summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/librpc/idl/lsa.idl23
-rw-r--r--source4/librpc/ndr/ndr_basic.c29
-rw-r--r--source4/librpc/ndr/ndr_lsa.c97
-rw-r--r--source4/librpc/ndr/ndr_lsa.h30
-rw-r--r--source4/librpc/rpc/rpc_lsa.c20
-rw-r--r--source4/torture/rpc/lsa.c68
6 files changed, 262 insertions, 5 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index c807f19d49..886b8fd225 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -57,7 +57,7 @@
typedef struct {
uint16 name_len;
uint16 name_size;
- unistr *name;
+ unistr_noterm *name;
} lsa_Name;
typedef struct {
@@ -90,4 +90,25 @@
[in] uint16 level,
[in,out,ref] uint32 *count
);
+
+ typedef struct {
+ uint16 sid_type;
+ uint32 rid;
+ uint32 sid_index;
+ } lsa_TranslatedSid;
+
+ typedef struct {
+ uint32 count;
+ [size_is(count)] lsa_TranslatedSid *sids;
+ } lsa_TransSidArray;
+
+ NTSTATUS lsa_LookupNames (
+ [in,ref] policy_handle *handle,
+ [in] uint32 num_names,
+ [in,ref,size_is(num_names)] lsa_Name *names,
+ [out] lsa_RefDomainList *domains,
+ [in,out,ref] lsa_TransSidArray *sids,
+ [in] uint16 level,
+ [in,out,ref] uint32 *count
+ );
}
diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c
index 3e6d0b30e6..6ada49997f 100644
--- a/source4/librpc/ndr/ndr_basic.c
+++ b/source4/librpc/ndr/ndr_basic.c
@@ -221,7 +221,7 @@ NTSTATUS ndr_push_length4_end(struct ndr_push *ndr, struct ndr_push_save *save)
*/
NTSTATUS ndr_push_ptr(struct ndr_push *ndr, const void *p)
{
- return ndr_push_uint32(ndr, p?1:0);
+ return ndr_push_uint32(ndr, p?0xaabbccdd:0);
}
/*
@@ -243,6 +243,25 @@ NTSTATUS ndr_push_unistr(struct ndr_push *ndr, const char *s)
}
/*
+ push a comformant, variable ucs2 string onto the wire from a C string
+ don't send the null
+*/
+NTSTATUS ndr_push_unistr_noterm(struct ndr_push *ndr, const char *s)
+{
+ char *ws;
+ ssize_t len;
+ len = push_ucs2_talloc(ndr->mem_ctx, (smb_ucs2_t **)&ws, s);
+ if (len == -1) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ NDR_CHECK(ndr_push_uint32(ndr, len/2 - 1));
+ NDR_CHECK(ndr_push_uint32(ndr, 0));
+ NDR_CHECK(ndr_push_uint32(ndr, len/2 - 1));
+ NDR_CHECK(ndr_push_bytes(ndr, ws, len - 2));
+ return NT_STATUS_OK;
+}
+
+/*
pull a comformant, variable ucs2 string from the wire into a C string
*/
NTSTATUS ndr_pull_unistr(struct ndr_pull *ndr, const char **s)
@@ -269,6 +288,14 @@ NTSTATUS ndr_pull_unistr(struct ndr_pull *ndr, const char **s)
}
/*
+ pull a comformant, variable ucs2 string from the wire into a C string
+*/
+NTSTATUS ndr_pull_unistr_noterm(struct ndr_pull *ndr, const char **s)
+{
+ return ndr_pull_unistr(ndr, s);
+}
+
+/*
push a 4 byte offset pointer, remembering where we are so we can later fill
in the correct value
*/
diff --git a/source4/librpc/ndr/ndr_lsa.c b/source4/librpc/ndr/ndr_lsa.c
index 8e42b3786b..12b981c1e7 100644
--- a/source4/librpc/ndr/ndr_lsa.c
+++ b/source4/librpc/ndr/ndr_lsa.c
@@ -267,7 +267,7 @@ static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct ls
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->name) {
- NDR_CHECK(ndr_push_unistr(ndr, r->name));
+ NDR_CHECK(ndr_push_unistr_noterm(ndr, r->name));
}
done:
return NT_STATUS_OK;
@@ -288,7 +288,7 @@ static NTSTATUS ndr_pull_lsa_Name(struct ndr_pull *ndr, int ndr_flags, struct ls
buffers:
if (!(ndr_flags & NDR_BUFFERS)) goto done;
if (r->name) {
- NDR_CHECK(ndr_pull_unistr(ndr, &r->name));
+ NDR_CHECK(ndr_pull_unistr_noterm(ndr, &r->name));
