r307: added IDL and test code for samr_GetDomPwInfo(), samr_SetUserInfo2(),

samr_GetBootKeyInformation() and samr_Connect3()

also added some stub IDL for samr_SetBootKeyInformation() although I
don't yet have working test code. This one is tricky, as if you get it
wrong then the target system won't boot any more :)
(This used to be commit 118b6fc292ba3257511b1b83846582013fb59b23)

source4/librpc/idl/samr.idl

@@ -993,7 +993,10 @@
 
 	/************************/
 	/* Function    0x38     */
-	NTSTATUS samr_GET_DOM_PWINFO();
+	NTSTATUS samr_GetDomPwInfo(
+		[in]        samr_Name *name,
+		[out]       samr_PwInfo info
+		);
 
 	/************************/
 	/* Function    0x39     */
@@ -1005,19 +1008,42 @@
 
 	/************************/
 	/* Function    0x3a     */
-	NTSTATUS samr_SET_USERINFO2();
+	/*
+	  seems to be an exact alias for samr_SetUserInfo() 
+	*/
+	NTSTATUS samr_SetUserInfo2(
+		[in,ref]                   policy_handle *handle,
+		[in]                       uint16 level,
+		[in,ref,switch_is(level)]  samr_UserInfo *info
+		);
 
 	/************************/
 	/* Function    0x3b     */
-	NTSTATUS samr_SET_BOOT_KEY_INFORMATION();
+	/*
+	  this one is mysterious. I have a few guesses, but nothing working yet
+	*/
+	NTSTATUS samr_SetBootKeyInformation(
+		[in,ref]   policy_handle *handle
+		[in]       uint32 unknown1,
+		[in]       uint32 unknown2,
+		[in]       uint32 unknown3
+		);
 
 	/************************/
 	/* Function    0x3c     */
-	NTSTATUS samr_GET_BOOT_KEY_INFORMATION();
+	NTSTATUS samr_GetBootKeyInformation(
+		[in,ref]   policy_handle *handle,
+		[out]      uint32 unknown
+		);
 
 	/************************/
 	/* Function    0x3d     */
-	NTSTATUS samr_CONNECT3();
+	NTSTATUS samr_Connect3(
+		[in] unistr *system_name,
+		[in] uint32 unknown,
+		[in] uint32 access_mask,
+		[out,ref]  policy_handle *handle
+		);
 
 	/************************/
 	/* Function    0x3e     */

source4/torture/rpc/samr.c

@@ -106,6 +106,7 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 {
 	NTSTATUS status;
 	struct samr_SetUserInfo s;
+	struct samr_SetUserInfo2 s2;
 	struct samr_QueryUserInfo q;
 	struct samr_QueryUserInfo q0;
 	union samr_UserInfo u;
@@ -113,6 +114,10 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 
 	s.in.handle = handle;
 	s.in.info = &u;
+
+	s2.in.handle = handle;
+	s2.in.info = &u;
+
 	q.in.handle = handle;
 	q.out.info = &u;
 	q0 = q;
@@ -147,12 +152,14 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		q.in.level = lvl1; \
 		TESTCALL(QueryUserInfo, q) \
 		s.in.level = lvl1; \
+		s2.in.level = lvl1; \
 		u = *q.out.info; \
 		init_samr_Name(&u.info ## lvl1.field1, value); \
 		if (lvl1 == 21) { \
 			u.info21.fields_present = fpval; \
 		} \
 		TESTCALL(SetUserInfo, s) \
+		TESTCALL(SetUserInfo2, s2) \
 		init_samr_Name(&u.info ## lvl1.field1, ""); \
 		TESTCALL(QueryUserInfo, q); \
 		u = *q.out.info; \
@@ -168,12 +175,14 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		q.in.level = lvl1; \
 		TESTCALL(QueryUserInfo, q) \
 		s.in.level = lvl1; \
+		s2.in.level = lvl1; \
 		u = *q.out.info; \
 		u.info ## lvl1.field1 = value; \
 		if (lvl1 == 21) { \
 			u.info21.fields_present = fpval; \
 		} \
 		TESTCALL(SetUserInfo, s) \
+		TESTCALL(SetUserInfo2, s2) \
 		u.info ## lvl1.field1 = 0; \
 		TESTCALL(QueryUserInfo, q); \
 		u = *q.out.info; \
@@ -244,7 +253,6 @@ static BOOL test_SetUserInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	return ret;
 }
 
