summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_eventlog_nt.c6
-rw-r--r--source3/rpc_server/srv_netlog_nt.c2
-rw-r--r--source3/rpc_server/srv_pipe_hnd.c111
-rw-r--r--source3/rpc_server/srv_samr_nt.c99
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c22
-rw-r--r--source3/rpc_server/srv_wkssvc_nt.c4
6 files changed, 176 insertions, 68 deletions
diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c
index e56a2e9095..3c7469f3ef 100644
--- a/source3/rpc_server/srv_eventlog_nt.c
+++ b/source3/rpc_server/srv_eventlog_nt.c
@@ -456,14 +456,14 @@ static bool sync_eventlog_params( EVENTLOG_INFO *info )
if ( !W_ERROR_IS_OK( wresult ) ) {
DEBUG( 4,
( "sync_eventlog_params: Failed to open key [%s] (%s)\n",
- path, dos_errstr( wresult ) ) );
+ path, win_errstr( wresult ) ) );
return false;
}
wresult = reg_queryvalue(key, key, "Retention", &value);
if (!W_ERROR_IS_OK(wresult)) {
DEBUG(4, ("Failed to query value \"Retention\": %s\n",
- dos_errstr(wresult)));
+ win_errstr(wresult)));
ret = false;
goto done;
}
@@ -472,7 +472,7 @@ static bool sync_eventlog_params( EVENTLOG_INFO *info )
wresult = reg_queryvalue(key, key, "MaxSize", &value);
if (!W_ERROR_IS_OK(wresult)) {
DEBUG(4, ("Failed to query value \"MaxSize\": %s\n",
- dos_errstr(wresult)));
+ win_errstr(wresult)));
ret = false;
goto done;
}
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 75fc99401e..45acd3ed48 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -981,7 +981,7 @@ NTSTATUS _netr_LogonSamLogon(pipes_struct *p,
memcpy(pipe_session_key, p->auth.a_u.schannel_auth->sess_key, 16);
}
- status = serverinfo_to_SamInfo3(server_info, pipe_session_key, sam3);
+ status = serverinfo_to_SamInfo3(server_info, pipe_session_key, 16, sam3);
TALLOC_FREE(server_info);
return status;
}
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index b892755396..d359b9b339 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -20,6 +20,7 @@
*/
#include "includes.h"
+#include "librpc/gen_ndr/ndr_named_pipe_auth.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_SRV
@@ -944,6 +945,17 @@ static struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
struct np_proxy_state *result;
struct sockaddr_un addr;
char *socket_path;
+ const char *socket_dir;
+
+ DATA_BLOB req_blob;
+ struct netr_SamInfo3 *info3;
+ struct named_pipe_auth_req req;
+ DATA_BLOB rep_blob;
+ uint8 rep_buf[20];
+ struct named_pipe_auth_rep rep;
+ enum ndr_err_code ndr_err;
+ NTSTATUS status;
+ ssize_t written;
result = talloc(mem_ctx, struct np_proxy_state);
if (result == NULL) {
@@ -961,8 +973,16 @@ static struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
ZERO_STRUCT(addr);
addr.sun_family = AF_UNIX;
- socket_path = talloc_asprintf(talloc_tos(), "%s/%s",
- get_dyn_NCALRPCDIR(), "DEFAULT");
+ socket_dir = lp_parm_const_string(
+ GLOBAL_SECTION_SNUM, "external_rpc_pipe", "socket_dir",
+ get_dyn_NCALRPCDIR());
+ if (socket_dir == NULL) {
+ DEBUG(0, ("externan_rpc_pipe:socket_dir not set\n"));
+ goto fail;
+ }
+
+ socket_path = talloc_asprintf(talloc_tos(), "%s/np/%s",
+ socket_dir, pipe_name);
if (socket_path == NULL) {
DEBUG(0, ("talloc_asprintf failed\n"));
goto fail;
@@ -970,11 +990,96 @@ static struct np_proxy_state *make_external_rpc_pipe_p(TALLOC_CTX *mem_ctx,
