idmap/idmapd/init.c

c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/*
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * CDDL HEADER START
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * The contents of this file are subject to the terms of the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Common Development and Distribution License (the "License").
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * You may not use this file except in compliance with the License.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * or http://www.opensolaris.org/os/licensing.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * See the License for the specific language governing permissions
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * and limitations under the License.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * When distributing Covered Code, include this CDDL HEADER in each
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * If applicable, add the following below this CDDL HEADER, with the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * fields enclosed by brackets "[]" replaced with your own identifying
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * information: Portions Copyright [yyyy] [name of copyright owner]
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * CDDL HEADER END
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/*
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
b3700b074e637f8c6991b70754c88a2cfffb246bGordon Ross * Copyright 2014 Nexenta Systems, Inc.  All rights reserved.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/*
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Initialization routines
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include "idmapd.h"
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <signal.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <thread.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <string.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <errno.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <assert.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <unistd.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <sys/types.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw#include <sys/stat.h>
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban#include <rpcsvc/daemon_utils.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwint
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjpinit_mapping_system()
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjp{
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban    int rc = 0;
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban    if ((rc = load_config()) < 0)
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban        return (rc);
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban    (void) setegid(DAEMON_GID);
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban    (void) seteuid(DAEMON_UID);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    if (init_dbs() < 0) {
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban        rc = -1;
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw        fini_mapping_system();
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban    (void) seteuid(0);
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban    (void) setegid(0);
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban
8edda6281c84e0632a22f9c8dbf0d6f1558878ebbaban    return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw}
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwvoid
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjpfini_mapping_system()
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjp{
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    fini_dbs();
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw}
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwint
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjpload_config()
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjp{
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw    int rc;
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    if ((_idmapdstate.cfg = idmap_cfg_init()) == NULL) {
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        degrade_svc(0, "failed to initialize config");
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw        return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
c8e261054d98729a8718903716b9b8a512d8b693jp
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    rc = idmap_cfg_upgrade(_idmapdstate.cfg);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (rc != 0) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        degrade_svc(0, "fatal error while upgrading configuration");
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        return (rc);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
349d5d8f2e43f7f425bc3d025dda555187160ab7nw    rc = idmap_cfg_load(_idmapdstate.cfg, 0);
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw    if (rc < -1) {
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw        /* Total failure */
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        degrade_svc(0, "fatal error while loading configuration");
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban        return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
c8e261054d98729a8718903716b9b8a512d8b693jp
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw    if (rc != 0)
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw        /* Partial failure */
71590c90e239661c113497da3ca8b7301dfbe24cnw        idmapdlog(LOG_ERR, "Various errors occurred while loading "
71590c90e239661c113497da3ca8b7301dfbe24cnw            "the configuration; check the logs");
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw
0dcc71495bad040a0c83830efc85acf8d897350dnw    if ((rc = idmap_cfg_start_updates()) < 0) {
0dcc71495bad040a0c83830efc85acf8d897350dnw        /* Total failure */
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        degrade_svc(0, "could not start config updater");
0dcc71495bad040a0c83830efc85acf8d897350dnw        return (rc);
0dcc71495bad040a0c83830efc85acf8d897350dnw    }
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    if (DBG(CONFIG, 1))
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        idmapdlog(LOG_DEBUG, "Initial configuration loaded");
e3c2d6aa3bc760b22fad3c83f876553f0d2c5b66nw
c8e261054d98729a8718903716b9b8a512d8b693jp    return (0);
c8e261054d98729a8718903716b9b8a512d8b693jp}
c8e261054d98729a8718903716b9b8a512d8b693jp
c8e261054d98729a8718903716b9b8a512d8b693jp
349d5d8f2e43f7f425bc3d025dda555187160ab7nwvoid
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desaireload_gcs()
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjp{
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    int     i, j;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    adutils_ad_t    **new_gcs;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    adutils_ad_t    **old_gcs = _idmapdstate.gcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    int     new_num_gcs;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    int     old_num_gcs = _idmapdstate.num_gcs;
c8e261054d98729a8718903716b9b8a512d8b693jp    idmap_pg_config_t *pgcfg = &_idmapdstate.cfg->pgcfg;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    idmap_trustedforest_t *trustfor = pgcfg->trusted_forests;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    int     num_trustfor = pgcfg->num_trusted_forests;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    ad_disc_domainsinforest_t *domain_in_forest;
c8e261054d98729a8718903716b9b8a512d8b693jp
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross    if (pgcfg->use_ads == B_FALSE ||
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross        pgcfg->domain_name == NULL) {
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross        /*
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross         * ADS disabled, or no domain name specified.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross         * Not using adutils. (but still can use lsa)
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross         */
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        new_gcs = NULL;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        new_num_gcs = 0;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        goto out;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    }
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright
349d5d8f2e43f7f425bc3d025dda555187160ab7nw    if (pgcfg->global_catalog == NULL ||
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        pgcfg->global_catalog[0].host[0] == '\0') {
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        /*
349d5d8f2e43f7f425bc3d025dda555187160ab7nw         * No GCs.  Continue to use the previous AD config in case
349d5d8f2e43f7f425bc3d025dda555187160ab7nw         * that's still good but auto-discovery had a transient failure.
