1da6c28aaSamw /* 2da6c28aaSamw * CDDL HEADER START 3da6c28aaSamw * 4da6c28aaSamw * The contents of this file are subject to the terms of the 5da6c28aaSamw * Common Development and Distribution License (the "License"). 6da6c28aaSamw * You may not use this file except in compliance with the License. 7da6c28aaSamw * 8da6c28aaSamw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9da6c28aaSamw * or http://www.opensolaris.org/os/licensing. 10da6c28aaSamw * See the License for the specific language governing permissions 11da6c28aaSamw * and limitations under the License. 12da6c28aaSamw * 13da6c28aaSamw * When distributing Covered Code, include this CDDL HEADER in each 14da6c28aaSamw * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15da6c28aaSamw * If applicable, add the following below this CDDL HEADER, with the 16da6c28aaSamw * fields enclosed by brackets "[]" replaced with your own identifying 17da6c28aaSamw * information: Portions Copyright [yyyy] [name of copyright owner] 18da6c28aaSamw * 19da6c28aaSamw * CDDL HEADER END 20da6c28aaSamw */ 21da6c28aaSamw /* 22c5866007SKeyur Desai * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23*8f70e16bSGordon Ross * Copyright 2018 Nexenta Systems, Inc. All rights reserved. 2448bbca81SDaniel Hoffman * Copyright (c) 2016 by Delphix. All rights reserved. 25da6c28aaSamw */ 26da6c28aaSamw 27da6c28aaSamw /* 28da6c28aaSamw * General Structures Layout 29da6c28aaSamw * ------------------------- 30da6c28aaSamw * 31da6c28aaSamw * This is a simplified diagram showing the relationship between most of the 32da6c28aaSamw * main structures. 33da6c28aaSamw * 34da6c28aaSamw * +-------------------+ 35da6c28aaSamw * | SMB_INFO | 36da6c28aaSamw * +-------------------+ 37da6c28aaSamw * | 38da6c28aaSamw * | 39da6c28aaSamw * v 40da6c28aaSamw * +-------------------+ +-------------------+ +-------------------+ 41da6c28aaSamw * | SESSION |<----->| SESSION |......| SESSION | 42da6c28aaSamw * +-------------------+ +-------------------+ +-------------------+ 433b13a1efSThomas Keiser * | | 443b13a1efSThomas Keiser * | | 453b13a1efSThomas Keiser * | v 463b13a1efSThomas Keiser * | +-------------------+ +-------------------+ +-------------------+ 473b13a1efSThomas Keiser * | | USER |<--->| USER |...| USER | 483b13a1efSThomas Keiser * | +-------------------+ +-------------------+ +-------------------+ 49da6c28aaSamw * | 50da6c28aaSamw * | 51da6c28aaSamw * v 52da6c28aaSamw * +-------------------+ +-------------------+ +-------------------+ 53da6c28aaSamw * | TREE |<----->| TREE |......| TREE | 54da6c28aaSamw * +-------------------+ +-------------------+ +-------------------+ 55da6c28aaSamw * | | 56da6c28aaSamw * | | 57da6c28aaSamw * | v 58da6c28aaSamw * | +-------+ +-------+ +-------+ 59da6c28aaSamw * | | OFILE |<----->| OFILE |......| OFILE | 60da6c28aaSamw * | +-------+ +-------+ +-------+ 61da6c28aaSamw * | 62da6c28aaSamw * | 63da6c28aaSamw * v 64da6c28aaSamw * +-------+ +------+ +------+ 65da6c28aaSamw * | ODIR |<----->| ODIR |......| ODIR | 66da6c28aaSamw * +-------+ +------+ +------+ 67da6c28aaSamw * 68da6c28aaSamw * 69da6c28aaSamw * User State Machine 70da6c28aaSamw * ------------------ 71da6c28aaSamw * 7212b65585SGordon Ross * 7312b65585SGordon Ross * | T0: Creation/Allocation 7412b65585SGordon Ross * | (1st session setup) 7512b65585SGordon Ross * v 7612b65585SGordon Ross * +-----------------------------+ 7712b65585SGordon Ross * | SMB_USER_STATE_LOGGING_ON |<----------+ 7812b65585SGordon Ross * +-----------------------------+ addl. session setup 7912b65585SGordon Ross * | | (more proc. required) 8012b65585SGordon Ross * | T2 | ^ 8112b65585SGordon Ross * | | | T1: (cont.) 8212b65585SGordon Ross * | +------->-------? 8312b65585SGordon Ross * v | T3: (fail) 8412b65585SGordon Ross * +-----------------------------+ v 8512b65585SGordon Ross * | SMB_USER_STATE_LOGGED_ON | (logged off) 86da6c28aaSamw * +-----------------------------+ 87da6c28aaSamw * | 8812b65585SGordon Ross * | T4 89da6c28aaSamw * | 90da6c28aaSamw * v 91da6c28aaSamw * +-----------------------------+ 92da6c28aaSamw * | SMB_USER_STATE_LOGGING_OFF | 93da6c28aaSamw * +-----------------------------+ 94da6c28aaSamw * | 9512b65585SGordon Ross * | T5 96da6c28aaSamw * | 97da6c28aaSamw * v 9812b65585SGordon Ross * +-----------------------------+ T6 99da6c28aaSamw * | SMB_USER_STATE_LOGGED_OFF |----------> Deletion/Free 100da6c28aaSamw * +-----------------------------+ 101da6c28aaSamw * 10212b65585SGordon Ross * SMB_USER_STATE_LOGGING_ON 103da6c28aaSamw * 104da6c28aaSamw * While in this state: 10548bbca81SDaniel Hoffman * - The user is in the list of users for their session. 10612b65585SGordon Ross * - References will be given out ONLY for session setup. 10712b65585SGordon Ross * - This user can not access anything yet. 10812b65585SGordon Ross * 10912b65585SGordon Ross * SMB_USER_STATE_LOGGED_ON 11012b65585SGordon Ross * 11112b65585SGordon Ross * While in this state: 11248bbca81SDaniel Hoffman * - The user is in the list of users for their session. 