1 /*
2 Unix SMB/CIFS implementation.
3 Samba utility functions
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Jeremy Allison 2001-2007
6 Copyright (C) Simo Sorce 2001
7 Copyright (C) Jim McDonough <jmcd@us.ibm.com> 2003
8 Copyright (C) James Peach 2006
9
10 This program is free software; you can redistribute it and/or modify
11 it under the terms of the GNU General Public License as published by
12 the Free Software Foundation; either version 3 of the License, or
13 (at your option) any later version.
14
15 This program is distributed in the hope that it will be useful,
16 but WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 GNU General Public License for more details.
19
20 You should have received a copy of the GNU General Public License
21 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 */
23
24 #include "includes.h"
25 #include "system/passwd.h"
26 #include "system/filesys.h"
27 #include "lib/util/server_id.h"
28 #include "util_tdb.h"
29 #include "ctdbd_conn.h"
30 #include "../lib/util/util_pw.h"
31 #include "messages.h"
32 #include "messages_dgm.h"
33 #include "libcli/security/security.h"
34 #include "serverid.h"
35 #include "lib/util/sys_rw.h"
36 #include "lib/util/sys_rw_data.h"
37 #include "lib/util/util_process.h"
38 #include "lib/dbwrap/dbwrap_ctdb.h"
39 #include "lib/gencache.h"
40
41 #ifdef HAVE_SYS_PRCTL_H
42 #include <sys/prctl.h>
43 #endif
44
45 /* Max allowable allococation - 256mb - 0x10000000 */
46 #define MAX_ALLOC_SIZE (1024*1024*256)
47
48 #if (defined(HAVE_NETGROUP) && defined (WITH_AUTOMOUNT))
49 /* rpc/xdr.h uses TRUE and FALSE */
50 #ifdef TRUE
51 #undef TRUE
52 #endif
53
54 #ifdef FALSE
55 #undef FALSE
56 #endif
57
58 #include "system/nis.h"
59
60 #ifdef WITH_NISPLUS_HOME
61 #ifdef BROKEN_NISPLUS_INCLUDE_FILES
62 /*
63 * The following lines are needed due to buggy include files
64 * in Solaris 2.6 which define GROUP in both /usr/include/sys/acl.h and
65 * also in /usr/include/rpcsvc/nis.h. The definitions conflict. JRA.
66 * Also GROUP_OBJ is defined as 0x4 in /usr/include/sys/acl.h and as
67 * an enum in /usr/include/rpcsvc/nis.h.
68 */
69
70 #if defined(GROUP)
71 #undef GROUP
72 #endif
73
74 #if defined(GROUP_OBJ)
75 #undef GROUP_OBJ
76 #endif
77
78 #endif /* BROKEN_NISPLUS_INCLUDE_FILES */
79
80 #include <rpcsvc/nis.h>
81
82 #endif /* WITH_NISPLUS_HOME */
83 #endif /* HAVE_NETGROUP && WITH_AUTOMOUNT */
84
85 static enum protocol_types Protocol = PROTOCOL_COREPLUS;
86
get_Protocol(void)87 enum protocol_types get_Protocol(void)
88 {
89 return Protocol;
90 }
91
set_Protocol(enum protocol_types p)92 void set_Protocol(enum protocol_types p)
93 {
94 Protocol = p;
95 }
96
97 static enum remote_arch_types ra_type = RA_UNKNOWN;
98
gfree_all(void)99 void gfree_all( void )
100 {
101 gfree_names();
102 gfree_loadparm();
103 gfree_charcnv();
104 gfree_interfaces();
105 gfree_debugsyms();
106 }
107
108 /*******************************************************************
109 Check if a file exists - call vfs_file_exist for samba files.
110 ********************************************************************/
111
file_exist_stat(const char * fname,SMB_STRUCT_STAT * sbuf,bool fake_dir_create_times)112 bool file_exist_stat(const char *fname,SMB_STRUCT_STAT *sbuf,
113 bool fake_dir_create_times)
114 {
115 SMB_STRUCT_STAT st;
116 if (!sbuf)
117 sbuf = &st;
118
119 if (sys_stat(fname, sbuf, fake_dir_create_times) != 0)
120 return(False);
121
122 return((S_ISREG(sbuf->st_ex_mode)) || (S_ISFIFO(sbuf->st_ex_mode)));
123 }
124
125 /*******************************************************************
126 Check if a unix domain socket exists - call vfs_file_exist for samba files.
127 ********************************************************************/
128
socket_exist(const char * fname)129 bool socket_exist(const char *fname)
130 {
131 SMB_STRUCT_STAT st;
132 if (sys_stat(fname, &st, false) != 0)
133 return(False);
134
135 return S_ISSOCK(st.st_ex_mode);
136 }
137
138 /*******************************************************************
139 Returns the size in bytes of the named given the stat struct.
140 ********************************************************************/
141
get_file_size_stat(const SMB_STRUCT_STAT * sbuf)142 uint64_t get_file_size_stat(const SMB_STRUCT_STAT *sbuf)
143 {
144 return sbuf->st_ex_size;
145 }
146
147 /****************************************************************************
148 Check two stats have identical dev and ino fields.
149 ****************************************************************************/
150
check_same_dev_ino(const SMB_STRUCT_STAT * sbuf1,const SMB_STRUCT_STAT * sbuf2)151 bool check_same_dev_ino(const SMB_STRUCT_STAT *sbuf1,
152 const SMB_STRUCT_STAT *sbuf2)
153 {
154 if (sbuf1->st_ex_dev != sbuf2->st_ex_dev ||
155 sbuf1->st_ex_ino != sbuf2->st_ex_ino) {
156 return false;
157 }
158 return true;
159 }
160
161 /****************************************************************************
162 Check if a stat struct is identical for use.
163 ****************************************************************************/
164
check_same_stat(const SMB_STRUCT_STAT * sbuf1,const SMB_STRUCT_STAT * sbuf2)165 bool check_same_stat(const SMB_STRUCT_STAT *sbuf1,
166 const SMB_STRUCT_STAT *sbuf2)
167 {
168 if (sbuf1->st_ex_uid != sbuf2->st_ex_uid ||
169 sbuf1->st_ex_gid != sbuf2->st_ex_gid ||
170 !check_same_dev_ino(sbuf1, sbuf2)) {
171 return false;
172 }
173 return true;
174 }
175
176 /*******************************************************************
177 Show a smb message structure.
178 ********************************************************************/
179
show_msg(const char * buf)180 void show_msg(const char *buf)
181 {
182 int i;
183 int bcc=0;
184
185 if (!DEBUGLVL(5))
186 return;
187
188 DEBUG(5,("size=%d\nsmb_com=0x%x\nsmb_rcls=%d\nsmb_reh=%d\nsmb_err=%d\nsmb_flg=%d\nsmb_flg2=%d\n",
189 smb_len(buf),
190 (int)CVAL(buf,smb_com),
191 (int)CVAL(buf,smb_rcls),
192 (int)CVAL(buf,smb_reh),
193 (int)SVAL(buf,smb_err),
194 (int)CVAL(buf,smb_flg),
195 (int)SVAL(buf,smb_flg2)));
196 DEBUGADD(5,("smb_tid=%d\nsmb_pid=%d\nsmb_uid=%d\nsmb_mid=%d\n",
197 (int)SVAL(buf,smb_tid),
198 (int)SVAL(buf,smb_pid),
199 (int)SVAL(buf,smb_uid),
200 (int)SVAL(buf,smb_mid)));
201 DEBUGADD(5,("smt_wct=%d\n",(int)CVAL(buf,smb_wct)));
202
203 for (i=0;i<(int)CVAL(buf,smb_wct);i++)
204 DEBUGADD(5,("smb_vwv[%2d]=%5d (0x%X)\n",i,
205 SVAL(buf,smb_vwv+2*i),SVAL(buf,smb_vwv+2*i)));
206
207 bcc = (int)SVAL(buf,smb_vwv+2*(CVAL(buf,smb_wct)));
208
209 DEBUGADD(5,("smb_bcc=%d\n",bcc));
210
211 if (DEBUGLEVEL < 10)
212 return;
213
214 if (DEBUGLEVEL < 50)
215 bcc = MIN(bcc, 512);
216
217 dump_data(10, (const uint8_t *)smb_buf_const(buf), bcc);
218 }
219
220 /*******************************************************************
221 Setup only the byte count for a smb message.
222 ********************************************************************/
223
set_message_bcc(char * buf,int num_bytes)224 int set_message_bcc(char *buf,int num_bytes)
225 {
226 int num_words = CVAL(buf,smb_wct);
227 SSVAL(buf,smb_vwv + num_words*SIZEOFWORD,num_bytes);
228 _smb_setlen(buf,smb_size + num_words*2 + num_bytes - 4);
229 return (smb_size + num_words*2 + num_bytes);
230 }
231
232 /*******************************************************************
233 Add a data blob to the end of a smb_buf, adjusting bcc and smb_len.
234 Return the bytes added
235 ********************************************************************/
236
message_push_blob(uint8_t ** outbuf,DATA_BLOB blob)237 ssize_t message_push_blob(uint8_t **outbuf, DATA_BLOB blob)
238 {
239 size_t newlen = smb_len(*outbuf) + 4 + blob.length;
240 uint8_t *tmp;
241
242 if (!(tmp = talloc_realloc(NULL, *outbuf, uint8_t, newlen))) {
243 DEBUG(0, ("talloc failed\n"));
244 return -1;
245 }
246 *outbuf = tmp;
247
248 memcpy(tmp + smb_len(tmp) + 4, blob.data, blob.length);
249 set_message_bcc((char *)tmp, smb_buflen(tmp) + blob.length);
250 return blob.length;
