From 6743de076db8f8ddadb59b13f2ceaabb17f385d0 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Tue, 11 Mar 2008 19:11:57 +0100 Subject: libcli/raw: add RAW_RENAME_NTTRANS support metze Signed-off-by: Stefan Metzmacher (This used to be commit bfe773a620640fa46efe008f38144f5452350825) --- source4/libcli/raw/interfaces.h | 13 ++++++++++++- source4/libcli/raw/rawfile.c | 26 ++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) (limited to 'source4/libcli') diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h index 24e8ad4afc..3965c58204 100644 --- a/source4/libcli/raw/interfaces.h +++ b/source4/libcli/raw/interfaces.h @@ -175,7 +175,7 @@ struct smb_rmdir { }; /* struct used in rename() call */ -enum smb_rename_level {RAW_RENAME_RENAME, RAW_RENAME_NTRENAME}; +enum smb_rename_level {RAW_RENAME_RENAME, RAW_RENAME_NTRENAME, RAW_RENAME_NTTRANS}; union smb_rename { struct { @@ -206,6 +206,17 @@ union smb_rename { const char *new_name; } in; } ntrename; + + /* NT TRANS rename interface */ + struct { + enum smb_rename_level level; + + struct { + union smb_handle file; + uint16_t flags;/* see RENAME_REPLACE_IF_EXISTS */ + const char *new_name; + } in; + } nttrans; }; enum smb_tcon_level { diff --git a/source4/libcli/raw/rawfile.c b/source4/libcli/raw/rawfile.c index d9383401b7..725034c3a9 100644 --- a/source4/libcli/raw/rawfile.c +++ b/source4/libcli/raw/rawfile.c @@ -36,6 +36,8 @@ struct smbcli_request *smb_raw_rename_send(struct smbcli_tree *tree, union smb_rename *parms) { struct smbcli_request *req = NULL; + struct smb_nttrans nt; + TALLOC_CTX *mem_ctx; switch (parms->generic.level) { case RAW_RENAME_RENAME: @@ -53,6 +55,30 @@ struct smbcli_request *smb_raw_rename_send(struct smbcli_tree *tree, smbcli_req_append_ascii4(req, parms->ntrename.in.old_name, STR_TERMINATE); smbcli_req_append_ascii4(req, parms->ntrename.in.new_name, STR_TERMINATE); break; + + case RAW_RENAME_NTTRANS: + + mem_ctx = talloc_new(tree); + + nt.in.max_setup = 0; + nt.in.max_param = 0; + nt.in.max_data = 0; + nt.in.setup_count = 0; + nt.in.setup = NULL; + nt.in.function = NT_TRANSACT_RENAME; + nt.in.params = data_blob_talloc(mem_ctx, NULL, 4); + nt.in.data = data_blob(NULL, 0); + + SSVAL(nt.in.params.data, VWV(0), parms->nttrans.in.file.fnum); + SSVAL(nt.in.params.data, VWV(1), parms->nttrans.in.flags); + + smbcli_blob_append_string(tree->session, mem_ctx, + &nt.in.params, parms->nttrans.in.new_name, + STR_TERMINATE); + + req = smb_raw_nttrans_send(tree, &nt); + talloc_free(mem_ctx); + return req; } if (!smbcli_request_send(req)) { -- cgit From 25a3eb0436ea7c060eedd6827e5fdc5efd6ab47b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 14 Mar 2008 14:32:26 +0100 Subject: swig: make the code more portable and use NT_STATUS_V() and W_ERROR_V() metze (This used to be commit d6fd98a307f83fd492ef73bf6ec281f9f11286f2) --- source4/libcli/util/errors.i | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source4/libcli') diff --git a/source4/libcli/util/errors.i b/source4/libcli/util/errors.i index ede536a995..17efcbf62a 100644 --- a/source4/libcli/util/errors.i +++ b/source4/libcli/util/errors.i @@ -20,7 +20,7 @@ #ifdef SWIGPYTHON %typemap(out,noblock=1) WERROR { if (!W_ERROR_IS_OK($1)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", $1.v, win_errstr($1)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", W_ERROR_V($1), win_errstr($1)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if ($result == NULL) { @@ -30,7 +30,7 @@ %typemap(out,noblock=1) NTSTATUS { if (NT_STATUS_IS_ERR($1)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", $1.v, nt_errstr($1)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", NT_STATUS_V($1), nt_errstr($1)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if ($result == NULL) { -- cgit From 2fd59920381ea81734565637adcec96e5668ef86 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 14 Mar 2008 14:33:18 +0100 Subject: swig: regenerate _wrap.c files metze (This used to be commit 08b41e10699c7bb8058ab0ab61f17a1bbfcc1ce4) --- source4/libcli/security/security_wrap.c | 8 ++++---- source4/libcli/swig/libcli_nbt_wrap.c | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) (limited to 'source4/libcli') diff --git a/source4/libcli/security/security_wrap.c b/source4/libcli/security/security_wrap.c index 72118b2359..eb9e4c45d9 100644 --- a/source4/libcli/security/security_wrap.c +++ b/source4/libcli/security/security_wrap.c @@ -3116,7 +3116,7 @@ SWIGINTERN PyObject *_wrap_security_descriptor_sacl_add(PyObject *SWIGUNUSEDPARM arg2 = (struct security_ace *)(argp2); result = security_descriptor_sacl_add(arg1,(struct security_ace const *)arg2); if (NT_STATUS_IS_ERR(result)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", (&result)->v, nt_errstr(result)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", NT_STATUS_V(result), nt_errstr(result)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if (resultobj == NULL) { @@ -3156,7 +3156,7 @@ SWIGINTERN PyObject *_wrap_security_descriptor_dacl_add(PyObject *SWIGUNUSEDPARM arg2 = (struct security_ace *)(argp2); result = security_descriptor_dacl_add(arg1,(struct security_ace const *)arg2); if (NT_STATUS_IS_ERR(result)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", (&result)->v, nt_errstr(result)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", NT_STATUS_V(result), nt_errstr(result)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if (resultobj == NULL) { @@ -3196,7 +3196,7 @@ SWIGINTERN PyObject *_wrap_security_descriptor_dacl_del(PyObject *SWIGUNUSEDPARM arg2 = (struct dom_sid *)(argp2); result = security_descriptor_dacl_del(arg1,(struct dom_sid const *)arg2); if (NT_STATUS_IS_ERR(result)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", (&result)->v, nt_errstr(result)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", NT_STATUS_V(result), nt_errstr(result)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if (resultobj == NULL) { @@ -3236,7 +3236,7 @@ SWIGINTERN PyObject *_wrap_security_descriptor_sacl_del(PyObject *SWIGUNUSEDPARM arg2 = (struct dom_sid *)(argp2); result = security_descriptor_sacl_del(arg1,(struct dom_sid const *)arg2); if (NT_STATUS_IS_ERR(result)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", (&result)->v, nt_errstr(result)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", NT_STATUS_V(result), nt_errstr(result)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if (resultobj == NULL) { diff --git a/source4/libcli/swig/libcli_nbt_wrap.c b/source4/libcli/swig/libcli_nbt_wrap.c index f67e6dd0e3..e0bdb27cfc 100644 --- a/source4/libcli/swig/libcli_nbt_wrap.c +++ b/source4/libcli/swig/libcli_nbt_wrap.c @@ -4065,7 +4065,7 @@ SWIGINTERN PyObject *_wrap_do_nbt_name_query(PyObject *SWIGUNUSEDPARM(self), PyO arg3 = (struct nbt_name_query *)(argp3); result = do_nbt_name_query(arg1,arg2,arg3); if (NT_STATUS_IS_ERR(result)) { - PyObject *obj = Py_BuildValue((char *)"(i,s)", (&result)->v, nt_errstr(result)); + PyObject *obj = Py_BuildValue((char *)"(i,s)", NT_STATUS_V(result), nt_errstr(result)); PyErr_SetObject(PyExc_RuntimeError, obj); SWIG_fail; } else if (resultobj == NULL) { -- cgit From 9a1bec08013dda77597369387da0193081a7a6e2 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 20 Mar 2008 12:12:10 +1100 Subject: More kludge ACLs! Rather than killing off the nasty 'kludge ACLs' stuff, this patch extends it, to ensure that LSA secrets and the registry are also protected. Andrew Bartlett (This used to be commit 2f2b110fb870132099bad1d4c16ed8962affb3ce) --- source4/libcli/security/security.h | 8 ++++++++ source4/libcli/security/security_token.c | 27 +++++++++++++++++++++++++++ 2 files changed, 35 insertions(+) (limited to 'source4/libcli') diff --git a/source4/libcli/security/security.h b/source4/libcli/security/security.h index d9485c825f..c7f2a09311 100644 --- a/source4/libcli/security/security.h +++ b/source4/libcli/security/security.h @@ -18,4 +18,12 @@ */ #include "librpc/gen_ndr/security.h" + +enum security_user_level { + SECURITY_ANONYMOUS, + SECURITY_USER, + SECURITY_ADMINISTRATOR, + SECURITY_SYSTEM +}; + #include "libcli/security/proto.h" diff --git a/source4/libcli/security/security_token.c b/source4/libcli/security/security_token.c index e126340c46..0680c54258 100644 --- a/source4/libcli/security/security_token.c +++ b/source4/libcli/security/security_token.c @@ -23,6 +23,7 @@ #include "includes.h" #include "dsdb/samdb/samdb.h" #include "libcli/security/security.h" +#include "auth/session.h" /* return a blank security token @@ -141,3 +142,29 @@ bool security_token_has_nt_authenticated_users(const struct security_token *toke { return security_token_has_sid_string(token, SID_NT_AUTHENTICATED_USERS); } + +enum security_user_level security_session_user_level(struct auth_session_info *session_info) +{ + if (!session_info) { + return SECURITY_ANONYMOUS; + } + + if (security_token_is_system(session_info->security_token)) { + return SECURITY_SYSTEM; + } + + if (security_token_is_anonymous(session_info->security_token)) { + return SECURITY_ANONYMOUS; + } + + if (security_token_has_builtin_administrators(session_info->security_token)) { + return SECURITY_ADMINISTRATOR; + } + + if (security_token_has_nt_authenticated_users(session_info->security_token)) { + return SECURITY_USER; + } + + return SECURITY_ANONYMOUS; +} + -- cgit From 482f33077b965bab7f6ccb82cee03b66d70c57b7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 21 Mar 2008 10:35:54 +0100 Subject: Add my copyright If I remember it right and when I look at the git log, then this way to do the async functions was designed by me. (This used to be commit 8d44f997c88b97fc40a88eebd50b6df720c0c10f) --- source4/libcli/composite/composite.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source4/libcli') diff --git a/source4/libcli/composite/composite.c b/source4/libcli/composite/composite.c index aab7487a42..26169e7838 100644 --- a/source4/libcli/composite/composite.c +++ b/source4/libcli/composite/composite.c @@ -1,6 +1,7 @@ /* Unix SMB/CIFS implementation. + Copyright (C) Volker Lendecke 2005 Copyright (C) Andrew Tridgell 2005 This program is free software; you can redistribute it and/or modify -- cgit