1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 /* 27 * Server Service RPC (SRVSVC) server-side interface definition. 28 * The server service provides a remote administration interface. 29 * 30 * This service uses NERR/Win32 error codes rather than NT status 31 * values. 32 */ 33 34 #include <sys/errno.h> 35 #include <unistd.h> 36 #include <netdb.h> 37 #include <strings.h> 38 #include <time.h> 39 #include <thread.h> 40 #include <ctype.h> 41 #include <stdlib.h> 42 #include <string.h> 43 #include <sys/types.h> 44 #include <sys/socket.h> 45 #include <netinet/in.h> 46 #include <arpa/inet.h> 47 #include <libshare.h> 48 49 #include <smbsrv/libsmb.h> 50 #include <smbsrv/libmlsvc.h> 51 #include <smbsrv/lmerr.h> 52 #include <smbsrv/nterror.h> 53 #include <smbsrv/nmpipes.h> 54 #include <smbsrv/cifs.h> 55 #include <smbsrv/netrauth.h> 56 #include <smbsrv/ndl/srvsvc.ndl> 57 #include <smbsrv/smb_common_door.h> 58 59 #define SV_TYPE_SENT_BY_ME (SV_TYPE_WORKSTATION | SV_TYPE_SERVER | SV_TYPE_NT) 60 61 /* 62 * Qualifier types for NetConnectEnum. 63 */ 64 #define SRVSVC_CONNECT_ENUM_NULL 0 65 #define SRVSVC_CONNECT_ENUM_SHARE 1 66 #define SRVSVC_CONNECT_ENUM_WKSTN 2 67 68 #define SMB_SRVSVC_MAXBUFLEN (8 * 1024 * 1024) 69 #define SMB_SRVSVC_MAXPREFLEN ((uint32_t)(-1)) 70 71 /* 72 * prefmaxlen: Client specified response buffer limit. 73 * resume_handle: Cookie used to track enumeration across multiple calls. 74 * n_total: Total number of entries. 75 * n_enum: Number of entries to enumerate (derived from prefmaxlen). 76 * n_skip: Number of entries to skip (from incoming resume handle). 77 * n_read: Number of objects returned for current enumeration request. 78 */ 79 typedef struct srvsvc_enum { 80 uint32_t se_level; 81 uint32_t se_prefmaxlen; 82 uint32_t se_resume_handle; 83 uint32_t se_n_total; 84 uint32_t se_n_enum; 85 uint32_t se_n_skip; 86 uint32_t se_n_read; 87 } srvsvc_enum_t; 88 89 static DWORD srvsvc_s_NetConnectEnumLevel0(ndr_xa_t *, 90 srvsvc_NetConnectInfo0_t *); 91 static DWORD srvsvc_s_NetConnectEnumLevel1(ndr_xa_t *, 92 srvsvc_NetConnectInfo1_t *); 93 94 static DWORD srvsvc_NetFileEnum2(ndr_xa_t *, 95 struct mslm_NetFileEnum *); 96 static DWORD srvsvc_NetFileEnum3(ndr_xa_t *, 97 struct mslm_NetFileEnum *); 98 99 static DWORD mlsvc_NetSessionEnumLevel0(struct mslm_infonres *, DWORD, 100 ndr_xa_t *); 101 static DWORD mlsvc_NetSessionEnumLevel1(struct mslm_infonres *, DWORD, 102 ndr_xa_t *); 103 104 static DWORD mlsvc_NetShareEnumLevel0(ndr_xa_t *, 105 struct mslm_infonres *, srvsvc_enum_t *, int); 106 static DWORD mlsvc_NetShareEnumLevel1(ndr_xa_t *, 107 struct mslm_infonres *, srvsvc_enum_t *, int); 108 static DWORD mlsvc_NetShareEnumLevel2(ndr_xa_t *, 109 struct mslm_infonres *, srvsvc_enum_t *, int); 110 static DWORD mlsvc_NetShareEnumLevel501(ndr_xa_t *, 111 struct mslm_infonres *, srvsvc_enum_t *, int); 112 static DWORD mlsvc_NetShareEnumLevel502(ndr_xa_t *, 113 struct mslm_infonres *, srvsvc_enum_t *, int); 114 static DWORD mlsvc_NetShareEnumCommon(ndr_xa_t *, 115 srvsvc_enum_t *, smb_share_t *, void *); 116 static boolean_t srvsvc_add_autohome(ndr_xa_t *, srvsvc_enum_t *, 117 void *); 118 static char *srvsvc_share_mkpath(ndr_xa_t *, char *); 119 120 static int srvsvc_netconnect_qualifier(const char *); 121 static uint32_t srvsvc_estimate_objcnt(uint32_t, uint32_t, uint32_t); 122 123 static uint32_t srvsvc_sa_add(char *, char *, char *); 124 static uint32_t srvsvc_sa_delete(char *); 125 126 static char empty_string[1]; 127 128 static ndr_stub_table_t srvsvc_stub_table[]; 129 130 static ndr_service_t srvsvc_service = { 131 "SRVSVC", /* name */ 132 "Server services", /* desc */ 133 "\\srvsvc", /* endpoint */ 134 PIPE_NTSVCS, /* sec_addr_port */ 135 "4b324fc8-1670-01d3-1278-5a47bf6ee188", 3, /* abstract */ 136 NDR_TRANSFER_SYNTAX_UUID, 2, /* transfer */ 137 0, /* no bind_instance_size */ 138 0, /* no bind_req() */ 139 0, /* no unbind_and_close() */ 140 0, /* use generic_call_stub() */ 141 &TYPEINFO(srvsvc_interface), /* interface ti */ 142 srvsvc_stub_table /* stub_table */ 143 }; 144 145 /* 146 * srvsvc_initialize 147 * 148 * This function registers the SRVSVC RPC interface with the RPC runtime 149 * library. It must be called in order to use either the client side 150 * or the server side functions. 151 */ 152 void 153 srvsvc_initialize(void) 154 { 155 (void) ndr_svc_register(&srvsvc_service); 156 } 157 158 /* 159 * srvsvc_s_NetConnectEnum 160 * 161 * List tree connections made to a share on this server or all tree 162 * connections established from a specific client. Administrator, 163 * Server Operator, Print Operator or Power User group membership 164 * is required to use this interface. 165 * 166 * There are three information levels: 0, 1, and 50. We don't support 167 * level 50, which is only used by Windows 9x clients. 168 * 169 * It seems Server Manger (srvmgr) only sends workstation as the qualifier 170 * and the Computer Management Interface on Windows 2000 doesn't request 171 * a list of connections. 172 * 173 * Return Values: 174 * ERROR_SUCCESS Success 175 * ERROR_ACCESS_DENIED Caller does not have access to this call. 176 * ERROR_INVALID_PARAMETER One of the parameters is invalid. 177 * ERROR_INVALID_LEVEL Unknown information level specified. 178 * ERROR_MORE_DATA Partial date returned, more entries available. 179 * ERROR_NOT_ENOUGH_MEMORY Insufficient memory is available. 180 * NERR_NetNameNotFound The share qualifier cannot be found. 181 * NERR_BufTooSmall The supplied buffer is too small. 182 */ 183 static int 184 srvsvc_s_NetConnectEnum(void *arg, ndr_xa_t *mxa) 185 { 186 struct mslm_NetConnectEnum *param = arg; 187 srvsvc_NetConnectInfo0_t *info0; 188 srvsvc_NetConnectInfo1_t *info1; 189 char *qualifier; 190 int qualtype; 191 DWORD status = ERROR_SUCCESS; 192 193 if (!ndr_is_poweruser(mxa)) { 194 bzero(param, sizeof (struct mslm_NetConnectEnum)); 195 param->status = ERROR_ACCESS_DENIED; 196 return (NDR_DRC_OK); 197 } 198 199 qualifier = (char *)param->qualifier; 200 qualtype = srvsvc_netconnect_qualifier(qualifier); 201 202 if (qualtype == SRVSVC_CONNECT_ENUM_NULL) { 203 bzero(param, sizeof (struct mslm_NetConnectEnum)); 204 param->status = NERR_NetNameNotFound; 205 return (NDR_DRC_OK); 206 } 207 208 switch (param->info.level) { 209 case 0: 210 info0 = NDR_NEW(mxa, srvsvc_NetConnectInfo0_t); 211 if (info0 == NULL) { 212 status = ERROR_NOT_ENOUGH_MEMORY; 213 break; 214 } 215 216 bzero(info0, sizeof (srvsvc_NetConnectInfo0_t)); 217 param->info.ru.info0 = info0; 218 219 status = srvsvc_s_NetConnectEnumLevel0(mxa, info0); 220 221 param->total_entries = info0->entries_read; 222 param->resume_handle = NULL; 223 break; 224 225 case 1: 226 info1 = NDR_NEW(mxa, srvsvc_NetConnectInfo1_t); 227 if (info1 == NULL) { 228 status = ERROR_NOT_ENOUGH_MEMORY; 229 break; 230 } 231 232 bzero(info1, sizeof (srvsvc_NetConnectInfo1_t)); 233 param->info.ru.info1 = info1; 234 235 status = srvsvc_s_NetConnectEnumLevel1(mxa, info1); 236 237 param->total_entries = info1->entries_read; 238 param->resume_handle = NULL; 239 break; 240 241 case 50: 242 status = ERROR_NOT_SUPPORTED; 243 break; 244 245 default: 246 status = ERROR_INVALID_LEVEL; 247 break; 248 } 249 250 if (status != ERROR_SUCCESS) 251 bzero(param, sizeof (struct mslm_NetConnectEnum)); 252 253 param->status = status; 254 return (NDR_DRC_OK); 255 } 256 257 static DWORD 258 srvsvc_s_NetConnectEnumLevel0(ndr_xa_t *mxa, srvsvc_NetConnectInfo0_t *info0) 259 { 260 srvsvc_NetConnectInfoBuf0_t *ci0; 261 262 ci0 = NDR_NEW(mxa, srvsvc_NetConnectInfoBuf0_t); 263 if (ci0 == NULL) 264 return (ERROR_NOT_ENOUGH_MEMORY); 265 266 ci0->coni0_id = 0x17; 267 268 info0->ci0 = ci0; 269 info0->entries_read = 1; 270 return (ERROR_SUCCESS); 271 } 272 273 static DWORD 274 srvsvc_s_NetConnectEnumLevel1(ndr_xa_t *mxa, srvsvc_NetConnectInfo1_t *info1) 275 { 276 srvsvc_NetConnectInfoBuf1_t *ci1; 277 278 ci1 = NDR_NEW(mxa, srvsvc_NetConnectInfoBuf1_t); 279 if (ci1 == NULL) 280 return (ERROR_NOT_ENOUGH_MEMORY); 281 282 ci1->coni1_id = 0x17; 283 ci1->coni1_type = STYPE_IPC; 284 ci1->coni1_num_opens = 1; 285 ci1->coni1_num_users = 1; 286 ci1->coni1_time = 16; 287 ci1->coni1_username = (uint8_t *)NDR_STRDUP(mxa, "Administrator"); 288 ci1->coni1_netname = (uint8_t *)NDR_STRDUP(mxa, "IPC$"); 289 290 info1->ci1 = ci1; 291 info1->entries_read = 1; 292 return (ERROR_SUCCESS); 293 } 294 295 /* 296 * srvsvc_netconnect_qualifier 297 * 298 * The qualifier is a string that specifies a share name or computer name 299 * for the connections of interest. If it is a share name then all the 300 * connections made to that share name are listed. If it is a computer 301 * name (it starts with two backslash characters), then NetConnectEnum 302 * lists all connections made from that computer to the specified server. 