The branch, master has been updated
via d22965e2e596c8ad78f5330398d43d96bf564773 (commit)
via 233bfb25c9443688f74c506348b0a7b34489e1d1 (commit)
via a2a155bee59c7e849a492933d1ea5769e409bac5 (commit)
from 370e7209dbafce147a5e9f283d9dcc53c72bce99 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d22965e2e596c8ad78f5330398d43d96bf564773
Author: Günther Deschner <g...@samba.org>
Date: Thu Apr 30 11:19:42 2009 +0200
s3-spoolss: avoid referring to uid 0 in spoolss server (use
sec_initial_uid() instead).
Guenther
commit 233bfb25c9443688f74c506348b0a7b34489e1d1
Author: Günther Deschner <g...@samba.org>
Date: Thu Apr 30 01:25:23 2009 +0200
s3-printing: use move_driver_file_to_download_area() to avoid code
duplication.
Guenther
commit a2a155bee59c7e849a492933d1ea5769e409bac5
Author: Günther Deschner <g...@samba.org>
Date: Thu Apr 30 01:07:31 2009 +0200
s3-printing: add move_driver_file_to_download_area().
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/printing/nt_printing.c | 238 ++++++++++++++---------------------
source3/rpc_server/srv_spoolss_nt.c | 6 +-
2 files changed, 97 insertions(+), 147 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c
index cfef4fe..88e210c 100644
--- a/source3/printing/nt_printing.c
+++ b/source3/printing/nt_printing.c
@@ -1802,6 +1802,46 @@ static char* ffmt(unsigned char *c){
/****************************************************************************
****************************************************************************/
+
+static WERROR move_driver_file_to_download_area(TALLOC_CTX *mem_ctx,
+ connection_struct *conn,
+ const char *driver_file,
+ const char *architecture,
+ const char *new_dir,
+ uint32_t version)
+{
+ char *old_name = NULL;
+ char *new_name = NULL;
+ SMB_STRUCT_STAT st;
+ NTSTATUS status;
+
+ new_name = talloc_asprintf(mem_ctx, "%s/%s",
+ architecture, driver_file);
+ W_ERROR_HAVE_NO_MEMORY(new_name);
+
+ old_name = talloc_asprintf(mem_ctx, "%s/%s",
+ new_dir, driver_file);
+ W_ERROR_HAVE_NO_MEMORY(old_name);
+
+ if (version != -1 && (version = file_version_is_newer(conn, new_name,
old_name)) > 0) {
+
+ new_name = driver_unix_convert(conn, new_name, &st);
+ W_ERROR_HAVE_NO_MEMORY(new_name);
+
+ status = copy_file(mem_ctx, conn, new_name, old_name,
+ OPENX_FILE_EXISTS_TRUNCATE |
+ OPENX_FILE_CREATE_IF_NOT_EXIST,
+ 0, false);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0,("move_driver_file_to_download_area: Unable to
rename [%s] to [%s]\n",
+ new_name, old_name));
+ return WERR_ACCESS_DENIED;
+ }
+ }
+
+ return WERR_OK;
+}
+
WERROR move_driver_to_download_area(struct pipes_struct *p,
NT_PRINTER_DRIVER_INFO_LEVEL
driver_abstract,
uint32 level, WERROR *perr)
@@ -1810,8 +1850,6 @@ WERROR move_driver_to_download_area(struct pipes_struct
*p,
NT_PRINTER_DRIVER_INFO_LEVEL_3 converted_driver;
const char *architecture;
char *new_dir = NULL;
- char *old_name = NULL;
- char *new_name = NULL;
connection_struct *conn = NULL;
NTSTATUS nt_status;
SMB_STRUCT_STAT st;
@@ -1894,143 +1932,74 @@ WERROR move_driver_to_download_area(struct
pipes_struct *p,
DEBUG(5,("Moving files now !\n"));
if (driver->driverpath && strlen(driver->driverpath)) {
- new_name = talloc_asprintf(ctx,
- "%s/%s",
- architecture,
- driver->driverpath);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- old_name = talloc_asprintf(ctx,
- "%s/%s",
- new_dir,
- driver->driverpath);
- if (!old_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if (ver != -1 && (ver=file_version_is_newer(conn, new_name,
old_name)) > 0) {