113da6c28aaSamw * - References will be given out if the user is looked up. 114da6c28aaSamw * - The user can access files and pipes. 115da6c28aaSamw * 116da6c28aaSamw * SMB_USER_STATE_LOGGING_OFF 117da6c28aaSamw * 118da6c28aaSamw * While in this state: 11948bbca81SDaniel Hoffman * - The user is in the list of users for their session. 120da6c28aaSamw * - References will not be given out if the user is looked up. 121da6c28aaSamw * - The trees the user connected are being disconnected. 122da6c28aaSamw * - The resources associated with the user remain. 123da6c28aaSamw * 12412b65585SGordon Ross * SMB_USER_STATE_LOGGED_OFF 125da6c28aaSamw * 126da6c28aaSamw * While in this state: 12748bbca81SDaniel Hoffman * - The user is queued in the list of users of their session. 128da6c28aaSamw * - References will not be given out if the user is looked up. 129da6c28aaSamw * - The user has no more trees connected. 130da6c28aaSamw * - The resources associated with the user remain. 131da6c28aaSamw * 132da6c28aaSamw * Transition T0 133da6c28aaSamw * 13412b65585SGordon Ross * First request in an SMB Session Setup sequence creates a 13512b65585SGordon Ross * new user object and adds it to the list of users for 13612b65585SGordon Ross * this session. User UID is assigned and returned. 137da6c28aaSamw * 138da6c28aaSamw * Transition T1 139da6c28aaSamw * 14012b65585SGordon Ross * Subsequent SMB Session Setup requests (on the same UID 14112b65585SGordon Ross * assigned in T0) update the state of this user object, 14212b65585SGordon Ross * communicating with smbd for the crypto work. 143da6c28aaSamw * 144da6c28aaSamw * Transition T2 145da6c28aaSamw * 14612b65585SGordon Ross * If the SMB Session Setup sequence is successful, T2 14712b65585SGordon Ross * makes the new user object available for requests. 14812b65585SGordon Ross * 14912b65585SGordon Ross * Transition T3 15012b65585SGordon Ross * 15112b65585SGordon Ross * If an Session Setup request gets an error other than 15212b65585SGordon Ross * the expected "more processing required", then T3 15312b65585SGordon Ross * leads to state "LOGGED_OFF" and then tear-down of the 15412b65585SGordon Ross * partially constructed user. 15512b65585SGordon Ross * 15612b65585SGordon Ross * Transition T4 15712b65585SGordon Ross * 15812b65585SGordon Ross * Normal SMB User Logoff request, or session tear-down. 15912b65585SGordon Ross * 16012b65585SGordon Ross * Transition T5 16112b65585SGordon Ross * 162da6c28aaSamw * This transition occurs in smb_user_release(). The resources associated 163da6c28aaSamw * with the user are deleted as well as the user. For the transition to 164da6c28aaSamw * occur, the user must be in the SMB_USER_STATE_LOGGED_OFF state and the 165da6c28aaSamw * reference count be zero. 166da6c28aaSamw * 167da6c28aaSamw * Comments 168da6c28aaSamw * -------- 169da6c28aaSamw * 170da6c28aaSamw * The state machine of the user structures is controlled by 3 elements: 17148bbca81SDaniel Hoffman * - The list of users of the session they belong to. 172da6c28aaSamw * - The mutex embedded in the structure itself. 173da6c28aaSamw * - The reference count. 174da6c28aaSamw * 175da6c28aaSamw * There's a mutex embedded in the user structure used to protect its fields 176da6c28aaSamw * and there's a lock embedded in the list of users of a session. To 177da6c28aaSamw * increment or to decrement the reference count the mutex must be entered. 178da6c28aaSamw * To insert the user into the list of users of the session and to remove 179da6c28aaSamw * the user from it, the lock must be entered in RW_WRITER mode. 180da6c28aaSamw * 181da6c28aaSamw * Rules of access to a user structure: 182da6c28aaSamw * 183da6c28aaSamw * 1) In order to avoid deadlocks, when both (mutex and lock of the session 184da6c28aaSamw * list) have to be entered, the lock must be entered first. 185da6c28aaSamw * 186da6c28aaSamw * 2) All actions applied to a user require a reference count. 187da6c28aaSamw * 188da6c28aaSamw * 3) There are 2 ways of getting a reference count. One is when the user 1899fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * logs in. The other when the user is looked up. 190da6c28aaSamw * 191da6c28aaSamw * It should be noted that the reference count of a user registers the 192da6c28aaSamw * number of references to the user in other structures (such as an smb 193da6c28aaSamw * request). The reference count is not incremented in these 2 instances: 194da6c28aaSamw * 19548bbca81SDaniel Hoffman * 1) The user is logged in. An user is anchored by their state. If there's 196da6c28aaSamw * no activity involving a user currently logged in, the reference 197da6c28aaSamw * count of that user is zero. 198da6c28aaSamw * 199da6c28aaSamw * 2) The user is queued in the list of users of the session. The fact of 200da6c28aaSamw * being queued in that list is NOT registered by incrementing the 201da6c28aaSamw * reference count. 