The branch, master has been updated
via 2a26b2ac87b3a07a29ec1db128f42059ef2e4998 (commit)
via 3eea254e5bfacdac1d7bb2b72863a31e0c850968 (commit)
via 864e8097525c2f4b05e139e78dd40dea42ab2c39 (commit)
via d1903cb7f2269c3eeb27ae05f734cbd8a542ee7f (commit)
via 7e9f8f0f951912943208af8cdb47c6b733b0d82c (commit)
via 27c39a280460a1ae94bd2936535263c77729af5a (commit)
via 7194fc6a690722e5c896ee367bcba659d131fa85 (commit)
via 1a862349e153250c7bad540f584bceea19738021 (commit)
via f848f4f4d3e3d3920ea1c6b94bb28ce7e7cdb73d (commit)
via dee787cb774452525fe10b13e3d5210f31dcb3eb (commit)
via 9ac5f5c8ce6b82d26ed6efc4632e08182d2fda39 (commit)
from b180fe34a71a595d0dea8e72877149361b531e02 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2a26b2ac87b3a07a29ec1db128f42059ef2e4998
Author: Günther Deschner <g...@samba.org>
Date: Thu Jul 16 18:45:29 2009 +0200
s3-lsa: Fix access_mask calculation for new handle in _lsa_CreateAccount().
Guenther
commit 3eea254e5bfacdac1d7bb2b72863a31e0c850968
Author: Günther Deschner <g...@samba.org>
Date: Thu Jul 16 16:32:04 2009 +0200
s3-lsa: add (not yet activate) level specific access checks for
_lsa_QueryInfoPolicy.
Guenther
commit 864e8097525c2f4b05e139e78dd40dea42ab2c39
Author: Günther Deschner <g...@samba.org>
Date: Thu Jul 16 16:28:11 2009 +0200
s3-lsa: also implement level 13 in lsa_QueryInfoPolicy.
Guenther
commit d1903cb7f2269c3eeb27ae05f734cbd8a542ee7f
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 13:44:55 2009 +0200
s3-lsa: Fix policy handle memleak and handle type check in
_lsa_DeleteObject().
Guenther
commit 7e9f8f0f951912943208af8cdb47c6b733b0d82c
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 13:37:08 2009 +0200
s3-rpcclient: add LSA storeprivatedata command.
Guenther
commit 27c39a280460a1ae94bd2936535263c77729af5a
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 13:30:37 2009 +0200
s3-rpcclient: add LSA retrieveprivatedata command.
Guenther
commit 7194fc6a690722e5c896ee367bcba659d131fa85
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 12:56:30 2009 +0200
s3-rpcclient: add LSA setsecret command.
Guenther
commit 1a862349e153250c7bad540f584bceea19738021
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 12:03:58 2009 +0200
s3-rpcclient: add LSA querysecret command.
Guenther
commit f848f4f4d3e3d3920ea1c6b94bb28ce7e7cdb73d
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 11:58:10 2009 +0200
s3-rpcclient: add LSA deletesecret command.
Guenther
commit dee787cb774452525fe10b13e3d5210f31dcb3eb
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 11:54:49 2009 +0200
s3-rpcclient: add LSA createsecret command.
Guenther
commit 9ac5f5c8ce6b82d26ed6efc4632e08182d2fda39
Author: Günther Deschner <g...@samba.org>
Date: Fri Jul 17 13:09:26 2009 +0200
lsa: fill in lsa_StorePrivateData and lsa_RetrievePrivateData and rerun
make samba3-idl.
