diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-11-18 02:06:11 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:05:57 -0500 |
commit | 3c25dfe78905984da1b18a7c136f954bfcdece42 (patch) | |
tree | 4087065fdd935ab233cf4a1c28646c23e8483b69 /source4/smb_server | |
parent | 012be92f0a771d8437f783dc8ed14f38c669893c (diff) | |
download | samba-3c25dfe78905984da1b18a7c136f954bfcdece42.tar.gz samba-3c25dfe78905984da1b18a7c136f954bfcdece42.tar.xz samba-3c25dfe78905984da1b18a7c136f954bfcdece42.zip |
r3831: added nttrans server code for query/set security descriptor. This
means ACLs now can be set/fetched from the CIFS NTVFS backend.
(This used to be commit f49c636e10f1e4bba506baadb67a0e288f1717c4)
Diffstat (limited to 'source4/smb_server')
-rw-r--r-- | source4/smb_server/nttrans.c | 107 |
1 files changed, 106 insertions, 1 deletions
diff --git a/source4/smb_server/nttrans.c b/source4/smb_server/nttrans.c index 3b06dc02406..d405af53d96 100644 --- a/source4/smb_server/nttrans.c +++ b/source4/smb_server/nttrans.c @@ -49,7 +49,8 @@ static void nttrans_setup_reply(struct smbsrv_request *req, } -/* parse NTTRANS_CREATE request +/* + parse NTTRANS_CREATE request */ static NTSTATUS nttrans_create(struct smbsrv_request *req, struct smb_nttrans *trans) @@ -174,6 +175,106 @@ static NTSTATUS nttrans_create(struct smbsrv_request *req, return NT_STATUS_OK; } + +/* + parse NTTRANS_QUERY_SEC_DESC request + */ +static NTSTATUS nttrans_query_sec_desc(struct smbsrv_request *req, + struct smb_nttrans *trans) +{ + union smb_fileinfo *io; + NTSTATUS status; + + if (trans->in.params.length < 8) { + return NT_STATUS_INVALID_PARAMETER; + } + + /* parse the request */ + io = talloc_p(req, union smb_fileinfo); + if (io == NULL) { + return NT_STATUS_NO_MEMORY; + } + + io->query_secdesc.level = RAW_FILEINFO_SEC_DESC; + io->query_secdesc.in.fnum = SVAL(trans->in.params.data, 0); + io->query_secdesc.in.secinfo_flags = IVAL(trans->in.params.data, 4); + + /* call the backend - notice that we do it sync for now, until we support + async nttrans requests */ + status = ntvfs_qfileinfo(req, io); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + trans->out.setup_count = 0; + trans->out.setup = NULL; + trans->out.params = data_blob_talloc(req, NULL, 4); + trans->out.data = data_blob(NULL, 0); + + status = ndr_push_struct_blob(&trans->out.data, req, + io->query_secdesc.out.sd, + (ndr_push_flags_fn_t)ndr_push_security_descriptor); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + SIVAL(trans->out.params.data, 0, trans->out.data.length); + + return NT_STATUS_OK; +} + + +/* + parse NTTRANS_SET_SEC_DESC request + */ +static NTSTATUS nttrans_set_sec_desc(struct smbsrv_request *req, + struct smb_nttrans *trans) +{ + union smb_setfileinfo *io; + NTSTATUS status; + + if (trans->in.params.length < 8) { + return NT_STATUS_INVALID_PARAMETER; + } + + /* parse the request */ + io = talloc_p(req, union smb_setfileinfo); + if (io == NULL) { + return NT_STATUS_NO_MEMORY; + } + + io->set_secdesc.level = RAW_SFILEINFO_SEC_DESC; + io->set_secdesc.file.fnum = SVAL(trans->in.params.data, 0); + io->set_secdesc.in.secinfo_flags = IVAL(trans->in.params.data, 4); + + io->set_secdesc.in.sd = talloc_p(io, struct security_descriptor); + if (io->set_secdesc.in.sd == NULL) { + return NT_STATUS_NO_MEMORY; + } + + status = ndr_pull_struct_blob(&trans->in.data, req, + io->set_secdesc.in.sd, + (ndr_pull_flags_fn_t)ndr_pull_security_descriptor); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + /* call the backend - notice that we do it sync for now, until we support + async nttrans requests */ + status = ntvfs_setfileinfo(req, io); + if (!NT_STATUS_IS_OK(status)) { + return status; + } + + trans->out.setup_count = 0; + trans->out.setup = NULL; + trans->out.params = data_blob(NULL, 0); + trans->out.data = data_blob(NULL, 0); + + return NT_STATUS_OK; +} + + /* parse NTTRANS_RENAME request */ static NTSTATUS nttrans_rename(struct smbsrv_request *req, @@ -233,6 +334,10 @@ static NTSTATUS nttrans_backend(struct smbsrv_request *req, return nttrans_ioctl(req, trans); case NT_TRANSACT_RENAME: return nttrans_rename(req, trans); + case NT_TRANSACT_QUERY_SECURITY_DESC: + return nttrans_query_sec_desc(req, trans); + case NT_TRANSACT_SET_SECURITY_DESC: + return nttrans_set_sec_desc(req, trans); } /* an unknown nttrans command */ |