* Copyright (C) Jeremy Allison 2001.
* Copyright (C) Nigel Williams 2001.
* Copyright (C) Gerald (Jerry) Carter 2006.
+ * Copyright (C) Guenther Deschner 2008.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
/* This is the implementation of the srvsvc pipe. */
#include "includes.h"
+#include "../librpc/gen_ndr/srv_srvsvc.h"
extern const struct generic_mapping file_generic_mapping;
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_RPC_SRV
+#define MAX_SERVER_DISK_ENTRIES 15
+
/* Use for enumerating connections, pipes, & files */
struct file_enum_count {
}
fenum->ctr3->array = f;
- init_srvsvc_NetFileInfo3(&fenum->ctr3->array[i],
- (uint32_t)((procid_to_pid(&prec.pid)<<16) & prec.pnum),
- (FILE_READ_DATA|FILE_WRITE_DATA),
- 0,
- fullpath,
- username);
+ fenum->ctr3->array[i].fid =
+ (((uint32_t)(procid_to_pid(&prec.pid))<<16) | prec.pnum);
+ fenum->ctr3->array[i].permissions =
+ (FILE_READ_DATA|FILE_WRITE_DATA);
+ fenum->ctr3->array[i].num_locks = 0;
+ fenum->ctr3->array[i].path = fullpath;
+ fenum->ctr3->array[i].user = username;
fenum->ctr3->count++;
string_replace( fullpath, '/', '\\' );
/* mask out create (what ever that is) */
- permissions = e->share_access & (FILE_READ_DATA|FILE_WRITE_DATA);
+ permissions = e->access_mask & (FILE_READ_DATA|FILE_WRITE_DATA);
/* now fill in the srvsvc_NetFileInfo3 struct */
- init_srvsvc_NetFileInfo3(&fenum->ctr3->array[i],
- e->share_file_id,
- permissions,
- num_locks,
- username,
- fullpath);
+
+ fenum->ctr3->array[i].fid =
+ (((uint32_t)(procid_to_pid(&e->pid))<<16) | e->share_file_id);
+ fenum->ctr3->array[i].permissions = permissions;
+ fenum->ctr3->array[i].num_locks = num_locks;
+ fenum->ctr3->array[i].path = fullpath;
+ fenum->ctr3->array[i].user = username;
+
fenum->ctr3->count++;
}
static void init_srv_share_info_0(pipes_struct *p, struct srvsvc_NetShareInfo0 *r, int snum)
{
- const char *net_name = lp_servicename(snum);
-
- init_srvsvc_NetShareInfo0(r, net_name);
+ r->name = lp_servicename(snum);
}
/*******************************************************************
char *remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
if (remark) {
- remark = standard_sub_conn(p->mem_ctx,
- p->conn,
- remark);
+ remark = talloc_sub_advanced(
+ p->mem_ctx, lp_servicename(snum),
+ get_current_username(), lp_pathname(snum),
+ p->server_info->utok.uid, get_current_username(),
+ "", remark);
}
- init_srvsvc_NetShareInfo1(r, net_name,
- get_share_type(snum),
- remark ? remark : "");
+ r->name = net_name;
+ r->type = get_share_type(snum);
+ r->comment = remark ? remark : "";
}
/*******************************************************************
char *remark = NULL;
char *path = NULL;
int max_connections = lp_max_connections(snum);
- uint32 max_uses = max_connections!=0 ? max_connections : 0xffffffff;
- int count = 0;
+ uint32_t max_uses = max_connections!=0 ? max_connections : (uint32_t)-1;
char *net_name = lp_servicename(snum);
remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
if (remark) {
- remark = standard_sub_conn(p->mem_ctx,
- p->conn,
- remark);
+ remark = talloc_sub_advanced(
+ p->mem_ctx, lp_servicename(snum),
+ get_current_username(), lp_pathname(snum),
+ p->server_info->utok.uid, get_current_username(),
+ "", remark);
}
path = talloc_asprintf(p->mem_ctx,
"C:%s", lp_pathname(snum));
string_replace(path, '/', '\\');
}
- count = count_current_connections(net_name, false);
-
- init_srvsvc_NetShareInfo2(r, net_name,
- get_share_type(snum),
- remark ? remark : "",
- 0,
- max_uses,
- count,
- path ? path : "",
- "");
+ r->name = net_name;
+ r->type = get_share_type(snum);
+ r->comment = remark ? remark : "";
+ r->permissions = 0;
+ r->max_users = max_uses;
+ r->current_users = count_current_connections(net_name, false);
