1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 23 * Copyright 2018 Nexenta Systems, Inc. All rights reserved. 24 */ 25 26 /* 27 * CIFS configuration management library 28 */ 29 30 #include <stdio.h> 31 #include <stdlib.h> 32 #include <unistd.h> 33 #include <synch.h> 34 #include <string.h> 35 #include <strings.h> 36 #include <syslog.h> 37 #include <netdb.h> 38 #include <ctype.h> 39 #include <sys/types.h> 40 #include <libscf.h> 41 #include <assert.h> 42 #include <uuid/uuid.h> 43 #include <smbsrv/libsmb.h> 44 45 typedef struct smb_cfg_param { 46 smb_cfg_id_t sc_id; 47 char *sc_name; 48 int sc_type; 49 uint32_t sc_flags; 50 } smb_cfg_param_t; 51 52 struct str_val { 53 char *str; 54 uint32_t val; 55 }; 56 57 /* 58 * config parameter flags 59 */ 60 #define SMB_CF_PROTECTED 0x01 61 #define SMB_CF_EXEC 0x02 62 63 /* idmap SMF fmri and Property Group */ 64 #define IDMAP_FMRI_PREFIX "system/idmap" 65 #define MACHINE_SID "machine_sid" 66 #define MACHINE_UUID "machine_uuid" 67 #define IDMAP_DOMAIN "domain_name" 68 #define IDMAP_PREF_DC "preferred_dc" 69 #define IDMAP_SITE_NAME "site_name" 70 #define IDMAP_PG_NAME "config" 71 72 #define SMB_SECMODE_WORKGRP_STR "workgroup" 73 #define SMB_SECMODE_DOMAIN_STR "domain" 74 75 #define SMB_ENC_LEN 1024 76 #define SMB_DEC_LEN 256 77 78 static char *b64_data = 79 "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; 80 81 static smb_cfg_param_t smb_cfg_table[] = 82 { 83 {SMB_CI_VERSION, "sv_version", SCF_TYPE_ASTRING, 0}, 84 85 /* Oplock configuration, Kernel Only */ 86 {SMB_CI_OPLOCK_ENABLE, "oplock_enable", SCF_TYPE_BOOLEAN, 0}, 87 88 /* Autohome configuration */ 89 {SMB_CI_AUTOHOME_MAP, "autohome_map", SCF_TYPE_ASTRING, 0}, 90 91 /* Domain/PDC configuration */ 92 {SMB_CI_DOMAIN_SID, "domain_sid", SCF_TYPE_ASTRING, 0}, 93 {SMB_CI_DOMAIN_MEMB, "domain_member", SCF_TYPE_BOOLEAN, 0}, 94 {SMB_CI_DOMAIN_NAME, "domain_name", SCF_TYPE_ASTRING, 0}, 95 {SMB_CI_DOMAIN_FQDN, "fqdn", SCF_TYPE_ASTRING, 0}, 96 {SMB_CI_DOMAIN_FOREST, "forest", SCF_TYPE_ASTRING, 0}, 97 {SMB_CI_DOMAIN_GUID, "domain_guid", SCF_TYPE_ASTRING, 0}, 98 {SMB_CI_DOMAIN_SRV, "pdc", SCF_TYPE_ASTRING, 0}, 99 100 /* WINS configuration */ 101 {SMB_CI_WINS_SRV1, "wins_server_1", SCF_TYPE_ASTRING, 0}, 102 {SMB_CI_WINS_SRV2, "wins_server_2", SCF_TYPE_ASTRING, 0}, 103 {SMB_CI_WINS_EXCL, "wins_exclude", SCF_TYPE_ASTRING, 0}, 104 105 /* Kmod specific configuration */ 106 {SMB_CI_MAX_WORKERS, "max_workers", SCF_TYPE_INTEGER, 0}, 107 {SMB_CI_MAX_CONNECTIONS, "max_connections", SCF_TYPE_INTEGER, 0}, 108 {SMB_CI_KEEPALIVE, "keep_alive", SCF_TYPE_INTEGER, 0}, 109 {SMB_CI_RESTRICT_ANON, "restrict_anonymous", SCF_TYPE_BOOLEAN, 0}, 110 111 {SMB_CI_SIGNING_ENABLE, "signing_enabled", SCF_TYPE_BOOLEAN, 0}, 112 {SMB_CI_SIGNING_REQD, "signing_required", SCF_TYPE_BOOLEAN, 0}, 113 114 /* Kmod tuning configuration */ 115 {SMB_CI_SYNC_ENABLE, "sync_enable", SCF_TYPE_BOOLEAN, 0}, 116 117 /* SMBd configuration */ 118 {SMB_CI_SECURITY, "security", SCF_TYPE_ASTRING, 0}, 119 {SMB_CI_NETBIOS_ENABLE, "netbios_enable", SCF_TYPE_BOOLEAN, 0}, 120 {SMB_CI_NBSCOPE, "netbios_scope", SCF_TYPE_ASTRING, 0}, 121 {SMB_CI_SYS_CMNT, "system_comment", SCF_TYPE_ASTRING, 0}, 122 {SMB_CI_LM_LEVEL, "lmauth_level", SCF_TYPE_INTEGER, 0}, 123 124 /* ADS Configuration */ 125 {SMB_CI_ADS_SITE, "ads_site", SCF_TYPE_ASTRING, 0}, 126 127 /* Dynamic DNS */ 128 {SMB_CI_DYNDNS_ENABLE, "ddns_enable", SCF_TYPE_BOOLEAN, 0}, 129 130 {SMB_CI_MACHINE_PASSWD, "machine_passwd", SCF_TYPE_ASTRING, 131 SMB_CF_PROTECTED}, 132 133 {SMB_CI_MACHINE_UUID, "machine_uuid", SCF_TYPE_ASTRING, 0}, 134 {SMB_CI_KPASSWD_SRV, "kpasswd_server", SCF_TYPE_ASTRING, 0}, 135 {SMB_CI_KPASSWD_DOMAIN, "kpasswd_domain", SCF_TYPE_ASTRING, 0}, 136 {SMB_CI_KPASSWD_SEQNUM, "kpasswd_seqnum", SCF_TYPE_INTEGER, 0}, 137 {SMB_CI_NETLOGON_SEQNUM, "netlogon_seqnum", SCF_TYPE_INTEGER, 0}, 138 {SMB_CI_IPV6_ENABLE, "ipv6_enable", SCF_TYPE_BOOLEAN, 0}, 139 {SMB_CI_PRINT_ENABLE, "print_enable", SCF_TYPE_BOOLEAN, 0}, 140 {SMB_CI_MAP, "map", SCF_TYPE_ASTRING, SMB_CF_EXEC}, 141 {SMB_CI_UNMAP, "unmap", SCF_TYPE_ASTRING, SMB_CF_EXEC}, 142 {SMB_CI_DISPOSITION, "disposition", SCF_TYPE_ASTRING, SMB_CF_EXEC}, 143 {SMB_CI_DFS_STDROOT_NUM, "dfs_stdroot_num", SCF_TYPE_INTEGER, 0}, 144 {SMB_CI_TRAVERSE_MOUNTS, "traverse_mounts", SCF_TYPE_BOOLEAN, 0}, 145 {SMB_CI_SMB2_ENABLE_OLD, "smb2_enable", SCF_TYPE_BOOLEAN, 0}, 146 {SMB_CI_INITIAL_CREDITS, "initial_credits", SCF_TYPE_INTEGER, 0}, 147 {SMB_CI_MAXIMUM_CREDITS, "maximum_credits", SCF_TYPE_INTEGER, 0}, 148 {SMB_CI_MAX_PROTOCOL, "max_protocol", SCF_TYPE_ASTRING, 0}, 149 {SMB_CI_ENCRYPT, "encrypt", SCF_TYPE_ASTRING, 0}, 150 {SMB_CI_MIN_PROTOCOL, "min_protocol", SCF_TYPE_ASTRING, 0}, 151 {SMB_CI_BYPASS_TRAVERSE_CHECKING, 152 "bypass_traverse_checking", SCF_TYPE_BOOLEAN, 0}, 153 154 /* SMB_CI_MAX */ 155 }; 156 157 /* 158 * We store the max SMB protocol version in SMF as a string, 159 * (for convenience of svccfg etc) but the programmatic get/set 160 * interfaces use the numeric form. 161 * 162 * The numeric values are as defined in the [MS-SMB2] spec. 163 * except for how we represent "1" (for SMB1) which is an 164 * arbitrary value below SMB2_VERS_BASE. 165 */ 166 static struct str_val 167 smb_versions[] = { 168 { "3.02", SMB_VERS_3_02 }, 169 { "3.0", SMB_VERS_3_0 }, 170 { "2.1", SMB_VERS_2_1 }, 171 { "2.002", SMB_VERS_2_002 }, 172 { "1", SMB_VERS_1 }, 173 { NULL, 0 } 174 }; 175 176 static smb_cfg_param_t *smb_config_getent(smb_cfg_id_t); 177 178 static boolean_t smb_is_base64(unsigned char c); 179 static char *smb_base64_encode(char *str_to_encode); 180 static char *smb_base64_decode(char *encoded_str); 181 static int smb_config_get_idmap_preferred_dc(char *, int); 182 static int smb_config_set_idmap_preferred_dc(char *); 183 static int smb_config_get_idmap_site_name(char *, int); 184 static int smb_config_set_idmap_site_name(char *); 185 186 static uint32_t 187 smb_convert_version_str(const char *version) 188 { 189 uint32_t dialect = 0; 190 int i; 191 192 for (i = 0; smb_versions[i].str != NULL; i++) { 193 if (strcmp(version, smb_versions[i].str) == 0) 194 dialect = smb_versions[i].val; 195 } 196 197 return (dialect); 198 } 199 200 char * 201 smb_config_getname(smb_cfg_id_t id) 202 { 203 smb_cfg_param_t *cfg; 204 cfg = smb_config_getent(id); 205 return (cfg->sc_name); 206 } 207 208 static boolean_t 209 smb_is_base64(unsigned char c) 210 { 211 return (isalnum(c) || (c == '+') || (c == '/')); 212 } 213 214 /* 215 * smb_base64_encode 216 * 217 * Encode a string using base64 algorithm. 218 * Caller should free the returned buffer when done. 219 */ 220 static char * 221 smb_base64_encode(char *str_to_encode) 222 { 223 int ret_cnt = 0; 224 int i = 0, j = 0; 225 char arr_3[3], arr_4[4]; 226 int len = strlen(str_to_encode); 227 char *ret = malloc(SMB_ENC_LEN); 228 229 if (ret == NULL) { 230 return (NULL); 231 } 232 233 while (len--) { 234 arr_3[i++] = *(str_to_encode++); 235 if (i == 3) { 236 arr_4[0] = (arr_3[0] & 0xfc) >> 2; 237 arr_4[1] = ((arr_3[0] & 0x03) << 4) + 238 ((arr_3[1] & 0xf0) >> 4); 239 arr_4[2] = ((arr_3[1] & 0x0f) << 2) + 240 ((arr_3[2] & 0xc0) >> 6); 241 arr_4[3] = arr_3[2] & 0x3f; 242 243 for (i = 0; i < 4; i++) 244 ret[ret_cnt++] = b64_data[arr_4[i]]; 245 i = 0; 246 } 247 } 248 249 if (i) { 250 for (j = i; j < 3; j++) 251 arr_3[j] = '\0'; 252 253 arr_4[0] = (arr_3[0] & 0xfc) >> 2; 254 arr_4[1] = ((arr_3[0] & 0x03) << 4) + 255 ((arr_3[1] & 0xf0) >> 4); 256 arr_4[2] = ((arr_3[1] & 0x0f) << 2) + 257 ((arr_3[2] & 0xc0) >> 6); 258 arr_4[3] = arr_3[2] & 0x3f; 259 260 for (j = 0; j < (i + 1); j++) 261 ret[ret_cnt++] = b64_data[arr_4[j]]; 262 263 while (i++ < 3) 264 ret[ret_cnt++] = '='; 265 } 266 267 ret[ret_cnt++] = '\0'; 268 return (ret); 269 } 270 271 /* 272 * smb_base64_decode 273 * 274 * Decode using base64 algorithm. 275 * Caller should free the returned buffer when done. 276 */ 277 static char * 278 smb_base64_decode(char *encoded_str) 279 { 280 int len = strlen(encoded_str); 281 int i = 0, j = 0; 282 int en_ind = 0; 283 char arr_4[4], arr_3[3]; 284 int ret_cnt = 0; 285 char *ret = malloc(SMB_DEC_LEN); 286 char *p; 287 288 if (ret == NULL) { 289 return (NULL); 290 } 291 292 while (len-- && (encoded_str[en_ind] != '=') && 293 smb_is_base64(encoded_str[en_ind])) { 294 arr_4[i++] = encoded_str[en_ind]; 295 en_ind++; 296 if (i == 4) { 297 for (i = 0; i < 4; i++) { 298 if ((p = strchr(b64_data, arr_4[i])) == NULL) 299 return (NULL); 300 301 arr_4[i] = (int)(p - b64_data); 302 } 303 304 arr_3[0] = (arr_4[0] << 2) + 305 ((arr_4[1] & 0x30) >> 4); 306 arr_3[1] = ((arr_4[1] & 0xf) << 4) + 307 ((arr_4[2] & 0x3c) >> 2); 308 arr_3[2] = ((arr_4[2] & 0x3) << 6) + 309 arr_4[3]; 310 311 for (i = 0; i < 3; i++) 312 ret[ret_cnt++] = arr_3[i]; 313 314 i = 0; 315 } 316 } 317 318 if (i) { 319 for (j = i; j < 4; j++) 320 arr_4[j] = 0; 321 322 for (j = 0; j < 4; j++) { 323 if ((p = strchr(b64_data, arr_4[j])) == NULL) 324 return (NULL); 325 326 arr_4[j] = (int)(p - b64_data); 327 } 328 arr_3[0] = (arr_4[0] << 2) + 329 ((arr_4[1] & 0x30) >> 4); 330 arr_3[1] = ((arr_4[1] & 0xf) << 4) + 331 ((arr_4[2] & 0x3c) >> 2); 332 arr_3[2] = ((arr_4[2] & 0x3) << 6) + 333 arr_4[3]; 334 for (j = 0; j < (i - 1); j++) 335 ret[ret_cnt++] = arr_3[j]; 336 } 337 338 ret[ret_cnt++] = '\0'; 339 return (ret); 340 } 341 342 static char * 343 smb_config_getenv_generic(char *name, char *svc_fmri_prefix, char *svc_propgrp) 344 { 345 smb_scfhandle_t *handle; 346 char *value; 347 348 if ((value = malloc(MAX_VALUE_BUFLEN * sizeof (char))) == NULL) 349 return (NULL); 350 351 handle = smb_smf_scf_init(svc_fmri_prefix); 352 if (handle == NULL) { 353 free(value); 354 return (NULL); 355 } 356 357 (void) smb_smf_create_service_pgroup(handle, svc_propgrp); 358 359 if (smb_smf_get_string_property(handle, name, value, 360 sizeof (char) * MAX_VALUE_BUFLEN) != 0) { 361 smb_smf_scf_fini(handle); 362 free(value); 363 return (NULL); 364 } 365 366 smb_smf_scf_fini(handle); 367 return (value); 368 369 } 370 371 static int 372 smb_config_setenv_generic(char *svc_fmri_prefix, char *svc_propgrp, 373 char *name, char *value) 374 { 375 smb_scfhandle_t *handle = NULL; 376 int rc = 0; 377 378 379 handle = smb_smf_scf_init(svc_fmri_prefix); 380 if (handle == NULL) { 381 return (1); 382 } 383 384 (void) smb_smf_create_service_pgroup(handle, svc_propgrp); 385 386 if (smb_smf_start_transaction(handle) != SMBD_SMF_OK) { 387 smb_smf_scf_fini(handle); 388 return (1); 389 } 390 391 if (smb_smf_set_string_property(handle, name, value) != SMBD_SMF_OK) 392 rc = 1; 393 394 if (smb_smf_end_transaction(handle) != SMBD_SMF_OK) 395 rc = 1; 396 397 smb_smf_scf_fini(handle); 398 return (rc); 399 } 400 401 /* 402 * smb_config_getstr 403 * 404 * Fetch the specified string configuration item from SMF 405 */ 406 int 407 smb_config_getstr(smb_cfg_id_t id, char *cbuf, int bufsz) 408 { 409 smb_scfhandle_t *handle; 410 smb_cfg_param_t *cfg; 411 int rc = SMBD_SMF_OK; 412 char *pg; 413 char protbuf[SMB_ENC_LEN]; 414 char *tmp; 415 416 *cbuf = '\0'; 417 cfg = smb_config_getent(id); 418 assert(cfg->sc_type == SCF_TYPE_ASTRING); 419 420 if (id == SMB_CI_ADS_SITE) 421 return (smb_config_get_idmap_site_name(cbuf, bufsz)); 422 if (id == SMB_CI_DOMAIN_SRV) 423 return (smb_config_get_idmap_preferred_dc(cbuf, bufsz)); 424 425 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 426 if (handle == NULL) 427 return (SMBD_SMF_SYSTEM_ERR); 428 429 if (cfg->sc_flags & SMB_CF_PROTECTED) { 430 if ((rc = smb_smf_create_service_pgroup(handle, 431 SMBD_PROTECTED_PG_NAME)) != SMBD_SMF_OK) 432 goto error; 433 434 if ((rc = smb_smf_get_string_property(handle, cfg->sc_name, 435 protbuf, sizeof (protbuf))) != SMBD_SMF_OK) 436 goto error; 437 438 if (*protbuf != '\0') { 439 tmp = smb_base64_decode(protbuf); 440 (void) strlcpy(cbuf, tmp, bufsz); 441 free(tmp); 442 } 443 } else { 444 pg = (cfg->sc_flags & SMB_CF_EXEC) ? SMBD_EXEC_PG_NAME : 445 SMBD_PG_NAME; 446 rc = smb_smf_create_service_pgroup(handle, pg); 447 if (rc == SMBD_SMF_OK) 448 rc = smb_smf_get_string_property(handle, cfg->sc_name, 449 cbuf, bufsz); 450 } 451 452 error: 453 smb_smf_scf_fini(handle); 454 return (rc); 455 } 456 457 /* 458 * Translate the value of an astring SMF property into a binary 459 * IP address. If the value is neither a valid IPv4 nor IPv6 460 * address, attempt to look it up as a hostname using the 461 * configured address type. 462 */ 463 int 464 smb_config_getip(smb_cfg_id_t sc_id, smb_inaddr_t *ipaddr) 465 { 466 int rc, error; 467 int a_family; 468 char ipstr[MAXHOSTNAMELEN]; 469 struct hostent *h; 470 smb_cfg_param_t *cfg; 471 472 if (ipaddr == NULL) 473 return (SMBD_SMF_INVALID_ARG); 474 475 bzero(ipaddr, sizeof (smb_inaddr_t)); 476 rc = smb_config_getstr(sc_id, ipstr, sizeof (ipstr)); 477 if (rc == SMBD_SMF_OK) { 478 if (*ipstr == '\0') 479 return (SMBD_SMF_INVALID_ARG); 480 481 if (inet_pton(AF_INET, ipstr, &ipaddr->a_ipv4) == 1) { 482 ipaddr->a_family = AF_INET; 483 return (SMBD_SMF_OK); 484 } 485 486 if (inet_pton(AF_INET6, ipstr, &ipaddr->a_ipv6) == 1) { 487 ipaddr->a_family = AF_INET6; 488 return (SMBD_SMF_OK); 489 } 490 491 /* 492 * The value is neither an IPv4 nor IPv6 address; 493 * so check if it's a hostname. 494 */ 495 a_family = smb_config_getbool(SMB_CI_IPV6_ENABLE) ? 