sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code

Tidyup formatting a bit (spaces->tabs) whilst reading new code to understand

Browse Source 
connection caching. Getting ready for back-merge to 2.2.3.
Jeremy.
(This used to be commit 5e8df83ba9)
This commit is contained in:
Jeremy Allison 2001-11-15 19:40:00 +00:00
parent c32b4b6161
commit 8220662c13
3 changed files with 234 additions and 264 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
source3/libsmb/pwd_cache.c
View File

@ -22,8 +22,9 @@
#include "includes.h"
/****************************************************************************
initialises a password structure
Initialises a password structure.
****************************************************************************/
void pwd_init(struct pwd_info *pwd)
{
memset((char *)pwd->password , '\0', sizeof(pwd->password ));
@ -38,17 +39,18 @@ void pwd_init(struct pwd_info *pwd)
}
/****************************************************************************
returns NULL password flag
Returns NULL password flag.
****************************************************************************/
BOOL pwd_is_nullpwd(const struct pwd_info *pwd)
{
return pwd->null_pwd;
}
/****************************************************************************
compares two passwords. hmm, not as trivial as expected. hmm.
Compares two passwords. hmm, not as trivial as expected. hmm.
****************************************************************************/
BOOL pwd_compare(const struct pwd_info *pwd1, const struct pwd_info *pwd2)
{
if (pwd1->cleartext && pwd2->cleartext) {
@ -79,8 +81,9 @@ BOOL pwd_compare(const struct pwd_info *pwd1, const struct pwd_info *pwd2)
}
/****************************************************************************
reads a password
Reads a password.
****************************************************************************/
void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
{
/* grab a password */
@ -99,24 +102,19 @@ void pwd_read(struct pwd_info *pwd, char *passwd_report, BOOL do_encrypt)
*/
#if 0
if (user_pass == NULL || user_pass[0] == 0)
{
pwd_set_nullpwd(pwd);
}
else if (do_encrypt)
#endif
if (do_encrypt)
{
pwd_make_lm_nt_16(pwd, user_pass);
}
else
{
pwd_set_cleartext(pwd, user_pass);
}
}
/****************************************************************************
stores a cleartext password
****************************************************************************/
Stores a cleartext password.
****************************************************************************/
void pwd_set_nullpwd(struct pwd_info *pwd)
{
pwd_init(pwd);
@ -127,8 +125,9 @@ void pwd_set_nullpwd(struct pwd_info *pwd)
}
/****************************************************************************
stores a cleartext password
****************************************************************************/
Stores a cleartext password.
****************************************************************************/
void pwd_set_cleartext(struct pwd_info *pwd, char *clr)
{
pwd_init(pwd);
@ -139,41 +138,34 @@ void pwd_set_cleartext(struct pwd_info *pwd, char *clr)
}
/****************************************************************************
gets a cleartext password
****************************************************************************/
Gets a cleartext password.
****************************************************************************/
void pwd_get_cleartext(struct pwd_info *pwd, char *clr)
{
if (pwd->cleartext) {
if (pwd->cleartext)
fstrcpy(clr, pwd->password);
} else {
else
clr[0] = 0;
}
}
/****************************************************************************
stores lm and nt hashed passwords
****************************************************************************/
Stores lm and nt hashed passwords.
****************************************************************************/
void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
{
pwd_init(pwd);
if (lm_pwd)
{
memcpy(pwd->smb_lm_pwd, lm_pwd, 16);
}
else
{
memset((char *)pwd->smb_lm_pwd, '\0', 16);
}
if (nt_pwd)
{
memcpy(pwd->smb_nt_pwd, nt_pwd, 16);
}
else
{
memset((char *)pwd->smb_nt_pwd, '\0', 16);
}
pwd->null_pwd = False;
pwd->cleartext = False;
@ -181,23 +173,21 @@ void pwd_set_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
}
/****************************************************************************
gets lm and nt hashed passwords
****************************************************************************/
Gets lm and nt hashed passwords.
