Context Navigation

source: vendor/3.6.0/source3/lib/sharesec.c

Visit:

Last change on this file was 740, checked in by Silvan Scherrer, 13 years ago
Samba Server: update vendor to 3.6.0
File size: 14.8 KB

Line
1	/*
2	* Unix SMB/Netbios implementation.
3	* SEC_DESC handling functions
4	* Copyright (C) Jeremy R. Allison 1995-2003.
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 3 of the License, or
9	* (at your option) any later version.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License
17	* along with this program; if not, see <http://www.gnu.org/licenses/>.
18	*/
19
20	#include "includes.h"
21	#include "system/filesys.h"
22	#include "../libcli/security/security.h"
23	#include "../librpc/gen_ndr/ndr_security.h"
24	#include "dbwrap.h"
25	#include "util_tdb.h"
26
27	/*******************************************************************
28	Create the share security tdb.
29	********************************************************************/
30
31	static struct db_context share_db; / used for share security descriptors */
32	#define SHARE_DATABASE_VERSION_V1 1
33	#define SHARE_DATABASE_VERSION_V2 2 /* version id in little endian. */
34	#define SHARE_DATABASE_VERSION_V3 3 /* canonicalized sharenames as lower case */
35
36	#define SHARE_SECURITY_DB_KEY_PREFIX_STR "SECDESC/"
37	/* Map generic permissions to file object specific permissions */
38
39	extern const struct generic_mapping file_generic_mapping;
40
41	static int delete_fn(struct db_record rec, void priv)
42	{
43	rec->delete_rec(rec);
44	return 0;
45	}
46
47	/*****************************************************
48	Looking for keys of the form: SHARE_SECURITY_DB_KEY_PREFIX_STR + "non lower case str".
49	If we find one re-write it into a canonical case form.
50	*****************************************************/
51
52	static int upgrade_v2_to_v3(struct db_record rec, void priv)
53	{
54	size_t prefix_len = strlen(SHARE_SECURITY_DB_KEY_PREFIX_STR);
55	const char *servicename = NULL;
56	char *c_servicename = NULL;
57	char *newkey = NULL;
58	bool p_upgrade_ok = (bool )priv;
59	NTSTATUS status;
60
61	/* Is there space for a one character sharename ? */
62	if (rec->key.dsize <= prefix_len+2) {
63	return 0;
64	}
65
66	/* Does it start with the share key prefix ? */
67	if (memcmp(rec->key.dptr, SHARE_SECURITY_DB_KEY_PREFIX_STR,
68	prefix_len) != 0) {
69	return 0;
70	}
71
72	/* Is it a null terminated string as a key ? */
73	if (rec->key.dptr[rec->key.dsize-1] != '\0') {
74	return 0;
75	}
76
77	/* Bytes after the prefix are the sharename string. */
78	servicename = (char *)&rec->key.dptr[prefix_len];
79	c_servicename = canonicalize_servicename(talloc_tos(), servicename);
80	if (!c_servicename) {
81	smb_panic("out of memory upgrading share security db from v2 -> v3");
82	}
83
84	if (strcmp(servicename, c_servicename) == 0) {
85	/* Old and new names match. No canonicalization needed. */
86	TALLOC_FREE(c_servicename);
87	return 0;
88	}
89
90	/* Oops. Need to canonicalize name, delete old then store new. */
91	status = rec->delete_rec(rec);
92	if (!NT_STATUS_IS_OK(status)) {
93	DEBUG(1, ("upgrade_v2_to_v3: Failed to delete secdesc for "
94	"%s: %s\n", rec->key.dptr, nt_errstr(status)));
95	TALLOC_FREE(c_servicename);
96	*p_upgrade_ok = false;
97	return -1;
98	} else {
99	DEBUG(10, ("upgrade_v2_to_v3: deleted secdesc for "
100	"%s\n", rec->key.dptr ));
101	}
102
103	if (!(newkey = talloc_asprintf(talloc_tos(),
104	SHARE_SECURITY_DB_KEY_PREFIX_STR "%s",
105	c_servicename))) {
106	smb_panic("out of memory upgrading share security db from v2 -> v3");
107	}
108
109	status = dbwrap_store(share_db,
110	string_term_tdb_data(newkey),
111	rec->value,
112	TDB_REPLACE);
113
114	if (!NT_STATUS_IS_OK(status)) {
115	DEBUG(1, ("upgrade_v2_to_v3: Failed to store secdesc for "
116	"%s: %s\n", c_servicename, nt_errstr(status)));
117	TALLOC_FREE(c_servicename);