303 */ 304 static int 305 srvsvc_netconnect_qualifier(const char *qualifier) 306 { 307 if (qualifier == NULL || *qualifier == '\0') 308 return (SRVSVC_CONNECT_ENUM_NULL); 309 310 if (strlen(qualifier) > MAXHOSTNAMELEN) 311 return (SRVSVC_CONNECT_ENUM_NULL); 312 313 if (qualifier[0] == '\\' && qualifier[1] == '\\') { 314 return (SRVSVC_CONNECT_ENUM_WKSTN); 315 } else { 316 if (!smb_shr_exists((char *)qualifier)) 317 return (SRVSVC_CONNECT_ENUM_NULL); 318 319 return (SRVSVC_CONNECT_ENUM_SHARE); 320 } 321 } 322 323 /* 324 * srvsvc_s_NetFileEnum 325 * 326 * Return information on open files or named pipes. Only members of the 327 * Administrators or Server Operators local groups are allowed to make 328 * this call. Currently, we only support Administrators. 329 * 330 * If basepath is null, all open resources are enumerated. If basepath 331 * is non-null, only resources that have basepath as a prefix should 332 * be returned. 333 * 334 * If username is specified (non-null), only files opened by username 335 * should be returned. 336 * 337 * Notes: 338 * 1. We don't validate the servername because we would have to check 339 * all primary IPs and the ROI seems unlikely to be worth it. 340 * 2. Both basepath and username are currently ignored because both 341 * Server Manger (NT 4.0) and CMI (Windows 2000) always set them to null. 342 * 343 * The level of information requested may be one of: 344 * 345 * 2 Return the file identification number. 346 * This level is not supported on Windows Me/98/95. 347 * 348 * 3 Return information about the file. 349 * This level is not supported on Windows Me/98/95. 350 * 351 * 50 Windows Me/98/95: Return information about the file. 352 * 353 * Note: 354 * If pref_max_len is unlimited and resume_handle is null, the client 355 * expects to receive all data in a single call. 356 * If we are unable to do fit all data in a single response, we would 357 * normally return ERROR_MORE_DATA with a partial list. 358 * 359 * Unfortunately, when both of these conditions occur, Server Manager 360 * pops up an error box with the message "more data available" and 361 * doesn't display any of the returned data. In this case, it is 362 * probably better to return ERROR_SUCCESS with the partial list. 363 * Windows 2000 doesn't have this problem because it always sends a 364 * non-null resume_handle. 365 * 366 * Return Values: 367 * ERROR_SUCCESS Success 368 * ERROR_ACCESS_DENIED Caller does not have access to this call. 369 * ERROR_INVALID_PARAMETER One of the parameters is invalid. 370 * ERROR_INVALID_LEVEL Unknown information level specified. 371 * ERROR_MORE_DATA Partial date returned, more entries available. 372 * ERROR_NOT_ENOUGH_MEMORY Insufficient memory is available. 373 * NERR_BufTooSmall The supplied buffer is too small. 374 */ 375 static int 376 srvsvc_s_NetFileEnum(void *arg, ndr_xa_t *mxa) 377 { 378 struct mslm_NetFileEnum *param = arg; 379 DWORD status; 380 381 if (!ndr_is_admin(mxa)) { 382 bzero(param, sizeof (struct mslm_NetFileEnum)); 383 param->status = ERROR_ACCESS_DENIED; 384 return (NDR_DRC_OK); 385 } 386 387 switch (param->info.switch_value) { 388 case 2: 389 status = srvsvc_NetFileEnum2(mxa, param); 390 break; 391 392 case 3: 393 status = srvsvc_NetFileEnum3(mxa, param); 394 break; 395 396 case 50: 397 status = ERROR_NOT_SUPPORTED; 398 break; 399 400 default: 401 status = ERROR_INVALID_LEVEL; 402 break; 403 } 404 405 if (status != ERROR_SUCCESS) { 406 bzero(param, sizeof (struct mslm_NetFileEnum)); 407 param->status = status; 408 return (NDR_DRC_OK); 409 } 410 411 if (param->resume_handle) 412 *param->resume_handle = 0; 413 414 param->status = ERROR_SUCCESS; 415 return (NDR_DRC_OK); 416 } 417 418 /* 419 * Build level 2 file information. 420 * 421 * On success, the caller expects that the info2, fi2 and entries_read 422 * fields have been set up. 423 */ 424 static DWORD 425 srvsvc_NetFileEnum2(ndr_xa_t *mxa, struct mslm_NetFileEnum *param) 426 { 427 struct mslm_NetFileInfoBuf2 *fi2; 428 ndr_pipe_info_t pi; 429 uint32_t entries_read = 0; 430 int i; 431 432 param->info.ru.info2 = NDR_NEW(mxa, struct mslm_NetFileInfo2); 433 if (param->info.ru.info3 == NULL) 434 return (ERROR_NOT_ENOUGH_MEMORY); 435 436 fi2 = NDR_NEWN(mxa, struct mslm_NetFileInfoBuf2, 128); 437 if (fi2 == NULL) 438 return (ERROR_NOT_ENOUGH_MEMORY); 439 440 param->info.ru.info2->fi2 = fi2; 441 442 for (i = 0; i < 128; ++i) { 443 if (ndr_pipe_getinfo(i, &pi) == -1) 444 continue; 445 446 fi2->fi2_id = pi.npi_fid; 447 448 ++entries_read; 449 ++fi2; 450 } 451 452 param->info.ru.info2->entries_read = entries_read; 453 param->total_entries = entries_read; 454 return (ERROR_SUCCESS); 455 } 456 457 /* 458 * Build level 3 file information. 459 * 460 * On success, the caller expects that the info3, fi3 and entries_read 461 * fields have been set up. 462 */ 463 static DWORD 464 srvsvc_NetFileEnum3(ndr_xa_t *mxa, struct mslm_NetFileEnum *param) 465 { 466 struct mslm_NetFileInfoBuf3 *fi3; 467 ndr_pipe_info_t pi; 468 uint32_t entries_read = 0; 469 int i; 470 471 param->info.ru.info3 = NDR_NEW(mxa, struct mslm_NetFileInfo3); 472 if (param->info.ru.info3 == NULL) 473 return (ERROR_NOT_ENOUGH_MEMORY); 474 475 fi3 = NDR_NEWN(mxa, struct mslm_NetFileInfoBuf3, 128); 476 if (fi3 == NULL) 477 return (ERROR_NOT_ENOUGH_MEMORY); 478 479 param->info.ru.info3->fi3 = fi3; 480 481 for (i = 0; i < 128; ++i) { 482 if (ndr_pipe_getinfo(i, &pi) == -1) 483 continue; 484 485 fi3->fi3_id = pi.npi_fid; 486 fi3->fi3_permissions = pi.npi_permissions; 487 fi3->fi3_num_locks = pi.npi_num_locks; 488 fi3->fi3_pathname = (uint8_t *) 489 NDR_STRDUP(mxa, pi.npi_pathname); 490 fi3->fi3_username = (uint8_t *) 491 NDR_STRDUP(mxa, pi.npi_username); 492 493 ++entries_read; 494 ++fi3; 495 } 496 497 param->info.ru.info3->entries_read = entries_read; 498 param->total_entries = entries_read; 499 return (ERROR_SUCCESS); 500 } 501 502 /* 503 * srvsvc_s_NetFileClose 504 * 505 * NetFileClose forces a file to close. This function can be used when 506 * an error prevents closure by any other means. Use NetFileClose with 507 * caution because it does not flush data, cached on a client, to the 508 * file before closing the file. 509 * 510 * Return Values 511 * ERROR_SUCCESS Operation succeeded. 512 * ERROR_ACCESS_DENIED Operation denied. 513 * NERR_FileIdNotFound No open file with the specified id. 514 * 515 * Note: MSDN suggests that the error code should be ERROR_FILE_NOT_FOUND 516 * but network captures using NT show NERR_FileIdNotFound. 517 * The NetFileClose2 MSDN page has the right error code. 518 */ 519 static int 520 srvsvc_s_NetFileClose(void *arg, ndr_xa_t *mxa) 521 { 522 struct mslm_NetFileClose *param = arg; 523 524 if (!ndr_is_admin(mxa)) { 525 bzero(param, sizeof (struct mslm_NetFileClose)); 526 param->status = ERROR_ACCESS_DENIED; 527 return (NDR_DRC_OK); 528 } 529 530 bzero(param, sizeof (struct mslm_NetFileClose)); 531 param->status = ERROR_SUCCESS; 532 return (NDR_DRC_OK); 533 } 534 535 536 /* 537 * srvsvc_s_NetShareGetInfo 538 * 539 * Returns Win32 error codes. 540 */ 541 static int 542 srvsvc_s_NetShareGetInfo(void *arg, ndr_xa_t *mxa) 543 { 544 struct mlsm_NetShareGetInfo *param = arg; 545 struct mslm_NetShareGetInfo0 *info0; 546 struct mslm_NetShareGetInfo1 *info1; 547 struct mslm_NetShareGetInfo2 *info2; 548 struct mslm_NetShareGetInfo501 *info501; 549 struct mslm_NetShareGetInfo502 *info502; 550 struct mslm_NetShareGetInfo1004 *info1004; 551 struct mslm_NetShareGetInfo1005 *info1005; 552 struct mslm_NetShareGetInfo1006 *info1006; 553 smb_share_t si; 554 DWORD status; 555 556 status = smb_shr_get((char *)param->netname, &si); 557 if (status != NERR_Success) { 558 bzero(param, sizeof (struct mlsm_NetShareGetInfo)); 559 param->status = status; 560 return (NDR_DRC_OK); 561 } 562 563 switch (param->level) { 564 case 0: 565 info0 = NDR_NEW(mxa, struct mslm_NetShareGetInfo0); 566 if (info0 == NULL) { 567 status = ERROR_NOT_ENOUGH_MEMORY; 568 break; 569 } 570 571 info0->shi0_netname 572 = (uint8_t *)NDR_STRDUP(mxa, si.shr_name); 573 if (info0->shi0_netname == NULL) { 574 status = ERROR_NOT_ENOUGH_MEMORY; 575 break; 576 } 577 578 param->result.ru.info0 = info0; 579 break; 580 581 case 1: 582 info1 = NDR_NEW(mxa, struct mslm_NetShareGetInfo1); 583 if (info1 == NULL) { 584 status = ERROR_NOT_ENOUGH_MEMORY; 585 break; 586 } 587 588 info1->shi1_netname = (uint8_t *)NDR_STRDUP(mxa, si.shr_name); 589 info1->shi1_comment = (uint8_t *)NDR_STRDUP(mxa, si.shr_cmnt); 590 if (info1->shi1_netname == NULL || 591 info1->shi1_comment == NULL) { 592 status = ERROR_NOT_ENOUGH_MEMORY; 593 break; 594 } 595 596 info1->shi1_type = si.shr_type; 597 param->result.ru.info1 = info1; 598 break; 599 600 case 2: 601 info2 = NDR_NEW(mxa, struct mslm_NetShareGetInfo2); 602 if (info2 == NULL) { 603 status = ERROR_NOT_ENOUGH_MEMORY; 604 break; 605 } 606 607 info2->shi2_netname = (uint8_t *)NDR_STRDUP(mxa, si.shr_name); 608 info2->shi2_comment = (uint8_t *)NDR_STRDUP(mxa, si.shr_cmnt); 609 if (info2->shi2_netname == NULL || 610 info2->shi2_comment == NULL) { 611 status = ERROR_NOT_ENOUGH_MEMORY; 612 break; 613 } 614 615 info2->shi2_path = 616 (uint8_t *)srvsvc_share_mkpath(mxa, si.shr_path); 617 info2->shi2_passwd = 0; 618 info2->shi2_type = si.shr_type; 619 info2->shi2_permissions = 0; 620 info2->shi2_max_uses = SHI_USES_UNLIMITED; 621 info2->shi2_current_uses = 0; 622 param->result.ru.info2 = info2; 623 break; 624 625 case 1004: 626 info1004 = NDR_NEW(mxa, struct mslm_NetShareGetInfo1004); 627 if (info1004 == NULL) { 628 status = ERROR_NOT_ENOUGH_MEMORY; 629 break; 630 } 631 632 info1004->shi1004_comment = 633 (uint8_t *)NDR_STRDUP(mxa, si.shr_cmnt); 634 if (info1004->shi1004_comment == NULL) 635 status = ERROR_NOT_ENOUGH_MEMORY; 636 break; 637 638 case 1005: 639 info1005 = NDR_NEW(mxa, struct mslm_NetShareGetInfo1005); 640 if (info1005 == NULL) { 641 status = ERROR_NOT_ENOUGH_MEMORY; 642 break; 643 } 644 645 info1005->shi1005_flags = 0; 646 647 switch (si.shr_flags & SMB_SHRF_CSC_MASK) { 648 case SMB_SHRF_CSC_DISABLED: 649 info1005->shi1005_flags |= CSC_CACHE_NONE; 650 break; 651 case SMB_SHRF_CSC_AUTO: 652 info1005->shi1005_flags |= CSC_CACHE_AUTO_REINT; 653 break; 654 case SMB_SHRF_CSC_VDO: 655 info1005->shi1005_flags |= CSC_CACHE_VDO; 656 break; 657 case SMB_SHRF_CSC_MANUAL: 658 default: 659 /* 660 * Default to CSC_CACHE_MANUAL_REINT. 661 */ 662 break; 663 } 664 665 param->result.ru.info1005 = info1005; 666 break; 667 668 case 1006: 669 info1006 = NDR_NEW(mxa, struct mslm_NetShareGetInfo1006); 670 if (info1006 == NULL) { 671 status = ERROR_NOT_ENOUGH_MEMORY; 672 break; 673 } 674 info1006->shi1006_max_uses = SHI_USES_UNLIMITED; 675 param->result.ru.info1006 = info1006; 676 break; 677 678 case 501: 679 /* 680 * Level 501 provides level 1 information. 681 */ 682 info501 = NDR_NEW(mxa, struct mslm_NetShareGetInfo501); 683 if (info501 == NULL) { 684 status = ERROR_NOT_ENOUGH_MEMORY; 685 break; 686 } 687 688 info501->shi501_netname = 689 (uint8_t *)NDR_STRDUP(mxa, si.shr_name); 690 info501->shi501_comment = 691 (uint8_t *)NDR_STRDUP(mxa, si.shr_cmnt); 692 if (info501->shi501_netname == NULL || 693 info501->shi501_comment == NULL) { 694 status = ERROR_NOT_ENOUGH_MEMORY; 695 break; 696 } 697 698 info501->shi501_type = si.shr_type; 699 info501->shi501_reserved = 0; 700 param->result.ru.info501 = info501; 701 break; 702 703 case 502: 704 /* 705 * Level 502 provides level 2 information plus a 706 * security descriptor. We don't support security 707 * descriptors on shares yet. 708 */ 709 info502 = NDR_NEW(mxa, struct mslm_NetShareGetInfo502); 710 if (info502 == NULL) { 711 status = ERROR_NOT_ENOUGH_MEMORY; 712 break; 713 } 714 715 info502->shi502_netname = 716 (uint8_t *)NDR_STRDUP(mxa, si.shr_name); 717 info502->shi502_comment = 718 (uint8_t *)NDR_STRDUP(mxa, si.shr_cmnt); 719 if (info502->shi502_netname == NULL || 720 info502->shi502_comment == NULL) { 721 status = ERROR_NOT_ENOUGH_MEMORY; 722 break; 723 } 724 725 info502->shi502_path = 726 (uint8_t *)srvsvc_share_mkpath(mxa, si.shr_path); 727 info502->shi502_passwd = 0; 728 info502->shi502_type = si.shr_type; 729 info502->shi502_permissions = 0; 730 info502->shi502_max_uses = SHI_USES_UNLIMITED; 731 info502->shi502_current_uses = 0; 732 info502->shi502_reserved = 0; 733 info502->shi502_security_descriptor = 0; 734 param->result.ru.info502 = info502; 735 break; 736 737 default: 738 status = ERROR_ACCESS_DENIED; 739 break; 740 } 741 742 if (status != ERROR_SUCCESS) 743 bzero(param, sizeof (struct mlsm_NetShareGetInfo)); 744 else 745 param->result.switch_value = param->level; 746 747 param->status = status; 748 return (NDR_DRC_OK); 749 } 750 751 752 /* 753 * srvsvc_s_NetShareSetInfo 754 * 755 * This call is made by SrvMgr to set share information. 756 * Always returns ERROR_ACCESS_DENIED for now. 757 * 758 * Returns Win32 error codes. 759 */ 760 static int 761 srvsvc_s_NetShareSetInfo(void *arg, ndr_xa_t *mxa) 762 { 763 struct mlsm_NetShareSetInfo *param = arg; 764 765 (void) memset(param, 0, sizeof (struct mlsm_NetShareSetInfo)); 766 param->parm_err_ptr = (DWORD)(uintptr_t)NDR_MALLOC(mxa, 767 sizeof (DWORD)); 768 param->parm_err = 0; 769 770 if (!smb_config_getbool(SMB_CI_SRVSVC_SHRSET_ENABLE)) 771 param->status = ERROR_SUCCESS; 772 else 773 param->status = ERROR_ACCESS_DENIED; 774 775 return (NDR_DRC_OK); 776 } 777 778 /* 779 * srvsvc_s_NetSessionEnum 780 * 781 * Level 1 request is made by (Server Manager (srvmgr) on NT Server when 782 * the user info icon is selected. 783 * 784 * On success, the return value is NERR_Success. 785 * On error, the return value can be one of the following error codes: 786 * 787 * ERROR_ACCESS_DENIED The user does not have access to the requested 788 * information. 789 * ERROR_INVALID_LEVEL The value specified for the level is invalid. 790 * ERROR_INVALID_PARAMETER The specified parameter is invalid. 791 * ERROR_MORE_DATA More entries are available. Specify a large 792 * enough buffer to receive all entries. 793 * ERROR_NOT_ENOUGH_MEMORY Insufficient memory is available. 794 * NERR_ClientNameNotFound A session does not exist with the computer name. 795 * NERR_InvalidComputer The computer name is invalid. 796 * NERR_UserNotFound The user name could not be found. 797 */ 798 static int 799 srvsvc_s_NetSessionEnum(void *arg, ndr_xa_t *mxa) 800 { 801 struct mslm_NetSessionEnum *param = arg; 802 struct mslm_infonres *infonres; 803 DWORD status; 804 DWORD n_sessions; 805 806 infonres = NDR_NEW(mxa, struct mslm_infonres); 807 if (infonres == NULL) { 808 bzero(param, sizeof (struct mslm_NetSessionEnum)); 809 param->status = ERROR_NOT_ENOUGH_MEMORY; 810 return (NDR_DRC_OK); 811 } 812 813 infonres->entriesread = 0; 814 infonres->entries = NULL; 815 param->result.level = param->level; 816 param->result.bufptr.p = infonres; 817 param->total_entries = 0; 818 param->resume_handle = NULL; 819 param->status = ERROR_SUCCESS; 820 821 if ((n_sessions = (DWORD) mlsvc_get_num_users()) == 0) 822 return (NDR_DRC_OK); 823 824 switch (param->level) { 825 case 0: 826 status = mlsvc_NetSessionEnumLevel0(infonres, n_sessions, mxa); 827 break; 828 829 case 1: 830 status = mlsvc_NetSessionEnumLevel1(infonres, n_sessions, mxa); 831 break; 832 833 default: 834 status = ERROR_INVALID_LEVEL; 835 break; 836 } 837 838 if (status != 0) { 839 bzero(param, sizeof (struct mslm_NetSessionEnum)); 840 param->status = status; 841 return (NDR_DRC_OK); 842 } 843 844 param->total_entries = infonres->entriesread; 845 param->status = status; 846 return (NDR_DRC_OK); 847 } 848 849 /* 850 * mlsvc_NetSessionEnumLevel0 851 * 852 * Build the level 0 session information. 853 */ 854 static DWORD 855 mlsvc_NetSessionEnumLevel0(struct mslm_infonres *infonres, DWORD n_sessions, 856 ndr_xa_t *mxa) 857 { 858 struct mslm_SESSION_INFO_0 *info0; 859 smb_dr_ulist_t *ulist; 860 smb_opipe_context_t *user; 861 char *workstation; 862 char ipaddr_buf[INET6_ADDRSTRLEN]; 863 int n_users; 864 int offset = 0; 865 int i; 866 867 if ((ulist = malloc(sizeof (smb_dr_ulist_t))) == NULL) 868 return (ERROR_NOT_ENOUGH_MEMORY); 869 870 if ((n_users = mlsvc_get_user_list(offset, ulist)) == 0) { 871 smb_dr_ulist_free(ulist); 872 return (ERROR_NOT_ENOUGH_MEMORY); 873 } 874 875 if (n_users < n_sessions) 876 n_sessions = n_users; 877 878 info0 = NDR_NEWN(mxa, struct mslm_SESSION_INFO_0, n_sessions); 879 if (info0 == NULL) { 880 smb_dr_ulist_free(ulist); 881 return (ERROR_NOT_ENOUGH_MEMORY); 882 } 883 884 for (i = 0; i < n_sessions; ++i) { 885 user = &ulist->dul_users[i]; 886 887 workstation = user->oc_workstation; 888 if (workstation == NULL || *workstation == '\0') { 889 (void) smb_inet_ntop(&user->oc_ipaddr, 890 ipaddr_buf, SMB_IPSTRLEN(user->oc_ipaddr.a_family)); 891 workstation = ipaddr_buf; 892 } 893 894 info0[i].sesi0_cname = NDR_STRDUP(mxa, workstation); 895 if (info0[i].sesi0_cname == NULL) { 896 smb_dr_ulist_free(ulist); 897 return (ERROR_NOT_ENOUGH_MEMORY); 898 } 899 } 900 901 smb_dr_ulist_free(ulist); 902 infonres->entriesread = n_sessions; 903 infonres->entries = info0; 904 return (ERROR_SUCCESS); 905 } 906 907 /* 908 * mlsvc_NetSessionEnumLevel1 909 * 910 * Build the level 1 session information. 911 */ 912 static DWORD 913 mlsvc_NetSessionEnumLevel1(struct mslm_infonres *infonres, DWORD n_sessions, 914 ndr_xa_t *mxa) 915 { 916 struct mslm_SESSION_INFO_1 *info1; 917 smb_dr_ulist_t *ulist; 918 smb_opipe_context_t *user; 919 char *workstation; 920 char account[MAXNAMELEN]; 921 char ipaddr_buf[INET6_ADDRSTRLEN]; 922 int n_users; 923 int offset = 0; 924 int i; 925 926 if ((ulist = malloc(sizeof (smb_dr_ulist_t))) == NULL) 927 return (ERROR_NOT_ENOUGH_MEMORY); 928 929 if ((n_users = mlsvc_get_user_list(offset, ulist)) == 0) { 930 smb_dr_ulist_free(ulist); 931 return (ERROR_NOT_ENOUGH_MEMORY); 932 } 933 934 if (n_users < n_sessions) 935 n_sessions = n_users; 936 937 info1 = NDR_NEWN(mxa, struct mslm_SESSION_INFO_1, n_sessions); 938 if (info1 == NULL) { 939 smb_dr_ulist_free(ulist); 940 return (ERROR_NOT_ENOUGH_MEMORY); 941 } 942 943 for (i = 0; i < n_sessions; ++i) { 944 user = &ulist->dul_users[i]; 945 946 workstation = user->oc_workstation; 947 if (workstation == NULL || *workstation == '\0') { 948 (void) smb_inet_ntop(&user->oc_ipaddr, 949 ipaddr_buf, SMB_IPSTRLEN(user->oc_ipaddr.a_family)); 950 workstation = ipaddr_buf; 951 } 952 953 (void) snprintf(account, MAXNAMELEN, "%s\\%s", 954 user->oc_domain, user->oc_account); 955 956 info1[i].sesi1_cname = NDR_STRDUP(mxa, workstation); 957 info1[i].sesi1_uname = NDR_STRDUP(mxa, account); 958 959 if (info1[i].sesi1_cname == NULL || 960 info1[i].sesi1_uname == NULL) { 961 smb_dr_ulist_free(ulist); 962 return (ERROR_NOT_ENOUGH_MEMORY); 963 } 964 965 info1[i].sesi1_nopens = 1; 966 info1[i].sesi1_time = time(0) - user->oc_logon_time; 967 info1[i].sesi1_itime = 0; 968 info1[i].sesi1_uflags = 969 (user->oc_flags & SMB_ATF_GUEST) ? SESS_GUEST : 0; 970 } 971 972 smb_dr_ulist_free(ulist); 973 infonres->entriesread = n_sessions; 974 infonres->entries = info1; 975 return (ERROR_SUCCESS); 976 } 977 978 /* 979 * srvsvc_s_NetSessionDel 980 * 981 * Ends a network session between a server and a workstation. 982 * On NT only members of the Administrators or Account Operators 983 * local groups are permitted to use NetSessionDel. 984 * 985 * Return Values 986 * If the function succeeds, the return value is NERR_Success/ 987 * ERROR_SUCCESS. If the function fails, the return value can be 988 * one of the following error codes: 989 * 990 * ERROR_ACCESS_DENIED The user does not have access to the 991 * requested information. 992 * ERROR_INVALID_PARAMETER The specified parameter is invalid. 993 * ERROR_NOT_ENOUGH_MEMORY Insufficient memory is available. 994 * NERR_ClientNameNotFound A session does not exist with that 995 * computer name. 996 */ 997 static int 998 srvsvc_s_NetSessionDel(void *arg, ndr_xa_t *mxa) 999 { 1000 struct mslm_NetSessionDel *param = arg; 1001 1002 if (!ndr_is_poweruser(mxa)) { 1003 param->status = ERROR_ACCESS_DENIED; 1004 return (NDR_DRC_OK); 1005 } 1006 1007 param->status = ERROR_ACCESS_DENIED; 1008 return (NDR_DRC_OK); 1009 } 1010 1011 /* 1012 * SRVSVC NetServerGetInfo 1013 * 1014 * IN LPTSTR servername, 1015 * IN DWORD level, 1016 * OUT union switch(level) { 1017 * case 100: mslm_SERVER_INFO_100 *p100; 1018 * case 101: mslm_SERVER_INFO_101 *p101; 1019 * case 102: mslm_SERVER_INFO_102 *p102; 1020 * default: char *nullptr; 1021 * } bufptr, 1022 * OUT DWORD status 1023 */ 1024 static int 1025 srvsvc_s_NetServerGetInfo(void *arg, ndr_xa_t *mxa) 1026 { 1027 struct mslm_NetServerGetInfo *param = arg; 1028 struct mslm_SERVER_INFO_100 *info100; 1029 struct mslm_SERVER_INFO_101 *info101; 1030 struct mslm_SERVER_INFO_102 *info102; 1031 char sys_comment[SMB_PI_MAX_COMMENT]; 1032 char hostname[NETBIOS_NAME_SZ]; 1033 1034 if (smb_getnetbiosname(hostname, sizeof (hostname)) != 0) { 1035 netservergetinfo_no_memory: 1036 bzero(param, sizeof (struct mslm_NetServerGetInfo)); 1037 return (ERROR_NOT_ENOUGH_MEMORY); 1038 } 1039 1040 (void) smb_config_getstr(SMB_CI_SYS_CMNT, sys_comment, 1041 sizeof (sys_comment)); 1042 if (*sys_comment == '\0') 1043 (void) strcpy(sys_comment, " "); 1044 1045 switch (param->level) { 1046 case 100: 1047 info100 = NDR_NEW(mxa, struct mslm_SERVER_INFO_100); 1048 if (info100 == NULL) 1049 goto netservergetinfo_no_memory; 1050 1051 bzero(info100, sizeof (struct mslm_SERVER_INFO_100)); 1052 info100->sv100_platform_id = SV_PLATFORM_ID_NT; 1053 info100->sv100_name = (uint8_t *)NDR_STRDUP(mxa, hostname); 1054 if (info100->sv100_name == NULL) 1055 goto netservergetinfo_no_memory; 1056 1057 param->result.bufptr.bufptr100 = info100; 1058 break; 1059 1060 case 101: 1061 info101 = NDR_NEW(mxa, struct mslm_SERVER_INFO_101); 1062 if (info101 == NULL) 1063 goto netservergetinfo_no_memory; 1064 1065 bzero(info101, sizeof (struct mslm_SERVER_INFO_101)); 1066 info101->sv101_platform_id = SV_PLATFORM_ID_NT; 1067 info101->sv101_version_major = 4; 1068 info101->sv101_version_minor = 0; 1069 info101->sv101_type = SV_TYPE_SENT_BY_ME; 1070 info101->sv101_name = (uint8_t *)NDR_STRDUP(mxa, hostname); 1071 info101->sv101_comment 1072 = (uint8_t *)NDR_STRDUP(mxa, sys_comment); 1073 1074 if (info101->sv101_name == NULL || 1075 info101->sv101_comment == NULL) 1076 goto netservergetinfo_no_memory; 1077 1078 param->result.bufptr.bufptr101 = info101; 1079 break; 1080 1081 case 102: 1082 info102 = NDR_NEW(mxa, struct mslm_SERVER_INFO_102); 1083 if (info102 == NULL) 1084 goto netservergetinfo_no_memory; 1085 1086 bzero(info102, sizeof (struct mslm_SERVER_INFO_102)); 1087 info102->sv102_platform_id = SV_PLATFORM_ID_NT; 1088 info102->sv102_version_major = 4; 1089 info102->sv102_version_minor = 0; 1090 info102->sv102_type = SV_TYPE_SENT_BY_ME; 1091 info102->sv102_name = (uint8_t *)NDR_STRDUP(mxa, hostname); 1092 info102->sv102_comment 1093 = (uint8_t *)NDR_STRDUP(mxa, sys_comment); 1094 1095 /* 1096 * The following level 102 fields are defaulted to zero 1097 * by virtue of the call to bzero above. 