Gitiles
Code Review Sign In
code.illumos.org / illumos-gate / 975041dd3b571af240661f84d186e0cd0e36217b / . / usr / src / lib / smbsrv / libsmb / common / libsmb.h
blob: db6f6c6650604347fd539566b27856fdf348fef7 [file] [log] [blame]
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]1/*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]21
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]22/*
Keyur Desaic5866002010-04-02 15:07:12 -0600[diff] [blame]23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]24 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]25 */
26
27#ifndef _LIBSMB_H
28#define _LIBSMB_H
29
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]30#ifdef __cplusplus
31extern "C" {
32#endif
33
34#include <sys/types.h>
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]35#include <sys/list.h>
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]36#include <sys/avl.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]37#include <arpa/inet.h>
Gordon Rossb819cea2013-06-17 10:34:00 -0400[diff] [blame]38#include <net/if.h> /* LIFNAMSIZ */
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]39#include <netdb.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]40#include <stdlib.h>
41#include <libscf.h>
42#include <libshare.h>
Jordan Brown1fcced42009-07-17 17:54:42 -0700[diff] [blame]43#include <uuid/uuid.h>
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]44#include <synch.h>
Gordon Rossb819cea2013-06-17 10:34:00 -0400[diff] [blame]45#include <stdarg.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]46
Gordon Ross3299f392013-01-05 10:21:33 -0500[diff] [blame]47#include <smb/nterror.h>
48#include <smb/ntstatus.h>
49#include <smb/wintypes.h>
50
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]51#include <smbsrv/string.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]52#include <smbsrv/smb_idmap.h>
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]53#include <smbsrv/netbios.h>
amw3db3f652008-07-07 21:28:40 -0700[diff] [blame]54#include <smbsrv/smb_share.h>
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]55#include <smbsrv/smb_door.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]56#include <smbsrv/alloc.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]57#include <smbsrv/hash_table.h>
58#include <smbsrv/msgbuf.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]59#include <smbsrv/smb_xdr.h>
60#include <smbsrv/smbinfo.h>
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]61#include <smbsrv/ntifs.h>
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]62
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]63#define SMB_VARSMB_DIR "/var/smb"
jb150015faa17952008-03-03 14:51:41 -0800[diff] [blame]64#define SMB_VARRUN_DIR "/var/run/smb"
65#define SMB_CCACHE_FILE "ccache"
66#define SMB_CCACHE_PATH SMB_VARRUN_DIR "/" SMB_CCACHE_FILE
67
jose borrego8d7e4162008-12-10 22:16:19 -0700[diff] [blame]68
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]69/* Max value length of all SMB properties */
70#define MAX_VALUE_BUFLEN 512
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]71
72#define SMBD_FMRI_PREFIX "network/smb/server"
73#define SMBD_DEFAULT_INSTANCE_FMRI "svc:/network/smb/server:default"
74#define SMBD_PG_NAME "smbd"
75#define SMBD_PROTECTED_PG_NAME "read"
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]76#define SMBD_EXEC_PG_NAME "exec"
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]77
78#define SMBD_SMF_OK 0
79#define SMBD_SMF_NO_MEMORY 1 /* no memory for data structures */
80#define SMBD_SMF_SYSTEM_ERR 2 /* system error, use errno */
81#define SMBD_SMF_NO_PERMISSION 3 /* no permission for operation */
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]82#define SMBD_SMF_INVALID_ARG 4
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]83
84#define SCH_STATE_UNINIT 0
85#define SCH_STATE_INITIALIZING 1
86#define SCH_STATE_INIT 2
87
88typedef struct smb_scfhandle {
89 scf_handle_t *scf_handle;
90 int scf_state;
91 scf_service_t *scf_service;
92 scf_scope_t *scf_scope;
93 scf_transaction_t *scf_trans;
94 scf_transaction_entry_t *scf_entry;
95 scf_propertygroup_t *scf_pg;
96 scf_instance_t *scf_instance;
97 scf_iter_t *scf_inst_iter;
98 scf_iter_t *scf_pg_iter;
99} smb_scfhandle_t;
100
101/*
102 * CIFS Configuration Management
103 */
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]104typedef enum {
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]105 SMB_CI_VERSION = 0,
106 SMB_CI_OPLOCK_ENABLE,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]107
108 SMB_CI_AUTOHOME_MAP,
109
110 SMB_CI_DOMAIN_SID,
111 SMB_CI_DOMAIN_MEMB,
112 SMB_CI_DOMAIN_NAME,
jose borrego8d7e4162008-12-10 22:16:19 -0700[diff] [blame]113 SMB_CI_DOMAIN_FQDN,
114 SMB_CI_DOMAIN_FOREST,
115 SMB_CI_DOMAIN_GUID,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]116 SMB_CI_DOMAIN_SRV,
117
118 SMB_CI_WINS_SRV1,
119 SMB_CI_WINS_SRV2,
120 SMB_CI_WINS_EXCL,
121
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]122 SMB_CI_MAX_WORKERS,
123 SMB_CI_MAX_CONNECTIONS,
124 SMB_CI_KEEPALIVE,
125 SMB_CI_RESTRICT_ANON,
126
127 SMB_CI_SIGNING_ENABLE,
128 SMB_CI_SIGNING_REQD,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]129
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]130 SMB_CI_SYNC_ENABLE,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]131
132 SMB_CI_SECURITY,
Gordon Ross83d2dfe2013-06-17 10:01:00 -0400[diff] [blame]133 SMB_CI_NETBIOS_ENABLE,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]134 SMB_CI_NBSCOPE,
135 SMB_CI_SYS_CMNT,
136 SMB_CI_LM_LEVEL,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]137
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]138 SMB_CI_ADS_SITE,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]139
140 SMB_CI_DYNDNS_ENABLE,
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]141
142 SMB_CI_MACHINE_PASSWD,
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]143 SMB_CI_MACHINE_UUID,
jb150015faa17952008-03-03 14:51:41 -0800[diff] [blame]144 SMB_CI_KPASSWD_SRV,
145 SMB_CI_KPASSWD_DOMAIN,
146 SMB_CI_KPASSWD_SEQNUM,
147 SMB_CI_NETLOGON_SEQNUM,
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]148 SMB_CI_IPV6_ENABLE,
joyce mcintoshcb174862010-07-22 14:53:56 -0700[diff] [blame]149 SMB_CI_PRINT_ENABLE,
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]150 SMB_CI_MAP,
151 SMB_CI_UNMAP,
152 SMB_CI_DISPOSITION,
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]153 SMB_CI_DFS_STDROOT_NUM,
Aram Hăvărneanu5f1ef252011-02-15 21:27:02 -0500[diff] [blame]154 SMB_CI_TRAVERSE_MOUNTS,
Gordon Rossa90cf9f2013-06-26 16:05:44 -0400[diff] [blame]155 SMB_CI_SMB2_ENABLE_OLD, /* obsolete */
156 SMB_CI_INITIAL_CREDITS,
157 SMB_CI_MAXIMUM_CREDITS,
158 SMB_CI_MAX_PROTOCOL,
Gordon Ross83d2dfe2013-06-17 10:01:00 -0400[diff] [blame]159
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]160 SMB_CI_MAX
161} smb_cfg_id_t;
162