}
done:
return NT_STATUS_OK;
@@ -457,3 +457,96 @@ NTSTATUS ndr_pull_lsa_LookupSids(struct ndr_pull *ndr, struct lsa_LookupSids *r)
return NT_STATUS_OK;
}
+static NTSTATUS ndr_push_lsa_TranslatedSid(struct ndr_push *ndr, int ndr_flags, struct lsa_TranslatedSid *r)
+{
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_push_uint16(ndr, r->sid_type));
+ NDR_CHECK(ndr_push_uint32(ndr, r->rid));
+ NDR_CHECK(ndr_push_uint32(ndr, r->sid_index));
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+done:
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_TranslatedSid(struct ndr_pull *ndr, int ndr_flags, struct lsa_TranslatedSid *r)
+{
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_pull_uint16(ndr, &r->sid_type));
+ NDR_CHECK(ndr_pull_uint32(ndr, &r->rid));
+ NDR_CHECK(ndr_pull_uint32(ndr, &r->sid_index));
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+done:
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_push_lsa_TransSidArray(struct ndr_push *ndr, int ndr_flags, struct lsa_TransSidArray *r)
+{
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_push_uint32(ndr, r->count));
+ NDR_CHECK(ndr_push_ptr(ndr, r->sids));
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+ if (r->sids) {
+ NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid));
+ }
+done:
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_TransSidArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransSidArray *r)
+{
+ uint32 _ptr_sids;
+ if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+ NDR_CHECK(ndr_pull_uint32(ndr, &r->count));
+ NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sids));
+ if (_ptr_sids) {
+ NDR_ALLOC(ndr, r->sids);
+ } else {
+ r->sids = NULL;
+ }
+buffers:
+ if (!(ndr_flags & NDR_BUFFERS)) goto done;
+ if (r->sids) {
+ NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)&r->sids, sizeof(r->sids[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TranslatedSid));
+ }
+done:
+ return NT_STATUS_OK;
+}
+
+NTSTATUS ndr_push_lsa_LookupNames(struct ndr_push *ndr, struct lsa_LookupNames *r)
+{
+ NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
+ NDR_CHECK(ndr_push_uint32(ndr, r->in.num_names));
+ if (r->in.names) {
+ int ndr_flags = NDR_SCALARS|NDR_BUFFERS;
+ NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->in.names, sizeof(r->in.names[0]), r->in.num_names, (ndr_push_flags_fn_t)ndr_push_lsa_Name));
+ }
+ NDR_CHECK(ndr_push_lsa_TransSidArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sids));
+ NDR_CHECK(ndr_push_uint16(ndr, r->in.level));
+ NDR_CHECK(ndr_push_uint32(ndr, *r->in.count));
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS ndr_pull_lsa_LookupNames(struct ndr_pull *ndr, struct lsa_LookupNames *r)
+{
+ uint32 _ptr_domains;
+ NDR_ALLOC(ndr, r->out.domains);
+ NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains));
+ if (_ptr_domains) {
+ NDR_ALLOC(ndr, r->out.domains);
+ } else {
+ r->out.domains = NULL;
+ }
+ if (r->out.domains) {
+ NDR_CHECK(ndr_pull_lsa_RefDomainList(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.domains));
+ }
+ NDR_CHECK(ndr_pull_lsa_TransSidArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.sids));
+ NDR_CHECK(ndr_pull_uint32(ndr, r->out.count));
+ NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));
+
+ return NT_STATUS_OK;
+}
+
diff --git a/source4/librpc/ndr/ndr_lsa.h b/source4/librpc/ndr/ndr_lsa.h
