Changeset 740 for vendor/current/source3/smbd/lanman.c
- Timestamp:
- Nov 14, 2012, 12:59:34 PM (13 years ago)
- File:
-
- 1 edited
-
vendor/current/source3/smbd/lanman.c (modified) (171 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source3/smbd/lanman.c
r414 r740 1 /* 1 /* 2 2 Unix SMB/CIFS implementation. 3 3 Inter-process communication and named pipe handling … … 27 27 28 28 #include "includes.h" 29 #include "smbd/smbd.h" 29 30 #include "smbd/globals.h" 30 #include "../librpc/gen_ndr/cli_samr.h" 31 #include "../librpc/gen_ndr/srv_samr.h" 31 #include "rpc_client/rpc_client.h" 32 #include "../librpc/gen_ndr/ndr_samr_c.h" 33 #include "../librpc/gen_ndr/ndr_spoolss_c.h" 34 #include "rpc_client/cli_spoolss.h" 35 #include "rpc_client/init_spoolss.h" 36 #include "../librpc/gen_ndr/ndr_srvsvc_c.h" 37 #include "../librpc/gen_ndr/rap.h" 32 38 #include "../lib/util/binsearch.h" 39 #include "../libcli/auth/libcli_auth.h" 40 #include "rpc_client/init_lsa.h" 41 #include "../libcli/security/security.h" 42 #include "printing.h" 43 #include "passdb/machine_sid.h" 44 #include "auth.h" 45 #include "rpc_server/rpc_ncacn_np.h" 33 46 34 47 #ifdef CHECK_TYPES … … 66 79 } 67 80 68 static bool api_Unsupported(connection_struct *conn, uint16 vuid, 81 static bool api_Unsupported(struct smbd_server_connection *sconn, 82 connection_struct *conn, uint16 vuid, 69 83 char *param, int tpscnt, 70 84 char *data, int tdscnt, … … 73 87 int *rdata_len, int *rparam_len); 74 88 75 static bool api_TooSmall(connection_struct *conn, uint16 vuid, char *param, char *data, 89 static bool api_TooSmall(struct smbd_server_connection *sconn, 90 connection_struct *conn, uint16 vuid, char *param, char *data, 76 91 int mdrcnt, int mprcnt, 77 92 char **rdata, char **rparam, … … 103 118 buf = talloc_sub_advanced(ctx, 104 119 lp_servicename(SNUM(conn)), 105 conn->se rver_info->unix_name,120 conn->session_info->unix_name, 106 121 conn->connectpath, 107 conn->se rver_info->utok.gid,108 conn->se rver_info->sanitized_username,109 pdb_get_domain(conn->server_info->sam_account),122 conn->session_info->utok.gid, 123 conn->session_info->sanitized_username, 124 conn->session_info->info3->base.domain.string, 110 125 buf); 111 126 if (!buf) { … … 154 169 buf = talloc_sub_advanced(ctx, 155 170 lp_servicename(SNUM(conn)), 156 conn->se rver_info->unix_name,171 conn->session_info->unix_name, 157 172 conn->connectpath, 158 conn->se rver_info->utok.gid,159 conn->se rver_info->sanitized_username,160 pdb_get_domain(conn->server_info->sam_account),173 conn->session_info->utok.gid, 174 conn->session_info->sanitized_username, 175 conn->session_info->info3->base.domain.string, 161 176 buf); 162 177 if (!buf) { … … 164 179 } 165 180 return strlen(buf) + 1; 166 }167 168 static char *Expand(connection_struct *conn, int snum, char *s)169 {170 TALLOC_CTX *ctx = talloc_tos();171 char *buf = NULL;172 173 if (!s) {174 return NULL;175 }176 buf = talloc_strdup(ctx,s);177 if (!buf) {178 return 0;179 }180 buf = talloc_string_sub(ctx,buf,"%S",lp_servicename(snum));181 if (!buf) {182 return 0;183 }184 return talloc_sub_advanced(ctx,185 lp_servicename(SNUM(conn)),186 conn->server_info->unix_name,187 conn->connectpath,188 conn->server_info->utok.gid,189 conn->server_info->sanitized_username,190 pdb_get_domain(conn->server_info->sam_account),191 buf);192 181 } 193 182 … … 208 197 int subcount; /* count of substructures */ 209 198 char *structbuf; /* pointer into buffer for remaining fixed part */ 210 int stringlen; /* remaining size for variable part */ 199 int stringlen; /* remaining size for variable part */ 211 200 char *stringbuf; /* pointer into buffer for remaining variable part */ 212 201 int neededlen; /* total needed size */ … … 529 518 #define RAP_QUEUE_STATUS_ERROR 2 530 519 531 /* turn a print job status into a on the wire status 520 /* turn a print job status into a on the wire status 532 521 */ 533 static int printj_status(int v) 534 { 535 switch (v) { 536 case LPQ_QUEUED: 522 static int printj_spoolss_status(int v) 523 { 524 if (v == JOB_STATUS_QUEUED) 537 525 return RAP_JOB_STATUS_QUEUED; 538 case LPQ_PAUSED:526 if (v & JOB_STATUS_PAUSED) 539 527 return RAP_JOB_STATUS_PAUSED; 540 case LPQ_SPOOLING:528 if (v & JOB_STATUS_SPOOLING) 541 529 return RAP_JOB_STATUS_SPOOLING; 542 case LPQ_PRINTING:530 if (v & JOB_STATUS_PRINTING) 543 531 return RAP_JOB_STATUS_PRINTING; 544 }545 532 return 0; 546 533 } 547 534 548 /* turn a print queue status into a on the wire status 535 /* turn a print queue status into a on the wire status 549 536 */ 550 static int printq_status(int v) 551 { 552 switch (v) { 553 case LPQ_QUEUED: 537 static int printq_spoolss_status(int v) 538 { 539 if (v == PRINTER_STATUS_OK) 554 540 return 0; 555 case LPQ_PAUSED:541 if (v & PRINTER_STATUS_PAUSED) 556 542 return RAP_QUEUE_STATUS_PAUSED; 557 }558 543 return RAP_QUEUE_STATUS_ERROR; 559 544 } 560 545 561 static void fill_printjob_info(connection_struct *conn, int snum, int uLevel, 562 struct pack_desc *desc, 563 print_queue_struct *queue, int n) 564 { 565 time_t t = queue->time; 546 static void fill_spoolss_printjob_info(int uLevel, 547 struct pack_desc *desc, 548 struct spoolss_JobInfo2 *info2, 549 int n) 550 { 551 time_t t = spoolss_Time_to_time_t(&info2->submitted); 566 552 567 553 /* the client expects localtime */ 568 554 t -= get_time_zone(t); 569 555 570 PACKI(desc,"W",pjobid_to_rap( lp_const_servicename(snum),queue->job)); /* uJobId */556 PACKI(desc,"W",pjobid_to_rap(info2->printer_name, info2->job_id)); /* uJobId */ 571 557 if (uLevel == 1) { 572 PACKS(desc,"B21", queue->fs_user); /* szUserName */558 PACKS(desc,"B21", info2->user_name); /* szUserName */ 573 559 PACKS(desc,"B",""); /* pad */ 574 560 PACKS(desc,"B16",""); /* szNotifyName */ … … 576 562 PACKS(desc,"z",""); /* pszParms */ 577 563 PACKI(desc,"W",n+1); /* uPosition */ 578 PACKI(desc,"W", printj_status(queue->status)); /* fsStatus */564 PACKI(desc,"W", printj_spoolss_status(info2->status)); /* fsStatus */ 579 565 PACKS(desc,"z",""); /* pszStatus */ 566 PACKI(desc,"D", t); /* ulSubmitted */ 567 PACKI(desc,"D", info2->size); /* ulSize */ 568 PACKS(desc,"z", info2->document_name); /* pszComment */ 569 } 570 if (uLevel == 2 || uLevel == 3 || uLevel == 4) { 571 PACKI(desc,"W", info2->priority); /* uPriority */ 572 PACKS(desc,"z", info2->user_name); /* pszUserName */ 573 PACKI(desc,"W",n+1); /* uPosition */ 574 PACKI(desc,"W", printj_spoolss_status(info2->status)); /* fsStatus */ 580 575 PACKI(desc,"D",t); /* ulSubmitted */ 581 PACKI(desc,"D",queue->size); /* ulSize */ 582 PACKS(desc,"z",queue->fs_file); /* pszComment */ 583 } 584 if (uLevel == 2 || uLevel == 3 || uLevel == 4) { 585 PACKI(desc,"W",queue->priority); /* uPriority */ 586 PACKS(desc,"z",queue->fs_user); /* pszUserName */ 587 PACKI(desc,"W",n+1); /* uPosition */ 588 PACKI(desc,"W",printj_status(queue->status)); /* fsStatus */ 589 PACKI(desc,"D",t); /* ulSubmitted */ 590 PACKI(desc,"D",queue->size); /* ulSize */ 576 PACKI(desc,"D", info2->size); /* ulSize */ 591 577 PACKS(desc,"z","Samba"); /* pszComment */ 592 PACKS(desc,"z", queue->fs_file); /* pszDocument */578 PACKS(desc,"z", info2->document_name); /* pszDocument */ 593 579 if (uLevel == 3) { 594 580 PACKS(desc,"z",""); /* pszNotifyName */ … … 596 582 PACKS(desc,"z",""); /* pszParms */ 597 583 PACKS(desc,"z",""); /* pszStatus */ 598 PACKS(desc,"z", SERVICE(snum)); /* pszQueue */584 PACKS(desc,"z", info2->printer_name); /* pszQueue */ 599 585 PACKS(desc,"z","lpd"); /* pszQProcName */ 600 586 PACKS(desc,"z",""); /* pszQProcParms */ … … 618 604 619 605 /******************************************************************** 620 Return a driver name given an snum.621 Returns True if from tdb, False otherwise.622 ********************************************************************/623 624 static bool get_driver_name(int snum, char **pp_drivername)625 {626 NT_PRINTER_INFO_LEVEL *info = NULL;627 bool in_tdb = false;628 629 get_a_printer (NULL, &info, 2, lp_servicename(snum));630 if (info != NULL) {631 *pp_drivername = talloc_strdup(talloc_tos(),632 info->info_2->drivername);633 in_tdb = true;634 free_a_printer(&info, 2);635 if (!*pp_drivername) {636 return false;637 }638 }639 640 return in_tdb;641 }642 643 /********************************************************************644 606 Respond to the DosPrintQInfo command with a level of 52 645 607 This is used to get printer driver information for Win9x clients 646 608 ********************************************************************/ 647 static void fill_printq_info_52(connection_struct *conn, int snum, 648 struct pack_desc* desc, int count ) 609 static void fill_printq_info_52(struct spoolss_DriverInfo3 *driver, 610 struct pack_desc* desc, int count, 611 const char *printer_name) 649 612 { 650 613 int i; 651 614 fstring location; 652 struct spoolss_DriverInfo8 *driver = NULL;653 NT_PRINTER_INFO_LEVEL *printer = NULL;654 655 if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) {656 DEBUG(3,("fill_printq_info_52: Failed to lookup printer [%s]\n",657 lp_servicename(snum)));658 goto err;659 }660 661 if (!W_ERROR_IS_OK(get_a_printer_driver(talloc_tos(), &driver, printer->info_2->drivername,662 "Windows 4.0", 0)) )663 {664 DEBUG(3,("fill_printq_info_52: Failed to lookup driver [%s]\n",665 printer->info_2->drivername));666 goto err;667 }668 669 615 trim_string((char *)driver->driver_path, "\\print$\\WIN40\\0\\", 0); 670 616 trim_string((char *)driver->data_file, "\\print$\\WIN40\\0\\", 0); … … 706 652 count, i)); 707 653 708 DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", SERVICE(snum),i));654 DEBUG(3,("fill_printq_info on <%s> gave %d entries\n", printer_name, i)); 709 655 710 656 desc->errcode=NERR_Success; 711 goto done; 712 713 err: 714 DEBUG(3,("fill_printq_info: Can't supply driver files\n")); 715 desc->errcode=NERR_notsupported; 716 717 done: 718 if ( printer ) 719 free_a_printer( &printer, 2 ); 720 721 free_a_printer_driver(driver); 722 } 723 724 725 static void fill_printq_info(connection_struct *conn, int snum, int uLevel, 657 658 } 659 660 static const char *strip_unc(const char *unc) 661 { 662 char *p; 663 664 if (unc == NULL) { 665 return NULL; 666 } 667 668 if ((p = strrchr(unc, '\\')) != NULL) { 669 return p+1; 670 } 671 672 return unc; 673 } 674 675 static void fill_printq_info(int uLevel, 726 676 struct pack_desc* desc, 727 int count, print_queue_struct* queue, 728 print_status_struct* status) 677 int count, 678 union spoolss_JobInfo *job_info, 679 struct spoolss_DriverInfo3 *driver_info, 680 struct spoolss_PrinterInfo2 *printer_info) 729 681 { 730 682 switch (uLevel) { 683 case 0: 731 684 case 1: 732 685 case 2: 733 PACKS(desc,"B13", SERVICE(snum));686 PACKS(desc,"B13", strip_unc(printer_info->printername)); 734 687 break; 735 688 case 3: 736 689 case 4: 737 690 case 5: 738 PACKS(desc,"z", Expand(conn,snum,SERVICE(snum)));691 PACKS(desc,"z", strip_unc(printer_info->printername)); 739 692 break; 740 693 case 51: 741 PACKI(desc,"K", printq_status(status->status));694 PACKI(desc,"K", printq_spoolss_status(printer_info->status)); 742 695 break; 743 696 } … … 750 703 PACKS(desc,"z",""); /* pSepFile */ 751 704 PACKS(desc,"z","lpd"); /* pPrProc */ 752 PACKS(desc,"z", SERVICE(snum)); /* pDestinations */705 PACKS(desc,"z", strip_unc(printer_info->printername)); /* pDestinations */ 753 706 PACKS(desc,"z",""); /* pParms */ 754 if ( snum < 0) {707 if (printer_info->printername == NULL) { 755 708 PACKS(desc,"z","UNKNOWN PRINTER"); 756 709 PACKI(desc,"W",LPSTAT_ERROR); 757 }758 else if (!status || !status->message[0]) {759 PACKS(desc,"z",Expand(conn,snum,lp_comment(snum)));760 PACKI(desc,"W",LPSTAT_OK); /* status */761 710 } else { 762 PACKS(desc,"z", status->message);763 PACKI(desc,"W", printq_status(status->status)); /* status */711 PACKS(desc,"z", printer_info->comment); 712 PACKI(desc,"W", printq_spoolss_status(printer_info->status)); /* status */ 764 713 } 765 714 PACKI(desc,(uLevel == 1 ? "W" : "N"),count); … … 767 716 768 717 if (uLevel == 3 || uLevel == 4) { 769 char *drivername = NULL;770 771 718 PACKI(desc,"W",5); /* uPriority */ 772 719 PACKI(desc,"W",0); /* uStarttime */ … … 779 726 /* "don't ask" that it's done this way to fix corrupted 780 727 Win9X/ME printer comments. */ 781 if (!status) { 782 PACKI(desc,"W",LPSTAT_OK); /* fsStatus */ 783 } else { 784 PACKI(desc,"W",printq_status(status->status)); /* fsStatus */ 785 } 728 PACKI(desc,"W", printq_spoolss_status(printer_info->status)); /* fsStatus */ 786 729 PACKI(desc,(uLevel == 3 ? "W" : "N"),count); /* cJobs */ 787 PACKS(desc,"z",SERVICE(snum)); /* pszPrinters */ 788 get_driver_name(snum,&drivername); 789 if (!drivername) { 790 return; 791 } 792 PACKS(desc,"z",drivername); /* pszDriverName */ 730 PACKS(desc,"z", strip_unc(printer_info->printername)); /* pszPrinters */ 731 PACKS(desc,"z", printer_info->drivername); /* pszDriverName */ 793 732 PackDriverData(desc); /* pDriverData */ 794 733 } … … 796 735 if (uLevel == 2 || uLevel == 4) { 797 736 int i; 798 for (i=0;i<count;i++) 799 fill_printjob_info(conn,snum,uLevel == 2 ? 1 : 2,desc,&queue[i],i); 737 for (i = 0; i < count; i++) { 738 fill_spoolss_printjob_info(uLevel == 2 ? 