diff options
-rw-r--r-- | source3/librpc/gen_ndr/lsa.h | 2 | ||||
-rw-r--r-- | source3/librpc/idl/lsa.idl | 7 | ||||
-rw-r--r-- | source3/passdb/lookup_sid.c | 8 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 8 | ||||
-rw-r--r-- | source4/libcli/util/clilsa.c | 4 | ||||
-rw-r--r-- | source4/librpc/idl/lsa.idl | 26 | ||||
-rw-r--r-- | source4/rpc_server/lsa/lsa_lookup.c | 14 | ||||
-rw-r--r-- | source4/torture/ndr/lsa.c | 25 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 12 | ||||
-rw-r--r-- | source4/winbind/wb_async_helpers.c | 11 |
10 files changed, 70 insertions, 47 deletions
diff --git a/source3/librpc/gen_ndr/lsa.h b/source3/librpc/gen_ndr/lsa.h index d91cf4b66d..0ccbcdf5b0 100644 --- a/source3/librpc/gen_ndr/lsa.h +++ b/source3/librpc/gen_ndr/lsa.h @@ -9,8 +9,6 @@ #define LSA_ENUM_TRUST_DOMAIN_MULTIPLIER ( 60 ) #define LSA_REF_DOMAIN_LIST_MULTIPLIER ( 32 ) -#define MAX_REF_DOMAINS ( LSA_REF_DOMAIN_LIST_MULTIPLIER ) -#define MAX_LOOKUP_SIDS ( 0x5000 ) #define LSA_ENUM_TRUST_DOMAIN_EX_MULTIPLIER ( 82 ) #define LSA_CLIENT_REVISION_NO_DNS ( 0x00000001 ) #define LSA_CLIENT_REVISION_DNS ( 0x00000002 ) diff --git a/source3/librpc/idl/lsa.idl b/source3/librpc/idl/lsa.idl index cb1f2b028b..2ed267789d 100644 --- a/source3/librpc/idl/lsa.idl +++ b/source3/librpc/idl/lsa.idl @@ -391,8 +391,6 @@ import "misc.idl", "security.idl"; } lsa_TransSidArray; const int LSA_REF_DOMAIN_LIST_MULTIPLIER = 32; - const int MAX_REF_DOMAINS = LSA_REF_DOMAIN_LIST_MULTIPLIER; - typedef struct { [range(0,1000)] uint32 count; [size_is(count)] lsa_DomainInfo *domains; @@ -442,10 +440,7 @@ import "misc.idl", "security.idl"; [size_is(count)] lsa_TranslatedName *names; } lsa_TransNameArray; - /* This number is based on Win2k and later maximum response allowed */ - const int MAX_LOOKUP_SIDS = 0x5000; /* 20480 */ - - [public] NTSTATUS lsa_LookupSids ( + [public] NTSTATUS lsa_LookupSids( [in] policy_handle *handle, [in,ref] lsa_SidArray *sids, [out,ref] lsa_RefDomainList **domains, diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 3861c8e229..b9a67f208e 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -746,7 +746,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, } dom_infos = TALLOC_ZERO_ARRAY(mem_ctx, struct lsa_dom_info, - MAX_REF_DOMAINS); + LSA_REF_DOMAIN_LIST_MULTIPLIER); if (dom_infos == NULL) { result = NT_STATUS_NO_MEMORY; goto fail; @@ -816,7 +816,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, continue; } - for (j=0; j<MAX_REF_DOMAINS; j++) { + for (j=0; j<LSA_REF_DOMAIN_LIST_MULTIPLIER; j++) { if (!dom_infos[j].valid) { break; } @@ -825,7 +825,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, } } - if (j == MAX_REF_DOMAINS) { + if (j == LSA_REF_DOMAIN_LIST_MULTIPLIER) { /* TODO: What's the right error message here? */ result = NT_STATUS_NONE_MAPPED; goto fail; @@ -869,7 +869,7 @@ NTSTATUS lookup_sids(TALLOC_CTX *mem_ctx, int num_sids, /* Iterate over the domains found */ - for (i=0; i<MAX_REF_DOMAINS; i++) { + for (i=0; i<LSA_REF_DOMAIN_LIST_MULTIPLIER; i++) { uint32_t *rids; const char *domain_name = NULL; const char **names; diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 2fa705daf3..3addf91494 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -33,6 +33,8 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV +#define MAX_LOOKUP_SIDS 0x5000 /* 20480 */ + extern PRIVS privs[]; struct lsa_info { @@ -68,13 +70,13 @@ static int init_lsa_ref_domain_list(TALLOC_CTX *mem_ctx, num = ref->count; } - if (num >= MAX_REF_DOMAINS) { + if (num >= LSA_REF_DOMAIN_LIST_MULTIPLIER) { /* index not found, already at maximum domain limit */ return -1; } ref->count = num + 1; - ref->max_size = MAX_REF_DOMAINS; + ref->max_size = LSA_REF_DOMAIN_LIST_MULTIPLIER; ref->domains = TALLOC_REALLOC_ARRAY(mem_ctx, ref->domains, struct lsa_DomainInfo, ref->count); @@ -725,7 +727,7 @@ static NTSTATUS _lsa_lookup_sids_internal(pipes_struct *p, return NT_STATUS_NO_MEMORY; } - for (i=0; i<MAX_REF_DOMAINS; i++) { + for (i=0; i<LSA_REF_DOMAIN_LIST_MULTIPLIER; i++) { if (!dom_infos[i].valid) { break; diff --git a/source4/libcli/util/clilsa.c b/source4/libcli/util/clilsa.c index 43f64186c3..3d33941a1f 100644 --- a/source4/libcli/util/clilsa.c +++ b/source4/libcli/util/clilsa.c @@ -202,6 +202,7 @@ NTSTATUS smblsa_lookup_sid(struct smbcli_state *cli, struct lsa_LookupSids r; struct lsa_TransNameArray names; struct lsa_SidArray sids; + struct lsa_RefDomainList *domains = NULL; uint32_t count = 1; NTSTATUS status; struct dom_sid *sid; @@ -231,6 +232,7 @@ NTSTATUS smblsa_lookup_sid(struct smbcli_state *cli, r.in.count = &count; r.out.count = &count; r.out.names = &names; + r.out.domains = &domains; status = dcerpc_lsa_LookupSids(cli->lsa->pipe, mem_ctx2, &r); if (!NT_STATUS_IS_OK(status)) { @@ -243,7 +245,7 @@ NTSTATUS smblsa_lookup_sid(struct smbcli_state *cli, } (*name) = talloc_asprintf(mem_ctx, "%s\\%s", - r.out.domains->domains[0].name.string, + domains->domains[0].name.string, names.names[0].name.string); talloc_free(mem_ctx2); diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 52701211f6..f3bfb8b359 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -440,13 +440,13 @@ import "misc.idl", "security.idl"; [size_is(count)] lsa_TranslatedName *names; } lsa_TransNameArray; - [public] NTSTATUS lsa_LookupSids ( + [public] NTSTATUS lsa_LookupSids( [in] policy_handle *handle, - [in] lsa_SidArray *sids, - [out,unique] lsa_RefDomainList *domains, - [in,out] lsa_TransNameArray *names, + [in,ref] lsa_SidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransNameArray *names, [in] uint16 level, - [in,out] uint32 *count + [in,out,ref] uint32 *count ); @@ -1013,11 +1013,11 @@ import "misc.idl", "security.idl"; [public] NTSTATUS lsa_LookupSids2( [in] policy_handle *handle, - [in] lsa_SidArray *sids, - [out,unique] lsa_RefDomainList *domains, - [in,out] lsa_TransNameArray2 *names, + [in,ref] lsa_SidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransNameArray2 *names, [in] uint16 level, - [in,out] uint32 *count, + [in,out,ref] uint32 *count, [in] uint32 unknown1, [in] uint32 unknown2 ); @@ -1175,11 +1175,11 @@ import "misc.idl", "security.idl"; /* Function 0x4c */ [public] NTSTATUS lsa_LookupSids3( - [in] lsa_SidArray *sids, - [out,unique] lsa_RefDomainList *domains, - [in,out] lsa_TransNameArray2 *names, + [in,ref] lsa_SidArray *sids, + [out,ref] lsa_RefDomainList **domains, + [in,out,ref] lsa_TransNameArray2 *names, [in] uint16 level, - [in,out] uint32 *count, + [in,out,ref] uint32 *count, [in] uint32 unknown1, [in] uint32 unknown2 ); diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c index 2375a6d27a..e6285365ca 100644 --- a/source4/rpc_server/lsa/lsa_lookup.c +++ b/source4/rpc_server/lsa/lsa_lookup.c @@ -522,6 +522,7 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call, struct lsa_LookupSids2 *r) { struct lsa_policy_state *state; + struct lsa_RefDomainList *domains = NULL; int i; NTSTATUS status = NT_STATUS_OK; @@ -530,7 +531,7 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call, return NT_STATUS_INVALID_PARAMETER; } - r->out.domains = NULL; + *r->out.domains = NULL; /* NOTE: the WSPP test suite tries SIDs with invalid revision numbers, and expects NT_STATUS_INVALID_PARAMETER back - we just treat it as @@ -543,10 +544,11 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call, return status; } - r->out.domains = talloc_zero(mem_ctx, struct lsa_RefDomainList); - if (r->out.domains == NULL) { + domains = talloc_zero(r->out.domains, struct lsa_RefDomainList); + if (domains == NULL) { return NT_STATUS_NO_MEMORY; } + *r->out.domains = domains; r->out.names = talloc_zero(mem_ctx, struct lsa_TransNameArray2); if (r->out.names == NULL) { @@ -592,7 +594,7 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call, /* set up the authority table */ status2 = dcesrv_lsa_authority_list(state, mem_ctx, rtype, authority_name, sid, - r->out.domains, &sid_index); + domains, &sid_index); if (!NT_STATUS_IS_OK(status2)) { continue; } @@ -604,7 +606,7 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call, (*r->out.count)++; } - + if (*r->out.count == 0) { return NT_STATUS_NONE_MAPPED; } @@ -660,6 +662,7 @@ NTSTATUS dcesrv_lsa_LookupSids3(struct dcesrv_call_state *dce_call, r2.in.unknown2 = r->in.unknown2; r2.out.count = r->out.count; r2.out.names = r->out.names; + r2.out.domains = r->out.domains; status = dcesrv_lsa_LookupSids2(dce_call, mem_ctx, &r2); @@ -692,6 +695,7 @@ NTSTATUS dcesrv_lsa_LookupSids(struct dcesrv_call_state *dce_call, TALLOC_CTX *m r2.in.unknown2 = 0; r2.out.count = r->out.count; r2.out.names = NULL; + r2.out.domains = r->out.domains; status = dcesrv_lsa_LookupSids2(dce_call, mem_ctx, &r2); /* we deliberately don't check for error from the above, diff --git a/source4/torture/ndr/lsa.c b/source4/torture/ndr/lsa.c index 0d6d786882..6f580bd8d8 100644 --- a/source4/torture/ndr/lsa.c +++ b/source4/torture/ndr/lsa.c @@ -1014,11 +1014,12 @@ static const uint8_t lsarlookupsids_out_data[] = { static bool lsarlookupsids_out_check(struct torture_context *tctx, struct lsa_LookupSids *r) { - torture_assert(tctx, r->out.domains != NULL, "domains"); - torture_assert_int_equal(tctx, r->out.domains->count, 1, "domains count"); - torture_assert_int_equal(tctx, r->out.domains->max_size, 32, "domains size"); - torture_assert(tctx, r->out.domains->domains != NULL, "domains domains"); - torture_assert_str_equal(tctx, r->out.domains->domains[0].name.string, "BUILTIN", "name"); + struct lsa_RefDomainList *domains = *(r->out.domains); + torture_assert(tctx, domains != NULL, "domains"); + torture_assert_int_equal(tctx, domains->count, 1, "domains count"); + torture_assert_int_equal(tctx, domains->max_size, 32, "domains size"); + torture_assert(tctx, domains->domains != NULL, "domains domains"); + torture_assert_str_equal(tctx, domains->domains[0].name.string, "BUILTIN", "name"); torture_assert_ntstatus_ok(tctx, r->out.result, "return code"); return true; } @@ -1474,12 +1475,13 @@ static const uint8_t lsarlookupsids2_out_data[] = { static bool lsarlookupsids2_out_check(struct torture_context *tctx, struct lsa_LookupSids2 *r) { + struct lsa_RefDomainList *domains = *(r->out.domains); /* FIXME: Handle */ torture_assert(tctx, r->out.names != NULL, "names ptr"); torture_assert(tctx, r->out.domains != NULL, "domains ptr"); - torture_assert_int_equal(tctx, r->out.domains->count, 4, "domains count"); - torture_assert_int_equal(tctx, r->out.domains->max_size, 32, "domains size"); - torture_assert_str_equal(tctx, r->out.domains->domains[0].name.string, "NT AUTHORITY", "trust info name"); + torture_assert_int_equal(tctx, domains->count, 4, "domains count"); + torture_assert_int_equal(tctx, domains->max_size, 32, "domains size"); + torture_assert_str_equal(tctx, domains->domains[0].name.string, "NT AUTHORITY", "trust info name"); torture_assert_int_equal(tctx, r->out.names->count, 7, "names count"); torture_assert_str_equal(tctx, r->out.names->names[0].name.string, "Account Operators", "name str 1"); torture_assert_str_equal(tctx, r->out.names->names[1].name.string, "Administrators", "name str 2"); @@ -1749,12 +1751,13 @@ static const uint8_t lsarlookupsids3_out_data[] = { static bool lsarlookupsids3_out_check(struct torture_context *tctx, struct lsa_LookupSids3 *r) { + struct lsa_RefDomainList *domains = *(r->out.domains); /* FIXME: Handle */ torture_assert(tctx, r->out.names != NULL, "names ptr"); torture_assert(tctx, r->out.domains != NULL, "domains ptr"); - torture_assert_int_equal(tctx, r->out.domains->count, 4, "domains count"); - torture_assert_int_equal(tctx, r->out.domains->max_size, 32, "domains size"); - torture_assert_str_equal(tctx, r->out.domains->domains[0].name.string, "NT AUTHORITY", "trust info name"); + torture_assert_int_equal(tctx, domains->count, 4, "domains count"); + torture_assert_int_equal(tctx, domains->max_size, 32, "domains size"); + torture_assert_str_equal(tctx, domains->domains[0].name.string, "NT AUTHORITY", "trust info name"); torture_assert_int_equal(tctx, r->out.names->count, 7, "names count"); torture_assert_str_equal(tctx, r->out.names->names[0].name.string, "Account Operators", "name str 1"); torture_assert_str_equal(tctx, r->out.names->names[1].name.string, "Administrators", "name str 2"); diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index a5f7f73959..ea9435bd95 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -449,6 +449,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p, { struct lsa_LookupSids r; struct lsa_TransNameArray names; + struct lsa_RefDomainList *domains = NULL; uint32_t count = sids->num_sids; NTSTATUS status; @@ -464,6 +465,7 @@ static bool test_LookupSids(struct dcerpc_pipe *p, r.in.count = &count; r.out.count = &count; r.out.names = &names; + r.out.domains = &domains; status = dcerpc_lsa_LookupSids(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -488,6 +490,7 @@ static bool test_LookupSids2(struct dcerpc_pipe *p, { struct lsa_LookupSids2 r; struct lsa_TransNameArray2 names; + struct lsa_RefDomainList *domains = NULL; uint32_t count = sids->num_sids; NTSTATUS status; @@ -505,6 +508,7 @@ static bool test_LookupSids2(struct dcerpc_pipe *p, r.in.unknown2 = 0; r.out.count = &count; r.out.names = &names; + r.out.domains = &domains; status = dcerpc_lsa_LookupSids2(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -531,6 +535,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p, { struct lsa_LookupSids3 r; struct lsa_TransNameArray2 names; + struct lsa_RefDomainList *domains = NULL; uint32_t count = sids->num_sids; NTSTATUS status; @@ -545,6 +550,7 @@ static bool test_LookupSids3(struct dcerpc_pipe *p, r.in.count = &count; r.in.unknown1 = 0; r.in.unknown2 = 0; + r.out.domains = &domains; r.out.count = &count; r.out.names = &names; @@ -594,6 +600,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, if (handle) { struct lsa_LookupSids r; struct lsa_TransNameArray names; + struct lsa_RefDomainList *domains = NULL; names.count = 0; names.names = NULL; @@ -604,6 +611,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, r.in.count = &names.count; r.out.count = &count; r.out.names = &names; + r.out.domains = &domains; status = dcerpc_lsa_LookupSids(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -619,6 +627,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, } else if (p->conn->security_state.auth_info->auth_type == DCERPC_AUTH_TYPE_SCHANNEL && p->conn->security_state.auth_info->auth_level >= DCERPC_AUTH_LEVEL_INTEGRITY) { struct lsa_LookupSids3 r; + struct lsa_RefDomainList *domains = NULL; struct lsa_TransNameArray2 names; names.count = 0; @@ -634,6 +643,7 @@ bool test_many_LookupSids(struct dcerpc_pipe *p, r.in.unknown2 = 0; r.out.count = &count; r.out.names = &names; + r.out.domains = &domains; status = dcerpc_lsa_LookupSids3(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { @@ -683,6 +693,7 @@ static bool test_LookupSids_async(struct dcerpc_pipe *p, uint32_t *count; struct lsa_TransNameArray *names; struct lsa_LookupSids *r; + struct lsa_RefDomainList *domains = NULL; struct rpc_request **req; int i, replies; bool ret = true; @@ -714,6 +725,7 @@ static bool test_LookupSids_async(struct dcerpc_pipe *p, r[i].in.count = &names[i].count; r[i].out.count = &count[i]; r[i].out.names = &names[i]; + r[i].out.domains = &domains; req[i] = dcerpc_lsa_LookupSids_send(p, req, &r[i]); if (req[i] == NULL) { diff --git a/source4/winbind/wb_async_helpers.c b/source4/winbind/wb_async_helpers.c index 25d52a16b5..b9c37ca588 100644 --- a/source4/winbind/wb_async_helpers.c +++ b/source4/winbind/wb_async_helpers.c @@ -41,6 +41,7 @@ struct lsa_lookupsids_state { struct lsa_LookupSids r; struct lsa_SidArray sids; struct lsa_TransNameArray names; + struct lsa_RefDomainList *domains; uint32_t count; struct wb_sid_object **result; }; @@ -76,6 +77,9 @@ struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx, if (state->sids.sids[i].sid == NULL) goto failed; } + state->domains = talloc(state, struct lsa_RefDomainList); + if (state->domains == NULL) goto failed; + state->count = 0; state->num_sids = num_sids; state->names.count = 0; @@ -88,6 +92,7 @@ struct composite_context *wb_lsa_lookupsids_send(TALLOC_CTX *mem_ctx, state->r.in.count = &state->count; state->r.out.names = &state->names; state->r.out.count = &state->count; + state->r.out.domains = &state->domains; req = dcerpc_lsa_LookupSids_send(lsa_pipe, state, &state->r); if (req == NULL) goto failed; @@ -125,6 +130,8 @@ static void lsa_lookupsids_recv_names(struct rpc_request *req) struct lsa_TranslatedName *name = &state->r.out.names->names[i]; struct lsa_DomainInfo *dom; + struct lsa_RefDomainList *domains = + state->domains; state->result[i] = talloc_zero(state->result, struct wb_sid_object); @@ -135,13 +142,13 @@ static void lsa_lookupsids_recv_names(struct rpc_request *req) continue; } - if (name->sid_index >= state->r.out.domains->count) { + if (name->sid_index >= domains->count) { composite_error(state->ctx, NT_STATUS_INVALID_PARAMETER); return; } - dom = &state->r.out.domains->domains[name->sid_index]; + dom = &domains->domains[name->sid_index]; state->result[i]->domain = talloc_reference(state->result[i], dom->name.string); if ((name->sid_type == SID_NAME_DOMAIN) || |