smbvar.h revision 5cdbe942b031cac50f4252efc4371b15d624fcd1
/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
* Copyright 2008 Sun Microsystems, Inc. All rights reserved.
* Use is subject to license terms.
*/
/*
* Structures and type definitions for the SMB module.
*/
#ifndef _SMBSRV_SMBVAR_H
#define _SMBSRV_SMBVAR_H
#pragma ident "%Z%%M% %I% %E% SMI"
#ifdef __cplusplus
extern "C" {
#endif
#include <smbsrv/smb_vops.h>
typedef struct smb_session smb_session_t;
typedef struct smb_request smb_request_t;
#include <smbsrv/smb_svc_sm.h>
#define SMB_AUDIT_STACK_DEPTH 16
#define SMB_AUDIT_BUF_MAX_REC 16
#define SMB_AUDIT_NODE 0x00000001
extern uint32_t smb_audit_flags;
typedef struct {
int anr_depth;
typedef struct {
int anb_index;
int anb_max_index;
#define SMB_WORKER_PRIORITY 99
/*
* Thread State Machine
* --------------------
*
* T5 T0
* smb_thread_destroy() <-------+ +------- smb_thread_init()
* | |
* | v
* +-----------------------------+
* | SMB_THREAD_STATE_EXITED |<---+
* +-----------------------------+ |
* | T1 |
* v |
* +-----------------------------+ |
* | SMB_THREAD_STATE_STARTING | |
* +-----------------------------+ |
* | T2 | T4
* v |
* +-----------------------------+ |
* | SMB_THREAD_STATE_RUNNING | |
* +-----------------------------+ |
* | T3 |
* v |
* +-----------------------------+ |
* | SMB_THREAD_STATE_EXITING |----+
* +-----------------------------+
*
* Transition T0
*
* This transition is executed in smb_thread_init().
*
* Transition T1
*
* This transition is executed in smb_thread_start().
*
* Transition T2
*
* This transition is executed by the thread itself when it starts running.
*
* Transition T3
*
* This transition is executed by the thread itself in
* smb_thread_entry_point() just before calling thread_exit().
*
*
* Transition T4
*
* This transition is executed in smb_thread_stop().
*
* Transition T5
*
* This transition is executed in smb_thread_destroy().
*
* Comments
* --------
*
* The field smb_thread_aw_t contains a function pointer that knows how to
* awake the thread. It is a temporary solution to work around the fact that
* kernel threads (not part of a userspace process) cannot be signaled.
*/
typedef enum smb_thread_state {
struct _smb_thread;
typedef struct _smb_thread {
char sth_name[16];
void *sth_ep_arg;
void *sth_aw_arg;
} smb_thread_t;
/*
* Pool of IDs
* -----------
*
* A pool of IDs is a pool of 16 bit numbers. It is implemented as a bitmap.
* A bit set to '1' indicates that that particular value has been allocated.
* The allocation process is done shifting a bit through the whole bitmap.
* The current position of that index bit is kept in the smb_idpool_t
* structure and represented by a byte index (0 to buffer size minus 1) and
* a bit index (0 to 7).
*
* The pools start with a size of 8 bytes or 64 IDs. Each time the pool runs
* out of IDs its current size is doubled until it reaches its maximum size
* (8192 bytes or 65536 IDs). The IDs 0 and 65535 are never given out which
* means that a pool can have a maximum number of 65534 IDs available.
*/
typedef struct smb_idpool {
} smb_idpool_t;
/*
* Maximum size of a Netbios Request.
* 0x1FFFF -> Maximum size of the data
* 4 -> Size of the Netbios header
*/
typedef struct {
int tb_len;
} smb_txbuf_t;
typedef struct {
} smb_txlst_t;
/*
* IR104720 Experiments with Windows 2000 indicate that we achieve better
* SmbWriteX performance with a buffer size of 64KB instead of the 37KB
* used with Windows NT4.0. Previous experiments with NT4.0 resulted in
* directory listing problems so this buffer size is configurable based
* on the end-user environment. When in doubt use 37KB.
*
* smb_maxbufsize (smb_negotiate.c) is setup from SMB_NT_MAXBUF during
* initialization.
*/
#define NBMAXBUF 8
extern int smb_maxbufsize;
#define SMBHEADERSIZE 32
#define SMBND_HASH_MASK (0xFF)
#define MAX_IOVEC 512
#define SMB_WORKER_MIN 4
#define SMB_WORKER_DEFAULT 64
#define SMB_WORKER_MAX 1024
/*
* Fix align a pointer or offset appropriately so that fields will not
* cross word boundaries.
