1da6c28aaSamw /*
2da6c28aaSamw  * CDDL HEADER START
3da6c28aaSamw  *
4da6c28aaSamw  * The contents of this file are subject to the terms of the
5da6c28aaSamw  * Common Development and Distribution License (the "License").
6da6c28aaSamw  * You may not use this file except in compliance with the License.
7da6c28aaSamw  *
8da6c28aaSamw  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9da6c28aaSamw  * or http://www.opensolaris.org/os/licensing.
10da6c28aaSamw  * See the License for the specific language governing permissions
11da6c28aaSamw  * and limitations under the License.
12da6c28aaSamw  *
13da6c28aaSamw  * When distributing Covered Code, include this CDDL HEADER in each
14da6c28aaSamw  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15da6c28aaSamw  * If applicable, add the following below this CDDL HEADER, with the
16da6c28aaSamw  * fields enclosed by brackets "[]" replaced with your own identifying
17da6c28aaSamw  * information: Portions Copyright [yyyy] [name of copyright owner]
18da6c28aaSamw  *
19da6c28aaSamw  * CDDL HEADER END
20da6c28aaSamw  */
21da6c28aaSamw /*
22148c5f43SAlan Wright  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23549ab26fSMatt Barden  * Copyright 2022 Tintri by DDN, Inc. All rights reserved.
24814e0daaSGordon Ross  * Copyright 2022 RackTop Systems, Inc.
25da6c28aaSamw  */
26da6c28aaSamw 
27da6c28aaSamw /*
28da6c28aaSamw  * CIFS configuration management library
29da6c28aaSamw  */
30da6c28aaSamw 
3176b0ca5aSGordon Ross /*
3276b0ca5aSGordon Ross  * Checking for things like unsupportable parameter combinations are
3376b0ca5aSGordon Ross  * the responsibility of callers of these functions.  Example include:
3476b0ca5aSGordon Ross  * trying to set min_protocol above max_protocol, or requiring encryption
3576b0ca5aSGordon Ross  * with an allowed protocol range that can't support it.
3676b0ca5aSGordon Ross  */
3776b0ca5aSGordon Ross 
38da6c28aaSamw #include <stdio.h>
39da6c28aaSamw #include <stdlib.h>
40da6c28aaSamw #include <unistd.h>
41da6c28aaSamw #include <synch.h>
42da6c28aaSamw #include <string.h>
43da6c28aaSamw #include <strings.h>
44da6c28aaSamw #include <syslog.h>
45da6c28aaSamw #include <netdb.h>
46da6c28aaSamw #include <ctype.h>
47da6c28aaSamw #include <sys/types.h>
48da6c28aaSamw #include <libscf.h>
49dc20a302Sas #include <assert.h>
508d7e4166Sjose borrego #include <uuid/uuid.h>
51da6c28aaSamw #include <smbsrv/libsmb.h>
52da6c28aaSamw 
53da6c28aaSamw typedef struct smb_cfg_param {
54dc20a302Sas 	smb_cfg_id_t sc_id;
55da6c28aaSamw 	char *sc_name;
56da6c28aaSamw 	int sc_type;
57da6c28aaSamw 	uint32_t sc_flags;
58da6c28aaSamw } smb_cfg_param_t;
59da6c28aaSamw 
60a90cf9f2SGordon Ross struct str_val {
61a90cf9f2SGordon Ross 	char *str;
62a90cf9f2SGordon Ross 	uint32_t val;
63a90cf9f2SGordon Ross };
64a90cf9f2SGordon Ross 
65da6c28aaSamw /*
66da6c28aaSamw  * config parameter flags
67da6c28aaSamw  */
68dc20a302Sas #define	SMB_CF_PROTECTED	0x01
6929bd2886SAlan Wright #define	SMB_CF_EXEC		0x02
70da6c28aaSamw 
71da6c28aaSamw /* idmap SMF fmri and Property Group */
72da6c28aaSamw #define	IDMAP_FMRI_PREFIX		"system/idmap"
73da6c28aaSamw #define	MACHINE_SID			"machine_sid"
7412b65585SGordon Ross #define	MACHINE_UUID			"machine_uuid"
7555bf511dSas #define	IDMAP_DOMAIN			"domain_name"
76b3700b07SGordon Ross #define	IDMAP_PREF_DC			"preferred_dc"
77a774f103SGordon Ross #define	IDMAP_SITE_NAME			"site_name"
78da6c28aaSamw #define	IDMAP_PG_NAME			"config"
79da6c28aaSamw 
80a774f103SGordon Ross #define	SMB_SECMODE_WORKGRP_STR		"workgroup"
81a774f103SGordon Ross #define	SMB_SECMODE_DOMAIN_STR		"domain"
82da6c28aaSamw 
83da6c28aaSamw #define	SMB_ENC_LEN	1024
84da6c28aaSamw #define	SMB_DEC_LEN	256
85da6c28aaSamw 
86da6c28aaSamw static char *b64_data =
87da6c28aaSamw 	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
88da6c28aaSamw 
89da6c28aaSamw static smb_cfg_param_t smb_cfg_table[] =
90da6c28aaSamw {
919fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	{SMB_CI_VERSION, "sv_version", SCF_TYPE_ASTRING, 0},
929fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
93da6c28aaSamw 	/* Oplock configuration, Kernel Only */
94dc20a302Sas 	{SMB_CI_OPLOCK_ENABLE, "oplock_enable", SCF_TYPE_BOOLEAN, 0},
95da6c28aaSamw 
96da6c28aaSamw 	/* Autohome configuration */
97dc20a302Sas 	{SMB_CI_AUTOHOME_MAP, "autohome_map", SCF_TYPE_ASTRING, 0},
98da6c28aaSamw 
99da6c28aaSamw 	/* Domain/PDC configuration */
100dc20a302Sas 	{SMB_CI_DOMAIN_SID, "domain_sid", SCF_TYPE_ASTRING, 0},
101dc20a302Sas 	{SMB_CI_DOMAIN_MEMB, "domain_member", SCF_TYPE_BOOLEAN, 0},
102dc20a302Sas 	{SMB_CI_DOMAIN_NAME, "domain_name", SCF_TYPE_ASTRING, 0},
1038d7e4166Sjose borrego 	{SMB_CI_DOMAIN_FQDN, "fqdn", SCF_TYPE_ASTRING, 0},
1048d7e4166Sjose borrego 	{SMB_CI_DOMAIN_FOREST, "forest", SCF_TYPE_ASTRING, 0},
1058d7e4166Sjose borrego 	{SMB_CI_DOMAIN_GUID, "domain_guid", SCF_TYPE_ASTRING, 0},
106dc20a302Sas 	{SMB_CI_DOMAIN_SRV, "pdc", SCF_TYPE_ASTRING, 0},
107da6c28aaSamw 
108da6c28aaSamw 	/* WINS configuration */
109dc20a302Sas 	{SMB_CI_WINS_SRV1, "wins_server_1", SCF_TYPE_ASTRING, 0},
110dc20a302Sas 	{SMB_CI_WINS_SRV2, "wins_server_2", SCF_TYPE_ASTRING, 0},
111dc20a302Sas 	{SMB_CI_WINS_EXCL, "wins_exclude", SCF_TYPE_ASTRING, 0},
112da6c28aaSamw 
113da6c28aaSamw 	/* Kmod specific configuration */
114dc20a302Sas 	{SMB_CI_MAX_WORKERS, "max_workers", SCF_TYPE_INTEGER, 0},
115dc20a302Sas 	{SMB_CI_MAX_CONNECTIONS, "max_connections", SCF_TYPE_INTEGER, 0},
116dc20a302Sas 	{SMB_CI_KEEPALIVE, "keep_alive", SCF_TYPE_INTEGER, 0},
117dc20a302Sas 	{SMB_CI_RESTRICT_ANON, "restrict_anonymous", SCF_TYPE_BOOLEAN, 0},
118dc20a302Sas 
119dc20a302Sas 	{SMB_CI_SIGNING_ENABLE, "signing_enabled", SCF_TYPE_BOOLEAN, 0},
120dc20a302Sas 	{SMB_CI_SIGNING_REQD, "signing_required", SCF_TYPE_BOOLEAN, 0},
121da6c28aaSamw 
122da6c28aaSamw 	/* Kmod tuning configuration */
123dc20a302Sas 	{SMB_CI_SYNC_ENABLE, "sync_enable", SCF_TYPE_BOOLEAN, 0},
124da6c28aaSamw 
125da6c28aaSamw 	/* SMBd configuration */
126dc20a302Sas 	{SMB_CI_SECURITY, "security", SCF_TYPE_ASTRING, 0},
12783d2dfe6SGordon Ross 	{SMB_CI_NETBIOS_ENABLE, "netbios_enable", SCF_TYPE_BOOLEAN, 0},
128dc20a302Sas 	{SMB_CI_NBSCOPE, "netbios_scope", SCF_TYPE_ASTRING, 0},
129dc20a302Sas 	{SMB_CI_SYS_CMNT, "system_comment", SCF_TYPE_ASTRING, 0},
130dc20a302Sas 	{SMB_CI_LM_LEVEL, "lmauth_level", SCF_TYPE_INTEGER, 0},
131da6c28aaSamw 
132da6c28aaSamw 	/* ADS Configuration */
133dc20a302Sas 	{SMB_CI_ADS_SITE, "ads_site", SCF_TYPE_ASTRING, 0},
134da6c28aaSamw 
135da6c28aaSamw 	/* Dynamic DNS */
136dc20a302Sas 	{SMB_CI_DYNDNS_ENABLE, "ddns_enable", SCF_TYPE_BOOLEAN, 0},
137dc20a302Sas 
138dc20a302Sas 	{SMB_CI_MACHINE_PASSWD, "machine_passwd", SCF_TYPE_ASTRING,
139faa1795aSjb 	    SMB_CF_PROTECTED},
14012b65585SGordon Ross 
14112b65585SGordon Ross 	{SMB_CI_MACHINE_UUID, "machine_uuid", SCF_TYPE_ASTRING, 0},
14212b65585SGordon Ross 	{SMB_CI_KPASSWD_SRV, "kpasswd_server", SCF_TYPE_ASTRING, 0},
14312b65585SGordon Ross 	{SMB_CI_KPASSWD_DOMAIN, "kpasswd_domain", SCF_TYPE_ASTRING, 0},
14412b65585SGordon Ross 	{SMB_CI_KPASSWD_SEQNUM, "kpasswd_seqnum", SCF_TYPE_INTEGER, 0},
14512b65585SGordon Ross 	{SMB_CI_NETLOGON_SEQNUM, "netlogon_seqnum", SCF_TYPE_INTEGER, 0},
14629bd2886SAlan Wright 	{SMB_CI_IPV6_ENABLE, "ipv6_enable", SCF_TYPE_BOOLEAN, 0},
147cb174861Sjoyce mcintosh 	{SMB_CI_PRINT_ENABLE, "print_enable", SCF_TYPE_BOOLEAN, 0},
14829bd2886SAlan Wright 	{SMB_CI_MAP, "map", SCF_TYPE_ASTRING, SMB_CF_EXEC},
