diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/libnet/libnet_group.c | 6 | ||||
-rw-r--r-- | source4/libnet/libnet_rpc.c | 12 | ||||
-rw-r--r-- | source4/libnet/libnet_user.c | 8 | ||||
-rw-r--r-- | source4/librpc/idl/lsa.idl | 4 | ||||
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 37 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 30 | ||||
-rw-r--r-- | source4/torture/rpc/lsa_lookup.c | 4 | ||||
-rw-r--r-- | source4/torture/rpc/samba3rpc.c | 6 | ||||
-rw-r--r-- | source4/winbind/wb_init_domain.c | 7 |
9 files changed, 67 insertions, 47 deletions
diff --git a/source4/libnet/libnet_group.c b/source4/libnet/libnet_group.c index 50ba079b71..cae6d6d272 100644 --- a/source4/libnet/libnet_group.c +++ b/source4/libnet/libnet_group.c @@ -444,6 +444,8 @@ struct composite_context *libnet_GroupList_send(struct libnet_context *ctx, /* prepare arguments of QueryDomainInfo call */ s->query_domain.in.handle = &ctx->lsa.handle; s->query_domain.in.level = LSA_POLICY_INFO_DOMAIN; + s->query_domain.out.info = talloc_zero(c, union lsa_PolicyInformation *); + if (composite_nomem(s->query_domain.out.info, c)) return c; /* send the request */ query_req = dcerpc_lsa_QueryInfoPolicy_send(ctx->lsa.pipe, c, &s->query_domain); @@ -502,7 +504,7 @@ static void continue_domain_queried(struct rpc_request *req) if (!composite_is_ok(c)) return; /* get the returned domain info */ - s->dominfo = s->query_domain.out.info->domain; + s->dominfo = (*s->query_domain.out.info)->domain; /* make sure we have samr domain handle before continuing */ prereq_met = samr_domain_opened(s->ctx, s->domain_name, &c, &s->domain_open, @@ -592,7 +594,7 @@ static void continue_groups_enumerated(struct rpc_request *req) for (i = 0; i < s->group_list.out.sam->count; i++) { struct dom_sid *group_sid; struct samr_SamEntry *entry = &s->group_list.out.sam->entries[i]; - struct dom_sid *domain_sid = s->query_domain.out.info->domain.sid; + struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid; /* construct group sid from returned rid and queried domain sid */ group_sid = dom_sid_add_rid(c, domain_sid, entry->idx); diff --git a/source4/libnet/libnet_rpc.c b/source4/libnet/libnet_rpc.c index 28cbba2933..a0d93287a5 100644 --- a/source4/libnet/libnet_rpc.c +++ b/source4/libnet/libnet_rpc.c @@ -607,6 +607,8 @@ static void continue_lsa_policy(struct rpc_request *req) /* query lsa info for dns domain name and guid */ s->lsa_query_info2.in.handle = &s->lsa_handle; s->lsa_query_info2.in.level = LSA_POLICY_INFO_DNS; + s->lsa_query_info2.out.info = talloc_zero(c, union lsa_PolicyInformation *); + if (composite_nomem(s->lsa_query_info2.out.info, c)) return; query_info_req = dcerpc_lsa_QueryInfoPolicy2_send(s->lsa_pipe, c, &s->lsa_query_info2); if (composite_nomem(query_info_req, c)) return; @@ -658,13 +660,13 @@ static void continue_lsa_query_info2(struct rpc_request *req) /* Copy the dns domain name and guid from the query result */ /* this should actually be a conversion from lsa_StringLarge */ - s->r.out.realm = s->lsa_query_info2.out.info->dns.dns_domain.string; + s->r.out.realm = (*s->lsa_query_info2.out.info)->dns.dns_domain.string; s->r.out.guid = talloc(c, struct GUID); if (composite_nomem(s->r.out.guid, c)) { s->r.out.error_string = NULL; return; } - *s->r.out.guid = s->lsa_query_info2.out.info->dns.domain_guid; + *s->r.out.guid = (*s->lsa_query_info2.out.info)->dns.domain_guid; } /* post monitor message */ @@ -680,6 +682,8 @@ static void continue_lsa_query_info2(struct rpc_request *req) /* query lsa info for domain name and sid */ s->lsa_query_info.in.handle = &s->lsa_handle; s->lsa_query_info.in.level = LSA_POLICY_INFO_DOMAIN; + s->lsa_query_info.out.info = talloc_zero(c, union lsa_PolicyInformation *); + if (composite_nomem(s->lsa_query_info.out.info, c)) return; query_info_req = dcerpc_lsa_QueryInfoPolicy_send(s->lsa_pipe, c, &s->lsa_query_info); if (composite_nomem(query_info_req, c)) return; @@ -719,8 +723,8 @@ static void continue_lsa_query_info(struct rpc_request *req) } /* Copy the domain name and sid from the query result */ - s->r.out.domain_sid = s->lsa_query_info.out.info->domain.sid; - s->r.out.domain_name = s->lsa_query_info.out.info->domain.name.string; + s->r.out.domain_sid = (*s->lsa_query_info.out.info)->domain.sid; + s->r.out.domain_name = (*s->lsa_query_info.out.info)->domain.name.string; continue_epm_map_binding_send(c); } diff --git a/source4/libnet/libnet_user.c b/source4/libnet/libnet_user.c index dce7320c73..35b2432838 100644 --- a/source4/libnet/libnet_user.c +++ b/source4/libnet/libnet_user.c @@ -957,7 +957,9 @@ struct composite_context* libnet_UserList_send(struct libnet_context *ctx, /* prepare arguments of QueryDomainInfo call */ s->query_domain.in.handle = &ctx->lsa.handle; s->query_domain.in.level = LSA_POLICY_INFO_DOMAIN; - + s->query_domain.out.info = talloc_zero(c, union lsa_PolicyInformation *); + if (composite_nomem(s->query_domain.out.info, c)) return c; + /* send the request */ query_req = dcerpc_lsa_QueryInfoPolicy_send(ctx->lsa.pipe, c, &s->query_domain); if (composite_nomem(query_req, c)) return c; @@ -1015,7 +1017,7 @@ static void continue_domain_queried(struct rpc_request *req) if (!composite_is_ok(c)) return; /* get the returned domain info */ - s->dominfo = s->query_domain.out.info->domain; + s->dominfo = (*s->query_domain.out.info)->domain; /* make sure we have samr domain handle before continuing */ prereq_met = samr_domain_opened(s->ctx, s->domain_name, &c, &s->domain_open, @@ -1107,7 +1109,7 @@ static void continue_users_enumerated(struct rpc_request *req) for (i = 0; i < s->user_list.out.sam->count; i++) { struct dom_sid *user_sid; struct samr_SamEntry *entry = &s->user_list.out.sam->entries[i]; - struct dom_sid *domain_sid = s->query_domain.out.info->domain.sid; + struct dom_sid *domain_sid = (*s->query_domain.out.info)->domain.sid; /* construct user sid from returned rid and queried domain sid */ user_sid = dom_sid_add_rid(c, domain_sid, entry->idx); diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index a4d5aa964c..2ed267789d 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -289,7 +289,7 @@ import "misc.idl", "security.idl"; NTSTATUS lsa_QueryInfoPolicy( [in] policy_handle *handle, [in] lsa_PolicyInfo level, - [out,unique,switch_is(level)] lsa_PolicyInformation *info + [out,ref,switch_is(level)] lsa_PolicyInformation **info ); /******************/ @@ -883,7 +883,7 @@ import "misc.idl", "security.idl"; NTSTATUS lsa_QueryInfoPolicy2( [in] policy_handle *handle, [in] lsa_PolicyInfo level, - [out,unique,switch_is(level)] lsa_PolicyInformation *info + [out,ref,switch_is(level)] lsa_PolicyInformation **info ); /* Function 0x2f */ diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 01c0b03295..e279161375 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -434,67 +434,67 @@ static NTSTATUS dcesrv_lsa_QueryInfoPolicy2(struct