Unix SMB/Netbios implementation.
Version 1.9.
Main SMB server routines
- Copyright (C) Andrew Tridgell 1992-1997
+ Copyright (C) Andrew Tridgell 1992-1998
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
pstring servicesf = CONFIGFILE;
extern pstring debugf;
extern pstring sesssetup_user;
-extern fstring myworkgroup;
+extern fstring global_myworkgroup;
+extern pstring global_myname;
char *InBuffer = NULL;
char *OutBuffer = NULL;
extern BOOL short_case_preserve;
extern BOOL case_mangle;
time_t smb_last_time=(time_t)0;
+extern BOOL global_machine_pasword_needs_changing;
extern int smb_read_error;
extern pstring user_socket_options;
+#ifdef DFS_AUTH
+extern int dcelogin_atmost_once;
+#endif /* DFS_AUTH */
+
+/*
+ * This is set on startup - it defines the SID for this
+ * machine.
+ */
+extern DOM_SID global_machine_sid;
+
connection_struct Connections[MAX_CONNECTIONS];
-files_struct Files[MAX_OPEN_FILES];
+files_struct Files[MAX_FNUMS];
/*
* Indirection for file fd's. Needed as POSIX locking
extern pstring OriginalDir;
/* these can be set by some functions to override the error codes */
-int unix_ERR_class=SUCCESS;
+int unix_ERR_class=SMB_SUCCESS;
int unix_ERR_code=0;
if (is_8_3(name2, True))
return(False);
- strcpy(tmpname,name2);
- mangle_name_83(tmpname);
+ pstrcpy(tmpname,name2);
+ mangle_name_83(tmpname,sizeof(tmpname));
return(strequal(name1,tmpname));
}
path = ".";
if (docache && (dname = DirCacheCheck(path,name,SNUM(cnum)))) {
- strcpy(name, dname);
+ pstrcpy(name, dname);
return(True);
}
+ /*
+ * The incoming name can be mangled, and if we de-mangle it
+ * here it will not compare correctly against the filename (name2)
+ * read from the directory and then mangled by the name_map_mangle()
+ * call. We need to mangle both names or neither.
+ * (JRA).
+ */
if (mangled)
- check_mangled_stack(name);
+ mangled = !check_mangled_cache( name );
/* open the directory */
if (!(cur_dir = OpenDir(cnum, path, True)))
if (!name_map_mangle(name2,False,SNUM(cnum))) continue;
if ((mangled && mangled_equal(name,name2))
- || fname_equal(name, name2)) /* name2 here was changed to dname - since 1.9.16p2 - not sure of reason (jra) */
+ || fname_equal(name, name2))
{
/* we've found the file, change it's name and return */
if (docache) DirCacheAdd(path,name,dname,SNUM(cnum));
- strcpy(name, dname);
+ pstrcpy(name, dname);
CloseDir(cur_dir);
return(True);
}
if(saved_last_component) {
end = strrchr(name, '/');
if(end)
- strcpy(saved_last_component, end + 1);
+ pstrcpy(saved_last_component, end + 1);
else
- strcpy(saved_last_component, name);
+ pstrcpy(saved_last_component, name);
}
if (!case_sensitive &&
{
char *s;
fstring name2;
- sprintf(name2,"%.6s.XXXXXX",remote_machine);
+ slprintf(name2,sizeof(name2)-1,"%.6s.XXXXXX",remote_machine);
/* sanitise the name */
for (s=name2 ; *s ; s++)
if (!issafe(*s)) *s = '_';
- strcpy(name,(char *)mktemp(name2));
+ pstrcpy(name,(char *)mktemp(name2));
}
return(True);
}
if (end) *end = 0;
if(saved_last_component != 0)
- strcpy(saved_last_component, end ? end + 1 : start);
+ pstrcpy(saved_last_component, end ? end + 1 : start);
/* check if the name exists up to this point */
if (sys_stat(name, &st) == 0)
/* check on the mangled stack to see if we can recover the
base of the filename */
if (is_mangled(start))
- check_mangled_stack(start);
+ check_mangled_cache( start );
DEBUG(5,("New file %s\n",start));
return(True);
/* restore the rest of the string */
if (end)
{
- strcpy(start+strlen(start)+1,rest);
+ pstrcpy(start+strlen(start)+1,rest);
end = start + strlen(start);
}
}
/* add to the dirpath that we have resolved so far */
- if (*dirpath) strcat(dirpath,"/");
- strcat(dirpath,start);
+ if (*dirpath) pstrcat(dirpath,"/");
+ pstrcat(dirpath,start);
/* restore the / that we wiped out earlier */
if (end) *end = '/';
pstring syscmd;
pstring outfile;
- sprintf(outfile,"%s/dfree.smb.%d",tmpdir(),(int)getpid());
- sprintf(syscmd,"%s %s",df_command,path);
+ slprintf(outfile,sizeof(outfile)-1, "%s/dfree.smb.%d",tmpdir(),(int)getpid());
+ slprintf(syscmd,sizeof(syscmd)-1,"%s %s",df_command,path);
standard_sub_basic(syscmd);
ret = smbrun(syscmd,outfile,False);
if((fd == -1) && (errno == ENOENT) &&
(strchr(fname,'.')==NULL))
{
- strcat(fname,".");
+ pstrcat(fname,".");
fd = sys_open(fname,flags,mode);
}
return fd;
}
+/****************************************************************************
+Cache a uid_t currently with this file open. This is an optimization only
+used when multiple sessionsetup's have been done to one smbd.
+****************************************************************************/
+static void fd_add_to_uid_cache(file_fd_struct *fd_ptr, uid_t u)
+{
+ if(fd_ptr->uid_cache_count >= sizeof(fd_ptr->uid_users_cache)/sizeof(uid_t))
+ return;
+ fd_ptr->uid_users_cache[fd_ptr->uid_cache_count++] = u;
+}
+
+/****************************************************************************
+Remove a uid_t that currently has this file open. This is an optimization only
+used when multiple sessionsetup's have been done to one smbd.
+****************************************************************************/
+static void fd_remove_from_uid_cache(file_fd_struct *fd_ptr, uid_t u)
+{
+ int i;
+ for(i = 0; i < fd_ptr->uid_cache_count; i++)
+ if(fd_ptr->uid_users_cache[i] == u) {
+ if(i < (fd_ptr->uid_cache_count-1))
+ memmove((char *)&fd_ptr->uid_users_cache[i], (char *)&fd_ptr->uid_users_cache[i+1],
+ sizeof(uid_t)*(fd_ptr->uid_cache_count-1-i) );
+ fd_ptr->uid_cache_count--;
+ }
+ return;
+}
+
+/****************************************************************************
+Check if a uid_t that currently has this file open is present. This is an
+optimization only used when multiple sessionsetup's have been done to one smbd.
+****************************************************************************/
+static BOOL fd_is_in_uid_cache(file_fd_struct *fd_ptr, uid_t u)
+{
+ int i;
+ for(i = 0; i < fd_ptr->uid_cache_count; i++)
+ if(fd_ptr->uid_users_cache[i] == u)
+ return True;
+ return False;
+}
+
/****************************************************************************
fd support routines - attempt to find an already open file by dev
and inode - increments the ref_count of the returned file_fd_struct *.
fd support routines - attempt to find a empty slot in the FileFd array.
Increments the ref_count of the returned entry.
****************************************************************************/
-static file_fd_struct *fd_get_new()
+static file_fd_struct *fd_get_new(void)
{
+ extern struct current_user current_user;
int i;
file_fd_struct *fd_ptr;
fd_ptr->fd_readonly = -1;
fd_ptr->fd_writeonly = -1;
fd_ptr->real_open_flags = -1;
+ fd_ptr->uid_cache_count = 0;
+ fd_add_to_uid_cache(fd_ptr, (uid_t)current_user.uid);
fd_ptr->ref_count++;
/* Increment max used counter if neccessary, cuts down
- on search time when re-using */
+ on search time when re-using */
if(i > max_file_fd_used)
max_file_fd_used = i;
DEBUG(3,("Allocated new file_fd_struct %d, dev = %x, inode = %x\n",
return fd_ptr;
}
}
- DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\
-n"));
+ DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\n"));
return 0;
}
****************************************************************************/
static int fd_attempt_close(file_fd_struct *fd_ptr)
{
+ extern struct current_user current_user;
+
DEBUG(3,("fd_attempt_close on file_fd_struct %d, fd = %d, dev = %x, inode = %x, open_flags = %d, ref_count = %d.\n",
- fd_ptr - &FileFd[0],
- fd_ptr->fd, fd_ptr->dev, fd_ptr->inode,
- fd_ptr->real_open_flags,
- fd_ptr->ref_count));
+ fd_ptr - &FileFd[0],
+ fd_ptr->fd, fd_ptr->dev, fd_ptr->inode,
+ fd_ptr->real_open_flags,
+ fd_ptr->ref_count));
if(fd_ptr->ref_count > 0) {
fd_ptr->ref_count--;
if(fd_ptr->ref_count == 0) {
if(fd_ptr->fd != -1)
close(fd_ptr->fd);
if(fd_ptr->fd_readonly != -1)
- close(fd_ptr->fd_readonly);
+ close(fd_ptr->fd_readonly);
if(fd_ptr->fd_writeonly != -1)
- close(fd_ptr->fd_writeonly);
+ close(fd_ptr->fd_writeonly);
fd_ptr->fd = -1;
fd_ptr->fd_readonly = -1;
fd_ptr->fd_writeonly = -1;
fd_ptr->real_open_flags = -1;
fd_ptr->dev = (uint32)-1;
fd_ptr->inode = (uint32)-1;
- }
+ fd_ptr->uid_cache_count = 0;
+ } else
+ fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
}
return fd_ptr->ref_count;
}
+/****************************************************************************
+fd support routines - check that current user has permissions
+to open this file. Used when uid not found in optimization cache.
+This is really ugly code, as due to POSIX locking braindamage we must
+fork and then attempt to open the file, and return success or failure
+via an exit code.
+****************************************************************************/
+static BOOL check_access_allowed_for_current_user( char *fname, int accmode )
+{
+ pid_t child_pid;
+
+ if((child_pid = fork()) < 0) {
+ DEBUG(0,("check_access_allowed_for_current_user: fork failed.\n"));
+ return False;
+ }
+
+ if(child_pid) {
+ /*
+ * Parent.
