r937: - added a simple QuerySecurity implementation in samr server

 - moved some sec desc defines into misc.idl

 - fixed pw_len field in UserInfo26

 - made some pipes available on TCP

 - added netr_DsrEnumerateDomainTrusts() to netlogon

 - added templates for remaining netlogon IDL calls (from ethereal)

 - added a unistr_noterm vs unistr error detector in ndr basic decoder

 - added torture test for netr_DsrEnumerateDomainTrusts()
(This used to be commit ae5a5113fb83640dcb9ae4642c1b9eaf28487956)

diff --git a/source4/include/rpc_secdes.h b/source4/include/rpc_secdes.h
index eb83b81d851cf0a80ef56307c25e0be48716b767..3c56d6cb82e1aab91938f3fdd27d99c41c83c7e2 100644 (file)
--- a/source4/include/rpc_secdes.h
+++ b/source4/include/rpc_secdes.h
@@ -74,28 +74,8 @@ typedef struct security_descriptor SEC_DESC;
 #define SEC_ACE_TYPE_SYSTEM_AUDIT_OBJECT       0x7
 #define SEC_ACE_TYPE_SYSTEM_ALARM_OBJECT       0x8
 
-#define SEC_DESC_OWNER_DEFAULTED       0x0001
-#define SEC_DESC_GROUP_DEFAULTED       0x0002
-#define SEC_DESC_DACL_PRESENT          0x0004
-#define SEC_DESC_DACL_DEFAULTED                0x0008
-#define SEC_DESC_SACL_PRESENT          0x0010
-#define SEC_DESC_SACL_DEFAULTED                0x0020
-#define SEC_DESC_DACL_TRUSTED          0x0040
-#define SEC_DESC_SERVER_SECURITY       0x0080
-/*
- * New Windows 2000 bits.
- */
-#define SE_DESC_DACL_AUTO_INHERIT_REQ  0x0100
-#define SE_DESC_SACL_AUTO_INHERIT_REQ  0x0200
-#define SE_DESC_DACL_AUTO_INHERITED    0x0400
-#define SE_DESC_SACL_AUTO_INHERITED    0x0800
-#define SE_DESC_DACL_PROTECTED         0x1000
-#define SE_DESC_SACL_PROTECTED         0x2000
 
 /* Don't know what this means. */
-#define SEC_DESC_RM_CONTROL_VALID      0x4000
-
-#define SEC_DESC_SELF_RELATIVE         0x8000
 
 /* security information */
 #define OWNER_SECURITY_INFORMATION     0x00000001

diff --git a/source4/lib/basic.mk b/source4/lib/basic.mk
index ce82157894bfd4b9e0f33ede05f63bdc62ddcbdc..754458fec14719643656cd99187fbffa7c0a1aca 100644 (file)
--- a/source4/lib/basic.mk
+++ b/source4/lib/basic.mk
@@ -25,6 +25,7 @@ ADD_OBJ_FILES = \
                lib/wins_srv.o \
                lib/util_str.o \
                lib/util_sid.o \
+               lib/util_secdesc.o \
                lib/util_uuid.o \
                lib/util_unistr.o \
                lib/util_file.o \

diff --git a/source4/lib/util_secdesc.c b/source4/lib/util_secdesc.c
new file mode 100644 (file)
index 0000000..92887b2
--- /dev/null
+++ b/source4/lib/util_secdesc.c
@@ -0,0 +1,51 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   security descriptror utility functions
+
+   Copyright (C) Andrew Tridgell               2004
+      
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+/*
+  return a blank security descriptor (no owners, dacl or sacl)
+*/
+struct security_descriptor *sd_initialise(TALLOC_CTX *mem_ctx)
+{
+       struct security_descriptor *sd;
+
+       sd = talloc_p(mem_ctx, struct security_descriptor);
+       if (!sd) {
+               return NULL;
+       }
+
+       sd->revision = SD_REVISION;
+       /* we mark as self relative, even though it isn't while it remains
+          a pointer in memory because this simplifies the ndr code later.
+          All SDs that we store/emit are in fact SELF_RELATIVE
+       */
+       sd->type = SEC_DESC_SELF_RELATIVE;
+
+       sd->owner_sid = NULL;
+       sd->group_sid = NULL;
+       sd->sacl = NULL;
+       sd->dacl = NULL;
+
+       return sd;
+}
+

diff --git a/source4/librpc/idl/lsa.idl b/source4/librpc/idl/lsa.idl
index b9acbfcf10de2b32dfcac4e1a7f6808d2e87912c..5683a0d08e7757fb73439a16d55a2d53023d8f16 100644 (file)
--- a/source4/librpc/idl/lsa.idl
+++ b/source4/librpc/idl/lsa.idl
@@ -6,7 +6,7 @@
 
