diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/librpc/idl/lsa.idl | 31 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_lsa.c | 153 | ||||
-rw-r--r-- | source4/librpc/ndr/ndr_lsa.h | 27 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 40 |
4 files changed, 159 insertions, 92 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 7d652e2449..4582470980 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -129,9 +129,27 @@ /* Function: 0x0c */ NTSTATUS lsa_CreateTrustDom (); + /******************/ /* Function: 0x0d */ - NTSTATUS lsa_EnumTrustDom (); + + typedef struct { + lsa_Name name; + dom_sid2 *sid; + } lsa_TrustInformation; + + typedef struct { + uint32 count; + [size_is(count)] lsa_TrustInformation *domains; + uint32 max_count; + } lsa_RefDomainList; + + NTSTATUS lsa_EnumTrustDom ( + [in,ref] policy_handle *handle, + [in,out,ref] uint32 *resume_handle, + [in] uint32 num_entries, + [out] lsa_RefDomainList *domains + ); /******************/ @@ -148,17 +166,6 @@ [size_is(count)] lsa_TranslatedSid *sids; } lsa_TransSidArray; - typedef struct { - lsa_Name name; - dom_sid2 *sid; - } lsa_TrustInformation; - - typedef struct { - uint32 count; - [size_is(count)] lsa_TrustInformation *domains; - uint32 max_count; - } lsa_RefDomainList; - NTSTATUS lsa_LookupNames ( [in,ref] policy_handle *handle, [in] uint32 num_names, diff --git a/source4/librpc/ndr/ndr_lsa.c b/source4/librpc/ndr/ndr_lsa.c index b0ce82885d..c3ad9ab26f 100644 --- a/source4/librpc/ndr/ndr_lsa.c +++ b/source4/librpc/ndr/ndr_lsa.c @@ -486,146 +486,161 @@ NTSTATUS ndr_pull_lsa_CreateTrustDom(struct ndr_pull *ndr, struct lsa_CreateTrus return NT_STATUS_OK; } -NTSTATUS ndr_push_lsa_EnumTrustDom(struct ndr_push *ndr, struct lsa_EnumTrustDom *r) -{ - - return NT_STATUS_OK; -} - -NTSTATUS ndr_pull_lsa_EnumTrustDom(struct ndr_pull *ndr, struct lsa_EnumTrustDom *r) -{ - NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); - - return NT_STATUS_OK; -} - -static NTSTATUS ndr_push_lsa_TranslatedSid(struct ndr_push *ndr, int ndr_flags, struct lsa_TranslatedSid *r) +static NTSTATUS ndr_push_lsa_TrustInformation(struct ndr_push *ndr, int ndr_flags, struct lsa_TrustInformation *r) { if (!(ndr_flags & NDR_SCALARS)) goto buffers; - NDR_CHECK(ndr_push_uint16(ndr, r->sid_type)); - NDR_CHECK(ndr_push_uint32(ndr, r->rid)); - NDR_CHECK(ndr_push_uint32(ndr, r->sid_index)); + NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_push_ptr(ndr, r->sid)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name)); + if (r->sid) { + NDR_CHECK(ndr_push_dom_sid2(ndr, r->sid)); + } done: return NT_STATUS_OK; } -static NTSTATUS ndr_pull_lsa_TranslatedSid(struct ndr_pull *ndr, int ndr_flags, struct lsa_TranslatedSid *r) +static NTSTATUS ndr_pull_lsa_TrustInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_TrustInformation *r) { + uint32 _ptr_sid; if (!(ndr_flags & NDR_SCALARS)) goto buffers; - NDR_CHECK(ndr_pull_uint16(ndr, &r->sid_type)); - NDR_CHECK(ndr_pull_uint32(ndr, &r->rid)); - NDR_CHECK(ndr_pull_uint32(ndr, &r->sid_index)); + NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_ALLOC(ndr, r->sid); + } else { + r->sid = NULL; + } buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name)); + if (r->sid) { + NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + } done: return NT_STATUS_OK; } -static NTSTATUS ndr_push_lsa_TransSidArray(struct ndr_push *ndr, int ndr_flags, struct lsa_TransSidArray *r) +static NTSTATUS ndr_push_lsa_RefDomainList(struct ndr_push *ndr, int ndr_flags, struct lsa_RefDomainList *r) { if (!(ndr_flags & NDR_SCALARS)) goto buffers; NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_ptr(ndr, r->sids)); + NDR_CHECK(ndr_push_ptr(ndr, r->domains)); + NDR_CHECK(ndr_push_uint32(ndr, r->max_count)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->sids) { - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid)); + if (r->domains) { + NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->domains, sizeof(r->domains[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TrustInformation)); } done: return NT_STATUS_OK; } -static NTSTATUS ndr_pull_lsa_TransSidArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransSidArray *r) +static NTSTATUS ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_RefDomainList *r) { - uint32 _ptr_sids; + uint32 _ptr_domains; if (!