sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-04 16:58:42 +03:00
Code

Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test

Browse Source 
(This used to be commit 09e5c6adde5564afc0d1be25f297fbfd284d559f)
This commit is contained in:
Jelmer Vernooij 2008-03-09 13:51:52 +01:00
commit acc63121ac
13 changed files with 177 additions and 384 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
source3/configure.in
View File

@ -5341,6 +5341,13 @@ int main() { struct aiocb a; return aio_suspend64(&a, 1, NULL); }],
AC_MSG_RESULT(no)
)
if test x"$samba_cv_HAVE_AIO" = x"yes"; then
if test x"$samba_cv_msghdr_msg_control" = x"yes" -o \
x"$samba_cv_msghdr_msg_acctright" = x"yes"; then
default_shared_modules="$default_shared_modules vfs_aio_fork"
fi
fi
#################################################
# check for sendfile support

46
source3/include/rpc_srvsvc.h
View File

@ -652,50 +652,4 @@ typedef struct {
WERROR status;
} SRV_R_NET_FILE_ENUM;
/* SRV_Q_NET_FILE_QUERY_SECDESC */
typedef struct q_net_file_query_secdesc
{
uint32 ptr_srv_name;
UNISTR2 uni_srv_name;
uint32 ptr_qual_name;
UNISTR2 uni_qual_name;
UNISTR2 uni_file_name;
uint32 unknown1;
uint32 unknown2;
uint32 unknown3;
} SRV_Q_NET_FILE_QUERY_SECDESC;
/* SRV_R_NET_FILE_QUERY_SECDESC */
typedef struct r_net_file_query_secdesc
{
uint32 ptr_response;
uint32 size_response;
uint32 ptr_secdesc;
uint32 size_secdesc;
SEC_DESC *sec_desc;
WERROR status;
} SRV_R_NET_FILE_QUERY_SECDESC;
/* SRV_Q_NET_FILE_SET_SECDESC */
typedef struct q_net_file_set_secdesc
{
uint32 ptr_srv_name;
UNISTR2 uni_srv_name;
uint32 ptr_qual_name;
UNISTR2 uni_qual_name;
UNISTR2 uni_file_name;
uint32 sec_info;
uint32 size_set;
uint32 ptr_secdesc;
uint32 size_secdesc;
SEC_DESC *sec_desc;
} SRV_Q_NET_FILE_SET_SECDESC;
/* SRV_R_NET_FILE_SET_SECDESC */
typedef struct r_net_file_set_secdesc
{
WERROR status;
} SRV_R_NET_FILE_SET_SECDESC;
#endif /* _RPC_SRVSVC_H */

2
source3/libads/kerberos.c
View File

@ -894,6 +894,8 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
DEBUG(0,("create_local_private_krb5_conf_for_domain: smb_mkstemp failed,"
" for file %s. Errno %s\n",
tmpname, strerror(errno) ));
TALLOC_FREE(dname);
return false;
}
if (fchmod(fd, 0644)==-1) {