 [ uuid(12345778-1234-abcd-ef00-0123456789ab),
   version(0.0),
-  endpoints(lsarpc,lsass),
+  endpoints(lsarpc,lsass,TCP-0),
   pointer_default(unique)
 ] interface lsarpc
 {

diff --git a/source4/librpc/idl/misc.idl b/source4/librpc/idl/misc.idl
index c5e0b06a2328b4d6b2bcde199714604b913e69a2..240c0026e33649505ec80c6234f1ec81496e1c20 100644 (file)
--- a/source4/librpc/idl/misc.idl
+++ b/source4/librpc/idl/misc.idl
@@ -80,6 +80,26 @@ interface misc
                security_ace aces[num_aces];
        } security_acl;
 
+       /* default revision for new ACLs */
+       const int SD_REVISION                    = 1;
+
+       /* security_descriptor->type bits */
+       const int SEC_DESC_OWNER_DEFAULTED       = 0x0001;
+       const int SEC_DESC_GROUP_DEFAULTED       = 0x0002;
+       const int SEC_DESC_DACL_PRESENT          = 0x0004;
+       const int SEC_DESC_DACL_DEFAULTED        = 0x0008;
+       const int SEC_DESC_SACL_PRESENT          = 0x0010;
+       const int SEC_DESC_SACL_DEFAULTED        = 0x0020;
+       const int SEC_DESC_DACL_TRUSTED          = 0x0040;
+       const int SEC_DESC_SERVER_SECURITY       = 0x0080;
+       const int SEC_DESC_DACL_AUTO_INHERIT_REQ = 0x0100;
+       const int SEC_DESC_SACL_AUTO_INHERIT_REQ = 0x0200;
+       const int SEC_DESC_DACL_AUTO_INHERITED   = 0x0400;
+       const int SEC_DESC_SACL_AUTO_INHERITED   = 0x0800;
+       const int SEC_DESC_DACL_PROTECTED        = 0x1000;
+       const int SEC_DESC_SACL_PROTECTED        = 0x2000;
+       const int SEC_DESC_RM_CONTROL_VALID      = 0x4000;
+       const int SEC_DESC_SELF_RELATIVE         = 0x8000;
 
        typedef [public] struct {
                uint8 revision;

diff --git a/source4/librpc/idl/netlogon.idl b/source4/librpc/idl/netlogon.idl
index f3c2b1ff26c9f87a8e623ba53e64d3860567eff6..6888c63ab9ca7837c225bc260dd0ac07f4851687 100644 (file)
--- a/source4/librpc/idl/netlogon.idl
+++ b/source4/librpc/idl/netlogon.idl
@@ -9,6 +9,7 @@
 [
   uuid(12345678-1234-abcd-ef00-01234567cffb),
   version(1.0),
+  endpoints(netlogon,TCP-0),
   pointer_default(unique)
 ]
 
