search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s4-dsdb/objectclass: remove duplicated declaration for objectclass_do_add
[Samba.git] / source3 / printing / nt_printing.c
blob137df165fd31ac2c93887c53183c09f24fe60b2e
1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (C) Andrew Tridgell 1992-2000,
5 * Copyright (C) Jean François Micouleau 1998-2000.
6 * Copyright (C) Gerald Carter 2002-2005.
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, see <http://www.gnu.org/licenses/>.
20 */
21
22 #include "includes.h"
23 #include "printing/nt_printing_tdb.h"
24 #include "../librpc/gen_ndr/ndr_spoolss.h"
25 #include "rpc_server/spoolss/srv_spoolss_util.h"
26 #include "nt_printing.h"
27 #include "secrets.h"
28 #include "../librpc/gen_ndr/netlogon.h"
29 #include "../libcli/security/security.h"
30 #include "passdb/machine_sid.h"
31 #include "smbd/smbd.h"
32 #include "smbd/globals.h"
33 #include "auth.h"
34 #include "messages.h"
35 #include "rpc_server/spoolss/srv_spoolss_nt.h"
36 #include "rpc_client/cli_winreg_spoolss.h"
37
38 /* Map generic permissions to printer object specific permissions */
39
40 const struct generic_mapping printer_generic_mapping = {
41 PRINTER_READ,
42 PRINTER_WRITE,
43 PRINTER_EXECUTE,
44 PRINTER_ALL_ACCESS
45 };
46
47 /* Map generic permissions to print server object specific permissions */
48
49 const struct generic_mapping printserver_generic_mapping = {
50 SERVER_READ,
51 SERVER_WRITE,
52 SERVER_EXECUTE,
53 SERVER_ALL_ACCESS
54 };
55
56 /* Map generic permissions to job object specific permissions */
57
58 const struct generic_mapping job_generic_mapping = {
59 JOB_READ,
60 JOB_WRITE,
61 JOB_EXECUTE,
62 JOB_ALL_ACCESS
63 };
64
65 static const struct print_architecture_table_node archi_table[]= {
66
67 {"Windows 4.0", SPL_ARCH_WIN40, 0 },
68 {"Windows NT x86", SPL_ARCH_W32X86, 2 },
69 {"Windows NT R4000", SPL_ARCH_W32MIPS, 2 },
70 {"Windows NT Alpha_AXP", SPL_ARCH_W32ALPHA, 2 },
71 {"Windows NT PowerPC", SPL_ARCH_W32PPC, 2 },
72 {"Windows IA64", SPL_ARCH_IA64, 3 },
73 {"Windows x64", SPL_ARCH_X64, 3 },
74 {NULL, "", -1 }
75 };
76
77 static bool print_driver_directories_init(void)
78 {
79 int service, i;
80 char *driver_path;
81 bool ok;
82 TALLOC_CTX *mem_ctx = talloc_stackframe();
83
84 service = lp_servicenumber("print$");
85 if (service < 0) {
86 /* We don't have a print$ share */
87 DEBUG(5, ("No print$ share has been configured.\n"));
88 talloc_free(mem_ctx);
89 return true;
90 }
91
92 driver_path = lp_path(mem_ctx, service);
93 if (driver_path == NULL) {
94 talloc_free(mem_ctx);
95 return false;
96 }
97
98 ok = directory_create_or_exist(driver_path, 0755);
99 if (!ok) {
100 DEBUG(1, ("Failed to create printer driver directory %s\n",
101 driver_path));
102 talloc_free(mem_ctx);
103 return false;
104 }
105
106 for (i = 0; archi_table[i].long_archi != NULL; i++) {
107 const char *arch_path;
108
109 arch_path = talloc_asprintf(mem_ctx,
110 "%s/%s",
111 driver_path,
112 archi_table[i].short_archi);
113 if (arch_path == NULL) {
114 talloc_free(mem_ctx);
115 return false;
116 }
117
118 ok = directory_create_or_exist(arch_path, 0755);
119 if (!ok) {
120 DEBUG(1, ("Failed to create printer driver "
121 "architecture directory %s\n",
122 arch_path));
123 talloc_free(mem_ctx);
124 return false;
125 }
126 }
127
128 talloc_free(mem_ctx);
129 return true;
130 }
131
132 /****************************************************************************
133 Forward a MSG_PRINTER_DRVUPGRADE message from another smbd to the
134 background lpq updater.
135 ****************************************************************************/
136
137 static void forward_drv_upgrade_printer_msg(struct messaging_context *msg,
138 void *private_data,
139 uint32_t msg_type,
140 struct server_id server_id,
141 DATA_BLOB *data)
142 {
143 extern pid_t background_lpq_updater_pid;
144
145 if (background_lpq_updater_pid == -1) {
146 DEBUG(3,("no background lpq queue updater\n"));
147 return;
148 }
149
150 messaging_send_buf(msg,
151 pid_to_procid(background_lpq_updater_pid),
152 MSG_PRINTER_DRVUPGRADE,
153 data->data,
154 data->length);
155 }
156
157 /****************************************************************************
158 Open the NT printing tdbs. Done once before fork().
159 ****************************************************************************/
160
161 bool nt_printing_init(struct messaging_context *msg_ctx)
162 {
163 WERROR win_rc;
164
165 if (!print_driver_directories_init()) {
166 return false;
167 }
168
169 if (!nt_printing_tdb_upgrade()) {
170 return false;
171 }
172
173 /*
174 * register callback to handle updating printers as new
175 * drivers are installed. Forwards to background lpq updater.
176 */
177 messaging_register(msg_ctx, NULL, MSG_PRINTER_DRVUPGRADE,
178 forward_drv_upgrade_printer_msg);
179
180 /* of course, none of the message callbacks matter if you don't
181 tell messages.c that you interested in receiving PRINT_GENERAL
182 msgs. This is done in serverid_register() */
183
184 if ( lp_security() == SEC_ADS ) {
185 win_rc = check_published_printers(msg_ctx);
186 if (!W_ERROR_IS_OK(win_rc))
187 DEBUG(0, ("nt_printing_init: error checking published printers: %s\n", win_errstr(win_rc)));
188 }
189
190 return true;
191 }
192
193 /*******************************************************************
194 Function to allow filename parsing "the old way".
195 ********************************************************************/
196
197 static NTSTATUS driver_unix_convert(connection_struct *conn,
198 const char *old_name,
199 struct smb_filename **smb_fname)
200 {
201 NTSTATUS status;
202 TALLOC_CTX *ctx = talloc_tos();
203 char *name = talloc_strdup(ctx, old_name);
204
205 if (!name) {
206 return NT_STATUS_NO_MEMORY;
207 }
208 unix_format(name);
209 name = unix_clean_name(ctx, name);
210 if (!name) {
211 return NT_STATUS_NO_MEMORY;
212 }
213 trim_string(name,"/","/");
214
215 status = unix_convert(ctx, conn, name, smb_fname, 0);
216 if (!NT_STATUS_IS_OK(status)) {
217 return NT_STATUS_NO_MEMORY;
218 }
219
220 return NT_STATUS_OK;
221 }
222
223 /****************************************************************************
224 Function to do the mapping between the long architecture name and
225 the short one.
226 ****************************************************************************/
227
228 const char *get_short_archi(const char *long_archi)
229 {
230 int i=-1;
231
232 DEBUG(107,("Getting architecture dependent directory\n"));
233 do {
234 i++;
235 } while ( (archi_table[i].long_archi!=NULL ) &&
236 strcasecmp_m(long_archi, archi_table[i].long_archi) );
237
238 if (archi_table[i].long_archi==NULL) {
239 DEBUGADD(10,("Unknown architecture [%s] !\n", long_archi));
240 return NULL;
241 }
242
243 /* this might be client code - but shouldn't this be an fstrcpy etc? */
244
245 DEBUGADD(108,("index: [%d]\n", i));
246 DEBUGADD(108,("long architecture: [%s]\n", archi_table[i].long_archi));
247 DEBUGADD(108,("short architecture: [%s]\n", archi_table[i].short_archi));
248
249 return archi_table[i].short_archi;
250 }
251
252 /****************************************************************************
253 Version information in Microsoft files is held in a VS_VERSION_INFO structure.
254 There are two case to be covered here: PE (Portable Executable) and NE (New
255 Executable) files. Both files support the same INFO structure, but PE files
256 store the signature in unicode, and NE files store it as !unicode.
257 returns -1 on error, 1 on version info found, and 0 on no version info found.