118	TALLOC_FREE(newkey);
119	*p_upgrade_ok = false;
120	return -1;
121	} else {
122	DEBUG(10, ("upgrade_v2_to_v3: stored secdesc for "
123	"%s\n", newkey ));
124	}
125
126	TALLOC_FREE(newkey);
127	TALLOC_FREE(c_servicename);
128
129	return 0;
130	}
131
132	bool share_info_db_init(void)
133	{
134	const char *vstring = "INFO/version";
135	int32 vers_id;
136	int ret;
137	bool upgrade_ok = true;
138
139	if (share_db != NULL) {
140	return True;
141	}
142
143	share_db = db_open(NULL, state_path("share_info.tdb"), 0,
144	TDB_DEFAULT, O_RDWR\|O_CREAT, 0600);
145	if (share_db == NULL) {
146	DEBUG(0,("Failed to open share info database %s (%s)\n",
147	state_path("share_info.tdb"), strerror(errno) ));
148	return False;
149	}
150
151	vers_id = dbwrap_fetch_int32(share_db, vstring);
152	if (vers_id == SHARE_DATABASE_VERSION_V3) {
153	return true;
154	}
155
156	if (share_db->transaction_start(share_db) != 0) {
157	DEBUG(0, ("transaction_start failed\n"));
158	TALLOC_FREE(share_db);
159	return false;
160	}
161
162	vers_id = dbwrap_fetch_int32(share_db, vstring);
163	if (vers_id == SHARE_DATABASE_VERSION_V3) {
164	/*
165	* Race condition
166	*/
167	if (share_db->transaction_cancel(share_db)) {
168	smb_panic("transaction_cancel failed");
169	}
170	return true;
171	}
172
173	/* Move to at least V2. */
174
175	/* Cope with byte-reversed older versions of the db. */
176	if ((vers_id == SHARE_DATABASE_VERSION_V1) \|\| (IREV(vers_id) == SHARE_DATABASE_VERSION_V1)) {
177	/* Written on a bigendian machine with old fetch_int code. Save as le. */
178
179	if (dbwrap_store_int32(share_db, vstring,
180	SHARE_DATABASE_VERSION_V2) != 0) {
181	DEBUG(0, ("dbwrap_store_int32 failed\n"));
182	goto cancel;
183	}
184	vers_id = SHARE_DATABASE_VERSION_V2;
185	}
186
187	if (vers_id != SHARE_DATABASE_VERSION_V2) {
188	ret = share_db->traverse(share_db, delete_fn, NULL);
189	if (ret < 0) {
190	DEBUG(0, ("traverse failed\n"));
191	goto cancel;
192	}
193	if (dbwrap_store_int32(share_db, vstring,
194	SHARE_DATABASE_VERSION_V2) != 0) {
195	DEBUG(0, ("dbwrap_store_int32 failed\n"));
196	goto cancel;
197	}
198	}
199
200	/* Finally upgrade to version 3, with canonicalized sharenames. */
201
202	ret = share_db->traverse(share_db, upgrade_v2_to_v3, &upgrade_ok);
203	if (ret < 0 \|\| upgrade_ok == false) {
204	DEBUG(0, ("traverse failed\n"));
205	goto cancel;
206	}
207	if (dbwrap_store_int32(share_db, vstring,
208	SHARE_DATABASE_VERSION_V3) != 0) {
209	DEBUG(0, ("dbwrap_store_int32 failed\n"));
210	goto cancel;
211	}
212
213	if (share_db->transaction_commit(share_db) != 0) {
214	DEBUG(0, ("transaction_commit failed\n"));
215	return false;
216	}
217
218	return true;
219
220	cancel:
221	if (share_db->transaction_cancel(share_db)) {
222	smb_panic("transaction_cancel failed");
223	}
224
225	return false;
226	}
227
228	/*******************************************************************
229	Fake up a Everyone, default access as a default.
230	def_access is a GENERIC_XXX access mode.
231	********************************************************************/
232
233	struct security_descriptor get_share_security_default( TALLOC_CTX ctx, size_t *psize, uint32 def_access)
234	{
235	uint32_t sa;
236	struct security_ace ace;
237	struct security_acl *psa = NULL;
238	struct security_descriptor *psd = NULL;
239	uint32 spec_access = def_access;
240
241	se_map_generic(&spec_access, &file_generic_mapping);
242
243	sa = (def_access \| spec_access );
244	init_sec_ace(&ace, &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, sa, 0);
245
246	if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, 1, &ace)) != NULL) {
247	psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
248	SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
249	psa, psize);
250	}
251
252	if (!psd) {
253	DEBUG(0,("get_share_security: Failed to make SEC_DESC.\n"));
254	return NULL;
255	}
256
257	return psd;
