summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJean-François Micouleau <jfm@samba.org>2001-11-29 16:05:05 +0000
committerJean-François Micouleau <jfm@samba.org>2001-11-29 16:05:05 +0000
commitfac01bda8bb4f52b930496c362f55aca5b112240 (patch)
tree14657fee45b97fc453596e62bb9f64e26c26de94 /source3/rpc_server
parent3a921f37b737cab0729cc904e514647406e6f01c (diff)
downloadsamba-fac01bda8bb4f52b930496c362f55aca5b112240.tar.gz
samba-fac01bda8bb4f52b930496c362f55aca5b112240.tar.bz2
samba-fac01bda8bb4f52b930496c362f55aca5b112240.zip
Changed again how the privilege list is handled in the group mapping code.
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP struct as some privilege showing in USRMGR.EXE are not real privs but a bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT 3.1 box to verify, but I'm too lazy (yes I still have my CDs). Added 3 more LSA calls: SetSystemAccount, AddPrivileges and RemovePrivileges, we can manage all this privilege from UserManager. Time to change the NT_USER_TOKEN struct and add checks in all the rpc functions. Fun, fun, fun. J.F. (This used to be commit 3f0a9ef2b8c626cfa2878394bb7b642342342bf3)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_lsa.c125
-rw-r--r--source3/rpc_server/srv_lsa_nt.c179
-rw-r--r--source3/rpc_server/srv_samr_nt.c63
3 files changed, 329 insertions, 38 deletions
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index 4331ffca8d..d2b2c60f45 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -482,27 +482,124 @@ static BOOL api_lsa_getsystemaccount(pipes_struct *p)
/***************************************************************************
+ api_lsa_setsystemaccount
+ ***************************************************************************/
+
+static BOOL api_lsa_setsystemaccount(pipes_struct *p)
+{
+ LSA_Q_SETSYSTEMACCOUNT q_u;
+ LSA_R_SETSYSTEMACCOUNT r_u;
+
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if(!lsa_io_q_setsystemaccount("", &q_u, data, 0)) {
+ DEBUG(0,("api_lsa_setsystemaccount: failed to unmarshall LSA_Q_SETSYSTEMACCOUNT.\n"));
+ return False;
+ }
+
+ r_u.status = _lsa_setsystemaccount(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!lsa_io_r_setsystemaccount("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_lsa_setsystemaccount: Failed to marshall LSA_R_SETSYSTEMACCOUNT.\n"));
+ return False;
+ }
+
+ return True;
+}
+
+/***************************************************************************
+ api_lsa_addprivs
+ ***************************************************************************/
+
+static BOOL api_lsa_addprivs(pipes_struct *p)
+{
+ LSA_Q_ADDPRIVS q_u;
+ LSA_R_ADDPRIVS r_u;
+
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if(!lsa_io_q_addprivs("", &q_u, data, 0)) {
+ DEBUG(0,("api_lsa_addprivs: failed to unmarshall LSA_Q_ADDPRIVS.\n"));
+ return False;
+ }
+
+ r_u.status = _lsa_addprivs(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!lsa_io_r_addprivs("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_lsa_addprivs: Failed to marshall LSA_R_ADDPRIVS.\n"));
+ return False;
+ }
+
+ return True;
+}
+
+/***************************************************************************
+ api_lsa_removeprivs
+ ***************************************************************************/
+
+static BOOL api_lsa_removeprivs(pipes_struct *p)
+{
+ LSA_Q_REMOVEPRIVS q_u;
+ LSA_R_REMOVEPRIVS r_u;
+
+ prs_struct *data = &p->in_data.data;
+ prs_struct *rdata = &p->out_data.rdata;
+
+ ZERO_STRUCT(q_u);
+ ZERO_STRUCT(r_u);
+
+ if(!lsa_io_q_removeprivs("", &q_u, data, 0)) {
+ DEBUG(0,("api_lsa_removeprivs: failed to unmarshall LSA_Q_REMOVEPRIVS.\n"));
+ return False;
+ }
+
+ r_u.status = _lsa_removeprivs(p, &q_u, &r_u);
+
+ /* store the response in the SMB stream */