202da6c28aaSamw */ 203148c5f43SAlan Wright #include <sys/types.h> 204148c5f43SAlan Wright #include <sys/sid.h> 205148c5f43SAlan Wright #include <sys/priv_names.h> 206bbf6f00cSJordan Brown #include <smbsrv/smb_kproto.h> 2079fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States #include <smbsrv/smb_door.h> 208da6c28aaSamw 209c8ec8eeaSjose borrego #define ADMINISTRATORS_SID "S-1-5-32-544" 210c8ec8eeaSjose borrego 2111fcced4cSJordan Brown static int smb_user_enum_private(smb_user_t *, smb_svcenum_t *); 2128622ec45SGordon Ross static void smb_user_auth_logoff(smb_user_t *); 213*8f70e16bSGordon Ross static void smb_user_logoff_tq(void *); 214c8ec8eeaSjose borrego 215b819cea2SGordon Ross 216da6c28aaSamw /* 217148c5f43SAlan Wright * Create a new user. 218da6c28aaSamw */ 219da6c28aaSamw smb_user_t * 22012b65585SGordon Ross smb_user_new(smb_session_t *session) 22112b65585SGordon Ross { 22212b65585SGordon Ross smb_user_t *user; 22312b65585SGordon Ross 22412b65585SGordon Ross ASSERT(session); 22512b65585SGordon Ross ASSERT(session->s_magic == SMB_SESSION_MAGIC); 22612b65585SGordon Ross 22712b65585SGordon Ross user = kmem_cache_alloc(smb_cache_user, KM_SLEEP); 22812b65585SGordon Ross bzero(user, sizeof (smb_user_t)); 22912b65585SGordon Ross 23012b65585SGordon Ross user->u_refcnt = 1; 23112b65585SGordon Ross user->u_session = session; 23212b65585SGordon Ross user->u_server = session->s_server; 23312b65585SGordon Ross user->u_logon_time = gethrestime_sec(); 23412b65585SGordon Ross 23512b65585SGordon Ross if (smb_idpool_alloc(&session->s_uid_pool, &user->u_uid)) 23612b65585SGordon Ross goto errout; 23712b65585SGordon Ross 23812b65585SGordon Ross mutex_init(&user->u_mutex, NULL, MUTEX_DEFAULT, NULL); 23912b65585SGordon Ross user->u_state = SMB_USER_STATE_LOGGING_ON; 24012b65585SGordon Ross user->u_magic = SMB_USER_MAGIC; 24112b65585SGordon Ross 24212b65585SGordon Ross smb_llist_enter(&session->s_user_list, RW_WRITER); 24312b65585SGordon Ross smb_llist_insert_tail(&session->s_user_list, user); 24412b65585SGordon Ross smb_llist_exit(&session->s_user_list); 24512b65585SGordon Ross smb_server_inc_users(session->s_server); 24612b65585SGordon Ross 24712b65585SGordon Ross return (user); 24812b65585SGordon Ross 24912b65585SGordon Ross errout: 25012b65585SGordon Ross if (user->u_uid != 0) 25112b65585SGordon Ross smb_idpool_free(&session->s_uid_pool, user->u_uid); 25212b65585SGordon Ross kmem_cache_free(smb_cache_user, user); 25312b65585SGordon Ross return (NULL); 25412b65585SGordon Ross } 25512b65585SGordon Ross 25612b65585SGordon Ross /* 25712b65585SGordon Ross * Fill in the details of a user, meaning a transition 25812b65585SGordon Ross * from state LOGGING_ON to state LOGGED_ON. 25912b65585SGordon Ross */ 26012b65585SGordon Ross int 26112b65585SGordon Ross smb_user_logon( 26212b65585SGordon Ross smb_user_t *user, 263da6c28aaSamw cred_t *cr, 264da6c28aaSamw char *domain_name, 265da6c28aaSamw char *account_name, 266da6c28aaSamw uint32_t flags, 267da6c28aaSamw uint32_t privileges, 268da6c28aaSamw uint32_t audit_sid) 269da6c28aaSamw { 270b210fedeSGordon Ross ksocket_t authsock = NULL; 271*8f70e16bSGordon Ross timeout_id_t tmo = NULL; 272da6c28aaSamw 27312b65585SGordon Ross ASSERT(user->u_magic == SMB_USER_MAGIC); 274da6c28aaSamw ASSERT(cr); 275da6c28aaSamw ASSERT(account_name); 276da6c28aaSamw ASSERT(domain_name); 277da6c28aaSamw 27812b65585SGordon Ross mutex_enter(&user->u_mutex); 27912b65585SGordon Ross 28012b65585SGordon Ross if (user->u_state != SMB_USER_STATE_LOGGING_ON) { 28112b65585SGordon Ross mutex_exit(&user->u_mutex); 28212b65585SGordon Ross return (-1); 28312b65585SGordon Ross } 28412b65585SGordon Ross 285b210fedeSGordon Ross /* 286b210fedeSGordon Ross * In the transition from LOGGING_ON to LOGGED_ON, 287b210fedeSGordon Ross * we always have an auth. socket to close. 288b210fedeSGordon Ross */ 289b210fedeSGordon Ross authsock = user->u_authsock; 290b210fedeSGordon Ross ASSERT(authsock != NULL); 291b210fedeSGordon Ross user->u_authsock = NULL; 292*8f70e16bSGordon Ross tmo = user->u_auth_tmo; 293*8f70e16bSGordon Ross user->u_auth_tmo = NULL; 29412b65585SGordon Ross 29512b65585SGordon Ross user->u_state = SMB_USER_STATE_LOGGED_ON; 296da6c28aaSamw user->u_flags = flags; 297da6c28aaSamw user->u_name_len = strlen(account_name) + 1; 298da6c28aaSamw user->u_domain_len = strlen(domain_name) + 1; 2999fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States user->u_name = smb_mem_strdup(account_name); 3009fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States user->u_domain = smb_mem_strdup(domain_name); 301da6c28aaSamw user->u_audit_sid = audit_sid; 302da6c28aaSamw 303148c5f43SAlan Wright smb_user_setcred(user, cr, privileges); 304da6c28aaSamw 30512b65585SGordon Ross mutex_exit(&user->u_mutex); 306da6c28aaSamw 307*8f70e16bSGordon Ross /* Timeout callback takes u_mutex. See untimeout(9f) */ 308*8f70e16bSGordon Ross if (tmo != NULL) 309*8f70e16bSGordon Ross (void) untimeout(tmo); 310*8f70e16bSGordon Ross 311b210fedeSGordon Ross /* This close can block, so not under the mutex. */ 312b210fedeSGordon Ross smb_authsock_close(user, authsock); 313b210fedeSGordon Ross 31412b65585SGordon Ross return (0); 315da6c28aaSamw } 316da6c28aaSamw 317da6c28aaSamw /* 318da6c28aaSamw * smb_user_logoff 319da6c28aaSamw * 3201fcced4cSJordan Brown * Change the user state and disconnect trees. 