*/
#define PTRALIGN(x) \
/*
*/
/*
* All 4 different time / date formats that will bee seen in SMB
*/
typedef struct {
} SMB_DATE;
typedef struct {
} SMB_TIME;
typedef struct smb_malloc_list {
struct smb_malloc_list *forw;
struct smb_malloc_list *back;
typedef struct smb_llist {
} smb_llist_t;
typedef struct smb_slist {
} smb_slist_t;
typedef struct {
} smb_rwx_t;
/* NOTIFY CHANGE */
typedef struct smb_notify_change_req {
/*
* SMB operates over a NetBIOS-over-TCP transport (NBT) or directly
* over TCP, which is also known as direct hosted NetBIOS-less SMB
* or SMB-over-TCP.
*
* NBT messages have a 4-byte header that defines the message type
* (8-bits), a 7-bit flags field and a 17-bit length.
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | TYPE | FLAGS |E| LENGTH |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
* 8-bit type Defined in RFC 1002
* 7-bit flags Bits 0-6 reserved (must be 0)
* Bit 7: Length extension bit (E)
* 17-bit length Includes bit 7 of the flags byte
*
*
* SMB-over-TCP is defined to use a modified version of the NBT header
* containing an 8-bit message type and 24-bit message length.
*
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | TYPE | LENGTH |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
* 8-bit type Must be 0
* 24-bit length
*
* The following structure is used to represent a generic, in-memory
* SMB transport header; it is not intended to map directly to either
* of the over-the-wire formats.
*/
typedef struct {
} smb_xprt_t;
struct mbuf_chain {
};
typedef struct smb_oplock {
} smb_oplock_t;
#define OPLOCK_FLAG_BREAKING 1
#define OPLOCK_RELEASE_LOCK_RELEASED 0
#define OPLOCK_RELEASE_FILE_CLOSED 1
#define DOS_ATTR_VALID 0x80000000
typedef struct smb_vfs {
} smb_vfs_t;
typedef enum {
typedef struct smb_node {
volatile int flags; /* FILE_NOTIFY_CHANGE_* */
volatile int waiting_event; /* # of clients requesting FCN */
unsigned int what;
/* Credentials for delayed delete */
char od_name[MAXNAMELEN];
} smb_node_t;
#define NODE_FLAGS_NOTIFY_CHANGE 0x10000fff
#define NODE_OPLOCKS_IN_FORCE 0x0000f000
#define NODE_OPLOCK_NONE 0x00000000
#define NODE_EXCLUSIVE_OPLOCK 0x00001000
#define NODE_BATCH_OPLOCK 0x00002000
#define NODE_LEVEL_II_OPLOCK 0x00003000
#define NODE_CAP_LEVEL_II 0x00010000
#define NODE_PROTOCOL_LOCK 0x00020000
#define NODE_READ_ONLY 0x00040000
#define NODE_CREATED_READONLY 0x00080000
#define NODE_FLAGS_WRITE_THROUGH 0x00100000
#define NODE_FLAGS_SYNCATIME 0x00200000
#define NODE_FLAGS_LOCKED 0x00400000
#define NODE_FLAGS_ATTR_VALID 0x00800000
#define NODE_XATTR_DIR 0x01000000
#define NODE_FLAGS_CREATED 0x04000000
#define NODE_FLAGS_CHANGED 0x08000000
#define NODE_FLAGS_WATCH_TREE 0x10000000
#define NODE_FLAGS_SET_SIZE 0x20000000
#define NODE_FLAGS_DELETE_ON_CLOSE 0x40000000
#define NODE_FLAGS_EXECUTABLE 0x80000000
#define NODE_IS_READONLY(node) \
#define EXCLUSIVE_OPLOCK_IN_FORCE(n) \
(OPLOCK_TYPE(n) == NODE_EXCLUSIVE_OPLOCK)
/*
* Based on section 2.6.1.2 (Connection Management) of the June 13,
* 1996 CIFS spec, a server may terminate the transport connection
* due to inactivity. The client software is expected to be able to
* automatically reconnect to the server if this happens. Like much
* of the useful background information, this section appears to
* have been dropped from later revisions of the document.
