Author: tridge Date: 2004-12-19 07:20:55 +0000 (Sun, 19 Dec 2004) New Revision: 4279
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4279 Log: added IDL and test code for lsa_AddPrivilegesToAccount() and lsa_RemovePrivilegesFromAccount() Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl branches/SAMBA_4_0/source/torture/rpc/lsa.c Changeset: Modified: branches/SAMBA_4_0/source/librpc/idl/lsa.idl =================================================================== --- branches/SAMBA_4_0/source/librpc/idl/lsa.idl 2004-12-19 06:41:27 UTC (rev 4278) +++ branches/SAMBA_4_0/source/librpc/idl/lsa.idl 2004-12-19 07:20:55 UTC (rev 4279) @@ -368,7 +368,7 @@ } lsa_LUIDAttribute; typedef struct { - uint32 count; + [range(0,1000)] uint32 count; uint32 unknown; [size_is(count)] lsa_LUIDAttribute set[*]; } lsa_PrivilegeSet; @@ -379,11 +379,21 @@ ); + /****************************************/ /* Function: 0x13 */ - NTSTATUS lsa_AddPrivilegesToAccount(); + NTSTATUS lsa_AddPrivilegesToAccount( + [in,ref] policy_handle *handle, + [in,ref] lsa_PrivilegeSet *privs + ); + + /****************************************/ /* Function: 0x14 */ - NTSTATUS lsa_RemovePrivilegesFromAccount(); + NTSTATUS lsa_RemovePrivilegesFromAccount( + [in,ref] policy_handle *handle, + [in] uint8 remove_all, + [in] lsa_PrivilegeSet *privs + ); /* Function: 0x15 */ NTSTATUS lsa_GetQuotasForAccount(); Modified: branches/SAMBA_4_0/source/torture/rpc/lsa.c =================================================================== --- branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-19 06:41:27 UTC (rev 4278) +++ branches/SAMBA_4_0/source/torture/rpc/lsa.c 2004-12-19 07:20:55 UTC (rev 4279) @@ -357,6 +357,67 @@ return True; } +static BOOL test_RemovePrivilegesFromAccount(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *acct_handle, + struct lsa_LUID *luid) +{ + NTSTATUS status; + struct lsa_RemovePrivilegesFromAccount r; + struct lsa_PrivilegeSet privs; + BOOL ret = True; + + printf("Testing RemovePrivilegesFromAccount\n"); + + r.in.handle = acct_handle; + r.in.remove_all = 0; + r.in.privs = &privs; + + privs.count = 1; + privs.unknown = 0; + privs.set = talloc_array_p(mem_ctx, struct lsa_LUIDAttribute, 1); + privs.set[0].luid = *luid; + privs.set[0].attribute = 0; + + status = dcerpc_lsa_RemovePrivilegesFromAccount(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("RemovePrivilegesFromAccount failed - %s\n", nt_errstr(status)); + return False; + } + + return ret; +} + +static BOOL test_AddPrivilegesToAccount(struct dcerpc_pipe *p, + TALLOC_CTX *mem_ctx, + struct policy_handle *acct_handle, + struct lsa_LUID *luid) +{ + NTSTATUS status; + struct lsa_AddPrivilegesToAccount r; + struct lsa_PrivilegeSet privs; + BOOL ret = True; + + printf("Testing AddPrivilegesToAccount\n"); + + r.in.handle = acct_handle; + r.in.privs = &privs; + + privs.count = 1; + privs.unknown = 0; + privs.set = talloc_array_p(mem_ctx, struct lsa_LUIDAttribute, 1); + privs.set[0].luid = *luid; + privs.set[0].attribute = 0; + + status = dcerpc_lsa_AddPrivilegesToAccount(p, mem_ctx, &r); + if (!NT_STATUS_IS_OK(status)) { + printf("AddPrivilegesToAccount failed - %s\n", nt_errstr(status)); + return False; + } + + return ret; +} + static BOOL test_EnumPrivsAccount(struct dcerpc_pipe *p, TALLOC_CTX *mem_ctx, struct policy_handle *handle, @@ -364,6 +425,7 @@ { NTSTATUS status; struct lsa_EnumPrivsAccount r; + BOOL ret = True; printf("Testing EnumPrivsAccount\n"); @@ -375,15 +437,20 @@ return False; } - if (r.out.privs) { + if (r.out.privs && r.out.privs->count > 0) { int i; for (i=0;i<r.out.privs->count;i++) { test_LookupPrivName(p, mem_ctx, handle, &r.out.privs->set[i].luid); } + + ret &= test_RemovePrivilegesFromAccount(p, mem_ctx, acct_handle, + &r.out.privs->set[0].luid); + ret &= test_AddPrivilegesToAccount(p, mem_ctx, acct_handle, + &r.out.privs->set[0].luid); } - return True; + return ret; } static BOOL test_Delete(struct dcerpc_pipe *p, @@ -636,7 +703,7 @@ NTSTATUS status; struct lsa_QuerySecurity r; - printf("Testing QuerySecuriy\n"); + printf("Testing QuerySecurity\n"); r.in.handle = acct_handle; r.in.sec_info = 7;