3211fcced4cSJordan Brown * The user list must not be entered or modified here. 322da6c28aaSamw */ 323da6c28aaSamw void 324da6c28aaSamw smb_user_logoff( 325da6c28aaSamw smb_user_t *user) 326da6c28aaSamw { 327b210fedeSGordon Ross ksocket_t authsock = NULL; 328*8f70e16bSGordon Ross timeout_id_t tmo = NULL; 329b210fedeSGordon Ross 330da6c28aaSamw ASSERT(user->u_magic == SMB_USER_MAGIC); 331da6c28aaSamw 332da6c28aaSamw mutex_enter(&user->u_mutex); 333da6c28aaSamw ASSERT(user->u_refcnt); 334da6c28aaSamw switch (user->u_state) { 335b210fedeSGordon Ross case SMB_USER_STATE_LOGGING_ON: 336b210fedeSGordon Ross authsock = user->u_authsock; 337b210fedeSGordon Ross user->u_authsock = NULL; 338*8f70e16bSGordon Ross tmo = user->u_auth_tmo; 339*8f70e16bSGordon Ross user->u_auth_tmo = NULL; 34012b65585SGordon Ross user->u_state = SMB_USER_STATE_LOGGED_OFF; 34112b65585SGordon Ross smb_server_dec_users(user->u_server); 34212b65585SGordon Ross break; 34312b65585SGordon Ross 344b210fedeSGordon Ross case SMB_USER_STATE_LOGGED_ON: 345da6c28aaSamw /* 346da6c28aaSamw * The user is moved into a state indicating that the log off 347da6c28aaSamw * process has started. 348da6c28aaSamw */ 349da6c28aaSamw user->u_state = SMB_USER_STATE_LOGGING_OFF; 350da6c28aaSamw mutex_exit(&user->u_mutex); 3513b13a1efSThomas Keiser smb_session_disconnect_owned_trees(user->u_session, user); 3528622ec45SGordon Ross smb_user_auth_logoff(user); 353da6c28aaSamw mutex_enter(&user->u_mutex); 354da6c28aaSamw user->u_state = SMB_USER_STATE_LOGGED_OFF; 355148c5f43SAlan Wright smb_server_dec_users(user->u_server); 356da6c28aaSamw break; 357b210fedeSGordon Ross 358da6c28aaSamw case SMB_USER_STATE_LOGGED_OFF: 359da6c28aaSamw case SMB_USER_STATE_LOGGING_OFF: 360da6c28aaSamw break; 361da6c28aaSamw 362da6c28aaSamw default: 363da6c28aaSamw ASSERT(0); 364da6c28aaSamw break; 365da6c28aaSamw } 366da6c28aaSamw mutex_exit(&user->u_mutex); 367b210fedeSGordon Ross 368*8f70e16bSGordon Ross /* Timeout callback takes u_mutex. See untimeout(9f) */ 369*8f70e16bSGordon Ross if (tmo != NULL) 370*8f70e16bSGordon Ross (void) untimeout(tmo); 371*8f70e16bSGordon Ross 372b210fedeSGordon Ross /* This close can block, so not under the mutex. */ 373b210fedeSGordon Ross if (authsock != NULL) { 374b210fedeSGordon Ross smb_authsock_close(user, authsock); 375b210fedeSGordon Ross } 376da6c28aaSamw } 377da6c28aaSamw 378da6c28aaSamw /* 3793b13a1efSThomas Keiser * Take a reference on a user. Do not return a reference unless the user is in 3803b13a1efSThomas Keiser * the logged-in state. 3811fcced4cSJordan Brown */ 3821fcced4cSJordan Brown boolean_t 3831fcced4cSJordan Brown smb_user_hold(smb_user_t *user) 3841fcced4cSJordan Brown { 3853b13a1efSThomas Keiser SMB_USER_VALID(user); 3861fcced4cSJordan Brown 3871fcced4cSJordan Brown mutex_enter(&user->u_mutex); 3881fcced4cSJordan Brown 38912b65585SGordon Ross if (user->u_state == SMB_USER_STATE_LOGGED_ON) { 3901fcced4cSJordan Brown user->u_refcnt++; 3911fcced4cSJordan Brown mutex_exit(&user->u_mutex); 3921fcced4cSJordan Brown return (B_TRUE); 3931fcced4cSJordan Brown } 3941fcced4cSJordan Brown 3951fcced4cSJordan Brown mutex_exit(&user->u_mutex); 3961fcced4cSJordan Brown return (B_FALSE); 3971fcced4cSJordan Brown } 3981fcced4cSJordan Brown 3991fcced4cSJordan Brown /* 4003b13a1efSThomas Keiser * Unconditionally take a reference on a user. 4013b13a1efSThomas Keiser */ 4023b13a1efSThomas Keiser void 4033b13a1efSThomas Keiser smb_user_hold_internal(smb_user_t *user) 4043b13a1efSThomas Keiser { 4053b13a1efSThomas Keiser SMB_USER_VALID(user); 4063b13a1efSThomas Keiser 4073b13a1efSThomas Keiser mutex_enter(&user->u_mutex); 4083b13a1efSThomas Keiser user->u_refcnt++; 4093b13a1efSThomas Keiser mutex_exit(&user->u_mutex); 4103b13a1efSThomas Keiser } 4113b13a1efSThomas Keiser 4123b13a1efSThomas Keiser /* 4139fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * Release a reference on a user. If the reference count falls to 4149fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * zero and the user has logged off, post the object for deletion. 4159fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * Object deletion is deferred to avoid modifying a list while an 4169fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * iteration may be in progress. 