static void onefs_load_faketimestamp_config(struct connection_struct *conn,
struct onefs_vfs_share_config *cfg)
{
const char **parm;
int snum = SNUM(conn);
parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_ATIME_NOW,
PARM_ATIME_NOW_DEFAULT);
if (parm) {
cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS;
set_namearray(&cfg->atime_now_list,*parm);
}
parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_CTIME_NOW,
PARM_CTIME_NOW_DEFAULT);
if (parm) {
cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS;
set_namearray(&cfg->ctime_now_list,*parm);
}
parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_MTIME_NOW,
PARM_MTIME_NOW_DEFAULT);
if (parm) {
cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS;
set_namearray(&cfg->mtime_now_list,*parm);
}
parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_ATIME_STATIC,
PARM_ATIME_STATIC_DEFAULT);
if (parm) {
cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS;
set_namearray(&cfg->atime_static_list,*parm);
}
parm = lp_parm_string_list(snum, PARM_ONEFS_TYPE, PARM_MTIME_STATIC,
PARM_MTIME_STATIC_DEFAULT);
if (parm) {
cfg->init_flags |= ONEFS_VFS_CONFIG_FAKETIMESTAMPS;
set_namearray(&cfg->mtime_static_list,*parm);
}
cfg->atime_slop = lp_parm_int(snum, PARM_ONEFS_TYPE, PARM_ATIME_SLOP,
PARM_ATIME_SLOP_DEFAULT);
cfg->ctime_slop = lp_parm_int(snum, PARM_ONEFS_TYPE, PARM_CTIME_SLOP,
PARM_CTIME_SLOP_DEFAULT);
cfg->mtime_slop = lp_parm_int(snum, PARM_ONEFS_TYPE, PARM_MTIME_SLOP,
PARM_MTIME_SLOP_DEFAULT);
}
static int readonly_connect(vfs_handle_struct *handle,
const char *service,
const char *user)
{
const char *period_def[] = {"today 0:0:0", "tomorrow 0:0:0"};
const char **period = lp_parm_string_list(SNUM(handle->conn),
(handle->param ? handle->param : MODULE_NAME),
"period", period_def);
int ret = SMB_VFS_NEXT_CONNECT(handle, service, user);
if (ret < 0) {
return ret;
}
if (period && period[0] && period[1]) {
int i;
time_t current_time = time(NULL);
time_t begin_period = get_date(period[0], ¤t_time);
time_t end_period = get_date(period[1], ¤t_time);
if ((current_time >= begin_period) && (current_time <= end_period)) {
connection_struct *conn = handle->conn;
handle->conn->read_only = True;
/* Wipe out the VUID cache. */
for (i=0; i< VUID_CACHE_SIZE; i++) {
struct vuid_cache_entry *ent = ent = &conn->vuid_cache.array[i];
ent->vuid = UID_FIELD_INVALID;
TALLOC_FREE(ent->session_info);
ent->read_only = false;
}
conn->vuid_cache.next_entry = 0;
}
return 0;
} else {
return 0;
}
}
static bool
sid_in_ignore_list(struct dom_sid * sid, int snum)
{
const char ** sid_list = NULL;
struct dom_sid match;
sid_list = lp_parm_string_list(snum, PARM_ONEFS_TYPE,
PARM_UNMAPPABLE_SIDS_IGNORE_LIST,
PARM_UNMAPPABLE_SIDS_IGNORE_LIST_DEFAULT);
/* Fast path a NULL list */
if (!sid_list || *sid_list == NULL)
return false;
while (*sid_list) {
if (string_to_sid(&match, *sid_list))
if (sid_equal(sid, &match))
return true;
sid_list++;
}
return false;
}
/* Add a trusted domain to our list of domains */
static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name,
struct winbindd_methods *methods,
const struct dom_sid *sid)
{
struct winbindd_domain *domain;
const char *alternative_name = NULL;
char *idmap_config_option;
const char *param;
const char **ignored_domains, **dom;
ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL);
for (dom=ignored_domains; dom && *dom; dom++) {
if (gen_fnmatch(*dom, domain_name) == 0) {
DEBUG(2,("Ignoring domain '%s'\n", domain_name));
return NULL;
}
}
/* use alt_name if available to allow DNS lookups */
if (alt_name && *alt_name) {
alternative_name = alt_name;
}
/* We can't call domain_list() as this function is called from
init_domain_list() and we'll get stuck in a loop. */
for (domain = _domain_list; domain; domain = domain->next) {
if (strequal(domain_name, domain->name) ||
