2 Unix SMB/Netbios implementation.
4 Main SMB server routines
5 Copyright (C) Andrew Tridgell 1992-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 pstring servicesf = CONFIGFILE;
26 extern pstring debugf;
27 extern pstring sesssetup_user;
28 extern fstring global_myworkgroup;
29 extern pstring global_myname;
31 char *InBuffer = NULL;
32 char *OutBuffer = NULL;
33 char *last_inbuf = NULL;
38 /* the last message the was processed */
39 int last_message = -1;
41 /* a useful macro to debug the last message processed */
42 #define LAST_MESSAGE() smb_fn_name(last_message)
45 extern int DEBUGLEVEL;
46 extern int case_default;
47 extern BOOL case_sensitive;
48 extern BOOL case_preserve;
49 extern BOOL use_mangled_map;
50 extern BOOL short_case_preserve;
51 extern BOOL case_mangle;
52 time_t smb_last_time=(time_t)0;
53 extern BOOL global_machine_pasword_needs_changing;
55 extern int smb_read_error;
57 extern pstring user_socket_options;
60 extern int dcelogin_atmost_once;
64 * This is set on startup - it defines the SID for this
67 extern DOM_SID global_machine_sid;
69 connection_struct Connections[MAX_CONNECTIONS];
70 files_struct Files[MAX_OPEN_FILES];
73 * Indirection for file fd's. Needed as POSIX locking
74 * is based on file/process, not fd/process.
76 file_fd_struct FileFd[MAX_OPEN_FILES];
77 int max_file_fd_used = 0;
82 * Size of data we can send to client. Set
83 * by the client for all protocols above CORE.
84 * Set by us for CORE protocol.
86 int max_send = BUFFER_SIZE;
88 * Size of the data we can receive. Set by us.
89 * Can be modified by the max xmit parameter.
91 int max_recv = BUFFER_SIZE;
93 /* a fnum to use when chaining */
96 /* number of open connections */
97 static int num_connections_open = 0;
99 /* Oplock ipc UDP socket. */
100 int oplock_sock = -1;
101 uint16 oplock_port = 0;
102 /* Current number of oplocks we have outstanding. */
103 int32 global_oplocks_open = 0;
105 BOOL global_oplock_break = False;
107 extern fstring remote_machine;
109 extern pstring OriginalDir;
111 /* these can be set by some functions to override the error codes */
112 int unix_ERR_class=SMB_SUCCESS;
116 extern int extra_time_offset;
118 extern pstring myhostname;
120 static int find_free_connection(int hash);
122 /* for readability... */
123 #define IS_DOS_READONLY(test_mode) (((test_mode) & aRONLY) != 0)
124 #define IS_DOS_DIR(test_mode) (((test_mode) & aDIR) != 0)
125 #define IS_DOS_ARCHIVE(test_mode) (((test_mode) & aARCH) != 0)
126 #define IS_DOS_SYSTEM(test_mode) (((test_mode) & aSYSTEM) != 0)
127 #define IS_DOS_HIDDEN(test_mode) (((test_mode) & aHIDDEN) != 0)
129 /****************************************************************************
130 when exiting, take the whole family
131 ****************************************************************************/
134 exit_server("caught signal");
135 return 0; /* Keep -Wall happy :-) */
137 /****************************************************************************
138 Send a SIGTERM to our process group.
139 *****************************************************************************/
142 if(am_parent) kill(0,SIGTERM);
145 /****************************************************************************
146 change a dos mode to a unix mode
147 base permission for files:
148 everybody gets read bit set
149 dos readonly is represented in unix by removing everyone's write bit
150 dos archive is represented in unix by the user's execute bit
151 dos system is represented in unix by the group's execute bit
152 dos hidden is represented in unix by the other's execute bit
153 Then apply create mask,
155 base permission for directories:
156 dos directory is represented in unix by unix's dir bit and the exec bit
157 Then apply create mask,
159 ****************************************************************************/
160 mode_t unix_mode(int cnum,int dosmode)
162 mode_t result = (S_IRUSR | S_IRGRP | S_IROTH);
164 if ( !IS_DOS_READONLY(dosmode) )
165 result |= (S_IWUSR | S_IWGRP | S_IWOTH);
167 if (IS_DOS_DIR(dosmode)) {
168 /* We never make directories read only for the owner as under DOS a user
169 can always create a file in a read-only directory. */
170 result |= (S_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH | S_IWUSR);
171 /* Apply directory mask */
172 result &= lp_dir_mode(SNUM(cnum));
173 /* Add in force bits */
174 result |= lp_force_dir_mode(SNUM(cnum));
176 if (MAP_ARCHIVE(cnum) && IS_DOS_ARCHIVE(dosmode))
179 if (MAP_SYSTEM(cnum) && IS_DOS_SYSTEM(dosmode))
182 if (MAP_HIDDEN(cnum) && IS_DOS_HIDDEN(dosmode))
185 /* Apply mode mask */
186 result &= lp_create_mode(SNUM(cnum));
187 /* Add in force bits */
188 result |= lp_force_create_mode(SNUM(cnum));
194 /****************************************************************************
195 change a unix mode to a dos mode
196 ****************************************************************************/
197 int dos_mode(int cnum,char *path,struct stat *sbuf)
200 extern struct current_user current_user;
202 DEBUG(8,("dos_mode: %d %s\n", cnum, path));
204 if (CAN_WRITE(cnum) && !lp_alternate_permissions(SNUM(cnum))) {
205 if (!((sbuf->st_mode & S_IWOTH) ||
206 Connections[cnum].admin_user ||
207 ((sbuf->st_mode & S_IWUSR) && current_user.uid==sbuf->st_uid) ||
208 ((sbuf->st_mode & S_IWGRP) &&
209 in_group(sbuf->st_gid,current_user.gid,
210 current_user.ngroups,current_user.igroups))))
213 if ((sbuf->st_mode & S_IWUSR) == 0)
217 if (MAP_ARCHIVE(cnum) && ((sbuf->st_mode & S_IXUSR) != 0))
220 if (MAP_SYSTEM(cnum) && ((sbuf->st_mode & S_IXGRP) != 0))
223 if (MAP_HIDDEN(cnum) && ((sbuf->st_mode & S_IXOTH) != 0))
226 if (S_ISDIR(sbuf->st_mode))
227 result = aDIR | (result & aRONLY);
231 if (S_ISLNK(sbuf->st_mode) && S_ISDIR(sbuf->st_mode))
236 /* hide files with a name starting with a . */
237 if (lp_hide_dot_files(SNUM(cnum)))
239 char *p = strrchr(path,'/');
245 if (p[0] == '.' && p[1] != '.' && p[1] != 0)
249 /* Optimization : Only call is_hidden_path if it's not already
251 if (!(result & aHIDDEN) && IS_HIDDEN_PATH(cnum,path))
256 DEBUG(8,("dos_mode returning "));
258 if (result & aHIDDEN) DEBUG(8, ("h"));
259 if (result & aRONLY ) DEBUG(8, ("r"));
260 if (result & aSYSTEM) DEBUG(8, ("s"));
261 if (result & aDIR ) DEBUG(8, ("d"));
262 if (result & aARCH ) DEBUG(8, ("a"));
269 /*******************************************************************
270 chmod a file - but preserve some bits
271 ********************************************************************/
272 int dos_chmod(int cnum,char *fname,int dosmode,struct stat *st)
281 if (sys_stat(fname,st)) return(-1);
284 if (S_ISDIR(st->st_mode)) dosmode |= aDIR;
286 if (dos_mode(cnum,fname,st) == dosmode) return(0);
288 unixmode = unix_mode(cnum,dosmode);
290 /* preserve the s bits */
291 mask |= (S_ISUID | S_ISGID);
293 /* preserve the t bit */
298 /* possibly preserve the x bits */
299 if (!MAP_ARCHIVE(cnum)) mask |= S_IXUSR;
300 if (!MAP_SYSTEM(cnum)) mask |= S_IXGRP;
301 if (!MAP_HIDDEN(cnum)) mask |= S_IXOTH;
303 unixmode |= (st->st_mode & mask);
305 /* if we previously had any r bits set then leave them alone */
306 if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
307 unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
311 /* if we previously had any w bits set then leave them alone
312 if the new mode is not rdonly */
313 if (!IS_DOS_READONLY(dosmode) &&
314 (tmp = st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH))) {
315 unixmode &= ~(S_IWUSR|S_IWGRP|S_IWOTH);
319 return(sys_chmod(fname,unixmode));
322 /*******************************************************************
323 Wrapper around sys_utime that possibly allows DOS semantics rather
325 *******************************************************************/
327 int file_utime(int cnum, char *fname, struct utimbuf *times)
329 extern struct current_user current_user;
335 if(sys_utime(fname, times) == 0)
338 if((errno != EPERM) && (errno != EACCES))
341 if(!lp_dos_filetimes(SNUM(cnum)))
344 /* We have permission (given by the Samba admin) to
345 break POSIX semantics and allow a user to change
346 the time on a file they don't own but can write to
350 if(sys_stat(fname,&sb) != 0)
353 /* Check if we have write access. */
354 if (CAN_WRITE(cnum)) {
355 if (((sb.st_mode & S_IWOTH) ||
356 Connections[cnum].admin_user ||
357 ((sb.st_mode & S_IWUSR) && current_user.uid==sb.st_uid) ||
358 ((sb.st_mode & S_IWGRP) &&
359 in_group(sb.st_gid,current_user.gid,
360 current_user.ngroups,current_user.igroups)))) {
361 /* We are allowed to become root and change the filetime. */
363 ret = sys_utime(fname, times);
364 unbecome_root(False);
371 /*******************************************************************
372 Change a filetime - possibly allowing DOS semantics.
373 *******************************************************************/
375 BOOL set_filetime(int cnum, char *fname, time_t mtime)
377 struct utimbuf times;
379 if (null_mtime(mtime)) return(True);
381 times.modtime = times.actime = mtime;
383 if (file_utime(cnum, fname, ×)) {
384 DEBUG(4,("set_filetime(%s) failed: %s\n",fname,strerror(errno)));
390 /****************************************************************************
391 check if two filenames are equal
393 this needs to be careful about whether we are case sensitive
394 ****************************************************************************/
395 static BOOL fname_equal(char *name1, char *name2)
397 int l1 = strlen(name1);
398 int l2 = strlen(name2);
400 /* handle filenames ending in a single dot */
401 if (l1-l2 == 1 && name1[l1-1] == '.' && lp_strip_dot())
405 ret = fname_equal(name1,name2);
410 if (l2-l1 == 1 && name2[l2-1] == '.' && lp_strip_dot())
414 ret = fname_equal(name1,name2);
419 /* now normal filename handling */
421 return(strcmp(name1,name2) == 0);
423 return(strequal(name1,name2));
427 /****************************************************************************
428 mangle the 2nd name and check if it is then equal to the first name
429 ****************************************************************************/
430 static BOOL mangled_equal(char *name1, char *name2)
434 if (is_8_3(name2, True))
437 pstrcpy(tmpname,name2);
438 mangle_name_83(tmpname,sizeof(tmpname));
440 return(strequal(name1,tmpname));
444 /****************************************************************************
445 scan a directory to find a filename, matching without case sensitivity
447 If the name looks like a mangled name then try via the mangling functions
448 ****************************************************************************/
449 static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache)
456 mangled = is_mangled(name);
458 /* handle null paths */
462 if (docache && (dname = DirCacheCheck(path,name,SNUM(cnum)))) {
463 pstrcpy(name, dname);
468 * The incoming name can be mangled, and if we de-mangle it
469 * here it will not compare correctly against the filename (name2)
470 * read from the directory and then mangled by the name_map_mangle()
471 * call. We need to mangle both names or neither.
475 mangled = !check_mangled_cache( name );
477 /* open the directory */
478 if (!(cur_dir = OpenDir(cnum, path, True)))
480 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
484 /* now scan for matching names */
485 while ((dname = ReadDirName(cur_dir)))
488 (strequal(dname,".") || strequal(dname,"..")))
491 pstrcpy(name2,dname);
492 if (!name_map_mangle(name2,False,SNUM(cnum))) continue;
494 if ((mangled && mangled_equal(name,name2))
495 || fname_equal(name, name2))
497 /* we've found the file, change it's name and return */
498 if (docache) DirCacheAdd(path,name,dname,SNUM(cnum));
499 pstrcpy(name, dname);
509 /****************************************************************************
510 This routine is called to convert names from the dos namespace to unix
511 namespace. It needs to handle any case conversions, mangling, format
514 We assume that we have already done a chdir() to the right "root" directory
517 The function will return False if some part of the name except for the last
518 part cannot be resolved
520 If the saved_last_component != 0, then the unmodified last component
521 of the pathname is returned there. This is used in an exceptional
522 case in reply_mv (so far). If saved_last_component == 0 then nothing
525 The bad_path arg is set to True if the filename walk failed. This is
526 used to pick the correct error code to return between ENOENT and ENOTDIR
527 as Windows applications depend on ERRbadpath being returned if a component
528 of a pathname does not exist.
529 ****************************************************************************/
530 BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_path)
540 if(saved_last_component)
541 *saved_last_component = 0;
543 /* convert to basic unix format - removing \ chars and cleaning it up */
545 unix_clean_name(name);
547 /* names must be relative to the root of the service - trim any leading /.
548 also trim trailing /'s */
549 trim_string(name,"/","/");
552 * Ensure saved_last_component is valid even if file exists.
554 if(saved_last_component) {
555 end = strrchr(name, '/');
557 pstrcpy(saved_last_component, end + 1);
559 pstrcpy(saved_last_component, name);
562 if (!case_sensitive &&
563 (!case_preserve || (is_8_3(name, False) && !short_case_preserve)))
566 /* check if it's a printer file */
567 if (Connections[cnum].printer)
569 if ((! *name) || strchr(name,'/') || !is_8_3(name, True))
573 slprintf(name2,sizeof(name2)-1,"%.6s.XXXXXX",remote_machine);
574 /* sanitise the name */
575 for (s=name2 ; *s ; s++)
576 if (!issafe(*s)) *s = '_';
577 pstrcpy(name,(char *)mktemp(name2));
582 /* stat the name - if it exists then we are all done! */
583 if (sys_stat(name,&st) == 0)
588 DEBUG(5,("unix_convert(%s,%d)\n",name,cnum));
590 /* a special case - if we don't have any mangling chars and are case
591 sensitive then searching won't help */
592 if (case_sensitive && !is_mangled(name) &&
593 !lp_strip_dot() && !use_mangled_map && (saved_errno != ENOENT))
596 /* now we need to recursively match the name against the real
597 directory structure */
600 while (strncmp(start,"./",2) == 0)
603 /* now match each part of the path name separately, trying the names
604 as is first, then trying to scan the directory for matching names */
605 for (;start;start = (end?end+1:(char *)NULL))
607 /* pinpoint the end of this section of the filename */
608 end = strchr(start, '/');
610 /* chop the name at this point */
613 if(saved_last_component != 0)
614 pstrcpy(saved_last_component, end ? end + 1 : start);
616 /* check if the name exists up to this point */
617 if (sys_stat(name, &st) == 0)
619 /* it exists. it must either be a directory or this must be
620 the last part of the path for it to be OK */
621 if (end && !(st.st_mode & S_IFDIR))
623 /* an intermediate part of the name isn't a directory */
624 DEBUG(5,("Not a dir %s\n",start));
635 /* remember the rest of the pathname so it can be restored
637 if (end) pstrcpy(rest,end+1);
639 /* try to find this part of the path in the directory */
640 if (strchr(start,'?') || strchr(start,'*') ||
641 !scan_directory(dirpath, start, cnum, end?True:False))
645 /* an intermediate part of the name can't be found */
646 DEBUG(5,("Intermediate not found %s\n",start));
648 /* We need to return the fact that the intermediate
649 name resolution failed. This is used to return an
650 error of ERRbadpath rather than ERRbadfile. Some
651 Windows applications depend on the difference between
658 /* just the last part of the name doesn't exist */
659 /* we may need to strupper() or strlower() it in case
660 this conversion is being used for file creation
662 /* if the filename is of mixed case then don't normalise it */
663 if (!case_preserve &&
664 (!strhasupper(start) || !strhaslower(start)))
667 /* check on the mangled stack to see if we can recover the
668 base of the filename */
669 if (is_mangled(start))
670 check_mangled_cache( start );
672 DEBUG(5,("New file %s\n",start));
676 /* restore the rest of the string */
679 pstrcpy(start+strlen(start)+1,rest);
680 end = start + strlen(start);
684 /* add to the dirpath that we have resolved so far */
685 if (*dirpath) pstrcat(dirpath,"/");
686 pstrcat(dirpath,start);
688 /* restore the / that we wiped out earlier */
692 /* the name has been resolved */
693 DEBUG(5,("conversion finished %s\n",name));
698 /****************************************************************************
699 normalise for DOS usage
700 ****************************************************************************/
701 static void disk_norm(int *bsize,int *dfree,int *dsize)
703 /* check if the disk is beyond the max disk size */
704 int maxdisksize = lp_maxdisksize();
706 /* convert to blocks - and don't overflow */
707 maxdisksize = ((maxdisksize*1024)/(*bsize))*1024;
708 if (*dsize > maxdisksize) *dsize = maxdisksize;
709 if (*dfree > maxdisksize) *dfree = maxdisksize-1; /* the -1 should stop
714 while (*dfree > WORDMAX || *dsize > WORDMAX || *bsize < 512)
719 if (*bsize > WORDMAX )
722 if (*dsize > WORDMAX)
724 if (*dfree > WORDMAX)
731 /****************************************************************************
732 return number of 1K blocks available on a path and total number
733 ****************************************************************************/
734 int disk_free(char *path,int *bsize,int *dfree,int *dsize)
736 char *df_command = lp_dfree_command();
757 /* possibly use system() to get the result */
758 if (df_command && *df_command)
764 slprintf(outfile,sizeof(outfile)-1, "%s/dfree.smb.%d",tmpdir(),(int)getpid());
765 slprintf(syscmd,sizeof(syscmd)-1,"%s %s",df_command,path);
766 standard_sub_basic(syscmd);
768 ret = smbrun(syscmd,outfile,False);
769 DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret));
772 FILE *f = fopen(outfile,"r");
778 fscanf(f,"%d %d %d",dsize,dfree,bsize);
782 DEBUG(0,("Can't open %s\n",outfile));
786 disk_norm(bsize,dfree,dsize);
787 dfree_retval = ((*bsize)/1024)*(*dfree);
789 /* Ensure we return the min value between the users quota and
790 what's free on the disk. Thanks to Albrecht Gebhardt
791 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
793 if (disk_quotas(path, &bsizeq, &dfreeq, &dsizeq))
795 disk_norm(&bsizeq, &dfreeq, &dsizeq);
796 dfreeq_retval = ((bsizeq)/1024)*(dfreeq);
797 dfree_retval = ( dfree_retval < dfreeq_retval ) ?
