1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2020 Tintri by DDN, Inc. All rights reserved.
24 * Copyright 2020 RackTop Systems, Inc.
25 */
26
27 #include <sys/types.h>
28 #include <sys/sockio.h>
29 #include <sys/socket.h>
30 #include <sys/utsname.h>
31
32 #include <stdarg.h>
33 #include <unistd.h>
34 #include <stdlib.h>
35 #include <time.h>
36 #include <synch.h>
37 #include <syslog.h>
38 #include <string.h>
39 #include <strings.h>
40 #include <errno.h>
41 #include <net/if.h>
42 #include <netdb.h>
43 #include <netinet/in.h>
44 #include <arpa/nameser.h>
45 #include <resolv.h>
46
47 #include <smbsrv/smbinfo.h>
48 #include <smbsrv/netbios.h>
49 #include <smbsrv/libsmb.h>
50 #include <assert.h>
51
52 static mutex_t seqnum_mtx;
53
54 /*
55 * IPC connection information that may be passed to the SMB Redirector.
56 */
57 typedef struct {
58 char user[SMB_USERNAME_MAXLEN];
59 uint8_t passwd[SMBAUTH_HASH_SZ];
60 } smb_ipc_t;
61
62 static smb_ipc_t ipc_info;
63 static smb_ipc_t ipc_orig_info;
64 static rwlock_t smb_ipc_lock;
65
66 /*
67 * These three parameters are all related:
68 * skc_initial_credits
69 * skc_maximum_credits
70 * skc_maxworkers (max worker threads)
71 * They must be in non-decreasing order. Get the values in order:
72 * maxworkers, maximum_credits, initial_credits
73 * enforcing maximum values and relations as we go. Then in the
74 * opposite order check minimum values and relations.
75 *
76 * smb_config_getnum puts a zero in the &citem if it fails getting
77 * the parameter value. When fetch parameters for which zero is OK,
78 * the return code is intentionally ignored.
79 */
80 void
smb_load_kconfig(smb_kmod_cfg_t * kcfg)81 smb_load_kconfig(smb_kmod_cfg_t *kcfg)
82 {
83 struct utsname uts;
84 int64_t citem;
85 int rc;
86
87 bzero(kcfg, sizeof (smb_kmod_cfg_t));
88
89 /*
90 * skc_maxworkers (max. no. of taskq worker threads)
91 */
92 rc = smb_config_getnum(SMB_CI_MAX_WORKERS, &citem);
93 if (rc != SMBD_SMF_OK)
94 citem = SMB_PI_MAX_WORKERS_DEF;
95 if (citem > SMB_PI_MAX_WORKERS_MAX)
96 citem = SMB_PI_MAX_WORKERS_MAX;
97 kcfg->skc_maxworkers = (uint32_t)citem;
98
99 /*
100 * The largest number of credits we let a single client have.
101 * It never makes sense for this to be > max_workers
102 */
103 rc = smb_config_getnum(SMB_CI_MAXIMUM_CREDITS, &citem);
104 if (rc != SMBD_SMF_OK)
105 citem = SMB_PI_MAXIMUM_CREDITS_DEF;
106 if (citem > SMB_PI_MAXIMUM_CREDITS_MAX)
107 citem = SMB_PI_MAXIMUM_CREDITS_MAX;
108 kcfg->skc_maximum_credits = (uint16_t)citem;
109 if (kcfg->skc_maximum_credits > kcfg->skc_maxworkers)
110 kcfg->skc_maximum_credits = (uint16_t)kcfg->skc_maxworkers;
111
112 /*
113 * The number of credits we give a client initially.
114 * Should be enough for a "light" workload, as the
115 * client will request additional credits when the
116 * workload increases. Must be <= maximum_credits.
117 */
118 rc = smb_config_getnum(SMB_CI_INITIAL_CREDITS, &citem);
119 if (rc != SMBD_SMF_OK)
120 citem = SMB_PI_INITIAL_CREDITS_DEF;
121 if (citem > SMB_PI_INITIAL_CREDITS_MAX)
122 citem = SMB_PI_INITIAL_CREDITS_MAX;
123 kcfg->skc_initial_credits = (uint16_t)citem;
124 if (kcfg->skc_initial_credits > kcfg->skc_maximum_credits)
125 kcfg->skc_initial_credits = kcfg->skc_maximum_credits;
126
127 /*
128 * Now enforce minimums, smaller to larger.
