2025-01-11 05:18:09 +03:00 · 0001-01-01 00:00:00 +00:00 · 0001-01-01 00:00:00 +00:00 · 25a8692fed
commit 25a8692fed
parent 9cf479873f
6 changed files with 180 additions and 8 deletions
--- a/source/libcli/ndr/ndr_lsa.c
+++ b/source/libcli/ndr/ndr_lsa.c
@ -108,3 +108,48 @@ NTSTATUS ndr_pull_lsa_OpenPolicy2(struct ndr_pull *ndr,
 	NDR_CHECK(ndr_pull_status(ndr, &r->out.status));
 	return NT_STATUS_OK;
 }
+
+
+/*
+  push a EnumSids
+*/
+NTSTATUS ndr_push_lsa_EnumSids(struct ndr_push *ndr, 
+			       struct lsa_EnumSids *r)
+{
+	NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
+	NDR_CHECK(ndr_push_u32(ndr, r->in.start_at));
+	NDR_CHECK(ndr_push_u32(ndr, r->in.num_entries));
+	return NT_STATUS_OK;
+}
+
+/*
+  pull a EnumSids
+*/
+NTSTATUS ndr_pull_lsa_EnumSids(struct ndr_pull *ndr, 
+			       struct lsa_EnumSids *r)
+{
+	uint32 nptrs, asize, i, ptr;
+
+	NDR_CHECK(ndr_pull_u32(ndr, &r->out.num_entries));
+	NDR_CHECK(ndr_pull_u32(ndr, &nptrs));
+	NDR_CHECK(ndr_pull_u32(ndr, &ptr));
+	if (!ptr) goto done;
+
+	NDR_CHECK(ndr_pull_u32(ndr, &asize));
+	NDR_ALLOC_N(ndr, r->out.sids, nptrs);
+	for (i=0;i<nptrs;i++) {
+		NDR_CHECK(ndr_pull_u32(ndr, &ptr));
+		if (ptr) {
+			NDR_ALLOC(ndr, r->out.sids[i]);
+		} else {
+			r->out.sids[i] = NULL;
+		}
+	}
+	for (i=0;i<nptrs;i++) {
+		if (r->out.sids[i]) NDR_CHECK(ndr_pull_dom_sid2(ndr, r->out.sids[i]));
+	}
+
+done:
+	NDR_CHECK(ndr_pull_status(ndr, &r->out.status));
+	return NT_STATUS_OK;
+}
--- a/source/libcli/ndr/ndr_lsa.h
+++ b/source/libcli/ndr/ndr_lsa.h
@ -57,3 +57,16 @@ struct lsa_OpenPolicy2 {
 		NTSTATUS status;
 	} out;
 };
+
+struct lsa_EnumSids {
+	struct {
+		struct policy_handle *handle;
+		uint32 start_at;
+		uint32 num_entries;
+	} in;
+	struct {
+		uint32 num_entries;
+		struct dom_sid **sids;
+		NTSTATUS status;
+	} out;
+};
--- a/source/libcli/ndr/ndr_sec.c
+++ b/source/libcli/ndr/ndr_sec.c
@ -136,6 +136,16 @@ NTSTATUS ndr_pull_dom_sid(struct ndr_pull *ndr, struct dom_sid *sid)
 	return NT_STATUS_OK;
 }

+/*
+  parse a dom_sid2 - this is a dom_sid but with an extra copy of the num_auths field
+*/
+NTSTATUS ndr_pull_dom_sid2(struct ndr_pull *ndr, struct dom_sid *sid)
+{
+	uint32 num_auths;
+	NDR_CHECK(ndr_pull_u32(ndr, &num_auths));
+	return ndr_pull_dom_sid(ndr, sid);
+}
+
 /*
  parse a dom_sid offset and structure
 */
--- a/source/libcli/raw/rawdcerpc.c
+++ b/source/libcli/raw/rawdcerpc.c
@ -59,6 +59,9 @@ NTSTATUS dcerpc_pipe_open_smb(struct dcerpc_pipe *p, const char *pipe_name)
 	io.ntcreatex.in.fname = name;

 	mem_ctx = talloc_init("torture_rpc_connection");
+	if (!mem_ctx) {
+		return NT_STATUS_NO_MEMORY;
+	}
 	status = smb_raw_open(p->tree, mem_ctx, &io);
 	free(name);
 	talloc_destroy(mem_ctx);
--- a/source/libcli/rpc/rpc_lsa.c
+++ b/source/libcli/rpc/rpc_lsa.c
@ -35,7 +35,7 @@ NTSTATUS dcerpc_lsa_OpenPolicy(struct dcerpc_pipe *p,
 	NTSTATUS status;
 	TALLOC_CTX *mem_ctx;

-	mem_ctx = talloc_init("dcerpc_rpcecho_addone");
+	mem_ctx = talloc_init("dcerpc_lsa_openpolicy");
 	if (!mem_ctx) {
 		return NT_STATUS_NO_MEMORY;
 	}
@ -77,7 +77,7 @@ NTSTATUS dcerpc_lsa_OpenPolicy2(struct dcerpc_pipe *p,
 	NTSTATUS status;
 	TALLOC_CTX *mem_ctx;

