Unix SMB/Netbios implementation.
Version 1.9.
Main SMB server routines
- Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Andrew Tridgell 1992-1998
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
extern pstring user_socket_options;
+#ifdef DFS_AUTH
+extern int dcelogin_atmost_once;
+#endif /* DFS_AUTH */
+
connection_struct Connections[MAX_CONNECTIONS];
files_struct Files[MAX_OPEN_FILES];
extern pstring OriginalDir;
/* these can be set by some functions to override the error codes */
-int unix_ERR_class=SUCCESS;
+int unix_ERR_class=SMB_SUCCESS;
int unix_ERR_code=0;
return(True);
}
-#if 0
- /*
- * This code I believe is incorrect - and commenting it out
- * is the correct fix for the bug mentioned below in the
- * comment 'name2 here was changed to dname - since 1.9.16p2 - not sure of reason (jra)'.
+ /*
* The incoming name can be mangled, and if we de-mangle it
* here it will not compare correctly against the filename (name2)
* read from the directory and then mangled by the name_map_mangle()
* (JRA).
*/
if (mangled)
- check_mangled_stack(name);
-#endif
+ mangled = !check_mangled_cache( name );
/* open the directory */
if (!(cur_dir = OpenDir(cnum, path, True)))
if (!name_map_mangle(name2,False,SNUM(cnum))) continue;
if ((mangled && mangled_equal(name,name2))
- || fname_equal(name, name2)) /* name2 here was changed to dname - since 1.9.16p2 - not sure of reason (jra) */
+ || fname_equal(name, name2))
{
/* we've found the file, change it's name and return */
if (docache) DirCacheAdd(path,name,dname,SNUM(cnum));
/* check on the mangled stack to see if we can recover the
base of the filename */
if (is_mangled(start))
- check_mangled_stack(start);
+ check_mangled_cache( start );
DEBUG(5,("New file %s\n",start));
return(True);
fd support routines - attempt to find a empty slot in the FileFd array.
Increments the ref_count of the returned entry.
****************************************************************************/
-static file_fd_struct *fd_get_new()
+static file_fd_struct *fd_get_new(void)
{
int i;
file_fd_struct *fd_ptr;
struct stat statbuf;
file_fd_struct *fd_ptr;
files_struct *fsp = &Files[fnum];
+ int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
fsp->open = False;
fsp->fd_ptr = 0;
pstrcpy(fname,fname1);
/* check permissions */
- if ((flags != O_RDONLY) && !CAN_WRITE(cnum) && !Connections[cnum].printer)
- {
+
+ /*
+ * This code was changed after seeing a client open request
+ * containing the open mode of (DENY_WRITE/read-only) with
+ * the 'create if not exist' bit set. The previous code
+ * would fail to open the file read only on a read-only share
+ * as it was checking the flags parameter directly against O_RDONLY,
+ * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
+ * JRA.
+ */
+
+ if (!CAN_WRITE(cnum) && !Connections[cnum].printer) {
+ /* It's a read-only share - fail if we wanted to write. */
+ if(accmode != O_RDONLY) {
DEBUG(3,("Permission denied opening %s\n",fname));
check_for_pipe(fname);
return;
}
+ else if(flags & O_CREAT) {
+ /* We don't want to write - but we must make sure that O_CREAT
+ doesn't create the file if we have write access into the
+ directory.
+ */
+ flags &= ~O_CREAT;
+ }
+ }
/* this handles a bug in Win95 - it doesn't say to create the file when it
should */
*/
if((fd_ptr = fd_get_already_open(sbuf))!= 0) {
- int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
-
/* File was already open. */
if((flags & O_CREAT) && (flags & O_EXCL)) {
fd_ptr->ref_count--;
Connections[cnum].num_files_open++;
fsp->mode = sbuf->st_mode;
GetTimeOfDay(&fsp->open_time);
- fsp->uid = current_user.id;
+ fsp->vuid = current_user.vuid;
fsp->size = 0;
fsp->pos = -1;
fsp->open = True;
uint32 inode = fs_p->fd_ptr->inode;
int token;
+ Files[fnum].reserved = False;
+
#if USE_READ_PREDICTION
invalidate_read_prediction(fs_p->fd_ptr->fd);
#endif
DEBUG(2,("%s %s closed file %s (numopen=%d)\n",
timestring(),Connections[cnum].user,fs_p->name,
Connections[cnum].num_files_open));
+
+ if (fs_p->name) {
+ string_free(&fs_p->name);
+ }
+
+ /* we will catch bugs faster by zeroing this structure */
+ memset(fs_p, 0, sizeof(*fs_p));
}
enum {AFAIL,AREAD,AWRITE,AALL};
check if the share mode on a file allows it to be deleted or unlinked
return True if sharing doesn't prevent the operation
********************************************************************/
-BOOL check_file_sharing(int cnum,char *fname)
+BOOL check_file_sharing(int cnum,char *fname, BOOL rename_op)
{
int i;
int ret = False;
if(share_entry->op_type & BATCH_OPLOCK)
{
- DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
+ /*
+ * It appears that the NT redirector may have a bug, in that
+ * it tries to do an SMBmv on a file that it has open with a
+ * batch oplock, and then fails to respond to the oplock break
+ * request. This only seems to occur when the client is doing an
+ * SMBmv to the smbd it is using - thus we try and detect this
+ * condition by checking if the file being moved is open and oplocked by
+ * this smbd process, and then not sending the oplock break in this
+ * special case. If the file was open with a deny mode that
+ * prevents the move the SMBmv will fail anyway with a share
+ * violation error. JRA.
