static SOLARIS_ACL_TAG_T smb_tag_to_solaris_tag(SMB_ACL_TAG_T smb_tag)
{
SOLARIS_ACL_TAG_T solaris_tag = 0;
DEBUG(10, ("smb_tag_to_solaris_tag\n"));
DEBUGADD(10, (" --> got smb tag 0x%04x\n", smb_tag));
switch (smb_tag) {
case SMB_ACL_USER:
solaris_tag = USER;
break;
case SMB_ACL_USER_OBJ:
solaris_tag = USER_OBJ;
break;
case SMB_ACL_GROUP:
solaris_tag = GROUP;
break;
case SMB_ACL_GROUP_OBJ:
solaris_tag = GROUP_OBJ;
break;
case SMB_ACL_OTHER:
solaris_tag = OTHER_OBJ;
break;
case SMB_ACL_MASK:
solaris_tag = CLASS_OBJ;
break;
default:
DEBUGADD(10, (" !!! unknown smb tag type 0x%04x\n", smb_tag));
break;
}
DEBUGADD(10, (" --> determined solaris tag 0x%04x\n", solaris_tag));
return solaris_tag;
}
_PUBLIC_ void ndr_print_debug_helper(struct ndr_print *ndr, const char *format, ...)
{
va_list ap;
char *s = NULL;
uint32_t i;
int ret;
va_start(ap, format);
ret = vasprintf(&s, format, ap);
va_end(ap);
if (ret == -1) {
return;
}
if (ndr->no_newline) {
DEBUGADD(1,("%s", s));
free(s);
return;
}
for (i=0;i<ndr->depth;i++) {
DEBUGADD(1,(" "));
}
DEBUGADD(1,("%s\n", s));
free(s);
}
static HPUX_ACL_TAG_T smb_tag_to_hpux_tag(SMB_ACL_TAG_T smb_tag)
{
HPUX_ACL_TAG_T hpux_tag = 0;
DEBUG(10, ("smb_tag_to_hpux_tag\n"));
DEBUGADD(10, (" --> got smb tag 0x%04x\n", smb_tag));
switch (smb_tag) {
case SMB_ACL_USER:
hpux_tag = USER;
break;
case SMB_ACL_USER_OBJ:
hpux_tag = USER_OBJ;
break;
case SMB_ACL_GROUP:
hpux_tag = GROUP;
break;
case SMB_ACL_GROUP_OBJ:
hpux_tag = GROUP_OBJ;
break;
case SMB_ACL_OTHER:
hpux_tag = OTHER_OBJ;
break;
case SMB_ACL_MASK:
hpux_tag = CLASS_OBJ;
break;
default:
DEBUGADD(10, (" !!! unknown smb tag type 0x%04x\n", smb_tag));
break;
}
DEBUGADD(10, (" --> determined hpux tag 0x%04x\n", hpux_tag));
return hpux_tag;
}
void dump_gp_ext(struct GP_EXT *gp_ext, int debuglevel)
{
int lvl = debuglevel;
int i;
if (gp_ext == NULL) {
return;
}
DEBUG(lvl,("\t---------------------\n\n"));
DEBUGADD(lvl,("\tname:\t\t\t%s\n", gp_ext->gp_extension));
for (i=0; i< gp_ext->num_exts; i++) {
DEBUGADD(lvl,("\textension:\t\t\t%s\n",
gp_ext->extensions_guid[i]));
DEBUGADD(lvl,("\textension (name):\t\t\t%s\n",
gp_ext->extensions[i]));
DEBUGADD(lvl,("\tsnapin:\t\t\t%s\n",
gp_ext->snapins_guid[i]));
DEBUGADD(lvl,("\tsnapin (name):\t\t\t%s\n",
gp_ext->snapins[i]));
}
}
/****************************************************************************
prints a struct security_token to debug output.
