s3-smbd: Replace client_id in smbd process.
authorAndreas Schneider <asn@samba.org>
Thu, 16 Jun 2011 13:39:25 +0000 (15:39 +0200)
committerAndrew Bartlett <abartlet@samba.org>
Mon, 4 Jul 2011 08:28:16 +0000 (18:28 +1000)
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
source3/smbd/globals.h
source3/smbd/process.c

index 97d75fd4137e46bb7de4e92c4ff575890b37019d..2e31c7377910b7a04ca69d5f7c1841eec59a4389 100644 (file)
@@ -452,6 +452,7 @@ struct smbd_server_connection {
        struct client_address client_id;
        const struct tsocket_address *local_address;
        const struct tsocket_address *remote_address;
+       const char *remote_hostname;
        struct messaging_context *msg_ctx;
        struct {
                bool got_session;
index f3f532fbaec0899f3dbba913f94aa23f170fd28a..6cf793a77f743013154c5b33e1962cfa16238891 100644 (file)
@@ -287,7 +287,9 @@ static NTSTATUS receive_smb_raw_talloc_partial_read(TALLOC_CTX *mem_ctx,
 
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(0, ("read_fd_with_timeout failed for client %s read "
-                         "error = %s.\n", sconn->client_id.addr,
+                         "error = %s.\n",
+                         tsocket_address_string(sconn->remote_address,
+                                                talloc_tos()),
                          nt_errstr(status)));
                return status;
        }
@@ -453,7 +455,9 @@ static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx,
        if (!NT_STATUS_IS_OK(status)) {
                DEBUG(1, ("read_smb_length_return_keepalive failed for "
                          "client %s read error = %s.\n",
-                         sconn->client_id.addr, nt_errstr(status)));
+                         tsocket_address_string(sconn->remote_address,
+                                                talloc_tos()),
+                         nt_errstr(status)));
                return status;
        }
 
@@ -1436,6 +1440,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
        uint16 session_tag;
        connection_struct *conn = NULL;
        struct smbd_server_connection *sconn = req->sconn;
+       char *raddr;
 
        errno = 0;
 
@@ -1560,12 +1565,19 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
                conn->num_smb_operations++;
        }
 
+       raddr = tsocket_address_inet_addr_string(sconn->remote_address,
+                                                talloc_tos());
+       if (raddr == NULL) {
+               reply_nterror(req, NT_STATUS_NO_MEMORY);
+               return conn;
+       }
+
        /* does this protocol need to be run as guest? */
        if ((flags & AS_GUEST)
            && (!change_to_guest() ||
                !allow_access(lp_hostsdeny(-1), lp_hostsallow(-1),
-                             sconn->client_id.name,
-                             sconn->client_id.addr))) {
+                             sconn->remote_hostname,
+                             raddr))) {
                reply_nterror(req, NT_STATUS_ACCESS_DENIED);
                return conn;
        }
@@ -2901,6 +2913,7 @@ void smbd_process(struct smbd_server_connection *sconn)
        struct tsocket_address *local_address = NULL;
        struct tsocket_address *remote_address = NULL;
        const char *remaddr = NULL;
+       char *rhost;
        int ret;
 
        if (lp_maxprotocol() == PROTOCOL_SMB2) {
@@ -2980,9 +2993,22 @@ void smbd_process(struct smbd_server_connection *sconn)
         * the hosts allow list.
         */
 
+       ret = get_remote_hostname(remote_address,
+                                 &rhost,
+                                 talloc_tos());
+       if (ret < 0) {
+               DEBUG(0,("%s: get_remote_hostname failed - %s\n",
+                       __location__, strerror(errno)));
+               exit_server_cleanly("get_remote_hostname failed.\n");
+       }
+       if (strequal(rhost, "UNKNOWN")) {
+               rhost = talloc_strdup(talloc_tos(), remaddr);
+       }
+       sconn->remote_hostname = talloc_move(sconn, &rhost);
+
        if (!allow_access(lp_hostsdeny(-1), lp_hostsallow(-1),
-                         sconn->client_id.name,
-                         sconn->client_id.addr)) {
+                         sconn->remote_hostname,
+                         remaddr)) {
                /*
                 * send a negative session response "not listening on calling
                 * name"