#include <ctype.h>
#include <stdio.h>
#include <stdarg.h>
#include <unistd.h>
#include <sys/fcntl.h>
#include <string.h>
#include <strings.h>
#include <stdlib.h>
#include <pthread.h>
#include <sys/varargs.h>
#include <sys/types.h>
#include <sys/mnttab.h>
#include <tiuser.h>
#include <netconfig.h>
#include <netdir.h>
#include <sys/systeminfo.h>
#include <sys/utsname.h>
#include <libzfs.h>
#include <dlfcn.h>
#include <time.h>
#include <syslog.h>
#include <smbsrv/string.h>
#include <smbsrv/libsmb.h>
#define SMB_LIB_ALT "/usr/lib/smbsrv/libsmbex.so"
static boolean_t smb_netgroup_match(struct nd_hostservlist *, char *, int);
extern int __multi_innetgr();
extern int __netdir_getbyaddr_nosrv(struct netconfig *,
struct nd_hostservlist **, struct netbuf *);
#define C2H(c) "0123456789ABCDEF"[(c)]
#define H2C(c) (((c) >= '0' && (c) <= '9') ? ((c) - '0') : \
((c) >= 'a' && (c) <= 'f') ? ((c) - 'a' + 10) : \
((c) >= 'A' && (c) <= 'F') ? ((c) - 'A' + 10) : \
'\0')
#define DEFAULT_SBOX_SIZE 256
void
hexdump_offset(unsigned char *buffer, int nbytes, unsigned long *start)
{
static char *hex = "0123456789ABCDEF";
int i, count;
int offset;
unsigned char *p;
char ascbuf[64];
char hexbuf[64];
char *ap = ascbuf;
char *hp = hexbuf;
if ((p = buffer) == NULL)
return;
offset = *start;
*ap = '\0';
*hp = '\0';
count = 0;
for (i = 0; i < nbytes; ++i) {
if (i && (i % 16) == 0) {
smb_tracef("%06X %s %s", offset, hexbuf, ascbuf);
ap = ascbuf;
hp = hexbuf;
count = 0;
offset += 16;
}
ap += sprintf(ap, "%c",
(*p >= 0x20 && *p < 0x7F) ? *p : '.');
hp += sprintf(hp, " %c%c",
hex[(*p >> 4) & 0x0F], hex[(*p & 0x0F)]);
++p;
++count;
}
if (count) {
smb_tracef("%06X %-48s %s", offset, hexbuf, ascbuf);
offset += count;
}
*start = offset;
}
void
hexdump(unsigned char *buffer, int nbytes)
{
unsigned long start = 0;
hexdump_offset(buffer, nbytes, &start);
}
size_t
bintohex(const char *srcbuf, size_t srclen,
char *hexbuf, size_t hexlen)
{
size_t outlen;
char c;
outlen = srclen << 1;
if (hexlen < outlen)
return (0);
while (srclen-- > 0) {
c = *srcbuf++;
*hexbuf++ = C2H(c & 0xF);
*hexbuf++ = C2H((c >> 4) & 0xF);
}
return (outlen);
}
size_t
hextobin(const char *hexbuf, size_t hexlen,
char *dstbuf, size_t dstlen)
{
size_t outlen;
if ((hexlen % 2) != 0)
return (0);
outlen = hexlen >> 1;
if (dstlen < outlen)
return (0);
while (hexlen > 0) {
*dstbuf = H2C(*hexbuf) & 0x0F;
hexbuf++;
*dstbuf++ |= (H2C(*hexbuf) << 4) & 0xF0;
hexbuf++;
hexlen -= 2;
}
return (outlen);
}
char *
strtrim(char *buf, const char *class)
{
char *p = buf;
char *q = buf;
if (buf == NULL)
return (NULL);
p += strspn(p, class);
if (p != buf) {
while ((*q = *p++) != '\0')
++q;
}
while (q != buf) {
--q;
if (strspn(q, class) == 0)
return (buf);
*q = '\0';
