process incoming packets - main loop
Copyright (C) Andrew Tridgell 1992-1998
Copyright (C) Volker Lendecke 2005-2007
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
+#include "../lib/tsocket/tsocket.h"
+#include "system/filesys.h"
+#include "smbd/smbd.h"
#include "smbd/globals.h"
#include "librpc/gen_ndr/netlogon.h"
-#include "librpc/gen_ndr/messaging.h"
+#include "../lib/async_req/async_sock.h"
+#include "ctdbd_conn.h"
+#include "../lib/util/select.h"
+#include "printing/pcap.h"
+#include "system/select.h"
+#include "passdb.h"
+#include "auth.h"
+#include "messages.h"
+#include "smbprofile.h"
+#include "rpc_server/spoolss/srv_spoolss_nt.h"
+#include "libsmb/libsmb.h"
extern bool global_machine_password_needs_changing;
DEBUG(10,("pid[%d] wait for socket lock\n", (int)sys_getpid()));
- ok = fcntl_lock(sconn->smb1.echo_handler.socket_lock_fd,
+ do {
+ ok = fcntl_lock(
+ sconn->smb1.echo_handler.socket_lock_fd,
SMB_F_SETLKW, 0, 0, F_WRLCK);
+ } while (!ok && (errno == EINTR));
+
if (!ok) {
+ DEBUG(1, ("fcntl_lock failed: %s\n", strerror(errno)));
return false;
}
return true;
}
- ok = fcntl_lock(sconn->smb1.echo_handler.socket_lock_fd,
+ do {
+ ok = fcntl_lock(
+ sconn->smb1.echo_handler.socket_lock_fd,
SMB_F_SETLKW, 0, 0, F_UNLCK);
+ } while (!ok && (errno == EINTR));
+
if (!ok) {
+ DEBUG(1, ("fcntl_lock failed: %s\n", strerror(errno)));
return false;
}
* Try and give an error message saying what
* client failed.
*/
- DEBUG(0,("pid[%d] Error writing %d bytes to client %s. %d. (%s)\n",
+ DEBUG(1,("pid[%d] Error writing %d bytes to client %s. %d. (%s)\n",
(int)sys_getpid(), (int)len,
get_peer_addr(sconn->sock, addr, sizeof(addr)),
(int)ret, strerror(errno) ));
static NTSTATUS receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx,
const char lenbuf[4],
- int fd, char **buffer,
+ struct smbd_server_connection *sconn,
+ int sock,
+ char **buffer,
unsigned int timeout,
size_t *p_unread,
size_t *len_ret)
memcpy(writeX_header, lenbuf, 4);
status = read_fd_with_timeout(
- fd, writeX_header + 4,
+ sock, writeX_header + 4,
STANDARD_WRITE_AND_X_HEADER_SIZE,
STANDARD_WRITE_AND_X_HEADER_SIZE,
timeout, NULL);
if (!NT_STATUS_IS_OK(status)) {
- char addr[INET6_ADDRSTRLEN];
DEBUG(0, ("read_fd_with_timeout failed for client %s read "
"error = %s.\n",
- get_peer_addr(fd, addr, sizeof(addr)),
+ tsocket_address_string(sconn->remote_address,
+ talloc_tos()),
nt_errstr(status)));
return status;
}
* valid writeX call.
*/
- if (is_valid_writeX_buffer(smbd_server_conn,
- (uint8_t *)writeX_header)) {
+ if (is_valid_writeX_buffer(sconn, (uint8_t *)writeX_header)) {
/*
* If the data offset is beyond what
* we've read, drain the extra bytes.
if (doff > STANDARD_WRITE_AND_X_HEADER_SIZE) {
size_t drain = doff - STANDARD_WRITE_AND_X_HEADER_SIZE;
- if (drain_socket(fd, drain) != drain) {
+ if (drain_socket(sock, drain) != drain) {
smb_panic("receive_smb_raw_talloc_partial_read:"
" failed to drain pending bytes");
}
/* Copy the header we've written. */
- *buffer = (char *)TALLOC_MEMDUP(mem_ctx,
+ *buffer = (char *)talloc_memdup(mem_ctx,
writeX_header,
sizeof(writeX_header));
* talloc and return.