Guenther
-----------------------------------------------------------------------
Summary of changes:
librpc/gen_ndr/cli_lsa.c | 17 ++-
librpc/gen_ndr/cli_lsa.h | 10 +-
librpc/gen_ndr/lsa.h | 13 ++
librpc/gen_ndr/ndr_lsa.c | 163 +++++++++++++++++
librpc/gen_ndr/srv_lsa.c | 4 +
librpc/idl/lsa.idl | 14 ++-
source3/rpc_server/srv_lsa_nt.c | 133 +++++++++++---
source3/rpcclient/cmd_lsarpc.c | 366 +++++++++++++++++++++++++++++++++++++++
8 files changed, 684 insertions(+), 36 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/gen_ndr/cli_lsa.c b/librpc/gen_ndr/cli_lsa.c
index 9336253..04cf38a 100644
--- a/librpc/gen_ndr/cli_lsa.c
+++ b/librpc/gen_ndr/cli_lsa.c
@@ -1796,12 +1796,18 @@ NTSTATUS rpccli_lsa_DeleteTrustedDomain(struct
rpc_pipe_client *cli,
}
NTSTATUS rpccli_lsa_StorePrivateData(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx)
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle /* [in] [ref]
*/,
+ struct lsa_String *name /* [in] [ref] */,
+ struct lsa_DATA_BUF *val /* [in] [unique]
*/)
{
struct lsa_StorePrivateData r;
NTSTATUS status;
/* In parameters */
+ r.in.handle = handle;
+ r.in.name = name;
+ r.in.val = val;
if (DEBUGLEVEL >= 10) {
NDR_PRINT_IN_DEBUG(lsa_StorePrivateData, &r);
@@ -1832,12 +1838,18 @@ NTSTATUS rpccli_lsa_StorePrivateData(struct
rpc_pipe_client *cli,
}
NTSTATUS rpccli_lsa_RetrievePrivateData(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx)
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle /* [in]
[ref] */,
+ struct lsa_String *name /* [in] [ref]
*/,
+ struct lsa_DATA_BUF **val /* [in,out]
[ref] */)
{
struct lsa_RetrievePrivateData r;
NTSTATUS status;
/* In parameters */
+ r.in.handle = handle;
+ r.in.name = name;
+ r.in.val = val;
if (DEBUGLEVEL >= 10) {
NDR_PRINT_IN_DEBUG(lsa_RetrievePrivateData, &r);
@@ -1862,6 +1874,7 @@ NTSTATUS rpccli_lsa_RetrievePrivateData(struct
rpc_pipe_client *cli,
}
/* Return variables */
+ *val = *r.out.val;
/* Return result */
return r.out.result;
diff --git a/librpc/gen_ndr/cli_lsa.h b/librpc/gen_ndr/cli_lsa.h
index 8dbd733..10c4085 100644
--- a/librpc/gen_ndr/cli_lsa.h
+++ b/librpc/gen_ndr/cli_lsa.h
@@ -214,9 +214,15 @@ NTSTATUS rpccli_lsa_DeleteTrustedDomain(struct
rpc_pipe_client *cli,
struct policy_handle *handle /* [in]
[ref] */,
struct dom_sid2 *dom_sid /* [in] [ref]
*/);
NTSTATUS rpccli_lsa_StorePrivateData(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx);
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle /* [in] [ref]
*/,
+ struct lsa_String *name /* [in] [ref] */,
+ struct lsa_DATA_BUF *val /* [in] [unique]
*/);
NTSTATUS rpccli_lsa_RetrievePrivateData(struct rpc_pipe_client *cli,
- TALLOC_CTX *mem_ctx);
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle /* [in]
[ref] */,
+ struct lsa_String *name /* [in] [ref]
*/,
+ struct lsa_DATA_BUF **val /* [in,out]
[ref] */);
NTSTATUS rpccli_lsa_OpenPolicy2(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
const char *system_name /* [in]
[unique,charset(UTF16)] */,
diff --git a/librpc/gen_ndr/lsa.h b/librpc/gen_ndr/lsa.h
index 06fa445..9ee5fab 100644
--- a/librpc/gen_ndr/lsa.h
+++ b/librpc/gen_ndr/lsa.h
@@ -1333,6 +1333,12 @@ struct lsa_DeleteTrustedDomain {
struct lsa_StorePrivateData {
struct {
+ struct policy_handle *handle;/* [ref] */
+ struct lsa_String *name;/* [ref] */
