summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/configure.in7
-rw-r--r--source3/include/rpc_srvsvc.h46
-rw-r--r--source3/libads/kerberos.c2
-rw-r--r--source3/libsmb/async_smb.c117
-rw-r--r--source3/libsmb/clireadwrite.c2
-rw-r--r--source3/libsmb/nmblib.c10
-rw-r--r--source3/libsmb/unexpected.c4
-rw-r--r--source3/rpc_parse/parse_srv.c165
-rw-r--r--source3/rpc_server/srv_srvsvc.c46
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c120
-rw-r--r--source3/rpcclient/cmd_srvsvc.c31
-rw-r--r--source3/smbd/trans2.c2
-rw-r--r--source3/torture/torture.c9
13 files changed, 177 insertions, 384 deletions
diff --git a/source3/configure.in b/source3/configure.in
index f884d9344a..2e6c109311 100644
--- a/source3/configure.in
+++ b/source3/configure.in
@@ -5341,6 +5341,13 @@ int main() { struct aiocb a; return aio_suspend64(&a, 1, NULL); }],
AC_MSG_RESULT(no)
)
+if test x"$samba_cv_HAVE_AIO" = x"yes"; then
+ if test x"$samba_cv_msghdr_msg_control" = x"yes" -o \
+ x"$samba_cv_msghdr_msg_acctright" = x"yes"; then
+ default_shared_modules="$default_shared_modules vfs_aio_fork"
+ fi
+fi
+
#################################################
# check for sendfile support
diff --git a/source3/include/rpc_srvsvc.h b/source3/include/rpc_srvsvc.h
index 3ea55bd167..60ad23eb48 100644
--- a/source3/include/rpc_srvsvc.h
+++ b/source3/include/rpc_srvsvc.h
@@ -652,50 +652,4 @@ typedef struct {
WERROR status;
} SRV_R_NET_FILE_ENUM;
-/* SRV_Q_NET_FILE_QUERY_SECDESC */
-typedef struct q_net_file_query_secdesc
-{
- uint32 ptr_srv_name;
- UNISTR2 uni_srv_name;
- uint32 ptr_qual_name;
- UNISTR2 uni_qual_name;
- UNISTR2 uni_file_name;
- uint32 unknown1;
- uint32 unknown2;
- uint32 unknown3;
-} SRV_Q_NET_FILE_QUERY_SECDESC;
-
-/* SRV_R_NET_FILE_QUERY_SECDESC */
-typedef struct r_net_file_query_secdesc
-{
- uint32 ptr_response;
- uint32 size_response;
- uint32 ptr_secdesc;
- uint32 size_secdesc;
- SEC_DESC *sec_desc;
- WERROR status;
-} SRV_R_NET_FILE_QUERY_SECDESC;
-
-/* SRV_Q_NET_FILE_SET_SECDESC */
-typedef struct q_net_file_set_secdesc
-{
- uint32 ptr_srv_name;
- UNISTR2 uni_srv_name;
- uint32 ptr_qual_name;
- UNISTR2 uni_qual_name;
- UNISTR2 uni_file_name;
- uint32 sec_info;
- uint32 size_set;
- uint32 ptr_secdesc;
- uint32 size_secdesc;
- SEC_DESC *sec_desc;
-} SRV_Q_NET_FILE_SET_SECDESC;
-
-/* SRV_R_NET_FILE_SET_SECDESC */
-typedef struct r_net_file_set_secdesc
-{
- WERROR status;
-} SRV_R_NET_FILE_SET_SECDESC;
-
-
#endif /* _RPC_SRVSVC_H */
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index b37b9a500f..ee25fb5551 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -894,6 +894,8 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
DEBUG(0,("create_local_private_krb5_conf_for_domain: smb_mkstemp failed,"
" for file %s. Errno %s\n",
tmpname, strerror(errno) ));
+ TALLOC_FREE(dname);
+ return false;
}
if (fchmod(fd, 0644)==-1) {
diff --git a/source3/libsmb/async_smb.c b/source3/libsmb/async_smb.c
index 21bcd5b9b1..04c22a9d17 100644
--- a/source3/libsmb/async_smb.c
+++ b/source3/libsmb/async_smb.c
@@ -174,24 +174,72 @@ static void handle_incoming_pdu(struct cli_state *cli)
{
struct cli_request *req;
uint16_t mid;
- size_t raw_pdu_len, buf_len, pdu_len;
- size_t rest_len;
