diff options
| author | as200622 <none@none> | 2007-11-26 18:29:15 -0800 |
|---|---|---|
| committer | as200622 <none@none> | 2007-11-26 18:29:15 -0800 |
| commit | 55bf511df53aad0fdb7eb3fa349f0308cc05234c (patch) | |
| tree | a153d7bae39c0480da0107072553ce0b07b02f23 /usr/src/lib/smbsrv/libmlsvc | |
| parent | b3d911cb99b7e5dd9df4c81fd7b58a97c82d07db (diff) | |
| download | illumos-joyent-55bf511df53aad0fdb7eb3fa349f0308cc05234c.tar.gz | |
6575640 rename/rmdir/remove on mixed file systems work incorrectly for mangled names
6582182 64-bit libraries
6588720 Unable to create new folder in autohome share from Solaris10u3 with UFS & ZFS.
6611820 Unable to map a SMB share on SPARC system.
6612193 Rework ADS client, DynDNS client and Auth IPC to use host principal
6614664 CIFS server should not request ctime changes
6614864 Security tab not available after a share is mapped on SPARC system
6614953 An error occurred while creating a notepad file on X86 32-bit system.
6616349 Sparc-Get error "input not UTF-8" and (Abort)(core dumped) in sharemgr with Korean resource name
6622828 Resolve unreferenced makefiles
6626833 SUNWsmbsu package issues with snv_77.
6627415 SmbCreateTemporary fails on SPARC
6627469 Unable to map SIDs to names for Windows Vista clients
6627471 Remove winpipe door server from name space
6628747 smbd crash and in maintenance state
6629402 The adjoin operation triggered by smbadm join CLI shouldn't overwrite the Kerberos keytab file.
6629410 SMB daemon should remove its ccache on refresh or restart
6629428 smb daemon crashes at smb_nic_clear_niclist+0x45(815ff10, 2)
6629797 sharemgr: Deleting an SMB resource that has an option leads to core dump
6630470 Get core in sharemgr:libshare_smb.so.1`smb_enable_service+0x78(2ec90, fe87c49c, 0, ff396000,17e54,6)
--HG--
rename : usr/src/uts/common/smbsrv/smb_secdesc.h => deleted_files/usr/src/uts/common/smbsrv/smb_secdesc.h
Diffstat (limited to 'usr/src/lib/smbsrv/libmlsvc')
22 files changed, 336 insertions, 264 deletions
diff --git a/usr/src/lib/smbsrv/libmlsvc/Makefile.com b/usr/src/lib/smbsrv/libmlsvc/Makefile.com index e0c1ee5c4c..60f0c4f66d 100644 --- a/usr/src/lib/smbsrv/libmlsvc/Makefile.com +++ b/usr/src/lib/smbsrv/libmlsvc/Makefile.com @@ -77,6 +77,7 @@ include ../../Makefile.lib INCS += -I$(SRC)/common/smbsrv +LDLIBS += $(MACH_LDLIBS) LDLIBS += -lmlrpc -lsmbrdr -lsmb -lsmbns -lshare -lnsl -lc SRCS= $(OBJS_COMMON:%.o=$(SRCDIR)/%.c) \ diff --git a/usr/src/lib/smbsrv/libmlsvc/amd64/Makefile b/usr/src/lib/smbsrv/libmlsvc/amd64/Makefile index a2f97019c8..b3c4916b0c 100644 --- a/usr/src/lib/smbsrv/libmlsvc/amd64/Makefile +++ b/usr/src/lib/smbsrv/libmlsvc/amd64/Makefile @@ -25,7 +25,11 @@ # ident "%Z%%M% %I% %E% SMI" # +MACH_LDLIBS += -L$(ROOT)/usr/lib/smbsrv/$(MACH64) + include ../Makefile.com include ../../../Makefile.lib.64 +DYNFLAGS += -R/usr/lib/smbsrv/$(MACH64) + install: all $(ROOTLIBS64) $(ROOTLINKS64) $(ROOTLINT64) diff --git a/usr/src/lib/smbsrv/libmlsvc/common/lsalib.c b/usr/src/lib/smbsrv/libmlsvc/common/lsalib.c index ca98eb8eab..8e2effc333 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/lsalib.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/lsalib.c @@ -36,6 +36,7 @@ #include <smbsrv/libsmb.h> #include <smbsrv/libsmbns.h> #include <smbsrv/libmlsvc.h> +#include <smbsrv/libsmbrdr.h> #include <smbsrv/lsalib.h> #include <smbsrv/ntstatus.h> #include <smbsrv/smbinfo.h> @@ -60,8 +61,9 @@ lsa_query_primary_domain_info(void) { mlsvc_handle_t domain_handle; DWORD status; + char *user = smbrdr_ipc_get_user(); - if ((lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle)) != 0) + if ((lsar_open(NULL, NULL, user, &domain_handle)) != 0) return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); status = lsar_query_info_policy(&domain_handle, @@ -87,8 +89,9 @@ lsa_query_account_domain_info(void) { mlsvc_handle_t domain_handle; DWORD status; + char *user = smbrdr_ipc_get_user(); - if ((lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle)) != 0) + if ((lsar_open(NULL, NULL, user, &domain_handle)) != 0) return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); status = lsar_query_info_policy(&domain_handle, @@ -114,8 +117,9 @@ lsa_enum_trusted_domains(void) mlsvc_handle_t domain_handle; DWORD enum_context; DWORD status; + char *user = smbrdr_ipc_get_user(); - if ((lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle)) != 0) + if ((lsar_open(NULL, NULL, user, &domain_handle)) != 0) return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); enum_context = 0; @@ -318,8 +322,9 @@ int lsa_lookup_name(char *server, char *domain, char *account_name, { mlsvc_handle_t domain_handle; int rc; + char *user = smbrdr_ipc_get_user(); - rc = lsar_open(MLSVC_IPC_ANON, server, domain, 0, 0, &domain_handle); + rc = lsar_open(server, domain, user, &domain_handle); if (rc != 0) return (-1); @@ -340,8 +345,9 @@ DWORD lsa_lookup_name2(char *server, char *domain, char *account_name, mlsvc_handle_t domain_handle; DWORD status; int rc; + char *user = smbrdr_ipc_get_user(); - rc = lsar_open(MLSVC_IPC_ANON, server, domain, 0, 0, &domain_handle); + rc = lsar_open(server, domain, user, &domain_handle); if (rc != 0) return (NT_STATUS_INVALID_PARAMETER); @@ -378,8 +384,9 @@ lsa_lookup_sid(nt_sid_t *sid, smb_userinfo_t *user_info) { mlsvc_handle_t domain_handle; int rc; + char *user = smbrdr_ipc_get_user(); - rc = lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle); + rc = lsar_open(NULL, NULL, user, &domain_handle); if (rc != 0) return (-1); @@ -401,8 +408,9 @@ lsa_lookup_sid2(nt_sid_t *sid, smb_userinfo_t *user_info) mlsvc_handle_t domain_handle; DWORD status; int rc; + char *user = smbrdr_ipc_get_user(); - rc = lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle); + rc = lsar_open(NULL, NULL, user, &domain_handle); if (rc != 0) return (NT_STATUS_INVALID_PARAMETER); @@ -479,30 +487,12 @@ lsa_lookup_privs(char *server, char *account_name, char *target_name, { mlsvc_handle_t domain_handle; int rc; -#if 0 - mlsvc_handle_t account_handle; - struct mslsa_sid *sid; - - lsa_lookup_name(0, 0, target_name, user_info); + char *user = smbrdr_ipc_get_user(); - sid = (struct mslsa_sid *) - nt_sid_splice(user_info->domain_sid, user_info->rid); - - lsa_lookup_sid(server, account_name, (nt_sid_t *)sid, user_info); -#endif - if ((lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle)) != 0) + if ((lsar_open(NULL, NULL, user, &domain_handle)) != 0) return (-1); rc = lsa_list_accounts(&domain_handle); -#if 0 - rc = lsar_open_account(&domain_handle, sid, &account_handle); - if (rc == 0) { - (void) lsar_enum_privs_account(&account_handle, user_info); - (void) lsar_close(&account_handle); - } - - free(sid); -#endif (void) lsar_close(&domain_handle); return (rc); } @@ -523,8 +513,9 @@ lsa_list_privs(char *server, char *domain) mlsvc_handle_t domain_handle; int rc; int i; + char *user = smbrdr_ipc_get_user(); - rc = lsar_open(MLSVC_IPC_ANON, server, domain, 0, 0, &domain_handle); + rc = lsar_open(server, domain, user, &domain_handle); if (rc != 0) return (NT_STATUS_INVALID_PARAMETER); @@ -557,8 +548,9 @@ lsa_test(char *server, char *account_name) { mlsvc_handle_t domain_handle; int rc; + char *user = smbrdr_ipc_get_user(); - rc = lsar_open(MLSVC_IPC_ANON, 0, 0, 0, 0, &domain_handle); + rc = lsar_open(NULL, NULL, user, &domain_handle); if (rc != 0) return (-1); diff --git a/usr/src/lib/smbsrv/libmlsvc/common/lsar_open.c b/usr/src/lib/smbsrv/libmlsvc/common/lsar_open.c index 57b1b62a97..10f77f49cf 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/lsar_open.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/lsar_open.c @@ -49,48 +49,31 @@ * domain information if the caller didn't supply a server name and a * domain name. * + * If username argument is NULL, an anonymous connection will be established. + * Otherwise, an authenticated connection will be established. + * * On success 0 is returned. Otherwise a -ve error code. */ -int lsar_open(int ipc_mode, char *server, char *domain, char *username, - char *password, mlsvc_handle_t *domain_handle) +int lsar_open(char *server, char *domain, char *username, + mlsvc_handle_t *domain_handle) { smb_ntdomain_t *di; int remote_os; int remote_lm; int rc; - if ((di = smb_getdomaininfo(0)) == NULL) - return (-1); - if (server == NULL || domain == NULL) { - server = di->server; - domain = di->domain; - } + if ((di = smb_getdomaininfo(0)) == NULL) + return (-1); - switch (ipc_mode) { - case MLSVC_IPC_USER: - /* - * Use the supplied credentials. - */ - rc = mlsvc_user_logon(server, domain, username, password); - break; - - case MLSVC_IPC_ADMIN: - /* - * Use the resource domain administrator credentials. - */ server = di->server; domain = di->domain; - username = smbrdr_ipc_get_user(); + } - rc = mlsvc_admin_logon(server, domain); - break; + if (username == NULL) + username = MLSVC_ANON_USER; - case MLSVC_IPC_ANON: - default: - rc = mlsvc_anonymous_logon(server, domain, &username); - break; - } + rc = mlsvc_logon(server, domain, username); if (rc != 0) return (-1); diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mapfile-vers b/usr/src/lib/smbsrv/libmlsvc/common/mapfile-vers index e05f51b279..a294b0ef2e 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mapfile-vers +++ b/usr/src/lib/smbsrv/libmlsvc/common/mapfile-vers @@ -52,8 +52,8 @@ SUNWprivate { lsa_query_account_domain_info; lsa_enum_trusted_domains; mlsvc_init; - mlsvc_validate_user; mlsvc_is_local_domain; + mlsvc_join; nt_group_add; nt_group_add_groupprivs; nt_group_add_member_byname; diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_client.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_client.c index ac8cc3003c..de20a8c934 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_client.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_client.c @@ -34,6 +34,8 @@ #include <smbsrv/libsmb.h> #include <smbsrv/libsmbrdr.h> +#include <smbsrv/ndr.h> +#include <smbsrv/mlrpc.h> #include <smbsrv/mlsvc_util.h> static int mlsvc_xa_init(struct mlrpc_client *, struct mlrpc_xaction *, diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_logr.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_logr.c index 14c13a0315..4a6c80613d 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_logr.