diff options
| author | Tim Potter <tpot@samba.org> | 2000-04-07 07:41:01 +0000 |
|---|---|---|
| committer | Tim Potter <tpot@samba.org> | 2000-04-07 07:41:01 +0000 |
| commit | 9350b5a76d001918422e6d10093f327dd0c55330 (patch) | |
| tree | b97f193a78f7629d1f55797cff2690209b0c311b | |
| parent | 42195d6cf0f6abe08f1097ca1fb86c56c1f7c43c (diff) | |
| download | samba-9350b5a76d001918422e6d10093f327dd0c55330.tar.gz | |
Replaced a whole bunch of 0x02000000's with SEC_RIGHTS_MAXIMUM_ALLOWED
| -rw-r--r-- | source/lsarpcd/lsarpcd.c | 7 | ||||
| -rw-r--r-- | source/netlogond/srv_netlogon_nt.c | 17 | ||||
| -rw-r--r-- | source/rpc_client/cli_lsarpc.c | 4 | ||||
| -rw-r--r-- | source/rpc_client/msrpc_lsarpc.c | 19 | ||||
| -rw-r--r-- | source/rpc_client/msrpc_samr.c | 66 | ||||
| -rw-r--r-- | source/rpcclient/cmd_lsarpc.c | 19 | ||||
| -rw-r--r-- | source/rpcclient/cmd_reg.c | 90 | ||||
| -rw-r--r-- | source/rpcclient/cmd_samr.c | 93 | ||||
| -rw-r--r-- | source/utils/rpctorture.c | 3 |
9 files changed, 183 insertions, 135 deletions
diff --git a/source/lsarpcd/lsarpcd.c b/source/lsarpcd/lsarpcd.c index 76628729c99..f3645aae97e 100644 --- a/source/lsarpcd/lsarpcd.c +++ b/source/lsarpcd/lsarpcd.c @@ -78,12 +78,13 @@ static void update_trust_account(void) make_unistr2(&uni_sec_name, name, strlen(name)); - s = _lsa_open_policy2(NULL, &lsa_pol, NULL, 0x02000000); + s = _lsa_open_policy2(NULL, &lsa_pol, NULL, + SEC_RIGHTS_MAXIMUM_ALLOWED); if (s == NT_STATUS_NOPROBLEMO) { - s1 = _lsa_open_secret(&lsa_pol, &uni_sec_name, 0x02000000, - &pol_sec); + s1 = _lsa_open_secret(&lsa_pol, &uni_sec_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_sec); } else { diff --git a/source/netlogond/srv_netlogon_nt.c b/source/netlogond/srv_netlogon_nt.c index 0e34c7f5bd7..02b05a2f628 100644 --- a/source/netlogond/srv_netlogon_nt.c +++ b/source/netlogond/srv_netlogon_nt.c @@ -63,10 +63,11 @@ static uint32 direct_samr_userinfo(const UNISTR2 *uni_user, ZERO_STRUCTP(ctr); } - status_sam = _samr_connect(NULL, 0x02000000, &sam_pol); + status_sam = _samr_connect(NULL, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol); if (status_sam == NT_STATUS_NOPROBLEMO) { - status_dom = _samr_open_domain(&sam_pol, 0x02000000, + status_dom = _samr_open_domain(&sam_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, &global_sam_sid, &dom_pol); } if (status_dom == NT_STATUS_NOPROBLEMO) @@ -86,7 +87,8 @@ static uint32 direct_samr_userinfo(const UNISTR2 *uni_user, } if (status_usr == NT_STATUS_NOPROBLEMO) { - status_usr = _samr_open_user(&dom_pol, 0x02000000, + status_usr = _samr_open_user(&dom_pol, + SEC_RIGHTS_MAXIMUM_ALLOWED, user_rid, &usr_pol); } if (status_usr == NT_STATUS_NOPROBLEMO) @@ -1203,11 +1205,12 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, (*sync_context) = 1; - if (_samr_connect(NULL, 0x02000000, &sam_pol) != NT_STATUS_NOPROBLEMO) + if (_samr_connect(NULL, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) != + NT_STATUS_NOPROBLEMO) { return NT_STATUS_ACCESS_DENIED; } - if (_samr_open_domain(&sam_pol, 0x02000000, + if (_samr_open_domain(&sam_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, &global_sam_sid, &dom_pol) != NT_STATUS_NOPROBLEMO) { @@ -1240,8 +1243,8 @@ uint32 _net_sam_sync(const UNISTR2 *uni_srv_name, ZERO_STRUCT(ctr); status_usr = - _samr_open_user(&dom_pol, 0x02000000, sam[idx].rid, - &usr_pol); + _samr_open_user(&dom_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, + sam[idx].rid, &usr_pol); if (status_usr == NT_STATUS_NOPROBLEMO && _samr_query_userinfo(&usr_pol, 0x21, &ctr) == NT_STATUS_NOPROBLEMO) diff --git a/source/rpc_client/cli_lsarpc.c b/source/rpc_client/cli_lsarpc.c index d5b573fa6cc..1dc0aab05b3 100644 --- a/source/rpc_client/cli_lsarpc.c +++ b/source/rpc_client/cli_lsarpc.c @@ -69,7 +69,7 @@ BOOL get_domain_sids(const char *domain, DOM_SID * sid3, DOM_SID * sid5) /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy(srv_name, &pol, False, - 0x02000000) : False; + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; if (sid3 != NULL) { @@ -148,7 +148,7 @@ BOOL get_trust_sid_and_domain(const char *myname, char *server, /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy(srv_name, &pol, False, - 0x02000000) : False; + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send client info query, level 3. receive domain name and sid */ res1 = res ? lsa_query_info_pol(&pol, 3, dom3, &sid3) : False; diff --git a/source/rpc_client/msrpc_lsarpc.c b/source/rpc_client/msrpc_lsarpc.c index 7d18b9031d4..90219e56bc0 100644 --- a/source/rpc_client/msrpc_lsarpc.c +++ b/source/rpc_client/msrpc_lsarpc.c @@ -61,7 +61,7 @@ uint32 lookup_lsa_names(const char *srv_name, } res1 = res1 ? lsa_open_policy(srv_name, &lsa_pol, True, - 0x02000000) : False; + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; res2 = res1 ? lsa_lookup_names(&lsa_pol, num_names, names, @@ -101,7 +101,7 @@ uint32 lookup_lsa_name(const char *domain, /* lookup domain controller; receive a policy handle */ res3 = res3 ? lsa_open_policy(srv_name, &lsa_pol, True, - 0x02000000) : False; + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send lsa lookup sids call */ res4 = res3 ? lsa_lookup_names(&lsa_pol, @@ -158,7 +158,7 @@ uint32 lookup_lsa_sid(const char *domain, /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy(srv_name, &lsa_pol, True, - 0x02000000) : False; + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send lsa lookup sids call */ res1 = res ? lsa_lookup_sids(&lsa_pol, @@ -200,7 +200,8 @@ BOOL msrpc_lsa_create_secret(const char *srv_name, const char *secret_name, /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy(srv_name, - &lsa_pol, True, 0x02000000) : False; + &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* lookup domain controller; receive a policy handle */ res1 = res ? lsa_create_secret(&lsa_pol, @@ -262,11 +263,12 @@ BOOL msrpc_lsa_set_secret(const char *srv_name, /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy(srv_name, - &lsa_pol, True, 0x02000000) : False; + &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* lookup domain controller; receive a policy handle */ res1 = res ? lsa_open_secret(&lsa_pol, - secret_name, 0x02000000, + secret_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_sec) : False; res2 = res1 ? (lsa_set_secret(&pol_sec, &secret) == @@ -295,11 +297,12 @@ BOOL msrpc_lsa_query_secret(const char *srv_name, /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy2(srv_name, - &lsa_pol, False, 0x02000000) : False; + &lsa_pol, False, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* lookup domain controller; receive a policy handle */ res1 = res ? lsa_open_secret(&lsa_pol, - secret_name, 0x02000000, + secret_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_sec) : False; res2 = res1 ? lsa_query_secret(&pol_sec, secret, last_update) : False; diff --git a/source/rpc_client/msrpc_samr.c b/source/rpc_client/msrpc_samr.c index 87daedc8175..ca3f6b9eacd 100644 --- a/source/rpc_client/msrpc_samr.c +++ b/source/rpc_client/msrpc_samr.c @@ -45,7 +45,8 @@ uint32 lookup_sam_domainname(const char *srv_name, } /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; res1 = res ? samr_query_lookup_domain(&sam_pol, domain, sid) : False; @@ -70,7 +71,7 @@ uint32 lookup_sam_names(const char *domain, const DOM_SID *sid, BOOL res = True; BOOL res1 = True; uint32 *my_types = NULL; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; POLICY_HND sam_pol; POLICY_HND pol_dom; @@ -103,7 +104,8 @@ uint32 lookup_sam_names(const char *domain, const DOM_SID *sid, } /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, sid, &pol_dom) : False; @@ -148,7 +150,7 @@ uint32 lookup_sam_name(const char *domain, DOM_SID *sid, fstring srv_name; BOOL res = True; BOOL res1 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; char *names[1]; uint32 *rids = NULL; uint32 *types = NULL; @@ -166,7 +168,8 @@ uint32 lookup_sam_name(const char *domain, DOM_SID *sid, } /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain( &sam_pol, ace_perms, sid, &pol_dom) : False; @@ -204,7 +207,7 @@ uint32 lookup_sam_rid(const char *domain, DOM_SID *sid, int i; BOOL res = True; BOOL res1 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; char **names = NULL; uint32 *rid_mem; uint32 *types = NULL; @@ -218,7 +221,8 @@ uint32 lookup_sam_rid(const char *domain, DOM_SID *sid, } /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain( &sam_pol, ace_perms, sid, &pol_dom) : False; @@ -506,7 +510,8 @@ BOOL msrpc_sam_query_user( const char* srv_name, POLICY_HND pol_dom; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain( &sam_pol, 0x304, sid, &pol_dom) : False; @@ -581,7 +586,7 @@ int msrpc_sam_enum_users( const char* srv_name, start_idx, unk_0, acb_mask, unk_1)); /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, + res = res ? samr_connect( srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) : False; /* connect to the domain */ @@ -653,13 +658,13 @@ BOOL sam_query_dominfo(const char* srv_name, BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; POLICY_HND sam_pol; POLICY_HND pol_dom; /* establish a connection. */ res = res ? samr_connect( - srv_name, 0x02000000, + srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) : False; /* connect to the domain */ @@ -749,8 +754,9 @@ BOOL sam_query_aliasmem(const char *srv_name, } /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy( srv_name, - &lsa_pol, True, 0x02000000) : False; + res3 = res3 ? lsa_open_policy(srv_name, + &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send lsa lookup sids call */ res4 = res3 ? lsa_lookup_sids( &lsa_pol, @@ -953,7 +959,7 @@ uint32 msrpc_sam_get_first_domain( const char* srv_name, DOM_SID *dom_sid) { BOOL res = True; - uint32 ace_perms = 0x02000000; /* access control permissions. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; POLICY_HND sam_pol; uint32 status; struct acct_info *sam = NULL; @@ -1019,7 +1025,7 @@ uint32 msrpc_sam_enum_domains( const char* srv_name, DOMAIN_INFO_FN(dom_inf_fn)) { BOOL res = True; - uint32 ace_perms = 0x02000000; /* access control permissions. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; POLICY_HND sam_pol; uint32 status; @@ -1104,13 +1110,13 @@ uint32 msrpc_sam_enum_groups( const char* srv_name, GROUP_MEM_FN(grp_mem_fn)) { BOOL res = True; - uint32 ace_perms = 0x02000000; /* access control permissions. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; POLICY_HND sam_pol; POLICY_HND pol_dom; uint32 status; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) : False; /* connect to the domain */ @@ -1194,14 +1200,14 @@ uint32 msrpc_sam_enum_aliases( const char* srv_name, ALIAS_MEM_FN(als_mem_fn)) { BOOL res = True; - uint32 ace_perms = 0x02000000; /* access control permissions */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; POLICY_HND sam_pol; POLICY_HND pol_dom; uint32 status = 0x0; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, - &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain( &sam_pol, ace_perms, sid1, @@ -1731,8 +1737,9 @@ BOOL get_samr_query_groupinfo( ZERO_STRUCTP(ctr); /* send open domain (on group sid) */ - if (!samr_open_group( pol_open_domain, - 0x02000000, group_rid, &pol_open_group)) + if (!samr_open_group(pol_open_domain, + SEC_RIGHTS_MAXIMUM_ALLOWED, group_rid, + &pol_open_group)) { return False; } @@ -1764,8 +1771,8 @@ BOOL get_samr_query_aliasinfo( ZERO_STRUCTP(ctr); /* send open domain (on alias sid) */ - if (!samr_open_alias( pol_open_domain, - 0x02000000, alias_rid, &pol_open_alias)) + if (!samr_open_alias(pol_open_domain, SEC_RIGHTS_MAXIMUM_ALLOWED, + alias_rid, &pol_open_alias)) { return False; } @@ -1792,14 +1799,13 @@ BOOL msrpc_sam_create_dom_user(const char* srv_name, DOM_SID *sid1, BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 user_rid; POLICY_HND sam_pol; POLICY_HND pol_dom; /* establish a connection. */ - res = res ? samr_connect( - srv_name, 0x02000000, + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, &sam_pol) : False; /* connect to the domain */ @@ -1842,7 +1848,8 @@ BOOL msrpc_sam_query_dispinfo(const char* srv_name, const char* domain, POLICY_HND pol_dom; /* establish a connection. */ - res = res ? samr_connect( srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain( &sam_pol, ace_perms, sid1, @@ -1987,7 +1994,8 @@ BOOL msrpc_sam_query_userinfo(const char* srv_name, const DOM_SID *sid, POLICY_HND pol_dom; /* establish a connection to a domain */ - res = res ? samr_connect( srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; res = res ? samr_open_domain( &sam_pol, 0x304, sid, &pol_dom) : False; /* look up user rid */ diff --git a/source/rpcclient/cmd_lsarpc.c b/source/rpcclient/cmd_lsarpc.c index fe665785e99..0911fbb0271 100644 --- a/source/rpcclient/cmd_lsarpc.c +++ b/source/rpcclient/cmd_lsarpc.c @@ -53,7 +53,8 @@ void cmd_lsa_enum_trust_dom(struct client_info *info, int argc, char *argv[]) /* lookup domain controller; receive a policy handle */ res = res ? lsa_open_policy( srv_name, - &lsa_pol, False, 0x02000000) : False; + &lsa_pol, False, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; do { @@ -111,8 +112,8 @@ void cmd_lsa_query_info(struct client_info *info, int argc, char *argv[]) DEBUG(4,("cmd_lsa_query_info: server:%s\n", srv_name)); /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy( srv_name, - &lsa_pol, False, 0x02000000) : False; + res = res ? lsa_open_policy(srv_name, &lsa_pol, False, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send client info query, level 3. receive domain name and sid */ res = res ? lsa_query_info_pol( &lsa_pol, 0x03, @@ -286,8 +287,8 @@ void cmd_lsa_lookup_sids(struct client_info *info, int argc, char *argv[]) } /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy( srv_name, - &lsa_pol, True, 0x02000000) : False; + res = res ? lsa_open_policy(srv_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send lsa lookup sids call */ res = res ? lsa_lookup_sids( &lsa_pol, @@ -429,12 +430,12 @@ void cmd_lsa_query_secret_secobj(struct client_info *info, int argc, char *argv[ secret_name = argv[1]; /* lookup domain controller; receive a policy handle */ - res = res ? lsa_open_policy(srv_name, - &lsa_pol, False, 0x02000000) : False; + res = res ? lsa_open_policy(srv_name, &lsa_pol, False, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* lookup domain controller; receive a policy handle */ - res1 = res ? lsa_open_secret(&lsa_pol, - secret_name, 0x02000000, + res1 = res ? lsa_open_secret(&lsa_pol, secret_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_sec) : False; res2 = res1 ? lsa_query_sec_obj(&pol_sec, 0x07, &buf) : False; diff --git a/source/rpcclient/cmd_reg.c b/source/rpcclient/cmd_reg.c index fea29e382e3..23fefb6d129 100644 --- a/source/rpcclient/cmd_reg.c +++ b/source/rpcclient/cmd_reg.c @@ -152,14 +152,15 @@ BOOL msrpc_reg_enum_key(const char* srv_name, const char* full_keyname, DEBUG(5, ("reg_enum_key: %s\n", full_keyname)); /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, full_keyname, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*key_name) != 0) { /* open an entry */ - res1 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res1 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &key_pol) : False; } else { @@ -361,14 +362,15 @@ void cmd_reg_query_info(struct client_info *info, int argc, char *argv[]) } /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, keyname, key_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, keyname, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*key_name) != 0) { /* open an entry */ - res1 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res1 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &key_pol) : False; } else { @@ -444,14 +446,15 @@ void cmd_reg_query_key(struct client_info *info, int argc, char *argv[]) split_server_keyname(srv_name, full_keyname, argv[1]); /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, full_keyname, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*key_name) != 0) { /* open an entry */ - res1 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res1 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &key_pol) : False; } else { @@ -599,14 +602,15 @@ void cmd_reg_create_val(struct