diff options
author | Jelmer Vernooij <jelmer@samba.org> | 2008-03-09 13:51:52 +0100 |
---|---|---|
committer | Jelmer Vernooij <jelmer@samba.org> | 2008-03-09 13:51:52 +0100 |
commit | acc63121ac94ce50495213636b66cf0667c359ff (patch) | |
tree | f4247aa8b43041a4fbbaae474dedcb70df12904f /source3/rpc_server | |
parent | 5b8823e49ac6601ffe4b06495b3e7a95e2337090 (diff) | |
parent | 87805819f108f0d2a7376ca78952a6e6a36bc6db (diff) | |
download | samba-acc63121ac94ce50495213636b66cf0667c359ff.tar.gz samba-acc63121ac94ce50495213636b66cf0667c359ff.tar.bz2 samba-acc63121ac94ce50495213636b66cf0667c359ff.zip |
Merge branch 'v3-2-test' of ssh://git.samba.org/data/git/samba into v3-2-test
(This used to be commit 09e5c6adde5564afc0d1be25f297fbfd284d559f)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r-- | source3/rpc_server/srv_srvsvc.c | 46 | ||||
-rw-r--r-- | source3/rpc_server/srv_srvsvc_nt.c | 120 |
2 files changed, 64 insertions, 102 deletions
diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c index 1873bcb578..5351f93346 100644 --- a/source3/rpc_server/srv_srvsvc.c +++ b/source3/rpc_server/srv_srvsvc.c @@ -291,28 +291,7 @@ static bool api_srv_net_name_validate(pipes_struct *p) static bool api_srv_net_file_query_secdesc(pipes_struct *p) { - SRV_Q_NET_FILE_QUERY_SECDESC q_u; - SRV_R_NET_FILE_QUERY_SECDESC r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* Unmarshall the net file get info from Win9x */ - if(!srv_io_q_net_file_query_secdesc("", &q_u, data, 0)) { - DEBUG(0,("api_srv_net_file_query_secdesc: Failed to unmarshall SRV_Q_NET_FILE_QUERY_SECDESC.\n")); - return False; - } - - r_u.status = _srv_net_file_query_secdesc(p, &q_u, &r_u); - - if(!srv_io_r_net_file_query_secdesc("", &r_u, rdata, 0)) { - DEBUG(0,("api_srv_net_file_query_secdesc: Failed to marshall SRV_R_NET_FILE_QUERY_SECDESC.\n")); - return False; - } - - return True; + return proxy_srvsvc_call(p, NDR_SRVSVC_NETGETFILESECURITY); } /******************************************************************* @@ -321,28 +300,7 @@ static bool api_srv_net_file_query_secdesc(pipes_struct *p) static bool api_srv_net_file_set_secdesc(pipes_struct *p) { - SRV_Q_NET_FILE_SET_SECDESC q_u; - SRV_R_NET_FILE_SET_SECDESC r_u; - prs_struct *data = &p->in_data.data; - prs_struct *rdata = &p->out_data.rdata; - - ZERO_STRUCT(q_u); - ZERO_STRUCT(r_u); - - /* Unmarshall the net file set info from Win9x */ - if(!srv_io_q_net_file_set_secdesc("", &q_u, data, 0)) { - DEBUG(0,("api_srv_net_file_set_secdesc: Failed to unmarshall SRV_Q_NET_FILE_SET_SECDESC.\n")); - return False; - } - - r_u.status = _srv_net_file_set_secdesc(p, &q_u, &r_u); - - if(!srv_io_r_net_file_set_secdesc("", &r_u, rdata, 0)) { - DEBUG(0,("api_srv_net_file_set_secdesc: Failed to marshall SRV_R_NET_FILE_SET_SECDESC.\n")); - return False; - } - - return True; + return proxy_srvsvc_call(p, NDR_SRVSVC_NETSETFILESECURITY); } /******************************************************************* diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index d45ebb26e6..0d4addde14 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -2068,11 +2068,12 @@ WERROR _srvsvc_NetRemoteTOD(pipes_struct *p, } /*********************************************************************************** + _srvsvc_NetGetFileSecurity Win9x NT tools get security descriptor. ***********************************************************************************/ -WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC *q_u, - SRV_R_NET_FILE_QUERY_SECDESC *r_u) +WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, + struct srvsvc_NetGetFileSecurity *r) { SEC_DESC *psd = NULL; size_t sd_size; @@ -2082,18 +2083,20 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC char *qualname = NULL; SMB_STRUCT_STAT st; NTSTATUS nt_status; + WERROR werr; struct current_user user; connection_struct *conn = NULL; bool became_user = False; TALLOC_CTX *ctx = p->mem_ctx; + struct sec_desc_buf *sd_buf; ZERO_STRUCT(st); - r_u->status = WERR_OK; + werr = WERR_OK; - qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name); + qualname = talloc_strdup(ctx, r->in.share); if (!qualname) { - r_u->status = WERR_ACCESS_DENIED; + werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2107,35 +2110,38 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC unbecome_root(); if (conn == NULL) { - DEBUG(3,("_srv_net_file_query_secdesc: Unable to connect to %s\n", qualname)); - r_u->status = ntstatus_to_werror(nt_status); + DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to connect to %s\n", + qualname)); + werr = ntstatus_to_werror(nt_status); goto error_exit; } if (!become_user(conn, conn->vuid)) { - DEBUG(0,("_srv_net_file_query_secdesc: Can't become connected user!\n")); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n")); + werr = WERR_ACCESS_DENIED; goto error_exit; } became_user = True; - filename_in = unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name); + filename_in = talloc_strdup(ctx, r->in.file); if (!filename_in) { - r_u->status = WERR_ACCESS_DENIED; + werr = WERR_ACCESS_DENIED; goto error_exit; } nt_status = unix_convert(ctx, conn, filename_in, False, &filename, NULL, &st); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(3,("_srv_net_file_query_secdesc: bad pathname %s\n", filename)); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n", + filename)); + werr = WERR_ACCESS_DENIED; goto error_exit; } nt_status = check_name(conn, filename); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(3,("_srv_net_file_query_secdesc: can't access %s\n", filename)); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n", + filename)); + werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2145,24 +2151,30 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC |DACL_SECURITY_INFORMATION), &psd); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(3,("_srv_net_file_query_secdesc: Unable to get NT ACL for file %s\n", filename)); - r_u->status = ntstatus_to_werror(nt_status); + DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL for file %s\n", + filename)); + werr = ntstatus_to_werror(nt_status); goto error_exit; } sd_size = ndr_size_security_descriptor(psd, 0); - r_u->ptr_response = 1; - r_u->size_response = sd_size; - r_u->ptr_secdesc = 1; - r_u->size_secdesc = sd_size; - r_u->sec_desc = psd; + sd_buf = TALLOC_ZERO_P(ctx, struct sec_desc_buf); + if (!sd_buf) { + werr = WERR_NOMEM; + goto error_exit; + } + + sd_buf->sd_size = sd_size; + sd_buf->sd = psd; + + *r->out.sd_buf = sd_buf; psd->dacl->revision = NT4_ACL_REVISION; unbecome_user(); close_cnum(conn, user.vuid); - return r_u->status; + return werr; error_exit: @@ -2172,15 +2184,16 @@ error_exit: if (conn) close_cnum(conn, user.vuid); - return r_u->status; + return werr; } /*********************************************************************************** + _srvsvc_NetSetFileSecurity Win9x NT tools set security descriptor. ***********************************************************************************/ -WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_u, - SRV_R_NET_FILE_SET_SECDESC *r_u) +WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, + struct srvsvc_NetSetFileSecurity *r) { char *filename_in = NULL; char *filename = NULL; @@ -2189,6 +2202,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ files_struct *fsp = NULL; SMB_STRUCT_STAT st; NTSTATUS nt_status; + WERROR werr; struct current_user user; connection_struct *conn = NULL; bool became_user = False; @@ -2196,11 +2210,11 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ ZERO_STRUCT(st); - r_u->status = WERR_OK; + werr = WERR_OK; - qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name); + qualname = talloc_strdup(ctx, r->in.share); if (!qualname) { - r_u->status = WERR_ACCESS_DENIED; + werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2214,35 +2228,35 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ unbecome_root(); if (conn == NULL) { - DEBUG(3,("_srv_net_file_set_secdesc: Unable to connect to %s\n", qualname)); - r_u->status = ntstatus_to_werror(nt_status); + DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to connect to %s\n", qualname)); + werr = ntstatus_to_werror(nt_status); goto error_exit; } if (!become_user(conn, conn->vuid)) { - DEBUG(0,("_srv_net_file_set_secdesc: Can't become connected user!\n")); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(0,("_srvsvc_NetSetFileSecurity: Can't become connected user!\n")); + werr = WERR_ACCESS_DENIED; goto error_exit; } became_user = True; - filename_in= unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name); + filename_in = talloc_strdup(ctx, r->in.file); if (!filename_in) { - r_u->status = WERR_ACCESS_DENIED; + werr = WERR_ACCESS_DENIED; goto error_exit; } nt_status = unix_convert(ctx, conn, filename, False, &filename, NULL, &st); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(3,("_srv_net_file_set_secdesc: bad pathname %s\n", filename)); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(3,("_srvsvc_NetSetFileSecurity: bad pathname %s\n", filename)); + werr = WERR_ACCESS_DENIED; goto error_exit; } nt_status = check_name(conn, filename); if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(3,("_srv_net_file_set_secdesc: can't access %s\n", filename)); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(3,("_srvsvc_NetSetFileSecurity: can't access %s\n", filename)); + werr = WERR_ACCESS_DENIED; goto error_exit; } @@ -2260,24 +2274,26 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_ NULL, &fsp); if ( !NT_STATUS_IS_OK(nt_status) ) { - DEBUG(3,("_srv_net_file_set_secdesc: Unable to open file %s\n", filename)); - r_u->status = ntstatus_to_werror(nt_status); + DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to open file %s\n", filename)); + werr = ntstatus_to_werror(nt_status); goto error_exit; } } - nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, q_u->sec_info, q_u->sec_desc); + nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, + r->in.securityinformation, + r->in.sd_buf->sd); if (!NT_STATUS_IS_OK(nt_status) ) { - DEBUG(3,("_srv_net_file_set_secdesc: Unable to set NT ACL on file %s\n", filename)); - r_u->status = WERR_ACCESS_DENIED; + DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL on file %s\n", filename)); + werr = WERR_ACCESS_DENIED; goto error_exit; } close_file(fsp, NORMAL_CLOSE); unbecome_user(); close_cnum(conn, user.vuid); - return r_u->status; + return werr; error_exit: @@ -2293,7 +2309,7 @@ error_exit: close_cnum(conn, user.vuid); } - return r_u->status; + return werr; } /*********************************************************************************** @@ -2582,18 +2598,6 @@ WERROR _srvsvc_NetShareDelCommit(pipes_struct *p, struct srvsvc_NetShareDelCommi return WERR_NOT_SUPPORTED; } -WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecurity *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - -WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecurity *r) -{ - p->rng_fault_state = True; - return WERR_NOT_SUPPORTED; -} - WERROR _srvsvc_NetServerTransportAddEx(pipes_struct *p, struct srvsvc_NetServerTransportAddEx *r) { p->rng_fault_state = True; |