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_logr.c @@ -200,7 +200,6 @@ static mts_wchar_t wcs_hostname[MAXHOSTNAMELEN]; static int hostname_len = 0; static mts_wchar_t wcs_srcname[MAX_SRCNAME_LEN]; static int srcname_len = 0; -static int str_offs, sh_len; /* * logr_initialize @@ -214,6 +213,7 @@ logr_initialize(void) { struct utsname name; char *sysname; + int len; if (uname(&name) < 0) sysname = "Solaris"; @@ -221,6 +221,10 @@ logr_initialize(void) sysname = name.sysname; (void) strlcpy(logr_sysname, sysname, SYS_NMLN); + len = strlen(logr_sysname) + 1; + (void) mts_mbstowcs(wcs_srcname, logr_sysname, len); + srcname_len = len * sizeof (mts_wchar_t); + (void) mlrpc_register_service(&logr_service); } @@ -244,7 +248,7 @@ logr_s_EventLogClose(void *arg, struct mlrpc_xaction *mxa) return (MLRPC_DRC_OK); } - data = (read_data_t *)(desc->discrim); + data = (read_data_t *)(uintptr_t)(desc->discrim); free(data); (void) mlsvc_put_handle((ms_handle_t *)¶m->handle); @@ -267,12 +271,16 @@ logr_s_EventLogOpen(void *arg, struct mlrpc_xaction *mxa) struct logr_EventLogOpen *param = arg; ms_handle_t *handle; int log_enable = 0; + int len; + int rc; smb_config_rdlock(); log_enable = smb_config_getyorn(SMB_CI_LOGR_ENABLE); smb_config_unlock(); - if (log_enable == 0) { + rc = smb_gethostname(hostname, MAXHOSTNAMELEN, 1); + + if (log_enable == 0 || rc != 0) { bzero(¶m->handle, sizeof (logr_handle_t)); param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); return (MLRPC_DRC_OK); @@ -281,20 +289,9 @@ logr_s_EventLogOpen(void *arg, struct mlrpc_xaction *mxa) handle = mlsvc_get_handle(MLSVC_IFSPEC_LOGR, LOGR_KEY, 0); bcopy(handle, ¶m->handle, sizeof (logr_handle_t)); - if (hostname_len == 0) { - if (smb_gethostname(hostname, MAXHOSTNAMELEN, 1) != 0) { - bzero(¶m->handle, sizeof (logr_handle_t)); - param->status = NT_SC_ERROR(NT_STATUS_ACCESS_DENIED); - return (MLRPC_DRC_OK); - } - - hostname_len = (strlen(hostname) + 1) * 2; - (void) mts_mbstowcs(wcs_hostname, hostname, hostname_len / 2); - srcname_len = (strlen(logr_sysname) + 1) * 2; - (void) mts_mbstowcs(wcs_srcname, logr_sysname, srcname_len / 2); - sh_len = srcname_len + hostname_len; - str_offs = 12 * sizeof (DWORD) + 4 * sizeof (WORD) + sh_len; - } + len = strlen(hostname) + 1; + (void) mts_mbstowcs(wcs_hostname, hostname, len); + hostname_len = len * sizeof (mts_wchar_t); param->status = NT_STATUS_SUCCESS; return (MLRPC_DRC_OK); @@ -337,7 +334,7 @@ logr_s_EventLogQueryCount(void *arg, struct mlrpc_xaction *mxa) return (MLRPC_DRC_OK); } - desc->discrim = (DWORD)data; + desc->discrim = (DWORD)(uintptr_t)data; param->rec_num = data->tot_recnum; param->status = NT_STATUS_SUCCESS; return (MLRPC_DRC_OK); @@ -362,7 +359,7 @@ logr_s_EventLogGetOldestRec(void *arg, struct mlrpc_xaction *mxa) return (MLRPC_DRC_OK); } - data = (read_data_t *)desc->discrim; + data = (read_data_t *)(uintptr_t)desc->discrim; param->oldest_rec = data->log.ix - data->tot_recnum; param->status = NT_STATUS_SUCCESS; return (MLRPC_DRC_OK); @@ -413,8 +410,13 @@ log_get_entry(struct log_info *linfo, int entno) static void set_logrec(log_entry_t *le, DWORD recno, logr_record_t *rec) { + int str_offs; + int sh_len; int len; + sh_len = srcname_len + hostname_len; + str_offs = 12 * sizeof (DWORD) + 4 * sizeof (WORD) + sh_len; + rec->Length1 = sizeof (logr_record_t); rec->Reserved = 0x654C664C; rec->RecordNumber = recno; @@ -469,14 +471,14 @@ logr_s_EventLogRead(void *arg, struct mlrpc_xaction *mxa) return (MLRPC_DRC_OK); } - rdata = (read_data_t *)(desc->discrim); + rdata = (read_data_t *)(uintptr_t)(desc->discrim); if (rdata == 0) { if ((rdata = logr_get_snapshot()) == NULL) { param->status = NT_SC_ERROR(NT_STATUS_NO_MEMORY); return (MLRPC_DRC_OK); } - desc->discrim = (DWORD)rdata; + desc->discrim = (DWORD)(uintptr_t)rdata; } dir = (param->read_flags & EVENTLOG_FORWARDS_READ) ? FWD : REW; diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_lsa.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_lsa.c index 6aa4d716fe..4d770edbc1 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_lsa.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_lsa.c @@ -36,6 +36,7 @@ #include <grp.h> #include <smbsrv/libsmb.h> +#include <smbsrv/libmlrpc.h> #include <smbsrv/libmlsvc.h> #include <smbsrv/mlsvc_util.h> #include <smbsrv/ndl/lsarpc.ndl> @@ -53,6 +54,8 @@ struct local_group_table { char *name; }; +static int lsarpc_call_stub(struct mlrpc_xaction *mxa); + static int lsarpc_s_CloseHandle(void *arg, struct mlrpc_xaction *); static int lsarpc_s_QuerySecurityObject(void *arg, struct mlrpc_xaction *); static int lsarpc_s_EnumAccounts(void *arg, struct mlrpc_xaction *); @@ -117,9 +120,9 @@ static mlrpc_service_t lsarpc_service = { "12345778-1234-abcd-ef000123456789ab", 0, /* abstract */ "8a885d04-1ceb-11c9-9fe808002b104860", 2, /* transfer */ 0, /* no bind_instance_size */ - 0, /* no bind_req() */ - 0, /* no unbind_and_close() */ - 0, /* use generic_call_stub() */ + NULL, /* no bind_req() */ + NULL, /* no unbind_and_close() */ + lsarpc_call_stub, /* call_stub() */ &TYPEINFO(lsarpc_interface), /* interface ti */ lsarpc_stub_table /* stub_table */ }; @@ -135,9 +138,9 @@ static mlrpc_service_t lsarpc_w2k_service = { "3919286a-b10c-11d0-9ba800c04fd92ef5", 0, /* abstract */ "8a885d04-1ceb-11c9-9fe808002b104860", 2, /* transfer */ 0, /* no bind_instance_size */ - 0, /* no bind_req() */ - 0, /* no unbind_and_close() */ - 0, /* use generic_call_stub() */ + NULL, /* no bind_req() */ + NULL, /* no unbind_and_close() */ + lsarpc_call_stub, /* call_stub() */ &TYPEINFO(lsarpc_interface), /* interface ti */ lsarpc_stub_table /* stub_table */ }; @@ -159,6 +162,18 @@ lsarpc_initialize(void) } /* + * Custom call_stub to set the stream string policy. + */ +static int +lsarpc_call_stub(struct mlrpc_xaction *mxa) +{ + MLNDS_SETF(&mxa->send_mlnds, MLNDS_F_NOTERM); + MLNDS_SETF(&mxa->recv_mlnds, MLNDS_F_NOTERM); + + return (mlrpc_generic_call_stub(mxa)); +} + +/* * lsarpc_s_OpenDomainHandle opnum=0x06 * * This is a request to open the LSA (OpenPolicy and OpenPolicy2). diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_sam.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_sam.c index 3b51c05e71..6d22e62127 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_sam.