search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-proto: move remaining spoolss protos to own header file.
[Samba.git] / source3 / printing / nt_printing.c
blobd74003a7084c13924368271412b96ac20b0af776
1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Andrew Tridgell 1992-2000,
5 * Copyright (C) Jean François Micouleau 1998-2000.
6 * Copyright (C) Gerald Carter 2002-2005.
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "printing/pcap.h"
24 #include "printing/nt_printing_tdb.h"
25 #include "printing/nt_printing_migrate.h"
26 #include "registry.h"
27 #include "registry/reg_objects.h"
28 #include "../librpc/gen_ndr/ndr_security.h"
29 #include "../librpc/gen_ndr/ndr_spoolss.h"
30 #include "rpc_server/spoolss/srv_spoolss_util.h"
31 #include "nt_printing.h"
32 #include "secrets.h"
33 #include "../librpc/gen_ndr/netlogon.h"
34 #include "../libcli/security/security.h"
35 #include "passdb/machine_sid.h"
36 #include "smbd/smbd.h"
37 #include "auth.h"
38 #include "messages.h"
39 #include "ntdomain.h"
40 #include "rpc_server/spoolss/srv_spoolss_nt.h"
41
42 /* Map generic permissions to printer object specific permissions */
43
44 const struct generic_mapping printer_generic_mapping = {
45 PRINTER_READ,
46 PRINTER_WRITE,
47 PRINTER_EXECUTE,
48 PRINTER_ALL_ACCESS
49 };
50
51 /* Map generic permissions to print server object specific permissions */
52
53 const struct generic_mapping printserver_generic_mapping = {
54 SERVER_READ,
55 SERVER_WRITE,
56 SERVER_EXECUTE,
57 SERVER_ALL_ACCESS
58 };
59
60 /* Map generic permissions to job object specific permissions */
61
62 const struct generic_mapping job_generic_mapping = {
63 JOB_READ,
64 JOB_WRITE,
65 JOB_EXECUTE,
66 JOB_ALL_ACCESS
67 };
68
69 static const struct print_architecture_table_node archi_table[]= {
70
71 {"Windows 4.0", SPL_ARCH_WIN40, 0 },
72 {"Windows NT x86", SPL_ARCH_W32X86, 2 },
73 {"Windows NT R4000", SPL_ARCH_W32MIPS, 2 },
74 {"Windows NT Alpha_AXP", SPL_ARCH_W32ALPHA, 2 },
75 {"Windows NT PowerPC", SPL_ARCH_W32PPC, 2 },
76 {"Windows IA64", SPL_ARCH_IA64, 3 },
77 {"Windows x64", SPL_ARCH_X64, 3 },
78 {NULL, "", -1 }
79 };
80
81 /****************************************************************************
82 Open the NT printing tdbs. Done once before fork().
83 ****************************************************************************/
84
85 bool nt_printing_init(struct messaging_context *msg_ctx)
86 {
87 WERROR win_rc;
88
89 if (!nt_printing_tdb_upgrade()) {
90 return false;
91 }
92
93 /*
94 * register callback to handle updating printers as new
95 * drivers are installed
96 */
97 messaging_register(msg_ctx, NULL, MSG_PRINTER_DRVUPGRADE,
98 do_drv_upgrade_printer);
99
100 /* of course, none of the message callbacks matter if you don't
101 tell messages.c that you interested in receiving PRINT_GENERAL
102 msgs. This is done in serverid_register() */
103
104 if ( lp_security() == SEC_ADS ) {
105 win_rc = check_published_printers(msg_ctx);
106 if (!W_ERROR_IS_OK(win_rc))
107 DEBUG(0, ("nt_printing_init: error checking published printers: %s\n", win_errstr(win_rc)));
108 }
109
110 return true;
111 }
112
113 /*******************************************************************
114 Function to allow filename parsing "the old way".
115 ********************************************************************/
116
117 static NTSTATUS driver_unix_convert(connection_struct *conn,
118 const char *old_name,
119 struct smb_filename **smb_fname)
120 {
121 NTSTATUS status;
122 TALLOC_CTX *ctx = talloc_tos();
123 char *name = talloc_strdup(ctx, old_name);
124
125 if (!name) {
126 return NT_STATUS_NO_MEMORY;
127 }
128 unix_format(name);
129 name = unix_clean_name(ctx, name);
130 if (!name) {
131 return NT_STATUS_NO_MEMORY;
132 }
133 trim_string(name,"/","/");
134
135 status = unix_convert(ctx, conn, name, smb_fname, 0);
136 if (!NT_STATUS_IS_OK(status)) {
137 return NT_STATUS_NO_MEMORY;
138 }
139
140 return NT_STATUS_OK;
141 }
142
143 /****************************************************************************
144 Function to do the mapping between the long architecture name and
145 the short one.
146 ****************************************************************************/
147
148 const char *get_short_archi(const char *long_archi)
149 {
150 int i=-1;
151
152 DEBUG(107,("Getting architecture dependent directory\n"));
153 do {
154 i++;
155 } while ( (archi_table[i].long_archi!=NULL ) &&
156 StrCaseCmp(long_archi, archi_table[i].long_archi) );
157
158 if (archi_table[i].long_archi==NULL) {
159 DEBUGADD(10,("Unknown architecture [%s] !\n", long_archi));
160 return NULL;
161 }
162
163 /* this might be client code - but shouldn't this be an fstrcpy etc? */
164
165 DEBUGADD(108,("index: [%d]\n", i));
166 DEBUGADD(108,("long architecture: [%s]\n", archi_table[i].long_archi));
167 DEBUGADD(108,("short architecture: [%s]\n", archi_table[i].short_archi));
168
169 return archi_table[i].short_archi;
170 }
171
172 /****************************************************************************
173 Version information in Microsoft files is held in a VS_VERSION_INFO structure.
174 There are two case to be covered here: PE (Portable Executable) and NE (New
175 Executable) files. Both files support the same INFO structure, but PE files
176 store the signature in unicode, and NE files store it as !unicode.
177 returns -1 on error, 1 on version info found, and 0 on no version info found.
178 ****************************************************************************/
179
180 static int get_file_version(files_struct *fsp, char *fname,uint32 *major, uint32 *minor)
181 {
182 int i;
183 char *buf = NULL;
184 ssize_t byte_count;
185
186 if ((buf=(char *)SMB_MALLOC(DOS_HEADER_SIZE)) == NULL) {
187 DEBUG(0,("get_file_version: PE file [%s] DOS Header malloc failed bytes = %d\n",
188 fname, DOS_HEADER_SIZE));
189 goto error_exit;
190 }
191
192 if ((byte_count = vfs_read_data(fsp, buf, DOS_HEADER_SIZE)) < DOS_HEADER_SIZE) {
193 DEBUG(3,("get_file_version: File [%s] DOS header too short, bytes read = %lu\n",
194 fname, (unsigned long)byte_count));
195 goto no_version_info;
196 }
197
198 /* Is this really a DOS header? */
199 if (SVAL(buf,DOS_HEADER_MAGIC_OFFSET) != DOS_HEADER_MAGIC) {
200 DEBUG(6,("get_file_version: File [%s] bad DOS magic = 0x%x\n",
201 fname, SVAL(buf,DOS_HEADER_MAGIC_OFFSET)));
202 goto no_version_info;
203 }
204
205 /* Skip OEM header (if any) and the DOS stub to start of Windows header */
206 if (SMB_VFS_LSEEK(fsp, SVAL(buf,DOS_HEADER_LFANEW_OFFSET), SEEK_SET) == (SMB_OFF_T)-1) {
207 DEBUG(3,("get_file_version: File [%s] too short, errno = %d\n",
208 fname, errno));
209 /* Assume this isn't an error... the file just looks sort of like a PE/NE file */
210 goto no_version_info;
211 }
212
213 /* Note: DOS_HEADER_SIZE and NE_HEADER_SIZE are incidentally same */
214 if ((byte_count = vfs_read_data(fsp, buf, NE_HEADER_SIZE)) < NE_HEADER_SIZE) {
215 DEBUG(3,("get_file_version: File [%s] Windows header too short, bytes read = %lu\n",
216 fname, (unsigned long)byte_count));
217 /* Assume this isn't an error... the file just looks sort of like a PE/NE file */
218 goto no_version_info;
219 }
220
221 /* The header may be a PE (Portable Executable) or an NE (New Executable) */
222 if (IVAL(buf,PE_HEADER_SIGNATURE_OFFSET) == PE_HEADER_SIGNATURE) {
223 unsigned int num_sections;
224 unsigned int section_table_bytes;
225
226 /* Just skip over optional header to get to section table */
227 if (SMB_VFS_LSEEK(fsp,
228 SVAL(buf,PE_HEADER_OPTIONAL_HEADER_SIZE)-(NE_HEADER_SIZE-PE_HEADER_SIZE),
229 SEEK_CUR) == (SMB_OFF_T)-1) {
230 DEBUG(3,("get_file_version: File [%s] Windows optional header too short, errno = %d\n",
231 fname, errno));
232 goto error_exit;
233 }
234
235 /* get the section table */
236 num_sections = SVAL(buf,PE_HEADER_NUMBER_OF_SECTIONS);
237 section_table_bytes = num_sections * PE_HEADER_SECT_HEADER_SIZE;
238 if (section_table_bytes == 0)
239 goto error_exit;
240
241 SAFE_FREE(buf);
242 if ((buf=(char *)SMB_MALLOC(section_table_bytes)) == NULL) {
243 DEBUG(0,("get_file_version: PE file [%s] section table malloc failed bytes = %d\n",
244 fname, section_table_bytes));
245 goto error_exit;
246 }
247
248 if ((byte_count = vfs_read_data(fsp, buf, section_table_bytes)) < section_table_bytes) {
249 DEBUG(3,("get_file_version: PE file [%s] Section header too short, bytes read = %lu\n",
250 fname, (unsigned long)byte_count));
251 goto error_exit;
252 }
253
254 /* Iterate the section table looking for the resource section ".rsrc" */
255 for (i = 0; i < num_sections; i++) {
256 int sec_offset = i * PE_HEADER_SECT_HEADER_SIZE;
257
258 if (strcmp(".rsrc", &buf[sec_offset+PE_HEADER_SECT_NAME_OFFSET]) == 0) {
259 unsigned int section_pos = IVAL(buf,sec_offset+PE_HEADER_SECT_PTR_DATA_OFFSET);