251 }
252
253 /*******************************************************************
254 Reduce a file name, removing .. elements.
255 ********************************************************************/
256
dos_clean_name(TALLOC_CTX * ctx,const char * s)257 static char *dos_clean_name(TALLOC_CTX *ctx, const char *s)
258 {
259 char *p = NULL;
260 char *str = NULL;
261
262 DEBUG(3,("dos_clean_name [%s]\n",s));
263
264 /* remove any double slashes */
265 str = talloc_all_string_sub(ctx, s, "\\\\", "\\");
266 if (!str) {
267 return NULL;
268 }
269
270 /* Remove leading .\\ characters */
271 if(strncmp(str, ".\\", 2) == 0) {
272 trim_string(str, ".\\", NULL);
273 if(*str == 0) {
274 str = talloc_strdup(ctx, ".\\");
275 if (!str) {
276 return NULL;
277 }
278 }
279 }
280
281 while ((p = strstr_m(str,"\\..\\")) != NULL) {
282 char *s1;
283
284 *p = 0;
285 s1 = p+3;
286
287 if ((p=strrchr_m(str,'\\')) != NULL) {
288 *p = 0;
289 } else {
290 *str = 0;
291 }
292 str = talloc_asprintf(ctx,
293 "%s%s",
294 str,
295 s1);
296 if (!str) {
297 return NULL;
298 }
299 }
300
301 trim_string(str,NULL,"\\..");
302 return talloc_all_string_sub(ctx, str, "\\.\\", "\\");
303 }
304
305 /*******************************************************************
306 Reduce a file name, removing .. elements.
307 ********************************************************************/
308
unix_clean_name(TALLOC_CTX * ctx,const char * s)309 char *unix_clean_name(TALLOC_CTX *ctx, const char *s)
310 {
311 char *p = NULL;
312 char *str = NULL;
313
314 DEBUG(3,("unix_clean_name [%s]\n",s));
315
316 /* remove any double slashes */
317 str = talloc_all_string_sub(ctx, s, "//","/");
318 if (!str) {
319 return NULL;
320 }
321
322 /* Remove leading ./ characters */
323 if(strncmp(str, "./", 2) == 0) {
324 trim_string(str, "./", NULL);
325 if(*str == 0) {
326 str = talloc_strdup(ctx, "./");
327 if (!str) {
328 return NULL;
329 }
330 }
331 }
332
333 while ((p = strstr_m(str,"/../")) != NULL) {
334 char *s1;
335
336 *p = 0;
337 s1 = p+3;
338
339 if ((p=strrchr_m(str,'/')) != NULL) {
340 *p = 0;
341 } else {
342 *str = 0;
343 }
344 str = talloc_asprintf(ctx,
345 "%s%s",
346 str,
347 s1);
348 if (!str) {
349 return NULL;
350 }
351 }
352
353 trim_string(str,NULL,"/..");
354 return talloc_all_string_sub(ctx, str, "/./", "/");
355 }
356
clean_name(TALLOC_CTX * ctx,const char * s)357 char *clean_name(TALLOC_CTX *ctx, const char *s)
358 {
359 char *str = dos_clean_name(ctx, s);
360 if (!str) {
361 return NULL;
362 }
363 return unix_clean_name(ctx, str);
364 }
365
366 /*******************************************************************
367 Write data into an fd at a given offset. Ignore seek errors.
368 ********************************************************************/
369
write_data_at_offset(int fd,const char * buffer,size_t N,off_t pos)370 ssize_t write_data_at_offset(int fd, const char *buffer, size_t N, off_t pos)
371 {
372 size_t total=0;
373 ssize_t ret;
374
375 if (pos == (off_t)-1) {
376 return write_data(fd, buffer, N);
377 }
378 #if defined(HAVE_PWRITE) || defined(HAVE_PRWITE64)
379 while (total < N) {
380 ret = sys_pwrite(fd,buffer + total,N - total, pos);
381 if (ret == -1 && errno == ESPIPE) {
382 return write_data(fd, buffer + total,N - total);
383 }
384 if (ret == -1) {
385 DEBUG(0,("write_data_at_offset: write failure. Error = %s\n", strerror(errno) ));
386 return -1;
387 }
388 if (ret == 0) {
389 return total;
390 }
391 total += ret;
392 pos += ret;
393 }
394 return (ssize_t)total;
395 #else
396 /* Use lseek and write_data. */
397 if (lseek(fd, pos, SEEK_SET) == -1) {
398 if (errno != ESPIPE) {
399 return -1;
400 }
401 }
402 return write_data(fd, buffer, N);
403 #endif
404 }
405
406 static int reinit_after_fork_pipe[2] = { -1, -1 };
407
init_before_fork(void)408 NTSTATUS init_before_fork(void)
409 {
410 int ret;
411
412 ret = pipe(reinit_after_fork_pipe);
413 if (ret == -1) {
414 NTSTATUS status;
415
416 status = map_nt_error_from_unix_common(errno);
417
418 DEBUG(0, ("Error creating child_pipe: %s\n",
419 nt_errstr(status)));
420
421 return status;
422 }
423
424 return NT_STATUS_OK;
425 }
426
427 /**
428 * Detect died parent by detecting EOF on the pipe
429 */
reinit_after_fork_pipe_handler(struct tevent_context * ev,struct tevent_fd * fde,uint16_t flags,void * private_data)430 static void reinit_after_fork_pipe_handler(struct tevent_context *ev,
431 struct tevent_fd *fde,
432 uint16_t flags,
433 void *private_data)
434 {
435 char c;
436
437 if (sys_read(reinit_after_fork_pipe[0], &c, 1) != 1) {
438 /*
439 * we have reached EOF on stdin, which means the
440 * parent has exited. Shutdown the server
441 */
442 TALLOC_FREE(fde);
443 (void)kill(getpid(), SIGTERM);
444 }
445 }
446
447
reinit_after_fork(struct messaging_context * msg_ctx,struct tevent_context * ev_ctx,bool parent_longlived,const char * comment)448 NTSTATUS reinit_after_fork(struct messaging_context *msg_ctx,
449 struct tevent_context *ev_ctx,
450 bool parent_longlived,
451 const char *comment)
452 {
453 NTSTATUS status = NT_STATUS_OK;
454 int ret;
455
456 /*
457 * The main process thread should never
458 * allow per_thread_cwd_enable() to be
459 * called.
460 */
461 per_thread_cwd_disable();
462
463 if (reinit_after_fork_pipe[1] != -1) {
464 close(reinit_after_fork_pipe[1]);
465 reinit_after_fork_pipe[1] = -1;
466 }
467
468 /* tdb needs special fork handling */
469 if (tdb_reopen_all(parent_longlived ? 1 : 0) != 0) {
470 DEBUG(0,("tdb_reopen_all failed.\n"));
471 status = NT_STATUS_OPEN_FAILED;
472 goto done;
473 }
474
475 if (ev_ctx != NULL) {
476 tevent_set_trace_callback(ev_ctx, NULL, NULL);
477 if (tevent_re_initialise(ev_ctx) != 0) {
478 smb_panic(__location__ ": Failed to re-initialise event context");
479 }
480 }
481
482 if (reinit_after_fork_pipe[0] != -1) {
483 struct tevent_fd *fde;
484
485 fde = tevent_add_fd(ev_ctx, ev_ctx /* TALLOC_CTX */,
486 reinit_after_fork_pipe[0], TEVENT_FD_READ,
487 reinit_after_fork_pipe_handler, NULL);
488 if (fde == NULL) {
489 smb_panic(__location__ ": Failed to add reinit_after_fork pipe event");
490 }
491 }
492
493 if (msg_ctx) {
494 /*
495 * For clustering, we need to re-init our ctdbd connection after the
496 * fork
497 */
498 status = messaging_reinit(msg_ctx);
499 if (!NT_STATUS_IS_OK(status)) {
500 DEBUG(0,("messaging_reinit() failed: %s\n",
501 nt_errstr(status)));
502 }
503
504 if (lp_clustering()) {
505 ret = ctdb_async_ctx_reinit(
506 NULL, messaging_tevent_context(msg_ctx));
507 if (ret != 0) {
508 DBG_ERR("db_ctdb_async_ctx_reinit failed: %s\n",
509 strerror(errno));
510 return map_nt_error_from_unix(ret);
511 }
512 }
513 }
514
515 if (comment) {
516 prctl_set_comment(comment);
517 }
518
519 done:
520 return status;
521 }
522
523 /****************************************************************************
524 (Hopefully) efficient array append.
525 ****************************************************************************/
526
add_to_large_array(TALLOC_CTX * mem_ctx,size_t element_size,void * element,void * _array,uint32_t * num_elements,ssize_t * array_size)527 void add_to_large_array(TALLOC_CTX *mem_ctx, size_t element_size,
528 void *element, void *_array, uint32_t *num_elements,
529 ssize_t *array_size)
530 {
531 void **array = (void **)_array;
532
533 if (*array_size < 0) {
534 return;
535 }
536
537 if (*array == NULL) {
538 if (*array_size == 0) {
539 *array_size = 128;
540 }
541
542 if (*array_size >= MAX_ALLOC_SIZE/element_size) {
543 goto error;
544 }
545
546 *array = TALLOC(mem_ctx, element_size * (*array_size));
547 if (*array == NULL) {
548 goto error;
549 }
550 }
551
552 if (*num_elements == *array_size) {
553 *array_size *= 2;
554
555 if (*array_size >= MAX_ALLOC_SIZE/element_size) {
556 goto error;
557 }
558
559 *array = TALLOC_REALLOC(mem_ctx, *array,
560 element_size * (*array_size));
561
562 if (*array == NULL) {
563 goto error;
564 }
565 }
566
567 memcpy((char *)(*array) + element_size*(*num_elements),
568 element, element_size);
569 *num_elements += 1;
570
571 return;
572
573 error:
574 *num_elements = 0;
575 *array_size = -1;
576 }
577
578 /****************************************************************************
579 Get my own domain name, or "" if we have none.
580 ****************************************************************************/
581
get_mydnsdomname(TALLOC_CTX * ctx)582 char *get_mydnsdomname(TALLOC_CTX *ctx)
583 {
584 const char *domname;
585 char *p;
586
587 domname = get_mydnsfullname();
588 if (!domname) {
589 return NULL;
590 }
591
592 p = strchr_m(domname, '.');
593 if (p) {
594 p++;
595 return talloc_strdup(ctx, p);
596 } else {
597 return talloc_strdup(ctx, "");
598 }
599 }
600
601 #if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
602 /******************************************************************
603 Remove any mount options such as -rsize=2048,wsize=2048 etc.
604 Based on a fix from <Thomas.Hepper@icem.de>.
605 Returns a malloc'ed string.
606 *******************************************************************/
607
strip_mount_options(TALLOC_CTX * ctx,const char * str)608 static char *strip_mount_options(TALLOC_CTX *ctx, const char *str)
609 {
610 if (*str == '-') {
611 const char *p = str;
612 while(*p && !isspace(*p))
613 p++;
614 while(*p && isspace(*p))
615 p++;
616 if(*p) {
617 return talloc_strdup(ctx, p);
618 }
619 }
620 return NULL;
621 }
622
623 /*******************************************************************
624 Patch from jkf@soton.ac.uk
625 Split Luke's automount_server into YP lookup and string splitter
626 so can easily implement automount_path().
