diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/librpc/idl/lsa.idl | 2 | ||||
-rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 32 | ||||
-rw-r--r-- | source4/torture/rpc/lsa.c | 40 | ||||
-rw-r--r-- | source4/torture/rpc/samsync.c | 4 |
4 files changed, 44 insertions, 34 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 9cc39d8d2e..3803100785 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -716,7 +716,7 @@ import "misc.idl", "security.idl"; NTSTATUS lsa_QueryTrustedDomainInfo( [in] policy_handle *trustdom_handle, [in] lsa_TrustDomInfoEnum level, - [out,switch_is(level),unique] lsa_TrustedDomainInfo *info + [out,switch_is(level),ref] lsa_TrustedDomainInfo **info ); /* Function: 0x1b */ diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 9989e031de..371510cc98 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -1314,6 +1314,7 @@ static NTSTATUS fill_trust_domain_ex(TALLOC_CTX *mem_ctx, static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, struct lsa_QueryTrustedDomainInfo *r) { + union lsa_TrustedDomainInfo *info = NULL; struct dcesrv_handle *h; struct lsa_trusted_domain_state *trusted_domain_state; struct ldb_message *msg; @@ -1342,17 +1343,19 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_ } msg = res[0]; - r->out.info = talloc(mem_ctx, union lsa_TrustedDomainInfo); - if (!r->out.info) { + info = talloc_zero(mem_ctx, union lsa_TrustedDomainInfo); + if (!info) { return NT_STATUS_NO_MEMORY; } + *r->out.info = info; + switch (r->in.level) { case LSA_TRUSTED_DOMAIN_INFO_NAME: - r->out.info->name.netbios_name.string + info->name.netbios_name.string = samdb_result_string(msg, "flatname", NULL); break; case LSA_TRUSTED_DOMAIN_INFO_POSIX_OFFSET: - r->out.info->posix_offset.posix_offset + info->posix_offset.posix_offset = samdb_result_uint(msg, "posixOffset", 0); break; #if 0 /* Win2k3 doesn't implement this */ @@ -1364,32 +1367,32 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_ break; #endif case LSA_TRUSTED_DOMAIN_INFO_INFO_EX: - return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->info_ex); + return fill_trust_domain_ex(mem_ctx, msg, &info->info_ex); case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO: - ZERO_STRUCT(r->out.info->full_info); - return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->full_info.info_ex); + ZERO_STRUCT(info->full_info); + return fill_trust_domain_ex(mem_ctx, msg, &info->full_info.info_ex); case LSA_TRUSTED_DOMAIN_INFO_FULL_INFO_2_INTERNAL: - ZERO_STRUCT(r->out.info->full_info2_internal); - r->out.info->full_info2_internal.posix_offset.posix_offset + ZERO_STRUCT(info->full_info2_internal); + info->full_info2_internal.posix_offset.posix_offset = samdb_result_uint(msg, "posixOffset", 0); - return fill_trust_domain_ex(mem_ctx, msg, &r->out.info->full_info2_internal.info.info_ex); + return fill_trust_domain_ex(mem_ctx, msg, &info->full_info2_internal.info.info_ex); case LSA_TRUSTED_DOMAIN_SUPPORTED_ENCRTYPION_TYPES: - r->out.info->enc_types.enc_types + info->enc_types.enc_types = samdb_result_uint(msg, "msDs-supportedEncryptionTypes", KERB_ENCTYPE_RC4_HMAC_MD5); break; case LSA_TRUSTED_DOMAIN_INFO_CONTROLLERS: case LSA_TRUSTED_DOMAIN_INFO_INFO_EX2_INTERNAL: /* oops, we don't want to return the info after all */ - talloc_free(r->out.info); + talloc_free(info); r->out.info = NULL; return NT_STATUS_INVALID_PARAMETER; default: /* oops, we don't want to return the info after all */ - talloc_free(r->out.info); + talloc_free(info); r->out.info = NULL; return NT_STATUS_INVALID_INFO_CLASS; } @@ -1407,6 +1410,7 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state NTSTATUS status; struct lsa_OpenTrustedDomain open; struct lsa_QueryTrustedDomainInfo query; + union lsa_TrustedDomainInfo *info; struct dcesrv_handle *h; open.in.handle = r->in.handle; open.in.sid = r->in.dom_sid; @@ -1423,7 +1427,7 @@ static NTSTATUS dcesrv_lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state /* Ensure this handle goes away at the end of this call */ DCESRV_PULL_HANDLE(h, open.out.trustdom_handle, DCESRV_HANDLE_ANY); talloc_steal(mem_ctx, h); - + query.in.trustdom_handle = open.out.trustdom_handle; query.in.level = r->in.level; query.out.info = r->out.info; diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 34e3c1b78d..87408b816e 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -1805,7 +1805,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, for (j=0; j < ARRAY_SIZE(levels); j++) { struct lsa_QueryTrustedDomainInfo q; - union lsa_TrustedDomainInfo info; + union lsa_TrustedDomainInfo *info = NULL; q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[j]; q.out.info = &info; @@ -1876,7 +1876,7 @@ static bool test_query_each_TrustDom(struct dcerpc_pipe *p, for (j=0; j < ARRAY_SIZE(levels); j++) { struct lsa_QueryTrustedDomainInfo q; - union lsa_TrustedDomainInfo info; + union lsa_TrustedDomainInfo *info = NULL; q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[j]; q.out.info = &info; @@ -2067,6 +2067,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, struct dom_sid *domsid[12]; struct policy_handle trustdom_handle[12]; struct lsa_QueryTrustedDomainInfo q; + union lsa_TrustedDomainInfo *info = NULL; int i; printf("\nTesting CreateTrustedDomain for 12 domains\n"); @@ -2101,6 +2102,7 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, q.in.trustdom_handle = &trustdom_handle[i]; q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX; + q.out.info = &info; status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); if (!NT_STATUS_IS_OK(status)) { printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status)); @@ -2108,24 +2110,24 @@ static bool test_CreateTrustedDomain(struct dcerpc_pipe *p, } else if (!q.out.info) { ret = false; } else { - if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.name.string) != 0) { + if (strcmp(info->info_ex.netbios_name.string, trustinfo.name.string) != 0) { printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n", - q.out.info->info_ex.netbios_name.string, trustinfo.name.string); + info->info_ex.netbios_name.string, trustinfo.name.string); ret = false; } - if (q.out.info->info_ex.trust_type != LSA_TRUST_TYPE_DOWNLEVEL) { + if (info->info_ex.trust_type != LSA_TRUST_TYPE_DOWNLEVEL) { printf("QueryTrustedDomainInfo of %s returned incorrect trust type %d != %d\n", - trust_name, q.out.info->info_ex.trust_type, LSA_TRUST_TYPE_DOWNLEVEL); + trust_name, info->info_ex.trust_type, LSA_TRUST_TYPE_DOWNLEVEL); ret = false; } - if (q.out.info->info_ex.trust_attributes != 0) { + if (info->info_ex.trust_attributes != 0) { printf("QueryTrustedDomainInfo of %s returned incorrect trust attributes %d != %d\n", - trust_name, q.out.info->info_ex.trust_attributes, 0); + trust_name, info->info_ex.trust_attributes, 0); ret = false; } - if (q.out.info->info_ex.trust_direction != LSA_TRUST_DIRECTION_OUTBOUND) { + if (info->info_ex.trust_direction != LSA_TRUST_DIRECTION_OUTBOUND) { printf("QueryTrustedDomainInfo of %s returned incorrect trust direction %d != %d\n", - trust_name, q.out.info->info_ex.trust_direction, LSA_TRUST_DIRECTION_OUTBOUND); + trust_name, info->info_ex.trust_direction, LSA_TRUST_DIRECTION_OUTBOUND); ret = false; } } @@ -2161,6 +2163,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, struct dom_sid *domsid[12]; struct policy_handle trustdom_handle[12]; struct lsa_QueryTrustedDomainInfo q; + union lsa_TrustedDomainInfo *info = NULL; DATA_BLOB session_key; enum ndr_err_code ndr_err; int i; @@ -2233,6 +2236,7 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, q.in.trustdom_handle = &trustdom_handle[i]; q.in.level = LSA_TRUSTED_DOMAIN_INFO_INFO_EX; + q.out.info = &info; status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); if (!NT_STATUS_IS_OK(status)) { printf("QueryTrustedDomainInfo level 1 failed - %s\n", nt_errstr(status)); @@ -2241,24 +2245,24 @@ static bool test_CreateTrustedDomainEx2(struct dcerpc_pipe *p, printf("QueryTrustedDomainInfo level 1 failed to return an info pointer\n"); ret = false; } else { - if (strcmp(q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) { + if (strcmp(info->info_ex.netbios_name.string, trustinfo.netbios_name.string) != 0) { printf("QueryTrustedDomainInfo returned inconsistant short name: %s != %s\n", - q.out.info->info_ex.netbios_name.string, trustinfo.netbios_name.string); + info->info_ex.netbios_name.string, trustinfo.netbios_name.string); ret = false; } - if (q.out.info->info_ex.trust_type != trustinfo.trust_type) { + if (info->info_ex.trust_type != trustinfo.trust_type) { printf("QueryTrustedDomainInfo of %s returned incorrect trust type %d != %d\n", - trust_name, q.out.info->info_ex.trust_type, trustinfo.trust_type); + trust_name, info->info_ex.trust_type, trustinfo.trust_type); ret = false; } - if (q.out.info->info_ex.trust_attributes != LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) { + if (info->info_ex.trust_attributes != LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION) { printf("QueryTrustedDomainInfo of %s returned incorrect trust attributes %d != %d\n", - trust_name, q.out.info->info_ex.trust_attributes, LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION); + trust_name, info->info_ex.trust_attributes, LSA_TRUST_ATTRIBUTE_USES_RC4_ENCRYPTION); ret = false; } - if (q.out.info->info_ex.trust_direction != trustinfo.trust_direction) { + if (info->info_ex.trust_direction != trustinfo.trust_direction) { printf("QueryTrustedDomainInfo of %s returned incorrect trust direction %d != %d\n", - trust_name, q.out.info->info_ex.trust_direction, trustinfo.trust_direction); + trust_name, info->info_ex.trust_direction, trustinfo.trust_direction); ret = false; } } diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c index 14c05b2c05..fdd86da28c 100644 --- a/source4/torture/rpc/samsync.c +++ b/source4/torture/rpc/samsync.c @@ -967,6 +967,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st struct policy_handle trustdom_handle; struct lsa_QueryTrustedDomainInfo q; union lsa_TrustedDomainInfo *info[9]; + union lsa_TrustedDomainInfo *_info = NULL; int levels [] = {1, 3, 8}; int i; @@ -987,6 +988,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st for (i=0; i< ARRAY_SIZE(levels); i++) { q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[i]; + q.out.info = &_info; status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q); if (!NT_STATUS_IS_OK(status)) { if (q.in.level == 8 && NT_STATUS_EQUAL(status,NT_STATUS_INVALID_PARAMETER)) { @@ -997,7 +999,7 @@ static bool samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st levels[i], nt_errstr(status)); return false; } - info[levels[i]] = q.out.info; + info[levels[i]] = _info; } if (info[8]) { |