static bool run_matching(struct torture_context *torture,
const char *prefix,
const char *expr,
struct torture_suite *suite,
bool *matched)
{
bool ret = true;
if (suite == NULL) {
struct torture_suite *o;
for (o = (torture_root == NULL?NULL:torture_root->children); o; o = o->next) {
if (gen_fnmatch(expr, o->name) == 0) {
*matched = true;
reload_charcnv(torture->lp_ctx);
ret &= torture_run_suite(torture, o);
continue;
}
ret &= run_matching(torture, o->name, expr, o, matched);
}
} else {
char *name;
struct torture_suite *c;
struct torture_tcase *t;
for (c = suite->children; c; c = c->next) {
asprintf(&name, "%s-%s", prefix, c->name);
if (gen_fnmatch(expr, name) == 0) {
*matched = true;
reload_charcnv(torture->lp_ctx);
torture->active_testname = talloc_strdup(torture, prefix);
ret &= torture_run_suite(torture, c);
free(name);
continue;
}
ret &= run_matching(torture, name, expr, c, matched);
free(name);
}
for (t = suite->testcases; t; t = t->next) {
asprintf(&name, "%s-%s", prefix, t->name);
if (gen_fnmatch(expr, name) == 0) {
*matched = true;
reload_charcnv(torture->lp_ctx);
torture->active_testname = talloc_strdup(torture, prefix);
ret &= torture_run_tcase(torture, t);
talloc_free(torture->active_testname);
}
free(name);
}
}
return ret;
}
/****************************************************************************
interpret a single element from a interfaces= config line
This handles the following different forms:
1) wildcard interface name
2) DNS name
3) IP/masklen
4) ip/mask
5) bcast/mask
****************************************************************************/
static void interpret_interface(char *token)
{
struct in_addr ip, nmask;
char *p;
int i, added=0;
zero_ip(&ip);
zero_ip(&nmask);
/* first check if it is an interface name */
for (i=0; i<total_probed; i++) {
if (gen_fnmatch(token, probed_ifaces[i].name) == 0) {
add_interface(probed_ifaces[i].ip,
probed_ifaces[i].netmask);
added = 1;
}
}
if (added) return;
/* maybe it is a DNS name */
p = strchr_m(token,'/');
if (!p) {
ip = *interpret_addr2(token);
for (i=0; i<total_probed; i++) {
if (ip.s_addr == probed_ifaces[i].ip.s_addr &&
!ip_equal(allones_ip, probed_ifaces[i].netmask)) {
add_interface(probed_ifaces[i].ip,
probed_ifaces[i].netmask);
return;
}
}
DEBUG(2,("can't determine netmask for %s\n", token));
return;
}
/* parse it into an IP address/netmasklength pair */
*p = 0;
ip = *interpret_addr2(token);
*p++ = '/';
if (strlen(p) > 2) {
nmask = *interpret_addr2(p);
} else {
nmask.s_addr = htonl(((ALLONES >> atoi(p)) ^ ALLONES));
}
/* maybe the first component was a broadcast address */
if (ip.s_addr == MKBCADDR(ip.s_addr, nmask.s_addr) ||
ip.s_addr == MKNETADDR(ip.s_addr, nmask.s_addr)) {
for (i=0; i<total_probed; i++) {
if (same_net(ip, probed_ifaces[i].ip, nmask)) {
add_interface(probed_ifaces[i].ip, nmask);
return;
}
}
DEBUG(2,("Can't determine ip for broadcast address %s\n", token));
return;
}
add_interface(ip, nmask);
}
/**
interpret a single element from a interfaces= config line
This handles the following different forms:
1) wildcard interface name
2) DNS name
3) IP/masklen
4) ip/mask
5) bcast/mask
**/
static void interpret_interface(TALLOC_CTX *mem_ctx,
const char *token,
struct iface_struct *probed_ifaces,
int total_probed,
struct interface **local_interfaces,
bool enable_ipv6)
{
struct sockaddr_storage ss;
struct sockaddr_storage ss_mask;
struct sockaddr_storage ss_net;
struct sockaddr_storage ss_bcast;
struct iface_struct ifs;
char *p;
int i;
bool added=false;
bool goodaddr = false;
/* first check if it is an interface name */
for (i=0; i<total_probed; i++) {
if (gen_fnmatch(token, probed_ifaces[i].name) == 0) {
add_interface(mem_ctx, &probed_ifaces[i],