+ */
+ if(rename_op && (share_entry->pid == pid))
+ {
+ DEBUG(0,("check_file_sharing: NT redirector workaround - rename attempted on \
+batch oplocked file %s, dev = %x, inode = %x\n", fname, dev, inode));
+ /*
+ * This next line is a test that allows the deny-mode
+ * processing to be skipped. This seems to be needed as
+ * NT insists on the rename succeeding (in Office 9x no less !).
+ * This should be removed as soon as (a) MS fix the redirector
+ * bug or (b) NT SMB support in Samba makes NT not issue the
+ * call (as is my fervent hope). JRA.
+ */
+ continue;
+ }
+ else
+ {
+ DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
- /* Oplock break.... */
- unlock_share_entry(cnum, dev, inode, token);
- if(request_oplock_break(share_entry, dev, inode) == False)
- {
- free((char *)old_shares);
- DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
+ /* Oplock break.... */
+ unlock_share_entry(cnum, dev, inode, token);
+ if(request_oplock_break(share_entry, dev, inode) == False)
+ {
+ free((char *)old_shares);
+ DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
- return False;
+ return False;
+ }
+ lock_share_entry(cnum, dev, inode, &token);
+ broke_oplock = True;
+ break;
}
- lock_share_entry(cnum, dev, inode, &token);
- broke_oplock = True;
- break;
}
/* someone else has a share lock on it, check to see
{
unix_ERR_class = ERRDOS;
/* OS/2 Workplace shell fix may be main code stream in a later release. */
-#ifdef OS2_WPS_FIX
+#if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
unix_ERR_code = ERRcannotopen;
#else /* OS2_WPS_FIX */
unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
flags = O_RDONLY;
break;
}
+
+ if (share_mode&(1<<14)) {
+ flags2 |= O_SYNC;
+ }
if (flags != O_RDONLY && file_existed &&
(!CAN_WRITE(cnum) || IS_DOS_READONLY(dos_mode(cnum,fname,&sbuf))))
#if USE_MMAP
if (Files[fnum].mmap_ptr)
{
- int num = MIN(n,(int)(Files[fnum].mmap_size-pos));
+ int num = (Files[fnum].mmap_size > pos) ? (Files[fnum].mmap_size - pos) : -1;
+ num = MIN(n,num);
if (num > 0)
{
memcpy(data,Files[fnum].mmap_ptr+pos,num);
/* just possibly it's a default service? */
if (iService < 0)
{
- char *defservice = lp_defaultservice();
- if (defservice && *defservice && !strequal(defservice,service)) {
+ char *pdefservice = lp_defaultservice();
+ if (pdefservice && *pdefservice && !strequal(pdefservice,service)) {
+ /*
+ * We need to do a local copy here as lp_defaultservice()
+ * returns one of the rotating lp_string buffers that
+ * could get overwritten by the recursive find_service() call
+ * below. Fix from Josef Hinteregger <joehtg@joehtg.co.at>.
+ */
+ pstring defservice;
+ pstrcpy(defservice, pdefservice);
iService = find_service(defservice);
if (iService >= 0) {
string_sub(service,"_","/");
int ecode=def_code;
int i=0;
- if (unix_ERR_class != SUCCESS)
+ if (unix_ERR_class != SMB_SUCCESS)
{
eclass = unix_ERR_class;
ecode = unix_ERR_code;
- unix_ERR_class = SUCCESS;
+ unix_ERR_class = SMB_SUCCESS;
unix_ERR_code = 0;
}
else
int error_packet(char *inbuf,char *outbuf,int error_class,uint32 error_code,int line)
{
int outsize = set_message(outbuf,0,0,True);
- int cmd;
- cmd = CVAL(inbuf,smb_com);
-
- CVAL(outbuf,smb_rcls) = error_class;
- SSVAL(outbuf,smb_err,error_code);
-
- DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
+ int cmd = CVAL(inbuf,smb_com);
+ int flgs2 = SVAL(outbuf,smb_flg2);
+
+ if ((flgs2 & FLAGS2_32_BIT_ERROR_CODES) == FLAGS2_32_BIT_ERROR_CODES)
+ {
+ SIVAL(outbuf,smb_rcls,error_code);
+
+ DEBUG(3,("%s 32 bit error packet at line %d cmd=%d (%s) eclass=%08x [%s]\n",
+ timestring(), line, cmd, smb_fn_name(cmd), error_code, smb_errstr(outbuf)));
+ }
+ else
+ {
+ CVAL(outbuf,smb_rcls) = error_class;
+ SSVAL(outbuf,smb_err,error_code);
+ DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
timestring(),
line,
(int)CVAL(inbuf,smb_com),
error_class,
error_code));
+ }
+
if (errno != 0)
DEBUG(3,("error string = %s\n",strerror(errno)));
/****************************************************************************
this prevents zombie child processes
****************************************************************************/
-static int sig_cld()
+static int sig_cld(void)
{
static int depth = 0;
if (depth != 0)
/****************************************************************************
this is called when the client exits abruptly
**************************************************************************/
-static int sig_pipe()