*
* Each session has an activity timestamp that's updated whenever a
* request is dispatched. If the session is idle, i.e. receives no
* requests, for SMB_SESSION_INACTIVITY_TIMEOUT minutes it will be
* closed.
*
* Each session has an I/O semaphore to serialize communication with
* the client. For example, after receiving a raw-read request, the
* server is not allowed to send an oplock break to the client until
* after it has sent the raw-read data.
*/
/*
* When a connection is set up we need to remember both the client
* (peer) IP address and the local IP address used to establish the
* connection. When a client connects with a vc number of zero, we
* are supposed to abort any existing connections with that client
* (see notes in smb_negotiate.c and smb_session_setup_andx.c). For
* servers with multiple network interfaces or IP aliases, however,
* each interface has to be managed independently since the client
* is not aware of the server configuration. We have to allow the
* client to establish a connection on each interface with a vc
* number of zero without aborting the other connections.
*
* ipaddr: the client (peer) IP address for the session.
* local_ipaddr: the local IP address used to connect to the server.
*/
#define SMB_MAC_KEYSZ 512
struct smb_sign {
unsigned int seqnum;
unsigned int mackey_len;
unsigned int flags;
unsigned char mackey[SMB_MAC_KEYSZ];
};
#define SMB_SIGNING_ENABLED 1
#define SMB_SIGNING_CHECK 2
/*
* Session State Machine
* ---------------------
*
* +-----------------------------+ +------------------------------+
* | SMB_SESSION_STATE_CONNECTED | | SMB_SESSION_STATE_TERMINATED |
* +-----------------------------+ +------------------------------+
* T0| ^
* +--------------------+ |T13
* v |T14 |
* +-------------------------------+ | +--------------------------------+
* | SMB_SESSION_STATE_ESTABLISHED |---+--->| SMB_SESSION_STATE_DISCONNECTED |
* +-------------------------------+ +--------------------------------+
* T1| ^ ^ ^ ^
* +----------+ |T9 | | |
* v | | | |
* +------------------------------+ | | |
* | SMB_SESSION_STATE_NEGOTIATED | | | |
* +------------------------------+ | | |
* ^| ^| | ^ | | |
* +----------------+| || | | | | |
* |+----------------+ || T7| |T8 | | |
* || || | | | | |
* || +----------------+| | | | | |
* || |+----------------+ | | | | |
* || || v | | | |
* || || +-----------------------------------+ T10| | |
* || || | SMB_SESSION_STATE_OPLOCK_BREAKING |----+ | |
* || || +-----------------------------------+ | |
* || ||T5 | |
* || |+-->+-----------------------------------+ T11| |
* || |T6 | SMB_SESSION_STATE_READ_RAW_ACTIVE |------+ |
* || +----+-----------------------------------+ |
* ||T3 |
* |+------->+------------------------------------+ T12|
* |T4 | SMB_SESSION_STATE_WRITE_RAW_ACTIVE |-------+
* +---------+------------------------------------+
*
* Transition T0
*
*
*
* Transition T1
*
*
*
* Transition T2
*
*
*
* Transition T3
*
*
*
* Transition T4
*
*
*
* Transition T5
*
*
*
* Transition T6
*
*
*
* Transition T7
*
*
*
* Transition T8
*
*
*
* Transition T9
*
*
*
* Transition T10
*
*
*
* Transition T11
*
*
*
* Transition T12
*
*
*
* Transition T13
*
*
*
* Transition T14
*
*
*
*/
typedef enum {
struct smb_session {
int s_write_raw_status;
char workstation[SMB_PI_MAX_HOST];
int dialect;
int native_os;
volatile uint32_t s_tree_cnt;
volatile uint32_t s_file_cnt;
unsigned char challenge_key[8];
unsigned char MAC_key[44];
/*
* Maximum negotiated buffer size between SMB client and server
* in SMB_SESSION_SETUP_ANDX
*/
int outpipe_datalen;
int outpipe_cookie;
};
#define SMB_USER_FLAG_GUEST SMB_ATF_GUEST
#define SMB_USER_FLAG_IPC SMB_ATF_ANON
#define SMB_USER_FLAG_ADMIN SMB_ATF_ADMIN
#define SMB_USER_PRIV_TAKE_OWNERSHIP 0x00000001
#define SMB_USER_PRIV_BACKUP 0x00000002
#define SMB_USER_PRIV_RESTORE 0x00000004
#define SMB_USER_PRIV_SECURITY 0x00000008
typedef enum {
typedef struct smb_user {
char *u_name;
char *u_domain;
} smb_user_t;
#define SMB_TREE_TYPENAME_SZ 8
typedef enum {
typedef struct smb_tree {
char t_sharename[MAXNAMELEN];
char t_resource[MAXPATHLEN];
char t_typename[SMB_TREE_TYPENAME_SZ];
} smb_tree_t;
/* Tree access bits */
#define SMB_TREE_NO_ACCESS 0x0000
#define SMB_TREE_READ_ONLY 0x0001
#define SMB_TREE_READ_WRITE 0x0002
/*
* Tree flags
*
* SMB_TREE_FLAG_ACLONCREATE Underlying FS supports ACL on create.