1098 * 1099 * sv102_users 1100 * sv102_disc 1101 * sv102_hidden 1102 * sv102_announce 1103 * sv102_anndelta 1104 * sv102_licenses 1105 * sv102_userpath 1106 */ 1107 if (info102->sv102_name == NULL || 1108 info102->sv102_comment == NULL) 1109 goto netservergetinfo_no_memory; 1110 1111 param->result.bufptr.bufptr102 = info102; 1112 break; 1113 1114 default: 1115 bzero(¶m->result, 1116 sizeof (struct mslm_NetServerGetInfo_result)); 1117 param->status = ERROR_ACCESS_DENIED; 1118 return (NDR_DRC_OK); 1119 } 1120 1121 param->result.level = param->level; 1122 param->status = (ERROR_SUCCESS); 1123 return (NDR_DRC_OK); 1124 } 1125 1126 /* 1127 * NetRemoteTOD 1128 * 1129 * Returns information about the time of day on this server. 1130 * 1131 * typedef struct _TIME_OF_DAY_INFO { 1132 * DWORD tod_elapsedt; // seconds since 00:00:00 January 1 1970 GMT 1133 * DWORD tod_msecs; // arbitrary milliseconds (since reset) 1134 * DWORD tod_hours; // current hour [0-23] 1135 * DWORD tod_mins; // current minute [0-59] 1136 * DWORD tod_secs; // current second [0-59] 1137 * DWORD tod_hunds; // current hundredth (0.01) second [0-99] 1138 * LONG tod_timezone; // time zone of the server 1139 * DWORD tod_tinterval; // clock tick time interval 1140 * DWORD tod_day; // day of the month [1-31] 1141 * DWORD tod_month; // month of the year [1-12] 1142 * DWORD tod_year; // current year 1143 * DWORD tod_weekday; // day of the week since Sunday [0-6] 1144 * } TIME_OF_DAY_INFO; 1145 * 1146 * The time zone of the server is calculated in minutes from Greenwich 1147 * Mean Time (GMT). For time zones west of Greenwich, the value is 1148 * positive; for time zones east of Greenwich, the value is negative. 1149 * A value of -1 indicates that the time zone is undefined. 1150 * 1151 * The clock tick value represents a resolution of one ten-thousandth 1152 * (0.0001) second. 1153 */ 1154 static int 1155 srvsvc_s_NetRemoteTOD(void *arg, ndr_xa_t *mxa) 1156 { 1157 struct mslm_NetRemoteTOD *param = arg; 1158 struct mslm_TIME_OF_DAY_INFO *tod; 1159 struct timeval time_val; 1160 struct tm tm; 1161 1162 (void) gettimeofday(&time_val, 0); 1163 (void) gmtime_r(&time_val.tv_sec, &tm); 1164 1165 tod = NDR_NEW(mxa, struct mslm_TIME_OF_DAY_INFO); 1166 if (tod == NULL) { 1167 bzero(param, sizeof (struct mslm_NetRemoteTOD)); 1168 return (ERROR_NOT_ENOUGH_MEMORY); 1169 } 1170 1171 tod->tod_elapsedt = time_val.tv_sec; 1172 tod->tod_msecs = time_val.tv_usec; 1173 tod->tod_hours = tm.tm_hour; 1174 tod->tod_mins = tm.tm_min; 1175 tod->tod_secs = tm.tm_sec; 1176 tod->tod_hunds = 0; 1177 tod->tod_tinterval = 1000; 1178 tod->tod_day = tm.tm_mday; 1179 tod->tod_month = tm.tm_mon+1; 1180 tod->tod_year = tm.tm_year+1900; 1181 tod->tod_weekday = tm.tm_wday; 1182 1183 (void) localtime_r(&time_val.tv_sec, &tm); 1184 1185 param->bufptr = tod; 1186 param->status = ERROR_SUCCESS; 1187 return (NDR_DRC_OK); 1188 } 1189 1190 /* 1191 * srvsvc_s_NetNameValidate 1192 * 1193 * Perform name validation. 1194 * 1195 * The share name is considered invalid if it contains any of the 1196 * following character (MSDN 236388). 1197 * 1198 * " / \ [ ] : | < > + ; , ? * = 1199 * 1200 * Returns Win32 error codes. 1201 */ 1202 /*ARGSUSED*/ 1203 static int 1204 srvsvc_s_NetNameValidate(void *arg, ndr_xa_t *mxa) 1205 { 1206 struct mslm_NetNameValidate *param = arg; 1207 char *name; 1208 int len; 1209 1210 if ((name = (char *)param->pathname) == NULL) { 1211 param->status = ERROR_INVALID_PARAMETER; 1212 return (NDR_DRC_OK); 1213 } 1214 1215 len = strlen(name); 1216 1217 if ((param->flags == 0 && len > 81) || 1218 (param->flags == 0x80000000 && len > 13)) { 1219 param->status = ERROR_INVALID_NAME; 1220 return (NDR_DRC_OK); 1221 } 1222 1223 switch (param->type) { 1224 case NAMETYPE_SHARE: 1225 if (smb_shr_chkname(name)) 1226 param->status = ERROR_SUCCESS; 1227 else 1228 param->status = ERROR_INVALID_NAME; 1229 break; 1230 1231 case NAMETYPE_USER: 1232 case NAMETYPE_PASSWORD: 1233 case NAMETYPE_GROUP: 1234 case NAMETYPE_COMPUTER: 1235 case NAMETYPE_EVENT: 1236 case NAMETYPE_DOMAIN: 1237 case NAMETYPE_SERVICE: 1238 case NAMETYPE_NET: 1239 case NAMETYPE_MESSAGE: 1240 case NAMETYPE_MESSAGEDEST: 1241 case NAMETYPE_SHAREPASSWORD: 1242 case NAMETYPE_WORKGROUP: 1243 param->status = ERROR_NOT_SUPPORTED; 1244 break; 1245 1246 default: 1247 param->status = ERROR_INVALID_PARAMETER; 1248 break; 1249 } 1250 1251 return (NDR_DRC_OK); 1252 } 1253 1254 /* 1255 * srvsvc_s_NetShareAdd 1256 * 1257 * Add a new share. We support info levels 2 and 502 but ignore the 1258 * security descriptor in level 502 requests. Only the administrator, 1259 * or a member of the domain administrators group, is allowed to add 1260 * shares. 1261 * 1262 * This interface is used by the rmtshare command from the NT resource 1263 * kit. Rmtshare allows a client to add or remove shares on a server 1264 * from the client's command line. 1265 * 1266 * Note that we don't support security descriptors on a share. If the 1267 * /grant is used, the share will be created but the subsequent attempt 1268 * to manipulate the security descriptor (NetShareGetInfo) will fail. 1269 * Similarly for the /remove option. 1270 * 1271 * Returns Win32 error codes. 1272 */ 1273 static int 1274 srvsvc_s_NetShareAdd(void *arg, ndr_xa_t *mxa) 1275 { 1276 static DWORD parm_err = 0; 1277 DWORD parm_stat; 1278 struct mslm_NetShareAdd *param = arg; 1279 struct mslm_SHARE_INFO_2 *info2; 1280 char realpath[MAXPATHLEN]; 1281 int32_t native_os; 1282 1283 native_os = ndr_native_os(mxa); 1284 1285 if (!ndr_is_poweruser(mxa)) { 1286 bzero(param, sizeof (struct mslm_NetShareAdd)); 1287 param->status = ERROR_ACCESS_DENIED; 1288 return (NDR_DRC_OK); 1289 } 1290 1291 switch (param->level) { 1292 case 2: 1293 info2 = param->info.un.info2; 1294 break; 1295 1296 case 502: 1297 info2 = (struct mslm_SHARE_INFO_2 *)param->info.un.info502; 1298 break; 1299 1300 default: 1301 bzero(param, sizeof (struct mslm_NetShareAdd)); 1302 param->status = ERROR_ACCESS_DENIED; 1303 return (NDR_DRC_OK); 1304 } 1305 1306 if (info2->shi2_netname == NULL || info2->shi2_path == NULL) { 1307 bzero(param, sizeof (struct mslm_NetShareAdd)); 1308 param->status = NERR_NetNameNotFound; 1309 return (NDR_DRC_OK); 1310 } 1311 1312 if (smb_shr_is_restricted((char *)info2->shi2_netname)) { 1313 bzero(param, sizeof (struct mslm_NetShareAdd)); 1314 param->status = ERROR_ACCESS_DENIED; 1315 return (NDR_DRC_OK); 1316 } 1317 1318 if (info2->shi2_remark == NULL) 1319 info2->shi2_remark = (uint8_t *)""; 1320 1321 /* 1322 * Derive the real path which will be stored in the 1323 * directory field of the smb_share_t structure 1324 * from the path field in this RPC request. 1325 */ 1326 parm_stat = smb_shr_get_realpath((const char *)info2->shi2_path, 1327 realpath, MAXPATHLEN); 1328 1329 if (parm_stat != NERR_Success) { 1330 bzero(param, sizeof (struct mslm_NetShareAdd)); 1331 param->status = parm_stat; 1332 param->parm_err 1333 = (native_os == NATIVE_OS_WIN95) ? 0 : &parm_err; 1334 return (NDR_DRC_OK); 1335 } 1336 1337 param->status = srvsvc_sa_add((char *)info2->shi2_netname, realpath, 1338 (char *)info2->shi2_remark); 1339 if (param->status == NERR_Success) { 1340 smb_share_t si; 1341 /* 1342 * Lookup the share, which will bring it into the cache. 1343 */ 1344 (void) smb_shr_get((char *)info2->shi2_netname, &si); 1345 } 1346 param->parm_err = (native_os == NATIVE_OS_WIN95) ? 0 : &parm_err; 1347 return (NDR_DRC_OK); 1348 } 1349 1350 /* 1351 * srvsvc_estimate_objcnt 1352 * 1353 * Estimate the number of objects that will fit in prefmaxlen. 1354 */ 1355 static uint32_t 1356 srvsvc_estimate_objcnt(uint32_t prefmaxlen, uint32_t n_obj, uint32_t obj_size) 1357 { 1358 DWORD max_cnt; 1359 1360 if (obj_size == 0) 1361 return (0); 1362 1363 if ((max_cnt = (prefmaxlen / obj_size)) == 0) 1364 return (0); 1365 1366 if (n_obj > max_cnt) 1367 n_obj = max_cnt; 1368 1369 return (n_obj); 1370 } 1371 1372 /* 1373 * srvsvc_s_NetShareEnum 1374 * 1375 * Enumerate all shares (see also NetShareEnumSticky). 1376 * 1377 * Request for various levels of information about our shares. 1378 * Level 0: share names. 1379 * Level 1: share name, share type and comment field. 1380 * Level 2: everything that we know about the shares. 