1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright 2015 Nexenta Systems, Inc. All rights reserved. 24 */ 25 26 #include <assert.h> 27 #include <syslog.h> 28 #include <door.h> 29 #include <fcntl.h> 30 #include <string.h> 31 #include <strings.h> 32 #include <stdlib.h> 33 #include <unistd.h> 34 #include <errno.h> 35 #include <sys/mman.h> 36 #include <smbsrv/libsmb.h> 37 #include <smbsrv/wintypes.h> 38 #include <smbsrv/smb_door.h> 39 40 static int smb_door_call(uint32_t, void *, xdrproc_t, void *, xdrproc_t); 41 static int smb_door_call_private(int, smb_doorarg_t *); 42 static int smb_door_encode(smb_doorarg_t *, uint32_t); 43 static int smb_door_decode(smb_doorarg_t *); 44 static void smb_door_sethdr(smb_doorhdr_t *, uint32_t, uint32_t); 45 static boolean_t smb_door_chkhdr(smb_doorarg_t *, smb_doorhdr_t *); 46 static void smb_door_free(door_arg_t *arg); 47 48 /* 49 * Given a SID, make a door call to get the associated name. 50 * 51 * Returns 0 if the door call is successful, otherwise -1. 52 * 53 * If 0 is returned, the lookup result will be available in a_status. 54 * NT_STATUS_SUCCESS The SID was mapped to a name. 55 * NT_STATUS_NONE_MAPPED The SID could not be mapped to a name. 56 */ 57 int 58 smb_lookup_sid(const char *sid, lsa_account_t *acct) 59 { 60 int rc; 61 62 assert((sid != NULL) && (acct != NULL)); 63 64 bzero(acct, sizeof (lsa_account_t)); 65 (void) strlcpy(acct->a_sid, sid, SMB_SID_STRSZ); 66 67 rc = smb_door_call(SMB_DR_LOOKUP_SID, acct, lsa_account_xdr, 68 acct, lsa_account_xdr); 69 70 if (rc != 0) 71 syslog(LOG_DEBUG, "smb_lookup_sid: %m"); 72 return (rc); 73 } 74 75 /* 76 * Given a name, make a door call to get the associated SID. 77 * 78 * Returns 0 if the door call is successful, otherwise -1. 79 * 80 * If 0 is returned, the lookup result will be available in a_status. 81 * NT_STATUS_SUCCESS The name was mapped to a SID. 82 * NT_STATUS_NONE_MAPPED The name could not be mapped to a SID. 83 */ 84 int 85 smb_lookup_name(const char *name, sid_type_t sidtype, lsa_account_t *acct) 86 { 87 char tmp[MAXNAMELEN]; 88 char *dp = NULL; 89 char *np = NULL; 90 int rc; 91 92 assert((name != NULL) && (acct != NULL)); 93 94 (void) strlcpy(tmp, name, MAXNAMELEN); 95 smb_name_parse(tmp, &np, &dp); 96 97 bzero(acct, sizeof (lsa_account_t)); 98 acct->a_sidtype = sidtype; 99 100 if (dp != NULL && np != NULL) { 101 (void) strlcpy(acct->a_domain, dp, MAXNAMELEN); 102 (void) strlcpy(acct->a_name, np, MAXNAMELEN); 103 } else { 104 (void) strlcpy(acct->a_name, name, MAXNAMELEN); 105 } 106 107 rc = smb_door_call(SMB_DR_LOOKUP_NAME, acct, lsa_account_xdr, 108 acct, lsa_account_xdr); 109 110 if (rc != 0) 111 syslog(LOG_DEBUG, "smb_lookup_name: %m"); 112 return (rc); 113 } 114 115 int 116 smb_join(smb_joininfo_t *jdi, smb_joinres_t *jres) 117 { 118 int rc; 119 120 rc = smb_door_call(SMB_DR_JOIN, jdi, smb_joininfo_xdr, 121 jres, smb_joinres_xdr); 122 123 if (rc != 0) { 124 /* 125 * This usually means the SMB service is not running. 126 */ 127 syslog(LOG_DEBUG, "smb_join: %m"); 128 jres->status = NT_STATUS_SERVER_DISABLED; 129 return (rc); 130 } 131 132 return (0); 133 } 134 135 /* 136 * Get information about the Domain Controller in the joined resource domain. 137 * 138 * Returns NT status codes. 139 */ 140 uint32_t 141 smb_get_dcinfo(char *namebuf, uint32_t namebuflen, smb_inaddr_t *ipaddr) 142 { 143 smb_string_t dcname; 144 struct hostent *h; 145 int rc; 146 147 assert((namebuf != NULL) && (namebuflen != 0)); 148 *namebuf = '\0'; 149 bzero(&dcname, sizeof (smb_string_t)); 150 151 rc = smb_door_call(SMB_DR_GET_DCINFO, NULL, NULL, 152 &dcname, smb_string_xdr); 153 154 if (rc != 0) { 155 syslog(LOG_DEBUG, "smb_get_dcinfo: %m"); 156 if (dcname.buf) 157 xdr_free(smb_string_xdr, (char *)&dcname); 158 return (NT_STATUS_INTERNAL_ERROR); 159 } 160 161 if (dcname.buf) { 162 (void) strlcpy(namebuf, dcname.buf, namebuflen); 163 164 if ((h = smb_gethostbyname(dcname.buf, &rc)) == NULL) { 165 bzero(ipaddr, sizeof (smb_inaddr_t)); 166 } else { 167 (void) memcpy(ipaddr, h->h_addr, h->h_length); 168 ipaddr->a_family = h->h_addrtype; 169 freehostent(h); 170 } 171 xdr_free(smb_string_xdr, (char *)&dcname); 172 } 173 174 return (NT_STATUS_SUCCESS); 175 } 176 177 bool_t 178 smb_joininfo_xdr(XDR *xdrs, smb_joininfo_t *objp) 179 { 180 if (!xdr_vector(xdrs, (char *)objp->domain_name, MAXHOSTNAMELEN, 181 sizeof (char), (xdrproc_t)xdr_char)) 182 return (FALSE); 183 184 if (!xdr_vector(xdrs, (char *)objp->domain_username, 185 SMB_USERNAME_MAXLEN + 1, sizeof (char), (xdrproc_t)xdr_char)) 186 return (FALSE); 187 188 if (!xdr_vector(xdrs, (char *)objp->domain_passwd, 189 SMB_PASSWD_MAXLEN + 1, sizeof (char), (xdrproc_t)xdr_char)) 190 return (FALSE); 191 192 if (!xdr_uint32_t(xdrs, &objp->mode)) 193 return (FALSE); 194 195 return (TRUE); 196 } 197 198 bool_t 199 smb_joinres_xdr(XDR *xdrs, smb_joinres_t *objp) 200 { 201 202 if (!xdr_uint32_t(xdrs, &objp->status)) 203 return (FALSE); 204 205 if (!xdr_int(xdrs, &objp->join_err)) 206 return (FALSE); 207 208 if (!xdr_vector(xdrs, (char *)objp->dc_name, MAXHOSTNAMELEN, 209 sizeof (char), (xdrproc_t)xdr_char)) 210 return (FALSE); 211 212 return (TRUE); 213 } 214 215 /* 216 * Parameters: 217 * fqdn (input) - fully-qualified domain name 218 * buf (output) - fully-qualified hostname of the AD server found 219 * by this function. 220 * buflen (input) - length of the 'buf' 221 * 222 * Return: 223 * B_TRUE if an AD server is found. Otherwise, returns B_FALSE; 224 * 225 * The buffer passed in should be big enough to hold a fully-qualified 226 * hostname (MAXHOSTNAMELEN); otherwise, a truncated string will be 227 * returned. On error, an empty string will be returned. 228 */ 229 boolean_t 230 smb_find_ads_server(char *fqdn, char *buf, int buflen) 231 { 232 smb_string_t server; 233 smb_string_t domain; 234 boolean_t found = B_FALSE; 235 int rc; 236 237 if (fqdn == NULL || buf == NULL) { 238 if (buf) 239 *buf = '\0'; 240 return (B_FALSE); 241 } 242 243 bzero(&server, sizeof (smb_string_t)); 244 *buf = '\0'; 245 246 domain.buf = fqdn; 247 248 rc = smb_door_call(SMB_DR_ADS_FIND_HOST, &domain, smb_string_xdr, 249 &server, smb_string_xdr); 250 251 if (rc != 0) 252 syslog(LOG_DEBUG, "smb_find_ads_server: %m"); 253 254 if (server.buf != NULL) { 255 if (*server.buf != '\0') { 256 (void) strlcpy(buf, server.buf, buflen); 257 found = B_TRUE; 258 } 259 260 xdr_free(smb_string_xdr, (char *)&server); 261 } 262 263 return (found); 264 } 265 266 void 267 smb_notify_dc_changed(void) 268 { 269 int rc; 270 271 rc = smb_door_call(SMB_DR_NOTIFY_DC_CHANGED, 272 NULL, NULL, NULL, NULL); 273 274 if (rc != 0) 275 syslog(LOG_DEBUG, "smb_notify_dc_changed: %m"); 276 } 277 278 279 /* 280 * After a successful door call the local door_arg->data_ptr is assigned 281 * to the caller's arg->rbuf so that arg has references to both input and 282 * response buffers, which is required by smb_door_free. 283 * 284 * On success, the object referenced by rsp_data will have been populated 285 * by passing rbuf through the rsp_xdr function. 286 */ 287 static int 288 smb_door_call(uint32_t cmd, void *req_data, xdrproc_t req_xdr, 289 void *rsp_data, xdrproc_t rsp_xdr) 290 { 291 smb_doorarg_t da; 292 int fd; 293 int rc; 294 char *door_name; 295 296 bzero(&da, sizeof (smb_doorarg_t)); 297 da.da_opcode = cmd; 298 da.da_opname = smb_doorhdr_opname(cmd); 299 da.da_req_xdr = req_xdr; 300 da.da_rsp_xdr = rsp_xdr; 301 da.da_req_data = req_data; 302 da.da_rsp_data = rsp_data; 303 304 if ((req_data == NULL && req_xdr != NULL) || 305 (rsp_data == NULL && rsp_xdr != NULL)) { 306 errno = EINVAL; 307 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname); 308 return (-1); 309 } 310 311 door_name = getenv("SMBD_DOOR_NAME"); 312 if (door_name == NULL) 313 door_name = SMBD_DOOR_NAME; 314 315 if ((fd = open(door_name, O_RDONLY)) < 0) { 316 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname); 317 return (-1); 318 } 319 320 if (smb_door_encode(&da, cmd) != 0) { 321 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname); 322 (void) close(fd); 323 return (-1); 324 } 325 326 if (smb_door_call_private(fd, &da) != 0) { 327 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname); 328 smb_door_free(&da.da_arg); 329 (void) close(fd); 330 return (-1); 331 } 332 333 if ((rc = smb_door_decode(&da)) != 0) 334 syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname); 335 smb_door_free(&da.da_arg); 336 (void) close(fd); 337 return (rc); 338 } 339 340 /* 341 * We use a copy of the door arg because doorfs may change data_ptr 342 * and we want to detect that when freeing the door buffers. After 343 * this call, response data must be referenced via rbuf and rsize. 344 */ 345 static int 346 smb_door_call_private(int fd, smb_doorarg_t *da) 347 { 348 door_arg_t door_arg; 349 int rc; 350 int i; 351 352 bcopy(&da->da_arg, &door_arg, sizeof (door_arg_t)); 353 354 for (i = 0; i < SMB_DOOR_CALL_RETRIES; ++i) { 355 errno = 0; 356 357 if ((rc = door_call(fd, &door_arg)) == 0) 358 break; 359 360 if (errno != EAGAIN && errno != EINTR) 361 return (-1); 362 } 363 364 if (rc != 0 || door_arg.data_size == 0 || door_arg.rsize == 0) { 365 if (errno == 0) 366 errno = EIO; 367 return (-1); 368 } 369 370 da->da_arg.rbuf = door_arg.data_ptr; 371 da->da_arg.rsize = door_arg.rsize; 372 return (rc); 373 } 374 375 static int 376 smb_door_encode(smb_doorarg_t *da, uint32_t cmd) 377 { 378 XDR xdrs; 379 