summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/rpc_server/lsa/srv_lsa_nt.c71
1 files changed, 63 insertions, 8 deletions
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c
index dade1ea59f..bb582b9cf7 100644
--- a/source3/rpc_server/lsa/srv_lsa_nt.c
+++ b/source3/rpc_server/lsa/srv_lsa_nt.c
@@ -1997,6 +1997,47 @@ NTSTATUS _lsa_CloseTrustedDomainEx(struct pipes_struct *p,
_lsa_QueryTrustedDomainInfo
***************************************************************************/
+static NTSTATUS pdb_trusted_domain_2_info_ex(TALLOC_CTX *mem_ctx,
+ struct pdb_trusted_domain *td,
+ struct lsa_TrustDomainInfoInfoEx *info_ex)
+{
+ if (td->domain_name == NULL ||
+ td->netbios_name == NULL ||
+ is_null_sid(&td->security_identifier)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ info_ex->domain_name.string = talloc_strdup(mem_ctx, td->domain_name);
+ info_ex->netbios_name.string = talloc_strdup(mem_ctx, td->netbios_name);
+ info_ex->sid = dom_sid_dup(mem_ctx, &td->security_identifier);
+ if (info_ex->domain_name.string == NULL ||
+ info_ex->netbios_name.string == NULL ||
+ info_ex->sid == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ info_ex->trust_direction = td->trust_direction;
+ info_ex->trust_type = td->trust_type;
+ info_ex->trust_attributes = td->trust_attributes;
+
+ return NT_STATUS_OK;
+}
+
+static NTSTATUS pdb_trusted_domain_2_auth_info(struct pdb_trusted_domain *td,
+ struct lsa_TrustDomainInfoAuthInfo *auth_info)
+{
+/* If I understand it correctly lsa_TrustDomainInfoAuthInfo is send unencrypted
+ * and related calls should not be used. If there is a use case, it can be
+ * implemented later. */
+ auth_info->incoming_count = 0;
+ auth_info->incoming_current_auth_info = NULL;
+ auth_info->incoming_previous_auth_info = NULL;
+ auth_info->outgoing_count = 0;
+ auth_info->outgoing_current_auth_info = NULL;
+ auth_info->outgoing_previous_auth_info = NULL;
+ return NT_STATUS_OK;
+}
+
NTSTATUS _lsa_QueryTrustedDomainInfo(struct pipes_struct *p,
struct lsa_QueryTrustedDomainInfo *r)
{
@@ -2086,25 +2127,32 @@ NTSTATUS _lsa_QueryTrustedDomainInfo(struct pipes_struct *p,
case LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS:
return NT_STATUS_INVALID_PARAMETER;
case LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET:
+ info->posix_offset.posix_offset = *td->trust_posix_offset;
break;
case LSA_TRUSTED_DOMAIN_INFO_PASSWORD:
return NT_STATUS_INVALID_INFO_CLASS;
case LSA_TRUSTED_DOMAIN_INFO_BASIC:
return NT_STATUS_INVALID_PARAMETER;
case LSA_TRUSTED_DOMAIN_INFO_INFO_EX:
- init_lsa_StringLarge(&info->info_ex.domain_name, td->domain_name);
- init_lsa_StringLarge(&info->info_ex.netbios_name, td->netbios_name);
- info->info_ex.sid = dom_sid_dup(info, &td->security_identifier);
- if (!info->info_ex.sid) {
- return NT_STATUS_NO_MEMORY;
+ status = pdb_trusted_domain_2_info_ex(info, td, &info->info_ex);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
}
- info->info_ex.trust_direction = td->trust_direction;
- info->info_ex.trust_type = td->trust_type;
- info->info_ex.trust_attributes = td->trust_attributes;
break;
case LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO:
return NT_STATUS_INVALID_INFO_CLASS;
case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO:
+ status = pdb_trusted_domain_2_info_ex(info, td,
+ &info->full_info.info_ex);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ info->full_info.posix_offset.posix_offset = *td->trust_posix_offset;
+ status = pdb_trusted_domain_2_auth_info(td,
+ &info->full_info.auth_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
break;
case LSA_TRUSTED_DOMAIN_INFO_AUTH_INFO_INTERNAL:
return NT_STATUS_INVALID_INFO_CLASS;
@@ -2113,8 +2161,15 @@ NTSTATUS _lsa_QueryTrustedDomainInfo(struct pipes_struct *p,
case LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL:
return NT_STATUS_INVALID_PARAMETER;
case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL:
+ info->full_info2_internal.posix_offset.posix_offset = *td->trust_posix_offset;
+ status = pdb_trusted_domain_2_auth_info(td,
+ &info->full_info2_internal.auth_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
break;
case LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRYPTION_TYPES:
+ info->enc_types.enc_types = *td->supported_enc_type;
break;
default:
return NT_STATUS_INVALID_PARAMETER;