+ r->path = path ? path : "";
+ r->password = "";
}
/*******************************************************************
char *remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
if (remark) {
- remark = standard_sub_conn(p->mem_ctx, p->conn, remark);
+ remark = talloc_sub_advanced(
+ p->mem_ctx, lp_servicename(snum),
+ get_current_username(), lp_pathname(snum),
+ p->server_info->utok.uid, get_current_username(),
+ "", remark);
}
- init_srvsvc_NetShareInfo501(r, net_name,
- get_share_type(snum),
- remark ? remark : "",
- (lp_csc_policy(snum) << 4));
+ r->name = net_name;
+ r->type = get_share_type(snum);
+ r->comment = remark ? remark : "";
+ r->csc_policy = (lp_csc_policy(snum) << 4);
}
/*******************************************************************
const char *net_name = lp_servicename(snum);
char *path = NULL;
SEC_DESC *sd = NULL;
+ struct sec_desc_buf *sd_buf = NULL;
size_t sd_size = 0;
TALLOC_CTX *ctx = p->mem_ctx;
char *remark = talloc_strdup(ctx, lp_comment(snum));;
if (remark) {
- remark = standard_sub_conn(ctx, p->conn, remark);
+ remark = talloc_sub_advanced(
+ p->mem_ctx, lp_servicename(snum),
+ get_current_username(), lp_pathname(snum),
+ p->server_info->utok.uid, get_current_username(),
+ "", remark);
}
path = talloc_asprintf(ctx, "C:%s", lp_pathname(snum));
if (path) {
sd = get_share_security(ctx, lp_servicename(snum), &sd_size);
- init_srvsvc_NetShareInfo502(r, net_name,
- get_share_type(snum),
- remark ? remark : "",
- 0,
- 0xffffffff,
- 1,
- path ? path : "",
- "",
- 0,
- sd);
+ sd_buf = make_sec_desc_buf(p->mem_ctx, sd_size, sd);
+
+ r->name = net_name;
+ r->type = get_share_type(snum);
+ r->comment = remark ? remark : "";
+ r->permissions = 0;
+ r->max_users = (uint32_t)-1;
+ r->current_users = 1; /* ??? */
+ r->path = path ? path : "";
+ r->password = "";
+ r->sd_buf = *sd_buf;
}
/***************************************************************************
char *remark = talloc_strdup(p->mem_ctx, lp_comment(snum));
if (remark) {
- remark = standard_sub_conn(p->mem_ctx, p->conn, remark);
+ remark = talloc_sub_advanced(
+ p->mem_ctx, lp_servicename(snum),
+ get_current_username(), lp_pathname(snum),
+ p->server_info->utok.uid, get_current_username(),
+ "", remark);
}
- init_srvsvc_NetShareInfo1004(r, remark ? remark : "");
+ r->comment = remark ? remark : "";
}
/***************************************************************************
dfs_flags |= lp_csc_policy(snum) << SHARE_1005_CSC_POLICY_SHIFT;
- init_srvsvc_NetShareInfo1005(r, dfs_flags);
+ r->dfs_flags = dfs_flags;
}
/***************************************************************************
static void init_srv_share_info_1006(pipes_struct *p, struct srvsvc_NetShareInfo1006 *r, int snum)
{
- init_srvsvc_NetShareInfo1006(r, 0xffffffff);
+ r->max_users = (uint32_t)-1;
}
/***************************************************************************
static void init_srv_share_info_1007(pipes_struct *p, struct srvsvc_NetShareInfo1007 *r, int snum)
{
- uint32 flags = 0;
-
- init_srvsvc_NetShareInfo1007(r, flags, "");
+ r->flags = 0;
+ r->alternate_directory_name = "";
}
/*******************************************************************
return (net_name[strlen(net_name) - 1] == '$') ? True : False;
}
+/*******************************************************************
+ Verify user is allowed to view share, access based enumeration
+********************************************************************/
+static bool is_enumeration_allowed(pipes_struct *p,
+ int snum)
+{
+ if (!lp_access_based_share_enum(snum))
+ return true;
+
+ return share_access_check(p->server_info->ptok, lp_servicename(snum),
+ FILE_READ_DATA);
+}
+
/*******************************************************************
Fill in a share info structure.
