diff --git a/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm b/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm index 78dc6a8aff6..89dc0617839 100644 --- a/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm +++ b/pidl/lib/Parse/Pidl/Samba4/NDR/ServerCompat.pm @@ -285,7 +285,6 @@ sub boilerplate_iface($) $self->indent(); $self->pidl("uint16_t opnum = dce_call->pkt.u.request.opnum;"); $self->pidl("struct pipes_struct *p = NULL;"); - $self->pidl("struct auth_session_info *pipe_session_info = NULL;"); $self->pidl("NTSTATUS status = NT_STATUS_OK;"); $self->pidl("bool impersonated = false;"); $self->pidl(""); @@ -293,9 +292,6 @@ sub boilerplate_iface($) $self->pidl("p = dcesrv_get_pipes_struct(dce_call->conn);"); $self->pidl("p->dce_call = dce_call;"); $self->pidl("p->mem_ctx = mem_ctx;"); - $self->pidl("/* Update pipes struct session info */"); - $self->pidl("pipe_session_info = p->session_info;"); - $self->pidl("p->session_info = dce_call->auth_state->session_info;"); $self->pidl("p->auth.auth_type = dce_call->auth_state->auth_type;"); $self->pidl("p->auth.auth_level = dce_call->auth_state->auth_level;"); $self->pidl("p->auth.auth_context_id = dce_call->auth_state->auth_context_id;"); @@ -306,7 +302,7 @@ sub boilerplate_iface($) $self->pidl("/* Impersonate */"); $self->pidl("if (dispatch == S3COMPAT_RPC_DISPATCH_EXTERNAL) {"); $self->indent(); - $self->pidl("impersonated = become_authenticated_pipe_user(p->session_info);"); + $self->pidl("impersonated = become_authenticated_pipe_user(dce_call->auth_state->session_info);"); $self->pidl("if (!impersonated) {"); $self->indent(); $self->pidl("dce_call->fault_code = DCERPC_FAULT_ACCESS_DENIED;"); @@ -339,8 +335,6 @@ sub boilerplate_iface($) $self->pidl("p->dce_call = NULL;"); $self->pidl("p->mem_ctx = NULL;"); - $self->pidl("/* Restore session info */"); - $self->pidl("p->session_info = pipe_session_info;"); $self->pidl("p->auth.auth_type = 0;"); $self->pidl("p->auth.auth_level = 0;"); $self->pidl("p->auth.auth_context_id = 0;"); diff --git a/source3/rpc_server/dfs/srv_dfs_nt.c b/source3/rpc_server/dfs/srv_dfs_nt.c index 23ddf11ac77..b69f7025191 100644 --- a/source3/rpc_server/dfs/srv_dfs_nt.c +++ b/source3/rpc_server/dfs/srv_dfs_nt.c @@ -54,6 +54,8 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) dcesrv_connection_get_local_address(dcesrv_conn); const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct junction_map *jn = NULL; struct referral *old_referral_list = NULL; bool self_ref = False; @@ -62,7 +64,7 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) NTSTATUS status; TALLOC_CTX *ctx = talloc_tos(); - if (p->session_info->unix_token->uid != sec_initial_uid()) { + if (session_info->unix_token->uid != sec_initial_uid()) { DEBUG(10,("_dfs_add: uid != 0. Access denied.\n")); return WERR_ACCESS_DENIED; } @@ -84,7 +86,7 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) /* The following call can change the cwd. */ status = get_referred_path(ctx, - p->session_info, + session_info, r->in.path, remote_address, local_address, @@ -116,7 +118,7 @@ WERROR _dfs_Add(struct pipes_struct *p, struct dfs_Add *r) jn->referral_list[jn->referral_count-1].ttl = REFERRAL_TTL; jn->referral_list[jn->referral_count-1].alternate_path = altpath; - if(!create_msdfs_link(jn, p->session_info)) { + if (!create_msdfs_link(jn, session_info)) { return WERR_NERR_DFSCANTCREATEJUNCTIONPOINT; } @@ -131,6 +133,8 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) dcesrv_connection_get_local_address(dcesrv_conn); const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct junction_map *jn = NULL; bool self_ref = False; int consumedcnt = 0; @@ -139,7 +143,7 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) char *altpath = NULL; NTSTATUS status; - if (p->session_info->unix_token->uid != sec_initial_uid()) { + if (session_info->unix_token->uid != sec_initial_uid()) { DEBUG(10,("_dfs_remove: uid != 0. Access denied.\n")); return WERR_ACCESS_DENIED; } @@ -164,7 +168,7 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) } status = get_referred_path(ctx, - p->session_info, + session_info, r->in.dfs_entry_path, remote_address, local_address, @@ -176,7 +180,7 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) /* if no server-share pair given, remove the msdfs link completely */ if(!r->in.servername && !r->in.sharename) { - if(!remove_msdfs_link(jn, p->session_info)) { + if(!remove_msdfs_link(jn, session_info)) { return WERR_NERR_DFSNOSUCHVOLUME; } } else { @@ -207,11 +211,11 @@ WERROR _dfs_Remove(struct pipes_struct *p, struct dfs_Remove *r) /* Only one referral, remove it */ if(jn->referral_count == 1) { - if(!remove_msdfs_link(jn, p->session_info)) { + if(!remove_msdfs_link(jn, session_info)) { return WERR_NERR_DFSNOSUCHVOLUME; } } else { - if(!create_msdfs_link(jn, p->session_info)) { + if(!create_msdfs_link(jn, session_info)) { return WERR_NERR_DFSCANTCREATEJUNCTIONPOINT; } } @@ -304,12 +308,15 @@ static bool init_reply_dfs_info_100(TALLOC_CTX *mem_ctx, struct junction_map* j, WERROR _dfs_Enum(struct pipes_struct *p, struct dfs_Enum *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct junction_map *jn = NULL; size_t num_jn = 0; size_t i; TALLOC_CTX *ctx = talloc_tos(); - jn = enum_msdfs_links(ctx, p->session_info, &num_jn); + jn = enum_msdfs_links(ctx, session_info, &num_jn); if (!jn || num_jn == 0) { num_jn = 0; jn = NULL; @@ -383,6 +390,8 @@ WERROR _dfs_GetInfo(struct pipes_struct *p, struct dfs_GetInfo *r) dcesrv_connection_get_local_address(dcesrv_conn); const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int consumedcnt = strlen(r->in.dfs_entry_path); struct junction_map *jn = NULL; bool self_ref = False; @@ -404,7 +413,7 @@ WERROR _dfs_GetInfo(struct pipes_struct *p, struct dfs_GetInfo *r) /* The following call can change the cwd. */ status = get_referred_path(ctx, - p->session_info, + session_info, r->in.dfs_entry_path, remote_address, local_address, diff --git a/source3/rpc_server/eventlog/srv_eventlog_nt.c b/source3/rpc_server/eventlog/srv_eventlog_nt.c index a3e602a2710..5c82417dcac 100644 --- a/source3/rpc_server/eventlog/srv_eventlog_nt.c +++ b/source3/rpc_server/eventlog/srv_eventlog_nt.c @@ -288,6 +288,9 @@ static bool get_oldest_entry_hook( EVENTLOG_INFO * info ) static NTSTATUS elog_open( struct pipes_struct * p, const char *logname, struct policy_handle *hnd ) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); EVENTLOG_INFO *elog; /* first thing is to validate the eventlog name */ @@ -321,7 +324,7 @@ static NTSTATUS elog_open( struct pipes_struct * p, const char *logname, struct elog->logname = talloc_strdup( elog, ELOG_APPL ); /* do the access check */ - if ( !elog_check_access( elog, p->session_info) ) { + if ( !elog_check_access( elog, session_info) ) { TALLOC_FREE( elog ); return NT_STATUS_ACCESS_DENIED; } @@ -339,7 +342,7 @@ static NTSTATUS elog_open( struct pipes_struct * p, const char *logname, struct /* now do the access check. Close the tdb if we fail here */ - if ( !elog_check_access( elog, p->session_info) ) { + if ( !elog_check_access( elog, session_info) ) { TALLOC_FREE( elog ); return NT_STATUS_ACCESS_DENIED; } diff --git a/source3/rpc_server/fss/srv_fss_agent.c b/source3/rpc_server/fss/srv_fss_agent.c index 0f25bf17188..4de600fd06c 100644 --- a/source3/rpc_server/fss/srv_fss_agent.c +++ b/source3/rpc_server/fss/srv_fss_agent.c @@ -438,22 +438,26 @@ static NTSTATUS srv_fssa_start(struct messaging_context *msg_ctx) */ static bool fss_permitted(struct pipes_struct *p) { - if (p->session_info->unix_token->uid == sec_initial_uid()) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + + if (session_info->unix_token->uid == sec_initial_uid()) { DEBUG(6, ("Granting FSRVP op, user started smbd\n")); return true; } if (nt_token_check_sid(&global_sid_Builtin_Administrators, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(6, ("Granting FSRVP op, administrators group member\n")); return true; } if (nt_token_check_sid(&global_sid_Builtin_Backup_Operators, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(6, ("Granting FSRVP op, backup operators group member\n")); return true; } - if (security_token_has_privilege(p->session_info->security_token, + if (security_token_has_privilege(session_info->security_token, SEC_PRIV_BACKUP)) { DEBUG(6, ("Granting FSRVP op, backup privilege present\n")); return true; @@ -728,6 +732,9 @@ static uint32_t map_share_comment(struct fss_sc_smap *sc_smap, uint32_t _fss_AddToShadowCopySet(struct pipes_struct *p, struct fss_AddToShadowCopySet *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); uint32_t ret; struct fss_sc_set *sc_set; struct fss_sc *sc; @@ -773,12 +780,12 @@ uint32_t _fss_AddToShadowCopySet(struct pipes_struct *p, goto err_tmp_free; } - status = fss_conn_create_tos(p->msg_ctx, p->session_info, snum, &conn); + status = fss_conn_create_tos(p->msg_ctx, session_info, snum, &conn); if (!NT_STATUS_IS_OK(status)) { ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); goto err_tmp_free; } - if (!become_user_without_service_by_session(conn, p->session_info)) { + if (!become_user_without_service_by_session(conn, session_info)) { DEBUG(0, ("failed