2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Andrew Tridgell 1992-2000,
5 * Copyright (C) Jean François Micouleau 1998-2000.
6 * Copyright (C) Gerald Carter 2002-2005.
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
23 #include "printing/nt_printing_tdb.h"
24 #include "../librpc/gen_ndr/ndr_spoolss.h"
25 #include "rpc_server/spoolss/srv_spoolss_util.h"
26 #include "nt_printing.h"
28 #include "../librpc/gen_ndr/netlogon.h"
29 #include "../libcli/security/security.h"
30 #include "passdb/machine_sid.h"
31 #include "smbd/smbd.h"
32 #include "smbd/globals.h"
35 #include "rpc_server/spoolss/srv_spoolss_nt.h"
36 #include "rpc_client/cli_winreg_spoolss.h"
38 /* Map generic permissions to printer object specific permissions */
40 const struct generic_mapping printer_generic_mapping = {
47 /* Map generic permissions to print server object specific permissions */
49 const struct generic_mapping printserver_generic_mapping = {
56 /* Map generic permissions to job object specific permissions */
58 const struct generic_mapping job_generic_mapping = {
65 static const struct print_architecture_table_node archi_table[]= {
67 {"Windows 4.0", SPL_ARCH_WIN40, 0 },
68 {"Windows NT x86", SPL_ARCH_W32X86, 2 },
69 {"Windows NT R4000", SPL_ARCH_W32MIPS, 2 },
70 {"Windows NT Alpha_AXP", SPL_ARCH_W32ALPHA, 2 },
71 {"Windows NT PowerPC", SPL_ARCH_W32PPC, 2 },
72 {"Windows IA64", SPL_ARCH_IA64, 3 },
73 {"Windows x64", SPL_ARCH_X64, 3 },
77 static bool print_driver_directories_init(void)
82 TALLOC_CTX *mem_ctx = talloc_stackframe();
83 const char *dir_list[] = {
89 service = lp_servicenumber("print$");
91 /* We don't have a print$ share */
92 DEBUG(5, ("No print$ share has been configured.\n"));
97 driver_path = lp_path(mem_ctx, service);
98 if (driver_path == NULL) {
103 ok = directory_create_or_exist(driver_path, 0755);
105 DEBUG(1, ("Failed to create printer driver directory %s\n",
107 talloc_free(mem_ctx);
111 for (i = 0; archi_table[i].long_archi != NULL; i++) {
112 const char *arch_path;
114 arch_path = talloc_asprintf(mem_ctx,
117 archi_table[i].short_archi);
118 if (arch_path == NULL) {
119 talloc_free(mem_ctx);
123 ok = directory_create_or_exist(arch_path, 0755);
125 DEBUG(1, ("Failed to create printer driver "
126 "architecture directory %s\n",
128 talloc_free(mem_ctx);
133 for (i = 0; i < ARRAY_SIZE(dir_list); i++) {
136 path = talloc_asprintf(mem_ctx,
141 talloc_free(mem_ctx);
145 ok = directory_create_or_exist(path, 0755);
147 DEBUG(1, ("Failed to create printer driver "
148 "architecture directory %s\n",
150 talloc_free(mem_ctx);
155 driver_path = state_path("DriverStore");
156 if (driver_path == NULL) {
157 talloc_free(mem_ctx);
161 ok = directory_create_or_exist(driver_path, 0755);
163 DEBUG(1,("failed to create path %s\n", driver_path));
164 talloc_free(mem_ctx);
168 driver_path = state_path("DriverStore/FileRepository");
169 if (driver_path == NULL) {
170 talloc_free(mem_ctx);
174 ok = directory_create_or_exist(driver_path, 0755);
176 DEBUG(1,("failed to create path %s\n", driver_path));
177 talloc_free(mem_ctx);
181 driver_path = state_path("DriverStore/Temp");
182 if (driver_path == NULL) {
183 talloc_free(mem_ctx);
187 ok = directory_create_or_exist(driver_path, 0755);
189 DEBUG(1,("failed to create path %s\n", driver_path));
190 talloc_free(mem_ctx);
194 talloc_free(mem_ctx);
198 /****************************************************************************
199 Forward a MSG_PRINTER_DRVUPGRADE message from another smbd to the
200 background lpq updater.
201 ****************************************************************************/
203 static void forward_drv_upgrade_printer_msg(struct messaging_context *msg,
206 struct server_id server_id,
209 extern pid_t background_lpq_updater_pid;
211 if (background_lpq_updater_pid == -1) {
212 DEBUG(3,("no background lpq queue updater\n"));
216 messaging_send_buf(msg,
217 pid_to_procid(background_lpq_updater_pid),
218 MSG_PRINTER_DRVUPGRADE,
223 /****************************************************************************
224 Open the NT printing tdbs. Done once before fork().
225 ****************************************************************************/
227 bool nt_printing_init(struct messaging_context *msg_ctx)
231 if (!print_driver_directories_init()) {
235 if (!nt_printing_tdb_upgrade()) {
240 * register callback to handle updating printers as new
241 * drivers are installed. Forwards to background lpq updater.
243 messaging_register(msg_ctx, NULL, MSG_PRINTER_DRVUPGRADE,
244 forward_drv_upgrade_printer_msg);
246 if ( lp_security() == SEC_ADS ) {
247 win_rc = check_published_printers(msg_ctx);
248 if (!W_ERROR_IS_OK(win_rc))
249 DEBUG(0, ("nt_printing_init: error checking published printers: %s\n", win_errstr(win_rc)));
255 /*******************************************************************
256 Function to allow filename parsing "the old way".
257 ********************************************************************/
259 static NTSTATUS driver_unix_convert(connection_struct *conn,
260 const char *old_name,
261 struct smb_filename **smb_fname)
264 TALLOC_CTX *ctx = talloc_tos();
265 char *name = talloc_strdup(ctx, old_name);
268 return NT_STATUS_NO_MEMORY;
271 name = unix_clean_name(ctx, name);
273 return NT_STATUS_NO_MEMORY;
275 trim_string(name,"/","/");
277 status = unix_convert(ctx, conn, name, smb_fname, 0);
278 if (!NT_STATUS_IS_OK(status)) {
279 return NT_STATUS_NO_MEMORY;
285 /****************************************************************************
286 Function to do the mapping between the long architecture name and
288 ****************************************************************************/
290 const char *get_short_archi(const char *long_archi)
294 DEBUG(107,("Getting architecture dependent directory\n"));
297 } while ( (archi_table[i].long_archi!=NULL ) &&
298 strcasecmp_m(long_archi, archi_table[i].long_archi) );
300 if (archi_table[i].long_archi==NULL) {
301 DEBUGADD(10,("Unknown architecture [%s] !\n", long_archi));
305 /* this might be client code - but shouldn't this be an fstrcpy etc? */
307 DEBUGADD(108,("index: [%d]\n", i));
308 DEBUGADD(108,("long architecture: [%s]\n", archi_table[i].long_archi));
309 DEBUGADD(108,("short architecture: [%s]\n", archi_table[i].short_archi));
311 return archi_table[i].short_archi;
314 /****************************************************************************
315 Read data from fsp on the vfs.
316 ****************************************************************************/
318 static ssize_t printing_pread_data(files_struct *fsp,
324 off_t in_pos = *poff;
326 /* Don't allow integer wrap on read. */
327 if (in_pos + byte_count < in_pos) {
331 while (total < byte_count) {
332 ssize_t ret = read_file(fsp,
342 if (errno == EINTR) {
352 return (ssize_t)total;
355 /****************************************************************************
356 Detect the major and minor version of a PE file.
359 1 if file is a PE file and we got version numbers,
360 0 if this file is a PE file and we couldn't get the version numbers,
363 NB. buf is passed into and freed inside this function. This is a
364 bad API design, but fixing this is a task for another day.
