diff options
author | Stefan Metzmacher <metze@samba.org> | 2012-11-30 13:52:53 +0100 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2012-12-02 22:53:32 +0100 |
commit | 9afba14417ebb8e13623b62d3c81492629b92f29 (patch) | |
tree | 59b7dc35f0e0e17f1218d4d779f89830125d8b56 /source3/libsmb | |
parent | cf60338ada9b1685aaa49a41cefbe1e14040a283 (diff) | |
download | samba-9afba14417ebb8e13623b62d3c81492629b92f29.tar.gz samba-9afba14417ebb8e13623b62d3c81492629b92f29.tar.bz2 samba-9afba14417ebb8e13623b62d3c81492629b92f29.zip |
s3:libsmb: add cli_{query,set}_security_descriptor() which take sec_info flags
In order to set and get security_descriptors it's important to specify
the sec_info flags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Diffstat (limited to 'source3/libsmb')
-rw-r--r-- | source3/libsmb/clisecdesc.c | 56 | ||||
-rw-r--r-- | source3/libsmb/proto.h | 9 |
2 files changed, 49 insertions, 16 deletions
diff --git a/source3/libsmb/clisecdesc.c b/source3/libsmb/clisecdesc.c index 04f661cc82..24da39dc1f 100644 --- a/source3/libsmb/clisecdesc.c +++ b/source3/libsmb/clisecdesc.c @@ -21,8 +21,11 @@ #include "libsmb/libsmb.h" #include "../libcli/security/secdesc.h" -NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, - TALLOC_CTX *mem_ctx, struct security_descriptor **sd) +NTSTATUS cli_query_security_descriptor(struct cli_state *cli, + uint16_t fnum, + uint32_t sec_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **sd) { uint8_t param[8]; uint8_t *rdata=NULL; @@ -31,7 +34,7 @@ NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, struct security_descriptor *lsd; SIVAL(param, 0, fnum); - SIVAL(param, 4, 0x7); + SIVAL(param, 4, sec_info); status = cli_trans(talloc_tos(), cli, SMBnttrans, NULL, -1, /* name, fid */ @@ -71,14 +74,23 @@ NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, return status; } +NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, + TALLOC_CTX *mem_ctx, struct security_descriptor **sd) +{ + uint32_t sec_info = SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL; + + return cli_query_security_descriptor(cli, fnum, sec_info, mem_ctx, sd); +} + /**************************************************************************** set the security descriptor for a open file ****************************************************************************/ -NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, - const struct security_descriptor *sd) +NTSTATUS cli_set_security_descriptor(struct cli_state *cli, + uint16_t fnum, + uint32_t sec_info, + const struct security_descriptor *sd) { uint8_t param[8]; - uint32 sec_info = 0; uint8 *data; size_t len; NTSTATUS status; @@ -91,16 +103,7 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, } SIVAL(param, 0, fnum); - - if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT)) - sec_info |= SECINFO_DACL; - if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT)) - sec_info |= SECINFO_SACL; - if (sd->owner_sid) - sec_info |= SECINFO_OWNER; - if (sd->group_sid) - sec_info |= SECINFO_GROUP; - SSVAL(param, 4, sec_info); + SIVAL(param, 4, sec_info); status = cli_trans(talloc_tos(), cli, SMBnttrans, NULL, -1, /* name, fid */ @@ -119,3 +122,24 @@ NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, } return status; } + +NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, + const struct security_descriptor *sd) +{ + uint32_t sec_info = 0; + + if (sd->dacl || (sd->type & SEC_DESC_DACL_PRESENT)) { + sec_info |= SECINFO_DACL; + } + if (sd->sacl || (sd->type & SEC_DESC_SACL_PRESENT)) { + sec_info |= SECINFO_SACL; + } + if (sd->owner_sid) { + sec_info |= SECINFO_OWNER; + } + if (sd->group_sid) { + sec_info |= SECINFO_GROUP; + } + + return cli_set_security_descriptor(cli, fnum, sec_info, sd); +} diff --git a/source3/libsmb/proto.h b/source3/libsmb/proto.h index e6d0ce8276..f186feeef4 100644 --- a/source3/libsmb/proto.h +++ b/source3/libsmb/proto.h @@ -792,8 +792,17 @@ NTSTATUS cli_push(struct cli_state *cli, uint16_t fnum, uint16_t mode, /* The following definitions come from libsmb/clisecdesc.c */ +NTSTATUS cli_query_security_descriptor(struct cli_state *cli, + uint16_t fnum, + uint32_t sec_info, + TALLOC_CTX *mem_ctx, + struct security_descriptor **sd); NTSTATUS cli_query_secdesc(struct cli_state *cli, uint16_t fnum, TALLOC_CTX *mem_ctx, struct security_descriptor **sd); +NTSTATUS cli_set_security_descriptor(struct cli_state *cli, + uint16_t fnum, + uint32_t sec_info, + const struct security_descriptor *sd); NTSTATUS cli_set_secdesc(struct cli_state *cli, uint16_t fnum, const struct security_descriptor *sd); |