source3/libsmb/clisecdesc.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    client security descriptor functions
   4    Copyright (C) Andrew Tridgell 2000
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include "includes.h"
  21 #include "libsmb/libsmb.h"
  22 #include "../libcli/security/secdesc.h"
  23
  24 /****************************************************************************
  25   query the security descriptor for a open file
  26  ****************************************************************************/
  27 struct security_descriptor *cli_query_secdesc_old(struct cli_state *cli, uint16_t fnum,
  28                             TALLOC_CTX *mem_ctx)
  29 {
  30         uint8_t param[8];
  31         uint8_t *rdata=NULL;
  32         uint32_t rdata_count=0;
  33         struct security_descriptor *psd = NULL;
  34         NTSTATUS status;
  35
  36         SIVAL(param, 0, fnum);
  37         SIVAL(param, 4, 0x7);
  38
  39         status = cli_trans(talloc_tos(), cli, SMBnttrans,
  40                            NULL, -1, /* name, fid */
  41                            NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */
  42                            NULL, 0, 0, /* setup, length, max */
  43                            param, 8, 4, /* param, length, max */
  44                            NULL, 0, 0x10000, /* data, length, max */
  45                            NULL,             /* recv_flags2 */
  46                            NULL, 0, NULL, /* rsetup, length */
  47                            NULL, 0, NULL,
  48                            &rdata, 0, &rdata_count);
  49
  50         if (!NT_STATUS_IS_OK(status)) {
  51                 DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n",
  52                           nt_errstr(status)));
  53                 goto cleanup;
  54         }
  55
  56         status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
  57                                      &psd);
  58
  59         if (!NT_STATUS_IS_OK(status)) {
  60                 DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
  61                            nt_errstr(status)));
  62                 goto cleanup;
  63         }
  64
  65  cleanup:
  66
  67         TALLOC_FREE(rdata);
  68
  69         return psd;
  70 }
  71
  72 NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
  73                            TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
  74 {
  75         uint8_t param[8];
  76         uint8_t *rdata=NULL;
  77         uint32_t rdata_count=0;
  78         NTSTATUS status;
  79         struct security_descriptor *lsd;
  80
  81         SIVAL(param, 0, fnum);
  82         SIVAL(param, 4, 0x7);
  83
  84         status = cli_trans(talloc_tos(), cli, SMBnttrans,
  85                            NULL, -1, /* name, fid */
  86                            NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */
  87                            NULL, 0, 0, /* setup, length, max */
  88                            param, 8, 4, /* param, length, max */
  89                            NULL, 0, 0x10000, /* data, length, max */
  90                            NULL,             /* recv_flags2 */
  91                            NULL, 0, NULL, /* rsetup, length */
  92                            NULL, 0, NULL,
  93                            &rdata, 0, &rdata_count);
  94
  95         if (!NT_STATUS_IS_OK(status)) {
  96                 DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n",
  97                           nt_errstr(status)));
  98                 goto cleanup;
  99         }
 100
 101         status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
 102                                      &lsd);
 103         if (!NT_STATUS_IS_OK(status)) {
 104                 DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
 105                            nt_errstr(status)));
 106                 goto cleanup;
 107         }
 108
 109         if (sd != NULL) {
 110                 *sd = lsd;
 111         } else {
 112                 TALLOC_FREE(lsd);
 113         }
 114
 115  cleanup:
 116
 117         TALLOC_FREE(rdata);
 118
 119         return status;
 120 }
 121
 122 /****************************************************************************
 123   set the security descriptor for a open file
 124  ****************************************************************************/
 125 NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
 126                          struct security_descriptor *sd)
 127 {
 128         uint8_t param[8];
 129         uint32 sec_info = 0;
 130         uint8 *data;
 131         size_t len;
 132         NTSTATUS status;
 133
 134         status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
 135         if (!NT_STATUS_IS_OK(status)) {
 136                 DEBUG(10, ("marshall_sec_desc failed: %s\n",
 137                            nt_errstr(status)));
 138                 return status;
 139         }
 140
 141         SIVAL(param, 0, fnum);
 142
 143         if (sd->dacl)
 144                 sec_info |= SECINFO_DACL;
 145         if (sd->owner_sid)
 146                 sec_info |= SECINFO_OWNER;
 147         if (sd->group_sid)
 148                 sec_info |= SECINFO_GROUP;
 149         SSVAL(param, 4, sec_info);
 150
 151         status = cli_trans(talloc_tos(), cli, SMBnttrans,
 152                            NULL, -1, /* name, fid */
 153                            NT_TRANSACT_SET_SECURITY_DESC, 0,
 154                            NULL, 0, 0, /* setup */
 155                            param, 8, 0, /* param */
 156                            data, len, 0, /* data */
 157                            NULL,         /* recv_flags2 */
 158                            NULL, 0, NULL, /* rsetup */
 159                            NULL, 0, NULL, /* rparam */
 160                            NULL, 0, NULL); /* rdata */
 161         TALLOC_FREE(data);
 162         if (!NT_STATUS_IS_OK(status)) {
 163                 DEBUG(1, ("Failed to send NT_TRANSACT_SET_SECURITY_DESC: %s\n",
 164                           nt_errstr(status)));
 165         }
 166         return status;
 167 }