big-one Udiff usr/src/uts/common/smbsrv/smb

Print this page

NEX-13644 File access audit logging
Reviewed by: Gordon Ross <gordon.ross@nexenta.com>
Reviewed by: Roman Strashkin <roman.strashkin@nexenta.com>
Reviewed by: Saso Kiselkov <saso.kiselkov@nexenta.com>
Reviewed by: Rick McNeal <rick.mcneal@nexenta.com>
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
NEX-3080 SMB1 signing problem with Kerberos auth.
Reviewed by: Bayard Bell <bayard.bell@nexenta.com>
Reviewed by: Dan Fields <dan.fields@nexenta.com>
Reviewed by: Kevin Crowe <kevin.crowe@nexenta.com>
Reviewed by: Matt Barden <Matt.Barden@nexenta.com>
NEX-2485 SMB authentication flood handled poorly
NEX-2225 Unable to join NexentaStor to 2008 AD
SMB-108 Should have comments to relate types with their XDR functions
SMB-56 extended security NTLMSSP, inbound
SMB-50 User-mode SMB server
 Includes work by these authors:
 Thomas Keiser <thomas.keiser@nexenta.com>
 Albert Lee <trisk@nexenta.com>

@@ -20,20 +20,26 @@
  */
 /*
  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  *
- * Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
+ * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
  */
 
 #ifndef _SMB_TOKEN_H
 #define _SMB_TOKEN_H
 
 #include <smbsrv/smb_inet.h>
 #include <smbsrv/smb_privilege.h>
 #include <smbsrv/smb_sid.h>
 
+#if defined(_KERNEL) || defined(_FAKE_KERNEL)
+#include <c2/audit.h>
+#else
+#include <bsm/audit.h>
+#endif
+
 /*
  * Don't want <smbsrv/netrauth.h> in here, but
  * uts/common/fs/smbsrv/smb_authenticate.c
  * wants this.  Todo: cleanup
  */

@@ -69,12 +75,12 @@
  *                      and it's only good for IPC Connection.
  * SMB_ATF_POWERUSER    Token belongs to a Power User member
  * SMB_ATF_BACKUPOP     Token belongs to a Power User member
  * SMB_ATF_ADMIN        Token belongs to a Domain Admins member
  */
-#define SMB_ATF_GUEST           0x00000001
-#define SMB_ATF_ANON            0x00000002
+#define SMB_ATF_ANON            0x00000001
+#define SMB_ATF_GUEST           0x00000002
 #define SMB_ATF_POWERUSER       0x00000004
 #define SMB_ATF_BACKUPOP        0x00000008
 #define SMB_ATF_ADMIN           0x00000010
 
 #define SMB_POSIX_GRPS_SIZE(n) \

@@ -102,10 +108,13 @@
         char            *tkn_domain_name;
         uint32_t        tkn_flags;
         uint32_t        tkn_audit_sid;
         smb_buf32_t     tkn_ssnkey;
         smb_posix_grps_t *tkn_posix_grps;
+        au_id_t         tkn_auid;
+        au_mask_t       tkn_amask;
+        au_asid_t       tkn_asid;
 } smb_token_t;
 
 /*
  * Details required to authenticate a user.
  * See also: smb_logon_xdr()