+static int sig_pipe(void)
{
struct cli_state *cli;
BlockSignals(True,SIGPIPE);
return True;
}
close(Client); /* The parent doesn't need this socket */
-#endif /NO_FORK_DEBUG */
+#endif /* NO_FORK_DEBUG */
} /* end for num */
} /* end while 1 */
} /* end if is_daemon */
name" */
static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
DEBUG(1,("%s Connection denied from %s\n",
- timestring(),client_addr()));
+ timestring(),client_addr(Client)));
send_smb(Client,(char *)buf);
exit_server("connection denied");
}
if (msg_type == 0)
show_msg(inbuf);
+ else if(msg_type == 0x85)
+ return; /* Keepalive packet. */
nread = construct_reply(inbuf,outbuf,nread,max_send);
/****************************************************************************
open the oplock IPC socket communication
****************************************************************************/
-static BOOL open_oplock_ipc()
+static BOOL open_oplock_ipc(void)
{
struct sockaddr_in sock_name;
int len = sizeof(sock_name);
BOOL oplock_break(uint32 dev, uint32 inode, struct timeval *tval)
{
extern int Client;
- static char *inbuf = NULL;
- static char *outbuf = NULL;
+ char *inbuf = NULL;
+ char *outbuf = NULL;
files_struct *fsp = NULL;
int fnum;
time_t start_time;
shutdown_server = True;
break;
}
+
+ /*
+ * There are certain SMB requests that we shouldn't allow
+ * to recurse. opens, renames and deletes are the obvious
+ * ones. This is handled in the switch_message() function.
+ * If global_oplock_break is set they will push the packet onto
+ * the pending smb queue and return -1 (no reply).
+ * JRA.
+ */
+
process_smb(inbuf, outbuf);
/*
char op_break_msg[OPLOCK_BREAK_MSG_LEN];
struct sockaddr_in addr_out;
int pid = getpid();
+ time_t start_time;
+ int time_left;
if(pid == share_entry->pid)
{
* While we get messages that aren't ours, loop.
*/
- while(1)
+ start_time = time(NULL);
+ time_left = OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR;
+
+ while(time_left >= 0)
{
char op_break_reply[UDP_CMD_HEADER_LEN+OPLOCK_BREAK_MSG_LEN];
int32 reply_msg_len;
char *reply_msg_start;
if(receive_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply),
- (OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR) * 1000) == False)
+ time_left ? time_left * 1000 : 1) == False)
{
if(smb_read_error == READ_TIMEOUT)
{
return False;
}
- /*
- * If the response we got was not an answer to our message, but
- * was a completely different request, push it onto the pending
- * udp message stack so that we can deal with it in the main loop.
- * It may be another oplock break request to us.
- */
-
- /*
- * Local note from JRA. There exists the possibility of a denial
- * of service attack here by allowing non-root processes running
- * on a local machine sending many of these pending messages to
- * a smbd port. Currently I'm not sure how to restrict the messages
- * I will queue (although I could add a limit to the queue) to
- * those received by root processes only. There should be a
- * way to make this bulletproof....
- */
-
reply_msg_len = IVAL(op_break_reply,UDP_CMD_LEN_OFFSET);
reply_from_port = SVAL(op_break_reply,UDP_CMD_PORT_OFFSET);
continue;
}
- if(((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) == 0) ||
- (reply_from_port != share_entry->op_port) ||
+ /*
+ * Test to see if this is the reply we are awaiting.
+ */
+
+ if((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) &&
+ (reply_from_port == share_entry->op_port) &&
(memcmp(&reply_msg_start[OPLOCK_BREAK_PID_OFFSET],
&op_break_msg[OPLOCK_BREAK_PID_OFFSET],
- OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) != 0))
+ OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) == 0))
{
- DEBUG(3,("%s request_oplock_break: received other message whilst awaiting \
-oplock break response from pid %d on port %d for dev = %x, inode = %x.\n",
- timestring(), share_entry->pid, share_entry->op_port, dev, inode));
- if(push_local_message(op_break_reply, sizeof(op_break_reply)) == False)
- return False;
- continue;
+ /*
+ * This is the reply we've been waiting for.
+ */
+ break;
}
+ else
+ {
+ /*
+ * This is another message - probably a break request.
+ * Process it to prevent potential deadlock.
+ * Note that the code in switch_message() prevents
+ * us from recursing into here as any SMB requests
+ * we might process that would cause another oplock
+ * break request to be made will be queued.