*/
- *buffer = TALLOC_ARRAY(mem_ctx, char, len+4);
+ *buffer = talloc_array(mem_ctx, char, len+4);
if (*buffer == NULL) {
DEBUG(0, ("Could not allocate inbuf of length %d\n",
if(toread > 0) {
status = read_packet_remainder(
- fd, (*buffer) + 4 + STANDARD_WRITE_AND_X_HEADER_SIZE,
+ sock,
+ (*buffer) + 4 + STANDARD_WRITE_AND_X_HEADER_SIZE,
timeout, toread);
if (!NT_STATUS_IS_OK(status)) {
return NT_STATUS_OK;
}
-static NTSTATUS receive_smb_raw_talloc(TALLOC_CTX *mem_ctx, int fd,
+static NTSTATUS receive_smb_raw_talloc(TALLOC_CTX *mem_ctx,
+ struct smbd_server_connection *sconn,
+ int sock,
char **buffer, unsigned int timeout,
size_t *p_unread, size_t *plen)
{
*p_unread = 0;
- status = read_smb_length_return_keepalive(fd, lenbuf, timeout, &len);
+ status = read_smb_length_return_keepalive(sock, lenbuf, timeout,
+ &len);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
if (CVAL(lenbuf,0) == 0 && min_recv_size &&
(smb_len_large(lenbuf) > /* Could be a UNIX large writeX. */
(min_recv_size + STANDARD_WRITE_AND_X_HEADER_SIZE)) &&
- !srv_is_signing_active(smbd_server_conn) &&
- smbd_server_conn->smb1.echo_handler.trusted_fde == NULL) {
+ !srv_is_signing_active(sconn) &&
+ sconn->smb1.echo_handler.trusted_fde == NULL) {
return receive_smb_raw_talloc_partial_read(
- mem_ctx, lenbuf, fd, buffer, timeout, p_unread, plen);
+ mem_ctx, lenbuf, sconn, sock, buffer, timeout,
+ p_unread, plen);
}
if (!valid_packet_size(len)) {
* The +4 here can't wrap, we've checked the length above already.
*/
- *buffer = TALLOC_ARRAY(mem_ctx, char, len+4);
+ *buffer = talloc_array(mem_ctx, char, len+4);
if (*buffer == NULL) {
DEBUG(0, ("Could not allocate inbuf of length %d\n",
memcpy(*buffer, lenbuf, sizeof(lenbuf));
- status = read_packet_remainder(fd, (*buffer)+4, timeout, len);
+ status = read_packet_remainder(sock, (*buffer)+4, timeout, len);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_OK;
}
-static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx, int fd,
+static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx,
+ struct smbd_server_connection *sconn,
+ int sock,
char **buffer, unsigned int timeout,
size_t *p_unread, bool *p_encrypted,
size_t *p_len,
*p_encrypted = false;
- status = receive_smb_raw_talloc(mem_ctx, fd, buffer, timeout,
+ status = receive_smb_raw_talloc(mem_ctx, sconn, sock, buffer, timeout,
p_unread, &len);
if (!NT_STATUS_IS_OK(status)) {
- char addr[INET6_ADDRSTRLEN];
- DEBUG(0, ("read_smb_length_return_keepalive failed for "
+ DEBUG(1, ("read_smb_length_return_keepalive failed for "
"client %s read error = %s.\n",
- get_peer_addr(fd, addr, sizeof(addr)),
+ tsocket_address_string(sconn->remote_address,
+ talloc_tos()),
nt_errstr(status)));
return status;
}
}
/* Check the incoming SMB signature. */
- if (!srv_check_sign_mac(smbd_server_conn, *buffer, seqnum, trusted_channel)) {
+ if (!srv_check_sign_mac(sconn, *buffer, seqnum, trusted_channel)) {
DEBUG(0, ("receive_smb: SMB Signature verification failed on "
"incoming packet!\n"));
return NT_STATUS_INVALID_NETWORK_RESPONSE;
req->vuid = SVAL(inbuf, smb_uid);
req->tid = SVAL(inbuf, smb_tid);
req->wct = CVAL(inbuf, smb_wct);
- req->vwv = (uint16_t *)(inbuf+smb_vwv);
+ req->vwv = discard_const_p(uint16_t, (inbuf+smb_vwv));
req->buflen = smb_buflen(inbuf);
- req->buf = (const uint8_t *)smb_buf(inbuf);
+ req->buf = (const uint8_t *)smb_buf_const(inbuf);
req->unread_bytes = unread_bytes;
req->encrypted = encrypted;
req->sconn = sconn;
return false;
}
/* Ensure bcc is correct. */
- if (((uint8 *)smb_buf(inbuf)) + req->buflen > inbuf + req_size) {
+ if (((const uint8_t *)smb_buf_const(inbuf)) + req->buflen > inbuf + req_size) {
DEBUG(0,("init_smb_request: invalid bcc number %u "
"(wct = %u, size %u)\n",
(unsigned int)req->buflen,
int msg_len = smb_len(req->inbuf) + 4;
struct pending_message_list *msg;
- msg = TALLOC_ZERO_P(NULL, struct pending_message_list);
+ msg = talloc_zero(NULL, struct pending_message_list);
if(msg == NULL) {
DEBUG(0,("push_message: malloc fail (1)\n"));
}
}
- msg->te = event_add_timed(smbd_event_context(),
+ msg->te = event_add_timed(server_event_context(),
msg,
end_time,
smbd_deferred_open_timer,
"scheduling mid %llu\n",
(unsigned long long)mid ));