798 dfree_retval : dfreeq_retval ;
799 /* maybe dfree and dfreeq are calculated using different bsizes
800 so convert dfree from bsize into bsizeq */
801 /* avoid overflows due to multiplication, so do not:
802 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
803 bsize and bsizeq are powers of 2 so its better to
804 to divide them getting a multiplication or division factor
805 for dfree. Rene Nieuwenhuizen (07-10-1997) */
806 if (*bsize >= bsizeq)
807 *dfree = *dfree * (*bsize / bsizeq);
809 *dfree = *dfree / (bsizeq / *bsize);
810 *dfree = ( *dfree < dfreeq ) ? *dfree : dfreeq ;
815 return(dfree_retval);
819 DEBUG(1,("Warning - no statfs function\n"));
823 if (statfs(path,&fs,sizeof(fs),0) != 0)
826 if (statvfs(path, &fs))
829 if (statfs(path,&fs,sizeof(fs)) == -1)
831 if (statfs(path,&fs) == -1)
833 #endif /* USE_STATVFS */
836 DEBUG(3,("dfree call failed code errno=%d\n",errno));
840 return(((*bsize)/1024)*(*dfree));
845 *dfree = fs.fd_req.bfree;
846 *dsize = fs.fd_req.btot;
849 *bsize = fs.f_frsize;
852 /* eg: osf1 has f_fsize = fundamental filesystem block size,
853 f_bsize = optimal transfer block size (MX: 94-04-19) */
858 #endif /* USE_STATVFS */
863 *dfree = fs.f_bavail;
865 *dsize = fs.f_blocks;
868 #if defined(SCO) || defined(ISC) || defined(MIPS)
872 /* handle rediculous bsize values - some OSes are broken */
873 if ((*bsize) < 512 || (*bsize)>0xFFFF) *bsize = 1024;
875 disk_norm(bsize,dfree,dsize);
881 DEBUG(0,("dfree seems to be broken on your system\n"));
882 *dsize = 20*1024*1024/(*bsize);
883 *dfree = MAX(1,*dfree);
885 dfree_retval = ((*bsize)/1024)*(*dfree);
887 /* Ensure we return the min value between the users quota and
888 what's free on the disk. Thanks to Albrecht Gebhardt
889 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
891 if (disk_quotas(path, &bsizeq, &dfreeq, &dsizeq))
893 disk_norm(&bsizeq, &dfreeq, &dsizeq);
894 dfreeq_retval = ((bsizeq)/1024)*(dfreeq);
895 dfree_retval = ( dfree_retval < dfreeq_retval ) ?
896 dfree_retval : dfreeq_retval ;
897 /* maybe dfree and dfreeq are calculated using different bsizes
898 so convert dfree from bsize into bsizeq */
899 /* avoid overflows due to multiplication, so do not:
900 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
901 bsize and bsizeq are powers of 2 so its better to
902 to divide them getting a multiplication or division factor
903 for dfree. Rene Nieuwenhuizen (07-10-1997) */
904 if (*bsize >= bsizeq)
905 *dfree = *dfree * (*bsize / bsizeq);
907 *dfree = *dfree / (bsizeq / *bsize);
908 *dfree = ( *dfree < dfreeq ) ? *dfree : dfreeq ;
913 return(dfree_retval);
918 /****************************************************************************
919 wrap it to get filenames right
920 ****************************************************************************/
921 int sys_disk_free(char *path,int *bsize,int *dfree,int *dsize)
923 return(disk_free(dos_to_unix(path,False),bsize,dfree,dsize));
928 /****************************************************************************
929 check a filename - possibly caling reducename
931 This is called by every routine before it allows an operation on a filename.
932 It does any final confirmation necessary to ensure that the filename is
933 a valid one for the user to access.
934 ****************************************************************************/
935 BOOL check_name(char *name,int cnum)
941 if( IS_VETO_PATH(cnum, name))
943 DEBUG(5,("file path name %s vetoed\n",name));
947 ret = reduce_name(name,Connections[cnum].connectpath,lp_widelinks(SNUM(cnum)));
949 /* Check if we are allowing users to follow symlinks */
950 /* Patch from David Clerc <David.Clerc@cui.unige.ch>
951 University of Geneva */
954 if (!lp_symlinks(SNUM(cnum)))
957 if ( (sys_lstat(name,&statbuf) != -1) &&
958 (S_ISLNK(statbuf.st_mode)) )
960 DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
967 DEBUG(5,("check_name on %s failed\n",name));
972 /****************************************************************************
973 check a filename - possibly caling reducename
974 ****************************************************************************/
975 static void check_for_pipe(char *fname)
977 /* special case of pipe opens */
981 if (strstr(s,"pipe/"))
983 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
984 unix_ERR_class = ERRSRV;
985 unix_ERR_code = ERRaccess;
989 /****************************************************************************
990 fd support routines - attempt to do a sys_open
991 ****************************************************************************/
992 static int fd_attempt_open(char *fname, int flags, int mode)
994 int fd = sys_open(fname,flags,mode);
996 /* Fix for files ending in '.' */
997 if((fd == -1) && (errno == ENOENT) &&
998 (strchr(fname,'.')==NULL))
1001 fd = sys_open(fname,flags,mode);
1004 #if (defined(ENAMETOOLONG) && defined(HAVE_PATHCONF))
1005 if ((fd == -1) && (errno == ENAMETOOLONG))
1008 char *p = strrchr(fname, '/');
1010 if (p == fname) /* name is "/xxx" */
1012 max_len = pathconf("/", _PC_NAME_MAX);
1015 else if ((p == NULL) || (p == fname))
1018 max_len = pathconf(".", _PC_NAME_MAX);
1023 max_len = pathconf(fname, _PC_NAME_MAX);
1027 if (strlen(p) > max_len)
1029 char tmp = p[max_len];
1032 if ((fd = sys_open(fname,flags,mode)) == -1)
1040 /****************************************************************************
1041 Cache a uid_t currently with this file open. This is an optimization only
1042 used when multiple sessionsetup's have been done to one smbd.
1043 ****************************************************************************/
1044 static void fd_add_to_uid_cache(file_fd_struct *fd_ptr, uid_t u)
1046 if(fd_ptr->uid_cache_count >= sizeof(fd_ptr->uid_users_cache)/sizeof(uid_t))
1048 fd_ptr->uid_users_cache[fd_ptr->uid_cache_count++] = u;
1051 /****************************************************************************
1052 Remove a uid_t that currently has this file open. This is an optimization only
1053 used when multiple sessionsetup's have been done to one smbd.
1054 ****************************************************************************/
1055 static void fd_remove_from_uid_cache(file_fd_struct *fd_ptr, uid_t u)
1058 for(i = 0; i < fd_ptr->uid_cache_count; i++)
1059 if(fd_ptr->uid_users_cache[i] == u) {
1060 if(i < (fd_ptr->uid_cache_count-1))
1061 memmove((char *)&fd_ptr->uid_users_cache[i], (char *)&fd_ptr->uid_users_cache[i+1],
1062 sizeof(uid_t)*(fd_ptr->uid_cache_count-1-i) );
1063 fd_ptr->uid_cache_count--;
1068 /****************************************************************************
1069 Check if a uid_t that currently has this file open is present. This is an
1070 optimization only used when multiple sessionsetup's have been done to one smbd.
1071 ****************************************************************************/
1072 static BOOL fd_is_in_uid_cache(file_fd_struct *fd_ptr, uid_t u)
1075 for(i = 0; i < fd_ptr->uid_cache_count; i++)
1076 if(fd_ptr->uid_users_cache[i] == u)
1081 /****************************************************************************
1082 fd support routines - attempt to find an already open file by dev
1083 and inode - increments the ref_count of the returned file_fd_struct *.
1084 ****************************************************************************/
1085 static file_fd_struct *fd_get_already_open(struct stat *sbuf)
1088 file_fd_struct *fd_ptr;
1093 for(i = 0; i <= max_file_fd_used; i++) {
1094 fd_ptr = &FileFd[i];
1095 if((fd_ptr->ref_count > 0) &&
1096 (((uint32)sbuf->st_dev) == fd_ptr->dev) &&
1097 (((uint32)sbuf->st_ino) == fd_ptr->inode)) {
1098 fd_ptr->ref_count++;
1100 ("Re-used file_fd_struct %d, dev = %x, inode = %x, ref_count = %d\n",
1101 i, fd_ptr->dev, fd_ptr->inode, fd_ptr->ref_count));
1108 /****************************************************************************
1109 fd support routines - attempt to find a empty slot in the FileFd array.
1110 Increments the ref_count of the returned entry.
1111 ****************************************************************************/
1112 static file_fd_struct *fd_get_new(void)
1114 extern struct current_user current_user;
1116 file_fd_struct *fd_ptr;
1118 for(i = 0; i < MAX_OPEN_FILES; i++) {
1119 fd_ptr = &FileFd[i];
1120 if(fd_ptr->ref_count == 0) {
1121 fd_ptr->dev = (uint32)-1;
1122 fd_ptr->inode = (uint32)-1;
1124 fd_ptr->fd_readonly = -1;
1125 fd_ptr->fd_writeonly = -1;
1126 fd_ptr->real_open_flags = -1;
1127 fd_ptr->uid_cache_count = 0;
1128 fd_add_to_uid_cache(fd_ptr, (uid_t)current_user.uid);
1129 fd_ptr->ref_count++;
1130 /* Increment max used counter if neccessary, cuts down
1131 on search time when re-using */
1132 if(i > max_file_fd_used)
1133 max_file_fd_used = i;
1134 DEBUG(3,("Allocated new file_fd_struct %d, dev = %x, inode = %x\n",
1135 i, fd_ptr->dev, fd_ptr->inode));
1139 DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\n"));
1143 /****************************************************************************
1144 fd support routines - attempt to re-open an already open fd as O_RDWR.
1145 Save the already open fd (we cannot close due to POSIX file locking braindamage.
1146 ****************************************************************************/
1147 static void fd_attempt_reopen(char *fname, int mode, file_fd_struct *fd_ptr)
1149 int fd = sys_open( fname, O_RDWR, mode);
1154 if(fd_ptr->real_open_flags == O_RDONLY)
1155 fd_ptr->fd_readonly = fd_ptr->fd;
1156 if(fd_ptr->real_open_flags == O_WRONLY)
1157 fd_ptr->fd_writeonly = fd_ptr->fd;
1160 fd_ptr->real_open_flags = O_RDWR;
1163 /****************************************************************************
1164 fd support routines - attempt to close the file referenced by this fd.
1165 Decrements the ref_count and returns it.
1166 ****************************************************************************/
1167 static int fd_attempt_close(file_fd_struct *fd_ptr)
1169 extern struct current_user current_user;
1171 DEBUG(3,("fd_attempt_close on file_fd_struct %d, fd = %d, dev = %x, inode = %x, open_flags = %d, ref_count = %d.\n",
1172 fd_ptr - &FileFd[0],
1173 fd_ptr->fd, fd_ptr->dev, fd_ptr->inode,
1174 fd_ptr->real_open_flags,
1175 fd_ptr->ref_count));
1176 if(fd_ptr->ref_count > 0) {
1177 fd_ptr->ref_count--;
1178 if(fd_ptr->ref_count == 0) {
1179 if(fd_ptr->fd != -1)
1181 if(fd_ptr->fd_readonly != -1)
1182 close(fd_ptr->fd_readonly);
1183 if(fd_ptr->fd_writeonly != -1)
1184 close(fd_ptr->fd_writeonly);
1186 fd_ptr->fd_readonly = -1;
1187 fd_ptr->fd_writeonly = -1;
1188 fd_ptr->real_open_flags = -1;
1189 fd_ptr->dev = (uint32)-1;
1190 fd_ptr->inode = (uint32)-1;
1191 fd_ptr->uid_cache_count = 0;
1193 fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
1195 return fd_ptr->ref_count;
1198 /****************************************************************************
1199 fd support routines - check that current user has permissions
1200 to open this file. Used when uid not found in optimization cache.
1201 This is really ugly code, as due to POSIX locking braindamage we must
1202 fork and then attempt to open the file, and return success or failure
1204 ****************************************************************************/
1205 static BOOL check_access_allowed_for_current_user( char *fname, int accmode )
1209 if((child_pid = fork()) < 0) {
1210 DEBUG(0,("check_access_allowed_for_current_user: fork failed.\n"));
1220 if ((wpid = sys_waitpid(child_pid, &status_code, 0)) < 0) {
1221 DEBUG(0,("check_access_allowed_for_current_user: The process is no longer waiting!\n"));
1225 if (child_pid != wpid) {
1226 DEBUG(0,("check_access_allowed_for_current_user: We were waiting for the wrong process ID\n"));
1229 #if defined(WIFEXITED) && defined(WEXITSTATUS)
1230 if (WIFEXITED(status_code) == 0) {
1231 DEBUG(0,("check_access_allowed_for_current_user: The process exited while we were waiting\n"));
1234 if (WEXITSTATUS(status_code) != 0) {
1235 DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access denied.\n", status_code));
1238 #else /* defined(WIFEXITED) && defined(WEXITSTATUS) */
1239 if(status_code != 0) {
1240 DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access denied.\n", status_code));
1243 #endif /* defined(WIFEXITED) && defined(WEXITSTATUS) */
1246 * Success - the child could open the file.
1248 DEBUG(9,("check_access_allowed_for_current_user: The status of the process exiting was %d. Returning access allowed.\n", status_code));
1255 DEBUG(9,("check_access_allowed_for_current_user: Child - attempting to open %s with mode %d.\n", fname, accmode ));
1256 if((fd = fd_attempt_open( fname, accmode, 0)) < 0) {
1257 /* Access denied. */
1261 DEBUG(9,("check_access_allowed_for_current_user: Child - returning ok.\n"));
1268 /****************************************************************************
1270 ****************************************************************************/
1271 static void open_file(int fnum,int cnum,char *fname1,int flags,int mode, struct stat *sbuf)
1273 extern struct current_user current_user;
1275 struct stat statbuf;
1276 file_fd_struct *fd_ptr;
1277 files_struct *fsp = &Files[fnum];
1278 int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
1282 fsp->granted_oplock = False;
1285 pstrcpy(fname,fname1);
1287 /* check permissions */
1290 * This code was changed after seeing a client open request
1291 * containing the open mode of (DENY_WRITE/read-only) with
1292 * the 'create if not exist' bit set. The previous code
1293 * would fail to open the file read only on a read-only share
1294 * as it was checking the flags parameter directly against O_RDONLY,
1295 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
1299 if (!CAN_WRITE(cnum) && !Connections[cnum].printer) {
1300 /* It's a read-only share - fail if we wanted to write. */
1301 if(accmode != O_RDONLY) {
1302 DEBUG(3,("Permission denied opening %s\n",fname));
1303 check_for_pipe(fname);
1306 else if(flags & O_CREAT) {
1307 /* We don't want to write - but we must make sure that O_CREAT
1308 doesn't create the file if we have write access into the
1315 /* this handles a bug in Win95 - it doesn't say to create the file when it
1317 if (Connections[cnum].printer)
1321 if (flags == O_WRONLY)
1322 DEBUG(3,("Bug in client? Set O_WRONLY without O_CREAT\n"));
1326 * Ensure we have a valid struct stat so we can search the
1330 if(stat(fname, &statbuf) < 0) {
1331 if(errno != ENOENT) {
1332 DEBUG(3,("Error doing stat on file %s (%s)\n",
1333 fname,strerror(errno)));
1335 check_for_pipe(fname);
1345 * Check to see if we have this file already
1346 * open. If we do, just use the already open fd and increment the
1347 * reference count (fd_get_already_open increments the ref_count).
1349 if((fd_ptr = fd_get_already_open(sbuf))!= 0) {
1351 * File was already open.
1355 * Check it wasn't open for exclusive use.
1357 if((flags & O_CREAT) && (flags & O_EXCL)) {
1358 fd_ptr->ref_count--;
1364 * Ensure that the user attempting to open
1365 * this file has permissions to do so, if
1366 * the user who originally opened the file wasn't
1367 * the same as the current user.
1370 if(!fd_is_in_uid_cache(fd_ptr, (uid_t)current_user.uid)) {
1371 if(!check_access_allowed_for_current_user( fname, accmode )) {
1372 /* Error - permission denied. */
1373 DEBUG(3,("Permission denied opening file %s (flags=%d, accmode = %d)\n",
1374 fname, flags, accmode));
1375 /* Ensure the ref_count is decremented. */
1376 fd_ptr->ref_count--;
1377 fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
1383 fd_add_to_uid_cache(fd_ptr, (uid_t)current_user.uid);
1386 * If not opened O_RDWR try
1387 * and do that here - a chmod may have been done
1388 * between the last open and now.
1390 if(fd_ptr->real_open_flags != O_RDWR)
1391 fd_attempt_reopen(fname, mode, fd_ptr);
1394 * Ensure that if we wanted write access
1395 * it has been opened for write, and if we wanted read it
1396 * was open for read.
1398 if(((accmode == O_WRONLY) && (fd_ptr->real_open_flags == O_RDONLY)) ||
1399 ((accmode == O_RDONLY) && (fd_ptr->real_open_flags == O_WRONLY)) ||
1400 ((accmode == O_RDWR) && (fd_ptr->real_open_flags != O_RDWR))) {
1401 DEBUG(3,("Error opening (already open for flags=%d) file %s (%s) (flags=%d)\n",
1402 fd_ptr->real_open_flags, fname,strerror(EACCES),flags));
1403 check_for_pipe(fname);
1404 fd_remove_from_uid_cache(fd_ptr, (uid_t)current_user.uid);
1405 fd_ptr->ref_count--;
1411 /* We need to allocate a new file_fd_struct (this increments the
1413 if((fd_ptr = fd_get_new()) == 0)
1416 * Whatever the requested flags, attempt read/write access,
1417 * as we don't know what flags future file opens may require.
1418 * If this fails, try again with the required flags.
1419 * Even if we open read/write when only read access was
1420 * requested the setting of the can_write flag in
1421 * the file_struct will protect us from errant
1422 * write requests. We never need to worry about O_APPEND
1423 * as this is not set anywhere in Samba.
1425 fd_ptr->real_open_flags = O_RDWR;
1426 /* Set the flags as needed without the read/write modes. */
1427 open_flags = flags & ~(O_RDWR|O_WRONLY|O_RDONLY);
1428 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDWR, mode);
1430 * On some systems opening a file for R/W access on a read only
1431 * filesystems sets errno to EROFS.
