summaryrefslogtreecommitdiff
path: root/source3/printing
diff options
context:
space:
mode:
authorAndreas Schneider <asn@samba.org>2010-06-15 11:48:12 +0200
committerSimo Sorce <idra@samba.org>2010-07-27 10:27:14 -0400
commit35e03ef5c22020e047bd05e61be6c46701a07702 (patch)
tree517ed5e6bdbf9c49e198e29fdeb78ddf9f6d7669 /source3/printing
parentc18913a2c216d9dd092f4efb3dfbad376fc29bb6 (diff)
downloadsamba-35e03ef5c22020e047bd05e61be6c46701a07702.tar.gz
samba-35e03ef5c22020e047bd05e61be6c46701a07702.tar.bz2
samba-35e03ef5c22020e047bd05e61be6c46701a07702.zip
s3-printing: Move all tdb upgrade functions to a separate file.
Signed-off-by: Jim McDonough <jmcd@samba.org>
Diffstat (limited to 'source3/printing')
-rw-r--r--source3/printing/nt_printing.c395
-rw-r--r--source3/printing/nt_printing_tdb.c460
-rw-r--r--source3/printing/nt_printing_tdb.h28
3 files changed, 492 insertions, 391 deletions
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index e42d0dfac1..6a45ac0924 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -22,6 +22,7 @@
#include "includes.h"
#include "librpc/gen_ndr/messaging.h"
#include "printing/pcap.h"
+#include "printing/nt_printing_tdb.h"
#include "registry.h"
#include "registry/reg_objects.h"
#include "../librpc/gen_ndr/ndr_security.h"
@@ -29,22 +30,6 @@
#include "../rpc_server/srv_spoolss_util.h"
-static TDB_CONTEXT *tdb_forms; /* used for forms files */
-static TDB_CONTEXT *tdb_drivers; /* used for driver files */
-static TDB_CONTEXT *tdb_printers; /* used for printers files */
-
-#define FORMS_PREFIX "FORMS/"
-#define DRIVERS_PREFIX "DRIVERS/"
-#define PRINTERS_PREFIX "PRINTERS/"
-#define SECDESC_PREFIX "SECDESC/"
-#define GLOBAL_C_SETPRINTER "GLOBALS/c_setprinter"
-
-#define NTDRIVERS_DATABASE_VERSION_1 1
-#define NTDRIVERS_DATABASE_VERSION_2 2
-#define NTDRIVERS_DATABASE_VERSION_3 3 /* little endian version of v2 */
-#define NTDRIVERS_DATABASE_VERSION_4 4 /* fix generic bits in security descriptors */
-#define NTDRIVERS_DATABASE_VERSION_5 5 /* normalize keys in ntprinters.tdb */
-
/* Map generic permissions to printer object specific permissions */
const struct generic_mapping printer_generic_mapping = {
@@ -98,393 +83,22 @@ static const struct print_architecture_table_node archi_table[]= {
{NULL, "", -1 }
};
-
-/****************************************************************************
- generate a new TDB_DATA key for storing a printer
-****************************************************************************/
-
-static TDB_DATA make_printer_tdbkey(TALLOC_CTX *ctx, const char *sharename )
-{
- fstring share;
- char *keystr = NULL;
- TDB_DATA key;
-
- fstrcpy(share, sharename);
- strlower_m(share);
-
- keystr = talloc_asprintf(ctx, "%s%s", PRINTERS_PREFIX, share);
- key = string_term_tdb_data(keystr ? keystr : "");
-
- return key;
-}
-
-/****************************************************************************
- generate a new TDB_DATA key for storing a printer security descriptor
-****************************************************************************/
-
-static TDB_DATA make_printers_secdesc_tdbkey(TALLOC_CTX *ctx,
- const char* sharename )
-{
- fstring share;
- char *keystr = NULL;
- TDB_DATA key;
-
- fstrcpy(share, sharename );
- strlower_m(share);
-
- keystr = talloc_asprintf(ctx, "%s%s", SECDESC_PREFIX, share);
- key = string_term_tdb_data(keystr ? keystr : "");
-
- return key;
-}
-
-/****************************************************************************
-****************************************************************************/
-
-static bool upgrade_to_version_3(void)
-{
- TDB_DATA kbuf, newkey, dbuf;
-
- DEBUG(0,("upgrade_to_version_3: upgrading print tdb's to version 3\n"));
-
- for (kbuf = tdb_firstkey(tdb_drivers); kbuf.dptr;