1381 * Level 501: level 1 + flags (flags must be zero). 1382 * Level 502: level 2 + security descriptor. 1383 */ 1384 static int 1385 srvsvc_s_NetShareEnum(void *arg, ndr_xa_t *mxa) 1386 { 1387 struct mslm_NetShareEnum *param = arg; 1388 struct mslm_infonres *infonres; 1389 srvsvc_enum_t se; 1390 DWORD status; 1391 1392 infonres = NDR_NEW(mxa, struct mslm_infonres); 1393 if (infonres == NULL) { 1394 bzero(param, sizeof (struct mslm_NetShareEnum)); 1395 param->status = ERROR_NOT_ENOUGH_MEMORY; 1396 return (NDR_DRC_OK); 1397 } 1398 1399 infonres->entriesread = 0; 1400 infonres->entries = NULL; 1401 param->result.level = param->level; 1402 param->result.bufptr.p = infonres; 1403 1404 bzero(&se, sizeof (srvsvc_enum_t)); 1405 se.se_level = param->level; 1406 se.se_n_total = smb_shr_count(); 1407 1408 if (param->prefmaxlen == SMB_SRVSVC_MAXPREFLEN || 1409 param->prefmaxlen > SMB_SRVSVC_MAXBUFLEN) 1410 se.se_prefmaxlen = SMB_SRVSVC_MAXBUFLEN; 1411 else 1412 se.se_prefmaxlen = param->prefmaxlen; 1413 1414 if (param->resume_handle) { 1415 se.se_resume_handle = *param->resume_handle; 1416 se.se_n_skip = se.se_resume_handle; 1417 } 1418 1419 switch (param->level) { 1420 case 0: 1421 status = mlsvc_NetShareEnumLevel0(mxa, infonres, &se, 0); 1422 break; 1423 1424 case 1: 1425 status = mlsvc_NetShareEnumLevel1(mxa, infonres, &se, 0); 1426 break; 1427 1428 case 2: 1429 status = mlsvc_NetShareEnumLevel2(mxa, infonres, &se, 0); 1430 break; 1431 1432 case 501: 1433 status = mlsvc_NetShareEnumLevel501(mxa, infonres, &se, 0); 1434 break; 1435 1436 case 502: 1437 status = mlsvc_NetShareEnumLevel502(mxa, infonres, &se, 0); 1438 break; 1439 1440 default: 1441 status = ERROR_INVALID_PARAMETER; 1442 break; 1443 } 1444 1445 if (status != 0) { 1446 bzero(param, sizeof (struct mslm_NetShareEnum)); 1447 param->status = status; 1448 return (NDR_DRC_OK); 1449 } 1450 1451 if (se.se_n_enum == 0) { 1452 if (param->resume_handle) 1453 *param->resume_handle = 0; 1454 param->status = ERROR_SUCCESS; 1455 return (NDR_DRC_OK); 1456 } 1457 1458 if (param->resume_handle && 1459 param->prefmaxlen != SMB_SRVSVC_MAXPREFLEN) { 1460 if (se.se_resume_handle < se.se_n_total) { 1461 *param->resume_handle = se.se_resume_handle; 1462 status = ERROR_MORE_DATA; 1463 } else { 1464 *param->resume_handle = 0; 1465 } 1466 } 1467 1468 param->totalentries = se.se_n_total; 1469 param->status = status; 1470 return (NDR_DRC_OK); 1471 } 1472 1473 /* 1474 * srvsvc_s_NetShareEnumSticky 1475 * 1476 * Enumerate sticky shares: all shares except those marked STYPE_SPECIAL. 1477 * Except for excluding STYPE_SPECIAL shares, NetShareEnumSticky is the 1478 * same as NetShareEnum. 1479 * 1480 * Request for various levels of information about our shares. 1481 * Level 0: share names. 1482 * Level 1: share name, share type and comment field. 1483 * Level 2: everything that we know about the shares. 1484 * Level 501: not valid for this request. 1485 * Level 502: level 2 + security descriptor. 1486 * 1487 * We set n_skip to resume_handle, which is used to find the appropriate 1488 * place to resume. The resume_handle is similar to the readdir cookie. 1489 */ 1490 static int 1491 srvsvc_s_NetShareEnumSticky(void *arg, ndr_xa_t *mxa) 1492 { 1493 struct mslm_NetShareEnum *param = arg; 1494 struct mslm_infonres *infonres; 1495 srvsvc_enum_t se; 1496 DWORD status; 1497 1498 infonres = NDR_NEW(mxa, struct mslm_infonres); 1499 if (infonres == NULL) { 1500 bzero(param, sizeof (struct mslm_NetShareEnum)); 1501 param->status = ERROR_NOT_ENOUGH_MEMORY; 1502 return (NDR_DRC_OK); 1503 } 1504 1505 infonres->entriesread = 0; 1506 infonres->entries = NULL; 1507 param->result.level = param->level; 1508 param->result.bufptr.p = infonres; 1509 1510 bzero(&se, sizeof (srvsvc_enum_t)); 1511 se.se_level = param->level; 1512 se.se_n_total = smb_shr_count(); 1513 1514 if (param->prefmaxlen == SMB_SRVSVC_MAXPREFLEN || 1515 param->prefmaxlen > SMB_SRVSVC_MAXBUFLEN) 1516 se.se_prefmaxlen = SMB_SRVSVC_MAXBUFLEN; 1517 else 1518 se.se_prefmaxlen = param->prefmaxlen; 1519 1520 if (param->resume_handle) { 1521 se.se_resume_handle = *param->resume_handle; 1522 se.se_n_skip = se.se_resume_handle; 1523 } 1524 1525 switch (param->level) { 1526 case 0: 1527 status = mlsvc_NetShareEnumLevel0(mxa, infonres, &se, 1); 1528 break; 1529 1530 case 1: 1531 status = mlsvc_NetShareEnumLevel1(mxa, infonres, &se, 1); 1532 break; 1533 1534 case 2: 1535 status = mlsvc_NetShareEnumLevel2(mxa, infonres, &se, 1); 1536 break; 1537 1538 case 502: 1539 status = mlsvc_NetShareEnumLevel502(mxa, infonres, &se, 1); 1540 break; 1541 1542 default: 1543 status = ERROR_INVALID_LEVEL; 1544 break; 1545 } 1546 1547 if (status != ERROR_SUCCESS) { 1548 bzero(param, sizeof (struct mslm_NetShareEnum)); 1549 param->status = status; 1550 return (NDR_DRC_OK); 1551 } 1552 1553 if (se.se_n_enum == 0) { 1554 if (param->resume_handle) 1555 *param->resume_handle = 0; 1556 param->status = ERROR_SUCCESS; 1557 return (NDR_DRC_OK); 1558 } 1559 1560 if (param->resume_handle && 1561 param->prefmaxlen != SMB_SRVSVC_MAXPREFLEN) { 1562 if (se.se_resume_handle < se.se_n_total) { 1563 *param->resume_handle = se.se_resume_handle; 1564 status = ERROR_MORE_DATA; 1565 } else { 1566 *param->resume_handle = 0; 1567 } 1568 } 1569 1570 param->totalentries = se.se_n_total; 1571 param->status = status; 1572 return (NDR_DRC_OK); 1573 } 1574 1575 /* 1576 * NetShareEnum Level 0 1577 */ 1578 static DWORD 1579 mlsvc_NetShareEnumLevel0(ndr_xa_t *mxa, 1580 struct mslm_infonres *infonres, srvsvc_enum_t *se, int sticky) 1581 { 1582 struct mslm_SHARE_INFO_0 *info0; 1583 smb_shriter_t iterator; 1584 smb_share_t *si; 1585 DWORD status; 1586 1587 se->se_n_enum = srvsvc_estimate_objcnt(se->se_prefmaxlen, 1588 se->se_n_total, sizeof (struct mslm_SHARE_INFO_0) + MAXNAMELEN); 1589 if (se->se_n_enum == 0) 1590 return (ERROR_SUCCESS); 1591 1592 info0 = NDR_NEWN(mxa, struct mslm_SHARE_INFO_0, se->se_n_enum); 1593 if (info0 == NULL) 1594 return (ERROR_NOT_ENOUGH_MEMORY); 1595 1596 smb_shr_iterinit(&iterator); 1597 1598 se->se_n_read = 0; 1599 while ((si = smb_shr_iterate(&iterator)) != NULL) { 1600 if (se->se_n_skip > 0) { 1601 --se->se_n_skip; 1602 continue; 1603 } 1604 1605 ++se->se_resume_handle; 1606 1607 if (sticky && (si->shr_flags & SMB_SHRF_TRANS)) 1608 continue; 1609 1610 if (si->shr_flags & SMB_SHRF_AUTOHOME) 1611 continue; 1612 1613 if (se->se_n_read >= se->se_n_enum) { 1614 se->se_n_read = se->se_n_enum; 1615 break; 1616 } 1617 1618 status = mlsvc_NetShareEnumCommon(mxa, se, si, (void *)info0); 1619 if (status != ERROR_SUCCESS) 1620 break; 1621 1622 ++se->se_n_read; 1623 } 1624 1625 if (se->se_n_read < se->se_n_enum) { 1626 if (srvsvc_add_autohome(mxa, se, (void *)info0)) 1627 ++se->se_n_read; 1628 } 1629 1630 infonres->entriesread = se->se_n_read; 1631 infonres->entries = info0; 1632 return (ERROR_SUCCESS); 1633 } 1634 1635 /* 1636 * NetShareEnum Level 1 1637 */ 1638 static DWORD 1639 mlsvc_NetShareEnumLevel1(ndr_xa_t *mxa, 1640 struct mslm_infonres *infonres, srvsvc_enum_t *se, int sticky) 1641 { 1642 struct mslm_SHARE_INFO_1 *info1; 1643 smb_shriter_t iterator; 1644 smb_share_t *si; 1645 DWORD status; 1646 1647 se->se_n_enum = srvsvc_estimate_objcnt(se->se_prefmaxlen, 1648 se->se_n_total, sizeof (struct mslm_SHARE_INFO_1) + MAXNAMELEN); 1649 if (se->se_n_enum == 0) 1650 return (ERROR_SUCCESS); 1651 1652 info1 = NDR_NEWN(mxa, struct mslm_SHARE_INFO_1, se->se_n_enum); 1653 if (info1 == NULL) 1654 return (ERROR_NOT_ENOUGH_MEMORY); 1655 1656 smb_shr_iterinit(&iterator); 1657 1658 se->se_n_read = 0; 1659 while ((si = smb_shr_iterate(&iterator)) != 0) { 1660 if (se->se_n_skip > 0) { 1661 --se->se_n_skip; 1662 continue; 1663 } 1664 1665 ++se->se_resume_handle; 1666 1667 if (sticky && (si->shr_flags & SMB_SHRF_TRANS)) 1668 continue; 1669 1670 if (si->shr_flags & SMB_SHRF_AUTOHOME) 1671 continue; 1672 1673 if (se->se_n_read >= se->se_n_enum) { 1674 se->se_n_read = se->se_n_enum; 1675 break; 1676 } 1677 1678 status = mlsvc_NetShareEnumCommon(mxa, se, si, (void *)info1); 