1 : 2, desc, &job_info[i].info2, i); 739 } 800 740 } 801 741 802 742 if (uLevel==52) 803 fill_printq_info_52( conn, snum, desc, count);743 fill_printq_info_52(driver_info, desc, count, printer_info->printername); 804 744 } 805 745 806 746 /* This function returns the number of files for a given driver */ 807 static int get_printerdrivernumber( int snum)747 static int get_printerdrivernumber(const struct spoolss_DriverInfo3 *driver) 808 748 { 809 749 int result = 0; 810 struct spoolss_DriverInfo8 *driver;811 NT_PRINTER_INFO_LEVEL *printer = NULL;812 813 ZERO_STRUCT(driver);814 815 if ( !W_ERROR_IS_OK(get_a_printer( NULL, &printer, 2, lp_servicename(snum))) ) {816 DEBUG(3,("get_printerdrivernumber: Failed to lookup printer [%s]\n",817 lp_servicename(snum)));818 goto done;819 }820 821 if (!W_ERROR_IS_OK(get_a_printer_driver(talloc_tos(), &driver, printer->info_2->drivername,822 "Windows 4.0", 0)) )823 {824 DEBUG(3,("get_printerdrivernumber: Failed to lookup driver [%s]\n",825 printer->info_2->drivername));826 goto done;827 }828 750 829 751 /* count the number of files */ 830 752 while (driver->dependent_files && *driver->dependent_files[result]) 831 753 result++; 832 done:833 if ( printer )834 free_a_printer( &printer, 2 );835 836 free_a_printer_driver(driver);837 754 838 755 return result; 839 756 } 840 757 841 static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, 758 static bool api_DosPrintQGetInfo(struct smbd_server_connection *sconn, 759 connection_struct *conn, uint16 vuid, 842 760 char *param, int tpscnt, 843 761 char *data, int tdscnt, … … 851 769 char *QueueName = p; 852 770 unsigned int uLevel; 853 int count=0; 854 int snum; 771 uint32_t count = 0; 855 772 char *str3; 856 773 struct pack_desc desc; 857 print_queue_struct *queue=NULL;858 print_status_struct status;859 774 char* tmpdata=NULL; 860 775 776 WERROR werr = WERR_OK; 777 TALLOC_CTX *mem_ctx = talloc_tos(); 778 NTSTATUS status; 779 struct rpc_pipe_client *cli = NULL; 780 struct dcerpc_binding_handle *b = NULL; 781 struct policy_handle handle; 782 struct spoolss_DevmodeContainer devmode_ctr; 783 union spoolss_DriverInfo driver_info; 784 union spoolss_JobInfo *job_info = NULL; 785 union spoolss_PrinterInfo printer_info; 786 861 787 if (!str1 || !str2 || !p) { 862 788 return False; 863 789 } 864 memset((char *)&status,'\0',sizeof(status));865 790 memset((char *)&desc,'\0',sizeof(desc)); 866 791 … … 900 825 } 901 826 902 snum = find_service(QueueName); 903 if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) 904 return False; 827 ZERO_STRUCT(handle); 828 829 if (QueueName == NULL || (strlen(QueueName) < 1)) { 830 desc.errcode = W_ERROR_V(WERR_INVALID_PARAM); 831 goto out; 832 } 833 834 status = rpc_pipe_open_interface(conn, 835 &ndr_table_spoolss.syntax_id, 836 conn->session_info, 837 &conn->sconn->client_id, 838 conn->sconn->msg_ctx, 839 &cli); 840 if (!NT_STATUS_IS_OK(status)) { 841 DEBUG(0,("api_DosPrintQGetInfo: could not connect to spoolss: %s\n", 842 nt_errstr(status))); 843 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 844 goto out; 845 } 846 b = cli->binding_handle; 847 848 ZERO_STRUCT(devmode_ctr); 849 850 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 851 QueueName, 852 "RAW", 853 devmode_ctr, 854 PRINTER_ACCESS_USE, 855 &handle, 856 &werr); 857 if (!NT_STATUS_IS_OK(status)) { 858 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 859 goto out; 860 } 861 if (!W_ERROR_IS_OK(werr)) { 862 desc.errcode = W_ERROR_V(werr); 863 goto out; 864 } 865 866 werr = rpccli_spoolss_getprinter(cli, mem_ctx, 867 &handle, 868 2, 869 0, 870 &printer_info); 871 if (!W_ERROR_IS_OK(werr)) { 872 desc.errcode = W_ERROR_V(werr); 873 goto out; 874 } 905 875 906 876 if (uLevel==52) { 907 count = get_printerdrivernumber(snum); 877 uint32_t server_major_version; 878 uint32_t server_minor_version; 879 880 werr = rpccli_spoolss_getprinterdriver2(cli, mem_ctx, 881 &handle, 882 "Windows 4.0", 883 3, /* level */ 884 0, 885 0, /* version */ 886 0, 887 &driver_info, 888 &server_major_version, 889 &server_minor_version); 890 if (!W_ERROR_IS_OK(werr)) { 891 desc.errcode = W_ERROR_V(werr); 892 goto out; 893 } 894 895 count = get_printerdrivernumber(&driver_info.info3); 908 896 DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count)); 909 897 } else { 910 count = print_queue_status(snum, &queue,&status); 898 uint32_t num_jobs; 899 werr = rpccli_spoolss_enumjobs(cli, mem_ctx, 900 &handle, 901 0, /* firstjob */ 902 0xff, /* numjobs */ 903 2, /* level */ 904 0, /* offered */ 905 &num_jobs, 906 &job_info); 907 if (!W_ERROR_IS_OK(werr)) { 908 desc.errcode = W_ERROR_V(werr); 909 goto out; 910 } 911 912 count = num_jobs; 911 913 } 912 914 … … 914 916 *rdata = smb_realloc_limit(*rdata,mdrcnt); 915 917 if (!*rdata) { 916 SAFE_FREE(queue);917 918 return False; 918 919 } … … 930 931 if (init_package(&desc,1,count)) { 931 932 desc.subcount = count; 932 fill_printq_info( conn,snum,uLevel,&desc,count,queue,&status);933 fill_printq_info(uLevel,&desc,count, job_info, &driver_info.info3, &printer_info.info2); 933 934 } 934 935 … … 943 944 desc.errcode = ERRbuftoosmall; 944 945 946 out: 947 if (b && is_valid_policy_hnd(&handle)) { 948 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 949 } 950 945 951 *rdata_len = desc.usedlen; 946 952 *rparam_len = 6; 947 953 *rparam = smb_realloc_limit(*rparam,*rparam_len); 948 954 if (!*rparam) { 949 SAFE_FREE(queue);950 955 SAFE_FREE(tmpdata); 951 956 return False; … … 957 962 DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); 958 963 959 SAFE_FREE(queue);960 964 SAFE_FREE(tmpdata); 961 965 … … 967 971 ****************************************************************************/ 968 972 969 static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, 973 static bool api_DosPrintQEnum(struct smbd_server_connection *sconn, 974 connection_struct *conn, uint16 vuid, 970 975 char *param, int tpscnt, 971 976 char *data, int tdscnt, … … 979 984 unsigned int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); 980 985 char *output_format2 = get_safe_str_ptr(param,tpscnt,p,4); 981 int services = lp_numservices(); 982 int i, n; 986 int i; 983 987 struct pack_desc desc; 984 print_queue_struct **queue = NULL;985 print_status_struct *status = NULL;986 988 int *subcntarr = NULL; 987 989 int queuecnt = 0, subcnt = 0, succnt = 0; 990 991 WERROR werr = WERR_OK; 992 TALLOC_CTX *mem_ctx = talloc_tos(); 993 NTSTATUS status; 994 struct rpc_pipe_client *cli = NULL; 995 struct dcerpc_binding_handle *b = NULL; 996 struct spoolss_DevmodeContainer devmode_ctr; 997 uint32_t num_printers; 998 union spoolss_PrinterInfo *printer_info; 999 union spoolss_DriverInfo *driver_info; 1000 union spoolss_JobInfo **job_info; 988 1001 989 1002 if (!param_format || !output_format1 || !p) { … … 1016 1029 } 1017 1030 1018 for (i = 0; i < services; i++) { 1019 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { 1020 queuecnt++; 1021 } 1022 } 1023 1024 if((queue = SMB_MALLOC_ARRAY(print_queue_struct*, queuecnt)) == NULL) { 1025 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); 1031 status = rpc_pipe_open_interface(conn, 1032 &ndr_table_spoolss.syntax_id, 1033 conn->session_info, 1034 &conn->sconn->client_id, 1035 conn->sconn->msg_ctx, 1036 &cli); 1037 if (!NT_STATUS_IS_OK(status)) { 1038 DEBUG(0,("api_DosPrintQEnum: could not connect to spoolss: %s\n", 1039 nt_errstr(status))); 1040 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 1041 goto out; 1042 } 1043 b = cli->binding_handle; 1044 1045 werr = rpccli_spoolss_enumprinters(cli, mem_ctx, 1046 PRINTER_ENUM_LOCAL, 1047 cli->srv_name_slash, 1048 2, 1049 0, 1050 &num_printers, 1051 &printer_info); 1052 if (!W_ERROR_IS_OK(werr)) { 1053 desc.errcode = W_ERROR_V(werr); 1054 goto out; 1055 } 1056 1057 queuecnt = num_printers; 1058 1059 job_info = talloc_array(mem_ctx, union spoolss_JobInfo *, num_printers); 1060 if (job_info == NULL) { 1026 1061 goto err; 1027 1062 } 1028 memset(queue,0,queuecnt*sizeof(print_queue_struct*)); 1029 if((status = SMB_MALLOC_ARRAY(print_status_struct,queuecnt)) == NULL) {1030 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n"));1063 1064 driver_info = talloc_array(mem_ctx, union spoolss_DriverInfo, num_printers); 1065 if (driver_info == NULL) { 1031 1066 goto err; 1032 1067 } 1033 memset(status,0,queuecnt*sizeof(print_status_struct)); 1068 1034 1069 if((subcntarr = SMB_MALLOC_ARRAY(int,queuecnt)) == NULL) { 1035 1070 DEBUG(0,("api_DosPrintQEnum: malloc fail !\n")); 1036 1071 goto err; 1037 }1038 1039 subcnt = 0;1040 n = 0;1041 for (i = 0; i < services; i++) {1042 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) {1043 subcntarr[n] = print_queue_status(i, &queue[n],&status[n]);1044 subcnt += subcntarr[n];1045 n++;1046 }1047 1072 } 1048 1073 … … 1056 1081 desc.buflen = mdrcnt; 1057 1082 1083 subcnt = 0; 1084 for (i = 0; i < num_printers; i++) { 1085 1086 uint32_t num_jobs; 1087 struct policy_handle handle; 1088 const char *printername; 1089 1090 printername = talloc_strdup(mem_ctx, printer_info[i].info2.printername); 1091 if (printername == NULL) { 1092 goto err; 1093 } 1094 1095 ZERO_STRUCT(handle); 1096 ZERO_STRUCT(devmode_ctr); 1097 1098 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 1099 printername, 1100 "RAW", 1101 devmode_ctr, 1102 PRINTER_ACCESS_USE, 1103 &handle, 1104 &werr); 1105 if (!NT_STATUS_IS_OK(status)) { 1106 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 1107 goto out; 1108 } 1109 if (!W_ERROR_IS_OK(werr)) { 1110 desc.errcode = W_ERROR_V(werr); 1111 goto out; 1112 } 1113 1114 werr = rpccli_spoolss_enumjobs(cli, mem_ctx, 1115 &handle, 1116 0, /* firstjob */ 1117 0xff, /* numjobs */ 1118 2, /* level */ 1119 0, /* offered */ 1120 &num_jobs, 1121 &job_info[i]); 1122 if (!W_ERROR_IS_OK(werr)) { 1123 desc.errcode = W_ERROR_V(werr); 1124 goto out; 1125 } 1126 1127 if (uLevel==52) { 1128 uint32_t server_major_version; 1129 uint32_t server_minor_version; 1130 1131 werr = rpccli_spoolss_getprinterdriver2(cli, mem_ctx, 1132 &handle, 1133 "Windows 4.0", 1134 3, /* level */ 1135 0, 1136 0, /* version */ 1137 0, 1138 &driver_info[i], 1139 &server_major_version, 1140 &server_minor_version); 1141 if (!W_ERROR_IS_OK(werr)) { 1142 desc.errcode = W_ERROR_V(werr); 1143 goto out; 1144 } 1145 } 1146 1147 subcntarr[i] = num_jobs; 1148 subcnt += subcntarr[i]; 1149 1150 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 1151 } 1152 1058 1153 if (init_package(&desc,queuecnt,subcnt)) { 1059 n = 0; 1060 succnt = 0; 1061 for (i = 0; i < services; i++) { 1062 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { 1063 fill_printq_info(conn,i,uLevel,&desc,subcntarr[n],queue[n],&status[n]); 1064 n++; 1065 if (desc.errcode == NERR_Success) { 1066 succnt = n; 1067 } 1154 for (i = 0; i < num_printers; i++) { 1155 fill_printq_info(uLevel,&desc,subcntarr[i], job_info[i], &driver_info[i].info3, &printer_info[i].info2); 1156 if (desc.errcode == NERR_Success) { 1157 succnt = i; 1068 1158 } 1069 1159 } … … 1071 1161 1072 1162 SAFE_FREE(subcntarr); 1073 1163 out: 1074 1164 *rdata_len = desc.usedlen; 1075 1165 *rparam_len = 8; … … 1083 1173 SSVAL(*rparam,6,queuecnt); 1084 1174 1085 for (i = 0; i < queuecnt; i++) {1086 if (queue) {1087 SAFE_FREE(queue[i]);1088 }1089 }1090 1091 SAFE_FREE(queue);1092 SAFE_FREE(status);1093 1094 1175 return True; 1095 1176 … … 1097 1178 1098 1179 SAFE_FREE(subcntarr); 1099 for (i = 0; i < queuecnt; i++) {1100 if (queue) {1101 SAFE_FREE(queue[i]);1102 }1103 }1104 SAFE_FREE(queue);1105 SAFE_FREE(status);1106 1180 1107 1181 return False; … … 1112 1186 ****************************************************************************/ 1113 1187 1114 static bool check_se rver_info(int uLevel, char* id)1188 static bool check_session_info(int uLevel, char* id) 1115 1189 { 1116 1190 switch( uLevel ) { … … 1125 1199 } 1126 1200 break; 1127 default: 1201 default: 1128 1202 return False; 1129 1203 } … … 1144 1218 ******************************************************************/ 1145 1219 1146 static int get_se rver_info(uint32 servertype,1220 static int get_session_info(uint32 servertype, 1147 1221 struct srv_info_struct **servers, 1148 1222 const char *domain) … … 1185 1259 *servers = SMB_REALLOC_ARRAY(*servers,struct srv_info_struct, alloced); 1186 1260 if (!*servers) { 1187 DEBUG(0,("get_se rver_info: failed to enlarge servers info struct!\n"));1261 DEBUG(0,("get_session_info: failed to enlarge servers info struct!