(ndr_flags & NDR_SCALARS)) goto buffers; NDR_CHECK(ndr_pull_uint32(ndr, &r->count)); - NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sids)); - if (_ptr_sids) { - NDR_ALLOC(ndr, r->sids); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains)); + if (_ptr_domains) { + NDR_ALLOC(ndr, r->domains); } else { - r->sids = NULL; + r->domains = NULL; } + NDR_CHECK(ndr_pull_uint32(ndr, &r->max_count)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->sids) { - NDR_ALLOC_N_SIZE(ndr, r->sids, r->count, sizeof(r->sids[0])); - NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->sids, sizeof(r->sids[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TranslatedSid)); + if (r->domains) { + NDR_ALLOC_N_SIZE(ndr, r->domains, r->count, sizeof(r->domains[0])); + NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->domains, sizeof(r->domains[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TrustInformation)); } done: return NT_STATUS_OK; } -static NTSTATUS ndr_push_lsa_TrustInformation(struct ndr_push *ndr, int ndr_flags, struct lsa_TrustInformation *r) +NTSTATUS ndr_push_lsa_EnumTrustDom(struct ndr_push *ndr, struct lsa_EnumTrustDom *r) +{ + NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); + NDR_CHECK(ndr_push_uint32(ndr, *r->in.resume_handle)); + NDR_CHECK(ndr_push_uint32(ndr, r->in.num_entries)); + + return NT_STATUS_OK; +} + +NTSTATUS ndr_pull_lsa_EnumTrustDom(struct ndr_pull *ndr, struct lsa_EnumTrustDom *r) +{ + uint32 _ptr_domains; + NDR_CHECK(ndr_pull_uint32(ndr, r->out.resume_handle)); + NDR_ALLOC(ndr, r->out.domains); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains)); + if (_ptr_domains) { + NDR_ALLOC(ndr, r->out.domains); + } else { + r->out.domains = NULL; + } + if (r->out.domains) { + NDR_CHECK(ndr_pull_lsa_RefDomainList(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.domains)); + } + NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); + + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_TranslatedSid(struct ndr_push *ndr, int ndr_flags, struct lsa_TranslatedSid *r) { if (!(ndr_flags & NDR_SCALARS)) goto buffers; - NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name)); - NDR_CHECK(ndr_push_ptr(ndr, r->sid)); + NDR_CHECK(ndr_push_uint16(ndr, r->sid_type)); + NDR_CHECK(ndr_push_uint32(ndr, r->rid)); + NDR_CHECK(ndr_push_uint32(ndr, r->sid_index)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name)); - if (r->sid) { - NDR_CHECK(ndr_push_dom_sid2(ndr, r->sid)); - } done: return NT_STATUS_OK; } -static NTSTATUS ndr_pull_lsa_TrustInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_TrustInformation *r) +static NTSTATUS ndr_pull_lsa_TranslatedSid(struct ndr_pull *ndr, int ndr_flags, struct lsa_TranslatedSid *r) { - uint32 _ptr_sid; if (!(ndr_flags & NDR_SCALARS)) goto buffers; - NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name)); - NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sid)); - if (_ptr_sid) { - NDR_ALLOC(ndr, r->sid); - } else { - r->sid = NULL; - } + NDR_CHECK(ndr_pull_uint16(ndr, &r->sid_type)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->rid)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->sid_index)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name)); - if (r->sid) { - NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); - } done: return NT_STATUS_OK; } -static NTSTATUS ndr_push_lsa_RefDomainList(struct ndr_push *ndr, int ndr_flags, struct lsa_RefDomainList *r) +static NTSTATUS ndr_push_lsa_TransSidArray(struct ndr_push *ndr, int ndr_flags, struct lsa_TransSidArray *r) { if (!