svn commit: samba r11780 - in branches/SAMBA_4_0/source:
libcli/smb2 torture/smb2
tridge at samba.org
tridge at samba.org
Fri Nov 18 11:45:25 GMT 2005
Author: tridge
Date: 2005-11-18 11:45:24 +0000 (Fri, 18 Nov 2005)
New Revision: 11780
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11780
Log:
it turns out that the MxAc tag isn't a security descriptor, its a
request that the server return its own MxAc blob which contains the
maximum allowed access_mask for the returned file handle
Modified:
branches/SAMBA_4_0/source/libcli/smb2/create.c
branches/SAMBA_4_0/source/libcli/smb2/request.c
branches/SAMBA_4_0/source/libcli/smb2/smb2_calls.h
branches/SAMBA_4_0/source/torture/smb2/util.c
Changeset:
Modified: branches/SAMBA_4_0/source/libcli/smb2/create.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/smb2/create.c 2005-11-18 11:40:03 UTC (rev 11779)
+++ branches/SAMBA_4_0/source/libcli/smb2/create.c 2005-11-18 11:45:24 UTC (rev 11780)
@@ -25,8 +25,8 @@
#include "libcli/smb2/smb2.h"
#include "libcli/smb2/smb2_calls.h"
-#define CREATE_TAG_EA 0x41747845 /* "ExtA" */
-#define CREATE_TAG_SD 0x6341784D /* "MxAc" */
+#define CREATE_TAG_EXTA 0x41747845 /* "ExtA" */
+#define CREATE_TAG_MXAC 0x6341784D /* "MxAc" */
/*
add a blob to a smb2_create attribute blob
@@ -37,13 +37,14 @@
{
NTSTATUS status;
uint32_t ofs = blob->length;
- status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length);
+ uint8_t pad = smb2_padding_size(add.length, 8);
+ status = data_blob_realloc(mem_ctx, blob, blob->length + 0x18 + add.length + pad);
NT_STATUS_NOT_OK_RETURN(status);
if (last) {
SIVAL(blob->data, ofs+0x00, 0);
} else {
- SIVAL(blob->data, ofs+0x00, 0x18 + add.length);
+ SIVAL(blob->data, ofs+0x00, 0x18 + add.length + pad);
}
SSVAL(blob->data, ofs+0x04, 0x10); /* offset of tag */
SIVAL(blob->data, ofs+0x06, 0x04); /* tag length */
@@ -52,6 +53,7 @@
SIVAL(blob->data, ofs+0x10, tag);
SIVAL(blob->data, ofs+0x14, 0); /* pad? */
memcpy(blob->data+ofs+0x18, add.data, add.length);
+ memset(blob->data+ofs+0x18+add.length, 0, pad);
return NT_STATUS_OK;
}
@@ -90,7 +92,7 @@
DATA_BLOB b = data_blob_talloc(req, NULL,
ea_list_size_chained(io->in.eas.num_eas, io->in.eas.eas));
ea_put_list_chained(b.data, io->in.eas.num_eas, io->in.eas.eas);
- status = smb2_create_blob_add(req, &blob, CREATE_TAG_EA, b, False);
+ status = smb2_create_blob_add(req, &blob, CREATE_TAG_EXTA, b, False);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
return NULL;
@@ -98,18 +100,9 @@
data_blob_free(&b);
}
- if (io->in.sd != NULL) {
- DATA_BLOB b;
- status = ndr_push_struct_blob(&b, req, io->in.sd,
- (ndr_push_flags_fn_t)ndr_push_security_descriptor);
- if (!NT_STATUS_IS_OK(status)) {
- talloc_free(req);
- return NULL;
- }
- status = smb2_create_blob_add(req, &blob, CREATE_TAG_SD, b, True);
- } else {
- status = smb2_create_blob_add(req, &blob, CREATE_TAG_SD, data_blob(NULL, 0), True);
- }
+ /* an empty MxAc tag seems to be used to ask the server to
+ return the maximum access mask allowed on the file */
+ status = smb2_create_blob_add(req, &blob, CREATE_TAG_MXAC, data_blob(NULL, 0), True);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(req);
Modified: branches/SAMBA_4_0/source/libcli/smb2/request.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/smb2/request.c 2005-11-18 11:40:03 UTC (rev 11779)
+++ branches/SAMBA_4_0/source/libcli/smb2/request.c 2005-11-18 11:45:24 UTC (rev 11780)
@@ -181,7 +181,7 @@
return False;
}
-static size_t smb2_padding_size(uint32_t offset, size_t n)
+size_t smb2_padding_size(uint32_t offset, size_t n)
{
if ((offset & (n-1)) == 0) return 0;
return n - (offset & (n-1));
Modified: branches/SAMBA_4_0/source/libcli/smb2/smb2_calls.h
===================================================================
--- branches/SAMBA_4_0/source/libcli/smb2/smb2_calls.h 2005-11-18 11:40:03 UTC (rev 11779)
+++ branches/SAMBA_4_0/source/libcli/smb2/smb2_calls.h 2005-11-18 11:45:24 UTC (rev 11780)
@@ -130,10 +130,8 @@
/* dynamic body */
const char *fname;
- /* optional list of extended attributes and security
- descriptor */
+ /* optional list of extended attributes */
struct smb_ea_list eas;
- struct security_descriptor *sd;
} in;
struct {
Modified: branches/SAMBA_4_0/source/torture/smb2/util.c
===================================================================
--- branches/SAMBA_4_0/source/torture/smb2/util.c 2005-11-18 11:40:03 UTC (rev 11779)
+++ branches/SAMBA_4_0/source/torture/smb2/util.c 2005-11-18 11:45:24 UTC (rev 11780)
@@ -103,7 +103,7 @@
smb2_util_unlink(tree, fname);
ZERO_STRUCT(io);
- io.in.access_mask = SEC_RIGHTS_FILE_ALL;
+ io.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
io.in.file_attr = FILE_ATTRIBUTE_NORMAL;
io.in.open_disposition = NTCREATEX_DISP_OVERWRITE_IF;
io.in.share_access =
@@ -119,18 +119,6 @@
io.in.open_disposition = NTCREATEX_DISP_CREATE;
}
- io.in.sd = security_descriptor_create(tmp_ctx,
- NULL, NULL,
- SID_NT_AUTHENTICATED_USERS,
- SEC_ACE_TYPE_ACCESS_ALLOWED,
- SEC_RIGHTS_FILE_ALL | SEC_STD_ALL,
- 0,
- SID_WORLD,
- SEC_ACE_TYPE_ACCESS_ALLOWED,
- SEC_RIGHTS_FILE_READ | SEC_STD_ALL,
- 0,
- NULL);
-
if (strchr(fname, ':') == NULL) {
/* setup some EAs */
io.in.eas.num_eas = 2;
More information about the samba-cvs
mailing list