1434 if((fd_ptr->fd == -1) && ((errno == EACCES) || (errno == EROFS))) {
1435 #else /* No EROFS */
1436 if((fd_ptr->fd == -1) && (errno == EACCES)) {
1438 if(flags & O_WRONLY) {
1439 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_WRONLY, mode);
1440 fd_ptr->real_open_flags = O_WRONLY;
1442 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDONLY, mode);
1443 fd_ptr->real_open_flags = O_RDONLY;
1448 if ((fd_ptr->fd >=0) &&
1449 Connections[cnum].printer && lp_minprintspace(SNUM(cnum))) {
1453 pstrcpy(dname,fname);
1454 p = strrchr(dname,'/');
1456 if (sys_disk_free(dname,&dum1,&dum2,&dum3) <
1457 lp_minprintspace(SNUM(cnum))) {
1458 fd_attempt_close(fd_ptr);
1460 if(fd_ptr->ref_count == 0)
1469 DEBUG(3,("Error opening file %s (%s) (flags=%d)\n",
1470 fname,strerror(errno),flags));
1471 /* Ensure the ref_count is decremented. */
1472 fd_attempt_close(fd_ptr);
1473 check_for_pipe(fname);
1477 if (fd_ptr->fd >= 0)
1481 if(fstat(fd_ptr->fd, &statbuf) == -1) {
1482 /* Error - backout !! */
1483 DEBUG(3,("Error doing fstat on fd %d, file %s (%s)\n",
1484 fd_ptr->fd, fname,strerror(errno)));
1485 /* Ensure the ref_count is decremented. */
1486 fd_attempt_close(fd_ptr);
1492 /* Set the correct entries in fd_ptr. */
1493 fd_ptr->dev = (uint32)sbuf->st_dev;
1494 fd_ptr->inode = (uint32)sbuf->st_ino;
1496 fsp->fd_ptr = fd_ptr;
1497 Connections[cnum].num_files_open++;
1498 fsp->mode = sbuf->st_mode;
1499 GetTimeOfDay(&fsp->open_time);
1500 fsp->vuid = current_user.vuid;
1504 fsp->mmap_ptr = NULL;
1506 fsp->can_lock = True;
1507 fsp->can_read = ((flags & O_WRONLY)==0);
1508 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
1509 fsp->share_mode = 0;
1510 fsp->print_file = Connections[cnum].printer;
1511 fsp->modified = False;
1512 fsp->granted_oplock = False;
1513 fsp->sent_oplock_break = False;
1515 string_set(&fsp->name,dos_to_unix(fname,False));
1516 fsp->wbmpx_ptr = NULL;
1519 * If the printer is marked as postscript output a leading
1520 * file identifier to ensure the file is treated as a raw
1522 * This has a similar effect as CtrlD=0 in WIN.INI file.
1523 * tim@fsg.com 09/06/94
1525 if (fsp->print_file && POSTSCRIPT(cnum) && fsp->can_write)
1527 DEBUG(3,("Writing postscript line\n"));
1528 write_file(fnum,"%!\n",3);
1531 DEBUG(2,("%s %s opened file %s read=%s write=%s (numopen=%d fnum=%d)\n",
1533 *sesssetup_user ? sesssetup_user : Connections[cnum].user,fname,
1534 BOOLSTR(fsp->can_read),BOOLSTR(fsp->can_write),
1535 Connections[cnum].num_files_open,fnum));
1540 /* mmap it if read-only */
1541 if (!fsp->can_write)
1543 fsp->mmap_size = file_size(fname);
1544 fsp->mmap_ptr = (char *)mmap(NULL,fsp->mmap_size,
1545 PROT_READ,MAP_SHARED,fsp->fd_ptr->fd,0);
1547 if (fsp->mmap_ptr == (char *)-1 || !fsp->mmap_ptr)
1549 DEBUG(3,("Failed to mmap() %s - %s\n",fname,strerror(errno)));
1550 fsp->mmap_ptr = NULL;
1556 /*******************************************************************
1558 ********************************************************************/
1559 void sync_file(int fnum)
1562 fsync(Files[fnum].fd_ptr->fd);
1566 /****************************************************************************
1567 run a file if it is a magic script
1568 ****************************************************************************/
1569 static void check_magic(int fnum,int cnum)
1571 if (!*lp_magicscript(SNUM(cnum)))
1574 DEBUG(5,("checking magic for %s\n",Files[fnum].name));
1578 if (!(p = strrchr(Files[fnum].name,'/')))
1579 p = Files[fnum].name;
1583 if (!strequal(lp_magicscript(SNUM(cnum)),p))
1589 pstring magic_output;
1591 pstrcpy(fname,Files[fnum].name);
1593 if (*lp_magicoutput(SNUM(cnum)))
1594 pstrcpy(magic_output,lp_magicoutput(SNUM(cnum)));
1596 slprintf(magic_output,sizeof(fname)-1, "%s.out",fname);
1599 ret = smbrun(fname,magic_output,False);
1600 DEBUG(3,("Invoking magic command %s gave %d\n",fname,ret));
1606 /****************************************************************************
1607 close a file - possibly invalidating the read prediction
1609 If normal_close is 1 then this came from a normal SMBclose (or equivalent)
1610 operation otherwise it came as the result of some other operation such as
1611 the closing of the connection. In the latter case printing and
1612 magic scripts are not run
1613 ****************************************************************************/
1614 void close_file(int fnum, BOOL normal_close)
1616 files_struct *fs_p = &Files[fnum];
1617 int cnum = fs_p->cnum;
1618 uint32 dev = fs_p->fd_ptr->dev;
1619 uint32 inode = fs_p->fd_ptr->inode;
1622 Files[fnum].reserved = False;
1624 #if USE_READ_PREDICTION
1625 invalidate_read_prediction(fs_p->fd_ptr->fd);
1629 Connections[cnum].num_files_open--;
1632 free((char *)fs_p->wbmpx_ptr);
1633 fs_p->wbmpx_ptr = NULL;
1639 munmap(fs_p->mmap_ptr,fs_p->mmap_size);
1640 fs_p->mmap_ptr = NULL;
1644 if (lp_share_modes(SNUM(cnum)))
1646 lock_share_entry( cnum, dev, inode, &token);
1647 del_share_mode(token, fnum);
1650 fd_attempt_close(fs_p->fd_ptr);
1652 if (lp_share_modes(SNUM(cnum)))
1653 unlock_share_entry( cnum, dev, inode, token);
1655 /* NT uses smbclose to start a print - weird */
1656 if (normal_close && fs_p->print_file)
1659 /* check for magic scripts */
1661 check_magic(fnum,cnum);
1663 if(fs_p->granted_oplock == True)
1664 global_oplocks_open--;
1666 fs_p->sent_oplock_break = False;
1668 DEBUG(2,("%s %s closed file %s (numopen=%d)\n",
1669 timestring(),Connections[cnum].user,fs_p->name,
1670 Connections[cnum].num_files_open));
1673 string_free(&fs_p->name);
1676 /* we will catch bugs faster by zeroing this structure */
1677 memset(fs_p, 0, sizeof(*fs_p));
1680 enum {AFAIL,AREAD,AWRITE,AALL};
1682 /*******************************************************************
1683 reproduce the share mode access table
1684 ********************************************************************/
1685 static int access_table(int new_deny,int old_deny,int old_mode,
1686 int share_pid,char *fname)
1688 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
1690 if (new_deny == DENY_DOS || old_deny == DENY_DOS) {
1692 if (old_deny == new_deny && share_pid == pid)
1695 if (old_mode == 0) return(AREAD);
1697 /* the new smbpub.zip spec says that if the file extension is
1698 .com, .dll, .exe or .sym then allow the open. I will force
1699 it to read-only as this seems sensible although the spec is
1700 a little unclear on this. */
1701 if ((fname = strrchr(fname,'.'))) {
1702 if (strequal(fname,".com") ||
1703 strequal(fname,".dll") ||
1704 strequal(fname,".exe") ||
1705 strequal(fname,".sym"))
1715 if (old_deny==DENY_WRITE && old_mode==0) return(AREAD);
1716 if (old_deny==DENY_READ && old_mode==0) return(AWRITE);
1717 if (old_deny==DENY_NONE && old_mode==0) return(AALL);
1720 if (old_deny==DENY_WRITE && old_mode==1) return(AREAD);
1721 if (old_deny==DENY_READ && old_mode==1) return(AWRITE);
1722 if (old_deny==DENY_NONE && old_mode==1) return(AALL);
1725 if (old_deny==DENY_WRITE) return(AREAD);
1726 if (old_deny==DENY_READ) return(AWRITE);
1727 if (old_deny==DENY_NONE) return(AALL);
1733 /*******************************************************************
1734 check if the share mode on a file allows it to be deleted or unlinked
1735 return True if sharing doesn't prevent the operation
1736 ********************************************************************/
1737 BOOL check_file_sharing(int cnum,char *fname, BOOL rename_op)
1741 share_mode_entry *old_shares = 0;
1742 int num_share_modes;
1748 if(!lp_share_modes(SNUM(cnum)))
1751 if (stat(fname,&sbuf) == -1) return(True);
1753 dev = (uint32)sbuf.st_dev;
1754 inode = (uint32)sbuf.st_ino;
1756 lock_share_entry(cnum, dev, inode, &token);
1757 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1760 * Check if the share modes will give us access.
1763 if(num_share_modes != 0)
1770 broke_oplock = False;
1771 for(i = 0; i < num_share_modes; i++)
1773 share_mode_entry *share_entry = &old_shares[i];
1776 * Break oplocks before checking share modes. See comment in
1777 * open_file_shared for details.
1778 * Check if someone has an oplock on this file. If so we must
1779 * break it before continuing.
1781 if(share_entry->op_type & BATCH_OPLOCK)
1785 * It appears that the NT redirector may have a bug, in that
1786 * it tries to do an SMBmv on a file that it has open with a
1787 * batch oplock, and then fails to respond to the oplock break
1788 * request. This only seems to occur when the client is doing an
1789 * SMBmv to the smbd it is using - thus we try and detect this
1790 * condition by checking if the file being moved is open and oplocked by
1791 * this smbd process, and then not sending the oplock break in this
1792 * special case. If the file was open with a deny mode that
1793 * prevents the move the SMBmv will fail anyway with a share
1794 * violation error. JRA.
1796 if(rename_op && (share_entry->pid == pid))
1798 DEBUG(0,("check_file_sharing: NT redirector workaround - rename attempted on \
1799 batch oplocked file %s, dev = %x, inode = %x\n", fname, dev, inode));
1801 * This next line is a test that allows the deny-mode
1802 * processing to be skipped. This seems to be needed as
1803 * NT insists on the rename succeeding (in Office 9x no less !).
1804 * This should be removed as soon as (a) MS fix the redirector
1805 * bug or (b) NT SMB support in Samba makes NT not issue the
1806 * call (as is my fervent hope). JRA.
1812 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1813 dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
1815 /* Oplock break.... */
1816 unlock_share_entry(cnum, dev, inode, token);
1817 if(request_oplock_break(share_entry, dev, inode) == False)
1819 free((char *)old_shares);
1820 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1821 dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
1824 lock_share_entry(cnum, dev, inode, &token);
1825 broke_oplock = True;
1830 /* someone else has a share lock on it, check to see
1832 if ((share_entry->share_mode != DENY_DOS) || (share_entry->pid != pid))
1839 free((char *)old_shares);
1840 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1842 } while(broke_oplock);
1845 /* XXXX exactly what share mode combinations should be allowed for
1846 deleting/renaming? */
1847 /* If we got here then either there were no share modes or
1848 all share modes were DENY_DOS and the pid == getpid() */
1853 unlock_share_entry(cnum, dev, inode, token);
1854 if(old_shares != NULL)
1855 free((char *)old_shares);
1859 /****************************************************************************
1861 Helper for open_file_shared.
1862 Truncate a file after checking locking; close file if locked.
1863 **************************************************************************/
1864 static void truncate_unless_locked(int fnum, int cnum, int token,
1867 if (Files[fnum].can_write){
1868 if (is_locked(fnum,cnum,0x3FFFFFFF,0)){
1869 /* If share modes are in force for this connection we
1870 have the share entry locked. Unlock it before closing. */
1871 if (*share_locked && lp_share_modes(SNUM(cnum)))
1872 unlock_share_entry( cnum, Files[fnum].fd_ptr->dev,
1873 Files[fnum].fd_ptr->inode, token);
1874 close_file(fnum,False);
1875 /* Share mode no longer locked. */
1876 *share_locked = False;
1878 unix_ERR_class = ERRDOS;
1879 unix_ERR_code = ERRlock;
1882 ftruncate(Files[fnum].fd_ptr->fd,0);
1886 /****************************************************************************
1887 check if we can open a file with a share mode
1888 ****************************************************************************/
1889 int check_share_mode( share_mode_entry *share, int deny_mode, char *fname,
1890 BOOL fcbopen, int *flags)
1892 int old_open_mode = share->share_mode &0xF;
1893 int old_deny_mode = (share->share_mode >>4)&7;
1895 if (old_deny_mode > 4 || old_open_mode > 2)
1897 DEBUG(0,("Invalid share mode found (%d,%d,%d) on file %s\n",
1898 deny_mode,old_deny_mode,old_open_mode,fname));
1903 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
1906 if ((access_allowed == AFAIL) ||
1907 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
1908 (access_allowed == AREAD && *flags == O_WRONLY) ||
1909 (access_allowed == AWRITE && *flags == O_RDONLY))
1911 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
1912 deny_mode,old_deny_mode,old_open_mode,
1913 share->pid,fname, fcbopen, *flags, access_allowed));
1917 if (access_allowed == AREAD)
1920 if (access_allowed == AWRITE)
1927 /****************************************************************************
1928 open a file with a share mode
1929 ****************************************************************************/
1930 void open_file_shared(int fnum,int cnum,char *fname,int share_mode,int ofun,
1931 int mode,int oplock_request, int *Access,int *action)
1933 files_struct *fs_p = &Files[fnum];
1936 int deny_mode = (share_mode>>4)&7;
1938 BOOL file_existed = file_exist(fname,&sbuf);
1939 BOOL share_locked = False;
1940 BOOL fcbopen = False;
1944 int num_share_modes = 0;
1949 /* this is for OS/2 EAs - try and say we don't support them */
1950 if (strstr(fname,".+,;=[]."))
1952 unix_ERR_class = ERRDOS;
1953 /* OS/2 Workplace shell fix may be main code stream in a later release. */
1954 #if 1 /* OS2_WPS_FIX - Recent versions of OS/2 need this. */
1955 unix_ERR_code = ERRcannotopen;
1956 #else /* OS2_WPS_FIX */
1957 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
1958 #endif /* OS2_WPS_FIX */
1963 if ((ofun & 0x3) == 0 && file_existed)
1971 if ((ofun & 0x3) == 2)
1974 /* note that we ignore the append flag as
1975 append does not mean the same thing under dos and unix */
1977 switch (share_mode&0xF)
1995 if (share_mode&(1<<14)) {
2000 if (flags != O_RDONLY && file_existed &&
2001 (!CAN_WRITE(cnum) || IS_DOS_READONLY(dos_mode(cnum,fname,&sbuf))))
2011 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB)
2013 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
2018 if (deny_mode == DENY_FCB) deny_mode = DENY_DOS;
2020 if (lp_share_modes(SNUM(cnum)))
2023 share_mode_entry *old_shares = 0;
2027 dev = (uint32)sbuf.st_dev;
2028 inode = (uint32)sbuf.st_ino;
2029 lock_share_entry(cnum, dev, inode, &token);
2030 share_locked = True;
2031 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
2035 * Check if the share modes will give us access.
2038 if(share_locked && (num_share_modes != 0))
2045 broke_oplock = False;
2046 for(i = 0; i < num_share_modes; i++)
2048 share_mode_entry *share_entry = &old_shares[i];
2051 * By observation of NetBench, oplocks are broken *before* share
2052 * modes are checked. This allows a file to be closed by the client
2053 * if the share mode would deny access and the client has an oplock.
2054 * Check if someone has an oplock on this file. If so we must break
2055 * it before continuing.
2057 if(share_entry->op_type & (EXCLUSIVE_OPLOCK|BATCH_OPLOCK))
2060 DEBUG(5,("open_file_shared: breaking oplock (%x) on file %s, \
2061 dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
2063 /* Oplock break.... */
2064 unlock_share_entry(cnum, dev, inode, token);
2065 if(request_oplock_break(share_entry, dev, inode) == False)
2067 free((char *)old_shares);
2068 DEBUG(0,("open_file_shared: FAILED when breaking oplock (%x) on file %s, \
2069 dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
2071 unix_ERR_class = ERRDOS;
2072 unix_ERR_code = ERRbadshare;
2075 lock_share_entry(cnum, dev, inode, &token);
2076 broke_oplock = True;
2080 /* someone else has a share lock on it, check to see
2082 if(check_share_mode(share_entry, deny_mode, fname, fcbopen, &flags) == False)
2084 free((char *)old_shares);
2085 unlock_share_entry(cnum, dev, inode, token);
2087 unix_ERR_class = ERRDOS;
2088 unix_ERR_code = ERRbadshare;
2096 free((char *)old_shares);
2097 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
2099 } while(broke_oplock);
2103 free((char *)old_shares);
2106 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
2107 flags,flags2,mode));
2109 open_file(fnum,cnum,fname,flags|(flags2&~(O_TRUNC)),mode,file_existed ? &sbuf : 0);
2110 if (!fs_p->open && flags==O_RDWR && errno!=ENOENT && fcbopen)
2113 open_file(fnum,cnum,fname,flags,mode,file_existed ? &sbuf : 0 );
2120 if((share_locked == False) && lp_share_modes(SNUM(cnum)))
2122 /* We created the file - thus we must now lock the share entry before creating it. */
2123 dev = fs_p->fd_ptr->dev;
2124 inode = fs_p->fd_ptr->inode;
2125 lock_share_entry(cnum, dev, inode, &token);
2126 share_locked = True;
2142 fs_p->share_mode = (deny_mode<<4) | open_mode;
2145 (*Access) = open_mode;
2149 if (file_existed && !(flags2 & O_TRUNC)) *action = 1;
2150 if (!file_existed) *action = 2;
2151 if (file_existed && (flags2 & O_TRUNC)) *action = 3;
2153 /* We must create the share mode entry before truncate as
2154 truncate can fail due to locking and have to close the
2155 file (which expects the share_mode_entry to be there).
