int smb_krb5_update_keytab(TALLOC_CTX *parent_ctx, struct cli_credentials *machine_account, struct smb_krb5_context *smb_krb5_context, const char **enctype_strings, struct keytab_container *keytab_container) { krb5_error_code ret; BOOL found_previous; TALLOC_CTX *mem_ctx = talloc_new(parent_ctx); if (!mem_ctx) { return ENOMEM; } ret = remove_old_entries(mem_ctx, machine_account, smb_krb5_context, keytab_container->keytab, &found_previous); if (ret != 0) { talloc_free(mem_ctx); return ret; } /* Create a new keytab. If during the cleanout we found * entires for kvno -1, then don't try and duplicate them. * Otherwise, add kvno, and kvno -1 */ ret = create_keytab(mem_ctx, machine_account, smb_krb5_context, enctype_strings, keytab_container->keytab, found_previous ? False : True); talloc_free(mem_ctx); return ret; }
static void workspace_nfs_releasedir(fuse_req_t req, struct workspace_dh_struct *dh) { struct resource_struct *resource=dh->object->resource; struct net_nfs_export_struct *nfs_export=(struct net_nfs_export_struct *) resource->data; struct nfs_context *nfs_ctx=(struct nfs_context *) nfs_export->data; struct nfsdir *dir=(struct nfsdir *) dh->handle.data; struct directory_struct *directory=NULL; logoutput("workspace_nfs_releasedir"); directory=dh->directory; if (dir) { pthread_mutex_lock(&nfs_export->mutex); nfs_closedir(nfs_ctx, dir); pthread_mutex_unlock(&nfs_export->mutex); } fuse_reply_err(req, 0); if (directory) { /* when synced with backend and there were entries at start test these are not synced */ if (dh->mode & _WORKSPACE_READDIR_MODE_NONEMPTY) remove_old_entries(dh->object, directory, &dh->synctime); memcpy(&directory->synctime, &dh->synctime, sizeof(struct timespec)); } // clean_pathcache(); }
static void overlay_releasedir(fuse_req_t req, struct workspace_dh_struct *dh) { struct overlay_readdir_struct *overlay_readdir=(struct overlay_readdir_struct *)dh->handle.data; struct directory_struct *directory=NULL; struct timespec synctime; unsigned int error=0; unsigned int mode=0; logoutput("RELEASEDIR"); directory=dh->directory; if (overlay_readdir) { mode=overlay_readdir->mode; close_readdir(overlay_readdir); if (overlay_readdir->fd>0) { close(overlay_readdir->fd); overlay_readdir->fd=0; } free(overlay_readdir); overlay_readdir=NULL; } fuse_reply_err(req, 0); if (directory) { /* when synced with backend and there were entries at start test these are not synced */ if ((dh->mode & _WORKSPACE_READDIR_MODE_NONEMPTY) && (mode & (_FW_READDIR_MODE_SIMPLE | _FW_READDIR_MODE_FULL))) remove_old_entries(dh->object, directory, &dh->synctime); memcpy(&directory->synctime, &dh->synctime, sizeof(struct timespec)); } clean_pathcache(); }
int child_function(int id) { struct socket_info *b,*bp,*a,*ap; int sleep_time; is_main = 0; b = bind_address; bp = bind_address_port; a = alternate_address; ap = alternate_address_port; //each of the childs has the main address different from the other if (id == 1) { bind_address = b; bind_address_port = bp; alternate_address = a; alternate_address_port = ap; } if (id == 2) { bind_address = bp; bind_address_port = b; alternate_address = ap; alternate_address_port = a; } if (id == 3) { bind_address = a; bind_address_port = ap; alternate_address = b; alternate_address_port = bp; } if (id == 4) { bind_address = ap; bind_address_port = a; alternate_address = bp; alternate_address_port = b; } if (id <= 4) { is_udp = 1; LOG("Child %d [%d] started ...