#include "messages.h"
#include "ntdomain.h"
+#include "lib/id_cache.h"
+
#include "../lib/tsocket/tsocket.h"
#include "lib/server_prefork.h"
#include "lib/server_prefork_util.h"
#define DAEMON_NAME "lsasd"
#define LSASD_MAX_SOCKETS 64
+static struct server_id parent_id;
static struct prefork_pool *lsasd_pool = NULL;
static int lsasd_child_id = 0;
* Children
**********************************************************/
-struct lsasd_chld_sig_hup_ctx {
- struct messaging_context *msg_ctx;
- struct pf_worker_data *pf;
-};
-
static void lsasd_chld_sig_hup_handler(struct tevent_context *ev,
struct tevent_signal *se,
int signum,
void *siginfo,
void *pvt)
{
- struct pf_worker_data *pf = (struct pf_worker_data *)pvt;
-
- /* avoid wasting CPU cycles if we are going to exit soon anyways */
- if (pf->cmds == PF_SRV_MSG_EXIT) {
- return;
- }
-
change_to_root_user();
lsasd_reopen_logs(lsasd_child_id);
}
-static bool lsasd_setup_chld_hup_handler(struct tevent_context *ev_ctx,
- struct pf_worker_data *pf)
+static bool lsasd_setup_chld_hup_handler(struct tevent_context *ev_ctx)
{
struct tevent_signal *se;
ev_ctx,
SIGHUP, 0,
lsasd_chld_sig_hup_handler,
- pf);
+ NULL);
if (!se) {
DEBUG(1, ("failed to setup SIGHUP handler"));
return false;
return true;
}
+static void parent_ping(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data)
+{
+
+ /* The fact we received this message is enough to let make the event
+ * loop if it was idle. lsasd_children_main will cycle through
+ * lsasd_next_client at least once. That function will take whatever
+ * action is necessary */
+
+ DEBUG(10, ("Got message that the parent changed status.\n"));
+ return;
+}
+
static bool lsasd_child_init(struct tevent_context *ev_ctx,
int child_id,
struct pf_worker_data *pf)
lsasd_child_id = child_id;
lsasd_reopen_logs(child_id);
- ok = lsasd_setup_chld_hup_handler(ev_ctx, pf);
+ ok = lsasd_setup_chld_hup_handler(ev_ctx);
if (!ok) {
return false;
}
messaging_register(msg_ctx, ev_ctx,
MSG_SMB_CONF_UPDATED, lsasd_smb_conf_updated);
+ messaging_register(msg_ctx, ev_ctx,
+ MSG_PREFORK_PARENT_EVENT, parent_ping);
+ id_cache_register_msgs(msg_ctx);
status = rpc_lsarpc_init(NULL);
if (!NT_STATUS_IS_OK(status)) {
struct pf_worker_data *pf;
int listen_fd_size;
int *listen_fds;
-
- bool listening;
};
static void lsasd_next_client(void *pvt);
data->msg_ctx = msg_ctx;
data->listen_fd_size = listen_fd_size;
data->listen_fds = listen_fds;
- data->listening = false;
/* loop until it is time to exit */
while (pf->status != PF_WORKER_EXITING) {
data = talloc_get_type_abort(pvt, struct lsasd_children_data);
- if (data->pf->num_clients) {
- data->pf->num_clients--;
- } else {
- DEBUG(2, ("Invalid num clients, aborting!\n"));
- data->pf->status = PF_WORKER_EXITING;
- return;
- }
+ pfh_client_terminated(data->pf);
lsasd_next_client(pvt);
}
data = talloc_get_type_abort(pvt, struct lsasd_children_data);
- if (data->pf->num_clients == 0) {
- data->pf->status = PF_WORKER_ALIVE;
- }
-
- if (data->pf->cmds == PF_SRV_MSG_EXIT) {
- DEBUG(2, ("Parent process commands we terminate!\n"));
- return;
- }
-
- if (data->listening ||
- data->pf->num_clients >= data->pf->allowed_clients) {
+ if (!pfh_child_allowed_to_accept(data->pf)) {
/* nothing to do for now we are already listening
- * or reached the number of clients we are allowed
- * to handle in parallel */
+ * or we are not allowed to listen further */
return;
}
return;
}
tevent_req_set_callback(req, lsasd_handle_client, next);
-
- data->listening = true;
}
static void lsasd_handle_client(struct tevent_req *req)
{
struct lsasd_children_data *data;
struct lsasd_new_client *client;
+ const DATA_BLOB ping = data_blob_null;
int rc;
int sd;
TALLOC_CTX *tmp_ctx;
/* this will free the request too */
talloc_free(client);
- /* we are done listening */
- data->listening = false;
if (rc != 0) {
DEBUG(6, ("No client connection was available after all!\n"));
goto done;
}
+ /* Warn parent that our status changed */
+ messaging_send(data->msg_ctx, parent_id,
+ MSG_PREFORK_CHILD_EVENT, &ping);
+
DEBUG(2, ("LSASD preforked child %d got client connection!\n",
(int)(data->pf->pid)));
* MAIN
*/
+static void child_ping(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data)
+{
+ struct tevent_context *ev_ctx;
+
+ ev_ctx = talloc_get_type_abort(private_data, struct tevent_context);
+
+ DEBUG(10, ("Got message that a child changed status.\n"));
+ pfh_manage_pool(ev_ctx, msg_ctx, &pf_lsasd_cfg, lsasd_pool);
+}
+
static bool lsasd_schedule_check(struct tevent_context *ev_ctx,
struct messaging_context *msg_ctx,
struct timeval current_time);
goto done;
}
+ fd = create_named_pipe_socket("lsass");
+ if (fd < 0) {
+ ok = false;
+ goto done;
+ }
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+
+ rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
+ if (rc == -1) {
+ DEBUG(0, ("Failed to listen on lsass pipe - %s\n",
+ strerror(errno)));
+ ok = false;
+ goto done;
+ }
+
+ fd = create_dcerpc_ncalrpc_socket("lsarpc");
+ if (fd < 0) {
+ ok = false;
+ goto done;
+ }
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+
+ rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
+ if (rc == -1) {
+ DEBUG(0, ("Failed to listen on lsarpc ncalrpc - %s\n",
+ strerror(errno)));
+ ok = false;
+ goto done;
+ }
+
v = dcerpc_binding_vector_dup(tmp_ctx, v_orig);
if (v == NULL) {
ok = false;
goto done;
}
+ status = dcerpc_binding_vector_add_unix(&ndr_table_lsarpc, v, "lsarpc");
+ if (!NT_STATUS_IS_OK(status)) {
+ ok = false;
+ goto done;
+ }
+
status = rpc_ep_register(ev_ctx, msg_ctx, &ndr_table_lsarpc, v);
if (!NT_STATUS_IS_OK(status)) {
ok = false;
listen_fd[*listen_fd_size] = fd;
(*listen_fd_size)++;
+ fd = create_dcerpc_ncalrpc_socket("samr");
+ if (fd < 0) {
+ ok = false;
+ goto done;
+ }
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+
+ rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
+ if (rc == -1) {
+ DEBUG(0, ("Failed to listen on samr ncalrpc - %s\n",
+ strerror(errno)));
+ ok = false;
+ goto done;
+ }
+
v = dcerpc_binding_vector_dup(tmp_ctx, v_orig);
if (v == NULL) {
ok = false;
goto done;
}
+ status = dcerpc_binding_vector_add_unix(&ndr_table_lsarpc, v, "samr");
+ if (!NT_STATUS_IS_OK(status)) {
+ ok = false;
+ goto done;
+ }
+
status = rpc_ep_register(ev_ctx, msg_ctx, &ndr_table_samr, v);
if (!NT_STATUS_IS_OK(status)) {
ok = false;
listen_fd[*listen_fd_size] = fd;
(*listen_fd_size)++;
+ fd = create_dcerpc_ncalrpc_socket("netlogon");
+ if (fd < 0) {
+ ok = false;
+ goto done;
+ }
+ listen_fd[*listen_fd_size] = fd;
+ (*listen_fd_size)++;
+
+ rc = listen(fd, pf_lsasd_cfg.max_allowed_clients);
+ if (rc == -1) {
+ DEBUG(0, ("Failed to listen on netlogon ncalrpc - %s\n",
+ strerror(errno)));
+ ok = false;
+ goto done;
+ }
+
v = dcerpc_binding_vector_dup(tmp_ctx, v_orig);
if (v == NULL) {
ok = false;
goto done;
}
+ status = dcerpc_binding_vector_add_unix(&ndr_table_lsarpc, v, "netlogon");
+ if (!NT_STATUS_IS_OK(status)) {
+ ok = false;
+ goto done;
+ }
+
status = rpc_ep_register(ev_ctx, msg_ctx, &ndr_table_netlogon, v);
if (!NT_STATUS_IS_OK(status)) {
ok = false;
/* child */
close_low_fds(false);
+ /* save the parent process id so the children can use it later */
+ parent_id = procid_self();
+
status = reinit_after_fork(msg_ctx,
ev_ctx,
procid_self(), true);
ev_ctx,
MSG_SMB_CONF_UPDATED,
lsasd_smb_conf_updated);
+ messaging_register(msg_ctx, ev_ctx,
+ MSG_PREFORK_CHILD_EVENT, child_ping);
status = rpc_lsarpc_init(NULL);
if (!NT_STATUS_IS_OK(status)) {