365 ****************************************************************************/
367 static int handle_pe_file(files_struct *fsp,
375 unsigned int num_sections;
376 unsigned int section_table_bytes;
381 /* Just skip over optional header to get to section table */
382 rel_pos = SVAL(buf,PE_HEADER_OPTIONAL_HEADER_SIZE)-
383 (NE_HEADER_SIZE-PE_HEADER_SIZE);
385 if (in_pos + rel_pos < in_pos) {
389 in_pos = rel_pos + in_pos;
391 /* get the section table */
392 num_sections = SVAL(buf,PE_HEADER_NUMBER_OF_SECTIONS);
394 if (num_sections >= (UINT_MAX / PE_HEADER_SECT_HEADER_SIZE)) {
399 section_table_bytes = num_sections * PE_HEADER_SECT_HEADER_SIZE;
400 if (section_table_bytes == 0) {
405 buf = (char *)SMB_MALLOC(section_table_bytes);
407 DBG_ERR("PE file [%s] section table malloc "
408 "failed bytes = %d\n",
410 section_table_bytes);
414 byte_count = printing_pread_data(fsp, buf, &in_pos, section_table_bytes);
415 if (byte_count < section_table_bytes) {
416 DBG_NOTICE("PE file [%s] Section header too short, "
417 "bytes read = %lu\n",
419 (unsigned long)byte_count);
424 * Iterate the section table looking for
425 * the resource section ".rsrc"
427 for (i = 0; i < num_sections; i++) {
428 int sec_offset = i * PE_HEADER_SECT_HEADER_SIZE;
431 &buf[sec_offset+ PE_HEADER_SECT_NAME_OFFSET]) == 0) {
432 unsigned int section_pos = IVAL(buf,
434 PE_HEADER_SECT_PTR_DATA_OFFSET);
435 unsigned int section_bytes = IVAL(buf,
437 PE_HEADER_SECT_SIZE_DATA_OFFSET);
439 if (section_bytes == 0) {
444 buf=(char *)SMB_MALLOC(section_bytes);
446 DBG_ERR("PE file [%s] version malloc "
447 "failed bytes = %d\n",
454 * Read from the start of the .rsrc
457 in_pos = section_pos;
459 byte_count = printing_pread_data(fsp,
463 if (byte_count < section_bytes) {
464 DBG_NOTICE("PE file "
465 "[%s] .rsrc section too short, "
466 "bytes read = %lu\n",
468 (unsigned long)byte_count);
472 if (section_bytes < VS_VERSION_INFO_UNICODE_SIZE) {
477 i< section_bytes - VS_VERSION_INFO_UNICODE_SIZE;
480 * Scan for 1st 3 unicoded bytes
481 * followed by word aligned magic
485 bool magic_match = false;
493 if (magic_match == false) {
497 /* Align to next long address */
498 mpos = (i + sizeof(VS_SIGNATURE)*2 +
501 if (IVAL(buf,mpos) == VS_MAGIC_VALUE) {
503 mpos+ VS_MAJOR_OFFSET);
505 mpos+ VS_MINOR_OFFSET);
507 DBG_INFO("PE file [%s] Version = "
508 "%08x:%08x (%d.%d.%d.%d)\n",
523 /* Version info not found, fall back to origin date/time */
524 DBG_DEBUG("PE file [%s] has no version info\n", fname);
533 /****************************************************************************
534 Detect the major and minor version of an NE file.
537 1 if file is an NE file and we got version numbers,
538 0 if this file is an NE file and we couldn't get the version numbers,
541 NB. buf is passed into and freed inside this function. This is a
542 bad API design, but fixing this is a task for another day.
543 ****************************************************************************/
545 static int handle_ne_file(files_struct *fsp,
556 if (CVAL(buf,NE_HEADER_TARGET_OS_OFFSET) != NE_HEADER_TARGOS_WIN ) {
557 DBG_NOTICE("NE file [%s] wrong target OS = 0x%x\n",
559 CVAL(buf,NE_HEADER_TARGET_OS_OFFSET));
561 * At this point, we assume the file is in error.
562 * It still could be something else besides a NE file,
563 * but it unlikely at this point.
568 /* Allocate a bit more space to speed up things */
570 buf=(char *)SMB_MALLOC(VS_NE_BUF_SIZE);
572 DBG_ERR("NE file [%s] malloc failed bytes = %d\n",
579 * This is a HACK! I got tired of trying to sort through the
580 * messy 'NE' file format. If anyone wants to clean this up
581 * please have at it, but this works. 'NE' files will
582 * eventually fade away. JRR
584 byte_count = printing_pread_data(fsp, buf, &in_pos, VS_NE_BUF_SIZE);
585 while (byte_count > 0) {
587 * Cover case that should not occur in a well
588 * formed 'NE' .dll file
590 if (byte_count-VS_VERSION_INFO_SIZE <= 0) {
594 for(i=0; i<byte_count; i++) {
596 * Fast skip past data that can't
600 byte_count = printing_pread_data(fsp,
608 * Potential match data crosses buf boundry,
609 * move it to beginning of buf, and fill the
610 * buf with as much as it will hold.
612 if (i>byte_count-VS_VERSION_INFO_SIZE) {
614 ssize_t amount_unused = byte_count-i;
616 memmove(buf, &buf[i], amount_unused);
617 amount_read = printing_pread_data(fsp,
620 VS_NE_BUF_SIZE- amount_unused);
621 if (amount_read < 0) {
622 DBG_ERR("NE file [%s] Read "
629 if (amount_read + amount_unused <
631 /* Check for integer wrap. */
635 byte_count = amount_read +
637 if (byte_count < VS_VERSION_INFO_SIZE) {
645 * Check that the full signature string and
646 * the magic number that follows exist (not
647 * a perfect solution, but the chances that this
648 * occurs in code is, well, remote. Yes I know
649 * I'm comparing the 'V' twice, as it is
650 * simpler to read the code.
652 if (strcmp(&buf[i], VS_SIGNATURE) == 0) {
654 * Compute skip alignment to next
658 int skip = -(cpos - (byte_count - i) +
659 sizeof(VS_SIGNATURE)) & 3;
661 i+sizeof(VS_SIGNATURE)+skip)
663 byte_count = printing_pread_data(fsp,
671 i+sizeof(VS_SIGNATURE)+
672 skip+VS_MAJOR_OFFSET);
674 i+sizeof(VS_SIGNATURE)+
675 skip+VS_MINOR_OFFSET);
676 DBG_INFO("NE file [%s] Version "
677 "= %08x:%08x (%d.%d.%d.%d)\n",
691 /* Version info not found, fall back to origin date/time */
692 DBG_ERR("NE file [%s] Version info not found\n", fname);
701 /****************************************************************************
702 Version information in Microsoft files is held in a VS_VERSION_INFO structure.
703 There are two case to be covered here: PE (Portable Executable) and NE (New
704 Executable) files. Both files support the same INFO structure, but PE files
705 store the signature in unicode, and NE files store it as !unicode.
706 returns -1 on error, 1 on version info found, and 0 on no version info found.
