diff options
author | Jeremy Allison <jra@samba.org> | 2009-04-15 15:40:00 -0700 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2009-04-28 09:10:59 +0200 |
commit | dfa1d2b5cea954a36fe1c9d323db76e51d35f376 (patch) | |
tree | a24759ac1a0b2a392db63469e1f94d24b060ef18 /librpc | |
parent | 1bc31651748bb785d08f8d92df4d8439e42f383f (diff) | |
download | samba-dfa1d2b5cea954a36fe1c9d323db76e51d35f376.tar.gz |
Fix bug #6089 - Winbind samr_OpenDomain not possible with Samba 3.2.6+
What a difference a name makes... :-). Just because something is missnamed
SAMR_ACCESS_OPEN_DOMAIN, when it should actually be SAMR_ACCESS_LOOKUP_DOMAIN,
don't automatically use it for a security check in _samr_OpenDomain().
Jeremy.
(cherry picked from commit 1994a8a5db5c3abd6292b81aa975e7b8fe8311d0)
Diffstat (limited to 'librpc')
-rw-r--r-- | librpc/gen_ndr/ndr_samr.c | 2 | ||||
-rw-r--r-- | librpc/gen_ndr/samr.h | 4 | ||||
-rw-r--r-- | librpc/idl/samr.idl | 4 |
3 files changed, 5 insertions, 5 deletions
diff --git a/librpc/gen_ndr/ndr_samr.c b/librpc/gen_ndr/ndr_samr.c index 33c70ce1ff6..d2d345a66a3 100644 --- a/librpc/gen_ndr/ndr_samr.c +++ b/librpc/gen_ndr/ndr_samr.c @@ -122,7 +122,7 @@ _PUBLIC_ void ndr_print_samr_ConnectAccessMask(struct ndr_print *ndr, const char ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_INITIALIZE_SERVER", SAMR_ACCESS_INITIALIZE_SERVER, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_CREATE_DOMAIN", SAMR_ACCESS_CREATE_DOMAIN, r); ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_ENUM_DOMAINS", SAMR_ACCESS_ENUM_DOMAINS, r); - ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_OPEN_DOMAIN", SAMR_ACCESS_OPEN_DOMAIN, r); + ndr_print_bitmap_flag(ndr, sizeof(uint32_t), "SAMR_ACCESS_LOOKUP_DOMAIN", SAMR_ACCESS_LOOKUP_DOMAIN, r); ndr->depth--; } diff --git a/librpc/gen_ndr/samr.h b/librpc/gen_ndr/samr.h index 044756469e9..16c6605789e 100644 --- a/librpc/gen_ndr/samr.h +++ b/librpc/gen_ndr/samr.h @@ -14,7 +14,7 @@ #define GENERIC_RIGHTS_SAM_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_ACCESS_ALL_ACCESS) ) #define GENERIC_RIGHTS_SAM_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_ACCESS_ENUM_DOMAINS) ) #define GENERIC_RIGHTS_SAM_WRITE ( (STANDARD_RIGHTS_WRITE_ACCESS|SAMR_ACCESS_CREATE_DOMAIN|SAMR_ACCESS_INITIALIZE_SERVER|SAMR_ACCESS_SHUTDOWN_SERVER) ) -#define GENERIC_RIGHTS_SAM_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ACCESS_OPEN_DOMAIN|SAMR_ACCESS_CONNECT_TO_SERVER) ) +#define GENERIC_RIGHTS_SAM_EXECUTE ( (STANDARD_RIGHTS_EXECUTE_ACCESS|SAMR_ACCESS_LOOKUP_DOMAIN|SAMR_ACCESS_CONNECT_TO_SERVER) ) #define SAMR_USER_ACCESS_ALL_ACCESS ( 0x000007FF ) #define GENERIC_RIGHTS_USER_ALL_ACCESS ( (STANDARD_RIGHTS_REQUIRED_ACCESS|SAMR_USER_ACCESS_ALL_ACCESS) ) #define GENERIC_RIGHTS_USER_READ ( (STANDARD_RIGHTS_READ_ACCESS|SAMR_USER_ACCESS_GET_GROUP_MEMBERSHIP|SAMR_USER_ACCESS_GET_GROUPS|SAMR_USER_ACCESS_GET_ATTRIBUTES|SAMR_USER_ACCESS_GET_LOGONINFO|SAMR_USER_ACCESS_GET_LOCALE) ) @@ -97,7 +97,7 @@ enum samr_RejectReason #define SAMR_ACCESS_INITIALIZE_SERVER ( 0x00000004 ) #define SAMR_ACCESS_CREATE_DOMAIN ( 0x00000008 ) #define SAMR_ACCESS_ENUM_DOMAINS ( 0x00000010 ) -#define SAMR_ACCESS_OPEN_DOMAIN ( 0x00000020 ) +#define SAMR_ACCESS_LOOKUP_DOMAIN ( 0x00000020 ) /* bitmap samr_UserAccessMask */ #define SAMR_USER_ACCESS_GET_NAME_ETC ( 0x00000001 ) diff --git a/librpc/idl/samr.idl b/librpc/idl/samr.idl index 7d5d877bb1f..bcd8ca066cd 100644 --- a/librpc/idl/samr.idl +++ b/librpc/idl/samr.idl @@ -64,7 +64,7 @@ import "misc.idl", "lsa.idl", "security.idl"; SAMR_ACCESS_INITIALIZE_SERVER = 0x00000004, SAMR_ACCESS_CREATE_DOMAIN = 0x00000008, SAMR_ACCESS_ENUM_DOMAINS = 0x00000010, - SAMR_ACCESS_OPEN_DOMAIN = 0x00000020 + SAMR_ACCESS_LOOKUP_DOMAIN = 0x00000020 } samr_ConnectAccessMask; const int SAMR_ACCESS_ALL_ACCESS = 0x0000003F; @@ -85,7 +85,7 @@ import "misc.idl", "lsa.idl", "security.idl"; const int GENERIC_RIGHTS_SAM_EXECUTE = (STANDARD_RIGHTS_EXECUTE_ACCESS | - SAMR_ACCESS_OPEN_DOMAIN | + SAMR_ACCESS_LOOKUP_DOMAIN | SAMR_ACCESS_CONNECT_TO_SERVER); /* User Object specific access rights */ |