summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/lib/sharesec.c91
-rw-r--r--source3/rpc_parse/parse_prs.c12
-rw-r--r--source3/services/services_db.c51
3 files changed, 73 insertions, 81 deletions
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c
index d30ccbe7eb..258b121217 100644
--- a/source3/lib/sharesec.c
+++ b/source3/lib/sharesec.c
@@ -110,33 +110,40 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def
SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
size_t *psize)
{
- prs_struct ps;
- fstring key;
+ char *key;
SEC_DESC *psd = NULL;
+ TDB_DATA data;
+ NTSTATUS status;
if (!share_info_db_init()) {
return NULL;
}
- *psize = 0;
+ if (!(key = talloc_asprintf(ctx, "SECDESC/%s", servicename))) {
+ DEBUG(0, ("talloc_asprintf failed\n"));
+ return NULL;
+ }
- /* Fetch security descriptor from tdb */
-
- slprintf(key, sizeof(key)-1, "SECDESC/%s", servicename);
-
- if (tdb_prs_fetch_bystring(share_tdb, key, &ps, ctx)!=0 ||
- !sec_io_desc("get_share_security", &psd, &ps, 1)) {
-
- DEBUG(4, ("get_share_security: using default secdesc for %s\n",
- servicename));
-
- return get_share_security_default(ctx, psize, GENERIC_ALL_ACCESS);
+ data = tdb_fetch_bystring(share_tdb, key);
+
+ TALLOC_FREE(key);
+
+ if (data.dptr == NULL) {
+ return get_share_security_default(ctx, psize,
+ GENERIC_ALL_ACCESS);
+ }
+
+ status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("unmarshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
+ return NULL;
}
if (psd)
*psize = sec_desc_size(psd);
- prs_mem_free(&ps);
return psd;
}
@@ -146,39 +153,43 @@ SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
BOOL set_share_security(const char *share_name, SEC_DESC *psd)
{
- prs_struct ps;
- TALLOC_CTX *mem_ctx = NULL;
- fstring key;
+ TALLOC_CTX *frame;
+ char *key;
BOOL ret = False;
+ TDB_DATA blob;
+ NTSTATUS status;
if (!share_info_db_init()) {
return False;
}
- mem_ctx = talloc_init("set_share_security");
- if (mem_ctx == NULL)
- return False;
+ frame = talloc_stackframe();
- prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL);
-
- if (!sec_io_desc("share_security", &psd, &ps, 1))
+ status = marshall_sec_desc(frame, psd, &blob.dptr, &blob.dsize);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("marshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
goto out;
-
- slprintf(key, sizeof(key)-1, "SECDESC/%s", share_name);
-
- if (tdb_prs_store_bystring(share_tdb, key, &ps)==0) {
- ret = True;
- DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
- } else {
- DEBUG(1,("set_share_security: Failed to store secdesc for %s\n", share_name ));
- }
-
- /* Free malloc'ed memory */
-
-out:
-
- prs_mem_free(&ps);
- TALLOC_FREE(mem_ctx);
+ }
+
+ if (!(key = talloc_asprintf(frame, "SECDESC/%s", share_name))) {
+ DEBUG(0, ("talloc_asprintf failed\n"));
+ goto out;
+ }
+
+ if (tdb_trans_store_bystring(share_tdb, key, blob,
+ TDB_REPLACE) == -1) {
+ DEBUG(1,("set_share_security: Failed to store secdesc for "
+ "%s\n", share_name ));
+ goto out;
+ }
+
+ DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
+ ret = True;
+
+ out:
+ TALLOC_FREE(frame);
return ret;
}
diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c
index b92433f92f..c3603fe234 100644
--- a/source3/rpc_parse/parse_prs.c
+++ b/source3/rpc_parse/parse_prs.c
@@ -1486,12 +1486,6 @@ int tdb_prs_store(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps)
return tdb_trans_store(tdb, kbuf, dbuf, TDB_REPLACE);
}
-int tdb_prs_store_bystring(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps)
-{
- TDB_DATA kbuf = string_term_tdb_data(keystr);
- return tdb_prs_store(tdb, kbuf, ps);
-}
-
/* useful function to fetch a structure into rpc wire format */
int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *mem_ctx)
{
@@ -1508,12 +1502,6 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *m
return 0;
}
-int tdb_prs_fetch_bystring(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *mem_ctx)
-{
- TDB_DATA kbuf = string_term_tdb_data(keystr);
- return tdb_prs_fetch(tdb, kbuf, ps, mem_ctx);
-}
-
/*******************************************************************
hash a stream.
********************************************************************/
diff --git a/source3/services/services_db.c b/source3/services/services_db.c
index f3ec62a01b..b2ef6b30f1 100644
--- a/source3/services/services_db.c
+++ b/source3/services/services_db.c
@@ -311,7 +311,8 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
REGVAL_CTR *values;
REGSUBKEY_CTR *svc_subkeys;
SEC_DESC *sd;
- prs_struct ps;
+ DATA_BLOB sd_blob;
+ NTSTATUS status;
/* add to the list and create the subkey path */
@@ -379,20 +380,20 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
TALLOC_FREE( key_secdesc );
return;
}
-
- /* stream the printer security descriptor */
-
- prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key_secdesc, MARSHALL);
-
- if ( sec_io_desc("sec_desc", &sd, &ps, 0 ) ) {
- uint32 offset = prs_offset( &ps );
- regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset );
- store_reg_values( key_secdesc, values );
+
+ status = marshall_sec_desc(key_secdesc, sd, &sd_blob.data,
+ &sd_blob.length);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("marshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
+ TALLOC_FREE(key_secdesc);
+ return;
}
- /* finally cleanup the Security key */
+ regval_ctr_addvalue(values, "Security", REG_BINARY,
+ (const char *)sd_blob.data, sd_blob.length);
+ store_reg_values( key_secdesc, values );
- prs_mem_free( &ps );
TALLOC_FREE( key_secdesc );
return;
@@ -464,13 +465,12 @@ void svcctl_init_keys( void )
SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
{
REGISTRY_KEY *key;
- prs_struct ps;
REGVAL_CTR *values;
REGISTRY_VALUE *val;
- SEC_DESC *sd = NULL;
SEC_DESC *ret_sd = NULL;
pstring path;
WERROR wresult;
+ NTSTATUS status;
/* now add the security descriptor */
@@ -490,31 +490,24 @@ SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *
}
fetch_reg_values( key, values );
+
+ TALLOC_FREE(key);
if ( !(val = regval_ctr_getvalue( values, "Security" )) ) {
DEBUG(6,("svcctl_get_secdesc: constructing default secdesc for service [%s]\n",
name));
- TALLOC_FREE( key );
return construct_service_sd( ctx );
}
- /* stream the printer security descriptor */
-
- prs_init( &ps, 0, key, UNMARSHALL);
- prs_give_memory( &ps, (char *)regval_data_p(val), regval_size(val), False );
-
- if ( !sec_io_desc("sec_desc", &sd, &ps, 0 ) ) {
- TALLOC_FREE( key );
+ /* stream the service security descriptor */
+
+ status = unmarshall_sec_desc(ctx, regval_data_p(val),
+ regval_size(val), &ret_sd);
+
+ if (!NT_STATUS_IS_OK(status)) {
return construct_service_sd( ctx );
}
-
- ret_sd = dup_sec_desc( ctx, sd );
-
- /* finally cleanup the Security key */
-
- prs_mem_free( &ps );
- TALLOC_FREE( key );
return ret_sd;
}