****************************************************************************/
void security_token_debug(int dbg_lev, const struct security_token *token)
{
TALLOC_CTX *mem_ctx;
int i;
if (!token) {
DEBUG(dbg_lev, ("Security token: (NULL)\n"));
return;
}
mem_ctx = talloc_init("security_token_debug()");
if (!mem_ctx) {
return;
}
DEBUG(dbg_lev, ("Security token of user %s\n",
dom_sid_string(mem_ctx, token->user_sid) ));
DEBUGADD(dbg_lev, (" SIDs (%lu):\n",
(unsigned long)token->num_sids));
for (i = 0; i < token->num_sids; i++) {
DEBUGADD(dbg_lev, (" SID[%3lu]: %s\n", (unsigned long)i,
dom_sid_string(mem_ctx, token->sids[i])));
}
security_token_debug_privileges(dbg_lev, token);
talloc_free(mem_ctx);
}
bool prs_uint8s(bool charmode, const char *name, prs_struct *ps, int depth, uint8_t *data8s, int len)
{
int i;
char *q = prs_mem_get(ps, len);
if (q == NULL)
return False;
if (UNMARSHALLING(ps)) {
for (i = 0; i < len; i++)
data8s[i] = CVAL(q,i);
} else {
for (i = 0; i < len; i++)
SCVAL(q, i, data8s[i]);
}
DEBUGADD(5,("%s%04x %s: ", tab_depth(5,depth), ps->data_offset ,name));
if (charmode)
print_asc(5, (unsigned char*)data8s, len);
else {
for (i = 0; i < len; i++)
DEBUGADD(5,("%02x ", data8s[i]));
}
DEBUGADD(5,("\n"));
ps->data_offset += len;
return True;
}
static struct files_struct *log_writeable_file_fn(
struct files_struct *fsp, void *private_data)
{
bool *found = (bool *)private_data;
char *path;
if (!fsp->can_write) {
return NULL;
}
if (!(*found)) {
DEBUG(0, ("Writable files open at exit:\n"));
*found = true;
}
path = talloc_asprintf(talloc_tos(), "%s/%s", fsp->conn->connectpath,
smb_fname_str_dbg(fsp->fsp_name));
if (path == NULL) {
DEBUGADD(0, ("<NOMEM>\n"));
}
DEBUGADD(0, ("%s\n", path));
TALLOC_FREE(path);
return NULL;
}
static void debug_lock_order(int level, struct db_context *dbs[])
{
int i;
DEBUG(level, ("lock order: "));
for (i=0; i<DBWRAP_LOCK_ORDER_MAX; i++) {
DEBUGADD(level, (" %d:%s", i + 1, dbs[i] ? dbs[i]->name : "<none>"));
}
DEBUGADD(level, ("\n"));
}
WERROR _wkssvc_NetWkstaGetInfo(struct pipes_struct *p,
struct wkssvc_NetWkstaGetInfo *r)
{
switch (r->in.level) {
case 100:
/* Level 100 can be allowed from anyone including anonymous
* so no access checks are needed for this case */
r->out.info->info100 = create_wks_info_100(p->mem_ctx);
if (r->out.info->info100 == NULL) {
return WERR_NOMEM;
}
break;
case 101:
/* Level 101 can be allowed from any logged in user */
if (!nt_token_check_sid(&global_sid_Authenticated_Users,
p->session_info->security_token)) {
DEBUG(1,("User not allowed for NetWkstaGetInfo level "
"101\n"));
DEBUGADD(3,(" - does not have sid for Authenticated "
"Users %s:\n",
sid_string_dbg(
&global_sid_Authenticated_Users)));
security_token_debug(DBGC_CLASS, 3,
p->session_info->security_token);
return WERR_ACCESS_DENIED;
}
r->out.info->info101 = create_wks_info_101(p->mem_ctx);
if (r->out.info->info101 == NULL) {
return WERR_NOMEM;
}
break;
case 102:
/* Level 102 Should only be allowed from a domain administrator */
if (!nt_token_check_sid(&global_sid_Builtin_Administrators,
p->session_info->security_token)) {
DEBUG(1,("User not allowed for NetWkstaGetInfo level "
"102\n"));
DEBUGADD(3,(" - does not have sid for Administrators "
"group %s, sids are:\n",
sid_string_dbg(&global_sid_Builtin_Administrators)));
security_token_debug(DBGC_CLASS, 3,
p->session_info->security_token);
return WERR_ACCESS_DENIED;
}
r->out.info->info102 = create_wks_info_102(p->mem_ctx);
if (r->out.info->info102 == NULL) {
return WERR_NOMEM;
}
break;
default:
return WERR_UNKNOWN_LEVEL;
}
return WERR_OK;
}
/*
* internal validation function, executed by the child.
