added idl and test suite for lsa_CreateTrustedDomain()

(This used to be commit cdb47511531cb8ef19334088eecb14971e189a4f)

diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index 22701ce019f37b87864b8ffeb24b2f88dbfa405a..3e9ca1be3faaf63917dd12ce622fa27150772f39 100644 (file)
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -51,7 +51,6 @@
                [out,ref]    lsa_PrivArray *privs
                );
 
-
        /******************/
        /* Function: 0x03 */
 
@@ -225,7 +224,7 @@
        NTSTATUS lsa_CreateAccount (
                [in,ref]    policy_handle *handle,
                [in,ref]    dom_sid2 *sid,
-               [in]        uint32 access,
+               [in]        uint32 desired_access,
                [out,ref]   policy_handle *acct_handle
                );
 
@@ -250,7 +249,18 @@
 
        /*************************************************/
        /* Function: 0x0c                                */
-       NTSTATUS lsa_CreateTrustDom ();
+
+       typedef struct {
+               lsa_Name name;
+               dom_sid2 *sid;
+       } lsa_TrustInformation;
+
+       NTSTATUS lsa_CreateTrustedDomain(
+               [in,ref]     policy_handle *handle,
+               [in,ref]     lsa_TrustInformation *info,
+               [in]         uint32 desired_access,
+               [out,ref]    policy_handle *dom_handle
+               );
 
 
        /******************/
@@ -288,11 +298,6 @@
                [size_is(count)] lsa_TranslatedSid *sids;
        } lsa_TransSidArray;
 
-       typedef struct {
-               lsa_Name name;
-               dom_sid2 *sid;
-       } lsa_TrustInformation;
-
        typedef struct {
                uint32 count;
                [size_is(count)] lsa_TrustInformation *domains;

diff --git a/source4/torture/rpc/lsa.c b/source4/torture/rpc/lsa.c
index 7f49e4cef6407dfc07bb376ef563c0b7be003888..3b7e4dbe5dc920db2bfd1a7a488d6bd515df55dc 100644 (file)
--- a/source4/torture/rpc/lsa.c
+++ b/source4/torture/rpc/lsa.c
@@ -324,7 +324,7 @@ static BOOL test_CreateAccount(struct dcerpc_pipe *p,
 
        r.in.handle = handle;
        r.in.sid = newsid;
-       r.in.access = SEC_RIGHTS_MAXIMUM_ALLOWED;
+       r.in.desired_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
        r.out.acct_handle = &acct_handle;
 
        status = dcerpc_lsa_CreateAccount(p, mem_ctx, &r);
@@ -340,6 +340,46 @@ static BOOL test_CreateAccount(struct dcerpc_pipe *p,
        return True;
 }
 
+
+static BOOL test_CreateTrustedDomain(struct dcerpc_pipe *p, 
+                                    TALLOC_CTX *mem_ctx, 
+                                    struct policy_handle *handle)
+{
+       NTSTATUS status;
+       struct lsa_CreateTrustedDomain r;
+       struct lsa_TrustInformation trustinfo;
+       struct dom_sid *domsid;
+       struct policy_handle dom_handle;
+
+       printf("Testing CreateTrustedDomain\n");
+
+       if (!find_domain_sid(p, mem_ctx, handle, &domsid)) {
+               return False;
+       }
+
+       domsid->sub_auths[domsid->num_auths-1] ^= 0xF0F0F0F0;
+
+       trustinfo.sid = domsid;
+       init_lsa_Name(&trustinfo.name, "torturedomain");
+
+       r.in.handle = handle;
+       r.in.info = &trustinfo;
+       r.in.desired_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
+       r.out.dom_handle = &dom_handle;
+
+       status = dcerpc_lsa_CreateTrustedDomain(p, mem_ctx, &r);
+       if (!NT_STATUS_IS_OK(status)) {
+               printf("CreateTrustedDomain failed - %s\n", nt_errstr(status));
+               return False;
+       }
+
+       if (!test_Delete(p, mem_ctx, &dom_handle)) {
+               return False;
+       }
+
+       return True;
+}
+
 static BOOL test_EnumAccountRights(struct dcerpc_pipe *p, 
                                   TALLOC_CTX *mem_ctx, 
                                   struct policy_handle *acct_handle,
@@ -635,6 +675,10 @@ BOOL torture_rpc_lsa(int dummy)
                ret = False;
        }
 
+       if (!test_CreateTrustedDomain(p, mem_ctx, &handle)) {
+               ret = False;
+       }
+
        if (!test_EnumAccounts(p, mem_ctx, &handle)) {
                ret = False;
        }