usr/src/common/smbsrv/smb_token.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  *
  25  * Copyright 2013 Nexenta Systems, Inc.  All rights reserved.
  26  */
  27
  28 /*
  29  * NT Token library (kernel/user)
  30  */
  31
  32 #if defined(_KERNEL) || defined(_FAKE_KERNEL)
  33 #include <sys/types.h>
  34 #include <sys/cmn_err.h>
  35 #include <sys/kmem.h>
  36 #else /* _KERNEL */
  37 #include <stdlib.h>
  38 #include <strings.h>
  39 #include <syslog.h>
  40 #endif /* _KERNEL */
  41
  42 #include <smbsrv/string.h>
  43 #include <smbsrv/smb_token.h>
  44 #include <smbsrv/smb_xdr.h>
  45
  46 /*
  47  * smb_token_query_privilege
  48  *
  49  * Find out if the specified privilege is enable in the given
  50  * access token.
  51  */
  52 int
  53 smb_token_query_privilege(smb_token_t *token, int priv_id)
  54 {
  55         smb_privset_t *privset;
  56         int i;
  57
  58         if ((token == NULL) || (token->tkn_privileges == NULL))
  59                 return (0);
  60
  61         privset = token->tkn_privileges;
  62         for (i = 0; privset->priv_cnt; i++) {
  63                 if (privset->priv[i].luid.lo_part == priv_id) {
  64                         if (privset->priv[i].attrs == SE_PRIVILEGE_ENABLED)
  65                                 return (1);
  66                         else
  67                                 return (0);
  68                 }
  69         }
  70
  71         return (0);
  72 }
  73
  74 /*
  75  * Basic sanity check on a token.
  76  */
  77 boolean_t
  78 smb_token_valid(smb_token_t *token)
  79 {
  80         if (token == NULL)
  81                 return (B_FALSE);
  82
  83         if ((token->tkn_user.i_sid == NULL) ||
  84             (token->tkn_owner.i_sid == NULL) ||
  85             (token->tkn_primary_grp.i_sid == NULL) ||
  86             (token->tkn_account_name == NULL) ||
  87             (token->tkn_domain_name == NULL) ||
  88             (token->tkn_posix_grps == NULL))
  89                 return (B_FALSE);
  90
  91         if ((token->tkn_win_grps.i_cnt != 0) &&
  92             (token->tkn_win_grps.i_ids == NULL))
  93                 return (B_FALSE);
  94
  95         return (B_TRUE);
  96 }
  97
  98 #if !defined(_KERNEL) && !defined(_FAKE_KERNEL)
  99 /*
 100  * Encode: structure -> flat buffer (buffer size)
 101  * Pre-condition: obj is non-null.
 102  */
 103 uint8_t *
 104 smb_token_encode(smb_token_t *obj, uint32_t *len)
 105 {
 106         uint8_t *buf;
 107         XDR xdrs;
 108
 109         if (!obj) {
 110                 syslog(LOG_ERR, "smb_token_encode: invalid parameter");
 111                 return (NULL);
 112         }
 113
 114         *len = xdr_sizeof(smb_token_xdr, obj);
 115         buf = (uint8_t *)malloc(*len);
 116         if (!buf) {
 117                 syslog(LOG_ERR, "smb_token_encode: %m");
 118                 return (NULL);
 119         }
 120
 121         xdrmem_create(&xdrs, (const caddr_t)buf, *len, XDR_ENCODE);
 122
 123         if (!smb_token_xdr(&xdrs, obj)) {
 124                 syslog(LOG_ERR, "smb_token_encode: XDR encode error");
 125                 *len = 0;
 126                 free(buf);
 127                 buf = NULL;
 128         }
 129
 130         xdr_destroy(&xdrs);
 131         return (buf);
 132 }
 133
 134 /*
 135  * Decode: flat buffer -> structure
 136  */
 137 smb_logon_t *
 138 smb_logon_decode(uint8_t *buf, uint32_t len)
 139 {
 140         smb_logon_t     *obj;
 141         XDR             xdrs;
 142
 143         xdrmem_create(&xdrs, (const caddr_t)buf, len, XDR_DECODE);
 144
 145         if ((obj = malloc(sizeof (smb_logon_t))) == NULL) {
 146                 syslog(LOG_ERR, "smb_logon_decode: %m");
 147                 xdr_destroy(&xdrs);
 148                 return (NULL);
 149         }
 150
 151         bzero(obj, sizeof (smb_logon_t));
 152         if (!smb_logon_xdr(&xdrs, obj)) {
 153                 syslog(LOG_ERR, "smb_logon_decode: XDR decode error");
 154                 free(obj);
 155                 obj = NULL;
 156         }
 157
 158         xdr_destroy(&xdrs);
 159         return (obj);
 160 }
 161
 162 void
 163 smb_logon_free(smb_logon_t *obj)
 164 {
 165         xdr_free(smb_logon_xdr, (char *)obj);
 166         free(obj);
 167 }
 168 #endif /* _KERNEL */