strequal(domain_name, domain->alt_name))
{
break;
}
if (alternative_name && *alternative_name)
{
if (strequal(alternative_name, domain->name) ||
strequal(alternative_name, domain->alt_name))
{
break;
}
}
if (sid)
{
if (is_null_sid(sid)) {
continue;
}
if (dom_sid_equal(sid, &domain->sid)) {
break;
}
}
}
if (domain != NULL) {
/*
* We found a match. Possibly update the SID
*/
if ((sid != NULL)
&& dom_sid_equal(&domain->sid, &global_sid_NULL)) {
sid_copy( &domain->sid, sid );
}
return domain;
}
/* Create new domain entry */
domain = talloc_zero(NULL, struct winbindd_domain);
if (domain == NULL) {
return NULL;
}
domain->children = talloc_zero_array(domain,
struct winbindd_child,
lp_winbind_max_domain_connections());
if (domain->children == NULL) {
TALLOC_FREE(domain);
return NULL;
}
domain->name = talloc_strdup(domain, domain_name);
if (domain->name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
if (alternative_name) {
domain->alt_name = talloc_strdup(domain, alternative_name);
if (domain->alt_name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
}
domain->methods = methods;
domain->backend = NULL;
domain->internal = is_internal_domain(sid);
domain->sequence_number = DOM_SEQUENCE_NONE;
domain->last_seq_check = 0;
domain->initialized = False;
domain->online = is_internal_domain(sid);
domain->check_online_timeout = 0;
domain->dc_probe_pid = (pid_t)-1;
if (sid) {
sid_copy(&domain->sid, sid);
}
/* Link to domain list */
DLIST_ADD_END(_domain_list, domain, struct winbindd_domain *);
wcache_tdc_add_domain( domain );
idmap_config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
domain->name);
if (idmap_config_option == NULL) {
DEBUG(0, ("talloc failed, not looking for idmap config\n"));
goto done;
}
param = lp_parm_const_string(-1, idmap_config_option, "range", NULL);
DEBUG(10, ("%s : range = %s\n", idmap_config_option,
param ? param : "not defined"));
if (param != NULL) {
unsigned low_id, high_id;
if (sscanf(param, "%u - %u", &low_id, &high_id) != 2) {
DEBUG(1, ("invalid range syntax in %s: %s\n",
idmap_config_option, param));
goto done;
}
if (low_id > high_id) {
DEBUG(1, ("invalid range in %s: %s\n",
idmap_config_option, param));
goto done;
}
domain->have_idmap_config = true;
domain->id_range_low = low_id;
domain->id_range_high = high_id;
}
done:
DEBUG(2,("Added domain %s %s %s\n",
domain->name, domain->alt_name,
&domain->sid?sid_string_dbg(&domain->sid):""));
return domain;
}
/* Add a trusted domain out of a trusted domain cache
entry
*/
static struct winbindd_domain *
add_trusted_domain_from_tdc(const struct winbindd_tdc_domain *tdc)
{
struct winbindd_domain *domain;
const char *alternative_name = NULL;
const char **ignored_domains, **dom;
int role = lp_server_role();
const char *domain_name = tdc->domain_name;
const struct dom_sid *sid = &tdc->sid;
if (is_null_sid(sid)) {
sid = NULL;
}
ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL);
for (dom=ignored_domains; dom && *dom; dom++) {
if (gen_fnmatch(*dom, domain_name) == 0) {
DEBUG(2,("Ignoring domain '%s'\n", domain_name));
return NULL;
}
}
/* use alt_name if available to allow DNS lookups */
if (tdc->dns_name && *tdc->dns_name) {
alternative_name = tdc->dns_name;
}
/* We can't call domain_list() as this function is called from
init_domain_list() and we'll get stuck in a loop. */
for (domain = _domain_list; domain; domain = domain->next) {
if (strequal(domain_name, domain->name) ||
strequal(domain_name, domain->alt_name))
{
break;
}
if (alternative_name) {
if (strequal(alternative_name, domain->name) ||
strequal(alternative_name, domain->alt_name))
{
break;
}
}
if (sid != NULL) {
if (dom_sid_equal(sid, &domain->sid)) {
break;
}
}
}
if (domain != NULL) {
/*
* We found a match on domain->name or
* domain->alt_name. Possibly update the SID
* if the stored SID was the NULL SID
* and return the matching entry.