********************************************************************/
TALLOC_CTX *ctx = p->mem_ctx;
int i = 0;
int valid_share_count = 0;
+ bool *allowed = 0;
union srvsvc_NetShareCtr ctr;
uint32_t resume_handle = resume_handle_p ? *resume_handle_p : 0;
num_services = lp_numservices();
unbecome_root();
- /* Count the number of entries. */
- for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) ) {
- DEBUG(10, ("counting service %s\n", lp_servicename(snum)));
- num_entries++;
- } else {
- DEBUG(10, ("NOT counting service %s\n", lp_servicename(snum)));
- }
- }
+ allowed = TALLOC_ZERO_ARRAY(ctx, bool, num_services);
+ W_ERROR_HAVE_NO_MEMORY(allowed);
+
+ /* Count the number of entries. */
+ for (snum = 0; snum < num_services; snum++) {
+ if (lp_browseable(snum) && lp_snum_ok(snum) &&
+ is_enumeration_allowed(p, snum) &&
+ (all_shares || !is_hidden_share(snum)) ) {
+ DEBUG(10, ("counting service %s\n",
+ lp_servicename(snum) ? lp_servicename(snum) : "(null)"));
+ allowed[snum] = true;
+ num_entries++;
+ } else {
+ DEBUG(10, ("NOT counting service %s\n",
+ lp_servicename(snum) ? lp_servicename(snum) : "(null)"));
+ }
+ }
if (!num_entries || (resume_handle >= num_entries)) {
return WERR_OK;
W_ERROR_HAVE_NO_MEMORY(ctr.ctr0->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_0(p, &ctr.ctr0->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr1->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_1(p, &ctr.ctr1->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr2->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_2(p, &ctr.ctr2->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr501->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_501(p, &ctr.ctr501->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr502->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_502(p, &ctr.ctr502->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr1004->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_1004(p, &ctr.ctr1004->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr1005->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_1005(p, &ctr.ctr1005->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr1006->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_1006(p, &ctr.ctr1006->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr1007->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_1007(p, &ctr.ctr1007->array[i++], snum);
}
W_ERROR_HAVE_NO_MEMORY(ctr.ctr1501->array);
for (snum = 0; snum < num_services; snum++) {
- if (lp_browseable(snum) && lp_snum_ok(snum) && (all_shares || !is_hidden_share(snum)) &&
+ if (allowed[snum] &&
(resume_handle <= (i + valid_share_count++)) ) {
init_srv_share_info_1501(p, &ctr.ctr1501->array[i++], snum);
}
return WERR_OK;
}
- for (; resume_handle < *total_entries && num_entries < MAX_SESS_ENTRIES; resume_handle++) {
+ for (; resume_handle < *total_entries; resume_handle++) {
ctr0->array = TALLOC_REALLOC_ARRAY(p->mem_ctx,
ctr0->array,
num_entries+1);
W_ERROR_HAVE_NO_MEMORY(ctr0->array);
- init_srvsvc_NetSessInfo0(&ctr0->array[num_entries],
- session_list[resume_handle].remote_machine);
+ ctr0->array[num_entries].client =
+ session_list[resume_handle].remote_machine;
+
num_entries++;
}
*total_entries = list_sessions(p->mem_ctx, &session_list);
- for (; resume_handle < *total_entries && num_entries < MAX_SESS_ENTRIES; resume_handle++) {
+ for (; resume_handle < *total_entries; resume_handle++) {
uint32 num_files;
uint32 connect_time;
struct passwd *pw = sys_getpwnam(session_list[resume_handle].username);
num_entries+1);
W_ERROR_HAVE_NO_MEMORY(ctr1->array);
- init_srvsvc_NetSessInfo1(&ctr1->array[num_entries],
- session_list[resume_handle].remote_machine,
- session_list[resume_handle].username,
- num_files,
- connect_time,
- 0,
- guest);
+ ctr1->array[num_entries].client = session_list[resume_handle].remote_machine;
+ ctr1->array[num_entries].user = session_list[resume_handle].username;
+ ctr1->array[num_entries].num_open = num_files;
+ ctr1->array[num_entries].time = connect_time;
+ ctr1->array[num_entries].idle_time = 0;
+ ctr1->array[num_entries].user_flags = guest;
+
num_entries++;
}
ZERO_STRUCTP(ctr0);
- for (; resume_handle < *total_entries && num_entries < MAX_CONN_ENTRIES; resume_handle++) {
+ for (; resume_handle < *total_entries; resume_handle++) {
ctr0->array = TALLOC_REALLOC_ARRAY(talloc_tos(),
ctr0->array,
return WERR_NOMEM;
}
- init_srvsvc_NetConnInfo0(&ctr0->array[num_entries],
- (*total_entries));
+ ctr0->array[num_entries].conn_id = *total_entries;
/* move on to creating next connection */
num_entries++;
ZERO_STRUCTP(ctr1);
- for (; (resume_handle < *total_entries) && num_entries < MAX_CONN_ENTRIES; resume_handle++) {
+ for (; resume_handle < *total_entries; resume_handle++) {