627 Returns a malloc'ed string.
628 *******************************************************************/
629
630 #ifdef WITH_NISPLUS_HOME
automount_lookup(TALLOC_CTX * ctx,const char * user_name)631 char *automount_lookup(TALLOC_CTX *ctx, const char *user_name)
632 {
633 const struct loadparm_substitution *lp_sub =
634 loadparm_s3_global_substitution();
635 char *value = NULL;
636
637 char *nis_map = (char *)lp_homedir_map(talloc_tos(), lp_sub);
638
639 char buffer[NIS_MAXATTRVAL + 1];
640 nis_result *result;
641 nis_object *object;
642 entry_obj *entry;
643
644 snprintf(buffer, sizeof(buffer), "[key=%s],%s", user_name, nis_map);
645 DEBUG(5, ("NIS+ querystring: %s\n", buffer));
646
647 if (result = nis_list(buffer, FOLLOW_PATH|EXPAND_NAME|HARD_LOOKUP, NULL, NULL)) {
648 if (result->status != NIS_SUCCESS) {
649 DEBUG(3, ("NIS+ query failed: %s\n", nis_sperrno(result->status)));
650 } else {
651 object = result->objects.objects_val;
652 if (object->zo_data.zo_type == ENTRY_OBJ) {
653 entry = &object->zo_data.objdata_u.en_data;
654 DEBUG(5, ("NIS+ entry type: %s\n", entry->en_type));
655 DEBUG(3, ("NIS+ result: %s\n", entry->en_cols.en_cols_val[1].ec_value.ec_value_val));
656
657 value = talloc_strdup(ctx,
658 entry->en_cols.en_cols_val[1].ec_value.ec_value_val);
659 if (!value) {
660 nis_freeresult(result);
661 return NULL;
662 }
663 value = talloc_string_sub(ctx,
664 value,
665 "&",
666 user_name);
667 }
668 }
669 }
670 nis_freeresult(result);
671
672 if (value) {
673 value = strip_mount_options(ctx, value);
674 DEBUG(4, ("NIS+ Lookup: %s resulted in %s\n",
675 user_name, value));
676 }
677 return value;
678 }
679 #else /* WITH_NISPLUS_HOME */
680
automount_lookup(TALLOC_CTX * ctx,const char * user_name)681 char *automount_lookup(TALLOC_CTX *ctx, const char *user_name)
682 {
683 const struct loadparm_substitution *lp_sub =
684 loadparm_s3_global_substitution();
685 char *value = NULL;
686
687 int nis_error; /* returned by yp all functions */
688 char *nis_result; /* yp_match inits this */
689 int nis_result_len; /* and set this */
690 char *nis_domain; /* yp_get_default_domain inits this */
691 char *nis_map = lp_homedir_map(talloc_tos(), lp_sub);
692
693 if ((nis_error = yp_get_default_domain(&nis_domain)) != 0) {
694 DEBUG(3, ("YP Error: %s\n", yperr_string(nis_error)));
695 return NULL;
696 }
697
698 DEBUG(5, ("NIS Domain: %s\n", nis_domain));
699
700 if ((nis_error = yp_match(nis_domain, nis_map, user_name,
701 strlen(user_name), &nis_result,
702 &nis_result_len)) == 0) {
703 if (nis_result_len > 0 && nis_result[nis_result_len] == '\n') {
704 nis_result[nis_result_len] = '\0';
705 }
706 value = talloc_strdup(ctx, nis_result);
707 if (!value) {
708 return NULL;
709 }
710 value = strip_mount_options(ctx, value);
711 } else if(nis_error == YPERR_KEY) {
712 DEBUG(3, ("YP Key not found: while looking up \"%s\" in map \"%s\"\n",
713 user_name, nis_map));
714 DEBUG(3, ("using defaults for server and home directory\n"));
715 } else {
716 DEBUG(3, ("YP Error: \"%s\" while looking up \"%s\" in map \"%s\"\n",
717 yperr_string(nis_error), user_name, nis_map));
718 }
719
720 if (value) {
721 DEBUG(4, ("YP Lookup: %s resulted in %s\n", user_name, value));
722 }
723 return value;
724 }
725 #endif /* WITH_NISPLUS_HOME */
726 #endif
727
process_exists(const struct server_id pid)728 bool process_exists(const struct server_id pid)
729 {
730 return serverid_exists(&pid);
731 }
732
733 /*******************************************************************
734 Convert a uid into a user name.
735 ********************************************************************/
736
uidtoname(uid_t uid)737 const char *uidtoname(uid_t uid)
738 {
739 TALLOC_CTX *ctx = talloc_tos();
740 char *name = NULL;
741 struct passwd *pass = NULL;
742
743 pass = getpwuid_alloc(ctx,uid);
744 if (pass) {
745 name = talloc_strdup(ctx,pass->pw_name);
746 TALLOC_FREE(pass);
747 } else {
748 name = talloc_asprintf(ctx,
749 "%ld",
750 (long int)uid);
751 }
752 return name;
753 }
754
755 /*******************************************************************
756 Convert a gid into a group name.
757 ********************************************************************/
758
gidtoname(gid_t gid)759 char *gidtoname(gid_t gid)
760 {
761 struct group *grp;
762
763 grp = getgrgid(gid);
764 if (grp) {
765 return talloc_strdup(talloc_tos(), grp->gr_name);
766 }
767 else {
768 return talloc_asprintf(talloc_tos(),
769 "%d",
770 (int)gid);
771 }
772 }
773
774 /*******************************************************************
775 Convert a user name into a uid.
776 ********************************************************************/
777
nametouid(const char * name)778 uid_t nametouid(const char *name)
779 {
780 struct passwd *pass;
781 char *p;
782 uid_t u;
783
784 pass = Get_Pwnam_alloc(talloc_tos(), name);
785 if (pass) {
786 u = pass->pw_uid;
787 TALLOC_FREE(pass);
788 return u;
789 }
790
791 u = (uid_t)strtol(name, &p, 0);
792 if ((p != name) && (*p == '\0'))
793 return u;
794
795 return (uid_t)-1;
796 }
797
798 /*******************************************************************
799 Convert a name to a gid_t if possible. Return -1 if not a group.
800 ********************************************************************/
801
nametogid(const char * name)802 gid_t nametogid(const char *name)
803 {
804 struct group *grp;
805 char *p;
806 gid_t g;
807
808 g = (gid_t)strtol(name, &p, 0);
809 if ((p != name) && (*p == '\0'))
810 return g;
811
812 grp = getgrnam(name);
813 if (grp)
814 return(grp->gr_gid);
815 return (gid_t)-1;
816 }
817
818 /*******************************************************************
819 Something really nasty happened - panic !
820 ********************************************************************/
821
smb_panic_s3(const char * why)822 void smb_panic_s3(const char *why)
823 {
824 const struct loadparm_substitution *lp_sub =
825 loadparm_s3_global_substitution();
826 char *cmd;
827 int result;
828
829 DEBUG(0,("PANIC (pid %llu): %s\n",
830 (unsigned long long)getpid(), why));
831 log_stack_trace();
832
833 #if defined(HAVE_PRCTL) && defined(PR_SET_PTRACER)
834 /*
835 * Make sure all children can attach a debugger.
836 */
837 prctl(PR_SET_PTRACER, getpid(), 0, 0, 0);
838 #endif
839
840 cmd = lp_panic_action(talloc_tos(), lp_sub);
841 if (cmd && *cmd) {
842 DEBUG(0, ("smb_panic(): calling panic action [%s]\n", cmd));
843 result = system(cmd);
844
845 if (result == -1)
846 DEBUG(0, ("smb_panic(): fork failed in panic action: %s\n",
847 strerror(errno)));
848 else
849 DEBUG(0, ("smb_panic(): action returned status %d\n",
850 WEXITSTATUS(result)));
851 }
852
853 dump_core();
854 }
855
856 /*******************************************************************
857 A readdir wrapper which just returns the file name.
858 ********************************************************************/
859
readdirname(DIR * p)860 const char *readdirname(DIR *p)
861 {
862 struct dirent *ptr;
863 char *dname;
864
865 if (!p)
866 return(NULL);
867
868 ptr = (struct dirent *)readdir(p);
869 if (!ptr)
870 return(NULL);
871
872 dname = ptr->d_name;
873
874 #ifdef NEXT2
875 if (telldir(p) < 0)
876 return(NULL);
877 #endif
878
879 #ifdef HAVE_BROKEN_READDIR_NAME
880 /* using /usr/ucb/cc is BAD */
881 dname = dname - 2;
882 #endif
883
884 return talloc_strdup(talloc_tos(), dname);
885 }
886
887 /*******************************************************************
888 Utility function used to decide if the last component
889 of a path matches a (possibly wildcarded) entry in a namelist.
