/*
* CDDL HEADER START
*
* The contents of this file are subject to the terms of the
* Common Development and Distribution License (the "License").
* You may not use this file except in compliance with the License.
*
* You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
* See the License for the specific language governing permissions
* and limitations under the License.
*
* When distributing Covered Code, include this CDDL HEADER in each
* file and include the License file at usr/src/OPENSOLARIS.LICENSE.
* If applicable, add the following below this CDDL HEADER, with the
* fields enclosed by brackets "[]" replaced with your own identifying
* information: Portions Copyright [yyyy] [name of copyright owner]
*
* CDDL HEADER END
*/
/*
*/
#include <assert.h>
#include <stdarg.h>
#include <unistd.h>
#include <stdlib.h>
#include <time.h>
#include <synch.h>
#include <syslog.h>
#include <string.h>
#include <strings.h>
#include <errno.h>
#include <netdb.h>
#include <resolv.h>
static void smb_getmachineguid(char *, size_t);
/*
* IPC connection information that may be passed to the SMB Client.
*/
typedef struct {
} smb_ipc_t;
/*
* SMB revision
*/
typedef struct smb_revision {
static void smb_str2rev(char *, smb_revision_t *);
/*
* Some older clients (Windows 98) only handle the low byte
* of the max workers value. If the low byte is less than
* SMB_PI_MAX_WORKERS_MIN set it to SMB_PI_MAX_WORKERS_MIN.
*/
void
{
}
if (citem < SMB_PI_MIN_KEEPALIVE)
else if (citem > SMB_PI_MAX_KEEPALIVE)
if ((kcfg->skc_maxconnections == 0) ||
sizeof (kcfg->skc_nbdomain));
sizeof (kcfg->skc_hostname));
sizeof (kcfg->skc_system_comment));
}
static void
{
int rc;
}
}
/*
* Get the current system NetBIOS name. The hostname is truncated at
* the first `.` or 15 bytes, whichever occurs first, and converted
* to uppercase (by smb_gethostname). Text that appears after the
* first '.' is considered to be part of the NetBIOS scope.
*
* Returns 0 on success, otherwise -1 to indicate an error.
*/
int
{
return (-1);
if (buflen >= NETBIOS_NAME_SZ)
return (0);
}
/*
* Get the SAM account of the current system.
* Returns 0 on success, otherwise, -1 to indicate an error.
*/
int
{
return (-1);
return (0);
}
/*
* smb_is_samaccount
*
* This function returns B_TRUE if the specified account is the system SAM
* account. Return B_FALSE otherwise.
*/
{
return (B_FALSE);
return (B_FALSE);
return (B_TRUE);
}
/*
* Get the current system node name. The returned name is guaranteed
* to be null-terminated (gethostname may not null terminate the name).
* If the hostname has been fully-qualified for some reason, the domain
* part will be removed. The returned hostname is converted to the
* specified case (lower, upper, or preserved).
*
* If gethostname fails, the returned buffer will contain an empty
* string.
*/
int
{
char *p;
return (-1);
*buf = '\0';
return (-1);
}
*p = '\0';
switch (which) {
case SMB_CASE_LOWER:
(void) smb_strlwr(buf);
break;
case SMB_CASE_UPPER:
(void) smb_strupr(buf);
break;
case SMB_CASE_PRESERVE:
default:
break;
}
return (0);
}
/*
* Obtain the fully-qualified DNS name for this machine in lower case.
*/
int
{
hostname[0] = '\0';
domain[0] = '\0';
SMB_CASE_LOWER) != 0)
return (-1);
return (-1);
if (hostname[0] == '\0')
return (-1);
if (domain[0] == '\0') {
return (0);
}
return (0);
}
/*
* Returns NETBIOS name of the domain if the system is in domain
* mode. Or returns workgroup name if the system is in workgroup
* mode.
*/
int
{
int rc;
return (-1);
*buf = '\0';
return (-1);
return (0);
}
/*
* Returns fully-qualified DNS name of the AD domain.
*
* The domain name returned by this function should not be used for generating
* a fully-qualified hostname of either the local system or domain controllers
* if disjoint namespace is intended.
*/
int
{
return (-1);
*buf = '\0';
if (smb_config_get_secmode() != SMB_SECMODE_DOMAIN)
return (-1);
(*buf == '\0'))
return (-1);
return (0);
}
/* Primary DNS suffix of the local system */
int
{
*buf == '\0')
return (-1);
return (0);
}
/*
* Get domain name from resolver. (/etc/resolv.conf)
*/
int
{
return (-1);
*buf = '\0';
return (-1);
return (-1);
}
return (0);
}
/*
* Fully qualified DNS domain name of the local system.
*
* If primary DNS suffix is configured, that's the fully qualified domain name
* of the local system regardless of whether it's in domain or workgroup mode.
* Otherwise, if the local system is in domain mode, the fully-qualified name
* of the AD domain is returned. If the system is in workgroup mode, the local
* domain obtained via resolver is returned
*
* The domain name returned by this function should not be used for generating
* a fully-qualified hostname of a domain controller if disjoint namespace is
* intended.
*
* Returns 0 upon success. Otherwise, returns -1.
*/
int
{
return (-1);
*buf = '\0';
return (0);
return (0);
}
/*
* smb_set_machine_passwd
*
* This function should be used when setting the machine password property.
* The associated sequence number is incremented.
