#include "ctdbd_conn.h"
#include "../lib/util/util_pw.h"
#include "messages.h"
-#include <ccan/hash/hash.h>
+#include "messages_dgm.h"
+#include "libcli/security/security.h"
+#include "serverid.h"
+#include "lib/util/sys_rw.h"
+#include "lib/util/sys_rw_data.h"
+#include "lib/util/util_process.h"
+
+#ifdef HAVE_SYS_PRCTL_H
+#include <sys/prctl.h>
+#endif
/* Max allowable allococation - 256mb - 0x10000000 */
#define MAX_ALLOC_SIZE (1024*1024*256)
return sbuf->st_ex_size;
}
-/*******************************************************************
- Returns the size in bytes of the named file.
-********************************************************************/
+/****************************************************************************
+ Check two stats have identical dev and ino fields.
+****************************************************************************/
+
+bool check_same_dev_ino(const SMB_STRUCT_STAT *sbuf1,
+ const SMB_STRUCT_STAT *sbuf2)
+{
+ if (sbuf1->st_ex_dev != sbuf2->st_ex_dev ||
+ sbuf1->st_ex_ino != sbuf2->st_ex_ino) {
+ return false;
+ }
+ return true;
+}
+
+/****************************************************************************
+ Check if a stat struct is identical for use.
+****************************************************************************/
-SMB_OFF_T get_file_size(char *file_name)
+bool check_same_stat(const SMB_STRUCT_STAT *sbuf1,
+ const SMB_STRUCT_STAT *sbuf2)
{
- SMB_STRUCT_STAT buf;
- buf.st_ex_size = 0;
- if (sys_stat(file_name, &buf, false) != 0)
- return (SMB_OFF_T)-1;
- return get_file_size_stat(&buf);
+ if (sbuf1->st_ex_uid != sbuf2->st_ex_uid ||
+ sbuf1->st_ex_gid != sbuf2->st_ex_gid ||
+ !check_same_dev_ino(sbuf1, sbuf2)) {
+ return false;
+ }
+ return true;
}
/*******************************************************************
if (DEBUGLEVEL < 50)
bcc = MIN(bcc, 512);
- dump_data(10, (const uint8 *)smb_buf_const(buf), bcc);
-}
-
-/*******************************************************************
- Set the length and marker of an encrypted smb packet.
-********************************************************************/
-
-void smb_set_enclen(char *buf,int len,uint16 enc_ctx_num)
-{
- _smb_setlen(buf,len);
-
- SCVAL(buf,4,0xFF);
- SCVAL(buf,5,'E');
- SSVAL(buf,6,enc_ctx_num);
-}
-
-/*******************************************************************
- Set the length and marker of an smb packet.
-********************************************************************/
-
-void smb_setlen(char *buf,int len)
-{
- _smb_setlen(buf,len);
-
- SCVAL(buf,4,0xFF);
- SCVAL(buf,5,'S');
- SCVAL(buf,6,'M');
- SCVAL(buf,7,'B');
+ dump_data(10, (const uint8_t *)smb_buf_const(buf), bcc);
}
/*******************************************************************
Return the bytes added
********************************************************************/
-ssize_t message_push_blob(uint8 **outbuf, DATA_BLOB blob)
+ssize_t message_push_blob(uint8_t **outbuf, DATA_BLOB blob)
{
size_t newlen = smb_len(*outbuf) + 4 + blob.length;
- uint8 *tmp;
+ uint8_t *tmp;
- if (!(tmp = talloc_realloc(NULL, *outbuf, uint8, newlen))) {
+ if (!(tmp = talloc_realloc(NULL, *outbuf, uint8_t, newlen))) {
DEBUG(0, ("talloc failed\n"));
return -1;
}
Write data into an fd at a given offset. Ignore seek errors.
********************************************************************/
-ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, SMB_OFF_T pos)
+ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, off_t pos)
{
size_t total=0;
ssize_t ret;
- if (pos == (SMB_OFF_T)-1) {
+ if (pos == (off_t)-1) {
return write_data(fd, buffer, N);
}
#if defined(HAVE_PWRITE) || defined(HAVE_PRWITE64)
return (ssize_t)total;
#else
/* Use lseek and write_data. */
- if (sys_lseek(fd, pos, SEEK_SET) == -1) {
+ if (lseek(fd, pos, SEEK_SET) == -1) {
if (errno != ESPIPE) {
return -1;
}
#endif
}
+static int reinit_after_fork_pipe[2] = { -1, -1 };
+
+NTSTATUS init_before_fork(void)
+{
+ int ret;
+
+ ret = pipe(reinit_after_fork_pipe);
+ if (ret == -1) {
+ NTSTATUS status;
+
+ status = map_nt_error_from_unix_common(errno);
+
+ DEBUG(0, ("Error creating child_pipe: %s\n",
+ nt_errstr(status)));
+
+ return status;
+ }
+
+ return NT_STATUS_OK;
+}
+
+/**
+ * Detect died parent by detecting EOF on the pipe
+ */
+static void reinit_after_fork_pipe_handler(struct tevent_context *ev,
+ struct tevent_fd *fde,
+ uint16_t flags,
+ void *private_data)
+{
+ char c;
+
+ if (sys_read(reinit_after_fork_pipe[0], &c, 1) != 1) {
+ /*
+ * we have reached EOF on stdin, which means the
+ * parent has exited. Shutdown the server
+ */
+ (void)kill(getpid(), SIGTERM);
+ }
+}
+
NTSTATUS reinit_after_fork(struct messaging_context *msg_ctx,