+ struct lsa_DATA_BUF *val;/* [unique] */
+ } in;
+
+ struct {
NTSTATUS result;
} out;
@@ -1341,6 +1347,13 @@ struct lsa_StorePrivateData {
struct lsa_RetrievePrivateData {
struct {
+ struct policy_handle *handle;/* [ref] */
+ struct lsa_String *name;/* [ref] */
+ struct lsa_DATA_BUF **val;/* [ref] */
+ } in;
+
+ struct {
+ struct lsa_DATA_BUF **val;/* [ref] */
NTSTATUS result;
} out;
diff --git a/librpc/gen_ndr/ndr_lsa.c b/librpc/gen_ndr/ndr_lsa.c
index 2b12bbf..b8ba679 100644
--- a/librpc/gen_ndr/ndr_lsa.c
+++ b/librpc/gen_ndr/ndr_lsa.c
@@ -9225,6 +9225,18 @@ _PUBLIC_ void ndr_print_lsa_DeleteTrustedDomain(struct
ndr_print *ndr, const cha
static enum ndr_err_code ndr_push_lsa_StorePrivateData(struct ndr_push *ndr,
int flags, const struct lsa_StorePrivateData *r)
{
if (flags & NDR_IN) {
+ if (r->in.handle == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER,
"NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS,
r->in.handle));
+ if (r->in.name == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER,
"NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS,
r->in.name));
+ NDR_CHECK(ndr_push_unique_ptr(ndr, r->in.val));
+ if (r->in.val) {
+ NDR_CHECK(ndr_push_lsa_DATA_BUF(ndr,
NDR_SCALARS|NDR_BUFFERS, r->in.val));
+ }
}
if (flags & NDR_OUT) {
NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result));
@@ -9234,7 +9246,37 @@ static enum ndr_err_code
ndr_push_lsa_StorePrivateData(struct ndr_push *ndr, int
static enum ndr_err_code ndr_pull_lsa_StorePrivateData(struct ndr_pull *ndr,
int flags, struct lsa_StorePrivateData *r)
{
+ uint32_t _ptr_val;
+ TALLOC_CTX *_mem_save_handle_0;
+ TALLOC_CTX *_mem_save_name_0;
+ TALLOC_CTX *_mem_save_val_0;
if (flags & NDR_IN) {
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.handle);
+ }
+ _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS,
r->in.handle));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0,
LIBNDR_FLAG_REF_ALLOC);
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.name);
+ }
+ _mem_save_name_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.name, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS,
r->in.name));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0,
LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_val));
+ if (_ptr_val) {
+ NDR_PULL_ALLOC(ndr, r->in.val);
+ } else {
+ r->in.val = NULL;
+ }
+ if (r->in.val) {
+ _mem_save_val_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.val, 0);
+ NDR_CHECK(ndr_pull_lsa_DATA_BUF(ndr,
NDR_SCALARS|NDR_BUFFERS, r->in.val));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_val_0, 0);
+ }
}
if (flags & NDR_OUT) {
NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result));
@@ -9252,6 +9294,20 @@ _PUBLIC_ void ndr_print_lsa_StorePrivateData(struct
ndr_print *ndr, const char *
if (flags & NDR_IN) {
ndr_print_struct(ndr, "in", "lsa_StorePrivateData");
ndr->depth++;
+ ndr_print_ptr(ndr, "handle", r->in.handle);
+ ndr->depth++;
+ ndr_print_policy_handle(ndr, "handle", r->in.handle);
+ ndr->depth--;
+ ndr_print_ptr(ndr, "name", r->in.name);
+ ndr->depth++;
+ ndr_print_lsa_String(ndr, "name", r->in.name);
+ ndr->depth--;
+ ndr_print_ptr(ndr, "val", r->in.val);
+ ndr->depth++;
+ if (r->in.val) {
+ ndr_print_lsa_DATA_BUF(ndr, "val", r->in.val);
+ }