117
source3/libsmb/async_smb.c
View File

@ -174,24 +174,72 @@ static void handle_incoming_pdu(struct cli_state *cli)
{
struct cli_request *req;
uint16_t mid;
size_t raw_pdu_len, buf_len, pdu_len;
size_t rest_len;
size_t raw_pdu_len, buf_len, pdu_len, rest_len;
char *pdu;
NTSTATUS status;
/*
* The encrypted PDU len might differ from the unencrypted one
*/
raw_pdu_len = smb_len(cli->evt_inbuf) + 4;
buf_len = talloc_get_size(cli->evt_inbuf);
rest_len = buf_len - raw_pdu_len;
if (buf_len == raw_pdu_len) {
/*
* Optimal case: Exactly one PDU was in the socket buffer
*/
pdu = cli->evt_inbuf;
cli->evt_inbuf = NULL;
}
else {
DEBUG(11, ("buf_len = %d, raw_pdu_len = %d, splitting "
"buffer\n", (int)buf_len, (int)raw_pdu_len));
if (raw_pdu_len < rest_len) {
/*
* The PDU is shorter, talloc_memdup that one.
*/
pdu = (char *)talloc_memdup(
cli, cli->evt_inbuf, raw_pdu_len);
memmove(cli->evt_inbuf, cli->evt_inbuf + raw_pdu_len,
buf_len - raw_pdu_len);
cli->evt_inbuf = TALLOC_REALLOC_ARRAY(
NULL, cli->evt_inbuf, char, rest_len);
if (pdu == NULL) {
status = NT_STATUS_NO_MEMORY;
goto invalidate_requests;
}
}
else {
/*
* The PDU is larger than the rest, talloc_memdup the
* rest
*/
pdu = cli->evt_inbuf;
cli->evt_inbuf = (char *)talloc_memdup(
cli, pdu + raw_pdu_len, rest_len);
if (cli->evt_inbuf == NULL) {
status = NT_STATUS_NO_MEMORY;
goto invalidate_requests;
}
}
}
/*
* TODO: Handle oplock break requests
*/
if (cli_encryption_on(cli) && CVAL(cli->evt_inbuf, 0) == 0) {
if (cli_encryption_on(cli) && CVAL(pdu, 0) == 0) {
uint16_t enc_ctx_num;
status = get_enc_ctx_num((uint8_t *)cli->evt_inbuf,
&enc_ctx_num);
status = get_enc_ctx_num((uint8_t *)pdu, &enc_ctx_num);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("get_enc_ctx_num returned %s\n",
nt_errstr(status)));
@ -207,7 +255,7 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
status = common_decrypt_buffer(cli->trans_enc_state,
cli->evt_inbuf);
pdu);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("common_decrypt_buffer returned %s\n",
nt_errstr(status)));
@ -215,13 +263,13 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
}
if (!cli_check_sign_mac(cli, cli->evt_inbuf)) {
if (!cli_check_sign_mac(cli, pdu)) {
DEBUG(10, ("cli_check_sign_mac failed\n"));
status = NT_STATUS_ACCESS_DENIED;
goto invalidate_requests;
}
mid = SVAL(cli->evt_inbuf, smb_mid);
mid = SVAL(pdu, smb_mid);
DEBUG(10, ("handle_incoming_pdu: got mid %d\n", mid));
@ -231,64 +279,17 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
}
buf_len = talloc_get_size(cli->evt_inbuf);
pdu_len = smb_len(cli->evt_inbuf) + 4;
rest_len = buf_len - raw_pdu_len;
pdu_len = smb_len(pdu) + 4;
if (req == NULL) {
DEBUG(3, ("Request for mid %d not found, dumping PDU\n", mid));
memmove(cli->evt_inbuf, cli->evt_inbuf + raw_pdu_len,
buf_len - raw_pdu_len);
cli->evt_inbuf = TALLOC_REALLOC_ARRAY(NULL, cli->evt_inbuf,
char, rest_len);
TALLOC_FREE(pdu);
return;
}
if (buf_len == pdu_len) {
/*
* Optimal case: Exactly one PDU was in the socket buffer
*/
req->inbuf = talloc_move(req, &cli->evt_inbuf);
goto done;
}
req->inbuf = talloc_move(req, &pdu);
DEBUG(11, ("buf_len = %d, pdu_len = %d, splitting buffer\n",
(int)buf_len, (int)pdu_len));
if (pdu_len < rest_len) {
/*
* The PDU is shorter, talloc_memdup that one.
*/
req->inbuf = (char *)talloc_memdup(
req, cli->evt_inbuf, pdu_len);
memmove(cli->evt_inbuf,
cli->evt_inbuf + raw_pdu_len,
buf_len - raw_pdu_len);
cli->evt_inbuf = TALLOC_REALLOC_ARRAY(
NULL, cli->evt_inbuf, char, rest_len);
}
else {
/*
* The PDU is larger than the rest,
* talloc_memdup the rest
*/
req->inbuf = talloc_move(req, &cli->evt_inbuf);
cli->evt_inbuf = (char *)talloc_memdup(
cli, req->inbuf + raw_pdu_len,
rest_len);
}
if ((req->inbuf == NULL) || (cli->evt_inbuf == NULL)) {
status = NT_STATUS_NO_MEMORY;
goto invalidate_requests;
}
done:
async_req_done(req->async);
return;

2
source3/libsmb/clireadwrite.c
View File

@ -24,7 +24,7 @@
****************************************************************************/
static size_t cli_read_max_bufsize(struct cli_state *cli)
{
if (!client_is_signing_on(cli) && !cli_encryption_on(cli) == false
if (!client_is_signing_on(cli) && !cli_encryption_on(cli)
&& (cli->posix_capabilities & CIFS_UNIX_LARGE_READ_CAP)) {
return CLI_SAMBA_MAX_POSIX_LARGE_READX_SIZE;
}

10
source3/libsmb/nmblib.c
View File

@ -849,9 +849,8 @@ static bool send_udp(int fd,char *buf,int len,struct in_addr ip,int port)
If buf == NULL this is a length calculation.
******************************************************************/
static int build_dgram(char *buf, size_t len, struct packet_struct *p)
static int build_dgram(char *buf, size_t len, struct dgram_packet *dgram)
{
struct dgram_packet *dgram = &p->packet.dgram;
unsigned char *ubuf = (unsigned char *)buf;
int offset=0;
@ -926,9 +925,8 @@ bool nmb_name_equal(struct nmb_name *n1, struct nmb_name *n2)
If buf == NULL this is a length calculation.
******************************************************************/
static int build_nmb(char *buf, size_t len, struct packet_struct *p)
static int build_nmb(char *buf, size_t len, struct nmb_packet *nmb)
{
struct nmb_packet *nmb = &p->packet.nmb;
unsigned char *ubuf = (unsigned char *)buf;
int offset=0;
@ -1058,11 +1056,11 @@ int build_packet(char *buf, size_t buflen, struct packet_struct *p)
switch (p->packet_type) {
case NMB_PACKET:
len = build_nmb(buf,buflen,p);
len = build_nmb(buf,buflen,&p->packet.nmb);
break;
case DGRAM_PACKET:
len = build_dgram(buf,buflen,p);
len = build_dgram(buf,buflen,&p->packet.dgram);
break;
}

4
source3/libsmb/unexpected.c
View File

@ -22,7 +22,7 @@
static TDB_CONTEXT *tdbd = NULL;
/* the key type used in the unexpeceted packet database */
/* the key type used in the unexpected packet database */
struct unexpected_key {
enum packet_type packet_type;
time_t timestamp;
@ -32,7 +32,7 @@ struct unexpected_key {
/****************************************************************************
All unexpected packets are passed in here, to be stored in a unexpected
packet database. This allows nmblookup and other tools to receive packets
erroneoously sent to the wrong port by broken MS systems.
erroneously sent to the wrong port by broken MS systems.
**************************************************************************/
void unexpected_packet(struct packet_struct *p)