890 ********************************************************************/
891
is_in_path(const char * name,name_compare_entry * namelist,bool case_sensitive)892 bool is_in_path(const char *name, name_compare_entry *namelist, bool case_sensitive)
893 {
894 const char *last_component;
895
896 /* if we have no list it's obviously not in the path */
897 if((namelist == NULL ) || ((namelist != NULL) && (namelist[0].name == NULL))) {
898 return False;
899 }
900
901 DEBUG(8, ("is_in_path: %s\n", name));
902
903 /* Get the last component of the unix name. */
904 last_component = strrchr_m(name, '/');
905 if (!last_component) {
906 last_component = name;
907 } else {
908 last_component++; /* Go past '/' */
909 }
910
911 for(; namelist->name != NULL; namelist++) {
912 if(namelist->is_wild) {
913 if (mask_match(last_component, namelist->name, case_sensitive)) {
914 DEBUG(8,("is_in_path: mask match succeeded\n"));
915 return True;
916 }
917 } else {
918 if((case_sensitive && (strcmp(last_component, namelist->name) == 0))||
919 (!case_sensitive && (strcasecmp_m(last_component, namelist->name) == 0))) {
920 DEBUG(8,("is_in_path: match succeeded\n"));
921 return True;
922 }
923 }
924 }
925 DEBUG(8,("is_in_path: match not found\n"));
926 return False;
927 }
928
929 /*******************************************************************
930 Strip a '/' separated list into an array of
931 name_compare_enties structures suitable for
932 passing to is_in_path(). We do this for
933 speed so we can pre-parse all the names in the list
934 and don't do it for each call to is_in_path().
935 We also check if the entry contains a wildcard to
936 remove a potentially expensive call to mask_match
937 if possible.
938 ********************************************************************/
939
set_namearray(name_compare_entry ** ppname_array,const char * namelist_in)940 void set_namearray(name_compare_entry **ppname_array, const char *namelist_in)
941 {
942 char *name_end;
943 char *namelist;
944 char *namelist_end;
945 char *nameptr;
946 int num_entries = 0;
947 int i;
948
949 (*ppname_array) = NULL;
950
951 if((namelist_in == NULL ) || ((namelist_in != NULL) && (*namelist_in == '\0')))
952 return;
953
954 namelist = talloc_strdup(talloc_tos(), namelist_in);
955 if (namelist == NULL) {
956 DEBUG(0,("set_namearray: talloc fail\n"));
957 return;
958 }
959 nameptr = namelist;
960
961 namelist_end = &namelist[strlen(namelist)];
962
963 /* We need to make two passes over the string. The
964 first to count the number of elements, the second
965 to split it.
966 */
967
968 while(nameptr <= namelist_end) {
969 if ( *nameptr == '/' ) {
970 /* cope with multiple (useless) /s) */
971 nameptr++;
972 continue;
973 }
974 /* anything left? */
975 if ( *nameptr == '\0' )
976 break;
977
978 /* find the next '/' or consume remaining */
979 name_end = strchr_m(nameptr, '/');
980 if (name_end == NULL) {
981 /* Point nameptr at the terminating '\0' */
982 nameptr += strlen(nameptr);
983 } else {
984 /* next segment please */
985 nameptr = name_end + 1;
986 }
987 num_entries++;
988 }
989
990 if(num_entries == 0) {
991 talloc_free(namelist);
992 return;
993 }
994
995 if(( (*ppname_array) = SMB_MALLOC_ARRAY(name_compare_entry, num_entries + 1)) == NULL) {
996 DEBUG(0,("set_namearray: malloc fail\n"));
997 talloc_free(namelist);
998 return;
999 }
1000
1001 /* Now copy out the names */
1002 nameptr = namelist;
1003 i = 0;
1004 while(nameptr <= namelist_end) {
1005 if ( *nameptr == '/' ) {
1006 /* cope with multiple (useless) /s) */
1007 nameptr++;
1008 continue;
1009 }
1010 /* anything left? */
1011 if ( *nameptr == '\0' )
1012 break;
1013
1014 /* find the next '/' or consume remaining */
1015 name_end = strchr_m(nameptr, '/');
1016 if (name_end != NULL) {
1017 *name_end = '\0';
1018 }
1019
1020 (*ppname_array)[i].is_wild = ms_has_wild(nameptr);
1021 if(((*ppname_array)[i].name = SMB_STRDUP(nameptr)) == NULL) {
1022 DEBUG(0,("set_namearray: malloc fail (1)\n"));
1023 talloc_free(namelist);
1024 return;
1025 }
1026
1027 if (name_end == NULL) {
1028 /* Point nameptr at the terminating '\0' */
1029 nameptr += strlen(nameptr);
1030 } else {
1031 /* next segment please */
1032 nameptr = name_end + 1;
1033 }
1034 i++;
1035 }
1036
1037 (*ppname_array)[i].name = NULL;
1038
1039 talloc_free(namelist);
1040 return;
1041 }
1042
1043 #undef DBGC_CLASS
1044 #define DBGC_CLASS DBGC_LOCKING
1045
1046 /****************************************************************************
1047 Simple routine to query existing file locks. Cruft in NFS and 64->32 bit mapping
1048 is dealt with in posix.c
1049 Returns True if we have information regarding this lock region (and returns
1050 F_UNLCK in *ptype if the region is unlocked). False if the call failed.
1051 ****************************************************************************/
1052
fcntl_getlock(int fd,int op,off_t * poffset,off_t * pcount,int * ptype,pid_t * ppid)1053 bool fcntl_getlock(int fd, int op, off_t *poffset, off_t *pcount, int *ptype, pid_t *ppid)
1054 {
1055 struct flock lock;
1056 int ret;
1057
1058 DEBUG(8,("fcntl_getlock fd=%d op=%d offset=%.0f count=%.0f type=%d\n",
1059 fd,op,(double)*poffset,(double)*pcount,*ptype));
1060
1061 lock.l_type = *ptype;
1062 lock.l_whence = SEEK_SET;
1063 lock.l_start = *poffset;
1064 lock.l_len = *pcount;
1065 lock.l_pid = 0;
1066
1067 ret = sys_fcntl_ptr(fd,op,&lock);
1068
1069 if (ret == -1) {
1070 int sav = errno;
1071 DEBUG(3,("fcntl_getlock: lock request failed at offset %.0f count %.0f type %d (%s)\n",
1072 (double)*poffset,(double)*pcount,*ptype,strerror(errno)));
1073 errno = sav;
1074 return False;
1075 }
1076
1077 *ptype = lock.l_type;
1078 *poffset = lock.l_start;
1079 *pcount = lock.l_len;
1080 *ppid = lock.l_pid;
1081
1082 DEBUG(3,("fcntl_getlock: fd %d is returned info %d pid %u\n",
1083 fd, (int)lock.l_type, (unsigned int)lock.l_pid));
1084 return True;
1085 }
1086
1087 #if defined(HAVE_OFD_LOCKS)
map_process_lock_to_ofd_lock(int op)1088 int map_process_lock_to_ofd_lock(int op)
1089 {
1090 switch (op) {
1091 case F_GETLK:
1092 case F_OFD_GETLK:
1093 op = F_OFD_GETLK;
1094 break;
1095 case F_SETLK:
1096 case F_OFD_SETLK:
1097 op = F_OFD_SETLK;
1098 break;
1099 case F_SETLKW:
1100 case F_OFD_SETLKW:
1101 op = F_OFD_SETLKW;
1102 break;
1103 default:
1104 return -1;
1105 }
1106 return op;
1107 }
1108 #else /* HAVE_OFD_LOCKS */
map_process_lock_to_ofd_lock(int op)1109 int map_process_lock_to_ofd_lock(int op)
1110 {
1111 return op;
1112 }
1113 #endif /* HAVE_OFD_LOCKS */
1114
1115 #undef DBGC_CLASS
1116 #define DBGC_CLASS DBGC_ALL
1117
1118 /*******************************************************************
1119 Is the name specified one of my netbios names.
1120 Returns true if it is equal, false otherwise.
1121 ********************************************************************/
1122
is_myname(const char * s)1123 bool is_myname(const char *s)
1124 {
1125 int n;
1126 bool ret = False;
1127
1128 for (n=0; my_netbios_names(n); n++) {
1129 const char *nbt_name = my_netbios_names(n);
1130
1131 if (strncasecmp_m(nbt_name, s, MAX_NETBIOSNAME_LEN-1) == 0) {
1132 ret=True;
1133 break;
1134 }
1135 }
1136 DEBUG(8, ("is_myname(\"%s\") returns %d\n", s, ret));
1137 return(ret);
1138 }
1139
1140 /*******************************************************************
1141 we distinguish between 2K and XP by the "Native Lan Manager" string
1142 WinXP => "Windows 2002 5.1"
1143 WinXP 64bit => "Windows XP 5.2"
1144 Win2k => "Windows 2000 5.0"
1145 NT4 => "Windows NT 4.0"
1146 Win9x => "Windows 4.0"
1147 Windows 2003 doesn't set the native lan manager string but
1148 they do set the domain to "Windows 2003 5.2" (probably a bug).
