2025-02-23 09:57:40 +03:00 · 2003-11-09 09:44:06 +00:00 · 2003-11-09 09:44:06 +00:00 · 4bba087298
commit 4bba087298
parent e3581c28bb
4 changed files with 230 additions and 51 deletions
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@ -16,11 +16,36 @@

 	/******************/
 	/* Function: 0x01 */
-	NTSTATUS lsa_Delete ();
+	NTSTATUS lsa_Delete (
+		[in,ref]     policy_handle *handle
+		);

 	/******************/
 	/* Function: 0x02 */
-	NTSTATUS lsa_EnumPrivs ();
+
+	typedef struct {
+		uint16 name_len;
+		uint16 name_size;
+		unistr_noterm *name;
+	} lsa_Name;
+
+	typedef struct {
+		lsa_Name name;
+		uint32 luid_low;
+		uint32 luid_high;
+	} lsa_PrivEntry;
+
+	typedef struct {
+		uint32 count;
+		[size_is(count)] lsa_PrivEntry *privs;
+	} lsa_PrivArray;
+
+	NTSTATUS lsa_EnumPrivs (
+		[in,ref]     policy_handle *handle,
+		[in,out,ref] uint32 *resume_handle,
+		[in]         uint32 max_count,
+		[out,ref]    lsa_PrivArray *privs
+		);

 	/******************/
 	/* Function: 0x03 */
@ -112,12 +137,6 @@
 	/******************/
 	/* Function: 0x0e */

-	typedef struct {
-		uint16 name_len;
-		uint16 name_size;
-		unistr_noterm *name;
-	} lsa_Name;
-
 	typedef struct {
 		uint16 sid_type;
 		uint32 rid;
--- a/source4/librpc/ndr/ndr_lsa.c
+++ b/source4/librpc/ndr/ndr_lsa.c
@ -18,6 +18,7 @@ NTSTATUS ndr_pull_lsa_Close(struct ndr_pull *ndr, struct lsa_Close *r)

 NTSTATUS ndr_push_lsa_Delete(struct ndr_push *ndr, struct lsa_Delete *r)
 {
+	NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));

 	return NT_STATUS_OK;
 }
@ -29,14 +30,116 @@ NTSTATUS ndr_pull_lsa_Delete(struct ndr_pull *ndr, struct lsa_Delete *r)
 	return NT_STATUS_OK;
 }

+static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct lsa_Name *r)
+{
+	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+	NDR_CHECK(ndr_push_uint16(ndr, r->name_len));
+	NDR_CHECK(ndr_push_uint16(ndr, r->name_size));
+	NDR_CHECK(ndr_push_ptr(ndr, r->name));
+buffers:
+	if (!(ndr_flags & NDR_BUFFERS)) goto done;
+	if (r->name) {
+		NDR_CHECK(ndr_push_unistr_noterm(ndr, r->name));
+	}
+done:
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_Name(struct ndr_pull *ndr, int ndr_flags, struct lsa_Name *r)
+{
+	uint32 _ptr_name;
+	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+	NDR_CHECK(ndr_pull_uint16(ndr, &r->name_len));
+	NDR_CHECK(ndr_pull_uint16(ndr, &r->name_size));
+	NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_name));
+	if (_ptr_name) {
+		NDR_ALLOC(ndr, r->name);
+	} else {
+		r->name = NULL;
+	}
+buffers:
+	if (!(ndr_flags & NDR_BUFFERS)) goto done;
+	if (r->name) {
+		NDR_CHECK(ndr_pull_unistr_noterm(ndr, &r->name));
+	}
+done:
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_push_lsa_PrivEntry(struct ndr_push *ndr, int ndr_flags, struct lsa_PrivEntry *r)
+{
+	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+	NDR_CHECK(ndr_push_lsa_Name(ndr, NDR_SCALARS, &r->name));
+	NDR_CHECK(ndr_push_uint32(ndr, r->luid_low));
+	NDR_CHECK(ndr_push_uint32(ndr, r->luid_high));
+buffers:
+	if (!(ndr_flags & NDR_BUFFERS)) goto done;
+		NDR_CHECK(ndr_push_lsa_Name(ndr, ndr_flags, &r->name));
+done:
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_PrivEntry(struct ndr_pull *ndr, int ndr_flags, struct lsa_PrivEntry *r)
+{
+	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+	NDR_CHECK(ndr_pull_lsa_Name(ndr, NDR_SCALARS, &r->name));
+	NDR_CHECK(ndr_pull_uint32(ndr, &r->luid_low));
+	NDR_CHECK(ndr_pull_uint32(ndr, &r->luid_high));
+buffers:
+	if (!(ndr_flags & NDR_BUFFERS)) goto done;
+		NDR_CHECK(ndr_pull_lsa_Name(ndr, ndr_flags, &r->name));
+done:
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_push_lsa_PrivArray(struct ndr_push *ndr, int ndr_flags, struct lsa_PrivArray *r)
+{
+	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+	NDR_CHECK(ndr_push_uint32(ndr, r->count));
+	NDR_CHECK(ndr_push_ptr(ndr, r->privs));
+buffers:
+	if (!(ndr_flags & NDR_BUFFERS)) goto done;
+	if (r->privs) {
+		NDR_CHECK(ndr_push_array(ndr, ndr_flags, r->privs, sizeof(r->privs[0]), r->count, (ndr_push_flags_fn_t)ndr_push_lsa_PrivEntry));
+	}
+done:
+	return NT_STATUS_OK;
+}
+
+static NTSTATUS ndr_pull_lsa_PrivArray(struct ndr_pull *ndr, int ndr_flags, struct lsa_PrivArray *r)
+{
+	uint32 _ptr_privs;
+	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
+	NDR_CHECK(ndr_pull_uint32(ndr, &r->count));
+	NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_privs));
+	if (_ptr_privs) {
+		NDR_ALLOC(ndr, r->privs);
+	} else {
+		r->privs = NULL;
+	}
+buffers:
+	if (!(ndr_flags & NDR_BUFFERS)) goto done;
+	if (r->privs) {
+		NDR_ALLOC_N_SIZE(ndr, r->privs, r->count, sizeof(r->privs[0]));
+		NDR_CHECK(ndr_pull_array(ndr, ndr_flags, (void **)r->privs, sizeof(r->privs[0]), r->count, (ndr_pull_flags_fn_t)ndr_pull_lsa_PrivEntry));
+	}
+done:
+	return NT_STATUS_OK;
+}
+
 NTSTATUS ndr_push_lsa_EnumPrivs(struct ndr_push *ndr, struct lsa_EnumPrivs *r)
 {
+	NDR_CHECK(ndr_push_policy_handle(ndr, r->in.handle));
+	NDR_CHECK(ndr_push_uint32(ndr, *r->in.resume_handle));
+	NDR_CHECK(ndr_push_uint32(ndr, r->in.max_count));