258	}
259
260	/*******************************************************************
261	Pull a security descriptor from the share tdb.
262	********************************************************************/
263
264	struct security_descriptor get_share_security( TALLOC_CTX ctx, const char *servicename,
265	size_t *psize)
266	{
267	char *key;
268	struct security_descriptor *psd = NULL;
269	TDB_DATA data;
270	char *c_servicename = canonicalize_servicename(talloc_tos(), servicename);
271	NTSTATUS status;
272
273	if (!c_servicename) {
274	return NULL;
275	}
276
277	if (!share_info_db_init()) {
278	TALLOC_FREE(c_servicename);
279	return NULL;
280	}
281
282	if (!(key = talloc_asprintf(ctx, SHARE_SECURITY_DB_KEY_PREFIX_STR "%s", c_servicename))) {
283	TALLOC_FREE(c_servicename);
284	DEBUG(0, ("talloc_asprintf failed\n"));
285	return NULL;
286	}
287
288	TALLOC_FREE(c_servicename);
289
290	data = dbwrap_fetch_bystring(share_db, talloc_tos(), key);
291
292	TALLOC_FREE(key);
293
294	if (data.dptr == NULL) {
295	return get_share_security_default(ctx, psize,
296	GENERIC_ALL_ACCESS);
297	}
298
299	status = unmarshall_sec_desc(ctx, data.dptr, data.dsize, &psd);
300
301	TALLOC_FREE(data.dptr);
302
303	if (!NT_STATUS_IS_OK(status)) {
304	DEBUG(0, ("unmarshall_sec_desc failed: %s\n",
305	nt_errstr(status)));
306	return get_share_security_default(ctx, psize,
307	GENERIC_ALL_ACCESS);
308	}
309
310	if (psd) {
311	*psize = ndr_size_security_descriptor(psd, 0);
312	} else {
313	return get_share_security_default(ctx, psize,
314	GENERIC_ALL_ACCESS);
315	}
316
317	return psd;
318	}
319
320	/*******************************************************************
321	Store a security descriptor in the share db.
322	********************************************************************/
323
324	bool set_share_security(const char share_name, struct security_descriptor psd)
325	{
326	TALLOC_CTX *frame = talloc_stackframe();
327	char *key;
328	bool ret = False;
329	TDB_DATA blob;
330	NTSTATUS status;
331	char *c_share_name = canonicalize_servicename(frame, share_name);
332
333	if (!c_share_name) {
334	goto out;
335	}
336
337	if (!share_info_db_init()) {
338	goto out;
339	}
340
341	status = marshall_sec_desc(frame, psd, &blob.dptr, &blob.dsize);
342
343	if (!NT_STATUS_IS_OK(status)) {
344	DEBUG(0, ("marshall_sec_desc failed: %s\n",
345	nt_errstr(status)));
346	goto out;
347	}
348
349	if (!(key = talloc_asprintf(frame, SHARE_SECURITY_DB_KEY_PREFIX_STR "%s", c_share_name))) {
350	DEBUG(0, ("talloc_asprintf failed\n"));
351	goto out;
352	}
353
354	status = dbwrap_trans_store(share_db, string_term_tdb_data(key), blob,
355	TDB_REPLACE);
356	if (!NT_STATUS_IS_OK(status)) {
357	DEBUG(1, ("set_share_security: Failed to store secdesc for "
358	"%s: %s\n", share_name, nt_errstr(status)));
359	goto out;
360	}
361
362	DEBUG(5,("set_share_security: stored secdesc for %s\n", share_name ));
363	ret = True;
364
365	out:
366	TALLOC_FREE(frame);
367	return ret;
368	}
369
370	/*******************************************************************
371	Delete a security descriptor.
372	********************************************************************/
373
374	bool delete_share_security(const char *servicename)
375	{
376	TDB_DATA kbuf;
377	char *key;
378	NTSTATUS status;
379	char *c_servicename = canonicalize_servicename(talloc_tos(), servicename);
380
381	if (!c_servicename) {
382	return NULL;
383	}
384
385	if (!share_info_db_init()) {
386	TALLOC_FREE(c_servicename);
387	return False;
388	}
389
390	if (!(key = talloc_asprintf(talloc_tos(), SHARE_SECURITY_DB_KEY_PREFIX_STR "%s",
391	c_servicename))) {
392	TALLOC_FREE(c_servicename);
393	return False;
394	}
395	kbuf = string_term_tdb_data(key);
396
397	status = dbwrap_trans_delete(share_db, kbuf);
398	if (!NT_STATUS_IS_OK(status)) {
399	DEBUG(0, ("delete_share_security: Failed to delete entry for "
400	"share %s: %s\n", c_servicename, nt_errstr(status)));
401	TALLOC_FREE(c_servicename);
402	return False;
403	}
404
405	TALLOC_FREE(c_servicename);
406	return True;