1149 ********************************************************************/
1150
ra_lanman_string(const char * native_lanman)1151 void ra_lanman_string( const char *native_lanman )
1152 {
1153 if ( strcmp( native_lanman, "Windows 2002 5.1" ) == 0 )
1154 set_remote_arch( RA_WINXP );
1155 else if ( strcmp( native_lanman, "Windows XP 5.2" ) == 0 )
1156 set_remote_arch( RA_WINXP64 );
1157 else if ( strcmp( native_lanman, "Windows Server 2003 5.2" ) == 0 )
1158 set_remote_arch( RA_WIN2K3 );
1159 }
1160
1161 static const char *remote_arch_strings[] = {
1162 [RA_UNKNOWN] = "UNKNOWN",
1163 [RA_WFWG] = "WfWg",
1164 [RA_OS2] = "OS2",
1165 [RA_WIN95] = "Win95",
1166 [RA_WINNT] = "WinNT",
1167 [RA_WIN2K] = "Win2K",
1168 [RA_WINXP] = "WinXP",
1169 [RA_WIN2K3] = "Win2K3",
1170 [RA_VISTA] = "Vista",
1171 [RA_SAMBA] = "Samba",
1172 [RA_CIFSFS] = "CIFSFS",
1173 [RA_WINXP64] = "WinXP64",
1174 [RA_OSX] = "OSX",
1175 };
1176
get_remote_arch_str(void)1177 const char *get_remote_arch_str(void)
1178 {
1179 if (ra_type >= ARRAY_SIZE(remote_arch_strings)) {
1180 /*
1181 * set_remote_arch() already checks this so ra_type
1182 * should be in the allowed range, but anyway, let's
1183 * do another bound check here.
1184 */
1185 DBG_ERR("Remote arch info out of sync [%d] missing\n", ra_type);
1186 ra_type = RA_UNKNOWN;
1187 }
1188 return remote_arch_strings[ra_type];
1189 }
1190
get_remote_arch_from_str(const char * remote_arch_string)1191 enum remote_arch_types get_remote_arch_from_str(const char *remote_arch_string)
1192 {
1193 int i;
1194
1195 for (i = 0; i < ARRAY_SIZE(remote_arch_strings); i++) {
1196 if (strcmp(remote_arch_string, remote_arch_strings[i]) == 0) {
1197 return i;
1198 }
1199 }
1200 return RA_UNKNOWN;
1201 }
1202
1203 /*******************************************************************
1204 Set the horrid remote_arch string based on an enum.
1205 ********************************************************************/
1206
set_remote_arch(enum remote_arch_types type)1207 void set_remote_arch(enum remote_arch_types type)
1208 {
1209 if (ra_type >= ARRAY_SIZE(remote_arch_strings)) {
1210 /*
1211 * This protects against someone adding values to enum
1212 * remote_arch_types without updating
1213 * remote_arch_strings array.
1214 */
1215 DBG_ERR("Remote arch info out of sync [%d] missing\n", ra_type);
1216 ra_type = RA_UNKNOWN;
1217 return;
1218 }
1219
1220 ra_type = type;
1221 DEBUG(10,("set_remote_arch: Client arch is \'%s\'\n",
1222 get_remote_arch_str()));
1223 }
1224
1225 /*******************************************************************
1226 Get the remote_arch type.
1227 ********************************************************************/
1228
get_remote_arch(void)1229 enum remote_arch_types get_remote_arch(void)
1230 {
1231 return ra_type;
1232 }
1233
1234 #define RA_CACHE_TTL 7*24*3600
1235
remote_arch_cache_key(const struct GUID * client_guid,fstring key)1236 static bool remote_arch_cache_key(const struct GUID *client_guid,
1237 fstring key)
1238 {
1239 struct GUID_txt_buf guid_buf;
1240 const char *guid_string = NULL;
1241
1242 guid_string = GUID_buf_string(client_guid, &guid_buf);
1243 if (guid_string == NULL) {
1244 return false;
1245 }
1246
1247 fstr_sprintf(key, "RA/%s", guid_string);
1248 return true;
1249 }
1250
1251 struct ra_parser_state {
1252 bool found;
1253 enum remote_arch_types ra;
1254 };
1255
ra_parser(const struct gencache_timeout * t,DATA_BLOB blob,void * priv_data)1256 static void ra_parser(const struct gencache_timeout *t,
1257 DATA_BLOB blob,
1258 void *priv_data)
1259 {
1260 struct ra_parser_state *state = (struct ra_parser_state *)priv_data;
1261 const char *ra_str = NULL;
1262
1263 if (gencache_timeout_expired(t)) {
1264 return;
1265 }
1266
1267 if ((blob.length == 0) || (blob.data[blob.length-1] != '\0')) {
1268 DBG_ERR("Remote arch cache key not a string\n");
1269 return;
1270 }
1271
1272 ra_str = (const char *)blob.data;
1273 DBG_INFO("Got remote arch [%s] from cache\n", ra_str);
1274
1275 state->ra = get_remote_arch_from_str(ra_str);
1276 state->found = true;
1277 return;
1278 }
1279
remote_arch_cache_get(const struct GUID * client_guid)1280 static bool remote_arch_cache_get(const struct GUID *client_guid)
1281 {
1282 bool ok;
1283 fstring ra_key;
1284 struct ra_parser_state state = (struct ra_parser_state) {
1285 .found = false,
1286 .ra = RA_UNKNOWN,
1287 };
1288
1289 ok = remote_arch_cache_key(client_guid, ra_key);
1290 if (!ok) {
1291 return false;
1292 }
1293
1294 ok = gencache_parse(ra_key, ra_parser, &state);
1295 if (!ok || !state.found) {
1296 return true;
1297 }
1298
1299 if (state.ra == RA_UNKNOWN) {
1300 return true;
1301 }
1302
1303 set_remote_arch(state.ra);
1304 return true;
1305 }
1306
remote_arch_cache_set(const struct GUID * client_guid)1307 static bool remote_arch_cache_set(const struct GUID *client_guid)
1308 {
1309 bool ok;
1310 fstring ra_key;
1311 const char *ra_str = NULL;
1312
1313 if (get_remote_arch() == RA_UNKNOWN) {
1314 return true;
1315 }
1316
1317 ok = remote_arch_cache_key(client_guid, ra_key);
1318 if (!ok) {
1319 return false;
1320 }
1321
1322 ra_str = get_remote_arch_str();
1323 if (ra_str == NULL) {
1324 return false;
1325 }
1326
1327 ok = gencache_set(ra_key, ra_str, time(NULL) + RA_CACHE_TTL);
1328 if (!ok) {
1329 return false;
1330 }
1331
1332 return true;
1333 }
1334
remote_arch_cache_update(const struct GUID * client_guid)1335 bool remote_arch_cache_update(const struct GUID *client_guid)
1336 {
1337 bool ok;
1338
1339 if (get_remote_arch() == RA_UNKNOWN) {
1340
1341 become_root();
1342 ok = remote_arch_cache_get(client_guid);
1343 unbecome_root();
1344
1345 return ok;
1346 }
1347
1348 become_root();
1349 ok = remote_arch_cache_set(client_guid);
1350 unbecome_root();
1351
1352 return ok;
1353 }
1354
remote_arch_cache_delete(const struct GUID * client_guid)1355 bool remote_arch_cache_delete(const struct GUID *client_guid)
1356 {
1357 bool ok;
1358 fstring ra_key;
1359
1360 ok = remote_arch_cache_key(client_guid, ra_key);
1361 if (!ok) {
1362 return false;
1363 }
1364
1365 become_root();
1366 ok = gencache_del(ra_key);
1367 unbecome_root();
1368
1369 if (!ok) {
1370 return false;
1371 }
1372
1373 return true;
1374 }
1375
tab_depth(int level,int depth)1376 const char *tab_depth(int level, int depth)
1377 {
1378 if( CHECK_DEBUGLVL(level) ) {
1379 dbgtext("%*s", depth*4, "");
1380 }
1381 return "";
1382 }
1383
1384 /*****************************************************************************
1385 Provide a checksum on a string
1386
1387 Input: s - the null-terminated character string for which the checksum
1388 will be calculated.
1389
1390 Output: The checksum value calculated for s.
1391 *****************************************************************************/
1392
str_checksum(const char * s)1393 int str_checksum(const char *s)
1394 {
1395 TDB_DATA key;
1396 if (s == NULL)
1397 return 0;
1398
1399 key = (TDB_DATA) { .dptr = discard_const_p(uint8_t, s),
1400 .dsize = strlen(s) };
1401
1402 return tdb_jenkins_hash(&key);
1403 }
1404
1405 /*****************************************************************
1406 Zero a memory area then free it. Used to catch bugs faster.
1407 *****************************************************************/
1408
zero_free(void * p,size_t size)1409 void zero_free(void *p, size_t size)
1410 {
1411 memset(p, 0, size);
1412 SAFE_FREE(p);
1413 }
1414
1415 /*****************************************************************
1416 Set our open file limit to a requested max and return the limit.
1417 *****************************************************************/
1418
set_maxfiles(int requested_max)1419 int set_maxfiles(int requested_max)
1420 {
1421 #if (defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE))
1422 struct rlimit rlp;
1423 int saved_current_limit;
1424
1425 if(getrlimit(RLIMIT_NOFILE, &rlp)) {
1426 DEBUG(0,("set_maxfiles: getrlimit (1) for RLIMIT_NOFILE failed with error %s\n",
1427 strerror(errno) ));
1428 /* just guess... */
1429 return requested_max;
1430 }
1431
1432 /*
1433 * Set the fd limit to be real_max_open_files + MAX_OPEN_FUDGEFACTOR to
1434 * account for the extra fd we need
1435 * as well as the log files and standard
1436 * handles etc. Save the limit we want to set in case
1437 * we are running on an OS that doesn't support this limit (AIX)
1438 * which always returns RLIM_INFINITY for rlp.rlim_max.
