From d8df43e65d507710de72c6743f43127ad14019fc Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 17 Nov 2008 14:13:20 -0800
Subject: [PATCH] Fix bug #5900 reported by monyo@samba.gr.jp - vfs_readonly.so
 does not work. Jeremy.

---
 source3/include/proto.h        |  3 ++-
 source3/modules/vfs_readonly.c | 13 +++++++++++++
 source3/smbd/share_access.c    |  6 ++++--
 source3/smbd/uid.c             |  3 ++-
 4 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 5f9203a21f8..33425849d1f 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -8459,7 +8459,8 @@ bool user_ok_token(const char *username, const char *domain,
 		   struct nt_user_token *token, int snum);
 bool is_share_read_only_for_token(const char *username,
 				  const char *domain,
-				  struct nt_user_token *token, int snum);
+				  struct nt_user_token *token,
+				  connection_struct *conn);
 
 /* The following definitions come from smbd/srvstr.c  */
 
diff --git a/source3/modules/vfs_readonly.c b/source3/modules/vfs_readonly.c
index d4ddf32e3ac..58c83e5e1be 100644
--- a/source3/modules/vfs_readonly.c
+++ b/source3/modules/vfs_readonly.c
@@ -64,12 +64,25 @@ static int readonly_connect(vfs_handle_struct *handle,
 					     "period", period_def); 
 
   if (period && period[0] && period[1]) {
+    int i;
     time_t current_time = time(NULL);
     time_t begin_period = get_date(period[0], &current_time);
     time_t end_period   = get_date(period[1], &current_time);
 
     if ((current_time >= begin_period) && (current_time <= end_period)) {
+      connection_struct *conn = handle->conn;
+
       handle->conn->read_only = True;
+
+      /* Wipe out the VUID cache. */
+      for (i=0; i< VUID_CACHE_SIZE; i++) {
+        struct vuid_cache_entry *ent = ent = &conn->vuid_cache.array[i];
+        ent->vuid = UID_FIELD_INVALID;
+        TALLOC_FREE(ent->server_info);
+        ent->read_only = false;
+        ent->admin_user = false;
+      }
+      conn->vuid_cache.next_entry = 0;
     }
 
     return SMB_VFS_NEXT_CONNECT(handle, service, user);
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index f5f79c86e57..9dbacc29983 100644
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -252,9 +252,11 @@ bool user_ok_token(const char *username, const char *domain,
 
 bool is_share_read_only_for_token(const char *username,
 				  const char *domain,
-				  struct nt_user_token *token, int snum)
+				  struct nt_user_token *token,
+				  connection_struct *conn)
 {
-	bool result = lp_readonly(snum);
+	int snum = SNUM(conn);
+	bool result = conn->read_only;
 
 	if (lp_readlist(snum) != NULL) {
 		if (token_contains_name_in_list(username, domain,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 045de6f2d32..c238f40cfdb 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -88,7 +88,8 @@ static bool check_user_ok(connection_struct *conn, uint16_t vuid,
 	readonly_share = is_share_read_only_for_token(
 		server_info->unix_name,
 		pdb_get_domain(server_info->sam_account),
-		server_info->ptok, snum);
+		server_info->ptok,
+		conn);
 
 	if (!readonly_share &&
 	    !share_access_check(server_info->ptok, lp_servicename(snum),
-- 
2.34.1