6932404 Autohome share does not show up when using sharemgr show -vp

6875358 NDR support for Serialization Types
6811350 Autohome wildcard rule fails with mixed case (or upper case) user name
6932967 Add local group manipulation functions to SAMR service
6801203 libidmap should not link with bunch of libraries
6928764 Diagnostic noise on "idmap get-namemap" and "idmap set-namemap"
6885923 idmapd loops infinitely, leaking memory
6936722 Sparc : Unable to destroy zpool, sharemgr locks up.
6937163 smbd door operations should initialize XDR decode data
6937814 Memory corruption while running stress test
6913525 smb_ads_decode_host_ip doesn't step over IPv6 address
6939430 queryfileinfo should only use vnodetopath for directory nodes
6938318 Unable to save files with Save As

--HG--
rename : usr/src/lib/libidmap/common/namemaps.c => usr/src/cmd/idmap/idmap/namemaps.c
rename : usr/src/lib/libidmap/common/idmap_priv.h => usr/src/cmd/idmap/idmap/namemaps.h

3 files changed, 79 insertions, 42 deletions

diff --git a/usr/src/lib/libadutils/common/addisc.c b/usr/src/lib/libadutils/common/addisc.c
index b32f9d7694..187981b5a2 100644
--- a/usr/src/lib/libadutils/common/addisc.c
+++ b/usr/src/lib/libadutils/common/addisc.c
@@ -20,8 +20,7 @@
  */
 
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 /*
@@ -103,6 +102,16 @@
 #include "adutils_impl.h"
 #include "addisc.h"
 
+/*
+ * These set some sanity policies for discovery.  After a discovery
+ * cycle, we will consider the results (successful or unsuccessful)
+ * to be valid for at least MINIMUM_TTL seconds, and for at most
+ * MAXIMUM_TTL seconds.  Note that the caller is free to request
+ * discovery cycles sooner than MINIMUM_TTL if it has reason to believe
+ * that the situation has changed.
+ */
+#define	MINIMUM_TTL	(5 * 60)
+#define	MAXIMUM_TTL	(20 * 60)
 
 enum ad_item_state {
 		AD_STATE_INVALID = 0,	/* The value is not valid */
@@ -127,7 +136,7 @@ typedef struct ad_item {
 	enum ad_item_state	state;
 	enum ad_data_type	type;
 	void 			*value;
-	time_t 			ttl;
+	time_t 			expires;
 	unsigned int 		version;	/* Version is only changed */
 						/* if the value changes */
 #define	PARAM1		0
@@ -144,6 +153,8 @@ typedef struct ad_disc {
 	ad_subnet_t	*subnets;
 	boolean_t	subnets_changed;
 	time_t		subnets_last_check;
+	time_t		expires_not_before;
+	time_t		expires_not_after;
 	ad_item_t	domain_name;		/* DNS hostname string */
 	ad_item_t	domain_controller;	/* Directory hostname and */
 						/* port array */
@@ -216,7 +227,7 @@ is_valid(ad_item_t *item)
 		if (item->state == AD_STATE_FIXED)
 			return (B_TRUE);
 		if (item->state == AD_STATE_AUTO &&
-		    (item->ttl == 0 || item->ttl > time(NULL)))
+		    (item->expires == 0 || item->expires > time(NULL)))
 			return (B_TRUE);
 	}
 	return (B_FALSE);
@@ -247,9 +258,9 @@ update_item(ad_item_t *item, void *value, enum ad_item_state state,
 	item->state = state;
 
 	if (ttl == 0)
-		item->ttl = 0;
+		item->expires = 0;
 	else
-		item->ttl = time(NULL) + ttl;
+		item->expires = time(NULL) + ttl;
 }
 