strncpy(addr.sun_path, socket_path, sizeof(addr.sun_path));
TALLOC_FREE(socket_path);
+ become_root();
if (sys_connect(result->fd, (struct sockaddr *)&addr) == -1) {
+ unbecome_root();
DEBUG(0, ("connect(%s) failed: %s\n", addr.sun_path,
strerror(errno)));
goto fail;
}
+ unbecome_root();
+
+ info3 = talloc(talloc_tos(), struct netr_SamInfo3);
+ if (info3 == NULL) {
+ DEBUG(0, ("talloc failed\n"));
+ goto fail;
+ }
+
+ status = serverinfo_to_SamInfo3(server_info, NULL, 0, info3);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(info3);
+ DEBUG(0, ("serverinfo_to_SamInfo3 failed: %s\n",
+ nt_errstr(status)));
+ goto fail;
+ }
+
+ req.level = 1;
+ req.info.info1 = *info3;
+
+ ndr_err = ndr_push_struct_blob(
+ &req_blob, talloc_tos(), NULL, &req,
+ (ndr_push_flags_fn_t)ndr_push_named_pipe_auth_req);
+
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(10, ("ndr_push_named_pipe_auth_req failed: %s\n",
+ ndr_errstr(ndr_err)));
+ goto fail;
+ }
+
+ DEBUG(10, ("named_pipe_auth_req(client)[%u]\n", (uint32_t)req_blob.length));
+ dump_data(10, req_blob.data, req_blob.length);
+
+ written = write_data(result->fd, (char *)req_blob.data,
+ req_blob.length);
+ if (written == -1) {
+ DEBUG(3, ("Could not write auth req data to RPC server\n"));
+ goto fail;
+ }
+
+ status = read_data(result->fd, (char *)rep_buf, sizeof(rep_buf));
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(3, ("Could not read auth result\n"));
+ goto fail;
+ }
+
+ rep_blob = data_blob_const(rep_buf, sizeof(rep_buf));
+
+ DEBUG(10,("name_pipe_auth_rep(client)[%u]\n", (uint32_t)rep_blob.length));
+ dump_data(10, rep_blob.data, rep_blob.length);
+
+ ndr_err = ndr_pull_struct_blob(
+ &rep_blob, talloc_tos(), NULL, &rep,
+ (ndr_pull_flags_fn_t)ndr_pull_named_pipe_auth_rep);
+
+ if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
+ DEBUG(0, ("ndr_pull_named_pipe_auth_rep failed: %s\n",
+ ndr_errstr(ndr_err)));
+ goto fail;
+ }
+
+ if (rep.length != 16) {
+ DEBUG(0, ("req invalid length: %u != 16\n",
+ rep.length));
+ goto fail;
+ }
+
+ if (strcmp(NAMED_PIPE_AUTH_MAGIC, rep.magic) != 0) {
+ DEBUG(0, ("req invalid magic: %s != %s\n",
+ rep.magic, NAMED_PIPE_AUTH_MAGIC));
+ goto fail;
+ }
+
+ if (!NT_STATUS_IS_OK(rep.status)) {
+ DEBUG(0, ("req failed: %s\n",
+ nt_errstr(rep.status)));
+ goto fail;
+ }
+
+ if (rep.level != 1) {
+ DEBUG(0, ("req invalid level: %u != 1\n",
+ rep.level));
+ goto fail;
+ }
return result;
@@ -1046,7 +1151,7 @@ NTSTATUS np_open(struct smb_request *smb_req, struct connection_struct *conn,
return NT_STATUS_OK;
}
-NTSTATUS np_write(struct files_struct *fsp, uint8_t *data, size_t len,
+NTSTATUS np_write(struct files_struct *fsp, const uint8_t *data, size_t len,
ssize_t *nwritten)
{
if (!fsp_is_np(fsp)) {
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 97da3a4f3d..62ac1cb5c3 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -38,13 +38,16 @@
#define SAMR_USR_RIGHTS_WRITE_PW \
( READ_CONTROL_ACCESS | \
- SA_RIGHT_USER_CHANGE_PASSWORD | \
- SA_RIGHT_USER_SET_LOC_COM )
+ SAMR_USER_ACCESS_CHANGE_PASSWORD | \
+ SAMR_USER_ACCESS_SET_LOC_COM)
#define SAMR_USR_RIGHTS_CANT_WRITE_PW \
- ( READ_CONTROL_ACCESS | SA_RIGHT_USER_SET_LOC_COM )
