diff options
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/srv_spoolss_nt.c | 69 |
1 files changed, 55 insertions, 14 deletions
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 522a266b8c..0be371df11 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -3001,8 +3001,10 @@ static uint32 control_printer(const POLICY_HND *handle, uint32 command, ********************************************************************/ static uint32 update_printer_sec(const POLICY_HND *handle, uint32 level, const SPOOL_PRINTER_INFO_LEVEL *info, - SEC_DESC_BUF *secdesc_ctr) + pipes_struct *p, SEC_DESC_BUF *secdesc_ctr) { + struct current_user user; + Printer_entry *Printer = find_printer_index_by_hnd(handle); if (!OPEN_HANDLE(Printer)) { @@ -3010,7 +3012,15 @@ static uint32 update_printer_sec(const POLICY_HND *handle, uint32 level, return ERROR_INVALID_HANDLE; } - return nt_printing_setsec(Printer->dev.printername, secdesc_ctr); + if (p->ntlmssp_auth_validated) { + memcpy(&user, &p->pipe_user, sizeof(user)); + } else { + extern struct current_user current_user; + memcpy(&user, ¤t_user, sizeof(user)); + } + + return nt_printing_setsec(Printer->dev.printername, &user, + secdesc_ctr); } /******************************************************************** @@ -3025,25 +3035,53 @@ static uint32 update_printer(const POLICY_HND *handle, uint32 level, int snum; NT_PRINTER_INFO_LEVEL *printer = NULL; Printer_entry *Printer = find_printer_index_by_hnd(handle); - + SEC_DESC_BUF *sd = NULL; + uint32 result, acc_granted; + extern struct current_user current_user; + DEBUG(8,("update_printer\n")); + result = NT_STATUS_NO_PROBLEMO; + + /* Check calling user has permission to update printer description */ + + if (!nt_printing_getsec(Printer->dev.printername, &sd)) { + DEBUG(3, ("Could not get security descriptor for printer %s", + Printer->dev.printername)); + result = ERROR_INVALID_FUNCTION; + goto done; + } + + if (!se_access_check(sd->sec, current_user.uid, current_user.gid, + current_user.ngroups, current_user.groups, + PRINTER_ACE_FULL_CONTROL, &acc_granted, + &result)) { + DEBUG(3, ("printer property change denied by security " + "descriptor\n")); + goto done; + } + if (level!=2) { DEBUG(0,("Send a mail to samba@samba.org\n")); DEBUGADD(0,("with the following message: update_printer: level!=2\n")); - return ERROR_INVALID_LEVEL; + result = ERROR_INVALID_LEVEL; + goto done; } if (!OPEN_HANDLE(Printer)) { - DEBUG(0,("update_printer: Invalid handle (%s)\n", OUR_HANDLE(handle))); - return ERROR_INVALID_HANDLE; + result = ERROR_INVALID_HANDLE; + goto done; } - if (!get_printer_snum(handle, &snum) ) - return ERROR_INVALID_HANDLE; + if (!get_printer_snum(handle, &snum)) { + result = ERROR_INVALID_HANDLE; + goto done; + } - if(get_a_printer(&printer, 2, lp_servicename(snum)) != 0) - return ERROR_INVALID_HANDLE; + if(get_a_printer(&printer, 2, lp_servicename(snum)) != 0) { + result = ERROR_INVALID_HANDLE; + goto done; + } DEBUGADD(8,("Converting info_2 struct\n")); @@ -3078,13 +3116,15 @@ static uint32 update_printer(const POLICY_HND *handle, uint32 level, if (add_a_printer(*printer, 2)!=0) { /* I don't really know what to return here !!! */ - free_a_printer(&printer, 2); - return ERROR_ACCESS_DENIED; + result = ERROR_ACCESS_DENIED; + goto done; } + done: free_a_printer(&printer, 2); + free_sec_desc_buf(&sd); - return NT_STATUS_NO_PROBLEMO; + return result; } /**************************************************************************** @@ -3111,7 +3151,8 @@ uint32 _spoolss_setprinter(const POLICY_HND *handle, uint32 level, return update_printer(handle, level, info, devmode_ctr.devmode); break; case 3: - return update_printer_sec(handle, level, info, secdesc_ctr); + return update_printer_sec(handle, level, info, p, + secdesc_ctr); break; default: return ERROR_INVALID_LEVEL; |