****************************************************************************/
void pwd_get_lm_nt_16(struct pwd_info *pwd, uchar lm_pwd[16], uchar nt_pwd[16])
{
if (lm_pwd != NULL)
{
memcpy(lm_pwd, pwd->smb_lm_pwd, 16);
}
if (nt_pwd != NULL)
{
memcpy(nt_pwd, pwd->smb_nt_pwd, 16);
}
}
/****************************************************************************
makes lm and nt hashed passwords
****************************************************************************/
Makes lm and nt hashed passwords.
****************************************************************************/
void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
{
pstring dos_passwd;
@ -213,8 +203,9 @@ void pwd_make_lm_nt_16(struct pwd_info *pwd, char *clr)
}
/****************************************************************************
makes lm and nt OWF crypts
****************************************************************************/
Makes lm and nt OWF crypts.
****************************************************************************/
void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
{
@ -245,16 +236,13 @@ void pwd_make_lm_nt_owf(struct pwd_info *pwd, uchar cryptkey[8])
}
/****************************************************************************
gets lm and nt crypts
****************************************************************************/
Gets lm and nt crypts.
****************************************************************************/
void pwd_get_lm_nt_owf(struct pwd_info *pwd, uchar lm_owf[24], uchar nt_owf[24])
{
if (lm_owf != NULL)
{
memcpy(lm_owf, pwd->smb_lm_owf, 24);
}
if (nt_owf != NULL)
{
memcpy(nt_owf, pwd->smb_nt_owf, 24);
}
}

10
source3/nsswitch/winbindd.c
View File

@ -255,8 +255,8 @@ static struct dispatch_table dispatch_table[] = {
/* Enumeration functions */
{ WINBINDD_LIST_USERS, winbindd_list_users, "LIST_USERS" },
{ WINBINDD_LIST_GROUPS, winbindd_list_groups, "LIST_GROUPS" },
{ WINBINDD_LIST_USERS, winbindd_list_users, "LIST_USERS" },
{ WINBINDD_LIST_GROUPS, winbindd_list_groups, "LIST_GROUPS" },
{ WINBINDD_LIST_TRUSTDOM, winbindd_list_trusted_domains, "LIST_TRUSTDOM" },
/* SID related functions */
@ -264,7 +264,7 @@ static struct dispatch_table dispatch_table[] = {
{ WINBINDD_LOOKUPSID, winbindd_lookupsid, "LOOKUPSID" },
{ WINBINDD_LOOKUPNAME, winbindd_lookupname, "LOOKUPNAME" },
/* S*RS related functions */
/* Lookup related functions */
{ WINBINDD_SID_TO_UID, winbindd_sid_to_uid, "SID_TO_UID" },
{ WINBINDD_SID_TO_GID, winbindd_sid_to_gid, "SID_TO_GID" },
@ -657,14 +657,12 @@ static void process_loop(int accept_sock)
flush_caches();
reload_services_file(True);
do_sighup = False;
}
if (do_sigusr1) {
print_winbindd_status();
do_sigusr1 = False;
do_sigusr1 = False;
}
}
}

408
source3/nsswitch/winbindd_cm.c
View File

@ -65,12 +65,12 @@
table or whatever later. */
struct winbindd_cm_conn {
struct winbindd_cm_conn *prev, *next;
fstring domain;
fstring controller;
fstring pipe_name;
struct cli_state *cli;
POLICY_HND pol;
struct winbindd_cm_conn *prev, *next;
fstring domain;
fstring controller;
fstring pipe_name;
struct cli_state *cli;
POLICY_HND pol;
};
struct winbindd_cm_conn *cm_conns = NULL;
@ -81,68 +81,64 @@ struct winbindd_cm_conn *cm_conns = NULL;
#define GET_DC_NAME_CACHE_TIMEOUT 30 /* Seconds between dc lookups */
struct get_dc_name_cache {
fstring domain_name;
fstring srv_name;
time_t lookup_time;