+ ( READ_CONTROL_ACCESS | SAMR_USER_ACCESS_SET_LOC_COM )
#define DISP_INFO_CACHE_TIMEOUT 10
+#define MAX_SAM_ENTRIES_W2K 0x400 /* 1024 */
+#define MAX_SAM_ENTRIES_W95 50
+
typedef struct disp_info {
DOM_SID sid; /* identify which domain this is. */
bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
@@ -91,7 +94,7 @@ static const struct generic_mapping usr_generic_mapping = {
static const struct generic_mapping usr_nopwchange_generic_mapping = {
GENERIC_RIGHTS_USER_READ,
GENERIC_RIGHTS_USER_WRITE,
- GENERIC_RIGHTS_USER_EXECUTE & ~SA_RIGHT_USER_CHANGE_PASSWORD,
+ GENERIC_RIGHTS_USER_EXECUTE & ~SAMR_USER_ACCESS_CHANGE_PASSWORD,
GENERIC_RIGHTS_USER_ALL_ACCESS};
static const struct generic_mapping grp_generic_mapping = {
GENERIC_RIGHTS_GROUP_READ,
@@ -622,7 +625,7 @@ NTSTATUS _samr_OpenDomain(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SAMR_ACCESS_OPEN_DOMAIN,
"_samr_OpenDomain" );
if ( !NT_STATUS_IS_OK(status) )
@@ -791,7 +794,7 @@ NTSTATUS _samr_SetSecurity(pipes_struct *p,
if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) {
ret = pdb_set_pass_can_change(sampass,
(dacl->aces[i].access_mask &
- SA_RIGHT_USER_CHANGE_PASSWORD) ?
+ SAMR_USER_ACCESS_CHANGE_PASSWORD) ?
True: False);
break;
}
@@ -803,7 +806,7 @@ NTSTATUS _samr_SetSecurity(pipes_struct *p,
}
status = access_check_samr_function(acc_granted,
- SA_RIGHT_USER_SET_ATTRIBUTES,
+ SAMR_USER_ACCESS_SET_ATTRIBUTES,
"_samr_SetSecurity");
if (NT_STATUS_IS_OK(status)) {
become_root();
@@ -990,7 +993,7 @@ NTSTATUS _samr_EnumDomainUsers(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
"_samr_EnumDomainUsers");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -1129,7 +1132,7 @@ NTSTATUS _samr_EnumDomainGroups(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
"_samr_EnumDomainGroups");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -1209,7 +1212,7 @@ NTSTATUS _samr_EnumDomainAliases(pipes_struct *p,
sid_string_dbg(&info->sid)));
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
"_samr_EnumDomainAliases");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -1482,7 +1485,7 @@ NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
"_samr_QueryDisplayInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -1737,7 +1740,7 @@ NTSTATUS _samr_QueryAliasInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_ALIAS_LOOKUP_INFO,
+ SAMR_ALIAS_ACCESS_LOOKUP_INFO,
"_samr_QueryAliasInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -2062,8 +2065,8 @@ NTSTATUS _samr_LookupRids(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
- "_samr__LookupRids");
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
+ "_samr_LookupRids");
if (!NT_STATUS_IS_OK(status)) {
return status;
}
@@ -2146,7 +2149,7 @@ NTSTATUS _samr_OpenUser(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
nt_status = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_OPEN_ACCOUNT,
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
"_samr_OpenUser" );
if ( !NT_STATUS_IS_OK(nt_status) )
@@ -2641,7 +2644,7 @@ NTSTATUS _samr_QueryUserInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_OPEN_ACCOUNT,
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
