Print this page
NEX-19057 All zfs/nfs/smb threads in door calls to idle idmap
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
1575 untangle libmlrpc from SMB server
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Reviewed by: Toomas Soome <tsoome@me.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
NEX-4083 Upstream changes from illumos 5917 and 5995
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
NEX-2667 Wrong error when join domain with wrong password
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Bayard Bell <bayard.bell@nexenta.com>
NEX-2286 smbadm join error messages are uninformative
NEX-1638 Updated DC Locator
Includes work by: matt.barden@nexenta.com, kevin.crowe@nexenta.com
NEX-816 smbadm dumps core during first join attempt
SMB-50 User-mode SMB server
Includes work by these authors:
Thomas Keiser <thomas.keiser@nexenta.com>
Albert Lee <trisk@nexenta.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/smbsrv/libsmb/common/smb_doorclnt.c
+++ new/usr/src/lib/smbsrv/libsmb/common/smb_doorclnt.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
|
↓ open down ↓ |
12 lines elided |
↑ open up ↑ |
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 - * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
23 + * Copyright 2019 Nexenta Systems, Inc. All rights reserved.
24 24 */
25 25
26 26 #include <assert.h>
27 27 #include <syslog.h>
28 28 #include <door.h>
29 29 #include <fcntl.h>
30 30 #include <string.h>
31 31 #include <strings.h>
32 32 #include <stdlib.h>
33 33 #include <unistd.h>
34 34 #include <errno.h>
35 35 #include <sys/mman.h>
36 +#include <smb/wintypes.h>
36 37 #include <smbsrv/libsmb.h>
37 -#include <smbsrv/wintypes.h>
38 38 #include <smbsrv/smb_door.h>
39 39
40 40 static int smb_door_call(uint32_t, void *, xdrproc_t, void *, xdrproc_t);
41 41 static int smb_door_call_private(int, smb_doorarg_t *);
42 42 static int smb_door_encode(smb_doorarg_t *, uint32_t);
43 43 static int smb_door_decode(smb_doorarg_t *);
44 44 static void smb_door_sethdr(smb_doorhdr_t *, uint32_t, uint32_t);
45 45 static boolean_t smb_door_chkhdr(smb_doorarg_t *, smb_doorhdr_t *);
46 46 static void smb_door_free(door_arg_t *arg);
47 +static int smb_lookup_name_int(const char *name, sid_type_t sidtype,
48 + lsa_account_t *acct, int);
49 +static int smb_lookup_sid_int(const char *sid, lsa_account_t *acct, int);
47 50
48 51 /*
49 52 * Given a SID, make a door call to get the associated name.
50 53 *
51 54 * Returns 0 if the door call is successful, otherwise -1.
52 55 *
53 56 * If 0 is returned, the lookup result will be available in a_status.
54 57 * NT_STATUS_SUCCESS The SID was mapped to a name.
55 58 * NT_STATUS_NONE_MAPPED The SID could not be mapped to a name.
56 59 */
57 60 int
58 61 smb_lookup_sid(const char *sid, lsa_account_t *acct)
59 62 {
63 + return (smb_lookup_sid_int(sid, acct, SMB_DR_LOOKUP_SID));
64 +}
65 +/*
66 + * Variant of smb_lookup_sid to do a "local-only" lookup.
67 + */
68 +int
69 +smb_lookup_lsid(const char *sid, lsa_account_t *acct)
70 +{
71 + return (smb_lookup_sid_int(sid, acct, SMB_DR_LOOKUP_LSID));
72 +}
73 +
74 +static int
75 +smb_lookup_sid_int(const char *sid, lsa_account_t *acct, int dop)
76 +{
60 77 int rc;
61 78
62 79 assert((sid != NULL) && (acct != NULL));
63 80
64 81 bzero(acct, sizeof (lsa_account_t));
65 82 (void) strlcpy(acct->a_sid, sid, SMB_SID_STRSZ);
66 83
67 - rc = smb_door_call(SMB_DR_LOOKUP_SID, acct, lsa_account_xdr,
84 + rc = smb_door_call(dop, acct, lsa_account_xdr,
68 85 acct, lsa_account_xdr);
69 86
70 87 if (rc != 0)
71 88 syslog(LOG_DEBUG, "smb_lookup_sid: %m");
72 89 return (rc);
73 90 }
74 91
75 92 /*
76 93 * Given a name, make a door call to get the associated SID.
