1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. 24 */ 25 26 /* 27 * Active Directory Setup RPC interface used by Windows 2000. 28 */ 29 30 #include <synch.h> 31 #include <strings.h> 32 #include <stdlib.h> 33 #include <netdb.h> 34 35 #include <smbsrv/libsmb.h> 36 #include <smbsrv/libmlrpc.h> 37 #include <smbsrv/libmlsvc.h> 38 #include <smbsrv/ndl/dssetup.ndl> 39 #include <smbsrv/smbinfo.h> 40 #include <smbsrv/nmpipes.h> 41 42 int dssetup_get_domain_info(ds_primary_domain_info_t *); 43 44 static int dssetup_DsRoleGetPrimaryDomainInfo(void *, ndr_xa_t *); 45 static uint32_t dssetup_member_server(ds_primary_domain_info_t *, ndr_xa_t *); 46 static uint32_t dssetup_standalone_server(ds_primary_domain_info_t *, 47 ndr_xa_t *); 48 49 static ndr_stub_table_t dssetup_stub_table[] = { 50 { dssetup_DsRoleGetPrimaryDomainInfo, 51 DSSETUP_OPNUM_DsRoleGetPrimaryDomainInfo }, 52 {0} 53 }; 54 55 static ndr_service_t dssetup_service = { 56 "DSSETUP", /* name */ 57 "Active Directory Setup", /* desc */ 58 "\\lsarpc", /* endpoint */ 59 PIPE_LSASS, /* sec_addr_port */ 60 "3919286a-b10c-11d0-9ba8-00c04fd92ef5", 0, /* abstract */ 61 NDR_TRANSFER_SYNTAX_UUID, 2, /* transfer */ 62 0, /* no bind_instance_size */ 63 0, /* no bind_req() */ 64 0, /* no unbind_and_close() */ 65 0, /* use generic_call_stub() */ 66 &TYPEINFO(dssetup_interface), /* interface ti */ 67 dssetup_stub_table /* stub_table */ 68 }; 69 70 static ds_primary_domain_info_t ds_info; 71 static mutex_t ds_info_mtx; 72 73 /* 74 * dssetup_initialize 75 * 76 * This function registers the DSSETUP interface with the RPC runtime 77 * library. It must be called in order to use either the client side 78 * or the server side functions. 79 */ 80 void 81 dssetup_initialize(void) 82 { 83 dssetup_clear_domain_info(); 84 (void) ndr_svc_register(&dssetup_service); 85 } 86 87 void 88 dssetup_clear_domain_info(void) 89 { 90 (void) mutex_lock(&ds_info_mtx); 91 92 free(ds_info.nt_domain); 93 free(ds_info.dns_domain); 94 free(ds_info.forest); 95 bzero(&ds_info, sizeof (ds_primary_domain_info_t)); 96 97 (void) mutex_unlock(&ds_info_mtx); 98 } 99 100 /* 101 * Request for machine role and primary domain information. 102 */ 103 static int 104 dssetup_DsRoleGetPrimaryDomainInfo(void *arg, ndr_xa_t *mxa) 105 { 106 dssetup_DsRoleGetPrimaryDomainInfo_t *param = arg; 107 dssetup_GetPrimaryDomainInfo_t *info; 108 ds_primary_domain_info_t *info1; 109 uint32_t status; 110 int security_mode; 111 112 info = NDR_MALLOC(mxa, sizeof (dssetup_GetPrimaryDomainInfo_t)); 113 if (info == NULL) { 114 status = NT_STATUS_NO_MEMORY; 115 } else if (param->level != DS_ROLE_BASIC_INFORMATION) { 116 status = NT_STATUS_INVALID_LEVEL; 117 } else { 118 info->switch_value = param->level; 119 info1 = &info->ru.info1; 120 121 security_mode = smb_config_get_secmode(); 122 123 if (security_mode == SMB_SECMODE_DOMAIN) 124 status = dssetup_member_server(info1, mxa); 125 else 126 status = dssetup_standalone_server(info1, mxa); 127 } 128 129 if (status != NT_STATUS_SUCCESS) { 130 bzero(param, sizeof (dssetup_DsRoleGetPrimaryDomainInfo_t)); 131 param->status = NT_SC_ERROR(status); 132 } else { 133 param->info = info; 134 param->status = NT_STATUS_SUCCESS; 135 } 136 137 return (NDR_DRC_OK); 138 } 139 140 /* 141 * When the machine role is domain member: 142 * nt_domain must contain the NetBIOS domain name 143 * dns_domain must contain the DNS domain name (cannot be NULL) 144 * forest must contain the forest name (cannot be NULL) 145 * 146 * If DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT is set in flags, the domain_guid 147 * must contain the domain UUID. Otherwise domain_guid is ignored. 