Changeset 740 for vendor/current/source3/smbd/process.c
- Timestamp:
- Nov 14, 2012, 12:59:34 PM (12 years ago)
- File:
-
- 1 edited
-
vendor/current/source3/smbd/process.c (modified) (78 diffs)
Legend:
- Unmodified
- Added
- Removed
-
TabularUnified vendor/current/source3/smbd/process.c ¶
r597 r740 4 4 Copyright (C) Andrew Tridgell 1992-1998 5 5 Copyright (C) Volker Lendecke 2005-2007 6 6 7 7 This program is free software; you can redistribute it and/or modify 8 8 it under the terms of the GNU General Public License as published by 9 9 the Free Software Foundation; either version 3 of the License, or 10 10 (at your option) any later version. 11 11 12 12 This program is distributed in the hope that it will be useful, 13 13 but WITHOUT ANY WARRANTY; without even the implied warranty of 14 14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15 15 GNU General Public License for more details. 16 16 17 17 You should have received a copy of the GNU General Public License 18 18 along with this program. If not, see <http://www.gnu.org/licenses/>. … … 20 20 21 21 #include "includes.h" 22 #include "../lib/tsocket/tsocket.h" 23 #include "system/filesys.h" 24 #include "smbd/smbd.h" 22 25 #include "smbd/globals.h" 23 #include "../librpc/gen_ndr/srv_dfs.h" 24 #include "../librpc/gen_ndr/srv_dssetup.h" 25 #include "../librpc/gen_ndr/srv_echo.h" 26 #include "../librpc/gen_ndr/srv_eventlog.h" 27 #include "../librpc/gen_ndr/srv_initshutdown.h" 28 #include "../librpc/gen_ndr/srv_lsa.h" 29 #include "../librpc/gen_ndr/srv_netlogon.h" 30 #include "../librpc/gen_ndr/srv_ntsvcs.h" 31 #include "../librpc/gen_ndr/srv_samr.h" 32 #include "../librpc/gen_ndr/srv_spoolss.h" 33 #include "../librpc/gen_ndr/srv_srvsvc.h" 34 #include "../librpc/gen_ndr/srv_svcctl.h" 35 #include "../librpc/gen_ndr/srv_winreg.h" 36 #include "../librpc/gen_ndr/srv_wkssvc.h" 26 #include "librpc/gen_ndr/netlogon.h" 27 #include "../lib/async_req/async_sock.h" 28 #include "ctdbd_conn.h" 29 #include "../lib/util/select.h" 30 #include "printing/pcap.h" 31 #include "system/select.h" 32 #include "passdb.h" 33 #include "auth.h" 34 #include "messages.h" 35 #include "smbprofile.h" 36 #include "rpc_server/spoolss/srv_spoolss_nt.h" 37 #include "libsmb/libsmb.h" 37 38 38 39 extern bool global_machine_password_needs_changing; … … 40 41 static void construct_reply_common(struct smb_request *req, const char *inbuf, 41 42 char *outbuf); 43 static struct pending_message_list *get_deferred_open_message_smb(uint64_t mid); 44 45 static bool smbd_lock_socket_internal(struct smbd_server_connection *sconn) 46 { 47 bool ok; 48 49 if (sconn->smb1.echo_handler.socket_lock_fd == -1) { 50 return true; 51 } 52 53 sconn->smb1.echo_handler.ref_count++; 54 55 if (sconn->smb1.echo_handler.ref_count > 1) { 56 return true; 57 } 58 59 DEBUG(10,("pid[%d] wait for socket lock\n", (int)sys_getpid())); 60 61 do { 62 ok = fcntl_lock( 63 sconn->smb1.echo_handler.socket_lock_fd, 64 SMB_F_SETLKW, 0, 0, F_WRLCK); 65 } while (!ok && (errno == EINTR)); 66 67 if (!ok) { 68 DEBUG(1, ("fcntl_lock failed: %s\n", strerror(errno))); 69 return false; 70 } 71 72 DEBUG(10,("pid[%d] got for socket lock\n", (int)sys_getpid())); 73 74 return true; 75 } 76 77 void smbd_lock_socket(struct smbd_server_connection *sconn) 78 { 79 if (!smbd_lock_socket_internal(sconn)) { 80 exit_server_cleanly("failed to lock socket"); 81 } 82 } 83 84 static bool smbd_unlock_socket_internal(struct smbd_server_connection *sconn) 85 { 86 bool ok; 87 88 if (sconn->smb1.echo_handler.socket_lock_fd == -1) { 89 return true; 90 } 91 92 sconn->smb1.echo_handler.ref_count--; 93 94 if (sconn->smb1.echo_handler.ref_count > 0) { 95 return true; 96 } 97 98 do { 99 ok = fcntl_lock( 100 sconn->smb1.echo_handler.socket_lock_fd, 101 SMB_F_SETLKW, 0, 0, F_UNLCK); 102 } while (!ok && (errno == EINTR)); 103 104 if (!ok) { 105 DEBUG(1, ("fcntl_lock failed: %s\n", strerror(errno))); 106 return false; 107 } 108 109 DEBUG(10,("pid[%d] unlocked socket\n", (int)sys_getpid())); 110 111 return true; 112 } 113 114 void smbd_unlock_socket(struct smbd_server_connection *sconn) 115 { 116 if (!smbd_unlock_socket_internal(sconn)) { 117 exit_server_cleanly("failed to unlock socket"); 118 } 119 } 42 120 43 121 /* Accessor function for smb_read_error for smbd functions. */ … … 47 125 ****************************************************************************/ 48 126 49 bool srv_send_smb( int fd, char *buffer,127 bool srv_send_smb(struct smbd_server_connection *sconn, char *buffer, 50 128 bool do_signing, uint32_t seqnum, 51 129 bool do_encrypt, … … 57 135 char *buf_out = buffer; 58 136 137 smbd_lock_socket(sconn); 138 59 139 if (do_signing) { 60 140 /* Sign the outgoing packet if required. */ 61 srv_calculate_sign_mac(s mbd_server_conn, buf_out, seqnum);141 srv_calculate_sign_mac(sconn, buf_out, seqnum); 62 142 } 63 143 … … 74 154 len = smb_len(buf_out) + 4; 75 155 76 ret = write_data( fd,buf_out+nwritten,len - nwritten);156 ret = write_data(sconn->sock, buf_out+nwritten, len - nwritten); 77 157 if (ret <= 0) { 78 DEBUG(0,("Error writing %d bytes to client. %d. (%s)\n", 79 (int)len,(int)ret, strerror(errno) )); 158 159 char addr[INET6_ADDRSTRLEN]; 160 /* 161 * Try and give an error message saying what 162 * client failed. 163 */ 164 DEBUG(1,("pid[%d] Error writing %d bytes to client %s. %d. (%s)\n", 165 (int)sys_getpid(), (int)len, 166 get_peer_addr(sconn->sock, addr, sizeof(addr)), 167 (int)ret, strerror(errno) )); 168 80 169 srv_free_enc_buffer(buf_out); 81 170 goto out; … … 86 175 out: 87 176 SMB_PERFCOUNT_END(pcd); 177 178 smbd_unlock_socket(sconn); 88 179 return true; 89 180 } … … 139 230 unsigned int timeout, ssize_t len) 140 231 { 232 NTSTATUS status; 233 141 234 if (len <= 0) { 142 235 return NT_STATUS_OK; 143 236 } 144 237 145 return read_fd_with_timeout(fd, buffer, len, len, timeout, NULL); 238 status = read_fd_with_timeout(fd, buffer, len, len, timeout, NULL); 239 if (!NT_STATUS_IS_OK(status)) { 240 char addr[INET6_ADDRSTRLEN]; 241 DEBUG(0, ("read_fd_with_timeout failed for client %s read " 242 "error = %s.\n", 243 get_peer_addr(fd, addr, sizeof(addr)), 244 nt_errstr(status))); 245 } 246 return status; 146 247 } 147 248 … … 164 265 static NTSTATUS receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx, 165 266 const char lenbuf[4], 166 int fd, char **buffer, 267 struct smbd_server_connection *sconn, 268 int sock, 269 char **buffer, 167 270 unsigned int timeout, 168 271 size_t *p_unread, … … 178 281 179 282 status = read_fd_with_timeout( 180 fd, writeX_header + 4,283 sock, writeX_header + 4, 181 284 STANDARD_WRITE_AND_X_HEADER_SIZE, 182 285 STANDARD_WRITE_AND_X_HEADER_SIZE, … … 184 287 185 288 if (!NT_STATUS_IS_OK(status)) { 289 DEBUG(0, ("read_fd_with_timeout failed for client %s read " 290 "error = %s.