417da6c28aaSamw */ 418da6c28aaSamw void 419da6c28aaSamw smb_user_release( 420da6c28aaSamw smb_user_t *user) 421da6c28aaSamw { 422da6c28aaSamw ASSERT(user->u_magic == SMB_USER_MAGIC); 423da6c28aaSamw 424da6c28aaSamw mutex_enter(&user->u_mutex); 425da6c28aaSamw ASSERT(user->u_refcnt); 426da6c28aaSamw user->u_refcnt--; 427c5866007SKeyur Desai 428da6c28aaSamw switch (user->u_state) { 429da6c28aaSamw case SMB_USER_STATE_LOGGED_OFF: 4309fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States if (user->u_refcnt == 0) 4319fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_session_post_user(user->u_session, user); 432da6c28aaSamw break; 433da6c28aaSamw 43412b65585SGordon Ross case SMB_USER_STATE_LOGGING_ON: 43512b65585SGordon Ross case SMB_USER_STATE_LOGGED_ON: 436da6c28aaSamw case SMB_USER_STATE_LOGGING_OFF: 437da6c28aaSamw break; 438da6c28aaSamw 439da6c28aaSamw default: 440da6c28aaSamw ASSERT(0); 441da6c28aaSamw break; 442da6c28aaSamw } 443da6c28aaSamw mutex_exit(&user->u_mutex); 444da6c28aaSamw } 445da6c28aaSamw 4461fcced4cSJordan Brown /* 447*8f70e16bSGordon Ross * Timeout handler for user logons that stay too long in 448*8f70e16bSGordon Ross * state SMB_USER_STATE_LOGGING_ON. This is setup by a 449*8f70e16bSGordon Ross * timeout call in smb_authsock_open, and called in a 450*8f70e16bSGordon Ross * callout thread, so schedule a taskq job to do the 451*8f70e16bSGordon Ross * real work of logging off this user. 452*8f70e16bSGordon Ross */ 453*8f70e16bSGordon Ross void 454*8f70e16bSGordon Ross smb_user_auth_tmo(void *arg) 455*8f70e16bSGordon Ross { 456*8f70e16bSGordon Ross smb_user_t *user = arg; 457*8f70e16bSGordon Ross smb_request_t *sr; 458*8f70e16bSGordon Ross 459*8f70e16bSGordon Ross SMB_USER_VALID(user); 460*8f70e16bSGordon Ross 461*8f70e16bSGordon Ross /* 462*8f70e16bSGordon Ross * If we can't allocate a request, it means the 463*8f70e16bSGordon Ross * session is being torn down, so nothing to do. 464*8f70e16bSGordon Ross */ 465*8f70e16bSGordon Ross sr = smb_request_alloc(user->u_session, 0); 466*8f70e16bSGordon Ross if (sr == NULL) 467*8f70e16bSGordon Ross return; 468*8f70e16bSGordon Ross 469*8f70e16bSGordon Ross /* 470*8f70e16bSGordon Ross * Check user state, and take a hold if it's 471*8f70e16bSGordon Ross * still logging on. If not, we're done. 472*8f70e16bSGordon Ross */ 473*8f70e16bSGordon Ross mutex_enter(&user->u_mutex); 474*8f70e16bSGordon Ross if (user->u_state != SMB_USER_STATE_LOGGING_ON) { 475*8f70e16bSGordon Ross mutex_exit(&user->u_mutex); 476*8f70e16bSGordon Ross smb_request_free(sr); 477*8f70e16bSGordon Ross return; 478*8f70e16bSGordon Ross } 479*8f70e16bSGordon Ross /* smb_user_hold_internal */ 480*8f70e16bSGordon Ross user->u_refcnt++; 481*8f70e16bSGordon Ross mutex_exit(&user->u_mutex); 482*8f70e16bSGordon Ross 483*8f70e16bSGordon Ross /* 484*8f70e16bSGordon Ross * The user hold is given to the SR, and released in 485*8f70e16bSGordon Ross * smb_user_logoff_tq / smb_request_free 486*8f70e16bSGordon Ross */ 487*8f70e16bSGordon Ross sr->uid_user = user; 488*8f70e16bSGordon Ross sr->user_cr = user->u_cred; 489*8f70e16bSGordon Ross sr->sr_state = SMB_REQ_STATE_SUBMITTED; 490*8f70e16bSGordon Ross 491*8f70e16bSGordon Ross (void) taskq_dispatch( 492*8f70e16bSGordon Ross user->u_server->sv_worker_pool, 493*8f70e16bSGordon Ross smb_user_logoff_tq, sr, TQ_SLEEP); 494*8f70e16bSGordon Ross } 495*8f70e16bSGordon Ross 496*8f70e16bSGordon Ross /* 497*8f70e16bSGordon Ross * Helper for smb_user_auth_tmo() 498*8f70e16bSGordon Ross */ 499*8f70e16bSGordon Ross static void 500*8f70e16bSGordon Ross smb_user_logoff_tq(void *arg) 501*8f70e16bSGordon Ross { 502*8f70e16bSGordon Ross smb_request_t *sr = arg; 503*8f70e16bSGordon Ross 504*8f70e16bSGordon Ross SMB_REQ_VALID(sr); 505*8f70e16bSGordon Ross 506*8f70e16bSGordon Ross mutex_enter(&sr->sr_mutex); 507*8f70e16bSGordon Ross sr->sr_worker = curthread; 508*8f70e16bSGordon Ross sr->sr_state = SMB_REQ_STATE_ACTIVE; 509*8f70e16bSGordon Ross mutex_exit(&sr->sr_mutex); 510*8f70e16bSGordon Ross 511*8f70e16bSGordon Ross smb_user_logoff(sr->uid_user); 512*8f70e16bSGordon Ross 513*8f70e16bSGordon Ross sr->sr_state = SMB_REQ_STATE_COMPLETED; 514*8f70e16bSGordon Ross smb_request_free(sr); 515*8f70e16bSGordon Ross } 516*8f70e16bSGordon Ross 517*8f70e16bSGordon Ross /* 518c8ec8eeaSjose borrego * Determine whether or not the user is an administrator. 519c8ec8eeaSjose borrego * Members of the administrators group have administrative rights. 