From 07e6ff5fcfe337bb65a7c3a4493a92a7761cf2ed Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 14 Apr 2002 09:44:16 +0000 Subject: Partly based on the work by mimir (Rafal Szczesniak ) this patch allows samba to correctly enumerate its trusted domains - by exaimining the keys in the secrets.tdb file. This patch has been tested with both NT4 and rpcclient/wbinfo, and adds some extra functionality to talloc and rpc_parse to allow it to deal with already unicode strings. Finally, this cleans up some const warnings that were in net_rpc.c by pushing another dash of const into the rpc client code. Andrew Bartlett (This used to be commit 0bdd94cb992b40942aaf2e5e0efd2868b4686296) --- source3/rpc_server/srv_lsa.c | 2 ++ source3/rpc_server/srv_lsa_nt.c | 20 ++++++++++++++------ 2 files changed, 16 insertions(+), 6 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index fcd4be0212..3914556e88 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -105,8 +105,10 @@ static BOOL api_lsa_enum_trust_dom(pipes_struct *p) if(!lsa_io_q_enum_trust_dom("", &q_u, data, 0)) return False; + /* get required trusted domains information */ r_u.status = _lsa_enum_trust_dom(p, &q_u, &r_u); + /* prepare the response */ if(!lsa_io_r_enum_trust_dom("", &r_u, rdata, 0)) return False; diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 84ab44bc30..c564323803 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -416,14 +416,18 @@ NTSTATUS _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL * /*************************************************************************** _lsa_enum_trust_dom - this needs fixing to do more than return NULL ! JRA. + ufff, done :) mimir ***************************************************************************/ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_ENUM_TRUST_DOM *r_u) { struct lsa_info *info; - uint32 enum_context = 0; - char *dom_name = NULL; - DOM_SID *dom_sid = NULL; + uint32 enum_context = q_u->enum_context; + /* it's set to 10 as a "our" preferred length */ + uint32 max_num_domains = q_u->preferred_len < 10 ? q_u->preferred_len : 10; + TRUSTDOM **trust_doms; + uint32 num_domains; + NTSTATUS nt_status; if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; @@ -432,9 +436,13 @@ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_E if (!(info->access & POLICY_VIEW_LOCAL_INFORMATION)) return NT_STATUS_ACCESS_DENIED; - /* set up the LSA QUERY INFO response */ - init_r_enum_trust_dom(p->mem_ctx, r_u, enum_context, dom_name, dom_sid, - dom_name != NULL ? NT_STATUS_OK : NT_STATUS_NO_MORE_ENTRIES); + nt_status = secrets_get_trusted_domains(p->mem_ctx, enum_context, max_num_domains, &num_domains, &trust_doms); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + + /* set up the lsa_enum_trust_dom response */ + init_r_enum_trust_dom(p->mem_ctx, r_u, enum_context, max_num_domains, num_domains, trust_doms); return r_u->status; } -- cgit From 1667a821060b8bbc1cef3db473f6967cd02f5886 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 15 Apr 2002 04:07:13 +0000 Subject: Merge of print server permission handling fixes from HEAD. Unit tests rock! (This used to be commit bc673c42045ceb46d9569bc4d88f9c64897fc85a) --- source3/rpc_server/srv_spoolss_nt.c | 49 ++++++++++++++++++++++++++++--------- 1 file changed, 37 insertions(+), 12 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 3bc91c2472..a8552cd14d 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -92,7 +92,8 @@ static uint32 smb_connections=0; /* in printing/nt_printing.c */ -extern STANDARD_MAPPING printer_std_mapping; + +extern STANDARD_MAPPING printer_std_mapping, printserver_std_mapping; #define OUR_HANDLE(hnd) (((hnd)==NULL)?"NULL":(IVAL((hnd)->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")), \ ((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid()) @@ -959,26 +960,50 @@ Can't find printer handle we created for printer %s\n", name )); get_current_user(&user, p); if (Printer->printer_type == PRINTER_HANDLE_IS_PRINTSERVER) { - if (printer_default->access_required == 0) { - return WERR_OK; + + /* Printserver handles use global struct... */ + + snum = -1; + + /* Map standard access rights to object specific access + rights */ + + se_map_standard(&printer_default->access_required, + &printserver_std_mapping); + + /* Deny any object specific bits that don't apply to print + servers (i.e printer and job specific bits) */ + + printer_default->access_required &= SPECIFIC_RIGHTS_MASK; + + if (printer_default->access_required & + ~(SERVER_ACCESS_ADMINISTER | SERVER_ACCESS_ENUMERATE)) { + DEBUG(3, ("access DENIED for non-printserver bits")); + close_printer_handle(p, handle); + return WERR_ACCESS_DENIED; } - else if ((printer_default->access_required & SERVER_ACCESS_ADMINISTER ) == SERVER_ACCESS_ADMINISTER) { - /* Printserver handles use global struct... */ - snum = -1; + /* Allow admin access */ + + if (printer_default->access_required & + SERVER_ACCESS_ADMINISTER) { if (!lp_ms_add_printer_wizard()) { close_printer_handle(p, handle); return WERR_ACCESS_DENIED; } - else if (user.uid == 0 || user_in_list(uidtoname(user.uid), lp_printer_admin(snum))) { + + if (user.uid == 0 || + user_in_list(uidtoname(user.uid), + lp_printer_admin(snum))) return WERR_OK; - } - else { - close_printer_handle(p, handle); - return WERR_ACCESS_DENIED; - } + + close_printer_handle(p, handle); + return WERR_ACCESS_DENIED; } + + /* We fall through to return WERR_OK */ + } else { -- cgit From e9be6c4db4ad5a5caefed5a97df13880ca3262f4 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Apr 2002 01:48:45 +0000 Subject: Fix found by Li Shao @ HP - XP clients don't bother to set the devmode_ptr in the SetPrinter() call - they send it in the devmode_ctr instead. Jeremy. (This used to be commit f988a1af034b4cea2412171a257a752192afaece) --- source3/rpc_server/srv_spoolss_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index a8552cd14d..5fa45b0b44 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -5084,7 +5084,7 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, goto done; } - if (info->info_2->devmode_ptr != 0) { + if (devmode) { /* we have a valid devmode convert it and link it*/ -- cgit From dde9187728936df5825cf19bda74fce1185ffb21 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 22 Apr 2002 18:47:36 +0000 Subject: merge from SAMBA_2_2 (This used to be commit 5e381abbbfaa15f3ebd89cba3cd9bb6de8e4ff4e) --- source3/rpc_server/srv_spoolss.c | 4 ---- source3/rpc_server/srv_spoolss_nt.c | 8 +------- 2 files changed, 1 insertion(+), 11 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c index e6c152c668..c7dc5d27ff 100755 --- a/source3/rpc_server/srv_spoolss.c +++ b/source3/rpc_server/srv_spoolss.c @@ -1451,11 +1451,7 @@ struct api_struct api_spoolss_cmds[] = {"SPOOLSS_SETPRINTERDATAEX", SPOOLSS_SETPRINTERDATAEX, api_spoolss_setprinterdataex }, {"SPOOLSS_ENUMPRINTERKEY", SPOOLSS_ENUMPRINTERKEY, api_spoolss_enumprinterkey }, {"SPOOLSS_ENUMPRINTERDATAEX", SPOOLSS_ENUMPRINTERDATAEX, api_spoolss_enumprinterdataex }, -#if 0 - /* Disabled because it doesn't fix the bug I am looking at but it would be - a shame to throw away the code. -tpot */ {"SPOOLSS_GETPRINTPROCESSORDIRECTORY",SPOOLSS_GETPRINTPROCESSORDIRECTORY,api_spoolss_getprintprocessordirectory}, -#endif { NULL, 0, NULL } }; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 5fa45b0b44..d6ce065548 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -7807,13 +7807,7 @@ static WERROR getprintprocessordirectory_level_1(UNISTR2 *name, if((info=(PRINTPROCESSOR_DIRECTORY_1 *)malloc(sizeof(PRINTPROCESSOR_DIRECTORY_1))) == NULL) return WERR_NOMEM; - /* Not sure what to return here - are UNC names valid here?. - Windows returns the string: C:\WINNT\System32\spool\PRTPROCS\W32X86 - which is pretty bogus for a RPC. */ - - slprintf(path, sizeof(path)-1, "\\\\%s\\print$\\%s", get_called_name(), short_archi); - - DEBUG(4,("print processor directory: [%s]\n", path)); + pstrcpy(path, "C:\\WINNT\\System32\\spool\\PRTPROCS\\W32X86"); fill_printprocessordirectory_1(info, path); -- cgit From 569fa9b3dd31b72b35e224ffffe65715a858b7c3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 Apr 2002 02:16:48 +0000 Subject: Fix for a bug Jerry found with printing where a smbd connection may be idled even with an open pipe. Jeremy. (This used to be commit 3a93c5daeca3edd4f319199c8a6068d25cb6750e) --- source3/rpc_server/srv_pipe_hnd.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index 44dd5fac65..4b20ee5558 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -240,6 +240,9 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name, for (p_it = Pipes; p_it; p_it = p_it->next) DEBUG(5,("open pipes: name %s pnum=%x\n", p_it->name, p_it->pnum)); + /* Ensure the connection isn't idled whilst this pipe is open. */ + conn->num_files_open++; + return chain_p; } @@ -1055,7 +1058,9 @@ BOOL close_rpc_pipe_hnd(smb_np_struct *p) ZERO_STRUCTP(p); SAFE_FREE(p); - + + conn->num_files_open--; + return True; } -- cgit From fd99accdb55ea7e6be8f61155efad88c9d5edaf6 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 Apr 2002 18:34:52 +0000 Subject: Fix my stupid compile bug in num_files_open. Jeremy. (This used to be commit 7c02db7c4f0d04b7c45a9c580f3e85f52fa505d5) --- source3/rpc_server/srv_pipe_hnd.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index 4b20ee5558..a4a9e85ae4 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -240,9 +240,6 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name, for (p_it = Pipes; p_it; p_it = p_it->next) DEBUG(5,("open pipes: name %s pnum=%x\n", p_it->name, p_it->pnum)); - /* Ensure the connection isn't idled whilst this pipe is open. */ - conn->num_files_open++; - return chain_p; } @@ -301,6 +298,10 @@ static void *make_internal_rpc_pipe_p(char *pipe_name, DLIST_ADD(InternalPipes, p); p->conn = conn; + + /* Ensure the connection isn't idled whilst this pipe is open. */ + p->conn->num_files_open++; + p->vuid = vuid; p->ntlmssp_chal_flags = 0; @@ -1059,8 +1060,6 @@ BOOL close_rpc_pipe_hnd(smb_np_struct *p) SAFE_FREE(p); - conn->num_files_open--; - return True; } @@ -1090,6 +1089,8 @@ static BOOL close_internal_rpc_pipe_hnd(void *np_conn) DLIST_REMOVE(InternalPipes, p); + p->conn->num_files_open--; + ZERO_STRUCTP(p); SAFE_FREE(p); -- cgit From 800185c33f596f071881700543f256f06b1487ac Mon Sep 17 00:00:00 2001 From: Shirish Kalele Date: Thu, 9 May 2002 04:43:05 +0000 Subject: Sync'ing SAMBA_2_2 with HEAD. (This used to be commit d926cc989690684ec4799ebb3a3a01e8d4173de6) --- source3/rpc_server/srv_dfs_nt.c | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c index 4db6c61a3c..5732af7e9a 100644 --- a/source3/rpc_server/srv_dfs_nt.c +++ b/source3/rpc_server/srv_dfs_nt.c @@ -69,10 +69,7 @@ WERROR _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u) pstrcat(altpath, "\\"); pstrcat(altpath, sharename); - if(!create_junction(dfspath, &jn)) - return WERR_DFS_NO_SUCH_SERVER; - - if(get_referred_path(&jn)) + if(get_referred_path(dfspath, &jn, NULL, NULL)) { exists = True; jn.referral_count += 1; @@ -137,16 +134,14 @@ WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u, pstrcpy(altpath, servername); pstrcat(altpath, "\\"); pstrcat(altpath, sharename); + strlower(altpath); } DEBUG(5,("init_reply_dfs_remove: Request to remove %s -> %s\\%s.\n", dfspath, servername, sharename)); - if(!create_junction(dfspath, &jn)) - return WERR_DFS_NO_SUCH_SERVER; - - if(!get_referred_path(&jn)) - return WERR_DFS_NO_SUCH_VOL; + if(!get_referred_path(dfspath, &jn, NULL, NULL)) + return WERR_DFS_NO_SUCH_VOL; /* if no server-share pair given, remove the msdfs link completely */ if(!q_u->ptr_ServerName && !q_u->ptr_ShareName) @@ -158,14 +153,18 @@ WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u, { int i=0; /* compare each referral in the list with the one to remove */ + DEBUG(10,("altpath: .%s. refcnt: %d\n", altpath, jn.referral_count)); for(i=0;ilevel = level; r_u->ptr_ctr = 1; -- cgit From 059da8fb3b7197bd6a9bfe57940a96a2546e63a5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 9 May 2002 19:54:47 +0000 Subject: Merged in printing fixes... There were many missing ! Jeremy (This used to be commit 32fa089adead6ff3279172fd36560f4f9e2aeef0) --- source3/rpc_server/srv_spoolss_nt.c | 112 +++++++++++++++++++++++++++++++++++- 1 file changed, 111 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index d6ce065548..8419152cf2 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -37,6 +37,15 @@ #define PRINTER_HANDLE_IS_PRINTER 0 #define PRINTER_HANDLE_IS_PRINTSERVER 1 +/* Table to map the driver version */ +/* to OS */ +char * drv_ver_to_os[] = { + "WIN9X", /* driver version/cversion 0 */ + "", /* unused ? */ + "WINNT", /* driver version/cversion 2 */ + "WIN2K", /* driver version/cversion 3 */ +}; + struct table_node { char *long_archi; char *short_archi; @@ -759,6 +768,69 @@ static BOOL srv_spoolss_sendnotify(char* printer_name, uint32 high, uint32 low, return True; } +/******************************************************************** + Send a message to ourself about new driver being installed + so we can upgrade the information for each printer bound to this + driver +********************************************************************/ + +static BOOL srv_spoolss_drv_upgrade_printer(char* drivername) +{ + int len = strlen(drivername); + + if (!len) + return False; + + DEBUG(10,("srv_spoolss_drv_upgrade_printer: Sending message about driver upgrade [%s]\n", + drivername)); + + message_send_pid(sys_getpid(), MSG_PRINTER_DRVUPGRADE, drivername, len+1, False); + return True; +} + +/********************************************************************** + callback to receive a MSG_PRINTER_DRVUPGRADE message and interate + over all printers, upgrading ones as neessary +**********************************************************************/ + +void do_drv_upgrade_printer(int msg_type, pid_t src, void *buf, size_t len) +{ + fstring drivername; + int snum; + int n_services = lp_numservices(); + + len = MIN(len,sizeof(drivername)-1); + strncpy(drivername, buf, len); + + DEBUG(10,("do_drv_upgrade_printer: Got message for new driver [%s]\n", drivername )); + + /* Iterate the printer list */ + + for (snum=0; snuminfo_2 && !strcmp(drivername, printer->info_2->drivername)) { + DEBUG(6,("Updating printer [%s]\n", printer->info_2->printername)); + /* all we care about currently is the change_id */ + result = mod_a_printer(*printer, 2); + if (!W_ERROR_IS_OK(result)) { + DEBUG(3,("do_drv_upgrade_printer: mod_a_printer() failed with status [%s]\n", + dos_errstr(result))); + } + } + free_a_printer(&printer, 2); + } + } + + /* all done */ +} + /******************************************************************** Copy routines used by convert_to_openprinterex() *******************************************************************/ @@ -6462,7 +6534,8 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, WERROR err = WERR_OK; NT_PRINTER_DRIVER_INFO_LEVEL driver; struct current_user user; - + fstring driver_name; + ZERO_STRUCT(driver); get_current_user(&user, p); @@ -6489,6 +6562,43 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, goto done; } + /* BEGIN_ADMIN_LOG */ + switch(level) { + case 3: + sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.", + driver.info_3->name,drv_ver_to_os[driver.info_3->cversion],uidtoname(user.uid)); + fstrcpy(driver_name, driver.info_3->name); + break; + case 6: + sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.", + driver.info_6->name,drv_ver_to_os[driver.info_6->version],uidtoname(user.uid)); + fstrcpy(driver_name, driver.info_6->name); + break; + } + /* END_ADMIN_LOG */ + + /* + * I think this is where he DrvUpgradePrinter() hook would be + * be called in a driver's interface DLL on a Windows NT 4.0/2k + * server. Right now, we just need to send ourselves a message + * to update each printer bound to this driver. --jerry + */ + + if (!srv_spoolss_drv_upgrade_printer(driver_name)) { + DEBUG(0,("_spoolss_addprinterdriver: Failed to send message about upgrading driver [%s]!\n", + driver_name)); + } + + /* if driver is not 9x, delete existing driver init data */ + + if ((level == 3 && driver.info_3->cversion != 0) || + (level == 6 && driver.info_6->version != 0)) { + if (!del_driver_init(driver_name)) + DEBUG(3,("_spoolss_addprinterdriver: del_driver_init(%s) failed!\n", driver_name)); + } else { + DEBUG(10,("_spoolss_addprinterdriver: init data not deleted for 9x driver [%s]\n", driver_name)); + } + done: free_a_printer_driver(driver, level); return err; -- cgit From 2586abb599c7266f1c2a729ddd1b75b55ec51bc7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 10 May 2002 01:15:36 +0000 Subject: Fix the bug that refused to allow IPC$ connection to be idled if a pipe was open - we now only refuse to allow IPC$ connection to be idled if a handle is open on a pipe. Jeremy. (This used to be commit fc043110bc42d56c8686b9b64c46af7be2fd236e) --- source3/rpc_server/srv_lsa_hnd.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index 84c3c5a959..62af0ecac8 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -134,6 +134,14 @@ BOOL create_policy_hnd(pipes_struct *p, POLICY_HND *hnd, void (*free_fn)(void *) DLIST_ADD(p->pipe_handles->Policy, pol); p->pipe_handles->count++; + /* + * Ensure we don't idle this connection if a handle is open. + * Increment the number of files open on the first handle create. + */ + + if (p->pipe_handles->count == 1) + p->conn->num_files_open++; + *hnd = pol->pol_hnd; DEBUG(4,("Opened policy hnd[%d] ", (int)p->pipe_handles->count)); @@ -201,6 +209,15 @@ BOOL close_policy_hnd(pipes_struct *p, POLICY_HND *hnd) p->pipe_handles->count--; + /* + * Ensure we can idle this connection if this is the last handle. + * Decrement the number of files open on the last handle delete. + */ + + if (p->pipe_handles->count == 0) + p->conn->num_files_open--; + + DLIST_REMOVE(p->pipe_handles->Policy, pol); ZERO_STRUCTP(pol); -- cgit From 3fe27b7f9df7d2bb2f7799fd46b79928f0e614b0 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 17 May 2002 13:49:01 +0000 Subject: A few more trusted domains updates from mimir. I think we may still need to look at our server enumeration code, but other than that, its much better in the tree than out. Andrew Bartlett (This used to be commit d57a1b4629d12a0374cc6d74dfc6f5d4793fcef8) --- source3/rpc_server/srv_lsa_nt.c | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index c564323803..c4adc26360 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -3,8 +3,9 @@ * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-1997, * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, - * Copyright (C) Paul Ashton 1997. - * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Paul Ashton 1997, + * Copyright (C) Jeremy Allison 2001, + * Copyright (C) Rafal Szczesniak 2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -423,8 +424,12 @@ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_E { struct lsa_info *info; uint32 enum_context = q_u->enum_context; - /* it's set to 10 as a "our" preferred length */ - uint32 max_num_domains = q_u->preferred_len < 10 ? q_u->preferred_len : 10; + + /* + * preferred length is set to 5 as a "our" preferred length + * nt sets this parameter to 2 + */ + uint32 max_num_domains = q_u->preferred_len < 5 ? q_u->preferred_len : 10; TRUSTDOM **trust_doms; uint32 num_domains; NTSTATUS nt_status; @@ -436,9 +441,14 @@ NTSTATUS _lsa_enum_trust_dom(pipes_struct *p, LSA_Q_ENUM_TRUST_DOM *q_u, LSA_R_E if (!(info->access & POLICY_VIEW_LOCAL_INFORMATION)) return NT_STATUS_ACCESS_DENIED; - nt_status = secrets_get_trusted_domains(p->mem_ctx, enum_context, max_num_domains, &num_domains, &trust_doms); - if (!NT_STATUS_IS_OK(nt_status)) { + nt_status = secrets_get_trusted_domains(p->mem_ctx, &enum_context, max_num_domains, &num_domains, &trust_doms); + + if (!NT_STATUS_IS_OK(nt_status) && + !NT_STATUS_EQUAL(nt_status, STATUS_MORE_ENTRIES) && + !NT_STATUS_EQUAL(nt_status, NT_STATUS_NO_MORE_ENTRIES)) { return nt_status; + } else { + r_u->status = nt_status; } /* set up the lsa_enum_trust_dom response */ -- cgit From 58e1fe62cc955c6b8449332447a6879c6fab64e7 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 18 May 2002 05:52:52 +0000 Subject: A few things in this commit: cleanup some of the code in net_rpc_join re const warnings and fstrings. Passdb: Make the %u and %U substituions in passdb work. This is done by declaring these paramters to be 'const' and doing the substitution manually. I'm told this is us going full circle, but I can't really see a better way. Finally these things actually seem to work properly... Make the lanman code use the pdb's recorded values for homedir etc rather than the values from lp_*() Add code to set the plaintext password in the passdb, where it can decide how to store/set it. For use with a future 'ldap password change' option, or somthing like that... Add pdb_unix, so as to remove the 'not in passdb' special cases from the local_lookup_*() code. Quite small, as it uses the new 'struct passwd -> SAM_ACCOUNT' code that is now in just one place. (also used by pdb_smbpasswd) Other: Fix up the adding of [homes] at session setup time to actually pass the right string, that is the unix homedir, not the UNC path. Fix up [homes] so that for winbind users is picks the correct name. (bad interactions with the default domain code previously) Change the rpc_server/srv_lsa_nt.c code to match NT when for the SATUS_NONE_MAPPED reply: This was only being triggered on no queries, now it is on the 'no mappings' (ie all mappings failed). Checked against Win2k. Policy Question: Should SID -> unix_user.234/unix_group.364 be considered a mapping or not? Currently it isn't. Andrew Bartlett (This used to be commit c28668068b5a3b3cf3c4317e5fb32ec9957f3e34) --- source3/rpc_server/srv_lsa_nt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index c4adc26360..a5e3f5003c 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -259,6 +259,8 @@ static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME if (!status) { sid_name_use = SID_NAME_UNKNOWN; + } else { + (*mapped_count)++; } /* Store domain sid in ref array */ @@ -272,8 +274,6 @@ static void init_lsa_trans_names(TALLOC_CTX *ctx, DOM_R_REF *ref, LSA_TRANS_NAME DEBUG(10,("init_lsa_trans_names: added user '%s\\%s' to " "referenced list.\n", dom_name, name )); - (*mapped_count)++; - init_lsa_trans_name(&trn->name[total], &trn->uni_name[total], sid_name_use, name, dom_idx); total++; -- cgit From d4dac178df1ff7dba83e3adddb55770b0b26e530 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 18 May 2002 09:06:23 +0000 Subject: Passdb: Kill off the silly code that attempts to do NT -> Unix username mapping. This is done well before here, no need to repeat it. Add some small fixes and extra debugs, trying to track down current build farm failures. pdb_unix: When 'updating' a pdb_unix account, instead add it to the default passdb. This means that you don't need to specify '-a' to smbpasswd any more when messing with an existing unix user, the account is simply 'upgraded'. The idea here is that these accounts are just as 'real' as any other, they just don't have the extra attributes an smbpasswd file does. I'm open for debate on the pdb_unix issue, and will remove it if given good reason. (without this, an attempt to add an account already in pdb_unix to smbpasswd would fail, as it would fail to update pdb_unix). rpc_server/srv_netlog_nt.c Change a couple of things around, so as to show the client workstation etc. WRONG_PASSWORD is certainly not the right default error. Try ACCESS_DENIED for now. Andrew Bartlett (This used to be commit d78b74b338df9accd9ad84c56a49fa4f787425e2) --- source3/rpc_server/srv_netlog_nt.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index bdb064c81d..21ad86b0dc 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -150,7 +150,7 @@ NTSTATUS _net_trust_dom_list(pipes_struct *p, NET_Q_TRUST_DOM_LIST *q_u, NET_R_T ***********************************************************************************/ static void init_net_r_srv_pwset(NET_R_SRV_PWSET *r_s, - DOM_CRED *srv_cred, NTSTATUS status) + DOM_CRED *srv_cred, NTSTATUS status) { DEBUG(5,("init_net_r_srv_pwset: %d\n", __LINE__)); @@ -378,7 +378,7 @@ NTSTATUS _net_auth_2(pipes_struct *p, NET_Q_AUTH_2 *q_u, NET_R_AUTH_2 *r_u) NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET *r_u) { - NTSTATUS status = NT_STATUS_WRONG_PASSWORD; + NTSTATUS status = NT_STATUS_ACCESS_DENIED; DOM_CRED srv_cred; pstring workstation; SAM_ACCOUNT *sampass=NULL; @@ -395,8 +395,8 @@ NTSTATUS _net_srv_pwset(pipes_struct *p, NET_Q_SRV_PWSET *q_u, NET_R_SRV_PWSET * DEBUG(5,("_net_srv_pwset: %d\n", __LINE__)); - rpcstr_pull(workstation,q_u->clnt_id.login.uni_acct_name.buffer, - sizeof(workstation),q_u->clnt_id.login.uni_acct_name.uni_str_len*2,0); + rpcstr_pull(workstation,q_u->clnt_id.login.uni_comp_name.buffer, + sizeof(workstation),q_u->clnt_id.login.uni_comp_name.uni_str_len*2,0); DEBUG(3,("Server Password Set by Wksta:[%s] on account [%s]\n", workstation, p->dc.mach_acct)); -- cgit From b8618865df8adbd9d22c6a2a61be8ed373a75aa4 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Sun, 19 May 2002 12:06:45 +0000 Subject: Patch to only set SV_TYPE_PRINTQ_SERVER in default_server_announce if a print share is exported. Needs some more testing. (This used to be commit 92b36482fd6aa5103c30dad40fe799c07dd2d8d7) --- source3/rpc_server/srv_spoolss_nt.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 8419152cf2..c4a8d3917c 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -4848,6 +4848,9 @@ static BOOL add_printer_hook(NT_PRINTER_INFO_LEVEL *printer) } file_lines_free(qlines); + + update_server_announce_as_printserver(); + return True; } -- cgit From b87eee983612c0d21b0c6f1346ba15ace797fe9e Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 22 May 2002 12:44:45 +0000 Subject: Add a bit more const, and kill of (finally!) sys_getpwnam and sys_getpwuid. These might be reimplmented as simple pass-through functions, but all users really should be doing 'getpwnam_alloc' or 'getpwuid_alloc' to ensure that there are not shared static buffers. I don't beleive we actually need a getpw*() cache inside samba - if we do then I think we should look at our code design first. (some of these changes are for platforms I don't have access to, but they look sane) Andrew Bartlett (This used to be commit 9d8431b04f41dceffe4c45cc969472ee59f7282f) --- source3/rpc_server/srv_samr_nt.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 106d7c1923..6a623bd2a0 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2935,8 +2935,11 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD pdb_free_sam(&sam_user); - if ((pwd=getpwuid(uid)) == NULL) + if ((pwd=getpwuid_alloc(uid)) == NULL) { return NT_STATUS_NO_SUCH_USER; + } else { + passwd_free(&pwd); + } if ((grp=getgrgid(map.gid)) == NULL) return NT_STATUS_NO_SUCH_ALIAS; @@ -3076,8 +3079,11 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD pdb_free_sam(&sam_user); - if ((pwd=getpwuid(uid)) == NULL) + if ((pwd=getpwuid_alloc(uid)) == NULL) { return NT_STATUS_NO_SUCH_USER; + } else { + passwd_free(&pwd); + } if ((grp=getgrgid(map.gid)) == NULL) return NT_STATUS_NO_SUCH_GROUP; -- cgit From 5b76d846f87fa138e64e0526925bad5a4a51a263 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 24 May 2002 16:27:54 +0000 Subject: merge from SAMBA_2_2. Tim, please check the prs_align() removed from sec_io_desc() and make sure it doesn't break anything else. I know it is right for the printing needs and I have tested some other general things like viewing acls on directories, but I would feel more comfortable if you would have a look as well. jerry (This used to be commit 83f109c940f30d9b35176540d8bdccbb22ffa3a1) --- source3/rpc_server/srv_spoolss_nt.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index c4a8d3917c..3f86768379 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1510,7 +1510,11 @@ static BOOL getprinterdata_printer_server(TALLOC_CTX *ctx, fstring value, uint32 *type = 0x4; if((*data = (uint8 *)talloc(ctx, 4*sizeof(uint8) )) == NULL) return False; +#ifndef EMULATE_WIN2K_HACK /* JERRY */ SIVAL(*data, 0, 2); +#else + SIVAL(*data, 0, 3); +#endif *needed = 0x4; return True; } @@ -3004,7 +3008,7 @@ static BOOL construct_printer_info_0(PRINTER_INFO_0 *printer, int snum) printer->global_counter = global_counter; printer->total_pages = 0; -#if 0 /* JERRY */ +#ifndef EMULATE_WIN2K_HACK /* JERRY */ printer->major_version = 0x0004; /* NT 4 */ printer->build_version = 0x0565; /* build 1381 */ #else @@ -5257,8 +5261,6 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, if (!strequal(printer->info_2->location, old_printer->info_2->location)) msg.flags |= PRINTER_MESSAGE_LOCATION; - ZERO_STRUCT(msg); - msg.low = PRINTER_CHANGE_ADD_PRINTER; fstrcpy(msg.printer_name, printer->info_2->printername); -- cgit From 73bc5782d4832b05379f539057fba8bf510a9ee9 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 24 May 2002 19:17:27 +0000 Subject: merge from SAMBA_2_2 (This used to be commit f0226a1d836b69d179a1a2eda79fa26911b78096) --- source3/rpc_server/srv_spoolss_nt.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 3f86768379..1a436f8c7c 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1103,7 +1103,9 @@ Can't find printer handle we created for printer %s\n", name )); printer_default->access_required = PRINTER_ACCESS_USE; } - if (!print_access_check(&user, snum, printer_default->access_required)) { + /* check smb.conf parameters and the the sec_desc */ + + if (!user_ok(uidtoname(user.uid), snum) || !print_access_check(&user, snum, printer_default->access_required)) { DEBUG(3, ("access DENIED for printer open\n")); close_printer_handle(p, handle); return WERR_ACCESS_DENIED; -- cgit From 20efe2fe6cbc4b5cf861a3296e29f5495637f79c Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 25 May 2002 07:37:44 +0000 Subject: Clean up a few unused functions, add a bit of static etc. Importantly: The removal of the silly 'delete user script' behaviour when secuity=domain. I have left the name the same - as it still does the (previously documented, but not in smb.conf(5)) sane behaviour of deleting users on request. When we decide what to do with the 'add user' functionality, we might rename it. Andrew Bartlett (This used to be commit cdcfe3671eb7570e15649b77f708e6579055e7bc) --- source3/rpc_server/srv_samr_nt.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 6a623bd2a0..c889581fae 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3174,6 +3174,24 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE } +/**************************************************************************** + Delete a UNIX user on demand. +****************************************************************************/ + +static int smb_delete_user(const char *unix_user) +{ + pstring del_script; + int ret; + + pstrcpy(del_script, lp_deluser_script()); + if (! *del_script) + return -1; + all_string_sub(del_script, "%u", unix_user, sizeof(pstring)); + ret = smbrun(del_script,NULL); + DEBUG(3,("smb_delete_user: Running the command `%s' gave %d\n",del_script,ret)); + return ret; +} + /********************************************************************* _samr_delete_dom_user *********************************************************************/ -- cgit From a27a0e01e2f0c48a4a8d84b17693390a268310f8 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 26 May 2002 19:11:52 +0000 Subject: change: pdb_getsampwrid() ->pdb_getsampwsid() passdb interface change, now the passdb modules will be asked for SID not for rid, the modules have been updated with a passthrough function that calls the old getsampwrid() functions. srv_samr_nt.c functions that made use of the pdb_getsampwrid funcion has been updated to use the SID one. (This used to be commit f5c6496c33fa7f5c2826540ffb4a49d8a5790fb3) --- source3/rpc_server/srv_samr_nt.c | 135 +++++++++++++++++---------------------- source3/rpc_server/srv_util.c | 8 ++- 2 files changed, 64 insertions(+), 79 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index c889581fae..7c16bc7128 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -1390,7 +1390,6 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN SAM_ACCOUNT *sampass=NULL; DOM_SID sid; POLICY_HND domain_pol = q_u->domain_pol; - uint32 user_rid = q_u->user_rid; POLICY_HND *user_pol = &r_u->user_pol; struct samr_info *info = NULL; BOOL ret; @@ -1401,13 +1400,21 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN if (!find_policy_by_hnd(p, &domain_pol, NULL)) return NT_STATUS_INVALID_HANDLE; + /* Get the domain SID stored in the domain policy */ + if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid)) + return NT_STATUS_INVALID_HANDLE; + + /* append the user's RID to it */ + if(!sid_append_rid(&sid, q_u->user_rid)) + return NT_STATUS_NO_SUCH_USER; + pdb_init_sam(&sampass); become_root(); - ret=pdb_getsampwrid(sampass, user_rid); + ret=pdb_getsampwsid(sampass, &sid); unbecome_root(); - /* check that the RID exists in our domain. */ + /* check that the SID exists in our domain. */ if (ret == False) { pdb_free_sam(&sampass); return NT_STATUS_NO_SUCH_USER; @@ -1415,14 +1422,6 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN pdb_free_sam(&sampass); - /* Get the domain SID stored in the domain policy */ - if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid)) - return NT_STATUS_INVALID_HANDLE; - - /* append the user's RID to it */ - if(!sid_append_rid(&sid, user_rid)) - return NT_STATUS_NO_SUCH_USER; - /* associate the user's SID with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) return NT_STATUS_NO_MEMORY; @@ -1438,7 +1437,7 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN get_user_info_10. Safe. Only gives out acb bits. *************************************************************************/ -static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid) +static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, DOM_SID *user_sid) { SAM_ACCOUNT *smbpass=NULL; BOOL ret; @@ -1446,11 +1445,11 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid) pdb_init_sam(&smbpass); become_root(); - ret = pdb_getsampwrid(smbpass, user_rid); + ret = pdb_getsampwsid(smbpass, user_sid); unbecome_root(); if (ret==False) { - DEBUG(4,("User 0x%x not found\n", user_rid)); + DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); pdb_free_sam(&smbpass); return False; } @@ -1471,7 +1470,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, uint32 user_rid) user. JRA. *************************************************************************/ -static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint32 user_rid) +static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, DOM_SID *user_sid) { SAM_ACCOUNT *smbpass=NULL; BOOL ret; @@ -1487,10 +1486,10 @@ static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint3 */ pdb_init_sam(&smbpass); - ret = pdb_getsampwrid(smbpass, user_rid); + ret = pdb_getsampwsid(smbpass, user_sid); if (ret == False) { - DEBUG(4, ("User 0x%x not found\n", user_rid)); + DEBUG(4, ("User %s not found\n", sid_string_static(user_sid))); pdb_free_sam(&smbpass); return (geteuid() == (uid_t)0) ? NT_STATUS_NO_SUCH_USER : NT_STATUS_ACCESS_DENIED; } @@ -1514,7 +1513,7 @@ static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, uint3 get_user_info_20 *************************************************************************/ -static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid) +static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, DOM_SID *user_sid) { SAM_ACCOUNT *sampass=NULL; BOOL ret; @@ -1522,11 +1521,11 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid) pdb_init_sam(&sampass); become_root(); - ret = pdb_getsampwrid(sampass, user_rid); + ret = pdb_getsampwsid(sampass, user_sid); unbecome_root(); if (ret == False) { - DEBUG(4,("User 0x%x not found\n", user_rid)); + DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); pdb_free_sam(&sampass); return False; } @@ -1547,7 +1546,7 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, uint32 user_rid) get_user_info_21 *************************************************************************/ -static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid) +static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, DOM_SID *user_sid) { SAM_ACCOUNT *sampass=NULL; BOOL ret; @@ -1555,11 +1554,11 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid) pdb_init_sam(&sampass); become_root(); - ret = pdb_getsampwrid(sampass, user_rid); + ret = pdb_getsampwsid(sampass, user_sid); unbecome_root(); if (ret == False) { - DEBUG(4,("User 0x%x not found\n", user_rid)); + DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); pdb_free_sam(&sampass); return False; } @@ -1583,7 +1582,6 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, uint32 user_rid) NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_R_QUERY_USERINFO *r_u) { SAM_USERINFO_CTR *ctr; - uint32 rid = 0; struct samr_info *info = NULL; r_u->status=NT_STATUS_OK; @@ -1595,9 +1593,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ if (!sid_check_is_in_our_domain(&info->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; - sid_peek_rid(&info->sid, &rid); - - DEBUG(5,("_samr_query_userinfo: rid:0x%x\n", rid)); + DEBUG(5,("_samr_query_userinfo: sid:%s\n", sid_string_static(&info->sid))); ctr = (SAM_USERINFO_CTR *)talloc_zero(p->mem_ctx, sizeof(SAM_USERINFO_CTR)); if (!ctr) @@ -1614,7 +1610,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ if (ctr->info.id10 == NULL) return NT_STATUS_NO_MEMORY; - if (!get_user_info_10(ctr->info.id10, rid)) + if (!get_user_info_10(ctr->info.id10, &info->sid)) return NT_STATUS_NO_SUCH_USER; break; @@ -1649,7 +1645,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ if (ctr->info.id12 == NULL) return NT_STATUS_NO_MEMORY; - if (NT_STATUS_IS_ERR(r_u->status = get_user_info_12(p, ctr->info.id12, rid))) + if (NT_STATUS_IS_ERR(r_u->status = get_user_info_12(p, ctr->info.id12, &info->sid))) return r_u->status; break; @@ -1657,7 +1653,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ ctr->info.id20 = (SAM_USER_INFO_20 *)talloc_zero(p->mem_ctx,sizeof(SAM_USER_INFO_20)); if (ctr->info.id20 == NULL) return NT_STATUS_NO_MEMORY; - if (!get_user_info_20(ctr->info.id20, rid)) + if (!get_user_info_20(ctr->info.id20, &info->sid)) return NT_STATUS_NO_SUCH_USER; break; @@ -1665,7 +1661,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ ctr->info.id21 = (SAM_USER_INFO_21 *)talloc_zero(p->mem_ctx,sizeof(SAM_USER_INFO_21)); if (ctr->info.id21 == NULL) return NT_STATUS_NO_MEMORY; - if (!get_user_info_21(ctr->info.id21, rid)) + if (!get_user_info_21(ctr->info.id21, &info->sid)) return NT_STATUS_NO_SUCH_USER; break; @@ -1689,7 +1685,6 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S SAM_ACCOUNT *sam_pass=NULL; DOM_GID *gids = NULL; int num_groups = 0; - uint32 rid; struct samr_info *info = NULL; BOOL ret; @@ -1716,12 +1711,10 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S if (!sid_check_is_in_our_domain(&info->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; - sid_peek_rid(&info->sid, &rid); - pdb_init_sam(&sam_pass); become_root(); - ret = pdb_getsampwrid(sam_pass, rid); + ret = pdb_getsampwsid(sam_pass, &info->sid); unbecome_root(); if (ret == False) { @@ -2223,14 +2216,14 @@ NTSTATUS _api_samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OP set_user_info_10 ********************************************************************/ -static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid) +static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, DOM_SID *sid) { SAM_ACCOUNT *pwd =NULL; BOOL ret; pdb_init_sam(&pwd); - ret = pdb_getsampwrid(pwd, rid); + ret = pdb_getsampwsid(pwd, sid); if(ret==False) { pdb_free_sam(&pwd); @@ -2262,13 +2255,13 @@ static