- struct event_context *ev_ctx,
- struct server_id id,
- bool parent_longlived)
+ struct tevent_context *ev_ctx,
+ bool parent_longlived,
+ const char *comment)
{
NTSTATUS status = NT_STATUS_OK;
- /* Reset the state of the random
- * number generation system, so
- * children do not get the same random
- * numbers as each other */
- set_need_random_reseed();
+ if (reinit_after_fork_pipe[1] != -1) {
+ close(reinit_after_fork_pipe[1]);
+ reinit_after_fork_pipe[1] = -1;
+ }
/* tdb needs special fork handling */
if (tdb_reopen_all(parent_longlived ? 1 : 0) != 0) {
goto done;
}
- if (ev_ctx && tevent_re_initialise(ev_ctx) != 0) {
- smb_panic(__location__ ": Failed to re-initialise event context");
+ if (ev_ctx != NULL) {
+ tevent_set_trace_callback(ev_ctx, NULL, NULL);
+ if (tevent_re_initialise(ev_ctx) != 0) {
+ smb_panic(__location__ ": Failed to re-initialise event context");
+ }
+ }
+
+ if (reinit_after_fork_pipe[0] != -1) {
+ struct tevent_fd *fde;
+
+ fde = tevent_add_fd(ev_ctx, ev_ctx /* TALLOC_CTX */,
+ reinit_after_fork_pipe[0], TEVENT_FD_READ,
+ reinit_after_fork_pipe_handler, NULL);
+ if (fde == NULL) {
+ smb_panic(__location__ ": Failed to add reinit_after_fork pipe event");
+ }
}
if (msg_ctx) {
* For clustering, we need to re-init our ctdbd connection after the
* fork
*/
- status = messaging_reinit(msg_ctx, id);
+ status = messaging_reinit(msg_ctx);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(0,("messaging_reinit() failed: %s\n",
nt_errstr(status)));
}
}
+
+ if (comment) {
+ prctl_set_comment(comment);
+ }
+
done:
return status;
}
****************************************************************************/
void add_to_large_array(TALLOC_CTX *mem_ctx, size_t element_size,
- void *element, void *_array, uint32 *num_elements,
+ void *element, void *_array, uint32_t *num_elements,
ssize_t *array_size)
{
void **array = (void **)_array;
}
}
-/****************************************************************************
- Interpret a protocol description string, with a default.
-****************************************************************************/
-
-int interpret_protocol(const char *str,int def)
-{
- if (strequal(str,"NT1"))
- return(PROTOCOL_NT1);
- if (strequal(str,"LANMAN2"))
- return(PROTOCOL_LANMAN2);
- if (strequal(str,"LANMAN1"))
- return(PROTOCOL_LANMAN1);
- if (strequal(str,"CORE"))
- return(PROTOCOL_CORE);
- if (strequal(str,"COREPLUS"))
- return(PROTOCOL_COREPLUS);
- if (strequal(str,"CORE+"))
- return(PROTOCOL_COREPLUS);
-
- DEBUG(0,("Unrecognised protocol level %s\n",str));
-
- return(def);
-}
-
-
#if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
/******************************************************************
Remove any mount options such as -rsize=2048,wsize=2048 etc.
{
char *value = NULL;
- char *nis_map = (char *)lp_nis_home_map_name();
+ char *nis_map = (char *)lp_homedir_map();
char buffer[NIS_MAXATTRVAL + 1];
nis_result *result;
char *nis_result; /* yp_match inits this */
int nis_result_len; /* and set this */
char *nis_domain; /* yp_get_default_domain inits this */
- char *nis_map = (char *)lp_nis_home_map_name();
+ char *nis_map = lp_homedir_map(talloc_tos());
if ((nis_error = yp_get_default_domain(&nis_domain)) != 0) {
DEBUG(3, ("YP Error: %s\n", yperr_string(nis_error)));
#endif /* WITH_NISPLUS_HOME */
#endif
-/****************************************************************************
- Check if a process exists. Does this work on all unixes?
-****************************************************************************/
-
bool process_exists(const struct server_id pid)
{
- if (procid_is_me(&pid)) {
- return True;
- }
-
- if (procid_is_local(&pid)) {
- return (kill(pid.pid,0) == 0 || errno != ESRCH);
- }
-
-#ifdef CLUSTER_SUPPORT
- return ctdbd_process_exists(messaging_ctdbd_connection(),
- pid.vnn, pid.pid);
-#else
- return False;
-#endif
+ return serverid_exists(&pid);
}
/*******************************************************************
if ((p != name) && (*p == '\0'))
return g;
- grp = sys_getgrnam(name);
+ grp = getgrnam(name);
if (grp)
return(grp->gr_gid);
return (gid_t)-1;
int result;
DEBUG(0,("PANIC (pid %llu): %s\n",
- (unsigned long long)sys_getpid(), why));
+ (unsigned long long)getpid(), why));
log_stack_trace();
- cmd = lp_panic_action();
+#if defined(HAVE_PRCTL) && defined(PR_SET_PTRACER)
+ /*
+ * Make sure all children can attach a debugger.
+ */
+ prctl(PR_SET_PTRACER, getpid(), 0, 0, 0);
+#endif
+
+ cmd = lp_panic_action(talloc_tos());
if (cmd && *cmd) {
DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmd));
result = system(cmd);
A readdir wrapper which just returns the file name.