- new_name = driver_unix_convert(conn,new_name,&st);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if ( !NT_STATUS_IS_OK(copy_file(ctx,conn, new_name,
old_name, OPENX_FILE_EXISTS_TRUNCATE|
- OPENX_FILE_CREATE_IF_NOT_EXIST,
0, False))) {
- DEBUG(0,("move_driver_to_download_area: Unable
to rename [%s] to [%s]\n",
- new_name, old_name));
- *perr = WERR_ACCESS_DENIED;
+ *perr = move_driver_file_to_download_area(ctx,
+ conn,
+ driver->driverpath,
+ architecture,
+ new_dir,
+ ver);
+ if (!W_ERROR_IS_OK(*perr)) {
+ if (W_ERROR_EQUAL(*perr, WERR_ACCESS_DENIED)) {
ver = -1;
}
+ goto err_exit;
}
}
if (driver->datafile && strlen(driver->datafile)) {
if (!strequal(driver->datafile, driver->driverpath)) {
- new_name = talloc_asprintf(ctx,
- "%s/%s",
- architecture,
- driver->datafile);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- old_name = talloc_asprintf(ctx,
- "%s/%s",
- new_dir,
- driver->datafile);
- if (!old_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if (ver != -1 && (ver=file_version_is_newer(conn,
new_name, old_name)) > 0) {
- new_name =
driver_unix_convert(conn,new_name,&st);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if ( !NT_STATUS_IS_OK(copy_file(ctx,conn,
new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE|
- OPENX_FILE_CREATE_IF_NOT_EXIST,
0, False))) {
- DEBUG(0,("move_driver_to_download_area:
Unable to rename [%s] to [%s]\n",
- new_name, old_name));
- *perr = WERR_ACCESS_DENIED;
+
+ *perr = move_driver_file_to_download_area(ctx,
+ conn,
+
driver->datafile,
+ architecture,
+ new_dir,
+ ver);
+ if (!W_ERROR_IS_OK(*perr)) {
+ if (W_ERROR_EQUAL(*perr, WERR_ACCESS_DENIED)) {
ver = -1;
}
+ goto err_exit;
}
}
}
if (driver->configfile && strlen(driver->configfile)) {
if (!strequal(driver->configfile, driver->driverpath) &&
- !strequal(driver->configfile, driver->datafile)) {
- new_name = talloc_asprintf(ctx,
- "%s/%s",
- architecture,
- driver->configfile);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- old_name = talloc_asprintf(ctx,
- "%s/%s",
- new_dir,
- driver->configfile);
- if (!old_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if (ver != -1 && (ver=file_version_is_newer(conn,
new_name, old_name)) > 0) {
- new_name =
driver_unix_convert(conn,new_name,&st);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if ( !NT_STATUS_IS_OK(copy_file(ctx,conn,
new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE|
- OPENX_FILE_CREATE_IF_NOT_EXIST,
0, False))) {
- DEBUG(0,("move_driver_to_download_area:
Unable to rename [%s] to [%s]\n",
- new_name, old_name));
- *perr = WERR_ACCESS_DENIED;
+ !strequal(driver->configfile, driver->datafile)) {
+
+ *perr = move_driver_file_to_download_area(ctx,
+ conn,
+
driver->configfile,
+ architecture,
+ new_dir,
+ ver);
+ if (!W_ERROR_IS_OK(*perr)) {
+ if (W_ERROR_EQUAL(*perr, WERR_ACCESS_DENIED)) {
ver = -1;
}
+ goto err_exit;
}
}
}
if (driver->helpfile && strlen(driver->helpfile)) {
if (!strequal(driver->helpfile, driver->driverpath) &&
- !strequal(driver->helpfile, driver->datafile) &&
- !strequal(driver->helpfile, driver->configfile)) {
- new_name = talloc_asprintf(ctx,
- "%s/%s",
- architecture,
- driver->helpfile);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- old_name = talloc_asprintf(ctx,
- "%s/%s",
- new_dir,
- driver->helpfile);
- if (!old_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if (ver != -1 && (ver=file_version_is_newer(conn,
new_name, old_name)) > 0) {
- new_name =
driver_unix_convert(conn,new_name,&st);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if ( !NT_STATUS_IS_OK(copy_file(ctx,conn,
new_name, old_name, OPENX_FILE_EXISTS_TRUNCATE|
