diff options
-rw-r--r-- | source4/librpc/idl/drsblobs.idl | 10 | ||||
-rw-r--r-- | source4/librpc/idl/lsa.idl | 24 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 40 |
3 files changed, 63 insertions, 11 deletions
diff --git a/source4/librpc/idl/drsblobs.idl b/source4/librpc/idl/drsblobs.idl index 39c9680bdb..196423c7dd 100644 --- a/source4/librpc/idl/drsblobs.idl +++ b/source4/librpc/idl/drsblobs.idl @@ -409,12 +409,20 @@ interface drsblobs { [size_is(1)] AuthenticationInformation array[]; } AuthenticationInformationArray; - typedef [public,nopull,nopush,noprint] struct { + typedef [public,nopull,nopush,noprint,gensize] struct { uint32 count; [relative] AuthenticationInformationArray *current; [relative] AuthenticationInformationArray *previous; } trustAuthInOutBlob; + typedef [public] struct { + uint8 confounder[512]; + trustAuthInOutBlob outgoing; + trustAuthInOutBlob incoming; + [value(ndr_size_trustAuthInOutBlob(&outgoing, ndr->flags))] uint32 outgoing_size; + [value(ndr_size_trustAuthInOutBlob(&incoming, ndr->flags))] uint32 incoming_size; + } trustAuthInAndOutBlob; + void decode_trustAuthInOut( [in] trustAuthInOutBlob blob ); diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 81931ae02a..4de3d6f1bf 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -607,13 +607,23 @@ import "misc.idl", "security.idl"; } lsa_TrustDomainInfoFullInfo; typedef struct { + lsa_DATA_BUF2 auth_blob; + } lsa_TrustDomainInfoAuthInfoInternal; + + typedef struct { + lsa_TrustDomainInfoInfoEx info_ex; + lsa_TrustDomainInfoPosixOffset posix_offset; + lsa_TrustDomainInfoAuthInfoInternal auth_info; + } lsa_TrustDomainInfoFullInfoInternal; + + typedef struct { lsa_TrustDomainInfoInfoEx info_ex; - lsa_DATA_BUF2 data1; + uint32 forest_trust_length; + [size_is(forest_trust_length)] uint8 *forest_trust_data; } lsa_TrustDomainInfoInfoEx2Internal; typedef struct { - lsa_TrustDomainInfoInfoEx info_ex; - lsa_DATA_BUF2 data1; + lsa_TrustDomainInfoInfoEx2Internal info; lsa_TrustDomainInfoPosixOffset posix_offset; lsa_TrustDomainInfoAuthInfo auth_info; } lsa_TrustDomainInfoInfo2Internal; @@ -640,9 +650,9 @@ import "misc.idl", "security.idl"; [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO)] lsa_TrustDomainInfoFullInfo full_info; [case(LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL)] - lsa_TrustDomainInfoAuthInfo auth_info_internal; + lsa_TrustDomainInfoAuthInfoInternal auth_info_internal; [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_INTERNAL)] - lsa_TrustDomainInfoFullInfo full_info_internal; + lsa_TrustDomainInfoFullInfoInternal full_info_internal; [case(LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL)] lsa_TrustDomainInfoInfoEx2Internal info_ex2_internal; [case(LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL)] @@ -875,7 +885,7 @@ import "misc.idl", "security.idl"; NTSTATUS lsa_CreateTrustedDomainEx( [in] policy_handle *policy_handle, [in] lsa_TrustDomainInfoInfoEx *info, - [in] lsa_TrustDomainInfoAuthInfo *auth_info, + [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info, [in] uint32 access_mask, [out] policy_handle *trustdom_handle ); @@ -996,7 +1006,7 @@ import "misc.idl", "security.idl"; NTSTATUS lsa_CreateTrustedDomainEx2( [in] policy_handle *policy_handle, [in] lsa_TrustDomainInfoInfoEx *info, - [in] lsa_TrustDomainInfoAuthInfo *auth_info, + [in] lsa_TrustDomainInfoAuthInfoInternal *auth_info, [in] uint32 access_mask, [out] policy_handle *trustdom_handle ); diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 1e35d94235..316412ec9e 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -23,11 +23,13 @@ #include "torture/torture.h" #include "librpc/gen_ndr/ndr_lsa_c.h" #include "librpc/gen_ndr/netlogon.h" +#include "librpc/gen_ndr/ndr_drsblobs.h" #include "lib/events/events.h" #include "libcli/security/security.h" #include "libcli/auth/libcli_auth.h" #include "torture/rpc/rpc.h" #include "param/param.h" +#include "lib/crypto/crypto.h" #define TEST_MACHINENAME "lsatestmach" static void init_lsa_String(struct lsa_String *name, const char *s) @@ -1882,6 +1884,9 @@ static bool test_EnumTrustDom(struct dcerpc_pipe *p, return false; } + /* Start from the bottom again */ + resume_handle = 0; + do { r.in.handle = handle; r.in.resume_handle = &resume_handle; @@ -2063,6 +2068,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, } static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, + struct torture_context *tctx, TALLOC_CTX *mem_ctx, struct policy_handle *handle) { @@ -2070,13 +2076,24 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, bool ret = true; struct lsa_CreateTrustedDomainEx2 r; struct lsa_TrustDomainInfoInfoEx trustinfo; + struct lsa_TrustDomainInfoAuthInfoInternal authinfo; + struct trustAuthInAndOutBlob auth_struct; + DATA_BLOB auth_blob; struct dom_sid *domsid[12]; struct policy_handle trustdom_handle[12]; struct lsa_QueryTrustedDomainInfo q; + DATA_BLOB session_key; + enum ndr_err_code ndr_err; int i; printf("Testing CreateTrustedDomainEx2 for 12 domains\n"); + status = dcerpc_fetch_session_key(p, &session_key); + if (!NT_STATUS_IS_OK(status)) { + printf("dcerpc_fetch_session_key failed - %s\n", nt_errstr(status)); + return false; + } + for (i=0; i< 12; i++) { char *trust_name = talloc_asprintf(mem_ctx, "torturedom%02d", i); char *trust_name_dns = talloc_asprintf(mem_ctx, "torturedom%02d.samba.example.com", i); @@ -2102,9 +2119,26 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, trustinfo.trust_attributes = LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION; + generate_random_buffer(auth_struct.confounder, sizeof(auth_struct.confounder)); + + auth_struct.outgoing.count = 0; + auth_struct.incoming.count = 0; + + ndr_err = ndr_push_struct_blob(&auth_blob, mem_ctx, lp_iconv_convenience(tctx->lp_ctx), &auth_struct, + (ndr_push_flags_fn_t)ndr_push_trustAuthInAndOutBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + printf("ndr_push_struct_blob of trustAuthInAndOutBlob structure failed"); + ret = false; + } + + arcfour_crypt_blob(auth_blob.data, auth_blob.length, &session_key); + + authinfo.auth_blob.size = auth_blob.length; + authinfo.auth_blob.data = auth_blob.data; + r.in.policy_handle = handle; r.in.info = &trustinfo; - r.in.auth_info = NULL; + r.in.auth_info = &authinfo; r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; r.out.trustdom_handle = &trustdom_handle[i]; @@ -2114,7 +2148,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, status = dcerpc_lsa_CreateTrustedDomainEx2(p, mem_ctx, &r); } if (!NT_STATUS_IS_OK(status)) { - printf("CreateTrustedDomainEx failed - %s\n", nt_errstr(status)); + printf("CreateTrustedDomainEx failed2 - %s\n", nt_errstr(status)); ret = false; } else { @@ -2452,7 +2486,7 @@ bool torture_rpc_lsa(struct torture_context *tctx) ret = false; } - if (!test_CreateTrustedDomainEx2(p, tctx, handle)) { + if (!test_CreateTrustedDomainEx2(p, tctx, tctx, handle)) { ret = false; } |