struct get_dc_name_cache *prev, *next;
fstring domain_name;
fstring srv_name;
time_t lookup_time;
struct get_dc_name_cache *prev, *next;
};
static BOOL cm_get_dc_name(char *domain, fstring srv_name)
{
static struct get_dc_name_cache *get_dc_name_cache;
struct get_dc_name_cache *dcc;
static struct get_dc_name_cache *get_dc_name_cache;
struct get_dc_name_cache *dcc;
struct in_addr *ip_list, dc_ip;
extern pstring global_myname;
int count, i;
/* Check the cache for previous lookups */
/* Check the cache for previous lookups */
for (dcc = get_dc_name_cache; dcc; dcc = dcc->next) {
for (dcc = get_dc_name_cache; dcc; dcc = dcc->next) {
if (!strequal(domain, dcc->domain_name))
continue; /* Not our domain */
if (!strequal(domain, dcc->domain_name))
continue; /* Not our domain */
if ((time(NULL) - dcc->lookup_time) > GET_DC_NAME_CACHE_TIMEOUT) {
if ((time(NULL) - dcc->lookup_time) > GET_DC_NAME_CACHE_TIMEOUT) {
/* Cache entry has expired, delete it */
/* Cache entry has expired, delete it */
DEBUG(10, ("get_dc_name_cache entry expired for %s\n",
domain));
DEBUG(10, ("get_dc_name_cache entry expired for %s\n", domain));
DLIST_REMOVE(get_dc_name_cache, dcc);
free(dcc);
DLIST_REMOVE(get_dc_name_cache, dcc);
SAFE_FREE(dcc);
break;
}
break;
}
/* Return a positive or negative lookup for this domain */
/* Return a positive or negative lookup for this domain */
if (dcc->srv_name[0]) {
DEBUG(10, ("returning positive get_dc_name_cache "
"entry for %s\n", domain));
fstrcpy(srv_name, dcc->srv_name);
return True;
} else {
DEBUG(10, ("returning negative get_dc_name_cache "
"entry for %s\n", domain));
return False;
}
}
if (dcc->srv_name[0]) {
DEBUG(10, ("returning positive get_dc_name_cache " "entry for %s\n", domain));
fstrcpy(srv_name, dcc->srv_name);
return True;
} else {
DEBUG(10, ("returning negative get_dc_name_cache " "entry for %s\n", domain));
return False;
}
}
/* Add cache entry for this lookup. */
/* Add cache entry for this lookup. */
DEBUG(10, ("Creating get_dc_name_cache entry for %s\n", domain));
DEBUG(10, ("Creating get_dc_name_cache entry for %s\n", domain));
if (!(dcc = (struct get_dc_name_cache *)
malloc(sizeof(struct get_dc_name_cache))))
return False;
if (!(dcc = (struct get_dc_name_cache *) malloc(sizeof(struct get_dc_name_cache))))
return False;
ZERO_STRUCTP(dcc);
ZERO_STRUCTP(dcc);
fstrcpy(dcc->domain_name, domain);
dcc->lookup_time = time(NULL);
fstrcpy(dcc->domain_name, domain);
dcc->lookup_time = time(NULL);
DLIST_ADD(get_dc_name_cache, dcc);
DLIST_ADD(get_dc_name_cache, dcc);
/* Lookup domain controller name */
@ -166,9 +162,9 @@ static BOOL cm_get_dc_name(char *domain, fstring srv_name)
if (!lookup_pdc_name(global_myname, domain, &dc_ip, srv_name))
return False;
/* We have a name so make the cache entry positive now */
/* We have a name so make the cache entry positive now */
fstrcpy(dcc->srv_name, srv_name);
fstrcpy(dcc->srv_name, srv_name);
return True;
}
@ -180,74 +176,72 @@ static BOOL cm_get_dc_name(char *domain, fstring srv_name)
#define OPEN_CONNECTION_CACHE_TIMEOUT 30 /* Seconds between attempts */
struct open_connection_cache {
fstring domain_name;
fstring controller;
time_t lookup_time;
struct open_connection_cache *prev, *next;
fstring domain_name;
fstring controller;
time_t lookup_time;
struct open_connection_cache *prev, *next;
};
static BOOL cm_open_connection(char *domain, char *pipe_name,
struct winbindd_cm_conn *new_conn)