********************************************************************/
-const char *readdirname(SMB_STRUCT_DIR *p)
+const char *readdirname(DIR *p)
{
- SMB_STRUCT_DIRENT *ptr;
+ struct dirent *ptr;
char *dname;
if (!p)
return(NULL);
- ptr = (SMB_STRUCT_DIRENT *)sys_readdir(p);
+ ptr = (struct dirent *)readdir(p);
if (!ptr)
return(NULL);
{
char *name_end;
char *namelist;
+ char *namelist_end;
char *nameptr;
int num_entries = 0;
int i;
}
nameptr = namelist;
+ namelist_end = &namelist[strlen(namelist)];
+
/* We need to make two passes over the string. The
first to count the number of elements, the second
to split it.
*/
- while(*nameptr) {
+ while(nameptr <= namelist_end) {
if ( *nameptr == '/' ) {
/* cope with multiple (useless) /s) */
nameptr++;
/* find the next '/' or consume remaining */
name_end = strchr_m(nameptr, '/');
- if (name_end == NULL)
- name_end = (char *)nameptr + strlen(nameptr);
-
- /* next segment please */
- nameptr = name_end + 1;
+ if (name_end == NULL) {
+ /* Point nameptr at the terminating '\0' */
+ nameptr += strlen(nameptr);
+ } else {
+ /* next segment please */
+ nameptr = name_end + 1;
+ }
num_entries++;
}
/* Now copy out the names */
nameptr = namelist;
i = 0;
- while(*nameptr) {
+ while(nameptr <= namelist_end) {
if ( *nameptr == '/' ) {
/* cope with multiple (useless) /s) */
nameptr++;
/* find the next '/' or consume remaining */
name_end = strchr_m(nameptr, '/');
- if (name_end)
+ if (name_end != NULL) {
*name_end = '\0';
- else
- name_end = nameptr + strlen(nameptr);
+ }
(*ppname_array)[i].is_wild = ms_has_wild(nameptr);
if(((*ppname_array)[i].name = SMB_STRDUP(nameptr)) == NULL) {
return;
}
- /* next segment please */
- nameptr = name_end + 1;
+ if (name_end == NULL) {
+ /* Point nameptr at the terminating '\0' */
+ nameptr += strlen(nameptr);
+ } else {
+ /* next segment please */
+ nameptr = name_end + 1;
+ }
i++;
}
F_UNLCK in *ptype if the region is unlocked). False if the call failed.
****************************************************************************/
-bool fcntl_getlock(int fd, SMB_OFF_T *poffset, SMB_OFF_T *pcount, int *ptype, pid_t *ppid)
+bool fcntl_getlock(int fd, int op, off_t *poffset, off_t *pcount, int *ptype, pid_t *ppid)
{
- SMB_STRUCT_FLOCK lock;
+ struct flock lock;
int ret;
- DEBUG(8,("fcntl_getlock fd=%d offset=%.0f count=%.0f type=%d\n",
- fd,(double)*poffset,(double)*pcount,*ptype));
+ DEBUG(8,("fcntl_getlock fd=%d op=%d offset=%.0f count=%.0f type=%d\n",
+ fd,op,(double)*poffset,(double)*pcount,*ptype));
lock.l_type = *ptype;
lock.l_whence = SEEK_SET;
lock.l_len = *pcount;
lock.l_pid = 0;
- ret = sys_fcntl_ptr(fd,SMB_F_GETLK,&lock);
+ ret = sys_fcntl_ptr(fd,op,&lock);
if (ret == -1) {
int sav = errno;
return True;
}
+#if defined(HAVE_OFD_LOCKS)
+int map_process_lock_to_ofd_lock(int op, bool *use_ofd_locks)
+{
+ switch (op) {
+ case F_GETLK:
+ case F_OFD_GETLK:
+ op = F_OFD_GETLK;
+ break;
+ case F_SETLK:
+ case F_OFD_SETLK:
+ op = F_OFD_SETLK;
+ break;
+ case F_SETLKW:
+ case F_OFD_SETLKW:
+ op = F_OFD_SETLKW;
+ break;
+ default:
+ *use_ofd_locks = false;
+ return -1;
+ }
+ *use_ofd_locks = true;
+ return op;
+}
+#else /* HAVE_OFD_LOCKS */
+int map_process_lock_to_ofd_lock(int op, bool *use_ofd_locks)
+{
+ *use_ofd_locks = false;
+ return op;
+}
+#endif /* HAVE_OFD_LOCKS */
+
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_ALL
bool ret = False;
for (n=0; my_netbios_names(n); n++) {
- if (strequal(my_netbios_names(n), s)) {
+ const char *nbt_name = my_netbios_names(n);
+
+ if (strncasecmp_m(nbt_name, s, MAX_NETBIOSNAME_LEN-1) == 0) {
ret=True;
break;
}
return(ret);
}
-/*******************************************************************
- Is the name specified our workgroup/domain.
- Returns true if it is equal, false otherwise.