*
* SMB_TREE_FLAG_ACEMASKONACCESS Underlying FS understands 32-bit access mask
*/
#define SMB_TREE_FLAG_OPEN 0x0001
#define SMB_TREE_FLAG_CLOSE 0x0002
#define SMB_TREE_FLAG_ACLONCREATE 0x0004
#define SMB_TREE_FLAG_ACEMASKONACCESS 0x0008
#define SMB_TREE_FLAG_IGNORE_CASE 0x0010
#define SMB_TREE_FLAG_NFS_MOUNTED 0x0020
#define SMB_TREE_FLAG_UFS 0x0040
/*
* SMB_TREE_CASE_INSENSITIVE returns whether operations on a given tree
* will be case-insensitive or not. SMB_TREE_FLAG_IGNORE_CASE is set at
* share set up time based on file system capability and client preference.
*/
#define SMB_TREE_CASE_INSENSITIVE(sr) \
/*
* SMB_TREE_ROOT_FS is called by certain smb_fsop_* functions to make sure
* that a given vnode is in the same file system as the share root.
*/
#define SMB_TREE_IS_READ_ONLY(sr) \
#define PIPE_STATE_AUTH_VERIFY 0x00000001
/*
* The of_ftype of an open file should contain the SMB_FTYPE value
* assumptions are currently made:
*
* File Type Node PipeInfo
* --------- -------- --------
* SMB_FTYPE_DISK Valid Null
* SMB_FTYPE_BYTE_PIPE Undefined Undefined
* SMB_FTYPE_MESG_PIPE Null Valid
* SMB_FTYPE_PRINTER Undefined Undefined
* SMB_FTYPE_UNKNOWN Undefined Undefined
*/
/*
* Some flags for ofile structure
*
* SMB_OFLAGS_SET_DELETE_ON_CLOSE
* Set this flag when the corresponding open operation whose
* DELETE_ON_CLOSE bit of the CreateOptions is set. If any
* open file instance has this bit set, the NODE_FLAGS_DELETE_ON_CLOSE
* will be set for the file node upon close.
*/
#define SMB_OFLAGS_SET_DELETE_ON_CLOSE 0x0004
#define SMB_OFLAGS_LLF_POS_VALID 0x0008
typedef enum {
SMB_OFILE_STATE_OPEN = 0,
typedef struct smb_ofile {
} smb_ofile_t;
/* odir flags bits */
#define SMB_DIR_FLAG_OPEN 0x0001
#define SMB_DIR_FLAG_CLOSE 0x0002
typedef enum {
SMB_ODIR_STATE_OPEN = 0,
typedef struct smb_odir {
char d_pattern[MAXNAMELEN];
struct smb_node *d_dir_snode;
unsigned int d_wildcards;
} smb_odir_t;
typedef struct smb_odir_context {
typedef struct smb_lock {
} smb_lock_t;
#define SMB_LOCK_FLAG_INDEFINITE 0x0004
#define SMB_LOCK_INDEFINITE_WAIT(lock) \
#define SMB_LOCK_TYPE_READWRITE 101
#define SMB_LOCK_TYPE_READONLY 102
struct smb_fqi { /* fs_query_info */
char *path;
char last_comp[MAXNAMELEN];
int last_comp_was_found;
char last_comp_od[MAXNAMELEN];
struct smb_node *last_snode;
};
#define SMB_NULL_FQI_NODES(fqi) \
#define FQM_DIR_MUST_EXIST 1
#define FQM_PATH_MUST_EXIST 2
#define FQM_PATH_MUST_NOT_EXIST 3
#define MYF_OPLOCK_MASK 0x000000F0
#define MYF_OPLOCK_NONE 0x00000000
#define MYF_EXCLUSIVE_OPLOCK 0x00000010
#define MYF_BATCH_OPLOCK 0x00000020
#define MYF_LEVEL_II_OPLOCK 0x00000030
#define MYF_MUST_BE_DIRECTORY 0x00000100
#define MYF_OPLOCK_TYPE(o) ((o) & MYF_OPLOCK_MASK)
/*
* SMB Request State Machine
* -------------------------
*
* T4 +------+ T0
* +--------------------------->| FREE |---------------------------+
* | +------+ |
* +-----------+ |
* | COMPLETED | |
* +-----------+
* ^ |
* | T15 +----------+ v
* +------------+ T6 | | +--------------+
* | CLEANED_UP |<-----------------| CANCELED | | INITIALIZING |
* +------------+ | | +--------------+
* | ^ +----------+ |
* | | ^ ^ ^ ^ |