+ * JRA.
+ */
- break;
+ process_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply));
+ }
+
+ time_left -= (time(NULL) - start_time);
}
DEBUG(3,("%s request_oplock_break: broke oplock.\n", timestring()));
process_local_message(oplock_sock, inbuf, bufsize);
continue;
}
+
+ if(ret && (CVAL(inbuf,0) == 0x85))
+ {
+ /* Keepalive packet. */
+ got_smb = False;
+ }
+
}
while(ret && !got_smb);
lp_killunused(snum_used);
- ret = lp_load(servicesf,False);
+ ret = lp_load(servicesf,False,False,True);
/* perhaps the config filename is now set */
if (!test)
}
}
- reset_mangled_stack( lp_mangledstack() );
+ reset_mangled_cache();
/* this forces service parameters to be flushed */
become_service(-1,True);
/****************************************************************************
this prevents zombie child processes
****************************************************************************/
-static int sig_hup()
+static int sig_hup(void)
{
BlockSignals(True,SIGHUP);
DEBUG(0,("Got SIGHUP\n"));
return(0);
}
-/****************************************************************************
-Setup the groups a user belongs to.
-****************************************************************************/
-int setup_groups(char *user, int uid, int gid, int *p_ngroups,
- int **p_igroups, gid_t **p_groups,
- int **p_attrs)
-{
- if (-1 == initgroups(user,gid))
- {
- if (getuid() == 0)
- {
- DEBUG(0,("Unable to initgroups!\n"));
- if (gid < 0 || gid > 16000 || uid < 0 || uid > 16000)
- DEBUG(0,("This is probably a problem with the account %s\n",user));
- }
- }
- else
- {
- int i,ngroups;
- int *igroups;
- int *attrs;
- gid_t grp = 0;
- ngroups = getgroups(0,&grp);
- if (ngroups <= 0)
- ngroups = 32;
- igroups = (int *)malloc(sizeof(int)*ngroups);
- attrs = (int *)malloc(sizeof(int)*ngroups);
- for (i=0;i<ngroups;i++)
- {
- attrs [i] = 0x7; /* XXXX don't know what NT user attributes are yet! */
- igroups[i] = 0x42424242;
- }
- ngroups = getgroups(ngroups,(gid_t *)igroups);
-
- if (igroups[0] == 0x42424242)
- ngroups = 0;
-
- *p_ngroups = ngroups;
- *p_attrs = attrs;
-
- /* The following bit of code is very strange. It is due to the
- fact that some OSes use int* and some use gid_t* for
- getgroups, and some (like SunOS) use both, one in prototypes,
- and one in man pages and the actual code. Thus we detect it
- dynamically using some very ugly code */
- if (ngroups > 0)
- {
- /* does getgroups return ints or gid_t ?? */
- static BOOL groups_use_ints = True;
-
- if (groups_use_ints &&
- ngroups == 1 &&
- SVAL(igroups,2) == 0x4242)
- groups_use_ints = False;
-
- for (i=0;groups_use_ints && i<ngroups;i++)
- if (igroups[i] == 0x42424242)
- groups_use_ints = False;
-
- if (groups_use_ints)
- {
- *p_igroups = igroups;
- *p_groups = (gid_t *)igroups;
- }
- else
- {
- gid_t *groups = (gid_t *)igroups;
- igroups = (int *)malloc(sizeof(int)*ngroups);
- for (i=0;i<ngroups;i++)
- {
- igroups[i] = groups[i];
- }
- *p_igroups = igroups;
- *p_groups = (gid_t *)groups;
- }
- }
- DEBUG(3,("%s is in %d groups\n",user,ngroups));
- for (i=0;i<ngroups;i++)
- DEBUG(3,("%d ",igroups[i]));
- DEBUG(3,("\n"));
- }
- return 0;
-}
/****************************************************************************
make a connection to a service
connection_struct *pcon;
BOOL guest = False;
BOOL force = False;
- static BOOL first_connection = True;
strlower(service);
snum = find_service(service);
if (snum < 0)
{
+ extern int Client;
if (strequal(service,"IPC$"))
{
DEBUG(3,("%s refusing IPC connection\n",timestring()));
return(-3);
}
- DEBUG(0,("%s couldn't find service %s\n",timestring(),service));
+ DEBUG(0,("%s %s (%s) couldn't find service %s\n",timestring(),remote_machine,client_addr(Client),service));
return(-2);
}
if (*user && Get_Pwnam(user,True))
return(make_connection(user,user,password,pwlen,dev,vuid));
- if (validated_username(vuid))
- {
- strcpy(user,validated_username(vuid));
- return(make_connection(user,user,password,pwlen,dev,vuid));
- }
+ if(lp_security() != SEC_SHARE)
+ {
+ if (validated_username(vuid))
+ {
+ strcpy(user,validated_username(vuid));
+ return(make_connection(user,user,password,pwlen,dev,vuid));
+ }
+ }
+ else
+ {
+ /*
+ * Security = share. Try with sesssetup_user as the username.
+ */
+ if(*sesssetup_user)
+ {
+ strcpy(user,sesssetup_user);
+ return(make_connection(user,user,password,pwlen,dev,vuid));
+ }
+ }
}
if (!lp_snum_ok(snum) || !check_access(snum)) {
}
if (lp_status(SNUM(cnum)))
- claim_connection(cnum,"STATUS.",MAXSTATUS,first_connection);
-
- first_connection = False;
+ claim_connection(cnum,"STATUS.",MAXSTATUS,False);
} /* IS_IPC */
pcon->open = True;
}
{
+ extern int Client;
DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
timestring(),
remote_machine,
- client_addr(),
+ client_addr(Client),
lp_servicename(SNUM(cnum)),user,
pcon->uid,
pcon->gid,
return(cnum);
}
+/****************************************************************************
+ Attempt to break an oplock on a file (if oplocked).
+ Returns True if the file was closed as a result of
+ the oplock break, False otherwise.
+ Used as a last ditch attempt to free a space in the
+ file table when we have run out.
+****************************************************************************/
+
+static BOOL attempt_close_oplocked_file(files_struct *fp)
+{
+
+ DEBUG(5,("attempt_close_oplocked_file: checking file %s.\n", fp->name));
+
+ if (fp->open && fp->granted_oplock && !fp->sent_oplock_break) {
+
+ /* Try and break the oplock. */
+ file_fd_struct *fsp = fp->fd_ptr;
+ if(oplock_break( fsp->dev, fsp->inode, &fp->open_time)) {
+ if(!fp->open) /* Did the oplock break close the file ? */
+ return True;
+ }
+ }
+
+ return False;
+}
/****************************************************************************
find first available file slot
****************************************************************************/
int find_free_file(void )
{
- int i;
- /* returning a file handle of 0 is a bad idea - so we start at 1 */
- for (i=1;i<MAX_OPEN_FILES;i++)
- if (!Files[i].open) {
- /* paranoia */
- memset(&Files[i], 0, sizeof(Files[i]));
- return(i);
- }
- DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
- return(-1);
+ int i;
+ static int first_file;
+
+ /* we want to give out file handles differently on each new
+ connection because of a common bug in MS clients where they try to
+ reuse a file descriptor from an earlier smb connection. This code
+ increases the chance that the errant client will get an error rather
+ than causing corruption */
+ if (first_file == 0) {
+ first_file = (getpid() ^ (int)time(NULL)) % MAX_OPEN_FILES;
+ if (first_file == 0) first_file = 1;
+ }
+
+ if (first_file >= MAX_OPEN_FILES)
+ first_file = 1;
+
+ for (i=first_file;i<MAX_OPEN_FILES;i++)
+ if (!Files[i].open && !Files[i].reserved) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+
+ /* returning a file handle of 0 is a bad idea - so we start at 1 */
+ for (i=1;i<first_file;i++)
+ if (!Files[i].open && !Files[i].reserved) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+
+ /*
+ * Before we give up, go through the open files
+ * and see if there are any files opened with a
+ * batch oplock. If so break the oplock and then
+ * re-use that entry (if it becomes closed).
+ * This may help as NT/95 clients tend to keep
+ * files batch oplocked for quite a long time
+ * after they have finished with them.
+ */
+ for (i=first_file;i<MAX_OPEN_FILES;i++) {
+ if(attempt_close_oplocked_file( &Files[i])) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+ }
+
+ for (i=1;i<MAX_OPEN_FILES;i++) {
+ if(attempt_close_oplocked_file( &Files[i])) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+ }
+
+ DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
+ return(-1);
}
/****************************************************************************
int reply_nt1(char *outbuf)
{
/* dual names + lock_and_read + nt SMBs + remote API calls */
- int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ;
+ int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|CAP_RPC_REMOTE_APIS;
/*
other valid capabilities which we may support at some time...
CAP_LARGE_FILES|CAP_NT_SMBS|CAP_RPC_REMOTE_APIS;
SSVAL(outbuf,smb_vwv1+1,lp_maxmux()); /* maxmpx */
SSVAL(outbuf,smb_vwv2+1,1); /* num vcs */
SIVAL(outbuf,smb_vwv3+1,0xffff); /* max buffer. LOTS! */
- SIVAL(outbuf,smb_vwv5+1,0xffff); /* raw size. LOTS! */
+ SIVAL(outbuf,smb_vwv5+1,0x10000); /* raw size. full 64k */
SIVAL(outbuf,smb_vwv7+1,getpid()); /* session key */
SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
put_long_date(outbuf+smb_vwv11+1,t);
/****************************************************************************
reply to a negprot
****************************************************************************/
-static int reply_negprot(char *inbuf,char *outbuf)
+static int reply_negprot(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
int outsize = set_message(outbuf,1,0,True);
int Index=0;
****************************************************************************/
void close_cnum(int cnum, uint16 vuid)
{
+ extern int Client;
DirCacheFlush(SNUM(cnum));
unbecome_user();
DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
timestring(),
- remote_machine,client_addr(),
+ remote_machine,client_addr(Client),
lp_servicename(SNUM(cnum))));
yield_connection(cnum,
}
-/****************************************************************************
-simple routines to do connection counting
-****************************************************************************/
-BOOL yield_connection(int cnum,char *name,int max_connections)
-{
- struct connect_record crec;
- pstring fname;
- FILE *f;
- int mypid = getpid();
- int i;
-
- DEBUG(3,("Yielding connection to %d %s\n",cnum,name));
-
- if (max_connections <= 0)
- return(True);
-
- bzero(&crec,sizeof(crec));
-
- pstrcpy(fname,lp_lockdir());
- standard_sub(cnum,fname);
- trim_string(fname,"","/");
-
- strcat(fname,"/");
- strcat(fname,name);
- strcat(fname,".LCK");
-
- f = fopen(fname,"r+");
- if (!f)
- {
- DEBUG(2,("Couldn't open lock file %s (%s)\n",fname,strerror(errno)));
- return(False);
- }
-
- fseek(f,0,SEEK_SET);
-
- /* find a free spot */
- for (i=0;i<max_connections;i++)
- {
- if (fread(&crec,sizeof(crec),1,f) != 1)
- {
- DEBUG(2,("Entry not found in lock file %s\n",fname));
- fclose(f);
- return(False);
- }
- if (crec.pid == mypid && crec.cnum == cnum)
- break;
- }
-
- if (crec.pid != mypid || crec.cnum != cnum)
- {
- fclose(f);
- DEBUG(2,("Entry not found in lock file %s\n",fname));
- return(False);
- }
-
- bzero((void *)&crec,sizeof(crec));
-
- /* remove our mark */
- if (fseek(f,i*sizeof(crec),SEEK_SET) != 0 ||
- fwrite(&crec,sizeof(crec),1,f) != 1)
- {
- DEBUG(2,("Couldn't update lock file %s (%s)\n",fname,strerror(errno)));
- fclose(f);
- return(False);
- }
-
- DEBUG(3,("Yield successful\n"));
-
- fclose(f);
- return(True);
-}
-
-
-/****************************************************************************
-simple routines to do connection counting
-****************************************************************************/
-BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
-{
- struct connect_record crec;
- pstring fname;
- FILE *f;
- int snum = SNUM(cnum);
- int i,foundi= -1;
- int total_recs;
-
- if (max_connections <= 0)
- return(True);
-
- DEBUG(5,("trying claim %s %s %d\n",lp_lockdir(),name,max_connections));
-
- pstrcpy(fname,lp_lockdir());
- standard_sub(cnum,fname);
- trim_string(fname,"","/");
-
- if (!directory_exist(fname,NULL))
- mkdir(fname,0755);
-
- strcat(fname,"/");
- strcat(fname,name);
- strcat(fname,".LCK");
-
- if (!file_exist(fname,NULL))
- {
- int oldmask = umask(022);
- f = fopen(fname,"w");
- if (f) fclose(f);
- umask(oldmask);
- }
-
- total_recs = file_size(fname) / sizeof(crec);
-
- f = fopen(fname,"r+");
-
- if (!f)
- {
- DEBUG(1,("couldn't open lock file %s\n",fname));
- return(False);
- }
-
- /* find a free spot */
- for (i=0;i<max_connections;i++)
- {
-
- if (i>=total_recs ||
- fseek(f,i*sizeof(crec),SEEK_SET) != 0 ||
- fread(&crec,sizeof(crec),1,f) != 1)
- {
- if (foundi < 0) foundi = i;
- break;
- }
-
- if (Clear && crec.pid && !process_exists(crec.pid))
- {
- fseek(f,i*sizeof(crec),SEEK_SET);
- bzero((void *)&crec,sizeof(crec));
- fwrite(&crec,sizeof(crec),1,f);
- if (foundi < 0) foundi = i;
- continue;
- }
- if (foundi < 0 && (!crec.pid || !process_exists(crec.pid)))
- {
- foundi=i;
- if (!Clear) break;
- }
- }
-
- if (foundi < 0)
- {
- DEBUG(3,("no free locks in %s\n",fname));
- fclose(f);
- return(False);
- }
-
- /* fill in the crec */
- bzero((void *)&crec,sizeof(crec));
- crec.magic = 0x280267;
- crec.pid = getpid();
- crec.cnum = cnum;
- crec.uid = Connections[cnum].uid;
- crec.gid = Connections[cnum].gid;
- StrnCpy(crec.name,lp_servicename(snum),sizeof(crec.name)-1);
- crec.start = time(NULL);
-
- StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1);
- StrnCpy(crec.addr,client_addr(),sizeof(crec.addr)-1);
-
- /* make our mark */
- if (fseek(f,foundi*sizeof(crec),SEEK_SET) != 0 ||
- fwrite(&crec,sizeof(crec),1,f) != 1)
- {
- fclose(f);
- return(False);
- }
-
- fclose(f);
- return(True);
-}
#if DUMP_CORE
/*******************************************************************
case 'S' : string_sub(p,"%S",lp_servicename(Connections[cnum].service)); break;
case 'g' : string_sub(p,"%g",gidtoname(Connections[cnum].gid)); break;
case 'u' : string_sub(p,"%u",Connections[cnum].user); break;
+ /*
+ * Patch from jkf@soton.ac.uk
+ * Left the %N (NIS server name) in standard_sub_basic as it
+ * is a feature for logon servers, hence uses the username.
+ * The %p (NIS server path) code is here as it is used
+ * instead of the default "path =" string in [homes] and so
+ * needs the service name, not the username.
+ */
+ case 'p' : string_sub(p,"%p",automount_path(lp_servicename(Connections[cnum].service))); break;
case '\0' : p++; break; /* don't run off the end of the string */
default : p+=2; break;
}
#define TIME_INIT (1<<2)
#define CAN_IPC (1<<3)
#define AS_GUEST (1<<5)
-
+#define QUEUE_IN_OPLOCK (1<<6)
/*
define a list of possible SMB messages and their corresponding
{
int code;
char *name;
- int (*fn)();
+ int (*fn)(char *, char *, int, int);
int flags;
#if PROFILING
unsigned long time;
{SMBsetatr,"SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
{SMBchkpth,"SMBchkpth",reply_chkpth,AS_USER},
{SMBsearch,"SMBsearch",reply_search,AS_USER},
- {SMBopen,"SMBopen",reply_open,AS_USER},
+ {SMBopen,"SMBopen",reply_open,AS_USER | QUEUE_IN_OPLOCK },
/* note that SMBmknew and SMBcreate are deliberately overloaded */
{SMBcreate,"SMBcreate",reply_mknew,AS_USER},
{SMBmknew,"SMBmknew",reply_mknew,AS_USER},
- {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE},
+ {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
{SMBread,"SMBread",reply_read,AS_USER},
{SMBwrite,"SMBwrite",reply_write,AS_USER},
{SMBclose,"SMBclose",reply_close,AS_USER | CAN_IPC},
{SMBmkdir,"SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
{SMBrmdir,"SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
{SMBdskattr,"SMBdskattr",reply_dskattr,AS_USER},
- {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE},
+ {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
/* this is a Pathworks specific call, allowing the
changing of the root path */
{SMBlseek,"SMBlseek",reply_lseek,AS_USER},
{SMBflush,"SMBflush",reply_flush,AS_USER},
- {SMBctemp,"SMBctemp",reply_ctemp,AS_USER},
- {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER},
+ {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
+ {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
{SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
{SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER|AS_GUEST},
{SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
{SMBtrans,"SMBtrans",reply_trans,AS_USER | CAN_IPC},
{SMBtranss,"SMBtranss",NULL,AS_USER | CAN_IPC},
{SMBioctls,"SMBioctls",NULL,AS_USER},
- {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE},
- {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE},
+ {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
+ {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
- {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC},
- {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER},
+ {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
+ {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER | CAN_IPC },
{SMBwriteX,"SMBwriteX",reply_write_and_X,AS_USER},
{SMBlockingX,"SMBlockingX",reply_lockingX,AS_USER},
/* LANMAN2.0 PROTOCOL FOLLOWS */
{SMBfindnclose, "SMBfindnclose", reply_findnclose, AS_USER},
{SMBfindclose, "SMBfindclose", reply_findclose,AS_USER},
- {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER},
+ {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER },
{SMBtranss2, "SMBtranss2", reply_transs2, AS_USER},
/* messaging routines */
else
{
DEBUG(3,("switch message %s (pid %d)\n",smb_messages[match].name,pid));
+
+ if(global_oplock_break && (smb_messages[match].flags & QUEUE_IN_OPLOCK))
+ {
+ /*
+ * Queue this message as we are the process of an oplock break.
+ */
+
+ DEBUG(2,("%s: switch_message: queueing message due to being in oplock break state.\n",
+ timestring() ));
+
+ push_smb_message( inbuf, size);
+ return -1;
+ }
+
if (smb_messages[match].fn)
{
int cnum = SVAL(inbuf,smb_tid);
int flags = smb_messages[match].flags;
- uint16 session_tag = SVAL(inbuf,smb_uid);
+ /* In share mode security we must ignore the vuid. */
+ uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
+ /* Ensure this value is replaced in the incoming packet. */
+ SSVAL(inbuf,smb_uid,session_tag);
/* does this protocol need to be run as root? */
if (!(flags & AS_USER))
CVAL(outbuf2,smb_com) = CVAL(inbuf2,smb_com);
memcpy(outbuf2+4,inbuf2+4,4);
- CVAL(outbuf2,smb_rcls) = SUCCESS;
+ CVAL(outbuf2,smb_rcls) = SMB_SUCCESS;
CVAL(outbuf2,smb_reh) = 0;
CVAL(outbuf2,smb_flg) = 0x80 | (CVAL(inbuf2,smb_flg) & 0x8); /* bit 7 set
means a reply */
SSVAL(outbuf2,smb_flg2,1); /* say we support long filenames */
- SSVAL(outbuf2,smb_err,SUCCESS);
+ SSVAL(outbuf2,smb_err,SMB_SUCCESS);
SSVAL(outbuf2,smb_tid,SVAL(inbuf2,smb_tid));
SSVAL(outbuf2,smb_pid,SVAL(inbuf2,smb_pid));
SSVAL(outbuf2,smb_uid,SVAL(inbuf2,smb_uid));
set_message(outbuf,0,0,True);
memcpy(outbuf+4,inbuf+4,4);
- CVAL(outbuf,smb_rcls) = SUCCESS;
+ CVAL(outbuf,smb_rcls) = SMB_SUCCESS;
CVAL(outbuf,smb_reh) = 0;
CVAL(outbuf,smb_flg) = 0x80 | (CVAL(inbuf,smb_flg) & 0x8); /* bit 7 set
means a reply */
SSVAL(outbuf,smb_flg2,1); /* say we support long filenames */
- SSVAL(outbuf,smb_err,SUCCESS);
+ SSVAL(outbuf,smb_err,SMB_SUCCESS);
SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
{
Files[i].open = False;
string_init(&Files[i].name,"");
-
}
for (i=0;i<MAX_OPEN_FILES;i++)
/* for RPC pipes */
init_rpc_pipe_hnd();
-#ifdef NTDOMAIN
/* for LSA handles */
init_lsa_policy_hnd();
-#endif
init_dptrs();
}
int port = SMB_PORT;
int opt;
extern char *optarg;
- char pidFile[100];
-
- *pidFile = '\0';
#ifdef NEED_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
strcpy(debugf,SMBLOGFILE);
+ strcpy(remote_machine, "smb");
+
setup_logging(argv[0],False);
charset_initialise();
- /* make absolutely sure we run as root - to handle cases whre people
+ /* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
#ifdef USE_SETRES
setresuid(0,0,0);
seteuid(0);
#endif
- fault_setup(exit_server);
+ fault_setup((void (*)(void *))exit_server);
signal(SIGTERM , SIGNAL_CAST dflt_sig);
/* we want total control over the permissions on created files,
while ((opt = getopt(argc, argv, "O:i:l:s:d:Dp:hPaf:")) != EOF)
switch (opt)
{
- case 'f':
- strncpy(pidFile, optarg, sizeof(pidFile));
- break;
case 'O':
strcpy(user_socket_options,optarg);
break;
{
struct rlimit rlp;
getrlimit(RLIMIT_NOFILE, &rlp);
- rlp.rlim_cur = (MAX_OPEN_FILES>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES;
+ /*
+ * Set the fd limit to be MAX_OPEN_FILES + 10 to account for the
+ * extra fd we need to read directories, as well as the log files
+ * and standard handles etc.
+ */
+ rlp.rlim_cur = (MAX_OPEN_FILES+10>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES+10;
setrlimit(RLIMIT_NOFILE, &rlp);
getrlimit(RLIMIT_NOFILE, &rlp);
DEBUG(3,("Maximum number of open files per session is %d\n",rlp.rlim_cur));
#ifndef NO_SIGNAL_TEST
signal(SIGHUP,SIGNAL_CAST sig_hup);
#endif
-
+
+ /* Setup the signals that allow the debug log level
+ to by dynamically changed. */
+
+ /* If we are using the malloc debug code we can't use
+ SIGUSR1 and SIGUSR2 to do debug level changes. */
+
+#ifndef MEM_MAN
+#if defined(SIGUSR1)
+ signal( SIGUSR1, SIGNAL_CAST sig_usr1 );
+#endif /* SIGUSR1 */
+
+#if defined(SIGUSR2)
+ signal( SIGUSR2, SIGNAL_CAST sig_usr2 );
+#endif /* SIGUSR2 */
+#endif /* MEM_MAN */
+
DEBUG(3,("%s loaded services\n",timestring()));
if (!is_daemon && !is_a_socket(0))
mkdir(lp_lockdir(), 0755);
}
- if (*pidFile)
- {
- int fd;
- char buf[20];
-
- if ((fd = open(pidFile,
-#ifdef O_NONBLOCK
- O_NONBLOCK |
-#endif
- O_CREAT | O_WRONLY | O_TRUNC, 0644)) < 0)
- {
- DEBUG(0,("ERROR: can't open %s: %s\n", pidFile, strerror(errno)));
- exit(1);
- }
- if(fcntl_lock(fd,F_SETLK,0,1,F_WRLCK)==False)
- {
- DEBUG(0,("ERROR: smbd is already running\n"));
- exit(1);
- }
- sprintf(buf, "%u\n", (unsigned int) getpid());
- if (write(fd, buf, strlen(buf)) < 0)
- {
- DEBUG(0,("ERROR: can't write to %s: %s\n", pidFile, strerror(errno)));
- exit(1);
- }
- /* Leave pid file open & locked for the duration... */
- }
+ if (is_daemon) {
+ pidfile_create("smbd");
+ }
if (!open_sockets(is_daemon,port))
exit(1);