summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2001-10-12 22:00:38 +0000
committerJeremy Allison <jra@samba.org>2001-10-12 22:00:38 +0000
commit812dcab195504301faea7443f1cb900dea57a823 (patch)
treed695e4765996070b58d1d82870f671fb24847004 /source3/smbd
parent3a5be6bae84aff434cfc5cc2fc00b1efe13abf39 (diff)
downloadsamba-812dcab195504301faea7443f1cb900dea57a823.tar.gz
samba-812dcab195504301faea7443f1cb900dea57a823.tar.bz2
samba-812dcab195504301faea7443f1cb900dea57a823.zip
Made nt acl support a local parameter for w2ksp2 profile fix.
Jeremy. (This used to be commit ebba334c15619610475a5c8242a55ed4fcdedf7c)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/nttrans.c80
-rw-r--r--source3/smbd/trans2.c2
2 files changed, 55 insertions, 27 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 2618a96913..1d8d2bae3e 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1463,6 +1463,23 @@ static int call_nt_transact_rename(connection_struct *conn,
return -1;
}
+/******************************************************************************
+ Fake up a completely empty SD.
+*******************************************************************************/
+
+static size_t get_null_nt_acl(TALLOC_CTX *mem_ctx, SEC_DESC **ppsd)
+{
+ extern DOM_SID global_sid_World;
+ size_t sd_size;
+
+ *ppsd = make_standard_sec_desc( mem_ctx, &global_sid_World, &global_sid_World, NULL, &sd_size);
+ if(!*ppsd) {
+ DEBUG(0,("get_null_nt_acl: Unable to malloc space for security descriptor.\n"));
+ sd_size = 0;
+ }
+
+ return sd_size;
+}
/****************************************************************************
Reply to query a security descriptor - currently this is not implemented (it
@@ -1496,12 +1513,24 @@ static int call_nt_transact_query_security_desc(connection_struct *conn,
*ppparams = params;
+ if ((mem_ctx = talloc_init()) == NULL) {
+ DEBUG(0,("call_nt_transact_query_security_desc: talloc_init failed.\n"));
+ return ERROR_DOS(ERRDOS,ERRnomem);
+ }
+
/*
* Get the permissions to return.
*/
- if((sd_size = conn->vfs_ops.fget_nt_acl(fsp, fsp->fd, &psd)) == 0)
+ if (!lp_nt_acl_support(SNUM(conn)))
+ sd_size = get_null_nt_acl(mem_ctx, &psd);
+ else
+ sd_size = conn->vfs_ops.fget_nt_acl(fsp, fsp->fd, &psd);
+
+ if (sd_size == 0) {
+ talloc_destroy(mem_ctx);
return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
DEBUG(3,("call_nt_transact_query_security_desc: sd_size = %d.\n",(int)sd_size));
@@ -1511,6 +1540,7 @@ static int call_nt_transact_query_security_desc(connection_struct *conn,
send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_BUFFER_TOO_SMALL,
params, 4, *ppdata, 0);
+ talloc_destroy(mem_ctx);
return -1;
}
@@ -1520,6 +1550,7 @@ static int call_nt_transact_query_security_desc(connection_struct *conn,
data = Realloc(*ppdata, sd_size);
if(data == NULL) {
+ talloc_destroy(mem_ctx);
return ERROR_DOS(ERRDOS,ERRnomem);
}
@@ -1531,11 +1562,6 @@ static int call_nt_transact_query_security_desc(connection_struct *conn,
* Init the parse struct we will marshall into.
*/
- if ((mem_ctx = talloc_init()) == NULL) {
- DEBUG(0,("call_nt_transact_query_security_desc: talloc_init failed.\n"));
- return ERROR_DOS(ERRDOS,ERRnomem);
- }
-
prs_init(&pd, 0, mem_ctx, MARSHALL);
/*
@@ -1578,34 +1604,36 @@ static int call_nt_transact_set_security_desc(connection_struct *conn,
int bufsize, char **ppsetup,
char **ppparams, char **ppdata)
{
- uint32 total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount);
- char *params= *ppparams;
- char *data = *ppdata;
- uint32 total_data_count = (uint32)IVAL(inbuf, smb_nts_TotalDataCount);
- files_struct *fsp = NULL;
- uint32 security_info_sent = 0;
- int error_class;
- uint32 error_code;
+ uint32 total_parameter_count = IVAL(inbuf, smb_nts_TotalParameterCount);
+ char *params= *ppparams;
+ char *data = *ppdata;
+ uint32 total_data_count = (uint32)IVAL(inbuf, smb_nts_TotalDataCount);
+ files_struct *fsp = NULL;
+ uint32 security_info_sent = 0;
+ int error_class;
+ uint32 error_code;
- if(!lp_nt_acl_support())
- return(UNIXERROR(ERRDOS,ERRnoaccess));
+ if(total_parameter_count < 8)
+ return ERROR_DOS(ERRDOS,ERRbadfunc);
- if(total_parameter_count < 8)
- return ERROR_DOS(ERRDOS,ERRbadfunc);
+ if((fsp = file_fsp(params,0)) == NULL)
+ return ERROR_DOS(ERRDOS,ERRbadfid);
- if((fsp = file_fsp(params,0)) == NULL)
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ if(!lp_nt_acl_support(SNUM(conn)))
+ goto done;
- security_info_sent = IVAL(params,4);
+ security_info_sent = IVAL(params,4);
- DEBUG(3,("call_nt_transact_set_security_desc: file = %s, sent 0x%x\n", fsp->fsp_name,
- (unsigned int)security_info_sent ));
+ DEBUG(3,("call_nt_transact_set_security_desc: file = %s, sent 0x%x\n", fsp->fsp_name,
+ (unsigned int)security_info_sent ));
- if (!set_sd( fsp, data, total_data_count, security_info_sent, &error_class, &error_code))
+ if (!set_sd( fsp, data, total_data_count, security_info_sent, &error_class, &error_code))
return ERROR_DOS(error_class, error_code);
- send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
- return -1;
+ done:
+
+ send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
+ return -1;
}
/****************************************************************************
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 0941d9f692..9b0fd379cf 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -1159,7 +1159,7 @@ static int call_trans2qfsinfo(connection_struct *conn,
case SMB_QUERY_FS_ATTRIBUTE_INFO:
SIVAL(pdata,0,FILE_CASE_PRESERVED_NAMES|FILE_CASE_SENSITIVE_SEARCH|
FILE_DEVICE_IS_MOUNTED|
- (lp_nt_acl_support() ? FILE_PERSISTENT_ACLS : 0)); /* FS ATTRIBUTES */
+ (lp_nt_acl_support(SNUM(conn)) ? FILE_PERSISTENT_ACLS : 0)); /* FS ATTRIBUTES */
SIVAL(pdata,4,255); /* Max filename component length */
len = srvstr_push(outbuf, pdata+12, fstype, -1, STR_TERMINATE);
SIVAL(pdata,8,len);