to become user\n")); ret = HRES_ERROR_V(HRES_E_ACCESSDENIED); goto err_tmp_free; @@ -929,6 +936,9 @@ static NTSTATUS commit_sc_with_conn(TALLOC_CTX *mem_ctx, uint32_t _fss_CommitShadowCopySet(struct pipes_struct *p, struct fss_CommitShadowCopySet *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct fss_sc_set *sc_set; struct fss_sc *sc; uint32_t commit_count; @@ -961,7 +971,7 @@ uint32_t _fss_CommitShadowCopySet(struct pipes_struct *p, char *base_path; char *snap_path; status = commit_sc_with_conn(frame, global_event_context(), - p->msg_ctx, p->session_info, sc, + p->msg_ctx, session_info, sc, &base_path, &snap_path); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("snap create failed for shadow copy of " @@ -1330,6 +1340,9 @@ uint32_t _fss_AbortShadowCopySet(struct pipes_struct *p, uint32_t _fss_IsPathSupported(struct pipes_struct *p, struct fss_IsPathSupported *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int snum; char *service; char *base_vol; @@ -1358,12 +1371,12 @@ uint32_t _fss_IsPathSupported(struct pipes_struct *p, return HRES_ERROR_V(HRES_E_INVALIDARG); } - status = fss_conn_create_tos(p->msg_ctx, p->session_info, snum, &conn); + status = fss_conn_create_tos(p->msg_ctx, session_info, snum, &conn); if (!NT_STATUS_IS_OK(status)) { TALLOC_FREE(frame); return HRES_ERROR_V(HRES_E_ACCESSDENIED); } - if (!become_user_without_service_by_session(conn, p->session_info)) { + if (!become_user_without_service_by_session(conn, session_info)) { DEBUG(0, ("failed to become user\n")); TALLOC_FREE(frame); return HRES_ERROR_V(HRES_E_ACCESSDENIED); @@ -1569,6 +1582,9 @@ err_cancel: uint32_t _fss_DeleteShareMapping(struct pipes_struct *p, struct fss_DeleteShareMapping *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct fss_sc_set *sc_set; struct fss_sc *sc; struct fss_sc_smap *sc_smap; @@ -1638,11 +1654,11 @@ uint32_t _fss_DeleteShareMapping(struct pipes_struct *p, goto err_tmp_free; } - status = fss_conn_create_tos(p->msg_ctx, p->session_info, snum, &conn); + status = fss_conn_create_tos(p->msg_ctx, session_info, snum, &conn); if (!NT_STATUS_IS_OK(status)) { goto err_tmp_free; } - if (!become_user_without_service_by_session(conn, p->session_info)) { + if (!become_user_without_service_by_session(conn, session_info)) { DEBUG(0, ("failed to become user\n")); status = NT_STATUS_ACCESS_DENIED; goto err_tmp_free; diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c index ea92a22cbc9..bf4ddd22ee7 100644 --- a/source3/rpc_server/lsa/srv_lsa_nt.c +++ b/source3/rpc_server/lsa/srv_lsa_nt.c @@ -392,6 +392,9 @@ static NTSTATUS create_lsa_policy_handle(TALLOC_CTX *mem_ctx, NTSTATUS _lsa_OpenPolicy2(struct pipes_struct *p, struct lsa_OpenPolicy2 *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *psd = NULL; size_t sd_size; uint32_t des_access = r->in.access_mask; @@ -404,8 +407,8 @@ NTSTATUS _lsa_OpenPolicy2(struct pipes_struct *p, } /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); /* map the generic bits to the lsa policy ones */ @@ -418,7 +421,7 @@ NTSTATUS _lsa_OpenPolicy2(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, des_access, &acc_granted, "_lsa_OpenPolicy2" ); if (!NT_STATUS_IS_OK(status)) { @@ -1529,6 +1532,9 @@ static NTSTATUS lsa_lookup_trusted_domain_by_name(TALLOC_CTX *mem_ctx, NTSTATUS _lsa_OpenSecret(struct pipes_struct *p, struct lsa_OpenSecret *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *psd; NTSTATUS status; uint32_t acc_granted; @@ -1547,8 +1553,8 @@ NTSTATUS _lsa_OpenSecret(struct pipes_struct *p, } /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &r->in.access_mask); /* map the generic bits to the lsa policy ones */ @@ -1564,7 +1570,7 @@ NTSTATUS _lsa_OpenSecret(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, r->in.access_mask, &acc_granted, "_lsa_OpenSecret"); @@ -1595,6 +1601,9 @@ static NTSTATUS _lsa_OpenTrustedDomain_base(struct pipes_struct *p, struct trustdom_info *info, struct policy_handle *handle) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *psd = NULL; size_t sd_size; uint32_t acc_granted; @@ -1604,8 +1613,8 @@ static NTSTATUS _lsa_OpenTrustedDomain_base(struct pipes_struct *p, * handle - so don't check against policy handle. */ /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &access_mask); /* map the generic bits to the lsa account ones */ @@ -1619,7 +1628,7 @@ static NTSTATUS _lsa_OpenTrustedDomain_base(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, access_mask, &acc_granted, "_lsa_OpenTrustedDomain"); @@ -1705,6 +1714,9 @@ static NTSTATUS get_trustdom_auth_blob(struct pipes_struct *p, TALLOC_CTX *mem_ctx, DATA_BLOB *auth_blob, struct trustDomainPasswords *auth_struct) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); enum ndr_err_code ndr_err; DATA_BLOB lsession_key; gnutls_cipher_hd_t cipher_hnd = NULL; @@ -1713,14 +1725,14 @@ static NTSTATUS get_trustdom_auth_blob(struct pipes_struct *p, int rc; bool encrypted; - encrypted = - dcerpc_is_transport_encrypted(p->session_info); + encrypted = dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { return NT_STATUS_ACCESS_DENIED; } - status = session_extract_session_key(p->session_info, &lsession_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &lsession_key, KEY_USE_16BYTES); if (!NT_STATUS_IS_OK(status)) { return NT_STATUS_INVALID_PARAMETER; } @@ -1832,6 +1844,9 @@ static NTSTATUS get_trustauth_inout_blob(TALLOC_CTX *mem_ctx, NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p, struct lsa_CreateTrustedDomainEx2 *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct lsa_info *policy; NTSTATUS status; uint32_t acc_granted; @@ -1858,14 +1873,15 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p, return NT_STATUS_ACCESS_DENIED; } - if (p->session_info->unix_token->uid != sec_initial_uid() && - !nt_token_check_domain_rid(p->session_info->security_token, DOMAIN_RID_ADMINS)) { + if (session_info->unix_token->uid != sec_initial_uid() && + !nt_token_check_domain_rid( + session_info->security_token, DOMAIN_RID_ADMINS)) { return NT_STATUS_ACCESS_DENIED; } /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &r->in.access_mask); /* map the generic bits to the lsa policy ones */ @@ -1878,7 +1894,7 @@ NTSTATUS _lsa_CreateTrustedDomainEx2(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, r->in.access_mask, &acc_granted, "_lsa_CreateTrustedDomainEx2"); @@ -2316,6 +2332,9 @@ NTSTATUS _lsa_QueryTrustedDomainInfoByName(struct pipes_struct *p, NTSTATUS _lsa_CreateSecret(struct pipes_struct *p, struct lsa_CreateSecret *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; struct lsa_info *handle; uint32_t acc_granted; @@ -2339,8 +2358,8 @@ NTSTATUS _lsa_CreateSecret(struct pipes_struct *p, } /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &r->in.access_mask); /* map the generic bits to the lsa policy ones */ @@ -2353,7 +2372,7 @@ NTSTATUS _lsa_CreateSecret(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, r->in.access_mask, &acc_granted, "_lsa_CreateSecret"); @@ -2401,6 +2420,9 @@ NTSTATUS _lsa_CreateSecret(struct pipes_struct *p, NTSTATUS _lsa_SetSecret(struct pipes_struct *p, struct lsa_SetSecret *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; struct lsa_info *info = NULL; DATA_BLOB blob_new, blob_old; @@ -2423,7 +2445,8 @@ NTSTATUS _lsa_SetSecret(struct pipes_struct *p, return NT_STATUS_ACCESS_DENIED; } - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { return status; } @@ -2478,6 +2501,9 @@ NTSTATUS _lsa_SetSecret(struct pipes_struct *p, NTSTATUS _lsa_QuerySecret(struct pipes_struct *p, struct lsa_QuerySecret *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct lsa_info *info = NULL; DATA_BLOB blob_new, blob_old; DATA_BLOB blob_new_crypt, blob_old_crypt; @@ -2506,7 +2532,8 @@ NTSTATUS _lsa_QuerySecret(struct pipes_struct *p, return status; } - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { return status; } @@ -2814,6 +2841,9 @@ NTSTATUS _lsa_EnumAccounts(struct pipes_struct *p, NTSTATUS _lsa_GetUserName(struct pipes_struct *p, struct lsa_GetUserName *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const char *username, *domname; struct lsa_String *account_name = NULL; struct lsa_String *authority_name = NULL; @@ -2833,7 +2863,7 @@ NTSTATUS _lsa_GetUserName(struct pipes_struct *p, return NT_STATUS_INVALID_PARAMETER; } - if (security_session_user_level(p->session_info, NULL) < SECURITY_USER) { + if (security_session_user_level(session_info, NULL) < SECURITY_USER) { /* * I'm 99% sure this is not the right place to do this, * global_sid_Anonymous should probably be put into the token @@ -2844,8 +2874,8 @@ NTSTATUS _lsa_GetUserName(struct pipes_struct *p, return NT_STATUS_NO_MEMORY; } } else { - username = p->session_info->unix_info->sanitized_username; - domname = p->session_info->info->domain_name; + username = session_info->unix_info->sanitized_username; + domname = session_info->info->domain_name; } account_name = talloc(p->mem_ctx, struct lsa_String); @@ -2877,6 +2907,9 @@ NTSTATUS _lsa_GetUserName(struct pipes_struct *p, NTSTATUS _lsa_CreateAccount(struct pipes_struct *p, struct lsa_CreateAccount *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; struct lsa_info *handle; uint32_t acc_granted; @@ -2904,8 +2937,8 @@ NTSTATUS _lsa_CreateAccount(struct pipes_struct *p, } /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &r->in.access_mask); /* map the generic bits to the lsa policy ones */ @@ -2918,7 +2951,7 @@ NTSTATUS _lsa_CreateAccount(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, r->in.access_mask, &acc_granted, "_lsa_CreateAccount"); if (!NT_STATUS_IS_OK(status)) { @@ -2949,6 +2982,9 @@ NTSTATUS _lsa_CreateAccount(struct pipes_struct *p, NTSTATUS _lsa_OpenAccount(struct pipes_struct *p, struct lsa_OpenAccount *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *psd = NULL; size_t sd_size; uint32_t des_access = r->in.access_mask; @@ -2973,8 +3009,8 @@ NTSTATUS _lsa_OpenAccount(struct pipes_struct *p, * handle - so don't check against policy handle. */ /* Work out max allowed. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); /* map the generic bits to the lsa account ones */ @@ -2988,7 +3024,7 @@ NTSTATUS _lsa_OpenAccount(struct pipes_struct *p, return status; } - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, des_access, &acc_granted, "_lsa_OpenAccount" ); if (!NT_STATUS_IS_OK(status)) { @@ -3346,6 +3382,9 @@ NTSTATUS _lsa_QuerySecurity(struct pipes_struct *p, NTSTATUS _lsa_AddAccountRights(struct pipes_struct *p, struct lsa_AddAccountRights *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int i = 0; uint32_t acc_granted = 0; struct security_descriptor *psd = NULL; @@ -3378,7 +3417,7 @@ NTSTATUS _lsa_AddAccountRights(struct pipes_struct *p, * on the account sid. We don't check here so just use the latter. JRA. */ - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, LSA_ACCOUNT_ADJUST_PRIVILEGES|LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS|LSA_ACCOUNT_VIEW, &acc_granted, "_lsa_AddAccountRights" ); @@ -3417,6 +3456,9 @@ NTSTATUS _lsa_AddAccountRights(struct pipes_struct *p, NTSTATUS _lsa_RemoveAccountRights(struct pipes_struct *p, struct lsa_RemoveAccountRights *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int i = 0; struct security_descriptor *psd = NULL; size_t sd_size; @@ -3449,7 +3491,7 @@ NTSTATUS _lsa_RemoveAccountRights(struct pipes_struct *p, * and DELETE on the account sid. */ - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, LSA_ACCOUNT_ADJUST_PRIVILEGES|LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS| LSA_ACCOUNT_VIEW|SEC_STD_DELETE, diff --git a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c index d31a7d77b13..01c191bf01d 100644 --- a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +++ b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c @@ -44,6 +44,9 @@ static NTSTATUS create_mdssvc_policy_handle(TALLOC_CTX *mem_ctx, const char *path, struct policy_handle *handle) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct mds_ctx *mds_ctx; ZERO_STRUCTP(handle); @@ -51,7 +54,7 @@ static NTSTATUS create_mdssvc_policy_handle(TALLOC_CTX *mem_ctx, mds_ctx = mds_init_ctx(mem_ctx, messaging_tevent_context(p->msg_ctx), p->msg_ctx, - p->session_info, + session_info, snum, sharename, path); @@ -149,6 +152,9 @@ void _mdssvc_unknown1(struct pipes_struct *p, struct mdssvc_unknown1 *r) void _mdssvc_cmd(struct pipes_struct *p, struct mdssvc_cmd *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); bool ok; char *rbuf; struct mds_ctx *mds_ctx; @@ -173,7 +179,7 @@ void _mdssvc_cmd(struct pipes_struct *p, struct mdssvc_cmd *r) DEBUG(10, ("%s: path: %s\n", __func__, mds_ctx->spath)); - ok = security_token_is_sid(p->session_info->security_token, + ok = security_token_is_sid(session_info->security_token, &mds_ctx->sid); if (!ok) { struct dom_sid_buf buf; diff --git a/source3/rpc_server/netlogon/srv_netlog_nt.c b/source3/rpc_server/netlogon/srv_netlog_nt.c index d38822f9bb2..05a51bef37c 100644 --- a/source3/rpc_server/netlogon/srv_netlog_nt.c +++ b/source3/rpc_server/netlogon/srv_netlog_nt.c @@ -185,6 +185,8 @@ WERROR _netr_LogonControl2Ex(struct pipes_struct *p, struct netr_LogonControl2Ex *r) { struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); uint32_t flags = 0x0; WERROR pdc_connection_status = WERR_OK; uint32_t logon_attempts = 0x0; @@ -230,8 +232,11 @@ WERROR _netr_LogonControl2Ex(struct pipes_struct *p, break; default: if ((geteuid() != sec_initial_uid()) && - !nt_token_check_domain_rid(p->session_info->security_token, DOMAIN_RID_ADMINS) && - !nt_token_check_sid(&global_sid_Builtin_Administrators, p->session_info->security_token)) + !nt_token_check_domain_rid( + session_info->security_token, DOMAIN_RID_ADMINS) && + !nt_token_check_sid( + &global_sid_Builtin_Administrators, + session_info->security_token)) { return WERR_ACCESS_DENIED; } @@ -413,6 +418,8 @@ NTSTATUS _netr_NetrEnumerateTrustedDomains(struct pipes_struct *p, dcesrv_connection_get_local_address(dcesrv_conn); const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; NTSTATUS result = NT_STATUS_OK; DATA_BLOB blob; @@ -431,7 +438,7 @@ NTSTATUS _netr_NetrEnumerateTrustedDomains(struct pipes_struct *p, &ndr_table_lsarpc, remote_address, local_address, - p->session_info, + session_info, p->msg_ctx, &h); if (!NT_STATUS_IS_OK(status)) { @@ -1422,6 +1429,9 @@ static NTSTATUS netr_set_machine_account_password( NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p, struct netr_ServerPasswordSet *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status = NT_STATUS_OK; size_t i; struct netlogon_creds_CredentialState *creds = NULL; @@ -1465,7 +1475,7 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p, cr.creds.nt_hash = r->in.new_password; status = netr_set_machine_account_password(p->mem_ctx, - p->session_info, + session_info, p->msg_ctx, creds->sid, &cr); @@ -1479,6 +1489,9 @@ NTSTATUS _netr_ServerPasswordSet(struct pipes_struct *p, NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p, struct netr_ServerPasswordSet2 *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; struct netlogon_creds_CredentialState *creds = NULL; DATA_BLOB plaintext = data_blob_null; @@ -1627,7 +1640,7 @@ NTSTATUS _netr_ServerPasswordSet2(struct pipes_struct *p, } status = netr_set_machine_account_password(p->mem_ctx, - p->session_info, + session_info, p->msg_ctx, creds->sid, &cr); @@ -2692,11 +2705,14 @@ static NTSTATUS fill_forest_trust_array(TALLOC_CTX *mem_ctx, WERROR _netr_DsRGetForestTrustInformation(struct pipes_struct *p, struct netr_DsRGetForestTrustInformation *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; struct lsa_ForestTrustInformation *info, **info_ptr; enum security_user_level security_level; - security_level = security_session_user_level(p->session_info, NULL); + security_level = security_session_user_level(session_info, NULL); if (security_level < SECURITY_USER) { return WERR_ACCESS_DENIED; } diff --git a/source3/rpc_server/ntsvcs/srv_ntsvcs_nt.c b/source3/rpc_server/ntsvcs/srv_ntsvcs_nt.c index 209eb2bddb7..cfa2336afd9 100644 --- a/source3/rpc_server/ntsvcs/srv_ntsvcs_nt.c +++ b/source3/rpc_server/ntsvcs/srv_ntsvcs_nt.c @@ -21,6 +21,7 @@ #include "includes.h" #include "ntdomain.h" +#include "librpc/rpc/dcesrv_core.h" #include "librpc/gen_ndr/ndr_ntsvcs.h" #include "librpc/gen_ndr/ndr_ntsvcs_scompat.h" #include "services/svc_winreg_glue.h" @@ -126,6 +127,9 @@ _PNP_GetDeviceRegProp WERROR _PNP_GetDeviceRegProp(struct pipes_struct *p, struct PNP_GetDeviceRegProp *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); char *ptr; const char *result; DATA_BLOB blob; @@ -148,7 +152,7 @@ WERROR _PNP_GetDeviceRegProp(struct pipes_struct *p, result = svcctl_lookup_dispname(mem_ctx, p->msg_ctx, - p->session_info, + session_info, ptr); if (result == NULL) { return WERR_GEN_FAILURE; diff --git a/source3/rpc_server/rpc_handles.c b/source3/rpc_server/rpc_handles.c index ec8cfe090fe..60ee11df457 100644 --- a/source3/rpc_server/rpc_handles.c +++ b/source3/rpc_server/rpc_handles.c @@ -207,6 +207,8 @@ bool pipe_access_check(struct pipes_struct *p) struct dcesrv_call_state *dce_call = p->dce_call; struct dcesrv_auth *auth_state = dce_call->auth_state; enum dcerpc_AuthType auth_type = DCERPC_AUTH_TYPE_NONE; + struct auth_session_info *session_info = NULL; + enum security_user_level user_level; if (!auth_state->auth_finished) { return false; @@ -219,7 +221,10 @@ bool pipe_access_check(struct pipes_struct *p) return True; } - if (security_session_user_level(p->session_info, NULL) < SECURITY_USER) { + session_info = dcesrv_call_session_info(dce_call); + user_level = security_session_user_level(session_info, NULL); + + if (user_level < SECURITY_USER) { return False; } } diff --git a/source3/rpc_server/rpc_pipes.h b/source3/rpc_server/rpc_pipes.h index 5aa5a05e470..cb34e83b927 100644 --- a/source3/rpc_server/rpc_pipes.h +++ b/source3/rpc_server/rpc_pipes.h @@ -39,7 +39,6 @@ struct pipes_struct { enum dcerpc_transport_t transport; - struct auth_session_info *session_info; struct messaging_context *msg_ctx; struct pipe_auth_data auth; diff --git a/source3/rpc_server/samr/srv_samr_nt.c b/source3/rpc_server/samr/srv_samr_nt.c index 9ca7a8aff0d..dc8bdb95857 100644 --- a/source3/rpc_server/samr/srv_samr_nt.c +++ b/source3/rpc_server/samr/srv_samr_nt.c @@ -536,6 +536,9 @@ NTSTATUS _samr_Close(struct pipes_struct *p, struct samr_Close *r) NTSTATUS _samr_OpenDomain(struct pipes_struct *p, struct samr_OpenDomain *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *psd = NULL; uint32_t acc_granted; uint32_t des_access = r->in.access_mask; @@ -556,8 +559,8 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p, } /*check if access can be granted as requested by client. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); make_samr_object_sd( p->mem_ctx, &psd, &sd_size, &dom_generic_mapping, NULL, 0 ); @@ -567,7 +570,8 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p, * Users with SeAddUser get the ability to manipulate groups * and aliases. */ - if (security_token_has_privilege(p->session_info->security_token, SEC_PRIV_ADD_USERS)) { + if (security_token_has_privilege( + session_info->security_token, SEC_PRIV_ADD_USERS)) { extra_access |= (SAMR_DOMAIN_ACCESS_CREATE_GROUP | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | @@ -580,7 +584,7 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p, * SAMR_DOMAIN_ACCESS_CREATE_USER access. */ - status = access_check_object( psd, p->session_info->security_token, + status = access_check_object( psd, session_info->security_token, SEC_PRIV_MACHINE_ACCOUNT, SEC_PRIV_ADD_USERS, extra_access, des_access, &acc_granted, "_samr_OpenDomain" ); @@ -1892,6 +1896,8 @@ NTSTATUS _samr_ChangePasswordUser2(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; char *user_name = NULL; char *rhost; @@ -1925,7 +1931,7 @@ NTSTATUS _samr_ChangePasswordUser2(struct pipes_struct *p, return NT_STATUS_NO_MEMORY; } - encrypted = dcerpc_is_transport_encrypted(p->session_info); + encrypted = dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { return NT_STATUS_ACCESS_DENIED; @@ -1964,6 +1970,8 @@ NTSTATUS _samr_OemChangePasswordUser2(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); NTSTATUS status; char *user_name = NULL; const char *wks = NULL; @@ -2006,7 +2014,7 @@ NTSTATUS _samr_OemChangePasswordUser2(struct pipes_struct *p, return NT_STATUS_NO_MEMORY; } - encrypted = dcerpc_is_transport_encrypted(p->session_info); + encrypted = dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { return NT_STATUS_ACCESS_DENIED; @@ -2272,6 +2280,9 @@ NTSTATUS _samr_LookupRids(struct pipes_struct *p, NTSTATUS _samr_OpenUser(struct pipes_struct *p, struct samr_OpenUser *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct samu *sampass=NULL; struct dom_sid sid; struct samr_info *dinfo; @@ -2309,8 +2320,8 @@ NTSTATUS _samr_OpenUser(struct pipes_struct *p, return NT_STATUS_NO_SUCH_USER; /* check if access can be granted as requested by client. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, &sid, SAMR_USR_RIGHTS_WRITE_PW); @@ -2358,8 +2369,10 @@ NTSTATUS _samr_OpenUser(struct pipes_struct *p, * DOMAIN_RID_ADMINS. */ if (acb_info & (ACB_SVRTRUST|ACB_DOMTRUST)) { - if (lp_enable_privileges() && nt_token_check_domain_rid(p->session_info->security_token, - DOMAIN_RID_ADMINS)) { + if (lp_enable_privileges() && + nt_token_check_domain_rid( + session_info->security_token, + DOMAIN_RID_ADMINS)) { des_access &= ~GENERIC_RIGHTS_USER_WRITE; extra_access = GENERIC_RIGHTS_USER_WRITE; DEBUG(4,("_samr_OpenUser: Allowing " @@ -2371,7 +2384,7 @@ NTSTATUS _samr_OpenUser(struct pipes_struct *p, TALLOC_FREE(sampass); - nt_status = access_check_object(psd, p->session_info->security_token, + nt_status = access_check_object(psd, session_info->security_token, needed_priv_1, needed_priv_2, GENERIC_RIGHTS_USER_WRITE, des_access, &acc_granted, "_samr_OpenUser"); @@ -2808,6 +2821,9 @@ static NTSTATUS get_user_info_18(struct pipes_struct *p, struct samr_UserInfo18 *r, struct dom_sid *user_sid) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct samu *smbpass=NULL; bool ret; const uint8_t *nt_pass = NULL; @@ -2819,7 +2835,7 @@ static NTSTATUS get_user_info_18(struct pipes_struct *p, return NT_STATUS_INVALID_INFO_CLASS; } - if (!security_token_is_system(p->session_info->security_token)) { + if (!security_token_is_system(session_info->security_token)) { return NT_STATUS_ACCESS_DENIED; } @@ -3852,6 +3868,9 @@ static NTSTATUS can_create(TALLOC_CTX *mem_ctx, const char *new_name) NTSTATUS _samr_CreateUser2(struct pipes_struct *p, struct samr_CreateUser2 *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const char *account = NULL; struct dom_sid sid; uint32_t acb_info = r->in.acct_flags; @@ -3906,25 +3925,25 @@ NTSTATUS _samr_CreateUser2(struct pipes_struct *p, } else if (acb_info & ACB_WSTRUST) { needed_priv = SEC_PRIV_MACHINE_ACCOUNT; can_add_account = security_token_has_privilege( - p->session_info->security_token, needed_priv); + session_info->security_token, needed_priv); } else if (acb_info & ACB_NORMAL && (account[strlen(account)-1] != '$')) { /* usrmgr.exe (and net rpc trustdom add) creates a normal user account for domain trusts and changes the ACB flags later */ needed_priv = SEC_PRIV_ADD_USERS; can_add_account = security_token_has_privilege( - p->session_info->security_token, needed_priv); + session_info->security_token, needed_priv); } else if (lp_enable_privileges()) { /* implicit assumption of a BDC or domain trust account here * (we already check the flags earlier) */ /* only Domain Admins can add a BDC or domain trust */ can_add_account = nt_token_check_domain_rid( - p->session_info->security_token, + session_info->security_token, DOMAIN_RID_ADMINS ); } DEBUG(5, ("_samr_CreateUser2: %s can add this account : %s\n", - uidtoname(p->session_info->unix_token->uid), + uidtoname(session_info->unix_token->uid), can_add_account ? "True":"False" )); if (!can_add_account) { @@ -3951,8 +3970,8 @@ NTSTATUS _samr_CreateUser2(struct pipes_struct *p, sid_compose(&sid, get_global_sam_sid(), *r->out.rid); - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &usr_generic_mapping, @@ -3966,7 +3985,7 @@ NTSTATUS _samr_CreateUser2(struct pipes_struct *p, * just assume we have all the rights we need ? */ - nt_status = access_check_object(psd, p->session_info->security_token, + nt_status = access_check_object(psd, session_info->security_token, needed_priv, SEC_PRIV_INVALID, GENERIC_RIGHTS_USER_WRITE, des_access, &acc_granted, "_samr_CreateUser2"); @@ -4021,6 +4040,9 @@ NTSTATUS _samr_CreateUser(struct pipes_struct *p, NTSTATUS _samr_Connect(struct pipes_struct *p, struct samr_Connect *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); uint32_t acc_granted; uint32_t des_access = r->in.access_mask; NTSTATUS status; @@ -4036,8 +4058,8 @@ NTSTATUS _samr_Connect(struct pipes_struct *p, was observed from a win98 client trying to enumerate users (when configured user level access control on shares) --jerry */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); se_map_generic( &des_access, &sam_generic_mapping ); @@ -4068,6 +4090,8 @@ NTSTATUS _samr_Connect2(struct pipes_struct *p, struct samr_Connect2 *r) { struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *psd = NULL; uint32_t acc_granted; uint32_t des_access = r->in.access_mask; @@ -4099,14 +4123,14 @@ NTSTATUS _samr_Connect2(struct pipes_struct *p, return NT_STATUS_ACCESS_DENIED; } - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &sam_generic_mapping, NULL, 0); se_map_generic(&des_access, &sam_generic_mapping); - nt_status = access_check_object(psd, p->session_info->security_token, + nt_status = access_check_object(psd, session_info->security_token, SEC_PRIV_INVALID, SEC_PRIV_INVALID, 0, des_access, &acc_granted, fn); @@ -4298,6 +4322,9 @@ NTSTATUS _samr_EnumDomains(struct pipes_struct *p, NTSTATUS _samr_OpenAlias(struct pipes_struct *p, struct samr_OpenAlias *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct dom_sid sid; uint32_t alias_rid = r->in.rid; struct samr_info *dinfo; @@ -4324,14 +4351,14 @@ NTSTATUS _samr_OpenAlias(struct pipes_struct *p, /*check if access can be granted as requested by client. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &ali_generic_mapping, NULL, 0); se_map_generic(&des_access,&ali_generic_mapping); - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_ADD_USERS, SEC_PRIV_INVALID, GENERIC_RIGHTS_ALIAS_ALL_ACCESS, des_access, &acc_granted, "_samr_OpenAlias"); @@ -5228,6 +5255,8 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct samr_info *uinfo; NTSTATUS status; struct samu *pwd = NULL; @@ -5405,7 +5434,8 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, break; case 18: - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5422,7 +5452,8 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, break; case 21: - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5434,14 +5465,15 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, case 23: encrypted = - dcerpc_is_transport_encrypted(p->session_info); + dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { status = NT_STATUS_ACCESS_DENIED; break; } - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5470,14 +5502,15 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, case 24: encrypted = - dcerpc_is_transport_encrypted(p->session_info); + dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { status = NT_STATUS_ACCESS_DENIED; break; } - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5505,14 +5538,15 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, case 25: encrypted = - dcerpc_is_transport_encrypted(p->session_info); + dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { status = NT_STATUS_ACCESS_DENIED; break; } - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { break; } @@ -5539,14 +5573,15 @@ NTSTATUS _samr_SetUserInfo(struct pipes_struct *p, case 26: encrypted = - dcerpc_is_transport_encrypted(p->session_info); + dcerpc_is_transport_encrypted(session_info); if (lp_weak_crypto() == SAMBA_WEAK_CRYPTO_DISALLOWED && !encrypted) { status = NT_STATUS_ACCESS_DENIED; break; } - status = session_extract_session_key(p->session_info, &session_key, KEY_USE_16BYTES); + status = session_extract_session_key( + session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { break; } @@ -6650,6 +6685,9 @@ NTSTATUS _samr_OpenGroup(struct pipes_struct *p, struct samr_OpenGroup *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct dom_sid info_sid; struct dom_sid_buf buf; GROUP_MAP *map; @@ -6672,14 +6710,14 @@ NTSTATUS _samr_OpenGroup(struct pipes_struct *p, } /*check if access can be granted as requested by client. */ - map_max_allowed_access(p->session_info->security_token, - p->session_info->unix_token, + map_max_allowed_access(session_info->security_token, + session_info->unix_token, &des_access); make_samr_object_sd(p->mem_ctx, &psd, &sd_size, &grp_generic_mapping, NULL, 0); se_map_generic(&des_access,&grp_generic_mapping); - status = access_check_object(psd, p->session_info->security_token, + status = access_check_object(psd, session_info->security_token, SEC_PRIV_ADD_USERS, SEC_PRIV_INVALID, GENERIC_RIGHTS_GROUP_ALL_ACCESS, des_access, &acc_granted, "_samr_OpenGroup"); diff --git a/source3/rpc_server/spoolss/srv_iremotewinspool.c b/source3/rpc_server/spoolss/srv_iremotewinspool.c index f93d2f676d8..90fd997cadd 100644 --- a/source3/rpc_server/spoolss/srv_iremotewinspool.c +++ b/source3/rpc_server/spoolss/srv_iremotewinspool.c @@ -82,7 +82,6 @@ static NTSTATUS iremotewinspool__op_dispatch_internal(struct dcesrv_call_state * { uint16_t opnum = dce_call->pkt.u.request.opnum; struct pipes_struct *p = NULL; - struct auth_session_info *pipe_session_info = NULL; NTSTATUS status = NT_STATUS_OK; bool impersonated = false; @@ -94,9 +93,6 @@ static NTSTATUS iremotewinspool__op_dispatch_internal(struct dcesrv_call_state * p = dcesrv_get_pipes_struct(dce_call->conn); p->dce_call = dce_call; p->mem_ctx = mem_ctx; - /* Update pipes struct session info */ - pipe_session_info = p->session_info; - p->session_info = dce_call->auth_state->session_info; p->auth.auth_type = dce_call->auth_state->auth_type; p->auth.auth_level = dce_call->auth_state->auth_level; p->auth.auth_context_id = dce_call->auth_state->auth_context_id; @@ -105,7 +101,8 @@ static NTSTATUS iremotewinspool__op_dispatch_internal(struct dcesrv_call_state * /* Impersonate */ if (!rpcint_call) { - impersonated = become_authenticated_pipe_user(p->session_info); + impersonated = become_authenticated_pipe_user( + dce_call->auth_state->session_info); if (!impersonated) { dce_call->fault_code = DCERPC_FAULT_ACCESS_DENIED; status = NT_STATUS_NET_WRITE_FAULT; @@ -1233,8 +1230,6 @@ fail: p->dce_call = NULL; p->mem_ctx = NULL; - /* Restore session info */ - p->session_info = pipe_session_info; p->auth.auth_type = 0; p->auth.auth_level = 0; p->auth.auth_context_id = 0; diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c index 8d9121f584c..58735461b6c 100644 --- a/source3/rpc_server/spoolss/srv_spoolss_nt.c +++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c @@ -413,6 +413,9 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token, static WERROR delete_printer_handle(struct pipes_struct *p, struct policy_handle *hnd) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct printer_handle *Printer = find_printer_index_by_hnd(p, hnd); WERROR result; @@ -447,7 +450,7 @@ static WERROR delete_printer_handle(struct pipes_struct *p, struct policy_handle return WERR_INVALID_HANDLE; } - result = delete_printer_hook(p->mem_ctx, p->session_info->security_token, + result = delete_printer_hook(p->mem_ctx, session_info->security_token, Printer->sharename, p->msg_ctx); if (!W_ERROR_IS_OK(result)) { return result; @@ -1680,6 +1683,8 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int snum; char *raddr; char *rhost; @@ -1805,10 +1810,12 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, SEC_PRIV_PRINT_OPERATOR) && + if ((session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege( + session_info->security_token, + SEC_PRIV_PRINT_OPERATOR) && !nt_token_check_sid(&global_sid_Builtin_Print_Operators, - p->session_info->security_token)) { + session_info->security_token)) { close_printer_handle(p, r->out.handle); ZERO_STRUCTP(r->out.handle); DEBUG(3,("access DENIED as user is not root, " @@ -1885,10 +1892,10 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, return WERR_ACCESS_DENIED; } - if (!user_ok_token(p->session_info->unix_info->unix_name, - p->session_info->info->domain_name, - p->session_info->security_token, snum) || - !W_ERROR_IS_OK(print_access_check(p->session_info, + if (!user_ok_token(session_info->unix_info->unix_name, + session_info->info->domain_name, + session_info->security_token, snum) || + !W_ERROR_IS_OK(print_access_check(session_info, p->msg_ctx, snum, r->in.access_mask))) { @@ -2036,6 +2043,9 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p, struct spoolss_DeletePrinterDriver *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct spoolss_DriverInfo8 *info = NULL; int version; WERROR status; @@ -2047,8 +2057,8 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, + if ((session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) { return WERR_ACCESS_DENIED; } @@ -2118,6 +2128,9 @@ static WERROR spoolss_dpd_version(TALLOC_CTX *mem_ctx, struct dcerpc_binding_handle *b, struct spoolss_DriverInfo8 *info) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); WERROR status; bool delete_files; @@ -2166,7 +2179,7 @@ static WERROR spoolss_dpd_version(TALLOC_CTX *mem_ctx, * because the driver doesn not exist any more */ if (delete_files) { - delete_driver_files(p->session_info, info); + delete_driver_files(session_info, info); } done: @@ -2180,6 +2193,9 @@ done: WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p, struct spoolss_DeletePrinterDriverEx *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct spoolss_DriverInfo8 *info = NULL; WERROR status; struct dcerpc_binding_handle *b; @@ -2190,8 +2206,8 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, + if ((session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) { return WERR_ACCESS_DENIED; } @@ -5939,6 +5955,8 @@ WERROR _spoolss_StartDocPrinter(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct spoolss_DocumentInfo1 *info_1; int snum; struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); @@ -6006,7 +6024,7 @@ WERROR _spoolss_StartDocPrinter(struct pipes_struct *p, } } - werr = print_job_start(p->session_info, + werr = print_job_start(session_info, p->msg_ctx, rhost, snum, @@ -6109,7 +6127,9 @@ WERROR _spoolss_WritePrinter(struct pipes_struct *p, static WERROR control_printer(struct policy_handle *handle, uint32_t command, struct pipes_struct *p) { - const struct auth_session_info *session_info = p->session_info; + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int snum; WERROR errcode = WERR_INVALID_FUNCTION; struct printer_handle *Printer = find_printer_index_by_hnd(p, handle); @@ -6151,6 +6171,9 @@ static WERROR control_printer(struct policy_handle *handle, uint32_t command, WERROR _spoolss_AbortPrinter(struct pipes_struct *p, struct spoolss_AbortPrinter *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); int snum; WERROR errcode = WERR_OK; @@ -6168,7 +6191,7 @@ WERROR _spoolss_AbortPrinter(struct pipes_struct *p, return WERR_SPL_NO_STARTDOC; } - errcode = print_job_delete(p->session_info, + errcode = print_job_delete(session_info, p->msg_ctx, snum, Printer->jobid); @@ -6966,6 +6989,8 @@ static WERROR update_printer(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); uint32_t printer_mask = SPOOLSS_PRINTER_INFO_ALL; struct spoolss_SetPrinterInfo2 *printer = info_ctr->info.info2; struct spoolss_PrinterInfo2 *old_printer; @@ -7045,7 +7070,7 @@ static WERROR update_printer(struct pipes_struct *p, } /* add_printer_hook() will call reload_services() */ - if (!add_printer_hook(tmp_ctx, p->session_info->security_token, + if (!add_printer_hook(tmp_ctx, session_info->security_token, printer, raddr, p->msg_ctx)) { result = WERR_ACCESS_DENIED; @@ -7795,7 +7820,9 @@ static WERROR spoolss_setjob_1(TALLOC_CTX *mem_ctx, WERROR _spoolss_SetJob(struct pipes_struct *p, struct spoolss_SetJob *r) { - const struct auth_session_info *session_info = p->session_info; + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); int snum; WERROR errcode = WERR_INVALID_FUNCTION; @@ -8455,6 +8482,8 @@ static WERROR spoolss_addprinterex_level_2(struct pipes_struct *p, struct dcesrv_connection *dcesrv_conn = dce_call->conn; const struct tsocket_address *remote_address = dcesrv_connection_get_remote_address(dcesrv_conn); + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct spoolss_SetPrinterInfo2 *info2 = info_ctr->info.info2; uint32_t info2_mask = SPOOLSS_PRINTER_INFO_ALL; const struct loadparm_substitution *lp_sub = @@ -8513,7 +8542,7 @@ static WERROR spoolss_addprinterex_level_2(struct pipes_struct *p, return WERR_NOT_ENOUGH_MEMORY; } - if ( !add_printer_hook(p->mem_ctx, p->session_info->security_token, + if ( !add_printer_hook(p->mem_ctx, session_info->security_token, info2, raddr, p->msg_ctx) ) { return WERR_ACCESS_DENIED; @@ -8530,7 +8559,7 @@ static WERROR spoolss_addprinterex_level_2(struct pipes_struct *p, } /* you must be a printer admin to add a new printer */ - if (!W_ERROR_IS_OK(print_access_check(p->session_info, + if (!W_ERROR_IS_OK(print_access_check(session_info, p->msg_ctx, snum, PRINTER_ACCESS_ADMINISTER))) { @@ -8636,6 +8665,9 @@ WERROR _spoolss_AddPrinter(struct pipes_struct *p, WERROR _spoolss_AddPrinterDriverEx(struct pipes_struct *p, struct spoolss_AddPrinterDriverEx *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); WERROR err = WERR_OK; const char *driver_name = NULL; const char *driver_directory = NULL; @@ -8666,7 +8698,7 @@ WERROR _spoolss_AddPrinterDriverEx(struct pipes_struct *p, DEBUG(5,("Cleaning driver's information\n")); err = clean_up_driver_struct(p->mem_ctx, - p->session_info, + session_info, r->in.info_ctr, r->in.flags, &driver_directory); @@ -8677,7 +8709,7 @@ WERROR _spoolss_AddPrinterDriverEx(struct pipes_struct *p, } DEBUG(5,("Moving driver to final destination\n")); - err = move_driver_to_download_area(p->session_info, + err = move_driver_to_download_area(session_info, r->in.info_ctr, driver_directory); if (!W_ERROR_IS_OK(err)) { @@ -9097,6 +9129,9 @@ WERROR _spoolss_DeletePrinterData(struct pipes_struct *p, WERROR _spoolss_AddForm(struct pipes_struct *p, struct spoolss_AddForm *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct spoolss_AddFormInfo1 *form; int snum = -1; WERROR status = WERR_OK; @@ -9115,8 +9150,8 @@ WERROR _spoolss_AddForm(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, + if ((session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) { DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n")); return WERR_ACCESS_DENIED; @@ -9183,6 +9218,9 @@ done: WERROR _spoolss_DeleteForm(struct pipes_struct *p, struct spoolss_DeleteForm *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const char *form_name = r->in.form_name; struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); int snum = -1; @@ -9198,8 +9236,8 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p, return WERR_INVALID_HANDLE; } - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, + if ((session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) { DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n")); return WERR_ACCESS_DENIED; @@ -9248,6 +9286,9 @@ done: WERROR _spoolss_SetForm(struct pipes_struct *p, struct spoolss_SetForm *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct spoolss_AddFormInfo1 *form; const char *form_name = r->in.form_name; int snum = -1; @@ -9268,8 +9309,8 @@ WERROR _spoolss_SetForm(struct pipes_struct *p, /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege, and not a printer admin, then fail */ - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - !security_token_has_privilege(p->session_info->security_token, + if ((session_info->unix_token->uid != sec_initial_uid()) && + !security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) { DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n")); return WERR_ACCESS_DENIED; @@ -10762,6 +10803,9 @@ static WERROR process_xcvlocal_command(TALLOC_CTX *mem_ctx, WERROR _spoolss_XcvData(struct pipes_struct *p, struct spoolss_XcvData *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct printer_handle *Printer = find_printer_index_by_hnd(p, r->in.handle); DATA_BLOB out_data = data_blob_null; WERROR werror; @@ -10798,14 +10842,14 @@ WERROR _spoolss_XcvData(struct pipes_struct *p, switch ( Printer->printer_type ) { case SPLHND_PORTMON_TCP: werror = process_xcvtcp_command(p->mem_ctx, - p->session_info->security_token, + session_info->security_token, r->in.function_name, &r->in.in_data, &out_data, r->out.needed); break; case SPLHND_PORTMON_LOCAL: werror = process_xcvlocal_command(p->mem_ctx, - p->session_info->security_token, + session_info->security_token, r->in.function_name, &r->in.in_data, &out_data, r->out.needed); diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index fc27a459634..770e5d368a8 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -27,6 +27,7 @@ #include "system/passwd.h" #include "lib/util/server_id.h" #include "ntdomain.h" +#include "librpc/rpc/dcesrv_core.h" #include "librpc/gen_ndr/ndr_srvsvc.h" #include "librpc/gen_ndr/ndr_srvsvc_scompat.h" #include "../libcli/security/security.h" @@ -244,6 +245,9 @@ static void init_srv_share_info_1(struct pipes_struct *p, struct srvsvc_NetShareInfo1 *r, int snum) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); char *net_name = lp_servicename(talloc_tos(), lp_sub, snum); @@ -253,7 +257,7 @@ static void init_srv_share_info_1(struct pipes_struct *p, remark = talloc_sub_full( p->mem_ctx, lp_servicename(talloc_tos(), lp_sub, snum), get_current_username(), lp_path(talloc_tos(), lp_sub, snum), - p->session_info->unix_token->uid, get_current_username(), + session_info->unix_token->uid, get_current_username(), "", remark); } @@ -270,6 +274,9 @@ static void init_srv_share_info_2(struct pipes_struct *p, struct srvsvc_NetShareInfo2 *r, int snum) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); char *remark = NULL; @@ -283,7 +290,7 @@ static void init_srv_share_info_2(struct pipes_struct *p, remark = talloc_sub_full( p->mem_ctx, lp_servicename(talloc_tos(), lp_sub, snum), get_current_username(), lp_path(talloc_tos(), lp_sub, snum), - p->session_info->unix_token->uid, get_current_username(), + session_info->unix_token->uid, get_current_username(), "", remark); } path = talloc_asprintf(p->mem_ctx, @@ -341,6 +348,9 @@ static void map_generic_share_sd_bits(struct security_descriptor *psd) static void init_srv_share_info_501(struct pipes_struct *p, struct srvsvc_NetShareInfo501 *r, int snum) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); const char *net_name = lp_servicename(talloc_tos(), lp_sub, snum); @@ -350,7 +360,7 @@ static void init_srv_share_info_501(struct pipes_struct *p, remark = talloc_sub_full( p->mem_ctx, lp_servicename(talloc_tos(), lp_sub, snum), get_current_username(), lp_path(talloc_tos(), lp_sub, snum), - p->session_info->unix_token->uid, get_current_username(), + session_info->unix_token->uid, get_current_username(), "", remark); } @@ -372,6 +382,9 @@ static void init_srv_share_info_501(struct pipes_struct *p, static void init_srv_share_info_502(struct pipes_struct *p, struct srvsvc_NetShareInfo502 *r, int snum) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); const char *net_name = lp_servicename(talloc_tos(), lp_sub, snum); @@ -386,7 +399,7 @@ static void init_srv_share_info_502(struct pipes_struct *p, remark = talloc_sub_full( p->mem_ctx, lp_servicename(talloc_tos(), lp_sub, snum), get_current_username(), lp_path(talloc_tos(), lp_sub, snum), - p->session_info->unix_token->uid, get_current_username(), + session_info->unix_token->uid, get_current_username(), "", remark); } path = talloc_asprintf(ctx, "C:%s", lp_path(talloc_tos(), lp_sub, snum)); @@ -421,6 +434,9 @@ static void init_srv_share_info_1004(struct pipes_struct *p, struct srvsvc_NetShareInfo1004 *r, int snum) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); char *remark = lp_comment(p->mem_ctx, lp_sub, snum); @@ -429,7 +445,7 @@ static void init_srv_share_info_1004(struct pipes_struct *p, remark = talloc_sub_full( p->mem_ctx, lp_servicename(talloc_tos(), lp_sub, snum), get_current_username(), lp_path(talloc_tos(), lp_sub, snum), - p->session_info->unix_token->uid, get_current_username(), + session_info->unix_token->uid, get_current_username(), "", remark); } @@ -520,6 +536,9 @@ static bool is_hidden_share(int snum) static bool is_enumeration_allowed(struct pipes_struct *p, int snum) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); @@ -527,13 +546,13 @@ static bool is_enumeration_allowed(struct pipes_struct *p, return true; } - if (!user_ok_token(p->session_info->unix_info->unix_name, - p->session_info->info->domain_name, - p->session_info->security_token, snum)) { + if (!user_ok_token(session_info->unix_info->unix_name, + session_info->info->domain_name, + session_info->security_token, snum)) { return false; } - return share_access_check(p->session_info->security_token, + return share_access_check(session_info->security_token, lp_servicename(talloc_tos(), lp_sub, snum), FILE_READ_DATA, NULL); } @@ -1304,6 +1323,9 @@ static WERROR init_srv_conn_info_1(const char *name, WERROR _srvsvc_NetFileEnum(struct pipes_struct *p, struct srvsvc_NetFileEnum *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); TALLOC_CTX *ctx = NULL; struct srvsvc_NetFileCtr3 *ctr3; uint32_t resume_hnd = 0; @@ -1317,7 +1339,7 @@ WERROR _srvsvc_NetFileEnum(struct pipes_struct *p, } if (!nt_token_check_sid(&global_sid_Builtin_Administrators, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(1, ("Enumerating files only allowed for " "administrators\n")); return WERR_ACCESS_DENIED; @@ -1468,12 +1490,15 @@ WERROR _srvsvc_NetSrvSetInfo(struct pipes_struct *p, WERROR _srvsvc_NetConnEnum(struct pipes_struct *p, struct srvsvc_NetConnEnum *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); WERROR werr; DEBUG(5,("_srvsvc_NetConnEnum: %d\n", __LINE__)); if (!nt_token_check_sid(&global_sid_Builtin_Administrators, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(1, ("Enumerating connections only allowed for " "administrators\n")); return WERR_ACCESS_DENIED; @@ -1507,12 +1532,15 @@ WERROR _srvsvc_NetConnEnum(struct pipes_struct *p, WERROR _srvsvc_NetSessEnum(struct pipes_struct *p, struct srvsvc_NetSessEnum *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); WERROR werr; DEBUG(5,("_srvsvc_NetSessEnum: %d\n", __LINE__)); if (!nt_token_check_sid(&global_sid_Builtin_Administrators, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(1, ("Enumerating sessions only allowed for " "administrators\n")); return WERR_ACCESS_DENIED; @@ -1547,6 +1575,9 @@ WERROR _srvsvc_NetSessEnum(struct pipes_struct *p, WERROR _srvsvc_NetSessDel(struct pipes_struct *p, struct srvsvc_NetSessDel *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct sessionid *session_list; int num_sessions, snum; const char *username; @@ -1560,8 +1591,8 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p, /* fail out now if you are not root or not a domain admin */ - if ((p->session_info->unix_token->uid != sec_initial_uid()) && - ( ! nt_token_check_domain_rid(p->session_info->security_token, + if ((session_info->unix_token->uid != sec_initial_uid()) && + ( ! nt_token_check_domain_rid(session_info->security_token, DOMAIN_RID_ADMINS))) { goto done; @@ -1582,7 +1613,7 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p, NTSTATUS ntstat; - if (p->session_info->unix_token->uid != sec_initial_uid()) { + if (session_info->unix_token->uid != sec_initial_uid()) { not_root = True; become_root(); } @@ -1757,6 +1788,9 @@ WERROR _srvsvc_NetShareGetInfo(struct pipes_struct *p, WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p, struct srvsvc_NetShareSetInfo *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); char *command = NULL; @@ -1811,15 +1845,16 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p, if (lp_printable(snum)) return WERR_ACCESS_DENIED; - is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR); + is_disk_op = security_token_has_privilege( + session_info->security_token, SEC_PRIV_DISK_OPERATOR); /* fail out now if you are not root and not a disk op */ - if ( p->session_info->unix_token->uid != sec_initial_uid() && !is_disk_op ) { + if (session_info->unix_token->uid != sec_initial_uid() && !is_disk_op) { DEBUG(2,("_srvsvc_NetShareSetInfo: uid %u doesn't have the " "SeDiskOperatorPrivilege privilege needed to modify " "share %s\n", - (unsigned int)p->session_info->unix_token->uid, + (unsigned int)session_info->unix_token->uid, share_name )); return WERR_ACCESS_DENIED; } @@ -2014,6 +2049,9 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p, WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, struct srvsvc_NetShareAdd *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); char *command = NULL; char *share_name_in = NULL; char *share_name = NULL; @@ -2037,10 +2075,12 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, *r->out.parm_error = 0; } - is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR); + is_disk_op = security_token_has_privilege( + session_info->security_token, SEC_PRIV_DISK_OPERATOR); - if (p->session_info->unix_token->uid != sec_initial_uid() && !is_disk_op ) + if (session_info->unix_token->uid != sec_initial_uid() && !is_disk_op) { return WERR_ACCESS_DENIED; + } if (!lp_add_share_command(talloc_tos(), lp_sub) || !*lp_add_share_command(talloc_tos(), lp_sub)) { DBG_WARNING("_srvsvc_NetShareAdd: No \"add share command\" parameter set in smb.conf.\n"); @@ -2217,6 +2257,9 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, WERROR _srvsvc_NetShareDel(struct pipes_struct *p, struct srvsvc_NetShareDel *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); char *command = NULL; char *share_name = NULL; int ret; @@ -2252,10 +2295,12 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p, if (lp_printable(snum)) return WERR_ACCESS_DENIED; - is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR); + is_disk_op = security_token_has_privilege( + session_info->security_token, SEC_PRIV_DISK_OPERATOR); - if (p->session_info->unix_token->uid != sec_initial_uid() && !is_disk_op ) + if (session_info->unix_token->uid != sec_initial_uid() && !is_disk_op) { return WERR_ACCESS_DENIED; + } if (!lp_delete_share_command(talloc_tos(), lp_sub) || !*lp_delete_share_command(talloc_tos(), lp_sub)) { DBG_WARNING("_srvsvc_NetShareDel: No \"delete share command\" parameter set in smb.conf.\n"); @@ -2374,6 +2419,9 @@ WERROR _srvsvc_NetRemoteTOD(struct pipes_struct *p, WERROR _srvsvc_NetGetFileSecurity(struct pipes_struct *p, struct srvsvc_NetGetFileSecurity *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); TALLOC_CTX *frame = talloc_stackframe(); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); @@ -2410,7 +2458,7 @@ WERROR _srvsvc_NetGetFileSecurity(struct pipes_struct *p, nt_status = create_conn_struct_tos_cwd(global_messaging_context(), snum, lp_path(frame, lp_sub, snum), - p->session_info, + session_info, &c); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(10, ("create_conn_struct failed: %s\n", @@ -2506,6 +2554,9 @@ error_exit: WERROR _srvsvc_NetSetFileSecurity(struct pipes_struct *p, struct srvsvc_NetSetFileSecurity *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); TALLOC_CTX *frame = talloc_stackframe(); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); @@ -2544,7 +2595,7 @@ WERROR _srvsvc_NetSetFileSecurity(struct pipes_struct *p, nt_status = create_conn_struct_tos_cwd(global_messaging_context(), snum, lp_path(frame, lp_sub, snum), - p->session_info, + session_info, &c); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(10, ("create_conn_struct failed: %s\n", @@ -2782,14 +2833,18 @@ static int enum_file_close_fn(struct file_id id, WERROR _srvsvc_NetFileClose(struct pipes_struct *p, struct srvsvc_NetFileClose *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct enum_file_close_state state; bool is_disk_op; DEBUG(5,("_srvsvc_NetFileClose: %d\n", __LINE__)); - is_disk_op = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_DISK_OPERATOR); + is_disk_op = security_token_has_privilege( + session_info->security_token, SEC_PRIV_DISK_OPERATOR); - if (p->session_info->unix_token->uid != sec_initial_uid() && !is_disk_op) { + if (session_info->unix_token->uid != sec_initial_uid() && !is_disk_op) { return WERR_ACCESS_DENIED; } diff --git a/source3/rpc_server/svcctl/srv_svcctl_nt.c b/source3/rpc_server/svcctl/srv_svcctl_nt.c index 429af220e0d..7f0f2c0258c 100644 --- a/source3/rpc_server/svcctl/srv_svcctl_nt.c +++ b/source3/rpc_server/svcctl/srv_svcctl_nt.c @@ -288,6 +288,9 @@ done: WERROR _svcctl_OpenSCManagerW(struct pipes_struct *p, struct svcctl_OpenSCManagerW *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *sec_desc; uint32_t access_granted = 0; NTSTATUS status; @@ -298,7 +301,7 @@ WERROR _svcctl_OpenSCManagerW(struct pipes_struct *p, return WERR_NOT_ENOUGH_MEMORY; se_map_generic( &r->in.access_mask, &scm_generic_map ); - status = svcctl_access_check( sec_desc, p->session_info->security_token, + status = svcctl_access_check( sec_desc, session_info->security_token, r->in.access_mask, &access_granted ); if ( !NT_STATUS_IS_OK(status) ) return ntstatus_to_werror( status ); @@ -313,6 +316,9 @@ WERROR _svcctl_OpenSCManagerW(struct pipes_struct *p, WERROR _svcctl_OpenServiceW(struct pipes_struct *p, struct svcctl_OpenServiceW *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct security_descriptor *sec_desc; uint32_t access_granted = 0; NTSTATUS status; @@ -350,7 +356,7 @@ WERROR _svcctl_OpenServiceW(struct pipes_struct *p, } se_map_generic( &r->in.access_mask, &svc_generic_map ); - status = svcctl_access_check( sec_desc, p->session_info->security_token, + status = svcctl_access_check( sec_desc, session_info->security_token, r->in.access_mask, &access_granted ); if ( !NT_STATUS_IS_OK(status) ) return ntstatus_to_werror( status ); @@ -380,6 +386,9 @@ WERROR _svcctl_CloseServiceHandle(struct pipes_struct *p, WERROR _svcctl_GetServiceDisplayNameW(struct pipes_struct *p, struct svcctl_GetServiceDisplayNameW *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const char *service; const char *display_name; SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); @@ -393,7 +402,7 @@ WERROR _svcctl_GetServiceDisplayNameW(struct pipes_struct *p, display_name = svcctl_lookup_dispname(p->mem_ctx, p->msg_ctx, - p->session_info, + session_info, service); if (!display_name) { display_name = ""; @@ -473,6 +482,9 @@ static int enumerate_status(TALLOC_CTX *ctx, WERROR _svcctl_EnumServicesStatusW(struct pipes_struct *p, struct svcctl_EnumServicesStatusW *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct ENUM_SERVICE_STATUSW *services = NULL; int num_services; int i = 0; @@ -492,7 +504,7 @@ WERROR _svcctl_EnumServicesStatusW(struct pipes_struct *p, num_services = enumerate_status(p->mem_ctx, p->msg_ctx, - p->session_info, + session_info, &services); if (num_services == -1 ) { return WERR_NOT_ENOUGH_MEMORY; @@ -754,6 +766,9 @@ static WERROR fill_svc_config(TALLOC_CTX *mem_ctx, WERROR _svcctl_QueryServiceConfigW(struct pipes_struct *p, struct svcctl_QueryServiceConfigW *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); uint32_t buffer_size; WERROR wresult; @@ -773,7 +788,7 @@ WERROR _svcctl_QueryServiceConfigW(struct pipes_struct *p, wresult = fill_svc_config(p->mem_ctx, p->msg_ctx, - p->session_info, + session_info, info->name, r->out.query); if ( !W_ERROR_IS_OK(wresult) ) @@ -797,6 +812,9 @@ WERROR _svcctl_QueryServiceConfigW(struct pipes_struct *p, WERROR _svcctl_QueryServiceConfig2W(struct pipes_struct *p, struct svcctl_QueryServiceConfig2W *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); uint32_t buffer_size; DATA_BLOB blob = data_blob_null; @@ -822,7 +840,7 @@ WERROR _svcctl_QueryServiceConfig2W(struct pipes_struct *p, description = svcctl_lookup_description(p->mem_ctx, p->msg_ctx, - p->session_info, + session_info, info->name); desc_buf.description = description; @@ -979,6 +997,9 @@ WERROR _svcctl_QueryServiceObjectSecurity(struct pipes_struct *p, WERROR _svcctl_SetServiceObjectSecurity(struct pipes_struct *p, struct svcctl_SetServiceObjectSecurity *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); SERVICE_INFO *info = find_service_info_by_hnd( p, r->in.handle ); struct security_descriptor *sec_desc = NULL; uint32_t required_access; @@ -1025,7 +1046,7 @@ WERROR _svcctl_SetServiceObjectSecurity(struct pipes_struct *p, /* store the new SD */ - if (!svcctl_set_secdesc(p->msg_ctx, p->session_info, info->name, sec_desc)) + if (!svcctl_set_secdesc(p->msg_ctx, session_info, info->name, sec_desc)) return WERR_ACCESS_DENIED; return WERR_OK; diff --git a/source3/rpc_server/winreg/srv_winreg_nt.c b/source3/rpc_server/winreg/srv_winreg_nt.c index 002db07ef4d..3f282d4886e 100644 --- a/source3/rpc_server/winreg/srv_winreg_nt.c +++ b/source3/rpc_server/winreg/srv_winreg_nt.c @@ -22,6 +22,7 @@ #include "includes.h" #include "ntdomain.h" +#include "librpc/rpc/dcesrv_core.h" #include "librpc/gen_ndr/ndr_winreg.h" #include "librpc/gen_ndr/ndr_winreg_scompat.h" #include "registry.h" @@ -75,12 +76,15 @@ static WERROR open_registry_key(struct pipes_struct *p, const char *subkeyname, uint32_t access_desired) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); WERROR result = WERR_OK; struct registry_key *key; if (parent == NULL) { result = reg_openhive(p->mem_ctx, subkeyname, access_desired, - p->session_info->security_token, &key); + session_info->security_token, &key); } else { result = reg_openkey(p->mem_ctx, parent, subkeyname, @@ -546,6 +550,9 @@ WERROR _winreg_InitiateSystemShutdown(struct pipes_struct *p, WERROR _winreg_InitiateSystemShutdownEx(struct pipes_struct *p, struct winreg_InitiateSystemShutdownEx *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); char *shutdown_script = NULL; @@ -607,7 +614,8 @@ WERROR _winreg_InitiateSystemShutdownEx(struct pipes_struct *p, return WERR_NOT_ENOUGH_MEMORY; } - can_shutdown = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_REMOTE_SHUTDOWN); + can_shutdown = security_token_has_privilege( + session_info->security_token, SEC_PRIV_REMOTE_SHUTDOWN); /* IF someone has privs, run the shutdown script as root. OTHERWISE run it as not root Take the error return from the script and provide it as the Windows return code. */ @@ -637,6 +645,9 @@ WERROR _winreg_InitiateSystemShutdownEx(struct pipes_struct *p, WERROR _winreg_AbortSystemShutdown(struct pipes_struct *p, struct winreg_AbortSystemShutdown *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); const char *abort_shutdown_script = NULL; const struct loadparm_substitution *lp_sub = loadparm_s3_global_substitution(); @@ -647,7 +658,8 @@ WERROR _winreg_AbortSystemShutdown(struct pipes_struct *p, if (!*abort_shutdown_script) return WERR_ACCESS_DENIED; - can_shutdown = security_token_has_privilege(p->session_info->security_token, SEC_PRIV_REMOTE_SHUTDOWN); + can_shutdown = security_token_has_privilege( + session_info->security_token, SEC_PRIV_REMOTE_SHUTDOWN); /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/ diff --git a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c index 6b787ad8b32..592e8668cd3 100644 --- a/source3/rpc_server/wkssvc/srv_wkssvc_nt.c +++ b/source3/rpc_server/wkssvc/srv_wkssvc_nt.c @@ -24,6 +24,7 @@ #include "includes.h" #include "ntdomain.h" +#include "librpc/rpc/dcesrv_core.h" #include "librpc/gen_ndr/libnet_join.h" #include "libnet/libnet_join.h" #include "../libcli/auth/libcli_auth.h" @@ -361,6 +362,9 @@ static struct wkssvc_NetWkstaInfo102 *create_wks_info_102(TALLOC_CTX *mem_ctx) WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, struct wkssvc_NetWkstaGetInfo *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct dom_sid_buf buf; switch (r->in.level) { @@ -375,7 +379,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, case 101: /* Level 101 can be allowed from any logged in user */ if (!nt_token_check_sid(&global_sid_Authenticated_Users, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(1,("User not allowed for NetWkstaGetInfo level " "101\n")); DEBUGADD(3,(" - does not have sid for Authenticated " @@ -384,7 +388,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, &global_sid_Authenticated_Users, &buf))); security_token_debug(DBGC_CLASS, 3, - p->session_info->security_token); + session_info->security_token); return WERR_ACCESS_DENIED; } r->out.info->info101 = create_wks_info_101(p->mem_ctx); @@ -395,7 +399,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, case 102: /* Level 102 Should only be allowed from a domain administrator */ if (!nt_token_check_sid(&global_sid_Builtin_Administrators, - p->session_info->security_token)) { + session_info->security_token)) { DEBUG(1,("User not allowed for NetWkstaGetInfo level " "102\n")); DEBUGADD(3,(" - does not have sid for Administrators " @@ -404,7 +408,7 @@ WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p, &global_sid_Builtin_Administrators, &buf))); security_token_debug(DBGC_CLASS, 3, - p->session_info->security_token); + session_info->security_token); return WERR_ACCESS_DENIED; } r->out.info->info102 = create_wks_info_102(p->mem_ctx); @@ -587,9 +591,13 @@ static struct wkssvc_NetWkstaEnumUsersCtr1 *create_enum_users1( WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p, struct wkssvc_NetWkstaEnumUsers *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); + /* This with any level should only be allowed from a domain administrator */ if (!nt_token_check_sid(&global_sid_Builtin_Administrators, - p->session_info->security_token)) { + session_info->security_token)) { struct dom_sid_buf buf; DEBUG(1,("User not allowed for NetWkstaEnumUsers\n")); DEBUGADD(3,(" - does not have sid for Administrators group " @@ -597,7 +605,8 @@ WERROR _wkssvc_NetWkstaEnumUsers(struct pipes_struct *p, dom_sid_str_buf( &global_sid_Builtin_Administrators, &buf))); - security_token_debug(DBGC_CLASS, 3, p->session_info->security_token); + security_token_debug( + DBGC_CLASS, 3, session_info->security_token); return WERR_ACCESS_DENIED; } @@ -847,12 +856,15 @@ WERROR _wkssvc_NetrGetJoinableOus(struct pipes_struct *p, WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, struct wkssvc_NetrJoinDomain2 *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct libnet_JoinCtx *j = NULL; char *cleartext_pwd = NULL; char *admin_domain = NULL; char *admin_account = NULL; WERROR werr; - struct security_token *token = p->session_info->security_token; + struct security_token *token = session_info->security_token; NTSTATUS status; DATA_BLOB session_key; bool ok; @@ -878,7 +890,7 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, return WERR_NOT_SUPPORTED; } - status = session_extract_session_key(p->session_info, + status = session_extract_session_key(session_info, &session_key, KEY_USE_16BYTES); if(!NT_STATUS_IS_OK(status)) { @@ -939,12 +951,15 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p, struct wkssvc_NetrUnjoinDomain2 *r) { + struct dcesrv_call_state *dce_call = p->dce_call; + struct auth_session_info *session_info = + dcesrv_call_session_info(dce_call); struct libnet_UnjoinCtx *u = NULL; char *cleartext_pwd = NULL; char *admin_domain = NULL; char *admin_account = NULL; WERROR werr; - struct security_token *token = p->session_info->security_token; + struct security_token *token = session_info->security_token; NTSTATUS status; DATA_BLOB session_key; bool ok; @@ -961,7 +976,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p, return WERR_ACCESS_DENIED; } - status = session_extract_session_key(p->session_info, + status = session_extract_session_key(session_info, &session_key, KEY_USE_16BYTES); if (!NT_STATUS_IS_OK(status)) {