"_samr_QueryUserInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -2764,7 +2767,7 @@ NTSTATUS _samr_GetGroupsForUser(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
result = access_check_samr_function(acc_granted,
- SA_RIGHT_USER_GET_GROUPS,
+ SAMR_USER_ACCESS_GET_GROUPS,
"_samr_GetGroupsForUser");
if (!NT_STATUS_IS_OK(result)) {
return result;
@@ -2891,7 +2894,7 @@ NTSTATUS _samr_QueryDomainInfo(pipes_struct *p,
}
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SAMR_ACCESS_OPEN_DOMAIN,
"_samr_QueryDomainInfo" );
if ( !NT_STATUS_IS_OK(status) )
@@ -3147,7 +3150,7 @@ NTSTATUS _samr_CreateUser2(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
nt_status = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_CREATE_USER,
+ SAMR_DOMAIN_ACCESS_CREATE_USER,
"_samr_CreateUser2");
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
@@ -3284,14 +3287,14 @@ NTSTATUS _samr_Connect(pipes_struct *p,
if ((info = get_samr_info_by_sid(NULL)) == NULL)
return NT_STATUS_NO_MEMORY;
- /* don't give away the farm but this is probably ok. The SA_RIGHT_SAM_ENUM_DOMAINS
+ /* don't give away the farm but this is probably ok. The SAMR_ACCESS_ENUM_DOMAINS
was observed from a win98 client trying to enumerate users (when configured
user level access control on shares) --jerry */
map_max_allowed_access(p->pipe_user.nt_user_token, &des_access);
se_map_generic( &des_access, &sam_generic_mapping );
- info->acc_granted = des_access & (SA_RIGHT_SAM_ENUM_DOMAINS|SA_RIGHT_SAM_OPEN_DOMAIN);
+ info->acc_granted = des_access & (SAMR_ACCESS_ENUM_DOMAINS|SAMR_ACCESS_OPEN_DOMAIN);
/* get a (unique) handle. open a policy on it. */
if (!create_policy_hnd(p, r->out.connect_handle, free_samr_info, (void *)info))
@@ -3474,11 +3477,11 @@ NTSTATUS _samr_LookupDomain(pipes_struct *p,
if (!find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info))
return NT_STATUS_INVALID_HANDLE;
- /* win9x user manager likes to use SA_RIGHT_SAM_ENUM_DOMAINS here.
+ /* win9x user manager likes to use SAMR_ACCESS_ENUM_DOMAINS here.
Reverted that change so we will work with RAS servers again */
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_OPEN_DOMAIN,
+ SAMR_ACCESS_OPEN_DOMAIN,
"_samr_LookupDomain");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -3524,7 +3527,7 @@ NTSTATUS _samr_EnumDomains(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_SAM_ENUM_DOMAINS,
+ SAMR_ACCESS_ENUM_DOMAINS,
"_samr_EnumDomains");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -3582,7 +3585,7 @@ NTSTATUS _samr_OpenAlias(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_OPEN_ACCOUNT,
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
"_samr_OpenAlias");
if ( !NT_STATUS_IS_OK(status) )
@@ -4109,9 +4112,9 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
}
/* This is tricky. A WinXP domain join sets
- (SA_RIGHT_USER_SET_PASSWORD|SA_RIGHT_USER_SET_ATTRIBUTES|SA_RIGHT_USER_ACCT_FLAGS_EXPIRY)
+ (SAMR_USER_ACCESS_SET_PASSWORD|SAMR_USER_ACCESS_SET_ATTRIBUTES|SAMR_USER_ACCESS_GET_ATTRIBUTES)
The MMC lusrmgr plugin includes these perms and more in the SamrOpenUser(). But the
- standard Win32 API calls just ask for SA_RIGHT_USER_SET_PASSWORD in the SamrOpenUser().
+ standard Win32 API calls just ask for SAMR_USER_ACCESS_SET_PASSWORD in the SamrOpenUser().
