From: Andreas Schneider <asn@samba.org>
Date: Mon, 23 Oct 2023 13:35:38 +0000 (+0200)
Subject: s3:rpc_client: Implement dcerpc_lsa_open_policy_fallback()
X-Git-Tag: talloc-2.4.2~601
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0db702322ce577bde6a21b36d6f8ae4cabb2de42;p=thirdparty%2Fsamba.git

s3:rpc_client: Implement dcerpc_lsa_open_policy_fallback()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index f4aeb582a8f..9a9acbab323 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -193,6 +193,47 @@ NTSTATUS dcerpc_lsa_open_policy3(struct dcerpc_binding_handle *h,
 				      result);
 }
 
+NTSTATUS dcerpc_lsa_open_policy_fallback(struct dcerpc_binding_handle *h,
+					 TALLOC_CTX *mem_ctx,
+					 const char *srv_name_slash,
+					 bool sec_qos,
+					 uint32_t desired_access,
+					 uint32_t *out_version,
+					 union lsa_revision_info *out_revision_info,
+					 struct policy_handle *pol,
+					 NTSTATUS *result)
+{
+	NTSTATUS status;
+
+	status = dcerpc_lsa_open_policy3(h,
+					 mem_ctx,
+					 srv_name_slash,
+					 sec_qos,
+					 desired_access,
+					 out_version,
+					 out_revision_info,
+					 pol,
+					 result);
+	if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE)) {
+		*out_version = 1;
+		*out_revision_info = (union lsa_revision_info) {
+			.info1 = {
+				.revision = 1,
+			}
+		};
+
+		status = dcerpc_lsa_open_policy2(h,
+						 mem_ctx,
+						 srv_name_slash,
+						 sec_qos,
+						 desired_access,
+						 pol,
+						 result);
+	}
+
+	return status;
+}
+
 /* Lookup a list of sids
  *
  * internal version withOUT memory allocation of the target arrays.
diff --git a/source3/rpc_client/cli_lsarpc.h b/source3/rpc_client/cli_lsarpc.h
index 240fa6804e4..2d0c5868b22 100644
--- a/source3/rpc_client/cli_lsarpc.h
+++ b/source3/rpc_client/cli_lsarpc.h
@@ -117,6 +117,41 @@ NTSTATUS dcerpc_lsa_open_policy3(struct dcerpc_binding_handle *h,
 				 struct policy_handle *pol,
 				 NTSTATUS *result);
 
+/**
+ * @brief Open a LSA policy with fallback to previous version
+ *
+ * This first calls lsa_open_policy3 and falls back to lsa_open_policy2 in case
+ * it isn't implemented.
+ *
+ * @param[in]  h        The dcerpc binding handle to use.
+ *
+ * @param[in]  mem_ctx  The memory context to use.
+ *
+ * @param[in]  sec_qos  Enable security quality of services.
+ *
+ * @param[in]  des_access The desired access rights to be granted.
+ *
+ * @param[out]  out_version A pointer to an uin32_t to store the version of the
+ *                          following data structure.
+ *
+ * @param[out]  out_revision info A pointer to store the out_revision_info.
+ *
+ * @param[out]  pol     A pointer to a rpc policy handle.
+ *
+ * @param[out]  result  A pointer for the NDR NTSTATUS error code.
+ *
+ * @return              A corresponding NTSTATUS error code for the connection.
+ */
+NTSTATUS dcerpc_lsa_open_policy_fallback(struct dcerpc_binding_handle *h,
+					 TALLOC_CTX *mem_ctx,
+					 const char *srv_name_slash,
+					 bool sec_qos,
+					 uint32_t desired_access,
+					 uint32_t *out_version,
+					 union lsa_revision_info *out_revision_info,
+					 struct policy_handle *pol,
+					 NTSTATUS *result);
+
 /**
  * @brief Look up the names that correspond to an array of sids.
  *