illumos/illumos-gate: usr/src/lib/smbsrv/libmlsvc/common/samlib.c annotate

annotate usr/src/lib/smbsrv/libmlsvc/common/samlib.c @ 10717:fe0545fc3cdd

6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API 6877755 smbd should not route stderr, stdout to /dev/null 6882701 Wrong error message for attempt to map local user to Windows group, or vice versa 6885105 Potential for deadlock in smb_node_set_delete_on_close() 6881928 smbd core generated when running a script to join domain, set abe properties 6885538 Reduce dependencies on libsmbrdr 6820325 cifs service can't start on multi vlan+ipmp configuration

author	Alan Wright <amw@Sun.COM>
date	Mon, 05 Oct 2009 11:03:34 -0700
parents	ee04788f8605
children	37e5dcdf36d3

rev	line source
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	1 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	2 * CDDL HEADER START
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	3 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	4 * The contents of this file are subject to the terms of the
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	5 * Common Development and Distribution License (the "License").
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	6 * You may not use this file except in compliance with the License.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	7 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	9 * or http://www.opensolaris.org/os/licensing.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	10 * See the License for the specific language governing permissions
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	11 * and limitations under the License.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	12 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	13 * When distributing Covered Code, include this CDDL HEADER in each
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	15 * If applicable, add the following below this CDDL HEADER, with the
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	16 * fields enclosed by brackets "[]" replaced with your own identifying
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	17 * information: Portions Copyright [yyyy] [name of copyright owner]
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	18 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	19 * CDDL HEADER END
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	20 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	21 /*
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	23 * Use is subject to license terms.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	24 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	25
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	26 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	27 * This module provides the high level interface to the SAM RPC
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	28 * functions.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	29 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	30
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	31 #include <alloca.h>
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	32
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	33 #include <smbsrv/libsmb.h>
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	34 #include <smbsrv/libmlsvc.h>
6432 98715880dd9e 6666802 Cannot copy >1023 byte readonly file from Vista client to Solaris CIFS share as200622 parents: 5772 diff changeset	35
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	36 #include <smbsrv/ntstatus.h>
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	37 #include <smbsrv/ntaccess.h>
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	38 #include <lsalib.h>
5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	39 #include <samlib.h>
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	40
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	41 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	42 * Valid values for the OEM OWF password encryption.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	43 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	44 #define SAM_PASSWORD_516 516
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	45 #define SAM_KEYLEN 16
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	46
10504 ee04788f8605 6861127 Want an RPC function to get the session key Keyur Desai <Keyur.Desai@Sun.COM> parents: 9832 diff changeset	47 extern DWORD samr_set_user_info(mlsvc_handle_t *);
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	48 static struct samr_sid sam_get_domain_sid(mlsvc_handle_t , char , char );
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	49
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	50 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	51 * sam_create_trust_account
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	52 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	53 * Create a trust account for this system.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	54 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	55 * SAMR_AF_WORKSTATION_TRUST_ACCOUNT: servers and workstations.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	56 * SAMR_AF_SERVER_TRUST_ACCOUNT: domain controllers.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	57 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	58 * Returns NT status codes.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	59 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	60 DWORD
10504 ee04788f8605 6861127 Want an RPC function to get the session key Keyur Desai <Keyur.Desai@Sun.COM> parents: 9832 diff changeset	61 sam_create_trust_account(char server, char domain)
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	62 {
7961 4b5e3051f38b 6751647 TRANS2_FIND_NEXT continuation by filename restarts search at beginning of directory natalie li - Sun Microsystems - Irvine United States <Natalie.Li@Sun.COM> parents: 6432 diff changeset	63 char account_name[SMB_SAMACCT_MAXLEN];
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	64 DWORD status;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	65
7961 4b5e3051f38b 6751647 TRANS2_FIND_NEXT continuation by filename restarts search at beginning of directory natalie li - Sun Microsystems - Irvine United States <Natalie.Li@Sun.COM> parents: 6432 diff changeset	66 if (smb_getsamaccount(account_name, SMB_SAMACCT_MAXLEN) != 0)
4b5e3051f38b 6751647 TRANS2_FIND_NEXT continuation by filename restarts search at beginning of directory natalie li - Sun Microsystems - Irvine United States <Natalie.Li@Sun.COM> parents: 6432 diff changeset	67 return (NT_STATUS_INTERNAL_ERROR);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	68
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	69 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	70 * The trust account value here should match
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	71 * the value that will be used when the user
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	72 * information is set on this account.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	73 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	74 status = sam_create_account(server, domain, account_name,
10504 ee04788f8605 6861127 Want an RPC function to get the session key Keyur Desai <Keyur.Desai@Sun.COM> parents: 9832 diff changeset	75 SAMR_AF_WORKSTATION_TRUST_ACCOUNT);
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	76
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	77 /*
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	78 * Based on network traces, a Windows 2000 client will
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	79 * always try to create the computer account first.
