mlsvc_srvsvc.c revision da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* Server Service RPC (SRVSVC) server-side interface definition.
* The server service provides a remote administration interface.
*
* values.
*/
#include <unistd.h>
#include <netdb.h>
#include <strings.h>
#include <time.h>
#include <tzfile.h>
#include <time.h>
#include <thread.h>
#include <ctype.h>
#include <stdlib.h>
#include <string.h>
#include <smbsrv/libmlsvc.h>
#include <smbsrv/netrauth.h>
#include <smbsrv/mlsvc_util.h>
#include <smbsrv/smb_common_door.h>
struct mlrpc_xaction *);
struct mlrpc_xaction *);
struct mlrpc_xaction *, char);
struct mlrpc_xaction *, char);
struct mlrpc_xaction *, char);
struct mlrpc_xaction *, char);
int, lmshare_info_t *, void *);
static int srvsvc_is_poweruser(struct mlrpc_xaction *);
static char empty_string[1];
static mlrpc_stub_table_t srvsvc_stub_table[];
static mlrpc_service_t srvsvc_service = {
"SRVSVC", /* name */
"Server services", /* desc */
"\\srvsvc", /* endpoint */
PIPE_NTSVCS, /* sec_addr_port */
"4b324fc8-1670-01d3-12785a47bf6ee188", 3, /* abstract */
"8a885d04-1ceb-11c9-9fe808002b104860", 2, /* transfer */
0, /* no bind_instance_size */
0, /* no bind_req() */
0, /* no unbind_and_close() */
0, /* use generic_call_stub() */
srvsvc_stub_table /* stub_table */
};
/*
* srvsvc_fix_comment
*
* The parser sometimes has problems with empty strings so we
* need to ensure that the comment field has something in it.
*/
static inline char *
{
return (alternative);
return (original);
}
/*
* srvsvc_share_mkpath
*
* Create the share path required by the share enum calls. This function
* creates the path in a MLRPC heap buffer ready for use by the caller.
*
* Some Windows over-the-wire backup applications do not work unless a
* drive letter is present in the share path. We don't care about the
* drive letter since the path is fully qualified with the volume name.
* We can try using drive B since by default that letter isn't assigned
* and even if it conflicts, we should still be okay with the fully
* qualified path.
*
* Windows clients seem to be mostly okay with the forward slash in
* share paths but they cannot handle one immediately after the drive
* letter, i.e. D:/. For consistency we convert all the slashes in
* the path.
*
* Returns a pointer to a heap buffer containing the share path, which
* could be a null pointer if the heap allocation fails.
*/
static char *
{
char tmpbuf[MAXPATHLEN];
char *p;
}
/*
* srvsvc_add_autohome
*
* Add the autohome share for the user to the shares' list
* if autohome is enabled the share is not a permanent share.
*/
static int
{
(void *)infop);
if (status == ERROR_SUCCESS)
i++;
}
return (i);
}
/*
* srvsvc_initialize
*
* This function registers the SRVSVC RPC interface with the RPC runtime
* library. It must be called in order to use either the client side
* or the server side functions.
*/
void
srvsvc_initialize(void)
{
(void) mlrpc_register_service(&srvsvc_service);
}
/*
* srvsvc_s_NetConnectEnum
*
* Under construction. This is just enough to get the interface working.
* Current level 0 and level 1 connection info are supported.
*
* Level 1 request is made by 'srvmgr' (Server Manager)
* utility of NT Server part of NT Domain to MLRPC server
* while double click of share info icon. These values
* are currectly virtual to MLRPC client and does't
* reflect the real state of server.
*/
static int
{
struct mslm_NetConnectInfoBuf0 *ci0;
struct mslm_NetConnectInfoBuf1 *ci1;
case 0:
if (ci0 == 0) {
break;
}
break;
}
param->resume_handle = 0;
break;
case 1:
if (ci1 == 0) {
break;
}
ci1->coni1_netname =
struct mslm_NetConnectInfo1);
break;
}
param->resume_handle = 0;
break;
default:
break;
}
if (status != ERROR_SUCCESS)
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetFileEnum
*
* Under construction. The values used here are fictional values and
* bear no relation to any real values, living or otherwise. I just
* made them up to get the interface working.
*/
static int
{
struct mslm_NetFileInfoBuf3 *fi3;
return (MLRPC_DRC_OK);
}
if (fi3 == 0) {
return (MLRPC_DRC_OK);
}
fi3->fi3_num_locks = 0;
fi3->fi3_pathname =
fi3->fi3_username =
return (MLRPC_DRC_OK);
}
if (param->resume_handle)
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetFileClose
*
* Under construction. This is just enough to get the interface working.
