diff options
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/rpc_lsa.h | 63 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa.c | 31 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 70 |
3 files changed, 148 insertions, 16 deletions
diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index ce275d4ace..5ed321230e 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -185,6 +185,53 @@ typedef struct lsa_r_open_pol2_info } LSA_R_OPEN_POL2; + +#define POLICY_VIEW_LOCAL_INFORMATION 0x00000001 +#define POLICY_VIEW_AUDIT_INFORMATION 0x00000002 +#define POLICY_GET_PRIVATE_INFORMATION 0x00000004 +#define POLICY_TRUST_ADMIN 0x00000008 +#define POLICY_CREATE_ACCOUNT 0x00000010 +#define POLICY_CREATE_SECRET 0x00000020 +#define POLICY_CREATE_PRIVILEGE 0x00000040 +#define POLICY_SET_DEFAULT_QUOTA_LIMITS 0x00000080 +#define POLICY_SET_AUDIT_REQUIREMENTS 0x00000100 +#define POLICY_AUDIT_LOG_ADMIN 0x00000200 +#define POLICY_SERVER_ADMIN 0x00000400 +#define POLICY_LOOKUP_NAMES 0x00000800 + +#define POLICY_ALL_ACCESS ( STANDARD_RIGHTS_REQUIRED_ACCESS |\ + POLICY_VIEW_LOCAL_INFORMATION |\ + POLICY_VIEW_AUDIT_INFORMATION |\ + POLICY_GET_PRIVATE_INFORMATION |\ + POLICY_TRUST_ADMIN |\ + POLICY_CREATE_ACCOUNT |\ + POLICY_CREATE_SECRET |\ + POLICY_CREATE_PRIVILEGE |\ + POLICY_SET_DEFAULT_QUOTA_LIMITS |\ + POLICY_SET_AUDIT_REQUIREMENTS |\ + POLICY_AUDIT_LOG_ADMIN |\ + POLICY_SERVER_ADMIN |\ + POLICY_LOOKUP_NAMES ) + + +#define POLICY_READ ( STANDARD_RIGHTS_READ_ACCESS |\ + POLICY_VIEW_AUDIT_INFORMATION |\ + POLICY_GET_PRIVATE_INFORMATION) + +#define POLICY_WRITE ( STANDARD_RIGHTS_WRITE_ACCESS |\ + POLICY_TRUST_ADMIN |\ + POLICY_CREATE_ACCOUNT |\ + POLICY_CREATE_SECRET |\ + POLICY_CREATE_PRIVILEGE |\ + POLICY_SET_DEFAULT_QUOTA_LIMITS |\ + POLICY_SET_AUDIT_REQUIREMENTS |\ + POLICY_AUDIT_LOG_ADMIN |\ + POLICY_SERVER_ADMIN) + +#define POLICY_EXECUTE ( STANDARD_RIGHTS_EXECUTE_ACCESS |\ + POLICY_VIEW_LOCAL_INFORMATION |\ + POLICY_LOOKUP_NAMES ) + /* LSA_Q_QUERY_SEC_OBJ - LSA query security */ typedef struct lsa_query_sec_obj_info { @@ -624,22 +671,6 @@ typedef struct lsa_r_removeprivs } LSA_R_REMOVEPRIVS; - #endif /* _RPC_LSA_H */ -/* - -opnum 11: opensid: query: handle du domaine, sid du user -reply: handle, status - -opnum 12: getlistofprivs: query: handle du user -reply: ptr, nombre, nombre, tableau de 3 uint32: flag+priv.low+priv.high -uint32 0, status - -opnum 17: ?? query: handle -reply: uint32 + status - - -*/ - diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index d2b2c60f45..b05fb972be 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -574,6 +574,36 @@ static BOOL api_lsa_removeprivs(pipes_struct *p) return True; } +/*************************************************************************** + api_lsa_query_secobj + ***************************************************************************/ + +static BOOL api_lsa_query_secobj(pipes_struct *p) +{ + LSA_Q_QUERY_SEC_OBJ q_u; + LSA_R_QUERY_SEC_OBJ r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_query_sec_obj("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_query_secobj: failed to unmarshall LSA_Q_QUERY_SEC_OBJ.\n")); + return False; + } + + r_u.status = _lsa_query_secobj(p, &q_u, &r_u); + + /* store the response in the SMB stream */ + if(!lsa_io_r_query_sec_obj("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_query_secobj: Failed to marshall LSA_R_QUERY_SEC_OBJ.\n")); + return False; + } + + return True; +} /*************************************************************************** \PIPE\ntlsa commands @@ -599,6 +629,7 @@ static struct api_struct api_lsa_cmds[] = { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount }, { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, + { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, { NULL , 0 , NULL } }; diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index da5597132d..d5ea156eb6 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -913,3 +913,73 @@ NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEP return r_u->status; } +/*************************************************************************** + For a given SID, remove some privileges. + ***************************************************************************/ + +NTSTATUS _lsa_query_secobj(pipes_struct *p, LSA_Q_QUERY_SEC_OBJ *q_u, LSA_R_QUERY_SEC_OBJ *r_u) +{ + struct lsa_info *info=NULL; + extern DOM_SID global_sid_World; + extern DOM_SID global_sid_Builtin; + DOM_SID adm_sid; + + SEC_ACE ace[2]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + SEC_DESC *psd = NULL; + size_t sd_size; + + r_u->status = NT_STATUS_OK; + + /* find the connection policy handle. */ + if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) + return NT_STATUS_INVALID_HANDLE; + + + switch (q_u->sec_info) { + case 1: + /* SD contains only the owner */ + + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + if((psd = make_sec_desc(p->mem_ctx, SEC_DESC_REVISION, &adm_sid, NULL, NULL, NULL, &sd_size)) == NULL) + return NT_STATUS_NO_MEMORY; + + if((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) + return NT_STATUS_NO_MEMORY; + break; + case 4: + /* SD contains only the ACL */ + + init_sec_access(&mask, POLICY_EXECUTE); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + init_sec_access(&mask, POLICY_ALL_ACCESS); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if((psa = make_sec_acl(p->mem_ctx, NT4_ACL_REVISION, 2, ace)) == NULL) + return NT_STATUS_NO_MEMORY; + + if((psd = make_sec_desc(p->mem_ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, &sd_size)) == NULL) + return NT_STATUS_NO_MEMORY; + + if((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) + return NT_STATUS_NO_MEMORY; + break; + default: + return NT_STATUS_INVALID_LEVEL; + break; + } + + r_u->ptr=1; + + return r_u->status; +} + + |