148 */ 149 static uint32_t 150 dssetup_member_server(ds_primary_domain_info_t *info, ndr_xa_t *mxa) 151 { 152 char dns_domain[MAXHOSTNAMELEN]; 153 char nt_domain[MAXHOSTNAMELEN]; 154 155 (void) mutex_lock(&ds_info_mtx); 156 157 if ((ds_info.flags & DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT) == 0) { 158 /* 159 * If we don't have the domain GUID, try to get it from a 160 * domain controller. Otherwise, use local configuration. 161 */ 162 free(ds_info.nt_domain); 163 free(ds_info.dns_domain); 164 free(ds_info.forest); 165 (void) dssetup_get_domain_info(&ds_info); 166 } 167 168 if (ds_info.flags & DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT) { 169 info->flags = DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT; 170 info->nt_domain = NDR_STRDUP(mxa, (char *)ds_info.nt_domain); 171 info->dns_domain = NDR_STRDUP(mxa, (char *)ds_info.dns_domain); 172 info->forest = NDR_STRDUP(mxa, (char *)ds_info.forest); 173 bcopy(&ds_info.domain_guid, &info->domain_guid, 174 sizeof (ndr_uuid_t)); 175 } else { 176 if (smb_getdomainname(nt_domain, MAXHOSTNAMELEN) != 0) { 177 (void) mutex_unlock(&ds_info_mtx); 178 return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); 179 } 180 181 if (smb_getfqdomainname(dns_domain, MAXHOSTNAMELEN) != 0) { 182 (void) mutex_unlock(&ds_info_mtx); 183 return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); 184 } 185 186 (void) smb_strlwr(dns_domain); 187 188 info->flags = 0; 189 info->nt_domain = NDR_STRDUP(mxa, nt_domain); 190 info->dns_domain = NDR_STRDUP(mxa, dns_domain); 191 info->forest = NDR_STRDUP(mxa, dns_domain); 192 bzero(&info->domain_guid, sizeof (ndr_uuid_t)); 193 } 194 195 (void) mutex_unlock(&ds_info_mtx); 196 197 if (info->nt_domain == NULL || 198 info->dns_domain == NULL || 199 info->forest == NULL) 200 return (NT_STATUS_NO_MEMORY); 201 202 info->role = DS_ROLE_MEMBER_SERVER; 203 return (NT_STATUS_SUCCESS); 204 } 205 206 /* 207 * When the machine role is standalone: 208 * nt_domain must contain the NetBIOS workgroup name 209 * dns_domain must be NULL 210 * forest must be NULL 211 * 212 * We don't maintain a domain GUID. When DS_ROLE_PRIMARY_DOMAIN_GUID_PRESENT 213 * is not set in flags, domain_guid is ignored. 214 */ 215 static uint32_t 216 dssetup_standalone_server(ds_primary_domain_info_t *info, ndr_xa_t *mxa) 217 { 218 char nt_domain[MAXHOSTNAMELEN]; 219 220 if (smb_getdomainname(nt_domain, MAXHOSTNAMELEN) != 0) 221 return (NT_STATUS_CANT_ACCESS_DOMAIN_INFO); 222 223 info->nt_domain = NDR_STRDUP(mxa, nt_domain); 224 if (info->nt_domain == NULL) 225 return (NT_STATUS_NO_MEMORY); 226 227 info->role = DS_ROLE_STANDALONE_SERVER; 228 info->flags = 0; 229 info->dns_domain = NULL; 230 info->forest = NULL; 231 bzero(&info->domain_guid, sizeof (ndr_uuid_t)); 232 return (NT_STATUS_SUCCESS); 233 }