129 */
130 if (kcfg->skc_initial_credits < SMB_PI_INITIAL_CREDITS_MIN)
131 kcfg->skc_initial_credits = SMB_PI_INITIAL_CREDITS_MIN;
132
133 if (kcfg->skc_maximum_credits < SMB_PI_MAXIMUM_CREDITS_MIN)
134 kcfg->skc_maximum_credits = SMB_PI_MAXIMUM_CREDITS_MIN;
135 if (kcfg->skc_maximum_credits < kcfg->skc_initial_credits)
136 kcfg->skc_maximum_credits = kcfg->skc_initial_credits;
137
138 if (kcfg->skc_maxworkers < SMB_PI_MAX_WORKERS_MIN)
139 kcfg->skc_maxworkers = SMB_PI_MAX_WORKERS_MIN;
140 if (kcfg->skc_maxworkers < kcfg->skc_maximum_credits)
141 kcfg->skc_maxworkers = kcfg->skc_maximum_credits;
142
143 (void) smb_config_getnum(SMB_CI_KEEPALIVE, &citem);
144 kcfg->skc_keepalive = (uint32_t)citem;
145 if ((kcfg->skc_keepalive != 0) &&
146 (kcfg->skc_keepalive < SMB_PI_KEEP_ALIVE_MIN))
147 kcfg->skc_keepalive = SMB_PI_KEEP_ALIVE_MIN;
148
149 (void) smb_config_getnum(SMB_CI_MAX_CONNECTIONS, &citem);
150 kcfg->skc_maxconnections = (uint32_t)citem;
151 kcfg->skc_restrict_anon = smb_config_getbool(SMB_CI_RESTRICT_ANON);
152 kcfg->skc_signing_enable = smb_config_getbool(SMB_CI_SIGNING_ENABLE);
153 kcfg->skc_signing_required = smb_config_getbool(SMB_CI_SIGNING_REQD);
154 kcfg->skc_netbios_enable = smb_config_getbool(SMB_CI_NETBIOS_ENABLE);
155 kcfg->skc_ipv6_enable = smb_config_getbool(SMB_CI_IPV6_ENABLE);
156 kcfg->skc_print_enable = smb_config_getbool(SMB_CI_PRINT_ENABLE);
157 kcfg->skc_oplock_enable = smb_config_getbool(SMB_CI_OPLOCK_ENABLE);
158 kcfg->skc_sync_enable = smb_config_getbool(SMB_CI_SYNC_ENABLE);
159 kcfg->skc_traverse_mounts = smb_config_getbool(SMB_CI_TRAVERSE_MOUNTS);
160 kcfg->skc_max_protocol = smb_config_get_max_protocol();
161 kcfg->skc_min_protocol = smb_config_get_min_protocol();
162 kcfg->skc_secmode = smb_config_get_secmode();
163 kcfg->skc_encrypt = smb_config_get_require(SMB_CI_ENCRYPT);
164 kcfg->skc_encrypt_cipher = smb31_config_get_encrypt_cipher();
165
166 (void) smb_getdomainname(kcfg->skc_nbdomain,
167 sizeof (kcfg->skc_nbdomain));
168 (void) smb_getfqdomainname(kcfg->skc_fqdn,
169 sizeof (kcfg->skc_fqdn));
170 (void) smb_getnetbiosname(kcfg->skc_hostname,
171 sizeof (kcfg->skc_hostname));
172 (void) smb_config_getstr(SMB_CI_SYS_CMNT, kcfg->skc_system_comment,
173 sizeof (kcfg->skc_system_comment));
174 smb_config_get_version(&kcfg->skc_version);
175 kcfg->skc_execflags = smb_config_get_execinfo(NULL, NULL, 0);
176 if (smb_config_get_localuuid(kcfg->skc_machine_uuid) < 0) {
177 syslog(LOG_ERR, "smb_load_kconfig: no machine_uuid");
178 uuid_generate_time(kcfg->skc_machine_uuid);
179 }
180 /* skc_negtok, skc_negtok_len: see smbd_authsvc.c */
181
182 (void) uname(&uts);
183 (void) snprintf(kcfg->skc_native_os, sizeof (kcfg->skc_native_os),
184 "%s %s %s", uts.sysname, uts.release, uts.version);
185
186 (void) strlcpy(kcfg->skc_native_lm, "Native SMB service",
187 sizeof (kcfg->skc_native_lm));
188 }
189
190 /*
191 * Get the current system NetBIOS name. The hostname is truncated at
192 * the first `.` or 15 bytes, whichever occurs first, and converted
193 * to uppercase (by smb_gethostname). Text that appears after the
194 * first '.' is considered to be part of the NetBIOS scope.
