smbns_ads.c revision 77191e8775ec29406dec7210fc064d8fd759dd24
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER START
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * The contents of this file are subject to the terms of the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Common Development and Distribution License (the "License").
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You may not use this file except in compliance with the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * See the License for the specific language governing permissions
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * and limitations under the License.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * When distributing Covered Code, include this CDDL HEADER in each
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * If applicable, add the following below this CDDL HEADER, with the
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * fields enclosed by brackets "[]" replaced with your own identifying
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * information: Portions Copyright [yyyy] [name of copyright owner]
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * CDDL HEADER END
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * Use is subject to license terms.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * [MS-DISO] A machine password is an ASCII string of randomly chosen
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * characters. Each character's ASCII code is between 32 and 122 inclusive.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw#define SMB_ADS_MSDCS_SRV_SITE_RR "_ldap._tcp.%s._sites.dc._msdcs"
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * domainControllerFunctionality
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * This rootDSE attribute indicates the functional level of the DC.
#define SMB_ADS_DCLEVEL_W2K 0
static char *smb_ads_computer_objcls[] = {
static char *smb_ads_share_objcls[] = {
typedef struct smb_ads_config {
typedef struct smb_ads_avpair {
char *avp_attr;
char *avp_val;
typedef enum smb_ads_qstat {
typedef struct smb_ads_host_list {
int ah_cnt;
smb_ads_avpair_t *, int, char *);
static void smb_ads_free_cached_host(void);
static int smb_ads_get_spnset(char *, char **);
static void smb_ads_free_spnset(char **);
smb_ads_avpair_t *);
smb_ads_avpair_t *);
static char *smb_ads_get_sharedn(const char *, const char *, const char *);
smb_ads_init(void)
smb_ads_fini(void)
smb_ads_refresh(void)
if (smb_ads_cached_host_info &&
if (purge)
static boolean_t
return (configured);
static boolean_t
if (!smb_ads_cached_host_info)
return (B_FALSE);
return (B_FALSE);
if (!srv)
return (B_TRUE);
return (B_TRUE);
return (B_FALSE);
static boolean_t
return (B_FALSE);
return (B_FALSE);
return (B_TRUE);
static boolean_t
char *cached_host_domain;
return (B_FALSE);
return (B_FALSE);
return (B_FALSE);
return (B_TRUE);
int i, len;
for (i = 0; i < qcnt; i++) {
int i, len;
for (i = 0; i < ans_cnt; i++) {
if (len < 0)
int i, len;
for (i = 0; i < ns_cnt; i++) {
int i, j, len;
char *name;
for (i = 0; i < addit_cnt; i++) {
if (len < 0)
#ifdef BIG_ENDIAN
for (i = 0; i < IN6ADDRSZ; i++)
for (j = 0; j < ans_cnt; j++) {
static smb_ads_host_info_t *
return (NULL);
return (dup_host);
static smb_ads_host_list_t *
int size;
if (count == 0)
return (NULL);
return (NULL);
return (NULL);
return (hlist);
static smb_ads_host_list_t *
} msg;
return (NULL);
if (len < 0) {
return (NULL);
return (NULL);
return (NULL);
return (NULL);
return (NULL);
if (ns_cnt > 0) {
return (NULL);
if (addit_cnt > 0) {
return (NULL);
return (hlist);
struct hostent *h;
int error;
case AF_INET6:
case AF_INET:
0, &error);
freehostent(h);
return (host);
if (!hlist)
return (NULL);
goto update_cache;
goto update_cache;
if (host) {
if (!smb_ads_cached_host_info)
return (host);
smb_ads_count_dots(const char *s)
int ndots = 0;
ndots++;
return (ndots);
* for example: sun.com -> dc=sun,dc=com.
