summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2009-05-15 00:56:54 +0200
committerGünther Deschner <gd@samba.org>2009-05-15 13:55:39 +0200
commit0e9f03c72715d18c78befea6333666803b240025 (patch)
tree13daea9e92bce0e86e44757d20ee77e40f0a6248 /source3/rpc_server
parent140d4cabca3127bc6045fdeb998ae7c47c391fae (diff)
downloadsamba-0e9f03c72715d18c78befea6333666803b240025.tar.gz
samba-0e9f03c72715d18c78befea6333666803b240025.tar.bz2
samba-0e9f03c72715d18c78befea6333666803b240025.zip
s3-samr: Fix samr access checks in _samr_SetDomainInfo().
Guenther
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_samr_nt.c29
1 files changed, 22 insertions, 7 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 9728915529..64ea1cdf3c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -6082,18 +6082,33 @@ NTSTATUS _samr_SetDomainInfo(pipes_struct *p,
time_t u_logout;
time_t u_lock_duration, u_reset_time;
NTSTATUS result;
+ uint32_t acc_required = 0;
DEBUG(5,("_samr_SetDomainInfo: %d\n", __LINE__));
- /* We do have different access bits for info
- * levels here, but we're really just looking for
- * GENERIC_RIGHTS_DOMAIN_WRITE access. Unfortunately
- * this maps to different specific bits. So
- * assume if we have SAMR_DOMAIN_ACCESS_SET_INFO_1
- * set we are ok. */
+ switch (r->in.level) {
+ case 1: /* DomainPasswordInformation */
+ case 12: /* DomainLockoutInformation */
+ /* DOMAIN_WRITE_PASSWORD_PARAMETERS */
+ acc_required = SAMR_DOMAIN_ACCESS_SET_INFO_1;
+ break;
+ case 3: /* DomainLogoffInformation */
+ case 4: /* DomainOemInformation */
+ /* DOMAIN_WRITE_OTHER_PARAMETERS */
+ acc_required = SAMR_DOMAIN_ACCESS_SET_INFO_2;
+ break;
+ case 6: /* DomainReplicationInformation */
+ case 9: /* DomainStateInformation */
+ case 7: /* DomainServerRoleInformation */
+ /* DOMAIN_ADMINISTER_SERVER */
+ acc_required = SAMR_DOMAIN_ACCESS_SET_INFO_3;
+ break;
+ default:
+ return NT_STATUS_INVALID_INFO_CLASS;
+ }
dinfo = policy_handle_find(p, r->in.domain_handle,
- SAMR_DOMAIN_ACCESS_SET_INFO_1, NULL,
+ acc_required, NULL,
struct samr_domain_info, &result);
if (!NT_STATUS_IS_OK(result)) {
return result;