 	return NT_STATUS_OK;
 }

 NTSTATUS ndr_pull_lsa_EnumPrivs(struct ndr_pull *ndr, struct lsa_EnumPrivs *r)
 {
+	NDR_CHECK(ndr_pull_uint32(ndr, r->out.resume_handle));
+	NDR_CHECK(ndr_pull_lsa_PrivArray(ndr, NDR_SCALARS|NDR_BUFFERS, r->out.privs));
 	NDR_CHECK(ndr_pull_NTSTATUS(ndr, &r->out.result));

 	return NT_STATUS_OK;
@ -396,42 +499,6 @@ NTSTATUS ndr_pull_lsa_EnumTrustDom(struct ndr_pull *ndr, struct lsa_EnumTrustDom
 	return NT_STATUS_OK;
 }

-static NTSTATUS ndr_push_lsa_Name(struct ndr_push *ndr, int ndr_flags, struct lsa_Name *r)
-{
-	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
-	NDR_CHECK(ndr_push_uint16(ndr, r->name_len));
-	NDR_CHECK(ndr_push_uint16(ndr, r->name_size));
-	NDR_CHECK(ndr_push_ptr(ndr, r->name));
-buffers:
-	if (!(ndr_flags & NDR_BUFFERS)) goto done;
-	if (r->name) {
-		NDR_CHECK(ndr_push_unistr_noterm(ndr, r->name));
-	}
-done:
-	return NT_STATUS_OK;
-}
-
-static NTSTATUS ndr_pull_lsa_Name(struct ndr_pull *ndr, int ndr_flags, struct lsa_Name *r)
-{
-	uint32 _ptr_name;
-	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
-	NDR_CHECK(ndr_pull_uint16(ndr, &r->name_len));
-	NDR_CHECK(ndr_pull_uint16(ndr, &r->name_size));
-	NDR_CHECK(ndr_pull_uint32(ndr, &_ptr_name));
-	if (_ptr_name) {
-		NDR_ALLOC(ndr, r->name);
-	} else {
-		r->name = NULL;
-	}
-buffers:
-	if (!(ndr_flags & NDR_BUFFERS)) goto done;
-	if (r->name) {
-		NDR_CHECK(ndr_pull_unistr_noterm(ndr, &r->name));
-	}
-done:
-	return NT_STATUS_OK;
-}
-
 static NTSTATUS ndr_push_lsa_TranslatedSid(struct ndr_push *ndr, int ndr_flags, struct lsa_TranslatedSid *r)
 {
 	if (!(ndr_flags & NDR_SCALARS)) goto buffers;
--- a/source4/librpc/ndr/ndr_lsa.h
+++ b/source4/librpc/ndr/ndr_lsa.h
@ -13,6 +13,7 @@ struct lsa_Close {

 struct lsa_Delete {
 	struct {
+		struct policy_handle *handle;
 	} in;

 	struct {
@ -21,11 +22,33 @@ struct lsa_Delete {

 };