2157 if (lp_share_modes(SNUM(cnum)))
2160 /* JRA. Currently this only services Exlcusive and batch
2161 oplocks (no other opens on this file). This needs to
2162 be extended to level II oplocks (multiple reader
2165 if(oplock_request && (num_share_modes == 0) && lp_oplocks(SNUM(cnum)) &&
2166 !IS_VETO_OPLOCK_PATH(cnum,fname))
2168 fs_p->granted_oplock = True;
2169 fs_p->sent_oplock_break = False;
2170 global_oplocks_open++;
2173 DEBUG(5,("open_file_shared: granted oplock (%x) on file %s, \
2174 dev = %x, inode = %x\n", oplock_request, fname, dev, inode));
2182 set_share_mode(token, fnum, port, oplock_request);
2185 if ((flags2&O_TRUNC) && file_existed)
2186 truncate_unless_locked(fnum,cnum,token,&share_locked);
2189 if (share_locked && lp_share_modes(SNUM(cnum)))
2190 unlock_share_entry( cnum, dev, inode, token);
2193 /****************************************************************************
2194 seek a file. Try to avoid the seek if possible
2195 ****************************************************************************/
2196 int seek_file(int fnum,uint32 pos)
2199 if (Files[fnum].print_file && POSTSCRIPT(Files[fnum].cnum))
2202 Files[fnum].pos = (int)(lseek(Files[fnum].fd_ptr->fd,pos+offset,SEEK_SET)
2204 return(Files[fnum].pos);
2207 /****************************************************************************
2209 ****************************************************************************/
2210 int read_file(int fnum,char *data,uint32 pos,int n)
2214 #if USE_READ_PREDICTION
2215 if (!Files[fnum].can_write)
2217 ret = read_predict(Files[fnum].fd_ptr->fd,pos,data,NULL,n);
2226 if (Files[fnum].mmap_ptr)
2228 int num = (Files[fnum].mmap_size > pos) ? (Files[fnum].mmap_size - pos) : -1;
2232 memcpy(data,Files[fnum].mmap_ptr+pos,num);
2244 if (seek_file(fnum,pos) != pos)
2246 DEBUG(3,("Failed to seek to %d\n",pos));
2251 readret = read(Files[fnum].fd_ptr->fd,data,n);
2252 if (readret > 0) ret += readret;
2259 /****************************************************************************
2261 ****************************************************************************/
2262 int write_file(int fnum,char *data,int n)
2264 if (!Files[fnum].can_write) {
2269 if (!Files[fnum].modified) {
2271 Files[fnum].modified = True;
2272 if (fstat(Files[fnum].fd_ptr->fd,&st) == 0) {
2273 int dosmode = dos_mode(Files[fnum].cnum,Files[fnum].name,&st);
2274 if (MAP_ARCHIVE(Files[fnum].cnum) && !IS_DOS_ARCHIVE(dosmode)) {
2275 dos_chmod(Files[fnum].cnum,Files[fnum].name,dosmode | aARCH,&st);
2280 return(write_data(Files[fnum].fd_ptr->fd,data,n));
2284 /****************************************************************************
2285 load parameters specific to a connection/service
2286 ****************************************************************************/
2287 BOOL become_service(int cnum,BOOL do_chdir)
2289 extern char magic_char;
2290 static int last_cnum = -1;
2293 if (!OPEN_CNUM(cnum))
2299 Connections[cnum].lastused = smb_last_time;
2304 ChDir(Connections[cnum].connectpath) != 0 &&
2305 ChDir(Connections[cnum].origpath) != 0)
2307 DEBUG(0,("%s chdir (%s) failed cnum=%d\n",timestring(),
2308 Connections[cnum].connectpath,cnum));
2312 if (cnum == last_cnum)
2317 case_default = lp_defaultcase(snum);
2318 case_preserve = lp_preservecase(snum);
2319 short_case_preserve = lp_shortpreservecase(snum);
2320 case_mangle = lp_casemangle(snum);
2321 case_sensitive = lp_casesensitive(snum);
2322 magic_char = lp_magicchar(snum);
2323 use_mangled_map = (*lp_mangled_map(snum) ? True:False);
2328 /****************************************************************************
2329 find a service entry
2330 ****************************************************************************/
2331 int find_service(char *service)
2335 string_sub(service,"\\","/");
2337 iService = lp_servicenumber(service);
2339 /* now handle the special case of a home directory */
2342 char *phome_dir = get_home_dir(service);
2343 DEBUG(3,("checking for home directory %s gave %s\n",service,
2344 phome_dir?phome_dir:"(NULL)"));
2348 if ((iHomeService = lp_servicenumber(HOMES_NAME)) >= 0)
2350 lp_add_home(service,iHomeService,phome_dir);
2351 iService = lp_servicenumber(service);
2356 /* If we still don't have a service, attempt to add it as a printer. */
2359 int iPrinterService;
2361 if ((iPrinterService = lp_servicenumber(PRINTERS_NAME)) >= 0)
2365 DEBUG(3,("checking whether %s is a valid printer name...\n", service));
2367 if ((pszTemp != NULL) && pcap_printername_ok(service, pszTemp))
2369 DEBUG(3,("%s is a valid printer name\n", service));
2370 DEBUG(3,("adding %s as a printer service\n", service));
2371 lp_add_printer(service,iPrinterService);
2372 iService = lp_servicenumber(service);
2374 DEBUG(0,("failed to add %s as a printer service!\n", service));
2377 DEBUG(3,("%s is not a valid printer name\n", service));
2381 /* just possibly it's a default service? */
2384 char *pdefservice = lp_defaultservice();
2385 if (pdefservice && *pdefservice && !strequal(pdefservice,service)) {
2387 * We need to do a local copy here as lp_defaultservice()
2388 * returns one of the rotating lp_string buffers that
2389 * could get overwritten by the recursive find_service() call
2390 * below. Fix from Josef Hinteregger <joehtg@joehtg.co.at>.
2393 pstrcpy(defservice, pdefservice);
2394 iService = find_service(defservice);
2395 if (iService >= 0) {
2396 string_sub(service,"_","/");
2397 iService = lp_add_service(service,iService);
2403 if (!VALID_SNUM(iService))
2405 DEBUG(0,("Invalid snum %d for %s\n",iService,service));
2410 DEBUG(3,("find_service() failed to find service %s\n", service));
2416 /****************************************************************************
2417 create an error packet from a cached error.
2418 ****************************************************************************/
2419 int cached_error_packet(char *inbuf,char *outbuf,int fnum,int line)
2421 write_bmpx_struct *wbmpx = Files[fnum].wbmpx_ptr;
2423 int32 eclass = wbmpx->wr_errclass;
2424 int32 err = wbmpx->wr_error;
2426 /* We can now delete the auxiliary struct */
2427 free((char *)wbmpx);
2428 Files[fnum].wbmpx_ptr = NULL;
2429 return error_packet(inbuf,outbuf,eclass,err,line);
2438 } unix_smb_errmap[] =
2440 {EPERM,ERRDOS,ERRnoaccess},
2441 {EACCES,ERRDOS,ERRnoaccess},
2442 {ENOENT,ERRDOS,ERRbadfile},
2443 {ENOTDIR,ERRDOS,ERRbadpath},
2444 {EIO,ERRHRD,ERRgeneral},
2445 {EBADF,ERRSRV,ERRsrverror},
2446 {EINVAL,ERRSRV,ERRsrverror},
2447 {EEXIST,ERRDOS,ERRfilexists},
2448 {ENFILE,ERRDOS,ERRnofids},
2449 {EMFILE,ERRDOS,ERRnofids},
2450 {ENOSPC,ERRHRD,ERRdiskfull},
2452 {EDQUOT,ERRHRD,ERRdiskfull},
2455 {ENOTEMPTY,ERRDOS,ERRnoaccess},
2458 {EXDEV,ERRDOS,ERRdiffdevice},
2460 {EROFS,ERRHRD,ERRnowrite},
2464 /****************************************************************************
2465 create an error packet from errno
2466 ****************************************************************************/
2467 int unix_error_packet(char *inbuf,char *outbuf,int def_class,uint32 def_code,int line)
2469 int eclass=def_class;
2473 if (unix_ERR_class != SMB_SUCCESS)
2475 eclass = unix_ERR_class;
2476 ecode = unix_ERR_code;
2477 unix_ERR_class = SMB_SUCCESS;
2482 while (unix_smb_errmap[i].smbclass != 0)
2484 if (unix_smb_errmap[i].unixerror == errno)
2486 eclass = unix_smb_errmap[i].smbclass;
2487 ecode = unix_smb_errmap[i].smbcode;
2494 return(error_packet(inbuf,outbuf,eclass,ecode,line));
2498 /****************************************************************************
2499 create an error packet. Normally called using the ERROR() macro
2500 ****************************************************************************/
2501 int error_packet(char *inbuf,char *outbuf,int error_class,uint32 error_code,int line)
2503 int outsize = set_message(outbuf,0,0,True);
2504 int cmd = CVAL(inbuf,smb_com);
2505 int flgs2 = SVAL(outbuf,smb_flg2);
2507 if ((flgs2 & FLAGS2_32_BIT_ERROR_CODES) == FLAGS2_32_BIT_ERROR_CODES)
2509 SIVAL(outbuf,smb_rcls,error_code);
2511 DEBUG(3,("%s 32 bit error packet at line %d cmd=%d (%s) eclass=%08x [%s]\n",
2512 timestring(), line, cmd, smb_fn_name(cmd), error_code, smb_errstr(outbuf)));
2516 CVAL(outbuf,smb_rcls) = error_class;
2517 SSVAL(outbuf,smb_err,error_code);
2518 DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
2521 (int)CVAL(inbuf,smb_com),
2522 smb_fn_name(CVAL(inbuf,smb_com)),
2529 DEBUG(3,("error string = %s\n",strerror(errno)));
2535 #ifndef SIGCLD_IGNORE
2536 /****************************************************************************
2537 this prevents zombie child processes
2538 ****************************************************************************/
2539 static int sig_cld(void)
2541 static int depth = 0;
2544 DEBUG(0,("ERROR: Recursion in sig_cld? Perhaps you need `#define USE_WAITPID'?\n"));
2550 BlockSignals(True,SIGCLD);
2551 DEBUG(5,("got SIGCLD\n"));
2554 while (sys_waitpid((pid_t)-1,(int *)NULL, WNOHANG) > 0);
2558 /* Stevens, Adv. Unix Prog. says that on system V you must call
2559 wait before reinstalling the signal handler, because the kernel
2560 calls the handler from within the signal-call when there is a
2561 child that has exited. This would lead to an infinite recursion
2562 if done vice versa. */
2564 #ifndef DONT_REINSTALL_SIG
2565 #ifdef SIGCLD_IGNORE
2566 signal(SIGCLD, SIG_IGN);
2568 signal(SIGCLD, SIGNAL_CAST sig_cld);
2573 while (wait3(WAIT3_CAST1 NULL, WNOHANG, WAIT3_CAST2 NULL) > 0);
2576 BlockSignals(False,SIGCLD);
2581 /****************************************************************************
2582 this is called when the client exits abruptly
2583 **************************************************************************/
2584 static int sig_pipe(void)
2586 struct cli_state *cli;
2587 BlockSignals(True,SIGPIPE);
2589 if ((cli = server_client()) && cli->initialised) {
2590 DEBUG(3,("lost connection to password server\n"));
2592 #ifndef DONT_REINSTALL_SIG
2593 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2595 BlockSignals(False,SIGPIPE);
2599 exit_server("Got sigpipe\n");
2603 /****************************************************************************
2604 open the socket communication
2605 ****************************************************************************/
2606 static BOOL open_sockets(BOOL is_daemon,int port)
2612 int num_interfaces = iface_count();
2613 int fd_listenset[FD_SETSIZE];
2619 #ifdef SIGCLD_IGNORE
2620 signal(SIGCLD, SIG_IGN);
2622 signal(SIGCLD, SIGNAL_CAST sig_cld);
2628 FD_ZERO(&listen_set);
2630 if(lp_interfaces() && lp_bind_interfaces_only())
2632 /* We have been given an interfaces line, and been
2633 told to only bind to those interfaces. Create a
2634 socket per interface and bind to only these.
2637 if(num_interfaces > FD_SETSIZE)
2639 DEBUG(0,("open_sockets: Too many interfaces specified to bind to. Number was %d \
2640 max can be %d\n", num_interfaces, FD_SETSIZE));
2644 /* Now open a listen socket for each of the interfaces. */
2645 for(i = 0; i < num_interfaces; i++)
2647 struct in_addr *ifip = iface_n_ip(i);
2651 DEBUG(0,("open_sockets: interface %d has NULL IP address !\n", i));
2654 s = fd_listenset[i] = open_socket_in(SOCK_STREAM, port, 0, ifip->s_addr);
2657 /* ready to listen */
2658 if (listen(s, 5) == -1)
2660 DEBUG(0,("listen: %s\n",strerror(errno)));
2664 FD_SET(s,&listen_set);
2669 /* Just bind to 0.0.0.0 - accept connections from anywhere. */
2672 /* open an incoming socket */
2673 s = open_socket_in(SOCK_STREAM, port, 0,interpret_addr(lp_socket_address()));
2677 /* ready to listen */
2678 if (listen(s, 5) == -1)
2680 DEBUG(0,("open_sockets: listen: %s\n",strerror(errno)));
2685 fd_listenset[0] = s;
2686 FD_SET(s,&listen_set);
2689 /* now accept incoming connections - forking a new process
2690 for each incoming connection */
2691 DEBUG(2,("waiting for a connection\n"));
2697 memcpy((char *)&lfds, (char *)&listen_set, sizeof(listen_set));
2699 num = sys_select(&lfds,NULL);
2701 if (num == -1 && errno == EINTR)
2704 /* Find the sockets that are read-ready - accept on these. */
2705 for( ; num > 0; num--)
2707 struct sockaddr addr;
2708 int in_addrlen = sizeof(addr);
2711 for(i = 0; i < num_interfaces; i++)
2713 if(FD_ISSET(fd_listenset[i],&lfds))
2715 s = fd_listenset[i];
2716 /* Clear this so we don't look at it again. */
2717 FD_CLR(fd_listenset[i],&lfds);
2722 Client = accept(s,&addr,&in_addrlen);
2724 if (Client == -1 && errno == EINTR)
2729 DEBUG(0,("open_sockets: accept: %s\n",strerror(errno)));
2733 #ifdef NO_FORK_DEBUG
2734 #ifndef NO_SIGNAL_TEST
2735 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2736 signal(SIGCLD, SIGNAL_CAST SIG_DFL);
2737 #endif /* NO_SIGNAL_TEST */
2739 #else /* NO_FORK_DEBUG */
2740 if (Client != -1 && fork()==0)
2742 /* Child code ... */
2744 #ifndef NO_SIGNAL_TEST
2745 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2746 signal(SIGCLD, SIGNAL_CAST SIG_DFL);
2747 #endif /* NO_SIGNAL_TEST */
2748 /* close the listening socket(s) */
2749 for(i = 0; i < num_interfaces; i++)
2750 close(fd_listenset[i]);
2752 /* close our standard file descriptors */
2756 set_socket_options(Client,"SO_KEEPALIVE");
2757 set_socket_options(Client,user_socket_options);
2759 /* Reset global variables in util.c so that
2760 client substitutions will be done correctly
2763 reset_globals_after_fork();
2766 close(Client); /* The parent doesn't need this socket */
2767 #endif /* NO_FORK_DEBUG */
2770 } /* end if is_daemon */
2773 /* Started from inetd. fd 0 is the socket. */
2774 /* We will abort gracefully when the client or remote system
2776 #ifndef NO_SIGNAL_TEST
2777 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2781 /* close our standard file descriptors */
2784 set_socket_options(Client,"SO_KEEPALIVE");
2785 set_socket_options(Client,user_socket_options);
2791 /****************************************************************************
2792 process an smb from the client - split out from the process() code so
2793 it can be used by the oplock break code.
2794 ****************************************************************************/
2796 static void process_smb(char *inbuf, char *outbuf)
2799 static int trans_num;
2800 int msg_type = CVAL(inbuf,0);
2801 int32 len = smb_len(inbuf);
2802 int nread = len + 4;
2804 if (trans_num == 0) {
2805 /* on the first packet, check the global hosts allow/ hosts
2806 deny parameters before doing any parsing of the packet
2807 passed to us by the client. This prevents attacks on our
2808 parsing code from hosts not in the hosts allow list */
2809 if (!check_access(-1)) {
2810 /* send a negative session response "not listining on calling
2812 static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
2813 DEBUG(1,("%s Connection denied from %s\n",
2814 timestring(),client_addr(Client)));
2815 send_smb(Client,(char *)buf);
2816 exit_server("connection denied");
2820 DEBUG(6,("got message type 0x%x of len 0x%x\n",msg_type,len));
2821 DEBUG(3,("%s Transaction %d of length %d\n",timestring(),trans_num,nread));
2824 if(trans_num == 1 && VT_Check(inbuf))
2833 else if(msg_type == 0x85)
2834 return; /* Keepalive packet. */
2836 nread = construct_reply(inbuf,outbuf,nread,max_send);
2840 if (CVAL(outbuf,0) == 0)
2843 if (nread != smb_len(outbuf) + 4)
2845 DEBUG(0,("ERROR: Invalid message response size! %d %d\n",
2846 nread, smb_len(outbuf)));
2849 send_smb(Client,outbuf);
2854 /****************************************************************************
2855 open the oplock IPC socket communication
2856 ****************************************************************************/
2857 static BOOL open_oplock_ipc(void)
2859 struct sockaddr_in sock_name;
2860 int len = sizeof(sock_name);
2862 DEBUG(3,("open_oplock_ipc: opening loopback UDP socket.\n"));
2864 /* Open a lookback UDP socket on a random port. */
2865 oplock_sock = open_socket_in(SOCK_DGRAM, 0, 0, htonl(INADDR_LOOPBACK));
2866 if (oplock_sock == -1)
2868 DEBUG(0,("open_oplock_ipc: Failed to get local UDP socket for \
2869 address %x. Error was %s\n", htonl(INADDR_LOOPBACK), strerror(errno)));
2874 /* Find out the transient UDP port we have been allocated. */
2875 if(getsockname(oplock_sock, (struct sockaddr *)&sock_name, &len)<0)
2877 DEBUG(0,("open_oplock_ipc: Failed to get local UDP port. Error was %s\n",
2884 oplock_port = ntohs(sock_name.sin_port);
2886 DEBUG(3,("open_oplock ipc: pid = %d, oplock_port = %u\n",
2887 getpid(), oplock_port));
2892 /****************************************************************************
2893 process an oplock break message.