165
source3/rpc_parse/parse_srv.c
View File

@ -2692,168 +2692,3 @@ bool srv_io_r_net_disk_enum(const char *desc, SRV_R_NET_DISK_ENUM *r_n, prs_stru
return True;
}
/*******************************************************************
Reads or writes a structure.
********************************************************************/
bool srv_io_q_net_file_query_secdesc(const char *desc, SRV_Q_NET_FILE_QUERY_SECDESC *q_n, prs_struct *ps, int depth)
{
if (q_n == NULL)
return False;
prs_debug(ps, depth, desc, "srv_io_q_net_file_query_secdesc");
depth++;
if(!prs_align(ps))
return False;
if(!prs_uint32("ptr_srv_name", ps, depth, &q_n->ptr_srv_name))
return False;
if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
return False;
if(!prs_align(ps))
return False;
if(!prs_uint32("ptr_qual_name", ps, depth, &q_n->ptr_qual_name))
return False;
if(!smb_io_unistr2("", &q_n->uni_qual_name, True, ps, depth))
return False;
if(!prs_align(ps))
return False;
if(!smb_io_unistr2("", &q_n->uni_file_name, True, ps, depth))
return False;
if(!prs_uint32("unknown1", ps, depth, &q_n->unknown1))
return False;
if(!prs_uint32("unknown2", ps, depth, &q_n->unknown2))
return False;
if(!prs_uint32("unknown3", ps, depth, &q_n->unknown3))
return False;
return True;
}
/*******************************************************************
Reads or writes a structure.
********************************************************************/
bool srv_io_r_net_file_query_secdesc(const char *desc, SRV_R_NET_FILE_QUERY_SECDESC *r_n, prs_struct *ps, int depth)
{
if (r_n == NULL)
return False;
prs_debug(ps, depth, desc, "srv_io_r_net_file_query_secdesc");
depth++;
if(!prs_align(ps))
return False;
if(!prs_uint32("ptr_response", ps, depth, &r_n->ptr_response))
return False;
if(!prs_uint32("size_response", ps, depth, &r_n->size_response))
return False;
if(!prs_uint32("ptr_secdesc", ps, depth, &r_n->ptr_secdesc))
return False;
if(!prs_uint32("size_secdesc", ps, depth, &r_n->size_secdesc))
return False;
if(!sec_io_desc("sec_desc", &r_n->sec_desc, ps, depth))
return False;
if(!prs_align(ps))
return False;
if(!prs_werror("status", ps, depth, &r_n->status))
return False;
return True;
}
/*******************************************************************
Reads or writes a structure.
********************************************************************/
bool srv_io_q_net_file_set_secdesc(const char *desc, SRV_Q_NET_FILE_SET_SECDESC *q_n, prs_struct *ps, int depth)
{
if (q_n == NULL)
return False;
prs_debug(ps, depth, desc, "srv_io_q_net_file_set_secdesc");
depth++;
if(!prs_align(ps))
return False;
if(!prs_uint32("ptr_srv_name", ps, depth, &q_n->ptr_srv_name))
return False;
if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
return False;
if(!prs_align(ps))
return False;
if(!prs_uint32("ptr_qual_name", ps, depth, &q_n->ptr_qual_name))
return False;
if(!smb_io_unistr2("", &q_n->uni_qual_name, True, ps, depth))
return False;
if(!prs_align(ps))
return False;
if(!smb_io_unistr2("", &q_n->uni_file_name, True, ps, depth))
return False;
if(!prs_align(ps))
return False;
if(!prs_uint32("sec_info", ps, depth, &q_n->sec_info))
return False;
if(!prs_uint32("size_set", ps, depth, &q_n->size_set))
return False;
if(!prs_uint32("ptr_secdesc", ps, depth, &q_n->ptr_secdesc))
return False;
if(!prs_uint32("size_secdesc", ps, depth, &q_n->size_secdesc))
return False;
if(!sec_io_desc("sec_desc", &q_n->sec_desc, ps, depth))
return False;
return True;
}
/*******************************************************************
Reads or writes a structure.
********************************************************************/
bool srv_io_r_net_file_set_secdesc(const char *desc, SRV_R_NET_FILE_SET_SECDESC *r_n, prs_struct *ps, int depth)
{
if (r_n == NULL)
return False;
prs_debug(ps, depth, desc, "srv_io_r_net_file_set_secdesc");
depth++;
if(!prs_align(ps))
return False;
if(!prs_werror("status", ps, depth, &r_n->status))
return False;
return True;
}