\n")); 1188 1262 TALLOC_FREE(lines); 1189 1263 return 0; … … 1244 1318 } 1245 1319 1246 if ((servertype & SV_TYPE_DOMAIN_ENUM) != 1320 if ((servertype & SV_TYPE_DOMAIN_ENUM) != 1247 1321 (s->type & SV_TYPE_DOMAIN_ENUM)) { 1248 1322 DEBUG(4,("s: dom mismatch ")); … … 1276 1350 ******************************************************************/ 1277 1351 1278 static int fill_srv_info(struct srv_info_struct *service, 1279 int uLevel, char **buf, int *buflen, 1352 static int fill_srv_info(struct srv_info_struct *service, 1353 int uLevel, char **buf, int *buflen, 1280 1354 char **stringbuf, int *stringspace, char *baseaddr) 1281 1355 { … … 1362 1436 ****************************************************************************/ 1363 1437 1364 static bool api_RNetServerEnum2(connection_struct *conn, uint16 vuid, 1438 static bool api_RNetServerEnum2(struct smbd_server_connection *sconn, 1439 connection_struct *conn, uint16 vuid, 1365 1440 char *param, int tpscnt, 1366 1441 char *data, int tdscnt, 1367 int mdrcnt, int mprcnt, char **rdata, 1442 int mdrcnt, int mprcnt, char **rdata, 1368 1443 char **rparam, int *rdata_len, int *rparam_len) 1369 1444 { … … 1397 1472 1398 1473 /* If someone sets SV_TYPE_LOCAL_LIST_ONLY but hasn't set 1399 any other bit (they may just set this bit on its own) they 1400 want all the locally seen servers. However this bit can be 1401 set on its own so set the requested servers to be 1474 any other bit (they may just set this bit on its own) they 1475 want all the locally seen servers. However this bit can be 1476 set on its own so set the requested servers to be 1402 1477 ALL - DOMAIN_ENUM. */ 1403 1478 … … 1414 1489 return False; 1415 1490 } 1416 if (!check_se rver_info(uLevel,str2)) {1491 if (!check_session_info(uLevel,str2)) { 1417 1492 return False; 1418 1493 } … … 1434 1509 1435 1510 if (lp_browse_list()) { 1436 total = get_se rver_info(servertype,&servers,domain);1511 total = get_session_info(servertype,&servers,domain); 1437 1512 } 1438 1513 … … 1440 1515 missed = 0; 1441 1516 1442 if (total > 0) { 1443 qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); 1444 } 1517 TYPESAFE_QSORT(servers, total, srv_comp); 1445 1518 1446 1519 { … … 1533 1606 } 1534 1607 1535 static bool api_RNetServerEnum3(connection_struct *conn, uint16 vuid, 1608 static bool api_RNetServerEnum3(struct smbd_server_connection *sconn, 1609 connection_struct *conn, uint16 vuid, 1536 1610 char *param, int tpscnt, 1537 1611 char *data, int tdscnt, … … 1586 1660 return false; 1587 1661 } 1588 if (!check_se rver_info(uLevel,str2)) {1662 if (!check_session_info(uLevel,str2)) { 1589 1663 return False; 1590 1664 } … … 1611 1685 1612 1686 if (lp_browse_list()) { 1613 total = get_se rver_info(servertype,&servers,domain);1687 total = get_session_info(servertype,&servers,domain); 1614 1688 } 1615 1689 … … 1617 1691 missed = 0; 1618 1692 1619 if (total > 0) { 1620 qsort(servers,total,sizeof(servers[0]),QSORT_CAST srv_comp); 1621 } 1693 TYPESAFE_QSORT(servers, total, srv_comp); 1622 1694 1623 1695 if (first_name[0] != '\0') { … … 1727 1799 ****************************************************************************/ 1728 1800 1729 static bool api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, 1801 static bool api_RNetGroupGetUsers(struct smbd_server_connection *sconn, 1802 connection_struct *conn, uint16 vuid, 1730 1803 char *param, int tpscnt, 1731 1804 char *data, int tdscnt, 1732 int mdrcnt, int mprcnt, char **rdata, 1805 int mdrcnt, int mprcnt, char **rdata, 1733 1806 char **rparam, int *rdata_len, int *rparam_len) 1734 1807 { … … 1917 1990 } 1918 1991 1919 static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, 1992 static bool api_RNetShareGetInfo(struct smbd_server_connection *sconn, 1993 connection_struct *conn,uint16 vuid, 1920 1994 char *param, int tpscnt, 1921 1995 char *data, int tdscnt, … … 1926 2000 char *str1 = get_safe_str_ptr(param,tpscnt,param,2); 1927 2001 char *str2 = skip_string(param,tpscnt,str1); 1928 char *netname = skip_string(param,tpscnt,str2); 2002 char *netname_in = skip_string(param,tpscnt,str2); 2003 char *netname = NULL; 1929 2004 char *p = skip_string(param,tpscnt,netname); 1930 2005 int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); … … 1935 2010 } 1936 2011 1937 snum = find_service( netname);1938 if (snum < 0 ) {2012 snum = find_service(talloc_tos(), netname_in, &netname); 2013 if (snum < 0 || !netname) { 1939 2014 return False; 1940 2015 } … … 1980 2055 ****************************************************************************/ 1981 2056 1982 static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, 2057 static bool api_RNetShareEnum(struct smbd_server_connection *sconn, 2058 connection_struct *conn, uint16 vuid, 1983 2059 char *param, int tpscnt, 1984 2060 char *data, int tdscnt, … … 2087 2163 ****************************************************************************/ 2088 2164 2089 static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, 2165 static bool api_RNetShareAdd(struct smbd_server_connection *sconn, 2166 connection_struct *conn,uint16 vuid, 2090 2167 char *param, int tpscnt, 2091 2168 char *data, int tdscnt, … … 2101 2178 fstring comment; 2102 2179 char *pathname = NULL; 2103 char *command, *cmdname;2104 2180 unsigned int offset; 2105 int snum;2106 2181 int res = ERRunsup; 2107 2182 size_t converted_size; 2108 2183 2184 WERROR werr = WERR_OK; 2185 TALLOC_CTX *mem_ctx = talloc_tos(); 2186 NTSTATUS status; 2187 struct rpc_pipe_client *cli = NULL; 2188 union srvsvc_NetShareInfo info; 2189 struct srvsvc_NetShareInfo2 info2; 2190 struct dcerpc_binding_handle *b; 2191 2109 2192 if (!str1 || !str2 || !p) { 2110 2193 return False; … … 2127 2210 } 2128 2211 pull_ascii_fstring(sharename,data); 2129 snum = find_service(sharename);2130 if (snum >= 0) { /* already exists */2131 res = ERRfilexists;2132 goto error_exit;2133 }2134 2212 2135 2213 if (mdrcnt < 28) { … … 2145 2223 if (offset >= mdrcnt) { 2146 2224 res = ERRinvalidparam; 2147 goto error_exit;2225 goto out; 2148 2226 } 2149 2227 … … 2158 2236 if (offset >= mdrcnt) { 2159 2237 res = ERRinvalidparam; 2160 goto error_exit;2238 goto out; 2161 2239 } 2162 2240 … … 2177 2255 } 2178 2256 2179 string_replace(sharename, '"', ' '); 2180 string_replace(pathname, '"', ' '); 2181 string_replace(comment, '"', ' '); 2182 2183 cmdname = lp_add_share_cmd(); 2184 2185 if (!cmdname || *cmdname == '\0') { 2186 return False; 2187 } 2188 2189 if (asprintf(&command, "%s \"%s\" \"%s\" \"%s\" \"%s\"", 2190 lp_add_share_cmd(), get_dyn_CONFIGFILE(), sharename, 2191 pathname, comment) == -1) { 2192 return false; 2193 } 2194 2195 DEBUG(10,("api_RNetShareAdd: Running [%s]\n", command )); 2196 2197 if ((res = smbrun(command, NULL)) != 0) { 2198 DEBUG(1,("api_RNetShareAdd: Running [%s] returned (%d)\n", 2199 command, res )); 2200 SAFE_FREE(command); 2201 res = ERRnoaccess; 2202 goto error_exit; 2203 } else { 2204 SAFE_FREE(command); 2205 message_send_all(smbd_messaging_context(), 2206 MSG_SMB_CONF_UPDATED, NULL, 0, NULL); 2257 status = rpc_pipe_open_interface(mem_ctx, &ndr_table_srvsvc.syntax_id, 2258 conn->session_info, 2259 &conn->sconn->client_id, 2260 conn->sconn->msg_ctx, 2261 &cli); 2262 if (!NT_STATUS_IS_OK(status)) { 2263 DEBUG(0,("api_RNetShareAdd: could not connect to srvsvc: %s\n", 2264 nt_errstr(status))); 2265 res = W_ERROR_V(ntstatus_to_werror(status)); 2266 goto out; 2267 } 2268 2269 b = cli->binding_handle; 2270 2271 info2.name = sharename; 2272 info2.type = STYPE_DISKTREE; 2273 info2.comment = comment; 2274 info2.permissions = 0; 2275 info2.max_users = 0; 2276 info2.current_users = 0; 2277 info2.path = pathname; 2278 info2.password = NULL; 2279 2280 info.info2 = &info2; 2281 2282 status = dcerpc_srvsvc_NetShareAdd(b, mem_ctx, 2283 cli->srv_name_slash, 2284 2, 2285 &info, 2286 NULL, 2287 &werr); 2288 if (!NT_STATUS_IS_OK(status)) { 2289 res = W_ERROR_V(ntstatus_to_werror(status)); 2290 goto out; 2291 } 2292 if (!W_ERROR_IS_OK(werr)) { 2293 res = W_ERROR_V(werr); 2294 goto out; 2207 2295 } 2208 2296 … … 2219 2307 return True; 2220 2308 2221 error_exit:2309 out: 2222 2310 2223 2311 *rparam_len = 4; … … 2236 2324 ****************************************************************************/ 2237 2325 2238 static bool api_RNetGroupEnum(connection_struct *conn,uint16 vuid, 2326 static bool api_RNetGroupEnum(struct smbd_server_connection *sconn, 2327 connection_struct *conn,uint16 vuid, 2239 2328 char *param, int tpscnt, 2240 2329 char *data, int tdscnt, … … 2254 2343 struct rpc_pipe_client *samr_pipe; 2255 2344 struct policy_handle samr_handle, domain_handle; 2256 NTSTATUS status; 2345 NTSTATUS status, result; 2346 struct dcerpc_binding_handle *b; 2257 2347 2258 2348 if (!str1 || !str2 || !p) { … … 2264 2354 } 2265 2355 2266 /* parameters 2356 /* parameters 2267 2357 * W-> resume context (number of users to skip) 2268 * r -> return parameter pointer to receive buffer 2358 * r -> return parameter pointer to receive buffer 2269 2359 * L -> length of receive buffer 2270 2360 * e -> return parameter number of entries … … 2276 2366 } 2277 2367 2278 status = rpc_pipe_open_internal( 2279 talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch, 2280 conn->server_info, &samr_pipe); 2368 status = rpc_pipe_open_interface( 2369 talloc_tos(), &ndr_table_samr.syntax_id, 2370 conn->session_info, &conn->sconn->client_id, 2371 conn->sconn->msg_ctx, &samr_pipe); 2281 2372 if (!NT_STATUS_IS_OK(status)) { 2282 2373 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n", … … 2285 2376 } 2286 2377 2287 status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(), 2288 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle); 2378 b = samr_pipe->binding_handle; 2379 2380 status = dcerpc_samr_Connect2(b, talloc_tos(), global_myname(), 2381 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle, 2382 &result); 2289 2383 if (!NT_STATUS_IS_OK(status)) { 2290 2384 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", … … 2292 2386 return false; 2293 2387 } 2294 2295 status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle, 2388 if (!NT_STATUS_IS_OK(result)) { 2389 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", 2390 nt_errstr(result))); 2391 return false; 2392 } 2393 2394 status = dcerpc_samr_OpenDomain(b, talloc_tos(), &samr_handle, 2296 2395 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, 2297 get_global_sam_sid(), &domain_handle); 2396 get_global_sam_sid(), &domain_handle, 2397 &result); 2298 2398 if (!NT_STATUS_IS_OK(status)) { 2299 2399 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", 2300 2400 nt_errstr(status))); 2301 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle); 2401 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2402 return false; 2403 } 2404 if (!NT_STATUS_IS_OK(result)) { 2405 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", 2406 nt_errstr(result))); 2407 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2302 2408 return false; 2303 2409 } … … 2324 2430 uint32_t num_entries; 2325 2431 2326 status = rpccli_samr_EnumDomainGroups(samr_pipe, talloc_tos(),2432 status = dcerpc_samr_EnumDomainGroups(b, talloc_tos(), 2327 2433 &domain_handle, 2328 2434 &resume_handle, 2329 2435 &sam_entries, 1, 2330 &num_entries); 2436 &num_entries, 2437 &result); 2331 2438 if (!NT_STATUS_IS_OK(status)) { 2332 DEBUG(10, (" rpccli_samr_EnumDomainGroups returned "2439 DEBUG(10, ("dcerpc_samr_EnumDomainGroups returned " 2333 2440 "%s\n", nt_errstr(status))); 2334 2441 break; 2335 2442 } 2443 if (!NT_STATUS_IS_OK(result)) { 2444 status = result; 2445 DEBUG(10, ("dcerpc_samr_EnumDomainGroups returned " 2446 "%s\n", nt_errstr(result))); 2447 break; 2448 } 2336 2449 2337 2450 if (num_entries == 0) { 2338 DEBUG(10, (" rpccli_samr_EnumDomainGroups returned "2451 DEBUG(10, ("dcerpc_samr_EnumDomainGroups returned " 2339 2452 "no entries -- done\n")); 2340 2453 break; … … 2371 2484 } 2372 2485 2373 rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle);2374 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);2486 dcerpc_samr_Close(b, talloc_tos(), &domain_handle, &result); 2487 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2375 2488 2376 2489 *rdata_len = PTR_DIFF(p,*rdata); … … 2393 2506 ******************************************************************/ 2394 2507 2395 static bool api_NetUserGetGroups(connection_struct *conn,uint16 vuid, 2508 static bool api_NetUserGetGroups(struct smbd_server_connection *sconn, 2509 connection_struct *conn,uint16 vuid, 2396 2510 char *param, int tpscnt, 2397 2511 char *data, int tdscnt, … … 2417 2531 struct samr_Ids type, rid; 2418 2532 struct samr_RidWithAttributeArray *rids; 2419 NTSTATUS status; 2533 NTSTATUS status, result; 2534 struct dcerpc_binding_handle *b; 2420 2535 2421 2536 if (!str1 || !str2 || !UserName || !p) { … … 2457 2572 endp = *rdata + *rdata_len; 2458 2573 2459 status = rpc_pipe_open_internal( 2460 talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch, 2461 conn->server_info, &samr_pipe); 2574 status = rpc_pipe_open_interface( 2575 talloc_tos(), &ndr_table_samr.syntax_id, 2576 conn->session_info, &conn->sconn->client_id, 2577 conn->sconn->msg_ctx, &samr_pipe); 2462 2578 if (!NT_STATUS_IS_OK(status)) { 2463 2579 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n", … … 2466 2582 } 2467 2583 2468 status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(), 2469 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle); 2584 b = samr_pipe->binding_handle; 2585 2586 status = dcerpc_samr_Connect2(b, talloc_tos(), global_myname(), 2587 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle, 2588 &result); 2470 2589 if (!NT_STATUS_IS_OK(status)) { 2471 2590 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", … … 2473 2592 return false; 2474 2593 } 2475 2476 status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle, 2594 if (!NT_STATUS_IS_OK(result)) { 2595 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", 2596 nt_errstr(result))); 2597 return false; 2598 } 2599 2600 status = dcerpc_samr_OpenDomain(b, talloc_tos(), &samr_handle, 2477 2601 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, 2478 get_global_sam_sid(), &domain_handle); 2602 