char *dn_name;
int ndots;
int len;
return (NULL);
++ndots;
return (NULL);
s = domain_name;
buf[0] = *s;
return (dn_name);
smb_ads_free_cached_host(void)
if (smb_ads_cached_host_info) {
smb_ads_open(void)
return (NULL);
return (NULL);
return (LDAP_PARAM_ERROR);
interact++) {
return (LDAP_SUCCESS);
static smb_ads_handle_t *
int rc;
return (NULL);
return (NULL);
return (NULL);
return (NULL);
!= LDAP_SUCCESS) {
return (NULL);
return (NULL);
return (NULL);
return (NULL);
return (NULL);
return (NULL);
return (ah);
for (i = 0; attrs[i]; i++) {
for (i = 0; i < SMBKRB5_SPN_IDX_MAX; i++) {
for (i = 0; spn_set[i]; i++)
const char *domain_dn)
char *share_dn;
if (append_domain)
char *share_dn;
int ret;
return (ret);
const char *adsContainer)
char *share_dn;
int ret;
while (*src) {
if (!avail) {
*dst = 0;
switch (*src) {
avail--;
avail--;
*dst = 0;
char *share_dn;
int ret;
int ret;
switch (ret) {
return (ret);
int ret;
if (ret == 0)
char **vals;
if (entry) {
return (SMB_ADS_DCLEVEL_W2K);
return (rc);
char *user_principal;
int max;
switch (op) {
case LDAP_MOD_ADD:
case LDAP_MOD_REPLACE:
return (ret);
int rc;
static smb_ads_qstat_t
char **vals;
if (!vals)
return (SMB_ADS_STAT_NOT_FOUND);
if (!vals[0]) {
return (SMB_ADS_STAT_NOT_FOUND);
return (rc);
static smb_ads_qstat_t
return (SMB_ADS_STAT_ERR);
return (SMB_ADS_STAT_NOT_FOUND);
return (SMB_ADS_STAT_ERR);
switch (rc) {
case SMB_ADS_STAT_FOUND:
case SMB_ADS_STAT_NOT_FOUND:
return (rc);
if (avpair)
return (rc);
static smb_ads_qstat_t
return (SMB_ADS_STAT_ERR);
if (avpair) {
return (SMB_ADS_STAT_ERR);
return (SMB_ADS_STAT_ERR);
return (SMB_ADS_STAT_NOT_FOUND);
return (rc);
static smb_ads_qstat_t
dn);
return (stat);
int ret = 0;
return (LDAP_NO_MEMORY);
return (ret);
static krb5_kvno
return (kvno);
errno = 0;
for (i = 0; i < pwdlen; i++)
* account password will be stored locally in /etc/krb5/krb5.keytab file.
char *tmpfile;
return (SMB_ADJOIN_ERR_GET_HANDLE);
return (SMB_ADJOIN_ERR_GEN_PWD);
return (SMB_ADJOIN_ERR_GET_DCLEVEL);
switch (qstat) {
case SMB_ADS_STAT_FOUND:
return (SMB_ADJOIN_ERR_MOD_TRUST_ACCT);
case SMB_ADS_STAT_NOT_FOUND:
return (SMB_ADJOIN_ERR_ADD_TRUST_ACCT);
return (rc);
goto adjoin_cleanup;
goto adjoin_cleanup;
machine_passwd) != 0) {
goto adjoin_cleanup;
== LDAP_INSUFFICIENT_ACCESS) {
if (des_only)
goto adjoin_cleanup;
goto adjoin_cleanup;
if (smb_config_refresh_idmap() != 0)
return (rc);
struct xlate_table {
char *msg;
} adjoin_table[] = {
"keytab file (i.e /etc/krb5/krb5.keytab)." },
"local keytab file (i.e. /etc/krb5/krb5.keytab)." }
static boolean_t
if (!host)
return (match);
return (match);
static smb_ads_host_info_t *
return (NULL);
for (i = 0; i < cnt; i++) {
return (hentry);
return (NULL);
static smb_ads_host_info_t *
for (i = 0; i < cnt; i++) {
return (hentry);
return (NULL);
smb_ads_dc_compare(const void *p, const void *q)
static smb_ads_host_info_t *
return (NULL);
return (hentry);
return (hentry);
return (hentry);
return (NULL);
char *sought_host;
return (B_FALSE);
return (B_FALSE);
return (B_TRUE);