+ */
+ pid_t wpid;
+ int status_code;
+ if ((wpid = sys_waitpid(child_pid, &status_code, 0)) < 0) {
+ DEBUG(0,("check_access_allowed_for_current_user: The process is no longer waiting!\n"));
+ return(False);
+ }
+
+ if (child_pid != wpid) {
+ DEBUG(0,("check_access_allowed_for_current_user: We were waiting for the wrong process ID\n"));
+ return(False);
+ }
+#if defined(WIFEXITED) && defined(WEXITSTATUS)
+ if (WIFEXITED(status_code) == 0) {
+ DEBUG(0,("check_access_allowed_for_current_user: The process exited while we were waiting\n"));
+ return(False);
+ }
+ if (WEXITSTATUS(status_code) != 0) {
+ DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access denied.\n", status_code));
+ return(False);
+ }
+#else /* defined(WIFEXITED) && defined(WEXITSTATUS) */
+ if(status_code != 0) {
+ DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access denied.\n", status_code));
+ return(False);
+ }
+#endif /* defined(WIFEXITED) && defined(WEXITSTATUS) */
+
+ /*
+ * Success - the child could open the file.
+ */
+ DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access allowed.\n", status_code));
+ return True;
+ } else {
+ /*
+ * Child.
+ */
+ int fd;
+ DEBUG(9,("check_access_allowed_for_current_user: Child - attempting to open %s with mode %d.\n", fname, accmode ));
+ if((fd = fd_attempt_open( fname, accmode, 0)) < 0) {
+ /* Access denied. */
+ _exit(EACCES);
+ }
+ close(fd);
+ DEBUG(9,("check_access_allowed_for_current_user: Child - returning ok.\n"));
+ _exit(0);
+ }
+
+ return False;
+}
+
/****************************************************************************
open a file
****************************************************************************/
struct stat statbuf;
file_fd_struct *fd_ptr;
files_struct *fsp = &Files[fnum];
+ int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
fsp->open = False;
fsp->fd_ptr = 0;
pstrcpy(fname,fname1);
/* check permissions */
- if ((flags != O_RDONLY) && !CAN_WRITE(cnum) && !Connections[cnum].printer)
- {
+
+ /*
+ * This code was changed after seeing a client open request
+ * containing the open mode of (DENY_WRITE/read-only) with
+ * the 'create if not exist' bit set. The previous code
+ * would fail to open the file read only on a read-only share
+ * as it was checking the flags parameter directly against O_RDONLY,
+ * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
+ * JRA.
+ */
+
+ if (!CAN_WRITE(cnum) && !Connections[cnum].printer) {
+ /* It's a read-only share - fail if we wanted to write. */
+ if(accmode != O_RDONLY) {
DEBUG(3,("Permission denied opening %s\n",fname));
check_for_pipe(fname);
return;
}
+ else if(flags & O_CREAT) {
+ /* We don't want to write - but we must make sure that O_CREAT
+ doesn't create the file if we have write access into the
+ directory.
+ */
+ flags &= ~O_CREAT;
+ }
+ }
/* this handles a bug in Win95 - it doesn't say to create the file when it
should */
* open fd table.
*/
if(sbuf == 0) {
- if(stat(fname, &statbuf) < 0) {
+ if(sys_stat(fname, &statbuf) < 0) {
if(errno != ENOENT) {
DEBUG(3,("Error doing stat on file %s (%s)\n",
fname,strerror(errno)));
* reference count (fd_get_already_open increments the ref_count).
*/
if((fd_ptr = fd_get_already_open(sbuf))!= 0) {
+ /*
+ * File was already open.
+ */
- int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
-
- /* File was already open. */
+ /*
+ * Check it wasn't open for exclusive use.
+ */
if((flags & O_CREAT) && (flags & O_EXCL)) {
fd_ptr->ref_count--;
errno = EEXIST;
return;
}
+ /*
+ * Ensure that the user attempting to open
+ * this file has permissions to do so, if
+ * the user who originally opened the file wasn't
+ * the same as the current user.
+ */
+
+ if(!fd_is_in_uid_cache(fd_ptr, (uid_t)current_user.uid)) {
+ if(!check_access_allowed_for_current_user( fname, accmode )) {
+ /* Error - permission denied. */
+ DEBUG(3,("Permission denied opening file %s (flags=%d, accmode = %d)\n",
+ fname, flags, accmode));
+ /* Ensure the ref_count is decremented. */
+ fd_ptr->ref_count--;
+ fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
+ errno = EACCES;
+ return;
+ }
+ }
+
+ fd_add_to_uid_cache(fd_ptr, (uid_t)current_user.uid);
+
/*
* If not opened O_RDWR try
* and do that here - a chmod may have been done
DEBUG(3,("Error opening (already open for flags=%d) file %s (%s) (flags=%d)\n",
fd_ptr->real_open_flags, fname,strerror(EACCES),flags));
check_for_pipe(fname);
+ fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
fd_ptr->ref_count--;
return;
}
fd_ptr->fd = fd_attempt_open(fname, open_flags|O_WRONLY, mode);
fd_ptr->real_open_flags = O_WRONLY;
} else {
- fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDONLY, mode);
+ fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDONLY, mode);
fd_ptr->real_open_flags = O_RDONLY;
}
}
}
if (fd_ptr->fd < 0)
- {
- DEBUG(3,("Error opening file %s (%s) (flags=%d)\n",
- fname,strerror(errno),flags));
- /* Ensure the ref_count is decremented. */
- fd_attempt_close(fd_ptr);
- check_for_pipe(fname);
- return;
- }
+ {
+ DEBUG(3,("Error opening file %s (%s) (flags=%d)\n",
+ fname,strerror(errno),flags));
+ /* Ensure the ref_count is decremented. */
+ fd_attempt_close(fd_ptr);
+ check_for_pipe(fname);
+ return;
+ }
if (fd_ptr->fd >= 0)
- {
- if(sbuf == 0) {
- /* Do the fstat */
- if(fstat(fd_ptr->fd, &statbuf) == -1) {
- /* Error - backout !! */
- DEBUG(3,("Error doing fstat on fd %d, file %s (%s)\n",
- fd_ptr->fd, fname,strerror(errno)));
- /* Ensure the ref_count is decremented. */
- fd_attempt_close(fd_ptr);
- return;
- }
- sbuf = &statbuf;
+ {
+ if(sbuf == 0) {
+ /* Do the fstat */
+ if(fstat(fd_ptr->fd, &statbuf) == -1) {
+ /* Error - backout !! */
+ DEBUG(3,("Error doing fstat on fd %d, file %s (%s)\n",
+ fd_ptr->fd, fname,strerror(errno)));
+ /* Ensure the ref_count is decremented. */
+ fd_attempt_close(fd_ptr);
+ return;
}
- /* Set the correct entries in fd_ptr. */
- fd_ptr->dev = (uint32)sbuf->st_dev;
- fd_ptr->inode = (uint32)sbuf->st_ino;
-
- fsp->fd_ptr = fd_ptr;
- Connections[cnum].num_files_open++;
- fsp->mode = sbuf->st_mode;
- GetTimeOfDay(&fsp->open_time);
- fsp->uid = current_user.id;
- fsp->size = 0;
- fsp->pos = -1;
- fsp->open = True;
- fsp->mmap_ptr = NULL;
- fsp->mmap_size = 0;
- fsp->can_lock = True;
- fsp->can_read = ((flags & O_WRONLY)==0);
- fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
- fsp->share_mode = 0;
- fsp->print_file = Connections[cnum].printer;
- fsp->modified = False;
- fsp->granted_oplock = False;
- fsp->sent_oplock_break = False;
- fsp->cnum = cnum;
- string_set(&fsp->name,dos_to_unix(fname,False));
- fsp->wbmpx_ptr = NULL;
+ sbuf = &statbuf;
+ }
- /*
- * If the printer is marked as postscript output a leading
- * file identifier to ensure the file is treated as a raw
- * postscript file.
- * This has a similar effect as CtrlD=0 in WIN.INI file.
- * tim@fsg.com 09/06/94
- */
- if (fsp->print_file && POSTSCRIPT(cnum) &&
- fsp->can_write)
- {
- DEBUG(3,("Writing postscript line\n"));
- write_file(fnum,"%!\n",3);
- }
-
- DEBUG(2,("%s %s opened file %s read=%s write=%s (numopen=%d fnum=%d)\n",
- timestring(),Connections[cnum].user,fname,
- BOOLSTR(fsp->can_read),BOOLSTR(fsp->can_write),
- Connections[cnum].num_files_open,fnum));
+ /* Set the correct entries in fd_ptr. */
+ fd_ptr->dev = (uint32)sbuf->st_dev;
+ fd_ptr->inode = (uint32)sbuf->st_ino;
+
+ fsp->fd_ptr = fd_ptr;
+ Connections[cnum].num_files_open++;
+ fsp->mode = sbuf->st_mode;
+ GetTimeOfDay(&fsp->open_time);
+ fsp->vuid = current_user.vuid;
+ fsp->size = 0;
+ fsp->pos = -1;
+ fsp->open = True;
+ fsp->mmap_ptr = NULL;
+ fsp->mmap_size = 0;
+ fsp->can_lock = True;
+ fsp->can_read = ((flags & O_WRONLY)==0);
+ fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
+ fsp->share_mode = 0;
+ fsp->print_file = Connections[cnum].printer;
+ fsp->modified = False;
+ fsp->granted_oplock = False;
+ fsp->sent_oplock_break = False;
+ fsp->is_directory = False;
+ fsp->cnum = cnum;
+ /*
+ * Note that the file name here is the *untranslated* name
+ * ie. it is still in the DOS codepage sent from the client.
+ * All use of this filename will pass though the sys_xxxx
+ * functions which will do the dos_to_unix translation before
+ * mapping into a UNIX filename. JRA.
+ */
+ string_set(&fsp->name,fname);
+ fsp->wbmpx_ptr = NULL;
+ /*
+ * If the printer is marked as postscript output a leading
+ * file identifier to ensure the file is treated as a raw
+ * postscript file.
+ * This has a similar effect as CtrlD=0 in WIN.INI file.
