summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@samba.org>2012-06-27 13:45:55 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-07-06 10:00:58 +0200
commit13a7f98f9f9a6dd26d0a2ab73ca8d0b40fc441e2 (patch)
tree45cebde8e244187846c88cc2910b32237906d052
parent9fa979c9340b004984a615e19415958b3a2d685b (diff)
downloadsamba-13a7f98f9f9a6dd26d0a2ab73ca8d0b40fc441e2.tar.gz
samba-13a7f98f9f9a6dd26d0a2ab73ca8d0b40fc441e2.tar.bz2
samba-13a7f98f9f9a6dd26d0a2ab73ca8d0b40fc441e2.zip
s4-lsarpc: Don't call lsa_OpenPolicy2 in lsa_LookupSids3.
-rw-r--r--source4/rpc_server/lsa/lsa_lookup.c94
1 files changed, 48 insertions, 46 deletions
diff --git a/source4/rpc_server/lsa/lsa_lookup.c b/source4/rpc_server/lsa/lsa_lookup.c
index 4b2a37a210..dffd2a572f 100644
--- a/source4/rpc_server/lsa/lsa_lookup.c
+++ b/source4/rpc_server/lsa/lsa_lookup.c
@@ -537,29 +537,20 @@ static NTSTATUS dcesrv_lsa_lookup_sid(struct lsa_policy_state *state, TALLOC_CTX
return NT_STATUS_OK;
}
-
-/*
- lsa_LookupSids2
-*/
-NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call,
- TALLOC_CTX *mem_ctx,
- struct lsa_LookupSids2 *r)
+static NTSTATUS dcesrv_lsa_LookupSids_common(struct dcesrv_call_state *dce_call,
+ TALLOC_CTX *mem_ctx,
+ struct lsa_policy_state *state,
+ struct lsa_LookupSids2 *r)
{
- struct lsa_policy_state *state;
struct lsa_RefDomainList *domains = NULL;
- uint32_t i;
NTSTATUS status = NT_STATUS_OK;
- struct dcesrv_handle *h;
-
- DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
+ uint32_t i;
if (r->in.level < LSA_LOOKUP_NAMES_ALL ||
r->in.level > LSA_LOOKUP_NAMES_RODC_REFERRAL_TO_FULL_DC) {
return NT_STATUS_INVALID_PARAMETER;
}
- state = h->data;
-
*r->out.domains = NULL;
/* NOTE: the WSPP test suite tries SIDs with invalid revision numbers,
@@ -641,6 +632,26 @@ NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call,
return NT_STATUS_OK;
}
+/*
+ lsa_LookupSids2
+*/
+NTSTATUS dcesrv_lsa_LookupSids2(struct dcesrv_call_state *dce_call,
+ TALLOC_CTX *mem_ctx,
+ struct lsa_LookupSids2 *r)
+{
+ struct lsa_policy_state *state;
+ struct dcesrv_handle *h;
+
+ DCESRV_PULL_HANDLE(h, r->in.handle, LSA_HANDLE_POLICY);
+
+ state = h->data;
+
+ return dcesrv_lsa_LookupSids_common(dce_call,
+ mem_ctx,
+ state,
+ r);
+}
+
/*
lsa_LookupSids3
@@ -652,47 +663,38 @@ NTSTATUS dcesrv_lsa_LookupSids3(struct dcesrv_call_state *dce_call,
TALLOC_CTX *mem_ctx,
struct lsa_LookupSids3 *r)
{
- struct lsa_LookupSids2 r2;
- struct lsa_OpenPolicy2 pol;
+ struct lsa_policy_state *policy_state;
+ struct lsa_LookupSids2 q;
NTSTATUS status;
- struct dcesrv_handle *h;
-
- ZERO_STRUCT(r2);
-
- /* No policy handle on the wire, so make one up here */
- r2.in.handle = talloc(mem_ctx, struct policy_handle);
- if (!r2.in.handle) {
- return NT_STATUS_NO_MEMORY;
- }
- pol.out.handle = r2.in.handle;
- pol.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
- pol.in.attr = NULL;
- pol.in.system_name = NULL;
- status = dcesrv_lsa_OpenPolicy2(dce_call, mem_ctx, &pol);
+ status = dcesrv_lsa_get_policy_state(dce_call, mem_ctx, &policy_state);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- /* ensure this handle goes away at the end of this call */
- DCESRV_PULL_HANDLE(h, r2.in.handle, LSA_HANDLE_POLICY);
- talloc_steal(mem_ctx, h);
+ ZERO_STRUCT(q);
- r2.in.sids = r->in.sids;
- r2.in.names = r->in.names;
- r2.in.level = r->in.level;
- r2.in.count = r->in.count;
- r2.in.lookup_options = r->in.lookup_options;
- r2.in.client_revision = r->in.client_revision;
- r2.out.count = r->out.count;
- r2.out.names = r->out.names;
- r2.out.domains = r->out.domains;
+ q.in.handle = NULL;
+ q.in.sids = r->in.sids;
+ q.in.names = r->in.names;
+ q.in.level = r->in.level;
+ q.in.count = r->in.count;
+ q.in.lookup_options = r->in.lookup_options;
+ q.in.client_revision = r->in.client_revision;
+ q.out.count = r->out.count;
+ q.out.names = r->out.names;
+ q.out.domains = r->out.domains;
- status = dcesrv_lsa_LookupSids2(dce_call, mem_ctx, &r2);
+ status = dcesrv_lsa_LookupSids_common(dce_call,
+ mem_ctx,
+ policy_state,
+ &q);
- r->out.domains = r2.out.domains;
- r->out.names = r2.out.names;
- r->out.count = r2.out.count;
+ talloc_free(policy_state);
+
+ r->out.count = q.out.count;
+ r->out.names = q.out.names;
+ r->out.domains = q.out.domains;
return status;
}