r25561: Make use of [un]marshall_sec_desc

author Volker Lendecke <vlendec@samba.org>

Sun, 7 Oct 2007 12:56:43 +0000 (12:56 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 17:31:13 +0000 (12:31 -0500)
author Volker Lendecke <vlendec@samba.org>
Sun, 7 Oct 2007 12:56:43 +0000 (12:56 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 17:31:13 +0000 (12:31 -0500)
diff --git a/source/lib/sharesec.c b/source/lib/sharesec.c

index d30ccbe7ebfc4bcfc4ae849218b79e5caca95619..258b1212175fcc5d487920f32c8462d2eb60a1f1 100644 (file)
--- a/source/lib/sharesec.c
+++ b/source/lib/sharesec.c
@@ -110,33 +110,40 @@ SEC_DESC *get_share_security_default( TALLOC_CTX *ctx, size_t *psize, uint32 def
  SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
                               size_t *psize)
  {
-       prs_struct ps;
-       fstring key;
+       char *key;
         SEC_DESC *psd = NULL;
+       TDB_DATA data;
+       NTSTATUS status;
  
         if (!share_info_db_init()) {
                 return NULL;
         }
  
-       *psize = 0;
+       if (!(key = talloc_asprintf(ctx, "SECDESC/%s", servicename))) {
+               DEBUG(0, ("talloc_asprintf failed\n"));
+               return NULL;
+       }
  
-       /* Fetch security descriptor from tdb */
- 
-       slprintf(key, sizeof(key)-1, "SECDESC/%s", servicename);
- 
-       if (tdb_prs_fetch_bystring(share_tdb, key, &ps, ctx)!=0 ||
-               !sec_io_desc("get_share_security", &psd, &ps, 1)) {
- 
-               DEBUG(4, ("get_share_security: using default secdesc for %s\n",
-                         servicename));
- 
-               return get_share_security_default(ctx, psize, GENERIC_ALL_ACCESS);
+       data = tdb_fetch_bystring(share_tdb, key);
+
+       TALLOC_FREE(key);
+
+       if (data.dptr == NULL) {
+               return get_share_security_default(ctx, psize,
+                                                 GENERIC_ALL_ACCESS);
+       }
+
+       status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd);
+
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0, ("unmarshall_sec_desc failed: %s\n",
+                         nt_errstr(status)));
+               return NULL;
         }
  
         if (psd)
                 *psize = sec_desc_size(psd);
  
-       prs_mem_free(&ps);
         return psd;
  }
  
@@ -146,39 +153,43 @@ SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename,
  
  BOOL set_share_security(const char *share_name, SEC_DESC *psd)
  {
-       prs_struct ps;
-       TALLOC_CTX *mem_ctx = NULL;
-       fstring key;
+       TALLOC_CTX *frame;
+       char *key;
         BOOL ret = False;
+       TDB_DATA blob;
+       NTSTATUS status;
  
         if (!share_info_db_init()) {
                 return False;
         }
  
-       mem_ctx = talloc_init("set_share_security");
-       if (mem_ctx == NULL)
-               return False;
+       frame = talloc_stackframe();
  
-       prs_init(&ps, (uint32)sec_desc_size(psd), mem_ctx, MARSHALL);
- 
-       if (!sec_io_desc("share_security", &psd, &ps, 1))
+       status = marshall_sec_desc(frame, psd, &blob.dptr, &blob.dsize);
+
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0, ("marshall_sec_desc failed: %s\n",
+                         nt_errstr(status)));
                 goto out;
- 
-       slprintf(key, sizeof(key)-1, "SECDESC/%s", share_name);
- 
-       if (tdb_prs_store_bystring(share_tdb, key, &ps)==0) {
-               ret = True;
-               DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
-       } else {
-               DEBUG(1,("set_share_security: Failed to store secdesc for %s\n", share_name ));
-       } 
-
-       /* Free malloc'ed memory */
- 
-out:
- 
-       prs_mem_free(&ps);
-       TALLOC_FREE(mem_ctx);
+       }
+
+       if (!(key = talloc_asprintf(frame, "SECDESC/%s", share_name))) {
+               DEBUG(0, ("talloc_asprintf failed\n"));
+               goto out;
+       }
+
+       if (tdb_trans_store_bystring(share_tdb, key, blob,
+                                    TDB_REPLACE) == -1) {
+               DEBUG(1,("set_share_security: Failed to store secdesc for "
+                        "%s\n", share_name ));
+               goto out;
+       }
+
+       DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
+       ret = True;
+
+ out:
+       TALLOC_FREE(frame);
         return ret;
  }
  
diff --git a/source/rpc_parse/parse_prs.c b/source/rpc_parse/parse_prs.c

index b92433f92fc18d8786820e04266cb1803cecbfa0..c3603fe2344b1e5cab4df63f83426fddbaab1341 100644 (file)
--- a/source/rpc_parse/parse_prs.c
+++ b/source/rpc_parse/parse_prs.c
@@ -1486,12 +1486,6 @@ int tdb_prs_store(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps)
         return tdb_trans_store(tdb, kbuf, dbuf, TDB_REPLACE);
  }
  
