2 Unix SMB/Netbios implementation.
4 Main SMB server routines
5 Copyright (C) Andrew Tridgell 1992-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 pstring servicesf = CONFIGFILE;
26 extern pstring debugf;
27 extern pstring sesssetup_user;
28 extern fstring global_myworkgroup;
29 extern pstring global_myname;
31 char *InBuffer = NULL;
32 char *OutBuffer = NULL;
33 char *last_inbuf = NULL;
38 /* the last message the was processed */
39 int last_message = -1;
41 /* a useful macro to debug the last message processed */
42 #define LAST_MESSAGE() smb_fn_name(last_message)
45 extern int DEBUGLEVEL;
46 extern int case_default;
47 extern BOOL case_sensitive;
48 extern BOOL case_preserve;
49 extern BOOL use_mangled_map;
50 extern BOOL short_case_preserve;
51 extern BOOL case_mangle;
52 time_t smb_last_time=(time_t)0;
53 extern BOOL global_machine_pasword_needs_changing;
55 extern int smb_read_error;
57 extern pstring user_socket_options;
60 extern int dcelogin_atmost_once;
64 * This is set on startup - it defines the SID for this
67 extern DOM_SID global_machine_sid;
69 connection_struct Connections[MAX_CONNECTIONS];
70 files_struct Files[MAX_OPEN_FILES];
73 * Indirection for file fd's. Needed as POSIX locking
74 * is based on file/process, not fd/process.
76 file_fd_struct FileFd[MAX_OPEN_FILES];
77 int max_file_fd_used = 0;
82 * Size of data we can send to client. Set
83 * by the client for all protocols above CORE.
84 * Set by us for CORE protocol.
86 int max_send = BUFFER_SIZE;
88 * Size of the data we can receive. Set by us.
89 * Can be modified by the max xmit parameter.
91 int max_recv = BUFFER_SIZE;
93 /* a fnum to use when chaining */
96 /* number of open connections */
97 static int num_connections_open = 0;
99 /* Oplock ipc UDP socket. */
100 int oplock_sock = -1;
101 uint16 oplock_port = 0;
102 /* Current number of oplocks we have outstanding. */
103 int32 global_oplocks_open = 0;
105 BOOL global_oplock_break = False;
107 extern fstring remote_machine;
109 extern pstring OriginalDir;
111 /* these can be set by some functions to override the error codes */
112 int unix_ERR_class=SMB_SUCCESS;
116 extern int extra_time_offset;
118 extern pstring myhostname;
120 static int find_free_connection(int hash);
122 /* for readability... */
123 #define IS_DOS_READONLY(test_mode) (((test_mode) & aRONLY) != 0)
124 #define IS_DOS_DIR(test_mode) (((test_mode) & aDIR) != 0)
125 #define IS_DOS_ARCHIVE(test_mode) (((test_mode) & aARCH) != 0)
126 #define IS_DOS_SYSTEM(test_mode) (((test_mode) & aSYSTEM) != 0)
127 #define IS_DOS_HIDDEN(test_mode) (((test_mode) & aHIDDEN) != 0)
129 /****************************************************************************
130 when exiting, take the whole family
131 ****************************************************************************/
134 exit_server("caught signal");
135 return 0; /* Keep -Wall happy :-) */
137 /****************************************************************************
138 Send a SIGTERM to our process group.
139 *****************************************************************************/
142 if(am_parent) kill(0,SIGTERM);
145 /****************************************************************************
146 change a dos mode to a unix mode
147 base permission for files:
148 everybody gets read bit set
149 dos readonly is represented in unix by removing everyone's write bit
150 dos archive is represented in unix by the user's execute bit
151 dos system is represented in unix by the group's execute bit
152 dos hidden is represented in unix by the other's execute bit
153 Then apply create mask,
155 base permission for directories:
156 dos directory is represented in unix by unix's dir bit and the exec bit
157 Then apply create mask,
159 ****************************************************************************/
160 mode_t unix_mode(int cnum,int dosmode)
162 mode_t result = (S_IRUSR | S_IRGRP | S_IROTH);
164 if ( !IS_DOS_READONLY(dosmode) )
165 result |= (S_IWUSR | S_IWGRP | S_IWOTH);
167 if (IS_DOS_DIR(dosmode)) {
168 /* We never make directories read only for the owner as under DOS a user
169 can always create a file in a read-only directory. */
170 result |= (S_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH | S_IWUSR);
171 /* Apply directory mask */
172 result &= lp_dir_mode(SNUM(cnum));
173 /* Add in force bits */
174 result |= lp_force_dir_mode(SNUM(cnum));
176 if (MAP_ARCHIVE(cnum) && IS_DOS_ARCHIVE(dosmode))
179 if (MAP_SYSTEM(cnum) && IS_DOS_SYSTEM(dosmode))
182 if (MAP_HIDDEN(cnum) && IS_DOS_HIDDEN(dosmode))
185 /* Apply mode mask */
186 result &= lp_create_mode(SNUM(cnum));
187 /* Add in force bits */
188 result |= lp_force_create_mode(SNUM(cnum));
194 /****************************************************************************
195 change a unix mode to a dos mode
196 ****************************************************************************/
197 int dos_mode(int cnum,char *path,struct stat *sbuf)
200 extern struct current_user current_user;
202 DEBUG(8,("dos_mode: %d %s\n", cnum, path));
204 if (CAN_WRITE(cnum) && !lp_alternate_permissions(SNUM(cnum))) {
205 if (!((sbuf->st_mode & S_IWOTH) ||
206 Connections[cnum].admin_user ||
207 ((sbuf->st_mode & S_IWUSR) && current_user.uid==sbuf->st_uid) ||
208 ((sbuf->st_mode & S_IWGRP) &&
209 in_group(sbuf->st_gid,current_user.gid,
210 current_user.ngroups,current_user.igroups))))
213 if ((sbuf->st_mode & S_IWUSR) == 0)
217 if (MAP_ARCHIVE(cnum) && ((sbuf->st_mode & S_IXUSR) != 0))
220 if (MAP_SYSTEM(cnum) && ((sbuf->st_mode & S_IXGRP) != 0))
223 if (MAP_HIDDEN(cnum) && ((sbuf->st_mode & S_IXOTH) != 0))
226 if (S_ISDIR(sbuf->st_mode))
227 result = aDIR | (result & aRONLY);
231 if (S_ISLNK(sbuf->st_mode) && S_ISDIR(sbuf->st_mode))
236 /* hide files with a name starting with a . */
237 if (lp_hide_dot_files(SNUM(cnum)))
239 char *p = strrchr(path,'/');
245 if (p[0] == '.' && p[1] != '.' && p[1] != 0)
249 /* Optimization : Only call is_hidden_path if it's not already
251 if (!(result & aHIDDEN) && IS_HIDDEN_PATH(cnum,path))
256 DEBUG(8,("dos_mode returning "));
258 if (result & aHIDDEN) DEBUG(8, ("h"));
259 if (result & aRONLY ) DEBUG(8, ("r"));
260 if (result & aSYSTEM) DEBUG(8, ("s"));
261 if (result & aDIR ) DEBUG(8, ("d"));
262 if (result & aARCH ) DEBUG(8, ("a"));
269 /*******************************************************************
270 chmod a file - but preserve some bits
271 ********************************************************************/
272 int dos_chmod(int cnum,char *fname,int dosmode,struct stat *st)
281 if (sys_stat(fname,st)) return(-1);
284 if (S_ISDIR(st->st_mode)) dosmode |= aDIR;
286 if (dos_mode(cnum,fname,st) == dosmode) return(0);
288 unixmode = unix_mode(cnum,dosmode);
290 /* preserve the s bits */
291 mask |= (S_ISUID | S_ISGID);
293 /* preserve the t bit */
298 /* possibly preserve the x bits */
299 if (!MAP_ARCHIVE(cnum)) mask |= S_IXUSR;
300 if (!MAP_SYSTEM(cnum)) mask |= S_IXGRP;
301 if (!MAP_HIDDEN(cnum)) mask |= S_IXOTH;
303 unixmode |= (st->st_mode & mask);
305 /* if we previously had any r bits set then leave them alone */
306 if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
307 unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
311 /* if we previously had any w bits set then leave them alone
312 if the new mode is not rdonly */
313 if (!IS_DOS_READONLY(dosmode) &&
314 (tmp = st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH))) {
315 unixmode &= ~(S_IWUSR|S_IWGRP|S_IWOTH);
319 return(sys_chmod(fname,unixmode));
322 /*******************************************************************
323 Wrapper around sys_utime that possibly allows DOS semantics rather
325 *******************************************************************/
327 int file_utime(int cnum, char *fname, struct utimbuf *times)
329 extern struct current_user current_user;
335 if(sys_utime(fname, times) == 0)
338 if((errno != EPERM) && (errno != EACCES))
341 if(!lp_dos_filetimes(SNUM(cnum)))
344 /* We have permission (given by the Samba admin) to
345 break POSIX semantics and allow a user to change
346 the time on a file they don't own but can write to
350 if(sys_stat(fname,&sb) != 0)
353 /* Check if we have write access. */
354 if (CAN_WRITE(cnum)) {
355 if (((sb.st_mode & S_IWOTH) ||
356 Connections[cnum].admin_user ||
357 ((sb.st_mode & S_IWUSR) && current_user.uid==sb.st_uid) ||
358 ((sb.st_mode & S_IWGRP) &&
359 in_group(sb.st_gid,current_user.gid,
360 current_user.ngroups,current_user.igroups)))) {
361 /* We are allowed to become root and change the filetime. */
363 ret = sys_utime(fname, times);
364 unbecome_root(False);
371 /*******************************************************************
372 Change a filetime - possibly allowing DOS semantics.
373 *******************************************************************/
375 BOOL set_filetime(int cnum, char *fname, time_t mtime)
377 struct utimbuf times;
379 if (null_mtime(mtime)) return(True);
381 times.modtime = times.actime = mtime;
383 if (file_utime(cnum, fname, ×)) {
384 DEBUG(4,("set_filetime(%s) failed: %s\n",fname,strerror(errno)));
390 /****************************************************************************
391 check if two filenames are equal
393 this needs to be careful about whether we are case sensitive
394 ****************************************************************************/
395 static BOOL fname_equal(char *name1, char *name2)
397 int l1 = strlen(name1);
398 int l2 = strlen(name2);
400 /* handle filenames ending in a single dot */
401 if (l1-l2 == 1 && name1[l1-1] == '.' && lp_strip_dot())
405 ret = fname_equal(name1,name2);
410 if (l2-l1 == 1 && name2[l2-1] == '.' && lp_strip_dot())
414 ret = fname_equal(name1,name2);
419 /* now normal filename handling */
421 return(strcmp(name1,name2) == 0);
423 return(strequal(name1,name2));
427 /****************************************************************************
428 mangle the 2nd name and check if it is then equal to the first name
429 ****************************************************************************/
430 static BOOL mangled_equal(char *name1, char *name2)
434 if (is_8_3(name2, True))
437 pstrcpy(tmpname,name2);
438 mangle_name_83(tmpname,sizeof(tmpname));
440 return(strequal(name1,tmpname));
444 /****************************************************************************
445 scan a directory to find a filename, matching without case sensitivity
447 If the name looks like a mangled name then try via the mangling functions
448 ****************************************************************************/
449 static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache)
456 mangled = is_mangled(name);
458 /* handle null paths */
462 if (docache && (dname = DirCacheCheck(path,name,SNUM(cnum)))) {
463 pstrcpy(name, dname);
468 * The incoming name can be mangled, and if we de-mangle it
469 * here it will not compare correctly against the filename (name2)
470 * read from the directory and then mangled by the name_map_mangle()
471 * call. We need to mangle both names or neither.
475 mangled = !check_mangled_cache( name );
477 /* open the directory */
478 if (!(cur_dir = OpenDir(cnum, path, True)))
480 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
484 /* now scan for matching names */
485 while ((dname = ReadDirName(cur_dir)))
488 (strequal(dname,".") || strequal(dname,"..")))
491 pstrcpy(name2,dname);
492 if (!name_map_mangle(name2,False,SNUM(cnum))) continue;
494 if ((mangled && mangled_equal(name,name2))
495 || fname_equal(name, name2))
497 /* we've found the file, change it's name and return */
498 if (docache) DirCacheAdd(path,name,dname,SNUM(cnum));
499 pstrcpy(name, dname);
509 /****************************************************************************
510 This routine is called to convert names from the dos namespace to unix
511 namespace. It needs to handle any case conversions, mangling, format
514 We assume that we have already done a chdir() to the right "root" directory
517 The function will return False if some part of the name except for the last
518 part cannot be resolved
520 If the saved_last_component != 0, then the unmodified last component
521 of the pathname is returned there. This is used in an exceptional
522 case in reply_mv (so far). If saved_last_component == 0 then nothing
525 The bad_path arg is set to True if the filename walk failed. This is
526 used to pick the correct error code to return between ENOENT and ENOTDIR
527 as Windows applications depend on ERRbadpath being returned if a component
528 of a pathname does not exist.
529 ****************************************************************************/
530 BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_path)
540 if(saved_last_component)
541 *saved_last_component = 0;
543 /* convert to basic unix format - removing \ chars and cleaning it up */
545 unix_clean_name(name);
547 /* names must be relative to the root of the service - trim any leading /.
548 also trim trailing /'s */
549 trim_string(name,"/","/");
552 * Ensure saved_last_component is valid even if file exists.
554 if(saved_last_component) {
555 end = strrchr(name, '/');
557 pstrcpy(saved_last_component, end + 1);
559 pstrcpy(saved_last_component, name);
562 if (!case_sensitive &&
563 (!case_preserve || (is_8_3(name, False) && !short_case_preserve)))
566 /* check if it's a printer file */
567 if (Connections[cnum].printer)
569 if ((! *name) || strchr(name,'/') || !is_8_3(name, True))
573 slprintf(name2,sizeof(name2)-1,"%.6s.XXXXXX",remote_machine);
574 /* sanitise the name */
575 for (s=name2 ; *s ; s++)
576 if (!issafe(*s)) *s = '_';
577 pstrcpy(name,(char *)mktemp(name2));
582 /* stat the name - if it exists then we are all done! */
583 if (sys_stat(name,&st) == 0)
588 DEBUG(5,("unix_convert(%s,%d)\n",name,cnum));
590 /* a special case - if we don't have any mangling chars and are case
591 sensitive then searching won't help */
592 if (case_sensitive && !is_mangled(name) &&
593 !lp_strip_dot() && !use_mangled_map && (saved_errno != ENOENT))
596 /* now we need to recursively match the name against the real
597 directory structure */
600 while (strncmp(start,"./",2) == 0)
603 /* now match each part of the path name separately, trying the names
604 as is first, then trying to scan the directory for matching names */
605 for (;start;start = (end?end+1:(char *)NULL))
607 /* pinpoint the end of this section of the filename */
608 end = strchr(start, '/');
610 /* chop the name at this point */
613 if(saved_last_component != 0)
614 pstrcpy(saved_last_component, end ? end + 1 : start);
616 /* check if the name exists up to this point */
617 if (sys_stat(name, &st) == 0)
619 /* it exists. it must either be a directory or this must be
620 the last part of the path for it to be OK */
621 if (end && !(st.st_mode & S_IFDIR))
623 /* an intermediate part of the name isn't a directory */
624 DEBUG(5,("Not a dir %s\n",start));
635 /* remember the rest of the pathname so it can be restored
637 if (end) pstrcpy(rest,end+1);
639 /* try to find this part of the path in the directory */
640 if (strchr(start,'?') || strchr(start,'*') ||
641 !scan_directory(dirpath, start, cnum, end?True:False))
645 /* an intermediate part of the name can't be found */
646 DEBUG(5,("Intermediate not found %s\n",start));
648 /* We need to return the fact that the intermediate
649 name resolution failed. This is used to return an
650 error of ERRbadpath rather than ERRbadfile. Some
651 Windows applications depend on the difference between
658 /* just the last part of the name doesn't exist */
659 /* we may need to strupper() or strlower() it in case
660 this conversion is being used for file creation
662 /* if the filename is of mixed case then don't normalise it */
663 if (!case_preserve &&
664 (!strhasupper(start) || !strhaslower(start)))
667 /* check on the mangled stack to see if we can recover the
668 base of the filename */
669 if (is_mangled(start))
670 check_mangled_cache( start );
672 DEBUG(5,("New file %s\n",start));
676 /* restore the rest of the string */
679 pstrcpy(start+strlen(start)+1,rest);
680 end = start + strlen(start);
684 /* add to the dirpath that we have resolved so far */
685 if (*dirpath) pstrcat(dirpath,"/");
686 pstrcat(dirpath,start);
688 /* restore the / that we wiped out earlier */
692 /* the name has been resolved */
693 DEBUG(5,("conversion finished %s\n",name));
698 /****************************************************************************
699 normalise for DOS usage
700 ****************************************************************************/
701 static void disk_norm(int *bsize,int *dfree,int *dsize)
703 /* check if the disk is beyond the max disk size */
704 int maxdisksize = lp_maxdisksize();
706 /* convert to blocks - and don't overflow */
707 maxdisksize = ((maxdisksize*1024)/(*bsize))*1024;
708 if (*dsize > maxdisksize) *dsize = maxdisksize;
709 if (*dfree > maxdisksize) *dfree = maxdisksize-1; /* the -1 should stop
714 while (*dfree > WORDMAX || *dsize > WORDMAX || *bsize < 512)
719 if (*bsize > WORDMAX )
722 if (*dsize > WORDMAX)
724 if (*dfree > WORDMAX)
731 /****************************************************************************
732 return number of 1K blocks available on a path and total number
733 ****************************************************************************/
734 int disk_free(char *path,int *bsize,int *dfree,int *dsize)
736 char *df_command = lp_dfree_command();
757 /* possibly use system() to get the result */
758 if (df_command && *df_command)
764 slprintf(outfile,sizeof(outfile)-1, "%s/dfree.smb.%d",tmpdir(),(int)getpid());
765 slprintf(syscmd,sizeof(syscmd)-1,"%s %s",df_command,path);
766 standard_sub_basic(syscmd);
768 ret = smbrun(syscmd,outfile,False);
769 DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret));
772 FILE *f = fopen(outfile,"r");
778 fscanf(f,"%d %d %d",dsize,dfree,bsize);
782 DEBUG(0,("Can't open %s\n",outfile));
786 disk_norm(bsize,dfree,dsize);
787 dfree_retval = ((*bsize)/1024)*(*dfree);
789 /* Ensure we return the min value between the users quota and
790 what's free on the disk. Thanks to Albrecht Gebhardt
791 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
793 if (disk_quotas(path, &bsizeq, &dfreeq, &dsizeq))
795 disk_norm(&bsizeq, &dfreeq, &dsizeq);
796 dfreeq_retval = ((bsizeq)/1024)*(dfreeq);
797 dfree_retval = ( dfree_retval < dfreeq_retval ) ?