*/
static int tdb_validate_child(struct tdb_context *tdb,
tdb_validate_data_func validate_fn)
{
int ret = 1;
int num_entries = 0;
struct tdb_validation_status v_status;
v_status.tdb_error = False;
v_status.bad_freelist = False;
v_status.bad_entry = False;
v_status.unknown_key = False;
v_status.success = True;
if (!tdb) {
v_status.tdb_error = True;
v_status.success = False;
goto out;
}
/* Check if the tdb's freelist is good. */
if (tdb_validate_freelist(tdb, &num_entries) == -1) {
v_status.bad_freelist = True;
v_status.success = False;
goto out;
}
DEBUG(10,("tdb_validate_child: tdb %s freelist has %d entries\n",
tdb_name(tdb), num_entries));
/* Now traverse the tdb to validate it. */
num_entries = tdb_traverse(tdb, validate_fn, (void *)&v_status);
if (!v_status.success) {
goto out;
} else if (num_entries == -1) {
v_status.tdb_error = True;
v_status.success = False;
goto out;
}
DEBUG(10,("tdb_validate_child: tdb %s is good with %d entries\n",
tdb_name(tdb), num_entries));
ret = 0; /* Cache is good. */
out:
DEBUG(10, ("tdb_validate_child: summary of validation status:\n"));
DEBUGADD(10,(" * tdb error: %s\n", v_status.tdb_error ? "yes" : "no"));
DEBUGADD(10,(" * bad freelist: %s\n",v_status.bad_freelist?"yes":"no"));
DEBUGADD(10,(" * bad entry: %s\n", v_status.bad_entry ? "yes" : "no"));
DEBUGADD(10,(" * unknown key: %s\n", v_status.unknown_key?"yes":"no"));
DEBUGADD(10,(" => overall success: %s\n", v_status.success?"yes":"no"));
return ret;
}
static NTSTATUS tdbsam_delete_sam_account(struct pdb_methods *my_methods, SAM_ACCOUNT *sam_pass)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
struct tdbsam_privates *tdb_state = (struct tdbsam_privates *)my_methods->private_data;
TDB_CONTEXT *pwd_tdb;
TDB_DATA key;
fstring keystr;
uint32 rid;
fstring name;
fstrcpy(name, pdb_get_username(sam_pass));
strlower_m(name);
/* open the TDB */
if (!(pwd_tdb = tdb_open_log(tdb_state->tdbsam_location, 0, TDB_DEFAULT, O_RDWR, 0600))) {
DEBUG(0, ("Unable to open TDB passwd!"));
return nt_status;
}
/* set the search key */
slprintf(keystr, sizeof(keystr)-1, "%s%s", USERPREFIX, name);
key.dptr = keystr;
key.dsize = strlen (keystr) + 1;
rid = pdb_get_user_rid(sam_pass);
/* it's outaa here! 8^) */
if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS) {
DEBUG(5, ("Error deleting entry from tdb passwd database!\n"));
DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
tdb_close(pwd_tdb);
return nt_status;
}
/* delete also the RID key */
/* set the search key */
slprintf(keystr, sizeof(keystr)-1, "%s%.8x", RIDPREFIX, rid);
key.dptr = keystr;
key.dsize = strlen (keystr) + 1;
/* it's outaa here! 8^) */
if (tdb_delete(pwd_tdb, key) != TDB_SUCCESS) {
DEBUG(5, ("Error deleting entry from tdb rid database!\n"));
DEBUGADD(5, (" Error: %s\n", tdb_errorstr(pwd_tdb)));
tdb_close(pwd_tdb);
return nt_status;
}
tdb_close(pwd_tdb);
return NT_STATUS_OK;
}
static void xlate_qblk_to_smb(const struct dqblk * const qblk,
SMB_DISK_QUOTA *dp)
{
ZERO_STRUCTP(dp);
DEBUG(10, ("unix softlimit=%u hardlimit=%u curblock=%u\n",
(unsigned)qblk->dqb_bsoftlimit, (unsigned)qblk->dqb_bhardlimit,
#ifdef HAVE_STRUCT_DQBLK_DQB_CURBYTES
(unsigned)qblk->dqb_curbytes));
#else
(unsigned)qblk->dqb_curblocks));
#endif
DEBUGADD(10, ("unix softinodes=%u hardinodes=%u curinodes=%u\n",
(unsigned)qblk->dqb_isoftlimit, (unsigned)qblk->dqb_ihardlimit,
(unsigned)qblk->dqb_curinodes));
#ifdef HAVE_STRUCT_DQBLK_DQB_CURBYTES
/* On Darwin, quotas are counted in bytes. We report them
* in 512b blocks because various callers have assumptions
* about the block size.
