xref: /illumos-gate/usr/src/common/smbsrv/smb_token.c (revision 922d2c76afbee21520ffa2088c4e60dcb80d3945)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 
29 /*
30  * NT Token library (kernel/user)
31  */
32 
33 #ifdef _KERNEL
34 #include <sys/types.h>
35 #include <sys/cmn_err.h>
36 #include <sys/kmem.h>
37 #else /* _KERNEL */
38 #include <stdlib.h>
39 #include <strings.h>
40 #include <syslog.h>
41 #endif /* _KERNEL */
42 
43 #include <smbsrv/string.h>
44 #include <smbsrv/smbinfo.h>
45 #include <smbsrv/smb_token.h>
46 #include <smbsrv/smb_xdr.h>
47 
48 /*
49  * smb_token_query_privilege
50  *
51  * Find out if the specified privilege is enable in the given
52  * access token.
53  */
54 int
55 smb_token_query_privilege(smb_token_t *token, int priv_id)
56 {
57 	smb_privset_t *privset;
58 	int i;
59 
60 	if ((token == NULL) || (token->tkn_privileges == NULL))
61 		return (0);
62 
63 	privset = token->tkn_privileges;
64 	for (i = 0; privset->priv_cnt; i++) {
65 		if (privset->priv[i].luid.lo_part == priv_id) {
66 			if (privset->priv[i].attrs == SE_PRIVILEGE_ENABLED)
67 				return (1);
68 			else
69 				return (0);
70 		}
71 	}
72 
73 	return (0);
74 }
75 
76 #ifndef _KERNEL
77 /*
78  * smb_token_mkselfrel
79  *
80  * encode: structure -> flat buffer (buffer size)
81  * Pre-condition: obj is non-null.
82  */
83 uint8_t *
84 smb_token_mkselfrel(smb_token_t *obj, uint32_t *len)
85 {
86 	uint8_t *buf;
87 	XDR xdrs;
88 
89 	if (!obj) {
90 		syslog(LOG_ERR, "smb_token_mkselfrel: invalid parameter");
91 		return (NULL);
92 	}
93 
94 	*len = xdr_sizeof(xdr_smb_token_t, obj);
95 	buf = (uint8_t *)malloc(*len);
96 	if (!buf) {
97 		syslog(LOG_ERR, "smb_token_mkselfrel: resource shortage");
98 		return (NULL);
99 	}
100 
101 	xdrmem_create(&xdrs, (const caddr_t)buf, *len, XDR_ENCODE);
102 
103 	if (!xdr_smb_token_t(&xdrs, obj)) {
104 		syslog(LOG_ERR, "smb_token_mkselfrel: XDR encode error");
105 		*len = 0;
106 		free(buf);
107 		buf = NULL;
108 	}
109 
110 	xdr_destroy(&xdrs);
111 	return (buf);
112 }
113 
114 /*
115  * netr_client_mkabsolute
116  *
117  * decode: flat buffer -> structure
118  */
119 netr_client_t *
120 netr_client_mkabsolute(uint8_t *buf, uint32_t len)
121 {
122 	netr_client_t *obj;
123 	XDR xdrs;
124 
125 	xdrmem_create(&xdrs, (const caddr_t)buf, len, XDR_DECODE);
126 	obj = (netr_client_t *)malloc(sizeof (netr_client_t));
127 	if (!obj) {
128 		syslog(LOG_ERR, "netr_client_mkabsolute: resource shortage");
129 		xdr_destroy(&xdrs);
130 		return (NULL);
131 	}
132 
133 	bzero(obj, sizeof (netr_client_t));
134 	if (!xdr_netr_client_t(&xdrs, obj)) {
135 		syslog(LOG_ERR, "netr_client_mkabsolute: XDR decode error");
136 		free(obj);
137 		obj = NULL;
138 	}
139 
140 	xdr_destroy(&xdrs);
141 	return (obj);
142 }
143 
144 void
145 netr_client_xfree(netr_client_t *clnt)
146 {
147 	xdr_free(xdr_netr_client_t, (char *)clnt);
148 	free(clnt);
149 }
150 #else /* _KERNEL */
151 /*
152  * smb_token_mkabsolute
153  *
154  * decode: flat buffer -> structure
155  */
156 smb_token_t *
157 smb_token_mkabsolute(uint8_t *buf, uint32_t len)
158 {
159 	smb_token_t *obj;
160 	XDR xdrs;
161 
162 	xdrmem_create(&xdrs, (const caddr_t)buf, len, XDR_DECODE);
163 	obj = kmem_zalloc(sizeof (smb_token_t), KM_SLEEP);
164 
165 	if (!xdr_smb_token_t(&xdrs, obj)) {
166 		cmn_err(CE_NOTE, "smb_token_mkabsolute: XDR decode error");
167 		kmem_free(obj, sizeof (smb_token_t));
168 		obj = NULL;
169 	}
170 
171 	xdr_destroy(&xdrs);
172 	return (obj);
173 }
174 
175 /*
176  * netr_client_mkselfrel
177  *
178  * encode: structure -> flat buffer (buffer size)
179  * Pre-condition: obj is non-null.
180  */
181 uint8_t *
182 netr_client_mkselfrel(netr_client_t *obj, uint32_t *len)
183 {
184 	uint8_t *buf;
185 	XDR xdrs;
186 
187 	*len = xdr_sizeof(xdr_netr_client_t, obj);
188 	buf = kmem_alloc(*len, KM_SLEEP);
189 
190 	xdrmem_create(&xdrs, (const caddr_t)buf, *len, XDR_ENCODE);
191 
192 	if (!xdr_netr_client_t(&xdrs, obj)) {
193 		cmn_err(CE_NOTE, "netr_client_mkselfrel: XDR encode error");
194 		kmem_free(buf, *len);
195 		*len = 0;
196 		buf = NULL;
197 	}
198 
199 	xdr_destroy(&xdrs);
200 	return (buf);
201 }
202 
203 void
204 smb_token_free(smb_token_t *token)
205 {
206 	if (!token)
207 		return;
208 
209 	/*
210 	 * deallocate any pointer field of an access token object
211 	 * using xdr_free since they are created by the XDR decode
212 	 * operation.
213 	 */
214 	xdr_free(xdr_smb_token_t, (char *)token);
215 	kmem_free(token, sizeof (smb_token_t));
216 }
217 #endif /* _KERNEL */
218