xref: /illumos-gate/usr/src/common/smbsrv/smb_token.c (revision 35a5a3587fd94b666239c157d3722745250ccbd7)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 /*
27  * NT Token library (kernel/user)
28  */
29 
30 #ifdef _KERNEL
31 #include <sys/types.h>
32 #include <sys/cmn_err.h>
33 #include <sys/kmem.h>
34 #else /* _KERNEL */
35 #include <stdlib.h>
36 #include <strings.h>
37 #include <syslog.h>
38 #endif /* _KERNEL */
39 
40 #include <smbsrv/string.h>
41 #include <smbsrv/smb_token.h>
42 #include <smbsrv/smb_xdr.h>
43 
44 /*
45  * smb_token_query_privilege
46  *
47  * Find out if the specified privilege is enable in the given
48  * access token.
49  */
50 int
51 smb_token_query_privilege(smb_token_t *token, int priv_id)
52 {
53 	smb_privset_t *privset;
54 	int i;
55 
56 	if ((token == NULL) || (token->tkn_privileges == NULL))
57 		return (0);
58 
59 	privset = token->tkn_privileges;
60 	for (i = 0; privset->priv_cnt; i++) {
61 		if (privset->priv[i].luid.lo_part == priv_id) {
62 			if (privset->priv[i].attrs == SE_PRIVILEGE_ENABLED)
63 				return (1);
64 			else
65 				return (0);
66 		}
67 	}
68 
69 	return (0);
70 }
71 
72 #ifndef _KERNEL
73 /*
74  * smb_token_mkselfrel
75  *
76  * encode: structure -> flat buffer (buffer size)
77  * Pre-condition: obj is non-null.
78  */
79 uint8_t *
80 smb_token_mkselfrel(smb_token_t *obj, uint32_t *len)
81 {
82 	uint8_t *buf;
83 	XDR xdrs;
84 
85 	if (!obj) {
86 		syslog(LOG_ERR, "smb_token_mkselfrel: invalid parameter");
87 		return (NULL);
88 	}
89 
90 	*len = xdr_sizeof(xdr_smb_token_t, obj);
91 	buf = (uint8_t *)malloc(*len);
92 	if (!buf) {
93 		syslog(LOG_ERR, "smb_token_mkselfrel: resource shortage");
94 		return (NULL);
95 	}
96 
97 	xdrmem_create(&xdrs, (const caddr_t)buf, *len, XDR_ENCODE);
98 
99 	if (!xdr_smb_token_t(&xdrs, obj)) {
100 		syslog(LOG_ERR, "smb_token_mkselfrel: XDR encode error");
101 		*len = 0;
102 		free(buf);
103 		buf = NULL;
104 	}
105 
106 	xdr_destroy(&xdrs);
107 	return (buf);
108 }
109 
110 /*
111  * netr_client_mkabsolute
112  *
113  * decode: flat buffer -> structure
114  */
115 netr_client_t *
116 netr_client_mkabsolute(uint8_t *buf, uint32_t len)
117 {
118 	netr_client_t *obj;
119 	XDR xdrs;
120 
121 	xdrmem_create(&xdrs, (const caddr_t)buf, len, XDR_DECODE);
122 	obj = (netr_client_t *)malloc(sizeof (netr_client_t));
123 	if (!obj) {
124 		syslog(LOG_ERR, "netr_client_mkabsolute: resource shortage");
125 		xdr_destroy(&xdrs);
126 		return (NULL);
127 	}
128 
129 	bzero(obj, sizeof (netr_client_t));
130 	if (!xdr_netr_client_t(&xdrs, obj)) {
131 		syslog(LOG_ERR, "netr_client_mkabsolute: XDR decode error");
132 		free(obj);
133 		obj = NULL;
134 	}
135 
136 	xdr_destroy(&xdrs);
137 	return (obj);
138 }
139 
140 void
141 netr_client_xfree(netr_client_t *clnt)
142 {
143 	xdr_free(xdr_netr_client_t, (char *)clnt);
144 	free(clnt);
145 }
146 #else /* _KERNEL */
147 /*
148  * smb_token_mkabsolute
149  *
150  * decode: flat buffer -> structure
151  */
152 smb_token_t *
153 smb_token_mkabsolute(uint8_t *buf, uint32_t len)
154 {
155 	smb_token_t *obj;
156 	XDR xdrs;
157 
158 	xdrmem_create(&xdrs, (const caddr_t)buf, len, XDR_DECODE);
159 	obj = kmem_zalloc(sizeof (smb_token_t), KM_SLEEP);
160 
161 	if (!xdr_smb_token_t(&xdrs, obj)) {
162 		cmn_err(CE_NOTE, "smb_token_mkabsolute: XDR decode error");
163 		kmem_free(obj, sizeof (smb_token_t));
164 		obj = NULL;
165 	}
166 
167 	xdr_destroy(&xdrs);
168 	return (obj);
169 }
170 
171 /*
172  * netr_client_mkselfrel
173  *
174  * encode: structure -> flat buffer (buffer size)
175  * Pre-condition: obj is non-null.
176  */
177 uint8_t *
178 netr_client_mkselfrel(netr_client_t *obj, uint32_t *len)
179 {
180 	uint8_t *buf;
181 	XDR xdrs;
182 
183 	*len = xdr_sizeof(xdr_netr_client_t, obj);
184 	buf = kmem_alloc(*len, KM_SLEEP);
185 
186 	xdrmem_create(&xdrs, (const caddr_t)buf, *len, XDR_ENCODE);
187 
188 	if (!xdr_netr_client_t(&xdrs, obj)) {
189 		cmn_err(CE_NOTE, "netr_client_mkselfrel: XDR encode error");
190 		kmem_free(buf, *len);
191 		*len = 0;
192 		buf = NULL;
193 	}
194 
195 	xdr_destroy(&xdrs);
196 	return (buf);
197 }
198 
199 void
200 smb_token_free(smb_token_t *token)
201 {
202 	if (!token)
203 		return;
204 
205 	/*
206 	 * deallocate any pointer field of an access token object
207 	 * using xdr_free since they are created by the XDR decode
208 	 * operation.
209 	 */
210 	xdr_free(xdr_smb_token_t, (char *)token);
211 	kmem_free(token, sizeof (smb_token_t));
212 }
213 #endif /* _KERNEL */
214