707 ****************************************************************************/
709 static int get_file_version(files_struct *fsp,
716 off_t in_pos = fsp->fh->pos;
718 buf=(char *)SMB_MALLOC(DOS_HEADER_SIZE);
720 DBG_ERR("PE file [%s] DOS Header malloc failed bytes = %d\n",
726 byte_count = printing_pread_data(fsp, buf, &in_pos, DOS_HEADER_SIZE);
727 if (byte_count < DOS_HEADER_SIZE) {
728 DBG_NOTICE("File [%s] DOS header too short, bytes read = %lu\n",
730 (unsigned long)byte_count);
731 goto no_version_info;
734 /* Is this really a DOS header? */
735 if (SVAL(buf,DOS_HEADER_MAGIC_OFFSET) != DOS_HEADER_MAGIC) {
736 DBG_INFO("File [%s] bad DOS magic = 0x%x\n",
738 SVAL(buf,DOS_HEADER_MAGIC_OFFSET));
739 goto no_version_info;
743 * Skip OEM header (if any) and the
744 * DOS stub to start of Windows header.
746 in_pos = SVAL(buf,DOS_HEADER_LFANEW_OFFSET);
748 /* Note: DOS_HEADER_SIZE and NE_HEADER_SIZE are incidentally same */
749 byte_count = printing_pread_data(fsp, buf, &in_pos, NE_HEADER_SIZE);
750 if (byte_count < NE_HEADER_SIZE) {
751 DBG_NOTICE("File [%s] Windows header too short, "
752 "bytes read = %lu\n",
754 (unsigned long)byte_count);
756 * Assume this isn't an error...
757 * the file just looks sort of like a PE/NE file
759 goto no_version_info;
763 * The header may be a PE (Portable Executable)
764 * or an NE (New Executable).
766 if (IVAL(buf,PE_HEADER_SIGNATURE_OFFSET) == PE_HEADER_SIGNATURE) {
767 return handle_pe_file(fsp,
773 } else if (SVAL(buf,NE_HEADER_SIGNATURE_OFFSET) ==
774 NE_HEADER_SIGNATURE) {
775 return handle_ne_file(fsp,
783 * Assume this isn't an error... the file just
784 * looks sort of like a PE/NE file.
786 DBG_NOTICE("File [%s] unknown file format, signature = 0x%x\n",
788 IVAL(buf,PE_HEADER_SIGNATURE_OFFSET));
789 /* Fallthrough into no_version_info: */
801 /****************************************************************************
802 Drivers for Microsoft systems contain multiple files. Often, multiple drivers
803 share one or more files. During the MS installation process files are checked
804 to insure that only a newer version of a shared file is installed over an
805 older version. There are several possibilities for this comparison. If there
806 is no previous version, the new one is newer (obviously). If either file is
807 missing the version info structure, compare the creation date (on Unix use
808 the modification date). Otherwise chose the numerically larger version number.
809 ****************************************************************************/
811 static int file_version_is_newer(connection_struct *conn, fstring new_file, fstring old_file)
813 bool use_version = true;
817 time_t new_create_time;
821 time_t old_create_time;
823 struct smb_filename *smb_fname = NULL;
824 files_struct *fsp = NULL;
830 SET_STAT_INVALID(st);
831 new_create_time = (time_t)0;
832 old_create_time = (time_t)0;
834 /* Get file version info (if available) for previous file (if it exists) */
835 status = driver_unix_convert(conn, old_file, &smb_fname);
836 if (!NT_STATUS_IS_OK(status)) {
840 status = SMB_VFS_CREATE_FILE(
843 0, /* root_dir_fid */
844 smb_fname, /* fname */
845 FILE_GENERIC_READ, /* access_mask */
846 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
847 FILE_OPEN, /* create_disposition*/
848 0, /* create_options */
849 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
850 INTERNAL_OPEN_ONLY, /* oplock_request */
852 0, /* allocation_size */
853 0, /* private_flags */
858 NULL, NULL); /* create context */
860 if (!NT_STATUS_IS_OK(status)) {
861 /* Old file not found, so by definition new file is in fact newer */
862 DEBUG(10,("file_version_is_newer: Can't open old file [%s], "
863 "errno = %d\n", smb_fname_str_dbg(smb_fname),
869 ret = get_file_version(fsp, old_file, &old_major, &old_minor);
875 DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n",
878 if (SMB_VFS_FSTAT(fsp, &st) == -1) {
881 old_create_time = convert_timespec_to_time_t(st.st_ex_mtime);
882 DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n",
883 (long)old_create_time));
886 close_file(NULL, fsp, NORMAL_CLOSE);
889 /* Get file version info (if available) for new file */
890 status = driver_unix_convert(conn, new_file, &smb_fname);
891 if (!NT_STATUS_IS_OK(status)) {
895 status = SMB_VFS_CREATE_FILE(
898 0, /* root_dir_fid */
899 smb_fname, /* fname */
900 FILE_GENERIC_READ, /* access_mask */
901 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
902 FILE_OPEN, /* create_disposition*/
903 0, /* create_options */
904 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
905 INTERNAL_OPEN_ONLY, /* oplock_request */
907 0, /* allocation_size */
908 0, /* private_flags */
913 NULL, NULL); /* create context */
915 if (!NT_STATUS_IS_OK(status)) {
916 /* New file not found, this shouldn't occur if the caller did its job */
917 DEBUG(3,("file_version_is_newer: Can't open new file [%s], "
918 "errno = %d\n", smb_fname_str_dbg(smb_fname), errno));
922 ret = get_file_version(fsp, new_file, &new_major, &new_minor);
928 DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n",
931 if (SMB_VFS_FSTAT(fsp, &st) == -1) {
934 new_create_time = convert_timespec_to_time_t(st.st_ex_mtime);
935 DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n",
936 (long)new_create_time));
939 close_file(NULL, fsp, NORMAL_CLOSE);
942 if (use_version && (new_major != old_major || new_minor != old_minor)) {
943 /* Compare versions and choose the larger version number */
944 if (new_major > old_major ||
945 (new_major == old_major && new_minor > old_minor)) {
947 DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file));
952 DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file));
958 /* Compare modification time/dates and choose the newest time/date */
959 if (new_create_time > old_create_time) {
960 DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file));
965 DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file));
973 close_file(NULL, fsp, NORMAL_CLOSE);
976 TALLOC_FREE(smb_fname);
980 /****************************************************************************
981 Determine the correct cVersion associated with an architecture and driver
982 ****************************************************************************/
983 static uint32_t get_correct_cversion(const struct auth_session_info *session_info,
984 const char *architecture,
985 const char *driverpath_in,
986 const char *driver_directory,
989 TALLOC_CTX *frame = talloc_stackframe();
992 struct smb_filename *smb_fname = NULL;
993 files_struct *fsp = NULL;
994 struct conn_struct_tos *c = NULL;
995 connection_struct *conn = NULL;
996 char *printdollar = NULL;
997 char *printdollar_path = NULL;
998 char *working_dir = NULL;
999 int printdollar_snum;
1001 *perr = WERR_INVALID_PARAMETER;
1003 /* If architecture is Windows 95/98/ME, the version is always 0. */
1004 if (strcmp(architecture, SPL_ARCH_WIN40) == 0) {
1005 DEBUG(10,("get_correct_cversion: Driver is Win9x, cversion = 0\n"));
1011 /* If architecture is Windows x64, the version is always 3. */
1012 if (strcmp(architecture, SPL_ARCH_X64) == 0) {
1013 DEBUG(10,("get_correct_cversion: Driver is x64, cversion = 3\n"));
1019 printdollar_snum = find_service(frame, "print$", &printdollar);
1021 *perr = WERR_NOT_ENOUGH_MEMORY;
1025 if (printdollar_snum == -1) {
1026 *perr = WERR_BAD_NET_NAME;
1031 printdollar_path = lp_path(frame, printdollar_snum);
1032 if (printdollar_path == NULL) {
1033 *perr = WERR_NOT_ENOUGH_MEMORY;
1038 working_dir = talloc_asprintf(frame,
1043 * If the driver has been uploaded into a temorpary driver
1044 * directory, switch to the driver directory.