407	}
408
409	/*******************************************************************
410	Can this user access with share with the required permissions ?
411	********************************************************************/
412
413	bool share_access_check(const struct security_token *token,
414	const char *sharename,
415	uint32 desired_access,
416	uint32_t *pgranted)
417	{
418	uint32 granted;
419	NTSTATUS status;
420	struct security_descriptor *psd = NULL;
421	size_t sd_size;
422
423	psd = get_share_security(talloc_tos(), sharename, &sd_size);
424
425	if (!psd) {
426	return True;
427	}
428
429	status = se_access_check(psd, token, desired_access, &granted);
430
431	TALLOC_FREE(psd);
432
433	if (pgranted != NULL) {
434	*pgranted = granted;
435	}
436
437	return NT_STATUS_IS_OK(status);
438	}
439
440	/***************************************************************************
441	Parse the contents of an acl string from a usershare file.
442	***************************************************************************/
443
444	bool parse_usershare_acl(TALLOC_CTX ctx, const char acl_str, struct security_descriptor **ppsd)
445	{
446	size_t s_size = 0;
447	const char *pacl = acl_str;
448	int num_aces = 0;
449	struct security_ace *ace_list = NULL;
450	struct security_acl *psa = NULL;
451	struct security_descriptor *psd = NULL;
452	size_t sd_size = 0;
453	int i;
454
455	*ppsd = NULL;
456
457	/* If the acl string is blank return "Everyone:R" */
458	if (!*acl_str) {
459	struct security_descriptor *default_psd = get_share_security_default(ctx, &s_size, GENERIC_READ_ACCESS);
460	if (!default_psd) {
461	return False;
462	}
463	*ppsd = default_psd;
464	return True;
465	}
466
467	num_aces = 1;
468
469	/* Add the number of ',' characters to get the number of aces. */
470	num_aces += count_chars(pacl,',');
471
472	ace_list = TALLOC_ARRAY(ctx, struct security_ace, num_aces);
473	if (!ace_list) {
474	return False;
475	}
476
477	for (i = 0; i < num_aces; i++) {
478	uint32_t sa;
479	uint32 g_access;
480	uint32 s_access;
481	struct dom_sid sid;
482	char *sidstr;
483	enum security_ace_type type = SEC_ACE_TYPE_ACCESS_ALLOWED;
484
485	if (!next_token_talloc(ctx, &pacl, &sidstr, ":")) {
486	DEBUG(0,("parse_usershare_acl: malformed usershare acl looking "
487	"for ':' in string '%s'\n", pacl));
488	return False;
489	}
490
491	if (!string_to_sid(&sid, sidstr)) {
492	DEBUG(0,("parse_usershare_acl: failed to convert %s to sid.\n",
493	sidstr ));
494	return False;
495	}
496
497	switch (*pacl) {
498	case 'F': /* Full Control, ie. R+W */
499	case 'f': /* Full Control, ie. R+W */
500	s_access = g_access = GENERIC_ALL_ACCESS;
501	break;
502	case 'R': /* Read only. */
503	case 'r': /* Read only. */
504	s_access = g_access = GENERIC_READ_ACCESS;
505	break;
506	case 'D': /* Deny all to this SID. */
507	case 'd': /* Deny all to this SID. */
508	type = SEC_ACE_TYPE_ACCESS_DENIED;
509	s_access = g_access = GENERIC_ALL_ACCESS;
510	break;
511	default:
512	DEBUG(0,("parse_usershare_acl: unknown acl type at %s.\n",
513	pacl ));
514	return False;
515	}
516
517	pacl++;
518	if (pacl && pacl != ',') {
519	DEBUG(0,("parse_usershare_acl: bad acl string at %s.\n",
520	pacl ));
521	return False;
522	}
523	pacl++; /* Go past any ',' */
524
525	se_map_generic(&s_access, &file_generic_mapping);
526	sa = (g_access \| s_access);
527	init_sec_ace(&ace_list[i], &sid, type, sa, 0);
528	}
529
530	if ((psa = make_sec_acl(ctx, NT4_ACL_REVISION, num_aces, ace_list)) != NULL) {
531	psd = make_sec_desc(ctx, SECURITY_DESCRIPTOR_REVISION_1,
532	SEC_DESC_SELF_RELATIVE, NULL, NULL, NULL,
533	psa, &sd_size);
534	}
535
536	if (!psd) {
537	DEBUG(0,("parse_usershare_acl: Failed to make SEC_DESC.\n"));
538	return False;
539	}
540
541	*ppsd = psd;
542	return True;
543	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: