[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-1088-gfa4ff87
Volker Lendecke
vlendec at samba.org
Sat Apr 18 11:59:15 GMT 2009
The branch, master has been updated
via fa4ff87acdfc2fa064eb7fb9d45eef0969128994 (commit)
via c9bc1728f971318ab291639f34b326157e918f5f (commit)
via fd558b37f601b5286f227a77aa593255d75c2484 (commit)
from 81b18464be170528d5e1549868bcbddbbcd60e1e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit fa4ff87acdfc2fa064eb7fb9d45eef0969128994
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 18 13:38:22 2009 +0200
Convert the samr connect_handles to type-safe calls
commit c9bc1728f971318ab291639f34b326157e918f5f
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 18 13:31:20 2009 +0200
Add type-safe policy_handle_create/find
commit fd558b37f601b5286f227a77aa593255d75c2484
Author: Volker Lendecke <vl at samba.org>
Date: Sat Apr 18 13:30:38 2009 +0200
Add some const
-----------------------------------------------------------------------
Summary of changes:
source3/include/proto.h | 15 +++++++++-
source3/rpc_server/srv_lsa_hnd.c | 52 +++++++++++++++++++++++++++++++-
source3/rpc_server/srv_samr_nt.c | 60 +++++++++++++++++++++++--------------
3 files changed, 101 insertions(+), 26 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 07e04ed..8eb5c46 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -5878,11 +5878,24 @@ NTSTATUS evlog_convert_tdb_to_evt(TALLOC_CTX *mem_ctx,
bool init_pipe_handle_list(pipes_struct *p,
const struct ndr_syntax_id *syntax);
bool create_policy_hnd(pipes_struct *p, struct policy_handle *hnd, void *data_ptr);
-bool find_policy_by_hnd(pipes_struct *p, struct policy_handle *hnd, void **data_p);
+bool find_policy_by_hnd(pipes_struct *p, const struct policy_handle *hnd,
+ void **data_p);
bool close_policy_hnd(pipes_struct *p, struct policy_handle *hnd);
void close_policy_by_pipe(pipes_struct *p);
bool pipe_access_check(pipes_struct *p);
+NTSTATUS _policy_handle_create(struct pipes_struct *p, struct policy_handle *hnd,
+ void *pdata, size_t size, const char *name);
+#define policy_handle_create(_p, _hnd, _ptr, _type) \
+ _policy_handle_create((_p), (_hnd), (_ptr), sizeof(_type), #_type)
+
+void *_policy_handle_find(struct pipes_struct *p,
+ const struct policy_handle *hnd,
+ const char *type);
+#define policy_handle_find(_p, _hnd, _type) \
+ (_type *)_policy_handle_find((_p), (_hnd), #_type)
+
+
/* The following definitions come from rpc_server/srv_pipe.c */
bool create_next_pdu(pipes_struct *p);
diff --git a/source3/rpc_server/srv_lsa_hnd.c b/source3/rpc_server/srv_lsa_hnd.c
index e853bb2..e158284 100644
--- a/source3/rpc_server/srv_lsa_hnd.c
+++ b/source3/rpc_server/srv_lsa_hnd.c
@@ -167,7 +167,9 @@ bool create_policy_hnd(pipes_struct *p, struct policy_handle *hnd, void *data_pt
find policy by handle - internal version.