2894 ****************************************************************************/
2895 static BOOL process_local_message(int sock, char *buffer, int buf_size)
2901 msg_len = IVAL(buffer,UDP_CMD_LEN_OFFSET);
2902 from_port = SVAL(buffer,UDP_CMD_PORT_OFFSET);
2904 msg_start = &buffer[UDP_CMD_HEADER_LEN];
2906 DEBUG(5,("process_local_message: Got a message of length %d from port (%d)\n",
2907 msg_len, from_port));
2909 /* Switch on message command - currently OPLOCK_BREAK_CMD is the
2910 only valid request. */
2912 switch(SVAL(msg_start,UDP_MESSAGE_CMD_OFFSET))
2914 case OPLOCK_BREAK_CMD:
2915 /* Ensure that the msg length is correct. */
2916 if(msg_len != OPLOCK_BREAK_MSG_LEN)
2918 DEBUG(0,("process_local_message: incorrect length for OPLOCK_BREAK_CMD (was %d, \
2919 should be %d).\n", msg_len, OPLOCK_BREAK_MSG_LEN));
2923 uint32 remotepid = IVAL(msg_start,OPLOCK_BREAK_PID_OFFSET);
2924 uint32 dev = IVAL(msg_start,OPLOCK_BREAK_DEV_OFFSET);
2925 uint32 inode = IVAL(msg_start, OPLOCK_BREAK_INODE_OFFSET);
2926 struct timeval tval;
2927 struct sockaddr_in toaddr;
2929 tval.tv_sec = IVAL(msg_start, OPLOCK_BREAK_SEC_OFFSET);
2930 tval.tv_usec = IVAL(msg_start, OPLOCK_BREAK_USEC_OFFSET);
2932 DEBUG(5,("process_local_message: oplock break request from \
2933 pid %d, port %d, dev = %x, inode = %x\n", remotepid, from_port, dev, inode));
2936 * If we have no record of any currently open oplocks,
2937 * it's not an error, as a close command may have
2938 * just been issued on the file that was oplocked.
2939 * Just return success in this case.
2942 if(global_oplocks_open != 0)
2944 if(oplock_break(dev, inode, &tval) == False)
2946 DEBUG(0,("process_local_message: oplock break failed - \
2947 not returning udp message.\n"));
2953 DEBUG(3,("process_local_message: oplock break requested with no outstanding \
2954 oplocks. Returning success.\n"));
2957 /* Send the message back after OR'ing in the 'REPLY' bit. */
2958 SSVAL(msg_start,UDP_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD | CMD_REPLY);
2960 bzero((char *)&toaddr,sizeof(toaddr));
2961 toaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
2962 toaddr.sin_port = htons(from_port);
2963 toaddr.sin_family = AF_INET;
2965 if(sendto( sock, msg_start, OPLOCK_BREAK_MSG_LEN, 0,
2966 (struct sockaddr *)&toaddr, sizeof(toaddr)) < 0)
2968 DEBUG(0,("process_local_message: sendto process %d failed. Errno was %s\n",
2969 remotepid, strerror(errno)));
2973 DEBUG(5,("process_local_message: oplock break reply sent to \
2974 pid %d, port %d, for file dev = %x, inode = %x\n", remotepid,
2975 from_port, dev, inode));
2980 * Keep this as a debug case - eventually we can remove it.
2983 DEBUG(0,("process_local_message: Received unsolicited break \
2984 reply - dumping info.\n"));
2986 if(msg_len != OPLOCK_BREAK_MSG_LEN)
2988 DEBUG(0,("process_local_message: ubr: incorrect length for reply \
2989 (was %d, should be %d).\n", msg_len, OPLOCK_BREAK_MSG_LEN));
2994 uint32 remotepid = IVAL(msg_start,OPLOCK_BREAK_PID_OFFSET);
2995 uint32 dev = IVAL(msg_start,OPLOCK_BREAK_DEV_OFFSET);
2996 uint32 inode = IVAL(msg_start, OPLOCK_BREAK_INODE_OFFSET);
2998 DEBUG(0,("process_local_message: unsolicited oplock break reply from \
2999 pid %d, port %d, dev = %x, inode = %x\n", remotepid, from_port, dev, inode));
3005 DEBUG(0,("process_local_message: unknown UDP message command code (%x) - ignoring.\n",
3006 (unsigned int)SVAL(msg_start,0)));
3012 /****************************************************************************
3013 Process an oplock break directly.
3014 ****************************************************************************/
3015 BOOL oplock_break(uint32 dev, uint32 inode, struct timeval *tval)
3017 extern struct current_user current_user;
3020 char *outbuf = NULL;
3021 files_struct *fsp = NULL;
3024 BOOL shutdown_server = False;
3029 DEBUG(3,("%s oplock_break: called for dev = %x, inode = %x. Current \
3030 global_oplocks_open = %d\n", timestring(), dev, inode, global_oplocks_open));
3032 /* We need to search the file open table for the
3033 entry containing this dev and inode, and ensure
3034 we have an oplock on it. */
3035 for( fnum = 0; fnum < MAX_OPEN_FILES; fnum++)
3039 if((Files[fnum].fd_ptr->dev == dev) && (Files[fnum].fd_ptr->inode == inode) &&
3040 (Files[fnum].open_time.tv_sec == tval->tv_sec) &&
3041 (Files[fnum].open_time.tv_usec == tval->tv_usec)) {
3050 /* The file could have been closed in the meantime - return success. */
3051 DEBUG(0,("%s oplock_break: cannot find open file with dev = %x, inode = %x (fnum = %d) \
3052 allowing break to succeed.\n", timestring(), dev, inode, fnum));
3056 /* Ensure we have an oplock on the file */
3058 /* There is a potential race condition in that an oplock could
3059 have been broken due to another udp request, and yet there are
3060 still oplock break messages being sent in the udp message
3061 queue for this file. So return true if we don't have an oplock,
3062 as we may have just freed it.
3065 if(!fsp->granted_oplock)
3067 DEBUG(0,("%s oplock_break: file %s (fnum = %d, dev = %x, inode = %x) has no oplock. Allowing break to succeed regardless.\n", timestring(), fsp->name, fnum, dev, inode));
3071 /* mark the oplock break as sent - we don't want to send twice! */
3072 if (fsp->sent_oplock_break)
3074 DEBUG(0,("%s oplock_break: ERROR: oplock_break already sent for file %s (fnum = %d, dev = %x, inode = %x)\n", timestring(), fsp->name, fnum, dev, inode));
3076 /* We have to fail the open here as we cannot send another oplock break on this
3077 file whilst we are awaiting a response from the client - neither can we
3078 allow another open to succeed while we are waiting for the client. */
3082 /* Now comes the horrid part. We must send an oplock break to the client,
3083 and then process incoming messages until we get a close or oplock release.
3084 At this point we know we need a new inbuf/outbuf buffer pair.
3085 We cannot use these staticaly as we may recurse into here due to
3086 messages crossing on the wire.
3089 if((inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
3091 DEBUG(0,("oplock_break: malloc fail for input buffer.\n"));
3095 if((outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
3097 DEBUG(0,("oplock_break: malloc fail for output buffer.\n"));
3103 /* Prepare the SMBlockingX message. */
3104 bzero(outbuf,smb_size);
3105 set_message(outbuf,8,0,True);
3107 SCVAL(outbuf,smb_com,SMBlockingX);
3108 SSVAL(outbuf,smb_tid,fsp->cnum);
3109 SSVAL(outbuf,smb_pid,0xFFFF);
3110 SSVAL(outbuf,smb_uid,0);
3111 SSVAL(outbuf,smb_mid,0xFFFF);
3112 SCVAL(outbuf,smb_vwv0,0xFF);
3113 SSVAL(outbuf,smb_vwv2,fnum);
3114 SCVAL(outbuf,smb_vwv3,LOCKING_ANDX_OPLOCK_RELEASE);
3115 /* Change this when we have level II oplocks. */
3116 SCVAL(outbuf,smb_vwv3+1,OPLOCKLEVEL_NONE);
3118 send_smb(Client, outbuf);
3120 /* Remember we just sent an oplock break on this file. */
3121 fsp->sent_oplock_break = True;
3123 /* We need this in case a readraw crosses on the wire. */
3124 global_oplock_break = True;
3126 /* Process incoming messages. */
3128 /* JRA - If we don't get a break from the client in OPLOCK_BREAK_TIMEOUT
3129 seconds we should just die.... */
3131 start_time = time(NULL);
3134 * Save the information we need to re-become the
3135 * user, then unbecome the user whilst we're doing this.
3137 saved_cnum = fsp->cnum;
3138 saved_vuid = current_user.vuid;
3142 while(OPEN_FNUM(fnum) && fsp->granted_oplock)
3144 if(receive_smb(Client,inbuf,OPLOCK_BREAK_TIMEOUT * 1000) == False)
3147 * Die if we got an error.
3150 if (smb_read_error == READ_EOF)
3151 DEBUG(0,("%s oplock_break: end of file from client\n", timestring()));
3153 if (smb_read_error == READ_ERROR)
3154 DEBUG(0,("%s oplock_break: receive_smb error (%s)\n",
3155 timestring(), strerror(errno)));
3157 if (smb_read_error == READ_TIMEOUT)
3158 DEBUG(0,("%s oplock_break: receive_smb timed out after %d seconds.\n",
3159 timestring(), OPLOCK_BREAK_TIMEOUT));
3161 DEBUG(0,("%s oplock_break failed for file %s (fnum = %d, dev = %x, \
3162 inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
3163 shutdown_server = True;
3168 * There are certain SMB requests that we shouldn't allow
3169 * to recurse. opens, renames and deletes are the obvious
3170 * ones. This is handled in the switch_message() function.
3171 * If global_oplock_break is set they will push the packet onto
3172 * the pending smb queue and return -1 (no reply).
3176 process_smb(inbuf, outbuf);
3179 * Die if we go over the time limit.
3182 if((time(NULL) - start_time) > OPLOCK_BREAK_TIMEOUT)
3184 DEBUG(0,("%s oplock_break: no break received from client within \
3185 %d seconds.\n", timestring(), OPLOCK_BREAK_TIMEOUT));
3186 DEBUG(0,("%s oplock_break failed for file %s (fnum = %d, dev = %x, \
3187 inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
3188 shutdown_server = True;
3194 * Go back to being the user who requested the oplock
3197 if(!become_user(&Connections[saved_cnum], saved_cnum, saved_vuid))
3199 DEBUG(0,("%s oplock_break: unable to re-become user ! Shutting down server\n",
3203 exit_server("unable to re-become user");
3205 /* Including the directory. */
3208 /* Free the buffers we've been using to recurse. */
3212 /* We need this in case a readraw crossed on the wire. */
3213 if(global_oplock_break)
3214 global_oplock_break = False;
3217 * If the client did not respond we must die.
3222 DEBUG(0,("%s oplock_break: client failure in break - shutting down this smbd.\n",
3226 exit_server("oplock break failure");
3231 /* The lockingX reply will have removed the oplock flag
3232 from the sharemode. */
3234 fsp->granted_oplock = False;
3235 fsp->sent_oplock_break = False;
3236 global_oplocks_open--;
3239 /* Santity check - remove this later. JRA */
3240 if(global_oplocks_open < 0)
3242 DEBUG(0,("oplock_break: global_oplocks_open < 0 (%d). PANIC ERROR\n",
3243 global_oplocks_open));
3244 exit_server("oplock_break: global_oplocks_open < 0");
3247 DEBUG(3,("%s oplock_break: returning success for fnum = %d, dev = %x, inode = %x. Current \
3248 global_oplocks_open = %d\n", timestring(), fnum, dev, inode, global_oplocks_open));
3253 /****************************************************************************
3254 Send an oplock break message to another smbd process. If the oplock is held
3255 by the local smbd then call the oplock break function directly.
3256 ****************************************************************************/
3258 BOOL request_oplock_break(share_mode_entry *share_entry,
3259 uint32 dev, uint32 inode)
3261 char op_break_msg[OPLOCK_BREAK_MSG_LEN];
3262 struct sockaddr_in addr_out;
3267 if(pid == share_entry->pid)
3269 /* We are breaking our own oplock, make sure it's us. */
3270 if(share_entry->op_port != oplock_port)
3272 DEBUG(0,("request_oplock_break: corrupt share mode entry - pid = %d, port = %d \
3273 should be %d\n", pid, share_entry->op_port, oplock_port));
3277 DEBUG(5,("request_oplock_break: breaking our own oplock\n"));
3279 /* Call oplock break direct. */
3280 return oplock_break(dev, inode, &share_entry->time);
3283 /* We need to send a OPLOCK_BREAK_CMD message to the
3284 port in the share mode entry. */
3286 SSVAL(op_break_msg,UDP_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD);
3287 SIVAL(op_break_msg,OPLOCK_BREAK_PID_OFFSET,pid);
3288 SIVAL(op_break_msg,OPLOCK_BREAK_DEV_OFFSET,dev);
3289 SIVAL(op_break_msg,OPLOCK_BREAK_INODE_OFFSET,inode);
3290 SIVAL(op_break_msg,OPLOCK_BREAK_SEC_OFFSET,(uint32)share_entry->time.tv_sec);
3291 SIVAL(op_break_msg,OPLOCK_BREAK_USEC_OFFSET,(uint32)share_entry->time.tv_usec);
3293 /* set the address and port */
3294 bzero((char *)&addr_out,sizeof(addr_out));
3295 addr_out.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
3296 addr_out.sin_port = htons( share_entry->op_port );
3297 addr_out.sin_family = AF_INET;
3299 DEBUG(3,("%s request_oplock_break: sending a oplock break message to pid %d on port %d \
3300 for dev = %x, inode = %x\n", timestring(), share_entry->pid, share_entry->op_port, dev, inode));
3302 if(sendto(oplock_sock,op_break_msg,OPLOCK_BREAK_MSG_LEN,0,
3303 (struct sockaddr *)&addr_out,sizeof(addr_out)) < 0)
3305 DEBUG(0,("%s request_oplock_break: failed when sending a oplock break message \
3306 to pid %d on port %d for dev = %x, inode = %x. Error was %s\n",
3307 timestring(), share_entry->pid, share_entry->op_port, dev, inode,
3313 * Now we must await the oplock broken message coming back
3314 * from the target smbd process. Timeout if it fails to
3315 * return in (OPLOCK_BREAK_TIMEOUT + OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR) seconds.
3316 * While we get messages that aren't ours, loop.
3319 start_time = time(NULL);
3320 time_left = OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR;
3322 while(time_left >= 0)
3324 char op_break_reply[UDP_CMD_HEADER_LEN+OPLOCK_BREAK_MSG_LEN];
3325 int32 reply_msg_len;
3326 uint16 reply_from_port;
3327 char *reply_msg_start;
3329 if(receive_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply),
3330 time_left ? time_left * 1000 : 1) == False)
3332 if(smb_read_error == READ_TIMEOUT)
3334 DEBUG(0,("%s request_oplock_break: no response received to oplock break request to \
3335 pid %d on port %d for dev = %x, inode = %x\n", timestring(), share_entry->pid,
3336 share_entry->op_port, dev, inode));
3338 * This is a hack to make handling of failing clients more robust.
3339 * If a oplock break response message is not received in the timeout
3340 * period we may assume that the smbd servicing that client holding
3341 * the oplock has died and the client changes were lost anyway, so
3342 * we should continue to try and open the file.
3347 DEBUG(0,("%s request_oplock_break: error in response received to oplock break request to \
3348 pid %d on port %d for dev = %x, inode = %x. Error was (%s).\n", timestring, share_entry->pid,
3349 share_entry->op_port, dev, inode, strerror(errno)));
3353 reply_msg_len = IVAL(op_break_reply,UDP_CMD_LEN_OFFSET);
3354 reply_from_port = SVAL(op_break_reply,UDP_CMD_PORT_OFFSET);
3356 reply_msg_start = &op_break_reply[UDP_CMD_HEADER_LEN];
3358 if(reply_msg_len != OPLOCK_BREAK_MSG_LEN)
3361 DEBUG(0,("%s request_oplock_break: invalid message length received. Ignoring\n",
3367 * Test to see if this is the reply we are awaiting.
3370 if((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) &&
3371 (reply_from_port == share_entry->op_port) &&
3372 (memcmp(&reply_msg_start[OPLOCK_BREAK_PID_OFFSET],
3373 &op_break_msg[OPLOCK_BREAK_PID_OFFSET],
3374 OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) == 0))
3377 * This is the reply we've been waiting for.
3384 * This is another message - probably a break request.
3385 * Process it to prevent potential deadlock.
3386 * Note that the code in switch_message() prevents
3387 * us from recursing into here as any SMB requests
3388 * we might process that would cause another oplock
3389 * break request to be made will be queued.
3393 process_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply));
3396 time_left -= (time(NULL) - start_time);
3399 DEBUG(3,("%s request_oplock_break: broke oplock.\n", timestring()));
3404 /****************************************************************************
3405 Get the next SMB packet, doing the local message processing automatically.
3406 ****************************************************************************/
3408 BOOL receive_next_smb(int smbfd, int oplockfd, char *inbuf, int bufsize, int timeout)
3410 BOOL got_smb = False;
3415 ret = receive_message_or_smb(smbfd,oplockfd,inbuf,bufsize,
3420 /* Deal with oplock break requests from other smbd's. */
3421 process_local_message(oplock_sock, inbuf, bufsize);
3425 if(ret && (CVAL(inbuf,0) == 0x85))
3427 /* Keepalive packet. */
3432 while(ret && !got_smb);
3437 /****************************************************************************
3438 check if a snum is in use
3439 ****************************************************************************/
3440 BOOL snum_used(int snum)
3443 for (i=0;i<MAX_CONNECTIONS;i++)
3444 if (OPEN_CNUM(i) && (SNUM(i) == snum))
3449 /****************************************************************************
3450 reload the services file
3451 **************************************************************************/
3452 BOOL reload_services(BOOL test)
3459 pstrcpy(fname,lp_configfile());
3460 if (file_exist(fname,NULL) && !strcsequal(fname,servicesf))
3462 pstrcpy(servicesf,fname);
3469 if (test && !lp_file_list_changed())
3472 lp_killunused(snum_used);
3474 ret = lp_load(servicesf,False,False,True);
3476 /* perhaps the config filename is now set */
3478 reload_services(True);
3487 set_socket_options(Client,"SO_KEEPALIVE");
3488 set_socket_options(Client,user_socket_options);
3492 reset_mangled_cache();
3494 /* this forces service parameters to be flushed */
3495 become_service(-1,True);
3502 /****************************************************************************
3503 this prevents zombie child processes
3504 ****************************************************************************/
3505 static int sig_hup(void)
3507 BlockSignals(True,SIGHUP);
3508 DEBUG(0,("Got SIGHUP\n"));
3509 reload_services(False);
3510 #ifndef DONT_REINSTALL_SIG
3511 signal(SIGHUP,SIGNAL_CAST sig_hup);
3513 BlockSignals(False,SIGHUP);
3518 /****************************************************************************
3519 make a connection to a service
3520 ****************************************************************************/
3521 int make_connection(char *service,char *user,char *password, int pwlen, char *dev,uint16 vuid)
3525 struct passwd *pass = NULL;
3526 connection_struct *pcon;
3532 snum = find_service(service);
3536 if (strequal(service,"IPC$"))
3538 DEBUG(3,("%s refusing IPC connection\n",timestring()));
3542 DEBUG(0,("%s %s (%s) couldn't find service %s\n",timestring(),remote_machine,client_addr(Client),service));
3546 if (strequal(service,HOMES_NAME))
3548 if (*user && Get_Pwnam(user,True))
3549 return(make_connection(user,user,password,pwlen,dev,vuid));
3551 if(lp_security() != SEC_SHARE)
3553 if (validated_username(vuid))
3555 pstrcpy(user,validated_username(vuid));
3556 return(make_connection(user,user,password,pwlen,dev,vuid));
3562 * Security = share. Try with sesssetup_user as the username.
