4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * CDDL HEADER START
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * The contents of this file are subject to the terms of the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Common Development and Distribution License (the "License").
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * You may not use this file except in compliance with the License.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * or http://www.opensolaris.org/os/licensing.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * See the License for the specific language governing permissions
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * and limitations under the License.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * When distributing Covered Code, include this CDDL HEADER in each
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * If applicable, add the following below this CDDL HEADER, with the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * fields enclosed by brackets "[]" replaced with your own identifying
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * information: Portions Copyright [yyyy] [name of copyright owner]
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * CDDL HEADER END
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Use is subject to license terms.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * External interface to the libsmbfs/netsmb keychain
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * storage mechanism. This interface is consumed by
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * the "smbutil" commands: login, logout, ...
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * and by the SMBFS PAM module.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <sys/types.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <errno.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <stdio.h>
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <stdlib.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <string.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <unistd.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <libintl.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include <cflib.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <netsmb/smb_dev.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <netsmb/smb_lib.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow#include <netsmb/smb_keychain.h>
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include "charsets.h"
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include "private.h"
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross#include "ntlm.h"
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/* common func. for add/del/chk */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowstatic int
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_keychain_cmn(
4bff34e37def8a90f9194d81bc345c52ba20086athurlow int cmd,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow uid_t uid,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow const char *dom,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow const char *usr,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uchar_t *lmhash,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uchar_t *nthash)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
4bff34e37def8a90f9194d81bc345c52ba20086athurlow smbioc_pk_t pk;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross int err, fd, sz;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow memset(&pk, 0, sizeof (pk));
4bff34e37def8a90f9194d81bc345c52ba20086athurlow pk.pk_uid = uid;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = 0;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross fd = -1;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow switch (cmd) {
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow case SMBIOC_PK_ADD:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Add password hashes to the keychain.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (lmhash == NULL || nthash == NULL) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = SMB_KEYCHAIN_BADPASSWD;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross memcpy(pk.pk_lmhash, lmhash, SMBIOC_HASH_SZ);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross memcpy(pk.pk_nthash, nthash, SMBIOC_HASH_SZ);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /* FALLTHROUGH */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow case SMBIOC_PK_CHK:
4bff34e37def8a90f9194d81bc345c52ba20086athurlow case SMBIOC_PK_DEL:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Copy domain and user.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (dom == NULL) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = SMB_KEYCHAIN_BADDOMAIN;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross sz = sizeof (pk.pk_dom);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (strlcpy(pk.pk_dom, dom, sz) >= sz) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = SMB_KEYCHAIN_BADDOMAIN;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (usr == NULL) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = SMB_KEYCHAIN_BADUSER;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross sz = sizeof (pk.pk_usr);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (strlcpy(pk.pk_usr, usr, sz) >= sz) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = SMB_KEYCHAIN_BADUSER;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
4bff34e37def8a90f9194d81bc345c52ba20086athurlow break;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow case SMBIOC_PK_DEL_OWNER: /* all owned by the caller */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow case SMBIOC_PK_DEL_EVERYONE: /* all owned by everyone */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow /*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * These two do not copyin any args, but we'll
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * pass pk here anyway just so we can use the
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * common code path below.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlow break;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow default:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = SMB_KEYCHAIN_UNKNOWN;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow }
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow fd = smb_open_driver();
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (fd < 0) {
4bff34e37def8a90f9194d81bc345c52ba20086athurlow err = SMB_KEYCHAIN_NODRIVER;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow goto out;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow }
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow err = 0;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (ioctl(fd, cmd, &pk) < 0) {
4bff34e37def8a90f9194d81bc345c52ba20086athurlow err = errno;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (cmd == SMBIOC_PK_CHK) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (lmhash != NULL)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross memcpy(lmhash, pk.pk_lmhash, SMBIOC_HASH_SZ);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (nthash != NULL)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross memcpy(nthash, pk.pk_nthash, SMBIOC_HASH_SZ);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlowout:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (fd != -1)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross close(fd);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
4bff34e37def8a90f9194d81bc345c52ba20086athurlow return (err);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Add a password to the keychain.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross *
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Note: pass is a cleartext password.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * We use it here to compute the LM hash and NT hash,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * and then store ONLY the hashes.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_keychain_add(uid_t uid, const char *dom, const char *usr,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow const char *pass)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uchar_t lmhash[SMBIOC_HASH_SZ];
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uchar_t nthash[SMBIOC_HASH_SZ];
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross int err, cmd = SMBIOC_PK_ADD;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (pass == NULL)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (SMB_KEYCHAIN_BADPASSWD);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if ((err = ntlm_compute_lm_hash(lmhash, pass)) != 0)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (err);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if ((err = ntlm_compute_nt_hash(nthash, pass)) != 0)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (err);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = smbfs_keychain_cmn(cmd, uid, dom, usr, lmhash, nthash);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (err);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross/* Variant of the above that takes an NT hash. */