260 unsigned int section_bytes = IVAL(buf,sec_offset+PE_HEADER_SECT_SIZE_DATA_OFFSET);
261
262 if (section_bytes == 0)
263 goto error_exit;
264
265 SAFE_FREE(buf);
266 if ((buf=(char *)SMB_MALLOC(section_bytes)) == NULL) {
267 DEBUG(0,("get_file_version: PE file [%s] version malloc failed bytes = %d\n",
268 fname, section_bytes));
269 goto error_exit;
270 }
271
272 /* Seek to the start of the .rsrc section info */
273 if (SMB_VFS_LSEEK(fsp, section_pos, SEEK_SET) == (SMB_OFF_T)-1) {
274 DEBUG(3,("get_file_version: PE file [%s] too short for section info, errno = %d\n",
275 fname, errno));
276 goto error_exit;
277 }
278
279 if ((byte_count = vfs_read_data(fsp, buf, section_bytes)) < section_bytes) {
280 DEBUG(3,("get_file_version: PE file [%s] .rsrc section too short, bytes read = %lu\n",
281 fname, (unsigned long)byte_count));
282 goto error_exit;
283 }
284
285 if (section_bytes < VS_VERSION_INFO_UNICODE_SIZE)
286 goto error_exit;
287
288 for (i=0; i<section_bytes-VS_VERSION_INFO_UNICODE_SIZE; i++) {
289 /* Scan for 1st 3 unicoded bytes followed by word aligned magic value */
290 if (buf[i] == 'V' && buf[i+1] == '\0' && buf[i+2] == 'S') {
291 /* Align to next long address */
292 int pos = (i + sizeof(VS_SIGNATURE)*2 + 3) & 0xfffffffc;
293
294 if (IVAL(buf,pos) == VS_MAGIC_VALUE) {
295 *major = IVAL(buf,pos+VS_MAJOR_OFFSET);
296 *minor = IVAL(buf,pos+VS_MINOR_OFFSET);
297
298 DEBUG(6,("get_file_version: PE file [%s] Version = %08x:%08x (%d.%d.%d.%d)\n",
299 fname, *major, *minor,
300 (*major>>16)&0xffff, *major&0xffff,
301 (*minor>>16)&0xffff, *minor&0xffff));
302 SAFE_FREE(buf);
303 return 1;
304 }
305 }
306 }
307 }
308 }
309
310 /* Version info not found, fall back to origin date/time */
311 DEBUG(10,("get_file_version: PE file [%s] has no version info\n", fname));
312 SAFE_FREE(buf);
313 return 0;
314
315 } else if (SVAL(buf,NE_HEADER_SIGNATURE_OFFSET) == NE_HEADER_SIGNATURE) {
316 if (CVAL(buf,NE_HEADER_TARGET_OS_OFFSET) != NE_HEADER_TARGOS_WIN ) {
317 DEBUG(3,("get_file_version: NE file [%s] wrong target OS = 0x%x\n",
318 fname, CVAL(buf,NE_HEADER_TARGET_OS_OFFSET)));
319 /* At this point, we assume the file is in error. It still could be somthing
320 * else besides a NE file, but it unlikely at this point. */
321 goto error_exit;
322 }
323
324 /* Allocate a bit more space to speed up things */
325 SAFE_FREE(buf);
326 if ((buf=(char *)SMB_MALLOC(VS_NE_BUF_SIZE)) == NULL) {
327 DEBUG(0,("get_file_version: NE file [%s] malloc failed bytes = %d\n",
328 fname, PE_HEADER_SIZE));
329 goto error_exit;
330 }
331
332 /* This is a HACK! I got tired of trying to sort through the messy
333 * 'NE' file format. If anyone wants to clean this up please have at
334 * it, but this works. 'NE' files will eventually fade away. JRR */
335 while((byte_count = vfs_read_data(fsp, buf, VS_NE_BUF_SIZE)) > 0) {
336 /* Cover case that should not occur in a well formed 'NE' .dll file */
337 if (byte_count-VS_VERSION_INFO_SIZE <= 0) break;
338
339 for(i=0; i<byte_count; i++) {
340 /* Fast skip past data that can't possibly match */
341 if (buf[i] != 'V') continue;
342
343 /* Potential match data crosses buf boundry, move it to beginning
344 * of buf, and fill the buf with as much as it will hold. */
345 if (i>byte_count-VS_VERSION_INFO_SIZE) {
346 int bc;
347
348 memcpy(buf, &buf[i], byte_count-i);
349 if ((bc = vfs_read_data(fsp, &buf[byte_count-i], VS_NE_BUF_SIZE-
350 (byte_count-i))) < 0) {
351
352 DEBUG(0,("get_file_version: NE file [%s] Read error, errno=%d\n",
353 fname, errno));
354 goto error_exit;
355 }
356
357 byte_count = bc + (byte_count - i);
358 if (byte_count<VS_VERSION_INFO_SIZE) break;
359
360 i = 0;
361 }
362
363 /* Check that the full signature string and the magic number that
364 * follows exist (not a perfect solution, but the chances that this
365 * occurs in code is, well, remote. Yes I know I'm comparing the 'V'
366 * twice, as it is simpler to read the code. */
367 if (strcmp(&buf[i], VS_SIGNATURE) == 0) {
368 /* Compute skip alignment to next long address */
369 int skip = -(SMB_VFS_LSEEK(fsp, 0, SEEK_CUR) - (byte_count - i) +
370 sizeof(VS_SIGNATURE)) & 3;
371 if (IVAL(buf,i+sizeof(VS_SIGNATURE)+skip) != 0xfeef04bd) continue;
372
373 *major = IVAL(buf,i+sizeof(VS_SIGNATURE)+skip+VS_MAJOR_OFFSET);
374 *minor = IVAL(buf,i+sizeof(VS_SIGNATURE)+skip+VS_MINOR_OFFSET);
375 DEBUG(6,("get_file_version: NE file [%s] Version = %08x:%08x (%d.%d.%d.%d)\n",
376 fname, *major, *minor,
377 (*major>>16)&0xffff, *major&0xffff,
378 (*minor>>16)&0xffff, *minor&0xffff));
379 SAFE_FREE(buf);
380 return 1;
381 }
382 }
383 }
384
385 /* Version info not found, fall back to origin date/time */
386 DEBUG(0,("get_file_version: NE file [%s] Version info not found\n", fname));
387 SAFE_FREE(buf);
388 return 0;
389
390 } else
391 /* Assume this isn't an error... the file just looks sort of like a PE/NE file */
392 DEBUG(3,("get_file_version: File [%s] unknown file format, signature = 0x%x\n",
393 fname, IVAL(buf,PE_HEADER_SIGNATURE_OFFSET)));
394
395 no_version_info:
396 SAFE_FREE(buf);
397 return 0;
398
399 error_exit:
400 SAFE_FREE(buf);
401 return -1;
402 }
403
404 /****************************************************************************
405 Drivers for Microsoft systems contain multiple files. Often, multiple drivers
406 share one or more files. During the MS installation process files are checked
407 to insure that only a newer version of a shared file is installed over an
408 older version. There are several possibilities for this comparison. If there
409 is no previous version, the new one is newer (obviously). If either file is
410 missing the version info structure, compare the creation date (on Unix use
411 the modification date). Otherwise chose the numerically larger version number.
412 ****************************************************************************/
413
414 static int file_version_is_newer(connection_struct *conn, fstring new_file, fstring old_file)
415 {
416 bool use_version = true;
417
418 uint32 new_major;
419 uint32 new_minor;
420 time_t new_create_time;
421
422 uint32 old_major;
423 uint32 old_minor;
424 time_t old_create_time;
425
426 struct smb_filename *smb_fname = NULL;
427 files_struct *fsp = NULL;
428 SMB_STRUCT_STAT st;
429
430 NTSTATUS status;
431 int ret;
432
433 SET_STAT_INVALID(st);
434 new_create_time = (time_t)0;
435 old_create_time = (time_t)0;
436
437 /* Get file version info (if available) for previous file (if it exists) */
438 status = driver_unix_convert(conn, old_file, &smb_fname);
439 if (!NT_STATUS_IS_OK(status)) {
440 goto error_exit;
441 }
442
443 status = SMB_VFS_CREATE_FILE(
444 conn, /* conn */
445 NULL, /* req */
446 0, /* root_dir_fid */
447 smb_fname, /* fname */
448 FILE_GENERIC_READ, /* access_mask */
449 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
450 FILE_OPEN, /* create_disposition*/
451 0, /* create_options */
452 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
453 INTERNAL_OPEN_ONLY, /* oplock_request */
454 0, /* allocation_size */
455 0, /* private_flags */
456 NULL, /* sd */
457 NULL, /* ea_list */
458 &fsp, /* result */
459 NULL); /* pinfo */
460
461 if (!NT_STATUS_IS_OK(status)) {
462 /* Old file not found, so by definition new file is in fact newer */
463 DEBUG(10,("file_version_is_newer: Can't open old file [%s], "
464 "errno = %d\n", smb_fname_str_dbg(smb_fname),
465 errno));
466 ret = 1;
467 goto done;
468
469 } else {
470 ret = get_file_version(fsp, old_file, &old_major, &old_minor);
471 if (ret == -1) {
472 goto error_exit;
473 }
474
475 if (!ret) {
476 DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n",
477 old_file));
478 use_version = false;
479 if (SMB_VFS_FSTAT(fsp, &st) == -1) {
480 goto error_exit;
481 }
482 old_create_time = convert_timespec_to_time_t(st.st_ex_mtime);
483 DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n",
484 (long)old_create_time));
485 }
486 }
487 close_file(NULL, fsp, NORMAL_CLOSE);
488 fsp = NULL;
489
490 /* Get file version info (if available) for new file */
491 status = driver_unix_convert(conn, new_file, &smb_fname);
492 if (!NT_STATUS_IS_OK(status)) {
493 goto error_exit;
494 }
495
496 status = SMB_VFS_CREATE_FILE(
497 conn, /* conn */
498 NULL, /* req */
499 0, /* root_dir_fid */
500 smb_fname, /* fname */
501 FILE_GENERIC_READ, /* access_mask */
502 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
503 FILE_OPEN, /* create_disposition*/
504 0, /* create_options */
505 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
506 INTERNAL_OPEN_ONLY, /* oplock_request */
507 0, /* allocation_size */
508 0, /* private_flags */
509 NULL, /* sd */
510 NULL, /* ea_list */
511 &fsp, /* result */
512 NULL); /* pinfo */
513
514 if (!NT_STATUS_IS_OK(status)) {
515 /* New file not found, this shouldn't occur if the caller did its job */
