1*1fcced4cSJordan Brown /* 2*1fcced4cSJordan Brown * CDDL HEADER START 3*1fcced4cSJordan Brown * 4*1fcced4cSJordan Brown * The contents of this file are subject to the terms of the 5*1fcced4cSJordan Brown * Common Development and Distribution License (the "License"). 6*1fcced4cSJordan Brown * You may not use this file except in compliance with the License. 7*1fcced4cSJordan Brown * 8*1fcced4cSJordan Brown * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*1fcced4cSJordan Brown * or http://www.opensolaris.org/os/licensing. 10*1fcced4cSJordan Brown * See the License for the specific language governing permissions 11*1fcced4cSJordan Brown * and limitations under the License. 12*1fcced4cSJordan Brown * 13*1fcced4cSJordan Brown * When distributing Covered Code, include this CDDL HEADER in each 14*1fcced4cSJordan Brown * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*1fcced4cSJordan Brown * If applicable, add the following below this CDDL HEADER, with the 16*1fcced4cSJordan Brown * fields enclosed by brackets "[]" replaced with your own identifying 17*1fcced4cSJordan Brown * information: Portions Copyright [yyyy] [name of copyright owner] 18*1fcced4cSJordan Brown * 19*1fcced4cSJordan Brown * CDDL HEADER END 20*1fcced4cSJordan Brown */ 21*1fcced4cSJordan Brown /* 22*1fcced4cSJordan Brown * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23*1fcced4cSJordan Brown * Use is subject to license terms. 24*1fcced4cSJordan Brown */ 25*1fcced4cSJordan Brown 26*1fcced4cSJordan Brown #ifndef _SIDUTIL_H 27*1fcced4cSJordan Brown #define _SIDUTIL_H 28*1fcced4cSJordan Brown 29*1fcced4cSJordan Brown /* 30*1fcced4cSJordan Brown * Security Identifier (SID) interface definition. 31*1fcced4cSJordan Brown * 32*1fcced4cSJordan Brown * This is an extract from uts/common/smbsrv/smb_sid.h, with functions 33*1fcced4cSJordan Brown * renamed as part of a tentative plan for convergence. 34*1fcced4cSJordan Brown */ 35*1fcced4cSJordan Brown 36*1fcced4cSJordan Brown #ifdef __cplusplus 37*1fcced4cSJordan Brown extern "C" { 38*1fcced4cSJordan Brown #endif 39*1fcced4cSJordan Brown 40*1fcced4cSJordan Brown /* 41*1fcced4cSJordan Brown * Common definition for a SID. 42*1fcced4cSJordan Brown */ 43*1fcced4cSJordan Brown #define NT_SID_REVISION 1 44*1fcced4cSJordan Brown #define NT_SID_AUTH_MAX 6 45*1fcced4cSJordan Brown #define NT_SID_SUBAUTH_MAX 15 46*1fcced4cSJordan Brown 47*1fcced4cSJordan Brown #if !defined(ANY_SIZE_ARRAY) 48*1fcced4cSJordan Brown #define ANY_SIZE_ARRAY 1 49*1fcced4cSJordan Brown #endif 50*1fcced4cSJordan Brown 51*1fcced4cSJordan Brown /* 52*1fcced4cSJordan Brown * Security Identifier (SID) 53*1fcced4cSJordan Brown * 54*1fcced4cSJordan Brown * The security identifier (SID) uniquely identifies a user, group or 55*1fcced4cSJordan Brown * a domain. It consists of a revision number, the identifier authority, 56*1fcced4cSJordan Brown * and a list of sub-authorities. The revision number is currently 1. 