ading new files from 3.0

(This used to be commit 99feae7b5b1c229a925367b87c0c0f636d9a2d75)

2 files changed, 396 insertions, 0 deletions

diff --git a/source3/libsmb/conncache.c b/source3/libsmb/conncache.c
new file mode 100644
index 0000000000..e6604617d6
--- /dev/null
+++ b/source3/libsmb/conncache.c
@@ -0,0 +1,158 @@
+/* 
+   Unix SMB/CIFS implementation.
+
+   Winbind daemon connection manager
+
+   Copyright (C) Tim Potter 		2001
+   Copyright (C) Andrew Bartlett 	2002
+   Copyright (C) Gerald (Jerry) Carter 	2003
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.	 See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+
+#include "includes.h"
+
+#define FAILED_CONNECTION_CACHE_TIMEOUT 30 /* Seconds between attempts */
+
+#define CONNCACHE_ADDR		1
+#define CONNCACHE_NAME		2
+
+/* cache entry contains either a server name **or** and IP address as 
+   the key.  This means that a server could have two entries (one for each key) */
+   
+struct failed_connection_cache {
+	fstring 	domain_name;
+	fstring 	controller;
+	time_t 		lookup_time;
+	NTSTATUS 	nt_status;
+	struct failed_connection_cache *prev, *next;
+};
+
+static struct failed_connection_cache *failed_connection_cache;
+
+/**********************************************************************
+ Check for a previously failed connection
+**********************************************************************/
+
+NTSTATUS check_negative_conn_cache( const char *domain, const char *server )
+{
+	struct failed_connection_cache *fcc;
+	NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
+	
+	/* can't check if we don't have strings */
+	
+	if ( !domain || !server )
+		return NT_STATUS_OK;
+
+	for (fcc = failed_connection_cache; fcc; fcc = fcc->next) {
+	
+		if ( !(strequal(domain, fcc->domain_name) && strequal(server, fcc->controller)) )
+			continue; /* no match; check the next entry */
+		
+		/* we have a match so see if it is still current */
+
+		if ((time(NULL) - fcc->lookup_time) > FAILED_CONNECTION_CACHE_TIMEOUT) 
+		{
+			/* Cache entry has expired, delete it */
+
+			DEBUG(10, ("check_negative_conn_cache: cache entry expired for %s, %s\n", 
+				domain, server ));
+
+			DLIST_REMOVE(failed_connection_cache, fcc);
+			SAFE_FREE(fcc);
+
+			return NT_STATUS_OK;
+		}
+
+		/* The timeout hasn't expired yet so return false */
+
+		DEBUG(10, ("check_negative_conn_cache: returning negative entry for %s, %s\n", 
+			domain, server ));
+
+		result = fcc->nt_status;
+		return result;
+	}
+
+	/* end of function means no cache entry */	
+	return NT_STATUS_OK;
+}
+
+/**********************************************************************
+ Add an entry to the failed conneciton cache (aither a name of dotted 
+ decimal IP
+**********************************************************************/
+
+void add_failed_connection_entry(const char *domain, const char *server, NTSTATUS result) 
+{
+	struct failed_connection_cache *fcc;
+
+	SMB_ASSERT(!NT_STATUS_IS_OK(result));
+
+	/* Check we already aren't in the cache.  We always have to have 
+	   a domain, but maybe not a specific DC name. */
+
+	for (fcc = failed_connection_cache; fcc; fcc = fcc->next) {			
+		if ( strequal(fcc->domain_name, domain) && strequal(fcc->controller, server) ) 
+		{
+			DEBUG(10, ("add_failed_connection_entry: domain %s (%s) already tried and failed\n",
+				   domain, server ));
+			return;
+		}
+	}
+
+	/* Create negative lookup cache entry for this domain and controller */
+
+	if ( !(fcc = (struct failed_connection_cache *)malloc(sizeof(struct failed_connection_cache))) ) 
+	{
+		DEBUG(0, ("malloc failed in add_failed_connection_entry!\n"));
+		return;
+	}
+	
+	ZERO_STRUCTP(fcc);
+	
+	fstrcpy( fcc->domain_name, domain );
+	fstrcpy( fcc->controller, server );
+	fcc->lookup_time = time(NULL);
+	fcc->nt_status = result;
+	
+	DEBUG(10,("add_failed_connection_entry: added domain %s (%s) to failed conn cache\n",
+		domain, server ));
+	
+	DLIST_ADD(failed_connection_cache, fcc);
+}
+
+/****************************************************************************
+****************************************************************************/
+ 
+void flush_negative_conn_cache( void )
+{
+	struct failed_connection_cache *fcc;
+	
+	fcc = failed_connection_cache;
+
+	while (fcc) {
+		struct failed_connection_cache *fcc_next;
+
+		fcc_next = fcc->next;
+		DLIST_REMOVE(failed_connection_cache, fcc);
+		free(fcc);
+
+		fcc = fcc_next;
+	}
+
+}
+
+
diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c
new file mode 100644
index 0000000000..72c10007bf
--- /dev/null
+++ b/source3/libsmb/samlogon_cache.c
@@ -0,0 +1,238 @@
+/* 
+   Unix SMB/CIFS implementation.