get_global_sam_sid(), &domain_handle, 2603 &result); 2479 2604 if (!NT_STATUS_IS_OK(status)) { 2480 2605 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", … … 2482 2607 goto close_sam; 2483 2608 } 2609 if (!NT_STATUS_IS_OK(result)) { 2610 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", 2611 nt_errstr(result))); 2612 goto close_sam; 2613 } 2484 2614 2485 2615 name.string = UserName; 2486 2616 2487 status = rpccli_samr_LookupNames(samr_pipe, talloc_tos(),2617 status = dcerpc_samr_LookupNames(b, talloc_tos(), 2488 2618 &domain_handle, 1, &name, 2489 &rid, &type); 2619 &rid, &type, 2620 &result); 2490 2621 if (!NT_STATUS_IS_OK(status)) { 2491 2622 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n", … … 2493 2624 goto close_domain; 2494 2625 } 2626 if (!NT_STATUS_IS_OK(result)) { 2627 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n", 2628 nt_errstr(result))); 2629 goto close_domain; 2630 } 2495 2631 2496 2632 if (type.ids[0] != SID_NAME_USER) { … … 2500 2636 } 2501 2637 2502 status = rpccli_samr_OpenUser(samr_pipe, talloc_tos(),2638 status = dcerpc_samr_OpenUser(b, talloc_tos(), 2503 2639 &domain_handle, 2504 2640 SAMR_USER_ACCESS_GET_GROUPS, 2505 rid.ids[0], &user_handle); 2641 rid.ids[0], &user_handle, 2642 &result); 2506 2643 if (!NT_STATUS_IS_OK(status)) { 2507 2644 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n", … … 2509 2646 goto close_domain; 2510 2647 } 2511 2512 status = rpccli_samr_GetGroupsForUser(samr_pipe, talloc_tos(), 2513 &user_handle, &rids); 2648 if (!NT_STATUS_IS_OK(result)) { 2649 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n", 2650 nt_errstr(result))); 2651 goto close_domain; 2652 } 2653 2654 status = dcerpc_samr_GetGroupsForUser(b, talloc_tos(), 2655 &user_handle, &rids, 2656 &result); 2514 2657 if (!NT_STATUS_IS_OK(status)) { 2515 2658 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n", … … 2517 2660 goto close_user; 2518 2661 } 2662 if (!NT_STATUS_IS_OK(result)) { 2663 DEBUG(0, ("api_RNetUserEnum: samr_LookupNames failed: %s\n", 2664 nt_errstr(result))); 2665 goto close_user; 2666 } 2519 2667 2520 2668 for (i=0; i<rids->count; i++) { 2521 2669 2522 status = rpccli_samr_LookupRids(samr_pipe, talloc_tos(),2670 status = dcerpc_samr_LookupRids(b, talloc_tos(), 2523 2671 &domain_handle, 2524 2672 1, &rids->rids[i].rid, 2525 &names, &type); 2526 if (NT_STATUS_IS_OK(status) && (names.count == 1)) { 2673 &names, &type, 2674 &result); 2675 if (NT_STATUS_IS_OK(status) && NT_STATUS_IS_OK(result) && (names.count == 1)) { 2527 2676 strlcpy(p, names.names[0].string, PTR_DIFF(endp,p)); 2528 2677 p += 21; … … 2539 2688 2540 2689 close_user: 2541 rpccli_samr_Close(samr_pipe, talloc_tos(), &user_handle);2690 dcerpc_samr_Close(b, talloc_tos(), &user_handle, &result); 2542 2691 close_domain: 2543 rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle);2692 dcerpc_samr_Close(b, talloc_tos(), &domain_handle, &result); 2544 2693 close_sam: 2545 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);2694 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2546 2695 2547 2696 return ret; … … 2552 2701 ******************************************************************/ 2553 2702 2554 static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid, 2703 static bool api_RNetUserEnum(struct smbd_server_connection *sconn, 2704 connection_struct *conn, uint16 vuid, 2555 2705 char *param, int tpscnt, 2556 2706 char *data, int tdscnt, … … 2567 2717 struct rpc_pipe_client *samr_pipe; 2568 2718 struct policy_handle samr_handle, domain_handle; 2569 NTSTATUS status ;2719 NTSTATUS status, result; 2570 2720 2571 2721 char *str1 = get_safe_str_ptr(param,tpscnt,param,2); … … 2573 2723 char *p = skip_string(param,tpscnt,str2); 2574 2724 char *endp = NULL; 2725 2726 struct dcerpc_binding_handle *b; 2575 2727 2576 2728 if (!str1 || !str2 || !p) { … … 2612 2764 endp = *rdata + *rdata_len; 2613 2765 2614 status = rpc_pipe_open_internal( 2615 talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch, 2616 conn->server_info, &samr_pipe); 2766 status = rpc_pipe_open_interface( 2767 talloc_tos(), &ndr_table_samr.syntax_id, 2768 conn->session_info, &conn->sconn->client_id, 2769 conn->sconn->msg_ctx, &samr_pipe); 2617 2770 if (!NT_STATUS_IS_OK(status)) { 2618 2771 DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n", … … 2621 2774 } 2622 2775 2623 status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(), 2624 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle); 2776 b = samr_pipe->binding_handle; 2777 2778 status = dcerpc_samr_Connect2(b, talloc_tos(), global_myname(), 2779 SAMR_ACCESS_LOOKUP_DOMAIN, &samr_handle, 2780 &result); 2625 2781 if (!NT_STATUS_IS_OK(status)) { 2626 2782 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", … … 2628 2784 return false; 2629 2785 } 2630 2631 status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle, 2786 if (!NT_STATUS_IS_OK(result)) { 2787 DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", 2788 nt_errstr(result))); 2789 return false; 2790 } 2791 2792 status = dcerpc_samr_OpenDomain(b, talloc_tos(), &samr_handle, 2632 2793 SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, 2633 get_global_sam_sid(), &domain_handle); 2794 get_global_sam_sid(), &domain_handle, 2795 &result); 2634 2796 if (!NT_STATUS_IS_OK(status)) { 2635 2797 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", 2636 2798 nt_errstr(status))); 2637 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle); 2799 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2800 return false; 2801 } 2802 if (!NT_STATUS_IS_OK(result)) { 2803 DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", 2804 nt_errstr(result))); 2805 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2638 2806 return false; 2639 2807 } … … 2647 2815 uint32_t num_entries; 2648 2816 2649 status = rpccli_samr_EnumDomainUsers(samr_pipe, talloc_tos(),2817 status = dcerpc_samr_EnumDomainUsers(b, talloc_tos(), 2650 2818 &domain_handle, 2651 2819 &resume_handle, 2652 2820 0, &sam_entries, 1, 2653 &num_entries); 2821 &num_entries, 2822 &result); 2654 2823 2655 2824 if (!NT_STATUS_IS_OK(status)) { 2656 DEBUG(10, (" rpccli_samr_EnumDomainUsers returned "2825 DEBUG(10, ("dcerpc_samr_EnumDomainUsers returned " 2657 2826 "%s\n", nt_errstr(status))); 2658 2827 break; 2659 2828 } 2829 if (!NT_STATUS_IS_OK(result)) { 2830 DEBUG(10, ("dcerpc_samr_EnumDomainUsers returned " 2831 "%s\n", nt_errstr(result))); 2832 break; 2833 } 2660 2834 2661 2835 if (num_entries == 0) { 2662 DEBUG(10, (" rpccli_samr_EnumDomainUsers returned "2836 DEBUG(10, ("dcerpc_samr_EnumDomainUsers returned " 2663 2837 "no entries -- done\n")); 2664 2838 break; … … 2693 2867 } 2694 2868 2695 rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle);2696 rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle);2869 dcerpc_samr_Close(b, talloc_tos(), &domain_handle, &result); 2870 dcerpc_samr_Close(b, talloc_tos(), &samr_handle, &result); 2697 2871 2698 2872 *rdata_len = PTR_DIFF(p,*rdata); … … 2710 2884 ****************************************************************************/ 2711 2885 2712 static bool api_NetRemoteTOD(connection_struct *conn,uint16 vuid, 2886 static bool api_NetRemoteTOD(struct smbd_server_connection *sconn, 2887 connection_struct *conn,uint16 vuid, 2713 2888 char *param, int tpscnt, 2714 2889 char *data, int tdscnt, … … 2742 2917 it seems to ignore the one below */ 2743 2918 2744 /* the client expects to get localtime, not GMT, in this bit 2919 /* the client expects to get localtime, not GMT, in this bit 2745 2920 (I think, this needs testing) */ 2746 2921 t = localtime(&unixdate); … … 2768 2943 *****************************************************************************/ 2769 2944 2770 static bool api_SetUserPassword(connection_struct *conn,uint16 vuid, 2945 static bool api_SetUserPassword(struct smbd_server_connection *sconn, 2946 connection_struct *conn,uint16 vuid, 2771 2947 char *param, int tpscnt, 2772 2948 char *data, int tdscnt, … … 2779 2955 fstring user; 2780 2956 fstring pass1,pass2; 2957 TALLOC_CTX *mem_ctx = talloc_tos(); 2958 NTSTATUS status, result; 2959 struct rpc_pipe_client *cli = NULL; 2960 struct policy_handle connect_handle, domain_handle, user_handle; 2961 struct lsa_String domain_name; 2962 struct dom_sid2 *domain_sid; 2963 struct lsa_String names; 2964 struct samr_Ids rids; 2965 struct samr_Ids types; 2966 struct samr_Password old_lm_hash; 2967 struct samr_Password new_lm_hash; 2968 int errcode = NERR_badpass; 2969 uint32_t rid; 2970 int encrypted; 2971 int min_pwd_length; 2972 struct dcerpc_binding_handle *b = NULL; 2781 2973 2782 2974 /* Skip 2 strings. */ … … 2811 3003 memcpy(pass2,p+16,16); 2812 3004 3005 encrypted = get_safe_SVAL(param,tpscnt,p+32,0,-1); 3006 if (encrypted == -1) { 3007 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3008 goto out; 3009 } 3010 3011 min_pwd_length = get_safe_SVAL(param,tpscnt,p+34,0,-1); 3012 if (min_pwd_length == -1) { 3013 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3014 goto out; 3015 } 3016 2813 3017 *rparam_len = 4; 2814 3018 *rparam = smb_realloc_limit(*rparam,*rparam_len); … … 2819 3023 *rdata_len = 0; 2820 3024 2821 SSVAL(*rparam,0,NERR_badpass); 3025 DEBUG(3,("Set password for <%s> (encrypted: %d, min_pwd_length: %d)\n", 3026 user, encrypted, min_pwd_length)); 3027 3028 ZERO_STRUCT(connect_handle); 3029 ZERO_STRUCT(domain_handle); 3030 ZERO_STRUCT(user_handle); 3031 3032 status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id, 3033 conn->session_info, 3034 &conn->sconn->client_id, 3035 conn->sconn->msg_ctx, 3036 &cli); 3037 if (!NT_STATUS_IS_OK(status)) { 3038 DEBUG(0,("api_SetUserPassword: could not connect to samr: %s\n", 3039 nt_errstr(status))); 3040 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3041 goto out; 3042 } 3043 3044 b = cli->binding_handle; 3045 3046 status = dcerpc_samr_Connect2(b, mem_ctx, 3047 global_myname(), 3048 SAMR_ACCESS_CONNECT_TO_SERVER | 3049 SAMR_ACCESS_ENUM_DOMAINS | 3050 SAMR_ACCESS_LOOKUP_DOMAIN, 3051 &connect_handle, 3052 &result); 3053 if (!NT_STATUS_IS_OK(status)) { 3054 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3055 goto out; 3056 } 3057 if (!NT_STATUS_IS_OK(result)) { 3058 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3059 goto out; 3060 } 3061 3062 init_lsa_String(&domain_name, get_global_sam_name()); 3063 3064 status = dcerpc_samr_LookupDomain(b, mem_ctx, 3065 &connect_handle, 3066 &domain_name, 3067 &domain_sid, 3068 &result); 3069 if (!NT_STATUS_IS_OK(status)) { 3070 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3071 goto out; 3072 } 3073 if (!NT_STATUS_IS_OK(result)) { 3074 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3075 goto out; 3076 } 3077 3078 status = dcerpc_samr_OpenDomain(b, mem_ctx, 3079 &connect_handle, 3080 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, 3081 domain_sid, 3082 &domain_handle, 3083 &result); 3084 if (!NT_STATUS_IS_OK(status)) { 3085 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3086 goto out; 3087 } 3088 if (!NT_STATUS_IS_OK(result)) { 3089 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3090 goto out; 3091 } 3092 3093 init_lsa_String(&names, user); 3094 3095 status = dcerpc_samr_LookupNames(b, mem_ctx, 3096 &domain_handle, 3097 1, 3098 &names, 3099 &rids, 3100 &types, 3101 &result); 3102 if (!NT_STATUS_IS_OK(status)) { 3103 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3104 goto out; 3105 } 3106 if (!NT_STATUS_IS_OK(result)) { 3107 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3108 goto out; 3109 } 3110 3111 if (rids.count != 1) { 3112 errcode = W_ERROR_V(WERR_NO_SUCH_USER); 3113 goto out; 3114 } 3115 if (rids.count != types.count) { 3116 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3117 goto out; 3118 } 3119 if (types.ids[0] != SID_NAME_USER) { 3120 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3121 goto out; 3122 } 3123 3124 rid = rids.ids[0]; 3125 3126 status = dcerpc_samr_OpenUser(b, mem_ctx, 3127 &domain_handle, 3128 SAMR_USER_ACCESS_CHANGE_PASSWORD, 3129 rid, 3130 &user_handle, 3131 &result); 3132 if (!NT_STATUS_IS_OK(status)) { 3133 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3134 goto out; 3135 } 3136 if (!NT_STATUS_IS_OK(result)) { 3137 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3138 goto out; 3139 } 3140 3141 if (encrypted == 0) { 3142 E_deshash(pass1, old_lm_hash.hash); 3143 E_deshash(pass2, new_lm_hash.hash); 3144 } else { 3145 ZERO_STRUCT(old_lm_hash); 3146 ZERO_STRUCT(new_lm_hash); 3147 memcpy(old_lm_hash.hash, pass1, MIN(strlen(pass1), 16)); 3148 memcpy(new_lm_hash.hash, pass1, MIN(strlen(pass2), 16)); 3149 } 3150 3151 status = dcerpc_samr_ChangePasswordUser(b, mem_ctx, 3152 &user_handle, 3153 true, /* lm_present */ 3154 &old_lm_hash, 3155 &new_lm_hash, 3156 false, /* nt_present */ 3157 NULL, /* old_nt_crypted */ 3158 NULL, /* new_nt_crypted */ 3159 false, /* cross1_present */ 3160 NULL, /* nt_cross */ 3161 false, /* cross2_present */ 3162 NULL, /* lm_cross */ 3163 &result); 3164 if (!NT_STATUS_IS_OK(status)) { 3165 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3166 goto out; 3167 } 3168 if (!NT_STATUS_IS_OK(result)) { 3169 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3170 goto out; 3171 } 3172 3173 errcode = NERR_Success; 3174 out: 3175 3176 if (b && is_valid_policy_hnd(&user_handle)) { 3177 dcerpc_samr_Close(b, mem_ctx, &user_handle, &result); 3178 } 3179 if (b && is_valid_policy_hnd(&domain_handle)) { 3180 dcerpc_samr_Close(b, mem_ctx, &domain_handle, &result); 3181 } 3182 if (b && is_valid_policy_hnd(&connect_handle)) { 3183 dcerpc_samr_Close(b, mem_ctx, &connect_handle, &result); 3184 } 3185 3186 memset((char *)pass1,'\0',sizeof(fstring)); 3187 memset((char *)pass2,'\0',sizeof(fstring)); 3188 3189 SSVAL(*rparam,0,errcode); 2822 3190 SSVAL(*rparam,2,0); /* converter word */ 2823 2824 DEBUG(3,("Set password for <%s>\n",user));2825 2826 /*2827 * Attempt to verify the old password against smbpasswd entries2828 * Win98 clients send old and new password in plaintext for this call.2829 */2830 2831 {2832 auth_serversupplied_info *server_info = NULL;2833 DATA_BLOB password = data_blob(pass1, strlen(pass1)+1);2834 2835 if (NT_STATUS_IS_OK(check_plaintext_password(user,password,&server_info))) {2836 2837 become_root();2838 if (NT_STATUS_IS_OK(change_oem_password(server_info->sam_account, pass1, pass2, False, NULL))) {2839 SSVAL(*rparam,0,NERR_Success);2840 }2841 unbecome_root();2842 2843 TALLOC_FREE(server_info);2844 }2845 data_blob_clear_free(&password);2846 }2847 2848 /*2849 * If the plaintext change failed, attempt2850 * the old encrypted method. NT will generate this2851 * after trying the samr method. Note that this2852 * method is done as a last resort as this2853 * password change method loses the NT password hash2854 * and cannot change the UNIX password as no plaintext2855 * is received.2856 */2857 2858 if(SVAL(*rparam,0) != NERR_Success) {2859 struct samu *hnd = NULL;2860 2861 if (check_lanman_password(user,(unsigned char *)pass1,(unsigned char *)pass2, &hnd)) {2862 become_root();2863 if (change_lanman_password(hnd,(uchar *)pass2)) {2864 SSVAL(*rparam,0,NERR_Success);2865 }2866 unbecome_root();2867 TALLOC_FREE(hnd);2868 }2869 }2870 2871 memset((char *)pass1,'\0',sizeof(fstring));2872 memset((char *)pass2,'\0',sizeof(fstring));2873 2874 3191 return(True); 2875 3192 } … … 2879 3196 ****************************************************************************/ 2880 3197 2881 static bool api_SamOEMChangePassword(connection_struct *conn,uint16 vuid, 3198 static bool api_SamOEMChangePassword(struct smbd_server_connection *sconn, 3199 connection_struct *conn,uint16 vuid, 2882 3200 char *param, int tpscnt, 2883 3201 char *data, int tdscnt, … … 2886 3204 int *rdata_len,int *rparam_len) 2887 3205 { 2888 struct smbd_server_connection *sconn = smbd_server_conn;2889 3206 fstring user; 2890 3207 char *p = get_safe_str_ptr(param,tpscnt,param,2); 2891 *rparam_len = 2; 3208 3209 TALLOC_CTX *mem_ctx = talloc_tos(); 3210 NTSTATUS status, result; 3211 struct rpc_pipe_client *cli = NULL; 3212 struct lsa_AsciiString server, account; 3213 struct samr_CryptPassword password; 3214 struct samr_Password hash; 3215 int errcode = NERR_badpass; 3216 int bufsize; 3217 struct dcerpc_binding_handle *b; 3218 3219 *rparam_len = 4; 2892 3220 *rparam = smb_realloc_limit(*rparam,*rparam_len); 2893 3221 if (!*rparam) { … … 2939 3267 DEBUG(3,("api_SamOEMChangePassword: Change password for <%s>\n",user)); 2940 3268 2941 /* 2942 * Pass the user through the NT -> unix user mapping 2943 * function. 2944 */ 2945 2946 (void)map_username(sconn, user); 2947 2948 if (NT_STATUS_IS_OK(pass_oem_change(user, (uchar*) data, (uchar *)&data[516], NULL, NULL, NULL))) { 2949 SSVAL(*rparam,0,NERR_Success); 2950 } 3269 if (tdscnt != 532) { 3270 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3271 goto out; 3272 } 3273 3274 bufsize = get_safe_SVAL(param,tpscnt,p,0,-1); 3275 if (bufsize != 532) { 3276 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3277 goto out; 3278 } 3279 3280 memcpy(password.data, data, 516); 3281 memcpy(hash.hash, data+516, 16); 3282 3283 status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id, 3284 conn->session_info, 3285 &conn->sconn->client_id, 3286 conn->sconn->msg_ctx, 3287 &cli); 3288 if (!NT_STATUS_IS_OK(status)) { 3289 DEBUG(0,("api_SamOEMChangePassword: could not connect to samr: %s\n", 3290 nt_errstr(status))); 3291 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3292 goto out; 3293 } 3294 3295 b = cli->binding_handle; 3296 3297 init_lsa_AsciiString(&server, global_myname()); 3298 init_lsa_AsciiString(&account, user); 3299 3300 status = dcerpc_samr_OemChangePasswordUser2(b, mem_ctx, 3301 &server, 3302 &account, 3303 &password, 3304 &hash, 3305 &result); 3306 if (!NT_STATUS_IS_OK(status)) { 3307 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3308 goto out; 3309 } 3310 if (!NT_STATUS_IS_OK(result)) { 3311 errcode = W_ERROR_V(ntstatus_to_werror(result)); 3312 goto out; 3313 } 3314 3315 errcode = NERR_Success; 3316 out: 3317 SSVAL(*rparam,0,errcode); 3318 SSVAL(*rparam,2,0); /* converter word */ 2951 3319 2952 3320 return(True); … … 2955 3323 /**************************************************************************** 2956 3324 delete a print job 2957 Form: <W> <> 3325 Form: <W> <> 2958 3326 ****************************************************************************/ 2959 3327 2960 static bool api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, 3328 static bool api_RDosPrintJobDel(struct smbd_server_connection *sconn, 3329 connection_struct *conn,uint16 vuid, 2961 3330 char *param, int tpscnt, 2962 3331 char *data, int tdscnt, … … 2970 3339 char *p = skip_string(param,tpscnt,str2); 2971 3340 uint32 jobid; 2972 int snum;2973 3341 fstring sharename; 2974 3342 int errcode; 2975 3343 WERROR werr = WERR_OK; 3344 3345 TALLOC_CTX *mem_ctx = talloc_tos(); 3346 NTSTATUS status; 3347 struct rpc_pipe_client *cli = NULL; 3348 struct dcerpc_binding_handle *b = NULL; 3349 struct policy_handle handle; 3350 struct spoolss_DevmodeContainer devmode_ctr; 3351 enum spoolss_JobControl command; 2976 3352 2977 3353 if (!str1 || !str2 || !p) { … … 2999 3375 *rdata_len = 0; 3000 3376 3001 if (!print_job_exists(sharename, jobid)) { 3002 errcode = NERR_JobNotFound; 3003 goto out; 3004 } 3005 3006 snum = lp_servicenumber( sharename); 3007 if (snum == -1) { 3008 errcode = NERR_DestNotFound; 3009 goto out; 3010 } 3011 3012 errcode = NERR_notsupported; 3377 ZERO_STRUCT(handle); 3378 3379 status = rpc_pipe_open_interface(conn, 3380 &ndr_table_spoolss.syntax_id, 3381 conn->session_info, 3382 &conn->sconn->client_id, 3383 conn->sconn->msg_ctx, 3384 &cli); 3385 if (!NT_STATUS_IS_OK(status)) { 3386 DEBUG(0,("api_RDosPrintJobDel: could not connect to spoolss: %s\n", 3387 nt_errstr(status))); 3388 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3389 goto out; 3390 } 3391 b = cli->binding_handle; 3392 3393 ZERO_STRUCT(devmode_ctr); 3394 3395 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 3396 sharename, 3397 "RAW", 3398 devmode_ctr, 3399 JOB_ACCESS_ADMINISTER, 3400 &handle, 3401 &werr); 3402 if (!NT_STATUS_IS_OK(status)) { 3403 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3404 goto out; 3405 } 3406 if (!W_ERROR_IS_OK(werr)) { 3407 errcode = W_ERROR_V(werr); 3408 goto out; 3409 } 3410 3411 /* FIXME: formerly NERR_JobNotFound was returned if job did not exist 3412 * and NERR_DestNotFound if share did not exist */ 3413 3414 errcode = NERR_Success; 3013 3415 3014 3416 switch (function) { 3015 case 81: /* delete */ 3016 if (print_job_delete(conn->server_info, snum, jobid, &werr)) 3017 errcode = NERR_Success; 3417 case 81: /* delete */ 3418 command = SPOOLSS_JOB_CONTROL_DELETE; 3018 3419 break; 3019 3420 case 82: /* pause */ 3020 if (print_job_pause(conn->server_info, snum, jobid, &werr)) 3021 errcode = NERR_Success; 3421 command = SPOOLSS_JOB_CONTROL_PAUSE; 3022 3422 break; 3023 3423 case 83: /* resume */ 3024 if (print_job_resume(conn->server_info, snum, jobid, &werr)) 3025 errcode = NERR_Success; 3424 command = SPOOLSS_JOB_CONTROL_RESUME; 3026 3425 break; 3027 } 3028 3029 if (!W_ERROR_IS_OK(werr)) 3426 default: 3427 errcode = NERR_notsupported; 3428 goto out; 3429 } 3430 3431 status = dcerpc_spoolss_SetJob(b, mem_ctx, 3432 &handle, 3433 jobid, 3434 NULL, /* unique ptr ctr */ 3435 command, 3436 &werr); 3437 if (!NT_STATUS_IS_OK(status)) { 3438 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3439 goto out; 3440 } 3441 if (!W_ERROR_IS_OK(werr)) { 3030 3442 errcode = W_ERROR_V(werr); 3443 goto out; 3444 } 3031 3445 3032 3446 out: 3033 SSVAL(*rparam,0,errcode); 3447 if (b && is_valid_policy_hnd(&handle)) { 3448 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 3449 } 3450 3451 SSVAL(*rparam,0,errcode); 3034 3452 SSVAL(*rparam,2,0); /* converter word */ 3035 3453 … … 3041 3459 ****************************************************************************/ 3042 3460 3043 static bool api_WPrintQueueCtrl(connection_struct *conn,uint16 vuid, 3461 static bool api_WPrintQueueCtrl(struct smbd_server_connection *sconn, 3462 connection_struct *conn,uint16 vuid, 3044 3463 char *param, int tpscnt, 3045 3464 char *data, int tdscnt, … … 3053 3472 char *QueueName = skip_string(param,tpscnt,str2); 3054 3473 int errcode = NERR_notsupported; 3055 int snum;3056 3474 WERROR werr = WERR_OK; 3475 NTSTATUS status; 3476 3477 TALLOC_CTX *mem_ctx = talloc_tos(); 3478 struct rpc_pipe_client *cli = NULL; 3479 struct dcerpc_binding_handle *b = NULL; 3480 struct policy_handle handle; 3481 struct spoolss_SetPrinterInfoCtr info_ctr; 3482 struct spoolss_DevmodeContainer devmode_ctr; 3483 struct sec_desc_buf secdesc_ctr; 3484 enum spoolss_PrinterControl command; 3057 3485 3058 3486 if (!str1 || !str2 || !QueueName) { … … 3074 3502 return False; 3075 3503 } 3076 snum = print_queue_snum(QueueName); 3077 3078 if (snum == -1) { 3079 errcode = NERR_JobNotFound; 3504 3505 ZERO_STRUCT(handle); 3506 3507 status = rpc_pipe_open_interface(conn, 3508 &ndr_table_spoolss.syntax_id, 3509 conn->session_info, 3510 &conn->sconn->client_id, 3511 conn->sconn->msg_ctx, 3512 &cli); 3513 if (!NT_STATUS_IS_OK(status)) { 3514 DEBUG(0,("api_WPrintQueueCtrl: could not connect to spoolss: %s\n", 3515 nt_errstr(status))); 3516 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3517 goto out; 3518 } 3519 b = cli->binding_handle; 3520 3521 ZERO_STRUCT(devmode_ctr); 3522 3523 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 3524 QueueName, 3525 NULL, 3526 devmode_ctr, 3527 SEC_FLAG_MAXIMUM_ALLOWED, 3528 &handle, 3529 &werr); 3530 if (!NT_STATUS_IS_OK(status)) { 3531 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3532 goto out; 3533 } 3534 if (!W_ERROR_IS_OK(werr)) { 3535 errcode = W_ERROR_V(werr); 3080 3536 goto out; 3081 3537 } … … 3083 3539 switch (function) { 3084 3540 case 74: /* Pause queue */ 3085 werr = print_queue_pause(conn->server_info, snum);3541 command = SPOOLSS_PRINTER_CONTROL_PAUSE; 3086 3542 break; 3087 3543 case 75: /* Resume queue */ 3088 werr = print_queue_resume(conn->server_info, snum);3544 command = SPOOLSS_PRINTER_CONTROL_RESUME; 3089 3545 break; 3090 3546 case 103: /* Purge */ 3091 werr = print_queue_purge(conn->server_info, snum);3547 command = SPOOLSS_PRINTER_CONTROL_PURGE; 3092 3548 break; 3093 3549 default: … … 3096 3552 } 3097 3553 3554 if (!W_ERROR_IS_OK(werr)) { 3555 errcode = W_ERROR_V(werr); 3556 goto out; 3557 } 3558 3559 ZERO_STRUCT(info_ctr); 3560 ZERO_STRUCT(secdesc_ctr); 3561 3562 status = dcerpc_spoolss_SetPrinter(b, mem_ctx, 3563 &handle, 3564 &info_ctr, 3565 &devmode_ctr, 3566 &secdesc_ctr, 3567 command, 3568 &werr); 3569 if (!NT_STATUS_IS_OK(status)) { 3570 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3571 goto out; 3572 } 3573 if (!W_ERROR_IS_OK(werr)) { 3574 errcode = W_ERROR_V(werr); 3575 goto out; 3576 } 3577 3098 3578 errcode = W_ERROR_V(werr); 3099 3579 3100 3580 out: 3581 3582 if (b && is_valid_policy_hnd(&handle)) { 3583 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 3584 } 3585 3101 3586 SSVAL(*rparam,0,errcode); 3102 3587 SSVAL(*rparam,2,0); /* converter word */ … … 3109 3594 ? function = 0xb -> set name of print job 3110 3595 ? function = 0x6 -> move print job up/down 3111 Form: <WWsTP> <WWzWWDDzzzzzzzzzzlz> 3112 or <WWsTP> <WB21BB16B10zWWzDDz> 3596 Form: <WWsTP> <WWzWWDDzzzzzzzzzzlz> 3597 or <WWsTP> <WB21BB16B10zWWzDDz> 3113 3598 ****************************************************************************/ 3114 3599 … … 3136 3621 } 3137 3622 3138 static bool api_PrintJobInfo(connection_struct *conn, uint16 vuid, 3623 static bool api_PrintJobInfo(struct smbd_server_connection *sconn, 3624 connection_struct *conn, uint16 vuid, 3139 3625 char *param, int tpscnt, 3140 3626 char *data, int tdscnt, … … 3151 3637 int uLevel = get_safe_SVAL(param,tpscnt,p,2,-1); 3152 3638 int function = get_safe_SVAL(param,tpscnt,p,4,-1); 3153 int place, errcode; 3639 int errcode; 3640 3641 TALLOC_CTX *mem_ctx = talloc_tos(); 3642 WERROR werr; 3643 NTSTATUS status; 3644 struct rpc_pipe_client *cli = NULL; 3645 struct dcerpc_binding_handle *b = NULL; 3646 struct policy_handle handle; 3647 struct spoolss_DevmodeContainer devmode_ctr; 3648 struct spoolss_JobInfoContainer ctr; 3649 union spoolss_JobInfo info; 3650 struct spoolss_SetJobInfo1 info1; 3154 3651 3155 3652 if (!str1 || !str2 || !p) { … … 3171 3668 } 3172 3669 3173 if (!share_defined(sharename)) {3174 DEBUG(0,("api_PrintJobInfo: sharen [%s] not defined\n",3175 sharename));3176 