#include "ctdbd_conn.h"
#include "../lib/util/util_pw.h"
#include "messages.h"
+#include <ccan/hash/hash.h>
+#include "libcli/security/security.h"
+#include "serverid.h"
+
+#ifdef HAVE_SYS_PRCTL_H
+#include <sys/prctl.h>
+#endif
/* Max allowable allococation - 256mb - 0x10000000 */
#define MAX_ALLOC_SIZE (1024*1024*256)
return sbuf->st_ex_size;
}
-/*******************************************************************
- Returns the size in bytes of the named file.
-********************************************************************/
+/****************************************************************************
+ Check two stats have identical dev and ino fields.
+****************************************************************************/
-SMB_OFF_T get_file_size(char *file_name)
+bool check_same_dev_ino(const SMB_STRUCT_STAT *sbuf1,
+ const SMB_STRUCT_STAT *sbuf2)
{
- SMB_STRUCT_STAT buf;
- buf.st_ex_size = 0;
- if (sys_stat(file_name, &buf, false) != 0)
- return (SMB_OFF_T)-1;
- return get_file_size_stat(&buf);
+ if (sbuf1->st_ex_dev != sbuf2->st_ex_dev ||
+ sbuf1->st_ex_ino != sbuf2->st_ex_ino) {
+ return false;
+ }
+ return true;
+}
+
+/****************************************************************************
+ Check if a stat struct is identical for use.
+****************************************************************************/
+
+bool check_same_stat(const SMB_STRUCT_STAT *sbuf1,
+ const SMB_STRUCT_STAT *sbuf2)
+{
+ if (sbuf1->st_ex_uid != sbuf2->st_ex_uid ||
+ sbuf1->st_ex_gid != sbuf2->st_ex_gid ||
+ !check_same_dev_ino(sbuf1, sbuf2)) {
+ return false;
+ }
+ return true;
}
/*******************************************************************
dump_data(10, (const uint8 *)smb_buf_const(buf), bcc);
}
-/*******************************************************************
- Set the length and marker of an encrypted smb packet.
-********************************************************************/
-
-void smb_set_enclen(char *buf,int len,uint16 enc_ctx_num)
-{
- _smb_setlen(buf,len);
-
- SCVAL(buf,4,0xFF);
- SCVAL(buf,5,'E');
- SSVAL(buf,6,enc_ctx_num);
-}
-
-/*******************************************************************
- Set the length and marker of an smb packet.
-********************************************************************/
-
-void smb_setlen(char *buf,int len)
-{
- _smb_setlen(buf,len);
-
- SCVAL(buf,4,0xFF);
- SCVAL(buf,5,'S');
- SCVAL(buf,6,'M');
- SCVAL(buf,7,'B');
-}
-
/*******************************************************************
Setup only the byte count for a smb message.
********************************************************************/
size_t newlen = smb_len(*outbuf) + 4 + blob.length;
uint8 *tmp;
- if (!(tmp = TALLOC_REALLOC_ARRAY(NULL, *outbuf, uint8, newlen))) {
+ if (!(tmp = talloc_realloc(NULL, *outbuf, uint8, newlen))) {
DEBUG(0, ("talloc failed\n"));
return -1;
}
Write data into an fd at a given offset. Ignore seek errors.
********************************************************************/
-ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, SMB_OFF_T pos)
+ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, off_t pos)
{
size_t total=0;
ssize_t ret;
- if (pos == (SMB_OFF_T)-1) {
+ if (pos == (off_t)-1) {
return write_data(fd, buffer, N);
}
#if defined(HAVE_PWRITE) || defined(HAVE_PRWITE64)
return (ssize_t)total;
#else
/* Use lseek and write_data. */
- if (sys_lseek(fd, pos, SEEK_SET) == -1) {
+ if (lseek(fd, pos, SEEK_SET) == -1) {
if (errno != ESPIPE) {
return -1;
}
#endif
}
+static int reinit_after_fork_pipe[2] = { -1, -1 };
+
+NTSTATUS init_before_fork(void)
+{
+ int ret;
+
+ ret = pipe(reinit_after_fork_pipe);
+ if (ret == -1) {
+ NTSTATUS status;
+
+ status = map_nt_error_from_unix_common(errno);
+
+ DEBUG(0, ("Error creating child_pipe: %s\n",
+ nt_errstr(status)));
+
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * Detect died parent by detecting EOF on the pipe
+ */
+static void reinit_after_fork_pipe_handler(struct tevent_context *ev,
+ struct tevent_fd *fde,
+ uint16_t flags,
+ void *private_data)
+{
+ char c;
+
+ if (sys_read(reinit_after_fork_pipe[0], &c, 1) != 1) {
+ /*
+ * we have reached EOF on stdin, which means the
+ * parent has exited. Shutdown the server
+ */
+ (void)kill(getpid(), SIGTERM);
+ }
+}
+
NTSTATUS reinit_after_fork(struct messaging_context *msg_ctx,
- struct event_context *ev_ctx,
- struct server_id id,
+ struct tevent_context *ev_ctx,
bool parent_longlived)
{
NTSTATUS status = NT_STATUS_OK;
+ if (reinit_after_fork_pipe[1] != -1) {
+ close(reinit_after_fork_pipe[1]);
+ reinit_after_fork_pipe[1] = -1;
+ }
+
/* Reset the state of the random
* number generation system, so
* children do not get the same random
set_need_random_reseed();
/* tdb needs special fork handling */
- if (tdb_reopen_all(parent_longlived ? 1 : 0) == -1) {
+ if (tdb_reopen_all(parent_longlived ? 1 : 0) != 0) {
DEBUG(0,("tdb_reopen_all failed.\n"));
status = NT_STATUS_OPEN_FAILED;
goto done;
smb_panic(__location__ ": Failed to re-initialise event context");
}
+ if (reinit_after_fork_pipe[0] != -1) {
+ struct tevent_fd *fde;
+
+ fde = tevent_add_fd(ev_ctx, ev_ctx /* TALLOC_CTX */,
+ reinit_after_fork_pipe[0], TEVENT_FD_READ,
+ reinit_after_fork_pipe_handler, NULL);
+ if (fde == NULL) {
+ smb_panic(__location__ ": Failed to add reinit_after_fork pipe event");
+ }
+ }
+
if (msg_ctx) {
/*
* For clustering, we need to re-init our ctdbd connection after the
* fork
*/
- status = messaging_reinit(msg_ctx, id);
+ status = messaging_reinit(msg_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("messaging_reinit() failed: %s\n",
nt_errstr(status)));
}
}
-/****************************************************************************
- Interpret a protocol description string, with a default.
-****************************************************************************/
-
-int interpret_protocol(const char *str,int def)
-{
- if (strequal(str,"NT1"))
- return(PROTOCOL_NT1);
- if (strequal(str,"LANMAN2"))
- return(PROTOCOL_LANMAN2);
- if (strequal(str,"LANMAN1"))
- return(PROTOCOL_LANMAN1);
- if (strequal(str,"CORE"))
- return(PROTOCOL_CORE);
- if (strequal(str,"COREPLUS"))
- return(PROTOCOL_COREPLUS);
- if (strequal(str,"CORE+"))
- return(PROTOCOL_COREPLUS);
-
- DEBUG(0,("Unrecognised protocol level %s\n",str));
-
- return(def);
-}
-
-
#if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
/******************************************************************
Remove any mount options such as -rsize=2048,wsize=2048 etc.
{
char *value = NULL;
- char *nis_map = (char *)lp_nis_home_map_name();
+ char *nis_map = (char *)lp_homedir_map();
char buffer[NIS_MAXATTRVAL + 1];
nis_result *result;
char *nis_result; /* yp_match inits this */
int nis_result_len; /* and set this */
char *nis_domain; /* yp_get_default_domain inits this */
- char *nis_map = (char *)lp_nis_home_map_name();
+ char *nis_map = lp_homedir_map(talloc_tos());
if ((nis_error = yp_get_default_domain(&nis_domain)) != 0) {
DEBUG(3, ("YP Error: %s\n", yperr_string(nis_error)));
#endif /* WITH_NISPLUS_HOME */
#endif
-/****************************************************************************
- Check if a process exists. Does this work on all unixes?
-****************************************************************************/
-
bool process_exists(const struct server_id pid)
{
- if (procid_is_me(&pid)) {
- return True;
- }
-
- if (procid_is_local(&pid)) {
- return (kill(pid.pid,0) == 0 || errno != ESRCH);
- }
-
-#ifdef CLUSTER_SUPPORT
- return ctdbd_process_exists(messaging_ctdbd_connection(),
- pid.vnn, pid.pid);
-#else
- return False;
-#endif
+ return serverid_exists(&pid);
}
/*******************************************************************
if ((p != name) && (*p == '\0'))
return g;
- grp = sys_getgrnam(name);
+ grp = getgrnam(name);
if (grp)
return(grp->gr_gid);
return (gid_t)-1;
int result;
DEBUG(0,("PANIC (pid %llu): %s\n",
- (unsigned long long)sys_getpid(), why));
+ (unsigned long long)getpid(), why));
log_stack_trace();
- cmd = lp_panic_action();
+#if defined(HAVE_PRCTL) && defined(PR_SET_PTRACER)
+ /*
+ * Make sure all children can attach a debugger.
+ */
+ prctl(PR_SET_PTRACER, getpid(), 0, 0, 0);
+#endif
+
+ cmd = lp_panic_action(talloc_tos());
if (cmd && *cmd) {
DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmd));
result = system(cmd);
A readdir wrapper which just returns the file name.
********************************************************************/
-const char *readdirname(SMB_STRUCT_DIR *p)
+const char *readdirname(DIR *p)
{
- SMB_STRUCT_DIRENT *ptr;
+ struct dirent *ptr;
char *dname;
if (!p)
return(NULL);
- ptr = (SMB_STRUCT_DIRENT *)sys_readdir(p);
+ ptr = (struct dirent *)readdir(p);
if (!ptr)
return(NULL);
F_UNLCK in *ptype if the region is unlocked). False if the call failed.
****************************************************************************/
-bool fcntl_getlock(int fd, SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
+bool fcntl_getlock(int fd, off_t *poffset, off_t *pcount, int *ptype, pid_t *ppid)
{
- SMB_STRUCT_FLOCK lock;
+ struct flock lock;
int ret;
DEBUG(8,("fcntl_getlock fd=%d offset=%.0f count=%.0f type=%d\n",
lock.l_len = *pcount;
lock.l_pid = 0;
- ret = sys_fcntl_ptr(fd,SMB_F_GETLK,&lock);
+ ret = sys_fcntl_ptr(fd,F_GETLK,&lock);
if (ret == -1) {
int sav = errno;
return(ret);
}
-/*******************************************************************
- Is the name specified our workgroup/domain.
- Returns true if it is equal, false otherwise.
-********************************************************************/
-
-bool is_myworkgroup(const char *s)
-{
- bool ret = False;
-
- if (strequal(s, lp_workgroup())) {
- ret=True;
- }
-
- DEBUG(8, ("is_myworkgroup(\"%s\") returns %d\n", s, ret));
- return(ret);
-}
-
/*******************************************************************
we distinguish between 2K and XP by the "Native Lan Manager" string
WinXP => "Windows 2002 5.1"
int str_checksum(const char *s)
{
- TDB_DATA key = string_tdb_data(s);
- return tdb_jenkins_hash(&key);
+ if (s == NULL)
+ return 0;
+ return hash(s, strlen(s), 0);
}
/*****************************************************************
return ret;
}
+/*****************************************************************
+ Get local hostname and cache result.
+*****************************************************************/
+
+char *myhostname_upper(void)
+{
+ static char *ret;
+ if (ret == NULL) {
+ char *name = get_myname(NULL);
+ if (name == NULL) {
+ return NULL;
+ }
+ ret = strupper_talloc(NULL, name);
+ talloc_free(name);
+ }
+ return ret;
+}
+
/**
* @brief Returns an absolute path to a file concatenating the provided
* @a rootpath and @a basename
trim_string(fname,"","/");
if (!directory_exist(fname)) {
- if (!mkdir(fname,0755))
- DEBUG(1, ("Unable to create directory %s for file %s. "
- "Error was %s\n", fname, name, strerror(errno)));
+ if (mkdir(fname,0755) == -1) {
+ /* Did someone else win the race ? */
+ if (errno != EEXIST) {
+ DEBUG(1, ("Unable to create directory %s for file %s. "
+ "Error was %s\n", fname, name, strerror(errno)));
+ return NULL;
+ }
+ }
}
- return talloc_asprintf(talloc_tos(),
- "%s/%s",
- fname,
- name);
+ return talloc_asprintf_append(fname, "/%s", name);
}
/**
char *lock_path(const char *name)
{
- return xx_path(name, lp_lockdir());
-}
-
-/**
- * @brief Returns an absolute path to a file in the Samba pid directory.
- *
- * @param name File to find, relative to PIDDIR.
- *
- * @retval Pointer to a talloc'ed string containing the full path.
- **/
-
-char *pid_path(const char *name)
-{
- return xx_path(name, lp_piddir());
+ return xx_path(name, lp_lock_directory());
}
/**
char *state_path(const char *name)
{
- return xx_path(name, lp_statedir());
+ return xx_path(name, lp_state_directory());
}
/**
char *cache_path(const char *name)
{
- return xx_path(name, lp_cachedir());
+ return xx_path(name, lp_cache_directory());
}
/*******************************************************************
len = p-dir;
- if (!(*parent = (char *)TALLOC_MEMDUP(mem_ctx, dir, len+1))) {
+ if (!(*parent = (char *)talloc_memdup(mem_ctx, dir, len+1))) {
return False;
}
(*parent)[len] = '\0';
TALLOC_FREE(ctx);
return false;
}
- strlower_m(p2);
- strlower_m(s2);
+ if (!strlower_m(p2)) {
+ TALLOC_FREE(ctx);
+ return false;
+ }
+ if (!strlower_m(s2)) {
+ TALLOC_FREE(ctx);
+ return false;
+ }
/* Remove any *? and ** from the pattern as they are meaningless */
for(p = p2; *p; p++) {
void set_my_vnn(uint32 vnn)
{
- DEBUG(10, ("vnn pid %d = %u\n", (int)sys_getpid(), (unsigned int)vnn));
+ DEBUG(10, ("vnn pid %d = %u\n", (int)getpid(), (unsigned int)vnn));
my_vnn = vnn;
}
{
struct server_id result;
result.pid = pid;
+ result.task_id = 0;
result.unique_id = my_unique_id;
result.vnn = my_vnn;
return result;
struct server_id procid_self(void)
{
- return pid_to_procid(sys_getpid());
+ return pid_to_procid(getpid());
}
-bool procid_equal(const struct server_id *p1, const struct server_id *p2)
+static struct idr_context *task_id_tree;
+
+static int free_task_id(struct server_id *server_id)
{
- if (p1->pid != p2->pid)
- return False;
- if (p1->vnn != p2->vnn)
- return False;
- return True;
+ idr_remove(task_id_tree, server_id->task_id);
+ return 0;
}
-bool cluster_id_equal(const struct server_id *id1,
- const struct server_id *id2)
+/* Return a server_id with a unique task_id element. Free the
+ * returned pointer to de-allocate the task_id via a talloc destructor
+ * (ie, use talloc_free()) */
+struct server_id *new_server_id_task(TALLOC_CTX *mem_ctx)
{
- return procid_equal(id1, id2);
+ struct server_id *server_id;
+ int task_id;
+ if (!task_id_tree) {
+ task_id_tree = idr_init(NULL);
+ if (!task_id_tree) {
+ return NULL;
+ }
+ }
+
+ server_id = talloc(mem_ctx, struct server_id);
+
+ if (!server_id) {
+ return NULL;
+ }
+ *server_id = procid_self();
+
+ /* 0 is the default server_id, so we need to start with 1 */
+ task_id = idr_get_new_above(task_id_tree, server_id, 1, INT32_MAX);
+
+ if (task_id == -1) {
+ talloc_free(server_id);
+ return NULL;
+ }
+
+ talloc_set_destructor(server_id, free_task_id);
+ server_id->task_id = task_id;
+ return server_id;
}
bool procid_is_me(const struct server_id *pid)
{
- if (pid->pid != sys_getpid())
+ if (pid->pid != getpid())
+ return False;
+ if (pid->task_id != 0)
return False;
if (pid->vnn != my_vnn)
return False;
struct server_id interpret_pid(const char *pid_string)
{
- struct server_id result;
- int pid;
- unsigned int vnn;
- if (sscanf(pid_string, "%u:%d", &vnn, &pid) == 2) {
- result.vnn = vnn;
- result.pid = pid;
- }
- else if (sscanf(pid_string, "%d", &pid) == 1) {
- result.vnn = get_my_vnn();
- result.pid = pid;
- }
- else {
- result.vnn = NONCLUSTER_VNN;
- result.pid = -1;
- }
- /* Assigning to result.pid may have overflowed
- Map negative pid to -1: i.e. error */
- if (result.pid < 0) {
- result.pid = -1;
- }
- result.unique_id = 0;
- return result;
-}
-
-char *procid_str(TALLOC_CTX *mem_ctx, const struct server_id *pid)
-{
- if (pid->vnn == NONCLUSTER_VNN) {
- return talloc_asprintf(mem_ctx,
- "%d",
- (int)pid->pid);
- }
- else {
- return talloc_asprintf(mem_ctx,
- "%u:%d",
- (unsigned)pid->vnn,
- (int)pid->pid);
- }
+ return server_id_from_string(get_my_vnn(), pid_string);
}
char *procid_str_static(const struct server_id *pid)
{
- return procid_str(talloc_tos(), pid);
+ return server_id_str(talloc_tos(), pid);
}
bool procid_valid(const struct server_id *pid)
{
- return (pid->pid != -1);
+ return (pid->pid != (uint64_t)-1);
}
bool procid_is_local(const struct server_id *pid)
return pid->vnn == my_vnn;
}
-/****************************************************************
- Check if offset/length fit into bufsize. Should probably be
- merged with is_offset_safe, but this would require a rewrite
- of lanman.c. Later :-)
-****************************************************************/
-
-bool trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length)
-{
- if ((offset + length < offset) || (offset + length < length)) {
- /* wrap */
- return true;
- }
- if ((offset > bufsize) || (offset + length > bufsize)) {
- /* overflow */
- return true;
- }
- return false;
-}
-
/****************************************************************
Check if an offset into a buffer is safe.
If this returns True it's safe to indirect into the byte at
return s;
}
-bool tevent_req_poll_ntstatus(struct tevent_req *req,
- struct tevent_context *ev,
- NTSTATUS *status)
-{
- bool ret = tevent_req_poll(req, ev);
- if (!ret) {
- *status = map_nt_error_from_unix(errno);
- }
- return ret;
-}
-
bool any_nt_status_not_ok(NTSTATUS err1, NTSTATUS err2, NTSTATUS *result)
{
if (!NT_STATUS_IS_OK(err1)) {
return ptr;
}
+
+/*******************************************************************
+ Return True if the filename is one of the special executable types.
+********************************************************************/
+
+bool is_executable(const char *fname)
+{
+ if ((fname = strrchr_m(fname,'.'))) {
+ if (strequal(fname,".com") ||
+ strequal(fname,".dll") ||
+ strequal(fname,".exe") ||
+ strequal(fname,".sym")) {
+ return True;
+ }
+ }
+ return False;
+}
+
+/****************************************************************************
+ Open a file with a share mode - old openX method - map into NTCreate.
+****************************************************************************/
+
+bool map_open_params_to_ntcreate(const char *smb_base_fname,
+ int deny_mode, int open_func,
+ uint32 *paccess_mask,
+ uint32 *pshare_mode,
+ uint32 *pcreate_disposition,
+ uint32 *pcreate_options,
+ uint32_t *pprivate_flags)
+{
+ uint32 access_mask;
+ uint32 share_mode;
+ uint32 create_disposition;
+ uint32 create_options = FILE_NON_DIRECTORY_FILE;
+ uint32_t private_flags = 0;
+
+ DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
+ "open_func = 0x%x\n",
+ smb_base_fname, (unsigned int)deny_mode,
+ (unsigned int)open_func ));
+
+ /* Create the NT compatible access_mask. */
+ switch (GET_OPENX_MODE(deny_mode)) {
+ case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
+ case DOS_OPEN_RDONLY:
+ access_mask = FILE_GENERIC_READ;
+ break;
+ case DOS_OPEN_WRONLY:
+ access_mask = FILE_GENERIC_WRITE;
+ break;
+ case DOS_OPEN_RDWR:
+ case DOS_OPEN_FCB:
+ access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
+ break;
+ default:
+ DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
+ (unsigned int)GET_OPENX_MODE(deny_mode)));
+ return False;
+ }
+
+ /* Create the NT compatible create_disposition. */
+ switch (open_func) {
+ case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
+ create_disposition = FILE_CREATE;
+ break;
+
+ case OPENX_FILE_EXISTS_OPEN:
+ create_disposition = FILE_OPEN;
+ break;
+
+ case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
+ create_disposition = FILE_OPEN_IF;
+ break;
+
+ case OPENX_FILE_EXISTS_TRUNCATE:
+ create_disposition = FILE_OVERWRITE;
+ break;
+
+ case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
+ create_disposition = FILE_OVERWRITE_IF;
+ break;
+
+ default:
+ /* From samba4 - to be confirmed. */
+ if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
+ create_disposition = FILE_CREATE;
+ break;
+ }
+ DEBUG(10,("map_open_params_to_ntcreate: bad "
+ "open_func 0x%x\n", (unsigned int)open_func));
+ return False;
+ }
+
+ /* Create the NT compatible share modes. */
+ switch (GET_DENY_MODE(deny_mode)) {
+ case DENY_ALL:
+ share_mode = FILE_SHARE_NONE;
+ break;
+
+ case DENY_WRITE:
+ share_mode = FILE_SHARE_READ;
+ break;
+
+ case DENY_READ:
+ share_mode = FILE_SHARE_WRITE;
+ break;
+
+ case DENY_NONE:
+ share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
+ break;
+
+ case DENY_DOS:
+ private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
+ if (is_executable(smb_base_fname)) {
+ share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
+ } else {
+ if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
+ share_mode = FILE_SHARE_READ;
+ } else {
+ share_mode = FILE_SHARE_NONE;
+ }
+ }
+ break;
+
+ case DENY_FCB:
+ private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
+ share_mode = FILE_SHARE_NONE;
+ break;
+
+ default:
+ DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
+ (unsigned int)GET_DENY_MODE(deny_mode) ));
+ return False;
+ }
+
+ DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
+ "share_mode = 0x%x, create_disposition = 0x%x, "
+ "create_options = 0x%x private_flags = 0x%x\n",
+ smb_base_fname,
+ (unsigned int)access_mask,
+ (unsigned int)share_mode,
+ (unsigned int)create_disposition,
+ (unsigned int)create_options,
+ (unsigned int)private_flags));
+
+ if (paccess_mask) {
+ *paccess_mask = access_mask;
+ }
+ if (pshare_mode) {
+ *pshare_mode = share_mode;
+ }
+ if (pcreate_disposition) {
+ *pcreate_disposition = create_disposition;
+ }
+ if (pcreate_options) {
+ *pcreate_options = create_options;
+ }
+ if (pprivate_flags) {
+ *pprivate_flags = private_flags;
+ }
+
+ return True;
+
+}
+
+/*************************************************************************
+ Return a talloced copy of a struct security_unix_token. NULL on fail.
+*************************************************************************/
+
+struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct security_unix_token *tok)
+{
+ struct security_unix_token *cpy;
+
+ cpy = talloc(ctx, struct security_unix_token);
+ if (!cpy) {
+ return NULL;
+ }
+
+ cpy->uid = tok->uid;
+ cpy->gid = tok->gid;
+ cpy->ngroups = tok->ngroups;
+ if (tok->ngroups) {
+ /* Make this a talloc child of cpy. */
+ cpy->groups = (gid_t *)talloc_memdup(
+ cpy, tok->groups, tok->ngroups * sizeof(gid_t));
+ if (!cpy->groups) {
+ TALLOC_FREE(cpy);
+ return NULL;
+ }
+ } else {
+ cpy->groups = NULL;
+ }
+ return cpy;
+}
+
+/****************************************************************************
+ Check that a file matches a particular file type.
+****************************************************************************/
+
+bool dir_check_ftype(uint32_t mode, uint32_t dirtype)
+{
+ uint32_t mask;
+
+ /* Check the "may have" search bits. */
+ if (((mode & ~dirtype) &
+ (FILE_ATTRIBUTE_HIDDEN |
+ FILE_ATTRIBUTE_SYSTEM |
+ FILE_ATTRIBUTE_DIRECTORY)) != 0) {
+ return false;
+ }
+
+ /* Check the "must have" bits,
+ which are the may have bits shifted eight */
+ /* If must have bit is set, the file/dir can
+ not be returned in search unless the matching
+ file attribute is set */
+ mask = ((dirtype >> 8) & (FILE_ATTRIBUTE_DIRECTORY|
+ FILE_ATTRIBUTE_ARCHIVE|
+ FILE_ATTRIBUTE_READONLY|
+ FILE_ATTRIBUTE_HIDDEN|
+ FILE_ATTRIBUTE_SYSTEM)); /* & 0x37 */
+ if(mask) {
+ if((mask & (mode & (FILE_ATTRIBUTE_DIRECTORY|
+ FILE_ATTRIBUTE_ARCHIVE|
+ FILE_ATTRIBUTE_READONLY|
+ FILE_ATTRIBUTE_HIDDEN|
+ FILE_ATTRIBUTE_SYSTEM))) == mask) {
+ /* check if matching attribute present */
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ return true;
+}