195 *
196 * Returns 0 on success, otherwise -1 to indicate an error.
197 */
198 int
smb_getnetbiosname(char * buf,size_t buflen)199 smb_getnetbiosname(char *buf, size_t buflen)
200 {
201 if (smb_gethostname(buf, buflen, SMB_CASE_UPPER) != 0)
202 return (-1);
203
204 if (buflen >= NETBIOS_NAME_SZ)
205 buf[NETBIOS_NAME_SZ - 1] = '\0';
206
207 return (0);
208 }
209
210 /*
211 * Get the SAM account of the current system.
212 * Returns 0 on success, otherwise, -1 to indicate an error.
213 */
214 int
smb_getsamaccount(char * buf,size_t buflen)215 smb_getsamaccount(char *buf, size_t buflen)
216 {
217 if (smb_getnetbiosname(buf, buflen - 1) != 0)
218 return (-1);
219
220 (void) strlcat(buf, "$", buflen);
221 return (0);
222 }
223
224 /*
225 * Get the current system node name. The returned name is guaranteed
226 * to be null-terminated (gethostname may not null terminate the name).
227 * If the hostname has been fully-qualified for some reason, the domain
228 * part will be removed. The returned hostname is converted to the
229 * specified case (lower, upper, or preserved).
230 *
231 * If gethostname fails, the returned buffer will contain an empty
232 * string.
233 */
234 int
smb_gethostname(char * buf,size_t buflen,smb_caseconv_t which)235 smb_gethostname(char *buf, size_t buflen, smb_caseconv_t which)
236 {
237 char *p;
238
239 if (buf == NULL || buflen == 0)
240 return (-1);
241
242 if (gethostname(buf, buflen) != 0) {
243 *buf = '\0';
244 return (-1);
245 }
246
247 buf[buflen - 1] = '\0';
248
249 if ((p = strchr(buf, '.')) != NULL)
250 *p = '\0';
251
252 switch (which) {
253 case SMB_CASE_LOWER:
254 (void) smb_strlwr(buf);
255 break;
256
257 case SMB_CASE_UPPER:
258 (void) smb_strupr(buf);
259 break;
260
261 case SMB_CASE_PRESERVE:
262 default:
263 break;
264 }
265
266 return (0);
267 }
268
269 /*
270 * Obtain the fully-qualified name for this machine in lower case. If
271 * the hostname is fully-qualified, accept it. Otherwise, try to find an
272 * appropriate domain name to append to the hostname.
273 */
274 int
smb_getfqhostname(char * buf,size_t buflen)275 smb_getfqhostname(char *buf, size_t buflen)
276 {
277 char hostname[MAXHOSTNAMELEN];
278 char domain[MAXHOSTNAMELEN];
279
280 hostname[0] = '\0';
281 domain[0] = '\0';
282
283 if (smb_gethostname(hostname, MAXHOSTNAMELEN,
284 SMB_CASE_LOWER) != 0)
285 return (-1);
286
287 if (smb_getfqdomainname(domain, MAXHOSTNAMELEN) != 0)
288 return (-1);
289
290 if (hostname[0] == '\0')
291 return (-1);
292
293 if (domain[0] == '\0') {
294 (void) strlcpy(buf, hostname, buflen);
295 return (0);
296 }
297
298 (void) snprintf(buf, buflen, "%s.%s", hostname, domain);
299 return (0);
300 }
301
302 /*
303 * smb_getdomainname
304 *
305 * Returns NETBIOS name of the domain if the system is in domain
306 * mode. Or returns workgroup name if the system is in workgroup
307 * mode.
