diff options
author | Andrew Tridgell <tridge@samba.org> | 1996-10-05 10:41:13 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1996-10-05 10:41:13 +0000 |
commit | e5893bdfbef0ac16772199d7ec6fac7d3e4f8431 (patch) | |
tree | c531a4507eead09e646760bfc7a7412bcca86522 /source3/lib/util.c | |
parent | c33d98d5731cf7901c11786b9cbfe25ac59e0b83 (diff) | |
download | samba-e5893bdfbef0ac16772199d7ec6fac7d3e4f8431.tar.gz samba-e5893bdfbef0ac16772199d7ec6fac7d3e4f8431.tar.bz2 samba-e5893bdfbef0ac16772199d7ec6fac7d3e4f8431.zip |
I have fixed quite a few important bugs in this commit.
Luke, can you take special note of the bug fixes to nmbd so you can
propogate them to your new code.
- rewrote the code that used to use fromhost(). We now call
gethostbyaddr() only if necessary and a maximum of once per
connection. Calling gethostbyaddr() causes problems on some systems so
avoiding it if possible is a good thing :-)
- added the "fake oplocks" option. See the docs in smb.conf(5) and
Speed.txt
- fixed a serious bug in nmbd where it would try a DNS lookup on
FIND_SELF queries. This caused a lot of unnecessary (and incorrect)
DNS lookups to happen. FIND_SELF queries should only go to the
internal name tables.
- don't set FIND_SELF for name queries if we are a wins proxy, as we
are supposed to be answering queries for other hosts.
- fixed a bug in nmbd which had "if (search | FIND_LOCAL)" instead of
"if (search & FIND_LOCAL)". Luke, this was in nameservreply.c
- the above 3 bugs together meant that DNS queries were being cached,
but the cache wasn't being used, so every query was going to DNS, no
wonder nmbd has been chewing so much CPU time! Another side effect was
that queries on names in lmhosts weren't being answered for bcast
queries with "wins proxy" set.
- ignore the maxxmit for seconday session setups (see CIFS spec)
- close user opened files in a uLogoffX for user level security (see
CIFS spec)
- added uid into the files struct to support the above change
(This used to be commit ea472b7217b7693627a13a7b1e428a0a6a3d8755)
Diffstat (limited to 'source3/lib/util.c')
-rw-r--r-- | source3/lib/util.c | 117 |
1 files changed, 111 insertions, 6 deletions
diff --git a/source3/lib/util.c b/source3/lib/util.c index efe91a5046..d82dbddb44 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -38,10 +38,6 @@ FILE *dbf = NULL; /* the client file descriptor */ int Client = -1; -/* info on the client */ -struct from_host Client_info= -{"UNKNOWN","0.0.0.0",NULL}; - /* the last IP received from */ struct in_addr lastip; @@ -3009,6 +3005,114 @@ BOOL zero_ip(struct in_addr ip) return(a == 0); } + +/* matchname - determine if host name matches IP address */ +static BOOL matchname(char *remotehost,struct in_addr addr) +{ + struct hostent *hp; + int i; + + if ((hp = Get_Hostbyname(remotehost)) == 0) { + DEBUG(0,("Get_Hostbyname(%s): lookup failure", remotehost)); + return False; + } + + /* + * Make sure that gethostbyname() returns the "correct" host name. + * Unfortunately, gethostbyname("localhost") sometimes yields + * "localhost.domain". Since the latter host name comes from the + * local DNS, we just have to trust it (all bets are off if the local + * DNS is perverted). We always check the address list, though. + */ + + if (strcasecmp(remotehost, hp->h_name) + && strcasecmp(remotehost, "localhost")) { + DEBUG(0,("host name/name mismatch: %s != %s", + remotehost, hp->h_name)); + return False; + } + + /* Look up the host address in the address list we just got. */ + for (i = 0; hp->h_addr_list[i]; i++) { + if (memcmp(hp->h_addr_list[i], (caddr_t) & addr, sizeof(addr)) == 0) + return True; + } + + /* + * The host name does not map to the original host address. Perhaps + * someone has compromised a name server. More likely someone botched + * it, but that could be dangerous, too. + */ + + DEBUG(0,("host name/address mismatch: %s != %s", + inet_ntoa(addr), hp->h_name)); + return False; +} + +/* return the DNS name of the client */ +char *client_name(void) +{ + extern int Client; + struct sockaddr sa; + struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); + int length = sizeof(sa); + static pstring name_buf; + static BOOL done = False; + struct hostent *hp; + + if (done) + return name_buf; + + done = True; + strcpy(name_buf,"UNKNOWN"); + + if (getpeername(Client, &sa, &length) < 0) { + DEBUG(0,("getpeername failed\n")); + return name_buf; + } + + /* Look up the remote host name. */ + if ((hp = gethostbyaddr((char *) &sockin->sin_addr, + sizeof(sockin->sin_addr), + AF_INET)) == 0) { + DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr())); + StrnCpy(name_buf,client_addr(),sizeof(name_buf) - 1); + } else { + StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1); + if (!matchname(name_buf, sockin->sin_addr)) { + DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr())); + strcpy(name_buf,"UNKNOWN"); + } + } + return name_buf; +} + +/* return the IP addr of the client as a string */ +char *client_addr(void) +{ + extern int Client; + struct sockaddr sa; + struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa); + int length = sizeof(sa); + static fstring addr_buf; + static BOOL done = False; + + if (done) + return addr_buf; + + done = True; + strcpy(addr_buf,"0.0.0.0"); + + if (getpeername(Client, &sa, &length) < 0) { + DEBUG(0,("getpeername failed\n")); + return addr_buf; + } + + strcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr)); + + return addr_buf; +} + /******************************************************************* sub strings with useful parameters ********************************************************************/ @@ -3029,8 +3133,9 @@ void standard_sub_basic(char *s) if (!strchr(s,'%')) return; - string_sub(s,"%I",Client_info.addr); - string_sub(s,"%M",Client_info.name); + string_sub(s,"%I",client_addr()); + if (strstr(s,"%M")) + string_sub(s,"%M",client_name()); string_sub(s,"%T",timestring()); if (!strchr(s,'%')) return; |