libsmb.h revision da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2007 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
#ifndef _LIBSMB_H
#define _LIBSMB_H
#pragma ident "%Z%%M% %I% %E% SMI"
#ifdef __cplusplus
extern "C" {
#endif
#include <stdlib.h>
#include <libscf.h>
#include <libshare.h>
#include <smbsrv/smb_idmap.h>
/*
* XXX - These header files are here, only because other libraries
* can compile. Move the header files in to the internal header files
* of other libraries, once the restructure is complete. libsmb.h does not
* need these header files.
*/
#include <smbsrv/lmshare_door.h>
#include <smbsrv/ntstatus.h>
#include <smbsrv/smb_door_svc.h>
#include <smbsrv/codepage.h>
#include <smbsrv/hash_table.h>
#include <smbsrv/smb_i18n.h>
#include <smbsrv/wintypes.h>
/* End of header files to be removed. */
/* Max value length of all SMB properties */
#define MAX_VALUE_BUFLEN 512
#define SMB_PI_MAX_DOMAIN_U 48
#define SMBD_FMRI_PREFIX "network/smb/server"
#define SMBD_DEFAULT_INSTANCE_FMRI "svc:/network/smb/server:default"
#define SMBD_PG_NAME "smbd"
#define SMBD_PROTECTED_PG_NAME "read"
#define SMBD_SMF_OK 0
#define SCH_STATE_UNINIT 0
#define SCH_STATE_INITIALIZING 1
#define SCH_STATE_INIT 2
typedef struct smb_scfhandle {
int scf_state;
/*
* CIFS Configuration Management
*/
/* macros for the description of all config params */
#define SMB_CD_RDR_IPCMODE "rdr_ipcmode"
#define SMB_CD_RDR_IPCUSER "rdr_ipcuser"
#define SMB_CD_RDR_IPCPWD "rdr_ipcpasswd"
#define SMB_CD_OPLOCK_ENABLE "oplock_enable"
#define SMB_CD_OPLOCK_TIMEOUT "oplock_timeout"
#define SMB_CD_AUTOHOME_MAP "autohome_map"
#define SMB_CD_DOMAIN_SID "domain_sid"
#define SMB_CD_DOMAIN_MEMB "domain_member"
#define SMB_CD_DOMAIN_NAME "domain_name"
#define SMB_CD_DOMAIN_SRV "pdc"
#define SMB_CD_WINS_SRV1 "wins_server_1"
#define SMB_CD_WINS_SRV2 "wins_server_2"
#define SMB_CD_WINS_EXCL "wins_exclude"
#define SMB_CD_SRVSVC_SHRSET_ENABLE "srvsvc_sharesetinfo_enable"
#define SMB_CD_LOGR_ENABLE "logr_enable"
#define SMB_CD_MLRPC_KALIVE "mlrpc_keep_alive_interval"
#define SMB_CD_MAX_BUFSIZE "max_bufsize"
#define SMB_CD_MAX_WORKERS "max_workers"
#define SMB_CD_MAX_CONNECTIONS "max_connections"
#define SMB_CD_KEEPALIVE "keep_alive"
#define SMB_CD_RESTRICT_ANON "restrict_anonymous"
#define SMB_CD_SIGNING_ENABLE "signing_enabled"
#define SMB_CD_SIGNING_REQD "signing_required"
#define SMB_CD_SIGNING_CHECK "signing_check"
#define SMB_CD_FLUSH_REQUIRED "flush_required"
#define SMB_CD_SYNC_ENABLE "sync_enable"
#define SMB_CD_DIRSYMLINK_DISABLE "dir_symlink_disable"
#define SMB_CD_ANNONCE_QUOTA "announce_quota"
#define SMB_CD_SECURITY "security"
#define SMB_CD_NBSCOPE "netbios_scope"
#define SMB_CD_SYS_CMNT "system_comment"
#define SMB_CD_LM_LEVEL "lmauth_level"
#define SMB_CD_MSDCS_DISABLE "msdcs_disable"
#define SMB_CD_ADS_ENABLE "ads_enable"
#define SMB_CD_ADS_USER "ads_user"
#define SMB_CD_ADS_PASSWD "ads_passwd"
#define SMB_CD_ADS_DOMAIN "ads_domain"
#define SMB_CD_ADS_USER_CONTAINER "ads_user_container"
#define SMB_CD_ADS_SITE "ads_site"
#define SMB_CD_ADS_IPLOOKUP "ads_ip_lookup"