163/* SMF helper functions */
164extern smb_scfhandle_t *smb_smf_scf_init(char *);
165extern void smb_smf_scf_fini(smb_scfhandle_t *);
166extern int smb_smf_start_transaction(smb_scfhandle_t *);
167extern int smb_smf_end_transaction(smb_scfhandle_t *);
168extern int smb_smf_set_string_property(smb_scfhandle_t *, char *, char *);
169extern int smb_smf_get_string_property(smb_scfhandle_t *, char *,
170 char *, size_t);
171extern int smb_smf_set_integer_property(smb_scfhandle_t *, char *, int64_t);
172extern int smb_smf_get_integer_property(smb_scfhandle_t *, char *, int64_t *);
173extern int smb_smf_set_boolean_property(smb_scfhandle_t *, char *, uint8_t);
174extern int smb_smf_get_boolean_property(smb_scfhandle_t *, char *, uint8_t *);
175extern int smb_smf_set_opaque_property(smb_scfhandle_t *, char *,
176 void *, size_t);
177extern int smb_smf_get_opaque_property(smb_scfhandle_t *, char *,
178 void *, size_t);
179extern int smb_smf_create_service_pgroup(smb_scfhandle_t *, char *);
Gordon Rossa90cf9f2013-06-26 16:05:44 -0400[diff] [blame]180extern int smb_smf_delete_property(smb_scfhandle_t *, char *);
jose borregoc8ec8ee2008-08-17 15:05:05 -0600[diff] [blame]181extern int smb_smf_restart_service(void);
jose borrego8d7e4162008-12-10 22:16:19 -0700[diff] [blame]182extern int smb_smf_maintenance_mode(void);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]183
Alan Wright6d57f832009-02-20 14:08:38 -0800[diff] [blame]184/* ZFS interface */
185int smb_getdataset(const char *, char *, size_t);
186
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]187/* Configuration management functions */
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]188extern int smb_config_get(smb_cfg_id_t, char *, int);
189extern char *smb_config_getname(smb_cfg_id_t);
190extern int smb_config_getstr(smb_cfg_id_t, char *, int);
191extern int smb_config_getnum(smb_cfg_id_t, int64_t *);
192extern boolean_t smb_config_getbool(smb_cfg_id_t);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]193
194extern int smb_config_set(smb_cfg_id_t, char *);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]195extern int smb_config_setstr(smb_cfg_id_t, char *);
196extern int smb_config_setnum(smb_cfg_id_t, int64_t);
197extern int smb_config_setbool(smb_cfg_id_t, boolean_t);
198
Gordon Ross1ed6b692012-12-16 22:41:29 -0500[diff] [blame]199extern boolean_t smb_config_get_ads_enable(void);
Gordon Rossb819cea2013-06-17 10:34:00 -0400[diff] [blame]200extern int smb_config_get_debug(void);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]201extern uint8_t smb_config_get_fg_flag(void);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]202extern char *smb_config_get_localsid(void);
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]203extern int smb_config_get_localuuid(uuid_t);
jb150015faa17952008-03-03 14:51:41 -0800[diff] [blame]204extern int smb_config_secmode_fromstr(char *);
205extern char *smb_config_secmode_tostr(int);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]206extern int smb_config_get_secmode(void);
jb150015faa17952008-03-03 14:51:41 -0800[diff] [blame]207extern int smb_config_set_secmode(int);
208extern int smb_config_set_idmap_domain(char *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]209extern int smb_config_refresh_idmap(void);
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]210extern int smb_config_getip(smb_cfg_id_t, smb_inaddr_t *);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]211extern void smb_config_get_version(smb_version_t *);
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]212uint32_t smb_config_get_execinfo(char *, char *, size_t);
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]213extern void smb_config_get_negtok(uchar_t *, uint32_t *);
jose borrego8d7e4162008-12-10 22:16:19 -0700[diff] [blame]214
Gordon Rossa90cf9f2013-06-26 16:05:44 -0400[diff] [blame]215extern int smb_config_check_protocol(char *);
216extern uint32_t smb_config_get_max_protocol(void);
217extern void smb_config_upgrade(void);
218
jb1500153ad684d2008-06-02 13:50:26 -0700[diff] [blame]219extern void smb_load_kconfig(smb_kmod_cfg_t *kcfg);
Alan Wright94fff792008-11-19 20:58:06 -0800[diff] [blame]220extern uint32_t smb_crc_gen(uint8_t *, size_t);
jb1500153ad684d2008-06-02 13:50:26 -0700[diff] [blame]221
jb150015faa17952008-03-03 14:51:41 -0800[diff] [blame]222extern boolean_t smb_match_netlogon_seqnum(void);
jb150015faa17952008-03-03 14:51:41 -0800[diff] [blame]223extern int smb_setdomainprops(char *, char *, char *);
224extern void smb_update_netlogon_seqnum(void);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]225
natalie li - Sun Microsystems - Irvine United Statesb89a8332008-10-28 03:34:04 -0700[diff] [blame]226/* maximum password length on Windows 2000 and above */
227#define SMB_PASSWD_MAXLEN 127
228#define SMB_USERNAME_MAXLEN 40
229
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]230/* See also: smb_joininfo_xdr() */
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]231typedef struct smb_joininfo {
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]232 char domain_name[MAXHOSTNAMELEN];
natalie li - Sun Microsystems - Irvine United Statesb89a8332008-10-28 03:34:04 -0700[diff] [blame]233 char domain_username[SMB_USERNAME_MAXLEN + 1];
234 char domain_passwd[SMB_PASSWD_MAXLEN + 1];
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]235 uint32_t mode;
236} smb_joininfo_t;
237
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]238/* See also: smb_joinres_xdr() */
239typedef struct smb_joinres {
240 uint32_t status;
241 int join_err;
242 char dc_name[MAXHOSTNAMELEN];
243} smb_joinres_t;
244
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]245/* APIs to communicate with SMB daemon via door calls */
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]246int smb_join(smb_joininfo_t *, smb_joinres_t *info);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]247bool_t smb_joininfo_xdr(XDR *, smb_joininfo_t *);
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]248bool_t smb_joinres_xdr(XDR *, smb_joinres_t *);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]249boolean_t smb_find_ads_server(char *, char *, int);
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]250void smb_notify_dc_changed(void);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]251
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]252extern void smb_config_getdomaininfo(char *, char *, char *, char *, char *);
253extern void smb_config_setdomaininfo(char *, char *, char *, char *, char *);
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]254extern uint32_t smb_get_dcinfo(char *, uint32_t, smb_inaddr_t *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]255
256/*
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]257 * buffer context structure. This is used to keep track of the buffer
258 * context.