516 DEBUG(3,("file_version_is_newer: Can't open new file [%s], "
517 "errno = %d\n", smb_fname_str_dbg(smb_fname), errno));
518 goto error_exit;
519
520 } else {
521 ret = get_file_version(fsp, new_file, &new_major, &new_minor);
522 if (ret == -1) {
523 goto error_exit;
524 }
525
526 if (!ret) {
527 DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n",
528 new_file));
529 use_version = false;
530 if (SMB_VFS_FSTAT(fsp, &st) == -1) {
531 goto error_exit;
532 }
533 new_create_time = convert_timespec_to_time_t(st.st_ex_mtime);
534 DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n",
535 (long)new_create_time));
536 }
537 }
538 close_file(NULL, fsp, NORMAL_CLOSE);
539 fsp = NULL;
540
541 if (use_version && (new_major != old_major || new_minor != old_minor)) {
542 /* Compare versions and choose the larger version number */
543 if (new_major > old_major ||
544 (new_major == old_major && new_minor > old_minor)) {
545
546 DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file));
547 ret = 1;
548 goto done;
549 }
550 else {
551 DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file));
552 ret = 0;
553 goto done;
554 }
555
556 } else {
557 /* Compare modification time/dates and choose the newest time/date */
558 if (new_create_time > old_create_time) {
559 DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file));
560 ret = 1;
561 goto done;
562 }
563 else {
564 DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file));
565 ret = 0;
566 goto done;
567 }
568 }
569
570 error_exit:
571 if(fsp)
572 close_file(NULL, fsp, NORMAL_CLOSE);
573 ret = -1;
574 done:
575 TALLOC_FREE(smb_fname);
576 return ret;
577 }
578
579 /****************************************************************************
580 Determine the correct cVersion associated with an architecture and driver
581 ****************************************************************************/
582 static uint32 get_correct_cversion(struct pipes_struct *p,
583 const char *architecture,
584 const char *driverpath_in,
585 WERROR *perr)
586 {
587 int cversion = -1;
588 NTSTATUS nt_status;
589 struct smb_filename *smb_fname = NULL;
590 char *driverpath = NULL;
591 files_struct *fsp = NULL;
592 connection_struct *conn = NULL;
593 char *oldcwd;
594 char *printdollar = NULL;
595 int printdollar_snum;
596
597 *perr = WERR_INVALID_PARAM;
598
599 /* If architecture is Windows 95/98/ME, the version is always 0. */
600 if (strcmp(architecture, SPL_ARCH_WIN40) == 0) {
601 DEBUG(10,("get_correct_cversion: Driver is Win9x, cversion = 0\n"));
602 *perr = WERR_OK;
603 return 0;
604 }
605
606 /* If architecture is Windows x64, the version is always 3. */
607 if (strcmp(architecture, SPL_ARCH_X64) == 0) {
608 DEBUG(10,("get_correct_cversion: Driver is x64, cversion = 3\n"));
609 *perr = WERR_OK;
610 return 3;
611 }
612
613 printdollar_snum = find_service(talloc_tos(), "print$", &printdollar);
614 if (!printdollar) {
615 *perr = WERR_NOMEM;
616 return -1;
617 }
618 if (printdollar_snum == -1) {
619 *perr = WERR_NO_SUCH_SHARE;
620 return -1;
621 }
622
623 nt_status = create_conn_struct(talloc_tos(), &conn, printdollar_snum,
624 lp_pathname(printdollar_snum),
625 p->session_info, &oldcwd);
626 if (!NT_STATUS_IS_OK(nt_status)) {
627 DEBUG(0,("get_correct_cversion: create_conn_struct "
628 "returned %s\n", nt_errstr(nt_status)));
629 *perr = ntstatus_to_werror(nt_status);
630 return -1;
631 }
632
633 nt_status = set_conn_force_user_group(conn, printdollar_snum);
634 if (!NT_STATUS_IS_OK(nt_status)) {
635 DEBUG(0, ("failed set force user / group\n"));
636 *perr = ntstatus_to_werror(nt_status);
637 goto error_free_conn;
638 }
639
640 if (!become_user_by_session(conn, p->session_info)) {
641 DEBUG(0, ("failed to become user\n"));
642 *perr = WERR_ACCESS_DENIED;
643 goto error_free_conn;
644 }
645
646 /* Open the driver file (Portable Executable format) and determine the
647 * deriver the cversion. */
648 driverpath = talloc_asprintf(talloc_tos(),
649 "%s/%s",
650 architecture,
651 driverpath_in);
652 if (!driverpath) {
653 *perr = WERR_NOMEM;
654 goto error_exit;
655 }
656
657 nt_status = driver_unix_convert(conn, driverpath, &smb_fname);
658 if (!NT_STATUS_IS_OK(nt_status)) {
659 *perr = ntstatus_to_werror(nt_status);
660 goto error_exit;
661 }
662
663 nt_status = vfs_file_exist(conn, smb_fname);
664 if (!NT_STATUS_IS_OK(nt_status)) {
665 DEBUG(3,("get_correct_cversion: vfs_file_exist failed\n"));
666 *perr = WERR_BADFILE;
667 goto error_exit;
668 }
669
670 nt_status = SMB_VFS_CREATE_FILE(
671 conn, /* conn */
672 NULL, /* req */
673 0, /* root_dir_fid */
674 smb_fname, /* fname */
675 FILE_GENERIC_READ, /* access_mask */
676 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
677 FILE_OPEN, /* create_disposition*/
678 0, /* create_options */
679 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
680 INTERNAL_OPEN_ONLY, /* oplock_request */
681 0, /* private_flags */
682 0, /* allocation_size */
683 NULL, /* sd */
684 NULL, /* ea_list */
685 &fsp, /* result */
686 NULL); /* pinfo */
687
688 if (!NT_STATUS_IS_OK(nt_status)) {
689 DEBUG(3,("get_correct_cversion: Can't open file [%s], errno = "
690 "%d\n", smb_fname_str_dbg(smb_fname), errno));
691 *perr = WERR_ACCESS_DENIED;
692 goto error_exit;
693 } else {
694 uint32 major;
695 uint32 minor;
696 int ret;
697
698 ret = get_file_version(fsp, smb_fname->base_name, &major, &minor);
699 if (ret == -1) {
700 *perr = WERR_INVALID_PARAM;
701 goto error_exit;
702 } else if (!ret) {
703 DEBUG(6,("get_correct_cversion: Version info not "
704 "found [%s]\n",
705 smb_fname_str_dbg(smb_fname)));
706 *perr = WERR_INVALID_PARAM;
707 goto error_exit;
708 }
709
710 /*
711 * This is a Microsoft'ism. See references in MSDN to VER_FILEVERSION
712 * for more details. Version in this case is not just the version of the
713 * file, but the version in the sense of kernal mode (2) vs. user mode
714 * (3) drivers. Other bits of the version fields are the version info.
715 * JRR 010716
716 */
717 cversion = major & 0x0000ffff;
718 switch (cversion) {
719 case 2: /* WinNT drivers */
720 case 3: /* Win2K drivers */
721 break;
722
723 default:
724 DEBUG(6,("get_correct_cversion: cversion "
725 "invalid [%s] cversion = %d\n",
726 smb_fname_str_dbg(smb_fname),
727 cversion));
728 goto error_exit;
729 }
730
731 DEBUG(10,("get_correct_cversion: Version info found [%s] major"
732 " = 0x%x minor = 0x%x\n",
733 smb_fname_str_dbg(smb_fname), major, minor));
734 }
735
736 DEBUG(10,("get_correct_cversion: Driver file [%s] cversion = %d\n",
737 smb_fname_str_dbg(smb_fname), cversion));
738 *perr = WERR_OK;
739
740 error_exit:
741 unbecome_user();
742 error_free_conn:
743 TALLOC_FREE(smb_fname);
744 if (fsp != NULL) {
745 close_file(NULL, fsp, NORMAL_CLOSE);
746 }
747 if (conn != NULL) {
748 vfs_ChDir(conn, oldcwd);
749 SMB_VFS_DISCONNECT(conn);
750 conn_free(conn);
751 }
752 if (!NT_STATUS_IS_OK(*perr)) {
753 cversion = -1;
754 }
755
756 return cversion;
757 }
758
759 /****************************************************************************
760 ****************************************************************************/
761
762 #define strip_driver_path(_mem_ctx, _element) do { \
763 if (_element && ((_p = strrchr((_element), '\\')) != NULL)) { \
764 (_element) = talloc_asprintf((_mem_ctx), "%s", _p+1); \
765 W_ERROR_HAVE_NO_MEMORY((_element)); \
766 } \
767 } while (0);
768
769 static WERROR clean_up_driver_struct_level(TALLOC_CTX *mem_ctx,
770 struct pipes_struct *rpc_pipe,
771 const char *architecture,
772 const char **driver_path,
773 const char **data_file,
774 const char **config_file,
775 const char **help_file,
776 struct spoolss_StringArray *dependent_files,
777 enum spoolss_DriverOSVersion *version)
778 {
779 const char *short_architecture;
780 int i;
781 WERROR err;
782 char *_p;
783
784 if (!*driver_path || !*data_file) {
785 return WERR_INVALID_PARAM;
786 }
787
788 if (!strequal(architecture, SPOOLSS_ARCHITECTURE_4_0) && !*config_file) {
789 return WERR_INVALID_PARAM;
790 }
791
792 /* clean up the driver name.
793 * we can get .\driver.dll
794 * or worse c:\windows\system\driver.dll !
795 */
796 /* using an intermediate string to not have overlaping memcpy()'s */
797
798 strip_driver_path(mem_ctx, *driver_path);
799 strip_driver_path(mem_ctx, *data_file);
800 if (*config_file) {
801 strip_driver_path(mem_ctx, *config_file);
802 }
803 if (help_file) {
804 strip_driver_path(mem_ctx, *help_file);
805 }
806
807 if (dependent_files && dependent_files->string) {
808 for (i=0; dependent_files->string[i]; i++) {
809 strip_driver_path(mem_ctx, dependent_files->string[i]);
810 }
811 }
812
813 short_architecture = get_short_archi(architecture);
814 if (!short_architecture) {
815 return WERR_UNKNOWN_PRINTER_DRIVER;
816 }
817
818 /* jfm:7/16/2000 the client always sends the cversion=0.