-int tdb_prs_store_bystring(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps)
-{
-       TDB_DATA kbuf = string_term_tdb_data(keystr);
-       return tdb_prs_store(tdb, kbuf, ps);
-}
-
  /* useful function to fetch a structure into rpc wire format */
  int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *mem_ctx)
  {
@@ -1508,12 +1502,6 @@ int tdb_prs_fetch(TDB_CONTEXT *tdb, TDB_DATA kbuf, prs_struct *ps, TALLOC_CTX *m
         return 0;
  } 
  
-int tdb_prs_fetch_bystring(TDB_CONTEXT *tdb, char *keystr, prs_struct *ps, TALLOC_CTX *mem_ctx)
-{
-       TDB_DATA kbuf = string_term_tdb_data(keystr);
-       return tdb_prs_fetch(tdb, kbuf, ps, mem_ctx);
-}
-
  /*******************************************************************
   hash a stream.
   ********************************************************************/
diff --git a/source/services/services_db.c b/source/services/services_db.c

index f3ec62a01b06bf205ba4f67318041eedf95294f4..b2ef6b30f106bd3d03598422b0e8f64373ae2a40 100644 (file)
--- a/source/services/services_db.c
+++ b/source/services/services_db.c
@@ -311,7 +311,8 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
         REGVAL_CTR *values;
         REGSUBKEY_CTR *svc_subkeys;
         SEC_DESC *sd;
-       prs_struct ps;
+       DATA_BLOB sd_blob;
+       NTSTATUS status;
  
         /* add to the list and create the subkey path */
  
@@ -379,20 +380,20 @@ static void add_new_svc_name( REGISTRY_KEY *key_parent, REGSUBKEY_CTR *subkeys,
                 TALLOC_FREE( key_secdesc );
                 return;
         }
-       
-       /* stream the printer security descriptor */
-       
-       prs_init( &ps, RPC_MAX_PDU_FRAG_LEN, key_secdesc, MARSHALL);
-       
-       if ( sec_io_desc("sec_desc", &sd, &ps, 0 ) ) {
-               uint32 offset = prs_offset( &ps );
-               regval_ctr_addvalue( values, "Security", REG_BINARY, prs_data_p(&ps), offset );
-               store_reg_values( key_secdesc, values );
+
+       status = marshall_sec_desc(key_secdesc, sd, &sd_blob.data,
+                                  &sd_blob.length);
+       if (!NT_STATUS_IS_OK(status)) {
+               DEBUG(0, ("marshall_sec_desc failed: %s\n",
+                         nt_errstr(status)));
+               TALLOC_FREE(key_secdesc);
+               return;
         }
         
-       /* finally cleanup the Security key */
+       regval_ctr_addvalue(values, "Security", REG_BINARY,
+                           (const char *)sd_blob.data, sd_blob.length);
+       store_reg_values( key_secdesc, values );
         
-       prs_mem_free( &ps );
         TALLOC_FREE( key_secdesc );
  
         return;
@@ -464,13 +465,12 @@ void svcctl_init_keys( void )
  SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *token )
  {
         REGISTRY_KEY *key;
-       prs_struct ps;
         REGVAL_CTR *values;
         REGISTRY_VALUE *val;
-       SEC_DESC *sd = NULL;
         SEC_DESC *ret_sd = NULL;
         pstring path;
         WERROR wresult;
+       NTSTATUS status;
         
         /* now add the security descriptor */
  
@@ -490,31 +490,24 @@ SEC_DESC* svcctl_get_secdesc( TALLOC_CTX *ctx, const char *name, NT_USER_TOKEN *
         }
  
         fetch_reg_values( key, values );
+
+       TALLOC_FREE(key);
         
         if ( !(val = regval_ctr_getvalue( values, "Security" )) ) {
                 DEBUG(6,("svcctl_get_secdesc: constructing default secdesc for service [%s]\n", 
                         name));
-               TALLOC_FREE( key );
                 return construct_service_sd( ctx );
         }
         
  
-       /* stream the printer security descriptor */
-       
-       prs_init( &ps, 0, key, UNMARSHALL);
-       prs_give_memory( &ps, (char *)regval_data_p(val), regval_size(val), False );
-       
-       if ( !sec_io_desc("sec_desc", &sd, &ps, 0 ) ) {
-               TALLOC_FREE( key );
+       /* stream the service security descriptor */
+
+       status = unmarshall_sec_desc(ctx, regval_data_p(val),
+                                    regval_size(val), &ret_sd);
+
+       if (!NT_STATUS_IS_OK(status)) {
                 return construct_service_sd( ctx );
         }
-       
-       ret_sd = dup_sec_desc( ctx, sd );
-       
-       /* finally cleanup the Security key */
-       
-       prs_mem_free( &ps );
-       TALLOC_FREE( key );
  
         return ret_sd;
  }
author	Volker Lendecke <vlendec@samba.org>
	Sun, 7 Oct 2007 12:56:43 +0000 (12:56 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 17:31:13 +0000 (12:31 -0500)
source/lib/sharesec.c		patch \| blob \| history
source/rpc_parse/parse_prs.c		patch \| blob \| history
source/services/services_db.c		patch \| blob \| history