349d5d8f2e43f7f425bc3d025dda555187160ab7nw         * If that stops working we'll go into degraded mode anyways
349d5d8f2e43f7f425bc3d025dda555187160ab7nw         * when it does.
349d5d8f2e43f7f425bc3d025dda555187160ab7nw         */
b3700b074e637f8c6991b70754c88a2cfffb246bGordon Ross        idmapdlog(LOG_INFO,
349d5d8f2e43f7f425bc3d025dda555187160ab7nw            "Global Catalog servers not configured/discoverable");
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        return;
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
c8e261054d98729a8718903716b9b8a512d8b693jp
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    new_num_gcs = 1 + num_trustfor;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    new_gcs = calloc(new_num_gcs, sizeof (adutils_ad_t *));
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (new_gcs == NULL) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        degrade_svc(0, "could not allocate AD context array "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            "(out of memory)");
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        return;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
c8e261054d98729a8718903716b9b8a512d8b693jp
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (adutils_ad_alloc(&new_gcs[0], NULL, ADUTILS_AD_GLOBAL_CATALOG) !=
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        ADUTILS_SUCCESS) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        free(new_gcs);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        degrade_svc(0, "could not initialize AD context "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            "(out of memory)");
349d5d8f2e43f7f425bc3d025dda555187160ab7nw        return;
c8e261054d98729a8718903716b9b8a512d8b693jp    }
c8e261054d98729a8718903716b9b8a512d8b693jp
c8e261054d98729a8718903716b9b8a512d8b693jp    for (i = 0; pgcfg->global_catalog[i].host[0] != '\0'; i++) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        if (idmap_add_ds(new_gcs[0],
c8e261054d98729a8718903716b9b8a512d8b693jp            pgcfg->global_catalog[i].host,
c8e261054d98729a8718903716b9b8a512d8b693jp            pgcfg->global_catalog[i].port) != 0) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            adutils_ad_free(&new_gcs[0]);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            free(new_gcs);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            degrade_svc(0, "could not set AD hosts "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                "(out of memory)");
349d5d8f2e43f7f425bc3d025dda555187160ab7nw            return;
c8e261054d98729a8718903716b9b8a512d8b693jp        }
c8e261054d98729a8718903716b9b8a512d8b693jp    }
c8e261054d98729a8718903716b9b8a512d8b693jp
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    if (pgcfg->domains_in_forest != NULL) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (i = 0; pgcfg->domains_in_forest[i].domain[0] != '\0';
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            i++) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            if (adutils_add_domain(new_gcs[0],
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                pgcfg->domains_in_forest[i].domain,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                pgcfg->domains_in_forest[i].sid) != 0) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                adutils_ad_free(&new_gcs[0]);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                free(new_gcs);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                degrade_svc(0, "could not set AD domains "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    "(out of memory)");
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                return;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    for (i = 0; i < num_trustfor; i++) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        if (adutils_ad_alloc(&new_gcs[i + 1], NULL,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            ADUTILS_AD_GLOBAL_CATALOG) != ADUTILS_SUCCESS) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            degrade_svc(0, "could not initialize trusted AD "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                "context (out of memory)");
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                new_num_gcs = i + 1;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                goto out;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (j = 0; trustfor[i].global_catalog[j].host[0] != '\0';
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            j++) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            if (idmap_add_ds(new_gcs[i + 1],
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                trustfor[i].global_catalog[j].host,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                trustfor[i].global_catalog[j].port) != 0) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                adutils_ad_free(&new_gcs[i + 1]);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                degrade_svc(0, "could not set trusted "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    "AD hosts (out of memory)");
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                new_num_gcs = i + 1;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                goto out;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (j = 0; trustfor[i].domains_in_forest[j].domain[0] != '\0';
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            j++) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            domain_in_forest = &trustfor[i].domains_in_forest[j];
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            /* Only add domains which are marked */
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            if (domain_in_forest->trusted) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                if (adutils_add_domain(new_gcs[i + 1],
