/* client_match - match host name and address against token */
bool client_match(const char *tok, const void *item)
{
const char **client = (const char **)item;
/*
* Try to match the address first. If that fails, try to match the host
* name if available.
*/
if (string_match(tok, client[ADDR_INDEX])) {
return true;
}
if (strnequal(client[ADDR_INDEX],"::ffff:",7) &&
!strnequal(tok, "::ffff:",7)) {
/* client[ADDR_INDEX] is an IPv4 mapped to IPv6, but
* the list item is not. Try and match the IPv4 part of
* address only. This will happen a lot on IPv6 enabled
* systems with IPv4 allow/deny lists in smb.conf.
* Bug #5311. JRA.
*/
if (string_match(tok, (client[ADDR_INDEX])+7)) {
return true;
}
}
if (client[NAME_INDEX][0] != 0) {
if (string_match(tok, client[NAME_INDEX])) {
return true;
}
}
return false;
}
/***********************************************************************
*
* pop3_parse_url_options()
*
* Parse the URL login options.
*/
static CURLcode pop3_parse_url_options(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct pop3_conn *pop3c = &conn->proto.pop3c;
const char *ptr = conn->options;
pop3c->sasl.resetprefs = TRUE;
while(!result && ptr && *ptr) {
const char *key = ptr;
const char *value;
while(*ptr && *ptr != '=')
ptr++;
value = ptr + 1;
while(*ptr && *ptr != ';')
ptr++;
if(strnequal(key, "AUTH=", 5)) {
result = Curl_sasl_parse_url_auth_option(&pop3c->sasl,
value, ptr - value);
if(result && strnequal(value, "+APOP", ptr - value)) {
pop3c->preftype = POP3_TYPE_APOP;
pop3c->sasl.prefmech = SASL_AUTH_NONE;
result = CURLE_OK;
}
}
else
result = CURLE_URL_MALFORMAT;
if(*ptr == ';')
ptr++;
}
if(pop3c->preftype != POP3_TYPE_APOP)
switch(pop3c->sasl.prefmech) {
case SASL_AUTH_NONE:
pop3c->preftype = POP3_TYPE_NONE;
break;
case SASL_AUTH_DEFAULT:
pop3c->preftype = POP3_TYPE_ANY;
break;
default:
pop3c->preftype = POP3_TYPE_SASL;
break;
}
return result;
}
static bool
singleVirtualProcessor_for_Debian()
{
struct utsname u;
int r = uname(&u);
if (r < 0) {
fprintf(SysErrorFile, "%s: Internal error (presumably EFAULT) in call to uname(3): %s\n", Me, strerror(r));
exit(EXIT_STATUS_IMPOSSIBLE_LIBRARY_FUNCTION_ERROR);
}
if (strnequal(u.release, "2.2.", 4) || strnequal(u.release, "2.4.", 4))
return 1; // Debian needs single-virtual-processor mode.
else
return 0;
}
static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const struct auth_usersupplied_info *user_info,
struct auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
fstring user;
long error_num;
DEBUG(10, ("Check auth for: [%s]\n", user_info->mapped.account_name));
fstrcpy(user, user_info->client.account_name);
if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
if (!strupper_m(user)) {
return NT_STATUS_INVALID_PARAMETER;
}
return nt_status_string_to_code(user);
}
if (!strlower_m(user)) {
return NT_STATUS_INVALID_PARAMETER;
}
error_num = strtoul(user, NULL, 16);
DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
nt_status = NT_STATUS(error_num);
return nt_status;
}
static NTSTATUS check_name_to_ntstatus_security(const struct auth_context *auth_context,
void *my_private_data,
TALLOC_CTX *mem_ctx,
const auth_usersupplied_info *user_info,
auth_serversupplied_info **server_info)
{
NTSTATUS nt_status;
fstring user;
long error_num;
fstrcpy(user, user_info->smb_name);
if (strnequal("NT_STATUS", user, strlen("NT_STATUS"))) {
strupper_m(user);
return nt_status_string_to_code(user);
}
strlower_m(user);
error_num = strtoul(user, NULL, 16);
DEBUG(5,("check_name_to_ntstatus_security: Error for user %s was %lx\n", user, error_num));
nt_status = NT_STATUS(error_num);
return nt_status;
}
/***********************************************************************
*
* smtp_parse_url_options()
*
* Parse the URL login options.
*/
static CURLcode smtp_parse_url_options(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
const char *ptr = conn->options;
smtpc->sasl.resetprefs = TRUE;
while(!result && ptr && *ptr) {
const char *key = ptr;
const char *value;
while(*ptr && *ptr != '=')
ptr++;
value = ptr + 1;
while(*ptr && *ptr != ';')
ptr++;
if(strnequal(key, "AUTH=", 5))
result = Curl_sasl_parse_url_auth_option(&smtpc->sasl,
value, ptr - value);
else
result = CURLE_URL_MALFORMAT;
if(*ptr == ';')
ptr++;
}
return result;
}
/*******************************************************************
lookup a command string in the list of commands, including
abbreviations
******************************************************************/
static int process_tok(fstring tok)
{
int i = 0, matches = 0;
int cmd=0;
int tok_len = strlen(tok);
while (commands[i].fn != NULL)
{
if (strequal(commands[i].name,tok))
{
matches = 1;
cmd = i;
break;
}
else if (strnequal(commands[i].name, tok, tok_len))
{
matches++;
cmd = i;
}
i++;
}
if (matches == 0)
return(-1);
else if (matches == 1)
return(cmd);
else
return(-2);
}
/*
* Curl_sasl_parse_url_auth_option()
*
* Parse the URL login options.
