summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2000-04-11 13:55:53 +0000
committerAndrew Tridgell <tridge@samba.org>2000-04-11 13:55:53 +0000
commit2fa922611bf7160e2c1ce80c11b50006448bf98d (patch)
treeed29a6f6c0364ee631b049b26031139b9e74a4ec
parent03630a9aa9ce5c00619ad3c4bb498d95054ae03a (diff)
downloadsamba-2fa922611bf7160e2c1ce80c11b50006448bf98d.tar.gz
samba-2fa922611bf7160e2c1ce80c11b50006448bf98d.tar.bz2
samba-2fa922611bf7160e2c1ce80c11b50006448bf98d.zip
finally got sick of the "extern int Client" code and the stupid
assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
-rw-r--r--source3/lib/access.c6
-rw-r--r--source3/lib/util.c53
-rw-r--r--source3/lib/util_sock.c154
-rw-r--r--source3/libsmb/clientgen.c23
-rw-r--r--source3/nmbd/nmbd.c1
-rw-r--r--source3/rpc_server/srv_netlog.c2
-rw-r--r--source3/smbd/blocking.c5
-rw-r--r--source3/smbd/connection.c6
-rw-r--r--source3/smbd/ipc.c7
-rw-r--r--source3/smbd/nttrans.c10
-rw-r--r--source3/smbd/oplock.c10
-rw-r--r--source3/smbd/password.c6
-rw-r--r--source3/smbd/process.c26
-rw-r--r--source3/smbd/reply.c25
-rw-r--r--source3/smbd/server.c51
-rw-r--r--source3/smbd/service.c8
-rw-r--r--source3/smbd/ssl.c6
-rw-r--r--source3/smbd/trans2.c7
-rw-r--r--source3/web/cgi.c6
19 files changed, 195 insertions, 217 deletions
diff --git a/source3/lib/access.c b/source3/lib/access.c
index 01f559750f..d646c0823b 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -253,13 +253,13 @@ BOOL check_access(int sock, char *allow_list, char *deny_list)
if (!ret) {
if (allow_access(deny_list,allow_list,
- client_name(sock),client_addr(sock))) {
+ get_socket_name(sock),get_socket_addr(sock))) {
DEBUG(2,("Allowed connection from %s (%s)\n",
- client_name(sock),client_addr(sock)));
+ get_socket_name(sock),get_socket_addr(sock)));
ret = True;
} else {
DEBUG(0,("Denied connection from %s (%s)\n",
- client_name(sock),client_addr(sock)));
+ get_socket_name(sock),get_socket_addr(sock)));
}
}
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 7d10f9ccd2..ebb89c9d89 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -65,9 +65,6 @@ int Protocol = PROTOCOL_COREPLUS;
/* a default finfo structure to ensure all fields are sensible */
file_info def_finfo = {-1,0,0,0,0,0,0,""};
-/* the client file descriptor */
-extern int Client;
-
/* this is used by the chaining code */
int chain_size = 0;
@@ -1610,52 +1607,6 @@ BOOL zero_ip(struct in_addr ip)
}
-/*******************************************************************
- matchname - determine if host name matches IP address
- ******************************************************************/
-BOOL matchname(char *remotehost,struct in_addr addr)
-{
- struct hostent *hp;
- int i;
-
- if ((hp = Get_Hostbyname(remotehost)) == 0) {
- DEBUG(0,("Get_Hostbyname(%s): lookup failure.\n", remotehost));
- return False;
- }
-
- /*
- * Make sure that gethostbyname() returns the "correct" host name.
- * Unfortunately, gethostbyname("localhost") sometimes yields
- * "localhost.domain". Since the latter host name comes from the
- * local DNS, we just have to trust it (all bets are off if the local
- * DNS is perverted). We always check the address list, though.
- */
-
- if (strcasecmp(remotehost, hp->h_name)
- && strcasecmp(remotehost, "localhost")) {
- DEBUG(0,("host name/name mismatch: %s != %s\n",
- remotehost, hp->h_name));
- return False;
- }
-
- /* Look up the host address in the address list we just got. */
- for (i = 0; hp->h_addr_list[i]; i++) {
- if (memcmp(hp->h_addr_list[i], (caddr_t) & addr, sizeof(addr)) == 0)
- return True;
- }
-
- /*
- * The host name does not map to the original host address. Perhaps
- * someone has compromised a name server. More likely someone botched
- * it, but that could be dangerous, too.
- */
-
- DEBUG(0,("host name/address mismatch: %s != %s\n",
- inet_ntoa(addr), hp->h_name));
- return False;
-}
-
-
#if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
/******************************************************************
Remove any mount options such as -rsize=2048,wsize=2048 etc.