819 * The server should check which version the driver is by reading
820 * the PE header of driver->driverpath.
821 *
822 * For Windows 95/98 the version is 0 (so the value sent is correct)
823 * For Windows NT (the architecture doesn't matter)
824 * NT 3.1: cversion=0
825 * NT 3.5/3.51: cversion=1
826 * NT 4: cversion=2
827 * NT2K: cversion=3
828 */
829
830 *version = get_correct_cversion(rpc_pipe, short_architecture,
831 *driver_path, &err);
832 if (*version == -1) {
833 return err;
834 }
835
836 return WERR_OK;
837 }
838
839 /****************************************************************************
840 ****************************************************************************/
841
842 WERROR clean_up_driver_struct(TALLOC_CTX *mem_ctx,
843 struct pipes_struct *rpc_pipe,
844 struct spoolss_AddDriverInfoCtr *r)
845 {
846 switch (r->level) {
847 case 3:
848 return clean_up_driver_struct_level(mem_ctx, rpc_pipe,
849 r->info.info3->architecture,
850 &r->info.info3->driver_path,
851 &r->info.info3->data_file,
852 &r->info.info3->config_file,
853 &r->info.info3->help_file,
854 r->info.info3->dependent_files,
855 &r->info.info3->version);
856 case 6:
857 return clean_up_driver_struct_level(mem_ctx, rpc_pipe,
858 r->info.info6->architecture,
859 &r->info.info6->driver_path,
860 &r->info.info6->data_file,
861 &r->info.info6->config_file,
862 &r->info.info6->help_file,
863 r->info.info6->dependent_files,
864 &r->info.info6->version);
865 default:
866 return WERR_NOT_SUPPORTED;
867 }
868 }
869
870 /****************************************************************************
871 This function sucks and should be replaced. JRA.
872 ****************************************************************************/
873
874 static void convert_level_6_to_level3(struct spoolss_AddDriverInfo3 *dst,
875 const struct spoolss_AddDriverInfo6 *src)
876 {
877 dst->version = src->version;
878
879 dst->driver_name = src->driver_name;
880 dst->architecture = src->architecture;
881 dst->driver_path = src->driver_path;
882 dst->data_file = src->data_file;
883 dst->config_file = src->config_file;
884 dst->help_file = src->help_file;
885 dst->monitor_name = src->monitor_name;
886 dst->default_datatype = src->default_datatype;
887 dst->_ndr_size_dependent_files = src->_ndr_size_dependent_files;
888 dst->dependent_files = src->dependent_files;
889 }
890
891 /****************************************************************************
892 ****************************************************************************/
893
894 static WERROR move_driver_file_to_download_area(TALLOC_CTX *mem_ctx,
895 connection_struct *conn,
896 const char *driver_file,
897 const char *short_architecture,
898 uint32_t driver_version,
899 uint32_t version)
900 {
901 struct smb_filename *smb_fname_old = NULL;
902 struct smb_filename *smb_fname_new = NULL;
903 char *old_name = NULL;
904 char *new_name = NULL;
905 NTSTATUS status;
906 WERROR ret;
907
908 old_name = talloc_asprintf(mem_ctx, "%s/%s",
909 short_architecture, driver_file);
910 W_ERROR_HAVE_NO_MEMORY(old_name);
911
912 new_name = talloc_asprintf(mem_ctx, "%s/%d/%s",
913 short_architecture, driver_version, driver_file);
914 if (new_name == NULL) {
915 TALLOC_FREE(old_name);
916 return WERR_NOMEM;
917 }
918
919 if (version != -1 && (version = file_version_is_newer(conn, old_name, new_name)) > 0) {
920
921 status = driver_unix_convert(conn, old_name, &smb_fname_old);
922 if (!NT_STATUS_IS_OK(status)) {
923 ret = WERR_NOMEM;
924 goto out;
925 }
926
927 /* Setup a synthetic smb_filename struct */
928 smb_fname_new = TALLOC_ZERO_P(mem_ctx, struct smb_filename);
929 if (!smb_fname_new) {
930 ret = WERR_NOMEM;
931 goto out;
932 }
933
934 smb_fname_new->base_name = new_name;
935
936 DEBUG(10,("move_driver_file_to_download_area: copying '%s' to "
937 "'%s'\n", smb_fname_old->base_name,
938 smb_fname_new->base_name));
939
940 status = copy_file(mem_ctx, conn, smb_fname_old, smb_fname_new,
941 OPENX_FILE_EXISTS_TRUNCATE |
942 OPENX_FILE_CREATE_IF_NOT_EXIST,
943 0, false);
944
945 if (!NT_STATUS_IS_OK(status)) {
946 DEBUG(0,("move_driver_file_to_download_area: Unable "
947 "to rename [%s] to [%s]: %s\n",
948 smb_fname_old->base_name, new_name,
949 nt_errstr(status)));
950 ret = WERR_ACCESS_DENIED;
951 goto out;
952 }
953 }
954
955 ret = WERR_OK;
956 out:
957 TALLOC_FREE(smb_fname_old);
958 TALLOC_FREE(smb_fname_new);
959 return ret;
960 }
961
962 WERROR move_driver_to_download_area(struct pipes_struct *p,
963 struct spoolss_AddDriverInfoCtr *r)
964 {
965 struct spoolss_AddDriverInfo3 *driver;
966 struct spoolss_AddDriverInfo3 converted_driver;
967 const char *short_architecture;
968 struct smb_filename *smb_dname = NULL;
969 char *new_dir = NULL;
970 connection_struct *conn = NULL;
971 NTSTATUS nt_status;
972 int i;
973 TALLOC_CTX *ctx = talloc_tos();
974 int ver = 0;
975 char *oldcwd;
976 char *printdollar = NULL;
977 int printdollar_snum;
978 WERROR err = WERR_OK;
979
980 switch (r->level) {
981 case 3:
982 driver = r->info.info3;
983 break;
984 case 6:
985 convert_level_6_to_level3(&converted_driver, r->info.info6);
986 driver = &converted_driver;
987 break;
988 default:
989 DEBUG(0,("move_driver_to_download_area: Unknown info level (%u)\n", (unsigned int)r->level));
990 return WERR_UNKNOWN_LEVEL;
991 }
992
993 short_architecture = get_short_archi(driver->architecture);
994 if (!short_architecture) {
995 return WERR_UNKNOWN_PRINTER_DRIVER;
996 }
997
998 printdollar_snum = find_service(ctx, "print$", &printdollar);
999 if (!printdollar) {
1000 return WERR_NOMEM;
1001 }
1002 if (printdollar_snum == -1) {
1003 return WERR_NO_SUCH_SHARE;
1004 }
1005
1006 nt_status = create_conn_struct(talloc_tos(), &conn, printdollar_snum,
1007 lp_pathname(printdollar_snum),
1008 p->session_info, &oldcwd);
1009 if (!NT_STATUS_IS_OK(nt_status)) {
1010 DEBUG(0,("move_driver_to_download_area: create_conn_struct "
1011 "returned %s\n", nt_errstr(nt_status)));
1012 err = ntstatus_to_werror(nt_status);
1013 return err;
1014 }
1015
1016 nt_status = set_conn_force_user_group(conn, printdollar_snum);
1017 if (!NT_STATUS_IS_OK(nt_status)) {
1018 DEBUG(0, ("failed set force user / group\n"));
1019 err = ntstatus_to_werror(nt_status);
1020 goto err_free_conn;
1021 }
1022
1023 if (!become_user_by_session(conn, p->session_info)) {
1024 DEBUG(0, ("failed to become user\n"));
1025 err = WERR_ACCESS_DENIED;
1026 goto err_free_conn;
1027 }
1028
1029 new_dir = talloc_asprintf(ctx,
1030 "%s/%d",
1031 short_architecture,
1032 driver->version);
1033 if (!new_dir) {
1034 err = WERR_NOMEM;
1035 goto err_exit;
1036 }
1037 nt_status = driver_unix_convert(conn, new_dir, &smb_dname);
1038 if (!NT_STATUS_IS_OK(nt_status)) {
1039 err = WERR_NOMEM;
1040 goto err_exit;
1041 }
1042
1043 DEBUG(5,("Creating first directory: %s\n", smb_dname->base_name));
1044
1045 nt_status = create_directory(conn, NULL, smb_dname);
1046 if (!NT_STATUS_IS_OK(nt_status)
1047 && !NT_STATUS_EQUAL(nt_status, NT_STATUS_OBJECT_NAME_COLLISION)) {
1048 DEBUG(0, ("failed to create driver destination directory: %s\n",
1049 nt_errstr(nt_status)));
1050 err = ntstatus_to_werror(nt_status);
1051 goto err_exit;
1052 }
1053
1054 /* For each driver file, archi\filexxx.yyy, if there is a duplicate file
1055 * listed for this driver which has already been moved, skip it (note:
1056 * drivers may list the same file name several times. Then check if the
1057 * file already exists in archi\version\, if so, check that the version
1058 * info (or time stamps if version info is unavailable) is newer (or the
1059 * date is later). If it is, move it to archi\version\filexxx.yyy.
1060 * Otherwise, delete the file.
1061 *
1062 * If a file is not moved to archi\version\ because of an error, all the
1063 * rest of the 'unmoved' driver files are removed from archi\. If one or
1064 * more of the driver's files was already moved to archi\version\, it
1065 * potentially leaves the driver in a partially updated state. Version
1066 * trauma will most likely occur if an client attempts to use any printer
1067 * bound to the driver. Perhaps a rewrite to make sure the moves can be
1068 * done is appropriate... later JRR
1069 */
1070
1071 DEBUG(5,("Moving files now !\n"));
1072
1073 if (driver->driver_path && strlen(driver->driver_path)) {
1074
1075 err = move_driver_file_to_download_area(ctx,
1076 conn,
1077 driver->driver_path,
1078 short_architecture,
1079 driver->version,
1080 ver);
1081 if (!W_ERROR_IS_OK(err)) {
1082 goto err_exit;
1083 }
1084 }
1085
1086 if (driver->data_file && strlen(driver->data_file)) {
1087 if (!strequal(driver->data_file, driver->driver_path)) {
1088
1089 err = move_driver_file_to_download_area(ctx,
1090 conn,
1091 driver->data_file,
1092 short_architecture,
1093 driver->version,
1094 ver);
1095 if (!W_ERROR_IS_OK(err)) {
1096 goto err_exit;
1097 }
1098 }
1099 }
1100
1101 if (driver->config_file && strlen(driver->config_file)) {
1102 if (!strequal(driver->config_file, driver->driver_path) &&
1103 !strequal(driver->config_file, driver->data_file)) {
1104
1105 err = move_driver_file_to_download_area(ctx,
1106 conn,
1107 driver->config_file,
1108 short_architecture,
1109 driver->version,
1110 ver);
1111 if (!W_ERROR_IS_OK(err)) {
1112 goto err_exit;
1113 }
1114 }
1115 }
1116
1117 if (driver->help_file && strlen(driver->help_file)) {
1118 if (!strequal(driver->help_file, driver->driver_path) &&
1119 !strequal(driver->help_file, driver->data_file) &&
1120 !strequal(driver->help_file, driver->config_file)) {
1121
1122 err = move_driver_file_to_download_area(ctx,
1123 conn,
1124 driver->help_file,
1125 short_architecture,
1126 driver->version,
1127 ver);
1128 if (!W_ERROR_IS_OK(err)) {
1129 goto err_exit;
1130 }
1131 }
1132 }
1133
1134 if (driver->dependent_files && driver->dependent_files->string) {
1135 for (i=0; driver->dependent_files->string[i]; i++) {
1136 if (!strequal(driver->dependent_files->string[i], driver->driver_path) &&
1137 !strequal(driver->dependent_files->string[i], driver->data_file) &&
1138 !strequal(driver->dependent_files->string[i], driver->config_file) &&
1139 !strequal(driver->dependent_files->string[i], driver->help_file)) {
1140 int j;
1141 for (j=0; j < i; j++) {
1142 if (strequal(driver->dependent_files->string[i], driver->dependent_files->string[j])) {
1143 goto NextDriver;
1144 }
1145 }
1146
1147 err = move_driver_file_to_download_area(ctx,
1148 conn,
1149 driver->dependent_files->string[i],
1150 short_architecture,
1151 driver->version,
1152 ver);
1153 if (!W_ERROR_IS_OK(err)) {
1154 goto err_exit;
1155 }
1156 }
1157 NextDriver: ;
1158 }
1159 }
1160
1161 err = WERR_OK;
1162 err_exit:
1163 unbecome_user();
1164 err_free_conn:
1165 TALLOC_FREE(smb_dname);
1166
1167 if (conn != NULL) {
1168 vfs_ChDir(conn, oldcwd);
1169 SMB_VFS_DISCONNECT(conn);
1170 conn_free(conn);
1171 }
1172
1173 return err;
1174 }
1175
1176 /****************************************************************************
1177 Create and allocate a default devicemode.
1178 ****************************************************************************/
1179
1180 WERROR spoolss_create_default_devmode(TALLOC_CTX *mem_ctx,
1181 const char *devicename,
1182 struct spoolss_DeviceMode **devmode)
1183 {
1184 struct spoolss_DeviceMode *dm;
1185 char *dname;
1186
1187 dm = talloc_zero(mem_ctx, struct spoolss_DeviceMode);
1188 if (dm == NULL) {
1189 return WERR_NOMEM;
1190 }
1191
1192 dname = talloc_asprintf(dm, "%s", devicename);
1193 if (dname == NULL) {
1194 return WERR_NOMEM;
1195 }
1196 if (strlen(dname) > MAXDEVICENAME) {
1197 dname[MAXDEVICENAME] = '\0';
1198 }
1199 dm->devicename = dname;
1200
1201 dm->formname = talloc_strdup(dm, "Letter");
1202 if (dm->formname == NULL) {
1203 return WERR_NOMEM;
1204 }
1205
1206 dm->specversion = DMSPEC_NT4_AND_ABOVE;
1207 dm->driverversion = 0x0400;
1208 dm->size = 0x00DC;
1209 dm->__driverextra_length = 0;
1210 dm->fields = DEVMODE_FORMNAME |
1211 DEVMODE_TTOPTION |
1212 DEVMODE_PRINTQUALITY |
1213 DEVMODE_DEFAULTSOURCE |
1214 DEVMODE_COPIES |
1215 DEVMODE_SCALE |
1216 DEVMODE_PAPERSIZE |
1217 DEVMODE_ORIENTATION;
1218 dm->orientation = DMORIENT_PORTRAIT;
1219 dm->papersize = DMPAPER_LETTER;
1220 dm->paperlength = 0;
1221 dm->paperwidth = 0;
1222 dm->scale = 0x64;
1223 dm->copies = 1;
1224 dm->defaultsource = DMBIN_FORMSOURCE;
1225 dm->printquality = DMRES_HIGH; /* 0x0258 */
1226 dm->color = DMRES_MONOCHROME;
1227 dm->duplex = DMDUP_SIMPLEX;
1228 dm->yresolution = 0;
1229 dm->ttoption = DMTT_SUBDEV;
1230 dm->collate = DMCOLLATE_FALSE;
1231 dm->icmmethod = 0;
1232 dm->icmintent = 0;
1233 dm->mediatype = 0;
1234 dm->dithertype = 0;
1235
1236 dm->logpixels = 0;
1237 dm->bitsperpel = 0;
1238 dm->pelswidth = 0;
1239 dm->pelsheight = 0;
1240 dm->displayflags = 0;
1241 dm->displayfrequency = 0;
1242 dm->reserved1 = 0;
1243 dm->reserved2 = 0;
1244 dm->panningwidth = 0;
1245 dm->panningheight = 0;
1246
1247 dm->driverextra_data.data = NULL;
1248 dm->driverextra_data.length = 0;
1249
1250 *devmode = dm;
1251 return WERR_OK;
1252 }
1253
1254 WERROR spoolss_create_default_secdesc(TALLOC_CTX *mem_ctx,
1255 struct spoolss_security_descriptor **secdesc)
1256 {
1257 struct security_ace ace[7]; /* max number of ace entries */
1258 int i = 0;
1259 uint32_t sa;
1260 struct security_acl *psa = NULL;
1261 struct security_descriptor *psd = NULL;
1262 struct dom_sid adm_sid;
1263 size_t sd_size;
1264
1265 /* Create an ACE where Everyone is allowed to print */
1266
1267 sa = PRINTER_ACE_PRINT;
1268 init_sec_ace(&ace[i++], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED,
1269 sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
1270
1271 /* Add the domain admins group if we are a DC */
1272
1273 if ( IS_DC ) {
1274 struct dom_sid domadmins_sid;
1275
1276 sid_compose(&domadmins_sid, get_global_sam_sid(),
1277 DOMAIN_RID_ADMINS);
1278
1279 sa = PRINTER_ACE_FULL_CONTROL;
1280 init_sec_ace(&ace[i++], &domadmins_sid,
1281 SEC_ACE_TYPE_ACCESS_ALLOWED, sa,
1282 SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY);
1283 init_sec_ace(&ace[i++], &domadmins_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
1284 sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
1285 }
1286 else if (secrets_fetch_domain_sid(lp_workgroup(), &adm_sid)) {
1287 sid_append_rid(&adm_sid, DOMAIN_RID_ADMINISTRATOR);
1288
1289 sa = PRINTER_ACE_FULL_CONTROL;
1290 init_sec_ace(&ace[i++], &adm_sid,
1291 SEC_ACE_TYPE_ACCESS_ALLOWED, sa,
1292 SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY);
1293 init_sec_ace(&ace[i++], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED,
1294 sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
1295 }
1296
1297 /* add BUILTIN\Administrators as FULL CONTROL */
1298
1299 sa = PRINTER_ACE_FULL_CONTROL;
1300 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
1301 SEC_ACE_TYPE_ACCESS_ALLOWED, sa,
1302 SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY);
1303 init_sec_ace(&ace[i++], &global_sid_Builtin_Administrators,
1304 SEC_ACE_TYPE_ACCESS_ALLOWED,
1305 sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
1306
1307 /* add BUILTIN\Print Operators as FULL CONTROL */
1308
1309 sa = PRINTER_ACE_FULL_CONTROL;
1310 init_sec_ace(&ace[i++], &global_sid_Builtin_Print_Operators,
1311 SEC_ACE_TYPE_ACCESS_ALLOWED, sa,
1312 SEC_ACE_FLAG_OBJECT_INHERIT | SEC_ACE_FLAG_INHERIT_ONLY);
1313 init_sec_ace(&ace[i++], &global_sid_Builtin_Print_Operators,
1314 SEC_ACE_TYPE_ACCESS_ALLOWED,
1315 sa, SEC_ACE_FLAG_CONTAINER_INHERIT);
1316
1317 /* Make the security descriptor owned by the BUILTIN\Administrators */
1318
1319 /* The ACL revision number in rpc_secdesc.h differs from the one
1320 created by NT when setting ACE entries in printer
1321 descriptors. NT4 complains about the property being edited by a
1322 NT5 machine. */
1323
1324 if ((psa = make_sec_acl(mem_ctx, NT4_ACL_REVISION, i, ace)) != NULL) {
1325 psd = make_sec_desc(mem_ctx,
1326 SD_REVISION,
1327 SEC_DESC_SELF_RELATIVE,
1328 &global_sid_Builtin_Administrators,
1329 &global_sid_Builtin_Administrators,
1330 NULL,
1331 psa,
1332 &sd_size);
1333 }
1334
1335 if (psd == NULL) {
1336 DEBUG(0,("construct_default_printer_sd: Failed to make SEC_DESC.\n"));
1337 return WERR_NOMEM;
1338 }
1339
1340 DEBUG(4,("construct_default_printer_sdb: size = %u.\n",
1341 (unsigned int)sd_size));
1342
1343 *secdesc = psd;
1344
1345 return WERR_OK;
1346 }
1347
1348 /****************************************************************************
1349 ***************************************************************************/
1350
1351 static char *win_driver;
1352 static char *os2_driver;
1353
1354 static const char *get_win_driver(void)
1355 {
1356 if (win_driver == NULL) {
1357 return "";
1358 }
1359 return win_driver;
1360 }
1361
1362 static const char *get_os2_driver(void)
1363 {
1364 if (os2_driver == NULL) {
1365 return "";
1366 }
1367 return os2_driver;
1368 }
1369
1370 static bool set_driver_mapping(const char *from, const char *to)
1371 {
1372 SAFE_FREE(win_driver);
1373 SAFE_FREE(os2_driver);
1374
1375 win_driver = SMB_STRDUP(from);
1376 os2_driver = SMB_STRDUP(to);
1377
1378 if (win_driver == NULL || os2_driver == NULL) {
1379 SAFE_FREE(win_driver);
1380 SAFE_FREE(os2_driver);
1381 return false;
1382 }
1383 return true;
1384 }
1385
1386 /**
1387 * @internal
1388 *
1389 * @brief Map a Windows driver to a OS/2 driver.