*/
if ((sid != NULL)
&& dom_sid_equal(&domain->sid, &global_sid_NULL)) {
sid_copy( &domain->sid, sid );
}
return domain;
}
/* Create new domain entry */
domain = talloc_zero(NULL, struct winbindd_domain);
if (domain == NULL) {
return NULL;
}
domain->children = talloc_zero_array(domain,
struct winbindd_child,
lp_winbind_max_domain_connections());
if (domain->children == NULL) {
TALLOC_FREE(domain);
return NULL;
}
domain->name = talloc_strdup(domain, domain_name);
if (domain->name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
if (alternative_name) {
domain->alt_name = talloc_strdup(domain, alternative_name);
if (domain->alt_name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
}
domain->backend = NULL;
domain->internal = is_internal_domain(sid);
domain->sequence_number = DOM_SEQUENCE_NONE;
domain->last_seq_check = 0;
domain->initialized = false;
domain->online = is_internal_domain(sid);
domain->check_online_timeout = 0;
domain->dc_probe_pid = (pid_t)-1;
if (sid != NULL) {
sid_copy(&domain->sid, sid);
}
domain->domain_flags = tdc->trust_flags;
domain->domain_type = tdc->trust_type;
domain->domain_trust_attribs = tdc->trust_attribs;
/* Is this our primary domain ? */
if (strequal(domain_name, get_global_sam_name()) &&
(role != ROLE_DOMAIN_MEMBER)) {
domain->primary = true;
} else if (strequal(domain_name, lp_workgroup()) &&
(role == ROLE_DOMAIN_MEMBER)) {
domain->primary = true;
}
if (domain->primary) {
if (role == ROLE_ACTIVE_DIRECTORY_DC) {
domain->active_directory = true;
}
if (lp_security() == SEC_ADS) {
domain->active_directory = true;
}
} else if (!domain->internal) {
if (domain->domain_type == LSA_TRUST_TYPE_UPLEVEL) {
domain->active_directory = true;
}
}
/* Link to domain list */
DLIST_ADD_END(_domain_list, domain);
wcache_tdc_add_domain( domain );
setup_domain_child(domain);
DEBUG(2,
("Added domain %s %s %s\n", domain->name, domain->alt_name,
!is_null_sid(&domain->sid) ? sid_string_dbg(&domain->sid) : ""));
return domain;
}
NTSTATUS np_open(TALLOC_CTX *mem_ctx, const char *name,
const struct tsocket_address *local_address,
const struct tsocket_address *remote_address,
struct client_address *client_id,
struct auth_serversupplied_info *session_info,
struct messaging_context *msg_ctx,
struct fake_file_handle **phandle)
{
const char *rpcsrv_type;
const char **proxy_list;
struct fake_file_handle *handle;
bool external = false;
proxy_list = lp_parm_string_list(-1, "np", "proxy", NULL);
handle = talloc(mem_ctx, struct fake_file_handle);
if (handle == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* Check what is the server type for this pipe.
Defaults to "embedded" */
rpcsrv_type = lp_parm_const_string(GLOBAL_SECTION_SNUM,
"rpc_server", name,
"embedded");
if (StrCaseCmp(rpcsrv_type, "embedded") != 0) {
external = true;
}
/* Still support the old method for defining external servers */
if ((proxy_list != NULL) && str_list_check_ci(proxy_list, name)) {
external = true;
}
if (external) {
struct np_proxy_state *p;
p = make_external_rpc_pipe_p(handle, name,
local_address,
remote_address,
session_info);
handle->type = FAKE_FILE_TYPE_NAMED_PIPE_PROXY;
handle->private_data = p;
} else {
struct pipes_struct *p;
struct ndr_syntax_id syntax;
if (!is_known_pipename(name, &syntax)) {
TALLOC_FREE(handle);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
p = make_internal_rpc_pipe_p(handle, &syntax, client_id,
session_info, msg_ctx);
handle->type = FAKE_FILE_TYPE_NAMED_PIPE;
handle->private_data = p;
}
if (handle->private_data == NULL) {
TALLOC_FREE(handle);
return NT_STATUS_PIPE_NOT_AVAILABLE;
}
*phandle = handle;
return NT_STATUS_OK;
}
NTSTATUS np_open(TALLOC_CTX *mem_ctx, const char *name,
const struct tsocket_address *local_address,
const struct tsocket_address *remote_address,
struct auth_session_info *session_info,
struct tevent_context *ev_ctx,
struct messaging_context *msg_ctx,
struct fake_file_handle **phandle)
{
enum rpc_service_mode_e pipe_mode;
const char **proxy_list;
struct fake_file_handle *handle;
struct ndr_syntax_id syntax;
struct npa_state *npa = NULL;
NTSTATUS status;
bool ok;
proxy_list = lp_parm_string_list(-1, "np", "proxy", NULL);
handle = talloc(mem_ctx, struct fake_file_handle);
if (handle == NULL) {
return NT_STATUS_NO_MEMORY;
}
/* Check what is the server type for this pipe.
Defaults to "embedded" */
pipe_mode = rpc_service_mode(name);
/* Still support the old method for defining external servers */
if ((proxy_list != NULL) && str_list_check_ci(proxy_list, name)) {
pipe_mode = RPC_SERVICE_MODE_EXTERNAL;
}
switch (pipe_mode) {
case RPC_SERVICE_MODE_EXTERNAL:
status = make_external_rpc_pipe(handle,
name,
local_address,
remote_address,
session_info,
&npa);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(handle);
return status;
}
handle->private_data = (void *)npa;
handle->type = FAKE_FILE_TYPE_NAMED_PIPE_PROXY;
break;
case RPC_SERVICE_MODE_EMBEDDED:
/* Check if we handle this pipe internally */
ok = is_known_pipename(name, &syntax);
if (!ok) {
DEBUG(2, ("'%s' is not a registered pipe!\n", name));
talloc_free(handle);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
status = make_internal_rpc_pipe_socketpair(handle,
ev_ctx,
msg_ctx,
name,
&syntax,
remote_address,
session_info,
&npa);
if (!NT_STATUS_IS_OK(status)) {
talloc_free(handle);
return status;
}
handle->private_data = (void *)npa;
handle->type = FAKE_FILE_TYPE_NAMED_PIPE_PROXY;
break;
case RPC_SERVICE_MODE_DISABLED:
talloc_free(handle);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
*phandle = handle;
return NT_STATUS_OK;
}