BOOL set_user_info_10(const SAM_USER_INFO_10 *id10, uint32 rid) set_user_info_12 ********************************************************************/ -static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid) +static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, DOM_SID *sid) { SAM_ACCOUNT *pwd = NULL; pdb_init_sam(&pwd); - if(!pdb_getsampwrid(pwd, rid)) { + if(!pdb_getsampwsid(pwd, sid)) { pdb_free_sam(&pwd); return False; } @@ -2305,7 +2298,7 @@ static BOOL set_user_info_12(SAM_USER_INFO_12 *id12, uint32 rid) set_user_info_21 ********************************************************************/ -static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) +static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, DOM_SID *sid) { SAM_ACCOUNT *pwd = NULL; @@ -2316,7 +2309,7 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) pdb_init_sam(&pwd); - if (!pdb_getsampwrid(pwd, rid)) { + if (!pdb_getsampwsid(pwd, sid)) { pdb_free_sam(&pwd); return False; } @@ -2345,7 +2338,7 @@ static BOOL set_user_info_21(SAM_USER_INFO_21 *id21, uint32 rid) set_user_info_23 ********************************************************************/ -static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) +static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, DOM_SID *sid) { SAM_ACCOUNT *pwd = NULL; pstring plaintext_buf; @@ -2359,7 +2352,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) pdb_init_sam(&pwd); - if (!pdb_getsampwrid(pwd, rid)) { + if (!pdb_getsampwsid(pwd, sid)) { pdb_free_sam(&pwd); return False; } @@ -2412,7 +2405,7 @@ static BOOL set_user_info_23(SAM_USER_INFO_23 *id23, uint32 rid) set_user_info_pw ********************************************************************/ -static BOOL set_user_info_pw(char *pass, uint32 rid) +static BOOL set_user_info_pw(char *pass, DOM_SID *sid) { SAM_ACCOUNT *pwd = NULL; uint32 len; @@ -2421,7 +2414,7 @@ static BOOL set_user_info_pw(char *pass, uint32 rid) pdb_init_sam(&pwd); - if (!pdb_getsampwrid(pwd, rid)) { + if (!pdb_getsampwsid(pwd, sid)) { pdb_free_sam(&pwd); return False; } @@ -2480,7 +2473,6 @@ static BOOL set_user_info_pw(char *pass, uint32 rid) NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SET_USERINFO *r_u) { - uint32 rid = 0x0; DOM_SID sid; POLICY_HND *pol = &q_u->pol; uint16 switch_value = q_u->switch_value; @@ -2494,9 +2486,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE if (!get_lsa_policy_samr_sid(p, pol, &sid)) return NT_STATUS_INVALID_HANDLE; - sid_split_rid(&sid, &rid); - - DEBUG(5, ("_samr_set_userinfo: rid:0x%x, level:%d\n", rid, switch_value)); + DEBUG(5, ("_samr_set_userinfo: sid:%s, level:%d\n", sid_string_static(&sid), switch_value)); if (ctr == NULL) { DEBUG(5, ("_samr_set_userinfo: NULL info level\n")); @@ -2506,7 +2496,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE /* ok! user info levels (lots: see MSDEV help), off we go... */ switch (switch_value) { case 0x12: - if (!set_user_info_12(ctr->info.id12, rid)) + if (!set_user_info_12(ctr->info.id12, &sid)) return NT_STATUS_ACCESS_DENIED; break; @@ -2515,7 +2505,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE dump_data(100, (char *)ctr->info.id24->pass, 516); - if (!set_user_info_pw((char *)ctr->info.id24->pass, rid)) + if (!set_user_info_pw((char *)ctr->info.id24->pass, &sid)) return NT_STATUS_ACCESS_DENIED; break; @@ -2533,7 +2523,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE dump_data(100, (char *)ctr->info.id25->pass, 532); - if (!set_user_info_pw(ctr->info.id25->pass, rid)) + if (!set_user_info_pw(ctr->info.id25->pass, &sid)) return NT_STATUS_ACCESS_DENIED; break; #endif @@ -2544,7 +2534,7 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE dump_data(100, (char *)ctr->info.id23->pass, 516); - if (!set_user_info_23(ctr->info.id23, rid)) + if (!set_user_info_23(ctr->info.id23, &sid)) return NT_STATUS_ACCESS_DENIED; break; @@ -2562,7 +2552,6 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_SET_USERINFO2 *r_u) { DOM_SID sid; - uint32 rid = 0x0; SAM_USERINFO_CTR *ctr = q_u->ctr; POLICY_HND *pol = &q_u->pol; uint16 switch_value = q_u->switch_value; @@ -2575,9 +2564,7 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ if (!get_lsa_policy_samr_sid(p, pol, &sid)) return NT_STATUS_INVALID_HANDLE; - sid_split_rid(&sid, &rid); - - DEBUG(5, ("samr_reply_set_userinfo2: rid:0x%x\n", rid)); + DEBUG(5, ("samr_reply_set_userinfo2: sid:%s\n", sid_string_static(&sid))); if (ctr == NULL) { DEBUG(5, ("samr_reply_set_userinfo2: NULL info level\n")); @@ -2589,16 +2576,16 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ /* ok! user info levels (lots: see MSDEV help), off we go... */ switch (switch_value) { case 21: - if (!set_user_info_21(ctr->info.id21, rid)) + if (!set_user_info_21(ctr->info.id21, &sid)) return NT_STATUS_ACCESS_DENIED; break; case 16: - if (!set_user_info_10(ctr->info.id10, rid)) + if (!set_user_info_10(ctr->info.id10, &sid)) return NT_STATUS_ACCESS_DENIED; break; case 18: /* Used by AS/U JRA. */ - if (!set_user_info_12(ctr->info.id12, rid)) + if (!set_user_info_12(ctr->info.id12, &sid)) return NT_STATUS_ACCESS_DENIED; break; default: @@ -2886,7 +2873,6 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD struct passwd *pwd; struct group *grp; fstring grp_name; - uint32 rid; GROUP_MAP map; NTSTATUS ret; SAM_ACCOUNT *sam_user = NULL; @@ -2914,13 +2900,11 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD return NT_STATUS_NO_SUCH_ALIAS; } - sid_split_rid(&q_u->sid.sid, &rid); - ret = pdb_init_sam(&sam_user); if (NT_STATUS_IS_ERR(ret)) return ret; - check = pdb_getsampwrid(sam_user, rid); + check = pdb_getsampwsid(sam_user, &q_u->sid.sid); if (check != True) { pdb_free_sam(&sam_user); @@ -2974,7 +2958,6 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE fstring alias_sid_str; struct group *grp; fstring grp_name; - uint32 rid; GROUP_MAP map; SAM_ACCOUNT *sam_pass=NULL; @@ -3000,11 +2983,9 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE /* we need to copy the name otherwise it's overloaded in user_in_group_list */ fstrcpy(grp_name, grp->gr_name); - sid_peek_rid(&q_u->sid.sid, &rid); - /* check if the user exists before trying to remove it from the group */ pdb_init_sam(&sam_pass); - if(!pdb_getsampwrid(sam_pass, rid)) { + if(!pdb_getsampwsid(sam_pass, &q_u->sid.sid)) { DEBUG(5,("_samr_del_aliasmem:User %s doesn't exist.\n", pdb_get_username(sam_pass))); pdb_free_sam(&sam_pass); return NT_STATUS_NO_SUCH_USER; @@ -3035,6 +3016,7 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_ADD_GROUPMEM *r_u) { DOM_SID group_sid; + DOM_SID user_sid; fstring group_sid_str; struct passwd *pwd; struct group *grp; @@ -3060,11 +3042,14 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD if(!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_GROUP; + sid_copy(&user_sid, &global_sam_sid); + sid_append_rid(&user_sid, q_u->rid); + ret = pdb_init_sam(&sam_user); if (NT_STATUS_IS_ERR(ret)) return ret; - check = pdb_getsampwrid(sam_user, q_u->rid); + check = pdb_getsampwsid(sam_user, &user_sid); if (check != True) { pdb_free_sam(&sam_user); @@ -3117,8 +3102,8 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DEL_GROUPMEM *r_u) { DOM_SID group_sid; + DOM_SID user_sid; SAM_ACCOUNT *sam_pass=NULL; - uint32 rid; GROUP_MAP map; fstring grp_name; struct group *grp; @@ -3136,7 +3121,8 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE if(!sid_check_is_in_our_domain(&group_sid)) return NT_STATUS_NO_SUCH_GROUP; - rid=q_u->rid; + sid_copy(&user_sid, &global_sam_sid); + sid_append_rid(&user_sid, q_u->rid); if(!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_GROUP; @@ -3149,7 +3135,7 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE /* check if the user exists before trying to remove it from the group */ pdb_init_sam(&sam_pass); - if(!pdb_getsampwrid(sam_pass, rid)) { + if(!pdb_getsampwsid(sam_pass, &user_sid)) { DEBUG(5,("User %s doesn't exist.\n", pdb_get_username(sam_pass))); pdb_free_sam(&sam_pass); return NT_STATUS_NO_SUCH_USER; @@ -3200,7 +3186,6 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM { DOM_SID user_sid; SAM_ACCOUNT *sam_pass=NULL; - uint32 rid; DEBUG(5, ("_samr_delete_dom_user: %d\n", __LINE__)); @@ -3211,11 +3196,9 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM if (!sid_check_is_in_our_domain(&user_sid)) return NT_STATUS_CANNOT_DELETE; - sid_peek_rid(&user_sid, &rid); - /* check if the user exists before trying to delete */ pdb_init_sam(&sam_pass); - if(!pdb_getsampwrid(sam_pass, rid)) { + if(!pdb_getsampwsid(sam_pass, &user_sid)) { DEBUG(5,("_samr_delete_dom_user:User %s doesn't exist.\n", pdb_get_username(sam_pass))); pdb_free_sam(&sam_pass); return NT_STATUS_NO_SUCH_USER; diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 53bbebb95e..af653ba0e8 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -114,11 +114,9 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui DEBUG(10,("get_alias_user_groups: looking if SID %s is a member of groups in the SID domain %s\n", sid_to_string(str_qsid, q_sid), sid_to_string(str_domsid, sid))); - sid_peek_rid(q_sid, &rid); - pdb_init_sam(&sam_pass); become_root(); - ret = pdb_getsampwrid(sam_pass, rid); + ret = pdb_getsampwsid(sam_pass, q_sid); unbecome_root(); if (ret == False) { pdb_free_sam(&sam_pass); @@ -404,6 +402,8 @@ NTSTATUS local_lookup_alias_name(uint32 rid, char *alias_name, uint32 *type) return NT_STATUS_NONE_MAPPED; } + +#if 0 /*Nobody uses this function just now*/ /******************************************************************* Look up a local user rid and return a name and type. ********************************************************************/ @@ -448,6 +448,8 @@ NTSTATUS local_lookup_user_name(uint32 rid, char *user_name, uint32 *type) return NT_STATUS_NONE_MAPPED; } +#endif + /******************************************************************* Look up a local (domain) group name and return a rid ********************************************************************/ -- cgit From 43b35364ffda5c779452fb41c015b280fefc6ab6 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Wed, 29 May 2002 00:49:26 +0000 Subject: Cleaned up srvsvc constants a bit. (This used to be commit ca61f68d5ca8791bea34732bd358cfb63273fc5c) --- source3/rpc_server/srv_srvsvc.c | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c index ee4ec8aa0a..b09df1e204 100644 --- a/source3/rpc_server/srv_srvsvc.c +++ b/source3/rpc_server/srv_srvsvc.c @@ -494,23 +494,23 @@ static BOOL api_srv_net_file_set_secdesc(pipes_struct *p) struct api_struct api_srv_cmds[] = { - { "SRV_NETCONNENUM" , SRV_NETCONNENUM , api_srv_net_conn_enum }, - { "SRV_NETSESSENUM" , SRV_NETSESSENUM , api_srv_net_sess_enum }, - { "SRV_NETSHAREENUM_ALL" , SRV_NETSHAREENUM_ALL , api_srv_net_share_enum_all }, - { "SRV_NETSHAREENUM" , SRV_NETSHAREENUM , api_srv_net_share_enum }, - { "SRV_NET_SHARE_ADD" , SRV_NET_SHARE_ADD , api_srv_net_share_add }, - { "SRV_NET_SHARE_DEL" , SRV_NET_SHARE_DEL , api_srv_net_share_del }, - { "SRV_NET_SHARE_GET_INFO", SRV_NET_SHARE_GET_INFO, api_srv_net_share_get_info }, - { "SRV_NET_SHARE_SET_INFO", SRV_NET_SHARE_SET_INFO, api_srv_net_share_set_info }, - { "SRV_NETFILEENUM" , SRV_NETFILEENUM , api_srv_net_file_enum }, - { "SRV_NET_SRV_GET_INFO" , SRV_NET_SRV_GET_INFO , api_srv_net_srv_get_info }, - { "SRV_NET_SRV_SET_INFO" , SRV_NET_SRV_SET_INFO , api_srv_net_srv_set_info }, - { "SRV_NET_REMOTE_TOD" , SRV_NET_REMOTE_TOD , api_srv_net_remote_tod }, - { "SRV_NET_DISK_ENUM" , SRV_NET_DISK_ENUM , api_srv_net_disk_enum }, - { "SRV_NET_NAME_VALIDATE" , SRV_NET_NAME_VALIDATE , api_srv_net_name_validate}, - { "SRV_NETFILEQUERYSECDESC",SRV_NETFILEQUERYSECDESC,api_srv_net_file_query_secdesc}, - { "SRV_NETFILESETSECDESC" , SRV_NETFILESETSECDESC , api_srv_net_file_set_secdesc}, - { NULL , 0 , NULL } + { "SRV_NET_CONN_ENUM" , SRV_NET_CONN_ENUM , api_srv_net_conn_enum }, + { "SRV_NET_SESS_ENUM" , SRV_NET_SESS_ENUM , api_srv_net_sess_enum }, + { "SRV_NET_SHARE_ENUM_ALL" , SRV_NET_SHARE_ENUM_ALL , api_srv_net_share_enum_all }, + { "SRV_NET_SHARE_ENUM" , SRV_NET_SHARE_ENUM , api_srv_net_share_enum }, + { "SRV_NET_SHARE_ADD" , SRV_NET_SHARE_ADD , api_srv_net_share_add }, + { "SRV_NET_SHARE_DEL" , SRV_NET_SHARE_DEL , api_srv_net_share_del }, + { "SRV_NET_SHARE_GET_INFO", SRV_NET_SHARE_GET_INFO, api_srv_net_share_get_info }, + { "SRV_NET_SHARE_SET_INFO", SRV_NET_SHARE_SET_INFO, api_srv_net_share_set_info }, + { "SRV_NET_FILE_ENUM" , SRV_NET_FILE_ENUM , api_srv_net_file_enum }, + { "SRV_NET_SRV_GET_INFO" , SRV_NET_SRV_GET_INFO , api_srv_net_srv_get_info }, + { "SRV_NET_SRV_SET_INFO" , SRV_NET_SRV_SET_INFO , api_srv_net_srv_set_info }, + { "SRV_NET_REMOTE_TOD" , SRV_NET_REMOTE_TOD , api_srv_net_remote_tod }, + { "SRV_NET_DISK_ENUM" , SRV_NET_DISK_ENUM , api_srv_net_disk_enum }, + { "SRV_NET_NAME_VALIDATE" , SRV_NET_NAME_VALIDATE , api_srv_net_name_validate}, + { "SRV_NET_FILE_QUERY_SECDESC",SRV_NET_FILE_QUERY_SECDESC, api_srv_net_file_query_secdesc}, + { "SRV_NET_FILE_SET_SECDESC" , SRV_NET_FILE_SET_SECDESC , api_srv_net_file_set_secdesc}, + { NULL , 0 , NULL } }; /******************************************************************* -- cgit From c3fb0cd9edd8944d7278cb716b52fbf16939f044 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 31 May 2002 00:48:40 +0000 Subject: Return access denied for net_share_enum when restrict anonymous > 0 (This used to be commit 5df1aa9f20ae2036848b7e46703bfd3a923d7b4f) --- source3/rpc_server/srv_srvsvc_nt.c | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 1f3b1945e3..f14928f9f2 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -564,8 +564,25 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr, static void init_srv_r_net_share_enum(pipes_struct *p, SRV_R_NET_SHARE_ENUM *r_n, uint32 info_level, uint32 resume_hnd, BOOL all) { + user_struct *user; + DEBUG(5,("init_srv_r_net_share_enum: %d\n", __LINE__)); + /* Don't let anonymous users access this RPC */ + + if (!(user = get_valid_user_struct(p->vuid))) { + DEBUG(3, ("invalid vuid %d in init_srv_r_net_share_enum()\n", + p->vuid)); + r_n->status = WERR_ACCESS_DENIED; + return; + } + + if (lp_restrict_anonymous() > 0 && user->guest) { + DEBUG(5, ("access denied to anonymous connection")); + r_n->status = WERR_ACCESS_DENIED; + return; + } + if (init_srv_share_info_ctr(p, &r_n->ctr, info_level, &resume_hnd, &r_n->total_entries, all)) { r_n->status = WERR_OK; -- cgit From e422b271da0c07f5c5cfd41df01bb2910d484abc Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Fri, 31 May 2002 17:02:09 +0000 Subject: Update netfileenum on both client and server sides to do an arbitrary number of files. This was done to better enable net rpc file. Perhaps we can start giving back real info this way, too. (This used to be commit b3fea72ee9abd2441a49c35442c54819e4ba16ba) --- source3/rpc_server/srv_srvsvc_nt.c | 88 ++++++++++++-------------------------- 1 file changed, 27 insertions(+), 61 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index f14928f9f2..967c7a8747 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -958,74 +958,46 @@ static void init_srv_r_net_conn_enum(SRV_R_NET_CONN_ENUM *r_n, init_enum_hnd(&r_n->enum_hnd, resume_hnd); } -/******************************************************************* - fill in a file info level 3 structure. - ********************************************************************/ - -static void init_srv_file_3_info(FILE_INFO_3 *fl3, FILE_INFO_3_STR *str3, - uint32 fnum, uint32 perms, uint32 num_locks, - char *path_name, char *user_name) -{ - init_srv_file_info3(fl3 , fnum, perms, num_locks, path_name, user_name); - init_srv_file_info3_str(str3, path_name, user_name); -} - -/******************************************************************* - fill in a file info level 3 structure. - ********************************************************************/ - -static void init_srv_file_info_3(SRV_FILE_INFO_3 *fl3, uint32 *fnum, uint32 *ftot) -{ - uint32 num_entries = 0; - (*ftot) = 1; - - if (fl3 == NULL) { - (*fnum) = 0; - return; - } - - DEBUG(5,("init_srv_file_3_fl3\n")); - - for (; (*fnum) < (*ftot) && num_entries < MAX_FILE_ENTRIES; (*fnum)++) { - init_srv_file_3_info(&fl3->info_3[num_entries], - &fl3->info_3_str[num_entries], - (*fnum), 0x35, 0, "\\PIPE\\samr", "dummy user"); - - /* move on to creating next file */ - num_entries++; - } - - fl3->num_entries_read = num_entries; - fl3->ptr_file_info = num_entries > 0 ? 1 : 0; - fl3->num_entries_read2 = num_entries; - - if ((*fnum) >= (*ftot)) { - (*fnum) = 0; - } -} - /******************************************************************* makes a SRV_R_NET_FILE_ENUM structure. ********************************************************************/ -static WERROR init_srv_file_info_ctr(SRV_FILE_INFO_CTR *ctr, +static WERROR init_srv_file_info_ctr(pipes_struct *p, SRV_FILE_INFO_CTR *ctr, int switch_value, uint32 *resume_hnd, uint32 *total_entries) { WERROR status = WERR_OK; + TALLOC_CTX *ctx = p->mem_ctx; DEBUG(5,("init_srv_file_info_ctr: %d\n", __LINE__)); + *total_entries = 1; /* dummy entries only, for */ ctr->switch_value = switch_value; + ctr->num_entries = *total_entries - *resume_hnd; + if (ctr->num_entries < 0) + ctr->num_entries = 0; + ctr->num_entries2 = ctr->num_entries; switch (switch_value) { - case 3: - init_srv_file_info_3(&ctr->file.info3, resume_hnd, total_entries); - ctr->ptr_file_ctr = 1; + case 3: { + int i; + if (total_entries > 0) { + ctr->ptr_entries = 1; + ctr->file.info3 = talloc(ctx, ctr->num_entries * + sizeof(SRV_FILE_INFO_3)); + } + for (i=0 ;inum_entries;i++) { + init_srv_file_info3(&ctr->file.info3[i].info_3, i+*resume_hnd, 0x35, 0, "\\PIPE\\samr", "dummy user"); + init_srv_file_info3_str(&ctr->file.info3[i].info_3_str, "\\PIPE\\samr", "dummy user"); + + } + ctr->ptr_file_info = 1; + *resume_hnd = 0; break; + } default: DEBUG(5,("init_srv_file_info_ctr: unsupported switch value %d\n", switch_value)); (*resume_hnd = 0); (*total_entries) = 0; - ctr->ptr_file_ctr = 0; + ctr->ptr_entries = 0; status = WERR_UNKNOWN_LEVEL; break; } @@ -1037,7 +1009,7 @@ static WERROR init_srv_file_info_ctr(SRV_FILE_INFO_CTR *ctr, makes a SRV_R_NET_FILE_ENUM structure. ********************************************************************/ -static void init_srv_r_net_file_enum(SRV_R_NET_FILE_ENUM *r_n, +static void init_srv_r_net_file_enum(pipes_struct *p, SRV_R_NET_FILE_ENUM *r_n, uint32 resume_hnd, int file_level, int switch_value) { DEBUG(5,("init_srv_r_net_file_enum: %d\n", __LINE__)); @@ -1046,7 +1018,7 @@ static void init_srv_r_net_file_enum(SRV_R_NET_FILE_ENUM *r_n, if (file_level == 0) r_n->status = WERR_UNKNOWN_LEVEL; else - r_n->status = init_srv_file_info_ctr(r_n->ctr, switch_value, &resume_hnd, &(r_n->total_entries)); + r_n->status = init_srv_file_info_ctr(p, &r_n->ctr, switch_value, &resume_hnd, &(r_n->total_entries)); if (!W_ERROR_IS_OK(r_n->status)) resume_hnd = 0; @@ -1133,19 +1105,13 @@ net file enum WERROR _srv_net_file_enum(pipes_struct *p, SRV_Q_NET_FILE_ENUM *q_u, SRV_R_NET_FILE_ENUM *r_u) { - r_u->ctr = (SRV_FILE_INFO_CTR *)talloc(p->mem_ctx, sizeof(SRV_FILE_INFO_CTR)); - if (!r_u->ctr) - return WERR_NOMEM; - - ZERO_STRUCTP(r_u->ctr); - DEBUG(5,("srv_net_file_enum: %d\n", __LINE__)); /* set up the */ - init_srv_r_net_file_enum(r_u, + init_srv_r_net_file_enum(p, r_u, get_enum_hnd(&q_u->enum_hnd), q_u->file_level, - q_u->ctr->switch_value); + q_u->ctr.switch_value); DEBUG(5,("srv_net_file_enum: %d\n", __LINE__)); -- cgit From d706b5dc555bd61670359955770cb85ed0ce2896 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 3 Jun 2002 02:55:16 +0000 Subject: Move restrict anonymous checks into a general function called pipe_access_check(). Eventually this can take a security descriptor as an argument as well. (This used to be commit 8bbdc674afef32621bf473ba1af76bae7270b818) --- source3/rpc_server/srv_lsa_hnd.c | 28 +++++++++++++++++++++++++++ source3/rpc_server/srv_srvsvc_nt.c | 39 ++++++++++++++++++++------------------ 2 files changed, 49 insertions(+), 18 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index 62af0ecac8..5af1e8c265 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -249,3 +249,31 @@ void close_policy_by_pipe(pipes_struct *p) DEBUG(10,("close_policy_by_pipe: deleted handle list for pipe %s\n", p->name )); } } + +/******************************************************************* +Shall we allow access to this rpc? Currently this function +implements the 'restrict anonymous' setting by denying access to +anonymous users if the restrict anonymous level is > 0. Further work +will be checking a security descriptor to determine whether a user +token has enough access to access the pipe. +********************************************************************/ + +BOOL pipe_access_check(pipes_struct *p) +{ + /* Don't let anonymous users access this RPC if restrict + anonymous > 0 */ + + if (lp_restrict_anonymous() > 0) { + user_struct *user = get_valid_user_struct(p->vuid); + + if (!user) { + DEBUG(3, ("invalid vuid %d\n", p->vuid)); + return False; + } + + if (user->guest) + return False; + } + + return True; +} diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 967c7a8747..8965b11fe5 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -564,25 +564,8 @@ static BOOL init_srv_share_info_ctr(pipes_struct *p, SRV_SHARE_INFO_CTR *ctr, static void init_srv_r_net_share_enum(pipes_struct *p, SRV_R_NET_SHARE_ENUM *r_n, uint32 info_level, uint32 resume_hnd, BOOL all) { - user_struct *user; - DEBUG(5,("init_srv_r_net_share_enum: %d\n", __LINE__)); - /* Don't let anonymous users access this RPC */ - - if (!(user = get_valid_user_struct(p->vuid))) { - DEBUG(3, ("invalid vuid %d in init_srv_r_net_share_enum()\n", - p->vuid)); - r_n->status = WERR_ACCESS_DENIED; - return; - } - - if (lp_restrict_anonymous() > 0 && user->guest) { - DEBUG(5, ("access denied to anonymous connection")); - r_n->status = WERR_ACCESS_DENIED; - return; - } - if (init_srv_share_info_ctr(p, &r_n->ctr, info_level, &resume_hnd, &r_n->total_entries, all)) { r_n->status = WERR_OK; @@ -1042,11 +1025,21 @@ WERROR _srv_net_srv_get_info(pipes_struct *p, SRV_Q_NET_SRV_GET_INFO *q_u, SRV_R DEBUG(5,("srv_net_srv_get_info: %d\n", __LINE__)); + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to srv_net_srv_get_info\n")); + return WERR_ACCESS_DENIED; + } + switch (q_u->switch_value) { + + /* Technically level 102 should only be available to + Administrators but there isn't anything super-secret + here, as most of it is made up. */ + case 102: init_srv_info_102(&ctr->srv.sv102, 500, global_myname, - string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH), + string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH), lp_major_announce_version(), lp_minor_announce_version(), lp_default_server_announce(), 0xffffffff, /* users */ @@ -1176,6 +1169,11 @@ WERROR _srv_net_share_enum_all(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R { DEBUG(5,("_srv_net_share_enum: %d\n", __LINE__)); + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to srv_net_share_enum_all\n")); + return WERR_ACCESS_DENIED; + } + /* Create the list of shares for the response. */ init_srv_r_net_share_enum(p, r_u, q_u->ctr.info_level, @@ -1194,6 +1192,11 @@ WERROR _srv_net_share_enum(pipes_struct *p, SRV_Q_NET_SHARE_ENUM *q_u, SRV_R_NET { DEBUG(5,("_srv_net_share_enum: %d\n", __LINE__)); + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to srv_net_share_enum\n")); + return WERR_ACCESS_DENIED; + } + /* Create the list of shares for the response. */ init_srv_r_net_share_enum(p, r_u, q_u->ctr.info_level, -- cgit From c3bd192703c6a0360f6fa7eef9e13bc32949c5eb Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 3 Jun 2002 03:02:39 +0000 Subject: Restrict anonymous checks for the SAMR pipe. This is done by returning access denied for a SAMR_CONNECT by an anonymous user which seems to be the way 2K does it rather than blocking individual RPC calls like NT. Also checked is the SAMR_GET_DOM_PWINFO rpc which for some reason doesn't require a policy handle to return information. No idea what it's actually used. (This used to be commit 40c68fa85c31c1baf7ba2c8ed62cd06c34711913) --- source3/rpc_server/srv_samr_nt.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 7c16bc7128..066a293414 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2026,6 +2026,14 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO { struct samr_info *info = NULL; + /* Access check */ + + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_connect_anon\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + /* set up the SAMR connect_anon response */ r_u->status = NT_STATUS_OK; @@ -2053,6 +2061,14 @@ NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u DEBUG(5,("_samr_connect: %d\n", __LINE__)); + /* Access check */ + + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_connect\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + r_u->status = NT_STATUS_OK; /* associate the user's SID with the new handle. */ @@ -3594,7 +3610,18 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ NTSTATUS _samr_get_dom_pwinfo(pipes_struct *p, SAMR_Q_GET_DOM_PWINFO *q_u, SAMR_R_GET_DOM_PWINFO *r_u) { + /* Perform access check. Since this rpc does not require a + policy handle it will not be caught by the access checks on + SAMR_CONNECT or SAMR_CONNECT_ANON. */ + + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_get_dom_pwinfo\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + /* Actually, returning zeros here works quite well :-). */ + return NT_STATUS_OK; } -- cgit From e142b4b324db501ec6a0d078c541aa3f5d9e185b Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Mon, 3 Jun 2002 22:14:43 +0000 Subject: Fix netsessenum RPC. Correctly respond with as much info as we can. (This used to be commit c8781a3fdaa4d8cb81233582f29159ace7e436ac) --- source3/rpc_server/srv_srvsvc_nt.c | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index 8965b11fe5..f99827ea19 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -638,11 +638,13 @@ static void init_srv_sess_0_info(SESS_INFO_0 *se0, SESS_INFO_0_STR *str0, char * static void init_srv_sess_info_0(SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *stot) { + struct sessionid *session_list; uint32 num_entries = 0; - (*stot) = 1; + (*stot) = list_sessions(&session_list); if (ss0 == NULL) { (*snum) = 0; + SAFE_FREE(session_list); return; } @@ -651,7 +653,7 @@ static void init_srv_sess_info_0(SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *sto if (snum) { for (; (*snum) < (*stot) && num_entries < MAX_SESS_ENTRIES; (*snum)++) { init_srv_sess_0_info(&ss0->info_0[num_entries], - &ss0->info_0_str[num_entries], "MACHINE"); + &ss0->info_0_str[num_entries], session_list[(*snum)].remote_machine); /* move on to creating next session */ /* move on to creating next sess */ @@ -671,6 +673,7 @@ static void init_srv_sess_info_0(SRV_SESS_INFO_0 *ss0, uint32 *snum, uint32 *sto ss0->ptr_sess_info = 0; ss0->num_entries_read2 = 0; } + SAFE_FREE(session_list); } /******************************************************************* @@ -693,11 +696,13 @@ static void init_srv_sess_1_info(SESS_INFO_1 *se1, SESS_INFO_1_STR *str1, static void init_srv_sess_info_1(SRV_SESS_INFO_1 *ss1, uint32 *snum, uint32 *stot) { + struct sessionid *session_list; uint32 num_entries = 0; - (*stot) = 1; + (*stot) = list_sessions(&session_list); if (ss1 == NULL) { (*snum) = 0; + SAFE_FREE(session_list); return; } @@ -706,8 +711,10 @@ static void init_srv_sess_info_1(SRV_SESS_INFO_1 *ss1, uint32 *snum, uint32 *sto if (snum) { for (; (*snum) < (*stot) && num_entries < MAX_SESS_ENTRIES; (*snum)++) { init_srv_sess_1_info(&ss1->info_1[num_entries], - &ss1->info_1_str[num_entries], - "MACHINE", "dummy_user", 1, 10, 5, 0); + &ss1->info_1_str[num_entries], + session_list[*snum].remote_machine, + session_list[*snum].username, + 1, 10, 5, 0); /* move on to creating next session */ /* move on to creating next sess */ -- cgit From ebe58d85692ee5a8088762908ffaeb3e19ff45f3 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 4 Jun 2002 23:10:02 +0000 Subject: Update the SAMR pipe for more use of NTSTATUS and to talloc the stored list of users/groups for better memory accounting. Andrew Bartlett (This used to be commit fe7c5efe91ab77784af9dbb56716170f4c6fd057) --- source3/rpc_server/srv_samr_nt.c | 237 +++++++++++++++++++++++---------------- 1 file changed, 141 insertions(+), 96 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 066a293414..71b48210e4 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -53,6 +53,8 @@ struct samr_info { DOM_SID sid; uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */ DISP_INFO disp_info; + + TALLOC_CTX *mem_ctx; }; /******************************************************************* @@ -63,17 +65,27 @@ static struct samr_info *get_samr_info_by_sid(DOM_SID *psid) { struct samr_info *info; fstring sid_str; + TALLOC_CTX *mem_ctx; + + if (psid) { + sid_to_string(sid_str, psid); + } else { + fstrcpy(sid_str,"(NULL)"); + } + + mem_ctx = talloc_init_named("samr_info for domain sid %s", sid_str); - if ((info = (struct samr_info *)malloc(sizeof(struct samr_info))) == NULL) + if ((info = (struct samr_info *)talloc(mem_ctx, sizeof(struct samr_info))) == NULL) return NULL; ZERO_STRUCTP(info); + DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_str)); if (psid) { - DEBUG(10,("get_samr_info_by_sid: created new info for sid %s\n", sid_to_string(sid_str, psid) )); sid_copy( &info->sid, psid); } else { DEBUG(10,("get_samr_info_by_sid: created new info for NULL sid.\n")); } + info->mem_ctx = mem_ctx; return info; } @@ -84,18 +96,13 @@ static void free_samr_db(struct samr_info *info) { int i; - if (info->disp_info.group_dbloaded) { - for (i=0; idisp_info.num_group_account; i++) - SAFE_FREE(info->disp_info.disp_group_info[i].grp); - - SAFE_FREE(info->disp_info.disp_group_info); - } + /* Groups are talloced */ if (info->disp_info.user_dbloaded){ - for (i=0; idisp_info.num_user_account; i++) + for (i=0; idisp_info.num_user_account; i++) { + /* Not really a free, actually a 'clear' */ pdb_free_sam(&info->disp_info.disp_user_info[i].sam); - - SAFE_FREE(info->disp_info.disp_user_info); + } } info->disp_info.user_dbloaded=False; @@ -110,7 +117,7 @@ static void free_samr_info(void *ptr) struct samr_info *info=(struct samr_info *) ptr; free_samr_db(info); - SAFE_FREE(info); + talloc_destroy(info->mem_ctx); } /******************************************************************* @@ -147,6 +154,8 @@ static NTSTATUS load_sampwd_entries(struct samr_info *info, uint16 acb_mask) { SAM_ACCOUNT *pwd = NULL; DISP_USER_INFO *pwd_array = NULL; + NTSTATUS nt_status = NT_STATUS_OK; + TALLOC_CTX *mem_ctx = info->mem_ctx; DEBUG(10,("load_sampwd_entries\n")); @@ -161,7 +170,8 @@ static NTSTATUS load_sampwd_entries(struct samr_info *info, uint16 acb_mask) return NT_STATUS_ACCESS_DENIED; } - for (pdb_init_sam(&pwd); pdb_getsampwent(pwd) == True; pwd=NULL, pdb_init_sam(&pwd) ) { + for (; (NT_STATUS_IS_OK(nt_status = pdb_init_sam_talloc(mem_ctx, &pwd))) + && pdb_getsampwent(pwd) == True; pwd=NULL) { if (acb_mask != 0 && !(pdb_get_acct_ctrl(pwd) & acb_mask)) { pdb_free_sam(&pwd); @@ -173,7 +183,7 @@ static NTSTATUS load_sampwd_entries(struct samr_info *info, uint16 acb_mask) if (info->disp_info.num_user_account % MAX_SAM_ENTRIES == 0) { DEBUG(10,("load_sampwd_entries: allocating more memory\n")); - pwd_array=(DISP_USER_INFO *)Realloc(info->disp_info.disp_user_info, + pwd_array=(DISP_USER_INFO *)talloc_realloc(mem_ctx, info->disp_info.disp_user_info, (info->disp_info.num_user_account+MAX_SAM_ENTRIES)*sizeof(DISP_USER_INFO)); if (pwd_array==NULL) @@ -198,7 +208,7 @@ static NTSTATUS load_sampwd_entries(struct samr_info *info, uint16 acb_mask) DEBUG(12,("load_sampwd_entries: done\n")); - return NT_STATUS_OK; + return nt_status; } static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid) @@ -207,6 +217,7 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid) DISP_GROUP_INFO *grp_array = NULL; uint32 group_entries = 0; uint32 i; + TALLOC_CTX *mem_ctx = info->mem_ctx; DEBUG(10,("load_group_domain_entries\n")); @@ -220,7 +231,7 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid) info->disp_info.num_group_account=group_entries; - grp_array=(DISP_GROUP_INFO *)malloc(info->disp_info.num_group_account*sizeof(DISP_GROUP_INFO)); + grp_array=(DISP_GROUP_INFO *)talloc(mem_ctx, info->disp_info.num_group_account*sizeof(DISP_GROUP_INFO)); if (group_entries!=0 && grp_array==NULL) { SAFE_FREE(map); @@ -231,7 +242,7 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid) for (i=0; iname, map[i].nt_name); fstrcpy(grp_array[i].grp->comment, map[i].comment); @@ -262,14 +273,17 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, { SAM_ACCOUNT *pwd = NULL; BOOL not_finished = True; - + NTSTATUS nt_status; + (*num_entries) = 0; (*total_entries) = 0; if (pw_buf == NULL) return NT_STATUS_NO_MEMORY; - pdb_init_sam(&pwd); + if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&pwd))) { + return nt_status; + } if (!pdb_setsampwent(False)) { DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n")); @@ -281,10 +295,16 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, && (*num_entries) < max_num_entries) { int user_name_len; - + const char *user_name; + if (start_idx > 0) { - pdb_reset_sam(pwd); + pdb_free_sam(&pwd); + + if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&pwd))) { + pdb_endsampwent(); + return nt_status; + } /* skip the requested number of entries. not very efficient, but hey... */ @@ -292,31 +312,41 @@ static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, continue; } - user_name_len = strlen(pdb_get_username(pwd))+1; - init_unistr2(&pw_buf[(*num_entries)].uni_user_name, pdb_get_username(pwd), user_name_len); - init_uni_hdr(&pw_buf[(*num_entries)].hdr_user_name, user_name_len); - pw_buf[(*num_entries)].user_rid = pdb_get_user_rid(pwd); - memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16); - - /* Now check if the NT compatible password is available. */ - if (pdb_get_nt_passwd(pwd)) - memcpy( pw_buf[(*num_entries)].nt_pwd , pdb_get_nt_passwd(pwd), 16); - - pw_buf[(*num_entries)].acb_info = pdb_get_acct_ctrl(pwd); - - DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x", - (*num_entries), pdb_get_username(pwd), pdb_get_user_rid(pwd), pdb_get_acct_ctrl(pwd) )); - - if (acb_mask == 0 || (pdb_get_acct_ctrl(pwd) & acb_mask)) { + user_name = pdb_get_username(pwd); + + if (!user_name) { + DEBUG(2, ("account had NULL username!\n")); + } else if (!(acb_mask == 0 || (pdb_get_acct_ctrl(pwd) & acb_mask))) { + DEBUG(5,(" acb_mask %x rejects\n", acb_mask)); + } else { DEBUG(5,(" acb_mask %x accepts\n", acb_mask)); + + user_name_len = strlen(user_name)+1; + init_unistr2(&pw_buf[(*num_entries)].uni_user_name, user_name, user_name_len); + init_uni_hdr(&pw_buf[(*num_entries)].hdr_user_name, user_name_len); + pw_buf[(*num_entries)].user_rid = pdb_get_user_rid(pwd); + memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16); + + /* Now check if the NT compatible password is available. */ + if (pdb_get_nt_passwd(pwd)) + memcpy( pw_buf[(*num_entries)].nt_pwd , pdb_get_nt_passwd(pwd), 16); + + pw_buf[(*num_entries)].acb_info = pdb_get_acct_ctrl(pwd); + + DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x", + (*num_entries), pdb_get_username(pwd), pdb_get_user_rid(pwd), pdb_get_acct_ctrl(pwd) )); + (*num_entries)++; - } else { - DEBUG(5,(" acb_mask %x rejects\n", acb_mask)); } (*total_entries)++; - pdb_reset_sam(pwd); + pdb_free_sam(&pwd); + + if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&pwd))) { + pdb_endsampwent(); + return nt_status; + } } @@ -936,7 +966,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ become_root(); r_u->status=load_sampwd_entries(info, acb_mask); unbecome_root(); - if (NT_STATUS_IS_ERR(r_u->status)) { + if (!NT_STATUS_IS_OK(r_u->status)) { DEBUG(5, ("_samr_query_dispinfo: load_sampwd_entries failed\n")); return r_u->status; } @@ -945,7 +975,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ case 0x3: case 0x5: r_u->status = load_group_domain_entries(info, &info->sid); - if (NT_STATUS_IS_ERR(r_u->status)) + if (!NT_STATUS_IS_OK(r_u->status)) return r_u->status; num_account = info->disp_info.num_group_account; break; @@ -992,7 +1022,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ return NT_STATUS_NO_MEMORY; } disp_ret = init_sam_dispinfo_1(p->mem_ctx, ctr->sam.info1, max_entries, enum_context, info->disp_info.disp_user_info); - if (NT_STATUS_IS_ERR(disp_ret)) + if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; case 0x2: @@ -1001,7 +1031,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ return NT_STATUS_NO_MEMORY; } disp_ret = init_sam_dispinfo_2(p->mem_ctx, ctr->sam.info2, max_entries, enum_context, info->disp_info.disp_user_info); - if (NT_STATUS_IS_ERR(disp_ret)) + if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; case 0x3: @@ -1010,7 +1040,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ return NT_STATUS_NO_MEMORY; } disp_ret = init_sam_dispinfo_3(p->mem_ctx, ctr->sam.info3, max_entries, enum_context, info->disp_info.disp_group_info); - if (NT_STATUS_IS_ERR(disp_ret)) + if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; case 0x4: @@ -1019,7 +1049,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ return NT_STATUS_NO_MEMORY; } disp_ret = init_sam_dispinfo_4(p->mem_ctx, ctr->sam.info4, max_entries, enum_context, info->disp_info.disp_user_info); - if (NT_STATUS_IS_ERR(disp_ret)) + if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; case 0x5: @@ -1028,7 +1058,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ return NT_STATUS_NO_MEMORY; } disp_ret = init_sam_dispinfo_5(p->mem_ctx, ctr->sam.info5, max_entries, enum_context, info->disp_info.disp_group_info); - if (NT_STATUS_IS_ERR(disp_ret)) + if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; @@ -1393,6 +1423,7 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN POLICY_HND *user_pol = &r_u->user_pol; struct samr_info *info = NULL; BOOL ret; + NTSTATUS nt_status; r_u->status = NT_STATUS_OK; @@ -1400,6 +1431,11 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN if (!find_policy_by_hnd(p, &domain_pol, NULL)) return NT_STATUS_INVALID_HANDLE; + nt_status = pdb_init_sam_talloc(p->mem_ctx, &sampass); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } + /* Get the domain SID stored in the domain policy */ if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid)) return NT_STATUS_INVALID_HANDLE; @@ -1408,15 +1444,12 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN if(!sid_append_rid(&sid, q_u->user_rid)) return NT_STATUS_NO_SUCH_USER; - pdb_init_sam(&sampass); - become_root(); ret=pdb_getsampwsid(sampass, &sid); unbecome_root(); /* check that the SID exists in our domain. */ if (ret == False) { - pdb_free_sam(&sampass); return NT_STATUS_NO_SUCH_USER; } @@ -1437,12 +1470,17 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN get_user_info_10. Safe. Only gives out acb bits. *************************************************************************/ -static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, DOM_SID *user_sid) +static NTSTATUS get_user_info_10(TALLOC_CTX *mem_ctx, SAM_USER_INFO_10 *id10, DOM_SID *user_sid) { SAM_ACCOUNT *smbpass=NULL; BOOL ret; + NTSTATUS nt_status; - pdb_init_sam(&smbpass); + nt_status = pdb_init_sam_talloc(mem_ctx, &smbpass); + + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } become_root(); ret = pdb_getsampwsid(smbpass, user_sid); @@ -1450,8 +1488,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, DOM_SID *user_sid) if (ret==False) { DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); - pdb_free_sam(&smbpass); - return False; + return NT_STATUS_NO_SUCH_USER; } DEBUG(3,("User:[%s]\n", pdb_get_username(smbpass) )); @@ -1461,7 +1498,7 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, DOM_SID *user_sid) pdb_free_sam(&smbpass); - return True; + return NT_STATUS_OK; } /************************************************************************* @@ -1470,10 +1507,11 @@ static BOOL get_user_info_10(SAM_USER_INFO_10 *id10, DOM_SID *user_sid) user. JRA. *************************************************************************/ -static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, DOM_SID *user_sid) +static NTSTATUS get_user_info_12(pipes_struct *p, TALLOC_CTX *mem_ctx, SAM_USER_INFO_12 * id12, DOM_SID *user_sid) { SAM_ACCOUNT *smbpass=NULL; BOOL ret; + NTSTATUS nt_status; if (!p->ntlmssp_auth_validated) return NT_STATUS_ACCESS_DENIED; @@ -1484,7 +1522,12 @@ static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, DOM_S /* * Do *NOT* do become_root()/unbecome_root() here ! JRA. */ - pdb_init_sam(&smbpass); + + nt_status = pdb_init_sam_talloc(mem_ctx, &smbpass); + + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } ret = pdb_getsampwsid(smbpass, user_sid); @@ -1513,12 +1556,12 @@ static NTSTATUS get_user_info_12(pipes_struct *p, SAM_USER_INFO_12 * id12, DOM_S get_user_info_20 *************************************************************************/ -static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, DOM_SID *user_sid) +static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DOM_SID *user_sid) { SAM_ACCOUNT *sampass=NULL; BOOL ret; - pdb_init_sam(&sampass); + pdb_init_sam_talloc(mem_ctx, &sampass); become_root(); ret = pdb_getsampwsid(sampass, user_sid); @@ -1526,8 +1569,7 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, DOM_SID *user_sid) if (ret == False) { DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); - pdb_free_sam(&sampass); - return False; + return NT_STATUS_NO_SUCH_USER; } samr_clear_sam_passwd(sampass); @@ -1539,19 +1581,23 @@ static BOOL get_user_info_20(SAM_USER_INFO_20 *id20, DOM_SID *user_sid) pdb_free_sam(&sampass); - return True; + return NT_STATUS_OK; } /************************************************************************* get_user_info_21 *************************************************************************/ -static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, DOM_SID *user_sid) +static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, DOM_SID *user_sid) { SAM_ACCOUNT *sampass=NULL; BOOL ret; + NTSTATUS nt_status; - pdb_init_sam(&sampass); + nt_status = pdb_init_sam_talloc(mem_ctx, &sampass); + if (!NT_STATUS_IS_OK(nt_status)) { + return nt_status; + } become_root(); ret = pdb_getsampwsid(sampass, user_sid); @@ -1559,8 +1605,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, DOM_SID *user_sid) if (ret == False) { DEBUG(4,("User %s not found\n", sid_string_static(user_sid))); - pdb_free_sam(&sampass); - return False; + return NT_STATUS_NO_SUCH_USER; } samr_clear_sam_passwd(sampass); @@ -1572,7 +1617,7 @@ static BOOL get_user_info_21(SAM_USER_INFO_21 *id21, DOM_SID *user_sid) pdb_free_sam(&sampass); - return True; + return NT_STATUS_OK; } /******************************************************************* @@ -1610,8 +1655,8 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ if (ctr->info.id10 == NULL) return NT_STATUS_NO_MEMORY; - if (!get_user_info_10(ctr->info.id10, &info->sid)) - return NT_STATUS_NO_SUCH_USER; + if (!NT_STATUS_IS_OK(r_u->status = get_user_info_10(p->mem_ctx, ctr->info.id10, &info->sid))) + return r_u->status; break; #if 0 @@ -1645,24 +1690,24 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ if (ctr->info.id12 == NULL) return NT_STATUS_NO_MEMORY; - if (NT_STATUS_IS_ERR(r_u->status = get_user_info_12(p, ctr->info.id12, &info->sid))) + if (!NT_STATUS_IS_OK(r_u->status = get_user_info_12(p, p->mem_ctx, ctr->info.id12, &info->sid))) return r_u->status; break; - + case 20: ctr->info.id20 = (SAM_USER_INFO_20 *)talloc_zero(p->mem_ctx,sizeof(SAM_USER_INFO_20)); if (ctr->info.id20 == NULL) return NT_STATUS_NO_MEMORY; - if (!get_user_info_20(ctr->info.id20, &info->sid)) - return NT_STATUS_NO_SUCH_USER; + if (!NT_STATUS_IS_OK(r_u->status = get_user_info_20(p->mem_ctx, ctr->info.id20, &info->sid))) + return r_u->status; break; case 21: ctr->info.id21 = (SAM_USER_INFO_21 *)talloc_zero(p->mem_ctx,sizeof(SAM_USER_INFO_21)); if (ctr->info.id21 == NULL) return NT_STATUS_NO_MEMORY; - if (!get_user_info_21(ctr->info.id21, &info->sid)) - return NT_STATUS_NO_SUCH_USER; + if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, &info->sid))) + return r_u->status; break; default: @@ -1672,7 +1717,7 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ init_samr_r_query_userinfo(r_u, ctr, r_u->status); DEBUG(5,("_samr_query_userinfo: %d\n", __LINE__)); - + return r_u->status; } @@ -1712,7 +1757,7 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S return NT_STATUS_OBJECT_TYPE_MISMATCH; pdb_init_sam(&sam_pass); - + become_root(); ret = pdb_getsampwsid(sam_pass, &info->sid); unbecome_root(); @@ -1721,19 +1766,19 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S pdb_free_sam(&sam_pass); return NT_STATUS_NO_SUCH_USER; } - + if(!get_domain_user_groups(p->mem_ctx, &num_groups, &gids, sam_pass)) { pdb_free_sam(&sam_pass); return NT_STATUS_NO_SUCH_GROUP; } - + /* construct the response. lkclXXXX: gids are not copied! */ init_samr_r_query_usergroups(r_u, num_groups, gids, r_u->status); - + DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); pdb_free_sam(&sam_pass); - + return r_u->status; } @@ -1764,13 +1809,13 @@ NTSTATUS _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SA ZERO_STRUCTP(ctr); r_u->status = NT_STATUS_OK; - + DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__)); - + /* find the policy handle. open a policy on it. */ if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; - + switch (q_u->switch_value) { case 0x01: account_policy_get(AP_MIN_PASSWORD_LEN, &min_pass_len); @@ -1789,7 +1834,7 @@ NTSTATUS _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SA become_root(); r_u->status=load_sampwd_entries(info, ACB_NORMAL); unbecome_root(); - if (NT_STATUS_IS_ERR(r_u->status)) { + if (!NT_STATUS_IS_OK(r_u->status)) { DEBUG(5, ("_samr_query_dispinfo: load_sampwd_entries failed\n")); return r_u->status; } @@ -1797,7 +1842,7 @@ NTSTATUS _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SA free_samr_db(info); r_u->status=load_group_domain_entries(info, &global_sam_sid); - if (NT_STATUS_IS_ERR(r_u->status)) { + if (!NT_STATUS_IS_OK(r_u->status)) { DEBUG(5, ("_samr_query_dispinfo: load_group_domain_entries failed\n")); return r_u->status; } @@ -1835,12 +1880,12 @@ NTSTATUS _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SA break; default: return NT_STATUS_INVALID_INFO_CLASS; - } - + } + init_samr_r_query_dom_info(r_u, q_u->switch_value, ctr, NT_STATUS_OK); - + DEBUG(5,("_samr_query_dom_info: %d\n", __LINE__)); - + return r_u->status; } @@ -2659,7 +2704,7 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u, * if there is an error, we just continue as * it can be an unfound user or group */ - if (NT_STATUS_IS_ERR(r_u->status)) { + if (!NT_STATUS_IS_OK(r_u->status)) { DEBUG(10,("_samr_query_useraliases: an error occured while getting groups\n")); continue; } @@ -2749,7 +2794,7 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_ pass = getpwuid_alloc(uid[i]); if (!pass) continue; - if (NT_STATUS_IS_ERR(pdb_init_sam(&sam_user))) { + if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_user))) { passwd_free(&pass); continue; } @@ -2843,7 +2888,7 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ pass = getpwuid_alloc(uid[i]); if (!pass) continue; - if (NT_STATUS_IS_ERR(pdb_init_sam(&sam_user))) { + if (!NT_STATUS_IS_OK(pdb_init_sam(&sam_user))) { passwd_free(&pass); continue; } @@ -2917,7 +2962,7 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD } ret = pdb_init_sam(&sam_user); - if (NT_STATUS_IS_ERR(ret)) + if (!NT_STATUS_IS_OK(ret)) return ret; check = pdb_getsampwsid(sam_user, &q_u->sid.sid); @@ -3062,7 +3107,7 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD sid_append_rid(&user_sid, q_u->rid); ret = pdb_init_sam(&sam_user); - if (NT_STATUS_IS_ERR(ret)) + if (!NT_STATUS_IS_OK(ret)) return ret; check = pdb_getsampwsid(sam_user, &user_sid); @@ -3726,7 +3771,7 @@ NTSTATUS _samr_unknown_2e(pipes_struct *p, SAMR_Q_UNKNOWN_2E *q_u, SAMR_R_UNKNOW become_root(); r_u->status=load_sampwd_entries(info, ACB_NORMAL); unbecome_root(); - if (NT_STATUS_IS_ERR(r_u->status)) { + if (!NT_STATUS_IS_OK(r_u->status)) { DEBUG(5, ("_samr_query_dispinfo: load_sampwd_entries failed\n")); return r_u->status; } -- cgit From bfa2dfaba846bd91fd084e9358f5ff8cd0d7dc4b Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 6 Jun 2002 00:59:52 +0000 Subject: Fixed out of date comment for _spoolss_rffpcnex() (This used to be commit 7d9b8c58a63cf20d00dd7cf88cfb82aed3a47d12) --- source3/rpc_server/srv_spoolss_nt.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 1a436f8c7c..40ad3e89fe 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1724,9 +1724,8 @@ static BOOL srv_spoolss_replyopenprinter(char *printer, uint32 localprinter, uin * _spoolss_rffpcnex * ReplyFindFirstPrinterChangeNotifyEx * - * jfmxxxx: before replying OK: status=0 - * should do a rpc call to the workstation asking ReplyOpenPrinter - * have to code it, later. + * before replying OK: status=0 a rpc call is made to the workstation + * asking ReplyOpenPrinter * * in fact ReplyOpenPrinter is the changenotify equivalent on the spoolss pipe * called from api_spoolss_rffpcnex @@ -7970,4 +7969,3 @@ WERROR _spoolss_getprintprocessordirectory(pipes_struct *p, SPOOL_Q_GETPRINTPROC return WERR_ACCESS_DENIED; } - -- cgit From 617a551c4255aafc4612939ac05779e495f370ac Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 6 Jun 2002 01:19:56 +0000 Subject: Moved some notify related constants into srv_spoolss_nt.c since they're only used there. Added a PRINTER_NOTIFY_VERSION constant. (This used to be commit 9d3933a59219388c209d8be4ae6decfa337d229f) --- source3/rpc_server/srv_spoolss_nt.c | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 40ad3e89fe..f35f089535 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2466,6 +2466,14 @@ struct s_notify_info_data_table NT_PRINTER_INFO_LEVEL *printer, TALLOC_CTX *mem_ctx); }; +/* A table describing the various print notification constants and + whether the notification data is a pointer to a variable sized + buffer, a one value uint32 or a two value uint32. */ + +#define ONE_VALUE 1 +#define TWO_VALUE 2 +#define POINTER 3 + struct s_notify_info_data_table notify_info_data_table[] = { { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SERVER_NAME, "PRINTER_NOTIFY_SERVER_NAME", POINTER, spoolss_notify_server_name }, -- cgit From 89e9f7530a69eaebde3fb3a55ccbb46fc58fb642 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 6 Jun 2002 01:34:04 +0000 Subject: Fix compile error - doh! (This used to be commit e80e6637064a39635faba5311f774a90b1d5ab43) --- source3/rpc_server/srv_spoolss_nt.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index f35f089535..7b7c80f33a 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2470,10 +2470,6 @@ struct s_notify_info_data_table whether the notification data is a pointer to a variable sized buffer, a one value uint32 or a two value uint32. */ -#define ONE_VALUE 1 -#define TWO_VALUE 2 -#define POINTER 3 - struct s_notify_info_data_table notify_info_data_table[] = { { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SERVER_NAME, "PRINTER_NOTIFY_SERVER_NAME", POINTER, spoolss_notify_server_name }, -- cgit From b0ffabdcca53507a99ce8f00fccf2d4cac78fd6d Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 7 Jun 2002 14:33:33 +0000 Subject: Globally replace 'global_sam_sid' with get_global_sam_sid(), a self initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc) --- source3/rpc_server/srv_lsa_nt.c | 15 +++++++-------- source3/rpc_server/srv_netlog_nt.c | 5 +++-- source3/rpc_server/srv_samr_nt.c | 39 +++++++++++++++++++------------------- 3 files changed, 29 insertions(+), 30 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index a5e3f5003c..c74f25f77a 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -26,7 +26,6 @@ #include "includes.h" -extern DOM_SID global_sam_sid; extern fstring global_myworkgroup; extern pstring global_myname; extern PRIVS privs[]; @@ -320,7 +319,7 @@ static NTSTATUS lsa_get_generic_sd(TALLOC_CTX *mem_ctx, SEC_DESC **sd, size_t *s init_sec_access(&mask, POLICY_EXECUTE); init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - sid_copy(&adm_sid, &global_sam_sid); + sid_copy(&adm_sid, get_global_sam_sid()); sid_append_rid(&adm_sid, DOMAIN_GROUP_RID_ADMINS); init_sec_access(&mask, POLICY_ALL_ACCESS); init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); @@ -367,7 +366,7 @@ NTSTATUS _lsa_open_policy2(pipes_struct *p, LSA_Q_OPEN_POL2 *q_u, LSA_R_OPEN_POL return NT_STATUS_NO_MEMORY; ZERO_STRUCTP(info); - info->sid = global_sam_sid; + sid_copy(&info->sid,get_global_sam_sid()); info->access = acc_granted; /* set up the LSA QUERY INFO response */ @@ -405,7 +404,7 @@ NTSTATUS _lsa_open_policy(pipes_struct *p, LSA_Q_OPEN_POL *q_u, LSA_R_OPEN_POL * return NT_STATUS_NO_MEMORY; ZERO_STRUCTP(info); - info->sid = global_sam_sid; + sid_copy(&info->sid,get_global_sam_sid()); info->access = acc_granted; /* set up the LSA QUERY INFO response */ @@ -502,7 +501,7 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: name = global_myworkgroup; - sid = &global_sam_sid; + sid = get_global_sam_sid(); break; case ROLE_DOMAIN_MEMBER: name = global_myworkgroup; @@ -532,15 +531,15 @@ NTSTATUS _lsa_query_info(pipes_struct *p, LSA_Q_QUERY_INFO *q_u, LSA_R_QUERY_INF case ROLE_DOMAIN_PDC: case ROLE_DOMAIN_BDC: name = global_myworkgroup; - sid = &global_sam_sid; + sid = get_global_sam_sid(); break; case ROLE_DOMAIN_MEMBER: name = global_myname; - sid = &global_sam_sid; + sid = get_global_sam_sid(); break; case ROLE_STANDALONE: name = global_myname; - sid = &global_sam_sid; + sid = get_global_sam_sid(); break; default: return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 21ad86b0dc..9b917cdda5 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -27,7 +27,6 @@ #include "includes.h" extern pstring global_myname; -extern DOM_SID global_sam_sid; /************************************************************************* init_net_r_req_chal: @@ -705,7 +704,9 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * NULL, /* uchar sess_key[16] */ my_name , /* char *logon_srv */ my_workgroup, /* char *logon_dom */ - &global_sam_sid, /* DOM_SID *dom_sid */ + get_global_sam_sid(), /* DOM_SID *dom_sid */ + /* Should be users domain sid, not servers - for trusted domains */ + NULL); /* char *other_sids */ } free_server_info(&server_info); diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 71b48210e4..0b4fa1cf2d 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -31,7 +31,6 @@ extern fstring global_myworkgroup; extern pstring global_myname; -extern DOM_SID global_sam_sid; extern DOM_SID global_sid_Builtin; extern rid_name domain_group_rids[]; @@ -684,7 +683,7 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM } SAFE_FREE(map); - } else if (sid_equal(sid, &global_sam_sid) && !lp_hide_local_users()) { + } else if (sid_equal(sid, get_global_sam_sid()) && !lp_hide_local_users()) { struct sys_grent *glist; struct sys_grent *grp; struct passwd *pw; @@ -1386,7 +1385,7 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK group_attrs[i] = SID_NAME_UNKNOWN; *group_names[i] = '\0'; - if (sid_equal(&pol_sid, &global_sam_sid)) { + if (sid_equal(&pol_sid, get_global_sam_sid())) { sid_copy(&sid, &pol_sid); sid_append_rid(&sid, q_u->rid[i]); @@ -1841,7 +1840,7 @@ NTSTATUS _samr_query_dom_info(pipes_struct *p, SAMR_Q_QUERY_DOMAIN_INFO *q_u, SA num_users=info->disp_info.num_user_account; free_samr_db(info); - r_u->status=load_group_domain_entries(info, &global_sam_sid); + r_u->status=load_group_domain_entries(info, get_global_sam_sid()); if (!NT_STATUS_IS_OK(r_u->status)) { DEBUG(5, ("_samr_query_dispinfo: load_group_domain_entries failed\n")); return r_u->status; @@ -2770,7 +2769,7 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_ if(!get_local_group_from_sid(als_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_ALIAS; } else { - if (sid_equal(&alias_sid, &global_sam_sid)) { + if (sid_equal(&alias_sid, get_global_sam_sid())) { DEBUG(10, ("lookup on Server SID\n")); if(!get_local_group_from_sid(als_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_ALIAS; @@ -2789,7 +2788,7 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_ struct passwd *pass; uint32 rid; - sid_copy(&temp_sid, &global_sam_sid); + sid_copy(&temp_sid, get_global_sam_sid()); pass = getpwuid_alloc(uid[i]); if (!pass) continue; @@ -2863,7 +2862,7 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ DEBUG(10, ("sid is %s\n", group_sid_str)); /* can we get a query for an SID outside our domain ? */ - if (!sid_equal(&group_sid, &global_sam_sid)) + if (!sid_equal(&group_sid, get_global_sam_sid())) return NT_STATUS_NO_SUCH_GROUP; sid_append_rid(&group_sid, group_rid); @@ -2946,7 +2945,7 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD sid_to_string(alias_sid_str, &alias_sid); DEBUG(10, ("sid is %s\n", alias_sid_str)); - if (sid_compare(&alias_sid, &global_sam_sid)>0) { + if (sid_compare(&alias_sid, get_global_sam_sid())>0) { DEBUG(10, ("adding member on Server SID\n")); if(!get_local_group_from_sid(alias_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_ALIAS; @@ -3095,7 +3094,7 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD sid_to_string(group_sid_str, &group_sid); DEBUG(10, ("sid is %s\n", group_sid_str)); - if (sid_compare(&group_sid, &global_sam_sid)<=0) + if (sid_compare(&group_sid, get_global_sam_sid())<=0) return NT_STATUS_NO_SUCH_GROUP; DEBUG(10, ("lookup on Domain SID\n")); @@ -3103,7 +3102,7 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD if(!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_GROUP; - sid_copy(&user_sid, &global_sam_sid); + sid_copy(&user_sid, get_global_sam_sid()); sid_append_rid(&user_sid, q_u->rid); ret = pdb_init_sam(&sam_user); @@ -3182,7 +3181,7 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE if(!sid_check_is_in_our_domain(&group_sid)) return NT_STATUS_NO_SUCH_GROUP; - sid_copy(&user_sid, &global_sam_sid); + sid_copy(&user_sid, get_global_sam_sid()); sid_append_rid(&user_sid, q_u->rid); if(!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) @@ -3315,7 +3314,7 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S DEBUG(10, ("sid is %s\n", group_sid_str)); /* we check if it's our SID before deleting */ - if (!sid_equal(&dom_sid, &global_sam_sid)) + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_NO_SUCH_GROUP; DEBUG(10, ("lookup on Domain SID\n")); @@ -3372,7 +3371,7 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S DEBUG(10, ("sid is %s\n", alias_sid_str)); /* we check if it's our SID before deleting */ - if (!sid_equal(&dom_sid, &global_sam_sid)) + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_NO_SUCH_ALIAS; DEBUG(10, ("lookup on Local SID\n")); @@ -3422,7 +3421,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid)) return NT_STATUS_INVALID_HANDLE; - if (!sid_equal(&dom_sid, &global_sam_sid)) + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; /* TODO: check if allowed to create group and add a become_root/unbecome_root pair.*/ @@ -3443,7 +3442,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S r_u->rid=pdb_gid_to_group_rid(grp->gr_gid); /* add the group to the mapping table */ - sid_copy(&info_sid, &global_sam_sid); + sid_copy(&info_sid, get_global_sam_sid()); sid_append_rid(&info_sid, r_u->rid); sid_to_string(sid_string, &info_sid); @@ -3480,7 +3479,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid)) return NT_STATUS_INVALID_HANDLE; - if (!sid_equal(&dom_sid, &global_sam_sid)) + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; /* TODO: check if allowed to create group and add a become_root/unbecome_root pair.*/ @@ -3500,7 +3499,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S r_u->rid=pdb_gid_to_group_rid(grp->gr_gid); - sid_copy(&info_sid, &global_sam_sid); + sid_copy(&info_sid, get_global_sam_sid()); sid_append_rid(&info_sid, r_u->rid); sid_to_string(sid_string, &info_sid); @@ -3686,10 +3685,10 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G return NT_STATUS_INVALID_HANDLE; /* this should not be hard-coded like this */ - if (!sid_equal(&sid, &global_sam_sid)) + if (!sid_equal(&sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; - sid_copy(&info_sid, &global_sam_sid); + sid_copy(&info_sid, get_global_sam_sid()); sid_append_rid(&info_sid, q_u->rid_group); sid_to_string(sid_string, &info_sid); @@ -3778,7 +3777,7 @@ NTSTATUS _samr_unknown_2e(pipes_struct *p, SAMR_Q_UNKNOWN_2E *q_u, SAMR_R_UNKNOW num_users=info->disp_info.num_user_account; free_samr_db(info); - r_u->status=load_group_domain_entries(info, &global_sam_sid); + r_u->status=load_group_domain_entries(info, get_global_sam_sid()); if (NT_STATUS_IS_ERR(r_u->status)) { DEBUG(5, ("_samr_query_dispinfo: load_group_domain_entries failed\n")); return r_u->status; -- cgit From ae6bdb2cd525faa5033931ec437e164d624849c4 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 9 Jun 2002 08:45:35 +0000 Subject: This (hopefully) fixes a bug reported by Kai Krueger involving the use of lp_winbind_gid() without checking if they have been set. Also revert the 'clashing user' check back to a Get_Pwnam() - I probably should never have changed it. Andrew Bartlett (This used to be commit 1d6ba405589cee4e1582bc91cf659b89564899d4) --- source3/rpc_server/srv_samr_nt.c | 20 ++++++-------------- source3/rpc_server/srv_util.c | 7 ++++--- 2 files changed, 10 insertions(+), 17 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 0b4fa1cf2d..daa39b215f 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -226,7 +226,9 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid) return NT_STATUS_OK; } - enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV); + if (!enum_group_mapping(SID_NAME_DOM_GRP, &map, (int *)&group_entries, ENUM_ONLY_MAPPED, MAPPING_WITHOUT_PRIV)) { + return NT_STATUS_NO_MEMORY; + } info->disp_info.num_group_account=group_entries; @@ -688,8 +690,7 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM struct sys_grent *grp; struct passwd *pw; gid_t winbind_gid_low, winbind_gid_high; - - lp_winbind_gid(&winbind_gid_low, &winbind_gid_high); + BOOL winbind_groups_exist = lp_winbind_gid(&winbind_gid_low, &winbind_gid_high); /* local aliases */ /* we return the UNIX groups here. This seems to be the right */ @@ -719,24 +720,15 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM continue; /* Don't return winbind groups as they are not local! */ - if ((grp->gr_gid >= winbind_gid_low)&&(grp->gr_gid <= winbind_gid_high)) { + if (winbind_groups_exist && (grp->gr_gid >= winbind_gid_low)&&(grp->gr_gid <= winbind_gid_high)) { DEBUG(10,("get_group_alias_entries: not returing %s, not local.\n", smap.nt_name )); continue; } /* Don't return user private groups... */ - - /* - * We used to do a Get_Pwnam() here, but this has been - * trimmed back to the common case for private groups - * to save lookups and to use the _alloc interface. - * - * This also matches the group mapping code - */ - if ((pw = getpwnam_alloc(smap.nt_name)) != 0) { + if ((pw = Get_Pwnam(smap.nt_name)) != 0) { DEBUG(10,("get_group_alias_entries: not returing %s, clashes with user.\n", smap.nt_name )); - passwd_free(&pw); continue; } diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index af653ba0e8..7500ec361f 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -93,6 +93,7 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui uint32 *rids=NULL, *new_rids=NULL; gid_t winbind_gid_low, winbind_gid_high; BOOL ret; + BOOL winbind_groups_exist; /* * this code is far from perfect. @@ -108,7 +109,7 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui *prids=NULL; *numgroups=0; - lp_winbind_gid(&winbind_gid_low, &winbind_gid_high); + winbind_groups_exist = lp_winbind_gid(&winbind_gid_low, &winbind_gid_high); DEBUG(10,("get_alias_user_groups: looking if SID %s is a member of groups in the SID domain %s\n", @@ -155,7 +156,7 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui } /* Don't return winbind groups as they are not local! */ - if ((grp->gr_gid >= winbind_gid_low) && (grp->gr_gid <= winbind_gid_high)) { + if (winbind_groups_exist && (grp->gr_gid >= winbind_gid_low) && (grp->gr_gid <= winbind_gid_high)) { DEBUG(10,("get_alias_user_groups: not returing %s, not local.\n", map.nt_name)); continue; } @@ -224,7 +225,7 @@ NTSTATUS get_alias_user_groups(TALLOC_CTX *ctx, DOM_SID *sid, int *numgroups, ui } /* Don't return winbind groups as they are not local! */ - if ((gid >= winbind_gid_low) && (gid <= winbind_gid_high)) { + if (winbind_groups_exist && (gid >= winbind_gid_low) && (gid <= winbind_gid_high)) { DEBUG(10,("get_alias_user_groups: not returing %s, not local.\n", map.nt_name )); goto done; } -- cgit From 366a649d043346a3302516465d41c5151d991b53 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 11 Jun 2002 03:22:32 +0000 Subject: merge from 2.2 (This used to be commit 30a0e72572b25ddd99438b92b8ddf7f06e9ad819) --- source3/rpc_server/srv_spoolss_nt.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 7b7c80f33a..76e7967e25 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -4823,6 +4823,7 @@ static BOOL add_printer_hook(NT_PRINTER_INFO_LEVEL *printer) get_called_name()); /* change \ to \\ for the shell */ all_string_sub(driverlocation,"\\","\\\\",sizeof(pstring)); + standard_sub_basic("", remote_machine); slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"%s\"", cmd, printer->info_2->printername, printer->info_2->sharename, -- cgit From bad738e6536e983064eee7647229354bc9028183 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 13 Jun 2002 14:06:08 +0000 Subject: Latest patch from metze to move most of samba across to using SIDs instead of RIDs. The new funciton sid_peek_check_rid() takes an 'expected domain sid' argument. The idea here is to prevent mistakes where the SID is implict, but isn't the same one that we have in the struct. Andrew Bartlett (This used to be commit 04f9a8ff4c7982f6597c0f6748f85d66d4784901) --- source3/rpc_server/srv_samr_nt.c | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index daa39b215f..a6f936feca 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2019,18 +2019,9 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ return NT_STATUS_ACCESS_DENIED; } - /* Get the domain SID stored in the domain policy */ - if(!get_lsa_policy_samr_sid(p, &dom_pol, &sid)) { - pdb_free_sam(&sam_pass); - return NT_STATUS_INVALID_HANDLE; - } - - /* append the user's RID to it */ - if(!sid_append_rid(&sid, pdb_get_user_rid(sam_pass) )) { - pdb_free_sam(&sam_pass); - return NT_STATUS_NO_SUCH_USER; - } - + /* Get the user's SID */ + sid_copy(&sid, (DOM_SID *) pdb_get_user_sid(sam_pass)); + /* associate the user's SID with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) { pdb_free_sam(&sam_pass); -- cgit From baef1358d2b5a98a592f0247911a31d79148dcba Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Fri, 14 Jun 2002 00:47:08 +0000 Subject: Add const, kill of useless casts and therefore eliminate warnings. Andrew Bartlett (This used to be commit 29490f214750acd44cee6c4ab1354722d82d853a) --- source3/rpc_server/srv_samr_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index a6f936feca..94be26b16c 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -2020,7 +2020,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ } /* Get the user's SID */ - sid_copy(&sid, (DOM_SID *) pdb_get_user_sid(sam_pass)); + sid_copy(&sid, pdb_get_user_sid(sam_pass)); /* associate the user's SID with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) { -- cgit From 843a467f21b48c5fc77c6c2d2db6553e5066a0c5 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 15 Jun 2002 11:40:25 +0000 Subject: Update the netlogon code to better cope with trusted domains, where things like the domain name and SID come from the remote domain, not the local one. These are filled out by the code from the previous commit (auth_util.c, the make_server_info_info3() fn) and read back here. Andrew Bartlett (This used to be commit 6872de2e5b27fd2de61ed14c85475a0eacd637ca) --- source3/rpc_server/srv_netlog_nt.c | 39 ++++++++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 10 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 9b917cdda5..49b9fcd0f2 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -655,14 +655,35 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * { DOM_GID *gids = NULL; + const DOM_SID *user_sid = NULL; + const DOM_SID *group_sid = NULL; + DOM_SID domain_sid; + uint32 user_rid, group_rid; + int num_gids = 0; pstring my_name; - pstring my_workgroup; - + fstring user_sid_string; + fstring group_sid_string; + + sampw = server_info->sam_account; + /* set up pointer indicating user/password failed to be found */ usr_info->ptr_user_info = 0; - - pstrcpy(my_workgroup, lp_workgroup()); + + user_sid = pdb_get_user_sid(sampw); + group_sid = pdb_get_group_sid(sampw); + + sid_copy(&domain_sid, user_sid); + sid_split_rid(&domain_sid, &user_rid); + + if (!sid_peek_check_rid(&domain_sid, group_sid, &group_rid)) { + DEBUG(1, ("_net_sam_logon: user %s\\%s has user sid %s\n but group sid %s.\nThe conflicting domain portions are not supported for NETLOGON calls\n", + pdb_get_domain(sampw), pdb_get_username(sampw), + sid_to_string(user_sid_string, user_sid), + sid_to_string(group_sid_string, group_sid))); + return NT_STATUS_UNSUCCESSFUL; + } + pstrcpy(my_name, global_myname); strupper(my_name); @@ -676,12 +697,10 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * gids = NULL; get_domain_user_groups(p->mem_ctx, &num_gids, &gids, server_info->sam_account); - - sampw = server_info->sam_account; init_net_user_info3(p->mem_ctx, usr_info, - pdb_get_user_rid(sampw), - pdb_get_group_rid(sampw), + user_rid, + group_rid, pdb_get_username(sampw), pdb_get_fullname(sampw), @@ -703,8 +722,8 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON * 0x20 , /* uint32 user_flgs (?) */ NULL, /* uchar sess_key[16] */ my_name , /* char *logon_srv */ - my_workgroup, /* char *logon_dom */ - get_global_sam_sid(), /* DOM_SID *dom_sid */ + pdb_get_domain(sampw), + &domain_sid, /* DOM_SID *dom_sid */ /* Should be users domain sid, not servers - for trusted domains */ NULL); /* char *other_sids */ -- cgit From ac08646c374cd70e47301bce3e031b35cb220347 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 15 Jun 2002 12:38:13 +0000 Subject: Rework much of the service.c code: The aim of this execise is to give the 'security>=user' code a straight paper path. Security=share will sill call authorise_login(), but otherwise we avoid that mess. This allow *much* more accurate error code reporting, beocuse we don't start pretending that we can use the (nonexistant) password etc. Also in this patch is code to create the 'homes' share at session setup time (as we have done in the past - been broken recently) and to record this on the user's vuser struct for later reference. The changes here should also allow for much better use of %H (some more changes to come here). The service.c changes move a lot of code around, but are not as drastric as they look... (Also included is a fix to srv_srvsvc_nt.c where 'total_entries' not '*total_entries' was compared). This code is needs testing, but passes my basic tests. I expect we have lost some functionality, but the stuff I had expected to loose was already broken before I started. In particular, we don't 'fall back' to guest if the user cannot access a share (for security=user). If you want this kind of stuff then you really want security=share anyway. Andrew Bartlett (This used to be commit 4c0cbcaed95231f8cf11edb43f6adbec9a0d0b5c) --- source3/rpc_server/srv_srvsvc_nt.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index f99827ea19..f5b9959b2c 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -308,7 +308,7 @@ void map_generic_share_sd_bits(SEC_DESC *psd) Can this user access with share with the required permissions ? ********************************************************************/ -BOOL share_access_check(connection_struct *conn, int snum, uint16 vuid, uint32 desired_access) +BOOL share_access_check(connection_struct *conn, int snum, user_struct *vuser, uint32 desired_access) { uint32 granted; NTSTATUS status; @@ -316,7 +316,6 @@ BOOL share_access_check(connection_struct *conn, int snum, uint16 vuid, uint32 d SEC_DESC *psd = NULL; size_t sd_size; NT_USER_TOKEN *token = NULL; - user_struct *vuser = get_valid_user_struct(vuid); BOOL ret = True; mem_ctx = talloc_init(); @@ -969,7 +968,7 @@ static WERROR init_srv_file_info_ctr(pipes_struct *p, SRV_FILE_INFO_CTR *ctr, switch (switch_value) { case 3: { int i; - if (total_entries > 0) { + if (*total_entries > 0) { ctr->ptr_entries = 1; ctr->file.info3 = talloc(ctx, ctr->num_entries * sizeof(SRV_FILE_INFO_3)); -- cgit From a60e37096d6576dcf749237df99e7c2c96359834 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Tue, 18 Jun 2002 09:20:13 +0000 Subject: more debug classess activated (This used to be commit 897e64d2e0c1d04ab93441ccaffe369bf43be46e) --- source3/rpc_server/srv_dfs.c | 3 +++ source3/rpc_server/srv_dfs_nt.c | 3 +++ source3/rpc_server/srv_lsa.c | 3 +++ source3/rpc_server/srv_lsa_hnd.c | 3 +++ source3/rpc_server/srv_lsa_nt.c | 3 +++ source3/rpc_server/srv_netlog.c | 3 +++ source3/rpc_server/srv_netlog_nt.c | 3 +++ source3/rpc_server/srv_pipe.c | 3 +++ source3/rpc_server/srv_pipe_hnd.c | 3 +++ source3/rpc_server/srv_reg.c | 3 +++ source3/rpc_server/srv_reg_nt.c | 3 +++ source3/rpc_server/srv_samr.c | 3 +++ source3/rpc_server/srv_samr_nt.c | 3 +++ source3/rpc_server/srv_spoolss.c | 3 +++ source3/rpc_server/srv_spoolss_nt.c | 3 +++ source3/rpc_server/srv_srvsvc.c | 3 +++ source3/rpc_server/srv_srvsvc_nt.c | 3 +++ source3/rpc_server/srv_util.c | 3 +++ source3/rpc_server/srv_wkssvc.c | 3 +++ source3/rpc_server/srv_wkssvc_nt.c | 3 +++ 20 files changed, 60 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_dfs.c b/source3/rpc_server/srv_dfs.c index 4351fd088e..5edc1222a8 100644 --- a/source3/rpc_server/srv_dfs.c +++ b/source3/rpc_server/srv_dfs.c @@ -28,6 +28,9 @@ #define MAX_MSDFS_JUNCTIONS 256 +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern pstring global_myname; /********************************************************************** diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c index 5732af7e9a..65e387176d 100644 --- a/source3/rpc_server/srv_dfs_nt.c +++ b/source3/rpc_server/srv_dfs_nt.c @@ -26,6 +26,9 @@ #include "includes.h" #include "nterr.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern pstring global_myname; #define MAX_MSDFS_JUNCTIONS 256 diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c index 3914556e88..e5a4d3b46d 100644 --- a/source3/rpc_server/srv_lsa.c +++ b/source3/rpc_server/srv_lsa.c @@ -25,6 +25,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /*************************************************************************** api_lsa_open_policy2 ***************************************************************************/ diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c index 5af1e8c265..2d04d72323 100644 --- a/source3/rpc_server/srv_lsa_hnd.c +++ b/source3/rpc_server/srv_lsa_hnd.c @@ -22,6 +22,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /* This is the max handles across all instances of a pipe name. */ #ifndef MAX_OPEN_POLS #define MAX_OPEN_POLS 1024 diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index c74f25f77a..f2f91d2d9a 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -26,6 +26,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern fstring global_myworkgroup; extern pstring global_myname; extern PRIVS privs[]; diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c index dfd270ff7d..f96a0e2f2d 100644 --- a/source3/rpc_server/srv_netlog.c +++ b/source3/rpc_server/srv_netlog.c @@ -25,6 +25,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /************************************************************************* api_net_req_chal: *************************************************************************/ diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c index 49b9fcd0f2..4ab9c470d0 100644 --- a/source3/rpc_server/srv_netlog_nt.c +++ b/source3/rpc_server/srv_netlog_nt.c @@ -26,6 +26,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern pstring global_myname; /************************************************************************* diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 70574b4cdd..157d756607 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -39,6 +39,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + static void NTLMSSPcalc_p( pipes_struct *p, unsigned char *data, int len) { unsigned char *hash = p->ntlmssp_hash; diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index a4a9e85ae4..c55e05fe8d 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -22,6 +22,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + #define PIPE "\\PIPE\\" #define PIPELEN strlen(PIPE) diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c index 569f3fb8b1..e024ba74e7 100644 --- a/source3/rpc_server/srv_reg.c +++ b/source3/rpc_server/srv_reg.c @@ -26,6 +26,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /******************************************************************* api_reg_close ********************************************************************/ diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index adedd4a8fa..03aae14b53 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -26,6 +26,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + struct reg_info { /* for use by \PIPE\winreg */ fstring name; /* name of registry key */ diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index c555305bce..1c4fab5312 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -32,6 +32,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /******************************************************************* api_samr_close_hnd ********************************************************************/ diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 94be26b16c..94d8e99576 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -29,6 +29,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern fstring global_myworkgroup; extern pstring global_myname; extern DOM_SID global_sid_Builtin; diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c index c7dc5d27ff..fa013fe897 100755 --- a/source3/rpc_server/srv_spoolss.c +++ b/source3/rpc_server/srv_spoolss.c @@ -23,6 +23,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /******************************************************************** * api_spoolss_open_printer_ex (rarely seen - older call) ********************************************************************/ diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 76e7967e25..fc63275869 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -28,6 +28,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + #ifndef MAX_OPEN_PRINTER_EXS #define MAX_OPEN_PRINTER_EXS 50 #endif diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c index b09df1e204..96e6172366 100644 --- a/source3/rpc_server/srv_srvsvc.c +++ b/source3/rpc_server/srv_srvsvc.c @@ -25,6 +25,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /******************************************************************* api_srv_net_srv_get_info ********************************************************************/ diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index f5b9959b2c..d99b45f3e6 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -23,6 +23,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern pstring global_myname; /******************************************************************* diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 7500ec361f..f896d1d9d8 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -38,6 +38,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /* * A list of the rids of well known BUILTIN and Domain users * and groups. diff --git a/source3/rpc_server/srv_wkssvc.c b/source3/rpc_server/srv_wkssvc.c index 8eb5b3002e..0138848440 100644 --- a/source3/rpc_server/srv_wkssvc.c +++ b/source3/rpc_server/srv_wkssvc.c @@ -24,6 +24,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + /******************************************************************* api_wks_query_info ********************************************************************/ diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index 637c95af69..7687e7b00a 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -25,6 +25,9 @@ #include "includes.h" +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + extern pstring global_myname; /******************************************************************* -- cgit From 900fb62238be30cdc87bfd2bede6fdff611ebae5 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 24 Jun 2002 19:51:23 +0000 Subject: printing merge from SAMBA_2_2. Ther server code looks to be in sync now. Mostly formatting and s/free/SAFE_FREE/g changes with the two exceptions being * John driver init changes * Tim's printer enumeration bug fix (This used to be commit f7536762863811f96364e8acd3716bdb7d665bbf) --- source3/rpc_server/srv_spoolss_nt.c | 137 +++++++++++++++++++++++++----------- 1 file changed, 95 insertions(+), 42 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index fc63275869..56806823d1 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -809,8 +809,10 @@ void do_drv_upgrade_printer(int msg_type, pid_t src, void *buf, size_t len) /* Iterate the printer list */ - for (snum=0; snuminfo_2 && !strcmp(drivername, printer->info_2->drivername)) { + if (printer && printer->info_2 && !strcmp(drivername, printer->info_2->drivername)) + { DEBUG(6,("Updating printer [%s]\n", printer->info_2->printername)); + /* all we care about currently is the change_id */ + result = mod_a_printer(*printer, 2); if (!W_ERROR_IS_OK(result)) { DEBUG(3,("do_drv_upgrade_printer: mod_a_printer() failed with status [%s]\n", dos_errstr(result))); } } + free_a_printer(&printer, 2); } } @@ -1000,16 +1006,6 @@ Can't find printer handle we created for printer %s\n", name )); } /* - if (printer_default->datatype_ptr != NULL) - { - unistr2_to_ascii(datatype, printer_default->datatype, sizeof(datatype)-1); - set_printer_hnd_datatype(handle, datatype); - } - else - set_printer_hnd_datatype(handle, ""); -*/ - - /* First case: the user is opening the print server: Disallow MS AddPrinterWizard if parameter disables it. A Win2k @@ -3492,10 +3488,26 @@ static WERROR enum_all_printers_info_1_remote(fstring name, NEW_BUFFER *buffer, enum_all_printers_info_1_network. *********************************************************************/ -static WERROR enum_all_printers_info_1_network(NEW_BUFFER *buffer, uint32 offered, uint32 *needed, uint32 *returned) +static WERROR enum_all_printers_info_1_network(fstring name, NEW_BUFFER *buffer, uint32 offered, uint32 *needed, uint32 *returned) { + char *s = name; + DEBUG(4,("enum_all_printers_info_1_network\n")); + /* If we respond to a enum_printers level 1 on our name with flags + set to PRINTER_ENUM_REMOTE with a list of printers then these + printers incorrectly appear in the APW browse list. + Specifically the printers for the server appear at the workgroup + level where all the other servers in the domain are + listed. Windows responds to this call with a + WERR_CAN_NOT_COMPLETE so we should do the same. */ + + if (name[0] == '\\' && name[1] == '\\') + s = name + 2; + + if (is_myname_or_ipaddr(s)) + return WERR_CAN_NOT_COMPLETE; + return enum_all_printers_info_1(PRINTER_ENUM_UNKNOWN_8, buffer, offered, needed, returned); } @@ -3582,7 +3594,7 @@ static WERROR enumprinters_level1( uint32 flags, fstring name, return enum_all_printers_info_1_remote(name, buffer, offered, needed, returned); if (flags & PRINTER_ENUM_NETWORK) - return enum_all_printers_info_1_network(buffer, offered, needed, returned); + return enum_all_printers_info_1_network(name, buffer, offered, needed, returned); return WERR_OK; /* NT4sp5 does that */ } @@ -5247,7 +5259,10 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, * bound to the printer, simulating what happens in the Windows arch. */ if (!strequal(printer->info_2->drivername, old_printer->info_2->drivername)){ - set_driver_init(printer, 2); + if (!set_driver_init(printer, 2)) { + DEBUG(5,("update_printer: Error restoring driver initialization data for driver [%s]!\n", + printer->info_2->drivername)); + } msg.flags |= PRINTER_MESSAGE_DRIVER; } } @@ -6603,16 +6618,70 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, driver_name)); } - /* if driver is not 9x, delete existing driver init data */ + /* + * Based on the version (e.g. driver destination dir: 0=9x,2=Nt/2k,3=2k/Xp), + * decide if the driver init data should be deleted. The rules are: + * 1) never delete init data if it is a 9x driver, they don't use it anyway + * 2) delete init data only if there is no 2k/Xp driver + * 3) always delete init data + * The generalized rule is always use init data from the highest order driver. + * It is necessary to follow the driver install by an initialization step to + * finish off this process. + */ + if (level == 3) + version = driver.info_3->cversion; + else if (level == 6) + version = driver.info_6->version; + else + version = -1; + switch (version) { + /* + * 9x printer driver - never delete init data + */ + case 0: + DEBUG(10,("_spoolss_addprinterdriver: init data not deleted for 9x driver [%s]\n", + driver_name)); + break; + + /* + * Nt or 2k (compatiblity mode) printer driver - only delete init data if + * there is no 2k/Xp driver init data for this driver name. + */ + case 2: + { + NT_PRINTER_DRIVER_INFO_LEVEL driver1; - if ((level == 3 && driver.info_3->cversion != 0) || - (level == 6 && driver.info_6->version != 0)) { + if (!W_ERROR_IS_OK(get_a_printer_driver(&driver1, 3, driver_name, "Windows NT x86", 3))) { + /* + * No 2k/Xp driver found, delete init data (if any) for the new Nt driver. + */ if (!del_driver_init(driver_name)) - DEBUG(3,("_spoolss_addprinterdriver: del_driver_init(%s) failed!\n", driver_name)); + DEBUG(6,("_spoolss_addprinterdriver: del_driver_init(%s) Nt failed!\n", driver_name)); } else { - DEBUG(10,("_spoolss_addprinterdriver: init data not deleted for 9x driver [%s]\n", driver_name)); + /* + * a 2k/Xp driver was found, don't delete init data because Nt driver will use it. + */ + free_a_printer_driver(driver1,3); + DEBUG(10,("_spoolss_addprinterdriver: init data not deleted for Nt driver [%s]\n", + driver_name)); + } + } + break; + + /* + * 2k or Xp printer driver - always delete init data + */ + case 3: + if (!del_driver_init(driver_name)) + DEBUG(6,("_spoolss_addprinterdriver: del_driver_init(%s) 2k/Xp failed!\n", driver_name)); + break; + + default: + DEBUG(0,("_spoolss_addprinterdriver: invalid level=%d\n", level)); + break; } + done: free_a_printer_driver(driver, level); return err; @@ -6756,23 +6825,6 @@ WERROR _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S if ( (in_value_len==0) && (in_data_len==0) ) { DEBUGADD(6,("Activating NT mega-hack to find sizes\n")); -#if 0 - /* - * NT can ask for a specific parameter size - we need to return NO_MORE_ITEMS - * if this parameter size doesn't exist. - * Ok - my opinion here is that the client is not asking for the greatest - * possible size of all the parameters, but is asking specifically for the size needed - * for this specific parameter. In that case we can remove the loop below and - * simplify this lookup code considerably. JF - comments welcome. JRA. - */ - - if (!get_specific_param_by_index(*printer, 2, idx, value, &data, &type, &data_len)) { - SAFE_FREE(data); - free_a_printer(&printer, 2); - return WERR_NO_MORE_ITEMS; - } -#endif - SAFE_FREE(data); param_index=0; @@ -7925,7 +7977,7 @@ static WERROR getprintprocessordirectory_level_1(UNISTR2 *name, unistr2_to_ascii(long_archi, environment, sizeof(long_archi)-1); - if (get_short_archi(short_archi, long_archi)==FALSE) + if (get_short_archi(short_archi, long_archi)==False) return WERR_INVALID_ENVIRONMENT; if((info=(PRINTPROCESSOR_DIRECTORY_1 *)malloc(sizeof(PRINTPROCESSOR_DIRECTORY_1))) == NULL) @@ -7958,6 +8010,7 @@ WERROR _spoolss_getprintprocessordirectory(pipes_struct *p, SPOOL_Q_GETPRINTPROC NEW_BUFFER *buffer = NULL; uint32 offered = q_u->offered; uint32 *needed = &r_u->needed; + WERROR result; /* that's an [in out] buffer */ spoolss_move_buffer(q_u->buffer, &r_u->buffer); @@ -7969,11 +8022,11 @@ WERROR _spoolss_getprintprocessordirectory(pipes_struct *p, SPOOL_Q_GETPRINTPROC switch(level) { case 1: - return getprintprocessordirectory_level_1 + result = getprintprocessordirectory_level_1 (&q_u->name, &q_u->environment, buffer, offered, needed); default: - return WERR_UNKNOWN_LEVEL; + result = WERR_UNKNOWN_LEVEL; } - return WERR_ACCESS_DENIED; + return result; } -- cgit From 2e148c865acb5515340f4f1156fd49bea356e597 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 24 Jun 2002 20:09:34 +0000 Subject: compile fix (This used to be commit b07d6d4cebecd77314b123d83c7c2265eb62e1c1) --- source3/rpc_server/srv_spoolss_nt.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 56806823d1..af8f1c48a6 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -6564,6 +6564,7 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, NT_PRINTER_DRIVER_INFO_LEVEL driver; struct current_user user; fstring driver_name; + uint32 version; ZERO_STRUCT(driver); -- cgit From 8e387b8178416552e9b7e504c7eb8e1b16b5edcb Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 25 Jun 2002 11:21:41 +0000 Subject: I'm going to try and check this against Win2k shortly, but I'm certain that 'NT_STATUS_OK' is not the right answer here. Try NO_MORE_ENTRIES for now. Andrew Bartlett (This used to be commit c98b9a965905f1876b4884f932ff2e0237d85b03) --- source3/rpc_server/srv_samr_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 94d8e99576..9e826436f6 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -986,7 +986,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ if (enum_context > num_account) { DEBUG(5, ("samr_reply_query_dispinfo: enumeration handle over total entries\n")); - return NT_STATUS_OK; + return NT_STATUS_NO_MORE_ENTRIES; } /* verify we won't overflow */ -- cgit From 452eb38df0553886313c9b19a945385d853e19ab Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 28 Jun 2002 00:17:15 +0000 Subject: Proper merge of all the working printing stuff from APPLIANCE_HEAD. Now let's keep this in sync ! Jeremy. (This used to be commit 3603cd4947df2c10df604447dc542932cb9e5d5a) --- source3/rpc_server/srv_spoolss_nt.c | 884 ++++++++++++++++++++++-------------- 1 file changed, 540 insertions(+), 344 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index af8f1c48a6..0b172aa0e5 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -30,6 +30,7 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV +/* #define EMULATE_WIN2K_HACK 1 */ #ifndef MAX_OPEN_PRINTER_EXS #define MAX_OPEN_PRINTER_EXS 50 @@ -80,6 +81,7 @@ typedef struct _Printer{ SPOOL_NOTIFY_OPTION *option; POLICY_HND client_hnd; uint32 client_connected; + uint32 change; } notify; struct { fstring machine; @@ -190,10 +192,10 @@ static void srv_spoolss_replycloseprinter(POLICY_HND *handle) /* if it's the last connection, deconnect the IPC$ share */ if (smb_connections==1) { - if(!spoolss_disconnect_from_client(&cli)) - return; - - message_deregister(MSG_PRINTER_NOTIFY); + cli_nt_session_close(&cli); + cli_ulogoff(&cli); + cli_shutdown(&cli); + message_deregister(MSG_PRINTER_NOTIFY2); } smb_connections--; @@ -438,7 +440,7 @@ static BOOL set_printer_hnd_name(Printer_entry *Printer, char *handlename) * anymore, so I've simplified this loop greatly. Here * we are just verifying that the printer name is a valid * printer service defined in smb.conf - * --jerry [Fri Feb 15 11:17:46 CST 2002] + * --jerry [Fri Feb 15 11:17:46 CST 2002] */ for (snum=0; snumnotify.option == NULL) - return False; - return True; } -/*************************************************************************** - Simple check to see if the client motify handle is set to watch for events - represented by 'flags' - - FIXME!!!! only a stub right now --jerry - **************************************************************************/ - -static BOOL is_client_monitoring_event(Printer_entry *p, uint32 flags) +static BOOL is_monitoring_event(Printer_entry *p, uint16 notify_type, + uint16 notify_field) { + SPOOL_NOTIFY_OPTION *option = p->notify.option; + uint32 i, j; + + if (p->notify.flags) + return is_monitoring_event_flags( + p->notify.flags, notify_type, notify_field); - return True; -} + for (i = 0; i < option->count; i++) { + + /* Check match for notify_type */ + + if (option->ctr.type[i].type != notify_type) + continue; -/*************************************************************************** - Server wrapper for cli_spoolss_routerreplyprinter() since the client - function can only send a single change notification at a time. - - FIXME!!! only handles one change currently (PRINTER_CHANGE_SET_PRINTER_DRIVER) - --jerry - **************************************************************************/ - -static WERROR srv_spoolss_routerreplyprinter (struct cli_state *reply_cli, TALLOC_CTX *mem_ctx, - POLICY_HND *pol, PRINTER_MESSAGE_INFO *info, - NT_PRINTER_INFO_LEVEL *printer) -{ - WERROR result; - uint32 condition = 0x0; + /* Check match for field */ + + for (j = 0; j < option->ctr.type[i].count; j++) { + if (option->ctr.type[i].fields[j] == notify_field) { + return True; + } + } + } - if (info->flags & PRINTER_MESSAGE_DRIVER) - condition = PRINTER_CHANGE_SET_PRINTER_DRIVER; + DEBUG(10, ("%s is not monitoring 0x%02x/0x%02x\n", + (p->printer_type == PRINTER_HANDLE_IS_PRINTER) ? + p->dev.handlename : p->dev.printerservername, + notify_type, notify_field)); - result = cli_spoolss_routerreplyprinter(reply_cli, mem_ctx, pol, condition, - printer->info_2->changeid); + return False; +} - return result; +/* Convert a notification message to a SPOOL_NOTIFY_INFO_DATA struct */ + +static void notify_one_value(struct spoolss_notify_msg *msg, + SPOOL_NOTIFY_INFO_DATA *data, + TALLOC_CTX *mem_ctx) +{ + data->notify_data.value[0] = msg->notify.value[0]; + data->notify_data.value[1] = 0; } -/*********************************************************************** - Wrapper around the decision of which RPC use to in the change - notification - **********************************************************************/ - -static WERROR srv_spoolss_send_event_to_client(Printer_entry* Printer, - struct cli_state *send_cli, PRINTER_MESSAGE_INFO *msg, - NT_PRINTER_INFO_LEVEL *info) +static void notify_string(struct spoolss_notify_msg *msg, + SPOOL_NOTIFY_INFO_DATA *data, + TALLOC_CTX *mem_ctx) { - WERROR result; + UNISTR2 unistr; - if (valid_notify_options(Printer)) { - /* This is a single call that can send information about multiple changes */ - if (Printer->printer_type == PRINTER_HANDLE_IS_PRINTSERVER) - msg->flags |= PRINTER_MESSAGE_ATTRIBUTES; + /* The length of the message includes the trailing \0 */ - result = cli_spoolss_reply_rrpcn(send_cli, send_cli->mem_ctx, &Printer->notify.client_hnd, - msg, info); - } - else { - /* This requires that the server send an individual event notification for each change */ - result = srv_spoolss_routerreplyprinter(send_cli, send_cli->mem_ctx, &Printer->notify.client_hnd, - msg, info); + init_unistr2(&unistr, msg->notify.data, msg->len); + + data->notify_data.data.length = msg->len * 2; + data->notify_data.data.string = (uint16 *)talloc(mem_ctx, msg->len * 2); + + if (!data->notify_data.data.string) { + data->notify_data.data.length = 0; + return; } - return result; + memcpy(data->notify_data.data.string, unistr.buffer, msg->len * 2); +} + +static void notify_system_time(struct spoolss_notify_msg *msg, + SPOOL_NOTIFY_INFO_DATA *data, + TALLOC_CTX *mem_ctx) +{ + SYSTEMTIME systime; + prs_struct ps; + + if (msg->len != sizeof(time_t)) { + DEBUG(5, ("notify_system_time: received wrong sized message (%d)\n", + msg->len)); + return; + } + + if (!prs_init(&ps, MAX_PDU_FRAG_LEN, mem_ctx, MARSHALL)) { + DEBUG(5, ("notify_system_time: prs_init() failed\n")); + return; + } + + if (!make_systemtime(&systime, localtime((time_t *)msg->notify.data))) { + DEBUG(5, ("notify_system_time: unable to make systemtime\n")); + return; + } + + if (!spoolss_io_system_time("", &ps, 0, &systime)) + return; + + data->notify_data.data.length = prs_offset(&ps); + data->notify_data.data.string = + talloc(mem_ctx, prs_offset(&ps)); + + memcpy(data->notify_data.data.string, prs_data_p(&ps), prs_offset(&ps)); + + prs_mem_free(&ps); } +struct notify2_message_table { + char *name; + void (*fn)(struct spoolss_notify_msg *msg, + SPOOL_NOTIFY_INFO_DATA *data, TALLOC_CTX *mem_ctx); +}; + +static struct notify2_message_table printer_notify_table[] = { + /* 0x00 */ { "PRINTER_NOTIFY_SERVER_NAME", NULL }, + /* 0x01 */ { "PRINTER_NOTIFY_PRINTER_NAME", NULL }, + /* 0x02 */ { "PRINTER_NOTIFY_SHARE_NAME", NULL }, + /* 0x03 */ { "PRINTER_NOTIFY_PORT_NAME", NULL }, + /* 0x04 */ { "PRINTER_NOTIFY_DRIVER_NAME", NULL }, + /* 0x05 */ { "PRINTER_NOTIFY_COMMENT", NULL }, + /* 0x06 */ { "PRINTER_NOTIFY_LOCATION", NULL }, + /* 0x07 */ { "PRINTER_NOTIFY_DEVMODE", NULL }, + /* 0x08 */ { "PRINTER_NOTIFY_SEPFILE", NULL }, + /* 0x09 */ { "PRINTER_NOTIFY_PRINT_PROCESSOR", NULL }, + /* 0x0a */ { "PRINTER_NOTIFY_PARAMETERS", NULL }, + /* 0x0b */ { "PRINTER_NOTIFY_DATATYPE", NULL }, + /* 0x0c */ { "PRINTER_NOTIFY_SECURITY_DESCRIPTOR", NULL }, + /* 0x0d */ { "PRINTER_NOTIFY_ATTRIBUTES", NULL }, + /* 0x0e */ { "PRINTER_NOTIFY_PRIORITY", NULL }, + /* 0x0f */ { "PRINTER_NOTIFY_DEFAULT_PRIORITY", NULL }, + /* 0x10 */ { "PRINTER_NOTIFY_START_TIME", NULL }, + /* 0x11 */ { "PRINTER_NOTIFY_UNTIL_TIME", NULL }, + /* 0x12 */ { "PRINTER_NOTIFY_STATUS", notify_one_value }, +}; + +static struct notify2_message_table job_notify_table[] = { + /* 0x00 */ { "JOB_NOTIFY_PRINTER_NAME", NULL }, + /* 0x01 */ { "JOB_NOTIFY_MACHINE_NAME", NULL }, + /* 0x02 */ { "JOB_NOTIFY_PORT_NAME", NULL }, + /* 0x03 */ { "JOB_NOTIFY_USER_NAME", notify_string }, + /* 0x04 */ { "JOB_NOTIFY_NOTIFY_NAME", NULL }, + /* 0x05 */ { "JOB_NOTIFY_DATATYPE", NULL }, + /* 0x06 */ { "JOB_NOTIFY_PRINT_PROCESSOR", NULL }, + /* 0x07 */ { "JOB_NOTIFY_PARAMETERS", NULL }, + /* 0x08 */ { "JOB_NOTIFY_DRIVER_NAME", NULL }, + /* 0x09 */ { "JOB_NOTIFY_DEVMODE", NULL }, + /* 0x0a */ { "JOB_NOTIFY_STATUS", notify_one_value }, + /* 0x0b */ { "JOB_NOTIFY_STATUS_STRING", NULL }, + /* 0x0c */ { "JOB_NOTIFY_SECURITY_DESCRIPTOR", NULL }, + /* 0x0d */ { "JOB_NOTIFY_DOCUMENT", notify_string }, + /* 0x0e */ { "JOB_NOTIFY_PRIORITY", NULL }, + /* 0x0f */ { "JOB_NOTIFY_POSITION", NULL }, + /* 0x10 */ { "JOB_NOTIFY_SUBMITTED", notify_system_time }, + /* 0x11 */ { "JOB_NOTIFY_START_TIME", NULL }, + /* 0x12 */ { "JOB_NOTIFY_UNTIL_TIME", NULL }, + /* 0x13 */ { "JOB_NOTIFY_TIME", NULL }, + /* 0x14 */ { "JOB_NOTIFY_TOTAL_PAGES", notify_one_value }, + /* 0x15 */ { "JOB_NOTIFY_PAGES_PRINTED", NULL }, + /* 0x16 */ { "JOB_NOTIFY_TOTAL_BYTES", notify_one_value }, + /* 0x17 */ { "JOB_NOTIFY_BYTES_PRINTED", NULL }, +}; /*********************************************************************** Send a change notication message on all handles which have a call back registered **********************************************************************/ -static void send_spoolss_event_notification(PRINTER_MESSAGE_INFO *msg) +static void process_notify2_message(struct spoolss_notify_msg *msg, + TALLOC_CTX *mem_ctx) { - Printer_entry *find_printer; - WERROR result; - NT_PRINTER_INFO_LEVEL *printer = NULL; + Printer_entry *p; - if (!msg) { - DEBUG(0,("send_spoolss_event_notification: NULL msg pointer!\n")); - return; - } + for (p = printers_list; p; p = p->next) { + SPOOL_NOTIFY_INFO_DATA *data; + uint32 data_len = 1; + uint32 id; - for(find_printer = printers_list; find_printer; find_printer = find_printer->next) { + /* Is there notification on this handle? */ - /* - * If the entry has a connected client we send the message. There should - * only be one of these normally when dealing with the NT/2k spooler. - * However, iterate over all to make sure we deal with user applications - * in addition to spooler service. - * - * While we are only maintaining a single connection to the client, - * the FindFirstPrinterChangeNotification() call is made on a printer - * handle, so "client_connected" represents the whether or not the - * client asked for change notication on this handle. - * - * --jerry - */ + if (!p->notify.client_connected) + continue; - if (find_printer->notify.client_connected==True) { - - /* does the client care about what changed? */ + /* For this printer? Print servers always receive + notifications. */ - if (msg->flags && !is_client_monitoring_event(find_printer, msg->flags)) { - DEBUG(10,("send_spoolss_event_notification: Client [%s] not monitoring these events\n", - find_printer->client.machine)); - continue; - } + if (p->printer_type == PRINTER_HANDLE_IS_PRINTER && + !strequal(msg->printer, p->dev.handlename)) + continue; - if (find_printer->printer_type == PRINTER_HANDLE_IS_PRINTSERVER) - DEBUG(10,("send_spoolss_event_notification: printserver [%s]\n", find_printer->dev.printerservername )); - else - DEBUG(10,("send_spoolss_event_notification: printer [%s]\n", find_printer->dev.handlename)); + /* Are we monitoring this event? */ - /* - * if handle is a printer, only send if the printer_name matches. - * ...else if handle is a printerserver, send to all - */ + if (!is_monitoring_event(p, msg->type, msg->field)) + continue; - if (*msg->printer_name && (find_printer->printer_type==PRINTER_HANDLE_IS_PRINTER) - && !strequal(msg->printer_name, find_printer->dev.handlename)) - { - DEBUG(10,("send_spoolss_event_notification: ignoring message sent to %s [%s]\n", - msg->printer_name, find_printer->dev.handlename )); - continue; + /* OK - send the event to the client */ + + data = talloc(mem_ctx, sizeof(SPOOL_NOTIFY_INFO_DATA)); + + ZERO_STRUCTP(data); + + /* Convert unix jobid to smb jobid */ + + id = msg->id; + + if (msg->flags & SPOOLSS_NOTIFY_MSG_UNIX_JOBID) { + + id = sysjob_to_jobid(msg->id); + + if (id == -1) { + DEBUG(3, ("no such unix jobid %d\n", msg->id)); + goto done; } + } + construct_info_data(data, msg->type, msg->field, id); - /* lookup the printer if we have a name if we don't already have a - valid NT_PRINTER_INFO_LEVEL structure. And yes I'm assuming we - will always have a non-empty msg.printer_name */ - - if (!printer || !printer->info_2 || strcmp(msg->printer_name, printer->info_2->printername)) - { - - if (printer) { - free_a_printer(&printer, 2); - printer = NULL; - } - - result = get_a_printer(&printer, 2, msg->printer_name); - if (!W_ERROR_IS_OK(result)) - continue; + switch(msg->type) { + case PRINTER_NOTIFY_TYPE: + if (printer_notify_table[msg->field].fn) + printer_notify_table[msg->field].fn( + msg, data, mem_ctx); + else + goto done; + break; + case JOB_NOTIFY_TYPE: + if (job_notify_table[msg->field].fn) + job_notify_table[msg->field].fn( + msg, data, mem_ctx); + else + goto done; + break; + default: + DEBUG(5, ("Unknown notification type %d\n", + msg->type)); + goto done; + } + + if (!p->notify.flags) + cli_spoolss_rrpcn( + &cli, mem_ctx, &p->notify.client_hnd, + data_len, data, p->notify.change, 0); + else { + NT_PRINTER_INFO_LEVEL *printer = NULL; + + get_a_printer(&printer, 2, msg->printer); + + if (!printer) { + DEBUG(5, ("unable to load info2 for %s\n", + msg->printer)); + goto done; } - /* issue the client call */ + /* XXX: This needs to be updated for + PRINTER_CHANGE_SET_PRINTER_DRIVER. */ - result = srv_spoolss_send_event_to_client(find_printer, &cli, msg, printer); - - if (!W_ERROR_IS_OK(result)) { - DEBUG(5,("send_spoolss_event_notification: Event notification failed [%s]\n", - dos_errstr(result))); + cli_spoolss_routerreplyprinter( + &cli, mem_ctx, &p->notify.client_hnd, + 0, printer->info_2->changeid); + + free_a_printer(&printer, 2); } } -} - +done: return; } -/*************************************************************************** - Receive the notify message and decode the message. Do not send - notification if we sent this originally as that would result in - duplicates. -****************************************************************************/ -static void srv_spoolss_receive_message(int msg_type, pid_t src, void *buf, size_t len) +/* Receive a notify2 message */ + +static void receive_notify2_message(int msg_type, pid_t src, void *buf, + size_t len) { - PRINTER_MESSAGE_INFO msg; - - if (len < sizeof(msg)) { - DEBUG(2,("srv_spoolss_receive_message: got incorrect message size (%u)!\n", (unsigned int)len)); - return; - } + struct spoolss_notify_msg msg; + int offset = 0; + TALLOC_CTX *mem_ctx = talloc_init(); - memcpy(&msg, buf, sizeof(PRINTER_MESSAGE_INFO)); - - DEBUG(10,("srv_spoolss_receive_message: Got message printer change [queue = %s] low=0x%x high=0x%x flags=0x%x\n", - msg.printer_name, (unsigned int)msg.low, (unsigned int)msg.high, msg.flags )); + /* Unpack message */ - /* Iterate the printer list */ - - send_spoolss_event_notification(&msg); + ZERO_STRUCT(msg); + + offset += tdb_unpack((char *)buf + offset, len - offset, "f", + msg.printer); + offset += tdb_unpack((char *)buf + offset, len - offset, "ddddd", + &msg.type, &msg.field, &msg.id, &msg.len, &msg.flags); + + if (msg.len == 0) + tdb_unpack((char *)buf + offset, len - offset, "dd", + &msg.notify.value[0], &msg.notify.value[1]); + else + tdb_unpack((char *)buf + offset, len - offset, "B", + &msg.len, &msg.notify.data); + + DEBUG(3, ("got NOTIFY2 message, type %d, field 0x%02x, flags 0x%04x\n", + msg.type, msg.field, msg.flags)); + + if (msg.len == 0) + DEBUG(3, ("value1 = %d, value2 = %d\n", msg.notify.value[0], + msg.notify.value[1])); + else + dump_data(3, msg.notify.data, msg.len); + + /* Process message */ + + process_notify2_message(&msg, mem_ctx); + + /* Free message */ + + if (msg.len > 0) + free(msg.notify.data); + + talloc_destroy(mem_ctx); } /*************************************************************************** - Send a notify event. -****************************************************************************/ - -static BOOL srv_spoolss_sendnotify(char* printer_name, uint32 high, uint32 low, uint32 flags) + Server wrapper for cli_spoolss_routerreplyprinter() since the client + function can only send a single change notification at a time. + + FIXME!!! only handles one change currently (PRINTER_CHANGE_SET_PRINTER_DRIVER) + --jerry + **************************************************************************/ + +static WERROR srv_spoolss_routerreplyprinter (struct cli_state *reply_cli, TALLOC_CTX *mem_ctx, + POLICY_HND *pol, PRINTER_MESSAGE_INFO *info, + NT_PRINTER_INFO_LEVEL *printer) { - char msg[sizeof(PRINTER_MESSAGE_INFO)]; - PRINTER_MESSAGE_INFO info; + WERROR result; + uint32 condition = 0x0; - ZERO_STRUCT(info); - - info.low = low; - info.high = high; - info.flags = flags; - fstrcpy(info.printer_name, printer_name); + if (info->flags & PRINTER_MESSAGE_DRIVER) + condition = PRINTER_CHANGE_SET_PRINTER_DRIVER; - memcpy(msg, &info, sizeof(PRINTER_MESSAGE_INFO)); - - DEBUG(10,("srv_spoolss_sendnotify: printer change low=0x%x high=0x%x [%s], flags=0x%x\n", - low, high, printer_name, flags)); - - message_send_all(conn_tdb_ctx(), MSG_PRINTER_NOTIFY, msg, sizeof(PRINTER_MESSAGE_INFO), - False, NULL); + result = cli_spoolss_routerreplyprinter(reply_cli, mem_ctx, pol, condition, + printer->info_2->changeid); - return True; -} + return result; +} /******************************************************************** Send a message to ourself about new driver being installed so we can upgrade the information for each printer bound to this driver -********************************************************************/ - + ********************************************************************/ + static BOOL srv_spoolss_drv_upgrade_printer(char* drivername) { int len = strlen(drivername); - + if (!len) return False; DEBUG(10,("srv_spoolss_drv_upgrade_printer: Sending message about driver upgrade [%s]\n", drivername)); - + message_send_pid(sys_getpid(), MSG_PRINTER_DRVUPGRADE, drivername, len+1, False); + return True; } /********************************************************************** callback to receive a MSG_PRINTER_DRVUPGRADE message and interate - over all printers, upgrading ones as neessary -**********************************************************************/ - + over all printers, upgrading ones as neessary + **********************************************************************/ + void do_drv_upgrade_printer(int msg_type, pid_t src, void *buf, size_t len) { fstring drivername; int snum; int n_services = lp_numservices(); - + len = MIN(len,sizeof(drivername)-1); strncpy(drivername, buf, len); - + DEBUG(10,("do_drv_upgrade_printer: Got message for new driver [%s]\n", drivername )); /* Iterate the printer list */ - + for (snum=0; snuminfo_2 && !strcmp(drivername, printer->info_2->drivername)) { DEBUG(6,("Updating printer [%s]\n", printer->info_2->printername)); @@ -828,16 +949,16 @@ void do_drv_upgrade_printer(int msg_type, pid_t src, void *buf, size_t len) result = mod_a_printer(*printer, 2); if (!W_ERROR_IS_OK(result)) { - DEBUG(3,("do_drv_upgrade_printer: mod_a_printer() failed with status [%s]\n", - dos_errstr(result))); + DEBUG(3,("do_drv_upgrade_printer: mod_a_printer() failed with status [%s]\n", + dos_errstr(result))); } } - free_a_printer(&printer, 2); + free_a_printer(&printer, 2); } } - - /* all done */ + + /* all done */ } /******************************************************************** @@ -1005,7 +1126,7 @@ Can't find printer handle we created for printer %s\n", name )); return WERR_INVALID_PRINTER_NAME; } -/* + /* First case: the user is opening the print server: Disallow MS AddPrinterWizard if parameter disables it. A Win2k @@ -1381,10 +1502,6 @@ WERROR _spoolss_deleteprinter(pipes_struct *p, SPOOL_Q_DELETEPRINTER *q_u, SPOOL update_c_setprinter(False); - if (W_ERROR_IS_OK(result)) { - srv_spoolss_sendnotify(Printer->dev.handlename, 0, PRINTER_CHANGE_DELETE_PRINTER, 0x0); - } - return result; } @@ -1683,6 +1800,96 @@ WERROR _spoolss_getprinterdata(pipes_struct *p, SPOOL_Q_GETPRINTERDATA *q_u, SPO return WERR_OK; } +/********************************************************* + Connect to the client machine. +**********************************************************/ + +static BOOL spoolss_connect_to_client(struct cli_state *the_cli, char *remote_machine) +{ + extern pstring global_myname; + + ZERO_STRUCTP(the_cli); + if(cli_initialise(the_cli) == NULL) { + DEBUG(0,("connect_to_client: unable to initialize client connection.\n")); + return False; + } + + if(!resolve_name( remote_machine, &the_cli->dest_ip, 0x20)) { + DEBUG(0,("connect_to_client: Can't resolve address for %s\n", remote_machine)); + cli_shutdown(the_cli); + return False; + } + + if (ismyip(the_cli->dest_ip)) { + DEBUG(0,("connect_to_client: Machine %s is one of our addresses. Cannot add to ourselves.\n", remote_machine)); + cli_shutdown(the_cli); + return False; + } + + if (!cli_connect(the_cli, remote_machine, &the_cli->dest_ip)) { + DEBUG(0,("connect_to_client: unable to connect to SMB server on machine %s. Error was : %s.\n", remote_machine, cli_errstr(the_cli) )); + cli_shutdown(the_cli); + return False; + } + + if (!attempt_netbios_session_request(the_cli, global_myname, remote_machine, &the_cli->dest_ip)) { + DEBUG(0,("connect_to_client: machine %s rejected the NetBIOS session request.\n", + remote_machine)); + return False; + } + + the_cli->protocol = PROTOCOL_NT1; + + if (!cli_negprot(the_cli)) { + DEBUG(0,("connect_to_client: machine %s rejected the negotiate protocol. Error was : %s.\n", remote_machine, cli_errstr(the_cli) )); + cli_shutdown(the_cli); + return False; + } + + if (the_cli->protocol != PROTOCOL_NT1) { + DEBUG(0,("connect_to_client: machine %s didn't negotiate NT protocol.\n", remote_machine)); + cli_shutdown(the_cli); + return False; + } + + /* + * Do an anonymous session setup. + */ + + if (!cli_session_setup(the_cli, "", "", 0, "", 0, "")) { + DEBUG(0,("connect_to_client: machine %s rejected the session setup. Error was : %s.\n", remote_machine, cli_errstr(the_cli) )); + cli_shutdown(the_cli); + return False; + } + + if (!(the_cli->sec_mode & 1)) { + DEBUG(0,("connect_to_client: machine %s isn't in user level security mode\n", remote_machine)); + cli_shutdown(the_cli); + return False; + } + + if (!cli_send_tconX(the_cli, "IPC$", "IPC", "", 1)) { + DEBUG(0,("connect_to_client: machine %s rejected the tconX on the IPC$ share. Error was : %s.\n", remote_machine, cli_errstr(the_cli) )); + cli_shutdown(the_cli); + return False; + } + + /* + * Ok - we have an anonymous connection to the IPC$ share. + * Now start the NT Domain stuff :-). + */ + + if(cli_nt_session_open(the_cli, PIPE_SPOOLSS) == False) { + DEBUG(0,("connect_to_client: unable to open the domain client session to machine %s. Error was : %s.\n", remote_machine, cli_errstr(the_cli))); + cli_nt_session_close(the_cli); + cli_ulogoff(the_cli); + cli_shutdown(the_cli); + return False; + } + + return True; +} + /*************************************************************************** Connect to the client. ****************************************************************************/ @@ -1703,15 +1910,14 @@ static BOOL srv_spoolss_replyopenprinter(char *printer, uint32 localprinter, uin if(!spoolss_connect_to_client(&cli, unix_printer)) return False; - message_register(MSG_PRINTER_NOTIFY, srv_spoolss_receive_message); - + message_register(MSG_PRINTER_NOTIFY2, receive_notify2_message); } smb_connections++; result = cli_spoolss_reply_open_printer(&cli, cli.mem_ctx, printer, localprinter, type, handle); - + if (!W_ERROR_IS_OK(result)) DEBUG(5,("srv_spoolss_reply_open_printer: Client RPC returned [%s]\n", dos_errstr(result))); @@ -1757,15 +1963,17 @@ WERROR _spoolss_rffpcnex(pipes_struct *p, SPOOL_Q_RFFPCNEX *q_u, SPOOL_R_RFFPCNE Printer->notify.option=dup_spool_notify_option(option); - unistr2_to_ascii(Printer->notify.localmachine, localmachine, sizeof(Printer->notify.localmachine)-1); + unistr2_to_ascii(Printer->notify.localmachine, localmachine, + sizeof(Printer->notify.localmachine)-1); + + /* Connect to the client machine and send a ReplyOpenPrinter */ - /* connect to the client machine and send a ReplyOpenPrinter */ - if(srv_spoolss_replyopenprinter(Printer->notify.localmachine, + if(!srv_spoolss_replyopenprinter(Printer->notify.localmachine, Printer->notify.printerlocal, 1, &Printer->notify.client_hnd)) - { - Printer->notify.client_connected=True; - } + return WERR_SERVER_UNAVAILABLE; + + Printer->notify.client_connected=True; return WERR_OK; } @@ -1787,7 +1995,7 @@ void spoolss_notify_server_name(int snum, len = rpcstr_push(temp, temp_name, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1822,7 +2030,7 @@ void spoolss_notify_printer_name(int snum, len = rpcstr_push(temp, p, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1848,7 +2056,7 @@ void spoolss_notify_share_name(int snum, len = rpcstr_push(temp, lp_servicename(snum), sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1876,7 +2084,7 @@ void spoolss_notify_port_name(int snum, len = rpcstr_push(temp, printer->info_2->portname, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1902,7 +2110,8 @@ void spoolss_notify_driver_name(int snum, uint32 len; len = rpcstr_push(temp, printer->info_2->drivername, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1931,7 +2140,7 @@ void spoolss_notify_comment(int snum, else len = rpcstr_push(temp, printer->info_2->comment, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1958,7 +2167,7 @@ void spoolss_notify_location(int snum, len = rpcstr_push(temp, printer->info_2->location,sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -1997,7 +2206,7 @@ void spoolss_notify_sepfile(int snum, len = rpcstr_push(temp, printer->info_2->sepfile, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2024,7 +2233,7 @@ void spoolss_notify_print_processor(int snum, len = rpcstr_push(temp, printer->info_2->printprocessor, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2051,7 +2260,7 @@ void spoolss_notify_parameters(int snum, len = rpcstr_push(temp, printer->info_2->parameters, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2078,7 +2287,7 @@ void spoolss_notify_datatype(int snum, len = rpcstr_push(temp, printer->info_2->datatype, sizeof(pstring)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2238,7 +2447,7 @@ static void spoolss_notify_username(int snum, len = rpcstr_push(temp, queue->fs_user, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2278,7 +2487,7 @@ static void spoolss_notify_job_name(int snum, len = rpcstr_push(temp, queue->fs_file, sizeof(temp)-2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2328,7 +2537,7 @@ static void spoolss_notify_job_status_string(int snum, len = rpcstr_push(temp, p, sizeof(temp) - 2, STR_TERMINATE); - data->notify_data.data.length = len / 2 - 1; + data->notify_data.data.length = len; data->notify_data.data.string = (uint16 *)talloc(mem_ctx, len); if (!data->notify_data.data.string) { @@ -2452,8 +2661,6 @@ static void spoolss_notify_submitted_time(int snum, SSVAL(p, 14, st.milliseconds); } -#define END 65535 - struct s_notify_info_data_table { uint16 type; @@ -2471,18 +2678,18 @@ struct s_notify_info_data_table struct s_notify_info_data_table notify_info_data_table[] = { -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SERVER_NAME, "PRINTER_NOTIFY_SERVER_NAME", POINTER, spoolss_notify_server_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINTER_NAME, "PRINTER_NOTIFY_PRINTER_NAME", POINTER, spoolss_notify_printer_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SHARE_NAME, "PRINTER_NOTIFY_SHARE_NAME", POINTER, spoolss_notify_share_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PORT_NAME, "PRINTER_NOTIFY_PORT_NAME", POINTER, spoolss_notify_port_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DRIVER_NAME, "PRINTER_NOTIFY_DRIVER_NAME", POINTER, spoolss_notify_driver_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_COMMENT, "PRINTER_NOTIFY_COMMENT", POINTER, spoolss_notify_comment }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_LOCATION, "PRINTER_NOTIFY_LOCATION", POINTER, spoolss_notify_location }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SERVER_NAME, "PRINTER_NOTIFY_SERVER_NAME", STRING, spoolss_notify_server_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINTER_NAME, "PRINTER_NOTIFY_PRINTER_NAME", STRING, spoolss_notify_printer_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SHARE_NAME, "PRINTER_NOTIFY_SHARE_NAME", STRING, spoolss_notify_share_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PORT_NAME, "PRINTER_NOTIFY_PORT_NAME", STRING, spoolss_notify_port_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DRIVER_NAME, "PRINTER_NOTIFY_DRIVER_NAME", STRING, spoolss_notify_driver_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_COMMENT, "PRINTER_NOTIFY_COMMENT", STRING, spoolss_notify_comment }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_LOCATION, "PRINTER_NOTIFY_LOCATION", STRING, spoolss_notify_location }, { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DEVMODE, "PRINTER_NOTIFY_DEVMODE", POINTER, spoolss_notify_devmode }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SEPFILE, "PRINTER_NOTIFY_SEPFILE", POINTER, spoolss_notify_sepfile }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINT_PROCESSOR, "PRINTER_NOTIFY_PRINT_PROCESSOR", POINTER, spoolss_notify_print_processor }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PARAMETERS, "PRINTER_NOTIFY_PARAMETERS", POINTER, spoolss_notify_parameters }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DATATYPE, "PRINTER_NOTIFY_DATATYPE", POINTER, spoolss_notify_datatype }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SEPFILE, "PRINTER_NOTIFY_SEPFILE", STRING, spoolss_notify_sepfile }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINT_PROCESSOR, "PRINTER_NOTIFY_PRINT_PROCESSOR", STRING, spoolss_notify_print_processor }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PARAMETERS, "PRINTER_NOTIFY_PARAMETERS", STRING, spoolss_notify_parameters }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DATATYPE, "PRINTER_NOTIFY_DATATYPE", STRING, spoolss_notify_datatype }, { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SECURITY_DESCRIPTOR, "PRINTER_NOTIFY_SECURITY_DESCRIPTOR", POINTER, spoolss_notify_security_desc }, { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_ATTRIBUTES, "PRINTER_NOTIFY_ATTRIBUTES", ONE_VALUE, spoolss_notify_attributes }, { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRIORITY, "PRINTER_NOTIFY_PRIORITY", ONE_VALUE, spoolss_notify_priority }, @@ -2497,20 +2704,20 @@ struct s_notify_info_data_table notify_info_data_table[] = { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PAGES_PRINTED, "PRINTER_NOTIFY_PAGES_PRINTED", POINTER, NULL }, { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_TOTAL_BYTES, "PRINTER_NOTIFY_TOTAL_BYTES", POINTER, NULL }, { PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_BYTES_PRINTED, "PRINTER_NOTIFY_BYTES_PRINTED", POINTER, NULL }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINTER_NAME, "JOB_NOTIFY_PRINTER_NAME", POINTER, spoolss_notify_printer_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_MACHINE_NAME, "JOB_NOTIFY_MACHINE_NAME", POINTER, spoolss_notify_server_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PORT_NAME, "JOB_NOTIFY_PORT_NAME", POINTER, spoolss_notify_port_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_USER_NAME, "JOB_NOTIFY_USER_NAME", POINTER, spoolss_notify_username }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_NOTIFY_NAME, "JOB_NOTIFY_NOTIFY_NAME", POINTER, spoolss_notify_username }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DATATYPE, "JOB_NOTIFY_DATATYPE", POINTER, spoolss_notify_datatype }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINT_PROCESSOR, "JOB_NOTIFY_PRINT_PROCESSOR", POINTER, spoolss_notify_print_processor }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PARAMETERS, "JOB_NOTIFY_PARAMETERS", POINTER, spoolss_notify_parameters }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DRIVER_NAME, "JOB_NOTIFY_DRIVER_NAME", POINTER, spoolss_notify_driver_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINTER_NAME, "JOB_NOTIFY_PRINTER_NAME", STRING, spoolss_notify_printer_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_MACHINE_NAME, "JOB_NOTIFY_MACHINE_NAME", STRING, spoolss_notify_server_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PORT_NAME, "JOB_NOTIFY_PORT_NAME", STRING, spoolss_notify_port_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_USER_NAME, "JOB_NOTIFY_USER_NAME", STRING, spoolss_notify_username }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_NOTIFY_NAME, "JOB_NOTIFY_NOTIFY_NAME", STRING, spoolss_notify_username }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DATATYPE, "JOB_NOTIFY_DATATYPE", STRING, spoolss_notify_datatype }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINT_PROCESSOR, "JOB_NOTIFY_PRINT_PROCESSOR", STRING, spoolss_notify_print_processor }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PARAMETERS, "JOB_NOTIFY_PARAMETERS", STRING, spoolss_notify_parameters }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DRIVER_NAME, "JOB_NOTIFY_DRIVER_NAME", STRING, spoolss_notify_driver_name }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_DEVMODE, "JOB_NOTIFY_DEVMODE", POINTER, spoolss_notify_devmode }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS, "JOB_NOTIFY_STATUS", ONE_VALUE, spoolss_notify_job_status }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS_STRING, "JOB_NOTIFY_STATUS_STRING", POINTER, spoolss_notify_job_status_string }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS_STRING, "JOB_NOTIFY_STATUS_STRING", STRING, spoolss_notify_job_status_string }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_SECURITY_DESCRIPTOR, "JOB_NOTIFY_SECURITY_DESCRIPTOR", POINTER, NULL }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DOCUMENT, "JOB_NOTIFY_DOCUMENT", POINTER, spoolss_notify_job_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DOCUMENT, "JOB_NOTIFY_DOCUMENT", STRING, spoolss_notify_job_name }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_PRIORITY, "JOB_NOTIFY_PRIORITY", ONE_VALUE, spoolss_notify_priority }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_POSITION, "JOB_NOTIFY_POSITION", ONE_VALUE, spoolss_notify_job_position }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_SUBMITTED, "JOB_NOTIFY_SUBMITTED", POINTER, spoolss_notify_submitted_time }, @@ -2520,8 +2727,6 @@ struct s_notify_info_data_table notify_info_data_table[] = { JOB_NOTIFY_TYPE, JOB_NOTIFY_TOTAL_PAGES, "JOB_NOTIFY_TOTAL_PAGES", ONE_VALUE, spoolss_notify_total_pages }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_PAGES_PRINTED, "JOB_NOTIFY_PAGES_PRINTED", ONE_VALUE, spoolss_notify_pages_printed }, { JOB_NOTIFY_TYPE, JOB_NOTIFY_TOTAL_BYTES, "JOB_NOTIFY_TOTAL_BYTES", ONE_VALUE, spoolss_notify_job_size }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_BYTES_PRINTED, "JOB_NOTIFY_BYTES_PRINTED", ONE_VALUE, NULL }, -{ END, END, "", END, NULL } }; /******************************************************************* @@ -2532,43 +2737,46 @@ static uint32 size_of_notify_info_data(uint16 type, uint16 field) { int i=0; - while (notify_info_data_table[i].type != END) - { - if ( (notify_info_data_table[i].type == type ) && - (notify_info_data_table[i].field == field ) ) - { - return (notify_info_data_table[i].size); + for (i = 0; i < sizeof(notify_info_data_table); i++) { + if (notify_info_data_table[i].type == type && + notify_info_data_table[i].field == field) { + switch(notify_info_data_table[i].size) { + case ONE_VALUE: + case TWO_VALUE: + return 1; + case STRING: + return 2; + + /* The only pointer notify data I have seen on + the wire is the submitted time and this has + the notify size set to 4. -tpot */ + + case POINTER: + return 4; + } } - i++; } - return (65535); + + DEBUG(5, ("invalid notify data type %d/%d\n", type, field)); + + return 0; } /******************************************************************* Return the type of notify_info_data. ********************************************************************/ -static BOOL type_of_notify_info_data(uint16 type, uint16 field) +static int type_of_notify_info_data(uint16 type, uint16 field) { int i=0; - while (notify_info_data_table[i].type != END) - { - if ( (notify_info_data_table[i].type == type ) && - (notify_info_data_table[i].field == field ) ) - { - if (notify_info_data_table[i].size == POINTER) - { - return (False); - } - else - { - return (True); - } - } - i++; + for (i = 0; i < sizeof(notify_info_data_table); i++) { + if (notify_info_data_table[i].type == type && + notify_info_data_table[i].field == field) + return notify_info_data_table[i].size; } - return (False); + + return False; } /**************************************************************************** @@ -2576,21 +2784,18 @@ static BOOL type_of_notify_info_data(uint16 type, uint16 field) static int search_notify(uint16 type, uint16 field, int *value) { - int j; - BOOL found; + int i; - for (j=0, found=False; found==False && notify_info_data_table[j].type != END ; j++) - { - if ( (notify_info_data_table[j].type == type ) && - (notify_info_data_table[j].field == field ) ) - found=True; + for (i = 0; i < sizeof(notify_info_data_table); i++) { + if (notify_info_data_table[i].type == type && + notify_info_data_table[i].field == field && + notify_info_data_table[i].fn != NULL) { + *value = i; + return True; + } } - *value=--j; - - if ( found && (notify_info_data_table[j].fn != NULL) ) - return True; - else - return False; + + return False; } /**************************************************************************** @@ -2601,7 +2806,12 @@ void construct_info_data(SPOOL_NOTIFY_INFO_DATA *info_data, uint16 type, uint16 info_data->type = type; info_data->field = field; info_data->reserved = 0; - info_data->id = id; + + if (type == JOB_NOTIFY_TYPE) + info_data->id = id; + else + info_data->id = 0; + info_data->size = size_of_notify_info_data(type, field); info_data->enc_type = type_of_notify_info_data(type, field); } @@ -2650,7 +2860,7 @@ static BOOL construct_notify_printer_info(SPOOL_NOTIFY_INFO *info, int current_data=&info->data[info->count]; - construct_info_data(current_data, type, field, id); + construct_info_data(current_data, type, field, id); DEBUG(10,("construct_notify_printer_info: calling [%s] snum=%d printername=[%s])\n", notify_info_data_table[j].name, snum, printer->info_2->printername )); @@ -2892,7 +3102,6 @@ static WERROR printer_notify_info(pipes_struct *p, POLICY_HND *hnd, SPOOL_NOTIFY WERROR _spoolss_rfnpcnex( pipes_struct *p, SPOOL_Q_RFNPCNEX *q_u, SPOOL_R_RFNPCNEX *r_u) { POLICY_HND *handle = &q_u->handle; -/* uint32 change = q_u->change; - notused. */ /* SPOOL_NOTIFY_OPTION *option = q_u->option; - notused. */ SPOOL_NOTIFY_INFO *info = &r_u->info; @@ -2910,17 +3119,19 @@ WERROR _spoolss_rfnpcnex( pipes_struct *p, SPOOL_Q_RFNPCNEX *q_u, SPOOL_R_RFNPCN DEBUG(4,("Printer type %x\n",Printer->printer_type)); - /* jfm: the change value isn't used right now. - * we will honour it when - * a) we'll be able to send notification to the client - * b) we'll have a way to communicate between the spoolss process. - * - * same thing for option->flags + /* + * We are now using the change value, and * I should check for PRINTER_NOTIFY_OPTIONS_REFRESH but as * I don't have a global notification system, I'm sending back all the * informations even when _NOTHING_ has changed. */ + /* We need to keep track of the change value to send back in + RRPCN replies otherwise our updates are ignored. */ + + if (Printer->notify.client_connected) + Printer->notify.change = q_u->change; + /* just ignore the SPOOL_NOTIFY_OPTION */ switch (Printer->printer_type) { @@ -3051,7 +3262,6 @@ static BOOL construct_printer_info_0(PRINTER_INFO_0 *printer, int snum) * construct_printer_info_1 * fill a printer_info_1 struct ********************************************************************/ - static BOOL construct_printer_info_1(uint32 flags, PRINTER_INFO_1 *printer, int snum) { pstring chaine; @@ -3126,8 +3336,10 @@ static DEVICEMODE *construct_dev_mode(int snum) if (printer->info_2->devmode) ntdevmode = dup_nt_devicemode(printer->info_2->devmode); - if (ntdevmode == NULL) + if (ntdevmode == NULL) { + DEBUG(5, ("BONG! There was no device mode!\n")); goto fail; + } DEBUGADD(8,("loading DEVICEMODE\n")); @@ -3545,9 +3757,9 @@ static WERROR enum_all_printers_info_2(NEW_BUFFER *buffer, uint32 offered, uint3 } /* check the required size. */ - for (i=0; i<*returned; i++) + for (i=0; i<*returned; i++) (*needed) += spoolss_size_printer_info_2(&printers[i]); - + if (!alloc_buffer_size(buffer, *needed)) { for (i=0; i<*returned; i++) { free_devmode(printers[i].devmode); @@ -3777,7 +3989,7 @@ static WERROR getprinter_level_2(int snum, NEW_BUFFER *buffer, uint32 offered, u /* check the required size. */ *needed += spoolss_size_printer_info_2(printer); - + if (!alloc_buffer_size(buffer, *needed)) { free_printer_info_2(printer); return WERR_INSUFFICIENT_BUFFER; @@ -4824,6 +5036,7 @@ static BOOL check_printer_ok(NT_PRINTER_INFO_LEVEL_2 *info, int snum) static BOOL add_printer_hook(NT_PRINTER_INFO_LEVEL *printer) { + extern userdom_struct current_user_info; char *cmd = lp_addprinter_cmd(); char **qlines; pstring command; @@ -4838,14 +5051,13 @@ static BOOL add_printer_hook(NT_PRINTER_INFO_LEVEL *printer) get_called_name()); /* change \ to \\ for the shell */ all_string_sub(driverlocation,"\\","\\\\",sizeof(pstring)); - standard_sub_basic("", remote_machine); - + standard_sub_basic(current_user_info.smb_name, remote_machine); + slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"%s\"", cmd, printer->info_2->printername, printer->info_2->sharename, printer->info_2->portname, printer->info_2->drivername, printer->info_2->location, driverlocation, remote_machine); - /* Convert script args to unix-codepage */ DEBUG(10,("Running [%s]\n", command)); ret = smbrun(command, &fd); DEBUGADD(10,("returned [%d]\n", ret)); @@ -4873,9 +5085,6 @@ static BOOL add_printer_hook(NT_PRINTER_INFO_LEVEL *printer) } file_lines_free(qlines); - - update_server_announce_as_printserver(); - return True; } @@ -5139,13 +5348,10 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, int snum; NT_PRINTER_INFO_LEVEL *printer = NULL, *old_printer = NULL; Printer_entry *Printer = find_printer_index_by_hnd(p, handle); - PRINTER_MESSAGE_INFO msg; WERROR result; DEBUG(8,("update_printer\n")); - - ZERO_STRUCT(msg); - + result = WERR_OK; if (level!=2) { @@ -5263,7 +5469,7 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, DEBUG(5,("update_printer: Error restoring driver initialization data for driver [%s]!\n", printer->info_2->drivername)); } - msg.flags |= PRINTER_MESSAGE_DRIVER; + notify_printer_driver(snum, printer->info_2->drivername); } } @@ -5274,26 +5480,18 @@ static WERROR update_printer(pipes_struct *p, POLICY_HND *handle, uint32 level, all the possible changes */ if (!strequal(printer->info_2->comment, old_printer->info_2->comment)) - msg.flags |= PRINTER_MESSAGE_COMMENT; + notify_printer_comment(snum, printer->info_2->comment); if (!strequal(printer->info_2->sharename, old_printer->info_2->sharename)) - msg.flags |= PRINTER_MESSAGE_SHARENAME; + notify_printer_sharename(snum, printer->info_2->sharename); if (!strequal(printer->info_2->portname, old_printer->info_2->portname)) - msg.flags |= PRINTER_MESSAGE_PORT; + notify_printer_port(snum, printer->info_2->portname); if (!strequal(printer->info_2->location, old_printer->info_2->location)) - msg.flags |= PRINTER_MESSAGE_LOCATION; - - msg.low = PRINTER_CHANGE_ADD_PRINTER; - fstrcpy(msg.printer_name, printer->info_2->printername); + notify_printer_location(snum, printer->info_2->location); - /* only send a notify if something changed */ - if (msg.flags) { - srv_spoolss_sendnotify(msg.printer_name, 0, PRINTER_CHANGE_ADD_PRINTER, msg.flags); - } - - done: +done: free_a_printer(&printer, 2); free_a_printer(&old_printer, 2); @@ -5411,7 +5609,7 @@ static void fill_job_info_1(JOB_INFO_1 *job_info, print_queue_struct *queue, static BOOL fill_job_info_2(JOB_INFO_2 *job_info, print_queue_struct *queue, int position, int snum, - NT_PRINTER_INFO_LEVEL *ntprinter, + NT_PRINTER_INFO_LEVEL *ntprinter, DEVICEMODE *devmode) { pstring temp_name; @@ -5528,7 +5726,7 @@ static WERROR enumjobs_level2(print_queue_struct *queue, int snum, *returned = 0; goto done; } - + if (!(devmode = construct_dev_mode(snum))) { *returned = 0; result = WERR_NOMEM; @@ -5571,6 +5769,7 @@ static WERROR enumjobs_level2(print_queue_struct *queue, int snum, SAFE_FREE(info); return result; + } /**************************************************************************** @@ -6516,9 +6715,6 @@ static WERROR spoolss_addprinterex_level_2( pipes_struct *p, const UNISTR2 *uni_ } update_c_setprinter(False); - - srv_spoolss_sendnotify(printer->info_2->printername, 0, PRINTER_CHANGE_ADD_PRINTER, 0x0); - free_a_printer(&printer,2); return WERR_OK; @@ -6593,27 +6789,27 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, } /* BEGIN_ADMIN_LOG */ - switch(level) { - case 3: - sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.", - driver.info_3->name,drv_ver_to_os[driver.info_3->cversion],uidtoname(user.uid)); - fstrcpy(driver_name, driver.info_3->name); - break; - case 6: - sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.", - driver.info_6->name,drv_ver_to_os[driver.info_6->version],uidtoname(user.uid)); - fstrcpy(driver_name, driver.info_6->name); - break; - } + switch(level) { + case 3: + sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.", + driver.info_3->name,drv_ver_to_os[driver.info_3->cversion],uidtoname(user.uid)); + fstrcpy(driver_name, driver.info_3->name); + break; + case 6: + sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.", + driver.info_6->name,drv_ver_to_os[driver.info_6->version],uidtoname(user.uid)); + fstrcpy(driver_name, driver.info_6->name); + break; + } /* END_ADMIN_LOG */ - /* + /* * I think this is where he DrvUpgradePrinter() hook would be * be called in a driver's interface DLL on a Windows NT 4.0/2k * server. Right now, we just need to send ourselves a message - * to update each printer bound to this driver. --jerry + * to update each printer bound to this driver. --jerry */ - + if (!srv_spoolss_drv_upgrade_printer(driver_name)) { DEBUG(0,("_spoolss_addprinterdriver: Failed to send message about upgrading driver [%s]!\n", driver_name)); @@ -6656,9 +6852,9 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, /* * No 2k/Xp driver found, delete init data (if any) for the new Nt driver. */ - if (!del_driver_init(driver_name)) + if (!del_driver_init(driver_name)) DEBUG(6,("_spoolss_addprinterdriver: del_driver_init(%s) Nt failed!\n", driver_name)); - } else { + } else { /* * a 2k/Xp driver was found, don't delete init data because Nt driver will use it. */ @@ -6680,10 +6876,10 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, default: DEBUG(0,("_spoolss_addprinterdriver: invalid level=%d\n", level)); break; - } + } - done: +done: free_a_printer_driver(driver, level); return err; } @@ -6869,7 +7065,7 @@ WERROR _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S if((*out_value=(uint16 *)talloc_zero(p->mem_ctx, in_value_len*sizeof(uint8))) == NULL) return WERR_NOMEM; - *out_value_len = rpcstr_push((char *)*out_value, "", in_value_len, 0); + *out_value_len = (uint32)rpcstr_push((char *)*out_value, "", in_value_len, 0); /* the data is counted in bytes */ *out_max_data_len = in_data_len; @@ -6897,7 +7093,7 @@ WERROR _spoolss_enumprinterdata(pipes_struct *p, SPOOL_Q_ENUMPRINTERDATA *q_u, S return WERR_NOMEM; } - *out_value_len = rpcstr_push((char *)*out_value,value, in_value_len, 0); + *out_value_len = (uint32)rpcstr_push((char *)*out_value,value, in_value_len, 0); *out_type=type; @@ -7604,7 +7800,7 @@ static WERROR getjob_level_2(print_queue_struct *queue, int count, int snum, uin free_job_info_2(info_2); /* Also frees devmode */ SAFE_FREE(info_2); free_a_printer(&ntprinter, 2); - + return ret; } -- cgit From f201450f39c8a44c0da04a9289b245d5de5290c8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 28 Jun 2002 19:41:17 +0000 Subject: Added limit on SPOOLSS pipes from 2.2.x Jeremy. (This used to be commit b35fc30c37fa894acea3fcb7b48ee9841d1bd5e8) --- source3/rpc_server/srv_pipe_hnd.c | 39 +++++++++++++++++++++++++++++++-------- 1 file changed, 31 insertions(+), 8 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index c55e05fe8d..d4d45c230c 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -35,6 +35,23 @@ static int pipes_open; #define MAX_OPEN_PIPES 2048 #endif +/* + * Sometimes I can't decide if I hate Windows printer driver + * writers more than I hate the Windows spooler service driver + * writers. This gets around a combination of bugs in the spooler + * and the HP 8500 PCL driver that causes a spooler spin. JRA. + * + * bumped up from 20 -> 64 after viewing traffic from WordPerfect + * 2002 running on NT 4.- SP6 + * bumped up from 64 -> 256 after viewing traffic from con2prt + * for lots of printers on a WinNT 4.x SP6 box. + */ + +#ifndef MAX_OPEN_SPOOLSS_PIPES +#define MAX_OPEN_SPOOLSS_PIPES 256 +#endif +static int current_spoolss_pipes_open; + static smb_np_struct *Pipes; static pipes_struct *InternalPipes; static struct bitmap *bmap; @@ -102,6 +119,7 @@ void set_pipe_handle_offset(int max_open_files) /**************************************************************************** Reset pipe chain handle number. ****************************************************************************/ + void reset_chain_p(void) { chain_p = NULL; @@ -158,11 +176,20 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name, int i; smb_np_struct *p, *p_it; static int next_pipe; + BOOL is_spoolss_pipe = False; DEBUG(4,("Open pipe requested %s (pipes_open=%d)\n", pipe_name, pipes_open)); - + if (strstr(pipe_name, "spoolss")) + is_spoolss_pipe = True; + + if (is_spoolss_pipe && current_spoolss_pipes_open >= MAX_OPEN_SPOOLSS_PIPES) { + DEBUG(10,("open_rpc_pipe_p: spooler bug workaround. Denying open on pipe %s\n", + pipe_name )); + return NULL; + } + /* not repeating pipe numbers makes it easier to track things in log files and prevents client bugs where pipe numbers are reused over connection restarts */ @@ -183,8 +210,7 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name, p = (smb_np_struct *)malloc(sizeof(*p)); - if (!p) - { + if (!p) { DEBUG(0,("ERROR! no memory for pipes_struct!\n")); return NULL; } @@ -201,13 +227,11 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name, p->np_state = p->namedpipe_create(pipe_name, conn, vuid); if (p->np_state == NULL) { - DEBUG(0,("open_rpc_pipe_p: make_internal_rpc_pipe_p failed.\n")); SAFE_FREE(p); return NULL; } - DLIST_ADD(Pipes, p); /* @@ -247,7 +271,7 @@ smb_np_struct *open_rpc_pipe_p(char *pipe_name, } /**************************************************************************** - * make an internal namedpipes structure + Make an internal namedpipes structure ****************************************************************************/ static void *make_internal_rpc_pipe_p(char *pipe_name, @@ -321,9 +345,8 @@ static void *make_internal_rpc_pipe_p(char *pipe_name, p->pipe_user.gid = (gid_t)-1; /* Store the session key */ - if (vuser) { + if (vuser) memcpy(p->session_key, vuser->session_key, sizeof(p->session_key)); - } /* * Initialize the incoming RPC struct. -- cgit From 9930b0b0650ae3e38c033c28672398425dd8228c Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 1 Jul 2002 09:12:41 +0000 Subject: used findstatic.pl to make some variables static and remove some dead code (This used to be commit 91ad9041e9507d36eb3f40c23c5d4df61f139ef0) --- source3/rpc_server/srv_srvsvc.c | 2 +- source3/rpc_server/srv_srvsvc_nt.c | 2 +- source3/rpc_server/srv_wkssvc.c | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c index 96e6172366..5e1c005d54 100644 --- a/source3/rpc_server/srv_srvsvc.c +++ b/source3/rpc_server/srv_srvsvc.c @@ -495,7 +495,7 @@ static BOOL api_srv_net_file_set_secdesc(pipes_struct *p) \PIPE\srvsvc commands ********************************************************************/ -struct api_struct api_srv_cmds[] = +static const struct api_struct api_srv_cmds[] = { { "SRV_NET_CONN_ENUM" , SRV_NET_CONN_ENUM , api_srv_net_conn_enum }, { "SRV_NET_SESS_ENUM" , SRV_NET_SESS_ENUM , api_srv_net_sess_enum }, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index d99b45f3e6..e8fe603ed8 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1824,7 +1824,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ "Nigel Williams" . ***********************************************************************************/ -const char *server_disks[] = {"C:"}; +static const char *server_disks[] = {"C:"}; static uint32 get_server_disk_count(void) { diff --git a/source3/rpc_server/srv_wkssvc.c b/source3/rpc_server/srv_wkssvc.c index 0138848440..c783becbbe 100644 --- a/source3/rpc_server/srv_wkssvc.c +++ b/source3/rpc_server/srv_wkssvc.c @@ -58,7 +58,7 @@ static BOOL api_wks_query_info(pipes_struct *p) /******************************************************************* \PIPE\wkssvc commands ********************************************************************/ -struct api_struct api_wks_cmds[] = +static struct api_struct api_wks_cmds[] = { { "WKS_Q_QUERY_INFO", WKS_QUERY_INFO, api_wks_query_info }, { NULL , 0 , NULL } -- cgit From 5106ead0e041391b9eaa583894cc539e61a0ab5a Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Tue, 2 Jul 2002 04:07:32 +0000 Subject: Merge of constant renames from APPLIANCE_HEAD. (This used to be commit daf4c6a013ffa474d768055e73a1cb31ee941e80) --- source3/rpc_server/srv_spoolss_nt.c | 106 ++++++++++++++++++------------------ 1 file changed, 53 insertions(+), 53 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 0b172aa0e5..7e793c1e1d 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -2678,55 +2678,55 @@ struct s_notify_info_data_table struct s_notify_info_data_table notify_info_data_table[] = { -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SERVER_NAME, "PRINTER_NOTIFY_SERVER_NAME", STRING, spoolss_notify_server_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINTER_NAME, "PRINTER_NOTIFY_PRINTER_NAME", STRING, spoolss_notify_printer_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SHARE_NAME, "PRINTER_NOTIFY_SHARE_NAME", STRING, spoolss_notify_share_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PORT_NAME, "PRINTER_NOTIFY_PORT_NAME", STRING, spoolss_notify_port_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DRIVER_NAME, "PRINTER_NOTIFY_DRIVER_NAME", STRING, spoolss_notify_driver_name }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_COMMENT, "PRINTER_NOTIFY_COMMENT", STRING, spoolss_notify_comment }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_LOCATION, "PRINTER_NOTIFY_LOCATION", STRING, spoolss_notify_location }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DEVMODE, "PRINTER_NOTIFY_DEVMODE", POINTER, spoolss_notify_devmode }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SEPFILE, "PRINTER_NOTIFY_SEPFILE", STRING, spoolss_notify_sepfile }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINT_PROCESSOR, "PRINTER_NOTIFY_PRINT_PROCESSOR", STRING, spoolss_notify_print_processor }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PARAMETERS, "PRINTER_NOTIFY_PARAMETERS", STRING, spoolss_notify_parameters }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DATATYPE, "PRINTER_NOTIFY_DATATYPE", STRING, spoolss_notify_datatype }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SECURITY_DESCRIPTOR, "PRINTER_NOTIFY_SECURITY_DESCRIPTOR", POINTER, spoolss_notify_security_desc }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_ATTRIBUTES, "PRINTER_NOTIFY_ATTRIBUTES", ONE_VALUE, spoolss_notify_attributes }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRIORITY, "PRINTER_NOTIFY_PRIORITY", ONE_VALUE, spoolss_notify_priority }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DEFAULT_PRIORITY, "PRINTER_NOTIFY_DEFAULT_PRIORITY", ONE_VALUE, spoolss_notify_default_priority }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_START_TIME, "PRINTER_NOTIFY_START_TIME", ONE_VALUE, spoolss_notify_start_time }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_UNTIL_TIME, "PRINTER_NOTIFY_UNTIL_TIME", ONE_VALUE, spoolss_notify_until_time }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_STATUS, "PRINTER_NOTIFY_STATUS", ONE_VALUE, spoolss_notify_status }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_STATUS_STRING, "PRINTER_NOTIFY_STATUS_STRING", POINTER, NULL }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_CJOBS, "PRINTER_NOTIFY_CJOBS", ONE_VALUE, spoolss_notify_cjobs }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_AVERAGE_PPM, "PRINTER_NOTIFY_AVERAGE_PPM", ONE_VALUE, spoolss_notify_average_ppm }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_TOTAL_PAGES, "PRINTER_NOTIFY_TOTAL_PAGES", POINTER, NULL }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PAGES_PRINTED, "PRINTER_NOTIFY_PAGES_PRINTED", POINTER, NULL }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_TOTAL_BYTES, "PRINTER_NOTIFY_TOTAL_BYTES", POINTER, NULL }, -{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_BYTES_PRINTED, "PRINTER_NOTIFY_BYTES_PRINTED", POINTER, NULL }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINTER_NAME, "JOB_NOTIFY_PRINTER_NAME", STRING, spoolss_notify_printer_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_MACHINE_NAME, "JOB_NOTIFY_MACHINE_NAME", STRING, spoolss_notify_server_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PORT_NAME, "JOB_NOTIFY_PORT_NAME", STRING, spoolss_notify_port_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_USER_NAME, "JOB_NOTIFY_USER_NAME", STRING, spoolss_notify_username }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_NOTIFY_NAME, "JOB_NOTIFY_NOTIFY_NAME", STRING, spoolss_notify_username }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DATATYPE, "JOB_NOTIFY_DATATYPE", STRING, spoolss_notify_datatype }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINT_PROCESSOR, "JOB_NOTIFY_PRINT_PROCESSOR", STRING, spoolss_notify_print_processor }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PARAMETERS, "JOB_NOTIFY_PARAMETERS", STRING, spoolss_notify_parameters }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DRIVER_NAME, "JOB_NOTIFY_DRIVER_NAME", STRING, spoolss_notify_driver_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DEVMODE, "JOB_NOTIFY_DEVMODE", POINTER, spoolss_notify_devmode }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS, "JOB_NOTIFY_STATUS", ONE_VALUE, spoolss_notify_job_status }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS_STRING, "JOB_NOTIFY_STATUS_STRING", STRING, spoolss_notify_job_status_string }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_SECURITY_DESCRIPTOR, "JOB_NOTIFY_SECURITY_DESCRIPTOR", POINTER, NULL }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DOCUMENT, "JOB_NOTIFY_DOCUMENT", STRING, spoolss_notify_job_name }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRIORITY, "JOB_NOTIFY_PRIORITY", ONE_VALUE, spoolss_notify_priority }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_POSITION, "JOB_NOTIFY_POSITION", ONE_VALUE, spoolss_notify_job_position }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_SUBMITTED, "JOB_NOTIFY_SUBMITTED", POINTER, spoolss_notify_submitted_time }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_START_TIME, "JOB_NOTIFY_START_TIME", ONE_VALUE, spoolss_notify_start_time }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_UNTIL_TIME, "JOB_NOTIFY_UNTIL_TIME", ONE_VALUE, spoolss_notify_until_time }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_TIME, "JOB_NOTIFY_TIME", ONE_VALUE, spoolss_notify_job_time }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_TOTAL_PAGES, "JOB_NOTIFY_TOTAL_PAGES", ONE_VALUE, spoolss_notify_total_pages }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PAGES_PRINTED, "JOB_NOTIFY_PAGES_PRINTED", ONE_VALUE, spoolss_notify_pages_printed }, -{ JOB_NOTIFY_TYPE, JOB_NOTIFY_TOTAL_BYTES, "JOB_NOTIFY_TOTAL_BYTES", ONE_VALUE, spoolss_notify_job_size }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SERVER_NAME, "PRINTER_NOTIFY_SERVER_NAME", NOTIFY_STRING, spoolss_notify_server_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINTER_NAME, "PRINTER_NOTIFY_PRINTER_NAME", NOTIFY_STRING, spoolss_notify_printer_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SHARE_NAME, "PRINTER_NOTIFY_SHARE_NAME", NOTIFY_STRING, spoolss_notify_share_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PORT_NAME, "PRINTER_NOTIFY_PORT_NAME", NOTIFY_STRING, spoolss_notify_port_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DRIVER_NAME, "PRINTER_NOTIFY_DRIVER_NAME", NOTIFY_STRING, spoolss_notify_driver_name }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_COMMENT, "PRINTER_NOTIFY_COMMENT", NOTIFY_STRING, spoolss_notify_comment }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_LOCATION, "PRINTER_NOTIFY_LOCATION", NOTIFY_STRING, spoolss_notify_location }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DEVMODE, "PRINTER_NOTIFY_DEVMODE", NOTIFY_POINTER, spoolss_notify_devmode }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SEPFILE, "PRINTER_NOTIFY_SEPFILE", NOTIFY_STRING, spoolss_notify_sepfile }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRINT_PROCESSOR, "PRINTER_NOTIFY_PRINT_PROCESSOR", NOTIFY_STRING, spoolss_notify_print_processor }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PARAMETERS, "PRINTER_NOTIFY_PARAMETERS", NOTIFY_STRING, spoolss_notify_parameters }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DATATYPE, "PRINTER_NOTIFY_DATATYPE", NOTIFY_STRING, spoolss_notify_datatype }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_SECURITY_DESCRIPTOR, "PRINTER_NOTIFY_SECURITY_DESCRIPTOR", NOTIFY_POINTER, spoolss_notify_security_desc }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_ATTRIBUTES, "PRINTER_NOTIFY_ATTRIBUTES", NOTIFY_ONE_VALUE, spoolss_notify_attributes }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PRIORITY, "PRINTER_NOTIFY_PRIORITY", NOTIFY_ONE_VALUE, spoolss_notify_priority }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_DEFAULT_PRIORITY, "PRINTER_NOTIFY_DEFAULT_PRIORITY", NOTIFY_ONE_VALUE, spoolss_notify_default_priority }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_START_TIME, "PRINTER_NOTIFY_START_TIME", NOTIFY_ONE_VALUE, spoolss_notify_start_time }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_UNTIL_TIME, "PRINTER_NOTIFY_UNTIL_TIME", NOTIFY_ONE_VALUE, spoolss_notify_until_time }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_STATUS, "PRINTER_NOTIFY_STATUS", NOTIFY_ONE_VALUE, spoolss_notify_status }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_STATUS_STRING, "PRINTER_NOTIFY_STATUS_STRING", NOTIFY_POINTER, NULL }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_CJOBS, "PRINTER_NOTIFY_CJOBS", NOTIFY_ONE_VALUE, spoolss_notify_cjobs }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_AVERAGE_PPM, "PRINTER_NOTIFY_AVERAGE_PPM", NOTIFY_ONE_VALUE, spoolss_notify_average_ppm }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_TOTAL_PAGES, "PRINTER_NOTIFY_TOTAL_PAGES", NOTIFY_POINTER, NULL }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_PAGES_PRINTED, "PRINTER_NOTIFY_PAGES_PRINTED", NOTIFY_POINTER, NULL }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_TOTAL_BYTES, "PRINTER_NOTIFY_TOTAL_BYTES", NOTIFY_POINTER, NULL }, +{ PRINTER_NOTIFY_TYPE, PRINTER_NOTIFY_BYTES_PRINTED, "PRINTER_NOTIFY_BYTES_PRINTED", NOTIFY_POINTER, NULL }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINTER_NAME, "JOB_NOTIFY_PRINTER_NAME", NOTIFY_STRING, spoolss_notify_printer_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_MACHINE_NAME, "JOB_NOTIFY_MACHINE_NAME", NOTIFY_STRING, spoolss_notify_server_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PORT_NAME, "JOB_NOTIFY_PORT_NAME", NOTIFY_STRING, spoolss_notify_port_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_USER_NAME, "JOB_NOTIFY_USER_NAME", NOTIFY_STRING, spoolss_notify_username }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_NOTIFY_NAME, "JOB_NOTIFY_NOTIFY_NAME", NOTIFY_STRING, spoolss_notify_username }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DATATYPE, "JOB_NOTIFY_DATATYPE", NOTIFY_STRING, spoolss_notify_datatype }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRINT_PROCESSOR, "JOB_NOTIFY_PRINT_PROCESSOR", NOTIFY_STRING, spoolss_notify_print_processor }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PARAMETERS, "JOB_NOTIFY_PARAMETERS", NOTIFY_STRING, spoolss_notify_parameters }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DRIVER_NAME, "JOB_NOTIFY_DRIVER_NAME", NOTIFY_STRING, spoolss_notify_driver_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DEVMODE, "JOB_NOTIFY_DEVMODE", NOTIFY_POINTER, spoolss_notify_devmode }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS, "JOB_NOTIFY_STATUS", NOTIFY_ONE_VALUE, spoolss_notify_job_status }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_STATUS_STRING, "JOB_NOTIFY_STATUS_STRING", NOTIFY_STRING, spoolss_notify_job_status_string }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_SECURITY_DESCRIPTOR, "JOB_NOTIFY_SECURITY_DESCRIPTOR", NOTIFY_POINTER, NULL }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_DOCUMENT, "JOB_NOTIFY_DOCUMENT", NOTIFY_STRING, spoolss_notify_job_name }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PRIORITY, "JOB_NOTIFY_PRIORITY", NOTIFY_ONE_VALUE, spoolss_notify_priority }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_POSITION, "JOB_NOTIFY_POSITION", NOTIFY_ONE_VALUE, spoolss_notify_job_position }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_SUBMITTED, "JOB_NOTIFY_SUBMITTED", NOTIFY_POINTER, spoolss_notify_submitted_time }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_START_TIME, "JOB_NOTIFY_START_TIME", NOTIFY_ONE_VALUE, spoolss_notify_start_time }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_UNTIL_TIME, "JOB_NOTIFY_UNTIL_TIME", NOTIFY_ONE_VALUE, spoolss_notify_until_time }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_TIME, "JOB_NOTIFY_TIME", NOTIFY_ONE_VALUE, spoolss_notify_job_time }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_TOTAL_PAGES, "JOB_NOTIFY_TOTAL_PAGES", NOTIFY_ONE_VALUE, spoolss_notify_total_pages }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_PAGES_PRINTED, "JOB_NOTIFY_PAGES_PRINTED", NOTIFY_ONE_VALUE, spoolss_notify_pages_printed }, +{ JOB_NOTIFY_TYPE, JOB_NOTIFY_TOTAL_BYTES, "JOB_NOTIFY_TOTAL_BYTES", NOTIFY_ONE_VALUE, spoolss_notify_job_size }, }; /******************************************************************* @@ -2741,17 +2741,17 @@ static uint32 size_of_notify_info_data(uint16 type, uint16 field) if (notify_info_data_table[i].type == type && notify_info_data_table[i].field == field) { switch(notify_info_data_table[i].size) { - case ONE_VALUE: - case TWO_VALUE: + case NOTIFY_ONE_VALUE: + case NOTIFY_TWO_VALUE: return 1; - case STRING: + case NOTIFY_STRING: return 2; /* The only pointer notify data I have seen on the wire is the submitted time and this has the notify size set to 4. -tpot */ - case POINTER: + case NOTIFY_POINTER: return 4; } } -- cgit From 82176f4d85225c2aae15f9ce3e03730f019934f5 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 2 Jul 2002 06:34:27 +0000 Subject: Address the string_sub problem by changing len = 0 to mean "no expand". Went through and checked all string_subs I could to ensure they're being used correctly. Jeremy. (This used to be commit 17cae0d683be404be69554cd0e84117bdcc56c87) --- source3/rpc_server/srv_spoolss_nt.c | 2 +- source3/rpc_server/srv_srvsvc_nt.c | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 7e793c1e1d..9b17bdb7ee 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -5051,7 +5051,7 @@ static BOOL add_printer_hook(NT_PRINTER_INFO_LEVEL *printer) get_called_name()); /* change \ to \\ for the shell */ all_string_sub(driverlocation,"\\","\\\\",sizeof(pstring)); - standard_sub_basic(current_user_info.smb_name, remote_machine); + standard_sub_basic(current_user_info.smb_name, remote_machine,sizeof(remote_machine)); slprintf(command, sizeof(command)-1, "%s \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"%s\" \"%s\"", cmd, printer->info_2->printername, printer->info_2->sharename, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index e8fe603ed8..b5f6bd2f07 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -41,7 +41,7 @@ static void init_srv_share_info_1(pipes_struct *p, SRV_SHARE_INFO_1 *sh1, int sn pstrcpy(net_name, lp_servicename(snum)); pstrcpy(remark, lp_comment(snum)); - standard_sub_conn(p->conn, remark); + standard_sub_conn(p->conn, remark,sizeof(remark)); len_net_name = strlen(net_name); /* work out the share type */ @@ -73,7 +73,7 @@ static void init_srv_share_info_2(pipes_struct *p, SRV_SHARE_INFO_2 *sh2, int sn pstrcpy(net_name, lp_servicename(snum)); pstrcpy(remark, lp_comment(snum)); - standard_sub_conn(p->conn, remark); + standard_sub_conn(p->conn, remark,sizeof(remark)); pstrcpy(path, "C:"); pstrcat(path, lp_pathname(snum)); @@ -357,7 +357,7 @@ static void init_srv_share_info_501(pipes_struct *p, SRV_SHARE_INFO_501 *sh501, pstrcpy(net_name, lp_servicename(snum)); pstrcpy(remark, lp_comment(snum)); - standard_sub_conn(p->conn, remark); + standard_sub_conn(p->conn, remark, sizeof(remark)); len_net_name = strlen(net_name); @@ -396,7 +396,7 @@ static void init_srv_share_info_502(pipes_struct *p, SRV_SHARE_INFO_502 *sh502, pstrcpy(net_name, lp_servicename(snum)); pstrcpy(remark, lp_comment(snum)); - standard_sub_conn(p->conn, remark); + standard_sub_conn(p->conn, remark,sizeof(remark)); pstrcpy(path, "C:"); pstrcat(path, lp_pathname(snum)); -- cgit From 8e52737efc9cf746d7e9fd1f07bc42201dccbfba Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Wed, 3 Jul 2002 07:37:54 +0000 Subject: Break up the passdb objects (to allow RPC clients to link without brining in *.o) and implment new enum_dom_users code in the SAMR RPC subsystem. Incresingly, we are using the pdb_get_{user,group}_sid() functions, in the eventual hope that we might one day support muliple domains off a single passdb. To extract the RID, we use sid_peek_check_rid(), and supply an 'expected' domain SID. The id21 -> SAM_ACCOUNT and id23 -> SAM_ACCOUNT code has been moved to srv_samr_util.c, to ease linking in passdb users. Compatiblity code that uses 'get_global_sam_sid()' for the 'expected' sid is in pdb_compat.c Andrew Bartlett (This used to be commit 5a2a6f1ba316489d118a8bdd9551b155226de94f) --- source3/rpc_server/srv_samr_nt.c | 259 ++++++++++++++++--------------------- source3/rpc_server/srv_samr_util.c | 143 ++++++++++++++++++++ 2 files changed, 254 insertions(+), 148 deletions(-) create mode 100644 source3/rpc_server/srv_samr_util.c (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 9e826436f6..9393917cde 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -126,19 +126,6 @@ static void free_samr_info(void *ptr) Ensure password info is never given out. Paranioa... JRA. ********************************************************************/ -static void samr_clear_passwd_fields( SAM_USER_INFO_21 *pass, int num_entries) -{ - int i; - - if (!pass) - return; - - for (i = 0; i < num_entries; i++) { - memset(&pass[i].lm_pwd, '\0', sizeof(pass[i].lm_pwd)); - memset(&pass[i].nt_pwd, '\0', sizeof(pass[i].nt_pwd)); - } -} - static void samr_clear_sam_passwd(SAM_ACCOUNT *sam_pass) { @@ -266,103 +253,6 @@ static NTSTATUS load_group_domain_entries(struct samr_info *info, DOM_SID *sid) } -/******************************************************************* - This next function should be replaced with something that - dynamically returns the correct user info..... JRA. - ********************************************************************/ - -static NTSTATUS get_sampwd_entries(SAM_USER_INFO_21 *pw_buf, int start_idx, - int *total_entries, int *num_entries, - int max_num_entries, uint16 acb_mask) -{ - SAM_ACCOUNT *pwd = NULL; - BOOL not_finished = True; - NTSTATUS nt_status; - - (*num_entries) = 0; - (*total_entries) = 0; - - if (pw_buf == NULL) - return NT_STATUS_NO_MEMORY; - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&pwd))) { - return nt_status; - } - - if (!pdb_setsampwent(False)) { - DEBUG(0, ("get_sampwd_entries: Unable to open passdb.\n")); - pdb_free_sam(&pwd); - return NT_STATUS_ACCESS_DENIED; - } - - while (((not_finished = pdb_getsampwent(pwd)) != False) - && (*num_entries) < max_num_entries) - { - int user_name_len; - const char *user_name; - - if (start_idx > 0) { - - pdb_free_sam(&pwd); - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&pwd))) { - pdb_endsampwent(); - return nt_status; - } - - /* skip the requested number of entries. - not very efficient, but hey... */ - start_idx--; - continue; - } - - user_name = pdb_get_username(pwd); - - if (!user_name) { - DEBUG(2, ("account had NULL username!\n")); - } else if (!(acb_mask == 0 || (pdb_get_acct_ctrl(pwd) & acb_mask))) { - DEBUG(5,(" acb_mask %x rejects\n", acb_mask)); - } else { - DEBUG(5,(" acb_mask %x accepts\n", acb_mask)); - - user_name_len = strlen(user_name)+1; - init_unistr2(&pw_buf[(*num_entries)].uni_user_name, user_name, user_name_len); - init_uni_hdr(&pw_buf[(*num_entries)].hdr_user_name, user_name_len); - pw_buf[(*num_entries)].user_rid = pdb_get_user_rid(pwd); - memset((char *)pw_buf[(*num_entries)].nt_pwd, '\0', 16); - - /* Now check if the NT compatible password is available. */ - if (pdb_get_nt_passwd(pwd)) - memcpy( pw_buf[(*num_entries)].nt_pwd , pdb_get_nt_passwd(pwd), 16); - - pw_buf[(*num_entries)].acb_info = pdb_get_acct_ctrl(pwd); - - DEBUG(5, ("entry idx: %d user %s, rid 0x%x, acb %x", - (*num_entries), pdb_get_username(pwd), pdb_get_user_rid(pwd), pdb_get_acct_ctrl(pwd) )); - - (*num_entries)++; - } - - (*total_entries)++; - - pdb_free_sam(&pwd); - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_sam(&pwd))) { - pdb_endsampwent(); - return nt_status; - } - - } - - pdb_endsampwent(); - pdb_free_sam(&pwd); - - if (not_finished) - return STATUS_MORE_ENTRIES; - else - return NT_STATUS_OK; -} - /******************************************************************* _samr_close_hnd ********************************************************************/ @@ -526,69 +416,118 @@ NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_ makes a SAM_ENTRY / UNISTR2* structure from a user list. ********************************************************************/ -static void make_user_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp, UNISTR2 **uni_name_pp, - uint32 num_sam_entries, SAM_USER_INFO_21 *pass) +static NTSTATUS make_user_sam_entry_list(TALLOC_CTX *ctx, SAM_ENTRY **sam_pp, UNISTR2 **uni_name_pp, + uint32 num_entries, uint32 start_idx, DISP_USER_INFO *disp_user_info, + DOM_SID *domain_sid) { uint32 i; SAM_ENTRY *sam; UNISTR2 *uni_name; - + SAM_ACCOUNT *pwd = NULL; + UNISTR2 uni_temp_name; + const char *temp_name; + const DOM_SID *user_sid; + uint32 user_rid; + fstring user_sid_string; + fstring domain_sid_string; + *sam_pp = NULL; *uni_name_pp = NULL; - if (num_sam_entries == 0) - return; + if (num_entries == 0) + return NT_STATUS_OK; - sam = (SAM_ENTRY *)talloc_zero(ctx, sizeof(SAM_ENTRY)*num_sam_entries); + sam = (SAM_ENTRY *)talloc_zero(ctx, sizeof(SAM_ENTRY)*num_entries); - uni_name = (UNISTR2 *)talloc_zero(ctx, sizeof(UNISTR2)*num_sam_entries); + uni_name = (UNISTR2 *)talloc_zero(ctx, sizeof(UNISTR2)*num_entries); if (sam == NULL || uni_name == NULL) { - DEBUG(0, ("NULL pointers in SAMR_R_QUERY_DISPINFO\n")); - return; + DEBUG(0, ("make_user_sam_entry_list: talloc_zero failed!\n")); + return NT_STATUS_NO_MEMORY; } - ZERO_STRUCTP(sam); - ZERO_STRUCTP(uni_name); - - for (i = 0; i < num_sam_entries; i++) { - int len = pass[i].uni_user_name.uni_str_len; + for (i = 0; i < num_entries; i++) { + int len = uni_temp_name.uni_str_len; + + pwd = disp_user_info[i+start_idx].sam; + temp_name = pdb_get_username(pwd); + init_unistr2(&uni_temp_name, temp_name, strlen(temp_name)+1); + user_sid = pdb_get_user_sid(pwd); + + if (!sid_peek_check_rid(domain_sid, user_sid, &user_rid)) { + DEBUG(0, ("make_user_sam_entry_list: User %s has SID %s, which conflicts with " + "the domain sid %s. Failing operation.\n", + temp_name, + sid_to_string(user_sid_string, user_sid), + sid_to_string(domain_sid_string, domain_sid))); + return NT_STATUS_UNSUCCESSFUL; + } - init_sam_entry(&sam[i], len, pass[i].user_rid); - copy_unistr2(&uni_name[i], &pass[i].uni_user_name); + init_sam_entry(&sam[i], len, user_rid); + copy_unistr2(&uni_name[i], &uni_temp_name); } *sam_pp = sam; *uni_name_pp = uni_name; + return NT_STATUS_OK; } /******************************************************************* samr_reply_enum_dom_users ********************************************************************/ -NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, SAMR_R_ENUM_DOM_USERS *r_u) +NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, + SAMR_R_ENUM_DOM_USERS *r_u) { - SAM_USER_INFO_21 pass[MAX_SAM_ENTRIES]; - int num_entries = 0; - int total_entries = 0; + struct samr_info *info = NULL; + uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */ + int num_account; + uint32 enum_context=q_u->start_idx; + uint32 max_size=q_u->max_size; + uint32 temp_size; + enum remote_arch_types ra_type = get_remote_arch(); + int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K; + uint32 max_entries = max_sam_entries; + DOM_SID domain_sid; r_u->status = NT_STATUS_OK; /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->pol, NULL)) + if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) + return NT_STATUS_INVALID_HANDLE; + + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &domain_sid)) return NT_STATUS_INVALID_HANDLE; DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__)); become_root(); - r_u->status = get_sampwd_entries(pass, q_u->start_idx, &total_entries, &num_entries, - MAX_SAM_ENTRIES, q_u->acb_mask); + r_u->status=load_sampwd_entries(info, q_u->acb_mask); unbecome_root(); - - if (NT_STATUS_IS_ERR(r_u->status)) + + if (!NT_STATUS_IS_OK(r_u->status)) return r_u->status; - samr_clear_passwd_fields(pass, num_entries); + num_account = info->disp_info.num_user_account; + + if (enum_context > num_account) { + DEBUG(5, ("_samr_enum_dom_users: enumeration handle over total entries\n")); + return NT_STATUS_OK; + } + + /* verify we won't overflow */ + if (max_entries > num_account-enum_context) { + max_entries = num_account-enum_context; + DEBUG(5, ("_samr_enum_dom_users: only %d entries to return\n", max_entries)); + } + + /* calculate the size and limit on the number of entries we will return */ + temp_size=max_entries*struct_size; + + if (temp_size>max_size) { + max_entries=MIN((max_size/struct_size),max_entries);; + DEBUG(5, ("_samr_enum_dom_users: buffer size limits to only %d entries\n", max_entries)); + } /* * Note from JRA. total_entries is not being used here. Currently if there is a @@ -603,9 +542,20 @@ NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, SAMR_ * value (again I think this is wrong). */ - make_user_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_acct_name, num_entries, pass); + r_u->status = make_user_sam_entry_list(p->mem_ctx, &r_u->sam, &r_u->uni_acct_name, + max_entries, enum_context, + info->disp_info.disp_user_info, + &domain_sid); + + if (!NT_STATUS_IS_OK(r_u->status)) + return r_u->status; + + if (enum_context+max_entries < num_account) + r_u->status = STATUS_MORE_ENTRIES; + + DEBUG(5, ("_samr_enum_dom_users: %d\n", __LINE__)); - init_samr_r_enum_dom_users(r_u, q_u->start_idx + num_entries, num_entries); + init_samr_r_enum_dom_users(r_u, q_u->start_idx + max_entries, max_entries); DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__)); @@ -891,7 +841,8 @@ NTSTATUS _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, S /******************************************************************* samr_reply_query_dispinfo ********************************************************************/ -NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_R_QUERY_DISPINFO *r_u) +NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, + SAMR_R_QUERY_DISPINFO *r_u) { struct samr_info *info = NULL; uint32 struct_size=0x20; /* W2K always reply that, client doesn't care */ @@ -906,9 +857,8 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ NTSTATUS disp_ret; uint32 num_account = 0; enum remote_arch_types ra_type = get_remote_arch(); - int max_sam_entries; - - max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K; + int max_sam_entries = (ra_type == RA_WIN95) ? MAX_SAM_ENTRIES_W95 : MAX_SAM_ENTRIES_W2K; + DOM_SID domain_sid; DEBUG(5, ("samr_reply_query_dispinfo: %d\n", __LINE__)); r_u->status = NT_STATUS_OK; @@ -917,6 +867,9 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; + if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &domain_sid)) + return NT_STATUS_INVALID_HANDLE; + /* * calculate how many entries we will return. * based on @@ -1015,7 +968,8 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ if (!(ctr->sam.info1 = (SAM_DISPINFO_1 *)talloc_zero(p->mem_ctx,max_entries*sizeof(SAM_DISPINFO_1)))) return NT_STATUS_NO_MEMORY; } - disp_ret = init_sam_dispinfo_1(p->mem_ctx, ctr->sam.info1, max_entries, enum_context, info->disp_info.disp_user_info); + disp_ret = init_sam_dispinfo_1(p->mem_ctx, ctr->sam.info1, max_entries, enum_context, + info->disp_info.disp_user_info, &domain_sid); if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; @@ -1024,7 +978,8 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, SAMR_ if (!(ctr->sam.info2 = (SAM_DISPINFO_2 *)talloc_zero(p->mem_ctx,max_entries*sizeof(SAM_DISPINFO_2)))) return NT_STATUS_NO_MEMORY; } - disp_ret = init_sam_dispinfo_2(p->mem_ctx, ctr->sam.info2, max_entries, enum_context, info->disp_info.disp_user_info); + disp_ret = init_sam_dispinfo_2(p->mem_ctx, ctr->sam.info2, max_entries, enum_context, + info->disp_info.disp_user_info, &domain_sid); if (!NT_STATUS_IS_OK(disp_ret)) return disp_ret; break; @@ -1582,7 +1537,8 @@ static NTSTATUS get_user_info_20(TALLOC_CTX *mem_ctx, SAM_USER_INFO_20 *id20, DO get_user_info_21 *************************************************************************/ -static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, DOM_SID *user_sid) +static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, + DOM_SID *user_sid, DOM_SID *domain_sid) { SAM_ACCOUNT *sampass=NULL; BOOL ret; @@ -1607,7 +1563,7 @@ static NTSTATUS get_user_info_21(TALLOC_CTX *mem_ctx, SAM_USER_INFO_21 *id21, DO DEBUG(3,("User:[%s]\n", pdb_get_username(sampass) )); ZERO_STRUCTP(id21); - init_sam_user_info21A(id21, sampass); + nt_status = init_sam_user_info21A(id21, sampass, domain_sid); pdb_free_sam(&sampass); @@ -1622,13 +1578,19 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ { SAM_USERINFO_CTR *ctr; struct samr_info *info = NULL; - + DOM_SID domain_sid; + uint32 rid; + r_u->status=NT_STATUS_OK; /* search for the handle */ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; + domain_sid = info->sid; + + sid_split_rid(&domain_sid, &rid); + if (!sid_check_is_in_our_domain(&info->sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; @@ -1700,7 +1662,8 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ ctr->info.id21 = (SAM_USER_INFO_21 *)talloc_zero(p->mem_ctx,sizeof(SAM_USER_INFO_21)); if (ctr->info.id21 == NULL) return NT_STATUS_NO_MEMORY; - if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, &info->sid))) + if (!NT_STATUS_IS_OK(r_u->status = get_user_info_21(p->mem_ctx, ctr->info.id21, + &info->sid, &domain_sid))) return r_u->status; break; diff --git a/source3/rpc_server/srv_samr_util.c b/source3/rpc_server/srv_samr_util.c new file mode 100644 index 0000000000..7a5b1e5f46 --- /dev/null +++ b/source3/rpc_server/srv_samr_util.c @@ -0,0 +1,143 @@ +/* + Unix SMB/CIFS implementation. + SAMR Pipe utility functions. + Copyright (C) Jeremy Allison 1996-2001 + Copyright (C) Luke Kenneth Casson Leighton 1996-1998 + Copyright (C) Gerald (Jerry) Carter 2000-2001 + Copyright (C) Andrew Bartlett 2001-2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_RPC_SRV + +/************************************************************* + Copies a SAM_USER_INFO_23 to a SAM_ACCOUNT + **************************************************************/ + +void copy_id23_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_23 *from) +{ + + if (from == NULL || to == NULL) + return; + + pdb_set_logon_time(to,nt_time_to_unix(&from->logon_time), True); + pdb_set_logoff_time(to,nt_time_to_unix(&from->logoff_time), True); + pdb_set_kickoff_time(to, nt_time_to_unix(&from->kickoff_time), True); + pdb_set_pass_can_change_time(to, nt_time_to_unix(&from->pass_can_change_time), True); + pdb_set_pass_must_change_time(to, nt_time_to_unix(&from->pass_must_change_time), True); + + pdb_set_pass_last_set_time(to, nt_time_to_unix(&from->pass_last_set_time)); + + if (from->uni_user_name.buffer) + pdb_set_username(to , pdb_unistr2_convert(&from->uni_user_name )); + if (from->uni_full_name.buffer) + pdb_set_fullname(to , pdb_unistr2_convert(&from->uni_full_name )); + if (from->uni_home_dir.buffer) + pdb_set_homedir(to , pdb_unistr2_convert(&from->uni_home_dir ), True); + if (from->uni_dir_drive.buffer) + pdb_set_dir_drive(to , pdb_unistr2_convert(&from->uni_dir_drive ), True); + if (from->uni_logon_script.buffer) + pdb_set_logon_script(to , pdb_unistr2_convert(&from->uni_logon_script), True); + if (from->uni_profile_path.buffer) + pdb_set_profile_path(to , pdb_unistr2_convert(&from->uni_profile_path), True); + if (from->uni_acct_desc.buffer) + pdb_set_acct_desc(to , pdb_unistr2_convert(&from->uni_acct_desc )); + if (from->uni_workstations.buffer) + pdb_set_workstations(to , pdb_unistr2_convert(&from->uni_workstations)); + if (from->uni_unknown_str.buffer) + pdb_set_unknown_str(to , pdb_unistr2_convert(&from->uni_unknown_str )); + if (from->uni_munged_dial.buffer) + pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial )); + + if (from->user_rid) + pdb_set_user_sid_from_rid(to, from->user_rid); + if (from->group_rid) + pdb_set_group_sid_from_rid(to, from->group_rid); + + pdb_set_acct_ctrl(to, from->acb_info); + pdb_set_unknown_3(to, from->unknown_3); + + pdb_set_logon_divs(to, from->logon_divs); + pdb_set_hours_len(to, from->logon_hrs.len); + pdb_set_hours(to, from->logon_hrs.hours); + + pdb_set_unknown_5(to, from->unknown_5); + pdb_set_unknown_6(to, from->unknown_6); +} + + +/************************************************************* + Copies a sam passwd. + **************************************************************/ + +void copy_id21_to_sam_passwd(SAM_ACCOUNT *to, SAM_USER_INFO_21 *from) +{ + if (from == NULL || to == NULL) + return; + + pdb_set_logon_time(to,nt_time_to_unix(&from->logon_time), True); + pdb_set_logoff_time(to,nt_time_to_unix(&from->logoff_time), True); + pdb_set_kickoff_time(to, nt_time_to_unix(&from->kickoff_time), True); + pdb_set_pass_can_change_time(to, nt_time_to_unix(&from->pass_can_change_time), True); + pdb_set_pass_must_change_time(to, nt_time_to_unix(&from->pass_must_change_time), True); + + pdb_set_pass_last_set_time(to, nt_time_to_unix(&from->pass_last_set_time)); + + if (from->uni_user_name.buffer) + pdb_set_username(to , pdb_unistr2_convert(&from->uni_user_name )); + if (from->uni_full_name.buffer) + pdb_set_fullname(to , pdb_unistr2_convert(&from->uni_full_name )); + if (from->uni_home_dir.buffer) + pdb_set_homedir(to , pdb_unistr2_convert(&from->uni_home_dir ), True); + if (from->uni_dir_drive.buffer) + pdb_set_dir_drive(to , pdb_unistr2_convert(&from->uni_dir_drive ), True); + if (from->uni_logon_script.buffer) + pdb_set_logon_script(to , pdb_unistr2_convert(&from->uni_logon_script), True); + if (from->uni_profile_path.buffer) + pdb_set_profile_path(to , pdb_unistr2_convert(&from->uni_profile_path), True); + if (from->uni_acct_desc.buffer) + pdb_set_acct_desc(to , pdb_unistr2_convert(&from->uni_acct_desc )); + if (from->uni_workstations.buffer) + pdb_set_workstations(to , pdb_unistr2_convert(&from->uni_workstations)); + if (from->uni_unknown_str.buffer) + pdb_set_unknown_str(to , pdb_unistr2_convert(&from->uni_unknown_str )); + if (from->uni_munged_dial.buffer) + pdb_set_munged_dial(to , pdb_unistr2_convert(&from->uni_munged_dial )); + + if (from->user_rid) + pdb_set_user_sid_from_rid(to, from->user_rid); + if (from->group_rid) + pdb_set_group_sid_from_rid(to, from->group_rid); + + /* FIXME!! Do we need to copy the passwords here as well? + I don't know. Need to figure this out --jerry */ + + /* Passwords dealt with in caller --abartlet */ + + pdb_set_acct_ctrl(to, from->acb_info); + pdb_set_unknown_3(to, from->unknown_3); + + pdb_set_logon_divs(to, from->logon_divs); + pdb_set_hours_len(to, from->logon_hrs.len); + pdb_set_hours(to, from->logon_hrs.hours); + + pdb_set_unknown_5(to, from->unknown_5); + pdb_set_unknown_6(to, from->unknown_6); +} + -- cgit From a3c3960edc63eb242620bbda373cfd9ba8e7ad65 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 3 Jul 2002 19:15:26 +0000 Subject: first cut at implementing support for browsing printer and driver driver via regedt32.exe. The regsitry.tdb is only a framework. It is not intended to store values, only key/subkey structure. The data will be retrieved from nt*tdb (for printers) creating a virtual view of the data. You can currently connect to a Samba box using regedt32.exe (haven't tried regedit.exe). Some basic keys are created in registry.tdb for use. There are two problems.... * something is getting freed in the winreg code that causes heap corruption later on. As long as you don't play with the winreg server functionality, I don't think you'll be bitten by this. * no access controls are currently implemented * I can't browse HKLM because regedt32 greys out the SYSTEM subkey. ok so that was three.... (This used to be commit 542d3c93a998083c07b2afa91a7c927c376caf54) --- source3/rpc_server/srv_reg.c | 135 ++++++++- source3/rpc_server/srv_reg_nt.c | 655 +++++++++++++++++++++++++++++++++++++--- 2 files changed, 734 insertions(+), 56 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_reg.c b/source3/rpc_server/srv_reg.c index e024ba74e7..a096325860 100644 --- a/source3/rpc_server/srv_reg.c +++ b/source3/rpc_server/srv_reg.c @@ -1,11 +1,12 @@ -/* +/* * Unix SMB/CIFS implementation. * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-1997, * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, * Copyright (C) Paul Ashton 1997. - * Copyright (C) Marc Jacobsen 2000. - * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Marc Jacobsen 2000. + * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Gerald Carter 2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -56,10 +57,10 @@ static BOOL api_reg_close(pipes_struct *p) } /******************************************************************* - api_reg_open + api_reg_open_khlm ********************************************************************/ -static BOOL api_reg_open(pipes_struct *p) +static BOOL api_reg_open_hklm(pipes_struct *p) { REG_Q_OPEN_HKLM q_u; REG_R_OPEN_HKLM r_u; @@ -73,7 +74,7 @@ static BOOL api_reg_open(pipes_struct *p) if(!reg_io_q_open_hklm("", &q_u, data, 0)) return False; - r_u.status = _reg_open(p, &q_u, &r_u); + r_u.status = _reg_open_hklm(p, &q_u, &r_u); if(!reg_io_r_open_hklm("", &r_u, rdata, 0)) return False; @@ -81,6 +82,33 @@ static BOOL api_reg_open(pipes_struct *p) return True; } +/******************************************************************* + api_reg_open_khlm + ********************************************************************/ + +static BOOL api_reg_open_hku(pipes_struct *p) +{ + REG_Q_OPEN_HKU q_u; + REG_R_OPEN_HKU r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + /* grab the reg open */ + if(!reg_io_q_open_hku("", &q_u, data, 0)) + return False; + + r_u.status = _reg_open_hku(p, &q_u, &r_u); + + if(!reg_io_r_open_hku("", &r_u, rdata, 0)) + return False; + + return True; +} + + /******************************************************************* api_reg_open_entry ********************************************************************/ @@ -187,18 +215,99 @@ static BOOL api_reg_abort_shutdown(pipes_struct *p) } +/******************************************************************* + api_reg_query_key + ********************************************************************/ + +static BOOL api_reg_query_key(pipes_struct *p) +{ + REG_Q_QUERY_KEY q_u; + REG_R_QUERY_KEY r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!reg_io_q_query_key("", &q_u, data, 0)) + return False; + + r_u.status = _reg_query_key(p, &q_u, &r_u); + + if(!reg_io_r_query_key("", &r_u, rdata, 0)) + return False; + + return True; +} + +/******************************************************************* + api_reg_unknown_1a + ********************************************************************/ + +static BOOL api_reg_unknown_1a(pipes_struct *p) +{ + REG_Q_UNKNOWN_1A q_u; + REG_R_UNKNOWN_1A r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!reg_io_q_unknown_1a("", &q_u, data, 0)) + return False; + + r_u.status = _reg_unknown_1a(p, &q_u, &r_u); + + if(!reg_io_r_unknown_1a("", &r_u, rdata, 0)) + return False; + + return True; +} + +/******************************************************************* + api_reg_enum_key + ********************************************************************/ + +static BOOL api_reg_enum_key(pipes_struct *p) +{ + REG_Q_ENUM_KEY q_u; + REG_R_ENUM_KEY r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!reg_io_q_enum_key("", &q_u, data, 0)) + return False; + + r_u.status = _reg_enum_key(p, &q_u, &r_u); + + if(!reg_io_r_enum_key("", &r_u, rdata, 0)) + return False; + + return True; +} + + + /******************************************************************* array of \PIPE\reg operations ********************************************************************/ static struct api_struct api_reg_cmds[] = { - { "REG_CLOSE" , REG_CLOSE , api_reg_close }, - { "REG_OPEN_ENTRY" , REG_OPEN_ENTRY , api_reg_open_entry }, - { "REG_OPEN" , REG_OPEN_HKLM , api_reg_open }, - { "REG_INFO" , REG_INFO , api_reg_info }, - { "REG_SHUTDOWN" , REG_SHUTDOWN , api_reg_shutdown }, - { "REG_ABORT_SHUTDOWN", REG_ABORT_SHUTDOWN, api_reg_abort_shutdown }, - { NULL, 0 , NULL } + { "REG_CLOSE" , REG_CLOSE , api_reg_close }, + { "REG_OPEN_ENTRY" , REG_OPEN_ENTRY , api_reg_open_entry }, + { "REG_OPEN_HKLM" , REG_OPEN_HKLM , api_reg_open_hklm }, + { "REG_OPEN_HKU" , REG_OPEN_HKU , api_reg_open_hku }, + { "REG_ENUM_KEY" , REG_ENUM_KEY , api_reg_enum_key }, + { "REG_QUERY_KEY" , REG_QUERY_KEY , api_reg_query_key }, + { "REG_INFO" , REG_INFO , api_reg_info }, + { "REG_SHUTDOWN" , REG_SHUTDOWN , api_reg_shutdown }, + { "REG_ABORT_SHUTDOWN" , REG_ABORT_SHUTDOWN , api_reg_abort_shutdown }, + { "REG_UNKNOWN_1A" , REG_UNKNOWN_1A , api_reg_unknown_1a }, + { NULL , 0 , NULL } }; /******************************************************************* diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 03aae14b53..0569d68cae 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -5,7 +5,8 @@ * Copyright (C) Luke Kenneth Casson Leighton 1996-1997, * Copyright (C) Paul Ashton 1997. * Copyright (C) Hewlett-Packard Company 1999. - * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Gerald Carter 2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -29,20 +30,473 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_RPC_SRV -struct reg_info { - /* for use by \PIPE\winreg */ +#define KEY_HKLM "HKLM" +#define KEY_HKU "HKU" + +#define OUR_HANDLE(hnd) (((hnd)==NULL)?"NULL":(IVAL((hnd)->data5,4)==(uint32)sys_getpid()?"OURS":"OTHER")), \ +((unsigned int)IVAL((hnd)->data5,4)),((unsigned int)sys_getpid()) + +/* structure to store the registry handles */ + +typedef struct _RegistryKey { + struct _RegistryKey *prev, *next; + fstring name; /* name of registry key */ -}; + POLICY_HND hnd; + +} Registry_Key; + +static Registry_Key *regkeys_list; +static TDB_CONTEXT *tdb_reg; + +/*********************************************************************** + Add subkey strings to the registry tdb under a defined key + fmt is the same format as tdb_pack except this function only supports + fstrings + ***********************************************************************/ + +static BOOL store_reg_keys( TDB_CONTEXT *tdb, char *keyname, char **subkeys, uint32 num_subkeys ) +{ + TDB_DATA kbuf, dbuf; + void *buffer, *tmpbuf; + int i = 0; + uint32 len, buflen; + BOOL ret = True; + + if ( !keyname ) + return False; + + /* allocate some initial memory */ + + buffer = malloc(sizeof(pstring)); + buflen = sizeof(pstring); + len = 0; + + /* store the number of subkeys */ + + len += tdb_pack(buffer+len, buflen-len, "d", num_subkeys); + + /* pack all the strings */ + + for (i=0; i buflen ) { + /* allocate some extra space */ + if ((tmpbuf = Realloc( buffer, len*2 )) == NULL) { + DEBUG(0,("store_reg_keys: Failed to realloc memory of size [%d]\n", len*2)); + ret = False; + goto done; + } + buffer = tmpbuf; + buflen = len*2; + + len = tdb_pack(buffer+len, buflen-len, "f", subkeys[i]); + } + } + + /* finally write out the data */ + + kbuf.dptr = keyname; + kbuf.dsize = strlen(keyname)+1; + dbuf.dptr = buffer; + dbuf.dsize = len; + if ( tdb_store( tdb, kbuf, dbuf, TDB_REPLACE ) == -1) { + ret = False; + goto done; + } + +done: + SAFE_FREE( buffer ); + return ret; +} + +/*********************************************************************** + Retrieve an array of strings containing subkeys. Memory should be + released by the caller. The subkeys are stored in a catenated string + of null terminated character strings + ***********************************************************************/ + +static int fetch_reg_keys( TDB_CONTEXT *tdb, char* key, char **subkeys ) +{ + pstring path; + uint32 num_items; + TDB_DATA dbuf; + void *buf; + uint32 buflen, len; + int i; + char *s; + + + pstrcpy( path, key ); + + /* convert to key format */ + pstring_sub( path, "\\", "/" ); + + dbuf = tdb_fetch_by_string( tdb, path ); + + buf = dbuf.dptr; + buflen = dbuf.dsize; + + if ( !buf ) { + DEBUG(5,("fetch_reg_keys: Failed to fetch any subkeys for [%s]\n", key)); + return -1; + } + + len = tdb_unpack( buf, buflen, "d", &num_items); + if (num_items) { + if ( (*subkeys = (char*)malloc(sizeof(fstring)*num_items)) == NULL ) { + DEBUG(0,("fetch_reg_keys: Failed to malloc memory for subkey array containing [%d] items!\n", + num_items)); + num_items = -1; + goto done; + } + } + + s = *subkeys; + for (i=0; iname, name ); + + DEBUG(7,("open_registry_key: exit\n")); + + return create_policy_hnd( p, hnd, free_reg_info, regkey ); +} + +/******************************************************************* + Function for open a new registry handle and creating a handle + Note that P should be valid & hnd should already have space + *******************************************************************/ + +static BOOL close_registry_key(pipes_struct *p, POLICY_HND *hnd) +{ + Registry_Key *regkey = find_regkey_index_by_hnd(p, hnd); + + if ( !regkey ) { + DEBUG(2,("close_registry_key: Invalid handle (%s:%u:%u)\n", OUR_HANDLE(hnd))); + return False; + } + + close_policy_hnd(p, hnd); + + return True; +} + +/******************************************************************** + retrieve information about the subkeys + *******************************************************************/ + +static BOOL get_subkey_information( Registry_Key *key, uint32 *maxnum, uint32 *maxlen ) +{ + int num_subkeys, i; + uint32 max_len; + char *subkeys = NULL; + uint32 len; + char *s; + + if ( !key ) + return False; + + num_subkeys = fetch_reg_keys( tdb_reg, key->name, &subkeys ); + if ( num_subkeys == -1 ) + return False; + + /* find the longest string */ + + max_len = 0; + s = subkeys; + for ( i=0; iname, KEY_HKLM) || !strcmp(key->name, KEY_HKU) ) + { + *maxnum = 0; + *maxlen = 0; + *maxsize = 0; + return True; + } + + /* + * FIXME!!! Need to add routines to look up values in other + * databases --jerry + */ + + return False; +} + +/******************************************************************** + reg_close ********************************************************************/ NTSTATUS _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u) @@ -51,7 +505,7 @@ NTSTATUS _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u) ZERO_STRUCT(r_u->pol); /* close the policy handle */ - if (!close_policy_hnd(p, &q_u->pol)) + if (!close_registry_key(p, &q_u->pol)) return NT_STATUS_OBJECT_NAME_INVALID; return NT_STATUS_OK; @@ -61,9 +515,21 @@ NTSTATUS _reg_close(pipes_struct *p, REG_Q_CLOSE *q_u, REG_R_CLOSE *r_u) reg_reply_open ********************************************************************/ -NTSTATUS _reg_open(pipes_struct *p, REG_Q_OPEN_HKLM *q_u, REG_R_OPEN_HKLM *r_u) +NTSTATUS _reg_open_hklm(pipes_struct *p, REG_Q_OPEN_HKLM *q_u, REG_R_OPEN_HKLM *r_u) +{ + if (!open_registry_key(p, &r_u->pol, KEY_HKLM, 0x0)) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + + return NT_STATUS_OK; +} + +/******************************************************************* + reg_reply_open + ********************************************************************/ + +NTSTATUS _reg_open_hku(pipes_struct *p, REG_Q_OPEN_HKU *q_u, REG_R_OPEN_HKU *r_u) { - if (!create_policy_hnd(p, &r_u->pol, free_reg_info, NULL)) + if (!open_registry_key(p, &r_u->pol, KEY_HKU, 0x0)) return NT_STATUS_OBJECT_NAME_NOT_FOUND; return NT_STATUS_OK; @@ -77,34 +543,36 @@ NTSTATUS _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTR { POLICY_HND pol; fstring name; - struct reg_info *info = NULL; + pstring path; + int num_subkeys; + Registry_Key *key = find_regkey_index_by_hnd(p, &q_u->pol); - DEBUG(5,("reg_open_entry: %d\n", __LINE__)); + DEBUG(5,("reg_open_entry: Enter\n")); - if (!find_policy_by_hnd(p, &q_u->pol, NULL)) + if ( !key ) return NT_STATUS_INVALID_HANDLE; rpcstr_pull(name,q_u->uni_name.buffer,sizeof(name),q_u->uni_name.uni_str_len*2,0); - DEBUG(5,("reg_open_entry: %s\n", name)); - - /* lkcl XXXX do a check on the name, here */ - if (!strequal(name, "SYSTEM\\CurrentControlSet\\Control\\ProductOptions") && - !strequal(name, "System\\CurrentControlSet\\services\\Netlogon\\parameters\\")) - return NT_STATUS_ACCESS_DENIED; + /* store the full path in the regkey_list */ + + pstrcpy( path, key->name ); + pstrcat( path, "\\" ); + pstrcat( path, name ); - if ((info = (struct reg_info *)malloc(sizeof(struct reg_info))) == NULL) - return NT_STATUS_NO_MEMORY; + DEBUG(5,("reg_open_entry: %s\n", path)); - ZERO_STRUCTP(info); - fstrcpy(info->name, name); + /* do a check on the name, here */ + + if ( (num_subkeys=fetch_reg_keys_count( tdb_reg, path )) == -1 ) + return NT_STATUS_ACCESS_DENIED; - if (!create_policy_hnd(p, &pol, free_reg_info, (void *)info)) - return NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ + if (!open_registry_key(p, &pol, path, 0x0)) + return NT_STATUS_TOO_MANY_SECRETS; init_reg_r_open_entry(r_u, &pol, NT_STATUS_OK); - DEBUG(5,("reg_open_entry: %d\n", __LINE__)); + DEBUG(5,("reg_open_entry: Exitn")); return r_u->status; } @@ -116,21 +584,23 @@ NTSTATUS _reg_open_entry(pipes_struct *p, REG_Q_OPEN_ENTRY *q_u, REG_R_OPEN_ENTR NTSTATUS _reg_info(pipes_struct *p, REG_Q_INFO *q_u, REG_R_INFO *r_u) { NTSTATUS status = NT_STATUS_OK; - char *key = NULL; - uint32 type=0x1; /* key type: REG_SZ */ - + char *value = NULL; + uint32 type = 0x1; /* key type: REG_SZ */ UNISTR2 *uni_key = NULL; BUFFER2 *buf = NULL; fstring name; + Registry_Key *key = find_regkey_index_by_hnd( p, &q_u->pol ); - DEBUG(5,("_reg_info: %d\n", __LINE__)); + DEBUG(5,("_reg_info: Enter\n")); - if (!find_policy_by_hnd(p, &q_u->pol, NULL)) + if ( !key ) return NT_STATUS_INVALID_HANDLE; + + DEBUG(7,("_reg_info: policy key name = [%s]\n", key->name)); rpcstr_pull(name, q_u->uni_type.buffer, sizeof(name), q_u->uni_type.uni_str_len*2, 0); - DEBUG(5,("reg_info: checking key: %s\n", name)); + DEBUG(5,("reg_info: checking subkey: %s\n", name)); uni_key = (UNISTR2 *)talloc_zero(p->mem_ctx, sizeof(UNISTR2)); buf = (BUFFER2 *)talloc_zero(p->mem_ctx, sizeof(BUFFER2)); @@ -150,33 +620,126 @@ NTSTATUS _reg_info(pipes_struct *p, REG_Q_INFO *q_u, REG_R_INFO *r_u) } switch (lp_server_role()) { - case ROLE_DOMAIN_PDC: - case ROLE_DOMAIN_BDC: - key = "LanmanNT"; - break; - case ROLE_STANDALONE: - key = "ServerNT"; - break; - case ROLE_DOMAIN_MEMBER: - key = "WinNT"; - break; + case ROLE_DOMAIN_PDC: + case ROLE_DOMAIN_BDC: + value = "LanmanNT"; + break; + case ROLE_STANDALONE: + value = "ServerNT"; + break; + case ROLE_DOMAIN_MEMBER: + value = "WinNT"; + break; } /* This makes the server look like a member server to clients */ /* which tells clients that we have our own local user and */ /* group databases and helps with ACL support. */ - init_unistr2(uni_key, key, strlen(key)+1); + init_unistr2(uni_key, value, strlen(value)+1); init_buffer2(buf, (uint8*)uni_key->buffer, uni_key->uni_str_len*2); out: init_reg_r_info(q_u->ptr_buf, r_u, buf, type, status); - DEBUG(5,("reg_open_entry: %d\n", __LINE__)); + DEBUG(5,("reg_open_entry: Exit\n")); + + return status; +} + + +/***************************************************************************** + Implementation of REG_QUERY_KEY + ****************************************************************************/ + +NTSTATUS _reg_query_key(pipes_struct *p, REG_Q_QUERY_KEY *q_u, REG_R_QUERY_KEY *r_u) +{ + NTSTATUS status = NT_STATUS_OK; + Registry_Key *regkey = find_regkey_index_by_hnd( p, &q_u->pol ); + + DEBUG(5,("_reg_query_key: Enter\n")); + + if ( !regkey ) + return NT_STATUS_INVALID_HANDLE; + + if ( !get_subkey_information( regkey, &r_u->num_subkeys, &r_u->max_subkeylen ) ) + return NT_STATUS_ACCESS_DENIED; + + if ( !get_value_information( regkey, &r_u->num_values, &r_u->max_valnamelen, &r_u->max_valbufsize ) ) + return NT_STATUS_ACCESS_DENIED; + + r_u->sec_desc = 0x0; /* size for key's sec_desc */ + + /* Win9x set this to 0x0 since it does not keep timestamps. + Doing the same here for simplicity --jerry */ + + ZERO_STRUCT(r_u->mod_time); + + DEBUG(5,("_reg_query_key: Exit\n")); + + return status; +} + + +/***************************************************************************** + Implementation of REG_UNKNOWN_1A + ****************************************************************************/ + +NTSTATUS _reg_unknown_1a(pipes_struct *p, REG_Q_UNKNOWN_1A *q_u, REG_R_UNKNOWN_1A *r_u) +{ + NTSTATUS status = NT_STATUS_OK; + Registry_Key *regkey = find_regkey_index_by_hnd( p, &q_u->pol ); + + DEBUG(5,("_reg_unknown_1a: Enter\n")); + + if ( !regkey ) + return NT_STATUS_INVALID_HANDLE; + + r_u->unknown = 0x05000000; /* seems to be consistent...no idea what it means */ + + DEBUG(5,("_reg_unknown_1a: Exit\n")); + + return status; +} + +/***************************************************************************** + Implementation of REG_ENUM_KEY + ****************************************************************************/ + +NTSTATUS _reg_enum_key(pipes_struct *p, REG_Q_ENUM_KEY *q_u, REG_R_ENUM_KEY *r_u) +{ + NTSTATUS status = NT_STATUS_OK; + Registry_Key *regkey = find_regkey_index_by_hnd( p, &q_u->pol ); + fstring subkey; + + + DEBUG(5,("_reg_enum_key: Enter\n")); + + if ( !regkey ) + return NT_STATUS_INVALID_HANDLE; + + DEBUG(8,("_reg_enum_key: enumerating key [%s]\n", regkey->name)); + + if ( !fetch_reg_keys_specific( tdb_reg, regkey->name, subkey, q_u->key_index ) ) + { + status = werror_to_ntstatus( WERR_NO_MORE_ITEMS ); + goto done; + } + + DEBUG(10,("_reg_enum_key: retrieved subkey named [%s]\n", subkey)); + + /* subkey has the string name now */ + + init_reg_r_enum_key( r_u, subkey, q_u->unknown_1, q_u->unknown_2 ); + + DEBUG(5,("_reg_enum_key: Exit\n")); + +done: return status; } + /******************************************************************* reg_shutdwon ********************************************************************/ @@ -222,6 +785,10 @@ NTSTATUS _reg_shutdown(pipes_struct *p, REG_Q_SHUTDOWN *q_u, REG_R_SHUTDOWN *r_u return status; } +/******************************************************************* + reg_abort_shutdwon + ********************************************************************/ + NTSTATUS _reg_abort_shutdown(pipes_struct *p, REG_Q_ABORT_SHUTDOWN *q_u, REG_R_ABORT_SHUTDOWN *r_u) { NTSTATUS status = NT_STATUS_OK; @@ -237,3 +804,5 @@ NTSTATUS _reg_abort_shutdown(pipes_struct *p, REG_Q_ABORT_SHUTDOWN *q_u, REG_R_A return status; } + + -- cgit From cd383bdc309a0585e656c373e7d1b9d66f6395e1 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 4 Jul 2002 08:45:45 +0000 Subject: Patch to add security descriptors to the SAMR pipe. This is not the final solution, I think this will probably changed with the move to the new SAM subsystem, but it allows some research and gives us somthing to start with. It should also help with getting proper NT_TOKEN passing set-up. Original patch by "Kai Krueger" , which I have modified to pass back NTSTATUS returns in more places and to use a little more common code. Andrew Bartlett (This used to be commit 43b72493708e74e089989db42a003a3862c793e6) --- source3/rpc_server/srv_samr_nt.c | 723 ++++++++++++++++++++++++++++++++------- 1 file changed, 602 insertions(+), 121 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 9393917cde..7a23a55b2a 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -54,11 +54,69 @@ struct samr_info { /* for use by the \PIPE\samr policy */ DOM_SID sid; uint32 status; /* some sort of flag. best to record it. comes from opnum 0x39 */ + uint32 acc_granted; DISP_INFO disp_info; TALLOC_CTX *mem_ctx; }; +struct generic_mapping sam_generic_mapping = {SAMR_READ, SAMR_WRITE, SAMR_EXECUTE, SAMR_ALL_ACCESS}; +struct generic_mapping dom_generic_mapping = {DOMAIN_READ, DOMAIN_WRITE, DOMAIN_EXECUTE, DOMAIN_ALL_ACCESS}; +struct generic_mapping usr_generic_mapping = {USER_READ, USER_WRITE, USER_EXECUTE, USER_ALL_ACCESS}; +struct generic_mapping grp_generic_mapping = {GROUP_READ, GROUP_WRITE, GROUP_EXECUTE, GROUP_ALL_ACCESS}; +struct generic_mapping ali_generic_mapping = {ALIAS_READ, ALIAS_WRITE, ALIAS_EXECUTE, ALIAS_ALL_ACCESS}; + +static NTSTATUS samr_make_dom_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *d_size); + + +/******************************************************************* + Checks if access to an object should be granted, and returns that + level of access for further checks. +********************************************************************/ + +NTSTATUS access_check_samr_object(SEC_DESC *psd, NT_USER_TOKEN *nt_user_token, uint32 des_access, + uint32 *acc_granted, const char *debug) +{ + NTSTATUS status = NT_STATUS_ACCESS_DENIED; + + if (!se_access_check(psd, nt_user_token, des_access, acc_granted, &status)) { + if (geteuid() == sec_initial_uid()) { + DEBUG(4,("%s: ACCESS should be DENIED (requested: %#010x)\n", + debug, des_access)); + DEBUGADD(4,("but overritten by euid == sec_initial_uid()\n")); + status = NT_STATUS_OK; + } + else { + DEBUG(2,("%s: ACCESS DENIED (requested: %#010x)\n", + debug, des_access)); + } + } + return status; +} + +/******************************************************************* + Checks if access to a function can be granted +********************************************************************/ + +NTSTATUS access_check_samr_function(uint32 acc_granted, uint32 acc_required, const char *debug) +{ + DEBUG(5,("%s: access check ((granted: %#010x; required: %#010x)\n", + debug, acc_granted, acc_required)); + if ((acc_granted & acc_required) != acc_required) { + if (geteuid() == sec_initial_uid()) { + DEBUG(4,("%s: ACCESS should be DENIED (granted: %#010x; required: %#010x)\n", + debug, acc_granted, acc_required)); + DEBUGADD(4,("but overwritten by euid == 0\n")); + return NT_STATUS_OK; + } + DEBUG(2,("%s: ACCESS DENIED (granted: %#010x; required: %#010x)\n", + debug, acc_granted, acc_required)); + return NT_STATUS_ACCESS_DENIED; + } + return NT_STATUS_OK; +} + + /******************************************************************* Create a samr_info struct. ********************************************************************/ @@ -276,17 +334,37 @@ NTSTATUS _samr_close_hnd(pipes_struct *p, SAMR_Q_CLOSE_HND *q_u, SAMR_R_CLOSE_HN NTSTATUS _samr_open_domain(pipes_struct *p, SAMR_Q_OPEN_DOMAIN *q_u, SAMR_R_OPEN_DOMAIN *r_u) { - struct samr_info *info; + struct samr_info *info; + SEC_DESC *psd = NULL; + uint32 acc_granted; + uint32 des_access = q_u->flags; + size_t sd_size; + NTSTATUS status; r_u->status = NT_STATUS_OK; /* find the connection policy handle. */ - if (!find_policy_by_hnd(p, &q_u->pol, NULL)) + if (!find_policy_by_hnd(p, &q_u->pol, (void**)&info)) return NT_STATUS_INVALID_HANDLE; + if (!NT_STATUS_IS_OK(status = access_check_samr_function(info->acc_granted, SAMR_ACCESS_OPEN_DOMAIN,"_samr_open_domain"))) { + return status; + } + + /*check if access can be granted as requested by client. */ + samr_make_dom_obj_sd(p->mem_ctx, &psd, &sd_size); + se_map_generic(&des_access,&dom_generic_mapping); + + if (!NT_STATUS_IS_OK(status = + access_check_samr_object(psd, p->pipe_user.nt_user_token, + des_access, &acc_granted, "_samr_open_domain"))) { + return status; + } + /* associate the domain SID with the (unique) handle. */ if ((info = get_samr_info_by_sid(&q_u->dom_sid.sid))==NULL) return NT_STATUS_NO_MEMORY; + info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ if (!create_policy_hnd(p, &r_u->domain_pol, free_samr_info, (void *)info)) @@ -326,11 +404,90 @@ NTSTATUS _samr_get_usrdom_pwinfo(pipes_struct *p, SAMR_Q_GET_USRDOM_PWINFO *q_u, return r_u->status; } + +/******************************************************************* + samr_make_sam_obj_sd + ********************************************************************/ + +static NTSTATUS samr_make_sam_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) +{ + extern DOM_SID global_sid_World; + DOM_SID adm_sid; + DOM_SID act_sid; + + SEC_ACE ace[3]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + sid_copy(&act_sid, &global_sid_Builtin); + sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + + /*basic access for every one*/ + init_sec_access(&mask, SAMR_EXECUTE | SAMR_READ); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + /*full access for builtin aliases Administrators and Account Operators*/ + init_sec_access(&mask, SAMR_ALL_ACCESS); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) + return NT_STATUS_NO_MEMORY; + + if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == NULL) + return NT_STATUS_NO_MEMORY; + + return NT_STATUS_OK; +} + +/******************************************************************* + samr_make_dom_obj_sd + ********************************************************************/ + +static NTSTATUS samr_make_dom_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) +{ + extern DOM_SID global_sid_World; + DOM_SID adm_sid; + DOM_SID act_sid; + + SEC_ACE ace[3]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + sid_copy(&act_sid, &global_sid_Builtin); + sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + + /*basic access for every one*/ + init_sec_access(&mask, DOMAIN_EXECUTE | DOMAIN_READ); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + /*full access for builtin aliases Administrators and Account Operators*/ + init_sec_access(&mask, DOMAIN_ALL_ACCESS); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) + return NT_STATUS_NO_MEMORY; + + if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == NULL) + return NT_STATUS_NO_MEMORY; + + return NT_STATUS_OK; +} + /******************************************************************* samr_make_usr_obj_sd ********************************************************************/ -static NTSTATUS samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC_BUF **buf, DOM_SID *usr_sid) +static NTSTATUS samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size, DOM_SID *usr_sid) { extern DOM_SID global_sid_World; DOM_SID adm_sid; @@ -340,8 +497,6 @@ static NTSTATUS samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC_BUF **buf, DOM_SI SEC_ACCESS mask; SEC_ACL *psa = NULL; - SEC_DESC *psd = NULL; - size_t sd_size; sid_copy(&adm_sid, &global_sid_Builtin); sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); @@ -349,29 +504,107 @@ static NTSTATUS samr_make_usr_obj_sd(TALLOC_CTX *ctx, SEC_DESC_BUF **buf, DOM_SI sid_copy(&act_sid, &global_sid_Builtin); sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); - init_sec_access(&mask, 0x2035b); + /*basic access for every one*/ + init_sec_access(&mask, USER_EXECUTE | USER_READ); init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_access(&mask, 0xf07ff); + /*full access for builtin aliases Administrators and Account Operators*/ + init_sec_access(&mask, USER_ALL_ACCESS); init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - init_sec_access(&mask,0x20044); + /*extended access for the user*/ + init_sec_access(&mask,READ_CONTROL_ACCESS | USER_ACCESS_CHANGE_PASSWORD | USER_ACCESS_SET_LOC_COM); init_sec_ace(&ace[3], usr_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); - if((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 4, ace)) == NULL) + if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 4, ace)) == NULL) return NT_STATUS_NO_MEMORY; - if((psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, &sd_size)) == NULL) + if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == NULL) + return NT_STATUS_NO_MEMORY; + + return NT_STATUS_OK; +} + +/******************************************************************* + samr_make_grp_obj_sd + ********************************************************************/ + +static NTSTATUS samr_make_grp_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) +{ + extern DOM_SID global_sid_World; + DOM_SID adm_sid; + DOM_SID act_sid; + + SEC_ACE ace[3]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + sid_copy(&act_sid, &global_sid_Builtin); + sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + + /*basic access for every one*/ + init_sec_access(&mask, GROUP_EXECUTE | GROUP_READ); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + /*full access for builtin aliases Administrators and Account Operators*/ + init_sec_access(&mask, GROUP_ALL_ACCESS); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) return NT_STATUS_NO_MEMORY; - if((*buf = make_sec_desc_buf(ctx, sd_size, psd)) == NULL) + if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == NULL) return NT_STATUS_NO_MEMORY; return NT_STATUS_OK; } -static BOOL get_lsa_policy_samr_sid(pipes_struct *p, POLICY_HND *pol, DOM_SID *sid) +/******************************************************************* + samr_make_ali_obj_sd + ********************************************************************/ + +static NTSTATUS samr_make_ali_obj_sd(TALLOC_CTX *ctx, SEC_DESC **psd, size_t *sd_size) +{ + extern DOM_SID global_sid_World; + DOM_SID adm_sid; + DOM_SID act_sid; + + SEC_ACE ace[3]; + SEC_ACCESS mask; + + SEC_ACL *psa = NULL; + + sid_copy(&adm_sid, &global_sid_Builtin); + sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS); + + sid_copy(&act_sid, &global_sid_Builtin); + sid_append_rid(&act_sid, BUILTIN_ALIAS_RID_ACCOUNT_OPS); + + /*basic access for every one*/ + init_sec_access(&mask, ALIAS_EXECUTE | ALIAS_READ); + init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + /*full access for builtin aliases Administrators and Account Operators*/ + init_sec_access(&mask, ALIAS_ALL_ACCESS); + init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + init_sec_ace(&ace[2], &act_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0); + + if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 3, ace)) == NULL) + return NT_STATUS_NO_MEMORY; + + if ((*psd = make_sec_desc(ctx, SEC_DESC_REVISION, NULL, NULL, NULL, psa, sd_size)) == NULL) + return NT_STATUS_NO_MEMORY; + + return NT_STATUS_OK; +} + +static BOOL get_lsa_policy_samr_sid(pipes_struct *p, POLICY_HND *pol, DOM_SID *sid, uint32 *acc_granted) { struct samr_info *info = NULL; @@ -383,6 +616,7 @@ static BOOL get_lsa_policy_samr_sid(pipes_struct *p, POLICY_HND *pol, DOM_SID *s return False; *sid = info->sid; + *acc_granted = info->acc_granted; return True; } @@ -394,17 +628,52 @@ NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_ { DOM_SID pol_sid; fstring str_sid; + SEC_DESC * psd = NULL; + size_t sd_size; + uint32 acc_granted; r_u->status = NT_STATUS_OK; /* Get the SID. */ - - if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n", sid_to_string(str_sid, &pol_sid))); - r_u->status = samr_make_usr_obj_sd(p->mem_ctx, &r_u->buf, &pol_sid); + /* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */ + + /* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */ + if (pol_sid.sid_rev_num == 0) + { + DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n")); + r_u->status = samr_make_sam_obj_sd(p->mem_ctx, &psd, &sd_size); + } + else if (sid_equal(&pol_sid,get_global_sam_sid())) //check if it is our domain SID + + { + DEBUG(5,("_samr_query_sec_obj: querying security on Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid))); + r_u->status = samr_make_dom_obj_sd(p->mem_ctx, &psd, &sd_size); + } + else if (sid_equal(&pol_sid,&global_sid_Builtin)) //check if it is the Builtin Domain + { + /* TODO: Builtin probably needs a different SD with restricted write access*/ + DEBUG(5,("_samr_query_sec_obj: querying security on Builtin Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid))); + r_u->status = samr_make_dom_obj_sd(p->mem_ctx, &psd, &sd_size); + } + else if (sid_check_is_in_our_domain(&pol_sid) || + sid_check_is_in_builtin(&pol_sid)) + { + /* TODO: different SDs have to be generated for aliases groups and users. + Currently all three get a default user SD */ + DEBUG(10,("_samr_query_sec_obj: querying security on Object with SID: %s\n", sid_to_string(str_sid, &pol_sid))); + r_u->status = samr_make_usr_obj_sd(p->mem_ctx, &psd,&sd_size, &pol_sid); + } + else return NT_STATUS_OBJECT_TYPE_MISMATCH; + + if ((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL) + return NT_STATUS_NO_MEMORY; if (NT_STATUS_IS_OK(r_u->status)) r_u->ptr = 1; @@ -496,9 +765,14 @@ NTSTATUS _samr_enum_dom_users(pipes_struct *p, SAMR_Q_ENUM_DOM_USERS *q_u, if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &domain_sid)) - return NT_STATUS_INVALID_HANDLE; + domain_sid = info->sid; + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, + DOMAIN_ACCESS_ENUM_ACCOUNTS, + "_samr_enum_dom_users"))) { + return r_u->status; + } + DEBUG(5,("_samr_enum_dom_users: %d\n", __LINE__)); become_root(); @@ -782,11 +1056,16 @@ NTSTATUS _samr_enum_dom_groups(pipes_struct *p, SAMR_Q_ENUM_DOM_GROUPS *q_u, SAM DOMAIN_GRP *grp=NULL; uint32 num_entries; DOM_SID sid; + uint32 acc_granted; r_u->status = NT_STATUS_OK; - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_ENUM_ACCOUNTS, "_samr_enum_dom_groups"))) { + return r_u->status; + } DEBUG(5,("samr_reply_enum_dom_groups: %d\n", __LINE__)); @@ -814,12 +1093,17 @@ NTSTATUS _samr_enum_dom_aliases(pipes_struct *p, SAMR_Q_ENUM_DOM_ALIASES *q_u, S fstring sid_str; DOM_SID sid; NTSTATUS status; + uint32 acc_granted; r_u->status = NT_STATUS_OK; - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_ENUM_ACCOUNTS, "_samr_enum_dom_aliases"))) { + return r_u->status; + } + sid_to_string(sid_str, &sid); DEBUG(5,("samr_reply_enum_dom_aliases: sid %s\n", sid_str)); @@ -867,8 +1151,7 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, if (!find_policy_by_hnd(p, &q_u->domain_pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; - if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &domain_sid)) - return NT_STATUS_INVALID_HANDLE; + domain_sid = info->sid; /* * calculate how many entries we will return. @@ -1036,22 +1319,26 @@ NTSTATUS _samr_query_dispinfo(pipes_struct *p, SAMR_Q_QUERY_DISPINFO *q_u, NTSTATUS _samr_query_aliasinfo(pipes_struct *p, SAMR_Q_QUERY_ALIASINFO *q_u, SAMR_R_QUERY_ALIASINFO *r_u) { - struct samr_info *info = NULL; + DOM_SID sid; GROUP_MAP map; + uint32 acc_granted; r_u->status = NT_STATUS_OK; DEBUG(5,("_samr_query_aliasinfo: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, ALIAS_ACCESS_LOOKUP_INFO, "_samr_query_aliasinfo"))) { + return r_u->status; + } - if (!sid_check_is_in_our_domain(&info->sid) && - !sid_check_is_in_builtin(&info->sid)) + if (!sid_check_is_in_our_domain(&sid) && + !sid_check_is_in_builtin(&sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; - if(!get_local_group_from_sid(info->sid, &map, MAPPING_WITHOUT_PRIV)) + if (!get_local_group_from_sid(sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_ALIAS; switch (q_u->switch_level) { @@ -1148,6 +1435,7 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO int num_rids = q_u->num_names2; DOM_SID pol_sid; fstring sid_str; + uint32 acc_granted; r_u->status = NT_STATUS_OK; @@ -1156,10 +1444,14 @@ NTSTATUS _samr_lookup_names(pipes_struct *p, SAMR_Q_LOOKUP_NAMES *q_u, SAMR_R_LO ZERO_ARRAY(rid); ZERO_ARRAY(type); - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid)) { + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted)) { init_samr_r_lookup_names(p->mem_ctx, r_u, 0, NULL, NULL, NT_STATUS_OBJECT_TYPE_MISMATCH); return r_u->status; } + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, 0, "_samr_lookup_names"))) { /* Don't know the acc_bits yet */ + return r_u->status; + } if (num_rids > MAX_SAM_ENTRIES) { num_rids = MAX_SAM_ENTRIES; @@ -1303,13 +1595,14 @@ NTSTATUS _samr_lookup_rids(pipes_struct *p, SAMR_Q_LOOKUP_RIDS *q_u, SAMR_R_LOOK DOM_SID pol_sid; int num_rids = q_u->num_rids1; int i; + uint32 acc_granted; r_u->status = NT_STATUS_OK; DEBUG(5,("_samr_lookup_rids: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; if (num_rids > MAX_SAM_ENTRIES) { @@ -1371,27 +1664,40 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN POLICY_HND domain_pol = q_u->domain_pol; POLICY_HND *user_pol = &r_u->user_pol; struct samr_info *info = NULL; + SEC_DESC *psd = NULL; + uint32 acc_granted; + uint32 des_access = q_u->access_mask; + size_t sd_size; BOOL ret; NTSTATUS nt_status; r_u->status = NT_STATUS_OK; - /* find the domain policy handle. */ - if (!find_policy_by_hnd(p, &domain_pol, NULL)) + /* find the domain policy handle and get domain SID / access bits in the domain policy. */ + if (!get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(nt_status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_OPEN_ACCOUNT, "_samr_open_user"))) { + return nt_status; + } nt_status = pdb_init_sam_talloc(p->mem_ctx, &sampass); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } - /* Get the domain SID stored in the domain policy */ - if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid)) - return NT_STATUS_INVALID_HANDLE; - /* append the user's RID to it */ - if(!sid_append_rid(&sid, q_u->user_rid)) + if (!sid_append_rid(&sid, q_u->user_rid)) return NT_STATUS_NO_SUCH_USER; + + /* check if access can be granted as requested by client. */ + samr_make_usr_obj_sd(p->mem_ctx, &psd, &sd_size, &sid); + se_map_generic(&des_access, &usr_generic_mapping); + if (!NT_STATUS_IS_OK(nt_status = + access_check_samr_object(psd, p->pipe_user.nt_user_token, + des_access, &acc_granted, "_samr_open_user"))) { + return nt_status; + } become_root(); ret=pdb_getsampwsid(sampass, &sid); @@ -1404,9 +1710,10 @@ NTSTATUS _api_samr_open_user(pipes_struct *p, SAMR_Q_OPEN_USER *q_u, SAMR_R_OPEN pdb_free_sam(&sampass); - /* associate the user's SID with the new handle. */ + /* associate the user's SID and access bits with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) return NT_STATUS_NO_MEMORY; + info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) @@ -1685,9 +1992,10 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAMR_R_QUERY_USERGROUPS *r_u) { SAM_ACCOUNT *sam_pass=NULL; + DOM_SID sid; DOM_GID *gids = NULL; int num_groups = 0; - struct samr_info *info = NULL; + uint32 acc_granted; BOOL ret; /* @@ -1707,16 +2015,20 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, USER_ACCESS_GET_GROUPS, "_samr_query_usergroups"))) { + return r_u->status; + } - if (!sid_check_is_in_our_domain(&info->sid)) + if (!sid_check_is_in_our_domain(&sid)) return NT_STATUS_OBJECT_TYPE_MISMATCH; pdb_init_sam(&sam_pass); become_root(); - ret = pdb_getsampwsid(sam_pass, &info->sid); + ret = pdb_getsampwsid(sam_pass, &sid); unbecome_root(); if (ret == False) { @@ -1866,11 +2178,19 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ BOOL ret; NTSTATUS nt_status; struct passwd *pw; + uint32 acc_granted; + SEC_DESC *psd; + size_t sd_size; + uint32 des_access; - /* find the policy handle. open a policy on it. */ - if (!find_policy_by_hnd(p, &dom_pol, NULL)) + /* Get the domain SID stored in the domain policy */ + if (!get_lsa_policy_samr_sid(p, &dom_pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + if (!NT_STATUS_IS_OK(nt_status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_CREATE_USER, "_samr_create_user"))) { + return nt_status; + } + /* find the account: tell the caller if it exists. lkclXXXX i have *no* idea if this is a problem or not or even if you are supposed to construct a different @@ -1939,7 +2259,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ else pstrcpy(add_script, lp_adduser_script()); - if(*add_script) { + if (*add_script) { int add_ret; all_string_sub(add_script, "%u", account, sizeof(account)); add_ret = smbrun(add_script,NULL); @@ -1988,6 +2308,14 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ /* Get the user's SID */ sid_copy(&sid, pdb_get_user_sid(sam_pass)); + samr_make_usr_obj_sd(p->mem_ctx, &psd, &sd_size, &sid); + se_map_generic(&des_access, &usr_generic_mapping); + if (!NT_STATUS_IS_OK(nt_status = + access_check_samr_object(psd, p->pipe_user.nt_user_token, + des_access, &acc_granted, "_samr_create_user"))) { + return nt_status; + } + /* associate the user's SID with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) { pdb_free_sam(&sam_pass); @@ -1996,6 +2324,7 @@ NTSTATUS _api_samr_create_user(pipes_struct *p, SAMR_Q_CREATE_USER *q_u, SAMR_R_ ZERO_STRUCTP(info); info->sid = sid; + info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ if (!create_policy_hnd(p, user_pol, free_samr_info, (void *)info)) { @@ -2019,29 +2348,29 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO { struct samr_info *info = NULL; - /* Access check */ + /* Access check */ - if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_connect_anon\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; - } + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_connect_anon\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } - /* set up the SAMR connect_anon response */ + /* set up the SAMR connect_anon response */ - r_u->status = NT_STATUS_OK; + r_u->status = NT_STATUS_OK; - /* associate the user's SID with the new handle. */ - if ((info = get_samr_info_by_sid(NULL)) == NULL) - return NT_STATUS_NO_MEMORY; + /* associate the user's SID with the new handle. */ + if ((info = get_samr_info_by_sid(NULL)) == NULL) + return NT_STATUS_NO_MEMORY; - info->status = q_u->unknown_0; + info->status = q_u->unknown_0; - /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + /* get a (unique) handle. open a policy on it. */ + if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; - return r_u->status; + return r_u->status; } /******************************************************************* @@ -2051,32 +2380,47 @@ NTSTATUS _samr_connect_anon(pipes_struct *p, SAMR_Q_CONNECT_ANON *q_u, SAMR_R_CO NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u) { struct samr_info *info = NULL; + SEC_DESC *psd = NULL; + uint32 acc_granted; + uint32 des_access = q_u->access_mask; + size_t sd_size; + NTSTATUS nt_status; - DEBUG(5,("_samr_connect: %d\n", __LINE__)); - /* Access check */ + DEBUG(5,("_samr_connect: %d\n", __LINE__)); - if (!pipe_access_check(p)) { - DEBUG(3, ("access denied to samr_connect\n")); - r_u->status = NT_STATUS_ACCESS_DENIED; - return r_u->status; - } + /* Access check */ - r_u->status = NT_STATUS_OK; + if (!pipe_access_check(p)) { + DEBUG(3, ("access denied to samr_connect\n")); + r_u->status = NT_STATUS_ACCESS_DENIED; + return r_u->status; + } + + samr_make_sam_obj_sd(p->mem_ctx, &psd, &sd_size); + se_map_generic(&des_access, &sam_generic_mapping); + if (!NT_STATUS_IS_OK(nt_status = + access_check_samr_object(psd, p->pipe_user.nt_user_token, + des_access, &acc_granted, "_samr_connect"))) { + return nt_status; + } + + r_u->status = NT_STATUS_OK; - /* associate the user's SID with the new handle. */ + /* associate the user's SID and access granted with the new handle. */ if ((info = get_samr_info_by_sid(NULL)) == NULL) - return NT_STATUS_NO_MEMORY; + return NT_STATUS_NO_MEMORY; - info->status = q_u->access_mask; + info->acc_granted = acc_granted; + info->status = q_u->access_mask; - /* get a (unique) handle. open a policy on it. */ - if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; + /* get a (unique) handle. open a policy on it. */ + if (!create_policy_hnd(p, &r_u->connect_pol, free_samr_info, (void *)info)) + return NT_STATUS_OBJECT_NAME_NOT_FOUND; - DEBUG(5,("_samr_connect: %d\n", __LINE__)); + DEBUG(5,("_samr_connect: %d\n", __LINE__)); - return r_u->status; + return r_u->status; } /********************************************************************** @@ -2085,14 +2429,19 @@ NTSTATUS _samr_connect(pipes_struct *p, SAMR_Q_CONNECT *q_u, SAMR_R_CONNECT *r_u NTSTATUS _samr_lookup_domain(pipes_struct *p, SAMR_Q_LOOKUP_DOMAIN *q_u, SAMR_R_LOOKUP_DOMAIN *r_u) { + struct samr_info *info; fstring domain_name; DOM_SID sid; r_u->status = NT_STATUS_OK; - if (!find_policy_by_hnd(p, &q_u->connect_pol, NULL)) + if (!find_policy_by_hnd(p, &q_u->connect_pol, (void**)&info)) return NT_STATUS_INVALID_HANDLE; + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, SAMR_ACCESS_OPEN_DOMAIN, "_samr_lookup_domain"))) { + return r_u->status; + } + rpcstr_pull(domain_name, q_u->uni_domain.buffer, sizeof(domain_name), q_u->uni_domain.uni_str_len*2, 0); ZERO_STRUCT(sid); @@ -2152,11 +2501,19 @@ static BOOL make_enum_domains(TALLOC_CTX *ctx, SAM_ENTRY **pp_sam, NTSTATUS _samr_enum_domains(pipes_struct *p, SAMR_Q_ENUM_DOMAINS *q_u, SAMR_R_ENUM_DOMAINS *r_u) { + struct samr_info *info; uint32 num_entries = 2; fstring dom[2]; char *name; r_u->status = NT_STATUS_OK; + + if (!find_policy_by_hnd(p, &q_u->pol, (void**)&info)) + return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, SAMR_ACCESS_ENUM_DOMAINS, "_samr_enum_domains"))) { + return r_u->status; + } switch (lp_server_role()) { case ROLE_DOMAIN_PDC: @@ -2189,21 +2546,35 @@ NTSTATUS _api_samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OP POLICY_HND domain_pol = q_u->dom_pol; uint32 alias_rid = q_u->rid_alias; POLICY_HND *alias_pol = &r_u->pol; - struct samr_info *info = NULL; + struct samr_info *info = NULL; + SEC_DESC *psd = NULL; + uint32 acc_granted; + uint32 des_access = q_u->access_mask; + size_t sd_size; + NTSTATUS status; r_u->status = NT_STATUS_OK; - /* get the domain policy. */ - if (!find_policy_by_hnd(p, &domain_pol, NULL)) - return NT_STATUS_INVALID_HANDLE; - - /* Get the domain SID stored in the domain policy */ - if(!get_lsa_policy_samr_sid(p, &domain_pol, &sid)) + /* find the domain policy and get the SID / access bits stored in the domain policy */ + if (!get_lsa_policy_samr_sid(p, &domain_pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_OPEN_ACCOUNT, "_samr_open_alias"))) { + return status; + } /* append the alias' RID to it */ - if(!sid_append_rid(&sid, alias_rid)) + if (!sid_append_rid(&sid, alias_rid)) return NT_STATUS_NO_SUCH_USER; + + /*check if access can be granted as requested by client. */ + samr_make_ali_obj_sd(p->mem_ctx, &psd, &sd_size); + se_map_generic(&des_access,&ali_generic_mapping); + if (!NT_STATUS_IS_OK(status = + access_check_samr_object(psd, p->pipe_user.nt_user_token, + des_access, &acc_granted, "_samr_open_alias"))) { + return status; + } /* * we should check if the rid really exist !!! @@ -2213,6 +2584,8 @@ NTSTATUS _api_samr_open_alias(pipes_struct *p, SAMR_Q_OPEN_ALIAS *q_u, SAMR_R_OP /* associate the user's SID with the new handle. */ if ((info = get_samr_info_by_sid(&sid)) == NULL) return NT_STATUS_NO_MEMORY; + + info->acc_granted = acc_granted; /* get a (unique) handle. open a policy on it. */ if (!create_policy_hnd(p, alias_pol, free_samr_info, (void *)info)) @@ -2486,15 +2859,22 @@ NTSTATUS _samr_set_userinfo(pipes_struct *p, SAMR_Q_SET_USERINFO *q_u, SAMR_R_SE POLICY_HND *pol = &q_u->pol; uint16 switch_value = q_u->switch_value; SAM_USERINFO_CTR *ctr = q_u->ctr; + uint32 acc_granted; + uint32 acc_required; DEBUG(5, ("_samr_set_userinfo: %d\n", __LINE__)); r_u->status = NT_STATUS_OK; /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, pol, &sid)) + if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + acc_required = USER_ACCESS_SET_LOC_COM | USER_ACCESS_SET_ATTRIBUTES; /* This is probably wrong */ + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo"))) { + return r_u->status; + } + DEBUG(5, ("_samr_set_userinfo: sid:%s, level:%d\n", sid_string_static(&sid), switch_value)); if (ctr == NULL) { @@ -2564,14 +2944,21 @@ NTSTATUS _samr_set_userinfo2(pipes_struct *p, SAMR_Q_SET_USERINFO2 *q_u, SAMR_R_ SAM_USERINFO_CTR *ctr = q_u->ctr; POLICY_HND *pol = &q_u->pol; uint16 switch_value = q_u->switch_value; + uint32 acc_granted; + uint32 acc_required; DEBUG(5, ("samr_reply_set_userinfo2: %d\n", __LINE__)); r_u->status = NT_STATUS_OK; /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, pol, &sid)) + if (!get_lsa_policy_samr_sid(p, pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + acc_required = USER_ACCESS_SET_LOC_COM | USER_ACCESS_SET_ATTRIBUTES; /* This is probably wrong */ + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, acc_required, "_samr_set_userinfo2"))) { + return r_u->status; + } DEBUG(5, ("samr_reply_set_userinfo2: sid:%s\n", sid_string_static(&sid))); @@ -2638,6 +3025,10 @@ NTSTATUS _samr_query_useraliases(pipes_struct *p, SAMR_Q_QUERY_USERALIASES *q_u, /* find the policy handle. open a policy on it. */ if (!find_policy_by_hnd(p, &q_u->pol, (void **)&info)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(info->acc_granted, USER_ACCESS_GET_GROUPS, "_samr_query_useraliases"))) { + return r_u->status; + } if (!sid_check_is_domain(&info->sid) && !sid_check_is_builtin(&info->sid)) @@ -2702,11 +3093,16 @@ NTSTATUS _samr_query_aliasmem(pipes_struct *p, SAMR_Q_QUERY_ALIASMEM *q_u, SAMR_ SAM_ACCOUNT *sam_user = NULL; BOOL check; + uint32 acc_granted; /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, ALIAS_ACCESS_GET_MEMBERS, "_samr_query_aliasmem"))) { + return r_u->status; + } + sid_copy(&als_sid, &alias_sid); sid_to_string(alias_sid_str, &alias_sid); sid_split_rid(&alias_sid, &alias_rid); @@ -2798,12 +3194,16 @@ NTSTATUS _samr_query_groupmem(pipes_struct *p, SAMR_Q_QUERY_GROUPMEM *q_u, SAMR_ SAM_ACCOUNT *sam_user = NULL; BOOL check; - + uint32 acc_granted; /* find the policy handle. open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, GROUP_ACCESS_GET_MEMBERS, "_samr_query_groupmem"))) { + return r_u->status; + } + /* todo: change to use sid_compare_front */ sid_split_rid(&group_sid, &group_rid); @@ -2886,11 +3286,16 @@ NTSTATUS _samr_add_aliasmem(pipes_struct *p, SAMR_Q_ADD_ALIASMEM *q_u, SAMR_R_AD NTSTATUS ret; SAM_ACCOUNT *sam_user = NULL; BOOL check; + uint32 acc_granted; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, ALIAS_ACCESS_ADD_MEMBER, "_samr_add_aliasmem"))) { + return r_u->status; + } + sid_to_string(alias_sid_str, &alias_sid); DEBUG(10, ("sid is %s\n", alias_sid_str)); @@ -2969,11 +3374,16 @@ NTSTATUS _samr_del_aliasmem(pipes_struct *p, SAMR_Q_DEL_ALIASMEM *q_u, SAMR_R_DE fstring grp_name; GROUP_MAP map; SAM_ACCOUNT *sam_pass=NULL; + uint32 acc_granted; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, ALIAS_ACCESS_REMOVE_MEMBER, "_samr_del_aliasmem"))) { + return r_u->status; + } + sid_to_string(alias_sid_str, &alias_sid); DEBUG(10, ("_samr_del_aliasmem:sid is %s\n", alias_sid_str)); @@ -3035,10 +3445,15 @@ NTSTATUS _samr_add_groupmem(pipes_struct *p, SAMR_Q_ADD_GROUPMEM *q_u, SAMR_R_AD NTSTATUS ret; SAM_ACCOUNT *sam_user; BOOL check; + uint32 acc_granted; /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, GROUP_ACCESS_ADD_MEMBER, "_samr_add_groupmem"))) { + return r_u->status; + } sid_to_string(group_sid_str, &group_sid); DEBUG(10, ("sid is %s\n", group_sid_str)); @@ -3116,6 +3531,7 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE GROUP_MAP map; fstring grp_name; struct group *grp; + uint32 acc_granted; /* * delete the group member named q_u->rid @@ -3124,16 +3540,20 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE */ /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - - if(!sid_check_is_in_our_domain(&group_sid)) + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, GROUP_ACCESS_REMOVE_MEMBER, "_samr_del_groupmem"))) { + return r_u->status; + } + + if (!sid_check_is_in_our_domain(&group_sid)) return NT_STATUS_NO_SUCH_GROUP; sid_copy(&user_sid, get_global_sam_sid()); sid_append_rid(&user_sid, q_u->rid); - if(!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) + if (!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_NO_SUCH_GROUP; if ((grp=getgrgid(map.gid)) == NULL) @@ -3144,14 +3564,14 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE /* check if the user exists before trying to remove it from the group */ pdb_init_sam(&sam_pass); - if(!pdb_getsampwsid(sam_pass, &user_sid)) { + if (!pdb_getsampwsid(sam_pass, &user_sid)) { DEBUG(5,("User %s doesn't exist.\n", pdb_get_username(sam_pass))); pdb_free_sam(&sam_pass); return NT_STATUS_NO_SUCH_USER; } /* if the user is not in the group */ - if(!user_in_group_list(pdb_get_username(sam_pass), grp_name)) { + if (!user_in_group_list(pdb_get_username(sam_pass), grp_name)) { pdb_free_sam(&sam_pass); return NT_STATUS_MEMBER_NOT_IN_GROUP; } @@ -3159,7 +3579,7 @@ NTSTATUS _samr_del_groupmem(pipes_struct *p, SAMR_Q_DEL_GROUPMEM *q_u, SAMR_R_DE smb_delete_user_group(grp_name, pdb_get_username(sam_pass)); /* check if the user has been removed then ... */ - if(user_in_group_list(pdb_get_username(sam_pass), grp_name)) { + if (user_in_group_list(pdb_get_username(sam_pass), grp_name)) { pdb_free_sam(&sam_pass); return NT_STATUS_ACCESS_DENIED; /* don't know what to reply else */ } @@ -3195,13 +3615,18 @@ NTSTATUS _samr_delete_dom_user(pipes_struct *p, SAMR_Q_DELETE_DOM_USER *q_u, SAM { DOM_SID user_sid; SAM_ACCOUNT *sam_pass=NULL; + uint32 acc_granted; DEBUG(5, ("_samr_delete_dom_user: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &user_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &user_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DELETE_ACCESS, "_samr_delete_dom_user"))) { + return r_u->status; + } + if (!sid_check_is_in_our_domain(&user_sid)) return NT_STATUS_CANNOT_DELETE; @@ -3249,13 +3674,18 @@ NTSTATUS _samr_delete_dom_group(pipes_struct *p, SAMR_Q_DELETE_DOM_GROUP *q_u, S gid_t gid; struct group *grp; GROUP_MAP map; + uint32 acc_granted; DEBUG(5, ("samr_delete_dom_group: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->group_pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DELETE_ACCESS, "_samr_delete_dom_group"))) { + return r_u->status; + } + sid_copy(&dom_sid, &group_sid); sid_to_string(group_sid_str, &dom_sid); sid_split_rid(&dom_sid, &group_rid); @@ -3306,13 +3736,18 @@ NTSTATUS _samr_delete_dom_alias(pipes_struct *p, SAMR_Q_DELETE_DOM_ALIAS *q_u, S gid_t gid; struct group *grp; GROUP_MAP map; + uint32 acc_granted; DEBUG(5, ("_samr_delete_dom_alias: %d\n", __LINE__)); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &alias_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DELETE_ACCESS, "_samr_delete_dom_alias"))) { + return r_u->status; + } + sid_copy(&dom_sid, &alias_sid); sid_to_string(alias_sid_str, &dom_sid); sid_split_rid(&dom_sid, &alias_rid); @@ -3363,13 +3798,18 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S struct group *grp; struct samr_info *info; PRIVILEGE_SET priv_set; + uint32 acc_granted; init_privilege(&priv_set); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &dom_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_CREATE_GROUP, "_samr_create_dom_group"))) { + return r_u->status; + } + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; @@ -3421,13 +3861,18 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S struct group *grp; struct samr_info *info; PRIVILEGE_SET priv_set; + uint32 acc_granted; init_privilege(&priv_set); /* Find the policy handle. Open a policy on it. */ - if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->dom_pol, &dom_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_CREATE_ALIAS, "_samr_create_alias"))) { + return r_u->status; + } + if (!sid_equal(&dom_sid, get_global_sam_sid())) return NT_STATUS_ACCESS_DENIED; @@ -3480,10 +3925,15 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM uid_t *uid=NULL; int num_uids=0; GROUP_INFO_CTR *ctr; + uint32 acc_granted; - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, GROUP_ACCESS_LOOKUP_INFO, "_samr_query_groupinfo"))) { + return r_u->status; + } + if (!get_domain_group_from_sid(group_sid, &map, MAPPING_WITHOUT_PRIV)) return NT_STATUS_INVALID_HANDLE; @@ -3527,10 +3977,15 @@ NTSTATUS _samr_set_groupinfo(pipes_struct *p, SAMR_Q_SET_GROUPINFO *q_u, SAMR_R_ DOM_SID group_sid; GROUP_MAP map; GROUP_INFO_CTR *ctr; + uint32 acc_granted; - if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, GROUP_ACCESS_SET_INFO, "_samr_set_groupinfo"))) { + return r_u->status; + } + if (!get_domain_group_from_sid(group_sid, &map, MAPPING_WITH_PRIV)) return NT_STATUS_NO_SUCH_GROUP; @@ -3569,10 +4024,15 @@ NTSTATUS _samr_set_aliasinfo(pipes_struct *p, SAMR_Q_SET_ALIASINFO *q_u, SAMR_R_ DOM_SID group_sid; GROUP_MAP map; ALIAS_INFO_CTR *ctr; + uint32 acc_granted; - if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &group_sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->alias_pol, &group_sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; - + + if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, ALIAS_ACCESS_SET_INFO, "_samr_set_aliasinfo"))) { + return r_u->status; + } + if (!get_local_group_from_sid(group_sid, &map, MAPPING_WITH_PRIV)) return NT_STATUS_NO_SUCH_GROUP; @@ -3628,10 +4088,29 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G DOM_SID info_sid; GROUP_MAP map; struct samr_info *info; + SEC_DESC *psd = NULL; + uint32 acc_granted; + uint32 des_access; + size_t sd_size; + NTSTATUS status; fstring sid_string; - if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid)) + if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted)) return NT_STATUS_INVALID_HANDLE; + + if (!NT_STATUS_IS_OK(status = access_check_samr_function(acc_granted, DOMAIN_ACCESS_OPEN_ACCOUNT, "_samr_open_group"))) { + return status; + } + + /*check if access can be granted as requested by client. */ + samr_make_grp_obj_sd(p->mem_ctx, &psd, &sd_size); + se_map_generic(&des_access,&grp_generic_mapping); + if (!NT_STATUS_IS_OK(status = + access_check_samr_object(psd, p->pipe_user.nt_user_token, + des_access, &acc_granted, "_samr_open_group"))) { + return status; + } + /* this should not be hard-coded like this */ if (!sid_equal(&sid, get_global_sam_sid())) @@ -3643,6 +4122,8 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G if ((info = get_samr_info_by_sid(&info_sid)) == NULL) return NT_STATUS_NO_MEMORY; + + info->acc_granted = acc_granted; DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string)); -- cgit From fafecde33ac6f6b95a588227ad56bdf90524947e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 4 Jul 2002 12:51:26 +0000 Subject: * fix seg fault caused by missing DLIST_REMOVE in free_fn() * fixed constant vaolued returned by REG_UNKNOWN_1A (This used to be commit 3b934e6a8550a03028eed9fe65c28401f429d591) --- source3/rpc_server/srv_reg_nt.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 0569d68cae..951e100486 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -372,6 +372,8 @@ static Registry_Key *find_regkey_index_by_hnd(pipes_struct *p, POLICY_HND *hnd) static void free_reg_info(void *ptr) { Registry_Key *info = (Registry_Key*)ptr; + + DLIST_REMOVE(regkeys_list, info); SAFE_FREE(info); } @@ -695,7 +697,7 @@ NTSTATUS _reg_unknown_1a(pipes_struct *p, REG_Q_UNKNOWN_1A *q_u, REG_R_UNKNOWN_1 if ( !regkey ) return NT_STATUS_INVALID_HANDLE; - r_u->unknown = 0x05000000; /* seems to be consistent...no idea what it means */ + r_u->unknown = 0x00000005; /* seems to be consistent...no idea what it means */ DEBUG(5,("_reg_unknown_1a: Exit\n")); -- cgit From e48b3fe83c13aa9b061a880852d8ddd6623c29d6 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 4 Jul 2002 13:11:54 +0000 Subject: More code from "Kai Krueger" , this time starting to make the 'user cannot change password' button work. Needs help from a future SAM backend, but at least this parses the data, and returns an error. Andrew Bartlett (This used to be commit 0c4afe075aa018ec2be10f36fd3f0a5af2a032f1) --- source3/rpc_server/srv_samr.c | 32 ++++++++++++++++++++++++++++++++ source3/rpc_server/srv_samr_nt.c | 11 +++++++++++ 2 files changed, 43 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c index 1c4fab5312..f002a7d1c9 100644 --- a/source3/rpc_server/srv_samr.c +++ b/source3/rpc_server/srv_samr.c @@ -126,6 +126,37 @@ static BOOL api_samr_get_usrdom_pwinfo(pipes_struct *p) return True; } +/******************************************************************* + api_samr_set_sec_obj + ********************************************************************/ + +static BOOL api_samr_set_sec_obj(pipes_struct *p) +{ + SAMR_Q_SET_SEC_OBJ q_u; + SAMR_R_SET_SEC_OBJ r_u; + + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!samr_io_q_set_sec_obj("", &q_u, data, 0)) { + DEBUG(0,("api_samr_set_sec_obj: unable to unmarshall SAMR_Q_SET_SEC_OBJ.\n")); + return False; + } + + r_u.status = _samr_set_sec_obj(p, &q_u, &r_u); + + if(!samr_io_r_set_sec_obj("", &r_u, rdata, 0)) { + DEBUG(0,("api_samr_set_sec_obj: unable to marshall SAMR_R_SET_SEC_OBJ.\n")); + return False; + } + + + return True; +} + /******************************************************************* api_samr_query_sec_obj ********************************************************************/ @@ -1430,6 +1461,7 @@ static struct api_struct api_samr_cmds [] = {"SAMR_LOOKUP_DOMAIN" , SAMR_LOOKUP_DOMAIN , api_samr_lookup_domain }, {"SAMR_QUERY_SEC_OBJECT" , SAMR_QUERY_SEC_OBJECT , api_samr_query_sec_obj }, + {"SAMR_SET_SEC_OBJECT" , SAMR_SET_SEC_OBJECT , api_samr_set_sec_obj }, {"SAMR_GET_USRDOM_PWINFO" , SAMR_GET_USRDOM_PWINFO, api_samr_get_usrdom_pwinfo}, {"SAMR_UNKNOWN_2E" , SAMR_UNKNOWN_2E , api_samr_unknown_2e }, {"SAMR_SET_DOMAIN_INFO" , SAMR_SET_DOMAIN_INFO , api_samr_set_dom_info }, diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 7a23a55b2a..4284c96f20 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -620,6 +620,17 @@ static BOOL get_lsa_policy_samr_sid(pipes_struct *p, POLICY_HND *pol, DOM_SID *s return True; } +/******************************************************************* + _samr_set_sec_obj + ********************************************************************/ + +NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u) +{ + DEBUG(0,("_samr_set_sec_obj: Not yet implemented!\n")); + return NT_STATUS_NOT_IMPLEMENTED; +} + + /******************************************************************* _samr_query_sec_obj ********************************************************************/ -- cgit From 26d161ff85a3a551990a6cb44f37ef28bd8dcdd6 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 4 Jul 2002 13:18:56 +0000 Subject: fixed the geyed out registry keys. Stupid typo on my part. Now on to plug in the printing tdbs to the registry view.... jerry (This used to be commit 2a68e4529ad884e8c3800f9006bb1c2b18cfada4) --- source3/rpc_server/srv_reg_nt.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 951e100486..1960ebc821 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -139,7 +139,7 @@ static int fetch_reg_keys( TDB_CONTEXT *tdb, char* key, char **subkeys ) if ( !buf ) { DEBUG(5,("fetch_reg_keys: Failed to fetch any subkeys for [%s]\n", key)); - return -1; + return 0; } len = tdb_unpack( buf, buflen, "d", &num_items); @@ -188,7 +188,7 @@ static int fetch_reg_keys_count( TDB_CONTEXT *tdb, char* key ) if ( !buf ) { DEBUG(5,("fetch_reg_keys: Failed to fetch any subkeys for [%s]\n", key)); - return -1; + return 0; } len = tdb_unpack( buf, buflen, "d", &num_items); @@ -480,21 +480,21 @@ static BOOL get_value_information( Registry_Key *key, uint32 *maxnum, return False; /* Hard coded key names first */ - - if ( !strcmp(key->name, KEY_HKLM) || !strcmp(key->name, KEY_HKU) ) - { - *maxnum = 0; - *maxlen = 0; - *maxsize = 0; - return True; - } - + /* nothing has valuies right now */ + + *maxnum = 0; + *maxlen = 0; + *maxsize = 0; + return True; + +#if 0 /* JERRY */ /* * FIXME!!! Need to add routines to look up values in other * databases --jerry */ return False; +#endif } /******************************************************************** @@ -670,7 +670,7 @@ NTSTATUS _reg_query_key(pipes_struct *p, REG_Q_QUERY_KEY *q_u, REG_R_QUERY_KEY * if ( !get_value_information( regkey, &r_u->num_values, &r_u->max_valnamelen, &r_u->max_valbufsize ) ) return NT_STATUS_ACCESS_DENIED; - r_u->sec_desc = 0x0; /* size for key's sec_desc */ + r_u->sec_desc = 0x00000078; /* size for key's sec_desc */ /* Win9x set this to 0x0 since it does not keep timestamps. Doing the same here for simplicity --jerry */ -- cgit From b1aec128e44c3728a2fa92896018dbf38f634d25 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Fri, 5 Jul 2002 04:08:32 +0000 Subject: Remove C++ comments. (This used to be commit 180374c4440765f3d08e5690967beb387ae3b54d) --- source3/rpc_server/srv_samr_nt.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index 4284c96f20..88d728d810 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -661,13 +661,13 @@ NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_ DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n")); r_u->status = samr_make_sam_obj_sd(p->mem_ctx, &psd, &sd_size); } - else if (sid_equal(&pol_sid,get_global_sam_sid())) //check if it is our domain SID + else if (sid_equal(&pol_sid,get_global_sam_sid())) /* check if it is our domain SID */ { DEBUG(5,("_samr_query_sec_obj: querying security on Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid))); r_u->status = samr_make_dom_obj_sd(p->mem_ctx, &psd, &sd_size); } - else if (sid_equal(&pol_sid,&global_sid_Builtin)) //check if it is the Builtin Domain + else if (sid_equal(&pol_sid,&global_sid_Builtin)) /* check if it is the Builtin Domain */ { /* TODO: Builtin probably needs a different SD with restricted write access*/ DEBUG(5,("_samr_query_sec_obj: querying security on Builtin Domain with SID: %s\n", sid_to_string(str_sid, &pol_sid))); -- cgit From 48316a8c0e6b0ce6d4db966d319517a844194fce Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 6 Jul 2002 05:08:35 +0000 Subject: Copy the NT_TOKEN to the pipe, so the SAMR can use it for access control. Andrew Bartlett (This used to be commit 685a205445f5505c105ea421712c4b0468bbc127) --- source3/rpc_server/srv_pipe_hnd.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index d4d45c230c..cc6e4b95f9 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -344,9 +344,11 @@ static void *make_internal_rpc_pipe_p(char *pipe_name, p->pipe_user.uid = (uid_t)-1; p->pipe_user.gid = (gid_t)-1; - /* Store the session key */ - if (vuser) + /* Store the session key and NT_TOKEN */ + if (vuser) { memcpy(p->session_key, vuser->session_key, sizeof(p->session_key)); + p->pipe_user.nt_user_token = dup_nt_token(vuser->nt_user_token); + } /* * Initialize the incoming RPC struct. -- cgit From d29d29e4a2ecee741bdb3d37be77aeeab48f185f Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sun, 7 Jul 2002 03:34:24 +0000 Subject: Updates to the 'name -> sid' code: Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a function to make the SID types appear as text strings in logs/rpcclient. Also, remove a silly case that would cause 'failure' to be 'success'. (Might look at this a bit more in future). Andrew Bartlett (This used to be commit c20d057f8821d13d3de61b319de44db23773516b) --- source3/rpc_server/srv_lsa_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index f2f91d2d9a..d072061a5f 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -167,7 +167,7 @@ static void init_lsa_rid2s(DOM_R_REF *ref, DOM_RID2 *rid2, DEBUG(5, ("init_lsa_rid2s: %s\n", status ? "found" : "not found")); - if (status) { + if (status && name_type != SID_NAME_UNKNOWN) { sid_split_rid(&sid, &rid); dom_idx = init_dom_ref(ref, dom_name, &sid); (*mapped_count)++; -- cgit From b2be8917e0af1883405cc190357b3e1e0ccd7683 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 8 Jul 2002 01:06:38 +0000 Subject: Jerry: Sorry if I am stepping on toes here, but this should fix the compile on solaris CC (void* arithmatic) and fixes the other warnings (global variable shadows) that gcc has with this file. Andrew Bartlett (This used to be commit 7ac6517bec0f425f99f419f6efd2a673b4ec0f83) --- source3/rpc_server/srv_reg_nt.c | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c index 1960ebc821..3f07e4aaea 100644 --- a/source3/rpc_server/srv_reg_nt.c +++ b/source3/rpc_server/srv_reg_nt.c @@ -58,7 +58,7 @@ static TDB_CONTEXT *tdb_reg; static BOOL store_reg_keys( TDB_CONTEXT *tdb, char *keyname, char **subkeys, uint32 num_subkeys ) { TDB_DATA kbuf, dbuf; - void *buffer, *tmpbuf; + char *buffer, *tmpbuf; int i = 0; uint32 len, buflen; BOOL ret = True; @@ -121,7 +121,7 @@ static int fetch_reg_keys( TDB_CONTEXT *tdb, char* key, char **subkeys ) pstring path; uint32 num_items; TDB_DATA dbuf; - void *buf; + char *buf; uint32 buflen, len; int i; char *s; @@ -172,7 +172,7 @@ static int fetch_reg_keys_count( TDB_CONTEXT *tdb, char* key ) pstring path; uint32 num_items; TDB_DATA dbuf; - void *buf; + char *buf; uint32 buflen, len; @@ -203,7 +203,8 @@ static int fetch_reg_keys_count( TDB_CONTEXT *tdb, char* key ) is assumed to be an fstring. ***********************************************************************/ -static BOOL fetch_reg_keys_specific( TDB_CONTEXT *tdb, char* key, char* subkey, uint32 index ) +static BOOL fetch_reg_keys_specific( TDB_CONTEXT *tdb, char* key, char* subkey, + uint32 key_index ) { int num_subkeys, i; char *subkeys = NULL; @@ -216,7 +217,7 @@ static BOOL fetch_reg_keys_specific( TDB_CONTEXT *tdb, char* key, char* subkey, s = subkeys; for ( i=0; i Date: Mon, 8 Jul 2002 02:14:57 +0000 Subject: Kill off const warnings - add a pile of const to various places. (This used to be commit 1de04ec4735c19ec21cdef6e679cea17c734c5f6) --- source3/rpc_server/srv_pipe.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 157d756607..1d2c0c2713 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -1151,7 +1151,7 @@ BOOL api_pipe_request(pipes_struct *p) ********************************************************************/ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, - struct api_struct *api_rpc_cmds) + const struct api_struct *api_rpc_cmds) { int fn_num; fstring name; -- cgit From 100b8986ea185817c575a3c0f475126f64b520b1 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 8 Jul 2002 18:34:55 +0000 Subject: * basic implementation of SPOOLSS_DELETEPRINTERDATAEX and SPOOLSS_DELETEPRINTERKEY * stub funnctions for SPOOLSS_ADDPRINTERDRIVEREX and SPOOLSS_DELETEPRINTERDRIVEREX (This used to be commit d675974d0c04a68d48d90492005056d96697c96c) --- source3/rpc_server/srv_spoolss.c | 125 +++++++++++++++++++++++++++++++++++- source3/rpc_server/srv_spoolss_nt.c | 70 ++++++++++++++++++++ 2 files changed, 194 insertions(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c index fa013fe897..2c0b310af6 100755 --- a/source3/rpc_server/srv_spoolss.c +++ b/source3/rpc_server/srv_spoolss.c @@ -1402,6 +1402,123 @@ static BOOL api_spoolss_getprintprocessordirectory(pipes_struct *p) return True; } +/**************************************************************************** +****************************************************************************/ + +static BOOL api_spoolss_deleteprinterdataex(pipes_struct *p) +{ + SPOOL_Q_DELETEPRINTERDATAEX q_u; + SPOOL_R_DELETEPRINTERDATAEX r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!spoolss_io_q_deleteprinterdataex("", &q_u, data, 0)) { + DEBUG(0,("spoolss_io_q_deleteprinterdataex: unable to unmarshall SPOOL_Q_DELETEPRINTERDATAEX.\n")); + return False; + } + + r_u.status = _spoolss_deleteprinterdataex(p, &q_u, &r_u); + + if(!spoolss_io_r_deleteprinterdataex("", &r_u, rdata, 0)) { + DEBUG(0,("spoolss_io_r_deleteprinterdataex: unable to marshall SPOOL_R_DELETEPRINTERDATAEX.\n")); + return False; + } + + return True; +} + +/**************************************************************************** +****************************************************************************/ + +static BOOL api_spoolss_deleteprinterkey(pipes_struct *p) +{ + SPOOL_Q_DELETEPRINTERKEY q_u; + SPOOL_R_DELETEPRINTERKEY r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!spoolss_io_q_deleteprinterkey("", &q_u, data, 0)) { + DEBUG(0,("spoolss_io_q_deleteprinterkey: unable to unmarshall SPOOL_Q_DELETEPRINTERKEY.\n")); + return False; + } + + r_u.status = _spoolss_deleteprinterkey(p, &q_u, &r_u); + + if(!spoolss_io_r_deleteprinterkey("", &r_u, rdata, 0)) { + DEBUG(0,("spoolss_io_r_deleteprinterkey: unable to marshall SPOOL_R_DELETEPRINTERKEY.\n")); + return False; + } + + return True; +} + +#if 0 /* JERRY */ +/**************************************************************************** +****************************************************************************/ + +static BOOL api_spoolss_addprinterdrriverex(pipes_struct *p) +{ + SPOOL_Q_ADDPRINTERDRIVEREX q_u; + SPOOL_R_ADDPRINTERDRIVEREX r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!spoolss_io_q_addprinterdriverex("", &q_u, data, 0)) { + DEBUG(0,("spoolss_io_q_addprinterdriverex: unable to unmarshall SPOOL_Q_ADDPRINTERDRIVEREX.\n")); + return False; + } + + r_u.status = _spoolss_addprinterdriverex(p, &q_u, &r_u); + + if(!spoolss_io_r_addprinterdriverex("", &r_u, rdata, 0)) { + DEBUG(0,("spoolss_io_r_addprinterdriverex: unable to marshall SPOOL_R_ADDPRINTERDRIVEREX.\n")); + return False; + } + + return True; +} + +/**************************************************************************** +****************************************************************************/ + +static BOOL api_spoolss_deleteprinterdriverex(pipes_struct *p) +{ + SPOOL_Q_DELETEPRINTERDRIVEREX q_u; + SPOOL_R_DELETEPRINTERDRIVEREX r_u; + prs_struct *data = &p->in_data.data; + prs_struct *rdata = &p->out_data.rdata; + + ZERO_STRUCT(q_u); + ZERO_STRUCT(r_u); + + if(!spoolss_io_q_deleteprinterdriverex("", &q_u, data, 0)) { + DEBUG(0,("spoolss_io_q_deleteprinterdriverex: unable to unmarshall SPOOL_Q_DELETEPRINTERDRIVEREX.\n")); + return False; + } + + r_u.status = _spoolss_deleteprinterdriverex(p, &q_u, &r_u); + + if(!spoolss_io_r_deleteprinterdriverex("", &r_u, rdata, 0)) { + DEBUG(0,("spoolss_io_r_deleteprinterdriverex: unable to marshall SPOOL_R_DELETEPRINTERDRIVEREX.\n")); + return False; + } + + return True; +} + + +#endif /* JERRY */ + + /******************************************************************* \pipe\spoolss commands ********************************************************************/ @@ -1452,9 +1569,15 @@ struct api_struct api_spoolss_cmds[] = {"SPOOLSS_ENUMPRINTPROCDATATYPES", SPOOLSS_ENUMPRINTPROCDATATYPES, api_spoolss_enumprintprocdatatypes }, {"SPOOLSS_GETPRINTERDATAEX", SPOOLSS_GETPRINTERDATAEX, api_spoolss_getprinterdataex }, {"SPOOLSS_SETPRINTERDATAEX", SPOOLSS_SETPRINTERDATAEX, api_spoolss_setprinterdataex }, - {"SPOOLSS_ENUMPRINTERKEY", SPOOLSS_ENUMPRINTERKEY, api_spoolss_enumprinterkey }, + {"SPOOLSS_DELETEPRINTERDATAEX", SPOOLSS_DELETEPRINTERDATAEX, api_spoolss_deleteprinterdataex }, {"SPOOLSS_ENUMPRINTERDATAEX", SPOOLSS_ENUMPRINTERDATAEX, api_spoolss_enumprinterdataex }, + {"SPOOLSS_ENUMPRINTERKEY", SPOOLSS_ENUMPRINTERKEY, api_spoolss_enumprinterkey }, + {"SPOOLSS_DELETEPRINTERKEY", SPOOLSS_DELETEPRINTERKEY, api_spoolss_deleteprinterkey }, {"SPOOLSS_GETPRINTPROCESSORDIRECTORY",SPOOLSS_GETPRINTPROCESSORDIRECTORY,api_spoolss_getprintprocessordirectory}, +#if 0 /* JERRY */ + {"SPOOLSS_ADDPRINTERDRIVEREX", SPOOLSS_ADDPRINTERDRIVEREX, api_spoolss_addprinterdriverex }, + {"SPOOLSS_DELETEPRINTERDRIVEREX", SPOOLSS_DELETEPRINTERDRIVEREX, api_spoolss_deleteprinterdriverex }, +#endif { NULL, 0, NULL } }; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 9b17bdb7ee..0e209c6064 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -7967,6 +7967,34 @@ WERROR _spoolss_setprinterdataex(pipes_struct *p, SPOOL_Q_SETPRINTERDATAEX *q_u, return _spoolss_setprinterdata(p, &q_u_local, &r_u_local); } + +/******************************************************************** + * spoolss_deleteprinterdataex + ********************************************************************/ + +WERROR _spoolss_deleteprinterdataex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDATAEX *q_u, SPOOL_R_DELETEPRINTERDATAEX *r_u) +{ + SPOOL_Q_DELETEPRINTERDATA q_u_local; + SPOOL_R_DELETEPRINTERDATA r_u_local; + fstring key; + + /* From MSDN documentation of SetPrinterDataEx: pass request to + SetPrinterData if key is "PrinterDriverData" */ + + unistr2_to_ascii(key, &q_u->keyname, sizeof(key) - 1); + + if (strcmp(key, "PrinterDriverData") != 0) + return WERR_INVALID_PARAM; + + memcpy(&q_u_local.handle, &q_u->handle, sizeof(POLICY_HND)); + copy_unistr2(&q_u_local.valuename, &q_u->valuename); + + return _spoolss_deleteprinterdata( p, &q_u_local, &r_u_local ); +} + + + + /******************************************************************** * spoolss_enumprinterkey ********************************************************************/ @@ -8227,3 +8255,45 @@ WERROR _spoolss_getprintprocessordirectory(pipes_struct *p, SPOOL_Q_GETPRINTPROC return result; } + +/******************************************************************** + * spoolss_addprinterdriverex + ********************************************************************/ + +WERROR _spoolss_addprinterdriverex(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVEREX *q_u, SPOOL_R_ADDPRINTERDRIVEREX *r_u) +{ + return WERR_OK; +} + +/******************************************************************** + * spoolss_deleteprinterdriverex + ********************************************************************/ + +WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVEREX *q_u, SPOOL_R_DELETEPRINTERDRIVEREX *r_u) +{ + return WERR_OK; +} + +/******************************************************************** + * spoolss_deleteprinterkey + ********************************************************************/ + +WERROR _spoolss_deleteprinterkey(pipes_struct *p, SPOOL_Q_DELETEPRINTERKEY *q_u, SPOOL_R_DELETEPRINTERKEY *r_u) +{ + fstring key; + + unistr2_to_ascii(key, &q_u->keyname, sizeof(key) - 1); + + if (strcmp(key, "PrinterDriverData") != 0) + return WERR_INVALID_PARAM; + + /* + * this is what 2k returns when you try to delete the "PrinterDriverData" + * key + */ + + return WERR_ACCESS_DENIED; +} + + + -- cgit From e247cb8239275be517802f80bc82462fbfc1f5c3 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 8 Jul 2002 20:15:47 +0000 Subject: added parsing routines for SPOOLSS_ADDPRINTERDRIVEREX and SPOOLSS_DELETEPRINTERDRIVEREX. Ran them through some testing. I know I'm off by 2 x uint32's in the former RPC. (This used to be commit 55fbfd02ba917b74fd4df7a1aa8cc8c5a91e3e07) --- source3/rpc_server/srv_spoolss.c | 8 +- source3/rpc_server/srv_spoolss_nt.c | 154 ++++++++++++++++++++++-------------- 2 files changed, 96 insertions(+), 66 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c index 2c0b310af6..70b039c37f 100755 --- a/source3/rpc_server/srv_spoolss.c +++ b/source3/rpc_server/srv_spoolss.c @@ -1458,11 +1458,10 @@ static BOOL api_spoolss_deleteprinterkey(pipes_struct *p) return True; } -#if 0 /* JERRY */ /**************************************************************************** ****************************************************************************/ -static BOOL api_spoolss_addprinterdrriverex(pipes_struct *p) +static BOOL api_spoolss_addprinterdriverex(pipes_struct *p) { SPOOL_Q_ADDPRINTERDRIVEREX q_u; SPOOL_R_ADDPRINTERDRIVEREX r_u; @@ -1516,9 +1515,6 @@ static BOOL api_spoolss_deleteprinterdriverex(pipes_struct *p) } -#endif /* JERRY */ - - /******************************************************************* \pipe\spoolss commands ********************************************************************/ @@ -1574,10 +1570,8 @@ struct api_struct api_spoolss_cmds[] = {"SPOOLSS_ENUMPRINTERKEY", SPOOLSS_ENUMPRINTERKEY, api_spoolss_enumprinterkey }, {"SPOOLSS_DELETEPRINTERKEY", SPOOLSS_DELETEPRINTERKEY, api_spoolss_deleteprinterkey }, {"SPOOLSS_GETPRINTPROCESSORDIRECTORY",SPOOLSS_GETPRINTPROCESSORDIRECTORY,api_spoolss_getprintprocessordirectory}, -#if 0 /* JERRY */ {"SPOOLSS_ADDPRINTERDRIVEREX", SPOOLSS_ADDPRINTERDRIVEREX, api_spoolss_addprinterdriverex }, {"SPOOLSS_DELETEPRINTERDRIVEREX", SPOOLSS_DELETEPRINTERDRIVEREX, api_spoolss_deleteprinterdriverex }, -#endif { NULL, 0, NULL } }; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 0e209c6064..d66c023ba6 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1547,8 +1547,7 @@ static int get_version_id (char * arch) * --jerry ********************************************************************/ -WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER *q_u, - SPOOL_R_DELETEPRINTERDRIVER *r_u) +WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER *q_u, SPOOL_R_DELETEPRINTERDRIVER *r_u) { fstring driver; fstring arch; @@ -1565,19 +1564,51 @@ WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER } ZERO_STRUCT(info); - if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) { + if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) return WERR_UNKNOWN_PRINTER_DRIVER; - } if (printer_driver_in_use(arch, driver)) - { return WERR_PRINTER_DRIVER_IN_USE; + + return delete_printer_driver(info.info_3); +} + +/******************************************************************** + * spoolss_deleteprinterdriverex + ********************************************************************/ + +WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVEREX *q_u, SPOOL_R_DELETEPRINTERDRIVEREX *r_u) +{ + fstring driver; + fstring arch; + NT_PRINTER_DRIVER_INFO_LEVEL info; + int version; + + unistr2_to_ascii(driver, &q_u->driver, sizeof(driver)-1 ); + unistr2_to_ascii(arch, &q_u->arch, sizeof(arch)-1 ); + + /* check that we have a valid driver name first */ + if ((version=get_version_id(arch)) == -1) { + /* this is what NT returns */ + return WERR_INVALID_ENVIRONMENT; } + + if (q_u->delete_flags & DPD_DELETE_SPECIFIC_VERSION) + version = q_u->version; + + ZERO_STRUCT(info); + if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) + return WERR_UNKNOWN_PRINTER_DRIVER; + + + if (printer_driver_in_use(arch, driver)) + return WERR_PRINTER_DRIVER_IN_USE; - return delete_printer_driver(info.info_3); + return delete_printer_driver(info.info_3); } + /******************************************************************** GetPrinterData on a printer server Handle. ********************************************************************/ @@ -6884,6 +6915,32 @@ done: return err; } +/******************************************************************** + * spoolss_addprinterdriverex + ********************************************************************/ + +WERROR _spoolss_addprinterdriverex(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVEREX *q_u, SPOOL_R_ADDPRINTERDRIVEREX *r_u) +{ + SPOOL_Q_ADDPRINTERDRIVER q_u_local; + SPOOL_R_ADDPRINTERDRIVER r_u_local; + + /* + * we only support the semantics of AddPrinterDriver() + * i.e. only copy files that are newer than existing ones + */ + + if ( q_u->copy_flags != APD_COPY_NEW_FILES ) + return WERR_ACCESS_DENIED; + + /* just pass the information off to _spoolss_addprinterdriver() */ + q_u_local.server_name_ptr = q_u->server_name_ptr; + copy_unistr2(&q_u_local.server_name, &q_u->server_name); + q_u_local.level = q_u->level; + memcpy( &q_u_local.info, &q_u->info, sizeof(SPOOL_PRINTER_DRIVER_INFO_LEVEL) ); + + return _spoolss_addprinterdriver( p, &q_u_local, &r_u_local ); +} + /**************************************************************************** ****************************************************************************/ @@ -7120,10 +7177,8 @@ WERROR _spoolss_setprinterdata( pipes_struct *p, SPOOL_Q_SETPRINTERDATA *q_u, SP POLICY_HND *handle = &q_u->handle; UNISTR2 *value = &q_u->value; uint32 type = q_u->type; -/* uint32 max_len = q_u->max_len; - notused. */ uint8 *data = q_u->data; uint32 real_len = q_u->real_len; -/* uint32 numeric_data = q_u->numeric_data; - notused. */ NT_PRINTER_INFO_LEVEL *printer = NULL; NT_PRINTER_PARAM *param = NULL, old_param; @@ -7395,8 +7450,6 @@ done: WERROR _spoolss_setform(pipes_struct *p, SPOOL_Q_SETFORM *q_u, SPOOL_R_SETFORM *r_u) { POLICY_HND *handle = &q_u->handle; -/* UNISTR2 *uni_name = &q_u->name; - notused. */ -/* uint32 level = q_u->level; - notused. */ FORM *form = &q_u->form; nt_forms_struct tmpForm; int snum; @@ -7487,12 +7540,10 @@ static WERROR enumprintprocessors_level_1(NEW_BUFFER *buffer, uint32 offered, ui WERROR _spoolss_enumprintprocessors(pipes_struct *p, SPOOL_Q_ENUMPRINTPROCESSORS *q_u, SPOOL_R_ENUMPRINTPROCESSORS *r_u) { -/* UNISTR2 *name = &q_u->name; - notused. */ -/* UNISTR2 *environment = &q_u->environment; - notused. */ uint32 level = q_u->level; - NEW_BUFFER *buffer = NULL; + NEW_BUFFER *buffer = NULL; uint32 offered = q_u->offered; - uint32 *needed = &r_u->needed; + uint32 *needed = &r_u->needed; uint32 *returned = &r_u->returned; /* that's an [in out] buffer */ @@ -7556,8 +7607,6 @@ static WERROR enumprintprocdatatypes_level_1(NEW_BUFFER *buffer, uint32 offered, WERROR _spoolss_enumprintprocdatatypes(pipes_struct *p, SPOOL_Q_ENUMPRINTPROCDATATYPES *q_u, SPOOL_R_ENUMPRINTPROCDATATYPES *r_u) { -/* UNISTR2 *name = &q_u->name; - notused. */ -/* UNISTR2 *processor = &q_u->processor; - notused. */ uint32 level = q_u->level; NEW_BUFFER *buffer = NULL; uint32 offered = q_u->offered; @@ -7652,11 +7701,10 @@ static WERROR enumprintmonitors_level_2(NEW_BUFFER *buffer, uint32 offered, uint WERROR _spoolss_enumprintmonitors(pipes_struct *p, SPOOL_Q_ENUMPRINTMONITORS *q_u, SPOOL_R_ENUMPRINTMONITORS *r_u) { -/* UNISTR2 *name = &q_u->name; - notused. */ uint32 level = q_u->level; - NEW_BUFFER *buffer = NULL; + NEW_BUFFER *buffer = NULL; uint32 offered = q_u->offered; - uint32 *needed = &r_u->needed; + uint32 *needed = &r_u->needed; uint32 *returned = &r_u->returned; /* that's an [in out] buffer */ @@ -8061,6 +8109,34 @@ WERROR _spoolss_enumprinterkey(pipes_struct *p, SPOOL_Q_ENUMPRINTERKEY *q_u, SPO return WERR_BADFILE; } +/******************************************************************** + * spoolss_deleteprinterkey + ********************************************************************/ + +WERROR _spoolss_deleteprinterkey(pipes_struct *p, SPOOL_Q_DELETEPRINTERKEY *q_u, SPOOL_R_DELETEPRINTERKEY *r_u) +{ + Printer_entry *Printer = find_printer_index_by_hnd(p, &q_u->handle); + fstring key; + + if (!Printer) { + DEBUG(2,("_spoolss_deleteprinterkey: Invalid handle (%s:%u:%u).\n", OUR_HANDLE(handle))); + return WERR_BADFID; + } + + unistr2_to_ascii(key, &q_u->keyname, sizeof(key) - 1); + + if (strcmp(key, "PrinterDriverData") != 0) + return WERR_INVALID_PARAM; + + /* + * this is what 2k returns when you try to delete the "PrinterDriverData" + * key + */ + + return WERR_ACCESS_DENIED; +} + + /******************************************************************** * spoolss_enumprinterdataex ********************************************************************/ @@ -8256,44 +8332,4 @@ WERROR _spoolss_getprintprocessordirectory(pipes_struct *p, SPOOL_Q_GETPRINTPROC return result; } -/******************************************************************** - * spoolss_addprinterdriverex - ********************************************************************/ - -WERROR _spoolss_addprinterdriverex(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVEREX *q_u, SPOOL_R_ADDPRINTERDRIVEREX *r_u) -{ - return WERR_OK; -} - -/******************************************************************** - * spoolss_deleteprinterdriverex - ********************************************************************/ - -WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVEREX *q_u, SPOOL_R_DELETEPRINTERDRIVEREX *r_u) -{ - return WERR_OK; -} - -/******************************************************************** - * spoolss_deleteprinterkey - ********************************************************************/ - -WERROR _spoolss_deleteprinterkey(pipes_struct *p, SPOOL_Q_DELETEPRINTERKEY *q_u, SPOOL_R_DELETEPRINTERKEY *r_u) -{ - fstring key; - - unistr2_to_ascii(key, &q_u->keyname, sizeof(key) - 1); - - if (strcmp(key, "PrinterDriverData") != 0) - return WERR_INVALID_PARAM; - - /* - * this is what 2k returns when you try to delete the "PrinterDriverData" - * key - */ - - return WERR_ACCESS_DENIED; -} - - -- cgit From 18742edd2acc4848bacf2af6008bf9fea5f82f6b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 8 Jul 2002 20:30:54 +0000 Subject: fix typo (This used to be commit be926c3a1a7fc79af62dd1830c56e9503f89f9dd) --- source3/rpc_server/srv_spoolss_nt.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index d66c023ba6..70964ce668 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -8119,7 +8119,7 @@ WERROR _spoolss_deleteprinterkey(pipes_struct *p, SPOOL_Q_DELETEPRINTERKEY *q_u, fstring key; if (!Printer) { - DEBUG(2,("_spoolss_deleteprinterkey: Invalid handle (%s:%u:%u).\n", OUR_HANDLE(handle))); + DEBUG(2,("_spoolss_deleteprinterkey: Invalid handle (%s:%u:%u).\n", OUR_HANDLE(&q_u->handle))); return WERR_BADFID; } -- cgit From 496e85dd812b932caf5e6169e03df6b31a378966 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 11 Jul 2002 01:54:26 +0000 Subject: intermediate work on DeletePrinterDriverEx(). This call will actually delete driver files ( not yet though I don't think). Just wanted to get it in since Jeremy and I are both working on nt_printing.c (This used to be commit 3fa6c3132950c9ff1c6a532d8264ee34a6b2b0ff) --- source3/rpc_server/srv_spoolss_nt.c | 43 +++++++++++++++++++++---------------- 1 file changed, 24 insertions(+), 19 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 70964ce668..8acdd9d5ab 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1562,16 +1562,21 @@ WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER /* this is what NT returns */ return WERR_INVALID_ENVIRONMENT; } + + /* if they said "Windows NT x86", then try for version 2 & 3 */ + + if ( version == 2 ) + version = DRIVER_ANY_VERSION; ZERO_STRUCT(info); + if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) return WERR_UNKNOWN_PRINTER_DRIVER; - - if (printer_driver_in_use(arch, driver)) + if (printer_driver_in_use(info.info_3)) return WERR_PRINTER_DRIVER_IN_USE; - return delete_printer_driver(info.info_3); + return delete_printer_driver(info.info_3, False); } /******************************************************************** @@ -1584,6 +1589,7 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV fstring arch; NT_PRINTER_DRIVER_INFO_LEVEL info; int version; + uint32 flags = q_u->delete_flags; unistr2_to_ascii(driver, &q_u->driver, sizeof(driver)-1 ); unistr2_to_ascii(arch, &q_u->arch, sizeof(arch)-1 ); @@ -1594,18 +1600,25 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV return WERR_INVALID_ENVIRONMENT; } - if (q_u->delete_flags & DPD_DELETE_SPECIFIC_VERSION) + if ( flags & DPD_DELETE_SPECIFIC_VERSION ) version = q_u->version; + else if ( version == 2 ) + /* if they said "Windows NT x86", then try for version 2 & 3 */ + version = DRIVER_ANY_VERSION; ZERO_STRUCT(info); - if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) - return WERR_UNKNOWN_PRINTER_DRIVER; + if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) + return WERR_UNKNOWN_PRINTER_DRIVER; - if (printer_driver_in_use(arch, driver)) + if ( printer_driver_in_use(info.info_3) ) return WERR_PRINTER_DRIVER_IN_USE; + + if ( printer_driver_files_in_use(info.info_3) ) + /* no idea of the correct error here */ + return WERR_ACCESS_DENIED; - return delete_printer_driver(info.info_3); + return delete_printer_driver(info.info_3, True); } @@ -5869,8 +5882,6 @@ WERROR _spoolss_setjob(pipes_struct *p, SPOOL_Q_SETJOB *q_u, SPOOL_R_SETJOB *r_u { POLICY_HND *handle = &q_u->handle; uint32 jobid = q_u->jobid; -/* uint32 level = q_u->level; - notused. */ -/* JOB_INFO *ctr = &q_u->ctr; - notused. */ uint32 command = q_u->command; struct current_user user; @@ -5928,9 +5939,7 @@ static WERROR enumprinterdrivers_level1(fstring servername, fstring architecture *returned=0; -#define MAX_VERSION 4 - - for (version=0; version Date: Thu, 11 Jul 2002 03:27:12 +0000 Subject: all that is left to do is to actually perform the file deletion now. I have the file list. One more commit should do it. (This used to be commit 7207662504f585352b0ceeb99f8998ef58db7f15) --- source3/rpc_server/srv_spoolss_nt.c | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 8acdd9d5ab..a37d8e9c19 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1590,6 +1590,7 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV NT_PRINTER_DRIVER_INFO_LEVEL info; int version; uint32 flags = q_u->delete_flags; + BOOL delete_files; unistr2_to_ascii(driver, &q_u->driver, sizeof(driver)-1 ); unistr2_to_ascii(arch, &q_u->arch, sizeof(arch)-1 ); @@ -1614,11 +1615,30 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV if ( printer_driver_in_use(info.info_3) ) return WERR_PRINTER_DRIVER_IN_USE; - if ( printer_driver_files_in_use(info.info_3) ) - /* no idea of the correct error here */ - return WERR_ACCESS_DENIED; + /* + * we have a couple of cases to consider. + * (1) Are any files in use? If so and DPD_DELTE_ALL_FILE is set, + * then the delete should fail if **any** files overlap with + * other drivers + * (2) If DPD_DELTE_UNUSED_FILES is sert, then delete all + * non-overlapping files + * (3) If neither DPD_DELTE_ALL_FILE nor DPD_DELTE_ALL_FILES + * is set, the do not delete any files + * Refer to MSDN docs on DeletePrinterDriverEx() for details. + */ + + delete_files = flags & (DPD_DELETE_ALL_FILES|DPD_DELETE_UNUSED_FILES); + + if ( delete_files ) + { + /* fail if any files are in use and DPD_DELETE_ALL_FILES is set */ + + if ( printer_driver_files_in_use(info.info_3) & (flags&DPD_DELETE_ALL_FILES) ) + /* no idea of the correct error here */ + return WERR_ACCESS_DENIED; + } - return delete_printer_driver(info.info_3, True); + return delete_printer_driver(info.info_3, delete_files); } -- cgit From 137570cb037f75131241c3ae13a372803d21fbe1 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 11 Jul 2002 04:53:39 +0000 Subject: last check in for tonight. * DeletePrinterDriverEx() now has the ability to delete driver files. I need to do some more testing tro veriofy that we are in fact not deleting a file out from under another driver, but it looks ok so far. * DeletePrinterDriver() noiw deletes all versions of the specified driver (cversion == 0, 1, 2, 3) (This used to be commit 17bb780e1327663fa2fcd6a3cb25dd461a29c537) --- source3/rpc_server/srv_spoolss_nt.c | 25 ++++++++++--------------- 1 file changed, 10 insertions(+), 15 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index a37d8e9c19..f7f191522f 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1534,17 +1534,6 @@ static int get_version_id (char * arch) /******************************************************************** * _spoolss_deleteprinterdriver - * - * We currently delete the driver for the architecture only. - * This can leave the driver for other archtectures. However, - * since every printer associates a "Windows NT x86" driver name - * and we cannot delete that one while it is in use, **and** since - * it is impossible to assign a driver to a Samba printer without - * having the "Windows NT x86" driver installed,... - * - * ....we should not get into trouble here. - * - * --jerry ********************************************************************/ WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER *q_u, SPOOL_R_DELETEPRINTERDRIVER *r_u) @@ -1553,6 +1542,9 @@ WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER fstring arch; NT_PRINTER_DRIVER_INFO_LEVEL info; int version; + struct current_user user; + + get_current_user(&user, p); unistr2_to_ascii(driver, &q_u->driver, sizeof(driver)-1 ); unistr2_to_ascii(arch, &q_u->arch, sizeof(arch)-1 ); @@ -1576,7 +1568,7 @@ WERROR _spoolss_deleteprinterdriver(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIVER if (printer_driver_in_use(info.info_3)) return WERR_PRINTER_DRIVER_IN_USE; - return delete_printer_driver(info.info_3, False); + return delete_printer_driver(info.info_3, &user, DRIVER_ANY_VERSION, False); } /******************************************************************** @@ -1591,6 +1583,9 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV int version; uint32 flags = q_u->delete_flags; BOOL delete_files; + struct current_user user; + + get_current_user(&user, p); unistr2_to_ascii(driver, &q_u->driver, sizeof(driver)-1 ); unistr2_to_ascii(arch, &q_u->arch, sizeof(arch)-1 ); @@ -1611,7 +1606,7 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV if (!W_ERROR_IS_OK(get_a_printer_driver(&info, 3, driver, arch, version))) return WERR_UNKNOWN_PRINTER_DRIVER; - + if ( printer_driver_in_use(info.info_3) ) return WERR_PRINTER_DRIVER_IN_USE; @@ -1638,7 +1633,7 @@ WERROR _spoolss_deleteprinterdriverex(pipes_struct *p, SPOOL_Q_DELETEPRINTERDRIV return WERR_ACCESS_DENIED; } - return delete_printer_driver(info.info_3, delete_files); + return delete_printer_driver(info.info_3, &user, version, delete_files); } @@ -6820,7 +6815,7 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u, ZERO_STRUCT(driver); - get_current_user(&user, p); + get_current_user(&user, p); if (!convert_printer_driver_info(info, &driver, level)) { err = WERR_NOMEM; -- cgit From bdfe11eaeadee6e9f6050511203b36f0c62ecfc4 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 11 Jul 2002 13:17:57 +0000 Subject: added copyright (This used to be commit dcb6d70706a0e86881588c3828ff5bd4d63d415f) --- source3/rpc_server/srv_spoolss.c | 3 ++- source3/rpc_server/srv_spoolss_nt.c | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss.c b/source3/rpc_server/srv_spoolss.c index 70b039c37f..6e3463e79b 100755 --- a/source3/rpc_server/srv_spoolss.c +++ b/source3/rpc_server/srv_spoolss.c @@ -4,7 +4,8 @@ * Copyright (C) Andrew Tridgell 1992-2000, * Copyright (C) Luke Kenneth Casson Leighton 1996-2000, * Copyright (C) Jean François Micouleau 1998-2000. - * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Jeremy Allison 2001. + * Copyright (C) Gerald Carter 2001-2002. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index f7f191522f..32b2dc8b9e 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -5,7 +5,7 @@ * Copyright (C) Luke Kenneth Casson Leighton 1996-2000, * Copyright (C) Jean François Micouleau 1998-2000, * Copyright (C) Jeremy Allison 2001, - * Copyright (C) Gerald Carter 2000-2001, + * Copyright (C) Gerald Carter 2000-2002, * Copyright (C) Tim Potter 2001-2002. * * This program is free software; you can redistribute it and/or modify -- cgit From 8ba2c4e55d783587a5a6064dc2d48e4deff16fd3 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 12 Jul 2002 18:10:24 +0000 Subject: We must ZERO_STRUCT before using the buffer in copy_unistr2. Fixes addprinterdriverex. Jeremy. (This used to be commit d3c73e59708eeb1ee4642fb31fcfc0ec2fd28070) --- source3/rpc_server/srv_spoolss_nt.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/rpc_server') diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 32b2dc8b9e..68c792f8b0 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -6953,6 +6953,9 @@ WERROR _spoolss_addprinterdriverex(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVEREX * return WERR_ACCESS_DENIED; /* just pass the information off to _spoolss_addprinterdriver() */ + ZERO_STRUCT(q_u_local); + ZERO_STRUCT(r_u_local); + q_u_local.server_name_ptr = q_u->server_name_ptr; copy_unistr2(&q_u_local.server_name, &q_u->server_name); q_u_local.level = q_u->level; -- cgit