summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/librpc/idl/lsa.idl2
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c32
-rw-r--r--source4/torture/rpc/lsa.c40
-rw-r--r--source4/torture/rpc/samsync.c4
4 files changed, 44 insertions, 34 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 9cc39d8d2e..3803100785 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -716,7 +716,7 @@ import "misc.idl", "security.idl";
NTSTATUS lsa_QueryTrustedDomainInfo(
[in] policy_handle *trustdom_handle,
[in] lsa_TrustDomInfoEnum level,
- [out,switch_is(level),unique] lsa_TrustedDomainInfo *info
+ [out,switch_is(level),ref] lsa_TrustedDomainInfo **info
);
/* Function: 0x1b */
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 9989e031de..371510cc98 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1314,6 +1314,7 @@ static NTSTATUS fill_trust_domain_ex(TALLOC_CTX *mem_ctx,
static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
struct lsa_QueryTrustedDomainInfo *r)
{
+ union lsa_TrustedDomainInfo *info = NULL;
struct dcesrv_handle *h;
struct lsa_trusted_domain_state *trusted_domain_state;
struct ldb_message *msg;
@@ -1342,17 +1343,19 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_
}
msg = res[0];
- r->out.info = talloc(mem_ctx, union lsa_TrustedDomainInfo);
- if (!r->out.info) {
+ info = talloc_zero(mem_ctx, union lsa_TrustedDomainInfo);
+ if (!info) {
return NT_STATUS_NO_MEMORY;
}
+ *r->out.info = info;
+
switch (r->in.level) {
case LSA_TRUSTED_DOMAIN_INFO_NAME:
- r->out.info->name.netbios_name.string
+ info->name.netbios_name.string
= samdb_result_string(msg, "flatname", NULL);
break;
case LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET:
- r->out.info->posix_offset.posix_offset
+ info->posix_offset.posix_offset
= samdb_result_uint(msg, "posixOffset", 0);
break;
#if 0 /* Win2k3 doesn't implement this */
@@ -1364,32 +1367,32 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_
break;
#endif
case LSA_TRUSTED_DOMAIN_INFO_INFO_EX:
- return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->info_ex);
+ return fill_trust_domain_ex(mem_ctx, msg, &info->info_ex);
case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO:
- ZERO_STRUCT(r->out.info->full_info);
- return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->full_info.info_ex);
+ ZERO_STRUCT(info->full_info);
+ return fill_trust_domain_ex(mem_ctx, msg, &info->full_info.info_ex);
case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL:
- ZERO_STRUCT(r->out.info->full_info2_internal);
- r->out.info->full_info2_internal.posix_offset.posix_offset
+ ZERO_STRUCT(info->full_info2_internal);
+ info->full_info2_internal.posix_offset.posix_offset
= samdb_result_uint(msg, "posixOffset", 0);
- return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->full_info2_internal.info.info_ex);
+ return fill_trust_domain_ex(mem_ctx, msg, &info->full_info2_internal.info.info_ex);
case LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES:
- r->out.info->enc_types.enc_types
+ info->enc_types.enc_types
= samdb_result_uint(msg, "msDs-supportedEncryptionTypes", KERB_ENCTYPE_RC4_HMAC_MD5);
break;
case LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS:
case LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL:
/* oops, we don't want to return the info after all */
- talloc_free(r->out.info);
+ talloc_free(info);
r->out.info = NULL;
return NT_STATUS_INVALID_PARAMETER;
default:
/* oops, we don't want to return the info after all */
- talloc_free(r->out.info);
+ talloc_free(info);
r->out.info = NULL;
return NT_STATUS_INVALID_INFO_CLASS;
}
@@ -1407,6 +1410,7 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state
NTSTATUS status;
struct lsa_OpenTrustedDomain open;
struct lsa_QueryTrustedDomainInfo query;
+ union lsa_TrustedDomainInfo *info;
struct dcesrv_handle *h;
open.in.handle = r->in.handle;
open.in.sid = r->in.dom_sid;
@@ -1423,7 +1427,7 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state
/* Ensure this handle goes away at the end of this call */
DCESRV_PULL_HANDLE(h, open.out.trustdom_handle, DCESRV_HANDLE_ANY);
talloc_steal(mem_ctx, h);
-
+
query.in.trustdom_handle = open.out.trustdom_handle;
query.in.level = r->in.level;
query.out.info = r->out.info;
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 34e3c1b78d..87408b816e 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -1805,7 +1805,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
for (j=0; j < ARRAY_SIZE(levels); j++) {
struct lsa_QueryTrustedDomainInfo q;
- union lsa_TrustedDomainInfo info;
+ union lsa_TrustedDomainInfo *info = NULL;
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[j];
q.out.info = &info;
@@ -1876,7 +1876,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p,
for (j=0; j < ARRAY_SIZE(levels); j++) {
struct lsa_QueryTrustedDomainInfo q;
- union lsa_TrustedDomainInfo info;
+ union lsa_TrustedDomainInfo *info = NULL;
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[j];
q.out.info = &info;
@@ -2067,6 +2067,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
struct dom_sid *domsid[12];
struct policy_handle trustdom_handle[12];
