From 89e4387a08fd90176161d0139ed3b4c3c2c1289c Mon Sep 17 00:00:00 2001 From: Rafal Szczesniak Date: Mon, 2 Oct 2006 05:53:45 +0000 Subject: [PATCH] r19024: remove read-only and policy dependent fields and flags from user modify routines. rafal (This used to be commit 7ca0d3dbcb9193c0f023e7c43764c7557925bb0e) --- source4/libnet/libnet_user.c | 76 +++++++++++++--------------- source4/libnet/libnet_user.h | 2 - source4/libnet/userinfo.c | 5 +- source4/libnet/userman.c | 96 ++++-------------------------------- source4/libnet/userman.h | 6 --- 5 files changed, 48 insertions(+), 137 deletions(-) diff --git a/source4/libnet/libnet_user.c b/source4/libnet/libnet_user.c index c06000481ff..1bb767a34a0 100644 --- a/source4/libnet/libnet_user.c +++ b/source4/libnet/libnet_user.c @@ -569,21 +569,6 @@ static NTSTATUS set_user_changes(TALLOC_CTX *mem_ctx, struct usermod_change *mod /* profile path change */ SET_FIELD_LSA_STRING(r->in, user, mod, profile_path, USERMOD_FIELD_PROFILE_PATH); - /* allow password change time */ - SET_FIELD_NTTIME(r->in, user, mod, allow_password_change, USERMOD_FIELD_ALLOW_PASS_CHG); - - /* force password change time */ - SET_FIELD_NTTIME(r->in, user, mod, force_password_change, USERMOD_FIELD_FORCE_PASS_CHG); - - /* last logon change time */ - SET_FIELD_NTTIME(r->in, user, mod, last_logon, USERMOD_FIELD_LAST_LOGON); - - /* last logoff change time */ - SET_FIELD_NTTIME(r->in, user, mod, last_logoff, USERMOD_FIELD_LAST_LOGOFF); - - /* last password change time */ - SET_FIELD_NTTIME(r->in, user, mod, last_password_change, USERMOD_FIELD_LAST_PASS_CHG); - /* account expiry change */ SET_FIELD_NTTIME(r->in, user, mod, acct_expiry, USERMOD_FIELD_ACCT_EXPIRY); @@ -629,6 +614,7 @@ NTSTATUS libnet_ModifyUser(struct libnet_context *ctx, TALLOC_CTX *mem_ctx, struct user_info_state { struct libnet_context *ctx; const char *domain_name; + const char *user_name; struct libnet_LookupName lookup; struct libnet_DomainOpen domopen; struct libnet_rpc_userinfo userinfo; @@ -639,7 +625,7 @@ struct user_info_state { static void continue_name_found(struct composite_context *ctx); -static void continue_domain_opened(struct composite_context *ctx); +static void continue_domain_open_info(struct composite_context *ctx); static void continue_info_received(struct composite_context *ctx); @@ -650,6 +636,7 @@ struct composite_context* libnet_UserInfo_send(struct libnet_context *ctx, { struct composite_context *c; struct user_info_state *s; + struct composite_context *prereq_ctx; struct composite_context *lookup_req; c = composite_create(mem_ctx, ctx->event_ctx); @@ -663,9 +650,14 @@ struct composite_context* libnet_UserInfo_send(struct libnet_context *ctx, s->monitor_fn = monitor; s->ctx = ctx; s->domain_name = talloc_strdup(c, r->in.domain_name); + s->user_name = talloc_strdup(c, r->in.user_name); + + prereq_ctx = domain_opened(ctx, s->domain_name, c, &s->domopen, + continue_domain_open_info, monitor); + if (prereq_ctx) return prereq_ctx; s->lookup.in.domain_name = s->domain_name; - s->lookup.in.name = talloc_strdup(c, r->in.user_name); + s->lookup.in.name = s->user_name; lookup_req = libnet_LookupName_send(ctx, c, &s->lookup, s->monitor_fn); if (composite_nomem(lookup_req, c)) return c; @@ -675,11 +667,36 @@ struct composite_context* libnet_UserInfo_send(struct libnet_context *ctx, } +static void continue_domain_open_info(struct composite_context *ctx) +{ + struct composite_context *c; + struct user_info_state *s; + struct composite_context *lookup_req; + struct monitor_msg msg; + + c = talloc_get_type(ctx->async.private_data, struct composite_context); + s = talloc_get_type(c->private_data, struct user_info_state); + + c->status = libnet_DomainOpen_recv(ctx, s->ctx, c, &s->domopen); + if (!composite_is_ok(c)) return; + + if (s->monitor_fn) s->monitor_fn(&msg); + + s->lookup.in.domain_name = s->domain_name; + s->lookup.in.name = s->user_name; + + lookup_req = libnet_LookupName_send(s->ctx, c, &s->lookup, s->monitor_fn); + if (composite_nomem(lookup_req, c)) return; + + composite_continue(c, lookup_req, continue_rpc_userinfo, c); +} + + static void continue_name_found(struct composite_context *ctx) { struct composite_context *c; struct user_info_state *s; - struct composite_context *domopen_req; + struct composite_context *info_req; c = talloc_get_type(ctx->async.private_data, struct composite_context); s = talloc_get_type(c->private_data, struct user_info_state); @@ -692,29 +709,6 @@ static void continue_name_found(struct composite_context *ctx) return; } - s->domopen.in.type = DOMAIN_SAMR; - s->domopen.in.domain_name = s->domain_name; - s->domopen.