1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #ifndef _LIBMLSVC_H 27 #define _LIBMLSVC_H 28 29 #include <uuid/uuid.h> 30 #include <sys/param.h> 31 #include <sys/types.h> 32 #include <sys/uio.h> 33 #include <sys/ksynch.h> 34 #include <stdio.h> 35 #include <string.h> 36 #include <smbsrv/wintypes.h> 37 #include <smbsrv/hash_table.h> 38 #include <smbsrv/smb_token.h> 39 #include <smbsrv/smb_privilege.h> 40 #include <smbsrv/smb_share.h> 41 #include <smbsrv/smb_xdr.h> 42 #include <smbsrv/libsmb.h> 43 #include <smbsrv/libsmbrdr.h> 44 #include <smbsrv/libmlrpc.h> 45 #include <smbsrv/ndl/lsarpc.ndl> 46 47 #ifdef __cplusplus 48 extern "C" { 49 #endif 50 51 typedef struct lsa_nt_domaininfo { 52 smb_sid_t *n_sid; 53 char n_domain[NETBIOS_NAME_SZ]; 54 } lsa_nt_domaininfo_t; 55 56 typedef struct lsa_trusted_domainlist { 57 uint32_t t_num; 58 lsa_nt_domaininfo_t *t_domains; 59 } lsa_trusted_domainlist_t; 60 61 typedef struct lsa_dns_domaininfo { 62 smb_sid_t *d_sid; 63 char d_nbdomain[NETBIOS_NAME_SZ]; 64 char d_fqdomain[MAXHOSTNAMELEN]; 65 char d_forest[MAXHOSTNAMELEN]; 66 mslsa_guid_t d_guid; 67 } lsa_dns_domaininfo_t; 68 69 typedef enum lsa_info_type { 70 LSA_INFO_NONE, 71 LSA_INFO_PRIMARY_DOMAIN, 72 LSA_INFO_ACCOUNT_DOMAIN, 73 LSA_INFO_DNS_DOMAIN, 74 LSA_INFO_TRUSTED_DOMAINS 75 } lsa_info_type_t; 76 77 typedef struct lsa_info { 78 lsa_info_type_t i_type; 79 union { 80 lsa_nt_domaininfo_t di_primary; 81 lsa_nt_domaininfo_t di_account; 82 lsa_dns_domaininfo_t di_dns; 83 lsa_trusted_domainlist_t di_trust; 84 } i_domain; 85 } lsa_info_t; 86 87 extern DWORD lsa_query_primary_domain_info(char *, char *, lsa_info_t *); 88 extern DWORD lsa_query_account_domain_info(char *, char *, lsa_info_t *); 89 extern DWORD lsa_query_dns_domain_info(char *, char *, lsa_info_t *); 90 extern DWORD lsa_enum_trusted_domains(char *, char *, lsa_info_t *); 91 extern void lsa_free_info(lsa_info_t *); 92 93 extern uint32_t mlsvc_lookup_name(char *, smb_sid_t **, uint16_t *); 94 extern uint32_t mlsvc_lookup_sid(smb_sid_t *, char **); 95 96 /* 97 * SMB domain API to discover a domain controller and obtain domain 98 * information. 99 */ 100 101 typedef struct smb_domain { 102 char d_dc[MAXHOSTNAMELEN]; 103 char d_nbdomain[NETBIOS_NAME_SZ]; 104 char d_fqdomain[MAXHOSTNAMELEN]; 105 char d_forest[MAXHOSTNAMELEN]; 106 char d_guid[UUID_PRINTABLE_STRING_LENGTH]; 107 } smb_domain_t; 108 extern boolean_t smb_locate_dc(char *, char *, smb_domain_t *); 109 extern boolean_t smb_domain_getinfo(smb_domain_t *); 110 111 112 extern int mlsvc_get_door_fd(void); 113 extern uint64_t mlsvc_get_num_users(void); 114 extern int mlsvc_get_user_list(int, smb_dr_ulist_t *); 115 extern void dssetup_clear_domain_info(void); 116 extern int mlsvc_init(void); 117 extern void mlsvc_set_door_fd(int); 118 extern int mlsvc_set_share(int, char *, char *); 119 extern DWORD mlsvc_netlogon(char *, char *); 120 extern DWORD mlsvc_join(smb_domain_t *, char *, char *); 121 122 123 /* 124 * The maximum number of domains (NT limit). 125 */ 126 #define MLSVC_DOMAIN_MAX 32 127 128 /* 129 * Status code returned from enumeration RPCs to indicate 130 * that the server has no more data. Normally returned at 131 * severity level ERROR_SEVERITY_WARNING. 132 */ 133 #define MLSVC_NO_MORE_DATA 0x1A 134 135 #define MLSVC_ANON_USER "IPC$" 136 137 char *mlsvc_ipc_name(int ipc_type, char *username); 138 139 /* 140 * Passthrough negotiation and authentication interface. 141 * 142 * NT supports two forms of password: a Lanman (case-insensitive) 143 * password and an NT (case-sensitive) password. If either of the 144 * passwords is not available its pointer and length should be set 145 * to zero. The session key and vc number are required to validate 146 * the encrypted passwords. 147 */ 148 149 void mlsvc_nt_password_hash(char *result, char *password); 150 int mlsvc_encrypt_nt_password(char *password, char *key, int keylen, char *out, 151 int outmax); 152 153 #define SMB_AUTOHOME_FILE "smbautohome" 154 #define SMB_AUTOHOME_PATH "/etc" 155 156 typedef struct smb_autohome { 157 struct smb_autohome *ah_next; 158 uint32_t ah_hits; 159 time_t ah_timestamp; 160 char *ah_name; /* User account name */ 161 char *ah_path; /* Home directory path */ 162 char *ah_container; /* ADS container distinguished name */ 163 } smb_autohome_t; 164 165 extern void smb_autohome_add(const char *); 166 extern void smb_autohome_remove(const char *); 167 168 smb_userinfo_t *mlsvc_alloc_user_info(void); 169 void mlsvc_free_user_info(smb_userinfo_t *user_info); 170 void mlsvc_release_user_info(smb_userinfo_t *user_info); 171 void mlsvc_setadmin_user_info(smb_userinfo_t *user_info); 172 char *mlsvc_sid_name_use(unsigned int snu_id); 173 174 /* 175 * A local unique id (LUID) is an opaque id used by servers to identify 176 * local resources, such as privileges. A client will use lookup 177 * functions to translate the LUID to a more general, machine independent 178 * form; such as a string. 179 */ 180 typedef struct ms_luid { 181 uint32_t low_part; 182 uint32_t high_part; 183 } ms_luid_t; 184 185 /* 186 * A client_t is created while binding a client connection to hold the 187 * context for calls made using that connection. 188 * 189 * Handles are RPC call specific and we use an inheritance mechanism to 190 * ensure that each handle has a pointer to the client_t. When the top 191 * level (bind) handle is released, we close the connection. 192 */ 193 typedef struct mlsvc_handle { 194 ndr_hdid_t handle; 195 ndr_client_t *clnt; 196 int remote_os; 197 } mlsvc_handle_t; 198 199 int ndr_rpc_bind(mlsvc_handle_t *, char *, char *, char *, const char *); 200 void ndr_rpc_unbind(mlsvc_handle_t *); 201 int ndr_rpc_call(mlsvc_handle_t *, int, void *); 202 int ndr_rpc_server_os(mlsvc_handle_t *); 203 void *ndr_rpc_malloc(mlsvc_handle_t *, size_t); 204 ndr_heap_t *ndr_rpc_get_heap(mlsvc_handle_t *); 205 void ndr_rpc_release(mlsvc_handle_t *); 206 boolean_t ndr_is_null_handle(mlsvc_handle_t *); 207 boolean_t ndr_is_bind_handle(mlsvc_handle_t *); 208 void ndr_inherit_handle(mlsvc_handle_t *, mlsvc_handle_t *); 209 void ndr_rpc_status(mlsvc_handle_t *, int, uint32_t); 210 211 #ifdef __cplusplus 212 } 213 #endif 214 215 #endif /* _LIBMLSVC_H */ 216