#define SMB_CD_DYNDNS_ENABLE "ddns_enable"
#define SMB_CD_DYNDNS_RETRY_COUNT "ddns_retry_cnt"
#define SMB_CD_DYNDNS_RETRY_SEC "ddns_retry_sec"
#define SMB_CD_MACHINE_PASSWD "machine_passwd"
/* configuration identifier */
typedef enum {
SMB_CI_RDR_IPCMODE = 0,
} smb_cfg_id_t;
/* SMF helper functions */
extern smb_scfhandle_t *smb_smf_scf_init(char *);
extern void smb_smf_scf_fini(smb_scfhandle_t *);
extern int smb_smf_start_transaction(smb_scfhandle_t *);
extern int smb_smf_end_transaction(smb_scfhandle_t *);
extern int smb_smf_set_string_property(smb_scfhandle_t *, char *, char *);
extern int smb_smf_get_string_property(smb_scfhandle_t *, char *,
char *, size_t);
extern int smb_smf_set_opaque_property(smb_scfhandle_t *, char *,
void *, size_t);
extern int smb_smf_get_opaque_property(smb_scfhandle_t *, char *,
void *, size_t);
extern int smb_smf_create_service_pgroup(smb_scfhandle_t *, char *);
extern int smb_smf_delete_service_pgroup(smb_scfhandle_t *, char *);
extern int smb_smf_create_instance_pgroup(smb_scfhandle_t *, char *);
extern int smb_smf_delete_instance_pgroup(smb_scfhandle_t *, char *);
extern int smb_smf_delete_property(smb_scfhandle_t *, char *);
extern int smb_smf_instance_exists(smb_scfhandle_t *, char *);
extern int smb_smf_instance_create(smb_scfhandle_t *, char *, char *);
extern int smb_smf_instance_delete(smb_scfhandle_t *, char *);
extern smb_scfhandle_t *smb_smf_get_iterator(char *);
extern int smb_smf_get_property(smb_scfhandle_t *, int, char *, char *,
size_t);
extern int smb_smf_set_property(smb_scfhandle_t *, int, char *, char *);
/* Configuration management functions */
extern int smb_config_load(void);
extern void smb_config_rdlock(void);
extern void smb_config_wrlock(void);
extern void smb_config_unlock(void);
extern char *smb_config_get(smb_cfg_id_t);
extern char *smb_config_getstr(smb_cfg_id_t);
extern int smb_config_getyorn(smb_cfg_id_t);
/*
* smb_config_getenv
*
* Retrieves the property value from SMF.
* Caller must free the returned buffer.
*
*/
extern int smb_config_set(smb_cfg_id_t, char *);
extern uint8_t smb_config_get_fg_flag(void);
extern char *smb_config_get_localsid(void);
extern int smb_config_secmode_fromstr(char *secmode);
extern char *smb_config_secmode_tostr(int secmode);
extern int smb_config_get_secmode(void);
extern int smb_config_set_secmode(int secmode);
extern int smb_config_set_idmap_domain(char *value);
extern int smb_config_set_idmap_gc(char *value);
extern int smb_config_refresh_idmap(void);
/* smb_door_client.c */
typedef struct smb_joininfo {
char domain_name[SMB_PI_MAX_DOMAIN];
/* APIs to communicate with SMB daemon via door calls */
extern int smbd_set_param(smb_cfg_id_t, char *);
extern int smbd_get_param(smb_cfg_id_t, char *);
extern int smbd_get_security_mode(int *);
extern int smbd_netbios_reconfig(void);
#define SMB_DOMAIN_NOMACHINE_SID -1
#define SMB_DOMAIN_NODOMAIN_SID -2
/* Following set of functions, manipulate WINS server configuration */
unsigned long *exclude_list, int nexclude);
/*
* Information on a particular domain: the domain name, the
* name of a controller (PDC or BDC) and it's ip address.
