summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-10-11 14:44:10 +0200
committerJelmer Vernooij <jelmer@samba.org>2008-10-11 14:44:10 +0200
commit6a78e56277799672b7ac187c57e546836e136f79 (patch)
tree87f0336cb1908d01690b74c56a44f4713559b5bc /source3/smbd
parentddbddbd80c80b872cdd36a01f9a3a6bc2eca1b1f (diff)
parentf0a27064869871806343648de3b5a0667118872f (diff)
downloadsamba-6a78e56277799672b7ac187c57e546836e136f79.tar.gz
samba-6a78e56277799672b7ac187c57e546836e136f79.tar.bz2
samba-6a78e56277799672b7ac187c57e546836e136f79.zip
Merge branch 'master' of ssh://git.samba.org/data/git/samba into arc4
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/conn.c2
-rw-r--r--source3/smbd/connection.c38
-rw-r--r--source3/smbd/fake_file.c8
-rw-r--r--source3/smbd/files.c20
-rw-r--r--source3/smbd/ipc.c14
-rw-r--r--source3/smbd/nttrans.c5
-rw-r--r--source3/smbd/open.c8
-rw-r--r--source3/smbd/posix_acls.c79
-rw-r--r--source3/smbd/process.c193
-rw-r--r--source3/smbd/reply.c12
-rw-r--r--source3/smbd/server.c31
11 files changed, 124 insertions, 286 deletions
diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
index b9433bb965..7f34d2b8e2 100644
--- a/source3/smbd/conn.c
+++ b/source3/smbd/conn.c
@@ -252,8 +252,8 @@ void conn_free_internal(connection_struct *conn)
/* Free vfs_connection_struct */
handle = conn->vfs_handles;
while(handle) {
- DLIST_REMOVE(conn->vfs_handles, handle);
thandle = handle->next;
+ DLIST_REMOVE(conn->vfs_handles, handle);
if (handle->free_data)
handle->free_data(&handle->data);
handle = thandle;
diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c
index 8dd5964f5f..fd83f77725 100644
--- a/source3/smbd/connection.c
+++ b/source3/smbd/connection.c
@@ -2,17 +2,17 @@
Unix SMB/CIFS implementation.
connection claim routines
Copyright (C) Andrew Tridgell 1998
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -63,7 +63,7 @@ static int count_fn(struct db_record *rec,
void *udp)
{
struct count_stat *cs = (struct count_stat *)udp;
-
+
if (crec->cnum == -1) {
return 0;
}
@@ -159,7 +159,7 @@ bool claim_connection(connection_struct *conn, const char *name,
}
crec.start = time(NULL);
crec.bcast_msg_flags = msg_flags;
-
+
strlcpy(crec.machine,get_remote_machine_name(),sizeof(crec.machine));
strlcpy(crec.addr,conn?conn->client_address:
client_addr(get_client_fd(),addr,sizeof(addr)),
@@ -232,17 +232,17 @@ static TDB_DATA* make_pipe_rec_key( struct pipe_open_rec *prec )
{
TDB_DATA *kbuf = NULL;
fstring key_string;
-
+
if ( !prec )
return NULL;
-
+
if ( (kbuf = TALLOC_P(prec, TDB_DATA)) == NULL ) {
return NULL;
}
-
+
snprintf( key_string, sizeof(key_string), "%s/%d/%d",
prec->name, procid_to_pid(&prec->pid), prec->pnum );
-
+
*kbuf = string_term_tdb_data(talloc_strdup(prec, key_string));
if (kbuf->dptr == NULL )
return NULL;
@@ -273,17 +273,17 @@ bool store_pipe_opendb( smb_np_struct *p )
TDB_DATA *key;
TDB_DATA data;
bool ret = False;
-
- if ( (prec = TALLOC_P( NULL, struct pipe_open_rec)) == NULL ) {
+
+ if ( (prec = TALLOC_P( talloc_tos(), struct pipe_open_rec)) == NULL ) {
DEBUG(0,("store_pipe_opendb: talloc failed!\n"));
