs failed - %s\n", nt_errstr(status)); + return False; + } + + printf("Got %d privs resume_handle=%u\n", privs1.count, resume_handle); + + for (i=0;i<privs1.count;i++) { + printf("luid=%08x-%08x '%s'\n", + privs1.privs[i].luid_low, + privs1.privs[i].luid_high, + privs1.privs[i].name.name); + } + + return True; +} + + +static BOOL test_Delete(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct lsa_Delete r; + + printf("\ntesting Delete - but what does it do?\n"); + + r.in.handle = handle; + status = dcerpc_lsa_Delete(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("Delete failed - %s\n", nt_errstr(status)); + return False; + } + + printf("\n"); + + return True; +} + static BOOL test_Close(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) @@ -346,6 +405,13 @@ static BOOL test_Close(struct dcerpc_pipe *p, return False; } + status = dcerpc_lsa_Close(p, mem_ctx, &r); + /* its really a fault - we need a status code for rpc fault */ + if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL)) { + printf("Close failed - %s\n", nt_errstr(status)); + return False; + } + printf("\n"); return True; @@ -377,11 +443,21 @@ BOOL torture_rpc_lsa(int dummy) if (!test_EnumAccounts(p, mem_ctx, &handle)) { ret = False; } + + if (!test_EnumPrivs(p, mem_ctx, &handle)) { + ret = False; + } - if (!test_Close(p, mem_ctx, &handle)) { +#if 0 + if (!test_Delete(p, mem_ctx, &handle)) { ret = False; } +#endif + if (!test_Close(p, mem_ctx, &handle)) { + ret = False; + } + torture_rpc_close(p); return ret; |