14929bd2886SAlan Wright 	{SMB_CI_UNMAP, "unmap", SCF_TYPE_ASTRING, SMB_CF_EXEC},
150148c5f43SAlan Wright 	{SMB_CI_DISPOSITION, "disposition", SCF_TYPE_ASTRING, SMB_CF_EXEC},
1515f1ef25cSAram Hăvărneanu 	{SMB_CI_DFS_STDROOT_NUM, "dfs_stdroot_num", SCF_TYPE_INTEGER, 0},
152b819cea2SGordon Ross 	{SMB_CI_TRAVERSE_MOUNTS, "traverse_mounts", SCF_TYPE_BOOLEAN, 0},
153a90cf9f2SGordon Ross 	{SMB_CI_SMB2_ENABLE_OLD, "smb2_enable", SCF_TYPE_BOOLEAN, 0},
154a90cf9f2SGordon Ross 	{SMB_CI_INITIAL_CREDITS, "initial_credits", SCF_TYPE_INTEGER, 0},
155a90cf9f2SGordon Ross 	{SMB_CI_MAXIMUM_CREDITS, "maximum_credits", SCF_TYPE_INTEGER, 0},
156a90cf9f2SGordon Ross 	{SMB_CI_MAX_PROTOCOL, "max_protocol", SCF_TYPE_ASTRING, 0},
1571160dcf7SMatt Barden 	{SMB_CI_ENCRYPT, "encrypt", SCF_TYPE_ASTRING, 0},
1583e2c0c09SMatt Barden 	{SMB_CI_MIN_PROTOCOL, "min_protocol", SCF_TYPE_ASTRING, 0},
159cc3780e6SGordon Ross 	{SMB_CI_BYPASS_TRAVERSE_CHECKING,
160cc3780e6SGordon Ross 	    "bypass_traverse_checking", SCF_TYPE_BOOLEAN, 0},
161b0bb0d63SGordon Ross 	{SMB_CI_ENCRYPT_CIPHERS, "encrypt_ciphers", SCF_TYPE_ASTRING, 0},
162ce8560eeSMatt Barden 	{SMB_CI_NETLOGON_FLAGS, "netlogon_flags", SCF_TYPE_INTEGER, 0},
163814e0daaSGordon Ross 	{SMB_CI_SHORT_NAMES, "short_names", SCF_TYPE_BOOLEAN, 0},
1642cf6b79fSGordon Ross 	{SMB_CI_MAX_OPENS, "max_opens", SCF_TYPE_INTEGER, 0},
16512b65585SGordon Ross 
166da6c28aaSamw 	/* SMB_CI_MAX */
167da6c28aaSamw };
168da6c28aaSamw 
1691160dcf7SMatt Barden /*
1701160dcf7SMatt Barden  * We store the max SMB protocol version in SMF as a string,
1711160dcf7SMatt Barden  * (for convenience of svccfg etc) but the programmatic get/set
1721160dcf7SMatt Barden  * interfaces use the numeric form.
1731160dcf7SMatt Barden  *
1741160dcf7SMatt Barden  * The numeric values are as defined in the [MS-SMB2] spec.
1751160dcf7SMatt Barden  * except for how we represent "1" (for SMB1) which is an
1761160dcf7SMatt Barden  * arbitrary value below SMB2_VERS_BASE.
1771160dcf7SMatt Barden  */
1781160dcf7SMatt Barden static struct str_val
1791160dcf7SMatt Barden smb_versions[] = {
1804e065a9fSAlexander Stetsenko 	{ "3.11",	SMB_VERS_3_11 },
181dfa42fabSMatt Barden 	{ "3.02",	SMB_VERS_3_02 },
1821160dcf7SMatt Barden 	{ "3.0",	SMB_VERS_3_0 },
1831160dcf7SMatt Barden 	{ "2.1",	SMB_VERS_2_1 },
1841160dcf7SMatt Barden 	{ "2.002",	SMB_VERS_2_002 },
1851160dcf7SMatt Barden 	{ "1",		SMB_VERS_1 },
1861160dcf7SMatt Barden 	{ NULL,		0 }
1871160dcf7SMatt Barden };
1881160dcf7SMatt Barden 
1894e065a9fSAlexander Stetsenko /*
1904e065a9fSAlexander Stetsenko  * Supported encryption ciphers.
1914e065a9fSAlexander Stetsenko  */
1924e065a9fSAlexander Stetsenko static struct str_val
193b0bb0d63SGordon Ross smb31_encrypt_ciphers[] = {
194dee7ba86SAlexander Stetsenko 	{ "aes128-ccm",	SMB3_CIPHER_FLAG_AES128_CCM },	/* SMB 3.x */
195dee7ba86SAlexander Stetsenko 	{ "aes128-gcm",	SMB3_CIPHER_FLAG_AES128_GCM },	/* SMB 3.1.1 */
196a4568e19SAlexander Stetsenko 	{ "aes256-ccm",	SMB3_CIPHER_FLAG_AES256_CCM },	/* SMB 3.1.1 */
197a4568e19SAlexander Stetsenko 	{ "aes256-gcm",	SMB3_CIPHER_FLAG_AES256_GCM },	/* SMB 3.1.1 */
198b0bb0d63SGordon Ross 	{ "all",	SMB3_CIPHER_FLAGS_ALL },
1994e065a9fSAlexander Stetsenko 	{ NULL,		0 }
2004e065a9fSAlexander Stetsenko };
201b0bb0d63SGordon Ross /* Buffer large enough to hold all cipher names. */
202b0bb0d63SGordon Ross #define	SMB_CIPHERS_MAXLEN	64
2034e065a9fSAlexander Stetsenko 
204dc20a302Sas static smb_cfg_param_t *smb_config_getent(smb_cfg_id_t);
205dc20a302Sas 
206da6c28aaSamw static boolean_t smb_is_base64(unsigned char c);
207da6c28aaSamw static char *smb_base64_encode(char *str_to_encode);
208da6c28aaSamw static char *smb_base64_decode(char *encoded_str);
209b3700b07SGordon Ross static int smb_config_get_idmap_preferred_dc(char *, int);
210b3700b07SGordon Ross static int smb_config_set_idmap_preferred_dc(char *);
211a774f103SGordon Ross static int smb_config_get_idmap_site_name(char *, int);
212a774f103SGordon Ross static int smb_config_set_idmap_site_name(char *);
213dc20a302Sas 
21476b0ca5aSGordon Ross uint32_t
smb_convert_version_str(const char * version)2151160dcf7SMatt Barden smb_convert_version_str(const char *version)
2161160dcf7SMatt Barden {
2171160dcf7SMatt Barden 	uint32_t dialect = 0;
2181160dcf7SMatt Barden 	int i;
2191160dcf7SMatt Barden 
2201160dcf7SMatt Barden 	for (i = 0; smb_versions[i].str != NULL; i++) {
2211160dcf7SMatt Barden 		if (strcmp(version, smb_versions[i].str) == 0)
2221160dcf7SMatt Barden 			dialect = smb_versions[i].val;
2231160dcf7SMatt Barden 	}
2241160dcf7SMatt Barden 
2251160dcf7SMatt Barden 	return (dialect);
2261160dcf7SMatt Barden }
2271160dcf7SMatt Barden 
228dc20a302Sas char *
smb_config_getname(smb_cfg_id_t id)229dc20a302Sas smb_config_getname(smb_cfg_id_t id)
230dc20a302Sas {
231dc20a302Sas 	smb_cfg_param_t *cfg;
232dc20a302Sas 	cfg = smb_config_getent(id);
233dc20a302Sas 	return (cfg->sc_name);
234dc20a302Sas }
235da6c28aaSamw 
236da6c28aaSamw static boolean_t
smb_is_base64(unsigned char c)237da6c28aaSamw smb_is_base64(unsigned char c)
238da6c28aaSamw {
239da6c28aaSamw 	return (isalnum(c) || (c == '+') || (c == '/'));
240da6c28aaSamw }
241da6c28aaSamw 
242da6c28aaSamw /*
243da6c28aaSamw  * smb_base64_encode
244da6c28aaSamw  *
245da6c28aaSamw  * Encode a string using base64 algorithm.
246da6c28aaSamw  * Caller should free the returned buffer when done.
247da6c28aaSamw  */
248da6c28aaSamw static char *
smb_base64_encode(char * str_to_encode)249da6c28aaSamw smb_base64_encode(char *str_to_encode)
250da6c28aaSamw {
251da6c28aaSamw 	int ret_cnt = 0;
252da6c28aaSamw 	int i = 0, j = 0;
253da6c28aaSamw 	char arr_3[3], arr_4[4];
254da6c28aaSamw 	int len = strlen(str_to_encode);
255da6c28aaSamw 	char *ret = malloc(SMB_ENC_LEN);
256da6c28aaSamw 
257da6c28aaSamw 	if (ret == NULL) {
258da6c28aaSamw 		return (NULL);
259da6c28aaSamw 	}
260da6c28aaSamw 
261da6c28aaSamw 	while (len--) {
262da6c28aaSamw 		arr_3[i++] = *(str_to_encode++);
263da6c28aaSamw 		if (i == 3) {
264da6c28aaSamw 			arr_4[0] = (arr_3[0] & 0xfc) >> 2;
265da6c28aaSamw 			arr_4[1] = ((arr_3[0] & 0x03) << 4) +
266da6c28aaSamw 			    ((arr_3[1] & 0xf0) >> 4);
267da6c28aaSamw 			arr_4[2] = ((arr_3[1] & 0x0f) << 2) +
268da6c28aaSamw 			    ((arr_3[2] & 0xc0) >> 6);
269da6c28aaSamw 			arr_4[3] = arr_3[2] & 0x3f;
270da6c28aaSamw 
271da6c28aaSamw 			for (i = 0; i < 4; i++)
2722bc647a2SToomas Soome 				ret[ret_cnt++] = b64_data[(int)arr_4[i]];
273da6c28aaSamw 			i = 0;
274da6c28aaSamw 		}
275da6c28aaSamw 	}
276da6c28aaSamw 
277da6c28aaSamw 	if (i) {
278da6c28aaSamw 		for (j = i; j < 3; j++)
279da6c28aaSamw 			arr_3[j] = '\0';
280da6c28aaSamw 
281da6c28aaSamw 		arr_4[0] = (arr_3[0] & 0xfc) >> 2;
282da6c28aaSamw 		arr_4[1] = ((arr_3[0] & 0x03) << 4) +
283da6c28aaSamw 		    ((arr_3[1] & 0xf0) >> 4);
284da6c28aaSamw 		arr_4[2] = ((arr_3[1] & 0x0f) << 2) +
285da6c28aaSamw 		    ((arr_3[2] & 0xc0) >> 6);
286da6c28aaSamw 		arr_4[3] = arr_3[2] & 0x3f;
287da6c28aaSamw 
288da6c28aaSamw 		for (j = 0; j < (i + 1); j++)
2892bc647a2SToomas Soome 			ret[ret_cnt++] = b64_data[(int)arr_4[j]];
290da6c28aaSamw 
291da6c28aaSamw 		while (i++ < 3)
292da6c28aaSamw 			ret[ret_cnt++] = '=';
293da6c28aaSamw 	}
294da6c28aaSamw 
295da6c28aaSamw 	ret[ret_cnt++] = '\0';
296da6c28aaSamw 	return (ret);
297da6c28aaSamw }
298da6c28aaSamw 
299da6c28aaSamw /*
300da6c28aaSamw  * smb_base64_decode
301da6c28aaSamw  *
302da6c28aaSamw  * Decode using base64 algorithm.