dcesrv_call_state *dce_call, { struct lsa_policy_state *state; struct dcesrv_handle *h; + union lsa_PolicyInformation *info; - r->out.info = NULL; + *r->out.info = NULL; DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY); state = h->data; - r->out.info = talloc(mem_ctx, union lsa_PolicyInformation); - if (!r->out.info) { + info = talloc_zero(mem_ctx, union lsa_PolicyInformation); + if (!info) { return NT_STATUS_NO_MEMORY; } - - ZERO_STRUCTP(r->out.info); + *r->out.info = info; switch (r->in.level) { case LSA_POLICY_INFO_AUDIT_LOG: /* we don't need to fill in any of this */ - ZERO_STRUCT(r->out.info->audit_log); + ZERO_STRUCT(info->audit_log); return NT_STATUS_OK; case LSA_POLICY_INFO_AUDIT_EVENTS: /* we don't need to fill in any of this */ - ZERO_STRUCT(r->out.info->audit_events); + ZERO_STRUCT(info->audit_events); return NT_STATUS_OK; case LSA_POLICY_INFO_PD: /* we don't need to fill in any of this */ - ZERO_STRUCT(r->out.info->pd); + ZERO_STRUCT(info->pd); return NT_STATUS_OK; case LSA_POLICY_INFO_DOMAIN: - return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &r->out.info->domain); + return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &info->domain); case LSA_POLICY_INFO_ACCOUNT_DOMAIN: - return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &r->out.info->account_domain); + return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &info->account_domain); case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN: - return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &r->out.info->l_account_domain); + return dcesrv_lsa_info_AccountDomain(state, mem_ctx, &info->l_account_domain); case LSA_POLICY_INFO_ROLE: - r->out.info->role.role = LSA_ROLE_PRIMARY; + info->role.role = LSA_ROLE_PRIMARY; return NT_STATUS_OK; case LSA_POLICY_INFO_DNS: case LSA_POLICY_INFO_DNS_INT: - return dcesrv_lsa_info_DNS(state, mem_ctx, &r->out.info->dns); + return dcesrv_lsa_info_DNS(state, mem_ctx, &info->dns); case LSA_POLICY_INFO_REPLICA: - ZERO_STRUCT(r->out.info->replica); + ZERO_STRUCT(info->replica); return NT_STATUS_OK; case LSA_POLICY_INFO_QUOTA: - ZERO_STRUCT(r->out.info->quota); + ZERO_STRUCT(info->quota); return NT_STATUS_OK; case LSA_POLICY_INFO_MOD: case LSA_POLICY_INFO_AUDIT_FULL_SET: case LSA_POLICY_INFO_AUDIT_FULL_QUERY: /* windows gives INVALID_PARAMETER */ - r->out.info = NULL; + *r->out.info = NULL; return NT_STATUS_INVALID_PARAMETER; } - r->out.info = NULL; + *r->out.info = NULL; return NT_STATUS_INVALID_INFO_CLASS; } @@ -511,11 +511,10 @@ static NTSTATUS dcesrv_lsa_QueryInfoPolicy(struct dcesrv_call_state *dce_call, T r2.in.handle = r->in.handle; r2.in.level = r->in.level; + r2.out.info = r->out.info; status = dcesrv_lsa_QueryInfoPolicy2(dce_call, mem_ctx, &r2); - r->out.info = r2.out.info; - return status; } diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index a4dd2e13dd..454afabc50 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -2352,6 +2352,7 @@ static bool test_QueryInfoPolicyCalls( bool version2, struct policy_handle *handle) { struct lsa_QueryInfoPolicy r; + union lsa_PolicyInformation *info = NULL; NTSTATUS status; int i; bool ret = true; @@ -2364,6 +2365,7 @@ static bool test_QueryInfoPolicyCalls( bool version2, for (i=1;i<=14;i++) { r.in.handle = handle; r.in.level = i; + r.out.info = &info; if (version2) printf("\nTrying QueryInfoPolicy2 level %d\n", i); @@ -2433,33 +2435,33 @@ static bool test_QueryInfoPolicyCalls( bool version2, struct