-********************************************************************/
-
-bool is_myworkgroup(const char *s)
-{
- bool ret = False;
-
- if (strequal(s, lp_workgroup())) {
- ret=True;
- }
-
- DEBUG(8, ("is_myworkgroup(\"%s\") returns %d\n", s, ret));
- return(ret);
-}
-
/*******************************************************************
we distinguish between 2K and XP by the "Native Lan Manager" string
WinXP => "Windows 2002 5.1"
set_remote_arch( RA_WIN2K3 );
}
-static const char *remote_arch_str;
+static const char *remote_arch_strings[] = {
+ [RA_UNKNOWN] = "UNKNOWN",
+ [RA_WFWG] = "WfWg",
+ [RA_OS2] = "OS2",
+ [RA_WIN95] = "Win95",
+ [RA_WINNT] = "WinNT",
+ [RA_WIN2K] = "Win2K",
+ [RA_WINXP] = "WinXP",
+ [RA_WIN2K3] = "Win2K3",
+ [RA_VISTA] = "Vista",
+ [RA_SAMBA] = "Samba",
+ [RA_CIFSFS] = "CIFSFS",
+ [RA_WINXP64] = "WinXP64",
+ [RA_OSX] = "OSX",
+};
const char *get_remote_arch_str(void)
{
- if (!remote_arch_str) {
- return "UNKNOWN";
+ if (ra_type >= ARRAY_SIZE(remote_arch_strings)) {
+ /*
+ * set_remote_arch() already checks this so ra_type
+ * should be in the allowed range, but anyway, let's
+ * do another bound check here.
+ */
+ DBG_ERR("Remote arch info out of sync [%d] missing\n", ra_type);
+ ra_type = RA_UNKNOWN;
+ }
+ return remote_arch_strings[ra_type];
+}
+
+enum remote_arch_types get_remote_arch_from_str(const char *remote_arch_string)
+{
+ int i;
+
+ for (i = 0; i < ARRAY_SIZE(remote_arch_strings); i++) {
+ if (strcmp(remote_arch_string, remote_arch_strings[i]) == 0) {
+ return i;
+ }
}
- return remote_arch_str;
+ return RA_UNKNOWN;
}
/*******************************************************************
void set_remote_arch(enum remote_arch_types type)
{
- ra_type = type;
- switch( type ) {
- case RA_WFWG:
- remote_arch_str = "WfWg";
- break;
- case RA_OS2:
- remote_arch_str = "OS2";
- break;
- case RA_WIN95:
- remote_arch_str = "Win95";
- break;
- case RA_WINNT:
- remote_arch_str = "WinNT";
- break;
- case RA_WIN2K:
- remote_arch_str = "Win2K";
- break;
- case RA_WINXP:
- remote_arch_str = "WinXP";
- break;
- case RA_WINXP64:
- remote_arch_str = "WinXP64";
- break;
- case RA_WIN2K3:
- remote_arch_str = "Win2K3";
- break;
- case RA_VISTA:
- remote_arch_str = "Vista";
- break;
- case RA_SAMBA:
- remote_arch_str = "Samba";
- break;
- case RA_CIFSFS:
- remote_arch_str = "CIFSFS";
- break;
- case RA_OSX:
- remote_arch_str = "OSX";
- break;
- default:
+ if (ra_type >= ARRAY_SIZE(remote_arch_strings)) {
+ /*
+ * This protects against someone adding values to enum
+ * remote_arch_types without updating
+ * remote_arch_strings array.
+ */
+ DBG_ERR("Remote arch info out of sync [%d] missing\n", ra_type);
ra_type = RA_UNKNOWN;
- remote_arch_str = "UNKNOWN";
- break;
+ return;
}
+ ra_type = type;
DEBUG(10,("set_remote_arch: Client arch is \'%s\'\n",
- remote_arch_str));
+ get_remote_arch_str()));
}
/*******************************************************************
return ra_type;
}
+#define RA_CACHE_TTL 7*24*3600
+
+static bool remote_arch_cache_key(const struct GUID *client_guid,
+ fstring key)
+{
+ struct GUID_txt_buf guid_buf;
+ const char *guid_string = NULL;
+
+ guid_string = GUID_buf_string(client_guid, &guid_buf);
+ if (guid_string == NULL) {
+ return false;
+ }
+
+ fstr_sprintf(key, "RA/%s", guid_string);
+ return true;
+}
+
+struct ra_parser_state {
+ bool found;
+ enum remote_arch_types ra;
+};
+
+static void ra_parser(time_t timeout, DATA_BLOB blob, void *priv_data)
+{
+ struct ra_parser_state *state = (struct ra_parser_state *)priv_data;
+ const char *ra_str = NULL;
+
+ if (timeout <= time(NULL)) {
+ return;
+ }
+
+ if ((blob.length == 0) || (blob.data[blob.length-1] != '\0')) {
+ DBG_ERR("Remote arch cache key not a string\n");
+ return;
+ }
+
+ ra_str = (const char *)blob.data;
+ DBG_INFO("Got remote arch [%s] from cache\n", ra_str);
+
+ state->ra = get_remote_arch_from_str(ra_str);
+ state->found = true;
+ return;
+}
+
+static bool remote_arch_cache_get(const struct GUID *client_guid)
+{
+ bool ok;
+ fstring ra_key;
+ struct ra_parser_state state = (struct ra_parser_state) {
+ .found = false,
+ .ra = RA_UNKNOWN,
+ };
+
+ ok = remote_arch_cache_key(client_guid, ra_key);
+ if (!ok) {
+ return false;
+ }
+
+ ok = gencache_parse(ra_key, ra_parser, &state);
+ if (!ok || !state.found) {
+ return true;
+ }
+
+ if (state.ra == RA_UNKNOWN) {
+ return true;
+ }
+
+ set_remote_arch(state.ra);
+ return true;
+}
+
+static bool remote_arch_cache_set(const struct GUID *client_guid)
+{
+ bool ok;
+ fstring ra_key;
+ const char *ra_str = NULL;
+
+ if (get_remote_arch() == RA_UNKNOWN) {
+ return true;
+ }
+
+ ok = remote_arch_cache_key(client_guid, ra_key);
+ if (!ok) {
+ return false;
+ }
+
+ ra_str = get_remote_arch_str();
+ if (ra_str == NULL) {
