mlsvc_util.c revision da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#pragma ident "%Z%%M% %I% %E% SMI"
/*
* Utility functions to support the RPC interface library.
*/
#include <stdio.h>
#include <stdarg.h>
#include <strings.h>
#include <unistd.h>
#include <netdb.h>
#include <stdlib.h>
#include <pwd.h>
#include <grp.h>
#include <smbsrv/libsmbrdr.h>
#include <smbsrv/libsmbns.h>
#include <smbsrv/libmlsvc.h>
#include <smbsrv/mlsvc_util.h>
extern int netr_open(char *, char *, mlsvc_handle_t *);
extern int netr_close(mlsvc_handle_t *);
extern int mlsvc_user_getauth(char *, char *, smb_auth_info_t *);
/*
* Compare the supplied domain name with the local hostname.
* We need to deal with both server names and fully-qualified
* domain names.
*
* Returns:
* 0 The specified domain is not the local domain,
* 1 The Specified domain is the local domain.
* -1 Invalid parameter or unable to get the local
* system information.
*/
int
mlsvc_is_local_domain(const char *domain)
{
char hostname[MAXHOSTNAMELEN];
int rc;
else
if (rc != 0)
return (-1);
return (1);
return (0);
}
/*
* mlsvc_lookup_name
*
* Lookup a name in the specified domain and translate it to a SID.
* If the name is in the NT domain, it may refer to a user, group or
* alias. Otherwise it must refer to a UNIX username. The memory for
* the sid is allocated using malloc so the caller should call free
* when it is no longer required.
*
* On success, 0 will be returned and sid will point to a local domain
* user SID. Otherwise -1 will be returned.
*/
int
{
return (-1);
else
}
/*
* mlsvc_lookup_local_name
*
* Lookup a name in the local password file and translate it to a SID.
* The name must refer to a user. This is a private function intended
* to support mlsvc_lookup_name so it doesn't perform any parameter
* validation. The memory for the sid is allocated using malloc so the
* caller must call free when it is no longer required.
*
* On success, 0 will be returned and sid will point to a local domain
* user SID. Otherwise -1 will be returned.
*/
static int
{
return (-1);
return (-1);
return (0);
}
/*
* mlsvc_lookup_nt_name
*
* Lookup a name in the specified NT domain and translate it to a SID.
* The name may refer to a user, group or alias. This is a private
* function intended to support mlsvc_lookup_name so it doesn't do any
* parameter validation. The memory for the sid is allocated using
* malloc so the caller should call free when it is no longer required.
*
* On success, 0 will be returned and sid will point to an NT domain
* user SID. Otherwise -1 will be returned.
*/
static int
{
return (-1);
return (-1);
return (0);
}
/*
* mlsvc_lookup_sid
*
* Lookup a SID and translate it to a name. The name returned may refer
* to a domain, user, group or alias dependent on the SID. On success 0
* will be returned. Otherwise -1 will be returned.
*/
int
{
return (-1);
if (nt_sid_is_local(sid)) {
switch (SAM_RID_TYPE(rid)) {
case SAM_RT_NT_UID:
break;
case SAM_RT_NT_GID:
return (-1);
break;
case SAM_RT_UNIX_UID:
return (-1);
break;
case SAM_RT_UNIX_GID:
return (-1);
break;
}
return (0);
}
}
/*
* mlsvc_lookup_nt_sid
*
* Lookup an NT SID and translate it to a name. This is a private
* function intended to support mlsvc_lookup_sid so it doesn't do any
* parameter validation. The input account_name specifies the logon/
* session to be used for the lookup. It doesn't need to have any
* association with the SID being looked up. The name returned may
* refer to a domain, user, group or alias dependent on the SID.
*
* On success the name will be copied into buf and 0 will be returned.
* Otherwise -1 will be returned.
*/
static int
{
int rc;
return (-1);
return (rc);
}
/*
* mlsvc_alloc_user_info
*
* Allocate a user_info structure and set the contents to zero. A
* pointer to the user_info structure is returned.
*/
mlsvc_alloc_user_info(void)
{
return (NULL);
return (user_info);
}
/*
* mlsvc_free_user_info
*
* Free a user_info structure. This function ensures that the contents
* of the user_info are freed as well as the user_info itself.
*/
void
{
if (user_info) {
}
}
/*
* mlsvc_release_user_info
*
* Release the contents of a user_info structure and zero out the
* elements but do not free the user_info structure itself. This
* function cleans out the structure so that it can be reused without
* worrying about stale contents.
