summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c33
1 files changed, 21 insertions, 12 deletions
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 514aa5b9dd..2a412ccc98 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -6154,11 +6154,29 @@ WERROR _spoolss_setprinterdata( pipes_struct *p, SPOOL_Q_SETPRINTERDATA *q_u, SP
convert_specific_param(&param, value , type, data, real_len);
- /* Check if we are making any changes or not. Return true if
- nothing is actually changing. */
-
ZERO_STRUCT(old_param);
+ /*
+ * Access check : NT returns "access denied" if you make a
+ * SetPrinterData call without the necessary privildge.
+ * we were originally returning OK if nothing changed
+ * which made Win2k issue **a lot** of SetPrinterData
+ * when connecting to a printer --jerry
+ */
+
+ if (!print_access_check(NULL, snum, PRINTER_ACCESS_ADMINISTER)) {
+ DEBUG(3, ("security descriptor change denied by existing "
+ "security descriptor\n"));
+ status = ERROR_ACCESS_DENIED;
+ goto done;
+ }
+
+
+ /* Check if we are making any changes or not. Return true if
+ nothing is actually changing. This is not needed anymore but
+ has been left in as an optimization to keep from from
+ writing to disk as often --jerry */
+
if (get_specific_param(*printer, 2, param->value, &old_param.data,
&old_param.type, (uint32 *)&old_param.data_len)) {
@@ -6173,15 +6191,6 @@ WERROR _spoolss_setprinterdata( pipes_struct *p, SPOOL_Q_SETPRINTERDATA *q_u, SP
}
}
- /* Access check */
-
- if (!print_access_check(NULL, snum, PRINTER_ACCESS_ADMINISTER)) {
- DEBUG(3, ("security descriptor change denied by existing "
- "security descriptor\n"));
- status = WERR_ACCESS_DENIED;
- goto done;
- }
-
unlink_specific_param_if_exist(printer->info_2, param);
/*