diff options
| author | Luke Leighton <lkcl@samba.org> | 2000-01-20 00:41:41 +0000 |
|---|---|---|
| committer | Luke Leighton <lkcl@samba.org> | 2000-01-20 00:41:41 +0000 |
| commit | 20c49d772d07c6e8def959f4b4480ff89fb9cfd9 (patch) | |
| tree | d8f8d9cc499b9c9ee075ca934f7e006b602cfb42 | |
| parent | e68c6c0185cee37502bd5ceb4f5e819803dbe2b4 (diff) | |
| download | samba-20c49d772d07c6e8def959f4b4480ff89fb9cfd9.tar.gz | |
this commit is NOT as large as it looks. sed is a wonderful thing.
1) got fed up of calling init_policy_hnd(MAX_HANDLES), so tried to put
policy handles behind bars. i failed, so went for an interim fix:
all policy handle functions now take the return result from
get_global_policy_hnd() as the first argument.
2) this is horrible. i can't believe microsoft would do this. they
cache the NETLOGON credentials. you can tear down the SMB connection
and reopen it and still validate a user.
this is horrible for two reasons. a) it opens up the possibility of DOS
attacks against the NETLOGON service b) old versions of samba (2.0.x)
now have a problem, as they store the credential chain, which will
disappear if the SMB connection is torn down.
| -rw-r--r-- | source/include/proto.h | 49 | ||||
| -rw-r--r-- | source/include/smb.h | 11 | ||||
| -rw-r--r-- | source/lib/util_hnd.c | 130 | ||||
| -rw-r--r-- | source/lsarpcd/srv_lsa.c | 10 | ||||
| -rw-r--r-- | source/msrpc/msrpcd.c | 4 | ||||
| -rw-r--r-- | source/rpc_client/cli_connect.c | 24 | ||||
| -rw-r--r-- | source/rpc_client/cli_eventlog.c | 6 | ||||
| -rw-r--r-- | source/rpc_client/cli_login.c | 13 | ||||
| -rw-r--r-- | source/rpc_client/cli_lsarpc.c | 10 | ||||
| -rw-r--r-- | source/rpc_client/cli_pipe_netsec.c | 6 | ||||
| -rw-r--r-- | source/rpc_client/cli_reg.c | 6 | ||||
| -rw-r--r-- | source/rpc_client/cli_samr.c | 8 | ||||
| -rw-r--r-- | source/rpc_client/cli_spoolss.c | 6 | ||||
| -rw-r--r-- | source/rpc_client/cli_svcctl.c | 10 | ||||
| -rw-r--r-- | source/rpc_server/srv_reg.c | 12 | ||||
| -rw-r--r-- | source/rpc_server/srv_samr.c | 140 | ||||
| -rw-r--r-- | source/rpc_server/srv_svcctl.c | 24 | ||||
| -rw-r--r-- | source/rpcclient/rpcclient.c | 2 | ||||
| -rw-r--r-- | source/smbd/server.c | 1 | ||||
| -rw-r--r-- | source/utils/smbpasswd.c | 2 |
20 files changed, 277 insertions, 197 deletions
diff --git a/source/include/proto.h b/source/include/proto.h index 825fd2bf62c..efcdd597549 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -613,23 +613,40 @@ void *open_file_if_modified(const char *filename, char *mode, time_t *lastmodifi /*The following definitions come from lib/util_hnd.c */ -BOOL init_policy_hnd(int num_pol_hnds); -BOOL register_policy_hnd(POLICY_HND *hnd); -BOOL open_policy_hnd(POLICY_HND *hnd); -int find_policy_by_hnd(const POLICY_HND *hnd); -BOOL set_policy_samr_rid(POLICY_HND *hnd, uint32 rid); -BOOL set_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status); -BOOL set_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid); -BOOL get_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid); -uint32 get_policy_samr_rid(POLICY_HND *hnd); -BOOL get_policy_svc_name(POLICY_HND *hnd, fstring name); -BOOL set_policy_svc_name(POLICY_HND *hnd, fstring name); -BOOL set_policy_reg_name(POLICY_HND *hnd, fstring name); -BOOL get_policy_reg_name(POLICY_HND *hnd, fstring name); -BOOL set_policy_con(POLICY_HND *hnd, struct cli_connection *con, +struct policy_cache *get_global_hnd_cache(void); +struct policy_cache *init_policy_cache(int num_pol_hnds); +void free_policy_cache(struct policy_cache *cache); +BOOL register_policy_hnd(struct policy_cache *cache, + POLICY_HND *hnd); +BOOL open_policy_hnd(struct policy_cache *cache, + POLICY_HND *hnd); +int find_policy_by_hnd(struct policy_cache *cache, + const POLICY_HND *hnd); +BOOL set_policy_samr_rid(struct policy_cache *cache, + POLICY_HND *hnd, uint32 rid); +BOOL set_policy_samr_pol_status(struct policy_cache *cache, + POLICY_HND *hnd, uint32 pol_status); +BOOL set_policy_samr_sid(struct policy_cache *cache, + POLICY_HND *hnd, DOM_SID *sid); +BOOL get_policy_samr_sid(struct policy_cache *cache, + POLICY_HND *hnd, DOM_SID *sid); +uint32 get_policy_samr_rid(struct policy_cache *cache, + POLICY_HND *hnd); +BOOL get_policy_svc_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name); +BOOL set_policy_svc_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name); +BOOL set_policy_reg_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name); +BOOL get_policy_reg_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name); +BOOL set_policy_con(struct policy_cache *cache, + POLICY_HND *hnd, struct cli_connection *con, void (*free_fn)(struct cli_connection *)); -BOOL get_policy_con(const POLICY_HND *hnd, struct cli_connection **con); -BOOL close_policy_hnd(POLICY_HND *hnd); +BOOL get_policy_con(struct policy_cache *cache, + const POLICY_HND *hnd, struct cli_connection **con); +BOOL close_policy_hnd(struct policy_cache *cache, + POLICY_HND *hnd); /*The following definitions come from lib/util_pwdb.c */ diff --git a/source/include/smb.h b/source/include/smb.h index 291957f1b44..7289a710ee8 100644 --- a/source/include/smb.h +++ b/source/include/smb.h @@ -1817,8 +1817,19 @@ typedef struct netsec_creds fstring domain; fstring myname; + uchar sess_key[16]; /* NETLOGON session key */ + } netsec_creds; +struct policy; +struct bitmap; + +typedef struct policy_cache +{ + struct policy *Policy; + struct bitmap *bmap; +} policy_cache; + #include "client.h" #include "rpcclient.h" diff --git a/source/lib/util_hnd.c b/source/lib/util_hnd.c index 40a99d399e2..5bd176f70f5 100644 --- a/source/lib/util_hnd.c +++ b/source/lib/util_hnd.c @@ -63,7 +63,7 @@ struct con_info void (*free_con)(struct cli_connection*); }; -static struct policy +struct policy { struct policy *next, *prev; int pnum; @@ -78,11 +78,21 @@ static struct policy struct con_info *con; } dev; +}; -} *Policy; - -static struct bitmap *bmap = NULL; +/**************************************************************************** + i hate this. a global policy handle cache. yuk. +****************************************************************************/ +struct policy_cache *get_global_hnd_cache(void) +{ + static struct policy_cache *cache = NULL; + if (cache == NULL) + { + cache = init_policy_cache(1024); + } + return cache; +} /**************************************************************************** create a unique policy handle @@ -108,25 +118,38 @@ static void create_pol_hnd(POLICY_HND *hnd) /**************************************************************************** initialise policy handle states... ****************************************************************************/ -BOOL init_policy_hnd(int num_pol_hnds) +struct policy_cache *init_policy_cache(int num_pol_hnds) { - bmap = bitmap_allocate(num_pol_hnds); - - return bmap != NULL; + struct policy_cache *cache = malloc(sizeof(struct policy_cache)); + if (cache != NULL) + { + cache->bmap = bitmap_allocate(num_pol_hnds); + cache->Policy = NULL; + } + return cache; +} + +/**************************************************************************** + free policy handle states... +****************************************************************************/ +void free_policy_cache(struct policy_cache *cache) +{ + free(cache); } /**************************************************************************** find first available policy slot. creates a policy handle for you. ****************************************************************************/ -BOOL register_policy_hnd(POLICY_HND *hnd) +BOOL register_policy_hnd(struct policy_cache *cache, + POLICY_HND *hnd) { int i; struct policy *p; - i = bitmap_find(bmap, 1); + i = bitmap_find(cache->bmap, 1); if (i == -1) { - DEBUG(0,("ERROR: out of Policy Handles!