*/
int
{
return (-1);
(void) mutex_lock(&seqnum_mtx);
== SMBD_SMF_OK)
rc = 0;
(void) mutex_unlock(&seqnum_mtx);
return (rc);
}
int
{
int rc;
return (-1);
return (0);
}
static int
{
int rc;
if (buflen < SMBAUTH_HASH_SZ)
return (-1);
return (-1);
return (-1);
return (rc);
}
/*
* Set up IPC connection credentials.
*/
void
smb_ipc_init(void)
{
int rc;
(void) rw_wrlock(&smb_ipc_lock);
if (rc != 0)
*ipc_info.passwd_hash = 0;
(void) rw_unlock(&smb_ipc_lock);
}
/*
* Set the IPC username and password hash in memory. If the domain
* join succeeds, the credentials will be committed for use with
* authenticated IPC. Otherwise, they should be rolled back.
*/
int
{
return (-1);
(void) rw_wrlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
return (0);
}
/*
* Save the host credentials to be used for authenticated IPC.
* The credentials are also saved to the original IPC info as
* rollback data in case the join domain process fails later.
*/
void
smb_ipc_commit(void)
{
(void) rw_wrlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
}
/*
* Restore the original credentials
*/
void
smb_ipc_rollback(void)
{
(void) rw_wrlock(&smb_ipc_lock);
sizeof (ipc_info.passwd_hash));
(void) rw_unlock(&smb_ipc_lock);
}
void
{
(void) rw_rdlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
}
void
{
if (clear_text) {
if (buflen < SMB_IPC_MAXPWDLEN)
return;
(void) rw_rdlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
} else {
if (buflen < SMBAUTH_HASH_SZ)
return;
(void) rw_rdlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
}
}
/*
* Set the context of the IPC call. The context is set to B_TRUE if the call
* is within the user command(like smbadm(1M)) context.
*/
void
{
(void) rw_wrlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
}
/*
* Get the context of the IPC call. Returns B_TRUE if the IPC call is called
* from a user command(like smbadm(1M)) context. Returns B_FALSE otherwise.
*/
smb_ipc_get_ctx(void)
{
(void) rw_rdlock(&smb_ipc_lock);
(void) rw_unlock(&smb_ipc_lock);
return (ret);
}
/*
* smb_match_netlogon_seqnum
*
* A sequence number is associated with each machine password property
* update and the netlogon credential chain setup. If the
* sequence numbers don't match, a NETLOGON credential chain
* establishment is required.
*
* Returns 0 if kpasswd_seqnum equals to netlogon_seqnum. Otherwise,
* returns -1.
*/
{
(void) mutex_lock(&seqnum_mtx);
(void) mutex_unlock(&seqnum_mtx);
return (setpasswd_seqnum == netlogon_seqnum);
}
/*
* smb_setdomainprops
*
* For kclient(1M) only.
*
* After a successful domain join via kclient, kpasswd_domain,
* kpasswd_server and machine_password properties will be updated
* accordingly.
*
* The kpasswd_domain property is the AD domain to which the system
* is joined via kclient.
*/
int
{
return (-1);
return (-1);
return (-1);
return (-1);
if (smb_set_machine_passwd(passwd) != 0)
return (-1);
return (0);
}
/*
* smb_update_netlogon_seqnum
*
* This function should only be called upon a successful netlogon
* credential chain establishment to set the sequence number of the
* netlogon to match with that of the kpasswd.
*/
void
{
(void) mutex_lock(&seqnum_mtx);
(void) mutex_unlock(&seqnum_mtx);
}
/*
* Temporary fbt for dtrace until user space sdt enabled.
*/
void
{
}
/*
* Temporary fbt for dtrace until user space sdt enabled.
*/
void
smb_trace(const char *s)
{
}
/*
* smb_tonetbiosname
*
* Creates a NetBIOS name based on the given name and suffix.
* NetBIOS name is 15 capital characters, padded with space if needed
* and the 16th byte is the suffix.
*/
void
{
int len;
len = 0;
if (rc > 0)
}
if (len) {
(void) smb_strupr(tmp_name);
}
}
int
{
int i, cnt;
return (0);
return (0);
for (i = 0; i < cnt; i++) {
if (i >= sz)
break;
INET_ADDRSTRLEN)) {
continue;
}
INET6_ADDRSTRLEN)) {
}
}
return (i);
}
/*
* smb_gethostbyname
*
* Looks up a host by the given name. The host entry can come
* from any of the sources for hosts specified in the
* /etc/nsswitch.conf and the NetBIOS cache.
*
* XXX Invokes nbt_name_resolve API once the NBTD is integrated
* to look in the NetBIOS cache if getipnodebyname fails.
*
* Caller should invoke freehostent to free the returned hostent.
*/
struct hostent *
{
struct hostent *h;
return (h);
}
/*
* smb_gethostbyaddr
*
* Looks up a host by the given IP address. The host entry can come
* from any of the sources for hosts specified in the
* /etc/nsswitch.conf and the NetBIOS cache.
*
* XXX Invokes nbt API to resolve name by IP once the NBTD is integrated
* to look in the NetBIOS cache if getipnodebyaddr fails.
*
* Caller should invoke freehostent to free the returned hostent.
*/
struct hostent *
{
return (h);
}
/*
* Compares the specified revision with the current revision.
* Returns:
* <0: rev is < current rev
* 0: rev == current rev
* >0: rev > current rev
*/
int
{
sizeof (current_revstr)) != SMBD_SMF_OK)
sizeof (current_revstr));
}
/*
* Sets major and minor revisions by parsing the revision string buffer in
* the format of <major>.<minor> . If the specified revision string doesn't
* contain a '.', the minor revision will be default to 0.
*/
static void
{
char *p;
int len;
} else {
*p = '\0';
else
}
}