3566 pstrcpy(user,sesssetup_user);
3567 return(make_connection(user,user,password,pwlen,dev,vuid));
3572 if (!lp_snum_ok(snum) || !check_access(snum)) {
3576 /* you can only connect to the IPC$ service as an ipc device */
3577 if (strequal(service,"IPC$"))
3580 if (*dev == '?' || !*dev)
3582 if (lp_print_ok(snum))
3583 pstrcpy(dev,"LPT1:");
3588 /* if the request is as a printer and you can't print then refuse */
3590 if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) {
3591 DEBUG(1,("Attempt to connect to non-printer as a printer\n"));
3595 /* lowercase the user name */
3598 /* add it as a possible user name */
3599 add_session_user(service);
3601 /* shall we let them in? */
3602 if (!authorise_login(snum,user,password,pwlen,&guest,&force,vuid))
3604 DEBUG(2,("%s invalid username/password for %s\n",timestring(),service));
3608 cnum = find_free_connection(str_checksum(service) + str_checksum(user));
3611 DEBUG(0,("%s couldn't find free connection\n",timestring()));
3615 pcon = &Connections[cnum];
3616 bzero((char *)pcon,sizeof(*pcon));
3618 /* find out some info about the user */
3619 pass = Get_Pwnam(user,True);
3623 DEBUG(0,("%s couldn't find account %s\n",timestring(),user));
3627 pcon->read_only = lp_readonly(snum);
3631 StrnCpy(list,lp_readlist(snum),sizeof(pstring)-1);
3632 string_sub(list,"%S",service);
3634 if (user_in_list(user,list))
3635 pcon->read_only = True;
3637 StrnCpy(list,lp_writelist(snum),sizeof(pstring)-1);
3638 string_sub(list,"%S",service);
3640 if (user_in_list(user,list))
3641 pcon->read_only = False;
3644 /* admin user check */
3646 /* JRA - original code denied admin user if the share was
3647 marked read_only. Changed as I don't think this is needed,
3648 but old code left in case there is a problem here.
3650 if (user_in_list(user,lp_admin_users(snum))
3652 && !pcon->read_only)
3657 pcon->admin_user = True;
3658 DEBUG(0,("%s logged in as admin user (root privileges)\n",user));
3661 pcon->admin_user = False;
3663 pcon->force_user = force;
3665 pcon->uid = pass->pw_uid;
3666 pcon->gid = pass->pw_gid;
3667 pcon->num_files_open = 0;
3668 pcon->lastused = time(NULL);
3669 pcon->service = snum;
3671 pcon->printer = (strncmp(dev,"LPT",3) == 0);
3672 pcon->ipc = (strncmp(dev,"IPC",3) == 0);
3673 pcon->dirptr = NULL;
3674 pcon->veto_list = NULL;
3675 pcon->hide_list = NULL;
3676 pcon->veto_oplock_list = NULL;
3677 string_set(&pcon->dirpath,"");
3678 string_set(&pcon->user,user);
3681 if (*lp_force_group(snum))
3686 StrnCpy(gname,lp_force_group(snum),sizeof(pstring)-1);
3687 /* default service may be a group name */
3688 string_sub(gname,"%S",service);
3689 gptr = (struct group *)getgrnam(gname);
3693 pcon->gid = gptr->gr_gid;
3694 DEBUG(3,("Forced group %s\n",gname));
3697 DEBUG(1,("Couldn't find group %s\n",gname));
3701 if (*lp_force_user(snum))
3703 struct passwd *pass2;
3705 fstrcpy(fuser,lp_force_user(snum));
3706 pass2 = (struct passwd *)Get_Pwnam(fuser,True);
3709 pcon->uid = pass2->pw_uid;
3710 string_set(&pcon->user,fuser);
3711 fstrcpy(user,fuser);
3712 pcon->force_user = True;
3713 DEBUG(3,("Forced user %s\n",fuser));
3716 DEBUG(1,("Couldn't find user %s\n",fuser));
3721 pstrcpy(s,lp_pathname(snum));
3722 standard_sub(cnum,s);
3723 string_set(&pcon->connectpath,s);
3724 DEBUG(3,("Connect path is %s\n",s));
3727 /* groups stuff added by ih */
3729 pcon->igroups = NULL;
3730 pcon->groups = NULL;
3735 /* Find all the groups this uid is in and store them. Used by become_user() */
3736 setup_groups(pcon->user,pcon->uid,pcon->gid,
3737 &pcon->ngroups,&pcon->igroups,&pcon->groups,&pcon->attrs);
3739 /* check number of connections */
3740 if (!claim_connection(cnum,
3741 lp_servicename(SNUM(cnum)),
3742 lp_max_connections(SNUM(cnum)),False))
3744 DEBUG(1,("too many connections - rejected\n"));
3748 if (lp_status(SNUM(cnum)))
3749 claim_connection(cnum,"STATUS.",MAXSTATUS,False);
3754 /* execute any "root preexec = " line */
3755 if (*lp_rootpreexec(SNUM(cnum)))
3758 pstrcpy(cmd,lp_rootpreexec(SNUM(cnum)));
3759 standard_sub(cnum,cmd);
3760 DEBUG(5,("cmd=%s\n",cmd));
3761 smbrun(cmd,NULL,False);
3764 if (!become_user(&Connections[cnum], cnum,pcon->vuid))
3766 DEBUG(0,("Can't become connected user!\n"));
3768 if (!IS_IPC(cnum)) {
3769 yield_connection(cnum,
3770 lp_servicename(SNUM(cnum)),
3771 lp_max_connections(SNUM(cnum)));
3772 if (lp_status(SNUM(cnum))) yield_connection(cnum,"STATUS.",MAXSTATUS);
3777 if (ChDir(pcon->connectpath) != 0)
3779 DEBUG(0,("Can't change directory to %s (%s)\n",
3780 pcon->connectpath,strerror(errno)));
3783 if (!IS_IPC(cnum)) {
3784 yield_connection(cnum,
3785 lp_servicename(SNUM(cnum)),
3786 lp_max_connections(SNUM(cnum)));
3787 if (lp_status(SNUM(cnum))) yield_connection(cnum,"STATUS.",MAXSTATUS);
3792 string_set(&pcon->origpath,pcon->connectpath);
3794 #if SOFTLINK_OPTIMISATION
3795 /* resolve any soft links early */
3798 pstrcpy(s,pcon->connectpath);
3800 string_set(&pcon->connectpath,s);
3801 ChDir(pcon->connectpath);
3805 num_connections_open++;
3806 add_session_user(user);
3808 /* execute any "preexec = " line */
3809 if (*lp_preexec(SNUM(cnum)))
3812 pstrcpy(cmd,lp_preexec(SNUM(cnum)));
3813 standard_sub(cnum,cmd);
3814 smbrun(cmd,NULL,False);
3817 /* we've finished with the sensitive stuff */
3820 /* Add veto/hide lists */
3821 if (!IS_IPC(cnum) && !IS_PRINT(cnum))
3823 set_namearray( &pcon->veto_list, lp_veto_files(SNUM(cnum)));
3824 set_namearray( &pcon->hide_list, lp_hide_files(SNUM(cnum)));
3825 set_namearray( &pcon->veto_oplock_list, lp_veto_oplocks(SNUM(cnum)));
3830 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
3833 client_addr(Client),
3834 lp_servicename(SNUM(cnum)),user,
3843 /****************************************************************************
3844 Attempt to break an oplock on a file (if oplocked).
3845 Returns True if the file was closed as a result of
3846 the oplock break, False otherwise.
3847 Used as a last ditch attempt to free a space in the
3848 file table when we have run out.
3849 ****************************************************************************/
3851 static BOOL attempt_close_oplocked_file(files_struct *fp)
3854 DEBUG(5,("attempt_close_oplocked_file: checking file %s.\n", fp->name));
3856 if (fp->open && fp->granted_oplock && !fp->sent_oplock_break) {
3858 /* Try and break the oplock. */
3859 file_fd_struct *fsp = fp->fd_ptr;
3860 if(oplock_break( fsp->dev, fsp->inode, &fp->open_time)) {
3861 if(!fp->open) /* Did the oplock break close the file ? */
3869 /****************************************************************************
3870 find first available file slot
3871 ****************************************************************************/
3872 int find_free_file(void )
3875 static int first_file;
3877 /* we want to give out file handles differently on each new
3878 connection because of a common bug in MS clients where they try to
3879 reuse a file descriptor from an earlier smb connection. This code
3880 increases the chance that the errant client will get an error rather
3881 than causing corruption */
3882 if (first_file == 0) {
3883 first_file = (getpid() ^ (int)time(NULL)) % MAX_OPEN_FILES;
3884 if (first_file == 0) first_file = 1;
3887 if (first_file >= MAX_OPEN_FILES)
3890 for (i=first_file;i<MAX_OPEN_FILES;i++)
3891 if (!Files[i].open && !Files[i].reserved) {
3892 memset(&Files[i], 0, sizeof(Files[i]));
3894 Files[i].reserved = True;
3898 /* returning a file handle of 0 is a bad idea - so we start at 1 */
3899 for (i=1;i<first_file;i++)
3900 if (!Files[i].open && !Files[i].reserved) {
3901 memset(&Files[i], 0, sizeof(Files[i]));
3903 Files[i].reserved = True;
3908 * Before we give up, go through the open files
3909 * and see if there are any files opened with a
3910 * batch oplock. If so break the oplock and then
3911 * re-use that entry (if it becomes closed).
3912 * This may help as NT/95 clients tend to keep
3913 * files batch oplocked for quite a long time
3914 * after they have finished with them.
3916 for (i=first_file;i<MAX_OPEN_FILES;i++) {
3917 if(attempt_close_oplocked_file( &Files[i])) {
3918 memset(&Files[i], 0, sizeof(Files[i]));
3920 Files[i].reserved = True;
3925 for (i=1;i<MAX_OPEN_FILES;i++) {
3926 if(attempt_close_oplocked_file( &Files[i])) {
3927 memset(&Files[i], 0, sizeof(Files[i]));
3929 Files[i].reserved = True;
3934 DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
3938 /****************************************************************************
3939 find first available connection slot, starting from a random position.
3940 The randomisation stops problems with the server dieing and clients
3941 thinking the server is still available.
3942 ****************************************************************************/
3943 static int find_free_connection(int hash )
3947 hash = (hash % (MAX_CONNECTIONS-2))+1;
3951 for (i=hash+1;i!=hash;)
3953 if (!Connections[i].open && Connections[i].used == used)
3955 DEBUG(3,("found free connection number %d\n",i));
3959 if (i == MAX_CONNECTIONS)
3969 DEBUG(1,("ERROR! Out of connection structures\n"));
3974 /****************************************************************************
3975 reply for the core protocol
3976 ****************************************************************************/
3977 int reply_corep(char *outbuf)
3979 int outsize = set_message(outbuf,1,0,True);
3981 Protocol = PROTOCOL_CORE;
3987 /****************************************************************************
3988 reply for the coreplus protocol
3989 ****************************************************************************/
3990 int reply_coreplus(char *outbuf)
3992 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
3993 int outsize = set_message(outbuf,13,0,True);
3994 SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
3995 readbraw and writebraw (possibly) */
3996 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
3997 SSVAL(outbuf,smb_vwv1,0x1); /* user level security, don't encrypt */
3999 Protocol = PROTOCOL_COREPLUS;
4005 /****************************************************************************
4006 reply for the lanman 1.0 protocol
4007 ****************************************************************************/
4008 int reply_lanman1(char *outbuf)
4010 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
4012 BOOL doencrypt = SMBENCRYPT();
4013 time_t t = time(NULL);
4015 if (lp_security()>=SEC_USER) secword |= 1;
4016 if (doencrypt) secword |= 2;
4018 set_message(outbuf,13,doencrypt?8:0,True);
4019 SSVAL(outbuf,smb_vwv1,secword);
4020 /* Create a token value and add it to the outgoing packet. */
4022 generate_next_challenge(smb_buf(outbuf));
4024 Protocol = PROTOCOL_LANMAN1;
4026 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
4027 SSVAL(outbuf,smb_vwv2,max_recv);
4028 SSVAL(outbuf,smb_vwv3,lp_maxmux()); /* maxmux */
4029 SSVAL(outbuf,smb_vwv4,1);
4030 SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
4031 readbraw writebraw (possibly) */
4032 SIVAL(outbuf,smb_vwv6,getpid());
4033 SSVAL(outbuf,smb_vwv10, TimeDiff(t)/60);
4035 put_dos_date(outbuf,smb_vwv8,t);
4037 return (smb_len(outbuf)+4);
4041 /****************************************************************************
4042 reply for the lanman 2.0 protocol
4043 ****************************************************************************/
4044 int reply_lanman2(char *outbuf)
4046 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
4048 BOOL doencrypt = SMBENCRYPT();
4049 time_t t = time(NULL);
4050 struct cli_state *cli = NULL;
4054 if (lp_security() == SEC_SERVER) {
4055 cli = server_cryptkey();
4059 DEBUG(3,("using password server validation\n"));
4060 doencrypt = ((cli->sec_mode & 2) != 0);
4063 if (lp_security()>=SEC_USER) secword |= 1;
4064 if (doencrypt) secword |= 2;
4069 generate_next_challenge(cryptkey);
4071 memcpy(cryptkey, cli->cryptkey, 8);
4072 set_challenge(cli->cryptkey);
4076 set_message(outbuf,13,crypt_len,True);
4077 SSVAL(outbuf,smb_vwv1,secword);
4078 SIVAL(outbuf,smb_vwv6,getpid());
4080 memcpy(smb_buf(outbuf), cryptkey, 8);
4082 Protocol = PROTOCOL_LANMAN2;
4084 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
4085 SSVAL(outbuf,smb_vwv2,max_recv);
4086 SSVAL(outbuf,smb_vwv3,lp_maxmux());
4087 SSVAL(outbuf,smb_vwv4,1);
4088 SSVAL(outbuf,smb_vwv5,raw); /* readbraw and/or writebraw */
4089 SSVAL(outbuf,smb_vwv10, TimeDiff(t)/60);
4090 put_dos_date(outbuf,smb_vwv8,t);
4092 return (smb_len(outbuf)+4);
4096 /****************************************************************************
4097 reply for the nt protocol
4098 ****************************************************************************/
4099 int reply_nt1(char *outbuf)
4101 /* dual names + lock_and_read + nt SMBs + remote API calls */
4102 int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|CAP_RPC_REMOTE_APIS;
4104 other valid capabilities which we may support at some time...
4105 CAP_LARGE_FILES|CAP_NT_SMBS|CAP_RPC_REMOTE_APIS;
4106 CAP_LARGE_READX|CAP_STATUS32|CAP_LEVEL_II_OPLOCKS;
4110 BOOL doencrypt = SMBENCRYPT();
4111 time_t t = time(NULL);
4113 struct cli_state *cli = NULL;
4117 if (lp_security() == SEC_SERVER) {
4118 cli = server_cryptkey();
4122 DEBUG(3,("using password server validation\n"));
4123 doencrypt = ((cli->sec_mode & 2) != 0);
4129 generate_next_challenge(cryptkey);
4131 memcpy(cryptkey, cli->cryptkey, 8);
4132 set_challenge(cli->cryptkey);
4136 if (lp_readraw() && lp_writeraw()) {
4137 capabilities |= CAP_RAW_MODE;
4140 if (lp_security() >= SEC_USER) secword |= 1;
4141 if (doencrypt) secword |= 2;
4143 /* decide where (if) to put the encryption challenge, and
4144 follow it with the OEM'd domain name
4146 data_len = crypt_len + strlen(global_myworkgroup) + 1;
4148 set_message(outbuf,17,data_len,True);
4149 pstrcpy(smb_buf(outbuf)+crypt_len, global_myworkgroup);
4151 CVAL(outbuf,smb_vwv1) = secword;
4152 SSVALS(outbuf,smb_vwv16+1,crypt_len);
4154 memcpy(smb_buf(outbuf), cryptkey, 8);
4156 Protocol = PROTOCOL_NT1;
4158 SSVAL(outbuf,smb_vwv1+1,lp_maxmux()); /* maxmpx */
4159 SSVAL(outbuf,smb_vwv2+1,1); /* num vcs */
4160 SIVAL(outbuf,smb_vwv3+1,0xffff); /* max buffer. LOTS! */
4161 SIVAL(outbuf,smb_vwv5+1,0x10000); /* raw size. full 64k */
4162 SIVAL(outbuf,smb_vwv7+1,getpid()); /* session key */
4163 SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
4164 put_long_date(outbuf+smb_vwv11+1,t);
4165 SSVALS(outbuf,smb_vwv15+1,TimeDiff(t)/60);
4166 SSVAL(outbuf,smb_vwv17,data_len); /* length of challenge+domain strings */
4168 return (smb_len(outbuf)+4);
4171 /* these are the protocol lists used for auto architecture detection:
4174 protocol [PC NETWORK PROGRAM 1.0]
4175 protocol [XENIX CORE]
4176 protocol [MICROSOFT NETWORKS 1.03]
4177 protocol [LANMAN1.0]
4178 protocol [Windows for Workgroups 3.1a]
4179 protocol [LM1.2X002]
4180 protocol [LANMAN2.1]
4181 protocol [NT LM 0.12]
4184 protocol [PC NETWORK PROGRAM 1.0]
4185 protocol [XENIX CORE]
4186 protocol [MICROSOFT NETWORKS 1.03]
4187 protocol [LANMAN1.0]
4188 protocol [Windows for Workgroups 3.1a]
4189 protocol [LM1.2X002]
4190 protocol [LANMAN2.1]
4191 protocol [NT LM 0.12]
4194 protocol [PC NETWORK PROGRAM 1.0]
4195 protocol [XENIX CORE]
4196 protocol [LANMAN1.0]
4197 protocol [LM1.2X002]
4198 protocol [LANMAN2.1]
4202 * Modified to recognize the architecture of the remote machine better.