- OPENX_FILE_CREATE_IF_NOT_EXIST,
0, False))) {
- DEBUG(0,("move_driver_to_download_area:
Unable to rename [%s] to [%s]\n",
- new_name, old_name));
- *perr = WERR_ACCESS_DENIED;
+ !strequal(driver->helpfile, driver->datafile) &&
+ !strequal(driver->helpfile, driver->configfile)) {
+
+ *perr = move_driver_file_to_download_area(ctx,
+ conn,
+
driver->helpfile,
+ architecture,
+ new_dir,
+ ver);
+ if (!W_ERROR_IS_OK(*perr)) {
+ if (W_ERROR_EQUAL(*perr, WERR_ACCESS_DENIED)) {
ver = -1;
}
+ goto err_exit;
}
}
}
@@ -2038,9 +2007,9 @@ WERROR move_driver_to_download_area(struct pipes_struct
*p,
if (driver->dependentfiles) {
for (i=0; *driver->dependentfiles[i]; i++) {
if (!strequal(driver->dependentfiles[i],
driver->driverpath) &&
- !strequal(driver->dependentfiles[i],
driver->datafile) &&
- !strequal(driver->dependentfiles[i],
driver->configfile) &&
- !strequal(driver->dependentfiles[i],
driver->helpfile)) {
+ !strequal(driver->dependentfiles[i],
driver->datafile) &&
+ !strequal(driver->dependentfiles[i],
driver->configfile) &&
+ !strequal(driver->dependentfiles[i],
driver->helpfile)) {
int j;
for (j=0; j < i; j++) {
if (strequal(driver->dependentfiles[i],
driver->dependentfiles[j])) {
@@ -2048,36 +2017,17 @@ WERROR move_driver_to_download_area(struct pipes_struct
*p,
}
}
- new_name = talloc_asprintf(ctx,
- "%s/%s",
- architecture,
- driver->dependentfiles[i]);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- old_name = talloc_asprintf(ctx,
- "%s/%s",
- new_dir,
- driver->dependentfiles[i]);
- if (!old_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if (ver != -1 &&
(ver=file_version_is_newer(conn, new_name, old_name)) > 0) {
- new_name =
driver_unix_convert(conn,new_name,&st);
- if (!new_name) {
- *perr = WERR_NOMEM;
- goto err_exit;
- }
- if (
!NT_STATUS_IS_OK(copy_file(ctx,conn, new_name, old_name,
-
OPENX_FILE_EXISTS_TRUNCATE|
-
OPENX_FILE_CREATE_IF_NOT_EXIST, 0, False))) {
-
DEBUG(0,("move_driver_to_download_area: Unable to rename [%s] to [%s]\n",
- new_name,
old_name));
- *perr = WERR_ACCESS_DENIED;
+ *perr = move_driver_file_to_download_area(ctx,
+ conn,
+
driver->dependentfiles[i],
+
architecture,
+
new_dir,
+ ver);
+ if (!W_ERROR_IS_OK(*perr)) {
+ if (W_ERROR_EQUAL(*perr,
WERR_ACCESS_DENIED)) {
ver = -1;
}
+ goto err_exit;
}
}
NextDriver: ;
diff --git a/source3/rpc_server/srv_spoolss_nt.c
b/source3/rpc_server/srv_spoolss_nt.c
index a4c994a..57410d0 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1639,7 +1639,7 @@ WERROR _spoolss_OpenPrinterEx(pipes_struct *p,
/* if the user is not root, doesn't have
SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
- if ((p->server_info->utok.uid != 0) &&
+ if ((p->server_info->utok.uid != sec_initial_uid()) &&
!user_has_privileges(p->server_info->ptok,
&se_printop ) &&
!token_contains_name_in_list(
@@ -2117,7 +2117,7 @@ WERROR _spoolss_DeletePrinterDriver(pipes_struct *p,
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
- if ( (p->server_info->utok.uid != 0)
+ if ( (p->server_info->utok.uid != sec_initial_uid())
&& !user_has_privileges(p->server_info->ptok, &se_printop )
&& !token_contains_name_in_list(
uidtoname(p->server_info->utok.uid), NULL,
@@ -2217,7 +2217,7 @@ WERROR _spoolss_DeletePrinterDriverEx(pipes_struct *p,
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
- if ( (p->server_info->utok.uid != 0)
+ if ( (p->server_info->utok.uid != sec_initial_uid())
&& !user_has_privileges(p->server_info->ptok, &se_printop )
&& !token_contains_name_in_list(
uidtoname(p->server_info->utok.uid), NULL, NULL,
--
Samba Shared Repository