303da6c28aaSamw  * Caller should free the returned buffer when done.
304da6c28aaSamw  */
305da6c28aaSamw static char *
smb_base64_decode(char * encoded_str)306da6c28aaSamw smb_base64_decode(char *encoded_str)
307da6c28aaSamw {
308da6c28aaSamw 	int len = strlen(encoded_str);
309da6c28aaSamw 	int i = 0, j = 0;
310da6c28aaSamw 	int en_ind = 0;
311da6c28aaSamw 	char arr_4[4], arr_3[3];
312da6c28aaSamw 	int ret_cnt = 0;
313da6c28aaSamw 	char *ret = malloc(SMB_DEC_LEN);
314da6c28aaSamw 	char *p;
315da6c28aaSamw 
316da6c28aaSamw 	if (ret == NULL) {
317da6c28aaSamw 		return (NULL);
318da6c28aaSamw 	}
319da6c28aaSamw 
320da6c28aaSamw 	while (len-- && (encoded_str[en_ind] != '=') &&
321da6c28aaSamw 	    smb_is_base64(encoded_str[en_ind])) {
322da6c28aaSamw 		arr_4[i++] = encoded_str[en_ind];
323da6c28aaSamw 		en_ind++;
324da6c28aaSamw 		if (i == 4) {
325da6c28aaSamw 			for (i = 0; i < 4; i++) {
3262bc647a2SToomas Soome 				if ((p = strchr(b64_data, arr_4[i])) == NULL) {
3272bc647a2SToomas Soome 					free(ret);
328da6c28aaSamw 					return (NULL);
3292bc647a2SToomas Soome 				}
330da6c28aaSamw 
331da6c28aaSamw 				arr_4[i] = (int)(p - b64_data);
332da6c28aaSamw 			}
333da6c28aaSamw 
334da6c28aaSamw 			arr_3[0] = (arr_4[0] << 2) +
335da6c28aaSamw 			    ((arr_4[1] & 0x30) >> 4);
336da6c28aaSamw 			arr_3[1] = ((arr_4[1] & 0xf) << 4) +
337da6c28aaSamw 			    ((arr_4[2] & 0x3c) >> 2);
338da6c28aaSamw 			arr_3[2] = ((arr_4[2] & 0x3) << 6) +
339da6c28aaSamw 			    arr_4[3];
340da6c28aaSamw 
341da6c28aaSamw 			for (i = 0; i < 3; i++)
342da6c28aaSamw 				ret[ret_cnt++] = arr_3[i];
343da6c28aaSamw 
344da6c28aaSamw 			i = 0;
345da6c28aaSamw 		}
346da6c28aaSamw 	}
347da6c28aaSamw 
348da6c28aaSamw 	if (i) {
349da6c28aaSamw 		for (j = i; j < 4; j++)
350da6c28aaSamw 			arr_4[j] = 0;
351da6c28aaSamw 
352da6c28aaSamw 		for (j = 0; j < 4; j++) {
3532bc647a2SToomas Soome 			if ((p = strchr(b64_data, arr_4[j])) == NULL) {
3542bc647a2SToomas Soome 				free(ret);
355da6c28aaSamw 				return (NULL);
3562bc647a2SToomas Soome 			}
357da6c28aaSamw 
358da6c28aaSamw 			arr_4[j] = (int)(p - b64_data);
359da6c28aaSamw 		}
360da6c28aaSamw 		arr_3[0] = (arr_4[0] << 2) +
361da6c28aaSamw 		    ((arr_4[1] & 0x30) >> 4);
362da6c28aaSamw 		arr_3[1] = ((arr_4[1] & 0xf) << 4) +
363da6c28aaSamw 		    ((arr_4[2] & 0x3c) >> 2);
364da6c28aaSamw 		arr_3[2] = ((arr_4[2] & 0x3) << 6) +
365da6c28aaSamw 		    arr_4[3];
366da6c28aaSamw 		for (j = 0; j < (i - 1); j++)
367da6c28aaSamw 			ret[ret_cnt++] = arr_3[j];
368da6c28aaSamw 	}
369da6c28aaSamw 
370da6c28aaSamw 	ret[ret_cnt++] = '\0';
371da6c28aaSamw 	return (ret);
372da6c28aaSamw }
373da6c28aaSamw 
374da6c28aaSamw static char *
smb_config_getenv_generic(char * name,char * svc_fmri_prefix,char * svc_propgrp)375da6c28aaSamw smb_config_getenv_generic(char *name, char *svc_fmri_prefix, char *svc_propgrp)
376da6c28aaSamw {
377da6c28aaSamw 	smb_scfhandle_t *handle;
378da6c28aaSamw 	char *value;
379da6c28aaSamw 
380da6c28aaSamw 	if ((value = malloc(MAX_VALUE_BUFLEN * sizeof (char))) == NULL)
381da6c28aaSamw 		return (NULL);
382da6c28aaSamw 
383da6c28aaSamw 	handle = smb_smf_scf_init(svc_fmri_prefix);
384da6c28aaSamw 	if (handle == NULL) {
385da6c28aaSamw 		free(value);
386da6c28aaSamw 		return (NULL);
387da6c28aaSamw 	}
388da6c28aaSamw 
389da6c28aaSamw 	(void) smb_smf_create_service_pgroup(handle, svc_propgrp);
390da6c28aaSamw 
391da6c28aaSamw 	if (smb_smf_get_string_property(handle, name, value,
392da6c28aaSamw 	    sizeof (char) * MAX_VALUE_BUFLEN) != 0) {
393da6c28aaSamw 		smb_smf_scf_fini(handle);
394da6c28aaSamw 		free(value);
395da6c28aaSamw 		return (NULL);
396da6c28aaSamw 	}
397da6c28aaSamw 
398da6c28aaSamw 	smb_smf_scf_fini(handle);
399da6c28aaSamw 	return (value);
400da6c28aaSamw 
401da6c28aaSamw }
402da6c28aaSamw 
403dc20a302Sas static int
smb_config_setenv_generic(char * svc_fmri_prefix,char * svc_propgrp,char * name,char * value)404da6c28aaSamw smb_config_setenv_generic(char *svc_fmri_prefix, char *svc_propgrp,
405da6c28aaSamw     char *name, char *value)
406da6c28aaSamw {
407da6c28aaSamw 	smb_scfhandle_t *handle = NULL;
408da6c28aaSamw 	int rc = 0;
409da6c28aaSamw 
410da6c28aaSamw 
411da6c28aaSamw 	handle = smb_smf_scf_init(svc_fmri_prefix);
412da6c28aaSamw 	if (handle == NULL) {
413da6c28aaSamw 		return (1);
414da6c28aaSamw 	}
415da6c28aaSamw 
416da6c28aaSamw 	(void) smb_smf_create_service_pgroup(handle, svc_propgrp);
417da6c28aaSamw 
418da6c28aaSamw 	if (smb_smf_start_transaction(handle) != SMBD_SMF_OK) {
419da6c28aaSamw 		smb_smf_scf_fini(handle);
420da6c28aaSamw 		return (1);
421da6c28aaSamw 	}
422da6c28aaSamw 
423da6c28aaSamw 	if (smb_smf_set_string_property(handle, name, value) != SMBD_SMF_OK)
424da6c28aaSamw 		rc = 1;
425da6c28aaSamw 
426da6c28aaSamw 	if (smb_smf_end_transaction(handle) != SMBD_SMF_OK)
427da6c28aaSamw 		rc = 1;
428da6c28aaSamw 
429da6c28aaSamw 	smb_smf_scf_fini(handle);
430da6c28aaSamw 	return (rc);
431da6c28aaSamw }
432da6c28aaSamw 
433da6c28aaSamw /*
434dc20a302Sas  * smb_config_getstr
435da6c28aaSamw  *
436dc20a302Sas  * Fetch the specified string configuration item from SMF
437da6c28aaSamw  */
438da6c28aaSamw int
smb_config_getstr(smb_cfg_id_t id,char * cbuf,int bufsz)439dc20a302Sas smb_config_getstr(smb_cfg_id_t id, char *cbuf, int bufsz)
440da6c28aaSamw {
441dc20a302Sas 	smb_scfhandle_t *handle;
442dc20a302Sas 	smb_cfg_param_t *cfg;
443dc20a302Sas 	int rc = SMBD_SMF_OK;
44429bd2886SAlan Wright 	char *pg;
44596a62adaSjoyce mcintosh 	char protbuf[SMB_ENC_LEN];
44696a62adaSjoyce mcintosh 	char *tmp;
447da6c28aaSamw 
448dc20a302Sas 	*cbuf = '\0';
449dc20a302Sas 	cfg = smb_config_getent(id);
450dc20a302Sas 	assert(cfg->sc_type == SCF_TYPE_ASTRING);
451da6c28aaSamw 
452a774f103SGordon Ross 	if (id == SMB_CI_ADS_SITE)
453a774f103SGordon Ross 		return (smb_config_get_idmap_site_name(cbuf, bufsz));
454b3700b07SGordon Ross 	if (id == SMB_CI_DOMAIN_SRV)
455b3700b07SGordon Ross 		return (smb_config_get_idmap_preferred_dc(cbuf, bufsz));
456b3700b07SGordon Ross 
457da6c28aaSamw 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
458dc20a302Sas 	if (handle == NULL)
459dc20a302Sas 		return (SMBD_SMF_SYSTEM_ERR);
460da6c28aaSamw 
461dc20a302Sas 	if (cfg->sc_flags & SMB_CF_PROTECTED) {
462dc20a302Sas 		if ((rc = smb_smf_create_service_pgroup(handle,
463dc20a302Sas 		    SMBD_PROTECTED_PG_NAME)) != SMBD_SMF_OK)
464dc20a302Sas 			goto error;
465da6c28aaSamw 
466dc20a302Sas 		if ((rc = smb_smf_get_string_property(handle, cfg->sc_name,
467dc20a302Sas 		    protbuf, sizeof (protbuf))) != SMBD_SMF_OK)
468dc20a302Sas 			goto error;
469da6c28aaSamw 
470dc20a302Sas 		if (*protbuf != '\0') {
471dc20a302Sas 			tmp = smb_base64_decode(protbuf);
472dc20a302Sas 			(void) strlcpy(cbuf, tmp, bufsz);
473dc20a302Sas 			free(tmp);
474da6c28aaSamw 		}
475dc20a302Sas 	} else {
47629bd2886SAlan Wright 		pg = (cfg->sc_flags & SMB_CF_EXEC) ? SMBD_EXEC_PG_NAME :
47729bd2886SAlan Wright 		    SMBD_PG_NAME;
47829bd2886SAlan Wright 		rc = smb_smf_create_service_pgroup(handle, pg);
479dc20a302Sas 		if (rc == SMBD_SMF_OK)
480dc20a302Sas 			rc = smb_smf_get_string_property(handle, cfg->sc_name,
481dc20a302Sas 			    cbuf, bufsz);
482da6c28aaSamw 	}
483da6c28aaSamw 
484dc20a302Sas error:
485da6c28aaSamw 	smb_smf_scf_fini(handle);
486dc20a302Sas 	return (rc);
4877f667e74Sjose borrego }
4887f667e74Sjose borrego 
48996a62adaSjoyce mcintosh /*
49096a62adaSjoyce mcintosh  * Translate the value of an astring SMF property into a binary
49196a62adaSjoyce mcintosh  * IP address. If the value is neither a valid IPv4 nor IPv6
49296a62adaSjoyce mcintosh  * address, attempt to look it up as a hostname using the
49396a62adaSjoyce mcintosh  * configured address type.
