Lines Matching refs:token
59 static uint32_t smb_token_setup_anon(smb_token_t *token);
71 smb_token_idmap(smb_token_t *token, smb_idmap_batch_t *sib) in smb_token_idmap() argument
78 if (!token || !sib) in smb_token_idmap()
83 if (token->tkn_flags & SMB_ATF_ANON) { in smb_token_idmap()
84 token->tkn_user.i_id = UID_NOBODY; in smb_token_idmap()
85 token->tkn_owner.i_id = UID_NOBODY; in smb_token_idmap()
88 id = &token->tkn_user; in smb_token_idmap()
97 id = &token->tkn_owner; in smb_token_idmap()
107 id = &token->tkn_primary_grp; in smb_token_idmap()
116 for (i = 0; i < token->tkn_win_grps.i_cnt; i++, sim++) { in smb_token_idmap()
117 id = &token->tkn_win_grps.i_ids[i]; in smb_token_idmap()
152 smb_token_sids2ids(smb_token_t *token) in smb_token_sids2ids() argument
162 if (token->tkn_flags & SMB_ATF_ANON) in smb_token_sids2ids()
163 nmaps = token->tkn_win_grps.i_cnt + 1; in smb_token_sids2ids()
165 nmaps = token->tkn_win_grps.i_cnt + 3; in smb_token_sids2ids()
172 stat = smb_token_idmap(token, &sib); in smb_token_sids2ids()
183 (token->tkn_domain_name) ? in smb_token_sids2ids()
184 token->tkn_domain_name : "?", in smb_token_sids2ids()
185 (token->tkn_account_name) ? in smb_token_sids2ids()
186 token->tkn_account_name : "?", in smb_token_sids2ids()
273 smb_token_destroy(smb_token_t *token) in smb_token_destroy() argument
275 if (token != NULL) { in smb_token_destroy()
276 smb_sid_free(token->tkn_user.i_sid); in smb_token_destroy()
277 smb_sid_free(token->tkn_owner.i_sid); in smb_token_destroy()
278 smb_sid_free(token->tkn_primary_grp.i_sid); in smb_token_destroy()
279 smb_ids_free(&token->tkn_win_grps); in smb_token_destroy()
280 smb_privset_free(token->tkn_privileges); in smb_token_destroy()
281 free(token->tkn_posix_grps); in smb_token_destroy()
282 free(token->tkn_account_name); in smb_token_destroy()
283 free(token->tkn_domain_name); in smb_token_destroy()
284 free(token->tkn_ssnkey.val); in smb_token_destroy()
285 bzero(token, sizeof (smb_token_t)); in smb_token_destroy()
286 free(token); in smb_token_destroy()
297 smb_token_set_owner(smb_token_t *token) in smb_token_set_owner() argument
302 if (token->tkn_flags & SMB_ATF_ADMIN) { in smb_token_set_owner()
306 owner_sid = token->tkn_user->i_sid; in smb_token_set_owner()
309 token->tkn_owner.i_sid = smb_sid_dup(owner_sid); in smb_token_set_owner()
311 token->tkn_owner.i_sid = smb_sid_dup(token->tkn_user.i_sid); in smb_token_set_owner()
315 smb_token_create_privs(smb_token_t *token) in smb_token_create_privs() argument
332 if (smb_lgrp_is_member(&grp, token->tkn_user.i_sid)) in smb_token_create_privs()
338 if (token->tkn_flags & SMB_ATF_ADMIN) { in smb_token_create_privs()
359 if ((token->tkn_flags & SMB_ATF_ANON) == 0 && in smb_token_create_privs()
367 smb_token_set_flags(smb_token_t *token) in smb_token_set_flags() argument
369 if (smb_token_is_member(token, smb_wka_get_sid("Administrators"))) in smb_token_set_flags()
370 token->tkn_flags |= SMB_ATF_ADMIN; in smb_token_set_flags()
372 if (smb_token_is_member(token, smb_wka_get_sid("Power Users"))) in smb_token_set_flags()
373 token->tkn_flags |= SMB_ATF_POWERUSER; in smb_token_set_flags()
375 if (smb_token_is_member(token, smb_wka_get_sid("Backup Operators"))) in smb_token_set_flags()
376 token->tkn_flags |= SMB_ATF_BACKUPOP; in smb_token_set_flags()
389 smb_token_setup_common(smb_token_t *token) in smb_token_setup_common() argument
391 smb_token_set_flags(token); in smb_token_setup_common()
393 smb_token_set_owner(token); in smb_token_setup_common()
394 if (token->tkn_owner.i_sid == NULL) in smb_token_setup_common()