index ef70c5d073..770138f349 100644
--- a/source4/librpc/ndr/ndr_lsa.h
+++ b/source4/librpc/ndr/ndr_lsa.h
@@ -112,3 +112,33 @@ struct lsa_LookupSids {
};
+struct lsa_TranslatedSid {
+ uint16 sid_type;
+ uint32 rid;
+ uint32 sid_index;
+};
+
+struct lsa_TransSidArray {
+ uint32 count;
+ struct lsa_TranslatedSid *sids;
+};
+
+struct lsa_LookupNames {
+ struct {
+ struct policy_handle *handle;
+ uint32 num_names;
+ struct lsa_Name *names;
+ struct lsa_TransSidArray *sids;
+ uint16 level;
+ uint32 *count;
+ } in;
+
+ struct {
+ struct lsa_RefDomainList *domains;
+ struct lsa_TransSidArray *sids;
+ uint32 *count;
+ NTSTATUS result;
+ } out;
+
+};
+
diff --git a/source4/librpc/rpc/rpc_lsa.c b/source4/librpc/rpc/rpc_lsa.c
index c6f6f80e73..82039244e7 100644
--- a/source4/librpc/rpc/rpc_lsa.c
+++ b/source4/librpc/rpc/rpc_lsa.c
@@ -168,3 +168,23 @@ NTSTATUS dcerpc_lsa_LookupSids(struct dcerpc_pipe *p,
return r->out.result;
}
+
+/*
+ LookupNames interface
+*/
+NTSTATUS dcerpc_lsa_LookupNames(struct dcerpc_pipe *p,
+ TALLOC_CTX *mem_ctx,
+ struct lsa_LookupNames *r)
+{
+ NTSTATUS status;
+
+ status = dcerpc_ndr_request(p, LSA_LOOKUPNAMES, mem_ctx,
+ (ndr_push_fn_t) ndr_push_lsa_LookupNames,
+ (ndr_pull_fn_t) ndr_pull_lsa_LookupNames,
+ r);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ return r->out.result;
+}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 044c09ced0..3f107be41e 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -143,6 +143,69 @@ static BOOL test_OpenPolicy2(struct dcerpc_pipe *p, struct policy_handle *handle
return True;
}
+static BOOL test_LookupNames(struct dcerpc_pipe *p,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle,
+ struct lsa_TransNameArray *tnames)
+{
+ struct lsa_LookupNames r;
+ struct lsa_TransSidArray sids;
+ struct lsa_Name *names;
+ uint32 count = 0;
+ NTSTATUS status;
+ int i;
+
+ printf("\nTesting LookupNames\n");
+
+ sids.count = 0;
+ sids.sids = NULL;
+
+ names = talloc(mem_ctx, tnames->count * sizeof(names[0]));
+ for (i=0;i<tnames->count;i++) {
+ names[i].name_len = 2*strlen(tnames->names[i].name.name);
+ names[i].name_size = 2*strlen(tnames->names[i].name.name);
+ names[i].name = tnames->names[i].name.name;
+ }
+
+ r.in.handle = handle;
+ r.in.num_names = tnames->count;
+ r.in.names = names;
+ r.in.sids = &sids;
+ r.in.level = 1;
+ r.in.count = &count;
+ r.out.count = &count;
+ r.out.sids = &sids;
+
+ status = dcerpc_lsa_LookupNames(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("LookupNames failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ if (r.out.domains) {
+ printf("lookup gave %d domains (max_count=%d)\n",
+ r.out.domains->count,
+ r.out.domains->max_count);
+ for (i=0;i<r.out.domains->count;i++) {
+ printf("name='%s' sid=%s\n",
+ r.out.domains->domains[i].name.name,
+ lsa_sid_string_talloc(mem_ctx, r.out.domains->domains[i].sid));
+ }
+ }
+
+ printf("lookup gave %d sids (sids.count=%d)\n", count, sids.count);
+ for (i=0;i<sids.count;i++) {
+ printf("sid_type=%d rid=%d sid_index=%d\n",
+ sids.sids[i].sid_type,
+ sids.sids[i].rid,
+ sids.sids[i].sid_index);
+ }
+
+ printf("\n");
+
+ return True;
+}
+
static BOOL test_LookupSids(struct dcerpc_pipe *p,
TALLOC_CTX *mem_ctx,
@@ -193,9 +256,12 @@ static BOOL test_LookupSids(struct dcerpc_pipe *p,
names.names[i].name.name);
}
-
printf("\n");
+ if (!test_LookupNames(p, mem_ctx, handle, &names)) {
+ return False;
+ }
+
return True;
}