258 ****************************************************************************/
259
260 static int get_file_version(files_struct *fsp, char *fname,uint32 *major, uint32 *minor)
261 {
262 int i;
263 char *buf = NULL;
264 ssize_t byte_count;
265
266 if ((buf=(char *)SMB_MALLOC(DOS_HEADER_SIZE)) == NULL) {
267 DEBUG(0,("get_file_version: PE file [%s] DOS Header malloc failed bytes = %d\n",
268 fname, DOS_HEADER_SIZE));
269 goto error_exit;
270 }
271
272 if ((byte_count = vfs_read_data(fsp, buf, DOS_HEADER_SIZE)) < DOS_HEADER_SIZE) {
273 DEBUG(3,("get_file_version: File [%s] DOS header too short, bytes read = %lu\n",
274 fname, (unsigned long)byte_count));
275 goto no_version_info;
276 }
277
278 /* Is this really a DOS header? */
279 if (SVAL(buf,DOS_HEADER_MAGIC_OFFSET) != DOS_HEADER_MAGIC) {
280 DEBUG(6,("get_file_version: File [%s] bad DOS magic = 0x%x\n",
281 fname, SVAL(buf,DOS_HEADER_MAGIC_OFFSET)));
282 goto no_version_info;
283 }
284
285 /* Skip OEM header (if any) and the DOS stub to start of Windows header */
286 if (SMB_VFS_LSEEK(fsp, SVAL(buf,DOS_HEADER_LFANEW_OFFSET), SEEK_SET) == (off_t)-1) {
287 DEBUG(3,("get_file_version: File [%s] too short, errno = %d\n",
288 fname, errno));
289 /* Assume this isn't an error... the file just looks sort of like a PE/NE file */
290 goto no_version_info;
291 }
292
293 /* Note: DOS_HEADER_SIZE and NE_HEADER_SIZE are incidentally same */
294 if ((byte_count = vfs_read_data(fsp, buf, NE_HEADER_SIZE)) < NE_HEADER_SIZE) {
295 DEBUG(3,("get_file_version: File [%s] Windows header too short, bytes read = %lu\n",
296 fname, (unsigned long)byte_count));
297 /* Assume this isn't an error... the file just looks sort of like a PE/NE file */
298 goto no_version_info;
299 }
300
301 /* The header may be a PE (Portable Executable) or an NE (New Executable) */
302 if (IVAL(buf,PE_HEADER_SIGNATURE_OFFSET) == PE_HEADER_SIGNATURE) {
303 unsigned int num_sections;
304 unsigned int section_table_bytes;
305
306 /* Just skip over optional header to get to section table */
307 if (SMB_VFS_LSEEK(fsp,
308 SVAL(buf,PE_HEADER_OPTIONAL_HEADER_SIZE)-(NE_HEADER_SIZE-PE_HEADER_SIZE),
309 SEEK_CUR) == (off_t)-1) {
310 DEBUG(3,("get_file_version: File [%s] Windows optional header too short, errno = %d\n",
311 fname, errno));
312 goto error_exit;
313 }
314
315 /* get the section table */
316 num_sections = SVAL(buf,PE_HEADER_NUMBER_OF_SECTIONS);
317 section_table_bytes = num_sections * PE_HEADER_SECT_HEADER_SIZE;
318 if (section_table_bytes == 0)
319 goto error_exit;
320
321 SAFE_FREE(buf);
322 if ((buf=(char *)SMB_MALLOC(section_table_bytes)) == NULL) {
323 DEBUG(0,("get_file_version: PE file [%s] section table malloc failed bytes = %d\n",
324 fname, section_table_bytes));
325 goto error_exit;
326 }
327
328 if ((byte_count = vfs_read_data(fsp, buf, section_table_bytes)) < section_table_bytes) {
329 DEBUG(3,("get_file_version: PE file [%s] Section header too short, bytes read = %lu\n",
330 fname, (unsigned long)byte_count));
331 goto error_exit;
332 }
333
334 /* Iterate the section table looking for the resource section ".rsrc" */
335 for (i = 0; i < num_sections; i++) {
336 int sec_offset = i * PE_HEADER_SECT_HEADER_SIZE;
337
338 if (strcmp(".rsrc", &buf[sec_offset+PE_HEADER_SECT_NAME_OFFSET]) == 0) {
339 unsigned int section_pos = IVAL(buf,sec_offset+PE_HEADER_SECT_PTR_DATA_OFFSET);
340 unsigned int section_bytes = IVAL(buf,sec_offset+PE_HEADER_SECT_SIZE_DATA_OFFSET);
341
342 if (section_bytes == 0)
343 goto error_exit;
344
345 SAFE_FREE(buf);
346 if ((buf=(char *)SMB_MALLOC(section_bytes)) == NULL) {
347 DEBUG(0,("get_file_version: PE file [%s] version malloc failed bytes = %d\n",
348 fname, section_bytes));
349 goto error_exit;
350 }
351
352 /* Seek to the start of the .rsrc section info */
353 if (SMB_VFS_LSEEK(fsp, section_pos, SEEK_SET) == (off_t)-1) {
354 DEBUG(3,("get_file_version: PE file [%s] too short for section info, errno = %d\n",
355 fname, errno));
356 goto error_exit;
357 }
358
359 if ((byte_count = vfs_read_data(fsp, buf, section_bytes)) < section_bytes) {
360 DEBUG(3,("get_file_version: PE file [%s] .rsrc section too short, bytes read = %lu\n",
361 fname, (unsigned long)byte_count));
362 goto error_exit;
363 }
364
365 if (section_bytes < VS_VERSION_INFO_UNICODE_SIZE)
366 goto error_exit;
367
368 for (i=0; i<section_bytes-VS_VERSION_INFO_UNICODE_SIZE; i++) {
369 /* Scan for 1st 3 unicoded bytes followed by word aligned magic value */
370 if (buf[i] == 'V' && buf[i+1] == '\0' && buf[i+2] == 'S') {
371 /* Align to next long address */
372 int pos = (i + sizeof(VS_SIGNATURE)*2 + 3) & 0xfffffffc;
373
374 if (IVAL(buf,pos) == VS_MAGIC_VALUE) {
375 *major = IVAL(buf,pos+VS_MAJOR_OFFSET);
376 *minor = IVAL(buf,pos+VS_MINOR_OFFSET);
377
378 DEBUG(6,("get_file_version: PE file [%s] Version = %08x:%08x (%d.%d.%d.%d)\n",
379 fname, *major, *minor,
380 (*major>>16)&0xffff, *major&0xffff,
381 (*minor>>16)&0xffff, *minor&0xffff));
382 SAFE_FREE(buf);
383 return 1;
384 }
385 }
386 }
387 }
388 }
389
390 /* Version info not found, fall back to origin date/time */
391 DEBUG(10,("get_file_version: PE file [%s] has no version info\n", fname));
392 SAFE_FREE(buf);
393 return 0;
394
395 } else if (SVAL(buf,NE_HEADER_SIGNATURE_OFFSET) == NE_HEADER_SIGNATURE) {
396 if (CVAL(buf,NE_HEADER_TARGET_OS_OFFSET) != NE_HEADER_TARGOS_WIN ) {
397 DEBUG(3,("get_file_version: NE file [%s] wrong target OS = 0x%x\n",
398 fname, CVAL(buf,NE_HEADER_TARGET_OS_OFFSET)));
399 /* At this point, we assume the file is in error. It still could be somthing
400 * else besides a NE file, but it unlikely at this point. */
401 goto error_exit;
402 }
403
404 /* Allocate a bit more space to speed up things */
405 SAFE_FREE(buf);
406 if ((buf=(char *)SMB_MALLOC(VS_NE_BUF_SIZE)) == NULL) {
407 DEBUG(0,("get_file_version: NE file [%s] malloc failed bytes = %d\n",
408 fname, PE_HEADER_SIZE));
409 goto error_exit;
410 }
411
412 /* This is a HACK! I got tired of trying to sort through the messy
413 * 'NE' file format. If anyone wants to clean this up please have at
414 * it, but this works. 'NE' files will eventually fade away. JRR */
415 while((byte_count = vfs_read_data(fsp, buf, VS_NE_BUF_SIZE)) > 0) {
416 /* Cover case that should not occur in a well formed 'NE' .dll file */
417 if (byte_count-VS_VERSION_INFO_SIZE <= 0) break;
418
419 for(i=0; i<byte_count; i++) {
420 /* Fast skip past data that can't possibly match */
421 if (buf[i] != 'V') continue;
422
423 /* Potential match data crosses buf boundry, move it to beginning
424 * of buf, and fill the buf with as much as it will hold. */
425 if (i>byte_count-VS_VERSION_INFO_SIZE) {
426 int bc;
427
428 memcpy(buf, &buf[i], byte_count-i);
429 if ((bc = vfs_read_data(fsp, &buf[byte_count-i], VS_NE_BUF_SIZE-
430 (byte_count-i))) < 0) {
431
432 DEBUG(0,("get_file_version: NE file [%s] Read error, errno=%d\n",
433 fname, errno));
434 goto error_exit;
435 }
436
437 byte_count = bc + (byte_count - i);
438 if (byte_count<VS_VERSION_INFO_SIZE) break;
439
440 i = 0;
441 }
442
443 /* Check that the full signature string and the magic number that
444 * follows exist (not a perfect solution, but the chances that this
445 * occurs in code is, well, remote. Yes I know I'm comparing the 'V'
446 * twice, as it is simpler to read the code. */
447 if (strcmp(&buf[i], VS_SIGNATURE) == 0) {
448 /* Compute skip alignment to next long address */
449 int skip = -(SMB_VFS_LSEEK(fsp, 0, SEEK_CUR) - (byte_count - i) +
450 sizeof(VS_SIGNATURE)) & 3;
451 if (IVAL(buf,i+sizeof(VS_SIGNATURE)+skip) != 0xfeef04bd) continue;
452
453 *major = IVAL(buf,i+sizeof(VS_SIGNATURE)+skip+VS_MAJOR_OFFSET);
454 *minor = IVAL(buf,i+sizeof(VS_SIGNATURE)+skip+VS_MINOR_OFFSET);
455 DEBUG(6,("get_file_version: NE file [%s] Version = %08x:%08x (%d.%d.%d.%d)\n",
456 fname, *major, *minor,
457 (*major>>16)&0xffff, *major&0xffff,
458 (*minor>>16)&0xffff, *minor&0xffff));
459 SAFE_FREE(buf);
460 return 1;
461 }
462 }
463 }
464
465 /* Version info not found, fall back to origin date/time */
466 DEBUG(0,("get_file_version: NE file [%s] Version info not found\n", fname));
467 SAFE_FREE(buf);
468 return 0;
469
470 } else
471 /* Assume this isn't an error... the file just looks sort of like a PE/NE file */
472 DEBUG(3,("get_file_version: File [%s] unknown file format, signature = 0x%x\n",
473 fname, IVAL(buf,PE_HEADER_SIGNATURE_OFFSET)));
474
475 no_version_info:
476 SAFE_FREE(buf);
477 return 0;
478
479 error_exit:
480 SAFE_FREE(buf);
481 return -1;
482 }
483
484 /****************************************************************************
485 Drivers for Microsoft systems contain multiple files. Often, multiple drivers
486 share one or more files. During the MS installation process files are checked
487 to insure that only a newer version of a shared file is installed over an
488 older version. There are several possibilities for this comparison. If there
489 is no previous version, the new one is newer (obviously). If either file is
490 missing the version info structure, compare the creation date (on Unix use
491 the modification date). Otherwise chose the numerically larger version number.
