summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--source4/librpc/idl/lsa.idl19
-rw-r--r--source4/rpc_server/lsa/dcesrv_lsa.c32
-rw-r--r--source4/torture/rpc/lsa.c27
3 files changed, 60 insertions, 18 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 1134110163..42891eecf7 100644
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -36,9 +36,13 @@
} lsa_String;
typedef struct {
+ uint32 low;
+ uint32 high;
+ } lsa_LUID;
+
+ typedef struct {
lsa_String name;
- uint32 luid_low;
- uint32 luid_high;
+ lsa_LUID luid;
} lsa_PrivEntry;
typedef struct {
@@ -359,11 +363,6 @@
/* Function: 0x12 */
typedef struct {
- uint32 low;
- uint32 high;
- } lsa_LUID;
-
- typedef struct {
lsa_LUID luid;
uint32 attribute;
} lsa_LUIDAttribute;
@@ -540,7 +539,11 @@
);
/* Function: 0x1f */
- NTSTATUS lsa_LookupPrivValue();
+ NTSTATUS lsa_LookupPrivValue(
+ [in,ref] policy_handle *handle,
+ [in,ref] lsa_String *name,
+ [out,ref] lsa_LUID *luid
+ );
/* Function: 0x20 */
diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 8ebbca5186..71978caeb4 100644
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -122,8 +122,8 @@ static NTSTATUS lsa_EnumPrivs(struct dcesrv_call_state *dce_call, TALLOC_CTX *me
return NT_STATUS_NO_MEMORY;
}
e = &r->out.privs->privs[r->out.privs->count];
- e->luid_low = i;
- e->luid_high = 0;
+ e->luid.low = i;
+ e->luid.high = 0;
e->name.string = privname;
r->out.privs->count++;
i++;
@@ -821,18 +821,36 @@ static NTSTATUS lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX *
/*
lsa_LookupPrivValue
*/
-static NTSTATUS lsa_LookupPrivValue(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct lsa_LookupPrivValue *r)
+static NTSTATUS lsa_LookupPrivValue(struct dcesrv_call_state *dce_call,
+ TALLOC_CTX *mem_ctx,
+ struct lsa_LookupPrivValue *r)
{
- DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+ struct dcesrv_handle *h;
+ struct lsa_policy_state *state;
+ int id;
+
+ DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
+
+ state = h->data;
+
+ id = sec_privilege_id(r->in.name->string);
+ if (id == -1) {
+ return NT_STATUS_NO_SUCH_PRIVILEGE;
+ }
+
+ r->out.luid->low = id;
+ r->out.luid->high = 0;
+
+ return NT_STATUS_OK;
}
/*
lsa_LookupPrivName
*/
-static NTSTATUS lsa_LookupPrivName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
- struct lsa_LookupPrivName *r)
+static NTSTATUS lsa_LookupPrivName(struct dcesrv_call_state *dce_call,
+ TALLOC_CTX *mem_ctx,
+ struct lsa_LookupPrivName *r)
{
DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
}
diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index f816b5dc1a..84fd246538 100644
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -283,7 +283,7 @@ static BOOL test_many_LookupSids(struct dcerpc_pipe *p,
names.count = 0;
names.names = NULL;
- sids.num_sids = 1000;
+ sids.num_sids = 100;
sids.sids = talloc_array_p(mem_ctx, struct lsa_SidPtr, sids.num_sids);
@@ -317,6 +317,26 @@ static BOOL test_many_LookupSids(struct dcerpc_pipe *p,
return True;
}
+static BOOL test_LookupPrivValue(struct dcerpc_pipe *p,
+ TALLOC_CTX *mem_ctx,
+ struct policy_handle *handle,
+ struct lsa_String *name)
+{
+ NTSTATUS status;
+ struct lsa_LookupPrivValue r;
+
+ r.in.handle = handle;
+ r.in.name = name;
+
+ status = dcerpc_lsa_LookupPrivValue(p, mem_ctx, &r);
+ if (!NT_STATUS_IS_OK(status)) {
+ printf("\nLookupPrivValue failed - %s\n", nt_errstr(status));
+ return False;
+ }
+
+ return True;
+}
+
static BOOL test_LookupPrivName(struct dcerpc_pipe *p,
TALLOC_CTX *mem_ctx,
struct policy_handle *handle,
@@ -805,7 +825,7 @@ static BOOL test_EnumPrivs(struct dcerpc_pipe *p,
r.in.handle = handle;
r.in.resume_handle = &resume_handle;
- r.in.max_count = 1000;
+ r.in.max_count = 100;
r.out.resume_handle = &resume_handle;
r.out.privs = &privs1;
@@ -818,6 +838,7 @@ static BOOL test_EnumPrivs(struct dcerpc_pipe *p,
for (i = 0; i< privs1.count; i++) {
test_LookupPrivDisplayName(p, mem_ctx, handle, &privs1.privs[i].name);
+ test_LookupPrivValue(p, mem_ctx, handle, &privs1.privs[i].name);
if (!test_EnumAccountsWithUserRight(p, mem_ctx, handle, &privs1.privs[i].name)) {
ret = False;
}
@@ -842,7 +863,7 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p,
r.in.handle = handle;
r.in.resume_handle = &resume_handle;
- r.in.num_entries = 1000;
+ r.in.num_entries = 100;
r.out.domains = &domains;
r.out.resume_handle = &resume_handle;