return False;
}
-
+
fill_pipe_open_rec( prec, p );
if ( (key = make_pipe_rec_key( prec )) == NULL ) {
goto done;
}
-
+
data.dptr = (uint8 *)prec;
data.dsize = sizeof(struct pipe_open_rec);
@@ -293,7 +293,7 @@ bool store_pipe_opendb( smb_np_struct *p )
}
ret = NT_STATUS_IS_OK(dbrec->store(dbrec, data, TDB_REPLACE));
-
+
done:
TALLOC_FREE( prec );
return ret;
@@ -308,24 +308,24 @@ bool delete_pipe_opendb( smb_np_struct *p )
struct pipe_open_rec *prec;
TDB_DATA *key;
bool ret = False;
-
- if ( (prec = TALLOC_P( NULL, struct pipe_open_rec)) == NULL ) {
+
+ if ( (prec = TALLOC_P( talloc_tos(), struct pipe_open_rec)) == NULL ) {
DEBUG(0,("store_pipe_opendb: talloc failed!\n"));
return False;
}
-
+
fill_pipe_open_rec( prec, p );
if ( (key = make_pipe_rec_key( prec )) == NULL ) {
goto done;
}
-
+
if (!(dbrec = connections_fetch_record(prec, *key))) {
DEBUG(0, ("connections_fetch_record failed\n"));
goto done;
}
ret = NT_STATUS_IS_OK(dbrec->delete_rec(dbrec));
-
+
done:
TALLOC_FREE( prec );
return ret;
diff --git a/source3/smbd/fake_file.c b/source3/smbd/fake_file.c
index 8dd9abee1a..1761cb66a8 100644
--- a/source3/smbd/fake_file.c
+++ b/source3/smbd/fake_file.c
@@ -146,14 +146,6 @@ NTSTATUS open_fake_file(connection_struct *conn,
return NT_STATUS_OK;
}
-void destroy_fake_file_handle(struct fake_file_handle **fh)
-{
- if (!fh) {
- return;
- }
- TALLOC_FREE(*fh);
-}
-
NTSTATUS close_fake_file(files_struct *fsp)
{
file_free(fsp);
diff --git a/source3/smbd/files.c b/source3/smbd/files.c
index 17c473f028..519f4945f2 100644
--- a/source3/smbd/files.c
+++ b/source3/smbd/files.c
@@ -122,10 +122,12 @@ NTSTATUS file_new(connection_struct *conn, files_struct **result)
chain_fsp = fsp;
- /* A new fsp invalidates a negative fsp_fi_cache. */
- if (fsp_fi_cache.fsp == NULL) {
- ZERO_STRUCT(fsp_fi_cache);
- }
+ /* A new fsp invalidates the positive and
+ negative fsp_fi_cache as the new fsp is pushed
+ at the start of the list and we search from
+ a cache hit to the *end* of the list. */
+
+ ZERO_STRUCT(fsp_fi_cache);
*result = fsp;
return NT_STATUS_OK;
@@ -326,8 +328,7 @@ files_struct *file_find_di_first(struct file_id id)
fsp_fi_cache.id = id;
for (fsp=Files;fsp;fsp=fsp->next) {
- if ( fsp->fh->fd != -1 &&
- file_id_equal(&fsp->file_id, &id)) {
+ if (file_id_equal(&fsp->file_id, &id)) {
/* Setup positive cache. */
fsp_fi_cache.fsp = fsp;
return fsp;
@@ -348,8 +349,7 @@ files_struct *file_find_di_next(files_struct *start_fsp)
files_struct *fsp;
for (fsp = start_fsp->next;fsp;fsp=fsp->next) {
- if ( fsp->fh->fd != -1 &&
- file_id_equal(&fsp->file_id, &start_fsp->file_id)) {
+ if (file_id_equal(&fsp->file_id, &start_fsp->file_id)) {
return fsp;
}
}
@@ -400,9 +400,7 @@ void file_free(files_struct *fsp)
string_free(&fsp->fsp_name);
- if (fsp->fake_file_handle) {
- destroy_fake_file_handle(&fsp->fake_file_handle);
- }
+ TALLOC_FREE(fsp->fake_file_handle);
if (fsp->fh->ref_count == 1) {
SAFE_FREE(fsp->fh);
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index f4c45999ba..a824ab7fd3 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -5,17 +5,17 @@