-	mem_ctx = talloc_init("dcerpc_rpcecho_addone");
+	mem_ctx = talloc_init("dcerpc_lsa_openpolicy2");
 	if (!mem_ctx) {
 		return NT_STATUS_NO_MEMORY;
 	}
@ -104,3 +104,39 @@ done:
 	talloc_destroy(mem_ctx);
 	return status;
 }
+
+/*
+  EnumSids interface
+*/
+NTSTATUS dcerpc_lsa_EnumSids(struct dcerpc_pipe *p,
+			     TALLOC_CTX *mem_ctx,
+			     struct policy_handle *handle,
+			     uint32 resume_handle,
+			     uint32 *num_entries,
+			     struct dom_sid ***sids)
+{
+	struct lsa_EnumSids r;
+	NTSTATUS status;
+
+	/* fill the .in side of the call */
+	r.in.handle = handle;
+	r.in.start_at = 0;
+	r.in.num_entries = *num_entries;
+
+	/* make the call */
+	status = dcerpc_ndr_request(p, LSA_ENUM_ACCOUNTS, mem_ctx,
+				    (ndr_push_fn_t) ndr_push_lsa_EnumSids,
+				    (ndr_pull_fn_t) ndr_pull_lsa_EnumSids,
+				    &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		goto done;
+	}
+	
+	/* and extract the .out parameters */
+	*num_entries = r.out.num_entries;
+	*sids = r.out.sids;
+	status = r.out.status;
+
+done:
+	return status;
+}
--- a/source/torture/rpc/lsa.c
+++ b/source/torture/rpc/lsa.c
@ -21,6 +21,39 @@

 #include "includes.h"

+/*
+  this really shouldn't be here ....
+*/
+static char *lsa_sid_string_talloc(TALLOC_CTX *mem_ctx, struct dom_sid *sid)
+{
+	int i, ofs, maxlen;
+	uint32 ia;
+	char *ret;
+	
+	if (!sid) {
+		return talloc_asprintf(mem_ctx, "(NULL SID)");
+	}
+
+	maxlen = sid->num_auths * 11 + 25;
+	ret = talloc(mem_ctx, maxlen);
+	if (!ret) return NULL;
+
+	ia = (sid->id_auth[5]) +
+		(sid->id_auth[4] << 8 ) +
+		(sid->id_auth[3] << 16) +
+		(sid->id_auth[2] << 24);
+
+	ofs = snprintf(ret, maxlen, "S-%u-%lu", 
+		       (unsigned int)sid->sid_rev_num, (unsigned long)ia);
+
+	for (i = 0; i < sid->num_auths; i++) {
+		ofs += snprintf(ret + ofs, maxlen - ofs, "-%lu", (unsigned long)sid->sub_auths[i]);
+	}
+
+	return ret;
+}
+
+
 static BOOL test_OpenPolicy(struct dcerpc_pipe *p)
 {
 	struct lsa_ObjectAttribute attr;
@ -28,7 +61,7 @@ static BOOL test_OpenPolicy(struct dcerpc_pipe *p)
 	struct lsa_QosInfo qos;
 	NTSTATUS status;

-	printf("testing OpenPolicy\n");
+	printf("\ntesting OpenPolicy\n");

 	qos.impersonation_level = 2;
 	qos.context_mode = 1;
@ -54,14 +87,13 @@ static BOOL test_OpenPolicy(struct dcerpc_pipe *p)
 }


-static BOOL test_OpenPolicy2(struct dcerpc_pipe *p)
+static BOOL test_OpenPolicy2(struct dcerpc_pipe *p, struct policy_handle *handle)
 {
 	struct lsa_ObjectAttribute attr;
-	struct policy_handle handle;
 	struct lsa_QosInfo qos;
 	NTSTATUS status;

-	printf("testing OpenPolicy2\n");
+	printf("\ntesting OpenPolicy2\n");

 	qos.impersonation_level = 2;
 	qos.context_mode = 1;
@ -77,7 +109,7 @@ static BOOL test_OpenPolicy2(struct dcerpc_pipe *p)
 					"\\",
 					&attr,
 					SEC_RIGHTS_MAXIMUM_ALLOWED,
-					&handle);
+					handle);
 	if (!NT_STATUS_IS_OK(status)) {
 		printf("OpenPolicy2 failed - %s\n", nt_errstr(status));
 		return False;
@ -86,12 +118,41 @@ static BOOL test_OpenPolicy2(struct dcerpc_pipe *p)
 	return True;
 }

+
+static BOOL test_EnumSids(struct dcerpc_pipe *p, 
+			  TALLOC_CTX *mem_ctx, 
+			  struct policy_handle *handle)
+{
+	NTSTATUS status;
+	struct dom_sid **sids;
+	uint32 num_entries = 100;
+	int i;
+
+	printf("\ntesting EnumSids\n");
+
+	status = dcerpc_lsa_EnumSids(p, mem_ctx, handle, 0, &num_entries, &sids);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("EnumSids failed - %s\n", nt_errstr(status));
+		return False;
+	}
+
+	printf("Got %d sids\n", num_entries);
+
+	for (i=0;i<num_entries;i++) {
+		printf("%s\n", lsa_sid_string_talloc(mem_ctx, sids[i]));
+	}
+	
+
+	return True;
+}
+
 BOOL torture_rpc_lsa(int dummy)
 {
        NTSTATUS status;
        struct dcerpc_pipe *p;
 	TALLOC_CTX *mem_ctx;
 	BOOL ret = True;
+	struct policy_handle handle;

 	mem_ctx = talloc_init("torture_rpc_lsa");

@ -104,10 +165,14 @@ BOOL torture_rpc_lsa(int dummy)
 		ret = False;
 	}

-	if (!test_OpenPolicy2(p)) {
+	if (!test_OpenPolicy2(p, &handle)) {
 		ret = False;
 	}

+	if (!test_EnumSids(p, mem_ctx, &handle)) {
+		ret = False;
+	}
+	
        torture_rpc_close(p);

 	return ret;