From 99aae4a0ee4f5d069bebe998337d1cdb0c1c390a Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 26 Aug 2010 10:35:45 +1000 Subject: s3:privs Change to new host endian neutral privilages tdb format These values are stored in account_policy.tdb, and the old format, using a 128 bit bitmap was not endian neutral. The previous endian-dependent format was introduced in 46e5effea948931509283cb84b27007d34b521c8 replacing a 32 bit number which was used at the time. Andrew Bartlett Signed-off-by: Andrew Tridgell --- source3/lib/privileges.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index 5abd5228fa..97ae7dbfab 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -65,9 +65,20 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask ) return False; } - SMB_ASSERT( data.dsize == sizeof( uint64_t ) ); + if (data.dsize == 4*4) { + DEBUG(3, ("get_privileges: Should not have obtained old-style privileges record for SID " + "[%s]\n", sid_string_dbg(sid))); + return False; + } + + if (data.dsize != sizeof( uint64_t ) ) { + DEBUG(3, ("get_privileges: Invalid privileges record assigned to SID " + "[%s]\n", sid_string_dbg(sid))); + return False; + } + + *mask = BVAL(data.dptr, 0); - se_priv_copy( mask, (uint64_t*)data.dptr ); TALLOC_FREE(data.dptr); return True; @@ -80,6 +91,7 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask ) static bool set_privileges( const struct dom_sid *sid, uint64_t *mask ) { struct db_context *db = get_account_pol_db(); + uint8_t privbuf[8]; fstring tmp, keystr; TDB_DATA data; @@ -98,7 +110,8 @@ static bool set_privileges( const struct dom_sid *sid, uint64_t *mask ) fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid)); - /* no packing. static size structure, just write it out */ + /* This writes the 64 bit bitmask out in little endian format */ + SBVAL(privbuf,0,*mask); data.dptr = (uint8 *)mask; data.dsize = sizeof(uint64_t); -- cgit