* | | +-------------+ | | | |
* | | T3 | | | | T13 | T1
* | +-------------------------+ | | +----------------------+ |
* +----------------------------+ | | | | |
* T16 | | | | +-----------+ | |
* | \/ | | T5 | | v
* +-----------------+ | T12 +--------+ | T2 +-----------+
* | EVENT_OCCURRED |------------->| ACTIVE |<--------------------| SUBMITTED |
* +-----------------+ | +--------+ | +-----------+
* ^ | | ^ | |
* | | T8 | | | T7 |
* | T10 T9 | +----------+ | +-------+ | T11
* | | | +-------+ | |
* | | | T14 | | |
* | | v | v |
* +----------------------+ +--------------+
* | WAITING_EVENT | | WAITING_LOCK |
* +----------------------+ +--------------+
*
*
*
*
*
* Transition T0
*
* This transition occurs when the request is allocated and is still under the
* control of the session thread.
*
* Transition T1
*
* This transition occurs when the session thread dispatches a task to treat the
* request.
*
* Transition T2
*
*
*
* Transition T3
*
* A request completes and smbsr_cleanup is called to release resources
* associated with the request (but not the smb_request_t itself). This
* includes references on smb_ofile_t, smb_node_t, and other structures.
* CLEANED_UP state exists to detect if we attempt to cleanup a request
* multiple times and to allow us to detect that we are accessing a
* request that has already been cleaned up.
*
* Transition T4
*
*
*
* Transition T5
*
*
*
* Transition T6
*
*
*
* Transition T7
*
*
*
* Transition T8
*
*
*
* Transition T9
*
*
*
* Transition T10
*
*
*
* Transition T11
*
*
*
* Transition T12
*
*
*
* Transition T13
*
*
*
* Transition T14
*
*
*
* Transition T15
*
* Request processing is completed (control returns from smb_dispatch)
*
* Transition T16
*
* Multipart (andx) request was cleaned up with smbsr_cleanup but more "andx"
* sections remain to be processed.
*
*/
typedef enum smb_req_state {
SMB_REQ_STATE_FREE = 0,
struct smb_request {
struct smb_session *session;
/* Info from session service header */
/* Request buffer excluding NBT header */
void *sr_request_buf;
/* Fields for raw writes */
void *sr_raw_data_buf;
struct mbuf_chain command;
struct mbuf_chain reply;
struct mbuf_chain raw_data;
int andx_prev_wct;
int cur_reply_offset;
int orig_request_hdr;
unsigned int reply_seqnum; /* reply sequence number */
unsigned char first_smb_com; /* command code */
unsigned char smb_com; /* command code */
unsigned char smb_rcls; /* error code class */
unsigned char smb_reh; /* rsvd (AH DOS INT-24 ERR) */
unsigned char smb_wct; /* count of parameter words */
/* Parameters */
/* Data */
struct mbuf_chain smb_data;
unsigned char andx_com;
union {
struct {
char *path;
char *service;
int pwdlen;
char *password;
} tcon;
struct open_param {
/* This is only set by NTTransactCreate */
} open;
struct {
} dirop;
} arg;
};
#define SMB_READ_PROTOCOL(smb_nh_ptr) \
#define SMB_PROTOCOL_MAGIC_INVALID(rd_sr) \
#define SMB_READ_COMMAND(smb_nh_ptr) \
#define SMB_IS_WRITERAW(rd_sr) \
#define SR_FLG_OFFSET 9
#define MAX_TRANS_NAME 64
#define SMB_XA_FLAG_OPEN 0x0001
#define SMB_XA_FLAG_CLOSE 0x0002
#define SMB_XA_FLAG_COMPLETE 0x0004
typedef struct smb_xa {
struct smb_session *xa_session;
