source3/libsmb/clisecdesc.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    client security descriptor functions
   4    Copyright (C) Andrew Tridgell 2000
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include "includes.h"
  21
  22 /****************************************************************************
  23   query the security descriptor for a open file
  24  ****************************************************************************/
  25 struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
  26                             TALLOC_CTX *mem_ctx)
  27 {
  28         uint8_t param[8];
  29         uint8_t *rdata=NULL;
  30         uint32_t rdata_count=0;
  31         struct security_descriptor *psd = NULL;
  32         NTSTATUS status;
  33
  34         SIVAL(param, 0, fnum);
  35         SIVAL(param, 4, 0x7);
  36
  37         status = cli_trans(talloc_tos(), cli, SMBnttrans,
  38                            NULL, -1, /* name, fid */
  39                            NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */
  40                            NULL, 0, 0, /* setup, length, max */
  41                            param, 8, 4, /* param, length, max */
  42                            NULL, 0, 0x10000, /* data, length, max */
  43                            NULL,             /* recv_flags2 */
  44                            NULL, 0, NULL, /* rsetup, length */
  45                            NULL, 0, NULL,
  46                            &rdata, 0, &rdata_count);
  47
  48         if (!NT_STATUS_IS_OK(status)) {
  49                 DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n",
  50                           nt_errstr(status)));
  51                 goto cleanup;
  52         }
  53
  54         status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
  55                                      &psd);
  56
  57         if (!NT_STATUS_IS_OK(status)) {
  58                 DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
  59                            nt_errstr(status)));
  60                 goto cleanup;
  61         }
  62
  63  cleanup:
  64
  65         TALLOC_FREE(rdata);
  66
  67         return psd;
  68 }
  69
  70 /****************************************************************************
  71   set the security descriptor for a open file
  72  ****************************************************************************/
  73 bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd)
  74 {
  75         char param[8];
  76         char *rparam=NULL, *rdata=NULL;
  77         unsigned int rparam_count=0, rdata_count=0;
  78         uint32 sec_info = 0;
  79         TALLOC_CTX *frame = talloc_stackframe();
  80         bool ret = False;
  81         uint8 *data;
  82         size_t len;
  83         NTSTATUS status;
  84
  85         status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
  86         if (!NT_STATUS_IS_OK(status)) {
  87                 DEBUG(10, ("marshall_sec_desc failed: %s\n",
  88                            nt_errstr(status)));
  89                 goto cleanup;
  90         }
  91
  92         SIVAL(param, 0, fnum);
  93
  94         if (sd->dacl)
  95                 sec_info |= SECINFO_DACL;
  96         if (sd->owner_sid)
  97                 sec_info |= SECINFO_OWNER;
  98         if (sd->group_sid)
  99                 sec_info |= SECINFO_GROUP;
 100         SSVAL(param, 4, sec_info);
 101
 102         if (!cli_send_nt_trans(cli,
 103                                NT_TRANSACT_SET_SECURITY_DESC,
 104                                0,
 105                                NULL, 0, 0,
 106                                param, 8, 0,
 107                                (char *)data, len, 0)) {
 108                 DEBUG(1,("Failed to send NT_TRANSACT_SET_SECURITY_DESC\n"));
 109                 goto cleanup;
 110         }
 111
 112
 113         if (!cli_receive_nt_trans(cli,
 114                                   &rparam, &rparam_count,
 115                                   &rdata, &rdata_count)) {
 116                 DEBUG(1,("NT_TRANSACT_SET_SECURITY_DESC failed\n"));
 117                 goto cleanup;
 118         }
 119
 120         ret = True;
 121
 122   cleanup:
 123
 124         SAFE_FREE(rparam);
 125         SAFE_FREE(rdata);
 126
 127         TALLOC_FREE(frame);
 128
 129         return ret;
 130 }