+struct lsa_Name {
+	uint16 name_len;
+	uint16 name_size;
+	const char *name;
+};
+
+struct lsa_PrivEntry {
+	struct lsa_Name name;
+	uint32 luid_low;
+	uint32 luid_high;
+};
+
+struct lsa_PrivArray {
+	uint32 count;
+	struct lsa_PrivEntry *privs;
+};
+
 struct lsa_EnumPrivs {
 	struct {
+		struct policy_handle *handle;
+		uint32 *resume_handle;
+		uint32 max_count;
 	} in;

 	struct {
+		uint32 *resume_handle;
+		struct lsa_PrivArray *privs;
 		NTSTATUS result;
 	} out;

@ -173,12 +196,6 @@ struct lsa_EnumTrustDom {

 };

-struct lsa_Name {
-	uint16 name_len;
-	uint16 name_size;
-	const char *name;
-};
-
 struct lsa_TranslatedSid {
 	uint16 sid_type;
 	uint32 rid;
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@ -330,6 +330,65 @@ static BOOL test_EnumAccounts(struct dcerpc_pipe *p,
 }


+static BOOL test_EnumPrivs(struct dcerpc_pipe *p, 
+			   TALLOC_CTX *mem_ctx, 
+			   struct policy_handle *handle)
+{
+	NTSTATUS status;
+	struct lsa_EnumPrivs r;
+	struct lsa_PrivArray privs1;
+	uint32 resume_handle = 0;
+	int i;
+
+	printf("\ntesting EnumPrivs\n");
+
+	r.in.handle = handle;
+	r.in.resume_handle = &resume_handle;
+	r.in.max_count = 1000;
+	r.out.resume_handle = &resume_handle;
+	r.out.privs = &privs1;
+
+	resume_handle = 0;
+	status = dcerpc_lsa_EnumPrivs(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("EnumPrivs failed - %s\n", nt_errstr(status));
+		return False;
+	}
+
+	printf("Got %d privs resume_handle=%u\n", privs1.count, resume_handle);
+
+	for (i=0;i<privs1.count;i++) {
+		printf("luid=%08x-%08x '%s'\n", 
+		       privs1.privs[i].luid_low,
+		       privs1.privs[i].luid_high,
+		       privs1.privs[i].name.name);
+	}
+
+	return True;
+}
+
+
+static BOOL test_Delete(struct dcerpc_pipe *p, 
+		       TALLOC_CTX *mem_ctx, 
+		       struct policy_handle *handle)
+{
+	NTSTATUS status;
+	struct lsa_Delete r;
+
+	printf("\ntesting Delete - but what does it do?\n");
+
+	r.in.handle = handle;
+	status = dcerpc_lsa_Delete(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("Delete failed - %s\n", nt_errstr(status));
+		return False;
+	}
+
+	printf("\n");
+
+	return True;
+}
+
 static BOOL test_Close(struct dcerpc_pipe *p, 
 		       TALLOC_CTX *mem_ctx, 
 		       struct policy_handle *handle)
@ -346,6 +405,13 @@ static BOOL test_Close(struct dcerpc_pipe *p,
 		return False;
 	}

+	status = dcerpc_lsa_Close(p, mem_ctx, &r);
+	/* its really a fault - we need a status code for rpc fault */
+	if (!NT_STATUS_EQUAL(status, NT_STATUS_INVALID_LEVEL)) {
+		printf("Close failed - %s\n", nt_errstr(status));
+		return False;
+	}
+
 	printf("\n");

 	return True;
@ -377,11 +443,21 @@ BOOL torture_rpc_lsa(int dummy)
 	if (!test_EnumAccounts(p, mem_ctx, &handle)) {
 		ret = False;
 	}
+
+	if (!test_EnumPrivs(p, mem_ctx, &handle)) {
+		ret = False;
+	}
+	
+#if 0
+	if (!test_Delete(p, mem_ctx, &handle)) {
+		ret = False;
+	}
+#endif
 	
 	if (!test_Close(p, mem_ctx, &handle)) {
 		ret = False;
 	}
-	
+
        torture_rpc_close(p);

 	return ret;