6647735 Need fetch/store ACL support

6707025 The owner and group id display should be unsigned

2 files changed, 205 insertions, 0 deletions

diff --git a/usr/src/lib/libsmbfs/netsmb/smbfs_acl.h b/usr/src/lib/libsmbfs/netsmb/smbfs_acl.h
new file mode 100644
index 0000000000..dc8972e5cb
--- /dev/null
+++ b/usr/src/lib/libsmbfs/netsmb/smbfs_acl.h
@@ -0,0 +1,92 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+
+/*
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef _NETSMB_SMBFS_ACL_H
+#define	_NETSMB_SMBFS_ACL_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+/*
+ * Get/set ACL via contracted interface in libsmbfs.
+ * The ACL is in the form used by libsec (type=ACE_T)
+ * but we need to carry the uid/gid info here too.
+ */
+
+#include <sys/acl.h>
+
+/*
+ * Get a ZFS-style acl from an FD opened in smbfs.
+ * Intentionally similar to: facl_get(3SEC)
+ *
+ * Allocates an acl_t via libsec.  Free with: acl_free(3SEC)
+ * Get owner/group IDs too if ID pointers != NULL
+ */
+int smbfs_acl_get(int fd, acl_t **, uid_t *, gid_t *);
+
+/*
+ * Set a ZFS-style acl onto an FD opened in smbfs.
+ * Intentionally similar to: facl_set(3SEC)
+ *
+ * The acl_t must be of type ACE_T (from libsec).
+ * Set owner/group IDs too if ID values != -1
+ */
+int smbfs_acl_set(int fd, acl_t *, uid_t, gid_t);
+
+
+/*
+ * Slightly lower-level functions, allowing access to
+ * the raw Windows Security Descriptor (SD)
+ */
+typedef struct i_ntsd i_ntsd_t;
+
+/*
+ * Get an "internal form" SD from the FD (opened in smbfs).
+ * Allocates a hierarchy in isdp.  Caller must free it via
+ * smbfs_acl_free_isd()
+ */
+int smbfs_acl_getsd(int fd, uint32_t, i_ntsd_t **);
+
+/*
+ * Set an "internal form" SD onto the FD (opened in smbfs).
+ */
+int smbfs_acl_setsd(int fd, uint32_t, i_ntsd_t *);
+
+/*
+ * Convert an internal SD to a ZFS-style ACL.
+ * Get uid/gid too if pointers != NULL.
+ */
+int smbfs_acl_sd2zfs(i_ntsd_t *, acl_t *, uid_t *, gid_t *);
+
+/*
+ * Convert an internal SD to a ZFS-style ACL.
+ * Include owner/group too if uid/gid != -1.
+ */
+int smbfs_acl_zfs2sd(acl_t *, uid_t, gid_t, i_ntsd_t **);
+
+void smbfs_acl_free_sd(i_ntsd_t *);
+void smbfs_acl_print_sd(FILE *, i_ntsd_t *);
+
+#endif	/* _NETSMB_SMBFS_ACL_H */
diff --git a/usr/src/lib/libsmbfs/netsmb/smbfs_isec.h b/usr/src/lib/libsmbfs/netsmb/smbfs_isec.h
new file mode 100644
index 0000000000..f6b3555345
--- /dev/null
+++ b/usr/src/lib/libsmbfs/netsmb/smbfs_isec.h
@@ -0,0 +1,113 @@
+/*
+ * CDDL HEADER START
+ *
+ * The contents of this file are subject to the terms of the
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
+ *
+ * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+ * or http://www.opensolaris.org/os/licensing.
+ * See the License for the specific language governing permissions
+ * and limitations under the License.
+ *
+ * When distributing Covered Code, include this CDDL HEADER in each
+ * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+ * If applicable, add the following below this CDDL HEADER, with the
+ * fields enclosed by brackets "[]" replaced with your own identifying
+ * information: Portions Copyright [yyyy] [name of copyright owner]
+ *
+ * CDDL HEADER END
+ */
+
+/*
+ * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Use is subject to license terms.
+ */
+
+#ifndef _SMBFS_ISEC_H
+#define	_SMBFS_ISEC_H
+
+#pragma ident	"%Z%%M%	%I%	%E% SMI"
+
+/*
+ * Internal Security Descriptor (SD)
+ */
+
+#include <netsmb/smbfs_acl.h>
+
+/*
+ * Internal form of an NT SID
+ * Same as on the wire, but possibly byte-swapped.
+ */
+typedef struct i_ntsid {
+	uint8_t	sid_revision;
+	uint8_t	sid_subauthcount;
+	uint8_t	sid_authority[6];
+	uint32_t sid_subauthvec[1]; /* actually len=subauthcount */
+} i_ntsid_t;
+#define	I_SID_SIZE(sacnt)	(8 + 4 * (sacnt))
+
+/*
+ * Internal form of an NT ACE
+ */
+typedef struct i_ntace {
+	uint8_t	ace_type;
+	uint8_t	ace_flags;
+	uint32_t	ace_rights; /* generic, standard, specific, etc */
+	i_ntsid_t	*ace_sid;
+} i_ntace_t;
+
+/*
+ * Internal form of an NT ACL (see sacl/dacl below)
+ */
+typedef struct i_ntacl {
+	uint8_t	acl_revision;	/* 0x02 observed with W2K */
+	uint16_t	acl_acecount;
+	i_ntace_t	*acl_acevec[1]; /* actually, len=acecount */
+} i_ntacl_t;
+
+/*
+ * Internal form of an NT Security Descriptor (SD)
+ */
+struct i_ntsd {
+	uint8_t		sd_revision;	/* 0x01 observed between W2K */
+	uint16_t	sd_flags;
+	i_ntsid_t	*sd_owner;
+	i_ntsid_t	*sd_group;
+	i_ntacl_t	*sd_sacl;
+	i_ntacl_t	*sd_dacl;
+};
+
+
+/*
+ * Import a raw SD (mb chain) into "internal" form.
+ * (like "absolute" form per. NT docs)
+ * Returns allocated data in sdp
+ */
+int mb_get_ntsd(mbdata_t *mbp, i_ntsd_t **sdp);
+
+/*
+ * Export an "internal" SD into an raw SD (mb chain).
+ * (a.k.a "self-relative" form per. NT docs)
+ * Returns allocated mbchain in mbp.
+ */
+int mb_put_ntsd(mbdata_t *mbp, i_ntsd_t *sd);
+
+
+/*
+ * Get an SD via ioctl on FD (with "selector" bits),
+ * stroing the raw Windows SD in the mb chain mbp.
+ */
+int smbfs_acl_iocget(int fd, uint32_t selector, mbdata_t *mbp);
+
+/*
+ * Set an SD via ioctl on FD (with "selector" bits),
+ * with a raw Windows SD from the chain mbp.
+ */
+int smbfs_acl_iocset(int fd, uint32_t selector, mbdata_t *mbp);
+
+
+int smbfs_sid2str(i_ntsid_t *sid,
+	char *obuf, size_t olen, uint32_t *ridp);
+
+#endif	/* _SMBFS_ISEC_H */