****************************************************************************/
-static struct policy *find_policy_by_hnd_internal(pipes_struct *p, struct policy_handle *hnd, void **data_p)
+static struct policy *find_policy_by_hnd_internal(pipes_struct *p,
+ const struct policy_handle *hnd,
+ void **data_p)
{
struct policy *pol;
size_t i;
@@ -197,7 +199,8 @@ static struct policy *find_policy_by_hnd_internal(pipes_struct *p, struct policy
find policy by handle
****************************************************************************/
-bool find_policy_by_hnd(pipes_struct *p, struct policy_handle *hnd, void **data_p)
+bool find_policy_by_hnd(pipes_struct *p, const struct policy_handle *hnd,
+ void **data_p)
{
return find_policy_by_hnd_internal(p, hnd, data_p) == NULL ? False : True;
}
@@ -277,3 +280,48 @@ bool pipe_access_check(pipes_struct *p)
return True;
}
+
+NTSTATUS _policy_handle_create(struct pipes_struct *p, struct policy_handle *hnd,
+ void *pdata, size_t data_size, const char *type)
+{
+ void **ppdata = (void **)pdata;
+ void *data;
+
+ if (p->pipe_handles->count > MAX_OPEN_POLS) {
+ DEBUG(0, ("policy_handle_create: ERROR: too many handles (%d) "
+ "on pipe %s.\n", (int)p->pipe_handles->count,
+ get_pipe_name_from_iface(&p->syntax)));
+ return NT_STATUS_INSUFFICIENT_RESOURCES;
+ }
+
+ data = talloc_size(talloc_tos(), data_size);
+ if (data == NULL) {
+ return NT_STATUS_NO_MEMORY;
+ }
+ talloc_set_name(data, type);
+
+ if (!create_policy_hnd(p, hnd, data)) {
+ TALLOC_FREE(data);
+ return NT_STATUS_NO_MEMORY;
+ }
+ *ppdata = data;
+ return NT_STATUS_OK;
+}
+
+void *_policy_handle_find(struct pipes_struct *p,
+ const struct policy_handle *hnd,
+ const char *name)
+{
+ void *data;
+
+ if (find_policy_by_hnd_internal(p, hnd, &data) == NULL) {
+ return NULL;
+ }
+ if (strcmp(name, talloc_get_name(data)) != 0) {
+ DEBUG(10, ("expected %s, got %s\n", name,
+ talloc_get_name(data)));
+ return NULL;
+ }
+ DEBUG(10, ("found handle of type %s\n", talloc_get_name(data)));
+ return data;
+}
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 165fb17..159760c 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -48,6 +48,10 @@
#define MAX_SAM_ENTRIES_W2K 0x400 /* 1024 */
#define MAX_SAM_ENTRIES_W95 50
+struct samr_connect_info {
+ uint32_t acc_granted;
+};
+
typedef struct disp_info {
DOM_SID sid; /* identify which domain this is. */
bool builtin_domain; /* Quick flag to check if this is the builtin domain. */
@@ -598,6 +602,7 @@ NTSTATUS _samr_Close(pipes_struct *p, struct samr_Close *r)
NTSTATUS _samr_OpenDomain(pipes_struct *p,
struct samr_OpenDomain *r)
{
+ struct samr_connect_info *cinfo;
struct samr_info *info;
SEC_DESC *psd = NULL;
uint32 acc_granted;
@@ -608,8 +613,11 @@ NTSTATUS _samr_OpenDomain(pipes_struct *p,
/* find the connection policy handle. */
- if ( !find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info) )
+ cinfo = policy_handle_find(p, r->in.connect_handle,
+ struct samr_connect_info);
+ if (cinfo == NULL) {
return NT_STATUS_INVALID_HANDLE;
+ }
/*check if access can be granted as requested by client. */
map_max_allowed_access(p->server_info->ptok, &des_access);
@@ -3189,8 +3197,10 @@ NTSTATUS _samr_CreateUser(pipes_struct *p,
NTSTATUS _samr_Connect(pipes_struct *p,
struct samr_Connect *r)
{
- struct samr_info *info = NULL;
+ struct samr_connect_info *info;
+ struct policy_handle hnd;
uint32 des_access = r->in.access_mask;