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	80 * If it existed, then check the user permission to join
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	81 * the domain.
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	82 */
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	83
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	84 if (status == NT_STATUS_USER_EXISTS)
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	85 status = sam_check_user(server, domain, account_name);
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	86
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	87 return (status);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	88 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	89
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	90
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	91 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	92 * sam_create_account
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	93 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	94 * Create the specified domain account in the SAM database on the
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	95 * domain controller.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	96 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	97 * Account flags:
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	98 * SAMR_AF_NORMAL_ACCOUNT
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	99 * SAMR_AF_WORKSTATION_TRUST_ACCOUNT
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	100 * SAMR_AF_SERVER_TRUST_ACCOUNT
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	101 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	102 * Returns NT status codes.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	103 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	104 DWORD
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	105 sam_create_account(char server, char domain_name, char *account_name,
10504 ee04788f8605 6861127 Want an RPC function to get the session key Keyur Desai <Keyur.Desai@Sun.COM> parents: 9832 diff changeset	106 DWORD account_flags)
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	107 {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	108 mlsvc_handle_t samr_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	109 mlsvc_handle_t domain_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	110 mlsvc_handle_t user_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	111 union samr_user_info sui;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	112 struct samr_sid *sid;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	113 DWORD rid;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	114 DWORD status;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	115 int rc;
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	116 char user[SMB_USERNAME_MAXLEN];
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	117
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	118 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	119
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	120 rc = samr_open(server, domain_name, user, SAM_CONNECT_CREATE_ACCOUNT,
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	121 &samr_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	122
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	123 if (rc != 0) {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	124 status = NT_STATUS_OPEN_FAILED;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	125 smb_tracef("SamCreateAccount[%s\\%s]: %s",
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	126 domain_name, account_name, xlate_nt_status(status));
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	127 return (status);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	128 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	129
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	130 sid = sam_get_domain_sid(&samr_handle, server, domain_name);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	131
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	132 status = samr_open_domain(&samr_handle,
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	133 SAM_DOMAIN_CREATE_ACCOUNT, sid, &domain_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	134
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	135 if (status == NT_STATUS_SUCCESS) {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	136 status = samr_create_user(&domain_handle, account_name,
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	137 account_flags, &rid, &user_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	138
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	139 if (status == NT_STATUS_SUCCESS) {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	140 (void) samr_query_user_info(&user_handle,
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	141 SAMR_QUERY_USER_UNKNOWN16, &sui);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	142
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	143 (void) samr_get_user_pwinfo(&user_handle);
10504 ee04788f8605 6861127 Want an RPC function to get the session key Keyur Desai <Keyur.Desai@Sun.COM> parents: 9832 diff changeset	144 (void) samr_set_user_info(&user_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	145 (void) samr_close_handle(&user_handle);
5772 237ac22142fe 6560095 SNAS shows SIDs for Built-in Groups members instead of name as200622 parents: 5521 diff changeset	146 } else if (status != NT_STATUS_USER_EXISTS) {
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	147 smb_tracef("SamCreateAccount[%s]: %s",
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	148 account_name, xlate_nt_status(status));
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	149 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	150
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	151 (void) samr_close_handle(&domain_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	152 } else {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	153 smb_tracef("SamCreateAccount[%s]: open domain failed",
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	154 account_name);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	155 status = (NT_STATUS_CANT_ACCESS_DOMAIN_INFO);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	156 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	157
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	158 (void) samr_close_handle(&samr_handle);
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	159 free(sid);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	160 return (status);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	161 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	162
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	163
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	164 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	165 * sam_remove_trust_account
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	166 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	167 * Attempt to remove the workstation trust account for this system.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	168 * Administrator access is required to perform this operation.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	169 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	170 * Returns NT status codes.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	171 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	172 DWORD
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	173 sam_remove_trust_account(char server, char domain)
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	174 {
7961 4b5e3051f38b 6751647 TRANS2_FIND_NEXT continuation by filename restarts search at beginning of directory natalie li - Sun Microsystems - Irvine United States <Natalie.Li@Sun.COM> parents: 6432 diff changeset	175 char account_name[SMB_SAMACCT_MAXLEN];
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	176
7961 4b5e3051f38b 6751647 TRANS2_FIND_NEXT continuation by filename restarts search at beginning of directory natalie li - Sun Microsystems - Irvine United States <Natalie.Li@Sun.COM> parents: 6432 diff changeset	177 if (smb_getsamaccount(account_name, SMB_SAMACCT_MAXLEN) != 0)
4b5e3051f38b 6751647 TRANS2_FIND_NEXT continuation by filename restarts search at beginning of directory natalie li - Sun Microsystems - Irvine United States <Natalie.Li@Sun.COM> parents: 6432 diff changeset	178 return (NT_STATUS_INTERNAL_ERROR);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	179
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	180 return (sam_delete_account(server, domain, account_name));
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	181 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	182
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	183
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	184 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	185 * sam_delete_account
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	186 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	187 * Attempt to remove an account from the SAM database on the specified
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	188 * server.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	189 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	190 * Returns NT status codes.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	191 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	192 DWORD
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	193 sam_delete_account(char server, char domain_name, char *account_name)
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	194 {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	195 mlsvc_handle_t samr_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	196 mlsvc_handle_t domain_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	197 mlsvc_handle_t user_handle;
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	198 smb_account_t ainfo;
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	199 struct samr_sid *sid;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	200 DWORD access_mask;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	201 DWORD status;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	202 int rc;
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	203 char user[SMB_USERNAME_MAXLEN];
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	204
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	205 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	206
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	207 rc = samr_open(server, domain_name, user, SAM_LOOKUP_INFORMATION,
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	208 &samr_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	209
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	210 if (rc != 0)
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	211 return (NT_STATUS_OPEN_FAILED);
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	212
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	213 sid = sam_get_domain_sid(&samr_handle, server, domain_name);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	214 status = samr_open_domain(&samr_handle, SAM_LOOKUP_INFORMATION, sid,
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	215 &domain_handle);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	216 free(sid);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	217 if (status != NT_STATUS_SUCCESS) {
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	218 (void) samr_close_handle(&samr_handle);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	219 return (status);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	220 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	221
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	222 status = samr_lookup_domain_names(&domain_handle, account_name, &ainfo);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	223 if (status == NT_STATUS_SUCCESS) {
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	224 access_mask = STANDARD_RIGHTS_EXECUTE \| DELETE;
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	225 status = samr_open_user(&domain_handle, access_mask,
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	226 ainfo.a_rid, &user_handle);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	227 if (status == NT_STATUS_SUCCESS) {
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	228 if (samr_delete_user(&user_handle) != 0)
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	229 (void) samr_close_handle(&user_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	230 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	231 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	232
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	233 (void) samr_close_handle(&domain_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	234 (void) samr_close_handle(&samr_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	235 return (status);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	236 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	237
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	238 /*
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	239 * sam_check_user
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	240 *
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	241 * Check to see if user have permission to access computer account.
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	242 * The user being checked is the specified user for joining the Solaris
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	243 * host to the domain.
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	244 */
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	245 DWORD
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	246 sam_check_user(char server, char domain_name, char *account_name)
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	247 {
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	248 mlsvc_handle_t samr_handle;
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	249 mlsvc_handle_t domain_handle;
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	250 mlsvc_handle_t user_handle;
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	251 smb_account_t ainfo;
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	252 struct samr_sid *sid;
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	253 DWORD access_mask;
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	254 DWORD status;
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	255 int rc;
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	256 char user[SMB_USERNAME_MAXLEN];
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	257
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	258 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	259
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	260 rc = samr_open(server, domain_name, user, SAM_LOOKUP_INFORMATION,
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	261 &samr_handle);
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	262
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	263 if (rc != 0)
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	264 return (NT_STATUS_OPEN_FAILED);
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	265
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	266 sid = sam_get_domain_sid(&samr_handle, server, domain_name);
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	267 status = samr_open_domain(&samr_handle, SAM_LOOKUP_INFORMATION, sid,
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	268 &domain_handle);
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	269 free(sid);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	270 if (status != NT_STATUS_SUCCESS) {
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	271 (void) samr_close_handle(&samr_handle);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	272 return (status);
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	273 }
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	274
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	275 status = samr_lookup_domain_names(&domain_handle, account_name, &ainfo);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	276 if (status == NT_STATUS_SUCCESS) {
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	277 /*
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	278 * Win2000 client uses this access mask. The
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	279 * following SAMR user specific rights bits are
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	280 * set: set password, set attributes, and get
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	281 * attributes.
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	282 */
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	283
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	284 access_mask = 0xb0;
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	285 status = samr_open_user(&domain_handle,
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	286 access_mask, ainfo.a_rid, &user_handle);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	287 if (status == NT_STATUS_SUCCESS)
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	288 (void) samr_close_handle(&user_handle);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	289 }
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	290
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	291 (void) samr_close_handle(&domain_handle);
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	292 (void) samr_close_handle(&samr_handle);
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	293 return (status);
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	294 }
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	295
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	296 /*
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	297 * sam_lookup_name
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	298 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	299 * Lookup an account name in the SAM database on the specified domain
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	300 * controller. Provides the account RID on success.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	301 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	302 * Returns NT status codes.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	303 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	304 DWORD
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	305 sam_lookup_name(char server, char domain_name, char *account_name,
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	306 DWORD *rid_ret)
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	307 {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	308 mlsvc_handle_t samr_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	309 mlsvc_handle_t domain_handle;
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	310 smb_account_t ainfo;
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	311 struct samr_sid *domain_sid;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	312 int rc;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	313 DWORD status;
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	314 char user[SMB_USERNAME_MAXLEN];
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	315
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	316 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	317
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	318 *rid_ret = 0;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	319
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	320 rc = samr_open(server, domain_name, user, SAM_LOOKUP_INFORMATION,
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	321 &samr_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	322
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	323 if (rc != 0)
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	324 return (NT_STATUS_OPEN_FAILED);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	325
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	326 domain_sid = (struct samr_sid *)samr_lookup_domain(&samr_handle,
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	327 domain_name);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	328 if (domain_sid == NULL) {
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	329 (void) samr_close_handle(&samr_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	330 return (NT_STATUS_NO_SUCH_DOMAIN);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	331 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	332
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	333 status = samr_open_domain(&samr_handle, SAM_LOOKUP_INFORMATION,
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	334 domain_sid, &domain_handle);
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	335 if (status == NT_STATUS_SUCCESS) {
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	336 status = samr_lookup_domain_names(&domain_handle,
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	337 account_name, &ainfo);
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	338 if (status == NT_STATUS_SUCCESS)
6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	339 *rid_ret = ainfo.a_rid;
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	340
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	341 (void) samr_close_handle(&domain_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	342 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	343
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	344 (void) samr_close_handle(&samr_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	345 return (status);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	346 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	347
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	348 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	349 * sam_get_local_domains
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	350 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	351 * Query a remote server to get the list of local domains that it
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	352 * supports.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	353 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	354 * Returns NT status codes.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	355 */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	356 DWORD
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	357 sam_get_local_domains(char server, char domain_name)
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	358 {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	359 mlsvc_handle_t samr_handle;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	360 DWORD status;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	361 int rc;
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	362 char user[SMB_USERNAME_MAXLEN];
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	363
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	364 smb_ipc_get_user(user, SMB_USERNAME_MAXLEN);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	365
5521 cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	366 rc = samr_open(server, domain_name, user, SAM_ENUM_LOCAL_DOMAIN,
cf62335046cd 6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names as200622 parents: 5331 diff changeset	367 &samr_handle);
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	368 if (rc != 0)
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	369 return (NT_STATUS_OPEN_FAILED);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	370
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	371 status = samr_enum_local_domains(&samr_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	372 (void) samr_close_handle(&samr_handle);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	373 return (status);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	374 }
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	375
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	376 /*
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	377 * sam_oem_password
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	378 *
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	379 * Generate an OEM password.
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	380 */
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	381 int
5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	382 sam_oem_password(oem_password_t oem_password, unsigned char new_password,
5331 3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	383 unsigned char *old_password)
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	384 {
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	385 mts_wchar_t *unicode_password;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	386 int length;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	387
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	388 #ifdef PBSHORTCUT
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	389 assert(sizeof (oem_password_t) == SAM_PASSWORD_516);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	390 #endif /* PBSHORTCUT */
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	391
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	392 length = strlen((char const *)new_password);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	393 unicode_password = alloca((length + 1) * sizeof (mts_wchar_t));
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	394
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	395 length = smb_auth_qnd_unicode((unsigned short *)unicode_password,
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	396 (char *)new_password, length);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	397 oem_password->length = length;
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	398
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	399 (void) memcpy(&oem_password->data[512 - length],
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	400 unicode_password, length);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	401
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	402 rand_hash((unsigned char *)oem_password, sizeof (oem_password_t),
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	403 old_password, SAM_KEYLEN);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	404
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	405 return (0);
3047ad28a67b PSARC/2007/218 caller_context_t in all VOPs amw parents: diff changeset	406 }
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	407
5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	408 static struct samr_sid *
8670 6da349c3f817 6792084 smb_node_lookup should not take ownership of the hold on vnode passed as a parameter jose borrego <Jose.Borrego@Sun.COM> parents: 8334 diff changeset	409 sam_get_domain_sid(mlsvc_handle_t samr_handle, char server, char *domain_name)
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	410 {
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	411 smb_sid_t *sid = NULL;
fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	412 smb_domainex_t domain;
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	413
5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	414 if (ndr_rpc_server_os(samr_handle) == NATIVE_OS_WIN2000) {
9832 3569b6c7f56c 6803042 AUXILIARY tags in libsmb mapfile produce ELF noise and bloated binary Alan Wright <amw@Sun.COM> parents: 8670 diff changeset	415 if (!smb_domain_getinfo(&domain)) {
3569b6c7f56c 6803042 AUXILIARY tags in libsmb mapfile produce ELF noise and bloated binary Alan Wright <amw@Sun.COM> parents: 8670 diff changeset	416 if (lsa_query_account_domain_info(server, domain_name,
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	417 &domain.d_primary) != NT_STATUS_SUCCESS)
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	418 return (NULL);
9832 3569b6c7f56c 6803042 AUXILIARY tags in libsmb mapfile produce ELF noise and bloated binary Alan Wright <amw@Sun.COM> parents: 8670 diff changeset	419 }
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	420
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	421 sid = smb_sid_fromstr(domain.d_primary.di_sid);
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	422 } else {
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	423 sid = samr_lookup_domain(samr_handle, domain_name);
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	424 }
5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	425
10717 fe0545fc3cdd 6612607 CIFS ADS client should use ldap_sasl_interactive_bind_s API Alan Wright <amw@Sun.COM> parents: 10504 diff changeset	426 return ((struct samr_sid *)sid);
8334 5f1c6a3b0fad 6762162 $DATA appended to streams when stream type != $DATA jose borrego <Jose.Borrego@Sun.COM> parents: 7961 diff changeset	427 }

Mercurial > illumos > illumos-gate

annotate usr/src/lib/smbsrv/libmlsvc/common/samlib.c @ 10717:fe0545fc3cdd