mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
s3:libsmb: add cli_{query,set}_security_descriptor() which take sec_info flags
In order to set and get security_descriptors it's important to specify the sec_info flags. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
This commit is contained in:
parent
cf60338ada
commit
9afba14417
@ -21,8 +21,11 @@
|
||||
#include "libsmb/libsmb.h"
|
||||
#include "../libcli/security/secdesc.h"
|
||||
|
||||
NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
|
||||
NTSTATUS cli_query_security_descriptor(struct cli_state *cli,
|
||||
uint16_t fnum,
|
||||
uint32_t sec_info,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct security_descriptor **sd)
|
||||
{
|
||||
uint8_t param[8];
|
||||
uint8_t *rdata=NULL;
|
||||
@ -31,7 +34,7 @@ NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
struct security_descriptor *lsd;
|
||||
|
||||
SIVAL(param, 0, fnum);
|
||||
SIVAL(param, 4, 0x7);
|
||||
SIVAL(param, 4, sec_info);
|
||||
|
||||
status = cli_trans(talloc_tos(), cli, SMBnttrans,
|
||||
NULL, -1, /* name, fid */
|
||||
@ -71,14 +74,23 @@ NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
return status;
|
||||
}
|
||||
|
||||
NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
TALLOC_CTX *mem_ctx, struct security_descriptor **sd)
|
||||
{
|
||||
uint32_t sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL;
|
||||
|
||||
return cli_query_security_descriptor(cli, fnum, sec_info, mem_ctx, sd);
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
set the security descriptor for a open file
|
||||
****************************************************************************/
|
||||
NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
const struct security_descriptor *sd)
|
||||
NTSTATUS cli_set_security_descriptor(struct cli_state *cli,
|
||||
uint16_t fnum,
|
||||
uint32_t sec_info,
|
||||
const struct security_descriptor *sd)
|
||||
{
|
||||
uint8_t param[8];
|
||||
uint32 sec_info = 0;
|
||||
uint8 *data;
|
||||
size_t len;
|
||||
NTSTATUS status;
|
||||
@ -91,16 +103,7 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
}
|
||||
|
||||
SIVAL(param, 0, fnum);
|
||||
|
||||
if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT))
|
||||
sec_info |= SECINFO_DACL;
|
||||
if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT))
|
||||
sec_info |= SECINFO_SACL;
|
||||
if (sd->owner_sid)
|
||||
sec_info |= SECINFO_OWNER;
|
||||
if (sd->group_sid)
|
||||
sec_info |= SECINFO_GROUP;
|
||||
SSVAL(param, 4, sec_info);
|
||||
SIVAL(param, 4, sec_info);
|
||||
|
||||
status = cli_trans(talloc_tos(), cli, SMBnttrans,
|
||||
NULL, -1, /* name, fid */
|
||||
@ -119,3 +122,24 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
}
|
||||
return status;
|
||||
}
|
||||
|
||||
NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
const struct security_descriptor *sd)
|
||||
{
|
||||
uint32_t sec_info = 0;
|
||||
|
||||
if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT)) {
|
||||
sec_info |= SECINFO_DACL;
|
||||
}
|
||||
if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT)) {
|
||||
sec_info |= SECINFO_SACL;
|
||||
}
|
||||
if (sd->owner_sid) {
|
||||
sec_info |= SECINFO_OWNER;
|
||||
}
|
||||
if (sd->group_sid) {
|
||||
sec_info |= SECINFO_GROUP;
|
||||
}
|
||||
|
||||
return cli_set_security_descriptor(cli, fnum, sec_info, sd);
|
||||
}
|
||||
|
@ -792,8 +792,17 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode,
|
||||
|
||||
/* The following definitions come from libsmb/clisecdesc.c */
|
||||
|
||||
NTSTATUS cli_query_security_descriptor(struct cli_state *cli,
|
||||
uint16_t fnum,
|
||||
uint32_t sec_info,
|
||||
TALLOC_CTX *mem_ctx,
|
||||
struct security_descriptor **sd);
|
||||
NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
TALLOC_CTX *mem_ctx, struct security_descriptor **sd);
|
||||
NTSTATUS cli_set_security_descriptor(struct cli_state *cli,
|
||||
uint16_t fnum,
|
||||
uint32_t sec_info,
|
||||
const struct security_descriptor *sd);
|
||||
NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum,
|
||||
const struct security_descriptor *sd);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user