ctr1->array = TALLOC_REALLOC_ARRAY(talloc_tos(),
ctr1->array,
return WERR_NOMEM;
}
- init_srvsvc_NetConnInfo1(&ctr1->array[num_entries],
- (*total_entries),
- 0x3,
- 1,
- 1,
- 3,
- "dummy_user",
- "IPC$");
+ ctr1->array[num_entries].conn_id = *total_entries;
+ ctr1->array[num_entries].conn_type = 0x3;
+ ctr1->array[num_entries].num_open = 1;
+ ctr1->array[num_entries].num_users = 1;
+ ctr1->array[num_entries].conn_time = 3;
+ ctr1->array[num_entries].user = "dummy_user";
+ ctr1->array[num_entries].share = "IPC$";
/* move on to creating next connection */
num_entries++;
return WERR_NOMEM;
}
- init_srvsvc_NetSrvInfo102(info102,
- PLATFORM_ID_NT,
- global_myname(),
- lp_major_announce_version(),
- lp_minor_announce_version(),
- lp_default_server_announce(),
- string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH),
- 0xffffffff, /* users */
- 0xf, /* disc */
- 0, /* hidden */
- 240, /* announce */
- 3000, /* announce delta */
- 100000, /* licenses */
- "c:\\"); /* user path */
+ info102->platform_id = PLATFORM_ID_NT;
+ info102->server_name = global_myname();
+ info102->version_major = lp_major_announce_version();
+ info102->version_minor = lp_minor_announce_version();
+ info102->server_type = lp_default_server_announce();
+ info102->comment = string_truncate(lp_serverstring(),
+ MAX_SERVER_STRING_LENGTH);
+ info102->users = 0xffffffff;
+ info102->disc = 0xf;
+ info102->hidden = 0;
+ info102->announce = 240;
+ info102->anndelta = 3000;
+ info102->licenses = 100000;
+ info102->userpath = "C:\\";
+
r->out.info->info102 = info102;
break;
}
return WERR_NOMEM;
}
- init_srvsvc_NetSrvInfo101(info101,
- PLATFORM_ID_NT,
- global_myname(),
- lp_major_announce_version(),
- lp_minor_announce_version(),
- lp_default_server_announce(),
- string_truncate(lp_serverstring(), MAX_SERVER_STRING_LENGTH));
+ info101->platform_id = PLATFORM_ID_NT;
+ info101->server_name = global_myname();
+ info101->version_major = lp_major_announce_version();
+ info101->version_minor = lp_minor_announce_version();
+ info101->server_type = lp_default_server_announce();
+ info101->comment = string_truncate(lp_serverstring(),
+ MAX_SERVER_STRING_LENGTH);
+
r->out.info->info101 = info101;
break;
}
return WERR_NOMEM;
}
- init_srvsvc_NetSrvInfo100(info100,
- PLATFORM_ID_NT,
- global_myname());
+ info100->platform_id = PLATFORM_ID_NT;
+ info100->server_name = global_myname();
+
r->out.info->info100 = info100;
break;
struct srvsvc_NetSessDel *r)
{
struct sessionid *session_list;
- struct current_user user;
int num_sessions, snum;
const char *username;
const char *machine;
werr = WERR_ACCESS_DENIED;
- get_current_user(&user, p);
-
/* fail out now if you are not root or not a domain admin */
- if ((user.ut.uid != sec_initial_uid()) &&
- ( ! nt_token_check_domain_rid(p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS))) {
+ if ((p->server_info->utok.uid != sec_initial_uid()) &&
+ ( ! nt_token_check_domain_rid(p->server_info->ptok,
+ DOMAIN_GROUP_RID_ADMINS))) {
goto done;
}
NTSTATUS ntstat;
- if (user.ut.uid != sec_initial_uid()) {
+ if (p->server_info->utok.uid != sec_initial_uid()) {
not_root = True;
become_root();
}
WERROR _srvsvc_NetShareSetInfo(pipes_struct *p,
struct srvsvc_NetShareSetInfo *r)
{
- struct current_user user;
char *command = NULL;
char *share_name = NULL;
char *comment = NULL;
return WERR_NOMEM;
}
- *r->out.parm_error = 0;
+ if (r->out.parm_error) {
+ *r->out.parm_error = 0;
+ }
if ( strequal(share_name,"IPC$")
|| ( lp_enable_asu_support() && strequal(share_name,"ADMIN$") )
|| strequal(share_name,"global") )
{
+ DEBUG(5,("_srvsvc_NetShareSetInfo: share %s cannot be "
+ "modified by a remote user.\n",
+ share_name ));
return WERR_ACCESS_DENIED;
}
if (lp_print_ok(snum))
return WERR_ACCESS_DENIED;
- get_current_user(&user,p);
-
- is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
+ is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop );
/* fail out now if you are not root and not a disk op */
- if ( user.ut.uid != sec_initial_uid() && !is_disk_op )
+ if ( p->server_info->utok.uid != sec_initial_uid() && !is_disk_op ) {
+ DEBUG(2,("_srvsvc_NetShareSetInfo: uid %u doesn't have the "
+ "SeDiskOperatorPrivilege privilege needed to modify "
+ "share %s\n",
+ (unsigned int)p->server_info->utok.uid,
+ share_name ));
return WERR_ACCESS_DENIED;
+ }
switch (r->in.level) {
case 1:
pathname = talloc_strdup(ctx, lp_pathname(snum));
- comment = talloc_strdup(ctx, info->info2->comment);
- type = info->info2->type;
+ comment = talloc_strdup(ctx, info->info1->comment);
+ type = info->info1->type;
psd = NULL;
break;
case 2:
comment = talloc_strdup(ctx, info->info2->comment);
pathname = info->info2->path;
type = info->info2->type;
- max_connections = (info->info2->max_users == 0xffffffff) ?
