diff options
Diffstat (limited to 'source/rpc_client/cli_lsarpc.c')
| -rw-r--r-- | source/rpc_client/cli_lsarpc.c | 107 |
1 files changed, 61 insertions, 46 deletions
diff --git a/source/rpc_client/cli_lsarpc.c b/source/rpc_client/cli_lsarpc.c index f404b5144a6..45b7509d451 100644 --- a/source/rpc_client/cli_lsarpc.c +++ b/source/rpc_client/cli_lsarpc.c @@ -24,7 +24,6 @@ */ #include "includes.h" -#include "rpc_client.h" /** @defgroup lsa LSA - Local Security Architecture * @ingroup rpc_client @@ -637,68 +636,89 @@ NTSTATUS cli_lsa_enum_trust_dom(struct cli_state *cli, TALLOC_CTX *mem_ctx, char ***domain_names, DOM_SID **domain_sids) { prs_struct qbuf, rbuf; - LSA_Q_ENUM_TRUST_DOM in; - LSA_R_ENUM_TRUST_DOM out; + LSA_Q_ENUM_TRUST_DOM q; + LSA_R_ENUM_TRUST_DOM r; + NTSTATUS result; int i; - fstring tmp; + ZERO_STRUCT(q); + ZERO_STRUCT(r); + + /* Initialise parse structures */ + + prs_init(&qbuf, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL); + prs_init(&rbuf, 0, mem_ctx, UNMARSHALL); - ZERO_STRUCT(in); - ZERO_STRUCT(out); + /* Marshall data and send request */ /* 64k is enough for about 2000 trusted domains */ - - init_q_enum_trust_dom(&in, pol, *enum_ctx, 0x10000); + init_q_enum_trust_dom(&q, pol, *enum_ctx, 0x10000); + + if (!lsa_io_q_enum_trust_dom("", &q, &qbuf, 0) || + !rpc_api_pipe_req(cli, PI_LSARPC, LSA_ENUMTRUSTDOM, &qbuf, &rbuf)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } + + /* Unmarshall response */ + + if (!lsa_io_r_enum_trust_dom("", &r, &rbuf, 0)) { + result = NT_STATUS_UNSUCCESSFUL; + goto done; + } - CLI_DO_RPC( cli, mem_ctx, PI_LSARPC, LSA_ENUMTRUSTDOM, - in, out, - qbuf, rbuf, - lsa_io_q_enum_trust_dom, - lsa_io_r_enum_trust_dom, - NT_STATUS_UNSUCCESSFUL ); + result = r.status; + if (!NT_STATUS_IS_OK(result) && + !NT_STATUS_EQUAL(result, NT_STATUS_NO_MORE_ENTRIES) && + !NT_STATUS_EQUAL(result, STATUS_MORE_ENTRIES)) { - /* check for an actual error */ + /* An actual error ocured */ - if ( !NT_STATUS_IS_OK(out.status) - && !NT_STATUS_EQUAL(out.status, NT_STATUS_NO_MORE_ENTRIES) - && !NT_STATUS_EQUAL(out.status, STATUS_MORE_ENTRIES) ) - { - return out.status; + goto done; } - + /* Return output parameters */ - *num_domains = out.count; - *enum_ctx = out.enum_context; - - if ( out.count ) { + if (r.num_domains) { /* Allocate memory for trusted domain names and sids */ - if ( !(*domain_names = TALLOC_ARRAY(mem_ctx, char *, out.count)) ) { + *domain_names = TALLOC_ARRAY(mem_ctx, char *, r.num_domains); + + if (!*domain_names) { DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n")); - return NT_STATUS_NO_MEMORY; + result = NT_STATUS_NO_MEMORY; + goto done; } - if ( !(*domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, out.count)) ) { + *domain_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, r.num_domains); + if (!domain_sids) { DEBUG(0, ("cli_lsa_enum_trust_dom(): out of memory\n")); - return NT_STATUS_NO_MEMORY; + result = NT_STATUS_NO_MEMORY; + goto done; } /* Copy across names and sids */ - for (i = 0; i < out.count; i++) { + for (i = 0; i < r.num_domains; i++) { + fstring tmp; - rpcstr_pull( tmp, out.domlist->domains[i].name.string->buffer, - sizeof(tmp), out.domlist->domains[i].name.length, 0); + unistr2_to_ascii(tmp, &r.uni_domain_name[i], + sizeof(tmp) - 1); (*domain_names)[i] = talloc_strdup(mem_ctx, tmp); - - sid_copy(&(*domain_sids)[i], &out.domlist->domains[i].sid->sid ); + sid_copy(&(*domain_sids)[i], &r.domain_sid[i].sid); } } - return out.status; + *num_domains = r.num_domains; + *enum_ctx = r.enum_context; + + done: + prs_mem_free(&qbuf); + prs_mem_free(&rbuf); + + return result; } @@ -1240,16 +1260,12 @@ NTSTATUS cli_lsa_enum_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, } - privileges = TALLOC_ARRAY( mem_ctx, fstring, *count ); - names = TALLOC_ARRAY( mem_ctx, char *, *count ); - + privileges = TALLOC_ARRAY(mem_ctx, fstring, *count); + names = TALLOC_ARRAY(mem_ctx, char *, *count); for ( i=0; i<*count; i++ ) { - UNISTR4 *uni_string = &r.rights->strings[i]; - - if ( !uni_string->string ) - continue; - - rpcstr_pull( privileges[i], uni_string->string->buffer, sizeof(privileges[i]), -1, STR_TERMINATE ); + /* ensure NULL termination ... what a hack */ + pull_ucs2(NULL, privileges[i], r.rights.strings[i].string.buffer, + sizeof(fstring), r.rights.strings[i].string.uni_str_len*2 , 0); /* now copy to the return array */ names[i] = talloc_strdup( mem_ctx, privileges[i] ); @@ -1268,8 +1284,7 @@ done: NTSTATUS cli_lsa_add_account_rights(struct cli_state *cli, TALLOC_CTX *mem_ctx, POLICY_HND *pol, DOM_SID sid, - -uint32 count, const char **privs_name) + uint32 count, const char **privs_name) { prs_struct qbuf, rbuf; LSA_Q_ADD_ACCT_RIGHTS q; |