[SCM] Samba Shared Repository - branch v3-2-test updated -
initial-v3-2-test-2384-g1131e91
Günther Deschner
gd at samba.org
Mon Feb 18 11:00:03 GMT 2008
The branch, v3-2-test has been updated
via 1131e914df9c69b046f335999b7b62063e92fb9d (commit)
via d752d52f1a4b75d7d4934da66566bc62e14caf27 (commit)
from d85a2782a483e563a8b68924d4897a145bc25896 (commit)
http://gitweb.samba.org/?samba.git;a=shortlog;h=v3-2-test
- Log -----------------------------------------------------------------
commit 1131e914df9c69b046f335999b7b62063e92fb9d
Author: Günther Deschner <gd at samba.org>
Date: Mon Feb 18 11:55:31 2008 +0100
Use pidl for _svcctl_OpenSCManagerW().
Guenther
commit d752d52f1a4b75d7d4934da66566bc62e14caf27
Author: Günther Deschner <gd at samba.org>
Date: Mon Feb 18 11:48:51 2008 +0100
Remove whitespace, no code changes.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source/rpc_server/srv_svcctl.c | 18 +--
source/rpc_server/srv_svcctl_nt.c | 335 ++++++++++++++++++-------------------
source/utils/net_rpc_service.c | 208 ++++++++++++------------
3 files changed, 270 insertions(+), 291 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/rpc_server/srv_svcctl.c b/source/rpc_server/srv_svcctl.c
index ce81a24..ba939ac 100644
--- a/source/rpc_server/srv_svcctl.c
+++ b/source/rpc_server/srv_svcctl.c
@@ -53,23 +53,7 @@ static bool api_svcctl_close_service(pipes_struct *p)
static bool api_svcctl_open_scmanager(pipes_struct *p)
{
- SVCCTL_Q_OPEN_SCMANAGER q_u;
- SVCCTL_R_OPEN_SCMANAGER r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!svcctl_io_q_open_scmanager("", &q_u, data, 0))
- return False;
-
- r_u.status = _svcctl_open_scmanager(p, &q_u, &r_u);
-
- if(!svcctl_io_r_open_scmanager("", &r_u, rdata, 0))
- return False;
-
- return True;
+ return proxy_svcctl_call(p, NDR_SVCCTL_OPENSCMANAGERW);
}
/*******************************************************************
diff --git a/source/rpc_server/srv_svcctl_nt.c b/source/rpc_server/srv_svcctl_nt.c
index ac45d8b..459def1 100644
--- a/source/rpc_server/srv_svcctl_nt.c
+++ b/source/rpc_server/srv_svcctl_nt.c
@@ -1,22 +1,22 @@
-/*
+/*
* Unix SMB/CIFS implementation.
* RPC Pipe client / server routines
*
* Copyright (C) Marcin Krzysztof Porwit 2005.
- *
+ *
* Largely Rewritten (Again) by:
* Copyright (C) Gerald (Jerry) Carter 2005.
- *
+ *
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
- *
+ *
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
- *
+ *
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
@@ -63,42 +63,42 @@ bool init_service_op_table( void )
const char **service_list = lp_svcctl_list();
int num_services = SVCCTL_NUM_INTERNAL_SERVICES + str_list_count( service_list );
int i;
-
+
if ( !(svcctl_ops = TALLOC_ARRAY( NULL, struct service_control_op, num_services+1)) ) {
DEBUG(0,("init_service_op_table: talloc() failed!\n"));
return False;
}
/* services listed in smb.conf get the rc.init interface */
-
+
for ( i=0; service_list && service_list[i]; i++ ) {
svcctl_ops[i].name = talloc_strdup( svcctl_ops, service_list[i] );
svcctl_ops[i].ops = &rcinit_svc_ops;
}
-
+
/* add builtin services */
-
+
svcctl_ops[i].name = talloc_strdup( svcctl_ops, "Spooler" );
svcctl_ops[i].ops = &spoolss_svc_ops;
i++;
-
+
svcctl_ops[i].name = talloc_strdup( svcctl_ops, "NETLOGON" );
svcctl_ops[i].ops = &netlogon_svc_ops;
i++;
-
+
svcctl_ops[i].name = talloc_strdup( svcctl_ops, "RemoteRegistry" );
svcctl_ops[i].ops = &winreg_svc_ops;
i++;
-
+
svcctl_ops[i].name = talloc_strdup( svcctl_ops, "WINS" );
svcctl_ops[i].ops = &wins_svc_ops;
i++;
-
+
/* NULL terminate the array */
-
+
svcctl_ops[i].name = NULL;
