summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/librpc/idl/lsa.idl17
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c12
-rw-r--r--source4/torture/rpc/lsa.c75
-rw-r--r--source4/torture/rpc/samsync.c4
4 files changed, 83 insertions, 25 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 15d1445250..a0f0e6cffc 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -435,7 +435,7 @@
} lsa_TrustedDomainInfo;
/* Function: 0x1a */
- NTSTATUS lsa_QueryInfoTrustedDomain(
+ NTSTATUS lsa_QueryTrustedDomainInfo(
[in,ref] policy_handle *trustdom_handle,
[in] uint16 level,
[out,switch_is(level)] lsa_TrustedDomainInfo *info
@@ -544,7 +544,13 @@
);
/* Function: 0x27 */
- NTSTATUS lsa_QueryTrustDomainInfo();
+ NTSTATUS lsa_QueryTrustedDomainInfoBySid(
+ [in,ref] policy_handle *handle,
+ [in,ref] dom_sid2 *dom_sid,
+ [in] uint16 level,
+ [out,switch_is(level)] lsa_TrustedDomainInfo *info
+ );
+
/* Function: 0x28 */
NTSTATUS lsa_SetTrustDomainInfo();
/* Function: 0x29 */
@@ -581,7 +587,12 @@
NTSTATUS lsa_SetInfoPolicy2();
/* Function 0x30 */
- NTSTATUS lsa_QueryTrustedDomainInfoByName();
+ NTSTATUS lsa_QueryTrustedDomainInfoByName(
+ [in,ref] policy_handle *handle,
+ [in] lsa_String trusted_domain,
+ [in] uint16 level,
+ [out,switch_is(level)] lsa_TrustedDomainInfo *info
+ );
/* Function 0x31 */
NTSTATUS lsa_SetTrustedDomainInfoByName();
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 845e568619..78b5e41398 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -613,10 +613,10 @@ static NTSTATUS lsa_OpenTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC
/*
- lsa_QueryInfoTrustedDomain
+ lsa_QueryTrustedDomainInfo
*/
-static NTSTATUS lsa_QueryInfoTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct lsa_QueryInfoTrustedDomain *r)
+static NTSTATUS lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct lsa_QueryTrustedDomainInfo *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
@@ -743,10 +743,10 @@ static NTSTATUS lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call, TALL
/*
- lsa_QueryTrustDomainInfo
+ lsa_QueryTrustedDomainInfoBySid
*/
-static NTSTATUS lsa_QueryTrustDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct lsa_QueryTrustDomainInfo *r)
+static NTSTATUS lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+ struct lsa_QueryTrustedDomainInfoBySid *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index a0b4e816bb..1fce7d9fa6 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -769,12 +769,12 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p,
return False;
}
- printf("\nTesting OpenTrustedDomain and OpenTrustedDomainByName\n");
+ printf("\nTesting OpenTrustedDomain, OpenTrustedDomainByName and QueryInfoTrustedDomain\n");
for (i=0; i< domains.count; i++) {
struct lsa_OpenTrustedDomain trust;
struct lsa_OpenTrustedDomainByName trust_by_name;
- struct policy_handle trust_handle;
+ struct policy_handle trustdom_handle;
struct policy_handle handle2;
struct lsa_Close c;
int levels [] = {1, 3, 6};
@@ -782,7 +782,7 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p,
trust.in.handle = handle;
trust.in.sid = domains.domains[i].sid;
trust.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
- trust.out.trustdom_handle = &trust_handle;
+ trust.out.trustdom_handle = &trustdom_handle;
status = dcerpc_lsa_OpenTrustedDomain(p, mem_ctx, &trust);
@@ -791,33 +791,33 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p,
return False;
}
- c.in.handle = &trust_handle;
+ c.in.handle = &trustdom_handle;
c.out.handle = &handle2;
- for (j=1; j < ARRAY_SIZE(levels); j++) {
- struct lsa_QueryInfoTrustedDomain q;
+ for (j=0; j < ARRAY_SIZE(levels); j++) {
+ struct lsa_QueryTrustedDomainInfo q;
union lsa_TrustedDomainInfo info;
- q.in.trustdom_handle = &trust_handle;
