s3:privs Change to new host endian neutral privilages tdb format

These values are stored in account_policy.tdb, and the old format,
using a 128 bit bitmap was not endian neutral.

The previous endian-dependent format was introduced in
46e5effea948931509283cb84b27007d34b521c8
replacing a 32 bit number which was used at the time.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>

diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c
index 5abd5228fab0e2aab08649d1bf3d07a814e35b49..97ae7dbfab4c849f6a88d2797c1cd1aba8b1bd5d 100644 (file)
--- a/source3/lib/privileges.c
+++ b/source3/lib/privileges.c
@@ -65,9 +65,20 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask )
                return False;
        }
 
-       SMB_ASSERT( data.dsize == sizeof( uint64_t ) );
+       if (data.dsize == 4*4) {
+               DEBUG(3, ("get_privileges: Should not have obtained old-style privileges record for SID "
+                         "[%s]\n", sid_string_dbg(sid)));
+               return False;
+       }
+
+       if (data.dsize != sizeof( uint64_t ) ) {
+               DEBUG(3, ("get_privileges: Invalid privileges record assigned to SID "
+                         "[%s]\n", sid_string_dbg(sid)));
+               return False;
+       }
+
+       *mask = BVAL(data.dptr, 0);
 
-       se_priv_copy( mask, (uint64_t*)data.dptr );
        TALLOC_FREE(data.dptr);
 
        return True;
@@ -80,6 +91,7 @@ static bool get_privileges( const struct dom_sid *sid, uint64_t *mask )
 static bool set_privileges( const struct dom_sid *sid, uint64_t *mask )
 {
        struct db_context *db = get_account_pol_db();
+       uint8_t privbuf[8];
        fstring tmp, keystr;
        TDB_DATA data;
 
@@ -98,7 +110,8 @@ static bool set_privileges( const struct dom_sid *sid, uint64_t *mask )
 
        fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
 
-       /* no packing.  static size structure, just write it out */
+       /* This writes the 64 bit bitmask out in little endian format */
+       SBVAL(privbuf,0,*mask);
 
        data.dptr  = (uint8 *)mask;
        data.dsize = sizeof(uint64_t);