lsa_TransNameArray tnames; tnames.count = 14; tnames.names = talloc_zero_array(tctx, struct lsa_TranslatedName, tnames.count); - tnames.names[0].name.string = r.out.info->dns.name.string; + tnames.names[0].name.string = info->dns.name.string; tnames.names[0].sid_type = SID_NAME_DOMAIN; - tnames.names[1].name.string = r.out.info->dns.dns_domain.string; + tnames.names[1].name.string = info->dns.dns_domain.string; tnames.names[1].sid_type = SID_NAME_DOMAIN; - tnames.names[2].name.string = talloc_asprintf(tctx, "%s\\", r.out.info->dns.name.string); + tnames.names[2].name.string = talloc_asprintf(tctx, "%s\\", info->dns.name.string); tnames.names[2].sid_type = SID_NAME_DOMAIN; - tnames.names[3].name.string = talloc_asprintf(tctx, "%s\\", r.out.info->dns.dns_domain.string); + tnames.names[3].name.string = talloc_asprintf(tctx, "%s\\", info->dns.dns_domain.string); tnames.names[3].sid_type = SID_NAME_DOMAIN; - tnames.names[4].name.string = talloc_asprintf(tctx, "%s\\guest", r.out.info->dns.name.string); + tnames.names[4].name.string = talloc_asprintf(tctx, "%s\\guest", info->dns.name.string); tnames.names[4].sid_type = SID_NAME_USER; - tnames.names[5].name.string = talloc_asprintf(tctx, "%s\\krbtgt", r.out.info->dns.name.string); + tnames.names[5].name.string = talloc_asprintf(tctx, "%s\\krbtgt", info->dns.name.string); tnames.names[5].sid_type = SID_NAME_USER; - tnames.names[6].name.string = talloc_asprintf(tctx, "%s\\guest", r.out.info->dns.dns_domain.string); + tnames.names[6].name.string = talloc_asprintf(tctx, "%s\\guest", info->dns.dns_domain.string); tnames.names[6].sid_type = SID_NAME_USER; - tnames.names[7].name.string = talloc_asprintf(tctx, "%s\\krbtgt", r.out.info->dns.dns_domain.string); + tnames.names[7].name.string = talloc_asprintf(tctx, "%s\\krbtgt", info->dns.dns_domain.string); tnames.names[7].sid_type = SID_NAME_USER; - tnames.names[8].name.string = talloc_asprintf(tctx, "krbtgt@%s", r.out.info->dns.name.string); + tnames.names[8].name.string = talloc_asprintf(tctx, "krbtgt@%s", info->dns.name.string); tnames.names[8].sid_type = SID_NAME_USER; - tnames.names[9].name.string = talloc_asprintf(tctx, "krbtgt@%s", r.out.info->dns.dns_domain.string); + tnames.names[9].name.string = talloc_asprintf(tctx, "krbtgt@%s", info->dns.dns_domain.string); tnames.names[9].sid_type = SID_NAME_USER; - tnames.names[10].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", r.out.info->dns.name.string); + tnames.names[10].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", info->dns.name.string); tnames.names[10].sid_type = SID_NAME_USER; - tnames.names[11].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", r.out.info->dns.dns_domain.string); + tnames.names[11].name.string = talloc_asprintf(tctx, "%s\\"TEST_MACHINENAME "$", info->dns.dns_domain.string); tnames.names[11].sid_type = SID_NAME_USER; - tnames.names[12].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", r.out.info->dns.name.string); + tnames.names[12].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", info->dns.name.string); tnames.names[12].sid_type = SID_NAME_USER; - tnames.names[13].