[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-test-1998-g08888e3
Günther Deschner
gd at samba.org
Fri Feb 8 09:03:46 GMT 2008
The branch, v3-2-test has been updated
via 08888e3773fa9f92c1d0d4662983bd44bea69a6c (commit)
via 35494a333653003f03d326c4f77bbc74c3940123 (commit)
via 1b931e9145910a74b9e9661a9255cd79e434ffea (commit)
from 53b83bb53ff02878748fada589fd2faf3520d260 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 08888e3773fa9f92c1d0d4662983bd44bea69a6c
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 8 01:39:05 2008 +0100
Remove rpccli_lsa_query_info_policy_new and rpccli_lsa_query_info_policy_new2.
Guenther
commit 35494a333653003f03d326c4f77bbc74c3940123
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 8 01:38:44 2008 +0100
Use rpccli_lsa_QueryInfoPolicy and rpccli_lsa_QueryInfoPolicy2 in rpcclient.
Guenther
commit 1b931e9145910a74b9e9661a9255cd79e434ffea
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 8 01:13:50 2008 +0100
Use pidl for _lsa_QueryInfoPolicy().
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/rpc_client/cli_lsarpc.c | 70 ---------------------
source/rpc_server/srv_lsa.c | 24 +-------
source/rpc_server/srv_lsa_nt.c | 131 +++++++++++++++++++---------------------
source/rpcclient/cmd_lsarpc.c | 116 ++++++++++++++++-------------------
4 files changed, 114 insertions(+), 227 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_client/cli_lsarpc.c b/source/rpc_client/cli_lsarpc.c
index 7019e7f..f3dad5a 100644
--- a/source/rpc_client/cli_lsarpc.c
+++ b/source/rpc_client/cli_lsarpc.c
@@ -465,76 +465,6 @@ NTSTATUS rpccli_lsa_lookup_names(struct rpc_pipe_client *cli,
return result;
}
-NTSTATUS rpccli_lsa_query_info_policy_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 info_class,
- LSA_INFO_CTR *ctr)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_INFO q;
- LSA_R_QUERY_INFO r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_query(&q, pol, info_class);
-
- CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFOPOLICY,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query,
- lsa_io_r_query,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- done:
-
- *ctr = r.ctr;
-
- return result;
-}
-
-NTSTATUS rpccli_lsa_query_info_policy2_new(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *pol, uint16 info_class,
- LSA_INFO_CTR2 *ctr)
-{
- prs_struct qbuf, rbuf;
- LSA_Q_QUERY_INFO2 q;
- LSA_R_QUERY_INFO2 r;
- NTSTATUS result;
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- init_q_query2(&q, pol, info_class);
-
- CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_QUERYINFO2,
- q, r,
- qbuf, rbuf,
- lsa_io_q_query_info2,
- lsa_io_r_query_info2,
- NT_STATUS_UNSUCCESSFUL);
-
- result = r.status;
-
- if (!NT_STATUS_IS_OK(result)) {
- goto done;
- }
-
- done:
-
- *ctr = r.ctr;
-
- return result;
-}
-
-
-
/** Query info policy
*
* @param domain_sid - returned remote server's domain sid */
diff --git a/source/rpc_server/srv_lsa.c b/source/rpc_server/srv_lsa.c
index bbd5ff2..fd5d815 100644
--- a/source/rpc_server/srv_lsa.c
+++ b/source/rpc_server/srv_lsa.c
@@ -98,29 +98,7 @@ static bool api_lsa_enum_trust_dom(pipes_struct *p)
static bool api_lsa_query_info(pipes_struct *p)
{
- LSA_Q_QUERY_INFO q_u;
- LSA_R_QUERY_INFO r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* grab the info class and policy handle */
- if(!lsa_io_q_query("", &q_u, data, 0)) {
- DEBUG(0,("api_lsa_query_info: failed to unmarshall LSA_Q_QUERY_INFO.\n"));
- return False;
- }
-
- r_u.status = _lsa_query_info(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!lsa_io_r_query("", &r_u, rdata, 0)) {
- DEBUG(0,("api_lsa_query_info: failed to marshall LSA_R_QUERY_INFO.\n"));
- return False;
- }
-
- return True;
+ return proxy_lsa_call(p, NDR_LSA_QUERYINFOPOLICY);
}
/***************************************************************************
diff --git a/source/rpc_server/srv_lsa_nt.c b/source/rpc_server/srv_lsa_nt.c
index e4a44af..9f0d448 100644
--- a/source/rpc_server/srv_lsa_nt.c
+++ b/source/rpc_server/srv_lsa_nt.c
@@ -47,6 +47,16 @@ const struct generic_mapping lsa_generic_mapping = {
};
/*******************************************************************
+ inits a structure.
