s4-samr: merge samr_QuerySecurity from s3 idl. (fixme: python)

Guenther

diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl
index eb5b23e9efe2e19f4a4e43c80b8d9f5c1c77bb70..7b7d1f9092a7f1c2b11e5a836736a36b0b9dc2d4 100644 (file)
--- a/librpc/idl/samr.idl
+++ b/librpc/idl/samr.idl
@@ -248,7 +248,7 @@ import "misc.idl", "lsa.idl", "security.idl";
        NTSTATUS samr_QuerySecurity (
                [in,ref]          policy_handle *handle,
                [in]              security_secinfo sec_info,
-               [out,unique]      sec_desc_buf *sdbuf
+               [out,ref]         sec_desc_buf **sdbuf
                );
 
        /******************/

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index 9a45616a8bfa3ac7535cf6b51272e2ee8991ee36..e8d800e23d39526fed9ba54618472a1d2a12a886 100644 (file)
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -229,7 +229,7 @@ static NTSTATUS dcesrv_samr_QuerySecurity(struct dcesrv_call_state *dce_call, TA
        struct dcesrv_handle *h;
        struct sec_desc_buf *sd;
 
-       r->out.sdbuf = NULL;
+       *r->out.sdbuf = NULL;
 
        DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
 
@@ -240,7 +240,7 @@ static NTSTATUS dcesrv_samr_QuerySecurity(struct dcesrv_call_state *dce_call, TA
 
        sd->sd = samdb_default_security_descriptor(mem_ctx);
 
-       r->out.sdbuf = sd;
+       *r->out.sdbuf = sd;
 
        return NT_STATUS_OK;
 }

diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index b28877602c4afae32ffac0f79b565c28ff271bf9..9ea92037d0e990d2d1724d40146b110d73ecad8d 100644 (file)
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -138,18 +138,20 @@ static bool test_QuerySecurity(struct dcerpc_pipe *p,
        NTSTATUS status;
        struct samr_QuerySecurity r;
        struct samr_SetSecurity s;
+       struct sec_desc_buf *sdbuf = NULL;
 
        r.in.handle = handle;
        r.in.sec_info = 7;
+       r.out.sdbuf = &sdbuf;
 
        status = dcerpc_samr_QuerySecurity(p, tctx, &r);
        torture_assert_ntstatus_ok(tctx, status, "QuerySecurity");
 
-       torture_assert(tctx, r.out.sdbuf != NULL, "sdbuf is NULL");
+       torture_assert(tctx, sdbuf != NULL, "sdbuf is NULL");
 
        s.in.handle = handle;
        s.in.sec_info = 7;
-       s.in.sdbuf = r.out.sdbuf;
+       s.in.sdbuf = sdbuf;
 
        if (torture_setting_bool(tctx, "samba4", false)) {
                torture_skip(tctx, "skipping SetSecurity test against Samba4\n");

diff --git a/source4/torture/rpc/samr_accessmask.c b/source4/torture/rpc/samr_accessmask.c
index bfff8c9267f72402efb6d3b114d6d072e9816d96..c45b12db60c2a722370f1432437d1bd4bc0b6d50 100644 (file)
--- a/source4/torture/rpc/samr_accessmask.c
+++ b/source4/torture/rpc/samr_accessmask.c
@@ -236,7 +236,7 @@ static bool test_samr_connect_user_acl(struct torture_context *tctx,
        struct samr_SetSecurity ss;
        struct security_ace ace;
        struct security_descriptor *sd;
-       struct sec_desc_buf sdb;
+       struct sec_desc_buf sdb, *sdbuf = NULL;
        bool ret = true;
        int sd_size;
        struct dcerpc_pipe *test_p;
@@ -255,6 +255,7 @@ static bool test_samr_connect_user_acl(struct torture_context *tctx,
        /* get the current ACL for the SAMR policy handle */
        qs.in.handle = &ch;
        qs.in.sec_info = SECINFO_DACL;
+       qs.out.sdbuf = &sdbuf;
        status = dcerpc_samr_QuerySecurity(p, tctx, &qs);
        if (!NT_STATUS_IS_OK(status)) {
                printf("QuerySecurity failed - %s\n", nt_errstr(status));
@@ -262,13 +263,13 @@ static bool test_samr_connect_user_acl(struct torture_context *tctx,
        }
 
        /* how big is the security descriptor? */
-       sd_size = qs.out.sdbuf->sd_size;
+       sd_size = sdbuf->sd_size;
 
 
        /* add an ACE to the security descriptor to deny the user the
         * 'connect to server' right
         */
-       sd = qs.out.sdbuf->sd;
+       sd = sdbuf->sd;
        ace.type = SEC_ACE_TYPE_ACCESS_DENIED;
        ace.flags = 0;
        ace.access_mask = SAMR_ACCESS_CONNECT_TO_SERVER;
@@ -314,7 +315,7 @@ static bool test_samr_connect_user_acl(struct torture_context *tctx,
                printf("QuerySecurity failed - %s\n", nt_errstr(status));
                ret = false;
        }
-       if (sd_size != qs.out.sdbuf->sd_size) {
+       if (sd_size != sdbuf->sd_size) {
                printf("security descriptor changed\n");
                ret = false;
        }

diff --git a/source4/torture/rpc/samsync.c b/source4/torture/rpc/samsync.c
index d97b9ba4983f89cbfb33c34a1a696f86c565d4f8..c833f32559b95f6658a924020cc34b7f149141ca 100644 (file)
--- a/source4/torture/rpc/samsync.c
+++ b/source4/torture/rpc/samsync.c
@@ -192,10 +192,12 @@ static struct sec_desc_buf *samsync_query_samr_sec_desc(TALLOC_CTX *mem_ctx,
                                                        struct policy_handle *handle) 
 {
        struct samr_QuerySecurity r;
+       struct sec_desc_buf *sdbuf = NULL;
        NTSTATUS status;
 
        r.in.handle = handle;
        r.in.sec_info = 0x7;
+       r.out.sdbuf = &sdbuf;
 
        status = dcerpc_samr_QuerySecurity(samsync_state->p_samr, mem_ctx, &r);
        if (!NT_STATUS_IS_OK(status)) {
@@ -203,7 +205,7 @@ static struct sec_desc_buf *samsync_query_samr_sec_desc(TALLOC_CTX *mem_ctx,
                return NULL;
        }
 
-       return r.out.sdbuf;
+       return sdbuf;
 }
 
 static struct sec_desc_buf *samsync_query_lsa_sec_desc(TALLOC_CTX *mem_ctx,