496 AF_INET6 : AF_INET; 497 h = getipnodebyname(ipstr, a_family, AI_DEFAULT, 498 &error); 499 if (h != NULL) { 500 bcopy(*(h->h_addr_list), &ipaddr->a_ip, 501 h->h_length); 502 ipaddr->a_family = a_family; 503 freehostent(h); 504 rc = SMBD_SMF_OK; 505 } else { 506 cfg = smb_config_getent(sc_id); 507 syslog(LOG_ERR, "smbd/%s: %s unable to get %s " 508 "address: %d", cfg->sc_name, ipstr, 509 a_family == AF_INET ? "IPv4" : "IPv6", error); 510 rc = SMBD_SMF_INVALID_ARG; 511 } 512 } 513 514 return (rc); 515 } 516 517 /* 518 * smb_config_getnum 519 * 520 * Returns the value of a numeric config param. 521 */ 522 int 523 smb_config_getnum(smb_cfg_id_t id, int64_t *cint) 524 { 525 smb_scfhandle_t *handle; 526 smb_cfg_param_t *cfg; 527 int rc = SMBD_SMF_OK; 528 529 *cint = 0; 530 cfg = smb_config_getent(id); 531 assert(cfg->sc_type == SCF_TYPE_INTEGER); 532 533 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 534 if (handle == NULL) 535 return (SMBD_SMF_SYSTEM_ERR); 536 537 rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME); 538 if (rc == SMBD_SMF_OK) 539 rc = smb_smf_get_integer_property(handle, cfg->sc_name, cint); 540 smb_smf_scf_fini(handle); 541 542 return (rc); 543 } 544 545 /* 546 * smb_config_getbool 547 * 548 * Returns the value of a boolean config param. 549 */ 550 boolean_t 551 smb_config_getbool(smb_cfg_id_t id) 552 { 553 smb_scfhandle_t *handle; 554 smb_cfg_param_t *cfg; 555 int rc = SMBD_SMF_OK; 556 uint8_t vbool; 557 558 cfg = smb_config_getent(id); 559 assert(cfg->sc_type == SCF_TYPE_BOOLEAN); 560 561 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 562 if (handle == NULL) 563 return (B_FALSE); 564 565 rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME); 566 if (rc == SMBD_SMF_OK) 567 rc = smb_smf_get_boolean_property(handle, cfg->sc_name, &vbool); 568 smb_smf_scf_fini(handle); 569 570 return ((rc == SMBD_SMF_OK) ? (vbool == 1) : B_FALSE); 571 } 572 573 /* 574 * smb_config_get 575 * 576 * This function returns the value of the requested config 577 * iterm regardless of its type in string format. This should 578 * be used when the config item type is not known by the caller. 579 */ 580 int 581 smb_config_get(smb_cfg_id_t id, char *cbuf, int bufsz) 582 { 583 smb_cfg_param_t *cfg; 584 int64_t cint; 585 int rc; 586 587 cfg = smb_config_getent(id); 588 switch (cfg->sc_type) { 589 case SCF_TYPE_ASTRING: 590 return (smb_config_getstr(id, cbuf, bufsz)); 591 592 case SCF_TYPE_INTEGER: 593 rc = smb_config_getnum(id, &cint); 594 if (rc == SMBD_SMF_OK) 595 (void) snprintf(cbuf, bufsz, "%lld", cint); 596 return (rc); 597 598 case SCF_TYPE_BOOLEAN: 599 if (smb_config_getbool(id)) 600 (void) strlcpy(cbuf, "true", bufsz); 601 else 602 (void) strlcpy(cbuf, "false", bufsz); 603 return (SMBD_SMF_OK); 604 } 605 606 return (SMBD_SMF_INVALID_ARG); 607 } 608 609 /* 610 * smb_config_setstr 611 * 612 * Set the specified config param with the given 613 * value. 614 */ 615 int 616 smb_config_setstr(smb_cfg_id_t id, char *value) 617 { 618 smb_scfhandle_t *handle; 619 smb_cfg_param_t *cfg; 620 int rc = SMBD_SMF_OK; 621 boolean_t protected; 622 char *tmp = NULL; 623 char *pg; 624 625 cfg = smb_config_getent(id); 626 assert(cfg->sc_type == SCF_TYPE_ASTRING); 627 628 if (id == SMB_CI_ADS_SITE) 629 return (smb_config_set_idmap_site_name(value)); 630 if (id == SMB_CI_DOMAIN_SRV) 631 return (smb_config_set_idmap_preferred_dc(value)); 632 633 protected = B_FALSE; 634 635 switch (cfg->sc_flags) { 636 case SMB_CF_PROTECTED: 637 protected = B_TRUE; 638 pg = SMBD_PROTECTED_PG_NAME; 639 break; 640 case SMB_CF_EXEC: 641 pg = SMBD_EXEC_PG_NAME; 642 break; 643 default: 644 pg = SMBD_PG_NAME; 645 break; 646 } 647 648 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 649 if (handle == NULL) 650 return (SMBD_SMF_SYSTEM_ERR); 651 652 rc = smb_smf_create_service_pgroup(handle, pg); 653 if (rc == SMBD_SMF_OK) 654 rc = smb_smf_start_transaction(handle); 655 656 if (rc != SMBD_SMF_OK) { 657 smb_smf_scf_fini(handle); 658 return (rc); 659 } 660 661 if (protected && value && (*value != '\0')) { 662 if ((tmp = smb_base64_encode(value)) == NULL) { 663 (void) smb_smf_end_transaction(handle); 664 smb_smf_scf_fini(handle); 665 return (SMBD_SMF_NO_MEMORY); 666 } 667 668 value = tmp; 669 } 670 671 /* 672 * We don't want people who care enough about protecting their data 673 * by requiring encryption to accidentally expose their data 674 * by lowering the protocol, so prevent them from going below 3.0 675 * if encryption is required. 676 * Also, ensure that max_protocol >= min_protocol. 