@@ -854,4 +855,141 @@ interface netlogon
                [in][switch_is(function_code)] netr_CONTROL_DATA_INFORMATION  data,
                [out][switch_is(level)]        netr_CONTROL_QUERY_INFORMATION query
                );
+
+       /*****************/
+       /* Function 0x13 */
+       WERROR netr_NETRENUMERATETRUSTEDDOMAINS() ;
+
+       /*****************/
+       /* Function 0x14 */             
+       WERROR netr_DSRGETDCNAME() ;
+
+       /*****************/
+       /* Function 0x15 */
+       WERROR netr_NETRLOGONDUMMYROUTINE1();
+
+       /****************/
+       /* Function 0x16 */
+       WERROR netr_NETRLOGONSETSERVICEBITS();
+
+       /****************/
+       /* Function 0x17 */
+       WERROR netr_NETRLOGONGETTRUSTRID();
+
+       /****************/
+       /* Function 0x18 */
+       WERROR netr_NETRLOGONCOMPUTESERVERDIGEST();
+
+       /****************/
+       /* Function 0x19 */
+       WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST();
+
+       /****************/
+       /* Function 0x1a */
+       WERROR netr_NETRSERVERAUTHENTICATE3();
+
+       /****************/
+       /* Function 0x1b */
+       WERROR netr_DSRGETDCNAMEX();
+
+       /****************/
+       /* Function 0x1c */
+       WERROR netr_DSRGETSITENAME();
+
+       /****************/
+       /* Function 0x1d */
+       WERROR netr_NETRLOGONGETDOMAININFO();
+
+       /****************/
+       /* Function 0x1e */
+       WERROR netr_NETRSERVERPASSWORDSET2();
+
+       /****************/
+       /* Function 0x1f */
+       WERROR netr_NETRSERVERPASSWORDGET();
+
+       /****************/
+       /* Function 0x20 */
+       WERROR netr_NETRLOGONSENDTOSAM();
+
+       /****************/
+       /* Function 0x21 */
+       WERROR netr_DSRADDRESSTOSITENAMESW();
+
+       /****************/
+       /* Function 0x22 */
+       WERROR netr_DSRGETDCNAMEEX2();
+
+       /****************/
+       /* Function 0x23 */
+       WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN();
+
+       /****************/
+       /* Function 0x24 */
+       WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX();
+
+       /****************/
+       /* Function 0x25 */
+       WERROR netr_DSRADDRESSTOSITENAMESEXW();
+
+       /****************/
+       /* Function 0x26 */
+       WERROR netr_DSRGETDCSITECOVERAGEW();
+
+       /****************/
+       /* Function 0x27 */
+       WERROR netr_NETRLOGONSAMLOGONEX();
+
+       /****************/
+       /* Function 0x28 */
+
+       const int NETR_TRUST_FLAG_IN_FOREST = 0x01;
+       const int NETR_TRUST_FLAG_OUTBOUND  = 0x02;
+       const int NETR_TRUST_FLAG_TREEROOT  = 0x04;
+       const int NETR_TRUST_FLAG_PRIMARY   = 0x08;
+       const int NETR_TRUST_FLAG_NATIVE    = 0x10;
+       const int NETR_TRUST_FLAG_INBOUND   = 0x20;
+
+       typedef struct {
+               unistr *netbios_name;
+               unistr *dns_name;
+               uint32 trust_flags;
+               uint32 parent_index;
+               uint32 trust_type;
+               uint32 trust_attributes;
+               dom_sid2 *sid;
+               GUID   guid;
+       } netr_DomainTrust;
+
+       WERROR netr_DsrEnumerateDomainTrusts(
+               [in]                 unistr           *server_name,
+               [in]                 uint32           trust_flags,
+               [out]                uint32           count,
+               [out,size_is(count)] netr_DomainTrust *trusts
+               );
+
+
+       /****************/
+       /* Function 0x29 */
+       WERROR netr_DSRDEREGISTERDNSHOSTRECORDS();
+
+       /****************/
+       /* Function 0x2a */
+       WERROR netr_NETRSERVERTRUSTPASSWORDSGET();
+
+       /****************/
+       /* Function 0x2b */
+       WERROR netr_DSRGETFORESTTRUSTINFORMATION();
+
+       /****************/
+       /* Function 0x2c */
+       WERROR netr_NETRGETFORESTTRUSTINFORMATION();
+
+       /****************/
+       /* Function 0x2d */
+       WERROR netr_NETRLOGONSAMLOGONWITHFLAGS();
+
+       /****************/
+       /* Function 0x2e */
+       WERROR netr_NETRSERVERGETTRUSTINFO();
 }

diff --git a/source4/librpc/idl/samr.idl b/source4/librpc/idl/samr.idl
index e428bfe0c7126c5f117bfcb2092513db094e10ec..960d007bd3937582a883b64cd8e900edaa7675e5 100644 (file)
--- a/source4/librpc/idl/samr.idl
+++ b/source4/librpc/idl/samr.idl
@@ -10,6 +10,7 @@
 
 [ uuid(12345778-1234-abcd-ef00-0123456789ac),
   version(1.0),
+  endpoints(samr,TCP-0),
   pointer_default(unique)
 ] interface samr
 {
@@ -761,7 +762,7 @@
 
        typedef struct {
                samr_CryptPasswordEx password;
-               uint16 pw_len;
+               uint8 pw_len;
        } samr_UserInfo26;
 
        typedef union {

diff --git a/source4/librpc/idl/winreg.idl b/source4/librpc/idl/winreg.idl
index fa11f80dcd12da7cc2fa58a40e393df8d6b17b09..d043dad1f1a7d311a4bd5f3d9c672db8b24e32bf 100644 (file)
--- a/source4/librpc/idl/winreg.idl
+++ b/source4/librpc/idl/winreg.idl
@@ -6,6 +6,7 @@
 