\n", sconn->client_id.addr, 291 nt_errstr(status))); 186 292 return status; 187 293 } … … 192 298 */ 193 299 194 if (is_valid_writeX_buffer( (uint8_t *)writeX_header)) {300 if (is_valid_writeX_buffer(sconn, (uint8_t *)writeX_header)) { 195 301 /* 196 302 * If the data offset is beyond what … … 202 308 if (doff > STANDARD_WRITE_AND_X_HEADER_SIZE) { 203 309 size_t drain = doff - STANDARD_WRITE_AND_X_HEADER_SIZE; 204 if (drain_socket(s mbd_server_fd(), drain) != drain) {310 if (drain_socket(sock, drain) != drain) { 205 311 smb_panic("receive_smb_raw_talloc_partial_read:" 206 312 " failed to drain pending bytes"); … … 257 363 if(toread > 0) { 258 364 status = read_packet_remainder( 259 fd, (*buffer) + 4 + STANDARD_WRITE_AND_X_HEADER_SIZE, 365 sock, 366 (*buffer) + 4 + STANDARD_WRITE_AND_X_HEADER_SIZE, 260 367 timeout, toread); 261 368 … … 271 378 } 272 379 273 static NTSTATUS receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, int fd, 380 static NTSTATUS receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, 381 struct smbd_server_connection *sconn, 382 int sock, 274 383 char **buffer, unsigned int timeout, 275 384 size_t *p_unread, size_t *plen) … … 282 391 *p_unread = 0; 283 392 284 status = read_smb_length_return_keepalive(fd, lenbuf, timeout, &len); 393 status = read_smb_length_return_keepalive(sock, lenbuf, timeout, 394 &len); 285 395 if (!NT_STATUS_IS_OK(status)) { 286 DEBUG(10, ("receive_smb_raw: %s\n", nt_errstr(status)));287 396 return status; 288 397 } … … 291 400 (smb_len_large(lenbuf) > /* Could be a UNIX large writeX. */ 292 401 (min_recv_size + STANDARD_WRITE_AND_X_HEADER_SIZE)) && 293 !srv_is_signing_active(smbd_server_conn)) { 402 !srv_is_signing_active(sconn) && 403 sconn->smb1.echo_handler.trusted_fde == NULL) { 294 404 295 405 return receive_smb_raw_talloc_partial_read( 296 mem_ctx, lenbuf, fd, buffer, timeout, p_unread, plen); 406 mem_ctx, lenbuf, sconn, sock, buffer, timeout, 407 p_unread, plen); 297 408 } 298 409 … … 315 426 memcpy(*buffer, lenbuf, sizeof(lenbuf)); 316 427 317 status = read_packet_remainder( fd, (*buffer)+4, timeout, len);428 status = read_packet_remainder(sock, (*buffer)+4, timeout, len); 318 429 if (!NT_STATUS_IS_OK(status)) { 319 430 return status; … … 324 435 } 325 436 326 static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx, int fd, 437 static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx, 438 struct smbd_server_connection *sconn, 439 int sock, 327 440 char **buffer, unsigned int timeout, 328 441 size_t *p_unread, bool *p_encrypted, 329 442 size_t *p_len, 330 uint32_t *seqnum) 443 uint32_t *seqnum, 444 bool trusted_channel) 331 445 { 332 446 size_t len = 0; … … 335 449 *p_encrypted = false; 336 450 337 status = receive_smb_raw_talloc(mem_ctx, fd, buffer, timeout,451 status = receive_smb_raw_talloc(mem_ctx, sconn, sock, buffer, timeout, 338 452 p_unread, &len); 339 453 if (!NT_STATUS_IS_OK(status)) { 454 DEBUG(1, ("read_smb_length_return_keepalive failed for " 455 "client %s read error = %s.\n", 456 sconn->client_id.addr, nt_errstr(status))); 340 457 return status; 341 458 } … … 353 470 354 471 /* Check the incoming SMB signature. */ 355 if (!srv_check_sign_mac(s mbd_server_conn, *buffer, seqnum)) {472 if (!srv_check_sign_mac(sconn, *buffer, seqnum, trusted_channel)) { 356 473 DEBUG(0, ("receive_smb: SMB Signature verification failed on " 357 474 "incoming packet!\n")); … … 367 484 */ 368 485 369 voidinit_smb_request(struct smb_request *req,370 const uint8 *inbuf,371 size_t unread_bytes,372 bool encrypted)373 { 374 struct smbd_server_connection *sconn = smbd_server_conn; 486 static bool init_smb_request(struct smb_request *req, 487 struct smbd_server_connection *sconn, 488 const uint8 *inbuf, 489 size_t unread_bytes, bool encrypted, 490 uint32_t seqnum) 491 { 375 492 size_t req_size = smb_len(inbuf) + 4; 376 493 /* Ensure we have at least smb_size bytes. */ … … 378 495 DEBUG(0,("init_smb_request: invalid request size %u\n", 379 496 (unsigned int)req_size )); 380 exit_server_cleanly("Invalid SMB request");497 return false; 381 498 } 382 499 req->cmd = CVAL(inbuf, smb_com); 383 500 req->flags2 = SVAL(inbuf, smb_flg2); 384 501 req->smbpid = SVAL(inbuf, smb_pid); 385 req->mid = SVAL(inbuf, smb_mid);386 req->seqnum = 0;502 req->mid = (uint64_t)SVAL(inbuf, smb_mid); 503 req->seqnum = seqnum; 387 504 req->vuid = SVAL(inbuf, smb_uid); 388 505 req->tid = SVAL(inbuf, smb_tid); … … 393 510 req->unread_bytes = unread_bytes; 394 511 req->encrypted = encrypted; 512 req->sconn = sconn; 395 513 req->conn = conn_find(sconn,req->tid); 396 514 req->chain_fsp = NULL; 397 515 req->chain_outbuf = NULL; 398 516 req->done = false; 517 req->smb2req = NULL; 399 518 smb_init_perfcount_data(&req->pcd); 400 519 … … 404 523 (unsigned int)req->wct, 405 524 (unsigned int)req_size)); 406 exit_server_cleanly("Invalid SMB request");525 return false; 407 526 } 408 527 /* Ensure bcc is correct. */ … … 413 532 (unsigned int)req->wct, 414 533 (unsigned int)req_size)); 415 exit_server_cleanly("Invalid SMB request");534 return false; 416 535 } 417 536 418 537 req->outbuf = NULL; 538 return true; 419 539 } 420 540 … … 432 552 struct pending_message_list); 433 553 TALLOC_CTX *mem_ctx = talloc_tos(); 434 uint 16_t mid =SVAL(msg->buf.data,smb_mid);554 uint64_t mid = (uint64_t)SVAL(msg->buf.data,smb_mid); 435 555 uint8_t *inbuf; 436 556 … … 444 564 /* We leave this message on the queue so the open code can 445 565 know this is a retry. */ 446 DEBUG(5,("smbd_deferred_open_timer: trigger mid % u.\n",447 (unsigned int)mid ));566 DEBUG(5,("smbd_deferred_open_timer: trigger mid %llu.\n", 567 (unsigned long long)mid )); 448 568 449 569 /* Mark the message as processed so this is not … … 456 576 457 577 /* If it's still there and was processed, remove it. */ 458 msg = get_ open_deferred_message(mid);578 msg = get_deferred_open_message_smb(mid); 459 579 if (msg && msg->processed) { 460 remove_deferred_open_ smb_message(mid);580 remove_deferred_open_message_smb(mid); 461 581 } 462 582 } … … 528 648 ****************************************************************************/ 529 649 530 void remove_deferred_open_ smb_message(uint16mid)650 void remove_deferred_open_message_smb(uint64_t mid) 531 651 { 532 652 struct pending_message_list *pml; 533 653 654 if (smbd_server_conn->using_smb2) { 655 remove_deferred_open_message_smb2(smbd_server_conn, mid); 656 return; 657 } 658 534 659 for (pml = deferred_open_queue; pml; pml = pml->next) { 535 if (mid == SVAL(pml->buf.data,smb_mid)) {536 DEBUG(10,("remove_deferred_open_ smb_message: "537 "deleting mid % u len %u\n",538 (unsigned int)mid,660 if (mid == (uint64_t)SVAL(pml->buf.data,smb_mid)) { 661 DEBUG(10,("remove_deferred_open_message_smb: " 662 "deleting mid %llu len %u\n", 663 (unsigned long long)mid, 539 664 (unsigned int)pml->buf.length )); 540 665 DLIST_REMOVE(deferred_open_queue, pml); … … 550 675 ****************************************************************************/ 551 676 552 void schedule_deferred_open_ smb_message(uint16mid)677 void schedule_deferred_open_message_smb(uint64_t mid) 553 678 { 554 679 struct pending_message_list *pml; 555 680 int i = 0; 556 681 682 if (smbd_server_conn->using_smb2) { 683 schedule_deferred_open_message_smb2(smbd_server_conn, mid); 684 return; 685 } 686 557 687 for (pml = deferred_open_queue; pml; pml = pml->next) { 558 uint16 msg_mid = SVAL(pml->buf.data,smb_mid); 559 560 