local_interfaces, enable_ipv6);
added = true;
}
}
if (added) {
return;
}
/* maybe it is a DNS name */
p = strchr_m(token,'/');
if (p == NULL) {
if (!interpret_string_addr(&ss, token, 0)) {
DEBUG(2, ("interpret_interface: Can't find address "
"for %s\n", token));
return;
}
for (i=0; i<total_probed; i++) {
if (sockaddr_equal((struct sockaddr *)&ss, (struct sockaddr *)&probed_ifaces[i].ip)) {
add_interface(mem_ctx, &probed_ifaces[i],
local_interfaces, enable_ipv6);
return;
}
}
DEBUG(2,("interpret_interface: "
"can't determine interface for %s\n",
token));
return;
}
/* parse it into an IP address/netmasklength pair */
*p = 0;
goodaddr = interpret_string_addr(&ss, token, 0);
*p++ = '/';
if (!goodaddr) {
DEBUG(2,("interpret_interface: "
"can't determine interface for %s\n",
token));
return;
}
if (strlen(p) > 2) {
goodaddr = interpret_string_addr(&ss_mask, p, 0);
if (!goodaddr) {
DEBUG(2,("interpret_interface: "
"can't determine netmask from %s\n",
p));
return;
}
} else {
char *endp = NULL;
unsigned long val = strtoul(p, &endp, 0);
if (p == endp || (endp && *endp != '\0')) {
DEBUG(2,("interpret_interface: "
"can't determine netmask value from %s\n",
p));
return;
}
if (!make_netmask(&ss_mask, &ss, val)) {
DEBUG(2,("interpret_interface: "
"can't apply netmask value %lu from %s\n",
val,
p));
return;
}
}
make_bcast(&ss_bcast, &ss, &ss_mask);
make_net(&ss_net, &ss, &ss_mask);
/* Maybe the first component was a broadcast address. */
if (sockaddr_equal((struct sockaddr *)&ss_bcast, (struct sockaddr *)&ss) ||
sockaddr_equal((struct sockaddr *)&ss_net, (struct sockaddr *)&ss)) {
for (i=0; i<total_probed; i++) {
if (same_net((struct sockaddr *)&ss,
(struct sockaddr *)&probed_ifaces[i].ip,
(struct sockaddr *)&ss_mask)) {
/* Temporarily replace netmask on
* the detected interface - user knows
* best.... */
struct sockaddr_storage saved_mask =
probed_ifaces[i].netmask;
probed_ifaces[i].netmask = ss_mask;
DEBUG(2,("interpret_interface: "
"using netmask value %s from "
"config file on interface %s\n",
p,
probed_ifaces[i].name));
add_interface(mem_ctx, &probed_ifaces[i],
local_interfaces, enable_ipv6);
probed_ifaces[i].netmask = saved_mask;
return;
}
}
DEBUG(2,("interpret_interface: Can't determine ip for "
"broadcast address %s\n",
token));
return;
}
/* Just fake up the interface definition. User knows best. */
DEBUG(2,("interpret_interface: Adding interface %s\n",
token));
ZERO_STRUCT(ifs);
(void)strlcpy(ifs.name, token, sizeof(ifs.name));
ifs.flags = IFF_BROADCAST;
ifs.ip = ss;
ifs.netmask = ss_mask;
ifs.bcast = ss_bcast;
add_interface(mem_ctx, &ifs,
local_interfaces, enable_ipv6);
}
/* Add a trusted domain to our list of domains */
static struct winbindd_domain *add_trusted_domain(const char *domain_name, const char *alt_name,
struct winbindd_methods *methods,
const struct dom_sid *sid)
{
struct winbindd_domain *domain;
const char *alternative_name = NULL;
char *idmap_config_option;
const char *param;
const char **ignored_domains, **dom;
ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL);
for (dom=ignored_domains; dom && *dom; dom++) {
if (gen_fnmatch(*dom, domain_name) == 0) {
DEBUG(2,("Ignoring domain '%s'\n", domain_name));
return NULL;
}
}
/* use alt_name if available to allow DNS lookups */
if (alt_name && *alt_name) {
alternative_name = alt_name;
}
/* We can't call domain_list() as this function is called from
init_domain_list() and we'll get stuck in a loop. */
for (domain = _domain_list; domain; domain = domain->next) {
if (strequal(domain_name, domain->name) ||
strequal(domain_name, domain->alt_name))
{
break;
}
if (alternative_name && *alternative_name)
{
if (strequal(alternative_name, domain->name) ||
strequal(alternative_name, domain->alt_name))
{
break;
}
}
if (sid)
{
if (is_null_sid(sid)) {
continue;
}
if (dom_sid_equal(sid, &domain->sid)) {
break;
}
}
}
if (domain != NULL) {
/*
* We found a match. Possibly update the SID
*/
if ((sid != NULL)
&& dom_sid_equal(&domain->sid, &global_sid_NULL)) {
sid_copy( &domain->sid, sid );
}
return domain;
}
/* Create new domain entry */
domain = talloc_zero(NULL, struct winbindd_domain);
if (domain == NULL) {
return NULL;
}
domain->children = talloc_zero_array(domain,
struct winbindd_child,
lp_winbind_max_domain_connections());
if (domain->children == NULL) {
TALLOC_FREE(domain);
return NULL;
}
domain->name = talloc_strdup(domain, domain_name);
if (domain->name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
if (alternative_name) {
domain->alt_name = talloc_strdup(domain, alternative_name);
if (domain->alt_name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
}
domain->methods = methods;
domain->backend = NULL;
domain->internal = is_internal_domain(sid);
domain->sequence_number = DOM_SEQUENCE_NONE;
domain->last_seq_check = 0;
domain->initialized = False;
domain->online = is_internal_domain(sid);
domain->check_online_timeout = 0;
domain->dc_probe_pid = (pid_t)-1;
if (sid) {
sid_copy(&domain->sid, sid);
}
/* Link to domain list */
DLIST_ADD_END(_domain_list, domain, struct winbindd_domain *);
wcache_tdc_add_domain( domain );
idmap_config_option = talloc_asprintf(talloc_tos(), "idmap config %s",
domain->name);
if (idmap_config_option == NULL) {
DEBUG(0, ("talloc failed, not looking for idmap config\n"));
goto done;
}
param = lp_parm_const_string(-1, idmap_config_option, "range", NULL);
DEBUG(10, ("%s : range = %s\n", idmap_config_option,
param ? param : "not defined"));
if (param != NULL) {
unsigned low_id, high_id;
if (sscanf(param, "%u - %u", &low_id, &high_id) != 2) {
DEBUG(1, ("invalid range syntax in %s: %s\n",
idmap_config_option, param));
goto done;
}
if (low_id > high_id) {
DEBUG(1, ("invalid range in %s: %s\n",
idmap_config_option, param));
goto done;
}
domain->have_idmap_config = true;
domain->id_range_low = low_id;
domain->id_range_high = high_id;
}
done:
DEBUG(2,("Added domain %s %s %s\n",
domain->name, domain->alt_name,
&domain->sid?sid_string_dbg(&domain->sid):""));
return domain;
}
/* Add a trusted domain out of a trusted domain cache
entry
*/
static struct winbindd_domain *
add_trusted_domain_from_tdc(const struct winbindd_tdc_domain *tdc)
{
struct winbindd_domain *domain;
const char *alternative_name = NULL;
const char **ignored_domains, **dom;
int role = lp_server_role();
const char *domain_name = tdc->domain_name;
const struct dom_sid *sid = &tdc->sid;
if (is_null_sid(sid)) {
sid = NULL;
}
ignored_domains = lp_parm_string_list(-1, "winbind", "ignore domains", NULL);
for (dom=ignored_domains; dom && *dom; dom++) {
if (gen_fnmatch(*dom, domain_name) == 0) {
DEBUG(2,("Ignoring domain '%s'\n", domain_name));
return NULL;
}
}
/* use alt_name if available to allow DNS lookups */
if (tdc->dns_name && *tdc->dns_name) {
alternative_name = tdc->dns_name;
}
/* We can't call domain_list() as this function is called from
init_domain_list() and we'll get stuck in a loop. */
for (domain = _domain_list; domain; domain = domain->next) {
if (strequal(domain_name, domain->name) ||
strequal(domain_name, domain->alt_name))
{
break;
}
if (alternative_name) {
if (strequal(alternative_name, domain->name) ||
strequal(alternative_name, domain->alt_name))
{
break;
}
}
if (sid != NULL) {
if (dom_sid_equal(sid, &domain->sid)) {
break;
}
}
}
if (domain != NULL) {
/*
* We found a match on domain->name or
* domain->alt_name. Possibly update the SID
* if the stored SID was the NULL SID
* and return the matching entry.
*/
if ((sid != NULL)
&& dom_sid_equal(&domain->sid, &global_sid_NULL)) {
sid_copy( &domain->sid, sid );
}
return domain;
}
/* Create new domain entry */
domain = talloc_zero(NULL, struct winbindd_domain);
if (domain == NULL) {
return NULL;
}
domain->children = talloc_zero_array(domain,
struct winbindd_child,
lp_winbind_max_domain_connections());
if (domain->children == NULL) {
TALLOC_FREE(domain);
return NULL;
}
domain->name = talloc_strdup(domain, domain_name);
if (domain->name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
if (alternative_name) {
domain->alt_name = talloc_strdup(domain, alternative_name);
if (domain->alt_name == NULL) {
TALLOC_FREE(domain);
return NULL;
}
}
domain->backend = NULL;
domain->internal = is_internal_domain(sid);
domain->sequence_number = DOM_SEQUENCE_NONE;
domain->last_seq_check = 0;
domain->initialized = false;
domain->online = is_internal_domain(sid);
domain->check_online_timeout = 0;
domain->dc_probe_pid = (pid_t)-1;
if (sid != NULL) {
sid_copy(&domain->sid, sid);
}
domain->domain_flags = tdc->trust_flags;
domain->domain_type = tdc->trust_type;
domain->domain_trust_attribs = tdc->trust_attribs;
/* Is this our primary domain ? */
if (strequal(domain_name, get_global_sam_name()) &&
(role != ROLE_DOMAIN_MEMBER)) {
domain->primary = true;
} else if (strequal(domain_name, lp_workgroup()) &&
(role == ROLE_DOMAIN_MEMBER)) {
domain->primary = true;
}
if (domain->primary) {
if (role == ROLE_ACTIVE_DIRECTORY_DC) {
domain->active_directory = true;
}
if (lp_security() == SEC_ADS) {
domain->active_directory = true;
}
} else if (!domain->internal) {
if (domain->domain_type == LSA_TRUST_TYPE_UPLEVEL) {
domain->active_directory = true;
}
}
/* Link to domain list */
DLIST_ADD_END(_domain_list, domain);
wcache_tdc_add_domain( domain );
setup_domain_child(domain);
DEBUG(2,
("Added domain %s %s %s\n", domain->name, domain->alt_name,
!is_null_sid(&domain->sid) ? sid_string_dbg(&domain->sid) : ""));
return domain;
}
/**
interpret a single element from a interfaces= config line
This handles the following different forms:
1) wildcard interface name
2) DNS name
3) IP/masklen
4) ip/mask
5) bcast/mask
**/
static void interpret_interface(TALLOC_CTX *mem_ctx,
const char *token,
struct iface_struct *probed_ifaces,
int total_probed,
struct interface **local_interfaces)
{
struct in_addr ip, nmask;
char *p;
char *address;
int i, added=0;
ip.s_addr = 0;
nmask.s_addr = 0;
/* first check if it is an interface name */
for (i=0;i<total_probed;i++) {
if (gen_fnmatch(token, probed_ifaces[i].name) == 0) {
add_interface(mem_ctx, probed_ifaces[i].ip,
probed_ifaces[i].netmask,
local_interfaces);
added = 1;
}
}
if (added) return;
/* maybe it is a DNS name */
p = strchr_m(token,'/');
if (!p) {
/* don't try to do dns lookups on wildcard names */
if (strpbrk(token, "*?") != NULL) {
return;
}
ip.s_addr = interpret_addr2(token).s_addr;
for (i=0;i<total_probed;i++) {
if (ip.s_addr == probed_ifaces[i].ip.s_addr) {
add_interface(mem_ctx, probed_ifaces[i].ip,
probed_ifaces[i].netmask,
local_interfaces);
return;
}
}
DEBUG(2,("can't determine netmask for %s\n", token));
return;
}
address = talloc_strdup(mem_ctx, token);
p = strchr_m(address,'/');
/* parse it into an IP address/netmasklength pair */
*p++ = 0;
ip.s_addr = interpret_addr2(address).s_addr;
if (strlen(p) > 2) {
nmask.s_addr = interpret_addr2(p).s_addr;
} else {
nmask.s_addr = htonl(((ALLONES >> atoi(p)) ^ ALLONES));
}
/* maybe the first component was a broadcast address */
if (ip.s_addr == MKBCADDR(ip.s_addr, nmask.s_addr) ||
ip.s_addr == MKNETADDR(ip.s_addr, nmask.s_addr)) {
for (i=0;i<total_probed;i++) {
if (same_net_v4(ip, probed_ifaces[i].ip, nmask)) {
add_interface(mem_ctx, probed_ifaces[i].ip, nmask,
local_interfaces);
talloc_free(address);
return;
}
}
DEBUG(2,("Can't determine ip for broadcast address %s\n", address));
talloc_free(address);
return;
}
add_interface(mem_ctx, ip, nmask, local_interfaces);
talloc_free(address);
}
