NTSTATUS cli_query_security_descriptor(struct cli_state *cli, uint16_t fnum, uint32_t sec_info, TALLOC_CTX *mem_ctx, struct security_descriptor **sd) { uint8_t param[8]; uint8_t *rdata=NULL; uint32_t rdata_count=0; NTSTATUS status; struct security_descriptor *lsd; if (smbXcli_conn_protocol(cli->conn) >= PROTOCOL_SMB2_02) { return cli_smb2_query_security_descriptor(cli, fnum, sec_info, mem_ctx, sd); } SIVAL(param, 0, fnum); SIVAL(param, 4, sec_info); status = cli_trans(talloc_tos(), cli, SMBnttrans, NULL, -1, /* name, fid */ NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */ NULL, 0, 0, /* setup, length, max */ param, 8, 4, /* param, length, max */ NULL, 0, 0x10000, /* data, length, max */ NULL, /* recv_flags2 */ NULL, 0, NULL, /* rsetup, length */ NULL, 0, NULL, &rdata, 0, &rdata_count); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n", nt_errstr(status))); goto cleanup; } status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count, &lsd); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("unmarshall_sec_desc failed: %s\n", nt_errstr(status))); goto cleanup; } if (sd != NULL) { *sd = lsd; } else { TALLOC_FREE(lsd); } cleanup: TALLOC_FREE(rdata); return status; }
struct security_descriptor *get_share_security( TALLOC_CTX *ctx, const char *servicename, size_t *psize) { char *key; struct security_descriptor *psd = NULL; TDB_DATA data; char *c_servicename = canonicalize_servicename(talloc_tos(), servicename); NTSTATUS status; if (!c_servicename) { return NULL; } if (!share_info_db_init()) { TALLOC_FREE(c_servicename); return NULL; } if (!(key = talloc_asprintf(ctx, SHARE_SECURITY_DB_KEY_PREFIX_STR "%s", c_servicename))) { TALLOC_FREE(c_servicename); DEBUG(0, ("talloc_asprintf failed\n")); return NULL; } TALLOC_FREE(c_servicename); status = dbwrap_fetch_bystring(share_db, talloc_tos(), key, &data); TALLOC_FREE(key); if (!NT_STATUS_IS_OK(status)) { return get_share_security_default(ctx, psize, SEC_RIGHTS_DIR_ALL); } status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd); TALLOC_FREE(data.dptr); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("unmarshall_sec_desc failed: %s\n", nt_errstr(status))); return get_share_security_default(ctx, psize, SEC_RIGHTS_DIR_ALL); } if (psd) { *psize = ndr_size_security_descriptor(psd, 0); } else { return get_share_security_default(ctx, psize, SEC_RIGHTS_DIR_ALL); } return psd; }
/**************************************************************************** query the security descriptor for a open file ****************************************************************************/ struct security_descriptor *cli_query_secdesc(struct cli_state *cli, uint16_t fnum, TALLOC_CTX *mem_ctx) { uint8_t param[8]; uint8_t *rdata=NULL; uint32_t rdata_count=0; struct security_descriptor *psd = NULL; NTSTATUS status; SIVAL(param, 0, fnum); SIVAL(param, 4, 0x7); status = cli_trans(talloc_tos(), cli, SMBnttrans, NULL, -1, /* name, fid */ NT_TRANSACT_QUERY_SECURITY_DESC, 0, /* function, flags */ NULL, 0, 0, /* setup, length, max */ param, 8, 4, /* param, length, max */ NULL, 0, 0x10000, /* data, length, max */ NULL, /* recv_flags2 */ NULL, 0, NULL, /* rsetup, length */ NULL, 0, NULL, &rdata, 0, &rdata_count); if (!NT_STATUS_IS_OK(status)) { DEBUG(1, ("NT_TRANSACT_QUERY_SECURITY_DESC failed: %s\n", nt_errstr(status))); goto cleanup; } status = unmarshall_sec_desc(mem_ctx, (uint8 *)rdata, rdata_count, &psd); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("unmarshall_sec_desc failed: %s\n", nt_errstr(status))); goto cleanup; } cleanup: TALLOC_FREE(rdata); return psd; }
SEC_DESC *get_share_security( TALLOC_CTX *ctx, const char *servicename, size_t *psize) { char *key; SEC_DESC *psd = NULL; TDB_DATA data; NTSTATUS status; if (!share_info_db_init()) { return NULL; } if (!(key = talloc_asprintf(ctx, "SECDESC/%s", servicename))) { DEBUG(0, ("talloc_asprintf failed\n")); return NULL; } data = dbwrap_fetch_bystring(share_db, talloc_tos(), key); TALLOC_FREE(key); if (data.dptr == NULL) { return get_share_security_default(ctx, psize, GENERIC_ALL_ACCESS); } status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd); TALLOC_FREE(data.dptr); if (!NT_STATUS_IS_OK(status)) { DEBUG(0, ("unmarshall_sec_desc failed: %s\n", nt_errstr(status))); return NULL; } if (psd) *psize = ndr_size_security_descriptor(psd, NULL, 0); return psd; }