#include "includes.h"
#include "libsmb/libsmb.h"
#include "../libcli/security/secdesc.h"
+#include "../libcli/smb/smbXcli_base.h"
-NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
- TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
+NTSTATUS cli_query_security_descriptor(struct cli_state *cli,
+ uint16_t fnum,
+ uint32_t sec_info,
+ TALLOC_CTX *mem_ctx,
+ struct security_descriptor **sd)
{
uint8_t param[8];
uint8_t *rdata=NULL;
NTSTATUS status;
struct security_descriptor *lsd;
+ if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
+ return cli_smb2_query_security_descriptor(cli,
+ fnum,
+ sec_info,
+ mem_ctx,
+ sd);
+ }
+
SIVAL(param, 0, fnum);
- SIVAL(param, 4, 0x7);
+ SIVAL(param, 4, sec_info);
status = cli_trans(talloc_tos(), cli, SMBnttrans,
NULL, -1, /* name, fid */
goto cleanup;
}
- status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
+ status = unmarshall_sec_desc(mem_ctx, (uint8_t *)rdata, rdata_count,
&lsd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
return status;
}
+NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
+ TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
+{
+ uint32_t sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
+
+ return cli_query_security_descriptor(cli, fnum, sec_info, mem_ctx, sd);
+}
+
/****************************************************************************
set the security descriptor for a open file
****************************************************************************/
-NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
- const struct security_descriptor *sd)
+NTSTATUS cli_set_security_descriptor(struct cli_state *cli,
+ uint16_t fnum,
+ uint32_t sec_info,
+ const struct security_descriptor *sd)
{
uint8_t param[8];
- uint32 sec_info = 0;
- uint8 *data;
+ uint8_t *data;
size_t len;
NTSTATUS status;
+ if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) {
+ return cli_smb2_set_security_descriptor(cli,
+ fnum,
+ sec_info,
+ sd);
+ }
+
status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("marshall_sec_desc failed: %s\n",
}
SIVAL(param, 0, fnum);
-
- if (sd->dacl)
- sec_info |= SECINFO_DACL;
- if (sd->sacl)
- sec_info |= SECINFO_SACL;
- if (sd->owner_sid)
- sec_info |= SECINFO_OWNER;
- if (sd->group_sid)
- sec_info |= SECINFO_GROUP;
- SSVAL(param, 4, sec_info);
+ SIVAL(param, 4, sec_info);
status = cli_trans(talloc_tos(), cli, SMBnttrans,
NULL, -1, /* name, fid */
}
return status;
}
+
+NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
+ const struct security_descriptor *sd)
+{
+ uint32_t sec_info = 0;
+
+ if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT)) {
+ sec_info |= SECINFO_DACL;
+ }
+ if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT)) {
+ sec_info |= SECINFO_SACL;
+ }
+ if (sd->owner_sid) {
+ sec_info |= SECINFO_OWNER;
+ }
+ if (sd->group_sid) {
+ sec_info |= SECINFO_GROUP;
+ }
+
+ return cli_set_security_descriptor(cli, fnum, sec_info, sd);
+}