(ndr_flags & NDR_SCALARS)) goto buffers; NDR_CHECK(ndr_push_uint32(ndr, r->count)); - NDR_CHECK(ndr_push_ptr(ndr, r->domains)); - NDR_CHECK(ndr_push_uint32(ndr, r->max_count)); + NDR_CHECK(ndr_push_ptr(ndr, r->sids)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->domains) { - NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->domains, sizeof(r->domains[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TrustInformation)); + if (r->sids) { + NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->sids, sizeof(r->sids[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedSid)); } done: return NT_STATUS_OK; } -static NTSTATUS ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_RefDomainList *r) +static NTSTATUS ndr_pull_lsa_TransSidArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransSidArray *r) { - uint32 _ptr_domains; + uint32 _ptr_sids; if (!(ndr_flags & NDR_SCALARS)) goto buffers; NDR_CHECK(ndr_pull_uint32(ndr, &r->count)); - NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains)); - if (_ptr_domains) { - NDR_ALLOC(ndr, r->domains); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sids)); + if (_ptr_sids) { + NDR_ALLOC(ndr, r->sids); } else { - r->domains = NULL; + r->sids = NULL; } - NDR_CHECK(ndr_pull_uint32(ndr, &r->max_count)); buffers: if (!(ndr_flags & NDR_BUFFERS)) goto done; - if (r->domains) { - NDR_ALLOC_N_SIZE(ndr, r->domains, r->count, sizeof(r->domains[0])); - NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->domains, sizeof(r->domains[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TrustInformation)); + if (r->sids) { + NDR_ALLOC_N_SIZE(ndr, r->sids, r->count, sizeof(r->sids[0])); + NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->sids, sizeof(r->sids[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TranslatedSid)); } done: return NT_STATUS_OK; diff --git a/source4/librpc/ndr/ndr_lsa.h b/source4/librpc/ndr/ndr_lsa.h index 1436c8cfab..784ff1b2a4 100644 --- a/source4/librpc/ndr/ndr_lsa.h +++ b/source4/librpc/ndr/ndr_lsa.h @@ -186,11 +186,27 @@ struct lsa_CreateTrustDom { }; +struct lsa_TrustInformation { + struct lsa_Name name; + struct dom_sid2 *sid; +}; + +struct lsa_RefDomainList { + uint32 count; + struct lsa_TrustInformation *domains; + uint32 max_count; +}; + struct lsa_EnumTrustDom { struct { + struct policy_handle *handle; + uint32 *resume_handle; + uint32 num_entries; } in; struct { + uint32 *resume_handle; + struct lsa_RefDomainList *domains; NTSTATUS result; } out; @@ -207,17 +223,6 @@ struct lsa_TransSidArray { struct lsa_TranslatedSid *sids; }; -struct lsa_TrustInformation { - struct lsa_Name name; - struct dom_sid2 *sid; -}; - -struct lsa_RefDomainList { - uint32 count; - struct lsa_TrustInformation *domains; - uint32 max_count; -}; - struct lsa_LookupNames { struct { struct policy_handle *handle; diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 8e3a36bb74..90db819a33 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -368,6 +368,42 @@ static BOOL test_EnumPrivs(struct dcerpc_pipe *p, } +static BOOL test_EnumTrustDom(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + struct lsa_EnumTrustDom r; + NTSTATUS status; + int i; + uint32 resume_handle = 0; + + printf("\nTesting EnumTrustDom\n"); + + r.in.handle = handle; + r.in.resume_handle = &resume_handle; + r.in.num_entries = 1000; + r.out.resume_handle = &resume_handle; + + status = dcerpc_lsa_EnumTrustDom(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("EnumTrustDom failed - %s\n", nt_errstr(status)); + return False; + } + + if (r.out.domains) { + printf("lookup gave %d domains (max_count=%d)\n", + r.out.domains->count, + r.out.domains->max_count); + for (i=0;i<r.out.domains->count;i++) { + printf("name='%s' sid=%s\n", + r.out.domains->domains[i].name.name, + lsa_sid_string_talloc(mem_ctx, r.out.domains->domains[i].sid)); + } + } + + return True; +} + static BOOL test_Delete(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle) @@ -447,6 +483,10 @@ BOOL torture_rpc_lsa(int dummy) if (!test_EnumPrivs(p, mem_ctx, &handle)) { ret = False; } + + if (!test_EnumTrustDom(p, mem_ctx, &handle)) { + ret = False; + } #if 0 if (!test_Delete(p, mem_ctx, &handle)) { |