diff options
-rw-r--r-- | source3/lib/sharesec.c | 91 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 12 | ||||
-rw-r--r-- | source3/services/services_db.c | 51 |
3 files changed, 73 insertions, 81 deletions
diff --git a/source3/lib/sharesec.c b/source3/lib/sharesec.c index d30ccbe7eb..258b121217 100644 --- a/source3/lib/sharesec.c +++ b/source3/lib/sharesec.c @@ -110,33 +110,40 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename, size_t *psize) { - prs_struct ps; - fstring key; + char *key; SEC_DESC *psd = NULL; + TDB_DATA data; + NTSTATUS status; if (!share_info_db_init()) { return NULL; } - *psize = 0; + if (!(key = talloc_asprintf(ctx, "SECDESC/%s", servicename))) { + DEBUG(0, ("talloc_asprintf failed\n")); + return NULL; + } - /* Fetch security descriptor from tdb */ - - slprintf(key, sizeof(key)-1, "SECDESC/%s", servicename); - - if (tdb_prs_fetch_bystring(share_tdb, key, &ps, ctx)!=0 || - !sec_io_desc("get_share_security", &psd, &ps, 1)) { - - DEBUG(4, ("get_share_security: using default secdesc for %s\n", - servicename)); - - return get_share_security_default(ctx, psize, GENERIC_ALL_ACCESS); + data = tdb_fetch_bystring(share_tdb, key); + + TALLOC_FREE(key); + + if (data.dptr == NULL) { + return get_share_security_default(ctx, psize, + GENERIC_ALL_ACCESS); + } + + status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("unmarshall_sec_desc failed: %s\n", + nt_errstr(status))); + return NULL; } if (psd) *psize = sec_desc_size(psd); - prs_mem_free(&ps); return psd; } @@ -146,39 +153,43 @@ SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename, BOOL set_share_security(const char *share_name, SEC_DESC *psd) { - prs_struct ps; - TALLOC_CTX *mem_ctx = NULL; - fstring key; + TALLOC_CTX *frame; + char *key; BOOL ret = False; + TDB_DATA blob; + NTSTATUS status; if (!share_info_db_init()) { return False; } - mem_ctx = talloc_init("set_share_security"); - if (mem_ctx == NULL) - return False; + frame = talloc_stackframe(); - prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL); - - if (!sec_io_desc("share_security", &psd, &ps, 1)) + status = marshall_sec_desc(frame, psd, &blob.dptr, &blob.dsize); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("marshall_sec_desc failed: %s\n", + nt_errstr(status))); goto out; - - slprintf(key, sizeof(key)-1, "SECDESC/%s", share_name); - - if (tdb_prs_store_bystring(share_tdb, key, &ps)==0) { - ret = True; - DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name )); - } else { - DEBUG(1,("set_share_security: Failed to store secdesc for %s\n", share_name )); - } - - /* Free malloc'ed memory */ - -out: - - prs_mem_free(&ps); - TALLOC_FREE(mem_ctx); + } + + if (!(key = talloc_asprintf(frame, "SECDESC/%s", share_name))) { + DEBUG(0, ("talloc_asprintf failed\n")); + goto out; + } + + if (tdb_trans_store_bystring(share_tdb, key, blob, + TDB_REPLACE) == -1) { + DEBUG(1,("set_share_security: Failed to store secdesc for " + "%s\n", share_name )); + goto out; + } + + DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name )); + ret = True; + + out: + TALLOC_FREE(frame); return ret; } diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index b92433f92f..c3603fe234 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -1486,12 +1486,6 @@ int tdb_prs_store(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps) return tdb_trans_store(tdb, kbuf, dbuf, TDB_REPLACE); } -int tdb_prs_store_bystring(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps) -{ - TDB_DATA kbuf = string_term_tdb_data(keystr); - return tdb_prs_store(tdb, kbuf, ps); -} - /* useful function to fetch a structure into rpc wire format */ int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *mem_ctx) { @@ -1508,12 +1502,6 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *m return 0; } -int tdb_prs_fetch_bystring(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *mem_ctx) -{ - TDB_DATA kbuf = string_term_tdb_data(keystr); - return tdb_prs_fetch(tdb, kbuf, ps, mem_ctx); -} - /******************************************************************* hash a stream. ********************************************************************/ diff --git a/source3/services/services_db.c b/source3/services/services_db.c index f3ec62a01b..b2ef6b30f1 100644 --- a/source3/services/services_db.c +++ b/source3/services/services_db.c @@ -311,7 +311,8 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys, REGVAL_CTR *values; REGSUBKEY_CTR *svc_subkeys; SEC_DESC *sd; - prs_struct ps; + DATA_BLOB sd_blob; + NTSTATUS status; /* add to the list and create the subkey path */ @@ -379,20 +380,20 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys, TALLOC_FREE( key_secdesc ); return; } - - /* stream the printer security descriptor */ - - prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key_secdesc, MARSHALL); - - if ( sec_io_desc("sec_desc", &sd, &ps, 0 ) ) { - uint32 offset = prs_offset( &ps ); - regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset ); - store_reg_values( key_secdesc, values ); + + status = marshall_sec_desc(key_secdesc, sd, &sd_blob.data, + &sd_blob.length); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("marshall_sec_desc failed: %s\n", + nt_errstr(status))); + TALLOC_FREE(key_secdesc); + return; } - /* finally cleanup the Security key */ + regval_ctr_addvalue(values, "Security", REG_BINARY, + (const char *)sd_blob.data, sd_blob.length); + store_reg_values( key_secdesc, values ); - prs_mem_free( &ps ); TALLOC_FREE( key_secdesc ); return; @@ -464,13 +465,12 @@ void svcctl_init_keys( void ) SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token ) { REGISTRY_KEY *key; - prs_struct ps; REGVAL_CTR *values; REGISTRY_VALUE *val; - SEC_DESC *sd = NULL; SEC_DESC *ret_sd = NULL; pstring path; WERROR wresult; + NTSTATUS status; /* now add the security descriptor */ @@ -490,31 +490,24 @@ SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN * } fetch_reg_values( key, values ); + + TALLOC_FREE(key); if ( !(val = regval_ctr_getvalue( values, "Security" )) ) { DEBUG(6,("svcctl_get_secdesc: constructing default secdesc for service [%s]\n", name)); - TALLOC_FREE( key ); return construct_service_sd( ctx ); } - /* stream the printer security descriptor */ - - prs_init( &ps, 0, key, UNMARSHALL); - prs_give_memory( &ps, (char *)regval_data_p(val), regval_size(val), False ); - - if ( !sec_io_desc("sec_desc", &sd, &ps, 0 ) ) { - TALLOC_FREE( key ); + /* stream the service security descriptor */ + + status = unmarshall_sec_desc(ctx, regval_data_p(val), + regval_size(val), &ret_sd); + + if (!NT_STATUS_IS_OK(status)) { return construct_service_sd( ctx ); } - - ret_sd = dup_sec_desc( ctx, sd ); - - /* finally cleanup the Security key */ - - prs_mem_free( &ps ); - TALLOC_FREE( key ); return ret_sd; } |