+ q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[j];
q.out.info = &info;
- status = dcerpc_lsa_QueryInfoTrustedDomain(p, mem_ctx, &q);
+ status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
- printf("QueryInfoTrustedDomain level %d failed - %s\n",
- j, nt_errstr(status));
+ printf("QueryTrustedDomainInfo level %d failed - %s\n",
+ levels[j], nt_errstr(status));
ret = False;
}
}
status = dcerpc_lsa_Close(p, mem_ctx, &c);
if (!NT_STATUS_IS_OK(status)) {
- printf("Close of trusted doman failed - %s\n", nt_errstr(status));
+ printf("Close of trusted domain failed - %s\n", nt_errstr(status));
return False;
}
trust_by_name.in.handle = handle;
trust_by_name.in.name = domains.domains[i].name;
trust_by_name.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
- trust_by_name.out.trustdom_handle = &trust_handle;
+ trust_by_name.out.trustdom_handle = &trustdom_handle;
status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &trust_by_name);
@@ -826,14 +826,61 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p,
return False;
}
- c.in.handle = &trust_handle;
+ for (j=0; j < ARRAY_SIZE(levels); j++) {
+ struct lsa_QueryTrustedDomainInfo q;
+ union lsa_TrustedDomainInfo info;
+ q.in.trustdom_handle = &trustdom_handle;
+ q.in.level = levels[j];
+ q.out.info = &info;
+ status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("QueryTrustedDomainInfo level %d failed - %s\n",
+ levels[j], nt_errstr(status));
+ ret = False;
+ }
+ }
+
+ c.in.handle = &trustdom_handle;
c.out.handle = &handle2;
status = dcerpc_lsa_Close(p, mem_ctx, &c);
if (!NT_STATUS_IS_OK(status)) {
- printf("Close of trusted doman failed - %s\n", nt_errstr(status));
+ printf("Close of trusted domain failed - %s\n", nt_errstr(status));
return False;
}
+
+ for (j=0; j < ARRAY_SIZE(levels); j++) {
+ struct lsa_QueryTrustedDomainInfoBySid q;
+ union lsa_TrustedDomainInfo info;
+ q.in.handle = handle;
+ q.in.dom_sid = domains.domains[i].sid;
+ q.in.level = levels[j];
+ q.out.info = &info;
+ status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, mem_ctx, &q);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("QueryTrustedDomainInfoBySid level %d failed - %s\n",
+ levels[j], nt_errstr(status));
+ ret = False;
+ }
+ }
+
+ for (j=0; j < ARRAY_SIZE(levels); j++) {
+ struct lsa_QueryTrustedDomainInfoByName q;
+ union lsa_TrustedDomainInfo info;
+ q.in.handle = handle;
+ q.in.trusted_domain = domains.domains[i].name;
+ q.in.level = levels[j];
+ q.out.info = &info;
+ status = dcerpc_lsa_QueryTrustedDomainInfoByName(p, mem_ctx, &q);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("QueryTrustedDomainInfoByName level %d failed - %s\n",
+ levels[j], nt_errstr(status));
+ ret = False;
+ }
+ }
+
+
+
}
return ret;
diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index 4a875d6335..2afd63bf54 100644
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -781,7 +781,7 @@ static BOOL samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
struct samsync_trusted_domain *new = talloc_p(samsync_state, struct samsync_trusted_domain);
struct lsa_OpenTrustedDomain t;
struct policy_handle trustdom_handle;
- struct lsa_QueryInfoTrustedDomain q;
+ struct lsa_QueryTrustedDomainInfo q;
union lsa_TrustedDomainInfo *info[4];
int levels [] = {1, 3};
int i;
@@ -803,7 +803,7 @@ static BOOL samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st
for (i=0; i< ARRAY_SIZE(levels); i++) {
q.in.trustdom_handle = &trustdom_handle;
q.in.level = levels[i];
- status = dcerpc_lsa_QueryInfoTrustedDomain(samsync_state->p_lsa, mem_ctx, &q);
+ status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q);
if (!NT_STATUS_IS_OK(status)) {
printf("QueryInfoTrustedDomain level %d failed - %s\n",
levels[i], nt_errstr(status));