259 *
260 * basep: points to the beginning of the buffer
261 * curp: points to the current offset
262 * endp: points to the limit of the buffer
263 */
264typedef struct {
265 unsigned char *basep;
266 unsigned char *curp;
267 unsigned char *endp;
268} smb_ctxbuf_t;
269
270extern int smb_ctxbuf_init(smb_ctxbuf_t *ctx, unsigned char *buf,
271 size_t buflen);
272extern int smb_ctxbuf_len(smb_ctxbuf_t *ctx);
273extern int smb_ctxbuf_printf(smb_ctxbuf_t *ctx, const char *fmt, ...);
274
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]275void smb_idmap_check(const char *, idmap_stat);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]276
277/* Miscellaneous functions */
278extern void hexdump(unsigned char *, int);
279extern size_t bintohex(const char *, size_t, char *, size_t);
280extern size_t hextobin(const char *, size_t, char *, size_t);
jose borrego8d7e4162008-12-10 22:16:19 -0700[diff] [blame]281extern char *strstrip(char *, const char *);
282extern char *strtrim(char *, const char *);
283extern char *trim_whitespace(char *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]284extern void randomize(char *, unsigned);
285extern void rand_hash(unsigned char *, size_t, unsigned char *, size_t);
286
287extern int smb_getdomainname(char *, size_t);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]288extern int smb_getfqdomainname(char *, size_t);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]289
290typedef enum smb_caseconv {
291 SMB_CASE_PRESERVE = 0,
292 SMB_CASE_UPPER,
293 SMB_CASE_LOWER
294} smb_caseconv_t;
295
296extern int smb_gethostname(char *, size_t, smb_caseconv_t);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]297extern int smb_getfqhostname(char *, size_t);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]298extern int smb_getnetbiosname(char *, size_t);
jose borrego8d7e4162008-12-10 22:16:19 -0700[diff] [blame]299extern struct hostent *smb_gethostbyname(const char *, int *);
300extern struct hostent *smb_gethostbyaddr(const char *, int, int, int *);
natalie li - Sun Microsystems - Irvine United Statesb89a8332008-10-28 03:34:04 -0700[diff] [blame]301
302#define SMB_SAMACCT_MAXLEN (NETBIOS_NAME_SZ + 1)
303extern int smb_getsamaccount(char *, size_t);
304
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]305extern int smb_get_nameservers(smb_inaddr_t *, int);
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]306extern void smb_tonetbiosname(char *, char *, char);
307
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]308extern int smb_chk_hostaccess(smb_inaddr_t *, char *);
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]309
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]310extern int smb_getnameinfo(smb_inaddr_t *, char *, int, int);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]311
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]312void smb_trace(const char *s);
313void smb_tracef(const char *fmt, ...);
314
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]315const char *xlate_nt_status(unsigned int);
316
Gordon Rossb819cea2013-06-17 10:34:00 -0400[diff] [blame]317void libsmb_redirect_syslog(__FILE_TAG *fp, int priority);
318
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]319/*
320 * Authentication
321 */
322
323#define SMBAUTH_LM_MAGIC_STR "KGS!@#$%"
324
325#define SMBAUTH_HASH_SZ 16 /* also LM/NTLM/NTLMv2 Hash size */
326#define SMBAUTH_LM_RESP_SZ 24 /* also NTLM Response size */
327#define SMBAUTH_LM_PWD_SZ 14 /* LM password size */
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]328#define SMBAUTH_CHAL_SZ 8 /* both LMv2 and NTLMv2 */
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]329#define SMBAUTH_SESSION_KEY_SZ SMBAUTH_HASH_SZ
330#define SMBAUTH_HEXHASH_SZ (SMBAUTH_HASH_SZ * 2)
331
332#define SMBAUTH_FAILURE 1
333#define SMBAUTH_SUCCESS 0
334#define MD_DIGEST_LEN 16
335
336/*
337 * Name Types
338 *
339 * The list of names near the end of the data blob (i.e. the ndb_names
340 * field of the smb_auth_data_blob_t data structure) can be classify into
341 * the following types:
342 *
343 * 0x0000 Indicates the end of the list.
344 * 0x0001 The name is a NetBIOS machine name (e.g. server name)
345 * 0x0002 The name is an NT Domain NetBIOS name.
346 * 0x0003 The name is the server's DNS hostname.
347 * 0x0004 The name is a W2K Domain name (a DNS name).