77 94 *
78 95 * Returns 0 if the door call is successful, otherwise -1.
79 96 *
80 97 * If 0 is returned, the lookup result will be available in a_status.
81 98 * NT_STATUS_SUCCESS The name was mapped to a SID.
82 99 * NT_STATUS_NONE_MAPPED The name could not be mapped to a SID.
83 100 */
84 101 int
85 102 smb_lookup_name(const char *name, sid_type_t sidtype, lsa_account_t *acct)
86 103 {
104 + return (smb_lookup_name_int(name, sidtype, acct, SMB_DR_LOOKUP_NAME));
105 +}
106 +
107 +int
108 +smb_lookup_lname(const char *name, sid_type_t sidtype, lsa_account_t *acct)
109 +{
110 + return (smb_lookup_name_int(name, sidtype, acct, SMB_DR_LOOKUP_LNAME));
111 +}
112 +
113 +static int
114 +smb_lookup_name_int(const char *name, sid_type_t sidtype, lsa_account_t *acct,
115 + int dop)
116 +{
87 117 char tmp[MAXNAMELEN];
88 118 char *dp = NULL;
89 119 char *np = NULL;
90 120 int rc;
91 121
92 122 assert((name != NULL) && (acct != NULL));
93 123
94 124 (void) strlcpy(tmp, name, MAXNAMELEN);
95 125 smb_name_parse(tmp, &np, &dp);
96 126
97 127 bzero(acct, sizeof (lsa_account_t));
98 128 acct->a_sidtype = sidtype;
99 129
100 130 if (dp != NULL && np != NULL) {
101 131 (void) strlcpy(acct->a_domain, dp, MAXNAMELEN);
102 132 (void) strlcpy(acct->a_name, np, MAXNAMELEN);
103 133 } else {
104 134 (void) strlcpy(acct->a_name, name, MAXNAMELEN);
105 135 }
106 136
107 - rc = smb_door_call(SMB_DR_LOOKUP_NAME, acct, lsa_account_xdr,
137 + rc = smb_door_call(dop, acct, lsa_account_xdr,
108 138 acct, lsa_account_xdr);
109 139
110 140 if (rc != 0)
111 141 syslog(LOG_DEBUG, "smb_lookup_name: %m");
112 142 return (rc);
113 143 }
114 144
115 145 int
116 146 smb_join(smb_joininfo_t *jdi, smb_joinres_t *jres)
117 147 {
118 148 int rc;
119 149
120 150 rc = smb_door_call(SMB_DR_JOIN, jdi, smb_joininfo_xdr,
121 151 jres, smb_joinres_xdr);
122 152
123 153 if (rc != 0) {
124 154 /*
125 155 * This usually means the SMB service is not running.
126 156 */
127 157 syslog(LOG_DEBUG, "smb_join: %m");
128 158 jres->status = NT_STATUS_SERVER_DISABLED;
129 159 return (rc);
130 160 }
131 161
132 162 return (0);
133 163 }
134 164
135 165 /*
136 166 * Get information about the Domain Controller in the joined resource domain.
137 167 *
138 168 * Returns NT status codes.
139 169 */
140 170 uint32_t
141 171 smb_get_dcinfo(char *namebuf, uint32_t namebuflen, smb_inaddr_t *ipaddr)
142 172 {
143 173 smb_string_t dcname;
144 174 struct hostent *h;
145 175 int rc;
146 176
147 177 assert((namebuf != NULL) && (namebuflen != 0));
148 178 *namebuf = '\0';
149 179 bzero(&dcname, sizeof (smb_string_t));
150 180
151 181 rc = smb_door_call(SMB_DR_GET_DCINFO, NULL, NULL,
152 182 &dcname, smb_string_xdr);
153 183
154 184 if (rc != 0) {
155 185 syslog(LOG_DEBUG, "smb_get_dcinfo: %m");
156 186 if (dcname.buf)
157 187 xdr_free(smb_string_xdr, (char *)&dcname);
158 188 return (NT_STATUS_INTERNAL_ERROR);
159 189 }
160 190
161 191 if (dcname.buf) {
162 192 (void) strlcpy(namebuf, dcname.buf, namebuflen);
163 193
164 194 if ((h = smb_gethostbyname(dcname.buf, &rc)) == NULL) {
165 195 bzero(ipaddr, sizeof (smb_inaddr_t));
166 196 } else {
167 197 (void) memcpy(ipaddr, h->h_addr, h->h_length);
168 198 ipaddr->a_family = h->h_addrtype;
169 199 freehostent(h);