57*1fcced4cSJordan Brown * The identifier authority identifies which system issued the SID. The 58*1fcced4cSJordan Brown * sub-authorities of a domain SID uniquely identify a domain. A user 59*1fcced4cSJordan Brown * or group SID consists of a domain SID with the user or group id 60*1fcced4cSJordan Brown * appended. The user or group id (also known as a relative id (RID) 61*1fcced4cSJordan Brown * uniquely identifies a user within a domain. A user or group SID 62*1fcced4cSJordan Brown * uniquely identifies a user or group across all domains. The SidType 63*1fcced4cSJordan Brown * values identify the various types of SID. 64*1fcced4cSJordan Brown * 65*1fcced4cSJordan Brown * 1 1 1 1 1 1 66*1fcced4cSJordan Brown * 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 67*1fcced4cSJordan Brown * +---------------------------------------------------------------+ 68*1fcced4cSJordan Brown * | SubAuthorityCount |Reserved1 (SBZ)| Revision | 69*1fcced4cSJordan Brown * +---------------------------------------------------------------+ 70*1fcced4cSJordan Brown * | IdentifierAuthority[0] | 71*1fcced4cSJordan Brown * +---------------------------------------------------------------+ 72*1fcced4cSJordan Brown * | IdentifierAuthority[1] | 73*1fcced4cSJordan Brown * +---------------------------------------------------------------+ 74*1fcced4cSJordan Brown * | IdentifierAuthority[2] | 75*1fcced4cSJordan Brown * +---------------------------------------------------------------+ 76*1fcced4cSJordan Brown * | | 77*1fcced4cSJordan Brown * +- - - - - - - - SubAuthority[] - - - - - - - - -+ 78*1fcced4cSJordan Brown * | | 79*1fcced4cSJordan Brown * +---------------------------------------------------------------+ 80*1fcced4cSJordan Brown * 81*1fcced4cSJordan Brown */ 82*1fcced4cSJordan Brown /* 83*1fcced4cSJordan Brown * Note: NT defines the Identifier Authority as a separate 84*1fcced4cSJordan Brown * structure (SID_IDENTIFIER_AUTHORITY) containing a literal 85*1fcced4cSJordan Brown * definition of a 6 byte vector but the effect is the same 86*1fcced4cSJordan Brown * as defining it as a member value. 87*1fcced4cSJordan Brown */ 88*1fcced4cSJordan Brown typedef struct sid { 89*1fcced4cSJordan Brown uint8_t sid_revision; 90*1fcced4cSJordan Brown uint8_t sid_subauthcnt; 91*1fcced4cSJordan Brown uint8_t sid_authority[NT_SID_AUTH_MAX]; 92*1fcced4cSJordan Brown uint32_t sid_subauth[ANY_SIZE_ARRAY]; 93*1fcced4cSJordan Brown } sid_t; 94*1fcced4cSJordan Brown 95*1fcced4cSJordan Brown /* 96*1fcced4cSJordan Brown * The maximum size of a SID in string format 97*1fcced4cSJordan Brown */ 98*1fcced4cSJordan Brown #define SID_STRSZ 256 99*1fcced4cSJordan Brown 100*1fcced4cSJordan Brown /* Given a SID, return its length in bytes. */ 101*1fcced4cSJordan Brown int sid_len(sid_t *); 102*1fcced4cSJordan Brown 103*1fcced4cSJordan Brown /* Given a dynamically allocated SID (e.g. from sid_fromstr), free it. */ 104*1fcced4cSJordan Brown void sid_free(sid_t *); 105*1fcced4cSJordan Brown 106*1fcced4cSJordan Brown /* Translate a binary-format SID into the supplied SID_STRSZ buffer. */ 107*1fcced4cSJordan Brown void sid_tostr(sid_t *, char *); 108*1fcced4cSJordan Brown 109*1fcced4cSJordan Brown /* Translate a text-format SID into an allocated binary-format SID. */ 110*1fcced4cSJordan Brown sid_t *sid_fromstr(char *); 111*1fcced4cSJordan Brown 112*1fcced4cSJordan Brown /* In-place, translate a host-order SID into MS-native little endian. */ 113*1fcced4cSJordan Brown void sid_to_le(sid_t *); 114*1fcced4cSJordan Brown 115*1fcced4cSJordan Brown /* In-place, translate a MS-native little endian SID into host order. */ 116*1fcced4cSJordan Brown void sid_from_le(sid_t *); 117*1fcced4cSJordan Brown 118*1fcced4cSJordan Brown #ifdef __cplusplus 119*1fcced4cSJordan Brown } 120*1fcced4cSJordan Brown #endif 121*1fcced4cSJordan Brown 122*1fcced4cSJordan Brown 123*1fcced4cSJordan Brown #endif /* _SIDUTIL_H */ 124