From c8a5e89d9f6575c4e9eb770997172e9c25f8e9d0 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 7 Dec 2018 16:38:57 +0100 Subject: [PATCH] s3:libsmb: pass impersonation_level to cli_ntcreate_send() BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113 BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676 Signed-off-by: Stefan Metzmacher Reviewed-by: Tim Beale Reviewed-by: Andrew Bartlett --- examples/winexe/winexe.c | 3 +++ source3/libsmb/clifile.c | 5 +++-- source3/libsmb/clisymlink.c | 6 ++++-- source3/libsmb/proto.h | 1 + source3/libsmb/pylibsmb.c | 3 ++- source3/torture/nbench.c | 3 ++- source3/torture/test_chain3.c | 3 ++- source3/torture/test_notify.c | 9 ++++++--- source3/torture/test_notify_online.c | 5 +++-- source3/torture/test_oplock_cancel.c | 2 +- source3/torture/torture.c | 3 ++- 11 files changed, 29 insertions(+), 14 deletions(-) diff --git a/examples/winexe/winexe.c b/examples/winexe/winexe.c index cf667a64ebc..429ba2f5163 100644 --- a/examples/winexe/winexe.c +++ b/examples/winexe/winexe.c @@ -872,6 +872,7 @@ static struct tevent_req *winexe_out_pipe_send( FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, /* CreateDisposition */ 0, /* CreateOptions */ + SMB2_IMPERSONATION_IMPERSONATION, 0); /* SecurityFlags */ if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); @@ -1044,6 +1045,7 @@ static struct tevent_req *winexe_in_pipe_send( FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, /* CreateDisposition */ 0, /* CreateOptions */ + SMB2_IMPERSONATION_IMPERSONATION, 0); /* SecurityFlags */ if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); @@ -1462,6 +1464,7 @@ static struct tevent_req *winexe_ctrl_send( FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_OPEN, /* CreateDisposition */ 0, /* CreateOptions */ + SMB2_IMPERSONATION_IMPERSONATION, 0); /* SecurityFlags */ if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index 1694af502b9..6defa38fdee 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -2099,11 +2099,11 @@ struct tevent_req *cli_ntcreate_send(TALLOC_CTX *mem_ctx, uint32_t share_access, uint32_t create_disposition, uint32_t create_options, + uint32_t impersonation_level, uint8_t security_flags) { struct tevent_req *req, *subreq; struct cli_ntcreate_state *state; - uint32_t impersonation_level = SMB2_IMPERSONATION_IMPERSONATION; req = tevent_req_create(mem_ctx, &state, struct cli_ntcreate_state); if (req == NULL) { @@ -2197,6 +2197,7 @@ NTSTATUS cli_ntcreate(struct cli_state *cli, TALLOC_CTX *frame = talloc_stackframe(); struct tevent_context *ev; struct tevent_req *req; + uint32_t ImpersonationLevel = SMB2_IMPERSONATION_IMPERSONATION; NTSTATUS status = NT_STATUS_NO_MEMORY; if (smbXcli_conn_has_async_calls(cli->conn)) { @@ -2215,7 +2216,7 @@ NTSTATUS cli_ntcreate(struct cli_state *cli, req = cli_ntcreate_send(frame, ev, cli, fname, CreatFlags, DesiredAccess, FileAttributes, ShareAccess, CreateDisposition, CreateOptions, - SecurityFlags); + ImpersonationLevel, SecurityFlags); if (req == NULL) { goto fail; } diff --git a/source3/libsmb/clisymlink.c b/source3/libsmb/clisymlink.c index 54435e468cd..1330752358d 100644 --- a/source3/libsmb/clisymlink.c +++ b/source3/libsmb/clisymlink.c @@ -72,7 +72,8 @@ struct tevent_req *cli_symlink_send(TALLOC_CTX *mem_ctx, FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_NONE, FILE_CREATE, FILE_OPEN_REPARSE_POINT|FILE_SYNCHRONOUS_IO_NONALERT| - FILE_NON_DIRECTORY_FILE, 0); + FILE_NON_DIRECTORY_FILE, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } @@ -274,7 +275,8 @@ struct tevent_req *cli_readlink_send(TALLOC_CTX *mem_ctx, subreq = cli_ntcreate_send( state, ev, cli, fname, 0, FILE_READ_ATTRIBUTES | FILE_READ_EA, 0, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, - FILE_OPEN, FILE_OPEN_REPARSE_POINT, 0); + FILE_OPEN, FILE_OPEN_REPARSE_POINT, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h index 941d154b5b5..bfad4dcc011 100644 --- a/source3/libsmb/proto.h +++ b/source3/libsmb/proto.h @@ -397,6 +397,7 @@ struct tevent_req *cli_ntcreate_send(TALLOC_CTX *mem_ctx, uint32_t ShareAccess, uint32_t CreateDisposition, uint32_t CreateOptions, + uint32_t ImpersonationLevel, uint8_t SecurityFlags); NTSTATUS cli_ntcreate_recv(struct tevent_req *req, uint16_t *pfnum, diff --git a/source3/libsmb/pylibsmb.c b/source3/libsmb/pylibsmb.c index b6cff0bf1be..3f84d34e1fd 100644 --- a/source3/libsmb/pylibsmb.c +++ b/source3/libsmb/pylibsmb.c @@ -666,6 +666,7 @@ static PyObject *py_cli_create(struct py_cli_state *self, PyObject *args, unsigned