xref: /illumos-gate/usr/src/lib/smbsrv/libsmb/common/smb_doorclnt.c (revision e8d80663e4f91871f843bb8ad9108dc0b76dfcf3)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23  */
24 
25 #include <assert.h>
26 #include <syslog.h>
27 #include <door.h>
28 #include <fcntl.h>
29 #include <string.h>
30 #include <strings.h>
31 #include <stdlib.h>
32 #include <unistd.h>
33 #include <errno.h>
34 #include <sys/mman.h>
35 #include <smbsrv/libsmb.h>
36 #include <smbsrv/wintypes.h>
37 #include <smbsrv/smb_door.h>
38 
39 static int smb_door_call(uint32_t, void *, xdrproc_t, void *, xdrproc_t);
40 static int smb_door_call_private(int, smb_doorarg_t *);
41 static int smb_door_encode(smb_doorarg_t *, uint32_t);
42 static int smb_door_decode(smb_doorarg_t *);
43 static void smb_door_sethdr(smb_doorhdr_t *, uint32_t, uint32_t);
44 static boolean_t smb_door_chkhdr(smb_doorarg_t *, smb_doorhdr_t *);
45 static void smb_door_free(door_arg_t *arg);
46 
47 /*
48  * Given a SID, make a door call to get  the associated name.
49  *
50  * Returns 0 if the door call is successful, otherwise -1.
51  *
52  * If 0 is returned, the lookup result will be available in a_status.
53  * NT_STATUS_SUCCESS		The SID was mapped to a name.
54  * NT_STATUS_NONE_MAPPED	The SID could not be mapped to a name.
55  */
56 int
57 smb_lookup_sid(const char *sid, lsa_account_t *acct)
58 {
59 	int	rc;
60 
61 	assert((sid != NULL) && (acct != NULL));
62 
63 	bzero(acct, sizeof (lsa_account_t));
64 	(void) strlcpy(acct->a_sid, sid, SMB_SID_STRSZ);
65 
66 	rc = smb_door_call(SMB_DR_LOOKUP_SID, acct, lsa_account_xdr,
67 	    acct, lsa_account_xdr);
68 
69 	if (rc != 0)
70 		syslog(LOG_DEBUG, "smb_lookup_sid: %m");
71 	return (rc);
72 }
73 
74 /*
75  * Given a name, make a door call to get the associated SID.
76  *
77  * Returns 0 if the door call is successful, otherwise -1.
78  *
79  * If 0 is returned, the lookup result will be available in a_status.
80  * NT_STATUS_SUCCESS		The name was mapped to a SID.
81  * NT_STATUS_NONE_MAPPED	The name could not be mapped to a SID.
82  */
83 int
84 smb_lookup_name(const char *name, sid_type_t sidtype, lsa_account_t *acct)
85 {
86 	char		tmp[MAXNAMELEN];
87 	char		*dp = NULL;
88 	char		*np = NULL;
89 	int		rc;
90 
91 	assert((name != NULL) && (acct != NULL));
92 
93 	(void) strlcpy(tmp, name, MAXNAMELEN);
94 	smb_name_parse(tmp, &np, &dp);
95 
96 	bzero(acct, sizeof (lsa_account_t));
97 	acct->a_sidtype = sidtype;
98 
99 	if (dp != NULL && np != NULL) {
100 		(void) strlcpy(acct->a_domain, dp, MAXNAMELEN);
101 		(void) strlcpy(acct->a_name, np, MAXNAMELEN);
102 	} else {
103 		(void) strlcpy(acct->a_name, name, MAXNAMELEN);
104 	}
105 
106 	rc = smb_door_call(SMB_DR_LOOKUP_NAME, acct, lsa_account_xdr,
107 	    acct, lsa_account_xdr);
108 
109 	if (rc != 0)
110 		syslog(LOG_DEBUG, "smb_lookup_name: %m");
111 	return (rc);
112 }
113 
114 uint32_t
115 smb_join(smb_joininfo_t *jdi)
116 {
117 	uint32_t	status;
118 	int		rc;
119 
120 	if (jdi == NULL)
121 		return (NT_STATUS_INVALID_PARAMETER);
122 
123 	rc = smb_door_call(SMB_DR_JOIN, jdi, smb_joininfo_xdr,
124 	    &status, xdr_uint32_t);
125 
126 	if (rc != 0) {
127 		syslog(LOG_DEBUG, "smb_join: %m");
128 		status = NT_STATUS_INTERNAL_ERROR;
129 	}
130 
131 	return (status);
132 }
133 
134 /*
135  * Get information about the Domain Controller in the joined resource domain.
136  *
137  * Returns NT status codes.
138  */
139 uint32_t
140 smb_get_dcinfo(char *namebuf, uint32_t namebuflen, smb_inaddr_t *ipaddr)
141 {
142 	smb_string_t	dcname;
143 	struct hostent	*h;
144 	int		rc;
145 
146 	assert((namebuf != NULL) && (namebuflen != 0));
147 	*namebuf = '\0';
148 	bzero(&dcname, sizeof (smb_string_t));
149 
150 	rc = smb_door_call(SMB_DR_GET_DCINFO, NULL, NULL,
151 	    &dcname, smb_string_xdr);
152 
153 	if (rc != 0) {
154 		syslog(LOG_DEBUG, "smb_get_dcinfo: %m");
155 		if (dcname.buf)
156 			xdr_free(smb_string_xdr, (char *)&dcname);
157 		return (NT_STATUS_INTERNAL_ERROR);
158 	}
159 
160 	if (dcname.buf) {
161 		(void) strlcpy(namebuf, dcname.buf, namebuflen);
162 
163 		if ((h = smb_gethostbyname(dcname.buf, &rc)) == NULL) {
164 			bzero(ipaddr, sizeof (smb_inaddr_t));
165 		} else {
166 			(void) memcpy(ipaddr, h->h_addr, h->h_length);
167 			ipaddr->a_family = h->h_addrtype;
168 			freehostent(h);
169 		}
170 		xdr_free(smb_string_xdr, (char *)&dcname);
171 	}
172 
173 	return (NT_STATUS_SUCCESS);
174 }
175 
176 bool_t
177 smb_joininfo_xdr(XDR *xdrs, smb_joininfo_t *objp)
178 {
179 	if (!xdr_vector(xdrs, (char *)objp->domain_name, MAXHOSTNAMELEN,
180 	    sizeof (char), (xdrproc_t)xdr_char))
181 		return (FALSE);
182 
183 	if (!xdr_vector(xdrs, (char *)objp->domain_username,
184 	    SMB_USERNAME_MAXLEN + 1, sizeof (char), (xdrproc_t)xdr_char))
185 		return (FALSE);
186 
187 	if (!xdr_vector(xdrs, (char *)objp->domain_passwd,
188 	    SMB_PASSWD_MAXLEN + 1, sizeof (char), (xdrproc_t)xdr_char))
189 		return (FALSE);
190 
191 	if (!xdr_uint32_t(xdrs, &objp->mode))
192 		return (FALSE);
193 
194 	return (TRUE);
195 }
196 
197 /*
198  * Parameters:
199  *   fqdn (input) - fully-qualified domain name
200  *   buf (output) - fully-qualified hostname of the AD server found
201  *                  by this function.
202  *   buflen (input) - length of the 'buf'
203  *
204  * Return:
205  *   B_TRUE if an AD server is found. Otherwise, returns B_FALSE;
206  *
207  * The buffer passed in should be big enough to hold a fully-qualified
208  * hostname (MAXHOSTNAMELEN); otherwise, a truncated string will be
209  * returned. On error, an empty string will be returned.
210  */
211 boolean_t
212 smb_find_ads_server(char *fqdn, char *buf, int buflen)
213 {
214 	smb_string_t	server;
215 	smb_string_t	domain;
216 	boolean_t	found = B_FALSE;
217 	int		rc;
218 
219 	if (fqdn == NULL || buf == NULL) {
220 		if (buf)
221 			*buf = '\0';
222 		return (B_FALSE);
223 	}
224 
225 	bzero(&server, sizeof (smb_string_t));
226 	*buf = '\0';
227 
228 	domain.buf = fqdn;
229 
230 	rc = smb_door_call(SMB_DR_ADS_FIND_HOST, &domain, smb_string_xdr,
231 	    &server, smb_string_xdr);
232 
233 	if (rc != 0)
234 		syslog(LOG_DEBUG, "smb_find_ads_server: %m");
235 
236 	if (server.buf != NULL) {
237 		if (*server.buf != '\0') {
238 			(void) strlcpy(buf, server.buf, buflen);
239 			found = B_TRUE;
240 		}
241 
242 		xdr_free(smb_string_xdr, (char *)&server);
243 	}
244 
245 	return (found);
246 }
247 
248 /*
249  * After a successful door call the local door_arg->data_ptr is assigned
250  * to the caller's arg->rbuf so that arg has references to both input and
251  * response buffers, which is required by smb_door_free.
