sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-26 10:04:02 +03:00
Code

s4:lsa RPC - fix up "gendb_*" result codes

Browse Source 
Make the resultcodes consistent: that means:
result < 0  -> NT_STATUS_INTERNAL_DB_CORRUPTION since our DB had a critical
               error
result >= 0 -> depends on the function usage. I tried to let the logic always as
               it was before.
This commit is contained in:
Matthias Dieter Wallnöfer 2010-03-06 11:19:04 +01:00
parent a6cf89228f
commit 24049e8fc5
2 changed files with 39 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
source4/rpc_server/lsa/dcesrv_lsa.c
View File

@ -697,7 +697,7 @@ static NTSTATUS dcesrv_lsa_EnumAccounts(struct dcesrv_call_state *dce_call, TALL
ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
"(&(objectSid=*)(privilege=*))");
if (ret < 0) {
return NT_STATUS_NO_SUCH_USER;
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (*r->in.resume_handle >= ret) {
@ -1626,7 +1626,7 @@ static NTSTATUS dcesrv_lsa_EnumTrustDom(struct dcesrv_call_state *dce_call, TALL
resumed based on resume_key */
count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
"objectclass=trustedDomain");
if (count == -1) {
if (count < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@ -1719,7 +1719,7 @@ static NTSTATUS dcesrv_lsa_EnumTrustedDomainsEx(struct dcesrv_call_state *dce_ca
resumed based on resume_key */
count = gendb_search(policy_state->sam_ldb, mem_ctx, policy_state->system_dn, &domains, attrs,
"objectclass=trustedDomain");
if (count == -1) {
if (count < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
@ -1844,6 +1844,9 @@ static NTSTATUS dcesrv_lsa_EnumPrivsAccount(struct dcesrv_call_state *dce_call,
ret = gendb_search(astate->policy->pdb, mem_ctx, NULL, &res, attrs,
"objectSid=%s", sidstr);
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (ret != 1) {
return NT_STATUS_OK;
}
@ -1904,10 +1907,7 @@ static NTSTATUS dcesrv_lsa_EnumAccountRights(struct dcesrv_call_state *dce_call,
if (ret == 0) {
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (ret > 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (ret == -1) {
if (ret != 1) {
DEBUG(3, ("searching for account rights for SID: %s failed: %s",
dom_sid_string(mem_ctx, r->in.sid),
ldb_errstring(state->pdb)));
@ -2295,7 +2295,7 @@ static NTSTATUS dcesrv_lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALL
return NT_STATUS_OBJECT_NAME_COLLISION;
}
if (ret == -1) {
if (ret < 0) {
DEBUG(0,("Failure searching for CN=%s: %s\n",
name2, ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
@ -2328,7 +2328,7 @@ static NTSTATUS dcesrv_lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALL
return NT_STATUS_OBJECT_NAME_COLLISION;
}
if (ret == -1) {
if (ret < 0) {
DEBUG(0,("Failure searching for CN=%s: %s\n",
name, ldb_errstring(secret_state->sam_ldb)));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
@ -2907,7 +2907,7 @@ static NTSTATUS dcesrv_lsa_EnumAccountsWithUserRight(struct dcesrv_call_state *d
ret = gendb_search(state->pdb, mem_ctx, NULL, &res, attrs,
"privilege=%s", privname);
if (ret == -1) {
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (ret == 0) {

57
source4/rpc_server/lsa/lsa_lookup.c
View File

@ -379,12 +379,11 @@ static NTSTATUS dcesrv_lsa_lookup_name(struct tevent_context *ev_ctx,
}
ret = gendb_search_dn(state->sam_ldb, mem_ctx, domain_dn, &res, attrs);
if (ret == 1) {
domain_sid = samdb_result_dom_sid(mem_ctx, res[0], "objectSid");
if (domain_sid == NULL) {
return NT_STATUS_INVALID_SID;
}
} else {
if (ret != 1) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
domain_sid = samdb_result_dom_sid(mem_ctx, res[0], "objectSid");
if (domain_sid == NULL) {
return NT_STATUS_INVALID_SID;
}
@ -398,8 +397,8 @@ static NTSTATUS dcesrv_lsa_lookup_name(struct tevent_context *ev_ctx,
ret = gendb_search(state->sam_ldb, mem_ctx, domain_dn, &res, attrs,
"(&(sAMAccountName=%s)(objectSid=*))",
ldb_binary_encode_string(mem_ctx, username));
if (ret == -1) {
return NT_STATUS_INVALID_SID;
if (ret < 0) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
for (i=0; i < ret; i++) {
@ -511,28 +510,30 @@ static NTSTATUS dcesrv_lsa_lookup_sid(struct lsa_policy_state *state, TALLOC_CTX
return NT_STATUS_NOT_FOUND;
}
ret = gendb_search(state->sam_ldb, mem_ctx, domain_dn, &res, attrs,
"objectSid=%s", ldap_encode_ndr_dom_sid(mem_ctx, sid));
if (ret == 1) {
*name = ldb_msg_find_attr_as_string(res[0], "sAMAccountName", NULL);
if (!*name) {
*name = ldb_msg_find_attr_as_string(res[0], "cn", NULL);
if (!*name) {
*name = talloc_strdup(mem_ctx, sid_str);
NT_STATUS_HAVE_NO_MEMORY(*name);
}
}
atype = samdb_result_uint(res[0], "sAMAccountType", 0);
*rtype = ds_atype_map(atype);
return NT_STATUS_OK;
}
/* need to re-add a check for an allocated sid */
return NT_STATUS_NOT_FOUND;
ret = gendb_search(state->sam_ldb, mem_ctx, domain_dn, &res, attrs,
"objectSid=%s", ldap_encode_ndr_dom_sid(mem_ctx, sid));
if ((ret < 0) || (ret > 1)) {
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
if (ret == 0) {
return NT_STATUS_NOT_FOUND;
}
*name = ldb_msg_find_attr_as_string(res[0], "sAMAccountName", NULL);
if (!*name) {
*name = ldb_msg_find_attr_as_string(res[0], "cn", NULL);
if (!*name) {
*name = talloc_strdup(mem_ctx, sid_str);
NT_STATUS_HAVE_NO_MEMORY(*name);
}
}
atype = samdb_result_uint(res[0], "sAMAccountType", 0);
*rtype = ds_atype_map(atype);
return NT_STATUS_OK;
}