+ size_t raw_pdu_len, buf_len, pdu_len, rest_len;
+ char *pdu;
NTSTATUS status;
/*
* The encrypted PDU len might differ from the unencrypted one
*/
raw_pdu_len = smb_len(cli->evt_inbuf) + 4;
+ buf_len = talloc_get_size(cli->evt_inbuf);
+ rest_len = buf_len - raw_pdu_len;
+
+ if (buf_len == raw_pdu_len) {
+ /*
+ * Optimal case: Exactly one PDU was in the socket buffer
+ */
+ pdu = cli->evt_inbuf;
+ cli->evt_inbuf = NULL;
+ }
+ else {
+ DEBUG(11, ("buf_len = %d, raw_pdu_len = %d, splitting "
+ "buffer\n", (int)buf_len, (int)raw_pdu_len));
+
+ if (raw_pdu_len < rest_len) {
+ /*
+ * The PDU is shorter, talloc_memdup that one.
+ */
+ pdu = (char *)talloc_memdup(
+ cli, cli->evt_inbuf, raw_pdu_len);
+
+ memmove(cli->evt_inbuf, cli->evt_inbuf + raw_pdu_len,
+ buf_len - raw_pdu_len);
+
+ cli->evt_inbuf = TALLOC_REALLOC_ARRAY(
+ NULL, cli->evt_inbuf, char, rest_len);
+
+ if (pdu == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto invalidate_requests;
+ }
+ }
+ else {
+ /*
+ * The PDU is larger than the rest, talloc_memdup the
+ * rest
+ */
+ pdu = cli->evt_inbuf;
+
+ cli->evt_inbuf = (char *)talloc_memdup(
+ cli, pdu + raw_pdu_len, rest_len);
+
+ if (cli->evt_inbuf == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto invalidate_requests;
+ }
+ }
+
+ }
/*
* TODO: Handle oplock break requests
*/
- if (cli_encryption_on(cli) && CVAL(cli->evt_inbuf, 0) == 0) {
+ if (cli_encryption_on(cli) && CVAL(pdu, 0) == 0) {
uint16_t enc_ctx_num;
- status = get_enc_ctx_num((uint8_t *)cli->evt_inbuf,
- &enc_ctx_num);
+ status = get_enc_ctx_num((uint8_t *)pdu, &enc_ctx_num);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("get_enc_ctx_num returned %s\n",
nt_errstr(status)));
@@ -207,7 +255,7 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
status = common_decrypt_buffer(cli->trans_enc_state,
- cli->evt_inbuf);
+ pdu);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("common_decrypt_buffer returned %s\n",
nt_errstr(status)));
@@ -215,13 +263,13 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
}
- if (!cli_check_sign_mac(cli, cli->evt_inbuf)) {
+ if (!cli_check_sign_mac(cli, pdu)) {
DEBUG(10, ("cli_check_sign_mac failed\n"));
status = NT_STATUS_ACCESS_DENIED;
goto invalidate_requests;
}
- mid = SVAL(cli->evt_inbuf, smb_mid);
+ mid = SVAL(pdu, smb_mid);
DEBUG(10, ("handle_incoming_pdu: got mid %d\n", mid));
@@ -231,64 +279,17 @@ static void handle_incoming_pdu(struct cli_state *cli)
}
}
- buf_len = talloc_get_size(cli->evt_inbuf);
- pdu_len = smb_len(cli->evt_inbuf) + 4;
- rest_len = buf_len - raw_pdu_len;
+ pdu_len = smb_len(pdu) + 4;
if (req == NULL) {
DEBUG(3, ("Request for mid %d not found, dumping PDU\n", mid));
- memmove(cli->evt_inbuf, cli->evt_inbuf + raw_pdu_len,
- buf_len - raw_pdu_len);
-
- cli->evt_inbuf = TALLOC_REALLOC_ARRAY(NULL, cli->evt_inbuf,
- char, rest_len);
+ TALLOC_FREE(pdu);
return;
}
- if (buf_len == pdu_len) {
- /*
- * Optimal case: Exactly one PDU was in the socket buffer
- */
- req->inbuf = talloc_move(req, &cli->evt_inbuf);
- goto done;
- }
-
- DEBUG(11, ("buf_len = %d, pdu_len = %d, splitting buffer\n",
- (int)buf_len, (int)pdu_len));
-
- if (pdu_len < rest_len) {
- /*
- * The PDU is shorter, talloc_memdup that one.
