summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-11-17 22:40:10 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:05:27 -0500
commitd09beee040b62d9b783869bc9af7f17301e3f5e0 (patch)
tree68ec6d331e2d72971f3a0f9d66a482c47a961deb /source3/rpc_server
parent394f87b9146fab2ebf6a635c8bd4d17e4959fc36 (diff)
downloadsamba-d09beee040b62d9b783869bc9af7f17301e3f5e0.tar.gz
samba-d09beee040b62d9b783869bc9af7f17301e3f5e0.tar.bz2
samba-d09beee040b62d9b783869bc9af7f17301e3f5e0.zip
r11769: Looking at a performance problem enumerating accounts, wondered
if changing to support samr_connect5 might help so quickly coded it up. No it doesn't :-(. Don't merge this for 3.0.21 please. Jeremy. (This used to be commit bff1df678a8948d382f4555e83a1df23146a4b12)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_samr.c34
-rw-r--r--source3/rpc_server/srv_samr_nt.c54
2 files changed, 87 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index ffb7882e11..520bf47a31 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -679,6 +679,37 @@ static BOOL api_samr_connect4(pipes_struct *p)
return True;
}
+/*******************************************************************
+ api_samr_connect5
+ ********************************************************************/
+
+static BOOL api_samr_connect5(pipes_struct *p)
+{
+ SAMR_Q_CONNECT5 q_u;
+ SAMR_R_CONNECT5 r_u;
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ /* grab the samr open policy */
+ if(!samr_io_q_connect5("", &q_u, data, 0)) {
+ DEBUG(0,("api_samr_connect5: unable to unmarshall SAMR_Q_CONNECT5.\n"));
+ return False;
+ }
+
+ r_u.status = _samr_connect5(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!samr_io_r_connect5("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_samr_connect5: unable to marshall SAMR_R_CONNECT5.\n"));
+ return False;
+ }
+
+ return True;
+}
+
/**********************************************************************
api_samr_lookup_domain
**********************************************************************/
@@ -1492,7 +1523,8 @@ static struct api_struct api_samr_cmds [] =
{"SAMR_GET_USRDOM_PWINFO" , SAMR_GET_USRDOM_PWINFO, api_samr_get_usrdom_pwinfo},
{"SAMR_UNKNOWN_2E" , SAMR_UNKNOWN_2E , api_samr_unknown_2e },
{"SAMR_SET_DOMAIN_INFO" , SAMR_SET_DOMAIN_INFO , api_samr_set_dom_info },
- {"SAMR_CONNECT4" , SAMR_CONNECT4 , api_samr_connect4 }
+ {"SAMR_CONNECT4" , SAMR_CONNECT4 , api_samr_connect4 },
+ {"SAMR_CONNECT5" , SAMR_CONNECT5 , api_samr_connect5 }
};
void samr_get_pipe_fns( struct api_struct **fns, int *n_fns )
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 71272a9a98..bfc96ea0f6 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2293,6 +2293,60 @@ NTSTATUS _samr_connect4(pipes_struct *p, SAMR_Q_CONNECT4 *q_u, SAMR_R_CONNECT4 *
return r_u->status;
}
+/*******************************************************************
+ samr_connect5
+ ********************************************************************/
+
+NTSTATUS _samr_connect5(pipes_struct *p, SAMR_Q_CONNECT5 *q_u, SAMR_R_CONNECT5 *r_u)
+{
+ struct samr_info *info = NULL;
+ SEC_DESC *psd = NULL;
+ uint32 acc_granted;
+ uint32 des_access = q_u->access_mask;
+ NTSTATUS nt_status;
+ POLICY_HND pol;
+ size_t sd_size;
+
+
+ DEBUG(5,("_samr_connect5: %d\n", __LINE__));
+
+ ZERO_STRUCTP(r_u);
+
+ /* Access check */
+
+ if (!pipe_access_check(p)) {
+ DEBUG(3, ("access denied to samr_connect5\n"));
+ r_u->status = NT_STATUS_ACCESS_DENIED;
+ return r_u->status;
+ }
+
+ make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
+ se_map_generic(&des_access, &sam_generic_mapping);
+
+ nt_status = access_check_samr_object(psd, p->pipe_user.nt_user_token,
+ NULL, 0, des_access, &acc_granted, "_samr_connect5");
+
+ if ( !NT_STATUS_IS_OK(nt_status) )
+ return nt_status;
+
+ /* associate the user's SID and access granted with the new handle. */
+ if ((info = get_samr_info_by_sid(NULL)) == NULL)
+ return NT_STATUS_NO_MEMORY;
+
+ info->acc_granted = acc_granted;
+ info->status = q_u->access_mask;
+
+ /* get a (unique) handle. open a policy on it. */
+ if (!create_policy_hnd(p, &pol, free_samr_info, (void *)info))
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+
+ DEBUG(5,("_samr_connect: %d\n", __LINE__));
+
+ init_samr_r_connect5(r_u, &pol, NT_STATUS_OK);
+
+ return r_u->status;
+}
+
/**********************************************************************
api_samr_lookup_domain
**********************************************************************/