}
return (buf);
}
char *
strstrip(char *buf, const char *class)
{
char *p = buf;
char *q = buf;
if (buf == NULL)
return (NULL);
while (*p) {
p += strspn(p, class);
*q++ = *p++;
}
*q = '\0';
return (buf);
}
char *
trim_whitespace(char *buf)
{
char *p = buf;
char *q = buf;
if (buf == NULL)
return (NULL);
while (*p && isspace(*p))
++p;
while ((*q = *p++) != 0)
++q;
if (q != buf) {
while ((--q, isspace(*q)) != 0)
*q = '\0';
}
return (buf);
}
void
rand_hash(
unsigned char *data,
size_t datalen,
unsigned char *key,
size_t keylen)
{
unsigned char sbox[DEFAULT_SBOX_SIZE];
unsigned char tmp;
unsigned char index_i = 0;
unsigned char index_j = 0;
unsigned char j = 0;
int i;
for (i = 0; i < DEFAULT_SBOX_SIZE; ++i)
sbox[i] = (unsigned char)i;
for (i = 0; i < DEFAULT_SBOX_SIZE; ++i) {
j += (sbox[i] + key[i % keylen]);
tmp = sbox[i];
sbox[i] = sbox[j];
sbox[j] = tmp;
}
for (i = 0; i < datalen; ++i) {
index_i++;
index_j += sbox[index_i];
tmp = sbox[index_i];
sbox[index_i] = sbox[index_j];
sbox[index_j] = tmp;
tmp = sbox[index_i] + sbox[index_j];
data[i] = data[i] ^ sbox[tmp];
}
}
int
smb_chk_hostaccess(smb_inaddr_t *ipaddr, char *access_list)
{
char addr[INET_ADDRSTRLEN];
char buff[256];
char *cstr = access_list, *gr = access_list;
char *host;
int clres;
int i;
int nentries = 0;
int off;
int response;
int sbr = 0;
struct nd_hostservlist *clnames;
struct in_addr inaddr;
struct sockaddr_in sa;
struct sockaddr_in6 sa6;
struct netbuf buf;
struct netconfig *config;
struct netent n, *np;
if (access_list == NULL)
return (0);
if (*access_list == '\0' || strcmp(access_list, "*") == 0)
return (-1);
switch (ipaddr->a_family) {
case AF_INET:
inaddr.s_addr = ipaddr->a_ipv4;
sa.sin_family = AF_INET;
sa.sin_port = 0;
sa.sin_addr = inaddr;
buf.len = buf.maxlen = sizeof (sa);
buf.buf = (char *)&sa;
config = getnetconfigent("tcp");
break;
case AF_INET6:
sa6.sin6_family = AF_INET6;
sa6.sin6_port = 0;
sa6.sin6_addr = ipaddr->a_ipv6;
buf.len = buf.maxlen = sizeof (sa6);
buf.buf = (char *)&sa6;
config = getnetconfigent("tcp6");
break;
default:
return (1);
}
if (config == NULL)
return (1);
clres = __netdir_getbyaddr_nosrv(config, &clnames, &buf);
freenetconfigent(config);
for (;;) {
if ((cstr = strpbrk(cstr, "[]:")) != NULL) {
switch (*cstr) {
case '[':
case ']':
sbr = !sbr;
cstr++;
continue;
case ':':
if (sbr) {
cstr++;
continue;
}
*cstr = '\0';
}
}
if (*gr == '-') {
response = 0;
gr++;
} else {
response = 1;
}
if (*gr == '@') {
gr++;
if (!isdigit(*gr) && *gr != '[') {
if ((np = getnetbyname_r(gr, &n, buff,
sizeof (buff))) != NULL &&
np->n_net != 0) {
while ((np->n_net & 0xFF000000u) == 0)
np->n_net <<= 8;
np->n_net = htonl(np->n_net);
if (inet_ntop(AF_INET, &np->n_net, addr,
INET_ADDRSTRLEN) == NULL)