DEBUG(10,("schedule_deferred_open_smb_message: [%d] msg_mid = %u\n", i++, 561 (unsigned int)msg_mid )); 688 uint64_t msg_mid = (uint64_t)SVAL(pml->buf.data,smb_mid); 689 690 DEBUG(10,("schedule_deferred_open_message_smb: [%d] " 691 "msg_mid = %llu\n", 692 i++, 693 (unsigned long long)msg_mid )); 562 694 563 695 if (mid == msg_mid) { … … 567 699 /* A processed message should not be 568 700 * rescheduled. */ 569 DEBUG(0,("schedule_deferred_open_ smb_message: LOGIC ERROR "570 "message mid % u was already processed\n",571 msg_mid ));701 DEBUG(0,("schedule_deferred_open_message_smb: LOGIC ERROR " 702 "message mid %llu was already processed\n", 703 (unsigned long long)msg_mid )); 572 704 continue; 573 705 } 574 706 575 DEBUG(10,("schedule_deferred_open_smb_message: scheduling mid %u\n", 576 mid )); 707 DEBUG(10,("schedule_deferred_open_message_smb: " 708 "scheduling mid %llu\n", 709 (unsigned long long)mid )); 577 710 578 711 te = event_add_timed(smbd_event_context(), … … 582 715 pml); 583 716 if (!te) { 584 DEBUG(10,("schedule_deferred_open_smb_message: " 585 "event_add_timed() failed, skipping mid %u\n", 586 mid )); 717 DEBUG(10,("schedule_deferred_open_message_smb: " 718 "event_add_timed() failed, " 719 "skipping mid %llu\n", 720 (unsigned long long)msg_mid )); 587 721 } 588 722 … … 594 728 } 595 729 596 DEBUG(10,("schedule_deferred_open_smb_message: failed to find message mid %u\n", 597 mid )); 730 DEBUG(10,("schedule_deferred_open_message_smb: failed to " 731 "find message mid %llu\n", 732 (unsigned long long)mid )); 598 733 } 599 734 … … 602 737 ****************************************************************************/ 603 738 604 bool open_was_deferred(uint 16mid)739 bool open_was_deferred(uint64_t mid) 605 740 { 606 741 struct pending_message_list *pml; 607 742 743 if (smbd_server_conn->using_smb2) { 744 return open_was_deferred_smb2(smbd_server_conn, mid); 745 } 746 608 747 for (pml = deferred_open_queue; pml; pml = pml->next) { 609 if ( SVAL(pml->buf.data,smb_mid) == mid && !pml->processed) {748 if (((uint64_t)SVAL(pml->buf.data,smb_mid)) == mid && !pml->processed) { 610 749 return True; 611 750 } … … 618 757 ****************************************************************************/ 619 758 620 st ruct pending_message_list *get_open_deferred_message(uint16mid)759 static struct pending_message_list *get_deferred_open_message_smb(uint64_t mid) 621 760 { 622 761 struct pending_message_list *pml; 623 762 624 763 for (pml = deferred_open_queue; pml; pml = pml->next) { 625 if ( SVAL(pml->buf.data,smb_mid) == mid) {764 if (((uint64_t)SVAL(pml->buf.data,smb_mid)) == mid) { 626 765 return pml; 627 766 } 628 767 } 629 768 return NULL; 769 } 770 771 /**************************************************************************** 772 Get the state data queued by this mid. 773 ****************************************************************************/ 774 775 bool get_deferred_open_message_state(struct smb_request *smbreq, 776 struct timeval *p_request_time, 777 void **pp_state) 778 { 779 struct pending_message_list *pml; 780 781 if (smbd_server_conn->using_smb2) { 782 return get_deferred_open_message_state_smb2(smbreq->smb2req, 783 p_request_time, 784 pp_state); 785 } 786 787 pml = get_deferred_open_message_smb(smbreq->mid); 788 if (!pml) { 789 return false; 790 } 791 if (p_request_time) { 792 *p_request_time = pml->request_time; 793 } 794 if (pp_state) { 795 *pp_state = (void *)pml->private_data.data; 796 } 797 return true; 630 798 } 631 799 … … 635 803 ****************************************************************************/ 636 804 637 bool push_deferred_ smb_message(struct smb_request *req,805 bool push_deferred_open_message_smb(struct smb_request *req, 638 806 struct timeval request_time, 639 807 struct timeval timeout, 808 struct file_id id, 640 809 char *private_data, size_t priv_len) 641 810 { 642 811 struct timeval end_time; 643 812 813 if (req->smb2req) { 814 return push_deferred_open_message_smb2(req->smb2req, 815 request_time, 816 timeout, 817 id, 818 private_data, 819 priv_len); 820 } 821 644 822 if (req->unread_bytes) { 645 DEBUG(0,("push_deferred_ smb_message: logic error ! "823 DEBUG(0,("push_deferred_open_message_smb: logic error ! " 646 824 "unread_bytes = %u\n", 647 825 (unsigned int)req->unread_bytes )); 648 smb_panic("push_deferred_ smb_message: "826 smb_panic("push_deferred_open_message_smb: " 649 827 "logic error unread_bytes != 0" ); 650 828 } … … 652 830 end_time = timeval_sum(&request_time, &timeout); 653 831 654 DEBUG(10,("push_deferred_open_smb_message: pushing message len %u mid %u " 655 "timeout time [%u.%06u]\n", 656 (unsigned int) smb_len(req->inbuf)+4, (unsigned int)req->mid, 657 (unsigned int)end_time.tv_sec, 658 (unsigned int)end_time.tv_usec)); 832 DEBUG(10,("push_deferred_open_message_smb: pushing message " 833 "len %u mid %llu timeout time [%u.%06u]\n", 834 (unsigned int) smb_len(req->inbuf)+4, 835 (unsigned long long)req->mid, 836 (unsigned int)end_time.tv_sec, 837 (unsigned int)end_time.tv_usec)); 659 838 660 839 return push_queued_message(req, request_time, end_time, … … 773 952 void *private_data) 774 953 { 954 struct messaging_context *msg_ctx = talloc_get_type_abort( 955 private_data, struct messaging_context); 775 956 change_to_root_user(); 776 957 DEBUG(1,("Reloading services after SIGHUP\n")); 777 reload_services(False); 778 } 779 780 void smbd_setup_sig_hup_handler(void) 958 reload_services(msg_ctx, smbd_server_conn->sock, False); 959 if (am_parent) { 960 pcap_cache_reload(ev, msg_ctx, &reload_pcap_change_notify); 961 } 962 } 963 964 void smbd_setup_sig_hup_handler(struct tevent_context *ev, 965 struct messaging_context *msg_ctx) 781 966 { 782 967 struct tevent_signal *se; 783 968 784 se = tevent_add_signal(smbd_event_context(), 785 smbd_event_context(), 786 SIGHUP, 0, 787 smbd_sig_hup_handler, 788 NULL); 969 se = tevent_add_signal(ev, ev, SIGHUP, 0, smbd_sig_hup_handler, 970 msg_ctx); 789 971 if (!se) { 790 972 exit_server("failed to setup SIGHUP handler"); … … 794 976 static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection *conn) 795 977 { 796 fd_set r_fds, w_fds; 797 int selrtn; 798 struct timeval to; 799 int maxfd = 0; 800 801 to.tv_sec = SMBD_SELECT_TIMEOUT; 802 to.tv_usec = 0; 803 804 /* 805 * Setup the select fd sets. 806 */ 807 808 FD_ZERO(&r_fds); 809 FD_ZERO(&w_fds); 978 int timeout; 979 int num_pfds = 0; 980 int ret; 981 bool retry; 982 983 timeout = SMBD_SELECT_TIMEOUT * 1000; 810 984 811 985 /* … … 814 988 */ 815 989 816 { 817 struct timeval now; 818 GetTimeOfDay(&now); 819 820 event_add_to_select_args(smbd_event_context(), &now, 821 &r_fds, &w_fds, &to, &maxfd); 822 } 990 event_add_to_poll_args(smbd_event_context(), conn, 991 &conn->pfds, &num_pfds, &timeout); 823 992 824 993 /* Process a signal and timed events now... */ 825 if (run_events (smbd_event_context(), 0, NULL, NULL)) {994 if (run_events_poll(smbd_event_context(), 0, NULL, 0)) { 826 995 return NT_STATUS_RETRY; 827 996 } … … 831 1000 START_PROFILE(smbd_idle); 832 1001 833 selrtn = sys_select(maxfd+1,&r_fds,&w_fds,NULL,&to);1002 ret = sys_poll(conn->pfds, num_pfds, timeout); 834 1003 sav = errno; 835 1004 … … 838 1007 } 839 1008 840 if (selrtn == -1 && errno != EINTR) { 1009 if (ret == -1) { 1010 if (errno == EINTR) { 1011 return NT_STATUS_RETRY; 1012 } 841 1013 return map_nt_error_from_unix(errno); 842 1014 } 843 1015 844 if (run_events(smbd_event_context(), selrtn, &r_fds, &w_fds)) { 1016 retry = run_events_poll(smbd_event_context(), ret, conn->pfds, 1017 num_pfds); 1018 if (retry) { 845 1019 return NT_STATUS_RETRY; 846 1020 } 847 1021 848 /* Check if error */849 if (selrtn == -1) {850 /* something is wrong. Maybe the socket is dead? */851 return map_nt_error_from_unix(errno);852 }853 854 1022 /* Did we timeout ? */ 855 if ( selrtn== 0) {1023 if (ret == 0) { 856 1024 return NT_STATUS_RETRY; 857 1025 } … … 866 1034 */ 867 1035 868 NTSTATUS allow_new_trans(struct trans_state *list, int mid)1036 NTSTATUS allow_new_trans(struct trans_state *list, uint64_t mid) 869 1037 { 870 1038 int count = 0; … … 1268 1436 uint16 session_tag; 1269 1437 connection_struct *conn = NULL; 1270 struct smbd_server_connection *sconn = smbd_server_conn;1438 struct smbd_server_connection *sconn = req->sconn; 1271 1439 1272 1440 errno = 0; … … 1320 1488 if (vuser) { 1321 1489 set_current_user_info( 1322 vuser->server_info->sanitized_username, 1323 vuser->server_info->unix_name, 1324 pdb_get_domain(vuser->server_info 1325 ->sam_account)); 1490 vuser->session_info->sanitized_username, 1491 vuser->session_info->unix_name, 1492 vuser->session_info->info3->base.domain.string); 1326 1493 } 1327 1494 } … … 1347 1514 if (!change_to_user(conn,session_tag)) { 1348 1515 DEBUG(0, ("Error: Could not change to user. Removing " 1349 "deferred open, mid=%d.\n", req->mid)); 1516 "deferred open, mid=%llu.\n", 1517 (unsigned long long)req->mid)); 1350 1518 reply_force_doserror(req, ERRSRV, ERRbaduid); 1351 1519 return conn; … … 1396 1564 if ((flags & AS_GUEST) 1397 1565 && (!change_to_guest() || 1398 !check_access(smbd_server_fd(), lp_hostsallow(-1), 1399 lp_hostsdeny(-1)))) { 1566 !allow_access(lp_hostsdeny(-1), lp_hostsallow(-1), 1567 sconn->client_id.name, 1568 sconn->client_id.addr))) { 1400 1569 reply_nterror(req, NT_STATUS_ACCESS_DENIED); 1401 1570 return conn; … … 1410 1579 ****************************************************************************/ 1411 1580 1412 static void construct_reply(char *inbuf, int size, size_t unread_bytes, 1581 static void construct_reply(struct smbd_server_connection *sconn, 1582 char *inbuf, int size, size_t unread_bytes, 1413 1583 uint32_t seqnum, bool encrypted, 1414 1584 struct smb_perfcount_data *deferred_pcd) … … 1421 1591 } 1422 1592 1423 init_smb_request(req, (uint8 *)inbuf, unread_bytes, encrypted); 1593 if (!init_smb_request(req, sconn, (uint8 *)inbuf, unread_bytes, 1594 encrypted, seqnum)) { 1595 exit_server_cleanly("Invalid SMB request"); 1596 } 1597 1424 1598 req->inbuf = (uint8_t *)talloc_move(req, &inbuf); 1425 req->seqnum = seqnum;1426 1599 1427 1600 /* we popped this message off the queue - keep original perf data */ … … 1438 1611 if (req->unread_bytes) { 1439 1612 /* writeX failed. drain socket. */ 1440 if (drain_socket( smbd_server_fd(), req->unread_bytes) !=1613 if (drain_socket(req->sconn->sock, req->unread_bytes) != 1441 1614 req->unread_bytes) { 1442 1615 smb_panic("failed to drain pending bytes"); … … 1458 1631 } 1459 1632 1460 if (!srv_send_smb( smbd_server_fd(),1633 if (!srv_send_smb(req->sconn, 1461 1634 (char *)req->outbuf, 1462 1635 true, req->seqnum+1, … … 1474 1647 Process an smb from the client 1475 1648 ****************************************************************************/ 1476 static void process_smb(struct smbd_server_connection * conn,1649 static void process_smb(struct smbd_server_connection *sconn, 1477 1650 uint8_t *inbuf, size_t nread, size_t unread_bytes, 1478 1651 uint32_t seqnum, bool encrypted, … … 1485 1658 DEBUG( 6, ( "got message type 0x%x of len 0x%x\n", msg_type, 1486 1659 smb_len(inbuf) ) ); 1487 DEBUG( 3, ( "Transaction %d of length %d (%u toread)\n", trans_num, 1488 (int)nread, 1489 (unsigned int)unread_bytes )); 1660 DEBUG(3, ("Transaction %d of length %d (%u toread)\n", 1661 sconn->trans_num, (int)nread, (unsigned int)unread_bytes)); 1490 1662 1491 1663 if (msg_type != 0) { … … 1493 1665 * NetBIOS session request, keepalive, etc. 1494 1666 */ 1495 reply_special( (char *)inbuf, nread);1667 reply_special(sconn, (char *)inbuf, nread); 1496 1668 goto done; 1497 1669 } 1498 1670 1499 if (smbd_server_conn->allow_smb2) { 1671 if (sconn->using_smb2) { 1672 /* At this point we're not really using smb2, 1673 * we make the decision here.. */ 1500 1674 if (smbd_is_smb2_header(inbuf, nread)) { 1501 smbd_smb2_first_negprot(s mbd_server_conn, inbuf, nread);1675 smbd_smb2_first_negprot(sconn, inbuf, nread); 1502 1676 return; 1503 } 1504 smbd_server_conn->allow_smb2 = false; 1677 } else if (nread >= smb_size && valid_smb_header(inbuf) 1678 && CVAL(inbuf, smb_com) != 0x72) { 1679 /* This is a non-negprot SMB1 packet. 1680 Disable SMB2 from now on. */ 1681 sconn->using_smb2 = false; 1682 } 1505 1683 } 1506 1684 1507 1685 show_msg((char *)inbuf); 1508 1686 1509 construct_reply((char *)inbuf,nread,unread_bytes,seqnum,encrypted,deferred_pcd); 1510 trans_num++; 1687 construct_reply(sconn, (char *)inbuf, nread, unread_bytes, seqnum, 1688 encrypted, deferred_pcd); 1689 sconn->trans_num++; 1511 1690 1512 1691 done: 1513 conn->smb1.num_requests++;1692 sconn->num_requests++; 1514 1693 1515 1694 /* The timeout_processing function isn't run nearly … … 1520 1699 tradeoff of performance vs log file size overrun. */ 1521 1700 1522 if (( conn->smb1.num_requests % 50) == 0 &&1701 if ((sconn->num_requests % 50) == 0 && 1523 1702 need_to_check_log_size()) { 1524 1703 change_to_root_user(); … … 1559 1738 { 1560 1739 srv_set_message(outbuf,0,0,false); 1561 1740 1562 1741 SCVAL(outbuf, smb_com, req->cmd); 1563 1742 SIVAL(outbuf,smb_rcls,0); … … 1891 2070 talloc_get_size(req->chain_outbuf) - 4); 1892 2071 1893 if (!srv_send_smb( smbd_server_fd(), (char *)req->chain_outbuf,2072 if (!srv_send_smb(req->sconn, (char *)req->chain_outbuf, 1894 2073 true, req->seqnum+1, 1895 2074 IS_CONN_ENCRYPTED(req->conn) … … 2031 2210 show_msg((char *)(req->chain_outbuf)); 2032 2211 2033 if (!srv_send_smb( smbd_server_fd(), (char *)req->chain_outbuf,2212 if (!srv_send_smb(req->sconn, (char *)req->chain_outbuf, 2034 2213 true, req->seqnum+1, 2035 2214 IS_CONN_ENCRYPTED(req->conn)||req->encrypted, 2036 2215 &req->pcd)) { 2037 exit_server_cleanly("c onstruct_reply: srv_send_smb failed.");2216 exit_server_cleanly("chain_reply: srv_send_smb failed."); 2038 2217 } 2039 2218 TALLOC_FREE(req->chain_outbuf); … … 2045 2224 ****************************************************************************/ 2046 2225 2047 void check_reload(time_t t) 2048 { 2049 time_t printcap_cache_time = (time_t)lp_printcap_cache_time(); 2050 2051 if(last_smb_conf_reload_time == 0) { 2226 static void check_reload(struct smbd_server_connection *sconn, time_t t) 2227 { 2228 2229 if (last_smb_conf_reload_time == 0) { 2052 2230 last_smb_conf_reload_time = t; 2053 /* Our printing subsystem might not be ready at smbd start up.2054 Then no printer is available till the first printers check2055 is performed. A lower initial interval circumvents this. */2056 if ( printcap_cache_time > 60 )2057 last_printer_reload_time = t - printcap_cache_time + 60;2058 else2059 last_printer_reload_time = t;2060 }2061 2062 if (mypid != getpid()) { /* First time or fork happened meanwhile */2063 /* randomize over 60 second the printcap reload to avoid all2064 * process hitting cupsd at the same time */2065 int time_range = 60;2066 2067 last_printer_reload_time += random() % time_range;2068 mypid = getpid();2069 2231 } 2070 2232 2071 2233 if (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK) { 2072 reload_services( True);2234 reload_services(sconn->msg_ctx, sconn->sock, True); 2073 2235 last_smb_conf_reload_time = t; 2074 2236 } 2075 2076 /* 'printcap cache time = 0' disable the feature */ 2077 2078 if ( printcap_cache_time != 0 ) 2079 { 2080 /* see if it's time to reload or if the clock has been set back */ 2081 2082 if ( (t >= last_printer_reload_time+printcap_cache_time) 2083 || (t-last_printer_reload_time < 0) ) 2084 { 2085 DEBUG( 3,( "Printcap cache time expired.\n")); 2086 pcap_cache_reload(&reload_printers); 2087 last_printer_reload_time = t; 2088 } 2089 } 2237 } 2238 2239 static bool fd_is_readable(int fd) 2240 { 2241 int ret, revents; 2242 2243 ret = poll_one_fd(fd, POLLIN|POLLHUP, 0, &revents); 2244 2245 return ((ret > 0) && ((revents & (POLLIN|POLLHUP|POLLERR)) != 0)); 2246 2090 2247 } 2091 2248 … … 2095 2252 } 2096 2253 2097 static void smbd_server_connection_read_handler(struct smbd_server_connection *conn) 2254 static void smbd_server_connection_read_handler( 2255 struct smbd_server_connection *conn, int fd) 2098 2256 { 2099 2257 uint8_t *inbuf = NULL; … … 2105 2263 uint32_t seqnum; 2106 2264 2107 /* TODO: make this completely nonblocking */ 2108 2109 status = receive_smb_talloc(mem_ctx, smbd_server_fd(), 2110 (char **)(void *)&inbuf, 2111 0, /* timeout */ 2112 &unread_bytes, 2113 &encrypted, 2114 &inbuf_len, &seqnum); 2265 bool from_client = (conn->sock == fd); 2266 2267 if (from_client) { 2268 smbd_lock_socket(conn); 2269 2270 if (lp_async_smb_echo_handler() && !fd_is_readable(fd)) { 2271 DEBUG(10,("the echo listener was faster\n")); 2272 smbd_unlock_socket(conn); 2273 return; 2274 } 2275 2276 /* TODO: make this completely nonblocking */ 2277 status = receive_smb_talloc(mem_ctx, conn, fd, 2278 (char **)(void *)&inbuf, 2279 0, /* timeout */ 2280 &unread_bytes, 2281 &encrypted, 2282 &inbuf_len, &seqnum, 2283 false /* trusted channel */); 2284 smbd_unlock_socket(conn); 2285 } else { 2286 /* TODO: make this completely nonblocking */ 2287 status = receive_smb_talloc(mem_ctx, conn, fd, 2288 (char **)(void *)&inbuf, 2289 0, /* timeout */ 2290 &unread_bytes, 2291 &encrypted, 2292 &inbuf_len, &seqnum, 2293 true /* trusted channel */); 2294 } 2295 2115 2296 if (NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) { 2116 2297 goto process; … … 2138 2319 if (flags & EVENT_FD_WRITE) { 2139 2320 smbd_server_connection_write_handler(conn); 2140 } else if (flags & EVENT_FD_READ) { 2141 smbd_server_connection_read_handler(conn); 2142 } 2143 } 2144 2321 return; 2322 } 2323 if (flags & EVENT_FD_READ) { 2324 smbd_server_connection_read_handler(conn, conn->sock); 2325 return; 2326 } 2327 } 2328 2329 static void smbd_server_echo_handler(struct event_context *ev, 2330 struct fd_event *fde, 2331 uint16_t flags, 2332 void *private_data) 2333 { 2334 struct smbd_server_connection *conn = talloc_get_type(private_data, 2335 struct smbd_server_connection); 2336 2337 if (flags & EVENT_FD_WRITE) { 2338 smbd_server_connection_write_handler(conn); 2339 return; 2340 } 2341 if (flags & EVENT_FD_READ) { 2342 smbd_server_connection_read_handler( 2343 conn, conn->smb1.echo_handler.trusted_fd); 2344 return; 2345 } 2346 } 2145 2347 2146 2348 /**************************************************************************** … … 2149 2351 static void release_ip(const char *ip, void *priv) 2150 2352 { 2151 char addr[INET6_ADDRSTRLEN]; 2152 char *p = addr; 2153 2154 client_socket_addr(get_client_fd(),addr,sizeof(addr)); 2353 const char *addr = (const char *)priv; 2354 const char *p = addr; 2155 2355 2156 2356 if (strncmp("::ffff:", addr, 7) == 0) { 2157 2357 p = addr + 7; 2158 2358 } 2359 2360 DEBUG(10, ("Got release IP message for %s, " 2361 "our address is %s\n", ip, p)); 2159 2362 2160 2363 if ((strcmp(p, ip) == 0) || ((p != addr) && strcmp(addr, ip) == 0)) { … … 2175 2378 uint32_t msg_type, struct server_id server_id, DATA_BLOB *data) 2176 2379 { 2177 release_ip((char *)data->data, NULL); 2380 struct smbd_server_connection *sconn = talloc_get_type_abort( 2381 private_data, struct smbd_server_connection); 2382 2383 release_ip((char *)data->data, sconn->client_id.addr); 2178 2384 } 2179 2385 2180 2386 #ifdef CLUSTER_SUPPORT 2181 static int client_get_tcp_info( struct sockaddr_storage *server,2387 static int client_get_tcp_info(int sock, struct sockaddr_storage *server, 2182 2388 struct sockaddr_storage *client) 2183 2389 { 2184 2390 socklen_t length; 2185 if (server_fd == -1) { 2391 length = sizeof(*server); 2392 if (getsockname(sock, (struct sockaddr *)server, &length) != 0) { 2186 2393 return -1; 2187 2394 } 2188 length = sizeof(*server);2189 if (getsockname(server_fd, (struct sockaddr *)server, &length) != 0) {2190 return -1;2191 }2192 2395 length = sizeof(*client); 2193 if (getpeername(s erver_fd, (struct sockaddr *)client, &length) != 0) {2396 if (getpeername(sock, (struct sockaddr *)client, &length) != 0) { 2194 2397 return -1; 2195 2398 } … … 2203 2406 static bool keepalive_fn(const struct timeval *now, void *private_data) 2204 2407 { 2205 if (!send_keepalive(smbd_server_fd())) { 2206 DEBUG( 2, ( "Keepalive failed - exiting.\n" ) ); 2408 struct smbd_server_connection *sconn = smbd_server_conn; 2409 bool ret; 2410 2411 if (sconn->using_smb2) { 2412 /* Don't do keepalives on an SMB2 connection. */ 2413 return false; 2414 } 2415 2416 smbd_lock_socket(smbd_server_conn); 2417 ret = send_keepalive(sconn->sock); 2418 smbd_unlock_socket(smbd_server_conn); 2419 2420 if (!ret) { 2421 char addr[INET6_ADDRSTRLEN]; 2422 /* 2423 * Try and give an error message saying what 2424 * client failed. 2425 */ 2426 DEBUG(0, ("send_keepalive failed for client %s. " 2427 "Error %s - exiting\n", 2428 get_peer_addr(sconn->sock, addr, sizeof(addr)), 2429 strerror(errno))); 2207 2430 return False; 2208 2431 } … … 2215 2438 static bool deadtime_fn(const struct timeval *now, void *private_data) 2216 2439 { 2217 struct smbd_server_connection *sconn = smbd_server_conn; 2440 struct smbd_server_connection *sconn = 2441 (struct smbd_server_connection *)private_data; 2442 2218 2443 if ((conn_num_open(sconn) == 0) 2219 2444 || (conn_idle_all(sconn, now->tv_sec))) { 2220 2445 DEBUG( 2, ( "Closing idle connection\n" ) ); 2221 messaging_send(smbd_messaging_context(), procid_self(), 2446 messaging_send(sconn->msg_ctx, 2447 messaging_server_id(sconn->msg_ctx), 2222 2448 MSG_SHUTDOWN, &data_blob_null); 2223 2449 return False; … … 2233 2459 static bool housekeeping_fn(const struct timeval *now, void *private_data) 2234 2460 { 2461 struct smbd_server_connection *sconn = talloc_get_type_abort( 2462 private_data, struct smbd_server_connection); 2463 2464 DEBUG(5, ("housekeeping\n")); 2465 2235 2466 change_to_root_user(); 2236 2467 2237 2468 /* update printer queue caches if necessary */ 2238 update_monitored_printq_cache( );2469 update_monitored_printq_cache(sconn->msg_ctx); 2239 2470 2240 2471 /* check if we need to reload services */ 2241 check_reload( time(NULL));2472 check_reload(sconn, time_mono(NULL)); 2242 2473 2243 2474 /* Change machine password if neccessary. */ … … 2252 2483 } 2253 2484 2485 static int create_unlink_tmp(const char *dir) 2486 { 2487 char *fname; 2488 int fd; 2489 2490 fname = talloc_asprintf(talloc_tos(), "%s/listenerlock_XXXXXX", dir); 2491 if (fname == NULL) { 2492 errno = ENOMEM; 2493 return -1; 2494 } 2495 fd = mkstemp(fname); 2496 if (fd == -1) { 2497 TALLOC_FREE(fname); 2498 return -1; 2499 } 2500 if (unlink(fname) == -1) { 2501 int sys_errno = errno; 2502 close(fd); 2503 TALLOC_FREE(fname); 2504 errno = sys_errno; 2505 return -1; 2506 } 2507 TALLOC_FREE(fname); 2508 return fd; 2509 } 2510 2511 struct smbd_echo_state { 2512 struct tevent_context *ev; 2513 struct iovec *pending; 2514 struct smbd_server_connection *sconn; 2515 int parent_pipe; 2516 2517 struct tevent_fd *parent_fde; 2518 2519 struct tevent_fd *read_fde; 2520 struct tevent_req *write_req; 2521 }; 2522 2523 static void smbd_echo_writer_done(struct tevent_req *req); 2524 2525 static void smbd_echo_activate_writer(struct smbd_echo_state *state) 2526 { 2527 int num_pending; 2528 2529 if (state->write_req != NULL) { 2530 return; 2531 } 2532 2533 num_pending = talloc_array_length(state->pending); 2534 if (num_pending == 0) { 2535 return; 2536 } 2537 2538 state->write_req = writev_send(state, state->ev, NULL, 2539 state->parent_pipe, false, 2540 state->pending, num_pending); 2541 if (state->write_req == NULL) { 2542 DEBUG(1, ("writev_send failed\n")); 2543 exit(1); 2544 } 2545 2546 talloc_steal(state->write_req, state->pending); 2547 state->pending = NULL; 2548 2549 tevent_req_set_callback(state->write_req, smbd_echo_writer_done, 2550 state); 2551 } 2552 2553 static void smbd_echo_writer_done(struct tevent_req *req) 2554 { 2555 struct smbd_echo_state *state = tevent_req_callback_data( 2556 req, struct smbd_echo_state); 2557 ssize_t written; 2558 int err; 2559 2560 written = writev_recv(req, &err); 2561 TALLOC_FREE(req); 2562 state->write_req = NULL; 2563 if (written == -1) { 2564 DEBUG(1, ("writev to parent failed: %s\n", strerror(err))); 2565 exit(1); 2566 } 2567 DEBUG(10,("echo_handler[%d]: forwarded pdu to main\n", (int)sys_getpid())); 2568 smbd_echo_activate_writer(state); 2569 } 2570 2571 static bool smbd_echo_reply(uint8_t *inbuf, size_t inbuf_len, 2572 uint32_t seqnum) 2573 { 2574 struct smb_request req; 2575 uint16_t num_replies; 2576 size_t out_len; 2577 char *outbuf; 2578 bool ok; 2579 2580 if ((inbuf_len == 4) && (CVAL(inbuf, 0) == SMBkeepalive)) { 2581 DEBUG(10, ("Got netbios keepalive\n")); 2582 /* 2583 * Just swallow it 2584 */ 2585 return true; 2586 } 2587 2588 if (inbuf_len < smb_size) { 2589 DEBUG(10, ("Got short packet: %d bytes\n", (int)inbuf_len)); 2590 return false; 2591 } 2592 if (!valid_smb_header(inbuf)) { 2593 DEBUG(10, ("Got invalid SMB header\n")); 2594 return false; 2595 } 2596 2597 if (!init_smb_request(&req, smbd_server_conn, inbuf, 0, false, 2598 seqnum)) { 2599 return false; 2600 } 2601 req.inbuf = inbuf; 2602 2603 DEBUG(10, ("smbecho handler got cmd %d (%s)\n", (int)req.cmd, 2604 smb_messages[req.cmd].name 2605 ? smb_messages[req.cmd].name : "unknown")); 2606 2607 if (req.cmd != SMBecho) { 2608 return false; 2609 } 2610 if (req.wct < 1) { 2611 return false; 2612 } 2613 2614 num_replies = SVAL(req.vwv+0, 0); 2615 if (num_replies != 1) { 2616 /* Not a Windows "Hey, you're still there?" request */ 2617 return false; 2618 } 2619 2620 if (!create_outbuf(talloc_tos(), &req, (char *)req.inbuf, &outbuf, 2621 1, req.buflen)) { 2622 DEBUG(10, ("create_outbuf failed\n")); 2623 return false; 2624 } 2625 req.outbuf = (uint8_t *)outbuf; 2626 2627 SSVAL(req.outbuf, smb_vwv0, num_replies); 2628 2629 if (req.buflen > 0) { 2630 memcpy(smb_buf(req.outbuf), req.buf, req.buflen); 2631 } 2632 2633 out_len = smb_len(req.outbuf) + 4; 2634 2635 ok = srv_send_smb(req.sconn, 2636 (char *)outbuf, 2637 true, seqnum+1, 2638 false, &req.pcd); 2639 TALLOC_FREE(outbuf); 2640 if (!ok) { 2641 exit(1); 2642 } 2643 2644 return true; 2645 } 2646 2647 static void smbd_echo_exit(struct tevent_context *ev, 2648 struct tevent_fd *fde, uint16_t flags, 2649 void *private_data) 2650 { 2651 DEBUG(2, ("smbd_echo_exit: lost connection to parent\n")); 2652 exit(0); 2653 } 2654 2655 static void smbd_echo_reader(struct tevent_context *ev, 2656 struct tevent_fd *fde, uint16_t flags, 2657 void *private_data) 2658 { 2659 struct smbd_echo_state *state = talloc_get_type_abort( 2660 private_data, struct smbd_echo_state); 2661 struct smbd_server_connection *sconn = state->sconn; 2662 size_t unread, num_pending; 2663 NTSTATUS status; 2664 struct iovec *tmp; 2665 size_t iov_len; 2666 uint32_t seqnum = 0; 2667 bool reply; 2668 bool ok; 2669 bool encrypted = false; 2670 2671 smb_msleep(1000); 2672 2673 ok = smbd_lock_socket_internal(sconn); 2674 if (!ok) { 2675 DEBUG(0, ("%s: failed to lock socket\n", 2676 __location__)); 2677 exit(1); 2678 } 2679 2680 if (!fd_is_readable(sconn->sock)) { 2681 DEBUG(10,("echo_handler[%d] the parent smbd was faster\n", 2682 (int)sys_getpid())); 2683 ok = smbd_unlock_socket_internal(sconn); 2684 if (!ok) { 2685 DEBUG(1, ("%s: failed to unlock socket in\n", 2686 __location__)); 2687 exit(1); 2688 } 2689 return; 2690 } 2691 2692 num_pending = talloc_array_length(state->pending); 2693 tmp = talloc_realloc(state, state->pending, struct iovec, 2694 num_pending+1); 2695 if (tmp == NULL) { 2696 DEBUG(1, ("talloc_realloc failed\n")); 2697 exit(1); 2698 } 2699 state->pending = tmp; 2700 2701 DEBUG(10,("echo_handler[%d]: reading pdu\n", (int)sys_getpid())); 2702 2703 status = receive_smb_talloc(state->pending, sconn, sconn->sock, 2704 (char **)(void *)&state->pending[num_pending].iov_base, 2705 0 /* timeout */, 2706 &unread, 2707 &encrypted, 2708 &iov_len, 2709 &seqnum, 2710 false /* trusted_channel*/); 2711 if (!NT_STATUS_IS_OK(status)) { 2712 DEBUG(1, ("echo_handler[%d]: receive_smb_raw_talloc failed: %s\n", 2713 (int)sys_getpid(), nt_errstr(status))); 2714 exit(1); 2715 } 2716 state->pending[num_pending].iov_len = iov_len; 2717 2718 ok = smbd_unlock_socket_internal(sconn); 2719 if (!ok) { 2720 DEBUG(1, ("%s: failed to unlock socket in\n", 2721 __location__)); 2722 exit(1); 2723 } 2724 2725 reply = smbd_echo_reply((uint8_t *)state->pending[num_pending].iov_base, 2726 state->pending[num_pending].iov_len, 2727 seqnum); 2728 if (reply) { 2729 DEBUG(10,("echo_handler[%d]: replied to client\n", (int)sys_getpid())); 2730 /* no check, shrinking by some bytes does not fail */ 2731 state->pending = talloc_realloc(state, state->pending, 2732 struct iovec, 2733 num_pending); 2734 return; 2735 } 2736 2737 if (state->pending[num_pending].iov_len >= smb_size) { 2738 /* 2739 * place the seqnum in the packet so that the main process 2740 * can reply with signing 2741 */ 2742 SIVAL((uint8_t *)state->pending[num_pending].iov_base, 2743 smb_ss_field, seqnum); 2744 SIVAL((uint8_t *)state->pending[num_pending].iov_base, 2745 smb_ss_field+4, NT_STATUS_V(NT_STATUS_OK)); 2746 } 2747 2748 DEBUG(10,("echo_handler[%d]: forward to main\n", (int)sys_getpid())); 2749 smbd_echo_activate_writer(state); 2750 } 2751 2752 static void smbd_echo_loop(struct smbd_server_connection *sconn, 2753 int parent_pipe) 2754 { 2755 struct smbd_echo_state *state; 2756 2757 state = talloc_zero(sconn, struct smbd_echo_state); 2758 if (state == NULL) { 2759 DEBUG(1, ("talloc failed\n")); 2760 return; 2761 } 2762 state->sconn = sconn; 2763 state->parent_pipe = parent_pipe; 2764 state->ev = s3_tevent_context_init(state); 2765 if (state->ev == NULL) { 2766 DEBUG(1, ("tevent_context_init failed\n")); 2767 TALLOC_FREE(state); 2768 return; 2769 } 2770 state->parent_fde = tevent_add_fd(state->ev, state, parent_pipe, 2771 TEVENT_FD_READ, smbd_echo_exit, 2772 state); 2773 if (state->parent_fde == NULL) { 2774 DEBUG(1, ("tevent_add_fd failed\n")); 2775 TALLOC_FREE(state); 2776 return; 2777 } 2778 state->read_fde = tevent_add_fd(state->ev, state, sconn->sock, 2779 TEVENT_FD_READ, smbd_echo_reader, 2780 state); 2781 if (state->read_fde == NULL) { 2782 DEBUG(1, ("tevent_add_fd failed\n")); 2783 TALLOC_FREE(state); 2784 return; 2785 } 2786 2787 while (true) { 2788 if (tevent_loop_once(state->ev) == -1) { 2789 DEBUG(1, ("tevent_loop_once failed: %s\n", 2790 strerror(errno))); 2791 break; 2792 } 2793 } 2794 TALLOC_FREE(state); 2795 } 2796 2797 /* 2798 * Handle SMBecho requests in a forked child process 2799 */ 2800 static bool fork_echo_handler(struct smbd_server_connection *sconn) 2801 { 2802 int listener_pipe[2]; 2803 int res; 2804 pid_t child; 2805 2806 res = pipe(listener_pipe); 2807 if (res == -1) { 2808 DEBUG(1, ("pipe() failed: %s\n", strerror(errno))); 2809 return false; 2810 } 2811 sconn->smb1.echo_handler.socket_lock_fd = create_unlink_tmp(lp_lockdir()); 2812 if (sconn->smb1.echo_handler.socket_lock_fd == -1) { 2813 DEBUG(1, ("Could not create lock fd: %s\n", strerror(errno))); 2814 goto fail; 2815 } 2816 2817 child = sys_fork(); 2818 if (child == 0) { 2819 NTSTATUS status; 2820 2821 close(listener_pipe[0]); 2822 set_blocking(listener_pipe[1], false); 2823 2824 status = reinit_after_fork(sconn->msg_ctx, 2825 smbd_event_context(), 2826 procid_self(), false); 2827 if (!NT_STATUS_IS_OK(status)) { 2828 DEBUG(1, ("reinit_after_fork failed: %s\n", 2829 nt_errstr(status))); 2830 exit(1); 2831 } 2832 smbd_echo_loop(sconn, listener_pipe[1]); 2833 exit(0); 2834 } 2835 close(listener_pipe[1]); 2836 listener_pipe[1] = -1; 2837 sconn->smb1.echo_handler.trusted_fd = listener_pipe[0]; 2838 2839 DEBUG(10,("fork_echo_handler: main[%d] echo_child[%d]\n", (int)sys_getpid(), child)); 2840 2841 /* 2842 * Without smb signing this is the same as the normal smbd 2843 * listener. This needs to change once signing comes in. 2844 */ 2845 sconn->smb1.echo_handler.trusted_fde = event_add_fd(smbd_event_context(), 2846 sconn, 2847 sconn->smb1.echo_handler.trusted_fd, 2848 EVENT_FD_READ, 2849 smbd_server_echo_handler, 2850 sconn); 2851 if (sconn->smb1.echo_handler.trusted_fde == NULL) { 2852 DEBUG(1, ("event_add_fd failed\n")); 2853 goto fail; 2854 } 2855 2856 return true; 2857 2858 fail: 2859 if (listener_pipe[0] != -1) { 2860 close(listener_pipe[0]); 2861 } 2862 if (listener_pipe[1] != -1) { 2863 close(listener_pipe[1]); 2864 } 2865 sconn->smb1.echo_handler.trusted_fd = -1; 2866 if (sconn->smb1.echo_handler.socket_lock_fd != -1) { 2867 close(sconn->smb1.echo_handler.socket_lock_fd); 2868 } 2869 sconn->smb1.echo_handler.trusted_fd = -1; 2870 sconn->smb1.echo_handler.socket_lock_fd = -1; 2871 return false; 2872 } 2873 2874 #if CLUSTER_SUPPORT 2875 2876 static NTSTATUS smbd_register_ips(struct smbd_server_connection *sconn, 2877 struct sockaddr_storage *srv, 2878 struct sockaddr_storage *clnt) 2879 { 2880 struct ctdbd_connection *cconn; 2881 char tmp_addr[INET6_ADDRSTRLEN]; 2882 char *addr; 2883 2884 cconn = messaging_ctdbd_connection(); 2885 if (cconn == NULL) { 2886 return NT_STATUS_NO_MEMORY; 2887 } 2888 2889 client_socket_addr(sconn->sock, tmp_addr, sizeof(tmp_addr)); 2890 addr = talloc_strdup(cconn, tmp_addr); 2891 if (addr == NULL) { 2892 return NT_STATUS_NO_MEMORY; 2893 } 2894 return ctdbd_register_ips(cconn, srv, clnt, release_ip, addr); 2895 } 2896 2897 #endif 2898 2254 2899 /**************************************************************************** 2255 2900 Process commands from the client 2256 2901 ****************************************************************************/ 2257 2902 2258 void smbd_process( void)2903 void smbd_process(struct smbd_server_connection *sconn) 2259 2904 { 2260 2905 TALLOC_CTX *frame = talloc_stackframe(); 2261 char remaddr[INET6_ADDRSTRLEN]; 2906 struct sockaddr_storage ss; 2907 struct sockaddr *sa = NULL; 2908 socklen_t sa_socklen; 2909 struct tsocket_address *local_address = NULL; 2910 struct tsocket_address *remote_address = NULL; 2911 const char *remaddr = NULL; 2912 int ret; 2262 2913 2263 2914 if (lp_maxprotocol() == PROTOCOL_SMB2 && 2264 lp_security() != SEC_SHARE) { 2265 smbd_server_conn->allow_smb2 = true; 2915 !lp_async_smb_echo_handler()) { 2916 /* 2917 * We're not making the decision here, 2918 * we're just allowing the client 2919 * to decide between SMB1 and SMB2 2920 * with the first negprot 2921 * packet. 2922 */ 2923 sconn->using_smb2 = true; 2266 2924 } 2267 2925 2268 2926 /* Ensure child is set to blocking mode */ 2269 set_blocking(smbd_server_fd(),True); 2270 2271 set_socket_options(smbd_server_fd(),"SO_KEEPALIVE"); 2272 set_socket_options(smbd_server_fd(), lp_socket_options()); 2927 set_blocking(sconn->sock,True); 2928 2929 set_socket_options(sconn->sock, "SO_KEEPALIVE"); 2930 set_socket_options(sconn->sock, lp_socket_options()); 2931 2932 sa = (struct sockaddr *)(void *)&ss; 2933 sa_socklen = sizeof(ss); 2934 ret = getpeername(sconn->sock, sa, &sa_socklen); 2935 if (ret != 0) { 2936 int level = (errno == ENOTCONN)?2:0; 2937 DEBUG(level,("getpeername() failed - %s\n", strerror(errno))); 2938 exit_server_cleanly("getpeername() failed.\n"); 2939 } 2940 ret = tsocket_address_bsd_from_sockaddr(sconn, 2941 sa, sa_socklen, 2942 &remote_address); 2943 if (ret != 0) { 2944 DEBUG(0,("%s: tsocket_address_bsd_from_sockaddr remote failed - %s\n", 2945 __location__, strerror(errno))); 2946 exit_server_cleanly("tsocket_address_bsd_from_sockaddr remote failed.\n"); 2947 } 2948 2949 sa = (struct sockaddr *)(void *)&ss; 2950 sa_socklen = sizeof(ss); 2951 ret = getsockname(sconn->sock, sa, &sa_socklen); 2952 if (ret != 0) { 2953 int level = (errno == ENOTCONN)?2:0; 2954 DEBUG(level,("getsockname() failed - %s\n", strerror(errno))); 2955 exit_server_cleanly("getsockname() failed.\n"); 2956 } 2957 ret = tsocket_address_bsd_from_sockaddr(sconn, 2958 sa, sa_socklen, 2959 &local_address); 2960 if (ret != 0) { 2961 DEBUG(0,("%s: tsocket_address_bsd_from_sockaddr remote failed - %s\n", 2962 __location__, strerror(errno))); 2963 exit_server_cleanly("tsocket_address_bsd_from_sockaddr remote failed.\n"); 2964 } 2965 2966 sconn->local_address = local_address; 2967 sconn->remote_address = remote_address; 2968 2969 if (tsocket_address_is_inet(remote_address, "ip")) { 2970 remaddr = tsocket_address_inet_addr_string( 2971 sconn->remote_address, 2972 talloc_tos()); 2973 if (remaddr == NULL) { 2974 2975 } 2976 } else { 2977 remaddr = "0.0.0.0"; 2978 } 2273 2979 2274 2980 /* this is needed so that we get decent entries 2275 2981 in smbstatus for port 445 connects */ 2276 set_remote_machine_name(get_peer_addr(smbd_server_fd(), 2277 remaddr, 2278 sizeof(remaddr)), 2279 false); 2280 reload_services(true); 2982 set_remote_machine_name(remaddr, false); 2983 reload_services(sconn->msg_ctx, sconn->sock, true); 2281 2984 2282 2985 /* … … 2287 2990 */ 2288 2991 2289 if (!check_access(smbd_server_fd(), lp_hostsallow(-1), 2290 lp_hostsdeny(-1))) { 2291 char addr[INET6_ADDRSTRLEN]; 2292 2992 if (!allow_access(lp_hostsdeny(-1), lp_hostsallow(-1), 2993 sconn->client_id.name, 2994 sconn->client_id.addr)) { 2293 2995 /* 2294 2996 * send a negative session response "not listening on calling … … 2296 2998 */ 2297 2999 unsigned char buf[5] = {0x83, 0, 0, 1, 0x81}; 2298 DEBUG( 1, ("Connection denied from %s\n", 2299 client_addr(get_client_fd(),addr,sizeof(addr)) ) ); 2300 (void)srv_send_smb(smbd_server_fd(),(char *)buf, false, 3000 DEBUG( 1, ("Connection denied from %s to %s\n", 3001 tsocket_address_string(remote_address, talloc_tos()), 3002 tsocket_address_string(local_address, talloc_tos()))); 3003 (void)srv_send_smb(sconn,(char *)buf, false, 2301 3004 0, false, NULL); 2302 3005 exit_server_cleanly("connection denied"); 2303 3006 } 2304 3007 2305 static_init_rpc; 3008 DEBUG(10, ("Connection allowed from %s to %s\n", 3009 tsocket_address_string(remote_address, talloc_tos()), 3010 tsocket_address_string(local_address, talloc_tos()))); 2306 3011 2307 3012 init_modules(); … … 2325 3030 } 2326 3031 2327 if (!srv_init_signing(s mbd_server_conn)) {3032 if (!srv_init_signing(sconn)) { 2328 3033 exit_server("Failed to init smb_signing"); 2329 3034 } 2330 3035 3036 if (lp_async_smb_echo_handler() && !fork_echo_handler(sconn)) { 3037 exit_server("Failed to fork echo handler"); 3038 } 3039 2331 3040 /* Setup oplocks */ 2332 if (!init_oplocks(s mbd_messaging_context()))3041 if (!init_oplocks(sconn->msg_ctx)) 2333 3042 exit_server("Failed to init oplocks"); 2334 3043 2335 /* Setup aio signal handler. */2336 initialize_async_io_handler();2337 2338 3044 /* register our message handlers */ 2339 messaging_register(s mbd_messaging_context(), NULL,3045 messaging_register(sconn->msg_ctx, NULL, 2340 3046 MSG_SMB_FORCE_TDIS, msg_force_tdis); 2341 messaging_register(s mbd_messaging_context(), NULL,3047 messaging_register(sconn->msg_ctx, sconn, 2342 3048 MSG_SMB_RELEASE_IP, msg_release_ip); 2343 messaging_register(s mbd_messaging_context(), NULL,3049 messaging_register(sconn->msg_ctx, NULL, 2344 3050 MSG_SMB_CLOSE_FILE, msg_close_file); 2345 3051 … … 2348 3054 * MSGs to all child processes 2349 3055 */ 2350 messaging_deregister(s mbd_messaging_context(),3056 messaging_deregister(sconn->msg_ctx, 2351 3057 MSG_DEBUG, NULL); 2352 messaging_register(s mbd_messaging_context(), NULL,3058 messaging_register(sconn->msg_ctx, NULL, 2353 3059 MSG_DEBUG, debug_message); 2354 3060 … … 2364 3070 if (!(event_add_idle(smbd_event_context(), NULL, 2365 3071 timeval_set(IDLE_CLOSED_TIMEOUT, 0), 2366 "deadtime", deadtime_fn, NULL))) {3072 "deadtime", deadtime_fn, sconn))) { 2367 3073 DEBUG(0, ("Could not add deadtime event\n")); 2368 3074 exit(1); … … 2371 3077 if (!(event_add_idle(smbd_event_context(), NULL, 2372 3078 timeval_set(SMBD_HOUSEKEEPING_INTERVAL, 0), 2373 "housekeeping", housekeeping_fn, NULL))) {3079 "housekeeping", housekeeping_fn, sconn))) { 2374 3080 DEBUG(0, ("Could not add housekeeping event\n")); 2375 3081 exit(1); … … 2388 3094 struct sockaddr_storage srv, clnt; 2389 3095 2390 if (client_get_tcp_info(&srv, &clnt) == 0) { 2391 3096 if (client_get_tcp_info(sconn->sock, &srv, &clnt) == 0) { 2392 3097 NTSTATUS status; 2393 2394 status = ctdbd_register_ips( 2395 messaging_ctdbd_connection(), 2396 &srv, &clnt, release_ip, NULL); 2397 3098 status = smbd_register_ips(sconn, &srv, &clnt); 2398 3099 if (!NT_STATUS_IS_OK(status)) { 2399 3100 DEBUG(0, ("ctdbd_register_ips failed: %s\n", … … 2410 3111 #endif 2411 3112 2412 s mbd_server_conn->nbt.got_session = false;2413 2414 s mbd_server_conn->smb1.negprot.max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);2415 2416 s mbd_server_conn->smb1.sessions.done_sesssetup = false;2417 s mbd_server_conn->smb1.sessions.max_send = BUFFER_SIZE;2418 s mbd_server_conn->smb1.sessions.last_session_tag = UID_FIELD_INVALID;3113 sconn->nbt.got_session = false; 3114 3115 sconn->smb1.negprot.max_recv = MIN(lp_maxxmit(),BUFFER_SIZE); 3116 3117 sconn->smb1.sessions.done_sesssetup = false; 3118 sconn->smb1.sessions.max_send = BUFFER_SIZE; 3119 sconn->smb1.sessions.last_session_tag = UID_FIELD_INVALID; 2419 3120 /* users from session setup */ 2420 s mbd_server_conn->smb1.sessions.session_userlist = NULL;3121 sconn->smb1.sessions.session_userlist = NULL; 2421 3122 /* workgroup from session setup. */ 2422 s mbd_server_conn->smb1.sessions.session_workgroup = NULL;3123 sconn->smb1.sessions.session_workgroup = NULL; 2423 3124 /* this holds info on user ids that are already validated for this VC */ 2424 smbd_server_conn->smb1.sessions.validated_users = NULL; 2425 smbd_server_conn->smb1.sessions.next_vuid = VUID_OFFSET; 2426 smbd_server_conn->smb1.sessions.num_validated_vuids = 0; 2427 #ifdef HAVE_NETGROUP 2428 smbd_server_conn->smb1.sessions.my_yp_domain = NULL; 2429 #endif 2430 2431 conn_init(smbd_server_conn); 2432 if (!init_dptrs(smbd_server_conn)) { 3125 sconn->smb1.sessions.validated_users = NULL; 3126 sconn->smb1.sessions.next_vuid = VUID_OFFSET; 3127 sconn->smb1.sessions.num_validated_vuids = 0; 3128 3129 conn_init(sconn); 3130 if (!init_dptrs(sconn)) { 2433 3131 exit_server("init_dptrs() failed"); 2434 3132 } 2435 3133 2436 s mbd_server_conn->smb1.fde = event_add_fd(smbd_event_context(),2437 s mbd_server_conn,2438 s mbd_server_fd(),3134 sconn->smb1.fde = event_add_fd(smbd_event_context(), 3135 sconn, 3136 sconn->sock, 2439 3137 EVENT_FD_READ, 2440 3138 smbd_server_connection_handler, 2441 s mbd_server_conn);2442 if (!s mbd_server_conn->smb1.fde) {3139 sconn); 3140 if (!sconn->smb1.fde) { 2443 3141 exit_server("failed to create smbd_server_connection fde"); 2444 3142 } … … 2453 3151 errno = 0; 2454 3152 2455 status = smbd_server_connection_loop_once(s mbd_server_conn);3153 status = smbd_server_connection_loop_once(sconn); 2456 3154 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY) && 2457 3155 !NT_STATUS_IS_OK(status)) {
Note:
See TracChangeset
for help on using the changeset viewer.
