r11780: it turns out that the MxAc tag isn't a security descriptor, its a

author Andrew Tridgell <tridge@samba.org>

Fri, 18 Nov 2005 11:45:24 +0000 (11:45 +0000)

committer Gerald (Jerry) Carter <jerry@samba.org>

Wed, 10 Oct 2007 18:46:26 +0000 (13:46 -0500)
author Andrew Tridgell <tridge@samba.org>
Fri, 18 Nov 2005 11:45:24 +0000 (11:45 +0000)
committer Gerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 18:46:26 +0000 (13:46 -0500)
diff --git a/source4/libcli/smb2/create.c b/source4/libcli/smb2/create.c

index 647b408c687d4e9e0ece2178979b70165ab940a1..564eba7f46c81a7541f9098a6a61695578bafa4e 100644 (file)
--- a/source4/libcli/smb2/create.c
+++ b/source4/libcli/smb2/create.c
@@ -25,8 +25,8 @@
  #include "libcli/smb2/smb2.h"
  #include "libcli/smb2/smb2_calls.h"
  
-#define CREATE_TAG_EA 0x41747845 /* "ExtA" */
-#define CREATE_TAG_SD 0x6341784D /* "MxAc" */
+#define CREATE_TAG_EXTA 0x41747845 /* "ExtA" */
+#define CREATE_TAG_MXAC 0x6341784D /* "MxAc" */
  
  /*
    add a blob to a smb2_create attribute blob
@@ -37,13 +37,14 @@ static NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
  {
         NTSTATUS status;
         uint32_t ofs = blob->length;
-       status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length);
+       uint8_t pad = smb2_padding_size(add.length, 8);
+       status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length + pad);
         NT_STATUS_NOT_OK_RETURN(status);
         
         if (last) {
                 SIVAL(blob->data, ofs+0x00, 0);
         } else {
-               SIVAL(blob->data, ofs+0x00, 0x18 + add.length);
+               SIVAL(blob->data, ofs+0x00, 0x18 + add.length + pad);
         }
         SSVAL(blob->data, ofs+0x04, 0x10); /* offset of tag */
         SIVAL(blob->data, ofs+0x06, 0x04); /* tag length */
@@ -52,6 +53,7 @@ static NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
         SIVAL(blob->data, ofs+0x10, tag);
         SIVAL(blob->data, ofs+0x14, 0); /* pad? */
         memcpy(blob->data+ofs+0x18, add.data, add.length);
+       memset(blob->data+ofs+0x18+add.length, 0, pad);
  
         return NT_STATUS_OK;
  }
@@ -90,7 +92,7 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create
                 DATA_BLOB b = data_blob_talloc(req, NULL, 
                                                ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas));
                 ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas);
-               status = smb2_create_blob_add(req, &blob, CREATE_TAG_EA, b, False);
+               status = smb2_create_blob_add(req, &blob, CREATE_TAG_EXTA, b, False);
                 if (!NT_STATUS_IS_OK(status)) {
                         talloc_free(req);
                         return NULL;
@@ -98,18 +100,9 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create
                 data_blob_free(&b);
         }
  
-       if (io->in.sd != NULL) {
-               DATA_BLOB b;
-               status = ndr_push_struct_blob(&b, req, io->in.sd,
-                                             (ndr_push_flags_fn_t)ndr_push_security_descriptor);
-               if (!NT_STATUS_IS_OK(status)) {
-                       talloc_free(req);
-                       return NULL;
-               }
-               status = smb2_create_blob_add(req, &blob, CREATE_TAG_SD, b, True);
-       } else {
-               status = smb2_create_blob_add(req, &blob, CREATE_TAG_SD, data_blob(NULL, 0), True);
-       }
+       /* an empty MxAc tag seems to be used to ask the server to
+          return the maximum access mask allowed on the file */
+       status = smb2_create_blob_add(req, &blob, CREATE_TAG_MXAC, data_blob(NULL, 0), True);
  
         if (!NT_STATUS_IS_OK(status)) {
                 talloc_free(req);
diff --git a/source4/libcli/smb2/request.c b/source4/libcli/smb2/request.c

index 3f09c9aeec2d5b805e69c57ef4b374c103244ecc..03c0ed43504aef13791a3dda1dfd4b5b7795e707 100644 (file)
--- a/source4/libcli/smb2/request.c
+++ b/source4/libcli/smb2/request.c
@@ -181,7 +181,7 @@ BOOL smb2_oob(struct smb2_request_buffer *buf, const uint8_t *ptr, uint_t size)
         return False;
  }
  
-static size_t smb2_padding_size(uint32_t offset, size_t n)
+size_t smb2_padding_size(uint32_t offset, size_t n)
  {
         if ((offset & (n-1)) == 0) return 0;
         return n - (offset & (n-1));
diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h

index 53f7a45d88d8eff1e036a0f505b42bedb2369abe..1c41d4cd661c723bd596d40a6b8a1e786f88846b 100644 (file)
--- a/source4/libcli/smb2/smb2_calls.h
+++ b/source4/libcli/smb2/smb2_calls.h
@@ -130,10 +130,8 @@ struct smb2_create {
                 /* dynamic body */
                 const char *fname;
  
-               /* optional list of extended attributes and security
-                  descriptor */
+               /* optional list of extended attributes */
                 struct smb_ea_list eas;
-               struct security_descriptor *sd;
         } in;
  
         struct {
diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c

index 7afce0137f14cb4b0e9de290cd0cbcd6cf1d1384..b39f53d8e1e78e973e826abf9e7ac47e20397573 100644 (file)
--- a/source4/torture/smb2/util.c
+++ b/source4/torture/smb2/util.c
@@ -103,7 +103,7 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname,
  
         smb2_util_unlink(tree, fname);
         ZERO_STRUCT(io);
-       io.in.access_mask = SEC_RIGHTS_FILE_ALL;
+       io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
         io.in.file_attr   = FILE_ATTRIBUTE_NORMAL;
         io.in.open_disposition = NTCREATEX_DISP_OVERWRITE_IF;
         io.in.share_access = 
@@ -119,18 +119,6 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname,
                 io.in.open_disposition = NTCREATEX_DISP_CREATE;
         }
  
-       io.in.sd = security_descriptor_create(tmp_ctx,
-                                             NULL, NULL,
-                                             SID_NT_AUTHENTICATED_USERS,
-                                             SEC_ACE_TYPE_ACCESS_ALLOWED,
-                                             SEC_RIGHTS_FILE_ALL | SEC_STD_ALL,
-                                             0,
-                                             SID_WORLD,
-                                             SEC_ACE_TYPE_ACCESS_ALLOWED,
-                                             SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
-                                             0,
-                                             NULL);
-
         if (strchr(fname, ':') == NULL) {
                 /* setup some EAs */
                 io.in.eas.num_eas = 2;
author	Andrew Tridgell <tridge@samba.org>
	Fri, 18 Nov 2005 11:45:24 +0000 (11:45 +0000)
committer	Gerald (Jerry) Carter <jerry@samba.org>
	Wed, 10 Oct 2007 18:46:26 +0000 (13:46 -0500)
source4/libcli/smb2/create.c		patch \| blob \| history
source4/libcli/smb2/request.c		patch \| blob \| history
source4/libcli/smb2/smb2_calls.h		patch \| blob \| history
source4/torture/smb2/util.c		patch \| blob \| history