[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-test-1801-g90982cf
Günther Deschner
gd at samba.org
Sat Feb 2 13:14:30 GMT 2008
The branch, v3-2-test has been updated
via 90982cf43ab549a19b4d45860504bb7db57c7c8a (commit)
via 6bfd76002f083f07b3d9d5c1f16e67614e7eb972 (commit)
via b15512f8ccbc6c645b8be95827862a58a1a7fab2 (commit)
via c61cba97268f198ad7e25acc3cb0b166e897299d (commit)
via 845d9ea9f641ff58a9b16395697c72a3963bae52 (commit)
from 26771bdca0e6837db267f4db7907e489acd92fc6 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 90982cf43ab549a19b4d45860504bb7db57c7c8a
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 1 17:25:09 2008 +0100
Remove unused marshalling for SAMR_SET_SEC_OBJ.
Guenther
commit 6bfd76002f083f07b3d9d5c1f16e67614e7eb972
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 1 17:29:03 2008 +0100
Use pidl for _samr_SetSecurity().
Guenther
commit b15512f8ccbc6c645b8be95827862a58a1a7fab2
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 1 17:21:35 2008 +0100
Remove unused marshalling for SAMR_QUERY_SEC_OBJ.
Guenther
commit c61cba97268f198ad7e25acc3cb0b166e897299d
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 1 17:28:01 2008 +0100
Use pidl for _samr_QuerySecurity().
Guenther
commit 845d9ea9f641ff58a9b16395697c72a3963bae52
Author: Günther Deschner <gd at samba.org>
Date: Fri Feb 1 17:30:42 2008 +0100
Use rpccli_samr_QuerySecurity() for rpcclient.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/include/rpc_samr.h | 23 -------
source/rpc_client/cli_samr.c | 69 --------------------
source/rpc_parse/parse_samr.c | 135 ---------------------------------------
source/rpc_server/srv_samr.c | 46 +-------------
source/rpc_server/srv_samr_nt.c | 70 +++++++--------------
source/rpcclient/cmd_samr.c | 6 +-
6 files changed, 29 insertions(+), 320 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/include/rpc_samr.h b/source/include/rpc_samr.h
index fa8bf07..4ebee5e 100644
--- a/source/include/rpc_samr.h
+++ b/source/include/rpc_samr.h
@@ -493,29 +493,6 @@ typedef struct r_samr_set_sec_obj_info
/****************************************************************************
-SAMR_Q_QUERY_SEC_OBJ - info level 4. returns SIDs.
-*****************************************************************************/
-
-/* SAMR_Q_QUERY_SEC_OBJ - probably get domain info... */
-typedef struct q_samr_query_sec_obj_info
-{
- POLICY_HND user_pol; /* policy handle */
- uint32 sec_info; /* xxxx_SECURITY_INFORMATION 0x0000 0004 */
-
-} SAMR_Q_QUERY_SEC_OBJ;
-
-/* SAMR_R_QUERY_SEC_OBJ - probably an open */
-typedef struct r_samr_query_sec_obj_info
-{
- uint32 ptr;
- SEC_DESC_BUF *buf;
-
- NTSTATUS status; /* return status */
-
-} SAMR_R_QUERY_SEC_OBJ;
-
-
-/****************************************************************************
SAMR_Q_QUERY_DOMAIN_INFO - probably a query on domain group info.
*****************************************************************************/
diff --git a/source/rpc_client/cli_samr.c b/source/rpc_client/cli_samr.c
index fa1e5a6..72e6fd3 100644
--- a/source/rpc_client/cli_samr.c
+++ b/source/rpc_client/cli_samr.c
@@ -1497,75 +1497,6 @@ NTSTATUS rpccli_samr_remove_sid_foreign_domain(struct rpc_pipe_client *cli,
return result;
}
-/* Query user security object */
-
-NTSTATUS rpccli_samr_query_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol, uint32 sec_info,
- TALLOC_CTX *ctx, SEC_DESC_BUF **sec_desc_buf)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_QUERY_SEC_OBJ q;
- SAMR_R_QUERY_SEC_OBJ r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_query_sec_obj\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_query_sec_obj(&q, user_pol, sec_info);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_QUERY_SEC_OBJECT,
- q, r,
- qbuf, rbuf,
- samr_io_q_query_sec_obj,
- samr_io_r_query_sec_obj,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
- *sec_desc_buf=dup_sec_desc_buf(ctx, r.buf);
-
- return result;
-}
-
-/* Set user security object */
-
-NTSTATUS rpccli_samr_set_sec_obj(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
- POLICY_HND *user_pol, uint32 sec_info,
- SEC_DESC_BUF *sec_desc_buf)
-{
- prs_struct qbuf, rbuf;
- SAMR_Q_SET_SEC_OBJ q;
- SAMR_R_SET_SEC_OBJ r;
- NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
-
- DEBUG(10,("cli_samr_set_sec_obj\n"));
-
- ZERO_STRUCT(q);
- ZERO_STRUCT(r);
-
- /* Marshall data and send request */
-
- init_samr_q_set_sec_obj(&q, user_pol, sec_info, sec_desc_buf);
-
- CLI_DO_RPC(cli, mem_ctx, PI_SAMR, SAMR_SET_SEC_OBJECT,
- q, r,
- qbuf, rbuf,
- samr_io_q_set_sec_obj,
- samr_io_r_set_sec_obj,
- NT_STATUS_UNSUCCESSFUL);
-
- /* Return output parameters */
-
- result = r.status;
-
- return result;
-}
-
/* Lookup Domain Name */
NTSTATUS rpccli_samr_lookup_domain(struct rpc_pipe_client *cli, TALLOC_CTX *mem_ctx,
diff --git a/source/rpc_parse/parse_samr.c b/source/rpc_parse/parse_samr.c
index 9924a16..56a97b1 100644
--- a/source/rpc_parse/parse_samr.c
+++ b/source/rpc_parse/parse_samr.c
@@ -264,75 +264,6 @@ bool samr_io_r_get_usrdom_pwinfo(const char *desc, SAMR_R_GET_USRDOM_PWINFO * r_
return True;
}
-
-/*******************************************************************
-reads or writes a structure.
-********************************************************************/
-
-bool samr_io_q_set_sec_obj(const char *desc, SAMR_Q_SET_SEC_OBJ * q_u,
- prs_struct *ps, int depth)
-{
- if (q_u == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "samr_io_q_set_sec_obj");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!smb_io_pol_hnd("pol", &q_u->pol, ps, depth))
- return False;
-
- if(!prs_uint32("sec_info", ps, depth, &q_u->sec_info))
- return False;
-
- if(!sec_io_desc_buf("sec_desc", &q_u->buf, ps, depth))
- return False;
-
- return True;
-}
-
-
-/*******************************************************************
-reads or writes a structure.
-********************************************************************/
-
-void init_samr_q_query_sec_obj(SAMR_Q_QUERY_SEC_OBJ * q_u,
- POLICY_HND *user_pol, uint32 sec_info)
-{
- DEBUG(5, ("samr_init_samr_q_query_sec_obj\n"));
-
- q_u->user_pol = *user_pol;
- q_u->sec_info = sec_info;
-}
-
-
-/*******************************************************************
-reads or writes a structure.
-********************************************************************/
-
-bool samr_io_q_query_sec_obj(const char *desc, SAMR_Q_QUERY_SEC_OBJ * q_u,
- prs_struct *ps, int depth)
-{
- if (q_u == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "samr_io_q_query_sec_obj");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!smb_io_pol_hnd("user_pol", &q_u->user_pol, ps, depth))
- return False;
-
- if(!prs_uint32("sec_info", ps, depth, &q_u->sec_info))
- return False;
-
- return True;
-}
-
/*******************************************************************
reads or writes a structure.
********************************************************************/
@@ -896,72 +827,6 @@ bool samr_io_r_query_domain_info(const char *desc, SAMR_R_QUERY_DOMAIN_INFO * r_
}
/*******************************************************************
-reads or writes a structure.
-********************************************************************/
-
-void init_samr_q_set_sec_obj(SAMR_Q_SET_SEC_OBJ * q_u,
- POLICY_HND *pol, uint32 sec_info, SEC_DESC_BUF *buf)
-{
- DEBUG(5, ("samr_init_samr_q_set_sec_obj\n"));
-
- q_u->pol = *pol;
- q_u->sec_info = sec_info;
- q_u->buf = buf;
-}
-
-
-/*******************************************************************
-reads or writes a SAMR_R_SET_SEC_OBJ structure.
-********************************************************************/
-
-bool samr_io_r_set_sec_obj(const char *desc, SAMR_R_SET_SEC_OBJ * r_u,
- prs_struct *ps, int depth)
-{
- if (r_u == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "samr_io_r_set_sec_obj");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_ntstatus("status", ps, depth, &r_u->status))
- return False;
-
- return True;
-}
-
-/*******************************************************************
-reads or writes a SAMR_R_QUERY_SEC_OBJ structure.
-********************************************************************/
-
-bool samr_io_r_query_sec_obj(const char *desc, SAMR_R_QUERY_SEC_OBJ * r_u,
- prs_struct *ps, int depth)
-{
- if (r_u == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "samr_io_r_query_sec_obj");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr", ps, depth, &r_u->ptr))
- return False;
- if (r_u->ptr != 0) {
- if(!sec_io_desc_buf("sec", &r_u->buf, ps, depth))
- return False;
- }
-
- if(!prs_ntstatus("status", ps, depth, &r_u->status))
- return False;
-
- return True;
-}
-
-/*******************************************************************
reads or writes a SAM_STR1 structure.
********************************************************************/
diff --git a/source/rpc_server/srv_samr.c b/source/rpc_server/srv_samr.c
index 38bbda3..94f7c6f 100644
--- a/source/rpc_server/srv_samr.c
+++ b/source/rpc_server/srv_samr.c
@@ -110,28 +110,7 @@ static bool api_samr_get_usrdom_pwinfo(pipes_struct *p)
static bool api_samr_set_sec_obj(pipes_struct *p)
{
- SAMR_Q_SET_SEC_OBJ q_u;
- SAMR_R_SET_SEC_OBJ r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!samr_io_q_set_sec_obj("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_set_sec_obj: unable to unmarshall SAMR_Q_SET_SEC_OBJ.\n"));
- return False;
- }
-
- r_u.status = _samr_set_sec_obj(p, &q_u, &r_u);
-
- if(!samr_io_r_set_sec_obj("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_set_sec_obj: unable to marshall SAMR_R_SET_SEC_OBJ.\n"));
- return False;
- }
-
- return True;
+ return proxy_samr_call(p, NDR_SAMR_SETSECURITY);
}
/*******************************************************************
@@ -140,28 +119,7 @@ static bool api_samr_set_sec_obj(pipes_struct *p)
static bool api_samr_query_sec_obj(pipes_struct *p)
{
- SAMR_Q_QUERY_SEC_OBJ q_u;
- SAMR_R_QUERY_SEC_OBJ r_u;
-
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!samr_io_q_query_sec_obj("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_query_sec_obj: unable to unmarshall SAMR_Q_QUERY_SEC_OBJ.\n"));
- return False;
- }
-
- r_u.status = _samr_query_sec_obj(p, &q_u, &r_u);
-
- if(!samr_io_r_query_sec_obj("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_query_sec_obj: unable to marshall SAMR_R_QUERY_SEC_OBJ.\n"));
- return False;
- }
-
- return True;
+ return proxy_samr_call(p, NDR_SAMR_QUERYSECURITY);
}
/*******************************************************************
diff --git a/source/rpc_server/srv_samr_nt.c b/source/rpc_server/srv_samr_nt.c
index 2ccb202..c51aa39 100644
--- a/source/rpc_server/srv_samr_nt.c
+++ b/source/rpc_server/srv_samr_nt.c
@@ -672,10 +672,11 @@ static bool get_lsa_policy_samr_sid( pipes_struct *p, POLICY_HND *pol,
}
/*******************************************************************
- _samr_set_sec_obj
+ _samr_SetSecurity
********************************************************************/
-NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_SEC_OBJ *r_u)
+NTSTATUS _samr_SetSecurity(pipes_struct *p,
+ struct samr_SetSecurity *r)
{
DOM_SID pol_sid;
uint32 acc_granted, i;
@@ -684,9 +685,7 @@ NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_
struct samu *sampass=NULL;
NTSTATUS status;
- r_u->status = NT_STATUS_OK;
-
- if (!get_lsa_policy_samr_sid(p, &q_u->pol, &pol_sid, &acc_granted, NULL))
+ if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
return NT_STATUS_INVALID_HANDLE;
if (!(sampass = samu_new( p->mem_ctx))) {
@@ -705,7 +704,7 @@ NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_
return NT_STATUS_INVALID_HANDLE;
}
- dacl = q_u->buf->sd->dacl;
+ dacl = r->in.sdbuf->sd->dacl;
for (i=0; i < dacl->num_aces; i++) {
if (sid_equal(&pol_sid, &dacl->aces[i].trustee)) {
ret = pdb_set_pass_can_change(sampass,
@@ -721,7 +720,7 @@ NTSTATUS _samr_set_sec_obj(pipes_struct *p, SAMR_Q_SET_SEC_OBJ *q_u, SAMR_R_SET_
return NT_STATUS_ACCESS_DENIED;
}
- status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_set_sec_obj");
+ status = access_check_samr_function(acc_granted, SA_RIGHT_USER_SET_ATTRIBUTES, "_samr_SetSecurity");
if (NT_STATUS_IS_OK(status)) {
become_root();
status = pdb_update_sam_account(sampass);
@@ -768,66 +767,63 @@ static bool check_change_pw_access(TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
/*******************************************************************
- _samr_query_sec_obj
+ _samr_QuerySecurity
********************************************************************/
-NTSTATUS _samr_query_sec_obj(pipes_struct *p, SAMR_Q_QUERY_SEC_OBJ *q_u, SAMR_R_QUERY_SEC_OBJ *r_u)
+NTSTATUS _samr_QuerySecurity(pipes_struct *p,
+ struct samr_QuerySecurity *r)
{
+ NTSTATUS status;
DOM_SID pol_sid;
SEC_DESC * psd = NULL;
uint32 acc_granted;
size_t sd_size;
- r_u->status = NT_STATUS_OK;
