From e955763315700af82b23bbfd2777cbecad47f7e7 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 21 Nov 2002 00:10:28 +0000 Subject: merge get_friendly_nt_err_msg() from app_head (This used to be commit 3ea73f158ebfca0561d7928e5d6c0939c0734585) --- source3/libsmb/nterr.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) (limited to 'source3/libsmb') diff --git a/source3/libsmb/nterr.c b/source3/libsmb/nterr.c index 02fd53fc05..73d77b728a 100644 --- a/source3/libsmb/nterr.c +++ b/source3/libsmb/nterr.c @@ -539,6 +539,35 @@ static nt_err_code_struct nt_errs[] = { NULL, NT_STATUS(0) } }; +nt_err_code_struct nt_err_desc[] = +{ + { "Success", NT_STATUS_OK }, + { "Undetermined error", NT_STATUS_UNSUCCESSFUL }, + { "Access denied", NT_STATUS_ACCESS_DENIED }, + { "Account locked out", NT_STATUS_ACCOUNT_LOCKED_OUT }, + { "Password is too short", NT_STATUS_PWD_TOO_SHORT }, + { "Password is too recent", NT_STATUS_PWD_TOO_RECENT }, + { "Password history conflict", NT_STATUS_PWD_HISTORY_CONFLICT }, + { "No logon servers", NT_STATUS_NO_LOGON_SERVERS }, + { "Invalid account name", NT_STATUS_INVALID_ACCOUNT_NAME }, + { "User exists", NT_STATUS_USER_EXISTS }, + { "No such user", NT_STATUS_NO_SUCH_USER }, + { "Group exists", NT_STATUS_GROUP_EXISTS }, + { "No such group", NT_STATUS_NO_SUCH_GROUP }, + { "Member not in group", NT_STATUS_MEMBER_NOT_IN_GROUP }, + { "Wrong Password", NT_STATUS_WRONG_PASSWORD }, + { "Ill formed password", NT_STATUS_ILL_FORMED_PASSWORD }, + { "Password restriction", NT_STATUS_PASSWORD_RESTRICTION }, + { "Logon failure", NT_STATUS_LOGON_FAILURE }, + { "Account restruction", NT_STATUS_ACCOUNT_RESTRICTION }, + { "Invalid logon hours", NT_STATUS_INVALID_LOGON_HOURS }, + { "Invalid workstation", NT_STATUS_INVALID_WORKSTATION }, + { "Password expired", NT_STATUS_PASSWORD_EXPIRED }, + { "Account Disabled", NT_STATUS_ACCOUNT_DISABLED }, + { NULL, NT_STATUS(0) } +}; + + /***************************************************************************** returns an NT error message. not amazingly helpful, but better than a number. *****************************************************************************/ @@ -560,6 +589,27 @@ char *nt_errstr(NTSTATUS nt_code) return msg; } +/************************************************************************ + Print friendler version fo NT error code + ***********************************************************************/ + +char *get_friendly_nt_error_msg(NTSTATUS nt_code) +{ + int idx = 0; + + while (nt_err_desc[idx].nt_errstr != NULL) { + if (NT_STATUS_V(nt_errs[idx].nt_errcode) == NT_STATUS_V(nt_code)) + { + return nt_errs[idx].nt_errstr; + } + idx++; + } + + /* fall back to NT_STATUS_XXX string */ + + return get_nt_error_msg(nt_code); +} + /***************************************************************************** returns an NT_STATUS constant as a string for inclusion in autogen C code *****************************************************************************/ -- cgit From 3e1846d0deeb49589aa69ca5af58d80a31d486a2 Mon Sep 17 00:00:00 2001 From: Jim McDonough Date: Thu, 21 Nov 2002 00:58:50 +0000 Subject: get_nt_error_msg from APPLIANCE_HEAD is called nt_errstr in HEAD. This should fix the build. (This used to be commit 929874d2744509bba743d99b9c707e7626845fa0) --- source3/libsmb/nterr.