+ return false;
+ }
+
+ ok = gencache_set(ra_key, ra_str, time(NULL) + RA_CACHE_TTL);
+ if (!ok) {
+ return false;
+ }
+
+ return true;
+}
+
+bool remote_arch_cache_update(const struct GUID *client_guid)
+{
+ bool ok;
+
+ if (get_remote_arch() == RA_UNKNOWN) {
+
+ become_root();
+ ok = remote_arch_cache_get(client_guid);
+ unbecome_root();
+
+ return ok;
+ }
+
+ become_root();
+ ok = remote_arch_cache_set(client_guid);
+ unbecome_root();
+
+ return ok;
+}
+
+bool remote_arch_cache_delete(const struct GUID *client_guid)
+{
+ bool ok;
+ fstring ra_key;
+
+ ok = remote_arch_cache_key(client_guid, ra_key);
+ if (!ok) {
+ return false;
+ }
+
+ become_root();
+ ok = gencache_del(ra_key);
+ unbecome_root();
+
+ if (!ok) {
+ return false;
+ }
+
+ return true;
+}
+
const char *tab_depth(int level, int depth)
{
if( CHECK_DEBUGLVL(level) ) {
int str_checksum(const char *s)
{
+ TDB_DATA key;
if (s == NULL)
return 0;
- return hash(s, strlen(s), 0);
+
+ key = (TDB_DATA) { .dptr = discard_const_p(uint8_t, s),
+ .dsize = strlen(s) };
+
+ return tdb_jenkins_hash(&key);
}
/*****************************************************************
char *myhostname_upper(void)
{
- char *name;
static char *ret;
if (ret == NULL) {
- name = get_myname(talloc_tos());
+ char *name = get_myname(NULL);
+ if (name == NULL) {
+ return NULL;
+ }
ret = strupper_talloc(NULL, name);
talloc_free(name);
}
return ret;
}
-/**
- * @brief Returns an absolute path to a file concatenating the provided
- * @a rootpath and @a basename
- *
- * @param name Filename, relative to @a rootpath
- *
- * @retval Pointer to a string containing the full path.
- **/
-
-static char *xx_path(const char *name, const char *rootpath)
-{
- char *fname = NULL;
-
- fname = talloc_strdup(talloc_tos(), rootpath);
- if (!fname) {
- return NULL;
- }
- trim_string(fname,"","/");
-
- if (!directory_exist(fname)) {
- if (!mkdir(fname,0755))
- DEBUG(1, ("Unable to create directory %s for file %s. "
- "Error was %s\n", fname, name, strerror(errno)));
- }
-
- return talloc_asprintf(talloc_tos(),
- "%s/%s",
- fname,
- name);
-}
-
-/**
- * @brief Returns an absolute path to a file in the Samba lock directory.
- *
- * @param name File to find, relative to LOCKDIR.
- *
- * @retval Pointer to a talloc'ed string containing the full path.
- **/
-
-char *lock_path(const char *name)
-{
- return xx_path(name, lp_lockdir());
-}
-
-/**
- * @brief Returns an absolute path to a file in the Samba pid directory.
- *
- * @param name File to find, relative to PIDDIR.
- *
- * @retval Pointer to a talloc'ed string containing the full path.
- **/
-
-char *pid_path(const char *name)
-{
- return xx_path(name, lp_piddir());
-}
-
-/**
- * @brief Returns an absolute path to a file in the Samba state directory.
- *
- * @param name File to find, relative to STATEDIR.
- *
- * @retval Pointer to a talloc'ed string containing the full path.
- **/
-
-char *state_path(const char *name)
-{
- return xx_path(name, lp_statedir());
-}
-
-/**
- * @brief Returns an absolute path to a file in the Samba cache directory.
- *
- * @param name File to find, relative to CACHEDIR.
- *
- * @retval Pointer to a talloc'ed string containing the full path.
- **/
-
-char *cache_path(const char *name)
-{
- return xx_path(name, lp_cachedir());
-}
-
/*******************************************************************
Given a filename - get its directory name
********************************************************************/
{
char c;
- if (lp_posix_pathnames()) {
- /* With posix pathnames no characters are wild. */
- return False;
- }
-
while ((c = *s++)) {
switch (c) {
case '*':
TALLOC_FREE(ctx);
return false;
}
- strlower_m(p2);
- strlower_m(s2);
+ if (!strlower_m(p2)) {
+ TALLOC_FREE(ctx);
+ return false;
+ }
+ if (!strlower_m(s2)) {
+ TALLOC_FREE(ctx);
+ return false;
+ }
/* Remove any *? and ** from the pattern as they are meaningless */
for(p = p2; *p; p++) {
}
/**********************************************************************
- Converts a name to a fully qualified domain name.
- Returns true if lookup succeeded, false if not (then fqdn is set to name)
- Note we deliberately use gethostbyname here, not getaddrinfo as we want
- to examine the h_aliases and I don't know how to do that with getaddrinfo.
-***********************************************************************/
+ Converts a name to a fully qualified domain name.
+ Returns true if lookup succeeded, false if not (then fqdn is set to name)
+ Uses getaddrinfo() with AI_CANONNAME flag to obtain the official
+ canonical name of the host. getaddrinfo() may use a variety of sources
+ including /etc/hosts to obtain the domainname. It expects aliases in
+ /etc/hosts to NOT be the FQDN. The FQDN should come first.
