source3/libsmb/clisecdesc.c

   1 /*
   2    Unix SMB/CIFS implementation.
   3    client security descriptor functions
   4    Copyright (C) Andrew Tridgell 2000
   5
   6    This program is free software; you can redistribute it and/or modify
   7    it under the terms of the GNU General Public License as published by
   8    the Free Software Foundation; either version 3 of the License, or
   9    (at your option) any later version.
  10
  11    This program is distributed in the hope that it will be useful,
  12    but WITHOUT ANY WARRANTY; without even the implied warranty of
  13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14    GNU General Public License for more details.
  15
  16    You should have received a copy of the GNU General Public License
  17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18 */
  19
  20 #include "includes.h"
  21
  22 /****************************************************************************
  23   query the security descriptor for a open file
  24  ****************************************************************************/
  25 struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
  26                             TALLOC_CTX *mem_ctx)
  27 {
  28         uint8_t param[8];
  29         uint8_t *rdata=NULL;
  30         uint32_t rdata_count=0;
  31         struct security_descriptor *psd = NULL;
  32         NTSTATUS status;
  33
  34         SIVAL(param, 0, fnum);
  35         SIVAL(param, 4, 0x7);
  36
  37         status = cli_trans(talloc_tos(), cli, SMBnttrans,
  38                            NULL, -1, /* name, fid */
  39                            NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */
  40                            NULL, 0, 0, /* setup, length, max */
  41                            param, 8, 4, /* param, length, max */
  42                            NULL, 0, 0x10000, /* data, length, max */
  43                            NULL, 0, NULL, /* rsetup, length */
  44                            NULL, 0, NULL,
  45                            &rdata, 0, &rdata_count);
  46
  47         if (!NT_STATUS_IS_OK(status)) {
  48                 DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n",
  49                           nt_errstr(status)));
  50                 goto cleanup;
  51         }
  52
  53         status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count,
  54                                      &psd);
  55
  56         if (!NT_STATUS_IS_OK(status)) {
  57                 DEBUG(10, ("unmarshall_sec_desc failed: %s\n",
  58                            nt_errstr(status)));
  59                 goto cleanup;
  60         }
  61
  62  cleanup:
  63
  64         TALLOC_FREE(rdata);
  65
  66         return psd;
  67 }
  68
  69 /****************************************************************************
  70   set the security descriptor for a open file
  71  ****************************************************************************/
  72 bool cli_set_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *sd)
  73 {
  74         char param[8];
  75         char *rparam=NULL, *rdata=NULL;
  76         unsigned int rparam_count=0, rdata_count=0;
  77         uint32 sec_info = 0;
  78         TALLOC_CTX *frame = talloc_stackframe();
  79         bool ret = False;
  80         uint8 *data;
  81         size_t len;
  82         NTSTATUS status;
  83
  84         status = marshall_sec_desc(talloc_tos(), sd, &data, &len);
  85         if (!NT_STATUS_IS_OK(status)) {
  86                 DEBUG(10, ("marshall_sec_desc failed: %s\n",
  87                            nt_errstr(status)));
  88                 goto cleanup;
  89         }
  90
  91         SIVAL(param, 0, fnum);
  92
  93         if (sd->dacl)
  94                 sec_info |= DACL_SECURITY_INFORMATION;
  95         if (sd->owner_sid)
  96                 sec_info |= OWNER_SECURITY_INFORMATION;
  97         if (sd->group_sid)
  98                 sec_info |= GROUP_SECURITY_INFORMATION;
  99         SSVAL(param, 4, sec_info);
 100
 101         if (!cli_send_nt_trans(cli,
 102                                NT_TRANSACT_SET_SECURITY_DESC,
 103                                0,
 104                                NULL, 0, 0,
 105                                param, 8, 0,
 106                                (char *)data, len, 0)) {
 107                 DEBUG(1,("Failed to send NT_TRANSACT_SET_SECURITY_DESC\n"));
 108                 goto cleanup;
 109         }
 110
 111
 112         if (!cli_receive_nt_trans(cli,
 113                                   &rparam, &rparam_count,
 114                                   &rdata, &rdata_count)) {
 115                 DEBUG(1,("NT_TRANSACT_SET_SECURITY_DESC failed\n"));
 116                 goto cleanup;
 117         }
 118
 119         ret = True;
 120
 121   cleanup:
 122
 123         SAFE_FREE(rparam);
 124         SAFE_FREE(rdata);
 125
 126         TALLOC_FREE(frame);
 127
 128         return ret;
 129 }