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/nterr.c b/source3/libsmb/nterr.c index 73d77b728a..89ad58b26f 100644 --- a/source3/libsmb/nterr.c +++ b/source3/libsmb/nterr.c @@ -607,7 +607,7 @@ char *get_friendly_nt_error_msg(NTSTATUS nt_code) /* fall back to NT_STATUS_XXX string */ - return get_nt_error_msg(nt_code); + return nt_errstr(nt_code); } /***************************************************************************** -- cgit From f023d6129b7bf0d972f2bb9ecc025d316e55c8ae Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Sat, 23 Nov 2002 02:52:38 +0000 Subject: Lots of fixes for error paths where tdb_fetch() data need freeing. Found via a post from Arcady Chernyak . Jeremy. (This used to be commit 19f86f1f72aca924e9e320e20a175b5d21de45ad) --- source3/libsmb/namecache.c | 2 ++ source3/libsmb/netlogon_unigrp.c | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/namecache.c b/source3/libsmb/namecache.c index 2252e8e59c..ce4cbc048c 100644 --- a/source3/libsmb/namecache.c +++ b/source3/libsmb/namecache.c @@ -196,6 +196,7 @@ BOOL namecache_fetch(const char *name, int name_type, struct in_addr **ip_list, tdb_delete(namecache_tdb, key); + SAFE_FREE(value.dptr); value = tdb_null; goto done; @@ -210,6 +211,7 @@ BOOL namecache_fetch(const char *name, int name_type, struct in_addr **ip_list, tdb_delete(namecache_tdb, key); + SAFE_FREE(value.dptr); value = tdb_null; goto done; diff --git a/source3/libsmb/netlogon_unigrp.c b/source3/libsmb/netlogon_unigrp.c index 979ff52bd3..ea9e790b7d 100644 --- a/source3/libsmb/netlogon_unigrp.c +++ b/source3/libsmb/netlogon_unigrp.c @@ -129,7 +129,8 @@ uint32* uni_group_cache_fetch(DOM_SID *domain, uint32 user_rid, /* There is no cached universal groups in netlogon_unigrp.tdb */ /* for this user. */ - if (!data.dptr) return NULL; + if (!data.dptr) + return NULL; /* Transfer data to receiver's memory context */ group_count = IVAL(&((uint32*)data.dptr)[0],0); -- cgit From 191dff2d279dd8315f093e313d8c149e786eb19f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Sat, 23 Nov 2002 14:27:56 +0000 Subject: [merge from APP_HEAD] 90% fix for CR 1076. The password server parameter will no take things like password server = DC1 * which means to contact DC1 first and the go to auto lookup if it fails. jerry (This used to be commit c31a17889e3e4daf7c1e807038efc2c0fba78be3) --- source3/libsmb/namequery.c | 126 +++++++++++++++++++++++++++++++++++++-------- 1 file changed, 104 insertions(+), 22 deletions(-) (limited to 'source3/libsmb') diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 5c3d942b90..6190c872ee 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -1235,19 +1235,24 @@ BOOL get_pdc_ip(const char *domain, struct in_addr *ip) a domain. *********************************************************/ -BOOL get_dc_list(const char *domain, struct in_addr **ip_list, int *count) +BOOL get_dc_list(const char *domain, struct in_addr **ip_list, int *count, int *ordered) { - /* - * If it's our domain then - * use the 'password server' parameter. - */ + + *ordered = False; + + /* If it's our domain then use the 'password server' parameter. */ if (strequal(domain, lp_workgroup())) { - const char *p; - char *pserver = lp_passwordserver(); + char *p; + char *pserver = lp_passwordserver(); /* UNIX charset. */ fstring name; - int num_adresses = 0; + int num_addresses = 0; + int local_count, i, j; struct in_addr *return_iplist = NULL; + struct in_addr *auto_ip_list = NULL; + BOOL done_auto_lookup = False; + int auto_count = 0; + if (!