4204 * This appears to be the matrix of which protocol is used by which
4206 Protocol WfWg Win95 WinNT OS/2
4207 PC NETWORK PROGRAM 1.0 1 1 1 1
4209 MICROSOFT NETWORKS 3.0 2 2
4211 MICROSOFT NETWORKS 1.03 3
4214 Windows for Workgroups 3.1a 5 5 5
4219 * tim@fsg.com 09/29/95
4222 #define ARCH_WFWG 0x3 /* This is a fudge because WfWg is like Win95 */
4223 #define ARCH_WIN95 0x2
4224 #define ARCH_OS2 0xC /* Again OS/2 is like NT */
4225 #define ARCH_WINNT 0x8
4226 #define ARCH_SAMBA 0x10
4228 #define ARCH_ALL 0x1F
4230 /* List of supported protocols, most desired first */
4234 int (*proto_reply_fn)(char *);
4236 } supported_protocols[] = {
4237 {"NT LANMAN 1.0", "NT1", reply_nt1, PROTOCOL_NT1},
4238 {"NT LM 0.12", "NT1", reply_nt1, PROTOCOL_NT1},
4239 {"LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4240 {"Samba", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4241 {"DOS LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4242 {"LANMAN1.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1},
4243 {"MICROSOFT NETWORKS 3.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1},
4244 {"MICROSOFT NETWORKS 1.03", "COREPLUS", reply_coreplus, PROTOCOL_COREPLUS},
4245 {"PC NETWORK PROGRAM 1.0", "CORE", reply_corep, PROTOCOL_CORE},
4250 /****************************************************************************
4252 ****************************************************************************/
4253 static int reply_negprot(char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4255 int outsize = set_message(outbuf,1,0,True);
4260 int bcc = SVAL(smb_buf(inbuf),-2);
4261 int arch = ARCH_ALL;
4263 p = smb_buf(inbuf)+1;
4264 while (p < (smb_buf(inbuf) + bcc))
4267 DEBUG(3,("Requested protocol [%s]\n",p));
4268 if (strcsequal(p,"Windows for Workgroups 3.1a"))
4269 arch &= ( ARCH_WFWG | ARCH_WIN95 | ARCH_WINNT );
4270 else if (strcsequal(p,"DOS LM1.2X002"))
4271 arch &= ( ARCH_WFWG | ARCH_WIN95 );
4272 else if (strcsequal(p,"DOS LANMAN2.1"))
4273 arch &= ( ARCH_WFWG | ARCH_WIN95 );
4274 else if (strcsequal(p,"NT LM 0.12"))
4275 arch &= ( ARCH_WIN95 | ARCH_WINNT );
4276 else if (strcsequal(p,"LANMAN2.1"))
4277 arch &= ( ARCH_WINNT | ARCH_OS2 );
4278 else if (strcsequal(p,"LM1.2X002"))
4279 arch &= ( ARCH_WINNT | ARCH_OS2 );
4280 else if (strcsequal(p,"MICROSOFT NETWORKS 1.03"))
4282 else if (strcsequal(p,"XENIX CORE"))
4283 arch &= ( ARCH_WINNT | ARCH_OS2 );
4284 else if (strcsequal(p,"Samba")) {
4294 set_remote_arch(RA_SAMBA);
4297 set_remote_arch(RA_WFWG);
4300 set_remote_arch(RA_WIN95);
4303 set_remote_arch(RA_WINNT);
4306 set_remote_arch(RA_OS2);
4309 set_remote_arch(RA_UNKNOWN);
4313 /* possibly reload - change of architecture */
4314 reload_services(True);
4316 /* a special case to stop password server loops */
4317 if (Index == 1 && strequal(remote_machine,myhostname) &&
4318 (lp_security()==SEC_SERVER || lp_security()==SEC_DOMAIN))
4319 exit_server("Password server loop!");
4321 /* Check for protocols, most desirable first */
4322 for (protocol = 0; supported_protocols[protocol].proto_name; protocol++)
4324 p = smb_buf(inbuf)+1;
4326 if (lp_maxprotocol() >= supported_protocols[protocol].protocol_level)
4327 while (p < (smb_buf(inbuf) + bcc))
4329 if (strequal(p,supported_protocols[protocol].proto_name))
4338 SSVAL(outbuf,smb_vwv0,choice);
4340 extern fstring remote_proto;
4341 fstrcpy(remote_proto,supported_protocols[protocol].short_name);
4342 reload_services(True);
4343 outsize = supported_protocols[protocol].proto_reply_fn(outbuf);
4344 DEBUG(3,("Selected protocol %s\n",supported_protocols[protocol].proto_name));
4347 DEBUG(0,("No protocol supported !\n"));
4349 SSVAL(outbuf,smb_vwv0,choice);
4351 DEBUG(5,("%s negprot index=%d\n",timestring(),choice));
4357 /****************************************************************************
4358 close all open files for a connection
4359 ****************************************************************************/
4360 static void close_open_files(int cnum)
4363 for (i=0;i<MAX_OPEN_FILES;i++)
4364 if( Files[i].cnum == cnum && Files[i].open) {
4365 close_file(i,False);
4371 /****************************************************************************
4373 ****************************************************************************/
4374 void close_cnum(int cnum, uint16 vuid)
4377 DirCacheFlush(SNUM(cnum));
4381 if (!OPEN_CNUM(cnum))
4383 DEBUG(0,("Can't close cnum %d\n",cnum));
4387 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
4389 remote_machine,client_addr(Client),
4390 lp_servicename(SNUM(cnum))));
4392 yield_connection(cnum,
4393 lp_servicename(SNUM(cnum)),
4394 lp_max_connections(SNUM(cnum)));
4396 if (lp_status(SNUM(cnum)))
4397 yield_connection(cnum,"STATUS.",MAXSTATUS);
4399 close_open_files(cnum);
4400 dptr_closecnum(cnum);
4402 /* execute any "postexec = " line */
4403 if (*lp_postexec(SNUM(cnum)) && become_user(&Connections[cnum], cnum,vuid))
4406 pstrcpy(cmd,lp_postexec(SNUM(cnum)));
4407 standard_sub(cnum,cmd);
4408 smbrun(cmd,NULL,False);
4413 /* execute any "root postexec = " line */
4414 if (*lp_rootpostexec(SNUM(cnum)))
4417 pstrcpy(cmd,lp_rootpostexec(SNUM(cnum)));
4418 standard_sub(cnum,cmd);
4419 smbrun(cmd,NULL,False);
4422 Connections[cnum].open = False;
4423 num_connections_open--;
4424 if (Connections[cnum].ngroups && Connections[cnum].groups)
4426 if (Connections[cnum].igroups != (int *)Connections[cnum].groups)
4427 free(Connections[cnum].groups);
4428 free(Connections[cnum].igroups);
4429 Connections[cnum].groups = NULL;
4430 Connections[cnum].igroups = NULL;
4431 Connections[cnum].ngroups = 0;
4434 free_namearray(Connections[cnum].veto_list);
4435 free_namearray(Connections[cnum].hide_list);
4436 free_namearray(Connections[cnum].veto_oplock_list);
4438 string_set(&Connections[cnum].user,"");
4439 string_set(&Connections[cnum].dirpath,"");
4440 string_set(&Connections[cnum].connectpath,"");
4446 /*******************************************************************
4447 prepare to dump a core file - carefully!
4448 ********************************************************************/
4449 static BOOL dump_core(void)
4453 pstrcpy(dname,debugf);
4454 if ((p=strrchr(dname,'/'))) *p=0;
4455 pstrcat(dname,"/corefiles");
4457 sys_chown(dname,getuid(),getgid());
4459 if (chdir(dname)) return(False);
4462 #ifndef NO_GETRLIMIT
4466 getrlimit(RLIMIT_CORE, &rlp);
4467 rlp.rlim_cur = MAX(4*1024*1024,rlp.rlim_cur);
4468 setrlimit(RLIMIT_CORE, &rlp);
4469 getrlimit(RLIMIT_CORE, &rlp);
4470 DEBUG(3,("Core limits now %d %d\n",rlp.rlim_cur,rlp.rlim_max));
4476 DEBUG(0,("Dumping core in %s\n",dname));
4481 /****************************************************************************
4483 ****************************************************************************/
4484 void exit_server(char *reason)
4486 static int firsttime=1;
4489 if (!firsttime) exit(0);
4493 DEBUG(2,("Closing connections\n"));
4494 for (i=0;i<MAX_CONNECTIONS;i++)
4495 if (Connections[i].open)
4496 close_cnum(i,(uint16)-1);
4498 if (dcelogin_atmost_once)
4502 int oldlevel = DEBUGLEVEL;
4504 DEBUG(0,("Last message was %s\n",smb_fn_name(last_message)));
4506 show_msg(last_inbuf);
4507 DEBUGLEVEL = oldlevel;
4508 DEBUG(0,("===============================================================\n"));
4510 if (dump_core()) return;
4516 DEBUG(3,("%s Server exit (%s)\n",timestring(),reason?reason:""));
4520 /****************************************************************************
4521 do some standard substitutions in a string
4522 ****************************************************************************/
4523 void standard_sub(int cnum,char *str)
4525 if (VALID_CNUM(cnum)) {
4528 for ( s=str ; (p=strchr(s, '%')) != NULL ; s=p ) {
4530 case 'H' : if ((home = get_home_dir(Connections[cnum].user))!=NULL)
4531 string_sub(p,"%H",home);
4535 case 'P' : string_sub(p,"%P",Connections[cnum].connectpath); break;
4536 case 'S' : string_sub(p,"%S",lp_servicename(Connections[cnum].service)); break;
4537 case 'g' : string_sub(p,"%g",gidtoname(Connections[cnum].gid)); break;
4538 case 'u' : string_sub(p,"%u",Connections[cnum].user); break;
4540 * Patch from jkf@soton.ac.uk
4541 * Left the %N (NIS server name) in standard_sub_basic as it
4542 * is a feature for logon servers, hence uses the username.
4543 * The %p (NIS server path) code is here as it is used
4544 * instead of the default "path =" string in [homes] and so
4545 * needs the service name, not the username.
4547 case 'p' : string_sub(p,"%p",automount_path(lp_servicename(Connections[cnum].service))); break;
4548 case '\0' : p++; break; /* don't run off the end of the string */
4549 default : p+=2; break;
4553 standard_sub_basic(str);
4557 These flags determine some of the permissions required to do an operation
4559 Note that I don't set NEED_WRITE on some write operations because they
4560 are used by some brain-dead clients when printing, and I don't want to
4561 force write permissions on print services.
4563 #define AS_USER (1<<0)
4564 #define NEED_WRITE (1<<1)
4565 #define TIME_INIT (1<<2)
4566 #define CAN_IPC (1<<3)
4567 #define AS_GUEST (1<<5)
4568 #define QUEUE_IN_OPLOCK (1<<6)
4571 define a list of possible SMB messages and their corresponding
4572 functions. Any message that has a NULL function is unimplemented -
4573 please feel free to contribute implementations!
4575 struct smb_message_struct
4579 int (*fn)(char *, char *, int, int);
4589 {SMBnegprot,"SMBnegprot",reply_negprot,0},
4590 {SMBtcon,"SMBtcon",reply_tcon,0},
4591 {SMBtdis,"SMBtdis",reply_tdis,0},
4592 {SMBexit,"SMBexit",reply_exit,0},
4593 {SMBioctl,"SMBioctl",reply_ioctl,0},
4594 {SMBecho,"SMBecho",reply_echo,0},
4595 {SMBsesssetupX,"SMBsesssetupX",reply_sesssetup_and_X,0},
4596 {SMBtconX,"SMBtconX",reply_tcon_and_X,0},
4597 {SMBulogoffX, "SMBulogoffX", reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
4598 {SMBgetatr,"SMBgetatr",reply_getatr,AS_USER},
4599 {SMBsetatr,"SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
4600 {SMBchkpth,"SMBchkpth",reply_chkpth,AS_USER},
4601 {SMBsearch,"SMBsearch",reply_search,AS_USER},
4602 {SMBopen,"SMBopen",reply_open,AS_USER | QUEUE_IN_OPLOCK },
4604 /* note that SMBmknew and SMBcreate are deliberately overloaded */
4605 {SMBcreate,"SMBcreate",reply_mknew,AS_USER},
4606 {SMBmknew,"SMBmknew",reply_mknew,AS_USER},
4608 {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
4609 {SMBread,"SMBread",reply_read,AS_USER},
4610 {SMBwrite,"SMBwrite",reply_write,AS_USER},
4611 {SMBclose,"SMBclose",reply_close,AS_USER | CAN_IPC},
4612 {SMBmkdir,"SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
4613 {SMBrmdir,"SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
4614 {SMBdskattr,"SMBdskattr",reply_dskattr,AS_USER},
4615 {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
4617 /* this is a Pathworks specific call, allowing the
4618 changing of the root path */
4619 {pSETDIR,"pSETDIR",reply_setdir,AS_USER},
4621 {SMBlseek,"SMBlseek",reply_lseek,AS_USER},
4622 {SMBflush,"SMBflush",reply_flush,AS_USER},
4623 {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
4624 {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
4625 {SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
4626 {SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER|AS_GUEST},
4627 {SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
4628 {SMBlock,"SMBlock",reply_lock,AS_USER},
4629 {SMBunlock,"SMBunlock",reply_unlock,AS_USER},
4631 /* CORE+ PROTOCOL FOLLOWS */
4633 {SMBreadbraw,"SMBreadbraw",reply_readbraw,AS_USER},
4634 {SMBwritebraw,"SMBwritebraw",reply_writebraw,AS_USER},
4635 {SMBwriteclose,"SMBwriteclose",reply_writeclose,AS_USER},
4636 {SMBlockread,"SMBlockread",reply_lockread,AS_USER},
4637 {SMBwriteunlock,"SMBwriteunlock",reply_writeunlock,AS_USER},
4639 /* LANMAN1.0 PROTOCOL FOLLOWS */
4641 {SMBreadBmpx,"SMBreadBmpx",reply_readbmpx,AS_USER},
4642 {SMBreadBs,"SMBreadBs",NULL,AS_USER},
4643 {SMBwriteBmpx,"SMBwriteBmpx",reply_writebmpx,AS_USER},
4644 {SMBwriteBs,"SMBwriteBs",reply_writebs,AS_USER},
4645 {SMBwritec,"SMBwritec",NULL,AS_USER},
4646 {SMBsetattrE,"SMBsetattrE",reply_setattrE,AS_USER | NEED_WRITE},
4647 {SMBgetattrE,"SMBgetattrE",reply_getattrE,AS_USER},
4648 {SMBtrans,"SMBtrans",reply_trans,AS_USER | CAN_IPC},
4649 {SMBtranss,"SMBtranss",NULL,AS_USER | CAN_IPC},
4650 {SMBioctls,"SMBioctls",NULL,AS_USER},
4651 {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
4652 {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
4654 {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
4655 {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER | CAN_IPC },
4656 {SMBwriteX,"SMBwriteX",reply_write_and_X,AS_USER},
4657 {SMBlockingX,"SMBlockingX",reply_lockingX,AS_USER},
4659 {SMBffirst,"SMBffirst",reply_search,AS_USER},
4660 {SMBfunique,"SMBfunique",reply_search,AS_USER},
4661 {SMBfclose,"SMBfclose",reply_fclose,AS_USER},
4663 /* LANMAN2.0 PROTOCOL FOLLOWS */
4664 {SMBfindnclose, "SMBfindnclose", reply_findnclose, AS_USER},
4665 {SMBfindclose, "SMBfindclose", reply_findclose,AS_USER},
4666 {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER },
4667 {SMBtranss2, "SMBtranss2", reply_transs2, AS_USER},
4669 /* messaging routines */
4670 {SMBsends,"SMBsends",reply_sends,AS_GUEST},
4671 {SMBsendstrt,"SMBsendstrt",reply_sendstrt,AS_GUEST},
4672 {SMBsendend,"SMBsendend",reply_sendend,AS_GUEST},
4673 {SMBsendtxt,"SMBsendtxt",reply_sendtxt,AS_GUEST},
4675 /* NON-IMPLEMENTED PARTS OF THE CORE PROTOCOL */
4677 {SMBsendb,"SMBsendb",NULL,AS_GUEST},
4678 {SMBfwdname,"SMBfwdname",NULL,AS_GUEST},
4679 {SMBcancelf,"SMBcancelf",NULL,AS_GUEST},
4680 {SMBgetmac,"SMBgetmac",NULL,AS_GUEST}
4683 /****************************************************************************
4684 return a string containing the function name of a SMB command
4685 ****************************************************************************/
4686 char *smb_fn_name(int type)
4688 static char *unknown_name = "SMBunknown";
4689 static int num_smb_messages =
4690 sizeof(smb_messages) / sizeof(struct smb_message_struct);
4693 for (match=0;match<num_smb_messages;match++)
4694 if (smb_messages[match].code == type)
4697 if (match == num_smb_messages)
4698 return(unknown_name);
4700 return(smb_messages[match].name);
4704 /****************************************************************************
4705 do a switch on the message type, and return the response size
4706 ****************************************************************************/
4707 static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize)
4711 static int num_smb_messages =
4712 sizeof(smb_messages) / sizeof(struct smb_message_struct);
4716 struct timeval msg_start_time;
4717 struct timeval msg_end_time;
4718 static unsigned long total_time = 0;
4720 GetTimeOfDay(&msg_start_time);
4727 last_message = type;
4729 /* make sure this is an SMB packet */
4730 if (strncmp(smb_base(inbuf),"\377SMB",4) != 0)
4732 DEBUG(2,("Non-SMB packet of length %d\n",smb_len(inbuf)));
4736 for (match=0;match<num_smb_messages;match++)
4737 if (smb_messages[match].code == type)
4740 if (match == num_smb_messages)
4742 DEBUG(0,("Unknown message type %d!\n",type));
4743 outsize = reply_unknown(inbuf,outbuf);
4747 DEBUG(3,("switch message %s (pid %d)\n",smb_messages[match].name,pid));
4749 if(global_oplock_break && (smb_messages[match].flags & QUEUE_IN_OPLOCK))
4752 * Queue this message as we are the process of an oplock break.
4755 DEBUG(2,("%s: switch_message: queueing message due to being in oplock break state.\n",
4758 push_smb_message( inbuf, size);
4762 if (smb_messages[match].fn)
4764 int cnum = SVAL(inbuf,smb_tid);
4765 int flags = smb_messages[match].flags;
4766 static uint16 last_session_tag = UID_FIELD_INVALID;
4767 /* In share mode security we must ignore the vuid. */
4768 uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
4769 /* Ensure this value is replaced in the incoming packet. */
4770 SSVAL(inbuf,smb_uid,session_tag);
4773 * Ensure the correct username is in sesssetup_user.
4774 * This is a really ugly bugfix for problems with
4775 * multiple session_setup_and_X's being done and
4776 * allowing %U and %G substitutions to work correctly.
4777 * There is a reason this code is done here, don't
4778 * move it unless you know what you're doing... :-).