348 */
349#define SMBAUTH_NAME_TYPE_LIST_END 0x0000
Gordon Ross975041d2017-11-25 15:46:51 -0500[diff] [blame^]350#define SMBAUTH_NAME_TYPE_SERVER_NETBIOS 0x0001
351#define SMBAUTH_NAME_TYPE_DOMAIN_NETBIOS 0x0002
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]352#define SMBAUTH_NAME_TYPE_SERVER_DNS 0x0003
Gordon Ross975041d2017-11-25 15:46:51 -0500[diff] [blame^]353#define SMBAUTH_NAME_TYPE_DOMAIN_DNS 0x0004
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]354
355/*
356 * smb_auth_name_entry_t
357 *
358 * Each name entry in the data blob consists of the following 3 fields:
359 *
360 * nne_type - name type
361 * nne_len - the length of the name
362 * nne_name - the name, in uppercase UCS-2LE Unicode format
363 */
364typedef struct smb_auth_name_entry {
365 unsigned short nne_type;
366 unsigned short nne_len;
Jordan Brownbbf6f002009-11-05 14:34:36 -0800[diff] [blame]367 smb_wchar_t nne_name[SMB_PI_MAX_DOMAIN * 2];
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]368} smb_auth_name_entry_t;
369
370/*
371 * smb_auth_data_blob
372 *
373 * The format of this NTLMv2 data blob structure is as follow:
374 *
375 * - Blob Signature 0x01010000 (4 bytes)
376 * - Reserved (0x00000000) (4 bytes)
377 * - Timestamp Little-endian, 64-bit signed value representing
378 * the number of tenths of a microsecond since January 1, 1601.
379 * (8 bytes)
380 * - Client Challenge (8 bytes)
381 * - Unknown1 (4 bytes)
382 * - List of Target Information (variable length)
383 * - Unknown2 (4 bytes)
384 */
385typedef struct smb_auth_data_blob {
386 unsigned char ndb_signature[4];
387 unsigned char ndb_reserved[4];
388 uint64_t ndb_timestamp;
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]389 unsigned char ndb_clnt_challenge[SMBAUTH_CHAL_SZ];
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]390 unsigned char ndb_unknown[4];
391 smb_auth_name_entry_t ndb_names[2];
392 unsigned char ndb_unknown2[4];
393} smb_auth_data_blob_t;
394
395#define SMBAUTH_BLOB_MAXLEN (sizeof (smb_auth_data_blob_t))
396#define SMBAUTH_CI_MAXLEN SMBAUTH_LM_RESP_SZ
397#define SMBAUTH_CS_MAXLEN (SMBAUTH_BLOB_MAXLEN + SMBAUTH_HASH_SZ)
398
399/*
400 * smb_auth_info_t
401 *
402 * The structure contains all the authentication information
403 * needed for the preparaton of the SMBSessionSetupAndx request
404 * and the user session key.
405 *
406 * hash - NTLM hash
407 * hash_v2 - NTLMv2 hash
408 * ci_len - the length of the case-insensitive password
409 * ci - case-insensitive password
410 * (If NTLMv2 authentication mechanism is used, it
411 * represents the LMv2 response. Otherwise, it
412 * is empty.)
413 * cs_len - the length of the case-sensitive password
414 * cs - case-sensitive password
415 * (If NTLMv2 authentication mechanism is used, it
416 * represents the NTLMv2 response. Otherwise, it
417 * represents the NTLM response.)
418 * data_blob - NTLMv2 data blob
419 */
420typedef struct smb_auth_info {
421 unsigned char hash[SMBAUTH_HASH_SZ];
422 unsigned char hash_v2[SMBAUTH_HASH_SZ];
423 unsigned short ci_len;
424 unsigned char ci[SMBAUTH_CI_MAXLEN];
425 unsigned short cs_len;
426 unsigned char cs[SMBAUTH_CS_MAXLEN];
427 int lmcompatibility_lvl;
428 smb_auth_data_blob_t data_blob;
429} smb_auth_info_t;
430
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]431/*
432 * SMB password management
433 */
434
435#define SMB_PWF_LM 0x01 /* LM hash is present */
436#define SMB_PWF_NT 0x02 /* NT hash is present */
437#define SMB_PWF_DISABLE 0x04 /* Account is disabled */
438
439typedef struct smb_passwd {
jose borrego89dc44c2009-01-04 11:24:36 -0700[diff] [blame]440 uid_t pw_uid;
441 uint32_t pw_flags;
442 char pw_name[SMB_USERNAME_MAXLEN];
443 uint8_t pw_lmhash[SMBAUTH_HASH_SZ];
444 uint8_t pw_nthash[SMBAUTH_HASH_SZ];
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]445} smb_passwd_t;
446
447/*
448 * Control flags passed to smb_pwd_setcntl
449 */
450#define SMB_PWC_DISABLE 0x01
451#define SMB_PWC_ENABLE 0x02
452#define SMB_PWC_NOLM 0x04
453
454#define SMB_PWE_SUCCESS 0
455#define SMB_PWE_USER_UNKNOWN 1
456#define SMB_PWE_USER_DISABLE 2
457#define SMB_PWE_CLOSE_FAILED 3
458#define SMB_PWE_OPEN_FAILED 4
459#define SMB_PWE_WRITE_FAILED 6
460#define SMB_PWE_UPDATE_FAILED 7
461#define SMB_PWE_STAT_FAILED 8
462#define SMB_PWE_BUSY 9
463#define SMB_PWE_DENIED 10
464#define SMB_PWE_SYSTEM_ERROR 11
amw3db3f652008-07-07 21:28:40 -0700[diff] [blame]465#define SMB_PWE_INVALID_PARAM 12
466#define SMB_PWE_NO_MEMORY 13
467#define SMB_PWE_MAX 14
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]468
amw3db3f652008-07-07 21:28:40 -0700[diff] [blame]469typedef struct smb_pwditer {
470 void *spi_next;
471} smb_pwditer_t;
472
473typedef struct smb_luser {
474 char *su_name;
475 char *su_fullname;
476 char *su_desc;
477 uint32_t su_rid;
478 uint32_t su_ctrl;
479} smb_luser_t;
480
481extern void smb_pwd_init(boolean_t);
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]482extern void smb_pwd_fini(void);
jose borrego89dc44c2009-01-04 11:24:36 -0700[diff] [blame]483extern smb_passwd_t *smb_pwd_getpwnam(const char *, smb_passwd_t *);
484extern smb_passwd_t *smb_pwd_getpwuid(uid_t, smb_passwd_t *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]485extern int smb_pwd_setpasswd(const char *, const char *);
486extern int smb_pwd_setcntl(const char *, int);
amw3db3f652008-07-07 21:28:40 -0700[diff] [blame]487
488extern int smb_pwd_iteropen(smb_pwditer_t *);
489extern smb_luser_t *smb_pwd_iterate(smb_pwditer_t *);
490extern void smb_pwd_iterclose(smb_pwditer_t *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]491
Jordan Brownbbf6f002009-11-05 14:34:36 -0800[diff] [blame]492extern int smb_auth_qnd_unicode(smb_wchar_t *, const char *, int);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]493extern int smb_auth_hmac_md5(unsigned char *, int, unsigned char *, int,
494 unsigned char *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]495
496/*
497 * A variation on HMAC-MD5 known as HMACT64 is used by Windows systems.
498 * The HMACT64() function is the same as the HMAC-MD5() except that
499 * it truncates the input key to 64 bytes rather than hashing it down
500 * to 16 bytes using the MD5() function.
501 */
502#define SMBAUTH_HMACT64(D, Ds, K, Ks, digest) \
503 smb_auth_hmac_md5(D, Ds, K, (Ks > 64) ? 64 : Ks, digest)
504
505extern int smb_auth_DES(unsigned char *, int, unsigned char *, int,
506 unsigned char *, int);
Gordon Ross1ed6b692012-12-16 22:41:29 -0500[diff] [blame]507extern int smb_auth_RC4(unsigned char *, int, unsigned char *, int,
508 unsigned char *, int);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]509
510extern int smb_auth_md4(unsigned char *, unsigned char *, int);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]511extern int smb_auth_lm_hash(const char *, unsigned char *);
512extern int smb_auth_ntlm_hash(const char *, unsigned char *);
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]513extern void smb_auth_ntlm2_mkchallenge(char *, const char *, const char *);
514extern void smb_auth_ntlm2_kxkey(unsigned char *, const char *, const char *,
515 unsigned char *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]516
517extern int smb_auth_set_info(char *, char *,
518 unsigned char *, char *, unsigned char *,
519 int, int, smb_auth_info_t *);
520
as2006228c10a862008-05-09 18:48:51 -0700[diff] [blame]521extern int smb_auth_ntlmv2_hash(unsigned char *,
522 char *, char *, unsigned char *);
523
Gordon Ross12b65582013-06-21 15:59:58 -0400[diff] [blame]524boolean_t smb_auth_validate(smb_passwd_t *, char *, char *,
525 uchar_t *, uint_t, uchar_t *, uint_t, uchar_t *, uint_t, uchar_t *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]526
Gordon Ross1ed6b692012-12-16 22:41:29 -0500[diff] [blame]527int smb_gen_random_passwd(char *passwd, size_t bufsz);
528
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]529/*
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]530 * SMB authenticated IPC
531 */
532extern void smb_ipc_commit(void);
533extern void smb_ipc_get_user(char *, size_t);
534extern void smb_ipc_get_passwd(uint8_t *, size_t);
535extern void smb_ipc_init(void);
536extern void smb_ipc_rollback(void);
537extern void smb_ipc_set(char *, uint8_t *);
538
539/*
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]540 * Signing flags:
541 *
542 * SMB_SCF_ENABLE Signing is enabled.
543 *
544 * SMB_SCF_REQUIRED Signing is enabled and required.
545 * This flag shouldn't be set if
546 * SMB_SCF_ENABLE isn't set.
547 *
548 * SMB_SCF_STARTED Signing will start after receiving
549 * the first non-anonymous SessionSetup
550 * request.
551 *
552 * SMB_SCF_KEY_ISSET_THIS_LOGON Indicates whether the MAC key has just
553 * been set for this logon. (prior to
554 * sending the SMBSessionSetup request)
555 *
556 */
557#define SMB_SCF_ENABLE 0x01
558#define SMB_SCF_REQUIRED 0x02
559#define SMB_SCF_STARTED 0x04
560#define SMB_SCF_KEY_ISSET_THIS_LOGON 0x08
561
562/*
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]563 * Each domain is categorized using the enum values below.
564 * The local domain refers to the local machine and is named
565 * after the local hostname. The primary domain is the domain
566 * that the system joined. All other domains are either
567 * trusted or untrusted, as defined by the primary domain PDC.
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]568 */
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]569typedef enum smb_domain_type {
570 SMB_DOMAIN_NULL,
571 SMB_DOMAIN_BUILTIN,
572 SMB_DOMAIN_LOCAL,
573 SMB_DOMAIN_PRIMARY,
574 SMB_DOMAIN_ACCOUNT,
575 SMB_DOMAIN_TRUSTED,
576 SMB_DOMAIN_UNTRUSTED,
577 SMB_DOMAIN_NUM_TYPES
578} smb_domain_type_t;
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]579
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]580/*
581 * Information specific to trusted domains
582 */
583typedef struct smb_domain_trust {
584 uint32_t dti_trust_direction;
585 uint32_t dti_trust_type;
586 uint32_t dti_trust_attrs;
587} smb_domain_trust_t;
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]588
589/*
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]590 * DNS information for domain types that this info is
591 * obtained/available. Currently this is only obtained
592 * for the primary domain.
593 */
594typedef struct smb_domain_dns {
595 char ddi_forest[MAXHOSTNAMELEN];
596 char ddi_guid[UUID_PRINTABLE_STRING_LENGTH];
597} smb_domain_dns_t;
598
599/*
600 * This is the information that is held about each domain.
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]601 */
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]602typedef struct smb_domain {
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]603 list_node_t di_lnd;
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]604 smb_domain_type_t di_type;
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]605 char di_sid[SMB_SID_STRSZ];
606 char di_nbname[NETBIOS_NAME_SZ];
607 char di_fqname[MAXHOSTNAMELEN];
608 smb_sid_t *di_binsid;
609 union {
610 smb_domain_dns_t di_dns;
611 smb_domain_trust_t di_trust;
612 } di_u;
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]613} smb_domain_t;
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]614
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]615typedef struct smb_trusted_domains {
616 uint32_t td_num;
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]617 smb_domain_t *td_domains;
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]618} smb_trusted_domains_t;
619
620#define SMB_DOMAIN_SUCCESS 0
621#define SMB_DOMAIN_NOMACHINE_SID 1
622#define SMB_DOMAIN_NODOMAIN_SID 2
623#define SMB_DOMAIN_NODOMAIN_NAME 3
624#define SMB_DOMAIN_INTERNAL_ERR 4
625#define SMB_DOMAIN_INVALID_ARG 5
626#define SMB_DOMAIN_NO_MEMORY 6
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]627#define SMB_DOMAIN_NO_CACHE 7
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]628
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]629typedef struct smb_dcinfo {
630 char dc_name[MAXHOSTNAMELEN];
631 smb_inaddr_t dc_addr;
632} smb_dcinfo_t;
633
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]634/*
635 * This structure could contain information about
636 * the primary domain the name of selected domain controller
637 * for the primary domain and a list of trusted domains if
638 * any. The "ex" in the structure name stands for extended.
639 * This is to differentiate this structure from smb_domain_t
640 * which only contains information about a single domain.
641 */
642typedef struct smb_domainex {
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]643 smb_dcinfo_t d_dci;
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]644 smb_domain_t d_primary;
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]645 smb_trusted_domains_t d_trusted;
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]646} smb_domainex_t;
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]647
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]648int smb_domain_init(uint32_t);
649void smb_domain_fini(void);
650void smb_domain_show(void);
651void smb_domain_save(void);
652boolean_t smb_domain_lookup_name(char *, smb_domain_t *);
653boolean_t smb_domain_lookup_sid(smb_sid_t *, smb_domain_t *);
654boolean_t smb_domain_lookup_type(smb_domain_type_t, smb_domain_t *);
655boolean_t smb_domain_getinfo(smb_domainex_t *);
656void smb_domain_update(smb_domainex_t *);
657uint32_t smb_domain_start_update(void);
658void smb_domain_end_update(void);
659void smb_domain_set_basic_info(char *, char *, char *, smb_domain_t *);
660void smb_domain_set_dns_info(char *, char *, char *, char *, char *,
661 smb_domain_t *);
662void smb_domain_set_trust_info(char *, char *, char *,
663 uint32_t, uint32_t, uint32_t, smb_domain_t *);
Gordon Rossb3700b02014-06-05 14:30:31 -0400[diff] [blame]664void smb_domain_current_dc(smb_dcinfo_t *);
Gordon Ross975041d2017-11-25 15:46:51 -0500[diff] [blame^]665void smb_domain_bad_dc(void);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]666
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]667typedef struct smb_gsid {
as2006226537f382008-04-14 10:40:32 -0700[diff] [blame]668 smb_sid_t *gs_sid;
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]669 uint16_t gs_type;
670} smb_gsid_t;
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]671
Gordon Ross91d7f852013-05-25 14:29:15 -0400[diff] [blame]672struct sqlite_vm;
673struct sqlite;
674
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]675typedef struct smb_giter {
Gordon Ross91d7f852013-05-25 14:29:15 -0400[diff] [blame]676 struct sqlite_vm *sgi_vm;
677 struct sqlite *sgi_db;
678 uint32_t sgi_nerr;
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]679} smb_giter_t;
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]680
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]681typedef struct smb_group {
682 char *sg_name;
683 char *sg_cmnt;
684 uint32_t sg_attr;
685 uint32_t sg_rid;
686 smb_gsid_t sg_id;
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]687 smb_domain_type_t sg_domain;
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]688 smb_privset_t *sg_privs;
689 uint32_t sg_nmembers;
690 smb_gsid_t *sg_members;
691} smb_group_t;
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]692
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]693int smb_lgrp_start(void);
694void smb_lgrp_stop(void);
695int smb_lgrp_add(char *, char *);
696int smb_lgrp_rename(char *, char *);
697int smb_lgrp_delete(char *);
698int smb_lgrp_setcmnt(char *, char *);
699int smb_lgrp_getcmnt(char *, char **);
700int smb_lgrp_getpriv(char *, uint8_t, boolean_t *);
701int smb_lgrp_setpriv(char *, uint8_t, boolean_t);
as2006226537f382008-04-14 10:40:32 -0700[diff] [blame]702int smb_lgrp_add_member(char *, smb_sid_t *, uint16_t);
703int smb_lgrp_del_member(char *, smb_sid_t *, uint16_t);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]704int smb_lgrp_getbyname(char *, smb_group_t *);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]705int smb_lgrp_getbyrid(uint32_t, smb_domain_type_t, smb_group_t *);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]706void smb_lgrp_free(smb_group_t *);
Keyur Desaic5866002010-04-02 15:07:12 -0600[diff] [blame]707uint32_t smb_lgrp_err_to_ntstatus(uint32_t);
as2006226537f382008-04-14 10:40:32 -0700[diff] [blame]708boolean_t smb_lgrp_is_member(smb_group_t *, smb_sid_t *);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]709char *smb_lgrp_strerror(int);
710int smb_lgrp_iteropen(smb_giter_t *);
711void smb_lgrp_iterclose(smb_giter_t *);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]712boolean_t smb_lgrp_itererror(smb_giter_t *);
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]713int smb_lgrp_iterate(smb_giter_t *, smb_group_t *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]714
Bill Krierfe1c6422009-12-16 16:39:00 -0800[diff] [blame]715int smb_lookup_sid(const char *, lsa_account_t *);
716int smb_lookup_name(const char *, sid_type_t, lsa_account_t *);
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]717
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]718#define SMB_LGRP_SUCCESS 0
719#define SMB_LGRP_INVALID_ARG 1
720#define SMB_LGRP_INVALID_MEMBER 2
721#define SMB_LGRP_INVALID_NAME 3
722#define SMB_LGRP_NOT_FOUND 4
723#define SMB_LGRP_EXISTS 5
724#define SMB_LGRP_NO_SID 6
725#define SMB_LGRP_NO_LOCAL_SID 7
726#define SMB_LGRP_SID_NOTLOCAL 8
727#define SMB_LGRP_WKSID 9
728#define SMB_LGRP_NO_MEMORY 10
729#define SMB_LGRP_DB_ERROR 11
730#define SMB_LGRP_DBINIT_ERROR 12
731#define SMB_LGRP_INTERNAL_ERROR 13
732#define SMB_LGRP_MEMBER_IN_GROUP 14
733#define SMB_LGRP_MEMBER_NOT_IN_GROUP 15
734#define SMB_LGRP_NO_SUCH_PRIV 16
735#define SMB_LGRP_NO_SUCH_DOMAIN 17
736#define SMB_LGRP_PRIV_HELD 18
737#define SMB_LGRP_PRIV_NOT_HELD 19
738#define SMB_LGRP_BAD_DATA 20
739#define SMB_LGRP_NO_MORE 21
740#define SMB_LGRP_DBOPEN_FAILED 22
741#define SMB_LGRP_DBEXEC_FAILED 23
742#define SMB_LGRP_DBINIT_FAILED 24
743#define SMB_LGRP_DOMLKP_FAILED 25
744#define SMB_LGRP_DOMINS_FAILED 26
745#define SMB_LGRP_INSERT_FAILED 27
746#define SMB_LGRP_DELETE_FAILED 28
747#define SMB_LGRP_UPDATE_FAILED 29
748#define SMB_LGRP_LOOKUP_FAILED 30
749#define SMB_LGRP_NOT_SUPPORTED 31
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]750#define SMB_LGRP_OFFLINE 32
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]751#define SMB_LGRP_POSIXCREATE_FAILED 33
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]752
as200622dc20a302008-01-05 20:52:22 -0800[diff] [blame]753#define SMB_LGRP_COMMENT_MAX 256
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]754
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]755/*
756 * values for smb_nic_t.smbflags
757 */
758#define SMB_NICF_NBEXCL 0x01 /* Excluded from Netbios activities */
759#define SMB_NICF_ALIAS 0x02 /* This is an alias */
760
761/*
762 * smb_nic_t
763 * nic_host actual host name
764 * nic_nbname 16-byte NetBIOS host name
765 */
766typedef struct {
767 char nic_host[MAXHOSTNAMELEN];
768 char nic_nbname[NETBIOS_NAME_SZ];
769 char nic_cmnt[SMB_PI_MAX_COMMENT];
770 char nic_ifname[LIFNAMSIZ];
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]771 smb_inaddr_t nic_ip;
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]772 uint32_t nic_mask;
773 uint32_t nic_bcast;
774 uint32_t nic_smbflags;
775 uint64_t nic_sysflags;
776} smb_nic_t;
777
778typedef struct smb_niciter {
779 smb_nic_t ni_nic;
780 int ni_cookie;
781 int ni_seqnum;
782} smb_niciter_t;
783
784/* NIC config functions */
785int smb_nic_init(void);
786void smb_nic_fini(void);
787int smb_nic_getnum(char *);
788int smb_nic_addhost(const char *, const char *, int, const char **);
789int smb_nic_delhost(const char *);
790int smb_nic_getfirst(smb_niciter_t *);
791int smb_nic_getnext(smb_niciter_t *);
Alan Wrightfc724632009-03-12 15:41:34 -0700[diff] [blame]792boolean_t smb_nic_is_local(smb_inaddr_t *);
793boolean_t smb_nic_is_same_subnet(smb_inaddr_t *);
jb1500157b59d022008-02-18 14:36:38 -0800[diff] [blame]794
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]795#define SMB_NIC_SUCCESS 0
796#define SMB_NIC_INVALID_ARG 1
797#define SMB_NIC_NOT_FOUND 2
798#define SMB_NIC_NO_HOST 3
799#define SMB_NIC_NO_MEMORY 4
800#define SMB_NIC_DB_ERROR 5
801#define SMB_NIC_DBINIT_ERROR 6
802#define SMB_NIC_BAD_DATA 7
803#define SMB_NIC_NO_MORE 8
804#define SMB_NIC_DBOPEN_FAILED 9
805#define SMB_NIC_DBEXEC_FAILED 10
806#define SMB_NIC_DBINIT_FAILED 11
807#define SMB_NIC_INSERT_FAILED 12
808#define SMB_NIC_DELETE_FAILED 13
809#define SMB_NIC_SOCK 14
810#define SMB_NIC_IOCTL 15
811#define SMB_NIC_CHANGED 16
812
jose borrego89dc44c2009-01-04 11:24:36 -0700[diff] [blame]813/*
814 * Well-known account structure
815 *
816 * A security identifier (SID) is a unique value of variable length that
817 * is used to identify a security principal or security group in
818 * Windows. Well-known SIDs are a group of SIDs that identify generic
819 * users or generic groups. Their values remain constant across all
820 * operating systems.
821 *
822 * This structure is defined to store these SIDs and other related
823 * information about them (e.g. account and domain names) in a
824 * predefined table.
825 */
826typedef struct smb_wka {
827 uint8_t wka_domidx;
828 char *wka_sid;
829 char *wka_name;
830 uint16_t wka_type;
831 uint16_t wka_flags;
832 char *wka_desc;
833 smb_sid_t *wka_binsid;
834} smb_wka_t;
835
836/*
837 * Defined values for smb_wka.wka_flags
838 *
839 * SMB_WKAFLG_LGRP_ENABLE Can be added as local group
840 */
841#define SMB_WKAFLG_LGRP_ENABLE 0x1
842
843/*
844 * Well-known account interfaces
845 */
Alan Wrightf96bd5c2010-01-07 12:22:14 -0800[diff] [blame]846smb_wka_t *smb_wka_lookup_builtin(const char *);
847smb_wka_t *smb_wka_lookup_name(const char *);
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]848smb_wka_t *smb_wka_lookup_sid(smb_sid_t *);
Alan Wrightf96bd5c2010-01-07 12:22:14 -0800[diff] [blame]849smb_sid_t *smb_wka_get_sid(const char *);
jose borrego89dc44c2009-01-04 11:24:36 -0700[diff] [blame]850char *smb_wka_get_domain(int);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]851uint32_t smb_wka_token_groups(uint32_t, smb_ids_t *);
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]852
853/*
854 * In memory account representation
855 */
856typedef struct smb_account {
857 char *a_name;
858 char *a_domain;
859 uint16_t a_type;
860 smb_sid_t *a_sid;
861 smb_sid_t *a_domsid;
862 uint32_t a_rid;
863} smb_account_t;
864
865uint32_t smb_sam_lookup_name(char *, char *, uint16_t, smb_account_t *);
866uint32_t smb_sam_lookup_sid(smb_sid_t *, smb_account_t *);
867int smb_sam_usr_cnt(void);
868uint32_t smb_sam_usr_groups(smb_sid_t *, smb_ids_t *);
Alan Wrighta0aa7762009-10-05 11:03:34 -0700[diff] [blame]869int smb_sam_grp_cnt(smb_domain_type_t);
jose borrego7f667e72009-02-01 19:44:54 -0700[diff] [blame]870void smb_account_free(smb_account_t *);
871boolean_t smb_account_validate(smb_account_t *);
jose borrego89dc44c2009-01-04 11:24:36 -0700[diff] [blame]872
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]873/*
874 * Security Descriptor functions.