return False;3177 }3178 3179 3670 *rdata_len = 0; 3180 3671 3181 3672 /* check it's a supported varient */ 3182 if ((strcmp(str1,"WWsTP")) || 3673 if ((strcmp(str1,"WWsTP")) || 3183 3674 (!check_printjob_info(&desc,uLevel,str2))) 3184 3675 return(False); 3185 3676 3186 if (!print_job_exists(sharename, jobid)) {3187 errcode=NERR_JobNotFound;3188 goto out;3189 }3190 3191 3677 errcode = NERR_notsupported; 3192 3678 3193 3679 switch (function) { 3194 case 0x6: 3195 /* change job place in the queue, 3196 data gives the new place */ 3197 place = SVAL(data,0); 3198 if (print_job_set_place(sharename, jobid, place)) { 3199 errcode=NERR_Success; 3200 } 3680 case 0xb: 3681 /* change print job name, data gives the name */ 3201 3682 break; 3202 3203 case 0xb:3204 /* change print job name, data gives the name */3205 if (print_job_set_name(sharename, jobid, data)) {3206 errcode=NERR_Success;3207 }3208 break;3209 3210 3683 default: 3211 return False; 3212 } 3213 3684 goto out; 3685 } 3686 3687 ZERO_STRUCT(handle); 3688 3689 status = rpc_pipe_open_interface(conn, 3690 &ndr_table_spoolss.syntax_id, 3691 conn->session_info, 3692 &conn->sconn->client_id, 3693 conn->sconn->msg_ctx, 3694 &cli); 3695 if (!NT_STATUS_IS_OK(status)) { 3696 DEBUG(0,("api_PrintJobInfo: could not connect to spoolss: %s\n", 3697 nt_errstr(status))); 3698 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3699 goto out; 3700 } 3701 b = cli->binding_handle; 3702 3703 ZERO_STRUCT(devmode_ctr); 3704 3705 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 3706 sharename, 3707 "RAW", 3708 devmode_ctr, 3709 PRINTER_ACCESS_USE, 3710 &handle, 3711 &werr); 3712 if (!NT_STATUS_IS_OK(status)) { 3713 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3714 goto out; 3715 } 3716 if (!W_ERROR_IS_OK(werr)) { 3717 errcode = W_ERROR_V(werr); 3718 goto out; 3719 } 3720 3721 werr = rpccli_spoolss_getjob(cli, mem_ctx, 3722 &handle, 3723 jobid, 3724 1, /* level */ 3725 0, /* offered */ 3726 &info); 3727 if (!W_ERROR_IS_OK(werr)) { 3728 errcode = W_ERROR_V(werr); 3729 goto out; 3730 } 3731 3732 ZERO_STRUCT(ctr); 3733 3734 info1.job_id = info.info1.job_id; 3735 info1.printer_name = info.info1.printer_name; 3736 info1.user_name = info.info1.user_name; 3737 info1.document_name = data; 3738 info1.data_type = info.info1.data_type; 3739 info1.text_status = info.info1.text_status; 3740 info1.status = info.info1.status; 3741 info1.priority = info.info1.priority; 3742 info1.position = info.info1.position; 3743 info1.total_pages = info.info1.total_pages; 3744 info1.pages_printed = info.info1.pages_printed; 3745 info1.submitted = info.info1.submitted; 3746 3747 ctr.level = 1; 3748 ctr.info.info1 = &info1; 3749 3750 status = dcerpc_spoolss_SetJob(b, mem_ctx, 3751 &handle, 3752 jobid, 3753 &ctr, 3754 0, 3755 &werr); 3756 if (!NT_STATUS_IS_OK(status)) { 3757 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3758 goto out; 3759 } 3760 if (!W_ERROR_IS_OK(werr)) { 3761 errcode = W_ERROR_V(werr); 3762 goto out; 3763 } 3764 3765 errcode = NERR_Success; 3214 3766 out: 3767 3768 if (b && is_valid_policy_hnd(&handle)) { 3769 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 3770 } 3771 3215 3772 SSVALS(*rparam,0,errcode); 3216 3773 SSVAL(*rparam,2,0); /* converter word */ … … 3224 3781 ****************************************************************************/ 3225 3782 3226 static bool api_RNetServerGetInfo(connection_struct *conn,uint16 vuid, 3783 static bool api_RNetServerGetInfo(struct smbd_server_connection *sconn, 3784 connection_struct *conn,uint16 vuid, 3227 3785 char *param, int tpscnt, 3228 3786 char *data, int tdscnt, … … 3237 3795 char *p2; 3238 3796 int struct_len; 3797 3798 NTSTATUS status; 3799 WERROR werr; 3800 TALLOC_CTX *mem_ctx = talloc_tos(); 3801 struct rpc_pipe_client *cli = NULL; 3802 union srvsvc_NetSrvInfo info; 3803 int errcode; 3804 struct dcerpc_binding_handle *b; 3239 3805 3240 3806 if (!str1 || !str2 || !p) { … … 3298 3864 p = *rdata; 3299 3865 p2 = p + struct_len; 3866 3867 status = rpc_pipe_open_interface(mem_ctx, &ndr_table_srvsvc.syntax_id, 3868 conn->session_info, 3869 &conn->sconn->client_id, 3870 conn->sconn->msg_ctx, 3871 &cli); 3872 if (!NT_STATUS_IS_OK(status)) { 3873 DEBUG(0,("api_RNetServerGetInfo: could not connect to srvsvc: %s\n", 3874 nt_errstr(status))); 3875 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3876 goto out; 3877 } 3878 3879 b = cli->binding_handle; 3880 3881 status = dcerpc_srvsvc_NetSrvGetInfo(b, mem_ctx, 3882 NULL, 3883 101, 3884 &info, 3885 &werr); 3886 if (!NT_STATUS_IS_OK(status)) { 3887 errcode = W_ERROR_V(ntstatus_to_werror(status)); 3888 goto out; 3889 } 3890 if (!W_ERROR_IS_OK(werr)) { 3891 errcode = W_ERROR_V(werr); 3892 goto out; 3893 } 3894 3895 if (info.info101 == NULL) { 3896 errcode = W_ERROR_V(WERR_INVALID_PARAM); 3897 goto out; 3898 } 3899 3300 3900 if (uLevel != 20) { 3301 srvstr_push(NULL, 0, p, global_myname(),16,3901 srvstr_push(NULL, 0, p, info.info101->server_name, 16, 3302 3902 STR_ASCII|STR_UPPER|STR_TERMINATE); 3303 3903 } 3304 3904 p += 16; 3305 3905 if (uLevel > 0) { 3306 struct srv_info_struct *servers=NULL; 3307 int i,count; 3308 char *comment = NULL; 3309 TALLOC_CTX *ctx = talloc_tos(); 3310 uint32 servertype= lp_default_server_announce(); 3311 3312 comment = talloc_strdup(ctx,lp_serverstring()); 3313 if (!comment) { 3314 return false; 3315 } 3316 3317 if ((count=get_server_info(SV_TYPE_ALL,&servers,lp_workgroup()))>0) { 3318 for (i=0;i<count;i++) { 3319 if (strequal(servers[i].name,global_myname())) { 3320 servertype = servers[i].type; 3321 TALLOC_FREE(comment); 3322 comment = talloc_strdup(ctx, 3323 servers[i].comment); 3324 if (comment) { 3325 return false; 3326 } 3327 } 3328 } 3329 } 3330 3331 SAFE_FREE(servers); 3332 3333 SCVAL(p,0,lp_major_announce_version()); 3334 SCVAL(p,1,lp_minor_announce_version()); 3335 SIVAL(p,2,servertype); 3906 SCVAL(p,0,info.info101->version_major); 3907 SCVAL(p,1,info.info101->version_minor); 3908 SIVAL(p,2,info.info101->server_type); 3336 3909 3337 3910 if (mdrcnt == struct_len) { … … 3339 3912 } else { 3340 3913 SIVAL(p,6,PTR_DIFF(p2,*rdata)); 3341 comment = talloc_sub_advanced(3342 ctx,3343 lp_servicename(SNUM(conn)),3344 conn->server_info->unix_name,3345 conn->connectpath,3346 conn->server_info->utok.gid,3347 conn->server_info->sanitized_username,3348 pdb_get_domain(conn->server_info->sam_account),3349 comment);3350 if (comment) {3351 return false;3352 }3353 3914 if (mdrcnt - struct_len <= 0) { 3354 3915 return false; 3355 3916 } 3356 3917 push_ascii(p2, 3357 comment,3918 info.info101->comment, 3358 3919 MIN(mdrcnt - struct_len, 3359 3920 MAX_SERVER_STRING_LENGTH), … … 3370 3931 } 3371 3932 3933 errcode = NERR_Success; 3934 3935 out: 3936 3372 3937 *rdata_len = PTR_DIFF(p2,*rdata); 3373 3938 … … 3377 3942 return False; 3378 3943 } 3379 SSVAL(*rparam,0, NERR_Success);3944 SSVAL(*rparam,0,errcode); 3380 3945 SSVAL(*rparam,2,0); /* converter word */ 3381 3946 SSVAL(*rparam,4,*rdata_len); … … 3388 3953 ****************************************************************************/ 3389 3954 3390 static bool api_NetWkstaGetInfo(connection_struct *conn,uint16 vuid, 3955 static bool api_NetWkstaGetInfo(struct smbd_server_connection *sconn, 3956 connection_struct *conn,uint16 vuid, 3391 3957 char *param, int tpscnt, 3392 3958 char *data, int tdscnt, … … 3446 4012 3447 4013 SIVAL(p,0,PTR_DIFF(p2,*rdata)); 3448 strlcpy(p2,conn->se rver_info->sanitized_username,PTR_DIFF(endp,p2));4014 strlcpy(p2,conn->session_info->sanitized_username,PTR_DIFF(endp,p2)); 3449 4015 p2 = skip_string(*rdata,*rdata_len,p2); 3450 4016 if (!p2) { … … 3493 4059 3494 4060 struct user_info_11 { 3495 char usri11_name[21]; 0-20 3496 char usri11_pad; 21 3497 char *usri11_comment; 22-25 4061 char usri11_name[21]; 0-20 4062 char usri11_pad; 21 4063 char *usri11_comment; 22-25 3498 4064 char *usri11_usr_comment; 26-29 3499 4065 unsigned short usri11_priv; 30-31 … … 3628 4194 ****************************************************************************/ 3629 4195 3630 #define usri11_name 0 4196 #define usri11_name 0 3631 4197 #define usri11_pad 21 3632 4198 #define usri11_comment 22 … … 3651 4217 #define usri11_end 86 3652 4218 3653 #define USER_PRIV_GUEST 0 3654 #define USER_PRIV_USER 1 3655 #define USER_PRIV_ADMIN 2 3656 3657 #define AF_OP_PRINT 0 3658 #define AF_OP_COMM 1 3659 #define AF_OP_SERVER 2 3660 #define AF_OP_ACCOUNTS 3 3661 3662 3663 static bool api_RNetUserGetInfo(connection_struct *conn, uint16 vuid, 4219 static bool api_RNetUserGetInfo(struct smbd_server_connection *sconn, 4220 connection_struct *conn, uint16 vuid, 3664 4221 char *param, int tpscnt, 3665 4222 char *data, int tdscnt, … … 3668 4225 int *rdata_len,int *rparam_len) 3669 4226 { 3670 struct smbd_server_connection *sconn = smbd_server_conn;3671 4227 char *str1 = get_safe_str_ptr(param,tpscnt,param,2); 3672 4228 char *str2 = skip_string(param,tpscnt,str1); … … 3678 4234 const char *level_string; 3679 4235 3680 /* get NIS home of a previously validated user - simeon */ 3681 /* With share level security vuid will always be zero. 3682 Don't depend on vuser being non-null !!. JRA */ 3683 user_struct *vuser = get_valid_user_struct(sconn, vuid); 3684 if(vuser != NULL) { 3685 DEBUG(3,(" Username of UID %d is %s\n", 3686 (int)vuser->server_info->utok.uid, 3687 vuser->server_info->unix_name)); 3688 } 4236 TALLOC_CTX *mem_ctx = talloc_tos(); 4237 NTSTATUS status, result; 4238 struct rpc_pipe_client *cli = NULL; 4239 struct policy_handle connect_handle, domain_handle, user_handle; 4240 struct lsa_String domain_name; 4241 struct dom_sid2 *domain_sid; 4242 struct lsa_String names; 4243 struct samr_Ids rids; 4244 struct samr_Ids types; 4245 int errcode = W_ERROR_V(WERR_USER_NOT_FOUND); 4246 uint32_t rid; 4247 union samr_UserInfo *info; 4248 struct dcerpc_binding_handle *b = NULL; 3689 4249 3690 4250 if (!str1 || !str2 || !UserName || !p) { … … 3723 4283 } 3724 4284 3725 SSVAL(*rparam,0,NERR_Success);3726 SSVAL(*rparam,2,0); /* converter word */3727 3728 4285 p = *rdata; 3729 4286 endp = *rdata + *rdata_len; … … 3731 4288 if (!p2) { 3732 4289 return False; 4290 } 4291 4292 ZERO_STRUCT(connect_handle); 4293 ZERO_STRUCT(domain_handle); 4294 ZERO_STRUCT(user_handle); 4295 4296 status = rpc_pipe_open_interface(mem_ctx, &ndr_table_samr.syntax_id, 4297 conn->session_info, 4298 &conn->sconn->client_id, 4299 conn->sconn->msg_ctx, 4300 &cli); 4301 if (!NT_STATUS_IS_OK(status)) { 4302 DEBUG(0,("api_RNetUserGetInfo: could not connect to samr: %s\n", 4303 nt_errstr(status))); 4304 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4305 goto out; 4306 } 4307 4308 b = cli->binding_handle; 4309 4310 status = dcerpc_samr_Connect2(b, mem_ctx, 4311 global_myname(), 4312 SAMR_ACCESS_CONNECT_TO_SERVER | 4313 SAMR_ACCESS_ENUM_DOMAINS | 4314 SAMR_ACCESS_LOOKUP_DOMAIN, 4315 &connect_handle, 4316 &result); 4317 if (!NT_STATUS_IS_OK(status)) { 4318 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4319 goto out; 4320 } 4321 if (!NT_STATUS_IS_OK(result)) { 4322 errcode = W_ERROR_V(ntstatus_to_werror(result)); 4323 goto out; 4324 } 4325 4326 init_lsa_String(&domain_name, get_global_sam_name()); 4327 4328 status = dcerpc_samr_LookupDomain(b, mem_ctx, 4329 &connect_handle, 4330 &domain_name, 4331 &domain_sid, 4332 &result); 4333 if (!NT_STATUS_IS_OK(status)) { 4334 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4335 goto out; 4336 } 4337 if (!NT_STATUS_IS_OK(result)) { 4338 errcode = W_ERROR_V(ntstatus_to_werror(result)); 4339 goto out; 4340 } 4341 4342 status = dcerpc_samr_OpenDomain(b, mem_ctx, 4343 &connect_handle, 4344 SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT, 4345 domain_sid, 4346 &domain_handle, 4347 &result); 4348 if (!NT_STATUS_IS_OK(status)) { 4349 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4350 goto out; 4351 } 4352 if (!NT_STATUS_IS_OK(result)) { 4353 errcode = W_ERROR_V(ntstatus_to_werror(result)); 4354 goto out; 4355 } 4356 4357 init_lsa_String(&names, UserName); 4358 4359 status = dcerpc_samr_LookupNames(b, mem_ctx, 4360 &domain_handle, 4361 1, 4362 &names, 4363 &rids, 4364 &types, 4365 &result); 4366 if (!NT_STATUS_IS_OK(status)) { 4367 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4368 goto out; 4369 } 4370 if (!NT_STATUS_IS_OK(result)) { 4371 errcode = W_ERROR_V(ntstatus_to_werror(result)); 4372 goto out; 4373 } 4374 4375 if (rids.count != 1) { 4376 errcode = W_ERROR_V(WERR_NO_SUCH_USER); 4377 goto out; 4378 } 4379 if (rids.count != types.count) { 4380 errcode = W_ERROR_V(WERR_INVALID_PARAM); 4381 goto out; 4382 } 4383 if (types.ids[0] != SID_NAME_USER) { 4384 errcode = W_ERROR_V(WERR_INVALID_PARAM); 4385 goto out; 4386 } 4387 4388 rid = rids.ids[0]; 4389 4390 status = dcerpc_samr_OpenUser(b, mem_ctx, 4391 &domain_handle, 4392 SAMR_USER_ACCESS_GET_LOCALE | 4393 SAMR_USER_ACCESS_GET_LOGONINFO | 4394 SAMR_USER_ACCESS_GET_ATTRIBUTES | 4395 SAMR_USER_ACCESS_GET_GROUPS | 4396 SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP | 4397 SEC_STD_READ_CONTROL, 4398 rid, 4399 &user_handle, 4400 &result); 4401 if (!NT_STATUS_IS_OK(status)) { 4402 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4403 goto out; 4404 } 4405 if (!NT_STATUS_IS_OK(result)) { 4406 errcode = W_ERROR_V(ntstatus_to_werror(result)); 4407 goto out; 4408 } 4409 4410 status = dcerpc_samr_QueryUserInfo2(b, mem_ctx, 4411 &user_handle, 4412 UserAllInformation, 4413 &info, 4414 &result); 4415 if (!NT_STATUS_IS_OK(status)) { 4416 errcode = W_ERROR_V(ntstatus_to_werror(status)); 4417 goto out; 4418 } 4419 if (!NT_STATUS_IS_OK(result)) { 4420 errcode = W_ERROR_V(ntstatus_to_werror(result)); 4421 goto out; 3733 4422 } 3734 4423 … … 3758 4447 /* EEK! the cifsrap.txt doesn't have this in!!!! */ 3759 4448 SIVAL(p,usri11_full_name,PTR_DIFF(p2,p)); /* full name */ 3760 strlcpy(p2,((vuser != NULL) 3761 ? pdb_get_fullname(vuser->server_info->sam_account) 3762 : UserName),PTR_DIFF(endp,p2)); 4449 strlcpy(p2,info->info21.full_name.string,PTR_DIFF(endp,p2)); 3763 4450 p2 = skip_string(*rdata,*rdata_len,p2); 3764 4451 if (!p2) { … … 3768 4455 3769 4456 if (uLevel == 11) { 3770 const char *homedir = ""; 3771 if (vuser != NULL) { 3772 homedir = pdb_get_homedir( 3773 vuser->server_info->sam_account); 3774 } 4457 const char *homedir = info->info21.home_directory.string; 3775 4458 /* modelled after NTAS 3.51 reply */ 3776 SSVAL(p,usri11_priv,conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); 4459 SSVAL(p,usri11_priv, 4460 (get_current_uid(conn) == sec_initial_uid())? 