ShareAccess = 0; unsigned CreateDisposition = FILE_OPEN; unsigned CreateOptions = 0; + unsigned ImpersonationLevel = SMB2_IMPERSONATION_IMPERSONATION; unsigned SecurityFlags = 0; uint16_t fnum; struct tevent_req *req; @@ -687,7 +688,7 @@ static PyObject *py_cli_create(struct py_cli_state *self, PyObject *args, req = cli_ntcreate_send(NULL, self->ev, self->cli, fname, CreateFlags, DesiredAccess, FileAttributes, ShareAccess, CreateDisposition, CreateOptions, - SecurityFlags); + ImpersonationLevel, SecurityFlags); if (!py_tevent_req_wait_exc(self, req)) { return NULL; } diff --git a/source3/torture/nbench.c b/source3/torture/nbench.c index 80b5a72054c..e9a0b4f2f33 100644 --- a/source3/torture/nbench.c +++ b/source3/torture/nbench.c @@ -263,7 +263,8 @@ static struct tevent_req *nbench_cmd_send(TALLOC_CTX *mem_ctx, state, ev, nb_state->cli, state->ft->cp.fname, flags, desired_access, 0, share_mode, state->ft->cp.cr_disposition, - state->ft->cp.cr_options, 0); + state->ft->cp.cr_options, + SMB2_IMPERSONATION_IMPERSONATION, 0); break; } case NBENCH_CMD_CLOSE: { diff --git a/source3/torture/test_chain3.c b/source3/torture/test_chain3.c index eff39de8702..d957e5145d4 100644 --- a/source3/torture/test_chain3.c +++ b/source3/torture/test_chain3.c @@ -180,7 +180,8 @@ static struct tevent_req *chain3_send(TALLOC_CTX *mem_ctx, GENERIC_READ_ACCESS|GENERIC_WRITE_ACCESS, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OVERWRITE_IF, 0, 0); + FILE_OVERWRITE_IF, 0, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } diff --git a/source3/torture/test_notify.c b/source3/torture/test_notify.c index e377875ef85..20b39d1e5db 100644 --- a/source3/torture/test_notify.c +++ b/source3/torture/test_notify.c @@ -66,7 +66,8 @@ static struct tevent_req *wait_for_one_notify_send(TALLOC_CTX *mem_ctx, state, state->ev, state->cli, path, 0, MAXIMUM_ALLOWED_ACCESS, 0, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, FILE_DIRECTORY_FILE, 0); + FILE_OPEN, FILE_DIRECTORY_FILE, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } @@ -318,7 +319,8 @@ static struct tevent_req *notify_bench3_send( state, state->ev, state->cli, state->dir, 0, MAXIMUM_ALLOWED_ACCESS, 0, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN_IF, FILE_DIRECTORY_FILE, 0); + FILE_OPEN_IF, FILE_DIRECTORY_FILE, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } @@ -456,7 +458,8 @@ static void notify_bench3_before_mkdir2(struct tevent_req *subreq) MAXIMUM_ALLOWED_ACCESS, 0, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, FILE_CREATE, - FILE_DIRECTORY_FILE, 0); + FILE_DIRECTORY_FILE, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return; } diff --git a/source3/torture/test_notify_online.c b/source3/torture/test_notify_online.c index 7f4f52111cd..c8ddf7c0fab 100644 --- a/source3/torture/test_notify_online.c +++ b/source3/torture/test_notify_online.c @@ -61,7 +61,7 @@ static struct tevent_req *notify_online_send( state, ev, cli, dname, EXTENDED_RESPONSE_REQUIRED, SEC_FILE_READ_DATA, 0, FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE, - FILE_OPEN, 0, 0); + FILE_OPEN, 0, SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } @@ -93,7 +93,8 @@ static void notify_online_opened_dir(struct tevent_req *subreq) state, state->ev, state->cli, state->fname, 0, GENERIC_READ_ACCESS, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN, FILE_NON_DIRECTORY_FILE, 0); + FILE_OPEN, FILE_NON_DIRECTORY_FILE, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return; } diff --git a/source3/torture/test_oplock_cancel.c b/source3/torture/test_oplock_cancel.c index d856650fa23..b003876f592 100644 --- a/source3/torture/test_oplock_cancel.c +++ b/source3/torture/test_oplock_cancel.c @@ -48,7 +48,7 @@ static struct tevent_req *create_cancel_send( subreq = cli_ntcreate_send( mem_ctx, ev, cli, fname, 0, FILE_GENERIC_READ, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE, - FILE_OPEN_IF, 0, 0); + FILE_OPEN_IF, 0, SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); } diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 4f810e5e16c..1849a8da0f8 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -8249,7 +8249,8 @@ static struct tevent_req *torture_createdel_send(TALLOC_CTX *mem_ctx, FILE_READ_DATA|FILE_WRITE_DATA|DELETE_ACCESS, FILE_ATTRIBUTE_NORMAL, FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, - FILE_OPEN_IF, FILE_DELETE_ON_CLOSE, 0); + FILE_OPEN_IF, FILE_DELETE_ON_CLOSE, + SMB2_IMPERSONATION_IMPERSONATION, 0); if (tevent_req_nomem(subreq, req)) { return tevent_req_post(req, ev); -- 2.34.1