*/
CURLcode Curl_sasl_parse_url_auth_option(struct SASL *sasl,
const char *value, size_t len)
{
CURLcode result = CURLE_OK;
unsigned int mechbit;
size_t mechlen;
if(!len)
return CURLE_URL_MALFORMAT;
if(sasl->resetprefs) {
sasl->resetprefs = FALSE;
sasl->prefmech = SASL_AUTH_NONE;
}
if(strnequal(value, "*", len))
sasl->prefmech = SASL_AUTH_DEFAULT;
else {
mechbit = Curl_sasl_decode_mech(value, len, &mechlen);
if(mechbit && mechlen == len)
sasl->prefmech |= mechbit;
else
result = CURLE_URL_MALFORMAT;
}
return result;
}
char* line_starts_with (char* s, char* s1)
{
int len = strlen(s1);
if (!strnequal (s, s1, len)) return 0;
return s+len;
}
struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
char *host, char *path, bool secure)
{
struct Cookie *newco;
struct Cookie *co;
time_t now = time(NULL);
int hostlen=strlen(host);
int domlen;
struct Cookie *mainco=NULL;
if(!c || !c->cookies)
return NULL; /* no cookie struct or no cookies in the struct */
co = c->cookies;
while(co) {
/* only process this cookie if it is not expired or had no expire
date AND that if the cookie requires we're secure we must only
continue if we are! */
if( (co->expires<=0 || (co->expires> now)) &&
(co->secure?secure:TRUE) ) {
/* now check if the domain is correct */
domlen=co->domain?strlen(co->domain):0;
if(!co->domain ||
((domlen<=hostlen) &&
strequal(host+(hostlen-domlen), co->domain)) ) {
/* the right part of the host matches the domain stuff in the
cookie data */
/* now check the left part of the path with the cookies path
requirement */
if(!co->path ||
strnequal(path, co->path, strlen(co->path))) {
/* and now, we know this is a match and we should create an
entry for the return-linked-list */
newco = (struct Cookie *)malloc(sizeof(struct Cookie));
if(newco) {
/* first, copy the whole source cookie: */
memcpy(newco, co, sizeof(struct Cookie));
/* then modify our next */
newco->next = mainco;
/* point the main to us */
mainco = newco;
}
}
}
}
co = co->next;
}
return mainco; /* return the new list */
}
static bool reg_parse_value(TALLOC_CTX *mem_ctx,
const char **value,
enum gp_reg_action *action)
{
if (!*value) {
*action = GP_REG_ACTION_ADD_KEY;
return true;
}
if (strncmp(*value, "**", 2) != 0) {
*action = GP_REG_ACTION_ADD_VALUE;
return true;
}
if (strnequal(*value, "**DelVals.", 10)) {
*action = GP_REG_ACTION_DEL_ALL_VALUES;
return true;
}
if (strnequal(*value, "**Del.", 6)) {
*value = talloc_strdup(mem_ctx, *value + 6);
*action = GP_REG_ACTION_DEL_VALUE;
return true;
}
if (strnequal(*value, "**SecureKey", 11)) {
if (strnequal(*value, "**SecureKey=1", 13)) {
*action = GP_REG_ACTION_SEC_KEY_SET;
return true;
}
/*************** not tested from here on ***************/
if (strnequal(*value, "**SecureKey=0", 13)) {
smb_panic("not supported: **SecureKey=0");
*action = GP_REG_ACTION_SEC_KEY_RESET;
return true;
}
DEBUG(0,("unknown: SecureKey: %s\n", *value));
smb_panic("not supported SecureKey method");
return false;
}
if (strnequal(*value, "**DeleteValues", strlen("**DeleteValues"))) {
smb_panic("not supported: **DeleteValues");
*action = GP_REG_ACTION_DEL_VALUES;
return false;
}
if (strnequal(*value, "**DeleteKeys", strlen("**DeleteKeys"))) {
smb_panic("not supported: **DeleteKeys");
*action = GP_REG_ACTION_DEL_KEYS;
return false;
}
DEBUG(0,("unknown value: %s\n", *value));
smb_panic(*value);
return false;
}
/***************************************************************************
tell a browser about a fatal error in the http processing
***************************************************************************/
static void cgi_setup_error(const char *err, const char *header, const char *info)
{
if (!got_request) {
/* damn browsers don't like getting cut off before they give a request */
char line[1024];
while (fgets(line, sizeof(line)-1, stdin)) {
if (strnequal(line,"GET ", 4) ||
strnequal(line,"POST ", 5) ||
strnequal(line,"PUT ", 4)) {
break;
}
}
}
d_printf("HTTP/1.0 %s\r\n%sConnection: close\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><TITLE>%s</TITLE></HEAD><BODY><H1>%s</H1>%s<p></BODY></HTML>\r\n\r\n", err, header, err, err, info);
fclose(stdin);
fclose(stdout);
exit(0);
}
/*****************************************************************************
*
* Curl_cookie_init()
*
* Inits a cookie struct to read data from a local file. This is always
* called before any cookies are set. File may be NULL.
*
****************************************************************************/
struct CookieInfo *Curl_cookie_init(char *file, struct CookieInfo *inc)
{
char line[MAX_COOKIE_LINE];
struct CookieInfo *c;
FILE *fp;
bool fromfile=TRUE;
if(NULL == inc) {
/* we didn't get a struct, create one */
c = (struct CookieInfo *)malloc(sizeof(struct CookieInfo));
if(!c)
return NULL; /* failed to get memory */
memset(c, 0, sizeof(struct CookieInfo));
c->filename = strdup(file?file:"none"); /* copy the name just in case */
}
else {
/* we got an already existing one, use that */
c = inc;
}
c->running = FALSE; /* this is not running, this is init */
if(file && strequal(file, "-")) {
fp = stdin;
fromfile=FALSE;
}
else
fp = file?fopen(file, "r"):NULL;
if(fp) {
char *lineptr;
bool headerline;
while(fgets(line, MAX_COOKIE_LINE, fp)) {
if(strnequal("Set-Cookie:", line, 11)) {
/* This is a cookie line, get it! */
lineptr=&line[11];
headerline=TRUE;
}
else {
lineptr=line;
headerline=FALSE;
}
while(*lineptr && isspace((int)*lineptr))
lineptr++;
Curl_cookie_add(c, headerline, lineptr, NULL);
}
if(fromfile)
fclose(fp);
}
c->running = TRUE; /* now, we're running */
return c;
}
/*
* This function checks the linked list of custom HTTP headers for a particular
* header (prefix).
