/*
- Unix SMB/Netbios implementation.
- Version 3.0
+ Unix SMB/CIFS implementation.
client security descriptor functions
Copyright (C) Andrew Tridgell 2000
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#define NO_SYSLOG
-
#include "includes.h"
-
-
/****************************************************************************
query the security descriptor for a open file
- ****************************************************************************/
-SEC_DESC *cli_query_secdesc(struct cli_state *cli,int fd)
+ ****************************************************************************/
+struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
+ TALLOC_CTX *mem_ctx)
{
- char param[8];
- char *rparam=NULL, *rdata=NULL;
- int rparam_count=0, rdata_count=0;
- TALLOC_CTX *mem_ctx;
- prs_struct pd;
- SEC_DESC *psd = NULL;
-
- SIVAL(param, 0, fd);
- SSVAL(param, 4, 0x7);
-
- if (!cli_send_nt_trans(cli,
- NT_TRANSACT_QUERY_SECURITY_DESC,
- 0,
- NULL, 0, 0,
- param, 8, 4,
- NULL, 0, 0x10000)) {
- DEBUG(1,("Failed to send NT_TRANSACT_QUERY_SECURITY_DESC\n"));
- goto cleanup;
- }
-
-
- if (!cli_receive_nt_trans(cli,
- &rparam, &rparam_count,
- &rdata, &rdata_count)) {
- DEBUG(1,("Failed to recv NT_TRANSACT_QUERY_SECURITY_DESC\n"));
+ uint8_t param[8];
+ uint8_t *rdata=NULL;
+ uint32_t rdata_count=0;
+ struct security_descriptor *psd = NULL;
+ NTSTATUS status;
+
+ SIVAL(param, 0, fnum);
+ SIVAL(param, 4, 0x7);
+
+ status = cli_trans(talloc_tos(), cli, SMBnttrans,
+ NULL, -1, /* name, fid */
+ NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */
+ NULL, 0, 0, /* setup, length, max */
+ param, 8, 4, /* param, length, max */
+ NULL, 0, 0x10000, /* data, length, max */
+ NULL, 0, NULL, /* rsetup, length */
+ NULL, 0, NULL,
+ &rdata, 0, &rdata_count);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n",
+ nt_errstr(status)));
goto cleanup;
}
- if ((mem_ctx = talloc_init()) == NULL) {
- DEBUG(0,("talloc_init failed.\n"));
- goto cleanup;
- }
-
- prs_init(&pd, rdata_count, 4, mem_ctx, UNMARSHALL);
- prs_append_data(&pd, rdata, rdata_count);
- pd.data_offset = 0;
+ status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
+ &psd);
- if (!sec_io_desc("sd data", &psd, &pd, 1)) {
- DEBUG(1,("Failed to parse secdesc\n"));
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
goto cleanup;
}
cleanup:
- talloc_destroy(mem_ctx);
- safe_free(rparam);
- safe_free(rdata);
+ TALLOC_FREE(rdata);
- prs_mem_free(&pd);
return psd;
}
-
-
-
/****************************************************************************
set the security descriptor for a open file
- ****************************************************************************/
-BOOL cli_set_secdesc(struct cli_state *cli,int fd, SEC_DESC *sd)
+ ****************************************************************************/
+bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd)
{
char param[8];
char *rparam=NULL, *rdata=NULL;
- int rparam_count=0, rdata_count=0;
- TALLOC_CTX *mem_ctx;
- prs_struct pd;
- BOOL ret = False;
-
- if ((mem_ctx = talloc_init()) == NULL) {
- DEBUG(0,("talloc_init failed.\n"));
+ unsigned int rparam_count=0, rdata_count=0;
+ uint32 sec_info = 0;
+ TALLOC_CTX *frame = talloc_stackframe();
+ bool ret = False;
+ uint8 *data;
+ size_t len;
+ NTSTATUS status;
+
+ status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("marshall_sec_desc failed: %s\n",
+ nt_errstr(status)));
goto cleanup;
}
- prs_init(&pd, 0, 4, mem_ctx, MARSHALL);
- prs_give_memory(&pd, NULL, 0, True);
+ SIVAL(param, 0, fnum);
- if (!sec_io_desc("sd data", &sd, &pd, 1)) {
- DEBUG(1,("Failed to marshall secdesc\n"));
- goto cleanup;
- }
-
- SIVAL(param, 0, fd);
- SSVAL(param, 4, 0x7);
+ if (sd->dacl)
+ sec_info |= DACL_SECURITY_INFORMATION;
+ if (sd->owner_sid)
+ sec_info |= SECINFO_OWNER;
+ if (sd->group_sid)
+ sec_info |= GROUP_SECURITY_INFORMATION;
+ SSVAL(param, 4, sec_info);
if (!cli_send_nt_trans(cli,
NT_TRANSACT_SET_SECURITY_DESC,
0,
NULL, 0, 0,
param, 8, 0,
- pd.data_p, pd.data_offset, 0)) {
+ (char *)data, len, 0)) {
DEBUG(1,("Failed to send NT_TRANSACT_SET_SECURITY_DESC\n"));
goto cleanup;
}
cleanup:
- safe_free(rparam);
- safe_free(rdata);
+ SAFE_FREE(rparam);
+ SAFE_FREE(rdata);
- talloc_destroy(mem_ctx);
+ TALLOC_FREE(frame);
- prs_mem_free(&pd);
return ret;
}
-
git.samba.org / ira / wip.git / blobdiff