+ * tim@fsg.com 09/06/94
+ */
+ if (fsp->print_file && POSTSCRIPT(cnum) && fsp->can_write)
+ {
+ DEBUG(3,("Writing postscript line\n"));
+ write_file(fnum,"%!\n",3);
}
+
+ DEBUG(2,("%s %s opened file %s read=%s write=%s (numopen=%d fnum=%d)\n",
+ timestring(),
+ *sesssetup_user ? sesssetup_user : Connections[cnum].user,fname,
+ BOOLSTR(fsp->can_read),BOOLSTR(fsp->can_write),
+ Connections[cnum].num_files_open,fnum));
+
+ }
#if USE_MMAP
/* mmap it if read-only */
if (!fsp->can_write)
- {
- fsp->mmap_size = file_size(fname);
- fsp->mmap_ptr = (char *)mmap(NULL,fsp->mmap_size,
- PROT_READ,MAP_SHARED,fsp->fd_ptr->fd,0);
+ {
+ fsp->mmap_size = file_size(fname);
+ fsp->mmap_ptr = (char *)mmap(NULL,fsp->mmap_size,
+ PROT_READ,MAP_SHARED,fsp->fd_ptr->fd,0);
- if (fsp->mmap_ptr == (char *)-1 || !fsp->mmap_ptr)
- {
- DEBUG(3,("Failed to mmap() %s - %s\n",fname,strerror(errno)));
- fsp->mmap_ptr = NULL;
- }
+ if (fsp->mmap_ptr == (char *)-1 || !fsp->mmap_ptr)
+ {
+ DEBUG(3,("Failed to mmap() %s - %s\n",fname,strerror(errno)));
+ fsp->mmap_ptr = NULL;
}
+ }
#endif
}
if (*lp_magicoutput(SNUM(cnum)))
pstrcpy(magic_output,lp_magicoutput(SNUM(cnum)));
else
- sprintf(magic_output,"%s.out",fname);
+ slprintf(magic_output,sizeof(fname)-1, "%s.out",fname);
chmod(fname,0755);
ret = smbrun(fname,magic_output,False);
}
}
+/****************************************************************************
+ Common code to close a file or a directory.
+****************************************************************************/
+
+static void close_filestruct(files_struct *fs_p)
+{
+ int cnum = fs_p->cnum;
+
+ fs_p->reserved = False;
+ fs_p->open = False;
+ fs_p->is_directory = False;
+
+ Connections[cnum].num_files_open--;
+ if(fs_p->wbmpx_ptr)
+ {
+ free((char *)fs_p->wbmpx_ptr);
+ fs_p->wbmpx_ptr = NULL;
+ }
+
+#if USE_MMAP
+ if(fs_p->mmap_ptr)
+ {
+ munmap(fs_p->mmap_ptr,fs_p->mmap_size);
+ fs_p->mmap_ptr = NULL;
+ }
+#endif
+}
/****************************************************************************
-close a file - possibly invalidating the read prediction
+ Close a file - possibly invalidating the read prediction.
-If normal_close is 1 then this came from a normal SMBclose (or equivalent)
-operation otherwise it came as the result of some other operation such as
-the closing of the connection. In the latter case printing and
-magic scripts are not run
+ If normal_close is 1 then this came from a normal SMBclose (or equivalent)
+ operation otherwise it came as the result of some other operation such as
+ the closing of the connection. In the latter case printing and
+ magic scripts are not run.
****************************************************************************/
+
void close_file(int fnum, BOOL normal_close)
{
files_struct *fs_p = &Files[fnum];
uint32 inode = fs_p->fd_ptr->inode;
int token;
+ close_filestruct(fs_p);
+
#if USE_READ_PREDICTION
invalidate_read_prediction(fs_p->fd_ptr->fd);
#endif
- fs_p->open = False;
- Connections[cnum].num_files_open--;
- if(fs_p->wbmpx_ptr)
- {
- free((char *)fs_p->wbmpx_ptr);
- fs_p->wbmpx_ptr = NULL;
- }
-
-#if USE_MMAP
- if(fs_p->mmap_ptr)
- {
- munmap(fs_p->mmap_ptr,fs_p->mmap_size);
- fs_p->mmap_ptr = NULL;
- }
-#endif
-
if (lp_share_modes(SNUM(cnum)))
{
lock_share_entry( cnum, dev, inode, &token);
DEBUG(2,("%s %s closed file %s (numopen=%d)\n",
timestring(),Connections[cnum].user,fs_p->name,
Connections[cnum].num_files_open));
+
+ if (fs_p->name) {
+ string_free(&fs_p->name);
+ }
+
+ /* we will catch bugs faster by zeroing this structure */
+ memset(fs_p, 0, sizeof(*fs_p));
+}
+
+/****************************************************************************
+ Close a directory opened by an NT SMB call.
+****************************************************************************/
+
+void close_directory(int fnum)
+{
+ files_struct *fs_p = &Files[fnum];
+
+ /*
+ * Do the code common to files and directories.
+ */
+ close_filestruct(fs_p);
+
+ if (fs_p->name) {
+ string_free(&fs_p->name);
+ }
+
+ /* we will catch bugs faster by zeroing this structure */
+ memset(fs_p, 0, sizeof(*fs_p));
+}
+
+/****************************************************************************
+ Open a directory from an NT SMB call.
+****************************************************************************/
+
+void open_directory(int fnum,int cnum,char *fname, int *action)
+{
+ extern struct current_user current_user;
+ files_struct *fsp = &Files[fnum];
+
+ fsp->fd_ptr = NULL;
+ Connections[cnum].num_files_open++;
+ fsp->mode = 0;
+ GetTimeOfDay(&fsp->open_time);
+ fsp->vuid = current_user.vuid;
+ fsp->size = 0;
+ fsp->pos = -1;
+ fsp->open = True;
+ fsp->mmap_ptr = NULL;
+ fsp->mmap_size = 0;
+ fsp->can_lock = True;
+ fsp->can_read = False;
+ fsp->can_write = False;
+ fsp->share_mode = 0;
+ fsp->print_file = False;
+ fsp->modified = False;
+ fsp->granted_oplock = False;
+ fsp->sent_oplock_break = False;
+ fsp->is_directory = True;
+ fsp->cnum = cnum;
+ /*
+ * Note that the file name here is the *untranslated* name
+ * ie. it is still in the DOS codepage sent from the client.
+ * All use of this filename will pass though the sys_xxxx
+ * functions which will do the dos_to_unix translation before
+ * mapping into a UNIX filename. JRA.
+ */
+ string_set(&fsp->name,fname);
+ fsp->wbmpx_ptr = NULL;
+
+ *action = FILE_WAS_OPENED;
}
enum {AFAIL,AREAD,AWRITE,AALL};
check if the share mode on a file allows it to be deleted or unlinked
return True if sharing doesn't prevent the operation
********************************************************************/
-BOOL check_file_sharing(int cnum,char *fname)
+BOOL check_file_sharing(int cnum,char *fname, BOOL rename_op)
{
int i;
int ret = False;
if(!lp_share_modes(SNUM(cnum)))
return True;
- if (stat(fname,&sbuf) == -1) return(True);
+ if (sys_stat(fname,&sbuf) == -1) return(True);
dev = (uint32)sbuf.st_dev;
inode = (uint32)sbuf.st_ino;
if(share_entry->op_type & BATCH_OPLOCK)
{
- DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
+ /*
+ * It appears that the NT redirector may have a bug, in that
+ * it tries to do an SMBmv on a file that it has open with a
+ * batch oplock, and then fails to respond to the oplock break
+ * request. This only seems to occur when the client is doing an
+ * SMBmv to the smbd it is using - thus we try and detect this
+ * condition by checking if the file being moved is open and oplocked by
+ * this smbd process, and then not sending the oplock break in this
+ * special case. If the file was open with a deny mode that
+ * prevents the move the SMBmv will fail anyway with a share
+ * violation error. JRA.
+ */
+ if(rename_op && (share_entry->pid == pid))
+ {
+ DEBUG(0,("check_file_sharing: NT redirector workaround - rename attempted on \
+batch oplocked file %s, dev = %x, inode = %x\n", fname, dev, inode));
+ /*
+ * This next line is a test that allows the deny-mode
+ * processing to be skipped. This seems to be needed as
+ * NT insists on the rename succeeding (in Office 9x no less !).
+ * This should be removed as soon as (a) MS fix the redirector
+ * bug or (b) NT SMB support in Samba makes NT not issue the
+ * call (as is my fervent hope). JRA.
+ */
+ continue;
+ }
+ else
+ {
+ DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
- /* Oplock break.... */
- unlock_share_entry(cnum, dev, inode, token);
- if(request_oplock_break(share_entry, dev, inode) == False)
- {
- free((char *)old_shares);
- DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
+ /* Oplock break.... */
+ unlock_share_entry(cnum, dev, inode, token);
+ if(request_oplock_break(share_entry, dev, inode) == False)
+ {
+ free((char *)old_shares);
+ DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
- return False;
+ return False;
+ }
+ lock_share_entry(cnum, dev, inode, &token);
+ broke_oplock = True;
+ break;
}
- lock_share_entry(cnum, dev, inode, &token);
- broke_oplock = True;
- break;
}
/* someone else has a share lock on it, check to see
BOOL *share_locked)
{
if (Files[fnum].can_write){
- if (is_locked(fnum,cnum,0x3FFFFFFF,0)){
+ if (is_locked(fnum,cnum,0x3FFFFFFF,0,F_WRLCK)){
/* If share modes are in force for this connection we
have the share entry locked. Unlock it before closing. */
if (*share_locked && lp_share_modes(SNUM(cnum)))
{
unix_ERR_class = ERRDOS;
/* OS/2 Workplace shell fix may be main code stream in a later release. */
-#ifdef OS2_WPS_FIX
+#if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
unix_ERR_code = ERRcannotopen;
#else /* OS2_WPS_FIX */
unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
flags = O_RDONLY;
break;
}
+
+#if defined(O_SYNC)
+ if (share_mode&(1<<14)) {
+ flags2 |= O_SYNC;
+ }
+#endif /* O_SYNC */
if (flags != O_RDONLY && file_existed &&
(!CAN_WRITE(cnum) || IS_DOS_READONLY(dos_mode(cnum,fname,&sbuf))))
if (action)
{
- if (file_existed && !(flags2 & O_TRUNC)) *action = 1;
- if (!file_existed) *action = 2;
- if (file_existed && (flags2 & O_TRUNC)) *action = 3;
+ if (file_existed && !(flags2 & O_TRUNC)) *action = FILE_WAS_OPENED;
+ if (!file_existed) *action = FILE_WAS_CREATED;
+ if (file_existed && (flags2 & O_TRUNC)) *action = FILE_WAS_OVERWRITTEN;
}
/* We must create the share mode entry before truncate as
truncate can fail due to locking and have to close the
#if USE_MMAP
if (Files[fnum].mmap_ptr)
{
- int num = MIN(n,(int)(Files[fnum].mmap_size-pos));
+ int num = (Files[fnum].mmap_size > pos) ? (Files[fnum].mmap_size - pos) : -1;
+ num = MIN(n,num);
if (num > 0)
{
memcpy(data,Files[fnum].mmap_ptr+pos,num);
if (iService < 0)
{
char *phome_dir = get_home_dir(service);
+
+ if(!phome_dir)
+ {
+ /*
+ * Try mapping the servicename, it may
+ * be a Windows to unix mapped user name.