\n")); + DEBUG(0,("ERROR: out of cache->Policy Handles!\n")); return False; } @@ -144,9 +167,9 @@ BOOL register_policy_hnd(POLICY_HND *hnd) memcpy(&p->pol_hnd, hnd, sizeof(*hnd)); - bitmap_set(bmap, i); + bitmap_set(cache->bmap, i); - DLIST_ADD(Policy, p); + DLIST_ADD(cache->Policy, p); DEBUG(4,("Opened policy hnd[%x] ", i)); dump_data(4, (char *)hnd->data, sizeof(hnd->data)); @@ -157,20 +180,22 @@ BOOL register_policy_hnd(POLICY_HND *hnd) /**************************************************************************** find first available policy slot. creates a policy handle for you. ****************************************************************************/ -BOOL open_policy_hnd(POLICY_HND *hnd) +BOOL open_policy_hnd(struct policy_cache *cache, + POLICY_HND *hnd) { create_pol_hnd(hnd); - return register_policy_hnd(hnd); + return register_policy_hnd(cache, hnd); } /**************************************************************************** find policy by handle ****************************************************************************/ -static struct policy *find_policy(const POLICY_HND *hnd) +static struct policy *find_policy(struct policy_cache *cache, + const POLICY_HND *hnd) { struct policy *p; - for (p=Policy;p;p=p->next) { + for (p=cache->Policy;p;p=p->next) { if (memcmp(&p->pol_hnd, hnd, sizeof(*hnd)) == 0) { DEBUG(4,("Found policy hnd[%x] ", p->pnum)); dump_data(4, (const char *)hnd->data, @@ -179,7 +204,7 @@ static struct policy *find_policy(const POLICY_HND *hnd) } } - DEBUG(4,("Policy not found: ")); + DEBUG(4,("cache->Policy not found: ")); dump_data(4, (const char *)hnd->data, sizeof(hnd->data)); return NULL; @@ -188,9 +213,10 @@ static struct policy *find_policy(const POLICY_HND *hnd) /**************************************************************************** find policy index by handle ****************************************************************************/ -int find_policy_by_hnd(const POLICY_HND *hnd) +int find_policy_by_hnd(struct policy_cache *cache, + const POLICY_HND *hnd) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); return p?p->pnum:-1; } @@ -198,9 +224,10 @@ int find_policy_by_hnd(const POLICY_HND *hnd) /**************************************************************************** set samr rid ****************************************************************************/ -BOOL set_policy_samr_rid(POLICY_HND *hnd, uint32 rid) +BOOL set_policy_samr_rid(struct policy_cache *cache, + POLICY_HND *hnd, uint32 rid) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -227,9 +254,10 @@ BOOL set_policy_samr_rid(POLICY_HND *hnd, uint32 rid) /**************************************************************************** set samr pol status. absolutely no idea what this is. ****************************************************************************/ -BOOL set_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status) +BOOL set_policy_samr_pol_status(struct policy_cache *cache, + POLICY_HND *hnd, uint32 pol_status) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -257,10 +285,11 @@ BOOL set_policy_samr_pol_status(POLICY_HND *hnd, uint32 pol_status) /**************************************************************************** set samr sid ****************************************************************************/ -BOOL set_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) +BOOL set_policy_samr_sid(struct policy_cache *cache, + POLICY_HND *hnd, DOM_SID *sid) { pstring sidstr; - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { DEBUG(3,("Setting policy sid=%s pnum=%x\n", @@ -287,9 +316,10 @@ BOOL set_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) /**************************************************************************** get samr sid ****************************************************************************/ -BOOL get_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) +BOOL get_policy_samr_sid(struct policy_cache *cache, + POLICY_HND *hnd, DOM_SID *sid) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p != NULL && p->open) { @@ -308,9 +338,10 @@ BOOL get_policy_samr_sid(POLICY_HND *hnd, DOM_SID *sid) /**************************************************************************** get samr rid ****************************************************************************/ -uint32 get_policy_samr_rid(POLICY_HND *hnd) +uint32 get_policy_samr_rid(struct policy_cache *cache, + POLICY_HND *hnd) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { uint32 rid = p->dev.samr->rid; @@ -327,9 +358,10 @@ uint32 get_policy_samr_rid(POLICY_HND *hnd) /**************************************************************************** get svc name ****************************************************************************/ -BOOL get_policy_svc_name(POLICY_HND *hnd, fstring name) +BOOL get_policy_svc_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -348,9 +380,10 @@ BOOL get_policy_svc_name(POLICY_HND *hnd, fstring name) /**************************************************************************** set svc name ****************************************************************************/ -BOOL set_policy_svc_name(POLICY_HND *hnd, fstring name) +BOOL set_policy_svc_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -377,9 +410,10 @@ BOOL set_policy_svc_name(POLICY_HND *hnd, fstring name) /**************************************************************************** set reg name ****************************************************************************/ -BOOL set_policy_reg_name(POLICY_HND *hnd, fstring name) +BOOL set_policy_reg_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -406,9 +440,10 @@ BOOL set_policy_reg_name(POLICY_HND *hnd, fstring name) /**************************************************************************** get reg name ****************************************************************************/ -BOOL get_policy_reg_name(POLICY_HND *hnd, fstring name) +BOOL get_policy_reg_name(struct policy_cache *cache, + POLICY_HND *hnd, fstring name) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -427,10 +462,11 @@ BOOL get_policy_reg_name(POLICY_HND *hnd, fstring name) /**************************************************************************** set con state ****************************************************************************/ -BOOL set_policy_con(POLICY_HND *hnd, struct cli_connection *con, +BOOL set_policy_con(struct policy_cache *cache, + POLICY_HND *hnd, struct cli_connection *con, void (*free_fn)(struct cli_connection *)) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p && p->open) { @@ -458,9 +494,10 @@ BOOL set_policy_con(POLICY_HND *hnd, struct cli_connection *con, /**************************************************************************** get con state ****************************************************************************/ -BOOL get_policy_con(const POLICY_HND *hnd, struct cli_connection **con) +BOOL get_policy_con(struct policy_cache *cache, + const POLICY_HND *hnd, struct cli_connection **con) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (p != NULL && p->open) { @@ -481,9 +518,10 @@ BOOL get_policy_con(const POLICY_HND *hnd, struct cli_connection **con) /**************************************************************************** close an lsa policy ****************************************************************************/ -BOOL close_policy_hnd(POLICY_HND *hnd) +BOOL close_policy_hnd(struct policy_cache *cache, + POLICY_HND *hnd) { - struct policy *p = find_policy(hnd); + struct policy *p = find_policy(cache, hnd); if (!p) { @@ -493,9 +531,9 @@ BOOL close_policy_hnd(POLICY_HND *hnd) DEBUG(3,("Closed policy name pnum=%x\n", p->pnum)); - DLIST_REMOVE(Policy, p); + DLIST_REMOVE(cache->Policy, p); - bitmap_clear(bmap, p->pnum); + bitmap_clear(cache->bmap, p->pnum); switch (p->type) { diff --git a/source/lsarpcd/srv_lsa.c b/source/lsarpcd/srv_lsa.c index 807829d1cd7..2398dadb6ea 100644 --- a/source/lsarpcd/srv_lsa.c +++ b/source/lsarpcd/srv_lsa.c @@ -47,7 +47,7 @@ static void lsa_reply_open_policy2(prs_struct *rdata) r_o.status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (!open_policy_hnd(&r_o.pol)) + if (!open_policy_hnd(get_global_hnd_cache(), &r_o.pol)) { r_o.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -70,7 +70,7 @@ static void lsa_reply_open_policy(prs_struct *rdata) r_o.status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (!open_policy_hnd(&r_o.pol)) + if (!open_policy_hnd(get_global_hnd_cache(), &r_o.pol)) { r_o.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -131,7 +131,7 @@ static void lsa_reply_query_info(LSA_Q_QUERY_INFO *q_q, prs_struct *rdata, ZERO_STRUCT(r_q); /* get a (unique) handle. open a policy on it. */ - if (r_q.status == 0x0 && !open_policy_hnd(&q_q->pol)) + if (r_q.status == 0x0 && !open_policy_hnd(get_global_hnd_cache(), &q_q->pol)) { r_q.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -627,13 +627,13 @@ static void api_lsa_close( rpcsrv_struct *p, prs_struct *data, r_c.status = 0x0; /* find the connection policy handle. */ - if (r_c.status == 0x0 && (find_policy_by_hnd(&(q_c.pol)) == -1)) + if (r_c.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_c.pol)) == -1)) { r_c.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } if (r_c.status == 0x0) { - close_policy_hnd(&(q_c.pol)); + close_policy_hnd(get_global_hnd_cache(), &(q_c.pol)); } /* store the response in the SMB stream */ diff --git a/source/msrpc/msrpcd.c b/source/msrpc/msrpcd.c index 24b383b3bfc..0ff8bd93d73 100644 --- a/source/msrpc/msrpcd.c +++ b/source/msrpc/msrpcd.c @@ -322,10 +322,6 @@ static void init_structs(void) #if 0 conn_init(); #endif - if (!init_policy_hnd(MAX_SERVER_POLICY_HANDLES)) - { - exit_server("could not allocate policy handles\n"); - } } /**************************************************************************** diff --git a/source/rpc_client/cli_connect.c b/source/rpc_client/cli_connect.c index 9c4f423e1e5..7af95bfa0db 100644 --- a/source/rpc_client/cli_connect.c +++ b/source/rpc_client/cli_connect.c @@ -359,22 +359,37 @@ BOOL cli_connection_getsrv(const char* srv_name, const char* pipe_name, struct cli_connection **con) { int i; + struct cli_connection *auth_con = NULL; + if (con_list == NULL || num_cons == 0) { return False; } + (*con) = NULL; + for (i = 0; i < num_cons; i++) { if (con_list[i] != NULL && strequal(con_list[i]->srv_name , srv_name ) && strequal(con_list[i]->pipe_name, pipe_name)) { + extern cli_auth_fns cli_noauth_fns; (*con) = con_list[i]; - return True; + /* authenticated connections take priority. HACK! */ + if ((*con)->auth != &cli_noauth_fns) + { + auth_con = (*con); + } } } - return False; + + if (auth_con != NULL) + { + (*con) = auth_con; + } + + return (*con) != NULL; } /**************************************************************************** @@ -382,7 +397,7 @@ obtain client state ****************************************************************************/ BOOL cli_connection_get(const POLICY_HND *pol, struct cli_connection **con) { - return get_policy_con(pol, con); + return get_policy_con(get_global_hnd_cache(), pol, con); } /**************************************************************************** @@ -397,7 +412,8 @@ BOOL cli_pol_link(POLICY_HND *to, const POLICY_HND *from) return False; } - return register_policy_hnd(to) && set_policy_con(to, con, NULL); + return register_policy_hnd(get_global_hnd_cache(), to) && + set_policy_con(get_global_hnd_cache(), to, con, NULL); } /**************************************************************************** diff --git a/source/rpc_client/cli_eventlog.c b/source/rpc_client/cli_eventlog.c index f2e158330a1..6984c796919 100644 --- a/source/rpc_client/cli_eventlog.c +++ b/source/rpc_client/cli_eventlog.c @@ -70,8 +70,8 @@ BOOL event_open(const char* srv_name, const char *log, POLICY_HND *hnd) { /*copy handle */ memcpy(hnd->data, r.pol.data, sizeof(hnd->data)); - valid_pol = register_policy_hnd(hnd) && - set_policy_con(hnd, con, + valid_pol = register_policy_hnd(get_global_hnd_cache(), hnd) && + set_policy_con(get_global_hnd_cache(), hnd, con, cli_connection_unlink); } } @@ -120,7 +120,7 @@ BOOL event_close( POLICY_HND *hnd) prs_free_data(&rbuf); prs_free_data(&buf ); - close_policy_hnd(hnd); + close_policy_hnd(get_global_hnd_cache(), hnd); return p; } diff --git a/source/rpc_client/cli_login.c b/source/rpc_client/cli_login.c index 2a16a9cf49a..9b7b8d00bf8 100644 --- a/source/rpc_client/cli_login.c +++ b/source/rpc_client/cli_login.c @@ -90,9 +90,7 @@ uint32 cli_nt_setup_creds( const char* srv_name, IS_BITS_CLR_ALL(neg_flags, 0x40000000)) { /* netlogon