*pserver) return internal_resolve_name( @@ -1255,19 +1260,31 @@ BOOL get_dc_list(const char *domain, struct in_addr **ip_list, int *count) p = pserver; + /* + * if '*' appears in the "password server" list then add + * an auto lookup to the list of manually configured + * DC's. If any DC is listed by name, then the list should be + * considered to be ordered + */ + while (next_token(&p,name,LIST_SEP,sizeof(name))) { - if (strequal(name, "*")) - return internal_resolve_name( - domain, 0x1C, ip_list, count); - num_adresses++; + if (strequal(name, "*")) { + if ( internal_resolve_name(domain, 0x1C, &auto_ip_list, &auto_count) ) + num_addresses += auto_count; + done_auto_lookup = True; + DEBUG(8,("Adding %d DC's from auto lookup\n", auto_count)); + } + else + num_addresses++; } - if (num_adresses == 0) - return internal_resolve_name( - domain, 0x1C, ip_list, count); + /* if we have no addresses and haven't done the auto lookup, then + just return the list of DC's */ + + if ( (num_addresses == 0) && !done_auto_lookup ) + return internal_resolve_name(domain, 0x1C, ip_list, count); - return_iplist = (struct in_addr *)malloc( - num_adresses * sizeof(struct in_addr)); + return_iplist = (struct in_addr *)malloc(num_addresses * sizeof(struct in_addr)); if (return_iplist == NULL) { DEBUG(3,("get_dc_list: malloc fail !\n")); @@ -1275,19 +1292,84 @@ BOOL get_dc_list(const char *domain, struct in_addr **ip_list, int *count) } p = pserver; - *count = 0; + local_count = 0; - while (next_token(&p,name,LIST_SEP,sizeof(name))) { + /* fill in the return list now with real IP's */ + + while ( (local_count Date: Tue, 26 Nov 2002 11:57:30 +0000 Subject: Having waited for *way* too long, this is mimir's namecache and trusted domain cache code. This uses gencache, mimir's new caching code that stores at text-based cache of various data. Mimir has done a *lot* of work on this patch, and it is finally time to get it in CVS. Andrew Bartlett (This used to be commit 47f3bfe9564e7f3aff60cefaefd599e0abb30a31) --- source3/libsmb/namecache.c | 325 +++++++++++++++++++--------------------- source3/libsmb/namequery.c | 10 +- source3/libsmb/trustdom_cache.c | 215 ++++++++++++++++++++++++++ 3 files changed, 372 insertions(+), 178 deletions(-) create mode 100644 source3/libsmb/trustdom_cache.c (limited to 'source3/libsmb') diff --git a/source3/libsmb/namecache.c b/source3/libsmb/namecache.c index ce4cbc048c..40777011a1 100644 --- a/source3/libsmb/namecache.c +++ b/source3/libsmb/namecache.c @@ -1,9 +1,10 @@ /* Unix SMB/CIFS implementation. - NetBIOS name cache module. - - Copyright (C) Tim Potter, 2002 + NetBIOS name cache module on top of gencache mechanism. + + Copyright (C) Tim Potter 2002 + Copyright (C) Rafal Szczesniak 2002 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,244 +23,224 @@ #include "includes.h" -static BOOL done_namecache_init; -static BOOL enable_namecache; -static TDB_CONTEXT *namecache_tdb; +#define NBTKEY_FMT "NBT/%s#%02X" -struct nc_value { - time_t expiry; /* When entry expires */ - int count; /* Number of addresses */ - struct in_addr ip_list[1]; /* Address list */ -}; -/* Initialise namecache system */ +/** + * Initialise namecache system. Function calls gencache + * initialisation function to perform necessary actions + * + * @return true upon successful initialisation of the cache or + * false on failure + **/ BOOL namecache_enable(void) { - /* Check if we have been here before, or name caching disabled - by setting the name cache timeout to zero. */ - - if (done_namecache_init) - return False; - - done_namecache_init = True; + /* + * Check if name caching disabled by setting the name cache + * timeout to zero. + */ if (lp_name_cache_timeout() == 0) { - DEBUG(5, ("namecache_init: disabling netbios name cache\n")); + DEBUG(5, ("namecache_enable: disabling netbios name cache\n")); return False; } - /* Open namecache tdb in read/write or readonly mode */ + /* Init namecache by calling gencache initialisation */ - namecache_tdb = tdb_open_log( - lock_path("namecache.tdb"), 0, - TDB_DEFAULT, O_RDWR | O_CREAT, 0644); - - if (!namecache_tdb) { - DEBUG(5, ("namecache_init: could not open %s\n", - lock_path("namecache.tdb"))); + if (!gencache_init()) { + DEBUG(2, ("namecache_enable: Couldn't initialise namecache on top of gencache.