unsigned char smb_com; /* which TRANS type */
unsigned char smb_flg; /* flags */
unsigned int reply_seqnum; /* reply sequence number */
/* bit 0 - if set, disconnect TID in smb_tid */
/* bit 1 - if set, transaction is one way */
/* (no final response) */
char *xa_smb_trans_name;
int req_disp_param;
int req_disp_data;
struct mbuf_chain req_setup_mb;
struct mbuf_chain req_param_mb;
struct mbuf_chain req_data_mb;
struct mbuf_chain rep_setup_mb;
struct mbuf_chain rep_param_mb;
struct mbuf_chain rep_data_mb;
} smb_xa_t;
#define SDDF_NO_FLAGS 0
#define SDDF_SUPPRESS_TID 0x0001
#define SDDF_SUPPRESS_UID 0x0002
#define SDDF_SUPPRESS_UNLEASH 0x0004
#define SDDF_SUPPRESS_SHOW 0x0080
#define SDRC_NORMAL_REPLY 0
#define SDRC_DROP_VC 1
#define SDRC_NO_REPLY 2
#define SDRC_ERROR_REPLY 3
#define SDRC_UNIMPLEMENTED 4
#define SDRC_UNSUPPORTED 5
struct vardata_block {
unsigned char tag;
};
#define VAR_BCC ((short)-1)
#define SMB_SI_NBT_CONNECTED 0x01
#define SMB_SI_TCP_CONNECTED 0x02
typedef struct smb_info {
volatile uint64_t si_global_kid;
volatile uint32_t si_uniq_fid;
volatile uint32_t open_trees;
volatile uint32_t open_files;
volatile uint32_t open_users;
} smb_info_t;
#define SMB_INFO_NETBIOS_SESSION_SVC_RUNNING 0x0001
#define SMB_INFO_NETBIOS_SESSION_SVC_FAILED 0x0002
#define SMB_INFO_USER_LEVEL_SECURITY 0x40000000
#define SMB_INFO_ENCRYPT_PASSWORDS 0x80000000
typedef struct {
} smb_error_t;
/*
* This is to be used by Trans2SetFileInfo
* and Trans2SetPathInfo
*/
typedef struct smb_trans2_setinfo {
char *path;
char name[MAXNAMELEN];
#ifdef DEBUG
extern uint_t smb_tsd_key;
#endif
typedef struct smb_tsd {
void (*proc)();
void *arg;
char name[100];
} smb_tsd_t;
#define SMB_INVALID_AMASK -1
#define SMB_INVALID_SHAREMODE -1
#define SMB_INVALID_CRDISPOSITION -1
typedef struct smb_dispatch_table {
int (*sdt_function)(struct smb_request *);
char sdt_dialect;
unsigned char sdt_flags;
/*
* Discretionary Access Control List (DACL)
*
* A Discretionary Access Control List (DACL), often abbreviated to
* ACL, is a list of access controls which either allow or deny access
* for users or groups to a resource. There is a list header followed
* by a list of access control entries (ACE). Each ACE specifies the
* access allowed or denied to a single user or group (identified by
* a SID).
*
* There is another access control list object called a System Access
* Control List (SACL), which is used to control auditing, but no
* support is provideed for SACLs at this time.
*
* ACL header format:
*
* 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
* 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
* +-------------------------------+---------------+---------------+
* | AclSize | Sbz1 | AclRevision |
* +-------------------------------+---------------+---------------+
* | Sbz2 | AceCount |
* +-------------------------------+-------------------------------+
*
* AclRevision specifies the revision level of the ACL. This value should
* be ACL_REVISION, unless the ACL contains an object-specific ACE, in which
* case this value must be ACL_REVISION_DS. All ACEs in an ACL must be at the
* same revision level.
