From b5bec1a6d73f5939b306e157937d027a7286163c Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 15 Apr 2009 01:12:13 +0200 Subject: s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHTS_MAXIMUM_ALLOWED. Guenther --- source3/utils/net_rpc.c | 8 ++++---- source3/utils/net_rpc_audit.c | 8 ++++---- source3/utils/net_rpc_join.c | 4 ++-- source3/utils/net_rpc_registry.c | 10 +++++----- source3/utils/net_rpc_rights.c | 10 +++++----- source3/utils/net_util.c | 2 +- source3/utils/netlookup.c | 2 +- source3/utils/smbcquotas.c | 2 +- 8 files changed, 23 insertions(+), 23 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 5dd3df9a69..845ceca573 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -68,7 +68,7 @@ NTSTATUS net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem_ctx, } result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "open_policy failed: %s\n", @@ -1668,7 +1668,7 @@ static NTSTATUS get_sid_from_name(struct cli_state *cli, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, false, - SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) { goto done; @@ -2485,7 +2485,7 @@ static NTSTATUS rpc_list_alias_members(struct net_context *c, } result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &lsa_pol); + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "Couldn't open LSA policy handle\n"); @@ -3850,7 +3850,7 @@ static NTSTATUS rpc_aliaslist_dump(struct net_context *c, struct policy_handle lsa_pol; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol); if (!NT_STATUS_IS_OK(result)) return result; diff --git a/source3/utils/net_rpc_audit.c b/source3/utils/net_rpc_audit.c index aa7fc7c394..823fe06f1a 100644 --- a/source3/utils/net_rpc_audit.c +++ b/source3/utils/net_rpc_audit.c @@ -88,7 +88,7 @@ static NTSTATUS rpc_audit_get_internal(struct net_context *c, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -170,7 +170,7 @@ static NTSTATUS rpc_audit_set_internal(struct net_context *c, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -229,7 +229,7 @@ static NTSTATUS rpc_audit_enable_internal_ext(struct rpc_pipe_client *pipe_hnd, union lsa_PolicyInformation *info = NULL; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { @@ -314,7 +314,7 @@ static NTSTATUS rpc_audit_list_internal(struct net_context *c, int i; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { diff --git a/source3/utils/net_rpc_join.c b/source3/utils/net_rpc_join.c index c2e3630641..ed0311317d 100644 --- a/source3/utils/net_rpc_join.c +++ b/source3/utils/net_rpc_join.c @@ -211,7 +211,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) CHECK_RPC_ERR(rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &lsa_pol), "error opening lsa policy handle"); @@ -326,7 +326,7 @@ int net_rpc_join_newstyle(struct net_context *c, int argc, const char **argv) CHECK_RPC_ERR_DEBUG( rpccli_samr_OpenUser(pipe_hnd, mem_ctx, &domain_pol, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, user_rid, &user_pol), ("could not re-open existing user %s: %s\n", diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 60274728f3..203a0cc9e3 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -383,7 +383,7 @@ static NTSTATUS rpc_registry_setvalue_internal(struct net_context *c, struct registry_value value; status = registry_openkey(mem_ctx, pipe_hnd, argv[0], - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd, &key_hnd); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "registry_openkey failed: %s\n", @@ -455,7 +455,7 @@ static NTSTATUS rpc_registry_deletevalue_internal(struct net_context *c, ZERO_STRUCT(valuename); status = registry_openkey(mem_ctx, pipe_hnd, argv[0], - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd, &key_hnd); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "registry_openkey failed: %s\n", @@ -516,7 +516,7 @@ static NTSTATUS rpc_registry_getvalue_internal(struct net_context *c, ZERO_STRUCT(valuename); status = registry_openkey(tmp_ctx, pipe_hnd, argv[0], - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd, &key_hnd); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, "registry_openkey failed: %s\n", @@ -657,7 +657,7 @@ static NTSTATUS rpc_registry_createkey_internal(struct net_context *c, } status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd); if (!(NT_STATUS_IS_OK(status))) { return status; @@ -727,7 +727,7 @@ static NTSTATUS rpc_registry_deletekey_internal(struct net_context *c, } status = rpccli_winreg_Connect(pipe_hnd, mem_ctx, hive, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &hive_hnd); if (!(NT_STATUS_IS_OK(status))) { return status; diff --git a/source3/utils/net_rpc_rights.c b/source3/utils/net_rpc_rights.c index 10166b6d2b..abf70e7ea2 100644 --- a/source3/utils/net_rpc_rights.c +++ b/source3/utils/net_rpc_rights.c @@ -34,7 +34,7 @@ static NTSTATUS sid_to_name(struct rpc_pipe_client *pipe_hnd, char **domains = NULL, **names = NULL; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -70,7 +70,7 @@ static NTSTATUS name_to_sid(struct rpc_pipe_client *pipe_hnd, } result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -328,7 +328,7 @@ static NTSTATUS rpc_rights_list_internal(struct net_context *c, uint16 lang_id_desc; result = rpccli_lsa_open_policy(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, &pol); + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if ( !NT_STATUS_IS_OK(result) ) return result; @@ -456,7 +456,7 @@ static NTSTATUS rpc_rights_grant_internal(struct net_context *c, goto done; result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) @@ -522,7 +522,7 @@ static NTSTATUS rpc_rights_revoke_internal(struct net_context *c, return result; result = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &dom_pol); if (!NT_STATUS_IS_OK(result)) diff --git a/source3/utils/net_util.c b/source3/utils/net_util.c index 2915ffb809..8bf9aac6f2 100644 --- a/source3/utils/net_util.c +++ b/source3/utils/net_util.c @@ -45,7 +45,7 @@ NTSTATUS net_rpc_lookup_name(struct net_context *c, } result = rpccli_lsa_open_policy(lsa_pipe, mem_ctx, false, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &pol); if (!NT_STATUS_IS_OK(result)) { d_fprintf(stderr, "open_policy failed: %s\n", diff --git a/source3/utils/netlookup.c b/source3/utils/netlookup.c index dd0efa4142..af219eb93c 100644 --- a/source3/utils/netlookup.c +++ b/source3/utils/netlookup.c @@ -131,7 +131,7 @@ static struct con_struct *create_cs(struct net_context *c, } nt_status = rpccli_lsa_open_policy(cs->lsapipe, ctx, true, - SEC_RIGHTS_MAXIMUM_ALLOWED, + SEC_FLAG_MAXIMUM_ALLOWED, &cs->pol); if (!NT_STATUS_IS_OK(nt_status)) { diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index 78260acf76..1425d428ec 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -62,7 +62,7 @@ static bool cli_open_policy_hnd(void) if (!got_policy_hnd) { - /* Some systems don't support SEC_RIGHTS_MAXIMUM_ALLOWED, + /* Some systems don't support SEC_FLAG_MAXIMUM_ALLOWED, but NT sends 0x2000000 so we might as well do it too. */ if (!NT_STATUS_IS_OK(rpccli_lsa_open_policy(global_pipe_hnd, talloc_tos(), True, -- cgit From 1bb093aea9a4c5996514b10adc39a130cc6859ba Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 15 Apr 2009 01:16:41 +0200 Subject: s3-secdesc: use SEC_FLAG_MAXIMUM_ALLOWED instead of SEC_RIGHT_MAXIMUM_ALLOWED. Guenther --- source3/utils/net_registry.c | 2 +- source3/utils/net_rpc_registry.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c index e2f410b9ac..a504bcfd0b 100644 --- a/source3/utils/net_registry.c +++ b/source3/utils/net_registry.c @@ -411,7 +411,7 @@ static int net_registry_getsd(struct net_context *c, int argc, struct security_descriptor *secdesc = NULL; TALLOC_CTX *ctx = talloc_stackframe(); uint32_t access_mask = REG_KEY_READ | - SEC_RIGHT_MAXIMUM_ALLOWED | + SEC_FLAG_MAXIMUM_ALLOWED | SEC_RIGHT_SYSTEM_SECURITY; /* diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 203a0cc9e3..3076866a3a 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -1147,7 +1147,7 @@ static NTSTATUS rpc_registry_getsd_internal(struct net_context *c, DATA_BLOB blob; struct security_descriptor sec_desc; uint32_t access_mask = REG_KEY_READ | - SEC_RIGHT_MAXIMUM_ALLOWED | + SEC_FLAG_MAXIMUM_ALLOWED | SEC_RIGHT_SYSTEM_SECURITY; if (argc <1 || argc > 2 || c->display_usage) { -- cgit From da92e54236293460e307edd52ca7f1e20c6f23ef Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 15 Apr 2009 01:19:30 +0200 Subject: s3-secdesc: use SEC_FLAG_SYSTEM_SECURITY instead of SEC_RIGHT_SYSTEM_SECURITY. Guenther --- source3/utils/net_registry.c | 4 ++-- source3/utils/net_rpc_registry.c | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_registry.c b/source3/utils/net_registry.c index a504bcfd0b..d6cdd982c3 100644 --- a/source3/utils/net_registry.c +++ b/source3/utils/net_registry.c @@ -412,10 +412,10 @@ static int net_registry_getsd(struct net_context *c, int argc, TALLOC_CTX *ctx = talloc_stackframe(); uint32_t access_mask = REG_KEY_READ | SEC_FLAG_MAXIMUM_ALLOWED | - SEC_RIGHT_SYSTEM_SECURITY; + SEC_FLAG_SYSTEM_SECURITY; /* - * net_rpc_regsitry uses SEC_RIGHT_SYSTEM_SECURITY, but access + * net_rpc_regsitry uses SEC_FLAG_SYSTEM_SECURITY, but access * is denied with these perms right now... */ access_mask = REG_KEY_READ; diff --git a/source3/utils/net_rpc_registry.c b/source3/utils/net_rpc_registry.c index 3076866a3a..cad605fdde 100644 --- a/source3/utils/net_rpc_registry.c +++ b/source3/utils/net_rpc_registry.c @@ -1148,7 +1148,7 @@ static NTSTATUS rpc_registry_getsd_internal(struct net_context *c, struct security_descriptor sec_desc; uint32_t access_mask = REG_KEY_READ | SEC_FLAG_MAXIMUM_ALLOWED | - SEC_RIGHT_SYSTEM_SECURITY; + SEC_FLAG_SYSTEM_SECURITY; if (argc <1 || argc > 2 || c->display_usage) { d_printf("Usage: net rpc registry getsd \n"); -- cgit From 38264bb3b86a3c9da941070f29ec08227c471d2b Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 15 Apr 2009 01:30:12 +0200 Subject: s3-secdesc: move all winreg access bits to IDL. Guenther --- source3/utils/net_rpc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 845ceca573..29e2f4f05d 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -5596,7 +5596,7 @@ static int rpc_trustdom_establish(struct net_context *c, int argc, return -1; } - nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, SEC_RIGHTS_QUERY_VALUE, + nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, true, KEY_QUERY_VALUE, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", @@ -5854,7 +5854,7 @@ static int rpc_trustdom_vampire(struct net_context *c, int argc, return -1; }; - nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, SEC_RIGHTS_QUERY_VALUE, + nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", @@ -6011,7 +6011,7 @@ static int rpc_trustdom_list(struct net_context *c, int argc, const char **argv) return -1; }; - nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, SEC_RIGHTS_QUERY_VALUE, + nt_status = rpccli_lsa_open_policy2(pipe_hnd, mem_ctx, false, KEY_QUERY_VALUE, &connect_hnd); if (NT_STATUS_IS_ERR(nt_status)) { DEBUG(0, ("Couldn't open policy handle. Error was %s\n", -- cgit From dfc79de607e94179114a8e1d0b0e56117f34595b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 21 Apr 2009 05:52:34 -0700 Subject: Make cli_mkdir async. Change it to return NTSTATUS. Jeremy. --- source3/utils/net_rpc_printer.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils') diff --git a/source3/utils/net_rpc_printer.c b/source3/utils/net_rpc_printer.c index 9721628f02..477ddf7f26 100644 --- a/source3/utils/net_rpc_printer.c +++ b/source3/utils/net_rpc_printer.c @@ -406,7 +406,7 @@ NTSTATUS net_copy_file(struct net_context *c, DEBUGADD(3,("creating dir %s on the destination server\n", dst_name)); - if (!cli_mkdir(cli_share_dst, dst_name)) { + if (!NT_STATUS_IS_OK(cli_mkdir(cli_share_dst, dst_name))) { DEBUG(0,("cannot create directory %s: %s\n", dst_name, cli_errstr(cli_share_dst))); nt_status = NT_STATUS_NO_SUCH_FILE; @@ -555,7 +555,7 @@ static NTSTATUS check_arch_dir(struct cli_state *cli_share, const char *short_ar DEBUG(10,("creating print-driver dir for architecture: %s\n", short_archi)); - if (!cli_mkdir(cli_share, dir)) { + if (!NT_STATUS_IS_OK(cli_mkdir(cli_share, dir))) { DEBUG(1,("cannot create directory %s: %s\n", dir, cli_errstr(cli_share))); nt_status = NT_STATUS_NO_SUCH_FILE; -- cgit