1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2014 Nexenta Systems, Inc. All rights reserved.
25 */
26
27 /*
28 * Dispatch function for SMB2_QUERY_INFO
29 * Similar to smb_nt_transact_security.c
30 */
31
32 #include <smbsrv/smb2_kproto.h>
33 #include <smbsrv/smb_fsops.h>
34 #include <smbsrv/ntifs.h>
35
36 uint32_t
smb2_qinfo_sec(smb_request_t * sr,smb_queryinfo_t * qi)37 smb2_qinfo_sec(smb_request_t *sr, smb_queryinfo_t *qi)
38 {
39 smb_sd_t sd;
40 uint32_t secinfo = qi->qi_AddlInfo;
41 uint32_t sdlen;
42 uint32_t status;
43
44 /*
45 * secinfo & ...
46 * OWNER_SECURITY_INFORMATION,
47 * GROUP_SECURITY_INFORMATION,
48 * DACL_SECURITY_INFORMATION, ...
49 */
50
51 if ((sr->fid_ofile->f_node == NULL) ||
52 (sr->fid_ofile->f_ftype != SMB_FTYPE_DISK))
53 return (NT_STATUS_INVALID_PARAMETER);
54
55 if (sr->tid_tree->t_acltype != ACE_T) {
56 /*
57 * If target filesystem doesn't support ACE_T acls then
58 * don't process SACL
59 */
60 secinfo &= ~SMB_SACL_SECINFO;
61 }
62
63 status = smb_sd_read(sr, &sd, secinfo);
64 if (status != NT_STATUS_SUCCESS)
65 return (status);
66
67 sdlen = smb_sd_len(&sd, secinfo);
68 if (sdlen == 0) {
69 status = NT_STATUS_INVALID_SECURITY_DESCR;
70 goto out;
71 }
72
73 if (sdlen > sr->raw_data.max_bytes) {
74 /*
75 * The maximum data return count specified by the
76 * client is not big enough to hold the security
77 * descriptor. Return the special error that
78 * tells the client how much room they need.
79 * Error data is the required size.
80 */
81 MBC_FLUSH(&sr->raw_data);
82 sr->raw_data.max_bytes = 4;
83 (void) smb_mbc_encodef(&sr->raw_data, "l", sdlen);
84 status = NT_STATUS_BUFFER_TOO_SMALL;
85 goto out;
86 }
87
88 smb_encode_sd(&sr->raw_data, &sd, secinfo);
89 status = 0;
90
91 out:
92 smb_sd_term(&sd);
93 return (status);
94 }
95