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    domain_in_forest->domain,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    domain_in_forest->sid) != 0) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                    adutils_ad_free(&new_gcs[i + 1]);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    degrade_svc(0, "could not set trusted "
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                        "AD domains (out of memory)");
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai                    new_num_gcs = i + 1;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    goto out;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullenout:
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    _idmapdstate.gcs = new_gcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    _idmapdstate.num_gcs = new_num_gcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (old_gcs != NULL) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        for (i = 0; i < old_num_gcs; i++)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            adutils_ad_free(&old_gcs[i]);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        free(old_gcs);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai}
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai/*
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai * NEEDSWORK:  This should load entries for domain servers for all known
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai * domains - the joined domain, other domains in the forest, and trusted
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai * domains in other forests.  However, we don't yet discover any DCs other
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai * than the DCs for the joined domain.
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai */
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desaistatic
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desaivoid
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desaireload_dcs(void)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai{
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    int     i;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    adutils_ad_t    **new_dcs;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    adutils_ad_t    **old_dcs = _idmapdstate.dcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    int     new_num_dcs;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    int     old_num_dcs = _idmapdstate.num_dcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    idmap_pg_config_t *pgcfg = &_idmapdstate.cfg->pgcfg;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross    if (pgcfg->use_ads == B_FALSE ||
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross        pgcfg->domain_name == NULL) {
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross        /*
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross         * ADS disabled, or no domain name specified.
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross         * Not using adutils. (but still can use lsa)
1ed6b69a5ca1ca3ee5e9a4931f74e2237c7e1c9fGordon Ross         */
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        new_dcs = NULL;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        new_num_dcs = 0;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright        goto out;
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright    }
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (pgcfg->domain_controller == NULL ||
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        pgcfg->domain_controller[0].host[0] == '\0') {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        /*
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai         * No DCs.  Continue to use the previous AD config in case
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai         * that's still good but auto-discovery had a transient failure.
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai         * If that stops working we'll go into degraded mode anyways
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai         * when it does.
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai         */
b3700b074e637f8c6991b70754c88a2cfffb246bGordon Ross        idmapdlog(LOG_INFO,
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            "Domain controller servers not configured/discoverable");
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        return;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    new_num_dcs = 1;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    new_dcs = calloc(new_num_dcs, sizeof (adutils_ad_t *));
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (new_dcs == NULL)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        goto nomem;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (adutils_ad_alloc(&new_dcs[0], pgcfg->domain_name,
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        ADUTILS_AD_DATA) != ADUTILS_SUCCESS)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        goto nomem;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    for (i = 0; pgcfg->domain_controller[i].host[0] != '\0'; i++) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        if (idmap_add_ds(new_dcs[0],
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            pgcfg->domain_controller[i].host,
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            pgcfg->domain_controller[i].port) != 0)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            goto nomem;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown    /*
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown     * NEEDSWORK:  All we need here is to add the domain and SID for
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown     * this DC to the list of domains supported by this entry.  Isn't
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown     * there an easier way to find the SID than to walk through the list
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown     * of all of the domains in the forest?
