From: Andreas Schneider <asn@samba.org>
Date: Thu, 31 Aug 2023 08:18:23 +0000 (+0200)
Subject: s3:rpc_client: Implement dcerpc_lsa_open_policy3()
X-Git-Tag: talloc-2.4.2~602
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=aecd73beccacd61f5bb4fe38563fa2668cfc266c;p=thirdparty%2Fsamba.git

s3:rpc_client: Implement dcerpc_lsa_open_policy3()

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
---

diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c
index 1ea49781a4d..f4aeb582a8f 100644
--- a/source3/rpc_client/cli_lsarpc.c
+++ b/source3/rpc_client/cli_lsarpc.c
@@ -152,6 +152,47 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
 	return result;
 }
 
+NTSTATUS dcerpc_lsa_open_policy3(struct dcerpc_binding_handle *h,
+				 TALLOC_CTX *mem_ctx,
+				 const char *srv_name_slash,
+				 bool sec_qos,
+				 uint32_t des_access,
+				 uint32_t *out_version,
+				 union lsa_revision_info *out_revision_info,
+				 struct policy_handle *pol,
+				 NTSTATUS *result)
+{
+	struct lsa_ObjectAttribute attr = { .len = 0x18, };
+	struct lsa_QosInfo qos;
+	union lsa_revision_info in_revision_info = {
+		.info1 = {
+			.revision = 1,
+		},
+	};
+	uint32_t in_version = 1;
+
+	if (sec_qos) {
+		qos.len			= 0xc;
+		qos.impersonation_level	= 2;
+		qos.context_mode	= 1;
+		qos.effective_only	= 0;
+
+		attr.sec_qos		= &qos;
+	}
+
+	return dcerpc_lsa_OpenPolicy3(h,
+				      mem_ctx,
+				      srv_name_slash,
+				      &attr,
+				      des_access,
+				      in_version,
+				      &in_revision_info,
+				      out_version,
+			              out_revision_info,
+				      pol,
+				      result);
+}
+
 /* Lookup a list of sids
  *
  * internal version withOUT memory allocation of the target arrays.
diff --git a/source3/rpc_client/cli_lsarpc.h b/source3/rpc_client/cli_lsarpc.h
index 459120a21bf..240fa6804e4 100644
--- a/source3/rpc_client/cli_lsarpc.h
+++ b/source3/rpc_client/cli_lsarpc.h
@@ -85,6 +85,38 @@ NTSTATUS rpccli_lsa_open_policy2(struct rpc_pipe_client *cli,
 				 TALLOC_CTX *mem_ctx, bool sec_qos,
 				 uint32_t des_access, struct policy_handle *pol);
 
+/**
+ * @brief Open a LSA policy.
+ *
+ * @param[in]  h        The dcerpc binding handle to use.
+ *
+ * @param[in]  mem_ctx  The memory context to use.
+ *
+ * @param[in]  sec_qos  Enable security quality of services.
+ *
+ * @param[in]  des_access The desired access rights to be granted.
+ *
+ * @param[out]  out_version A pointer to an uin32_t to store the version of the
+ *                          following data structure.
+ *
+ * @param[out]  out_revision info A pointer to store the out_revision_info.
+ *
+ * @param[out]  pol     A pointer to a rpc policy handle.
+ *
+ * @param[out]  result  A pointer for the NDR NTSTATUS error code.
+ *
+ * @return              A corresponding NTSTATUS error code for the connection.
+ */
+NTSTATUS dcerpc_lsa_open_policy3(struct dcerpc_binding_handle *h,
+				 TALLOC_CTX *mem_ctx,
+				 const char *srv_name_slash,
+				 bool sec_qos,
+				 uint32_t des_access,
+				 uint32_t *out_version,
+				 union lsa_revision_info *out_revision_info,
+				 struct policy_handle *pol,
+				 NTSTATUS *result);
+
 /**
  * @brief Look up the names that correspond to an array of sids.
  *