*/
void
{
int i;
return;
if (user_info->n_other_grps) {
for (i = 0; i < user_info->n_other_grps; i++)
}
}
/*
* mlsvc_setadmin_user_info
*
* Determines if the given user is the domain Administrator or a
* member of Domain Admins or Administrators group and set the
* user_info->flags accordingly.
*/
void
{
int i;
return;
return;
else {
}
if (grp) {
if (i)
}
}
/*
* mlsvc_string_save
*
* This is a convenience function to prepare strings for an RPC call.
* An ms_string_t is set up with the appropriate lengths and str is
* set up to point to a copy of the original string on the heap. The
* macro MLRPC_HEAP_STRSAVE is an alias for mlrpc_heap_strsave, which
* extends the heap and copies the string into the new area.
*/
int
{
int length;
char *p;
return (0);
/*
* Windows NT expects the name length to exclude the
* terminating wchar null but doesn't care whether or
* not the allosize includes it. Windows 2000 insists
* that both the length and the allosize include the
* wchar null.
*/
else
return (0);
}
return (1);
}
/*
* mlsvc_sid_save
*
* Expand the heap and copy the sid into the new area.
* Returns a pointer to the copy of the sid on the heap.
*/
nt_sid_t *
{
unsigned size;
return (NULL);
return (0);
return (heap_sid);
}
/*
* mlsvc_is_null_handle
*
* Check a handle against a null handle. Returns 1 if the handle is
* null. Otherwise returns 0.
*/
int
{
static ms_handle_t zero_handle;
return (1);
return (1);
return (0);
}
/*
* mlsvc_validate_user
*
* Returns NT status codes.
*/
char *plain_text)
{
int erc;
machine_passwd[0] = '\0';
/*
* Ensure that the domain name is uppercase.
*/
(void) utf8_strupr(domain);
/*
* There is no point continuing if the domain information is
* not available. Wait for up to 10 seconds and then give up.
*/
return (status);
}
return (status);
}
if (erc == AUTH_USER_GRANT) {
int isenabled;
if (isenabled) {
if (adjoin(machine_passwd,
sizeof (machine_passwd)) == ADJOIN_SUCCESS) {
} else {
}
} else {
/*
* Ensure that we don't have an old account in
* this domain. There's no need to check the
* return status.
*/
!= 0) {
return (status);
}
&auth);
if (status == NT_STATUS_SUCCESS) {
(void) smb_gethostname(machine_passwd,
sizeof (machine_passwd), 0);
(void) utf8_strlwr(machine_passwd);
}
}
if (status == NT_STATUS_SUCCESS) {
machine_passwd) != 0) {
return (NT_STATUS_UNSUCCESSFUL);
}
/*
* If we successfully create a trust account, we mark
* ourselves as a domain member in the environment so
* that we use the SAMLOGON version of the NETLOGON
* PDC location protocol.
*/
(void) netr_close(&netr_handle);
} else {
}
}
} else {
}
return (status);
}
/*ARGSUSED*/
void
{
}
void
nt_group_ht_unlock(void)
{
}
int
nt_group_num_groups(void)
{
return (0);
}
/*ARGSUSED*/
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
nt_group_delete(char *gname)
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
{
return (NULL);
}
/*ARGSUSED*/
void
{
}
/*ARGSUSED*/
int
{
return (SE_PRIVILEGE_DISABLED);
}
/*ARGSUSED*/
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
int
{
return (0);
}
/*ARGSUSED*/
char *account)
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
int
{
return (0);
}
nt_group_open_iterator(void)
{
return (NULL);
}
/*ARGSUSED*/
void
{
}
/*ARGSUSED*/
{
return (NULL);
}
int
nt_group_cache_size(void)
{
return (0);
}
sam_init(void)
{
return (NT_STATUS_SUCCESS);
}
/*ARGSUSED*/
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
{
return (NT_STATUS_NOT_SUPPORTED);
}
/*ARGSUSED*/
void
{
}
/*ARGSUSED*/
{
return (NT_STATUS_SUCCESS);
}
/*ARGSUSED*/
int
{
return (0);
}
/*ARGSUSED*/
{
return (NT_STATUS_SUCCESS);
}
/*ARGSUSED*/
{
return (NULL);
}
/*ARGSUSED*/
int
nt_groups_count(int cnt_opt)
{
return (0);
}
/*ARGSUSED*/
int
{
return (0);
}
/*ARGSUSED*/
void
{
}