798 dfree_retval : dfreeq_retval ;
799 /* maybe dfree and dfreeq are calculated using different bsizes
800 so convert dfree from bsize into bsizeq */
801 /* avoid overflows due to multiplication, so do not:
802 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
803 bsize and bsizeq are powers of 2 so its better to
804 to divide them getting a multiplication or division factor
805 for dfree. Rene Nieuwenhuizen (07-10-1997) */
806 if (*bsize >= bsizeq)
807 *dfree = *dfree * (*bsize / bsizeq);
809 *dfree = *dfree / (bsizeq / *bsize);
810 *dfree = ( *dfree < dfreeq ) ? *dfree : dfreeq ;
815 return(dfree_retval);
819 DEBUG(1,("Warning - no statfs function\n"));
823 if (statfs(path,&fs,sizeof(fs),0) != 0)
826 if (statvfs(path, &fs))
829 if (statfs(path,&fs,sizeof(fs)) == -1)
831 if (statfs(path,&fs) == -1)
833 #endif /* USE_STATVFS */
836 DEBUG(3,("dfree call failed code errno=%d\n",errno));
840 return(((*bsize)/1024)*(*dfree));
845 *dfree = fs.fd_req.bfree;
846 *dsize = fs.fd_req.btot;
849 *bsize = fs.f_frsize;
852 /* eg: osf1 has f_fsize = fundamental filesystem block size,
853 f_bsize = optimal transfer block size (MX: 94-04-19) */
858 #endif /* USE_STATVFS */
863 *dfree = fs.f_bavail;
865 *dsize = fs.f_blocks;
868 #if defined(SCO) || defined(ISC) || defined(MIPS)
872 /* handle rediculous bsize values - some OSes are broken */
873 if ((*bsize) < 512 || (*bsize)>0xFFFF) *bsize = 1024;
875 disk_norm(bsize,dfree,dsize);
881 DEBUG(0,("dfree seems to be broken on your system\n"));
882 *dsize = 20*1024*1024/(*bsize);
883 *dfree = MAX(1,*dfree);
885 dfree_retval = ((*bsize)/1024)*(*dfree);
887 /* Ensure we return the min value between the users quota and
888 what's free on the disk. Thanks to Albrecht Gebhardt
889 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
891 if (disk_quotas(path, &bsizeq, &dfreeq, &dsizeq))
893 disk_norm(&bsizeq, &dfreeq, &dsizeq);
894 dfreeq_retval = ((bsizeq)/1024)*(dfreeq);
895 dfree_retval = ( dfree_retval < dfreeq_retval ) ?
896 dfree_retval : dfreeq_retval ;
897 /* maybe dfree and dfreeq are calculated using different bsizes
898 so convert dfree from bsize into bsizeq */
899 /* avoid overflows due to multiplication, so do not:
900 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
901 bsize and bsizeq are powers of 2 so its better to
902 to divide them getting a multiplication or division factor
903 for dfree. Rene Nieuwenhuizen (07-10-1997) */
904 if (*bsize >= bsizeq)
905 *dfree = *dfree * (*bsize / bsizeq);
907 *dfree = *dfree / (bsizeq / *bsize);
908 *dfree = ( *dfree < dfreeq ) ? *dfree : dfreeq ;
913 return(dfree_retval);
918 /****************************************************************************
919 wrap it to get filenames right
920 ****************************************************************************/
921 int sys_disk_free(char *path,int *bsize,int *dfree,int *dsize)
923 return(disk_free(dos_to_unix(path,False),bsize,dfree,dsize));
928 /****************************************************************************
929 check a filename - possibly caling reducename
931 This is called by every routine before it allows an operation on a filename.
932 It does any final confirmation necessary to ensure that the filename is
933 a valid one for the user to access.
934 ****************************************************************************/
935 BOOL check_name(char *name,int cnum)
941 if( IS_VETO_PATH(cnum, name))
943 DEBUG(5,("file path name %s vetoed\n",name));
947 ret = reduce_name(name,Connections[cnum].connectpath,lp_widelinks(SNUM(cnum)));
949 /* Check if we are allowing users to follow symlinks */
950 /* Patch from David Clerc <David.Clerc@cui.unige.ch>
951 University of Geneva */
954 if (!lp_symlinks(SNUM(cnum)))
957 if ( (sys_lstat(name,&statbuf) != -1) &&
958 (S_ISLNK(statbuf.st_mode)) )
960 DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
967 DEBUG(5,("check_name on %s failed\n",name));
972 /****************************************************************************
973 check a filename - possibly caling reducename
974 ****************************************************************************/
975 static void check_for_pipe(char *fname)
977 /* special case of pipe opens */
981 if (strstr(s,"pipe/"))
983 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
984 unix_ERR_class = ERRSRV;
985 unix_ERR_code = ERRaccess;
989 /****************************************************************************
990 fd support routines - attempt to do a sys_open
991 ****************************************************************************/
992 static int fd_attempt_open(char *fname, int flags, int mode)
994 int fd = sys_open(fname,flags,mode);
996 /* Fix for files ending in '.' */
997 if((fd == -1) && (errno == ENOENT) &&
998 (strchr(fname,'.')==NULL))
1001 fd = sys_open(fname,flags,mode);
1004 #if (defined(ENAMETOOLONG) && defined(HAVE_PATHCONF))
1005 if ((fd == -1) && (errno == ENAMETOOLONG))
1008 char *p = strrchr(fname, '/');
1010 if (p == fname) /* name is "/xxx" */
1012 max_len = pathconf("/", _PC_NAME_MAX);
1015 else if ((p == NULL) || (p == fname))
1018 max_len = pathconf(".", _PC_NAME_MAX);
1023 max_len = pathconf(fname, _PC_NAME_MAX);
1027 if (strlen(p) > max_len)
1029 char tmp = p[max_len];
1032 if ((fd = sys_open(fname,flags,mode)) == -1)
1040 /****************************************************************************
1041 Cache a uid_t currently with this file open. This is an optimization only
1042 used when multiple sessionsetup's have been done to one smbd.
1043 ****************************************************************************/
1044 static void fd_add_to_uid_cache(file_fd_struct *fd_ptr, uid_t u)
1046 if(fd_ptr->uid_cache_count >= sizeof(fd_ptr->uid_users_cache)/sizeof(uid_t))
1048 fd_ptr->uid_users_cache[fd_ptr->uid_cache_count++] = u;
1051 /****************************************************************************
1052 Remove a uid_t that currently has this file open. This is an optimization only
1053 used when multiple sessionsetup's have been done to one smbd.
1054 ****************************************************************************/
1055 static void fd_remove_from_uid_cache(file_fd_struct *fd_ptr, uid_t u)
1058 for(i = 0; i < fd_ptr->uid_cache_count; i++)
1059 if(fd_ptr->uid_users_cache[i] == u) {
1060 if(i < (fd_ptr->uid_cache_count-1))
1061 memmove((char *)&fd_ptr->uid_users_cache[i], (char *)&fd_ptr->uid_users_cache[i+1],
1062 sizeof(uid_t)*(fd_ptr->uid_cache_count-1-i) );
1063 fd_ptr->uid_cache_count--;
1068 /****************************************************************************
1069 Check if a uid_t that currently has this file open is present. This is an
1070 optimization only used when multiple sessionsetup's have been done to one smbd.
1071 ****************************************************************************/
1072 static BOOL fd_is_in_uid_cache(file_fd_struct *fd_ptr, uid_t u)
1075 for(i = 0; i < fd_ptr->uid_cache_count; i++)
1076 if(fd_ptr->uid_users_cache[i] == u)
1081 /****************************************************************************
1082 fd support routines - attempt to find an already open file by dev
1083 and inode - increments the ref_count of the returned file_fd_struct *.
1084 ****************************************************************************/
1085 static file_fd_struct *fd_get_already_open(struct stat *sbuf)
1088 file_fd_struct *fd_ptr;
1093 for(i = 0; i <= max_file_fd_used; i++) {
1094 fd_ptr = &FileFd[i];
1095 if((fd_ptr->ref_count > 0) &&
1096 (((uint32)sbuf->st_dev) == fd_ptr->dev) &&
1097 (((uint32)sbuf->st_ino) == fd_ptr->inode)) {
1098 fd_ptr->ref_count++;
1100 ("Re-used file_fd_struct %d, dev = %x, inode = %x, ref_count = %d\n",
1101 i, fd_ptr->dev, fd_ptr->inode, fd_ptr->ref_count));
1108 /****************************************************************************
1109 fd support routines - attempt to find a empty slot in the FileFd array.
1110 Increments the ref_count of the returned entry.
1111 ****************************************************************************/
1112 static file_fd_struct *fd_get_new(void)
1114 extern struct current_user current_user;
1116 file_fd_struct *fd_ptr;
1118 for(i = 0; i < MAX_OPEN_FILES; i++) {
1119 fd_ptr = &FileFd[i];
1120 if(fd_ptr->ref_count == 0) {
1121 fd_ptr->dev = (uint32)-1;
1122 fd_ptr->inode = (uint32)-1;
1124 fd_ptr->fd_readonly = -1;
1125 fd_ptr->fd_writeonly = -1;
1126 fd_ptr->real_open_flags = -1;
1127 fd_ptr->uid_cache_count = 0;
1128 fd_add_to_uid_cache(fd_ptr, (uid_t)current_user.uid);
1129 fd_ptr->ref_count++;
1130 /* Increment max used counter if neccessary, cuts down
1131 on search time when re-using */
1132 if(i > max_file_fd_used)
1133 max_file_fd_used = i;
1134 DEBUG(3,("Allocated new file_fd_struct %d, dev = %x, inode = %x\n",
1135 i, fd_ptr->dev, fd_ptr->inode));
1139 DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\n"));
1143 /****************************************************************************
1144 fd support routines - attempt to re-open an already open fd as O_RDWR.
1145 Save the already open fd (we cannot close due to POSIX file locking braindamage.
1146 ****************************************************************************/
1147 static void fd_attempt_reopen(char *fname, int mode, file_fd_struct *fd_ptr)
1149 int fd = sys_open( fname, O_RDWR, mode);
1154 if(fd_ptr->real_open_flags == O_RDONLY)
1155 fd_ptr->fd_readonly = fd_ptr->fd;
1156 if(fd_ptr->real_open_flags == O_WRONLY)
1157 fd_ptr->fd_writeonly = fd_ptr->fd;
1160 fd_ptr->real_open_flags = O_RDWR;
1163 /****************************************************************************
1164 fd support routines - attempt to close the file referenced by this fd.
1165 Decrements the ref_count and returns it.
1166 ****************************************************************************/
1167 static int fd_attempt_close(file_fd_struct *fd_ptr)
1169 extern struct current_user current_user;
1171 DEBUG(3,("fd_attempt_close on file_fd_struct %d, fd = %d, dev = %x, inode = %x, open_flags = %d, ref_count = %d.\n",
1172 fd_ptr - &FileFd[0],
1173 fd_ptr->fd, fd_ptr->dev, fd_ptr->inode,
1174 fd_ptr->real_open_flags,
1175 fd_ptr->ref_count));
1176 if(fd_ptr->ref_count > 0) {
1177 fd_ptr->ref_count--;
1178 if(fd_ptr->ref_count == 0) {
1179 if(fd_ptr->fd != -1)
1181 if(fd_ptr->fd_readonly != -1)
1182 close(fd_ptr->fd_readonly);
1183 if(fd_ptr->fd_writeonly != -1)
1184 close(fd_ptr->fd_writeonly);
1186 fd_ptr->fd_readonly = -1;
1187 fd_ptr->fd_writeonly = -1;
1188 fd_ptr->real_open_flags = -1;
1189 fd_ptr->dev = (uint32)-1;
1190 fd_ptr->inode = (uint32)-1;
1191 fd_ptr->uid_cache_count = 0;
1193 fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
1195 return fd_ptr->ref_count;
1198 /****************************************************************************
1199 fd support routines - check that current user has permissions
1200 to open this file. Used when uid not found in optimization cache.
1201 This is really ugly code, as due to POSIX locking braindamage we must
1202 fork and then attempt to open the file, and return success or failure
1204 ****************************************************************************/
1205 static BOOL check_access_allowed_for_current_user( char *fname, int accmode )
1209 if((child_pid = fork()) < 0) {
1210 DEBUG(0,("check_access_allowed_for_current_user: fork failed.\n"));
1220 if ((wpid = sys_waitpid(child_pid, &status_code, 0)) < 0) {
1221 DEBUG(0,("check_access_allowed_for_current_user: The process is no longer waiting!\n"));
1225 if (child_pid != wpid) {
1226 DEBUG(0,("check_access_allowed_for_current_user: We were waiting for the wrong process ID\n"));
1229 #if defined(WIFEXITED) && defined(WEXITSTATUS)
1230 if (WIFEXITED(status_code) == 0) {
1231 DEBUG(0,("check_access_allowed_for_current_user: The process exited while we were waiting\n"));
1234 if (WEXITSTATUS(status_code) != 0) {
1235 DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access denied.\n", status_code));
1238 #else /* defined(WIFEXITED) && defined(WEXITSTATUS) */
1239 if(status_code != 0) {
1240 DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access denied.\n", status_code));
1243 #endif /* defined(WIFEXITED) && defined(WEXITSTATUS) */
1246 * Success - the child could open the file.
1248 DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access allowed.\n", status_code));
1255 DEBUG(9,("check_access_allowed_for_current_user: Child - attempting to open %s with mode %d.\n", fname, accmode ));
1256 if((fd = fd_attempt_open( fname, accmode, 0)) < 0) {
1257 /* Access denied. */
1261 DEBUG(9,("check_access_allowed_for_current_user: Child - returning ok.\n"));
1268 /****************************************************************************
1270 ****************************************************************************/
1271 static void open_file(int fnum,int cnum,char *fname1,int flags,int mode, struct stat *sbuf)
1273 extern struct current_user current_user;
1275 struct stat statbuf;
1276 file_fd_struct *fd_ptr;
1277 files_struct *fsp = &Files[fnum];
1278 int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
1282 fsp->granted_oplock = False;
1285 pstrcpy(fname,fname1);
1287 /* check permissions */
1290 * This code was changed after seeing a client open request
1291 * containing the open mode of (DENY_WRITE/read-only) with
1292 * the 'create if not exist' bit set. The previous code
1293 * would fail to open the file read only on a read-only share
1294 * as it was checking the flags parameter directly against O_RDONLY,
1295 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
1299 if (!CAN_WRITE(cnum) && !Connections[cnum].printer) {
1300 /* It's a read-only share - fail if we wanted to write. */
1301 if(accmode != O_RDONLY) {
1302 DEBUG(3,("Permission denied opening %s\n",fname));
1303 check_for_pipe(fname);
1306 else if(flags & O_CREAT) {
1307 /* We don't want to write - but we must make sure that O_CREAT
1308 doesn't create the file if we have write access into the
1315 /* this handles a bug in Win95 - it doesn't say to create the file when it
1317 if (Connections[cnum].printer)
1321 if (flags == O_WRONLY)
1322 DEBUG(3,("Bug in client? Set O_WRONLY without O_CREAT\n"));
1326 * Ensure we have a valid struct stat so we can search the
1330 if(stat(fname, &statbuf) < 0) {
1331 if(errno != ENOENT) {
1332 DEBUG(3,("Error doing stat on file %s (%s)\n",
1333 fname,strerror(errno)));
1335 check_for_pipe(fname);
1345 * Check to see if we have this file already
1346 * open. If we do, just use the already open fd and increment the
1347 * reference count (fd_get_already_open increments the ref_count).
1349 if((fd_ptr = fd_get_already_open(sbuf))!= 0) {
1351 * File was already open.
1355 * Check it wasn't open for exclusive use.
1357 if((flags & O_CREAT) && (flags & O_EXCL)) {
1358 fd_ptr->ref_count--;
1364 * Ensure that the user attempting to open
1365 * this file has permissions to do so, if
1366 * the user who originally opened the file wasn't
1367 * the same as the current user.
1370 if(!fd_is_in_uid_cache(fd_ptr, (uid_t)current_user.uid)) {
1371 if(!check_access_allowed_for_current_user( fname, accmode )) {
1372 /* Error - permission denied. */
1373 DEBUG(3,("Permission denied opening file %s (flags=%d, accmode = %d)\n",
1374 fname, flags, accmode));
1375 /* Ensure the ref_count is decremented. */
1376 fd_ptr->ref_count--;
1377 fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
1383 fd_add_to_uid_cache(fd_ptr, (uid_t)current_user.uid);
1386 * If not opened O_RDWR try
1387 * and do that here - a chmod may have been done
1388 * between the last open and now.
1390 if(fd_ptr->real_open_flags != O_RDWR)
1391 fd_attempt_reopen(fname, mode, fd_ptr);
1394 * Ensure that if we wanted write access
1395 * it has been opened for write, and if we wanted read it
1396 * was open for read.
1398 if(((accmode == O_WRONLY) && (fd_ptr->real_open_flags == O_RDONLY)) ||
1399 ((accmode == O_RDONLY) && (fd_ptr->real_open_flags == O_WRONLY)) ||
1400 ((accmode == O_RDWR) && (fd_ptr->real_open_flags != O_RDWR))) {
1401 DEBUG(3,("Error opening (already open for flags=%d) file %s (%s) (flags=%d)\n",
1402 fd_ptr->real_open_flags, fname,strerror(EACCES),flags));
1403 check_for_pipe(fname);
1404 fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
1405 fd_ptr->ref_count--;
1411 /* We need to allocate a new file_fd_struct (this increments the
1413 if((fd_ptr = fd_get_new()) == 0)
1416 * Whatever the requested flags, attempt read/write access,
1417 * as we don't know what flags future file opens may require.
1418 * If this fails, try again with the required flags.
1419 * Even if we open read/write when only read access was
1420 * requested the setting of the can_write flag in
1421 * the file_struct will protect us from errant
1422 * write requests. We never need to worry about O_APPEND
1423 * as this is not set anywhere in Samba.
1425 fd_ptr->real_open_flags = O_RDWR;
1426 /* Set the flags as needed without the read/write modes. */
1427 open_flags = flags & ~(O_RDWR|O_WRONLY|O_RDONLY);
1428 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDWR, mode);
1430 * On some systems opening a file for R/W access on a read only
1431 * filesystems sets errno to EROFS.