- newkey = tdb_nextkey(tdb_drivers, kbuf), free(kbuf.dptr), kbuf=newkey) {
-
- dbuf = tdb_fetch(tdb_drivers, kbuf);
-
- if (strncmp((const char *)kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
- DEBUG(0,("upgrade_to_version_3:moving form\n"));
- if (tdb_store(tdb_forms, kbuf, dbuf, TDB_REPLACE) != 0) {
- SAFE_FREE(dbuf.dptr);
- DEBUG(0,("upgrade_to_version_3: failed to move form. Error (%s).\n", tdb_errorstr(tdb_forms)));
- return False;
- }
- if (tdb_delete(tdb_drivers, kbuf) != 0) {
- SAFE_FREE(dbuf.dptr);
- DEBUG(0,("upgrade_to_version_3: failed to delete form. Error (%s)\n", tdb_errorstr(tdb_drivers)));
- return False;
- }
- }
-
- if (strncmp((const char *)kbuf.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX)) == 0) {
- DEBUG(0,("upgrade_to_version_3:moving printer\n"));
- if (tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE) != 0) {
- SAFE_FREE(dbuf.dptr);
- DEBUG(0,("upgrade_to_version_3: failed to move printer. Error (%s)\n", tdb_errorstr(tdb_printers)));
- return False;
- }
- if (tdb_delete(tdb_drivers, kbuf) != 0) {
- SAFE_FREE(dbuf.dptr);
- DEBUG(0,("upgrade_to_version_3: failed to delete printer. Error (%s)\n", tdb_errorstr(tdb_drivers)));
- return False;
- }
- }
-
- if (strncmp((const char *)kbuf.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX)) == 0) {
- DEBUG(0,("upgrade_to_version_3:moving secdesc\n"));
- if (tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE) != 0) {
- SAFE_FREE(dbuf.dptr);
- DEBUG(0,("upgrade_to_version_3: failed to move secdesc. Error (%s)\n", tdb_errorstr(tdb_printers)));
- return False;
- }
- if (tdb_delete(tdb_drivers, kbuf) != 0) {
- SAFE_FREE(dbuf.dptr);
- DEBUG(0,("upgrade_to_version_3: failed to delete secdesc. Error (%s)\n", tdb_errorstr(tdb_drivers)));
- return False;
- }
- }
-
- SAFE_FREE(dbuf.dptr);
- }
-
- return True;
-}
-
-/*******************************************************************
- Fix an issue with security descriptors. Printer sec_desc must
- use more than the generic bits that were previously used
- in <= 3.0.14a. They must also have a owner and group SID assigned.
- Otherwise, any printers than have been migrated to a Windows
- host using printmig.exe will not be accessible.
-*******************************************************************/
-
-static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
- TDB_DATA data, void *state )
-{
- NTSTATUS status;
- struct sec_desc_buf *sd_orig = NULL;
- struct sec_desc_buf *sd_new, *sd_store;
- struct security_descriptor *sec, *new_sec;
- TALLOC_CTX *ctx = state;
- int result, i;
- uint32 sd_size;
- size_t size_new_sec;
-
- if (!data.dptr || data.dsize == 0) {
- return 0;
- }
-
- if ( strncmp((const char *) key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) != 0 ) {
- return 0;
- }
-
- /* upgrade the security descriptor */
-
- status = unmarshall_sec_desc_buf(ctx, data.dptr, data.dsize, &sd_orig);
- if (!NT_STATUS_IS_OK(status)) {
- /* delete bad entries */
- DEBUG(0,("sec_desc_upg_fn: Failed to parse original sec_desc for %si. Deleting....\n",
- (const char *)key.dptr ));
- tdb_delete( tdb_printers, key );
- return 0;
- }
-
- if (!sd_orig) {
- return 0;
- }
- sec = sd_orig->sd;
-
- /* is this even valid? */
-
- if ( !sec->dacl ) {
- return 0;
- }
-
- /* update access masks */
-
- for ( i=0; i<sec->dacl->num_aces; i++ ) {
- switch ( sec->dacl->aces[i].access_mask ) {
- case (GENERIC_READ_ACCESS | GENERIC_WRITE_ACCESS | GENERIC_EXECUTE_ACCESS):
- sec->dacl->aces[i].access_mask = PRINTER_ACE_PRINT;
- break;
-
- case GENERIC_ALL_ACCESS:
- sec->dacl->aces[i].access_mask = PRINTER_ACE_FULL_CONTROL;
- break;
-
- case READ_CONTROL_ACCESS:
- sec->dacl->aces[i].access_mask = PRINTER_ACE_MANAGE_DOCUMENTS;
-
- default: /* no change */
- break;
- }
- }
-
- /* create a new struct security_descriptor with the appropriate owner and group SIDs */
-
- new_sec = make_sec_desc( ctx, SD_REVISION, SEC_DESC_SELF_RELATIVE,
- &global_sid_Builtin_Administrators,
- &global_sid_Builtin_Administrators,
- NULL, NULL, &size_new_sec );
- if (!new_sec) {
- return 0;
- }
- sd_new = make_sec_desc_buf( ctx, size_new_sec, new_sec );
- if (!sd_new) {
- return 0;
- }
-
- if ( !(sd_store = sec_desc_merge_buf( ctx, sd_new, sd_orig )) ) {
- DEBUG(0,("sec_desc_upg_fn: Failed to update sec_desc for %s\n", key.dptr ));
- return 0;
- }
-
- /* store it back */
-
- sd_size = ndr_size_security_descriptor(sd_store->sd, 0)
- + sizeof(struct sec_desc_buf);
-
- status = marshall_sec_desc_buf(ctx, sd_store, &data.dptr, &data.dsize);
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(0,("sec_desc_upg_fn: Failed to parse new sec_desc for %s\n", key.dptr ));
- return 0;
- }
-
- result = tdb_store( tdb_printers, key, data, TDB_REPLACE );
-
- /* 0 to continue and non-zero to stop traversal */
-
- return (result == -1);
-}
-
-/*******************************************************************
-*******************************************************************/
-
-static bool upgrade_to_version_4(void)
-{
- TALLOC_CTX *ctx;
- int result;
-
- DEBUG(0,("upgrade_to_version_4: upgrading printer security descriptors\n"));
-
- if ( !(ctx = talloc_init( "upgrade_to_version_4" )) )
- return False;
-
- result = tdb_traverse( tdb_printers, sec_desc_upg_fn, ctx );
-
- talloc_destroy( ctx );
-
- return ( result != -1 );
-}
-
-/*******************************************************************
- Fix an issue with security descriptors. Printer sec_desc must
- use more than the generic bits that were previously used
- in <= 3.0.14a. They must also have a owner and group SID assigned.
- Otherwise, any printers than have been migrated to a Windows
- host using printmig.exe will not be accessible.
-*******************************************************************/
-
-static int normalize_printers_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
- TDB_DATA data, void *state )
-{
- TALLOC_CTX *ctx = talloc_tos();
- TDB_DATA new_key;
-
- if (!data.dptr || data.dsize == 0)
- return 0;
-
- /* upgrade printer records and security descriptors */
-
- if ( strncmp((const char *) key.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX) ) == 0 ) {
- new_key = make_printer_tdbkey(ctx, (const char *)key.dptr+strlen(PRINTERS_PREFIX) );
- }
- else if ( strncmp((const char *) key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) == 0 ) {
- new_key = make_printers_secdesc_tdbkey(ctx, (const char *)key.dptr+strlen(SECDESC_PREFIX) );
- }
- else {
- /* ignore this record */
- return 0;
- }
-
- /* delete the original record and store under the normalized key */
-
- if ( tdb_delete( the_tdb, key ) != 0 ) {
- DEBUG(0,("normalize_printers_fn: tdb_delete for [%s] failed!\n",
- key.dptr));
- return 1;
- }
-
- if ( tdb_store( the_tdb, new_key, data, TDB_REPLACE) != 0 ) {
- DEBUG(0,("normalize_printers_fn: failed to store new record for [%s]!\n",
- key.dptr));
- return 1;
- }
-
- return 0;
-}
-
-/*******************************************************************
-*******************************************************************/
-
-static bool upgrade_to_version_5(void)
-{
- TALLOC_CTX *ctx;
- int result;
-
- DEBUG(0,("upgrade_to_version_5: normalizing printer keys\n"));
-
- if ( !(ctx = talloc_init( "upgrade_to_version_5" )) )
- return False;
-
- result = tdb_traverse( tdb_printers, normalize_printers_fn, NULL );
-
- talloc_destroy( ctx );
-
- return ( result != -1 );
-}
-
/****************************************************************************
Open the NT printing tdbs. Done once before fork().
****************************************************************************/
bool nt_printing_init(struct messaging_context *msg_ctx)
{
- const char *vstring = "INFO/version";
WERROR win_rc;
- int32 vers_id;
-
- if ( tdb_drivers && tdb_printers && tdb_forms )
- return True;
-
- if (tdb_drivers)
- tdb_close(tdb_drivers);
- tdb_drivers = tdb_open_log(state_path("ntdrivers.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
- if (!tdb_drivers) {
- DEBUG(0,("nt_printing_init: Failed to open nt drivers database %s (%s)\n",
- state_path("ntdrivers.tdb"), strerror(errno) ));
- return False;
- }
-
- if (tdb_printers)
- tdb_close(tdb_printers);
- tdb_printers = tdb_open_log(state_path("ntprinters.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
- if (!tdb_printers) {
- DEBUG(0,("nt_printing_init: Failed to open nt printers database %s (%s)\n",
- state_path("ntprinters.tdb"), strerror(errno) ));
- return False;
- }
-
- if (tdb_forms)
- tdb_close(tdb_forms);
- tdb_forms = tdb_open_log(state_path("ntforms.tdb"), 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);
- if (!tdb_forms) {
- DEBUG(0,("nt_printing_init: Failed to open nt forms database %s (%s)\n",
- state_path("ntforms.tdb"), strerror(errno) ));
- return False;
- }
-
- /* handle a Samba upgrade */
-
- vers_id = tdb_fetch_int32(tdb_drivers, vstring);
- if (vers_id == -1) {
- DEBUG(10, ("Fresh database\n"));
- tdb_store_int32( tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_5 );
- vers_id = NTDRIVERS_DATABASE_VERSION_5;
- }
-
- if ( vers_id != NTDRIVERS_DATABASE_VERSION_5 ) {
- if ((vers_id == NTDRIVERS_DATABASE_VERSION_1) || (IREV(vers_id) == NTDRIVERS_DATABASE_VERSION_1)) {
- if (!upgrade_to_version_3())
- return False;
- tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_3);
- vers_id = NTDRIVERS_DATABASE_VERSION_3;
- }
-
- if ((vers_id == NTDRIVERS_DATABASE_VERSION_2) || (IREV(vers_id) == NTDRIVERS_DATABASE_VERSION_2)) {
- /* Written on a bigendian machine with old fetch_int code. Save as le. */
- /* The only upgrade between V2 and V3 is to save the version in little-endian. */
- tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_3);
- vers_id = NTDRIVERS_DATABASE_VERSION_3;
- }
-
- if (vers_id == NTDRIVERS_DATABASE_VERSION_3 ) {
- if ( !upgrade_to_version_4() )
- return False;
- tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_4);
- vers_id = NTDRIVERS_DATABASE_VERSION_4;
- }
-
- if (vers_id == NTDRIVERS_DATABASE_VERSION_4 ) {
- if ( !upgrade_to_version_5() )
- return False;
- tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_5);
- vers_id = NTDRIVERS_DATABASE_VERSION_5;
- }
-
-
- if ( vers_id != NTDRIVERS_DATABASE_VERSION_5 ) {
- DEBUG(0,("nt_printing_init: Unknown printer database version [%d]\n", vers_id));
- return False;
- }
+ if (!nt_printing_tdb_upgrade()) {
+ return false;
}
/*
* register callback to handle updating printers as new
* drivers are installed
*/
-
messaging_register(msg_ctx, NULL, MSG_PRINTER_DRVUPGRADE,
do_drv_upgrade_printer);
@@ -492,14 +106,13 @@ bool nt_printing_init(struct messaging_context *msg_ctx)
tell messages.c that you interested in receiving PRINT_GENERAL
msgs. This is done in serverid_register() */
-
if ( lp_security() == SEC_ADS ) {
win_rc = check_published_printers();
if (!W_ERROR_IS_OK(win_rc))
DEBUG(0, ("nt_printing_init: error checking published printers: %s\n", win_errstr(win_rc)));
}
- return True;
+ return true;
}
/*******************************************************************
diff --git a/source3/printing/nt_printing_tdb.c b/source3/printing/nt_printing_tdb.c
new file mode 100644
index 0000000000..29f6463ff8
--- /dev/null
+++ b/source3/printing/nt_printing_tdb.c
@@ -0,0 +1,460 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (c) Andrew Tridgell 1992-2000,
+ * Copyright (c) Jean François Micouleau 1998-2000.
+ * Copyright (c) Gerald Carter 2002-2005.
+ * Copyright (c) Andreas Schneider 2010.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#include "includes.h"
+#include "printing/nt_printing_tdb.h"
+
+#include "librpc/gen_ndr/ndr_security.h"
+
+#define FORMS_PREFIX "FORMS/"
+#define DRIVERS_PREFIX "DRIVERS/"
+#define PRINTERS_PREFIX "PRINTERS/"
+#define SECDESC_PREFIX "SECDESC/"
+
+#define NTDRIVERS_DATABASE_VERSION_1 1
+#define NTDRIVERS_DATABASE_VERSION_2 2
+#define NTDRIVERS_DATABASE_VERSION_3 3 /* little endian version of v2 */
+#define NTDRIVERS_DATABASE_VERSION_4 4 /* fix generic bits in security descriptors */
+#define NTDRIVERS_DATABASE_VERSION_5 5 /* normalize keys in ntprinters.tdb */
+
+static TDB_CONTEXT *tdb_forms; /* used for forms files */
+static TDB_CONTEXT *tdb_drivers; /* used for driver files */
+static TDB_CONTEXT *tdb_printers; /* used for printers files */
+
+/****************************************************************************
+ generate a new TDB_DATA key for storing a printer
+****************************************************************************/
+
+static TDB_DATA make_printer_tdbkey(TALLOC_CTX *ctx, const char *sharename )
+{
+ fstring share;
+ char *keystr = NULL;
+ TDB_DATA key;
+
+ fstrcpy(share, sharename);
+ strlower_m(share);
+
+ keystr = talloc_asprintf(ctx, "%s%s", PRINTERS_PREFIX, share);
+ key = string_term_tdb_data(keystr ? keystr : "");
+
+ return key;
+}
+
+/****************************************************************************
+ generate a new TDB_DATA key for storing a printer security descriptor
+****************************************************************************/
+
+static TDB_DATA make_printers_secdesc_tdbkey(TALLOC_CTX *ctx,
+ const char* sharename )
+{
+ fstring share;
+ char *keystr = NULL;
+ TDB_DATA key;
+
+ fstrcpy(share, sharename );
+ strlower_m(share);
+
+ keystr = talloc_asprintf(ctx, "%s%s", SECDESC_PREFIX, share);
+ key = string_term_tdb_data(keystr ? keystr : "");
+
+ return key;
+}
+
+/****************************************************************************
+ Upgrade the tdb files to version 3
+****************************************************************************/
+
+static bool upgrade_to_version_3(void)
+{
+ TDB_DATA kbuf, newkey, dbuf;
+
+ DEBUG(0,("upgrade_to_version_3: upgrading print tdb's to version 3\n"));
+
+ for (kbuf = tdb_firstkey(tdb_drivers); kbuf.dptr;
+ newkey = tdb_nextkey(tdb_drivers, kbuf), free(kbuf.dptr), kbuf=newkey) {
+
+ dbuf = tdb_fetch(tdb_drivers, kbuf);
+
+ if (strncmp((const char *)kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
+ DEBUG(0,("upgrade_to_version_3:moving form\n"));
+ if (tdb_store(tdb_forms, kbuf, dbuf, TDB_REPLACE) != 0) {
+ SAFE_FREE(dbuf.dptr);
+ DEBUG(0,("upgrade_to_version_3: failed to move form. Error (%s).\n", tdb_errorstr(tdb_forms)));
+ return False;
+ }
+ if (tdb_delete(tdb_drivers, kbuf) != 0) {
+ SAFE_FREE(dbuf.dptr);
+ DEBUG(0,("upgrade_to_version_3: failed to delete form. Error (%s)\n", tdb_errorstr(tdb_drivers)));
+ return False;
+ }
+ }
+
+ if (strncmp((const char *)kbuf.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX)) == 0) {
+ DEBUG(0,("upgrade_to_version_3:moving printer\n"));
+ if (tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE) != 0) {
+ SAFE_FREE(dbuf.dptr);
+ DEBUG(0,("upgrade_to_version_3: failed to move printer. Error (%s)\n", tdb_errorstr(tdb_printers)));