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_sam.c @@ -36,6 +36,7 @@ #include <grp.h> #include <smbsrv/libsmb.h> +#include <smbsrv/libmlrpc.h> #include <smbsrv/ntstatus.h> #include <smbsrv/ntsid.h> #include <smbsrv/smbinfo.h> @@ -66,6 +67,8 @@ #define SAMR_BUILTIN_DOMAIN 0x80000003 #define SAMR_PRIMARY_DOMAIN 0x80000004 +static int samr_call_stub(struct mlrpc_xaction *mxa); + static DWORD samr_s_enum_local_domains(struct samr_EnumLocalDomain *, struct mlrpc_xaction *); @@ -79,9 +82,9 @@ static mlrpc_service_t samr_service = { "12345778-1234-abcd-ef000123456789ac", 1, /* abstract */ "8a885d04-1ceb-11c9-9fe808002b104860", 2, /* transfer */ 0, /* no bind_instance_size */ - 0, /* no bind_req() */ - 0, /* no unbind_and_close() */ - 0, /* use generic_call_stub() */ + NULL, /* no bind_req() */ + NULL, /* no unbind_and_close() */ + samr_call_stub, /* call_stub() */ &TYPEINFO(samr_interface), /* interface ti */ samr_stub_table /* stub_table */ }; @@ -100,6 +103,18 @@ samr_initialize(void) } /* + * Custom call_stub to set the stream string policy. + */ +static int +samr_call_stub(struct mlrpc_xaction *mxa) +{ + MLNDS_SETF(&mxa->send_mlnds, MLNDS_F_NOTERM); + MLNDS_SETF(&mxa->recv_mlnds, MLNDS_F_NOTERM); + + return (mlrpc_generic_call_stub(mxa)); +} + +/* * samr_s_ConnectAnon * * This is a request to connect to the local SAM database. We don't @@ -435,7 +450,7 @@ samr_s_QueryDomainInfo(void *arg, struct mlrpc_xaction *mxa) return (MLRPC_DRC_FAULT_REQUEST_OPNUM_INVALID); }; - param->address = (DWORD)¶m->ru; + param->address = (DWORD)(uintptr_t)¶m->ru; param->switch_value = param->info_level; return (MLRPC_DRC_OK); } @@ -1140,7 +1155,7 @@ samr_s_QueryAliasInfo(void *arg, struct mlrpc_xaction *mxa) goto query_alias_err; }; - param->address = (DWORD)¶m->ru; + param->address = (DWORD)(uintptr_t)¶m->ru; param->status = 0; return (MLRPC_DRC_OK); diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_srvsvc.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_srvsvc.c index 2a9a1f52d0..26cd32ac5d 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_srvsvc.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_srvsvc.c @@ -512,7 +512,8 @@ srvsvc_s_NetShareSetInfo(void *arg, struct mlrpc_xaction *mxa) struct mlsm_NetShareSetInfo *param = arg; (void) memset(param, 0, sizeof (struct mlsm_NetShareSetInfo)); - param->parm_err_ptr = (DWORD)MLRPC_HEAP_MALLOC(mxa, sizeof (DWORD)); + param->parm_err_ptr = (DWORD)(uintptr_t)MLRPC_HEAP_MALLOC(mxa, + sizeof (DWORD)); param->parm_err = 0; smb_config_rdlock(); diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_util.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_util.c index 29cd3f058a..81e3893781 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_util.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_util.c @@ -377,32 +377,15 @@ mlsvc_setadmin_user_info(smb_userinfo_t *user_info) int mlsvc_string_save(ms_string_t *ms, char *str, struct mlrpc_xaction *mxa) { - int length; - char *p; - - if (ms == NULL || str == NULL || mxa == NULL) + if (str == NULL) return (0); - /* - * Windows NT expects the name length to exclude the - * terminating wchar null but doesn't care whether or - * not the allosize includes it. Windows 2000 insists - * that both the length and the allosize include the - * wchar null. - */ - length = mts_wcequiv_strlen(str); - ms->allosize = length + sizeof (mts_wchar_t); - - if (mxa->context->user_ctx->du_native_os == NATIVE_OS_WIN2000) - ms->length = ms->allosize; - else - ms->length = length; + ms->length = mts_wcequiv_strlen(str); + ms->allosize = ms->length + sizeof (mts_wchar_t); - if ((p = MLRPC_HEAP_STRSAVE(mxa, str)) == NULL) { + if ((ms->str = MLRPC_HEAP_STRSAVE(mxa, str)) == NULL) return (0); - } - ms->str = (LPTSTR)p; return (1); } @@ -451,13 +434,12 @@ mlsvc_is_null_handle(mlsvc_handle_t *handle) } /* - * mlsvc_validate_user + * mlsvc_join * * Returns NT status codes. */ DWORD -mlsvc_validate_user(char *server, char *domain, char *plain_user, - char *plain_text) +mlsvc_join(char *server, char *domain, char *plain_user, char *plain_text) { smb_auth_info_t auth; smb_ntdomain_t *di; @@ -487,7 +469,7 @@ mlsvc_validate_user(char *server, char *domain, char *plain_user, return (status); } - erc = mlsvc_user_logon(server, domain, plain_user, plain_text); + erc = mlsvc_logon(server, domain, plain_user); if (erc == AUTH_USER_GRANT) { int isenabled; @@ -496,20 +478,12 @@ mlsvc_validate_user(char *server, char *domain, char *plain_user, isenabled = smb_config_getyorn(SMB_CI_ADS_ENABLE); smb_config_unlock(); if (isenabled) { - if (adjoin(machine_passwd, - sizeof (machine_passwd)) == ADJOIN_SUCCESS) { + if (ads_join(plain_user, plain_text, machine_passwd, + sizeof (machine_passwd)) == ADJOIN_SUCCESS) status = NT_STATUS_SUCCESS; - } else { + else status = NT_STATUS_UNSUCCESSFUL; - } } else { - /* - * Ensure that we don't have an old account in - * this domain. There's no need to check the - * return status. - */ - (void) sam_remove_trust_account(server, domain); - if (mlsvc_user_getauth(server, plain_user, &auth) != 0) { status = NT_STATUS_INVALID_PARAMETER; @@ -526,13 +500,8 @@ mlsvc_validate_user(char *server, char *domain, char *plain_user, } if (status == NT_STATUS_SUCCESS) { - smb_config_wrlock(); - if (smb_config_set(SMB_CI_MACHINE_PASSWD, - machine_passwd) != 0) { - smb_config_unlock(); + if (smb_set_machine_pwd(machine_passwd) != 0) return (NT_STATUS_UNSUCCESSFUL); - } - smb_config_unlock(); /* * If we successfully create a trust account, we mark diff --git a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_winreg.c b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_winreg.c index bd2d5ee26f..9dd5696526 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_winreg.