msdfs referrals at share-level

Richard Sharpe rsharpe at richardsharpe.com
Sun Feb 9 01:30:21 GMT 2003 

On Fri, 7 Feb 2003, Guenther Deschner wrote:

> now that the msdfs-proxy is in cvs (thanks again for taking a deeper look on
> that) i still have a small fix for the dfsenum-pipe that just prints the first
> dfsroot and then stops. with that fix it'll show you all dfsenum-infolevels.
> 
> attached you'll find a backport of the msdfs-proxy for 2_2, maybe you could
> have a quick look and comment on that one too.

Hmmm, how is this any different from having a normal MSDFS share set up in 
Samba, say to \\server1\share1, and doing:

ln -s "msdfs:server1\share2,server2\share3,..." /path/to/share1/share1 

Just what does this msdfs-proxy stuff do that you can't do with the 
existing code?

Regards
-----
Richard Sharpe, rsharpe[at]ns.aus.com, rsharpe[at]samba.org, 
sharpe[at]ethereal.com, http://www.richardsharpe.com
-------------- next part --------------
--- source/param/loadparm.c	20 Dec 2002 20:23:05 -0000	1.472
+++ source/param/loadparm.c	29 Dec 2002 23:29:07 -0000	1.473
@@ -343,6 +343,7 @@
 	char *fstype;
 	char *szVfsObjectFile;
 	char *szVfsOptions;
+	char *szMSDfsProxy;
 	int iMinPrintSpace;
 	int iMaxPrintJobs;
 	int iWriteCacheSize;
@@ -468,6 +469,7 @@
 	NULL,			/* fstype */
 	NULL,			/* vfs object */
 	NULL,			/* vfs options */
+	NULL,			/* szMSDfsProxy */
 	0,			/* iMinPrintSpace */
 	1000,			/* iMaxPrintJobs */
 	0,			/* iWriteCacheSize */
@@ -1105,6 +1107,7 @@

 	{"msdfs root", P_BOOL, P_LOCAL, &sDefault.bMSDfsRoot, NULL, NULL, FLAG_SHARE},
 	{"host msdfs", P_BOOL, P_GLOBAL, &Globals.bHostMSDfs, NULL, NULL, 0},
+	{"msdfs proxy", P_STRING, P_LOCAL, &sDefault.szMSDfsProxy, NULL, NULL, FLAG_SHARE},
 #endif

 	{"Winbind options", P_SEP, P_SEPARATOR},
@@ -1745,6 +1748,7 @@
 FN_LOCAL_STRING(lp_fstype, fstype)
 FN_LOCAL_STRING(lp_vfsobj, szVfsObjectFile)
 FN_LOCAL_STRING(lp_vfs_options, szVfsOptions)
+FN_LOCAL_STRING(lp_msdfs_proxy, szMSDfsProxy)
 static FN_LOCAL_STRING(lp_volume, volume)
 FN_LOCAL_STRING(lp_mangled_map, szMangledMap)
 FN_LOCAL_STRING(lp_veto_files, szVetoFiles)
--- docs/docbook/manpages/smb.conf.5.sgml	27 Nov 2002 02:47:55 -0000	1.68
+++ docs/docbook/manpages/smb.conf.5.sgml	29 Dec 2002 23:29:08 -0000	1.69
@@ -869,6 +869,7 @@
 		<listitem><para><link linkend="MAXCONNECTIONS"><parameter>max connections</parameter></link></para></listitem>
 		<listitem><para><link linkend="MAXPRINTJOBS"><parameter>max print jobs</parameter></link></para></listitem>
 		<listitem><para><link linkend="MINPRINTSPACE"><parameter>min print space</parameter></link></para></listitem>
+		<listitem><para><link linkend="MSDFSPROXY"><parameter>msdfs proxy</parameter></link></para></listitem>
 		<listitem><para><link linkend="MSDFSROOT"><parameter>msdfs root</parameter></link></para></listitem>
 		<listitem><para><link linkend="NTACLSUPPORT"><parameter>nt acl support</parameter></link></para></listitem>
 		<listitem><para><link linkend="ONLYGUEST"><parameter>only guest</parameter></link></para></listitem>
@@ -4847,6 +4848,23 @@
 		</varlistentry>
 
 
+		<varlistentry>
+		<term><anchor id="MSDFSPROXY">msdfs proxy (S)</term>
+		<listitem><para>This parameter indicates that the share is a
+		stand-in for another CIFS share whose location is specified by
+		the value of the parameter. When clients attempt to connect to
+		this share, they are redirected to the proxied share using
+		the SMB-Dfs protocol.</para>
+		<para>Only Dfs roots can act as proxy shares. Take a look at the
+		<link linkend="MSDFSROOT"><parameter>msdfs root</parameter></link>
+		and
+		<link linkend="HOSTMSDFS"><parameter>host msdfs</parameter></link>
+		options to find out how to set up a Dfs root share.</para>
+		<para>Example: <command>msdfs proxy = \otherserver\someshare</command></para>
+		</listitem>
+		</varlistentry>
+
+
 		
 		
 		<varlistentry>
@@ -4857,8 +4875,8 @@
 		Samba treats the share as a Dfs root and  allows clients to browse 
 		the distributed file system tree rooted at the share directory. 
 		Dfs links are specified  in  the share directory by symbolic 
-		links of the form <filename>msdfs:serverA\shareA,serverB\shareB
-		</filename> and so on.  For more information on setting up a Dfs tree 
+		links of the form <filename>msdfs:serverA\shareA,serverB\shareB</filename>
+		and so on.  For more information on setting up a Dfs tree 
 		on Samba,  refer to <ulink url="msdfs_setup.html">msdfs_setup.html
 		</ulink>.</para>
 		

--- docs/manpages/smb.conf.5	2003-02-01 18:43:47.000000000 +0100
+++ docs/manpages/smb.conf.5	2003-02-07 10:29:02.000000000 +0100
@@ -1276,6 +1272,9 @@
 \fImin print space\fR
 .TP 0.2i
 \(bu
+\fImsdfs proxy\fR
+.TP 0.2i
+\(bu
 \fImsdfs root\fR
 .TP 0.2i
 \(bu
@@ -4664,14 +4663,29 @@
 
 Default: \fBmin wins ttl = 21600\fR
 .TP
+\fBmsdfs proxy (S)\fR
+This parameter indicates that the share is a
+stand-in for another CIFS share whose location is specified by
+the value of the parameter. When clients attempt to connect to
+this share, they are redirected to the proxied share using
+the SMB-Dfs protocol.
+
+Only Dfs roots can act as proxy shares. Take a look at the
+\fImsdfs root\fR
+and
+\fIhost msdfs\fR
+options to find out how to set up a Dfs root share.
+
+Example: \fBmsdfs proxy = \\otherserver\\someshare\fR
+.TP
 \fBmsdfs root (S)\fR
 This boolean parameter is only available if 
 Samba is configured and compiled with the \fB --with-msdfs\fR option. If set to yes, 
 Samba treats the share as a Dfs root and allows clients to browse 
 the distributed file system tree rooted at the share directory. 
 Dfs links are specified in the share directory by symbolic 
-links of the form \fImsdfs:serverA\\shareA,serverB\\shareB
-\fRand so on. For more information on setting up a Dfs tree 
+links of the form \fImsdfs:serverA\\shareA,serverB\\shareB\fR
+and so on. For more information on setting up a Dfs tree 
 on Samba, refer to msdfs_setup.html
 
 
--- source/msdfs/msdfs.c	2002-11-05 20:05:05.000000000 +0100
+++ source/msdfs/msdfs.c	2003-02-07 13:29:44.000000000 +0100
@@ -382,6 +383,31 @@
 		return False;
 	}
 
+	/* Handle msdfs-proxy support */
+	if (*lp_msdfs_proxy(snum) != '\0') {
+
+		DEBUG(3, ("local service %s is a msdfs proxy redirect to: %s\n", 
+		lp_servicename(SNUM(conn)), lp_msdfs_proxy(SNUM(conn)) ));
+
+		struct referral* ref;
+		jn->referral_count = 1;
+		if ((ref = (struct referral*) malloc(sizeof(struct referral)))
+		    == NULL) {
+			DEBUG(0, ("malloc failed for referral\n"));
+			return False;
+		}
+
+		pstrcpy(ref->alternate_path, lp_msdfs_proxy(snum));
+		if (dp.reqpath[0] != '\0')
+			pstrcat(ref->alternate_path, dp.reqpath);
+		ref->proximity = 0;
+		ref->ttl = REFERRAL_TTL;
+		jn->referral_list = ref;
+		if (consumedcntp)
+			*consumedcntp = strlen(pathname);
+		return True;
+	}
+
 	/* If not remote & not a self referral, return False */
 	if (!resolve_dfs_path(pathname, &dp, conn, False, 
 			      &jn->referral_list, &jn->referral_count,
@@ -797,6 +823,7 @@
 	char* service_name = lp_servicename(snum);
 	connection_struct conns;
 	connection_struct *conn = &conns;
+	struct referral *ref = NULL;
  
 	pstrcpy(connect_path,lp_pathname(snum));
 
