summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-11-18 11:45:24 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:46:26 -0500
commitd5f37ecf94e2b63511102b3fd34c0e7bcd8d7879 (patch)
tree3f3e475cf6caf96b67b4acf126af8a119546f656
parent70a01587b918718ddcbc11d4a7412c53211f04b8 (diff)
downloadsamba-d5f37ecf94e2b63511102b3fd34c0e7bcd8d7879.tar.gz
samba-d5f37ecf94e2b63511102b3fd34c0e7bcd8d7879.tar.xz
samba-d5f37ecf94e2b63511102b3fd34c0e7bcd8d7879.zip
r11780: it turns out that the MxAc tag isn't a security descriptor, its a
request that the server return its own MxAc blob which contains the maximum allowed access_mask for the returned file handle (This used to be commit c0288aa8cd46ca384074f89430c226d725c39475)
-rw-r--r--source4/libcli/smb2/create.c27
-rw-r--r--source4/libcli/smb2/request.c2
-rw-r--r--source4/libcli/smb2/smb2_calls.h4
-rw-r--r--source4/torture/smb2/util.c14
4 files changed, 13 insertions, 34 deletions
diff --git a/source4/libcli/smb2/create.c b/source4/libcli/smb2/create.c
index 647b408c68..564eba7f46 100644
--- a/source4/libcli/smb2/create.c
+++ b/source4/libcli/smb2/create.c
@@ -25,8 +25,8 @@
#include "libcli/smb2/smb2.h"
#include "libcli/smb2/smb2_calls.h"
-#define CREATE_TAG_EA 0x41747845 /* "ExtA" */
-#define CREATE_TAG_SD 0x6341784D /* "MxAc" */
+#define CREATE_TAG_EXTA 0x41747845 /* "ExtA" */
+#define CREATE_TAG_MXAC 0x6341784D /* "MxAc" */
/*
add a blob to a smb2_create attribute blob
@@ -37,13 +37,14 @@ static NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
{
NTSTATUS status;
uint32_t ofs = blob->length;
- status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length);
+ uint8_t pad = smb2_padding_size(add.length, 8);
+ status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length + pad);
NT_STATUS_NOT_OK_RETURN(status);
if (last) {
SIVAL(blob->data, ofs+0x00, 0);
} else {
- SIVAL(blob->data, ofs+0x00, 0x18 + add.length);
+ SIVAL(blob->data, ofs+0x00, 0x18 + add.length + pad);
}
SSVAL(blob->data, ofs+0x04, 0x10); /* offset of tag */
SIVAL(blob->data, ofs+0x06, 0x04); /* tag length */
@@ -52,6 +53,7 @@ static NTSTATUS smb2_create_blob_add(TALLOC_CTX *mem_ctx, DATA_BLOB *blob,
SIVAL(blob->data, ofs+0x10, tag);
SIVAL(blob->data, ofs+0x14, 0); /* pad? */
memcpy(blob->data+ofs+0x18, add.data, add.length);
+ memset(blob->data+ofs+0x18+add.length, 0, pad);
return NT_STATUS_OK;
}
@@ -90,7 +92,7 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create
DATA_BLOB b = data_blob_talloc(req, NULL,
ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas));
ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas);
- status = smb2_create_blob_add(req, &blob, CREATE_TAG_EA, b, False);
+ status = smb2_create_blob_add(req, &blob, CREATE_TAG_EXTA, b, False);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
@@ -98,18 +100,9 @@ struct smb2_request *smb2_create_send(struct smb2_tree *tree, struct smb2_create
data_blob_free(&b);
}
- if (io->in.sd != NULL) {
- DATA_BLOB b;
- status = ndr_push_struct_blob(&b, req, io->in.sd,
- (ndr_push_flags_fn_t)ndr_push_security_descriptor);
- if (!NT_STATUS_IS_OK(status)) {
- talloc_free(req);
- return NULL;
- }
- status = smb2_create_blob_add(req, &blob, CREATE_TAG_SD, b, True);
- } else {
- status = smb2_create_blob_add(req, &blob, CREATE_TAG_SD, data_blob(NULL, 0), True);
- }
+ /* an empty MxAc tag seems to be used to ask the server to
+ return the maximum access mask allowed on the file */
+ status = smb2_create_blob_add(req, &blob, CREATE_TAG_MXAC, data_blob(NULL, 0), True);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
diff --git a/source4/libcli/smb2/request.c b/source4/libcli/smb2/request.c
index 3f09c9aeec..03c0ed4350 100644
--- a/source4/libcli/smb2/request.c
+++ b/source4/libcli/smb2/request.c
@@ -181,7 +181,7 @@ BOOL smb2_oob(struct smb2_request_buffer *buf, const uint8_t *ptr, uint_t size)
return False;
}
-static size_t smb2_padding_size(uint32_t offset, size_t n)
+size_t smb2_padding_size(uint32_t offset, size_t n)
{
if ((offset & (n-1)) == 0) return 0;
return n - (offset & (n-1));
diff --git a/source4/libcli/smb2/smb2_calls.h b/source4/libcli/smb2/smb2_calls.h
index 53f7a45d88..1c41d4cd66 100644
--- a/source4/libcli/smb2/smb2_calls.h
+++ b/source4/libcli/smb2/smb2_calls.h
@@ -130,10 +130,8 @@ struct smb2_create {
/* dynamic body */
const char *fname;
- /* optional list of extended attributes and security
- descriptor */
+ /* optional list of extended attributes */
struct smb_ea_list eas;
- struct security_descriptor *sd;
} in;
struct {
diff --git a/source4/torture/smb2/util.c b/source4/torture/smb2/util.c
index 7afce0137f..b39f53d8e1 100644
--- a/source4/torture/smb2/util.c
+++ b/source4/torture/smb2/util.c
@@ -103,7 +103,7 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname,
smb2_util_unlink(tree, fname);
ZERO_STRUCT(io);
- io.in.access_mask = SEC_RIGHTS_FILE_ALL;
+ io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.in.open_disposition = NTCREATEX_DISP_OVERWRITE_IF;
io.in.share_access =
@@ -119,18 +119,6 @@ static NTSTATUS smb2_create_complex(struct smb2_tree *tree, const char *fname,
io.in.open_disposition = NTCREATEX_DISP_CREATE;
}
- io.in.sd = security_descriptor_create(tmp_ctx,
- NULL, NULL,
- SID_NT_AUTHENTICATED_USERS,
- SEC_ACE_TYPE_ACCESS_ALLOWED,
- SEC_RIGHTS_FILE_ALL | SEC_STD_ALL,
- 0,
- SID_WORLD,
- SEC_ACE_TYPE_ACCESS_ALLOWED,
- SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
- 0,
- NULL);
-
if (strchr(fname, ':') == NULL) {
/* setup some EAs */
io.in.eas.num_eas = 2;