SMB Version handling
Copyright (C) John H Terpstra 1995-1998
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
@@ -162,7 +162,7 @@ void send_trans_reply(connection_struct *conn, const uint8_t *inbuf,
copy_trans_params_and_data(outbuf, align,
rparam, tot_param_sent, this_lparam,
rdata, tot_data_sent, this_ldata);
-
+
SSVAL(outbuf,smb_vwv3,this_lparam);
SSVAL(outbuf,smb_vwv4,smb_offset(smb_buf(outbuf)+1,outbuf));
SSVAL(outbuf,smb_vwv5,tot_param_sent);
@@ -318,7 +318,7 @@ static void api_fd_reply(connection_struct *conn, uint16 vuid,
/* Get the file handle and hence the file name. */
/*
* NB. The setup array has already been transformed
- * via SVAL and so is in gost byte order.
+ * via SVAL and so is in host byte order.
*/
pnum = ((int)setup[1]) & 0xFFFF;
subcommand = ((int)setup[0]) & 0xFFFF;
@@ -735,11 +735,11 @@ void reply_transs(struct smb_request *req)
state->received_param += pcnt;
state->received_data += dcnt;
-
+
if ((state->received_data > state->total_data) ||
(state->received_param > state->total_param))
goto bad_param;
-
+
if (pcnt) {
if (pdisp > state->total_param ||
pcnt > state->total_param ||
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 584399c86c..43492bf8b6 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -22,6 +22,7 @@
extern int max_send;
extern enum protocol_types Protocol;
+extern const struct generic_mapping file_generic_mapping;
static char *nttrans_realloc(char **ptr, size_t size)
{
@@ -739,6 +740,10 @@ static NTSTATUS set_sd(files_struct *fsp, uint8 *data, uint32 sd_len,
security_info_sent &= ~DACL_SECURITY_INFORMATION;
}
+ /* Convert all the generic bits. */
+ security_acl_map_generic(psd->dacl, &file_generic_mapping);
+ security_acl_map_generic(psd->sacl, &file_generic_mapping);
+
status = SMB_VFS_FSET_NT_ACL(fsp, security_info_sent, psd);
TALLOC_FREE(psd);
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 71191475b3..8727e80d5f 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2608,9 +2608,7 @@ NTSTATUS create_file_unixpath(connection_struct *conn,
&& (create_disposition != FILE_CREATE)
&& (share_access & FILE_SHARE_DELETE)
&& (access_mask & DELETE_ACCESS)
- && (((dos_mode(conn, fname, &sbuf) & FILE_ATTRIBUTE_READONLY)
- && !lp_delete_readonly(SNUM(conn)))
- || !can_delete_file_in_directory(conn, fname))) {
+ && (!can_delete_file_in_directory(conn, fname))) {
status = NT_STATUS_ACCESS_DENIED;
goto fail;
}
@@ -2766,6 +2764,10 @@ NTSTATUS create_file_unixpath(connection_struct *conn,
fsp->access_mask = FILE_GENERIC_ALL;
+ /* Convert all the generic bits. */
+ security_acl_map_generic(sd->dacl, &file_generic_mapping);
+ security_acl_map_generic(sd->sacl, &file_generic_mapping);
+
status = SMB_VFS_FSET_NT_ACL(fsp, sec_info_sent, sd);
fsp->access_mask = saved_access_mask;
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 7479aea076..4e35e9deaa 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -890,13 +890,12 @@ static bool nt4_compatible_acls(void)
not get. Deny entries are implicit on get with ace->perms = 0.