492 ****************************************************************************/
493
494 static int file_version_is_newer(connection_struct *conn, fstring new_file, fstring old_file)
495 {
496 bool use_version = true;
497
498 uint32 new_major;
499 uint32 new_minor;
500 time_t new_create_time;
501
502 uint32 old_major;
503 uint32 old_minor;
504 time_t old_create_time;
505
506 struct smb_filename *smb_fname = NULL;
507 files_struct *fsp = NULL;
508 SMB_STRUCT_STAT st;
509
510 NTSTATUS status;
511 int ret;
512
513 SET_STAT_INVALID(st);
514 new_create_time = (time_t)0;
515 old_create_time = (time_t)0;
516
517 /* Get file version info (if available) for previous file (if it exists) */
518 status = driver_unix_convert(conn, old_file, &smb_fname);
519 if (!NT_STATUS_IS_OK(status)) {
520 goto error_exit;
521 }
522
523 status = SMB_VFS_CREATE_FILE(
524 conn, /* conn */
525 NULL, /* req */
526 0, /* root_dir_fid */
527 smb_fname, /* fname */
528 FILE_GENERIC_READ, /* access_mask */
529 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
530 FILE_OPEN, /* create_disposition*/
531 0, /* create_options */
532 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
533 INTERNAL_OPEN_ONLY, /* oplock_request */
534 NULL, /* lease */
535 0, /* allocation_size */
536 0, /* private_flags */
537 NULL, /* sd */
538 NULL, /* ea_list */
539 &fsp, /* result */
540 NULL, /* pinfo */
541 NULL, NULL); /* create context */
542
543 if (!NT_STATUS_IS_OK(status)) {
544 /* Old file not found, so by definition new file is in fact newer */
545 DEBUG(10,("file_version_is_newer: Can't open old file [%s], "
546 "errno = %d\n", smb_fname_str_dbg(smb_fname),
547 errno));
548 ret = 1;
549 goto done;
550
551 } else {
552 ret = get_file_version(fsp, old_file, &old_major, &old_minor);
553 if (ret == -1) {
554 goto error_exit;
555 }
556
557 if (!ret) {
558 DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n",
559 old_file));
560 use_version = false;
561 if (SMB_VFS_FSTAT(fsp, &st) == -1) {
562 goto error_exit;
563 }
564 old_create_time = convert_timespec_to_time_t(st.st_ex_mtime);
565 DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n",
566 (long)old_create_time));
567 }
568 }
569 close_file(NULL, fsp, NORMAL_CLOSE);
570 fsp = NULL;
571
572 /* Get file version info (if available) for new file */
573 status = driver_unix_convert(conn, new_file, &smb_fname);
574 if (!NT_STATUS_IS_OK(status)) {
575 goto error_exit;
576 }
577
578 status = SMB_VFS_CREATE_FILE(
579 conn, /* conn */
580 NULL, /* req */
581 0, /* root_dir_fid */
582 smb_fname, /* fname */
583 FILE_GENERIC_READ, /* access_mask */
584 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
585 FILE_OPEN, /* create_disposition*/
586 0, /* create_options */
587 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
588 INTERNAL_OPEN_ONLY, /* oplock_request */
589 NULL, /* lease */
590 0, /* allocation_size */
591 0, /* private_flags */
592 NULL, /* sd */
593 NULL, /* ea_list */
594 &fsp, /* result */
595 NULL, /* pinfo */
596 NULL, NULL); /* create context */
597
598 if (!NT_STATUS_IS_OK(status)) {
599 /* New file not found, this shouldn't occur if the caller did its job */
600 DEBUG(3,("file_version_is_newer: Can't open new file [%s], "
601 "errno = %d\n", smb_fname_str_dbg(smb_fname), errno));
602 goto error_exit;
603
604 } else {
605 ret = get_file_version(fsp, new_file, &new_major, &new_minor);
606 if (ret == -1) {
607 goto error_exit;
608 }
609
610 if (!ret) {
611 DEBUG(6,("file_version_is_newer: Version info not found [%s], use mod time\n",
612 new_file));
613 use_version = false;
614 if (SMB_VFS_FSTAT(fsp, &st) == -1) {
615 goto error_exit;
616 }
617 new_create_time = convert_timespec_to_time_t(st.st_ex_mtime);
618 DEBUGADD(6,("file_version_is_newer: mod time = %ld sec\n",
619 (long)new_create_time));
620 }
621 }
622 close_file(NULL, fsp, NORMAL_CLOSE);
623 fsp = NULL;
624
625 if (use_version && (new_major != old_major || new_minor != old_minor)) {
626 /* Compare versions and choose the larger version number */
627 if (new_major > old_major ||
628 (new_major == old_major && new_minor > old_minor)) {
629
630 DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file));
631 ret = 1;
632 goto done;
633 }
634 else {
635 DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file));
636 ret = 0;
637 goto done;
638 }
639
640 } else {
641 /* Compare modification time/dates and choose the newest time/date */
642 if (new_create_time > old_create_time) {
643 DEBUG(6,("file_version_is_newer: Replacing [%s] with [%s]\n", old_file, new_file));
644 ret = 1;
645 goto done;
646 }
647 else {
648 DEBUG(6,("file_version_is_newer: Leaving [%s] unchanged\n", old_file));
649 ret = 0;
650 goto done;
651 }
652 }
653
654 error_exit:
655 if(fsp)
656 close_file(NULL, fsp, NORMAL_CLOSE);
657 ret = -1;
658 done:
659 TALLOC_FREE(smb_fname);
660 return ret;
661 }
662
663 /****************************************************************************
664 Determine the correct cVersion associated with an architecture and driver
665 ****************************************************************************/
666 static uint32 get_correct_cversion(struct auth_session_info *session_info,
667 const char *architecture,
668 const char *driverpath_in,
669 WERROR *perr)
670 {
671 int cversion = -1;
672 NTSTATUS nt_status;
673 struct smb_filename *smb_fname = NULL;
674 char *driverpath = NULL;
675 files_struct *fsp = NULL;
676 connection_struct *conn = NULL;
677 char *oldcwd;
678 char *printdollar = NULL;
679 int printdollar_snum;
680
681 *perr = WERR_INVALID_PARAM;
682
683 /* If architecture is Windows 95/98/ME, the version is always 0. */
684 if (strcmp(architecture, SPL_ARCH_WIN40) == 0) {
685 DEBUG(10,("get_correct_cversion: Driver is Win9x, cversion = 0\n"));
686 *perr = WERR_OK;
687 return 0;
688 }
689
690 /* If architecture is Windows x64, the version is always 3. */
691 if (strcmp(architecture, SPL_ARCH_X64) == 0) {
692 DEBUG(10,("get_correct_cversion: Driver is x64, cversion = 3\n"));
693 *perr = WERR_OK;
694 return 3;
695 }
696
697 printdollar_snum = find_service(talloc_tos(), "print$", &printdollar);
698 if (!printdollar) {
