1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

s3:libsmb: add cli_{query,set}_security_descriptor() which take sec_info flags

In order to set and get security_descriptors it's important to specify
the sec_info flags.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
This commit is contained in:
Stefan Metzmacher 2012-11-30 13:52:53 +01:00 committed by Michael Adam
parent cf60338ada
commit 9afba14417
2 changed files with 49 additions and 16 deletions

View File

@ -21,8 +21,11 @@
#include "libsmb/libsmb.h" #include "libsmb/libsmb.h"
#include "../libcli/security/secdesc.h" #include "../libcli/security/secdesc.h"
NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, NTSTATUS cli_query_security_descriptor(struct cli_state *cli,
TALLOC_CTX *mem_ctx, struct security_descriptor **sd) uint16_t fnum,
uint32_t sec_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **sd)
{ {
uint8_t param[8]; uint8_t param[8];
uint8_t *rdata=NULL; uint8_t *rdata=NULL;
@ -31,7 +34,7 @@ NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
struct security_descriptor *lsd; struct security_descriptor *lsd;
SIVAL(param, 0, fnum); SIVAL(param, 0, fnum);
SIVAL(param, 4, 0x7); SIVAL(param, 4, sec_info);
status = cli_trans(talloc_tos(), cli, SMBnttrans, status = cli_trans(talloc_tos(), cli, SMBnttrans,
NULL, -1, /* name, fid */ NULL, -1, /* name, fid */
@ -71,14 +74,23 @@ NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
return status; return status;
} }
NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
{
uint32_t sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
return cli_query_security_descriptor(cli, fnum, sec_info, mem_ctx, sd);
}
/**************************************************************************** /****************************************************************************
set the security descriptor for a open file set the security descriptor for a open file
****************************************************************************/ ****************************************************************************/
NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, NTSTATUS cli_set_security_descriptor(struct cli_state *cli,
uint16_t fnum,
uint32_t sec_info,
const struct security_descriptor *sd) const struct security_descriptor *sd)
{ {
uint8_t param[8]; uint8_t param[8];
uint32 sec_info = 0;
uint8 *data; uint8 *data;
size_t len; size_t len;
NTSTATUS status; NTSTATUS status;
@ -91,16 +103,7 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
} }
SIVAL(param, 0, fnum); SIVAL(param, 0, fnum);
SIVAL(param, 4, sec_info);
if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT))
sec_info |= SECINFO_DACL;
if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT))
sec_info |= SECINFO_SACL;
if (sd->owner_sid)
sec_info |= SECINFO_OWNER;
if (sd->group_sid)
sec_info |= SECINFO_GROUP;
SSVAL(param, 4, sec_info);
status = cli_trans(talloc_tos(), cli, SMBnttrans, status = cli_trans(talloc_tos(), cli, SMBnttrans,
NULL, -1, /* name, fid */ NULL, -1, /* name, fid */
@ -119,3 +122,24 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
} }
return status; return status;
} }
NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
const struct security_descriptor *sd)
{
uint32_t sec_info = 0;
if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT)) {
sec_info |= SECINFO_DACL;
}
if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT)) {
sec_info |= SECINFO_SACL;
}
if (sd->owner_sid) {
sec_info |= SECINFO_OWNER;
}
if (sd->group_sid) {
sec_info |= SECINFO_GROUP;
}
return cli_set_security_descriptor(cli, fnum, sec_info, sd);
}

View File

@ -792,8 +792,17 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode,
/* The following definitions come from libsmb/clisecdesc.c */ /* The following definitions come from libsmb/clisecdesc.c */
NTSTATUS cli_query_security_descriptor(struct cli_state *cli,
uint16_t fnum,
uint32_t sec_info,
TALLOC_CTX *mem_ctx,
struct security_descriptor **sd);
NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
TALLOC_CTX *mem_ctx, struct security_descriptor **sd); TALLOC_CTX *mem_ctx, struct security_descriptor **sd);
NTSTATUS cli_set_security_descriptor(struct cli_state *cli,
uint16_t fnum,
uint32_t sec_info,
const struct security_descriptor *sd);
NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
const struct security_descriptor *sd); const struct security_descriptor *sd);