1434 if((fd_ptr->fd == -1) && ((errno == EACCES) || (errno == EROFS))) {
1435 #else /* No EROFS */
1436 if((fd_ptr->fd == -1) && (errno == EACCES)) {
1438 if(flags & O_WRONLY) {
1439 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_WRONLY, mode);
1440 fd_ptr->real_open_flags = O_WRONLY;
1442 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDONLY, mode);
1443 fd_ptr->real_open_flags = O_RDONLY;
1448 if ((fd_ptr->fd >=0) &&
1449 Connections[cnum].printer && lp_minprintspace(SNUM(cnum))) {
1453 pstrcpy(dname,fname);
1454 p = strrchr(dname,'/');
1456 if (sys_disk_free(dname,&dum1,&dum2,&dum3) <
1457 lp_minprintspace(SNUM(cnum))) {
1458 fd_attempt_close(fd_ptr);
1460 if(fd_ptr->ref_count == 0)
1469 DEBUG(3,("Error opening file %s (%s) (flags=%d)\n",
1470 fname,strerror(errno),flags));
1471 /* Ensure the ref_count is decremented. */
1472 fd_attempt_close(fd_ptr);
1473 check_for_pipe(fname);
1477 if (fd_ptr->fd >= 0)
1481 if(fstat(fd_ptr->fd, &statbuf) == -1) {
1482 /* Error - backout !! */
1483 DEBUG(3,("Error doing fstat on fd %d, file %s (%s)\n",
1484 fd_ptr->fd, fname,strerror(errno)));
1485 /* Ensure the ref_count is decremented. */
1486 fd_attempt_close(fd_ptr);
1492 /* Set the correct entries in fd_ptr. */
1493 fd_ptr->dev = (uint32)sbuf->st_dev;
1494 fd_ptr->inode = (uint32)sbuf->st_ino;
1496 fsp->fd_ptr = fd_ptr;
1497 Connections[cnum].num_files_open++;
1498 fsp->mode = sbuf->st_mode;
1499 GetTimeOfDay(&fsp->open_time);
1500 fsp->vuid = current_user.vuid;
1504 fsp->mmap_ptr = NULL;
1506 fsp->can_lock = True;
1507 fsp->can_read = ((flags & O_WRONLY)==0);
1508 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
1509 fsp->share_mode = 0;
1510 fsp->print_file = Connections[cnum].printer;
1511 fsp->modified = False;
1512 fsp->granted_oplock = False;
1513 fsp->sent_oplock_break = False;
1515 string_set(&fsp->name,dos_to_unix(fname,False));
1516 fsp->wbmpx_ptr = NULL;
1519 * If the printer is marked as postscript output a leading
1520 * file identifier to ensure the file is treated as a raw
1522 * This has a similar effect as CtrlD=0 in WIN.INI file.
1523 * tim@fsg.com 09/06/94
1525 if (fsp->print_file && POSTSCRIPT(cnum) && fsp->can_write)
1527 DEBUG(3,("Writing postscript line\n"));
1528 write_file(fnum,"%!\n",3);
1531 DEBUG(2,("%s %s opened file %s read=%s write=%s (numopen=%d fnum=%d)\n",
1533 *sesssetup_user ? sesssetup_user : Connections[cnum].user,fname,
1534 BOOLSTR(fsp->can_read),BOOLSTR(fsp->can_write),
1535 Connections[cnum].num_files_open,fnum));
1540 /* mmap it if read-only */
1541 if (!fsp->can_write)
1543 fsp->mmap_size = file_size(fname);
1544 fsp->mmap_ptr = (char *)mmap(NULL,fsp->mmap_size,
1545 PROT_READ,MAP_SHARED,fsp->fd_ptr->fd,0);
1547 if (fsp->mmap_ptr == (char *)-1 || !fsp->mmap_ptr)
1549 DEBUG(3,("Failed to mmap() %s - %s\n",fname,strerror(errno)));
1550 fsp->mmap_ptr = NULL;
1556 /*******************************************************************
1558 ********************************************************************/
1559 void sync_file(int fnum)
1562 fsync(Files[fnum].fd_ptr->fd);
1566 /****************************************************************************
1567 run a file if it is a magic script
1568 ****************************************************************************/
1569 static void check_magic(int fnum,int cnum)
1571 if (!*lp_magicscript(SNUM(cnum)))
1574 DEBUG(5,("checking magic for %s\n",Files[fnum].name));
1578 if (!(p = strrchr(Files[fnum].name,'/')))
1579 p = Files[fnum].name;
1583 if (!strequal(lp_magicscript(SNUM(cnum)),p))
1589 pstring magic_output;
1591 pstrcpy(fname,Files[fnum].name);
1593 if (*lp_magicoutput(SNUM(cnum)))
1594 pstrcpy(magic_output,lp_magicoutput(SNUM(cnum)));
1596 slprintf(magic_output,sizeof(fname)-1, "%s.out",fname);
1599 ret = smbrun(fname,magic_output,False);
1600 DEBUG(3,("Invoking magic command %s gave %d\n",fname,ret));
1606 /****************************************************************************
1607 close a file - possibly invalidating the read prediction
1609 If normal_close is 1 then this came from a normal SMBclose (or equivalent)
1610 operation otherwise it came as the result of some other operation such as
1611 the closing of the connection. In the latter case printing and
1612 magic scripts are not run
1613 ****************************************************************************/
1614 void close_file(int fnum, BOOL normal_close)
1616 files_struct *fs_p = &Files[fnum];
1617 int cnum = fs_p->cnum;
1618 uint32 dev = fs_p->fd_ptr->dev;
1619 uint32 inode = fs_p->fd_ptr->inode;
1622 Files[fnum].reserved = False;
1624 #if USE_READ_PREDICTION
1625 invalidate_read_prediction(fs_p->fd_ptr->fd);
1629 Connections[cnum].num_files_open--;
1632 free((char *)fs_p->wbmpx_ptr);
1633 fs_p->wbmpx_ptr = NULL;
1639 munmap(fs_p->mmap_ptr,fs_p->mmap_size);
1640 fs_p->mmap_ptr = NULL;
1644 if (lp_share_modes(SNUM(cnum)))
1646 lock_share_entry( cnum, dev, inode, &token);
1647 del_share_mode(token, fnum);
1650 fd_attempt_close(fs_p->fd_ptr);
1652 if (lp_share_modes(SNUM(cnum)))
1653 unlock_share_entry( cnum, dev, inode, token);
1655 /* NT uses smbclose to start a print - weird */
1656 if (normal_close && fs_p->print_file)
1659 /* check for magic scripts */
1661 check_magic(fnum,cnum);
1663 if(fs_p->granted_oplock == True)
1664 global_oplocks_open--;
1666 fs_p->sent_oplock_break = False;
1668 DEBUG(2,("%s %s closed file %s (numopen=%d)\n",
1669 timestring(),Connections[cnum].user,fs_p->name,
1670 Connections[cnum].num_files_open));
1673 string_free(&fs_p->name);
1676 /* we will catch bugs faster by zeroing this structure */
1677 memset(fs_p, 0, sizeof(*fs_p));
1680 enum {AFAIL,AREAD,AWRITE,AALL};
1682 /*******************************************************************
1683 reproduce the share mode access table
1684 ********************************************************************/
1685 static int access_table(int new_deny,int old_deny,int old_mode,
1686 int share_pid,char *fname)
1688 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
1690 if (new_deny == DENY_DOS || old_deny == DENY_DOS) {
1692 if (old_deny == new_deny && share_pid == pid)
1695 if (old_mode == 0) return(AREAD);
1697 /* the new smbpub.zip spec says that if the file extension is
1698 .com, .dll, .exe or .sym then allow the open. I will force
1699 it to read-only as this seems sensible although the spec is
1700 a little unclear on this. */
1701 if ((fname = strrchr(fname,'.'))) {
1702 if (strequal(fname,".com") ||
1703 strequal(fname,".dll") ||
1704 strequal(fname,".exe") ||
1705 strequal(fname,".sym"))
1715 if (old_deny==DENY_WRITE && old_mode==0) return(AREAD);
1716 if (old_deny==DENY_READ && old_mode==0) return(AWRITE);
1717 if (old_deny==DENY_NONE && old_mode==0) return(AALL);
1720 if (old_deny==DENY_WRITE && old_mode==1) return(AREAD);
1721 if (old_deny==DENY_READ && old_mode==1) return(AWRITE);
1722 if (old_deny==DENY_NONE && old_mode==1) return(AALL);
1725 if (old_deny==DENY_WRITE) return(AREAD);
1726 if (old_deny==DENY_READ) return(AWRITE);
1727 if (old_deny==DENY_NONE) return(AALL);
1733 /*******************************************************************
1734 check if the share mode on a file allows it to be deleted or unlinked
1735 return True if sharing doesn't prevent the operation
1736 ********************************************************************/
1737 BOOL check_file_sharing(int cnum,char *fname, BOOL rename_op)
1741 share_mode_entry *old_shares = 0;
1742 int num_share_modes;
1748 if(!lp_share_modes(SNUM(cnum)))
1751 if (stat(fname,&sbuf) == -1) return(True);
1753 dev = (uint32)sbuf.st_dev;
1754 inode = (uint32)sbuf.st_ino;
1756 lock_share_entry(cnum, dev, inode, &token);
1757 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1760 * Check if the share modes will give us access.
1763 if(num_share_modes != 0)
1770 broke_oplock = False;
1771 for(i = 0; i < num_share_modes; i++)
1773 share_mode_entry *share_entry = &old_shares[i];
1776 * Break oplocks before checking share modes. See comment in
1777 * open_file_shared for details.
1778 * Check if someone has an oplock on this file. If so we must
1779 * break it before continuing.
1781 if(share_entry->op_type & BATCH_OPLOCK)
1785 * It appears that the NT redirector may have a bug, in that
1786 * it tries to do an SMBmv on a file that it has open with a
1787 * batch oplock, and then fails to respond to the oplock break
1788 * request. This only seems to occur when the client is doing an
1789 * SMBmv to the smbd it is using - thus we try and detect this
1790 * condition by checking if the file being moved is open and oplocked by
1791 * this smbd process, and then not sending the oplock break in this
1792 * special case. If the file was open with a deny mode that
1793 * prevents the move the SMBmv will fail anyway with a share
1794 * violation error. JRA.
1796 if(rename_op && (share_entry->pid == pid))
1798 DEBUG(0,("check_file_sharing: NT redirector workaround - rename attempted on \
1799 batch oplocked file %s, dev = %x, inode = %x\n", fname, dev, inode));
1801 * This next line is a test that allows the deny-mode
1802 * processing to be skipped. This seems to be needed as
1803 * NT insists on the rename succeeding (in Office 9x no less !).
1804 * This should be removed as soon as (a) MS fix the redirector
1805 * bug or (b) NT SMB support in Samba makes NT not issue the
1806 * call (as is my fervent hope). JRA.
1812 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1813 dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
1815 /* Oplock break.... */
1816 unlock_share_entry(cnum, dev, inode, token);
1817 if(request_oplock_break(share_entry, dev, inode) == False)
1819 free((char *)old_shares);
1820 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1821 dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
1824 lock_share_entry(cnum, dev, inode, &token);
1825 broke_oplock = True;
1830 /* someone else has a share lock on it, check to see
1832 if ((share_entry->share_mode != DENY_DOS) || (share_entry->pid != pid))
1839 free((char *)old_shares);
1840 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1842 } while(broke_oplock);
1845 /* XXXX exactly what share mode combinations should be allowed for
1846 deleting/renaming? */
1847 /* If we got here then either there were no share modes or
1848 all share modes were DENY_DOS and the pid == getpid() */
1853 unlock_share_entry(cnum, dev, inode, token);
1854 if(old_shares != NULL)
1855 free((char *)old_shares);
1859 /****************************************************************************
1861 Helper for open_file_shared.
1862 Truncate a file after checking locking; close file if locked.
1863 **************************************************************************/
1864 static void truncate_unless_locked(int fnum, int cnum, int token,
1867 if (Files[fnum].can_write){
1868 if (is_locked(fnum,cnum,0x3FFFFFFF,0)){
1869 /* If share modes are in force for this connection we
1870 have the share entry locked. Unlock it before closing. */
1871 if (*share_locked && lp_share_modes(SNUM(cnum)))
1872 unlock_share_entry( cnum, Files[fnum].fd_ptr->dev,
1873 Files[fnum].fd_ptr->inode, token);
1874 close_file(fnum,False);
1875 /* Share mode no longer locked. */
1876 *share_locked = False;
1878 unix_ERR_class = ERRDOS;
1879 unix_ERR_code = ERRlock;
1882 ftruncate(Files[fnum].fd_ptr->fd,0);
1886 /****************************************************************************
1887 check if we can open a file with a share mode
1888 ****************************************************************************/
1889 int check_share_mode( share_mode_entry *share, int deny_mode, char *fname,
1890 BOOL fcbopen, int *flags)
1892 int old_open_mode = share->share_mode &0xF;
1893 int old_deny_mode = (share->share_mode >>4)&7;
1895 if (old_deny_mode > 4 || old_open_mode > 2)
1897 DEBUG(0,("Invalid share mode found (%d,%d,%d) on file %s\n",
1898 deny_mode,old_deny_mode,old_open_mode,fname));
1903 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
1906 if ((access_allowed == AFAIL) ||
1907 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
1908 (access_allowed == AREAD && *flags == O_WRONLY) ||
1909 (access_allowed == AWRITE && *flags == O_RDONLY))
1911 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
1912 deny_mode,old_deny_mode,old_open_mode,
1913 share->pid,fname, fcbopen, *flags, access_allowed));
1917 if (access_allowed == AREAD)
1920 if (access_allowed == AWRITE)
1927 /****************************************************************************
1928 open a file with a share mode
1929 ****************************************************************************/
1930 void open_file_shared(int fnum,int cnum,char *fname,int share_mode,int ofun,
1931 int mode,int oplock_request, int *Access,int *action)
1933 files_struct *fs_p = &Files[fnum];
1936 int deny_mode = (share_mode>>4)&7;
1938 BOOL file_existed = file_exist(fname,&sbuf);
1939 BOOL share_locked = False;
1940 BOOL fcbopen = False;
1944 int num_share_modes = 0;
1949 /* this is for OS/2 EAs - try and say we don't support them */
1950 if (strstr(fname,".+,;=[]."))
1952 unix_ERR_class = ERRDOS;
1953 /* OS/2 Workplace shell fix may be main code stream in a later release. */
1954 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
1955 unix_ERR_code = ERRcannotopen;
1956 #else /* OS2_WPS_FIX */
1957 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
1958 #endif /* OS2_WPS_FIX */
1963 if ((ofun & 0x3) == 0 && file_existed)
1971 if ((ofun & 0x3) == 2)
1974 /* note that we ignore the append flag as
1975 append does not mean the same thing under dos and unix */
1977 switch (share_mode&0xF)
1995 if (share_mode&(1<<14)) {
2000 if (flags != O_RDONLY && file_existed &&
2001 (!CAN_WRITE(cnum) || IS_DOS_READONLY(dos_mode(cnum,fname,&sbuf))))
2011 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB)
2013 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
2018 if (deny_mode == DENY_FCB) deny_mode = DENY_DOS;
2020 if (lp_share_modes(SNUM(cnum)))
2023 share_mode_entry *old_shares = 0;
2027 dev = (uint32)sbuf.st_dev;
2028 inode = (uint32)sbuf.st_ino;
2029 lock_share_entry(cnum, dev, inode, &token);
2030 share_locked = True;
2031 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
2035 * Check if the share modes will give us access.
2038 if(share_locked && (num_share_modes != 0))
2045 broke_oplock = False;
2046 for(i = 0; i < num_share_modes; i++)
2048 share_mode_entry *share_entry = &old_shares[i];
2051 * By observation of NetBench, oplocks are broken *before* share
2052 * modes are checked. This allows a file to be closed by the client
2053 * if the share mode would deny access and the client has an oplock.
2054 * Check if someone has an oplock on this file. If so we must break
2055 * it before continuing.
2057 if(share_entry->op_type & (EXCLUSIVE_OPLOCK|BATCH_OPLOCK))
2060 DEBUG(5,("open_file_shared: breaking oplock (%x) on file %s, \
2061 dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
2063 /* Oplock break.... */
2064 unlock_share_entry(cnum, dev, inode, token);
2065 if(request_oplock_break(share_entry, dev, inode) == False)
2067 free((char *)old_shares);
2068 DEBUG(0,("open_file_shared: FAILED when breaking oplock (%x) on file %s, \
2069 dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
2071 unix_ERR_class = ERRDOS;
2072 unix_ERR_code = ERRbadshare;
2075 lock_share_entry(cnum, dev, inode, &token);
2076 broke_oplock = True;
2080 /* someone else has a share lock on it, check to see
2082 if(check_share_mode(share_entry, deny_mode, fname, fcbopen, &flags) == False)
2084 free((char *)old_shares);
2085 unlock_share_entry(cnum, dev, inode, token);
2087 unix_ERR_class = ERRDOS;
2088 unix_ERR_code = ERRbadshare;
2096 free((char *)old_shares);
2097 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
2099 } while(broke_oplock);
2103 free((char *)old_shares);
2106 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
2107 flags,flags2,mode));
2109 open_file(fnum,cnum,fname,flags|(flags2&~(O_TRUNC)),mode,file_existed ? &sbuf : 0);
2110 if (!fs_p->open && flags==O_RDWR && errno!=ENOENT && fcbopen)
2113 open_file(fnum,cnum,fname,flags,mode,file_existed ? &sbuf : 0 );
2120 if((share_locked == False) && lp_share_modes(SNUM(cnum)))
2122 /* We created the file - thus we must now lock the share entry before creating it. */
2123 dev = fs_p->fd_ptr->dev;
2124 inode = fs_p->fd_ptr->inode;
2125 lock_share_entry(cnum, dev, inode, &token);
2126 share_locked = True;
2142 fs_p->share_mode = (deny_mode<<4) | open_mode;
2145 (*Access) = open_mode;
2149 if (file_existed && !(flags2 & O_TRUNC)) *action = 1;
2150 if (!file_existed) *action = 2;
2151 if (file_existed && (flags2 & O_TRUNC)) *action = 3;
2153 /* We must create the share mode entry before truncate as
2154 truncate can fail due to locking and have to close the
2155 file (which expects the share_mode_entry to be there).