*
* ACE header format:
*
* 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
* 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
* +---------------+-------+-------+---------------+---------------+
* | AceSize | AceFlags | AceType |
* +---------------+-------+-------+---------------+---------------+
*
* Access mask format:
*
* 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
* 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
* +---------------+---------------+-------------------------------+
* |G|G|G|G|Res'd|A| StandardRights| SpecificRights |
* |R|W|E|A| |S| | |
* +-+-------------+---------------+-------------------------------+
*
* typedef struct ACCESS_MASK {
* WORD SpecificRights;
* BYTE StandardRights;
* BYTE AccessSystemAcl : 1;
* BYTE Reserved : 3;
* BYTE GenericAll : 1;
* BYTE GenericExecute : 1;
* BYTE GenericWrite : 1;
* BYTE GenericRead : 1;
* } ACCESS_MASK;
*
*/
#define ACL_REVISION1 1
#define ACL_REVISION2 2
#define MIN_ACL_REVISION2 ACL_REVISION2
#define ACL_REVISION3 3
#define ACL_REVISION4 4
#define MAX_ACL_REVISION ACL_REVISION4
/*
* Current ACE and ACL revision Levels
*/
#define ACE_REVISION 1
#define ACL_REVISION ACL_REVISION2
#define ACL_REVISION_DS ACL_REVISION4
#define ACCESS_ALLOWED_ACE_TYPE 0
#define ACCESS_DENIED_ACE_TYPE 1
#define SYSTEM_AUDIT_ACE_TYPE 2
#define SYSTEM_ALARM_ACE_TYPE 3
/*
* se_flags
* ----------
* Specifies a set of ACE type-specific control flags. This member can be a
* combination of the following values.
*
* CONTAINER_INHERIT_ACE: Child objects that are containers, such as
* directories, inherit the ACE as an effective ACE. The inherited
* ACE is inheritable unless the NO_PROPAGATE_INHERIT_ACE bit flag
* is also set.
*
* INHERIT_ONLY_ACE: Indicates an inherit-only ACE which does not control
* access to the object to which it is attached.
* If this flag is not set,
* the ACE is an effective ACE which controls access to the object
* to which it is attached.
* Both effective and inherit-only ACEs can be inherited
* depending on the state of the other inheritance flags.
*
* INHERITED_ACE: Windows 2000/XP: Indicates that the ACE was inherited.
* The system sets this bit when it propagates an
* inherited ACE to a child object.
*
* NO_PROPAGATE_INHERIT_ACE: If the ACE is inherited by a child object, the
* system clears the OBJECT_INHERIT_ACE and CONTAINER_INHERIT_ACE
* flags in the inherited ACE.
* This prevents the ACE from being inherited by
* subsequent generations of objects.
*
* OBJECT_INHERIT_ACE: Noncontainer child objects inherit the ACE as an
* effective ACE. For child objects that are containers,
* the ACE is inherited as an inherit-only ACE unless the
* NO_PROPAGATE_INHERIT_ACE bit flag is also set.
*/
#define OBJECT_INHERIT_ACE 0x01
#define CONTAINER_INHERIT_ACE 0x02
#define NO_PROPOGATE_INHERIT_ACE 0x04
#define INHERIT_ONLY_ACE 0x08
#define INHERITED_ACE 0x10
#define INHERIT_MASK_ACE 0x1F
/*
* These flags are only used in system audit or alarm ACEs to
* indicate when an audit message should be generated, i.e.
* on successful access or on unsuccessful access.
*/
#define SUCCESSFUL_ACCESS_ACE_FLAG 0x40
#define FAILED_ACCESS_ACE_FLAG 0x80
/*
* se_bsize is the size, in bytes, of ACE as it appears on the wire.
* se_sln is used to sort the ACL when it's required.
*/
typedef struct smb_acehdr {
} smb_acehdr_t;
typedef struct smb_ace {
} smb_ace_t;
/*
* sl_bsize is the size of ACL in bytes as it appears on the wire.
*/
typedef struct smb_acl {
} smb_acl_t;
/*
*/
#define SMB_ACE_HDRSIZE 4
#define SMB_ACL_HDRSIZE 8
/*
* Security Descriptor (SD)
*
* Security descriptors provide protection for objects, for example
* files and directories. It identifies the owner and primary group
* (SIDs) and contains an access control list. When a user tries to
* access an object his SID is compared to the permissions in the
* DACL to determine if access should be allowed or denied. Note that
* this is a simplification because there are other factors, such as
* default behavior and privileges to be taken into account (see also
* access tokens).
*
* The boolean flags have the following meanings when set:
*
* SE_OWNER_DEFAULTED indicates that the SID pointed to by the Owner
* field was provided by a defaulting mechanism rather than explicitly
* provided by the original provider of the security descriptor. This
* may affect the treatment of the SID with respect to inheritance of
* an owner.