4781 if(session_tag != last_session_tag ) {
4782 user_struct *vuser = NULL;
4784 last_session_tag = session_tag;
4785 if(session_tag != UID_FIELD_INVALID)
4786 vuser = get_valid_user_struct(session_tag);
4788 pstrcpy( sesssetup_user, vuser->requested_name);
4791 /* does this protocol need to be run as root? */
4792 if (!(flags & AS_USER))
4795 /* does this protocol need to be run as the connected user? */
4796 if ((flags & AS_USER) && !become_user(&Connections[cnum], cnum,session_tag)) {
4797 if (flags & AS_GUEST)
4800 return(ERROR(ERRSRV,ERRinvnid));
4802 /* this code is to work around a bug is MS client 3 without
4803 introducing a security hole - it needs to be able to do
4804 print queue checks as guest if it isn't logged in properly */
4805 if (flags & AS_USER)
4808 /* does it need write permission? */
4809 if ((flags & NEED_WRITE) && !CAN_WRITE(cnum))
4810 return(ERROR(ERRSRV,ERRaccess));
4812 /* ipc services are limited */
4813 if (IS_IPC(cnum) && (flags & AS_USER) && !(flags & CAN_IPC))
4814 return(ERROR(ERRSRV,ERRaccess));
4816 /* load service specific parameters */
4817 if (OPEN_CNUM(cnum) && !become_service(cnum,(flags & AS_USER)?True:False))
4818 return(ERROR(ERRSRV,ERRaccess));
4820 /* does this protocol need to be run as guest? */
4821 if ((flags & AS_GUEST) && (!become_guest() || !check_access(-1)))
4822 return(ERROR(ERRSRV,ERRaccess));
4826 outsize = smb_messages[match].fn(inbuf,outbuf,size,bufsize);
4830 outsize = reply_unknown(inbuf,outbuf);
4835 GetTimeOfDay(&msg_end_time);
4836 if (!(smb_messages[match].flags & TIME_INIT))
4838 smb_messages[match].time = 0;
4839 smb_messages[match].flags |= TIME_INIT;
4842 unsigned long this_time =
4843 (msg_end_time.tv_sec - msg_start_time.tv_sec)*1e6 +
4844 (msg_end_time.tv_usec - msg_start_time.tv_usec);
4845 smb_messages[match].time += this_time;
4846 total_time += this_time;
4848 DEBUG(2,("TIME %s %d usecs %g pct\n",
4849 smb_fn_name(type),smb_messages[match].time,
4850 (100.0*smb_messages[match].time) / total_time));
4857 /****************************************************************************
4858 construct a chained reply and add it to the already made reply
4859 **************************************************************************/
4860 int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
4862 static char *orig_inbuf;
4863 static char *orig_outbuf;
4864 int smb_com1, smb_com2 = CVAL(inbuf,smb_vwv0);
4865 unsigned smb_off2 = SVAL(inbuf,smb_vwv1);
4866 char *inbuf2, *outbuf2;
4868 char inbuf_saved[smb_wct];
4869 char outbuf_saved[smb_wct];
4870 extern int chain_size;
4871 int wct = CVAL(outbuf,smb_wct);
4872 int outsize = smb_size + 2*wct + SVAL(outbuf,smb_vwv0+2*wct);
4874 /* maybe its not chained */
4875 if (smb_com2 == 0xFF) {
4876 CVAL(outbuf,smb_vwv0) = 0xFF;
4880 if (chain_size == 0) {
4881 /* this is the first part of the chain */
4883 orig_outbuf = outbuf;
4886 /* we need to tell the client where the next part of the reply will be */
4887 SSVAL(outbuf,smb_vwv1,smb_offset(outbuf+outsize,outbuf));
4888 CVAL(outbuf,smb_vwv0) = smb_com2;
4890 /* remember how much the caller added to the chain, only counting stuff
4891 after the parameter words */
4892 chain_size += outsize - smb_wct;
4894 /* work out pointers into the original packets. The
4895 headers on these need to be filled in */
4896 inbuf2 = orig_inbuf + smb_off2 + 4 - smb_wct;
4897 outbuf2 = orig_outbuf + SVAL(outbuf,smb_vwv1) + 4 - smb_wct;
4899 /* remember the original command type */
4900 smb_com1 = CVAL(orig_inbuf,smb_com);
4902 /* save the data which will be overwritten by the new headers */
4903 memcpy(inbuf_saved,inbuf2,smb_wct);
4904 memcpy(outbuf_saved,outbuf2,smb_wct);
4906 /* give the new packet the same header as the last part of the SMB */
4907 memmove(inbuf2,inbuf,smb_wct);
4909 /* create the in buffer */
4910 CVAL(inbuf2,smb_com) = smb_com2;
4912 /* create the out buffer */
4913 bzero(outbuf2,smb_size);
4914 set_message(outbuf2,0,0,True);
4915 CVAL(outbuf2,smb_com) = CVAL(inbuf2,smb_com);
4917 memcpy(outbuf2+4,inbuf2+4,4);
4918 CVAL(outbuf2,smb_rcls) = SMB_SUCCESS;
4919 CVAL(outbuf2,smb_reh) = 0;
4920 CVAL(outbuf2,smb_flg) = 0x80 | (CVAL(inbuf2,smb_flg) & 0x8); /* bit 7 set
4922 SSVAL(outbuf2,smb_flg2,1); /* say we support long filenames */
4923 SSVAL(outbuf2,smb_err,SMB_SUCCESS);
4924 SSVAL(outbuf2,smb_tid,SVAL(inbuf2,smb_tid));
4925 SSVAL(outbuf2,smb_pid,SVAL(inbuf2,smb_pid));
4926 SSVAL(outbuf2,smb_uid,SVAL(inbuf2,smb_uid));
4927 SSVAL(outbuf2,smb_mid,SVAL(inbuf2,smb_mid));
4929 DEBUG(3,("Chained message\n"));
4932 /* process the request */
4933 outsize2 = switch_message(smb_com2,inbuf2,outbuf2,size-chain_size,
4934 bufsize-chain_size);
4936 /* copy the new reply and request headers over the old ones, but
4937 preserve the smb_com field */
4938 memmove(orig_outbuf,outbuf2,smb_wct);
4939 CVAL(orig_outbuf,smb_com) = smb_com1;
4941 /* restore the saved data, being careful not to overwrite any
4942 data from the reply header */
4943 memcpy(inbuf2,inbuf_saved,smb_wct);
4945 int ofs = smb_wct - PTR_DIFF(outbuf2,orig_outbuf);
4946 if (ofs < 0) ofs = 0;
4947 memmove(outbuf2+ofs,outbuf_saved+ofs,smb_wct-ofs);
4955 /****************************************************************************
4956 construct a reply to the incoming packet
4957 ****************************************************************************/
4958 int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
4960 int type = CVAL(inbuf,smb_com);
4962 int msg_type = CVAL(inbuf,0);
4963 extern int chain_size;
4965 smb_last_time = time(NULL);
4971 bzero(outbuf,smb_size);
4974 return(reply_special(inbuf,outbuf));
4976 CVAL(outbuf,smb_com) = CVAL(inbuf,smb_com);
4977 set_message(outbuf,0,0,True);
4979 memcpy(outbuf+4,inbuf+4,4);
4980 CVAL(outbuf,smb_rcls) = SMB_SUCCESS;
4981 CVAL(outbuf,smb_reh) = 0;
4982 CVAL(outbuf,smb_flg) = 0x80 | (CVAL(inbuf,smb_flg) & 0x8); /* bit 7 set
4984 SSVAL(outbuf,smb_flg2,1); /* say we support long filenames */
4985 SSVAL(outbuf,smb_err,SMB_SUCCESS);
4986 SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
4987 SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
4988 SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
4989 SSVAL(outbuf,smb_mid,SVAL(inbuf,smb_mid));
4991 outsize = switch_message(type,inbuf,outbuf,size,bufsize);
4993 outsize += chain_size;
4996 smb_setlen(outbuf,outsize - 4);
5000 /****************************************************************************
5001 process commands from the client
5002 ****************************************************************************/
5003 static void process(void)
5007 InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
5008 OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
5009 if ((InBuffer == NULL) || (OutBuffer == NULL))
5012 InBuffer += SMB_ALIGNMENT;
5013 OutBuffer += SMB_ALIGNMENT;
5016 DEBUG(3,("priming nmbd\n"));
5019 ip = *interpret_addr2("localhost");
5020 if (zero_ip(ip)) ip = *interpret_addr2("127.0.0.1");
5022 send_one_packet(OutBuffer,1,ip,NMB_PORT,SOCK_DGRAM);
5026 /* re-initialise the timezone */
5031 int deadtime = lp_deadtime()*60;
5033 int last_keepalive=0;
5034 int service_load_counter = 0;
5035 BOOL got_smb = False;
5038 deadtime = DEFAULT_SMBD_TIMEOUT;
5040 #if USE_READ_PREDICTION
5041 if (lp_readprediction())
5042 do_read_prediction();
5047 for (counter=SMBD_SELECT_LOOP;
5048 !receive_message_or_smb(Client,oplock_sock,
5049 InBuffer,BUFFER_SIZE,SMBD_SELECT_LOOP*1000,&got_smb);
5050 counter += SMBD_SELECT_LOOP)
5054 BOOL allidle = True;
5055 extern int keepalive;
5057 if (counter > 365 * 3600) /* big number of seconds. */
5060 service_load_counter = 0;
5063 if (smb_read_error == READ_EOF)
5065 DEBUG(3,("end of file from client\n"));
5069 if (smb_read_error == READ_ERROR)
5071 DEBUG(3,("receive_smb error (%s) exiting\n",
5078 /* become root again if waiting */
5081 /* check for smb.conf reload */
5082 if (counter >= service_load_counter + SMBD_RELOAD_CHECK)
5084 service_load_counter = counter;
5086 /* reload services, if files have changed. */
5087 reload_services(True);
5090 /* automatic timeout if all connections are closed */
5091 if (num_connections_open==0 && counter >= IDLE_CLOSED_TIMEOUT)
5093 DEBUG(2,("%s Closing idle connection\n",timestring()));
5097 if (keepalive && (counter-last_keepalive)>keepalive)
5099 struct cli_state *cli = server_client();
5100 if (!send_keepalive(Client)) {
5101 DEBUG(2,("%s Keepalive failed - exiting\n",timestring()));
5104 /* also send a keepalive to the password server if its still
5106 if (cli && cli->initialised)
5107 send_keepalive(cli->fd);
5108 last_keepalive = counter;
5111 /* check for connection timeouts */
5112 for (i=0;i<MAX_CONNECTIONS;i++)
5113 if (Connections[i].open)
5115 /* close dirptrs on connections that are idle */
5116 if ((t-Connections[i].lastused)>DPTR_IDLE_TIMEOUT)
5119 if (Connections[i].num_files_open > 0 ||
5120 (t-Connections[i].lastused)<deadtime)
5124 if (allidle && num_connections_open>0)
5126 DEBUG(2,("%s Closing idle connection 2\n",timestring()));
5130 if(global_machine_pasword_needs_changing)
5132 unsigned char trust_passwd_hash[16];
5134 pstring remote_machine_list;
5137 * We're in domain level security, and the code that
5138 * read the machine password flagged that the machine
5139 * password needs changing.
5143 * First, open the machine password file with an exclusive lock.
5146 if(!trust_password_lock( global_myworkgroup, global_myname, True)) {
5147 DEBUG(0,("process: unable to open the machine account password file for \
5148 machine %s in domain %s.\n", global_myname, global_myworkgroup ));
5152 if(!get_trust_account_password( trust_passwd_hash, &lct)) {
5153 DEBUG(0,("process: unable to read the machine account password for \
5154 machine %s in domain %s.\n", global_myname, global_myworkgroup ));
5155 trust_password_unlock();
5160 * Make sure someone else hasn't already done this.
5163 if(t < lct + lp_machine_password_timeout()) {
5164 trust_password_unlock();
5165 global_machine_pasword_needs_changing = False;
5169 pstrcpy(remote_machine_list, lp_passwordserver());
5171 change_trust_account_password( global_myworkgroup, remote_machine_list);
5172 trust_password_unlock();
5173 global_machine_pasword_needs_changing = False;
5178 process_smb(InBuffer, OutBuffer);
5180 process_local_message(oplock_sock, InBuffer, BUFFER_SIZE);
5185 /****************************************************************************
5186 initialise connect, service and file structs
5187 ****************************************************************************/
5188 static void init_structs(void )
5191 get_myname(myhostname,NULL);
5194 * Set the machine NETBIOS name if not already
5195 * set from the config file.
5198 if (!*global_myname)
5201 fstrcpy( global_myname, myhostname );
5202 p = strchr( global_myname, '.' );
5206 strupper( global_myname );
5208 for (i=0;i<MAX_CONNECTIONS;i++)
5210 Connections[i].open = False;
5211 Connections[i].num_files_open=0;
5212 Connections[i].lastused=0;
5213 Connections[i].used=False;
5214 string_init(&Connections[i].user,"");
5215 string_init(&Connections[i].dirpath,"");
5216 string_init(&Connections[i].connectpath,"");
5217 string_init(&Connections[i].origpath,"");
5220 for (i=0;i<MAX_OPEN_FILES;i++)
5222 Files[i].open = False;
5223 string_init(&Files[i].name,"");
5226 for (i=0;i<MAX_OPEN_FILES;i++)
5228 file_fd_struct *fd_ptr = &FileFd[i];
5229 fd_ptr->ref_count = 0;
5230 fd_ptr->dev = (int32)-1;
5231 fd_ptr->inode = (int32)-1;
5233 fd_ptr->fd_readonly = -1;
5234 fd_ptr->fd_writeonly = -1;
5235 fd_ptr->real_open_flags = -1;
5239 init_rpc_pipe_hnd();
5241 /* for LSA handles */
5242 init_lsa_policy_hnd();
5247 /****************************************************************************
5248 usage on the program
5249 ****************************************************************************/
5250 static void usage(char *pname)
5252 DEBUG(0,("Incorrect program usage - are you sure the command line is correct?\n"));
5254 printf("Usage: %s [-D] [-p port] [-d debuglevel] [-l log basename] [-s services file]\n",pname);
5255 printf("Version %s\n",VERSION);
5256 printf("\t-D become a daemon\n");
5257 printf("\t-p port listen on the specified port\n");
5258 printf("\t-d debuglevel set the debuglevel\n");
5259 printf("\t-l log basename. Basename for log/debug files\n");
5260 printf("\t-s services file. Filename of services file\n");
5261 printf("\t-P passive only\n");
5262 printf("\t-a overwrite log file, don't append\n");
5267 /****************************************************************************
5269 ****************************************************************************/
5270 int main(int argc,char *argv[])
5272 extern BOOL append_log;
5273 /* shall I run as a daemon */
5274 BOOL is_daemon = False;
5275 int port = SMB_PORT;
5277 extern char *optarg;
5279 #ifdef NEED_AUTH_PARAMETERS
5280 set_auth_parameters(argc,argv);
5291 pstrcpy(debugf,SMBLOGFILE);
5293 pstrcpy(remote_machine, "smb");
5295 setup_logging(argv[0],False);
5297 charset_initialise();
5299 /* make absolutely sure we run as root - to handle cases where people
5300 are crazy enough to have it setuid */
5310 fault_setup((void (*)(void *))exit_server);
5311 signal(SIGTERM , SIGNAL_CAST dflt_sig);
5313 /* we want total control over the permissions on created files,
5314 so set our umask to 0 */
5321 /* this is for people who can't start the program correctly */
5322 while (argc > 1 && (*argv[1] != '-'))
5328 while ((opt = getopt(argc, argv, "O:i:l:s:d:Dp:hPaf:")) != EOF)
5332 pstrcpy(user_socket_options,optarg);
5335 pstrcpy(scope,optarg);
5339 extern BOOL passive;
5344 pstrcpy(servicesf,optarg);
5347 pstrcpy(debugf,optarg);
5351 extern BOOL append_log;
5352 append_log = !append_log;
5362 DEBUGLEVEL = atoi(optarg);
5365 port = atoi(optarg);
5378 DEBUG(2,("%s smbd version %s started\n",timestring(),VERSION));
5379 DEBUG(2,("Copyright Andrew Tridgell 1992-1997\n"));
5381 #ifndef NO_GETRLIMIT
5382 #ifdef RLIMIT_NOFILE
5385 getrlimit(RLIMIT_NOFILE, &rlp);
5387 * Set the fd limit to be MAX_OPEN_FILES + 10 to account for the
5388 * extra fd we need to read directories, as well as the log files
5389 * and standard handles etc.
5391 rlp.rlim_cur = (MAX_OPEN_FILES+10>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES+10;
5392 setrlimit(RLIMIT_NOFILE, &rlp);
5393 getrlimit(RLIMIT_NOFILE, &rlp);
5394 DEBUG(3,("Maximum number of open files per session is %d\n",rlp.rlim_cur));
5400 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
5401 getuid(),getgid(),geteuid(),getegid()));
5403 if (sizeof(uint16) < 2 || sizeof(uint32) < 4)
5405 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
5411 if (!reload_services(False))
5414 codepage_initialise(lp_client_code_page());
5416 pstrcpy(global_myworkgroup, lp_workgroup());
5418 if(!pdb_generate_machine_sid())
5420 DEBUG(0,("ERROR: Samba cannot get a machine SID.\n"));
5424 #ifndef NO_SIGNAL_TEST
5425 signal(SIGHUP,SIGNAL_CAST sig_hup);
5428 /* Setup the signals that allow the debug log level
5429 to by dynamically changed. */
5431 /* If we are using the malloc debug code we can't use
5432 SIGUSR1 and SIGUSR2 to do debug level changes. */
5435 #if defined(SIGUSR1)
5436 signal( SIGUSR1, SIGNAL_CAST sig_usr1 );
5437 #endif /* SIGUSR1 */
5439 #if defined(SIGUSR2)
5440 signal( SIGUSR2, SIGNAL_CAST sig_usr2 );
5441 #endif /* SIGUSR2 */
5442 #endif /* MEM_MAN */
5444 DEBUG(3,("%s loaded services\n",timestring()));
5446 if (!is_daemon && !is_a_socket(0))
5448 DEBUG(0,("standard input is not a socket, assuming -D option\n"));
5454 DEBUG(3,("%s becoming a daemon\n",timestring()));
5458 if (!directory_exist(lp_lockdir(), NULL)) {
5459 mkdir(lp_lockdir(), 0755);
5463 pidfile_create("smbd");
5466 if (!open_sockets(is_daemon,port))
5469 if (!locking_init(0))
5472 if(!initialize_password_db())
5475 /* possibly reload the services file. */
5476 reload_services(True);
5478 max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
5482 if (sys_chroot(lp_rootdir()) == 0)
5483 DEBUG(2,("%s changed root to %s\n",timestring(),lp_rootdir()));
5486 /* Setup the oplock IPC socket. */
5487 if(!open_oplock_ipc())
5493 exit_server("normal exit");