49496a62adaSjoyce mcintosh  */
4957f667e74Sjose borrego int
smb_config_getip(smb_cfg_id_t sc_id,smb_inaddr_t * ipaddr)4967f667e74Sjose borrego smb_config_getip(smb_cfg_id_t sc_id, smb_inaddr_t *ipaddr)
4977f667e74Sjose borrego {
49896a62adaSjoyce mcintosh 	int rc, error;
49996a62adaSjoyce mcintosh 	int a_family;
50096a62adaSjoyce mcintosh 	char ipstr[MAXHOSTNAMELEN];
50196a62adaSjoyce mcintosh 	struct hostent *h;
50296a62adaSjoyce mcintosh 	smb_cfg_param_t *cfg;
5037f667e74Sjose borrego 
50429bd2886SAlan Wright 	if (ipaddr == NULL)
50529bd2886SAlan Wright 		return (SMBD_SMF_INVALID_ARG);
50629bd2886SAlan Wright 
50729bd2886SAlan Wright 	bzero(ipaddr, sizeof (smb_inaddr_t));
5087f667e74Sjose borrego 	rc = smb_config_getstr(sc_id, ipstr, sizeof (ipstr));
5097f667e74Sjose borrego 	if (rc == SMBD_SMF_OK) {
51096a62adaSjoyce mcintosh 		if (*ipstr == '\0')
51196a62adaSjoyce mcintosh 			return (SMBD_SMF_INVALID_ARG);
51296a62adaSjoyce mcintosh 
51329bd2886SAlan Wright 		if (inet_pton(AF_INET, ipstr, &ipaddr->a_ipv4) == 1) {
51429bd2886SAlan Wright 			ipaddr->a_family = AF_INET;
51529bd2886SAlan Wright 			return (SMBD_SMF_OK);
51629bd2886SAlan Wright 		}
51729bd2886SAlan Wright 
51829bd2886SAlan Wright 		if (inet_pton(AF_INET6, ipstr, &ipaddr->a_ipv6) == 1) {
51929bd2886SAlan Wright 			ipaddr->a_family = AF_INET6;
52096a62adaSjoyce mcintosh 			return (SMBD_SMF_OK);
52196a62adaSjoyce mcintosh 		}
52296a62adaSjoyce mcintosh 
52396a62adaSjoyce mcintosh 		/*
52496a62adaSjoyce mcintosh 		 * The value is neither an IPv4 nor IPv6 address;
52596a62adaSjoyce mcintosh 		 * so check if it's a hostname.
52696a62adaSjoyce mcintosh 		 */
52796a62adaSjoyce mcintosh 		a_family = smb_config_getbool(SMB_CI_IPV6_ENABLE) ?
52896a62adaSjoyce mcintosh 		    AF_INET6 : AF_INET;
52996a62adaSjoyce mcintosh 		h = getipnodebyname(ipstr, a_family, AI_DEFAULT,
53096a62adaSjoyce mcintosh 		    &error);
53196a62adaSjoyce mcintosh 		if (h != NULL) {
53296a62adaSjoyce mcintosh 			bcopy(*(h->h_addr_list), &ipaddr->a_ip,
53396a62adaSjoyce mcintosh 			    h->h_length);
53496a62adaSjoyce mcintosh 			ipaddr->a_family = a_family;
53596a62adaSjoyce mcintosh 			freehostent(h);
53629bd2886SAlan Wright 			rc = SMBD_SMF_OK;
53729bd2886SAlan Wright 		} else {
53896a62adaSjoyce mcintosh 			cfg = smb_config_getent(sc_id);
53996a62adaSjoyce mcintosh 			syslog(LOG_ERR, "smbd/%s: %s unable to get %s "
54096a62adaSjoyce mcintosh 			    "address: %d", cfg->sc_name, ipstr,
54196a62adaSjoyce mcintosh 			    a_family == AF_INET ?  "IPv4" : "IPv6", error);
54229bd2886SAlan Wright 			rc = SMBD_SMF_INVALID_ARG;
5437f667e74Sjose borrego 		}
5447f667e74Sjose borrego 	}
54529bd2886SAlan Wright 
5467f667e74Sjose borrego 	return (rc);
547da6c28aaSamw }
548da6c28aaSamw 
549da6c28aaSamw /*
550dc20a302Sas  * smb_config_getnum
551da6c28aaSamw  *
552dc20a302Sas  * Returns the value of a numeric config param.
553da6c28aaSamw  */
554da6c28aaSamw int
smb_config_getnum(smb_cfg_id_t id,int64_t * cint)555dc20a302Sas smb_config_getnum(smb_cfg_id_t id, int64_t *cint)
556da6c28aaSamw {
557dc20a302Sas 	smb_scfhandle_t *handle;
558dc20a302Sas 	smb_cfg_param_t *cfg;
559dc20a302Sas 	int rc = SMBD_SMF_OK;
560da6c28aaSamw 
561dc20a302Sas 	*cint = 0;
562dc20a302Sas 	cfg = smb_config_getent(id);
563dc20a302Sas 	assert(cfg->sc_type == SCF_TYPE_INTEGER);
564da6c28aaSamw 
565dc20a302Sas 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
566dc20a302Sas 	if (handle == NULL)
567dc20a302Sas 		return (SMBD_SMF_SYSTEM_ERR);
568da6c28aaSamw 
569dc20a302Sas 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
570dc20a302Sas 	if (rc == SMBD_SMF_OK)
571dc20a302Sas 		rc = smb_smf_get_integer_property(handle, cfg->sc_name, cint);
572da6c28aaSamw 	smb_smf_scf_fini(handle);
573da6c28aaSamw 
574dc20a302Sas 	return (rc);
575da6c28aaSamw }
576da6c28aaSamw 
577da6c28aaSamw /*
578dc20a302Sas  * smb_config_getbool
579da6c28aaSamw  *
580dc20a302Sas  * Returns the value of a boolean config param.
581da6c28aaSamw  */
582dc20a302Sas boolean_t
smb_config_getbool(smb_cfg_id_t id)583dc20a302Sas smb_config_getbool(smb_cfg_id_t id)
584da6c28aaSamw {
585dc20a302Sas 	smb_scfhandle_t *handle;
586da6c28aaSamw 	smb_cfg_param_t *cfg;
587dc20a302Sas 	int rc = SMBD_SMF_OK;
588dc20a302Sas 	uint8_t vbool;
589da6c28aaSamw 
590dc20a302Sas 	cfg = smb_config_getent(id);
591dc20a302Sas 	assert(cfg->sc_type == SCF_TYPE_BOOLEAN);
592da6c28aaSamw 
593dc20a302Sas 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
594dc20a302Sas 	if (handle == NULL)
595dc20a302Sas 		return (B_FALSE);
596dc20a302Sas 
597dc20a302Sas 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
598dc20a302Sas 	if (rc == SMBD_SMF_OK)
599dc20a302Sas 		rc = smb_smf_get_boolean_property(handle, cfg->sc_name, &vbool);
600dc20a302Sas 	smb_smf_scf_fini(handle);
601da6c28aaSamw 
602dc20a302Sas 	return ((rc == SMBD_SMF_OK) ? (vbool == 1) : B_FALSE);
603da6c28aaSamw }
604da6c28aaSamw 
605da6c28aaSamw /*
606da6c28aaSamw  * smb_config_get
607da6c28aaSamw  *
608dc20a302Sas  * This function returns the value of the requested config
609dc20a302Sas  * iterm regardless of its type in string format. This should
610dc20a302Sas  * be used when the config item type is not known by the caller.
611da6c28aaSamw  */
612dc20a302Sas int
smb_config_get(smb_cfg_id_t id,char * cbuf,int bufsz)613dc20a302Sas smb_config_get(smb_cfg_id_t id, char *cbuf, int bufsz)
614da6c28aaSamw {
615dc20a302Sas 	smb_cfg_param_t *cfg;
616dc20a302Sas 	int64_t cint;
617dc20a302Sas 	int rc;
618da6c28aaSamw 
619dc20a302Sas 	cfg = smb_config_getent(id);
620dc20a302Sas 	switch (cfg->sc_type) {
621dc20a302Sas 	case SCF_TYPE_ASTRING:
622dc20a302Sas 		return (smb_config_getstr(id, cbuf, bufsz));
623da6c28aaSamw 
624dc20a302Sas 	case SCF_TYPE_INTEGER:
625dc20a302Sas 		rc = smb_config_getnum(id, &cint);
626dc20a302Sas 		if (rc == SMBD_SMF_OK)
627dc20a302Sas 			(void) snprintf(cbuf, bufsz, "%lld", cint);
628dc20a302Sas 		return (rc);
629da6c28aaSamw 
630dc20a302Sas 	case SCF_TYPE_BOOLEAN:
631dc20a302Sas 		if (smb_config_getbool(id))
632dc20a302Sas 			(void) strlcpy(cbuf, "true", bufsz);
633dc20a302Sas 		else
634dc20a302Sas 			(void) strlcpy(cbuf, "false", bufsz);
635dc20a302Sas 		return (SMBD_SMF_OK);
636da6c28aaSamw 	}
637da6c28aaSamw 
638dc20a302Sas 	return (SMBD_SMF_INVALID_ARG);
639da6c28aaSamw }
640da6c28aaSamw 
641da6c28aaSamw /*
642dc20a302Sas  * smb_config_setstr
643da6c28aaSamw  *
644dc20a302Sas  * Set the specified config param with the given
645dc20a302Sas  * value.
