From: Stefan Metzmacher <metze@samba.org>
Date: Mon, 22 Jan 2018 19:21:14 +0000 (+0100)
Subject: s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on dcesrv_lsa_LookupNames_common()
X-Git-Tag: tevent-0.9.36~31
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=37cb34d16406d27831be74e952ee744e58b79fb4;p=thirdparty%2Fsamba.git

s4:rpc_server/lsa: base dcesrv_lsa_LookupNames() on dcesrv_lsa_LookupNames_common()

Bug: https://bugzilla.samba.org/show_bug.cgi?id=13286

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
---

diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c
index cefc48fcd8b..1e9b4c6cd9e 100644
--- a/source4/rpc_server/lsa/lsa_lookup.c
+++ b/source4/rpc_server/lsa/lsa_lookup.c
@@ -1110,7 +1110,9 @@ NTSTATUS dcesrv_lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *
 {
 	enum dcerpc_transport_t transport =
 		dcerpc_binding_get_transport(dce_call->conn->endpoint->ep_description);
-	struct lsa_LookupNames2 r2;
+	struct lsa_policy_state *policy_state = NULL;
+	struct dcesrv_handle *policy_handle = NULL;
+	struct lsa_LookupNames3 r2;
 	NTSTATUS status;
 	uint32_t i;
 
@@ -1118,6 +1120,10 @@ NTSTATUS dcesrv_lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *
 		DCESRV_FAULT(DCERPC_FAULT_ACCESS_DENIED);
 	}
 
+	DCESRV_PULL_HANDLE(policy_handle, r->in.handle, LSA_HANDLE_POLICY);
+
+	policy_state = policy_handle->data;
+
 	*r->out.domains = NULL;
 	r->out.sids->count = 0;
 	r->out.sids->sids = NULL;
@@ -1135,7 +1141,7 @@ NTSTATUS dcesrv_lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *
 	r2.in.handle    = r->in.handle;
 	r2.in.num_names = r->in.num_names;
 	r2.in.names     = r->in.names;
-	r2.in.sids      = talloc_zero(mem_ctx, struct lsa_TransSidArray2);
+	r2.in.sids      = talloc_zero(mem_ctx, struct lsa_TransSidArray3);
 	if (r2.in.sids == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
@@ -1144,19 +1150,42 @@ NTSTATUS dcesrv_lsa_LookupNames(struct dcesrv_call_state *dce_call, TALLOC_CTX *
 	r2.in.lookup_options = LSA_LOOKUP_OPTION_SEARCH_ISOLATED_NAMES;
 	r2.in.client_revision = LSA_CLIENT_REVISION_1;
 	r2.out.count    = r->out.count;
-	r2.out.sids     = talloc_zero(mem_ctx, struct lsa_TransSidArray2);
+	r2.out.sids     = talloc_zero(mem_ctx, struct lsa_TransSidArray3);
 	if (r2.out.sids == NULL) {
 		return NT_STATUS_NO_MEMORY;
 	}
 	r2.out.domains	= r->out.domains;
 
-	status = dcesrv_lsa_LookupNames2(dce_call, mem_ctx, &r2);
+	status = dcesrv_lsa_LookupNames_common(dce_call,
+					       mem_ctx,
+					       policy_state,
+					       &r2);
 
 	SMB_ASSERT(r2.out.sids->count <= r->in.num_names);
 	for (i=0;i<r2.out.sids->count;i++) {
-		r->out.sids->sids[i].sid_type    = r2.out.sids->sids[i].sid_type;
-		r->out.sids->sids[i].rid         = r2.out.sids->sids[i].rid;
-		r->out.sids->sids[i].sid_index   = r2.out.sids->sids[i].sid_index;
+		struct lsa_TranslatedSid3 *s3 =
+			&r2.out.sids->sids[i];
+		struct lsa_TranslatedSid *s =
+			&r->out.sids->sids[i];
+
+		s->sid_type = s3->sid_type;
+		if (s3->sid_type == SID_NAME_DOMAIN) {
+			s->rid = UINT32_MAX;
+		} else if (s3->flags & 0x00000004) {
+			s->rid = UINT32_MAX;
+		} else if (s3->sid == NULL) {
+			/*
+			 * MS-LSAT 3.1.4.7 - rid zero is considered
+			 * equivalent to sid NULL - so we should return
+			 * 0 rid for unmapped entries
+			 */
+			s->rid = 0;
+		} else {
+			s->rid = 0;
+			dom_sid_split_rid(NULL, s3->sid,
+					  NULL, &s->rid);
+		}
+		s->sid_index = s3->sid_index;
 	}
 	r->out.sids->count = r2.out.sids->count;