3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2018 Nexenta Systems, Inc. All rights reserved.
24 */
25
26 /*
27 * SMB server interface to idmap
28 * (smb_idmap_get..., smb_idmap_batch_...)
29 *
30 * There are three implementations of this interface.
31 * This is the kernel version of these routines. See also:
32 * $SRC/lib/smbsrv/libfksmbsrv/common/fksmb_idmap.c
33 * $SRC/lib/smbsrv/libsmb/common/smb_idmap.c
34 *
35 * There are enough differences (relative to the code size)
36 * that it's more trouble than it's worth to merge them.
37 *
38 * This one differs from the others in that it:
39 * calls kernel (kidmap_...) interfaces
40 * returned domain SIDs are shared, not strdup'ed
41 */
42
43 /*
66 #include <smbsrv/smb_idmap.h>
67
68 #include <sys/sid.h>
69 #include <sys/priv_names.h>
70
71 static int smb_idmap_batch_binsid(smb_idmap_batch_t *sib);
72
73 /*
74 * smb_idmap_getsid
75 *
76 * Maps the given Solaris ID to a Windows SID using the
77 * simple mapping API.
78 */
79 idmap_stat
80 smb_idmap_getsid(uid_t id, int idtype, smb_sid_t **sid)
81 {
82 smb_idmap_t sim;
83
84 switch (idtype) {
85 case SMB_IDMAP_USER:
86 sim.sim_stat = kidmap_getsidbyuid(global_zone, id,
87 (const char **)&sim.sim_domsid, &sim.sim_rid);
88 break;
89
90 case SMB_IDMAP_GROUP:
91 sim.sim_stat = kidmap_getsidbygid(global_zone, id,
92 (const char **)&sim.sim_domsid, &sim.sim_rid);
93 break;
94
95 case SMB_IDMAP_EVERYONE:
96 /* Everyone S-1-1-0 */
97 sim.sim_domsid = "S-1-1";
98 sim.sim_rid = 0;
99 sim.sim_stat = IDMAP_SUCCESS;
100 break;
101
102 default:
103 ASSERT(0);
104 return (IDMAP_ERR_ARG);
105 }
106
107 /*
108 * IDMAP_ERR_NOTFOUND is an advisory error
109 * and idmap will generate a local sid.
110 */
111 if (sim.sim_stat == IDMAP_ERR_NOTFOUND &&
133 /*
134 * smb_idmap_getid
135 *
136 * Maps the given Windows SID to a Unix ID using the
137 * simple mapping API.
138 */
139 idmap_stat
140 smb_idmap_getid(smb_sid_t *sid, uid_t *id, int *idtype)
141 {
142 smb_idmap_t sim;
143 char sidstr[SMB_SID_STRSZ];
144
145 smb_sid_tostr(sid, sidstr);
146 if (smb_sid_splitstr(sidstr, &sim.sim_rid) != 0)
147 return (IDMAP_ERR_SID);
148 sim.sim_domsid = sidstr;
149 sim.sim_id = id;
150
151 switch (*idtype) {
152 case SMB_IDMAP_USER:
153 sim.sim_stat = kidmap_getuidbysid(global_zone, sim.sim_domsid,
154 sim.sim_rid, sim.sim_id);
155 break;
156
157 case SMB_IDMAP_GROUP:
158 sim.sim_stat = kidmap_getgidbysid(global_zone, sim.sim_domsid,
159 sim.sim_rid, sim.sim_id);
160 break;
161
162 case SMB_IDMAP_UNKNOWN:
163 sim.sim_stat = kidmap_getpidbysid(global_zone, sim.sim_domsid,
164 sim.sim_rid, sim.sim_id, &sim.sim_idtype);
165 break;
166
167 default:
168 ASSERT(0);
169 return (IDMAP_ERR_ARG);
170 }
171
172 *idtype = sim.sim_idtype;
173
174 return (sim.sim_stat);
175 }
176
177 /*
178 * smb_idmap_batch_create
179 *
180 * Creates and initializes the context for batch ID mapping.
181 */
182 idmap_stat
183 smb_idmap_batch_create(smb_idmap_batch_t *sib, uint16_t nmap, int flags)
184 {
185 ASSERT(sib != NULL);
186
187 bzero(sib, sizeof (smb_idmap_batch_t));
188
189 sib->sib_idmaph = kidmap_get_create(global_zone);
190
191 sib->sib_flags = flags;
192 sib->sib_nmap = nmap;
193 sib->sib_size = nmap * sizeof (smb_idmap_t);
194 sib->sib_maps = kmem_zalloc(sib->sib_size, KM_SLEEP);
195
196 return (IDMAP_SUCCESS);
197 }
198
199 /*
200 * smb_idmap_batch_destroy
201 *
202 * Frees the batch ID mapping context.
203 * If ID mapping is Solaris -> Windows it frees memories
204 * allocated for binary SIDs.
205 */
206 void
207 smb_idmap_batch_destroy(smb_idmap_batch_t *sib)
208 {
209 char *domsid;
|
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2020 Nexenta by DDN, Inc. All rights reserved.
24 */
25
26 /*
27 * SMB server interface to idmap
28 * (smb_idmap_get..., smb_idmap_batch_...)
29 *
30 * There are three implementations of this interface.
31 * This is the kernel version of these routines. See also:
32 * $SRC/lib/smbsrv/libfksmbsrv/common/fksmb_idmap.c
33 * $SRC/lib/smbsrv/libsmb/common/smb_idmap.c
34 *
35 * There are enough differences (relative to the code size)
36 * that it's more trouble than it's worth to merge them.
37 *
38 * This one differs from the others in that it:
39 * calls kernel (kidmap_...) interfaces
40 * returned domain SIDs are shared, not strdup'ed
41 */
42
43 /*
66 #include <smbsrv/smb_idmap.h>
67
68 #include <sys/sid.h>
69 #include <sys/priv_names.h>
70
71 static int smb_idmap_batch_binsid(smb_idmap_batch_t *sib);
72
73 /*
74 * smb_idmap_getsid
75 *
76 * Maps the given Solaris ID to a Windows SID using the
77 * simple mapping API.
78 */
79 idmap_stat
80 smb_idmap_getsid(uid_t id, int idtype, smb_sid_t **sid)
81 {
82 smb_idmap_t sim;
83
84 switch (idtype) {
85 case SMB_IDMAP_USER:
86 sim.sim_stat = kidmap_getsidbyuid(curzone, id,
87 (const char **)&sim.sim_domsid, &sim.sim_rid);
88 break;
89
90 case SMB_IDMAP_GROUP:
91 sim.sim_stat = kidmap_getsidbygid(curzone, id,
92 (const char **)&sim.sim_domsid, &sim.sim_rid);
93 break;
94
95 case SMB_IDMAP_EVERYONE:
96 /* Everyone S-1-1-0 */
97 sim.sim_domsid = "S-1-1";
98 sim.sim_rid = 0;
99 sim.sim_stat = IDMAP_SUCCESS;
100 break;
101
102 default:
103 ASSERT(0);
104 return (IDMAP_ERR_ARG);
105 }
106
107 /*
108 * IDMAP_ERR_NOTFOUND is an advisory error
109 * and idmap will generate a local sid.
110 */
111 if (sim.sim_stat == IDMAP_ERR_NOTFOUND &&
133 /*
134 * smb_idmap_getid
135 *
136 * Maps the given Windows SID to a Unix ID using the
137 * simple mapping API.
138 */
139 idmap_stat
140 smb_idmap_getid(smb_sid_t *sid, uid_t *id, int *idtype)
141 {
142 smb_idmap_t sim;
143 char sidstr[SMB_SID_STRSZ];
144
145 smb_sid_tostr(sid, sidstr);
146 if (smb_sid_splitstr(sidstr, &sim.sim_rid) != 0)
147 return (IDMAP_ERR_SID);
148 sim.sim_domsid = sidstr;
149 sim.sim_id = id;
150
151 switch (*idtype) {
152 case SMB_IDMAP_USER:
153 sim.sim_stat = kidmap_getuidbysid(curzone, sim.sim_domsid,
154 sim.sim_rid, sim.sim_id);
155 break;
156
157 case SMB_IDMAP_GROUP:
158 sim.sim_stat = kidmap_getgidbysid(curzone, sim.sim_domsid,
159 sim.sim_rid, sim.sim_id);
160 break;
161
162 case SMB_IDMAP_UNKNOWN:
163 sim.sim_stat = kidmap_getpidbysid(curzone, sim.sim_domsid,
164 sim.sim_rid, sim.sim_id, &sim.sim_idtype);
165 break;
166
167 default:
168 ASSERT(0);
169 return (IDMAP_ERR_ARG);
170 }
171
172 *idtype = sim.sim_idtype;
173
174 return (sim.sim_stat);
175 }
176
177 /*
178 * smb_idmap_batch_create
179 *
180 * Creates and initializes the context for batch ID mapping.
181 */
182 idmap_stat
183 smb_idmap_batch_create(smb_idmap_batch_t *sib, uint16_t nmap, int flags)
184 {
185 ASSERT(sib != NULL);
186
187 bzero(sib, sizeof (smb_idmap_batch_t));
188
189 sib->sib_idmaph = kidmap_get_create(curzone);
190
191 sib->sib_flags = flags;
192 sib->sib_nmap = nmap;
193 sib->sib_size = nmap * sizeof (smb_idmap_t);
194 sib->sib_maps = kmem_zalloc(sib->sib_size, KM_SLEEP);
195
196 return (IDMAP_SUCCESS);
197 }
198
199 /*
200 * smb_idmap_batch_destroy
201 *
202 * Frees the batch ID mapping context.
203 * If ID mapping is Solaris -> Windows it frees memories
204 * allocated for binary SIDs.
205 */
206 void
207 smb_idmap_batch_destroy(smb_idmap_batch_t *sib)
208 {
209 char *domsid;
|