--- ../orig/source/include/rpc_lsa.h Fri Jul 26 15:59:35 2002 +++ source/include/rpc_lsa.h Mon Jul 29 14:30:24 2002 @@ -73,6 +73,7 @@ #define LSA_RETRPRIVDATA 0x2b #define LSA_OPENPOLICY2 0x2c #define LSA_UNK_GET_CONNUSER 0x2d /* LsaGetConnectedCredentials ? */ +#define LSA_QUERYINFO2 0x2e /* XXXX these are here to get a compile! */ #define LSA_LOOKUPRIDS 0xFD @@ -260,6 +261,46 @@ NTSTATUS status; /* return code */ } LSA_R_QUERY_INFO; + +/* LSA_DNS_DOM_INFO - DNS domain info - info class 12*/ +typedef struct lsa_dns_dom_info +{ + UNIHDR hdr_nb_dom_name; /* netbios domain name */ + UNISTR2 uni_nb_dom_name; + + uint32 ptr_dns_dom_name; /* dns domain name */ + UNIHDR hdr_dns_dom_name; + UNISTR2 uni_dns_dom_name; + + uint32 ptr_forest_name; /* forest name */ + UNIHDR hdr_forest_name; + UNISTR2 uni_forest_name; + + uint32 ptr_dom_guid; + GUID dom_guid; /* domain GUID */ + uint32 ptr_dom_sid; + DOM_SID2 dom_sid; /* domain SID */ +} LSA_DNS_DOM_INFO; + +typedef union lsa_info2_union +{ + LSA_DNS_DOM_INFO dns_dom_info; +} LSA_INFO2_UNION; + +/* LSA_Q_QUERY_INFO2 - LSA query info */ +typedef struct lsa_q_query_info2 +{ + POLICY_HND pol; /* policy handle */ + uint16 info_class; /* info class */ +} LSA_Q_QUERY_INFO2; + +typedef struct lsa_r_query_info2 +{ + uint32 ptr; /* pointer to info struct */ + uint16 info_class; + LSA_INFO2_UNION info; /* so far the only one */ + NTSTATUS status; +} LSA_R_QUERY_INFO2; /* LSA_Q_ENUM_TRUST_DOM - LSA enumerate trusted domains */ typedef struct lsa_enum_trust_dom_info --- ../orig/source/rpc_parse/parse_lsa.c Fri Jul 26 15:59:46 2002 +++ source/rpc_parse/parse_lsa.c Mon Jul 29 14:28:45 2002 @@ -3,8 +3,9 @@ * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-1997, * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997. - * Copyright (C) Andrew Bartlett 2002. + * Copyright (C) Paul Ashton 1997, + * Copyright (C) Andrew Bartlett 2002, + * Copyright (C) Jim McDonough 2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -2116,4 +2117,116 @@ ZERO_STRUCT(zero_pol); return ((memcmp(&zero_pol, hnd, sizeof(POLICY_HND)) == 0) ? False : True ); +} + +/******************************************************************* + Reads or writes an LSA_DNS_DOM_INFO structure. +********************************************************************/ + +BOOL lsa_io_dns_dom_info(char *desc, LSA_DNS_DOM_INFO *info, + prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_dns_dom_info"); + depth++; + + if(!prs_align(ps)) + return False; + if(!smb_io_unihdr("nb_name", &info->hdr_nb_dom_name, ps, depth)) + return False; + if(!smb_io_unistr2("", &info->uni_nb_dom_name, + info->hdr_nb_dom_name.buffer, ps, depth)) + return False; + + if(!prs_align(ps)) + return False; + if(!prs_uint32("dns_name", ps, depth, &info->ptr_dns_dom_name)) + return False; + if(!smb_io_unihdr("", &info->hdr_dns_dom_name, ps, depth)) + return False; + if(!smb_io_unistr2("", &info->uni_dns_dom_name, + info->hdr_dns_dom_name.buffer, ps, depth)) + return False; + + if(!prs_align(ps)) + return False; + if(!prs_uint32("dns_name", ps, depth, &info->ptr_dns_dom_name)) + return False; + if(!smb_io_unihdr("", &info->hdr_forest_name, ps, depth)) + return False; + if(!smb_io_unistr2("", &info->uni_forest_name, + info->hdr_forest_name.buffer, ps, depth)) + return False; + + if(!prs_align(ps)) + return