- */
- req->inbuf = (char *)talloc_memdup(
- req, cli->evt_inbuf, pdu_len);
-
- memmove(cli->evt_inbuf,
- cli->evt_inbuf + raw_pdu_len,
- buf_len - raw_pdu_len);
-
- cli->evt_inbuf = TALLOC_REALLOC_ARRAY(
- NULL, cli->evt_inbuf, char, rest_len);
- }
- else {
- /*
- * The PDU is larger than the rest,
- * talloc_memdup the rest
- */
- req->inbuf = talloc_move(req, &cli->evt_inbuf);
-
- cli->evt_inbuf = (char *)talloc_memdup(
- cli, req->inbuf + raw_pdu_len,
- rest_len);
- }
-
- if ((req->inbuf == NULL) || (cli->evt_inbuf == NULL)) {
- status = NT_STATUS_NO_MEMORY;
- goto invalidate_requests;
- }
+ req->inbuf = talloc_move(req, &pdu);
- done:
async_req_done(req->async);
return;
diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c
index c618509f01..9bd8170673 100644
--- a/source3/libsmb/clireadwrite.c
+++ b/source3/libsmb/clireadwrite.c
@@ -24,7 +24,7 @@
****************************************************************************/
static size_t cli_read_max_bufsize(struct cli_state *cli)
{
- if (!client_is_signing_on(cli) && !cli_encryption_on(cli) == false
+ if (!client_is_signing_on(cli) && !cli_encryption_on(cli)
&& (cli->posix_capabilities & CIFS_UNIX_LARGE_READ_CAP)) {
return CLI_SAMBA_MAX_POSIX_LARGE_READX_SIZE;
}
diff --git a/source3/libsmb/nmblib.c b/source3/libsmb/nmblib.c
index 15a9a93ff2..bfe5e7b97b 100644
--- a/source3/libsmb/nmblib.c
+++ b/source3/libsmb/nmblib.c
@@ -849,9 +849,8 @@ static bool send_udp(int fd,char *buf,int len,struct in_addr ip,int port)
If buf == NULL this is a length calculation.
******************************************************************/
-static int build_dgram(char *buf, size_t len, struct packet_struct *p)
+static int build_dgram(char *buf, size_t len, struct dgram_packet *dgram)
{
- struct dgram_packet *dgram = &p->packet.dgram;
unsigned char *ubuf = (unsigned char *)buf;
int offset=0;
@@ -926,9 +925,8 @@ bool nmb_name_equal(struct nmb_name *n1, struct nmb_name *n2)
If buf == NULL this is a length calculation.
