summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/rpc_server/srv_samr_nt.c125
1 files changed, 82 insertions, 43 deletions
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 0900a9bab4..b9eaaee2b7 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -852,60 +852,99 @@ static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
NTSTATUS _samr_QuerySecurity(pipes_struct *p,
struct samr_QuerySecurity *r)
{
+ struct samr_connect_info *cinfo;
+ struct samr_domain_info *dinfo;
+ struct samr_user_info *uinfo;
+ struct samr_group_info *ginfo;
+ struct samr_alias_info *ainfo;
NTSTATUS status;
- DOM_SID pol_sid;
SEC_DESC * psd = NULL;
- uint32 acc_granted;
size_t sd_size;
- /* Get the SID. */
- if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
- return NT_STATUS_INVALID_HANDLE;
-
- DEBUG(10,("_samr_QuerySecurity: querying security on SID: %s\n",
- sid_string_dbg(&pol_sid)));
-
- status = access_check_samr_function(acc_granted,
- STD_RIGHT_READ_CONTROL_ACCESS,
- "_samr_QuerySecurity");
- if (!NT_STATUS_IS_OK(status)) {
- return status;
+ cinfo = policy_handle_find(p, r->in.handle,
+ STD_RIGHT_READ_CONTROL_ACCESS, NULL,
+ struct samr_connect_info, &status);
+ if (NT_STATUS_IS_OK(status)) {
+ DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n"));
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size,
+ &sam_generic_mapping, NULL, 0);
+ goto done;
}
- /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */
-
- /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */
- if (pol_sid.sid_rev_num == 0) {
- DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n"));
- status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
- } else if (sid_equal(&pol_sid,get_global_sam_sid())) {
- /* check if it is our domain SID */
+ dinfo = policy_handle_find(p, r->in.handle,
+ STD_RIGHT_READ_CONTROL_ACCESS, NULL,
+ struct samr_domain_info, &status);
+ if (NT_STATUS_IS_OK(status)) {
DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
- "with SID: %s\n", sid_string_dbg(&pol_sid)));
- status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
- } else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
- /* check if it is the Builtin Domain */
- /* TODO: Builtin probably needs a different SD with restricted write access*/
- DEBUG(5,("_samr_QuerySecurity: querying security on Builtin "
- "Domain with SID: %s\n", sid_string_dbg(&pol_sid)));
- status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
- } else if (sid_check_is_in_our_domain(&pol_sid) ||
- sid_check_is_in_builtin(&pol_sid)) {
- /* TODO: different SDs have to be generated for aliases groups and users.
- Currently all three get a default user SD */
- DEBUG(10,("_samr_QuerySecurity: querying security on Object "
- "with SID: %s\n", sid_string_dbg(&pol_sid)));
- if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
- status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
- &pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
+ "with SID: %s\n", sid_string_dbg(&dinfo->sid)));
+ /*
+ * TODO: Builtin probably needs a different SD with restricted
+ * write access
+ */
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size,
+ &dom_generic_mapping, NULL, 0);
+ goto done;
+ }
+
+ uinfo = policy_handle_find(p, r->in.handle,
+ STD_RIGHT_READ_CONTROL_ACCESS, NULL,
+ struct samr_user_info, &status);
+ if (NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("_samr_QuerySecurity: querying security on user "
+ "Object with SID: %s\n",
+ sid_string_dbg(&uinfo->sid)));
+ if (check_change_pw_access(p->mem_ctx, &uinfo->sid)) {
+ status = make_samr_object_sd(
+ p->mem_ctx, &psd, &sd_size,
+ &usr_generic_mapping,
+ &uinfo->sid, SAMR_USR_RIGHTS_WRITE_PW);
} else {
- status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping,
- &pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
+ status = make_samr_object_sd(
+ p->mem_ctx, &psd, &sd_size,
+ &usr_nopwchange_generic_mapping,
+ &uinfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
}
- } else {
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
+ goto done;
}
+ ginfo = policy_handle_find(p, r->in.handle,
+ STD_RIGHT_READ_CONTROL_ACCESS, NULL,
+ struct samr_group_info, &status);
+ if (NT_STATUS_IS_OK(status)) {
+ /*
+ * TODO: different SDs have to be generated for aliases groups
+ * and users. Currently all three get a default user SD
+ */
+ DEBUG(10,("_samr_QuerySecurity: querying security on group "
+ "Object with SID: %s\n",
+ sid_string_dbg(&ginfo->sid)));
+ status = make_samr_object_sd(
+ p->mem_ctx, &psd, &sd_size,
+ &usr_nopwchange_generic_mapping,
+ &ginfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
+ goto done;
+ }
+
+ ainfo = policy_handle_find(p, r->in.handle,
+ STD_RIGHT_READ_CONTROL_ACCESS, NULL,
+ struct samr_alias_info, &status);
+ if (NT_STATUS_IS_OK(status)) {
+ /*
+ * TODO: different SDs have to be generated for aliases groups
+ * and users. Currently all three get a default user SD
+ */
+ DEBUG(10,("_samr_QuerySecurity: querying security on alias "
+ "Object with SID: %s\n",
+ sid_string_dbg(&ainfo->sid)));
+ status = make_samr_object_sd(
+ p->mem_ctx, &psd, &sd_size,
+ &usr_nopwchange_generic_mapping,
+ &ainfo->sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
+ goto done;
+ }
+
+ return NT_STATUS_OBJECT_TYPE_MISMATCH;
+done:
if ((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
return NT_STATUS_NO_MEMORY;