\n")); return False; } - DEBUG(5, ("namecache_init: enabling netbios namecache, timeout %d " + /* I leave it for now, though I don't think we really need this (mimir, 27.09.2002) */ + DEBUG(5, ("namecache_enable: enabling netbios namecache, timeout %d " "seconds\n", lp_name_cache_timeout())); - enable_namecache = True; - return True; } -/* Return a key for a name and name type. The caller must free - retval.dptr when finished. */ -static TDB_DATA namecache_key(const char *name, int name_type) +/** + * Shutdown namecache. Routine calls gencache close function + * to safely close gencache file. + * + * @return true upon successful shutdown of the cache or + * false on failure + **/ + +BOOL namecache_shutdown(void) { - TDB_DATA retval; - char *keystr; - - asprintf(&keystr, "%s#%02X", strupper_static(name), name_type); - - retval.dsize = strlen(keystr) + 1; - retval.dptr = keystr; - - return retval; + if (!gencache_shutdown()) { + DEBUG(2, ("namecache_shutdown: Couldn't close namecache on top of gencache.\n")); + return False; + } + + DEBUG(5, ("namecache_shutdown: netbios namecache closed successfully.\n")); + return True; } -/* Return a data value for an IP list. The caller must free - retval.dptr when finished. */ - -static TDB_DATA namecache_value(struct in_addr *ip_list, int num_names, - time_t expiry) -{ - TDB_DATA retval; - struct nc_value *value; - int size = sizeof(struct nc_value); - if (num_names > 0) - size += sizeof(struct in_addr) * (num_names-1); +/** + * Generates a key for netbios name lookups on basis of + * netbios name and type. + * The caller must free returned key string when finished. + * + * @param name netbios name string (case insensitive) + * @param name_type netbios type of the name being looked up + * + * @return string consisted of uppercased name and appended + * type number + */ - value = (struct nc_value *)malloc(size); - - memset(value, 0, size); - - value->expiry = expiry; - value->count = num_names; - - if (ip_list) - memcpy(value->ip_list, ip_list, sizeof(struct in_addr) * num_names); - - retval.dptr = (char *)value; - retval.dsize = size; +static char* namecache_key(const char *name, int name_type) +{ + char *keystr; + asprintf(&keystr, NBTKEY_FMT, strupper_static(name), name_type); - return retval; + return keystr; } -/* Store a name in the name cache */ -void namecache_store(const char *name, int name_type, - int num_names, struct in_addr *ip_list) +/** + * Store a name(s) in the name cache + * + * @param name netbios names array + * @param name_type integer netbios name type + * @param num_names number of names being stored + * @param ip_list array of in_addr structures containing + * ip addresses being stored + **/ + +BOOL namecache_store(const char *name, int name_type, + int num_names, struct in_addr *ip_list) { - TDB_DATA key, value; time_t expiry; + char *key, *value_string; int i; - if (!enable_namecache) - return; + /* + * we use gecache call to avoid annoying debug messages about + * initialised namecache again and again... + */ + if (!gencache_init()) return False; DEBUG(5, ("namecache_store: storing %d address%s for %s#%02x: ", - num_names, num_names == 1 ? "": "es", name, name_type)); + num_names, num_names == 1 ? "": "es", name, name_type)); for (i = 0; i < num_names; i++) DEBUGADD(5, ("%s%s", inet_ntoa(ip_list[i]), - i == (num_names - 1) ? "" : ", ")); + i == (num_names - 1) ? "" : ", ")); DEBUGADD(5, ("\n")); key = namecache_key(name, name_type); - /* Cache pdc location or dc lists for only a little while - otherwise if we lock on to a bad DC we can potentially be - out of action for the entire cache timeout time! */ + /* + * Cache pdc location or dc lists for only a little while + * otherwise if we lock on to a bad DC we can potentially be + * out of action for the entire cache timeout time! + */ - if (name_type != 0x1b || name_type != 0x1c) + if (name_type == 0x1b || name_type == 0x1c) expiry = time(NULL) + 10; else expiry = time(NULL) + lp_name_cache_timeout(); - value = namecache_value(ip_list, num_names, expiry); - - tdb_store(namecache_tdb, key, value, TDB_REPLACE); - - free(key.dptr); - free(value.dptr); + /* + * Generate string representation of ip addresses list + * First, store the number of ip addresses and then + * place each single ip + */ + ipstr_list_make(&value_string, ip_list, num_names); + + /* set the entry */ + return (gencache_set(key, value_string, expiry)); } -/* Look up a name in the name cache. Return a mallocated list of IP - addresses if the name is contained in the cache. */ + +/** + * Look up a name in the cache. + * + * @param name netbios name to look up for + * @param name_type netbios name type of @param name + * @param ip_list mallocated list of IP addresses if found in the cache, + * NULL otherwise + * @param num_names number of entries found + * + * @return true upon successful fetch or + * false if name isn't found in the cache or has expired + **/ BOOL namecache_fetch(const char *name, int name_type, struct in_addr **ip_list, - int *num_names) + int *num_names) { - TDB_DATA key, value; - struct nc_value *data; - time_t now; - int i; + char *key, *value; + time_t timeout; - *ip_list = NULL; *num_names = 0; - if (!enable_namecache) - return False; + /* exit now if null pointers were passed as they're required further */ + if (!ip_list || !num_names) return False; - /* Read value */ + if (!gencache_init()) + return False; + /* + * Use gencache interface - lookup the key + */ key = namecache_key(name, name_type); - value = tdb_fetch(namecache_tdb, key); - - if (!value.dptr) { - DEBUG(5, ("namecache_fetch: %s#%02x not found\n", - name, name_type)); - goto done; - } - - data = (struct nc_value *)value.dptr; - - /* Check expiry time */ - - now = time(NULL); - - if (now > data->expiry) { - - DEBUG(5, ("namecache_fetch: entry for %s#%02x expired\n", - name, name_type)); - - tdb_delete(namecache_tdb, key); - - SAFE_FREE(value.dptr); - value = tdb_null; - - goto done; - } - - if ((data->expiry - now) > lp_name_cache_timeout()) { - - /* Someone may have changed the system time on us */ - - DEBUG(5, ("namecache_fetch: entry for %s#%02x has bad expiry\n", - name, name_type)); - - tdb_delete(namecache_tdb, key); - - SAFE_FREE(value.dptr); - value = tdb_null; - - goto done; - } - - /* Extract and return namelist */ - - DEBUG(5, ("namecache_fetch: returning %d address%s for %s#%02x: ", - data->count, data->count == 1 ? "" : "es", name, name_type)); - - if (data->count) { - - *ip_list = (struct in_addr *)malloc( - sizeof(struct in_addr) * data->count); - - memcpy(*ip_list, data->ip_list, sizeof(struct in_addr) * data->count); - - *num_names = data->count; - - for (i = 0; i < *num_names; i++) - DEBUGADD(5, ("%s%s", inet_ntoa((*ip_list)[i]), - i == (*num_names - 1) ? "" : ", ")); - + if (!gencache_get(key, &value, &timeout)) { + DEBUG(5, ("no entry for %s#%02X found.