Make sure we claim that a DACL or SACL is present if the SD says so
[amitay/samba.git] / source3 / libsmb / clisecdesc.c
1 /* 
2    Unix SMB/CIFS implementation.
3    client security descriptor functions
4    Copyright (C) Andrew Tridgell 2000
5
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 3 of the License, or
9    (at your option) any later version.
10
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15
16    You should have received a copy of the GNU General Public License
17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "libsmb/libsmb.h"
22 #include "../libcli/security/secdesc.h"
23
24 NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
25                            TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
26 {
27         uint8_t param[8];
28         uint8_t *rdata=NULL;
29         uint32_t rdata_count=0;
30         NTSTATUS status;
31         struct security_descriptor *lsd;
32
33         SIVAL(param, 0, fnum);
34         SIVAL(param, 4, 0x7);
35
36         status = cli_trans(talloc_tos(), cli, SMBnttrans,
37                            NULL, -1, /* name, fid */
38                            NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */
39                            NULL, 0, 0, /* setup, length, max */
40                            param, 8, 4, /* param, length, max */
41                            NULL, 0, 0x10000, /* data, length, max */
42                            NULL,             /* recv_flags2 */
43                            NULL, 0, NULL, /* rsetup, length */
44                            NULL, 0, NULL,
45                            &rdata, 0, &rdata_count);
46
47         if (!NT_STATUS_IS_OK(status)) {
48                 DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n",
49                           nt_errstr(status)));
50                 goto cleanup;
51         }
52
53         status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
54                                      &lsd);
55         if (!NT_STATUS_IS_OK(status)) {
56                 DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
57                            nt_errstr(status)));
58                 goto cleanup;
59         }
60
61         if (sd != NULL) {
62                 *sd = lsd;
63         } else {
64                 TALLOC_FREE(lsd);
65         }
66
67  cleanup:
68
69         TALLOC_FREE(rdata);
70
71         return status;
72 }
73
74 /****************************************************************************
75   set the security descriptor for a open file
76  ****************************************************************************/
77 NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
78                          const struct security_descriptor *sd)
79 {
80         uint8_t param[8];
81         uint32 sec_info = 0;
82         uint8 *data;
83         size_t len;
84         NTSTATUS status;
85
86         status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
87         if (!NT_STATUS_IS_OK(status)) {
88                 DEBUG(10, ("marshall_sec_desc failed: %s\n",
89                            nt_errstr(status)));
90                 return status;
91         }
92
93         SIVAL(param, 0, fnum);
94
95         if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT))
96                 sec_info |= SECINFO_DACL;
97         if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT))
98                 sec_info |= SECINFO_SACL;
99         if (sd->owner_sid)
100                 sec_info |= SECINFO_OWNER;
101         if (sd->group_sid)
102                 sec_info |= SECINFO_GROUP;
103         SSVAL(param, 4, sec_info);
104
105         status = cli_trans(talloc_tos(), cli, SMBnttrans,
106                            NULL, -1, /* name, fid */
107                            NT_TRANSACT_SET_SECURITY_DESC, 0,
108                            NULL, 0, 0, /* setup */
109                            param, 8, 0, /* param */
110                            data, len, 0, /* data */
111                            NULL,         /* recv_flags2 */
112                            NULL, 0, NULL, /* rsetup */
113                            NULL, 0, NULL, /* rparam */
114                            NULL, 0, NULL); /* rdata */
115         TALLOC_FREE(data);
116         if (!NT_STATUS_IS_OK(status)) {
117                 DEBUG(1, ("Failed to send NT_TRANSACT_SET_SECURITY_DESC: %s\n",
118                           nt_errstr(status)));
119         }
120         return status;
121 }