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown     */
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown    ad_disc_domainsinforest_t *dif = pgcfg->domains_in_forest;
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown    if (dif != NULL) {
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown        for (; dif->domain[0] != '\0'; dif++) {
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown            if (domain_eq(pgcfg->domain_name, dif->domain)) {
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown                if (adutils_add_domain(new_dcs[0],
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown                    dif->domain, dif->sid) != 0)
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown                    goto nomem;
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown                break;
46cf8a39beaa5f4ec8398951a61783ae0c508e04Jordan Brown            }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    }
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wrightout:
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    _idmapdstate.dcs = new_dcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    _idmapdstate.num_dcs = new_num_dcs;
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (old_dcs != NULL) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        for (i = 0; i < old_num_dcs; i++)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            adutils_ad_free(&old_dcs[i]);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        free(old_dcs);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    return;
c8e261054d98729a8718903716b9b8a512d8b693jp
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desainomem:
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    degrade_svc(0, "out of memory");
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    if (new_dcs != NULL) {
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        if (new_dcs[0] != NULL)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai            adutils_ad_free(&new_dcs[0]);
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        free(new_dcs);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw}
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c8e261054d98729a8718903716b9b8a512d8b693jp
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desaivoid
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desaireload_ad(void)
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai{
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    reload_gcs();
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    reload_dcs();
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai}
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwvoid
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wrightprint_idmapdstate(void)
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjp{
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    int i, j;
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban    idmap_pg_config_t *pgcfg;
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    idmap_trustedforest_t *tf;
c8e261054d98729a8718903716b9b8a512d8b693jp
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    RDLOCK_CONFIG();
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c8e261054d98729a8718903716b9b8a512d8b693jp    if (_idmapdstate.cfg == NULL) {
71590c90e239661c113497da3ca8b7301dfbe24cnw        idmapdlog(LOG_INFO, "Null configuration");
c8e261054d98729a8718903716b9b8a512d8b693jp        UNLOCK_CONFIG();
c8e261054d98729a8718903716b9b8a512d8b693jp        return;
c8e261054d98729a8718903716b9b8a512d8b693jp    }
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban    pgcfg = &_idmapdstate.cfg->pgcfg;
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "list_size_limit=%llu", pgcfg->list_size_limit);
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "default_domain=%s",
c8e261054d98729a8718903716b9b8a512d8b693jp        CHECK_NULL(pgcfg->default_domain));
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "domain_name=%s", CHECK_NULL(pgcfg->domain_name));
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "machine_sid=%s", CHECK_NULL(pgcfg->machine_sid));
c8e261054d98729a8718903716b9b8a512d8b693jp    if (pgcfg->domain_controller == NULL ||
c8e261054d98729a8718903716b9b8a512d8b693jp        pgcfg->domain_controller[0].host[0] == '\0') {
71590c90e239661c113497da3ca8b7301dfbe24cnw        idmapdlog(LOG_DEBUG, "No domain controllers known");
c8e261054d98729a8718903716b9b8a512d8b693jp    } else {
c8e261054d98729a8718903716b9b8a512d8b693jp        for (i = 0; pgcfg->domain_controller[i].host[0] != '\0'; i++)
71590c90e239661c113497da3ca8b7301dfbe24cnw            idmapdlog(LOG_DEBUG, "domain_controller=%s port=%d",
71590c90e239661c113497da3ca8b7301dfbe24cnw                pgcfg->domain_controller[i].host,
c8e261054d98729a8718903716b9b8a512d8b693jp                pgcfg->domain_controller[i].port);
c8e261054d98729a8718903716b9b8a512d8b693jp    }
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "forest_name=%s", CHECK_NULL(pgcfg->forest_name));
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "site_name=%s", CHECK_NULL(pgcfg->site_name));
c8e261054d98729a8718903716b9b8a512d8b693jp    if (pgcfg->global_catalog == NULL ||
c8e261054d98729a8718903716b9b8a512d8b693jp        pgcfg->global_catalog[0].host[0] == '\0') {
71590c90e239661c113497da3ca8b7301dfbe24cnw        idmapdlog(LOG_DEBUG, "No global catalog servers known");
c8e261054d98729a8718903716b9b8a512d8b693jp    } else {
c8e261054d98729a8718903716b9b8a512d8b693jp        for (i = 0; pgcfg->global_catalog[i].host[0] != '\0'; i++)
71590c90e239661c113497da3ca8b7301dfbe24cnw            idmapdlog(LOG_DEBUG, "global_catalog=%s port=%d",
