summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/libcli/ndr/ndr_basic.c16
-rw-r--r--source4/libcli/ndr/ndr_lsa.c25
-rw-r--r--source4/libcli/ndr/ndr_lsa.h12
-rw-r--r--source4/libcli/rpc/rpc_lsa.c42
-rw-r--r--source4/torture/rpc/lsa.c46
5 files changed, 129 insertions, 12 deletions
diff --git a/source4/libcli/ndr/ndr_basic.c b/source4/libcli/ndr/ndr_basic.c
index 8cbf375403..21326c2a62 100644
--- a/source4/libcli/ndr/ndr_basic.c
+++ b/source4/libcli/ndr/ndr_basic.c
@@ -177,6 +177,7 @@ NTSTATUS ndr_push_bytes(struct ndr_push *ndr, const char *data, uint32 n)
*/
NTSTATUS ndr_push_length4_start(struct ndr_push *ndr, struct ndr_push_save *save)
{
+ NDR_PUSH_ALIGN(ndr, 4);
save->offset = ndr->offset;
return ndr_push_u32(ndr, 0);
}
@@ -203,21 +204,16 @@ NTSTATUS ndr_push_ptr(struct ndr_push *ndr, const void *p)
*/
NTSTATUS ndr_push_unistr(struct ndr_push *ndr, const char *s)
{
- smb_ucs2_t *ws;
+ char *ws;
ssize_t len;
- int i;
- len = push_ucs2_talloc(ndr->mem_ctx, &ws, s);
+ len = push_ucs2_talloc(ndr->mem_ctx, (smb_ucs2_t **)&ws, s);
if (len == -1) {
return NT_STATUS_INVALID_PARAMETER;
}
- NDR_CHECK(ndr_push_u32(ndr, len));
+ NDR_CHECK(ndr_push_u32(ndr, len/2));
NDR_CHECK(ndr_push_u32(ndr, 0));
- NDR_CHECK(ndr_push_u32(ndr, len-2));
- NDR_PUSH_NEED_BYTES(ndr, len);
- for (i=0;i<len;i+=2) {
- SSVAL(ndr->data, ndr->offset + i, ws[i]);
- }
- ndr->offset += i;
+ NDR_CHECK(ndr_push_u32(ndr, len/2));
+ NDR_CHECK(ndr_push_bytes(ndr, ws, len));
return NT_STATUS_OK;
}
diff --git a/source4/libcli/ndr/ndr_lsa.c b/source4/libcli/ndr/ndr_lsa.c
index 6649bd04c2..5955432915 100644
--- a/source4/libcli/ndr/ndr_lsa.c
+++ b/source4/libcli/ndr/ndr_lsa.c
@@ -83,3 +83,28 @@ NTSTATUS ndr_pull_lsa_OpenPolicy(struct ndr_pull *ndr,
NDR_CHECK(ndr_pull_status(ndr, &r->out.status));
return NT_STATUS_OK;
}
+
+/*
+ push a openpolicy2
+*/
+NTSTATUS ndr_push_lsa_OpenPolicy2(struct ndr_push *ndr,
+ struct lsa_OpenPolicy2 *r)
+{
+ NDR_CHECK(ndr_push_ptr(ndr, r->in.system_name));
+ NDR_CHECK(ndr_push_unistr(ndr, r->in.system_name));
+ NDR_CHECK(ndr_push_lsa_ObjectAttribute(ndr, r->in.attr));
+ NDR_CHECK(ndr_push_u32(ndr, r->in.desired_access));
+ return NT_STATUS_OK;
+}
+
+
+/*
+ parse a openpolicy2
+*/
+NTSTATUS ndr_pull_lsa_OpenPolicy2(struct ndr_pull *ndr,
+ struct lsa_OpenPolicy2 *r)
+{
+ NDR_CHECK(ndr_pull_policy_handle(ndr, &r->out.handle));
+ NDR_CHECK(ndr_pull_status(ndr, &r->out.status));
+ return NT_STATUS_OK;
+}
diff --git a/source4/libcli/ndr/ndr_lsa.h b/source4/libcli/ndr/ndr_lsa.h
index 4a0aff8323..cfdd98e24e 100644
--- a/source4/libcli/ndr/ndr_lsa.h
+++ b/source4/libcli/ndr/ndr_lsa.h
@@ -45,3 +45,15 @@ struct lsa_OpenPolicy {
NTSTATUS status;
} out;
};
+
+struct lsa_OpenPolicy2 {
+ struct {
+ const char *system_name;