1390 *
1391 * @param[in] mem_ctx The memory context to use.
1392 *
1393 * @param[in,out] pdrivername The drivername of Windows to remap.
1394 *
1395 * @return WERR_OK on success, a corresponding WERROR on failure.
1396 */
1397 WERROR spoolss_map_to_os2_driver(TALLOC_CTX *mem_ctx, const char **pdrivername)
1398 {
1399 const char *mapfile = lp_os2_driver_map();
1400 char **lines = NULL;
1401 const char *drivername;
1402 int numlines = 0;
1403 int i;
1404
1405 if (pdrivername == NULL || *pdrivername == NULL || *pdrivername[0] == '\0') {
1406 return WERR_INVALID_PARAMETER;
1407 }
1408
1409 drivername = *pdrivername;
1410
1411 if (mapfile[0] == '\0') {
1412 return WERR_BADFILE;
1413 }
1414
1415 if (strequal(drivername, get_win_driver())) {
1416 DEBUG(3,("Mapped Windows driver %s to OS/2 driver %s\n",
1417 drivername, get_os2_driver()));
1418 drivername = talloc_strdup(mem_ctx, get_os2_driver());
1419 if (drivername == NULL) {
1420 return WERR_NOMEM;
1421 }
1422 *pdrivername = drivername;
1423 return WERR_OK;
1424 }
1425
1426 lines = file_lines_load(mapfile, &numlines, 0, NULL);
1427 if (numlines == 0 || lines == NULL) {
1428 DEBUG(0,("No entries in OS/2 driver map %s\n", mapfile));
1429 TALLOC_FREE(lines);
1430 return WERR_EMPTY;
1431 }
1432
1433 DEBUG(4,("Scanning OS/2 driver map %s\n",mapfile));
1434
1435 for( i = 0; i < numlines; i++) {
1436 char *nt_name = lines[i];
1437 char *os2_name = strchr(nt_name, '=');
1438
1439 if (os2_name == NULL) {
1440 continue;
1441 }
1442
1443 *os2_name++ = '\0';
1444
1445 while (isspace(*nt_name)) {
1446 nt_name++;
1447 }
1448
1449 if (*nt_name == '\0' || strchr("#;", *nt_name)) {
1450 continue;
1451 }
1452
1453 {
1454 int l = strlen(nt_name);
1455 while (l && isspace(nt_name[l - 1])) {
1456 nt_name[l - 1] = 0;
1457 l--;
1458 }
1459 }
1460
1461 while (isspace(*os2_name)) {
1462 os2_name++;
1463 }
1464
1465 {
1466 int l = strlen(os2_name);
1467 while (l && isspace(os2_name[l-1])) {
1468 os2_name[l-1] = 0;
1469 l--;
1470 }
1471 }
1472
1473 if (strequal(nt_name, drivername)) {
1474 DEBUG(3,("Mapped Windows driver %s to OS/2 driver %s\n",drivername,os2_name));
1475 set_driver_mapping(drivername, os2_name);
1476 drivername = talloc_strdup(mem_ctx, os2_name);
1477 TALLOC_FREE(lines);
1478 if (drivername == NULL) {
1479 return WERR_NOMEM;
1480 }
1481 *pdrivername = drivername;
1482 return WERR_OK;
1483 }
1484 }
1485
1486 TALLOC_FREE(lines);
1487 return WERR_OK;
1488 }
1489
1490 /****************************************************************************
1491 ****************************************************************************/
1492
1493 bool driver_info_ctr_to_info8(struct spoolss_AddDriverInfoCtr *r,
1494 struct spoolss_DriverInfo8 *_info8)
1495 {
1496 struct spoolss_DriverInfo8 info8;
1497
1498 ZERO_STRUCT(info8);
1499
1500 switch (r->level) {
1501 case 3:
1502 info8.version = r->info.info3->version;
1503 info8.driver_name = r->info.info3->driver_name;
1504 info8.architecture = r->info.info3->architecture;
1505 info8.driver_path = r->info.info3->driver_path;
1506 info8.data_file = r->info.info3->data_file;
1507 info8.config_file = r->info.info3->config_file;
1508 info8.help_file = r->info.info3->help_file;
1509 info8.monitor_name = r->info.info3->monitor_name;
1510 info8.default_datatype = r->info.info3->default_datatype;
1511 if (r->info.info3->dependent_files && r->info.info3->dependent_files->string) {
1512 info8.dependent_files = r->info.info3->dependent_files->string;
1513 }
1514 break;
1515 case 6:
1516 info8.version = r->info.info6->version;
1517 info8.driver_name = r->info.info6->driver_name;
1518 info8.architecture = r->info.info6->architecture;
1519 info8.driver_path = r->info.info6->driver_path;
1520 info8.data_file = r->info.info6->data_file;
1521 info8.config_file = r->info.info6->config_file;
1522 info8.help_file = r->info.info6->help_file;
1523 info8.monitor_name = r->info.info6->monitor_name;
1524 info8.default_datatype = r->info.info6->default_datatype;
1525 if (r->info.info6->dependent_files && r->info.info6->dependent_files->string) {
1526 info8.dependent_files = r->info.info6->dependent_files->string;
1527 }
1528 info8.driver_date = r->info.info6->driver_date;
1529 info8.driver_version = r->info.info6->driver_version;
1530 info8.manufacturer_name = r->info.info6->manufacturer_name;
1531 info8.manufacturer_url = r->info.info6->manufacturer_url;
1532 info8.hardware_id = r->info.info6->hardware_id;
1533 info8.provider = r->info.info6->provider;
1534 break;
1535 case 8:
1536 info8.version = r->info.info8->version;
1537 info8.driver_name = r->info.info8->driver_name;
1538 info8.architecture = r->info.info8->architecture;
1539 info8.driver_path = r->info.info8->driver_path;
1540 info8.data_file = r->info.info8->data_file;
1541 info8.config_file = r->info.info8->config_file;
1542 info8.help_file = r->info.info8->help_file;
1543 info8.monitor_name = r->info.info8->monitor_name;
1544 info8.default_datatype = r->info.info8->default_datatype;
1545 if (r->info.info8->dependent_files && r->info.info8->dependent_files->string) {
1546 info8.dependent_files = r->info.info8->dependent_files->string;
1547 }
1548 if (r->info.info8->previous_names && r->info.info8->previous_names->string) {
1549 info8.previous_names = r->info.info8->previous_names->string;
1550 }
1551 info8.driver_date = r->info.info8->driver_date;
1552 info8.driver_version = r->info.info8->driver_version;
1553 info8.manufacturer_name = r->info.info8->manufacturer_name;
1554 info8.manufacturer_url = r->info.info8->manufacturer_url;
1555 info8.hardware_id = r->info.info8->hardware_id;
1556 info8.provider = r->info.info8->provider;
1557 info8.print_processor = r->info.info8->print_processor;
1558 info8.vendor_setup = r->info.info8->vendor_setup;
1559 if (r->info.info8->color_profiles && r->info.info8->color_profiles->string) {
1560 info8.color_profiles = r->info.info8->color_profiles->string;
1561 }
1562 info8.inf_path = r->info.info8->inf_path;
1563 info8.printer_driver_attributes = r->info.info8->printer_driver_attributes;
1564 if (r->info.info8->core_driver_dependencies && r->info.info8->core_driver_dependencies->string) {
1565 info8.core_driver_dependencies = r->info.info8->core_driver_dependencies->string;
1566 }
1567 info8.min_inbox_driver_ver_date = r->info.info8->min_inbox_driver_ver_date;
1568 info8.min_inbox_driver_ver_version = r->info.info8->min_inbox_driver_ver_version;
1569 break;
1570 default:
1571 return false;
1572 }
1573
1574 *_info8 = info8;
1575
1576 return true;
1577 }
1578
1579
1580 /****************************************************************************
1581 Determine whether or not a particular driver is currently assigned
1582 to a printer
1583 ****************************************************************************/
1584
1585 bool printer_driver_in_use(TALLOC_CTX *mem_ctx,
1586 const struct auth_serversupplied_info *session_info,
1587 struct messaging_context *msg_ctx,
1588 const struct spoolss_DriverInfo8 *r)
1589 {
1590 int snum;
1591 int n_services = lp_numservices();
1592 bool in_use = False;
1593 struct spoolss_PrinterInfo2 *pinfo2 = NULL;
1594 WERROR result;
1595
1596 if (!r) {
1597 return false;
1598 }
1599
1600 DEBUG(10,("printer_driver_in_use: Beginning search through ntprinters.tdb...\n"));
1601
1602 /* loop through the printers.tdb and check for the drivername */
1603
1604 for (snum=0; snum<n_services && !in_use; snum++) {
1605 if (!lp_snum_ok(snum) || !lp_print_ok(snum)) {
1606 continue;
1607 }
1608
1609 result = winreg_get_printer(mem_ctx, session_info, msg_ctx,
1610 lp_servicename(snum),
1611 &pinfo2);
1612 if (!W_ERROR_IS_OK(result)) {
1613 continue; /* skip */
1614 }
1615
1616 if (strequal(r->driver_name, pinfo2->drivername)) {
1617 in_use = True;
1618 }
1619
1620 TALLOC_FREE(pinfo2);
1621 }
1622
1623 DEBUG(10,("printer_driver_in_use: Completed search through ntprinters.tdb...\n"));
1624
1625 if ( in_use ) {
1626 struct spoolss_DriverInfo8 *driver;
1627 WERROR werr;
1628
1629 DEBUG(5,("printer_driver_in_use: driver \"%s\" is currently in use\n", r->driver_name));
1630
1631 /* we can still remove the driver if there is one of
1632 "Windows NT x86" version 2 or 3 left */
1633
1634 if (!strequal("Windows NT x86", r->architecture)) {
1635 werr = winreg_get_driver(mem_ctx, session_info, msg_ctx,
1636 "Windows NT x86",
1637 r->driver_name,
1638 DRIVER_ANY_VERSION,
1639 &driver);
1640 } else if (r->version == 2) {
1641 werr = winreg_get_driver(mem_ctx, session_info, msg_ctx,
1642 "Windows NT x86",
1643 r->driver_name,
1644 3, &driver);
1645 } else if (r->version == 3) {
1646 werr = winreg_get_driver(mem_ctx, session_info, msg_ctx,
1647 "Windows NT x86",
1648 r->driver_name,
1649 2, &driver);