 
@@ -593,26 +604,6 @@ DN_to_DNS(const char *dn_name)
 }
 
 
-/* Format the DN of an AD LDAP subnet object for some subnet */
-static char *
-subnet_to_DN(const char *subnet, const char *baseDN)
-{
-	char *result;
-	int len;
-
-	len = snprintf(NULL, 0,
-	    "CN=%s,CN=Subnets,CN=Sites,%s",
-	    subnet, baseDN) + 1;
-
-	result = malloc(len);
-	if (result != NULL)
-		(void) snprintf(result, len,
-		    "CN=%s,CN=Subnets,CN=Sites,%s",
-		    subnet, baseDN);
-	return (result);
-}
-
-
 /* Make a list of subnet object DNs from a list of subnets */
 static char **
 subnets_to_DNs(ad_subnet_t *subnets, const char *base_dn)
@@ -628,8 +619,9 @@ subnets_to_DNs(ad_subnet_t *subnets, const char *base_dn)
 		return (NULL);
 
 	for (i = 0; subnets[i].subnet[0] != '\0'; i++) {
-		if ((results[i] = subnet_to_DN(subnets[i].subnet, base_dn))
-		    == NULL) {
+		(void) asprintf(&results[i], "CN=%s,CN=Subnets,CN=Sites,%s",
+		    subnets[i].subnet, base_dn);
+		if (results[i] == NULL) {
 			for (j = 0; j < i; j++)
 				free(results[j]);
 			free(results);
@@ -828,7 +820,8 @@ err:
  * A utility function to bind to a Directory server
  */
 
-static LDAP*
+static
+LDAP *
 ldap_lookup_init(idmap_ad_disc_ds_t *ds)
 {
 	int 	i;
@@ -988,15 +981,17 @@ ldap_lookup_trusted_domains(LDAP **ld, idmap_ad_disc_ds_t *globalCatalog,
 
 			if (partner != NULL && direction != NULL) {
 				num++;
-				trusted_domains = realloc(trusted_domains,
+				void *tmp = realloc(trusted_domains,
 				    (num + 1) *
 				    sizeof (ad_disc_trusteddomains_t));
-				if (trusted_domains == NULL) {
+				if (tmp == NULL) {
+					free(trusted_domains);
 					ldap_value_free(partner);
 					ldap_value_free(direction);
 					ldap_msgfree(results);
 					return (NULL);
 				}
+				trusted_domains = tmp;
 				/* Last element should be zero */
 				memset(&trusted_domains[num], 0,
 				    sizeof (ad_disc_trusteddomains_t));
@@ -1221,6 +1216,22 @@ ad_disc_refresh(ad_disc_t ctx)
 }
 
 
+/*
+ * Called when the discovery cycle is done.  Sets a master TTL
+ * that will avoid doing new time-based discoveries too soon after
+ * the last discovery cycle.  Most interesting when the discovery
+ * cycle failed, because then the TTLs on the individual items will
+ * not be updated and may go stale.
+ */
+void
+ad_disc_done(ad_disc_t ctx)
+{
+	time_t now = time(NULL);
+
+	ctx->expires_not_before = now + MINIMUM_TTL;
+	ctx->expires_not_after = now + MAXIMUM_TTL;
+}
+
 
 /* Discover joined Active Directory domainName */
 static ad_item_t *
@@ -1425,12 +1436,13 @@ validate_SiteName(ad_disc_t ctx)
 		return (NULL);
 
 	if (!is_valid(&ctx->site_name) ||
-	    is_changed(&ctx->site_name, PARAM1, &ctx->domain_controller) ||
+	    is_changed(&ctx->site_name, PARAM1, domain_controller_item) ||
 	    ctx->subnets == NULL || ctx->subnets_changed) {
 		subnets = find_subnets();
 		ctx->subnets_last_check = time(NULL);
 		update_required = B_TRUE;
 	} else if (ctx->subnets_last_check + 60 < time(NULL)) {
+		/* NEEDSWORK magic constant 60 above */
 		subnets = find_subnets();
 		ctx->subnets_last_check = time(NULL);
 		if (cmpsubnets(ctx->subnets, subnets) != 0)
@@ -1471,6 +1483,8 @@ validate_SiteName(ad_disc_t ctx)
 			forest_name = DN_to_DNS(config_naming_context + len);
 			update_item(&ctx->forest_name, forest_name,
 			    AD_STATE_AUTO, 0);
+			update_version(&ctx->forest_name, PARAM1,
+			    domain_controller_item);
 		}
 	}
 