char *buf; 380 uint32_t buflen; 381 382 buflen = xdr_sizeof(smb_doorhdr_xdr, &da->da_hdr); 383 if (da->da_req_xdr != NULL) 384 buflen += xdr_sizeof(da->da_req_xdr, da->da_req_data); 385 386 smb_door_sethdr(&da->da_hdr, cmd, buflen); 387 388 if ((buf = malloc(buflen)) == NULL) 389 return (-1); 390 391 xdrmem_create(&xdrs, buf, buflen, XDR_ENCODE); 392 393 if (!smb_doorhdr_xdr(&xdrs, &da->da_hdr)) { 394 errno = EPROTO; 395 free(buf); 396 xdr_destroy(&xdrs); 397 return (-1); 398 } 399 400 if (da->da_req_xdr != NULL) { 401 if (!da->da_req_xdr(&xdrs, da->da_req_data)) { 402 errno = EPROTO; 403 free(buf); 404 xdr_destroy(&xdrs); 405 return (-1); 406 } 407 } 408 409 da->da_arg.data_ptr = buf; 410 da->da_arg.data_size = buflen; 411 da->da_arg.desc_ptr = NULL; 412 da->da_arg.desc_num = 0; 413 da->da_arg.rbuf = buf; 414 da->da_arg.rsize = buflen; 415 416 xdr_destroy(&xdrs); 417 return (0); 418 } 419 420 /* 421 * Decode the response in rbuf and rsize. 422 */ 423 static int 424 smb_door_decode(smb_doorarg_t *da) 425 { 426 XDR xdrs; 427 smb_doorhdr_t hdr; 428 char *rbuf = da->da_arg.rbuf; 429 uint32_t rsize = da->da_arg.rsize; 430 431 if (rbuf == NULL || rsize == 0) { 432 errno = EINVAL; 433 return (-1); 434 } 435 436 xdrmem_create(&xdrs, rbuf, rsize, XDR_DECODE); 437 438 if (!smb_doorhdr_xdr(&xdrs, &hdr)) { 439 errno = EPROTO; 440 xdr_destroy(&xdrs); 441 return (-1); 442 } 443 444 if (!smb_door_chkhdr(da, &hdr)) { 445 errno = EPROTO; 446 xdr_destroy(&xdrs); 447 return (-1); 448 } 449 450 if (da->da_rsp_xdr != NULL) { 451 if (!da->da_rsp_xdr(&xdrs, da->da_rsp_data)) { 452 errno = EPROTO; 453 xdr_destroy(&xdrs); 454 return (-1); 455 } 456 } 457 458 xdr_destroy(&xdrs); 459 return (0); 460 } 461 462 static void 463 smb_door_sethdr(smb_doorhdr_t *hdr, uint32_t cmd, uint32_t datalen) 464 { 465 bzero(hdr, sizeof (smb_doorhdr_t)); 466 hdr->dh_magic = SMB_DOOR_HDR_MAGIC; 467 hdr->dh_flags = SMB_DF_USERSPACE; 468 hdr->dh_op = cmd; 469 hdr->dh_txid = smb_get_txid(); 470 hdr->dh_datalen = datalen; 471 hdr->dh_door_rc = SMB_DOP_NOT_CALLED; 472 } 473 474 static boolean_t 475 smb_door_chkhdr(smb_doorarg_t *da, smb_doorhdr_t *hdr) 476 { 477 if ((hdr->dh_magic != SMB_DOOR_HDR_MAGIC) || 478 (hdr->dh_op != da->da_hdr.dh_op) || 479 (hdr->dh_txid != da->da_hdr.dh_txid)) { 480 syslog(LOG_DEBUG, "smb_door_chkhdr[%s]: invalid header", 481 da->da_opname); 482 return (B_FALSE); 483 } 484 485 if (hdr->dh_door_rc != SMB_DOP_SUCCESS) { 486 syslog(LOG_DEBUG, "smb_door_chkhdr[%s]: call status=%d", 487 da->da_opname, hdr->dh_door_rc); 488 return (B_FALSE); 489 } 490 491 return (B_TRUE); 492 } 493 494 /* 495 * Free resources allocated for a door call. If the result buffer provided 496 * by the client is too small, doorfs will have allocated a new buffer, 497 * which must be unmapped here. 498 * 499 * This function must be called to free both the argument and result door 500 * buffers regardless of the status of the door call. 501 */ 502 static void 503 smb_door_free(door_arg_t *arg) 504 { 505 if (arg->rbuf && (arg->rbuf != arg->data_ptr)) 506 (void) munmap(arg->rbuf, arg->rsize); 507 508 free(arg->data_ptr); 509 } 510