+ return False;
+ }
+ if (tdb_delete(tdb_drivers, kbuf) != 0) {
+ SAFE_FREE(dbuf.dptr);
+ DEBUG(0,("upgrade_to_version_3: failed to delete printer. Error (%s)\n", tdb_errorstr(tdb_drivers)));
+ return False;
+ }
+ }
+
+ if (strncmp((const char *)kbuf.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX)) == 0) {
+ DEBUG(0,("upgrade_to_version_3:moving secdesc\n"));
+ if (tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE) != 0) {
+ SAFE_FREE(dbuf.dptr);
+ DEBUG(0,("upgrade_to_version_3: failed to move secdesc. Error (%s)\n", tdb_errorstr(tdb_printers)));
+ return False;
+ }
+ if (tdb_delete(tdb_drivers, kbuf) != 0) {
+ SAFE_FREE(dbuf.dptr);
+ DEBUG(0,("upgrade_to_version_3: failed to delete secdesc. Error (%s)\n", tdb_errorstr(tdb_drivers)));
+ return False;
+ }
+ }
+
+ SAFE_FREE(dbuf.dptr);
+ }
+
+ return True;
+}
+
+/*******************************************************************
+ Fix an issue with security descriptors. Printer sec_desc must
+ use more than the generic bits that were previously used
+ in <= 3.0.14a. They must also have a owner and group SID assigned.
+ Otherwise, any printers than have been migrated to a Windows
+ host using printmig.exe will not be accessible.
+*******************************************************************/
+
+static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
+ TDB_DATA data, void *state )
+{
+ NTSTATUS status;
+ struct sec_desc_buf *sd_orig = NULL;
+ struct sec_desc_buf *sd_new, *sd_store;
+ struct security_descriptor *sec, *new_sec;
+ TALLOC_CTX *ctx = state;
+ int result, i;
+ uint32 sd_size;
+ size_t size_new_sec;
+
+ if (!data.dptr || data.dsize == 0) {
+ return 0;
+ }
+
+ if ( strncmp((const char *) key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) != 0 ) {
+ return 0;
+ }
+
+ /* upgrade the security descriptor */
+
+ status = unmarshall_sec_desc_buf(ctx, data.dptr, data.dsize, &sd_orig);
+ if (!NT_STATUS_IS_OK(status)) {
+ /* delete bad entries */
+ DEBUG(0,("sec_desc_upg_fn: Failed to parse original sec_desc for %si. Deleting....\n",
+ (const char *)key.dptr ));
+ tdb_delete( tdb_printers, key );
+ return 0;
+ }
+
+ if (!sd_orig) {
+ return 0;
+ }
+ sec = sd_orig->sd;
+
+ /* is this even valid? */
+
+ if ( !sec->dacl ) {
+ return 0;
+ }
+
+ /* update access masks */
+
+ for ( i=0; i<sec->dacl->num_aces; i++ ) {
+ switch ( sec->dacl->aces[i].access_mask ) {
+ case (GENERIC_READ_ACCESS | GENERIC_WRITE_ACCESS | GENERIC_EXECUTE_ACCESS):
+ sec->dacl->aces[i].access_mask = PRINTER_ACE_PRINT;
+ break;
+
+ case GENERIC_ALL_ACCESS:
+ sec->dacl->aces[i].access_mask = PRINTER_ACE_FULL_CONTROL;
+ break;
+
+ case READ_CONTROL_ACCESS:
+ sec->dacl->aces[i].access_mask = PRINTER_ACE_MANAGE_DOCUMENTS;
+
+ default: /* no change */
+ break;
+ }
+ }
+
+ /* create a new struct security_descriptor with the appropriate owner and group SIDs */
+
+ new_sec = make_sec_desc( ctx, SD_REVISION, SEC_DESC_SELF_RELATIVE,
+ &global_sid_Builtin_Administrators,
+ &global_sid_Builtin_Administrators,
+ NULL, NULL, &size_new_sec );
+ if (!new_sec) {
+ return 0;
+ }
+ sd_new = make_sec_desc_buf( ctx, size_new_sec, new_sec );
+ if (!sd_new) {
+ return 0;
+ }
+
+ if ( !(sd_store = sec_desc_merge_buf( ctx, sd_new, sd_orig )) ) {
+ DEBUG(0,("sec_desc_upg_fn: Failed to update sec_desc for %s\n", key.dptr ));
+ return 0;
+ }
+
+ /* store it back */
+
+ sd_size = ndr_size_security_descriptor(sd_store->sd, 0)
+ + sizeof(struct sec_desc_buf);
+
+ status = marshall_sec_desc_buf(ctx, sd_store, &data.dptr, &data.dsize);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("sec_desc_upg_fn: Failed to parse new sec_desc for %s\n", key.dptr ));
+ return 0;
+ }
+
+ result = tdb_store( tdb_printers, key, data, TDB_REPLACE );
+
+ /* 0 to continue and non-zero to stop traversal */
+
+ return (result == -1);
+}
+
+/*******************************************************************
+ Upgrade the tdb files to version 4
+*******************************************************************/
+
+static bool upgrade_to_version_4(void)
+{
+ TALLOC_CTX *ctx;
+ int result;
+
+ DEBUG(0,("upgrade_to_version_4: upgrading printer security descriptors\n"));
+
+ if ( !(ctx = talloc_init( "upgrade_to_version_4" )) )
+ return False;
+
+ result = tdb_traverse( tdb_printers, sec_desc_upg_fn, ctx );
+
+ talloc_destroy( ctx );
+
+ return ( result != -1 );
+}
+
+/*******************************************************************
+ Fix an issue with security descriptors. Printer sec_desc must
+ use more than the generic bits that were previously used
+ in <= 3.0.14a. They must also have a owner and group SID assigned.
+ Otherwise, any printers than have been migrated to a Windows
+ host using printmig.exe will not be accessible.
+*******************************************************************/
+
+static int normalize_printers_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
+ TDB_DATA data, void *state )
+{
+ TALLOC_CTX *ctx = talloc_tos();
+ TDB_DATA new_key;
+
+ if (!data.dptr || data.dsize == 0)
+ return 0;
+
+ /* upgrade printer records and security descriptors */
+
+ if ( strncmp((const char *) key.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX) ) == 0 ) {
+ new_key = make_printer_tdbkey(ctx, (const char *)key.dptr+strlen(PRINTERS_PREFIX) );
+ }
+ else if ( strncmp((const char *) key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) == 0 ) {
+ new_key = make_printers_secdesc_tdbkey(ctx, (const char *)key.dptr+strlen(SECDESC_PREFIX) );
+ }
+ else {
+ /* ignore this record */
+ return 0;
+ }
+
+ /* delete the original record and store under the normalized key */
+
+ if ( tdb_delete( the_tdb, key ) != 0 ) {
+ DEBUG(0,("normalize_printers_fn: tdb_delete for [%s] failed!\n",
+ key.dptr));
+ return 1;
+ }
+
+ if ( tdb_store( the_tdb, new_key, data, TDB_REPLACE) != 0 ) {
+ DEBUG(0,("normalize_printers_fn: failed to store new record for [%s]!\n",
+ key.dptr));
+ return 1;
+ }
+
+ return 0;
+}
+
+/*******************************************************************
+ Upgrade the tdb files to version 5
+*******************************************************************/
+
+static bool upgrade_to_version_5(void)
+{
+ TALLOC_CTX *ctx;
+ int result;
+
+ DEBUG(0,("upgrade_to_version_5: normalizing printer keys\n"));
+
+ if ( !(ctx = talloc_init( "upgrade_to_version_5" )) )
+ return False;
+
+ result = tdb_traverse( tdb_printers, normalize_printers_fn, NULL );
+
+ talloc_destroy( ctx );
+
+ return ( result != -1 );
+}
+
+bool nt_printing_tdb_upgrade(void)
+{
+ const char *drivers_path = state_path("ntdrivers.tdb");
+ const char *printers_path = state_path("ntprinters.tdb");
+ const char *forms_path = state_path("ntforms.tdb");
+ bool drivers_exists = file_exist(drivers_path);
+ bool printers_exists = file_exist(printers_path);