1046 if (driver_directory != NULL) {
1047 working_dir = talloc_asprintf(frame, "%s/%s/%s",
1053 nt_status = create_conn_struct_tos_cwd(server_messaging_context(),
1058 if (!NT_STATUS_IS_OK(nt_status)) {
1059 DEBUG(0,("get_correct_cversion: create_conn_struct "
1060 "returned %s\n", nt_errstr(nt_status)));
1061 *perr = ntstatus_to_werror(nt_status);
1067 nt_status = set_conn_force_user_group(conn, printdollar_snum);
1068 if (!NT_STATUS_IS_OK(nt_status)) {
1069 DEBUG(0, ("failed set force user / group\n"));
1070 *perr = ntstatus_to_werror(nt_status);
1071 goto error_free_conn;
1074 if (!become_user_by_session(conn, session_info)) {
1075 DEBUG(0, ("failed to become user\n"));
1076 *perr = WERR_ACCESS_DENIED;
1077 goto error_free_conn;
1081 * We switch to the directory where the driver files are located,
1082 * so only work on the file names
1084 nt_status = driver_unix_convert(conn, driverpath_in, &smb_fname);
1085 if (!NT_STATUS_IS_OK(nt_status)) {
1086 *perr = ntstatus_to_werror(nt_status);
1090 nt_status = vfs_file_exist(conn, smb_fname);
1091 if (!NT_STATUS_IS_OK(nt_status)) {
1092 DEBUG(3,("get_correct_cversion: vfs_file_exist failed\n"));
1093 *perr = WERR_FILE_NOT_FOUND;
1097 nt_status = SMB_VFS_CREATE_FILE(
1100 0, /* root_dir_fid */
1101 smb_fname, /* fname */
1102 FILE_GENERIC_READ, /* access_mask */
1103 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
1104 FILE_OPEN, /* create_disposition*/
1105 0, /* create_options */
1106 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
1107 INTERNAL_OPEN_ONLY, /* oplock_request */
1109 0, /* private_flags */
1110 0, /* allocation_size */
1115 NULL, NULL); /* create context */
1117 if (!NT_STATUS_IS_OK(nt_status)) {
1118 DEBUG(3,("get_correct_cversion: Can't open file [%s], errno = "
1119 "%d\n", smb_fname_str_dbg(smb_fname), errno));
1120 *perr = WERR_ACCESS_DENIED;
1127 ret = get_file_version(fsp, smb_fname->base_name, &major, &minor);
1129 *perr = WERR_INVALID_PARAMETER;
1132 DEBUG(6,("get_correct_cversion: Version info not "
1134 smb_fname_str_dbg(smb_fname)));
1135 *perr = WERR_INVALID_PARAMETER;
1140 * This is a Microsoft'ism. See references in MSDN to VER_FILEVERSION
1141 * for more details. Version in this case is not just the version of the
1142 * file, but the version in the sense of kernal mode (2) vs. user mode
1143 * (3) drivers. Other bits of the version fields are the version info.
1146 cversion = major & 0x0000ffff;
1148 case 2: /* WinNT drivers */
1149 case 3: /* Win2K drivers */
1153 DEBUG(6,("get_correct_cversion: cversion "
1154 "invalid [%s] cversion = %d\n",
1155 smb_fname_str_dbg(smb_fname),
1160 DEBUG(10,("get_correct_cversion: Version info found [%s] major"
1161 " = 0x%x minor = 0x%x\n",
1162 smb_fname_str_dbg(smb_fname), major, minor));
1165 DEBUG(10,("get_correct_cversion: Driver file [%s] cversion = %d\n",
1166 smb_fname_str_dbg(smb_fname), cversion));
1173 close_file(NULL, fsp, NORMAL_CLOSE);
1175 if (!W_ERROR_IS_OK(*perr)) {
1183 /****************************************************************************
1184 ****************************************************************************/
1186 #define strip_driver_path(_mem_ctx, _element) do { \
1187 if (_element && ((_p = strrchr((_element), '\\')) != NULL)) { \
1188 (_element) = talloc_asprintf((_mem_ctx), "%s", _p+1); \
1189 W_ERROR_HAVE_NO_MEMORY((_element)); \
1193 static WERROR clean_up_driver_struct_level(TALLOC_CTX *mem_ctx,
1194 const struct auth_session_info *session_info,
1195 const char *architecture,
1196 const char **driver_path,
1197 const char **data_file,
1198 const char **config_file,
1199 const char **help_file,
1200 struct spoolss_StringArray *dependent_files,
1201 enum spoolss_DriverOSVersion *version,
1203 const char **driver_directory)
1205 const char *short_architecture;
1210 if (!*driver_path || !*data_file) {
1211 return WERR_INVALID_PARAMETER;
1214 if (!strequal(architecture, SPOOLSS_ARCHITECTURE_4_0) && !*config_file) {
1215 return WERR_INVALID_PARAMETER;
1218 if (flags & APD_COPY_FROM_DIRECTORY) {
1223 * driver_path is set to:
1225 * \\PRINTSRV\print$\x64\{279245b0-a8bd-4431-bf6f-baee92ac15c0}\pscript5.dll
1227 path = talloc_strdup(mem_ctx, *driver_path);
1229 return WERR_NOT_ENOUGH_MEMORY;
1232 /* Remove pscript5.dll */
1233 q = strrchr_m(path, '\\');
1235 return WERR_INVALID_PARAMETER;
1239 /* Get \{279245b0-a8bd-4431-bf6f-baee92ac15c0} */
1240 q = strrchr_m(path, '\\');
1242 return WERR_INVALID_PARAMETER;
1246 * Set driver_directory to:
1248 * {279245b0-a8bd-4431-bf6f-baee92ac15c0}
1250 * This is the directory where all the files have been uploaded
1252 *driver_directory = q + 1;
1255 /* clean up the driver name.
1256 * we can get .\driver.dll
1257 * or worse c:\windows\system\driver.dll !
1259 /* using an intermediate string to not have overlaping memcpy()'s */
1261 strip_driver_path(mem_ctx, *driver_path);
1262 strip_driver_path(mem_ctx, *data_file);
1264 strip_driver_path(mem_ctx, *config_file);
1267 strip_driver_path(mem_ctx, *help_file);
1270 if (dependent_files && dependent_files->string) {
1271 for (i=0; dependent_files->string[i]; i++) {
1272 strip_driver_path(mem_ctx, dependent_files->string[i]);
1276 short_architecture = get_short_archi(architecture);
1277 if (!short_architecture) {
1278 return WERR_UNKNOWN_PRINTER_DRIVER;
1281 /* jfm:7/16/2000 the client always sends the cversion=0.
1282 * The server should check which version the driver is by reading
1283 * the PE header of driver->driverpath.