+********************************************************************/
+
+static void init_lsa_StringLarge(struct lsa_StringLarge *name, const char *s)
+{
+ name->string = s;
+}
+
+
+/*******************************************************************
Function to free the per handle data.
********************************************************************/
@@ -58,47 +68,27 @@ static void free_lsa_info(void *ptr)
}
/***************************************************************************
-Init dom_query
+ initialize a lsa_DomainInfo structure.
***************************************************************************/
-static void init_dom_query_3(DOM_QUERY_3 *d_q, const char *dom_name, DOM_SID *dom_sid)
+static void init_dom_query_3(struct lsa_DomainInfo *r,
+ const char *name,
+ DOM_SID *sid)
{
- d_q->buffer_dom_name = (dom_name != NULL) ? 1 : 0; /* domain buffer pointer */
- d_q->buffer_dom_sid = (dom_sid != NULL) ? 1 : 0; /* domain sid pointer */
-
- /* this string is supposed to be non-null terminated. */
- /* But the maxlen in this UNISTR2 must include the terminating null. */
- init_unistr2(&d_q->uni_domain_name, dom_name, UNI_BROKEN_NON_NULL);
-
- /*
- * I'm not sure why this really odd combination of length
- * values works, but it does appear to. I need to look at
- * this *much* more closely - but at the moment leave alone
- * until it's understood. This allows a W2k client to join
- * a domain with both odd and even length names... JRA.
- */
-
- /*
- * IMPORTANT NOTE !!!!
- * The two fields below probably are reversed in meaning, ie.
- * the first field is probably the str_len, the second the max
- * len. Both are measured in bytes anyway.
- */
-
- d_q->uni_dom_str_len = d_q->uni_domain_name.uni_max_len * 2;
- d_q->uni_dom_max_len = d_q->uni_domain_name.uni_str_len * 2;
-
- if (dom_sid != NULL)
- init_dom_sid2(&d_q->dom_sid, dom_sid);
+ init_lsa_StringLarge(&r->name, name);
+ r->sid = sid;
}
/***************************************************************************
-Init dom_query
+ initialize a lsa_DomainInfo structure.
***************************************************************************/
-static void init_dom_query_5(DOM_QUERY_5 *d_q, const char *dom_name, DOM_SID *dom_sid)
+static void init_dom_query_5(struct lsa_DomainInfo *r,
+ const char *name,
+ DOM_SID *sid)
{
- init_dom_query_3(d_q, dom_name, dom_sid);
+ init_lsa_StringLarge(&r->name, name);
+ r->sid = sid;
}
/***************************************************************************
@@ -674,49 +664,57 @@ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u,
}
/***************************************************************************
- _lsa_query_info. See the POLICY_INFOMATION_CLASS docs at msdn.
