From daba205670cab8742c81f969e83c48eb059b8b0e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnther=20Deschner?= Date: Thu, 1 Jul 2010 13:58:56 +0200 Subject: [PATCH] s3-printing: Fix Bug #7541, %D in "printer admin" causing smbd crash. Guenther --- source3/printing/nt_printing.c | 4 +++- source3/rpc_server/srv_spoolss_nt.c | 22 +++++++++++++++------- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 200a51a..f97b746 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -5727,7 +5727,9 @@ bool print_access_check(struct auth_serversupplied_info *server_info, int snum, if (!NT_STATUS_IS_OK(status) && (token_contains_name_in_list(uidtoname(server_info->utok.uid), - NULL, NULL, server_info->ptok, + pdb_get_domain(server_info->sam_account), + NULL, + server_info->ptok, lp_printer_admin(snum)))) { talloc_destroy(mem_ctx); return True; diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 66538bc..4b5385b 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -1645,7 +1645,8 @@ WERROR _spoolss_OpenPrinterEx(pipes_struct *p, &se_printop ) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), - NULL, NULL, + pdb_get_domain(p->server_info->sam_account), + NULL, p->server_info->ptok, lp_printer_admin(snum))) { close_printer_handle(p, r->out.handle); @@ -1941,8 +1942,10 @@ WERROR _spoolss_DeletePrinterDriver(pipes_struct *p, if ( (p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop ) && !token_contains_name_in_list( - uidtoname(p->server_info->utok.uid), NULL, - NULL, p->server_info->ptok, + uidtoname(p->server_info->utok.uid), + pdb_get_domain(p->server_info->sam_account), + NULL, + p->server_info->ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -2040,7 +2043,9 @@ WERROR _spoolss_DeletePrinterDriverEx(pipes_struct *p, if ( (p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop ) && !token_contains_name_in_list( - uidtoname(p->server_info->utok.uid), NULL, NULL, + uidtoname(p->server_info->utok.uid), + pdb_get_domain(p->server_info->sam_account), + NULL, p->server_info->ptok, lp_printer_admin(-1)) ) { return WERR_ACCESS_DENIED; @@ -7845,7 +7850,8 @@ WERROR _spoolss_AddForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + pdb_get_domain(p->server_info->sam_account), + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_Addform: denied by insufficient permissions.\n")); @@ -7926,7 +7932,8 @@ WERROR _spoolss_DeleteForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + pdb_get_domain(p->server_info->sam_account), + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_DeleteForm: denied by insufficient permissions.\n")); @@ -8009,7 +8016,8 @@ WERROR _spoolss_SetForm(pipes_struct *p, if ((p->server_info->utok.uid != sec_initial_uid()) && !user_has_privileges(p->server_info->ptok, &se_printop) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), - NULL, NULL, + pdb_get_domain(p->server_info->sam_account), + NULL, p->server_info->ptok, lp_printer_admin(snum))) { DEBUG(2,("_spoolss_Setform: denied by insufficient permissions.\n")); -- 1.6.6.1