308 */
309 int
smb_getdomainname(char * buf,size_t buflen)310 smb_getdomainname(char *buf, size_t buflen)
311 {
312 int rc;
313
314 if (buf == NULL || buflen == 0)
315 return (-1);
316
317 *buf = '\0';
318 rc = smb_config_getstr(SMB_CI_DOMAIN_NAME, buf, buflen);
319
320 if ((rc != SMBD_SMF_OK) || (*buf == '\0'))
321 return (-1);
322
323 return (0);
324 }
325
326 /*
327 * smb_getfqdomainname
328 *
329 * In the system is in domain mode, the dns_domain property value
330 * is returned. Otherwise, it returns the local domain obtained via
331 * resolver.
332 *
333 * Returns 0 upon success. Otherwise, returns -1.
334 */
335 int
smb_getfqdomainname(char * buf,size_t buflen)336 smb_getfqdomainname(char *buf, size_t buflen)
337 {
338 struct __res_state res_state;
339 int rc;
340
341 if (buf == NULL || buflen == 0)
342 return (-1);
343
344 *buf = '\0';
345 if (smb_config_get_secmode() == SMB_SECMODE_DOMAIN) {
346 rc = smb_config_getstr(SMB_CI_DOMAIN_FQDN, buf, buflen);
347
348 if ((rc != SMBD_SMF_OK) || (*buf == '\0'))
349 return (-1);
350 } else {
351 bzero(&res_state, sizeof (struct __res_state));
352 if (res_ninit(&res_state))
353 return (-1);
354
355 if (*res_state.defdname == '\0') {
356 res_ndestroy(&res_state);
357 return (-1);
358 }
359
360 (void) strlcpy(buf, res_state.defdname, buflen);
361 res_ndestroy(&res_state);
362 rc = 0;
363 }
364
365 return (rc);
366 }
367
368
369 /*
370 * smb_set_machine_passwd
371 *
372 * This function should be used when setting the machine password property.
373 * The associated sequence number is incremented.
374 */
375 static int
smb_set_machine_passwd(char * passwd)376 smb_set_machine_passwd(char *passwd)
377 {
378 int64_t num;
379 int rc = -1;
380
381 if (smb_config_set(SMB_CI_MACHINE_PASSWD, passwd) != SMBD_SMF_OK)
382 return (-1);
383
384 (void) mutex_lock(&seqnum_mtx);
385 (void) smb_config_getnum(SMB_CI_KPASSWD_SEQNUM, &num);
386 if (smb_config_setnum(SMB_CI_KPASSWD_SEQNUM, ++num)
387 == SMBD_SMF_OK)
388 rc = 0;
389 (void) mutex_unlock(&seqnum_mtx);
390 return (rc);
391 }
392
393 static int
smb_get_machine_passwd(uint8_t * buf,size_t buflen)394 smb_get_machine_passwd(uint8_t *buf, size_t buflen)
395 {
396 char pwd[SMB_PASSWD_MAXLEN + 1];
397 int rc;
398
399 if (buflen < SMBAUTH_HASH_SZ)
400 return (-1);
401
402 rc = smb_config_getstr(SMB_CI_MACHINE_PASSWD, pwd, sizeof (pwd));
403 if ((rc != SMBD_SMF_OK) || *pwd == '\0')
404 return (-1);
405
406 if (smb_auth_ntlm_hash(pwd, buf) != 0)
407 return (-1);
408
409 return (rc);
410 }
411
412 /*
413 * Set up IPC connection credentials.