646da6c28aaSamw  */
647dc20a302Sas int
smb_config_setstr(smb_cfg_id_t id,char * value)648dc20a302Sas smb_config_setstr(smb_cfg_id_t id, char *value)
649da6c28aaSamw {
650dc20a302Sas 	smb_scfhandle_t *handle;
651da6c28aaSamw 	smb_cfg_param_t *cfg;
652dc20a302Sas 	int rc = SMBD_SMF_OK;
653dc20a302Sas 	boolean_t protected;
654dc20a302Sas 	char *tmp = NULL;
655dc20a302Sas 	char *pg;
656da6c28aaSamw 
657dc20a302Sas 	cfg = smb_config_getent(id);
658dc20a302Sas 	assert(cfg->sc_type == SCF_TYPE_ASTRING);
659da6c28aaSamw 
660a774f103SGordon Ross 	if (id == SMB_CI_ADS_SITE)
661a774f103SGordon Ross 		return (smb_config_set_idmap_site_name(value));
662b3700b07SGordon Ross 	if (id == SMB_CI_DOMAIN_SRV)
663b3700b07SGordon Ross 		return (smb_config_set_idmap_preferred_dc(value));
664b3700b07SGordon Ross 
66529bd2886SAlan Wright 	protected = B_FALSE;
66629bd2886SAlan Wright 
66729bd2886SAlan Wright 	switch (cfg->sc_flags) {
66829bd2886SAlan Wright 	case SMB_CF_PROTECTED:
669dc20a302Sas 		protected = B_TRUE;
67029bd2886SAlan Wright 		pg = SMBD_PROTECTED_PG_NAME;
67129bd2886SAlan Wright 		break;
67229bd2886SAlan Wright 	case SMB_CF_EXEC:
67329bd2886SAlan Wright 		pg = SMBD_EXEC_PG_NAME;
67429bd2886SAlan Wright 		break;
67529bd2886SAlan Wright 	default:
676dc20a302Sas 		pg = SMBD_PG_NAME;
67729bd2886SAlan Wright 		break;
678da6c28aaSamw 	}
679da6c28aaSamw 
680dc20a302Sas 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
681dc20a302Sas 	if (handle == NULL)
682dc20a302Sas 		return (SMBD_SMF_SYSTEM_ERR);
683da6c28aaSamw 
684dc20a302Sas 	rc = smb_smf_create_service_pgroup(handle, pg);
685dc20a302Sas 	if (rc == SMBD_SMF_OK)
686dc20a302Sas 		rc = smb_smf_start_transaction(handle);
687da6c28aaSamw 
688dc20a302Sas 	if (rc != SMBD_SMF_OK) {
689dc20a302Sas 		smb_smf_scf_fini(handle);
690dc20a302Sas 		return (rc);
691da6c28aaSamw 	}
692da6c28aaSamw 
693dc20a302Sas 	if (protected && value && (*value != '\0')) {
694dc20a302Sas 		if ((tmp = smb_base64_encode(value)) == NULL) {
695dc20a302Sas 			(void) smb_smf_end_transaction(handle);
696dc20a302Sas 			smb_smf_scf_fini(handle);
697dc20a302Sas 			return (SMBD_SMF_NO_MEMORY);
698dc20a302Sas 		}
699da6c28aaSamw 
700dc20a302Sas 		value = tmp;
701da6c28aaSamw 	}
702da6c28aaSamw 
70376b0ca5aSGordon Ross 	rc = smb_smf_set_string_property(handle, cfg->sc_name, value);
704dc20a302Sas 
705dc20a302Sas 	free(tmp);
706dc20a302Sas 	(void) smb_smf_end_transaction(handle);
707dc20a302Sas 	smb_smf_scf_fini(handle);
708dc20a302Sas 	return (rc);
709da6c28aaSamw }
710da6c28aaSamw 
711da6c28aaSamw /*
712da6c28aaSamw  * smb_config_setnum
713da6c28aaSamw  *
714dc20a302Sas  * Sets a numeric configuration iterm
715da6c28aaSamw  */
716da6c28aaSamw int
smb_config_setnum(smb_cfg_id_t id,int64_t value)717dc20a302Sas smb_config_setnum(smb_cfg_id_t id, int64_t value)
718da6c28aaSamw {
719dc20a302Sas 	smb_scfhandle_t *handle;
720da6c28aaSamw 	smb_cfg_param_t *cfg;
721dc20a302Sas 	int rc = SMBD_SMF_OK;
722da6c28aaSamw 
723dc20a302Sas 	cfg = smb_config_getent(id);
724dc20a302Sas 	assert(cfg->sc_type == SCF_TYPE_INTEGER);
725da6c28aaSamw 
726dc20a302Sas 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
727dc20a302Sas 	if (handle == NULL)
728dc20a302Sas 		return (SMBD_SMF_SYSTEM_ERR);
729da6c28aaSamw 
730dc20a302Sas 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
731dc20a302Sas 	if (rc == SMBD_SMF_OK)
732dc20a302Sas 		rc = smb_smf_start_transaction(handle);
733da6c28aaSamw 
734dc20a302Sas 	if (rc != SMBD_SMF_OK) {
735dc20a302Sas 		smb_smf_scf_fini(handle);
736da6c28aaSamw 		return (rc);
737dc20a302Sas 	}
738da6c28aaSamw 
739dc20a302Sas 	rc = smb_smf_set_integer_property(handle, cfg->sc_name, value);
740dc20a302Sas 
741dc20a302Sas 	(void) smb_smf_end_transaction(handle);
742dc20a302Sas 	smb_smf_scf_fini(handle);
743dc20a302Sas 	return (rc);
744da6c28aaSamw }
745da6c28aaSamw 
746da6c28aaSamw /*
747dc20a302Sas  * smb_config_setbool
748da6c28aaSamw  *
749dc20a302Sas  * Sets a boolean configuration iterm
750da6c28aaSamw  */
751dc20a302Sas int
smb_config_setbool(smb_cfg_id_t id,boolean_t value)752dc20a302Sas smb_config_setbool(smb_cfg_id_t id, boolean_t value)
753da6c28aaSamw {
754dc20a302Sas 	smb_scfhandle_t *handle;
755da6c28aaSamw 	smb_cfg_param_t *cfg;
756dc20a302Sas 	int rc = SMBD_SMF_OK;
757dc20a302Sas 
758dc20a302Sas 	cfg = smb_config_getent(id);
759dc20a302Sas 	assert(cfg->sc_type == SCF_TYPE_BOOLEAN);
760da6c28aaSamw 
761da6c28aaSamw 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
762dc20a302Sas 	if (handle == NULL)
763dc20a302Sas 		return (SMBD_SMF_SYSTEM_ERR);
764da6c28aaSamw 
765dc20a302Sas 	rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME);
766dc20a302Sas 	if (rc == SMBD_SMF_OK)
767dc20a302Sas 		rc = smb_smf_start_transaction(handle);
768da6c28aaSamw 
769dc20a302Sas 	if (rc != SMBD_SMF_OK) {
770dc20a302Sas 		smb_smf_scf_fini(handle);
771dc20a302Sas 		return (rc);
772da6c28aaSamw 	}
773da6c28aaSamw 
774dc20a302Sas 	rc = smb_smf_set_boolean_property(handle, cfg->sc_name, value);
775dc20a302Sas 
776dc20a302Sas 	(void) smb_smf_end_transaction(handle);
777dc20a302Sas 	smb_smf_scf_fini(handle);
778dc20a302Sas 	return (rc);
779da6c28aaSamw }
780da6c28aaSamw 
781da6c28aaSamw /*
782dc20a302Sas  * smb_config_set
783da6c28aaSamw  *
784dc20a302Sas  * This function sets the value of the specified config
785dc20a302Sas  * iterm regardless of its type in string format. This should
786dc20a302Sas  * be used when the config item type is not known by the caller.
787da6c28aaSamw  */
788dc20a302Sas int
smb_config_set(smb_cfg_id_t id,char * value)789dc20a302Sas smb_config_set(smb_cfg_id_t id, char *value)
790da6c28aaSamw {
791dc20a302Sas 	smb_cfg_param_t *cfg;
792dc20a302Sas 	int64_t cint;
793da6c28aaSamw 
794dc20a302Sas 	cfg = smb_config_getent(id);
795dc20a302Sas 	switch (cfg->sc_type) {
796dc20a302Sas 	case SCF_TYPE_ASTRING:
797dc20a302Sas 		return (smb_config_setstr(id, value));
798dc20a302Sas 
799dc20a302Sas 	case SCF_TYPE_INTEGER:
800dc20a302Sas 		cint = atoi(value);
801dc20a302Sas 		return (smb_config_setnum(id, cint));
802dc20a302Sas 
803dc20a302Sas 	case SCF_TYPE_BOOLEAN:
804dc20a302Sas 		return (smb_config_setbool(id, strcasecmp(value, "true") == 0));
805da6c28aaSamw 	}
806da6c28aaSamw 
807dc20a302Sas 	return (SMBD_SMF_INVALID_ARG);
808da6c28aaSamw }
809b819cea2SGordon Ross 
810b819cea2SGordon Ross int
smb_config_get_debug()811b819cea2SGordon Ross smb_config_get_debug()
812b819cea2SGordon Ross {
813b819cea2SGordon Ross 	int64_t val64;
814b819cea2SGordon Ross 	int val = 0;	/* default */
815b819cea2SGordon Ross 	smb_scfhandle_t *handle = NULL;
816b819cea2SGordon Ross 
817b819cea2SGordon Ross 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
818b819cea2SGordon Ross 	if (handle == NULL) {
819b819cea2SGordon Ross 		return (val);
820b819cea2SGordon Ross 	}
821b819cea2SGordon Ross 
822b819cea2SGordon Ross 	if (smb_smf_create_service_pgroup(handle,
823b819cea2SGordon Ross 	    SMBD_PG_NAME) != SMBD_SMF_OK) {
824b819cea2SGordon Ross 		smb_smf_scf_fini(handle);
825b819cea2SGordon Ross 		return (val);
826b819cea2SGordon Ross 	}
827b819cea2SGordon Ross 
828b819cea2SGordon Ross 	if (smb_smf_get_integer_property(handle, "debug", &val64) != 0) {
829b819cea2SGordon Ross 		smb_smf_scf_fini(handle);
830b819cea2SGordon Ross 		return (val);
831b819cea2SGordon Ross 	}
832b819cea2SGordon Ross 	val = (int)val64;
833b819cea2SGordon Ross 
834b819cea2SGordon Ross 	smb_smf_scf_fini(handle);
835b819cea2SGordon Ross 
836b819cea2SGordon Ross 	return (val);
837b819cea2SGordon Ross }
838b819cea2SGordon Ross 
839da6c28aaSamw uint8_t
smb_config_get_fg_flag()840da6c28aaSamw smb_config_get_fg_flag()
841da6c28aaSamw {
842da6c28aaSamw 	uint8_t run_fg = 0; /* Default is to run in daemon mode */
843da6c28aaSamw 	smb_scfhandle_t *handle = NULL;
844da6c28aaSamw 
845da6c28aaSamw 	handle = smb_smf_scf_init(SMBD_FMRI_PREFIX);
846da6c28aaSamw 	if (handle == NULL) {
847da6c28aaSamw 		return (run_fg);
848da6c28aaSamw 	}
849da6c28aaSamw 
850da6c28aaSamw 	if (smb_smf_create_service_pgroup(handle,
851da6c28aaSamw 	    SMBD_PG_NAME) != SMBD_SMF_OK) {
852da6c28aaSamw 		smb_smf_scf_fini(handle);
853da6c28aaSamw 		return (run_fg);
854da6c28aaSamw 	}
855da6c28aaSamw 
856da6c28aaSamw 	if (smb_smf_get_boolean_property(handle, "run_fg", &run_fg) != 0) {
857da6c28aaSamw 		smb_smf_scf_fini(handle);
858da6c28aaSamw 		return (run_fg);
859da6c28aaSamw 	}
860da6c28aaSamw 
861da6c28aaSamw 	smb_smf_scf_fini(handle);
862da6c28aaSamw 
863da6c28aaSamw 	return (run_fg);
864da6c28aaSamw }
865da6c28aaSamw 
8661ed6b69aSGordon Ross /*
8671ed6b69aSGordon Ross  * smb_config_get_ads_enable
8681ed6b69aSGordon Ross  *
8691ed6b69aSGordon Ross  * Returns value of the "config/use_ads" parameter
8701ed6b69aSGordon Ross  * from the IDMAP SMF configuration repository.
8711ed6b69aSGordon Ross  *
8721ed6b69aSGordon Ross  */
8731ed6b69aSGordon Ross boolean_t
smb_config_get_ads_enable(void)8741ed6b69aSGordon Ross smb_config_get_ads_enable(void)
8751ed6b69aSGordon Ross {
8761ed6b69aSGordon Ross 	smb_scfhandle_t *handle = NULL;
8771ed6b69aSGordon Ross 	uint8_t vbool;
8781ed6b69aSGordon Ross 	int rc = 0;
8791ed6b69aSGordon Ross 
8801ed6b69aSGordon Ross 	handle = smb_smf_scf_init(IDMAP_FMRI_PREFIX);
8811ed6b69aSGordon Ross 	if (handle == NULL)
8821ed6b69aSGordon Ross 		return (B_FALSE);
8831ed6b69aSGordon Ross 
8841ed6b69aSGordon Ross 	rc = smb_smf_create_service_pgroup(handle, IDMAP_PG_NAME);
8851ed6b69aSGordon Ross 	if (rc == SMBD_SMF_OK)
8861ed6b69aSGordon Ross 		rc = smb_smf_get_boolean_property(handle, "use_ads", &vbool);
8871ed6b69aSGordon Ross 	smb_smf_scf_fini(handle);
8881ed6b69aSGordon Ross 
889b3700b07SGordon Ross 	return ((rc == SMBD_SMF_OK) ? (vbool == 1) : B_TRUE);
8901ed6b69aSGordon Ross }
8911ed6b69aSGordon Ross 
892da6c28aaSamw /*
893da6c28aaSamw  * smb_config_get_localsid
894da6c28aaSamw  *
895da6c28aaSamw  * Returns value of the "config/machine_sid" parameter
896da6c28aaSamw  * from the IDMAP SMF configuration repository.
89712b65585SGordon Ross  * Result is allocated; caller should free.
898da6c28aaSamw  */
899da6c28aaSamw char *
smb_config_get_localsid(void)900da6c28aaSamw smb_config_get_localsid(void)
901da6c28aaSamw {
902da6c28aaSamw 	return (smb_config_getenv_generic(MACHINE_SID, IDMAP_FMRI_PREFIX,
903da6c28aaSamw 	    IDMAP_PG_NAME));
904da6c28aaSamw }
905da6c28aaSamw 
90612b65585SGordon Ross /*
90712b65585SGordon Ross  * smb_config_get_localuuid
90812b65585SGordon Ross  *
90912b65585SGordon Ross  * Returns value of the "config/machine_uuid" parameter
91012b65585SGordon Ross  * from the IDMAP SMF configuration repository.
91112b65585SGordon Ross  *
91212b65585SGordon Ross  */
91312b65585SGordon Ross int
smb_config_get_localuuid(uuid_t uu)91412b65585SGordon Ross smb_config_get_localuuid(uuid_t uu)
91512b65585SGordon Ross {
91612b65585SGordon Ross 	char *s;
917549ab26fSMatt Barden 	int rc = 0;
91812b65585SGordon Ross 
91912b65585SGordon Ross 	uuid_clear(uu);
92012b65585SGordon Ross 	s = smb_config_getenv_generic(MACHINE_UUID, IDMAP_FMRI_PREFIX,
92112b65585SGordon Ross 	    IDMAP_PG_NAME);
92212b65585SGordon Ross 	if (s == NULL)
92312b65585SGordon Ross 		return (-1);
92412b65585SGordon Ross 
925549ab26fSMatt Barden 	if (uuid_parse(s, uu) < 0)
926549ab26fSMatt Barden 		rc = -1;
92712b65585SGordon Ross 
928549ab26fSMatt Barden 	free(s);
929549ab26fSMatt Barden 	return (rc);
93012b65585SGordon Ross }
93112b65585SGordon Ross 
932b3700b07SGordon Ross static int
smb_config_get_idmap_preferred_dc(char * cbuf,int bufsz)933b3700b07SGordon Ross smb_config_get_idmap_preferred_dc(char *cbuf, int bufsz)
934b3700b07SGordon Ross {
935b3700b07SGordon Ross 	char *s;
936b3700b07SGordon Ross 	int len, rc = -1;
937b3700b07SGordon Ross 
938b3700b07SGordon Ross 	s = smb_config_getenv_generic(IDMAP_PREF_DC,
939b3700b07SGordon Ross 	    IDMAP_FMRI_PREFIX, IDMAP_PG_NAME);
940b3700b07SGordon Ross 	if (s != NULL) {
941b3700b07SGordon Ross 		len = strlcpy(cbuf, s, bufsz);
942b3700b07SGordon Ross 		if (len < bufsz)
943b3700b07SGordon Ross 			rc = 0;
944b3700b07SGordon Ross 		free(s);
945b3700b07SGordon Ross 	}
946b3700b07SGordon Ross 	return (rc);
947b3700b07SGordon Ross }
948b3700b07SGordon Ross 
949b3700b07SGordon Ross static int
smb_config_set_idmap_preferred_dc(char * value)950b3700b07SGordon Ross smb_config_set_idmap_preferred_dc(char *value)
951b3700b07SGordon Ross {
952b3700b07SGordon Ross 	return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME,
953b3700b07SGordon Ross 	    IDMAP_PREF_DC, value));
954b3700b07SGordon Ross }
955b3700b07SGordon Ross 
956a774f103SGordon Ross static int
smb_config_get_idmap_site_name(char * cbuf,int bufsz)957a774f103SGordon Ross smb_config_get_idmap_site_name(char *cbuf, int bufsz)
958a774f103SGordon Ross {
959a774f103SGordon Ross 	char *s;
960a774f103SGordon Ross 	int len, rc = -1;
961a774f103SGordon Ross 
962a774f103SGordon Ross 	s = smb_config_getenv_generic(IDMAP_SITE_NAME,
963a774f103SGordon Ross 	    IDMAP_FMRI_PREFIX, IDMAP_PG_NAME);
964a774f103SGordon Ross 	if (s != NULL) {
965a774f103SGordon Ross 		len = strlcpy(cbuf, s, bufsz);
966a774f103SGordon Ross 		if (len < bufsz)
967a774f103SGordon Ross 			rc = 0;
968a774f103SGordon Ross 		free(s);
969a774f103SGordon Ross 	}
970a774f103SGordon Ross 	return (rc);
971a774f103SGordon Ross }
972a774f103SGordon Ross 
973a774f103SGordon Ross static int
smb_config_set_idmap_site_name(char * value)974a774f103SGordon Ross smb_config_set_idmap_site_name(char *value)
975a774f103SGordon Ross {
976a774f103SGordon Ross 	return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME,
977a774f103SGordon Ross 	    IDMAP_SITE_NAME, value));
978a774f103SGordon Ross }
979a774f103SGordon Ross 
980da6c28aaSamw /*
981da6c28aaSamw  * smb_config_set_idmap_domain
982da6c28aaSamw  *
98355bf511dSas  * Set the "config/domain_name" parameter from IDMAP SMF repository.
984da6c28aaSamw  */
985da6c28aaSamw int
smb_config_set_idmap_domain(char * value)986da6c28aaSamw smb_config_set_idmap_domain(char *value)
987da6c28aaSamw {
988da6c28aaSamw 	return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME,
98955bf511dSas 	    IDMAP_DOMAIN, value));
990da6c28aaSamw }
991da6c28aaSamw 
992da6c28aaSamw /*
993da6c28aaSamw  * smb_config_refresh_idmap
994da6c28aaSamw  *
995da6c28aaSamw  * Refresh IDMAP SMF service after making changes to its configuration.