+ max_connections = (info->info2->max_users == (uint32_t)-1) ?
0 : info->info2->max_users;
psd = NULL;
break;
comment = talloc_strdup(ctx, info->info502->comment);
pathname = info->info502->path;
type = info->info502->type;
- psd = info->info502->sd;
+ psd = info->info502->sd_buf.sd;
map_generic_share_sd_bits(psd);
break;
case 1004:
}
/* We can only modify disk shares. */
- if (type != STYPE_DISKTREE)
+ if (type != STYPE_DISKTREE) {
+ DEBUG(5,("_srvsvc_NetShareSetInfo: share %s is not a "
+ "disk share\n",
+ share_name ));
return WERR_ACCESS_DENIED;
+ }
+
+ if (comment == NULL) {
+ return WERR_NOMEM;
+ }
/* Check if the pathname is valid. */
- if (!(path = valid_share_pathname(p->mem_ctx, pathname )))
+ if (!(path = valid_share_pathname(p->mem_ctx, pathname ))) {
+ DEBUG(5,("_srvsvc_NetShareSetInfo: invalid pathname %s\n",
+ pathname ));
return WERR_OBJECT_PATH_INVALID;
+ }
/* Ensure share name, pathname and comment don't contain '"' characters. */
string_replace(share_name, '"', ' ');
string_replace(path, '"', ' ');
- if (comment) {
- string_replace(comment, '"', ' ');
- }
+ string_replace(comment, '"', ' ');
DEBUG(10,("_srvsvc_NetShareSetInfo: change share command = %s\n",
lp_change_share_cmd() ? lp_change_share_cmd() : "NULL" ));
old_sd = get_share_security(p->mem_ctx, lp_servicename(snum), &sd_size);
- if (old_sd && !sec_desc_equal(old_sd, psd)) {
+ if (old_sd && !security_descriptor_equal(old_sd, psd)) {
if (!set_share_security(share_name, psd))
DEBUG(0,("_srvsvc_NetShareSetInfo: Failed to change security info in share %s.\n",
share_name ));
WERROR _srvsvc_NetShareAdd(pipes_struct *p,
struct srvsvc_NetShareAdd *r)
{
- struct current_user user;
char *command = NULL;
char *share_name = NULL;
char *comment = NULL;
DEBUG(5,("_srvsvc_NetShareAdd: %d\n", __LINE__));
- *r->out.parm_error = 0;
-
- get_current_user(&user,p);
+ if (r->out.parm_error) {
+ *r->out.parm_error = 0;
+ }
- is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
+ is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop );
- if (user.ut.uid != sec_initial_uid() && !is_disk_op )
+ if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
if (!lp_add_share_cmd() || !*lp_add_share_cmd()) {
share_name = talloc_strdup(ctx, r->in.info->info2->name);
comment = talloc_strdup(ctx, r->in.info->info2->comment);
pathname = talloc_strdup(ctx, r->in.info->info2->path);
- max_connections = (r->in.info->info2->max_users == 0xffffffff) ?
+ max_connections = (r->in.info->info2->max_users == (uint32_t)-1) ?
0 : r->in.info->info2->max_users;
type = r->in.info->info2->type;
break;
share_name = talloc_strdup(ctx, r->in.info->info502->name);
comment = talloc_strdup(ctx, r->in.info->info502->comment);
pathname = talloc_strdup(ctx, r->in.info->info502->path);
- max_connections = (r->in.info->info502->max_users == 0xffffffff) ?
+ max_connections = (r->in.info->info502->max_users == (uint32_t)-1) ?