secure channel was required, and not negotiated */ - { - return NT_STATUS_ACCESS_DENIED | 0xC0000000; - } + return NT_STATUS_ACCESS_DENIED | 0xC0000000; } if (ret == 0x0 && IS_BITS_SET_ALL(neg_flags, 0x40000000)) @@ -101,8 +99,17 @@ uint32 cli_nt_setup_creds( const char* srv_name, struct cli_connection *con = NULL; struct netsec_creds creds; +#if 1 + if (!cli_connection_getsrv(srv_name, PIPE_NETLOGON, &con)) + { + return NT_STATUS_ACCESS_DENIED | 0xC0000000; + } + cli_connection_unlink(con); +#endif + safe_strcpy(creds.domain, domain , sizeof(creds.myname)-1); safe_strcpy(creds.myname, myhostname, sizeof(creds.myname)-1); + memcpy(creds.sess_key, sess_key, sizeof(creds.sess_key)); if (!cli_connection_init_auth(srv_name, PIPE_NETLOGON, &con, &cli_netsec_fns, diff --git a/source/rpc_client/cli_lsarpc.c b/source/rpc_client/cli_lsarpc.c index 231f7e61850..7d5144dffd1 100644 --- a/source/rpc_client/cli_lsarpc.c +++ b/source/rpc_client/cli_lsarpc.c @@ -257,8 +257,8 @@ BOOL lsa_open_policy(const char *server_name, POLICY_HND *hnd, /* ok, at last: we're happy. return the policy handle */ memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); - valid_pol = register_policy_hnd(hnd) && - set_policy_con(hnd, con, + valid_pol = register_policy_hnd(get_global_hnd_cache(), hnd) && + set_policy_con(get_global_hnd_cache(), hnd, con, cli_connection_unlink); } } @@ -331,8 +331,8 @@ BOOL lsa_open_policy2( const char *server_name, POLICY_HND *hnd, { /* ok, at last: we're happy. return the policy handle */ memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); - valid_pol = register_policy_hnd(hnd) && - set_policy_con(hnd, con, + valid_pol = register_policy_hnd(get_global_hnd_cache(), hnd) && + set_policy_con(get_global_hnd_cache(), hnd, con, cli_connection_unlink); } } @@ -997,7 +997,7 @@ BOOL lsa_close(POLICY_HND *hnd) prs_free_data(&rbuf); prs_free_data(&buf ); - close_policy_hnd(hnd); + close_policy_hnd(get_global_hnd_cache(), hnd); return valid_close; } diff --git a/source/rpc_client/cli_pipe_netsec.c b/source/rpc_client/cli_pipe_netsec.c index dfb33882e35..7daa8587a24 100644 --- a/source/rpc_client/cli_pipe_netsec.c +++ b/source/rpc_client/cli_pipe_netsec.c @@ -273,10 +273,8 @@ static BOOL create_netsec_bind_req(struct cli_connection *con, { return False; } - if (!cli_get_con_sesskey(con, a->sess_key)) - { - return False; - } + + memcpy(a->sess_key, usr->sess_key, sizeof(a->sess_key)); if (!cli_conn_set_auth_info(con, (void*)a)) { diff --git a/source/rpc_client/cli_reg.c b/source/rpc_client/cli_reg.c index 71327c69976..0e559e0f4b2 100644 --- a/source/rpc_client/cli_reg.c +++ b/source/rpc_client/cli_reg.c @@ -101,8 +101,8 @@ BOOL reg_connect( const char* srv_name, if (res) { - if (!register_policy_hnd(reg_hnd) || - !set_policy_con(reg_hnd, con, + if (!register_policy_hnd(get_global_hnd_cache(), reg_hnd) || + !set_policy_con(get_global_hnd_cache(), reg_hnd, con, cli_connection_unlink)) { cli_connection_unlink(con); @@ -1137,7 +1137,7 @@ BOOL reg_close( POLICY_HND *hnd) prs_free_data(&rbuf); prs_free_data(&buf ); - close_policy_hnd(hnd); + close_policy_hnd(get_global_hnd_cache(), hnd); return valid_close; } diff --git a/source/rpc_client/cli_samr.c b/source/rpc_client/cli_samr.c index 406d837acde..ee52cd8a0f0 100644 --- a/source/rpc_client/cli_samr.c +++ b/source/rpc_client/cli_samr.c @@ -443,6 +443,8 @@ uint32 samr_enum_dom_aliases( POLICY_HND *pol, SAMR_R_ENUM_DOM_ALIASES r_e; BOOL p; + ZERO_STRUCT(r_e); + samr_io_r_enum_dom_aliases("", &r_e, &rdata, 0); p = rdata.offset != 0; @@ -666,8 +668,8 @@ BOOL samr_connect( const char *srv_name, uint32 unknown_0, if (p) { memcpy(connect_pol, &r_o.connect_pol, sizeof(r_o.connect_pol)); - valid_pol = register_policy_hnd(connect_pol) && - set_policy_con(connect_pol, con, + valid_pol = register_policy_hnd(get_global_hnd_cache(), connect_pol) && + set_policy_con(get_global_hnd_cache(), connect_pol, con, cli_connection_unlink); } } @@ -2367,7 +2369,7 @@ BOOL samr_close( POLICY_HND *hnd) prs_free_data(&data ); prs_free_data(&rdata ); - close_policy_hnd(hnd); + close_policy_hnd(get_global_hnd_cache(), hnd); return valid_close; } diff --git a/source/rpc_client/cli_spoolss.c b/source/rpc_client/cli_spoolss.c index 7d5bf70193f..98e58886b26 100644 --- a/source/rpc_client/cli_spoolss.c +++ b/source/rpc_client/cli_spoolss.c @@ -245,8 +245,8 @@ BOOL spoolss_open_printer_ex( const char *printername, /* ok, at last: we're happy. return the policy handle */ memcpy(hnd, r_o.handle.data, sizeof(hnd->data)); - valid_pol = register_policy_hnd(hnd) && - set_policy_con(hnd, con, + valid_pol = register_policy_hnd(get_global_hnd_cache(), hnd) && + set_policy_con(get_global_hnd_cache(), hnd, con, cli_connection_unlink); } } @@ -322,7 +322,7 @@ BOOL spoolss_closeprinter(POLICY_HND *hnd) prs_free_data(&rbuf); prs_free_data(&buf ); - close_policy_hnd(hnd); + close_policy_hnd(get_global_hnd_cache(), hnd); return valid_close; } diff --git a/source/rpc_client/cli_svcctl.c b/source/rpc_client/cli_svcctl.c index 7b27bd79a8c..3f877c04436 100644 --- a/source/rpc_client/cli_svcctl.c +++ b/source/rpc_client/cli_svcctl.c @@ -87,8 +87,8 @@ BOOL svc_open_sc_man( const char *srv_name, char *db_name, /* ok, at last: we're happy. return the policy handle */ memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); valid_pol = True; - valid_pol = register_policy_hnd(hnd) && - set_policy_con(hnd, con, + valid_pol = register_policy_hnd(get_global_hnd_cache(), hnd) && + set_policy_con(get_global_hnd_cache(), hnd, con, cli_connection_unlink); } } @@ -156,8 +156,8 @@ BOOL svc_open_service( POLICY_HND *scm_hnd, { /* ok, at last: we're happy. return the policy handle */ memcpy(hnd, r_o.pol.data, sizeof(hnd->data)); - valid_pol = register_policy_hnd(hnd) && - set_policy_con(hnd, con, NULL); + valid_pol = register_policy_hnd(get_global_hnd_cache(), hnd) && + set_policy_con(get_global_hnd_cache(), hnd, con, NULL); } } @@ -519,7 +519,7 @@ BOOL svc_close(POLICY_HND *hnd) } } - close_policy_hnd(hnd); + close_policy_hnd(get_global_hnd_cache(), hnd); prs_free_data(&rbuf); prs_free_data(&buf ); diff --git a/source/rpc_server/srv_reg.c b/source/rpc_server/srv_reg.c index 50adb56a1dd..3f68fa2edca 100644 --- a/source/rpc_server/srv_reg.c +++ b/source/rpc_server/srv_reg.c @@ -41,7 +41,7 @@ static void reg_reply_close(REG_Q_CLOSE *q_r, bzero(r_u.pol.data, POL_HND_SIZE); /* close the policy handle */ - if (close_policy_hnd(&(q_r->pol))) + if (close_policy_hnd(get_global_hnd_cache(), &(q_r->pol))) { r_u.status = 0; } @@ -84,7 +84,7 @@ static void reg_reply_open(REG_Q_OPEN_HKLM *q_r, r_u.status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (r_u.status == 0x0 && !open_policy_hnd(&(r_u.pol))) + if (r_u.status == 0x0 && !open_policy_hnd(get_global_hnd_cache(), &(r_u.pol))) { r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -126,12 +126,12 @@ static void reg_reply_open_entry(REG_Q_OPEN_ENTRY *q_u, DEBUG(5,("reg_open_entry: %d\n", __LINE__)); - if (status == 0 && find_policy_by_hnd(&(q_u->pol)) == -1) + if (status == 0 && find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1) { status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } - if (status == 0x0 && !open_policy_hnd(&pol)) + if (status == 0x0 && !open_policy_hnd(get_global_hnd_cache(), &pol)) { status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ } @@ -149,7 +149,7 @@ static void reg_reply_open_entry(REG_Q_OPEN_ENTRY *q_u, } } - if (status == 0x0 && !set_policy_reg_name(&pol, name)) + if (status == 0x0 && !set_policy_reg_name(get_global_hnd_cache(), &pol, name)) { status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ } @@ -195,7 +195,7 @@ static void reg_reply_info(REG_Q_INFO *q_u, DEBUG(5,("reg_info: %d\n", __LINE__)); - if (status == 0x0 && !get_policy_reg_name(&q_u->pol, name)) + if (status == 0x0 && !get_policy_reg_name(get_global_hnd_cache(), &q_u->pol, name)) { status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } diff --git a/source/rpc_server/srv_samr.c b/source/rpc_server/srv_samr.c index e21cba245a0..21b6ec9cfb0 100644 --- a/source/rpc_server/srv_samr.c +++ b/source/rpc_server/srv_samr.c @@ -124,7 +124,7 @@ static void samr_reply_close_hnd(SAMR_Q_CLOSE_HND *q_u, bzero(r_u.pol.data, POL_HND_SIZE); /* close the policy handle */ - if (close_policy_hnd(&(q_u->pol))) + if (close_policy_hnd(get_global_hnd_cache(), &(q_u->pol))) { r_u.status = 0; } @@ -165,19 +165,19 @@ static void samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u, r_u.status = 0x0; /* find the connection policy handle. */ - if (r_u.status == 0x0 && (find_policy_by_hnd(&(q_u->connect_pol)) == -1)) + if (r_u.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->connect_pol)) == -1)) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* get a (unique) handle. open a policy on it. */ - if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(&(r_u.domain_pol)))) + if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), &(r_u.domain_pol)))) { r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } /* associate the domain SID with the (unique) handle. */ - if (r_u.status == 0x0 && !set_policy_samr_sid(&(r_u.domain_pol), &(q_u->dom_sid.sid))) + if (r_u.status == 0x0 && !set_policy_samr_sid(get_global_hnd_cache(), &(r_u.domain_pol), &(q_u->dom_sid.sid))) { /* oh, whoops. don't know what error message to return, here */ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -185,7 +185,7 @@ static void samr_reply_open_domain(SAMR_Q_OPEN_DOMAIN *q_u, if (r_u.status != 0 && pol_open) { - close_policy_hnd(&(r_u.domain_pol)); + close_policy_hnd(get_global_hnd_cache(), &(r_u.domain_pol)); } DEBUG(5,("samr_open_domain: %d\n", __LINE__)); @@ -218,13 +218,13 @@ static void samr_reply_unknown_2c(SAMR_Q_UNKNOWN_2C *q_u, uint32 status = 0x0; /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->user_pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->user_pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the user's rid */ - if ((status == 0x0) && (get_policy_samr_rid(&(q_u->user_pol)) == 0xffffffff)) + if ((status == 0x0) && (get_policy_samr_rid(get_global_hnd_cache(), &(q_u->user_pol)) == 0xffffffff)) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -265,13 +265,13 @@ static void samr_reply_unknown_3(SAMR_Q_UNKNOWN_3 *q_u, status = 0x0; /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->user_pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->user_pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the user's rid */ - if (status == 0x0 && (rid = get_policy_samr_rid(&(q_u->user_pol))) == 0xffffffff) + if (status == 0x0 && (rid = get_policy_samr_rid(get_global_hnd_cache(), &(q_u->user_pol))) == 0xffffffff) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -334,7 +334,7 @@ static void samr_reply_enum_dom_users(SAMR_Q_ENUM_DOM_USERS *q_u, r_e.status = 0x0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (r_e.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -392,7 +392,7 @@ static void samr_reply_add_groupmem(SAMR_Q_ADD_GROUPMEM *q_u, r_e.status = 0x0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && !get_policy_samr_sid(&q_u->pol, &group_sid)) + if (r_e.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &group_sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -450,7 +450,7 @@ static void samr_reply_del_groupmem(SAMR_Q_DEL_GROUPMEM *q_u, r_e.status = 0x0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && !get_policy_samr_sid(&q_u->pol, &group_sid)) + if (r_e.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &group_sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -508,7 +508,7 @@ static void samr_reply_add_aliasmem(SAMR_Q_ADD_ALIASMEM *q_u, r_e.status = 0x0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && !get_policy_samr_sid(&q_u->alias_pol, &alias_sid)) + if (r_e.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->alias_pol, &alias_sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -574,7 +574,7 @@ static void samr_reply_del_aliasmem(SAMR_Q_DEL_ALIASMEM *q_u, r_e.status = 0x0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && !get_policy_samr_sid(&q_u->alias_pol, &alias_sid)) + if (r_e.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->alias_pol, &alias_sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -644,7 +644,7 @@ static void samr_reply_enum_domains(SAMR_Q_ENUM_DOMAINS *q_u, r_e.status = 0x0; /* find the connection policy handle. */ - if (r_e.status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (r_e.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -711,7 +711,7 @@ static void samr_reply_enum_dom_groups(SAMR_Q_ENUM_DOM_GROUPS *q_u, r_e.num_entries2 = 0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && !get_policy_samr_sid(&q_u->pol, &sid)) + if (r_e.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -794,7 +794,7 @@ static void samr_reply_enum_dom_aliases(SAMR_Q_ENUM_DOM_ALIASES *q_u, r_e.num_entries2 = 0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && !get_policy_samr_sid(&q_u->pol, &sid)) + if (r_e.