From a3ecad4237e1c4094263f31204bb8ae06669c951 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Tue, 23 Sep 2014 10:02:57 -0700
Subject: [PATCH] idl: Merge NETR_TRUST and LSA_TRUST definitions into one set
 only in lsa.idl

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---
 librpc/idl/lsa.idl                            |  5 +++--
 librpc/idl/netlogon.idl                       | 21 ++-----------------
 librpc/wscript_build                          |  2 +-
 source3/winbindd/winbindd_ads.c               |  2 +-
 source3/winbindd/winbindd_cm.c                |  2 +-
 source3/winbindd/winbindd_misc.c              | 10 ++++-----
 source3/winbindd/winbindd_ndr.c               |  5 +++--
 source3/winbindd/winbindd_pam.c               |  2 +-
 source3/winbindd/winbindd_util.c              |  4 ++--
 source4/rpc_server/lsa/dcesrv_lsa.c           |  2 +-
 source4/rpc_server/netlogon/dcerpc_netlogon.c |  7 ++++---
 source4/torture/rpc/lsa.c                     |  2 +-
 source4/torture/rpc/netlogon.c                |  2 +-
 13 files changed, 26 insertions(+), 40 deletions(-)

diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl
index 80efbd52225..251b4e2f476 100644
--- a/librpc/idl/lsa.idl
+++ b/librpc/idl/lsa.idl
@@ -691,10 +691,11 @@ import "misc.idl", "security.idl";
 		LSA_TRUST_DIRECTION_OUTBOUND = 0x00000002
 	} lsa_TrustDirection;
 
-	typedef [v1_enum] enum {
+	typedef [public,v1_enum] enum {
 		LSA_TRUST_TYPE_DOWNLEVEL  = 0x00000001,
 		LSA_TRUST_TYPE_UPLEVEL    = 0x00000002,
-		LSA_TRUST_TYPE_MIT        = 0x00000003
+		LSA_TRUST_TYPE_MIT        = 0x00000003,
+		LSA_TRUST_TYPE_DCE	  = 0x00000004
 	} lsa_TrustType;
 
 	typedef [public,bitmap32bit] bitmap {
diff --git a/librpc/idl/netlogon.idl b/librpc/idl/netlogon.idl
index 504933ce815..3ff7082b589 100644
--- a/librpc/idl/netlogon.idl
+++ b/librpc/idl/netlogon.idl
@@ -1502,30 +1502,13 @@ interface netlogon
 	/****************/
 	/* Function 0x24 */
 
-	typedef [v1_enum] enum {
-		NETR_TRUST_TYPE_DOWNLEVEL	= 1,
-		NETR_TRUST_TYPE_UPLEVEL		= 2,
-		NETR_TRUST_TYPE_MIT		= 3,
-		NETR_TRUST_TYPE_DCE		= 4
-	} netr_TrustType;
-
-	typedef [bitmap32bit] bitmap {
-		NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE	= 0x00000001,
-		NETR_TRUST_ATTRIBUTE_UPLEVEL_ONLY       = 0x00000002,
-		NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN = 0x00000004,
-		NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE  = 0x00000008,
-		NETR_TRUST_ATTRIBUTE_CROSS_ORGANIZATION = 0x00000010,
-		NETR_TRUST_ATTRIBUTE_WITHIN_FOREST      = 0x00000020,
-		NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL  = 0x00000040
-	} netr_TrustAttributes;
-
 	typedef struct {
 		[string,charset(UTF16)] uint16			*netbios_name;
 		[string,charset(UTF16)] uint16			*dns_name;
 		netr_TrustFlags		trust_flags;
 		uint32			parent_index;
-		netr_TrustType		trust_type;
-		netr_TrustAttributes	trust_attributes;
+		lsa_TrustType		trust_type;
+		lsa_TrustAttributes	trust_attributes;
 		dom_sid2		*sid;
 		GUID			guid;
 	} netr_DomainTrust;
diff --git a/librpc/wscript_build b/librpc/wscript_build
index 0a60b623202..6f744eb2b34 100644
--- a/librpc/wscript_build
+++ b/librpc/wscript_build
@@ -672,7 +672,7 @@ bld.SAMBA_LIBRARY('dcerpc-binding',
 
 bld.SAMBA_SUBSYSTEM('NDR_WINBIND',
 	source='gen_ndr/ndr_winbind.c',
-	public_deps='ndr'
+	public_deps='ndr NDR_LSA'
 	)
 