- te = event_add_timed(smbd_event_context(),
+ te = event_add_timed(server_event_context(),
pml,
timeval_zero(),
smbd_deferred_open_timer,
private_data, priv_len);
}
-struct idle_event {
- struct timed_event *te;
- struct timeval interval;
- char *name;
- bool (*handler)(const struct timeval *now, void *private_data);
- void *private_data;
-};
-
-static void smbd_idle_event_handler(struct event_context *ctx,
- struct timed_event *te,
- struct timeval now,
- void *private_data)
-{
- struct idle_event *event =
- talloc_get_type_abort(private_data, struct idle_event);
-
- TALLOC_FREE(event->te);
-
- DEBUG(10,("smbd_idle_event_handler: %s %p called\n",
- event->name, event->te));
-
- if (!event->handler(&now, event->private_data)) {
- DEBUG(10,("smbd_idle_event_handler: %s %p stopped\n",
- event->name, event->te));
- /* Don't repeat, delete ourselves */
- TALLOC_FREE(event);
- return;
- }
-
- DEBUG(10,("smbd_idle_event_handler: %s %p rescheduled\n",
- event->name, event->te));
-
- event->te = event_add_timed(ctx, event,
- timeval_sum(&now, &event->interval),
- smbd_idle_event_handler, event);
-
- /* We can't do much but fail here. */
- SMB_ASSERT(event->te != NULL);
-}
-
-struct idle_event *event_add_idle(struct event_context *event_ctx,
- TALLOC_CTX *mem_ctx,
- struct timeval interval,
- const char *name,
- bool (*handler)(const struct timeval *now,
- void *private_data),
- void *private_data)
-{
- struct idle_event *result;
- struct timeval now = timeval_current();
-
- result = TALLOC_P(mem_ctx, struct idle_event);
- if (result == NULL) {
- DEBUG(0, ("talloc failed\n"));
- return NULL;
- }
-
- result->interval = interval;
- result->handler = handler;
- result->private_data = private_data;
-
- if (!(result->name = talloc_asprintf(result, "idle_evt(%s)", name))) {
- DEBUG(0, ("talloc failed\n"));
- TALLOC_FREE(result);
- return NULL;
- }
-
- result->te = event_add_timed(event_ctx, result,
- timeval_sum(&now, &interval),
- smbd_idle_event_handler, result);
- if (result->te == NULL) {
- DEBUG(0, ("event_add_timed failed\n"));
- TALLOC_FREE(result);
- return NULL;
- }
-
- DEBUG(10,("event_add_idle: %s %p\n", result->name, result->te));
- return result;
-}
-
static void smbd_sig_term_handler(struct tevent_context *ev,
struct tevent_signal *se,
int signum,
{
struct tevent_signal *se;
- se = tevent_add_signal(smbd_event_context(),
- smbd_event_context(),
+ se = tevent_add_signal(server_event_context(),
+ server_event_context(),
SIGTERM, 0,
smbd_sig_term_handler,
NULL);
change_to_root_user();
DEBUG(1,("Reloading services after SIGHUP\n"));
reload_services(msg_ctx, smbd_server_conn->sock, False);
+ if (am_parent) {
+ pcap_cache_reload(ev, msg_ctx, &reload_pcap_change_notify);
+ }
}
void smbd_setup_sig_hup_handler(struct tevent_context *ev,
static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection *conn)
{
- fd_set r_fds, w_fds;
- int selrtn;
- struct timeval to;
- int maxfd = 0;
-
- to.tv_sec = SMBD_SELECT_TIMEOUT;
- to.tv_usec = 0;
-
- /*
- * Setup the select fd sets.
- */
+ int timeout;
+ int num_pfds = 0;
+ int ret;
+ bool retry;
- FD_ZERO(&r_fds);
- FD_ZERO(&w_fds);
+ timeout = SMBD_SELECT_TIMEOUT * 1000;
/*
* Are there any timed events waiting ? If so, ensure we don't
* select for longer than it would take to wait for them.
*/
- {
- struct timeval now;
- GetTimeOfDay(&now);
-
- event_add_to_select_args(smbd_event_context(), &now,
- &r_fds, &w_fds, &to, &maxfd);
- }
+ event_add_to_poll_args(server_event_context(), conn,
+ &conn->pfds, &num_pfds, &timeout);
/* Process a signal and timed events now... */
- if (run_events(smbd_event_context(), 0, NULL, NULL)) {
+ if (run_events_poll(server_event_context(), 0, NULL, 0)) {
return NT_STATUS_RETRY;
}
int sav;
START_PROFILE(smbd_idle);
- selrtn = sys_select(maxfd+1,&r_fds,&w_fds,NULL,&to);
+ ret = sys_poll(conn->pfds, num_pfds, timeout);
sav = errno;
END_PROFILE(smbd_idle);
errno = sav;
}
- if ((conn->smb1.echo_handler.trusted_fd != -1)
- && FD_ISSET(conn->sock, &r_fds)
- && FD_ISSET(conn->smb1.echo_handler.trusted_fd, &r_fds)) {
- /*
- * Prefer to read pending requests from the echo handler. To
- * quote Jeremy (da70f8ab1): This is a hack of monstrous
- * proportions...
- */
- FD_CLR(conn->sock, &r_fds);
- }
-
- if (run_events(smbd_event_context(), selrtn, &r_fds, &w_fds)) {
- return NT_STATUS_RETRY;
+ if (ret == -1) {
+ if (errno == EINTR) {
+ return NT_STATUS_RETRY;
+ }
+ return map_nt_error_from_unix(errno);
}
- /* Check if error */
- if (selrtn == -1) {
- /* something is wrong. Maybe the socket is dead? */
- return map_nt_error_from_unix(errno);
+ retry = run_events_poll(server_event_context(), ret, conn->pfds,
+ num_pfds);
+ if (retry) {
+ return NT_STATUS_RETRY;
}
/* Did we timeout ? */
- if (selrtn == 0) {
+ if (ret == 0) {
return NT_STATUS_RETRY;
}
char *msg;
if (asprintf(&msg, "num_bytes too large: %u",
(unsigned)num_bytes) == -1) {
- msg = CONST_DISCARD(char *, "num_bytes too large");
+ msg = discard_const_p(char, "num_bytes too large");
}
smb_panic(msg);
}
- *outbuf = TALLOC_ARRAY(mem_ctx, char,
+ *outbuf = talloc_array(mem_ctx, char,
smb_size + num_words*2 + num_bytes);
if (*outbuf == NULL) {
return false;
void reply_outbuf(struct smb_request *req, uint8 num_words, uint32 num_bytes)
{
char *outbuf;
- if (!create_outbuf(req, req, (char *)req->inbuf, &outbuf, num_words,
+ if (!create_outbuf(req, req, (const char *)req->inbuf, &outbuf, num_words,
num_bytes)) {
smb_panic("could not allocate output buffer\n");
}
uint16 session_tag;
connection_struct *conn = NULL;
struct smbd_server_connection *sconn = req->sconn;
+ char *raddr;
errno = 0;
if (smb_messages[type].fn == NULL) {
DEBUG(0,("Unknown message type %d!\n",type));
- smb_dump("Unknown", 1, (char *)req->inbuf, size);
+ smb_dump("Unknown", 1, (const char *)req->inbuf, size);
reply_unknown_new(req, type);
return NULL;
}
DEBUG(3,("switch message %s (pid %d) conn 0x%lx\n", smb_fn_name(type),
(int)sys_getpid(), (unsigned long)conn));
- smb_dump(smb_fn_name(type), 1, (char *)req->inbuf, size);
+ smb_dump(smb_fn_name(type), 1, (const char *)req->inbuf, size);
/* Ensure this value is replaced in the incoming packet. */
- SSVAL(req->inbuf,smb_uid,session_tag);
+ SSVAL(discard_const_p(uint8_t, req->inbuf),smb_uid,session_tag);
/*
* Ensure the correct username is in current_user_info. This is a
vuser = get_valid_user_struct(sconn, session_tag);
if (vuser) {
set_current_user_info(
- vuser->server_info->sanitized_username,
- vuser->server_info->unix_name,
- vuser->server_info->info3->base.domain.string);
+ vuser->session_info->sanitized_username,
+ vuser->session_info->unix_name,
+ vuser->session_info->info3->base.domain.string);
}
}
}
conn->num_smb_operations++;
}
+ raddr = tsocket_address_inet_addr_string(sconn->remote_address,
+ talloc_tos());
+ if (raddr == NULL) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ return conn;
+ }
+
/* does this protocol need to be run as guest? */
if ((flags & AS_GUEST)
&& (!change_to_guest() ||
!allow_access(lp_hostsdeny(-1), lp_hostsallow(-1),
- sconn->client_id.name,
- sconn->client_id.addr))) {
+ sconn->remote_hostname,
+ raddr))) {
reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return conn;
}
Construct a reply to the incoming packet.
****************************************************************************/
-static void construct_reply(char *inbuf, int size, size_t unread_bytes,
+static void construct_reply(struct smbd_server_connection *sconn,
+ char *inbuf, int size, size_t unread_bytes,
uint32_t seqnum, bool encrypted,
struct smb_perfcount_data *deferred_pcd)
{
smb_panic("could not allocate smb_request");
}
- if (!init_smb_request(req, smbd_server_conn, (uint8 *)inbuf,
- unread_bytes, encrypted, seqnum)) {
+ if (!init_smb_request(req, sconn, (uint8 *)inbuf, unread_bytes,
+ encrypted, seqnum)) {
exit_server_cleanly("Invalid SMB request");
}
/****************************************************************************
Process an smb from the client
****************************************************************************/
-static void process_smb(struct smbd_server_connection *conn,
+static void process_smb(struct smbd_server_connection *sconn,
uint8_t *inbuf, size_t nread, size_t unread_bytes,
uint32_t seqnum, bool encrypted,
struct smb_perfcount_data *deferred_pcd)
DEBUG( 6, ( "got message type 0x%x of len 0x%x\n", msg_type,
smb_len(inbuf) ) );
DEBUG(3, ("Transaction %d of length %d (%u toread)\n",
- conn->trans_num, (int)nread, (unsigned int)unread_bytes));
+ sconn->trans_num, (int)nread, (unsigned int)unread_bytes));
- if (msg_type != 0) {
+ if (msg_type != NBSSmessage) {
/*
* NetBIOS session request, keepalive, etc.
*/
- reply_special(conn, (char *)inbuf);
+ reply_special(sconn, (char *)inbuf, nread);
goto done;
}
- if (smbd_server_conn->using_smb2) {
+ if (sconn->using_smb2) {
/* At this point we're not really using smb2,
* we make the decision here.. */
if (smbd_is_smb2_header(inbuf, nread)) {
- smbd_smb2_first_negprot(smbd_server_conn, inbuf, nread);
+ smbd_smb2_first_negprot(sconn, inbuf, nread);
return;
} else if (nread >= smb_size && valid_smb_header(inbuf)
&& CVAL(inbuf, smb_com) != 0x72) {
/* This is a non-negprot SMB1 packet.
Disable SMB2 from now on. */
- smbd_server_conn->using_smb2 = false;
+ sconn->using_smb2 = false;
}
}
show_msg((char *)inbuf);
- construct_reply((char *)inbuf,nread,unread_bytes,seqnum,encrypted,deferred_pcd);
- conn->trans_num++;
+ construct_reply(sconn, (char *)inbuf, nread, unread_bytes, seqnum,
+ encrypted, deferred_pcd);
+ sconn->trans_num++;
done:
- conn->smb1.num_requests++;
+ sconn->num_requests++;
/* The timeout_processing function isn't run nearly
often enough to implement 'max log size' without
level 10. Checking every 50 SMBs is a nice
tradeoff of performance vs log file size overrun. */
- if ((conn->smb1.num_requests % 50) == 0 &&
+ if ((sconn->num_requests % 50) == 0 &&
need_to_check_log_size()) {
change_to_root_user();
check_log_size();
void construct_reply_common_req(struct smb_request *req, char *outbuf)
{
- construct_reply_common(req, (char *)req->inbuf, outbuf);
+ construct_reply_common(req, (const char *)req->inbuf, outbuf);
}
/*
return false;
}
- outbuf = TALLOC_REALLOC_ARRAY(NULL, *poutbuf, uint8_t, new_size);
+ outbuf = talloc_realloc(NULL, *poutbuf, uint8_t, new_size);
if (outbuf == NULL) {
DEBUG(0, ("talloc failed\n"));
return false;
if (!find_andx_cmd_ofs(outbuf, &andx_cmd_ofs)) {
DEBUG(1, ("invalid command chain\n"));
- *poutbuf = TALLOC_REALLOC_ARRAY(
+ *poutbuf = talloc_realloc(
NULL, *poutbuf, uint8_t, old_size);
return false;
}
uint32_t chain_offset; /* uint32_t to avoid overflow */
uint8_t wct;
- uint16_t *vwv;
+ const uint16_t *vwv;
uint16_t buflen;
- uint8_t *buf;
+ const uint8_t *buf;
if (IVAL(req->outbuf, smb_rcls) != 0) {
fixup_chain_error_packet(req);
if ((req->wct < 2) || (CVAL(req->outbuf, smb_wct) < 2)) {
if (req->chain_outbuf == NULL) {
- req->chain_outbuf = TALLOC_REALLOC_ARRAY(
+ req->chain_outbuf = talloc_realloc(
req, req->outbuf, uint8_t,
smb_len(req->outbuf) + 4);
if (req->chain_outbuf == NULL) {
* over-allocated (reply_pipe_read_and_X used to be such an
* example).
*/
- req->chain_outbuf = TALLOC_REALLOC_ARRAY(
+ req->chain_outbuf = talloc_realloc(
req, req->outbuf, uint8_t, smb_len(req->outbuf) + 4);
if (req->chain_outbuf == NULL) {
smb_panic("talloc failed");
* Update smb headers where subsequent chained commands
* may have updated them.
*/
- SCVAL(req->chain_outbuf, smb_tid, CVAL(req->outbuf, smb_tid));
- SCVAL(req->chain_outbuf, smb_uid, CVAL(req->outbuf, smb_uid));
+ SSVAL(req->chain_outbuf, smb_tid, SVAL(req->outbuf, smb_tid));
+ SSVAL(req->chain_outbuf, smb_uid, SVAL(req->outbuf, smb_uid));
if (!smb_splice_chain(&req->chain_outbuf,
CVAL(req->outbuf, smb_com),
if (length_needed > smblen) {
goto error;
}
- vwv = (uint16_t *)(smb_base(req->inbuf) + chain_offset + 1);
+ vwv = (const uint16_t *)(smb_base(req->inbuf) + chain_offset + 1);
/*
* Now grab the new byte buffer....
if (length_needed > smblen) {
goto error;
}
- buf = (uint8_t *)(vwv+wct+1);
+ buf = (const uint8_t *)(vwv+wct+1);
req->cmd = chain_cmd;
req->wct = wct;
- req->vwv = vwv;
+ req->vwv = discard_const_p(uint16_t, vwv);
req->buflen = buflen;
req->buf = buf;
static void check_reload(struct smbd_server_connection *sconn, time_t t)
{
- time_t printcap_cache_time = (time_t)lp_printcap_cache_time();
- if(last_smb_conf_reload_time == 0) {
+ if (last_smb_conf_reload_time == 0) {
last_smb_conf_reload_time = t;
- /* Our printing subsystem might not be ready at smbd start up.
- Then no printer is available till the first printers check
- is performed. A lower initial interval circumvents this. */
- if ( printcap_cache_time > 60 )
- last_printer_reload_time = t - printcap_cache_time + 60;
- else
- last_printer_reload_time = t;
- }
-
- if (mypid != getpid()) { /* First time or fork happened meanwhile */
- /* randomize over 60 second the printcap reload to avoid all
- * process hitting cupsd at the same time */
- int time_range = 60;
-
- last_printer_reload_time += random() % time_range;
- mypid = getpid();
}
if (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK) {
reload_services(sconn->msg_ctx, sconn->sock, True);
last_smb_conf_reload_time = t;
}
-
- /* 'printcap cache time = 0' disable the feature */
-
- if ( printcap_cache_time != 0 )
- {
- /* see if it's time to reload or if the clock has been set back */
-
- if ( (t >= last_printer_reload_time+printcap_cache_time)
- || (t-last_printer_reload_time < 0) )
- {
- DEBUG( 3,( "Printcap cache time expired.\n"));
- reload_printers(sconn->msg_ctx);
- last_printer_reload_time = t;
- }
- }
}
static bool fd_is_readable(int fd)
{
- fd_set fds;
- struct timeval timeout = {0, };
- int ret;
+ int ret, revents;
- FD_ZERO(&fds);
- FD_SET(fd, &fds);
+ ret = poll_one_fd(fd, POLLIN|POLLHUP, 0, &revents);
+
+ return ((ret > 0) && ((revents & (POLLIN|POLLHUP|POLLERR)) != 0));
- ret = sys_select(fd+1, &fds, NULL, NULL, &timeout);
- if (ret == -1) {
- return false;
- }
- return FD_ISSET(fd, &fds);
}
-static void smbd_server_connection_write_handler(struct smbd_server_connection *conn)
+static void smbd_server_connection_write_handler(
+ struct smbd_server_connection *sconn)
{
/* TODO: make write nonblocking */
}
static void smbd_server_connection_read_handler(
- struct smbd_server_connection *conn, int fd)
+ struct smbd_server_connection *sconn, int fd)
{
uint8_t *inbuf = NULL;
size_t inbuf_len = 0;
NTSTATUS status;
uint32_t seqnum;
- bool from_client = (conn->sock == fd);
+ bool from_client = (sconn->sock == fd);
if (from_client) {
- smbd_lock_socket(conn);
+ smbd_lock_socket(sconn);
- if (!fd_is_readable(fd)) {
+ if (lp_async_smb_echo_handler() && !fd_is_readable(fd)) {
DEBUG(10,("the echo listener was faster\n"));
- smbd_unlock_socket(conn);
+ smbd_unlock_socket(sconn);
return;
}
/* TODO: make this completely nonblocking */
- status = receive_smb_talloc(mem_ctx, fd,
+ status = receive_smb_talloc(mem_ctx, sconn, fd,
(char **)(void *)&inbuf,
0, /* timeout */
&unread_bytes,
&encrypted,
&inbuf_len, &seqnum,
false /* trusted channel */);
- smbd_unlock_socket(conn);
+ smbd_unlock_socket(sconn);
} else {
/* TODO: make this completely nonblocking */
- status = receive_smb_talloc(mem_ctx, fd,
+ status = receive_smb_talloc(mem_ctx, sconn, fd,
(char **)(void *)&inbuf,
0, /* timeout */
&unread_bytes,
}
process:
- process_smb(conn, inbuf, inbuf_len, unread_bytes,
+ process_smb(sconn, inbuf, inbuf_len, unread_bytes,
seqnum, encrypted, NULL);
}
}
}
+#ifdef CLUSTER_SUPPORT
/****************************************************************************
received when we should release a specific IP
****************************************************************************/
p = addr + 7;
}
+ DEBUG(10, ("Got release IP message for %s, "
+ "our address is %s\n", ip, p));
+
if ((strcmp(p, ip) == 0) || ((p != addr) && strcmp(addr, ip) == 0)) {
/* we can't afford to do a clean exit - that involves
database writes, which would potentially mean we
}
}
-static void msg_release_ip(struct messaging_context *msg_ctx, void *private_data,
- uint32_t msg_type, struct server_id server_id, DATA_BLOB *data)
-{
- struct smbd_server_connection *sconn = talloc_get_type_abort(
- private_data, struct smbd_server_connection);
-
- release_ip((char *)data->data, sconn->client_id.addr);
-}
-
-#ifdef CLUSTER_SUPPORT
-static int client_get_tcp_info(struct sockaddr_storage *server,
+static int client_get_tcp_info(int sock, struct sockaddr_storage *server,
struct sockaddr_storage *client)
{
socklen_t length;
- if (server_fd == -1) {
- return -1;
- }
length = sizeof(*server);
- if (getsockname(server_fd, (struct sockaddr *)server, &length) != 0) {
+ if (getsockname(sock, (struct sockaddr *)server, &length) != 0) {
return -1;
}
length = sizeof(*client);
- if (getpeername(server_fd, (struct sockaddr *)client, &length) != 0) {
+ if (getpeername(sock, (struct sockaddr *)client, &length) != 0) {
return -1;
}
return 0;
struct smbd_server_connection *sconn =
(struct smbd_server_connection *)private_data;
- if (sconn->using_smb2) {
- /* TODO: implement real idle check */
- if (sconn->smb2.sessions.list) {
- return true;
- }
- DEBUG( 2, ( "Closing idle SMB2 connection\n" ) );
- messaging_send(sconn->msg_ctx, procid_self(),
- MSG_SHUTDOWN, &data_blob_null);
- return false;
- }
-
if ((conn_num_open(sconn) == 0)
|| (conn_idle_all(sconn, now->tv_sec))) {
- DEBUG( 2, ( "Closing idle SMB1 connection\n" ) );
- messaging_send(sconn->msg_ctx, procid_self(),
+ DEBUG( 2, ( "Closing idle connection\n" ) );
+ messaging_send(sconn->msg_ctx,
+ messaging_server_id(sconn->msg_ctx),
MSG_SHUTDOWN, &data_blob_null);
return False;
}
{
struct smbd_server_connection *sconn = talloc_get_type_abort(
private_data, struct smbd_server_connection);
+
+ DEBUG(5, ("housekeeping\n"));
+
change_to_root_user();
/* update printer queue caches if necessary */
update_monitored_printq_cache(sconn->msg_ctx);
/* check if we need to reload services */
- check_reload(sconn, time(NULL));
+ check_reload(sconn, time_mono(NULL));
/* Change machine password if neccessary. */
attempt_machine_password_change();
char *outbuf;
bool ok;
+ if ((inbuf_len == 4) && (CVAL(inbuf, 0) == NBSSkeepalive)) {
+ DEBUG(10, ("Got netbios keepalive\n"));
+ /*
+ * Just swallow it
+ */
+ return true;
+ }
+
if (inbuf_len < smb_size) {
DEBUG(10, ("Got short packet: %d bytes\n", (int)inbuf_len));
return false;
return false;
}
- if (!create_outbuf(talloc_tos(), &req, (char *)req.inbuf, &outbuf,
+ if (!create_outbuf(talloc_tos(), &req, (const char *)req.inbuf, &outbuf,
1, req.buflen)) {
DEBUG(10, ("create_outbuf failed\n"));
return false;
size_t unread, num_pending;
NTSTATUS status;
struct iovec *tmp;
+ size_t iov_len;
uint32_t seqnum = 0;
bool reply;
bool ok;
DEBUG(10,("echo_handler[%d]: reading pdu\n", (int)sys_getpid()));
- status = receive_smb_talloc(state->pending, sconn->sock,
+ status = receive_smb_talloc(state->pending, sconn, sconn->sock,
(char **)(void *)&state->pending[num_pending].iov_base,
0 /* timeout */,
&unread,
&encrypted,
- &state->pending[num_pending].iov_len,
+ &iov_len,
&seqnum,
false /* trusted_channel*/);
if (!NT_STATUS_IS_OK(status)) {
(int)sys_getpid(), nt_errstr(status)));
exit(1);
}
+ state->pending[num_pending].iov_len = iov_len;
ok = smbd_unlock_socket_internal(sconn);
if (!ok) {
exit(1);
}
- /*
- * place the seqnum in the packet so that the main process can reply
- * with signing
- */
- SIVAL((uint8_t *)state->pending[num_pending].iov_base, smb_ss_field, seqnum);
- SIVAL((uint8_t *)state->pending[num_pending].iov_base, smb_ss_field+4, NT_STATUS_V(NT_STATUS_OK));
-
reply = smbd_echo_reply((uint8_t *)state->pending[num_pending].iov_base,
state->pending[num_pending].iov_len,
seqnum);
state->pending = talloc_realloc(state, state->pending,
struct iovec,
num_pending);
- } else {
- DEBUG(10,("echo_handler[%d]: forward to main\n", (int)sys_getpid()));
- smbd_echo_activate_writer(state);
+ return;
}
+
+ if (state->pending[num_pending].iov_len >= smb_size) {
+ /*
+ * place the seqnum in the packet so that the main process
+ * can reply with signing
+ */
+ SIVAL((uint8_t *)state->pending[num_pending].iov_base,
+ smb_ss_field, seqnum);
+ SIVAL((uint8_t *)state->pending[num_pending].iov_base,
+ smb_ss_field+4, NT_STATUS_V(NT_STATUS_OK));
+ }
+
+ DEBUG(10,("echo_handler[%d]: forward to main\n", (int)sys_getpid()));
+ smbd_echo_activate_writer(state);
}
static void smbd_echo_loop(struct smbd_server_connection *sconn,
/*
* Handle SMBecho requests in a forked child process
*/
-static bool fork_echo_handler(struct smbd_server_connection *sconn)
+bool fork_echo_handler(struct smbd_server_connection *sconn)
{
int listener_pipe[2];
int res;
NTSTATUS status;
close(listener_pipe[0]);
+ set_blocking(listener_pipe[1], false);
status = reinit_after_fork(sconn->msg_ctx,
- smbd_event_context(),
+ server_event_context(),
procid_self(), false);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(1, ("reinit_after_fork failed: %s\n",
* Without smb signing this is the same as the normal smbd
* listener. This needs to change once signing comes in.
*/
- sconn->smb1.echo_handler.trusted_fde = event_add_fd(smbd_event_context(),
+ sconn->smb1.echo_handler.trusted_fde = event_add_fd(server_event_context(),
sconn,
sconn->smb1.echo_handler.trusted_fd,
EVENT_FD_READ,
struct tsocket_address *local_address = NULL;
struct tsocket_address *remote_address = NULL;
const char *remaddr = NULL;
+ char *rhost;
int ret;
- if (lp_maxprotocol() == PROTOCOL_SMB2 &&
- lp_security() != SEC_SHARE &&
- !lp_async_smb_echo_handler()) {
+ if (lp_maxprotocol() >= PROTOCOL_SMB2_02) {
/*
- * We're not making the desion here,
+ * We're not making the decision here,
* we're just allowing the client
* to decide between SMB1 and SMB2
* with the first negprot
sconn->remote_address,
talloc_tos());
if (remaddr == NULL) {
-
+ DEBUG(0,("%s: tsocket_address_inet_addr_string remote failed - %s\n",
+ __location__, strerror(errno)));
+ exit_server_cleanly("tsocket_address_inet_addr_string remote failed.\n");
}
} else {
remaddr = "0.0.0.0";
* the hosts allow list.
*/
+ ret = get_remote_hostname(remote_address,
+ &rhost,
+ talloc_tos());
+ if (ret < 0) {
+ DEBUG(0,("%s: get_remote_hostname failed - %s\n",
+ __location__, strerror(errno)));
+ exit_server_cleanly("get_remote_hostname failed.\n");
+ }
+ if (strequal(rhost, "UNKNOWN")) {
+ rhost = talloc_strdup(talloc_tos(), remaddr);
+ }
+ sconn->remote_hostname = talloc_move(sconn, &rhost);
+
if (!allow_access(lp_hostsdeny(-1), lp_hostsallow(-1),
- sconn->client_id.name,
- sconn->client_id.addr)) {
+ sconn->remote_hostname,
+ remaddr)) {
/*
* send a negative session response "not listening on calling
* name"
exit_server("Failed to init smb_signing");
}
- if (lp_async_smb_echo_handler() && !fork_echo_handler(sconn)) {
- exit_server("Failed to fork echo handler");
- }
-
/* Setup oplocks */
if (!init_oplocks(sconn->msg_ctx))
exit_server("Failed to init oplocks");
/* register our message handlers */
messaging_register(sconn->msg_ctx, NULL,
MSG_SMB_FORCE_TDIS, msg_force_tdis);
- messaging_register(sconn->msg_ctx, sconn,
- MSG_SMB_RELEASE_IP, msg_release_ip);
messaging_register(sconn->msg_ctx, NULL,
MSG_SMB_CLOSE_FILE, msg_close_file);
MSG_DEBUG, debug_message);
if ((lp_keepalive() != 0)
- && !(event_add_idle(smbd_event_context(), NULL,
+ && !(event_add_idle(server_event_context(), NULL,
timeval_set(lp_keepalive(), 0),
"keepalive", keepalive_fn,
NULL))) {
exit(1);
}
- if (!(event_add_idle(smbd_event_context(), NULL,
+ if (!(event_add_idle(server_event_context(), NULL,
timeval_set(IDLE_CLOSED_TIMEOUT, 0),
"deadtime", deadtime_fn, sconn))) {
DEBUG(0, ("Could not add deadtime event\n"));
exit(1);
}
- if (!(event_add_idle(smbd_event_context(), NULL,
- timeval_set(SMBD_SELECT_TIMEOUT, 0),
+ if (!(event_add_idle(server_event_context(), NULL,
+ timeval_set(SMBD_HOUSEKEEPING_INTERVAL, 0),
"housekeeping", housekeeping_fn, sconn))) {
DEBUG(0, ("Could not add housekeeping event\n"));
exit(1);
struct sockaddr_storage srv, clnt;
- if (client_get_tcp_info(&srv, &clnt) == 0) {
+ if (client_get_tcp_info(sconn->sock, &srv, &clnt) == 0) {
NTSTATUS status;
status = smbd_register_ips(sconn, &srv, &clnt);
if (!NT_STATUS_IS_OK(status)) {
exit_server("init_dptrs() failed");
}
- sconn->smb1.fde = event_add_fd(smbd_event_context(),
+ sconn->smb1.fde = event_add_fd(server_event_context(),
sconn,
sconn->sock,
EVENT_FD_READ,
bool req_is_in_chain(struct smb_request *req)
{
- if (req->vwv != (uint16_t *)(req->inbuf+smb_vwv)) {
+ if (req->vwv != (const uint16_t *)(req->inbuf+smb_vwv)) {
/*
* We're right now handling a subsequent request, so we must
* be in a chain