+ ndr->depth--;
ndr->depth--;
}
if (flags & NDR_OUT) {
@@ -9266,8 +9322,30 @@ _PUBLIC_ void ndr_print_lsa_StorePrivateData(struct
ndr_print *ndr, const char *
static enum ndr_err_code ndr_push_lsa_RetrievePrivateData(struct ndr_push
*ndr, int flags, const struct lsa_RetrievePrivateData *r)
{
if (flags & NDR_IN) {
+ if (r->in.handle == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER,
"NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS,
r->in.handle));
+ if (r->in.name == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER,
"NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS,
r->in.name));
+ if (r->in.val == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER,
"NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_unique_ptr(ndr, *r->in.val));
+ if (*r->in.val) {
+ NDR_CHECK(ndr_push_lsa_DATA_BUF(ndr,
NDR_SCALARS|NDR_BUFFERS, *r->in.val));
+ }
}
if (flags & NDR_OUT) {
+ if (r->out.val == NULL) {
+ return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER,
"NULL [ref] pointer");
+ }
+ NDR_CHECK(ndr_push_unique_ptr(ndr, *r->out.val));
+ if (*r->out.val) {
+ NDR_CHECK(ndr_push_lsa_DATA_BUF(ndr,
NDR_SCALARS|NDR_BUFFERS, *r->out.val));
+ }
NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result));
}
return NDR_ERR_SUCCESS;
@@ -9275,9 +9353,68 @@ static enum ndr_err_code
ndr_push_lsa_RetrievePrivateData(struct ndr_push *ndr,
static enum ndr_err_code ndr_pull_lsa_RetrievePrivateData(struct ndr_pull
*ndr, int flags, struct lsa_RetrievePrivateData *r)
{
+ uint32_t _ptr_val;
+ TALLOC_CTX *_mem_save_handle_0;
+ TALLOC_CTX *_mem_save_name_0;
+ TALLOC_CTX *_mem_save_val_0;
+ TALLOC_CTX *_mem_save_val_1;
if (flags & NDR_IN) {
+ ZERO_STRUCT(r->out);
+
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.handle);
+ }
+ _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS,
r->in.handle));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0,
LIBNDR_FLAG_REF_ALLOC);
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.name);
+ }
+ _mem_save_name_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.name, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_lsa_String(ndr, NDR_SCALARS|NDR_BUFFERS,
r->in.name));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_name_0,
LIBNDR_FLAG_REF_ALLOC);
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->in.val);
+ }
+ _mem_save_val_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->in.val, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_val));
+ if (_ptr_val) {
+ NDR_PULL_ALLOC(ndr, *r->in.val);
+ } else {
+ *r->in.val = NULL;
+ }
+ if (*r->in.val) {
+ _mem_save_val_1 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, *r->in.val, 0);
+ NDR_CHECK(ndr_pull_lsa_DATA_BUF(ndr,
NDR_SCALARS|NDR_BUFFERS, *r->in.val));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_val_1, 0);
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_val_0,
LIBNDR_FLAG_REF_ALLOC);
+ NDR_PULL_ALLOC(ndr, r->out.val);
+ *r->out.val = *r->in.val;
}
if (flags & NDR_OUT) {
+ if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) {
+ NDR_PULL_ALLOC(ndr, r->out.val);
+ }
+ _mem_save_val_0 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, r->out.val, LIBNDR_FLAG_REF_ALLOC);
+ NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_val));
+ if (_ptr_val) {