677 */ 678 if (id == SMB_CI_MAX_PROTOCOL) { 679 smb_cfg_val_t encrypt; 680 uint32_t min; 681 uint32_t val; 682 683 encrypt = smb_config_get_require(SMB_CI_ENCRYPT); 684 min = smb_config_get_min_protocol(); 685 val = smb_convert_version_str(value); 686 687 if (encrypt == SMB_CONFIG_REQUIRED && 688 val < SMB_VERS_3_0) { 689 syslog(LOG_ERR, "Cannot set smbd/max_protocol below 3.0" 690 " while smbd/encrypt == required."); 691 rc = SMBD_SMF_INVALID_ARG; 692 } else if (val < min) { 693 syslog(LOG_ERR, "Cannot set smbd/max_protocol to less" 694 " than smbd/min_protocol."); 695 rc = SMBD_SMF_INVALID_ARG; 696 } 697 } else if (id == SMB_CI_MIN_PROTOCOL) { 698 uint32_t max; 699 uint32_t val; 700 701 max = smb_config_get_max_protocol(); 702 val = smb_convert_version_str(value); 703 704 if (val > max) { 705 syslog(LOG_ERR, "Cannot set smbd/min_protocol to more" 706 " than smbd/max_protocol."); 707 rc = SMBD_SMF_INVALID_ARG; 708 } 709 } 710 711 if (rc == SMBD_SMF_OK) { 712 rc = smb_smf_set_string_property(handle, cfg->sc_name, value); 713 } 714 715 free(tmp); 716 (void) smb_smf_end_transaction(handle); 717 smb_smf_scf_fini(handle); 718 return (rc); 719 } 720 721 /* 722 * smb_config_setnum 723 * 724 * Sets a numeric configuration iterm 725 */ 726 int 727 smb_config_setnum(smb_cfg_id_t id, int64_t value) 728 { 729 smb_scfhandle_t *handle; 730 smb_cfg_param_t *cfg; 731 int rc = SMBD_SMF_OK; 732 733 cfg = smb_config_getent(id); 734 assert(cfg->sc_type == SCF_TYPE_INTEGER); 735 736 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 737 if (handle == NULL) 738 return (SMBD_SMF_SYSTEM_ERR); 739 740 rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME); 741 if (rc == SMBD_SMF_OK) 742 rc = smb_smf_start_transaction(handle); 743 744 if (rc != SMBD_SMF_OK) { 745 smb_smf_scf_fini(handle); 746 return (rc); 747 } 748 749 rc = smb_smf_set_integer_property(handle, cfg->sc_name, value); 750 751 (void) smb_smf_end_transaction(handle); 752 smb_smf_scf_fini(handle); 753 return (rc); 754 } 755 756 /* 757 * smb_config_setbool 758 * 759 * Sets a boolean configuration iterm 760 */ 761 int 762 smb_config_setbool(smb_cfg_id_t id, boolean_t value) 763 { 764 smb_scfhandle_t *handle; 765 smb_cfg_param_t *cfg; 766 int rc = SMBD_SMF_OK; 767 768 cfg = smb_config_getent(id); 769 assert(cfg->sc_type == SCF_TYPE_BOOLEAN); 770 771 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 772 if (handle == NULL) 773 return (SMBD_SMF_SYSTEM_ERR); 774 775 rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME); 776 if (rc == SMBD_SMF_OK) 777 rc = smb_smf_start_transaction(handle); 778 779 if (rc != SMBD_SMF_OK) { 780 smb_smf_scf_fini(handle); 781 return (rc); 782 } 783 784 rc = smb_smf_set_boolean_property(handle, cfg->sc_name, value); 785 786 (void) smb_smf_end_transaction(handle); 787 smb_smf_scf_fini(handle); 788 return (rc); 789 } 790 791 /* 792 * smb_config_set 793 * 794 * This function sets the value of the specified config 795 * iterm regardless of its type in string format. This should 796 * be used when the config item type is not known by the caller. 797 */ 798 int 799 smb_config_set(smb_cfg_id_t id, char *value) 800 { 801 smb_cfg_param_t *cfg; 802 int64_t cint; 803 804 cfg = smb_config_getent(id); 805 switch (cfg->sc_type) { 806 case SCF_TYPE_ASTRING: 807 return (smb_config_setstr(id, value)); 808 809 case SCF_TYPE_INTEGER: 810 cint = atoi(value); 811 return (smb_config_setnum(id, cint)); 812 813 case SCF_TYPE_BOOLEAN: 814 return (smb_config_setbool(id, strcasecmp(value, "true") == 0)); 815 } 816 817 return (SMBD_SMF_INVALID_ARG); 818 } 819 820 int 821 smb_config_get_debug() 822 { 823 int64_t val64; 824 int val = 0; /* default */ 825 smb_scfhandle_t *handle = NULL; 826 827 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 828 if (handle == NULL) { 829 return (val); 830 } 831 832 if (smb_smf_create_service_pgroup(handle, 833 SMBD_PG_NAME) != SMBD_SMF_OK) { 834 smb_smf_scf_fini(handle); 835 return (val); 836 } 837 838 if (smb_smf_get_integer_property(handle, "debug", &val64) != 0) { 839 smb_smf_scf_fini(handle); 840 return (val); 841 } 842 val = (int)val64; 843 844 smb_smf_scf_fini(handle); 845 846 return (val); 847 } 848 849 uint8_t 850 smb_config_get_fg_flag() 851 { 852 uint8_t run_fg = 0; /* Default is to run in daemon mode */ 853 smb_scfhandle_t *handle = NULL; 854 855 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 856 if (handle == NULL) { 857 return (run_fg); 858 } 859 860 if (smb_smf_create_service_pgroup(handle, 861 SMBD_PG_NAME) != SMBD_SMF_OK) { 862 smb_smf_scf_fini(handle); 863 return (run_fg); 864 } 865 866 if (smb_smf_get_boolean_property(handle, "run_fg", &run_fg) != 0) { 867 smb_smf_scf_fini(handle); 868 return (run_fg); 869 } 870 871 smb_smf_scf_fini(handle); 872 873 return (run_fg); 874 } 875 876 /* 877 * smb_config_get_ads_enable 878 * 879 * Returns value of the "config/use_ads" parameter 880 * from the IDMAP SMF configuration repository. 