2157 if (lp_share_modes(SNUM(cnum)))
2160 /* JRA. Currently this only services Exlcusive and batch
2161 oplocks (no other opens on this file). This needs to
2162 be extended to level II oplocks (multiple reader
2165 if(oplock_request && (num_share_modes == 0) && lp_oplocks(SNUM(cnum)) &&
2166 !IS_VETO_OPLOCK_PATH(cnum,fname))
2168 fs_p->granted_oplock = True;
2169 fs_p->sent_oplock_break = False;
2170 global_oplocks_open++;
2173 DEBUG(5,("open_file_shared: granted oplock (%x) on file %s, \
2174 dev = %x, inode = %x\n", oplock_request, fname, dev, inode));
2182 set_share_mode(token, fnum, port, oplock_request);
2185 if ((flags2&O_TRUNC) && file_existed)
2186 truncate_unless_locked(fnum,cnum,token,&share_locked);
2189 if (share_locked && lp_share_modes(SNUM(cnum)))
2190 unlock_share_entry( cnum, dev, inode, token);
2193 /****************************************************************************
2194 seek a file. Try to avoid the seek if possible
2195 ****************************************************************************/
2196 int seek_file(int fnum,uint32 pos)
2199 if (Files[fnum].print_file && POSTSCRIPT(Files[fnum].cnum))
2202 Files[fnum].pos = (int)(lseek(Files[fnum].fd_ptr->fd,pos+offset,SEEK_SET)
2204 return(Files[fnum].pos);
2207 /****************************************************************************
2209 ****************************************************************************/
2210 int read_file(int fnum,char *data,uint32 pos,int n)
2214 #if USE_READ_PREDICTION
2215 if (!Files[fnum].can_write)
2217 ret = read_predict(Files[fnum].fd_ptr->fd,pos,data,NULL,n);
2226 if (Files[fnum].mmap_ptr)
2228 int num = (Files[fnum].mmap_size > pos) ? (Files[fnum].mmap_size - pos) : -1;
2232 memcpy(data,Files[fnum].mmap_ptr+pos,num);
2244 if (seek_file(fnum,pos) != pos)
2246 DEBUG(3,("Failed to seek to %d\n",pos));
2251 readret = read(Files[fnum].fd_ptr->fd,data,n);
2252 if (readret > 0) ret += readret;
2259 /****************************************************************************
2261 ****************************************************************************/
2262 int write_file(int fnum,char *data,int n)
2264 if (!Files[fnum].can_write) {
2269 if (!Files[fnum].modified) {
2271 Files[fnum].modified = True;
2272 if (fstat(Files[fnum].fd_ptr->fd,&st) == 0) {
2273 int dosmode = dos_mode(Files[fnum].cnum,Files[fnum].name,&st);
2274 if (MAP_ARCHIVE(Files[fnum].cnum) && !IS_DOS_ARCHIVE(dosmode)) {
2275 dos_chmod(Files[fnum].cnum,Files[fnum].name,dosmode | aARCH,&st);
2280 return(write_data(Files[fnum].fd_ptr->fd,data,n));
2284 /****************************************************************************
2285 load parameters specific to a connection/service
2286 ****************************************************************************/
2287 BOOL become_service(int cnum,BOOL do_chdir)
2289 extern char magic_char;
2290 static int last_cnum = -1;
2293 if (!OPEN_CNUM(cnum))
2299 Connections[cnum].lastused = smb_last_time;
2304 ChDir(Connections[cnum].connectpath) != 0 &&
2305 ChDir(Connections[cnum].origpath) != 0)
2307 DEBUG(0,("%s chdir (%s) failed cnum=%d\n",timestring(),
2308 Connections[cnum].connectpath,cnum));
2312 if (cnum == last_cnum)
2317 case_default = lp_defaultcase(snum);
2318 case_preserve = lp_preservecase(snum);
2319 short_case_preserve = lp_shortpreservecase(snum);
2320 case_mangle = lp_casemangle(snum);
2321 case_sensitive = lp_casesensitive(snum);
2322 magic_char = lp_magicchar(snum);
2323 use_mangled_map = (*lp_mangled_map(snum) ? True:False);
2328 /****************************************************************************
2329 find a service entry
2330 ****************************************************************************/
2331 int find_service(char *service)
2335 string_sub(service,"\\","/");
2337 iService = lp_servicenumber(service);
2339 /* now handle the special case of a home directory */
2342 char *phome_dir = get_home_dir(service);
2347 * Try mapping the servicename, it may
2348 * be a Windows to unix mapped user name.
2350 if(map_username(service))
2351 phome_dir = get_home_dir(service);
2354 DEBUG(3,("checking for home directory %s gave %s\n",service,
2355 phome_dir?phome_dir:"(NULL)"));
2360 if ((iHomeService = lp_servicenumber(HOMES_NAME)) >= 0)
2362 lp_add_home(service,iHomeService,phome_dir);
2363 iService = lp_servicenumber(service);
2368 /* If we still don't have a service, attempt to add it as a printer. */
2371 int iPrinterService;
2373 if ((iPrinterService = lp_servicenumber(PRINTERS_NAME)) >= 0)
2377 DEBUG(3,("checking whether %s is a valid printer name...\n", service));
2379 if ((pszTemp != NULL) && pcap_printername_ok(service, pszTemp))
2381 DEBUG(3,("%s is a valid printer name\n", service));
2382 DEBUG(3,("adding %s as a printer service\n", service));
2383 lp_add_printer(service,iPrinterService);
2384 iService = lp_servicenumber(service);
2386 DEBUG(0,("failed to add %s as a printer service!\n", service));
2389 DEBUG(3,("%s is not a valid printer name\n", service));
2393 /* just possibly it's a default service? */
2396 char *pdefservice = lp_defaultservice();
2397 if (pdefservice && *pdefservice && !strequal(pdefservice,service))
2400 * We need to do a local copy here as lp_defaultservice()
2401 * returns one of the rotating lp_string buffers that
2402 * could get overwritten by the recursive find_service() call
2403 * below. Fix from Josef Hinteregger <joehtg@joehtg.co.at>.
2406 pstrcpy(defservice, pdefservice);
2407 iService = find_service(defservice);
2410 string_sub(service,"_","/");
2411 iService = lp_add_service(service,iService);
2417 if (!VALID_SNUM(iService))
2419 DEBUG(0,("Invalid snum %d for %s\n",iService,service));
2424 DEBUG(3,("find_service() failed to find service %s\n", service));
2430 /****************************************************************************
2431 create an error packet from a cached error.
2432 ****************************************************************************/
2433 int cached_error_packet(char *inbuf,char *outbuf,int fnum,int line)
2435 write_bmpx_struct *wbmpx = Files[fnum].wbmpx_ptr;
2437 int32 eclass = wbmpx->wr_errclass;
2438 int32 err = wbmpx->wr_error;
2440 /* We can now delete the auxiliary struct */
2441 free((char *)wbmpx);
2442 Files[fnum].wbmpx_ptr = NULL;
2443 return error_packet(inbuf,outbuf,eclass,err,line);
2452 } unix_smb_errmap[] =
2454 {EPERM,ERRDOS,ERRnoaccess},
2455 {EACCES,ERRDOS,ERRnoaccess},
2456 {ENOENT,ERRDOS,ERRbadfile},
2457 {ENOTDIR,ERRDOS,ERRbadpath},
2458 {EIO,ERRHRD,ERRgeneral},
2459 {EBADF,ERRSRV,ERRsrverror},
2460 {EINVAL,ERRSRV,ERRsrverror},
2461 {EEXIST,ERRDOS,ERRfilexists},
2462 {ENFILE,ERRDOS,ERRnofids},
2463 {EMFILE,ERRDOS,ERRnofids},
2464 {ENOSPC,ERRHRD,ERRdiskfull},
2466 {EDQUOT,ERRHRD,ERRdiskfull},
2469 {ENOTEMPTY,ERRDOS,ERRnoaccess},
2472 {EXDEV,ERRDOS,ERRdiffdevice},
2474 {EROFS,ERRHRD,ERRnowrite},
2478 /****************************************************************************
2479 create an error packet from errno
2480 ****************************************************************************/
2481 int unix_error_packet(char *inbuf,char *outbuf,int def_class,uint32 def_code,int line)
2483 int eclass=def_class;
2487 if (unix_ERR_class != SMB_SUCCESS)
2489 eclass = unix_ERR_class;
2490 ecode = unix_ERR_code;
2491 unix_ERR_class = SMB_SUCCESS;
2496 while (unix_smb_errmap[i].smbclass != 0)
2498 if (unix_smb_errmap[i].unixerror == errno)
2500 eclass = unix_smb_errmap[i].smbclass;
2501 ecode = unix_smb_errmap[i].smbcode;
2508 return(error_packet(inbuf,outbuf,eclass,ecode,line));
2512 /****************************************************************************
2513 create an error packet. Normally called using the ERROR() macro
2514 ****************************************************************************/
2515 int error_packet(char *inbuf,char *outbuf,int error_class,uint32 error_code,int line)
2517 int outsize = set_message(outbuf,0,0,True);
2518 int cmd = CVAL(inbuf,smb_com);
2519 int flgs2 = SVAL(outbuf,smb_flg2);
2521 if ((flgs2 & FLAGS2_32_BIT_ERROR_CODES) == FLAGS2_32_BIT_ERROR_CODES)
2523 SIVAL(outbuf,smb_rcls,error_code);
2525 DEBUG(3,("%s 32 bit error packet at line %d cmd=%d (%s) eclass=%08x [%s]\n",
2526 timestring(), line, cmd, smb_fn_name(cmd), error_code, smb_errstr(outbuf)));
2530 CVAL(outbuf,smb_rcls) = error_class;
2531 SSVAL(outbuf,smb_err,error_code);
2532 DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
2535 (int)CVAL(inbuf,smb_com),
2536 smb_fn_name(CVAL(inbuf,smb_com)),
2543 DEBUG(3,("error string = %s\n",strerror(errno)));
2549 #ifndef SIGCLD_IGNORE
2550 /****************************************************************************
2551 this prevents zombie child processes
2552 ****************************************************************************/
2553 static int sig_cld(void)
2555 static int depth = 0;
2558 DEBUG(0,("ERROR: Recursion in sig_cld? Perhaps you need `#define USE_WAITPID'?\n"));
2564 BlockSignals(True,SIGCLD);
2565 DEBUG(5,("got SIGCLD\n"));
2568 while (sys_waitpid((pid_t)-1,(int *)NULL, WNOHANG) > 0);
2572 /* Stevens, Adv. Unix Prog. says that on system V you must call
2573 wait before reinstalling the signal handler, because the kernel
2574 calls the handler from within the signal-call when there is a
2575 child that has exited. This would lead to an infinite recursion
2576 if done vice versa. */
2578 #ifndef DONT_REINSTALL_SIG
2579 #ifdef SIGCLD_IGNORE
2580 signal(SIGCLD, SIG_IGN);
2582 signal(SIGCLD, SIGNAL_CAST sig_cld);
2587 while (wait3(WAIT3_CAST1 NULL, WNOHANG, WAIT3_CAST2 NULL) > 0);
2590 BlockSignals(False,SIGCLD);
2595 /****************************************************************************
2596 this is called when the client exits abruptly
2597 **************************************************************************/
2598 static int sig_pipe(void)
2600 struct cli_state *cli;
2601 BlockSignals(True,SIGPIPE);
2603 if ((cli = server_client()) && cli->initialised) {
2604 DEBUG(3,("lost connection to password server\n"));
2606 #ifndef DONT_REINSTALL_SIG
2607 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2609 BlockSignals(False,SIGPIPE);
2613 exit_server("Got sigpipe\n");
2617 /****************************************************************************
2618 open the socket communication
2619 ****************************************************************************/
2620 static BOOL open_sockets(BOOL is_daemon,int port)
2626 int num_interfaces = iface_count();
2627 int fd_listenset[FD_SETSIZE];
2633 #ifdef SIGCLD_IGNORE
2634 signal(SIGCLD, SIG_IGN);
2636 signal(SIGCLD, SIGNAL_CAST sig_cld);
2642 FD_ZERO(&listen_set);
2644 if(lp_interfaces() && lp_bind_interfaces_only())
2646 /* We have been given an interfaces line, and been
2647 told to only bind to those interfaces. Create a
2648 socket per interface and bind to only these.
2651 if(num_interfaces > FD_SETSIZE)
2653 DEBUG(0,("open_sockets: Too many interfaces specified to bind to. Number was %d \
2654 max can be %d\n", num_interfaces, FD_SETSIZE));
2658 /* Now open a listen socket for each of the interfaces. */
2659 for(i = 0; i < num_interfaces; i++)
2661 struct in_addr *ifip = iface_n_ip(i);
2665 DEBUG(0,("open_sockets: interface %d has NULL IP address !\n", i));
2668 s = fd_listenset[i] = open_socket_in(SOCK_STREAM, port, 0, ifip->s_addr);
2671 /* ready to listen */
2672 if (listen(s, 5) == -1)
2674 DEBUG(0,("listen: %s\n",strerror(errno)));
2678 FD_SET(s,&listen_set);
2683 /* Just bind to 0.0.0.0 - accept connections from anywhere. */
2686 /* open an incoming socket */
2687 s = open_socket_in(SOCK_STREAM, port, 0,interpret_addr(lp_socket_address()));
2691 /* ready to listen */
2692 if (listen(s, 5) == -1)
2694 DEBUG(0,("open_sockets: listen: %s\n",strerror(errno)));
2699 fd_listenset[0] = s;
2700 FD_SET(s,&listen_set);
2703 /* now accept incoming connections - forking a new process
2704 for each incoming connection */
2705 DEBUG(2,("waiting for a connection\n"));
2711 memcpy((char *)&lfds, (char *)&listen_set, sizeof(listen_set));
2713 num = sys_select(&lfds,NULL);
2715 if (num == -1 && errno == EINTR)
2718 /* Find the sockets that are read-ready - accept on these. */
2719 for( ; num > 0; num--)
2721 struct sockaddr addr;
2722 int in_addrlen = sizeof(addr);
2725 for(i = 0; i < num_interfaces; i++)
2727 if(FD_ISSET(fd_listenset[i],&lfds))
2729 s = fd_listenset[i];
2730 /* Clear this so we don't look at it again. */
2731 FD_CLR(fd_listenset[i],&lfds);
2736 Client = accept(s,&addr,&in_addrlen);
2738 if (Client == -1 && errno == EINTR)
2743 DEBUG(0,("open_sockets: accept: %s\n",strerror(errno)));
2747 #ifdef NO_FORK_DEBUG
2748 #ifndef NO_SIGNAL_TEST
2749 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2750 signal(SIGCLD, SIGNAL_CAST SIG_DFL);
2751 #endif /* NO_SIGNAL_TEST */
2753 #else /* NO_FORK_DEBUG */
2754 if (Client != -1 && fork()==0)
2756 /* Child code ... */
2758 #ifndef NO_SIGNAL_TEST
2759 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2760 signal(SIGCLD, SIGNAL_CAST SIG_DFL);
2761 #endif /* NO_SIGNAL_TEST */
2762 /* close the listening socket(s) */
2763 for(i = 0; i < num_interfaces; i++)
2764 close(fd_listenset[i]);
2766 /* close our standard file descriptors */
2770 set_socket_options(Client,"SO_KEEPALIVE");
2771 set_socket_options(Client,user_socket_options);
2773 /* Reset global variables in util.c so that
2774 client substitutions will be done correctly
2777 reset_globals_after_fork();
2780 close(Client); /* The parent doesn't need this socket */
2781 #endif /* NO_FORK_DEBUG */
2784 } /* end if is_daemon */
2787 /* Started from inetd. fd 0 is the socket. */
2788 /* We will abort gracefully when the client or remote system
2790 #ifndef NO_SIGNAL_TEST
2791 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2795 /* close our standard file descriptors */
2798 set_socket_options(Client,"SO_KEEPALIVE");
2799 set_socket_options(Client,user_socket_options);
2805 /****************************************************************************
2806 process an smb from the client - split out from the process() code so
2807 it can be used by the oplock break code.
2808 ****************************************************************************/
2810 static void process_smb(char *inbuf, char *outbuf)
2814 extern BOOL sslEnabled; /* don't use function for performance reasons */
2815 static int sslConnected = 0;
2816 #endif /* USE_SSL */
2817 static int trans_num;
2818 int msg_type = CVAL(inbuf,0);
2819 int32 len = smb_len(inbuf);
2820 int nread = len + 4;
2822 if (trans_num == 0) {
2823 /* on the first packet, check the global hosts allow/ hosts
2824 deny parameters before doing any parsing of the packet
2825 passed to us by the client. This prevents attacks on our
2826 parsing code from hosts not in the hosts allow list */
2827 if (!check_access(-1)) {
2828 /* send a negative session response "not listining on calling
2830 static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
2831 DEBUG(1,("%s Connection denied from %s\n",
2832 timestring(),client_addr(Client)));
2833 send_smb(Client,(char *)buf);
2834 exit_server("connection denied");
2838 DEBUG(6,("got message type 0x%x of len 0x%x\n",msg_type,len));
2839 DEBUG(3,("%s Transaction %d of length %d\n",timestring(),trans_num,nread));
2842 if(sslEnabled && !sslConnected){
2843 sslConnected = sslutil_negotiate_ssl(Client, msg_type);
2844 if(sslConnected < 0){ /* an error occured */
2845 exit_server("SSL negotiation failed");
2846 }else if(sslConnected){
2851 #endif /* USE_SSL */
2854 if(trans_num == 1 && VT_Check(inbuf))
2863 else if(msg_type == 0x85)
2864 return; /* Keepalive packet. */
2866 nread = construct_reply(inbuf,outbuf,nread,max_send);
2870 if (CVAL(outbuf,0) == 0)
2873 if (nread != smb_len(outbuf) + 4)
2875 DEBUG(0,("ERROR: Invalid message response size! %d %d\n",
2876 nread, smb_len(outbuf)));
2879 send_smb(Client,outbuf);
2884 /****************************************************************************
2885 open the oplock IPC socket communication
2886 ****************************************************************************/
2887 static BOOL open_oplock_ipc(void)
2889 struct sockaddr_in sock_name;
2890 int len = sizeof(sock_name);
2892 DEBUG(3,("open_oplock_ipc: opening loopback UDP socket.\n"));
2894 /* Open a lookback UDP socket on a random port. */
2895 oplock_sock = open_socket_in(SOCK_DGRAM, 0, 0, htonl(INADDR_LOOPBACK));
2896 if (oplock_sock == -1)
2898 DEBUG(0,("open_oplock_ipc: Failed to get local UDP socket for \
2899 address %x. Error was %s\n", htonl(INADDR_LOOPBACK), strerror(errno)));
2904 /* Find out the transient UDP port we have been allocated. */
2905 if(getsockname(oplock_sock, (struct sockaddr *)&sock_name, &len)<0)
2907 DEBUG(0,("open_oplock_ipc: Failed to get local UDP port. Error was %s\n",
2914 oplock_port = ntohs(sock_name.sin_port);
2916 DEBUG(3,("open_oplock ipc: pid = %d, oplock_port = %u\n",
2917 getpid(), oplock_port));
2922 /****************************************************************************
2923 process an oplock break message.