+ NDR_PULL_ALLOC(ndr, *r->out.val);
+ } else {
+ *r->out.val = NULL;
+ }
+ if (*r->out.val) {
+ _mem_save_val_1 = NDR_PULL_GET_MEM_CTX(ndr);
+ NDR_PULL_SET_MEM_CTX(ndr, *r->out.val, 0);
+ NDR_CHECK(ndr_pull_lsa_DATA_BUF(ndr,
NDR_SCALARS|NDR_BUFFERS, *r->out.val));
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_val_1, 0);
+ }
+ NDR_PULL_SET_MEM_CTX(ndr, _mem_save_val_0,
LIBNDR_FLAG_REF_ALLOC);
NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result));
}
return NDR_ERR_SUCCESS;
@@ -9293,11 +9430,37 @@ _PUBLIC_ void ndr_print_lsa_RetrievePrivateData(struct
ndr_print *ndr, const cha
if (flags & NDR_IN) {
ndr_print_struct(ndr, "in", "lsa_RetrievePrivateData");
ndr->depth++;
+ ndr_print_ptr(ndr, "handle", r->in.handle);
+ ndr->depth++;
+ ndr_print_policy_handle(ndr, "handle", r->in.handle);
+ ndr->depth--;
+ ndr_print_ptr(ndr, "name", r->in.name);
+ ndr->depth++;
+ ndr_print_lsa_String(ndr, "name", r->in.name);
+ ndr->depth--;
+ ndr_print_ptr(ndr, "val", r->in.val);
+ ndr->depth++;
+ ndr_print_ptr(ndr, "val", *r->in.val);
+ ndr->depth++;
+ if (*r->in.val) {
+ ndr_print_lsa_DATA_BUF(ndr, "val", *r->in.val);
+ }
+ ndr->depth--;
+ ndr->depth--;
ndr->depth--;
}
if (flags & NDR_OUT) {
ndr_print_struct(ndr, "out", "lsa_RetrievePrivateData");
ndr->depth++;
+ ndr_print_ptr(ndr, "val", r->out.val);
+ ndr->depth++;
+ ndr_print_ptr(ndr, "val", *r->out.val);
+ ndr->depth++;
+ if (*r->out.val) {
+ ndr_print_lsa_DATA_BUF(ndr, "val", *r->out.val);
+ }
+ ndr->depth--;
+ ndr->depth--;
ndr_print_NTSTATUS(ndr, "result", r->out.result);
ndr->depth--;
}
diff --git a/librpc/gen_ndr/srv_lsa.c b/librpc/gen_ndr/srv_lsa.c
index c86d085..f1b4a06 100644
--- a/librpc/gen_ndr/srv_lsa.c
+++ b/librpc/gen_ndr/srv_lsa.c
@@ -3366,6 +3366,8 @@ static bool api_lsa_RetrievePrivateData(pipes_struct *p)
NDR_PRINT_IN_DEBUG(lsa_RetrievePrivateData, r);
}
+ ZERO_STRUCT(r->out);
+ r->out.val = r->in.val;
r->out.result = _lsa_RetrievePrivateData(p, r);
if (p->rng_fault_state) {
@@ -6810,6 +6812,8 @@ NTSTATUS rpc_lsarpc_dispatch(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx, c
case NDR_LSA_RETRIEVEPRIVATEDATA: {
struct lsa_RetrievePrivateData *r = (struct
lsa_RetrievePrivateData *)_r;
+ ZERO_STRUCT(r->out);
+ r->out.val = r->in.val;
r->out.result =
_lsa_RetrievePrivateData(cli->pipes_struct, r);
return NT_STATUS_OK;
}
diff --git a/librpc/idl/lsa.idl b/librpc/idl/lsa.idl
index 3d7077c..7f8ed4a 100644
--- a/librpc/idl/lsa.idl
+++ b/librpc/idl/lsa.idl
@@ -935,10 +935,18 @@ import "misc.idl", "security.idl";
);
/* Function: 0x2a */
- [todo] NTSTATUS lsa_StorePrivateData();
- /* Function: 0x2b */
- [todo] NTSTATUS lsa_RetrievePrivateData();
+ NTSTATUS lsa_StorePrivateData(
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *name,
+ [in,unique] lsa_DATA_BUF *val
+ );
+ /* Function: 0x2b */
+ NTSTATUS lsa_RetrievePrivateData(
+ [in] policy_handle *handle,
+ [in,ref] lsa_String *name,
+ [in,out,ref] lsa_DATA_BUF **val
+ );
/**********************/
/* Function: 0x2c */
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 1a6d3ba..6fb8327 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -505,6 +505,7 @@ NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p,
const char *name;
DOM_SID *sid = NULL;
union lsa_PolicyInformation *info = NULL;
