diff options
| -rw-r--r-- | source4/librpc/idl/lsa.idl | 19 | ||||
| -rw-r--r-- | source4/rpc_server/lsa/dcesrv_lsa.c | 32 | ||||
| -rw-r--r-- | source4/torture/rpc/lsa.c | 27 |
3 files changed, 60 insertions, 18 deletions
diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl index 1134110163..42891eecf7 100644 --- a/source4/librpc/idl/lsa.idl +++ b/source4/librpc/idl/lsa.idl @@ -36,9 +36,13 @@ } lsa_String; typedef struct { + uint32 low; + uint32 high; + } lsa_LUID; + + typedef struct { lsa_String name; - uint32 luid_low; - uint32 luid_high; + lsa_LUID luid; } lsa_PrivEntry; typedef struct { @@ -359,11 +363,6 @@ /* Function: 0x12 */ typedef struct { - uint32 low; - uint32 high; - } lsa_LUID; - - typedef struct { lsa_LUID luid; uint32 attribute; } lsa_LUIDAttribute; @@ -540,7 +539,11 @@ ); /* Function: 0x1f */ - NTSTATUS lsa_LookupPrivValue(); + NTSTATUS lsa_LookupPrivValue( + [in,ref] policy_handle *handle, + [in,ref] lsa_String *name, + [out,ref] lsa_LUID *luid + ); /* Function: 0x20 */ diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c index 8ebbca5186..71978caeb4 100644 --- a/source4/rpc_server/lsa/dcesrv_lsa.c +++ b/source4/rpc_server/lsa/dcesrv_lsa.c @@ -122,8 +122,8 @@ static NTSTATUS lsa_EnumPrivs(struct dcesrv_call_state *dce_call, TALLOC_CTX *me return NT_STATUS_NO_MEMORY; } e = &r->out.privs->privs[r->out.privs->count]; - e->luid_low = i; - e->luid_high = 0; + e->luid.low = i; + e->luid.high = 0; e->name.string = privname; r->out.privs->count++; i++; @@ -821,18 +821,36 @@ static NTSTATUS lsa_QuerySecret(struct dcesrv_call_state *dce_call, TALLOC_CTX * /* lsa_LookupPrivValue */ -static NTSTATUS lsa_LookupPrivValue(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_LookupPrivValue *r) +static NTSTATUS lsa_LookupPrivValue(struct dcesrv_call_state *dce_call, + TALLOC_CTX *mem_ctx, + struct lsa_LookupPrivValue *r) { - DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); + struct dcesrv_handle *h; + struct lsa_policy_state *state; + int id; + + DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY); + + state = h->data; + + id = sec_privilege_id(r->in.name->string); + if (id == -1) { + return NT_STATUS_NO_SUCH_PRIVILEGE; + } + + r->out.luid->low = id; + r->out.luid->high = 0; + + return NT_STATUS_OK; } /* lsa_LookupPrivName */ -static NTSTATUS lsa_LookupPrivName(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx, - struct lsa_LookupPrivName *r) +static NTSTATUS lsa_LookupPrivName(struct dcesrv_call_state *dce_call, + TALLOC_CTX *mem_ctx, + struct lsa_LookupPrivName *r) { DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR); } diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c index f816b5dc1a..84fd246538 100644 --- a/source4/torture/rpc/lsa.c +++ b/source4/torture/rpc/lsa.c @@ -283,7 +283,7 @@ static BOOL test_many_LookupSids(struct dcerpc_pipe *p, names.count = 0; names.names = NULL; - sids.num_sids = 1000; + sids.num_sids = 100; sids.sids = talloc_array_p(mem_ctx, struct lsa_SidPtr, sids.num_sids); @@ -317,6 +317,26 @@ static BOOL test_many_LookupSids(struct dcerpc_pipe *p, return True; } +static BOOL test_LookupPrivValue(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + struct lsa_String *name) +{ + NTSTATUS status; + struct lsa_LookupPrivValue r; + + r.in.handle = handle; + r.in.name = name; + + status = dcerpc_lsa_LookupPrivValue(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("\nLookupPrivValue failed - %s\n", nt_errstr(status)); + return False; + } + + return True; +} + static BOOL test_LookupPrivName(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, @@ -805,7 +825,7 @@ static BOOL test_EnumPrivs(struct dcerpc_pipe *p, r.in.handle = handle; r.in.resume_handle = &resume_handle; - r.in.max_count = 1000; + r.in.max_count = 100; r.out.resume_handle = &resume_handle; r.out.privs = &privs1; @@ -818,6 +838,7 @@ static BOOL test_EnumPrivs(struct dcerpc_pipe *p, for (i = 0; i< privs1.count; i++) { test_LookupPrivDisplayName(p, mem_ctx, handle, &privs1.privs[i].name); + test_LookupPrivValue(p, mem_ctx, handle, &privs1.privs[i].name); if (!test_EnumAccountsWithUserRight(p, mem_ctx, handle, &privs1.privs[i].name)) { ret = False; } @@ -842,7 +863,7 @@ static BOOL test_EnumTrustDom(struct dcerpc_pipe *p, r.in.handle = handle; r.in.resume_handle = &resume_handle; - r.in.num_entries = 1000; + r.in.num_entries = 100; r.out.domains = &domains; r.out.resume_handle = &resume_handle; |