\n",id,getpid()); LOG("Listening on:\n"); LOG("\tb [%d] %.*s:%d\n",id,bind_address->name.len,bind_address->name.s,bind_address->port_no); LOG("\tbp[%d] %.*s:%d\n",id,bind_address_port->name.len,bind_address_port->name.s,bind_address_port->port_no); LOG("\ta [%d] %.*s:%d\n",id,alternate_address->name.len,alternate_address->name.s,alternate_address->port_no); LOG("\tap[%d] %.*s:%d\n",id,alternate_address_port->name.len,alternate_address_port->name.s,alternate_address_port->port_no); /* for(i=1;i<THREADS_PER_SOCKET;i++) { fork(); } */ return udp_rcv_loop(); } #ifdef USE_TLS //start the TLS server if (id == 5) { //tls server is_tls = 1; init_tls(); tls_bind_address = duplicate_sock_info(bind_address); if (tls_init(tls_bind_address) != 1) { LOG("TLS bind failed:trying after 25 seconds\n"); sleep(10); if (tls_init(tls_bind_address) != 1) { LOG("Second TLS bind failed.Givving Up\n"); for(;;) pause(); } else LOG("TLS succeeded from second attempt\n"); } return tls_rcv_loop(); } #endif #ifdef USE_TLS //start the timer if (id == 6) { //timer server scope is to detect expired credentials is_timer = 1; LOG("[%d] timer activated\n",getpid()); sleep_time = -1; while(1) { if (sleep_time == -1) sleep(EXPIRE-TIMER_RESOLUTION);//EXPIRE-TIMER_RESOLUTION is better else sleep(sleep_time+10);//to be sure it expired remove_old_entries(&sleep_time); LOG("[%d] timer activates now sleep_time=%d\n",getpid(),sleep_time); } } #endif return 1; }
krb5_error_code smb_krb5_update_keytab(TALLOC_CTX *parent_ctx, krb5_context context, const char *keytab_name, const char *samAccountName, const char *realm, const char **SPNs, int num_SPNs, const char *saltPrincipal, const char *new_secret, const char *old_secret, int kvno, uint32_t supp_enctypes, bool delete_all_kvno, krb5_keytab *_keytab, const char **error_string) { krb5_keytab keytab; krb5_error_code ret; bool found_previous; TALLOC_CTX *tmp_ctx; krb5_principal *principals = NULL; if (keytab_name == NULL) { return ENOENT; } ret = krb5_kt_resolve(context, keytab_name, &keytab); if (ret) { *error_string = smb_get_krb5_error_message(context, ret, parent_ctx); return ret; } DEBUG(5, ("Opened keytab %s\n", keytab_name)); tmp_ctx = talloc_new(parent_ctx); if (!tmp_ctx) { return ENOMEM; } /* Get the principal we will store the new keytab entries under */ ret = principals_from_list(tmp_ctx, samAccountName, realm, SPNs, num_SPNs, context, &principals, error_string); if (ret != 0) { *error_string = talloc_asprintf(parent_ctx, "Failed to load principals from ldb message: %s\n", *error_string); goto done; } ret = remove_old_entries(tmp_ctx, kvno, principals, delete_all_kvno, context, keytab, &found_previous, error_string); if (ret != 0) { *error_string = talloc_asprintf(parent_ctx, "Failed to remove old principals from keytab: %s\n", *error_string); goto done; } if (!delete_all_kvno) { /* Create a new keytab. If during the cleanout we found * entires for kvno -1, then don't try and duplicate them. * Otherwise, add kvno, and kvno -1 */ ret = create_keytab(tmp_ctx, samAccountName, realm, saltPrincipal, kvno, new_secret, old_secret, supp_enctypes, principals, context, keytab, found_previous ? false : true, error_string); if (ret) { talloc_steal(parent_ctx, *error_string); } } if (ret == 0 && _keytab != NULL) { /* caller wants the keytab handle back */ *_keytab = keytab; } done: keytab_principals_free(context, principals); if (ret != 0 || _keytab == NULL) { krb5_kt_close(context, keytab); } talloc_free(tmp_ctx); return ret; }