*/
#define XLATE_TO_BLOCKS(bytes) (((bytes) + 1) / 512)
dp->bsize = 512;
dp->softlimit = XLATE_TO_BLOCKS(qblk->dqb_bsoftlimit);
dp->hardlimit = XLATE_TO_BLOCKS(qblk->dqb_bhardlimit);
dp->curblocks = XLATE_TO_BLOCKS(qblk->dqb_curbytes);
#undef XLATE_TO_BLOCKS
#else
dp->bsize = DEV_BSIZE;
dp->softlimit = qblk->dqb_bsoftlimit;
dp->hardlimit = qblk->dqb_bhardlimit;
dp->curblocks = qblk->dqb_curblocks;
#endif
dp->ihardlimit = qblk->dqb_ihardlimit;
dp->isoftlimit = qblk->dqb_isoftlimit;
dp->curinodes = qblk->dqb_curinodes;
dp->qflags = QUOTAS_ENABLED | QUOTAS_DENY_DISK;
DEBUG(10, ("softlimit=%u hardlimit=%u curblock=%u\n",
(unsigned)dp->softlimit, (unsigned)dp->hardlimit,
(unsigned)dp->curblocks));
DEBUGADD(10, ("softinodes=%u hardinodes=%u curinodes=%u\n",
(unsigned)dp->isoftlimit, (unsigned)dp->ihardlimit,
(unsigned)dp->curinodes));
}
static bool smb_pwd_check_ntlmv1(TALLOC_CTX *mem_ctx,
const DATA_BLOB *nt_response,
const uint8_t *part_passwd,
const DATA_BLOB *sec_blob,
DATA_BLOB *user_sess_key)
{
/* Finish the encryption of part_passwd. */
uint8_t p24[24];
if (part_passwd == NULL) {
DEBUG(10,("No password set - DISALLOWING access\n"));
/* No password set - always false ! */
return false;
}
if (sec_blob->length != 8) {
DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect challenge size (%lu)\n",
(unsigned long)sec_blob->length));
return false;
}
if (nt_response->length != 24) {
DEBUG(0, ("smb_pwd_check_ntlmv1: incorrect password length (%lu)\n",
(unsigned long)nt_response->length));
return false;
}
SMBOWFencrypt(part_passwd, sec_blob->data, p24);
#if DEBUG_PASSWORD
DEBUG(100,("Part password (P16) was |\n"));
dump_data(100, part_passwd, 16);
DEBUGADD(100,("Password from client was |\n"));
dump_data(100, nt_response->data, nt_response->length);
DEBUGADD(100,("Given challenge was |\n"));
dump_data(100, sec_blob->data, sec_blob->length);
DEBUGADD(100,("Value from encryption was |\n"));
dump_data(100, p24, 24);
#endif
if (memcmp(p24, nt_response->data, 24) == 0) {
if (user_sess_key != NULL) {
*user_sess_key = data_blob_talloc(mem_ctx, NULL, 16);
SMBsesskeygen_ntv1(part_passwd, user_sess_key->data);
}
return true;
}
return false;
}
static WERROR rcinit_stop( const char *service, SERVICE_STATUS *status )
{
char *command = NULL;
int ret, fd;
if (asprintf(&command, "%s/%s/%s stop",
get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR, service) < 0) {
return WERR_NOMEM;
}
/* we've already performed the access check when the service was opened */
become_root();
ret = smbrun( command , &fd );
unbecome_root();
DEBUGADD(5, ("rcinit_start: [%s] returned [%d]\n", command, ret));
close(fd);
SAFE_FREE(command);
ZERO_STRUCTP( status );
status->type = 0x0020;
status->state = (ret == 0 ) ? 0x0001 : 0x0004;
status->controls_accepted = 0x0005;
return ( ret == 0 ) ? WERR_OK : WERR_ACCESS_DENIED;
}
static WERROR rcinit_status( const char *service, struct SERVICE_STATUS *status )
{
char *command = NULL;
int ret, fd;
if (asprintf(&command, "%s/%s/%s status",
get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR, service) < 0) {
return WERR_NOT_ENOUGH_MEMORY;
}
/* we've already performed the access check when the service was opened */
/* assume as return code of 0 means that the service is ok. Anything else
is STOPPED */
become_root();
ret = smbrun(command, &fd, NULL);
unbecome_root();
DEBUGADD(5, ("rcinit_start: [%s] returned [%d]\n", command, ret));
close(fd);
SAFE_FREE(command);