1439 */
1440
1441 /* Try raising the hard (max) limit to the requested amount. */
1442
1443 #if defined(RLIM_INFINITY)
1444 if (rlp.rlim_max != RLIM_INFINITY) {
1445 int orig_max = rlp.rlim_max;
1446
1447 if ( rlp.rlim_max < requested_max )
1448 rlp.rlim_max = requested_max;
1449
1450 /* This failing is not an error - many systems (Linux) don't
1451 support our default request of 10,000 open files. JRA. */
1452
1453 if(setrlimit(RLIMIT_NOFILE, &rlp)) {
1454 DEBUG(3,("set_maxfiles: setrlimit for RLIMIT_NOFILE for %d max files failed with error %s\n",
1455 (int)rlp.rlim_max, strerror(errno) ));
1456
1457 /* Set failed - restore original value from get. */
1458 rlp.rlim_max = orig_max;
1459 }
1460 }
1461 #endif
1462
1463 /* Now try setting the soft (current) limit. */
1464
1465 saved_current_limit = rlp.rlim_cur = MIN(requested_max,rlp.rlim_max);
1466
1467 if(setrlimit(RLIMIT_NOFILE, &rlp)) {
1468 DEBUG(0,("set_maxfiles: setrlimit for RLIMIT_NOFILE for %d files failed with error %s\n",
1469 (int)rlp.rlim_cur, strerror(errno) ));
1470 /* just guess... */
1471 return saved_current_limit;
1472 }
1473
1474 if(getrlimit(RLIMIT_NOFILE, &rlp)) {
1475 DEBUG(0,("set_maxfiles: getrlimit (2) for RLIMIT_NOFILE failed with error %s\n",
1476 strerror(errno) ));
1477 /* just guess... */
1478 return saved_current_limit;
1479 }
1480
1481 #if defined(RLIM_INFINITY)
1482 if(rlp.rlim_cur == RLIM_INFINITY)
1483 return saved_current_limit;
1484 #endif
1485
1486 if((int)rlp.rlim_cur > saved_current_limit)
1487 return saved_current_limit;
1488
1489 return rlp.rlim_cur;
1490 #else /* !defined(HAVE_GETRLIMIT) || !defined(RLIMIT_NOFILE) */
1491 /*
1492 * No way to know - just guess...
1493 */
1494 return requested_max;
1495 #endif
1496 }
1497
1498 /*****************************************************************
1499 malloc that aborts with smb_panic on fail or zero size.
1500 *****************************************************************/
1501
smb_xmalloc_array(size_t size,unsigned int count)1502 void *smb_xmalloc_array(size_t size, unsigned int count)
1503 {
1504 void *p;
1505 if (size == 0) {
1506 smb_panic("smb_xmalloc_array: called with zero size");
1507 }
1508 if (count >= MAX_ALLOC_SIZE/size) {
1509 smb_panic("smb_xmalloc_array: alloc size too large");
1510 }
1511 if ((p = SMB_MALLOC(size*count)) == NULL) {
1512 DEBUG(0, ("smb_xmalloc_array failed to allocate %lu * %lu bytes\n",
1513 (unsigned long)size, (unsigned long)count));
1514 smb_panic("smb_xmalloc_array: malloc failed");
1515 }
1516 return p;
1517 }
1518
1519 /*****************************************************************
1520 Get local hostname and cache result.
1521 *****************************************************************/
1522
myhostname(void)1523 char *myhostname(void)
1524 {
1525 static char *ret;
1526 if (ret == NULL) {
1527 ret = get_myname(NULL);
1528 }
1529 return ret;
1530 }
1531
1532 /*****************************************************************
1533 Get local hostname and cache result.
1534 *****************************************************************/
1535
myhostname_upper(void)1536 char *myhostname_upper(void)
1537 {
1538 static char *ret;
1539 if (ret == NULL) {
1540 char *name = get_myname(NULL);
1541 if (name == NULL) {
1542 return NULL;
1543 }
1544 ret = strupper_talloc(NULL, name);
1545 talloc_free(name);
1546 }
1547 return ret;
1548 }
1549
1550 /*******************************************************************
1551 Given a filename - get its directory name
1552 ********************************************************************/
1553
parent_dirname(TALLOC_CTX * mem_ctx,const char * dir,char ** parent,const char ** name)1554 bool parent_dirname(TALLOC_CTX *mem_ctx, const char *dir, char **parent,
1555 const char **name)
1556 {
1557 char *p;
1558 ptrdiff_t len;
1559
1560 p = strrchr_m(dir, '/'); /* Find final '/', if any */
1561
1562 if (p == NULL) {
1563 if (!(*parent = talloc_strdup(mem_ctx, "."))) {
1564 return False;
1565 }
1566 if (name) {
1567 *name = dir;
1568 }
1569 return True;
1570 }
1571
1572 len = p-dir;
1573
1574 if (!(*parent = (char *)talloc_memdup(mem_ctx, dir, len+1))) {
1575 return False;
1576 }
1577 (*parent)[len] = '\0';
1578
1579 if (name) {
1580 *name = p+1;
1581 }
1582 return True;
1583 }
1584
1585 /*******************************************************************
1586 Determine if a pattern contains any Microsoft wildcard characters.
1587 *******************************************************************/
1588
ms_has_wild(const char * s)1589 bool ms_has_wild(const char *s)
1590 {
1591 char c;
1592
1593 while ((c = *s++)) {
1594 switch (c) {
1595 case '*':
1596 case '?':
1597 case '<':
1598 case '>':
1599 case '"':
1600 return True;
1601 }
1602 }
1603 return False;
1604 }
1605
ms_has_wild_w(const smb_ucs2_t * s)1606 bool ms_has_wild_w(const smb_ucs2_t *s)
1607 {
1608 smb_ucs2_t c;
1609 if (!s) return False;
1610 while ((c = *s++)) {
1611 switch (c) {
1612 case UCS2_CHAR('*'):
1613 case UCS2_CHAR('?'):
1614 case UCS2_CHAR('<'):
1615 case UCS2_CHAR('>'):
1616 case UCS2_CHAR('"'):
1617 return True;
1618 }
1619 }
1620 return False;
1621 }
1622
1623 /*******************************************************************
1624 A wrapper that handles case sensitivity and the special handling
1625 of the ".." name.
1626 *******************************************************************/
1627
mask_match(const char * string,const char * pattern,bool is_case_sensitive)1628 bool mask_match(const char *string, const char *pattern, bool is_case_sensitive)
1629 {
1630 if (ISDOTDOT(string))
1631 string = ".";
1632 if (ISDOT(pattern))
1633 return False;
1634
1635 return ms_fnmatch_protocol(pattern, string, Protocol, is_case_sensitive) == 0;
1636 }
1637
1638 /*******************************************************************
1639 A wrapper that handles case sensitivity and the special handling
1640 of the ".." name. Varient that is only called by old search code which requires
1641 pattern translation.
1642 *******************************************************************/
1643
mask_match_search(const char * string,const char * pattern,bool is_case_sensitive)1644 bool mask_match_search(const char *string, const char *pattern, bool is_case_sensitive)
1645 {
1646 if (ISDOTDOT(string))
1647 string = ".";
1648 if (ISDOT(pattern))
1649 return False;
1650
1651 return ms_fnmatch(pattern, string, True, is_case_sensitive) == 0;
1652 }
1653
1654 /*******************************************************************
1655 A wrapper that handles a list of patters and calls mask_match()
1656 on each. Returns True if any of the patterns match.
1657 *******************************************************************/
1658
mask_match_list(const char * string,char ** list,int listLen,bool is_case_sensitive)1659 bool mask_match_list(const char *string, char **list, int listLen, bool is_case_sensitive)
1660 {
1661 while (listLen-- > 0) {
1662 if (mask_match(string, *list++, is_case_sensitive))
1663 return True;
1664 }
1665 return False;
1666 }
1667
1668 /**********************************************************************
1669 Converts a name to a fully qualified domain name.
1670 Returns true if lookup succeeded, false if not (then fqdn is set to name)
1671 Uses getaddrinfo() with AI_CANONNAME flag to obtain the official
1672 canonical name of the host. getaddrinfo() may use a variety of sources
1673 including /etc/hosts to obtain the domainname. It expects aliases in
1674 /etc/hosts to NOT be the FQDN. The FQDN should come first.
1675 ************************************************************************/
1676
name_to_fqdn(fstring fqdn,const char * name)1677 bool name_to_fqdn(fstring fqdn, const char *name)
1678 {
1679 char *full = NULL;
1680 struct addrinfo hints;
1681 struct addrinfo *result;
1682 int s;
1683
1684 /* Configure hints to obtain canonical name */
1685
1686 memset(&hints, 0, sizeof(struct addrinfo));
1687 hints.ai_family = AF_UNSPEC; /* Allow IPv4 or IPv6 */
1688 hints.ai_socktype = SOCK_DGRAM; /* Datagram socket */
1689 hints.ai_flags = AI_CANONNAME; /* Get host's FQDN */
1690 hints.ai_protocol = 0; /* Any protocol */
1691
1692 s = getaddrinfo(name, NULL, &hints, &result);
1693 if (s != 0) {
1694 DEBUG(1, ("getaddrinfo: %s\n", gai_strerror(s)));
1695 DEBUG(10,("name_to_fqdn: lookup for %s failed.\n", name));
1696 fstrcpy(fqdn, name);
1697 return false;
1698 }
1699 full = result->ai_canonname;
1700
1701 /* Find out if the FQDN is returned as an alias
1702 * to cope with /etc/hosts files where the first
1703 * name is not the FQDN but the short name.
