From 497e01e93e642ce8dd9ef77d0c3f0e61e19a765d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sat, 15 Nov 2003 08:06:39 +0000 Subject: added samr_OpenDomain() and samr_QueryDomainInfo() level 1 (This used to be commit 2d9c055c1be7187ae890e46edba74bf4fedbc9db) --- source4/librpc/idl/samr.idl | 26 +++++++++++- source4/librpc/ndr/ndr_samr.c | 93 +++++++++++++++++++++++++++++++++++++++++-- source4/librpc/ndr/ndr_samr.h | 27 +++++++++++-- source4/librpc/rpc/rpc_samr.c | 16 ++++---- source4/torture/rpc/samr.c | 67 +++++++++++++++++++++++++++++-- 5 files changed, 207 insertions(+), 22 deletions(-) diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl index 6017f73f4e..440b5ab9e7 100644 --- a/source4/librpc/idl/samr.idl +++ b/source4/librpc/idl/samr.idl @@ -72,11 +72,33 @@ /************************/ /* Function 0x07 */ - NTSTATUS samr_OPEN_DOMAIN(); + NTSTATUS samr_OpenDomain( + [in,ref] policy_handle *handle, + [in] uint32 access_mask, + [in,ref] dom_sid2 *sid, + [out,ref] policy_handle *domain_handle + ); /************************/ /* Function 0x08 */ - NTSTATUS samr_QUERY_DOMAIN_INFO(); + + typedef struct { + uint16 min_length_password; + uint16 password_history; + uint32 flag; + NTTIME expire; + NTTIME min_passwordage; + } samr_DomInfo1; + + typedef union { + case(1) samr_DomInfo1 info1; + } samr_DomainInfo; + + NTSTATUS samr_QueryDomainInfo( + [in,ref] policy_handle *handle, + [in] uint16 level, + [out,switch_is(level)] samr_DomainInfo *info + ); /************************/ /* Function 0x09 */ diff --git a/source4/librpc/ndr/ndr_samr.c b/source4/librpc/ndr/ndr_samr.c index 8a972b426f..10f30afa2c 100644 --- a/source4/librpc/ndr/ndr_samr.c +++ b/source4/librpc/ndr/ndr_samr.c @@ -70,14 +70,19 @@ NTSTATUS ndr_push_samr_EnumDomains(struct ndr_push *ndr, struct samr_EnumDomains return NT_STATUS_OK; } -NTSTATUS ndr_push_samr_OPEN_DOMAIN(struct ndr_push *ndr, struct samr_OPEN_DOMAIN *r) +NTSTATUS ndr_push_samr_OpenDomain(struct ndr_push *ndr, struct samr_OpenDomain *r) { + NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); + NDR_CHECK(ndr_push_uint32(ndr, r->in.access_mask)); + NDR_CHECK(ndr_push_dom_sid2(ndr, r->in.sid)); return NT_STATUS_OK; } -NTSTATUS ndr_push_samr_QUERY_DOMAIN_INFO(struct ndr_push *ndr, struct samr_QUERY_DOMAIN_INFO *r) +NTSTATUS ndr_push_samr_QueryDomainInfo(struct ndr_push *ndr, struct samr_QueryDomainInfo *r) { + NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); + NDR_CHECK(ndr_push_uint16(ndr, r->in.level)); return NT_STATUS_OK; } @@ -578,15 +583,70 @@ NTSTATUS ndr_pull_samr_EnumDomains(struct ndr_pull *ndr, struct samr_EnumDomains return NT_STATUS_OK; } -NTSTATUS ndr_pull_samr_OPEN_DOMAIN(struct ndr_pull *ndr, struct samr_OPEN_DOMAIN *r) +NTSTATUS ndr_pull_samr_OpenDomain(struct ndr_pull *ndr, struct samr_OpenDomain *r) { + NDR_CHECK(ndr_pull_policy_handle(ndr, r->out.domain_handle)); NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); return NT_STATUS_OK; } -NTSTATUS ndr_pull_samr_QUERY_DOMAIN_INFO(struct ndr_pull *ndr, struct samr_QUERY_DOMAIN_INFO *r) +static NTSTATUS ndr_pull_samr_DomInfo1(struct ndr_pull *ndr, int ndr_flags, struct samr_DomInfo1 *r) { + NDR_CHECK(ndr_pull_align(ndr, 4)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint16(ndr, &r->min_length_password)); + NDR_CHECK(ndr_pull_uint16(ndr, &r->password_history)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->flag)); + NDR_CHECK(ndr_pull_NTTIME(ndr, &r->expire)); + NDR_CHECK(ndr_pull_NTTIME(ndr, &r->min_passwordage)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_samr_DomainInfo(struct ndr_pull *ndr, int ndr_flags, uint16 *level, union samr_DomainInfo *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint16(ndr, level)); + switch (*level) { + case 1: { + NDR_CHECK(ndr_pull_samr_DomInfo1(ndr, NDR_SCALARS, &r->info1)); + break; } + + default: + return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", *level); + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + switch (*level) { + case 1: + NDR_CHECK(ndr_pull_samr_DomInfo1(ndr, NDR_BUFFERS, &r->info1)); + break; + + default: + return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u", *level); + } +done: + return NT_STATUS_OK; +} + +NTSTATUS ndr_pull_samr_QueryDomainInfo(struct ndr_pull *ndr, struct samr_QueryDomainInfo *r) +{ + uint32 _ptr_info; + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_info)); + if (_ptr_info) { + NDR_ALLOC(ndr, r->out.info); + } else { + r->out.info = NULL; + } + if (r->out.info) { + { uint16 _level; + NDR_CHECK(ndr_pull_samr_DomainInfo(ndr, NDR_SCALARS|NDR_BUFFERS, &_level, r->out.info)); + if (((NDR_SCALARS|NDR_BUFFERS) & NDR_SCALARS) && (_level != r->in.level)) return ndr_pull_error(ndr, NDR_ERR_BAD_SWITCH, "Bad switch value %u in info"); + } + } NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); return NT_STATUS_OK; @@ -1044,3 +1104,28 @@ void ndr_print_samr_SamArray(struct ndr_print *ndr, const char *name, struct sam ndr->depth--; } +void ndr_print_samr_DomInfo1(struct ndr_print *ndr, const char *name, struct samr_DomInfo1 *r) +{ + ndr_print_struct(ndr, name, "samr_DomInfo1"); + ndr->depth++; + ndr_print_uint16(ndr, "min_length_password", r->min_length_password); + ndr_print_uint16(ndr, "password_history", r->password_history); + ndr_print_uint32(ndr, "flag", r->flag); + ndr_print_NTTIME(ndr, "expire", r->expire); + ndr_print_NTTIME(ndr, "min_passwordage", r->min_passwordage); + ndr->depth--; +} + +void ndr_print_samr_DomainInfo(struct ndr_print *ndr, const char *name, uint16 level, union samr_DomainInfo *r) +{ + ndr_print_union(ndr, name, level, "samr_DomainInfo"); + switch (level) { + case 1: + ndr_print_samr_DomInfo1(ndr, "info1", &r->info1); + break; + + default: + ndr_print_bad_level(ndr, name, level); + } +} + diff --git a/source4/librpc/ndr/ndr_samr.h b/source4/librpc/ndr/ndr_samr.h index f24dde1ec5..9bf4682563 100644 --- a/source4/librpc/ndr/ndr_samr.h +++ b/source4/librpc/ndr/ndr_samr.h @@ -98,21 +98,40 @@ struct samr_EnumDomains { }; -struct samr_OPEN_DOMAIN { +struct samr_OpenDomain { struct { + struct policy_handle *handle; + uint32 access_mask; + struct dom_sid2 *sid; } in; struct { + struct policy_handle *domain_handle; NTSTATUS result; } out; }; -struct samr_QUERY_DOMAIN_INFO { +struct samr_DomInfo1 { + uint16 min_length_password; + uint16 password_history; + uint32 flag; + NTTIME expire; + NTTIME min_passwordage; +}; + +union samr_DomainInfo { +/* [case(1)] */ struct samr_DomInfo1 info1; +}; + +struct samr_QueryDomainInfo { struct { + struct policy_handle *handle; + uint16 level; } in; struct { + union samr_DomainInfo *info; NTSTATUS result; } out; @@ -719,8 +738,8 @@ struct samr_VALIDATE_PASSWORD { #define DCERPC_SAMR_SHUTDOWN 4 #define DCERPC_SAMR_LOOKUPDOMAIN 5 #define DCERPC_SAMR_ENUMDOMAINS 6 -#define DCERPC_SAMR_OPEN_DOMAIN 7 -#define DCERPC_SAMR_QUERY_DOMAIN_INFO 8 +#define DCERPC_SAMR_OPENDOMAIN 7 +#define DCERPC_SAMR_QUERYDOMAININFO 8 #define DCERPC_SAMR_SET_DOMAIN_INFO 9 #define DCERPC_SAMR_CREATE_DOM_GROUP 10 #define DCERPC_SAMR_ENUM_DOM_GROUPS 11 diff --git a/source4/librpc/rpc/rpc_samr.c b/source4/librpc/rpc/rpc_samr.c index 836ada5c0c..98b294d044 100644 --- a/source4/librpc/rpc/rpc_samr.c +++ b/source4/librpc/rpc/rpc_samr.c @@ -101,12 +101,12 @@ NTSTATUS dcerpc_samr_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, str return