This should be enough for levels 18, 24, 25,& 26. Info level 23 can set more so
we'll use the set from the WinXP join as the basis. */
@@ -4120,12 +4123,12 @@ NTSTATUS _samr_SetUserInfo(pipes_struct *p,
case 24:
case 25:
case 26:
- acc_required = SA_RIGHT_USER_SET_PASSWORD;
+ acc_required = SAMR_USER_ACCESS_SET_PASSWORD;
break;
default:
- acc_required = SA_RIGHT_USER_SET_PASSWORD |
- SA_RIGHT_USER_SET_ATTRIBUTES |
- SA_RIGHT_USER_ACCT_FLAGS_EXPIRY;
+ acc_required = SAMR_USER_ACCESS_SET_PASSWORD |
+ SAMR_USER_ACCESS_SET_ATTRIBUTES |
+ SAMR_USER_ACCESS_GET_ATTRIBUTES;
break;
}
@@ -4342,10 +4345,10 @@ NTSTATUS _samr_GetAliasMembership(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
ntstatus1 = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_LOOKUP_ALIAS_BY_MEM,
+ SAMR_DOMAIN_ACCESS_LOOKUP_ALIAS,
"_samr_GetAliasMembership");
ntstatus2 = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_OPEN_ACCOUNT,
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
"_samr_GetAliasMembership");
if (!NT_STATUS_IS_OK(ntstatus1) || !NT_STATUS_IS_OK(ntstatus2)) {
@@ -4412,7 +4415,7 @@ NTSTATUS _samr_GetMembersInAlias(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_ALIAS_GET_MEMBERS,
+ SAMR_ALIAS_ACCESS_GET_MEMBERS,
"_samr_GetMembersInAlias");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4480,7 +4483,7 @@ NTSTATUS _samr_QueryGroupMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_GROUP_GET_MEMBERS,
+ SAMR_GROUP_ACCESS_GET_MEMBERS,
"_samr_QueryGroupMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4544,7 +4547,7 @@ NTSTATUS _samr_AddAliasMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_ALIAS_ADD_MEMBER,
+ SAMR_ALIAS_ACCESS_ADD_MEMBER,
"_samr_AddAliasMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4593,7 +4596,7 @@ NTSTATUS _samr_DeleteAliasMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_ALIAS_REMOVE_MEMBER,
+ SAMR_ALIAS_ACCESS_REMOVE_MEMBER,
"_samr_DeleteAliasMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4644,7 +4647,7 @@ NTSTATUS _samr_AddGroupMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_GROUP_ADD_MEMBER,
+ SAMR_GROUP_ACCESS_ADD_MEMBER,
"_samr_AddGroupMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4704,7 +4707,7 @@ NTSTATUS _samr_DeleteGroupMember(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_GROUP_REMOVE_MEMBER,
+ SAMR_GROUP_ACCESS_REMOVE_MEMBER,
"_samr_DeleteGroupMember");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -4985,7 +4988,7 @@ NTSTATUS _samr_CreateDomainGroup(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_CREATE_GROUP,
+ SAMR_DOMAIN_ACCESS_CREATE_GROUP,
"_samr_CreateDomainGroup");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -5067,7 +5070,7 @@ NTSTATUS _samr_CreateDomAlias(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
result = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_CREATE_ALIAS,
+ SAMR_DOMAIN_ACCESS_CREATE_ALIAS,
"_samr_CreateDomAlias");
if (!NT_STATUS_IS_OK(result)) {
return result;
@@ -5159,7 +5162,7 @@ NTSTATUS _samr_QueryGroupInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_GROUP_LOOKUP_INFO,
+ SAMR_GROUP_ACCESS_LOOKUP_INFO,
"_samr_QueryGroupInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -5265,7 +5268,7 @@ NTSTATUS _samr_SetGroupInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_GROUP_SET_INFO,
+ SAMR_GROUP_ACCESS_SET_INFO,
"_samr_SetGroupInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -5330,7 +5333,7 @@ NTSTATUS _samr_SetAliasInfo(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_ALIAS_SET_INFO,
+ SAMR_ALIAS_ACCESS_SET_INFO,
"_samr_SetAliasInfo");
if (!NT_STATUS_IS_OK(status)) {
return status;
@@ -5474,7 +5477,7 @@ NTSTATUS _samr_OpenGroup(pipes_struct *p,
return NT_STATUS_INVALID_HANDLE;
status = access_check_samr_function(acc_granted,
- SA_RIGHT_DOMAIN_OPEN_ACCOUNT,
+ SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT,
"_samr_OpenGroup");
if ( !NT_STATUS_IS_OK(status) )
@@ -5628,11 +5631,11 @@ NTSTATUS _samr_SetDomainInfo(pipes_struct *p,
* levels here, but we're really just looking for
* GENERIC_RIGHTS_DOMAIN_WRITE access. Unfortunately
* this maps to different specific bits. So
- * assume if we have SA_RIGHT_DOMAIN_SET_INFO_1
+ * assume if we have SAMR_DOMAIN_ACCESS_SET_INFO_1
* set we are ok. */
result = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_SET_INFO_1,
+ SAMR_DOMAIN_ACCESS_SET_INFO_1,
"_samr_SetDomainInfo");
if (!NT_STATUS_IS_OK(result))
@@ -5705,7 +5708,7 @@ NTSTATUS _samr_GetDisplayEnumerationIndex(pipes_struct *p,
}
status = access_check_samr_function(info->acc_granted,
- SA_RIGHT_DOMAIN_ENUM_ACCOUNTS,
+ SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS,
"_samr_GetDisplayEnumerationIndex");
if (!NT_STATUS_IS_OK(status)) {
return status;
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index cafe9fc9af..577f7f1ded 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -171,7 +171,7 @@ static void srv_spoolss_replycloseprinter(int snum, POLICY_HND *handle)
if (!W_ERROR_IS_OK(result))
DEBUG(0,("srv_spoolss_replycloseprinter: reply_close_printer failed [%s].\n",
- dos_errstr(result)));
+ win_errstr(result)));
/* if it's the last connection, deconnect the IPC$ share */
if (smb_connections==1) {
@@ -541,7 +541,7 @@ static bool set_printer_hnd_name(Printer_entry *Printer, char *handlename)
result = get_a_printer_search( NULL, &printer, 2, sname );
if ( !W_ERROR_IS_OK(result) ) {
DEBUG(0,("set_printer_hnd_name: failed to lookup printer [%s] -- result [%s]\n",
- sname, dos_errstr(result)));
+ sname, win_errstr(result)));
continue;
}
@@ -1284,7 +1284,7 @@ void do_drv_upgrade_printer(struct messaging_context *msg,
result = mod_a_printer(printer, 2);
if (!W_ERROR_IS_OK(result)) {
DEBUG(3,("do_drv_upgrade_printer: mod_a_printer() failed with status [%s]\n",
- dos_errstr(result)));
+ win_errstr(result)));
}
}
@@ -2677,7 +2677,7 @@ static bool srv_spoolss_replyopenprinter(int snum, const char *printer,
if (!W_ERROR_IS_OK(result))
DEBUG(5,("srv_spoolss_reply_open_printer: Client RPC returned [%s]\n",
- dos_errstr(result)));
+ win_errstr(result)));
return (W_ERROR_IS_OK(result));
}
@@ -5376,12 +5376,12 @@ static WERROR construct_printer_driver_info_3(DRIVER_INFO_3 *info, int snum, con
ZERO_STRUCT(driver);
status=get_a_printer(NULL, &printer, 2, lp_const_servicename(snum) );
- DEBUG(8,("construct_printer_driver_info_3: status: %s\n", dos_errstr(status)));