2924 ****************************************************************************/
2925 static BOOL process_local_message(int sock, char *buffer, int buf_size)
2931 msg_len = IVAL(buffer,UDP_CMD_LEN_OFFSET);
2932 from_port = SVAL(buffer,UDP_CMD_PORT_OFFSET);
2934 msg_start = &buffer[UDP_CMD_HEADER_LEN];
2936 DEBUG(5,("process_local_message: Got a message of length %d from port (%d)\n",
2937 msg_len, from_port));
2939 /* Switch on message command - currently OPLOCK_BREAK_CMD is the
2940 only valid request. */
2942 switch(SVAL(msg_start,UDP_MESSAGE_CMD_OFFSET))
2944 case OPLOCK_BREAK_CMD:
2945 /* Ensure that the msg length is correct. */
2946 if(msg_len != OPLOCK_BREAK_MSG_LEN)
2948 DEBUG(0,("process_local_message: incorrect length for OPLOCK_BREAK_CMD (was %d, \
2949 should be %d).\n", msg_len, OPLOCK_BREAK_MSG_LEN));
2953 uint32 remotepid = IVAL(msg_start,OPLOCK_BREAK_PID_OFFSET);
2954 uint32 dev = IVAL(msg_start,OPLOCK_BREAK_DEV_OFFSET);
2955 uint32 inode = IVAL(msg_start, OPLOCK_BREAK_INODE_OFFSET);
2956 struct timeval tval;
2957 struct sockaddr_in toaddr;
2959 tval.tv_sec = IVAL(msg_start, OPLOCK_BREAK_SEC_OFFSET);
2960 tval.tv_usec = IVAL(msg_start, OPLOCK_BREAK_USEC_OFFSET);
2962 DEBUG(5,("process_local_message: oplock break request from \
2963 pid %d, port %d, dev = %x, inode = %x\n", remotepid, from_port, dev, inode));
2966 * If we have no record of any currently open oplocks,
2967 * it's not an error, as a close command may have
2968 * just been issued on the file that was oplocked.
2969 * Just return success in this case.
2972 if(global_oplocks_open != 0)
2974 if(oplock_break(dev, inode, &tval) == False)
2976 DEBUG(0,("process_local_message: oplock break failed - \
2977 not returning udp message.\n"));
2983 DEBUG(3,("process_local_message: oplock break requested with no outstanding \
2984 oplocks. Returning success.\n"));
2987 /* Send the message back after OR'ing in the 'REPLY' bit. */
2988 SSVAL(msg_start,UDP_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD | CMD_REPLY);
2990 bzero((char *)&toaddr,sizeof(toaddr));
2991 toaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
2992 toaddr.sin_port = htons(from_port);
2993 toaddr.sin_family = AF_INET;
2995 if(sendto( sock, msg_start, OPLOCK_BREAK_MSG_LEN, 0,
2996 (struct sockaddr *)&toaddr, sizeof(toaddr)) < 0)
2998 DEBUG(0,("process_local_message: sendto process %d failed. Errno was %s\n",
2999 remotepid, strerror(errno)));
3003 DEBUG(5,("process_local_message: oplock break reply sent to \
3004 pid %d, port %d, for file dev = %x, inode = %x\n", remotepid,
3005 from_port, dev, inode));
3010 * Keep this as a debug case - eventually we can remove it.
3013 DEBUG(0,("process_local_message: Received unsolicited break \
3014 reply - dumping info.\n"));
3016 if(msg_len != OPLOCK_BREAK_MSG_LEN)
3018 DEBUG(0,("process_local_message: ubr: incorrect length for reply \
3019 (was %d, should be %d).\n", msg_len, OPLOCK_BREAK_MSG_LEN));
3024 uint32 remotepid = IVAL(msg_start,OPLOCK_BREAK_PID_OFFSET);
3025 uint32 dev = IVAL(msg_start,OPLOCK_BREAK_DEV_OFFSET);
3026 uint32 inode = IVAL(msg_start, OPLOCK_BREAK_INODE_OFFSET);
3028 DEBUG(0,("process_local_message: unsolicited oplock break reply from \
3029 pid %d, port %d, dev = %x, inode = %x\n", remotepid, from_port, dev, inode));
3035 DEBUG(0,("process_local_message: unknown UDP message command code (%x) - ignoring.\n",
3036 (unsigned int)SVAL(msg_start,0)));
3042 /****************************************************************************
3043 Process an oplock break directly.
3044 ****************************************************************************/
3045 BOOL oplock_break(uint32 dev, uint32 inode, struct timeval *tval)
3047 extern struct current_user current_user;
3050 char *outbuf = NULL;
3051 files_struct *fsp = NULL;
3054 BOOL shutdown_server = False;
3059 DEBUG(3,("%s oplock_break: called for dev = %x, inode = %x. Current \
3060 global_oplocks_open = %d\n", timestring(), dev, inode, global_oplocks_open));
3062 /* We need to search the file open table for the
3063 entry containing this dev and inode, and ensure
3064 we have an oplock on it. */
3065 for( fnum = 0; fnum < MAX_OPEN_FILES; fnum++)
3069 if((Files[fnum].fd_ptr->dev == dev) && (Files[fnum].fd_ptr->inode == inode) &&
3070 (Files[fnum].open_time.tv_sec == tval->tv_sec) &&
3071 (Files[fnum].open_time.tv_usec == tval->tv_usec)) {
3080 /* The file could have been closed in the meantime - return success. */
3081 DEBUG(0,("%s oplock_break: cannot find open file with dev = %x, inode = %x (fnum = %d) \
3082 allowing break to succeed.\n", timestring(), dev, inode, fnum));
3086 /* Ensure we have an oplock on the file */
3088 /* There is a potential race condition in that an oplock could
3089 have been broken due to another udp request, and yet there are
3090 still oplock break messages being sent in the udp message
3091 queue for this file. So return true if we don't have an oplock,
3092 as we may have just freed it.
3095 if(!fsp->granted_oplock)
3097 DEBUG(0,("%s oplock_break: file %s (fnum = %d, dev = %x, inode = %x) has no oplock. Allowing break to succeed regardless.\n", timestring(), fsp->name, fnum, dev, inode));
3101 /* mark the oplock break as sent - we don't want to send twice! */
3102 if (fsp->sent_oplock_break)
3104 DEBUG(0,("%s oplock_break: ERROR: oplock_break already sent for file %s (fnum = %d, dev = %x, inode = %x)\n", timestring(), fsp->name, fnum, dev, inode));
3106 /* We have to fail the open here as we cannot send another oplock break on this
3107 file whilst we are awaiting a response from the client - neither can we
3108 allow another open to succeed while we are waiting for the client. */
3112 /* Now comes the horrid part. We must send an oplock break to the client,
3113 and then process incoming messages until we get a close or oplock release.
3114 At this point we know we need a new inbuf/outbuf buffer pair.
3115 We cannot use these staticaly as we may recurse into here due to
3116 messages crossing on the wire.
3119 if((inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
3121 DEBUG(0,("oplock_break: malloc fail for input buffer.\n"));
3125 if((outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
3127 DEBUG(0,("oplock_break: malloc fail for output buffer.\n"));
3133 /* Prepare the SMBlockingX message. */
3134 bzero(outbuf,smb_size);
3135 set_message(outbuf,8,0,True);
3137 SCVAL(outbuf,smb_com,SMBlockingX);
3138 SSVAL(outbuf,smb_tid,fsp->cnum);
3139 SSVAL(outbuf,smb_pid,0xFFFF);
3140 SSVAL(outbuf,smb_uid,0);
3141 SSVAL(outbuf,smb_mid,0xFFFF);
3142 SCVAL(outbuf,smb_vwv0,0xFF);
3143 SSVAL(outbuf,smb_vwv2,fnum);
3144 SCVAL(outbuf,smb_vwv3,LOCKING_ANDX_OPLOCK_RELEASE);
3145 /* Change this when we have level II oplocks. */
3146 SCVAL(outbuf,smb_vwv3+1,OPLOCKLEVEL_NONE);
3148 send_smb(Client, outbuf);
3150 /* Remember we just sent an oplock break on this file. */
3151 fsp->sent_oplock_break = True;
3153 /* We need this in case a readraw crosses on the wire. */
3154 global_oplock_break = True;
3156 /* Process incoming messages. */
3158 /* JRA - If we don't get a break from the client in OPLOCK_BREAK_TIMEOUT
3159 seconds we should just die.... */
3161 start_time = time(NULL);
3164 * Save the information we need to re-become the
3165 * user, then unbecome the user whilst we're doing this.
3167 saved_cnum = fsp->cnum;
3168 saved_vuid = current_user.vuid;
3172 while(OPEN_FNUM(fnum) && fsp->granted_oplock)
3174 if(receive_smb(Client,inbuf,OPLOCK_BREAK_TIMEOUT * 1000) == False)
3177 * Die if we got an error.
3180 if (smb_read_error == READ_EOF)
3181 DEBUG(0,("%s oplock_break: end of file from client\n", timestring()));
3183 if (smb_read_error == READ_ERROR)
3184 DEBUG(0,("%s oplock_break: receive_smb error (%s)\n",
3185 timestring(), strerror(errno)));
3187 if (smb_read_error == READ_TIMEOUT)
3188 DEBUG(0,("%s oplock_break: receive_smb timed out after %d seconds.\n",
3189 timestring(), OPLOCK_BREAK_TIMEOUT));
3191 DEBUG(0,("%s oplock_break failed for file %s (fnum = %d, dev = %x, \
3192 inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
3193 shutdown_server = True;
3198 * There are certain SMB requests that we shouldn't allow
3199 * to recurse. opens, renames and deletes are the obvious
3200 * ones. This is handled in the switch_message() function.
3201 * If global_oplock_break is set they will push the packet onto
3202 * the pending smb queue and return -1 (no reply).
3206 process_smb(inbuf, outbuf);
3209 * Die if we go over the time limit.
3212 if((time(NULL) - start_time) > OPLOCK_BREAK_TIMEOUT)
3214 DEBUG(0,("%s oplock_break: no break received from client within \
3215 %d seconds.\n", timestring(), OPLOCK_BREAK_TIMEOUT));
3216 DEBUG(0,("%s oplock_break failed for file %s (fnum = %d, dev = %x, \
3217 inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
3218 shutdown_server = True;
3224 * Go back to being the user who requested the oplock
3227 if(!become_user(&Connections[saved_cnum], saved_cnum, saved_vuid))
3229 DEBUG(0,("%s oplock_break: unable to re-become user ! Shutting down server\n",
3233 exit_server("unable to re-become user");
3235 /* Including the directory. */
3238 /* Free the buffers we've been using to recurse. */
3242 /* We need this in case a readraw crossed on the wire. */
3243 if(global_oplock_break)
3244 global_oplock_break = False;
3247 * If the client did not respond we must die.
3252 DEBUG(0,("%s oplock_break: client failure in break - shutting down this smbd.\n",
3256 exit_server("oplock break failure");
3261 /* The lockingX reply will have removed the oplock flag
3262 from the sharemode. */
3264 fsp->granted_oplock = False;
3265 fsp->sent_oplock_break = False;
3266 global_oplocks_open--;
3269 /* Santity check - remove this later. JRA */
3270 if(global_oplocks_open < 0)
3272 DEBUG(0,("oplock_break: global_oplocks_open < 0 (%d). PANIC ERROR\n",
3273 global_oplocks_open));
3274 exit_server("oplock_break: global_oplocks_open < 0");
3277 DEBUG(3,("%s oplock_break: returning success for fnum = %d, dev = %x, inode = %x. Current \
3278 global_oplocks_open = %d\n", timestring(), fnum, dev, inode, global_oplocks_open));
3283 /****************************************************************************
3284 Send an oplock break message to another smbd process. If the oplock is held
3285 by the local smbd then call the oplock break function directly.
3286 ****************************************************************************/
3288 BOOL request_oplock_break(share_mode_entry *share_entry,
3289 uint32 dev, uint32 inode)
3291 char op_break_msg[OPLOCK_BREAK_MSG_LEN];
3292 struct sockaddr_in addr_out;
3297 if(pid == share_entry->pid)
3299 /* We are breaking our own oplock, make sure it's us. */
3300 if(share_entry->op_port != oplock_port)
3302 DEBUG(0,("request_oplock_break: corrupt share mode entry - pid = %d, port = %d \
3303 should be %d\n", pid, share_entry->op_port, oplock_port));
3307 DEBUG(5,("request_oplock_break: breaking our own oplock\n"));
3309 /* Call oplock break direct. */
3310 return oplock_break(dev, inode, &share_entry->time);
3313 /* We need to send a OPLOCK_BREAK_CMD message to the
3314 port in the share mode entry. */
3316 SSVAL(op_break_msg,UDP_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD);
3317 SIVAL(op_break_msg,OPLOCK_BREAK_PID_OFFSET,pid);
3318 SIVAL(op_break_msg,OPLOCK_BREAK_DEV_OFFSET,dev);
3319 SIVAL(op_break_msg,OPLOCK_BREAK_INODE_OFFSET,inode);
3320 SIVAL(op_break_msg,OPLOCK_BREAK_SEC_OFFSET,(uint32)share_entry->time.tv_sec);
3321 SIVAL(op_break_msg,OPLOCK_BREAK_USEC_OFFSET,(uint32)share_entry->time.tv_usec);
3323 /* set the address and port */
3324 bzero((char *)&addr_out,sizeof(addr_out));
3325 addr_out.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
3326 addr_out.sin_port = htons( share_entry->op_port );
3327 addr_out.sin_family = AF_INET;
3329 DEBUG(3,("%s request_oplock_break: sending a oplock break message to pid %d on port %d \
3330 for dev = %x, inode = %x\n", timestring(), share_entry->pid, share_entry->op_port, dev, inode));
3332 if(sendto(oplock_sock,op_break_msg,OPLOCK_BREAK_MSG_LEN,0,
3333 (struct sockaddr *)&addr_out,sizeof(addr_out)) < 0)
3335 DEBUG(0,("%s request_oplock_break: failed when sending a oplock break message \
3336 to pid %d on port %d for dev = %x, inode = %x. Error was %s\n",
3337 timestring(), share_entry->pid, share_entry->op_port, dev, inode,
3343 * Now we must await the oplock broken message coming back
3344 * from the target smbd process. Timeout if it fails to
3345 * return in (OPLOCK_BREAK_TIMEOUT + OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR) seconds.
3346 * While we get messages that aren't ours, loop.
3349 start_time = time(NULL);
3350 time_left = OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR;
3352 while(time_left >= 0)
3354 char op_break_reply[UDP_CMD_HEADER_LEN+OPLOCK_BREAK_MSG_LEN];
3355 int32 reply_msg_len;
3356 uint16 reply_from_port;
3357 char *reply_msg_start;
3359 if(receive_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply),
3360 time_left ? time_left * 1000 : 1) == False)
3362 if(smb_read_error == READ_TIMEOUT)
3364 DEBUG(0,("%s request_oplock_break: no response received to oplock break request to \
3365 pid %d on port %d for dev = %x, inode = %x\n", timestring(), share_entry->pid,
3366 share_entry->op_port, dev, inode));
3368 * This is a hack to make handling of failing clients more robust.
3369 * If a oplock break response message is not received in the timeout
3370 * period we may assume that the smbd servicing that client holding
3371 * the oplock has died and the client changes were lost anyway, so
3372 * we should continue to try and open the file.
3377 DEBUG(0,("%s request_oplock_break: error in response received to oplock break request to \
3378 pid %d on port %d for dev = %x, inode = %x. Error was (%s).\n", timestring, share_entry->pid,
3379 share_entry->op_port, dev, inode, strerror(errno)));
3383 reply_msg_len = IVAL(op_break_reply,UDP_CMD_LEN_OFFSET);
3384 reply_from_port = SVAL(op_break_reply,UDP_CMD_PORT_OFFSET);
3386 reply_msg_start = &op_break_reply[UDP_CMD_HEADER_LEN];
3388 if(reply_msg_len != OPLOCK_BREAK_MSG_LEN)
3391 DEBUG(0,("%s request_oplock_break: invalid message length received. Ignoring\n",
3397 * Test to see if this is the reply we are awaiting.
3400 if((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) &&
3401 (reply_from_port == share_entry->op_port) &&
3402 (memcmp(&reply_msg_start[OPLOCK_BREAK_PID_OFFSET],
3403 &op_break_msg[OPLOCK_BREAK_PID_OFFSET],
3404 OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) == 0))
3407 * This is the reply we've been waiting for.
3414 * This is another message - probably a break request.
3415 * Process it to prevent potential deadlock.
3416 * Note that the code in switch_message() prevents
3417 * us from recursing into here as any SMB requests
3418 * we might process that would cause another oplock
3419 * break request to be made will be queued.
3423 process_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply));
3426 time_left -= (time(NULL) - start_time);
3429 DEBUG(3,("%s request_oplock_break: broke oplock.\n", timestring()));
3434 /****************************************************************************
3435 Get the next SMB packet, doing the local message processing automatically.
3436 ****************************************************************************/
3438 BOOL receive_next_smb(int smbfd, int oplockfd, char *inbuf, int bufsize, int timeout)
3440 BOOL got_smb = False;
3445 ret = receive_message_or_smb(smbfd,oplockfd,inbuf,bufsize,
3450 /* Deal with oplock break requests from other smbd's. */
3451 process_local_message(oplock_sock, inbuf, bufsize);
3455 if(ret && (CVAL(inbuf,0) == 0x85))
3457 /* Keepalive packet. */
3462 while(ret && !got_smb);
3467 /****************************************************************************
3468 check if a snum is in use
3469 ****************************************************************************/
3470 BOOL snum_used(int snum)
3473 for (i=0;i<MAX_CONNECTIONS;i++)
3474 if (OPEN_CNUM(i) && (SNUM(i) == snum))
3479 /****************************************************************************
3480 reload the services file
3481 **************************************************************************/
3482 BOOL reload_services(BOOL test)
3489 pstrcpy(fname,lp_configfile());
3490 if (file_exist(fname,NULL) && !strcsequal(fname,servicesf))
3492 pstrcpy(servicesf,fname);
3499 if (test && !lp_file_list_changed())
3502 lp_killunused(snum_used);
3504 ret = lp_load(servicesf,False,False,True);
3506 /* perhaps the config filename is now set */
3508 reload_services(True);
3517 set_socket_options(Client,"SO_KEEPALIVE");
3518 set_socket_options(Client,user_socket_options);
3522 reset_mangled_cache();
3524 /* this forces service parameters to be flushed */
3525 become_service(-1,True);
3532 /****************************************************************************
3533 this prevents zombie child processes
3534 ****************************************************************************/
3535 static BOOL reload_after_sighup = False;
3537 static int sig_hup(void)
3539 BlockSignals(True,SIGHUP);
3540 DEBUG(0,("Got SIGHUP\n"));
3543 * Fix from <branko.cibej@hermes.si> here.
3544 * We used to reload in the signal handler - this
3548 reload_after_sighup = True;
3549 #ifndef DONT_REINSTALL_SIG
3550 signal(SIGHUP,SIGNAL_CAST sig_hup);
3552 BlockSignals(False,SIGHUP);
3557 /****************************************************************************
3558 make a connection to a service
3559 ****************************************************************************/
3560 int make_connection(char *service,char *user,char *password, int pwlen, char *dev,uint16 vuid)
3564 struct passwd *pass = NULL;
3565 connection_struct *pcon;
3571 snum = find_service(service);
3575 if (strequal(service,"IPC$"))
3577 DEBUG(3,("%s refusing IPC connection\n",timestring()));
3581 DEBUG(0,("%s %s (%s) couldn't find service %s\n",timestring(),remote_machine,client_addr(Client),service));
3585 if (strequal(service,HOMES_NAME))
3587 if (*user && Get_Pwnam(user,True))
3588 return(make_connection(user,user,password,pwlen,dev,vuid));
3590 if(lp_security() != SEC_SHARE)
3592 if (validated_username(vuid))
3594 pstrcpy(user,validated_username(vuid));
3595 return(make_connection(user,user,password,pwlen,dev,vuid));
3601 * Security = share. Try with sesssetup_user as the username.