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", r.out.info->dns.dns_domain.string); + tnames.names[13].name.string = talloc_asprintf(tctx, TEST_MACHINENAME "$@%s", info->dns.dns_domain.string); tnames.names[13].sid_type = SID_NAME_USER; ret &= test_LookupNames(p, tctx, handle, &tnames); diff --git a/source4/torture/rpc/lsa_lookup.c b/source4/torture/rpc/lsa_lookup.c index beb299b597..0124ce1741 100644 --- a/source4/torture/rpc/lsa_lookup.c +++ b/source4/torture/rpc/lsa_lookup.c @@ -66,15 +66,17 @@ static bool get_domainsid(TALLOC_CTX *mem_ctx, struct dcerpc_pipe *p, struct dom_sid **sid) { struct lsa_QueryInfoPolicy r; + union lsa_PolicyInformation *info = NULL; NTSTATUS status; r.in.level = LSA_POLICY_INFO_DOMAIN; r.in.handle = handle; + r.out.info = &info; status = dcerpc_lsa_QueryInfoPolicy(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) return false; - *sid = r.out.info->domain.sid; + *sid = info->domain.sid; return true; } diff --git a/source4/torture/rpc/samba3rpc.c b/source4/torture/rpc/samba3rpc.c index dc904fccf1..a45397de46 100644 --- a/source4/torture/rpc/samba3rpc.c +++ b/source4/torture/rpc/samba3rpc.c @@ -208,6 +208,7 @@ static bool bindtest(struct smbcli_state *cli, struct lsa_ObjectAttribute objectattr; struct lsa_OpenPolicy2 openpolicy; struct lsa_QueryInfoPolicy query; + union lsa_PolicyInformation *info = NULL; struct policy_handle handle; struct lsa_Close close_handle; @@ -256,6 +257,7 @@ static bool bindtest(struct smbcli_state *cli, query.in.handle = &handle; query.in.level = LSA_POLICY_INFO_DOMAIN; + query.out.info = &info; status = dcerpc_lsa_QueryInfoPolicy(lsa_pipe, mem_ctx, &query); if (!NT_STATUS_IS_OK(status)) { @@ -2393,8 +2395,10 @@ bool torture_samba3_rpc_lsa(struct torture_context *torture) for (i=0; i<ARRAY_SIZE(levels); i++) { struct lsa_QueryInfoPolicy r; + union lsa_PolicyInformation *info = NULL; r.in.handle = &lsa_handle; r.in.level = levels[i]; + r.out.info = &info; status = dcerpc_lsa_QueryInfoPolicy(p, mem_ctx, &r); if (!NT_STATUS_IS_OK(status)) { d_printf("(%s) dcerpc_lsa_QueryInfoPolicy %d " @@ -2404,7 +2408,7 @@ bool torture_samba3_rpc_lsa(struct torture_context *torture) return false; } if (levels[i] == 5) { - domain_sid = r.out.info->account_domain.sid; + domain_sid = info->account_domain.sid; } } } diff --git a/source4/winbind/wb_init_domain.c b/source4/winbind/wb_init_domain.c index c6dee825a9..531647def8 100644 --- a/source4/winbind/wb_init_domain.c +++ b/source4/winbind/wb_init_domain.c @@ -70,6 +70,7 @@ struct init_domain_state { struct lsa_ObjectAttribute objectattr; struct lsa_OpenPolicy2 lsa_openpolicy; struct lsa_QueryInfoPolicy queryinfo; + union lsa_PolicyInformation *info; }; static void init_domain_recv_netlogonpipe(struct composite_context *ctx); @@ -326,8 +327,12 @@ static void init_domain_recv_lsa_policy(struct rpc_request *req) state->ctx->status = state->lsa_openpolicy.out.result; if (!composite_is_ok(state->ctx)) return; + state->info = talloc_zero(state->ctx, union lsa_PolicyInformation); + if (composite_nomem(state->info, state->ctx)) return; + state->queryinfo.in.handle = &state->domain->libnet_ctx->lsa.handle; state->queryinfo.in.level = LSA_POLICY_INFO_ACCOUNT_DOMAIN; + state->queryinfo.out.info = &state->info; req = dcerpc_lsa_QueryInfoPolicy_send(state->domain->libnet_ctx->lsa.pipe, state, &state->queryinfo); @@ -347,7 +352,7 @@ static void init_domain_recv_queryinfo(struct rpc_request *req) state->ctx->status = state->queryinfo.out.result; if (!composite_is_ok(state->ctx)) return; - dominfo = &state->queryinfo.out.info->account_domain; + dominfo = &(*state->queryinfo.out.info)->account_domain; if (strcasecmp(state->domain->info->name, dominfo->name.string) != 0) { DEBUG(2, ("Expected domain name %s, DC %s said %s\n", |