+ uint32_t acc_required = 0;
if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
return NT_STATUS_INVALID_HANDLE;
@@ -513,6 +514,47 @@ NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
}
+ switch (r->in.level) {
+ case LSA_POLICY_INFO_AUDIT_LOG:
+ case LSA_POLICY_INFO_AUDIT_EVENTS:
+ acc_required = LSA_POLICY_VIEW_AUDIT_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_DOMAIN:
+ acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_PD:
+ acc_required = LSA_POLICY_GET_PRIVATE_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_ACCOUNT_DOMAIN:
+ acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_ROLE:
+ case LSA_POLICY_INFO_REPLICA:
+ acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_QUOTA:
+ acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_MOD:
+ case LSA_POLICY_INFO_AUDIT_FULL_SET:
+ /* according to MS-LSAD 3.1.4.4.3 */
+ return NT_STATUS_INVALID_PARAMETER;
+ case LSA_POLICY_INFO_AUDIT_FULL_QUERY:
+ acc_required = LSA_POLICY_VIEW_AUDIT_INFORMATION;
+ break;
+ case LSA_POLICY_INFO_DNS:
+ case LSA_POLICY_INFO_DNS_INT:
+ case LSA_POLICY_INFO_L_ACCOUNT_DOMAIN:
+ acc_required = LSA_POLICY_VIEW_LOCAL_INFORMATION;
+ break;
+ default:
+ break;
+ }
+
+ if (!(handle->access & acc_required)) {
+ /* return NT_STATUS_ACCESS_DENIED; */
+ }
+
info = TALLOC_ZERO_P(p->mem_ctx, union lsa_PolicyInformation);
if (!info) {
return NT_STATUS_NO_MEMORY;
@@ -620,7 +662,8 @@ NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p,
break;
}
break;
- case LSA_POLICY_INFO_DNS: {
+ case LSA_POLICY_INFO_DNS:
+ case LSA_POLICY_INFO_DNS_INT: {
struct pdb_domain_info *dominfo;
if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
@@ -659,6 +702,28 @@ NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p,
}
/***************************************************************************
+ _lsa_QueryInfoPolicy2
+ ***************************************************************************/
+
+NTSTATUS _lsa_QueryInfoPolicy2(pipes_struct *p,
+ struct lsa_QueryInfoPolicy2 *r2)
+{
+ struct lsa_QueryInfoPolicy r;
+
+ if ((pdb_capabilities() & PDB_CAP_ADS) == 0) {
+ p->rng_fault_state = True;
+ return NT_STATUS_NOT_IMPLEMENTED;
+ }
+
+ ZERO_STRUCT(r);
+ r.in.handle = r2->in.handle;
+ r.in.level = r2->in.level;
+ r.out.info = r2->out.info;
+
+ return _lsa_QueryInfoPolicy(p, &r);
+}
+
+/***************************************************************************
_lsa_lookup_sids_internal
***************************************************************************/
@@ -1304,12 +1369,22 @@ NTSTATUS _lsa_DeleteObject(pipes_struct *p,
return NT_STATUS_ACCESS_DENIED;
}
- status = privilege_delete_account(&info->sid);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(10,("_lsa_DeleteObject: privilege_delete_account gave:
%s\n",
- nt_errstr(status)));
+ switch (info->type) {
+ case LSA_HANDLE_ACCOUNT_TYPE:
+ status = privilege_delete_account(&info->sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("_lsa_DeleteObject: privilege_delete_account
gave: %s\n",
+ nt_errstr(status)));
+ return status;
+ }
+ break;
+ default:
+ return NT_STATUS_INVALID_HANDLE;
}
+ close_policy_hnd(p, r->in.handle);
+ ZERO_STRUCTP(r->out.handle);
+
return status;
}
@@ -1562,8 +1637,12 @@ NTSTATUS _lsa_GetUserName(pipes_struct *p,
--
Samba Shared Repository