ZERO_STRUCTP( status );
status->type = SERVICE_TYPE_WIN32_SHARE_PROCESS;
status->state = (ret == 0 ) ? SVCCTL_RUNNING : SVCCTL_STOPPED;
status->controls_accepted = SVCCTL_ACCEPT_STOP |
SVCCTL_ACCEPT_SHUTDOWN;
return WERR_OK;
}
static WERROR rcinit_status( const char *service, SERVICE_STATUS *status )
{
char *command = NULL;
int ret, fd;
if (asprintf(&command, "%s/%s/%s status",
get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR, service) < 0) {
return WERR_NOMEM;
}
/* we've already performed the access check when the service was opened */
/* assume as return code of 0 means that the service is ok. Anything else
is STOPPED */
become_root();
ret = smbrun( command , &fd );
unbecome_root();
DEBUGADD(5, ("rcinit_start: [%s] returned [%d]\n", command, ret));
close(fd);
SAFE_FREE(command);
ZERO_STRUCTP( status );
status->type = 0x0020;
status->state = (ret == 0 ) ? 0x0004 : 0x0001;
status->controls_accepted = 0x0005;
return WERR_OK;
}
bool prs_dcerpc_status(const char *name, prs_struct *ps, int depth, NTSTATUS *status)
{
char *q = prs_mem_get(ps, sizeof(uint32));
if (q == NULL)
return False;
if (UNMARSHALLING(ps)) {
if (ps->bigendian_data)
*status = NT_STATUS(RIVAL(q,0));
else
*status = NT_STATUS(IVAL(q,0));
} else {
if (ps->bigendian_data)
RSIVAL(q,0,NT_STATUS_V(*status));
else
SIVAL(q,0,NT_STATUS_V(*status));
}
DEBUGADD(5,("%s%04x %s: %s\n", tab_depth(5,depth), ps->data_offset, name,
dcerpc_errstr(talloc_tos(), NT_STATUS_V(*status))));
ps->data_offset += sizeof(uint32);
return True;
}
void dump_core(void)
{
/* Note that even if core dumping has been disabled, we still set up
* the core path. This is to handle the case where core dumping is
* turned on in smb.conf and the relevant daemon is not restarted.
*/
if (!lp_enable_core_files()) {
DEBUG(0, ("Exiting on internal error (core file administratively disabled\n"));
exit(1);
}
if (*corepath != '\0') {
/* The chdir might fail if we dump core before we finish
* processing the config file.
*/
if (chdir(corepath) != 0) {
DEBUG(0, ("unable to change to %s", corepath));
DEBUGADD(0, ("refusing to dump core\n"));
exit(1);
}
DEBUG(0,("dumping core in %s\n", corepath));
}
umask(~(0700));
dbgflush();
/* Ensure we don't have a signal handler for abort. */
#ifdef SIGABRT
CatchSignal(SIGABRT,SIGNAL_CAST SIG_DFL);
#endif
abort();
}
SMB_ACL_T solarisacl_sys_acl_get_file(vfs_handle_struct *handle,
const char *path_p,
SMB_ACL_TYPE_T type, TALLOC_CTX *mem_ctx)
{
SMB_ACL_T result = NULL;
int count;
SOLARIS_ACL_T solaris_acl = NULL;
DEBUG(10, ("solarisacl_sys_acl_get_file called for file '%s'.\n",
path_p));
if (type != SMB_ACL_TYPE_ACCESS && type != SMB_ACL_TYPE_DEFAULT) {
DEBUG(10, ("invalid SMB_ACL_TYPE given (%d)\n", type));
errno = EINVAL;
goto done;
}
DEBUGADD(10, ("getting %s acl\n",
((type == SMB_ACL_TYPE_ACCESS) ? "access" : "default")));
if (!solaris_acl_get_file(path_p, &solaris_acl, &count)) {
goto done;
}
result = solaris_acl_to_smb_acl(solaris_acl, count, type, mem_ctx);
if (result == NULL) {
DEBUG(10, ("conversion solaris_acl -> smb_acl failed (%s).\n",
strerror(errno)));
}
done:
DEBUG(10, ("solarisacl_sys_acl_get_file %s.\n",
((result == NULL) ? "failed" : "succeeded" )));
SAFE_FREE(solaris_acl);
return result;
}
static void print_asc(int level, const uint8_t *buf, size_t len)
{
int i;
for (i=0;i<len;i++) {
DEBUGADD(level,("%c", isprint(buf[i])?buf[i]:'.'));
}
}
/*
* meo_load () Load Memory from a File.
