diff options
| author | Gerald (Jerry) Carter <jerry@samba.org> | 2008-01-14 15:10:14 -0600 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2008-01-14 15:10:14 -0600 |
| commit | 9a50c929ba0de8c0d1f7fc515cc6b3d954a6c9d7 (patch) | |
| tree | bfe689a52df86b727fe29cc59d8ef30b21ca8d3b /source3 | |
| parent | 582bd8071f168190e0cf1f6d1637f79ebee287c3 (diff) | |
| parent | edd4cb0373a668c422b3aa2a460c1004682f3d1d (diff) | |
| download | samba-9a50c929ba0de8c0d1f7fc515cc6b3d954a6c9d7.tar.gz samba-9a50c929ba0de8c0d1f7fc515cc6b3d954a6c9d7.tar.bz2 samba-9a50c929ba0de8c0d1f7fc515cc6b3d954a6c9d7.zip | |
Merge commit 'samba/v3-2-test' into v3-2-stable
(This used to be commit bb36b74a4e8fa63672031145b6d39d79468241d9)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/include/reg_objects.h | 4 | ||||
| -rw-r--r-- | source3/include/rpc_lsa.h | 16 | ||||
| -rw-r--r-- | source3/lib/winbind_util.c | 2 | ||||
| -rw-r--r-- | source3/libads/kerberos.c | 3 | ||||
| -rw-r--r-- | source3/librpc/gen_ndr/cli_lsa.c | 20 | ||||
| -rw-r--r-- | source3/librpc/gen_ndr/cli_lsa.h | 14 | ||||
| -rw-r--r-- | source3/librpc/gen_ndr/lsa.h | 20 | ||||
| -rw-r--r-- | source3/librpc/gen_ndr/ndr_lsa.c | 123 | ||||
| -rw-r--r-- | source3/librpc/gen_ndr/ndr_lsa.h | 1 | ||||
| -rw-r--r-- | source3/librpc/idl/lsa.idl | 18 | ||||
| -rw-r--r-- | source3/registry/reg_api.c | 8 | ||||
| -rw-r--r-- | source3/registry/reg_db.c | 29 | ||||
| -rw-r--r-- | source3/registry/reg_frontend_hilvl.c | 29 | ||||
| -rw-r--r-- | source3/registry/reg_printing.c | 2 | ||||
| -rw-r--r-- | source3/registry/reg_shares.c | 2 | ||||
| -rw-r--r-- | source3/registry/reg_smbconf.c | 4 | ||||
| -rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 35 | ||||
| -rw-r--r-- | source3/rpc_parse/parse_lsa.c | 58 | ||||
| -rw-r--r-- | source3/utils/net_rpc_audit.c | 182 |
19 files changed, 340 insertions, 230 deletions
diff --git a/source3/include/reg_objects.h b/source3/include/reg_objects.h index f6cf9cccb7..23a14e6757 100644 --- a/source3/include/reg_objects.h +++ b/source3/include/reg_objects.h @@ -61,6 +61,7 @@ struct registry_value { typedef struct { uint32 num_values; REGISTRY_VALUE **values; + int seqnum; } REGVAL_CTR; /* container for registry subkey names */ @@ -68,6 +69,7 @@ typedef struct { typedef struct { uint32 num_subkeys; char **subkeys; + int seqnum; } REGSUBKEY_CTR; /* @@ -128,6 +130,8 @@ typedef struct { struct security_descriptor **psecdesc); WERROR (*set_secdesc)(const char *key, struct security_descriptor *sec_desc); + bool (*subkeys_need_update)(REGSUBKEY_CTR *subkeys); + bool (*values_need_update)(REGVAL_CTR *values); } REGISTRY_OPS; typedef struct { diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 22436c59b2..ef6ff6db28 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -334,22 +334,6 @@ typedef struct lsa_info_ctr typedef LSA_INFO_CTR LSA_INFO_CTR2; -/* LSA_Q_SET_INFO - LSA set info policy */ -typedef struct lsa_set_info -{ - POLICY_HND pol; /* policy handle */ - uint16 info_class; /* info class */ - LSA_INFO_CTR ctr; - -} LSA_Q_SET_INFO; - -/* LSA_R_SET_INFO - response to LSA set info policy */ -typedef struct lsa_r_set_info -{ - NTSTATUS status; /* return code */ - -} LSA_R_SET_INFO; - /* LSA_R_QUERY_INFO - response to LSA query info policy */ typedef struct lsa_r_query_info { diff --git a/source3/lib/winbind_util.c b/source3/lib/winbind_util.c index 3cf068a6e0..14356b09cf 100644 --- a/source3/lib/winbind_util.c +++ b/source3/lib/winbind_util.c @@ -201,7 +201,7 @@ bool winbind_lookup_rids(TALLOC_CTX *mem_ctx, *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids); for(i=0; i<num_rids; i++) { - (*names)[i] = talloc_strdup(names, namelist[i]); + (*names)[i] = talloc_strdup(*names, namelist[i]); (*types)[i] = (enum lsa_SidType)name_types[i]; } diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c index 4fc23956bd..e9222e8401 100644 --- a/source3/libads/kerberos.c +++ b/source3/libads/kerberos.c @@ -209,7 +209,8 @@ int kerberos_kinit_password_ext(const char *principal, krb5_set_real_time(ctx, time(NULL) + time_offset, 0); } - DEBUG(10,("kerberos_kinit_password: using [%s] as ccache and config [%s]\n", + DEBUG(10,("kerberos_kinit_password: as %s using [%s] as ccache and config [%s]\n", + principal, cache_name ? cache_name: krb5_cc_default_name(ctx), getenv("KRB5_CONFIG"))); diff --git a/source3/librpc/gen_ndr/cli_lsa.c b/source3/librpc/gen_ndr/cli_lsa.c index 470ab3e0a5..92ba8bdfee 100644 --- a/source3/librpc/gen_ndr/cli_lsa.c +++ b/source3/librpc/gen_ndr/cli_lsa.c @@ -298,7 +298,7 @@ NTSTATUS rpccli_lsa_OpenPolicy(struct rpc_pipe_client *cli, NTSTATUS rpccli_lsa_QueryInfoPolicy(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, - uint16_t level, + enum lsa_PolicyInfo level, union lsa_PolicyInformation *info) { struct lsa_QueryInfoPolicy r; @@ -341,12 +341,18 @@ NTSTATUS rpccli_lsa_QueryInfoPolicy(struct rpc_pipe_client *cli, } NTSTATUS rpccli_lsa_SetInfoPolicy(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + enum lsa_PolicyInfo level, + union lsa_PolicyInformation *info) { struct lsa_SetInfoPolicy r; NTSTATUS status; /* In parameters */ + r.in.handle = handle; + r.in.level = level; + r.in.info = info; if (DEBUGLEVEL >= 10) { NDR_PRINT_IN_DEBUG(lsa_SetInfoPolicy, &r); @@ -1988,7 +1994,7 @@ NTSTATUS rpccli_lsa_GetUserName(struct rpc_pipe_client *cli, NTSTATUS rpccli_lsa_QueryInfoPolicy2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, - uint16_t level, + enum lsa_PolicyInfo level, union lsa_PolicyInformation *info) { struct lsa_QueryInfoPolicy2 r; @@ -2031,12 +2037,18 @@ NTSTATUS rpccli_lsa_QueryInfoPolicy2(struct rpc_pipe_client *cli, } NTSTATUS rpccli_lsa_SetInfoPolicy2(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx) + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + enum lsa_PolicyInfo level, + union lsa_PolicyInformation *info) { struct lsa_SetInfoPolicy2 r; NTSTATUS status; /* In parameters */ + r.in.handle = handle; + r.in.level = level; + r.in.info = info; if (DEBUGLEVEL >= 10) { NDR_PRINT_IN_DEBUG(lsa_SetInfoPolicy2, &r); diff --git a/source3/librpc/gen_ndr/cli_lsa.h b/source3/librpc/gen_ndr/cli_lsa.h index ad5e60d591..4ab8be9939 100644 --- a/source3/librpc/gen_ndr/cli_lsa.h +++ b/source3/librpc/gen_ndr/cli_lsa.h @@ -31,10 +31,13 @@ NTSTATUS rpccli_lsa_OpenPolicy(struct rpc_pipe_client *cli, NTSTATUS rpccli_lsa_QueryInfoPolicy(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, - uint16_t level, + enum lsa_PolicyInfo level, union lsa_PolicyInformation *info); NTSTATUS rpccli_lsa_SetInfoPolicy(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx); + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + enum lsa_PolicyInfo level, + union lsa_PolicyInformation *info); NTSTATUS rpccli_lsa_ClearAuditLog(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx); NTSTATUS rpccli_lsa_CreateAccount(struct rpc_pipe_client *cli, @@ -212,10 +215,13 @@ NTSTATUS rpccli_lsa_GetUserName(struct rpc_pipe_client *cli, NTSTATUS rpccli_lsa_QueryInfoPolicy2(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, - uint16_t level, + enum lsa_PolicyInfo level, union lsa_PolicyInformation *info); NTSTATUS rpccli_lsa_SetInfoPolicy2(struct rpc_pipe_client *cli, - TALLOC_CTX *mem_ctx); + TALLOC_CTX *mem_ctx, + struct policy_handle *handle, + enum lsa_PolicyInfo level, + union lsa_PolicyInformation *info); NTSTATUS rpccli_lsa_QueryTrustedDomainInfoByName(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, struct policy_handle *handle, diff --git a/source3/librpc/gen_ndr/lsa.h b/source3/librpc/gen_ndr/lsa.h index 6c081562da..513d17b5df 100644 --- a/source3/librpc/gen_ndr/lsa.h +++ b/source3/librpc/gen_ndr/lsa.h @@ -132,7 +132,7 @@ struct lsa_DnsDomainInfo { struct dom_sid2 *sid;/* [unique] */ }; -enum lsaPolicyInfo +enum lsa_PolicyInfo #ifndef USE_UINT_ENUMS { LSA_POLICY_INFO_AUDIT_LOG=1, @@ -149,7 +149,7 @@ enum lsaPolicyInfo LSA_POLICY_INFO_DNS=12 } #else - { __donnot_use_enum_lsaPolicyInfo=0x7FFFFFFF} + { __donnot_use_enum_lsa_PolicyInfo=0x7FFFFFFF} #define LSA_POLICY_INFO_AUDIT_LOG ( 1 ) #define LSA_POLICY_INFO_AUDIT_EVENTS ( 2 ) #define LSA_POLICY_INFO_DOMAIN ( 3 ) @@ -554,7 +554,7 @@ struct lsa_OpenPolicy { struct lsa_QueryInfoPolicy { struct { struct policy_handle *handle;/* [ref] */ - uint16_t level; + enum lsa_PolicyInfo level; } in; struct { @@ -567,6 +567,12 @@ struct lsa_QueryInfoPolicy { struct lsa_SetInfoPolicy { struct { + struct policy_handle *handle;/* [ref] */ + enum lsa_PolicyInfo level; + union lsa_PolicyInformation *info;/* [ref,switch_is(level)] */ + } in; + + struct { NTSTATUS result; } out; @@ -1066,7 +1072,7 @@ struct lsa_GetUserName { struct lsa_QueryInfoPolicy2 { struct { struct policy_handle *handle;/* [ref] */ - uint16_t level; + enum lsa_PolicyInfo level; } in; struct { @@ -1079,6 +1085,12 @@ struct lsa_QueryInfoPolicy2 { struct lsa_SetInfoPolicy2 { struct { + struct policy_handle *handle;/* [ref] */ + enum lsa_PolicyInfo level; + union lsa_PolicyInformation *info;/* [ref,switch_is(level)] */ + } in; + + struct { NTSTATUS result; } out; diff --git a/source3/librpc/gen_ndr/ndr_lsa.c