From 88baaee0939e28a596ceae49ce1b265570323340 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 23 Nov 2004 00:31:00 +0000 Subject: [PATCH] r3917: A few more LSA RPCs found in my wanderings (for trusted domains, these seem to be 'shortcut' RPCs, that just avoid an open/query pair). Rename a few others to give us a slightly sensible pattern. Andrew Bartlett (This used to be commit d6a7ab57e74ab89dd163d5f9f5f901e586b0aad4) --- source4/librpc/idl/lsa.idl | 17 +++++-- source4/rpc_server/lsa/dcesrv_lsa.c | 12 ++--- source4/torture/rpc/lsa.c | 75 +++++++++++++++++++++++------ source4/torture/rpc/samsync.c | 4 +- 4 files changed, 83 insertions(+), 25 deletions(-) diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 15d1445250d..a0f0e6cffcb 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -435,7 +435,7 @@ } lsa_TrustedDomainInfo; /* Function: 0x1a */ - NTSTATUS lsa_QueryInfoTrustedDomain( + NTSTATUS lsa_QueryTrustedDomainInfo( [in,ref] policy_handle *trustdom_handle, [in] uint16 level, [out,switch_is(level)] lsa_TrustedDomainInfo *info @@ -544,7 +544,13 @@ ); /* Function: 0x27 */ - NTSTATUS lsa_QueryTrustDomainInfo(); + NTSTATUS lsa_QueryTrustedDomainInfoBySid( + [in,ref] policy_handle *handle, + [in,ref] dom_sid2 *dom_sid, + [in] uint16 level, + [out,switch_is(level)] lsa_TrustedDomainInfo *info + ); + /* Function: 0x28 */ NTSTATUS lsa_SetTrustDomainInfo(); /* Function: 0x29 */ @@ -581,7 +587,12 @@ NTSTATUS lsa_SetInfoPolicy2(); /* Function 0x30 */ - NTSTATUS lsa_QueryTrustedDomainInfoByName(); + NTSTATUS lsa_QueryTrustedDomainInfoByName( + [in,ref] policy_handle *handle, + [in] lsa_String trusted_domain, + [in] uint16 level, + [out,switch_is(level)] lsa_TrustedDomainInfo *info + ); /* Function 0x31 */ NTSTATUS lsa_SetTrustedDomainInfoByName(); diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 845e5686199..78b5e413988 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -613,10 +613,10 @@ static NTSTATUS lsa_OpenTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC /* - lsa_QueryInfoTrustedDomain + lsa_QueryTrustedDomainInfo */ -static NTSTATUS lsa_QueryInfoTrustedDomain(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_QueryInfoTrustedDomain *r) +static NTSTATUS lsa_QueryTrustedDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_QueryTrustedDomainInfo *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } @@ -743,10 +743,10 @@ static NTSTATUS lsa_RemoveAccountRights(struct dcesrv_call_state *dce_call, TALL /* - lsa_QueryTrustDomainInfo + lsa_QueryTrustedDomainInfoBySid */ -static NTSTATUS lsa_QueryTrustDomainInfo(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_QueryTrustDomainInfo *r) +static NTSTATUS lsa_QueryTrustedDomainInfoBySid(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, + struct lsa_QueryTrustedDomainInfoBySid *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index a0b4e816bba..1fce7d9fa61 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -769,12 +769,12 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p, return False; } - printf("\nTesting OpenTrustedDomain and OpenTrustedDomainByName\n"); + printf("\nTesting OpenTrustedDomain, OpenTrustedDomainByName and QueryInfoTrustedDomain\n"); for (i=0; i< domains.count; i++) { struct lsa_OpenTrustedDomain trust; struct lsa_OpenTrustedDomainByName trust_by_name; - struct policy_handle trust_handle; + struct policy_handle trustdom_handle; struct policy_handle handle2; struct lsa_Close c; int levels [] = {1, 3, 6}; @@ -782,7 +782,7 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p, trust.in.handle = handle; trust.in.sid = domains.domains[i].sid; trust.