From 08f019d973f7c71be7b402d5f32922a18381a3cf Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Thu, 14 Feb 2008 13:50:32 +0100
Subject: Use pidl for _lsa_AddPrivilegesToAccount and
 _lsa_RemovePrivilegesFromAccount.

Guenther
(This used to be commit 0c9904864b5c3b893f99abdebb18d9624aa0f560)
---
 source3/lib/privileges_basic.c  |  4 ++--
 source3/rpc_server/srv_lsa.c    | 48 ++---------------------------------------
 source3/rpc_server/srv_lsa_nt.c | 37 ++++++++++++-------------------
 3 files changed, 18 insertions(+), 71 deletions(-)

(limited to 'source3')

diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index 753f7265a1..865c1f655c 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -473,7 +473,7 @@ bool se_priv_to_privilege_set( PRIVILEGE_SET *set, SE_PRIV *mask )
 /*******************************************************************
 *******************************************************************/
 
-static bool luid_to_se_priv( LUID *luid, SE_PRIV *mask )
+static bool luid_to_se_priv( struct lsa_LUID *luid, SE_PRIV *mask )
 {
 	int i;
 	uint32 num_privs = count_all_privileges();
@@ -491,7 +491,7 @@ static bool luid_to_se_priv( LUID *luid, SE_PRIV *mask )
 /*******************************************************************
 *******************************************************************/
 
-bool privilege_set_to_se_priv( SE_PRIV *mask, PRIVILEGE_SET *privset )
+bool privilege_set_to_se_priv( SE_PRIV *mask, struct lsa_PrivilegeSet *privset )
 {
 	int i;
 	
diff --git a/source3/rpc_server/srv_lsa.c b/source3/rpc_server/srv_lsa.c
index c4ca22f401..ff274473d6 100644
--- a/source3/rpc_server/srv_lsa.c
+++ b/source3/rpc_server/srv_lsa.c
@@ -249,29 +249,7 @@ static bool api_lsa_setsystemaccount(pipes_struct *p)
 
 static bool api_lsa_addprivs(pipes_struct *p)
 {
-	LSA_Q_ADDPRIVS q_u;
-	LSA_R_ADDPRIVS r_u;
-	
-	prs_struct *data = &p->in_data.data;
-	prs_struct *rdata = &p->out_data.rdata;
-
-	ZERO_STRUCT(q_u);
-	ZERO_STRUCT(r_u);
-
-	if(!lsa_io_q_addprivs("", &q_u, data, 0)) {
-		DEBUG(0,("api_lsa_addprivs: failed to unmarshall LSA_Q_ADDPRIVS.\n"));
-		return False;
-	}
-
-	r_u.status = _lsa_addprivs(p, &q_u, &r_u);
-
-	/* store the response in the SMB stream */
-	if(!lsa_io_r_addprivs("", &r_u, rdata, 0)) {
-		DEBUG(0,("api_lsa_addprivs: Failed to marshall LSA_R_ADDPRIVS.\n"));
-		return False;
-	}
-
-	return True;
+	return proxy_lsa_call(p, NDR_LSA_ADDPRIVILEGESTOACCOUNT);
 }
 
 /***************************************************************************
@@ -280,29 +258,7 @@ static bool api_lsa_addprivs(pipes_struct *p)
 
 static bool api_lsa_removeprivs(pipes_struct *p)
 {
-	LSA_Q_REMOVEPRIVS q_u;
-	LSA_R_REMOVEPRIVS r_u;
-	
-	prs_struct *data = &p->in_data.data;
-	prs_struct *rdata = &p->out_data.rdata;
-
-	ZERO_STRUCT(q_u);
-	ZERO_STRUCT(r_u);
-
-	if(!lsa_io_q_removeprivs("", &q_u, data, 0)) {
-		DEBUG(0,("api_lsa_removeprivs: failed to unmarshall LSA_Q_REMOVEPRIVS.\n"));
-		return False;
-	}
-
-	r_u.status = _lsa_removeprivs(p, &q_u, &r_u);
-
-	/* store the response in the SMB stream */
-	if(!lsa_io_r_removeprivs("", &r_u, rdata, 0)) {
-		DEBUG(0,("api_lsa_removeprivs: Failed to marshall LSA_R_REMOVEPRIVS.\n"));
-		return False;
-	}
-
-	return True;
+	return proxy_lsa_call(p, NDR_LSA_REMOVEPRIVILEGESFROMACCOUNT);
 }
 
 /***************************************************************************
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index a8f6e15e23..10842a1ada 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1843,17 +1843,19 @@ NTSTATUS _lsa_SetSystemAccessAccount(pipes_struct *p,
 }
 
 /***************************************************************************
+ _lsa_AddPrivilegesToAccount
  For a given SID, add some privileges.
  ***************************************************************************/
 
-NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u)
+NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p,
+				     struct lsa_AddPrivilegesToAccount *r)
 {
 	struct lsa_info *info = NULL;
 	SE_PRIV mask;
-	PRIVILEGE_SET *set = NULL;
+	struct lsa_PrivilegeSet *set = NULL;
 
 	/* find the connection policy handle. */
-	if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
+	if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
 		return NT_STATUS_INVALID_HANDLE;
 
 	/* check to see if the pipe_user is root or a Domain Admin since
@@ -1865,13 +1867,12 @@ NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	set = &q_u->set;
-
+	set = r->in.privs;
 	if ( !privilege_set_to_se_priv( &mask, set ) )
 		return NT_STATUS_NO_SUCH_PRIVILEGE;
 
 	if ( !grant_privilege( &info->sid, &mask ) ) {
-		DEBUG(3,("_lsa_addprivs: grant_privilege(%s) failed!\n",
+		DEBUG(3,("_lsa_AddPrivilegesToAccount: grant_privilege(%s) failed!\n",
 			 sid_string_dbg(&info->sid) ));
 		DEBUG(3,("Privilege mask:\n"));
 		dump_se_priv( DBGC_ALL, 3, &mask );
@@ -1882,17 +1883,19 @@ NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u
 }
 
 /***************************************************************************
+ _lsa_RemovePrivilegesFromAccount
  For a given SID, remove some privileges.
  ***************************************************************************/
 
-NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEPRIVS *r_u)
+NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p,
+					  struct lsa_RemovePrivilegesFromAccount *r)
 {
 	struct lsa_info *info = NULL;
 	SE_PRIV mask;
-	PRIVILEGE_SET *set = NULL;
+	struct lsa_PrivilegeSet *set = NULL;
 
 	/* find the connection policy handle. */
-	if (!find_policy_by_hnd(p, &q_u->pol, (void **)(void *)&info))
+	if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&info))
 		return NT_STATUS_INVALID_HANDLE;
 
 	/* check to see if the pipe_user is root or a Domain Admin since
@@ -1904,13 +1907,13 @@ NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEP
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	set = &q_u->set;
+	set = r->in.privs;
 
 	if ( !privilege_set_to_se_priv( &mask, set ) )
 		return NT_STATUS_NO_SUCH_PRIVILEGE;
 
 	if ( !revoke_privilege( &info->sid, &mask ) ) {
-		DEBUG(3,("_lsa_removeprivs: revoke_privilege(%s) failed!\n",
+		DEBUG(3,("_lsa_RemovePrivilegesFromAccount: revoke_privilege(%s) failed!\n",
 			 sid_string_dbg(&info->sid) ));
 		DEBUG(3,("Privilege mask:\n"));
 		dump_se_priv( DBGC_ALL, 3, &mask );
@@ -2277,18 +2280,6 @@ NTSTATUS _lsa_LookupSids(pipes_struct *p, struct lsa_LookupSids *r)
 	return NT_STATUS_NOT_IMPLEMENTED;
 }
 
-NTSTATUS _lsa_AddPrivilegesToAccount(pipes_struct *p, struct lsa_AddPrivilegesToAccount *r)
-{
-	p->rng_fault_state = True;
-	return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-NTSTATUS _lsa_RemovePrivilegesFromAccount(pipes_struct *p, struct lsa_RemovePrivilegesFromAccount *r)
-{
-	p->rng_fault_state = True;
-	return NT_STATUS_NOT_IMPLEMENTED;
-}
-
 NTSTATUS _lsa_GetQuotasForAccount(pipes_struct *p, struct lsa_GetQuotasForAccount *r)
 {
 	p->rng_fault_state = True;
-- 
cgit