*/
static bool checkheaders(struct SessionHandle *data, const char *thisheader)
{
struct curl_slist *head;
size_t thislen = strlen(thisheader);
for(head = data->set.headers; head; head=head->next) {
if(strnequal(head->data, thisheader, thislen)) {
return TRUE;
}
}
return FALSE;
}
/* client_match - match host name and address against token */
bool client_match(const char *tok, const void *item)
{
const char **client = (const char **)item;
const char *tok_addr = tok;
const char *cli_addr = client[ADDR_INDEX];
/*
* tok and client[ADDR_INDEX] can be an IPv4 mapped to IPv6,
* we try and match the IPv4 part of address only.
* Bug #5311 and #7383.
*/
if (strnequal(tok_addr, "::ffff:",7)) {
tok_addr += 7;
}
if (strnequal(cli_addr,"::ffff:",7)) {
cli_addr += 7;
}
/*
* Try to match the address first. If that fails, try to match the host
* name if available.
*/
if (string_match(tok_addr, cli_addr)) {
return true;
}
if (client[NAME_INDEX][0] != 0) {
if (string_match(tok, client[NAME_INDEX])) {
return true;
}
}
return false;
}
void initiate_myworkgroup_startup(struct subnet_record *subrec, struct work_record *work)
{
int i;
if(!strnequal(lp_workgroup(), work->work_group,sizeof(nstring)-1))
return;
/* If this is a broadcast subnet then start elections on it if we are so configured. */
if ((subrec != unicast_subnet) && (subrec != remote_broadcast_subnet) &&
(subrec != wins_server_subnet) && lp_preferred_master() && lp_local_master()) {
DEBUG(3, ("initiate_myworkgroup_startup: preferred master startup for \
workgroup %s on subnet %s\n", work->work_group, subrec->subnet_name));
work->needelection = True;
work->ElectionCriterion |= (1<<3);
}
struct work_record *find_workgroup_on_subnet(struct subnet_record *subrec,
const char *name)
{
struct work_record *ret;
DEBUG(4, ("find_workgroup_on_subnet: workgroup search for %s on subnet %s: ",
name, subrec->subnet_name));
for (ret = subrec->workgrouplist; ret; ret = ret->next) {
if (strnequal(ret->work_group,name,sizeof(nstring)-1)) {
DEBUGADD(4, ("found.\n"));
return(ret);
}
}
DEBUGADD(4, ("not found.\n"));
return NULL;
}
static int net_ads_gpo_get_gpo(struct net_context *c, int argc, const char **argv)
{
ADS_STRUCT *ads;
ADS_STATUS status;
TALLOC_CTX *mem_ctx;
struct GROUP_POLICY_OBJECT gpo;
if (argc < 1 || c->display_usage) {
d_printf("Usage:\n"
"net ads gpo getgpo <gpo>\n"
" List speciefied GPO\n"
" gpo\t\tGPO to list\n");
return -1;
}
mem_ctx = talloc_init("ads_gpo_get_gpo");
if (mem_ctx == NULL) {
return -1;
}
status = ads_startup(c, false, &ads);
if (!ADS_ERR_OK(status)) {
goto out;
}
if (strnequal(argv[0], "CN={", strlen("CN={"))) {
status = ads_get_gpo(ads, mem_ctx, argv[0], NULL, NULL, &gpo);
} else {
status = ads_get_gpo(ads, mem_ctx, NULL, argv[0], NULL, &gpo);
}
if (!ADS_ERR_OK(status)) {
d_printf("get gpo for [%s] failed: %s\n", argv[0],
ads_errstr(status));
goto out;
}
dump_gpo(ads, mem_ctx, &gpo, 1);
out:
talloc_destroy(mem_ctx);
ads_destroy(&ads);
return 0;
}
bool file_find_subpath(files_struct *dir_fsp)
{
files_struct *fsp;
size_t dlen;
char *d_fullname = NULL;
d_fullname = talloc_asprintf(talloc_tos(), "%s/%s",
dir_fsp->conn->connectpath,
dir_fsp->fsp_name->base_name);
if (!d_fullname) {
return false;
}
dlen = strlen(d_fullname);
for (fsp=dir_fsp->conn->sconn->files; fsp; fsp=fsp->next) {
char *d1_fullname;
if (fsp == dir_fsp) {
continue;
}
d1_fullname = talloc_asprintf(talloc_tos(),
"%s/%s",
fsp->conn->connectpath,
fsp->fsp_name->base_name);
/*
* If the open file has a path that is a longer
* component, then it's a subpath.