1704 * getaddrinfo provides no easy way of handling aliases
1705 * in /etc/hosts. Users should make sure the FQDN
1706 * comes first in /etc/hosts. */
1707 if (full && (! strchr_m(full, '.'))) {
1708 DEBUG(1, ("WARNING: your /etc/hosts file may be broken!\n"));
1709 DEBUGADD(1, (" Full qualified domain names (FQDNs) should not be specified\n"));
1710 DEBUGADD(1, (" as an alias in /etc/hosts. FQDN should be the first name\n"));
1711 DEBUGADD(1, (" prior to any aliases.\n"));
1712 }
1713 if (full && (strcasecmp_m(full, "localhost.localdomain") == 0)) {
1714 DEBUG(1, ("WARNING: your /etc/hosts file may be broken!\n"));
1715 DEBUGADD(1, (" Specifying the machine hostname for address 127.0.0.1 may lead\n"));
1716 DEBUGADD(1, (" to Kerberos authentication problems as localhost.localdomain\n"));
1717 DEBUGADD(1, (" may end up being used instead of the real machine FQDN.\n"));
1718 }
1719
1720 DEBUG(10,("name_to_fqdn: lookup for %s -> %s.\n", name, full));
1721 fstrcpy(fqdn, full);
1722 freeaddrinfo(result); /* No longer needed */
1723 return true;
1724 }
1725
map_share_mode_to_deny_mode(uint32_t share_access,uint32_t private_options)1726 uint32_t map_share_mode_to_deny_mode(uint32_t share_access, uint32_t private_options)
1727 {
1728 switch (share_access & ~FILE_SHARE_DELETE) {
1729 case FILE_SHARE_NONE:
1730 return DENY_ALL;
1731 case FILE_SHARE_READ:
1732 return DENY_WRITE;
1733 case FILE_SHARE_WRITE:
1734 return DENY_READ;
1735 case FILE_SHARE_READ|FILE_SHARE_WRITE:
1736 return DENY_NONE;
1737 }
1738 if (private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_DOS) {
1739 return DENY_DOS;
1740 } else if (private_options & NTCREATEX_OPTIONS_PRIVATE_DENY_FCB) {
1741 return DENY_FCB;
1742 }
1743
1744 return (uint32_t)-1;
1745 }
1746
interpret_pid(const char * pid_string)1747 struct server_id interpret_pid(const char *pid_string)
1748 {
1749 return server_id_from_string(get_my_vnn(), pid_string);
1750 }
1751
1752 /****************************************************************
1753 Check if an offset into a buffer is safe.
1754 If this returns True it's safe to indirect into the byte at
1755 pointer ptr+off.
1756 ****************************************************************/
1757
is_offset_safe(const char * buf_base,size_t buf_len,char * ptr,size_t off)1758 bool is_offset_safe(const char *buf_base, size_t buf_len, char *ptr, size_t off)
1759 {
1760 const char *end_base = buf_base + buf_len;
1761 char *end_ptr = ptr + off;
1762
1763 if (!buf_base || !ptr) {
1764 return False;
1765 }
1766
1767 if (end_base < buf_base || end_ptr < ptr) {
1768 return False; /* wrap. */
1769 }
1770
1771 if (end_ptr < end_base) {
1772 return True;
1773 }
1774 return False;
1775 }
1776
1777 /****************************************************************
1778 Return a safe pointer into a buffer, or NULL.
1779 ****************************************************************/
1780
get_safe_ptr(const char * buf_base,size_t buf_len,char * ptr,size_t off)1781 char *get_safe_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off)
1782 {
1783 return is_offset_safe(buf_base, buf_len, ptr, off) ?
1784 ptr + off : NULL;
1785 }
1786
1787 /****************************************************************
1788 Return a safe pointer into a string within a buffer, or NULL.
1789 ****************************************************************/
1790
get_safe_str_ptr(const char * buf_base,size_t buf_len,char * ptr,size_t off)1791 char *get_safe_str_ptr(const char *buf_base, size_t buf_len, char *ptr, size_t off)
1792 {
1793 if (!is_offset_safe(buf_base, buf_len, ptr, off)) {
1794 return NULL;
1795 }
1796 /* Check if a valid string exists at this offset. */
1797 if (skip_string(buf_base,buf_len, ptr + off) == NULL) {
1798 return NULL;
1799 }
1800 return ptr + off;
1801 }
1802
1803 /****************************************************************
1804 Return an SVAL at a pointer, or failval if beyond the end.
1805 ****************************************************************/
1806
get_safe_SVAL(const char * buf_base,size_t buf_len,char * ptr,size_t off,int failval)1807 int get_safe_SVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval)
1808 {
1809 /*
1810 * Note we use off+1 here, not off+2 as SVAL accesses ptr[0] and ptr[1],
1811 * NOT ptr[2].
1812 */
1813 if (!is_offset_safe(buf_base, buf_len, ptr, off+1)) {
1814 return failval;
1815 }
1816 return SVAL(ptr,off);
1817 }
1818
1819 /****************************************************************
1820 Return an IVAL at a pointer, or failval if beyond the end.
1821 ****************************************************************/
1822
get_safe_IVAL(const char * buf_base,size_t buf_len,char * ptr,size_t off,int failval)1823 int get_safe_IVAL(const char *buf_base, size_t buf_len, char *ptr, size_t off, int failval)
1824 {
1825 /*
1826 * Note we use off+3 here, not off+4 as IVAL accesses
1827 * ptr[0] ptr[1] ptr[2] ptr[3] NOT ptr[4].
1828 */
1829 if (!is_offset_safe(buf_base, buf_len, ptr, off+3)) {
1830 return failval;
1831 }
1832 return IVAL(ptr,off);
1833 }
1834
1835 /****************************************************************
1836 Split DOM\user into DOM and user. Do not mix with winbind variants of that
1837 call (they take care of winbind separator and other winbind specific settings).
1838 ****************************************************************/
1839
split_domain_user(TALLOC_CTX * mem_ctx,const char * full_name,char ** domain,char ** user)1840 bool split_domain_user(TALLOC_CTX *mem_ctx,
1841 const char *full_name,
1842 char **domain,
1843 char **user)
1844 {
1845 const char *p = NULL;
1846
1847 p = strchr_m(full_name, '\\');
1848
1849 if (p != NULL) {
1850 *domain = talloc_strndup(mem_ctx, full_name,
1851 PTR_DIFF(p, full_name));
1852 if (*domain == NULL) {
1853 return false;
1854 }
1855 *user = talloc_strdup(mem_ctx, p+1);
1856 if (*user == NULL) {
1857 TALLOC_FREE(*domain);
1858 return false;
1859 }
1860 } else {
1861 *domain = NULL;
1862 *user = talloc_strdup(mem_ctx, full_name);
1863 if (*user == NULL) {
1864 return false;
1865 }
1866 }
1867
1868 return true;
1869 }
1870
1871 /****************************************************************
1872 strip off leading '\\' from a hostname
1873 ****************************************************************/
1874
strip_hostname(const char * s)1875 const char *strip_hostname(const char *s)
1876 {
1877 if (!s) {
1878 return NULL;
1879 }
1880
1881 if (strlen_m(s) < 3) {
1882 return s;
1883 }
1884
1885 if (s[0] == '\\') s++;
1886 if (s[0] == '\\') s++;
1887
1888 return s;
1889 }
1890
any_nt_status_not_ok(NTSTATUS err1,NTSTATUS err2,NTSTATUS * result)1891 bool any_nt_status_not_ok(NTSTATUS err1, NTSTATUS err2, NTSTATUS *result)
1892 {
1893 if (!NT_STATUS_IS_OK(err1)) {
1894 *result = err1;
1895 return true;
1896 }
1897 if (!NT_STATUS_IS_OK(err2)) {
1898 *result = err2;
1899 return true;
1900 }
1901 return false;
1902 }
1903
timeval_to_msec(struct timeval t)1904 int timeval_to_msec(struct timeval t)
1905 {
1906 unsigned long result;
1907
1908 result = t.tv_sec * 1000 + (t.tv_usec+999) / 1000;
1909 return result > INT_MAX ? INT_MAX : result;
1910 }
1911
1912 /*******************************************************************
1913 Check a given DOS pathname is valid for a share.
1914 ********************************************************************/
1915
valid_share_pathname(TALLOC_CTX * ctx,const char * dos_pathname)1916 char *valid_share_pathname(TALLOC_CTX *ctx, const char *dos_pathname)
1917 {
1918 char *ptr = NULL;
1919
1920 if (!dos_pathname) {
1921 return NULL;
1922 }
1923
1924 ptr = talloc_strdup(ctx, dos_pathname);
1925 if (!ptr) {
1926 return NULL;
1927 }
1928 /* Convert any '\' paths to '/' */
1929 unix_format(ptr);
1930 ptr = unix_clean_name(ctx, ptr);
1931 if (!ptr) {
1932 return NULL;
1933 }
1934
1935 /* NT is braindead - it wants a C: prefix to a pathname ! So strip it. */
1936 if (strlen(ptr) > 2 && ptr[1] == ':' && ptr[0] != '/')
1937 ptr += 2;
1938
1939 /* Only absolute paths allowed. */
1940 if (*ptr != '/')
1941 return NULL;
1942
1943 return ptr;
1944 }
1945
1946 /*******************************************************************
1947 Return True if the filename is one of the special executable types.
1948 ********************************************************************/
1949
is_executable(const char * fname)1950 bool is_executable(const char *fname)
1951 {
1952 if ((fname = strrchr_m(fname,'.'))) {
1953 if (strequal(fname,".com") ||
1954 strequal(fname,".dll") ||
1955 strequal(fname,".exe") ||
1956 strequal(fname,".sym")) {
1957 return True;
1958 }
1959 }
1960 return False;
1961 }
1962
1963 /****************************************************************************