{
static struct open_connection_cache *open_connection_cache;
struct open_connection_cache *occ;
static struct open_connection_cache *open_connection_cache;
struct open_connection_cache *occ;
struct nmb_name calling, called;
extern pstring global_myname;
fstring dest_host;
struct in_addr dest_ip;
BOOL result = False;
struct ntuser_creds creds;
extern pstring global_myname;
fstring dest_host;
struct in_addr dest_ip;
BOOL result = False;
struct ntuser_creds creds;
fstrcpy(new_conn->domain, domain);
fstrcpy(new_conn->pipe_name, pipe_name);
fstrcpy(new_conn->domain, domain);
fstrcpy(new_conn->pipe_name, pipe_name);
/* Look for a domain controller for this domain. Negative results
are cached so don't bother applying the caching for this
function just yet. */
/* Look for a domain controller for this domain. Negative results
are cached so don't bother applying the caching for this
function just yet. */
if (!cm_get_dc_name(domain, new_conn->controller))
goto done;
if (!cm_get_dc_name(domain, new_conn->controller))
goto done;
/* Return false if we have tried to look up this domain and netbios
name before and failed. */
/* Return false if we have tried to look up this domain and netbios
name before and failed. */
for (occ = open_connection_cache; occ; occ = occ->next) {
for (occ = open_connection_cache; occ; occ = occ->next) {
if (!(strequal(domain, occ->domain_name) &&
strequal(new_conn->controller, occ->controller)))
continue; /* Not our domain */
if (!(strequal(domain, occ->domain_name) &&
strequal(new_conn->controller, occ->controller)))
continue; /* Not our domain */
if ((time(NULL) - occ->lookup_time) > OPEN_CONNECTION_CACHE_TIMEOUT) {
/* Cache entry has expired, delete it */
if ((time(NULL) - occ->lookup_time) > OPEN_CONNECTION_CACHE_TIMEOUT) {
/* Cache entry has expired, delete it */
DEBUG(10, ("cm_open_connection cache entry expired "
"for %s, %s\n", domain,
new_conn->controller));
DEBUG(10, ("cm_open_connection cache entry expired for %s, %s\n", domain,
new_conn->controller));
DLIST_REMOVE(open_connection_cache, occ);
free(occ);
DLIST_REMOVE(open_connection_cache, occ);
free(occ);
break;
}
break;
}
/* The timeout hasn't expired yet so return false */
/* The timeout hasn't expired yet so return false */
DEBUG(10, ("returning negative open_connection_cache entry "
"for %s, %s\n", domain, new_conn->controller));
DEBUG(10, ("returning negative open_connection_cache entry for %s, %s\n",
domain, new_conn->controller));
goto done;
}
goto done;
}
/* Initialise SMB connection */
/* Initialise SMB connection */
if (!(new_conn->cli = cli_initialise(NULL)))
goto done;
if (!(new_conn->cli = cli_initialise(NULL)))
goto done;
if (!resolve_srv_name(new_conn->controller, dest_host, &dest_ip))
goto done;
make_nmb_name(&called, dns_to_netbios_name(new_conn->controller),
0x20);
make_nmb_name(&called, dns_to_netbios_name(new_conn->controller), 0x20);
make_nmb_name(&calling, dns_to_netbios_name(global_myname), 0);
ZERO_STRUCT(creds);
@ -266,150 +260,142 @@ static BOOL cm_open_connection(char *domain, char *pipe_name,
result = True;
done:
/* Create negative lookup cache entry for this domain and
controller */
if (!result) {
if (!(occ = (struct open_connection_cache *)
malloc(sizeof(struct open_connection_cache))))
return False;
/* Create negative lookup cache entry for this domain and controller */
ZERO_STRUCTP(occ);
if (!result) {
if (!(occ = (struct open_connection_cache *)