+ _lsa_QueryInfoPolicy
***************************************************************************/
-NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INFO *r_u)
+NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p,
+ struct lsa_QueryInfoPolicy *r)
{
+ NTSTATUS status = NT_STATUS_OK;
struct lsa_info *handle;
- LSA_INFO_CTR *ctr = &r_u->ctr;
DOM_SID domain_sid;
const char *name;
DOM_SID *sid = NULL;
+ union lsa_PolicyInformation *info = NULL;
- r_u->status = NT_STATUS_OK;
-
- if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&handle))
+ if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle))
return NT_STATUS_INVALID_HANDLE;
- switch (q_u->info_class) {
+ info = TALLOC_ZERO_P(p->mem_ctx, union lsa_PolicyInformation);
+ if (!info) {
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ switch (r->in.level) {
case 0x02:
{
uint32 policy_def = LSA_AUDIT_POLICY_ALL;
-
+
/* check if the user have enough rights */
if (!(handle->access & POLICY_VIEW_AUDIT_INFORMATION)) {
- DEBUG(10,("_lsa_query_info: insufficient access rights\n"));
+ DEBUG(10,("_lsa_QueryInfoPolicy: insufficient access rights\n"));
return NT_STATUS_ACCESS_DENIED;
}
/* fake info: We audit everything. ;) */
- ctr->info.id2.ptr = 1;
- ctr->info.id2.auditing_enabled = True;
- ctr->info.id2.count1 = ctr->info.id2.count2 = LSA_AUDIT_NUM_CATEGORIES;
- if ((ctr->info.id2.auditsettings = TALLOC_ZERO_ARRAY(p->mem_ctx, uint32, LSA_AUDIT_NUM_CATEGORIES)) == NULL)
+ info->audit_events.auditing_mode = true;
+ info->audit_events.count = LSA_AUDIT_NUM_CATEGORIES;
+ info->audit_events.settings = TALLOC_ZERO_ARRAY(p->mem_ctx,
+ enum lsa_PolicyAuditPolicy,
+ info->audit_events.count);
+ if (!info->audit_events.settings) {
return NT_STATUS_NO_MEMORY;
+ }
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT] = policy_def;
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS] = policy_def;
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_LOGON] = policy_def;
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_PROCCESS_TRACKING] = policy_def;
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES] = policy_def;
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_SYSTEM] = policy_def;
- ctr->info.id2.auditsettings[LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_ACCOUNT_MANAGEMENT] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_FILE_AND_OBJECT_ACCESS] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_LOGON] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_PROCCESS_TRACKING] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_SECURITY_POLICY_CHANGES] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_SYSTEM] = policy_def;
+ info->audit_events.settings[LSA_AUDIT_CATEGORY_USE_OF_USER_RIGHTS] = policy_def;
break;
}
@@ -747,7 +745,7 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF
default:
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
- init_dom_query_3(&r_u->ctr.info.id3, name, sid);
+ init_dom_query_3(&info->domain, name, sid);
break;
case 0x05:
/* check if the user have enough rights */
@@ -757,7 +755,8 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF
/* Request PolicyAccountDomainInformation. */
name = get_global_sam_name();
sid = get_global_sam_sid();
- init_dom_query_5(&r_u->ctr.info.id5, name, sid);
+
+ init_dom_query_5(&info->account_domain, name, sid);
break;
case 0x06:
/* check if the user have enough rights */
@@ -770,29 +769,27 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF
* only a BDC is a backup controller
* of the domain, it controls.
*/
- ctr->info.id6.server_role = 2;
+ info->role.role = 2;
break;
default:
/*
* any other role is a primary
* of the domain, it controls.