-
 static BOOL test_SetUserPass(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
 			     struct policy_handle *handle)
 {
@@ -348,6 +356,27 @@ static BOOL test_GetGroupsForUser(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	return ret;
 
 }
+
+static BOOL test_GetDomPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
+			      struct samr_Name *domain_name)
+{
+	NTSTATUS status;
+	struct samr_GetDomPwInfo r;
+	BOOL ret = True;
+
+	printf("Testing GetDomPwInfo\n");
+
+	r.in.name = domain_name;
+
+	status = dcerpc_samr_GetDomPwInfo(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("GetDomPwInfo failed - %s\n", nt_errstr(status));
+		ret = False;
+	}
+
+	return ret;
+}
+
 static BOOL test_GetUserPwInfo(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
 			       struct policy_handle *handle)
 {
@@ -1962,6 +1991,26 @@ static BOOL test_RidToSid(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	return ret;
 }
 
+static BOOL test_GetBootKeyInformation(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
+				       struct policy_handle *domain_handle)
+{
+    	struct samr_GetBootKeyInformation r;
+	NTSTATUS status;
+	BOOL ret = True;
+
+	printf("Testing GetBootKeyInformation\n");
+
+	r.in.handle = domain_handle;
+
+	status = dcerpc_samr_GetBootKeyInformation(p, mem_ctx, &r);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("GetBootKeyInformation failed - %s\n", nt_errstr(status));
+		ret = False;
+	}
+
+	return ret;
+}
+
 static BOOL test_AddGroupMember(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, 
 				struct policy_handle *domain_handle,
 				struct policy_handle *group_handle)
@@ -2197,6 +2246,10 @@ static BOOL test_OpenDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		ret = False;
 	}
 
+	if (!test_GetBootKeyInformation(p, mem_ctx, &domain_handle)) {
+		ret = False;
+	}
+
 	if (!policy_handle_empty(&user_handle) &&
 	    !test_DeleteUser(p, mem_ctx, &user_handle)) {
 		ret = False;
@@ -2224,6 +2277,7 @@ static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 {
 	NTSTATUS status;
 	struct samr_LookupDomain r;
+	BOOL ret = True;
 
 	printf("Testing LookupDomain(%s)\n", domain->name);
 
@@ -2236,11 +2290,15 @@ static BOOL test_LookupDomain(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		return False;
 	}
 
-	if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid)) {
-		return False;
+	if (!test_GetDomPwInfo(p, mem_ctx, domain)) {
+		ret = False;
 	}
 
-	return True;	
+	if (!test_OpenDomain(p, mem_ctx, handle, r.out.sid)) {
+		ret = False;
+	}
+
+	return ret;
 }
 
 
@@ -2285,10 +2343,13 @@ static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 	NTSTATUS status;
 	struct samr_Connect r;
 	struct samr_Connect2 r2;
+	struct samr_Connect3 r3;
 	struct samr_Connect4 r4;
 	struct samr_Connect5 r5;
 	BOOL ret = True;
 
+	printf("testing samr_Connect\n");
+
 	r.in.system_name = 0;
 	r.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
 	r.out.handle = handle;
@@ -2299,6 +2360,8 @@ static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		ret = False;
 	}
 
+	printf("testing samr_Connect2\n");
+
 	r2.in.system_name = "";
 	r2.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
 	r2.out.handle = handle;
@@ -2309,6 +2372,21 @@ static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		ret = False;
 	}
 
+	printf("testing samr_Connect3\n");
+
+	r3.in.system_name = "";
+	r3.in.unknown = 0;
+	r3.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
+	r3.out.handle = handle;
+
+	status = dcerpc_samr_Connect3(p, mem_ctx, &r3);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("Connect3 failed - %s\n", nt_errstr(status));
+		ret = False;
+	}
+
+	printf("testing samr_Connect4\n");
+
 	r4.in.system_name = "";
 	r4.in.unknown = 0;
 	r4.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
@@ -2320,6 +2398,8 @@ static BOOL test_Connect(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
 		ret = False;
 	}
 
+	printf("testing samr_Connect5\n");
+
 	r5.in.system_name = "";
 	r5.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED;
 	r5.in.unknown0 = 1; /*Magic values I took from a WinXP pro workstation       */