+ NTSTATUS status;
/* Access check */
@@ -3201,9 +3211,11 @@ NTSTATUS _samr_Connect(pipes_struct *p,
/* set up the SAMR connect_anon response */
- /* associate the user's SID with the new handle. */
- if ((info = get_samr_info_by_sid(p->mem_ctx, NULL)) == NULL)
- return NT_STATUS_NO_MEMORY;
+ status = policy_handle_create(p, &hnd, &info,
+ struct samr_connect_info);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
/* don't give away the farm but this is probably ok. The SAMR_ACCESS_ENUM_DOMAINS
was observed from a win98 client trying to enumerate users (when configured
@@ -3214,10 +3226,7 @@ NTSTATUS _samr_Connect(pipes_struct *p,
se_map_generic( &des_access, &sam_generic_mapping );
info->acc_granted = des_access & (SAMR_ACCESS_ENUM_DOMAINS|SAMR_ACCESS_LOOKUP_DOMAIN);
- /* get a (unique) handle. open a policy on it. */
- if (!create_policy_hnd(p, r->out.connect_handle, info))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
-
+ *r->out.connect_handle = hnd;
return NT_STATUS_OK;
}
@@ -3228,7 +3237,8 @@ NTSTATUS _samr_Connect(pipes_struct *p,
NTSTATUS _samr_Connect2(pipes_struct *p,
struct samr_Connect2 *r)
{
- struct samr_info *info = NULL;
+ struct samr_connect_info *info = NULL;
+ struct policy_handle hnd;
SEC_DESC *psd = NULL;
uint32 acc_granted;
uint32 des_access = r->in.access_mask;
@@ -3271,20 +3281,18 @@ NTSTATUS _samr_Connect2(pipes_struct *p,
if ( !NT_STATUS_IS_OK(nt_status) )
return nt_status;
- /* associate the user's SID and access granted with the new handle. */
- if ((info = get_samr_info_by_sid(p->mem_ctx, NULL)) == NULL)
- return NT_STATUS_NO_MEMORY;
+ nt_status = policy_handle_create(p, &hnd, &info,
+ struct samr_connect_info);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ return nt_status;
+ }
info->acc_granted = acc_granted;
- info->status = r->in.access_mask; /* this looks so wrong... - gd */
-
- /* get a (unique) handle. open a policy on it. */
- if (!create_policy_hnd(p, r->out.connect_handle, info))
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
DEBUG(5,("%s: %d\n", fn, __LINE__));
- return nt_status;
+ *r->out.connect_handle = hnd;
+ return NT_STATUS_OK;
}
/****************************************************************
@@ -3356,12 +3364,15 @@ NTSTATUS _samr_LookupDomain(pipes_struct *p,
struct samr_LookupDomain *r)
{
NTSTATUS status = NT_STATUS_OK;
- struct samr_info *info;
+ struct samr_connect_info *info;
const char *domain_name;
DOM_SID *sid = NULL;
- if (!find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info))
+ info = policy_handle_find(p, r->in.connect_handle,
+ struct samr_connect_info);
+ if (info == NULL) {
return NT_STATUS_INVALID_HANDLE;
+ }
/* win9x user manager likes to use SAMR_ACCESS_ENUM_DOMAINS here.
Reverted that change so we will work with RAS servers again */
@@ -3407,13 +3418,16 @@ NTSTATUS _samr_EnumDomains(pipes_struct *p,
struct samr_EnumDomains *r)
{
NTSTATUS status;
- struct samr_info *info;
+ struct samr_connect_info *info;
uint32_t num_entries = 2;
struct samr_SamEntry *entry_array = NULL;
struct samr_SamArray *sam;
- if (!find_policy_by_hnd(p, r->in.connect_handle, (void**)(void *)&info))
+ info = policy_handle_find(p, r->in.connect_handle,
+ struct samr_connect_info);
+ if (info == NULL) {
return NT_STATUS_INVALID_HANDLE;
+ }
status = access_check_samr_function(info->acc_granted,
SAMR_ACCESS_ENUM_DOMAINS,
--
Samba Shared Repository
More information about the samba-cvs
mailing list