xref: /onnv-gate/usr/src/lib/libidmap/common/sidutil.h (revision 10122:96eda55bfd54)
1*10122SJordan.Brown@Sun.COM /*
2*10122SJordan.Brown@Sun.COM  * CDDL HEADER START
3*10122SJordan.Brown@Sun.COM  *
4*10122SJordan.Brown@Sun.COM  * The contents of this file are subject to the terms of the
5*10122SJordan.Brown@Sun.COM  * Common Development and Distribution License (the "License").
6*10122SJordan.Brown@Sun.COM  * You may not use this file except in compliance with the License.
7*10122SJordan.Brown@Sun.COM  *
8*10122SJordan.Brown@Sun.COM  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9*10122SJordan.Brown@Sun.COM  * or http://www.opensolaris.org/os/licensing.
10*10122SJordan.Brown@Sun.COM  * See the License for the specific language governing permissions
11*10122SJordan.Brown@Sun.COM  * and limitations under the License.
12*10122SJordan.Brown@Sun.COM  *
13*10122SJordan.Brown@Sun.COM  * When distributing Covered Code, include this CDDL HEADER in each
14*10122SJordan.Brown@Sun.COM  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15*10122SJordan.Brown@Sun.COM  * If applicable, add the following below this CDDL HEADER, with the
16*10122SJordan.Brown@Sun.COM  * fields enclosed by brackets "[]" replaced with your own identifying
17*10122SJordan.Brown@Sun.COM  * information: Portions Copyright [yyyy] [name of copyright owner]
18*10122SJordan.Brown@Sun.COM  *
19*10122SJordan.Brown@Sun.COM  * CDDL HEADER END
20*10122SJordan.Brown@Sun.COM  */
21*10122SJordan.Brown@Sun.COM /*
22*10122SJordan.Brown@Sun.COM  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
23*10122SJordan.Brown@Sun.COM  * Use is subject to license terms.
24*10122SJordan.Brown@Sun.COM  */
25*10122SJordan.Brown@Sun.COM 
26*10122SJordan.Brown@Sun.COM #ifndef _SIDUTIL_H
27*10122SJordan.Brown@Sun.COM #define	_SIDUTIL_H
28*10122SJordan.Brown@Sun.COM 
29*10122SJordan.Brown@Sun.COM /*
30*10122SJordan.Brown@Sun.COM  * Security Identifier (SID) interface definition.
31*10122SJordan.Brown@Sun.COM  *
32*10122SJordan.Brown@Sun.COM  * This is an extract from uts/common/smbsrv/smb_sid.h, with functions
33*10122SJordan.Brown@Sun.COM  * renamed as part of a tentative plan for convergence.
34*10122SJordan.Brown@Sun.COM  */
35*10122SJordan.Brown@Sun.COM 
36*10122SJordan.Brown@Sun.COM #ifdef __cplusplus
37*10122SJordan.Brown@Sun.COM extern "C" {
38*10122SJordan.Brown@Sun.COM #endif
39*10122SJordan.Brown@Sun.COM 
40*10122SJordan.Brown@Sun.COM /*
41*10122SJordan.Brown@Sun.COM  * Common definition for a SID.
42*10122SJordan.Brown@Sun.COM  */
43*10122SJordan.Brown@Sun.COM #define	NT_SID_REVISION		1
44*10122SJordan.Brown@Sun.COM #define	NT_SID_AUTH_MAX		6
45*10122SJordan.Brown@Sun.COM #define	NT_SID_SUBAUTH_MAX	15
46*10122SJordan.Brown@Sun.COM 
47*10122SJordan.Brown@Sun.COM #if	!defined(ANY_SIZE_ARRAY)
48*10122SJordan.Brown@Sun.COM #define	ANY_SIZE_ARRAY	1
49*10122SJordan.Brown@Sun.COM #endif
50*10122SJordan.Brown@Sun.COM 
51*10122SJordan.Brown@Sun.COM /*
52*10122SJordan.Brown@Sun.COM  * Security Identifier (SID)
53*10122SJordan.Brown@Sun.COM  *
54*10122SJordan.Brown@Sun.COM  * The security identifier (SID) uniquely identifies a user, group or
55*10122SJordan.Brown@Sun.COM  * a domain. It consists of a revision number, the identifier authority,
56*10122SJordan.Brown@Sun.COM  * and a list of sub-authorities. The revision number is currently 1.
57*10122SJordan.Brown@Sun.COM  * The identifier authority identifies which system issued the SID. The
58*10122SJordan.Brown@Sun.COM  * sub-authorities of a domain SID uniquely identify a domain. A user
59*10122SJordan.Brown@Sun.COM  * or group SID consists of a domain SID with the user or group id
60*10122SJordan.Brown@Sun.COM  * appended. The user or group id (also known as a relative id (RID)
61*10122SJordan.Brown@Sun.COM  * uniquely identifies a user within a domain. A user or group SID
62*10122SJordan.Brown@Sun.COM  * uniquely identifies a user or group across all domains. The SidType
63*10122SJordan.Brown@Sun.COM  * values identify the various types of SID.
64*10122SJordan.Brown@Sun.COM  *
65*10122SJordan.Brown@Sun.COM  *      1   1   1   1   1   1
66*10122SJordan.Brown@Sun.COM  *      5   4   3   2   1   0   9   8   7   6   5   4   3   2   1   0
67*10122SJordan.Brown@Sun.COM  *   +---------------------------------------------------------------+
68*10122SJordan.Brown@Sun.COM  *   |      SubAuthorityCount        |Reserved1 (SBZ)|   Revision    |
69*10122SJordan.Brown@Sun.COM  *   +---------------------------------------------------------------+
70*10122SJordan.Brown@Sun.COM  *   |                   IdentifierAuthority[0]                      |
71*10122SJordan.Brown@Sun.COM  *   +---------------------------------------------------------------+
72*10122SJordan.Brown@Sun.COM  *   |                   IdentifierAuthority[1]                      |
73*10122SJordan.Brown@Sun.COM  *   +---------------------------------------------------------------+
74*10122SJordan.Brown@Sun.COM  *   |                   IdentifierAuthority[2]                      |
75*10122SJordan.Brown@Sun.COM  *   +---------------------------------------------------------------+
76*10122SJordan.Brown@Sun.COM  *   |                                                               |
77*10122SJordan.Brown@Sun.COM  *   +- -  -  -  -  -  -  -  SubAuthority[]  -  -  -  -  -  -  -  - -+
78*10122SJordan.Brown@Sun.COM  *   |                                                               |
79*10122SJordan.Brown@Sun.COM  *   +---------------------------------------------------------------+
80*10122SJordan.Brown@Sun.COM  *
81*10122SJordan.Brown@Sun.COM  */
82*10122SJordan.Brown@Sun.COM /*
83*10122SJordan.Brown@Sun.COM  * Note: NT defines the Identifier Authority as a separate
84*10122SJordan.Brown@Sun.COM  * structure (SID_IDENTIFIER_AUTHORITY) containing a literal
85*10122SJordan.Brown@Sun.COM  * definition of a 6 byte vector but the effect is the same
86*10122SJordan.Brown@Sun.COM  * as defining it as a member value.
87*10122SJordan.Brown@Sun.COM  */
88*10122SJordan.Brown@Sun.COM typedef struct sid {
89*10122SJordan.Brown@Sun.COM 	uint8_t sid_revision;
90*10122SJordan.Brown@Sun.COM 	uint8_t sid_subauthcnt;
91*10122SJordan.Brown@Sun.COM 	uint8_t sid_authority[NT_SID_AUTH_MAX];
92*10122SJordan.Brown@Sun.COM 	uint32_t sid_subauth[ANY_SIZE_ARRAY];
93*10122SJordan.Brown@Sun.COM } sid_t;
94*10122SJordan.Brown@Sun.COM 
95*10122SJordan.Brown@Sun.COM /*
96*10122SJordan.Brown@Sun.COM  * The maximum size of a SID in string format
97*10122SJordan.Brown@Sun.COM  */
98*10122SJordan.Brown@Sun.COM #define	SID_STRSZ		256
99*10122SJordan.Brown@Sun.COM 
100*10122SJordan.Brown@Sun.COM /* Given a SID, return its length in bytes. */
101*10122SJordan.Brown@Sun.COM int sid_len(sid_t *);
102*10122SJordan.Brown@Sun.COM 
103*10122SJordan.Brown@Sun.COM /* Given a dynamically allocated SID (e.g. from sid_fromstr), free it. */
104*10122SJordan.Brown@Sun.COM void sid_free(sid_t *);
105*10122SJordan.Brown@Sun.COM 
106*10122SJordan.Brown@Sun.COM /* Translate a binary-format SID into the supplied SID_STRSZ buffer. */
107*10122SJordan.Brown@Sun.COM void sid_tostr(sid_t *, char *);
108*10122SJordan.Brown@Sun.COM 
109*10122SJordan.Brown@Sun.COM /* Translate a text-format SID into an allocated binary-format SID. */
110*10122SJordan.Brown@Sun.COM sid_t *sid_fromstr(char *);
111*10122SJordan.Brown@Sun.COM 
112*10122SJordan.Brown@Sun.COM /* In-place, translate a host-order SID into MS-native little endian. */
113*10122SJordan.Brown@Sun.COM void sid_to_le(sid_t *);
114*10122SJordan.Brown@Sun.COM 
115*10122SJordan.Brown@Sun.COM /* In-place, translate a MS-native little endian SID into host order. */
116*10122SJordan.Brown@Sun.COM void sid_from_le(sid_t *);
117*10122SJordan.Brown@Sun.COM 
118*10122SJordan.Brown@Sun.COM #ifdef __cplusplus
119*10122SJordan.Brown@Sun.COM }
120*10122SJordan.Brown@Sun.COM #endif
121*10122SJordan.Brown@Sun.COM 
122*10122SJordan.Brown@Sun.COM 
123*10122SJordan.Brown@Sun.COM #endif /* _SIDUTIL_H */
124