1964 Open a file with a share mode - old openX method - map into NTCreate.
1965 ****************************************************************************/
1966
map_open_params_to_ntcreate(const char * smb_base_fname,int deny_mode,int open_func,uint32_t * paccess_mask,uint32_t * pshare_mode,uint32_t * pcreate_disposition,uint32_t * pcreate_options,uint32_t * pprivate_flags)1967 bool map_open_params_to_ntcreate(const char *smb_base_fname,
1968 int deny_mode, int open_func,
1969 uint32_t *paccess_mask,
1970 uint32_t *pshare_mode,
1971 uint32_t *pcreate_disposition,
1972 uint32_t *pcreate_options,
1973 uint32_t *pprivate_flags)
1974 {
1975 uint32_t access_mask;
1976 uint32_t share_mode;
1977 uint32_t create_disposition;
1978 uint32_t create_options = FILE_NON_DIRECTORY_FILE;
1979 uint32_t private_flags = 0;
1980
1981 DEBUG(10,("map_open_params_to_ntcreate: fname = %s, deny_mode = 0x%x, "
1982 "open_func = 0x%x\n",
1983 smb_base_fname, (unsigned int)deny_mode,
1984 (unsigned int)open_func ));
1985
1986 /* Create the NT compatible access_mask. */
1987 switch (GET_OPENX_MODE(deny_mode)) {
1988 case DOS_OPEN_EXEC: /* Implies read-only - used to be FILE_READ_DATA */
1989 case DOS_OPEN_RDONLY:
1990 access_mask = FILE_GENERIC_READ;
1991 break;
1992 case DOS_OPEN_WRONLY:
1993 access_mask = FILE_GENERIC_WRITE;
1994 break;
1995 case DOS_OPEN_RDWR:
1996 case DOS_OPEN_FCB:
1997 access_mask = FILE_GENERIC_READ|FILE_GENERIC_WRITE;
1998 break;
1999 default:
2000 DEBUG(10,("map_open_params_to_ntcreate: bad open mode = 0x%x\n",
2001 (unsigned int)GET_OPENX_MODE(deny_mode)));
2002 return False;
2003 }
2004
2005 /* Create the NT compatible create_disposition. */
2006 switch (open_func) {
2007 case OPENX_FILE_EXISTS_FAIL|OPENX_FILE_CREATE_IF_NOT_EXIST:
2008 create_disposition = FILE_CREATE;
2009 break;
2010
2011 case OPENX_FILE_EXISTS_OPEN:
2012 create_disposition = FILE_OPEN;
2013 break;
2014
2015 case OPENX_FILE_EXISTS_OPEN|OPENX_FILE_CREATE_IF_NOT_EXIST:
2016 create_disposition = FILE_OPEN_IF;
2017 break;
2018
2019 case OPENX_FILE_EXISTS_TRUNCATE:
2020 create_disposition = FILE_OVERWRITE;
2021 break;
2022
2023 case OPENX_FILE_EXISTS_TRUNCATE|OPENX_FILE_CREATE_IF_NOT_EXIST:
2024 create_disposition = FILE_OVERWRITE_IF;
2025 break;
2026
2027 default:
2028 /* From samba4 - to be confirmed. */
2029 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_EXEC) {
2030 create_disposition = FILE_CREATE;
2031 break;
2032 }
2033 DEBUG(10,("map_open_params_to_ntcreate: bad "
2034 "open_func 0x%x\n", (unsigned int)open_func));
2035 return False;
2036 }
2037
2038 /* Create the NT compatible share modes. */
2039 switch (GET_DENY_MODE(deny_mode)) {
2040 case DENY_ALL:
2041 share_mode = FILE_SHARE_NONE;
2042 break;
2043
2044 case DENY_WRITE:
2045 share_mode = FILE_SHARE_READ;
2046 break;
2047
2048 case DENY_READ:
2049 share_mode = FILE_SHARE_WRITE;
2050 break;
2051
2052 case DENY_NONE:
2053 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2054 break;
2055
2056 case DENY_DOS:
2057 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_DOS;
2058 if (is_executable(smb_base_fname)) {
2059 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2060 } else {
2061 if (GET_OPENX_MODE(deny_mode) == DOS_OPEN_RDONLY) {
2062 share_mode = FILE_SHARE_READ;
2063 } else {
2064 share_mode = FILE_SHARE_NONE;
2065 }
2066 }
2067 break;
2068
2069 case DENY_FCB:
2070 private_flags |= NTCREATEX_OPTIONS_PRIVATE_DENY_FCB;
2071 share_mode = FILE_SHARE_NONE;
2072 break;
2073
2074 default:
2075 DEBUG(10,("map_open_params_to_ntcreate: bad deny_mode 0x%x\n",
2076 (unsigned int)GET_DENY_MODE(deny_mode) ));
2077 return False;
2078 }
2079
2080 DEBUG(10,("map_open_params_to_ntcreate: file %s, access_mask = 0x%x, "
2081 "share_mode = 0x%x, create_disposition = 0x%x, "
2082 "create_options = 0x%x private_flags = 0x%x\n",
2083 smb_base_fname,
2084 (unsigned int)access_mask,
2085 (unsigned int)share_mode,
2086 (unsigned int)create_disposition,
2087 (unsigned int)create_options,
2088 (unsigned int)private_flags));
2089
2090 if (paccess_mask) {
2091 *paccess_mask = access_mask;
2092 }
2093 if (pshare_mode) {
2094 *pshare_mode = share_mode;
2095 }
2096 if (pcreate_disposition) {
2097 *pcreate_disposition = create_disposition;
2098 }
2099 if (pcreate_options) {
2100 *pcreate_options = create_options;
2101 }
2102 if (pprivate_flags) {
2103 *pprivate_flags = private_flags;
2104 }
2105
2106 return True;
2107
2108 }
2109
2110 /*************************************************************************
2111 Return a talloced copy of a struct security_unix_token. NULL on fail.
2112 *************************************************************************/
2113
copy_unix_token(TALLOC_CTX * ctx,const struct security_unix_token * tok)2114 struct security_unix_token *copy_unix_token(TALLOC_CTX *ctx, const struct security_unix_token *tok)
2115 {
2116 struct security_unix_token *cpy;
2117
2118 cpy = talloc(ctx, struct security_unix_token);
2119 if (!cpy) {
2120 return NULL;
2121 }
2122
2123 cpy->uid = tok->uid;
2124 cpy->gid = tok->gid;
2125 cpy->ngroups = tok->ngroups;
2126 if (tok->ngroups) {
2127 /* Make this a talloc child of cpy. */
2128 cpy->groups = (gid_t *)talloc_memdup(
2129 cpy, tok->groups, tok->ngroups * sizeof(gid_t));
2130 if (!cpy->groups) {
2131 TALLOC_FREE(cpy);
2132 return NULL;
2133 }
2134 } else {
2135 cpy->groups = NULL;
2136 }
2137 return cpy;
2138 }
2139
2140 /****************************************************************************
2141 Return a root token
2142 ****************************************************************************/
2143
root_unix_token(TALLOC_CTX * mem_ctx)2144 struct security_unix_token *root_unix_token(TALLOC_CTX *mem_ctx)
2145 {
2146 struct security_unix_token *t = NULL;
2147
2148 t = talloc_zero(mem_ctx, struct security_unix_token);
2149 if (t == NULL) {
2150 return NULL;
2151 }
2152
2153 /*
2154 * This is not needed, but lets make it explicit, not implicit.
2155 */
2156 *t = (struct security_unix_token) {
2157 .uid = 0,
2158 .gid = 0,
2159 .ngroups = 0,
2160 .groups = NULL
2161 };
2162
2163 return t;
2164 }
2165
utok_string(TALLOC_CTX * mem_ctx,const struct security_unix_token * tok)2166 char *utok_string(TALLOC_CTX *mem_ctx, const struct security_unix_token *tok)
2167 {
2168 char *str;
2169 uint32_t i;
2170
2171 str = talloc_asprintf(
2172 mem_ctx,
2173 "uid=%ju, gid=%ju, %"PRIu32" groups:",
2174 (uintmax_t)(tok->uid),
2175 (uintmax_t)(tok->gid),
2176 tok->ngroups);
2177 if (str == NULL) {
2178 return NULL;
2179 }
2180
2181 for (i=0; i<tok->ngroups; i++) {
2182 char *tmp;
2183 tmp = talloc_asprintf_append_buffer(
2184 str, " %ju", (uintmax_t)tok->groups[i]);
2185 if (tmp == NULL) {
2186 TALLOC_FREE(str);
2187 return NULL;
2188 }
2189 str = tmp;
2190 }
2191
2192 return str;
2193 }
2194
2195 /****************************************************************************
2196 Check that a file matches a particular file type.
2197 ****************************************************************************/
2198
dir_check_ftype(uint32_t mode,uint32_t dirtype)2199 bool dir_check_ftype(uint32_t mode, uint32_t dirtype)
2200 {
2201 uint32_t mask;
2202
2203 /* Check the "may have" search bits. */
2204 if (((mode & ~dirtype) &
2205 (FILE_ATTRIBUTE_HIDDEN |
2206 FILE_ATTRIBUTE_SYSTEM |
2207 FILE_ATTRIBUTE_DIRECTORY)) != 0) {
2208 return false;
2209 }
2210
2211 /* Check the "must have" bits,
2212 which are the may have bits shifted eight */
2213 /* If must have bit is set, the file/dir can
2214 not be returned in search unless the matching
2215 file attribute is set */
2216 mask = ((dirtype >> 8) & (FILE_ATTRIBUTE_DIRECTORY|
2217 FILE_ATTRIBUTE_ARCHIVE|
2218 FILE_ATTRIBUTE_READONLY|
2219 FILE_ATTRIBUTE_HIDDEN|
2220 FILE_ATTRIBUTE_SYSTEM)); /* & 0x37 */
2221 if(mask) {
2222 if((mask & (mode & (FILE_ATTRIBUTE_DIRECTORY|
2223 FILE_ATTRIBUTE_ARCHIVE|
2224 FILE_ATTRIBUTE_READONLY|
2225 FILE_ATTRIBUTE_HIDDEN|
2226 FILE_ATTRIBUTE_SYSTEM))) == mask) {
2227 /* check if matching attribute present */
2228 return true;
2229 } else {
2230 return false;
2231 }
2232 }
2233
2234 return true;
2235 }
2236