 [ uuid(338cd001-2244-31f1-aaaa-900038001003),
   version(1.0),
+  endpoints(winreg,TCP-0),
   pointer_default(unique)
 ] interface winreg
 {

diff --git a/source4/librpc/ndr/ndr_basic.c b/source4/librpc/ndr/ndr_basic.c
index 1766d47e14944d13be22bc312de055284eaf4d91..f8315b3af070daf1b4fa65a395a787bfa2c43f87 100644 (file)
--- a/source4/librpc/ndr/ndr_basic.c
+++ b/source4/librpc/ndr/ndr_basic.c
@@ -413,6 +413,18 @@ NTSTATUS ndr_pull_string(struct ndr_pull *ndr, int ndr_flags, const char **s)
                                              "Bad character conversion");
                }
                NDR_CHECK(ndr_pull_advance(ndr, len2*2));
+
+               /* this is a way of detecting if a string is sent with the wrong
+                  termination */
+               if (ndr->flags & LIBNDR_FLAG_STR_NOTERM) {
+                       if (strlen(as) < len2) {
+                               DEBUG(6,("short string '%s'\n", as));
+                       }
+               } else {
+                       if (strlen(as) == len2) {
+                               DEBUG(6,("long string '%s'\n", as));
+                       }
+               }
                *s = as;
                break;
 

diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c
index 4481df6aa835e1d98c708ad7dc68e9a4fd2dae53..7cf296532340cc6b4d6970a1c7f435c9570a4ee4 100644 (file)
--- a/source4/rpc_server/netlogon/dcerpc_netlogon.c
+++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c
@@ -598,5 +598,331 @@ static WERROR netr_LogonControl2Ex(struct dcesrv_call_state *dce_call, TALLOC_CT
 }
 