malloc(sizeof(struct open_connection_cache))))
return False;
fstrcpy(occ->domain_name, domain);
fstrcpy(occ->controller, new_conn->controller);
occ->lookup_time = time(NULL);
ZERO_STRUCTP(occ);
DLIST_ADD(open_connection_cache, occ);
}
fstrcpy(occ->domain_name, domain);
fstrcpy(occ->controller, new_conn->controller);
occ->lookup_time = time(NULL);
if (!result && new_conn->cli)
cli_shutdown(new_conn->cli);
DLIST_ADD(open_connection_cache, occ);
}
return result;
if (!result && new_conn->cli)
cli_shutdown(new_conn->cli);
return result;
}
/* Return true if a connection is still alive */
static BOOL connection_ok(struct winbindd_cm_conn *conn)
{
if (!conn->cli->initialised)
return False;
if (!conn->cli->initialised)
return False;
if (conn->cli->fd == -1)
return False;
if (conn->cli->fd == -1)
return False;
return True;
return True;
}
/* Return a LSA policy handle on a domain */
CLI_POLICY_HND *cm_get_lsa_handle(char *domain)
{
struct winbindd_cm_conn *conn;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
NTSTATUS result;
static CLI_POLICY_HND hnd;
struct winbindd_cm_conn *conn;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
NTSTATUS result;
static CLI_POLICY_HND hnd;
/* Look for existing connections */
/* Look for existing connections */
for (conn = cm_conns; conn; conn = conn->next) {
if (strequal(conn->domain, domain) &&
strequal(conn->pipe_name, PIPE_LSARPC)) {
for (conn = cm_conns; conn; conn = conn->next) {
if (strequal(conn->domain, domain) && strequal(conn->pipe_name, PIPE_LSARPC)) {
if (!connection_ok(conn)) {
DLIST_REMOVE(cm_conns, conn);
return NULL;
}
if (!connection_ok(conn)) {
DLIST_REMOVE(cm_conns, conn);
return NULL;
}
goto ok;
}
}
goto ok;
}
}
/* Create a new one */
/* Create a new one */
if (!(conn = (struct winbindd_cm_conn *)
malloc(sizeof(struct winbindd_cm_conn))))
return NULL;
if (!(conn = (struct winbindd_cm_conn *) malloc(sizeof(struct winbindd_cm_conn))))
return NULL;
ZERO_STRUCTP(conn);
ZERO_STRUCTP(conn);
if (!cm_open_connection(domain, PIPE_LSARPC, conn)) {
DEBUG(3, ("Could not connect to a dc for domain %s\n",
domain));
return NULL;
}
if (!cm_open_connection(domain, PIPE_LSARPC, conn)) {
DEBUG(3, ("Could not connect to a dc for domain %s\n", domain));
return NULL;
}
result = cli_lsa_open_policy(conn->cli, conn->cli->mem_ctx, False,
des_access, &conn->pol);
result = cli_lsa_open_policy(conn->cli, conn->cli->mem_ctx, False, des_access, &conn->pol);
if (!NT_STATUS_IS_OK(result))
return NULL;
if (!NT_STATUS_IS_OK(result))
return NULL;
/* Add to list */
/* Add to list */
DLIST_ADD(cm_conns, conn);
DLIST_ADD(cm_conns, conn);
ok:
hnd.pol = conn->pol;
hnd.cli = conn->cli;
hnd.pol = conn->pol;
hnd.cli = conn->cli;
return &hnd;
return &hnd;
}
/* Return a SAM policy handle on a domain */
CLI_POLICY_HND *cm_get_sam_handle(char *domain)
{
struct winbindd_cm_conn *conn;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
NTSTATUS result;
static CLI_POLICY_HND hnd;
struct winbindd_cm_conn *conn;
uint32 des_access = SEC_RIGHTS_MAXIMUM_ALLOWED;
NTSTATUS result;
static CLI_POLICY_HND hnd;
/* Look for existing connections */
/* Look for existing connections */
for (conn = cm_conns; conn; conn = conn->next) {
if (strequal(conn->domain, domain) &&
strequal(conn->pipe_name, PIPE_SAMR)) {
for (conn = cm_conns; conn; conn = conn->next) {
if (strequal(conn->domain, domain) && strequal(conn->pipe_name, PIPE_SAMR)) {