414 */
415 void
smb_ipc_init(void)416 smb_ipc_init(void)
417 {
418 int rc;
419
420 (void) rw_wrlock(&smb_ipc_lock);
421 bzero(&ipc_info, sizeof (smb_ipc_t));
422 bzero(&ipc_orig_info, sizeof (smb_ipc_t));
423
424 (void) smb_getsamaccount(ipc_info.user, SMB_USERNAME_MAXLEN);
425 rc = smb_get_machine_passwd(ipc_info.passwd, SMBAUTH_HASH_SZ);
426 if (rc != 0)
427 *ipc_info.passwd = 0;
428 (void) rw_unlock(&smb_ipc_lock);
429
430 }
431
432 /*
433 * Set the IPC username and password hash in memory. If the domain
434 * join succeeds, the credentials will be committed for use with
435 * authenticated IPC. Otherwise, they should be rolled back.
436 */
437 void
smb_ipc_set(char * plain_user,uint8_t * passwd_hash)438 smb_ipc_set(char *plain_user, uint8_t *passwd_hash)
439 {
440 (void) rw_wrlock(&smb_ipc_lock);
441 (void) strlcpy(ipc_info.user, plain_user, sizeof (ipc_info.user));
442 (void) memcpy(ipc_info.passwd, passwd_hash, SMBAUTH_HASH_SZ);
443 (void) rw_unlock(&smb_ipc_lock);
444
445 }
446
447 /*
448 * Save the host credentials to be used for authenticated IPC.
449 * The credentials are also saved to the original IPC info as
450 * rollback data in case the join domain process fails later.
451 */
452 void
smb_ipc_commit(void)453 smb_ipc_commit(void)
454 {
455 (void) rw_wrlock(&smb_ipc_lock);
456 (void) smb_getsamaccount(ipc_info.user, SMB_USERNAME_MAXLEN);
457 (void) smb_get_machine_passwd(ipc_info.passwd, SMBAUTH_HASH_SZ);
458 (void) memcpy(&ipc_orig_info, &ipc_info, sizeof (smb_ipc_t));
459 (void) rw_unlock(&smb_ipc_lock);
460 }
461
462 /*
463 * Restore the original credentials
464 */
465 void
smb_ipc_rollback(void)466 smb_ipc_rollback(void)
467 {
468 (void) rw_wrlock(&smb_ipc_lock);
469 (void) strlcpy(ipc_info.user, ipc_orig_info.user,
470 sizeof (ipc_info.user));
471 (void) memcpy(ipc_info.passwd, ipc_orig_info.passwd,
472 sizeof (ipc_info.passwd));
473 (void) rw_unlock(&smb_ipc_lock);
474 }
475
476 void
smb_ipc_get_user(char * buf,size_t buflen)477 smb_ipc_get_user(char *buf, size_t buflen)
478 {
479 (void) rw_rdlock(&smb_ipc_lock);
480 (void) strlcpy(buf, ipc_info.user, buflen);
481 (void) rw_unlock(&smb_ipc_lock);
482 }
483
484 void
smb_ipc_get_passwd(uint8_t * buf,size_t buflen)485 smb_ipc_get_passwd(uint8_t *buf, size_t buflen)
486 {
487 if (buflen < SMBAUTH_HASH_SZ)
488 return;
489
490 (void) rw_rdlock(&smb_ipc_lock);
491 (void) memcpy(buf, ipc_info.passwd, SMBAUTH_HASH_SZ);
492 (void) rw_unlock(&smb_ipc_lock);
493 }
494
495 /*
496 * smb_match_netlogon_seqnum
497 *
498 * A sequence number is associated with each machine password property
499 * update and the netlogon credential chain setup. If the
500 * sequence numbers don't match, a NETLOGON credential chain
501 * establishment is required.
502 *
503 * Returns 0 if kpasswd_seqnum equals to netlogon_seqnum. Otherwise,
504 * returns -1.
505 */
506 boolean_t
smb_match_netlogon_seqnum(void)507 smb_match_netlogon_seqnum(void)
508 {
509 int64_t setpasswd_seqnum;
510 int64_t netlogon_seqnum;
511
512 (void) mutex_lock(&seqnum_mtx);
513 (void) smb_config_getnum(SMB_CI_KPASSWD_SEQNUM, &setpasswd_seqnum);
514 (void) smb_config_getnum(SMB_CI_NETLOGON_SEQNUM, &netlogon_seqnum);
515 (void) mutex_unlock(&seqnum_mtx);
516 return (setpasswd_seqnum == netlogon_seqnum);
517 }
518
519 /*
520 * smb_setdomainprops
521 *
522 * This function should be called after joining an AD to
523 * set all the domain related SMF properties.