0 : r->in.info->info502->max_users;
type = r->in.info->info502->type;
- psd = r->in.info->info502->sd;
+ psd = r->in.info->info502->sd_buf.sd;
map_generic_share_sd_bits(psd);
break;
/* Share already exists. */
if (snum >= 0) {
- return WERR_ALREADY_EXISTS;
+ return WERR_FILE_EXISTS;
}
/* We can only add disk shares. */
WERROR _srvsvc_NetShareDel(pipes_struct *p,
struct srvsvc_NetShareDel *r)
{
- struct current_user user;
char *command = NULL;
char *share_name = NULL;
int ret;
if (lp_print_ok(snum))
return WERR_ACCESS_DENIED;
- get_current_user(&user,p);
-
- is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
+ is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop );
- if (user.ut.uid != sec_initial_uid() && !is_disk_op )
+ if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op )
return WERR_ACCESS_DENIED;
if (!lp_delete_share_cmd() || !*lp_delete_share_cmd()) {
t = gmtime(&unixdate);
/* set up the */
- init_srvsvc_NetRemoteTODInfo(tod,
- unixdate,
- 0,
- t->tm_hour,
- t->tm_min,
- t->tm_sec,
- 0,
- zone,
- 10000,
- t->tm_mday,
- t->tm_mon + 1,
- 1900+t->tm_year,
- t->tm_wday);
+ tod->elapsed = unixdate;
+ tod->msecs = 0;
+ tod->hours = t->tm_hour;
+ tod->mins = t->tm_min;
+ tod->secs = t->tm_sec;
+ tod->hunds = 0;
+ tod->timezone = zone;
+ tod->tinterval = 10000;
+ tod->day = t->tm_mday;
+ tod->month = t->tm_mon + 1;
+ tod->year = 1900+t->tm_year;
+ tod->weekday = t->tm_wday;
DEBUG(5,("_srvsvc_NetRemoteTOD: %d\n", __LINE__));
WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
struct srvsvc_NetGetFileSecurity *r)
{
+ struct smb_filename *smb_fname = NULL;
SEC_DESC *psd = NULL;
size_t sd_size;
- DATA_BLOB null_pw;
- char *filename_in = NULL;
- char *filename = NULL;
- char *qualname = NULL;
+ fstring servicename;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
WERROR werr;
- struct current_user user;
connection_struct *conn = NULL;
- bool became_user = False;
- TALLOC_CTX *ctx = p->mem_ctx;
- struct sec_desc_buf *sd_buf;
+ struct sec_desc_buf *sd_buf = NULL;
+ files_struct *fsp = NULL;
+ int snum;
+ char *oldcwd = NULL;
ZERO_STRUCT(st);
- werr = WERR_OK;
+ fstrcpy(servicename, r->in.share);
- qualname = talloc_strdup(ctx, r->in.share);
- if (!qualname) {
- werr = WERR_ACCESS_DENIED;
+ snum = find_service(servicename);
+ if (snum == -1) {
+ DEBUG(10, ("Could not find service %s\n", servicename));
+ werr = WERR_NET_NAME_NOT_FOUND;
goto error_exit;
}
- /* Null password is ok - we are already an authenticated user... */
- null_pw = data_blob_null;
-
- get_current_user(&user, p);
-
- become_root();
- conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status);
- unbecome_root();
-
- if (conn == NULL) {
- DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to connect to %s\n",
- qualname));
+ nt_status = create_conn_struct(talloc_tos(), &conn, snum,
+ lp_pathname(snum), p->server_info,
+ &oldcwd);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(10, ("create_conn_struct failed: %s\n",
+ nt_errstr(nt_status)));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- if (!become_user(conn, conn->vuid)) {
- DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n"));
- werr = WERR_ACCESS_DENIED;
- goto error_exit;
- }
- became_user = True;
-
- filename_in = talloc_strdup(ctx, r->in.file);
- if (!filename_in) {
- werr = WERR_ACCESS_DENIED;
- goto error_exit;
- }
-
- nt_status = unix_convert(ctx, conn, filename_in, False, &filename, NULL, &st);
+ nt_status = filename_convert(talloc_tos(),
+ conn,
+ false,
+ r->in.file,
+ 0,
+ NULL,
+ &smb_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n",
- filename));
- werr = WERR_ACCESS_DENIED;
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- nt_status = check_name(conn, filename);
+ nt_status = SMB_VFS_CREATE_FILE(
+ conn, /* conn */
+ NULL, /* req */
+ 0, /* root_dir_fid */
+ smb_fname, /* fname */
+ FILE_READ_ATTRIBUTES, /* access_mask */
+ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */
+ FILE_OPEN, /* create_disposition*/
+ 0, /* create_options */
+ 0, /* file_attributes */
+ INTERNAL_OPEN_ONLY, /* oplock_request */
+ 0, /* allocation_size */
+ NULL, /* sd */
+ NULL, /* ea_list */
+ &fsp, /* result */
+ NULL); /* pinfo */
+
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n",
- filename));
