The branch, master has been updated via 89c682c4185acbf5de16cb4132e33ea825527f41 (commit) via 5c5ce2bee68c4f90a0de3f1833d37cf6f71aa867 (commit) via e1749a1f7815dae4f0721a62a0ea5d3a88aaf320 (commit) via f21ae452a008370a4846c8955ac1a8fe1a0acb3c (commit) from 31f2cddcf5886b0a78290fdfa609a2ee63bda5ad (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 89c682c4185acbf5de16cb4132e33ea825527f41 Author: Günther Deschner <g...@samba.org> Date: Tue Feb 24 12:38:53 2009 +0100 s3: re-run make samba3-idl. Guenther commit 5c5ce2bee68c4f90a0de3f1833d37cf6f71aa867 Author: Günther Deschner <g...@samba.org> Date: Tue Feb 24 12:37:04 2009 +0100 spoolss: fix _spoolss_SetPrinter level 3. Guenther commit e1749a1f7815dae4f0721a62a0ea5d3a88aaf320 Author: Günther Deschner <g...@samba.org> Date: Tue Feb 24 12:19:01 2009 +0100 s3-spoolss: use marshall/unmarshall_sec_desc_buf in nt_printing_setsec/getsec. Guenther commit f21ae452a008370a4846c8955ac1a8fe1a0acb3c Author: Günther Deschner <g...@samba.org> Date: Tue Feb 24 11:34:57 2009 +0100 s3-lib: add marshall_sec_desc_buf and unmarshall_sec_desc_buf helpers. Guenther ----------------------------------------------------------------------- Summary of changes: librpc/gen_ndr/ndr_spoolss.c | 31 ++------------- librpc/gen_ndr/spoolss.h | 2 +- librpc/idl/spoolss.idl | 2 +- source3/include/proto.h | 5 ++ source3/lib/secdesc.c | 63 +++++++++++++++++++++++++++++++ source3/printing/nt_printing.c | 80 +++++++++++++++++---------------------- 6 files changed, 110 insertions(+), 73 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/gen_ndr/ndr_spoolss.c b/librpc/gen_ndr/ndr_spoolss.c index 642ac0b..fdafa25 100644 --- a/librpc/gen_ndr/ndr_spoolss.c +++ b/librpc/gen_ndr/ndr_spoolss.c @@ -3867,36 +3867,20 @@ static enum ndr_err_code ndr_push_spoolss_SetPrinterInfo3(struct ndr_push *ndr, { if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_push_align(ndr, 4)); - NDR_CHECK(ndr_push_unique_ptr(ndr, r->secdesc)); + NDR_CHECK(ndr_push_uint32(ndr, NDR_SCALARS, r->sec_desc_ptr)); } if (ndr_flags & NDR_BUFFERS) { - if (r->secdesc) { - NDR_CHECK(ndr_push_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->secdesc)); - } } return NDR_ERR_SUCCESS; } static enum ndr_err_code ndr_pull_spoolss_SetPrinterInfo3(struct ndr_pull *ndr, int ndr_flags, struct spoolss_SetPrinterInfo3 *r) { - uint32_t _ptr_secdesc; - TALLOC_CTX *_mem_save_secdesc_0; if (ndr_flags & NDR_SCALARS) { NDR_CHECK(ndr_pull_align(ndr, 4)); - NDR_CHECK(ndr_pull_generic_ptr(ndr, &_ptr_secdesc)); - if (_ptr_secdesc) { - NDR_PULL_ALLOC(ndr, r->secdesc); - } else { - r->secdesc = NULL; - } + NDR_CHECK(ndr_pull_uint32(ndr, NDR_SCALARS, &r->sec_desc_ptr)); } if (ndr_flags & NDR_BUFFERS) { - if (r->secdesc) { - _mem_save_secdesc_0 = NDR_PULL_GET_MEM_CTX(ndr); - NDR_PULL_SET_MEM_CTX(ndr, r->secdesc, 0); - NDR_CHECK(ndr_pull_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, r->secdesc)); - NDR_PULL_SET_MEM_CTX(ndr, _mem_save_secdesc_0, 0); - } } return NDR_ERR_SUCCESS; } @@ -3905,12 +3889,7 @@ _PUBLIC_ void ndr_print_spoolss_SetPrinterInfo3(struct ndr_print *ndr, const cha { ndr_print_struct(ndr, name, "spoolss_SetPrinterInfo3"); ndr->depth++; - ndr_print_ptr(ndr, "secdesc", r->secdesc); - ndr->depth++; - if (r->secdesc) { - ndr_print_security_descriptor(ndr, "secdesc", r->secdesc); - } - ndr->depth--; + ndr_print_uint32(ndr, "sec_desc_ptr", r->sec_desc_ptr); ndr->depth--; } @@ -4279,7 +4258,7 @@ static enum ndr_err_code ndr_push_spoolss_SetPrinterInfo(struct ndr_push *ndr, i case 3: if (r->info3) { - NDR_CHECK(ndr_push_spoolss_SetPrinterInfo3(ndr, NDR_SCALARS|NDR_BUFFERS, r->info3)); + NDR_CHECK(ndr_push_spoolss_SetPrinterInfo3(ndr, NDR_SCALARS, r->info3)); } break; @@ -4486,7 +4465,7 @@ static enum ndr_err_code ndr_pull_spoolss_SetPrinterInfo(struct ndr_pull *ndr, i if (r->info3) { _mem_save_info3_0 = NDR_PULL_GET_MEM_CTX(ndr); NDR_PULL_SET_MEM_CTX(ndr, r->info3, 