1679 if (status != ERROR_SUCCESS) 1680 break; 1681 1682 ++se->se_n_read; 1683 } 1684 1685 if (se->se_n_read < se->se_n_enum) { 1686 if (srvsvc_add_autohome(mxa, se, (void *)info1)) 1687 ++se->se_n_read; 1688 } 1689 1690 infonres->entriesread = se->se_n_read; 1691 infonres->entries = info1; 1692 return (ERROR_SUCCESS); 1693 } 1694 1695 /* 1696 * NetShareEnum Level 2 1697 */ 1698 static DWORD 1699 mlsvc_NetShareEnumLevel2(ndr_xa_t *mxa, 1700 struct mslm_infonres *infonres, srvsvc_enum_t *se, int sticky) 1701 { 1702 struct mslm_SHARE_INFO_2 *info2; 1703 smb_shriter_t iterator; 1704 smb_share_t *si; 1705 DWORD status; 1706 1707 se->se_n_enum = srvsvc_estimate_objcnt(se->se_prefmaxlen, 1708 se->se_n_total, sizeof (struct mslm_SHARE_INFO_2) + MAXNAMELEN); 1709 if (se->se_n_enum == 0) 1710 return (ERROR_SUCCESS); 1711 1712 info2 = NDR_NEWN(mxa, struct mslm_SHARE_INFO_2, se->se_n_enum); 1713 if (info2 == NULL) 1714 return (ERROR_NOT_ENOUGH_MEMORY); 1715 1716 smb_shr_iterinit(&iterator); 1717 1718 se->se_n_read = 0; 1719 while ((si = smb_shr_iterate(&iterator)) != 0) { 1720 if (se->se_n_skip > 0) { 1721 --se->se_n_skip; 1722 continue; 1723 } 1724 1725 ++se->se_resume_handle; 1726 1727 if (sticky && (si->shr_flags & SMB_SHRF_TRANS)) 1728 continue; 1729 1730 if (si->shr_flags & SMB_SHRF_AUTOHOME) 1731 continue; 1732 1733 if (se->se_n_read >= se->se_n_enum) { 1734 se->se_n_read = se->se_n_enum; 1735 break; 1736 } 1737 1738 status = mlsvc_NetShareEnumCommon(mxa, se, si, (void *)info2); 1739 if (status != ERROR_SUCCESS) 1740 break; 1741 1742 ++se->se_n_read; 1743 } 1744 1745 if (se->se_n_read < se->se_n_enum) { 1746 if (srvsvc_add_autohome(mxa, se, (void *)info2)) 1747 ++se->se_n_read; 1748 } 1749 1750 infonres->entriesread = se->se_n_read; 1751 infonres->entries = info2; 1752 return (ERROR_SUCCESS); 1753 } 1754 1755 /* 1756 * NetShareEnum Level 501 1757 */ 1758 static DWORD 1759 mlsvc_NetShareEnumLevel501(ndr_xa_t *mxa, 1760 struct mslm_infonres *infonres, srvsvc_enum_t *se, int sticky) 1761 { 1762 struct mslm_SHARE_INFO_501 *info501; 1763 smb_shriter_t iterator; 1764 smb_share_t *si; 1765 DWORD status; 1766 1767 se->se_n_enum = srvsvc_estimate_objcnt(se->se_prefmaxlen, 1768 se->se_n_total, sizeof (struct mslm_SHARE_INFO_501) + MAXNAMELEN); 1769 if (se->se_n_enum == 0) 1770 return (ERROR_SUCCESS); 1771 1772 info501 = NDR_NEWN(mxa, struct mslm_SHARE_INFO_501, 1773 se->se_n_enum); 1774 if (info501 == NULL) 1775 return (ERROR_NOT_ENOUGH_MEMORY); 1776 1777 smb_shr_iterinit(&iterator); 1778 1779 se->se_n_read = 0; 1780 while ((si = smb_shr_iterate(&iterator)) != 0) { 1781 if (se->se_n_skip > 0) { 1782 --se->se_n_skip; 1783 continue; 1784 } 1785 1786 ++se->se_resume_handle; 1787 1788 if (sticky && (si->shr_flags & SMB_SHRF_TRANS)) 1789 continue; 1790 1791 if (si->shr_flags & SMB_SHRF_AUTOHOME) 1792 continue; 1793 1794 if (se->se_n_read >= se->se_n_enum) { 1795 se->se_n_read = se->se_n_enum; 1796 break; 1797 } 1798 1799 status = mlsvc_NetShareEnumCommon(mxa, se, si, (void *)info501); 1800 if (status != ERROR_SUCCESS) 1801 break; 1802 1803 ++se->se_n_read; 1804 } 1805 1806 if (se->se_n_read < se->se_n_enum) { 1807 if (srvsvc_add_autohome(mxa, se, (void *)info501)) 1808 ++se->se_n_read; 1809 } 1810 1811 infonres->entriesread = se->se_n_read; 1812 infonres->entries = info501; 1813 return (ERROR_SUCCESS); 1814 } 1815 1816 /* 1817 * NetShareEnum Level 502 1818 */ 1819 static DWORD 1820 mlsvc_NetShareEnumLevel502(ndr_xa_t *mxa, 1821 struct mslm_infonres *infonres, srvsvc_enum_t *se, int sticky) 1822 { 1823 struct mslm_SHARE_INFO_502 *info502; 1824 smb_shriter_t iterator; 1825 smb_share_t *si; 1826 DWORD status; 1827 1828 se->se_n_enum = srvsvc_estimate_objcnt(se->se_prefmaxlen, 1829 se->se_n_total, sizeof (struct mslm_SHARE_INFO_502) + MAXNAMELEN); 1830 if (se->se_n_enum == 0) 1831 return (ERROR_SUCCESS); 1832 1833 info502 = NDR_NEWN(mxa, struct mslm_SHARE_INFO_502, 1834 se->se_n_enum); 1835 if (info502 == NULL) 1836 return (ERROR_NOT_ENOUGH_MEMORY); 1837 1838 smb_shr_iterinit(&iterator); 1839 1840 se->se_n_read = 0; 1841 while ((si = smb_shr_iterate(&iterator)) != NULL) { 1842 if (se->se_n_skip > 0) { 1843 --se->se_n_skip; 1844 continue; 1845 } 1846 1847 ++se->se_resume_handle; 1848 1849 if (sticky && (si->shr_flags & SMB_SHRF_TRANS)) 1850 continue; 1851 1852 if (si->shr_flags & SMB_SHRF_AUTOHOME) 1853 continue; 1854 1855 if (se->se_n_read >= se->se_n_enum) { 1856 se->se_n_read = se->se_n_enum; 1857 break; 1858 } 1859 1860 status = mlsvc_NetShareEnumCommon(mxa, se, si, (void *)info502); 1861 if (status != ERROR_SUCCESS) 1862 break; 1863 1864 ++se->se_n_read; 1865 } 1866 1867 if (se->se_n_read < se->se_n_enum) { 1868 if (srvsvc_add_autohome(mxa, se, (void *)info502)) 1869 ++se->se_n_read; 1870 } 1871 1872 infonres->entriesread = se->se_n_read; 1873 infonres->entries = info502; 1874 return (ERROR_SUCCESS); 1875 } 1876 1877 /* 1878 * mlsvc_NetShareEnumCommon 1879 * 1880 * Build the levels 0, 1, 2, 501 and 502 share information. This function 1881 * is called by the various NetShareEnum levels for each share. If 1882 * we cannot build the share data for some reason, we return an error 1883 * but the actual value of the error is not important to the caller. 1884 * The caller just needs to know not to include this info in the RPC 1885 * response. 1886 * 1887 * Returns: 1888 * ERROR_SUCCESS 1889 * ERROR_NOT_ENOUGH_MEMORY 1890 * ERROR_INVALID_LEVEL 1891 */ 1892 static DWORD 1893 mlsvc_NetShareEnumCommon(ndr_xa_t *mxa, srvsvc_enum_t *se, 1894 smb_share_t *si, void *infop) 1895 { 1896 struct mslm_SHARE_INFO_0 *info0; 1897 struct mslm_SHARE_INFO_1 *info1; 1898 struct mslm_SHARE_INFO_2 *info2; 1899 struct mslm_SHARE_INFO_501 *info501; 1900 struct mslm_SHARE_INFO_502 *info502; 1901 int i = se->se_n_read; 1902 1903 switch (se->se_level) { 1904 case 0: 1905 info0 = (struct mslm_SHARE_INFO_0 *)infop; 1906 info0[i].shi0_netname 1907 = (uint8_t *)NDR_STRDUP(mxa, si->shr_name); 1908 1909 if (info0[i].shi0_netname == NULL) 1910 return (ERROR_NOT_ENOUGH_MEMORY); 1911 break; 1912 1913 case 1: 1914 info1 = (struct mslm_SHARE_INFO_1 *)infop; 1915 info1[i].shi1_netname 1916 = (uint8_t *)NDR_STRDUP(mxa, si->shr_name); 1917 info1[i].shi1_remark 1918 = (uint8_t *)NDR_STRDUP(mxa, si->shr_cmnt); 1919 1920 info1[i].shi1_type = si->shr_type; 1921 1922 if (!info1[i].shi1_netname || !info1[i].shi1_remark) 1923 return (ERROR_NOT_ENOUGH_MEMORY); 1924 break; 1925 1926 case 2: 1927 info2 = (struct mslm_SHARE_INFO_2 *)infop; 1928 info2[i].shi2_netname 1929 = (uint8_t *)NDR_STRDUP(mxa, si->shr_name); 1930 info2[i].shi2_remark 1931 = (uint8_t *)NDR_STRDUP(mxa, si->shr_cmnt); 1932 1933 info2[i].shi2_path 1934 = (uint8_t *)srvsvc_share_mkpath(mxa, si->shr_path); 1935 1936 info2[i].shi2_type = si->shr_type; 1937 info2[i].shi2_permissions = 0; 1938 info2[i].shi2_max_uses = SHI_USES_UNLIMITED; 1939 info2[i].shi2_current_uses = 0; 1940 info2[i].shi2_passwd 1941 = (uint8_t *)NDR_STRDUP(mxa, empty_string); 1942 1943 if (!info2[i].shi2_netname || !info2[i].shi2_remark || 1944 !info2[i].shi2_passwd || !info2[i].shi2_path) 1945 return (ERROR_NOT_ENOUGH_MEMORY); 1946 1947 break; 1948 1949 case 501: 1950 info501 = (struct mslm_SHARE_INFO_501 *)infop; 1951 info501[i].shi501_netname 1952 = (uint8_t *)NDR_STRDUP(mxa, si->shr_name); 1953 info501[i].shi501_remark 1954 = (uint8_t *)NDR_STRDUP(mxa, si->shr_cmnt); 1955 1956 info501[i].shi501_type = si->shr_type; 1957 info501[i].shi501_flags = 0; 1958 1959 if (!info501[i].shi501_netname || !info501[i].shi501_remark) 1960 return (ERROR_NOT_ENOUGH_MEMORY); 1961 break; 1962 1963 case 502: 1964 info502 = (struct mslm_SHARE_INFO_502 *)infop; 1965 info502[i].shi502_netname 1966 = (uint8_t *)NDR_STRDUP(mxa, si->shr_name); 1967 info502[i].shi502_remark 1968 = (uint8_t *)NDR_STRDUP(mxa, si->shr_cmnt); 1969 1970 info502[i].shi502_path 1971 = (uint8_t *)srvsvc_share_mkpath(mxa, si->shr_path); 1972 1973 info502[i].shi502_type = si->shr_type; 1974 info502[i].shi502_permissions = 0; 1975 info502[i].shi502_max_uses = SHI_USES_UNLIMITED; 1976 info502[i].shi502_current_uses = 0; 1977 info502[i].shi502_passwd 1978 = (uint8_t *)NDR_STRDUP(mxa, empty_string); 1979 1980 info502[i].shi502_reserved = 0; 1981 info502[i].shi502_security_descriptor = 0; 1982 1983 if (!info502[i].shi502_netname || !info502[i].shi502_remark || 1984 !info502[i].shi502_passwd || !info502[i].shi502_path) 1985 return (ERROR_NOT_ENOUGH_MEMORY); 1986 break; 1987 1988 default: 1989 return (ERROR_INVALID_LEVEL); 1990 } 1991 1992 return (ERROR_SUCCESS); 1993 } 1994 1995 /* 1996 * srvsvc_add_autohome 1997 * 1998 * Add the autohome share for the user. The share must not be a permanent 1999 * share to avoid duplicates. 