@@ -810,31 +837,38 @@
 	if (!create_conn_struct(conn, snum))
 		return False;
 
-	{ 
-		/* form a junction for the msdfs root - convention 
-		   DO NOT REMOVE THIS: NT clients will not work with us
-		   if this is not present
-		*/ 
-		struct referral *ref = NULL;
-		pstring alt_path;
-		pstrcpy(jn[cnt].service_name, service_name);
-		jn[cnt].volume_name[0] = '\0';
-		jn[cnt].referral_count = 1;
-	
-		slprintf(alt_path,sizeof(alt_path)-1,"\\\\%s\\%s", 
-			 local_machine, service_name);
-		ref = jn[cnt].referral_list = (struct referral*) malloc(sizeof(struct referral));
-		if (jn[cnt].referral_list == NULL) {
-			DEBUG(0, ("Malloc failed!\n"));
-			return False;
-		}
+	/* form a junction for the msdfs root - convention 
+	   DO NOT REMOVE THIS: NT clients will not work with us
+	   if this is not present
+	*/ 
+	pstrcpy(jn[cnt].service_name, service_name);
+	jn[cnt].volume_name[0] = '\0';
+	jn[cnt].referral_count = 1;
+
+	ref = jn[cnt].referral_list
+		= (struct referral*) malloc(sizeof(struct referral));
+	if (jn[cnt].referral_list == NULL) {
+		DEBUG(0, ("Malloc failed!\n"));
+		return False;
+	}
 
-		safe_strcpy(ref->alternate_path, alt_path, sizeof(pstring));
-		ref->proximity = 0;
-		ref->ttl = REFERRAL_TTL;
+	ref->proximity = 0;
+	ref->ttl = REFERRAL_TTL;
+
+	/* handle msdfs-proxy */
+	if (*lp_msdfs_proxy(snum) != '\0') {
+		pstrcpy(ref->alternate_path, lp_msdfs_proxy(snum));
+		pstrcpy(jn[cnt].service_name, lp_servicename(snum));
 		cnt++;
+		*jn_count = cnt;
+		return True;
 	}
 
+	slprintf(ref->alternate_path, sizeof(pstring)-1,
+		 "\\\\%s\\%s", local_machine, service_name);
+	cnt++;
+
+	/* Now enumerate all dfs links */
 	dirp = conn->vfs_ops.opendir(conn, dos_to_unix_static(connect_path));
 	if(!dirp)
 		return False;
--- source/smbd/service.c	2003-02-07 13:47:24.000000000 +0100
+++ source/smbd/service.c	2003-02-07 13:47:12.000000000 +0100
@@ -640,6 +640,13 @@
 		dbgtext( "(uid=%d, gid=%d) ", (int)geteuid(), (int)getegid() );
 		dbgtext( "(pid %d)\n", (int)sys_getpid() );
 	}
+
+	/* Handle non-Dfs clients attempting connections to msdfs proxy */
+	if (lp_host_msdfs() && (*lp_msdfs_proxy(snum) != '\0'))  {
+		DEBUG(3, ("refusing connection to dfs proxy '%s'\n", service));
+		return NULL;
+	}
+
 	
 	/* we've finished with the sensitive stuff */
 	change_to_root_user();
-------------- next part --------------
--- source/msdfs/msdfs.c	2002-12-30 00:30:15.000000000 +0100
+++ source/msdfs/msdfs.c	2003-02-07 14:19:37.000000000 +0100
@@ -851,7 +851,9 @@
 	ref->ttl = REFERRAL_TTL;
 	if (*lp_msdfs_proxy(snum) != '\0') {
 		pstrcpy(ref->alternate_path, lp_msdfs_proxy(snum));
-		*jn_count = 1;
+		pstrcpy(jn[cnt].service_name, lp_servicename(snum));
+		cnt++;
+		*jn_count = cnt;
 		return True;
 	}

More information about the samba-technical mailing list