3605 pstrcpy(user,sesssetup_user);
3606 return(make_connection(user,user,password,pwlen,dev,vuid));
3611 if (!lp_snum_ok(snum) || !check_access(snum)) {
3615 /* you can only connect to the IPC$ service as an ipc device */
3616 if (strequal(service,"IPC$"))
3619 if (*dev == '?' || !*dev)
3621 if (lp_print_ok(snum))
3622 pstrcpy(dev,"LPT1:");
3627 /* if the request is as a printer and you can't print then refuse */
3629 if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) {
3630 DEBUG(1,("Attempt to connect to non-printer as a printer\n"));
3634 /* lowercase the user name */
3637 /* add it as a possible user name */
3638 add_session_user(service);
3640 /* shall we let them in? */
3641 if (!authorise_login(snum,user,password,pwlen,&guest,&force,vuid))
3643 DEBUG(2,("%s invalid username/password for %s\n",timestring(),service));
3647 cnum = find_free_connection(str_checksum(service) + str_checksum(user));
3650 DEBUG(0,("%s couldn't find free connection\n",timestring()));
3654 pcon = &Connections[cnum];
3655 bzero((char *)pcon,sizeof(*pcon));
3657 /* find out some info about the user */
3658 pass = Get_Pwnam(user,True);
3662 DEBUG(0,("%s couldn't find account %s\n",timestring(),user));
3666 pcon->read_only = lp_readonly(snum);
3670 StrnCpy(list,lp_readlist(snum),sizeof(pstring)-1);
3671 string_sub(list,"%S",service);
3673 if (user_in_list(user,list))
3674 pcon->read_only = True;
3676 StrnCpy(list,lp_writelist(snum),sizeof(pstring)-1);
3677 string_sub(list,"%S",service);
3679 if (user_in_list(user,list))
3680 pcon->read_only = False;
3683 /* admin user check */
3685 /* JRA - original code denied admin user if the share was
3686 marked read_only. Changed as I don't think this is needed,
3687 but old code left in case there is a problem here.
3689 if (user_in_list(user,lp_admin_users(snum))
3691 && !pcon->read_only)
3696 pcon->admin_user = True;
3697 DEBUG(0,("%s logged in as admin user (root privileges)\n",user));
3700 pcon->admin_user = False;
3702 pcon->force_user = force;
3704 pcon->uid = pass->pw_uid;
3705 pcon->gid = pass->pw_gid;
3706 pcon->num_files_open = 0;
3707 pcon->lastused = time(NULL);
3708 pcon->service = snum;
3710 pcon->printer = (strncmp(dev,"LPT",3) == 0);
3711 pcon->ipc = (strncmp(dev,"IPC",3) == 0);
3712 pcon->dirptr = NULL;
3713 pcon->veto_list = NULL;
3714 pcon->hide_list = NULL;
3715 pcon->veto_oplock_list = NULL;
3716 string_set(&pcon->dirpath,"");
3717 string_set(&pcon->user,user);
3720 if (*lp_force_group(snum))
3725 StrnCpy(gname,lp_force_group(snum),sizeof(pstring)-1);
3726 /* default service may be a group name */
3727 string_sub(gname,"%S",service);
3728 gptr = (struct group *)getgrnam(gname);
3732 pcon->gid = gptr->gr_gid;
3733 DEBUG(3,("Forced group %s\n",gname));
3736 DEBUG(1,("Couldn't find group %s\n",gname));
3740 if (*lp_force_user(snum))
3742 struct passwd *pass2;
3744 fstrcpy(fuser,lp_force_user(snum));
3745 pass2 = (struct passwd *)Get_Pwnam(fuser,True);
3748 pcon->uid = pass2->pw_uid;
3749 string_set(&pcon->user,fuser);
3750 fstrcpy(user,fuser);
3751 pcon->force_user = True;
3752 DEBUG(3,("Forced user %s\n",fuser));
3755 DEBUG(1,("Couldn't find user %s\n",fuser));
3760 pstrcpy(s,lp_pathname(snum));
3761 standard_sub(cnum,s);
3762 string_set(&pcon->connectpath,s);
3763 DEBUG(3,("Connect path is %s\n",s));
3766 /* groups stuff added by ih */
3768 pcon->igroups = NULL;
3769 pcon->groups = NULL;
3774 /* Find all the groups this uid is in and store them. Used by become_user() */
3775 setup_groups(pcon->user,pcon->uid,pcon->gid,
3776 &pcon->ngroups,&pcon->igroups,&pcon->groups,&pcon->attrs);
3778 /* check number of connections */
3779 if (!claim_connection(cnum,
3780 lp_servicename(SNUM(cnum)),
3781 lp_max_connections(SNUM(cnum)),False))
3783 DEBUG(1,("too many connections - rejected\n"));
3787 if (lp_status(SNUM(cnum)))
3788 claim_connection(cnum,"STATUS.",MAXSTATUS,False);
3793 /* execute any "root preexec = " line */
3794 if (*lp_rootpreexec(SNUM(cnum)))
3797 pstrcpy(cmd,lp_rootpreexec(SNUM(cnum)));
3798 standard_sub(cnum,cmd);
3799 DEBUG(5,("cmd=%s\n",cmd));
3800 smbrun(cmd,NULL,False);
3803 if (!become_user(&Connections[cnum], cnum,pcon->vuid))
3805 DEBUG(0,("Can't become connected user!\n"));
3807 if (!IS_IPC(cnum)) {
3808 yield_connection(cnum,
3809 lp_servicename(SNUM(cnum)),
3810 lp_max_connections(SNUM(cnum)));
3811 if (lp_status(SNUM(cnum))) yield_connection(cnum,"STATUS.",MAXSTATUS);
3816 if (ChDir(pcon->connectpath) != 0)
3818 DEBUG(0,("Can't change directory to %s (%s)\n",
3819 pcon->connectpath,strerror(errno)));
3822 if (!IS_IPC(cnum)) {
3823 yield_connection(cnum,
3824 lp_servicename(SNUM(cnum)),
3825 lp_max_connections(SNUM(cnum)));
3826 if (lp_status(SNUM(cnum))) yield_connection(cnum,"STATUS.",MAXSTATUS);
3831 string_set(&pcon->origpath,pcon->connectpath);
3833 #if SOFTLINK_OPTIMISATION
3834 /* resolve any soft links early */
3837 pstrcpy(s,pcon->connectpath);
3839 string_set(&pcon->connectpath,s);
3840 ChDir(pcon->connectpath);
3844 num_connections_open++;
3845 add_session_user(user);
3847 /* execute any "preexec = " line */
3848 if (*lp_preexec(SNUM(cnum)))
3851 pstrcpy(cmd,lp_preexec(SNUM(cnum)));
3852 standard_sub(cnum,cmd);
3853 smbrun(cmd,NULL,False);
3856 /* we've finished with the sensitive stuff */
3859 /* Add veto/hide lists */
3860 if (!IS_IPC(cnum) && !IS_PRINT(cnum))
3862 set_namearray( &pcon->veto_list, lp_veto_files(SNUM(cnum)));
3863 set_namearray( &pcon->hide_list, lp_hide_files(SNUM(cnum)));
3864 set_namearray( &pcon->veto_oplock_list, lp_veto_oplocks(SNUM(cnum)));
3869 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
3872 client_addr(Client),
3873 lp_servicename(SNUM(cnum)),user,
3882 /****************************************************************************
3883 Attempt to break an oplock on a file (if oplocked).
3884 Returns True if the file was closed as a result of
3885 the oplock break, False otherwise.
3886 Used as a last ditch attempt to free a space in the
3887 file table when we have run out.
3888 ****************************************************************************/
3890 static BOOL attempt_close_oplocked_file(files_struct *fp)
3893 DEBUG(5,("attempt_close_oplocked_file: checking file %s.\n", fp->name));
3895 if (fp->open && fp->granted_oplock && !fp->sent_oplock_break) {
3897 /* Try and break the oplock. */
3898 file_fd_struct *fsp = fp->fd_ptr;
3899 if(oplock_break( fsp->dev, fsp->inode, &fp->open_time)) {
3900 if(!fp->open) /* Did the oplock break close the file ? */
3908 /****************************************************************************
3909 find first available file slot
3910 ****************************************************************************/
3911 int find_free_file(void )
3914 static int first_file;
3916 /* we want to give out file handles differently on each new
3917 connection because of a common bug in MS clients where they try to
3918 reuse a file descriptor from an earlier smb connection. This code
3919 increases the chance that the errant client will get an error rather
3920 than causing corruption */
3921 if (first_file == 0) {
3922 first_file = (getpid() ^ (int)time(NULL)) % MAX_OPEN_FILES;
3923 if (first_file == 0) first_file = 1;
3926 if (first_file >= MAX_OPEN_FILES)
3929 for (i=first_file;i<MAX_OPEN_FILES;i++)
3930 if (!Files[i].open && !Files[i].reserved) {
3931 memset(&Files[i], 0, sizeof(Files[i]));
3933 Files[i].reserved = True;
3937 /* returning a file handle of 0 is a bad idea - so we start at 1 */
3938 for (i=1;i<first_file;i++)
3939 if (!Files[i].open && !Files[i].reserved) {
3940 memset(&Files[i], 0, sizeof(Files[i]));
3942 Files[i].reserved = True;
3947 * Before we give up, go through the open files
3948 * and see if there are any files opened with a
3949 * batch oplock. If so break the oplock and then
3950 * re-use that entry (if it becomes closed).
3951 * This may help as NT/95 clients tend to keep
3952 * files batch oplocked for quite a long time
3953 * after they have finished with them.
3955 for (i=first_file;i<MAX_OPEN_FILES;i++) {
3956 if(attempt_close_oplocked_file( &Files[i])) {
3957 memset(&Files[i], 0, sizeof(Files[i]));
3959 Files[i].reserved = True;
3964 for (i=1;i<MAX_OPEN_FILES;i++) {
3965 if(attempt_close_oplocked_file( &Files[i])) {
3966 memset(&Files[i], 0, sizeof(Files[i]));
3968 Files[i].reserved = True;
3973 DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
3977 /****************************************************************************
3978 find first available connection slot, starting from a random position.
3979 The randomisation stops problems with the server dieing and clients
3980 thinking the server is still available.
3981 ****************************************************************************/
3982 static int find_free_connection(int hash )
3986 hash = (hash % (MAX_CONNECTIONS-2))+1;
3990 for (i=hash+1;i!=hash;)
3992 if (!Connections[i].open && Connections[i].used == used)
3994 DEBUG(3,("found free connection number %d\n",i));
3998 if (i == MAX_CONNECTIONS)
4008 DEBUG(1,("ERROR! Out of connection structures\n"));
4013 /****************************************************************************
4014 reply for the core protocol
4015 ****************************************************************************/
4016 int reply_corep(char *outbuf)
4018 int outsize = set_message(outbuf,1,0,True);
4020 Protocol = PROTOCOL_CORE;
4026 /****************************************************************************
4027 reply for the coreplus protocol
4028 ****************************************************************************/
4029 int reply_coreplus(char *outbuf)
4031 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
4032 int outsize = set_message(outbuf,13,0,True);
4033 SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
4034 readbraw and writebraw (possibly) */
4035 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
4036 SSVAL(outbuf,smb_vwv1,0x1); /* user level security, don't encrypt */
4038 Protocol = PROTOCOL_COREPLUS;
4044 /****************************************************************************
4045 reply for the lanman 1.0 protocol
4046 ****************************************************************************/
4047 int reply_lanman1(char *outbuf)
4049 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
4051 BOOL doencrypt = SMBENCRYPT();
4052 time_t t = time(NULL);
4054 if (lp_security()>=SEC_USER) secword |= 1;
4055 if (doencrypt) secword |= 2;
4057 set_message(outbuf,13,doencrypt?8:0,True);
4058 SSVAL(outbuf,smb_vwv1,secword);
4059 /* Create a token value and add it to the outgoing packet. */
4061 generate_next_challenge(smb_buf(outbuf));
4063 Protocol = PROTOCOL_LANMAN1;
4065 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
4066 SSVAL(outbuf,smb_vwv2,max_recv);
4067 SSVAL(outbuf,smb_vwv3,lp_maxmux()); /* maxmux */
4068 SSVAL(outbuf,smb_vwv4,1);
4069 SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
4070 readbraw writebraw (possibly) */
4071 SIVAL(outbuf,smb_vwv6,getpid());
4072 SSVAL(outbuf,smb_vwv10, TimeDiff(t)/60);
4074 put_dos_date(outbuf,smb_vwv8,t);
4076 return (smb_len(outbuf)+4);
4080 /****************************************************************************
4081 reply for the lanman 2.0 protocol
4082 ****************************************************************************/
4083 int reply_lanman2(char *outbuf)
4085 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
4087 BOOL doencrypt = SMBENCRYPT();
4088 time_t t = time(NULL);
4089 struct cli_state *cli = NULL;
4093 if (lp_security() == SEC_SERVER) {
4094 cli = server_cryptkey();
4098 DEBUG(3,("using password server validation\n"));
4099 doencrypt = ((cli->sec_mode & 2) != 0);
4102 if (lp_security()>=SEC_USER) secword |= 1;
4103 if (doencrypt) secword |= 2;
4108 generate_next_challenge(cryptkey);
4110 memcpy(cryptkey, cli->cryptkey, 8);
4111 set_challenge(cli->cryptkey);
4115 set_message(outbuf,13,crypt_len,True);
4116 SSVAL(outbuf,smb_vwv1,secword);
4117 SIVAL(outbuf,smb_vwv6,getpid());
4119 memcpy(smb_buf(outbuf), cryptkey, 8);
4121 Protocol = PROTOCOL_LANMAN2;
4123 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
4124 SSVAL(outbuf,smb_vwv2,max_recv);
4125 SSVAL(outbuf,smb_vwv3,lp_maxmux());
4126 SSVAL(outbuf,smb_vwv4,1);
4127 SSVAL(outbuf,smb_vwv5,raw); /* readbraw and/or writebraw */
4128 SSVAL(outbuf,smb_vwv10, TimeDiff(t)/60);
4129 put_dos_date(outbuf,smb_vwv8,t);
4131 return (smb_len(outbuf)+4);
4135 /****************************************************************************
4136 reply for the nt protocol
4137 ****************************************************************************/
4138 int reply_nt1(char *outbuf)
4140 /* dual names + lock_and_read + nt SMBs + remote API calls */
4141 int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|CAP_RPC_REMOTE_APIS;
4143 other valid capabilities which we may support at some time...
4144 CAP_LARGE_FILES|CAP_NT_SMBS|CAP_RPC_REMOTE_APIS;
4145 CAP_LARGE_READX|CAP_STATUS32|CAP_LEVEL_II_OPLOCKS;
4149 BOOL doencrypt = SMBENCRYPT();
4150 time_t t = time(NULL);
4152 struct cli_state *cli = NULL;
4156 if (lp_security() == SEC_SERVER) {
4157 cli = server_cryptkey();
4161 DEBUG(3,("using password server validation\n"));
4162 doencrypt = ((cli->sec_mode & 2) != 0);
4168 generate_next_challenge(cryptkey);
4170 memcpy(cryptkey, cli->cryptkey, 8);
4171 set_challenge(cli->cryptkey);
4175 if (lp_readraw() && lp_writeraw()) {
4176 capabilities |= CAP_RAW_MODE;
4179 if (lp_security() >= SEC_USER) secword |= 1;
4180 if (doencrypt) secword |= 2;
4182 /* decide where (if) to put the encryption challenge, and
4183 follow it with the OEM'd domain name
4185 data_len = crypt_len + strlen(global_myworkgroup) + 1;
4187 set_message(outbuf,17,data_len,True);
4188 pstrcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup);
4190 CVAL(outbuf,smb_vwv1) = secword;
4191 SSVALS(outbuf,smb_vwv16+1,crypt_len);
4193 memcpy(smb_buf(outbuf), cryptkey, 8);
4195 Protocol = PROTOCOL_NT1;
4197 SSVAL(outbuf,smb_vwv1+1,lp_maxmux()); /* maxmpx */
4198 SSVAL(outbuf,smb_vwv2+1,1); /* num vcs */
4199 SIVAL(outbuf,smb_vwv3+1,0xffff); /* max buffer. LOTS! */
4200 SIVAL(outbuf,smb_vwv5+1,0x10000); /* raw size. full 64k */
4201 SIVAL(outbuf,smb_vwv7+1,getpid()); /* session key */
4202 SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
4203 put_long_date(outbuf+smb_vwv11+1,t);
4204 SSVALS(outbuf,smb_vwv15+1,TimeDiff(t)/60);
4205 SSVAL(outbuf,smb_vwv17,data_len); /* length of challenge+domain strings */
4207 return (smb_len(outbuf)+4);
4210 /* these are the protocol lists used for auto architecture detection:
4213 protocol [PC NETWORK PROGRAM 1.0]
4214 protocol [XENIX CORE]
4215 protocol [MICROSOFT NETWORKS 1.03]
4216 protocol [LANMAN1.0]
4217 protocol [Windows for Workgroups 3.1a]
4218 protocol [LM1.2X002]
4219 protocol [LANMAN2.1]
4220 protocol [NT LM 0.12]
4223 protocol [PC NETWORK PROGRAM 1.0]
4224 protocol [XENIX CORE]
4225 protocol [MICROSOFT NETWORKS 1.03]
4226 protocol [LANMAN1.0]
4227 protocol [Windows for Workgroups 3.1a]
4228 protocol [LM1.2X002]
4229 protocol [LANMAN2.1]
4230 protocol [NT LM 0.12]
4233 protocol [PC NETWORK PROGRAM 1.0]
4234 protocol [XENIX CORE]
4235 protocol [LANMAN1.0]
4236 protocol [LM1.2X002]
4237 protocol [LANMAN2.1]
4241 * Modified to recognize the architecture of the remote machine better.
4243 * This appears to be the matrix of which protocol is used by which
4245 Protocol WfWg Win95 WinNT OS/2
4246 PC NETWORK PROGRAM 1.0 1 1 1 1
4248 MICROSOFT NETWORKS 3.0 2 2
4250 MICROSOFT NETWORKS 1.03 3
4253 Windows for Workgroups 3.1a 5 5 5
4258 * tim@fsg.com 09/29/95
4261 #define ARCH_WFWG 0x3 /* This is a fudge because WfWg is like Win95 */
4262 #define ARCH_WIN95 0x2
4263 #define ARCH_OS2 0xC /* Again OS/2 is like NT */
4264 #define ARCH_WINNT 0x8
4265 #define ARCH_SAMBA 0x10
4267 #define ARCH_ALL 0x1F
4269 /* List of supported protocols, most desired first */
4273 int (*proto_reply_fn)(char *);
4275 } supported_protocols[] = {
4276 {"NT LANMAN 1.0", "NT1", reply_nt1, PROTOCOL_NT1},
4277 {"NT LM 0.12", "NT1", reply_nt1, PROTOCOL_NT1},
4278 {"LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4279 {"Samba", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4280 {"DOS LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4281 {"LANMAN1.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1},
4282 {"MICROSOFT NETWORKS 3.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1},
4283 {"MICROSOFT NETWORKS 1.03", "COREPLUS", reply_coreplus, PROTOCOL_COREPLUS},
4284 {"PC NETWORK PROGRAM 1.0", "CORE", reply_corep, PROTOCOL_CORE},
4289 /****************************************************************************
4291 ****************************************************************************/
4292 static int reply_negprot(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4294 int outsize = set_message(outbuf,1,0,True);
4299 int bcc = SVAL(smb_buf(inbuf),-2);
4300 int arch = ARCH_ALL;
4302 p = smb_buf(inbuf)+1;
4303 while (p < (smb_buf(inbuf) + bcc))
4306 DEBUG(3,("Requested protocol [%s]\n",p));
4307 if (strcsequal(p,"Windows for Workgroups 3.1a"))
4308 arch &= ( ARCH_WFWG | ARCH_WIN95 | ARCH_WINNT );
4309 else if (strcsequal(p,"DOS LM1.2X002"))
4310 arch &= ( ARCH_WFWG | ARCH_WIN95 );
4311 else if (strcsequal(p,"DOS LANMAN2.1"))
4312 arch &= ( ARCH_WFWG | ARCH_WIN95 );
4313 else if (strcsequal(p,"NT LM 0.12"))
4314 arch &= ( ARCH_WIN95 | ARCH_WINNT );
4315 else if (strcsequal(p,"LANMAN2.1"))
4316 arch &= ( ARCH_WINNT | ARCH_OS2 );
4317 else if (strcsequal(p,"LM1.2X002"))
4318 arch &= ( ARCH_WINNT | ARCH_OS2 );
4319 else if (strcsequal(p,"MICROSOFT NETWORKS 1.03"))
4321 else if (strcsequal(p,"XENIX CORE"))
4322 arch &= ( ARCH_WINNT | ARCH_OS2 );
4323 else if (strcsequal(p,"Samba")) {
4333 set_remote_arch(RA_SAMBA);
4336 set_remote_arch(RA_WFWG);
4339 set_remote_arch(RA_WIN95);
4342 set_remote_arch(RA_WINNT);
4345 set_remote_arch(RA_OS2);
4348 set_remote_arch(RA_UNKNOWN);
4352 /* possibly reload - change of architecture */
4353 reload_services(True);
4355 /* a special case to stop password server loops */
4356 if (Index == 1 && strequal(remote_machine,myhostname) &&
4357 (lp_security()==SEC_SERVER || lp_security()==SEC_DOMAIN))
4358 exit_server("Password server loop!");
4360 /* Check for protocols, most desirable first */
4361 for (protocol = 0; supported_protocols[protocol].proto_name; protocol++)
4363 p = smb_buf(inbuf)+1;
4365 if (lp_maxprotocol() >= supported_protocols[protocol].protocol_level)
4366 while (p < (smb_buf(inbuf) + bcc))
4368 if (strequal(p,supported_protocols[protocol].proto_name))
4377 SSVAL(outbuf,smb_vwv0,choice);
4379 extern fstring remote_proto;
4380 fstrcpy(remote_proto,supported_protocols[protocol].short_name);
4381 reload_services(True);
4382 outsize = supported_protocols[protocol].proto_reply_fn(outbuf);
4383 DEBUG(3,("Selected protocol %s\n",supported_protocols[protocol].proto_name));
4386 DEBUG(0,("No protocol supported !\n"));
4388 SSVAL(outbuf,smb_vwv0,choice);
4390 DEBUG(5,("%s negprot index=%d\n",timestring(),choice));
4396 /****************************************************************************
4397 close all open files for a connection
4398 ****************************************************************************/
4399 static void close_open_files(int cnum)
4402 for (i=0;i<MAX_OPEN_FILES;i++)
4403 if( Files[i].cnum == cnum && Files[i].open) {
4404 close_file(i,False);
4410 /****************************************************************************
4412 ****************************************************************************/
4413 void close_cnum(int cnum, uint16 vuid)
4416 DirCacheFlush(SNUM(cnum));
4420 if (!OPEN_CNUM(cnum))
4422 DEBUG(0,("Can't close cnum %d\n",cnum));
4426 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
4428 remote_machine,client_addr(Client),
4429 lp_servicename(SNUM(cnum))));
4431 yield_connection(cnum,
4432 lp_servicename(SNUM(cnum)),
4433 lp_max_connections(SNUM(cnum)));
4435 if (lp_status(SNUM(cnum)))
4436 yield_connection(cnum,"STATUS.",MAXSTATUS);
4438 close_open_files(cnum);
4439 dptr_closecnum(cnum);
4441 /* execute any "postexec = " line */
4442 if (*lp_postexec(SNUM(cnum)) && become_user(&Connections[cnum], cnum,vuid))
4445 pstrcpy(cmd,lp_postexec(SNUM(cnum)));
4446 standard_sub(cnum,cmd);
4447 smbrun(cmd,NULL,False);
4452 /* execute any "root postexec = " line */
4453 if (*lp_rootpostexec(SNUM(cnum)))
4456 pstrcpy(cmd,lp_rootpostexec(SNUM(cnum)));
4457 standard_sub(cnum,cmd);
4458 smbrun(cmd,NULL,False);
4461 Connections[cnum].open = False;
4462 num_connections_open--;
4463 if (Connections[cnum].ngroups && Connections[cnum].groups)
4465 if (Connections[cnum].igroups != (int *)Connections[cnum].groups)
4466 free(Connections[cnum].groups);
4467 free(Connections[cnum].igroups);
4468 Connections[cnum].groups = NULL;
4469 Connections[cnum].igroups = NULL;
4470 Connections[cnum].ngroups = 0;
4473 free_namearray(Connections[cnum].veto_list);
4474 free_namearray(Connections[cnum].hide_list);
4475 free_namearray(Connections[cnum].veto_oplock_list);
4477 string_set(&Connections[cnum].user,"");
4478 string_set(&Connections[cnum].dirpath,"");
4479 string_set(&Connections[cnum].connectpath,"");
4485 /*******************************************************************
4486 prepare to dump a core file - carefully!
4487 ********************************************************************/
4488 static BOOL dump_core(void)
4492 pstrcpy(dname,debugf);
4493 if ((p=strrchr(dname,'/'))) *p=0;
4494 pstrcat(dname,"/corefiles");
4496 sys_chown(dname,getuid(),getgid());
4498 if (chdir(dname)) return(False);
4501 #ifndef NO_GETRLIMIT
4505 getrlimit(RLIMIT_CORE, &rlp);
4506 rlp.rlim_cur = MAX(4*1024*1024,rlp.rlim_cur);
4507 setrlimit(RLIMIT_CORE, &rlp);
4508 getrlimit(RLIMIT_CORE, &rlp);
4509 DEBUG(3,("Core limits now %d %d\n",rlp.rlim_cur,rlp.rlim_max));
4515 DEBUG(0,("Dumping core in %s\n",dname));
4520 /****************************************************************************
4522 ****************************************************************************/
4523 void exit_server(char *reason)
4525 static int firsttime=1;
4528 if (!firsttime) exit(0);
4532 DEBUG(2,("Closing connections\n"));
4533 for (i=0;i<MAX_CONNECTIONS;i++)
4534 if (Connections[i].open)
4535 close_cnum(i,(uint16)-1);
4537 if (dcelogin_atmost_once)
4541 int oldlevel = DEBUGLEVEL;
4543 DEBUG(0,("Last message was %s\n",smb_fn_name(last_message)));
4545 show_msg(last_inbuf);
4546 DEBUGLEVEL = oldlevel;
4547 DEBUG(0,("===============================================================\n"));
4549 if (dump_core()) return;
4555 DEBUG(3,("%s Server exit (%s)\n",timestring(),reason?reason:""));
4559 /****************************************************************************
4560 do some standard substitutions in a string
4561 ****************************************************************************/
4562 void standard_sub(int cnum,char *str)
4564 if (VALID_CNUM(cnum)) {
4567 for ( s=str ; (p=strchr(s, '%')) != NULL ; s=p ) {
4569 case 'H' : if ((home = get_home_dir(Connections[cnum].user))!=NULL)
4570 string_sub(p,"%H",home);
4574 case 'P' : string_sub(p,"%P",Connections[cnum].connectpath); break;
4575 case 'S' : string_sub(p,"%S",lp_servicename(Connections[cnum].service)); break;
4576 case 'g' : string_sub(p,"%g",gidtoname(Connections[cnum].gid)); break;
4577 case 'u' : string_sub(p,"%u",Connections[cnum].user); break;
4579 * Patch from jkf@soton.ac.uk
4580 * Left the %N (NIS server name) in standard_sub_basic as it
4581 * is a feature for logon servers, hence uses the username.
4582 * The %p (NIS server path) code is here as it is used
4583 * instead of the default "path =" string in [homes] and so
4584 * needs the service name, not the username.
4586 case 'p' : string_sub(p,"%p",automount_path(lp_servicename(Connections[cnum].service))); break;
4587 case '\0' : p++; break; /* don't run off the end of the string */
4588 default : p+=2; break;
4592 standard_sub_basic(str);
4596 These flags determine some of the permissions required to do an operation
4598 Note that I don't set NEED_WRITE on some write operations because they
4599 are used by some brain-dead clients when printing, and I don't want to
4600 force write permissions on print services.
4602 #define AS_USER (1<<0)
4603 #define NEED_WRITE (1<<1)
4604 #define TIME_INIT (1<<2)
4605 #define CAN_IPC (1<<3)
4606 #define AS_GUEST (1<<5)
4607 #define QUEUE_IN_OPLOCK (1<<6)
4610 define a list of possible SMB messages and their corresponding
4611 functions. Any message that has a NULL function is unimplemented -
4612 please feel free to contribute implementations!
4614 struct smb_message_struct
4618 int (*fn)(char *, char *, int, int);
4628 {SMBnegprot,"SMBnegprot",reply_negprot,0},
4629 {SMBtcon,"SMBtcon",reply_tcon,0},
4630 {SMBtdis,"SMBtdis",reply_tdis,0},
4631 {SMBexit,"SMBexit",reply_exit,0},
4632 {SMBioctl,"SMBioctl",reply_ioctl,0},
4633 {SMBecho,"SMBecho",reply_echo,0},
4634 {SMBsesssetupX,"SMBsesssetupX",reply_sesssetup_and_X,0},
4635 {SMBtconX,"SMBtconX",reply_tcon_and_X,0},
4636 {SMBulogoffX, "SMBulogoffX", reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
4637 {SMBgetatr,"SMBgetatr",reply_getatr,AS_USER},
4638 {SMBsetatr,"SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
4639 {SMBchkpth,"SMBchkpth",reply_chkpth,AS_USER},
4640 {SMBsearch,"SMBsearch",reply_search,AS_USER},
4641 {SMBopen,"SMBopen",reply_open,AS_USER | QUEUE_IN_OPLOCK },
4643 /* note that SMBmknew and SMBcreate are deliberately overloaded */
4644 {SMBcreate,"SMBcreate",reply_mknew,AS_USER},
4645 {SMBmknew,"SMBmknew",reply_mknew,AS_USER},
4647 {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
4648 {SMBread,"SMBread",reply_read,AS_USER},
4649 {SMBwrite,"SMBwrite",reply_write,AS_USER},
4650 {SMBclose,"SMBclose",reply_close,AS_USER | CAN_IPC},
4651 {SMBmkdir,"SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
4652 {SMBrmdir,"SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
4653 {SMBdskattr,"SMBdskattr",reply_dskattr,AS_USER},
4654 {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
4656 /* this is a Pathworks specific call, allowing the
4657 changing of the root path */
4658 {pSETDIR,"pSETDIR",reply_setdir,AS_USER},
4660 {SMBlseek,"SMBlseek",reply_lseek,AS_USER},
4661 {SMBflush,"SMBflush",reply_flush,AS_USER},
4662 {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
4663 {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
4664 {SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
4665 {SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER|AS_GUEST},
4666 {SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
4667 {SMBlock,"SMBlock",reply_lock,AS_USER},
4668 {SMBunlock,"SMBunlock",reply_unlock,AS_USER},
4670 /* CORE+ PROTOCOL FOLLOWS */
4672 {SMBreadbraw,"SMBreadbraw",reply_readbraw,AS_USER},
4673 {SMBwritebraw,"SMBwritebraw",reply_writebraw,AS_USER},
4674 {SMBwriteclose,"SMBwriteclose",reply_writeclose,AS_USER},
4675 {SMBlockread,"SMBlockread",reply_lockread,AS_USER},
4676 {SMBwriteunlock,"SMBwriteunlock",reply_writeunlock,AS_USER},
4678 /* LANMAN1.0 PROTOCOL FOLLOWS */
4680 {SMBreadBmpx,"SMBreadBmpx",reply_readbmpx,AS_USER},
4681 {SMBreadBs,"SMBreadBs",NULL,AS_USER},
4682 {SMBwriteBmpx,"SMBwriteBmpx",reply_writebmpx,AS_USER},
4683 {SMBwriteBs,"SMBwriteBs",reply_writebs,AS_USER},
4684 {SMBwritec,"SMBwritec",NULL,AS_USER},
4685 {SMBsetattrE,"SMBsetattrE",reply_setattrE,AS_USER | NEED_WRITE},
4686 {SMBgetattrE,"SMBgetattrE",reply_getattrE,AS_USER},
4687 {SMBtrans,"SMBtrans",reply_trans,AS_USER | CAN_IPC},
4688 {SMBtranss,"SMBtranss",NULL,AS_USER | CAN_IPC},
4689 {SMBioctls,"SMBioctls",NULL,AS_USER},
4690 {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
4691 {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
4693 {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
4694 {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER | CAN_IPC },
4695 {SMBwriteX,"SMBwriteX",reply_write_and_X,AS_USER},
4696 {SMBlockingX,"SMBlockingX",reply_lockingX,AS_USER},
4698 {SMBffirst,"SMBffirst",reply_search,AS_USER},
4699 {SMBfunique,"SMBfunique",reply_search,AS_USER},
4700 {SMBfclose,"SMBfclose",reply_fclose,AS_USER},
4702 /* LANMAN2.0 PROTOCOL FOLLOWS */
4703 {SMBfindnclose, "SMBfindnclose", reply_findnclose, AS_USER},
4704 {SMBfindclose, "SMBfindclose", reply_findclose,AS_USER},
4705 {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER },
4706 {SMBtranss2, "SMBtranss2", reply_transs2, AS_USER},
4708 /* messaging routines */
4709 {SMBsends,"SMBsends",reply_sends,AS_GUEST},
4710 {SMBsendstrt,"SMBsendstrt",reply_sendstrt,AS_GUEST},
4711 {SMBsendend,"SMBsendend",reply_sendend,AS_GUEST},
4712 {SMBsendtxt,"SMBsendtxt",reply_sendtxt,AS_GUEST},
4714 /* NON-IMPLEMENTED PARTS OF THE CORE PROTOCOL */
4716 {SMBsendb,"SMBsendb",NULL,AS_GUEST},
4717 {SMBfwdname,"SMBfwdname",NULL,AS_GUEST},
4718 {SMBcancelf,"SMBcancelf",NULL,AS_GUEST},
4719 {SMBgetmac,"SMBgetmac",NULL,AS_GUEST}
4722 /****************************************************************************
4723 return a string containing the function name of a SMB command
4724 ****************************************************************************/
4725 char *smb_fn_name(int type)
4727 static char *unknown_name = "SMBunknown";
4728 static int num_smb_messages =
4729 sizeof(smb_messages) / sizeof(struct smb_message_struct);
4732 for (match=0;match<num_smb_messages;match++)
4733 if (smb_messages[match].code == type)
4736 if (match == num_smb_messages)
4737 return(unknown_name);
4739 return(smb_messages[match].name);
4743 /****************************************************************************
4744 do a switch on the message type, and return the response size
4745 ****************************************************************************/
4746 static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize)
4750 static int num_smb_messages =
4751 sizeof(smb_messages) / sizeof(struct smb_message_struct);
4755 struct timeval msg_start_time;
4756 struct timeval msg_end_time;
4757 static unsigned long total_time = 0;
4759 GetTimeOfDay(&msg_start_time);
4766 last_message = type;
4768 /* make sure this is an SMB packet */
4769 if (strncmp(smb_base(inbuf),"\377SMB",4) != 0)
4771 DEBUG(2,("Non-SMB packet of length %d\n",smb_len(inbuf)));
4775 for (match=0;match<num_smb_messages;match++)
4776 if (smb_messages[match].code == type)
4779 if (match == num_smb_messages)
4781 DEBUG(0,("Unknown message type %d!\n",type));
4782 outsize = reply_unknown(inbuf,outbuf);
4786 DEBUG(3,("switch message %s (pid %d)\n",smb_messages[match].name,pid));
4788 if(global_oplock_break && (smb_messages[match].flags & QUEUE_IN_OPLOCK))
4791 * Queue this message as we are the process of an oplock break.
4794 DEBUG(2,("%s: switch_message: queueing message due to being in oplock break state.\n",
4797 push_smb_message( inbuf, size);
4801 if (smb_messages[match].fn)
4803 int cnum = SVAL(inbuf,smb_tid);
4804 int flags = smb_messages[match].flags;
4805 static uint16 last_session_tag = UID_FIELD_INVALID;
4806 /* In share mode security we must ignore the vuid. */
4807 uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
4808 /* Ensure this value is replaced in the incoming packet. */
4809 SSVAL(inbuf,smb_uid,session_tag);
4812 * Ensure the correct username is in sesssetup_user.
4813 * This is a really ugly bugfix for problems with
4814 * multiple session_setup_and_X's being done and
4815 * allowing %U and %G substitutions to work correctly.
4816 * There is a reason this code is done here, don't
4817 * move it unless you know what you're doing... :-).