699 *perr = WERR_NOMEM;
700 return -1;
701 }
702 if (printdollar_snum == -1) {
703 *perr = WERR_NO_SUCH_SHARE;
704 return -1;
705 }
706
707 nt_status = create_conn_struct_cwd(talloc_tos(),
708 server_event_context(),
709 server_messaging_context(),
710 &conn,
711 printdollar_snum,
712 lp_path(talloc_tos(), printdollar_snum),
713 session_info, &oldcwd);
714 if (!NT_STATUS_IS_OK(nt_status)) {
715 DEBUG(0,("get_correct_cversion: create_conn_struct "
716 "returned %s\n", nt_errstr(nt_status)));
717 *perr = ntstatus_to_werror(nt_status);
718 return -1;
719 }
720
721 nt_status = set_conn_force_user_group(conn, printdollar_snum);
722 if (!NT_STATUS_IS_OK(nt_status)) {
723 DEBUG(0, ("failed set force user / group\n"));
724 *perr = ntstatus_to_werror(nt_status);
725 goto error_free_conn;
726 }
727
728 if (!become_user_by_session(conn, session_info)) {
729 DEBUG(0, ("failed to become user\n"));
730 *perr = WERR_ACCESS_DENIED;
731 goto error_free_conn;
732 }
733
734 /* Open the driver file (Portable Executable format) and determine the
735 * deriver the cversion. */
736 driverpath = talloc_asprintf(talloc_tos(),
737 "%s/%s",
738 architecture,
739 driverpath_in);
740 if (!driverpath) {
741 *perr = WERR_NOMEM;
742 goto error_exit;
743 }
744
745 nt_status = driver_unix_convert(conn, driverpath, &smb_fname);
746 if (!NT_STATUS_IS_OK(nt_status)) {
747 *perr = ntstatus_to_werror(nt_status);
748 goto error_exit;
749 }
750
751 nt_status = vfs_file_exist(conn, smb_fname);
752 if (!NT_STATUS_IS_OK(nt_status)) {
753 DEBUG(3,("get_correct_cversion: vfs_file_exist failed\n"));
754 *perr = WERR_BADFILE;
755 goto error_exit;
756 }
757
758 nt_status = SMB_VFS_CREATE_FILE(
759 conn, /* conn */
760 NULL, /* req */
761 0, /* root_dir_fid */
762 smb_fname, /* fname */
763 FILE_GENERIC_READ, /* access_mask */
764 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
765 FILE_OPEN, /* create_disposition*/
766 0, /* create_options */
767 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
768 INTERNAL_OPEN_ONLY, /* oplock_request */
769 NULL, /* lease */
770 0, /* private_flags */
771 0, /* allocation_size */
772 NULL, /* sd */
773 NULL, /* ea_list */
774 &fsp, /* result */
775 NULL, /* pinfo */
776 NULL, NULL); /* create context */
777
778 if (!NT_STATUS_IS_OK(nt_status)) {
779 DEBUG(3,("get_correct_cversion: Can't open file [%s], errno = "
780 "%d\n", smb_fname_str_dbg(smb_fname), errno));
781 *perr = WERR_ACCESS_DENIED;
782 goto error_exit;
783 } else {
784 uint32 major;
785 uint32 minor;
786 int ret;
787
788 ret = get_file_version(fsp, smb_fname->base_name, &major, &minor);
789 if (ret == -1) {
790 *perr = WERR_INVALID_PARAM;
791 goto error_exit;
792 } else if (!ret) {
793 DEBUG(6,("get_correct_cversion: Version info not "
794 "found [%s]\n",
795 smb_fname_str_dbg(smb_fname)));
796 *perr = WERR_INVALID_PARAM;
797 goto error_exit;
798 }
799
800 /*
801 * This is a Microsoft'ism. See references in MSDN to VER_FILEVERSION
802 * for more details. Version in this case is not just the version of the
803 * file, but the version in the sense of kernal mode (2) vs. user mode
804 * (3) drivers. Other bits of the version fields are the version info.
805 * JRR 010716
806 */
807 cversion = major & 0x0000ffff;
808 switch (cversion) {
809 case 2: /* WinNT drivers */
810 case 3: /* Win2K drivers */
811 break;
812
813 default:
814 DEBUG(6,("get_correct_cversion: cversion "
815 "invalid [%s] cversion = %d\n",
816 smb_fname_str_dbg(smb_fname),
817 cversion));
818 goto error_exit;
819 }
820
821 DEBUG(10,("get_correct_cversion: Version info found [%s] major"
822 " = 0x%x minor = 0x%x\n",
823 smb_fname_str_dbg(smb_fname), major, minor));
824 }
825
826 DEBUG(10,("get_correct_cversion: Driver file [%s] cversion = %d\n",
827 smb_fname_str_dbg(smb_fname), cversion));
828 *perr = WERR_OK;
829
830 error_exit:
831 unbecome_user();
832 error_free_conn:
833 TALLOC_FREE(smb_fname);
834 if (fsp != NULL) {
835 close_file(NULL, fsp, NORMAL_CLOSE);
836 }
837 if (conn != NULL) {
838 vfs_ChDir(conn, oldcwd);
839 SMB_VFS_DISCONNECT(conn);
840 conn_free(conn);
841 }
842 if (!W_ERROR_IS_OK(*perr)) {
843 cversion = -1;
844 }
845
846 return cversion;
847 }
848
849 /****************************************************************************
850 ****************************************************************************/
851
852 #define strip_driver_path(_mem_ctx, _element) do { \
853 if (_element && ((_p = strrchr((_element), '\\')) != NULL)) { \
854 (_element) = talloc_asprintf((_mem_ctx), "%s", _p+1); \
855 W_ERROR_HAVE_NO_MEMORY((_element)); \
856 } \
857 } while (0);
858
859 static WERROR clean_up_driver_struct_level(TALLOC_CTX *mem_ctx,
860 struct auth_session_info *session_info,
861 const char *architecture,
862 const char **driver_path,
863 const char **data_file,
864 const char **config_file,
865 const char **help_file,
866 struct spoolss_StringArray *dependent_files,
867 enum spoolss_DriverOSVersion *version)
868 {
869 const char *short_architecture;
870 int i;
871 WERROR err;
872 char *_p;
873
874 if (!*driver_path || !*data_file) {
875 return WERR_INVALID_PARAM;
876 }
877
878 if (!strequal(architecture, SPOOLSS_ARCHITECTURE_4_0) && !*config_file) {
879 return WERR_INVALID_PARAM;
880 }
881
882 /* clean up the driver name.
883 * we can get .\driver.dll
884 * or worse c:\windows\system\driver.dll !
885 */
886 /* using an intermediate string to not have overlaping memcpy()'s */
887
888 strip_driver_path(mem_ctx, *driver_path);
889 strip_driver_path(mem_ctx, *data_file);
890 if (*config_file) {
891 strip_driver_path(mem_ctx, *config_file);
892 }
893 if (help_file) {
894 strip_driver_path(mem_ctx, *help_file);
895 }
896
897 if (dependent_files && dependent_files->string) {
898 for (i=0; dependent_files->string[i]; i++) {
899 strip_driver_path(mem_ctx, dependent_files->string[i]);
900 }
901 }
902
903 short_architecture = get_short_archi(architecture);
904 if (!short_architecture) {
905 return WERR_UNKNOWN_PRINTER_DRIVER;
906 }
907
908 /* jfm:7/16/2000 the client always sends the cversion=0.
909 * The server should check which version the driver is by reading
910 * the PE header of driver->driverpath.
