s3-rpc_client: add winreg_set_printserver_secdesc.

Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

diff --git a/source3/rpc_client/cli_winreg_spoolss.c b/source3/rpc_client/cli_winreg_spoolss.c
index cbb22a3e2eddb1cd09728520a77186abaaa0a8b0..f2a91e8cad97cccb949ba5582650841600f1f59e 100644 (file)
--- a/source3/rpc_client/cli_winreg_spoolss.c
+++ b/source3/rpc_client/cli_winreg_spoolss.c
@@ -1794,16 +1794,16 @@ WERROR winreg_get_printserver_secdesc(TALLOC_CTX *mem_ctx,
                                  psecdesc);
 }
 
-WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
-                                 struct dcerpc_binding_handle *winreg_handle,
-                                 const char *sharename,
-                                 const struct spoolss_security_descriptor *secdesc)
+static WERROR winreg_set_secdesc(TALLOC_CTX *mem_ctx,
+                                struct dcerpc_binding_handle *winreg_handle,
+                                const char *path,
+                                const char *attribute,
+                                const struct spoolss_security_descriptor *secdesc)
 {
        const struct spoolss_security_descriptor *new_secdesc = secdesc;
        struct spoolss_security_descriptor *old_secdesc;
        uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
        struct policy_handle hive_hnd, key_hnd;
-       const char *path;
        TALLOC_CTX *tmp_ctx;
        NTSTATUS status;
        WERROR result;
@@ -1814,12 +1814,6 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
                return WERR_NOMEM;
        }
 
-       path = winreg_printer_data_keyname(tmp_ctx, sharename);
-       if (path == NULL) {
-               talloc_free(tmp_ctx);
-               return WERR_NOMEM;
-       }
-
        /*
         * The old owner and group sids of the security descriptor are not
         * present when new ACEs are added or removed by changing printer
@@ -1831,10 +1825,11 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
                struct security_acl *dacl, *sacl;
                size_t size;
 
-               result = winreg_get_printer_secdesc(tmp_ctx,
-                                                   winreg_handle,
-                                                   sharename,
-                                                   &old_secdesc);
+               result = winreg_get_secdesc(tmp_ctx,
+                                           winreg_handle,
+                                           path,
+                                           attribute,
+                                           &old_secdesc);
                if (!W_ERROR_IS_OK(result)) {
                        talloc_free(tmp_ctx);
                        return result;
@@ -1890,7 +1885,7 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
        status = dcerpc_winreg_set_sd(tmp_ctx,
                                      winreg_handle,
                                      &key_hnd,
-                                     "Security",
+                                     attribute,
                                      new_secdesc,
                                      &result);
        if (!NT_STATUS_IS_OK(status)) {
@@ -1909,6 +1904,37 @@ done:
        return result;
 }
 
+WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
+                                 struct dcerpc_binding_handle *winreg_handle,
+                                 const char *sharename,
+                                 const struct spoolss_security_descriptor *secdesc)
+{
+       char *path;
+       WERROR result;
+
+       path = winreg_printer_data_keyname(mem_ctx, sharename);
+       if (path == NULL) {
+               return WERR_NOMEM;
+       }
+
+       result = winreg_set_secdesc(mem_ctx, winreg_handle,
+                                   path,
+                                   "Security", secdesc);
+       talloc_free(path);
+
+       return result;
+}
+
+WERROR winreg_set_printserver_secdesc(TALLOC_CTX *mem_ctx,
+                                     struct dcerpc_binding_handle *winreg_handle,
+                                     const struct spoolss_security_descriptor *secdesc)
+{
+       return winreg_set_secdesc(mem_ctx, winreg_handle,
+                                 TOP_LEVEL_CONTROL_KEY,
+                                 "ServerSecurityDescriptor",
+                                 secdesc);
+}
+
 /* Set printer data over the winreg pipe. */
 WERROR winreg_set_printer_dataex(TALLOC_CTX *mem_ctx,
                                 struct dcerpc_binding_handle *winreg_handle,

diff --git a/source3/rpc_client/cli_winreg_spoolss.h b/source3/rpc_client/cli_winreg_spoolss.h
index 279e585855ae58332f121d30a8e63144fa73edc9..4fcb64e55fd7cdff181dd58b7fdaa869eea81987 100644 (file)
--- a/source3/rpc_client/cli_winreg_spoolss.h
+++ b/source3/rpc_client/cli_winreg_spoolss.h
@@ -181,6 +181,23 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
                                  const char *sharename,
                                  const struct spoolss_security_descriptor *secdesc);
 
+/**
+ * @brief Set the security descriptor for a printserver.
+ *
+ * @param[in]  mem_ctx  The talloc memory context to use.
+ *
+ * @param[in]  b The dcerpc binding handle
+ *
+ * @param[in]  secdesc  The security descriptor to save.
+ *
+ * @return              On success WERR_OK, a corresponding DOS error is
+ *                      something went wrong.
+ */
+WERROR winreg_set_printserver_secdesc(TALLOC_CTX *mem_ctx,
+                                     struct dcerpc_binding_handle *b,
+                                     const struct spoolss_security_descriptor *secdesc);
+
+
 /**
  * @internal
  *