svn commit: samba r8945 - in branches/SOC/SAMBA_3_0/source: include libmsrpc

skel at samba.org skel at samba.org
Tue Aug 2 20:37:53 GMT 2005 

Author: skel
Date: 2005-08-02 20:37:52 +0000 (Tue, 02 Aug 2005)
New Revision: 8945

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=8945

Log:
added cac_LsaEnumTrustedDomains() cac_LsaOpenTrustedDomain(), cac_LsaQueryTrustedDomainInfo(). they haven't been tested and I need to define some constants for the 
info_class parm of cacLsaQueryTrustedDomainInfo()

Modified:
   branches/SOC/SAMBA_3_0/source/include/libmsrpc.h
   branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c


Changeset:
Modified: branches/SOC/SAMBA_3_0/source/include/libmsrpc.h
===================================================================
--- branches/SOC/SAMBA_3_0/source/include/libmsrpc.h	2005-08-02 20:35:52 UTC (rev 8944)
+++ branches/SOC/SAMBA_3_0/source/include/libmsrpc.h	2005-08-02 20:37:52 UTC (rev 8945)
@@ -409,10 +409,81 @@
  * @return  - CAC_FAILURE The operation was not successful, hnd->status is set appropriately
  *          - CAC_SUCCESS The operation completed successfully
  */
-int cac_LsaEnumAcctRightsFromSid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op);
+int cac_LsaEnumAccountRightsBySid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op);
 
+struct LsaEnumTrustedDomains {
+   struct {
+      /**Open LSA policy handle*/
+      POLICY_HND *pol;
+   } in;
+
+   struct {
+      /**used to keep track of how many domains have been retrieved over multiple calls
+       *  should be set to zero via ZERO_STRUCT() before the first call. Use the same struct LsaEnumSids for multiple calls*/
+      uint32 resume_idx;
+      
+      /**The number of domains returned by the remote server this call*/
+      uint32 num_domains;
+
+      /**array of trusted domain names returned by the remote server*/
+      char **domain_names;
+
+      /**array of trusted domain sids returned by the remote server*/
+      DOM_SID *domain_sids;
+   } out;
+};
      
+int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op);
 
+struct LsaOpenTrustedDomain {
+   struct {
+      /**an open LSA policy handle*/
+      POLICY_HND *pol;
+
+      /**SID of the trusted domain to open*/
+      DOM_SID *domain_sid;
+
+      /**Desired access on the open domain*/
+      uint32 access;
+   } in;
+
+   struct {
+      /**A handle to the policy that is opened*/
+      POLICY_HND *domain_policy;
+   } out;
+};
+
+/** @ingroup LSA_Functions
+ * Opens a trusted domain by SID.
+ * @return  - CAC_FAILURE a handle to the domain could not be opened. hnd->status is set with approriate NT_STATUS code
+ *          - CAC_SUCCESS the domain was opened successfully
+ */
+int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op);
+
+struct LsaQueryTrustedDomainInfo {
+   struct {
+      /**Open LSA policy handle*/
+      POLICY_HND *pol;
+
+      /**Info class of returned data*/
+      uint16 info_class;
+
+      /**(Optional)SID of trusted domain to query (must specify either SID or name of trusted domain)*/
+      DOM_SID *domain_sid;
+
+      /**(Optional)Name of trusted domain to query (must specify either SID or name of trusted domain)*/
+      char *domain_name;
+   } in;
+
+   struct {
+      /**information about the trusted domain*/
+      LSA_TRUSTED_DOMAIN_INFO *info;
+   } out;
+};
+
+int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op);
+      
+
 void cac_GetAuthDataFn(const char * pServer,
                  const char * pShare,
                  char * pWorkgroup,

Modified: branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c
===================================================================
--- branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c	2005-08-02 20:35:52 UTC (rev 8944)
+++ branches/SOC/SAMBA_3_0/source/libmsrpc/cac_lsarpc.c	2005-08-02 20:37:52 UTC (rev 8945)
@@ -558,7 +558,8 @@
 
 }
 
-int cac_LsaEnumAccountRights(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op) {
+/*TODO: make a cac_LsaEnumAccountRights() that will find the rights based on either a SID or a name*/
+int cac_LsaEnumAccountRightsBySid(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumAccountRights *op) {
    SMBCSRV *srv = NULL;
 
    uint32 count = 0;
@@ -599,3 +600,120 @@
    return CAC_SUCCESS;
    
 }
+
+int cac_LsaEnumTrustedDomains(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaEnumTrustedDomains *op) {
+   SMBCSRV *srv;
+   
+   uint32 num_domains;
+   char **domain_names;
+   DOM_SID *domain_sids;
+   
+   if(!hnd)
+      return CAC_FAILURE;
+
+   if(!hnd->ctx || !hnd->_pipes[PI_LSARPC]) {
+      hnd->status = NT_STATUS_INVALID_HANDLE;
+      return CAC_FAILURE;
+   }
+
+   if(!op->in.pol) {
+      hnd->status = NT_STATUS_INVALID_PARAMETER;
+      return CAC_FAILURE;
+   }
+
+   if(!cac_Connect(hnd, NULL)) {
+      return CAC_FAILURE;
+   }
+
+   srv = hnd->srv;
+   srv->cli.pipe_idx = PI_LSARPC;
+
+   hnd->status = cli_lsa_enum_trust_dom( &(srv->cli), mem_ctx, op->in.pol, &(op->out.resume_idx), &num_domains, &domain_names, &domain_sids);
+
+   if(!NT_STATUS_IS_OK(hnd->status)) {
+      return CAC_FAILURE;
+   }
+
+   op->out.num_domains = num_domains;
+   op->out.domain_names = domain_names;
+   op->out.domain_sids  = domain_sids;
+
+   return CAC_SUCCESS;
+}
+
+
+/*TODO: possibly make this work by either sid OR name*/
+int cac_LsaOpenTrustedDomain(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaOpenTrustedDomain *op) {
+   SMBCSRV *srv = NULL;
+
+   POLICY_HND *dom_pol = NULL;
+
+   if(!hnd)
+      return CAC_FAILURE;
+
+   if(!hnd->srv || !hnd->_pipes[PI_LSARPC]) {
+      hnd->status = NT_STATUS_INVALID_HANDLE;
+      return CAC_FAILURE;
+   }
+
+   if(!op->in.pol || !op->in.access || !op->in.domain_sid) {
+      hnd->status = NT_STATUS_INVALID_PARAMETER;
+      return CAC_FAILURE;
+   }
+
+   srv = hnd->srv;
+   srv->cli.pipe_idx = PI_LSARPC;
+   
+   hnd->status = cli_lsa_open_trusted_domain( &(srv->cli), mem_ctx, op->in.pol, op->in.domain_sid, op->in.access, dom_pol);
+
+   if(!NT_STATUS_IS_OK(hnd->status)) {
+      return CAC_FAILURE;
+   }
+
+   op->out.domain_policy = dom_pol;
+
+   return CAC_SUCCESS;
+}
+
+int cac_LsaQueryTrustedDomainInfo(CacServerHandle *hnd, TALLOC_CTX *mem_ctx, struct LsaQueryTrustedDomainInfo *op) {
+   SMBCSRV *srv = NULL;
+
+   LSA_TRUSTED_DOMAIN_INFO *dom_info;
+
+   if(!hnd)
+      return CAC_FAILURE;
+
+   if(!hnd->srv || !hnd->_pipes[PI_LSARPC]) {
+      hnd->status = NT_STATUS_INVALID_HANDLE;
+      return CAC_FAILURE;
+   }
+
+   if(!op->in.pol || !op->in.info_class) {
+      hnd->status = NT_STATUS_INVALID_PARAMETER;
+      return CAC_FAILURE;
+   }
+
+   if(!op->in.domain_sid && !op->in.domain_name) {
+      hnd->status = NT_STATUS_INVALID_PARAMETER;
+      return CAC_FAILURE;
+   }
+
+   srv = hnd->srv;
+   srv->cli.pipe_idx = PI_LSARPC;
+
+   if(op->in.domain_sid) {
+      hnd->status = cli_lsa_query_trusted_domain_info_by_sid( &(srv->cli), mem_ctx, op->in.pol, op->in.info_class, op->in.domain_sid, &dom_info);
+   }
+   else if(op->in.domain_name) {
+      hnd->status = cli_lsa_query_trusted_domain_info_by_name( &(srv->cli), mem_ctx, op->in.pol, op->in.info_class, op->in.domain_name, &dom_info);
+   }
+
+   if(!NT_STATUS_IS_OK(hnd->status)) {
+      return CAC_FAILURE;
+   }
+
+   op->out.info = dom_info;
+
+   return CAC_SUCCESS;
+
+}

More information about the samba-cvs mailing list