diff options
author | Günther Deschner <gd@samba.org> | 2008-02-14 13:50:32 +0100 |
---|---|---|
committer | Günther Deschner <gd@samba.org> | 2008-02-14 13:53:28 +0100 |
commit | 08f019d973f7c71be7b402d5f32922a18381a3cf (patch) | |
tree | f507bcbac81ac10019f9caa72d238ebfb5b8755f /source3 | |
parent | 55e5e753bbe22c2467b5ea85abde8cee4ec838d6 (diff) | |
download | samba-08f019d973f7c71be7b402d5f32922a18381a3cf.tar.gz samba-08f019d973f7c71be7b402d5f32922a18381a3cf.tar.bz2 samba-08f019d973f7c71be7b402d5f32922a18381a3cf.zip |
Use pidl for _lsa_AddPrivilegesToAccount and _lsa_RemovePrivilegesFromAccount.
Guenther
(This used to be commit 0c9904864b5c3b893f99abdebb18d9624aa0f560)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/lib/privileges_basic.c | 4 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa.c | 48 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 37 |
3 files changed, 18 insertions, 71 deletions
diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c index 753f7265a1..865c1f655c 100644 --- a/source3/lib/privileges_basic.c +++ b/source3/lib/privileges_basic.c @@ -473,7 +473,7 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask ) /******************************************************************* *******************************************************************/ -static bool luid_to_se_priv( LUID *luid, SE_PRIV *mask ) +static bool luid_to_se_priv( struct lsa_LUID *luid, SE_PRIV *mask ) { int i; uint32 num_privs = count_all_privileges(); @@ -491,7 +491,7 @@ static bool luid_to_se_priv( LUID *luid, SE_PRIV *mask ) /******************************************************************* *******************************************************************/ -bool privilege_set_to_se_priv( SE_PRIV *mask, PRIVILEGE_SET *privset ) +bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset ) { int i; diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index c4ca22f401..ff274473d6 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -249,29 +249,7 @@ static bool api_lsa_setsystemaccount(pipes_struct *p) static bool api_lsa_addprivs(pipes_struct *p) { - LSA_Q_ADDPRIVS q_u; - LSA_R_ADDPRIVS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_addprivs("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_addprivs: failed to unmarshall LSA_Q_ADDPRIVS.\n")); - return False; - } - - r_u.status = _lsa_addprivs(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_addprivs("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_addprivs: Failed to marshall LSA_R_ADDPRIVS.\n")); - return False; - } - - return True; + return proxy_lsa_call(p, NDR_LSA_ADDPRIVILEGESTOACCOUNT); } /*************************************************************************** @@ -280,29 +258,7 @@ static bool api_lsa_addprivs(pipes_struct *p) static bool api_lsa_removeprivs(pipes_struct *p) { - LSA_Q_REMOVEPRIVS q_u; - LSA_R_REMOVEPRIVS r_u; - - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - if(!lsa_io_q_removeprivs("", &q_u, data, 0)) { - DEBUG(0,("api_lsa_removeprivs: failed to unmarshall LSA_Q_REMOVEPRIVS.\n")); - return False; - } - - r_u.status = _lsa_removeprivs(p, &q_u, &r_u); - - /* store the response in the SMB stream */ - if(!lsa_io_r_removeprivs("", &r_u, rdata, 0)) { - DEBUG(0,("api_lsa_removeprivs: Failed to marshall LSA_R_REMOVEPRIVS.\n")); - return False; - } - - return True; + return proxy_lsa_call(p, NDR_LSA_REMOVEPRIVILEGESFROMACCOUNT); } /*************************************************************************** diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index a8f6e15e23..10842a1ada 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -1843,17 +1843,19 @@ NTSTATUS _lsa_SetSystemAccessAccount(pipes_struct *p, } /*************************************************************************** + _lsa_AddPrivilegesToAccount For a given SID, add some privileges. ***************************************************************************/ -NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u) +NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p, + struct lsa_AddPrivilegesToAccount *r) { struct lsa_info *info = NULL; SE_PRIV mask; - PRIVILEGE_SET *set = NULL; + struct lsa_PrivilegeSet *set = NULL; /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) return NT_STATUS_INVALID_HANDLE; /* check to see if the pipe_user is root or a Domain Admin since @@ -1865,13 +1867,12 @@ NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u return NT_STATUS_ACCESS_DENIED; } - set = &q_u->set; - + set = r->in.privs; if ( !privilege_set_to_se_priv( &mask, set ) ) return NT_STATUS_NO_SUCH_PRIVILEGE; if ( !grant_privilege( &info->sid, &mask ) ) { - DEBUG(3,("_lsa_addprivs: grant_privilege(%s) failed!\n", + DEBUG(3,("_lsa_AddPrivilegesToAccount: grant_privilege(%s) failed!\n", sid_string_dbg(&info->sid) )); DEBUG(3,("Privilege mask:\n")); dump_se_priv( DBGC_ALL, 3, &mask ); @@ -1882,17 +1883,19 @@ NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u } /*************************************************************************** + _lsa_RemovePrivilegesFromAccount For a given SID, remove some privileges. ***************************************************************************/ -NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEPRIVS *r_u) +NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p, + struct lsa_RemovePrivilegesFromAccount *r) { struct lsa_info *info = NULL; SE_PRIV mask; - PRIVILEGE_SET *set = NULL; + struct lsa_PrivilegeSet *set = NULL; /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info)) + if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info)) return NT_STATUS_INVALID_HANDLE; /* check to see if the pipe_user is root or a Domain Admin since @@ -1904,13 +1907,13 @@ NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEP return NT_STATUS_ACCESS_DENIED; } - set = &q_u->set; + set = r->in.privs; if ( !privilege_set_to_se_priv( &mask, set ) ) return NT_STATUS_NO_SUCH_PRIVILEGE; if ( !revoke_privilege( &info->sid, &mask ) ) { - DEBUG(3,("_lsa_removeprivs: revoke_privilege(%s) failed!\n", + DEBUG(3,("_lsa_RemovePrivilegesFromAccount: revoke_privilege(%s) failed!\n", sid_string_dbg(&info->sid) )); DEBUG(3,("Privilege mask:\n")); dump_se_priv( DBGC_ALL, 3, &mask ); @@ -2277,18 +2280,6 @@ NTSTATUS _lsa_LookupSids(pipes_struct *p, struct lsa_LookupSids *r) return NT_STATUS_NOT_IMPLEMENTED; } -NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p, struct lsa_AddPrivilegesToAccount *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - -NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p, struct lsa_RemovePrivilegesFromAccount *r) -{ - p->rng_fault_state = True; - return NT_STATUS_NOT_IMPLEMENTED; -} - NTSTATUS _lsa_GetQuotasForAccount(pipes_struct *p, struct lsa_GetQuotasForAccount *r) { p->rng_fault_state = True; |