1 #include <u.h>
2 #include <libc.h>
3 #include <auth.h>
4 #include <fcall.h>
5 #include <thread.h>
6 #include <9p.h>
7 #include "cifs.h"
8
9 struct { /* Well known security IDs */
10 char *name;
11 char *auth;
12 char *rid;
13 } known[] = {
14 /* default local users */
15 { "lu.dialup", "S-1-5-1", nil },
16 { "lu.network", "S-1-5-2", nil },
17 { "lu.batch", "S-1-5-3", nil },
18 { "lu.interactive", "S-1-5-4", nil },
19 { "lu.service", "S-1-5-6", nil },
20 { "lu.anon", "S-1-5-7", nil },
21 { "lu.DC", "S-1-5-8", nil },
22 { "lu.enterprise-domain", "S-1-5-9", nil },
23 { "lu.self", "S-1-5-10", nil },
24 { "lu.authenticated", "S-1-5-11", nil },
25 { "lu.restricted", "S-1-5-12", nil },
26 { "lu.terminal-services", "S-1-5-13", nil },
27 { "lu.remote-desktop", "S-1-5-14", nil },
28 { "lu.local-system", "S-1-5-18", nil },
29 { "lu.local-service", "S-1-5-19", nil },
30 { "lu.network-service", "S-1-5-20", nil },
31 { "lu.builtin", "S-1-5-32", nil },
32
33 /* default local groups */
34 { "lg.null", "S-1-0-0", nil },
35 { "lg.world", "S-1-1-0", nil },
36 { "lg.local", "S-1-2-0", nil },
37 { "lg.creator-owner", "S-1-3-0", nil },
38 { "lg.creator-group", "S-1-3-1", nil },
39 { "lg.creator-owner-server", "S-1-3-2", nil },
40 { "lg.creator-group-server", "S-1-3-3", nil },
41
42 /* default domain users */
43 { "du.admin", "S-1-5", "500" },
44 { "du.guest", "S-1-5", "501" },
45 { "du.kerberos", "S-1-5", "502" },
46
47 /* default domain groups */
48 { "dg.admins", "S-1-5-21", "512" },
49 { "dg.users", "S-1-5-21", "513" },
50 { "dg.guests", "S-1-5", "514" },
51 { "dg.computers", "S-1-5", "515" },
52 { "dg.controllers", "S-1-5", "516" },
53 { "dg.cert-admins", "S-1-5", "517" },
54 { "dg.schema-admins", "S-1-5", "518" },
55 { "dg.enterprise-admins", "S-1-5", "519" },
56 { "dg.group-policy-admins", "S-1-5", "520" },
57 { "dg.remote-access", "S-1-5", "553" },
58
59 /* default domain aliases */
60 { "da.admins", "S-1-5", "544" },
61 { "da.users", "S-1-5", "545" },
62 { "da.guests", "S-1-5", "546" },
63 { "da.power-users", "S-1-5", "547" },
64 { "da.account-operators", "S-1-5", "548" },
65 { "da.server-operators", "S-1-5", "549" },
66 { "da.print-operators", "S-1-5", "550" },
67 { "da.backup-operators", "S-1-5", "551" },
68 { "da.replicator", "S-1-5", "552" },
69 { "da.RAS-servers", "S-1-5", "553" },
70
71 };
72
73 static char *
sid2name(char * sid)74 sid2name(char *sid)
75 {
76 int i;
77 char *rid;
78
79 if(sid == nil || (rid = strrchr(sid, '-')) == nil || *++rid == 0)
80 return estrdup9p("-");
81
82 for(i = 0; i < nelem(known); i++){
83 if(strcmp(known[i].auth, sid) == 0 && known[i].rid == nil)
84 return estrdup9p(known[i].name);
85
86 if(strlen(known[i].auth) < strlen(sid) &&
87 strncmp(known[i].auth, sid, strlen(known[i].auth)) == 0 &&
88 known[i].rid && strcmp(known[i].rid, rid) == 0)
89 return estrdup9p(known[i].name);
90 }
91
92 return estrdup9p(rid);
93 }
94
95 void
upd_names(Session * s,Share * sp,char * path,Dir * d)96 upd_names(Session *s, Share *sp, char *path, Dir *d)
97 {
98 int fh, result;
99 char *usid, *gsid;
100 FInfo fi;
101
102 if(d->uid)
103 free(d->uid);
104 if(d->gid)
105 free(d->gid);
106
107 if((fh = CIFS_NT_opencreate(s, sp, path, 0, 0, 0, READ_CONTROL,
108 FILE_SHARE_ALL, FILE_OPEN, &result, &fi)) == -1){
109 d->uid = estrdup9p("unknown");
110 d->gid = estrdup9p("unknown");
111 return;
112 }
113 usid = nil;
114 gsid = nil;
115 TNTquerysecurity(s, sp, fh, &usid, &gsid);
116 d->uid = sid2name(usid);
117 d->gid = sid2name(gsid);
118 if(fh != -1)
119 CIFSclose(s, sp, fh);
120 }
121