break;
if (inet_matchaddr(buf.buf, addr) == 1)
return (response);
}
} else {
if (inet_matchaddr(buf.buf, gr) == 1)
return (response);
}
if (cstr == NULL)
break;
gr = ++cstr;
continue;
}
if (clres) {
if (cstr == NULL)
break;
gr = ++cstr;
continue;
}
for (i = 0; i < clnames->h_cnt; i++) {
host = clnames->h_hostservs[i].h_host;
if (*gr == '.') {
if (*(gr + 1) == '\0') {
if (strchr(host, '.') == NULL)
return (response);
} else {
off = strlen(host) - strlen(gr);
if (off > 0 &&
strcasecmp(host + off, gr) == 0) {
return (response);
}
}
} else {
if (strcasecmp(gr, host) == 0)
return (response);
}
}
nentries++;
if (cstr == NULL)
break;
gr = ++cstr;
}
if (clres)
return (0);
return (smb_netgroup_match(clnames, access_list, nentries));
}
static boolean_t
smb_netgroup_match(struct nd_hostservlist *clnames, char *glist, int grc)
{
char **grl;
char *gr;
int nhosts = clnames->h_cnt;
char *host;
int i, j, n;
boolean_t response;
boolean_t belong = B_FALSE;
static char *domain = NULL;
if (domain == NULL) {
int ssize;
domain = malloc(SYS_NMLN);
if (domain == NULL)
return (B_FALSE);
ssize = sysinfo(SI_SRPC_DOMAIN, domain, SYS_NMLN);
if (ssize > SYS_NMLN) {
free(domain);
domain = malloc(ssize);
if (domain == NULL)
return (B_FALSE);
ssize = sysinfo(SI_SRPC_DOMAIN, domain, ssize);
}
if (ssize <= 1)
return (B_FALSE);
}
grl = calloc(grc, sizeof (char *));
if (grl == NULL)
return (B_FALSE);
for (i = 0, gr = glist; i < grc && !belong; ) {
response = (*gr != '-') ? B_TRUE : B_FALSE;
for (n = 0; i < grc; i++, n++, gr += strlen(gr) + 1) {
if ((response && *gr == '-') ||
(!response && *gr != '-'))
break;
grl[n] = response ? gr : gr + 1;
}
for (j = 0; j < nhosts && !belong; j++) {
host = clnames->h_hostservs[j].h_host;
if (__multi_innetgr(n, grl, 1, &host, 0, NULL,
1, &domain))
belong = B_TRUE;
}
}
free(grl);
return (belong ? response : B_FALSE);
}
int
smb_getdataset(libzfs_handle_t *libhdl, const char *path, char *dataset,
size_t len)
{
char tmppath[MAXPATHLEN];
char *cp;
FILE *fp;
struct mnttab mnttab;
struct mnttab mntpref;
int rc = -1;
if (libhdl != NULL) {
zfs_handle_t *hdl;
char mountpnt[ZFS_MAXPROPLEN];
char *dsname = (char *)path + strspn(path, "/");
hdl = zfs_open(libhdl, dsname, ZFS_TYPE_FILESYSTEM);
if (hdl != NULL) {
if ((zfs_prop_get(hdl, ZFS_PROP_MOUNTPOINT, mountpnt,
sizeof (mountpnt), NULL, NULL, 0, B_FALSE) == 0) &&
(strcmp(mountpnt, path) == 0)) {
zfs_close(hdl);
(void) strlcpy(dataset, dsname, len);
return (0);
}
zfs_close(hdl);
}
}
if ((fp = fopen(MNTTAB, "r")) == NULL)
return (-1);
(void) memset(&mnttab, '\0', sizeof (mnttab));
(void) strlcpy(tmppath, path, MAXPATHLEN);
cp = tmppath;
while (*cp != '\0') {
resetmnttab(fp);
(void) memset(&mntpref, '\0', sizeof (mntpref));
mntpref.mnt_mountp = tmppath;
if (getmntany(fp, &mnttab, &mntpref) == 0) {
if (mnttab.mnt_fstype == NULL)
break;
if (strcmp(mnttab.mnt_fstype, "zfs") != 0)
break;
cp = mnttab.mnt_special;
cp += strspn(cp, "/");
(void) strlcpy(dataset, cp, len);
rc = 0;
break;
}
if (strcmp(tmppath, "/") == 0)
break;
if ((cp = strrchr(tmppath, '/')) == NULL)
break;
*cp = '\0';
if (tmppath[0] == '\0')
(void) strcpy(tmppath, "/");
cp = tmppath;
}
(void) fclose(fp);
return (rc);
}
void *
smb_dlopen(void)
{
uuid_t uuid;
void *interposer_hdl;
typedef int (*smbex_versionfn_t)(smbex_version_t *);
smbex_versionfn_t getversion;
smbex_version_t *version;
bzero(&uuid, sizeof (uuid_t));
if (uuid_parse(SMBEX_KEY, uuid) < 0)
return (NULL);
interposer_hdl = dlopen(SMB_LIB_ALT, RTLD_NOW | RTLD_LOCAL);
if (interposer_hdl == NULL)
return (NULL);
bzero(&getversion, sizeof (smbex_versionfn_t));
getversion = (smbex_versionfn_t)dlsym(interposer_hdl,
"smbex_get_version");
if ((getversion == NULL) ||
(version = malloc(sizeof (smbex_version_t))) == NULL) {
(void) dlclose(interposer_hdl);
return (NULL);
}
bzero(version, sizeof (smbex_version_t));
if ((getversion(version) != 0) ||
(version->v_version != SMBEX_VERSION) ||
(uuid_compare(version->v_uuid, uuid) != 0)) {
free(version);
(void) dlclose(interposer_hdl);
return (NULL);
}
free(version);
return (interposer_hdl);
}
void
smb_dlclose(void *handle)
{
if (handle)
(void) dlclose(handle);
}
int
smb_getnameinfo(smb_inaddr_t *ip, char *hostname, int hostlen, int flags)
{
socklen_t salen;
struct sockaddr_in6 sin6;
struct sockaddr_in sin;
void *sp;
int rc;
if (ip->a_family == AF_INET) {
salen = sizeof (struct sockaddr_in);
sin.sin_family = ip->a_family;
sin.sin_port = 0;
sin.sin_addr.s_addr = ip->a_ipv4;
sp = &sin;
} else {
salen = sizeof (struct sockaddr_in6);
sin6.sin6_family = ip->a_family;
sin6.sin6_port = 0;
(void) memcpy(&sin6.sin6_addr.s6_addr, &ip->a_ipv6,
sizeof (sin6.sin6_addr.s6_addr));
sp = &sin6;
}
if ((rc = (getnameinfo((struct sockaddr *)sp, salen,
hostname, hostlen, NULL, 0, flags))) == 0)
(void) smb_strlwr(hostname);
return (rc);
}
uint32_t
smb_name_validate_share(const char *sharename)
{
const char *invalid = "\"/\\[]:|<>+;,?*=";
const char *p;
if (sharename == NULL)
return (ERROR_INVALID_PARAMETER);
if (strpbrk(sharename, invalid) != NULL)
return (ERROR_INVALID_NAME);
for (p = sharename; *p != '\0'; p++) {
if (iscntrl(*p))
return (ERROR_INVALID_NAME);
}
return (ERROR_SUCCESS);
}
uint32_t
smb_name_validate_account(const char *name)
{
const char *invalid = "\"/\\[]<>+;,?*=@";
const char *p;
int len;
if ((name == NULL) || (*name == '\0'))
return (ERROR_INVALID_PARAMETER);
len = strlen(name);
if ((len > MAXNAMELEN) || (name[len - 1] == '.'))