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &sid)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -896,7 +896,7 @@ static void samr_reply_query_dispinfo(SAMR_Q_QUERY_DISPINFO *q_u, DEBUG(5,("samr_reply_query_dispinfo: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (find_policy_by_hnd(&(q_u->domain_pol)) == -1) + if (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->domain_pol)) == -1) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; DEBUG(5,("samr_reply_query_dispinfo: invalid handle\n")); @@ -1060,7 +1060,7 @@ static void samr_reply_delete_dom_group(SAMR_Q_DELETE_DOM_GROUP *q_u, DEBUG(5,("samr_delete_dom_group: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->group_pol, &group_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->group_pol, &group_sid)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1126,7 +1126,7 @@ static void samr_reply_query_groupmem(SAMR_Q_QUERY_GROUPMEM *q_u, DEBUG(5,("samr_query_groupmem: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->group_pol, &group_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->group_pol, &group_sid)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1205,7 +1205,7 @@ static void samr_reply_query_groupinfo(SAMR_Q_QUERY_GROUPINFO *q_u, r_e.ptr = 0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (r_e.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1268,7 +1268,7 @@ static void samr_reply_query_aliasinfo(SAMR_Q_QUERY_ALIASINFO *q_u, r_e.ptr = 0; /* find the policy handle. open a policy on it. */ - if (r_e.status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (r_e.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { r_e.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1334,7 +1334,7 @@ static void samr_reply_query_useraliases(SAMR_Q_QUERY_USERALIASES *q_u, DEBUG(5,("samr_query_useraliases: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->pol, &dom_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &dom_sid)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1446,7 +1446,7 @@ static void samr_reply_delete_dom_alias(SAMR_Q_DELETE_DOM_ALIAS *q_u, DEBUG(5,("samr_delete_dom_alias: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->alias_pol, &alias_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->alias_pol, &alias_sid)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1511,7 +1511,7 @@ static void samr_reply_query_aliasmem(SAMR_Q_QUERY_ALIASMEM *q_u, DEBUG(5,("samr_query_aliasmem: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->alias_pol, &alias_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->alias_pol, &alias_sid)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -1603,7 +1603,7 @@ static void samr_reply_lookup_names(SAMR_Q_LOOKUP_NAMES *q_u, DEBUG(5,("samr_lookup_names: %d\n", __LINE__)); - if (status == 0x0 && !get_policy_samr_sid(&q_u->pol, &pol_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &pol_sid)) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -1770,12 +1770,12 @@ static void samr_reply_lookup_rids(SAMR_Q_LOOKUP_RIDS *q_u, DEBUG(5,("samr_lookup_rids: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } - if (status == 0x0 && !get_policy_samr_sid(&q_u->pol, &pol_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &pol_sid)) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -1839,13 +1839,13 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, r_u.status = 0x0; /* find the policy handle. open a policy on it. */ - if (r_u.status == 0x0 && (find_policy_by_hnd(&(q_u->domain_pol)) == -1)) + if (r_u.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->domain_pol)) == -1)) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* get a (unique) handle. open a policy on it. */ - if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(&(r_u.user_pol)))) + if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), &(r_u.user_pol)))) { r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -1861,7 +1861,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, } /* associate the RID with the (unique) handle. */ - if (r_u.status == 0x0 && !set_policy_samr_rid(&(r_u.user_pol), q_u->user_rid)) + if (r_u.status == 0x0 && !set_policy_samr_rid(get_global_hnd_cache(), &(r_u.user_pol), q_u->user_rid)) { /* oh, whoops. don't know what error message to return, here */ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -1869,7 +1869,7 @@ static void samr_reply_open_user(SAMR_Q_OPEN_USER *q_u, if (r_u.status != 0 && pol_open) { - close_policy_hnd(&(r_u.user_pol)); + close_policy_hnd(get_global_hnd_cache(), &(r_u.user_pol)); } DEBUG(5,("samr_open_user: %d\n", __LINE__)); @@ -1998,13 +1998,13 @@ static void samr_reply_query_userinfo(SAMR_Q_QUERY_USERINFO *q_u, DEBUG(5,("samr_reply_query_userinfo: %d\n", __LINE__)); /* search for the handle */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the user's rid */ - if (status == 0x0 && (rid = get_policy_samr_rid(&(q_u->pol))) == 0xffffffff) + if (status == 0x0 && (rid = get_policy_samr_rid(get_global_hnd_cache(), &(q_u->pol))) == 0xffffffff) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -2190,13 +2190,13 @@ static void samr_reply_set_userinfo2(SAMR_Q_SET_USERINFO2 *q_u, DEBUG(5,("samr_reply_set_userinfo2: %d\n", __LINE__)); /* search for the handle */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the user's rid */ - if (status == 0x0 && (rid = get_policy_samr_rid(&(q_u->pol))) == 0xffffffff) + if (status == 0x0 && (rid = get_policy_samr_rid(get_global_hnd_cache(), &(q_u->pol))) == 0xffffffff) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -2277,13 +2277,13 @@ static void samr_reply_set_userinfo(SAMR_Q_SET_USERINFO *q_u, DEBUG(5,("samr_reply_set_userinfo: %d\n", __LINE__)); /* search for the handle */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the user's rid */ - if (status == 0x0 && (rid = get_policy_samr_rid(&(q_u->pol))) == 0xffffffff) + if (status == 0x0 && (rid = get_policy_samr_rid(get_global_hnd_cache(), &(q_u->pol))) == 0xffffffff) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -2386,13 +2386,13 @@ static void samr_reply_query_usergroups(SAMR_Q_QUERY_USERGROUPS *q_u, DEBUG(5,("samr_query_usergroups: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the user's rid */ - if (status == 0x0 && (rid = get_policy_samr_rid(&(q_u->pol))) == 0xffffffff) + if (status == 0x0 && (rid = get_policy_samr_rid(get_global_hnd_cache(), &(q_u->pol))) == 0xffffffff) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -2462,7 +2462,7 @@ static uint32 open_samr_alias(DOM_SID *sid, POLICY_HND *alias_pol, uint32 status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (status == 0x0 && !