False; + if(!prs_uint32("dom_guid", ps, depth, &info->ptr_dom_guid)) + return False; + if (!prs_uint8s(False, "", ps, depth, info->dom_guid.info, GUID_SIZE)) + return False; + + if(!prs_align(ps)) + return False; + if(!prs_uint32("dom_sid", ps, depth, &info->ptr_dom_sid)) + return False; + if(!smb_io_dom_sid2("", &info->dom_sid, ps, depth)) + return False; + + return True; + +} + +/******************************************************************* + Reads or writes an LSA_Q_QUERY_DNSDOMINFO structure. +********************************************************************/ + +BOOL lsa_io_q_query_info2(char *desc, LSA_Q_QUERY_INFO2 *q_c, + prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_query_info2"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("pol", &q_c->pol, ps, depth)) + return False; + + if(!prs_uint16("info_class", ps, depth, &q_c->info_class)) + return False; + + return True; +} + +/******************************************************************* + Reads or writes an LSA_R_QUERY_DNSDOMINFO structure. +********************************************************************/ + +BOOL lsa_io_r_query_info2(char *desc, LSA_R_QUERY_INFO2 *r_c, + prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_query_info2"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!prs_uint32("ptr", ps, depth, &r_c->ptr)) + return False; + if(!prs_uint16("info_class", ps, depth, &r_c->info_class)) + return False; + switch(r_c->info_class) { + case 0x000c: + if (!lsa_io_dns_dom_info("info12", &r_c->info.dns_dom_info, + ps, depth)) + return False; + break; + default: + DEBUG(0,("lsa_io_r_query_info2: unknown info class %d\n", + r_c->info_class)); + return False; + } + if(!prs_ntstatus("status", ps, depth, &r_c->status)) + return False; + + return True; } --- ../orig/source/rpc_server/srv_lsa.c Fri Jul 26 15:59:46 2002 +++ source/rpc_server/srv_lsa.c Mon Jul 29 14:30:35 2002 @@ -3,8 +3,9 @@ * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-1997, * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997. - * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Paul Ashton 1997, + * Copyright (C) Jeremy Allison 2001, + * Copyright (C) Jim McDonough 2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -610,6 +611,37 @@ } /*************************************************************************** + api_lsa_query_dnsdomainfo + ***************************************************************************/ + +static BOOL api_lsa_query_info2(pipes_struct *p) +{ + LSA_Q_QUERY_INFO2 q_u; + LSA_R_QUERY_INFO2 r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!lsa_io_q_query_info2("", &q_u, data, 0)) { + DEBUG(0,("api_lsa_query_info2: failed to unmarshall LSA_Q_QUERY_INFO2.\n")); + return False; + } + + r_u.status = _lsa_query_info2(p, &q_u, &r_u); + + if (!lsa_io_r_query_info2("", &r_u, rdata, 0)) { + DEBUG(0,("api_lsa_query_info2: failed to marshall LSA_R_QUERY_INFO2.