46
source3/rpc_server/srv_srvsvc.c
View File

@ -291,28 +291,7 @@ static bool api_srv_net_name_validate(pipes_struct *p)
static bool api_srv_net_file_query_secdesc(pipes_struct *p)
{
SRV_Q_NET_FILE_QUERY_SECDESC q_u;
SRV_R_NET_FILE_QUERY_SECDESC r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
/* Unmarshall the net file get info from Win9x */
if(!srv_io_q_net_file_query_secdesc("", &q_u, data, 0)) {
DEBUG(0,("api_srv_net_file_query_secdesc: Failed to unmarshall SRV_Q_NET_FILE_QUERY_SECDESC.\n"));
return False;
}
r_u.status = _srv_net_file_query_secdesc(p, &q_u, &r_u);
if(!srv_io_r_net_file_query_secdesc("", &r_u, rdata, 0)) {
DEBUG(0,("api_srv_net_file_query_secdesc: Failed to marshall SRV_R_NET_FILE_QUERY_SECDESC.\n"));
return False;
}
return True;
return proxy_srvsvc_call(p, NDR_SRVSVC_NETGETFILESECURITY);
}
/*******************************************************************
@ -321,28 +300,7 @@ static bool api_srv_net_file_query_secdesc(pipes_struct *p)
static bool api_srv_net_file_set_secdesc(pipes_struct *p)
{
SRV_Q_NET_FILE_SET_SECDESC q_u;
SRV_R_NET_FILE_SET_SECDESC r_u;
prs_struct *data = &p->in_data.data;
prs_struct *rdata = &p->out_data.rdata;
ZERO_STRUCT(q_u);
ZERO_STRUCT(r_u);
/* Unmarshall the net file set info from Win9x */
if(!srv_io_q_net_file_set_secdesc("", &q_u, data, 0)) {
DEBUG(0,("api_srv_net_file_set_secdesc: Failed to unmarshall SRV_Q_NET_FILE_SET_SECDESC.\n"));
return False;
}
r_u.status = _srv_net_file_set_secdesc(p, &q_u, &r_u);
if(!srv_io_r_net_file_set_secdesc("", &r_u, rdata, 0)) {
DEBUG(0,("api_srv_net_file_set_secdesc: Failed to marshall SRV_R_NET_FILE_SET_SECDESC.\n"));
return False;
}
return True;
return proxy_srvsvc_call(p, NDR_SRVSVC_NETSETFILESECURITY);
}
/*******************************************************************