430b4c467020edf2445feb0c21db01c88b86243aGordon Rossint
430b4c467020edf2445feb0c21db01c88b86243aGordon Rosssmbfs_keychain_addhash(uid_t uid, const char *dom, const char *usr,
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross const uchar_t *nthash)
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross{
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross static const uchar_t lmhash[SMBIOC_HASH_SZ] = { 0 };
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross int err, cmd = SMBIOC_PK_ADD;
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross err = smbfs_keychain_cmn(cmd, uid, dom, usr,
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross (uchar_t *)lmhash, (uchar_t *)nthash);
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross return (err);
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross}
430b4c467020edf2445feb0c21db01c88b86243aGordon Ross
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/* Delete a password from the keychain. */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_keychain_del(uid_t uid, const char *dom, const char *usr)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (smbfs_keychain_cmn(SMBIOC_PK_DEL, uid, dom, usr, NULL, NULL));
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Check for existence of a keychain entry.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Returns 0 if it exists, else ENOENT.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_keychain_chk(const char *dom, const char *usr)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uid_t uid = (uid_t)-1;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (smbfs_keychain_cmn(SMBIOC_PK_CHK, uid, dom, usr, NULL, NULL));
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross}
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Get the stored hashes
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rossint
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rosssmbfs_keychain_get(const char *dom, const char *usr,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uchar_t *lmhash, uchar_t *nthash)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uid_t uid = (uid_t)-1;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross int err, cmd = SMBIOC_PK_CHK;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = smbfs_keychain_cmn(cmd, uid, dom, usr, lmhash, nthash);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (err);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Delete all keychain entries owned by the caller.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_keychain_del_owner()
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross int cmd = SMBIOC_PK_DEL_OWNER;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uid_t uid = getuid();
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (smbfs_keychain_cmn(cmd, uid, NULL, NULL, NULL, NULL));
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Delete all keychain entries (regardless of onwer).
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Requires super-user privliege.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_keychain_del_everyone()
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross int cmd = SMBIOC_PK_DEL_EVERYONE;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross uid_t uid = getuid();
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (smbfs_keychain_cmn(cmd, uid, NULL, NULL, NULL, NULL));
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross}
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross/*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * Private function to get keychain p/w hashes.
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rossint
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rosssmb_get_keychain(struct smb_ctx *ctx)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross int err;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (ctx->ct_fullserver == NULL) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross DPRINT("ct_fullserver == NULL");
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (EINVAL);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * 1st: try lookup using system name
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = smbfs_keychain_get(ctx->ct_fullserver, ctx->ct_user,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_lmhash, ctx->ct_nthash);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (!err) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_flags |= SMBCF_KCFOUND;
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross DPRINT("found keychain entry for"
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross " server/user: %s/%s\n",
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_fullserver, ctx->ct_user);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross /*
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross * 2nd: try lookup using domain name
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross */
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = smbfs_keychain_get(ctx->ct_domain, ctx->ct_user,
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_lmhash, ctx->ct_nthash);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (!err) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_flags |= (SMBCF_KCFOUND | SMBCF_KCDOMAIN);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross DPRINT("found keychain entry for"
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross " domain/user: %s/%s\n",
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_domain, ctx->ct_user);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (0);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (err);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow/*
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * This is not really part of the keychain library,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * but is typically needed in code that wants to
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * provide (editable) defaults for domain/user
4bff34e37def8a90f9194d81bc345c52ba20086athurlow *
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Get default domain and user names
4bff34e37def8a90f9194d81bc345c52ba20086athurlow * Server name is optional.
4bff34e37def8a90f9194d81bc345c52ba20086athurlow */
4bff34e37def8a90f9194d81bc345c52ba20086athurlowint
4bff34e37def8a90f9194d81bc345c52ba20086athurlowsmbfs_default_dom_usr(const char *home, const char *server,
4bff34e37def8a90f9194d81bc345c52ba20086athurlow char *dom, int maxdom, char *usr, int maxusr)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow{
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross struct smb_ctx *ctx;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow int err;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross err = smb_ctx_alloc(&ctx);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (err)
4bff34e37def8a90f9194d81bc345c52ba20086athurlow return (err);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross if (server) {
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross err = smb_ctx_setfullserver(ctx, server);
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross if (err != 0)
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross goto out;
02d09e03eb27f3a2dc299de704e45dae5173f43fGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (home && *home) {
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross if (ctx->ct_home)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross free(ctx->ct_home);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross ctx->ct_home = strdup(home);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross }
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross
4bff34e37def8a90f9194d81bc345c52ba20086athurlow err = smb_ctx_readrc(ctx);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (err)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross goto out;
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (dom)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross strlcpy(dom, ctx->ct_domain, maxdom);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
4bff34e37def8a90f9194d81bc345c52ba20086athurlow if (usr)
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross strlcpy(usr, ctx->ct_user, maxusr);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Rossout:
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross smb_ctx_free(ctx);
613a2f6ba31e891e3d947a356daf5e563d43c1ceGordon Ross return (err);
4bff34e37def8a90f9194d81bc345c52ba20086athurlow}