******************************************************************/
-static int build_nmb(char *buf, size_t len, struct packet_struct *p)
+static int build_nmb(char *buf, size_t len, struct nmb_packet *nmb)
{
- struct nmb_packet *nmb = &p->packet.nmb;
unsigned char *ubuf = (unsigned char *)buf;
int offset=0;
@@ -1058,11 +1056,11 @@ int build_packet(char *buf, size_t buflen, struct packet_struct *p)
switch (p->packet_type) {
case NMB_PACKET:
- len = build_nmb(buf,buflen,p);
+ len = build_nmb(buf,buflen,&p->packet.nmb);
break;
case DGRAM_PACKET:
- len = build_dgram(buf,buflen,p);
+ len = build_dgram(buf,buflen,&p->packet.dgram);
break;
}
diff --git a/source3/libsmb/unexpected.c b/source3/libsmb/unexpected.c
index 5fbc33cdf5..df4d2119e2 100644
--- a/source3/libsmb/unexpected.c
+++ b/source3/libsmb/unexpected.c
@@ -22,7 +22,7 @@
static TDB_CONTEXT *tdbd = NULL;
-/* the key type used in the unexpeceted packet database */
+/* the key type used in the unexpected packet database */
struct unexpected_key {
enum packet_type packet_type;
time_t timestamp;
@@ -32,7 +32,7 @@ struct unexpected_key {
/****************************************************************************
All unexpected packets are passed in here, to be stored in a unexpected
packet database. This allows nmblookup and other tools to receive packets
- erroneoously sent to the wrong port by broken MS systems.
+ erroneously sent to the wrong port by broken MS systems.
**************************************************************************/
void unexpected_packet(struct packet_struct *p)
diff --git a/source3/rpc_parse/parse_srv.c b/source3/rpc_parse/parse_srv.c
index b4cc08748b..9e42ef6158 100644
--- a/source3/rpc_parse/parse_srv.c
+++ b/source3/rpc_parse/parse_srv.c
@@ -2692,168 +2692,3 @@ bool srv_io_r_net_disk_enum(const char *desc, SRV_R_NET_DISK_ENUM *r_n, prs_stru
return True;
}
-
-/*******************************************************************
- Reads or writes a structure.
-********************************************************************/
-
-bool srv_io_q_net_file_query_secdesc(const char *desc, SRV_Q_NET_FILE_QUERY_SECDESC *q_n, prs_struct *ps, int depth)
-{
- if (q_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_q_net_file_query_secdesc");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_srv_name", ps, depth, &q_n->ptr_srv_name))
- return False;
-
- if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_qual_name", ps, depth, &q_n->ptr_qual_name))
- return False;
-
- if(!smb_io_unistr2("", &q_n->uni_qual_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!smb_io_unistr2("", &q_n->uni_file_name, True, ps, depth))
- return False;
-
- if(!prs_uint32("unknown1", ps, depth, &q_n->unknown1))
- return False;
-
- if(!prs_uint32("unknown2", ps, depth, &q_n->unknown2))
- return False;
-
- if(!prs_uint32("unknown3", ps, depth, &q_n->unknown3))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a structure.
-********************************************************************/
-
-bool srv_io_r_net_file_query_secdesc(const char *desc, SRV_R_NET_FILE_QUERY_SECDESC *r_n, prs_struct *ps, int depth)
-{
- if (r_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_r_net_file_query_secdesc");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_response", ps, depth, &r_n->ptr_response))
- return False;
-
- if(!prs_uint32("size_response", ps, depth, &r_n->size_response))
- return False;
-
- if(!prs_uint32("ptr_secdesc", ps, depth, &r_n->ptr_secdesc))
- return False;
-
- if(!prs_uint32("size_secdesc", ps, depth, &r_n->size_secdesc))
- return False;
-
- if(!sec_io_desc("sec_desc", &r_n->sec_desc, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_werror("status", ps, depth, &r_n->status))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a structure.