170 200 }
171 201 xdr_free(smb_string_xdr, (char *)&dcname);
172 202 }
173 203
174 204 return (NT_STATUS_SUCCESS);
175 205 }
176 206
177 207 bool_t
178 208 smb_joininfo_xdr(XDR *xdrs, smb_joininfo_t *objp)
179 209 {
180 210 if (!xdr_vector(xdrs, (char *)objp->domain_name, MAXHOSTNAMELEN,
181 211 sizeof (char), (xdrproc_t)xdr_char))
182 212 return (FALSE);
183 213
184 214 if (!xdr_vector(xdrs, (char *)objp->domain_username,
185 215 SMB_USERNAME_MAXLEN + 1, sizeof (char), (xdrproc_t)xdr_char))
186 216 return (FALSE);
187 217
188 218 if (!xdr_vector(xdrs, (char *)objp->domain_passwd,
189 219 SMB_PASSWD_MAXLEN + 1, sizeof (char), (xdrproc_t)xdr_char))
190 220 return (FALSE);
191 221
192 222 if (!xdr_uint32_t(xdrs, &objp->mode))
193 223 return (FALSE);
194 224
195 225 return (TRUE);
196 226 }
197 227
198 228 bool_t
199 229 smb_joinres_xdr(XDR *xdrs, smb_joinres_t *objp)
200 230 {
201 231
202 232 if (!xdr_uint32_t(xdrs, &objp->status))
203 233 return (FALSE);
204 234
205 235 if (!xdr_int(xdrs, &objp->join_err))
206 236 return (FALSE);
207 237
208 238 if (!xdr_vector(xdrs, (char *)objp->dc_name, MAXHOSTNAMELEN,
209 239 sizeof (char), (xdrproc_t)xdr_char))
210 240 return (FALSE);
211 241
212 242 return (TRUE);
213 243 }
214 244
215 245 /*
216 246 * Parameters:
217 247 * fqdn (input) - fully-qualified domain name
218 248 * buf (output) - fully-qualified hostname of the AD server found
219 249 * by this function.
220 250 * buflen (input) - length of the 'buf'
221 251 *
222 252 * Return:
223 253 * B_TRUE if an AD server is found. Otherwise, returns B_FALSE;
224 254 *
225 255 * The buffer passed in should be big enough to hold a fully-qualified
226 256 * hostname (MAXHOSTNAMELEN); otherwise, a truncated string will be
227 257 * returned. On error, an empty string will be returned.
228 258 */
229 259 boolean_t
230 260 smb_find_ads_server(char *fqdn, char *buf, int buflen)
231 261 {
232 262 smb_string_t server;
233 263 smb_string_t domain;
234 264 boolean_t found = B_FALSE;
235 265 int rc;
236 266
237 267 if (fqdn == NULL || buf == NULL) {
238 268 if (buf)
239 269 *buf = '\0';
240 270 return (B_FALSE);
241 271 }
242 272
243 273 bzero(&server, sizeof (smb_string_t));
244 274 *buf = '\0';
245 275
246 276 domain.buf = fqdn;
247 277
248 278 rc = smb_door_call(SMB_DR_ADS_FIND_HOST, &domain, smb_string_xdr,
249 279 &server, smb_string_xdr);
250 280
251 281 if (rc != 0)
252 282 syslog(LOG_DEBUG, "smb_find_ads_server: %m");
253 283
254 284 if (server.buf != NULL) {
255 285 if (*server.buf != '\0') {
256 286 (void) strlcpy(buf, server.buf, buflen);
257 287 found = B_TRUE;
258 288 }
259 289
260 290 xdr_free(smb_string_xdr, (char *)&server);
261 291 }
262 292
263 293 return (found);
264 294 }
265 295
266 296 void
267 297 smb_notify_dc_changed(void)
268 298 {
269 299 int rc;
270 300
271 301 rc = smb_door_call(SMB_DR_NOTIFY_DC_CHANGED,
272 302 NULL, NULL, NULL, NULL);
273 303
274 304 if (rc != 0)
275 305 syslog(LOG_DEBUG, "smb_notify_dc_changed: %m");
276 306 }
277 307
278 308
279 309 /*
280 310 * After a successful door call the local door_arg->data_ptr is assigned
281 311 * to the caller's arg->rbuf so that arg has references to both input and
282 312 * response buffers, which is required by smb_door_free.
