I have fixed quite a few important bugs in this commit.

Luke, can you take special note of the bug fixes to nmbd so you can
propogate them to your new code.

- rewrote the code that used to use fromhost(). We now call
gethostbyaddr() only if necessary and a maximum of once per
connection. Calling gethostbyaddr() causes problems on some systems so
avoiding it if possible is a good thing :-)

- added the "fake oplocks" option. See the docs in smb.conf(5) and
Speed.txt

- fixed a serious bug in nmbd where it would try a DNS lookup on
FIND_SELF queries. This caused a lot of unnecessary (and incorrect)
DNS lookups to happen. FIND_SELF queries should only go to the
internal name tables.

- don't set FIND_SELF for name queries if we are a wins proxy, as we
are supposed to be answering queries for other hosts.

- fixed a bug in nmbd which had "if (search | FIND_LOCAL)" instead of
"if (search & FIND_LOCAL)". Luke, this was in nameservreply.c

- the above 3 bugs together meant that DNS queries were being cached,
but the cache wasn't being used, so every query was going to DNS, no
wonder nmbd has been chewing so much CPU time! Another side effect was
that queries on names in lmhosts weren't being answered for bcast
queries with "wins proxy" set.

- ignore the maxxmit for seconday session setups (see CIFS spec)

- close user opened files in a uLogoffX for user level security (see
CIFS spec)

- added uid into the files struct to support the above change
(This used to be commit ea472b7217b7693627a13a7b1e428a0a6a3d8755)

4 files changed, 47 insertions, 22 deletions

diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 41dfd838ed..d17bb86be4 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -1207,20 +1207,15 @@ BOOL check_hosts_equiv(char *user)
   pstring rhostsfile;
   struct passwd *pass = Get_Pwnam(user,True);
 
-  extern struct from_host Client_info;
-  extern int Client;
-
   if (!pass) 
     return(False);
 
-  fromhost(Client,&Client_info);
-
   fname = lp_hosts_equiv();
 
   /* note: don't allow hosts.equiv on root */
   if (fname && *fname && (pass->pw_uid != 0))
     {
-      if (check_user_equiv(user,Client_info.name,fname))
+      if (check_user_equiv(user,client_name(),fname))
 	return(True);
     }
   
@@ -1230,7 +1225,7 @@ BOOL check_hosts_equiv(char *user)
       if (home)
 	{
 	  sprintf(rhostsfile, "%s/.rhosts", home);
-	  if (check_user_equiv(user,Client_info.name,rhostsfile))
+	  if (check_user_equiv(user,client_name(),rhostsfile))
 	    return(True);
 	}
     }
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 63c0a7027e..7b8f4a502f 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -323,6 +323,7 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   pstring user;
   BOOL guest=False;
   BOOL computer_id=False;
+  static BOOL done_sesssetup = False;
 
   *smb_apasswd = 0;
   
@@ -489,7 +490,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
      to a uid can get through without a password, on the same VC */
   register_uid(SVAL(inbuf,smb_uid),gid,user,guest);
  
-  maxxmit = MIN(maxxmit,smb_bufsize);
+  if (!done_sesssetup)
+    maxxmit = MIN(maxxmit,smb_bufsize);
+
+  done_sesssetup = True;
 
   return chain_reply(inbuf,outbuf,length,bufsize);
 }
@@ -983,6 +987,10 @@ int reply_open(char *inbuf,char *outbuf)
   put_dos_date3(outbuf,smb_vwv2,mtime);
   SIVAL(outbuf,smb_vwv4,size);
   SSVAL(outbuf,smb_vwv6,rmode);
+
+  if (lp_fake_oplocks(SNUM(cnum))) {
+    CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5));
+  }
     
   return(outsize);
 }
@@ -999,6 +1007,7 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
   int openmode = 0;
   int smb_mode = SVAL(inbuf,smb_vwv3);
   int smb_attr = SVAL(inbuf,smb_vwv5);
+  BOOL oplock_request = BITSETW(inbuf+smb_vwv2,1);
 #if 0
   int open_flags = SVAL(inbuf,smb_vwv2);
   int smb_sattr = SVAL(inbuf,smb_vwv4); 
@@ -1053,6 +1062,10 @@ int reply_open_and_X(char *inbuf,char *outbuf,int length,int bufsize)
     return(ERROR(ERRDOS,ERRnoaccess));
   }
 
+  if (oplock_request && lp_fake_oplocks(SNUM(cnum))) {
+    smb_action |= (1<<15);
+  }
+
   set_message(outbuf,15,0,True);
   SSVAL(outbuf,smb_vwv2,fnum);
   SSVAL(outbuf,smb_vwv3,fmode);
@@ -1076,6 +1089,16 @@ int reply_ulogoffX(char *inbuf,char *outbuf,int length,int bufsize)
 
   invalidate_uid(uid);
 
+  /* in user level security we are supposed to close any files
+     open by this user */
+  if (lp_security() != SEC_SHARE) {
+    int i;
+    for (i=0;i<MAX_OPEN_FILES;i++)
+      if (Files[i].uid == uid && Files[i].open) {
+	close_file(i);
+      }
+  }
+
   set_message(outbuf,2,0,True);
 
