sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-08 04:58:40 +03:00
Code

SEC_STD_SYNCHRONIZE is only invalid on SMB2

Browse Source 
(This used to be commit 067f1271adaa13d537bbc92b19fe8d633cbaaf50)
This commit is contained in:
Andrew Tridgell 2008-05-27 14:30:42 +10:00
parent 95afe46a0e
commit 6e265867ff
2 changed files with 16 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
source4/ntvfs/posix/pvfs_open.c
View File

@ -565,6 +565,10 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
if (io->ntcreatex.in.file_attr & ~FILE_ATTRIBUTE_ALL_MASK) {
return NT_STATUS_INVALID_PARAMETER;
}
if (io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_ENCRYPTED) {
return NT_STATUS_ACCESS_DENIED;
}
if ((io->ntcreatex.in.file_attr & FILE_ATTRIBUTE_READONLY) &&
(create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE)) {
@ -1147,7 +1151,12 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
return NT_STATUS_INVALID_PARAMETER;
}
if (access_mask & (SEC_MASK_INVALID | SEC_STD_SYNCHRONIZE)) {
if (access_mask & SEC_MASK_INVALID) {
return NT_STATUS_ACCESS_DENIED;
}
if (req->ctx->protocol == PROTOCOL_SMB2 &&
(access_mask & SEC_STD_SYNCHRONIZE)) {
return NT_STATUS_ACCESS_DENIED;
}

8
source4/torture/smb2/create.c
View File

@ -51,7 +51,7 @@ bool torture_smb2_create_gentest(struct torture_context *torture, struct smb2_tr
struct smb2_create io;
NTSTATUS status;
TALLOC_CTX *tmp_ctx = talloc_new(tree);
uint32_t access_mask, file_attributes;
uint32_t access_mask, file_attributes, denied_mask;
ZERO_STRUCT(io);
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
@ -130,6 +130,7 @@ bool torture_smb2_create_gentest(struct torture_context *torture, struct smb2_tr
io.in.desired_access = SEC_FLAG_MAXIMUM_ALLOWED;
io.in.file_attributes = 0;
access_mask = 0;
denied_mask = 0;
{
int i;
for (i=0;i<32;i++) {
@ -138,6 +139,8 @@ bool torture_smb2_create_gentest(struct torture_context *torture, struct smb2_tr
status = smb2_create(tree, tmp_ctx, &io);
if (NT_STATUS_EQUAL(status, NT_STATUS_INVALID_PARAMETER)) {
file_attributes |= io.in.file_attributes;
} else if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
denied_mask |= io.in.file_attributes;
} else {
CHECK_STATUS(status, NT_STATUS_OK);
status = smb2_util_close(tree, io.out.file.handle);
@ -146,7 +149,8 @@ bool torture_smb2_create_gentest(struct torture_context *torture, struct smb2_tr
}
}
CHECK_EQUAL(file_attributes, 0x0df0fe00);
CHECK_EQUAL(file_attributes, 0xffff87c8);
CHECK_EQUAL(denied_mask, 0x4000);
talloc_free(tmp_ctx);