xref: /illumos-gate/usr/src/lib/smbsrv/libmlsvc/common/dssetup_svc.c (revision 3ce33fb052b375020ea4249290d33b834d9f9e75)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
24  */
25 
26 /*
27  * Active Directory Setup RPC interface used by Windows 2000.
28  */
29 
30 #include <synch.h>
31 #include <strings.h>
32 #include <stdlib.h>
33 #include <netdb.h>
34 
35 #include <smbsrv/libsmb.h>
36 #include <smbsrv/libmlrpc.h>
37 #include <smbsrv/libmlsvc.h>
38 #include <smbsrv/ndl/dssetup.ndl>
39 #include <smbsrv/smbinfo.h>
40 #include <smbsrv/nmpipes.h>
41 
42 int dssetup_get_domain_info(ds_primary_domain_info_t *);
43 
44 static int dssetup_DsRoleGetPrimaryDomainInfo(void *, ndr_xa_t *);
45 static uint32_t dssetup_member_server(ds_primary_domain_info_t *, ndr_xa_t *);
46 static uint32_t dssetup_standalone_server(ds_primary_domain_info_t *,
47     ndr_xa_t *);
48 
49 static ndr_stub_table_t dssetup_stub_table[] = {
50 	{ dssetup_DsRoleGetPrimaryDomainInfo,
51 	    DSSETUP_OPNUM_DsRoleGetPrimaryDomainInfo },
52 	{0}
53 };
54 
55 static ndr_service_t dssetup_service = {
56 	"DSSETUP",			/* name */
57 	"Active Directory Setup",	/* desc */
58 	"\\lsarpc",			/* endpoint */
59 	PIPE_LSASS,			/* sec_addr_port */
60 	"3919286a-b10c-11d0-9ba8-00c04fd92ef5",	0,	/* abstract */
61 	NDR_TRANSFER_SYNTAX_UUID,		2,	/* transfer */
62 	0,				/* no bind_instance_size */
63 	0,				/* no bind_req() */
64 	0,				/* no unbind_and_close() */
65 	0,				/* use generic_call_stub() */
66 	&TYPEINFO(dssetup_interface),	/* interface ti */
67 	dssetup_stub_table		/* stub_table */
68 };
69 
70 static ds_primary_domain_info_t ds_info;
71 static mutex_t ds_info_mtx;
72 
73 /*
74  * dssetup_initialize
75  *
76  * This function registers the DSSETUP interface with the RPC runtime
77  * library. It must be called in order to use either the client side
78  * or the server side functions.
79  */
80 void
81 dssetup_initialize(void)
82 {
83 	dssetup_clear_domain_info();
84 	(void) ndr_svc_register(&dssetup_service);
85 }
86 
87 void
88 dssetup_clear_domain_info(void)
89 {
90 	(void) mutex_lock(&ds_info_mtx);
91 
92 	free(ds_info.nt_domain);
93 	free(ds_info.dns_domain);
94 	free(ds_info.forest);
95 	bzero(&ds_info, sizeof (ds_primary_domain_info_t));
96 
97 	(void) mutex_unlock(&ds_info_mtx);
98 }
99 
100 /*
101  * Request for machine role and primary domain information.
102  */
103 static int
104 dssetup_DsRoleGetPrimaryDomainInfo(void *arg, ndr_xa_t *mxa)
105 {
106 	dssetup_DsRoleGetPrimaryDomainInfo_t *param = arg;
107 	dssetup_GetPrimaryDomainInfo_t *info;
108 	ds_primary_domain_info_t *info1;
109 	uint32_t status;
110 	int security_mode;
111 
112 	info = NDR_MALLOC(mxa, sizeof (dssetup_GetPrimaryDomainInfo_t));
113 	if (info == NULL) {
114 		status = NT_STATUS_NO_MEMORY;
115 	} else if (param->level != DS_ROLE_BASIC_INFORMATION) {
116 		status = NT_STATUS_INVALID_LEVEL;
117 	} else {
118 		info->switch_value = param->level;
119 		info1 = &info->ru.info1;
120 
121 		security_mode = smb_config_get_secmode();
122 
123 		if (security_mode == SMB_SECMODE_DOMAIN)
124 			status = dssetup_member_server(info1, mxa);
125 		else
126 			status = dssetup_standalone_server(info1, mxa);
127 	}
128 
129 	if (status != NT_STATUS_SUCCESS) {
130 		bzero(param, sizeof (dssetup_DsRoleGetPrimaryDomainInfo_t));
131 		param->status = NT_SC_ERROR(status);
132 	} else {
133 		param->info = info;
134 		param->status = NT_STATUS_SUCCESS;
135 	}
136 
137 	return (NDR_DRC_OK);
138 }
139 
140 /*
141  * When the machine role is domain member:
142  * 	nt_domain must contain the NetBIOS domain name
143  * 	dns_domain must contain the DNS domain name (cannot be NULL)
144  * 	forest must contain the forest name (cannot be NULL)
145  *
146  * If DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT is set in flags, the domain_guid
147  * must contain the domain UUID.  Otherwise domain_guid is ignored.