875 */
876uint32_t smb_sd_read(char *path, smb_sd_t *, uint32_t);
877uint32_t smb_sd_write(char *path, smb_sd_t *, uint32_t);
Bill Krierfe1c6422009-12-16 16:39:00 -0800[diff] [blame]878uint32_t smb_sd_fromfs(smb_fssd_t *, smb_sd_t *);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]879
880/* Kernel Module Interface */
881int smb_kmod_bind(void);
joyce mcintoshfd9ee8b2010-08-11 16:48:54 -0700[diff] [blame]882boolean_t smb_kmod_isbound(void);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]883int smb_kmod_setcfg(smb_kmod_cfg_t *);
884int smb_kmod_setgmtoff(int32_t);
885int smb_kmod_start(int, int, int);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]886void smb_kmod_stop(void);
887int smb_kmod_event_notify(uint32_t);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]888void smb_kmod_unbind(void);
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]889int smb_kmod_share(nvlist_t *);
890int smb_kmod_unshare(nvlist_t *);
joyce mcintoshcb174862010-07-22 14:53:56 -0700[diff] [blame]891int smb_kmod_shareinfo(char *, boolean_t *);
Jordan Brown1fcced42009-07-17 17:54:42 -0700[diff] [blame]892int smb_kmod_get_open_num(smb_opennum_t *);
893int smb_kmod_enum(smb_netsvc_t *);
894smb_netsvc_t *smb_kmod_enum_init(smb_svcenum_t *);
895void smb_kmod_enum_fini(smb_netsvc_t *);
896int smb_kmod_session_close(const char *, const char *);
897int smb_kmod_file_close(uint32_t);
joyce mcintoshfd9ee8b2010-08-11 16:48:54 -0700[diff] [blame]898int smb_kmod_get_spool_doc(uint32_t *, char *, char *, smb_inaddr_t *);
Jordan Brown1fcced42009-07-17 17:54:42 -0700[diff] [blame]899
Bill Krierfe1c6422009-12-16 16:39:00 -0800[diff] [blame]900void smb_name_parse(char *, char **, char **);
901uint32_t smb_name_validate_share(const char *);
902uint32_t smb_name_validate_account(const char *);
903uint32_t smb_name_validate_domain(const char *);
904uint32_t smb_name_validate_nbdomain(const char *);
905uint32_t smb_name_validate_workgroup(const char *);
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]906uint32_t smb_name_validate_rpath(const char *);
Bill Krierfe1c6422009-12-16 16:39:00 -0800[diff] [blame]907
Jordan Brown1fcced42009-07-17 17:54:42 -0700[diff] [blame]908/*
909 * Interposer library validation
910 */
911#define SMBEX_VERSION 1
912#define SMBEX_KEY "82273fdc-e32a-18c3-3f78-827929dc23ea"
913typedef struct smbex_version {
914 uint32_t v_version;
915 uuid_t v_uuid;
916} smbex_version_t;
917void *smb_dlopen(void);
918void smb_dlclose(void *);
Alan Wright29bd2882009-06-09 14:20:02 -0600[diff] [blame]919
afshin salek ardakani - Sun Microsystems - Irvine United States9fb67ea2010-03-20 13:03:54 -0700[diff] [blame]920/*
921 * General purpose multi-thread safe cache based on
922 * AVL tree
923 */
924typedef struct smb_cache {
925 avl_tree_t ch_cache;
926 rwlock_t ch_cache_lck;
927 uint32_t ch_state;
928 uint32_t ch_nops;
929 uint32_t ch_wait;
930 uint32_t ch_sequence;
931 size_t ch_datasz;
932 mutex_t ch_mtx;
933 cond_t ch_cv;
934 void (*ch_free)(void *);
935 void (*ch_copy)(const void *, void *, size_t);
936} smb_cache_t;
937
938typedef struct smb_cache_node {
939 avl_node_t cn_link;
940 void *cn_data;
941} smb_cache_node_t;
942
943typedef struct smb_cache_cursor {
944 void *cc_next;
945 uint32_t cc_sequence;
946} smb_cache_cursor_t;
947
948/*
949 * flags used with smb_cache_add()
950 *
951 * SMB_CACHE_ADD If object doesn't exist add, otherwise fail
952 * SMB_CACHE_REPLACE If object doesn't exist add, otherwise replace
953 */
954#define SMB_CACHE_ADD 1
955#define SMB_CACHE_REPLACE 2
956
957void smb_cache_create(smb_cache_t *, uint32_t,
958 int (*cmpfn) (const void *, const void *), void (*freefn)(void *),
959 void (*copyfn)(const void *, void *, size_t), size_t);
960void smb_cache_destroy(smb_cache_t *);
961void smb_cache_flush(smb_cache_t *);
962uint32_t smb_cache_num(smb_cache_t *);
963int smb_cache_refreshing(smb_cache_t *);
964void smb_cache_ready(smb_cache_t *);
965int smb_cache_add(smb_cache_t *, const void *, int);
966void smb_cache_remove(smb_cache_t *, const void *);
967void smb_cache_iterinit(smb_cache_t *, smb_cache_cursor_t *);
968boolean_t smb_cache_iterate(smb_cache_t *, smb_cache_cursor_t *, void *);
969
970/*
971 * Values returned by smb_reparse_stat()
972 */
973#define SMB_REPARSE_NOTFOUND 1 /* object does not exist */
974#define SMB_REPARSE_NOTREPARSE 2 /* object is NOT a reparse point */
975#define SMB_REPARSE_ISREPARSE 3 /* object is a reparse point */
976
977/*
978 * Reparse Point API
979 */
980int smb_reparse_stat(const char *, uint32_t *);
981int smb_reparse_svcadd(const char *, const char *, const char *);
982int smb_reparse_svcdel(const char *, const char *);
983int smb_reparse_svcget(const char *, const char *, char **);
984
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]985uint32_t smb_get_txid(void);
986
Gordon Rossb819cea2013-06-17 10:34:00 -0400[diff] [blame]987void smb_syslog(int, const char *, ...);
988void smb_vsyslog(int, const char *, va_list ap);
989char *smb_syslog_fmt_m(char *, int, const char *, int);
Alan Wright148c5f42010-05-27 15:26:41 -0700[diff] [blame]990
amwda6c28a2007-10-25 16:34:29 -0700[diff] [blame]991#ifdef __cplusplus
992}
993#endif
994
995#endif /* _LIBSMB_H */