diff options
-rw-r--r-- | source3/include/proto.h | 1 | ||||
-rw-r--r-- | source3/include/rpc_misc.h | 10 | ||||
-rwxr-xr-x | source3/include/rpc_spoolss.h | 2 | ||||
-rw-r--r-- | source3/lib/util_list.c | 11 | ||||
-rw-r--r-- | source3/rpc_client/cli_lsarpc.c | 14 | ||||
-rw-r--r-- | source3/rpc_client/cli_reg.c | 14 | ||||
-rw-r--r-- | source3/rpc_client/cli_samr.c | 6 | ||||
-rw-r--r-- | source3/rpc_parse/parse_misc.c | 13 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_hnd.c | 42 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 15 | ||||
-rw-r--r-- | source3/rpc_server/srv_reg_nt.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_samr.c | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 14 |
13 files changed, 67 insertions, 79 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index d9154cca6f..a119390d0d 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3311,6 +3311,7 @@ BOOL api_ntlsa_rpc(pipes_struct *p); /*The following definitions come from rpc_server/srv_lsa_hnd.c */ #if OLD_NTDOMAIN +void create_policy_handle(POLICY_HND *hnd, uint32 *hnd_low, uint32 *hnd_high); void init_lsa_policy_hnd(void); BOOL open_lsa_policy_hnd(POLICY_HND *hnd); int find_lsa_policy_by_hnd(POLICY_HND *hnd); diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index 1fbf87f134..5152df8e0f 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -288,16 +288,16 @@ typedef struct gid_info } DOM_GID; -#define POL_HND_SIZE 20 - /* POLICY_HND */ typedef struct lsa_policy_info { - uint8 data[POL_HND_SIZE]; /* policy handle */ - + uint32 data1; + uint32 data2; + uint16 data3; + uint16 data4; + uint8 data5[8]; } POLICY_HND; - /* * A client connection's state, pipe name, * user credentials, etc... diff --git a/source3/include/rpc_spoolss.h b/source3/include/rpc_spoolss.h index 82719b6bc9..798b32bb7e 100755 --- a/source3/include/rpc_spoolss.h +++ b/source3/include/rpc_spoolss.h @@ -193,8 +193,6 @@ #define JOB_WRITE STANDARD_RIGHTS_WRITE_ACCESS|JOB_ACCESS_ADMINISTER #define JOB_EXECUTE STANDARD_RIGHTS_EXECUTE_ACCESS|JOB_ACCESS_ADMINISTER -#define POLICY_HND_SIZE 20 - #define ONE_VALUE 01 #define TWO_VALUE 02 #define POINTER 03 diff --git a/source3/lib/util_list.c b/source3/lib/util_list.c index ea262b5db5..19354c8784 100644 --- a/source3/lib/util_list.c +++ b/source3/lib/util_list.c @@ -193,8 +193,6 @@ static void* generic_list_locate (GENERIC_LIST *l, void *search, *************************************************************/ BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src) { - int i; - /* if we have no destination, return an error */ if (dest == NULL) return False; @@ -205,14 +203,11 @@ BOOL copy_policy_hnd (POLICY_HND *dest, const POLICY_HND *src) { /* if POLICY_HND internals ever changes, this will need to be fixed */ - memset (dest->data, 0, POLICY_HND_SIZE); + ZERO_STRUCTP(dest); return True; } - /* copy the src handle to the dest */ - for (i=0; i<POLICY_HND_SIZE; i++) - dest->data[i] = src->data[i]; - + *dest = *src; return True; } @@ -240,7 +235,7 @@ BOOL compare_rpc_hnd_node(const RPC_HND_NODE *x, /* if the POLICY_HND field(s) are ever changed, this will need to be updated. Probably should be a set of support function for dealing with POLICY_HND */ - return (memcmp(x->hnd.data, y->hnd.data, POLICY_HND_SIZE) == 0); + return (memcmp(&x->hnd, &y->hnd, sizeof(POLICY_HND)) == 0); } /*************************************************************** diff --git a/source3/rpc_client/cli_lsarpc.c b/source3/rpc_client/cli_lsarpc.c index 03a5cad709..9ba13552bc 100644 --- a/source3/rpc_client/cli_lsarpc.c +++ b/source3/rpc_client/cli_lsarpc.c @@ -87,7 +87,7 @@ BOOL do_lsa_open_policy(struct cli_state *cli, return False; } else { /* ok, at last: we're happy. return the policy handle */ - memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); + *hnd = r_o.pol; } prs_mem_free(&rbuf); @@ -207,7 +207,6 @@ BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd) prs_struct buf; LSA_Q_CLOSE q_c; LSA_R_CLOSE r_c; - int i; if (hnd == NULL) return False; @@ -252,12 +251,11 @@ BOOL do_lsa_close(struct cli_state *cli, POLICY_HND *hnd) /* check that the returned policy handle is all zeros */ - for (i = 0; i < sizeof(r_c.pol.data); i++) { - if (r_c.pol.data[i] != 0) { - DEBUG(0,("LSA_CLOSE: non-zero handle returned\n")); - prs_mem_free(&rbuf); - return False; - } + if (IVAL(&r_c.pol.data1,0) || IVAL(&r_c.pol.data2,0) || SVAL(&r_c.pol.data3,0) || + SVAL(&r_c.pol.data4,0) || IVAL(r_c.pol.data5,0) || IVAL(r_c.pol.data5,4) ) { + DEBUG(0,("LSA_CLOSE: non-zero handle returned\n")); + prs_mem_free(&rbuf); + return False; } prs_mem_free(&rbuf); diff --git a/source3/rpc_client/cli_reg.c b/source3/rpc_client/cli_reg.c index 96e27c5ce6..32439e9b5d 100644 --- a/source3/rpc_client/cli_reg.c +++ b/source3/rpc_client/cli_reg.c @@ -126,7 +126,7 @@ BOOL do_reg_open_hklm(struct cli_state *cli, uint16 unknown_0, uint32 level, } /* ok, at last: we're happy. return the policy handle */ - memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); + *hnd = r_o.pol; prs_mem_free(&rbuf); @@ -187,7 +187,7 @@ BOOL do_reg_open_hku(struct cli_state *cli, uint16 unknown_0, uint32 level, } /* ok, at last: we're happy. return the policy handle */ - memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); + *hnd = r_o.pol; prs_mem_free(&rbuf); @@ -755,7 +755,7 @@ BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd, return False; } - memcpy(key, r_o.key_pol.data, sizeof(key->data)); + *key = r_o.key_pol; prs_mem_free(&rbuf); @@ -1003,7 +1003,7 @@ BOOL do_reg_open_entry(struct cli_state *cli, POLICY_HND *hnd, return False; } - memcpy(key_hnd, r_o.pol.data, sizeof(key_hnd->data)); + *key_hnd = r_o.pol; prs_mem_free(&rbuf); @@ -1019,7 +1019,6 @@ BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd) prs_struct buf; REG_Q_CLOSE q_c; REG_R_CLOSE r_c; - int i; if (hnd == NULL) return False; @@ -1066,12 +1065,11 @@ BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd) /* check that the returned policy handle is all zeros */ - for (i = 0; i < sizeof(r_c.pol.data); i++) { - if (r_c.pol.data[i] != 0) { + if (IVAL(&r_c.pol.data1,0) || IVAL(&r_c.pol.data2,0) || SVAL(&r_c.pol.data3,0) || + SVAL(&r_c.pol.data4,0) || IVAL(r_c.pol.data5,0) || IVAL(r_c.pol.data5,4) ) { prs_mem_free(&rbuf); DEBUG(0,("REG_CLOSE: non-zero handle returned\n")); return False; - } } prs_mem_free(&rbuf); diff --git a/source3/rpc_client/cli_samr.c b/source3/rpc_client/cli_samr.c index dbc10f7682..f8c10abae1 100644 --- a/source3/rpc_client/cli_samr.c +++ b/source3/rpc_client/cli_samr.c @@ -765,7 +765,6 @@ BOOL do_samr_close(struct cli_state *cli, POLICY_HND *hnd) prs_struct rdata; SAMR_Q_CLOSE_HND q_c; SAMR_R_CLOSE_HND r_c; - int i; if (hnd == NULL) return False; @@ -810,12 +809,11 @@ BOOL do_samr_close(struct cli_state *cli, POLICY_HND *hnd) /* check that the returned policy handle is all zeros */ - for (i = 0; i < sizeof(r_c.pol.data); i++) { - if (r_c.pol.data[i] != 0) { + if (IVAL(&r_c.pol.data1,0) || IVAL(&r_c.pol.data2,0) || SVAL(&r_c.pol.data3,0) || + SVAL(&r_c.pol.data4,0) || IVAL(r_c.pol.data5,0) || IVAL(r_c.pol.data5,4) ) { DEBUG(0,("SAMR_CLOSE_HND: non-zero handle returned\n")); prs_mem_free(&rdata); return False; - } } prs_mem_free(&rdata); diff --git a/source3/rpc_parse/parse_misc.c b/source3/rpc_parse/parse_misc.c index 0a65c09493..81602a1dc4 100644 --- a/source3/rpc_parse/parse_misc.c +++ b/source3/rpc_parse/parse_misc.c @@ -1438,8 +1438,19 @@ BOOL smb_io_pol_hnd(char *desc, POLICY_HND *pol, prs_struct *ps, int depth) if(!prs_align(ps)) return False; + + if(UNMARSHALLING(ps)) + ZERO_STRUCTP(pol); - if(!prs_uint8s (False, "data", ps, depth, pol->data, POL_HND_SIZE)) + if (!prs_uint32("data1", ps, depth, &pol->data1)) + return False; + if (!prs_uint32("data2", ps, depth, &pol->data2)) + return False; + if (!prs_uint16("data3", ps, depth, &pol->data3)) + return False; + if (!prs_uint16("data4", ps, depth, &pol->data4)) + return False; + if(!prs_uint8s (False, "data5", ps, depth, pol->data5, sizeof(pol->data5))) return False; return True; diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index 93492f671d..10b9bef1be 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -58,26 +58,28 @@ static struct policy static struct bitmap *bmap; +static uint32 pol_hnd_low = 0; +static uint32 pol_hnd_high = 0; -/**************************************************************************** - create a unique policy handle -****************************************************************************/ -static void create_pol_hnd(POLICY_HND *hnd) -{ - static uint32 pol_hnd_low = 0; - static uint32 pol_hnd_high = 0; +/******************************************************************* + Creates a POLICY_HND structure. +********************************************************************/ +void create_policy_handle(POLICY_HND *hnd, uint32 *hnd_low, uint32 *hnd_high) +{ if (hnd == NULL) return; - /* i severely doubt that pol_hnd_high will ever be non-zero... */ - pol_hnd_low++; - if (pol_hnd_low == 0) pol_hnd_high++; + (*hnd_low)++; + if (*hnd_low == 0) (*hnd_high)++; + + ZERO_STRUCTP(hnd); - SIVAL(hnd->data, 0 , 0x0); /* first bit must be null */ - SIVAL(hnd->data, 4 , pol_hnd_low ); /* second bit is incrementing */ - SIVAL(hnd->data, 8 , pol_hnd_high); /* second bit is incrementing */ - SIVAL(hnd->data, 12, time(NULL)); /* something random */ - SIVAL(hnd->data, 16, sys_getpid()); /* something more random */ + SIVAL(&hnd->data1, 0 , 0); /* first bit must be null */ + SIVAL(&hnd->data2, 0 , *hnd_low ); /* second bit is incrementing */ + SSVAL(&hnd->data3, 0 , *hnd_high); /* second bit is incrementing */ + SSVAL(&hnd->data4, 0 , (*hnd_high>>16)); /* second bit is incrementing */ + SIVAL(hnd->data5, 0, time(NULL)); /* something random */ + SIVAL(hnd->data5, 4, sys_getpid()); /* something more random */ } /**************************************************************************** @@ -117,15 +119,15 @@ BOOL open_lsa_policy_hnd(POLICY_HND *hnd) p->open = True; p->pnum = i; - create_pol_hnd(hnd); - memcpy(&p->pol_hnd, hnd, sizeof(*hnd)); + create_policy_handle(hnd, &pol_hnd_low, &pol_hnd_high); + p->pol_hnd = *hnd; bitmap_set(bmap, i); DLIST_ADD(Policy, p); DEBUG(4,("Opened policy hnd[%x] ", i)); - dump_data(4, (char *)hnd->data, sizeof(hnd->data)); + dump_data(4, (char *)hnd, sizeof(hnd)); return True; } @@ -140,13 +142,13 @@ static struct policy *find_lsa_policy(POLICY_HND *hnd) for (p=Policy;p;p=p->next) { if (memcmp(&p->pol_hnd, hnd, sizeof(*hnd)) == 0) { DEBUG(4,("Found policy hnd[%x] ", p->pnum)); - dump_data(4, (char *)hnd->data, sizeof(hnd->data)); + dump_data(4, (char *)hnd, sizeof(hnd)); return p; } } DEBUG(4,("Policy not found: ")); - dump_data(4, (char *)hnd->data, sizeof(hnd->data)); + dump_data(4, (char *)hnd, sizeof(hnd)); return NULL; } diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 98910b5812..ee2f38b715 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -275,20 +275,19 @@ static void init_reply_lookup_sids(LSA_R_LOOKUP_SIDS *r_l, r_l->status = NT_STATUS_NO_PROBLEMO; } +static uint32 lsa_hnd_low = 0; +static uint32 lsa_hnd_high = 0; + /*************************************************************************** _lsa_open_policy2. ***************************************************************************/ uint32 _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL2 *r_u) { - int i; - /* lkclXXXX having decoded it, ignore all fields in the open policy! */ /* set up the LSA QUERY INFO response */ - - for (i = 4; i < POL_HND_SIZE; i++) - r_u->pol.data[i] = i; + create_policy_handle(&r_u->pol, &lsa_hnd_low, &lsa_hnd_high); return NT_STATUS_NOPROBLEMO; } @@ -299,14 +298,10 @@ uint32 _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL2 uint32 _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL *r_u) { - int i; - /* lkclXXXX having decoded it, ignore all fields in the open policy! */ /* set up the LSA QUERY INFO response */ - - for (i = 4; i < POL_HND_SIZE; i++) - r_u->pol.data[i] = i; + create_policy_handle(&r_u->pol, &lsa_hnd_low, &lsa_hnd_high); return NT_STATUS_NOPROBLEMO; } diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 4d35542fc2..4bd97abb65 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -37,7 +37,7 @@ extern int DEBUGLEVEL; uint32 _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u) { /* set up the REG unknown_1 response */ - memset((char *)r_u->pol.data, '\0', POL_HND_SIZE); + ZERO_STRUCT(r_u->pol); /* close the policy handle */ if (!close_lsa_policy_hnd(&q_u->pol)) diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index eb24f672a9..2f4143bd6a 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -357,7 +357,7 @@ static BOOL samr_reply_close_hnd(SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HND r_u; /* set up the SAMR unknown_1 response */ - memset((char *)r_u.pol.data, '\0', POL_HND_SIZE); + ZERO_STRUCT(r_u.pol); /* close the policy handle */ if (close_lsa_policy_hnd(&(q_u->pol))) diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 5c40052295..0fb38b84db 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -84,8 +84,8 @@ static ubi_dlList counter_list; static struct cli_state cli; static uint32 smb_connections=0; -#define OPEN_HANDLE(pnum) ((pnum!=NULL) && (pnum->open!=False) && (IVAL(pnum->printer_hnd.data,16)==(uint32)sys_getpid())) -#define OUR_HANDLE(pnum) ((pnum==NULL)?"NULL":(IVAL(pnum->data,16)==sys_getpid()?"OURS":"OTHER")) +#define OPEN_HANDLE(pnum) ((pnum!=NULL) && (pnum->open!=False) && (IVAL(pnum->printer_hnd.data5,4)==(uint32)sys_getpid())) +#define OUR_HANDLE(pnum) ((pnum==NULL)?"NULL":(IVAL(pnum->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")) /* translate between internal status numbers and NT status numbers */ static int nt_printj_status(int v) @@ -215,15 +215,7 @@ static void create_printer_hnd(POLICY_HND *hnd) if (hnd == NULL) return; - /* i severely doubt that prt_hnd_high will ever be non-zero... */ - prt_hnd_low++; - if (prt_hnd_low == 0) prt_hnd_high++; - - SIVAL(hnd->data, 0 , 0x0); /* first bit must be null */ - SIVAL(hnd->data, 4 , prt_hnd_low ); /* second bit is incrementing */ - SIVAL(hnd->data, 8 , prt_hnd_high); /* second bit is incrementing */ - SIVAL(hnd->data, 12, time(NULL)); /* something random */ - SIVAL(hnd->data, 16, sys_getpid()); /* something more random */ + create_policy_handle(hnd, &prt_hnd_low, &prt_hnd_high); } /**************************************************************************** |