881 * 882 */ 883 boolean_t 884 smb_config_get_ads_enable(void) 885 { 886 smb_scfhandle_t *handle = NULL; 887 uint8_t vbool; 888 int rc = 0; 889 890 handle = smb_smf_scf_init(IDMAP_FMRI_PREFIX); 891 if (handle == NULL) 892 return (B_FALSE); 893 894 rc = smb_smf_create_service_pgroup(handle, IDMAP_PG_NAME); 895 if (rc == SMBD_SMF_OK) 896 rc = smb_smf_get_boolean_property(handle, "use_ads", &vbool); 897 smb_smf_scf_fini(handle); 898 899 return ((rc == SMBD_SMF_OK) ? (vbool == 1) : B_TRUE); 900 } 901 902 /* 903 * smb_config_get_localsid 904 * 905 * Returns value of the "config/machine_sid" parameter 906 * from the IDMAP SMF configuration repository. 907 * Result is allocated; caller should free. 908 */ 909 char * 910 smb_config_get_localsid(void) 911 { 912 return (smb_config_getenv_generic(MACHINE_SID, IDMAP_FMRI_PREFIX, 913 IDMAP_PG_NAME)); 914 } 915 916 /* 917 * smb_config_get_localuuid 918 * 919 * Returns value of the "config/machine_uuid" parameter 920 * from the IDMAP SMF configuration repository. 921 * 922 */ 923 int 924 smb_config_get_localuuid(uuid_t uu) 925 { 926 char *s; 927 928 uuid_clear(uu); 929 s = smb_config_getenv_generic(MACHINE_UUID, IDMAP_FMRI_PREFIX, 930 IDMAP_PG_NAME); 931 if (s == NULL) 932 return (-1); 933 934 if (uuid_parse(s, uu) < 0) { 935 free(s); 936 return (-1); 937 } 938 939 return (0); 940 } 941 942 static int 943 smb_config_get_idmap_preferred_dc(char *cbuf, int bufsz) 944 { 945 char *s; 946 int len, rc = -1; 947 948 s = smb_config_getenv_generic(IDMAP_PREF_DC, 949 IDMAP_FMRI_PREFIX, IDMAP_PG_NAME); 950 if (s != NULL) { 951 len = strlcpy(cbuf, s, bufsz); 952 if (len < bufsz) 953 rc = 0; 954 free(s); 955 } 956 return (rc); 957 } 958 959 static int 960 smb_config_set_idmap_preferred_dc(char *value) 961 { 962 return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME, 963 IDMAP_PREF_DC, value)); 964 } 965 966 static int 967 smb_config_get_idmap_site_name(char *cbuf, int bufsz) 968 { 969 char *s; 970 int len, rc = -1; 971 972 s = smb_config_getenv_generic(IDMAP_SITE_NAME, 973 IDMAP_FMRI_PREFIX, IDMAP_PG_NAME); 974 if (s != NULL) { 975 len = strlcpy(cbuf, s, bufsz); 976 if (len < bufsz) 977 rc = 0; 978 free(s); 979 } 980 return (rc); 981 } 982 983 static int 984 smb_config_set_idmap_site_name(char *value) 985 { 986 return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME, 987 IDMAP_SITE_NAME, value)); 988 } 989 990 /* 991 * smb_config_set_idmap_domain 992 * 993 * Set the "config/domain_name" parameter from IDMAP SMF repository. 994 */ 995 int 996 smb_config_set_idmap_domain(char *value) 997 { 998 return (smb_config_setenv_generic(IDMAP_FMRI_PREFIX, IDMAP_PG_NAME, 999 IDMAP_DOMAIN, value)); 1000 } 1001 1002 /* 1003 * smb_config_refresh_idmap 1004 * 1005 * Refresh IDMAP SMF service after making changes to its configuration. 1006 */ 1007 int 1008 smb_config_refresh_idmap(void) 1009 { 1010 char instance[32]; 1011 1012 (void) snprintf(instance, sizeof (instance), "%s:default", 1013 IDMAP_FMRI_PREFIX); 1014 return (smf_refresh_instance(instance)); 1015 } 1016 1017 int 1018 smb_config_secmode_fromstr(char *secmode) 1019 { 1020 if (secmode == NULL) 1021 return (SMB_SECMODE_WORKGRP); 1022 1023 if (strcasecmp(secmode, SMB_SECMODE_DOMAIN_STR) == 0) 1024 return (SMB_SECMODE_DOMAIN); 1025 1026 return (SMB_SECMODE_WORKGRP); 1027 } 1028 1029 char * 1030 smb_config_secmode_tostr(int secmode) 1031 { 1032 if (secmode == SMB_SECMODE_DOMAIN) 1033 return (SMB_SECMODE_DOMAIN_STR); 1034 1035 return (SMB_SECMODE_WORKGRP_STR); 1036 } 1037 1038 int 1039 smb_config_get_secmode() 1040 { 1041 char p[16]; 1042 1043 (void) smb_config_getstr(SMB_CI_SECURITY, p, sizeof (p)); 1044 return (smb_config_secmode_fromstr(p)); 1045 } 1046 1047 int 1048 smb_config_set_secmode(int secmode) 1049 { 1050 char *p; 1051 1052 p = smb_config_secmode_tostr(secmode); 1053 return (smb_config_setstr(SMB_CI_SECURITY, p)); 1054 } 1055 1056 void 1057 smb_config_getdomaininfo(char *domain, char *fqdn, char *sid, char *forest, 1058 char *guid) 1059 { 1060 if (domain) 1061 (void) smb_config_getstr(SMB_CI_DOMAIN_NAME, domain, 1062 NETBIOS_NAME_SZ); 1063 1064 if (fqdn) 1065 (void) smb_config_getstr(SMB_CI_DOMAIN_FQDN, fqdn, 1066 MAXHOSTNAMELEN); 1067 1068 if (sid) 1069 (void) smb_config_getstr(SMB_CI_DOMAIN_SID, sid, 1070 SMB_SID_STRSZ); 1071 1072 if (forest) 1073 (void) smb_config_getstr(SMB_CI_DOMAIN_FOREST, forest, 1074 MAXHOSTNAMELEN); 1075 1076 if (guid) 1077 (void) smb_config_getstr(SMB_CI_DOMAIN_GUID, guid, 1078 UUID_PRINTABLE_STRING_LENGTH); 1079 } 1080 1081 void 1082 smb_config_setdomaininfo(char *domain, char *fqdn, char *sid, char *forest, 1083 char *guid) 1084 { 1085 if (domain) 1086 (void) smb_config_setstr(SMB_CI_DOMAIN_NAME, domain); 1087 if (fqdn) 1088 (void) smb_config_setstr(SMB_CI_DOMAIN_FQDN, fqdn); 1089 if (sid) 1090 (void) smb_config_setstr(SMB_CI_DOMAIN_SID, sid); 1091 if (forest) 1092 (void) smb_config_setstr(SMB_CI_DOMAIN_FOREST, forest); 1093 if (guid) 1094 (void) smb_config_setstr(SMB_CI_DOMAIN_GUID, guid); 1095 } 1096 1097 /* 1098 * The version stored in SMF in string format as N.N where 1099 * N is a number defined by Microsoft. The first number represents 1100 * the major version and the second number is the minor version. 1101 * Current defined values can be found here in 'ver_table'. 1102 * 1103 * This function reads the SMF string value and converts it to 1104 * two numbers returned in the given 'version' structure. 1105 * Current default version number is 5.0 which is for Windows 2000. 1106 */ 1107 void 1108 smb_config_get_version(smb_version_t *version) 1109 { 1110 smb_version_t tmpver; 1111 char verstr[SMB_VERSTR_LEN]; 1112 char *p; 1113 int rc, i; 1114 static smb_version_t ver_table [] = { 1115 { 0, SMB_MAJOR_NT, SMB_MINOR_NT, 1381, 0 }, 1116 { 0, SMB_MAJOR_2000, SMB_MINOR_2000, 2195, 0 }, 1117 { 0, SMB_MAJOR_XP, SMB_MINOR_XP, 2196, 0 }, 1118 { 0, SMB_MAJOR_2003, SMB_MINOR_2003, 2196, 0 }, 1119 { 0, SMB_MAJOR_VISTA, SMB_MINOR_VISTA, 6000, 0 }, 1120 { 0, SMB_MAJOR_2008, SMB_MINOR_2008, 6000, 0 }, 1121 { 0, SMB_MAJOR_2008R2, SMB_MINOR_2008R2, 7007, 0 }, 1122 { 0, SMB_MAJOR_7, SMB_MINOR_7, 7007, 0 } 1123 }; 1124 1125 *version = ver_table[1]; 1126 version->sv_size = sizeof (smb_version_t); 1127 1128 rc = smb_config_getstr(SMB_CI_VERSION, verstr, sizeof (verstr)); 1129 if (rc != SMBD_SMF_OK) 1130 return; 1131 1132 if ((p = strchr(verstr, '.')) == NULL) 1133 return; 1134 1135 *p = '\0'; 1136 tmpver.sv_major = (uint8_t)atoi(verstr); 1137 tmpver.sv_minor = (uint8_t)atoi(p + 1); 1138 1139 for (i = 0; i < sizeof (ver_table)/sizeof (ver_table[0]); ++i) { 1140 if ((tmpver.sv_major == ver_table[i].sv_major) && 1141 (tmpver.sv_minor == ver_table[i].sv_minor)) { 1142 *version = ver_table[i]; 1143 version->sv_size = sizeof (smb_version_t); 1144 break; 1145 } 1146 } 1147 } 1148 1149 /* 1150 * Reads share exec script properties 1151 */ 1152 uint32_t 1153 smb_config_get_execinfo(char *map, char *unmap, size_t bufsz) 1154 { 1155 char buf[MAXPATHLEN]; 1156 uint32_t flags = 0; 1157 1158 if (map == NULL) { 1159 map = buf; 1160 bufsz = MAXPATHLEN; 1161 } 1162 1163 *map = '\0'; 1164 (void) smb_config_getstr(SMB_CI_MAP, map, bufsz); 1165 if (*map != '\0') 1166 flags |= SMB_EXEC_MAP; 1167 1168 if (unmap == NULL) { 1169 unmap = buf; 1170 bufsz = MAXPATHLEN; 1171 } 1172 1173 *unmap = '\0'; 1174 (void) smb_config_getstr(SMB_CI_UNMAP, unmap, bufsz); 1175 if (*unmap != '\0') 1176 flags |= SMB_EXEC_UNMAP; 1177 1178 *buf = '\0'; 1179 (void) smb_config_getstr(SMB_CI_DISPOSITION, buf, sizeof (buf)); 1180 if (*buf != '\0') 1181 if (strcasecmp(buf, SMB_EXEC_DISP_TERMINATE) == 0) 1182 flags |= SMB_EXEC_TERM; 1183 1184 return (flags); 1185 } 1186 1187 static smb_cfg_param_t * 1188 smb_config_getent(smb_cfg_id_t id) 1189 { 1190 int i; 1191 1192 for (i = 0; i < SMB_CI_MAX; i++) 1193 if (smb_cfg_table[i].sc_id == id) 1194 return (&smb_cfg_table[id]); 1195 1196 assert(0); 1197 return (NULL); 1198 } 1199 1200 static uint32_t 1201 smb_config_get_protocol(smb_cfg_id_t id, char *name, uint32_t default_val) 1202 { 1203 char str[SMB_VERSTR_LEN]; 1204 int rc; 1205 uint32_t val; 1206 1207 rc = smb_config_getstr(id, str, sizeof (str)); 1208 if (rc == SMBD_SMF_OK) { 1209 val = smb_convert_version_str(str); 1210 if (val != 0) 1211 return (val); 1212 if (str[0] != '\0') { 1213 syslog(LOG_ERR, "smbd/%s value invalid: %s", name, str); 1214 } 1215 } 1216 1217 return (default_val); 1218 } 1219 1220 /* 1221 * The service manifest has empty values by default for min_protocol and 1222 * max_protocol. The expectation is that when those values are empty, we don't 1223 * constrain the range of supported protocol versions (and allow use of the 1224 * whole range that we implement). For that reason, this should usually be the 1225 * highest protocol version we implement. 