520c8ec8eeaSjose borrego */ 521c8ec8eeaSjose borrego boolean_t 522148c5f43SAlan Wright smb_user_is_admin(smb_user_t *user) 523c8ec8eeaSjose borrego { 524b819cea2SGordon Ross #ifdef _KERNEL 525148c5f43SAlan Wright char sidstr[SMB_SID_STRSZ]; 526148c5f43SAlan Wright ksidlist_t *ksidlist; 527148c5f43SAlan Wright ksid_t ksid1; 528148c5f43SAlan Wright ksid_t *ksid2; 529148c5f43SAlan Wright int i; 530b819cea2SGordon Ross #endif /* _KERNEL */ 531b819cea2SGordon Ross boolean_t rc = B_FALSE; 532c8ec8eeaSjose borrego 533c8ec8eeaSjose borrego ASSERT(user); 534148c5f43SAlan Wright ASSERT(user->u_cred); 535c8ec8eeaSjose borrego 536148c5f43SAlan Wright if (SMB_USER_IS_ADMIN(user)) 537c8ec8eeaSjose borrego return (B_TRUE); 538c8ec8eeaSjose borrego 539b819cea2SGordon Ross #ifdef _KERNEL 540148c5f43SAlan Wright bzero(&ksid1, sizeof (ksid_t)); 541148c5f43SAlan Wright (void) strlcpy(sidstr, ADMINISTRATORS_SID, SMB_SID_STRSZ); 542148c5f43SAlan Wright ASSERT(smb_sid_splitstr(sidstr, &ksid1.ks_rid) == 0); 543148c5f43SAlan Wright ksid1.ks_domain = ksid_lookupdomain(sidstr); 544148c5f43SAlan Wright 545148c5f43SAlan Wright ksidlist = crgetsidlist(user->u_cred); 546148c5f43SAlan Wright ASSERT(ksidlist); 547148c5f43SAlan Wright ASSERT(ksid1.ks_domain); 548148c5f43SAlan Wright ASSERT(ksid1.ks_domain->kd_name); 549148c5f43SAlan Wright 550148c5f43SAlan Wright i = 0; 551148c5f43SAlan Wright ksid2 = crgetsid(user->u_cred, KSID_USER); 552148c5f43SAlan Wright do { 553148c5f43SAlan Wright ASSERT(ksid2->ks_domain); 554148c5f43SAlan Wright ASSERT(ksid2->ks_domain->kd_name); 555148c5f43SAlan Wright 556148c5f43SAlan Wright if (strcmp(ksid1.ks_domain->kd_name, 557148c5f43SAlan Wright ksid2->ks_domain->kd_name) == 0 && 558148c5f43SAlan Wright ksid1.ks_rid == ksid2->ks_rid) { 559148c5f43SAlan Wright user->u_flags |= SMB_USER_FLAG_ADMIN; 560148c5f43SAlan Wright rc = B_TRUE; 561148c5f43SAlan Wright break; 562148c5f43SAlan Wright } 563148c5f43SAlan Wright 564148c5f43SAlan Wright ksid2 = &ksidlist->ksl_sids[i]; 565148c5f43SAlan Wright } while (i++ < ksidlist->ksl_nsid); 566148c5f43SAlan Wright 567148c5f43SAlan Wright ksid_rele(&ksid1); 568b819cea2SGordon Ross #endif /* _KERNEL */ 569148c5f43SAlan Wright return (rc); 570c8ec8eeaSjose borrego } 571c8ec8eeaSjose borrego 5721fcced4cSJordan Brown /* 5731fcced4cSJordan Brown * This function should be called with a hold on the user. 5741fcced4cSJordan Brown */ 5751fcced4cSJordan Brown boolean_t 5761fcced4cSJordan Brown smb_user_namecmp(smb_user_t *user, const char *name) 5771fcced4cSJordan Brown { 5781fcced4cSJordan Brown char *fq_name; 5791fcced4cSJordan Brown boolean_t match; 5801fcced4cSJordan Brown 581bbf6f00cSJordan Brown if (smb_strcasecmp(name, user->u_name, 0) == 0) 5821fcced4cSJordan Brown return (B_TRUE); 5831fcced4cSJordan Brown 5841fcced4cSJordan Brown fq_name = kmem_alloc(MAXNAMELEN, KM_SLEEP); 5851fcced4cSJordan Brown 5861fcced4cSJordan Brown (void) snprintf(fq_name, MAXNAMELEN, "%s\\%s", 5871fcced4cSJordan Brown user->u_domain, user->u_name); 5881fcced4cSJordan Brown 589bbf6f00cSJordan Brown match = (smb_strcasecmp(name, fq_name, 0) == 0); 5901fcced4cSJordan Brown if (!match) { 5911fcced4cSJordan Brown (void) snprintf(fq_name, MAXNAMELEN, "%s@%s", 5921fcced4cSJordan Brown user->u_name, user->u_domain); 5931fcced4cSJordan Brown 594bbf6f00cSJordan Brown match = (smb_strcasecmp(name, fq_name, 0) == 0); 5951fcced4cSJordan Brown } 5961fcced4cSJordan Brown 5971fcced4cSJordan Brown kmem_free(fq_name, MAXNAMELEN); 5981fcced4cSJordan Brown return (match); 5991fcced4cSJordan Brown } 6001fcced4cSJordan Brown 6011fcced4cSJordan Brown /* 6021fcced4cSJordan Brown * If the enumeration request is for user data, handle the request 6031fcced4cSJordan Brown * here. Otherwise, pass it on to the trees. 6041fcced4cSJordan Brown * 6051fcced4cSJordan Brown * This function should be called with a hold on the user. 6061fcced4cSJordan Brown */ 6071fcced4cSJordan Brown int 6081fcced4cSJordan Brown smb_user_enum(smb_user_t *user, smb_svcenum_t *svcenum) 6091fcced4cSJordan Brown { 6103b13a1efSThomas Keiser int rc = 0; 6111fcced4cSJordan Brown 6121fcced4cSJordan Brown ASSERT(user); 6131fcced4cSJordan Brown ASSERT(user->u_magic == SMB_USER_MAGIC); 6141fcced4cSJordan Brown 6151fcced4cSJordan Brown if (svcenum->se_type == SMB_SVCENUM_TYPE_USER) 6161fcced4cSJordan Brown return (smb_user_enum_private(user, svcenum)); 6171fcced4cSJordan Brown 6181fcced4cSJordan Brown return (rc); 6191fcced4cSJordan Brown } 6201fcced4cSJordan Brown 621da6c28aaSamw /* *************************** Static Functions ***************************** */ 622da6c28aaSamw 623da6c28aaSamw /* 6249fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * Delete a user. The tree list should be empty. 