common/smbclnt/smbfs_ntacl.h

*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * CDDL HEADER START
*02d09e03SGordon Ross *
*02d09e03SGordon Ross * The contents of this file are subject to the terms of the
*02d09e03SGordon Ross * Common Development and Distribution License (the "License").
*02d09e03SGordon Ross * You may not use this file except in compliance with the License.
*02d09e03SGordon Ross *
*02d09e03SGordon Ross * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
*02d09e03SGordon Ross * or http://www.opensolaris.org/os/licensing.
*02d09e03SGordon Ross * See the License for the specific language governing permissions
*02d09e03SGordon Ross * and limitations under the License.
*02d09e03SGordon Ross *
*02d09e03SGordon Ross * When distributing Covered Code, include this CDDL HEADER in each
*02d09e03SGordon Ross * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
*02d09e03SGordon Ross * If applicable, add the following below this CDDL HEADER, with the
*02d09e03SGordon Ross * fields enclosed by brackets "[]" replaced with your own identifying
*02d09e03SGordon Ross * information: Portions Copyright [yyyy] [name of copyright owner]
*02d09e03SGordon Ross *
*02d09e03SGordon Ross * CDDL HEADER END
*02d09e03SGordon Ross */
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
*02d09e03SGordon Ross * Use is subject to license terms.
*02d09e03SGordon Ross */
*02d09e03SGordon Ross
*02d09e03SGordon Ross#ifndef _SMBFS_NTACL_H
*02d09e03SGordon Ross#define	_SMBFS_NTACL_H
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Internal functions for dealing with
*02d09e03SGordon Ross * NT Security data structures.
*02d09e03SGordon Ross */
*02d09e03SGordon Ross
*02d09e03SGordon Ross#include <netsmb/mchain.h>
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Internal form of an NT SID
*02d09e03SGordon Ross * Same as on the wire, but possibly byte-swapped.
*02d09e03SGordon Ross */
*02d09e03SGordon Rosstypedef struct i_ntsid {
*02d09e03SGordon Ross	uint8_t	sid_revision;
*02d09e03SGordon Ross	uint8_t	sid_subauthcount;
*02d09e03SGordon Ross	uint8_t	sid_authority[6];
*02d09e03SGordon Ross	uint32_t sid_subauthvec[1]; /* actually len=subauthcount */
*02d09e03SGordon Ross} i_ntsid_t;
*02d09e03SGordon Ross#define	I_SID_SIZE(sacnt)	(8 + 4 * (sacnt))
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Internal form of an NT ACE
*02d09e03SGordon Ross */
*02d09e03SGordon Rosstypedef struct i_ntace {
*02d09e03SGordon Ross	uint8_t	ace_type;
*02d09e03SGordon Ross	uint8_t	ace_flags;
*02d09e03SGordon Ross	uint32_t	ace_rights; /* generic, standard, specific, etc */
*02d09e03SGordon Ross	i_ntsid_t	*ace_sid;
*02d09e03SGordon Ross} i_ntace_t;
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Internal form of an NT ACL (see sacl/dacl below)
*02d09e03SGordon Ross */
*02d09e03SGordon Rosstypedef struct i_ntacl {
*02d09e03SGordon Ross	uint8_t	acl_revision;	/* 0x02 observed with W2K */
*02d09e03SGordon Ross	uint16_t	acl_acecount;
*02d09e03SGordon Ross	i_ntace_t	*acl_acevec[1]; /* actually, len=acecount */
*02d09e03SGordon Ross} i_ntacl_t;
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Internal form of an NT Security Descriptor (SD)
*02d09e03SGordon Ross */
*02d09e03SGordon Rosstypedef struct i_ntsd {
*02d09e03SGordon Ross	uint8_t		sd_revision;	/* 0x01 observed between W2K */
*02d09e03SGordon Ross	uint8_t		sd_rmctl;	/* resource mgr control (MBZ) */
*02d09e03SGordon Ross	uint16_t	sd_flags;
*02d09e03SGordon Ross	i_ntsid_t	*sd_owner;
*02d09e03SGordon Ross	i_ntsid_t	*sd_group;
*02d09e03SGordon Ross	i_ntacl_t	*sd_sacl;
*02d09e03SGordon Ross	i_ntacl_t	*sd_dacl;
*02d09e03SGordon Ross} i_ntsd_t;
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Import a raw SD (mb chain) into "internal" form.
*02d09e03SGordon Ross * (like "absolute" form per. NT docs)
*02d09e03SGordon Ross * Returns allocated data in sdp
*02d09e03SGordon Ross */
*02d09e03SGordon Rossint md_get_ntsd(mdchain_t *mbp, i_ntsd_t **sdp);
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Export an "internal" SD into an raw SD (mb chain).
*02d09e03SGordon Ross * (a.k.a "self-relative" form per. NT docs)
*02d09e03SGordon Ross * Returns allocated mbchain in mbp.
*02d09e03SGordon Ross */
*02d09e03SGordon Rossint mb_put_ntsd(mbchain_t *mbp, i_ntsd_t *sd);
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Convert an internal SD to a ZFS-style ACL.
*02d09e03SGordon Ross * Get uid/gid too if pointers != NULL.
*02d09e03SGordon Ross */
*02d09e03SGordon Ross#ifdef	_KERNEL
*02d09e03SGordon Rossint smbfs_acl_sd2zfs(i_ntsd_t *, vsecattr_t *, uid_t *, gid_t *);
*02d09e03SGordon Ross#else /* _KERNEL */
*02d09e03SGordon Rossint smbfs_acl_sd2zfs(i_ntsd_t *, acl_t *, uid_t *, gid_t *);
*02d09e03SGordon Ross#endif /* _KERNEL */
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Convert an internal SD to a ZFS-style ACL.
*02d09e03SGordon Ross * Include owner/group too if uid/gid != -1.
*02d09e03SGordon Ross */
*02d09e03SGordon Ross#ifdef	_KERNEL
*02d09e03SGordon Rossint smbfs_acl_zfs2sd(vsecattr_t *, uid_t, gid_t, i_ntsd_t **);
*02d09e03SGordon Ross#else /* _KERNEL */
*02d09e03SGordon Rossint smbfs_acl_zfs2sd(acl_t *, uid_t, gid_t, i_ntsd_t **);
*02d09e03SGordon Ross#endif /* _KERNEL */
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Free an i_ntsd_t, as returned by md_get_ntsd()
*02d09e03SGordon Ross * or smbfs_acl_zfs2sd().
*02d09e03SGordon Ross */
*02d09e03SGordon Rossvoid smbfs_acl_free_sd(struct i_ntsd *);
*02d09e03SGordon Ross
*02d09e03SGordon Ross/*
*02d09e03SGordon Ross * Convert an NT SID to string format.
*02d09e03SGordon Ross */
*02d09e03SGordon Rossint smbfs_sid2str(i_ntsid_t *sid,
*02d09e03SGordon Ross	char *obuf, size_t olen, uint32_t *ridp);
*02d09e03SGordon Ross
*02d09e03SGordon Ross#endif	/* _SMBFS_NTACL_H */