s3-rpc_client: add winreg_set_printserver_secdesc.

Guenther Signed-off-by: Guenther Deschner <gd@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
author: Günther Deschner <gd@samba.org> 2016-09-10 00:07:23 +0200
committer: Günther Deschner <gd@samba.org> 2016-09-22 12:29:27 +0200
commit: 23a3abfe0097f782b2cba134db2ead2c5b47237e (patch)
tree: 71ba682cbeaf9f9d314a93093051961e3a254711 /source3/rpc_client
parent: 302cb086a671dfe97d749c4672aecfe61238f350 (diff)
download: samba-23a3abfe0097f782b2cba134db2ead2c5b47237e.tar.gz
2 files changed, 59 insertions, 16 deletions
diff --git a/source3/rpc_client/cli_winreg_spoolss.c b/source3/rpc_client/cli_winreg_spoolss.c
index cbb22a3e2ed..f2a91e8cad9 100644
--- a/source3/rpc_client/cli_winreg_spoolss.c
+++ b/source3/rpc_client/cli_winreg_spoolss.c
@@ -1794,16 +1794,16 @@ WERROR winreg_get_printserver_secdesc(TALLOC_CTX *mem_ctx,
 				  psecdesc);
 }
 
-WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
-				  struct dcerpc_binding_handle *winreg_handle,
-				  const char *sharename,
-				  const struct spoolss_security_descriptor *secdesc)
+static WERROR winreg_set_secdesc(TALLOC_CTX *mem_ctx,
+				 struct dcerpc_binding_handle *winreg_handle,
+				 const char *path,
+				 const char *attribute,
+				 const struct spoolss_security_descriptor *secdesc)
 {
 	const struct spoolss_security_descriptor *new_secdesc = secdesc;
 	struct spoolss_security_descriptor *old_secdesc;
 	uint32_t access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
 	struct policy_handle hive_hnd, key_hnd;
-	const char *path;
 	TALLOC_CTX *tmp_ctx;
 	NTSTATUS status;
 	WERROR result;
@@ -1814,12 +1814,6 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
 		return WERR_NOMEM;
 	}
 
-	path = winreg_printer_data_keyname(tmp_ctx, sharename);
-	if (path == NULL) {
-		talloc_free(tmp_ctx);
-		return WERR_NOMEM;
-	}
-
 	/*
 	 * The old owner and group sids of the security descriptor are not
 	 * present when new ACEs are added or removed by changing printer
@@ -1831,10 +1825,11 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
 		struct security_acl *dacl, *sacl;
 		size_t size;
 
-		result = winreg_get_printer_secdesc(tmp_ctx,
-						    winreg_handle,
-						    sharename,
-						    &old_secdesc);
+		result = winreg_get_secdesc(tmp_ctx,
+					    winreg_handle,
+					    path,
+					    attribute,
+					    &old_secdesc);
 		if (!W_ERROR_IS_OK(result)) {
 			talloc_free(tmp_ctx);
 			return result;
@@ -1890,7 +1885,7 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
 	status = dcerpc_winreg_set_sd(tmp_ctx,
 				      winreg_handle,
 				      &key_hnd,
-				      "Security",
+				      attribute,
 				      new_secdesc,
 				      &result);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -1909,6 +1904,37 @@ done:
 	return result;
 }
 
+WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
+				  struct dcerpc_binding_handle *winreg_handle,
+				  const char *sharename,
+				  const struct spoolss_security_descriptor *secdesc)
+{
+	char *path;
+	WERROR result;
+
+	path = winreg_printer_data_keyname(mem_ctx, sharename);
+	if (path == NULL) {
+		return WERR_NOMEM;
+	}
+
+	result = winreg_set_secdesc(mem_ctx, winreg_handle,
+				    path,
+				    "Security", secdesc);
+	talloc_free(path);
+
+	return result;
+}
+
+WERROR winreg_set_printserver_secdesc(TALLOC_CTX *mem_ctx,
+				      struct dcerpc_binding_handle *winreg_handle,
+				      const struct spoolss_security_descriptor *secdesc)
+{
+	return winreg_set_secdesc(mem_ctx, winreg_handle,
+				  TOP_LEVEL_CONTROL_KEY,
+				  "ServerSecurityDescriptor",
+				  secdesc);
+}
+
 /* Set printer data over the winreg pipe. */
 WERROR winreg_set_printer_dataex(TALLOC_CTX *mem_ctx,
 				 struct dcerpc_binding_handle *winreg_handle,
diff --git a/source3/rpc_client/cli_winreg_spoolss.h b/source3/rpc_client/cli_winreg_spoolss.h
index 279e585855a..4fcb64e55fd 100644
--- a/source3/rpc_client/cli_winreg_spoolss.h
+++ b/source3/rpc_client/cli_winreg_spoolss.h
@@ -182,6 +182,23 @@ WERROR winreg_set_printer_secdesc(TALLOC_CTX *mem_ctx,
 				  const struct spoolss_security_descriptor *secdesc);
 
 /**
+ * @brief Set the security descriptor for a printserver.
+ *
+ * @param[in]  mem_ctx  The talloc memory context to use.
+ *
+ * @param[in]  b The dcerpc binding handle
+ *
+ * @param[in]  secdesc  The security descriptor to save.
+ *
+ * @return              On success WERR_OK, a corresponding DOS error is
+ *                      something went wrong.
+ */
+WERROR winreg_set_printserver_secdesc(TALLOC_CTX *mem_ctx,
+				      struct dcerpc_binding_handle *b,
+				      const struct spoolss_security_descriptor *secdesc);
+
+
+/**
  * @internal
  *
  * @brief Set printer data over the winreg pipe.
author	Günther Deschner <gd@samba.org>	2016-09-10 00:07:23 +0200
committer	Günther Deschner <gd@samba.org>	2016-09-22 12:29:27 +0200
commit	23a3abfe0097f782b2cba134db2ead2c5b47237e (patch)
tree	71ba682cbeaf9f9d314a93093051961e3a254711 /source3/rpc_client
parent	302cb086a671dfe97d749c4672aecfe61238f350 (diff)
download	samba-23a3abfe0097f782b2cba134db2ead2c5b47237e.tar.gz