Line data Source code
1 : /*
2 : Unix SMB/CIFS implementation.
3 : ACL get/set operations
4 :
5 : Copyright (C) Andrew Tridgell 2003-2004
6 :
7 : This program is free software; you can redistribute it and/or modify
8 : it under the terms of the GNU General Public License as published by
9 : the Free Software Foundation; either version 3 of the License, or
10 : (at your option) any later version.
11 :
12 : This program is distributed in the hope that it will be useful,
13 : but WITHOUT ANY WARRANTY; without even the implied warranty of
14 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 : GNU General Public License for more details.
16 :
17 : You should have received a copy of the GNU General Public License
18 : along with this program. If not, see <http://www.gnu.org/licenses/>.
19 : */
20 :
21 : #include "includes.h"
22 : #include "libcli/raw/libcliraw.h"
23 : #include "libcli/raw/raw_proto.h"
24 : #include "librpc/gen_ndr/ndr_security.h"
25 :
26 : /****************************************************************************
27 : fetch file ACL (async send)
28 : ****************************************************************************/
29 572 : struct smbcli_request *smb_raw_query_secdesc_send(struct smbcli_tree *tree,
30 : union smb_fileinfo *io)
31 : {
32 : struct smb_nttrans nt;
33 : uint8_t params[8];
34 :
35 572 : nt.in.max_setup = 0;
36 572 : nt.in.max_param = 4;
37 572 : nt.in.max_data = 0xFFFF;
38 572 : nt.in.setup_count = 0;
39 572 : nt.in.function = NT_TRANSACT_QUERY_SECURITY_DESC;
40 572 : nt.in.setup = NULL;
41 :
42 572 : SSVAL(params, 0, io->query_secdesc.in.file.fnum);
43 572 : SSVAL(params, 2, 0); /* padding */
44 572 : SIVAL(params, 4, io->query_secdesc.in.secinfo_flags);
45 :
46 572 : nt.in.params.data = params;
47 572 : nt.in.params.length = 8;
48 :
49 572 : nt.in.data = data_blob(NULL, 0);
50 :
51 572 : return smb_raw_nttrans_send(tree, &nt);
52 : }
53 :
54 :
55 : /****************************************************************************
56 : fetch file ACL (async recv)
57 : ****************************************************************************/
58 572 : NTSTATUS smb_raw_query_secdesc_recv(struct smbcli_request *req,
59 : TALLOC_CTX *mem_ctx,
60 : union smb_fileinfo *io)
61 : {
62 : NTSTATUS status;
63 : struct smb_nttrans nt;
64 : struct ndr_pull *ndr;
65 : enum ndr_err_code ndr_err;
66 :
67 572 : status = smb_raw_nttrans_recv(req, mem_ctx, &nt);
68 572 : if (!NT_STATUS_IS_OK(status)) {
69 0 : return status;
70 : }
71 :
72 : /* check that the basics are valid */
73 1144 : if (nt.out.params.length != 4 ||
74 572 : IVAL(nt.out.params.data, 0) > nt.out.data.length) {
75 0 : return NT_STATUS_INVALID_PARAMETER;
76 : }
77 :
78 572 : nt.out.data.length = IVAL(nt.out.params.data, 0);
79 :
80 572 : ndr = ndr_pull_init_blob(&nt.out.data, mem_ctx);
81 572 : if (!ndr) {
82 0 : return NT_STATUS_INVALID_PARAMETER;
83 : }
84 :
85 572 : io->query_secdesc.out.sd = talloc(mem_ctx, struct security_descriptor);
86 572 : if (!io->query_secdesc.out.sd) {
87 0 : return NT_STATUS_NO_MEMORY;
88 : }
89 572 : ndr_err = ndr_pull_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS,
90 : io->query_secdesc.out.sd);
91 572 : if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
92 0 : return ndr_map_error2ntstatus(ndr_err);
93 : }
94 :
95 572 : return NT_STATUS_OK;
96 : }
97 :
98 :
99 : /****************************************************************************
100 : fetch file ACL (sync interface)
101 : ****************************************************************************/
102 0 : NTSTATUS smb_raw_query_secdesc(struct smbcli_tree *tree,
103 : TALLOC_CTX *mem_ctx,
104 : union smb_fileinfo *io)
105 : {
106 0 : struct smbcli_request *req = smb_raw_query_secdesc_send(tree, io);
107 0 : return smb_raw_query_secdesc_recv(req, mem_ctx, io);
108 : }
109 :
110 :
111 :
112 : /****************************************************************************
113 : set file ACL (async send)
114 : ****************************************************************************/
115 531 : struct smbcli_request *smb_raw_set_secdesc_send(struct smbcli_tree *tree,
116 : union smb_setfileinfo *io)
117 : {
118 : struct smb_nttrans nt;
119 : uint8_t params[8];
120 : struct ndr_push *ndr;
121 : struct smbcli_request *req;
122 : enum ndr_err_code ndr_err;
123 :
124 531 : nt.in.max_setup = 0;
125 531 : nt.in.max_param = 0;
126 531 : nt.in.max_data = 0;
127 531 : nt.in.setup_count = 0;
128 531 : nt.in.function = NT_TRANSACT_SET_SECURITY_DESC;
129 531 : nt.in.setup = NULL;
130 :
131 531 : SSVAL(params, 0, io->set_secdesc.in.file.fnum);
132 531 : SSVAL(params, 2, 0); /* padding */
133 531 : SIVAL(params, 4, io->set_secdesc.in.secinfo_flags);
134 :
135 531 : nt.in.params.data = params;
136 531 : nt.in.params.length = 8;
137 :
138 531 : ndr = ndr_push_init_ctx(NULL);
139 531 : if (!ndr) return NULL;
140 :
141 531 : ndr_err = ndr_push_security_descriptor(ndr, NDR_SCALARS|NDR_BUFFERS, io->set_secdesc.in.sd);
142 531 : if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
143 0 : talloc_free(ndr);
144 0 : return NULL;
145 : }
146 :
147 531 : nt.in.data = ndr_push_blob(ndr);
148 :
149 531 : req = smb_raw_nttrans_send(tree, &nt);
150 :
151 531 : talloc_free(ndr);
152 531 : return req;
153 : }
154 :
155 : /****************************************************************************
156 : set file ACL (sync interface)
157 : ****************************************************************************/
158 0 : NTSTATUS smb_raw_set_secdesc(struct smbcli_tree *tree,
159 : union smb_setfileinfo *io)
160 : {
161 0 : struct smbcli_request *req = smb_raw_set_secdesc_send(tree, io);
162 0 : return smbcli_request_simple_recv(req);
163 : }
|