4820 if(session_tag != last_session_tag ) {
4821 user_struct *vuser = NULL;
4823 last_session_tag = session_tag;
4824 if(session_tag != UID_FIELD_INVALID)
4825 vuser = get_valid_user_struct(session_tag);
4827 pstrcpy( sesssetup_user, vuser->requested_name);
4830 /* does this protocol need to be run as root? */
4831 if (!(flags & AS_USER))
4834 /* does this protocol need to be run as the connected user? */
4835 if ((flags & AS_USER) && !become_user(&Connections[cnum], cnum,session_tag)) {
4836 if (flags & AS_GUEST)
4839 return(ERROR(ERRSRV,ERRinvnid));
4841 /* this code is to work around a bug is MS client 3 without
4842 introducing a security hole - it needs to be able to do
4843 print queue checks as guest if it isn't logged in properly */
4844 if (flags & AS_USER)
4847 /* does it need write permission? */
4848 if ((flags & NEED_WRITE) && !CAN_WRITE(cnum))
4849 return(ERROR(ERRSRV,ERRaccess));
4851 /* ipc services are limited */
4852 if (IS_IPC(cnum) && (flags & AS_USER) && !(flags & CAN_IPC))
4853 return(ERROR(ERRSRV,ERRaccess));
4855 /* load service specific parameters */
4856 if (OPEN_CNUM(cnum) && !become_service(cnum,(flags & AS_USER)?True:False))
4857 return(ERROR(ERRSRV,ERRaccess));
4859 /* does this protocol need to be run as guest? */
4860 if ((flags & AS_GUEST) && (!become_guest() || !check_access(-1)))
4861 return(ERROR(ERRSRV,ERRaccess));
4865 outsize = smb_messages[match].fn(inbuf,outbuf,size,bufsize);
4869 outsize = reply_unknown(inbuf,outbuf);
4874 GetTimeOfDay(&msg_end_time);
4875 if (!(smb_messages[match].flags & TIME_INIT))
4877 smb_messages[match].time = 0;
4878 smb_messages[match].flags |= TIME_INIT;
4881 unsigned long this_time =
4882 (msg_end_time.tv_sec - msg_start_time.tv_sec)*1e6 +
4883 (msg_end_time.tv_usec - msg_start_time.tv_usec);
4884 smb_messages[match].time += this_time;
4885 total_time += this_time;
4887 DEBUG(2,("TIME %s %d usecs %g pct\n",
4888 smb_fn_name(type),smb_messages[match].time,
4889 (100.0*smb_messages[match].time) / total_time));
4896 /****************************************************************************
4897 construct a chained reply and add it to the already made reply
4898 **************************************************************************/
4899 int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
4901 static char *orig_inbuf;
4902 static char *orig_outbuf;
4903 int smb_com1, smb_com2 = CVAL(inbuf,smb_vwv0);
4904 unsigned smb_off2 = SVAL(inbuf,smb_vwv1);
4905 char *inbuf2, *outbuf2;
4907 char inbuf_saved[smb_wct];
4908 char outbuf_saved[smb_wct];
4909 extern int chain_size;
4910 int wct = CVAL(outbuf,smb_wct);
4911 int outsize = smb_size + 2*wct + SVAL(outbuf,smb_vwv0+2*wct);
4913 /* maybe its not chained */
4914 if (smb_com2 == 0xFF) {
4915 CVAL(outbuf,smb_vwv0) = 0xFF;
4919 if (chain_size == 0) {
4920 /* this is the first part of the chain */
4922 orig_outbuf = outbuf;
4925 /* we need to tell the client where the next part of the reply will be */
4926 SSVAL(outbuf,smb_vwv1,smb_offset(outbuf+outsize,outbuf));
4927 CVAL(outbuf,smb_vwv0) = smb_com2;
4929 /* remember how much the caller added to the chain, only counting stuff
4930 after the parameter words */
4931 chain_size += outsize - smb_wct;
4933 /* work out pointers into the original packets. The
4934 headers on these need to be filled in */
4935 inbuf2 = orig_inbuf + smb_off2 + 4 - smb_wct;
4936 outbuf2 = orig_outbuf + SVAL(outbuf,smb_vwv1) + 4 - smb_wct;
4938 /* remember the original command type */
4939 smb_com1 = CVAL(orig_inbuf,smb_com);
4941 /* save the data which will be overwritten by the new headers */
4942 memcpy(inbuf_saved,inbuf2,smb_wct);
4943 memcpy(outbuf_saved,outbuf2,smb_wct);
4945 /* give the new packet the same header as the last part of the SMB */
4946 memmove(inbuf2,inbuf,smb_wct);
4948 /* create the in buffer */
4949 CVAL(inbuf2,smb_com) = smb_com2;
4951 /* create the out buffer */
4952 bzero(outbuf2,smb_size);
4953 set_message(outbuf2,0,0,True);
4954 CVAL(outbuf2,smb_com) = CVAL(inbuf2,smb_com);
4956 memcpy(outbuf2+4,inbuf2+4,4);
4957 CVAL(outbuf2,smb_rcls) = SMB_SUCCESS;
4958 CVAL(outbuf2,smb_reh) = 0;
4959 CVAL(outbuf2,smb_flg) = 0x80 | (CVAL(inbuf2,smb_flg) & 0x8); /* bit 7 set
4961 SSVAL(outbuf2,smb_flg2,1); /* say we support long filenames */
4962 SSVAL(outbuf2,smb_err,SMB_SUCCESS);
4963 SSVAL(outbuf2,smb_tid,SVAL(inbuf2,smb_tid));
4964 SSVAL(outbuf2,smb_pid,SVAL(inbuf2,smb_pid));
4965 SSVAL(outbuf2,smb_uid,SVAL(inbuf2,smb_uid));
4966 SSVAL(outbuf2,smb_mid,SVAL(inbuf2,smb_mid));
4968 DEBUG(3,("Chained message\n"));
4971 /* process the request */
4972 outsize2 = switch_message(smb_com2,inbuf2,outbuf2,size-chain_size,
4973 bufsize-chain_size);
4975 /* copy the new reply and request headers over the old ones, but
4976 preserve the smb_com field */
4977 memmove(orig_outbuf,outbuf2,smb_wct);
4978 CVAL(orig_outbuf,smb_com) = smb_com1;
4980 /* restore the saved data, being careful not to overwrite any
4981 data from the reply header */
4982 memcpy(inbuf2,inbuf_saved,smb_wct);
4984 int ofs = smb_wct - PTR_DIFF(outbuf2,orig_outbuf);
4985 if (ofs < 0) ofs = 0;
4986 memmove(outbuf2+ofs,outbuf_saved+ofs,smb_wct-ofs);
4994 /****************************************************************************
4995 construct a reply to the incoming packet
4996 ****************************************************************************/
4997 int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
4999 int type = CVAL(inbuf,smb_com);
5001 int msg_type = CVAL(inbuf,0);
5002 extern int chain_size;
5004 smb_last_time = time(NULL);
5010 bzero(outbuf,smb_size);
5013 return(reply_special(inbuf,outbuf));
5015 CVAL(outbuf,smb_com) = CVAL(inbuf,smb_com);
5016 set_message(outbuf,0,0,True);
5018 memcpy(outbuf+4,inbuf+4,4);
5019 CVAL(outbuf,smb_rcls) = SMB_SUCCESS;
5020 CVAL(outbuf,smb_reh) = 0;
5021 CVAL(outbuf,smb_flg) = 0x80 | (CVAL(inbuf,smb_flg) & 0x8); /* bit 7 set
5023 SSVAL(outbuf,smb_flg2,1); /* say we support long filenames */
5024 SSVAL(outbuf,smb_err,SMB_SUCCESS);
5025 SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
5026 SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
5027 SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
5028 SSVAL(outbuf,smb_mid,SVAL(inbuf,smb_mid));
5030 outsize = switch_message(type,inbuf,outbuf,size,bufsize);
5032 outsize += chain_size;
5035 smb_setlen(outbuf,outsize - 4);
5039 /****************************************************************************
5040 process commands from the client
5041 ****************************************************************************/
5042 static void process(void)
5046 InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
5047 OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
5048 if ((InBuffer == NULL) || (OutBuffer == NULL))
5051 InBuffer += SMB_ALIGNMENT;
5052 OutBuffer += SMB_ALIGNMENT;
5055 DEBUG(3,("priming nmbd\n"));
5058 ip = *interpret_addr2("localhost");
5059 if (zero_ip(ip)) ip = *interpret_addr2("127.0.0.1");
5061 send_one_packet(OutBuffer,1,ip,NMB_PORT,SOCK_DGRAM);
5065 /* re-initialise the timezone */
5070 int deadtime = lp_deadtime()*60;
5072 int last_keepalive=0;
5073 int service_load_counter = 0;
5074 BOOL got_smb = False;
5077 deadtime = DEFAULT_SMBD_TIMEOUT;
5079 #if USE_READ_PREDICTION
5080 if (lp_readprediction())
5081 do_read_prediction();
5086 for (counter=SMBD_SELECT_LOOP;
5087 !receive_message_or_smb(Client,oplock_sock,
5088 InBuffer,BUFFER_SIZE,SMBD_SELECT_LOOP*1000,&got_smb);
5089 counter += SMBD_SELECT_LOOP)
5093 BOOL allidle = True;
5094 extern int keepalive;
5096 if (counter > 365 * 3600) /* big number of seconds. */
5099 service_load_counter = 0;
5102 if (smb_read_error == READ_EOF)
5104 DEBUG(3,("end of file from client\n"));
5108 if (smb_read_error == READ_ERROR)
5110 DEBUG(3,("receive_smb error (%s) exiting\n",
5117 /* become root again if waiting */
5120 /* check for smb.conf reload */
5121 if (counter >= service_load_counter + SMBD_RELOAD_CHECK)
5123 service_load_counter = counter;
5125 /* reload services, if files have changed. */
5126 reload_services(True);
5130 * If reload_after_sighup == True then we got a SIGHUP
5131 * and are being asked to reload. Fix from <branko.cibej@hermes.si>
5134 if (reload_after_sighup)
5136 DEBUG(0,("Reloading services after SIGHUP\n"));
5137 reload_services(False);
5138 reload_after_sighup = False;
5141 /* automatic timeout if all connections are closed */
5142 if (num_connections_open==0 && counter >= IDLE_CLOSED_TIMEOUT)
5144 DEBUG(2,("%s Closing idle connection\n",timestring()));
5148 if (keepalive && (counter-last_keepalive)>keepalive)
5150 struct cli_state *cli = server_client();
5151 if (!send_keepalive(Client)) {
5152 DEBUG(2,("%s Keepalive failed - exiting\n",timestring()));
5155 /* also send a keepalive to the password server if its still
5157 if (cli && cli->initialised)
5158 send_keepalive(cli->fd);
5159 last_keepalive = counter;
5162 /* check for connection timeouts */
5163 for (i=0;i<MAX_CONNECTIONS;i++)
5164 if (Connections[i].open)
5166 /* close dirptrs on connections that are idle */
5167 if ((t-Connections[i].lastused)>DPTR_IDLE_TIMEOUT)
5170 if (Connections[i].num_files_open > 0 ||
5171 (t-Connections[i].lastused)<deadtime)
5175 if (allidle && num_connections_open>0)
5177 DEBUG(2,("%s Closing idle connection 2\n",timestring()));
5181 if(global_machine_pasword_needs_changing)
5183 unsigned char trust_passwd_hash[16];
5185 pstring remote_machine_list;
5188 * We're in domain level security, and the code that
5189 * read the machine password flagged that the machine
5190 * password needs changing.
5194 * First, open the machine password file with an exclusive lock.
5197 if(!trust_password_lock( global_myworkgroup, global_myname, True)) {
5198 DEBUG(0,("process: unable to open the machine account password file for \
5199 machine %s in domain %s.\n", global_myname, global_myworkgroup ));
5203 if(!get_trust_account_password( trust_passwd_hash, &lct)) {
5204 DEBUG(0,("process: unable to read the machine account password for \
5205 machine %s in domain %s.\n", global_myname, global_myworkgroup ));
5206 trust_password_unlock();
5211 * Make sure someone else hasn't already done this.
5214 if(t < lct + lp_machine_password_timeout()) {
5215 trust_password_unlock();
5216 global_machine_pasword_needs_changing = False;
5220 pstrcpy(remote_machine_list, lp_passwordserver());
5222 change_trust_account_password( global_myworkgroup, remote_machine_list);
5223 trust_password_unlock();
5224 global_machine_pasword_needs_changing = False;
5229 process_smb(InBuffer, OutBuffer);
5231 process_local_message(oplock_sock, InBuffer, BUFFER_SIZE);
5236 /****************************************************************************
5237 initialise connect, service and file structs
5238 ****************************************************************************/
5239 static void init_structs(void )
5242 get_myname(myhostname,NULL);
5245 * Set the machine NETBIOS name if not already
5246 * set from the config file.
5249 if (!*global_myname)
5252 fstrcpy( global_myname, myhostname );
5253 p = strchr( global_myname, '.' );
5257 strupper( global_myname );
5259 for (i=0;i<MAX_CONNECTIONS;i++)
5261 Connections[i].open = False;
5262 Connections[i].num_files_open=0;
5263 Connections[i].lastused=0;
5264 Connections[i].used=False;
5265 string_init(&Connections[i].user,"");
5266 string_init(&Connections[i].dirpath,"");
5267 string_init(&Connections[i].connectpath,"");
5268 string_init(&Connections[i].origpath,"");
5271 for (i=0;i<MAX_OPEN_FILES;i++)
5273 Files[i].open = False;
5274 string_init(&Files[i].name,"");
5277 for (i=0;i<MAX_OPEN_FILES;i++)
5279 file_fd_struct *fd_ptr = &FileFd[i];
5280 fd_ptr->ref_count = 0;
5281 fd_ptr->dev = (int32)-1;
5282 fd_ptr->inode = (int32)-1;
5284 fd_ptr->fd_readonly = -1;
5285 fd_ptr->fd_writeonly = -1;
5286 fd_ptr->real_open_flags = -1;
5290 init_rpc_pipe_hnd();
5292 /* for LSA handles */
5293 init_lsa_policy_hnd();
5298 /****************************************************************************
5299 usage on the program
5300 ****************************************************************************/
5301 static void usage(char *pname)
5303 DEBUG(0,("Incorrect program usage - are you sure the command line is correct?\n"));
5305 printf("Usage: %s [-D] [-p port] [-d debuglevel] [-l log basename] [-s services file]\n",pname);
5306 printf("Version %s\n",VERSION);
5307 printf("\t-D become a daemon\n");
5308 printf("\t-p port listen on the specified port\n");
5309 printf("\t-d debuglevel set the debuglevel\n");
5310 printf("\t-l log basename. Basename for log/debug files\n");
5311 printf("\t-s services file. Filename of services file\n");
5312 printf("\t-P passive only\n");
5313 printf("\t-a overwrite log file, don't append\n");
5318 /****************************************************************************
5320 ****************************************************************************/
5321 int main(int argc,char *argv[])
5323 extern BOOL append_log;
5324 /* shall I run as a daemon */
5325 BOOL is_daemon = False;
5326 int port = SMB_PORT;
5328 extern char *optarg;
5330 #ifdef NEED_AUTH_PARAMETERS
5331 set_auth_parameters(argc,argv);
5342 pstrcpy(debugf,SMBLOGFILE);
5344 pstrcpy(remote_machine, "smb");
5346 setup_logging(argv[0],False);
5348 charset_initialise();
5350 /* make absolutely sure we run as root - to handle cases where people
5351 are crazy enough to have it setuid */
5361 fault_setup((void (*)(void *))exit_server);
5362 signal(SIGTERM , SIGNAL_CAST dflt_sig);
5364 /* we want total control over the permissions on created files,
5365 so set our umask to 0 */
5372 /* this is for people who can't start the program correctly */
5373 while (argc > 1 && (*argv[1] != '-'))
5379 while ((opt = getopt(argc, argv, "O:i:l:s:d:Dp:hPaf:")) != EOF)
5383 pstrcpy(user_socket_options,optarg);
5386 pstrcpy(scope,optarg);
5390 extern BOOL passive;
5395 pstrcpy(servicesf,optarg);
5398 pstrcpy(debugf,optarg);
5402 extern BOOL append_log;
5403 append_log = !append_log;
5413 DEBUGLEVEL = atoi(optarg);
5416 port = atoi(optarg);
5429 DEBUG(2,("%s smbd version %s started\n",timestring(),VERSION));
5430 DEBUG(2,("Copyright Andrew Tridgell 1992-1997\n"));
5432 #ifndef NO_GETRLIMIT
5433 #ifdef RLIMIT_NOFILE
5436 getrlimit(RLIMIT_NOFILE, &rlp);
5438 * Set the fd limit to be MAX_OPEN_FILES + 10 to account for the
5439 * extra fd we need to read directories, as well as the log files
5440 * and standard handles etc.
5442 rlp.rlim_cur = (MAX_OPEN_FILES+10>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES+10;
5443 setrlimit(RLIMIT_NOFILE, &rlp);
5444 getrlimit(RLIMIT_NOFILE, &rlp);
5445 DEBUG(3,("Maximum number of open files per session is %d\n",rlp.rlim_cur));
5451 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
5452 getuid(),getgid(),geteuid(),getegid()));
5454 if (sizeof(uint16) < 2 || sizeof(uint32) < 4)
5456 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
5462 if (!reload_services(False))
5467 extern BOOL sslEnabled;
5468 sslEnabled = lp_ssl_enabled();
5472 #endif /* USE_SSL */
5474 codepage_initialise(lp_client_code_page());
5476 pstrcpy(global_myworkgroup, lp_workgroup());
5478 if(!pdb_generate_machine_sid())
5480 DEBUG(0,("ERROR: Samba cannot get a machine SID.\n"));
5484 #ifndef NO_SIGNAL_TEST
5485 signal(SIGHUP,SIGNAL_CAST sig_hup);
5488 /* Setup the signals that allow the debug log level
5489 to by dynamically changed. */
5491 /* If we are using the malloc debug code we can't use
5492 SIGUSR1 and SIGUSR2 to do debug level changes. */
5495 #if defined(SIGUSR1)
5496 signal( SIGUSR1, SIGNAL_CAST sig_usr1 );
5497 #endif /* SIGUSR1 */
5499 #if defined(SIGUSR2)
5500 signal( SIGUSR2, SIGNAL_CAST sig_usr2 );
5501 #endif /* SIGUSR2 */
5502 #endif /* MEM_MAN */
5504 DEBUG(3,("%s loaded services\n",timestring()));
5506 if (!is_daemon && !is_a_socket(0))
5508 DEBUG(0,("standard input is not a socket, assuming -D option\n"));
5514 DEBUG(3,("%s becoming a daemon\n",timestring()));
5518 if (!directory_exist(lp_lockdir(), NULL)) {
5519 mkdir(lp_lockdir(), 0755);
5523 pidfile_create("smbd");
5526 if (!open_sockets(is_daemon,port))
5529 if (!locking_init(0))
5532 if(!initialize_password_db())
5535 /* possibly reload the services file. */
5536 reload_services(True);
5538 max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
5542 if (sys_chroot(lp_rootdir()) == 0)
5543 DEBUG(2,("%s changed root to %s\n",timestring(),lp_rootdir()));
5546 /* Setup the oplock IPC socket. */
5547 if(!open_oplock_ipc())
5553 exit_server("normal exit");