1*b819cea2SGordon Ross /* 2*b819cea2SGordon Ross * CDDL HEADER START 3*b819cea2SGordon Ross * 4*b819cea2SGordon Ross * The contents of this file are subject to the terms of the 5*b819cea2SGordon Ross * Common Development and Distribution License (the "License"). 6*b819cea2SGordon Ross * You may not use this file except in compliance with the License. 7*b819cea2SGordon Ross * 8*b819cea2SGordon Ross * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*b819cea2SGordon Ross * or http://www.opensolaris.org/os/licensing. 10*b819cea2SGordon Ross * See the License for the specific language governing permissions 11*b819cea2SGordon Ross * and limitations under the License. 12*b819cea2SGordon Ross * 13*b819cea2SGordon Ross * When distributing Covered Code, include this CDDL HEADER in each 14*b819cea2SGordon Ross * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*b819cea2SGordon Ross * If applicable, add the following below this CDDL HEADER, with the 16*b819cea2SGordon Ross * fields enclosed by brackets "[]" replaced with your own identifying 17*b819cea2SGordon Ross * information: Portions Copyright [yyyy] [name of copyright owner] 18*b819cea2SGordon Ross * 19*b819cea2SGordon Ross * CDDL HEADER END 20*b819cea2SGordon Ross */ 21*b819cea2SGordon Ross /* 22*b819cea2SGordon Ross * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23*b819cea2SGordon Ross * Copyright 2013 Nexenta Systems, Inc. All rights reserved. 24*b819cea2SGordon Ross */ 25*b819cea2SGordon Ross 26*b819cea2SGordon Ross /* 27*b819cea2SGordon Ross * SMB server interface to idmap 28*b819cea2SGordon Ross * (smb_idmap_get..., smb_idmap_batch_...) 29*b819cea2SGordon Ross * 30*b819cea2SGordon Ross * There are three implementations of this interface: 31*b819cea2SGordon Ross * uts/common/fs/smbsrv/smb_idmap.c (smbsrv kmod) 32*b819cea2SGordon Ross * lib/smbsrv/libfksmbsrv/common/fksmb_idmap.c (libfksmbsrv) 33*b819cea2SGordon Ross * lib/smbsrv/libsmb/common/smb_idmap.c (libsmb) 34*b819cea2SGordon Ross * 35*b819cea2SGordon Ross * There are enough differences (relative to the code size) 36*b819cea2SGordon Ross * that it's more trouble than it's worth to merge them. 37*b819cea2SGordon Ross * 38*b819cea2SGordon Ross * This one differs from the others in that it: 39*b819cea2SGordon Ross * calls kernel (kidmap_...) interfaces 40*b819cea2SGordon Ross * domain SIDs are shared, not strdup'ed 41*b819cea2SGordon Ross */ 42*b819cea2SGordon Ross 43*b819cea2SGordon Ross /* 44*b819cea2SGordon Ross * SMB ID mapping 45*b819cea2SGordon Ross * 46*b819cea2SGordon Ross * Solaris ID mapping service (aka Winchester) works with domain SIDs 47*b819cea2SGordon Ross * and RIDs where domain SIDs are in string format. CIFS service works 48*b819cea2SGordon Ross * with binary SIDs understandable by CIFS clients. A layer of SMB ID 49*b819cea2SGordon Ross * mapping functions are implemeted to hide the SID conversion details 50*b819cea2SGordon Ross * and also hide the handling of array of batch mapping requests. 51*b819cea2SGordon Ross */ 52*b819cea2SGordon Ross 53*b819cea2SGordon Ross #include <sys/param.h> 54*b819cea2SGordon Ross #include <sys/types.h> 55*b819cea2SGordon Ross #include <sys/tzfile.h> 56*b819cea2SGordon Ross #include <sys/atomic.h> 57*b819cea2SGordon Ross #include <sys/kidmap.h> 58*b819cea2SGordon Ross #include <sys/time.h> 59*b819cea2SGordon Ross #include <sys/spl.h> 60*b819cea2SGordon Ross #include <sys/random.h> 61*b819cea2SGordon Ross #include <smbsrv/smb_kproto.h> 62*b819cea2SGordon Ross #include <smbsrv/smb_fsops.h> 63*b819cea2SGordon Ross #include <smbsrv/smbinfo.h> 64*b819cea2SGordon Ross #include <smbsrv/smb_xdr.h> 65*b819cea2SGordon Ross #include <smbsrv/smb_vops.h> 66*b819cea2SGordon Ross #include <smbsrv/smb_idmap.h> 67*b819cea2SGordon Ross 68*b819cea2SGordon Ross #include <sys/sid.h> 69*b819cea2SGordon Ross #include <sys/priv_names.h> 70*b819cea2SGordon Ross 71*b819cea2SGordon Ross static int smb_idmap_batch_binsid(smb_idmap_batch_t *sib); 72*b819cea2SGordon Ross 73*b819cea2SGordon Ross /* 74*b819cea2SGordon Ross * smb_idmap_getsid 75*b819cea2SGordon Ross * 76*b819cea2SGordon Ross * Maps the given Solaris ID to a Windows SID using the 77*b819cea2SGordon Ross * simple mapping API. 78*b819cea2SGordon Ross */ 79*b819cea2SGordon Ross idmap_stat 80*b819cea2SGordon Ross smb_idmap_getsid(uid_t id, int idtype, smb_sid_t **sid) 81*b819cea2SGordon Ross { 82*b819cea2SGordon Ross smb_idmap_t sim; 83*b819cea2SGordon Ross 84*b819cea2SGordon Ross switch (idtype) { 85*b819cea2SGordon Ross case SMB_IDMAP_USER: 86*b819cea2SGordon Ross sim.sim_stat = kidmap_getsidbyuid(global_zone, id, 87*b819cea2SGordon Ross (const char **)&sim.sim_domsid, &sim.sim_rid); 88*b819cea2SGordon Ross break; 89*b819cea2SGordon Ross 90*b819cea2SGordon Ross case SMB_IDMAP_GROUP: 91*b819cea2SGordon Ross sim.sim_stat = kidmap_getsidbygid(global_zone, id, 92*b819cea2SGordon Ross (const char **)&sim.sim_domsid, &sim.sim_rid); 93*b819cea2SGordon Ross break; 94*b819cea2SGordon Ross 95*b819cea2SGordon Ross case SMB_IDMAP_EVERYONE: 96*b819cea2SGordon Ross /* Everyone S-1-1-0 */ 97*b819cea2SGordon Ross sim.sim_domsid = "S-1-1"; 98*b819cea2SGordon Ross sim.sim_rid = 0; 99*b819cea2SGordon Ross sim.sim_stat = IDMAP_SUCCESS; 100*b819cea2SGordon Ross break; 101*b819cea2SGordon Ross 102*b819cea2SGordon Ross default: 103*b819cea2SGordon Ross ASSERT(0); 104*b819cea2SGordon Ross return (IDMAP_ERR_ARG); 105*b819cea2SGordon Ross } 106*b819cea2SGordon Ross 107*b819cea2SGordon Ross if (sim.sim_stat != IDMAP_SUCCESS) 108*b819cea2SGordon Ross return (sim.sim_stat); 109*b819cea2SGordon Ross 110*b819cea2SGordon Ross if (sim.sim_domsid == NULL) 111*b819cea2SGordon Ross return (IDMAP_ERR_NOMAPPING); 112*b819cea2SGordon Ross 113*b819cea2SGordon Ross sim.sim_sid = smb_sid_fromstr(sim.sim_domsid); 114*b819cea2SGordon Ross if (sim.sim_sid == NULL) 115*b819cea2SGordon Ross return (IDMAP_ERR_INTERNAL); 116*b819cea2SGordon Ross 117*b819cea2SGordon Ross *sid = smb_sid_splice(sim.sim_sid, sim.sim_rid); 118*b819cea2SGordon Ross smb_sid_free(sim.sim_sid); 119*b819cea2SGordon Ross if (*sid == NULL) 120*b819cea2SGordon Ross sim.sim_stat = IDMAP_ERR_INTERNAL; 121*b819cea2SGordon Ross 122*b819cea2SGordon Ross return (sim.sim_stat); 123*b819cea2SGordon Ross } 124*b819cea2SGordon Ross 125*b819cea2SGordon Ross /* 126*b819cea2SGordon Ross * smb_idmap_getid 127*b819cea2SGordon Ross * 128*b819cea2SGordon Ross * Maps the given Windows SID to a Unix ID using the 129*b819cea2SGordon Ross * simple mapping API. 130*b819cea2SGordon Ross */ 131*b819cea2SGordon Ross idmap_stat 132*b819cea2SGordon Ross smb_idmap_getid(smb_sid_t *sid, uid_t *id, int *idtype) 133*b819cea2SGordon Ross { 134*b819cea2SGordon Ross smb_idmap_t sim; 135*b819cea2SGordon Ross char sidstr[SMB_SID_STRSZ]; 136*b819cea2SGordon Ross 137*b819cea2SGordon Ross smb_sid_tostr(sid, sidstr); 138*b819cea2SGordon Ross if (smb_sid_splitstr(sidstr, &sim.sim_rid) != 0) 139*b819cea2SGordon Ross return (IDMAP_ERR_SID); 140*b819cea2SGordon Ross sim.sim_domsid = sidstr; 141*b819cea2SGordon Ross sim.sim_id = id; 142*b819cea2SGordon Ross 143*b819cea2SGordon Ross switch (*idtype) { 144*b819cea2SGordon Ross case SMB_IDMAP_USER: 145*b819cea2SGordon Ross sim.sim_stat = kidmap_getuidbysid(global_zone, sim.sim_domsid, 146*b819cea2SGordon Ross sim.sim_rid, sim.sim_id); 147*b819cea2SGordon Ross break; 148*b819cea2SGordon Ross 149*b819cea2SGordon Ross case SMB_IDMAP_GROUP: 150*b819cea2SGordon Ross sim.sim_stat = kidmap_getgidbysid(global_zone, sim.sim_domsid, 151*b819cea2SGordon Ross sim.sim_rid, sim.sim_id); 152*b819cea2SGordon Ross break; 153*b819cea2SGordon Ross 154*b819cea2SGordon Ross case SMB_IDMAP_UNKNOWN: 155*b819cea2SGordon Ross sim.sim_stat = kidmap_getpidbysid(global_zone, sim.sim_domsid, 156*b819cea2SGordon Ross sim.sim_rid, sim.sim_id, &sim.sim_idtype); 157*b819cea2SGordon Ross break; 158*b819cea2SGordon Ross 159*b819cea2SGordon Ross default: 160*b819cea2SGordon Ross ASSERT(0); 161*b819cea2SGordon Ross return (IDMAP_ERR_ARG); 162*b819cea2SGordon Ross } 163*b819cea2SGordon Ross 164*b819cea2SGordon Ross *idtype = sim.sim_idtype; 165*b819cea2SGordon Ross 166*b819cea2SGordon Ross return (sim.sim_stat); 167*b819cea2SGordon Ross } 168*b819cea2SGordon Ross 169*b819cea2SGordon Ross /* 170*b819cea2SGordon Ross * smb_idmap_batch_create 171*b819cea2SGordon Ross * 172*b819cea2SGordon Ross * Creates and initializes the context for batch ID mapping. 173*b819cea2SGordon Ross */ 174*b819cea2SGordon Ross idmap_stat 175*b819cea2SGordon Ross smb_idmap_batch_create(smb_idmap_batch_t *sib, uint16_t nmap, int flags) 176*b819cea2SGordon Ross { 177*b819cea2SGordon Ross ASSERT(sib); 178*b819cea2SGordon Ross 179*b819cea2SGordon Ross bzero(sib, sizeof (smb_idmap_batch_t)); 180*b819cea2SGordon Ross 181*b819cea2SGordon Ross sib->sib_idmaph = kidmap_get_create(global_zone); 182*b819cea2SGordon Ross 183*b819cea2SGordon Ross sib->sib_flags = flags; 184*b819cea2SGordon Ross sib->sib_nmap = nmap; 185*b819cea2SGordon Ross sib->sib_size = nmap * sizeof (smb_idmap_t); 186*b819cea2SGordon Ross sib->sib_maps = kmem_zalloc(sib->sib_size, KM_SLEEP); 187*b819cea2SGordon Ross 188*b819cea2SGordon Ross return (IDMAP_SUCCESS); 189*b819cea2SGordon Ross } 190*b819cea2SGordon Ross 191*b819cea2SGordon Ross /* 192*b819cea2SGordon Ross * smb_idmap_batch_destroy 193*b819cea2SGordon Ross * 194*b819cea2SGordon Ross * Frees the batch ID mapping context. 195*b819cea2SGordon Ross * If ID mapping is Solaris -> Windows it frees memories 196*b819cea2SGordon Ross * allocated for binary SIDs. 197*b819cea2SGordon Ross */ 198*b819cea2SGordon Ross void 199*b819cea2SGordon Ross smb_idmap_batch_destroy(smb_idmap_batch_t *sib) 200*b819cea2SGordon Ross { 201*b819cea2SGordon Ross char *domsid; 202*b819cea2SGordon Ross int i; 203*b819cea2SGordon Ross 204*b819cea2SGordon Ross ASSERT(sib); 205*b819cea2SGordon Ross ASSERT(sib->sib_maps); 206*b819cea2SGordon Ross 207*b819cea2SGordon Ross if (sib->sib_idmaph) 208*b819cea2SGordon Ross kidmap_get_destroy(sib->sib_idmaph); 209*b819cea2SGordon Ross 210*b819cea2SGordon Ross if (sib->sib_flags & SMB_IDMAP_ID2SID) { 211*b819cea2SGordon Ross /* 212*b819cea2SGordon Ross * SIDs are allocated only when mapping 213*b819cea2SGordon Ross * UID/GID to SIDs 214*b819cea2SGordon Ross */ 215*b819cea2SGordon Ross for (i = 0; i < sib->sib_nmap; i++) 216*b819cea2SGordon Ross smb_sid_free(sib->sib_maps[i].sim_sid); 217*b819cea2SGordon Ross } else if (sib->sib_flags & SMB_IDMAP_SID2ID) { 218*b819cea2SGordon Ross /* 219*b819cea2SGordon Ross * SID prefixes are allocated only when mapping 220*b819cea2SGordon Ross * SIDs to UID/GID 221*b819cea2SGordon Ross */ 222*b819cea2SGordon Ross for (i = 0; i < sib->sib_nmap; i++) { 223*b819cea2SGordon Ross domsid = sib->sib_maps[i].sim_domsid; 224*b819cea2SGordon Ross if (domsid) 225*b819cea2SGordon Ross smb_mem_free(domsid); 226*b819cea2SGordon Ross } 227*b819cea2SGordon Ross } 228*b819cea2SGordon Ross 229*b819cea2SGordon Ross if (sib->sib_size && sib->sib_maps) 230*b819cea2SGordon Ross kmem_free(sib->sib_maps, sib->sib_size); 231*b819cea2SGordon Ross } 232*b819cea2SGordon Ross 233*b819cea2SGordon Ross /* 234*b819cea2SGordon Ross * smb_idmap_batch_getid 235*b819cea2SGordon Ross * 236*b819cea2SGordon Ross * Queue a request to map the given SID to a UID or GID. 237*b819cea2SGordon Ross * 238*b819cea2SGordon Ross * sim->sim_id should point to variable that's supposed to 239*b819cea2SGordon Ross * hold the returned UID/GID. This needs to be setup by caller 240*b819cea2SGordon Ross * of this function. 241*b819cea2SGordon Ross * 242*b819cea2SGordon Ross * If requested ID type is known, it's passed as 'idtype', 243*b819cea2SGordon Ross * if it's unknown it'll be returned in sim->sim_idtype. 244*b819cea2SGordon Ross */ 245*b819cea2SGordon Ross idmap_stat 246*b819cea2SGordon Ross smb_idmap_batch_getid(idmap_get_handle_t *idmaph, smb_idmap_t *sim, 247*b819cea2SGordon Ross smb_sid_t *sid, int idtype) 248*b819cea2SGordon Ross { 249*b819cea2SGordon Ross char strsid[SMB_SID_STRSZ]; 250*b819cea2SGordon Ross idmap_stat idm_stat; 251*b819cea2SGordon Ross 252*b819cea2SGordon Ross ASSERT(idmaph); 253*b819cea2SGordon Ross ASSERT(sim); 254*b819cea2SGordon Ross ASSERT(sid); 255*b819cea2SGordon Ross 256*b819cea2SGordon Ross smb_sid_tostr(sid, strsid); 257*b819cea2SGordon Ross if (smb_sid_splitstr(strsid, &sim->sim_rid) != 0) 258*b819cea2SGordon Ross return (IDMAP_ERR_SID); 259*b819cea2SGordon Ross sim->sim_domsid = smb_mem_strdup(strsid); 260*b819cea2SGordon Ross 261*b819cea2SGordon Ross switch (idtype) { 262*b819cea2SGordon Ross case SMB_IDMAP_USER: 263*b819cea2SGordon Ross idm_stat = kidmap_batch_getuidbysid(idmaph, sim->sim_domsid, 264*b819cea2SGordon Ross sim->sim_rid, sim->sim_id, &sim->sim_stat); 265*b819cea2SGordon Ross break; 266*b819cea2SGordon Ross 267*b819cea2SGordon Ross case SMB_IDMAP_GROUP: 268*b819cea2SGordon Ross idm_stat = kidmap_batch_getgidbysid(idmaph, sim->sim_domsid, 269*b819cea2SGordon Ross sim->sim_rid, sim->sim_id, &sim->sim_stat); 270*b819cea2SGordon Ross break; 271*b819cea2SGordon Ross 272*b819cea2SGordon Ross case SMB_IDMAP_UNKNOWN: 273*b819cea2SGordon Ross idm_stat = kidmap_batch_getpidbysid(idmaph, sim->sim_domsid, 274*b819cea2SGordon Ross sim->sim_rid, sim->sim_id, &sim->sim_idtype, 275*b819cea2SGordon Ross &sim->sim_stat); 276*b819cea2SGordon Ross break; 277*b819cea2SGordon Ross 278*b819cea2SGordon Ross default: 279*b819cea2SGordon Ross ASSERT(0); 280*b819cea2SGordon Ross return (IDMAP_ERR_ARG); 281*b819cea2SGordon Ross } 282*b819cea2SGordon Ross 283*b819cea2SGordon Ross return (idm_stat); 284*b819cea2SGordon Ross } 285*b819cea2SGordon Ross 286*b819cea2SGordon Ross /* 287*b819cea2SGordon Ross * smb_idmap_batch_getsid 288*b819cea2SGordon Ross * 289*b819cea2SGordon Ross * Queue a request to map the given UID/GID to a SID. 290*b819cea2SGordon Ross * 291*b819cea2SGordon Ross * sim->sim_domsid and sim->sim_rid will contain the mapping 292*b819cea2SGordon Ross * result upon successful process of the batched request. 293*b819cea2SGordon Ross */ 294*b819cea2SGordon Ross idmap_stat 295*b819cea2SGordon Ross smb_idmap_batch_getsid(idmap_get_handle_t *idmaph, smb_idmap_t *sim, 296*b819cea2SGordon Ross uid_t id, int idtype) 297*b819cea2SGordon Ross { 298*b819cea2SGordon Ross idmap_stat idm_stat; 299*b819cea2SGordon Ross 300*b819cea2SGordon Ross switch (idtype) { 301*b819cea2SGordon Ross case SMB_IDMAP_USER: 302*b819cea2SGordon Ross idm_stat = kidmap_batch_getsidbyuid(idmaph, id, 303*b819cea2SGordon Ross (const char **)&sim->sim_domsid, &sim->sim_rid, 304*b819cea2SGordon Ross &sim->sim_stat); 305*b819cea2SGordon Ross break; 306*b819cea2SGordon Ross 307*b819cea2SGordon Ross case SMB_IDMAP_GROUP: 308*b819cea2SGordon Ross idm_stat = kidmap_batch_getsidbygid(idmaph, id, 309*b819cea2SGordon Ross (const char **)&sim->sim_domsid, &sim->sim_rid, 310*b819cea2SGordon Ross &sim->sim_stat); 311*b819cea2SGordon Ross break; 312*b819cea2SGordon Ross 313*b819cea2SGordon Ross case SMB_IDMAP_OWNERAT: 314*b819cea2SGordon Ross /* Current Owner S-1-5-32-766 */ 315*b819cea2SGordon Ross sim->sim_domsid = NT_BUILTIN_DOMAIN_SIDSTR; 316*b819cea2SGordon Ross sim->sim_rid = SECURITY_CURRENT_OWNER_RID; 317*b819cea2SGordon Ross sim->sim_stat = IDMAP_SUCCESS; 318*b819cea2SGordon Ross idm_stat = IDMAP_SUCCESS; 319*b819cea2SGordon Ross break; 320*b819cea2SGordon Ross 321*b819cea2SGordon Ross case SMB_IDMAP_GROUPAT: 322*b819cea2SGordon Ross /* Current Group S-1-5-32-767 */ 323*b819cea2SGordon Ross sim->sim_domsid = NT_BUILTIN_DOMAIN_SIDSTR; 324*b819cea2SGordon Ross sim->sim_rid = SECURITY_CURRENT_GROUP_RID; 325*b819cea2SGordon Ross sim->sim_stat = IDMAP_SUCCESS; 326*b819cea2SGordon Ross idm_stat = IDMAP_SUCCESS; 327*b819cea2SGordon Ross break; 328*b819cea2SGordon Ross 329*b819cea2SGordon Ross case SMB_IDMAP_EVERYONE: 330*b819cea2SGordon Ross /* Everyone S-1-1-0 */ 331*b819cea2SGordon Ross sim->sim_domsid = NT_WORLD_AUTH_SIDSTR; 332*b819cea2SGordon Ross sim->sim_rid = 0; 333*b819cea2SGordon Ross sim->sim_stat = IDMAP_SUCCESS; 334*b819cea2SGordon Ross idm_stat = IDMAP_SUCCESS; 335*b819cea2SGordon Ross break; 336*b819cea2SGordon Ross 337*b819cea2SGordon Ross default: 338*b819cea2SGordon Ross ASSERT(0); 339*b819cea2SGordon Ross return (IDMAP_ERR_ARG); 340*b819cea2SGordon Ross } 341*b819cea2SGordon Ross 342*b819cea2SGordon Ross return (idm_stat); 343*b819cea2SGordon Ross } 344*b819cea2SGordon Ross 345*b819cea2SGordon Ross /* 346*b819cea2SGordon Ross * smb_idmap_batch_getmappings 347*b819cea2SGordon Ross * 348*b819cea2SGordon Ross * trigger ID mapping service to get the mappings for queued 349*b819cea2SGordon Ross * requests. 350*b819cea2SGordon Ross * 351*b819cea2SGordon Ross * Checks the result of all the queued requests. 352*b819cea2SGordon Ross * If this is a Solaris -> Windows mapping it generates 353*b819cea2SGordon Ross * binary SIDs from returned (domsid, rid) pairs. 354*b819cea2SGordon Ross */ 355*b819cea2SGordon Ross idmap_stat 356*b819cea2SGordon Ross smb_idmap_batch_getmappings(smb_idmap_batch_t *sib) 357*b819cea2SGordon Ross { 358*b819cea2SGordon Ross idmap_stat idm_stat = IDMAP_SUCCESS; 359*b819cea2SGordon Ross int i; 360*b819cea2SGordon Ross 361*b819cea2SGordon Ross idm_stat = kidmap_get_mappings(sib->sib_idmaph); 362*b819cea2SGordon Ross if (idm_stat != IDMAP_SUCCESS) 363*b819cea2SGordon Ross return (idm_stat); 364*b819cea2SGordon Ross 365*b819cea2SGordon Ross /* 366*b819cea2SGordon Ross * Check the status for all the queued requests 367*b819cea2SGordon Ross */ 368*b819cea2SGordon Ross for (i = 0; i < sib->sib_nmap; i++) { 369*b819cea2SGordon Ross if (sib->sib_maps[i].sim_stat != IDMAP_SUCCESS) 370*b819cea2SGordon Ross return (sib->sib_maps[i].sim_stat); 371*b819cea2SGordon Ross } 372*b819cea2SGordon Ross 373*b819cea2SGordon Ross if (smb_idmap_batch_binsid(sib) != 0) 374*b819cea2SGordon Ross idm_stat = IDMAP_ERR_OTHER; 375*b819cea2SGordon Ross 376*b819cea2SGordon Ross return (idm_stat); 377*b819cea2SGordon Ross } 378*b819cea2SGordon Ross 379*b819cea2SGordon Ross /* 380*b819cea2SGordon Ross * smb_idmap_batch_binsid 381*b819cea2SGordon Ross * 382*b819cea2SGordon Ross * Convert sidrids to binary sids 383*b819cea2SGordon Ross * 384*b819cea2SGordon Ross * Returns 0 if successful and non-zero upon failure. 385*b819cea2SGordon Ross */ 386*b819cea2SGordon Ross static int 387*b819cea2SGordon Ross smb_idmap_batch_binsid(smb_idmap_batch_t *sib) 388*b819cea2SGordon Ross { 389*b819cea2SGordon Ross smb_sid_t *sid; 390*b819cea2SGordon Ross smb_idmap_t *sim; 391*b819cea2SGordon Ross int i; 392*b819cea2SGordon Ross 393*b819cea2SGordon Ross if (sib->sib_flags & SMB_IDMAP_SID2ID) 394*b819cea2SGordon Ross /* This operation is not required */ 395*b819cea2SGordon Ross return (0); 396*b819cea2SGordon Ross 397*b819cea2SGordon Ross sim = sib->sib_maps; 398*b819cea2SGordon Ross for (i = 0; i < sib->sib_nmap; sim++, i++) { 399*b819cea2SGordon Ross ASSERT(sim->sim_domsid); 400*b819cea2SGordon Ross if (sim->sim_domsid == NULL) 401*b819cea2SGordon Ross return (1); 402*b819cea2SGordon Ross 403*b819cea2SGordon Ross if ((sid = smb_sid_fromstr(sim->sim_domsid)) == NULL) 404*b819cea2SGordon Ross return (1); 405*b819cea2SGordon Ross 406*b819cea2SGordon Ross sim->sim_sid = smb_sid_splice(sid, sim->sim_rid); 407*b819cea2SGordon Ross smb_sid_free(sid); 408*b819cea2SGordon Ross } 409*b819cea2SGordon Ross 410*b819cea2SGordon Ross return (0); 411*b819cea2SGordon Ross } 412