1*10122SJordan.Brown@Sun.COM /* 2*10122SJordan.Brown@Sun.COM * CDDL HEADER START 3*10122SJordan.Brown@Sun.COM * 4*10122SJordan.Brown@Sun.COM * The contents of this file are subject to the terms of the 5*10122SJordan.Brown@Sun.COM * Common Development and Distribution License (the "License"). 6*10122SJordan.Brown@Sun.COM * You may not use this file except in compliance with the License. 7*10122SJordan.Brown@Sun.COM * 8*10122SJordan.Brown@Sun.COM * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9*10122SJordan.Brown@Sun.COM * or http://www.opensolaris.org/os/licensing. 10*10122SJordan.Brown@Sun.COM * See the License for the specific language governing permissions 11*10122SJordan.Brown@Sun.COM * and limitations under the License. 12*10122SJordan.Brown@Sun.COM * 13*10122SJordan.Brown@Sun.COM * When distributing Covered Code, include this CDDL HEADER in each 14*10122SJordan.Brown@Sun.COM * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15*10122SJordan.Brown@Sun.COM * If applicable, add the following below this CDDL HEADER, with the 16*10122SJordan.Brown@Sun.COM * fields enclosed by brackets "[]" replaced with your own identifying 17*10122SJordan.Brown@Sun.COM * information: Portions Copyright [yyyy] [name of copyright owner] 18*10122SJordan.Brown@Sun.COM * 19*10122SJordan.Brown@Sun.COM * CDDL HEADER END 20*10122SJordan.Brown@Sun.COM */ 21*10122SJordan.Brown@Sun.COM /* 22*10122SJordan.Brown@Sun.COM * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23*10122SJordan.Brown@Sun.COM * Use is subject to license terms. 24*10122SJordan.Brown@Sun.COM */ 25*10122SJordan.Brown@Sun.COM 26*10122SJordan.Brown@Sun.COM #ifndef _SIDUTIL_H 27*10122SJordan.Brown@Sun.COM #define _SIDUTIL_H 28*10122SJordan.Brown@Sun.COM 29*10122SJordan.Brown@Sun.COM /* 30*10122SJordan.Brown@Sun.COM * Security Identifier (SID) interface definition. 31*10122SJordan.Brown@Sun.COM * 32*10122SJordan.Brown@Sun.COM * This is an extract from uts/common/smbsrv/smb_sid.h, with functions 33*10122SJordan.Brown@Sun.COM * renamed as part of a tentative plan for convergence. 34*10122SJordan.Brown@Sun.COM */ 35*10122SJordan.Brown@Sun.COM 36*10122SJordan.Brown@Sun.COM #ifdef __cplusplus 37*10122SJordan.Brown@Sun.COM extern "C" { 38*10122SJordan.Brown@Sun.COM #endif 39*10122SJordan.Brown@Sun.COM 40*10122SJordan.Brown@Sun.COM /* 41*10122SJordan.Brown@Sun.COM * Common definition for a SID. 42*10122SJordan.Brown@Sun.COM */ 43*10122SJordan.Brown@Sun.COM #define NT_SID_REVISION 1 44*10122SJordan.Brown@Sun.COM #define NT_SID_AUTH_MAX 6 45*10122SJordan.Brown@Sun.COM #define NT_SID_SUBAUTH_MAX 15 46*10122SJordan.Brown@Sun.COM 47*10122SJordan.Brown@Sun.COM #if !defined(ANY_SIZE_ARRAY) 48*10122SJordan.Brown@Sun.COM #define ANY_SIZE_ARRAY 1 49*10122SJordan.Brown@Sun.COM #endif 50*10122SJordan.Brown@Sun.COM 51*10122SJordan.Brown@Sun.COM /* 52*10122SJordan.Brown@Sun.COM * Security Identifier (SID) 53*10122SJordan.Brown@Sun.COM * 54*10122SJordan.Brown@Sun.COM * The security identifier (SID) uniquely identifies a user, group or 55*10122SJordan.Brown@Sun.COM * a domain. It consists of a revision number, the identifier authority, 56*10122SJordan.Brown@Sun.COM * and a list of sub-authorities. The revision number is currently 1. 57*10122SJordan.Brown@Sun.COM * The identifier authority identifies which system issued the SID. The 58*10122SJordan.Brown@Sun.COM * sub-authorities of a domain SID uniquely identify a domain. A user 59*10122SJordan.Brown@Sun.COM * or group SID consists of a domain SID with the user or group id 60*10122SJordan.Brown@Sun.COM * appended. The user or group id (also known as a relative id (RID) 61*10122SJordan.Brown@Sun.COM * uniquely identifies a user within a domain. A user or group SID 62*10122SJordan.Brown@Sun.COM * uniquely identifies a user or group across all domains. The SidType 63*10122SJordan.Brown@Sun.COM * values identify the various types of SID. 64*10122SJordan.Brown@Sun.COM * 65*10122SJordan.Brown@Sun.COM * 1 1 1 1 1 1 66*10122SJordan.Brown@Sun.COM * 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 67*10122SJordan.Brown@Sun.COM * +---------------------------------------------------------------+ 68*10122SJordan.Brown@Sun.COM * | SubAuthorityCount |Reserved1 (SBZ)| Revision | 69*10122SJordan.Brown@Sun.COM * +---------------------------------------------------------------+ 70*10122SJordan.Brown@Sun.COM * | IdentifierAuthority[0] | 71*10122SJordan.Brown@Sun.COM * +---------------------------------------------------------------+ 72*10122SJordan.Brown@Sun.COM * | IdentifierAuthority[1] | 73*10122SJordan.Brown@Sun.COM * +---------------------------------------------------------------+ 74*10122SJordan.Brown@Sun.COM * | IdentifierAuthority[2] | 75*10122SJordan.Brown@Sun.COM * +---------------------------------------------------------------+ 76*10122SJordan.Brown@Sun.COM * | | 77*10122SJordan.Brown@Sun.COM * +- - - - - - - - SubAuthority[] - - - - - - - - -+ 78*10122SJordan.Brown@Sun.COM * | | 79*10122SJordan.Brown@Sun.COM * +---------------------------------------------------------------+ 80*10122SJordan.Brown@Sun.COM * 81*10122SJordan.Brown@Sun.COM */ 82*10122SJordan.Brown@Sun.COM /* 83*10122SJordan.Brown@Sun.COM * Note: NT defines the Identifier Authority as a separate 84*10122SJordan.Brown@Sun.COM * structure (SID_IDENTIFIER_AUTHORITY) containing a literal 85*10122SJordan.Brown@Sun.COM * definition of a 6 byte vector but the effect is the same 86*10122SJordan.Brown@Sun.COM * as defining it as a member value. 87*10122SJordan.Brown@Sun.COM */ 88*10122SJordan.Brown@Sun.COM typedef struct sid { 89*10122SJordan.Brown@Sun.COM uint8_t sid_revision; 90*10122SJordan.Brown@Sun.COM uint8_t sid_subauthcnt; 91*10122SJordan.Brown@Sun.COM uint8_t sid_authority[NT_SID_AUTH_MAX]; 92*10122SJordan.Brown@Sun.COM uint32_t sid_subauth[ANY_SIZE_ARRAY]; 93*10122SJordan.Brown@Sun.COM } sid_t; 94*10122SJordan.Brown@Sun.COM 95*10122SJordan.Brown@Sun.COM /* 96*10122SJordan.Brown@Sun.COM * The maximum size of a SID in string format 97*10122SJordan.Brown@Sun.COM */ 98*10122SJordan.Brown@Sun.COM #define SID_STRSZ 256 99*10122SJordan.Brown@Sun.COM 100*10122SJordan.Brown@Sun.COM /* Given a SID, return its length in bytes. */ 101*10122SJordan.Brown@Sun.COM int sid_len(sid_t *); 102*10122SJordan.Brown@Sun.COM 103*10122SJordan.Brown@Sun.COM /* Given a dynamically allocated SID (e.g. from sid_fromstr), free it. */ 104*10122SJordan.Brown@Sun.COM void sid_free(sid_t *); 105*10122SJordan.Brown@Sun.COM 106*10122SJordan.Brown@Sun.COM /* Translate a binary-format SID into the supplied SID_STRSZ buffer. */ 107*10122SJordan.Brown@Sun.COM void sid_tostr(sid_t *, char *); 108*10122SJordan.Brown@Sun.COM 109*10122SJordan.Brown@Sun.COM /* Translate a text-format SID into an allocated binary-format SID. */ 110*10122SJordan.Brown@Sun.COM sid_t *sid_fromstr(char *); 111*10122SJordan.Brown@Sun.COM 112*10122SJordan.Brown@Sun.COM /* In-place, translate a host-order SID into MS-native little endian. */ 113*10122SJordan.Brown@Sun.COM void sid_to_le(sid_t *); 114*10122SJordan.Brown@Sun.COM 115*10122SJordan.Brown@Sun.COM /* In-place, translate a MS-native little endian SID into host order. */ 116*10122SJordan.Brown@Sun.COM void sid_from_le(sid_t *); 117*10122SJordan.Brown@Sun.COM 118*10122SJordan.Brown@Sun.COM #ifdef __cplusplus 119*10122SJordan.Brown@Sun.COM } 120*10122SJordan.Brown@Sun.COM #endif 121*10122SJordan.Brown@Sun.COM 122*10122SJordan.Brown@Sun.COM 123*10122SJordan.Brown@Sun.COM #endif /* _SIDUTIL_H */ 124