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; - trust.out.trustdom_handle = &trust_handle; + trust.out.trustdom_handle = &trustdom_handle; status = dcerpc_lsa_OpenTrustedDomain(p, mem_ctx, &trust); @@ -791,33 +791,33 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p, return False; } - c.in.handle = &trust_handle; + c.in.handle = &trustdom_handle; c.out.handle = &handle2; - for (j=1; j < ARRAY_SIZE(levels); j++) { - struct lsa_QueryInfoTrustedDomain q; + for (j=0; j < ARRAY_SIZE(levels); j++) { + struct lsa_QueryTrustedDomainInfo q; union lsa_TrustedDomainInfo info; - q.in.trustdom_handle = &trust_handle; + q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[j]; q.out.info = &info; - status = dcerpc_lsa_QueryInfoTrustedDomain(p, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); if (!NT_STATUS_IS_OK(status)) { - printf("QueryInfoTrustedDomain level %d failed - %s\n", - j, nt_errstr(status)); + printf("QueryTrustedDomainInfo level %d failed - %s\n", + levels[j], nt_errstr(status)); ret = False; } } status = dcerpc_lsa_Close(p, mem_ctx, &c); if (!NT_STATUS_IS_OK(status)) { - printf("Close of trusted doman failed - %s\n", nt_errstr(status)); + printf("Close of trusted domain failed - %s\n", nt_errstr(status)); return False; } trust_by_name.in.handle = handle; trust_by_name.in.name = domains.domains[i].name; trust_by_name.in.access_mask = SEC_RIGHTS_MAXIMUM_ALLOWED; - trust_by_name.out.trustdom_handle = &trust_handle; + trust_by_name.out.trustdom_handle = &trustdom_handle; status = dcerpc_lsa_OpenTrustedDomainByName(p, mem_ctx, &trust_by_name); @@ -826,14 +826,61 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p, return False; } - c.in.handle = &trust_handle; + for (j=0; j < ARRAY_SIZE(levels); j++) { + struct lsa_QueryTrustedDomainInfo q; + union lsa_TrustedDomainInfo info; + q.in.trustdom_handle = &trustdom_handle; + q.in.level = levels[j]; + q.out.info = &info; + status = dcerpc_lsa_QueryTrustedDomainInfo(p, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + printf("QueryTrustedDomainInfo level %d failed - %s\n", + levels[j], nt_errstr(status)); + ret = False; + } + } + + c.in.handle = &trustdom_handle; c.out.handle = &handle2; status = dcerpc_lsa_Close(p, mem_ctx, &c); if (!NT_STATUS_IS_OK(status)) { - printf("Close of trusted doman failed - %s\n", nt_errstr(status)); + printf("Close of trusted domain failed - %s\n", nt_errstr(status)); return False; } + + for (j=0; j < ARRAY_SIZE(levels); j++) { + struct lsa_QueryTrustedDomainInfoBySid q; + union lsa_TrustedDomainInfo info; + q.in.handle = handle; + q.in.dom_sid = domains.domains[i].sid; + q.in.level = levels[j]; + q.out.info = &info; + status = dcerpc_lsa_QueryTrustedDomainInfoBySid(p, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + printf("QueryTrustedDomainInfoBySid level %d failed - %s\n", + levels[j], nt_errstr(status)); + ret = False; + } + } + + for (j=0; j < ARRAY_SIZE(levels); j++) { + struct lsa_QueryTrustedDomainInfoByName q; + union lsa_TrustedDomainInfo info; + q.in.handle = handle; + q.in.trusted_domain = domains.domains[i].name; + q.in.level = levels[j]; + q.out.info = &info; + status = dcerpc_lsa_QueryTrustedDomainInfoByName(p, mem_ctx, &q); + if (!NT_STATUS_IS_OK(status)) { + printf("QueryTrustedDomainInfoByName level %d failed - %s\n", + levels[j], nt_errstr(status)); + ret = False; + } + } + + + } return ret; diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c index 4a875d63357..2afd63bf549 100644 --- a/source4/torture/rpc/samsync.c +++ b/source4/torture/rpc/samsync.c @@ -781,7 +781,7 @@ static BOOL samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st struct samsync_trusted_domain *new = talloc_p(samsync_state, struct samsync_trusted_domain); struct lsa_OpenTrustedDomain t; struct policy_handle trustdom_handle; - struct lsa_QueryInfoTrustedDomain q; + struct lsa_QueryTrustedDomainInfo q; union lsa_TrustedDomainInfo *info[4]; int levels [] = {1, 3}; int i; @@ -803,7 +803,7 @@ static BOOL samsync_handle_trusted_domain(TALLOC_CTX *mem_ctx, struct samsync_st for (i=0; i< ARRAY_SIZE(levels); i++) { q.in.trustdom_handle = &trustdom_handle; q.in.level = levels[i]; - status = dcerpc_lsa_QueryInfoTrustedDomain(samsync_state->p_lsa, mem_ctx, &q); + status = dcerpc_lsa_QueryTrustedDomainInfo(samsync_state->p_lsa, mem_ctx, &q); if (!NT_STATUS_IS_OK(status)) { printf("QueryInfoTrustedDomain level %d failed - %s\n", levels[i], nt_errstr(status));