+ */
+ if(map_username(service))
+ phome_dir = get_home_dir(service);
+ }
+
DEBUG(3,("checking for home directory %s gave %s\n",service,
- phome_dir?phome_dir:"(NULL)"));
+ phome_dir?phome_dir:"(NULL)"));
+
if (phome_dir)
{
- int iHomeService;
- if ((iHomeService = lp_servicenumber(HOMES_NAME)) >= 0)
- {
- lp_add_home(service,iHomeService,phome_dir);
- iService = lp_servicenumber(service);
- }
+ int iHomeService;
+ if ((iHomeService = lp_servicenumber(HOMES_NAME)) >= 0)
+ {
+ lp_add_home(service,iHomeService,phome_dir);
+ iService = lp_servicenumber(service);
+ }
}
}
/* just possibly it's a default service? */
if (iService < 0)
+ {
+ char *pdefservice = lp_defaultservice();
+ if (pdefservice && *pdefservice && !strequal(pdefservice,service))
{
- char *defservice = lp_defaultservice();
- if (defservice && *defservice && !strequal(defservice,service)) {
- iService = find_service(defservice);
- if (iService >= 0) {
- string_sub(service,"_","/");
- iService = lp_add_service(service,iService);
- }
+ /*
+ * We need to do a local copy here as lp_defaultservice()
+ * returns one of the rotating lp_string buffers that
+ * could get overwritten by the recursive find_service() call
+ * below. Fix from Josef Hinteregger <joehtg@joehtg.co.at>.
+ */
+ pstring defservice;
+ pstrcpy(defservice, pdefservice);
+ iService = find_service(defservice);
+ if (iService >= 0)
+ {
+ string_sub(service,"_","/");
+ iService = lp_add_service(service,iService);
}
}
+ }
if (iService >= 0)
- if (!VALID_SNUM(iService))
- {
- DEBUG(0,("Invalid snum %d for %s\n",iService,service));
- iService = -1;
- }
+ if (!VALID_SNUM(iService))
+ {
+ DEBUG(0,("Invalid snum %d for %s\n",iService,service));
+ iService = -1;
+ }
if (iService < 0)
- DEBUG(3,("find_service() failed to find service %s\n", service));
+ DEBUG(3,("find_service() failed to find service %s\n", service));
return (iService);
}
int ecode=def_code;
int i=0;
- if (unix_ERR_class != SUCCESS)
+ if (unix_ERR_class != SMB_SUCCESS)
{
eclass = unix_ERR_class;
ecode = unix_ERR_code;
- unix_ERR_class = SUCCESS;
+ unix_ERR_class = SMB_SUCCESS;
unix_ERR_code = 0;
}
else
int error_packet(char *inbuf,char *outbuf,int error_class,uint32 error_code,int line)
{
int outsize = set_message(outbuf,0,0,True);
- int cmd;
- cmd = CVAL(inbuf,smb_com);
-
- CVAL(outbuf,smb_rcls) = error_class;
- SSVAL(outbuf,smb_err,error_code);
-
- DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
+ int cmd = CVAL(inbuf,smb_com);
+ int flgs2 = SVAL(outbuf,smb_flg2);
+
+ if ((flgs2 & FLAGS2_32_BIT_ERROR_CODES) == FLAGS2_32_BIT_ERROR_CODES)
+ {
+ SIVAL(outbuf,smb_rcls,error_code);
+
+ DEBUG(3,("%s 32 bit error packet at line %d cmd=%d (%s) eclass=%08x [%s]\n",
+ timestring(), line, cmd, smb_fn_name(cmd), error_code, smb_errstr(outbuf)));
+ }
+ else
+ {
+ CVAL(outbuf,smb_rcls) = error_class;
+ SSVAL(outbuf,smb_err,error_code);
+ DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
timestring(),
line,
(int)CVAL(inbuf,smb_com),
error_class,
error_code));
+ }
+
if (errno != 0)
DEBUG(3,("error string = %s\n",strerror(errno)));
/****************************************************************************
this prevents zombie child processes
****************************************************************************/
-static int sig_cld()
+static int sig_cld(void)
{
static int depth = 0;
if (depth != 0)
/****************************************************************************
this is called when the client exits abruptly
**************************************************************************/
-static int sig_pipe()
+static int sig_pipe(void)
{
struct cli_state *cli;
BlockSignals(True,SIGPIPE);
return True;
}
close(Client); /* The parent doesn't need this socket */
-#endif /NO_FORK_DEBUG */
+
+ /*
+ * Force parent to check log size after spawning child.
+ * Fix from klausr@ITAP.Physik.Uni-Stuttgart.De.
+ * The parent smbd will log to logserver.smb.
+ * It writes only two messages for each child
+ * started/finished. But each child writes, say, 50 messages also in
+ * logserver.smb, begining with the debug_count of the parent, before the
+ * child opens its own log file logserver.client. In a worst case
+ * scenario the size of logserver.smb would be checked after about
+ * 50*50=2500 messages (ca. 100kb).
+ */
+ force_check_log_size();
+
+#endif /* NO_FORK_DEBUG */
} /* end for num */
} /* end while 1 */
} /* end if is_daemon */
static void process_smb(char *inbuf, char *outbuf)
{
extern int Client;
+#ifdef USE_SSL
+ extern BOOL sslEnabled; /* don't use function for performance reasons */
+ static int sslConnected = 0;
+#endif /* USE_SSL */
static int trans_num;
int msg_type = CVAL(inbuf,0);
int32 len = smb_len(inbuf);
name" */
static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
DEBUG(1,("%s Connection denied from %s\n",
- timestring(),client_addr()));
+ timestring(),client_addr(Client)));
send_smb(Client,(char *)buf);
exit_server("connection denied");
}
DEBUG(6,("got message type 0x%x of len 0x%x\n",msg_type,len));
DEBUG(3,("%s Transaction %d of length %d\n",timestring(),trans_num,nread));
+#ifdef USE_SSL
+ if(sslEnabled && !sslConnected){
+ sslConnected = sslutil_negotiate_ssl(Client, msg_type);
+ if(sslConnected < 0){ /* an error occured */
+ exit_server("SSL negotiation failed");
+ }else if(sslConnected){
+ trans_num++;
+ return;
+ }
+ }
+#endif /* USE_SSL */
+
#ifdef WITH_VTP
if(trans_num == 1 && VT_Check(inbuf))
{
if (msg_type == 0)
show_msg(inbuf);
+ else if(msg_type == 0x85)
+ return; /* Keepalive packet. */
nread = construct_reply(inbuf,outbuf,nread,max_send);
/****************************************************************************
open the oplock IPC socket communication
****************************************************************************/
-static BOOL open_oplock_ipc()
+static BOOL open_oplock_ipc(void)
{
struct sockaddr_in sock_name;
int len = sizeof(sock_name);
****************************************************************************/
BOOL oplock_break(uint32 dev, uint32 inode, struct timeval *tval)
{
+ extern struct current_user current_user;
extern int Client;
- static char *inbuf = NULL;
- static char *outbuf = NULL;
+ char *inbuf = NULL;
+ char *outbuf = NULL;
files_struct *fsp = NULL;
int fnum;
time_t start_time;
BOOL shutdown_server = False;
+ int saved_cnum;
+ int saved_vuid;
+ pstring saved_dir;
DEBUG(3,("%s oplock_break: called for dev = %x, inode = %x. Current \
global_oplocks_open = %d\n", timestring(), dev, inode, global_oplocks_open));
/* We need to search the file open table for the
entry containing this dev and inode, and ensure
we have an oplock on it. */
- for( fnum = 0; fnum < MAX_OPEN_FILES; fnum++)
+ for( fnum = 0; fnum < MAX_FNUMS; fnum++)
{
if(OPEN_FNUM(fnum))
{
start_time = time(NULL);
+ /*
+ * Save the information we need to re-become the
+ * user, then unbecome the user whilst we're doing this.
+ */
+ saved_cnum = fsp->cnum;
+ saved_vuid = current_user.vuid;
+ GetWd(saved_dir);
+ unbecome_user();
+
while(OPEN_FNUM(fnum) && fsp->granted_oplock)
{
if(receive_smb(Client,inbuf,OPLOCK_BREAK_TIMEOUT * 1000) == False)
shutdown_server = True;
break;
}
+
+ /*
+ * There are certain SMB requests that we shouldn't allow
+ * to recurse. opens, renames and deletes are the obvious
+ * ones. This is handled in the switch_message() function.
+ * If global_oplock_break is set they will push the packet onto
+ * the pending smb queue and return -1 (no reply).
+ * JRA.
+ */
+
process_smb(inbuf, outbuf);
/*
}
}
+ /*
+ * Go back to being the user who requested the oplock
+ * break.
+ */
+ if(!become_user(&Connections[saved_cnum], saved_cnum, saved_vuid))
+ {
+ DEBUG(0,("%s oplock_break: unable to re-become user ! Shutting down server\n",
+ timestring()));
+ close_sockets();
+ close(oplock_sock);
+ exit_server("unable to re-become user");
+ }
+ /* Including the directory. */
+ ChDir(saved_dir);
+
/* Free the buffers we've been using to recurse. */
free(inbuf);
free(outbuf);
char op_break_msg[OPLOCK_BREAK_MSG_LEN];
struct sockaddr_in addr_out;
int pid = getpid();
+ time_t start_time;
+ int time_left;
if(pid == share_entry->pid)
{
* While we get messages that aren't ours, loop.
*/
- while(1)
+ start_time = time(NULL);
+ time_left = OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR;
+
+ while(time_left >= 0)
{
char op_break_reply[UDP_CMD_HEADER_LEN+OPLOCK_BREAK_MSG_LEN];
int32 reply_msg_len;
char *reply_msg_start;
if(receive_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply),
- (OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR) * 1000) == False)
+ time_left ? time_left * 1000 : 1) == False)
{
if(smb_read_error == READ_TIMEOUT)
{
return False;
}
- /*
- * If the response we got was not an answer to our message, but
- * was a completely different request, push it onto the pending
- * udp message stack so that we can deal with it in the main loop.
- * It may be another oplock break request to us.
- */
-
- /*
- * Local note from JRA. There exists the possibility of a denial
- * of service attack here by allowing non-root processes running
- * on a local machine sending many of these pending messages to
- * a smbd port. Currently I'm not sure how to restrict the messages
- * I will queue (although I could add a limit to the queue) to
- * those received by root processes only. There should be a
- * way to make this bulletproof....
- */
-
reply_msg_len = IVAL(op_break_reply,UDP_CMD_LEN_OFFSET);
reply_from_port = SVAL(op_break_reply,UDP_CMD_PORT_OFFSET);
continue;
}
- if(((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) == 0) ||
- (reply_from_port != share_entry->op_port) ||
+ /*
+ * Test to see if this is the reply we are awaiting.
+ */
+
+ if((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) &&
+ (reply_from_port == share_entry->op_port) &&
(memcmp(&reply_msg_start[OPLOCK_BREAK_PID_OFFSET],
&op_break_msg[OPLOCK_BREAK_PID_OFFSET],
- OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) != 0))
+ OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) == 0))
{
- DEBUG(3,("%s request_oplock_break: received other message whilst awaiting \
-oplock break response from pid %d on port %d for dev = %x, inode = %x.\n",
- timestring(), share_entry->pid, share_entry->op_port, dev, inode));
- if(push_local_message(op_break_reply, sizeof(op_break_reply)) == False)
- return False;
- continue;
+ /*
+ * This is the reply we've been waiting for.
+ */
+ break;
+ }
+ else
+ {
+ /*
+ * This is another message - probably a break request.
+ * Process it to prevent potential deadlock.
+ * Note that the code in switch_message() prevents
+ * us from recursing into here as any SMB requests
+ * we might process that would cause another oplock
+ * break request to be made will be queued.
+ * JRA.
+ */
+
+ process_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply));
}
- break;
+ time_left -= (time(NULL) - start_time);
}
DEBUG(3,("%s request_oplock_break: broke oplock.\n", timestring()));
process_local_message(oplock_sock, inbuf, bufsize);
continue;
}
+
+ if(ret && (CVAL(inbuf,0) == 0x85))
+ {
+ /* Keepalive packet. */
+ got_smb = False;
+ }
+
}
while(ret && !got_smb);
BOOL ret;
if (lp_loaded())
+ {
+ pstring fname;
+ pstrcpy(fname,lp_configfile());
+ if (file_exist(fname,NULL) && !strcsequal(fname,servicesf))
{
- pstring fname;
- pstrcpy(fname,lp_configfile());
- if (file_exist(fname,NULL) && !strcsequal(fname,servicesf))
- {
- pstrcpy(servicesf,fname);
- test = False;
- }
+ pstrcpy(servicesf,fname);
+ test = False;
}
+ }
reopen_logs();
lp_killunused(snum_used);
- ret = lp_load(servicesf,False);
+ ret = lp_load(servicesf,False,False,True);
/* perhaps the config filename is now set */
if (!test)
}
}
- reset_mangled_stack( lp_mangledstack() );
+ reset_mangled_cache();
/* this forces service parameters to be flushed */
become_service(-1,True);
/****************************************************************************
this prevents zombie child processes
****************************************************************************/
-static int sig_hup()
+static BOOL reload_after_sighup = False;
+
+static int sig_hup(void)
{
BlockSignals(True,SIGHUP);
DEBUG(0,("Got SIGHUP\n"));
- reload_services(False);
+
+ /*
+ * Fix from <branko.cibej@hermes.si> here.
+ * We used to reload in the signal handler - this
+ * is a *BIG* no-no.
+ */
+
+ reload_after_sighup = True;
#ifndef DONT_REINSTALL_SIG
signal(SIGHUP,SIGNAL_CAST sig_hup);
#endif
return(0);
}
-/****************************************************************************
-Setup the groups a user belongs to.
-****************************************************************************/
-int setup_groups(char *user, int uid, int gid, int *p_ngroups,
- int **p_igroups, gid_t **p_groups,
- int **p_attrs)
-{
- if (-1 == initgroups(user,gid))
- {
- if (getuid() == 0)
- {
- DEBUG(0,("Unable to initgroups!\n"));
- if (gid < 0 || gid > 16000 || uid < 0 || uid > 16000)
- DEBUG(0,("This is probably a problem with the account %s\n",user));
- }
- }
- else
- {
- int i,ngroups;
- int *igroups;
- int *attrs;
- gid_t grp = 0;
- ngroups = getgroups(0,&grp);
- if (ngroups <= 0)
- ngroups = 32;
- igroups = (int *)malloc(sizeof(int)*ngroups);
- attrs = (int *)malloc(sizeof(int)*ngroups);
- for (i=0;i<ngroups;i++)
- {
- attrs [i] = 0x7; /* XXXX don't know what NT user attributes are yet! */
- igroups[i] = 0x42424242;
- }
- ngroups = getgroups(ngroups,(gid_t *)igroups);
-
- if (igroups[0] == 0x42424242)
- ngroups = 0;
-
- *p_ngroups = ngroups;
- *p_attrs = attrs;
-
- /* The following bit of code is very strange. It is due to the
- fact that some OSes use int* and some use gid_t* for
- getgroups, and some (like SunOS) use both, one in prototypes,
- and one in man pages and the actual code. Thus we detect it
- dynamically using some very ugly code */
- if (ngroups > 0)
- {
- /* does getgroups return ints or gid_t ?? */
- static BOOL groups_use_ints = True;
-
- if (groups_use_ints &&
- ngroups == 1 &&
- SVAL(igroups,2) == 0x4242)
- groups_use_ints = False;
-
- for (i=0;groups_use_ints && i<ngroups;i++)
- if (igroups[i] == 0x42424242)
- groups_use_ints = False;
-
- if (groups_use_ints)
- {
- *p_igroups = igroups;
- *p_groups = (gid_t *)igroups;
- }
- else
- {
- gid_t *groups = (gid_t *)igroups;
- igroups = (int *)malloc(sizeof(int)*ngroups);
- for (i=0;i<ngroups;i++)
- {
- igroups[i] = groups[i];
- }
- *p_igroups = igroups;
- *p_groups = (gid_t *)groups;
- }
- }
- DEBUG(3,("%s is in %d groups\n",user,ngroups));
- for (i=0;i<ngroups;i++)
- DEBUG(3,("%d ",igroups[i]));
- DEBUG(3,("\n"));
- }
- return 0;
-}
/****************************************************************************
make a connection to a service
connection_struct *pcon;
BOOL guest = False;
BOOL force = False;
- static BOOL first_connection = True;
strlower(service);
snum = find_service(service);
if (snum < 0)
{
+ extern int Client;
if (strequal(service,"IPC$"))
{
DEBUG(3,("%s refusing IPC connection\n",timestring()));
return(-3);
}
- DEBUG(0,("%s couldn't find service %s\n",timestring(),service));
+ DEBUG(0,("%s %s (%s) couldn't find service %s\n",timestring(),remote_machine,client_addr(Client),service));
return(-2);
}
if (*user && Get_Pwnam(user,True))
return(make_connection(user,user,password,pwlen,dev,vuid));
- if (validated_username(vuid))
- {
- strcpy(user,validated_username(vuid));
- return(make_connection(user,user,password,pwlen,dev,vuid));
- }
+ if(lp_security() != SEC_SHARE)
+ {
+ if (validated_username(vuid))
+ {
+ pstrcpy(user,validated_username(vuid));
+ return(make_connection(user,user,password,pwlen,dev,vuid));
+ }
+ }
+ else
+ {
+ /*
+ * Security = share. Try with sesssetup_user as the username.
+ */
+ if(*sesssetup_user)
+ {
+ pstrcpy(user,sesssetup_user);
+ return(make_connection(user,user,password,pwlen,dev,vuid));
+ }
+ }
}
if (!lp_snum_ok(snum) || !check_access(snum)) {
/* you can only connect to the IPC$ service as an ipc device */
if (strequal(service,"IPC$"))
- strcpy(dev,"IPC");
+ pstrcpy(dev,"IPC");
if (*dev == '?' || !*dev)
{
if (lp_print_ok(snum))
- strcpy(dev,"LPT1:");
+ pstrcpy(dev,"LPT1:");
else
- strcpy(dev,"A:");
+ pstrcpy(dev,"A:");
}
/* if the request is as a printer and you can't print then refuse */
}
if (lp_status(SNUM(cnum)))
- claim_connection(cnum,"STATUS.",MAXSTATUS,first_connection);
-
- first_connection = False;
+ claim_connection(cnum,"STATUS.",MAXSTATUS,False);
} /* IS_IPC */
pcon->open = True;
}
{
+ extern int Client;
DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
timestring(),
remote_machine,
- client_addr(),
+ client_addr(Client),
lp_servicename(SNUM(cnum)),user,
pcon->uid,
pcon->gid,
return(cnum);
}
+/****************************************************************************
+ Attempt to break an oplock on a file (if oplocked).
+ Returns True if the file was closed as a result of
+ the oplock break, False otherwise.
+ Used as a last ditch attempt to free a space in the
+ file table when we have run out.