if (!connection_ok(conn)) {
DLIST_REMOVE(cm_conns, conn);
return NULL;
}
if (!connection_ok(conn)) {
DLIST_REMOVE(cm_conns, conn);
return NULL;
}
goto ok;
}
}
goto ok;
}
}
/* Create a new one */
/* Create a new one */
if (!(conn = (struct winbindd_cm_conn *)
malloc(sizeof(struct winbindd_cm_conn))))
return NULL;
if (!(conn = (struct winbindd_cm_conn *) malloc(sizeof(struct winbindd_cm_conn))))
return NULL;
ZERO_STRUCTP(conn);
ZERO_STRUCTP(conn);
if (!cm_open_connection(domain, PIPE_SAMR, conn)) {
DEBUG(3, ("Could not connect to a dc for domain %s\n",
domain));
return NULL;
}
if (!cm_open_connection(domain, PIPE_SAMR, conn)) {
DEBUG(3, ("Could not connect to a dc for domain %s\n", domain));
return NULL;
}
result = cli_samr_connect(conn->cli, conn->cli->mem_ctx, des_access,
&conn->pol);
result = cli_samr_connect(conn->cli, conn->cli->mem_ctx, des_access, &conn->pol);
if (!NT_STATUS_IS_OK(result))
return NULL;
if (!NT_STATUS_IS_OK(result))
return NULL;
/* Add to list */
/* Add to list */
DLIST_ADD(cm_conns, conn);
DLIST_ADD(cm_conns, conn);
ok:
hnd.pol = conn->pol;
hnd.cli = conn->cli;
hnd.pol = conn->pol;
hnd.cli = conn->cli;
return &hnd;
return &hnd;
}
#if 0
@ -641,62 +627,60 @@ CLI_POLICY_HND *cm_get_sam_group_handle(char *domain, DOM_SID *domain_sid,
struct cli_state *cm_get_netlogon_cli(char *domain, unsigned char *trust_passwd)
{
struct winbindd_cm_conn conn;
NTSTATUS result;
struct winbindd_cm_conn conn;
NTSTATUS result;
/* Open an initial conection */
/* Open an initial conection */
ZERO_STRUCT(conn);
ZERO_STRUCT(conn);
if (!cm_open_connection(domain, PIPE_NETLOGON, &conn)) {
DEBUG(3, ("Could not open a connection to %s\n", domain));
return NULL;
}
if (!cm_open_connection(domain, PIPE_NETLOGON, &conn)) {
DEBUG(3, ("Could not open a connection to %s\n", domain));
return NULL;
}
result = cli_nt_setup_creds(conn.cli, trust_passwd);
result = cli_nt_setup_creds(conn.cli, trust_passwd);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("error connecting to domain password server: %s\n",
get_nt_error_msg(result)));
cli_shutdown(conn.cli);
return NULL;
}
if (!NT_STATUS_IS_OK(result)) {
DEBUG(0, ("error connecting to domain password server: %s\n",
get_nt_error_msg(result)));
cli_shutdown(conn.cli);
return NULL;
}
/* We only want the client handle from this structure */
/* We only want the client handle from this structure */
return conn.cli;
return conn.cli;
}
/* Dump the current connection status */
static void dump_conn_list(void)
{
struct winbindd_cm_conn *con;
struct winbindd_cm_conn *con;
DEBUG(0, ("\tDomain Controller Pipe\n"));
DEBUG(0, ("\tDomain Controller Pipe\n"));
for(con = cm_conns; con; con = con->next) {
char *msg;
for(con = cm_conns; con; con = con->next) {
char *msg;
/* Display pipe info */
/* Display pipe info */
asprintf(&msg, "\t%-15s %-15s %-16s", con->domain,
con->controller, con->pipe_name);
asprintf(&msg, "\t%-15s %-15s %-16s", con->domain, con->controller, con->pipe_name);
DEBUG(0, ("%s\n", msg));
free(msg);
}
DEBUG(0, ("%s\n", msg));
free(msg);
}
}
void winbindd_cm_status(void)
{
/* List open connections */
/* List open connections */
DEBUG(0, ("winbindd connection manager status:\n"));
if (cm_conns)
dump_conn_list();
else
DEBUG(0, ("\tNo active connections\n"));
DEBUG(0, ("winbindd connection manager status:\n"));
if (cm_conns)
dump_conn_list();
else
DEBUG(0, ("\tNo active connections\n"));
}