283 313 *
284 314 * On success, the object referenced by rsp_data will have been populated
285 315 * by passing rbuf through the rsp_xdr function.
286 316 */
287 317 static int
288 318 smb_door_call(uint32_t cmd, void *req_data, xdrproc_t req_xdr,
289 319 void *rsp_data, xdrproc_t rsp_xdr)
290 320 {
291 321 smb_doorarg_t da;
292 322 int fd;
293 323 int rc;
294 324 char *door_name;
295 325
296 326 bzero(&da, sizeof (smb_doorarg_t));
297 327 da.da_opcode = cmd;
298 328 da.da_opname = smb_doorhdr_opname(cmd);
299 329 da.da_req_xdr = req_xdr;
300 330 da.da_rsp_xdr = rsp_xdr;
301 331 da.da_req_data = req_data;
302 332 da.da_rsp_data = rsp_data;
303 333
304 334 if ((req_data == NULL && req_xdr != NULL) ||
305 335 (rsp_data == NULL && rsp_xdr != NULL)) {
306 336 errno = EINVAL;
307 337 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
308 338 return (-1);
309 339 }
310 340
311 341 door_name = getenv("SMBD_DOOR_NAME");
312 342 if (door_name == NULL)
313 343 door_name = SMBD_DOOR_NAME;
314 344
315 345 if ((fd = open(door_name, O_RDONLY)) < 0) {
316 346 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
317 347 return (-1);
318 348 }
319 349
320 350 if (smb_door_encode(&da, cmd) != 0) {
321 351 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
322 352 (void) close(fd);
323 353 return (-1);
324 354 }
325 355
326 356 if (smb_door_call_private(fd, &da) != 0) {
327 357 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
328 358 smb_door_free(&da.da_arg);
329 359 (void) close(fd);
330 360 return (-1);
331 361 }
332 362
333 363 if ((rc = smb_door_decode(&da)) != 0)
334 364 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
335 365 smb_door_free(&da.da_arg);
336 366 (void) close(fd);
337 367 return (rc);
338 368 }
339 369
340 370 /*
341 371 * We use a copy of the door arg because doorfs may change data_ptr
342 372 * and we want to detect that when freeing the door buffers. After
343 373 * this call, response data must be referenced via rbuf and rsize.
344 374 */
345 375 static int
346 376 smb_door_call_private(int fd, smb_doorarg_t *da)
347 377 {
348 378 door_arg_t door_arg;
349 379 int rc;
350 380 int i;
351 381
352 382 bcopy(&da->da_arg, &door_arg, sizeof (door_arg_t));
353 383
354 384 for (i = 0; i < SMB_DOOR_CALL_RETRIES; ++i) {
355 385 errno = 0;
356 386
357 387 if ((rc = door_call(fd, &door_arg)) == 0)
358 388 break;
359 389
360 390 if (errno != EAGAIN && errno != EINTR)
361 391 return (-1);
362 392 }
363 393
364 394 if (rc != 0 || door_arg.data_size == 0 || door_arg.rsize == 0) {
365 395 if (errno == 0)
366 396 errno = EIO;
367 397 return (-1);
368 398 }
369 399
370 400 da->da_arg.rbuf = door_arg.data_ptr;
371 401 da->da_arg.rsize = door_arg.rsize;
372 402 return (rc);
373 403 }
374 404
375 405 static int
376 406 smb_door_encode(smb_doorarg_t *da, uint32_t cmd)
377 407 {
378 408 XDR xdrs;
379 409 char *buf;
380 410 uint32_t buflen;
381 411
382 412 buflen = xdr_sizeof(smb_doorhdr_xdr, &da->da_hdr);
383 413 if (da->da_req_xdr != NULL)
384 414 buflen += xdr_sizeof(da->da_req_xdr, da->da_req_data);
385 415
386 416 smb_door_sethdr(&da->da_hdr, cmd, buflen);
387 417
388 418 if ((buf = malloc(buflen)) == NULL)
389 419 return (-1);
390 420
391 421 xdrmem_create(&xdrs, buf, buflen, XDR_ENCODE);
392 422
393 423 if (!smb_doorhdr_xdr(&xdrs, &da->da_hdr)) {
394 424 errno = EPROTO;
395 425 free(buf);
396 426 xdr_destroy(&xdrs);
397 427 return (-1);
398 428 }
399 429
400 430 if (da->da_req_xdr != NULL) {
401 431 if (!da->da_req_xdr(&xdrs, da->da_req_data)) {
402 432 errno = EPROTO;
403 433 free(buf);
404 434 xdr_destroy(&xdrs);
405 435 return (-1);
406 436 }
407 437 }
408 438
409 439 da->da_arg.data_ptr = buf;
410 440 da->da_arg.data_size = buflen;
411 441 da->da_arg.desc_ptr = NULL;
412 442 da->da_arg.desc_num = 0;
413 443 da->da_arg.rbuf = buf;
414 444 da->da_arg.rsize = buflen;
415 445
416 446 xdr_destroy(&xdrs);
417 447 return (0);
418 448 }
419 449
420 450 /*
421 451 * Decode the response in rbuf and rsize.
