summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c69
1 files changed, 55 insertions, 14 deletions
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 522a266b8c..0be371df11 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -3001,8 +3001,10 @@ static uint32 control_printer(const POLICY_HND *handle, uint32 command,
********************************************************************/
static uint32 update_printer_sec(const POLICY_HND *handle, uint32 level,
const SPOOL_PRINTER_INFO_LEVEL *info,
- SEC_DESC_BUF *secdesc_ctr)
+ pipes_struct *p, SEC_DESC_BUF *secdesc_ctr)
{
+ struct current_user user;
+
Printer_entry *Printer = find_printer_index_by_hnd(handle);
if (!OPEN_HANDLE(Printer)) {
@@ -3010,7 +3012,15 @@ static uint32 update_printer_sec(const POLICY_HND *handle, uint32 level,
return ERROR_INVALID_HANDLE;
}
- return nt_printing_setsec(Printer->dev.printername, secdesc_ctr);
+ if (p->ntlmssp_auth_validated) {
+ memcpy(&user, &p->pipe_user, sizeof(user));
+ } else {
+ extern struct current_user current_user;
+ memcpy(&user, &current_user, sizeof(user));
+ }
+
+ return nt_printing_setsec(Printer->dev.printername, &user,
+ secdesc_ctr);
}
/********************************************************************
@@ -3025,25 +3035,53 @@ static uint32 update_printer(const POLICY_HND *handle, uint32 level,
int snum;
NT_PRINTER_INFO_LEVEL *printer = NULL;
Printer_entry *Printer = find_printer_index_by_hnd(handle);
-
+ SEC_DESC_BUF *sd = NULL;
+ uint32 result, acc_granted;
+ extern struct current_user current_user;
+
DEBUG(8,("update_printer\n"));
+ result = NT_STATUS_NO_PROBLEMO;
+
+ /* Check calling user has permission to update printer description */
+
+ if (!nt_printing_getsec(Printer->dev.printername, &sd)) {
+ DEBUG(3, ("Could not get security descriptor for printer %s",
+ Printer->dev.printername));
+ result = ERROR_INVALID_FUNCTION;
+ goto done;
+ }
+
+ if (!se_access_check(sd->sec, current_user.uid, current_user.gid,
+ current_user.ngroups, current_user.groups,
+ PRINTER_ACE_FULL_CONTROL, &acc_granted,
+ &result)) {
+ DEBUG(3, ("printer property change denied by security "
+ "descriptor\n"));
+ goto done;
+ }
+
if (level!=2) {
DEBUG(0,("Send a mail to samba@samba.org\n"));
DEBUGADD(0,("with the following message: update_printer: level!=2\n"));
- return ERROR_INVALID_LEVEL;
+ result = ERROR_INVALID_LEVEL;
+ goto done;
}
if (!OPEN_HANDLE(Printer)) {
- DEBUG(0,("update_printer: Invalid handle (%s)\n", OUR_HANDLE(handle)));
- return ERROR_INVALID_HANDLE;
+ result = ERROR_INVALID_HANDLE;
+ goto done;
}
- if (!get_printer_snum(handle, &snum) )
- return ERROR_INVALID_HANDLE;
+ if (!get_printer_snum(handle, &snum)) {
+ result = ERROR_INVALID_HANDLE;
+ goto done;
+ }
- if(get_a_printer(&printer, 2, lp_servicename(snum)) != 0)
- return ERROR_INVALID_HANDLE;
+ if(get_a_printer(&printer, 2, lp_servicename(snum)) != 0) {
+ result = ERROR_INVALID_HANDLE;
+ goto done;
+ }
DEBUGADD(8,("Converting info_2 struct\n"));
@@ -3078,13 +3116,15 @@ static uint32 update_printer(const POLICY_HND *handle, uint32 level,
if (add_a_printer(*printer, 2)!=0) {
/* I don't really know what to return here !!! */
- free_a_printer(&printer, 2);
- return ERROR_ACCESS_DENIED;
+ result = ERROR_ACCESS_DENIED;
+ goto done;
}
+ done:
free_a_printer(&printer, 2);
+ free_sec_desc_buf(&sd);
- return NT_STATUS_NO_PROBLEMO;
+ return result;
}
/****************************************************************************
@@ -3111,7 +3151,8 @@ uint32 _spoolss_setprinter(const POLICY_HND *handle, uint32 level,
return update_printer(handle, level, info, devmode_ctr.devmode);
break;
case 3:
- return update_printer_sec(handle, level, info, secdesc_ctr);
+ return update_printer_sec(handle, level, info, p,
+ secdesc_ctr);
break;
default:
return ERROR_INVALID_LEVEL;