b/source3/librpc/gen_ndr/ndr_lsa.c index ec22c9be38..eed2a8e0e3 100644 --- a/source3/librpc/gen_ndr/ndr_lsa.c +++ b/source3/librpc/gen_ndr/ndr_lsa.c @@ -1147,6 +1147,41 @@ _PUBLIC_ void ndr_print_lsa_DnsDomainInfo(struct ndr_print *ndr, const char *nam ndr->depth--; } +static enum ndr_err_code ndr_push_lsa_PolicyInfo(struct ndr_push *ndr, int ndr_flags, enum lsa_PolicyInfo r) +{ + NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r)); + return NDR_ERR_SUCCESS; +} + +static enum ndr_err_code ndr_pull_lsa_PolicyInfo(struct ndr_pull *ndr, int ndr_flags, enum lsa_PolicyInfo *r) +{ + uint16_t v; + NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &v)); + *r = v; + return NDR_ERR_SUCCESS; +} + +_PUBLIC_ void ndr_print_lsa_PolicyInfo(struct ndr_print *ndr, const char *name, enum lsa_PolicyInfo r) +{ + const char *val = NULL; + + switch (r) { + case LSA_POLICY_INFO_AUDIT_LOG: val = "LSA_POLICY_INFO_AUDIT_LOG"; break; + case LSA_POLICY_INFO_AUDIT_EVENTS: val = "LSA_POLICY_INFO_AUDIT_EVENTS"; break; + case LSA_POLICY_INFO_DOMAIN: val = "LSA_POLICY_INFO_DOMAIN"; break; + case LSA_POLICY_INFO_PD: val = "LSA_POLICY_INFO_PD"; break; + case LSA_POLICY_INFO_ACCOUNT_DOMAIN: val = "LSA_POLICY_INFO_ACCOUNT_DOMAIN"; break; + case LSA_POLICY_INFO_ROLE: val = "LSA_POLICY_INFO_ROLE"; break; + case LSA_POLICY_INFO_REPLICA: val = "LSA_POLICY_INFO_REPLICA"; break; + case LSA_POLICY_INFO_QUOTA: val = "LSA_POLICY_INFO_QUOTA"; break; + case LSA_POLICY_INFO_DB: val = "LSA_POLICY_INFO_DB"; break; + case LSA_POLICY_INFO_AUDIT_FULL_SET: val = "LSA_POLICY_INFO_AUDIT_FULL_SET"; break; + case LSA_POLICY_INFO_AUDIT_FULL_QUERY: val = "LSA_POLICY_INFO_AUDIT_FULL_QUERY"; break; + case LSA_POLICY_INFO_DNS: val = "LSA_POLICY_INFO_DNS"; break; + } + ndr_print_enum(ndr, name, "ENUM", val, r); +} + static enum ndr_err_code ndr_push_lsa_PolicyInformation(struct ndr_push *ndr, int ndr_flags, const union lsa_PolicyInformation *r) { if (ndr_flags & NDR_SCALARS) { @@ -4517,7 +4552,7 @@ static enum ndr_err_code ndr_push_lsa_QueryInfoPolicy(struct ndr_push *ndr, int return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->in.level)); + NDR_CHECK(ndr_push_lsa_PolicyInfo(ndr, NDR_SCALARS, r->in.level)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_push_unique_ptr(ndr, r->out.info)); @@ -4545,7 +4580,7 @@ static enum ndr_err_code ndr_pull_lsa_QueryInfoPolicy(struct ndr_pull *ndr, int NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->in.level)); + NDR_CHECK(ndr_pull_lsa_PolicyInfo(ndr, NDR_SCALARS, &r->in.level)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info)); @@ -4580,7 +4615,7 @@ _PUBLIC_ void ndr_print_lsa_QueryInfoPolicy(struct ndr_print *ndr, const char *n ndr->depth++; ndr_print_policy_handle(ndr, "handle", r->in.handle); ndr->depth--; - ndr_print_uint16(ndr, "level", r->in.level); + ndr_print_lsa_PolicyInfo(ndr, "level", r->in.level); ndr->depth--; } if (flags & NDR_OUT) { @@ -4602,6 +4637,16 @@ _PUBLIC_ void ndr_print_lsa_QueryInfoPolicy(struct ndr_print *ndr, const char *n static enum ndr_err_code ndr_push_lsa_SetInfoPolicy(struct ndr_push *ndr, int flags, const struct lsa_SetInfoPolicy *r) { if (flags & NDR_IN) { + if (r->in.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_CHECK(ndr_push_lsa_PolicyInfo(ndr, NDR_SCALARS, r->in.level)); + if (r->in.info == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_set_switch_value(ndr, r->in.info, r->in.level)); + NDR_CHECK(ndr_push_lsa_PolicyInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); @@ -4611,7 +4656,25 @@ static enum ndr_err_code ndr_push_lsa_SetInfoPolicy(struct ndr_push *ndr, int fl static enum ndr_err_code ndr_pull_lsa_SetInfoPolicy(struct ndr_pull *ndr, int flags, struct lsa_SetInfoPolicy *r) { + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_info_0; if (flags & NDR_IN) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.handle); + } + _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_lsa_PolicyInfo(ndr, NDR_SCALARS, &r->in.level)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.info); + } + _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.info, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_set_switch_value(ndr, r->in.info, r->in.level)); + NDR_CHECK(ndr_pull_lsa_PolicyInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC); } if (flags & NDR_OUT) { NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); @@ -4629,6 +4692,16 @@ _PUBLIC_ void ndr_print_lsa_SetInfoPolicy(struct ndr_print *ndr, const char *nam if (flags & NDR_IN) { ndr_print_struct(ndr, "in", "lsa_SetInfoPolicy"); ndr->depth++; + ndr_print_ptr(ndr, "handle", r->in.handle); + ndr->depth++; + ndr_print_policy_handle(ndr, "handle", r->in.handle); + ndr->depth--; + ndr_print_lsa_PolicyInfo(ndr, "level", r->in.level); + ndr_print_ptr(ndr, "info", r->in.info); + ndr->depth++; + ndr_print_set_switch_value(ndr, r->in.info, r->in.level); + ndr_print_lsa_PolicyInformation(ndr, "info", r->in.info); + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { @@ -8039,7 +8112,7 @@ static enum ndr_err_code ndr_push_lsa_QueryInfoPolicy2(struct ndr_push *ndr, int return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); } NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); - NDR_CHECK(ndr_push_uint16(ndr, NDR_SCALARS, r->in.level)); + NDR_CHECK(ndr_push_lsa_PolicyInfo(ndr, NDR_SCALARS, r->in.level)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_push_unique_ptr(ndr, r->out.info)); @@ -8067,7 +8140,7 @@ static enum ndr_err_code ndr_pull_lsa_QueryInfoPolicy2(struct ndr_pull *ndr, int NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); - NDR_CHECK(ndr_pull_uint16(ndr, NDR_SCALARS, &r->in.level)); + NDR_CHECK(ndr_pull_lsa_PolicyInfo(ndr, NDR_SCALARS, &r->in.level)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_info)); @@ -8102,7 +8175,7 @@ _PUBLIC_ void ndr_print_lsa_QueryInfoPolicy2(struct ndr_print *ndr, const char * ndr->depth++; ndr_print_policy_handle(ndr, "handle", r->in.handle); ndr->depth--; - ndr_print_uint16(ndr, "level", r->in.level); + ndr_print_lsa_PolicyInfo(ndr, "level", r->in.level); ndr->depth--; } if (flags & NDR_OUT) { @@ -8124,6 +8197,16 @@ _PUBLIC_ void ndr_print_lsa_QueryInfoPolicy2(struct ndr_print *ndr, const char * static enum ndr_err_code ndr_push_lsa_SetInfoPolicy2(struct ndr_push *ndr, int flags, const struct lsa_SetInfoPolicy2 *r) { if (flags & NDR_IN) { + if (r->in.handle == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_CHECK(ndr_push_lsa_PolicyInfo(ndr, NDR_SCALARS, r->in.level)); + if (r->in.info == NULL) { + return ndr_push_error(ndr, NDR_ERR_INVALID_POINTER, "NULL [ref] pointer"); + } + NDR_CHECK(ndr_push_set_switch_value(ndr, r->in.info, r->in.level)); + NDR_CHECK(ndr_push_lsa_PolicyInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info)); } if (flags & NDR_OUT) { NDR_CHECK(ndr_push_NTSTATUS(ndr, NDR_SCALARS, r->out.result)); @@ -8133,7 +8216,25 @@ static enum ndr_err_code ndr_push_lsa_SetInfoPolicy2(struct ndr_push *ndr, int f static enum ndr_err_code ndr_pull_lsa_SetInfoPolicy2(struct ndr_pull *ndr, int flags, struct lsa_SetInfoPolicy2 *r) { + TALLOC_CTX *_mem_save_handle_0; + TALLOC_CTX *_mem_save_info_0; if (flags & NDR_IN) { + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.handle); + } + _mem_save_handle_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.handle, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_policy_handle(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.handle)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_handle_0, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_lsa_PolicyInfo(ndr, NDR_SCALARS, &r->in.level)); + if (ndr->flags & LIBNDR_FLAG_REF_ALLOC) { + NDR_PULL_ALLOC(ndr, r->in.info); + } + _mem_save_info_0 = NDR_PULL_GET_MEM_CTX(ndr); + NDR_PULL_SET_MEM_CTX(ndr, r->in.info, LIBNDR_FLAG_REF_ALLOC); + NDR_CHECK(ndr_pull_set_switch_value(ndr, r->in.info, r->in.level)); + NDR_CHECK(ndr_pull_lsa_PolicyInformation(ndr, NDR_SCALARS|NDR_BUFFERS, r->in.info)); + NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info_0, LIBNDR_FLAG_REF_ALLOC); } if (flags & NDR_OUT) { NDR_CHECK(ndr_pull_NTSTATUS(ndr, NDR_SCALARS, &r->out.result)); @@ -8151,6 +8252,16 @@ _PUBLIC_ void ndr_print_lsa_SetInfoPolicy2(struct ndr_print *ndr, const char *na if (flags & NDR_IN) { ndr_print_struct(ndr, "in", "lsa_SetInfoPolicy2"); ndr->depth++; + ndr_print_ptr(ndr, "handle", r->in.handle); + ndr->depth++; + ndr_print_policy_handle(ndr, "handle", r->in.handle); + ndr->depth--; + ndr_print_lsa_PolicyInfo(ndr, "level", r->in.level); + ndr_print_ptr(ndr, "info", r->in.info); + ndr->depth++; + ndr_print_set_switch_value(ndr, r->in.info, r->in.level); + ndr_print_lsa_PolicyInformation(ndr, "info", r->in.info); + ndr->depth--; ndr->depth--; } if (flags & NDR_OUT) { diff --git a/source3/librpc/gen_ndr/ndr_lsa.h b/source3/librpc/gen_ndr/ndr_lsa.h index e6630d12df..dc100297f5 100644 --- a/source3/librpc/gen_ndr/ndr_lsa.h +++ b/source3/librpc/gen_ndr/ndr_lsa.h @@ -204,6 +204,7 @@ void ndr_print_lsa_ModificationInfo(struct ndr_print *ndr, const char *name, con void ndr_print_lsa_AuditFullSetInfo(struct