@@ -1495,6 +1509,8 @@ validate_SiteName(ad_disc_t ctx)
 			site_name[len] = '\0';
 			update_item(&ctx->site_name, site_name,
 			    AD_STATE_AUTO, 0);
+			update_version(&ctx->site_name, PARAM1,
+			    domain_controller_item);
 		}
 	}
 
@@ -1997,17 +2013,33 @@ ad_disc_unset(ad_disc_t ctx)
 int
 ad_disc_get_TTL(ad_disc_t ctx)
 {
+	time_t expires;
 	int ttl;
 
-	ttl = MIN_GT_ZERO(ctx->domain_controller.ttl, ctx->global_catalog.ttl);
-	ttl = MIN_GT_ZERO(ttl, ctx->site_domain_controller.ttl);
-	ttl = MIN_GT_ZERO(ttl, ctx->site_global_catalog.ttl);
+	expires = MIN_GT_ZERO(ctx->domain_controller.expires,
+	    ctx->global_catalog.expires);
+	expires = MIN_GT_ZERO(expires, ctx->site_domain_controller.expires);
+	expires = MIN_GT_ZERO(expires, ctx->site_global_catalog.expires);
 
-	if (ttl == -1)
+	if (expires == -1) {
 		return (-1);
-	ttl -= time(NULL);
-	if (ttl < 0)
+	}
+
+	if (ctx->expires_not_before != 0 &&
+	    expires < ctx->expires_not_before) {
+		expires = ctx->expires_not_before;
+	}
+
+	if (ctx->expires_not_after != 0 &&
+	    expires > ctx->expires_not_after) {
+		expires = ctx->expires_not_after;
+	}
+
+	ttl = expires - time(NULL);
+
+	if (ttl < 0) {
 		return (0);
+	}
 	return (ttl);
 }
 
diff --git a/usr/src/lib/libadutils/common/addisc.h b/usr/src/lib/libadutils/common/addisc.h
index faf3393523..c8a3ca17d2 100644
--- a/usr/src/lib/libadutils/common/addisc.h
+++ b/usr/src/lib/libadutils/common/addisc.h
@@ -20,8 +20,7 @@
  */
 
 /*
- * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
- * Use is subject to license terms.
+ * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
  */
 
 #ifndef	_ADINFO_H
@@ -125,6 +124,12 @@ ad_disc_set_GlobalCatalog(ad_disc_t ctx,
  */
 void ad_disc_refresh(ad_disc_t);
 
+/*
+ * This routine marks the end of a discovery cycle and sets
+ * the sanity limits on the time before the next cycle.
+ */
+void ad_disc_done(ad_disc_t);
+
 /* This routine unsets all overridden values */
 int ad_disc_unset(ad_disc_t ctx);
 
diff --git a/usr/src/lib/libadutils/common/mapfile-vers b/usr/src/lib/libadutils/common/mapfile-vers
index d7e1687ef2..e1e580bd9a 100644
--- a/usr/src/lib/libadutils/common/mapfile-vers
+++ b/usr/src/lib/libadutils/common/mapfile-vers
@@ -19,8 +19,7 @@
 # CDDL HEADER END
 #
 #
-# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
-# Use is subject to license terms.
+# Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
 #
 
 #
@@ -67,6 +66,7 @@ SUNWprivate {
 	ad_disc_compare_ds;
 	ad_disc_compare_trusteddomains;
 	ad_disc_compare_domainsinforest;
+	ad_disc_done;
 	ad_disc_SubnetChanged;
 	ad_disc_get_GlobalCatalog;
 	ad_disc_set_GlobalCatalog;