\n", name, name_type)); + SAFE_FREE(key); + return False; + } else { + DEBUG(5, ("name %s#%02X found.\n", name, name_type)); } + + /* + * Split up the stored value into the list of IP adresses + */ + *num_names = ipstr_list_parse(value, ip_list); + + SAFE_FREE(key); + SAFE_FREE(value); + return *num_names > 0; /* true only if some ip has been fetched */ +} - DEBUGADD(5, ("\n")); -done: - SAFE_FREE(key.dptr); - SAFE_FREE(value.dptr); +/** + * Delete single namecache entry. Look at the + * gencache_iterate definition. + * + **/ - return value.dsize > 0; +static void flush_netbios_name(const char* key, const char *value, time_t timeout, void* dptr) +{ + gencache_del(key); + DEBUG(5, ("Deleting entry %s\n", key)); } -/* Flush all names from the name cache */ + +/** + * Flush all names from the name cache. + * It's done by gencache_iterate() + * + * @return True upon successful deletion or + * False in case of an error + **/ void namecache_flush(void) { - int result; - - if (!namecache_tdb) + if (!gencache_init()) return; - result = tdb_traverse(namecache_tdb, tdb_traverse_delete_fn, NULL); - - if (result == -1) - DEBUG(5, ("namecache_flush: error deleting cache entries\n")); - else - DEBUG(5, ("namecache_flush: deleted %d cache entr%s\n", - result, result == 1 ? "y" : "ies")); + /* + * iterate through each NBT cache's entry and flush it + * by flush_netbios_name function + */ + gencache_iterate(flush_netbios_name, NULL, "NBT/*"); + DEBUG(5, ("Namecache flushed\n")); } + diff --git a/source3/libsmb/namequery.c b/source3/libsmb/namequery.c index 6190c872ee..1c5af8bff0 100644 --- a/source3/libsmb/namequery.c +++ b/source3/libsmb/namequery.c @@ -837,11 +837,6 @@ static BOOL internal_resolve_name(const char *name, int name_type, if (resolve_hosts(name, return_iplist, return_count)) { result = True; goto done; - } else { - - /* Store negative lookup result */ - - namecache_store(name, name_type, 0, NULL); } } } else if(strequal( tok, "lmhosts")) { @@ -916,7 +911,10 @@ static BOOL internal_resolve_name(const char *name, int name_type, } /* Save in name cache */ - + for (i = 0; i < *return_count && DEBUGLEVEL == 100; i++) + DEBUG(100, ("Storing name %s of type %d (ip: %s)\n", name, + name_type, inet_ntoa(*return_iplist[i]))); + namecache_store(name, name_type, *return_count, *return_iplist); /* Display some debugging info */ diff --git a/source3/libsmb/trustdom_cache.c b/source3/libsmb/trustdom_cache.c new file mode 100644 index 0000000000..cddbb2daa6 --- /dev/null +++ b/source3/libsmb/trustdom_cache.c @@ -0,0 +1,215 @@ +/* + Unix SMB/CIFS implementation. + + Trusted domain names cache on top of gencache. + + Copyright (C) Rafal Szczesniak 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_ALL /* there's no proper class yet */ + +#define TDOMKEY_FMT "TDOM/%s" + + +/** + * @file trustdom_cache.c + * + * Implementation of trusted domain names cache useful when + * samba acts as domain member server. In such case, caching + * domain names currently trusted gives a performance gain + * because there's no need to query PDC each time we need + * list of trusted domains + **/ + + +/** + * Initialise trustdom name caching system. Call gencache + * initialisation routine to perform necessary activities. + * + * @return true upon successful cache initialisation or + * false if cache init failed + **/ + +BOOL trustdom_cache_enable(void) +{ + /* Init trustdom cache by calling gencache initialisation */ + if (!gencache_init()) { + DEBUG(2, ("trustdomcache_enable: Couldn't initialise trustdom cache on top of gencache.