*/
if (strnequal(d_fullname, d1_fullname, dlen) &&
(d1_fullname[dlen] == '/')) {
TALLOC_FREE(d1_fullname);
TALLOC_FREE(d_fullname);
return true;
}
TALLOC_FREE(d1_fullname);
}
TALLOC_FREE(d_fullname);
return false;
}
/*
look for a DOS reserved name
*/
static BOOL is_reserved_name(const char *name)
{
if (FLAG_CHECK(name[0], FLAG_POSSIBLE1) &&
FLAG_CHECK(name[1], FLAG_POSSIBLE2) &&
FLAG_CHECK(name[2], FLAG_POSSIBLE3) &&
FLAG_CHECK(name[3], FLAG_POSSIBLE4)) {
/* a likely match, scan the lot */
int i;
for (i=0; reserved_names[i]; i++) {
int len = strlen(reserved_names[i]);
/* note that we match on COM1 as well as COM1.foo */
if (strnequal(name, reserved_names[i], len) &&
(name[len] == '.' || name[len] == 0)) {
return True;
}
}
}
return False;
}
/*************************************************************
Routine to get hex characters and turn them into a 16 byte array.
the array can be variable length, and any non-hex-numeric
characters are skipped. "0xnn" or "0Xnn" is specially catered
for.
valid examples: "0A5D15"; "0x15, 0x49, 0xa2"; "59\ta9\te3\n"
**************************************************************/
size_t
strhex_to_str (char *p, size_t len, const char *strhex)
{
size_t i;
size_t num_chars = 0;
unsigned char lonybble, hinybble;
char *hexchars = "0123456789ABCDEF";
char *p1 = NULL, *p2 = NULL;
for (i = 0; i < len && strhex[i] != 0; i++)
{
if (strnequal (hexchars, "0x", 2))
{
i++; /* skip two chars */
continue;
}
if (!(p1 = strchr (hexchars, toupper (strhex[i]))))
{
break;
}
i++; /* next hex digit */
if (!(p2 = strchr (hexchars, toupper (strhex[i]))))
{
break;
}
/* get the two nybbles */
hinybble = PTR_DIFF (p1, hexchars);
lonybble = PTR_DIFF (p2, hexchars);
p[num_chars] = (hinybble << 4) | lonybble;
num_chars++;
p1 = NULL;
p2 = NULL;
}
return num_chars;
}
static CURLcode set_ciphers(struct Curl_easy *data,
gsk_handle h, unsigned int *protoflags)
{
const char *cipherlist = data->set.str[STRING_SSL_CIPHER_LIST];
const char *clp;
const gskit_cipher *ctp;
int i;
int l;
bool unsupported;
CURLcode result;
struct {
char *buf;
char *ptr;
} ciphers[CURL_GSKPROTO_LAST];
/* Compile cipher list into GSKit-compatible cipher lists. */
if(!cipherlist)
return CURLE_OK;
while(is_separator(*cipherlist)) /* Skip initial separators. */
cipherlist++;
if(!*cipherlist)
return CURLE_OK;
/* We allocate GSKit buffers of the same size as the input string: since
GSKit tokens are always shorter than their cipher names, allocated buffers
will always be large enough to accomodate the result. */
l = strlen(cipherlist) + 1;
memset((char *) ciphers, 0, sizeof ciphers);
for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
ciphers[i].buf = malloc(l);
if(!ciphers[i].buf) {
while(i--)
free(ciphers[i].buf);
return CURLE_OUT_OF_MEMORY;
}
ciphers[i].ptr = ciphers[i].buf;
*ciphers[i].ptr = '\0';
}
/* Process each cipher in input string. */
unsupported = FALSE;
result = CURLE_OK;
for(;;) {
for(clp = cipherlist; *cipherlist && !is_separator(*cipherlist);)
cipherlist++;
l = cipherlist - clp;
if(!l)
break;
/* Search the cipher in our table. */
for(ctp = ciphertable; ctp->name; ctp++)
if(strnequal(ctp->name, clp, l) && !ctp->name[l])
break;
if(!ctp->name) {
failf(data, "Unknown cipher %.*s", l, clp);
result = CURLE_SSL_CIPHER;
}
else {
unsupported |= !(ctp->versions & (CURL_GSKPROTO_SSLV2_MASK |
CURL_GSKPROTO_SSLV3_MASK | CURL_GSKPROTO_TLSV10_MASK));
for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
if(ctp->versions & (1 << i)) {
strcpy(ciphers[i].ptr, ctp->gsktoken);
ciphers[i].ptr += strlen(ctp->gsktoken);
}
}
}
/* Advance to next cipher name or end of string. */
while(is_separator(*cipherlist))
cipherlist++;
}
/* Disable protocols with empty cipher lists. */
for(i = 0; i < CURL_GSKPROTO_LAST; i++) {
if(!(*protoflags & (1 << i)) || !ciphers[i].buf[0]) {
*protoflags &= ~(1 << i);
ciphers[i].buf[0] = '\0';
}
}
/* Try to set-up TLSv1.1 and TLSv2.1 ciphers. */
if(*protoflags & CURL_GSKPROTO_TLSV11_MASK) {
result = set_buffer(data, h, GSK_TLSV11_CIPHER_SPECS,
ciphers[CURL_GSKPROTO_TLSV11].buf, TRUE);
if(result == CURLE_UNSUPPORTED_PROTOCOL) {
result = CURLE_OK;
if(unsupported) {
failf(data, "TLSv1.1-only ciphers are not yet supported");
result = CURLE_SSL_CIPHER;
}
}
}
if(!result && (*protoflags & CURL_GSKPROTO_TLSV12_MASK)) {
result = set_buffer(data, h, GSK_TLSV12_CIPHER_SPECS,
ciphers[CURL_GSKPROTO_TLSV12].buf, TRUE);
if(result == CURLE_UNSUPPORTED_PROTOCOL) {
result = CURLE_OK;
if(unsupported) {
failf(data, "TLSv1.2-only ciphers are not yet supported");
result = CURLE_SSL_CIPHER;
}
}
}
/* Try to set-up TLSv1.0 ciphers. If not successful, concatenate them to
the SSLv3 ciphers. OS/400 prior to version 7.1 will understand it. */
if(!result && (*protoflags & CURL_GSKPROTO_TLSV10_MASK)) {
result = set_buffer(data, h, GSK_TLSV10_CIPHER_SPECS,
ciphers[CURL_GSKPROTO_TLSV10].buf, TRUE);
if(result == CURLE_UNSUPPORTED_PROTOCOL) {
result = CURLE_OK;
strcpy(ciphers[CURL_GSKPROTO_SSLV3].ptr,
ciphers[CURL_GSKPROTO_TLSV10].ptr);
}
}
/* Set-up other ciphers. */
if(!result && (*protoflags & CURL_GSKPROTO_SSLV3_MASK))
result = set_buffer(data, h, GSK_V3_CIPHER_SPECS,
ciphers[CURL_GSKPROTO_SSLV3].buf, FALSE);
if(!result && (*protoflags & CURL_GSKPROTO_SSLV2_MASK))
result = set_buffer(data, h, GSK_V2_CIPHER_SPECS,
ciphers[CURL_GSKPROTO_SSLV2].buf, FALSE);
/* Clean-up. */
for(i = 0; i < CURL_GSKPROTO_LAST; i++)
free(ciphers[i].buf);
return result;
}
CURLcode Curl_dict(struct connectdata *conn)
{
char *word;
char *ppath;
char *database = NULL;
char *strategy = NULL;
char *nthdef = NULL; /* This is not part of the protocol, but required
by RFC 2229 */
CURLcode result=CURLE_OK;
struct SessionHandle *data=conn->data;
curl_socket_t sockfd = conn->sock[FIRSTSOCKET];
char *path = conn->path;
curl_off_t *bytecount = &conn->bytecount;
if(conn->bits.user_passwd) {
/* AUTH is missing */
}
if (strnequal(path, DICT_MATCH, sizeof(DICT_MATCH)-1) ||
strnequal(path, DICT_MATCH2, sizeof(DICT_MATCH2)-1) ||
strnequal(path, DICT_MATCH3, sizeof(DICT_MATCH3)-1)) {
word = strchr(path, ':');
if (word) {
word++;
database = strchr(word, ':');
if (database) {
*database++ = (char)0;
strategy = strchr(database, ':');
if (strategy) {
*strategy++ = (char)0;
nthdef = strchr(strategy, ':');
if (nthdef) {
*nthdef++ = (char)0;
}
}
}
}
if ((word == NULL) || (*word == (char)0)) {
failf(data, "lookup word is missing");
}
if ((database == NULL) || (*database == (char)0)) {
database = (char *)"!";
}
if ((strategy == NULL) || (*strategy == (char)0)) {
strategy = (char *)".";
}
result = Curl_sendf(sockfd, conn,
"CLIENT " LIBCURL_NAME " " LIBCURL_VERSION "\n"
"MATCH "
"%s " /* database */
"%s " /* strategy */
"%s\n" /* word */
"QUIT\n",
database,
strategy,
word
);
if(result)
failf(data, "Failed sending DICT request");
else
result = Curl_Transfer(conn, FIRSTSOCKET, -1, FALSE, bytecount,
-1, NULL); /* no upload */
if(result)
return result;
}
else if (strnequal(path, DICT_DEFINE, sizeof(DICT_DEFINE)-1) ||
strnequal(path, DICT_DEFINE2, sizeof(DICT_DEFINE2)-1) ||
strnequal(path, DICT_DEFINE3, sizeof(DICT_DEFINE3)-1)) {
word = strchr(path, ':');
if (word) {
word++;
database = strchr(word, ':');
if (database) {
*database++ = (char)0;
nthdef = strchr(database, ':');
if (nthdef) {
*nthdef++ = (char)0;
}
}
}
if ((word == NULL) || (*word == (char)0)) {
failf(data, "lookup word is missing");
}
if ((database == NULL) || (*database == (char)0)) {
database = (char *)"!";
}
result = Curl_sendf(sockfd, conn,
"CLIENT " LIBCURL_NAME " " LIBCURL_VERSION "\n"
"DEFINE "
"%s " /* database */
"%s\n" /* word */
"QUIT\n",
database,
word);
if(result)
failf(data, "Failed sending DICT request");
else
result = Curl_Transfer(conn, FIRSTSOCKET, -1, FALSE, bytecount,
-1, NULL); /* no upload */
if(result)
return result;
}
else {
ppath = strchr(path, '/');
if (ppath) {
int i;
ppath++;
for (i = 0; ppath[i]; i++) {
if (ppath[i] == ':')
ppath[i] = ' ';
}
result = Curl_sendf(sockfd, conn,
"CLIENT " LIBCURL_NAME " " LIBCURL_VERSION "\n"
"%s\n"
"QUIT\n", ppath);
if(result)
failf(data, "Failed sending DICT request");
else
result = Curl_Transfer(conn, FIRSTSOCKET, -1, FALSE, bytecount,
-1, NULL);
if(result)
return result;
}
}
return CURLE_OK;
}
int
SND_Load (sfx_t *sfx)
{
char *realname;
char buf[4];
QFile *file;
sfx->touch = sfx->retain = snd_fail;
sfx->release = snd_noop;
sfx->close = snd_noop;
sfx->open = snd_open_fail;
file = QFS_FOpenFile (sfx->name);
if (!file) {
Sys_Printf ("Couldn't load %s\n", sfx->name);
return -1;
}
sfx->open = snd_open;
if (!strequal (qfs_foundfile.realname, sfx->name)) {
realname = strdup (qfs_foundfile.realname);
} else {
realname = (char *) sfx->name; // won't free if realname == sfx->name
}
Qread (file, buf, 4);
Qseek (file, 0, SEEK_SET);
#ifdef HAVE_VORBIS
if (strnequal ("OggS", buf, 4)) {
Sys_MaskPrintf (SYS_DEV, "SND_Load: ogg file\n");
if (SND_LoadOgg (file, sfx, realname) == -1)
goto bail;
return 0;
}
#endif
#ifdef HAVE_FLAC
if (strnequal ("fLaC", buf, 4)) {
Sys_MaskPrintf (SYS_DEV, "SND_Load: flac file\n");
if (SND_LoadFLAC (file, sfx, realname) == -1)
goto bail;
return 0;
}
#endif
#ifdef HAVE_WILDMIDI
if (strnequal ("MThd", buf, 4)) {
Sys_MaskPrintf (SYS_DEV, "SND_Load: midi file\n");
if (SND_LoadMidi (file, sfx, realname) == -1)
goto bail;
return 0;
}
#endif
if (strnequal ("RIFF", buf, 4)) {
Sys_MaskPrintf (SYS_DEV, "SND_Load: wav file\n");
if (SND_LoadWav (file, sfx, realname) == -1)
goto bail;
return 0;
}
bail:
Qclose (file);
if (realname != sfx->name)
free (realname);
return -1;
}
/***************************************************************************
handle a http authentication line
***************************************************************************/
static bool cgi_handle_authorization(char *line)
{
char *p;
fstring user, user_pass;
struct passwd *pass = NULL;
if (!strnequal(line,"Basic ", 6)) {
goto err;
}
line += 6;
while (line[0] == ' ') line++;
base64_decode_inplace(line);
if (!(p=strchr_m(line,':'))) {
/*
* Always give the same error so a cracker
* cannot tell why we fail.
*/
goto err;
}
*p = 0;
convert_string(CH_UTF8, CH_UNIX,
line, -1,
user, sizeof(user), True);
convert_string(CH_UTF8, CH_UNIX,
p+1, -1,
user_pass, sizeof(user_pass), True);
/*
* Try and get the user from the UNIX password file.
*/
pass = getpwnam_alloc(talloc_autofree_context(), user);
/*
* Validate the password they have given.
*/
if NT_STATUS_IS_OK(pass_check(pass, user, user_pass,
strlen(user_pass), NULL, False)) {
if (pass) {
/*
* Password was ok.
*/
if ( initgroups(pass->pw_name, pass->pw_gid) != 0 )
goto err;
become_user_permanently(pass->pw_uid, pass->pw_gid);
/* Save the users name */
C_user = SMB_STRDUP(user);
TALLOC_FREE(pass);
return True;
}
}
err:
cgi_setup_error("401 Bad Authorization",
"WWW-Authenticate: Basic realm=\"SWAT\"\r\n",
"username or password incorrect");
TALLOC_FREE(pass);
return False;
}
static int parse_quota_set(pstring set_str, pstring username_str, enum SMB_QUOTA_TYPE *qtype, int *cmd, SMB_NTQUOTA_STRUCT *pqt)
{
char *p = set_str,*p2;
int todo;
BOOL stop = False;
BOOL enable = False;
BOOL deny = False;
if (strnequal(set_str,"UQLIM:",6)) {
p += 6;
*qtype = SMB_USER_QUOTA_TYPE;
*cmd = QUOTA_SETLIM;
todo = PARSE_LIM;
if ((p2=strstr(p,":"))==NULL) {
return -1;
}
*p2 = '\0';
p2++;
fstrcpy(username_str,p);
p = p2;
} else if (strnequal(set_str,"FSQLIM:",7)) {
p +=7;
*qtype = SMB_USER_FS_QUOTA_TYPE;
*cmd = QUOTA_SETLIM;
todo = PARSE_LIM;
} else if (strnequal(set_str,"FSQFLAGS:",9)) {
p +=9;
todo = PARSE_FLAGS;
*qtype = SMB_USER_FS_QUOTA_TYPE;
*cmd = QUOTA_SETFLAGS;
} else {
return -1;
}
switch (todo) {
case PARSE_LIM:
#if defined(HAVE_LONGLONG)
if (sscanf(p,"%llu/%llu",&pqt->softlim,&pqt->hardlim)!=2) {
#else
if (sscanf(p,"%lu/%lu",&pqt->softlim,&pqt->hardlim)!=2) {
#endif
return -1;
}
break;
case PARSE_FLAGS:
while (!stop) {
if ((p2=strstr(p,"/"))==NULL) {
stop = True;
} else {
*p2 = '\0';
p2++;
}
if (strnequal(p,"QUOTA_ENABLED",13)) {
enable = True;
} else if (strnequal(p,"DENY_DISK",9)) {
deny = True;
} else if (strnequal(p,"LOG_SOFTLIMIT",13)) {
pqt->qflags |= QUOTAS_LOG_THRESHOLD;
} else if (strnequal(p,"LOG_HARDLIMIT",13)) {
pqt->qflags |= QUOTAS_LOG_LIMIT;
} else {
return -1;
}
p=p2;
}
if (deny) {
pqt->qflags |= QUOTAS_DENY_DISK;
} else if (enable) {
pqt->qflags |= QUOTAS_ENABLED;
}
break;
}
return 0;
}
static int do_quota(struct cli_state *cli, enum SMB_QUOTA_TYPE qtype, uint16 cmd, pstring username_str, SMB_NTQUOTA_STRUCT *pqt)
{
uint32 fs_attrs = 0;
int quota_fnum = 0;
SMB_NTQUOTA_LIST *qtl = NULL;
SMB_NTQUOTA_STRUCT qt;
ZERO_STRUCT(qt);
if (!cli_get_fs_attr_info(cli, &fs_attrs)) {
d_printf("Failed to get the filesystem attributes %s.\n",
cli_errstr(cli));
return -1;
}
if (!(fs_attrs & FILE_VOLUME_QUOTAS)) {
d_printf("Quotas are not supported by the server.\n");
return 0;
}
if (!cli_get_quota_handle(cli, "a_fnum)) {
d_printf("Failed to open \\%s %s.\n",
FAKE_FILE_NAME_QUOTA,cli_errstr(cli));
return -1;
}
switch(qtype) {
case SMB_USER_QUOTA_TYPE:
if (!StringToSid(&qt.sid, username_str)) {
d_printf("StringToSid() failed for [%s]\n",username_str);
return -1;
}
switch(cmd) {
case QUOTA_GET:
if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_user_quota %s\n",
cli_errstr(cli),username_str);
return -1;
}
dump_ntquota(&qt,verbose,numeric,SidToString);
break;
case QUOTA_SETLIM:
pqt->sid = qt.sid;
if (!cli_set_user_quota(cli, quota_fnum, pqt)) {
d_printf("%s cli_set_user_quota %s\n",
cli_errstr(cli),username_str);
return -1;
}
if (!cli_get_user_quota(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_user_quota %s\n",
cli_errstr(cli),username_str);
return -1;
}
dump_ntquota(&qt,verbose,numeric,SidToString);
break;
case QUOTA_LIST:
if (!cli_list_user_quota(cli, quota_fnum, &qtl)) {
d_printf("%s cli_set_user_quota %s\n",
cli_errstr(cli),username_str);
return -1;
}
dump_ntquota_list(&qtl,verbose,numeric,SidToString);
free_ntquota_list(&qtl);
break;
default:
d_printf("Unknown Error\n");
return -1;
}
break;
case SMB_USER_FS_QUOTA_TYPE:
switch(cmd) {
case QUOTA_GET:
if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
dump_ntquota(&qt,True,numeric,NULL);
break;
case QUOTA_SETLIM:
if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
qt.softlim = pqt->softlim;
qt.hardlim = pqt->hardlim;
if (!cli_set_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_set_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
dump_ntquota(&qt,True,numeric,NULL);
break;
case QUOTA_SETFLAGS:
if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
qt.qflags = pqt->qflags;
if (!cli_set_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_set_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
if (!cli_get_fs_quota_info(cli, quota_fnum, &qt)) {
d_printf("%s cli_get_fs_quota_info\n",
cli_errstr(cli));
return -1;
}
dump_ntquota(&qt,True,numeric,NULL);
break;
default:
d_printf("Unknown Error\n");
return -1;
}
break;
default:
d_printf("Unknown Error\n");
return -1;
}
cli_close(cli, quota_fnum);
return 0;
}
static int net_dom_unjoin(struct net_context *c, int argc, const char **argv)
{
const char *server_name = NULL;
const char *account = NULL;
const char *password = NULL;
uint32_t unjoin_flags = NETSETUP_ACCT_DELETE |
NETSETUP_JOIN_DOMAIN |
NETSETUP_IGNORE_UNSUPPORTED_FLAGS;
struct cli_state *cli = NULL;
bool do_reboot = false;
NTSTATUS ntstatus;
NET_API_STATUS status;
int ret = -1;
int i;
if (argc < 1 || c->display_usage) {
return net_dom_usage(c, argc, argv);
}
if (c->opt_host) {
server_name = c->opt_host;
}
for (i=0; i<argc; i++) {
if (strnequal(argv[i], "account", strlen("account"))) {
account = get_string_param(argv[i]);
if (!account) {
return -1;
}
}
if (strnequal(argv[i], "password", strlen("password"))) {
password = get_string_param(argv[i]);
if (!password) {
return -1;
}
}
if (strequal(argv[i], "reboot")) {
do_reboot = true;
}
}
if (do_reboot) {
ntstatus = net_make_ipc_connection_ex(c, c->opt_workgroup,
server_name, NULL, 0,
&cli);
if (!NT_STATUS_IS_OK(ntstatus)) {
return -1;
}
}
status = NetUnjoinDomain(server_name, account, password, unjoin_flags);
if (status != 0) {
printf("Failed to unjoin domain: %s\n",
libnetapi_get_error_string(c->netapi_ctx, status));
goto done;
}
if (do_reboot) {
c->opt_comment = "Shutting down due to a domain membership "
"change";
c->opt_reboot = true;
c->opt_timeout = 30;
ret = run_rpc_command(c, cli,
&ndr_table_initshutdown.syntax_id,
0, rpc_init_shutdown_internals,
argc, argv);
if (ret == 0) {
goto done;
}
ret = run_rpc_command(c, cli, &ndr_table_winreg.syntax_id, 0,
rpc_reg_shutdown_internals,
argc, argv);
goto done;
}
ret = 0;
done:
if (cli) {
cli_shutdown(cli);
}
return ret;
}
static struct work_record *create_workgroup(const char *name, int ttl)
{
struct work_record *work;
struct subnet_record *subrec;
int t = -1;
if((work = (struct work_record *)malloc(sizeof(*work))) == NULL) {
DEBUG(0,("create_workgroup: malloc fail !\n"));
return NULL;
}
memset((char *)work, '\0', sizeof(*work));
if (strlen(name)+1 > sizeof(nstring)) {
memcpy(work->work_group,name,sizeof(nstring)-1);
work->work_group[sizeof(nstring)-1] = '\0';
DEBUG(0,("create_workgroup: workgroup name %s is too long. Truncating to %s\n",
name, work->work_group ));
} else {
nstrcpy(work->work_group,name);
}
work->serverlist = NULL;
work->RunningElection = False;
work->ElectionCount = 0;
work->announce_interval = 0;
work->needelection = False;
work->needannounce = True;
work->lastannounce_time = time(NULL);
work->mst_state = lp_local_master() ? MST_POTENTIAL : MST_NONE;
work->dom_state = DOMAIN_NONE;
work->log_state = LOGON_NONE;
work->death_time = (ttl != PERMANENT_TTL) ? time(NULL)+(ttl*3) : PERMANENT_TTL;
/* Make sure all token representations of workgroups are unique. */
for (subrec = FIRST_SUBNET; subrec && (t == -1); subrec = NEXT_SUBNET_INCLUDING_UNICAST(subrec)) {
struct work_record *w;
for (w = subrec->workgrouplist; w && t == -1; w = w->next) {
if (strnequal(w->work_group, work->work_group, sizeof(nstring)-1))
t = w->token;
}
}
if (t == -1)
work->token = ++workgroup_count;
else
work->token = t;
/* No known local master browser as yet. */
*work->local_master_browser_name = '\0';
/* No known domain master browser as yet. */
*work->dmb_name.name = '\0';
zero_ip(&work->dmb_addr);
/* WfWg uses 01040b01 */
/* Win95 uses 01041501 */
/* NTAS uses ???????? */
work->ElectionCriterion = (MAINTAIN_LIST)|(BROWSER_ELECTION_VERSION<<8);
work->ElectionCriterion |= (lp_os_level() << 24);
if (lp_domain_master())
work->ElectionCriterion |= 0x80;
return work;
}
/**
* @brief Setup the CGI framework.
*
* Setup the cgi framework, handling the possibility that this program
* is either run as a true CGI program with a gateway to a web server, or
* is itself a mini web server.
**/
void cgi_setup(const char *rootdir, int auth_required)
{
bool authenticated = False;
char line[1024];
char *url=NULL;
char *p;
char *lang;
if (chdir(rootdir)) {
cgi_setup_error("500 Server Error", "",
"chdir failed - the server is not configured correctly");
}
/* Handle the possibility we might be running as non-root */
sec_init();
if ((lang=getenv("HTTP_ACCEPT_LANGUAGE"))) {
/* if running as a cgi program */
web_set_lang(lang);
}
/* maybe we are running under a web server */
if (getenv("CONTENT_LENGTH") || getenv("REQUEST_METHOD")) {
if (auth_required) {
cgi_web_auth();
}
return;
}
inetd_server = True;
if (!check_access(1, lp_hostsallow(-1), lp_hostsdeny(-1))) {
cgi_setup_error("403 Forbidden", "",
"Samba is configured to deny access from this client\n<br>Check your \"hosts allow\" and \"hosts deny\" options in smb.conf ");
}
/* we are a mini-web server. We need to read the request from stdin
and handle authentication etc */
while (fgets(line, sizeof(line)-1, stdin)) {
if (line[0] == '\r' || line[0] == '\n') break;
if (strnequal(line,"GET ", 4)) {
got_request = True;
url = SMB_STRDUP(&line[4]);
} else if (strnequal(line,"POST ", 5)) {
got_request = True;
request_post = 1;
url = SMB_STRDUP(&line[5]);
} else if (strnequal(line,"PUT ", 4)) {
got_request = True;
cgi_setup_error("400 Bad Request", "",
"This server does not accept PUT requests");
} else if (strnequal(line,"Authorization: ", 15)) {
authenticated = cgi_handle_authorization(&line[15]);
} else if (strnequal(line,"Content-Length: ", 16)) {
content_length = atoi(&line[16]);
} else if (strnequal(line,"Accept-Language: ", 17)) {
web_set_lang(&line[17]);
}
/* ignore all other requests! */
}
if (auth_required && !authenticated) {
cgi_auth_error();
}
if (!url) {
cgi_setup_error("400 Bad Request", "",
"You must specify a GET or POST request");
}
/* trim the URL */
if ((p = strchr_m(url,' ')) || (p=strchr_m(url,'\t'))) {
*p = 0;
}
while (*url && strchr_m("\r\n",url[strlen(url)-1])) {
url[strlen(url)-1] = 0;
}
/* anything following a ? in the URL is part of the query string */
if ((p=strchr_m(url,'?'))) {
query_string = p+1;
*p = 0;
}
string_sub(url, "/swat/", "", 0);
if (url[0] != '/' && strstr(url,"..")==0) {
cgi_download(url);
}
printf("HTTP/1.0 200 OK\r\nConnection: close\r\n");
printf("Date: %s\r\n", http_timestring(time(NULL)));
baseurl = "";
pathinfo = url+1;
}
void MCEPS::setextents()
{
tx = 0;
ty = 0;
ex = 612;
ey = 792;
uint4 offset;
uint1 *bptr = (uint1 *)postscript;
if (*bptr == 0xC5)
{
MCswapbytes = !MCswapbytes;
uint4 *uint4ptr = (uint4 *)postscript;
uint4 offset = swap_uint4(&uint4ptr[1]);
size = swap_uint4(&uint4ptr[2]);
MCswapbytes = !MCswapbytes;
char *newps = new char[size];
memcpy(newps, &postscript[offset], size);
delete postscript;
postscript = newps;
}
if (MCU_offset("\n%%BeginPreview:", postscript, offset))
{
uint4 eoffset;
if (MCU_offset("\n%%EndPreview", postscript, eoffset))
{
eoffset += 13;
memmove(&postscript[offset], &postscript[eoffset], size - eoffset);
size -= eoffset - offset;
}
}
if (MCU_offset("\n%%BoundingBox:", postscript, offset))
{
if (strnequal(&postscript[offset + 16], "(atend)", 7))
{
uint4 newoffset;
MCU_offset("\n%%BoundingBox:", &postscript[offset + 24], newoffset);
offset += newoffset + 24;
}
real8 llx, lly, urx, ury;
const char *sptr = &postscript[offset + 14];
// MW-2005-04-26: Remove 'const' to get it compiling using GCC 4.0 on MacOS X
char *newptr;
llx = strtod(sptr, &newptr);
if (newptr != sptr)
{
sptr = newptr;
lly = strtod(sptr, &newptr);
if (newptr != sptr)
{
sptr = newptr;
urx = strtod(sptr, &newptr);
if (newptr != sptr)
{
sptr = newptr;
ury = strtod(sptr, &newptr);
if (newptr != sptr)
{
tx = (int2)llx;
ty = (int2)lly;
ex = (uint2)(urx - llx);
ey = (uint2)(ury - lly);
}
}
}
}
}
offset = 0;
uint4 newoffset = 0;
pagecount = 0;
while (MCU_offset("\n%%Page:", &postscript[offset], newoffset))
{
MCU_realloc((char **)&pageIndex, pagecount, pagecount + 1, sizeof(uint4));
offset += newoffset + 1;
pageIndex[pagecount] = offset;
pagecount++;
}
}