* Function meo_load() loads the binary contents of a memory region from a
* disk file. The contents must have been previously saved using meoSave().
*
* Invocation (dynamically allocated buffer):
* void *start_address = NULL;
* ...
* status = meo_load (filename, offset, &start_address, &num_bytes);
*
* Invocation (caller-specified buffer):
* void *start_address = buffer;
* long num_bytes = sizeof buffer;
* ...
* status = meo_load (filename, offset, &start_address, &num_bytes);
*
* where:
* <filename> - I
* is the name of the file from which the memory contents will be
* loaded. Environment variables may be embedded in the file name.
* <offset> - I
* is the byte offset within the file from which the load will begin.
* <start_address> - I/O
* is the address of a (VOID *) pointer that specifies or returns the
* address where the contents of the file will be stored. If the
* (VOID *) pointer is NULL, meo_load() will MALLOC(3) a buffer for
* the file contents and return its address through this argument;
* the caller is responsible for FREE(3)ing the memory when it is
* no longer needed. If the (VOID *) pointer is NOT NULL, meo_load()
* uses it as the address of a caller-allocated buffer in which the
* file contents are to be stored; the size of the buffer is
* specified by the NUMBYTES argument.
* <num_bytes> - I/O
* is the address of a longword that specifies or returns the size of
* the memory buffer. If the memory buffer is dynamically allocated
* by meo_load(), this argument returns the size of the buffer. If
* meo_load() uses a caller-allocated buffer, this argument specifies
* the size of the buffer.
* <status> - O
* returns the status of loading the memory from a file, zero
* if there were no errors and ERRNO otherwise.
*
*/
int meo_load (const char *filename, long offset, void **start_address,
long *num_bytes)
{
static char mod[] = "meo_load";
FILE *file;
long fileSize;
struct stat info;
filename = fnm_build (FNMPATH, filename, NULL);
file = fopen (filename, "r");
if (file == NULL) {
DEBUG_OUT(0, ("(%s) Error opening %s.\n",
mod, filename));
return (errno);
}
/* Determine the amount of data to be loaded from the file. */
if (fstat (fileno (file), &info)) {
DEBUG_OUT(0, ("(%s) Error determining the size of %s.\n",
mod, filename));
return (errno);
}
fileSize = info.st_size - offset;
/* Allocate a memory buffer, if necessary. */
if (*start_address == NULL) {
*num_bytes = fileSize;
*start_address = malloc (fileSize);
if (*start_address == NULL) {
DEBUG_OUT(0,
("(%s) Error allocating %ld-byte memory buffer for %s.\n",
mod, fileSize, filename));
return (errno);
}
}
/* Read the (possibly truncated) contents of the file into the memory pool. */
if (fseek (file, offset, SEEK_SET) != offset) {
DEBUG_OUT(0, ("(%s) Error positioning to offset %ld in %s.\nfseek: ",
mod, offset, filename));
return (errno);
}
if (fileSize > *num_bytes)
fileSize = *num_bytes;
if (fread (*start_address, fileSize, 1, file) != 1) {
DEBUG_OUT(0, ("(%s) Error loading %ld bytes from %s to %p.\nfread: ",
mod, fileSize, filename, *start_address));
return (errno);
}
fclose (file);
if (meo_util_debug)
DEBUGADD(3, ("(%s) Loaded %ld bytes from %s to %p.\n",
mod, fileSize, filename, *start_address));
return (0);
}
/****************************************************************************
remove a privilege from a privilege array
****************************************************************************/
NTSTATUS remove_privilege(PRIVILEGE_SET *priv_set, LUID_ATTR set)
{
NTSTATUS ret;
LUID_ATTR *new_set;
LUID_ATTR *old_set;
int i,j;
if (!priv_set)
return NT_STATUS_INVALID_PARAMETER;
/* check if the privilege is in the list */
if (!NT_STATUS_IS_OK(check_priv_in_privilege(priv_set, set)))
return NT_STATUS_UNSUCCESSFUL;
/* special case if it's the only privilege in the list */
if (priv_set->count == 1) {
reset_privilege(priv_set);
return NT_STATUS_OK;
}
/*
* the privilege is there, create a new list,
* and copy the other privileges
*/
old_set = priv_set->set;
new_set = (LUID_ATTR *)talloc(priv_set->mem_ctx, (priv_set->count - 1) * (sizeof(LUID_ATTR)));
ALLOC_CHECK(new_set, ret, done, "remove_privilege");
for (i=0, j=0; i < priv_set->count; i++) {
if ( (old_set[i].luid.low == set.luid.low) &&
(old_set[i].luid.high == set.luid.high) ) {
continue;
}
new_set[j].luid.low = old_set[i].luid.low;
new_set[j].luid.high = old_set[i].luid.high;
new_set[j].attr = old_set[i].attr;
j++;
}
if (j != priv_set->count - 1) {
DEBUG(0,("remove_privilege: mismatch ! difference is not -1\n"));
DEBUGADD(0,("old count:%d, new count:%d\n", priv_set->count, j));
return NT_STATUS_INTERNAL_ERROR;
}
/* ok everything is fine */
priv_set->count--;
priv_set->set = new_set;
ret = NT_STATUS_OK;
done:
return ret;
}
bool netlogon_creds_client_check(const struct dcinfo *dc,
const struct netr_Credential *rcv_srv_chal_in)
{
if (memcmp(dc->srv_chal.data, rcv_srv_chal_in->data,
sizeof(dc->srv_chal.data))) {
DEBUG(0,("netlogon_creds_client_check: credentials check failed.\n"));
DEBUGADD(5,("netlogon_creds_client_check: challenge : %s\n",
credstr(rcv_srv_chal_in->data)));
DEBUGADD(5,("calculated: %s\n", credstr(dc->srv_chal.data)));
return false;
}
DEBUG(10,("netlogon_creds_client_check: credentials check OK.\n"));
return true;
}
struct work_record *find_workgroup_on_subnet(struct subnet_record *subrec,
const char *name)
{
struct work_record *ret;
DEBUG(4, ("find_workgroup_on_subnet: workgroup search for %s on subnet %s: ",
name, subrec->subnet_name));
for (ret = subrec->workgrouplist; ret; ret = ret->next) {
if (strnequal(ret->work_group,name,sizeof(nstring)-1)) {
DEBUGADD(4, ("found.\n"));
return(ret);
}
}
DEBUGADD(4, ("not found.\n"));
return NULL;
}
static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods,
struct samu *user, const char *sname)
{
TDB_DATA data;
fstring keystr;
fstring name;
NTSTATUS status;
if ( !user ) {
DEBUG(0,("pdb_getsampwnam: struct samu is NULL.\n"));
return NT_STATUS_NO_MEMORY;
}
/* Data is stored in all lower-case */
fstrcpy(name, sname);
if (!strlower_m(name)) {
return NT_STATUS_INVALID_PARAMETER;
}
/* set search key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
return NT_STATUS_ACCESS_DENIED;
}
/* get the record */
status = dbwrap_fetch_bystring(db_sam, talloc_tos(), keystr, &data);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
DEBUGADD(5, (" Key: %s\n", keystr));
return NT_STATUS_NO_SUCH_USER;
}
if (data.dsize == 0) {
DEBUG(5, ("%s: Got 0-sized record for key %s\n", __func__,
keystr));
return NT_STATUS_NO_SUCH_USER;
}
/* unpack the buffer */
if (!init_samu_from_buffer(user, SAMU_BUFFER_LATEST, data.dptr, data.dsize)) {
DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
TALLOC_FREE(data.dptr);
return NT_STATUS_NO_MEMORY;
}
/* success */
TALLOC_FREE(data.dptr);
return NT_STATUS_OK;
}
static void ctdb_packet_dump(struct ctdb_req_header *hdr)
{
if (DEBUGLEVEL < 10) {
return;
}
DEBUGADD(10, ("len=%d, magic=%x, vers=%d, gen=%d, op=%d, reqid=%d\n",
(int)hdr->length, (int)hdr->ctdb_magic,
(int)hdr->ctdb_version, (int)hdr->generation,
(int)hdr->operation, (int)hdr->reqid));
}
void security_token_debug_privileges(int dbg_lev, const struct security_token *token)
{
DEBUGADD(dbg_lev, (" Privileges (0x%16llX):\n",
(unsigned long long) token->privilege_mask));
if (token->privilege_mask) {
int i = 0;
uint_t privilege;
for (privilege = 1; privilege <= 64; privilege++) {
uint64_t mask = sec_privilege_mask(privilege);
if (token->privilege_mask & mask) {
DEBUGADD(dbg_lev, (" Privilege[%3lu]: %s\n", (unsigned long)i++,
sec_privilege_name(privilege)));
}
}
}
}
/*
* do a backup of a tdb, moving the destination out of the way first
*/
static int tdb_backup_with_rotate(TALLOC_CTX *ctx, const char *src_path,
const char *dst_path, int hash_size,
const char *rotate_suffix,
bool retry_norotate_if_nospc,
bool rename_as_last_resort_if_nospc)
{
int ret;
rename_file_with_suffix(ctx, dst_path, rotate_suffix);
ret = tdb_backup(ctx, src_path, dst_path, hash_size);
if (ret != 0) {
DEBUG(10, ("backup of %s failed: %s\n", src_path, strerror(errno)));
}
if ((ret != 0) && (errno == ENOSPC) && retry_norotate_if_nospc)
{
char *rotate_path = talloc_asprintf(ctx, "%s%s", dst_path,
rotate_suffix);
DEBUG(10, ("backup of %s failed due to lack of space\n",
src_path));
DEBUGADD(10, ("trying to free some space by removing rotated "
"dst %s\n", rotate_path));
if (unlink(rotate_path) == -1) {
DEBUG(10, ("unlink of %s failed: %s\n", rotate_path,
strerror(errno)));
} else {
ret = tdb_backup(ctx, src_path, dst_path, hash_size);
}
TALLOC_FREE(rotate_path);
}
if ((ret != 0) && (errno == ENOSPC) && rename_as_last_resort_if_nospc)
{
DEBUG(10, ("backup of %s failed due to lack of space\n",
src_path));
DEBUGADD(10, ("using 'rename' as a last resort\n"));
ret = rename(src_path, dst_path);
}
return ret;
}
void dump_core(void)
{
static bool called;
if (called) {
DEBUG(0, ("dump_core() called recursive\n"));
exit(1);
}
called = true;
/* Note that even if core dumping has been disabled, we still set up
* the core path. This is to handle the case where core dumping is
* turned on in smb.conf and the relevant daemon is not restarted.
*/
if (!lp_enable_core_files()) {
DEBUG(0, ("Exiting on internal error (core file administratively disabled)\n"));
exit(1);
}
#if DUMP_CORE
/* If we're running as non root we might not be able to dump the core
* file to the corepath. There must not be an unbecome_root() before
* we call abort(). */
if (geteuid() != 0) {
become_root();
}
if (*corepath != '\0') {
/* The chdir might fail if we dump core before we finish
* processing the config file.
*/
if (chdir(corepath) != 0) {
DEBUG(0, ("unable to change to %s\n", corepath));
DEBUGADD(0, ("refusing to dump core\n"));
exit(1);
}
DEBUG(0,("dumping core in %s\n", corepath));
}
umask(~(0700));
dbgflush();
/* Ensure we don't have a signal handler for abort. */
#ifdef SIGABRT
CatchSignal(SIGABRT,SIGNAL_CAST SIG_DFL);
#endif
abort();
#else /* DUMP_CORE */
exit(1);
#endif /* DUMP_CORE */
}
static void onefs_cbrl_enumerate_blq(const char *fn)
{
struct blocking_lock_record *blr;
if (DEBUGLVL(10))
return;
DEBUG(10, ("CBRL BLR records (%s):\n", fn));
for (blr = blocking_lock_queue; blr; blr = blr->next)
DEBUGADD(10, ("%s\n", onefs_cbrl_blr_state_str(blr)));
}