2000 */ 2001 static boolean_t 2002 srvsvc_add_autohome(ndr_xa_t *mxa, srvsvc_enum_t *se, void *infop) 2003 { 2004 smb_opipe_context_t *ctx = &mxa->pipe->np_ctx; 2005 char *username = ctx->oc_account; 2006 smb_share_t si; 2007 DWORD status; 2008 2009 if (smb_shr_get(username, &si) != NERR_Success) 2010 return (B_FALSE); 2011 2012 if ((si.shr_flags & SMB_SHRF_AUTOHOME) == 0) 2013 return (B_FALSE); 2014 2015 status = mlsvc_NetShareEnumCommon(mxa, se, &si, infop); 2016 return (status == ERROR_SUCCESS); 2017 } 2018 2019 /* 2020 * srvsvc_share_mkpath 2021 * 2022 * Create the share path required by the share enum calls. The path 2023 * is created in a heap buffer ready for use by the caller. 2024 * 2025 * Some Windows over-the-wire backup applications do not work unless a 2026 * drive letter is present in the share path. We don't care about the 2027 * drive letter since the path is fully qualified with the volume name. 2028 * 2029 * Windows clients seem to be mostly okay with forward slashes in 2030 * share paths but they cannot handle one immediately after the drive 2031 * letter, i.e. B:/. For consistency we convert all the slashes in 2032 * the path. 2033 * 2034 * Returns a pointer to a heap buffer containing the share path, which 2035 * could be a null pointer if the heap allocation fails. 2036 */ 2037 static char * 2038 srvsvc_share_mkpath(ndr_xa_t *mxa, char *path) 2039 { 2040 char tmpbuf[MAXPATHLEN]; 2041 char *p; 2042 2043 if (strlen(path) == 0) 2044 return (NDR_STRDUP(mxa, path)); 2045 2046 /* 2047 * Strip the volume name from the path (/vol1/home -> /home). 2048 */ 2049 p = path; 2050 p += strspn(p, "/"); 2051 p += strcspn(p, "/"); 2052 p += strspn(p, "/"); 2053 (void) snprintf(tmpbuf, MAXPATHLEN, "%c:/%s", 'B', p); 2054 (void) strsubst(tmpbuf, '/', '\\'); 2055 2056 return (NDR_STRDUP(mxa, tmpbuf)); 2057 } 2058 2059 /* 2060 * srvsvc_s_NetShareDel 2061 * 2062 * Delete a share. Only the administrator, or a member of the domain 2063 * administrators group, is allowed to delete shares. 2064 * 2065 * This interface is used by the rmtshare command from the NT resource 2066 * kit. Rmtshare allows a client to add or remove shares on a server 2067 * from the client's command line. 2068 * 2069 * Returns Win32 error codes. 2070 */ 2071 static int 2072 srvsvc_s_NetShareDel(void *arg, ndr_xa_t *mxa) 2073 { 2074 struct mslm_NetShareDel *param = arg; 2075 2076 if (!ndr_is_poweruser(mxa) || 2077 smb_shr_is_restricted((char *)param->netname)) { 2078 param->status = ERROR_ACCESS_DENIED; 2079 return (NDR_DRC_OK); 2080 } 2081 2082 param->status = srvsvc_sa_delete((char *)param->netname); 2083 return (NDR_DRC_OK); 2084 } 2085 2086 /* 2087 * srvsvc_s_NetGetFileSecurity 2088 * 2089 * Get security descriptor of the requested file/folder 2090 * 2091 * Right now, just returns ERROR_ACCESS_DENIED, because we cannot 2092 * get the requested SD here in RPC code. 2093 */ 2094 /*ARGSUSED*/ 2095 static int 2096 srvsvc_s_NetGetFileSecurity(void *arg, ndr_xa_t *mxa) 2097 { 2098 struct mslm_NetGetFileSecurity *param = arg; 2099 2100 param->length = 0; 2101 param->status = ERROR_ACCESS_DENIED; 2102 return (NDR_DRC_OK); 2103 } 2104 2105 /* 2106 * srvsvc_s_NetSetFileSecurity 2107 * 2108 * Set the given security descriptor for the requested file/folder 2109 * 2110 * Right now, just returns ERROR_ACCESS_DENIED, because we cannot 2111 * set the requested SD here in RPC code. 2112 */ 2113 /*ARGSUSED*/ 2114 static int 2115 srvsvc_s_NetSetFileSecurity(void *arg, ndr_xa_t *mxa) 2116 { 2117 struct mslm_NetSetFileSecurity *param = arg; 2118 2119 param->status = ERROR_ACCESS_DENIED; 2120 return (NDR_DRC_OK); 2121 } 2122 2123 /* 2124 * If the default "smb" share group exists then return the group 2125 * handle, otherwise create the group and return the handle. 2126 * 2127 * All shares created via the srvsvc will be added to the "smb" 2128 * group. 2129 */ 2130 static sa_group_t 2131 srvsvc_sa_get_smbgrp(sa_handle_t handle) 2132 { 2133 sa_group_t group = NULL; 2134 int err; 2135 2136 group = sa_get_group(handle, SMB_DEFAULT_SHARE_GROUP); 2137 if (group != NULL) 2138 return (group); 2139 2140 group = sa_create_group(handle, SMB_DEFAULT_SHARE_GROUP, &err); 2141 if (group == NULL) 2142 return (NULL); 2143 2144 if (sa_create_optionset(group, SMB_DEFAULT_SHARE_GROUP) == NULL) { 2145 (void) sa_remove_group(group); 2146 group = NULL; 2147 } 2148 2149 return (group); 2150 } 2151 2152 /* 2153 * Stores the given share in sharemgr 2154 */ 2155 static uint32_t 2156 srvsvc_sa_add(char *sharename, char *path, char *cmnt) 2157 { 2158 sa_handle_t handle; 2159 sa_share_t share; 2160 sa_group_t group; 2161 sa_resource_t resource; 2162 boolean_t new_share = B_FALSE; 2163 uint32_t status = NERR_Success; 2164 int err; 2165 2166 if ((handle = smb_shr_sa_enter()) == NULL) 2167 return (NERR_InternalError); 2168 2169 share = sa_find_share(handle, path); 2170 if (share == NULL) { 2171 group = srvsvc_sa_get_smbgrp(handle); 2172 if (group == NULL) { 2173 smb_shr_sa_exit(); 2174 return (NERR_InternalError); 2175 } 2176 2177 share = sa_add_share(group, path, SA_SHARE_PERMANENT, &err); 2178 if (share == NULL) { 2179 smb_shr_sa_exit(); 2180 return (NERR_InternalError); 2181 } 2182 new_share = B_TRUE; 2183 } 2184 2185 resource = sa_get_share_resource(share, sharename); 2186 if (resource == NULL) { 2187 resource = sa_add_resource(share, sharename, 2188 SA_SHARE_PERMANENT, &err); 2189 if (resource == NULL) { 2190 if (new_share) 2191 (void) sa_remove_share(share); 2192 smb_shr_sa_exit(); 2193 return (NERR_InternalError); 2194 } 2195 } 2196 2197 (void) sa_set_resource_description(resource, cmnt); 2198 2199 smb_shr_sa_exit(); 2200 return (status); 2201 } 2202 2203 /* 2204 * Removes the share from sharemgr 2205 */ 2206 static uint32_t 2207 srvsvc_sa_delete(char *sharename) 2208 { 2209 sa_handle_t handle; 2210 sa_resource_t resource; 2211 uint32_t status; 2212 2213 if ((handle = smb_shr_sa_enter()) == NULL) 2214 return (NERR_InternalError); 2215 2216 status = NERR_InternalError; 2217 if ((resource = sa_find_resource(handle, sharename)) != NULL) { 2218 if (sa_remove_resource(resource) == SA_OK) 2219 status = NERR_Success; 2220 } 2221 2222 smb_shr_sa_exit(); 2223 return (status); 2224 } 2225 2226 static ndr_stub_table_t srvsvc_stub_table[] = { 2227 { srvsvc_s_NetConnectEnum, SRVSVC_OPNUM_NetConnectEnum }, 2228 { srvsvc_s_NetFileEnum, SRVSVC_OPNUM_NetFileEnum }, 2229 { srvsvc_s_NetFileClose, SRVSVC_OPNUM_NetFileClose }, 2230 { srvsvc_s_NetShareGetInfo, SRVSVC_OPNUM_NetShareGetInfo }, 2231 { srvsvc_s_NetShareSetInfo, SRVSVC_OPNUM_NetShareSetInfo }, 2232 { srvsvc_s_NetSessionEnum, SRVSVC_OPNUM_NetSessionEnum }, 2233 { srvsvc_s_NetSessionDel, SRVSVC_OPNUM_NetSessionDel }, 2234 { srvsvc_s_NetServerGetInfo, SRVSVC_OPNUM_NetServerGetInfo }, 2235 { srvsvc_s_NetRemoteTOD, SRVSVC_OPNUM_NetRemoteTOD }, 2236 { srvsvc_s_NetNameValidate, SRVSVC_OPNUM_NetNameValidate }, 2237 { srvsvc_s_NetShareAdd, SRVSVC_OPNUM_NetShareAdd }, 2238 { srvsvc_s_NetShareDel, SRVSVC_OPNUM_NetShareDel }, 2239 { srvsvc_s_NetShareEnum, SRVSVC_OPNUM_NetShareEnum }, 2240 { srvsvc_s_NetShareEnumSticky, SRVSVC_OPNUM_NetShareEnumSticky }, 2241 { srvsvc_s_NetGetFileSecurity, SRVSVC_OPNUM_NetGetFileSecurity }, 2242 { srvsvc_s_NetSetFileSecurity, SRVSVC_OPNUM_NetSetFileSecurity }, 2243 {0} 2244 }; 2245