(pol_open = open_policy_hnd(alias_pol))) + if (status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), alias_pol))) { status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -2470,7 +2470,7 @@ static uint32 open_samr_alias(DOM_SID *sid, POLICY_HND *alias_pol, DEBUG(0,("TODO: verify that the alias rid exists\n")); /* associate a RID with the (unique) handle. */ - if (status == 0x0 && !set_policy_samr_rid(alias_pol, alias_rid)) + if (status == 0x0 && !set_policy_samr_rid(get_global_hnd_cache(), alias_pol, alias_rid)) { /* oh, whoops. don't know what error message to return, here */ status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2479,7 +2479,7 @@ static uint32 open_samr_alias(DOM_SID *sid, POLICY_HND *alias_pol, sid_append_rid(sid, alias_rid); /* associate an alias SID with the (unique) handle. */ - if (status == 0x0 && !set_policy_samr_sid(alias_pol, sid)) + if (status == 0x0 && !set_policy_samr_sid(get_global_hnd_cache(), alias_pol, sid)) { /* oh, whoops. don't know what error message to return, here */ status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2487,7 +2487,7 @@ static uint32 open_samr_alias(DOM_SID *sid, POLICY_HND *alias_pol, if (status != 0 && pol_open) { - close_policy_hnd(alias_pol); + close_policy_hnd(get_global_hnd_cache(), alias_pol); } return status; @@ -2510,13 +2510,13 @@ static void samr_reply_create_dom_alias(SAMR_Q_CREATE_DOM_ALIAS *q_u, DEBUG(5,("samr_create_dom_alias: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->dom_pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->dom_pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the domain sid */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->dom_pol, &dom_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->dom_pol, &dom_sid)) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -2573,7 +2573,7 @@ static uint32 open_samr_group(DOM_SID *sid, POLICY_HND *group_pol, uint32 status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (status == 0x0 && !(pol_open = open_policy_hnd(group_pol))) + if (status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), group_pol))) { status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -2581,7 +2581,7 @@ static uint32 open_samr_group(DOM_SID *sid, POLICY_HND *group_pol, DEBUG(0,("TODO: verify that the group rid exists\n")); /* associate a RID with the (unique) handle. */ - if (status == 0x0 && !set_policy_samr_rid(group_pol, group_rid)) + if (status == 0x0 && !set_policy_samr_rid(get_global_hnd_cache(), group_pol, group_rid)) { /* oh, whoops. don't know what error message to return, here */ status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2590,7 +2590,7 @@ static uint32 open_samr_group(DOM_SID *sid, POLICY_HND *group_pol, sid_append_rid(sid, group_rid); /* associate an group SID with the (unique) handle. */ - if (status == 0x0 && !set_policy_samr_sid(group_pol, sid)) + if (status == 0x0 && !set_policy_samr_sid(get_global_hnd_cache(), group_pol, sid)) { /* oh, whoops. don't know what error message to return, here */ status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2598,7 +2598,7 @@ static uint32 open_samr_group(DOM_SID *sid, POLICY_HND *group_pol, if (status != 0 && pol_open) { - close_policy_hnd(group_pol); + close_policy_hnd(get_global_hnd_cache(), group_pol); } return status; @@ -2621,13 +2621,13 @@ static void samr_reply_create_dom_group(SAMR_Q_CREATE_DOM_GROUP *q_u, DEBUG(5,("samr_create_dom_group: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* find the domain sid */ - if (status == 0x0 && !get_policy_samr_sid(&q_u->pol, &dom_sid)) + if (status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->pol, &dom_sid)) { status = 0xC0000000 | NT_STATUS_OBJECT_TYPE_MISMATCH; } @@ -2694,7 +2694,7 @@ static void samr_reply_query_dom_info(SAMR_Q_QUERY_DOMAIN_INFO *q_u, DEBUG(5,("samr_reply_query_dom_info: %d\n", __LINE__)); /* find the policy handle. open a policy on it. */ - if (r_u.status == 0x0 && (find_policy_by_hnd(&(q_u->domain_pol)) == -1)) + if (r_u.status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->domain_pol)) == -1)) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; DEBUG(5,("samr_reply_query_dom_info: invalid handle\n")); @@ -2791,13 +2791,13 @@ static void samr_reply_create_user(SAMR_Q_CREATE_USER *q_u, */ /* find the policy handle. open a policy on it. */ - if (status == 0x0 && (find_policy_by_hnd(&(q_u->domain_pol)) == -1)) + if (status == 0x0 && (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->domain_pol)) == -1)) { status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* get a (unique) handle. open a policy on it. */ - if (status == 0x0 && !(pol_open = open_policy_hnd(&pol))) + if (status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), &pol))) { status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -2842,7 +2842,7 @@ static void samr_reply_create_user(SAMR_Q_CREATE_USER *q_u, } /* associate the RID with the (unique) handle. */ - if (status == 0x0 && !set_policy_samr_rid(&pol, user_rid)) + if (status == 0x0 && !set_policy_samr_rid(get_global_hnd_cache(), &pol, user_rid)) { /* oh, whoops. don't know what error message to return, here */ status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2850,7 +2850,7 @@ static void samr_reply_create_user(SAMR_Q_CREATE_USER *q_u, if (status != 0 && pol_open) { - close_policy_hnd(&pol); + close_policy_hnd(get_global_hnd_cache(), &pol); } DEBUG(5,("samr_create_user: %d\n", __LINE__)); @@ -2892,13 +2892,13 @@ static void samr_reply_connect_anon(SAMR_Q_CONNECT_ANON *q_u, r_u.status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(&(r_u.connect_pol)))) + if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), &(r_u.connect_pol)))) { r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } /* associate the domain SID with the (unique) handle. */ - if (r_u.status == 0x0 && !set_policy_samr_pol_status(&(r_u.connect_pol), q_u->unknown_0)) + if (r_u.status == 0x0 && !set_policy_samr_pol_status(get_global_hnd_cache(), &(r_u.connect_pol), q_u->unknown_0)) { /* oh, whoops. don't know what error message to return, here */ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2906,7 +2906,7 @@ static void samr_reply_connect_anon(SAMR_Q_CONNECT_ANON *q_u, if (r_u.status != 0 && pol_open) { - close_policy_hnd(&(r_u.connect_pol)); + close_policy_hnd(get_global_hnd_cache(), &(r_u.connect_pol)); } DEBUG(5,("samr_connect_anon: %d\n", __LINE__)); @@ -2941,13 +2941,13 @@ static void samr_reply_connect(SAMR_Q_CONNECT *q_u, r_u.status = 0x0; /* get a (unique) handle. open a policy on it. */ - if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(&(r_u.connect_pol)))) + if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), &(r_u.connect_pol)))) { r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } /* associate the domain SID with the (unique) handle. */ - if (r_u.status == 0x0 && !set_policy_samr_pol_status(&(r_u.connect_pol), q_u->unknown_0)) + if (r_u.status == 0x0 && !set_policy_samr_pol_status(get_global_hnd_cache(), &(r_u.connect_pol), q_u->unknown_0)) { /* oh, whoops. don't know what error message to return, here */ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -2955,7 +2955,7 @@ static void samr_reply_connect(SAMR_Q_CONNECT *q_u, if (r_u.status != 0 && pol_open) { - close_policy_hnd(&(r_u.connect_pol)); + close_policy_hnd(get_global_hnd_cache(), &(r_u.connect_pol)); } DEBUG(5,("samr_connect: %d\n", __LINE__)); @@ -2990,13 +2990,13 @@ static void samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u, /* set up the SAMR open_alias response */ r_u.status = 0x0; - if (r_u.status == 0x0 && !get_policy_samr_sid(&q_u->dom_pol, &sid)) + if (r_u.