120
source3/rpc_server/srv_srvsvc_nt.c
View File

@ -2068,11 +2068,12 @@ WERROR _srvsvc_NetRemoteTOD(pipes_struct *p,
}
/***********************************************************************************
_srvsvc_NetGetFileSecurity
Win9x NT tools get security descriptor.
***********************************************************************************/
WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC *q_u,
SRV_R_NET_FILE_QUERY_SECDESC *r_u)
WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
struct srvsvc_NetGetFileSecurity *r)
{
SEC_DESC *psd = NULL;
size_t sd_size;
@ -2082,18 +2083,20 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
char *qualname = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
WERROR werr;
struct current_user user;
connection_struct *conn = NULL;
bool became_user = False;
TALLOC_CTX *ctx = p->mem_ctx;
struct sec_desc_buf *sd_buf;
ZERO_STRUCT(st);
r_u->status = WERR_OK;
werr = WERR_OK;
qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name);
qualname = talloc_strdup(ctx, r->in.share);
if (!qualname) {
r_u->status = WERR_ACCESS_DENIED;
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@ -2107,35 +2110,38 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
unbecome_root();
if (conn == NULL) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to connect to %s\n", qualname));
r_u->status = ntstatus_to_werror(nt_status);
DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to connect to %s\n",
qualname));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
if (!become_user(conn, conn->vuid)) {
DEBUG(0,("_srv_net_file_query_secdesc: Can't become connected user!\n"));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n"));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
became_user = True;
filename_in = unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name);
filename_in = talloc_strdup(ctx, r->in.file);
if (!filename_in) {
r_u->status = WERR_ACCESS_DENIED;
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = unix_convert(ctx, conn, filename_in, False, &filename, NULL, &st);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_query_secdesc: bad pathname %s\n", filename));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n",
filename));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = check_name(conn, filename);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_query_secdesc: can't access %s\n", filename));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n",
filename));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@ -2145,24 +2151,30 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
|DACL_SECURITY_INFORMATION), &psd);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to get NT ACL for file %s\n", filename));
r_u->status = ntstatus_to_werror(nt_status);
DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL for file %s\n",
filename));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
sd_size = ndr_size_security_descriptor(psd, 0);
r_u->ptr_response = 1;
r_u->size_response = sd_size;
r_u->ptr_secdesc = 1;
r_u->size_secdesc = sd_size;
r_u->sec_desc = psd;
sd_buf = TALLOC_ZERO_P(ctx, struct sec_desc_buf);
if (!sd_buf) {
werr = WERR_NOMEM;
goto error_exit;
}
sd_buf->sd_size = sd_size;
sd_buf->sd = psd;
*r->out.sd_buf = sd_buf;
psd->dacl->revision = NT4_ACL_REVISION;
unbecome_user();
close_cnum(conn, user.vuid);
return r_u->status;
return werr;
error_exit:
@ -2172,15 +2184,16 @@ error_exit:
if (conn)
close_cnum(conn, user.vuid);
return r_u->status;
return werr;
}
/***********************************************************************************
_srvsvc_NetSetFileSecurity
Win9x NT tools set security descriptor.
***********************************************************************************/
WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_u,
SRV_R_NET_FILE_SET_SECDESC *r_u)
WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
struct srvsvc_NetSetFileSecurity *r)
{
char *filename_in = NULL;
char *filename = NULL;
@ -2189,6 +2202,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
files_struct *fsp = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
WERROR werr;
struct current_user user;
connection_struct *conn = NULL;
bool became_user = False;
@ -2196,11 +2210,11 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
ZERO_STRUCT(st);
r_u->status = WERR_OK;
werr = WERR_OK;
qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name);
qualname = talloc_strdup(ctx, r->in.share);
if (!qualname) {
r_u->status = WERR_ACCESS_DENIED;
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@ -2214,35 +2228,35 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
unbecome_root();
if (conn == NULL) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to connect to %s\n", qualname));
r_u->status = ntstatus_to_werror(nt_status);
DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to connect to %s\n", qualname));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
if (!become_user(conn, conn->vuid)) {
DEBUG(0,("_srv_net_file_set_secdesc: Can't become connected user!\n"));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(0,("_srvsvc_NetSetFileSecurity: Can't become connected user!\n"));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
became_user = True;
filename_in= unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name);
filename_in = talloc_strdup(ctx, r->in.file);
if (!filename_in) {
r_u->status = WERR_ACCESS_DENIED;
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = unix_convert(ctx, conn, filename, False, &filename, NULL, &st);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_set_secdesc: bad pathname %s\n", filename));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(3,("_srvsvc_NetSetFileSecurity: bad pathname %s\n", filename));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = check_name(conn, filename);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(3,("_srv_net_file_set_secdesc: can't access %s\n", filename));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(3,("_srvsvc_NetSetFileSecurity: can't access %s\n", filename));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@ -2260,24 +2274,26 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
NULL, &fsp);
if ( !NT_STATUS_IS_OK(nt_status) ) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to open file %s\n", filename));
r_u->status = ntstatus_to_werror(nt_status);
DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to open file %s\n", filename));
werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
}
nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, q_u->sec_info, q_u->sec_desc);
nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name,
r->in.securityinformation,
r->in.sd_buf->sd);
if (!NT_STATUS_IS_OK(nt_status) ) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to set NT ACL on file %s\n", filename));
r_u->status = WERR_ACCESS_DENIED;
DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL on file %s\n", filename));
werr = WERR_ACCESS_DENIED;
goto error_exit;
}
close_file(fsp, NORMAL_CLOSE);
unbecome_user();
close_cnum(conn, user.vuid);
return r_u->status;
return werr;
error_exit:
@ -2293,7 +2309,7 @@ error_exit:
close_cnum(conn, user.vuid);
}
return r_u->status;
return werr;
}
/***********************************************************************************
@ -2582,18 +2598,6 @@ WERROR _srvsvc_NetShareDelCommit(pipes_struct *p, struct srvsvc_NetShareDelCommi
return WERR_NOT_SUPPORTED;
}
WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecurity *r)
{
p->rng_fault_state = True;
return WERR_NOT_SUPPORTED;
}
WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecurity *r)
{
p->rng_fault_state = True;
return WERR_NOT_SUPPORTED;
}
WERROR _srvsvc_NetServerTransportAddEx(pipes_struct *p, struct srvsvc_NetServerTransportAddEx *r)
{
p->rng_fault_state = True;