+************************************************************************/
bool name_to_fqdn(fstring fqdn, const char *name)
{
char *full = NULL;
- struct hostent *hp = gethostbyname(name);
+ struct addrinfo hints;
+ struct addrinfo *result;
+ int s;
+
+ /* Configure hints to obtain canonical name */
+
+ memset(&hints, 0, sizeof(struct addrinfo));
+ hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */
+ hints.ai_socktype = SOCK_DGRAM; /* Datagram socket */
+ hints.ai_flags = AI_CANONNAME; /* Get host's FQDN */
+ hints.ai_protocol = 0; /* Any protocol */
- if (!hp || !hp->h_name || !*hp->h_name) {
+ s = getaddrinfo(name, NULL, &hints, &result);
+ if (s != 0) {
+ DEBUG(1, ("getaddrinfo: %s\n", gai_strerror(s)));
DEBUG(10,("name_to_fqdn: lookup for %s failed.\n", name));
fstrcpy(fqdn, name);
return false;
}
+ full = result->ai_canonname;
- /* Find out if the fqdn is returned as an alias
+ /* Find out if the FQDN is returned as an alias
* to cope with /etc/hosts files where the first
- * name is not the fqdn but the short name */
- if (hp->h_aliases && (! strchr_m(hp->h_name, '.'))) {
- int i;
- for (i = 0; hp->h_aliases[i]; i++) {
- if (strchr_m(hp->h_aliases[i], '.')) {
- full = hp->h_aliases[i];
- break;
- }
- }
+ * name is not the FQDN but the short name.
+ * getaddrinfo provides no easy way of handling aliases
+ * in /etc/hosts. Users should make sure the FQDN
+ * comes first in /etc/hosts. */
+ if (full && (! strchr_m(full, '.'))) {
+ DEBUG(1, ("WARNING: your /etc/hosts file may be broken!\n"));
+ DEBUGADD(1, (" Full qualified domain names (FQDNs) should not be specified\n"));
+ DEBUGADD(1, (" as an alias in /etc/hosts. FQDN should be the first name\n"));
+ DEBUGADD(1, (" prior to any aliases.\n"));
}
if (full && (strcasecmp_m(full, "localhost.localdomain") == 0)) {
DEBUG(1, ("WARNING: your /etc/hosts file may be broken!\n"));
- DEBUGADD(1, (" Specifing the machine hostname for address 127.0.0.1 may lead\n"));
+ DEBUGADD(1, (" Specifying the machine hostname for address 127.0.0.1 may lead\n"));
DEBUGADD(1, (" to Kerberos authentication problems as localhost.localdomain\n"));
DEBUGADD(1, (" may end up being used instead of the real machine FQDN.\n"));
- full = hp->h_name;
- }
- if (!full) {
- full = hp->h_name;
}
DEBUG(10,("name_to_fqdn: lookup for %s -> %s.\n", name, full));
fstrcpy(fqdn, full);
+ freeaddrinfo(result); /* No longer needed */
return true;
}
-/**********************************************************************
- Append a DATA_BLOB to a talloc'ed object
-***********************************************************************/
-
-void *talloc_append_blob(TALLOC_CTX *mem_ctx, void *buf, DATA_BLOB blob)
-{
- size_t old_size = 0;
- char *result;
-
- if (blob.length == 0) {
- return buf;
- }
-
- if (buf != NULL) {
- old_size = talloc_get_size(buf);
- }
-
- result = (char *)TALLOC_REALLOC(mem_ctx, buf, old_size + blob.length);
- if (result == NULL) {
- return NULL;
- }
-
- memcpy(result + old_size, blob.data, blob.length);
- return result;
-}
-
-uint32 map_share_mode_to_deny_mode(uint32 share_access, uint32 private_options)
+uint32_t map_share_mode_to_deny_mode(uint32_t share_access, uint32_t private_options)
{
switch (share_access & ~FILE_SHARE_DELETE) {
case FILE_SHARE_NONE:
return DENY_FCB;
}
- return (uint32)-1;
-}
-
-pid_t procid_to_pid(const struct server_id *proc)
-{
- return proc->pid;
-}
-
-static uint32 my_vnn = NONCLUSTER_VNN;
-
-void set_my_vnn(uint32 vnn)
-{
- DEBUG(10, ("vnn pid %d = %u\n", (int)sys_getpid(), (unsigned int)vnn));
- my_vnn = vnn;
-}
-
-uint32 get_my_vnn(void)
-{
- return my_vnn;
-}
-
-static uint64_t my_unique_id = 0;
-
-void set_my_unique_id(uint64_t unique_id)
-{
- my_unique_id = unique_id;
-}
-
-struct server_id pid_to_procid(pid_t pid)
-{
- struct server_id result;
- result.pid = pid;
- result.task_id = 0;
- result.unique_id = my_unique_id;
- result.vnn = my_vnn;
- return result;
-}
-
-struct server_id procid_self(void)
-{
- return pid_to_procid(sys_getpid());
-}
-
-bool procid_equal(const struct server_id *p1, const struct server_id *p2)
-{
- if (p1->pid != p2->pid)
- return False;
- if (p1->task_id != p2->task_id)
