2000-12-03 05:18:14 +03:00
/*
2002-01-30 09:08:46 +03:00
Unix SMB / CIFS implementation .
2000-12-03 05:18:14 +03:00
client security descriptor functions
Copyright ( C ) Andrew Tridgell 2000
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2000-12-03 05:18:14 +03:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2000-12-03 05:18:14 +03:00
*/
# include "includes.h"
/****************************************************************************
query the security descriptor for a open file
2001-07-05 12:24:03 +04:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-18 12:29:34 +04:00
struct security_descriptor * cli_query_secdesc ( struct cli_state * cli , uint16_t fnum ,
2001-07-05 12:24:03 +04:00
TALLOC_CTX * mem_ctx )
2000-12-03 05:18:14 +03:00
{
2008-09-09 17:03:51 +04:00
uint8_t param [ 8 ] ;
2009-11-14 13:12:50 +03:00
uint8_t * rdata = NULL ;
uint32_t rdata_count = 0 ;
2010-05-18 12:29:34 +04:00
struct security_descriptor * psd = NULL ;
2007-12-30 00:47:03 +03:00
NTSTATUS status ;
2000-12-03 05:18:14 +03:00
2001-07-05 12:24:03 +04:00
SIVAL ( param , 0 , fnum ) ;
2003-10-23 17:45:48 +04:00
SIVAL ( param , 4 , 0x7 ) ;
2000-12-03 05:18:14 +03:00
2008-09-09 17:03:51 +04:00
status = cli_trans ( talloc_tos ( ) , cli , SMBnttrans ,
NULL , - 1 , /* name, fid */
NT_TRANSACT_QUERY_SECURITY_DESC , 0 , /* function, flags */
NULL , 0 , 0 , /* setup, length, max */
param , 8 , 4 , /* param, length, max */
NULL , 0 , 0x10000 , /* data, length, max */
2009-11-14 13:12:50 +03:00
NULL , 0 , NULL , /* rsetup, length */
NULL , 0 , NULL ,
& rdata , 0 , & rdata_count ) ;
2000-12-03 05:18:14 +03:00
2008-09-09 17:03:51 +04:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 1 , ( " NT_TRANSACT_QUERY_SECURITY_DESC failed: %s \n " ,
nt_errstr ( status ) ) ) ;
2000-12-15 04:02:11 +03:00
goto cleanup ;
2000-12-03 05:18:14 +03:00
}
2007-12-30 00:47:03 +03:00
status = unmarshall_sec_desc ( mem_ctx , ( uint8 * ) rdata , rdata_count ,
& psd ) ;
2000-12-03 05:18:14 +03:00
2007-12-30 00:47:03 +03:00
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 10 , ( " unmarshall_sec_desc failed: %s \n " ,
nt_errstr ( status ) ) ) ;
2000-12-15 04:02:11 +03:00
goto cleanup ;
2000-12-03 05:18:14 +03:00
}
2000-12-15 04:02:11 +03:00
cleanup :
2008-09-09 17:03:51 +04:00
TALLOC_FREE ( rdata ) ;
2000-12-15 04:02:11 +03:00
return psd ;
2000-12-03 05:18:14 +03:00
}
2000-12-03 10:36:15 +03:00
/****************************************************************************
set the security descriptor for a open file
2001-07-05 12:24:03 +04:00
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2010-05-18 12:29:34 +04:00
bool cli_set_secdesc ( struct cli_state * cli , uint16_t fnum , struct security_descriptor * sd )
2000-12-03 10:36:15 +03:00
{
char param [ 8 ] ;
char * rparam = NULL , * rdata = NULL ;
2003-08-15 05:42:30 +04:00
unsigned int rparam_count = 0 , rdata_count = 0 ;
2003-05-10 06:05:24 +04:00
uint32 sec_info = 0 ;
2007-12-30 00:47:03 +03:00
TALLOC_CTX * frame = talloc_stackframe ( ) ;
2007-10-19 04:40:25 +04:00
bool ret = False ;
2007-12-30 00:47:03 +03:00
uint8 * data ;
size_t len ;
NTSTATUS status ;
status = marshall_sec_desc ( talloc_tos ( ) , sd , & data , & len ) ;
if ( ! NT_STATUS_IS_OK ( status ) ) {
DEBUG ( 10 , ( " marshall_sec_desc failed: %s \n " ,
nt_errstr ( status ) ) ) ;
2000-12-15 04:02:11 +03:00
goto cleanup ;
2000-12-03 10:36:15 +03:00
}
2001-07-05 12:24:03 +04:00
SIVAL ( param , 0 , fnum ) ;
2003-05-10 06:05:24 +04:00
2006-09-21 02:23:12 +04:00
if ( sd - > dacl )
2010-06-03 01:35:44 +04:00
sec_info | = SECINFO_DACL ;
2006-09-21 02:23:12 +04:00
if ( sd - > owner_sid )
2010-06-03 01:22:12 +04:00
sec_info | = SECINFO_OWNER ;
2006-09-21 02:23:12 +04:00
if ( sd - > group_sid )
2010-06-03 01:25:18 +04:00
sec_info | = SECINFO_GROUP ;
2003-05-10 06:05:24 +04:00
SSVAL ( param , 4 , sec_info ) ;
2000-12-03 10:36:15 +03:00
if ( ! cli_send_nt_trans ( cli ,
NT_TRANSACT_SET_SECURITY_DESC ,
0 ,
NULL , 0 , 0 ,
param , 8 , 0 ,
2007-12-30 00:47:03 +03:00
( char * ) data , len , 0 ) ) {
2000-12-03 10:36:15 +03:00
DEBUG ( 1 , ( " Failed to send NT_TRANSACT_SET_SECURITY_DESC \n " ) ) ;
2000-12-15 04:02:11 +03:00
goto cleanup ;
2000-12-03 10:36:15 +03:00
}
if ( ! cli_receive_nt_trans ( cli ,
& rparam , & rparam_count ,
& rdata , & rdata_count ) ) {
2000-12-03 14:04:45 +03:00
DEBUG ( 1 , ( " NT_TRANSACT_SET_SECURITY_DESC failed \n " ) ) ;
2000-12-15 04:02:11 +03:00
goto cleanup ;
2000-12-03 10:36:15 +03:00
}
2000-12-15 04:02:11 +03:00
ret = True ;
cleanup :
2001-09-17 07:33:37 +04:00
SAFE_FREE ( rparam ) ;
SAFE_FREE ( rdata ) ;
2000-12-03 10:36:15 +03:00
2007-12-30 00:47:03 +03:00
TALLOC_FREE ( frame ) ;
2001-04-22 06:54:04 +04:00
2000-12-15 04:02:11 +03:00
return ret ;
2000-12-03 10:36:15 +03:00
}