1285 * For Windows 95/98 the version is 0 (so the value sent is correct)
1286 * For Windows NT (the architecture doesn't matter)
1287 * NT 3.1: cversion=0
1288 * NT 3.5/3.51: cversion=1
1293 *version = get_correct_cversion(session_info,
1298 if (*version == -1) {
1305 /****************************************************************************
1306 ****************************************************************************/
1308 WERROR clean_up_driver_struct(TALLOC_CTX *mem_ctx,
1309 const struct auth_session_info *session_info,
1310 const struct spoolss_AddDriverInfoCtr *r,
1312 const char **driver_directory)
1316 return clean_up_driver_struct_level(mem_ctx, session_info,
1317 r->info.info3->architecture,
1318 &r->info.info3->driver_path,
1319 &r->info.info3->data_file,
1320 &r->info.info3->config_file,
1321 &r->info.info3->help_file,
1322 r->info.info3->dependent_files,
1323 &r->info.info3->version,
1327 return clean_up_driver_struct_level(mem_ctx, session_info,
1328 r->info.info6->architecture,
1329 &r->info.info6->driver_path,
1330 &r->info.info6->data_file,
1331 &r->info.info6->config_file,
1332 &r->info.info6->help_file,
1333 r->info.info6->dependent_files,
1334 &r->info.info6->version,
1338 return clean_up_driver_struct_level(mem_ctx, session_info,
1339 r->info.info8->architecture,
1340 &r->info.info8->driver_path,
1341 &r->info.info8->data_file,
1342 &r->info.info8->config_file,
1343 &r->info.info8->help_file,
1344 r->info.info8->dependent_files,
1345 &r->info.info8->version,
1349 return WERR_NOT_SUPPORTED;
1353 /****************************************************************************
1354 This function sucks and should be replaced. JRA.
1355 ****************************************************************************/
1357 static void convert_level_6_to_level3(struct spoolss_AddDriverInfo3 *dst,
1358 const struct spoolss_AddDriverInfo6 *src)
1360 dst->version = src->version;
1362 dst->driver_name = src->driver_name;
1363 dst->architecture = src->architecture;
1364 dst->driver_path = src->driver_path;
1365 dst->data_file = src->data_file;
1366 dst->config_file = src->config_file;
1367 dst->help_file = src->help_file;
1368 dst->monitor_name = src->monitor_name;
1369 dst->default_datatype = src->default_datatype;
1370 dst->_ndr_size_dependent_files = src->_ndr_size_dependent_files;
1371 dst->dependent_files = src->dependent_files;
1374 static void convert_level_8_to_level3(struct spoolss_AddDriverInfo3 *dst,
1375 const struct spoolss_AddDriverInfo8 *src)
1377 dst->version = src->version;
1379 dst->driver_name = src->driver_name;
1380 dst->architecture = src->architecture;
1381 dst->driver_path = src->driver_path;
1382 dst->data_file = src->data_file;
1383 dst->config_file = src->config_file;
1384 dst->help_file = src->help_file;
1385 dst->monitor_name = src->monitor_name;
1386 dst->default_datatype = src->default_datatype;
1387 dst->_ndr_size_dependent_files = src->_ndr_size_dependent_files;
1388 dst->dependent_files = src->dependent_files;
1391 /****************************************************************************
1392 ****************************************************************************/
1394 static WERROR move_driver_file_to_download_area(TALLOC_CTX *mem_ctx,
1395 connection_struct *conn,
1396 const char *driver_file,
1397 const char *short_architecture,
1398 uint32_t driver_version,
1400 const char *driver_directory)
1402 struct smb_filename *smb_fname_old = NULL;
1403 struct smb_filename *smb_fname_new = NULL;
1404 char *old_name = NULL;
1405 char *new_name = NULL;
1409 if (driver_directory != NULL) {
1410 old_name = talloc_asprintf(mem_ctx,
1416 old_name = talloc_asprintf(mem_ctx,
1421 if (old_name == NULL) {
1422 return WERR_NOT_ENOUGH_MEMORY;
1425 new_name = talloc_asprintf(mem_ctx, "%s/%d/%s",
1426 short_architecture, driver_version, driver_file);
1427 if (new_name == NULL) {
1428 TALLOC_FREE(old_name);
1429 return WERR_NOT_ENOUGH_MEMORY;
1432 if (version != -1 && (version = file_version_is_newer(conn, old_name, new_name)) > 0) {
1434 status = driver_unix_convert(conn, old_name, &smb_fname_old);
1435 if (!NT_STATUS_IS_OK(status)) {
1436 ret = WERR_NOT_ENOUGH_MEMORY;
1440 /* Setup a synthetic smb_filename struct */
1441 smb_fname_new = talloc_zero(mem_ctx, struct smb_filename);
1442 if (!smb_fname_new) {
1443 ret = WERR_NOT_ENOUGH_MEMORY;
1447 smb_fname_new->base_name = new_name;
1449 DEBUG(10,("move_driver_file_to_download_area: copying '%s' to "
1450 "'%s'\n", smb_fname_old->base_name,
1451 smb_fname_new->base_name));
1453 status = copy_file(mem_ctx, conn, smb_fname_old, smb_fname_new,
1454 OPENX_FILE_EXISTS_TRUNCATE |
1455 OPENX_FILE_CREATE_IF_NOT_EXIST,
1458 if (!NT_STATUS_IS_OK(status)) {
1459 DEBUG(0,("move_driver_file_to_download_area: Unable "
1460 "to rename [%s] to [%s]: %s\n",
1461 smb_fname_old->base_name, new_name,
1462 nt_errstr(status)));
1463 ret = WERR_APP_INIT_FAILURE;
1470 TALLOC_FREE(smb_fname_old);
1471 TALLOC_FREE(smb_fname_new);
1475 WERROR move_driver_to_download_area(const struct auth_session_info *session_info,
1476 const struct spoolss_AddDriverInfoCtr *r,
1477 const char *driver_directory)
1479 TALLOC_CTX *frame = talloc_stackframe();
1480 struct spoolss_AddDriverInfo3 *driver;
1481 struct spoolss_AddDriverInfo3 converted_driver;
1482 const char *short_architecture;
1483 struct smb_filename *smb_dname = NULL;
1484 char *new_dir = NULL;
1485 struct conn_struct_tos *c = NULL;
1486 connection_struct *conn = NULL;
1490 char *printdollar = NULL;
1491 int printdollar_snum;
1492 WERROR err = WERR_OK;
1496 driver = r->info.info3;
1499 convert_level_6_to_level3(&converted_driver, r->info.info6);
1500 driver = &converted_driver;
1503 convert_level_8_to_level3(&converted_driver, r->info.info8);
1504 driver = &converted_driver;
1507 DEBUG(0,("move_driver_to_download_area: Unknown info level (%u)\n", (unsigned int)r->level));
1509 return WERR_INVALID_LEVEL;
1512 short_architecture = get_short_archi(driver->architecture);
1513 if (!short_architecture) {
1515 return WERR_UNKNOWN_PRINTER_DRIVER;
1518 printdollar_snum = find_service(frame, "print$", &printdollar);
1521 return WERR_NOT_ENOUGH_MEMORY;
1523 if (printdollar_snum == -1) {
1525 return WERR_BAD_NET_NAME;
1528 nt_status = create_conn_struct_tos_cwd(server_messaging_context(),
1530 lp_path(frame, printdollar_snum),
1533 if (!NT_STATUS_IS_OK(nt_status)) {
1534 DEBUG(0,("move_driver_to_download_area: create_conn_struct "
1535 "returned %s\n", nt_errstr(nt_status)));
1536 err = ntstatus_to_werror(nt_status);
1542 nt_status = set_conn_force_user_group(conn, printdollar_snum);
1543 if (!NT_STATUS_IS_OK(nt_status)) {
1544 DEBUG(0, ("failed set force user / group\n"));
1545 err = ntstatus_to_werror(nt_status);
1549 if (!become_user_by_session(conn, session_info)) {
1550 DEBUG(0, ("failed to become user\n"));
1551 err = WERR_ACCESS_DENIED;
1555 new_dir = talloc_asprintf(frame,
1560 err = WERR_NOT_ENOUGH_MEMORY;
1563 nt_status = driver_unix_convert(conn, new_dir, &smb_dname);
1564 if (!NT_STATUS_IS_OK(nt_status)) {
1565 err = WERR_NOT_ENOUGH_MEMORY;
1569 DEBUG(5,("Creating first directory: %s\n", smb_dname->base_name));
1571 nt_status = create_directory(conn, NULL, smb_dname);
1572 if (!NT_STATUS_IS_OK(nt_status)
1573 && !NT_STATUS_EQUAL(nt_status, NT_STATUS_OBJECT_NAME_COLLISION)) {
1574 DEBUG(0, ("failed to create driver destination directory: %s\n",
1575 nt_errstr(nt_status)));
1576 err = ntstatus_to_werror(nt_status);
1580 /* For each driver file, archi\filexxx.yyy, if there is a duplicate file
1581 * listed for this driver which has already been moved, skip it (note:
1582 * drivers may list the same file name several times. Then check if the
1583 * file already exists in archi\version\, if so, check that the version
1584 * info (or time stamps if version info is unavailable) is newer (or the
1585 * date is later). If it is, move it to archi\version\filexxx.yyy.