+ struct lsa_ObjectAttribute *attr;
+ uint32 desired_access;
+ } in;
+ struct {
+ struct policy_handle handle;
+ NTSTATUS status;
+ } out;
+};
diff --git a/source4/libcli/rpc/rpc_lsa.c b/source4/libcli/rpc/rpc_lsa.c
index b747762984..8e1a48857e 100644
--- a/source4/libcli/rpc/rpc_lsa.c
+++ b/source4/libcli/rpc/rpc_lsa.c
@@ -62,3 +62,45 @@ done:
talloc_destroy(mem_ctx);
return status;
}
+
+
+/*
+ OpenPolicy2 interface
+*/
+NTSTATUS dcerpc_lsa_OpenPolicy2(struct dcerpc_pipe *p,
+ const char *server,
+ struct lsa_ObjectAttribute *attr,
+ uint32 access_mask,
+ struct policy_handle *handle)
+{
+ struct lsa_OpenPolicy2 r;
+ NTSTATUS status;
+ TALLOC_CTX *mem_ctx;
+
+ mem_ctx = talloc_init("dcerpc_rpcecho_addone");
+ if (!mem_ctx) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ /* fill the .in side of the call */
+ r.in.system_name = server;
+ r.in.attr = attr;
+ r.in.desired_access = access_mask;
+
+ /* make the call */
+ status = dcerpc_ndr_request(p, LSA_OPENPOLICY2, mem_ctx,
+ (ndr_push_fn_t) ndr_push_lsa_OpenPolicy2,
+ (ndr_pull_fn_t) ndr_pull_lsa_OpenPolicy2,
+ &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ goto done;
+ }
+
+ /* and extract the .out parameters */
+ *handle = r.out.handle;
+ status = r.out.status;
+
+done:
+ talloc_destroy(mem_ctx);
+ return status;
+}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 95a07ef0c6..a4062d1181 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -28,6 +28,8 @@ static BOOL test_OpenPolicy(struct dcerpc_pipe *p)
struct lsa_QosInfo qos;
NTSTATUS status;
+ printf("testing OpenPolicy\n");
+
qos.impersonation_level = 2;
qos.context_mode = 1;
qos.effective_only = 0;
@@ -51,11 +53,45 @@ static BOOL test_OpenPolicy(struct dcerpc_pipe *p)
return True;
}
+
+static BOOL test_OpenPolicy2(struct dcerpc_pipe *p)
+{
+ struct lsa_ObjectAttribute attr;
+ struct policy_handle handle;
+ struct lsa_QosInfo qos;
+ NTSTATUS status;
+
+ printf("testing OpenPolicy2\n");
+
+ qos.impersonation_level = 2;
+ qos.context_mode = 1;
+ qos.effective_only = 0;
+
+ attr.root_dir = NULL;
+ attr.object_name = NULL;
+ attr.attributes = 0;
+ attr.sec_desc = NULL;
+ attr.sec_qos = &qos;
+
+ status = dcerpc_lsa_OpenPolicy2(p,
+ "\\",
+ &attr,
+ SEC_RIGHTS_MAXIMUM_ALLOWED,
+ &handle);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("OpenPolicy2 failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
BOOL torture_rpc_lsa(int dummy)
{
NTSTATUS status;
struct dcerpc_pipe *p;
TALLOC_CTX *mem_ctx;
+ BOOL ret = True;
mem_ctx = talloc_init("torture_rpc_lsa");
@@ -64,9 +100,15 @@ BOOL torture_rpc_lsa(int dummy)
return False;
}
- test_OpenPolicy(p);
+ if (!test_OpenPolicy(p)) {
+ ret = False;
+ }
+
+ if (!test_OpenPolicy2(p)) {
+ ret = False;
+ }
torture_rpc_close(p);
- return NT_STATUS_IS_OK(status);
+ return ret;
}