 bld.SAMBA_SUBSYSTEM('RPC_NDR_WINBIND',
diff --git a/source3/winbindd/winbindd_ads.c b/source3/winbindd/winbindd_ads.c
index 2e2239b47de..869a0387da3 100644
--- a/source3/winbindd/winbindd_ads.c
+++ b/source3/winbindd/winbindd_ads.c
@@ -1513,7 +1513,7 @@ static NTSTATUS trusted_domains(struct winbindd_domain *domain,
 		 */
 
 		if ((trust->trust_attributes
-		     == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) &&
+		     == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) &&
 		    !domain->primary )
 		{
 			DEBUG(10,("trusted_domains: Skipping external trusted "
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index 01a4aa2196a..1e639b7cfa6 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -2092,7 +2092,7 @@ static bool set_dc_type_and_flags_trustinfo( struct winbindd_domain *domain )
 			domain->domain_type           = trusts.array[i].trust_type;
 			domain->domain_trust_attribs  = trusts.array[i].trust_attributes;
 
-			if ( domain->domain_type == NETR_TRUST_TYPE_UPLEVEL )
+			if ( domain->domain_type == LSA_TRUST_TYPE_UPLEVEL )
 				domain->active_directory = True;
 
 			/* This flag is only set if the domain is *our* 
diff --git a/source3/winbindd/winbindd_misc.c b/source3/winbindd/winbindd_misc.c
index fa4907c7d6a..29831aae981 100644
--- a/source3/winbindd/winbindd_misc.c
+++ b/source3/winbindd/winbindd_misc.c
@@ -43,9 +43,9 @@ const char *trust_type_strings[] = {"External",
 
 static enum trust_type get_trust_type(struct winbindd_tdc_domain *domain)
 {
-	if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)	
+	if (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN)
 		return EXTERNAL;
-	else if (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
+	else if (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)
 		return FOREST;
 	else if (((domain->trust_flags & NETR_TRUST_FLAG_IN_FOREST) == NETR_TRUST_FLAG_IN_FOREST) &&
 	    ((domain->trust_flags & NETR_TRUST_FLAG_PRIMARY) == 0x0))
@@ -78,9 +78,9 @@ static bool trust_is_outbound(struct winbindd_tdc_domain *domain)
 
 static bool trust_is_transitive(struct winbindd_tdc_domain *domain)
 {
-	if ((domain->trust_attribs == NETR_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||         
-	    (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
-	    (domain->trust_attribs == NETR_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
+	if ((domain->trust_attribs == LSA_TRUST_ATTRIBUTE_NON_TRANSITIVE) ||
+	    (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_QUARANTINED_DOMAIN) ||
+	    (domain->trust_attribs == LSA_TRUST_ATTRIBUTE_TREAT_AS_EXTERNAL))
 		return False;
 	return True;
 }
diff --git a/source3/winbindd/winbindd_ndr.c b/source3/winbindd/winbindd_ndr.c
index b1fd6d715f5..37b7e02c359 100644
--- a/source3/winbindd/winbindd_ndr.c
+++ b/source3/winbindd/winbindd_ndr.c
@@ -21,6 +21,7 @@
 #include "winbindd.h"
 #include "../librpc/gen_ndr/ndr_netlogon.h"
 #include "../librpc/gen_ndr/ndr_security.h"
+#include "../librpc/gen_ndr/ndr_lsa.h"
 #include "../librpc/ndr/libndr.h"
 
 #undef DBGC_CLASS
@@ -133,8 +134,8 @@ void ndr_print_winbindd_domain(struct ndr_print *ndr,
 	ndr_print_string(ndr, "forest_name", r->forest_name);
 	ndr_print_dom_sid(ndr, "sid", &r->sid);
 	ndr_print_netr_TrustFlags(ndr, "domain_flags", r->domain_flags);
-	ndr_print_netr_TrustType(ndr, "domain_type", r->domain_type);
-	ndr_print_netr_TrustAttributes(ndr, "domain_trust_attribs", r->domain_trust_attribs);
+	ndr_print_lsa_TrustType(ndr, "domain_type", r->domain_type);
+	ndr_print_lsa_TrustAttributes(ndr, "domain_trust_attribs", r->domain_trust_attribs);
 	ndr_print_bool(ndr, "initialized", r->initialized);
 	ndr_print_bool(ndr, "native_mode", r->native_mode);
 	ndr_print_bool(ndr, "active_directory", r->active_directory);
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
index 435df381503..51dc2ea4f66 100644
--- a/source3/winbindd/winbindd_pam.c
+++ b/source3/winbindd/winbindd_pam.c
@@ -995,7 +995,7 @@ static NTSTATUS winbindd_dual_pam_auth_cached(struct winbindd_domain *domain,
 #ifdef HAVE_KRB5
 		if ((state->request->flags & WBFLAG_PAM_KRB5) &&
 		    ((tdc_domain = wcache_tdc_fetch_domain(state->mem_ctx, name_domain)) != NULL) &&
-		    ((tdc_domain->trust_type & NETR_TRUST_TYPE_UPLEVEL) ||
+		    ((tdc_domain->trust_type & LSA_TRUST_TYPE_UPLEVEL) ||
 		    /* used to cope with the case winbindd starting without network. */
 		    !strequal(tdc_domain->domain_name, tdc_domain->dns_name))) {
 
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index 35cc524baef..0b7e234c3b8 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -499,8 +499,8 @@ static void rescan_forest_trusts( void )
 			continue;
 
 		if ( (flags & NETR_TRUST_FLAG_INBOUND) &&
-		     (type == NETR_TRUST_TYPE_UPLEVEL) &&
-		     (attribs == NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) )
+		     (type == LSA_TRUST_TYPE_UPLEVEL) &&
+		     (attribs == LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) )
 		{
 			/* add the trusted domain if we don't know
 			   about it */
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index e22a614c7a1..6c09649aaa2 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -4375,7 +4375,7 @@ static NTSTATUS dcesrv_lsa_lsaRSetForestTrustInformation(struct dcesrv_call_stat
 
 	trust_attributes = ldb_msg_find_attr_as_uint(dom_res[i],
 						     "trustAttributes", 0);
-	if (!(trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)) {
+	if (!(trust_attributes & LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE)) {
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 9312247fae5..c5740f65c8c 100644
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -37,6 +37,7 @@
 #include "dsdb/samdb/ldb_modules/util.h"
 #include "lib/tsocket/tsocket.h"
 #include "librpc/gen_ndr/ndr_netlogon.h"
+#include "librpc/gen_ndr/ndr_lsa.h"
 #include "librpc/gen_ndr/ndr_irpc.h"
 #include "lib/socket/netif.h"
 
@@ -2295,8 +2296,8 @@ static WERROR fill_trusted_domains_array(TALLOC_CTX *mem_ctx,
 				ldb_msg_find_attr_as_uint(dom_res[i],
 						  "trustAttributes", 0);
 
-		if ((trusts->array[n].trust_type == NETR_TRUST_TYPE_MIT) ||
-		    (trusts->array[n].trust_type == NETR_TRUST_TYPE_DCE)) {
+		if ((trusts->array[n].trust_type == LSA_TRUST_TYPE_MIT) ||
+		    (trusts->array[n].trust_type == LSA_TRUST_TYPE_DCE)) {
 			struct dom_sid zero_sid;
 			ZERO_STRUCT(zero_sid);
 			trusts->array[n].sid =
@@ -2402,7 +2403,7 @@ static WERROR dcesrv_netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce
 			NETR_TRUST_FLAG_PRIMARY;
 		/* we are always the root domain for now */
 		trusts->array[n].parent_index = 0;
-		trusts->array[n].trust_type = NETR_TRUST_TYPE_UPLEVEL;
+		trusts->array[n].trust_type = LSA_TRUST_TYPE_UPLEVEL;
 		trusts->array[n].trust_attributes = 0;
 		trusts->array[n].sid = samdb_result_dom_sid(mem_ctx,
 							    dom_res[0],
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index f09fed2e68b..0737a0e703b 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -2101,7 +2101,7 @@ static bool test_query_each_TrustDomEx(struct dcerpc_binding_handle *b,
 
 	for (i=0; i< domains->count; i++) {
 
-		if (domains->domains[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
+		if (domains->domains[i].trust_attributes & LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
 			ret &= test_QueryForestTrustInformation(b, tctx, handle,
 								domains->domains[i].domain_name.string);
 		}
diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 76135a3a095..a2450cf1c25 100644
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -2553,7 +2553,7 @@ static bool test_DsrEnumerateDomainTrusts(struct torture_context *tctx,
 
 		/* get info for transitive forest trusts */
 
-		if (r.out.trusts->array[i].trust_attributes & NETR_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
+		if (r.out.trusts->array[i].trust_attributes & LSA_TRUST_ATTRIBUTE_FOREST_TRANSITIVE) {
 			if (!test_netr_DsRGetForestTrustInformation(tctx, p,
 								    r.out.trusts->array[i].dns_name)) {
 				return false;