+ DEBUG(8,("construct_printer_driver_info_3: status: %s\n", win_errstr(status)));
if (!W_ERROR_IS_OK(status))
return WERR_INVALID_PRINTER_NAME;
status=get_a_printer_driver(&driver, 3, printer->info_2->drivername, architecture, version);
- DEBUG(8,("construct_printer_driver_info_3: status: %s\n", dos_errstr(status)));
+ DEBUG(8,("construct_printer_driver_info_3: status: %s\n", win_errstr(status)));
#if 0 /* JERRY */
@@ -5401,7 +5401,7 @@ static WERROR construct_printer_driver_info_3(DRIVER_INFO_3 *info, int snum, con
/* Yes - try again with a WinNT driver. */
version = 2;
status=get_a_printer_driver(&driver, 3, printer->info_2->drivername, architecture, version);
- DEBUG(8,("construct_printer_driver_info_3: status: %s\n", dos_errstr(status)));
+ DEBUG(8,("construct_printer_driver_info_3: status: %s\n", win_errstr(status)));
}
#endif
@@ -5519,14 +5519,14 @@ static WERROR construct_printer_driver_info_6(DRIVER_INFO_6 *info, int snum,
status=get_a_printer(NULL, &printer, 2, lp_const_servicename(snum) );
- DEBUG(8,("construct_printer_driver_info_6: status: %s\n", dos_errstr(status)));
+ DEBUG(8,("construct_printer_driver_info_6: status: %s\n", win_errstr(status)));
if (!W_ERROR_IS_OK(status))
return WERR_INVALID_PRINTER_NAME;
status = get_a_printer_driver(&driver, 3, printer->info_2->drivername, architecture, version);
- DEBUG(8,("construct_printer_driver_info_6: status: %s\n", dos_errstr(status)));
+ DEBUG(8,("construct_printer_driver_info_6: status: %s\n", win_errstr(status)));
if (!W_ERROR_IS_OK(status))
{
@@ -5542,7 +5542,7 @@ static WERROR construct_printer_driver_info_6(DRIVER_INFO_6 *info, int snum,
/* Yes - try again with a WinNT driver. */
version = 2;
status=get_a_printer_driver(&driver, 3, printer->info_2->drivername, architecture, version);
- DEBUG(8,("construct_printer_driver_info_6: status: %s\n", dos_errstr(status)));
+ DEBUG(8,("construct_printer_driver_info_6: status: %s\n", win_errstr(status)));
if (!W_ERROR_IS_OK(status)) {
free_a_printer(&printer,2);
return WERR_UNKNOWN_PRINTER_DRIVER;
@@ -7544,7 +7544,7 @@ static WERROR enumports_level_1(RPC_BUFFER *buffer, uint32 offered, uint32 *need
if(numlines) {
if((ports=SMB_MALLOC_ARRAY( PORT_INFO_1, numlines )) == NULL) {
DEBUG(10,("Returning WERR_NOMEM [%s]\n",
- dos_errstr(WERR_NOMEM)));
+ win_errstr(WERR_NOMEM)));
TALLOC_FREE(qlines);
return WERR_NOMEM;
}
diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c
index c96439cc1a..0a54b0dd3f 100644
--- a/source3/rpc_server/srv_wkssvc_nt.c
+++ b/source3/rpc_server/srv_wkssvc_nt.c
@@ -349,7 +349,7 @@ WERROR _wkssvc_NetrJoinDomain2(pipes_struct *p,
if (!W_ERROR_IS_OK(werr)) {
DEBUG(5,("_wkssvc_NetrJoinDomain2: libnet_Join failed with: %s\n",
j->out.error_string ? j->out.error_string :
- dos_errstr(werr)));
+ win_errstr(werr)));
}
TALLOC_FREE(j);
@@ -415,7 +415,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(pipes_struct *p,
if (!W_ERROR_IS_OK(werr)) {
DEBUG(5,("_wkssvc_NetrUnjoinDomain2: libnet_Unjoin failed with: %s\n",
u->out.error_string ? u->out.error_string :
- dos_errstr(werr)));
+ win_errstr(werr)));
}
TALLOC_FREE(u);
generated by cgit (git 2.34.1) at 2024-08-12 20:05:44 +0000