c8e261054d98729a8718903716b9b8a512d8b693jp                pgcfg->global_catalog[i].host,
c8e261054d98729a8718903716b9b8a512d8b693jp                pgcfg->global_catalog[i].port);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    if (pgcfg->domains_in_forest == NULL ||
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        pgcfg->domains_in_forest[0].domain[0] == '\0') {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        idmapdlog(LOG_DEBUG, "No domains in forest %s known",
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            CHECK_NULL(pgcfg->forest_name));
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    } else {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (i = 0; pgcfg->domains_in_forest[i].domain[0] != '\0'; i++)
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            idmapdlog(LOG_DEBUG, "domains in forest %s = %s",
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                CHECK_NULL(pgcfg->forest_name),
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                pgcfg->domains_in_forest[i].domain);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    if (pgcfg->trusted_domains == NULL ||
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        pgcfg->trusted_domains[0].domain[0] == '\0') {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        idmapdlog(LOG_DEBUG, "No trusted domains known");
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    } else {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (i = 0; pgcfg->trusted_domains[i].domain[0] != '\0'; i++)
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            idmapdlog(LOG_DEBUG, "trusted domain = %s",
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                pgcfg->trusted_domains[i].domain);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    for (i = 0; i < pgcfg->num_trusted_forests; i++) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        tf = &pgcfg->trusted_forests[i];
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (j = 0; tf->global_catalog[j].host[0] != '\0'; j++)
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            idmapdlog(LOG_DEBUG,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                "trusted forest %s global_catalog=%s port=%d",
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                tf->forest_name,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                tf->global_catalog[j].host,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                tf->global_catalog[j].port);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        for (j = 0; tf->domains_in_forest[j].domain[0] != '\0'; j++) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            if (tf->domains_in_forest[j].trusted) {
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                idmapdlog(LOG_DEBUG,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    "trusted forest %s domain=%s",
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    tf->forest_name,
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen                    tf->domains_in_forest[j].domain);
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen            }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen        }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen    }
4d61c878ad5fbf36c5338bef5994cc5fe88a589aJulian Pullen
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai    idmapdlog(LOG_DEBUG, "directory_based_mapping=%s",
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai        enum_lookup(pgcfg->directory_based_mapping, directory_mapping_map));
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "ad_unixuser_attr=%s",
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban        CHECK_NULL(pgcfg->ad_unixuser_attr));
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "ad_unixgroup_attr=%s",
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban        CHECK_NULL(pgcfg->ad_unixgroup_attr));
71590c90e239661c113497da3ca8b7301dfbe24cnw    idmapdlog(LOG_DEBUG, "nldap_winname_attr=%s",
e8c27ec857e6e2db8c4fe56938b70a89b5bed9f3baban        CHECK_NULL(pgcfg->nldap_winname_attr));
c8e261054d98729a8718903716b9b8a512d8b693jp
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    UNLOCK_CONFIG();
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw}
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwint
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjpcreate_directory(const char *path, uid_t uid, gid_t gid)
4edd44c51fec55142bfb7fb1ee7aaa13a910a80fjp{
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    int rc;
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    if ((rc = mkdir(path, 0700)) < 0 && errno != EEXIST) {
71590c90e239661c113497da3ca8b7301dfbe24cnw        idmapdlog(LOG_ERR, "Error creating directory %s (%s)",
71590c90e239661c113497da3ca8b7301dfbe24cnw            path, strerror(errno));
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw        return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    if (lchown(path, uid, gid) < 0) {
71590c90e239661c113497da3ca8b7301dfbe24cnw        idmapdlog(LOG_ERR, "Error creating directory %s (%s)",
71590c90e239661c113497da3ca8b7301dfbe24cnw            path, strerror(errno));
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw        if (rc == 0)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw            (void) rmdir(path);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw        return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    }
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw    return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw}