From d06051cc51ded9649d4c201afdf338c2426e6f5f Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Tue, 19 May 2009 00:16:26 +0200 Subject: s3-lsa: let _lsa_OpenPolicy() just call _lsa_OpenPolicy2(). Guenther --- source3/rpc_server/srv_lsa_nt.c | 43 ++++++----------------------------------- 1 file changed, 6 insertions(+), 37 deletions(-) (limited to 'source3') diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index dd0bfe1492..27519a5c94 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -411,46 +411,15 @@ NTSTATUS _lsa_OpenPolicy2(pipes_struct *p, NTSTATUS _lsa_OpenPolicy(pipes_struct *p, struct lsa_OpenPolicy *r) { - struct lsa_info *info; - SEC_DESC *psd = NULL; - size_t sd_size; - uint32 des_access= r->in.access_mask; - uint32 acc_granted; - NTSTATUS status; + struct lsa_OpenPolicy2 o; + o.in.system_name = NULL; /* should be ignored */ + o.in.attr = r->in.attr; + o.in.access_mask = r->in.access_mask; - /* map the generic bits to the lsa policy ones */ - se_map_generic(&des_access, &lsa_generic_mapping); - - /* get the generic lsa policy SD until we store it */ - lsa_get_generic_sd(p->mem_ctx, &psd, &sd_size); + o.out.handle = r->out.handle; - status = se_access_check(psd, p->server_info->ptok, des_access, - &acc_granted); - if (!NT_STATUS_IS_OK(status)) { - if (p->server_info->utok.uid != sec_initial_uid()) { - return status; - } - DEBUG(4,("ACCESS should be DENIED (granted: %#010x; required: %#010x)\n", - acc_granted, des_access)); - DEBUGADD(4,("but overwritten by euid == 0\n")); - acc_granted = des_access; - } - - /* associate the domain SID with the (unique) handle. */ - info = TALLOC_ZERO_P(p->mem_ctx, struct lsa_info); - if (info == NULL) { - return NT_STATUS_NO_MEMORY; - } - - sid_copy(&info->sid,get_global_sam_sid()); - info->access = acc_granted; - - /* set up the LSA QUERY INFO response */ - if (!create_policy_hnd(p, r->out.handle, info)) - return NT_STATUS_OBJECT_NAME_NOT_FOUND; - - return NT_STATUS_OK; + return _lsa_OpenPolicy2(p, &o); } /*************************************************************************** -- cgit