*
* SE_GROUP_DEFAULTED indicates that the SID in the Group field was
* provided by a defaulting mechanism rather than explicitly provided
* by the original provider of the security descriptor. This may
* affect the treatment of the SID with respect to inheritance of a
* primary group.
*
* SE_DACL_PRESENT indicates that the security descriptor contains a
* discretionary ACL. If this flag is set and the Dacl field of the
* SECURITY_DESCRIPTOR is null, then a null ACL is explicitly being
* specified.
*
* SE_DACL_DEFAULTED indicates that the ACL pointed to by the Dacl
* field was provided by a defaulting mechanism rather than explicitly
* provided by the original provider of the security descriptor. This
* may affect the treatment of the ACL with respect to inheritance of
* an ACL. This flag is ignored if the DaclPresent flag is not set.
*
* SE_SACL_PRESENT indicates that the security descriptor contains a
* system ACL pointed to by the Sacl field. If this flag is set and
* the Sacl field of the SECURITY_DESCRIPTOR is null, then an empty
* (but present) ACL is being specified.
*
* SE_SACL_DEFAULTED indicates that the ACL pointed to by the Sacl
* field was provided by a defaulting mechanism rather than explicitly
* provided by the original provider of the security descriptor. This
* may affect the treatment of the ACL with respect to inheritance of
* an ACL. This flag is ignored if the SaclPresent flag is not set.
*
* SE_DACL_PROTECTED Prevents ACEs set on the DACL of the parent container
* (and any objects above the parent container in the directory hierarchy)
* from being applied to the object's DACL.
*
* SE_SACL_PROTECTED Prevents ACEs set on the SACL of the parent container
* (and any objects above the parent container in the directory hierarchy)
* from being applied to the object's SACL.
*
* Note that the SE_DACL_PRESENT flag needs to be present to set
* SE_DACL_PROTECTED and SE_SACL_PRESENT needs to be present to set
* SE_SACL_PROTECTED.
*
* SE_SELF_RELATIVE indicates that the security descriptor is in self-
* relative form. In this form, all fields of the security descriptor
* are contiguous in memory and all pointer fields are expressed as
* offsets from the beginning of the security descriptor.
*
* 3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1
* 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0
* +---------------------------------------------------------------+
* | Control |Reserved1 (SBZ)| Revision |
* +---------------------------------------------------------------+
* | Owner |
* +---------------------------------------------------------------+
* | Group |
* +---------------------------------------------------------------+
* | Sacl |
* +---------------------------------------------------------------+
* | Dacl |
* +---------------------------------------------------------------+
*
*/
#define SMB_OWNER_SECINFO 0x0001
#define SMB_GROUP_SECINFO 0x0002
#define SMB_DACL_SECINFO 0x0004
#define SMB_SACL_SECINFO 0x0008
#define SMB_ALL_SECINFO 0x000F
#define SECURITY_DESCRIPTOR_REVISION 1
#define SE_OWNER_DEFAULTED 0x0001
#define SE_GROUP_DEFAULTED 0x0002
#define SE_DACL_PRESENT 0x0004
#define SE_DACL_DEFAULTED 0x0008
#define SE_SACL_PRESENT 0x0010
#define SE_SACL_DEFAULTED 0x0020
#define SE_DACL_AUTO_INHERIT_REQ 0x0100
#define SE_SACL_AUTO_INHERIT_REQ 0x0200
#define SE_DACL_AUTO_INHERITED 0x0400
#define SE_SACL_AUTO_INHERITED 0x0800
#define SE_DACL_PROTECTED 0x1000
#define SE_SACL_PROTECTED 0x2000
#define SE_SELF_RELATIVE 0x8000
#define SE_DACL_INHERITANCE_MASK 0x1500
#define SE_SACL_INHERITANCE_MASK 0x2A00
/*
* Security descriptor structures:
*
* smb_sd_t SD in SMB pointer form
* smb_fssd_t SD in filesystem form
*
* to SD. The items comprising a SMB SD are kept separately in
* filesystem. smb_fssd_t is introduced as a helper to provide
* the required abstraction for CIFS code.
*/
struct smb_sd {
};
/*
* SD header size as it appears on the wire
*/
#define SMB_SD_HDRSIZE 20
/*
* values for smb_fssd.sd_flags
*/
#define SMB_FSSD_FLAGS_DIR 0x01
typedef struct smb_fssd {
} smb_fssd_t;
#ifdef __cplusplus
}
#endif
#endif /* _SMBSRV_SMBVAR_H */