ndr_print *ndr, const char *name, const struct lsa_AuditFullSetInfo *r); void ndr_print_lsa_AuditFullQueryInfo(struct ndr_print *ndr, const char *name, const struct lsa_AuditFullQueryInfo *r); void ndr_print_lsa_DnsDomainInfo(struct ndr_print *ndr, const char *name, const struct lsa_DnsDomainInfo *r); +void ndr_print_lsa_PolicyInfo(struct ndr_print *ndr, const char *name, enum lsa_PolicyInfo r); void ndr_print_lsa_PolicyInformation(struct ndr_print *ndr, const char *name, const union lsa_PolicyInformation *r); void ndr_print_lsa_SidPtr(struct ndr_print *ndr, const char *name, const struct lsa_SidPtr *r); enum ndr_err_code ndr_push_lsa_SidArray(struct ndr_push *ndr, int ndr_flags, const struct lsa_SidArray *r); diff --git a/source3/librpc/idl/lsa.idl b/source3/librpc/idl/lsa.idl index 6cf57b88d4..7daf648a63 100644 --- a/source3/librpc/idl/lsa.idl +++ b/source3/librpc/idl/lsa.idl @@ -214,7 +214,7 @@ import "security.idl"; LSA_POLICY_INFO_AUDIT_FULL_SET=10, LSA_POLICY_INFO_AUDIT_FULL_QUERY=11, LSA_POLICY_INFO_DNS=12 - } lsaPolicyInfo; + } lsa_PolicyInfo; typedef [switch_type(uint16)] union { [case(LSA_POLICY_INFO_AUDIT_LOG)] lsa_AuditLogInfo audit_log; @@ -233,13 +233,17 @@ import "security.idl"; NTSTATUS lsa_QueryInfoPolicy ( [in] policy_handle *handle, - [in] uint16 level, + [in] lsa_PolicyInfo level, [out,unique,switch_is(level)] lsa_PolicyInformation *info ); /******************/ /* Function: 0x08 */ - NTSTATUS lsa_SetInfoPolicy (); + NTSTATUS lsa_SetInfoPolicy ( + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [in,switch_is(level)] lsa_PolicyInformation *info + ); /******************/ /* Function: 0x09 */ @@ -705,12 +709,16 @@ import "security.idl"; NTSTATUS lsa_QueryInfoPolicy2( [in] policy_handle *handle, - [in] uint16 level, + [in] lsa_PolicyInfo level, [out,unique,switch_is(level)] lsa_PolicyInformation *info ); /* Function 0x2f */ - NTSTATUS lsa_SetInfoPolicy2(); + NTSTATUS lsa_SetInfoPolicy2( + [in] policy_handle *handle, + [in] lsa_PolicyInfo level, + [in,switch_is(level)] lsa_PolicyInformation *info + ); /**********************/ /* Function 0x30 */ diff --git a/source3/registry/reg_api.c b/source3/registry/reg_api.c index bb410e646b..8bbdb6abd3 100644 --- a/source3/registry/reg_api.c +++ b/source3/registry/reg_api.c @@ -27,7 +27,9 @@ static WERROR fill_value_cache(struct registry_key *key) { if (key->values != NULL) { - return WERR_OK; + if (!reg_values_need_update(key->key, key->values)) { + return WERR_OK; + } } if (!(key->values = TALLOC_ZERO_P(key, REGVAL_CTR))) { @@ -44,7 +46,9 @@ static WERROR fill_value_cache(struct registry_key *key) static WERROR fill_subkey_cache(struct registry_key *key) { if (key->subkeys != NULL) { - return WERR_OK; + if (!reg_subkeys_need_update(key->key, key->subkeys)) { + return WERR_OK; + } } if (!(key->subkeys = TALLOC_ZERO_P(key, REGSUBKEY_CTR))) { diff --git a/source3/registry/reg_db.c b/source3/registry/reg_db.c index f50a41816c..c4bfc2b6c9 100644 --- a/source3/registry/reg_db.c +++ b/source3/registry/reg_db.c @@ -622,7 +622,15 @@ int regdb_fetch_keys(const char *key, REGSUBKEY_CTR *ctr) } strupper_m(path); + if (tdb_read_lock_bystring_with_timeout(tdb_reg->tdb, path, 10) == -1) { + return 0; + } + dbuf = tdb_fetch_bystring(tdb_reg->tdb, path); + ctr->seqnum = regdb_get_seqnum(); + + tdb_read_unlock_bystring(tdb_reg->tdb, path); + buf = dbuf.dptr; buflen = dbuf.dsize; @@ -750,7 +758,14 @@ int regdb_fetch_values( const char* key, REGVAL_CTR *values ) return 0; } + if (tdb_read_lock_bystring_with_timeout(tdb_reg->tdb, keystr, 10) == -1) { + return 0; + } + data = tdb_fetch_bystring(tdb_reg->tdb, keystr); + values->seqnum = regdb_get_seqnum(); + + tdb_read_unlock_bystring(tdb_reg->tdb, keystr); if (!data.dptr) { /* all keys have zero values by default */ @@ -907,6 +922,16 @@ static WERROR regdb_set_secdesc(const char *key, return err; } +bool regdb_subkeys_need_update(REGSUBKEY_CTR *subkeys) +{ + return (regdb_get_seqnum() != subkeys->seqnum); +} + +bool regdb_values_need_update(REGVAL_CTR *values) +{ + return (regdb_get_seqnum() != values->seqnum); +} + /* * Table of function pointers for default access */ @@ -918,5 +943,7 @@ REGISTRY_OPS regdb_ops = { regdb_store_values, NULL, regdb_get_secdesc, - regdb_set_secdesc + regdb_set_secdesc, + regdb_subkeys_need_update, + regdb_values_need_update }; diff --git a/source3/registry/reg_frontend_hilvl.c b/source3/registry/reg_frontend_hilvl.c index a4b78b24c0..73fcf87e17 100644 --- a/source3/registry/reg_frontend_hilvl.c +++ b/source3/registry/reg_frontend_hilvl.c @@ -214,3 +214,32 @@ WERROR regkey_set_secdesc(REGISTRY_KEY *key, return WERR_ACCESS_DENIED; } + +/** + * Check whether the in-memory version of the subkyes of a + * registry key needs update from disk. + */ +bool reg_subkeys_need_update(REGISTRY_KEY *key, REGSUBKEY_CTR *subkeys) +{ + if (key->hook && key->hook->ops && key->hook->ops->subkeys_need_update) + { + return key->hook->ops->subkeys_need_update(subkeys); + } + + return false; +} + +/** + * Check whether the in-memory version of the values of a + * registry key needs update from disk. + */ +bool reg_values_need_update(REGISTRY_KEY *key, REGVAL_CTR *values) +{ + if (key->hook && key->hook->ops && key->hook->ops->values_need_update) + { + return key->hook->ops->values_need_update(values); + } + + return false; +} + diff --git a/source3/registry/reg_printing.c b/source3/registry/reg_printing.c index 2ca74f7c16..5be0796002 100644 --- a/source3/registry/reg_printing.c +++ b/source3/registry/reg_printing.c @@ -1266,5 +1266,5 @@ REGISTRY_OPS printing_ops = { regprint_fetch_reg_values, regprint_store_reg_keys, regprint_store_reg_values, - NULL, NULL, NULL + NULL, NULL, NULL, NULL, NULL }; diff --git a/source3/registry/reg_shares.c b/source3/registry/reg_shares.c index 178f23e21c..4ac6e1d151 100644 --- a/source3/registry/reg_shares.c +++ b/source3/registry/reg_shares.c @@ -159,7 +159,7 @@ REGISTRY_OPS shares_reg_ops = { shares_value_info, shares_store_subkey, shares_store_value, - NULL, NULL, NULL + NULL, NULL, NULL, NULL, NULL }; diff --git a/source3/registry/reg_smbconf.c b/source3/registry/reg_smbconf.c index 116cde936e..8dfb745a7e 100644 --- a/source3/registry/reg_smbconf.c +++ b/source3/registry/reg_smbconf.c @@ -271,5 +271,7 @@ REGISTRY_OPS smbconf_reg_ops = { smbconf_store_values, smbconf_reg_access_check, smbconf_get_secdesc, - smbconf_set_secdesc + smbconf_set_secdesc, + NULL, + NULL }; diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index a023fe75ef..77ade5cba1 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -716,41 +716,6 @@ NTSTATUS rpccli_lsa_query_info_policy2(struct rpc_pipe_client *cli, return result; } -NTSTATUS rpccli_lsa_set_info_policy(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, uint16 info_class, - LSA_INFO_CTR ctr) -{ - prs_struct qbuf, rbuf; - LSA_Q_SET_INFO q; - LSA_R_SET_INFO r; - NTSTATUS result; - - ZERO_STRUCT(q); - ZERO_STRUCT(r); - - init_q_set(&q, pol, info_class, ctr); - - CLI_DO_RPC(cli, mem_ctx, PI_LSARPC, LSA_SETINFOPOLICY, - q, r, - qbuf, rbuf, - lsa_io_q_set, - lsa_io_r_set, - NT_STATUS_UNSUCCESSFUL); - - result = r.status; - - if (!NT_STATUS_IS_OK(result)) { - goto done; - } - - /* Return output parameters */ - - done: - - return result; -} - - /** * Enumerate list of trusted domains * diff --git a/source3/rpc_parse/parse_lsa.c b/source3/rpc_parse/parse_lsa.c index e4d5d15112..98c4283347 100644 --- a/source3/rpc_parse/parse_lsa.c +++ b/source3/rpc_parse/parse_lsa.c @@ -909,21 +909,6 @@ bool lsa_io_dom_query_12(const char *desc, DOM_QUERY_12 *info, prs_struct *ps, i } -/******************************************************************* - Inits an LSA_Q_QUERY_INFO structure. -********************************************************************/ - -void init_q_set(LSA_Q_SET_INFO *in, POLICY_HND *hnd, uint16 info_class, LSA_INFO_CTR ctr) -{ - DEBUG(5,("init_q_set\n")); - - in->info_class = info_class; - - in->pol = *hnd; - - in->ctr = ctr; - in->ctr.info_class = info_class; -} /******************************************************************* reads or writes a structure. @@ -1065,49 +1050,6 @@ bool lsa_io_r_query(const char *desc, LSA_R_QUERY_INFO *out, prs_struct *ps, int } /******************************************************************* - Reads or writes an LSA_Q_SET_INFO structure. -********************************************************************/ - -bool lsa_io_q_set(const char *desc, LSA_Q_SET_INFO *in, prs_struct *ps, - int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_q_set"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!smb_io_pol_hnd("", &in->pol, ps, depth)) - return False; - - if(!prs_uint16("info_class", ps, depth, &in->info_class)) - return False; - - if(!lsa_io_query_info_ctr("", ps, depth, &in->ctr)) - return False; - - return True; -} - -/******************************************************************* - Reads or writes an LSA_R_SET_INFO structure. -********************************************************************/ - -bool lsa_io_r_set(const char *desc, LSA_R_SET_INFO *out, prs_struct *ps, int depth) -{ - prs_debug(ps, depth, desc, "lsa_io_r_set"); - depth++; - - if(!prs_align(ps)) - return False; - - if(!prs_ntstatus("status", ps, depth, &out->status)) - return False; - - return True; -} - -/******************************************************************* Inits a LSA_SID_ENUM structure. ********************************************************************/ diff --git a/source3/utils/net_rpc_audit.c b/source3/utils/net_rpc_audit.c index b7fda2b8e3..50bd555f16 100644 --- a/source3/utils/net_rpc_audit.c +++ b/source3/utils/net_rpc_audit.c @@ -1,21 +1,21 @@ -/* - Samba Unix/Linux SMB client library - Distributed SMB/CIFS Server Management Utility +/* + Samba Unix/Linux SMB client library + Distributed SMB/CIFS Server Management Utility Copyright (C) 2006 Guenther Deschner This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ - + #include "includes.h" #include "utils/net.h" @@ -54,29 +54,26 @@ static void print_auditing_category(const char *policy, const char *value) pad_len = col_len - strlen(policy); padding[pad_len] = 0; do padding[--pad_len] = ' '; while (pad_len > 0); - + d_printf("\t%s%s%s\n", policy, padding, value); } - /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; + union lsa_PolicyInformation info; int i; - - uint32 info_class = 2; - uint32 audit_category; + uint32_t audit_category; if (argc < 1 || argc > 2) { d_printf("insufficient arguments\n"); @@ -89,7 +86,7 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, return NT_STATUS_INVALID_PARAMETER; } - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -97,15 +94,16 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - for (i=0; i < dom.info.id2.count1; i++) { + for (i=0; i < info.audit_events.count; i++) { const char *val = NULL, *policy = NULL; @@ -113,14 +111,15 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, continue; } - val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[i]); + val = audit_policy_str(mem_ctx, info.audit_events.settings[i]); policy = audit_description_str(i); print_auditing_category(policy, val); } done: if (!NT_STATUS_IS_OK(result)) { - d_printf("failed to get auditing policy: %s\n", nt_errstr(result)); + d_printf("failed to get auditing policy: %s\n", + nt_errstr(result)); } return result; @@ -130,19 +129,17 @@ static NTSTATUS rpc_audit_get_internal(const DOM_SID *domain_sid, ********************************************************************/ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; - - uint32 info_class = 2; - uint32 audit_policy, audit_category; + union lsa_PolicyInformation info; + uint32_t audit_policy, audit_category; if (argc < 2 || argc > 3) { d_printf("insufficient arguments\n"); @@ -170,7 +167,7 @@ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, return NT_STATUS_INVALID_PARAMETER; } - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -178,29 +175,32 @@ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - dom.info.id2.auditsettings[audit_category] = audit_policy; + info.audit_events.settings[audit_category] = audit_policy; + + result = rpccli_lsa_SetInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); - result = rpccli_lsa_set_info_policy(pipe_hnd, mem_ctx, &pol, - info_class, - dom); if (!NT_STATUS_IS_OK(result)) { goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); - + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); { - const char *val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[audit_category]); + const char *val = audit_policy_str(mem_ctx, info.audit_events.settings[audit_category]); const char *policy = audit_description_str(audit_category); print_auditing_category(policy, val); } @@ -209,11 +209,14 @@ static NTSTATUS rpc_audit_set_internal(const DOM_SID *domain_sid, if (!NT_STATUS_IS_OK(result)) { d_printf("failed to set audit policy: %s\n", nt_errstr(result)); } - + return result; } -static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, TALLOC_CTX *mem_ctx, int argc, const char **argv, @@ -221,11 +224,9 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; - - uint32 info_class = 2; + union lsa_PolicyInformation info; - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -233,19 +234,20 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); - + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } - dom.info.id2.auditing_enabled = enable; + info.audit_events.auditing_mode = enable; - result = rpccli_lsa_set_info_policy(pipe_hnd, mem_ctx, &pol, - info_class, - dom); + result = rpccli_lsa_SetInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -253,59 +255,60 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, done: if (!NT_STATUS_IS_OK(result)) { - d_printf("failed to %s audit policy: %s\n", enable ? "enable":"disable", - nt_errstr(result)); + d_printf("failed to %s audit policy: %s\n", + enable ? "enable":"disable", nt_errstr(result)); } return result; } + /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_disable_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { - return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, False); + return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, + false); } /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_enable_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { - return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, True); + return rpc_audit_enable_internal_ext(pipe_hnd, mem_ctx, argc, argv, + true); } /******************************************************************** ********************************************************************/ static NTSTATUS rpc_audit_list_internal(const DOM_SID *domain_sid, - const char *domain_name, + const char *domain_name, struct cli_state *cli, struct rpc_pipe_client *pipe_hnd, - TALLOC_CTX *mem_ctx, + TALLOC_CTX *mem_ctx, int argc, const char **argv) { POLICY_HND pol; NTSTATUS result = NT_STATUS_UNSUCCESSFUL; - LSA_INFO_CTR dom; + union lsa_PolicyInformation info; int i; - uint32 info_class = 2; - - result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, True, + result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); @@ -313,53 +316,52 @@ static NTSTATUS rpc_audit_list_internal(const DOM_SID *domain_sid, goto done; } - result = rpccli_lsa_query_info_policy_new(pipe_hnd, mem_ctx, &pol, - info_class, - &dom); - + result = rpccli_lsa_QueryInfoPolicy(pipe_hnd, mem_ctx, + &pol, + LSA_POLICY_INFO_AUDIT_EVENTS, + &info); if (!NT_STATUS_IS_OK(result)) { goto done; } printf("Auditing:\t\t"); - switch (dom.info.id2.auditing_enabled) { - case True: + switch (info.audit_events.auditing_mode) { + case true: printf("Enabled"); break; - case False: + case false: printf("Disabled"); break; default: - printf("unknown (%d)", dom.info.id2.auditing_enabled); + printf("unknown (%d)", info.audit_events.auditing_mode); break; } printf("\n"); - printf("Auditing categories:\t%d\n", dom.info.id2.count1); + printf("Auditing categories:\t%d\n", info.audit_events.count); printf("Auditing settings:\n"); - for (i=0; i < dom.info.id2.count1; i++) { - const char *val = audit_policy_str(mem_ctx, dom.info.id2.auditsettings[i]); + for (i=0; i < info.audit_events.count; i++) { + const char *val = audit_policy_str(mem_ctx, info.audit_events.settings[i]); const char *policy = audit_description_str(i); print_auditing_category(policy, val); } done: if (!NT_STATUS_IS_OK(result)) { - d_printf("failed to list auditing policies: %s\n", nt_errstr(result)); + d_printf("failed to list auditing policies: %s\n", + nt_errstr(result)); } return result; } - - /******************************************************************** ********************************************************************/ static int rpc_audit_get(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_get_internal, argc, argv); } @@ -368,7 +370,7 @@ static int rpc_audit_get(int argc, const char **argv) static int rpc_audit_set(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_set_internal, argc, argv); } @@ -377,7 +379,7 @@ static int rpc_audit_set(int argc, const char **argv) static int rpc_audit_enable(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_enable_internal, argc, argv); } @@ -386,7 +388,7 @@ static int rpc_audit_enable(int argc, const char **argv) static int rpc_audit_disable(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_disable_internal, argc, argv); } @@ -395,14 +397,14 @@ static int rpc_audit_disable(int argc, const char **argv) static int rpc_audit_list(int argc, const char **argv) { - return run_rpc_command(NULL, PI_LSARPC, 0, + return run_rpc_command(NULL, PI_LSARPC, 0, rpc_audit_list_internal, argc, argv); } /******************************************************************** ********************************************************************/ -int net_rpc_audit(int argc, const char **argv) +int net_rpc_audit(int argc, const char **argv) { struct functable func[] = { {"get", rpc_audit_get}, @@ -412,9 +414,9 @@ int net_rpc_audit(int argc, const char **argv) {"list", rpc_audit_list}, {NULL, NULL} }; - + if (argc) return net_run_function(argc, argv, func, net_help_audit); - + return net_help_audit(argc, argv); } |