+****************************************************************************/
+
+static BOOL attempt_close_oplocked_file(files_struct *fp)
+{
+
+ DEBUG(5,("attempt_close_oplocked_file: checking file %s.\n", fp->name));
+
+ if (fp->open && fp->granted_oplock && !fp->sent_oplock_break) {
+
+ /* Try and break the oplock. */
+ file_fd_struct *fsp = fp->fd_ptr;
+ if(oplock_break( fsp->dev, fsp->inode, &fp->open_time)) {
+ if(!fp->open) /* Did the oplock break close the file ? */
+ return True;
+ }
+ }
+
+ return False;
+}
/****************************************************************************
find first available file slot
****************************************************************************/
int find_free_file(void )
{
- int i;
- /* returning a file handle of 0 is a bad idea - so we start at 1 */
- for (i=1;i<MAX_OPEN_FILES;i++)
- if (!Files[i].open) {
- /* paranoia */
- memset(&Files[i], 0, sizeof(Files[i]));
- return(i);
- }
- DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
- return(-1);
+ int i;
+ static int first_file;
+
+ /* we want to give out file handles differently on each new
+ connection because of a common bug in MS clients where they try to
+ reuse a file descriptor from an earlier smb connection. This code
+ increases the chance that the errant client will get an error rather
+ than causing corruption */
+ if (first_file == 0) {
+ first_file = (getpid() ^ (int)time(NULL)) % MAX_FNUMS;
+ if (first_file == 0) first_file = 1;
+ }
+
+ if (first_file >= MAX_FNUMS)
+ first_file = 1;
+
+ for (i=first_file;i<MAX_FNUMS;i++)
+ if (!Files[i].open && !Files[i].reserved) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+
+ /* returning a file handle of 0 is a bad idea - so we start at 1 */
+ for (i=1;i<first_file;i++)
+ if (!Files[i].open && !Files[i].reserved) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+
+ /*
+ * Before we give up, go through the open files
+ * and see if there are any files opened with a
+ * batch oplock. If so break the oplock and then
+ * re-use that entry (if it becomes closed).
+ * This may help as NT/95 clients tend to keep
+ * files batch oplocked for quite a long time
+ * after they have finished with them.
+ */
+ for (i=first_file;i<MAX_FNUMS;i++) {
+ if(attempt_close_oplocked_file( &Files[i])) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+ }
+
+ for (i=1;i<MAX_FNUMS;i++) {
+ if(attempt_close_oplocked_file( &Files[i])) {
+ memset(&Files[i], 0, sizeof(Files[i]));
+ first_file = i+1;
+ Files[i].reserved = True;
+ return(i);
+ }
+ }
+
+ DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
+ return(-1);
}
/****************************************************************************
int reply_nt1(char *outbuf)
{
/* dual names + lock_and_read + nt SMBs + remote API calls */
- int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ;
+ int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|CAP_RPC_REMOTE_APIS
+#ifdef HAVE_NT_SMBS
+ |CAP_NT_SMBS
+#endif /* HAVE_NT_SMBS */
+ ;
+
/*
other valid capabilities which we may support at some time...
CAP_LARGE_FILES|CAP_NT_SMBS|CAP_RPC_REMOTE_APIS;
/* decide where (if) to put the encryption challenge, and
follow it with the OEM'd domain name
*/
- data_len = crypt_len + strlen(myworkgroup) + 1;
+ data_len = crypt_len + strlen(global_myworkgroup) + 1;
set_message(outbuf,17,data_len,True);
- strcpy(smb_buf(outbuf)+crypt_len, myworkgroup);
+ pstrcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup);
CVAL(outbuf,smb_vwv1) = secword;
SSVALS(outbuf,smb_vwv16+1,crypt_len);
SSVAL(outbuf,smb_vwv1+1,lp_maxmux()); /* maxmpx */
SSVAL(outbuf,smb_vwv2+1,1); /* num vcs */
SIVAL(outbuf,smb_vwv3+1,0xffff); /* max buffer. LOTS! */
- SIVAL(outbuf,smb_vwv5+1,0xffff); /* raw size. LOTS! */
+ SIVAL(outbuf,smb_vwv5+1,0x10000); /* raw size. full 64k */
SIVAL(outbuf,smb_vwv7+1,getpid()); /* session key */
SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
put_long_date(outbuf+smb_vwv11+1,t);
/****************************************************************************
reply to a negprot
****************************************************************************/
-static int reply_negprot(char *inbuf,char *outbuf)
+static int reply_negprot(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
{
int outsize = set_message(outbuf,1,0,True);
int Index=0;
/* a special case to stop password server loops */
if (Index == 1 && strequal(remote_machine,myhostname) &&
- lp_security()==SEC_SERVER)
+ (lp_security()==SEC_SERVER || lp_security()==SEC_DOMAIN))
exit_server("Password server loop!");
/* Check for protocols, most desirable first */
static void close_open_files(int cnum)
{
int i;
- for (i=0;i<MAX_OPEN_FILES;i++)
+ for (i=0;i<MAX_FNUMS;i++)
if( Files[i].cnum == cnum && Files[i].open) {
- close_file(i,False);
+ if(Files[i].is_directory)
+ close_directory(i);
+ else
+ close_file(i,False);
}
}
****************************************************************************/
void close_cnum(int cnum, uint16 vuid)
{
+ extern int Client;
DirCacheFlush(SNUM(cnum));
unbecome_user();
DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
timestring(),
- remote_machine,client_addr(),
+ remote_machine,client_addr(Client),
lp_servicename(SNUM(cnum))));
yield_connection(cnum,
if (*lp_postexec(SNUM(cnum)) && become_user(&Connections[cnum], cnum,vuid))
{
pstring cmd;
- strcpy(cmd,lp_postexec(SNUM(cnum)));
+ pstrcpy(cmd,lp_postexec(SNUM(cnum)));
standard_sub(cnum,cmd);
smbrun(cmd,NULL,False);
unbecome_user();
if (*lp_rootpostexec(SNUM(cnum)))
{
pstring cmd;
- strcpy(cmd,lp_rootpostexec(SNUM(cnum)));
+ pstrcpy(cmd,lp_rootpostexec(SNUM(cnum)));
standard_sub(cnum,cmd);
smbrun(cmd,NULL,False);
}
}
-/****************************************************************************
-simple routines to do connection counting
-****************************************************************************/
-BOOL yield_connection(int cnum,char *name,int max_connections)
-{
- struct connect_record crec;
- pstring fname;
- FILE *f;
- int mypid = getpid();
- int i;
-
- DEBUG(3,("Yielding connection to %d %s\n",cnum,name));
-
- if (max_connections <= 0)
- return(True);
-
- bzero(&crec,sizeof(crec));
-
- pstrcpy(fname,lp_lockdir());
- standard_sub(cnum,fname);
- trim_string(fname,"","/");
-
- strcat(fname,"/");
- strcat(fname,name);
- strcat(fname,".LCK");
-
- f = fopen(fname,"r+");
- if (!f)
- {
- DEBUG(2,("Couldn't open lock file %s (%s)\n",fname,strerror(errno)));
- return(False);
- }
-
- fseek(f,0,SEEK_SET);
-
- /* find a free spot */
- for (i=0;i<max_connections;i++)
- {
- if (fread(&crec,sizeof(crec),1,f) != 1)
- {
- DEBUG(2,("Entry not found in lock file %s\n",fname));
- fclose(f);
- return(False);
- }
- if (crec.pid == mypid && crec.cnum == cnum)
- break;
- }
-
- if (crec.pid != mypid || crec.cnum != cnum)
- {
- fclose(f);
- DEBUG(2,("Entry not found in lock file %s\n",fname));
- return(False);
- }
-
- bzero((void *)&crec,sizeof(crec));
-
- /* remove our mark */
- if (fseek(f,i*sizeof(crec),SEEK_SET) != 0 ||
- fwrite(&crec,sizeof(crec),1,f) != 1)
- {
- DEBUG(2,("Couldn't update lock file %s (%s)\n",fname,strerror(errno)));
- fclose(f);
- return(False);
- }
-
- DEBUG(3,("Yield successful\n"));
-
- fclose(f);
- return(True);
-}
-
-
-/****************************************************************************
-simple routines to do connection counting
-****************************************************************************/
-BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
-{
- struct connect_record crec;
- pstring fname;
- FILE *f;
- int snum = SNUM(cnum);
- int i,foundi= -1;
- int total_recs;
-
- if (max_connections <= 0)
- return(True);
-
- DEBUG(5,("trying claim %s %s %d\n",lp_lockdir(),name,max_connections));
-
- pstrcpy(fname,lp_lockdir());
- standard_sub(cnum,fname);
- trim_string(fname,"","/");
-
- if (!directory_exist(fname,NULL))
- mkdir(fname,0755);
-
- strcat(fname,"/");
- strcat(fname,name);
- strcat(fname,".LCK");
-
- if (!file_exist(fname,NULL))
- {
- int oldmask = umask(022);
- f = fopen(fname,"w");
- if (f) fclose(f);
- umask(oldmask);
- }
-
- total_recs = file_size(fname) / sizeof(crec);
-
- f = fopen(fname,"r+");
-
- if (!f)
- {
- DEBUG(1,("couldn't open lock file %s\n",fname));
- return(False);
- }
-
- /* find a free spot */
- for (i=0;i<max_connections;i++)
- {
-
- if (i>=total_recs ||
- fseek(f,i*sizeof(crec),SEEK_SET) != 0 ||
- fread(&crec,sizeof(crec),1,f) != 1)
- {
- if (foundi < 0) foundi = i;
- break;
- }
-
- if (Clear && crec.pid && !process_exists(crec.pid))
- {
- fseek(f,i*sizeof(crec),SEEK_SET);
- bzero((void *)&crec,sizeof(crec));
- fwrite(&crec,sizeof(crec),1,f);
- if (foundi < 0) foundi = i;
- continue;
- }
- if (foundi < 0 && (!crec.pid || !process_exists(crec.pid)))
- {
- foundi=i;
- if (!Clear) break;
- }
- }
-
- if (foundi < 0)
- {
- DEBUG(3,("no free locks in %s\n",fname));
- fclose(f);
- return(False);
- }
-
- /* fill in the crec */
- bzero((void *)&crec,sizeof(crec));
- crec.magic = 0x280267;
- crec.pid = getpid();
- crec.cnum = cnum;
- crec.uid = Connections[cnum].uid;
- crec.gid = Connections[cnum].gid;
- StrnCpy(crec.name,lp_servicename(snum),sizeof(crec.name)-1);
- crec.start = time(NULL);
-
- StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1);
- StrnCpy(crec.addr,client_addr(),sizeof(crec.addr)-1);
-
- /* make our mark */
- if (fseek(f,foundi*sizeof(crec),SEEK_SET) != 0 ||
- fwrite(&crec,sizeof(crec),1,f) != 1)
- {
- fclose(f);
- return(False);
- }
-
- fclose(f);
- return(True);
-}
#if DUMP_CORE
/*******************************************************************
pstring dname;
pstrcpy(dname,debugf);
if ((p=strrchr(dname,'/'))) *p=0;
- strcat(dname,"/corefiles");
+ pstrcat(dname,"/corefiles");
mkdir(dname,0700);
sys_chown(dname,getuid(),getgid());
chmod(dname,0700);
case 'S' : string_sub(p,"%S",lp_servicename(Connections[cnum].service)); break;
case 'g' : string_sub(p,"%g",gidtoname(Connections[cnum].gid)); break;
case 'u' : string_sub(p,"%u",Connections[cnum].user); break;
+ /*
+ * Patch from jkf@soton.ac.uk
+ * Left the %N (NIS server name) in standard_sub_basic as it
+ * is a feature for logon servers, hence uses the username.