client_info *info, int argc, char *argv[]) dump_data(10, (char *)value.buffer, value.buf_len); /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, keyname, parent_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, keyname, parent_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*val_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - parent_name, 0x02000000, &parent_pol) : False; + res3 = res ? reg_open_entry(&pol_con, parent_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &parent_pol) : False; } else { @@ -679,14 +683,15 @@ void cmd_reg_delete_val(struct client_info *info, int argc, char *argv[]) } /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, keyname, parent_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, keyname, parent_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*val_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - parent_name, 0x02000000, &parent_pol) : False; + res3 = res ? reg_open_entry(&pol_con, parent_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &parent_pol) : False; } else { @@ -755,14 +760,15 @@ void cmd_reg_delete_key(struct client_info *info, int argc, char *argv[]) } /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, parent_name, key_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, parent_name, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*key_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &parent_pol) : False; + res3 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &parent_pol) : False; } else { @@ -849,14 +855,15 @@ void cmd_reg_create_key(struct client_info *info, int argc, char *argv[]) sam_access.mask = SEC_RIGHTS_READ; /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, parent_key, parent_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, parent_key, parent_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*parent_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - parent_name, 0x02000000, &parent_pol) : False; + res3 = res ? reg_open_entry(&pol_con, parent_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &parent_pol) : False; } else { @@ -930,14 +937,15 @@ void cmd_reg_test_key_sec(struct client_info *info, int argc, char *argv[]) split_server_keyname(srv_name, full_keyname, argv[1]); /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, full_keyname, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*key_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res3 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &key_pol) : False; } else { @@ -945,8 +953,8 @@ void cmd_reg_test_key_sec(struct client_info *info, int argc, char *argv[]) } /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res3 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &key_pol) : False; /* query key sec info. first call sets sec_buf_size. */ sec_buf_size = 0; @@ -1034,14 +1042,15 @@ void cmd_reg_get_key_sec(struct client_info *info, int argc, char *argv[]) split_server_keyname(srv_name, full_keyname, argv[1]); /* open registry receive a policy handle */ - res = res ? reg_connect(srv_name, full_keyname, key_name, 0x02000000, - &pol_con) : False; + res = res ? reg_connect(srv_name, full_keyname, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, &pol_con) : False; if ((*key_name) != 0) { /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res3 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &key_pol) : False; } else { @@ -1049,8 +1058,9 @@ void cmd_reg_get_key_sec(struct client_info *info, int argc, char *argv[]) } /* open an entry */ - res3 = res ? reg_open_entry(&pol_con, - key_name, 0x02000000, &key_pol) : False; + res3 = res ? reg_open_entry(&pol_con, key_name, + SEC_RIGHTS_MAXIMUM_ALLOWED, + &key_pol) : False; /* query key sec info. first call sets sec_buf_size. */ sec_buf_size = 0; diff --git a/source/rpcclient/cmd_samr.c b/source/rpcclient/cmd_samr.c index 70b55a9cad4..d93cd89be89 100644 --- a/source/rpcclient/cmd_samr.c +++ b/source/rpcclient/cmd_samr.c @@ -284,7 +284,8 @@ void cmd_sam_lookup_domain(struct client_info *info, int argc, char *argv[]) report(out_hnd, "Lookup Domain %s in SAM Server\n", domain); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_query_lookup_domain(&sam_pol, domain, @@ -343,7 +344,7 @@ void cmd_sam_lookup_names(struct client_info *info, int argc, char *argv[]) fstring srv_name; fstring domain; DOM_SID sid_dom; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL res = True, res1 = True; POLICY_HND pol_sam; POLICY_HND pol_dom; @@ -407,7 +408,8 @@ void cmd_sam_lookup_names(struct client_info *info, int argc, char *argv[]) } /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &pol_sam) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &pol_sam) : False; /* connect to the domain */ res = res ? samr_open_domain(&pol_sam, ace_perms, &sid_dom, @@ -453,7 +455,7 @@ void cmd_sam_lookup_rids(struct client_info *info, int argc, char *argv[]) fstring srv_name; fstring domain; DOM_SID sid_dom; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; BOOL res = True, res1 = True; POLICY_HND pol_sam; POLICY_HND pol_dom; @@ -527,7 +529,8 @@ void cmd_sam_lookup_rids(struct client_info *info, int argc, char *argv[]) } /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &pol_sam) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &pol_sam) : False; /* connect to the domain */ res = res ? samr_open_domain(&pol_sam, ace_perms, &sid_dom, @@ -579,7 +582,7 @@ void cmd_sam_del_aliasmem(struct client_info *info, int argc, char *argv[]) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; DOM_SID member_sid; uint32 alias_rid; POLICY_HND sam_pol; @@ -619,7 +622,8 @@ void cmd_sam_del_aliasmem(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Domain Alias Member\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -677,7 +681,7 @@ void cmd_sam_delete_dom_alias(struct client_info *info, int argc, BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 alias_rid = 0; char *names[1]; uint32 *rids; @@ -716,7 +720,8 @@ void cmd_sam_delete_dom_alias(struct client_info *info, int argc, report(out_hnd, "SAM Delete Domain Alias\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -781,7 +786,7 @@ void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[]) BOOL res2 = True; BOOL res3 = True; BOOL res4 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 alias_rid; char **names = NULL; int num_names = 0; @@ -824,8 +829,8 @@ void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Domain Alias Member\n"); /* lookup domain controller; receive a policy handle */ - res3 = res3 ? lsa_open_policy(srv_name, - &lsa_pol, True, 0x02000000) : False; + res3 = res3 ? lsa_open_policy(srv_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED) : False; /* send lsa lookup sids call */ res4 = res3 ? lsa_lookup_names(&lsa_pol, @@ -857,7 +862,8 @@ void cmd_sam_add_aliasmem(struct client_info *info, int argc, char *argv[]) } /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1195,7 +1201,8 @@ void cmd_sam_create_dom_user(struct client_info *info, int argc, char *argv[]) * local copy-of trust account out-of-sync with the * remote one, and you're stuffed! */ - res = lsa_open_policy(wks_name, &lsa_pol, True, 0x02000000); + res = lsa_open_policy(wks_name, &lsa_pol, True, + SEC_RIGHTS_MAXIMUM_ALLOWED); if (!res) { @@ -1342,7 +1349,8 @@ void cmd_sam_create_dom_alias(struct client_info *info, int argc, domain, acct_name, acct_desc); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1382,7 +1390,7 @@ void cmd_sam_del_groupmem(struct client_info *info, int argc, char *argv[]) BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 member_rid; uint32 group_rid; POLICY_HND sam_pol; @@ -1422,7 +1430,8 @@ void cmd_sam_del_groupmem(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Add Domain Group member\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1518,7 +1527,8 @@ void cmd_sam_delete_dom_user(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Delete Domain User\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x0200, &sid1, @@ -1587,7 +1597,7 @@ void cmd_sam_delete_dom_group(struct client_info *info, int argc, BOOL res = True; BOOL res1 = True; BOOL res2 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 group_rid = 0; char *names[1]; uint32 *rids; @@ -1626,7 +1636,8 @@ void cmd_sam_delete_dom_group(struct client_info *info, int argc, report(out_hnd, "SAM Delete Domain Group\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1691,7 +1702,7 @@ void cmd_sam_add_groupmem(struct client_info *info, int argc, char *argv[]) BOOL res2 = True; BOOL res3 = True; BOOL res4 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 *group_rids; uint32 *group_types; char **names = NULL; @@ -1750,7 +1761,8 @@ void cmd_sam_add_groupmem(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Add Domain Group member\n"); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res4 = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -1887,7 +1899,7 @@ void cmd_sam_create_dom_group(struct client_info *info, int argc, DOM_SID sid1; BOOL res = True; BOOL res1 = True; - uint32 ace_perms = 0x02000000; /* absolutely no idea. */ + uint32 ace_perms = SEC_RIGHTS_MAXIMUM_ALLOWED; uint32 group_rid; POLICY_HND sam_pol; POLICY_HND pol_dom; @@ -1935,7 +1947,8 @@ void cmd_sam_create_dom_group(struct client_info *info, int argc, domain, acct_name, acct_desc); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, ace_perms, &sid1, @@ -2089,7 +2102,8 @@ void cmd_sam_query_groupmem(struct client_info *info, int argc, char *argv[]) info->myhostname, srv_name, domain, sid_str); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2185,7 +2199,8 @@ void cmd_sam_query_group(struct client_info *info, int argc, char *argv[]) info->myhostname, srv_name, domain, sid_str); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2282,7 +2297,8 @@ void cmd_sam_query_sec_obj(struct client_info *info, int argc, char *argv[]) info->myhostname, srv_name, domain, sid_str); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2429,7 +2445,8 @@ void cmd_sam_query_user(struct client_info *info, int argc, char *argv[]) info->myhostname, srv_name, domain, sid_str); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -2574,11 +2591,12 @@ void cmd_sam_set_userinfo2(struct client_info *info, int argc, char *argv[]) report(out_hnd, "SAM Set User Info: %s\n", user_name); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ - res = res ? samr_open_domain(&sam_pol, 0x02000000, &sid, - &pol_dom) : False; + res = res ? samr_open_domain(&sam_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sid, &pol_dom) : False; /* look up user rid */ names[0] = user_name; @@ -2756,11 +2774,12 @@ void cmd_sam_set_userinfo(struct client_info *info, int argc, char *argv[]) report(out_hnd, "Password: %s\n", password); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ - res = res ? samr_open_domain(&sam_pol, 0x02000000, &sid, - &pol_dom) : False; + res = res ? samr_open_domain(&sam_pol, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sid, &pol_dom) : False; /* look up user rid */ names[0] = user_name; @@ -3032,7 +3051,8 @@ void cmd_sam_query_aliasmem(struct client_info *info, int argc, char *argv[]) info->myhostname, srv_name, domain, sid_str); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; @@ -3129,7 +3149,8 @@ void cmd_sam_query_alias(struct client_info *info, int argc, char *argv[]) info->myhostname, srv_name, domain, sid_str); /* establish a connection. */ - res = res ? samr_connect(srv_name, 0x02000000, &sam_pol) : False; + res = res ? samr_connect(srv_name, SEC_RIGHTS_MAXIMUM_ALLOWED, + &sam_pol) : False; /* connect to the domain */ res = res ? samr_open_domain(&sam_pol, 0x304, &sid, &pol_dom) : False; diff --git a/source/utils/rpctorture.c b/source/utils/rpctorture.c index 93f2a8def7f..6d86500ec5a 100644 --- a/source/utils/rpctorture.c +++ b/source/utils/rpctorture.c @@ -299,7 +299,8 @@ static void run_lsahandles(struct client_info *info, int argc, char *argv[]) for (i = 1; i <= numops; i++) { POLICY_HND pol; - if (!lsa_open_policy(srv_name, &pol, False, 0x02000000)) + if (!lsa_open_policy(srv_name, &pol, False, + SEC_RIGHTS_MAXIMUM_ALLOWED)) { failed++; } |