psecdesc);
}
-WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
- struct dcerpc_binding_handle *winreg_handle,
- const char *sharename,
- const struct spoolss_security_descriptor *secdesc)
+static WERROR winreg_set_secdesc(TALLOC_CTX *mem_ctx,
+ struct dcerpc_binding_handle *winreg_handle,
+ const char *path,
+ const char *attribute,
+ const struct spoolss_security_descriptor *secdesc)
{
const struct spoolss_security_descriptor *new_secdesc = secdesc;
struct spoolss_security_descriptor *old_secdesc;
uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
struct policy_handle hive_hnd, key_hnd;
- const char *path;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
WERROR result;
return WERR_NOMEM;
}
- path = winreg_printer_data_keyname(tmp_ctx, sharename);
- if (path == NULL) {
- talloc_free(tmp_ctx);
- return WERR_NOMEM;
- }
-
/*
* The old owner and group sids of the security descriptor are not
* present when new ACEs are added or removed by changing printer
struct security_acl *dacl, *sacl;
size_t size;
- result = winreg_get_printer_secdesc(tmp_ctx,
- winreg_handle,
- sharename,
- &old_secdesc);
+ result = winreg_get_secdesc(tmp_ctx,
+ winreg_handle,
+ path,
+ attribute,
+ &old_secdesc);
if (!W_ERROR_IS_OK(result)) {
talloc_free(tmp_ctx);
return result;
status = dcerpc_winreg_set_sd(tmp_ctx,
winreg_handle,
&key_hnd,
- "Security",
+ attribute,
new_secdesc,
&result);
if (!NT_STATUS_IS_OK(status)) {
return result;
}
+WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
+ struct dcerpc_binding_handle *winreg_handle,
+ const char *sharename,
+ const struct spoolss_security_descriptor *secdesc)
+{
+ char *path;
+ WERROR result;
+
+ path = winreg_printer_data_keyname(mem_ctx, sharename);
+ if (path == NULL) {
+ return WERR_NOMEM;
+ }
+
+ result = winreg_set_secdesc(mem_ctx, winreg_handle,
+ path,
+ "Security", secdesc);
+ talloc_free(path);
+
+ return result;
+}
+
+WERROR winreg_set_printserver_secdesc(TALLOC_CTX *mem_ctx,
+ struct dcerpc_binding_handle *winreg_handle,
+ const struct spoolss_security_descriptor *secdesc)
+{
+ return winreg_set_secdesc(mem_ctx, winreg_handle,
+ TOP_LEVEL_CONTROL_KEY,
+ "ServerSecurityDescriptor",
+ secdesc);
+}
+
/* Set printer data over the winreg pipe. */
WERROR winreg_set_printer_dataex(TALLOC_CTX *mem_ctx,
struct dcerpc_binding_handle *winreg_handle,
const char *sharename,
const struct spoolss_security_descriptor *secdesc);
+/**
+ * @brief Set the security descriptor for a printserver.
+ *
+ * @param[in] mem_ctx The talloc memory context to use.
+ *
+ * @param[in] b The dcerpc binding handle
+ *
+ * @param[in] secdesc The security descriptor to save.
+ *
+ * @return On success WERR_OK, a corresponding DOS error is
+ * something went wrong.
+ */
+WERROR winreg_set_printserver_secdesc(TALLOC_CTX *mem_ctx,
+ struct dcerpc_binding_handle *b,
+ const struct spoolss_security_descriptor *secdesc);
+
+
/**
* @internal
*