-********************************************************************/
-
-bool srv_io_q_net_file_set_secdesc(const char *desc, SRV_Q_NET_FILE_SET_SECDESC *q_n, prs_struct *ps, int depth)
-{
- if (q_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_q_net_file_set_secdesc");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_srv_name", ps, depth, &q_n->ptr_srv_name))
- return False;
-
- if(!smb_io_unistr2("", &q_n->uni_srv_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("ptr_qual_name", ps, depth, &q_n->ptr_qual_name))
- return False;
-
- if(!smb_io_unistr2("", &q_n->uni_qual_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!smb_io_unistr2("", &q_n->uni_file_name, True, ps, depth))
- return False;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_uint32("sec_info", ps, depth, &q_n->sec_info))
- return False;
-
- if(!prs_uint32("size_set", ps, depth, &q_n->size_set))
- return False;
-
- if(!prs_uint32("ptr_secdesc", ps, depth, &q_n->ptr_secdesc))
- return False;
-
- if(!prs_uint32("size_secdesc", ps, depth, &q_n->size_secdesc))
- return False;
-
- if(!sec_io_desc("sec_desc", &q_n->sec_desc, ps, depth))
- return False;
-
- return True;
-}
-
-/*******************************************************************
- Reads or writes a structure.
-********************************************************************/
-
-bool srv_io_r_net_file_set_secdesc(const char *desc, SRV_R_NET_FILE_SET_SECDESC *r_n, prs_struct *ps, int depth)
-{
- if (r_n == NULL)
- return False;
-
- prs_debug(ps, depth, desc, "srv_io_r_net_file_set_secdesc");
- depth++;
-
- if(!prs_align(ps))
- return False;
-
- if(!prs_werror("status", ps, depth, &r_n->status))
- return False;
-
- return True;
-}
diff --git a/source3/rpc_server/srv_srvsvc.c b/source3/rpc_server/srv_srvsvc.c
index 1873bcb578..5351f93346 100644
--- a/source3/rpc_server/srv_srvsvc.c
+++ b/source3/rpc_server/srv_srvsvc.c
@@ -291,28 +291,7 @@ static bool api_srv_net_name_validate(pipes_struct *p)
static bool api_srv_net_file_query_secdesc(pipes_struct *p)
{
- SRV_Q_NET_FILE_QUERY_SECDESC q_u;
- SRV_R_NET_FILE_QUERY_SECDESC r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* Unmarshall the net file get info from Win9x */
- if(!srv_io_q_net_file_query_secdesc("", &q_u, data, 0)) {
- DEBUG(0,("api_srv_net_file_query_secdesc: Failed to unmarshall SRV_Q_NET_FILE_QUERY_SECDESC.\n"));
- return False;
- }
-
- r_u.status = _srv_net_file_query_secdesc(p, &q_u, &r_u);
-
- if(!srv_io_r_net_file_query_secdesc("", &r_u, rdata, 0)) {
- DEBUG(0,("api_srv_net_file_query_secdesc: Failed to marshall SRV_R_NET_FILE_QUERY_SECDESC.\n"));
- return False;
- }
-
- return True;
+ return proxy_srvsvc_call(p, NDR_SRVSVC_NETGETFILESECURITY);
}
/*******************************************************************
@@ -321,28 +300,7 @@ static bool api_srv_net_file_query_secdesc(pipes_struct *p)
static bool api_srv_net_file_set_secdesc(pipes_struct *p)
{
- SRV_Q_NET_FILE_SET_SECDESC q_u;
- SRV_R_NET_FILE_SET_SECDESC r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- /* Unmarshall the net file set info from Win9x */
- if(!srv_io_q_net_file_set_secdesc("", &q_u, data, 0)) {
- DEBUG(0,("api_srv_net_file_set_secdesc: Failed to unmarshall SRV_Q_NET_FILE_SET_SECDESC.\n"));
- return False;
- }
-
- r_u.status = _srv_net_file_set_secdesc(p, &q_u, &r_u);
-
- if(!srv_io_r_net_file_set_secdesc("", &r_u, rdata, 0)) {
- DEBUG(0,("api_srv_net_file_set_secdesc: Failed to marshall SRV_R_NET_FILE_SET_SECDESC.\n"));
- return False;
- }
-
- return True;
+ return proxy_srvsvc_call(p, NDR_SRVSVC_NETSETFILESECURITY);
}
/*******************************************************************
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index d45ebb26e6..0d4addde14 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -2068,11 +2068,12 @@ WERROR _srvsvc_NetRemoteTOD(pipes_struct *p,
}
/***********************************************************************************
+ _srvsvc_NetGetFileSecurity
Win9x NT tools get security descriptor.