- werr = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: can't open %s\n",
+ smb_fname_str_dbg(smb_fname)));
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- nt_status = SMB_VFS_GET_NT_ACL(conn, filename,
+ nt_status = SMB_VFS_FGET_NT_ACL(fsp,
(OWNER_SECURITY_INFORMATION
|GROUP_SECURITY_INFORMATION
|DACL_SECURITY_INFORMATION), &psd);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL for file %s\n",
- filename));
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL "
+ "for file %s\n", smb_fname_str_dbg(smb_fname)));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- sd_size = ndr_size_security_descriptor(psd, 0);
+ sd_size = ndr_size_security_descriptor(psd, NULL, 0);
- sd_buf = TALLOC_ZERO_P(ctx, struct sec_desc_buf);
+ sd_buf = TALLOC_ZERO_P(p->mem_ctx, struct sec_desc_buf);
if (!sd_buf) {
werr = WERR_NOMEM;
goto error_exit;
psd->dacl->revision = NT4_ACL_REVISION;
- unbecome_user();
- close_cnum(conn, user.vuid);
- return werr;
+ close_file(NULL, fsp, NORMAL_CLOSE);
+ vfs_ChDir(conn, oldcwd);
+ conn_free(conn);
+ werr = WERR_OK;
+ goto done;
error_exit:
- if (became_user)
- unbecome_user();
+ if (fsp) {
+ close_file(NULL, fsp, NORMAL_CLOSE);
+ }
- if (conn)
- close_cnum(conn, user.vuid);
+ if (oldcwd) {
+ vfs_ChDir(conn, oldcwd);
+ }
+
+ if (conn) {
+ conn_free(conn);
+ }
+
+ done:
+ TALLOC_FREE(smb_fname);
return werr;
}
WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
struct srvsvc_NetSetFileSecurity *r)
{
- char *filename_in = NULL;
- char *filename = NULL;
- char *qualname = NULL;
- DATA_BLOB null_pw;
+ struct smb_filename *smb_fname = NULL;
+ fstring servicename;
files_struct *fsp = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
WERROR werr;
- struct current_user user;
connection_struct *conn = NULL;
- bool became_user = False;
- TALLOC_CTX *ctx = p->mem_ctx;
+ int snum;
+ char *oldcwd = NULL;
+ struct security_descriptor *psd = NULL;
+ uint32_t security_info_sent = 0;
ZERO_STRUCT(st);
- werr = WERR_OK;
+ fstrcpy(servicename, r->in.share);
- qualname = talloc_strdup(ctx, r->in.share);
- if (!qualname) {
- werr = WERR_ACCESS_DENIED;
+ snum = find_service(servicename);
+ if (snum == -1) {
+ DEBUG(10, ("Could not find service %s\n", servicename));
+ werr = WERR_NET_NAME_NOT_FOUND;
goto error_exit;
}
- /* Null password is ok - we are already an authenticated user... */
- null_pw = data_blob_null;
-
- get_current_user(&user, p);
-
- become_root();
- conn = make_connection(qualname, null_pw, "A:", user.vuid, &nt_status);
- unbecome_root();
-
- if (conn == NULL) {
- DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to connect to %s\n", qualname));
+ nt_status = create_conn_struct(talloc_tos(), &conn, snum,
+ lp_pathname(snum), p->server_info,
+ &oldcwd);
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ DEBUG(10, ("create_conn_struct failed: %s\n",
+ nt_errstr(nt_status)));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- if (!become_user(conn, conn->vuid)) {
- DEBUG(0,("_srvsvc_NetSetFileSecurity: Can't become connected user!\n"));
- werr = WERR_ACCESS_DENIED;
- goto error_exit;
- }
- became_user = True;
-
- filename_in = talloc_strdup(ctx, r->in.file);
- if (!filename_in) {
- werr = WERR_ACCESS_DENIED;
- goto error_exit;
- }
-
- nt_status = unix_convert(ctx, conn, filename, False, &filename, NULL, &st);
+ nt_status = filename_convert(talloc_tos(),
+ conn,
+ false,
+ r->in.file,
+ 0,
+ NULL,
+ &smb_fname);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srvsvc_NetSetFileSecurity: bad pathname %s\n", filename));
- werr = WERR_ACCESS_DENIED;
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- nt_status = check_name(conn, filename);
+ nt_status = SMB_VFS_CREATE_FILE(
+ conn, /* conn */
+ NULL, /* req */
+ 0, /* root_dir_fid */
+ smb_fname, /* fname */
+ FILE_WRITE_ATTRIBUTES, /* access_mask */
+ FILE_SHARE_READ|FILE_SHARE_WRITE, /* share_access */
+ FILE_OPEN, /* create_disposition*/
+ 0, /* create_options */
+ 0, /* file_attributes */
+ INTERNAL_OPEN_ONLY, /* oplock_request */
+ 0, /* allocation_size */
+ NULL, /* sd */
+ NULL, /* ea_list */
+ &fsp, /* result */
+ NULL); /* pinfo */
+
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srvsvc_NetSetFileSecurity: can't access %s\n", filename));
- werr = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: can't open %s\n",
