1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
24  * Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
25  * Copyright (c) 2016 by Delphix. All rights reserved.
26  */
27 
28 #ifndef _SMB_SHARE_H
29 #define	_SMB_SHARE_H
30 
31 #include <sys/param.h>
32 #include <smb/lmerr.h>
33 #include <smb/wintypes.h>
34 #include <smbsrv/string.h>
35 #include <smbsrv/smb_inet.h>
36 #include <smbsrv/hash_table.h>
37 #include <smbsrv/smbinfo.h>
38 
39 #if !defined(_KERNEL) && !defined(_FAKE_KERNEL)
40 #include <libshare.h>
41 #endif
42 
43 #ifdef __cplusplus
44 extern "C" {
45 #endif
46 
47 #define	SMB_CVOL		"/var/smb/cvol"
48 #define	SMB_SYSROOT		SMB_CVOL "/windows"
49 #define	SMB_SYSTEM32		SMB_SYSROOT "/system32"
50 #define	SMB_VSS			SMB_SYSTEM32 "/vss"
51 
52 /* Exported named pipes are in... */
53 #define	SMB_PIPE_DIR		"/var/smb/pipe"
54 
55 /*
56  * Share Properties:
57  *
58  * name			Advertised name of the share
59  *
60  * ad-container		Active directory container in which the share
61  *			will be published
62  *
63  * abe			Determines whether Access Based Enumeration is applied
64  *			to a share
65  *
66  * csc			Client-side caching (CSC) options applied to this share
67  *	disabled	The client MUST NOT cache any files
68  *	manual		The client should not automatically cache every file
69  *			that it	opens
70  *	auto		The client may cache every file that it opens
71  *	vdo		The client may cache every file that it opens
72  *			and satisfy file requests from its local cache.
73  *
74  * catia		CATIA character substitution
75  *
76  * guestok		Determines whether guest access is allowed
77  *
78  * quotas		SMB quotas presented & supported (T/F)
79  *
80  * encrypt		Controls SMB3 encryption per-share.
81  *	disabled	Server does not tell the client to encrypt requests.
82  *	enabled		Server asks, but does not require, that the client
83  *			encrypt its requests.
84  *	required	Server denies unencrypted share access.
85  *
86  * next three properties use access-list a la NFS
87  *
88  * ro			list of hosts that will have read-only access
89  * rw			list of hosts that will have read/write access
90  * none			list of hosts that won't be allowed access
91  */
92 #define	SHOPT_AD_CONTAINER	"ad-container"
93 #define	SHOPT_ABE		"abe"
94 #define	SHOPT_NAME		"name"
95 #define	SHOPT_CA		"ca"
96 #define	SHOPT_CSC		"csc"
97 #define	SHOPT_CATIA		"catia"
98 #define	SHOPT_GUEST		"guestok"
99 #define	SHOPT_RO		"ro"
100 #define	SHOPT_RW		"rw"
101 #define	SHOPT_NONE		"none"
102 #define	SHOPT_DFSROOT		"dfsroot"
103 #define	SHOPT_DESCRIPTION	"description"
104 #define	SHOPT_QUOTAS		"quotas"
105 #define	SHOPT_FSO		"fso"	/* Force Shared Oplocks */
106 #define	SHOPT_ENCRYPT		"encrypt"
107 #define	SHOPT_AUTOHOME		"Autohome"
108 
109 #define	SMB_DEFAULT_SHARE_GROUP	"smb"
110 #define	SMB_PROTOCOL_NAME	"smb"
111 
112 /*
113  * RAP protocol share related commands only understand
114  * share names in OEM format and there is a 13 char size
115  * limitation
116  */
117 #define	SMB_SHARE_OEMNAME_MAX		13
118 #define	SMB_SHARE_NTNAME_MAX		81
119 #define	SMB_SHARE_CMNT_MAX		(64 * MTS_MB_CHAR_MAX)
120 
121 /*
122  *	struct SHARE_INFO_1 {
123  *		char		shi1_netname[13]
124  *		char		shi1_pad;
125  *		unsigned short	shi1_type
126  *		char		*shi1_remark;
127  *	}
128  */
129 #define	SHARE_INFO_1_SIZE	(SMB_SHARE_OEMNAME_MAX + 1 + 2 + 4)
130 
131 /*
132  * Share flags:
133  *
134  * There are two types of flags:
135  *
136  *   - flags that represent a share property
137  *   - other flags set at runtime
138  *
139  * Property flags:
140  *
141  * SMB_SHRF_CSC_DISABLED	Client-side caching is disabled for this share
142  * SMB_SHRF_CSC_MANUAL	Manual client-side caching is allowed
143  * SMB_SHRF_CSC_AUTO	Automatic client-side caching (CSC) is allowed
144  * SMB_SHRF_CSC_VDO	Automatic CSC and local cache lookup is allowed
145  * SMB_SHRF_ACC_OPEN	No restrictions set
146  * SMB_SHRF_ACC_NONE	"none" property set
147  * SMB_SHRF_ACC_RO	"ro" (readonly) property set
148  * SMB_SHRF_ACC_RW	"rw" (read/write) property set
149  * SMB_SHRF_ACC_ALL	All of the access bits
150  * SMB_SHRF_CATIA	CATIA character translation on/off
151  * SMB_SHRF_GUEST_OK	Guest access on/off
152  * SMB_SHRF_ABE		Access Based Enumeration on/off
153  * SMB_SHRF_DFSROOT	Share is a standalone DFS root
154  *
155  * Runtime flags:
156  *
157  * SMB_SHRF_TRANS	Transient share
158  * SMB_SHRF_PERM	Permanent share
159  * SMB_SHRF_AUTOHOME	Autohome share.
160  * SMB_SHRF_ADMIN	Admin share
161  *
162  * All autohome shares are transient but not all transient shares are autohome.
163  * IPC$ and drive letter shares (e.g. d$, e$, etc) are transient but
164  * not autohome.
165  */
166 
167 /*
168  * Property flags
169  */
170 #define	SMB_SHRF_DFSROOT	0x0001
171 #define	SMB_SHRF_CATIA		0x0002
172 #define	SMB_SHRF_GUEST_OK	0x0004
173 #define	SMB_SHRF_ABE		0x0008
174 
175 #define	SMB_SHRF_CSC_DISABLED	0x0010
176 #define	SMB_SHRF_CSC_MANUAL	0x0020
177 #define	SMB_SHRF_CSC_AUTO	0x0040
178 #define	SMB_SHRF_CSC_VDO	0x0080
179 #define	SMB_SHRF_CSC_MASK	0x00F0
180 
181 #define	SMB_SHRF_ACC_OPEN	0x0000
182 #define	SMB_SHRF_ACC_NONE	0x0100
183 #define	SMB_SHRF_ACC_RO		0x0200
184 #define	SMB_SHRF_ACC_RW		0x0400
185 #define	SMB_SHRF_ACC_ALL	0x0F00
186 
187 #define	SMB_SHRF_QUOTAS		0x1000	/* Enable SMB Quotas */
188 #define	SMB_SHRF_FSO		0x2000	/* Force Shared Oplocks */
189 #define	SMB_SHRF_CA		0x4000	/* Continuous Availability */
190 
191 /*
192  * Runtime flags
193  */
194 #define	SMB_SHRF_ADMIN		0x01000000
195 #define	SMB_SHRF_TRANS		0x10000000
196 #define	SMB_SHRF_PERM		0x20000000
197 #define	SMB_SHRF_AUTOHOME	0x40000000
198 #define	SMB_SHRF_REMOVED	0x80000000	/* unshared */
199 
200 #define	SMB_SHARE_PRINT		"print$"
201 #define	SMB_SHARE_PRINT_LEN	6
202 /*
203  * refcnt is currently only used for autohome.  autohome needs a refcnt
204  * because a user can map their autohome share from more than one client
205  * at the same time and the share should only be removed when the last
206  * one is disconnected
207  */
208 typedef struct smb_share {
209 	char		shr_name[MAXNAMELEN];
210 	char		shr_path[MAXPATHLEN];
211 	char		shr_cmnt[SMB_SHARE_CMNT_MAX];