*/
typedef struct smb_ntdomain {
char domain[SMB_PI_MAX_DOMAIN_U];
char server[SMB_PI_MAX_DOMAIN_U];
/* SMB domain information management functions */
extern void smb_purge_domain_info(void);
extern int smb_is_domain_member(void);
extern uint8_t smb_get_fg_flag(void);
extern void smb_set_domain_member(int set);
extern uint32_t smb_get_security_mode(void);
extern int nt_priv_presentable_num(void);
/*
* Following set of function, handle calls to SMB Kernel driver, via
* Kernel doors interface.
*/
extern uint64_t smb_dwncall_user_num(void);
extern int smb_dwncall_share(int, char *, char *);
/*
* buffer context structure. This is used to keep track of the buffer
* context.
*
* basep: points to the beginning of the buffer
* curp: points to the current offset
* endp: points to the limit of the buffer
*/
typedef struct {
unsigned char *basep;
unsigned char *curp;
unsigned char *endp;
} smb_ctxbuf_t;
/* Functions to handle SMB daemon communications with idmap service */
extern int smb_idmap_start(void);
extern void smb_idmap_stop(void);
extern int smb_idmap_restart(void);
/* Miscellaneous functions */
extern void hexdump(unsigned char *, int);
extern char *trim_whitespace(char *buf);
extern void randomize(char *, unsigned);
extern int smb_getdomainname(char *, size_t);
extern int smb_getfqhostname(char *, size_t);
extern int smb_gethostname(char *, size_t, int);
extern int smb_getnetbiosname(char *, size_t);
void smb_trace(const char *s);
void smb_tracef(const char *fmt, ...);
/*
* Authentication
*/
#define SMBAUTH_LM_MAGIC_STR "KGS!@#$%"
#define SMBAUTH_FAILURE 1
#define SMBAUTH_SUCCESS 0
#define MD_DIGEST_LEN 16
/*
* Name Types
*
* The list of names near the end of the data blob (i.e. the ndb_names
* field of the smb_auth_data_blob_t data structure) can be classify into
* the following types:
*
* 0x0000 Indicates the end of the list.
* 0x0001 The name is a NetBIOS machine name (e.g. server name)
* 0x0002 The name is an NT Domain NetBIOS name.
* 0x0003 The name is the server's DNS hostname.
* 0x0004 The name is a W2K Domain name (a DNS name).
*/
#define SMBAUTH_NAME_TYPE_LIST_END 0x0000
#define SMBAUTH_NAME_TYPE_SERVER_NETBIOS 0x0001
#define SMBAUTH_NAME_TYPE_DOMAIN_NETBIOS 0x0002
#define SMBAUTH_NAME_TYPE_SERVER_DNS 0x0003
#define SMBAUTH_NAME_TYPE_DOMAIN_DNS 0x0004
/*
* smb_auth_name_entry_t
*
* Each name entry in the data blob consists of the following 3 fields:
*
* nne_type - name type
* nne_len - the length of the name
* nne_name - the name, in uppercase UCS-2LE Unicode format
*/
typedef struct smb_auth_name_entry {
unsigned short nne_type;
unsigned short nne_len;
/*
* smb_auth_data_blob
*
* The format of this NTLMv2 data blob structure is as follow:
*
* - Blob Signature 0x01010000 (4 bytes)
* - Reserved (0x00000000) (4 bytes)
* - Timestamp Little-endian, 64-bit signed value representing
* the number of tenths of a microsecond since January 1, 1601.
* (8 bytes)
* - Client Challenge (8 bytes)
* - Unknown1 (4 bytes)
* - List of Target Information (variable length)
* - Unknown2 (4 bytes)
*/
typedef struct smb_auth_data_blob {
unsigned char ndb_signature[4];
unsigned char ndb_reserved[4];
unsigned char ndb_clnt_challenge[SMBAUTH_V2_CLNT_CHALLENGE_SZ];
unsigned char ndb_unknown[4];
unsigned char ndb_unknown2[4];
#define SMBAUTH_BLOB_MAXLEN (sizeof (smb_auth_data_blob_t))
#define SMBAUTH_CI_MAXLEN SMBAUTH_LM_RESP_SZ
/*
* smb_auth_info_t
*
* The structure contains all the authentication information
* needed for the preparaton of the SMBSessionSetupAndx request
* and the user session key.
*
* hash - NTLM hash
* hash_v2 - NTLMv2 hash
* ci_len - the length of the case-insensitive password
* ci - case-insensitive password
* (If NTLMv2 authentication mechanism is used, it
* represents the LMv2 response. Otherwise, it
* is empty.)
* cs_len - the length of the case-sensitive password
* cs - case-sensitive password
* (If NTLMv2 authentication mechanism is used, it
* represents the NTLMv2 response. Otherwise, it
* represents the NTLM response.)
* data_blob - NTLMv2 data blob
*/
typedef struct smb_auth_info {
unsigned char hash[SMBAUTH_HASH_SZ];
unsigned char hash_v2[SMBAUTH_HASH_SZ];
unsigned short ci_len;
unsigned char ci[SMBAUTH_CI_MAXLEN];
unsigned short cs_len;
unsigned char cs[SMBAUTH_CS_MAXLEN];
int lmcompatibility_lvl;
extern int smb_getdomainname(char *, size_t);
extern int smb_getfqhostname(char *, size_t);
extern int smb_gethostname(char *, size_t, int);
extern int smb_getnetbiosname(char *, size_t);
void smb_trace(const char *s);
void smb_tracef(const char *fmt, ...);
/*
* SMB password management
*/
typedef struct smb_passwd {
unsigned char pw_lmhash[SMBAUTH_HASH_SZ];
unsigned char pw_nthash[SMBAUTH_HASH_SZ];
} smb_passwd_t;
/*
* Control flags passed to smb_pwd_setcntl
*/
#define SMB_PWC_DISABLE 0x01
#define SMB_PWC_ENABLE 0x02
#define SMB_PWC_NOLM 0x04
#define SMB_PWE_SUCCESS 0
#define SMB_PWE_USER_UNKNOWN 1
#define SMB_PWE_USER_DISABLE 2
#define SMB_PWE_CLOSE_FAILED 3
#define SMB_PWE_OPEN_FAILED 4
#define SMB_PWE_WRITE_FAILED 6
#define SMB_PWE_UPDATE_FAILED 7
#define SMB_PWE_STAT_FAILED 8
#define SMB_PWE_BUSY 9
#define SMB_PWE_DENIED 10
#define SMB_PWE_SYSTEM_ERROR 11
#define SMB_PWE_MAX 12
extern int smb_pwd_setpasswd(const char *, const char *);
extern int smb_pwd_setcntl(const char *, int);
/*
* A variation on HMAC-MD5 known as HMACT64 is used by Windows systems.
* The HMACT64() function is the same as the HMAC-MD5() except that
* it truncates the input key to 64 bytes rather than hashing it down
* to 16 bytes using the MD5() function.
*/
extern int smb_auth_DES(unsigned char *, int, unsigned char *, int,
unsigned char *, int);
extern int smb_auth_md4(unsigned char *, unsigned char *, int);
extern int smb_auth_lm_hash(char *, unsigned char *);
extern int smb_auth_ntlm_hash(char *, unsigned char *);
extern int smb_auth_set_info(char *, char *,
unsigned char *, char *, unsigned char *,
int, int, smb_auth_info_t *);
extern int smb_auth_gen_session_key(smb_auth_info_t *, unsigned char *);
unsigned char *, int, char *);
unsigned char *, int, char *);
/*
* SMB MAC Signing
*/
/*
* Signing flags:
*
* SMB_SCF_ENABLE Signing is enabled.
*
* SMB_SCF_REQUIRED Signing is enabled and required.
* This flag shouldn't be set if
* SMB_SCF_ENABLE isn't set.
*
* SMB_SCF_STARTED Signing will start after receiving
* the first non-anonymous SessionSetup
* request.
*
* SMB_SCF_KEY_ISSET_THIS_LOGON Indicates whether the MAC key has just
* been set for this logon. (prior to
* sending the SMBSessionSetup request)
*
*/
#define SMB_SCF_ENABLE 0x01
#define SMB_SCF_REQUIRED 0x02
#define SMB_SCF_STARTED 0x04
#define SMB_SCF_KEY_ISSET_THIS_LOGON 0x08
/*
* smb_sign_ctx
*
* SMB signing context.
*
* ssc_seqnum sequence number
* ssc_keylen mac key length
* ssc_mid multiplex id - reserved
* ssc_flags flags
* ssc_mackey mac key
* ssc_sign mac signature
*
*/
typedef struct smb_sign_ctx {
unsigned int ssc_seqnum;
unsigned short ssc_keylen;
unsigned short ssc_mid;
unsigned int ssc_flags;
unsigned char ssc_mackey[SMB_MAC_KEY_SZ];
unsigned char ssc_sign[SMB_SIG_SIZE];
/*
* Each domain is categorized using the enum values below.
* The local domain refers to the local machine and is named
* after the local hostname. The primary domain is the domain
* that the system joined. All other domains are either
* trusted or untrusted, as defined by the primary domain PDC.
*
* This enum must be kept in step with the table of strings
* in ntdomain.c.
*/
typedef enum nt_domain_type {
/*
* This is the information that is held about each domain. The database
* is a linked list that is threaded through the domain structures. As
* the number of domains in the database should be small (32 max), this
* should be sufficient.
*/
typedef struct nt_domain {
char *name;
} nt_domain_t;
void nt_domain_sync(void);
nt_sid_t *nt_domain_local_sid(void);
#define SMB_GROUP_PER_LIST 5
/*
* of the SMB local group door service. Extend this structure if a new type
* client paramater needs to be passed.
*/
typedef struct ntgrp_dr_arg {
char *gname;
char *desc;
char *member;
char *newgname;
int offset;
char *scope;
int type;
int count;
typedef struct ntgrp {
char *name; /* Name of the group */
char *desc; /* Desc of gruup */
char *type; /* sid_name_use */
char *sid; /* Sid */
} ntgrp_t;
typedef struct ntgrp_list {
int cnt;
} ntgrp_list_t;
typedef char *members_list;
typedef struct ntgrp_member_list {
int cnt; /* members */
typedef struct ntpriv {
char *name; /* Name of priv */
} ntpriv_t;
typedef struct ntpriv_list {
int cnt; /* Number of privs */
/* the xdr functions */
extern void smb_group_free_memberlist(ntgrp_member_list_t *, int);
extern void smb_group_free_list(ntgrp_list_t *, int);
extern void smb_group_free_privlist(ntpriv_list_t *, int);
extern uint32_t smb_group_add(char *, char *);
extern uint32_t smb_group_modify(char *, char *, char *);
extern uint32_t smb_group_delete(char *);
extern uint32_t smb_group_member_remove(char *, char *);
extern uint32_t smb_group_member_add(char *, char *);
extern uint32_t smb_group_priv_num(int *);
extern uint32_t smb_group_count(int *);
extern uint32_t smb_group_member_count(char *, int *);
size_t *);
#ifdef __cplusplus
}
#endif
#endif /* _LIBSMB_H */