+ smb_fname_str_dbg(smb_fname)));
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
- nt_status = open_file_stat(conn, NULL, filename, &st, &fsp);
-
- if ( !NT_STATUS_IS_OK(nt_status) ) {
- /* Perhaps it is a directory */
- if (NT_STATUS_EQUAL(nt_status, NT_STATUS_FILE_IS_A_DIRECTORY))
- nt_status = open_directory(conn, NULL, filename, &st,
- FILE_READ_ATTRIBUTES,
- FILE_SHARE_READ|FILE_SHARE_WRITE,
- FILE_OPEN,
- 0,
- FILE_ATTRIBUTE_DIRECTORY,
- NULL, &fsp);
+ psd = r->in.sd_buf->sd;
+ security_info_sent = r->in.securityinformation;
- if ( !NT_STATUS_IS_OK(nt_status) ) {
- DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to open file %s\n", filename));
- werr = ntstatus_to_werror(nt_status);
- goto error_exit;
- }
+ if (psd->owner_sid==0) {
+ security_info_sent &= ~OWNER_SECURITY_INFORMATION;
+ }
+ if (psd->group_sid==0) {
+ security_info_sent &= ~GROUP_SECURITY_INFORMATION;
}
+ if (psd->sacl==0) {
+ security_info_sent &= ~SACL_SECURITY_INFORMATION;
+ }
+ if (psd->dacl==0) {
+ security_info_sent &= ~DACL_SECURITY_INFORMATION;
+ }
+
+ /* Convert all the generic bits. */
+ security_acl_map_generic(psd->dacl, &file_generic_mapping);
+ security_acl_map_generic(psd->sacl, &file_generic_mapping);
- nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name,
- r->in.securityinformation,
- r->in.sd_buf->sd);
+ nt_status = SMB_VFS_FSET_NT_ACL(fsp,
+ security_info_sent,
+ psd);
if (!NT_STATUS_IS_OK(nt_status) ) {
- DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL on file %s\n", filename));
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL "
+ "on file %s\n", r->in.share));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
- close_file(fsp, NORMAL_CLOSE);
- unbecome_user();
- close_cnum(conn, user.vuid);
- return werr;
+ close_file(NULL, fsp, NORMAL_CLOSE);
+ vfs_ChDir(conn, oldcwd);
+ conn_free(conn);
+ werr = WERR_OK;
+ goto done;
error_exit:
- if(fsp) {
- close_file(fsp, NORMAL_CLOSE);
+ if (fsp) {
+ close_file(NULL, fsp, NORMAL_CLOSE);
}
- if (became_user) {
- unbecome_user();
+ if (oldcwd) {
+ vfs_ChDir(conn, oldcwd);
}
if (conn) {
- close_cnum(conn, user.vuid);
+ conn_free(conn);
}
+ done:
+ TALLOC_FREE(smb_fname);
+
return werr;
}
/*allow one struct srvsvc_NetDiskInfo0 for null terminator*/
+ r->out.info->count = 0;
+
for(i = 0; i < MAX_SERVER_DISK_ENTRIES -1 && (disk_name = next_server_disk_enum(&resume)); i++) {
r->out.info->count++;
return WERR_OK;
}
+/*******************************************************************
+********************************************************************/
+
+static void enum_file_close_fn( const struct share_mode_entry *e,
+ const char *sharepath, const char *fname,
+ void *private_data )
+{
+ char msg[MSG_SMB_SHARE_MODE_ENTRY_SIZE];
+ struct srvsvc_NetFileClose *r =
+ (struct srvsvc_NetFileClose *)private_data;
+ uint32_t fid = (((uint32_t)(procid_to_pid(&e->pid))<<16) | e->share_file_id);
+
+ if (fid != r->in.fid) {
+ return; /* Not this file. */
+ }
+
+ if (!process_exists(e->pid) ) {
+ return;
+ }
+
+ /* Ok - send the close message. */
+ DEBUG(10,("enum_file_close_fn: request to close file %s, %s\n",
+ sharepath,
+ share_mode_str(talloc_tos(), 0, e) ));
+
+ share_mode_entry_to_message(msg, e);
+
+ r->out.result = ntstatus_to_werror(
+ messaging_send_buf(smbd_messaging_context(),
+ e->pid, MSG_SMB_CLOSE_FILE,
+ (uint8 *)msg,
+ MSG_SMB_SHARE_MODE_ENTRY_SIZE));
+}
+
/********************************************************************
+ Close a file given a 32-bit file id.
********************************************************************/
WERROR _srvsvc_NetFileClose(pipes_struct *p, struct srvsvc_NetFileClose *r)
{
- return WERR_ACCESS_DENIED;
-}
+ SE_PRIV se_diskop = SE_DISK_OPERATOR;
+ bool is_disk_op;
+
+ DEBUG(5,("_srvsvc_NetFileClose: %d\n", __LINE__));
+
+ is_disk_op = user_has_privileges( p->server_info->ptok, &se_diskop );
+
+ if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op) {
+ return WERR_ACCESS_DENIED;
+ }
+ /* enum_file_close_fn sends the close message to
+ * the relevent smbd process. */
+
+ r->out.result = WERR_BADFILE;
+ share_mode_forall( enum_file_close_fn, (void *)r);
+ return r->out.result;
+}
/********************************************************************
********************************************************************/