*/
/*ARGSUSED*/
static int
{
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetShareGetInfo
*
* This call is made by Windows2000 to get share information. There are
* probably other information levels but these are the only ones I've
* seen so far.
*
* Returns Win32 error codes.
*/
static int
{
struct mslm_NetShareGetInfo0 *info0;
struct mslm_NetShareGetInfo1 *info1;
struct mslm_NetShareGetInfo2 *info2;
struct mslm_NetShareGetInfo502 *info502;
struct mslm_NetShareGetInfo1005 *info1005;
struct lmshare_info si;
char shr_comment[LMSHR_COMMENT_MAX];
if (status != NERR_Success) {
/*
* Windows clients don't send the \\PIPE path for IPC$.
*/
} else {
return (MLRPC_DRC_OK);
}
}
else
case 0:
if (info0 == 0) {
break;
}
break;
case 1:
if (info1 == 0) {
break;
}
break;
case 2:
if (info2 == 0) {
break;
}
info2->shi2_passwd = 0;
info2->shi2_permissions = 0;
info2->shi2_current_uses = 0;
break;
case 1005:
if (info1005 == 0) {
break;
}
info1005->shi1005_flags = 0;
break;
case 502:
/*
* Level 502 provides level 2 information plus a
* security descriptor. We don't support security
* descriptors on shares yet.
*/
if (info502 == 0) {
break;
}
info502->shi502_passwd = 0;
info502->shi502_permissions = 0;
info502->shi502_current_uses = 0;
info502->shi502_reserved = 0;
break;
default:
break;
}
if (status != ERROR_SUCCESS)
else
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetShareSetInfo
*
* This call is made by SrvMgr to set share information.
* Always returns ERROR_ACCESS_DENIED for now.
*
* Returns Win32 error codes.
*/
static int
{
if (smb_config_getyorn(SMB_CI_SRVSVC_SHRSET_ENABLE) != 0)
else
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetSessionEnum
*
* Level 1 request is made by the 'srvmgr' (Server Manager) utility on
* NT Server when the user info icon is selected.
*
* Return Values
* If the function succeeds, the return value is NERR_Success.
* If the function fails, the return value can be one of the following
* error codes:
*
* ERROR_ACCESS_DENIED The user does not have access to the requested
* information.
* ERROR_INVALID_LEVEL The value specified for the level parameter is
* invalid.
* ERROR_INVALID_PARAMETER The specified parameter is invalid.
* ERROR_MORE_DATA More entries are available. Specify a large
* enough buffer to receive all entries.
* ERROR_NOT_ENOUGH_MEMORY Insufficient memory is available.
* NERR_ClientNameNotFound A session does not exist with the computer
* name.
* NERR_InvalidComputer The computer name is invalid.
* NERR_UserNotFound The user name could not be found.
*/
static int
{
struct mslm_infonres *infonres;
if (infonres == 0) {
return (MLRPC_DRC_OK);
}
infonres->entriesread = 0;
case 0:
break;
case 1:
break;
default:
break;
}
if (status != 0) {
return (MLRPC_DRC_OK);
}
param->resume_handle = 0;
return (MLRPC_DRC_OK);
}
/*
* mlsvc_NetSessionEnumLevel0
*
* Build the level 0 session information.
*/
/*ARGSUSED*/
static DWORD
struct mlrpc_xaction *mxa)
{
struct mslm_SESSION_INFO_0 *info0;
char *workstation;
char ipaddr_buf[INET_ADDRSTRLEN];
if (info0 == 0)
return (ERROR_NOT_ENOUGH_MEMORY);
if (!ulist)
return (ERROR_NOT_ENOUGH_MEMORY);
/*
* Ignore local tokens (IP address is zero).
*/
total--;
if (!ulist)
return (ERROR_NOT_ENOUGH_MEMORY);
continue;
}
sizeof (ipaddr_buf));
}
return (ERROR_NOT_ENOUGH_MEMORY);
}
}
if (!ulist)
return (ERROR_NOT_ENOUGH_MEMORY);
}
return (ERROR_SUCCESS);
}
/*
* mlsvc_NetSessionEnumLevel1
*
* Build the level 1 session information.
*/
/*ARGSUSED*/
static DWORD
struct mlrpc_xaction *mxa)
{
struct mslm_SESSION_INFO_1 *info1;
char *workstation;
char *account;
char ipaddr_buf[INET_ADDRSTRLEN];
if (info1 == 0)
return (ERROR_NOT_ENOUGH_MEMORY);
if (!ulist)
return (ERROR_NOT_ENOUGH_MEMORY);
/*
* Ignore local user_ctxs (IP address is zero).
*/
total--;
if (!ulist)
return (ERROR_NOT_ENOUGH_MEMORY);
continue;
}
ipaddr_buf, sizeof (ipaddr_buf));
}
account = "Unknown";
account);
return (ERROR_NOT_ENOUGH_MEMORY);
}
}
if (!ulist)
return (ERROR_NOT_ENOUGH_MEMORY);
}
return (ERROR_SUCCESS);
}
/*
* srvsvc_s_NetSessionDel
*
* Ends a network session between a server and a workstation.
* On NT only members of the Administrators or Account Operators
* local groups are permitted to use NetSessionDel.
*
* Return Values
* If the function succeeds, the return value is NERR_Success/
* ERROR_SUCCESS. If the function fails, the return value can be
* one of the following error codes:
*
* ERROR_ACCESS_DENIED The user does not have access to the
* requested information.
* ERROR_INVALID_PARAMETER The specified parameter is invalid.
* ERROR_NOT_ENOUGH_MEMORY Insufficient memory is available.
* NERR_ClientNameNotFound A session does not exist with that
* computer name.
*/
static int
{
if (srvsvc_is_poweruser(mxa) == 0) {
return (MLRPC_DRC_OK);
}
return (MLRPC_DRC_OK);
}
/*
* SRVSVC NetServerGetInfo
*
* IN LPTSTR servername,
* IN DWORD level,
* OUT union switch(level) {
* case 100: mslm_SERVER_INFO_100 *p100;
* case 101: mslm_SERVER_INFO_101 *p101;
* case 102: mslm_SERVER_INFO_102 *p102;
* default: char *nullptr;
* } bufptr,
* OUT DWORD status
*/
static int
{
struct mslm_SERVER_INFO_100 *info100;
struct mslm_SERVER_INFO_101 *info101;
struct mslm_SERVER_INFO_102 *info102;
char *sys_comment;
char hostname[MAXHOSTNAMELEN];
return (ERROR_NOT_ENOUGH_MEMORY);
}
case 100:
if (info100 == 0)
if (info100->sv100_name == 0)
break;
case 101:
if (info101 == 0)
info101->sv101_version_minor = 0;
break;
case 102:
if (info102 == 0)
info102->sv102_version_minor = 0;
/*
* The following level 102 fields are defaulted to zero
* by virtue of the call to bzero above.
*
* sv102_users
* sv102_disc
* sv102_hidden
* sv102_announce
* sv102_anndelta
* sv102_licenses
* sv102_userpath
*/
break;
default:
sizeof (struct mslm_NetServerGetInfo_result));
return (MLRPC_DRC_OK);
}
return (MLRPC_DRC_OK);
}
/*
* NetRemoteTOD
*
* Returns information about the time of day on this server.
*
* typedef struct _TIME_OF_DAY_INFO {
* DWORD tod_elapsedt; // seconds since 00:00:00 January 1 1970 GMT
* DWORD tod_msecs; // arbitrary milliseconds (since reset)
* DWORD tod_hours; // current hour [0-23]
* DWORD tod_mins; // current minute [0-59]
* DWORD tod_secs; // current second [0-59]
* DWORD tod_hunds; // current hundredth (0.01) second [0-99]
* LONG tod_timezone; // time zone of the server
* DWORD tod_tinterval; // clock tick time interval
* DWORD tod_day; // day of the month [1-31]
* DWORD tod_month; // month of the year [1-12]
* DWORD tod_year; // current year
* DWORD tod_weekday; // day of the week since sunday [0-6]
* } TIME_OF_DAY_INFO;
*
* The time zone of the server is calculated in minutes from Greenwich
* Mean Time (GMT). For time zones west of Greenwich, the value is
* positive; for time zones east of Greenwich, the value is negative.
* A value of -1 indicates that the time zone is undefined.
*
* The clock tick value represents a resolution of one ten-thousandth
* (0.0001) second.
*/
static int
{
struct mslm_TIME_OF_DAY_INFO *tod;
(void) gettimeofday(&time_val, 0);
return (ERROR_NOT_ENOUGH_MEMORY);
}
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetNameValidate
*
* Perform name validation.
* I've observed that the Computer Management Windows Application
* always send this request with type=0x09 and the flags=0 when
* attempting to validate a share name.
*
* The share name is consider invalid if it contains any of the
* following character (as mentioned in MSDN article #236388).