-
/* Get the SID. */
- if (!get_lsa_policy_samr_sid(p, &q_u->user_pol, &pol_sid, &acc_granted, NULL))
+ if (!get_lsa_policy_samr_sid(p, r->in.handle, &pol_sid, &acc_granted, NULL))
return NT_STATUS_INVALID_HANDLE;
- DEBUG(10,("_samr_query_sec_obj: querying security on SID: %s\n",
+ DEBUG(10,("_samr_QuerySecurity: querying security on SID: %s\n",
sid_string_dbg(&pol_sid)));
/* Check what typ of SID is beeing queried (e.g Domain SID, User SID, Group SID) */
/* To query the security of the SAM it self an invalid SID with S-0-0 is passed to this function */
if (pol_sid.sid_rev_num == 0) {
- DEBUG(5,("_samr_query_sec_obj: querying security on SAM\n"));
- r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
+ DEBUG(5,("_samr_QuerySecurity: querying security on SAM\n"));
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0);
} else if (sid_equal(&pol_sid,get_global_sam_sid())) {
/* check if it is our domain SID */
- DEBUG(5,("_samr_query_sec_obj: querying security on Domain "
+ DEBUG(5,("_samr_QuerySecurity: querying security on Domain "
"with SID: %s\n", sid_string_dbg(&pol_sid)));
- r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
} else if (sid_equal(&pol_sid,&global_sid_Builtin)) {
/* check if it is the Builtin Domain */
/* TODO: Builtin probably needs a different SD with restricted write access*/
- DEBUG(5,("_samr_query_sec_obj: querying security on Builtin "
+ DEBUG(5,("_samr_QuerySecurity: querying security on Builtin "
"Domain with SID: %s\n", sid_string_dbg(&pol_sid)));
- r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0);
} else if (sid_check_is_in_our_domain(&pol_sid) ||
sid_check_is_in_builtin(&pol_sid)) {
/* TODO: different SDs have to be generated for aliases groups and users.
Currently all three get a default user SD */
- DEBUG(10,("_samr_query_sec_obj: querying security on Object "
+ DEBUG(10,("_samr_QuerySecurity: querying security on Object "
"with SID: %s\n", sid_string_dbg(&pol_sid)));
if (check_change_pw_access(p->mem_ctx, &pol_sid)) {
- r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping,
&pol_sid, SAMR_USR_RIGHTS_WRITE_PW);
} else {
- r_u->status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping,
+ status = make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_nopwchange_generic_mapping,
&pol_sid, SAMR_USR_RIGHTS_CANT_WRITE_PW);
}
} else {
return NT_STATUS_OBJECT_TYPE_MISMATCH;
}
- if ((r_u->buf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
+ if ((*r->out.sdbuf = make_sec_desc_buf(p->mem_ctx, sd_size, psd)) == NULL)
return NT_STATUS_NO_MEMORY;
- if (NT_STATUS_IS_OK(r_u->status))
- r_u->ptr = 1;
-
- return r_u->status;
+ return status;
}
/*******************************************************************
@@ -5081,26 +5077,6 @@ NTSTATUS _samr_Connect(pipes_struct *p,
/****************************************************************
****************************************************************/
-NTSTATUS _samr_SetSecurity(pipes_struct *p,
- struct samr_SetSecurity *r)
-{
- p->rng_fault_state = true;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-/****************************************************************
-****************************************************************/
-
-NTSTATUS _samr_QuerySecurity(pipes_struct *p,
- struct samr_QuerySecurity *r)
-{
- p->rng_fault_state = true;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-/****************************************************************
-****************************************************************/
-
NTSTATUS _samr_Shutdown(pipes_struct *p,
struct samr_Shutdown *r)
{
diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c
index 976bc86..2799e46 100644
--- a/source/rpcclient/cmd_samr.c
+++ b/source/rpcclient/cmd_samr.c
@@ -2080,8 +2080,10 @@ static NTSTATUS cmd_samr_query_sec_obj(struct rpc_pipe_client *cli,
/* Query SAM security object */
- result = rpccli_samr_query_sec_obj(cli, mem_ctx, pol, sec_info, ctx,
- &sec_desc_buf);
+ result = rpccli_samr_QuerySecurity(cli, mem_ctx,
--
Samba Shared Repository
More information about the samba-cvs
mailing list