148  */
149 static uint32_t
150 dssetup_member_server(ds_primary_domain_info_t *info, ndr_xa_t *mxa)
151 {
152 	char dns_domain[MAXHOSTNAMELEN];
153 	char nt_domain[MAXHOSTNAMELEN];
154 
155 	(void) mutex_lock(&ds_info_mtx);
156 
157 	if ((ds_info.flags & DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT) == 0) {
158 		/*
159 		 * If we don't have the domain GUID, try to get it from a
160 		 * domain controller. Otherwise, use local configuration.
161 		 */
162 		free(ds_info.nt_domain);
163 		free(ds_info.dns_domain);
164 		free(ds_info.forest);
165 		(void) dssetup_get_domain_info(&ds_info);
166 	}
167 
168 	if (ds_info.flags & DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT) {
169 		info->flags = DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT;
170 		info->nt_domain = NDR_STRDUP(mxa, (char *)ds_info.nt_domain);
171 		info->dns_domain = NDR_STRDUP(mxa, (char *)ds_info.dns_domain);
172 		info->forest = NDR_STRDUP(mxa, (char *)ds_info.forest);
173 		bcopy(&ds_info.domain_guid, &info->domain_guid,
174 		    sizeof (ndr_uuid_t));
175 	} else {
176 		if (smb_getdomainname(nt_domain, MAXHOSTNAMELEN) != 0) {
177 			(void) mutex_unlock(&ds_info_mtx);
178 			return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO);
179 		}
180 
181 		if (smb_getfqdomainname(dns_domain, MAXHOSTNAMELEN) != 0) {
182 			(void) mutex_unlock(&ds_info_mtx);
183 			return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO);
184 		}
185 
186 		(void) smb_strlwr(dns_domain);
187 
188 		info->flags = 0;
189 		info->nt_domain = NDR_STRDUP(mxa, nt_domain);
190 		info->dns_domain = NDR_STRDUP(mxa, dns_domain);
191 		info->forest = NDR_STRDUP(mxa, dns_domain);
192 		bzero(&info->domain_guid, sizeof (ndr_uuid_t));
193 	}
194 
195 	(void) mutex_unlock(&ds_info_mtx);
196 
197 	if (info->nt_domain == NULL ||
198 	    info->dns_domain == NULL ||
199 	    info->forest == NULL)
200 		return (NT_STATUS_NO_MEMORY);
201 
202 	info->role = DS_ROLE_MEMBER_SERVER;
203 	return (NT_STATUS_SUCCESS);
204 }
205 
206 /*
207  * When the machine role is standalone:
208  * 	nt_domain must contain the NetBIOS workgroup name
209  * 	dns_domain must be NULL
210  * 	forest must be NULL
211  *
212  * We don't maintain a domain GUID.  When DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT
213  * is not set in flags, domain_guid is ignored.
214  */
215 static uint32_t
216 dssetup_standalone_server(ds_primary_domain_info_t *info, ndr_xa_t *mxa)
217 {
218 	char nt_domain[MAXHOSTNAMELEN];
219 
220 	if (smb_getdomainname(nt_domain, MAXHOSTNAMELEN) != 0)
221 		return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO);
222 
223 	info->nt_domain = NDR_STRDUP(mxa, nt_domain);
224 	if (info->nt_domain == NULL)
225 		return (NT_STATUS_NO_MEMORY);
226 
227 	info->role = DS_ROLE_STANDALONE_SERVER;
228 	info->flags = 0;
229 	info->dns_domain = NULL;
230 	info->forest = NULL;
231 	bzero(&info->domain_guid, sizeof (ndr_uuid_t));
232 	return (NT_STATUS_SUCCESS);
233 }
234