398 token->tkn_privileges = smb_token_create_privs(token); in smb_token_setup_common()
399 if (token->tkn_privileges == NULL) in smb_token_setup_common()
402 if (smb_token_sids2ids(token) != 0) { in smb_token_setup_common()
404 token->tkn_domain_name, token->tkn_account_name); in smb_token_setup_common()
409 token->tkn_posix_grps = smb_token_create_pxgrps(token->tkn_user.i_id); in smb_token_setup_common()
411 return (smb_token_valid(token)); in smb_token_setup_common()
468 smb_token_t *token = NULL; in smb_logon() local
480 if ((token = calloc(1, sizeof (smb_token_t))) == NULL) { in smb_logon()
493 (*ops[i])(user_info, token); in smb_logon()
500 if (smb_token_setup_common(token)) in smb_logon()
501 return (token); /* success */ in smb_logon()
510 smb_token_destroy(token); in smb_logon()
534 smb_logon_local(smb_logon_t *user_info, smb_token_t *token) in smb_logon_local() argument
555 status = smb_token_auth_local(user_info, token, &smbpw); in smb_logon_local()
557 status = smb_token_setup_local(&smbpw, token); in smb_logon_local()
574 smb_logon_guest(smb_logon_t *user_info, smb_token_t *token) in smb_logon_guest() argument
602 user_info->lg_status = smb_token_setup_guest(user_info, token); in smb_logon_guest()
611 smb_logon_anon(smb_logon_t *user_info, smb_token_t *token) in smb_logon_anon() argument
614 user_info->lg_status = smb_token_setup_anon(token); in smb_logon_anon()
622 smb_token_auth_local(smb_logon_t *user_info, smb_token_t *token, in smb_token_auth_local() argument
643 token->tkn_ssnkey.val = malloc(SMBAUTH_SESSION_KEY_SZ); in smb_token_auth_local()
644 if (token->tkn_ssnkey.val == NULL) in smb_token_auth_local()
646 token->tkn_ssnkey.len = SMBAUTH_SESSION_KEY_SZ; in smb_token_auth_local()
658 token->tkn_ssnkey.val); in smb_token_auth_local()
662 free(token->tkn_ssnkey.val); in smb_token_auth_local()
663 token->tkn_ssnkey.val = NULL; in smb_token_auth_local()
664 token->tkn_ssnkey.len = 0; in smb_token_auth_local()
678 smb_token_setup_local(smb_passwd_t *smbpw, smb_token_t *token) in smb_token_setup_local() argument
688 token->tkn_account_name = strdup(smbpw->pw_name); in smb_token_setup_local()
689 token->tkn_domain_name = strdup(nbname); in smb_token_setup_local()
691 if (token->tkn_account_name == NULL || in smb_token_setup_local()
692 token->tkn_domain_name == NULL) in smb_token_setup_local()
732 token->tkn_user.i_sid = smb_sid_dup(umap->sim_sid); in smb_token_setup_local()
733 token->tkn_primary_grp.i_sid = smb_sid_dup(gmap->sim_sid); in smb_token_setup_local()
737 if (token->tkn_user.i_sid == NULL || in smb_token_setup_local()
738 token->tkn_primary_grp.i_sid == NULL) in smb_token_setup_local()
741 return (smb_token_setup_wingrps(token)); in smb_token_setup_local()
748 smb_token_setup_guest(smb_logon_t *user_info, smb_token_t *token) in smb_token_setup_guest() argument
750 token->tkn_account_name = strdup(user_info->lg_e_username); in smb_token_setup_guest()
753 token->tkn_domain_name = strdup(smb_guest.a_domain); in smb_token_setup_guest()
754 token->tkn_user.i_sid = smb_sid_dup(smb_guest.a_sid); in smb_token_setup_guest()
755 token->tkn_primary_grp.i_sid = smb_sid_dup(smb_domusers.a_sid); in smb_token_setup_guest()
757 token->tkn_flags = SMB_ATF_GUEST; in smb_token_setup_guest()
764 token->tkn_ssnkey.val = calloc(1, SMBAUTH_SESSION_KEY_SZ); in smb_token_setup_guest()
766 if (token->tkn_account_name == NULL || in smb_token_setup_guest()
767 token->tkn_domain_name == NULL || in smb_token_setup_guest()
768 token->tkn_user.i_sid == NULL || in smb_token_setup_guest()
769 token->tkn_primary_grp.i_sid == NULL || in smb_token_setup_guest()
770 token->tkn_ssnkey.val == NULL) in smb_token_setup_guest()
773 token->tkn_ssnkey.len = SMBAUTH_SESSION_KEY_SZ; in smb_token_setup_guest()
774 return (smb_token_setup_wingrps(token)); in smb_token_setup_guest()
781 smb_token_setup_anon(smb_token_t *token) in smb_token_setup_anon() argument
785 token->tkn_account_name = strdup("Anonymous"); in smb_token_setup_anon()
786 token->tkn_domain_name = strdup("NT Authority"); in smb_token_setup_anon()
788 token->tkn_user.i_sid = smb_sid_dup(user_sid); in smb_token_setup_anon()
789 token->tkn_primary_grp.i_sid = smb_sid_dup(user_sid); in smb_token_setup_anon()
790 token->tkn_flags = SMB_ATF_ANON; in smb_token_setup_anon()
797 token->tkn_ssnkey.val = calloc(1, SMBAUTH_SESSION_KEY_SZ); in smb_token_setup_anon()
799 if (token->tkn_account_name == NULL || in smb_token_setup_anon()
800 token->tkn_domain_name == NULL || in smb_token_setup_anon()
801 token->tkn_user.i_sid == NULL || in smb_token_setup_anon()
802 token->tkn_primary_grp.i_sid == NULL || in smb_token_setup_anon()
803 token->tkn_ssnkey.val == NULL) in smb_token_setup_anon()
806 token->tkn_ssnkey.len = SMBAUTH_SESSION_KEY_SZ; in smb_token_setup_anon()
807 return (smb_token_setup_wingrps(token)); in smb_token_setup_anon()
817 smb_token_user_sid(smb_token_t *token) in smb_token_user_sid() argument
819 return ((token) ? token->tkn_user.i_sid : NULL); in smb_token_user_sid()
837 smb_token_group_sid(smb_token_t *token, int *iterator) in smb_token_group_sid() argument
841 if (token == NULL || iterator == NULL) in smb_token_group_sid()
844 if (token->tkn_win_grps.i_ids == NULL) in smb_token_group_sid()
849 if (index < 0 || index >= token->tkn_win_grps.i_cnt) in smb_token_group_sid()
853 return (token->tkn_win_grps.i_ids[index].i_sid); in smb_token_group_sid()
864 smb_token_is_member(smb_token_t *token, smb_sid_t *sid) in smb_token_is_member() argument
869 if (token == NULL || sid == NULL) in smb_token_is_member()
872 tsid = smb_token_user_sid(token); in smb_token_is_member()
877 tsid = smb_token_group_sid(token, &iterator); in smb_token_is_member()
889 smb_token_log(smb_token_t *token) in smb_token_log() argument
897 if (token == NULL) in smb_token_log()
901 (token->tkn_domain_name) ? token->tkn_domain_name : "-NULL-", in smb_token_log()
902 (token->tkn_account_name) ? token->tkn_account_name : "-NULL-"); in smb_token_log()
904 syslog(LOG_DEBUG, " User->Attr: %d", token->tkn_user.i_attrs); in smb_token_log()
905 smb_sid_tostr((smb_sid_t *)token->tkn_user.i_sid, sidstr); in smb_token_log()
907 token->tkn_user.i_id); in smb_token_log()
909 smb_sid_tostr((smb_sid_t *)token->tkn_owner.i_sid, sidstr); in smb_token_log()
911 sidstr, token->tkn_owner.i_id); in smb_token_log()
913 smb_sid_tostr((smb_sid_t *)token->tkn_primary_grp.i_sid, sidstr); in smb_token_log()
915 sidstr, token->tkn_primary_grp.i_id); in smb_token_log()
917 w_grps = &token->tkn_win_grps; in smb_token_log()
935 x_grps = token->tkn_posix_grps; in smb_token_log()
944 if (token->tkn_privileges) in smb_token_log()
945 smb_privset_log(token->tkn_privileges); in smb_token_log()
960 smb_token_setup_wingrps(smb_token_t *token) in smb_token_setup_wingrps() argument
974 tkn_grps.i_ids->i_sid = smb_sid_dup(token->tkn_primary_grp.i_sid); in smb_token_setup_wingrps()
975 tkn_grps.i_ids->i_attrs = token->tkn_primary_grp.i_attrs; in smb_token_setup_wingrps()
981 status = smb_sam_usr_groups(token->tkn_user.i_sid, &tkn_grps); in smb_token_setup_wingrps()
987 status = smb_wka_token_groups(token->tkn_flags, &tkn_grps); in smb_token_setup_wingrps()
993 token->tkn_win_grps = tkn_grps; in smb_token_setup_wingrps()