- return False;
- if (p1->vnn != p2->vnn)
- return False;
- return True;
-}
-
-bool cluster_id_equal(const struct server_id *id1,
- const struct server_id *id2)
-{
- return procid_equal(id1, id2);
-}
-
-bool procid_is_me(const struct server_id *pid)
-{
- if (pid->pid != sys_getpid())
- return False;
- if (pid->task_id != 0)
- return False;
- if (pid->vnn != my_vnn)
- return False;
- return True;
+ return (uint32_t)-1;
}
struct server_id interpret_pid(const char *pid_string)
{
- struct server_id result;
- unsigned long long pid;
- unsigned int vnn, task_id = 0;
-
- ZERO_STRUCT(result);
-
- /* We accept various forms with 1, 2 or 3 component forms
- * because the server_id_str() can print different forms, and
- * we want backwards compatibility for scripts that may call
- * smbclient. */
- if (sscanf(pid_string, "%u:%llu.%u", &vnn, &pid, &task_id) == 3) {
- result.vnn = vnn;
- result.pid = pid;
- result.task_id = task_id;
- } else if (sscanf(pid_string, "%u:%llu", &vnn, &pid) == 2) {
- result.vnn = vnn;
- result.pid = pid;
- result.task_id = 0;
- } else if (sscanf(pid_string, "%llu.%u", &pid, &task_id) == 2) {
- result.vnn = get_my_vnn();
- result.pid = pid;
- result.task_id = task_id;
- } else if (sscanf(pid_string, "%llu", &pid) == 1) {
- result.vnn = get_my_vnn();
- result.pid = pid;
- } else {
- result.vnn = NONCLUSTER_VNN;
- result.pid = (uint64_t)-1;
- }
- return result;
-}
-
-char *procid_str_static(const struct server_id *pid)
-{
- return server_id_str(talloc_tos(), pid);
-}
-
-bool procid_valid(const struct server_id *pid)
-{
- return (pid->pid != (uint64_t)-1);
-}
-
-bool procid_is_local(const struct server_id *pid)
-{
- return pid->vnn == my_vnn;
-}
-
-/****************************************************************
- Check if offset/length fit into bufsize. Should probably be
- merged with is_offset_safe, but this would require a rewrite
- of lanman.c. Later :-)
-****************************************************************/
-
-bool trans_oob(uint32_t bufsize, uint32_t offset, uint32_t length)
-{
- if ((offset + length < offset) || (offset + length < length)) {
- /* wrap */
- return true;
- }
- if ((offset > bufsize) || (offset + length > bufsize)) {
- /* overflow */
- return true;
- }
- return false;
+ return server_id_from_string(get_my_vnn(), pid_string);
}
/****************************************************************
call (they take care of winbind separator and other winbind specific settings).
****************************************************************/
-void split_domain_user(TALLOC_CTX *mem_ctx,
+bool split_domain_user(TALLOC_CTX *mem_ctx,
const char *full_name,
char **domain,
char **user)
if (p != NULL) {
*domain = talloc_strndup(mem_ctx, full_name,
PTR_DIFF(p, full_name));
+ if (*domain == NULL) {
+ return false;
+ }
*user = talloc_strdup(mem_ctx, p+1);
+ if (*user == NULL) {
+ TALLOC_FREE(*domain);
+ return false;
+ }
} else {
- *domain = talloc_strdup(mem_ctx, "");
+ *domain = NULL;
*user = talloc_strdup(mem_ctx, full_name);
+ if (*user == NULL) {
+ return false;
+ }
}
+
+ return true;
}
/****************************************************************
return s;
}
-bool tevent_req_poll_ntstatus(struct tevent_req *req,
- struct tevent_context *ev,
- NTSTATUS *status)
-{
- bool ret = tevent_req_poll(req, ev);
- if (!ret) {
- *status = map_nt_error_from_unix(errno);
- }
- return ret;
-}
-
bool any_nt_status_not_ok(NTSTATUS err1, NTSTATUS err2, NTSTATUS *result)
{
if (!NT_STATUS_IS_OK(err1)) {
return ptr;
}
+
+/*******************************************************************
+ Return True if the filename is one of the special executable types.
+********************************************************************/
+
+bool is_executable(const char *fname)
+{
+ if ((fname = strrchr_m(fname,'.'))) {
+ if (strequal(fname,".com") ||
+ strequal(fname,".dll") ||
+ strequal(fname,".exe") ||
+ strequal(fname,".sym")) {
+ return True;
+ }
+ }
+ return False;
+}
+
+/****************************************************************************
+ Open a file with a share mode - old openX method - map into NTCreate.
