summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/librpc/idl/lsa.idl2
-rw-r--r--source4/librpc/idl/lsa.idl4
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c42
-rw-r--r--source4/torture/rpc/lsa.c12
-rw-r--r--source4/torture/rpc/samsync.c12
5 files changed, 46 insertions, 26 deletions
diff --git a/source3/librpc/idl/lsa.idl b/source3/librpc/idl/lsa.idl
index 1b2d9ea8fb..570a7c0d04 100644
--- a/source3/librpc/idl/lsa.idl
+++ b/source3/librpc/idl/lsa.idl
@@ -488,7 +488,7 @@ import "misc.idl", "security.idl";
[size_is(count)] lsa_LUIDAttribute set[*];
} lsa_PrivilegeSet;
- NTSTATUS lsa_EnumPrivsAccount (
+ NTSTATUS lsa_EnumPrivsAccount(
[in] policy_handle *handle,
[out,ref] lsa_PrivilegeSet **privs
);
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index c8cbab5bcc..00e2e7753b 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -483,9 +483,9 @@ import "misc.idl", "security.idl";
[size_is(count)] lsa_LUIDAttribute set[*];
} lsa_PrivilegeSet;
- NTSTATUS lsa_EnumPrivsAccount (
+ NTSTATUS lsa_EnumPrivsAccount(
[in] policy_handle *handle,
- [out,unique] lsa_PrivilegeSet *privs
+ [out,ref] lsa_PrivilegeSet **privs
);
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 1285936f3c..7936369df4 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1724,15 +1724,21 @@ static NTSTATUS dcesrv_lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
const char * const attrs[] = { "privilege", NULL};
struct ldb_message_element *el;
const char *sidstr;
+ struct lsa_PrivilegeSet *privs;
DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_ACCOUNT);
astate = h->data;
- r->out.privs = talloc(mem_ctx, struct lsa_PrivilegeSet);
- r->out.privs->count = 0;
- r->out.privs->unknown = 0;
- r->out.privs->set = NULL;
+ privs = talloc(mem_ctx, struct lsa_PrivilegeSet);
+ if (privs == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ privs->count = 0;
+ privs->unknown = 0;
+ privs->set = NULL;
+
+ *r->out.privs = privs;
sidstr = ldap_encode_ndr_dom_sid(mem_ctx, astate->account_sid);
if (sidstr == NULL) {
@@ -1750,9 +1756,9 @@ static NTSTATUS dcesrv_lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
return NT_STATUS_OK;
}
- r->out.privs->set = talloc_array(r->out.privs,
- struct lsa_LUIDAttribute, el->num_values);
- if (r->out.privs->set == NULL) {
+ privs->set = talloc_array(privs,
+ struct lsa_LUIDAttribute, el->num_values);
+ if (privs->set == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -1761,12 +1767,12 @@ static NTSTATUS dcesrv_lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
if (id == -1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
- r->out.privs->set[i].attribute = 0;
- r->out.privs->set[i].luid.low = id;
- r->out.privs->set[i].luid.high = 0;
+ privs->set[i].attribute = 0;
+ privs->set[i].luid.low = id;
+ privs->set[i].luid.high = 0;
}
- r->out.privs->count = el->num_values;
+ privs->count = el->num_values;
return NT_STATUS_OK;
}
@@ -2058,8 +2064,18 @@ static NTSTATUS dcesrv_lsa_GetSystemAccessAccount(struct dcesrv_call_state *dce_
int i;
NTSTATUS status;
struct lsa_EnumPrivsAccount enumPrivs;
+ struct lsa_PrivilegeSet *privs;
+
+ privs = talloc(mem_ctx, struct lsa_PrivilegeSet);
+ if (!privs) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ privs->count = 0;
+ privs->unknown = 0;
+ privs->set = NULL;
enumPrivs.in.handle = r->in.handle;
+ enumPrivs.out.privs = &privs;
status = dcesrv_lsa_EnumPrivsAccount(dce_call, mem_ctx, &enumPrivs);
if (!NT_STATUS_IS_OK(status)) {
@@ -2068,8 +2084,8 @@ static NTSTATUS dcesrv_lsa_GetSystemAccessAccount(struct dcesrv_call_state *dce_
*(r->out.access_mask) = 0x00000000;
- for (i = 0; i < enumPrivs.out.privs->count; i++) {
- int priv = enumPrivs.out.privs->set[i].luid.low;
+ for (i = 0; i < privs->count; i++) {
+ int priv = privs->set[i].luid.low;
switch (priv) {
case SEC_PRIV_INTERACTIVE_LOGON:
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 9cb209335b..62e0c22ce2 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -867,11 +867,13 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p,
{
NTSTATUS status;
struct lsa_EnumPrivsAccount r;
+ struct lsa_PrivilegeSet *privs = NULL;
bool ret = true;
printf("\nTesting EnumPrivsAccount\n");
r.in.handle = acct_handle;
+ r.out.privs = &privs;
status = dcerpc_lsa_EnumPrivsAccount(p, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {
@@ -879,17 +881,17 @@ static bool test_EnumPrivsAccount(struct dcerpc_pipe *p,
return false;
}
- if (r.out.privs && r.out.privs->count > 0) {
+ if (privs && privs->count > 0) {
int i;
- for (i=0;i<r.out.privs->count;i++) {
+ for (i=0;i<privs->count;i++) {
test_LookupPrivName(p, mem_ctx, handle,
- &r.out.privs->set[i].luid);
+ &privs->set[i].luid);
}
ret &= test_RemovePrivilegesFromAccount(p, mem_ctx, handle, acct_handle,
- &r.out.privs->set[0].luid);
+ &privs->set[0].luid);
ret &= test_AddPrivilegesToAccount(p, mem_ctx, acct_handle,
- &r.out.privs->set[0].luid);
+ &privs->set[0].luid);
}
return ret;
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 257d2c81bc..26660921a4 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -1027,6 +1027,7 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
struct lsa_OpenAccount a;
struct policy_handle acct_handle;
struct lsa_EnumPrivsAccount e;
+ struct lsa_PrivilegeSet *privs = NULL;
struct lsa_LookupPrivName r;
int i, j;
@@ -1049,6 +1050,7 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
found_priv_in_lsa = talloc_zero_array(mem_ctx, bool, account->privilege_entries);
e.in.handle = &acct_handle;
+ e.out.privs = &privs;
status = dcerpc_lsa_EnumPrivsAccount(samsync_state->p_lsa, mem_ctx, &e);
if (!NT_STATUS_IS_OK(status)) {
@@ -1056,23 +1058,23 @@ static bool samsync_handle_account(TALLOC_CTX *mem_ctx, struct samsync_state *sa
return false;
}
- if ((account->privilege_entries && !e.out.privs)) {
+ if ((account->privilege_entries && !privs)) {
printf("Account %s has privileges in SamSync, but not LSA\n",
dom_sid_string(mem_ctx, dom_sid));
return false;
}
- if (!account->privilege_entries && e.out.privs && e.out.privs->count) {
+ if (!account->privilege_entries && privs && privs->count) {
printf("Account %s has privileges in LSA, but not SamSync\n",
dom_sid_string(mem_ctx, dom_sid));
return false;
}
- TEST_INT_EQUAL(account->privilege_entries, e.out.privs->count);
+ TEST_INT_EQUAL(account->privilege_entries, privs->count);
- for (i=0;i< e.out.privs->count; i++) {
+ for (i=0;i< privs->count; i++) {
r.in.handle = samsync_state->lsa_handle;
- r.in.luid = &e.out.privs->set[i].luid;
+ r.in.luid = &privs->set[i].luid;
status = dcerpc_lsa_LookupPrivName(samsync_state->p_lsa, mem_ctx, &r);
if (!NT_STATUS_IS_OK(status)) {