1650 } else {
1651 DEBUG(0, ("printer_driver_in_use: ERROR!"
1652 " unknown driver version (%d)\n",
1653 r->version));
1654 werr = WERR_UNKNOWN_PRINTER_DRIVER;
1655 }
1656
1657 /* now check the error code */
1658
1659 if ( W_ERROR_IS_OK(werr) ) {
1660 /* it's ok to remove the driver, we have other architctures left */
1661 in_use = False;
1662 talloc_free(driver);
1663 }
1664 }
1665
1666 /* report that the driver is not in use by default */
1667
1668 return in_use;
1669 }
1670
1671
1672 /**********************************************************************
1673 Check to see if a ogiven file is in use by *info
1674 *********************************************************************/
1675
1676 static bool drv_file_in_use(const char *file, const struct spoolss_DriverInfo8 *info)
1677 {
1678 int i = 0;
1679
1680 if ( !info )
1681 return False;
1682
1683 /* mz: skip files that are in the list but already deleted */
1684 if (!file || !file[0]) {
1685 return false;
1686 }
1687
1688 if (strequal(file, info->driver_path))
1689 return True;
1690
1691 if (strequal(file, info->data_file))
1692 return True;
1693
1694 if (strequal(file, info->config_file))
1695 return True;
1696
1697 if (strequal(file, info->help_file))
1698 return True;
1699
1700 /* see of there are any dependent files to examine */
1701
1702 if (!info->dependent_files)
1703 return False;
1704
1705 while (info->dependent_files[i] && *info->dependent_files[i]) {
1706 if (strequal(file, info->dependent_files[i]))
1707 return True;
1708 i++;
1709 }
1710
1711 return False;
1712
1713 }
1714
1715 /**********************************************************************
1716 Utility function to remove the dependent file pointed to by the
1717 input parameter from the list
1718 *********************************************************************/
1719
1720 static void trim_dependent_file(TALLOC_CTX *mem_ctx, const char **files, int idx)
1721 {
1722
1723 /* bump everything down a slot */
1724
1725 while (files && files[idx+1]) {
1726 files[idx] = talloc_strdup(mem_ctx, files[idx+1]);
1727 idx++;
1728 }
1729
1730 files[idx] = NULL;
1731
1732 return;
1733 }
1734
1735 /**********************************************************************
1736 Check if any of the files used by src are also used by drv
1737 *********************************************************************/
1738
1739 static bool trim_overlap_drv_files(TALLOC_CTX *mem_ctx,
1740 struct spoolss_DriverInfo8 *src,
1741 const struct spoolss_DriverInfo8 *drv)
1742 {
1743 bool in_use = False;
1744 int i = 0;
1745
1746 if ( !src || !drv )
1747 return False;
1748
1749 /* check each file. Remove it from the src structure if it overlaps */
1750
1751 if (drv_file_in_use(src->driver_path, drv)) {
1752 in_use = True;
1753 DEBUG(10,("Removing driverfile [%s] from list\n", src->driver_path));
1754 src->driver_path = talloc_strdup(mem_ctx, "");
1755 if (!src->driver_path) { return false; }
1756 }
1757
1758 if (drv_file_in_use(src->data_file, drv)) {
1759 in_use = True;
1760 DEBUG(10,("Removing datafile [%s] from list\n", src->data_file));
1761 src->data_file = talloc_strdup(mem_ctx, "");
1762 if (!src->data_file) { return false; }
1763 }
1764
1765 if (drv_file_in_use(src->config_file, drv)) {
1766 in_use = True;
1767 DEBUG(10,("Removing configfile [%s] from list\n", src->config_file));
1768 src->config_file = talloc_strdup(mem_ctx, "");
1769 if (!src->config_file) { return false; }
1770 }
1771
1772 if (drv_file_in_use(src->help_file, drv)) {
1773 in_use = True;
1774 DEBUG(10,("Removing helpfile [%s] from list\n", src->help_file));
1775 src->help_file = talloc_strdup(mem_ctx, "");
1776 if (!src->help_file) { return false; }
1777 }
1778
1779 /* are there any dependentfiles to examine? */
1780
1781 if (!src->dependent_files)
1782 return in_use;
1783
1784 while (src->dependent_files[i] && *src->dependent_files[i]) {
1785 if (drv_file_in_use(src->dependent_files[i], drv)) {
1786 in_use = True;
1787 DEBUG(10,("Removing [%s] from dependent file list\n", src->dependent_files[i]));
1788 trim_dependent_file(mem_ctx, src->dependent_files, i);
1789 } else
1790 i++;
1791 }
1792
1793 return in_use;
1794 }
1795
1796 /****************************************************************************
1797 Determine whether or not a particular driver files are currently being
1798 used by any other driver.
1799
1800 Return value is True if any files were in use by other drivers
1801 and False otherwise.
1802
1803 Upon return, *info has been modified to only contain the driver files
1804 which are not in use
1805
1806 Fix from mz:
1807
1808 This needs to check all drivers to ensure that all files in use
1809 have been removed from *info, not just the ones in the first
1810 match.
1811 ****************************************************************************/
1812
1813 bool printer_driver_files_in_use(TALLOC_CTX *mem_ctx,
1814 const struct auth_serversupplied_info *session_info,
1815 struct messaging_context *msg_ctx,
1816 struct spoolss_DriverInfo8 *info)
1817 {
1818 int i;
1819 uint32 version;
1820 struct spoolss_DriverInfo8 *driver;
1821 bool in_use = false;
1822 uint32_t num_drivers;
1823 const char **drivers;
1824 WERROR result;
1825
1826 if ( !info )
1827 return False;
1828
1829 version = info->version;
1830
1831 /* loop over all driver versions */
1832
1833 DEBUG(5,("printer_driver_files_in_use: Beginning search of drivers...\n"));
1834
1835 /* get the list of drivers */
1836
1837 result = winreg_get_driver_list(mem_ctx, session_info, msg_ctx,
1838 info->architecture, version,
1839 &num_drivers, &drivers);
1840 if (!W_ERROR_IS_OK(result)) {
1841 return true;
1842 }
1843
1844 DEBUGADD(4, ("we have:[%d] drivers in environment [%s] and version [%d]\n",
1845 num_drivers, info->architecture, version));
1846
1847 /* check each driver for overlap in files */
1848
1849 for (i = 0; i < num_drivers; i++) {
1850 DEBUGADD(5,("\tdriver: [%s]\n", drivers[i]));
1851
1852 driver = NULL;
1853
1854 result = winreg_get_driver(mem_ctx, session_info, msg_ctx,
1855 info->architecture, drivers[i],
1856 version, &driver);
1857 if (!W_ERROR_IS_OK(result)) {
1858 talloc_free(drivers);
1859 return True;
1860 }
1861
1862 /* check if d2 uses any files from d1 */
1863 /* only if this is a different driver than the one being deleted */
1864
1865 if (!strequal(info->driver_name, driver->driver_name)) {
1866 if (trim_overlap_drv_files(mem_ctx, info, driver)) {
1867 /* mz: Do not instantly return -
1868 * we need to ensure this file isn't
1869 * also in use by other drivers. */
1870 in_use = true;
1871 }
1872 }
1873
1874 talloc_free(driver);
1875 }
1876
1877 talloc_free(drivers);
1878
1879 DEBUG(5,("printer_driver_files_in_use: Completed search of drivers...\n"));
1880
1881 return in_use;
1882 }
1883
1884 static NTSTATUS driver_unlink_internals(connection_struct *conn,
1885 const char *name)
1886 {
1887 struct smb_filename *smb_fname = NULL;
1888 NTSTATUS status;
1889
1890 status = create_synthetic_smb_fname(talloc_tos(), name, NULL, NULL,
1891 &smb_fname);
1892 if (!NT_STATUS_IS_OK(status)) {
1893 return status;
1894 }
1895
1896 status = unlink_internals(conn, NULL, 0, smb_fname, false);
1897
1898 TALLOC_FREE(smb_fname);
1899 return status;
1900 }
1901
1902 /****************************************************************************
1903 Actually delete the driver files. Make sure that
1904 printer_driver_files_in_use() return False before calling
1905 this.