+   Net_sam_logon info3 helpers
+   Copyright (C) Alexander Bokovoy              2002.
+   Copyright (C) Andrew Bartlett                2002.
+   Copyright (C) Gerald Carter			2003.
+   Copyright (C) Tim Potter			2003.
+   
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+   
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+   
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+*/
+
+#include "includes.h"
+
+#define NETSAMLOGON_TDB	"netsamlogon_cache.tdb"
+
+static TDB_CONTEXT *netsamlogon_tdb = NULL;
+
+/***********************************************************************
+ open the tdb
+ ***********************************************************************/
+ 
+BOOL netsamlogon_cache_init(void)
+{
+	if (!netsamlogon_tdb) {
+		netsamlogon_tdb = tdb_open_log(lock_path(NETSAMLOGON_TDB), 0,
+						   TDB_DEFAULT, O_RDWR | O_CREAT, 0600);
+	}
+
+	return (netsamlogon_tdb != NULL);
+}
+
+
+/***********************************************************************
+ Shutdown samlogon_cache database
+***********************************************************************/
+
+BOOL netsamlogon_cache_shutdown(void)
+{
+	if(netsamlogon_tdb)
+		return (tdb_close(netsamlogon_tdb) == 0);
+		
+	return True;
+}
+
+/***********************************************************************
+ Clear cache getpwnam and getgroups entries from the winbindd cache
+***********************************************************************/
+void netsamlogon_clear_cached_user(TDB_CONTEXT *tdb, NET_USER_INFO_3 *user)
+{
+	fstring domain;
+	TDB_DATA key;
+	BOOL got_tdb = False;
+
+	/* We may need to call this function from smbd which will not have
+           winbindd_cache.tdb open.  Open the tdb if a NULL is passed. */
+
+	if (!tdb) {
+		tdb = tdb_open_log(lock_path("winbindd_cache.tdb"), 5000,
+				   TDB_DEFAULT, O_RDWR, 0600);
+		if (!tdb) {
+			DEBUG(5, ("netsamlogon_clear_cached_user: failed to open cache\n"));
+			return;
+		}
+		got_tdb = True;
+	}
+
+	unistr2_to_ascii(domain, &user->uni_logon_dom, sizeof(domain) - 1);
+
+	/* Clear U/DOMAIN/RID cache entry */
+
+	asprintf(&key.dptr, "U/%s/%d", domain, user->user_rid);
+	key.dsize = strlen(key.dptr) - 1; /* keys are not NULL terminated */
+
+	DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key.dptr));
+
+	tdb_delete(tdb, key);
+
+	SAFE_FREE(key.dptr);
+
+	/* Clear UG/DOMAIN/RID cache entry */
+
+	asprintf(&key.dptr, "UG/%s/%d", domain, user->user_rid);
+	key.dsize = strlen(key.dptr) - 1; /* keys are not NULL terminated */
+
+	DEBUG(10, ("netsamlogon_clear_cached_user: clearing %s\n", key.dptr));
+
+	tdb_delete(tdb, key);
+
+	SAFE_FREE(key.dptr);
+
+	if (got_tdb)
+		tdb_close(tdb);
+}
+
+/***********************************************************************
+ Store a NET_USER_INFO_3 structure in a tdb for later user 
+***********************************************************************/
+
+BOOL netsamlogon_cache_store(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
+{
+	TDB_DATA 	data;
+        fstring 	keystr;
+	prs_struct 	ps;
+	BOOL 		result = False;
+	DOM_SID		user_sid;
+	time_t		t = time(NULL);
+	
+