+ * The %p (NIS server path) code is here as it is used
+ * instead of the default "path =" string in [homes] and so
+ * needs the service name, not the username.
+ */
+ case 'p' : string_sub(p,"%p",automount_path(lp_servicename(Connections[cnum].service))); break;
case '\0' : p++; break; /* don't run off the end of the string */
default : p+=2; break;
}
#define TIME_INIT (1<<2)
#define CAN_IPC (1<<3)
#define AS_GUEST (1<<5)
-
+#define QUEUE_IN_OPLOCK (1<<6)
/*
define a list of possible SMB messages and their corresponding
{
int code;
char *name;
- int (*fn)();
+ int (*fn)(char *, char *, int, int);
int flags;
#if PROFILING
unsigned long time;
{SMBsetatr,"SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
{SMBchkpth,"SMBchkpth",reply_chkpth,AS_USER},
{SMBsearch,"SMBsearch",reply_search,AS_USER},
- {SMBopen,"SMBopen",reply_open,AS_USER},
+ {SMBopen,"SMBopen",reply_open,AS_USER | QUEUE_IN_OPLOCK },
/* note that SMBmknew and SMBcreate are deliberately overloaded */
{SMBcreate,"SMBcreate",reply_mknew,AS_USER},
{SMBmknew,"SMBmknew",reply_mknew,AS_USER},
- {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE},
+ {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
{SMBread,"SMBread",reply_read,AS_USER},
{SMBwrite,"SMBwrite",reply_write,AS_USER},
{SMBclose,"SMBclose",reply_close,AS_USER | CAN_IPC},
{SMBmkdir,"SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
{SMBrmdir,"SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
{SMBdskattr,"SMBdskattr",reply_dskattr,AS_USER},
- {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE},
+ {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
/* this is a Pathworks specific call, allowing the
changing of the root path */
{SMBlseek,"SMBlseek",reply_lseek,AS_USER},
{SMBflush,"SMBflush",reply_flush,AS_USER},
- {SMBctemp,"SMBctemp",reply_ctemp,AS_USER},
- {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER},
+ {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
+ {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
{SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
{SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER|AS_GUEST},
{SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
{SMBtrans,"SMBtrans",reply_trans,AS_USER | CAN_IPC},
{SMBtranss,"SMBtranss",NULL,AS_USER | CAN_IPC},
{SMBioctls,"SMBioctls",NULL,AS_USER},
- {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE},
- {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE},
+ {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
+ {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
- {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC},
- {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER},
+ {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
+ {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER | CAN_IPC },
{SMBwriteX,"SMBwriteX",reply_write_and_X,AS_USER},
{SMBlockingX,"SMBlockingX",reply_lockingX,AS_USER},
/* LANMAN2.0 PROTOCOL FOLLOWS */
{SMBfindnclose, "SMBfindnclose", reply_findnclose, AS_USER},
{SMBfindclose, "SMBfindclose", reply_findclose,AS_USER},
- {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER},
+ {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER },
{SMBtranss2, "SMBtranss2", reply_transs2, AS_USER},
+#ifdef HAVE_NT_SMBS
+ /* NT PROTOCOL FOLLOWS */
+ {SMBntcreateX, "SMBntcreateX", reply_ntcreate_and_X, AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
+ {SMBnttrans, "SMBnttrans", reply_nttrans, AS_USER | CAN_IPC },
+ {SMBnttranss, "SMBnttranss", reply_nttranss, AS_USER | CAN_IPC },
+ {SMBntcancel, "SMBntcancel", reply_ntcancel, AS_USER },
+#endif /* HAVE_NT_SMBS */
+
/* messaging routines */
{SMBsends,"SMBsends",reply_sends,AS_GUEST},
{SMBsendstrt,"SMBsendstrt",reply_sendstrt,AS_GUEST},
/* make sure this is an SMB packet */
if (strncmp(smb_base(inbuf),"\377SMB",4) != 0)
- {
- DEBUG(2,("Non-SMB packet of length %d\n",smb_len(inbuf)));
- return(-1);
- }
+ {
+ DEBUG(2,("Non-SMB packet of length %d\n",smb_len(inbuf)));
+ return(-1);
+ }
for (match=0;match<num_smb_messages;match++)
if (smb_messages[match].code == type)
break;
if (match == num_smb_messages)
- {
- DEBUG(0,("Unknown message type %d!\n",type));
- outsize = reply_unknown(inbuf,outbuf);
- }
+ {
+ DEBUG(0,("Unknown message type %d!\n",type));
+ outsize = reply_unknown(inbuf,outbuf);
+ }
else
+ {
+ DEBUG(3,("switch message %s (pid %d)\n",smb_messages[match].name,pid));
+
+ if(global_oplock_break && (smb_messages[match].flags & QUEUE_IN_OPLOCK))
{
- DEBUG(3,("switch message %s (pid %d)\n",smb_messages[match].name,pid));
- if (smb_messages[match].fn)
- {
- int cnum = SVAL(inbuf,smb_tid);
- int flags = smb_messages[match].flags;
- uint16 session_tag = SVAL(inbuf,smb_uid);
-
- /* does this protocol need to be run as root? */
- if (!(flags & AS_USER))
- unbecome_user();
-
- /* does this protocol need to be run as the connected user? */
- if ((flags & AS_USER) && !become_user(&Connections[cnum], cnum,session_tag)) {
- if (flags & AS_GUEST)
- flags &= ~AS_USER;
- else
- return(ERROR(ERRSRV,ERRinvnid));
- }
- /* this code is to work around a bug is MS client 3 without
- introducing a security hole - it needs to be able to do
- print queue checks as guest if it isn't logged in properly */
- if (flags & AS_USER)
- flags &= ~AS_GUEST;
+ /*
+ * Queue this message as we are the process of an oplock break.
+ */
+
+ DEBUG(2,("%s: switch_message: queueing message due to being in oplock break state.\n",
+ timestring() ));
+
+ push_smb_message( inbuf, size);
+ return -1;
+ }
- /* does it need write permission? */
- if ((flags & NEED_WRITE) && !CAN_WRITE(cnum))
- return(ERROR(ERRSRV,ERRaccess));
+ if (smb_messages[match].fn)
+ {
+ int cnum = SVAL(inbuf,smb_tid);
+ int flags = smb_messages[match].flags;
+ static uint16 last_session_tag = UID_FIELD_INVALID;
+ /* In share mode security we must ignore the vuid. */
+ uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
+ /* Ensure this value is replaced in the incoming packet. */
+ SSVAL(inbuf,smb_uid,session_tag);
- /* ipc services are limited */
- if (IS_IPC(cnum) && (flags & AS_USER) && !(flags & CAN_IPC))
- return(ERROR(ERRSRV,ERRaccess));
+ /*
+ * Ensure the correct username is in sesssetup_user.
+ * This is a really ugly bugfix for problems with
+ * multiple session_setup_and_X's being done and
+ * allowing %U and %G substitutions to work correctly.
+ * There is a reason this code is done here, don't
+ * move it unless you know what you're doing... :-).
+ * JRA.
