xref: /titanic_41/usr/src/lib/libidmap/common/sidutil.h (revision 49d3bc91e27cd871b950d56c01398fa2f2e12ab4) 
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #ifndef _SIDUTIL_H
27 #define	_SIDUTIL_H
28 
29 /*
30  * Security Identifier (SID) interface definition.
31  *
32  * This is an extract from uts/common/smbsrv/smb_sid.h, with functions
33  * renamed as part of a tentative plan for convergence.
34  */
35 
36 #ifdef __cplusplus
37 extern "C" {
38 #endif
39 
40 /*
41  * Common definition for a SID.
42  */
43 #define	NT_SID_REVISION		1
44 #define	NT_SID_AUTH_MAX		6
45 #define	NT_SID_SUBAUTH_MAX	15
46 
47 #if	!defined(ANY_SIZE_ARRAY)
48 #define	ANY_SIZE_ARRAY	1
49 #endif
50 
51 /*
52  * Security Identifier (SID)
53  *
54  * The security identifier (SID) uniquely identifies a user, group or
55  * a domain. It consists of a revision number, the identifier authority,
56  * and a list of sub-authorities. The revision number is currently 1.
57  * The identifier authority identifies which system issued the SID. The
58  * sub-authorities of a domain SID uniquely identify a domain. A user
59  * or group SID consists of a domain SID with the user or group id
60  * appended. The user or group id (also known as a relative id (RID)
61  * uniquely identifies a user within a domain. A user or group SID
62  * uniquely identifies a user or group across all domains. The SidType
63  * values identify the various types of SID.
64  *
65  *      1   1   1   1   1   1
66  *      5   4   3   2   1   0   9   8   7   6   5   4   3   2   1   0
67  *   +---------------------------------------------------------------+
68  *   |      SubAuthorityCount        |Reserved1 (SBZ)|   Revision    |
69  *   +---------------------------------------------------------------+
70  *   |                   IdentifierAuthority[0]                      |
71  *   +---------------------------------------------------------------+
72  *   |                   IdentifierAuthority[1]                      |
73  *   +---------------------------------------------------------------+
74  *   |                   IdentifierAuthority[2]                      |
75  *   +---------------------------------------------------------------+
76  *   |                                                               |
77  *   +- -  -  -  -  -  -  -  SubAuthority[]  -  -  -  -  -  -  -  - -+
78  *   |                                                               |
79  *   +---------------------------------------------------------------+
80  *
81  */
82 /*
83  * Note: NT defines the Identifier Authority as a separate
84  * structure (SID_IDENTIFIER_AUTHORITY) containing a literal
85  * definition of a 6 byte vector but the effect is the same
86  * as defining it as a member value.
87  */
88 typedef struct sid {
89 	uint8_t sid_revision;
90 	uint8_t sid_subauthcnt;
91 	uint8_t sid_authority[NT_SID_AUTH_MAX];
92 	uint32_t sid_subauth[ANY_SIZE_ARRAY];
93 } sid_t;
94 
95 /*
96  * The maximum size of a SID in string format
97  */
98 #define	SID_STRSZ		256
99 
100 /* Given a SID, return its length in bytes. */
101 int sid_len(sid_t *);
102 
103 /* Given a dynamically allocated SID (e.g. from sid_fromstr), free it. */
104 void sid_free(sid_t *);
105 
106 /* Translate a binary-format SID into the supplied SID_STRSZ buffer. */
107 void sid_tostr(sid_t *, char *);
108 
109 /* Translate a text-format SID into an allocated binary-format SID. */
110 sid_t *sid_fromstr(char *);
111 
112 /* In-place, translate a host-order SID into MS-native little endian. */
113 void sid_to_le(sid_t *);
114 
115 /* In-place, translate a MS-native little endian SID into host order. */
116 void sid_from_le(sid_t *);
117 
118 #ifdef __cplusplus
119 }
120 #endif
121 
122 
123 #endif /* _SIDUTIL_H */
124