\n")); + return False; + } + + return True; +} + + +/** + * Shutdown trustdom name caching system. Calls gencache + * shutdown function. + * + * @return true upon successful cache close or + * false if it failed + **/ + +BOOL trustdom_cache_shutdown(void) +{ + /* Close trustdom cache by calling gencache shutdown */ + if (!gencache_shutdown()) { + DEBUG(2, ("trustdomcache_shutdown: Couldn't shutdown trustdom cache on top of gencache.\n")); + return False; + } + + return True; +} + + +/** + * Form up trustdom name key. It is based only + * on domain name now. + * + * @param name trusted domain name + * @return cache key for use in gencache mechanism + **/ + +static char* trustdom_cache_key(const char* name) +{ + char* keystr; + asprintf(&keystr, TDOMKEY_FMT, strupper_static(name)); + + return keystr; +} + + +/** + * Store trusted domain in gencache as the domain name (key) + * and ip address of domain controller (value) + * + * @param name trusted domain name + * @param alt_name alternative trusted domain name (used in ADS domains) + * @param sid trusted domain's SID + * @param timeout cache entry expiration time + * @return true upon successful value storing or + * false if store attempt failed + **/ + +BOOL trustdom_cache_store(char* name, char* alt_name, const DOM_SID *sid, + time_t timeout) +{ + char *key, *alt_key; + fstring sid_string; + + /* + * we use gecache call to avoid annoying debug messages + * about initialised trustdom + */ + if (!gencache_init()) return False; + + DEBUG(5, ("trustdom_store: storing SID %s of domain %s\n", + sid_string_static(sid), name)); + + key = trustdom_cache_key(name); + alt_key = alt_name ? trustdom_cache_key(alt_name) : NULL; + + /* Generate string representation domain SID */ + sid_to_string(sid_string, sid); + + /* + * try to put the names in the cache + */ + if (alt_key) { + return (gencache_set(alt_key, sid_string, timeout) + && gencache_set(key, sid_string, timeout)); + } + + return gencache_set(key, sid_string, timeout); +} + + +/** + * Fetch trusted domain's dc from the gencache. + * This routine can also be used to check whether given + * domain is currently trusted one. + * + * @param name trusted domain name + * @param sid trusted domain's SID to be returned + * @return true if entry is found or + * false if has expired/doesn't exist + **/ + +BOOL trustdom_cache_fetch(const char* name, DOM_SID* sid) +{ + char *key, *value; + time_t timeout; + + /* init the cache */ + if (!gencache_init()) return False; + + /* exit now if null pointers were passed as they're required further */ + if (!sid) return False; + + /* prepare a key and get the value */ + key = trustdom_cache_key(name); + + if (!gencache_get(key, &value, &timeout)) { + DEBUG(5, ("no entry for trusted domain %s found.\n", name)); + return False; + } else { + DEBUG(5, ("trusted domain %s found (%s)\n", name, value)); + } + + /* convert ip string representation into in_addr structure */ + if(! string_to_sid(sid, value)) { + sid = NULL; + return False; + } + + return True; +} + + +/** + * Delete single trustdom entry. Look at the + * gencache_iterate definition. + * + **/ + +static void flush_trustdom_name(const char* key, const char *value, time_t timeout, void* dptr) +{ + gencache_del(key); + DEBUG(5, ("Deleting entry %s\n", key)); +} + + +/** + * Flush all the trusted domains entries from the cache. + **/ + +void trustdom_cache_flush(void) +{ + if (!gencache_init()) + return; + + /* + * iterate through each TDOM cache's entry and flush it + * by flush_trustdom_name function + */ + gencache_iterate(flush_trustdom_name, NULL, trustdom_cache_key("*")); + DEBUG(5, ("Trusted domains cache flushed\n")); +} + -- cgit