1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
/*
Unix SMB/CIFS implementation.
client security descriptor functions
Copyright (C) Andrew Tridgell 2000
Copyright (C) James J Myers 2003 <myersjj@samba.org>
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
/****************************************************************************
query the security descriptor for a open file
****************************************************************************/
SEC_DESC *cli_query_secdesc(struct cli_state *cli, int fnum,
TALLOC_CTX *mem_ctx)
{
struct smb_nttrans parms;
char param[8];
DATA_BLOB param_blob;
prs_struct pd;
SEC_DESC *psd = NULL;
NTSTATUS status;
param_blob.length = 8;
param_blob.data = ¶m[0];
SIVAL(param, 0, fnum);
SSVAL(param, 4, 0x7);
parms.in.max_param = 1024;
parms.in.max_data = 1024;
parms.in.max_setup = 0;
parms.in.setup_count = 18;
parms.in.function = NT_TRANSACT_QUERY_SECURITY_DESC;
parms.in.params = param_blob;
parms.in.data = data_blob(NULL, 0);
status = smb_raw_nttrans(cli->tree, mem_ctx, &parms);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1,("Failed to send NT_TRANSACT_QUERY_SECURITY_DESC\n"));
goto cleanup;
}
prs_init(&pd, parms.out.data.length, mem_ctx, UNMARSHALL);
prs_copy_data_in(&pd, parms.out.data.data, parms.out.data.length);
prs_set_offset(&pd,0);
if (!sec_io_desc("sd data", &psd, &pd, 1)) {
DEBUG(1,("Failed to parse secdesc\n"));
goto cleanup;
}
cleanup:
prs_mem_free(&pd);
return psd;
}
/****************************************************************************
set the security descriptor for a open file
****************************************************************************/
BOOL cli_set_secdesc(struct cli_state *cli, int fnum, SEC_DESC *sd)
{
struct smb_nttrans parms;
char param[8];
DATA_BLOB param_blob;
prs_struct pd;
BOOL ret = False;
TALLOC_CTX *mem_ctx;
NTSTATUS status;
mem_ctx = talloc_init("cli_set_secdesc");
prs_init(&pd, 0, mem_ctx, MARSHALL);
prs_give_memory(&pd, NULL, 0, True);
if (!sec_io_desc("sd data", &sd, &pd, 1)) {
DEBUG(1,("Failed to marshall secdesc\n"));
goto cleanup;
}
param_blob.length = 8;
param_blob.data = ¶m[0];
SIVAL(param, 0, fnum);
SSVAL(param, 4, 0x7);
parms.in.max_param = 1000;
parms.in.max_data = 1000;
parms.in.max_setup = 0;
parms.in.setup_count = 18;
parms.in.function = NT_TRANSACT_SET_SECURITY_DESC;
parms.in.params = param_blob;
parms.in.data = data_blob(NULL, 0);
status = smb_raw_nttrans(cli->tree, mem_ctx, &parms);
if (NT_STATUS_IS_ERR(status)) {
DEBUG(1,("Failed to send NT_TRANSACT_SET_SECURITY_DESC\n"));
goto cleanup;
}
ret = True;
cleanup:
prs_mem_free(&pd);
talloc_destroy(mem_ctx);
return ret;
}
|
