Gitiles
Code Review Sign In
code.illumos.org / illumos-gate / a7fb1da4f1ff02974ca64d25c8d983fd1c1f3ccc / . / usr / src / common / smbsrv / smb_token.c
blob: e1f63c6df71dfc59823b650efca33d16425dba9e [file] [log] [blame]
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* or http://www.opensolaris.org/os/licensing.
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2010 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*
* Copyright 2013 Nexenta Systems, Inc. All rights reserved.
*/
/*
* NT Token library (kernel/user)
*/
#if defined(_KERNEL) || defined(_FAKE_KERNEL)
#include <sys/types.h>
#include <sys/cmn_err.h>
#include <sys/kmem.h>
#else /* _KERNEL */
#include <stdlib.h>
#include <strings.h>
#include <syslog.h>
#endif /* _KERNEL */
#include <smbsrv/string.h>
#include <smbsrv/smb_token.h>
#include <smbsrv/smb_xdr.h>
/*
* smb_token_query_privilege
*
* Find out if the specified privilege is enable in the given
* access token.
*/
int
smb_token_query_privilege(smb_token_t *token, int priv_id)
{
smb_privset_t *privset;
int i;
if ((token == NULL) || (token->tkn_privileges == NULL))
return (0);
privset = token->tkn_privileges;
for (i = 0; privset->priv_cnt; i++) {
if (privset->priv[i].luid.lo_part == priv_id) {
if (privset->priv[i].attrs == SE_PRIVILEGE_ENABLED)
return (1);
else
return (0);
}
}
return (0);
}
/*
* Basic sanity check on a token.
*/
boolean_t
smb_token_valid(smb_token_t *token)
{
if (token == NULL)
return (B_FALSE);
if ((token->tkn_user.i_sid == NULL) ||
(token->tkn_owner.i_sid == NULL) ||
(token->tkn_primary_grp.i_sid == NULL) ||
(token->tkn_account_name == NULL) ||
(token->tkn_domain_name == NULL) ||
(token->tkn_posix_grps == NULL))
return (B_FALSE);
if ((token->tkn_win_grps.i_cnt != 0) &&
(token->tkn_win_grps.i_ids == NULL))
return (B_FALSE);
return (B_TRUE);
}
#if !defined(_KERNEL) && !defined(_FAKE_KERNEL)
/*
* Encode: structure -> flat buffer (buffer size)
* Pre-condition: obj is non-null.
*/
uint8_t *
smb_token_encode(smb_token_t *obj, uint32_t *len)
{
uint8_t *buf;
XDR xdrs;
if (!obj) {
syslog(LOG_ERR, "smb_token_encode: invalid parameter");
return (NULL);
}
*len = xdr_sizeof(smb_token_xdr, obj);
buf = (uint8_t *)malloc(*len);
if (!buf) {
syslog(LOG_ERR, "smb_token_encode: %m");
return (NULL);
}
xdrmem_create(&xdrs, (const caddr_t)buf, *len, XDR_ENCODE);
if (!smb_token_xdr(&xdrs, obj)) {
syslog(LOG_ERR, "smb_token_encode: XDR encode error");
*len = 0;
free(buf);
buf = NULL;
}
xdr_destroy(&xdrs);
return (buf);
}
/*
* Decode: flat buffer -> structure
*/
smb_logon_t *
smb_logon_decode(uint8_t *buf, uint32_t len)
{
smb_logon_t *obj;
XDR xdrs;
xdrmem_create(&xdrs, (const caddr_t)buf, len, XDR_DECODE);
if ((obj = malloc(sizeof (smb_logon_t))) == NULL) {
syslog(LOG_ERR, "smb_logon_decode: %m");
xdr_destroy(&xdrs);
return (NULL);
}
bzero(obj, sizeof (smb_logon_t));
if (!smb_logon_xdr(&xdrs, obj)) {
syslog(LOG_ERR, "smb_logon_decode: XDR decode error");
free(obj);
obj = NULL;
}
xdr_destroy(&xdrs);
return (obj);
}
void
smb_logon_free(smb_logon_t *obj)
{
xdr_free(smb_logon_xdr, (char *)obj);
free(obj);
}
#endif /* _KERNEL */