1586 * Otherwise, delete the file.
1588 * If a file is not moved to archi\version\ because of an error, all the
1589 * rest of the 'unmoved' driver files are removed from archi\. If one or
1590 * more of the driver's files was already moved to archi\version\, it
1591 * potentially leaves the driver in a partially updated state. Version
1592 * trauma will most likely occur if an client attempts to use any printer
1593 * bound to the driver. Perhaps a rewrite to make sure the moves can be
1594 * done is appropriate... later JRR
1597 DEBUG(5,("Moving files now !\n"));
1599 if (driver->driver_path && strlen(driver->driver_path)) {
1601 err = move_driver_file_to_download_area(frame,
1603 driver->driver_path,
1608 if (!W_ERROR_IS_OK(err)) {
1613 if (driver->data_file && strlen(driver->data_file)) {
1614 if (!strequal(driver->data_file, driver->driver_path)) {
1616 err = move_driver_file_to_download_area(frame,
1623 if (!W_ERROR_IS_OK(err)) {
1629 if (driver->config_file && strlen(driver->config_file)) {
1630 if (!strequal(driver->config_file, driver->driver_path) &&
1631 !strequal(driver->config_file, driver->data_file)) {
1633 err = move_driver_file_to_download_area(frame,
1635 driver->config_file,
1640 if (!W_ERROR_IS_OK(err)) {
1646 if (driver->help_file && strlen(driver->help_file)) {
1647 if (!strequal(driver->help_file, driver->driver_path) &&
1648 !strequal(driver->help_file, driver->data_file) &&
1649 !strequal(driver->help_file, driver->config_file)) {
1651 err = move_driver_file_to_download_area(frame,
1658 if (!W_ERROR_IS_OK(err)) {
1664 if (driver->dependent_files && driver->dependent_files->string) {
1665 for (i=0; driver->dependent_files->string[i]; i++) {
1666 if (!strequal(driver->dependent_files->string[i], driver->driver_path) &&
1667 !strequal(driver->dependent_files->string[i], driver->data_file) &&
1668 !strequal(driver->dependent_files->string[i], driver->config_file) &&
1669 !strequal(driver->dependent_files->string[i], driver->help_file)) {
1671 for (j=0; j < i; j++) {
1672 if (strequal(driver->dependent_files->string[i], driver->dependent_files->string[j])) {
1677 err = move_driver_file_to_download_area(frame,
1679 driver->dependent_files->string[i],
1684 if (!W_ERROR_IS_OK(err)) {
1700 /****************************************************************************
1701 Determine whether or not a particular driver is currently assigned
1703 ****************************************************************************/
1705 bool printer_driver_in_use(TALLOC_CTX *mem_ctx,
1706 struct dcerpc_binding_handle *b,
1707 const struct spoolss_DriverInfo8 *r)
1710 int n_services = lp_numservices();
1711 bool in_use = false;
1712 struct spoolss_PrinterInfo2 *pinfo2 = NULL;
1719 DEBUG(10,("printer_driver_in_use: Beginning search through ntprinters.tdb...\n"));
1721 /* loop through the printers.tdb and check for the drivername */
1723 for (snum=0; snum<n_services && !in_use; snum++) {
1724 if (!lp_snum_ok(snum) || !lp_printable(snum)) {
1728 result = winreg_get_printer(mem_ctx, b,
1729 lp_servicename(talloc_tos(), snum),
1731 if (!W_ERROR_IS_OK(result)) {
1732 continue; /* skip */
1735 if (strequal(r->driver_name, pinfo2->drivername)) {
1739 TALLOC_FREE(pinfo2);
1742 DEBUG(10,("printer_driver_in_use: Completed search through ntprinters.tdb...\n"));
1745 struct spoolss_DriverInfo8 *driver = NULL;
1748 DEBUG(5,("printer_driver_in_use: driver \"%s\" is currently in use\n", r->driver_name));
1750 /* we can still remove the driver if there is one of
1751 "Windows NT x86" version 2 or 3 left */
1753 if (strequal(SPOOLSS_ARCHITECTURE_NT_X86, r->architecture)) {
1754 if (r->version == 2) {
1755 werr = winreg_get_driver(mem_ctx, b,
1759 } else if (r->version == 3) {
1760 werr = winreg_get_driver(mem_ctx, b,
1765 DBG_ERR("Unknown driver version (%d)\n",
1767 werr = WERR_UNKNOWN_PRINTER_DRIVER;
1769 } else if (strequal(SPOOLSS_ARCHITECTURE_x64, r->architecture)) {
1770 werr = winreg_get_driver(mem_ctx, b,
1771 SPOOLSS_ARCHITECTURE_NT_X86,
1776 DBG_ERR("Unknown driver architecture: %s\n",
1778 werr = WERR_UNKNOWN_PRINTER_DRIVER;
1781 /* now check the error code */
1783 if ( W_ERROR_IS_OK(werr) ) {
1784 /* it's ok to remove the driver, we have other architctures left */
1786 talloc_free(driver);
1790 /* report that the driver is not in use by default */
1796 /**********************************************************************
1797 Check to see if a ogiven file is in use by *info
1798 *********************************************************************/
1800 static bool drv_file_in_use(const char *file, const struct spoolss_DriverInfo8 *info)
1807 /* mz: skip files that are in the list but already deleted */
1808 if (!file || !file[0]) {
1812 if (strequal(file, info->driver_path))
1815 if (strequal(file, info->data_file))
1818 if (strequal(file, info->config_file))
1821 if (strequal(file, info->help_file))
1824 /* see of there are any dependent files to examine */
1826 if (!info->dependent_files)
1829 while (info->dependent_files[i] && *info->dependent_files[i]) {
1830 if (strequal(file, info->dependent_files[i]))
1839 /**********************************************************************
1840 Utility function to remove the dependent file pointed to by the
1841 input parameter from the list
1842 *********************************************************************/
1844 static void trim_dependent_file(TALLOC_CTX *mem_ctx, const char **files, int idx)
1847 /* bump everything down a slot */
1849 while (files && files[idx+1]) {
1850 files[idx] = talloc_strdup(mem_ctx, files[idx+1]);
1859 /**********************************************************************
1860 Check if any of the files used by src are also used by drv
1861 *********************************************************************/
1863 static bool trim_overlap_drv_files(TALLOC_CTX *mem_ctx,
1864 struct spoolss_DriverInfo8 *src,
1865 const struct spoolss_DriverInfo8 *drv)
1867 bool in_use = False;
1873 /* check each file. Remove it from the src structure if it overlaps */
1875 if (drv_file_in_use(src->driver_path, drv)) {
1877 DEBUG(10,("Removing driverfile [%s] from list\n", src->driver_path));
1878 src->driver_path = talloc_strdup(mem_ctx, "");
1879 if (!src->driver_path) { return false; }
1882 if (drv_file_in_use(src->data_file, drv)) {
1884 DEBUG(10,("Removing datafile [%s] from list\n", src->data_file));
1885 src->data_file = talloc_strdup(mem_ctx, "");
1886 if (!src->data_file) { return false; }
1889 if (drv_file_in_use(src->config_file, drv)) {
1891 DEBUG(10,("Removing configfile [%s] from list\n", src->config_file));
1892 src->config_file = talloc_strdup(mem_ctx, "");
1893 if (!src->config_file) { return false; }
1896 if (drv_file_in_use(src->help_file, drv)) {
1898 DEBUG(10,("Removing helpfile [%s] from list\n", src->help_file));
1899 src->help_file = talloc_strdup(mem_ctx, "");
1900 if (!src->help_file) { return false; }
1903 /* are there any dependentfiles to examine? */
1905 if (!src->dependent_files)
1908 while (src->dependent_files[i] && *src->dependent_files[i]) {
1909 if (drv_file_in_use(src->dependent_files[i], drv)) {
1911 DEBUG(10,("Removing [%s] from dependent file list\n", src->dependent_files[i]));
1912 trim_dependent_file(mem_ctx, src->dependent_files, i);
1920 /****************************************************************************
1921 Determine whether or not a particular driver files are currently being
1922 used by any other driver.
1924 Return value is True if any files were in use by other drivers
1925 and False otherwise.
1927 Upon return, *info has been modified to only contain the driver files
1928 which are not in use
1932 This needs to check all drivers to ensure that all files in use
1933 have been removed from *info, not just the ones in the first
1935 ****************************************************************************/
1937 bool printer_driver_files_in_use(TALLOC_CTX *mem_ctx,
1938 struct dcerpc_binding_handle *b,
1939 struct spoolss_DriverInfo8 *info)
1943 struct spoolss_DriverInfo8 *driver;
1944 bool in_use = false;
1945 uint32_t num_drivers;
1946 const char **drivers;
1952 version = info->version;
1954 /* loop over all driver versions */
1956 DEBUG(5,("printer_driver_files_in_use: Beginning search of drivers...\n"));
1958 /* get the list of drivers */
1960 result = winreg_get_driver_list(mem_ctx, b,
1961 info->architecture, version,
1962 &num_drivers, &drivers);
1963 if (!W_ERROR_IS_OK(result)) {
1967 DEBUGADD(4, ("we have:[%d] drivers in environment [%s] and version [%d]\n",
1968 num_drivers, info->architecture, version));
1970 /* check each driver for overlap in files */
1972 for (i = 0; i < num_drivers; i++) {
1973 DEBUGADD(5,("\tdriver: [%s]\n", drivers[i]));
1977 result = winreg_get_driver(mem_ctx, b,
1978 info->architecture, drivers[i],
1980 if (!W_ERROR_IS_OK(result)) {
1981 talloc_free(drivers);
1985 /* check if d2 uses any files from d1 */
1986 /* only if this is a different driver than the one being deleted */
1988 if (!strequal(info->driver_name, driver->driver_name)) {
1989 if (trim_overlap_drv_files(mem_ctx, info, driver)) {
1990 /* mz: Do not instantly return -
1991 * we need to ensure this file isn't
1992 * also in use by other drivers. */
1997 talloc_free(driver);
2000 talloc_free(drivers);
2002 DEBUG(5,("printer_driver_files_in_use: Completed search of drivers...\n"));
2007 static NTSTATUS driver_unlink_internals(connection_struct *conn,
2008 const char *short_arch,
2012 TALLOC_CTX *tmp_ctx = talloc_new(conn);
2013 struct smb_filename *smb_fname = NULL;
2014 char *print_dlr_path;
2015 NTSTATUS status = NT_STATUS_NO_MEMORY;
2017 print_dlr_path = talloc_asprintf(tmp_ctx, "%s/%d/%s",
2018 short_arch, vers, fname);
2019 if (print_dlr_path == NULL) {
2023 smb_fname = synthetic_smb_fname(tmp_ctx, print_dlr_path, NULL, NULL, 0);
2024 if (smb_fname == NULL) {
2028 status = unlink_internals(conn, NULL, 0, smb_fname, false);
2030 talloc_free(tmp_ctx);
2034 /****************************************************************************
2035 Actually delete the driver files. Make sure that
2036 printer_driver_files_in_use() return False before calling
2038 ****************************************************************************/
2040 bool delete_driver_files(const struct auth_session_info *session_info,
2041 const struct spoolss_DriverInfo8 *r)
2043 TALLOC_CTX *frame = talloc_stackframe();
2044 const char *short_arch;
2045 struct conn_struct_tos *c = NULL;
2046 connection_struct *conn = NULL;
2048 char *printdollar = NULL;
2049 int printdollar_snum;
2057 DEBUG(6,("delete_driver_files: deleting driver [%s] - version [%d]\n",
2058 r->driver_name, r->version));
2060 printdollar_snum = find_service(frame, "print$", &printdollar);
2065 if (printdollar_snum == -1) {
2070 nt_status = create_conn_struct_tos_cwd(server_messaging_context(),
2072 lp_path(frame, printdollar_snum),
2075 if (!NT_STATUS_IS_OK(nt_status)) {
2076 DEBUG(0,("delete_driver_files: create_conn_struct "
2077 "returned %s\n", nt_errstr(nt_status)));
2083 nt_status = set_conn_force_user_group(conn, printdollar_snum);
2084 if (!NT_STATUS_IS_OK(nt_status)) {
2085 DEBUG(0, ("failed set force user / group\n"));
2090 if (!become_user_by_session(conn, session_info)) {
2091 DEBUG(0, ("failed to become user\n"));
2096 if ( !CAN_WRITE(conn) ) {
2097 DEBUG(3,("delete_driver_files: Cannot delete print driver when [print$] is read-only\n"));
2102 short_arch = get_short_archi(r->architecture);
2103 if (short_arch == NULL) {
2104 DEBUG(0, ("bad architecture %s\n", r->architecture));
2109 /* now delete the files */
2111 if (r->driver_path && r->driver_path[0]) {
2112 DEBUG(10,("deleting driverfile [%s]\n", r->driver_path));
2113 driver_unlink_internals(conn, short_arch, r->version, r->driver_path);
2116 if (r->config_file && r->config_file[0]) {
2117 DEBUG(10,("deleting configfile [%s]\n", r->config_file));
2118 driver_unlink_internals(conn, short_arch, r->version, r->config_file);
2121 if (r->data_file && r->data_file[0]) {
2122 DEBUG(10,("deleting datafile [%s]\n", r->data_file));
2123 driver_unlink_internals(conn, short_arch, r->version, r->data_file);
2126 if (r->help_file && r->help_file[0]) {
2127 DEBUG(10,("deleting helpfile [%s]\n", r->help_file));
2128 driver_unlink_internals(conn, short_arch, r->version, r->help_file);
2131 if (r->dependent_files) {
2133 while (r->dependent_files[i] && r->dependent_files[i][0]) {
2134 DEBUG(10,("deleting dependent file [%s]\n", r->dependent_files[i]));
2135 driver_unlink_internals(conn, short_arch, r->version, r->dependent_files[i]);
2150 1: level not implemented
2151 2: file doesn't exist
2152 3: can't allocate memory
2153 4: can't free memory
2154 5: non existent struct
2158 A printer and a printer driver are 2 different things.
2159 NT manages them separatelly, Samba does the same.
2160 Why ? Simply because it's easier and it makes sense !
2162 Now explanation: You have 3 printers behind your samba server,
2163 2 of them are the same make and model (laser A and B). But laser B
2164 has an 3000 sheet feeder and laser A doesn't such an option.
2165 Your third printer is an old dot-matrix model for the accounting :-).
2167 If the /usr/local/samba/lib directory (default dir), you will have
2168 5 files to describe all of this.
2170 3 files for the printers (1 by printer):
2173 NTprinter_accounting
2174 2 files for the drivers (1 for the laser and 1 for the dot matrix)
2175 NTdriver_printer model X
2176 NTdriver_printer model Y
2178 jfm: I should use this comment for the text file to explain
2179 same thing for the forms BTW.
2180 Je devrais mettre mes commentaires en francais, ca serait mieux :-)
2184 /* Convert generic access rights to printer object specific access rights.
2185 It turns out that NT4 security descriptors use generic access rights and
2186 NT5 the object specific ones. */
2188 void map_printer_permissions(struct security_descriptor *sd)
2192 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
2193 se_map_generic(&sd->dacl->aces[i].access_mask,
2194 &printer_generic_mapping);
2198 void map_job_permissions(struct security_descriptor *sd)
2202 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
2203 se_map_generic(&sd->dacl->aces[i].access_mask,
2204 &job_generic_mapping);
2209 /****************************************************************************
2210 Check a user has permissions to perform the given operation. We use the
2211 permission constants defined in include/rpc_spoolss.h to check the various
2212 actions we perform when checking printer access.
2214 PRINTER_ACCESS_ADMINISTER:
2215 print_queue_pause, print_queue_resume, update_printer_sec,
2216 update_printer, spoolss_addprinterex_level_2,
2217 _spoolss_setprinterdata
2222 JOB_ACCESS_ADMINISTER:
2223 print_job_delete, print_job_pause, print_job_resume,
2226 Try access control in the following order (for performance reasons):
2227 1) root and SE_PRINT_OPERATOR can do anything (easy check)
2228 2) check security descriptor (bit comparisons in memory)
2229 3) "printer admins" (may result in numerous calls to winbind)
2231 ****************************************************************************/
2232 WERROR print_access_check(const struct auth_session_info *session_info,
2233 struct messaging_context *msg_ctx, int snum,
2236 struct spoolss_security_descriptor *secdesc = NULL;
2237 uint32_t access_granted;
2242 TALLOC_CTX *mem_ctx = NULL;
2244 /* If user is NULL then use the current_user structure */
2246 /* Always allow root or SE_PRINT_OPERATROR to do anything */
2248 if ((session_info->unix_token->uid == sec_initial_uid())
2249 || security_token_has_privilege(session_info->security_token,
2250 SEC_PRIV_PRINT_OPERATOR)) {
2254 /* Get printer name */
2256 pname = lp_printername(talloc_tos(), snum);
2258 if (!pname || !*pname) {
2259 return WERR_ACCESS_DENIED;
2262 /* Get printer security descriptor */
2264 if(!(mem_ctx = talloc_init("print_access_check"))) {
2265 return WERR_NOT_ENOUGH_MEMORY;
2268 result = winreg_get_printer_secdesc_internal(mem_ctx,
2269 get_session_info_system(),
2273 if (!W_ERROR_IS_OK(result)) {
2274 talloc_destroy(mem_ctx);
2275 return WERR_NOT_ENOUGH_MEMORY;
2278 if (access_type == JOB_ACCESS_ADMINISTER) {
2279 struct spoolss_security_descriptor *parent_secdesc = secdesc;
2281 /* Create a child security descriptor to check permissions
2282 against. This is because print jobs are child objects
2283 objects of a printer. */
2284 status = se_create_child_secdesc(mem_ctx,
2288 parent_secdesc->owner_sid,
2289 parent_secdesc->group_sid,
2291 if (!NT_STATUS_IS_OK(status)) {
2292 talloc_destroy(mem_ctx);
2293 return ntstatus_to_werror(status);
2296 map_job_permissions(secdesc);
2298 map_printer_permissions(secdesc);
2302 status = se_access_check(secdesc, session_info->security_token, access_type,
2305 DEBUG(4, ("access check was %s\n", NT_STATUS_IS_OK(status) ? "SUCCESS" : "FAILURE"));
2307 talloc_destroy(mem_ctx);
2309 return ntstatus_to_werror(status);
2312 /****************************************************************************
2313 Check the time parameters allow a print operation.
2314 *****************************************************************************/
2316 bool print_time_access_check(const struct auth_session_info *session_info,
2317 struct messaging_context *msg_ctx,
2318 const char *servicename)
2320 struct spoolss_PrinterInfo2 *pinfo2 = NULL;
2323 time_t now = time(NULL);
2327 result = winreg_get_printer_internal(NULL, session_info, msg_ctx,
2328 servicename, &pinfo2);
2329 if (!W_ERROR_IS_OK(result)) {
2333 if (pinfo2->starttime == 0 && pinfo2->untiltime == 0) {
2338 mins = (uint32_t)t->tm_hour*60 + (uint32_t)t->tm_min;
2340 if (mins >= pinfo2->starttime && mins <= pinfo2->untiltime) {
2344 TALLOC_FREE(pinfo2);
2353 void nt_printer_remove(TALLOC_CTX *mem_ctx,
2354 const struct auth_session_info *session_info,
2355 struct messaging_context *msg_ctx,
2356 const char *printer)
2360 result = winreg_delete_printer_key_internal(mem_ctx, session_info, msg_ctx,
2362 if (!W_ERROR_IS_OK(result)) {
2363 DEBUG(0, ("nt_printer_remove: failed to remove printer %s: "
2364 "%s\n", printer, win_errstr(result)));
2368 void nt_printer_add(TALLOC_CTX *mem_ctx,
2369 const struct auth_session_info *session_info,
2370 struct messaging_context *msg_ctx,
2371 const char *printer)
2375 result = winreg_create_printer_internal(mem_ctx, session_info, msg_ctx,
2377 if (!W_ERROR_IS_OK(result)) {
2378 DEBUG(0, ("nt_printer_add: failed to add printer %s: %s\n",
2379 printer, win_errstr(result)));
git.samba.org / samba.git / blob