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/mlsvc_winreg.c @@ -356,7 +356,7 @@ winreg_s_QueryValue(void *arg, struct mlrpc_xaction *mxa) pv->vc_first_is = 0; pv->vc_length_is = slen; /*LINTED E_BAD_PTR_CAST_ALIGN*/ - (void) mts_mbstowcs((mts_wchar_t *)pv->value, value, slen); + (void) ndr_mbstowcs(NULL, (mts_wchar_t *)pv->value, value, slen); *param->type = 1; *param->value_size = slen; diff --git a/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c b/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c index 2eb3e78bb7..1b26087fb8 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/netr_auth.c @@ -40,6 +40,7 @@ #include <ctype.h> #include <smbsrv/libsmb.h> +#include <smbsrv/libsmbrdr.h> #include <smbsrv/mlsvc_util.h> #include <smbsrv/ndl/netlogon.ndl> #include <smbsrv/ntstatus.h> @@ -74,7 +75,7 @@ netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags) { netr_info_t *netr_info; int rc; - DWORD random_challenge[2]; + DWORD leout_rc[2]; netr_info = &netr_global_info; bzero(netr_info, sizeof (netr_info_t)); @@ -88,10 +89,9 @@ netlogon_auth(char *server, mlsvc_handle_t *netr_handle, DWORD flags) (void) snprintf(netr_info->server, sizeof (netr_info->server), "\\\\%s", server); - random_challenge[0] = random(); - random_challenge[1] = random(); - - (void) memcpy(&netr_info->client_challenge, random_challenge, + LE_OUT32(&leout_rc[0], random()); + LE_OUT32(&leout_rc[1], random()); + (void) memcpy(&netr_info->client_challenge, leout_rc, sizeof (struct netr_credential)); if ((rc = netr_server_req_challenge(netr_handle, netr_info)) == 0) { @@ -118,12 +118,12 @@ netr_open(char *server, char *domain, mlsvc_handle_t *netr_handle) int remote_os = 0; int remote_lm = 0; int server_pdc; - char *username; + char *user = smbrdr_ipc_get_user(); - if (mlsvc_anonymous_logon(server, domain, &username) != 0) + if (mlsvc_logon(server, domain, user) != 0) return (-1); - fid = mlsvc_open_pipe(server, domain, username, "\\NETLOGON"); + fid = mlsvc_open_pipe(server, domain, user, "\\NETLOGON"); if (fid < 0) return (-1); @@ -293,7 +293,7 @@ netr_gen_session_key(netr_info_t *netr_info) DWORD *server_challenge; int rc; char *machine_passwd; - DWORD new_data[2]; + DWORD le_data[2]; client_challenge = (DWORD *)(uintptr_t)&netr_info->client_challenge; server_challenge = (DWORD *)(uintptr_t)&netr_info->server_challenge; @@ -324,10 +324,10 @@ netr_gen_session_key(netr_info_t *netr_info) data[0] = LE_IN32(&client_challenge[0]) + LE_IN32(&server_challenge[0]); data[1] = LE_IN32(&client_challenge[1]) + LE_IN32(&server_challenge[1]); - LE_OUT32(&new_data[0], data[0]); - LE_OUT32(&new_data[1], data[1]); + LE_OUT32(&le_data[0], data[0]); + LE_OUT32(&le_data[1], data[1]); - rc = smb_auth_DES(buffer, 8, md4hash, 8, (unsigned char *)new_data, 8); + rc = smb_auth_DES(buffer, 8, md4hash, 8, (unsigned char *)le_data, 8); if (rc != SMBAUTH_SUCCESS) return (rc); @@ -369,15 +369,19 @@ netr_gen_credentials(BYTE *session_key, netr_cred_t *challenge, unsigned char buffer[8]; unsigned char partial_key[8]; DWORD data[2]; + DWORD le_data[2]; DWORD *p; int rc; p = (DWORD *)(uintptr_t)challenge; - data[0] = p[0] + LE_IN32(×tamp); - data[1] = p[1]; + data[0] = LE_IN32(&p[0]) + timestamp; + data[1] = LE_IN32(&p[1]); + + LE_OUT32(&le_data[0], data[0]); + LE_OUT32(&le_data[1], data[1]); if (smb_auth_DES(buffer, 8, session_key, 8, - (unsigned char *)data, 8) != SMBAUTH_SUCCESS) + (unsigned char *)le_data, 8) != SMBAUTH_SUCCESS) return (SMBAUTH_FAILURE); bzero(partial_key, 8); diff --git a/usr/src/lib/smbsrv/libmlsvc/common/netr_logon.c b/usr/src/lib/smbsrv/libmlsvc/common/netr_logon.c index d26d6f0dc7..93079001e9 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/netr_logon.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/netr_logon.c @@ -445,11 +445,7 @@ netr_setup_authenticator(netr_info_t *netr_info, { bzero(auth, sizeof (struct netr_authenticator)); -#ifdef _BIG_ENDIAN - netr_info->timestamp = 0; -#else - netr_info->timestamp = time(0) << 8; -#endif + netr_info->timestamp = time(0); auth->timestamp = netr_info->timestamp; if (netr_gen_credentials(netr_info->session_key, diff --git a/usr/src/lib/smbsrv/libmlsvc/common/samlib.c b/usr/src/lib/smbsrv/libmlsvc/common/samlib.c index aa75c2678e..ef303a8b21 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/samlib.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/samlib.c @@ -35,6 +35,7 @@ #include <alloca.h> #include <smbsrv/libsmb.h> +#include <smbsrv/libsmbrdr.h> #include <smbsrv/libmlsvc.h> #include <smbsrv/ntstatus.h> #include <smbsrv/ntaccess.h> @@ -68,7 +69,7 @@ static int get_user_group_info(mlsvc_handle_t *, smb_userinfo_t *); */ int sam_lookup_user_info(char *server, char *domain_name, - char *account_name, char *password, smb_userinfo_t *user_info) + char *account_name, smb_userinfo_t *user_info) { mlsvc_handle_t samr_handle; mlsvc_handle_t domain_handle; @@ -86,35 +87,30 @@ sam_lookup_user_info(char *server, char *domain_name, return (-1); } - rc = samr_open(MLSVC_IPC_USER, server, domain_name, account_name, - password, SAM_LOOKUP_INFORMATION, &samr_handle); - if (rc != 0) - return (-1); -#if 0 - rc = samr_lookup_domain(&samr_handle, domain_name, user_info); + rc = samr_open(server, domain_name, account_name, + SAM_LOOKUP_INFORMATION, &samr_handle); if (rc != 0) return (-1); -#endif sid = (struct samr_sid *)user_info->domain_sid; status = samr_open_domain(&samr_handle, SAM_LOOKUP_INFORMATION, sid, &domain_handle); if (status == 0) { -#if 0 - (void) samr_lookup_domain_names(&domain_handle, account_name, - user_info); -#endif access_mask = STANDARD_RIGHTS_EXECUTE | SAM_ACCESS_USER_READ; - rc = samr_open_user(&domain_handle, access_mask, + status = samr_open_user(&domain_handle, access_mask, user_info->rid, &user_handle); - if (rc == 0) { + if (status == NT_STATUS_SUCCESS) { (void) get_user_group_info(&user_handle, user_info); (void) samr_close_handle(&user_handle); + } else { + rc = -1; } (void) samr_close_handle(&domain_handle); + } else { + rc = -1; } (void) samr_close_handle(&samr_handle); @@ -182,6 +178,18 @@ sam_create_trust_account(char *server, char *domain, smb_auth_info_t *auth) auth, SAMR_AF_WORKSTATION_TRUST_ACCOUNT, user_info); mlsvc_free_user_info(user_info); + + + /* + * Based on network traces, a Windows 2000 client will + * always try to create the computer account first. + * If it existed, then check the user permission to join + * the domain. + */ + + if (status == NT_STATUS_USER_EXISTS) + status = sam_check_user(server, domain, account_name); + return (status); } @@ -211,9 +219,10 @@ sam_create_account(char *server, char *domain_name, char *account_name, DWORD rid; DWORD status; int rc; + char *user = smbrdr_ipc_get_user(); - rc = samr_open(MLSVC_IPC_ADMIN, server, domain_name, 0, 0, - SAM_CONNECT_CREATE_ACCOUNT, &samr_handle); + rc = samr_open(server, domain_name, user, SAM_CONNECT_CREATE_ACCOUNT, + &samr_handle); if (rc != 0) { status = NT_STATUS_OPEN_FAILED; @@ -272,7 +281,6 @@ sam_create_account(char *server, char *domain_name, char *account_name, user_info); if (rc == 0) rid = user_info->rid; - status = 0; } else { smb_tracef("SamCreateAccount[%s]: %s", account_name, xlate_nt_status(status)); @@ -332,12 +340,13 @@ sam_delete_account(char *server, char *domain_name, char *account_name) DWORD access_mask; DWORD status; int rc; + char *user = smbrdr_ipc_get_user(); if ((user_info = mlsvc_alloc_user_info()) == 0) return (NT_STATUS_NO_MEMORY); - rc = samr_open(MLSVC_IPC_ADMIN, server, domain_name, 0, 0, - SAM_LOOKUP_INFORMATION, &samr_handle); + rc = samr_open(server, domain_name, user, SAM_LOOKUP_INFORMATION, + &samr_handle); if (rc != 0) { mlsvc_free_user_info(user_info); @@ -379,9 +388,9 @@ sam_delete_account(char *server, char *domain_name, char *account_name) rid = user_info->rid; access_mask = STANDARD_RIGHTS_EXECUTE | DELETE; - rc = samr_open_user(&domain_handle, access_mask, + status = samr_open_user(&domain_handle, access_mask, rid, &user_handle); - if (rc == 0) { + if (status == NT_STATUS_SUCCESS) { if (samr_delete_user(&user_handle) != 0) (void) samr_close_handle(&user_handle); } @@ -396,6 +405,94 @@ sam_delete_account(char *server, char *domain_name, char *account_name) } /* + * sam_check_user + * + * Check to see if user have permission to access computer account. + * The user being checked is the specified user for joining the Solaris + * host to the domain. + */ +DWORD +sam_check_user(char *server, char *domain_name, char *account_name) +{ + mlsvc_handle_t samr_handle; + mlsvc_handle_t domain_handle; + mlsvc_handle_t user_handle; + smb_userinfo_t *user_info; + struct samr_sid *sid; + DWORD rid; + DWORD access_mask; + DWORD status; + int rc; + char *user = smbrdr_ipc_get_user(); + + if ((user_info = mlsvc_alloc_user_info()) == 0) + return (NT_STATUS_NO_MEMORY); + + rc = samr_open(server, domain_name, user, SAM_LOOKUP_INFORMATION, + &samr_handle); + + if (rc != 0) { + mlsvc_free_user_info(user_info); + return (NT_STATUS_OPEN_FAILED); + } + + if (samr_handle.context->server_os == NATIVE_OS_WIN2000) { + nt_domain_t *ntdp; + + if ((ntdp = nt_domain_lookup_name(domain_name)) == 0) { + (void) lsa_query_account_domain_info(); + if ((ntdp = nt_domain_lookup_name(domain_name)) == 0) { + (void) samr_close_handle(&samr_handle); + return (NT_STATUS_NO_SUCH_DOMAIN); + } + } + + sid = (struct samr_sid *)ntdp->sid; + } else { + if (samr_lookup_domain(&samr_handle, domain_name, user_info) + != 0) { + (void) samr_close_handle(&samr_handle); + mlsvc_free_user_info(user_info); + return (NT_STATUS_NO_SUCH_DOMAIN); + } + + sid = (struct samr_sid *)user_info->domain_sid; + } + + status = samr_open_domain(&samr_handle, SAM_LOOKUP_INFORMATION, sid, + &domain_handle); + if (status == 0) { + mlsvc_release_user_info(user_info); + status = samr_lookup_domain_names(&domain_handle, account_name, + user_info); + + if (status == 0) { + rid = user_info->rid; + + /* + * Win2000 client uses this access mask. The + * following SAMR user specific rights bits are + * set: set password, set attributes, and get + * attributes. + */ + + access_mask = 0xb0; + + status = samr_open_user(&domain_handle, + access_mask, rid, &user_handle); + if (status == NT_STATUS_SUCCESS) + (void) samr_close_handle(&user_handle); + } + + (void) samr_close_handle(&domain_handle); + } + + (void) samr_close_handle(&samr_handle); + mlsvc_free_user_info(user_info); + return (status); +} + +/* * sam_lookup_name * * Lookup an account name in the SAM database on the specified domain @@ -413,14 +510,15 @@ sam_lookup_name(char *server, char *domain_name, char *account_name, struct samr_sid *domain_sid; int rc; DWORD status; + char *user = smbrdr_ipc_get_user(); *rid_ret = 0; if ((user_info = mlsvc_alloc_user_info()) == 0) return (NT_STATUS_NO_MEMORY); - rc = samr_open(MLSVC_IPC_ANON, server, domain_name, 0, 0, - SAM_LOOKUP_INFORMATION, &samr_handle); + rc = samr_open(server, domain_name, user, SAM_LOOKUP_INFORMATION, + &samr_handle); if (rc != 0) { mlsvc_free_user_info(user_info); @@ -469,9 +567,10 @@ sam_get_local_domains(char *server, char *domain_name) mlsvc_handle_t samr_handle; DWORD status; int rc; + char *user = smbrdr_ipc_get_user(); - rc = samr_open(MLSVC_IPC_ANON, server, domain_name, 0, 0, - SAM_ENUM_LOCAL_DOMAIN, &samr_handle); + rc = samr_open(server, domain_name, user, SAM_ENUM_LOCAL_DOMAIN, + &samr_handle); if (rc != 0) return (NT_STATUS_OPEN_FAILED); diff --git a/usr/src/lib/smbsrv/libmlsvc/common/samr_lookup.c b/usr/src/lib/smbsrv/libmlsvc/common/samr_lookup.c index 7eccd83e22..e20b6404d7 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/samr_lookup.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/samr_lookup.c @@ -523,7 +523,8 @@ samr_set_user_logon_hours(struct samr_SetUserInfo *sui) (void) memset(sui->logon_hours.bitmap, 0xFF, SAMR_SET_USER_HOURS_SZ); sui->info.ru.info23.logon_info.units = SAMR_HOURS_PER_WEEK; - sui->info.ru.info23.logon_info.hours = (DWORD)sui->logon_hours.bitmap; + sui->info.ru.info23.logon_info.hours = + (DWORD)(uintptr_t)sui->logon_hours.bitmap; } /* diff --git a/usr/src/lib/smbsrv/libmlsvc/common/samr_open.c b/usr/src/lib/smbsrv/libmlsvc/common/samr_open.c index 38dca838cd..233acdf84d 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/samr_open.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/samr_open.c @@ -66,50 +66,32 @@ static DWORD samr_connect4(char *, char *, char *, DWORD, mlsvc_handle_t *); * name. We store the remote server's native OS type - we may need it * due to differences between platforms like NT and Windows 2000. * + * If username argument is NULL, an anonymous connection will be established. + * Otherwise, an authenticated connection will be established. + * * On success 0 is returned. Otherwise a -ve error code. */ int -samr_open(int ipc_mode, char *server, char *domain, char *username, - char *password, DWORD access_mask, mlsvc_handle_t *samr_handle) +samr_open(char *server, char *domain, char *username, DWORD access_mask, + mlsvc_handle_t *samr_handle) { smb_ntdomain_t *di; int remote_os; int remote_lm; int rc; - if ((di = smb_getdomaininfo(0)) == NULL) - return (-1); - if (server == NULL || domain == NULL) { - server = di->server; - domain = di->domain; - } - - switch (ipc_mode) { - case MLSVC_IPC_USER: - /* - * Use the supplied credentials. - */ - rc = mlsvc_user_logon(server, domain, username, password); - break; + if ((di = smb_getdomaininfo(0)) == NULL) + return (-1); - case MLSVC_IPC_ADMIN: - /* - * Use the resource domain administrator credentials. - */ server = di->server; domain = di->domain; - username = smbrdr_ipc_get_user(); - - rc = mlsvc_admin_logon(server, domain); - break; - - case MLSVC_IPC_ANON: - default: - rc = mlsvc_anonymous_logon(server, domain, &username); - break; } + if (username == NULL) + username = MLSVC_ANON_USER; + rc = mlsvc_logon(server, domain, username); + if (rc != 0) return (-1); @@ -483,18 +465,18 @@ samr_open_domain(mlsvc_handle_t *samr_handle, DWORD access_mask, * Once you have a user handle it should be possible to query the SAM * for information on that user. */ -int +DWORD samr_open_user(mlsvc_handle_t *domain_handle, DWORD access_mask, DWORD rid, mlsvc_handle_t *user_handle) { struct samr_OpenUser arg; struct mlsvc_rpc_context *context; mlrpc_heapref_t heap; - int opnum; - int rc; + int opnum, rc; + DWORD status = NT_STATUS_SUCCESS; if (mlsvc_is_null_handle(domain_handle) || user_handle == NULL) - return (-1); + return (NT_STATUS_INVALID_PARAMETER); context = domain_handle->context; opnum = SAMR_OPNUM_OpenUser; @@ -506,22 +488,22 @@ samr_open_user(mlsvc_handle_t *domain_handle, DWORD access_mask, DWORD rid, (void) mlsvc_rpc_init(&heap); rc = mlsvc_rpc_call(context, opnum, &arg, &heap); - if (rc == 0) { - if (arg.status != 0) { - mlsvc_rpc_report_status(opnum, arg.status); - rc = -1; - } else { - (void) memcpy(&user_handle->handle, &arg.user_handle, - sizeof (ms_handle_t)); - user_handle->context = context; + if (rc != 0) { + status = NT_STATUS_UNSUCCESSFUL; + } else if (arg.status != 0) { + mlsvc_rpc_report_status(opnum, arg.status); + status = NT_SC_VALUE(arg.status); + } else { + (void) memcpy(&user_handle->handle, &arg.user_handle, + sizeof (ms_handle_t)); + user_handle->context = context; - if (mlsvc_is_null_handle(user_handle)) - rc = -1; - } + if (mlsvc_is_null_handle(user_handle)) + status = NT_STATUS_INVALID_HANDLE; } mlsvc_rpc_free(context, &heap); - return (rc); + return (status); } /* diff --git a/usr/src/lib/smbsrv/libmlsvc/common/smb_autohome.c b/usr/src/lib/smbsrv/libmlsvc/common/smb_autohome.c index a9810bd538..6d0610add3 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/smb_autohome.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/smb_autohome.c @@ -370,6 +370,7 @@ smb_autohome_keysub(const char *name, char *buf, int buflen) char key[SMB_AUTOHOME_KEYSIZ]; char *ampersand; char *tmp; + int bufsize = buflen; (void) strlcpy(key, buf, SMB_AUTOHOME_KEYSIZ); @@ -378,6 +379,12 @@ smb_autohome_keysub(const char *name, char *buf, int buflen) *tmp = '\0'; + /* + * Substitution characters are not allowed in the key. + */ + if (strpbrk(key, "?&") != NULL) + return (NULL); + if (strcmp(key, "*") == 0 && name != NULL) (void) strlcpy(key, name, SMB_AUTOHOME_KEYSIZ); @@ -387,8 +394,9 @@ smb_autohome_keysub(const char *name, char *buf, int buflen) if ((tmp = strdup(ampersand + 1)) == NULL) return (0); - (void) strlcpy(ampersand, key, buflen); - (void) strlcat(ampersand, tmp, buflen); + bufsize = buflen - (ampersand - buf); + (void) strlcpy(ampersand, key, bufsize); + (void) strlcat(ampersand, tmp, bufsize); free(tmp); } diff --git a/usr/src/lib/smbsrv/libmlsvc/common/srvsvc_client.c b/usr/src/lib/smbsrv/libmlsvc/common/srvsvc_client.c index aa9b12d241..3dca443d1a 100644 --- a/usr/src/lib/smbsrv/libmlsvc/common/srvsvc_client.c +++ b/usr/src/lib/smbsrv/libmlsvc/common/srvsvc_client.c @@ -58,48 +58,31 @@ static int srvsvc_net_remote_tod(char *, char *, struct timeval *, struct tm *); * Ensure that an appropriate session and logon exists for the srvsvc * client calls. Open and bind the RPC interface. * + * If username argument is NULL, an anonymous connection will be established. + * Otherwise, an authenticated connection will be established. + * * On success 0 is returned. Otherwise a -ve error code. */ -int -srvsvc_open(int ipc_mode, char *server, char *domain, char *username, - char *password, mlsvc_handle_t *handle, mlrpc_heapref_t *heapref) +static int +srvsvc_open(char *server, char *domain, char *username, + mlsvc_handle_t *handle, mlrpc_heapref_t *heapref) { smb_ntdomain_t *di; int fid; int rc; - if ((di = smb_getdomaininfo(0)) == NULL) - return (-1); - if (server == NULL || domain == NULL) { - server = di->server; - domain = di->domain; - } + if ((di = smb_getdomaininfo(0)) == NULL) + return (-1); - switch (ipc_mode) { - case MLSVC_IPC_USER: - /* - * Use the supplied credentials. - */ - rc = mlsvc_user_logon(server, domain, username, password); - break; - - case MLSVC_IPC_ADMIN: - /* - * Use the resource domain administrator credentials. - */ server = di->server; domain = di->domain; - username = smbrdr_ipc_get_user(); + } - rc = mlsvc_admin_logon(server, domain); - break; + if (username == NULL) + username = MLSVC_ANON_USER; - case MLSVC_IPC_ANON: - default: - rc = mlsvc_anonymous_logon(server, domain, &username); - break; - } + rc = mlsvc_logon(server, domain, username); if (rc != 0) return (-1); @@ -145,18 +128,16 @@ srvsvc_net_share_get_info(char *server, char *domain, char *netname) struct mslm_NetShareGetInfo0 *info0; struct mslm_NetShareGetInfo1 *info1; struct mslm_NetShareGetInfo2 *info2; - int ipc_mode; int len; + char *user = NULL; if (netname == NULL) return (-1); if (srvsvc_info_level == 2) - ipc_mode = MLSVC_IPC_ADMIN; - else - ipc_mode = MLSVC_IPC_ANON; + user = smbrdr_ipc_get_user(); - rc = srvsvc_open(ipc_mode, server, domain, 0, 0, &handle, &heap); + rc = srvsvc_open(server, domain, user, &handle, &heap); if (rc != 0) return (-1); @@ -240,11 +221,12 @@ srvsvc_net_session_enum(char *server, char *domain, char *netname) struct mslm_infonres infonres; struct mslm_SESSION_INFO_1 *nsi1; int len; + char *user = smbrdr_ipc_get_user(); if (netname == NULL) return (-1); - rc = srvsvc_open(MLSVC_IPC_ADMIN, server, domain, 0, 0, &handle, &heap); + rc = srvsvc_open(server, domain, user, &handle, &heap); if (rc != 0) return (-1); @@ -305,11 +287,12 @@ srvsvc_net_connect_enum(char *server, char *domain, char *netname, int level) struct mslm_NetConnectInfo0 info0; struct mslm_NetConnectInfoBuf1 *cib1; int len; + char *user = smbrdr_ipc_get_user(); if (netname == NULL) return (-1); - rc = srvsvc_open(MLSVC_IPC_ADMIN, server, domain, 0, 0, &handle, &heap); + rc = srvsvc_open(server, domain, user, &handle, &heap); if (rc != 0) return (-1); @@ -476,8 +459,9 @@ srvsvc_net_remote_tod(char *server, char *domain, struct timeval *tv, int rc; int opnum; int len; + char *user = smbrdr_ipc_get_user(); - rc = srvsvc_open(MLSVC_IPC_ANON, server, domain, 0, 0, &handle, &heap); + rc = srvsvc_open(server, domain, user, &handle, &heap); if (rc != 0) return (-1); diff --git a/usr/src/lib/smbsrv/libmlsvc/i386/Makefile b/usr/src/lib/smbsrv/libmlsvc/i386/Makefile index f91f0270e9..710c9eb3dd 100644 --- a/usr/src/lib/smbsrv/libmlsvc/i386/Makefile +++ b/usr/src/lib/smbsrv/libmlsvc/i386/Makefile @@ -27,4 +27,6 @@ include ../Makefile.com +DYNFLAGS += -R/usr/lib/smbsrv + install: all $(ROOTLIBS) $(ROOTLINKS) $(ROOTLINT) diff --git a/usr/src/lib/smbsrv/libmlsvc/sparc/Makefile b/usr/src/lib/smbsrv/libmlsvc/sparc/Makefile index f91f0270e9..710c9eb3dd 100644 --- a/usr/src/lib/smbsrv/libmlsvc/sparc/Makefile +++ b/usr/src/lib/smbsrv/libmlsvc/sparc/Makefile @@ -27,4 +27,6 @@ include ../Makefile.com +DYNFLAGS += -R/usr/lib/smbsrv + install: all $(ROOTLIBS) $(ROOTLINKS) $(ROOTLINT) diff --git a/usr/src/lib/smbsrv/libmlsvc/sparcv9/Makefile b/usr/src/lib/smbsrv/libmlsvc/sparcv9/Makefile index a2f97019c8..e18b286b0a 100644 --- a/usr/src/lib/smbsrv/libmlsvc/sparcv9/Makefile +++ b/usr/src/lib/smbsrv/libmlsvc/sparcv9/Makefile @@ -25,7 +25,17 @@ # ident "%Z%%M% %I% %E% SMI" # +MACH_LDLIBS += -L$(ROOT)/usr/lib/smbsrv/$(MACH64) + include ../Makefile.com include ../../../Makefile.lib.64 +# With the adition of BIND 8.3.3, the symbol table for 64 bit went over +# the limit for Kpic, so we add -KPIC here, for just the 64 bit SPARC +# library. This avoids compiling the 32-bit library with PIC unnecessarily. +sparcv9_C_PICFLAGS = -K PIC +sparcv9_CC_PICFLAGS = -KPIC + +DYNFLAGS += -R/usr/lib/smbsrv/$(MACH64) + install: all $(ROOTLIBS64) $(ROOTLINKS64) $(ROOTLINT64) |