static void onefs_load_faketimestamp_config(struct connection_struct *conn, struct onefs_vfs_share_config *cfg) { const char **parm; int snum = SNUM(conn); parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_ATIME_NOW, PARM_ATIME_NOW_DEFAULT); if (parm) { cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS; set_namearray(&cfg->atime_now_list,*parm); } parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_CTIME_NOW, PARM_CTIME_NOW_DEFAULT); if (parm) { cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS; set_namearray(&cfg->ctime_now_list,*parm); } parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_MTIME_NOW, PARM_MTIME_NOW_DEFAULT); if (parm) { cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS; set_namearray(&cfg->mtime_now_list,*parm); } parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_ATIME_STATIC, PARM_ATIME_STATIC_DEFAULT); if (parm) { cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS; set_namearray(&cfg->atime_static_list,*parm); } parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_MTIME_STATIC, PARM_MTIME_STATIC_DEFAULT); if (parm) { cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS; set_namearray(&cfg->mtime_static_list,*parm); } cfg->atime_slop = lp_parm_int(snum, PARM_ONEFS_TYPE, PARM_ATIME_SLOP, PARM_ATIME_SLOP_DEFAULT); cfg->ctime_slop = lp_parm_int(snum, PARM_ONEFS_TYPE, PARM_CTIME_SLOP, PARM_CTIME_SLOP_DEFAULT); cfg->mtime_slop = lp_parm_int(snum, PARM_ONEFS_TYPE, PARM_MTIME_SLOP, PARM_MTIME_SLOP_DEFAULT); }
static int readonly_connect(vfs_handle_struct *handle, const char *service, const char *user) { const char *period_def[] = {"today 0:0:0", "tomorrow 0:0:0"}; const char **period = lp_parm_string_list(SNUM(handle->conn), (handle->param ? handle->param : MODULE_NAME), "period", period_def); int ret = SMB_VFS_NEXT_CONNECT(handle, service, user); if (ret < 0) { return ret; } if (period && period[0] && period[1]) { int i; time_t current_time = time(NULL); time_t begin_period = get_date(period[0], ¤t_time); time_t end_period = get_date(period[1], ¤t_time); if ((current_time >= begin_period) && (current_time <= end_period)) { connection_struct *conn = handle->conn; handle->conn->read_only = True; /* Wipe out the VUID cache. */ for (i=0; i< VUID_CACHE_SIZE; i++) { struct vuid_cache_entry *ent = ent = &conn->vuid_cache.array[i]; ent->vuid = UID_FIELD_INVALID; TALLOC_FREE(ent->session_info); ent->read_only = false; } conn->vuid_cache.next_entry = 0; } return 0; } else { return 0; } }
static bool sid_in_ignore_list(struct dom_sid * sid, int snum) { const char ** sid_list = NULL; struct dom_sid match; sid_list = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_UNMAPPABLE_SIDS_IGNORE_LIST, PARM_UNMAPPABLE_SIDS_IGNORE_LIST_DEFAULT); /* Fast path a NULL list */ if (!sid_list || *sid_list == NULL) return false; while (*sid_list) { if (string_to_sid(&match, *sid_list)) if (sid_equal(sid, &match)) return true; sid_list++; } return false; }
/* Add a trusted domain to our list of domains */ static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name, struct winbindd_methods *methods, const struct dom_sid *sid) { struct winbindd_domain *domain; const char *alternative_name = NULL; char *idmap_config_option; const char *param; const char **ignored_domains, **dom; ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL); for (dom=ignored_domains; dom && *dom; dom++) { if (gen_fnmatch(*dom, domain_name) == 0) { DEBUG(2,("Ignoring domain '%s'\n", domain_name)); return NULL; } } /* use alt_name if available to allow DNS lookups */ if (alt_name && *alt_name) { alternative_name = alt_name; } /* We can't call domain_list() as this function is called from init_domain_list() and we'll get stuck in a loop. */ for (domain = _domain_list; domain; domain = domain->next) { if (strequal(domain_name, domain->name) || strequal(domain_name, domain->alt_name)) { break; } if (alternative_name && *alternative_name) { if (strequal(alternative_name, domain->name) || strequal(alternative_name, domain->alt_name)) { break; } } if (sid) { if (is_null_sid(sid)) { continue; } if (dom_sid_equal(sid, &domain->sid)) { break; } } } if (domain != NULL) { /* * We found a match. Possibly update the SID */ if ((sid != NULL) && dom_sid_equal(&domain->sid, &global_sid_NULL)) { sid_copy( &domain->sid, sid ); } return domain; } /* Create new domain entry */ domain = talloc_zero(NULL, struct