+ bool forms_exists = file_exist(forms_path);
+ const char *vstring = "INFO/version";
+ int32_t vers_id;
+
+ if (!drivers_exists && !printers_exists && !forms_exists) {
+ return true;
+ }
+
+ tdb_drivers = tdb_open_log(drivers_path,
+ 0,
+ TDB_DEFAULT,
+ O_RDWR|O_CREAT,
+ 0600);
+ if (tdb_drivers == NULL) {
+ DEBUG(0,("nt_printing_init: Failed to open nt drivers "
+ "database %s (%s)\n",
+ drivers_path, strerror(errno)));
+ return false;
+ }
+
+ tdb_printers = tdb_open_log(printers_path,
+ 0,
+ TDB_DEFAULT,
+ O_RDWR|O_CREAT,
+ 0600);
+ if (tdb_printers == NULL) {
+ DEBUG(0,("nt_printing_init: Failed to open nt printers "
+ "database %s (%s)\n",
+ printers_path, strerror(errno)));
+ return false;
+ }
+
+ tdb_forms = tdb_open_log(forms_path,
+ 0,
+ TDB_DEFAULT,
+ O_RDWR|O_CREAT,
+ 0600);
+ if (tdb_forms == NULL) {
+ DEBUG(0,("nt_printing_init: Failed to open nt forms "
+ "database %s (%s)\n",
+ forms_path, strerror(errno)));
+ return false;
+ }
+
+ /* Samba upgrade */
+ vers_id = tdb_fetch_int32(tdb_drivers, vstring);
+ if (vers_id == -1) {
+ DEBUG(10, ("Fresh database\n"));
+ tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_5);
+ vers_id = NTDRIVERS_DATABASE_VERSION_5;
+ }
+
+ if (vers_id != NTDRIVERS_DATABASE_VERSION_5) {
+ if ((vers_id == NTDRIVERS_DATABASE_VERSION_1) ||
+ (IREV(vers_id) == NTDRIVERS_DATABASE_VERSION_1)) {
+ if (!upgrade_to_version_3()) {
+ return false;
+ }
+
+ tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_3);
+ vers_id = NTDRIVERS_DATABASE_VERSION_3;
+ }
+
+ if ((vers_id == NTDRIVERS_DATABASE_VERSION_2) ||
+ (IREV(vers_id) == NTDRIVERS_DATABASE_VERSION_2)) {
+ /*
+ * Written on a bigendian machine with old fetch_int
+ * code. Save as le. The only upgrade between V2 and V3
+ * is to save the version in little-endian.
+ */
+ tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_3);
+ vers_id = NTDRIVERS_DATABASE_VERSION_3;
+ }
+
+ if (vers_id == NTDRIVERS_DATABASE_VERSION_3) {
+ if (!upgrade_to_version_4()) {
+ return false;
+ }
+ tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_4);
+ vers_id = NTDRIVERS_DATABASE_VERSION_4;
+ }
+
+ if (vers_id == NTDRIVERS_DATABASE_VERSION_4 ) {
+ if (!upgrade_to_version_5()) {
+ return false;
+ }
+ tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_5);
+ vers_id = NTDRIVERS_DATABASE_VERSION_5;
+ }
+
+ if (vers_id != NTDRIVERS_DATABASE_VERSION_5) {
+ DEBUG(0,("nt_printing_init: Unknown printer database version [%d]\n", vers_id));
+ return false;
+ }
+ }
+
+ if (tdb_drivers) {
+ tdb_close(tdb_drivers);
+ tdb_drivers = NULL;
+ }
+
+ if (tdb_printers) {
+ tdb_close(tdb_printers);
+ tdb_printers = NULL;
+ }
+
+ if (tdb_forms) {
+ tdb_close(tdb_forms);
+ tdb_forms = NULL;
+ }
+
+ return true;
+}
diff --git a/source3/printing/nt_printing_tdb.h b/source3/printing/nt_printing_tdb.h
new file mode 100644
index 0000000000..81e1813559
--- /dev/null
+++ b/source3/printing/nt_printing_tdb.h
@@ -0,0 +1,28 @@
+/*
+ * Unix SMB/CIFS implementation.
+ * RPC Pipe client / server routines
+ * Copyright (c) Andrew Tridgell 1992-2000,
+ * Copyright (c) Jean François Micouleau 1998-2000.
+ * Copyright (c) Gerald Carter 2002-2005.
+ * Copyright (c) Andreas Schneider 2010.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _NT_PRINTING_TDB_H_
+#define _NT_PRINTING_TDB_H_
+
+bool nt_printing_tdb_upgrade(void);
+
+#endif /* _NT_PRINTING_TDB_H_ */