31
source3/rpcclient/cmd_srvsvc.c
View File

@ -604,6 +604,36 @@ static WERROR cmd_srvsvc_net_name_validate(struct rpc_pipe_client *cli,
return result;
}
static WERROR cmd_srvsvc_net_file_get_sec(struct rpc_pipe_client *cli,
TALLOC_CTX *mem_ctx,
int argc, const char **argv)
{
WERROR result;
NTSTATUS status;
struct sec_desc_buf *sd_buf = NULL;
if (argc < 2 || argc > 4) {
printf("Usage: %s [sharename] [file]\n", argv[0]);
return WERR_OK;
}
status = rpccli_srvsvc_NetGetFileSecurity(cli, mem_ctx,
cli->cli->desthost,
argv[1],
argv[2],
SECINFO_DACL,
&sd_buf,
&result);
if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(result)) {
goto done;
}
display_sec_desc(sd_buf->sd);
done:
return result;
}
/* List of commands exported by this module */
@ -619,6 +649,7 @@ struct cmd_set srvsvc_commands[] = {
{ "netfileenum", RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_file_enum, PI_SRVSVC, NULL, "Enumerate open files", "" },
{ "netremotetod",RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_remote_tod, PI_SRVSVC, NULL, "Fetch remote time of day", "" },
{ "netnamevalidate", RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_name_validate, PI_SRVSVC, NULL, "Validate sharename", "" },
{ "netfilegetsec", RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_file_get_sec, PI_SRVSVC, NULL, "Get File security", "" },
{ NULL }
};

2
source3/smbd/trans2.c
View File

@ -3189,7 +3189,7 @@ cap_low = 0x%x, cap_high = 0x%x\n",
}
DEBUG( 4,("call_trans2setfsinfo: "
"request transport encrption.\n"));
"request transport encryption.\n"));
status = srv_request_encryption_setup(conn,
(unsigned char **)ppdata,

9
source3/torture/torture.c
View File

@ -5502,6 +5502,7 @@ static void usage(void)
int gotpass = 0;
bool correct = True;
TALLOC_CTX *frame = talloc_stackframe();
int seed = time(NULL);
dbf = x_stdout;
@ -5547,8 +5548,6 @@ static void usage(void)
argc--;
argv++;
srandom(time(NULL));
fstrcpy(workgroup, lp_workgroup());
while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Aec:ks:b:")) != EOF) {
@ -5557,7 +5556,7 @@ static void usage(void)
port_to_use = atoi(optarg);
break;
case 's':
srandom(atoi(optarg));
seed = atoi(optarg);
break;
case 'W':
fstrcpy(workgroup,optarg);
@ -5620,6 +5619,10 @@ static void usage(void)
}
}
d_printf("using seed %d\n", seed);
srandom(seed);
if(use_kerberos && !gotuser) gotpass = True;
while (!gotpass) {