4461 USER_PRIV_ADMIN:USER_PRIV_USER); 3777 4462 SIVAL(p,usri11_auth_flags,AF_OP_PRINT); /* auth flags */ 3778 4463 SIVALS(p,usri11_password_age,-1); /* password age */ … … 3827 4512 SIVALS(p,38,-1); /* password age */ 3828 4513 SSVAL(p,42, 3829 conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); 4514 (get_current_uid(conn) == sec_initial_uid())? 4515 USER_PRIV_ADMIN:USER_PRIV_USER); 3830 4516 SIVAL(p,44,PTR_DIFF(p2,*rdata)); /* home dir */ 3831 strlcpy(p2, vuser ? pdb_get_homedir( 3832 vuser->server_info->sam_account) : "", 4517 strlcpy(p2, info->info21.home_directory.string, 3833 4518 PTR_DIFF(endp,p2)); 3834 4519 p2 = skip_string(*rdata,*rdata_len,p2); … … 3840 4525 SSVAL(p,52,0); /* flags */ 3841 4526 SIVAL(p,54,PTR_DIFF(p2,*rdata)); /* script_path */ 3842 strlcpy(p2, vuser ? pdb_get_logon_script( 3843 vuser->server_info->sam_account) : "", 4527 strlcpy(p2, info->info21.logon_script.string, 3844 4528 PTR_DIFF(endp,p2)); 3845 4529 p2 = skip_string(*rdata,*rdata_len,p2); … … 3848 4532 } 3849 4533 if (uLevel == 2) { 3850 SIVAL(p,60,0); /* auth_flags */ 3851 SIVAL(p,64,PTR_DIFF(p2,*rdata)); /* full_name */ 3852 strlcpy(p2,((vuser != NULL) 3853 ? pdb_get_fullname(vuser->server_info->sam_account) 3854 : UserName),PTR_DIFF(endp,p2)); 4534 SIVAL(p,58,0); /* auth_flags */ 4535 SIVAL(p,62,PTR_DIFF(p2,*rdata)); /* full_name */ 4536 strlcpy(p2,info->info21.full_name.string,PTR_DIFF(endp,p2)); 3855 4537 p2 = skip_string(*rdata,*rdata_len,p2); 3856 4538 if (!p2) { 3857 4539 return False; 3858 4540 } 3859 SIVAL(p,6 8,0); /* urs_comment */3860 SIVAL(p,7 2,PTR_DIFF(p2,*rdata)); /* parms */4541 SIVAL(p,66,0); /* urs_comment */ 4542 SIVAL(p,70,PTR_DIFF(p2,*rdata)); /* parms */ 3861 4543 strlcpy(p2,"",PTR_DIFF(endp,p2)); 3862 4544 p2 = skip_string(*rdata,*rdata_len,p2); … … 3864 4546 return False; 3865 4547 } 3866 SIVAL(p,7 6,0); /* workstations */3867 SIVAL(p, 80,0); /* last_logon */3868 SIVAL(p,8 4,0); /* last_logoff */3869 SIVALS(p,8 8,-1); /* acct_expires */3870 SIVALS(p,9 2,-1); /* max_storage */3871 SSVAL(p,9 6,168); /* units_per_week */3872 SIVAL(p,9 8,PTR_DIFF(p2,*rdata)); /* logon_hours */4548 SIVAL(p,74,0); /* workstations */ 4549 SIVAL(p,78,0); /* last_logon */ 4550 SIVAL(p,82,0); /* last_logoff */ 4551 SIVALS(p,86,-1); /* acct_expires */ 4552 SIVALS(p,90,-1); /* max_storage */ 4553 SSVAL(p,94,168); /* units_per_week */ 4554 SIVAL(p,96,PTR_DIFF(p2,*rdata)); /* logon_hours */ 3873 4555 memset(p2,-1,21); 3874 4556 p2 += 21; 3875 SSVALS(p,10 2,-1); /* bad_pw_count */3876 SSVALS(p,10 4,-1); /* num_logons */3877 SIVAL(p,10 6,PTR_DIFF(p2,*rdata)); /* logon_server */4557 SSVALS(p,100,-1); /* bad_pw_count */ 4558 SSVALS(p,102,-1); /* num_logons */ 4559 SIVAL(p,104,PTR_DIFF(p2,*rdata)); /* logon_server */ 3878 4560 { 3879 4561 TALLOC_CTX *ctx = talloc_tos(); … … 3905 4587 return False; 3906 4588 } 3907 SSVAL(p,110,49); /* country_code */ 3908 SSVAL(p,112,860); /* code page */ 3909 } 3910 } 3911 4589 SSVAL(p,108,49); /* country_code */ 4590 SSVAL(p,110,860); /* code page */ 4591 } 4592 } 4593 4594 errcode = NERR_Success; 4595 4596 out: 3912 4597 *rdata_len = PTR_DIFF(p2,*rdata); 3913 4598 4599 if (b && is_valid_policy_hnd(&user_handle)) { 4600 dcerpc_samr_Close(b, mem_ctx, &user_handle, &result); 4601 } 4602 if (b && is_valid_policy_hnd(&domain_handle)) { 4603 dcerpc_samr_Close(b, mem_ctx, &domain_handle, &result); 4604 } 4605 if (b && is_valid_policy_hnd(&connect_handle)) { 4606 dcerpc_samr_Close(b, mem_ctx, &connect_handle, &result); 4607 } 4608 4609 SSVAL(*rparam,0,errcode); 4610 SSVAL(*rparam,2,0); /* converter word */ 3914 4611 SSVAL(*rparam,4,*rdata_len); /* is this right?? */ 3915 4612 … … 3917 4614 } 3918 4615 3919 static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, 4616 static bool api_WWkstaUserLogon(struct smbd_server_connection *sconn, 4617 connection_struct *conn,uint16 vuid, 3920 4618 char *param, int tpscnt, 3921 4619 char *data, int tdscnt, … … 3924 4622 int *rdata_len,int *rparam_len) 3925 4623 { 3926 struct smbd_server_connection *sconn = smbd_server_conn;3927 4624 char *str1 = get_safe_str_ptr(param,tpscnt,param,2); 3928 4625 char *str2 = skip_string(param,tpscnt,str1); … … 3941 4638 if(vuser != NULL) { 3942 4639 DEBUG(3,(" Username of UID %d is %s\n", 3943 (int)vuser->se rver_info->utok.uid,3944 vuser->se rver_info->unix_name));4640 (int)vuser->session_info->utok.uid, 4641 vuser->session_info->unix_name)); 3945 4642 } 3946 4643 … … 3978 4675 PACKS(&desc,"B21",name); /* eff. name */ 3979 4676 PACKS(&desc,"B",""); /* pad */ 3980 PACKI(&desc,"W", conn->admin_user?USER_PRIV_ADMIN:USER_PRIV_USER); 4677 PACKI(&desc,"W", 4678 (get_current_uid(conn) == sec_initial_uid())? 4679 USER_PRIV_ADMIN:USER_PRIV_USER); 3981 4680 PACKI(&desc,"D",0); /* auth flags XXX */ 3982 4681 PACKI(&desc,"W",0); /* num logons */ … … 3999 4698 4000 4699 PACKS(&desc,"z",lp_workgroup());/* domain */ 4001 PACKS(&desc,"z", vuser ? pdb_get_logon_script( 4002 vuser->server_info->sam_account) : ""); /* script path */ 4700 PACKS(&desc,"z", vuser ? 4701 vuser->session_info->info3->base.logon_script.string 4702 : ""); /* script path */ 4003 4703 PACKI(&desc,"D",0x00000000); /* reserved */ 4004 4704 } … … 4023 4723 ****************************************************************************/ 4024 4724 4025 static bool api_WAccessGetUserPerms(connection_struct *conn,uint16 vuid, 4725 static bool api_WAccessGetUserPerms(struct smbd_server_connection *sconn, 4726 connection_struct *conn,uint16 vuid, 4026 4727 char *param, int tpscnt, 4027 4728 char *data, int tdscnt, … … 4068 4769 ****************************************************************************/ 4069 4770 4070 static bool api_WPrintJobGetInfo(connection_struct *conn, uint16 vuid, 4771 static bool api_WPrintJobGetInfo(struct smbd_server_connection *sconn, 4772 connection_struct *conn, uint16 vuid, 4071 4773 char *param, int tpscnt, 4072 4774 char *data, int tdscnt, … … 4079 4781 char *p = skip_string(param,tpscnt,str2); 4080 4782 int uLevel; 4081 int count;4082 int i;4083 int snum;4084 4783 fstring sharename; 4085 4784 uint32 jobid; 4086 4785 struct pack_desc desc; 4087 print_queue_struct *queue=NULL;4088 print_status_struct status;4089 4786 char *tmpdata=NULL; 4787 4788 TALLOC_CTX *mem_ctx = talloc_tos(); 4789 WERROR werr; 4790 NTSTATUS status; 4791 struct rpc_pipe_client *cli = NULL; 4792 struct dcerpc_binding_handle *b = NULL; 4793 struct policy_handle handle; 4794 struct spoolss_DevmodeContainer devmode_ctr; 4795 union spoolss_JobInfo info; 4090 4796 4091 4797 if (!str1 || !str2 || !p) { … … 4112 4818 } 4113 4819 4114 snum = lp_servicenumber( sharename); 4115 if (snum < 0 || !VALID_SNUM(snum)) { 4116 return(False); 4117 } 4118 4119 count = print_queue_status(snum,&queue,&status); 4120 for (i = 0; i < count; i++) { 4121 if (queue[i].job == jobid) { 4122 break; 4123 } 4820 ZERO_STRUCT(handle); 4821 4822 status = rpc_pipe_open_interface(conn, 4823 &ndr_table_spoolss.syntax_id, 4824 conn->session_info, 4825 &conn->sconn->client_id, 4826 conn->sconn->msg_ctx, 4827 &cli); 4828 if (!NT_STATUS_IS_OK(status)) { 4829 DEBUG(0,("api_WPrintJobGetInfo: could not connect to spoolss: %s\n", 4830 nt_errstr(status))); 4831 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 4832 goto out; 4833 } 4834 b = cli->binding_handle; 4835 4836 ZERO_STRUCT(devmode_ctr); 4837 4838 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 4839 sharename, 4840 "RAW", 4841 devmode_ctr, 4842 PRINTER_ACCESS_USE, 4843 &handle, 4844 &werr); 4845 if (!NT_STATUS_IS_OK(status)) { 4846 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 4847 goto out; 4848 } 4849 if (!W_ERROR_IS_OK(werr)) { 4850 desc.errcode = W_ERROR_V(werr); 4851 goto out; 4852 } 4853 4854 werr = rpccli_spoolss_getjob(cli, mem_ctx, 4855 &handle, 4856 jobid, 4857 2, /* level */ 4858 0, /* offered */ 4859 &info); 4860 if (!W_ERROR_IS_OK(werr)) { 4861 desc.errcode = W_ERROR_V(werr); 4862 goto out; 4124 4863 } 4125 4864 … … 4141 4880 4142 4881 if (init_package(&desc,1,0)) { 4143 if (i < count) { 4144 fill_printjob_info(conn,snum,uLevel,&desc,&queue[i],i); 4145 *rdata_len = desc.usedlen; 4146 } else { 4147 desc.errcode = NERR_JobNotFound; 4148 *rdata_len = 0; 4149 } 4882 fill_spoolss_printjob_info(uLevel, &desc, &info.info2, info.info2.position); 4883 *rdata_len = desc.usedlen; 4884 } else { 4885 desc.errcode = NERR_JobNotFound; 4886 *rdata_len = 0; 4887 } 4888 out: 4889 if (b && is_valid_policy_hnd(&handle)) { 4890 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 4150 4891 } 4151 4892 … … 4159 4900 SSVAL(*rparam,4,desc.neededlen); 4160 4901 4161 SAFE_FREE(queue);4162 4902 SAFE_FREE(tmpdata); 4163 4903 … … 4167 4907 } 4168 4908 4169 static bool api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, 4909 static bool api_WPrintJobEnumerate(struct smbd_server_connection *sconn, 4910 connection_struct *conn, uint16 vuid, 4170 4911 char *param, int tpscnt, 4171 4912 char *data, int tdscnt, … … 4179 4920 char *name = p; 4180 4921 int uLevel; 4181 int count;4182 4922 int i, succnt=0; 4183 int snum;4184 4923 struct pack_desc desc; 4185 print_queue_struct *queue=NULL; 4186 print_status_struct status; 4924 4925 TALLOC_CTX *mem_ctx = talloc_tos(); 4926 WERROR werr; 4927 NTSTATUS status; 4928 struct rpc_pipe_client *cli = NULL; 4929 struct dcerpc_binding_handle *b = NULL; 4930 struct policy_handle handle; 4931 struct spoolss_DevmodeContainer devmode_ctr; 4932 uint32_t count = 0; 4933 union spoolss_JobInfo *info; 4187 4934 4188 4935 if (!str1 || !str2 || !p) { … … 4191 4938 4192 4939 memset((char *)&desc,'\0',sizeof(desc)); 4193 memset((char *)&status,'\0',sizeof(status));4194 4940 4195 4941 p = skip_string(param,tpscnt,p); … … 4210 4956 } 4211 4957 4212 if (!check_printjob_info(&desc,uLevel,str2)) { 4213 return False; 4214 } 4215 4216 snum = find_service(name); 4217 if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) { 4218 return False; 4219 } 4220 4221 count = print_queue_status(snum,&queue,&status); 4958 if (!check_printjob_info(&desc,uLevel,str2)) { 4959 return False; 4960 } 4961 4962 ZERO_STRUCT(handle); 4963 4964 status = rpc_pipe_open_interface(conn, 4965 &ndr_table_spoolss.syntax_id, 4966 conn->session_info, 4967 &conn->sconn->client_id, 4968 conn->sconn->msg_ctx, 4969 &cli); 4970 if (!NT_STATUS_IS_OK(status)) { 4971 DEBUG(0,("api_WPrintJobEnumerate: could not connect to spoolss: %s\n", 4972 nt_errstr(status))); 4973 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 4974 goto out; 4975 } 4976 b = cli->binding_handle; 4977 4978 ZERO_STRUCT(devmode_ctr); 4979 4980 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 4981 name, 4982 NULL, 4983 devmode_ctr, 4984 SEC_FLAG_MAXIMUM_ALLOWED, 4985 &handle, 4986 &werr); 4987 if (!NT_STATUS_IS_OK(status)) { 4988 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 4989 goto out; 4990 } 4991 if (!W_ERROR_IS_OK(werr)) { 4992 desc.errcode = W_ERROR_V(werr); 4993 goto out; 4994 } 4995 4996 werr = rpccli_spoolss_enumjobs(cli, mem_ctx, 4997 &handle, 4998 0, /* firstjob */ 4999 0xff, /* numjobs */ 5000 2, /* level */ 5001 0, /* offered */ 5002 &count, 5003 &info); 5004 if (!W_ERROR_IS_OK(werr)) { 5005 desc.errcode = W_ERROR_V(werr); 5006 goto out; 5007 } 5008 4222 5009 if (mdrcnt > 0) { 4223 5010 *rdata = smb_realloc_limit(*rdata,mdrcnt); … … 4232 5019 succnt = 0; 4233 5020 for (i = 0; i < count; i++) { 4234 fill_ printjob_info(conn,snum,uLevel,&desc,&queue[i],i);5021 fill_spoolss_printjob_info(uLevel, &desc, &info[i].info2, i); 4235 5022 if (desc.errcode == NERR_Success) { 4236 5023 succnt = i+1; 4237 5024 } 4238 5025 } 5026 } 5027 out: 5028 if (b && is_valid_policy_hnd(&handle)) { 5029 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 4239 5030 } 4240 5031 … … 4250 5041 SSVAL(*rparam,4,succnt); 4251 5042 SSVAL(*rparam,6,count); 4252 4253 SAFE_FREE(queue);4254 5043 4255 5044 DEBUG(4,("WPrintJobEnumerate: errorcode %d\n",desc.errcode)); … … 4281 5070 } 4282 5071 if (id == NULL || strcmp(desc->format,id) != 0) { 4283 DEBUG(0,("check_printdest_info: invalid string %s\n", 5072 DEBUG(0,("check_printdest_info: invalid string %s\n", 4284 5073 id ? id : "<NULL>" )); 4285 5074 return False; … … 4288 5077 } 4289 5078 4290 static void fill_printdest_info( connection_struct *conn, int snum, int uLevel,5079 static void fill_printdest_info(struct spoolss_PrinterInfo2 *info2, int uLevel, 4291 5080 struct pack_desc* desc) 4292 5081 { 4293 5082 char buf[100]; 4294 5083 4295 strncpy(buf, SERVICE(snum),sizeof(buf)-1);5084 strncpy(buf, info2->printername, sizeof(buf)-1); 4296 5085 buf[sizeof(buf)-1] = 0; 4297 5086 strupper_m(buf); … … 4324 5113 } 4325 5114 4326 static bool api_WPrintDestGetInfo(connection_struct *conn, uint16 vuid, 5115 static bool api_WPrintDestGetInfo(struct smbd_server_connection *sconn, 5116 connection_struct *conn, uint16 vuid, 4327 5117 char *param, int tpscnt, 4328 5118 char *data, int tdscnt, … … 4337 5127 int uLevel; 4338 5128 struct pack_desc desc; 4339 int snum;4340 5129 char *tmpdata=NULL; 5130 5131 TALLOC_CTX *mem_ctx = talloc_tos(); 5132 WERROR werr; 5133 NTSTATUS status; 5134 struct rpc_pipe_client *cli = NULL; 5135 struct dcerpc_binding_handle *b = NULL; 5136 struct policy_handle handle; 5137 struct spoolss_DevmodeContainer devmode_ctr; 5138 union spoolss_PrinterInfo info; 4341 5139 4342 5140 if (!str1 || !str2 || !p) { … … 4362 5160 } 4363 5161 4364 snum = find_service(PrinterName); 4365 if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) { 5162 ZERO_STRUCT(handle); 5163 5164 status = rpc_pipe_open_interface(conn, 5165 &ndr_table_spoolss.syntax_id, 5166 conn->session_info, 5167 &conn->sconn->client_id, 5168 conn->sconn->msg_ctx, 5169 &cli); 5170 if (!NT_STATUS_IS_OK(status)) { 5171 DEBUG(0,("api_WPrintDestGetInfo: could not connect to spoolss: %s\n", 5172 nt_errstr(status))); 5173 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 5174 goto out; 5175 } 5176 b = cli->binding_handle; 5177 5178 ZERO_STRUCT(devmode_ctr); 5179 5180 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx, 5181 PrinterName, 5182 NULL, 5183 devmode_ctr, 5184 SEC_FLAG_MAXIMUM_ALLOWED, 5185 &handle, 5186 &werr); 5187 if (!NT_STATUS_IS_OK(status)) { 4366 5188 *rdata_len = 0; 4367 5189 desc.errcode = NERR_DestNotFound; 4368 5190 desc.neededlen = 0; 5191 goto out; 5192 } 5193 if (!W_ERROR_IS_OK(werr)) { 5194 *rdata_len = 0; 5195 desc.errcode = NERR_DestNotFound; 5196 desc.neededlen = 0; 5197 goto out; 5198 } 5199 5200 werr = rpccli_spoolss_getprinter(cli, mem_ctx, 5201 &handle, 5202 2, 5203 0, 5204 &info); 5205 if (!W_ERROR_IS_OK(werr)) { 5206 *rdata_len = 0; 5207 desc.errcode = NERR_DestNotFound; 5208 desc.neededlen = 0; 5209 goto out; 5210 } 5211 5212 if (mdrcnt > 0) { 5213 *rdata = smb_realloc_limit(*rdata,mdrcnt); 5214 if (!*rdata) { 5215 return False; 5216 } 5217 desc.base = *rdata; 5218 desc.buflen = mdrcnt; 4369 5219 } else { 4370 if (mdrcnt > 0) { 4371 *rdata = smb_realloc_limit(*rdata,mdrcnt); 4372 if (!*rdata) { 4373 return False; 4374 } 4375 desc.base = *rdata; 4376 desc.buflen = mdrcnt; 4377 } else { 4378 /* 4379 * Don't return data but need to get correct length 4380 * init_package will return wrong size if buflen=0 4381 */ 4382 desc.buflen = getlen(desc.format); 4383 desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); 4384 } 4385 if (init_package(&desc,1,0)) { 4386 fill_printdest_info(conn,snum,uLevel,&desc); 4387 } 4388 *rdata_len = desc.usedlen; 4389 } 5220 /* 5221 * Don't return data but need to get correct length 5222 * init_package will return wrong size if buflen=0 5223 */ 5224 desc.buflen = getlen(desc.format); 5225 desc.base = tmpdata = (char *)SMB_MALLOC( desc.buflen ); 5226 } 5227 if (init_package(&desc,1,0)) { 5228 fill_printdest_info(&info.info2, uLevel,&desc); 5229 } 5230 5231 out: 5232 if (b && is_valid_policy_hnd(&handle)) { 5233 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr); 5234 } 5235 5236 *rdata_len = desc.usedlen; 4390 5237 4391 5238 *rparam_len = 6; … … 4404 5251 } 4405 5252 4406 static bool api_WPrintDestEnum(connection_struct *conn, uint16 vuid, 5253 static bool api_WPrintDestEnum(struct smbd_server_connection *sconn, 5254 connection_struct *conn, uint16 vuid, 4407 5255 char *param, int tpscnt, 4408 5256 char *data, int tdscnt, … … 4418 5266 int i, n, succnt=0; 4419 5267 struct pack_desc desc; 4420 int services = lp_numservices(); 5268 5269 TALLOC_CTX *mem_ctx = talloc_tos(); 5270 WERROR werr; 5271 NTSTATUS status; 5272 struct rpc_pipe_client *cli = NULL; 5273 union spoolss_PrinterInfo *info; 5274 uint32_t count; 4421 5275 4422 5276 if (!str1 || !str2 || !p) { … … 4439 5293 4440 5294 queuecnt = 0; 4441 for (i = 0; i < services; i++) { 4442 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { 4443 queuecnt++; 4444 } 4445 } 5295 5296 status = rpc_pipe_open_interface(conn, 5297 &ndr_table_spoolss.syntax_id, 5298 conn->session_info, 5299 &conn->sconn->client_id, 5300 conn->sconn->msg_ctx, 5301 &cli); 5302 if (!NT_STATUS_IS_OK(status)) { 5303 DEBUG(0,("api_WPrintDestEnum: could not connect to spoolss: %s\n", 5304 nt_errstr(status))); 5305 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 5306 goto out; 5307 } 5308 5309 werr = rpccli_spoolss_enumprinters(cli, mem_ctx, 5310 PRINTER_ENUM_LOCAL, 5311 cli->srv_name_slash, 5312 2, 5313 0, 5314 &count, 5315 &info); 5316 if (!W_ERROR_IS_OK(werr)) { 5317 desc.errcode = W_ERROR_V(werr); 5318 *rdata_len = 0; 5319 desc.errcode = NERR_DestNotFound; 5320 desc.neededlen = 0; 5321 goto out; 5322 } 5323 5324 queuecnt = count; 4446 5325 4447 5326 if (mdrcnt > 0) { … … 4454 5333 desc.base = *rdata; 4455 5334 desc.buflen = mdrcnt; 4456 if (init_package(&desc,queuecnt,0)) { 5335 if (init_package(&desc,queuecnt,0)) { 4457 5336 succnt = 0; 4458 5337 n = 0; 4459 for (i = 0; i < services; i++) { 4460 if (lp_snum_ok(i) && lp_print_ok(i) && lp_browseable(i)) { 4461 fill_printdest_info(conn,i,uLevel,&desc); 4462 n++; 4463 if (desc.errcode == NERR_Success) { 4464 succnt = n; 4465 } 5338 for (i = 0; i < count; i++) { 5339 fill_printdest_info(&info[i].info2, uLevel,&desc); 5340 n++; 5341 if (desc.errcode == NERR_Success) { 5342 succnt = n; 4466 5343 } 4467 5344 } 4468 5345 } 4469 5346 out: 4470 5347 *rdata_len = desc.usedlen; 4471 5348 … … 4485 5362 } 4486 5363 4487 static bool api_WPrintDriverEnum(connection_struct *conn, uint16 vuid, 5364 static bool api_WPrintDriverEnum(struct smbd_server_connection *sconn, 5365 connection_struct *conn, uint16 vuid, 4488 5366 char *param, int tpscnt, 4489 5367 char *data, int tdscnt, … … 4548 5426 } 4549 5427 4550 static bool api_WPrintQProcEnum(connection_struct *conn, uint16 vuid, 5428 static bool api_WPrintQProcEnum(struct smbd_server_connection *sconn, 5429 connection_struct *conn, uint16 vuid, 4551 5430 char *param, int tpscnt, 4552 5431 char *data, int tdscnt, … … 4611 5490 } 4612 5491 4613 static bool api_WPrintPortEnum(connection_struct *conn, uint16 vuid, 5492 static bool api_WPrintPortEnum(struct smbd_server_connection *sconn, 5493 connection_struct *conn, uint16 vuid, 4614 5494 char *param, int tpscnt, 4615 5495 char *data, int tdscnt, … … 4680 5560 ****************************************************************************/ 4681 5561 4682 static bool api_RNetSessionEnum(connection_struct *conn, uint16 vuid, 5562 static bool api_RNetSessionEnum(struct smbd_server_connection *sconn, 5563 connection_struct *conn, uint16 vuid, 4683 5564 char *param, int tpscnt, 4684 5565 char *data, int tdscnt, … … 4693 5574 int uLevel; 4694 5575 struct pack_desc desc; 4695 struct sessionid *session_list; 4696 int i, num_sessions; 5576 int i; 5577 5578 TALLOC_CTX *mem_ctx = talloc_tos(); 5579 WERROR werr; 5580 NTSTATUS status; 5581 struct rpc_pipe_client *cli = NULL; 5582 struct dcerpc_binding_handle *b = NULL; 5583 struct srvsvc_NetSessInfoCtr info_ctr; 5584 uint32_t totalentries, resume_handle = 0; 5585 uint32_t count = 0; 4697 5586 4698 5587 if (!str1 || !str2 || !p) { … … 4700 5589 } 4701 5590 4702 memset((char *)&desc,'\0',sizeof(desc));5591 ZERO_STRUCT(desc); 4703 5592 4704 5593 uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); … … 4716 5605 } 4717 5606 4718 num_sessions = list_sessions(talloc_tos(), &session_list); 4719 5607 status = rpc_pipe_open_interface(conn, 5608 &ndr_table_srvsvc.syntax_id, 5609 conn->session_info, 5610 &conn->sconn->client_id, 5611 conn->sconn->msg_ctx, 5612 &cli); 5613 if (!NT_STATUS_IS_OK(status)) { 5614 DEBUG(0,("RNetSessionEnum: could not connect to srvsvc: %s\n", 5615 nt_errstr(status))); 5616 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 5617 goto out; 5618 } 5619 b = cli->binding_handle; 5620 5621 info_ctr.level = 1; 5622 info_ctr.ctr.ctr1 = talloc_zero(talloc_tos(), struct srvsvc_NetSessCtr1); 5623 if (info_ctr.ctr.ctr1 == NULL) { 5624 desc.errcode = W_ERROR_V(WERR_NOMEM); 5625 goto out; 5626 } 5627 5628 status = dcerpc_srvsvc_NetSessEnum(b, mem_ctx, 5629 cli->srv_name_slash, 5630 NULL, /* client */ 5631 NULL, /* user */ 5632 &info_ctr, 5633 (uint32_t)-1, /* max_buffer */ 5634 &totalentries, 5635 &resume_handle, 5636 &werr); 5637 if (!NT_STATUS_IS_OK(status)) { 5638 DEBUG(0,("RNetSessionEnum: dcerpc_srvsvc_NetSessEnum failed: %s\n", 5639 nt_errstr(status))); 5640 desc.errcode = W_ERROR_V(ntstatus_to_werror(status)); 5641 goto out; 5642 } 5643 5644 if (!W_ERROR_IS_OK(werr)) { 5645 DEBUG(0,("RNetSessionEnum: dcerpc_srvsvc_NetSessEnum failed: %s\n", 5646 win_errstr(werr))); 5647 desc.errcode = W_ERROR_V(werr); 5648 goto out; 5649 } 5650 5651 count = info_ctr.ctr.ctr1->count; 5652 5653 out: 4720 5654 if (mdrcnt > 0) { 4721 5655 *rdata = smb_realloc_limit(*rdata,mdrcnt); … … 4724 5658 } 4725 5659 } 4726 memset((char *)&desc,'\0',sizeof(desc)); 5660 4727 5661 desc.base = *rdata; 4728 5662 desc.buflen = mdrcnt; 4729 5663 desc.format = str2; 4730 if (!init_package(&desc, num_sessions,0)) {4731 return False; 4732 } 4733 4734 for(i=0; i <num_sessions; i++) {4735 PACKS(&desc, "z", session_list[i].remote_machine);4736 PACKS(&desc, "z", session_list[i].username);5664 if (!init_package(&desc, count,0)) { 5665 return False; 5666 } 5667 5668 for(i=0; i < count; i++) { 5669 PACKS(&desc, "z", info_ctr.ctr.ctr1->array[i].client); 5670 PACKS(&desc, "z", info_ctr.ctr.ctr1->array[i].user); 4737 5671 PACKI(&desc, "W", 1); /* num conns */ 4738 PACKI(&desc, "W", 0); /* num opens */5672 PACKI(&desc, "W", info_ctr.ctr.ctr1->array[i].num_open); 4739 5673 PACKI(&desc, "W", 1); /* num users */ 4740 5674 PACKI(&desc, "D", 0); /* session time */ … … 4753 5687 SSVALS(*rparam,0,desc.errcode); 4754 5688 SSVAL(*rparam,2,0); /* converter */ 4755 SSVAL(*rparam,4, num_sessions); /* count */5689 SSVAL(*rparam,4, count); /* count */ 4756 5690 4757 5691 DEBUG(4,("RNetSessionEnum: errorcode %d\n",desc.errcode)); … … 4765 5699 ****************************************************************************/ 4766 5700 4767 static bool api_TooSmall(connection_struct *conn,uint16 vuid, char *param, char *data, 5701 static bool api_TooSmall(struct smbd_server_connection *sconn, 5702 connection_struct *conn,uint16 vuid, char *param, char *data, 4768 5703 int mdrcnt, int mprcnt, 4769 5704 char **rdata, char **rparam, … … 4789 5724 ****************************************************************************/ 4790 5725 4791 static bool api_Unsupported(connection_struct *conn, uint16 vuid, 5726 static bool api_Unsupported(struct smbd_server_connection *sconn, 5727 connection_struct *conn, uint16 vuid, 4792 5728 char *param, int tpscnt, 4793 5729 char *data, int tdscnt, … … 4815 5751 const char *name; 4816 5752 int id; 4817 bool (*fn)(connection_struct *, uint16, 5753 bool (*fn)(struct smbd_server_connection *sconn, 5754 connection_struct *, uint16, 4818 5755 char *, int, 4819 5756 char *, int, … … 4858 5795 /* The following RAP calls are not implemented by Samba: 4859 5796 4860 RAP_WFileEnum2 - anon not OK 5797 RAP_WFileEnum2 - anon not OK 4861 5798 */ 4862 5799 }; … … 4873 5810 int mdrcnt, int mprcnt) 4874 5811 { 4875 struct smbd_server_connection *sconn = smbd_server_conn;4876 5812 int api_command; 4877 5813 char *rdata = NULL; … … 4922 5858 4923 5859 if (api_commands[i].auth_user && lp_restrict_anonymous()) { 4924 user_struct *user = get_valid_user_struct( sconn, vuid);4925 4926 if (!user || user->se rver_info->guest) {5860 user_struct *user = get_valid_user_struct(req->sconn, vuid); 5861 5862 if (!user || user->session_info->guest) { 4927 5863 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 4928 5864 return; … … 4948 5884 } 4949 5885 4950 reply = api_commands[i].fn( conn,5886 reply = api_commands[i].fn(req->sconn, conn, 4951 5887 vuid, 4952 5888 params,tpscnt, /* params + length */ … … 4957 5893 4958 5894 if (rdata_len > mdrcnt || rparam_len > mprcnt) { 4959 reply = api_TooSmall(conn,vuid,params,data,mdrcnt,mprcnt, 5895 reply = api_TooSmall(req->sconn,conn,vuid,params,data, 5896 mdrcnt,mprcnt, 4960 5897 &rdata,&rparam,&rdata_len,&rparam_len); 4961 5898 } … … 4963 5900 /* if we get False back then it's actually unsupported */ 4964 5901 if (!reply) { 4965 reply = api_Unsupported(conn,vuid,params,tpscnt,data,tdscnt,mdrcnt,mprcnt, 5902 reply = api_Unsupported(req->sconn,conn,vuid,params,tpscnt, 5903 data, 5904 tdscnt,mdrcnt,mprcnt, 4966 5905 &rdata,&rparam,&rdata_len,&rparam_len); 4967 5906 }
Note:
See TracChangeset
for help on using the changeset viewer.