winbindd_domain); if (domain == NULL) { return NULL; } domain->children = talloc_zero_array(domain, struct winbindd_child, lp_winbind_max_domain_connections()); if (domain->children == NULL) { TALLOC_FREE(domain); return NULL; } domain->name = talloc_strdup(domain, domain_name); if (domain->name == NULL) { TALLOC_FREE(domain); return NULL; } if (alternative_name) { domain->alt_name = talloc_strdup(domain, alternative_name); if (domain->alt_name == NULL) { TALLOC_FREE(domain); return NULL; } } domain->methods = methods; domain->backend = NULL; domain->internal = is_internal_domain(sid); domain->sequence_number = DOM_SEQUENCE_NONE; domain->last_seq_check = 0; domain->initialized = False; domain->online = is_internal_domain(sid); domain->check_online_timeout = 0; domain->dc_probe_pid = (pid_t)-1; if (sid) { sid_copy(&domain->sid, sid); } /* Link to domain list */ DLIST_ADD_END(_domain_list, domain, struct winbindd_domain *); wcache_tdc_add_domain( domain ); idmap_config_option = talloc_asprintf(talloc_tos(), "idmap config %s", domain->name); if (idmap_config_option == NULL) { DEBUG(0, ("talloc failed, not looking for idmap config\n")); goto done; } param = lp_parm_const_string(-1, idmap_config_option, "range", NULL); DEBUG(10, ("%s : range = %s\n", idmap_config_option, param ? param : "not defined")); if (param != NULL) { unsigned low_id, high_id; if (sscanf(param, "%u - %u", &low_id, &high_id) != 2) { DEBUG(1, ("invalid range syntax in %s: %s\n", idmap_config_option, param)); goto done; } if (low_id > high_id) { DEBUG(1, ("invalid range in %s: %s\n", idmap_config_option, param)); goto done; } domain->have_idmap_config = true; domain->id_range_low = low_id; domain->id_range_high = high_id; } done: DEBUG(2,("Added domain %s %s %s\n", domain->name, domain->alt_name, &domain->sid?sid_string_dbg(&domain->sid):"")); return domain; }
/* Add a trusted domain out of a trusted domain cache entry */ static struct winbindd_domain * add_trusted_domain_from_tdc(const struct winbindd_tdc_domain *tdc) { struct winbindd_domain *domain; const char *alternative_name = NULL; const char **ignored_domains, **dom; int role = lp_server_role(); const char *domain_name = tdc->domain_name; const struct dom_sid *sid = &tdc->sid; if (is_null_sid(sid)) { sid = NULL; } ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL); for (dom=ignored_domains; dom && *dom; dom++) { if (gen_fnmatch(*dom, domain_name) == 0) { DEBUG(2,("Ignoring domain '%s'\n", domain_name)); return NULL; } } /* use alt_name if available to allow DNS lookups */ if (tdc->dns_name && *tdc->dns_name) { alternative_name = tdc->dns_name; } /* We can't call domain_list() as this function is called from init_domain_list() and we'll get stuck in a loop. */ for (domain = _domain_list; domain; domain = domain->next) { if (strequal(domain_name, domain->name) || strequal(domain_name, domain->alt_name)) { break; } if (alternative_name) { if (strequal(alternative_name, domain->name) || strequal(alternative_name, domain->alt_name)) { break; } } if (sid != NULL) { if (dom_sid_equal(sid, &domain->sid)) { break; } } } if (domain != NULL) { /* * We found a match on domain->name or * domain->alt_name. Possibly update the SID * if the stored SID was the NULL SID * and return the matching entry. */ if ((sid != NULL) && dom_sid_equal(&domain->sid, &global_sid_NULL)) { sid_copy( &domain->sid, sid ); } return domain; } /* Create new domain entry */ domain = talloc_zero(NULL, struct winbindd_domain); if (domain == NULL) { return NULL; } domain->children = talloc_zero_array(domain, struct winbindd_child, lp_winbind_max_domain_connections()); if (domain->children == NULL) { TALLOC_FREE(domain); return NULL; } domain->name = talloc_strdup(domain, domain_name); if (domain->name == NULL) { TALLOC_FREE(domain); return NULL; } if (alternative_name) { domain->alt_name = talloc_strdup(domain, alternative_name); if (domain->alt_name == NULL) { TALLOC_FREE(domain); return NULL; } } domain->backend = NULL; domain->internal = is_internal_domain(sid); domain->sequence_number = DOM_SEQUENCE_NONE; domain->last_seq_check = 0; domain->initialized = false; domain->online = is_internal_domain(sid); domain->check_online_timeout = 0; domain->dc_probe_pid = (pid_t)-1; if (sid != NULL) { sid_copy(&domain->sid, sid); } domain->domain_flags = tdc->trust_flags; domain->domain_type = tdc->trust_type; domain->domain_trust_attribs = tdc->trust_attribs; /* Is this our primary domain ? */ if (strequal(domain_name, get_global_sam_name()) && (role != ROLE_DOMAIN_MEMBER)) { domain->primary = true; } else if (strequal(domain_name, lp_workgroup()) && (role == ROLE_DOMAIN_MEMBER)) { domain->primary = true; } if (domain->primary) { if (role == ROLE_ACTIVE_DIRECTORY_DC) { domain->active_directory = true; } if (lp_security() == SEC_ADS) { domain->active_directory = true; } } else if (!domain->internal) { if (domain->domain_type == LSA_TRUST_TYPE_UPLEVEL) { domain->active_directory = true; } } /* Link to domain list */ DLIST_ADD_END(_domain_list, domain); wcache_tdc_add_domain( domain ); setup_domain_child(domain); DEBUG(2, ("Added domain %s %s %s\n", domain->name, domain->alt_name, !is_null_sid(&domain->sid) ? sid_string_dbg(&domain->sid) : "")); return domain; }
NTSTATUS np_open(TALLOC_CTX *mem_ctx, const char *name, const struct tsocket_address *local_address, const struct tsocket_address *remote_address, struct client_address *client_id, struct auth_serversupplied_info *session_info, struct messaging_context *msg_ctx, struct fake_file_handle **phandle) { const char *rpcsrv_type; const char **proxy_list; struct fake_file_handle *handle; bool external = false; proxy_list = lp_parm_string_list(-1, "np", "proxy", NULL); handle = talloc(mem_ctx, struct fake_file_handle); if (handle == NULL) { return NT_STATUS_NO_MEMORY; } /* Check what is the server type for this pipe. Defaults to "embedded" */ rpcsrv_type = lp_parm_const_string(GLOBAL_SECTION_SNUM, "rpc_server", name, "embedded"); if (StrCaseCmp(rpcsrv_type, "embedded") != 0) { external = true; } /* Still support the old method for defining external servers */ if ((proxy_list != NULL) && str_list_check_ci(proxy_list, name)) { external = true; } if (external) { struct np_proxy_state *p; p = make_external_rpc_pipe_p(handle, name, local_address, remote_address, session_info); handle->type = FAKE_FILE_TYPE_NAMED_PIPE_PROXY; handle->private_data = p; } else { struct pipes_struct *p; struct ndr_syntax_id syntax; if (!is_known_pipename(name, &syntax)) { TALLOC_FREE(handle); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } p = make_internal_rpc_pipe_p(handle, &syntax, client_id, session_info, msg_ctx); handle->type = FAKE_FILE_TYPE_NAMED_PIPE; handle->private_data = p; } if (handle->private_data == NULL) { TALLOC_FREE(handle); return NT_STATUS_PIPE_NOT_AVAILABLE; } *phandle = handle; return NT_STATUS_OK; }
NTSTATUS np_open(TALLOC_CTX *mem_ctx, const char *name, const struct tsocket_address *local_address, const struct tsocket_address *remote_address, struct auth_session_info *session_info, struct tevent_context *ev_ctx, struct messaging_context *msg_ctx, struct fake_file_handle **phandle) { enum rpc_service_mode_e pipe_mode; const char **proxy_list; struct fake_file_handle *handle; struct ndr_syntax_id syntax; struct npa_state *npa = NULL; NTSTATUS status; bool ok; proxy_list = lp_parm_string_list(-1, "np", "proxy", NULL); handle = talloc(mem_ctx, struct fake_file_handle); if (handle == NULL) { return NT_STATUS_NO_MEMORY; } /* Check what is the server type for this pipe. Defaults to "embedded" */ pipe_mode = rpc_service_mode(name); /* Still support the old method for defining external servers */ if ((proxy_list != NULL) && str_list_check_ci(proxy_list, name)) { pipe_mode = RPC_SERVICE_MODE_EXTERNAL; } switch (pipe_mode) { case RPC_SERVICE_MODE_EXTERNAL: status = make_external_rpc_pipe(handle, name, local_address, remote_address, session_info, &npa); if (!NT_STATUS_IS_OK(status)) { talloc_free(handle); return status; } handle->private_data = (void *)npa; handle->type = FAKE_FILE_TYPE_NAMED_PIPE_PROXY; break; case RPC_SERVICE_MODE_EMBEDDED: /* Check if we handle this pipe internally */ ok = is_known_pipename(name, &syntax); if (!ok) { DEBUG(2, ("'%s' is not a registered pipe!\n", name)); talloc_free(handle); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } status = make_internal_rpc_pipe_socketpair(handle, ev_ctx, msg_ctx, name, &syntax, remote_address, session_info, &npa); if (!NT_STATUS_IS_OK(status)) { talloc_free(handle); return status; } handle->private_data = (void *)npa; handle->type = FAKE_FILE_TYPE_NAMED_PIPE_PROXY; break; case RPC_SERVICE_MODE_DISABLED: talloc_free(handle); return NT_STATUS_OBJECT_NAME_NOT_FOUND; } *phandle = handle; return NT_STATUS_OK; }