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED; - - domopen_req = libnet_DomainOpen_send(s->ctx, &s->domopen, s->monitor_fn); - if (composite_nomem(domopen_req, c)) return; - - composite_continue(c, domopen_req, continue_domain_opened, c); -} - - -static void continue_domain_opened(struct composite_context *ctx) -{ - struct composite_context *c; - struct user_info_state *s; - struct composite_context *info_req; - - c = talloc_get_type(ctx->async.private_data, struct composite_context); - s = talloc_get_type(c->private_data, struct user_info_state); - - c->status = libnet_DomainOpen_recv(ctx, s->ctx, c, &s->domopen); - if (!composite_is_ok(c)) return; - s->userinfo.in.domain_handle = s->ctx->samr.handle; s->userinfo.in.sid = s->lookup.out.sidstr; s->userinfo.in.level = 21; diff --git a/source4/libnet/libnet_user.h b/source4/libnet/libnet_user.h index bd2944feb67..f4428c986ce 100644 --- a/source4/libnet/libnet_user.h +++ b/source4/libnet/libnet_user.h @@ -57,8 +57,6 @@ struct libnet_ModifyUser { struct timeval *acct_expiry; struct timeval *allow_password_change; struct timeval *force_password_change; - struct timeval *last_logon; - struct timeval *last_logoff; struct timeval *last_password_change; uint32_t acct_flags; } in; diff --git a/source4/libnet/userinfo.c b/source4/libnet/userinfo.c index cf00ae16bac..57a30e59dc8 100644 --- a/source4/libnet/userinfo.c +++ b/source4/libnet/userinfo.c @@ -104,7 +104,7 @@ static NTSTATUS userinfo_openuser(struct composite_context *c, /* receive samr_OpenUser reply */ c->status = dcerpc_ndr_request_recv(s->req); NT_STATUS_NOT_OK_RETURN(c->status); - + /* prepare parameters for QueryUserInfo call */ s->queryuserinfo.in.user_handle = &s->user_handle; s->queryuserinfo.in.level = s->level; @@ -134,6 +134,9 @@ static NTSTATUS userinfo_getuser(struct composite_context *c, c->status = dcerpc_ndr_request_recv(s->req); NT_STATUS_NOT_OK_RETURN(c->status); + /* check if queryuser itself went ok */ + NT_STATUS_NOT_OK_RETURN(s->queryuserinfo.out.result); + s->info = talloc_steal(s, s->queryuserinfo.out.info); /* prepare arguments for Close call */ diff --git a/source4/libnet/userman.c b/source4/libnet/userman.c index 9faaddb3ffb..d87ec1eaf70 100644 --- a/source4/libnet/userman.c +++ b/source4/libnet/userman.c @@ -565,7 +565,6 @@ static uint32_t usermod_setfields(struct usermod_state *s, uint16_t *level, i->info7.account_name.string = s->change.account_name; s->change.fields ^= USERMOD_FIELD_ACCOUNT_NAME; - } if ((s->change.fields & USERMOD_FIELD_FULL_NAME) && @@ -581,8 +580,7 @@ static uint32_t usermod_setfields(struct usermod_state *s, uint16_t *level, *level = 13; i->info13.description.string = s->change.description; - s->change.fields ^= USERMOD_FIELD_DESCRIPTION; - + s->change.fields ^= USERMOD_FIELD_DESCRIPTION; } if ((s->change.fields & USERMOD_FIELD_COMMENT) && @@ -599,88 +597,14 @@ static uint32_t usermod_setfields(struct usermod_state *s, uint16_t *level, s->stage = USERMOD_QUERY; return s->change.fields; } - } - if ((s->change.fields & USERMOD_FIELD_ALLOW_PASS_CHG) && - (*level == 0 || *level == 3)) { - *level = 3; - - if (s->stage == USERMOD_QUERY) { - i->info3.allow_password_change = timeval_to_nttime(s->change.allow_password_change); - s->change.fields ^= USERMOD_FIELD_ALLOW_PASS_CHG; - - } else { - s->stage = USERMOD_QUERY; - return s->change.fields; - } - - } - - if ((s->change.fields & USERMOD_FIELD_FORCE_PASS_CHG) && - (*level == 0 || *level == 3)) { - *level = 3; - - if (s->stage == USERMOD_QUERY) { - i->info3.force_password_change = timeval_to_nttime(s->change.force_password_change); - s->change.fields ^= USERMOD_FIELD_FORCE_PASS_CHG; - - } else { - s->stage = USERMOD_QUERY; - return s->change.fields; - } - - } - - if ((s->change.fields & USERMOD_FIELD_LAST_LOGON) && - (*level == 0 || *level == 3)) { - *level = 3; - - if (s->stage == USERMOD_QUERY) { - i->info3.last_logon = timeval_to_nttime(s->change.last_logon); - s->change.fields ^= USERMOD_FIELD_LAST_LOGON; - } else { - s->stage = USERMOD_QUERY; - return s->change.fields; - } - - } - - if ((s->change.fields & USERMOD_FIELD_LAST_LOGOFF) && - (*level == 0 || *level == 3)) { - *level = 3; - - if (s->stage == USERMOD_QUERY) { - i->info3.last_logoff = timeval_to_nttime(s->change.last_logoff); - s->change.fields ^= USERMOD_FIELD_LAST_LOGOFF; - } else { - s->stage = USERMOD_QUERY; - return s->change.fields; - } - - } - - if ((s->change.fields & USERMOD_FIELD_LAST_PASS_CHG) && - (*level == 0 || *level == 3)) { - *level = 3; - - if (s->stage == USERMOD_QUERY) { - i->info3.last_password_change = timeval_to_nttime(s->change.last_password_change); - s->change.fields ^= USERMOD_FIELD_LAST_PASS_CHG; - } else { - s->stage = USERMOD_QUERY; - return s->change.fields; - } - - } - if ((s->change.fields & USERMOD_FIELD_LOGON_SCRIPT) && (*level == 0 || *level == 11)) { *level = 11; i->info11.logon_script.string = s->change.logon_script; s->change.fields ^= USERMOD_FIELD_LOGON_SCRIPT; - } if ((s->change.fields & USERMOD_FIELD_PROFILE_PATH) && @@ -689,35 +613,32 @@ static uint32_t usermod_setfields(struct usermod_state *s, uint16_t *level, i->info12.profile_path.string = s->change.profile_path; s->change.fields ^= USERMOD_FIELD_PROFILE_PATH; - } if ((s->change.fields & USERMOD_FIELD_HOME_DIRECTORY) && - (*level == 0 || *level == 3)) { - *level = 3; + (*level == 0 || *level == 10)) { + *level = 10; if (s->stage == USERMOD_QUERY) { - i->info3.home_directory.string = s->change.home_directory; + i->info10.home_directory.string = s->change.home_directory; s->change.fields ^= USERMOD_FIELD_HOME_DIRECTORY; } else { s->stage = USERMOD_QUERY; return s->change.fields; } - } if ((s->change.fields & USERMOD_FIELD_HOME_DRIVE) && - (*level == 0 || *level == 3)) { - *level = 3; + (*level == 0 || *level == 10)) { + *level = 10; if (s->stage == USERMOD_QUERY) { - i->info3.home_drive.string = s->change.home_drive; + i->info10.home_drive.string = s->change.home_drive; s->change.fields ^= USERMOD_FIELD_HOME_DRIVE; } else { s->stage = USERMOD_QUERY; return s->change.fields; } - } if ((s->change.fields & USERMOD_FIELD_ACCT_EXPIRY) && @@ -726,7 +647,6 @@ static uint32_t usermod_setfields(struct usermod_state *s, uint16_t *level, i->info17.acct_expiry = timeval_to_nttime(s->change.acct_expiry); s->change.fields ^= USERMOD_FIELD_ACCT_EXPIRY; - } if ((s->change.fields & USERMOD_FIELD_ACCT_FLAGS) && @@ -855,6 +775,8 @@ static NTSTATUS usermod_modify(struct composite_context *c, c->status = dcerpc_ndr_request_recv(s->req); NT_STATUS_NOT_OK_RETURN(c->status); + NT_STATUS_NOT_OK_RETURN(s->setuser.out.result); + if (s->change.fields == 0) { /* all fields have been set - we're done */ c->state = COMPOSITE_STATE_DONE; diff --git a/source4/libnet/userman.h b/source4/libnet/userman.h index bb4b3142bc5..7152f3e45a6 100644 --- a/source4/libnet/userman.h +++ b/source4/libnet/userman.h @@ -56,16 +56,10 @@ struct libnet_rpc_userdel { #define USERMOD_FIELD_HOME_DRIVE ( 0x00001000 ) #define USERMOD_FIELD_LOGON_HOURS ( 0x00002000 ) #define USERMOD_FIELD_ACCT_EXPIRY ( 0x00004000 ) -#define USERMOD_FIELD_ALLOW_PASS_CHG ( 0x00008000 ) -#define USERMOD_FIELD_FORCE_PASS_CHG ( 0x00010000 ) -#define USERMOD_FIELD_LAST_LOGON ( 0x00020000 ) -#define USERMOD_FIELD_LAST_LOGOFF ( 0x00040000 ) -#define USERMOD_FIELD_LAST_PASS_CHG ( 0x00080000 ) #define USERMOD_FIELD_ACCT_FLAGS ( 0x00100000 ) #define USERMOD_FIELD_PARAMETERS ( 0x00200000 ) #define USERMOD_FIELD_COUNTRY_CODE ( 0x00400000 ) #define USERMOD_FIELD_CODE_PAGE ( 0x00800000 ) -#define USERMOD_FIELD_ACCT_FLAGS ( 0x00100000 ) struct libnet_rpc_usermod { struct {