212 	char		shr_container[MAXPATHLEN];
213 	uint32_t	shr_flags;
214 	uint32_t	shr_type;
215 	uint32_t	shr_refcnt;
216 	uint32_t	shr_access_value;	/* host return access value */
217 	uid_t		shr_uid;		/* autohome only */
218 	gid_t		shr_gid;		/* autohome only */
219 	char		shr_access_none[MAXPATHLEN];
220 	char		shr_access_ro[MAXPATHLEN];
221 	char		shr_access_rw[MAXPATHLEN];
222 	smb_cfg_val_t	shr_encrypt;
223 } smb_share_t;
224 
225 typedef struct smb_shriter {
226 	smb_share_t	si_share;
227 	HT_ITERATOR	si_hashiter;
228 	boolean_t	si_first;
229 } smb_shriter_t;
230 
231 #define	LMSHARES_PER_REQUEST  10
232 typedef struct smb_shrlist {
233 	int		sl_cnt;
234 	smb_share_t	sl_shares[LMSHARES_PER_REQUEST];
235 } smb_shrlist_t;
236 
237 typedef struct smb_shr_execinfo {
238 	char		*e_sharename;
239 	char		*e_winname;
240 	char		*e_userdom;
241 	smb_inaddr_t	e_srv_ipaddr;
242 	smb_inaddr_t	e_cli_ipaddr;
243 	char		*e_cli_netbiosname;
244 	uid_t		e_uid;
245 	int		e_type;
246 } smb_shr_execinfo_t;
247 
248 /*
249  * LanMan share API (for both SMB kernel module and GUI/CLI sub-system)
250  *
251  * NOTE: If any error is encounted by either the door server or client,
252  * NERR_InternalError will be returned by most functions, smb_share_count
253  * will return -1.
254  */
255 
256 #if !defined(_KERNEL) && !defined(_FAKE_KERNEL)
257 
258 /*
259  * CIFS share management functions exported by libmlsvc
260  */
261 int smb_shr_start(void);
262 void smb_shr_stop(void);
263 void *smb_shr_load(void *);
264 void smb_shr_load_execinfo(void);
265 void smb_shr_unload(void);
266 void smb_shr_iterinit(smb_shriter_t *);
267 smb_share_t *smb_shr_iterate(smb_shriter_t *);
268 void smb_shr_list(int, smb_shrlist_t *);
269 int smb_shr_count(void);
270 uint32_t smb_shr_add(smb_share_t *);
271 uint32_t smb_shr_remove(char *);
272 uint32_t smb_shr_rename(char *, char *);
273 uint32_t smb_shr_get(char *, smb_share_t *);
274 uint32_t smb_shr_modify(smb_share_t *);
275 uint32_t smb_shr_get_realpath(const char *, char *, int);
276 uint32_t smb_shr_hostaccess(smb_inaddr_t *, char *, char *, char *, uint32_t);
277 int smb_shr_exec(smb_shr_execinfo_t *);
278 
279 boolean_t smb_shr_exists(char *);
280 int smb_shr_is_special(char *);
281 boolean_t smb_shr_is_restricted(char *);
282 boolean_t smb_shr_is_admin(char *);
283 char smb_shr_drive_letter(const char *);
284 
285 sa_handle_t smb_shr_sa_enter(void);
286 void smb_shr_sa_exit(void);
287 void smb_shr_sa_csc_option(const char *, smb_share_t *);
288 char *smb_shr_sa_csc_name(const smb_share_t *);
289 void smb_shr_sa_setflag(const char *, smb_share_t *, uint32_t);
290 
291 /*
292  * CIFS share management API exported for other processes
293  */
294 uint32_t smb_share_list(int, smb_shrlist_t *);
295 int smb_share_count(void);
296 uint32_t smb_share_delete(char *);
297 uint32_t smb_share_rename(char *, char *);
298 uint32_t smb_share_create(smb_share_t *);
299 uint32_t smb_share_modify(smb_share_t *);
300 
301 #endif	/* _KERNEL */
302 
303 #ifdef __cplusplus
304 }
305 #endif
306 
307 #endif /* _SMB_SHARE_H */
308