 
+/* 
+  netr_NETRENUMERATETRUSTEDDOMAINS 
+*/
+static WERROR netr_NETRENUMERATETRUSTEDDOMAINS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRENUMERATETRUSTEDDOMAINS *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCNAME 
+*/
+static WERROR netr_DSRGETDCNAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRGETDCNAME *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONDUMMYROUTINE1 
+*/
+static WERROR netr_NETRLOGONDUMMYROUTINE1(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONDUMMYROUTINE1 *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSETSERVICEBITS 
+*/
+static WERROR netr_NETRLOGONSETSERVICEBITS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONSETSERVICEBITS *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONGETTRUSTRID 
+*/
+static WERROR netr_NETRLOGONGETTRUSTRID(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONGETTRUSTRID *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONCOMPUTESERVERDIGEST 
+*/
+static WERROR netr_NETRLOGONCOMPUTESERVERDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONCOMPUTESERVERDIGEST *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONCOMPUTECLIENTDIGEST 
+*/
+static WERROR netr_NETRLOGONCOMPUTECLIENTDIGEST(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONCOMPUTECLIENTDIGEST *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERAUTHENTICATE3 
+*/
+static WERROR netr_NETRSERVERAUTHENTICATE3(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRSERVERAUTHENTICATE3 *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCNAMEX 
+*/
+static WERROR netr_DSRGETDCNAMEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRGETDCNAMEX *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETSITENAME 
+*/
+static WERROR netr_DSRGETSITENAME(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRGETSITENAME *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONGETDOMAININFO 
+*/
+static WERROR netr_NETRLOGONGETDOMAININFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONGETDOMAININFO *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERPASSWORDSET2 
+*/
+static WERROR netr_NETRSERVERPASSWORDSET2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRSERVERPASSWORDSET2 *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERPASSWORDGET 
+*/
+static WERROR netr_NETRSERVERPASSWORDGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRSERVERPASSWORDGET *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSENDTOSAM 
+*/
+static WERROR netr_NETRLOGONSENDTOSAM(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONSENDTOSAM *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRADDRESSTOSITENAMESW 
+*/
+static WERROR netr_DSRADDRESSTOSITENAMESW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRADDRESSTOSITENAMESW *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCNAMEEX2 
+*/
+static WERROR netr_DSRGETDCNAMEEX2(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRGETDCNAMEEX2 *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN 
+*/
+static WERROR netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONGETTIMESERVICEPARENTDOMAIN *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRENUMERATETRUSTEDDOMAINSEX 
+*/
+static WERROR netr_NETRENUMERATETRUSTEDDOMAINSEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRENUMERATETRUSTEDDOMAINSEX *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRADDRESSTOSITENAMESEXW 
+*/
+static WERROR netr_DSRADDRESSTOSITENAMESEXW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRADDRESSTOSITENAMESEXW *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETDCSITECOVERAGEW 
+*/
+static WERROR netr_DSRGETDCSITECOVERAGEW(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRGETDCSITECOVERAGEW *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSAMLOGONEX 
+*/
+static WERROR netr_NETRLOGONSAMLOGONEX(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONSAMLOGONEX *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DsrEnumerateDomainTrusts 
+*/
+static WERROR netr_DsrEnumerateDomainTrusts(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                                             struct netr_DsrEnumerateDomainTrusts *r)
+{
+       struct netr_DomainTrust *trusts;
+       void *sam_ctx;
+       int ret, i;
+       struct ldb_message **res;
+       const char * const attrs[] = { "name", "dnsDomain", "objectSid", "objectGUID", NULL };
+
+       ZERO_STRUCT(r->out);
+
+       sam_ctx = samdb_connect();
+       if (sam_ctx == NULL) {
+               return WERR_GENERAL_FAILURE;
+       }
+
+       ret = samdb_search(sam_ctx, mem_ctx, NULL, &res, attrs, "(objectClass=domainDNS)");
+       if (ret == -1) {
+               samdb_close(sam_ctx);
+               return WERR_GENERAL_FAILURE;            
+       }
+
+       if (ret == 0) {
+               return WERR_OK;
+       }
+
+       trusts = talloc_array_p(mem_ctx, struct netr_DomainTrust, ret);
+       if (trusts == NULL) {
+               return WERR_NOMEM;
+       }
+       
+       r->out.count = ret;
+       r->out.trusts = trusts;
+
+       for (i=0;i<ret;i++) {
+               trusts[i].netbios_name = samdb_result_string(res[i], "name", NULL);
+               trusts[i].dns_name     = samdb_result_string(res[i], "dnsDomain", NULL);
+               trusts[i].trust_flags = 
+                       NETR_TRUST_FLAG_TREEROOT | 
+                       NETR_TRUST_FLAG_IN_FOREST | 
+                       NETR_TRUST_FLAG_PRIMARY;
+               trusts[i].parent_index = 0;
+               trusts[i].trust_type = 2;
+               trusts[i].trust_attributes = 0;
+               trusts[i].sid  = samdb_result_dom_sid(mem_ctx, res[i], "objectSid");
+               trusts[i].guid = samdb_result_guid(res[i], "objectGUID");
+       }
+       
+
+       return WERR_OK;
+}
+
+
+/* 
+  netr_DSRDEREGISTERDNSHOSTRECORDS 
+*/
+static WERROR netr_DSRDEREGISTERDNSHOSTRECORDS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRDEREGISTERDNSHOSTRECORDS *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERTRUSTPASSWORDSGET 
+*/
+static WERROR netr_NETRSERVERTRUSTPASSWORDSGET(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRSERVERTRUSTPASSWORDSGET *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_DSRGETFORESTTRUSTINFORMATION 
+*/
+static WERROR netr_DSRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_DSRGETFORESTTRUSTINFORMATION *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRGETFORESTTRUSTINFORMATION 
+*/
+static WERROR netr_NETRGETFORESTTRUSTINFORMATION(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRGETFORESTTRUSTINFORMATION *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRLOGONSAMLOGONWITHFLAGS 
+*/
+static WERROR netr_NETRLOGONSAMLOGONWITHFLAGS(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRLOGONSAMLOGONWITHFLAGS *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
+/* 
+  netr_NETRSERVERGETTRUSTINFO 
+*/
+static WERROR netr_NETRSERVERGETTRUSTINFO(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
+                      struct netr_NETRSERVERGETTRUSTINFO *r)
+{
+       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+}
+
+
 /* include the generated boilerplate */
 #include "librpc/gen_ndr/ndr_netlogon_s.c"