struct lsa_QueryTrustedDomainInfo q;
+ union lsa_TrustedDomainInfo *info = NULL;
int i;
printf("\nTesting CreateTrustedDomain for 12 domains\n");
@@ -2101,6 +2102,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
q.in.trustdom_handle = &trustdom_handle[i];
q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX;
+ q.out.info = &info;
status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status));
@@ -2108,24 +2110,24 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p,
} else if (!q.out.info) {
ret = false;
} else {
- if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.name.string) != 0) {
+ if (strcmp(info->info_ex.netbios_name.string, trustinfo.name.string) != 0) {
printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n",
- q.out.info->info_ex.netbios_name.string, trustinfo.name.string);
+ info->info_ex.netbios_name.string, trustinfo.name.string);
ret = false;
}
- if (q.out.info->info_ex.trust_type != LSA_TRUST_TYPE_DOWNLEVEL) {
+ if (info->info_ex.trust_type != LSA_TRUST_TYPE_DOWNLEVEL) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust type %d != %d\n",
- trust_name, q.out.info->info_ex.trust_type, LSA_TRUST_TYPE_DOWNLEVEL);
+ trust_name, info->info_ex.trust_type, LSA_TRUST_TYPE_DOWNLEVEL);
ret = false;
}
- if (q.out.info->info_ex.trust_attributes != 0) {
+ if (info->info_ex.trust_attributes != 0) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust attributes %d != %d\n",
- trust_name, q.out.info->info_ex.trust_attributes, 0);
+ trust_name, info->info_ex.trust_attributes, 0);
ret = false;
}
- if (q.out.info->info_ex.trust_direction != LSA_TRUST_DIRECTION_OUTBOUND) {
+ if (info->info_ex.trust_direction != LSA_TRUST_DIRECTION_OUTBOUND) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust direction %d != %d\n",
- trust_name, q.out.info->info_ex.trust_direction, LSA_TRUST_DIRECTION_OUTBOUND);
+ trust_name, info->info_ex.trust_direction, LSA_TRUST_DIRECTION_OUTBOUND);
ret = false;
}
}
@@ -2161,6 +2163,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
struct dom_sid *domsid[12];
struct policy_handle trustdom_handle[12];
struct lsa_QueryTrustedDomainInfo q;
+ union lsa_TrustedDomainInfo *info = NULL;
DATA_BLOB session_key;
enum ndr_err_code ndr_err;
int i;
@@ -2233,6 +2236,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
q.in.trustdom_handle = &trustdom_handle[i];
q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX;
+ q.out.info = &info;
status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status));
@@ -2241,24 +2245,24 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p,
printf("QueryTrustedDomainInfo level 1 failed to return an info pointer\n");
ret = false;
} else {
- if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) {
+ if (strcmp(info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) {
printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n",
- q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string);
+ info->info_ex.netbios_name.string, trustinfo.netbios_name.string);
ret = false;
}
- if (q.out.info->info_ex.trust_type != trustinfo.trust_type) {
+ if (info->info_ex.trust_type != trustinfo.trust_type) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust type %d != %d\n",
- trust_name, q.out.info->info_ex.trust_type, trustinfo.trust_type);
+ trust_name, info->info_ex.trust_type, trustinfo.trust_type);
ret = false;
}
- if (q.out.info->info_ex.trust_attributes != LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) {
+ if (info->info_ex.trust_attributes != LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust attributes %d != %d\n",
- trust_name, q.out.info->info_ex.trust_attributes, LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION);
+ trust_name, info->info_ex.trust_attributes, LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION);
ret = false;
}
- if (q.out.info->info_ex.trust_direction != trustinfo.trust_direction) {
+ if (info->info_ex.trust_direction != trustinfo.trust_direction) {
printf("QueryTrustedDomainInfo of %s returned incorrect trust direction %d != %d\n",
- trust_name, q.out.info->info_ex.trust_direction, trustinfo.trust_direction);
+ trust_name, info->info_ex.trust_direction, trustinfo.trust_direction);
ret = false;
}
}
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 14c05b2c05..fdd86da28c 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -967,6 +967,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
struct policy_handle trustdom_handle;
struct lsa_QueryTrustedDomainInfo q;
union lsa_TrustedDomainInfo *info[9];
+ union lsa_TrustedDomainInfo *_info = NULL;
int levels [] = {1, 3, 8};
int i;
@@ -987,6 +988,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
for (i=0; i< ARRAY_SIZE(levels); i++) {
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[i];
+ q.out.info = &_info;
status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
if (q.in.level == 8 && NT_STATUS_EQUAL(status,NT_STATUS_INVALID_PARAMETER)) {
@@ -997,7 +999,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
levels[i], nt_errstr(status));
return false;
}
- info[levels[i]] = q.out.info;
+ info[levels[i]] = _info;
}
if (info[8]) {