extern int global_oplock_break;
extern userdom_struct current_user_info;
extern int smb_read_error;
-SIG_ATOMIC_T reload_after_sighup;
-SIG_ATOMIC_T got_sig_term;
+SIG_ATOMIC_T reload_after_sighup = 0;
+SIG_ATOMIC_T got_sig_term = 0;
extern BOOL global_machine_password_needs_changing;
extern fstring global_myworkgroup;
extern pstring global_myname;
Returns False on timeout or error.
Else returns True.
-The timeout is in milli seconds
+The timeout is in milliseconds
****************************************************************************/
static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout)
functions. Any message that has a NULL function is unimplemented -
please feel free to contribute implementations!
*/
-static struct smb_message_struct
+const static struct smb_message_struct
{
- char *name;
+ const char *name;
int (*fn)(connection_struct *conn, char *, char *, int, int);
int flags;
}
/* 0x22 */ { "SMBsetattrE",reply_setattrE,AS_USER | NEED_WRITE },
/* 0x23 */ { "SMBgetattrE",reply_getattrE,AS_USER },
/* 0x24 */ { "SMBlockingX",reply_lockingX,AS_USER },
-/* 0x25 */ { "SMBtrans",reply_trans,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK},
+/* 0x25 */ { "SMBtrans",reply_trans,AS_USER | CAN_IPC },
/* 0x26 */ { "SMBtranss",NULL,AS_USER | CAN_IPC},
/* 0x27 */ { "SMBioctl",reply_ioctl,0},
/* 0x28 */ { "SMBioctls",NULL,AS_USER},
/* 0x2f */ { "SMBwriteX",reply_write_and_X,AS_USER | CAN_IPC },
/* 0x30 */ { NULL, NULL, 0 },
/* 0x31 */ { NULL, NULL, 0 },
-/* 0x32 */ { "SMBtrans2", reply_trans2, AS_USER | QUEUE_IN_OPLOCK | CAN_IPC },
+/* 0x32 */ { "SMBtrans2", reply_trans2, AS_USER | CAN_IPC },
/* 0x33 */ { "SMBtranss2", reply_transs2, AS_USER},
/* 0x34 */ { "SMBfindclose", reply_findclose,AS_USER},
/* 0x35 */ { "SMBfindnclose", reply_findnclose, AS_USER},
};
/*******************************************************************
-dump a prs to a file
- ********************************************************************/
-static void smb_dump(char *name, int type, char *data, ssize_t len)
+ Dump a packet to a file.
+********************************************************************/
+
+static void smb_dump(const char *name, int type, char *data, ssize_t len)
{
int fd, i;
pstring fname;
/****************************************************************************
-do a switch on the message type, and return the response size
+ Do a switch on the message type, and return the response size
****************************************************************************/
+
static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize)
{
- static pid_t pid= (pid_t)-1;
- int outsize = 0;
- extern uint16 global_smbpid;
-
- type &= 0xff;
+ static pid_t pid= (pid_t)-1;
+ int outsize = 0;
+ extern uint16 global_smbpid;
- if (pid == (pid_t)-1)
- pid = sys_getpid();
-
- errno = 0;
- last_message = type;
-
- /* make sure this is an SMB packet */
- if (strncmp(smb_base(inbuf),"\377SMB",4) != 0)
- {
- DEBUG(2,("Non-SMB packet of length %d\n",smb_len(inbuf)));
- return(-1);
- }
+ type &= 0xff;
- /* yuck! this is an interim measure before we get rid of our
- current inbuf/outbuf system */
- global_smbpid = SVAL(inbuf,smb_pid);
+ if (pid == (pid_t)-1)
+ pid = sys_getpid();
- if (smb_messages[type].fn == NULL)
- {
- DEBUG(0,("Unknown message type %d!\n",type));
- smb_dump("Unknown", 1, inbuf, size);
- outsize = reply_unknown(inbuf,outbuf);
- }
- else
- {
- int flags = smb_messages[type].flags;
- static uint16 last_session_tag = UID_FIELD_INVALID;
- /* In share mode security we must ignore the vuid. */
- uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
- connection_struct *conn = conn_find(SVAL(inbuf,smb_tid));
+ errno = 0;
+ last_message = type;
- DEBUG(3,("switch message %s (pid %d)\n",smb_fn_name(type),(int)pid));
+ /* Make sure this is an SMB packet. smb_size contains NetBIOS header so subtract 4 from it. */
+ if ((strncmp(smb_base(inbuf),"\377SMB",4) != 0) || (size < (smb_size - 4))) {
+ DEBUG(2,("Non-SMB packet of length %d. Terminating server\n",smb_len(inbuf)));
+ exit_server("Non-SMB packet");
+ return(-1);
+ }
- smb_dump(smb_fn_name(type), 1, inbuf, size);
- if(global_oplock_break)
- {
- if(flags & QUEUE_IN_OPLOCK)
- {
- /*
- * Queue this message as we are the process of an oplock break.
- */
-
- DEBUG( 2, ( "switch_message: queueing message due to being in " ) );
- DEBUGADD( 2, ( "oplock break state.\n" ) );
-
- push_oplock_pending_smb_message( inbuf, size );
- return -1;
- }
- }
+ /* yuck! this is an interim measure before we get rid of our
+ current inbuf/outbuf system */
+ global_smbpid = SVAL(inbuf,smb_pid);
+
+ if (smb_messages[type].fn == NULL) {
+ DEBUG(0,("Unknown message type %d!\n",type));
+ smb_dump("Unknown", 1, inbuf, size);
+ outsize = reply_unknown(inbuf,outbuf);
+ } else {
+ int flags = smb_messages[type].flags;
+ static uint16 last_session_tag = UID_FIELD_INVALID;
+ /* In share mode security we must ignore the vuid. */
+ uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
+ connection_struct *conn = conn_find(SVAL(inbuf,smb_tid));
+
+ DEBUG(3,("switch message %s (pid %d)\n",smb_fn_name(type),(int)pid));
+
+ smb_dump(smb_fn_name(type), 1, inbuf, size);
+ if(global_oplock_break) {
+ if(flags & QUEUE_IN_OPLOCK) {
+ /*
+ * Queue this message as we are the process of an oplock break.
+ */
+
+ DEBUG( 2, ( "switch_message: queueing message due to being in " ) );
+ DEBUGADD( 2, ( "oplock break state.\n" ) );
+
+ push_oplock_pending_smb_message( inbuf, size );
+ return -1;
+ }
+ }
- /* Ensure this value is replaced in the incoming packet. */
- SSVAL(inbuf,smb_uid,session_tag);
+ /* Ensure this value is replaced in the incoming packet. */
+ SSVAL(inbuf,smb_uid,session_tag);
- /*
- * Ensure the correct username is in current_user_info.
- * This is a really ugly bugfix for problems with
- * multiple session_setup_and_X's being done and
- * allowing %U and %G substitutions to work correctly.
- * There is a reason this code is done here, don't
- * move it unless you know what you're doing... :-).
- * JRA.
- */
+ /*
+ * Ensure the correct username is in current_user_info.
+ * This is a really ugly bugfix for problems with
+ * multiple session_setup_and_X's being done and
+ * allowing %U and %G substitutions to work correctly.
+ * There is a reason this code is done here, don't
+ * move it unless you know what you're doing... :-).
+ * JRA.
+ */
- if (session_tag != last_session_tag) {
- user_struct *vuser = NULL;
+ if (session_tag != last_session_tag) {
+ user_struct *vuser = NULL;
- last_session_tag = session_tag;
- if(session_tag != UID_FIELD_INVALID)
- vuser = get_valid_user_struct(session_tag);
- if(vuser != NULL)
- current_user_info = vuser->user;
- }
+ last_session_tag = session_tag;
+ if(session_tag != UID_FIELD_INVALID)
+ vuser = get_valid_user_struct(session_tag);
+ if(vuser != NULL)
+ current_user_info = vuser->user;
+ }
- /* does this protocol need to be run as root? */
- if (!(flags & AS_USER))
- change_to_root_user();
+ /* does this protocol need to be run as root? */
+ if (!(flags & AS_USER))
+ change_to_root_user();
- /* does this protocol need a valid tree connection? */
- if ((flags & AS_USER) && !conn) {
- return ERROR_DOS(ERRSRV, ERRinvnid);
- }
+ /* does this protocol need a valid tree connection? */
+ if ((flags & AS_USER) && !conn)
+ return ERROR_DOS(ERRSRV, ERRinvnid);
- /* does this protocol need to be run as the connected user? */
- if ((flags & AS_USER) && !change_to_user(conn,session_tag)) {
- if (flags & AS_GUEST)
- flags &= ~AS_USER;
- else
- return(ERROR_DOS(ERRSRV,ERRaccess));
- }
+ /* does this protocol need to be run as the connected user? */
+ if ((flags & AS_USER) && !change_to_user(conn,session_tag)) {
+ if (flags & AS_GUEST)
+ flags &= ~AS_USER;
+ else
+ return(ERROR_DOS(ERRSRV,ERRaccess));
+ }
- /* this code is to work around a bug is MS client 3 without
- introducing a security hole - it needs to be able to do
- print queue checks as guest if it isn't logged in properly */
- if (flags & AS_USER)
- flags &= ~AS_GUEST;
+ /* this code is to work around a bug is MS client 3 without
+ introducing a security hole - it needs to be able to do
+ print queue checks as guest if it isn't logged in properly */
+ if (flags & AS_USER)
+ flags &= ~AS_GUEST;
- /* does it need write permission? */
- if ((flags & NEED_WRITE) && !CAN_WRITE(conn))
- return(ERROR_DOS(ERRSRV,ERRaccess));
+ /* does it need write permission? */
+ if ((flags & NEED_WRITE) && !CAN_WRITE(conn))
+ return(ERROR_DOS(ERRSRV,ERRaccess));
- /* ipc services are limited */
- if (IS_IPC(conn) && (flags & AS_USER) && !(flags & CAN_IPC)) {
- return(ERROR_DOS(ERRSRV,ERRaccess));
- }
+ /* ipc services are limited */
+ if (IS_IPC(conn) && (flags & AS_USER) && !(flags & CAN_IPC))
+ return(ERROR_DOS(ERRSRV,ERRaccess));
- /* load service specific parameters */
- if (conn && !set_current_service(conn,(flags & AS_USER)?True:False)) {
- return(ERROR_DOS(ERRSRV,ERRaccess));
- }
+ /* load service specific parameters */
+ if (conn && !set_current_service(conn,(flags & AS_USER)?True:False))
+ return(ERROR_DOS(ERRSRV,ERRaccess));
- /* does this protocol need to be run as guest? */
- if ((flags & AS_GUEST) &&
- (!change_to_guest() ||
- !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1)))) {
- return(ERROR_DOS(ERRSRV,ERRaccess));
- }
+ /* does this protocol need to be run as guest? */
+ if ((flags & AS_GUEST) && (!change_to_guest() ||
+ !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))))
+ return(ERROR_DOS(ERRSRV,ERRaccess));
- last_inbuf = inbuf;
+ last_inbuf = inbuf;
- outsize = smb_messages[type].fn(conn, inbuf,outbuf,size,bufsize);
- }
+ outsize = smb_messages[type].fn(conn, inbuf,outbuf,size,bufsize);
+ }
- smb_dump(smb_fn_name(type), 0, outbuf, outsize);
+ smb_dump(smb_fn_name(type), 0, outbuf, outsize);
- return(outsize);
+ return(outsize);
}
/****************************************************************************
- construct a reply to the incoming packet
+ Construct a reply to the incoming packet.
****************************************************************************/
+
static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
{
- int type = CVAL(inbuf,smb_com);
- int outsize = 0;
- int msg_type = CVAL(inbuf,0);
+ int type = CVAL(inbuf,smb_com);
+ int outsize = 0;
+ int msg_type = CVAL(inbuf,0);
- GetTimeOfDay(&smb_last_time);
+ GetTimeOfDay(&smb_last_time);
- chain_size = 0;
- file_chain_reset();
- reset_chain_p();
+ chain_size = 0;
+ file_chain_reset();
+ reset_chain_p();
- if (msg_type != 0)
- return(reply_special(inbuf,outbuf));
+ if (msg_type != 0)
+ return(reply_special(inbuf,outbuf));
- construct_reply_common(inbuf, outbuf);
+ construct_reply_common(inbuf, outbuf);
- outsize = switch_message(type,inbuf,outbuf,size,bufsize);
+ outsize = switch_message(type,inbuf,outbuf,size,bufsize);
- outsize += chain_size;
+ outsize += chain_size;
- if(outsize > 4)
- smb_setlen(outbuf,outsize - 4);
- return(outsize);
+ if(outsize > 4)
+ smb_setlen(outbuf,outsize - 4);
+ return(outsize);
}
/****************************************************************************
- Keep track of the number of running smbd's. This functionality is used to
- 'hard' limit Samba overhead on resource constrained systems.
+ Keep track of the number of running smbd's. This functionality is used to
+ 'hard' limit Samba overhead on resource constrained systems.
****************************************************************************/
+
static BOOL smbd_process_limit(void)
{
int32 total_smbds;
/****************************************************************************
return a string containing the function name of a SMB command
****************************************************************************/
-char *smb_fn_name(int type)
+const char *smb_fn_name(int type)
{
static char *unknown_name = "SMBunknown";
int select_timeout;
int t;
- /*
- * Increase the select timeout back to SMBD_SELECT_TIMEOUT if we
- * have removed any blocking locks. JRA.
- */
-
- select_timeout = blocking_locks_pending() ? SMBD_SELECT_TIMEOUT_WITH_PENDING_LOCKS*1000 :
- SMBD_SELECT_TIMEOUT*1000;
+ select_timeout = blocking_locks_timeout(SMBD_SELECT_TIMEOUT);
+ select_timeout *= 1000;
t = change_notify_timeout();
- if (t != -1) select_timeout = MIN(select_timeout, t*1000);
+ if (t != -1)
+ select_timeout = MIN(select_timeout, t*1000);
+
+ if (print_notify_messages_pending())
+ select_timeout = MIN(select_timeout, 1000);
return select_timeout;
}
* First, open the machine password file with an exclusive lock.
*/
+ if (secrets_lock_trust_account_password(global_myworkgroup, True) == False) {
+ DEBUG(0,("process: unable to lock the machine account password for \
+machine %s in domain %s.\n", global_myname, global_myworkgroup ));
+ return True;
+ }
+
if(!secrets_fetch_trust_account_password(global_myworkgroup, trust_passwd_hash, &lct)) {
DEBUG(0,("process: unable to read the machine account password for \
machine %s in domain %s.\n", global_myname, global_myworkgroup ));
+ secrets_lock_trust_account_password(global_myworkgroup, False);
return True;
}
if(t < lct + lp_machine_password_timeout()) {
global_machine_password_needs_changing = False;
+ secrets_lock_trust_account_password(global_myworkgroup, False);
return True;
}
change_trust_account_password( global_myworkgroup, remote_machine_list);
global_machine_password_needs_changing = False;
+ secrets_lock_trust_account_password(global_myworkgroup, False);
}
/*
force_check_log_size();
check_log_size();
+ /* Send any queued printer notify message to interested smbd's. */
+
+ print_notify_send_messages();
+
/*
* Modify the select timeout depending upon
* what we have remaining in our queues.
max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
- /* re-initialise the timezone */
- TimeInit();
-
- /* register our message handlers */
- message_register(MSG_SMB_FORCE_TDIS, msg_force_tdis);
- talloc_init_named("dummy!");
-
while (True) {
int deadtime = lp_deadtime()*60;
int select_timeout = setup_select_timeout();
git.samba.org / abartlet / samba.git / .git / blobdiff