svcctl_ops[i].ops = NULL;
-
+
return True;
}
@@ -119,7 +119,7 @@ static struct service_control_op* find_service_by_name( const char *name )
/********************************************************************
********************************************************************/
-static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
+static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
uint32 access_desired, uint32 *access_granted )
{
NTSTATUS result;
@@ -128,7 +128,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
DEBUG(5,("svcctl_access_check: using root's token\n"));
token = get_root_nt_token();
}
-
+
se_access_check( sec_desc, token, access_desired, access_granted, &result );
return result;
@@ -139,7 +139,7 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
{
- SEC_ACE ace[2];
+ SEC_ACE ace[2];
SEC_ACCESS mask;
size_t i = 0;
SEC_DESC *sd;
@@ -147,18 +147,18 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
size_t sd_size;
/* basic access for Everyone */
-
+
init_sec_access(&mask, SC_MANAGER_READ_ACCESS );
init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-
+
/* Full Access 'BUILTIN\Administrators' */
-
+
init_sec_access(&mask,SC_MANAGER_ALL_ACCESS );
init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
-
-
+
+
/* create the security descriptor */
-
+
if ( !(acl = make_sec_acl(ctx, NT4_ACL_REVISION, i, ace)) )
return NULL;
@@ -173,7 +173,7 @@ static SEC_DESC* construct_scm_sd( TALLOC_CTX *ctx )
/******************************************************************
free() function for REGISTRY_KEY
*****************************************************************/
-
+
static void free_service_handle_info(void *ptr)
{
TALLOC_FREE( ptr );
@@ -197,21 +197,21 @@ static SERVICE_INFO *find_service_info_by_hnd(pipes_struct *p, POLICY_HND *hnd)
/******************************************************************
*****************************************************************/
-
+
static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, uint32 type,
const char *service, uint32 access_granted )
{
SERVICE_INFO *info = NULL;
WERROR result = WERR_OK;
struct service_control_op *s_op;
-
+
if ( !(info = TALLOC_ZERO_P( NULL, SERVICE_INFO )) )
return WERR_NOMEM;
/* the Service Manager has a NULL name */
-
+
info->type = SVC_HANDLE_IS_SCM;
-
+
switch ( type ) {
case SVC_HANDLE_IS_SCM:
info->type = SVC_HANDLE_IS_SCM;
@@ -220,17 +220,17 @@ static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, u
case SVC_HANDLE_IS_DBLOCK:
info->type = SVC_HANDLE_IS_DBLOCK;
break;
-
+
case SVC_HANDLE_IS_SERVICE:
info->type = SVC_HANDLE_IS_SERVICE;
-
+
/* lookup the SERVICE_CONTROL_OPS */
if ( !(s_op = find_service_by_name( service )) ) {
result = WERR_NO_SUCH_SERVICE;
goto done;
}
-
+
info->ops = s_op->ops;
if ( !(info->name = talloc_strdup( info, s_op->name )) ) {
@@ -244,15 +244,15 @@ static WERROR create_open_service_handle( pipes_struct *p, POLICY_HND *handle, u
goto done;
}
- info->access_granted = access_granted;
-
+ info->access_granted = access_granted;
+
/* store the SERVICE_INFO and create an open handle */
-
+
if ( !create_policy_hnd( p, handle, free_service_handle_info, info ) ) {
result = WERR_ACCESS_DENIED;
goto done;
}
-
+
done:
if ( !W_ERROR_IS_OK(result) )
free_service_handle_info( info );
@@ -263,23 +263,24 @@ done:
/********************************************************************
********************************************************************/
-WERROR _svcctl_open_scmanager(pipes_struct *p, SVCCTL_Q_OPEN_SCMANAGER *q_u, SVCCTL_R_OPEN_SCMANAGER *r_u)
+WERROR _svcctl_OpenSCManagerW(pipes_struct *p,