***********************************************************************************/
-WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC *q_u,
- SRV_R_NET_FILE_QUERY_SECDESC *r_u)
+WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p,
+ struct srvsvc_NetGetFileSecurity *r)
{
SEC_DESC *psd = NULL;
size_t sd_size;
@@ -2082,18 +2083,20 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
char *qualname = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
+ WERROR werr;
struct current_user user;
connection_struct *conn = NULL;
bool became_user = False;
TALLOC_CTX *ctx = p->mem_ctx;
+ struct sec_desc_buf *sd_buf;
ZERO_STRUCT(st);
- r_u->status = WERR_OK;
+ werr = WERR_OK;
- qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name);
+ qualname = talloc_strdup(ctx, r->in.share);
if (!qualname) {
- r_u->status = WERR_ACCESS_DENIED;
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2107,35 +2110,38 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
unbecome_root();
if (conn == NULL) {
- DEBUG(3,("_srv_net_file_query_secdesc: Unable to connect to %s\n", qualname));
- r_u->status = ntstatus_to_werror(nt_status);
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to connect to %s\n",
+ qualname));
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
if (!become_user(conn, conn->vuid)) {
- DEBUG(0,("_srv_net_file_query_secdesc: Can't become connected user!\n"));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(0,("_srvsvc_NetGetFileSecurity: Can't become connected user!\n"));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
became_user = True;
- filename_in = unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name);
+ filename_in = talloc_strdup(ctx, r->in.file);
if (!filename_in) {
- r_u->status = WERR_ACCESS_DENIED;
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = unix_convert(ctx, conn, filename_in, False, &filename, NULL, &st);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srv_net_file_query_secdesc: bad pathname %s\n", filename));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: bad pathname %s\n",
+ filename));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = check_name(conn, filename);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srv_net_file_query_secdesc: can't access %s\n", filename));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: can't access %s\n",
+ filename));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2145,24 +2151,30 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
|DACL_SECURITY_INFORMATION), &psd);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srv_net_file_query_secdesc: Unable to get NT ACL for file %s\n", filename));
- r_u->status = ntstatus_to_werror(nt_status);
+ DEBUG(3,("_srvsvc_NetGetFileSecurity: Unable to get NT ACL for file %s\n",
+ filename));
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
sd_size = ndr_size_security_descriptor(psd, 0);
- r_u->ptr_response = 1;
- r_u->size_response = sd_size;
- r_u->ptr_secdesc = 1;
- r_u->size_secdesc = sd_size;
- r_u->sec_desc = psd;
+ sd_buf = TALLOC_ZERO_P(ctx, struct sec_desc_buf);
+ if (!sd_buf) {
+ werr = WERR_NOMEM;
+ goto error_exit;
+ }
+
+ sd_buf->sd_size = sd_size;
+ sd_buf->sd = psd;
+
+ *r->out.sd_buf = sd_buf;
psd->dacl->revision = NT4_ACL_REVISION;
unbecome_user();
close_cnum(conn, user.vuid);
- return r_u->status;
+ return werr;
error_exit:
@@ -2172,15 +2184,16 @@ error_exit:
if (conn)
close_cnum(conn, user.vuid);
- return r_u->status;
+ return werr;
}
/***********************************************************************************
+ _srvsvc_NetSetFileSecurity
Win9x NT tools set security descriptor.
***********************************************************************************/
-WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_u,
- SRV_R_NET_FILE_SET_SECDESC *r_u)
+WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p,
+ struct srvsvc_NetSetFileSecurity *r)
{
char *filename_in = NULL;
char *filename = NULL;
@@ -2189,6 +2202,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
files_struct *fsp = NULL;
SMB_STRUCT_STAT st;
NTSTATUS nt_status;
+ WERROR werr;
struct current_user user;
connection_struct *conn = NULL;
bool became_user = False;
@@ -2196,11 +2210,11 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
ZERO_STRUCT(st);
- r_u->status = WERR_OK;
+ werr = WERR_OK;
- qualname = unistr2_to_ascii_talloc(ctx, &q_u->uni_qual_name);
+ qualname = talloc_strdup(ctx, r->in.share);
if (!qualname) {
- r_u->status = WERR_ACCESS_DENIED;
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2214,35 +2228,35 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
unbecome_root();
if (conn == NULL) {
- DEBUG(3,("_srv_net_file_set_secdesc: Unable to connect to %s\n", qualname));
- r_u->status = ntstatus_to_werror(nt_status);
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to connect to %s\n", qualname));
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
if (!become_user(conn, conn->vuid)) {
- DEBUG(0,("_srv_net_file_set_secdesc: Can't become connected user!\n"));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(0,("_srvsvc_NetSetFileSecurity: Can't become connected user!\n"));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
became_user = True;
- filename_in= unistr2_to_ascii_talloc(ctx, &q_u->uni_file_name);
+ filename_in = talloc_strdup(ctx, r->in.file);
if (!filename_in) {
- r_u->status = WERR_ACCESS_DENIED;
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = unix_convert(ctx, conn, filename, False, &filename, NULL, &st);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srv_net_file_set_secdesc: bad pathname %s\n", filename));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: bad pathname %s\n", filename));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
nt_status = check_name(conn, filename);
if (!NT_STATUS_IS_OK(nt_status)) {
- DEBUG(3,("_srv_net_file_set_secdesc: can't access %s\n", filename));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: can't access %s\n", filename));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
@@ -2260,24 +2274,26 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
NULL, &fsp);
if ( !NT_STATUS_IS_OK(nt_status) ) {
- DEBUG(3,("_srv_net_file_set_secdesc: Unable to open file %s\n", filename));
- r_u->status = ntstatus_to_werror(nt_status);
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to open file %s\n", filename));
+ werr = ntstatus_to_werror(nt_status);
goto error_exit;
}
}
- nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name, q_u->sec_info, q_u->sec_desc);
+ nt_status = SMB_VFS_SET_NT_ACL(fsp, fsp->fsp_name,
+ r->in.securityinformation,
+ r->in.sd_buf->sd);
if (!NT_STATUS_IS_OK(nt_status) ) {
- DEBUG(3,("_srv_net_file_set_secdesc: Unable to set NT ACL on file %s\n", filename));
- r_u->status = WERR_ACCESS_DENIED;
+ DEBUG(3,("_srvsvc_NetSetFileSecurity: Unable to set NT ACL on file %s\n", filename));
+ werr = WERR_ACCESS_DENIED;
goto error_exit;
}
close_file(fsp, NORMAL_CLOSE);
unbecome_user();
close_cnum(conn, user.vuid);
- return r_u->status;
+ return werr;
error_exit:
@@ -2293,7 +2309,7 @@ error_exit:
close_cnum(conn, user.vuid);
}
- return r_u->status;
+ return werr;
}
/***********************************************************************************
@@ -2582,18 +2598,6 @@ WERROR _srvsvc_NetShareDelCommit(pipes_struct *p, struct srvsvc_NetShareDelCommi
return WERR_NOT_SUPPORTED;
}
-WERROR _srvsvc_NetGetFileSecurity(pipes_struct *p, struct srvsvc_NetGetFileSecurity *r)
-{
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
-}
-
-WERROR _srvsvc_NetSetFileSecurity(pipes_struct *p, struct srvsvc_NetSetFileSecurity *r)
-{
- p->rng_fault_state = True;
- return WERR_NOT_SUPPORTED;
-}
-
WERROR _srvsvc_NetServerTransportAddEx(pipes_struct *p, struct srvsvc_NetServerTransportAddEx *r)
{
p->rng_fault_state = True;
diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c
index 8c85372bf5..25a33baa27 100644
--- a/source3/rpcclient/cmd_srvsvc.c
+++ b/source3/rpcclient/cmd_srvsvc.c
@@ -604,6 +604,36 @@ static WERROR cmd_srvsvc_net_name_validate(struct rpc_pipe_client *cli,
return result;
}
+static WERROR cmd_srvsvc_net_file_get_sec(struct rpc_pipe_client *cli,
+ TALLOC_CTX *mem_ctx,
+ int argc, const char **argv)
+{
+ WERROR result;
+ NTSTATUS status;
+ struct sec_desc_buf *sd_buf = NULL;
+
+ if (argc < 2 || argc > 4) {
+ printf("Usage: %s [sharename] [file]\n", argv[0]);
+ return WERR_OK;
+ }
+
+ status = rpccli_srvsvc_NetGetFileSecurity(cli, mem_ctx,
+ cli->cli->desthost,
+ argv[1],
+ argv[2],
+ SECINFO_DACL,
+ &sd_buf,
+ &result);
+
+ if (!NT_STATUS_IS_OK(status) || !W_ERROR_IS_OK(result)) {
+ goto done;
+ }
+
+ display_sec_desc(sd_buf->sd);
+
+ done:
+ return result;
+}
/* List of commands exported by this module */
@@ -619,6 +649,7 @@ struct cmd_set srvsvc_commands[] = {
{ "netfileenum", RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_file_enum, PI_SRVSVC, NULL, "Enumerate open files", "" },
{ "netremotetod",RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_remote_tod, PI_SRVSVC, NULL, "Fetch remote time of day", "" },
{ "netnamevalidate", RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_name_validate, PI_SRVSVC, NULL, "Validate sharename", "" },
+ { "netfilegetsec", RPC_RTYPE_WERROR, NULL, cmd_srvsvc_net_file_get_sec, PI_SRVSVC, NULL, "Get File security", "" },
{ NULL }
};
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index dc908846b3..008ffed5a1 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -3189,7 +3189,7 @@ cap_low = 0x%x, cap_high = 0x%x\n",
}
DEBUG( 4,("call_trans2setfsinfo: "
- "request transport encrption.\n"));
+ "request transport encryption.\n"));
status = srv_request_encryption_setup(conn,
(unsigned char **)ppdata,
diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 8d67e512fe..d8add208f5 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -5502,6 +5502,7 @@ static void usage(void)
int gotpass = 0;
bool correct = True;
TALLOC_CTX *frame = talloc_stackframe();
+ int seed = time(NULL);
dbf = x_stdout;
@@ -5547,8 +5548,6 @@ static void usage(void)
argc--;
argv++;
- srandom(time(NULL));
-
fstrcpy(workgroup, lp_workgroup());
while ((opt = getopt(argc, argv, "p:hW:U:n:N:O:o:m:Ld:Aec:ks:b:")) != EOF) {
@@ -5557,7 +5556,7 @@ static void usage(void)
port_to_use = atoi(optarg);
break;
case 's':
- srandom(atoi(optarg));
+ seed = atoi(optarg);
break;
case 'W':
fstrcpy(workgroup,optarg);
@@ -5620,6 +5619,10 @@ static void usage(void)
}
}
+ d_printf("using seed %d\n", seed);
+
+ srandom(seed);
+
if(use_kerberos && !gotuser) gotpass = True;
while (!gotpass) {