0); - NDR_CHECK(ndr_pull_spoolss_SetPrinterInfo3(ndr, NDR_SCALARS|NDR_BUFFERS, r->info3)); + NDR_CHECK(ndr_pull_spoolss_SetPrinterInfo3(ndr, NDR_SCALARS, r->info3)); NDR_PULL_SET_MEM_CTX(ndr, _mem_save_info3_0, 0); } break; diff --git a/librpc/gen_ndr/spoolss.h b/librpc/gen_ndr/spoolss.h index 0b77997..ad4554d 100644 --- a/librpc/gen_ndr/spoolss.h +++ b/librpc/gen_ndr/spoolss.h @@ -501,7 +501,7 @@ struct spoolss_SetPrinterInfo2 { }; struct spoolss_SetPrinterInfo3 { - struct security_descriptor *secdesc;/* [unique] */ + uint32_t sec_desc_ptr; }; struct spoolss_SetPrinterInfo4 { diff --git a/librpc/idl/spoolss.idl b/librpc/idl/spoolss.idl index 510ad3e..3e35399 100644 --- a/librpc/idl/spoolss.idl +++ b/librpc/idl/spoolss.idl @@ -552,7 +552,7 @@ import "misc.idl", "security.idl", "winreg.idl"; } spoolss_SetPrinterInfo2; typedef struct { - security_descriptor *secdesc; + uint32 sec_desc_ptr; } spoolss_SetPrinterInfo3; typedef struct { diff --git a/source3/include/proto.h b/source3/include/proto.h index 14241d5..3ca94b9 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -695,8 +695,13 @@ SEC_DESC *dup_sec_desc(TALLOC_CTX *ctx, const SEC_DESC *src); NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx, struct security_descriptor *secdesc, uint8 **data, size_t *len); +NTSTATUS marshall_sec_desc_buf(TALLOC_CTX *mem_ctx, + struct sec_desc_buf *secdesc_buf, + uint8_t **data, size_t *len); NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, struct security_descriptor **psecdesc); +NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len, + struct sec_desc_buf **psecdesc_buf); SEC_DESC *make_standard_sec_desc(TALLOC_CTX *ctx, const DOM_SID *owner_sid, const DOM_SID *grp_sid, SEC_ACL *dacl, size_t *sd_size); SEC_DESC_BUF *make_sec_desc_buf(TALLOC_CTX *ctx, size_t len, SEC_DESC *sec_desc); diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c index 232bbca..a81c4ae 100644 --- a/source3/lib/secdesc.c +++ b/source3/lib/secdesc.c @@ -291,6 +291,32 @@ NTSTATUS marshall_sec_desc(TALLOC_CTX *mem_ctx, } /******************************************************************* + Convert a secdesc_buf into a byte stream +********************************************************************/ + +NTSTATUS marshall_sec_desc_buf(TALLOC_CTX *mem_ctx, + struct sec_desc_buf *secdesc_buf, + uint8_t **data, size_t *len) +{ + DATA_BLOB blob; + enum ndr_err_code ndr_err; + + ndr_err = ndr_push_struct_blob( + &blob, mem_ctx, NULL, secdesc_buf, + (ndr_push_flags_fn_t)ndr_push_sec_desc_buf); + + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + DEBUG(0, ("ndr_push_sec_desc_buf failed: %s\n", + ndr_errstr(ndr_err))); + return ndr_map_error2ntstatus(ndr_err);; + } + + *data = blob.data; + *len = blob.length; + return NT_STATUS_OK; +} + +/******************************************************************* Parse a byte stream into a secdesc ********************************************************************/ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, @@ -327,6 +353,43 @@ NTSTATUS unmarshall_sec_desc(TALLOC_CTX *mem_ctx, uint8 *data, size_t len, } /******************************************************************* + Parse a byte stream into a sec_desc_buf +********************************************************************/ + +NTSTATUS unmarshall_sec_desc_buf(TALLOC_CTX *mem_ctx, uint8_t *data, size_t len, + struct sec_desc_buf **psecdesc_buf) +{ + DATA_BLOB blob; + enum ndr_err_code ndr_err; + struct sec_desc_buf *result; + + if ((data == NULL) || (len == 0)) { + return NT_STATUS_INVALID_PARAMETER; + } + + result = TALLOC_ZERO_P(mem_ctx, struct sec_desc_buf); + if (result == NULL) { + return NT_STATUS_NO_MEMORY; + } + + blob = data_blob_const(data, len); + + ndr_err = ndr_pull_struct_blob( + &blob, result, NULL, result, + (ndr_pull_flags_fn_t)ndr_pull_sec_desc_buf); + + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { + DEBUG(0, ("ndr_pull_sec_desc_buf failed: %s\n", + ndr_errstr(ndr_err))); + TALLOC_FREE(result); + return ndr_map_error2ntstatus(ndr_err);; + } + + *psecdesc_buf = result; + return NT_STATUS_OK; +} + +/******************************************************************* Creates a SEC_DESC structure with typical defaults. ********************************************************************/ diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index ad3a958..bbe8ebc 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5408,11 +5408,12 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr) { SEC_DESC_BUF *new_secdesc_ctr = NULL; SEC_DESC_BUF *old_secdesc_ctr = NULL; - prs_struct ps; - bool prs_init_done = false; TALLOC_CTX *mem_ctx = NULL; TDB_DATA kbuf; + TDB_DATA dbuf; + DATA_BLOB blob; WERROR status; + NTSTATUS nt_status; mem_ctx = talloc_init("nt_printing_setsec"); if (mem_ctx == NULL) @@ -5474,26 +5475,19 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr) /* Store the security descriptor in a tdb */ - if (!prs_init(&ps, - (uint32_t)ndr_size_security_descriptor(new_secdesc_ctr->sd, - NULL, 0) - + sizeof(SEC_DESC_BUF), mem_ctx, MARSHALL) ) { - status = WERR_NOMEM; - goto out; - } - - - prs_init_done = true; - - if (!sec_io_desc_buf("nt_printing_setsec", &new_secdesc_ctr, - &ps, 1)) { - status = WERR_BADFUNC; + nt_status = marshall_sec_desc_buf(mem_ctx, new_secdesc_ctr, + &blob.data, &blob.length); + if (!NT_STATUS_IS_OK(nt_status)) { + status = ntstatus_to_werror(nt_status); goto out; } kbuf = make_printers_secdesc_tdbkey(mem_ctx, sharename ); - if (tdb_prs_store(tdb_printers, kbuf, &ps)==0) { + dbuf.dptr = (unsigned char *)blob.data; + dbuf.dsize = blob.length; + + if (tdb_trans_store(tdb_printers, kbuf, dbuf, TDB_REPLACE)==0) { status = WERR_OK; } else { DEBUG(1,("Failed to store secdesc for %s\n", sharename)); @@ -5501,12 +5495,10 @@ WERROR nt_printing_setsec(const char *sharename, SEC_DESC_BUF *secdesc_ctr) } /* Free malloc'ed memory */ + talloc_free(blob.data); out: - if (prs_init_done) { - prs_mem_free(&ps); - } if (mem_ctx) talloc_destroy(mem_ctx); return status; @@ -5602,47 +5594,45 @@ static SEC_DESC_BUF *construct_default_printer_sdb(TALLOC_CTX *ctx) bool nt_printing_getsec(TALLOC_CTX *ctx, const char *sharename, SEC_DESC_BUF **secdesc_ctr) { - prs_struct ps; TDB_DATA kbuf; + TDB_DATA dbuf; + DATA_BLOB blob; char *temp; + NTSTATUS status; if (strlen(sharename) > 2 && (temp = strchr(sharename + 2, '\\'))) { sharename = temp + 1; } - ZERO_STRUCT(ps); - /* Fetch security descriptor from tdb */ - kbuf = make_printers_secdesc_tdbkey(ctx, sharename ); - - if (tdb_prs_fetch(tdb_printers, kbuf, &ps, ctx)!=0 || - !sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) { - - prs_mem_free(&ps); - - DEBUG(4,("using default secdesc for %s\n", sharename)); + kbuf = make_printers_secdesc_tdbkey(ctx, sharename); - if (!(*secdesc_ctr = construct_default_printer_sdb(ctx))) { - return False; - } - - /* Save default security descriptor for later */ + dbuf = tdb_fetch(tdb_printers, kbuf); + if (dbuf.dptr) { - if (!prs_init(&ps, (uint32_t)ndr_size_security_descriptor((*secdesc_ctr)->sd, NULL, 0) + - sizeof(SEC_DESC_BUF), ctx, MARSHALL)) - return False; + status = unmarshall_sec_desc_buf(ctx, dbuf.dptr, dbuf.dsize, + secdesc_ctr); + SAFE_FREE(dbuf.dptr); - if (sec_io_desc_buf("nt_printing_getsec", secdesc_ctr, &ps, 1)) { - tdb_prs_store(tdb_printers, kbuf, &ps); + if (NT_STATUS_IS_OK(status)) { + return true; } + } - prs_mem_free(&ps); - - return True; + *secdesc_ctr = construct_default_printer_sdb(ctx); + if (!*secdesc_ctr) { + return false; } - prs_mem_free(&ps); + status = marshall_sec_desc_buf(ctx, *secdesc_ctr, + &blob.data, &blob.length); + if (NT_STATUS_IS_OK(status)) { + dbuf.dptr = (unsigned char *)blob.data; + dbuf.dsize = blob.length; + tdb_trans_store(tdb_printers, kbuf, dbuf, TDB_REPLACE); + talloc_free(blob.data); + } /* If security descriptor is owned by S-1-1-0 and winbindd is up, this security descriptor has been created when winbindd was -- Samba Shared Repository