1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23  * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
24  * Copyright 2023 RackTop Systems, Inc.
25  */
26 
27 #ifndef _IDMAP_CONFIG_H
28 #define	_IDMAP_CONFIG_H
29 
30 
31 #include "idmap.h"
32 #include "addisc.h"
33 #include <libscf.h>
34 #include <synch.h>
35 #include <sys/uuid.h>
36 
37 #ifdef __cplusplus
38 extern "C" {
39 #endif
40 
41 #define	MAX_POLICY_SIZE 1023
42 
43 #define	DIRECTORY_MAPPING_NONE	0
44 #define	DIRECTORY_MAPPING_NAME	1
45 #define	DIRECTORY_MAPPING_IDMU	2
46 
47 struct enum_lookup_map {
48 	int value;
49 	char *string;
50 };
51 
52 extern struct enum_lookup_map directory_mapping_map[];
53 extern const char *enum_lookup(int value, struct enum_lookup_map *map);
54 
55 /* SMF and auto-discovery context handles */
56 typedef struct idmap_cfg_handles {
57 	pthread_mutex_t		mutex;
58 	scf_handle_t		*main;
59 	scf_instance_t		*instance;
60 	scf_service_t		*service;
61 	scf_propertygroup_t	*config_pg;
62 	scf_propertygroup_t	*debug_pg;
63 	ad_disc_t		ad_ctx;
64 } idmap_cfg_handles_t;
65 
66 /*
67  * This structure stores AD and AD-related configuration
68  */
69 typedef struct idmap_trustedforest {
70 	char		*forest_name;
71 	ad_disc_ds_t	*global_catalog;	/* global catalog hosts */
72 	ad_disc_domainsinforest_t
73 			*domains_in_forest;
74 } idmap_trustedforest_t;
75 
76 
77 typedef struct idmap_pg_config {
78 	uint64_t	list_size_limit;
79 	uint64_t	max_threads;
80 	uint64_t	discovery_retry_max_delay;
81 	uint64_t	id_cache_timeout;
82 	uint64_t	name_cache_timeout;
83 	uint64_t	rediscovery_interval;
84 	char		*machine_uuid;		/* machine uuid */
85 	char		*machine_sid;		/* machine sid */
86 	char		*default_domain;	/* default domain name */
87 	char		*domain_name;		/* AD domain name */
88 	boolean_t	domain_name_auto_disc;
89 	char		*domain_guid;		/* GUID (string) */
90 	boolean_t	domain_guid_auto_disc;
91 	char		**cfg_domain_controller;
92 	ad_disc_ds_t	*domain_controller;	/* domain controller hosts */
93 	boolean_t	domain_controller_auto_disc;
94 	char		*forest_name;		/* forest name */
95 	boolean_t	forest_name_auto_disc;
96 	char		*site_name;		/* site name */
97 	boolean_t	site_name_auto_disc;
98 	char		**cfg_global_catalog;
99 	ad_disc_ds_t	*global_catalog;	/* global catalog hosts */
100 	boolean_t	global_catalog_auto_disc;
101 	ad_disc_domainsinforest_t
102 			*domains_in_forest;
103 	ad_disc_trusteddomains_t
104 			*trusted_domains;	/* Trusted Domains */
105 	int		num_trusted_forests;
106 	idmap_trustedforest_t
107 			*trusted_forests;	/* Array of trusted forests */
108 
109 	char		**cfg_preferred_dc;
110 	ad_disc_ds_t	*preferred_dc;
111 	boolean_t	preferred_dc_auto_disc;
112 
113 	/*
114 	 * Following properties are associated with directory-based
115 	 * name-mappings.
116 	 */
117 	char		*ad_unixuser_attr;
118 	char		*ad_unixgroup_attr;
119 	char		*nldap_winname_attr;
120 	int		directory_based_mapping;	/* enum */
121 	boolean_t	eph_map_unres_sids;
122 	boolean_t	use_ads;
123 	boolean_t	use_lsa;
124 	boolean_t	disable_cross_forest_trusts;
125 } idmap_pg_config_t;
126 
127 typedef struct idmap_cfg {
128 	idmap_pg_config_t	pgcfg;	    /* live AD/ID mapping config */
129 	idmap_cfg_handles_t	handles;
130 	int			initialized;
131 } idmap_cfg_t;
132 
133 
134 extern void		idmap_cfg_unload(idmap_pg_config_t *);
135 extern int		idmap_cfg_load(idmap_cfg_t *, int);
136 extern idmap_cfg_t	*idmap_cfg_init(void);
137 extern int		idmap_cfg_fini(idmap_cfg_t *);
138 extern int		idmap_cfg_upgrade(idmap_cfg_t *);
139 extern int		idmap_cfg_start_updates(void);
140 extern void		idmap_cfg_poke_updates(void);
141 extern void		idmap_cfg_force_rediscovery(void);
142 extern void		idmap_cfg_hup_handler(int);
143 
144 #define	CFG_DISCOVER		0x1	/* Run discovery */
145 #define	CFG_FORGET_DC		0x2	/* Forget current DC. */
146 #define	CFG_LOG			0x4
147 
148 #ifdef __cplusplus
149 }
150 #endif
151 
152 #endif /* _IDMAP_CONFIG_H */
153