+ if(!lsa_io_r_removeprivs("", &r_u, rdata, 0)) {
+ DEBUG(0,("api_lsa_removeprivs: Failed to marshall LSA_R_REMOVEPRIVS.\n"));
+ return False;
+ }
+
+ return True;
+}
+
+
+/***************************************************************************
\PIPE\ntlsa commands
***************************************************************************/
static struct api_struct api_lsa_cmds[] =
{
- { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 },
- { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
- { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
- { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
- { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
- { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
- { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
- { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
- { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs },
+ { "LSA_OPENPOLICY2" , LSA_OPENPOLICY2 , api_lsa_open_policy2 },
+ { "LSA_OPENPOLICY" , LSA_OPENPOLICY , api_lsa_open_policy },
+ { "LSA_QUERYINFOPOLICY" , LSA_QUERYINFOPOLICY , api_lsa_query_info },
+ { "LSA_ENUMTRUSTDOM" , LSA_ENUMTRUSTDOM , api_lsa_enum_trust_dom },
+ { "LSA_CLOSE" , LSA_CLOSE , api_lsa_close },
+ { "LSA_OPENSECRET" , LSA_OPENSECRET , api_lsa_open_secret },
+ { "LSA_LOOKUPSIDS" , LSA_LOOKUPSIDS , api_lsa_lookup_sids },
+ { "LSA_LOOKUPNAMES" , LSA_LOOKUPNAMES , api_lsa_lookup_names },
+ { "LSA_ENUM_PRIVS" , LSA_ENUM_PRIVS , api_lsa_enum_privs },
{ "LSA_PRIV_GET_DISPNAME",LSA_PRIV_GET_DISPNAME,api_lsa_priv_get_dispname},
- { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts },
- { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser},
- { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account },
+ { "LSA_ENUM_ACCOUNTS" , LSA_ENUM_ACCOUNTS , api_lsa_enum_accounts },
+ { "LSA_UNK_GET_CONNUSER", LSA_UNK_GET_CONNUSER, api_lsa_unk_get_connuser },
+ { "LSA_OPENACCOUNT" , LSA_OPENACCOUNT , api_lsa_open_account },
{ "LSA_ENUMPRIVSACCOUNT", LSA_ENUMPRIVSACCOUNT, api_lsa_enum_privsaccount},
- { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount},
- { NULL , 0 , NULL }
+ { "LSA_GETSYSTEMACCOUNT", LSA_GETSYSTEMACCOUNT, api_lsa_getsystemaccount },
+ { "LSA_SETSYSTEMACCOUNT", LSA_SETSYSTEMACCOUNT, api_lsa_setsystemaccount },
+ { "LSA_ADDPRIVS" , LSA_ADDPRIVS , api_lsa_addprivs },
+ { "LSA_REMOVEPRIVS" , LSA_REMOVEPRIVS , api_lsa_removeprivs },
+ { NULL , 0 , NULL }
};
/***************************************************************************
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index bf5d24188e..b16e3836f6 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -563,7 +563,7 @@ NTSTATUS _lsa_enum_privs(pipes_struct *p, LSA_Q_ENUM_PRIVS *q_u, LSA_R_ENUM_PRIV
init_uni_hdr(&entry->hdr_name, strlen(privs[i+1].priv));
init_unistr2(&entry->name, privs[i+1].priv, strlen(privs[i+1].priv) );
entry->luid_low = privs[i+1].se_priv;
- entry->luid_high = 1;
+ entry->luid_high = 0;
}
}
@@ -601,7 +601,7 @@ NTSTATUS _lsa_priv_get_dispname(pipes_struct *p, LSA_Q_PRIV_GET_DISPNAME *q_u, L
r_u->lang_id=q_u->lang_id;
return NT_STATUS_OK;
} else {
- DEBUG(10,(": doesn't exist\n"));
+ DEBUG(10,("_lsa_priv_get_dispname: doesn't exist\n"));
r_u->ptr_info=0;
return NT_STATUS_NO_SUCH_PRIVILEGE;
}
@@ -717,7 +717,6 @@ NTSTATUS _lsa_enum_privsaccount(pipes_struct *p, LSA_Q_ENUMPRIVSACCOUNT *q_u, LS
{
struct lsa_info *info=NULL;
GROUP_MAP map;
- uint32 count=0;
int i=0;
LUID_ATTR *set=NULL;
@@ -731,21 +730,26 @@ NTSTATUS _lsa_enum_privsaccount(pipes_struct *p, LSA_Q_ENUMPRIVSACCOUNT *q_u, LS
if (!get_group_map_from_sid(info->sid, &map))
return NT_STATUS_NO_SUCH_GROUP;
- for (i=1; privs[i].se_priv!=SE_PRIV_ALL; i++) {
- if ( check_priv_in_privilege(map.privileges, privs[i].se_priv)) {
-
- set=(LUID_ATTR *)talloc_realloc(p->mem_ctx, set, (count+1)*sizeof(LUID_ATTR));
- if (set == NULL) return NT_STATUS_NO_MEMORY;
-
- set[count].luid.low=privs[i].se_priv;
- set[count].luid.high=1;
- set[count].attr=0;
-
- count++;
+ DEBUG(10,("_lsa_enum_privsaccount: %d privileges\n", map.priv_set.count));
+ if (map.priv_set.count!=0) {
+
+ set=(LUID_ATTR *)talloc(p->mem_ctx, map.priv_set.count*sizeof(LUID_ATTR));
+ if (set == NULL) {
+ free_privilege(&map.priv_set);
+ return NT_STATUS_NO_MEMORY;
+ }
+
+ for (i=0; i<map.priv_set.count; i++) {
+ set[i].luid.low=map.priv_set.set[i].luid.low;
+ set[i].luid.high=map.priv_set.set[i].luid.high;
+ set[i].attr=map.priv_set.set[i].attr;
+ DEBUG(10,("_lsa_enum_privsaccount: priv %d: %d:%d:%d\n", i,
+ set[i].luid.high, set[i].luid.low, set[i].attr));
}
}
- init_lsa_r_enum_privsaccount(r_u, set, count, 0);
+ init_lsa_r_enum_privsaccount(r_u, set, map.priv_set.count, 0);
+ free_privilege(&map.priv_set);
return r_u->status;
}
@@ -756,13 +760,154 @@ NTSTATUS _lsa_enum_privsaccount(pipes_struct *p, LSA_Q_ENUMPRIVSACCOUNT *q_u, LS
NTSTATUS _lsa_getsystemaccount(pipes_struct *p, LSA_Q_GETSYSTEMACCOUNT *q_u, LSA_R_GETSYSTEMACCOUNT *r_u)
{
+ struct lsa_info *info=NULL;
+ GROUP_MAP map;
r_u->status = NT_STATUS_OK;
/* find the connection policy handle. */
- if (!find_policy_by_hnd(p, &q_u->pol, NULL))
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
return NT_STATUS_INVALID_HANDLE;
- r_u->access=3;
+ if (!get_group_map_from_sid(info->sid, &map))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ /*
+ 0x01 -> Log on locally
+ 0x02 -> Access this computer from network
+ 0x04 -> Log on as a batch job
+ 0x10 -> Log on as a service
+
+ they can be ORed together
+ */
+
+ r_u->access=map.systemaccount;
return r_u->status;
}
+
+/***************************************************************************
+ update the systemaccount information
+ ***************************************************************************/
+
+NTSTATUS _lsa_setsystemaccount(pipes_struct *p, LSA_Q_SETSYSTEMACCOUNT *q_u, LSA_R_SETSYSTEMACCOUNT *r_u)
+{
+ struct lsa_info *info=NULL;
+ GROUP_MAP map;
+ r_u->status = NT_STATUS_OK;
+
+ /* find the connection policy handle. */
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
+ return NT_STATUS_INVALID_HANDLE;
+
+ if (!get_group_map_from_sid(info->sid, &map))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ map.systemaccount=q_u->access;
+
+ if(!add_mapping_entry(&map, TDB_REPLACE))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ return r_u->status;
+}
+
+/***************************************************************************
+ For a given SID, add some privileges.
+ ***************************************************************************/
+
+NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u)
+{
+ struct lsa_info *info=NULL;
+ GROUP_MAP map;
+ int i=0;
+
+ LUID_ATTR *luid_attr=NULL;
+ PRIVILEGE_SET *set=NULL;
+
+ r_u->status = NT_STATUS_OK;
+
+ /* find the connection policy handle. */
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
+ return NT_STATUS_INVALID_HANDLE;
+
+ if (!get_group_map_from_sid(info->sid, &map))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ set=&q_u->set;
+
+ for (i=0; i<set->count; i++) {
+ luid_attr=&set->set[i];
+
+ /* check if the privilege is already there */
+ if (check_priv_in_privilege(&map.priv_set, *luid_attr)){
+ free_privilege(&map.priv_set);
+ return NT_STATUS_NO_SUCH_PRIVILEGE;
+ }
+
+ add_privilege(&map.priv_set, *luid_attr);
+ }
+
+ if(!add_mapping_entry(&map, TDB_REPLACE))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ free_privilege(&map.priv_set);
+
+ return r_u->status;
+}
+
+/***************************************************************************
+ For a given SID, remove some privileges.
+ ***************************************************************************/
+
+NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEPRIVS *r_u)
+{
+ struct lsa_info *info=NULL;
+ GROUP_MAP map;
+ int i=0;
+
+ LUID_ATTR *luid_attr=NULL;
+ PRIVILEGE_SET *set=NULL;
+
+ r_u->status = NT_STATUS_OK;
+
+ /* find the connection policy handle. */
+ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info))
+ return NT_STATUS_INVALID_HANDLE;
+
+ if (!get_group_map_from_sid(info->sid, &map))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ if (q_u->allrights!=0) {
+ /* log it and return, until I see one myself don't do anything */
+ DEBUG(5,("_lsa_removeprivs: trying to remove all privileges ?\n"));
+ return NT_STATUS_OK;
+ }
+
+ if (q_u->ptr==0) {
+ /* log it and return, until I see one myself don't do anything */
+ DEBUG(5,("_lsa_removeprivs: no privileges to remove ?\n"));
+ return NT_STATUS_OK;
+ }
+
+ set=&q_u->set;
+
+ for (i=0; i<set->count; i++) {
+ luid_attr=&set->set[i];
+
+ /* if we don't have the privilege, we're trying to remove, give up */
+ /* what else can we do ??? JFM. */
+ if (!check_priv_in_privilege(&map.priv_set, *luid_attr)){
+ free_privilege(&map.priv_set);
+ return NT_STATUS_NO_SUCH_PRIVILEGE;
+ }
+
+ remove_privilege(&map.priv_set, *luid_attr);
+ }
+
+ if(!add_mapping_entry(&map, TDB_REPLACE))
+ return NT_STATUS_NO_SUCH_GROUP;
+
+ free_privilege(&map.priv_set);
+
+ return r_u->status;
+}
+
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 12b37834d8..112b1bb293 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -813,13 +813,16 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
enum_group_mapping(SID_NAME_WKN_GRP, &map, (int *)&num_entries, ENUM_ONLY_MAPPED);
if (num_entries != 0) {
+ for (i=0; i<num_entries; i++)
+ free_privilege(&(map[i].priv_set));
+
*d_grp=(DOMAIN_GRP *)talloc_zero(ctx, num_entries*sizeof(DOMAIN_GRP));
if (*d_grp==NULL)
return NT_STATUS_NO_MEMORY;
for(i=0; i<num_entries && i<max_entries; i++) {
fstrcpy((*d_grp)[i].name, map[i+start_idx].nt_name);
- sid_split_rid(&map[i].sid, &(*d_grp)[i].rid);
+ sid_split_rid(&map[i+start_idx].sid, &(*d_grp)[i].rid);
}
}
@@ -851,6 +854,12 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
continue;
}
+ /*
+ * free early the privilege struct as it's not used
+ * and prevent leaking mem.
+ */
+ free_privilege(&smap.priv_set);
+
if (smap.sid_name_use!=SID_NAME_ALIAS) {
continue;
}
@@ -873,8 +882,9 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
if ( (*d_grp)[i].rid == trid )
break;
- if ( i < num_entries )
+ if ( i < num_entries ) {
continue; /* rid was there, dup! */
+ }
/* JRA - added this for large group db enumeration... */
@@ -925,6 +935,13 @@ static NTSTATUS get_group_domain_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DO
*p_num_entries = 0;
enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED);
+
+ /*
+ * free early the privilege struct as it's not used
+ * and prevent leaking mem.