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->dom_pol, &sid)) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } /* get a (unique) handle. open a policy on it. */ - if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(&(r_u.pol)))) + if (r_u.status == 0x0 && !(pol_open = open_policy_hnd(get_global_hnd_cache(), &(r_u.pol)))) { r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; } @@ -3004,7 +3004,7 @@ static void samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u, DEBUG(0,("TODO: verify that the alias rid exists\n")); /* associate a RID with the (unique) handle. */ - if (r_u.status == 0x0 && !set_policy_samr_rid(&(r_u.pol), q_u->rid_alias)) + if (r_u.status == 0x0 && !set_policy_samr_rid(get_global_hnd_cache(), &(r_u.pol), q_u->rid_alias)) { /* oh, whoops. don't know what error message to return, here */ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -3013,7 +3013,7 @@ static void samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u, sid_append_rid(&sid, q_u->rid_alias); /* associate an alias SID with the (unique) handle. */ - if (r_u.status == 0x0 && !set_policy_samr_sid(&(r_u.pol), &sid)) + if (r_u.status == 0x0 && !set_policy_samr_sid(get_global_hnd_cache(), &(r_u.pol), &sid)) { /* oh, whoops. don't know what error message to return, here */ r_u.status = 0xC0000000 | NT_STATUS_OBJECT_NAME_NOT_FOUND; @@ -3021,7 +3021,7 @@ static void samr_reply_open_alias(SAMR_Q_OPEN_ALIAS *q_u, if (r_u.status != 0 && pol_open) { - close_policy_hnd(&(r_u.pol)); + close_policy_hnd(get_global_hnd_cache(), &(r_u.pol)); } DEBUG(5,("samr_open_alias: %d\n", __LINE__)); @@ -3058,7 +3058,7 @@ static void samr_reply_open_group(SAMR_Q_OPEN_GROUP *q_u, r_u.status = 0x0; /* find the domain sid associated with the policy handle */ - if (r_u.status == 0x0 && !get_policy_samr_sid(&q_u->domain_pol, &sid)) + if (r_u.status == 0x0 && !get_policy_samr_sid(get_global_hnd_cache(), &q_u->domain_pol, &sid)) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } @@ -3106,7 +3106,7 @@ static void samr_reply_lookup_domain(SAMR_Q_LOOKUP_DOMAIN *q_u, r_u.status = 0x0; /* find the connection policy handle */ - if (find_policy_by_hnd(&(q_u->connect_pol)) == -1) + if (find_policy_by_hnd(get_global_hnd_cache(), &(q_u->connect_pol)) == -1) { r_u.status = 0xC0000000 | NT_STATUS_INVALID_HANDLE; } diff --git a/source/rpc_server/srv_svcctl.c b/source/rpc_server/srv_svcctl.c index 07ba988fa81..2ee13000da8 100644 --- a/source/rpc_server/srv_svcctl.c +++ b/source/rpc_server/srv_svcctl.c @@ -41,7 +41,7 @@ static void svc_reply_close(SVC_Q_CLOSE *q_r, bzero(r_u.pol.data, POL_HND_SIZE); /* close the policy handle */ - if (close_policy_hnd(&(q_r->pol))) + if (close_policy_hnd(get_global_hnd_cache(), &(q_r->pol))) { r_u.status = 0; } @@ -83,12 +83,12 @@ static void svc_reply_open_service(SVC_Q_OPEN_SERVICE *q_u, DEBUG(5,("svc_open_service: %d\n", __LINE__)); - if (status == 0x0 && find_policy_by_hnd(&q_u->scman_pol) == -1) + if (status == 0x0 && find_policy_by_hnd(get_global_hnd_cache(), &q_u->scman_pol) == -1) { status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } - if (status == 0x0 && !open_policy_hnd(&pol)) + if (status == 0x0 && !open_policy_hnd(get_global_hnd_cache(), &pol)) { status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ } @@ -101,7 +101,7 @@ static void svc_reply_open_service(SVC_Q_OPEN_SERVICE *q_u, /* lkcl XXXX do a check on the name, here */ } - if (status == 0x0 && !set_policy_svc_name(&pol, name)) + if (status == 0x0 && !set_policy_svc_name(get_global_hnd_cache(), &pol, name)) { status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ } @@ -140,8 +140,8 @@ static void svc_reply_stop_service(SVC_Q_STOP_SERVICE *q_s, r_s.status = 0x0; - if (find_policy_by_hnd(&q_s->pol) == -1 || - !get_policy_svc_name(&q_s->pol, svc_name)) + if (find_policy_by_hnd(get_global_hnd_cache(), &q_s->pol) == -1 || + !get_policy_svc_name(get_global_hnd_cache(), &q_s->pol, svc_name)) { r_s.status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } @@ -189,8 +189,8 @@ static void svc_reply_start_service(SVC_Q_START_SERVICE *q_s, r_s.status = 0x0; - if (find_policy_by_hnd(&q_s->pol) == -1 || - !get_policy_svc_name(&q_s->pol, svc_name)) + if (find_policy_by_hnd(get_global_hnd_cache(), &q_s->pol) == -1 || + !get_policy_svc_name(get_global_hnd_cache(), &q_s->pol, svc_name)) { r_s.status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } @@ -236,7 +236,7 @@ static void svc_reply_open_sc_man(SVC_Q_OPEN_SC_MAN *q_u, DEBUG(5,("svc_open_sc_man: %d\n", __LINE__)); - if (status == 0x0 && !open_policy_hnd(&pol)) + if (status == 0x0 && !open_policy_hnd(get_global_hnd_cache(), &pol)) { status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ } @@ -249,7 +249,7 @@ static void svc_reply_open_sc_man(SVC_Q_OPEN_SC_MAN *q_u, /* lkcl XXXX do a check on the name, here */ } - if (status == 0x0 && !set_policy_svc_name(&pol, name)) + if (status == 0x0 && !set_policy_svc_name(get_global_hnd_cache(), &pol, name)) { status = 0xC000000 | NT_STATUS_TOO_MANY_SECRETS; /* ha ha very droll */ } @@ -306,7 +306,7 @@ static void svc_reply_enum_svcs_status(SVC_Q_ENUM_SVCS_STATUS *q_u, DEBUG(5,("svc_enum_svcs_status: %d\n", __LINE__)); - if (dos_status == 0x0 && find_policy_by_hnd(&q_u->pol) == -1) + if (dos_status == 0x0 && find_policy_by_hnd(get_global_hnd_cache(), &q_u->pol) == -1) { dos_status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } @@ -421,7 +421,7 @@ static void svc_reply_query_disp_name(SVC_Q_QUERY_DISP_NAME *q_u, DEBUG(5,("svc_query_disp_name: %d\n", __LINE__)); - if (find_policy_by_hnd(&q_u->scman_pol) == -1) + if (find_policy_by_hnd(get_global_hnd_cache(), &q_u->scman_pol) == -1) { status = 0xC000000 | NT_STATUS_INVALID_HANDLE; } diff --git a/source/rpcclient/rpcclient.c b/source/rpcclient/rpcclient.c index e164d21b3f7..f84233b41e9 100644 --- a/source/rpcclient/rpcclient.c +++ b/source/rpcclient/rpcclient.c @@ -1880,8 +1880,6 @@ void readline_init(void) out_hnd = stdout; fstrcpy(debugf, argv[0]); - init_policy_hnd(64); - pstrcpy(usr.ntc.domain, ""); pstrcpy(usr.ntc.user_name, ""); diff --git a/source/smbd/server.c b/source/smbd/server.c index d94a91d6fde..173ea74fb11 100644 --- a/source/smbd/server.c +++ b/source/smbd/server.c @@ -480,7 +480,6 @@ static void init_structs(void) { conn_init(); file_init(); - init_policy_hnd(64); init_rpc_pipe_hnd(); /* for RPC pipes */ init_dptrs(); init_dfs_table(); diff --git a/source/utils/smbpasswd.c b/source/utils/smbpasswd.c index c6c62b4b2af..2ee318b9e7c 100644 --- a/source/utils/smbpasswd.c +++ b/source/utils/smbpasswd.c @@ -776,8 +776,6 @@ int main(int argc, char **argv) { static pstring servicesf = CONFIGFILE; - init_policy_hnd(64); - TimeInit(); setup_logging("smbpasswd", True); |