r->out.result; } -NTSTATUS dcerpc_samr_OPEN_DOMAIN(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct samr_OPEN_DOMAIN *r) +NTSTATUS dcerpc_samr_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct samr_OpenDomain *r) { NTSTATUS status; - status = dcerpc_ndr_request(p, DCERPC_SAMR_OPEN_DOMAIN, mem_ctx, - (ndr_push_fn_t) ndr_push_samr_OPEN_DOMAIN, - (ndr_pull_fn_t) ndr_pull_samr_OPEN_DOMAIN, + status = dcerpc_ndr_request(p, DCERPC_SAMR_OPENDOMAIN, mem_ctx, + (ndr_push_fn_t) ndr_push_samr_OpenDomain, + (ndr_pull_fn_t) ndr_pull_samr_OpenDomain, r); if (!NT_STATUS_IS_OK(status)) { return status; @@ -115,12 +115,12 @@ NTSTATUS dcerpc_samr_OPEN_DOMAIN(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, str return r->out.result; } -NTSTATUS dcerpc_samr_QUERY_DOMAIN_INFO(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct samr_QUERY_DOMAIN_INFO *r) +NTSTATUS dcerpc_samr_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct samr_QueryDomainInfo *r) { NTSTATUS status; - status = dcerpc_ndr_request(p, DCERPC_SAMR_QUERY_DOMAIN_INFO, mem_ctx, - (ndr_push_fn_t) ndr_push_samr_QUERY_DOMAIN_INFO, - (ndr_pull_fn_t) ndr_pull_samr_QUERY_DOMAIN_INFO, + status = dcerpc_ndr_request(p, DCERPC_SAMR_QUERYDOMAININFO, mem_ctx, + (ndr_push_fn_t) ndr_push_samr_QueryDomainInfo, + (ndr_pull_fn_t) ndr_pull_samr_QueryDomainInfo, r); if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c index 2dd77e6ec5..431372323e 100644 --- a/source4/torture/rpc/samr.c +++ b/source4/torture/rpc/samr.c @@ -21,6 +21,55 @@ #include "includes.h" +static BOOL test_QueryDomainInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle) +{ + NTSTATUS status; + struct samr_QueryDomainInfo r; + + printf("Testing QueryDomainInfo\n"); + + r.in.handle = handle; + r.in.level = 1; + + status = dcerpc_samr_QueryDomainInfo(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("QueryDomainInfo failed - %s\n", nt_errstr(status)); + return False; + } + + NDR_PRINT_UNION_DEBUG(samr_DomainInfo, r.in.level, r.out.info); + + return True; +} + +static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, + struct policy_handle *handle, struct dom_sid2 *sid) +{ + NTSTATUS status; + struct samr_OpenDomain r; + struct policy_handle domain_handle; + + printf("Testing OpenDomain\n"); + + r.in.handle = handle; + r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; + r.in.sid = sid; + r.out.domain_handle = &domain_handle; + + status = dcerpc_samr_OpenDomain(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("OpenDomain failed - %s\n", nt_errstr(status)); + return False; + } + + if (!test_QueryDomainInfo(p, mem_ctx, &domain_handle)) { + return False; + } + + return True; +} + static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, struct samr_Name *domain) { @@ -40,6 +89,10 @@ static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, NDR_PRINT_DEBUG(dom_sid2, r.out.sid); + if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid)) { + return False; + } + return True; } @@ -52,6 +105,7 @@ static BOOL test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, uint32 resume_handle = 0; uint32 num_entries=0; int i; + BOOL ret = True; r.in.handle = handle; r.in.resume_handle = &resume_handle; @@ -67,13 +121,18 @@ static BOOL test_EnumDomains(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, NDR_PRINT_DEBUG(samr_SamArray, r.out.sam); - if (r.out.sam) { - for (i=0;icount;i++) { - test_LookupDomain(p, mem_ctx, handle, &r.out.sam->entries[i].name); + if (!r.out.sam) { + return False; + } + + for (i=0;icount;i++) { + if (!test_LookupDomain(p, mem_ctx, handle, + &r.out.sam->entries[i].name)) { + ret = False; } } - return True; + return ret; } -- cgit