*/
- ctr->info.id6.server_role = 3;
- break;
+ info->role.role = 3;
+ break;
}
break;
default:
- DEBUG(0,("_lsa_query_info: unknown info level in Lsa Query: %d\n", q_u->info_class));
- r_u->status = NT_STATUS_INVALID_INFO_CLASS;
+ DEBUG(0,("_lsa_QueryInfoPolicy: unknown info level in Lsa Query: %d\n",
+ r->in.level));
+ status = NT_STATUS_INVALID_INFO_CLASS;
break;
}
- if (NT_STATUS_IS_OK(r_u->status)) {
- r_u->dom_ptr = 0x22000000; /* bizarre */
- ctr->info_class = q_u->info_class;
- }
+ *r->out.info = info;
- return r_u->status;
+ return status;
}
/***************************************************************************
@@ -2206,12 +2203,6 @@ NTSTATUS _lsa_ChangePassword(pipes_struct *p, struct lsa_ChangePassword *r)
return NT_STATUS_NOT_IMPLEMENTED;
}
-NTSTATUS _lsa_QueryInfoPolicy(pipes_struct *p, struct lsa_QueryInfoPolicy *r)
-{
- p->rng_fault_state = True;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
NTSTATUS _lsa_SetInfoPolicy(pipes_struct *p, struct lsa_SetInfoPolicy *r)
{
p->rng_fault_state = True;
diff --git a/source/rpcclient/cmd_lsarpc.c b/source/rpcclient/cmd_lsarpc.c
index 887a8cf..9bd4a5e 100644
--- a/source/rpcclient/cmd_lsarpc.c
+++ b/source/rpcclient/cmd_lsarpc.c
@@ -58,107 +58,91 @@ done:
return result;
}
-static void display_query_info_1(DOM_QUERY_1 d)
+static void display_query_info_1(struct lsa_AuditLogInfo *r)
{
- d_printf("percent_full:\t%d\n", d.percent_full);
- d_printf("log_size:\t%d\n", d.log_size);
- d_printf("retention_time:\t%lld\n", (long long)d.retention_time);
- d_printf("shutdown_in_progress:\t%d\n", d.shutdown_in_progress);
- d_printf("time_to_shutdown:\t%lld\n", (long long)d.time_to_shutdown);
- d_printf("next_audit_record:\t%d\n", d.next_audit_record);
- d_printf("unknown:\t%d\n", d.unknown);
+ d_printf("percent_full:\t%d\n", r->percent_full);
+ d_printf("log_size:\t%d\n", r->log_size);
+ d_printf("retention_time:\t%lld\n", (long long)r->retention_time);
+ d_printf("shutdown_in_progress:\t%d\n", r->shutdown_in_progress);
+ d_printf("time_to_shutdown:\t%lld\n", (long long)r->time_to_shutdown);
+ d_printf("next_audit_record:\t%d\n", r->next_audit_record);
+ d_printf("unknown:\t%d\n", r->unknown);
}
-static void display_query_info_2(DOM_QUERY_2 d, TALLOC_CTX *mem_ctx)
+static void display_query_info_2(struct lsa_AuditEventsInfo *r)
{
int i;
- d_printf("Auditing enabled:\t%d\n", d.auditing_enabled);
- d_printf("Auditing categories:\t%d\n", d.count1);
+ d_printf("Auditing enabled:\t%d\n", r->auditing_mode);
+ d_printf("Auditing categories:\t%d\n", r->count);
d_printf("Auditsettings:\n");
- for (i=0; i<d.count1; i++) {
- const char *val = audit_policy_str(mem_ctx, d.auditsettings[i]);
+ for (i=0; i<r->count; i++) {
+ const char *val = audit_policy_str(talloc_tos(), r->settings[i]);
const char *policy = audit_description_str(i);
d_printf("%s:\t%s\n", policy, val);
}
}
-static void display_query_info_3(DOM_QUERY_3 d)
+static void display_query_info_3(struct lsa_DomainInfo *r)
{
- fstring name;
-
- unistr2_to_ascii(name, &d.uni_domain_name, sizeof(name));
-
- d_printf("Domain Name: %s\n", name);
- d_printf("Domain Sid: %s\n", sid_string_tos(&d.dom_sid.sid));
+ d_printf("Domain Name: %s\n", r->name.string);
+ d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