911 *
912 * For Windows 95/98 the version is 0 (so the value sent is correct)
913 * For Windows NT (the architecture doesn't matter)
914 * NT 3.1: cversion=0
915 * NT 3.5/3.51: cversion=1
916 * NT 4: cversion=2
917 * NT2K: cversion=3
918 */
919
920 *version = get_correct_cversion(session_info, short_architecture,
921 *driver_path, &err);
922 if (*version == -1) {
923 return err;
924 }
925
926 return WERR_OK;
927 }
928
929 /****************************************************************************
930 ****************************************************************************/
931
932 WERROR clean_up_driver_struct(TALLOC_CTX *mem_ctx,
933 struct auth_session_info *session_info,
934 struct spoolss_AddDriverInfoCtr *r)
935 {
936 switch (r->level) {
937 case 3:
938 return clean_up_driver_struct_level(mem_ctx, session_info,
939 r->info.info3->architecture,
940 &r->info.info3->driver_path,
941 &r->info.info3->data_file,
942 &r->info.info3->config_file,
943 &r->info.info3->help_file,
944 r->info.info3->dependent_files,
945 &r->info.info3->version);
946 case 6:
947 return clean_up_driver_struct_level(mem_ctx, session_info,
948 r->info.info6->architecture,
949 &r->info.info6->driver_path,
950 &r->info.info6->data_file,
951 &r->info.info6->config_file,
952 &r->info.info6->help_file,
953 r->info.info6->dependent_files,
954 &r->info.info6->version);
955 default:
956 return WERR_NOT_SUPPORTED;
957 }
958 }
959
960 /****************************************************************************
961 This function sucks and should be replaced. JRA.
962 ****************************************************************************/
963
964 static void convert_level_6_to_level3(struct spoolss_AddDriverInfo3 *dst,
965 const struct spoolss_AddDriverInfo6 *src)
966 {
967 dst->version = src->version;
968
969 dst->driver_name = src->driver_name;
970 dst->architecture = src->architecture;
971 dst->driver_path = src->driver_path;
972 dst->data_file = src->data_file;
973 dst->config_file = src->config_file;
974 dst->help_file = src->help_file;
975 dst->monitor_name = src->monitor_name;
976 dst->default_datatype = src->default_datatype;
977 dst->_ndr_size_dependent_files = src->_ndr_size_dependent_files;
978 dst->dependent_files = src->dependent_files;
979 }
980
981 /****************************************************************************
982 ****************************************************************************/
983
984 static WERROR move_driver_file_to_download_area(TALLOC_CTX *mem_ctx,
985 connection_struct *conn,
986 const char *driver_file,
987 const char *short_architecture,
988 uint32_t driver_version,
989 uint32_t version)
990 {
991 struct smb_filename *smb_fname_old = NULL;
992 struct smb_filename *smb_fname_new = NULL;
993 char *old_name = NULL;
994 char *new_name = NULL;
995 NTSTATUS status;
996 WERROR ret;
997
998 old_name = talloc_asprintf(mem_ctx, "%s/%s",
999 short_architecture, driver_file);
1000 W_ERROR_HAVE_NO_MEMORY(old_name);
1001
1002 new_name = talloc_asprintf(mem_ctx, "%s/%d/%s",
1003 short_architecture, driver_version, driver_file);
1004 if (new_name == NULL) {
1005 TALLOC_FREE(old_name);
1006 return WERR_NOMEM;
1007 }
1008
1009 if (version != -1 && (version = file_version_is_newer(conn, old_name, new_name)) > 0) {
1010
1011 status = driver_unix_convert(conn, old_name, &smb_fname_old);
1012 if (!NT_STATUS_IS_OK(status)) {
1013 ret = WERR_NOMEM;
1014 goto out;
1015 }
1016
1017 /* Setup a synthetic smb_filename struct */
1018 smb_fname_new = talloc_zero(mem_ctx, struct smb_filename);
1019 if (!smb_fname_new) {
1020 ret = WERR_NOMEM;
1021 goto out;
1022 }
1023
1024 smb_fname_new->base_name = new_name;
1025
1026 DEBUG(10,("move_driver_file_to_download_area: copying '%s' to "
1027 "'%s'\n", smb_fname_old->base_name,
1028 smb_fname_new->base_name));
1029
1030 status = copy_file(mem_ctx, conn, smb_fname_old, smb_fname_new,
1031 OPENX_FILE_EXISTS_TRUNCATE |
1032 OPENX_FILE_CREATE_IF_NOT_EXIST,
1033 0, false);
1034
1035 if (!NT_STATUS_IS_OK(status)) {
1036 DEBUG(0,("move_driver_file_to_download_area: Unable "
1037 "to rename [%s] to [%s]: %s\n",
1038 smb_fname_old->base_name, new_name,
1039 nt_errstr(status)));
1040 ret = WERR_ACCESS_DENIED;
1041 goto out;
1042 }
1043 }
1044
1045 ret = WERR_OK;
1046 out:
1047 TALLOC_FREE(smb_fname_old);
1048 TALLOC_FREE(smb_fname_new);
1049 return ret;
1050 }
1051
1052 WERROR move_driver_to_download_area(struct auth_session_info *session_info,
1053 struct spoolss_AddDriverInfoCtr *r)
1054 {
1055 struct spoolss_AddDriverInfo3 *driver;
1056 struct spoolss_AddDriverInfo3 converted_driver;
1057 const char *short_architecture;
1058 struct smb_filename *smb_dname = NULL;
1059 char *new_dir = NULL;
1060 connection_struct *conn = NULL;
1061 NTSTATUS nt_status;
1062 int i;
1063 TALLOC_CTX *ctx = talloc_tos();
1064 int ver = 0;
1065 char *oldcwd;
1066 char *printdollar = NULL;
1067 int printdollar_snum;
1068 WERROR err = WERR_OK;
1069
1070 switch (r->level) {
1071 case 3:
1072 driver = r->info.info3;
1073 break;
1074 case 6:
1075 convert_level_6_to_level3(&converted_driver, r->info.info6);
1076 driver = &converted_driver;
1077 break;
1078 default:
1079 DEBUG(0,("move_driver_to_download_area: Unknown info level (%u)\n", (unsigned int)r->level));
1080 return WERR_UNKNOWN_LEVEL;
1081 }
1082
1083 short_architecture = get_short_archi(driver->architecture);
1084 if (!short_architecture) {
1085 return WERR_UNKNOWN_PRINTER_DRIVER;
1086 }
1087
1088 printdollar_snum = find_service(ctx, "print$", &printdollar);
1089 if (!printdollar) {
1090 return WERR_NOMEM;
1091 }
1092 if (printdollar_snum == -1) {
1093 return WERR_NO_SUCH_SHARE;
1094 }
1095
1096 nt_status = create_conn_struct_cwd(talloc_tos(),
1097 server_event_context(),
1098 server_messaging_context(),
1099 &conn,
1100 printdollar_snum,
1101 lp_path(talloc_tos(), printdollar_snum),
1102 session_info, &oldcwd);
1103 if (!NT_STATUS_IS_OK(nt_status)) {
1104 DEBUG(0,("move_driver_to_download_area: create_conn_struct "
1105 "returned %s\n", nt_errstr(nt_status)));
1106 err = ntstatus_to_werror(nt_status);
1107 return err;
1108 }
1109
1110 nt_status = set_conn_force_user_group(conn, printdollar_snum);
1111 if (!NT_STATUS_IS_OK(nt_status)) {
1112 DEBUG(0, ("failed set force user / group\n"));
1113 err = ntstatus_to_werror(nt_status);
1114 goto err_free_conn;
1115 }
1116
1117 if (!become_user_by_session(conn, session_info)) {
1118 DEBUG(0, ("failed to become user\n"));
1119 err = WERR_ACCESS_DENIED;
1120 goto err_free_conn;
1121 }
1122
1123 new_dir = talloc_asprintf(ctx,
1124 "%s/%d",
1125 short_architecture,
1126 driver->version);
1127 if (!new_dir) {
1128 err = WERR_NOMEM;
1129 goto err_exit;
1130 }
1131 nt_status = driver_unix_convert(conn, new_dir, &smb_dname);
1132 if (!NT_STATUS_IS_OK(nt_status)) {
1133 err = WERR_NOMEM;
1134 goto err_exit;
1135 }
1136
1137 DEBUG(5,("Creating first directory: %s\n", smb_dname->base_name));
1138
1139 nt_status = create_directory(conn, NULL, smb_dname);
1140 if (!NT_STATUS_IS_OK(nt_status)
1141 && !NT_STATUS_EQUAL(nt_status, NT_STATUS_OBJECT_NAME_COLLISION)) {
1142 DEBUG(0, ("failed to create driver destination directory: %s\n",
1143 nt_errstr(nt_status)));
1144 err = ntstatus_to_werror(nt_status);
1145 goto err_exit;
1146 }
1147
1148 /* For each driver file, archi\filexxx.yyy, if there is a duplicate file
1149 * listed for this driver which has already been moved, skip it (note:
1150 * drivers may list the same file name several times. Then check if the
1151 * file already exists in archi\version\, if so, check that the version
1152 * info (or time stamps if version info is unavailable) is newer (or the
1153 * date is later). If it is, move it to archi\version\filexxx.yyy.
1154 * Otherwise, delete the file.
1155 *
1156 * If a file is not moved to archi\version\ because of an error, all the
1157 * rest of the 'unmoved' driver files are removed from archi\. If one or
1158 * more of the driver's files was already moved to archi\version\, it
1159 * potentially leaves the driver in a partially updated state. Version
1160 * trauma will most likely occur if an client attempts to use any printer
1161 * bound to the driver. Perhaps a rewrite to make sure the moves can be
1162 * done is appropriate... later JRR
1163 */
1164
1165 DEBUG(5,("Moving files now !\n"));
1166
1167 if (driver->driver_path && strlen(driver->driver_path)) {
1168
1169 err = move_driver_file_to_download_area(ctx,
1170 conn,
1171 driver->driver_path,
1172 short_architecture,
1173 driver->version,
1174 ver);
1175 if (!W_ERROR_IS_OK(err)) {
1176 goto err_exit;
1177 }
1178 }
1179
1180 if (driver->data_file && strlen(driver->data_file)) {
1181 if (!strequal(driver->data_file, driver->driver_path)) {
1182
1183 err = move_driver_file_to_download_area(ctx,
1184 conn,
1185 driver->data_file,
1186 short_architecture,
1187 driver->version,
1188 ver);
1189 if (!W_ERROR_IS_OK(err)) {
1190 goto err_exit;
1191 }
1192 }
1193 }
1194
1195 if (driver->config_file && strlen(driver->config_file)) {
1196 if (!strequal(driver->config_file, driver->driver_path) &&
1197 !strequal(driver->config_file, driver->data_file)) {
1198
1199 err = move_driver_file_to_download_area(ctx,
1200 conn,
1201 driver->config_file,
1202 short_architecture,
1203 driver->version,
1204 ver);
1205 if (!W_ERROR_IS_OK(err)) {
1206 goto err_exit;
1207 }
1208 }
1209 }
1210
1211 if (driver->help_file && strlen(driver->help_file)) {
1212 if (!strequal(driver->help_file, driver->driver_path) &&
1213 !strequal(driver->help_file, driver->data_file) &&
1214 !strequal(driver->help_file, driver->config_file)) {
1215
1216 err = move_driver_file_to_download_area(ctx,
1217 conn,
1218 driver->help_file,
1219 short_architecture,
1220 driver->version,
1221 ver);
1222 if (!W_ERROR_IS_OK(err)) {
1223 goto err_exit;
1224 }
1225 }
1226 }
1227
1228 if (driver->dependent_files && driver->dependent_files->string) {
1229 for (i=0; driver->dependent_files->string[i]; i++) {
1230 if (!strequal(driver->dependent_files->string[i], driver->driver_path) &&
1231 !strequal(driver->dependent_files->string[i], driver->data_file) &&
1232 !strequal(driver->dependent_files->string[i], driver->config_file) &&
1233 !strequal(driver->dependent_files->string[i], driver->help_file)) {
1234 int j;
1235 for (j=0; j < i; j++) {
1236 if (strequal(driver->dependent_files->string[i], driver->dependent_files->string[j])) {
1237 goto NextDriver;
1238 }
1239 }
1240
1241 err = move_driver_file_to_download_area(ctx,
1242 conn,
1243 driver->dependent_files->string[i],
1244 short_architecture,
1245 driver->version,
1246 ver);
1247 if (!W_ERROR_IS_OK(err)) {
1248 goto err_exit;
1249 }
1250 }
1251 NextDriver: ;
1252 }
1253 }
1254
1255 err = WERR_OK;
1256 err_exit:
1257 unbecome_user();
1258 err_free_conn:
1259 TALLOC_FREE(smb_dname);
1260
1261 if (conn != NULL) {
1262 vfs_ChDir(conn, oldcwd);
1263 SMB_VFS_DISCONNECT(conn);
1264 conn_free(conn);
1265 }
1266
1267 return err;
1268 }
1269
1270 /****************************************************************************
1271 Determine whether or not a particular driver is currently assigned
1272 to a printer
1273 ****************************************************************************/
1274
1275 bool printer_driver_in_use(TALLOC_CTX *mem_ctx,
1276 struct dcerpc_binding_handle *b,
1277 const struct spoolss_DriverInfo8 *r)
1278 {
1279 int snum;
1280 int n_services = lp_numservices();
1281 bool in_use = False;
1282 struct spoolss_PrinterInfo2 *pinfo2 = NULL;
1283 WERROR result;
1284
1285 if (!r) {
1286 return false;
1287 }
1288
1289 DEBUG(10,("printer_driver_in_use: Beginning search through ntprinters.tdb...\n"));
1290
1291 /* loop through the printers.tdb and check for the drivername */
1292
1293 for (snum=0; snum<n_services && !in_use; snum++) {
1294 if (!lp_snum_ok(snum) || !lp_printable(snum)) {
1295 continue;
1296 }
1297
1298 result = winreg_get_printer(mem_ctx, b,
1299 lp_servicename(talloc_tos(), snum),
1300 &pinfo2);
1301 if (!W_ERROR_IS_OK(result)) {
1302 continue; /* skip */
1303 }
1304
1305 if (strequal(r->driver_name, pinfo2->drivername)) {
1306 in_use = True;
1307 }
1308
1309 TALLOC_FREE(pinfo2);
1310 }
1311
1312 DEBUG(10,("printer_driver_in_use: Completed search through ntprinters.tdb...\n"));
1313
1314 if ( in_use ) {
1315 struct spoolss_DriverInfo8 *driver = NULL;
1316 WERROR werr;
1317
1318 DEBUG(5,("printer_driver_in_use: driver \"%s\" is currently in use\n", r->driver_name));
1319
1320 /* we can still remove the driver if there is one of
1321 "Windows NT x86" version 2 or 3 left */
1322
1323 if (!strequal("Windows NT x86", r->architecture)) {
1324 werr = winreg_get_driver(mem_ctx, b,
1325 "Windows NT x86",
1326 r->driver_name,
1327 DRIVER_ANY_VERSION,
1328 &driver);
1329 } else if (r->version == 2) {
1330 werr = winreg_get_driver(mem_ctx, b,
1331 "Windows NT x86",
1332 r->driver_name,
1333 3, &driver);
1334 } else if (r->version == 3) {
1335 werr = winreg_get_driver(mem_ctx, b,
1336 "Windows NT x86",
1337 r->driver_name,
1338 2, &driver);
1339 } else {
1340 DEBUG(0, ("printer_driver_in_use: ERROR!"
1341 " unknown driver version (%d)\n",
1342 r->version));
1343 werr = WERR_UNKNOWN_PRINTER_DRIVER;
1344 }
1345
1346 /* now check the error code */
1347
1348 if ( W_ERROR_IS_OK(werr) ) {
1349 /* it's ok to remove the driver, we have other architctures left */
1350 in_use = False;
1351 talloc_free(driver);
1352 }
1353 }
1354
1355 /* report that the driver is not in use by default */
1356
1357 return in_use;
1358 }
1359
1360
1361 /**********************************************************************
1362 Check to see if a ogiven file is in use by *info
1363 *********************************************************************/
1364
1365 static bool drv_file_in_use(const char *file, const struct spoolss_DriverInfo8 *info)
1366 {
1367 int i = 0;
1368
1369 if ( !info )
1370 return False;
1371
1372 /* mz: skip files that are in the list but already deleted */
1373 if (!file || !file[0]) {
1374 return false;
1375 }
1376
1377 if (strequal(file, info->driver_path))
1378 return True;
1379
1380 if (strequal(file, info->data_file))
1381 return True;
1382
1383 if (strequal(file, info->config_file))
1384 return True;
1385
1386 if (strequal(file, info->help_file))
1387 return True;
1388
1389 /* see of there are any dependent files to examine */
1390
1391 if (!info->dependent_files)
1392 return False;
1393
1394 while (info->dependent_files[i] && *info->dependent_files[i]) {
1395 if (strequal(file, info->dependent_files[i]))
1396 return True;
1397 i++;
1398 }
1399
1400 return False;
1401
1402 }
1403
1404 /**********************************************************************
1405 Utility function to remove the dependent file pointed to by the
1406 input parameter from the list
1407 *********************************************************************/
1408
1409 static void trim_dependent_file(TALLOC_CTX *mem_ctx, const char **files, int idx)
1410 {
1411
1412 /* bump everything down a slot */
1413
1414 while (files && files[idx+1]) {
1415 files[idx] = talloc_strdup(mem_ctx, files[idx+1]);
1416 idx++;
1417 }
1418
1419 files[idx] = NULL;
1420
1421 return;
1422 }
1423
1424 /**********************************************************************
1425 Check if any of the files used by src are also used by drv
1426 *********************************************************************/
1427
1428 static bool trim_overlap_drv_files(TALLOC_CTX *mem_ctx,
1429 struct spoolss_DriverInfo8 *src,
1430 const struct spoolss_DriverInfo8 *drv)
1431 {
1432 bool in_use = False;
1433 int i = 0;
1434
1435 if ( !src || !drv )
1436 return False;
1437
1438 /* check each file. Remove it from the src structure if it overlaps */
1439
1440 if (drv_file_in_use(src->driver_path, drv)) {
1441 in_use = True;
1442 DEBUG(10,("Removing driverfile [%s] from list\n", src->driver_path));
1443 src->driver_path = talloc_strdup(mem_ctx, "");
1444 if (!src->driver_path) { return false; }
1445 }
1446
1447 if (drv_file_in_use(src->data_file, drv)) {
1448 in_use = True;
1449 DEBUG(10,("Removing datafile [%s] from list\n", src->data_file));
1450 src->data_file = talloc_strdup(mem_ctx, "");
1451 if (!src->data_file) { return false; }
1452 }
1453
1454 if (drv_file_in_use(src->config_file, drv)) {
1455 in_use = True;
1456 DEBUG(10,("Removing configfile [%s] from list\n", src->config_file));
1457 src->config_file = talloc_strdup(mem_ctx, "");
1458 if (!src->config_file) { return false; }
1459 }
1460
1461 if (drv_file_in_use(src->help_file, drv)) {
1462 in_use = True;
1463 DEBUG(10,("Removing helpfile [%s] from list\n", src->help_file));
1464 src->help_file = talloc_strdup(mem_ctx, "");
1465 if (!src->help_file) { return false; }
1466 }
1467
1468 /* are there any dependentfiles to examine? */
1469
1470 if (!src->dependent_files)
1471 return in_use;
1472
1473 while (src->dependent_files[i] && *src->dependent_files[i]) {
1474 if (drv_file_in_use(src->dependent_files[i], drv)) {
1475 in_use = True;
1476 DEBUG(10,("Removing [%s] from dependent file list\n", src->dependent_files[i]));
1477 trim_dependent_file(mem_ctx, src->dependent_files, i);
1478 } else
1479 i++;
1480 }
1481
1482 return in_use;
1483 }
1484
1485 /****************************************************************************
1486 Determine whether or not a particular driver files are currently being
1487 used by any other driver.
1488
1489 Return value is True if any files were in use by other drivers
1490 and False otherwise.
1491
1492 Upon return, *info has been modified to only contain the driver files
1493 which are not in use
1494
1495 Fix from mz:
1496
1497 This needs to check all drivers to ensure that all files in use
1498 have been removed from *info, not just the ones in the first
1499 match.
1500 ****************************************************************************/
1501
1502 bool printer_driver_files_in_use(TALLOC_CTX *mem_ctx,
1503 struct dcerpc_binding_handle *b,
1504 struct spoolss_DriverInfo8 *info)
1505 {
1506 int i;
1507 uint32 version;
1508 struct spoolss_DriverInfo8 *driver;
1509 bool in_use = false;
1510 uint32_t num_drivers;
1511 const char **drivers;
1512 WERROR result;
1513
1514 if ( !info )
1515 return False;
1516
1517 version = info->version;
1518
1519 /* loop over all driver versions */
1520
1521 DEBUG(5,("printer_driver_files_in_use: Beginning search of drivers...\n"));
1522
1523 /* get the list of drivers */
1524
1525 result = winreg_get_driver_list(mem_ctx, b,
1526 info->architecture, version,
1527 &num_drivers, &drivers);
1528 if (!W_ERROR_IS_OK(result)) {
1529 return true;
1530 }
1531
1532 DEBUGADD(4, ("we have:[%d] drivers in environment [%s] and version [%d]\n",
1533 num_drivers, info->architecture, version));
1534
1535 /* check each driver for overlap in files */
1536
1537 for (i = 0; i < num_drivers; i++) {
1538 DEBUGADD(5,("\tdriver: [%s]\n", drivers[i]));
1539
1540 driver = NULL;
1541
1542 result = winreg_get_driver(mem_ctx, b,
1543 info->architecture, drivers[i],
1544 version, &driver);
1545 if (!W_ERROR_IS_OK(result)) {
1546 talloc_free(drivers);
1547 return True;
1548 }
1549
1550 /* check if d2 uses any files from d1 */
1551 /* only if this is a different driver than the one being deleted */
1552
1553 if (!strequal(info->driver_name, driver->driver_name)) {
1554 if (trim_overlap_drv_files(mem_ctx, info, driver)) {
1555 /* mz: Do not instantly return -
1556 * we need to ensure this file isn't
1557 * also in use by other drivers. */
1558 in_use = true;
1559 }
1560 }
1561
1562 talloc_free(driver);
1563 }
1564
1565 talloc_free(drivers);
1566
1567 DEBUG(5,("printer_driver_files_in_use: Completed search of drivers...\n"));
1568
1569 return in_use;
1570 }
1571
1572 static NTSTATUS driver_unlink_internals(connection_struct *conn,
1573 const char *short_arch,
1574 int vers,
1575 const char *fname)
1576 {
1577 TALLOC_CTX *tmp_ctx = talloc_new(conn);
1578 struct smb_filename *smb_fname = NULL;
1579 char *print_dlr_path;
1580 NTSTATUS status = NT_STATUS_NO_MEMORY;
1581
1582 print_dlr_path = talloc_asprintf(tmp_ctx, "%s/%d/%s",
1583 short_arch, vers, fname);
1584 if (print_dlr_path == NULL) {
1585 goto err_out;
1586 }
1587
1588 smb_fname = synthetic_smb_fname(tmp_ctx, print_dlr_path, NULL, NULL);
1589 if (smb_fname == NULL) {
1590 goto err_out;
1591 }
1592
1593 status = unlink_internals(conn, NULL, 0, smb_fname, false);
1594 err_out:
1595 talloc_free(tmp_ctx);
1596 return status;
1597 }
1598
1599 /****************************************************************************
1600 Actually delete the driver files. Make sure that
1601 printer_driver_files_in_use() return False before calling
1602 this.
1603 ****************************************************************************/
1604
1605 bool delete_driver_files(const struct auth_session_info *session_info,
1606 const struct spoolss_DriverInfo8 *r)
1607 {
1608 const char *short_arch;
1609 connection_struct *conn;
1610 NTSTATUS nt_status;
1611 char *oldcwd;
1612 char *printdollar = NULL;
1613 int printdollar_snum;
1614 bool ret = false;
1615
1616 if (!r) {
1617 return false;
1618 }
1619
1620 DEBUG(6,("delete_driver_files: deleting driver [%s] - version [%d]\n",
1621 r->driver_name, r->version));
1622
1623 printdollar_snum = find_service(talloc_tos(), "print$", &printdollar);
1624 if (!printdollar) {
1625 return false;
1626 }
1627 if (printdollar_snum == -1) {
1628 return false;
1629 }
1630
1631 nt_status = create_conn_struct_cwd(talloc_tos(),
1632 server_event_context(),
1633 server_messaging_context(),
1634 &conn,
1635 printdollar_snum,
1636 lp_path(talloc_tos(), printdollar_snum),
1637 session_info, &oldcwd);
1638 if (!NT_STATUS_IS_OK(nt_status)) {
1639 DEBUG(0,("delete_driver_files: create_conn_struct "
1640 "returned %s\n", nt_errstr(nt_status)));
1641 return false;
1642 }
1643
1644 nt_status = set_conn_force_user_group(conn, printdollar_snum);
1645 if (!NT_STATUS_IS_OK(nt_status)) {
1646 DEBUG(0, ("failed set force user / group\n"));
1647 ret = false;
1648 goto err_free_conn;
1649 }
1650
1651 if (!become_user_by_session(conn, session_info)) {
1652 DEBUG(0, ("failed to become user\n"));
1653 ret = false;
1654 goto err_free_conn;
1655 }
1656
1657 if ( !CAN_WRITE(conn) ) {
1658 DEBUG(3,("delete_driver_files: Cannot delete print driver when [print$] is read-only\n"));
1659 ret = false;
1660 goto err_out;
1661 }
1662
1663 short_arch = get_short_archi(r->architecture);
1664 if (short_arch == NULL) {
1665 DEBUG(0, ("bad architecture %s\n", r->architecture));
1666 ret = false;
1667 goto err_out;
1668 }
1669
1670 /* now delete the files */
1671
1672 if (r->driver_path && r->driver_path[0]) {
1673 DEBUG(10,("deleting driverfile [%s]\n", r->driver_path));
1674 driver_unlink_internals(conn, short_arch, r->version, r->driver_path);
1675 }
1676
1677 if (r->config_file && r->config_file[0]) {
1678 DEBUG(10,("deleting configfile [%s]\n", r->config_file));
1679 driver_unlink_internals(conn, short_arch, r->version, r->config_file);
1680 }
1681
1682 if (r->data_file && r->data_file[0]) {
1683 DEBUG(10,("deleting datafile [%s]\n", r->data_file));
1684 driver_unlink_internals(conn, short_arch, r->version, r->data_file);
1685 }
1686
1687 if (r->help_file && r->help_file[0]) {
1688 DEBUG(10,("deleting helpfile [%s]\n", r->help_file));
1689 driver_unlink_internals(conn, short_arch, r->version, r->help_file);
1690 }
1691
1692 if (r->dependent_files) {
1693 int i = 0;
1694 while (r->dependent_files[i] && r->dependent_files[i][0]) {
1695 DEBUG(10,("deleting dependent file [%s]\n", r->dependent_files[i]));
1696 driver_unlink_internals(conn, short_arch, r->version, r->dependent_files[i]);
1697 i++;
1698 }
1699 }
1700
1701 ret = true;
1702 err_out:
1703 unbecome_user();
1704 err_free_conn:
1705 if (conn != NULL) {
1706 vfs_ChDir(conn, oldcwd);
1707 SMB_VFS_DISCONNECT(conn);
1708 conn_free(conn);
1709 }
1710 return ret;
1711 }
1712
1713 /* error code:
1714 0: everything OK
1715 1: level not implemented
1716 2: file doesn't exist
1717 3: can't allocate memory
1718 4: can't free memory
1719 5: non existent struct
1720 */
1721
1722 /*
1723 A printer and a printer driver are 2 different things.
1724 NT manages them separatelly, Samba does the same.
1725 Why ? Simply because it's easier and it makes sense !
1726
1727 Now explanation: You have 3 printers behind your samba server,
1728 2 of them are the same make and model (laser A and B). But laser B
1729 has an 3000 sheet feeder and laser A doesn't such an option.
1730 Your third printer is an old dot-matrix model for the accounting :-).
1731
1732 If the /usr/local/samba/lib directory (default dir), you will have
1733 5 files to describe all of this.
1734
1735 3 files for the printers (1 by printer):
1736 NTprinter_laser A
1737 NTprinter_laser B
1738 NTprinter_accounting
1739 2 files for the drivers (1 for the laser and 1 for the dot matrix)
1740 NTdriver_printer model X
1741 NTdriver_printer model Y
1742
1743 jfm: I should use this comment for the text file to explain
1744 same thing for the forms BTW.
1745 Je devrais mettre mes commentaires en francais, ca serait mieux :-)
1746
1747 */
1748
1749 /* Convert generic access rights to printer object specific access rights.
1750 It turns out that NT4 security descriptors use generic access rights and
1751 NT5 the object specific ones. */
1752
1753 void map_printer_permissions(struct security_descriptor *sd)
1754 {
1755 int i;
1756
1757 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
1758 se_map_generic(&sd->dacl->aces[i].access_mask,
1759 &printer_generic_mapping);
1760 }
1761 }
1762
1763 void map_job_permissions(struct security_descriptor *sd)
1764 {
1765 int i;
1766
1767 for (i = 0; sd->dacl && i < sd->dacl->num_aces; i++) {
1768 se_map_generic(&sd->dacl->aces[i].access_mask,
1769 &job_generic_mapping);
1770 }
1771 }
1772
1773
1774 /****************************************************************************
1775 Check a user has permissions to perform the given operation. We use the
1776 permission constants defined in include/rpc_spoolss.h to check the various
1777 actions we perform when checking printer access.
1778
1779 PRINTER_ACCESS_ADMINISTER:
1780 print_queue_pause, print_queue_resume, update_printer_sec,
1781 update_printer, spoolss_addprinterex_level_2,
1782 _spoolss_setprinterdata
1783
1784 PRINTER_ACCESS_USE:
1785 print_job_start
1786
1787 JOB_ACCESS_ADMINISTER:
1788 print_job_delete, print_job_pause, print_job_resume,
1789 print_queue_purge
1790
1791 Try access control in the following order (for performance reasons):
1792 1) root and SE_PRINT_OPERATOR can do anything (easy check)
1793 2) check security descriptor (bit comparisons in memory)
1794 3) "printer admins" (may result in numerous calls to winbind)
1795
1796 ****************************************************************************/
1797 WERROR print_access_check(const struct auth_session_info *session_info,
1798 struct messaging_context *msg_ctx, int snum,
1799 int access_type)
1800 {
1801 struct spoolss_security_descriptor *secdesc = NULL;
1802 uint32 access_granted;
1803 size_t sd_size;
1804 NTSTATUS status;
1805 WERROR result;
1806 const char *pname;
1807 TALLOC_CTX *mem_ctx = NULL;
1808
1809 /* If user is NULL then use the current_user structure */
1810
1811 /* Always allow root or SE_PRINT_OPERATROR to do anything */
1812
1813 if ((session_info->unix_token->uid == sec_initial_uid())
1814 || security_token_has_privilege(session_info->security_token,
1815 SEC_PRIV_PRINT_OPERATOR)) {
1816 return WERR_OK;
1817 }
1818
1819 /* Get printer name */
1820
1821 pname = lp_printername(talloc_tos(), snum);
1822
1823 if (!pname || !*pname) {
1824 return WERR_ACCESS_DENIED;
1825 }
1826
1827 /* Get printer security descriptor */
1828
1829 if(!(mem_ctx = talloc_init("print_access_check"))) {
1830 return WERR_NOMEM;
1831 }
1832
1833 result = winreg_get_printer_secdesc_internal(mem_ctx,
1834 get_session_info_system(),
1835 msg_ctx,
1836 pname,
1837 &secdesc);
1838 if (!W_ERROR_IS_OK(result)) {
1839 talloc_destroy(mem_ctx);
1840 return WERR_NOMEM;
1841 }
1842
1843 if (access_type == JOB_ACCESS_ADMINISTER) {
1844 struct spoolss_security_descriptor *parent_secdesc = secdesc;
1845
1846 /* Create a child security descriptor to check permissions
1847 against. This is because print jobs are child objects
1848 objects of a printer. */
1849 status = se_create_child_secdesc(mem_ctx,
1850 &secdesc,
1851 &sd_size,
1852 parent_secdesc,
1853 parent_secdesc->owner_sid,
1854 parent_secdesc->group_sid,
1855 false);
1856 if (!NT_STATUS_IS_OK(status)) {
1857 talloc_destroy(mem_ctx);
1858 return ntstatus_to_werror(status);
1859 }
1860
1861 map_job_permissions(secdesc);
1862 } else {
1863 map_printer_permissions(secdesc);
1864 }
1865
1866 /* Check access */
1867 status = se_access_check(secdesc, session_info->security_token, access_type,
1868 &access_granted);
1869
1870 DEBUG(4, ("access check was %s\n", NT_STATUS_IS_OK(status) ? "SUCCESS" : "FAILURE"));
1871
1872 talloc_destroy(mem_ctx);
1873
1874 return ntstatus_to_werror(status);
1875 }
1876
1877 /****************************************************************************
1878 Check the time parameters allow a print operation.
1879 *****************************************************************************/
1880
1881 bool print_time_access_check(const struct auth_session_info *session_info,
1882 struct messaging_context *msg_ctx,
1883 const char *servicename)
1884 {
1885 struct spoolss_PrinterInfo2 *pinfo2 = NULL;
1886 WERROR result;
1887 bool ok = False;
1888 time_t now = time(NULL);
1889 struct tm *t;
1890 uint32 mins;
1891
1892 result = winreg_get_printer_internal(NULL, session_info, msg_ctx,
1893 servicename, &pinfo2);
1894 if (!W_ERROR_IS_OK(result)) {
1895 return False;
1896 }
1897
1898 if (pinfo2->starttime == 0 && pinfo2->untiltime == 0) {
1899 ok = True;
1900 }
1901
1902 t = gmtime(&now);
1903 mins = (uint32)t->tm_hour*60 + (uint32)t->tm_min;
1904
1905 if (mins >= pinfo2->starttime && mins <= pinfo2->untiltime) {
1906 ok = True;
1907 }
1908
1909 TALLOC_FREE(pinfo2);
1910
1911 if (!ok) {
1912 errno = EACCES;
1913 }
1914
1915 return ok;
1916 }
1917
1918 void nt_printer_remove(TALLOC_CTX *mem_ctx,
1919 const struct auth_session_info *session_info,
1920 struct messaging_context *msg_ctx,
1921 const char *printer)
1922 {
1923 WERROR result;
1924
1925 result = winreg_delete_printer_key_internal(mem_ctx, session_info, msg_ctx,
1926 printer, "");
1927 if (!W_ERROR_IS_OK(result)) {
1928 DEBUG(0, ("nt_printer_remove: failed to remove printer %s: "
1929 "%s\n", printer, win_errstr(result)));
1930 }
1931 }
1932
1933 void nt_printer_add(TALLOC_CTX *mem_ctx,
1934 const struct auth_session_info *session_info,
1935 struct messaging_context *msg_ctx,
1936 const char *printer)
1937 {
1938 WERROR result;
1939
1940 result = winreg_create_printer_internal(mem_ctx, session_info, msg_ctx,
1941 printer);
1942 if (!W_ERROR_IS_OK(result)) {
1943 DEBUG(0, ("nt_printer_add: failed to add printer %s: %s\n",
1944 printer, win_errstr(result)));
1945 }
1946 }
Samba GIT mirror