+****************************************************************************/
+
+bool map_open_params_to_ntcreate(const char *smb_base_fname,
+ int deny_mode, int open_func,
+ uint32_t *paccess_mask,
+ uint32_t *pshare_mode,
+ uint32_t *pcreate_disposition,
+ uint32_t *pcreate_options,
+ uint32_t *pprivate_flags)
+{
+ uint32_t access_mask;
+ uint32_t share_mode;
+ uint32_t create_disposition;
+ uint32_t create_options = FILE_NON_DIRECTORY_FILE;
+ uint32_t private_flags = 0;
+
+ DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
+ "open_func = 0x%x\n",
+ smb_base_fname, (unsigned int)deny_mode,
+ (unsigned int)open_func ));
+
+ /* Create the NT compatible access_mask. */
+ switch (GET_OPENX_MODE(deny_mode)) {
+ case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
+ case DOS_OPEN_RDONLY:
+ access_mask = FILE_GENERIC_READ;
+ break;
+ case DOS_OPEN_WRONLY:
+ access_mask = FILE_GENERIC_WRITE;
+ break;
+ case DOS_OPEN_RDWR:
+ case DOS_OPEN_FCB:
+ access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
+ break;
+ default:
+ DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
+ (unsigned int)GET_OPENX_MODE(deny_mode)));
+ return False;
+ }
+
+ /* Create the NT compatible create_disposition. */
+ switch (open_func) {
+ case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
+ create_disposition = FILE_CREATE;
+ break;
+
+ case OPENX_FILE_EXISTS_OPEN:
+ create_disposition = FILE_OPEN;
+ break;
+
+ case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
+ create_disposition = FILE_OPEN_IF;
+ break;
+
+ case OPENX_FILE_EXISTS_TRUNCATE:
+ create_disposition = FILE_OVERWRITE;
+ break;
+
+ case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
+ create_disposition = FILE_OVERWRITE_IF;
+ break;
+
+ default:
+ /* From samba4 - to be confirmed. */
+ if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
+ create_disposition = FILE_CREATE;
+ break;
+ }
+ DEBUG(10,("map_open_params_to_ntcreate: bad "
+ "open_func 0x%x\n", (unsigned int)open_func));
+ return False;
+ }
+
+ /* Create the NT compatible share modes. */
+ switch (GET_DENY_MODE(deny_mode)) {
+ case DENY_ALL:
+ share_mode = FILE_SHARE_NONE;
+ break;
+
+ case DENY_WRITE:
+ share_mode = FILE_SHARE_READ;
+ break;
+
+ case DENY_READ:
+ share_mode = FILE_SHARE_WRITE;
+ break;
+
+ case DENY_NONE:
+ share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
+ break;
+
+ case DENY_DOS:
+ private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
+ if (is_executable(smb_base_fname)) {
+ share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
+ } else {
+ if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
+ share_mode = FILE_SHARE_READ;
+ } else {
+ share_mode = FILE_SHARE_NONE;
+ }
+ }
+ break;
+
+ case DENY_FCB:
+ private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
+ share_mode = FILE_SHARE_NONE;
+ break;
+
+ default:
+ DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
+ (unsigned int)GET_DENY_MODE(deny_mode) ));
+ return False;
+ }
+
+ DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
+ "share_mode = 0x%x, create_disposition = 0x%x, "
+ "create_options = 0x%x private_flags = 0x%x\n",
+ smb_base_fname,
+ (unsigned int)access_mask,
+ (unsigned int)share_mode,
+ (unsigned int)create_disposition,
+ (unsigned int)create_options,
+ (unsigned int)private_flags));
+
+ if (paccess_mask) {
+ *paccess_mask = access_mask;
+ }
+ if (pshare_mode) {
+ *pshare_mode = share_mode;
+ }
+ if (pcreate_disposition) {
+ *pcreate_disposition = create_disposition;
+ }
+ if (pcreate_options) {
+ *pcreate_options = create_options;
+ }
+ if (pprivate_flags) {
+ *pprivate_flags = private_flags;
+ }
+
+ return True;
+
+}
+
+/*************************************************************************
+ Return a talloced copy of a struct security_unix_token. NULL on fail.
+*************************************************************************/
+
+struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct security_unix_token *tok)
+{
+ struct security_unix_token *cpy;
+
+ cpy = talloc(ctx, struct security_unix_token);
+ if (!cpy) {
+ return NULL;
+ }
+
+ cpy->uid = tok->uid;
+ cpy->gid = tok->gid;
+ cpy->ngroups = tok->ngroups;
+ if (tok->ngroups) {
+ /* Make this a talloc child of cpy. */
+ cpy->groups = (gid_t *)talloc_memdup(
+ cpy, tok->groups, tok->ngroups * sizeof(gid_t));
+ if (!cpy->groups) {
+ TALLOC_FREE(cpy);
+ return NULL;
+ }
+ } else {
+ cpy->groups = NULL;
+ }
+ return cpy;
+}
+
+/****************************************************************************
+ Check that a file matches a particular file type.
+****************************************************************************/
+
+bool dir_check_ftype(uint32_t mode, uint32_t dirtype)
+{
+ uint32_t mask;
+
+ /* Check the "may have" search bits. */
+ if (((mode & ~dirtype) &
+ (FILE_ATTRIBUTE_HIDDEN |
+ FILE_ATTRIBUTE_SYSTEM |
+ FILE_ATTRIBUTE_DIRECTORY)) != 0) {
+ return false;
+ }
+
+ /* Check the "must have" bits,
+ which are the may have bits shifted eight */
+ /* If must have bit is set, the file/dir can
+ not be returned in search unless the matching
+ file attribute is set */
+ mask = ((dirtype >> 8) & (FILE_ATTRIBUTE_DIRECTORY|
+ FILE_ATTRIBUTE_ARCHIVE|
+ FILE_ATTRIBUTE_READONLY|
+ FILE_ATTRIBUTE_HIDDEN|
+ FILE_ATTRIBUTE_SYSTEM)); /* & 0x37 */
+ if(mask) {
+ if((mask & (mode & (FILE_ATTRIBUTE_DIRECTORY|
+ FILE_ATTRIBUTE_ARCHIVE|
+ FILE_ATTRIBUTE_READONLY|
+ FILE_ATTRIBUTE_HIDDEN|
+ FILE_ATTRIBUTE_SYSTEM))) == mask) {
+ /* check if matching attribute present */
+ return true;
+ } else {
+ return false;
+ }
+ }
+
+ return true;
+}