}
-static void display_query_info_5(DOM_QUERY_5 d)
+static void display_query_info_5(struct lsa_DomainInfo *r)
{
- fstring name;
-
- unistr2_to_ascii(name, &d.uni_domain_name, sizeof(name));
-
- d_printf("Domain Name: %s\n", name);
- d_printf("Domain Sid: %s\n", sid_string_tos(&d.dom_sid.sid));
+ d_printf("Domain Name: %s\n", r->name.string);
+ d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
}
-static void display_query_info_10(DOM_QUERY_10 d)
+static void display_query_info_10(struct lsa_AuditFullSetInfo *r)
{
- d_printf("Shutdown on full: %d\n", d.shutdown_on_full);
+ d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
}
-static void display_query_info_11(DOM_QUERY_11 d)
+static void display_query_info_11(struct lsa_AuditFullQueryInfo *r)
{
- d_printf("Shutdown on full: %d\n", d.shutdown_on_full);
- d_printf("Log is full: %d\n", d.log_is_full);
- d_printf("Unknown: %d\n", d.unknown);
+ d_printf("Shutdown on full: %d\n", r->shutdown_on_full);
+ d_printf("Log is full: %d\n", r->log_is_full);
+ d_printf("Unknown: %d\n", r->unknown);
}
-static void display_query_info_12(DOM_QUERY_12 d)
+static void display_query_info_12(struct lsa_DnsDomainInfo *r)
{
- fstring dom_name, dns_dom_name, forest_name;
-
- unistr2_to_ascii(dom_name, &d.uni_nb_dom_name, sizeof(dom_name));
- unistr2_to_ascii(dns_dom_name, &d.uni_dns_dom_name, sizeof(dns_dom_name));
- unistr2_to_ascii(forest_name, &d.uni_forest_name, sizeof(forest_name));
-
- d_printf("Domain NetBios Name: %s\n", dom_name);
- d_printf("Domain DNS Name: %s\n", dns_dom_name);
- d_printf("Domain Forest Name: %s\n", forest_name);
- d_printf("Domain Sid: %s\n", sid_string_tos(&d.dom_sid.sid));
+ d_printf("Domain NetBios Name: %s\n", r->name.string);
+ d_printf("Domain DNS Name: %s\n", r->dns_domain.string);
+ d_printf("Domain Forest Name: %s\n", r->dns_forest.string);
+ d_printf("Domain Sid: %s\n", sid_string_tos(r->sid));
d_printf("Domain GUID: %s\n", smb_uuid_string(talloc_tos(),
- d.dom_guid));
-
+ r->domain_guid));
}
-
-
-static void display_lsa_query_info(LSA_INFO_CTR *dom, TALLOC_CTX *mem_ctx)
+static void display_lsa_query_info(union lsa_PolicyInformation *info,
+ enum lsa_PolicyInfo level)
{
- switch (dom->info_class) {
+ switch (level) {
case 1:
- display_query_info_1(dom->info.id1);
+ display_query_info_1(&info->audit_log);
break;
case 2:
- display_query_info_2(dom->info.id2, mem_ctx);
+ display_query_info_2(&info->audit_events);
break;
case 3:
- display_query_info_3(dom->info.id3);
+ display_query_info_3(&info->domain);
break;
case 5:
- display_query_info_5(dom->info.id5);
+ display_query_info_5(&info->account_domain);
break;
case 10:
- display_query_info_10(dom->info.id10);
+ display_query_info_10(&info->auditfullset);
break;
case 11:
- display_query_info_11(dom->info.id11);
+ display_query_info_11(&info->auditfullquery);
break;
case 12:
- display_query_info_12(dom->info.id12);
+ display_query_info_12(&info->dns);
break;
default:
- printf("can't display info level: %d\n", dom->info_class);
+ printf("can't display info level: %d\n", level);
break;
}
}
@@ -169,7 +153,7 @@ static NTSTATUS cmd_lsa_query_info_policy(struct rpc_pipe_client *cli,
--
Samba Shared Repository
More information about the samba-cvs
mailing list