1226 */ 1227 uint32_t max_protocol_default = SMB_VERS_3_02; 1228 1229 uint32_t 1230 smb_config_get_max_protocol(void) 1231 { 1232 uint32_t max; 1233 1234 max = smb_config_get_protocol(SMB_CI_MAX_PROTOCOL, "max_protocol", 1235 max_protocol_default); 1236 1237 return (max); 1238 } 1239 1240 /* 1241 * This should eventually be SMB_VERS_2_BASE 1242 */ 1243 uint32_t min_protocol_default = SMB_VERS_1; 1244 1245 uint32_t 1246 smb_config_get_min_protocol(void) 1247 { 1248 uint32_t min; 1249 1250 min = smb_config_get_protocol(SMB_CI_MIN_PROTOCOL, "min_protocol", 1251 min_protocol_default); 1252 1253 return (min); 1254 } 1255 1256 int 1257 smb_config_check_protocol(char *value) 1258 { 1259 if (smb_convert_version_str(value) != 0) 1260 return (0); 1261 1262 return (-1); 1263 } 1264 1265 /* 1266 * If smb2_enable is present and max_protocol is empty, 1267 * set max_protocol. Delete smb2_enable. 1268 */ 1269 static void 1270 upgrade_smb2_enable() 1271 { 1272 smb_scfhandle_t *handle; 1273 char *s2e_name = "smb2_enable"; 1274 char *s2e_sval; 1275 uint8_t s2e_bval; 1276 char *maxp_name = "max_protocol"; 1277 char *maxp_sval; 1278 char verstr[SMB_VERSTR_LEN]; 1279 int rc; 1280 1281 handle = smb_smf_scf_init(SMBD_FMRI_PREFIX); 1282 if (handle == NULL) 1283 return; 1284 rc = smb_smf_create_service_pgroup(handle, SMBD_PG_NAME); 1285 if (rc != SMBD_SMF_OK) 1286 goto out; 1287 1288 /* Is there an "smb2_enable" property? */ 1289 rc = smb_smf_get_boolean_property(handle, s2e_name, &s2e_bval); 1290 if (rc != SMBD_SMF_OK) { 1291 syslog(LOG_DEBUG, "upgrade: smb2_enable not found"); 1292 goto out; 1293 } 1294 1295 /* 1296 * We will try to delete the smb2_enable property, so we need 1297 * the transaction to start now, before we modify max_protocol 1298 */ 1299 if ((rc = smb_smf_start_transaction(handle)) != 0) { 1300 syslog(LOG_DEBUG, "upgrade_smb2_enable: start trans (%d)", rc); 1301 goto out; 1302 } 1303 1304 /* 1305 * Old (smb2_enable) property exists. 1306 * Does the new one? (max_protocol) 1307 */ 1308 rc = smb_smf_get_string_property(handle, maxp_name, 1309 verstr, sizeof (verstr)); 1310 if (rc == SMBD_SMF_OK && !smb_config_check_protocol(verstr)) { 1311 syslog(LOG_DEBUG, "upgrade: found %s = %s", 1312 maxp_name, verstr); 1313 /* Leave existing max_protocol as we found it. */ 1314 } else { 1315 /* 1316 * New property missing or invalid. 1317 * Upgrade from "smb2_enable". 1318 */ 1319 if (s2e_bval == 0) { 1320 s2e_sval = "false"; 1321 maxp_sval = "1"; 1322 } else { 1323 s2e_sval = "true"; 1324 maxp_sval = "2.1"; 1325 } 1326 /* 1327 * Note: Need this in the same transaction as the 1328 * delete of smb2_enable below. 1329 */ 1330 rc = smb_smf_set_string_property(handle, maxp_name, maxp_sval); 1331 if (rc != SMBD_SMF_OK) { 1332 syslog(LOG_ERR, "failed to set smbd/%d (%d)", 1333 maxp_name, rc); 1334 goto out; 1335 } 1336 syslog(LOG_INFO, "upgrade smbd/smb2_enable=%s " 1337 "converted to smbd/max_protocol=%s", 1338 s2e_sval, maxp_sval); 1339 } 1340 1341 /* 1342 * Delete the old smb2_enable property. 1343 */ 1344 if ((rc = smb_smf_delete_property(handle, s2e_name)) != 0) { 1345 syslog(LOG_DEBUG, "upgrade_smb2_enable: delete prop (%d)", rc); 1346 } else if ((rc = smb_smf_end_transaction(handle)) != 0) { 1347 syslog(LOG_DEBUG, "upgrade_smb2_enable: end trans (%d)", rc); 1348 } 1349 if (rc != 0) { 1350 syslog(LOG_ERR, "failed to delete property smbd/%d (%d)", 1351 s2e_name, rc); 1352 } 1353 1354 out: 1355 (void) smb_smf_end_transaction(handle); 1356 smb_smf_scf_fini(handle); 1357 } 1358 1359 1360 /* 1361 * Run once at startup convert old SMF settings to current. 1362 */ 1363 void 1364 smb_config_upgrade(void) 1365 { 1366 upgrade_smb2_enable(); 1367 } 1368 1369 smb_cfg_val_t 1370 smb_config_get_require(smb_cfg_id_t id) 1371 { 1372 int rc; 1373 char str[sizeof ("required")]; 1374 1375 rc = smb_config_getstr(id, str, sizeof (str)); 1376 if (rc != SMBD_SMF_OK) 1377 return (SMB_CONFIG_DISABLED); 1378 1379 if (strncmp(str, "required", sizeof (str)) == 0) 1380 return (SMB_CONFIG_REQUIRED); 1381 if (strncmp(str, "enabled", sizeof (str)) == 0) 1382 return (SMB_CONFIG_ENABLED); 1383 1384 return (SMB_CONFIG_DISABLED); 1385 }