diff options
| author | Jean-François Micouleau <jfm@samba.org> | 2001-11-29 16:05:05 +0000 |
|---|---|---|
| committer | Jean-François Micouleau <jfm@samba.org> | 2001-11-29 16:05:05 +0000 |
| commit | 3f0a9ef2b8c626cfa2878394bb7b642342342bf3 (patch) | |
| tree | 1f8d233b414ef8bf4de9d6398d3b154163433ea0 /source/rpc_parse | |
| parent | 2a4ce3de6ae8fb833370d1f9d6e5e7193fafa979 (diff) | |
| download | samba-3f0a9ef2b8c626cfa2878394bb7b642342342bf3.tar.gz samba-3f0a9ef2b8c626cfa2878394bb7b642342342bf3.tar.xz samba-3f0a9ef2b8c626cfa2878394bb7b642342342bf3.zip | |
Changed again how the privilege list is handled in the group mapping code.
This time it's a PRIVILEGE_SET struct instead of a simple uint32 array. It
makes much more sense. Also added a uint32 systemaccount to the GROUP_MAP
struct as some privilege showing in USRMGR.EXE are not real privs but a
bitmask flag. I guess it's an heritage from NT 3.0 ! I could setup an NT
3.1 box to verify, but I'm too lazy (yes I still have my CDs).
Added 3 more LSA calls: SetSystemAccount, AddPrivileges and
RemovePrivileges, we can manage all this privilege from UserManager.
Time to change the NT_USER_TOKEN struct and add checks in all the rpc
functions. Fun, fun, fun.
J.F.
Diffstat (limited to 'source/rpc_parse')
| -rw-r--r-- | source/rpc_parse/parse_lsa.c | 152 |
1 files changed, 152 insertions, 0 deletions
diff --git a/source/rpc_parse/parse_lsa.c b/source/rpc_parse/parse_lsa.c index b5f51de697f..90fa8d8fffd 100644 --- a/source/rpc_parse/parse_lsa.c +++ b/source/rpc_parse/parse_lsa.c @@ -1814,6 +1814,7 @@ void init_lsa_r_enum_privsaccount(LSA_R_ENUMPRIVSACCOUNT *r_u, LUID_ATTR *set, u r_u->set.set=set; r_u->set.count=count; r_u->set.control=control; + DEBUG(10,("init_lsa_r_enum_privsaccount: %d %d privileges\n", r_u->count, r_u->set.count)); } /******************************************************************* @@ -1894,6 +1895,47 @@ BOOL lsa_io_r_getsystemaccount(char *desc, LSA_R_GETSYSTEMACCOUNT *r_c, prs_str return True; } + +/******************************************************************* + Reads or writes an LSA_Q_SETSYSTEMACCOUNT structure. +********************************************************************/ + +BOOL lsa_io_q_setsystemaccount(char *desc, LSA_Q_SETSYSTEMACCOUNT *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_setsystemaccount"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + return False; + + if(!prs_uint32("access", ps, depth, &r_c->access)) + return False; + + return True; +} + +/******************************************************************* + Reads or writes an LSA_R_SETSYSTEMACCOUNT structure. +********************************************************************/ + +BOOL lsa_io_r_setsystemaccount(char *desc, LSA_R_SETSYSTEMACCOUNT *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_setsystemaccount"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!prs_ntstatus("status", ps, depth, &r_c->status)) + return False; + + return True; +} + + void init_lsa_q_lookupprivvalue(LSA_Q_LOOKUPPRIVVALUE *trn, POLICY_HND *hnd, char *name) { int len_name = strlen(name); @@ -1948,3 +1990,113 @@ BOOL lsa_io_r_lookupprivvalue(char *desc, LSA_R_LOOKUPPRIVVALUE *r_c, prs_struc return True; } + + +/******************************************************************* + Reads or writes an LSA_Q_ADDPRIVS structure. +********************************************************************/ + +BOOL lsa_io_q_addprivs(char *desc, LSA_Q_ADDPRIVS *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_addprivs"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + return False; + + if(!prs_uint32("count", ps, depth, &r_c->count)) + return False; + + if (UNMARSHALLING(ps) && r_c->count!=0) { + if (!(r_c->set.set = (LUID_ATTR *)prs_alloc_mem(ps,sizeof(LUID_ATTR) * r_c->count))) + return False; + } + + if(!lsa_io_privilege_set(desc, &r_c->set, ps, depth)) + return False; + + return True; +} + +/******************************************************************* + Reads or writes an LSA_R_ADDPRIVS structure. +********************************************************************/ + +BOOL lsa_io_r_addprivs(char *desc, LSA_R_ADDPRIVS *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_addprivs"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!prs_ntstatus("status", ps, depth, &r_c->status)) + return False; + + return True; +} + +/******************************************************************* + Reads or writes an LSA_Q_REMOVEPRIVS structure. +********************************************************************/ + +BOOL lsa_io_q_removeprivs(char *desc, LSA_Q_REMOVEPRIVS *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_q_removeprivs"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!smb_io_pol_hnd("pol", &r_c->pol, ps, depth)) + return False; + + if(!prs_uint32("allrights", ps, depth, &r_c->allrights)) + return False; + + if(!prs_uint32("ptr", ps, depth, &r_c->ptr)) + return False; + + /* + * JFM: I'm not sure at all if the count is inside the ptr + * never seen one with ptr=0 + */ + + if (r_c->ptr!=0) { + if(!prs_uint32("count", ps, depth, &r_c->count)) + return False; + + if (UNMARSHALLING(ps) && r_c->count!=0) { + if (!(r_c->set.set = (LUID_ATTR *)prs_alloc_mem(ps,sizeof(LUID_ATTR) * r_c->count))) + return False; + } + + if(!lsa_io_privilege_set(desc, &r_c->set, ps, depth)) + return False; + } + + return True; +} + +/******************************************************************* + Reads or writes an LSA_R_REMOVEPRIVS structure. +********************************************************************/ + +BOOL lsa_io_r_removeprivs(char *desc, LSA_R_REMOVEPRIVS *r_c, prs_struct *ps, int depth) +{ + prs_debug(ps, depth, desc, "lsa_io_r_removeprivs"); + depth++; + + if(!prs_align(ps)) + return False; + + if(!prs_ntstatus("status", ps, depth, &r_c->status)) + return False; + + return True; +} + + |