252  *
253  * On success, the object referenced by rsp_data will have been populated
254  * by passing rbuf through the rsp_xdr function.
255  */
256 static int
257 smb_door_call(uint32_t cmd, void *req_data, xdrproc_t req_xdr,
258     void *rsp_data, xdrproc_t rsp_xdr)
259 {
260 	smb_doorarg_t	da;
261 	int		fd;
262 	int		rc;
263 
264 	bzero(&da, sizeof (smb_doorarg_t));
265 	da.da_opcode = cmd;
266 	da.da_opname = smb_doorhdr_opname(cmd);
267 	da.da_req_xdr = req_xdr;
268 	da.da_rsp_xdr = rsp_xdr;
269 	da.da_req_data = req_data;
270 	da.da_rsp_data = rsp_data;
271 
272 	if ((req_data == NULL && req_xdr != NULL) ||
273 	    (rsp_data == NULL && rsp_xdr != NULL)) {
274 		errno = EINVAL;
275 		syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
276 		return (-1);
277 	}
278 
279 	if ((fd = open(SMBD_DOOR_NAME, O_RDONLY)) < 0) {
280 		syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
281 		return (-1);
282 	}
283 
284 	if (smb_door_encode(&da, cmd) != 0) {
285 		syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
286 		(void) close(fd);
287 		return (-1);
288 	}
289 
290 	if (smb_door_call_private(fd, &da) != 0) {
291 		syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
292 		smb_door_free(&da.da_arg);
293 		(void) close(fd);
294 		return (-1);
295 	}
296 
297 	if ((rc = smb_door_decode(&da)) != 0)
298 		syslog(LOG_DEBUG, "smb_door_call[%s]: %m", da.da_opname);
299 	smb_door_free(&da.da_arg);
300 	(void) close(fd);
301 	return (rc);
302 }
303 
304 /*
305  * We use a copy of the door arg because doorfs may change data_ptr
306  * and we want to detect that when freeing the door buffers.  After
307  * this call, response data must be referenced via rbuf and rsize.
308  */
309 static int
310 smb_door_call_private(int fd, smb_doorarg_t *da)
311 {
312 	door_arg_t door_arg;
313 	int rc;
314 	int i;
315 
316 	bcopy(&da->da_arg, &door_arg, sizeof (door_arg_t));
317 
318 	for (i = 0; i < SMB_DOOR_CALL_RETRIES; ++i) {
319 		errno = 0;
320 
321 		if ((rc = door_call(fd, &door_arg)) == 0)
322 			break;
323 
324 		if (errno != EAGAIN && errno != EINTR)
325 			return (-1);
326 	}
327 
328 	if (rc != 0 || door_arg.data_size == 0 || door_arg.rsize == 0) {
329 		if (errno == 0)
330 			errno = EIO;
331 		return (-1);
332 	}
333 
334 	da->da_arg.rbuf = door_arg.data_ptr;
335 	da->da_arg.rsize = door_arg.rsize;
336 	return (rc);
337 }
338 
339 static int
340 smb_door_encode(smb_doorarg_t *da, uint32_t cmd)
341 {
342 	XDR		xdrs;
343 	char		*buf;
344 	uint32_t	buflen;
345 
346 	buflen = xdr_sizeof(smb_doorhdr_xdr, &da->da_hdr);
347 	if (da->da_req_xdr != NULL)
348 		buflen += xdr_sizeof(da->da_req_xdr, da->da_req_data);
349 
350 	smb_door_sethdr(&da->da_hdr, cmd, buflen);
351 
352 	if ((buf = malloc(buflen)) == NULL)
353 		return (-1);
354 
355 	xdrmem_create(&xdrs, buf, buflen, XDR_ENCODE);
356 
357 	if (!smb_doorhdr_xdr(&xdrs, &da->da_hdr)) {
358 		errno = EPROTO;
359 		free(buf);
360 		xdr_destroy(&xdrs);
361 		return (-1);
362 	}
363 
364 	if (da->da_req_xdr != NULL) {
365 		if (!da->da_req_xdr(&xdrs, da->da_req_data)) {
366 			errno = EPROTO;
367 			free(buf);
368 			xdr_destroy(&xdrs);
369 			return (-1);
370 		}
371 	}
372 
373 	da->da_arg.data_ptr = buf;
374 	da->da_arg.data_size = buflen;
375 	da->da_arg.desc_ptr = NULL;
376 	da->da_arg.desc_num = 0;
377 	da->da_arg.rbuf = buf;
378 	da->da_arg.rsize = buflen;
379 
380 	xdr_destroy(&xdrs);
381 	return (0);
382 }
383 
384 /*
385  * Decode the response in rbuf and rsize.
386  */
387 static int
388 smb_door_decode(smb_doorarg_t *da)
389 {
390 	XDR		xdrs;
391 	smb_doorhdr_t	hdr;
392 	char		*rbuf = da->da_arg.rbuf;
393 	uint32_t	rsize = da->da_arg.rsize;
394 
395 	if (rbuf == NULL || rsize == 0) {
396 		errno = EINVAL;
397 		return (-1);
398 	}
399 
400 	xdrmem_create(&xdrs, rbuf, rsize, XDR_DECODE);
401 
402 	if (!smb_doorhdr_xdr(&xdrs, &hdr)) {
403 		errno = EPROTO;
404 		xdr_destroy(&xdrs);
405 		return (-1);
406 	}
407 
408 	if (!smb_door_chkhdr(da, &hdr)) {
409 		errno = EPROTO;
410 		xdr_destroy(&xdrs);
411 		return (-1);
412 	}
413 
414 	if (da->da_rsp_xdr != NULL) {
415 		if (!da->da_rsp_xdr(&xdrs, da->da_rsp_data)) {
416 			errno = EPROTO;
417 			xdr_destroy(&xdrs);
418 			return (-1);
419 		}
420 	}
421 
422 	xdr_destroy(&xdrs);
423 	return (0);
424 }
425 
426 static void
427 smb_door_sethdr(smb_doorhdr_t *hdr, uint32_t cmd, uint32_t datalen)
428 {
429 	bzero(hdr, sizeof (smb_doorhdr_t));
430 	hdr->dh_magic = SMB_DOOR_HDR_MAGIC;
431 	hdr->dh_flags = SMB_DF_USERSPACE;
432 	hdr->dh_op = cmd;
433 	hdr->dh_txid = smb_get_txid();
434 	hdr->dh_datalen = datalen;
435 	hdr->dh_door_rc = SMB_DOP_NOT_CALLED;
436 }
437 
438 static boolean_t
439 smb_door_chkhdr(smb_doorarg_t *da, smb_doorhdr_t *hdr)
440 {
441 	if ((hdr->dh_magic != SMB_DOOR_HDR_MAGIC) ||
442 	    (hdr->dh_op != da->da_hdr.dh_op) ||
443 	    (hdr->dh_txid != da->da_hdr.dh_txid)) {
444 		syslog(LOG_DEBUG, "smb_door_chkhdr[%s]: invalid header",
445 		    da->da_opname);
446 		return (B_FALSE);
447 	}
448 
449 	if (hdr->dh_door_rc != SMB_DOP_SUCCESS) {
450 		syslog(LOG_DEBUG, "smb_door_chkhdr[%s]: call status=%d",
451 		    da->da_opname, hdr->dh_door_rc);
452 		return (B_FALSE);
453 	}
454 
455 	return (B_TRUE);
456 }
457 
458 /*
459  * Free resources allocated for a door call.  If the result buffer provided
460  * by the client is too small, doorfs will have allocated a new buffer,
461  * which must be unmapped here.
462  *
463  * This function must be called to free both the argument and result door
464  * buffers regardless of the status of the door call.
465  */
466 static void
467 smb_door_free(door_arg_t *arg)
468 {
469 	if (arg->rbuf && (arg->rbuf != arg->data_ptr))
470 		(void) munmap(arg->rbuf, arg->rsize);
471 
472 	free(arg->data_ptr);
473 }
474