6259fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * 6269fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * Remove the user from the session's user list before freeing resources 6279fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States * associated with the user. 628da6c28aaSamw */ 6299fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States void 6309fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_user_delete(void *arg) 631da6c28aaSamw { 632da6c28aaSamw smb_session_t *session; 6339fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_user_t *user = (smb_user_t *)arg; 634da6c28aaSamw 6359fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States SMB_USER_VALID(user); 636da6c28aaSamw ASSERT(user->u_refcnt == 0); 637da6c28aaSamw ASSERT(user->u_state == SMB_USER_STATE_LOGGED_OFF); 63812b65585SGordon Ross ASSERT(user->u_authsock == NULL); 639*8f70e16bSGordon Ross ASSERT(user->u_auth_tmo == NULL); 640da6c28aaSamw 641da6c28aaSamw session = user->u_session; 642da6c28aaSamw smb_llist_enter(&session->s_user_list, RW_WRITER); 643da6c28aaSamw smb_llist_remove(&session->s_user_list, user); 6449fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_idpool_free(&session->s_uid_pool, user->u_uid); 645da6c28aaSamw smb_llist_exit(&session->s_user_list); 646da6c28aaSamw 6479fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States mutex_enter(&user->u_mutex); 6489fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States mutex_exit(&user->u_mutex); 6499fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 650da6c28aaSamw user->u_magic = (uint32_t)~SMB_USER_MAGIC; 651da6c28aaSamw mutex_destroy(&user->u_mutex); 652148c5f43SAlan Wright if (user->u_cred) 653da6c28aaSamw crfree(user->u_cred); 654b89a8333Snatalie li - Sun Microsystems - Irvine United States if (user->u_privcred) 655b89a8333Snatalie li - Sun Microsystems - Irvine United States crfree(user->u_privcred); 6569fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(user->u_name); 6579fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(user->u_domain); 6588622ec45SGordon Ross kmem_cache_free(smb_cache_user, user); 659da6c28aaSamw } 660c8ec8eeaSjose borrego 661b89a8333Snatalie li - Sun Microsystems - Irvine United States cred_t * 662b89a8333Snatalie li - Sun Microsystems - Irvine United States smb_user_getcred(smb_user_t *user) 663b89a8333Snatalie li - Sun Microsystems - Irvine United States { 664b89a8333Snatalie li - Sun Microsystems - Irvine United States return (user->u_cred); 665b89a8333Snatalie li - Sun Microsystems - Irvine United States } 666b89a8333Snatalie li - Sun Microsystems - Irvine United States 667b89a8333Snatalie li - Sun Microsystems - Irvine United States cred_t * 668b89a8333Snatalie li - Sun Microsystems - Irvine United States smb_user_getprivcred(smb_user_t *user) 669b89a8333Snatalie li - Sun Microsystems - Irvine United States { 670b89a8333Snatalie li - Sun Microsystems - Irvine United States return ((user->u_privcred)? user->u_privcred : user->u_cred); 671b89a8333Snatalie li - Sun Microsystems - Irvine United States } 6721fcced4cSJordan Brown 673b819cea2SGordon Ross #ifdef _KERNEL 6741fcced4cSJordan Brown /* 675148c5f43SAlan Wright * Assign the user cred and privileges. 676148c5f43SAlan Wright * 677148c5f43SAlan Wright * If the user has backup and/or restore privleges, dup the cred 678148c5f43SAlan Wright * and add those privileges to this new privileged cred. 679148c5f43SAlan Wright */ 680b819cea2SGordon Ross void 681148c5f43SAlan Wright smb_user_setcred(smb_user_t *user, cred_t *cr, uint32_t privileges) 682148c5f43SAlan Wright { 683148c5f43SAlan Wright cred_t *privcred = NULL; 684148c5f43SAlan Wright 685148c5f43SAlan Wright ASSERT(cr); 686148c5f43SAlan Wright crhold(cr); 687148c5f43SAlan Wright 688148c5f43SAlan Wright if (privileges & (SMB_USER_PRIV_BACKUP | SMB_USER_PRIV_RESTORE)) 689148c5f43SAlan Wright privcred = crdup(cr); 690148c5f43SAlan Wright 691148c5f43SAlan Wright if (privcred != NULL) { 692148c5f43SAlan Wright if (privileges & SMB_USER_PRIV_BACKUP) { 693148c5f43SAlan Wright (void) crsetpriv(privcred, PRIV_FILE_DAC_READ, 694148c5f43SAlan Wright PRIV_FILE_DAC_SEARCH, PRIV_SYS_MOUNT, NULL); 695148c5f43SAlan Wright } 696148c5f43SAlan Wright 697148c5f43SAlan Wright if (privileges & SMB_USER_PRIV_RESTORE) { 698148c5f43SAlan Wright (void) crsetpriv(privcred, PRIV_FILE_DAC_WRITE, 699148c5f43SAlan Wright PRIV_FILE_CHOWN, PRIV_FILE_CHOWN_SELF, 700148c5f43SAlan Wright PRIV_FILE_DAC_SEARCH, PRIV_FILE_LINK_ANY, 701148c5f43SAlan Wright PRIV_FILE_OWNER, PRIV_FILE_SETID, 702148c5f43SAlan Wright PRIV_SYS_LINKDIR, PRIV_SYS_MOUNT, NULL); 703148c5f43SAlan Wright } 704148c5f43SAlan Wright } 705148c5f43SAlan Wright 706148c5f43SAlan Wright user->u_cred = cr; 707148c5f43SAlan Wright user->u_privcred = privcred; 708148c5f43SAlan Wright user->u_privileges = privileges; 709148c5f43SAlan Wright } 710b819cea2SGordon Ross #endif /* _KERNEL */ 711148c5f43SAlan Wright 712148c5f43SAlan Wright /* 7131fcced4cSJordan Brown * Private function to support smb_user_enum. 7141fcced4cSJordan Brown */ 7151fcced4cSJordan Brown static int 7161fcced4cSJordan Brown smb_user_enum_private(smb_user_t *user, smb_svcenum_t *svcenum) 7171fcced4cSJordan Brown { 7181fcced4cSJordan Brown uint8_t *pb; 7191fcced4cSJordan Brown uint_t nbytes; 7201fcced4cSJordan Brown int rc; 7211fcced4cSJordan Brown 7221fcced4cSJordan Brown if (svcenum->se_nskip > 0) { 7231fcced4cSJordan Brown svcenum->se_nskip--; 7241fcced4cSJordan Brown return (0); 7251fcced4cSJordan Brown } 7261fcced4cSJordan Brown 7271fcced4cSJordan Brown if (svcenum->se_nitems >= svcenum->se_nlimit) { 7281fcced4cSJordan Brown svcenum->se_nitems = svcenum->se_nlimit; 7291fcced4cSJordan Brown return (0); 7301fcced4cSJordan Brown } 7311fcced4cSJordan Brown 7321fcced4cSJordan Brown pb = &svcenum->se_buf[svcenum->se_bused]; 7331fcced4cSJordan Brown rc = smb_user_netinfo_encode(user, pb, svcenum->se_bavail, &nbytes); 7341fcced4cSJordan Brown if (rc == 0) { 7351fcced4cSJordan Brown svcenum->se_bavail -= nbytes; 7361fcced4cSJordan Brown svcenum->se_bused += nbytes; 7371fcced4cSJordan Brown svcenum->se_nitems++; 7381fcced4cSJordan Brown } 7391fcced4cSJordan Brown 7401fcced4cSJordan Brown return (rc); 7411fcced4cSJordan Brown } 7421fcced4cSJordan Brown 7431fcced4cSJordan Brown /* 7441fcced4cSJordan Brown * Encode the NetInfo for a user into a buffer. NetInfo contains 7451fcced4cSJordan Brown * information that is often needed in user space to support RPC 7461fcced4cSJordan Brown * requests. 7471fcced4cSJordan Brown */ 7481fcced4cSJordan Brown int 7491fcced4cSJordan Brown smb_user_netinfo_encode(smb_user_t *user, uint8_t *buf, size_t buflen, 7501fcced4cSJordan Brown uint32_t *nbytes) 7511fcced4cSJordan Brown { 7521fcced4cSJordan Brown smb_netuserinfo_t info; 7531fcced4cSJordan Brown int rc; 7541fcced4cSJordan Brown 7551fcced4cSJordan Brown smb_user_netinfo_init(user, &info); 7561fcced4cSJordan Brown rc = smb_netuserinfo_encode(&info, buf, buflen, nbytes); 7571fcced4cSJordan Brown smb_user_netinfo_fini(&info); 7581fcced4cSJordan Brown 7591fcced4cSJordan Brown return (rc); 7601fcced4cSJordan Brown } 7611fcced4cSJordan Brown 7621fcced4cSJordan Brown void 7631fcced4cSJordan Brown smb_user_netinfo_init(smb_user_t *user, smb_netuserinfo_t *info) 7641fcced4cSJordan Brown { 7651fcced4cSJordan Brown smb_session_t *session; 7661fcced4cSJordan Brown char *buf; 7671fcced4cSJordan Brown 7681fcced4cSJordan Brown ASSERT(user); 7691fcced4cSJordan Brown ASSERT(user->u_domain); 7701fcced4cSJordan Brown ASSERT(user->u_name); 7711fcced4cSJordan Brown 7721fcced4cSJordan Brown session = user->u_session; 7731fcced4cSJordan Brown ASSERT(session); 7741fcced4cSJordan Brown ASSERT(session->workstation); 7751fcced4cSJordan Brown 7761fcced4cSJordan Brown info->ui_session_id = session->s_kid; 7771fcced4cSJordan Brown info->ui_native_os = session->native_os; 7781fcced4cSJordan Brown info->ui_ipaddr = session->ipaddr; 7791fcced4cSJordan Brown info->ui_numopens = session->s_file_cnt; 780c5866007SKeyur Desai info->ui_smb_uid = user->u_uid; 7811fcced4cSJordan Brown info->ui_logon_time = user->u_logon_time; 7821fcced4cSJordan Brown info->ui_flags = user->u_flags; 783c5866007SKeyur Desai info->ui_posix_uid = crgetuid(user->u_cred); 7841fcced4cSJordan Brown 7851fcced4cSJordan Brown info->ui_domain_len = user->u_domain_len; 7869fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States info->ui_domain = smb_mem_strdup(user->u_domain); 7871fcced4cSJordan Brown 7881fcced4cSJordan Brown info->ui_account_len = user->u_name_len; 7899fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States info->ui_account = smb_mem_strdup(user->u_name); 7901fcced4cSJordan Brown 7911fcced4cSJordan Brown buf = kmem_alloc(MAXNAMELEN, KM_SLEEP); 7921fcced4cSJordan Brown smb_session_getclient(session, buf, MAXNAMELEN); 7931fcced4cSJordan Brown info->ui_workstation_len = strlen(buf) + 1; 7949fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States info->ui_workstation = smb_mem_strdup(buf); 7951fcced4cSJordan Brown kmem_free(buf, MAXNAMELEN); 7961fcced4cSJordan Brown } 7971fcced4cSJordan Brown 7981fcced4cSJordan Brown void 7991fcced4cSJordan Brown smb_user_netinfo_fini(smb_netuserinfo_t *info) 8001fcced4cSJordan Brown { 8011fcced4cSJordan Brown if (info == NULL) 8021fcced4cSJordan Brown return; 8031fcced4cSJordan Brown 8041fcced4cSJordan Brown if (info->ui_domain) 8059fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(info->ui_domain); 8061fcced4cSJordan Brown if (info->ui_account) 8079fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(info->ui_account); 8081fcced4cSJordan Brown if (info->ui_workstation) 8099fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_mem_free(info->ui_workstation); 8101fcced4cSJordan Brown 8111fcced4cSJordan Brown bzero(info, sizeof (smb_netuserinfo_t)); 8121fcced4cSJordan Brown } 8139fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 8149fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States static void 8158622ec45SGordon Ross smb_user_auth_logoff(smb_user_t *user) 8169fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States { 8178622ec45SGordon Ross uint32_t audit_sid = user->u_audit_sid; 8188622ec45SGordon Ross 8198622ec45SGordon Ross (void) smb_kdoor_upcall(user->u_server, SMB_DR_USER_AUTH_LOGOFF, 8209fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States &audit_sid, xdr_uint32_t, NULL, NULL); 8219fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States } 822