return (ERROR_INVALID_NAME);
if (strpbrk(name, invalid) != NULL)
return (ERROR_INVALID_NAME);
for (p = name; *p != '\0'; p++) {
if (iscntrl(*p))
return (ERROR_INVALID_NAME);
}
return (ERROR_SUCCESS);
}
uint32_t
smb_name_validate_domain(const char *domain)
{
boolean_t new_label = B_TRUE;
const char *p;
char label_terminator;
if (domain == NULL)
return (ERROR_INVALID_PARAMETER);
if (*domain == '\0')
return (ERROR_INVALID_NAME);
label_terminator = *domain;
for (p = domain; *p != '\0'; ++p) {
if (new_label) {
if (!isalnum(*p))
return (ERROR_INVALID_NAME);
new_label = B_FALSE;
label_terminator = *p;
continue;
}
if (*p == '.') {
if (!isalnum(label_terminator))
return (ERROR_INVALID_NAME);
new_label = B_TRUE;
label_terminator = *p;
continue;
}
label_terminator = *p;
if (isalnum(*p) || *p == '-' || *p == '_')
continue;
return (ERROR_INVALID_NAME);
}
if (!isalnum(label_terminator))
return (ERROR_INVALID_NAME);
return (ERROR_SUCCESS);
}
uint32_t
smb_name_validate_nbdomain(const char *name)
{
char netbiosname[NETBIOS_NAME_SZ];
const char *p;
int len;
if (name == NULL)
return (ERROR_INVALID_PARAMETER);
len = strlen(name);
if (len == 0 || len >= NETBIOS_NAME_SZ)
return (ERROR_INVALID_NAME);
if (strspn(name, "0123456789") == len)
return (ERROR_INVALID_NAME);
if (smb_getnetbiosname(netbiosname, NETBIOS_NAME_SZ) == 0) {
if (smb_strcasecmp(name, netbiosname, 0) == 0)
return (ERROR_INVALID_NAME);
}
for (p = name; *p != '\0'; ++p) {
if (isalnum(*p) || *p == '-' || *p == '_')
continue;
return (ERROR_INVALID_NAME);
}
return (ERROR_SUCCESS);
}
uint32_t
smb_name_validate_workgroup(const char *workgroup)
{
char netbiosname[NETBIOS_NAME_SZ];
const char *invalid = "\"/\\[]:|<>+=;,?";
const char *p;
if (workgroup == NULL)
return (ERROR_INVALID_PARAMETER);
if (*workgroup == '\0' || (!isalnum(*workgroup)))
return (ERROR_INVALID_NAME);
if (strlen(workgroup) >= NETBIOS_NAME_SZ)
return (ERROR_INVALID_NAME);
if (smb_getnetbiosname(netbiosname, NETBIOS_NAME_SZ) == 0) {
if (smb_strcasecmp(workgroup, netbiosname, 0) == 0)
return (ERROR_INVALID_NAME);
}
if (strpbrk(workgroup, invalid) != NULL)
return (ERROR_INVALID_NAME);
for (p = workgroup; *p != '\0'; p++) {
if (iscntrl(*p))
return (ERROR_INVALID_NAME);
}
return (ERROR_SUCCESS);
}
uint32_t
smb_name_validate_rpath(const char *relpath)
{
char *invalid = "\"\\[]:|<>+;,?*=";
char *cp;
if ((relpath == NULL) || (*relpath == '\0') || (*relpath == '/'))
return (ERROR_INVALID_NAME);
if (strpbrk(relpath, invalid))
return (ERROR_INVALID_NAME);
for (cp = (char *)relpath; *cp != '\0'; cp++) {
if (iscntrl(*cp))
return (ERROR_INVALID_NAME);
}
return (ERROR_SUCCESS);
}
void
smb_name_parse(char *arg, char **account, char **domain)
{
char *p;
*account = NULL;
*domain = NULL;
if ((p = strpbrk(arg, "/\\@")) != NULL) {
if (*p == '@') {
*p = '\0';
++p;
*domain = p;
*account = arg;
} else {
*p = '\0';
++p;
*account = p;
*domain = arg;
}
}
}
uint32_t
smb_get_txid(void)
{
static mutex_t txmutex;
static uint32_t txid;
uint32_t txid_ret;
(void) mutex_lock(&txmutex);
if (txid == 0)
txid = time(NULL);
do {
++txid;
} while (txid == 0 || txid == (uint32_t)-1);
txid_ret = txid;
(void) mutex_unlock(&txmutex);
return (txid_ret);
}