+ struct svcctl_OpenSCManagerW *r)
{
SEC_DESC *sec_desc;
uint32 access_granted = 0;
NTSTATUS status;
-
+
/* perform access checks */
-
+
if ( !(sec_desc = construct_scm_sd( p->mem_ctx )) )
return WERR_NOMEM;
-
- se_map_generic( &q_u->access, &scm_generic_map );
- status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, q_u->access, &access_granted );
+
+ se_map_generic( &r->in.access_mask, &scm_generic_map );
+ status = svcctl_access_check( sec_desc, p->pipe_user.nt_user_token, r->in.access_mask, &access_granted );
if ( !NT_STATUS_IS_OK(status) )
return ntstatus_to_werror( status );
-
- return create_open_service_handle( p, &r_u->handle, SVC_HANDLE_IS_SCM, NULL, access_granted );
+
+ return create_open_service_handle( p, r->out.handle, SVC_HANDLE_IS_SCM, NULL, access_granted );
}
/********************************************************************
@@ -307,7 +308,7 @@ WERROR _svcctl_open_service(pipes_struct *p, SVCCTL_Q_OPEN_SERVICE *q_u, SVCCTL_
if ( !find_service_info_by_hnd( p, &q_u->handle ) )
return WERR_BADFID;
- /* perform access checks. Use the root token in order to ensure that we
+ /* perform access checks. Use the root token in order to ensure that we
retrieve the security descriptor */
if ( !(sec_desc = svcctl_get_secdesc( p->mem_ctx, service, get_root_nt_token() )) )
@@ -329,7 +330,7 @@ WERROR _svcctl_CloseServiceHandle(pipes_struct *p, struct svcctl_CloseServiceHan
if ( !close_policy_hnd( p, r->in.handle ) )
return WERR_BADFID;
- return WERR_OK;
+ return WERR_OK;
}
/********************************************************************
@@ -340,14 +341,14 @@ WERROR _svcctl_get_display_name(pipes_struct *p, SVCCTL_Q_GET_DISPLAY_NAME *q_u,
fstring service;
const char *display_name;
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
-
+
/* can only use an SCM handle here */
-
+
if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
return WERR_BADFID;
-
+
rpcstr_pull(service, q_u->servicename.buffer, sizeof(service), q_u->servicename.uni_str_len*2, 0);
-
+
display_name = svcctl_lookup_dispname(p->mem_ctx, service, p->pipe_user.nt_user_token );
init_svcctl_r_get_display_name( r_u, display_name ? display_name : "");
@@ -360,15 +361,15 @@ WERROR _svcctl_get_display_name(pipes_struct *p, SVCCTL_Q_GET_DISPLAY_NAME *q_u,
WERROR _svcctl_query_status(pipes_struct *p, SVCCTL_Q_QUERY_STATUS *q_u, SVCCTL_R_QUERY_STATUS *r_u)
{
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
-
+
/* perform access checks */
if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
return WERR_BADFID;
-
+
if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
return WERR_ACCESS_DENIED;
-
+
/* try the service specific status call */
return info->ops->service_status( info->name, &r_u->svc_status );
@@ -383,7 +384,7 @@ static int enumerate_status( TALLOC_CTX *ctx, ENUM_SERVICES_STATUS **status, NT_
int i;
ENUM_SERVICES_STATUS *st;
const char *display_name;
-
+
/* just count */
while ( svcctl_ops[num_services].name )
num_services++;
@@ -392,16 +393,16 @@ static int enumerate_status( TALLOC_CTX *ctx, ENUM_SERVICES_STATUS **status, NT_
DEBUG(0,("enumerate_status: talloc() failed!\n"));
return -1;
}
-
+
for ( i=0; i<num_services; i++ ) {
init_unistr( &st[i].servicename, svcctl_ops[i].name );
-
+
display_name = svcctl_lookup_dispname(ctx, svcctl_ops[i].name, token );
init_unistr( &st[i].displayname, display_name ? display_name : "");
-
+
svcctl_ops[i].ops->service_status( svcctl_ops[i].name, &st[i].status );
}
-
+
*status = st;
return num_services;
@@ -419,12 +420,12 @@ WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STAT
WERROR result = WERR_OK;
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
NT_USER_TOKEN *token = p->pipe_user.nt_user_token;
-
+
/* perform access checks */
if ( !info || (info->type != SVC_HANDLE_IS_SCM) )
return WERR_BADFID;
-
+
if ( !(info->access_granted & SC_RIGHT_MGR_ENUMERATE_SERVICE) ) {
return WERR_ACCESS_DENIED;
}
@@ -469,15 +470,15 @@ WERROR _svcctl_enum_services_status(pipes_struct *p, SVCCTL_Q_ENUM_SERVICES_STAT
WERROR _svcctl_start_service(pipes_struct *p, SVCCTL_Q_START_SERVICE *q_u, SVCCTL_R_START_SERVICE *r_u)
{
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
-
+
/* perform access checks */
if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
return WERR_BADFID;
-
+
if ( !(info->access_granted & SC_RIGHT_SVC_START) )
return WERR_ACCESS_DENIED;
-
+
return info->ops->start_service( info->name );
}
@@ -487,28 +488,28 @@ WERROR _svcctl_start_service(pipes_struct *p, SVCCTL_Q_START_SERVICE *q_u, SVCCT
WERROR _svcctl_control_service(pipes_struct *p, SVCCTL_Q_CONTROL_SERVICE *q_u, SVCCTL_R_CONTROL_SERVICE *r_u)
{
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
-
+
/* perform access checks */
-
+
if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
- return WERR_BADFID;
-
+ return WERR_BADFID;
+
switch ( q_u->control ) {
case SVCCTL_CONTROL_STOP:
if ( !(info->access_granted & SC_RIGHT_SVC_STOP) )
return WERR_ACCESS_DENIED;
-
+
return info->ops->stop_service( info->name, &r_u->svc_status );
-
+
case SVCCTL_CONTROL_INTERROGATE:
if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
return WERR_ACCESS_DENIED;
-
+
return info->ops->service_status( info->name, &r_u->svc_status );
}
-
+
/* default control action */
-
+
return WERR_ACCESS_DENIED;
}
@@ -518,22 +519,22 @@ WERROR _svcctl_control_service(pipes_struct *p, SVCCTL_Q_CONTROL_SERVICE *q_u, S
WERROR _svcctl_enum_dependent_services( pipes_struct *p, SVCCTL_Q_ENUM_DEPENDENT_SERVICES *q_u, SVCCTL_R_ENUM_DEPENDENT_SERVICES *r_u )
{
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
-
+
/* perform access checks */
if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
- return WERR_BADFID;
-
+ return WERR_BADFID;
+
if ( !(info->access_granted & SC_RIGHT_SVC_ENUMERATE_DEPENDENTS) )
return WERR_ACCESS_DENIED;
-
- /* we have to set the outgoing buffer size to the same as the
+
+ /* we have to set the outgoing buffer size to the same as the
incoming buffer size (even in the case of failure */
rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx );
-
+
r_u->needed = q_u->buffer_size;
-
+
/* no dependent services...basically a stub function */
r_u->returned = 0;
@@ -547,21 +548,21 @@ WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_
{
SERVICE_INFO *info = find_service_info_by_hnd( p, &q_u->handle );
uint32 buffer_size;
-
+
/* perform access checks */
if ( !info || (info->type != SVC_HANDLE_IS_SERVICE) )
- return WERR_BADFID;
-
+ return WERR_BADFID;
+
if ( !(info->access_granted & SC_RIGHT_SVC_QUERY_STATUS) )
return WERR_ACCESS_DENIED;
- /* we have to set the outgoing buffer size to the same as the
+ /* we have to set the outgoing buffer size to the same as the
incoming buffer size (even in the case of failure) */
rpcbuf_init( &r_u->buffer, q_u->buffer_size, p->mem_ctx );
r_u->needed = q_u->buffer_size;
-
+
switch ( q_u->level ) {
case SVC_STATUS_PROCESS_INFO:
{
@@ -576,18 +577,18 @@ WERROR _svcctl_query_service_status_ex( pipes_struct *p, SVCCTL_Q_QUERY_SERVICE_
buffer_size = sizeof(SERVICE_STATUS_PROCESS);
break;
}
-
+
default:
- return WERR_UNKNOWN_LEVEL;
+ return WERR_UNKNOWN_LEVEL;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list