\n")); + return False; + } + + return True; +} + + +/*************************************************************************** \PIPE\ntlsa commands ***************************************************************************/ @@ -634,6 +666,7 @@ { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs }, { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs }, { "LSA_QUERYSECOBJ" , LSA_QUERYSECOBJ , api_lsa_query_secobj }, + { "LSA_QUERYINFO2" , LSA_QUERYINFO2 , api_lsa_query_info2 }, { NULL , 0 , NULL } }; --- ../orig/source/rpc_server/srv_lsa_nt.c Fri Jul 26 15:59:46 2002 +++ source/rpc_server/srv_lsa_nt.c Mon Jul 29 14:27:23 2002 @@ -5,7 +5,8 @@ * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, * Copyright (C) Paul Ashton 1997, * Copyright (C) Jeremy Allison 2001, - * Copyright (C) Rafal Szczesniak 2002. + * Copyright (C) Rafal Szczesniak 2002, + * Copyright (C) Jim McDonough 2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -342,6 +343,51 @@ } /*************************************************************************** + init_dns_dom_info. + ***************************************************************************/ +static void init_dns_dom_info(LSA_DNS_DOM_INFO *r_l, char *nb_name, + char *dns_name, char *forest_name, + GUID *dom_guid, DOM_SID *dom_sid) +{ + if (nb_name && *nb_name) { + init_uni_hdr(&r_l->hdr_nb_dom_name, strlen(nb_name)); + init_unistr2(&r_l->uni_nb_dom_name, nb_name, + strlen(nb_name)); + r_l->hdr_nb_dom_name.uni_max_len++; + r_l->uni_nb_dom_name.uni_max_len += 2; + } + + if (dns_name && *dns_name) { + r_l->ptr_dns_dom_name = 1; + init_uni_hdr(&r_l->hdr_dns_dom_name, strlen(dns_name)); + init_unistr2(&r_l->uni_dns_dom_name, dns_name, + strlen(dns_name)); + r_l->hdr_dns_dom_name.uni_max_len++; + r_l->uni_dns_dom_name.uni_max_len += 2; + } + + if (forest_name && *forest_name) { + r_l->ptr_forest_name = 1; + init_uni_hdr(&r_l->hdr_forest_name, strlen(forest_name)); + init_unistr2(&r_l->uni_forest_name, forest_name, + strlen(forest_name)); + r_l->hdr_forest_name.uni_max_len++; + r_l->uni_forest_name.uni_max_len += 2; + } + + /* how do we init the guid ? probably should write an init fn */ + if (dom_guid) { + r_l->ptr_dom_guid = 1; + memcpy(&r_l->dom_guid, dom_guid, sizeof(GUID)); + } + + if (dom_sid) { + r_l->ptr_dom_sid = 1; + init_dom_sid2(&r_l->dom_sid, dom_sid); + } +} + +/*************************************************************************** _lsa_open_policy2. ***************************************************************************/ @@ -1166,3 +1212,51 @@ } +NTSTATUS _lsa_query_info2(pipes_struct *p, LSA_Q_QUERY_INFO2 *q_u, LSA_R_QUERY_INFO2 *r_u) +{ + struct lsa_info *handle; + char *nb_name = NULL; + char *dns_name = NULL; + char *forest_name = NULL; + DOM_SID *sid = NULL; + GUID *guid = NULL; + + r_u->status = NT_STATUS_OK; + + if (!find_policy_by_hnd(p, &q_u->pol, (void **)&handle)) + return NT_STATUS_INVALID_HANDLE; + + switch (q_u->info_class) { + case 0x0c: + /* check if the user have enough rights */ + if (!(handle->access & POLICY_VIEW_LOCAL_INFORMATION)) + return NT_STATUS_ACCESS_DENIED; + + /* Request PolicyPrimaryDomainInformation. */ + switch (lp_server_role()) { + case ROLE_DOMAIN_PDC: + case ROLE_DOMAIN_BDC: + nb_name = global_myworkgroup; + /* ugly temp hack for these next two */ + dns_name = lp_realm(); + forest_name = lp_realm(); + sid = get_global_sam_sid(); + break; + default: + return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; + } + init_dns_dom_info(&r_u->info.dns_dom_info, nb_name, dns_name, + forest_name,guid,sid); + break; + default: + DEBUG(0,("_lsa_query_info2: unknown info level in Lsa Query: %d\n", q_u->info_class)); + r_u->status = NT_STATUS_INVALID_INFO_CLASS; + break; + } + + if (NT_STATUS_IS_OK(r_u->status)) { + r_u->info_class = q_u->info_class; + } + + return r_u->status; +}