996da6c28aaSamw  */
997da6c28aaSamw int
smb_config_refresh_idmap(void)998da6c28aaSamw smb_config_refresh_idmap(void)
999da6c28aaSamw {
1000da6c28aaSamw 	char instance[32];
1001da6c28aaSamw 
1002da6c28aaSamw 	(void) snprintf(instance, sizeof (instance), "%s:default",
1003da6c28aaSamw 	    IDMAP_FMRI_PREFIX);
1004da6c28aaSamw 	return (smf_refresh_instance(instance));
1005da6c28aaSamw }
1006da6c28aaSamw 
1007da6c28aaSamw int
smb_config_secmode_fromstr(char * secmode)1008da6c28aaSamw smb_config_secmode_fromstr(char *secmode)
1009da6c28aaSamw {
1010da6c28aaSamw 	if (secmode == NULL)
1011da6c28aaSamw 		return (SMB_SECMODE_WORKGRP);
1012da6c28aaSamw 
1013da6c28aaSamw 	if (strcasecmp(secmode, SMB_SECMODE_DOMAIN_STR) == 0)
1014da6c28aaSamw 		return (SMB_SECMODE_DOMAIN);
1015da6c28aaSamw 
1016da6c28aaSamw 	return (SMB_SECMODE_WORKGRP);
1017da6c28aaSamw }
1018da6c28aaSamw 
1019da6c28aaSamw char *
smb_config_secmode_tostr(int secmode)1020da6c28aaSamw smb_config_secmode_tostr(int secmode)
1021da6c28aaSamw {
1022da6c28aaSamw 	if (secmode == SMB_SECMODE_DOMAIN)
1023da6c28aaSamw 		return (SMB_SECMODE_DOMAIN_STR);
1024da6c28aaSamw 
1025da6c28aaSamw 	return (SMB_SECMODE_WORKGRP_STR);
1026da6c28aaSamw }
1027da6c28aaSamw 
1028da6c28aaSamw int
smb_config_get_secmode()1029da6c28aaSamw smb_config_get_secmode()
1030da6c28aaSamw {
1031dc20a302Sas 	char p[16];
1032da6c28aaSamw 
1033dc20a302Sas 	(void) smb_config_getstr(SMB_CI_SECURITY, p, sizeof (p));
1034da6c28aaSamw 	return (smb_config_secmode_fromstr(p));
1035da6c28aaSamw }
1036da6c28aaSamw 
1037da6c28aaSamw int
smb_config_set_secmode(int secmode)1038da6c28aaSamw smb_config_set_secmode(int secmode)
1039da6c28aaSamw {
1040da6c28aaSamw 	char *p;
1041da6c28aaSamw 
1042da6c28aaSamw 	p = smb_config_secmode_tostr(secmode);
1043dc20a302Sas 	return (smb_config_setstr(SMB_CI_SECURITY, p));
1044dc20a302Sas }
1045dc20a302Sas 
10468d7e4166Sjose borrego void
smb_config_getdomaininfo(char * domain,char * fqdn,char * sid,char * forest,char * guid)104729bd2886SAlan Wright smb_config_getdomaininfo(char *domain, char *fqdn, char *sid, char *forest,
104829bd2886SAlan Wright     char *guid)
10498d7e4166Sjose borrego {
105029bd2886SAlan Wright 	if (domain)
105129bd2886SAlan Wright 		(void) smb_config_getstr(SMB_CI_DOMAIN_NAME, domain,
105229bd2886SAlan Wright 		    NETBIOS_NAME_SZ);
105329bd2886SAlan Wright 
105429bd2886SAlan Wright 	if (fqdn)
105529bd2886SAlan Wright 		(void) smb_config_getstr(SMB_CI_DOMAIN_FQDN, fqdn,
105629bd2886SAlan Wright 		    MAXHOSTNAMELEN);
105729bd2886SAlan Wright 
105829bd2886SAlan Wright 	if (sid)
105929bd2886SAlan Wright 		(void) smb_config_getstr(SMB_CI_DOMAIN_SID, sid,
106029bd2886SAlan Wright 		    SMB_SID_STRSZ);
106129bd2886SAlan Wright 
106229bd2886SAlan Wright 	if (forest)
106329bd2886SAlan Wright 		(void) smb_config_getstr(SMB_CI_DOMAIN_FOREST, forest,
106429bd2886SAlan Wright 		    MAXHOSTNAMELEN);
106529bd2886SAlan Wright 
106629bd2886SAlan Wright 	if (guid)
106729bd2886SAlan Wright 		(void) smb_config_getstr(SMB_CI_DOMAIN_GUID, guid,
106829bd2886SAlan Wright 		    UUID_PRINTABLE_STRING_LENGTH);
10698d7e4166Sjose borrego }
10708d7e4166Sjose borrego 
10718d7e4166Sjose borrego void
smb_config_setdomaininfo(char * domain,char * fqdn,char * sid,char * forest,char * guid)107229bd2886SAlan Wright smb_config_setdomaininfo(char *domain, char *fqdn, char *sid, char *forest,
107329bd2886SAlan Wright     char *guid)
10748d7e4166Sjose borrego {
107529bd2886SAlan Wright 	if (domain)
107629bd2886SAlan Wright 		(void) smb_config_setstr(SMB_CI_DOMAIN_NAME, domain);
107729bd2886SAlan Wright 	if (fqdn)
107829bd2886SAlan Wright 		(void) smb_config_setstr(SMB_CI_DOMAIN_FQDN, fqdn);
107929bd2886SAlan Wright 	if (sid)
108029bd2886SAlan Wright 		(void) smb_config_setstr(SMB_CI_DOMAIN_SID, sid);
108129bd2886SAlan Wright 	if (forest)
108229bd2886SAlan Wright 		(void) smb_config_setstr(SMB_CI_DOMAIN_FOREST, forest);
108329bd2886SAlan Wright 	if (guid)
108429bd2886SAlan Wright 		(void) smb_config_setstr(SMB_CI_DOMAIN_GUID, guid);
10858d7e4166Sjose borrego }
10869fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
10879fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States /*
10889fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * The version stored in SMF in string format as N.N where
10899fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * N is a number defined by Microsoft. The first number represents
10909fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * the major version and the second number is the minor version.
10919fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * Current defined values can be found here in 'ver_table'.
10929fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  *
10939fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * This function reads the SMF string value and converts it to
10949fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * two numbers returned in the given 'version' structure.
10959fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  * Current default version number is 5.0 which is for Windows 2000.
10969fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States  */
10979fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States void
smb_config_get_version(smb_version_t * version)10989fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_config_get_version(smb_version_t *version)
10999fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States {
11009fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	smb_version_t tmpver;
11019fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	char verstr[SMB_VERSTR_LEN];
11029fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	char *p;
11039fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	int rc, i;
11049fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	static smb_version_t ver_table [] = {
1105fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_NT,	SMB_MINOR_NT,		1381,	0 },
1106fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_2000,	SMB_MINOR_2000,		2195,	0 },
1107fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_XP,	SMB_MINOR_XP,		2196,	0 },
1108fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_2003,	SMB_MINOR_2003,		2196,	0 },
1109fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_VISTA,	SMB_MINOR_VISTA,	6000,	0 },
1110fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_2008,	SMB_MINOR_2008,		6000,	0 },
1111fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_2008R2,	SMB_MINOR_2008R2,	7007,	0 },
1112fd9ee8b5Sjoyce mcintosh 		{ 0, SMB_MAJOR_7,	SMB_MINOR_7,		7007,	0 }
11139fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	};
11149fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11159fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	*version = ver_table[1];
1116fd9ee8b5Sjoyce mcintosh 	version->sv_size = sizeof (smb_version_t);
11179fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11189fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	rc = smb_config_getstr(SMB_CI_VERSION, verstr, sizeof (verstr));
11199fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	if (rc != SMBD_SMF_OK)
11209fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 		return;
11219fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11229fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	if ((p = strchr(verstr, '.')) == NULL)
11239fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 		return;
11249fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11259fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	*p = '\0';
11269fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	tmpver.sv_major = (uint8_t)atoi(verstr);
11279fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	tmpver.sv_minor = (uint8_t)atoi(p + 1);
11289fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11299fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	for (i = 0; i < sizeof (ver_table)/sizeof (ver_table[0]); ++i) {
11309fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 		if ((tmpver.sv_major == ver_table[i].sv_major) &&
11319fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 		    (tmpver.sv_minor == ver_table[i].sv_minor)) {
11329fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 			*version = ver_table[i];
1133fd9ee8b5Sjoyce mcintosh 			version->sv_size = sizeof (smb_version_t);
11349fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 			break;
11359fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 		}
11369fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	}
11379fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States }
11389fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
1139148c5f43SAlan Wright /*
1140148c5f43SAlan Wright  * Reads share exec script properties
1141148c5f43SAlan Wright  */
1142148c5f43SAlan Wright uint32_t
smb_config_get_execinfo(char * map,char * unmap,size_t bufsz)1143148c5f43SAlan Wright smb_config_get_execinfo(char *map, char *unmap, size_t bufsz)
1144148c5f43SAlan Wright {
1145148c5f43SAlan Wright 	char buf[MAXPATHLEN];
1146148c5f43SAlan Wright 	uint32_t flags = 0;
1147148c5f43SAlan Wright 
1148148c5f43SAlan Wright 	if (map == NULL) {
1149148c5f43SAlan Wright 		map = buf;
1150148c5f43SAlan Wright 		bufsz = MAXPATHLEN;
1151148c5f43SAlan Wright 	}
1152148c5f43SAlan Wright 
1153148c5f43SAlan Wright 	*map = '\0';
1154148c5f43SAlan Wright 	(void) smb_config_getstr(SMB_CI_MAP, map, bufsz);
1155148c5f43SAlan Wright 	if (*map != '\0')
1156148c5f43SAlan Wright 		flags |= SMB_EXEC_MAP;
1157148c5f43SAlan Wright 
1158148c5f43SAlan Wright 	if (unmap == NULL) {
1159148c5f43SAlan Wright 		unmap = buf;
1160148c5f43SAlan Wright 		bufsz = MAXPATHLEN;
1161148c5f43SAlan Wright 	}
1162148c5f43SAlan Wright 
1163148c5f43SAlan Wright 	*unmap = '\0';
1164148c5f43SAlan Wright 	(void) smb_config_getstr(SMB_CI_UNMAP, unmap, bufsz);
1165148c5f43SAlan Wright 	if (*unmap != '\0')
1166148c5f43SAlan Wright 		flags |= SMB_EXEC_UNMAP;
1167148c5f43SAlan Wright 
1168148c5f43SAlan Wright 	*buf = '\0';
1169148c5f43SAlan Wright 	(void) smb_config_getstr(SMB_CI_DISPOSITION, buf, sizeof (buf));
1170148c5f43SAlan Wright 	if (*buf != '\0')
1171148c5f43SAlan Wright 		if (strcasecmp(buf, SMB_EXEC_DISP_TERMINATE) == 0)
1172148c5f43SAlan Wright 			flags |= SMB_EXEC_TERM;
1173148c5f43SAlan Wright 
1174148c5f43SAlan Wright 	return (flags);
1175148c5f43SAlan Wright }
1176148c5f43SAlan Wright 
11779fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States static smb_cfg_param_t *
smb_config_getent(smb_cfg_id_t id)11789fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States smb_config_getent(smb_cfg_id_t id)
11799fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States {
11809fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	int i;
11819fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11829fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	for (i = 0; i < SMB_CI_MAX; i++)
11839fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 		if (smb_cfg_table[i].sc_id == id)
11849fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 			return (&smb_cfg_table[id]);
11859fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 
11869fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	assert(0);
11879fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States 	return (NULL);
11889fb67ea3Safshin salek ardakani - Sun Microsystems - Irvine United States }
1189a90cf9f2SGordon Ross 
11903e2c0c09SMatt Barden static uint32_t
smb_config_get_protocol(smb_cfg_id_t id,char * name,uint32_t default_val)11913e2c0c09SMatt Barden smb_config_get_protocol(smb_cfg_id_t id, char *name, uint32_t default_val)
11923e2c0c09SMatt Barden {
11933e2c0c09SMatt Barden 	char str[SMB_VERSTR_LEN];
11943e2c0c09SMatt Barden 	int rc;
11953e2c0c09SMatt Barden 	uint32_t val;
11963e2c0c09SMatt Barden 
11973e2c0c09SMatt Barden 	rc = smb_config_getstr(id, str, sizeof (str));
11983e2c0c09SMatt Barden 	if (rc == SMBD_SMF_OK) {
11993e2c0c09SMatt Barden 		val = smb_convert_version_str(str);
12003e2c0c09SMatt Barden 		if (val != 0)
12013e2c0c09SMatt Barden 			return (val);
12023e2c0c09SMatt Barden 		if (str[0] != '\0') {
12033e2c0c09SMatt Barden 			syslog(LOG_ERR, "smbd/%s value invalid: %s", name, str);
12043e2c0c09SMatt Barden 		}
12053e2c0c09SMatt Barden 	}
12063e2c0c09SMatt Barden 
12073e2c0c09SMatt Barden 	return (default_val);
12083e2c0c09SMatt Barden }
12093e2c0c09SMatt Barden 
1210a90cf9f2SGordon Ross /*
1211*92101ea4SGordon Ross  * If the service properties min_protocol and max_protocol are empty values,
1212*92101ea4SGordon Ross  * the built-in defaults allow clients to use any supported protocol version.