   DEBUG(3,("%s ulogoffX uid=%d\n",timestring(),uid));
@@ -1127,6 +1150,10 @@ int reply_mknew(char *inbuf,char *outbuf)
   
   outsize = set_message(outbuf,1,0,True);
   SSVAL(outbuf,smb_vwv0,fnum);
+
+  if (lp_fake_oplocks(SNUM(cnum))) {
+    CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5));
+  }
   
   DEBUG(2,("new file %s\n",fname));
   DEBUG(3,("%s mknew %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname,Files[fnum].fd,fnum,cnum,createmode,unixmode));
@@ -1173,6 +1200,10 @@ int reply_ctemp(char *inbuf,char *outbuf)
   SSVAL(outbuf,smb_vwv0,fnum);
   CVAL(smb_buf(outbuf),0) = 4;
   strcpy(smb_buf(outbuf) + 1,fname2);
+
+  if (lp_fake_oplocks(SNUM(cnum))) {
+    CVAL(outbuf,smb_flg) |= (CVAL(inbuf,smb_flg) & (1<<5));
+  }
   
   DEBUG(2,("created temp file %s\n",fname2));
   DEBUG(3,("%s ctemp %s fd=%d fnum=%d cnum=%d dmode=%d umode=%o\n",timestring(),fname2,Files[fnum].fd,fnum,cnum,createmode,unixmode));
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 9ad7840465..e0e9838a74 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -714,6 +714,7 @@ open a file
 ****************************************************************************/
 void open_file(int fnum,int cnum,char *fname1,int flags,int mode)
 {
+  extern struct current_user current_user;
   pstring fname;
 
   Files[fnum].open = False;
@@ -826,6 +827,7 @@ void open_file(int fnum,int cnum,char *fname1,int flags,int mode)
       fstat(Files[fnum].fd,&st);
       Files[fnum].mode = st.st_mode;
       Files[fnum].open_time = time(NULL);
+      Files[fnum].uid = current_user.id;
       Files[fnum].size = 0;
       Files[fnum].pos = -1;
       Files[fnum].open = True;
@@ -2157,10 +2159,10 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de
   unbecome_user();
 
   {
-    extern struct from_host Client_info;
     DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
 			    timestring(),
-			    Client_info.name,Client_info.addr,
+			    remote_machine,
+			    client_addr(),
 			    lp_servicename(SNUM(cnum)),user,
 			    pcon->uid,
 			    pcon->gid,
@@ -2597,8 +2599,6 @@ close a cnum
 ****************************************************************************/
 void close_cnum(int cnum, int uid)
 {
-  extern struct from_host Client_info;
-
   DirCacheFlush(SNUM(cnum));
 
   unbecome_user();
@@ -2611,7 +2611,7 @@ void close_cnum(int cnum, int uid)
 
   DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
 			  timestring(),
-			  Client_info.name,Client_info.addr,
+			  remote_machine,client_addr(),
 			  lp_servicename(SNUM(cnum))));
 
   yield_connection(cnum,
@@ -2825,11 +2825,8 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear)
   StrnCpy(crec.name,lp_servicename(snum),sizeof(crec.name)-1);
   crec.start = time(NULL);
 
-  {
-    extern struct from_host Client_info;
-    StrnCpy(crec.machine,Client_info.name,sizeof(crec.machine)-1);
-    StrnCpy(crec.addr,Client_info.addr,sizeof(crec.addr)-1);
-  }
+  StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1);
+  StrnCpy(crec.addr,client_addr(),sizeof(crec.addr)-1);
   
   /* make our mark */
   if (fseek(f,foundi*sizeof(crec),SEEK_SET) != 0 ||
@@ -2977,7 +2974,7 @@ struct smb_message_struct
    {SMBecho,"SMBecho",reply_echo,0},
    {SMBsesssetupX,"SMBsesssetupX",reply_sesssetup_and_X,0},
    {SMBtconX,"SMBtconX",reply_tcon_and_X,0},
-   {SMBulogoffX, "SMBulogoffX", reply_ulogoffX, 0}, 
+   {SMBulogoffX, "SMBulogoffX", reply_ulogoffX, AS_USER}, 
    {SMBgetatr,"SMBgetatr",reply_getatr,AS_USER},
    {SMBsetatr,"SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
    {SMBchkpth,"SMBchkpth",reply_chkpth,AS_USER},
@@ -3350,11 +3347,8 @@ static void process(void)
 {
   static int trans_num = 0;
   int nread;
-  extern struct from_host Client_info;
   extern int Client;
 
-  fromhost(Client,&Client_info);
-  
   InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
   OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
   if ((InBuffer == NULL) || (OutBuffer == NULL)) 
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 9b5419010e..53af9acbf5 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -163,6 +163,7 @@ static int call_trans2open(char *inbuf, char *outbuf, int bufsize, int cnum,
   char *params = *pparams;
   int16 open_mode = SVAL(params, 2);
   int16 open_attr = SVAL(params,6);
+  BOOL oplock_request = BITSETW(params,1);
 #if 0
   BOOL return_additional_info = BITSETW(params,0);
   int16 open_sattr = SVAL(params, 4);
@@ -232,6 +233,10 @@ static int call_trans2open(char *inbuf, char *outbuf, int bufsize, int cnum,
   SIVAL(params,8, size);
   SSVAL(params,12,rmode);
 
+  if (oplock_request && lp_fake_oplocks(SNUM(cnum))) {
+    smb_action |= (1<<15);
+  }
+
   SSVAL(params,18,smb_action);
   SIVAL(params,20,inode);