*
* " / \ [ ] : | < > + ; , ? * =
*
*
* For now, if the type is other than 0x09, return access denied.
*
* Returns Win32 error codes.
*/
/*ARGSUSED*/
static int
{
case 0x09:
break;
default:
break;
}
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetShareAdd
*
* Add a new share. We support info levels 2 and 502 but ignore the
* security descriptor in level 502 requests. Only the administrator,
* or a member of the domain administrators group, is allowed to add
* shares.
*
* This interface is used by the rmtshare command from the NT resource
* kit. Rmtshare allows a client to add or remove shares on a server
* from the client's command line.
*
* Note that we don't support security descriptors on a share. If the
* /grant is used, the share will be created but the subsequent attempt
* to manipulate the security descriptor (NetShareGetInfo) will fail.
* Similarly for the /remove option.
*
* Returns Win32 error codes.
*/
static int
{
struct mslm_SHARE_INFO_2 *info2;
struct lmshare_info si;
char realpath[MAXPATHLEN];
if (srvsvc_is_poweruser(mxa) == 0) {
return (MLRPC_DRC_OK);
}
case 2:
break;
case 502:
break;
default:
return (MLRPC_DRC_OK);
}
return (MLRPC_DRC_OK);
}
return (MLRPC_DRC_OK);
}
if (info2->shi2_remark == 0)
/*
* Derive the real path which will be stored in the
* directory field of the lmshare_info_t structure
* from the path field in this RPC request.
*/
if (parm_stat != NERR_Success) {
0 : &parm_err;
return (MLRPC_DRC_OK);
}
0 : &parm_err;
return (MLRPC_DRC_OK);
}
/*
* srvsvc_is_poweruser
*
* Check whether or not the specified user has power-user privileges,
* i.e. is a member of the Domain Admins, Administrators or Power
* Users groups. This is typically required for operations such as
*
* Returns 1 if the user is a power user, otherwise returns 0.
*/
static int
{
}
/*
* srvsvc_s_NetShareEnum
*
* Request for various levels of information about our shares.
* Level 0: just the share names.
* Level 1: the share name, the share type and the comment field.
* Level 2: everything that we know about the shares.
*/
static int
{
struct mslm_infonres *infonres;
if (infonres == 0) {
return (MLRPC_DRC_OK);
}
infonres->entriesread = 0;
case 0:
break;
case 1:
break;
case 2:
break;
case 502:
break;
default:
break;
}
if (status != 0) {
return (MLRPC_DRC_OK);
}
param->resume_handle = 0;
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetShareEnumSticky
*
* Request for various levels of information about our shares.
* Level 0: just the share names.
* Level 1: the share name, the share type and the comment field.
* Level 2: everything that we know about the shares.
*
* NetShareEnumSticky is the same as NetShareEnum except that hidden
* shares are not returned. This call was apparently added due to a
* bug in the NT implementation of NetShareEnum - it didn't process
* the resume handle correctly so that attempts to enumerate large
* share lists resulted in an infinite loop.
*/
static int
{
struct mslm_infonres *infonres;
if (infonres == 0) {
return (MLRPC_DRC_OK);
}
infonres->entriesread = 0;
if (param->resume_handle)
else
resume_handle = 0;
case 0:
break;
case 1:
break;
case 2:
break;
case 502:
break;
default:
break;
}
if (status != 0) {
return (MLRPC_DRC_OK);
}
if (param->resume_handle)
return (MLRPC_DRC_OK);
}
/*
* mlsvc_NetShareEnumLevel0
*
* Build the level 0 share information. The list should have been built
* before we got here so all we have to do is copy the share names to
* the response heap and setup the infonres values.
*/
static DWORD
{
struct mslm_SHARE_INFO_0 *info0;
DWORD i;
if (info0 == 0) {
return (status);
}
return (status);
}
i = 0;
continue;
if (smb_is_autohome(si))
continue;
(void *)info0);
if (status != ERROR_SUCCESS)
break;
i++;
}
infonres->entriesread = i;
return (ERROR_SUCCESS);
}
/*
* mlsvc_NetShareEnumLevel1
*
* Build the level 1 share information. The list should have been built
* before we arrived here so all we have to do is copy the share info
* to the response heap and setup the infonres values. The only thing
* to be aware of here is that there are minor difference between the
* various share types.
*/
static DWORD
{
struct mslm_SHARE_INFO_1 *info1;
DWORD i;
if (info1 == 0)
return (ERROR_NOT_ENOUGH_MEMORY);
return (ERROR_NOT_ENOUGH_MEMORY);
i = 0;
continue;
if (smb_is_autohome(si))
continue;
(void *)info1) != ERROR_SUCCESS)
break;
i++;
}
infonres->entriesread = i;
return (ERROR_SUCCESS);
}
/*
* mlsvc_NetShareEnumLevel2
*
* Build the level 2 share information. The list should have been built
* before we arrived here so all we have to do is copy the share info
* to the response heap and setup the infonres values. The only thing
* to be aware of here is that there are minor difference between the
* various share types.
*/
static DWORD
{
struct mslm_SHARE_INFO_2 *info2;
DWORD i;
if (info2 == 0)
return (ERROR_NOT_ENOUGH_MEMORY);
return (ERROR_NOT_ENOUGH_MEMORY);
i = 0;
continue;
if (smb_is_autohome(si))
continue;
(void *)info2) != ERROR_SUCCESS)
break;
i++;
}
infonres->entriesread = i;
return (ERROR_SUCCESS);
}
/*
* mlsvc_NetShareEnumLevel502
*
* Build the level 502 share information. This is the same as level 2
* but with a security descriptor in the share structure. We don't
* support SD's on shares so we can just set that field to zero. See
* mlsvc_NetShareEnumLevel2 for more information.
*/
static DWORD
{
struct mslm_SHARE_INFO_502 *info502;
DWORD i;
if (info502 == 0)
return (ERROR_NOT_ENOUGH_MEMORY);
return (ERROR_NOT_ENOUGH_MEMORY);
i = 0;
continue;
if (smb_is_autohome(si))
continue;
break;
i++;
}
(char *)info502);
infonres->entriesread = i;
return (ERROR_SUCCESS);
}
/*
* mlsvc_NetShareEnumCommon
*
* Build the levels 0, 1, 2 and 502 share information. This function
* is called by the various NetShareEnum levels for each share. If
* we cannot build the share data for some reason, we return an error
* but the actual value of the error is not important to the caller.
* The caller just needs to know not to include this info in the RPC
* response.
*
* Returns:
* ERROR_SUCCESS
* ERROR_NOT_ENOUGH_MEMORY
* ERROR_INVALID_LEVEL
*/
static DWORD
{
struct mslm_SHARE_INFO_0 *info0;
struct mslm_SHARE_INFO_1 *info1;
struct mslm_SHARE_INFO_2 *info2;
struct mslm_SHARE_INFO_502 *info502;
char shr_comment[LMSHR_COMMENT_MAX];
/*
* Windows clients don't send the \\PIPE path for IPC$.
*/
}
else
switch (level) {
case 0:
if (info0[i].shi0_netname == 0)
return (ERROR_NOT_ENOUGH_MEMORY);
break;
case 1:
info1[i].shi1_remark
return (ERROR_NOT_ENOUGH_MEMORY);
break;
case 2:
info2[i].shi2_remark
info2[i].shi2_permissions = 0;
info2[i].shi2_current_uses = 0;
info2[i].shi2_passwd
return (ERROR_NOT_ENOUGH_MEMORY);
break;
case 502:
info502[i].shi502_permissions = 0;
info502[i].shi502_current_uses = 0;
info502[i].shi502_reserved = 0;
info502[i].shi502_security_descriptor = 0;
return (ERROR_NOT_ENOUGH_MEMORY);
break;
default:
return (ERROR_INVALID_LEVEL);
}
return (ERROR_SUCCESS);
}
/*
* srvsvc_s_NetShareDel
*
* Delete a share. Only the administrator, or a member of the domain
* administrators group, is allowed to delete shares.
*
* This interface is used by the rmtshare command from the NT resource
* kit. Rmtshare allows a client to add or remove shares on a server
* from the client's command line.
*
* Returns Win32 error codes.
*/
static int
{
if (srvsvc_is_poweruser(mxa) == 0 ||
return (MLRPC_DRC_OK);
}
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetGetFileSecurity
*
*
* Right now, just returns ERROR_ACCESS_DENIED, because we cannot
* get the requested SD here in MLRPC code.
*/
/*ARGSUSED*/
static int
{
return (MLRPC_DRC_OK);
}
/*
* srvsvc_s_NetSetFileSecurity
*
*
* Right now, just returns ERROR_ACCESS_DENIED, because we cannot
* set the requested SD here in MLRPC code.
*/
/*ARGSUSED*/
static int
{
return (MLRPC_DRC_OK);
}
static mlrpc_stub_table_t srvsvc_stub_table[] = {
{0}
};