@@ -1953,9 +1904,9 @@ void standard_sub_basic(char *str)
break;
}
case 'N' : string_sub(p,"%N", automount_server(username),l); break;
- case 'I' : string_sub(p,"%I", client_addr(Client),l); break;
+ case 'I' : string_sub(p,"%I", client_addr(),l); break;
case 'L' : string_sub(p,"%L", local_machine,l); break;
- case 'M' : string_sub(p,"%M", client_name(Client),l); break;
+ case 'M' : string_sub(p,"%M", client_name(),l); break;
case 'R' : string_sub(p,"%R", remote_proto,l); break;
case 'T' : string_sub(p,"%T", timestring(False),l); break;
case 'U' : string_sub(p,"%U", username,l); break;
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index fd5ed71c9c..bf02e40520 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -32,9 +32,6 @@ extern int DEBUGLEVEL;
BOOL passive = False;
-/* the client file descriptor */
-int Client = -1;
-
/* the last IP received from */
struct in_addr lastip;
@@ -153,20 +150,6 @@ void set_socket_options(int fd, char *options)
}
/****************************************************************************
- Close the socket communication.
-****************************************************************************/
-
-void close_sockets(void )
-{
-#ifdef WITH_SSL
- sslutil_disconnect(Client);
-#endif /* WITH_SSL */
-
- close(Client);
- Client = -1;
-}
-
-/****************************************************************************
Read from a socket.
****************************************************************************/
@@ -725,7 +708,6 @@ BOOL send_null_session_msg(int fd)
if (ret <= 0)
{
DEBUG(0,("send_null_session_msg: Error writing %d bytes to client. %d. Exiting\n",(int)len,(int)ret));
- close_sockets();
exit(1);
}
nwritten += ret;
@@ -752,7 +734,6 @@ BOOL send_smb(int fd,char *buffer)
if (ret <= 0)
{
DEBUG(0,("Error writing %d bytes to client. %d. Exiting\n",(int)len,(int)ret));
- close_sockets();
exit(1);
}
nwritten += ret;
@@ -951,14 +932,9 @@ connect_again:
expanded if more variables need reseting.
******************************************************************/
-static BOOL global_client_name_done = False;
-static BOOL global_client_addr_done = False;
void reset_globals_after_fork(void)
{
- global_client_name_done = False;
- global_client_addr_done = False;
-
/*
* Re-seed the random crypto generator, so all smbd's
* started from the same parent won't generate the same
@@ -969,71 +945,120 @@ void reset_globals_after_fork(void)
generate_random_buffer( &dummy, 1, True);
}
}
-
+
+/* the following 3 client_*() functions are nasty ways of allowing
+ some generic functions to get info that really should be hidden in
+ particular modules */
+static int client_fd = -1;
+
+void client_setfd(int fd)
+{
+ client_fd = fd;
+}
+
+char *client_name(void)
+{
+ return get_socket_name(client_fd);
+}
+
+char *client_addr(void)
+{
+ return get_socket_addr(client_fd);
+}
+
/*******************************************************************
- return the DNS name of the client
+ matchname - determine if host name matches IP address. Used to
+ confirm a hostname lookup to prevent spoof attacks
******************************************************************/
-
-char *client_name(int fd)
+static BOOL matchname(char *remotehost,struct in_addr addr)
{
- struct sockaddr sa;
- struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
- int length = sizeof(sa);
- static pstring name_buf;
struct hostent *hp;
- static int last_fd=-1;
+ int i;
- if (global_client_name_done && last_fd == fd)
- return name_buf;
+ if ((hp = Get_Hostbyname(remotehost)) == 0) {
+ DEBUG(0,("Get_Hostbyname(%s): lookup failure.\n", remotehost));
+ return False;
+ }
+
+ /*
+ * Make sure that gethostbyname() returns the "correct" host name.
+ * Unfortunately, gethostbyname("localhost") sometimes yields
+ * "localhost.domain". Since the latter host name comes from the
+ * local DNS, we just have to trust it (all bets are off if the local
+ * DNS is perverted). We always check the address list, though.
+ */
- last_fd = fd;
- global_client_name_done = False;
-
- pstrcpy(name_buf,"UNKNOWN");
-
- if (fd == -1) {
- return name_buf;
+ if (strcasecmp(remotehost, hp->h_name)
+ && strcasecmp(remotehost, "localhost")) {
+ DEBUG(0,("host name/name mismatch: %s != %s\n",
+ remotehost, hp->h_name));
+ return False;
}
- if (getpeername(fd, &sa, &length) < 0) {
- DEBUG(0,("getpeername failed. Error was %s\n", strerror(errno) ));
- return name_buf;
+ /* Look up the host address in the address list we just got. */
+ for (i = 0; hp->h_addr_list[i]; i++) {
+ if (memcmp(hp->h_addr_list[i], (caddr_t) & addr, sizeof(addr)) == 0)
+ return True;
}
+ /*
+ * The host name does not map to the original host address. Perhaps
+ * someone has compromised a name server. More likely someone botched
+ * it, but that could be dangerous, too.
