From cff32d6b0ae3b8f17973f544d8be891704437915 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 9 Nov 2003 00:58:40 +0000 Subject: added idl, generated code and test code for lsa_LookupSids (This used to be commit afa1ff5f08fceba3d34b4e0965fe7e0c0143ede9) --- source4/librpc/idl/lsa.idl | 36 ++++++++ source4/librpc/ndr/ndr.c | 11 ++- source4/librpc/ndr/ndr_basic.c | 2 +- source4/librpc/ndr/ndr_lsa.c | 199 +++++++++++++++++++++++++++++++++++++++++ source4/librpc/ndr/ndr_lsa.h | 46 ++++++++++ source4/librpc/rpc/rpc_lsa.c | 20 +++++ source4/torture/rpc/lsa.c | 61 ++++++++++++- 7 files changed, 372 insertions(+), 3 deletions(-) (limited to 'source4') diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index e043582f1d..c807f19d49 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -54,4 +54,40 @@ [out,ref] lsa_SidArray *sids ); + typedef struct { + uint16 name_len; + uint16 name_size; + unistr *name; + } lsa_Name; + + typedef struct { + uint16 sid_type; + lsa_Name name; + uint32 sid_index; + } lsa_TranslatedName; + + typedef struct { + uint32 count; + [size_is(count)] lsa_TranslatedName *names; + } lsa_TransNameArray; + + typedef struct { + lsa_Name name; + dom_sid2 *sid; + } lsa_TrustInformation; + + typedef struct { + uint32 count; + [size_is(count)] lsa_TrustInformation *domains; + uint32 max_count; + } lsa_RefDomainList; + + NTSTATUS lsa_LookupSids ( + [in,ref] policy_handle *handle, + [in,ref] lsa_SidArray *sids, + [out] lsa_RefDomainList *domains, + [in,out,ref] lsa_TransNameArray *names, + [in] uint16 level, + [in,out,ref] uint32 *count + ); } diff --git a/source4/librpc/ndr/ndr.c b/source4/librpc/ndr/ndr.c index dabe75d5ac..2413e7322d 100644 --- a/source4/librpc/ndr/ndr.c +++ b/source4/librpc/ndr/ndr.c @@ -196,10 +196,19 @@ NTSTATUS ndr_push_array(struct ndr_push *ndr, int ndr_flags, void *base, int i; char *p = base; NDR_CHECK(ndr_push_uint32(ndr, count)); + if (!(ndr_flags & NDR_SCALARS)) goto buffers; for (i=0;imem_ctx, &as, (const smb_ucs2_t *)ws); diff --git a/source4/librpc/ndr/ndr_lsa.c b/source4/librpc/ndr/ndr_lsa.c index 533e895006..8e42b3786b 100644 --- a/source4/librpc/ndr/ndr_lsa.c +++ b/source4/librpc/ndr/ndr_lsa.c @@ -258,3 +258,202 @@ NTSTATUS ndr_pull_lsa_EnumSids(struct ndr_pull *ndr, struct lsa_EnumSids *r) return NT_STATUS_OK; } +static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct lsa_Name *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_uint16(ndr, r->name_len)); + NDR_CHECK(ndr_push_uint16(ndr, r->name_size)); + NDR_CHECK(ndr_push_ptr(ndr, r->name)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->name) { + NDR_CHECK(ndr_push_unistr(ndr, r->name)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_Name(struct ndr_pull *ndr, int ndr_flags, struct lsa_Name *r) +{ + uint32 _ptr_name; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint16(ndr, &r->name_len)); + NDR_CHECK(ndr_pull_uint16(ndr, &r->name_size)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_name)); + if (_ptr_name) { + NDR_ALLOC(ndr, r->name); + } else { + r->name = NULL; + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->name) { + NDR_CHECK(ndr_pull_unistr(ndr, &r->name)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_TranslatedName(struct ndr_push *ndr, int ndr_flags, struct lsa_TranslatedName *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_uint16(ndr, r->sid_type)); + NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_push_uint32(ndr, r->sid_index)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name)); +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_TranslatedName(struct ndr_pull *ndr, int ndr_flags, struct lsa_TranslatedName *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint16(ndr, &r->sid_type)); + NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_pull_uint32(ndr, &r->sid_index)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name)); +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_TransNameArray(struct ndr_push *ndr, int ndr_flags, struct lsa_TransNameArray *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_uint32(ndr, r->count)); + NDR_CHECK(ndr_push_ptr(ndr, r->names)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->names) { + NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->names, sizeof(r->names[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TranslatedName)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_TransNameArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_TransNameArray *r) +{ + uint32 _ptr_names; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint32(ndr, &r->count)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_names)); + if (_ptr_names) { + NDR_ALLOC(ndr, r->names); + } else { + r->names = NULL; + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->names) { + NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)&r->names, sizeof(r->names[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TranslatedName)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_TrustInformation(struct ndr_push *ndr, int ndr_flags, struct lsa_TrustInformation *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_push_ptr(ndr, r->sid)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name)); + if (r->sid) { + NDR_CHECK(ndr_push_dom_sid2(ndr, r->sid)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_TrustInformation(struct ndr_pull *ndr, int ndr_flags, struct lsa_TrustInformation *r) +{ + uint32 _ptr_sid; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_sid)); + if (_ptr_sid) { + NDR_ALLOC(ndr, r->sid); + } else { + r->sid = NULL; + } +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name)); + if (r->sid) { + NDR_CHECK(ndr_pull_dom_sid2(ndr, r->sid)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_push_lsa_RefDomainList(struct ndr_push *ndr, int ndr_flags, struct lsa_RefDomainList *r) +{ + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_push_uint32(ndr, r->count)); + NDR_CHECK(ndr_push_ptr(ndr, r->domains)); + NDR_CHECK(ndr_push_uint32(ndr, r->max_count)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->domains) { + NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->domains, sizeof(r->domains[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_TrustInformation)); + } +done: + return NT_STATUS_OK; +} + +static NTSTATUS ndr_pull_lsa_RefDomainList(struct ndr_pull *ndr, int ndr_flags, struct lsa_RefDomainList *r) +{ + uint32 _ptr_domains; + if (!(ndr_flags & NDR_SCALARS)) goto buffers; + NDR_CHECK(ndr_pull_uint32(ndr, &r->count)); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains)); + if (_ptr_domains) { + NDR_ALLOC(ndr, r->domains); + } else { + r->domains = NULL; + } + NDR_CHECK(ndr_pull_uint32(ndr, &r->max_count)); +buffers: + if (!(ndr_flags & NDR_BUFFERS)) goto done; + if (r->domains) { + NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)&r->domains, sizeof(r->domains[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_TrustInformation)); + } +done: + return NT_STATUS_OK; +} + +NTSTATUS ndr_push_lsa_LookupSids(struct ndr_push *ndr, struct lsa_LookupSids *r) +{ + NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle)); + NDR_CHECK(ndr_push_lsa_SidArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.sids)); + NDR_CHECK(ndr_push_lsa_TransNameArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.names)); + NDR_CHECK(ndr_push_uint16(ndr, r->in.level)); + NDR_CHECK(ndr_push_uint32(ndr, *r->in.count)); + + return NT_STATUS_OK; +} + +NTSTATUS ndr_pull_lsa_LookupSids(struct ndr_pull *ndr, struct lsa_LookupSids *r) +{ + uint32 _ptr_domains; + NDR_ALLOC(ndr, r->out.domains); + NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_domains)); + if (_ptr_domains) { + NDR_ALLOC(ndr, r->out.domains); + } else { + r->out.domains = NULL; + } + if (r->out.domains) { + NDR_CHECK(ndr_pull_lsa_RefDomainList(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.domains)); + } + NDR_CHECK(ndr_pull_lsa_TransNameArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.names)); + NDR_CHECK(ndr_pull_uint32(ndr, r->out.count)); + NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result)); + + return NT_STATUS_OK; +} + diff --git a/source4/librpc/ndr/ndr_lsa.h b/source4/librpc/ndr/ndr_lsa.h index c19a884536..ef70c5d073 100644 --- a/source4/librpc/ndr/ndr_lsa.h +++ b/source4/librpc/ndr/ndr_lsa.h @@ -66,3 +66,49 @@ struct lsa_EnumSids { }; +struct lsa_Name { + uint16 name_len; + uint16 name_size; + const char *name; +}; + +struct lsa_TranslatedName { + uint16 sid_type; + struct lsa_Name name; + uint32 sid_index; +}; + +struct lsa_TransNameArray { + uint32 count; + struct lsa_TranslatedName *names; +}; + +struct lsa_TrustInformation { + struct lsa_Name name; + struct dom_sid2 *sid; +}; + +struct lsa_RefDomainList { + uint32 count; + struct lsa_TrustInformation *domains; + uint32 max_count; +}; + +struct lsa_LookupSids { + struct { + struct policy_handle *handle; + struct lsa_SidArray *sids; + struct lsa_TransNameArray *names; + uint16 level; + uint32 *count; + } in; + + struct { + struct lsa_RefDomainList *domains; + struct lsa_TransNameArray *names; + uint32 *count; + NTSTATUS result; + } out; + +}; + diff --git a/source4/librpc/rpc/rpc_lsa.c b/source4/librpc/rpc/rpc_lsa.c index f11519a3c3..c6f6f80e73 100644 --- a/source4/librpc/rpc/rpc_lsa.c +++ b/source4/librpc/rpc/rpc_lsa.c @@ -148,3 +148,23 @@ NTSTATUS dcerpc_lsa_EnumSids(struct dcerpc_pipe *p, done: return status; } + +/* + LookupSids interface +*/ +NTSTATUS dcerpc_lsa_LookupSids(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct lsa_LookupSids *r) +{ + NTSTATUS status; + + status = dcerpc_ndr_request(p, LSA_LOOKUPSIDS, mem_ctx, + (ndr_push_fn_t) ndr_push_lsa_LookupSids, + (ndr_pull_fn_t) ndr_pull_lsa_LookupSids, + r); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + return r->out.result; +} diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index 5cf56acd30..044c09ced0 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -144,6 +144,61 @@ static BOOL test_OpenPolicy2(struct dcerpc_pipe *p, struct policy_handle *handle } +static BOOL test_LookupSids(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct lsa_SidArray *sids) +{ + struct lsa_LookupSids r; + struct lsa_TransNameArray names; + uint32 count = sids->num_sids; + NTSTATUS status; + int i; + + printf("\nTesting LookupSids\n"); + + names.count = 0; + names.names = NULL; + + r.in.handle = handle; + r.in.sids = sids; + r.in.names = &names; + r.in.level = 1; + r.in.count = &count; + r.out.count = &count; + r.out.names = &names; + + status = dcerpc_lsa_LookupSids(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("LookupSids failed - %s\n", nt_errstr(status)); + return False; + } + + if (r.out.domains) { + printf("lookup gave %d domains (max_count=%d)\n", + r.out.domains->count, + r.out.domains->max_count); + for (i=0;icount;i++) { + printf("name='%s' sid=%s\n", + r.out.domains->domains[i].name.name, + lsa_sid_string_talloc(mem_ctx, r.out.domains->domains[i].sid)); + } + } + + printf("lookup gave %d names (names.count=%d)\n", count, names.count); + for (i=0;i