xref: /titanic_44/usr/src/uts/common/fs/smbsrv/smb_idmap.c (revision b819cea2f73f98c5662230cc9affc8cc84f77fcf) 
1*b819cea2SGordon Ross /*
2*b819cea2SGordon Ross  * CDDL HEADER START
3*b819cea2SGordon Ross  *
4*b819cea2SGordon Ross  * The contents of this file are subject to the terms of the
5*b819cea2SGordon Ross  * Common Development and Distribution License (the "License").
6*b819cea2SGordon Ross  * You may not use this file except in compliance with the License.
7*b819cea2SGordon Ross  *
8*b819cea2SGordon Ross  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*b819cea2SGordon Ross  * or http://www.opensolaris.org/os/licensing.
10*b819cea2SGordon Ross  * See the License for the specific language governing permissions
11*b819cea2SGordon Ross  * and limitations under the License.
12*b819cea2SGordon Ross  *
13*b819cea2SGordon Ross  * When distributing Covered Code, include this CDDL HEADER in each
14*b819cea2SGordon Ross  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*b819cea2SGordon Ross  * If applicable, add the following below this CDDL HEADER, with the
16*b819cea2SGordon Ross  * fields enclosed by brackets "[]" replaced with your own identifying
17*b819cea2SGordon Ross  * information: Portions Copyright [yyyy] [name of copyright owner]
18*b819cea2SGordon Ross  *
19*b819cea2SGordon Ross  * CDDL HEADER END
20*b819cea2SGordon Ross  */
21*b819cea2SGordon Ross /*
22*b819cea2SGordon Ross  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23*b819cea2SGordon Ross  * Copyright 2013 Nexenta Systems, Inc.  All rights reserved.
24*b819cea2SGordon Ross  */
25*b819cea2SGordon Ross 
26*b819cea2SGordon Ross /*
27*b819cea2SGordon Ross  * SMB server interface to idmap
28*b819cea2SGordon Ross  * (smb_idmap_get..., smb_idmap_batch_...)
29*b819cea2SGordon Ross  *
30*b819cea2SGordon Ross  * There are three implementations of this interface:
31*b819cea2SGordon Ross  *	uts/common/fs/smbsrv/smb_idmap.c (smbsrv kmod)
32*b819cea2SGordon Ross  *	lib/smbsrv/libfksmbsrv/common/fksmb_idmap.c (libfksmbsrv)
33*b819cea2SGordon Ross  *	lib/smbsrv/libsmb/common/smb_idmap.c (libsmb)
34*b819cea2SGordon Ross  *
35*b819cea2SGordon Ross  * There are enough differences (relative to the code size)
36*b819cea2SGordon Ross  * that it's more trouble than it's worth to merge them.
37*b819cea2SGordon Ross  *
38*b819cea2SGordon Ross  * This one differs from the others in that it:
39*b819cea2SGordon Ross  *	calls kernel (kidmap_...) interfaces
40*b819cea2SGordon Ross  *	domain SIDs are shared, not strdup'ed
41*b819cea2SGordon Ross  */
42*b819cea2SGordon Ross 
43*b819cea2SGordon Ross /*
44*b819cea2SGordon Ross  * SMB ID mapping
45*b819cea2SGordon Ross  *
46*b819cea2SGordon Ross  * Solaris ID mapping service (aka Winchester) works with domain SIDs
47*b819cea2SGordon Ross  * and RIDs where domain SIDs are in string format. CIFS service works
48*b819cea2SGordon Ross  * with binary SIDs understandable by CIFS clients. A layer of SMB ID
49*b819cea2SGordon Ross  * mapping functions are implemeted to hide the SID conversion details
50*b819cea2SGordon Ross  * and also hide the handling of array of batch mapping requests.
51*b819cea2SGordon Ross  */
52*b819cea2SGordon Ross 
53*b819cea2SGordon Ross #include <sys/param.h>
54*b819cea2SGordon Ross #include <sys/types.h>
55*b819cea2SGordon Ross #include <sys/tzfile.h>
56*b819cea2SGordon Ross #include <sys/atomic.h>
57*b819cea2SGordon Ross #include <sys/kidmap.h>
58*b819cea2SGordon Ross #include <sys/time.h>
59*b819cea2SGordon Ross #include <sys/spl.h>
60*b819cea2SGordon Ross #include <sys/random.h>
61*b819cea2SGordon Ross #include <smbsrv/smb_kproto.h>
62*b819cea2SGordon Ross #include <smbsrv/smb_fsops.h>
63*b819cea2SGordon Ross #include <smbsrv/smbinfo.h>
64*b819cea2SGordon Ross #include <smbsrv/smb_xdr.h>
65*b819cea2SGordon Ross #include <smbsrv/smb_vops.h>
66*b819cea2SGordon Ross #include <smbsrv/smb_idmap.h>
67*b819cea2SGordon Ross 
68*b819cea2SGordon Ross #include <sys/sid.h>
69*b819cea2SGordon Ross #include <sys/priv_names.h>
70*b819cea2SGordon Ross 
71*b819cea2SGordon Ross static int smb_idmap_batch_binsid(smb_idmap_batch_t *sib);
72*b819cea2SGordon Ross 
73*b819cea2SGordon Ross /*
74*b819cea2SGordon Ross  * smb_idmap_getsid
75*b819cea2SGordon Ross  *
76*b819cea2SGordon Ross  * Maps the given Solaris ID to a Windows SID using the
77*b819cea2SGordon Ross  * simple mapping API.
78*b819cea2SGordon Ross  */
79*b819cea2SGordon Ross idmap_stat
smb_idmap_getsid(uid_t id,int idtype,smb_sid_t ** sid)80*b819cea2SGordon Ross smb_idmap_getsid(uid_t id, int idtype, smb_sid_t **sid)
81*b819cea2SGordon Ross {
82*b819cea2SGordon Ross 	smb_idmap_t sim;
83*b819cea2SGordon Ross 
84*b819cea2SGordon Ross 	switch (idtype) {
85*b819cea2SGordon Ross 	case SMB_IDMAP_USER:
86*b819cea2SGordon Ross 		sim.sim_stat = kidmap_getsidbyuid(global_zone, id,
87*b819cea2SGordon Ross 		    (const char **)&sim.sim_domsid, &sim.sim_rid);
88*b819cea2SGordon Ross 		break;
89*b819cea2SGordon Ross 
90*b819cea2SGordon Ross 	case SMB_IDMAP_GROUP:
91*b819cea2SGordon Ross 		sim.sim_stat = kidmap_getsidbygid(global_zone, id,
92*b819cea2SGordon Ross 		    (const char **)&sim.sim_domsid, &sim.sim_rid);
93*b819cea2SGordon Ross 		break;
94*b819cea2SGordon Ross 
95*b819cea2SGordon Ross 	case SMB_IDMAP_EVERYONE:
96*b819cea2SGordon Ross 		/* Everyone S-1-1-0 */
97*b819cea2SGordon Ross 		sim.sim_domsid = "S-1-1";
98*b819cea2SGordon Ross 		sim.sim_rid = 0;
99*b819cea2SGordon Ross 		sim.sim_stat = IDMAP_SUCCESS;
100*b819cea2SGordon Ross 		break;
101*b819cea2SGordon Ross 
102*b819cea2SGordon Ross 	default:
103*b819cea2SGordon Ross 		ASSERT(0);
104*b819cea2SGordon Ross 		return (IDMAP_ERR_ARG);
105*b819cea2SGordon Ross 	}
106*b819cea2SGordon Ross 
107*b819cea2SGordon Ross 	if (sim.sim_stat != IDMAP_SUCCESS)
108*b819cea2SGordon Ross 		return (sim.sim_stat);
109*b819cea2SGordon Ross 
110*b819cea2SGordon Ross 	if (sim.sim_domsid == NULL)
111*b819cea2SGordon Ross 		return (IDMAP_ERR_NOMAPPING);
112*b819cea2SGordon Ross 
113*b819cea2SGordon Ross 	sim.sim_sid = smb_sid_fromstr(sim.sim_domsid);
114*b819cea2SGordon Ross 	if (sim.sim_sid == NULL)
115*b819cea2SGordon Ross 		return (IDMAP_ERR_INTERNAL);
116*b819cea2SGordon Ross 
117*b819cea2SGordon Ross 	*sid = smb_sid_splice(sim.sim_sid, sim.sim_rid);
118*b819cea2SGordon Ross 	smb_sid_free(sim.sim_sid);
119*b819cea2SGordon Ross 	if (*sid == NULL)
120*b819cea2SGordon Ross 		sim.sim_stat = IDMAP_ERR_INTERNAL;
121*b819cea2SGordon Ross 
122*b819cea2SGordon Ross 	return (sim.sim_stat);
123*b819cea2SGordon Ross }
124*b819cea2SGordon Ross 
125*b819cea2SGordon Ross /*
126*b819cea2SGordon Ross  * smb_idmap_getid
127*b819cea2SGordon Ross  *
128*b819cea2SGordon Ross  * Maps the given Windows SID to a Unix ID using the
129*b819cea2SGordon Ross  * simple mapping API.
130*b819cea2SGordon Ross  */
131*b819cea2SGordon Ross idmap_stat
smb_idmap_getid(smb_sid_t * sid,uid_t * id,int * idtype)132*b819cea2SGordon Ross smb_idmap_getid(smb_sid_t *sid, uid_t *id, int *idtype)
133*b819cea2SGordon Ross {
134*b819cea2SGordon Ross 	smb_idmap_t sim;
135*b819cea2SGordon Ross 	char sidstr[SMB_SID_STRSZ];
136*b819cea2SGordon Ross 
137*b819cea2SGordon Ross 	smb_sid_tostr(sid, sidstr);
138*b819cea2SGordon Ross 	if (smb_sid_splitstr(sidstr, &sim.sim_rid) != 0)
139*b819cea2SGordon Ross 		return (IDMAP_ERR_SID);
140*b819cea2SGordon Ross 	sim.sim_domsid = sidstr;
141*b819cea2SGordon Ross 	sim.sim_id = id;
142*b819cea2SGordon Ross 
143*b819cea2SGordon Ross 	switch (*idtype) {
144*b819cea2SGordon Ross 	case SMB_IDMAP_USER:
145*b819cea2SGordon Ross 		sim.sim_stat = kidmap_getuidbysid(global_zone, sim.sim_domsid,
146*b819cea2SGordon Ross 		    sim.sim_rid, sim.sim_id);
147*b819cea2SGordon Ross 		break;
148*b819cea2SGordon Ross 
149*b819cea2SGordon Ross 	case SMB_IDMAP_GROUP:
150*b819cea2SGordon Ross 		sim.sim_stat = kidmap_getgidbysid(global_zone, sim.sim_domsid,
151*b819cea2SGordon Ross 		    sim.sim_rid, sim.sim_id);
152*b819cea2SGordon Ross 		break;
153*b819cea2SGordon Ross 
154*b819cea2SGordon Ross 	case SMB_IDMAP_UNKNOWN:
155*b819cea2SGordon Ross 		sim.sim_stat = kidmap_getpidbysid(global_zone, sim.sim_domsid,
156*b819cea2SGordon Ross 		    sim.sim_rid, sim.sim_id, &sim.sim_idtype);
157*b819cea2SGordon Ross 		break;
158*b819cea2SGordon Ross 
159*b819cea2SGordon Ross 	default:
160*b819cea2SGordon Ross 		ASSERT(0);
161*b819cea2SGordon Ross 		return (IDMAP_ERR_ARG);
162*b819cea2SGordon Ross 	}
163*b819cea2SGordon Ross 
164*b819cea2SGordon Ross 	*idtype = sim.sim_idtype;
165*b819cea2SGordon Ross 
166*b819cea2SGordon Ross 	return (sim.sim_stat);
167*b819cea2SGordon Ross }
168*b819cea2SGordon Ross 
169*b819cea2SGordon Ross /*
170*b819cea2SGordon Ross  * smb_idmap_batch_create
171*b819cea2SGordon Ross  *
172*b819cea2SGordon Ross  * Creates and initializes the context for batch ID mapping.
173*b819cea2SGordon Ross  */
174*b819cea2SGordon Ross idmap_stat
smb_idmap_batch_create(smb_idmap_batch_t * sib,uint16_t nmap,int flags)175*b819cea2SGordon Ross smb_idmap_batch_create(smb_idmap_batch_t *sib, uint16_t nmap, int flags)
176*b819cea2SGordon Ross {
177*b819cea2SGordon Ross 	ASSERT(sib);
178*b819cea2SGordon Ross 
179*b819cea2SGordon Ross 	bzero(sib, sizeof (smb_idmap_batch_t));
180*b819cea2SGordon Ross 
181*b819cea2SGordon Ross 	sib->sib_idmaph = kidmap_get_create(global_zone);
182*b819cea2SGordon Ross 
183*b819cea2SGordon Ross 	sib->sib_flags = flags;
184*b819cea2SGordon Ross 	sib->sib_nmap = nmap;
185*b819cea2SGordon Ross 	sib->sib_size = nmap * sizeof (smb_idmap_t);
186*b819cea2SGordon Ross 	sib->sib_maps = kmem_zalloc(sib->sib_size, KM_SLEEP);
187*b819cea2SGordon Ross 
188*b819cea2SGordon Ross 	return (IDMAP_SUCCESS);
189*b819cea2SGordon Ross }
190*b819cea2SGordon Ross 
191*b819cea2SGordon Ross /*
192*b819cea2SGordon Ross  * smb_idmap_batch_destroy
193*b819cea2SGordon Ross  *
194*b819cea2SGordon Ross  * Frees the batch ID mapping context.
195*b819cea2SGordon Ross  * If ID mapping is Solaris -> Windows it frees memories
196*b819cea2SGordon Ross  * allocated for binary SIDs.
197*b819cea2SGordon Ross  */
198*b819cea2SGordon Ross void
smb_idmap_batch_destroy(smb_idmap_batch_t * sib)199*b819cea2SGordon Ross smb_idmap_batch_destroy(smb_idmap_batch_t *sib)
200*b819cea2SGordon Ross {
201*b819cea2SGordon Ross 	char *domsid;
202*b819cea2SGordon Ross 	int i;
203*b819cea2SGordon Ross 
204*b819cea2SGordon Ross 	ASSERT(sib);
205*b819cea2SGordon Ross 	ASSERT(sib->sib_maps);
206*b819cea2SGordon Ross 
207*b819cea2SGordon Ross 	if (sib->sib_idmaph)
208*b819cea2SGordon Ross 		kidmap_get_destroy(sib->sib_idmaph);
209*b819cea2SGordon Ross 
210*b819cea2SGordon Ross 	if (sib->sib_flags & SMB_IDMAP_ID2SID) {
211*b819cea2SGordon Ross 		/*
212*b819cea2SGordon Ross 		 * SIDs are allocated only when mapping
213*b819cea2SGordon Ross 		 * UID/GID to SIDs
214*b819cea2SGordon Ross 		 */
215*b819cea2SGordon Ross 		for (i = 0; i < sib->sib_nmap; i++)
216*b819cea2SGordon Ross 			smb_sid_free(sib->sib_maps[i].sim_sid);
217*b819cea2SGordon Ross 	} else if (sib->sib_flags & SMB_IDMAP_SID2ID) {
218*b819cea2SGordon Ross 		/*
219*b819cea2SGordon Ross 		 * SID prefixes are allocated only when mapping
220*b819cea2SGordon Ross 		 * SIDs to UID/GID
221*b819cea2SGordon Ross 		 */
222*b819cea2SGordon Ross 		for (i = 0; i < sib->sib_nmap; i++) {
223*b819cea2SGordon Ross 			domsid = sib->sib_maps[i].sim_domsid;
224*b819cea2SGordon Ross 			if (domsid)
225*b819cea2SGordon Ross 				smb_mem_free(domsid);
226*b819cea2SGordon Ross 		}
227*b819cea2SGordon Ross 	}
228*b819cea2SGordon Ross 
229*b819cea2SGordon Ross 	if (sib->sib_size && sib->sib_maps)
230*b819cea2SGordon Ross 		kmem_free(sib->sib_maps, sib->sib_size);
231*b819cea2SGordon Ross }
232*b819cea2SGordon Ross 
233*b819cea2SGordon Ross /*
234*b819cea2SGordon Ross  * smb_idmap_batch_getid
235*b819cea2SGordon Ross  *
236*b819cea2SGordon Ross  * Queue a request to map the given SID to a UID or GID.
237*b819cea2SGordon Ross  *
238*b819cea2SGordon Ross  * sim->sim_id should point to variable that's supposed to
239*b819cea2SGordon Ross  * hold the returned UID/GID. This needs to be setup by caller
240*b819cea2SGordon Ross  * of this function.
241*b819cea2SGordon Ross  *
242*b819cea2SGordon Ross  * If requested ID type is known, it's passed as 'idtype',
243*b819cea2SGordon Ross  * if it's unknown it'll be returned in sim->sim_idtype.
244*b819cea2SGordon Ross  */
245*b819cea2SGordon Ross idmap_stat
smb_idmap_batch_getid(idmap_get_handle_t * idmaph,smb_idmap_t * sim,smb_sid_t * sid,int idtype)246*b819cea2SGordon Ross smb_idmap_batch_getid(idmap_get_handle_t *idmaph, smb_idmap_t *sim,
247*b819cea2SGordon Ross     smb_sid_t *sid, int idtype)
248*b819cea2SGordon Ross {
249*b819cea2SGordon Ross 	char strsid[SMB_SID_STRSZ];
250*b819cea2SGordon Ross 	idmap_stat idm_stat;
251*b819cea2SGordon Ross 
252*b819cea2SGordon Ross 	ASSERT(idmaph);
253*b819cea2SGordon Ross 	ASSERT(sim);
254*b819cea2SGordon Ross 	ASSERT(sid);
255*b819cea2SGordon Ross 
256*b819cea2SGordon Ross 	smb_sid_tostr(sid, strsid);
257*b819cea2SGordon Ross 	if (smb_sid_splitstr(strsid, &sim->sim_rid) != 0)
258*b819cea2SGordon Ross 		return (IDMAP_ERR_SID);
259*b819cea2SGordon Ross 	sim->sim_domsid = smb_mem_strdup(strsid);
260*b819cea2SGordon Ross 
261*b819cea2SGordon Ross 	switch (idtype) {
262*b819cea2SGordon Ross 	case SMB_IDMAP_USER:
263*b819cea2SGordon Ross 		idm_stat = kidmap_batch_getuidbysid(idmaph, sim->sim_domsid,
264*b819cea2SGordon Ross 		    sim->sim_rid, sim->sim_id, &sim->sim_stat);
265*b819cea2SGordon Ross 		break;
266*b819cea2SGordon Ross 
267*b819cea2SGordon Ross 	case SMB_IDMAP_GROUP:
268*b819cea2SGordon Ross 		idm_stat = kidmap_batch_getgidbysid(idmaph, sim->sim_domsid,
269*b819cea2SGordon Ross 		    sim->sim_rid, sim->sim_id, &sim->sim_stat);
270*b819cea2SGordon Ross 		break;
271*b819cea2SGordon Ross 
272*b819cea2SGordon Ross 	case SMB_IDMAP_UNKNOWN:
273*b819cea2SGordon Ross 		idm_stat = kidmap_batch_getpidbysid(idmaph, sim->sim_domsid,
274*b819cea2SGordon Ross 		    sim->sim_rid, sim->sim_id, &sim->sim_idtype,
275*b819cea2SGordon Ross 		    &sim->sim_stat);
276*b819cea2SGordon Ross 		break;
277*b819cea2SGordon Ross 
278*b819cea2SGordon Ross 	default:
279*b819cea2SGordon Ross 		ASSERT(0);
280*b819cea2SGordon Ross 		return (IDMAP_ERR_ARG);
281*b819cea2SGordon Ross 	}
282*b819cea2SGordon Ross 
283*b819cea2SGordon Ross 	return (idm_stat);
284*b819cea2SGordon Ross }
285*b819cea2SGordon Ross 
286*b819cea2SGordon Ross /*
287*b819cea2SGordon Ross  * smb_idmap_batch_getsid
288*b819cea2SGordon Ross  *
289*b819cea2SGordon Ross  * Queue a request to map the given UID/GID to a SID.
290*b819cea2SGordon Ross  *
291*b819cea2SGordon Ross  * sim->sim_domsid and sim->sim_rid will contain the mapping
292*b819cea2SGordon Ross  * result upon successful process of the batched request.
293*b819cea2SGordon Ross  */
294*b819cea2SGordon Ross idmap_stat
smb_idmap_batch_getsid(idmap_get_handle_t * idmaph,smb_idmap_t * sim,uid_t id,int idtype)295*b819cea2SGordon Ross smb_idmap_batch_getsid(idmap_get_handle_t *idmaph, smb_idmap_t *sim,
296*b819cea2SGordon Ross     uid_t id, int idtype)
297*b819cea2SGordon Ross {
298*b819cea2SGordon Ross 	idmap_stat idm_stat;
299*b819cea2SGordon Ross 
300*b819cea2SGordon Ross 	switch (idtype) {
301*b819cea2SGordon Ross 	case SMB_IDMAP_USER:
302*b819cea2SGordon Ross 		idm_stat = kidmap_batch_getsidbyuid(idmaph, id,
303*b819cea2SGordon Ross 		    (const char **)&sim->sim_domsid, &sim->sim_rid,
304*b819cea2SGordon Ross 		    &sim->sim_stat);
305*b819cea2SGordon Ross 		break;
306*b819cea2SGordon Ross 
307*b819cea2SGordon Ross 	case SMB_IDMAP_GROUP:
308*b819cea2SGordon Ross 		idm_stat = kidmap_batch_getsidbygid(idmaph, id,
309*b819cea2SGordon Ross 		    (const char **)&sim->sim_domsid, &sim->sim_rid,
310*b819cea2SGordon Ross 		    &sim->sim_stat);
311*b819cea2SGordon Ross 		break;
312*b819cea2SGordon Ross 
313*b819cea2SGordon Ross 	case SMB_IDMAP_OWNERAT:
314*b819cea2SGordon Ross 		/* Current Owner S-1-5-32-766 */
315*b819cea2SGordon Ross 		sim->sim_domsid = NT_BUILTIN_DOMAIN_SIDSTR;
316*b819cea2SGordon Ross 		sim->sim_rid = SECURITY_CURRENT_OWNER_RID;
317*b819cea2SGordon Ross 		sim->sim_stat = IDMAP_SUCCESS;
318*b819cea2SGordon Ross 		idm_stat = IDMAP_SUCCESS;
319*b819cea2SGordon Ross 		break;
320*b819cea2SGordon Ross 
321*b819cea2SGordon Ross 	case SMB_IDMAP_GROUPAT:
322*b819cea2SGordon Ross 		/* Current Group S-1-5-32-767 */
323*b819cea2SGordon Ross 		sim->sim_domsid = NT_BUILTIN_DOMAIN_SIDSTR;
324*b819cea2SGordon Ross 		sim->sim_rid = SECURITY_CURRENT_GROUP_RID;
325*b819cea2SGordon Ross 		sim->sim_stat = IDMAP_SUCCESS;
326*b819cea2SGordon Ross 		idm_stat = IDMAP_SUCCESS;
327*b819cea2SGordon Ross 		break;
328*b819cea2SGordon Ross 
329*b819cea2SGordon Ross 	case SMB_IDMAP_EVERYONE:
330*b819cea2SGordon Ross 		/* Everyone S-1-1-0 */
331*b819cea2SGordon Ross 		sim->sim_domsid = NT_WORLD_AUTH_SIDSTR;
332*b819cea2SGordon Ross 		sim->sim_rid = 0;
333*b819cea2SGordon Ross 		sim->sim_stat = IDMAP_SUCCESS;
334*b819cea2SGordon Ross 		idm_stat = IDMAP_SUCCESS;
335*b819cea2SGordon Ross 		break;
336*b819cea2SGordon Ross 
337*b819cea2SGordon Ross 	default:
338*b819cea2SGordon Ross 		ASSERT(0);
339*b819cea2SGordon Ross 		return (IDMAP_ERR_ARG);
340*b819cea2SGordon Ross 	}
341*b819cea2SGordon Ross 
342*b819cea2SGordon Ross 	return (idm_stat);
343*b819cea2SGordon Ross }
344*b819cea2SGordon Ross 
345*b819cea2SGordon Ross /*
346*b819cea2SGordon Ross  * smb_idmap_batch_getmappings
347*b819cea2SGordon Ross  *
348*b819cea2SGordon Ross  * trigger ID mapping service to get the mappings for queued
349*b819cea2SGordon Ross  * requests.
350*b819cea2SGordon Ross  *
351*b819cea2SGordon Ross  * Checks the result of all the queued requests.
352*b819cea2SGordon Ross  * If this is a Solaris -> Windows mapping it generates
353*b819cea2SGordon Ross  * binary SIDs from returned (domsid, rid) pairs.
354*b819cea2SGordon Ross  */
355*b819cea2SGordon Ross idmap_stat
smb_idmap_batch_getmappings(smb_idmap_batch_t * sib)356*b819cea2SGordon Ross smb_idmap_batch_getmappings(smb_idmap_batch_t *sib)
357*b819cea2SGordon Ross {
358*b819cea2SGordon Ross 	idmap_stat idm_stat = IDMAP_SUCCESS;
359*b819cea2SGordon Ross 	int i;
360*b819cea2SGordon Ross 
361*b819cea2SGordon Ross 	idm_stat = kidmap_get_mappings(sib->sib_idmaph);
362*b819cea2SGordon Ross 	if (idm_stat != IDMAP_SUCCESS)
363*b819cea2SGordon Ross 		return (idm_stat);
364*b819cea2SGordon Ross 
365*b819cea2SGordon Ross 	/*
366*b819cea2SGordon Ross 	 * Check the status for all the queued requests
367*b819cea2SGordon Ross 	 */
368*b819cea2SGordon Ross 	for (i = 0; i < sib->sib_nmap; i++) {
369*b819cea2SGordon Ross 		if (sib->sib_maps[i].sim_stat != IDMAP_SUCCESS)
370*b819cea2SGordon Ross 			return (sib->sib_maps[i].sim_stat);
371*b819cea2SGordon Ross 	}
372*b819cea2SGordon Ross 
373*b819cea2SGordon Ross 	if (smb_idmap_batch_binsid(sib) != 0)
374*b819cea2SGordon Ross 		idm_stat = IDMAP_ERR_OTHER;
375*b819cea2SGordon Ross 
376*b819cea2SGordon Ross 	return (idm_stat);
377*b819cea2SGordon Ross }
378*b819cea2SGordon Ross 
379*b819cea2SGordon Ross /*
380*b819cea2SGordon Ross  * smb_idmap_batch_binsid
381*b819cea2SGordon Ross  *
382*b819cea2SGordon Ross  * Convert sidrids to binary sids
383*b819cea2SGordon Ross  *
384*b819cea2SGordon Ross  * Returns 0 if successful and non-zero upon failure.
385*b819cea2SGordon Ross  */
386*b819cea2SGordon Ross static int
smb_idmap_batch_binsid(smb_idmap_batch_t * sib)387*b819cea2SGordon Ross smb_idmap_batch_binsid(smb_idmap_batch_t *sib)
388*b819cea2SGordon Ross {
389*b819cea2SGordon Ross 	smb_sid_t *sid;
390*b819cea2SGordon Ross 	smb_idmap_t *sim;
391*b819cea2SGordon Ross 	int i;
392*b819cea2SGordon Ross 
393*b819cea2SGordon Ross 	if (sib->sib_flags & SMB_IDMAP_SID2ID)
394*b819cea2SGordon Ross 		/* This operation is not required */
395*b819cea2SGordon Ross 		return (0);
396*b819cea2SGordon Ross 
397*b819cea2SGordon Ross 	sim = sib->sib_maps;
398*b819cea2SGordon Ross 	for (i = 0; i < sib->sib_nmap; sim++, i++) {
399*b819cea2SGordon Ross 		ASSERT(sim->sim_domsid);
400*b819cea2SGordon Ross 		if (sim->sim_domsid == NULL)
401*b819cea2SGordon Ross 			return (1);
402*b819cea2SGordon Ross 
403*b819cea2SGordon Ross 		if ((sid = smb_sid_fromstr(sim->sim_domsid)) == NULL)
404*b819cea2SGordon Ross 			return (1);
405*b819cea2SGordon Ross 
406*b819cea2SGordon Ross 		sim->sim_sid = smb_sid_splice(sid, sim->sim_rid);
407*b819cea2SGordon Ross 		smb_sid_free(sid);
408*b819cea2SGordon Ross 	}
409*b819cea2SGordon Ross 
410*b819cea2SGordon Ross 	return (0);
411*b819cea2SGordon Ross }
412