+ */
+ if(session_tag != last_session_tag ) {
+ user_struct *vuser = NULL;
+
+ last_session_tag = session_tag;
+ if(session_tag != UID_FIELD_INVALID)
+ vuser = get_valid_user_struct(session_tag);
+ if(vuser != NULL)
+ pstrcpy( sesssetup_user, vuser->requested_name);
+ }
- /* load service specific parameters */
- if (OPEN_CNUM(cnum) && !become_service(cnum,(flags & AS_USER)?True:False))
- return(ERROR(ERRSRV,ERRaccess));
+ /* does this protocol need to be run as root? */
+ if (!(flags & AS_USER))
+ unbecome_user();
- /* does this protocol need to be run as guest? */
- if ((flags & AS_GUEST) && (!become_guest() || !check_access(-1)))
- return(ERROR(ERRSRV,ERRaccess));
+ /* does this protocol need to be run as the connected user? */
+ if ((flags & AS_USER) && !become_user(&Connections[cnum], cnum,session_tag)) {
+ if (flags & AS_GUEST)
+ flags &= ~AS_USER;
+ else
+ return(ERROR(ERRSRV,ERRinvnid));
+ }
+ /* this code is to work around a bug is MS client 3 without
+ introducing a security hole - it needs to be able to do
+ print queue checks as guest if it isn't logged in properly */
+ if (flags & AS_USER)
+ flags &= ~AS_GUEST;
- last_inbuf = inbuf;
+ /* does it need write permission? */
+ if ((flags & NEED_WRITE) && !CAN_WRITE(cnum))
+ return(ERROR(ERRSRV,ERRaccess));
- outsize = smb_messages[match].fn(inbuf,outbuf,size,bufsize);
- }
- else
- {
- outsize = reply_unknown(inbuf,outbuf);
- }
+ /* ipc services are limited */
+ if (IS_IPC(cnum) && (flags & AS_USER) && !(flags & CAN_IPC))
+ return(ERROR(ERRSRV,ERRaccess));
+
+ /* load service specific parameters */
+ if (OPEN_CNUM(cnum) && !become_service(cnum,(flags & AS_USER)?True:False))
+ return(ERROR(ERRSRV,ERRaccess));
+
+ /* does this protocol need to be run as guest? */
+ if ((flags & AS_GUEST) && (!become_guest() || !check_access(-1)))
+ return(ERROR(ERRSRV,ERRaccess));
+
+ last_inbuf = inbuf;
+
+ outsize = smb_messages[match].fn(inbuf,outbuf,size,bufsize);
}
+ else
+ {
+ outsize = reply_unknown(inbuf,outbuf);
+ }
+ }
#if PROFILING
GetTimeOfDay(&msg_end_time);
if (!(smb_messages[match].flags & TIME_INIT))
- {
- smb_messages[match].time = 0;
- smb_messages[match].flags |= TIME_INIT;
- }
+ {
+ smb_messages[match].time = 0;
+ smb_messages[match].flags |= TIME_INIT;
+ }
{
unsigned long this_time =
(msg_end_time.tv_sec - msg_start_time.tv_sec)*1e6 +
- (msg_end_time.tv_usec - msg_start_time.tv_usec);
+ (msg_end_time.tv_usec - msg_start_time.tv_usec);
smb_messages[match].time += this_time;
total_time += this_time;
}
DEBUG(2,("TIME %s %d usecs %g pct\n",
- smb_fn_name(type),smb_messages[match].time,
- (100.0*smb_messages[match].time) / total_time));
+ smb_fn_name(type),smb_messages[match].time,
+ (100.0*smb_messages[match].time) / total_time));
#endif
return(outsize);
CVAL(outbuf2,smb_com) = CVAL(inbuf2,smb_com);
memcpy(outbuf2+4,inbuf2+4,4);
- CVAL(outbuf2,smb_rcls) = SUCCESS;
+ CVAL(outbuf2,smb_rcls) = SMB_SUCCESS;
CVAL(outbuf2,smb_reh) = 0;
CVAL(outbuf2,smb_flg) = 0x80 | (CVAL(inbuf2,smb_flg) & 0x8); /* bit 7 set
means a reply */
SSVAL(outbuf2,smb_flg2,1); /* say we support long filenames */
- SSVAL(outbuf2,smb_err,SUCCESS);
+ SSVAL(outbuf2,smb_err,SMB_SUCCESS);
SSVAL(outbuf2,smb_tid,SVAL(inbuf2,smb_tid));
SSVAL(outbuf2,smb_pid,SVAL(inbuf2,smb_pid));
SSVAL(outbuf2,smb_uid,SVAL(inbuf2,smb_uid));
set_message(outbuf,0,0,True);
memcpy(outbuf+4,inbuf+4,4);
- CVAL(outbuf,smb_rcls) = SUCCESS;
+ CVAL(outbuf,smb_rcls) = SMB_SUCCESS;
CVAL(outbuf,smb_reh) = 0;
CVAL(outbuf,smb_flg) = 0x80 | (CVAL(inbuf,smb_flg) & 0x8); /* bit 7 set
means a reply */
SSVAL(outbuf,smb_flg2,1); /* say we support long filenames */
- SSVAL(outbuf,smb_err,SUCCESS);
+ SSVAL(outbuf,smb_err,SMB_SUCCESS);
SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
reload_services(True);
}
+ /*
+ * If reload_after_sighup == True then we got a SIGHUP
+ * and are being asked to reload. Fix from <branko.cibej@hermes.si>
+ */
+
+ if (reload_after_sighup)
+ {
+ DEBUG(0,("Reloading services after SIGHUP\n"));
+ reload_services(False);
+ reload_after_sighup = False;
+ }
+
/* automatic timeout if all connections are closed */
if (num_connections_open==0 && counter >= IDLE_CLOSED_TIMEOUT)
{
DEBUG(2,("%s Closing idle connection 2\n",timestring()));
return;
}
+
+ if(global_machine_pasword_needs_changing)
+ {
+ unsigned char trust_passwd_hash[16];
+ time_t lct;
+ pstring remote_machine_list;
+
+ /*
+ * We're in domain level security, and the code that
+ * read the machine password flagged that the machine
+ * password needs changing.
+ */
+
+ /*
+ * First, open the machine password file with an exclusive lock.
+ */
+
+ if(!trust_password_lock( global_myworkgroup, global_myname, True)) {
+ DEBUG(0,("process: unable to open the machine account password file for \
+machine %s in domain %s.\n", global_myname, global_myworkgroup ));
+ continue;
+ }
+
+ if(!get_trust_account_password( trust_passwd_hash, &lct)) {
+ DEBUG(0,("process: unable to read the machine account password for \
+machine %s in domain %s.\n", global_myname, global_myworkgroup ));
+ trust_password_unlock();
+ continue;
+ }
+
+ /*
+ * Make sure someone else hasn't already done this.
+ */
+
+ if(t < lct + lp_machine_password_timeout()) {
+ trust_password_unlock();
+ global_machine_pasword_needs_changing = False;
+ continue;
+ }
+
+ pstrcpy(remote_machine_list, lp_passwordserver());
+
+ change_trust_account_password( global_myworkgroup, remote_machine_list);
+ trust_password_unlock();
+ global_machine_pasword_needs_changing = False;
+ }
}
if(got_smb)
int i;
get_myname(myhostname,NULL);
+ /*
+ * Set the machine NETBIOS name if not already
+ * set from the config file.
+ */
+
+ if (!*global_myname)
+ {
+ char *p;
+ fstrcpy( global_myname, myhostname );
+ p = strchr( global_myname, '.' );
+ if (p)
+ *p = 0;
+ }
+ strupper( global_myname );
+
for (i=0;i<MAX_CONNECTIONS;i++)
{
Connections[i].open = False;
string_init(&Connections[i].origpath,"");
}
- for (i=0;i<MAX_OPEN_FILES;i++)
+ for (i=0;i<MAX_FNUMS;i++)
{
Files[i].open = False;
string_init(&Files[i].name,"");
-
}
for (i=0;i<MAX_OPEN_FILES;i++)
/* for RPC pipes */
init_rpc_pipe_hnd();
-#ifdef NTDOMAIN
/* for LSA handles */
init_lsa_policy_hnd();
-#endif
init_dptrs();
}
int port = SMB_PORT;
int opt;
extern char *optarg;
- char pidFile[100];
-
- *pidFile = '\0';
#ifdef NEED_AUTH_PARAMETERS
set_auth_parameters(argc,argv);
TimeInit();
- strcpy(debugf,SMBLOGFILE);
+ pstrcpy(debugf,SMBLOGFILE);
+
+ pstrcpy(remote_machine, "smb");
setup_logging(argv[0],False);
charset_initialise();
- /* make absolutely sure we run as root - to handle cases whre people
+ /* make absolutely sure we run as root - to handle cases where people
are crazy enough to have it setuid */
#ifdef USE_SETRES
setresuid(0,0,0);
seteuid(0);
#endif
- fault_setup(exit_server);
+ fault_setup((void (*)(void *))exit_server);
signal(SIGTERM , SIGNAL_CAST dflt_sig);
/* we want total control over the permissions on created files,
while ((opt = getopt(argc, argv, "O:i:l:s:d:Dp:hPaf:")) != EOF)
switch (opt)
{
- case 'f':
- strncpy(pidFile, optarg, sizeof(pidFile));
- break;
case 'O':
- strcpy(user_socket_options,optarg);
+ pstrcpy(user_socket_options,optarg);
break;
case 'i':
- strcpy(scope,optarg);
+ pstrcpy(scope,optarg);
break;
case 'P':
{
}
break;
case 's':
- strcpy(servicesf,optarg);
+ pstrcpy(servicesf,optarg);
break;
case 'l':
- strcpy(debugf,optarg);
+ pstrcpy(debugf,optarg);
break;
case 'a':
{
{
struct rlimit rlp;
getrlimit(RLIMIT_NOFILE, &rlp);
- rlp.rlim_cur = (MAX_OPEN_FILES>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES;
+ /*
+ * Set the fd limit to be MAX_OPEN_FILES + 10 to account for the
+ * extra fd we need to read directories, as well as the log files
+ * and standard handles etc.
+ */
+ rlp.rlim_cur = (MAX_OPEN_FILES+10>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES+10;
setrlimit(RLIMIT_NOFILE, &rlp);
getrlimit(RLIMIT_NOFILE, &rlp);
DEBUG(3,("Maximum number of open files per session is %d\n",rlp.rlim_cur));
if (!reload_services(False))
return(-1);
+#ifdef USE_SSL
+ {
+ extern BOOL sslEnabled;
+ sslEnabled = lp_ssl_enabled();
+ if(sslEnabled)
+ sslutil_init(True);
+ }
+#endif /* USE_SSL */
+
codepage_initialise(lp_client_code_page());
- strcpy(myworkgroup, lp_workgroup());
+ pstrcpy(global_myworkgroup, lp_workgroup());
+
+ if(!pdb_generate_machine_sid())
+ {
+ DEBUG(0,("ERROR: Samba cannot get a machine SID.\n"));
+ exit(1);
+ }
#ifndef NO_SIGNAL_TEST
signal(SIGHUP,SIGNAL_CAST sig_hup);
#endif
-
+
+ /* Setup the signals that allow the debug log level
+ to by dynamically changed. */
+
+ /* If we are using the malloc debug code we can't use
+ SIGUSR1 and SIGUSR2 to do debug level changes. */
+
+#ifndef MEM_MAN
+#if defined(SIGUSR1)
+ signal( SIGUSR1, SIGNAL_CAST sig_usr1 );
+#endif /* SIGUSR1 */
+
+#if defined(SIGUSR2)
+ signal( SIGUSR2, SIGNAL_CAST sig_usr2 );
+#endif /* SIGUSR2 */
+#endif /* MEM_MAN */
+
DEBUG(3,("%s loaded services\n",timestring()));
if (!is_daemon && !is_a_socket(0))
mkdir(lp_lockdir(), 0755);
}
- if (*pidFile)
- {
- int fd;
- char buf[20];
-
- if ((fd = open(pidFile,
-#ifdef O_NONBLOCK
- O_NONBLOCK |
-#endif
- O_CREAT | O_WRONLY | O_TRUNC, 0644)) < 0)
- {
- DEBUG(0,("ERROR: can't open %s: %s\n", pidFile, strerror(errno)));
- exit(1);
- }
- if(fcntl_lock(fd,F_SETLK,0,1,F_WRLCK)==False)
- {
- DEBUG(0,("ERROR: smbd is already running\n"));
- exit(1);
- }
- sprintf(buf, "%u\n", (unsigned int) getpid());
- if (write(fd, buf, strlen(buf)) < 0)
- {
- DEBUG(0,("ERROR: can't write to %s: %s\n", pidFile, strerror(errno)));
- exit(1);
- }
- /* Leave pid file open & locked for the duration... */
- }
+ if (is_daemon) {
+ pidfile_create("smbd");
+ }
if (!open_sockets(is_daemon,port))
exit(1);
if (!locking_init(0))
exit(1);
+ if(!initialize_password_db())
+ exit(1);
+
/* possibly reload the services file. */
reload_services(True);
exit_server("normal exit");
return(0);
}
-
-