524 *
525 * The kpasswd_domain property is the AD domain to which the system
526 * is joined via kclient. If this function is invoked by the SMB
527 * daemon, fqdn should be set to NULL.
528 */
529 int
smb_setdomainprops(char * fqdn,char * server,char * passwd)530 smb_setdomainprops(char *fqdn, char *server, char *passwd)
531 {
532 if (server == NULL || passwd == NULL)
533 return (-1);
534
535 if ((*server == '\0') || (*passwd == '\0'))
536 return (-1);
537
538 if (fqdn && (smb_config_set(SMB_CI_KPASSWD_DOMAIN, fqdn) != 0))
539 return (-1);
540
541 if (smb_config_set(SMB_CI_KPASSWD_SRV, server) != 0)
542 return (-1);
543
544 if (smb_set_machine_passwd(passwd) != 0) {
545 syslog(LOG_ERR, "smb_setdomainprops: failed to set"
546 " machine account password");
547 return (-1);
548 }
549
550 /*
551 * If we successfully create a trust account, we mark
552 * ourselves as a domain member in the environment so
553 * that we use the SAMLOGON version of the NETLOGON
554 * PDC location protocol.
555 */
556 (void) smb_config_setbool(SMB_CI_DOMAIN_MEMB, B_TRUE);
557
558 return (0);
559 }
560
561 /*
562 * smb_update_netlogon_seqnum
563 *
564 * This function should only be called upon a successful netlogon
565 * credential chain establishment to set the sequence number of the
566 * netlogon to match with that of the kpasswd.
567 */
568 void
smb_update_netlogon_seqnum(void)569 smb_update_netlogon_seqnum(void)
570 {
571 int64_t num;
572
573 (void) mutex_lock(&seqnum_mtx);
574 (void) smb_config_getnum(SMB_CI_KPASSWD_SEQNUM, &num);
575 (void) smb_config_setnum(SMB_CI_NETLOGON_SEQNUM, num);
576 (void) mutex_unlock(&seqnum_mtx);
577 }
578
579
580 /*
581 * Temporary fbt for dtrace until user space sdt enabled.
582 */
583 void
smb_tracef(const char * fmt,...)584 smb_tracef(const char *fmt, ...)
585 {
586 va_list ap;
587 char buf[128];
588
589 va_start(ap, fmt);
590 (void) vsnprintf(buf, 128, fmt, ap);
591 va_end(ap);
592
593 smb_trace(buf);
594 }
595
596 /*
597 * Temporary fbt for dtrace until user space sdt enabled.
598 *
599 * This function is designed to be used with dtrace, i.e. see:
600 * usr/src/cmd/smbsrv/dtrace/smbd-all.d
601 *
602 * Outside of dtrace, the messages passed to this function usually
603 * lack sufficient context to be useful, so we don't log them.
604 */
605 /* ARGSUSED */
606 void
smb_trace(const char * s)607 smb_trace(const char *s)
608 {
609 }
610
611 /*
612 * smb_tonetbiosname
613 *
614 * Creates a NetBIOS name based on the given name and suffix.
615 * NetBIOS name is 15 capital characters, padded with space if needed
616 * and the 16th byte is the suffix.