+	if (!netsamlogon_cache_init()) {
+		DEBUG(0,("netsamlogon_cache_store: cannot open %s for write!\n", NETSAMLOGON_TDB));
+		return False;
+	}
+
+	sid_copy( &user_sid, &user->dom_sid.sid );
+	sid_append_rid( &user_sid, user->user_rid );
+
+	/* Prepare key as DOMAIN-SID/USER-RID string */
+	slprintf(keystr, sizeof(keystr), "%s", sid_string_static(&user_sid));
+
+	DEBUG(10,("netsamlogon_cache_store: SID [%s]\n", keystr));
+		
+	/* Prepare data */
+	
+	prs_init( &ps,MAX_PDU_FRAG_LEN , mem_ctx, MARSHALL);
+	
+	if ( !prs_uint32( "timestamp", &ps, 0, (uint32*)&t ) )
+		return False;
+	
+	if ( net_io_user_info3("", user, &ps, 0, 3) ) 
+	{
+		data.dsize = prs_offset( &ps );
+		data.dptr = prs_data_p( &ps );
+
+		if (tdb_store_bystring(netsamlogon_tdb, keystr, data, TDB_REPLACE) != -1)
+			result = True;
+		
+		prs_mem_free( &ps );
+	}
+		
+	return result;
+}
+
+/***********************************************************************
+ Retrieves a NET_USER_INFO_3 structure from a tdb.  Caller must 
+ free the user_info struct (malloc()'d memory)
+***********************************************************************/
+
+NET_USER_INFO_3* netsamlogon_cache_get( TALLOC_CTX *mem_ctx, DOM_SID *user_sid)
+{
+	NET_USER_INFO_3	*user = NULL;
+	TDB_DATA 	data, key;
+	prs_struct	ps;
+        fstring 	keystr;
+	uint32		t;
+	
+	if (!netsamlogon_cache_init()) {
+		DEBUG(0,("netsamlogon_cache_store: cannot open %s for write!\n", NETSAMLOGON_TDB));
+		return False;
+	}
+
+	/* Prepare key as DOMAIN-SID/USER-RID string */
+	slprintf(keystr, sizeof(keystr), "%s", sid_string_static(user_sid));
+	DEBUG(10,("netsamlogon_cache_get: SID [%s]\n", keystr));
+	key.dptr = keystr;
+	key.dsize = strlen(keystr)+1;
+	data = tdb_fetch( netsamlogon_tdb, key );
+	
+	if ( data.dptr ) {
+		
+		if ( (user = (NET_USER_INFO_3*)malloc(sizeof(NET_USER_INFO_3))) == NULL )
+			return NULL;
+			
+		prs_init( &ps, 0, mem_ctx, UNMARSHALL );
+		prs_give_memory( &ps, data.dptr, data.dsize, True );
+		
+		if ( !prs_uint32( "timestamp", &ps, 0, &t ) ) {
+			prs_mem_free( &ps );
+			return False;
+		}
+		
+		if ( !net_io_user_info3("", user, &ps, 0, 3) ) {
+			SAFE_FREE( user );
+		}
+			
+		prs_mem_free( &ps );
+
+#if 0	/* The netsamlogon cache needs to hang around.  Something about 
+	   this feels wrong, but it is the only way we can get all of the
+	   groups.  The old universal groups cache didn't expire either.
+	   --jerry */
+	{
+		time_t		now = time(NULL);
+		uint32		time_diff;
+	   
+		/* is the entry expired? */
+		time_diff = now - t;
+		
+		if ( (time_diff < 0 ) || (time_diff > lp_winbind_cache_time()) ) {
+			DEBUG(10,("netsamlogon_cache_get: cache entry expired \n"));
+			tdb_delete( netsamlogon_tdb, key );
+			SAFE_FREE( user );
+		}
+#endif
+	}
+	
+	return user;
+}
+
+BOOL netsamlogon_cache_have(DOM_SID *user_sid)
+{
+	TALLOC_CTX *mem_ctx = talloc_init("netsamlogon_cache_have");
+	NET_USER_INFO_3 *user = NULL;
+	BOOL result;
+
+	if (!mem_ctx)
+		return False;
+
+	user = netsamlogon_cache_get(mem_ctx, user_sid);
+
+	result = (user != NULL);
+
+	talloc_destroy(mem_ctx);
+	SAFE_FREE(user);
+
+	return result;
+}