422 452 */
423 453 static int
424 454 smb_door_decode(smb_doorarg_t *da)
425 455 {
426 456 XDR xdrs;
427 457 smb_doorhdr_t hdr;
428 458 char *rbuf = da->da_arg.rbuf;
429 459 uint32_t rsize = da->da_arg.rsize;
430 460
431 461 if (rbuf == NULL || rsize == 0) {
432 462 errno = EINVAL;
433 463 return (-1);
434 464 }
435 465
436 466 xdrmem_create(&xdrs, rbuf, rsize, XDR_DECODE);
437 467
438 468 if (!smb_doorhdr_xdr(&xdrs, &hdr)) {
439 469 errno = EPROTO;
440 470 xdr_destroy(&xdrs);
441 471 return (-1);
442 472 }
443 473
444 474 if (!smb_door_chkhdr(da, &hdr)) {
445 475 errno = EPROTO;
446 476 xdr_destroy(&xdrs);
447 477 return (-1);
448 478 }
449 479
450 480 if (da->da_rsp_xdr != NULL) {
451 481 if (!da->da_rsp_xdr(&xdrs, da->da_rsp_data)) {
452 482 errno = EPROTO;
453 483 xdr_destroy(&xdrs);
454 484 return (-1);
455 485 }
456 486 }
457 487
458 488 xdr_destroy(&xdrs);
459 489 return (0);
460 490 }
461 491
462 492 static void
463 493 smb_door_sethdr(smb_doorhdr_t *hdr, uint32_t cmd, uint32_t datalen)
464 494 {
465 495 bzero(hdr, sizeof (smb_doorhdr_t));
466 496 hdr->dh_magic = SMB_DOOR_HDR_MAGIC;
467 497 hdr->dh_flags = SMB_DF_USERSPACE;
468 498 hdr->dh_op = cmd;
469 499 hdr->dh_txid = smb_get_txid();
470 500 hdr->dh_datalen = datalen;
471 501 hdr->dh_door_rc = SMB_DOP_NOT_CALLED;
472 502 }
473 503
474 504 static boolean_t
475 505 smb_door_chkhdr(smb_doorarg_t *da, smb_doorhdr_t *hdr)
476 506 {
477 507 if ((hdr->dh_magic != SMB_DOOR_HDR_MAGIC) ||
478 508 (hdr->dh_op != da->da_hdr.dh_op) ||
479 509 (hdr->dh_txid != da->da_hdr.dh_txid)) {
480 510 syslog(LOG_DEBUG, "smb_door_chkhdr[%s]: invalid header",
481 511 da->da_opname);
482 512 return (B_FALSE);
483 513 }
484 514
485 515 if (hdr->dh_door_rc != SMB_DOP_SUCCESS) {
486 516 syslog(LOG_DEBUG, "smb_door_chkhdr[%s]: call status=%d",
487 517 da->da_opname, hdr->dh_door_rc);
488 518 return (B_FALSE);
489 519 }
490 520
491 521 return (B_TRUE);
492 522 }
493 523
494 524 /*
495 525 * Free resources allocated for a door call. If the result buffer provided
496 526 * by the client is too small, doorfs will have allocated a new buffer,
497 527 * which must be unmapped here.
498 528 *
499 529 * This function must be called to free both the argument and result door
500 530 * buffers regardless of the status of the door call.
501 531 */
502 532 static void
503 533 smb_door_free(door_arg_t *arg)
504 534 {
505 535 if (arg->rbuf && (arg->rbuf != arg->data_ptr))
506 536 (void) munmap(arg->rbuf, arg->rsize);
507 537
508 538 free(arg->data_ptr);
509 539 }
|
↓ open down ↓ |
392 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX