summaryrefslogtreecommitdiff
path: root/source3/lib/privileges.c
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2010-08-26 10:35:45 +1000
committerAndrew Bartlett <abartlet@samba.org>2010-09-11 18:46:04 +1000
commit99aae4a0ee4f5d069bebe998337d1cdb0c1c390a (patch)
tree07db5095008dc406dfd287fd8d8ba8d7ef93075a /source3/lib/privileges.c
parentc79336e48a12723a4c7d1d1e377a84b7aac4163d (diff)
downloadsamba-99aae4a0ee4f5d069bebe998337d1cdb0c1c390a.tar.gz
samba-99aae4a0ee4f5d069bebe998337d1cdb0c1c390a.tar.bz2
samba-99aae4a0ee4f5d069bebe998337d1cdb0c1c390a.zip
s3:privs Change to new host endian neutral privilages tdb format
These values are stored in account_policy.tdb, and the old format, using a 128 bit bitmap was not endian neutral. The previous endian-dependent format was introduced in 46e5effea948931509283cb84b27007d34b521c8 replacing a 32 bit number which was used at the time. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'source3/lib/privileges.c')
-rw-r--r--source3/lib/privileges.c19
1 files changed, 16 insertions, 3 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 5abd5228fa..97ae7dbfab 100644
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -65,9 +65,20 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask )
return False;
}
- SMB_ASSERT( data.dsize == sizeof( uint64_t ) );
+ if (data.dsize == 4*4) {
+ DEBUG(3, ("get_privileges: Should not have obtained old-style privileges record for SID "
+ "[%s]\n", sid_string_dbg(sid)));
+ return False;
+ }
+
+ if (data.dsize != sizeof( uint64_t ) ) {
+ DEBUG(3, ("get_privileges: Invalid privileges record assigned to SID "
+ "[%s]\n", sid_string_dbg(sid)));
+ return False;
+ }
+
+ *mask = BVAL(data.dptr, 0);
- se_priv_copy( mask, (uint64_t*)data.dptr );
TALLOC_FREE(data.dptr);
return True;
@@ -80,6 +91,7 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask )
static bool set_privileges( const struct dom_sid *sid, uint64_t *mask )
{
struct db_context *db = get_account_pol_db();
+ uint8_t privbuf[8];
fstring tmp, keystr;
TDB_DATA data;
@@ -98,7 +110,8 @@ static bool set_privileges( const struct dom_sid *sid, uint64_t *mask )
fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
- /* no packing. static size structure, just write it out */
+ /* This writes the 64 bit bitmask out in little endian format */
+ SBVAL(privbuf,0,*mask);
data.dptr = (uint8 *)mask;
data.dsize = sizeof(uint64_t);