617 */
618 void
smb_tonetbiosname(char * name,char * nb_name,char suffix)619 smb_tonetbiosname(char *name, char *nb_name, char suffix)
620 {
621 char tmp_name[NETBIOS_NAME_SZ];
622 smb_wchar_t wtmp_name[NETBIOS_NAME_SZ];
623 int len;
624 size_t rc;
625
626 len = 0;
627 rc = smb_mbstowcs(wtmp_name, (const char *)name, NETBIOS_NAME_SZ);
628
629 if (rc != (size_t)-1) {
630 wtmp_name[NETBIOS_NAME_SZ - 1] = 0;
631 rc = ucstooem(tmp_name, wtmp_name, NETBIOS_NAME_SZ,
632 OEM_CPG_850);
633 if (rc > 0)
634 len = strlen(tmp_name);
635 }
636
637 (void) memset(nb_name, ' ', NETBIOS_NAME_SZ - 1);
638 if (len) {
639 (void) smb_strupr(tmp_name);
640 (void) memcpy(nb_name, tmp_name, len);
641 }
642 nb_name[NETBIOS_NAME_SZ - 1] = suffix;
643 }
644
645 int
smb_get_nameservers(smb_inaddr_t * ips,int sz)646 smb_get_nameservers(smb_inaddr_t *ips, int sz)
647 {
648 union res_sockaddr_union set[MAXNS];
649 int i, cnt;
650 struct __res_state res_state;
651 char ipstr[INET6_ADDRSTRLEN];
652
653 if (ips == NULL)
654 return (0);
655
656 bzero(&res_state, sizeof (struct __res_state));
657 if (res_ninit(&res_state) < 0)
658 return (0);
659
660 cnt = res_getservers(&res_state, set, MAXNS);
661 for (i = 0; i < cnt; i++) {
662 if (i >= sz)
663 break;
664 ips[i].a_family = AF_INET;
665 bcopy(&set[i].sin.sin_addr, &ips[i].a_ipv4, NS_INADDRSZ);
666 if (inet_ntop(AF_INET, &ips[i].a_ipv4, ipstr,
667 INET_ADDRSTRLEN)) {
668 syslog(LOG_DEBUG, "Found %s name server\n", ipstr);
669 continue;
670 }
671 ips[i].a_family = AF_INET6;
672 bcopy(&set[i].sin.sin_addr, &ips[i].a_ipv6, NS_IN6ADDRSZ);
673 if (inet_ntop(AF_INET6, &ips[i].a_ipv6, ipstr,
674 INET6_ADDRSTRLEN)) {
675 syslog(LOG_DEBUG, "Found %s name server\n", ipstr);
676 }
677 }
678 res_ndestroy(&res_state);
679 return (i);
680 }
681
682 /*
683 * smb_gethostbyname
684 *
685 * Looks up a host by the given name. The host entry can come
686 * from any of the sources for hosts specified in the
687 * /etc/nsswitch.conf and the NetBIOS cache.
688 *
689 * XXX Invokes nbt_name_resolve API once the NBTD is integrated
690 * to look in the NetBIOS cache if getipnodebyname fails.
691 *
692 * Caller should invoke freehostent to free the returned hostent.
693 */
694 struct hostent *
smb_gethostbyname(const char * name,int * err_num)695 smb_gethostbyname(const char *name, int *err_num)
696 {
697 struct hostent *h;
698
699 h = getipnodebyname(name, AF_INET, 0, err_num);
700 if ((h == NULL) || h->h_length != INADDRSZ)
701 h = getipnodebyname(name, AF_INET6, AI_DEFAULT, err_num);
702 return (h);
703 }
704
705 /*
706 * smb_gethostbyaddr
707 *
708 * Looks up a host by the given IP address. The host entry can come
709 * from any of the sources for hosts specified in the
710 * /etc/nsswitch.conf and the NetBIOS cache.
711 *
712 * XXX Invokes nbt API to resolve name by IP once the NBTD is integrated
713 * to look in the NetBIOS cache if getipnodebyaddr fails.
714 *
715 * Caller should invoke freehostent to free the returned hostent.
716 */
717 struct hostent *
smb_gethostbyaddr(const char * addr,int len,int type,int * err_num)718 smb_gethostbyaddr(const char *addr, int len, int type, int *err_num)
719 {
720 struct hostent *h;
721
722 h = getipnodebyaddr(addr, len, type, err_num);
723
724 return (h);
725 }
726
727 uint32_t
smb_get_netlogon_flags(void)728 smb_get_netlogon_flags(void)
729 {
730 int64_t val;
731
732 if (smb_config_getnum(SMB_CI_NETLOGON_FLAGS, &val) != SMBD_SMF_OK)
733 return (SMB_PI_NETLOGON_FLAGS_DEFAULT);
734
735 /* These are flags, and we only use the lowest 32 bits */
736 return ((uint32_t)val);
737 }
738