1906 ****************************************************************************/
1907
1908 bool delete_driver_files(const struct auth_serversupplied_info *session_info,
1909 const struct spoolss_DriverInfo8 *r)
1910 {
1911 int i = 0;
1912 char *s;
1913 const char *file;
1914 connection_struct *conn;
1915 NTSTATUS nt_status;
1916 char *oldcwd;
1917 char *printdollar = NULL;
1918 int printdollar_snum;
1919 bool ret = false;
1920
1921 if (!r) {
1922 return false;
1923 }
1924
1925 DEBUG(6,("delete_driver_files: deleting driver [%s] - version [%d]\n",
1926 r->driver_name, r->version));
1927
1928 printdollar_snum = find_service(talloc_tos(), "print$", &printdollar);
1929 if (!printdollar) {
1930 return false;
1931 }
1932 if (printdollar_snum == -1) {
1933 return false;
1934 }
1935
1936 nt_status = create_conn_struct(talloc_tos(), &conn, printdollar_snum,
1937 lp_pathname(printdollar_snum),
1938 session_info, &oldcwd);
1939 if (!NT_STATUS_IS_OK(nt_status)) {
1940 DEBUG(0,("delete_driver_files: create_conn_struct "
1941 "returned %s\n", nt_errstr(nt_status)));
1942 return false;
1943 }
1944
1945 nt_status = set_conn_force_user_group(conn, printdollar_snum);
1946 if (!NT_STATUS_IS_OK(nt_status)) {
1947 DEBUG(0, ("failed set force user / group\n"));
1948 ret = false;
1949 goto err_free_conn;
1950 }
1951
1952 if (!become_user_by_session(conn, session_info)) {
1953 DEBUG(0, ("failed to become user\n"));
1954 ret = false;
1955 goto err_free_conn;
1956 }
1957
1958 if ( !CAN_WRITE(conn) ) {
1959 DEBUG(3,("delete_driver_files: Cannot delete print driver when [print$] is read-only\n"));
1960 ret = false;
1961 goto err_out;
1962 }
1963
1964 /* now delete the files; must strip the '\print$' string from
1965 fron of path */
1966
1967 if (r->driver_path && r->driver_path[0]) {
1968 if ((s = strchr(&r->driver_path[1], '\\')) != NULL) {
1969 file = s;
1970 DEBUG(10,("deleting driverfile [%s]\n", s));
1971 driver_unlink_internals(conn, file);
1972 }
1973 }
1974
1975 if (r->config_file && r->config_file[0]) {
1976 if ((s = strchr(&r->config_file[1], '\\')) != NULL) {
1977 file = s;
1978 DEBUG(10,("deleting configfile [%s]\n", s));
1979 driver_unlink_internals(conn, file);
1980 }
1981 }
1982
1983 if (r->data_file && r->data_file[0]) {
1984 if ((s = strchr(&r->data_file[1], '\\')) != NULL) {
1985 file = s;
1986 DEBUG(10,("deleting datafile [%s]\n", s));
1987 driver_unlink_internals(conn, file);
1988 }
1989 }
1990
1991 if (r->help_file && r->help_file[0]) {
1992 if ((s = strchr(&r->help_file[1], '\\')) != NULL) {
1993 file = s;
1994 DEBUG(10,("deleting helpfile [%s]\n", s));
1995 driver_unlink_internals(conn, file);
1996 }
1997 }
1998
1999 /* check if we are done removing files */
2000
2001 if (r->dependent_files) {
2002 while (r->dependent_files[i] && r->dependent_files[i][0]) {
2003 char *p;
2004
2005 /* bypass the "\print$" portion of the path */
2006
2007 if ((p = strchr(r->dependent_files[i]+1, '\\')) != NULL) {
2008 file = p;
2009 DEBUG(10,("deleting dependent file [%s]\n", file));
2010 driver_unlink_internals(conn, file);
2011 }
2012
2013 i++;
2014 }
2015 }
2016
2017 ret = true;
2018 err_out:
2019 unbecome_user();
2020 err_free_conn:
2021 if (conn != NULL) {
2022 vfs_ChDir(conn, oldcwd);
2023 SMB_VFS_DISCONNECT(conn);
2024 conn_free(conn);
2025 }
2026 return ret;
2027 }
2028
2029 /* error code:
2030 0: everything OK
2031 1: level not implemented
2032 2: file doesn't exist
2033 3: can't allocate memory
2034 4: can't free memory
2035 5: non existant struct
2036 */
2037
2038 /*
2039 A printer and a printer driver are 2 different things.
2040 NT manages them separatelly, Samba does the same.
2041 Why ? Simply because it's easier and it makes sense !
2042
2043 Now explanation: You have 3 printers behind your samba server,
2044 2 of them are the same make and model (laser A and B). But laser B
2045 has an 3000 sheet feeder and laser A doesn't such an option.
2046 Your third printer is an old dot-matrix model for the accounting :-).
2047
2048 If the /usr/local/samba/lib directory (default dir), you will have
2049 5 files to describe all of this.
2050
2051 3 files for the printers (1 by printer):
2052 NTprinter_laser A
2053 NTprinter_laser B
2054 NTprinter_accounting
2055 2 files for the drivers (1 for the laser and 1 for the dot matrix)
2056 NTdriver_printer model X
2057 NTdriver_printer model Y
2058
2059 jfm: I should use this comment for the text file to explain
2060 same thing for the forms BTW.
2061 Je devrais mettre mes commentaires en francais, ca serait mieux :-)
2062
2063 */
2064
2065 /* Convert generic access rights to printer object specific access rights.
2066 It turns out that NT4 security descriptors use generic access rights and
2067 NT5 the object specific ones. */
2068
2069 void map_printer_permissions(struct security_descriptor *sd)
2070 {
2071 int i;
2072
2073 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
2074 se_map_generic(&sd->dacl->aces[i].access_mask,
2075 &printer_generic_mapping);
2076 }
2077 }
2078
2079 void map_job_permissions(struct security_descriptor *sd)
2080 {
2081 int i;
2082
2083 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
2084 se_map_generic(&sd->dacl->aces[i].access_mask,
2085 &job_generic_mapping);
2086 }
2087 }
2088
2089
2090 /****************************************************************************
2091 Check a user has permissions to perform the given operation. We use the
2092 permission constants defined in include/rpc_spoolss.h to check the various
2093 actions we perform when checking printer access.
2094
2095 PRINTER_ACCESS_ADMINISTER:
2096 print_queue_pause, print_queue_resume, update_printer_sec,
2097 update_printer, spoolss_addprinterex_level_2,
2098 _spoolss_setprinterdata
2099
2100 PRINTER_ACCESS_USE:
2101 print_job_start
2102
2103 JOB_ACCESS_ADMINISTER:
2104 print_job_delete, print_job_pause, print_job_resume,
2105 print_queue_purge
2106
2107 Try access control in the following order (for performance reasons):
2108 1) root and SE_PRINT_OPERATOR can do anything (easy check)
2109 2) check security descriptor (bit comparisons in memory)
2110 3) "printer admins" (may result in numerous calls to winbind)
2111
2112 ****************************************************************************/
2113 bool print_access_check(const struct auth_serversupplied_info *session_info,
2114 struct messaging_context *msg_ctx, int snum,
2115 int access_type)
2116 {
2117 struct spoolss_security_descriptor *secdesc = NULL;
2118 uint32 access_granted;
2119 size_t sd_size;
2120 NTSTATUS status;
2121 WERROR result;
2122 const char *pname;
2123 TALLOC_CTX *mem_ctx = NULL;
2124
2125 /* If user is NULL then use the current_user structure */
2126
2127 /* Always allow root or SE_PRINT_OPERATROR to do anything */
2128
2129 if (session_info->utok.uid == sec_initial_uid()
2130 || security_token_has_privilege(session_info->security_token, SEC_PRIV_PRINT_OPERATOR)) {
2131 return True;
2132 }
2133
2134 /* Get printer name */
2135
2136 pname = lp_printername(snum);
2137
2138 if (!pname || !*pname) {
2139 errno = EACCES;
2140 return False;
2141 }
2142
2143 /* Get printer security descriptor */
2144
2145 if(!(mem_ctx = talloc_init("print_access_check"))) {
2146 errno = ENOMEM;
2147 return False;
2148 }
2149
2150 result = winreg_get_printer_secdesc(mem_ctx,
2151 get_session_info_system(),
2152 msg_ctx,
2153 pname,
2154 &secdesc);
2155 if (!W_ERROR_IS_OK(result)) {
2156 talloc_destroy(mem_ctx);
2157 errno = ENOMEM;
2158 return False;
2159 }
2160
2161 if (access_type == JOB_ACCESS_ADMINISTER) {
2162 struct spoolss_security_descriptor *parent_secdesc = secdesc;
2163
2164 /* Create a child security descriptor to check permissions
2165 against. This is because print jobs are child objects
2166 objects of a printer. */
2167 status = se_create_child_secdesc(mem_ctx,
2168 &secdesc,
2169 &sd_size,
2170 parent_secdesc,
2171 parent_secdesc->owner_sid,
2172 parent_secdesc->group_sid,
2173 false);
2174 if (!NT_STATUS_IS_OK(status)) {
2175 talloc_destroy(mem_ctx);
2176 errno = map_errno_from_nt_status(status);
2177 return False;
2178 }
2179
2180 map_job_permissions(secdesc);
2181 } else {
2182 map_printer_permissions(secdesc);
2183 }
2184
2185 /* Check access */
2186 status = se_access_check(secdesc, session_info->security_token, access_type,
2187 &access_granted);
2188
2189 DEBUG(4, ("access check was %s\n", NT_STATUS_IS_OK(status) ? "SUCCESS" : "FAILURE"));
2190
2191 /* see if we need to try the printer admin list */
2192
2193 if (!NT_STATUS_IS_OK(status) &&
2194 (token_contains_name_in_list(uidtoname(session_info->utok.uid),
2195 session_info->info3->base.domain.string,
2196 NULL, session_info->security_token,
2197 lp_printer_admin(snum)))) {
2198 talloc_destroy(mem_ctx);
2199 return True;
2200 }
2201
2202 talloc_destroy(mem_ctx);
2203
2204 if (!NT_STATUS_IS_OK(status)) {
2205 errno = EACCES;
2206 }
2207
2208 return NT_STATUS_IS_OK(status);
2209 }
2210
2211 /****************************************************************************
2212 Check the time parameters allow a print operation.
2213 *****************************************************************************/
2214
2215 bool print_time_access_check(const struct auth_serversupplied_info *session_info,
2216 struct messaging_context *msg_ctx,
2217 const char *servicename)
2218 {
2219 struct spoolss_PrinterInfo2 *pinfo2 = NULL;
2220 WERROR result;
2221 bool ok = False;
2222 time_t now = time(NULL);
2223 struct tm *t;
2224 uint32 mins;
2225
2226 result = winreg_get_printer(NULL, session_info, msg_ctx,
2227 servicename, &pinfo2);
2228 if (!W_ERROR_IS_OK(result)) {
2229 return False;
2230 }
2231
2232 if (pinfo2->starttime == 0 && pinfo2->untiltime == 0) {
2233 ok = True;
2234 }
2235
2236 t = gmtime(&now);
2237 mins = (uint32)t->tm_hour*60 + (uint32)t->tm_min;
2238
2239 if (mins >= pinfo2->starttime && mins <= pinfo2->untiltime) {
2240 ok = True;
2241 }
2242
2243 TALLOC_FREE(pinfo2);
2244
2245 if (!ok) {
2246 errno = EACCES;
2247 }
2248
2249 return ok;
2250 }
2251
2252 void nt_printer_remove(TALLOC_CTX *mem_ctx,
2253 const struct auth_serversupplied_info *session_info,
2254 struct messaging_context *msg_ctx,
2255 const char *printer)
2256 {
2257 WERROR result;
2258
2259 result = winreg_delete_printer_key(mem_ctx, session_info, msg_ctx,
2260 printer, "");
2261 if (!W_ERROR_IS_OK(result)) {
2262 DEBUG(0, ("nt_printer_remove: failed to remove rpinter %s",
2263 printer));
2264 }
2265 }
Samba GIT mirror