1213*92101ea4SGordon Ross  * Policy choices (such as "let's disable SMB1") should be implemented by
1214*92101ea4SGordon Ross  * setting values in the SMB service, either via the service manifest (if a
1215*92101ea4SGordon Ross  * distribution policy) or via svccfg/svcprop (if a local policy).
1216*92101ea4SGordon Ross  *
1217*92101ea4SGordon Ross  * max_protocol_default should be the highest implemented protocol version.
1218*92101ea4SGordon Ross  * See also $UTS/common/fs/smbsrv/smb2_negotiate.c
1219a90cf9f2SGordon Ross  */
12204e065a9fSAlexander Stetsenko uint32_t max_protocol_default = SMB_VERS_3_11;
1221a90cf9f2SGordon Ross 
1222a90cf9f2SGordon Ross uint32_t
smb_config_get_max_protocol(void)1223a90cf9f2SGordon Ross smb_config_get_max_protocol(void)
1224a90cf9f2SGordon Ross {
12251160dcf7SMatt Barden 	uint32_t max;
1226a90cf9f2SGordon Ross 
12273e2c0c09SMatt Barden 	max = smb_config_get_protocol(SMB_CI_MAX_PROTOCOL, "max_protocol",
12283e2c0c09SMatt Barden 	    max_protocol_default);
12293e2c0c09SMatt Barden 
12303e2c0c09SMatt Barden 	return (max);
12313e2c0c09SMatt Barden }
12323e2c0c09SMatt Barden 
12333e2c0c09SMatt Barden /*
1234*92101ea4SGordon Ross  * See comment above max_protocol_default
12353e2c0c09SMatt Barden  */
12363e2c0c09SMatt Barden uint32_t min_protocol_default = SMB_VERS_1;
12373e2c0c09SMatt Barden 
12383e2c0c09SMatt Barden uint32_t
smb_config_get_min_protocol(void)12393e2c0c09SMatt Barden smb_config_get_min_protocol(void)
12403e2c0c09SMatt Barden {
12413e2c0c09SMatt Barden 	uint32_t min;
12423e2c0c09SMatt Barden 
12433e2c0c09SMatt Barden 	min = smb_config_get_protocol(SMB_CI_MIN_PROTOCOL, "min_protocol",
12443e2c0c09SMatt Barden 	    min_protocol_default);
1245a90cf9f2SGordon Ross 
12463e2c0c09SMatt Barden 	return (min);
1247a90cf9f2SGordon Ross }
1248a90cf9f2SGordon Ross 
12494e065a9fSAlexander Stetsenko /*
1250b0bb0d63SGordon Ross  * Convert a list of ciphers to a bitmask.
1251b0bb0d63SGordon Ross  * Returns mask or -1 for errors.
1252b0bb0d63SGordon Ross  *
1253b0bb0d63SGordon Ross  * Note this is used both below and in libshare_smb
1254b0bb0d63SGordon Ross  * for validation of new setting.
12554e065a9fSAlexander Stetsenko  */
1256b0bb0d63SGordon Ross int
smb_convert_encrypt_ciphers(char * value)1257b0bb0d63SGordon Ross smb_convert_encrypt_ciphers(char *value)
12584e065a9fSAlexander Stetsenko {
1259b0bb0d63SGordon Ross 	const char *sep = ",:";
1260b0bb0d63SGordon Ross 	char buf[SMB_CIPHERS_MAXLEN];
1261b0bb0d63SGordon Ross 	char *last;
1262b0bb0d63SGordon Ross 	char *cn;
1263b0bb0d63SGordon Ross 	struct str_val *sv;
1264b0bb0d63SGordon Ross 	int ciphers = 0;
1265b0bb0d63SGordon Ross 
1266b0bb0d63SGordon Ross 	if (value == NULL)
1267b0bb0d63SGordon Ross 		return (-1);
12684e065a9fSAlexander Stetsenko 
1269b0bb0d63SGordon Ross 	if (strlen(value) >= SMB_CIPHERS_MAXLEN)
1270b0bb0d63SGordon Ross 		return (-1);
1271b0bb0d63SGordon Ross 
12722bc647a2SToomas Soome 	(void) strlcpy(buf, value, sizeof (buf));
1273dee7ba86SAlexander Stetsenko 
1274b0bb0d63SGordon Ross 	cn = strtok_r(buf, sep, &last);
1275b0bb0d63SGordon Ross 	while (cn != NULL) {
1276b0bb0d63SGordon Ross 		boolean_t valid = B_FALSE;
1277b0bb0d63SGordon Ross 		/* # of ciphers is small - don't care about O(n2) */
1278b0bb0d63SGordon Ross 		for (sv = smb31_encrypt_ciphers; sv->str != NULL; sv++) {
1279b0bb0d63SGordon Ross 			if (strcmp(cn, sv->str) == 0) {
1280b0bb0d63SGordon Ross 				ciphers |= sv->val;
1281b0bb0d63SGordon Ross 				valid = B_TRUE;
1282b0bb0d63SGordon Ross 			}
1283b0bb0d63SGordon Ross 		}
1284b0bb0d63SGordon Ross 		if (!valid)
1285b0bb0d63SGordon Ross 			return (-1);
1286b0bb0d63SGordon Ross 		cn = strtok_r(NULL, sep, &last);
12874e065a9fSAlexander Stetsenko 	}
1288b0bb0d63SGordon Ross 	return (ciphers);
1289b0bb0d63SGordon Ross }
12904e065a9fSAlexander Stetsenko 
1291b0bb0d63SGordon Ross /*
1292b0bb0d63SGordon Ross  * Return a bitmask indicating enabled cipher algorithms.
1293b0bb0d63SGordon Ross  * If the config does not have at least one known cipher,
1294b0bb0d63SGordon Ross  * that's a configuration error, so just enable all.
1295b0bb0d63SGordon Ross  */
1296b0bb0d63SGordon Ross uint32_t
smb_config_get_encrypt_ciphers(void)1297b0bb0d63SGordon Ross smb_config_get_encrypt_ciphers(void)
1298b0bb0d63SGordon Ross {
1299b0bb0d63SGordon Ross 	char buf[SMB_CIPHERS_MAXLEN];
1300b0bb0d63SGordon Ross 	int ciphers = 0;
1301dee7ba86SAlexander Stetsenko 
1302b0bb0d63SGordon Ross 	if (smb_config_getstr(SMB_CI_ENCRYPT_CIPHERS, buf, sizeof (buf))
1303b0bb0d63SGordon Ross 	    != SMBD_SMF_OK)
1304b0bb0d63SGordon Ross 		buf[0] = '\0';
1305b0bb0d63SGordon Ross 
1306b0bb0d63SGordon Ross 	ciphers = smb_convert_encrypt_ciphers(buf);
13074e065a9fSAlexander Stetsenko 
1308b0bb0d63SGordon Ross 	if (ciphers <= 0)
1309b0bb0d63SGordon Ross 		ciphers = SMB3_CIPHER_FLAGS_ALL;
1310b0bb0d63SGordon Ross 
1311b0bb0d63SGordon Ross 	return ((uint32_t)ciphers);
1312b0bb0d63SGordon Ross }
1313a90cf9f2SGordon Ross 
1314a90cf9f2SGordon Ross /*
1315a90cf9f2SGordon Ross  * Run once at startup convert old SMF settings to current.
1316a90cf9f2SGordon Ross  */
1317a90cf9f2SGordon Ross void
smb_config_upgrade(void)1318a90cf9f2SGordon Ross smb_config_upgrade(void)
1319a90cf9f2SGordon Ross {
1320a90cf9f2SGordon Ross }
13211160dcf7SMatt Barden 
13221160dcf7SMatt Barden smb_cfg_val_t
smb_config_get_require(smb_cfg_id_t id)13231160dcf7SMatt Barden smb_config_get_require(smb_cfg_id_t id)
13241160dcf7SMatt Barden {
13251160dcf7SMatt Barden 	int rc;
13261160dcf7SMatt Barden 	char str[sizeof ("required")];
13271160dcf7SMatt Barden 
13281160dcf7SMatt Barden 	rc = smb_config_getstr(id, str, sizeof (str));
13291160dcf7SMatt Barden 	if (rc != SMBD_SMF_OK)
13301160dcf7SMatt Barden 		return (SMB_CONFIG_DISABLED);
13311160dcf7SMatt Barden 
13321160dcf7SMatt Barden 	if (strncmp(str, "required", sizeof (str)) == 0)
13331160dcf7SMatt Barden 		return (SMB_CONFIG_REQUIRED);
13341160dcf7SMatt Barden 	if (strncmp(str, "enabled", sizeof (str)) == 0)
13351160dcf7SMatt Barden 		return (SMB_CONFIG_ENABLED);
13361160dcf7SMatt Barden 
13371160dcf7SMatt Barden 	return (SMB_CONFIG_DISABLED);
13381160dcf7SMatt Barden }
1339