+ */
+
+ DEBUG(0,("host name/address mismatch: %s != %s\n",
+ inet_ntoa(addr), hp->h_name));
+ return False;
+}
+
+
+/*******************************************************************
+ return the DNS name of the remote end of a socket
+ ******************************************************************/
+char *get_socket_name(int fd)
+{
+ static pstring name_buf;
+ static fstring addr_buf;
+ struct hostent *hp;
+ struct in_addr addr;
+ char *p;
+
+ p = get_socket_addr(fd);
+
+ /* it might be the same as the last one - save some DNS work */
+ if (strcmp(p, addr_buf) == 0) return name_buf;
+
+ pstrcpy(name_buf,"UNKNOWN");
+ if (fd == -1) return name_buf;
+
+ fstrcpy(addr_buf, p);
+
+ if (inet_aton(p, &addr) == 0) return name_buf;
+
/* Look up the remote host name. */
- if ((hp = gethostbyaddr((char *) &sockin->sin_addr,
- sizeof(sockin->sin_addr),
- AF_INET)) == 0) {
- DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr(fd)));
- StrnCpy(name_buf,client_addr(fd),sizeof(name_buf) - 1);
+ if ((hp = gethostbyaddr((char *)&addr.s_addr, sizeof(addr.s_addr), AF_INET)) == 0) {
+ DEBUG(1,("Gethostbyaddr failed for %s\n",p));
+ pstrcpy(name_buf, p);
} else {
- StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
- if (!matchname(name_buf, sockin->sin_addr)) {
- DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr(fd)));
+ pstrcpy(name_buf,(char *)hp->h_name);
+ if (!matchname(name_buf, addr)) {
+ DEBUG(0,("Matchname failed on %s %s\n",name_buf,p));
pstrcpy(name_buf,"UNKNOWN");
}
}
- global_client_name_done = True;
return name_buf;
}
/*******************************************************************
- return the IP addr of the client as a string
+ return the IP addr of the remote end of a socket as a string
******************************************************************/
-
-char *client_addr(int fd)
+char *get_socket_addr(int fd)
{
struct sockaddr sa;
struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
int length = sizeof(sa);
static fstring addr_buf;
- static int last_fd = -1;
-
- if (global_client_addr_done && fd == last_fd)
- return addr_buf;
-
- last_fd = fd;
- global_client_addr_done = False;
fstrcpy(addr_buf,"0.0.0.0");
@@ -1048,7 +1073,6 @@ char *client_addr(int fd)
fstrcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr));
- global_client_addr_done = True;
return addr_buf;
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 29c228ecfa..6472cf0380 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -88,10 +88,9 @@ static BOOL cli_send_smb(struct cli_state *cli)
}
}
if (ret <= 0) {
- DEBUG(0,("Error writing %d bytes to client. %d. Exiting\n",
+ DEBUG(0,("Error writing %d bytes to client. %d\n",
(int)len,(int)ret));
- close_sockets();
- exit(1);
+ return False;
}
nwritten += ret;
}
@@ -1516,11 +1515,11 @@ size_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t
if (size2 > block) {
DEBUG(0,("server returned more than we wanted!\n"));
- exit(1);
+ return -1;
}
if (mid >= issued) {
DEBUG(0,("invalid mid from server!\n"));
- exit(1);
+ return -1;
}
p = smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_vwv6);
@@ -2551,7 +2550,6 @@ retry:
/* SESSION RETARGET */
putip((char *)&cli->dest_ip,cli->inbuf+4);
- close_sockets();
cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip, port, LONG_CONNECT_TIMEOUT);
if (cli->fd == -1)
return False;
@@ -2561,7 +2559,18 @@ retry:
set_socket_options(cli->fd,user_socket_options);
/* Try again */
- return cli_session_request(cli, calling, called);
+ {
+ static int depth;
+ BOOL ret;
+ if (depth > 4) {
+ DEBUG(0,("Retarget recursion - failing\n"));
+ return False;
+ }
+ depth++;
+ ret = cli_session_request(cli, calling, called);
+ depth--;
+ return ret;
+ }
} /* C. Hoch 9/14/95 End */
#ifdef WITH_SSL
diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c
index 57d025c660..c7ebe48822 100644
--- a/source3/nmbd/nmbd.c
+++ b/source3/nmbd/nmbd.c
@@ -859,7 +859,6 @@ static void usage(char *pname)
#endif /* SIGUSR2 */
process();
- close_sockets();
if (dbf)
fclose(dbf);
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 7f893e2633..a198b6b98a 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -276,7 +276,7 @@ static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct)
*/
if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
- client_name(Client), client_addr(Client)))
+ client_name(), client_addr()))
{
DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct));
return False;
diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c
index c90f475b46..ea8d2fd053 100644
--- a/source3/smbd/blocking.c
+++ b/source3/smbd/blocking.c
@@ -21,7 +21,6 @@
#include "includes.h"
extern int DEBUGLEVEL;
-extern int Client;
extern char *OutBuffer;
/****************************************************************************
@@ -134,7 +133,7 @@ static void send_blocking_reply(char *outbuf, int outsize)
if(outsize > 4)
smb_setlen(outbuf,outsize - 4);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/****************************************************************************
@@ -180,7 +179,7 @@ static void generic_blocking_lock_error(blocking_lock_record *blr, int eclass, i
SSVAL(outbuf,smb_flg2, SVAL(outbuf,smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
ERROR(eclass,ecode);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/****************************************************************************
diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c
index c796fee8b5..9c859e4d89 100644
--- a/source3/smbd/connection.c
+++ b/source3/smbd/connection.c
@@ -71,7 +71,6 @@ BOOL claim_connection(connection_struct *conn,char *name,int max_connections,BOO
struct connections_key key;
struct connections_data crec;
TDB_DATA kbuf, dbuf;
- extern int Client;
if (max_connections <= 0)
return(True);
@@ -106,7 +105,7 @@ BOOL claim_connection(connection_struct *conn,char *name,int max_connections,BOO
crec.start = time(NULL);
StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1);
- StrnCpy(crec.addr,conn?conn->client_address:client_addr(Client),sizeof(crec.addr)-1);
+ StrnCpy(crec.addr,conn?conn->client_address:client_addr(),sizeof(crec.addr)-1);
dbuf.dptr = (char *)&crec;
dbuf.dsize = sizeof(crec);
@@ -343,7 +342,6 @@ static void utmp_yield(pid_t pid, const connection_struct *conn)
static void utmp_claim(const struct connect_record *crec, const connection_struct *conn)
{
- extern int Client;
struct utmp u;
if (conn == NULL) {
@@ -359,7 +357,7 @@ static void utmp_claim(const struct connect_record *crec, const connection_struc
DEBUG(2,("utmp_claim: conn: user:%s cnum:%d i:%d\n",
conn->user, conn->cnum, i));
DEBUG(2,("utmp_claim: crec: pid:%d, cnum:%d name:%s addr:%s mach:%s DNS:%s\n",
- crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_name(Client)));
+ crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_name()));
memset((char *)&u, '\0', sizeof(struct utmp));
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 271b0e253b..46ef677f38 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -58,7 +58,6 @@ extern fstring global_myworkgroup;
#define SNLEN 15 /* service name length */
#define QNLEN 12 /* queue name maximum length */
-extern int Client;
extern int smb_read_error;
static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -212,7 +211,7 @@ static void send_trans_reply(char *outbuf,
SSVAL(outbuf,smb_vwv9,0);
show_msg(outbuf);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
tot_data_sent = this_ldata;
tot_param_sent = this_lparam;
@@ -245,7 +244,7 @@ static void send_trans_reply(char *outbuf,
SSVAL(outbuf,smb_vwv9,0);
show_msg(outbuf);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
tot_data_sent += this_ldata;
tot_param_sent += this_lparam;
@@ -3608,7 +3607,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
show_msg(outbuf);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/* receive the rest of the trans packet */
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 54e67f5593..bd77f17802 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -24,7 +24,6 @@
extern int DEBUGLEVEL;
extern int Protocol;
-extern int Client;
extern int smb_read_error;
extern int global_oplock_break;
extern BOOL case_sensitive;
@@ -88,7 +87,7 @@ static int send_nt_replies(char *inbuf, char *outbuf, int bufsize, uint32 nt_err
*/
if(params_to_send == 0 && data_to_send == 0) {
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
return 0;
}
@@ -217,7 +216,7 @@ static int send_nt_replies(char *inbuf, char *outbuf, int bufsize, uint32 nt_err
params_to_send, data_to_send, paramsize, datasize));
/* Send the packet */
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
pp += params_sent_thistime;
pd += data_sent_thistime;
@@ -1422,7 +1421,6 @@ static ubi_slList change_notify_queue = { NULL, (ubi_slNodePtr)&change_notify_qu
static void change_notify_reply_packet(char *inbuf, int error_class, uint32 error_code)
{
- extern int Client;
char outbuf[smb_size+38];
memset(outbuf, '\0', sizeof(outbuf));
@@ -1447,7 +1445,7 @@ static void change_notify_reply_packet(char *inbuf, int error_class, uint32 erro
*/
set_message(outbuf,18,0,False);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/****************************************************************************
@@ -2589,7 +2587,7 @@ due to being in oplock break state.\n" ));
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
while( num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) {
BOOL ret;
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 218961d88c..e794d2d923 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -753,7 +753,6 @@ static files_struct *initial_break_processing(SMB_DEV_T dev, SMB_INO_T inode, st
BOOL oplock_break_level2(files_struct *fsp, BOOL local_request, int token)
{
- extern int Client;
extern uint32 global_client_caps;
char outbuf[128];
BOOL got_lock = False;
@@ -781,7 +780,7 @@ BOOL oplock_break_level2(files_struct *fsp, BOOL local_request, int token)
/* Prepare the SMBlockingX message. */
prepare_break_message( outbuf, fsp, False);
- send_smb(Client, outbuf);
+ send_smb(smbd_server_fd(), outbuf);
}
/*
@@ -832,7 +831,6 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
{
extern uint32 global_client_caps;
extern struct current_user current_user;
- extern int Client;
char *inbuf = NULL;
char *outbuf = NULL;
files_struct *fsp = NULL;
@@ -923,7 +921,7 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
fsp->sent_oplock_break = using_levelII?
LEVEL_II_BREAK_SENT:EXCLUSIVE_BREAK_SENT;
- send_smb(Client, outbuf);
+ send_smb(smbd_server_fd(), outbuf);
/* We need this in case a readraw crosses on the wire. */
global_oplock_break = True;
@@ -958,7 +956,7 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
while((fsp = initial_break_processing(dev, inode, tval)) &&
OPEN_FSP(fsp) && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type))
{
- if(receive_smb(Client,inbuf, timeout) == False)
+ if(receive_smb(smbd_server_fd(),inbuf, timeout) == False)
{
/*
* Die if we got an error.
@@ -1019,7 +1017,6 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
{
DEBUG( 0, ( "oplock_break: unable to re-become user!" ) );
DEBUGADD( 0, ( "Shutting down server\n" ) );
- close_sockets();
close(oplock_sock);
exit_server("unable to re-become user");
}
@@ -1059,7 +1056,6 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
{
DEBUG( 0, ( "oplock_break: client failure in break - " ) );
DEBUGADD( 0, ( "shutting down this smbd.\n" ) );
- close_sockets();
close(oplock_sock);
exit_server("oplock break failure");
}
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index bdb0385a48..208dbd2bff 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -943,8 +943,7 @@ BOOL check_hosts_equiv(char *user)
/* note: don't allow hosts.equiv on root */
if (fname && *fname && (pass->pw_uid != 0)) {
- extern int Client;
- if (check_user_equiv(user,client_name(Client),fname))
+ if (check_user_equiv(user,client_name(),fname))
return(True);
}
@@ -952,9 +951,8 @@ BOOL check_hosts_equiv(char *user)
{
char *home = get_user_home_dir(user);
if (home) {
- extern int Client;
slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
- if (check_user_equiv(user,client_name(Client),rhostsfile))
+ if (check_user_equiv(user,client_name(),rhostsfile))
return(True);
}
}
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 403990a79d..2383b7a3a5 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -133,7 +133,6 @@ The timeout is in milli seconds
static BOOL receive_message_or_smb(char *buffer, int buffer_len,
int timeout, BOOL *got_smb)
{
- extern int Client;
fd_set fds;
int selrtn;
struct timeval to;
@@ -167,13 +166,13 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len,
*/
FD_ZERO(&fds);
- FD_SET(Client,&fds);
+ FD_SET(smbd_server_fd(),&fds);
maxfd = setup_oplock_select_set(&fds);
to.tv_sec = timeout / 1000;
to.tv_usec = (timeout % 1000) * 1000;
- selrtn = sys_select(MAX(maxfd,Client)+1,&fds,timeout>0?&to:NULL);
+ selrtn = sys_select(MAX(maxfd,smbd_server_fd())+1,&fds,timeout>0?&to:NULL);
/* Check if error */
if(selrtn == -1) {
@@ -188,10 +187,10 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len,
return False;
}
- if (FD_ISSET(Client,&fds))
+ if (FD_ISSET(smbd_server_fd(),&fds))
{
*got_smb = True;
- return receive_smb(Client, buffer, 0);
+ return receive_smb(smbd_server_fd(), buffer, 0);
}
else
{
@@ -419,7 +418,6 @@ static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize
static int num_smb_messages =
sizeof(smb_messages) / sizeof(struct smb_message_struct);
int match;
- extern int Client;
extern int global_smbpid;
if (pid == (pid_t)-1)
@@ -535,7 +533,7 @@ static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize
/* does this protocol need to be run as guest? */
if ((flags & AS_GUEST) &&
(!become_guest() ||
- !check_access(Client, lp_hostsallow(-1), lp_hostsdeny(-1)))) {
+ !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1)))) {
return(ERROR(ERRSRV,ERRaccess));
}
@@ -589,7 +587,6 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
****************************************************************************/
void process_smb(char *inbuf, char *outbuf)
{
- extern int Client;
#ifdef WITH_SSL
extern BOOL sslEnabled; /* don't use function for performance reasons */
static int sslConnected = 0;
@@ -608,13 +605,13 @@ void process_smb(char *inbuf, char *outbuf)
deny parameters before doing any parsing of the packet
passed to us by the client. This prevents attacks on our
parsing code from hosts not in the hosts allow list */
- if (!check_access(Client, lp_hostsallow(-1), lp_hostsdeny(-1))) {
+ if (!check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))) {
/* send a negative session response "not listining on calling
name" */
static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
DEBUG( 1, ( "Connection denied from %s\n",
- client_addr(Client) ) );
- send_smb(Client,(char *)buf);
+ client_addr() ) );
+ send_smb(smbd_server_fd(),(char *)buf);
exit_server("connection denied");
}
}
@@ -624,7 +621,7 @@ void process_smb(char *inbuf, char *outbuf)
#ifdef WITH_SSL
if(sslEnabled && !sslConnected){
- sslConnected = sslutil_negotiate_ssl(Client, msg_type);
+ sslConnected = sslutil_negotiate_ssl(smbd_server_fd(), msg_type);
if(sslConnected < 0){ /* an error occured */
exit_server("SSL negotiation failed");
}else if(sslConnected){
@@ -660,7 +657,7 @@ void process_smb(char *inbuf, char *outbuf)
nread, smb_len(outbuf)));
}
else
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
trans_num++;
}
@@ -851,7 +848,6 @@ void check_reload(int t)
static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_timeout_processing_time)
{
- extern int Client;
static time_t last_keepalive_sent_time = 0;
static time_t last_idle_closed_check = 0;
time_t t;
@@ -897,7 +893,7 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t
if (keepalive && (t - last_keepalive_sent_time)>keepalive)
{
struct cli_state *cli = server_client();
- if (!send_keepalive(Client)) {
+ if (!send_keepalive(smbd_server_fd())) {
DEBUG( 2, ( "Keepalive failed - exiting.\n" ) );
return False;
}
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 81d3ef32b3..3ada28364b 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -40,7 +40,6 @@ extern BOOL short_case_preserve;
extern pstring sesssetup_user;
extern pstring global_myname;
extern fstring global_myworkgroup;
-extern int Client;
extern int global_oplock_break;
uint32 global_client_caps = 0;
unsigned int smb_echo_count = 0;
@@ -55,7 +54,7 @@ static void overflow_attack(int len)
dbgtext( "ERROR: Invalid password length %d.\n", len );
dbgtext( "Your machine may be under attack by someone " );
dbgtext( "attempting to exploit an old bug.\n" );
- dbgtext( "Attack was from IP = %s.\n", client_addr(Client) );
+ dbgtext( "Attack was from IP = %s.\n", client_addr() );
}
exit_server("possible attack");
}
@@ -2048,7 +2047,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
if(global_oplock_break)
{
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
DEBUG(5,("readbraw - oplock break finished\n"));
return -1;
}
@@ -2061,7 +2060,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
*/
DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
return(-1);
}
@@ -2088,7 +2087,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
return(-1);
}
@@ -2098,7 +2097,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n",
(double)startpos ));
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
return(-1);
}
}
@@ -2167,7 +2166,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
if (ret < mincount) ret = 0;
_smb_setlen(header,ret);
- transfer_file(0,Client,0,header,4+ret,0);
+ transfer_file(0,smbd_server_fd(),0,header,4+ret,0);
#endif /* UNSAFE_READRAW */
DEBUG(5,("readbraw finished\n"));
@@ -2403,10 +2402,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size,
CVAL(outbuf,smb_com) = SMBwritebraw;
SSVALS(outbuf,smb_vwv0,-1);
outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
/* Now read the raw data into the buffer and write it */
- if (read_smb_length(Client,inbuf,SMB_SECONDARY_WAIT) == -1) {
+ if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
exit_server("secondary writebraw failed");
}
@@ -2419,7 +2418,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size,
(int)tcount,(int)nwritten,(int)numtowrite));
}
- nwritten = vfs_transfer_file(Client, NULL, -1, fsp,
+ nwritten = vfs_transfer_file(smbd_server_fd(), NULL, -1, fsp,
(SMB_OFF_T)numtowrite,NULL,0,
startpos+nwritten);
total_written += nwritten;
@@ -3002,7 +3001,7 @@ int reply_echo(connection_struct *conn,
smb_setlen(outbuf,outsize - 4);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
DEBUG(3,("echo %d times\n", smb_reverb));
@@ -4346,7 +4345,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,
SSVAL(outbuf,smb_vwv6,nread);
SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
total_read += nread;
startpos += nread;
@@ -4437,7 +4436,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size,
if (write_through && tcount==nwritten) {
/* we need to send both a primary and a secondary response */
smb_setlen(outbuf,outsize - 4);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
/* now the secondary */
outsize = set_message(outbuf,1,0,True);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 401c236374..576f6d14d2 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -47,6 +47,26 @@ extern int dcelogin_atmost_once;
extern fstring remote_machine;
extern pstring OriginalDir;
+
+/* really we should have a top level context structure that has the
+ client file descriptor as an element. That would require a major rewrite :(
+
+ the following 2 functions are an alternative - they make the file
+ descriptor private to smbd
+ */
+static int server_fd;
+
+int smbd_server_fd(void)
+{
+ return server_fd;
+}
+
+void smbd_set_server_fd(int fd)
+{
+ server_fd = fd;
+ client_setfd(fd);
+}
+
/****************************************************************************
when exiting, take the whole family
****************************************************************************/
@@ -70,18 +90,16 @@ static void killkids(void)
****************************************************************************/
static BOOL open_sockets_inetd(void)
{
- extern int Client;
-
/* Started from inetd. fd 0 is the socket. */
/* We will abort gracefully when the client or remote system
goes away */
- Client = dup(0);
+ smbd_set_server_fd(dup(0));
/* close our standard file descriptors */
close_low_fds();
- set_socket_options(Client,"SO_KEEPALIVE");
- set_socket_options(Client,user_socket_options);
+ set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
+ set_socket_options(smbd_server_fd(),user_socket_options);
return True;
}
@@ -92,7 +110,6 @@ static BOOL open_sockets_inetd(void)
****************************************************************************/
static BOOL open_sockets(BOOL is_daemon,int port)
{
- extern int Client;
int num_interfaces = iface_count();
int fd_listenset[FD_SETSIZE];
fd_set listen_set;
@@ -211,18 +228,18 @@ max can be %d\n",
}
}
- Client = accept(s,&addr,&in_addrlen);
+ smbd_set_server_fd(accept(s,&addr,&in_addrlen));
- if (Client == -1 && errno == EINTR)
+ if (smbd_server_fd() == -1 && errno == EINTR)
continue;
- if (Client == -1) {
+ if (smbd_server_fd() == -1) {
DEBUG(0,("open_sockets: accept: %s\n",
strerror(errno)));
continue;
}
- if (Client != -1 && fork()==0) {
+ if (smbd_server_fd() != -1 && fork()==0) {
/* Child code ... */
/* close the listening socket(s) */
@@ -234,8 +251,8 @@ max can be %d\n",
close_low_fds();
am_parent = 0;
- set_socket_options(Client,"SO_KEEPALIVE");
- set_socket_options(Client,user_socket_options);
+ set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
+ set_socket_options(smbd_server_fd(),user_socket_options);
/* Reset global variables in util.c so
that client substitutions will be
@@ -252,7 +269,7 @@ max can be %d\n",
return True;
}
/* The parent doesn't need this socket */
- close(Client);
+ close(smbd_server_fd());
/* Force parent to check log size after
* spawning child. Fix from
@@ -320,10 +337,9 @@ BOOL reload_services(BOOL test)
load_interfaces();
{
- extern int Client;
- if (Client != -1) {
- set_socket_options(Client,"SO_KEEPALIVE");
- set_socket_options(Client,user_socket_options);
+ if (smbd_server_fd() != -1) {
+ set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
+ set_socket_options(smbd_server_fd(),user_socket_options);
}
}
@@ -776,7 +792,6 @@ static void usage(char *pname)
exit(1);
smbd_process();
- close_sockets();
exit_server("normal exit");
return(0);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 3abd55de0c..24ba79906b 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -195,7 +195,6 @@ connection_struct *make_connection(char *service,char *user,char *password, int
struct passwd *pass = NULL;
BOOL guest = False;
BOOL force = False;
- extern int Client;
connection_struct *conn;
int ret;
@@ -203,7 +202,6 @@ connection_struct *make_connection(char *service,char *user,char *password, int
snum = find_service(service);
if (snum < 0) {
- extern int Client;
if (strequal(service,"IPC$")) {
DEBUG(3,("refusing IPC connection\n"));
*ecode = ERRnoipc;
@@ -211,7 +209,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
}
DEBUG(0,("%s (%s) couldn't find service %s\n",
- remote_machine, client_addr(Client), service));
+ remote_machine, client_addr(), service));
*ecode = ERRinvnetname;
return NULL;
}
@@ -247,7 +245,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
}
if (!lp_snum_ok(snum) ||
- !check_access(Client,
+ !check_access(smbd_server_fd(),
lp_hostsallow(snum), lp_hostsdeny(snum))) {
*ecode = ERRaccess;
return NULL;
@@ -342,7 +340,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
conn->vuid = vuid;
conn->uid = pass->pw_uid;
conn->gid = pass->pw_gid;
- safe_strcpy(conn->client_address, client_addr(Client), sizeof(conn->client_address)-1);
+ safe_strcpy(conn->client_address, client_addr(), sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = time(NULL);
conn->service = snum;
diff --git a/source3/smbd/ssl.c b/source3/smbd/ssl.c
index be9aae7c5c..65d6532d48 100644
--- a/source3/smbd/ssl.c
+++ b/source3/smbd/ssl.c
@@ -248,20 +248,20 @@ char *reqHosts, *resignHosts;
reqHosts = lp_ssl_hosts();
resignHosts = lp_ssl_hosts_resign();
- if(!allow_access(resignHosts, reqHosts, client_name(fd), client_addr(fd))){
+ if(!allow_access(resignHosts, reqHosts, get_socket_name(fd), get_socket_addr(fd))){
sslEnabled = False;
return 0;
}
if(msg_type != 0x81){ /* first packet must be a session request */
DEBUG( 0, ( "Client %s did not use session setup; access denied\n",
- client_addr(fd) ) );
+ client_addr() ) );
send_smb(fd, (char *)buf);
return -1;
}
buf[4] = 0x8e; /* negative session response: use SSL */
send_smb(fd, (char *)buf);
if(sslutil_accept(fd) != 0){
- DEBUG( 0, ( "Client %s failed SSL negotiation!\n", client_addr(fd) ) );
+ DEBUG( 0, ( "Client %s failed SSL negotiation!\n", client_addr() ) );
return -1;
}
return 1;
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index f1fa30b0c6..2ca06ab746 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -27,7 +27,6 @@
extern int DEBUGLEVEL;
extern int Protocol;
extern BOOL case_sensitive;
-extern int Client;
extern int smb_read_error;
extern fstring local_machine;
extern int global_oplock_break;
@@ -66,7 +65,7 @@ static int send_trans2_replies(char *outbuf, int bufsize, char *params,
the empty packet */
if(params_to_send == 0 && data_to_send == 0)
{
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
return 0;
}
@@ -161,7 +160,7 @@ static int send_trans2_replies(char *outbuf, int bufsize, char *params,
params_to_send, data_to_send, paramsize, datasize));
/* Send the packet */
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
pp += params_sent_thistime;
pd += data_sent_thistime;
@@ -2288,7 +2287,7 @@ int reply_trans2(connection_struct *conn,
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
while (num_data_sofar < total_data ||
num_params_sofar < total_params) {
diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index b33feb30c2..ea73a0f1a7 100644
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -504,7 +504,7 @@ void cgi_setup(char *rootdir, int auth_required)
f = sys_fopen("/tmp/cgi.log", "a");
if (f) fprintf(f,"\n[Date: %s %s (%s)]\n",
http_timestring(time(NULL)),
- client_name(1), client_addr(1));
+ get_socket_name(1), get_socket_addr(1));
#endif
/* we are a mini-web server. We need to read the request from stdin
@@ -604,7 +604,7 @@ return the hostname of the client
char *cgi_remote_host(void)
{
if (inetd_server) {
- return client_name(1);
+ return get_socket_name(1);
}
return getenv("REMOTE_HOST");
}
@@ -615,7 +615,7 @@ return the hostname of the client
char *cgi_remote_addr(void)
{
if (inetd_server) {
- return client_addr(1);
+ return get_socket_addr(1);
}
return getenv("REMOTE_ADDR");
}