+ */
+ for (i=0; i<group_entries; i++)
+ free_privilege(&(map[i].priv_set));
num_entries=group_entries-start_idx;
@@ -2702,6 +2719,8 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_
}
}
+ free_privilege(&map.priv_set);
+
if(!get_uid_list_of_group(map.gid, &uid, &num_uids))
return NT_STATUS_NO_SUCH_ALIAS;
@@ -2762,6 +2781,8 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_
if(!get_domain_group_from_sid(group_sid, &map))
return NT_STATUS_NO_SUCH_GROUP;
+ free_privilege(&map.priv_set);
+
if(!get_uid_list_of_group(map.gid, &uid, &num_uids))
return NT_STATUS_NO_SUCH_GROUP;
@@ -2817,7 +2838,9 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD
} else
return NT_STATUS_NO_SUCH_ALIAS;
}
-
+
+ free_privilege(&map.priv_set);
+
sid_split_rid(&q_u->sid.sid, &rid);
uid=pdb_user_rid_to_uid(rid);
@@ -2885,6 +2908,8 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD
if(!get_domain_group_from_sid(group_sid, &map))
return NT_STATUS_NO_SUCH_GROUP;
+ free_privilege(&map.priv_set);
+
if ((pwd=getpwuid(pdb_user_rid_to_uid(q_u->rid))) ==NULL)
return NT_STATUS_NO_SUCH_USER;
@@ -2968,6 +2993,8 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S
if(!get_domain_group_from_sid(group_sid, &map))
return NT_STATUS_NO_SUCH_ALIAS;
+ free_privilege(&map.priv_set);
+
gid=map.gid;
/* check if group really exists */
@@ -3025,6 +3052,8 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S
if(!get_local_group_from_sid(alias_sid, &map))
return NT_STATUS_NO_SUCH_ALIAS;
+ free_privilege(&map.priv_set);
+
gid=map.gid;
/* check if group really exists */
@@ -3059,6 +3088,9 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S
fstring sid_string;
struct group *grp;
struct samr_info *info;
+ PRIVILEGE_SET priv_set;
+
+ init_privilege(&priv_set);
/* Find the policy handle. Open a policy on it. */
if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid))
@@ -3085,7 +3117,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S
r_u->rid=pdb_gid_to_group_rid(grp->gr_gid);
/* add the group to the mapping table */
- if(!add_initial_entry(grp->gr_gid, sid_string, SID_NAME_DOM_GRP, name, NULL, SE_PRIV_NONE))
+ if(!add_initial_entry(grp->gr_gid, sid_string, SID_NAME_DOM_GRP, name, NULL, priv_set, PR_ACCESS_FROM_NETWORK))
return NT_STATUS_ACCESS_DENIED;
if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL)
@@ -3115,6 +3147,9 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S
fstring sid_string;
struct group *grp;
struct samr_info *info;
+ PRIVILEGE_SET priv_set;
+
+ init_privilege(&priv_set);
/* Find the policy handle. Open a policy on it. */
if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid))
@@ -3150,7 +3185,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S
sid_to_string(sid_string, &info->sid);
/* add the group to the mapping table */
- if(!add_initial_entry(grp->gr_gid, sid_string, SID_NAME_ALIAS, name, NULL, SE_PRIV_NONE))
+ if(!add_initial_entry(grp->gr_gid, sid_string, SID_NAME_ALIAS, name, NULL, priv_set, PR_ACCESS_FROM_NETWORK))
return NT_STATUS_ACCESS_DENIED;
/* get a (unique) handle. open a policy on it. */
@@ -3180,6 +3215,8 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM
if (!get_domain_group_from_sid(group_sid, &map))
return NT_STATUS_INVALID_HANDLE;
+
+ free_privilege(&map.priv_set);
ctr=(GROUP_INFO_CTR *)talloc_zero(p->mem_ctx, sizeof(GROUP_INFO_CTR));
if (ctr==NULL)
@@ -3234,11 +3271,16 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_
unistr2_to_ascii(map.comment, &(ctr->group.info4.uni_acct_desc), sizeof(map.comment)-1);
break;
default:
+ free_privilege(&map.priv_set);
return NT_STATUS_INVALID_INFO_CLASS;
}
- if(!add_mapping_entry(&map, TDB_REPLACE))
+ if(!add_mapping_entry(&map, TDB_REPLACE)) {
+ free_privilege(&map.priv_set);
return NT_STATUS_NO_SUCH_GROUP;
+ }
+
+ free_privilege(&map.priv_set);
return NT_STATUS_OK;
}
@@ -3268,11 +3310,16 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_
unistr2_to_ascii(map.comment, &(ctr->alias.info3.uni_acct_desc), sizeof(map.comment)-1);
break;
default:
+ free_privilege(&map.priv_set);
return NT_STATUS_INVALID_INFO_CLASS;
}
- if(!add_mapping_entry(&map, TDB_REPLACE))
+ if(!add_mapping_entry(&map, TDB_REPLACE)) {
+ free_privilege(&map.priv_set);
return NT_STATUS_NO_SUCH_GROUP;
+ }
+
+ free_privilege(&map.priv_set);
return NT_STATUS_OK;
}
@@ -3320,6 +3367,8 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G
if (!get_domain_group_from_sid(info->sid, &map))
return NT_STATUS_NO_SUCH_USER;
+ free_privilege(&map.priv_set);
+
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, &r_u->pol, free_samr_info, (void *)info))
return NT_STATUS_OBJECT_NAME_NOT_FOUND;