diff --git a/source4/rpc_server/samr/dcesrv_samr.c b/source4/rpc_server/samr/dcesrv_samr.c
index eba36e53fa44eba2091039c142650ab64d595406..2811a095345c386c99d88ec14964342b78d0d1fd 100644 (file)
--- a/source4/rpc_server/samr/dcesrv_samr.c
+++ b/source4/rpc_server/samr/dcesrv_samr.c
@@ -135,7 +135,23 @@ static NTSTATUS samr_SetSecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX
 static NTSTATUS samr_QuerySecurity(struct dcesrv_call_state *dce_call, TALLOC_CTX *mem_ctx,
                                   struct samr_QuerySecurity *r)
 {
-       DCESRV_FAULT(DCERPC_FAULT_OP_RNG_ERROR);
+       struct dcesrv_handle *h;
+       struct samr_SdBuf *sd;
+
+       r->out.sdbuf = NULL;
+
+       DCESRV_PULL_HANDLE(h, r->in.handle, DCESRV_HANDLE_ANY);
+
+       sd = talloc_p(mem_ctx, struct samr_SdBuf);
+       if (sd == NULL) {
+               return NT_STATUS_NO_MEMORY;
+       }
+
+       sd->sd = samdb_default_security_descriptor(mem_ctx);
+
+       r->out.sdbuf = sd;
+
+       return NT_STATUS_OK;
 }
 
 

diff --git a/source4/rpc_server/samr/samdb.c b/source4/rpc_server/samr/samdb.c
index ed76a4fc60d615c15e5b8a0455ad7bf5298c395c..37063b551dde25b996c7e234ded5ecb411d56ef0 100644 (file)
--- a/source4/rpc_server/samr/samdb.c
+++ b/source4/rpc_server/samr/samdb.c
@@ -965,3 +965,14 @@ int samdb_replace(void *ctx, TALLOC_CTX *mem_ctx, struct ldb_message *msg)
        return samdb_modify(ctx, mem_ctx, msg);
 }
 
+/*
+  return a default security descriptor
+*/
+struct security_descriptor *samdb_default_security_descriptor(TALLOC_CTX *mem_ctx)
+{
+       struct security_descriptor *sd;
+
+       sd = sd_initialise(mem_ctx);
+
+       return sd;
+}

diff --git a/source4/torture/rpc/netlogon.c b/source4/torture/rpc/netlogon.c
index 8fd4a0fd4cc7d0060597ab8b5bfa90579805b4fd..0fbd03fb8321d1242728be36cfb053327d4d1d94 100644 (file)
--- a/source4/torture/rpc/netlogon.c
+++ b/source4/torture/rpc/netlogon.c
@@ -1561,6 +1561,30 @@ static BOOL test_LogonControl2Ex(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
 }
 
 
+/*
+  try a netlogon netr_DsrEnumerateDomainTrusts
+*/
+static BOOL test_DsrEnumerateDomainTrusts(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx)
+{
+       NTSTATUS status;
+       struct netr_DsrEnumerateDomainTrusts r;
+
+       r.in.server_name = talloc_asprintf(mem_ctx, "\\\\%s", dcerpc_server_name(p));
+       r.in.trust_flags = 0x3f;
+
+       printf("Testing netr_DsrEnumerateDomainTrusts\n");
+
+       status = dcerpc_netr_DsrEnumerateDomainTrusts(p, mem_ctx, &r);
+       if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(r.out.result)) {
+               printf("netr_DsrEnumerateDomainTrusts - %s/%s\n", 
+                      nt_errstr(status), win_errstr(r.out.result));
+               return False;
+       }
+
+       return True;
+}
+
+
 
 BOOL torture_rpc_netlogon(int dummy)
 {
@@ -1640,6 +1664,10 @@ BOOL torture_rpc_netlogon(int dummy)
                ret = False;
        }
 
+       if (!test_DsrEnumerateDomainTrusts(p, mem_ctx)) {
+               ret = False;
+       }
+
         torture_rpc_close(p);
 
        if (!leave_domain_bdc(mem_ctx)) {

diff --git a/source4/torture/rpc/samr.c b/source4/torture/rpc/samr.c
index a1b01b533f800743285847f2d52e78e0cf9ae3c1..a7a6482da9f5945af4fb8a88743894a8658dea22 100644 (file)
--- a/source4/torture/rpc/samr.c
+++ b/source4/torture/rpc/samr.c
@@ -134,6 +134,10 @@ static BOOL test_QuerySecurity(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx,
                return False;
        }
 
+       if (s.in.sdbuf == NULL) {
+               return False;
+       }
+
        s.in.handle = handle;
        s.in.sec_info = 7;
        s.in.sdbuf = r.out.sdbuf;