****************************************************************************/
-static SEC_ACCESS map_canon_ace_perms(int snum,
+static uint32_t map_canon_ace_perms(int snum,
enum security_ace_type *pacl_type,
mode_t perms,
bool directory_ace)
{
- SEC_ACCESS sa;
- uint32 nt_mask = 0;
+ uint32_t nt_mask = 0;
*pacl_type = SEC_ACE_TYPE_ACCESS_ALLOWED;
@@ -935,8 +934,7 @@ static SEC_ACCESS map_canon_ace_perms(int snum,
DEBUG(10,("map_canon_ace_perms: Mapped (UNIX) %x to (NT) %x\n",
(unsigned int)perms, (unsigned int)nt_mask ));
- init_sec_access(&sa,nt_mask);
- return sa;
+ return nt_mask;
}
/****************************************************************************
@@ -988,7 +986,7 @@ static mode_t map_nt_perms( uint32 *mask, int type)
Unpack a SEC_DESC into a UNIX owner and group.
****************************************************************************/
-NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS unpack_nt_owners(int snum, uid_t *puser, gid_t *pgrp, uint32 security_info_sent, const SEC_DESC *psd)
{
DOM_SID owner_sid;
DOM_SID grp_sid;
@@ -1329,11 +1327,13 @@ static void check_owning_objs(canon_ace *ace, DOM_SID *pfile_owner_sid, DOM_SID
Unpack a SEC_DESC into two canonical ace lists.
****************************************************************************/
-static bool create_canon_ace_lists(files_struct *fsp, SMB_STRUCT_STAT *pst,
- DOM_SID *pfile_owner_sid,
- DOM_SID *pfile_grp_sid,
- canon_ace **ppfile_ace, canon_ace **ppdir_ace,
- SEC_ACL *dacl)
+static bool create_canon_ace_lists(files_struct *fsp,
+ SMB_STRUCT_STAT *pst,
+ DOM_SID *pfile_owner_sid,
+ DOM_SID *pfile_grp_sid,
+ canon_ace **ppfile_ace,
+ canon_ace **ppdir_ace,
+ const SEC_ACL *dacl)
{
bool all_aces_are_inherit_only = (fsp->is_directory ? True : False);
canon_ace *file_ace = NULL;
@@ -2016,12 +2016,14 @@ static mode_t create_default_mode(files_struct *fsp, bool interitable_mode)
succeeding.
****************************************************************************/
-static bool unpack_canon_ace(files_struct *fsp,
- SMB_STRUCT_STAT *pst,
- DOM_SID *pfile_owner_sid,
- DOM_SID *pfile_grp_sid,
- canon_ace **ppfile_ace, canon_ace **ppdir_ace,
- uint32 security_info_sent, SEC_DESC *psd)
+static bool unpack_canon_ace(files_struct *fsp,
+ SMB_STRUCT_STAT *pst,
+ DOM_SID *pfile_owner_sid,
+ DOM_SID *pfile_grp_sid,
+ canon_ace **ppfile_ace,
+ canon_ace **ppdir_ace,
+ uint32 security_info_sent,
+ const SEC_DESC *psd)
{
canon_ace *file_ace = NULL;
canon_ace *dir_ace = NULL;
@@ -2958,9 +2960,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
*/
for (ace = file_ace; ace != NULL; ace = ace->next) {
- SEC_ACCESS acc;
-
- acc = map_canon_ace_perms(SNUM(conn),
+ uint32_t acc = map_canon_ace_perms(SNUM(conn),
&nt_acl_type,
ace->perms,
S_ISDIR(sbuf->st_mode));
@@ -2975,19 +2975,14 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
/* The User must have access to a profile share - even
* if we can't map the SID. */
if (lp_profile_acls(SNUM(conn))) {
- SEC_ACCESS acc;
-
- init_sec_access(&acc,FILE_GENERIC_ALL);
init_sec_ace(&nt_ace_list[num_aces++],
&global_sid_Builtin_Users,
SEC_ACE_TYPE_ACCESS_ALLOWED,
- acc, 0);
+ FILE_GENERIC_ALL, 0);
}
for (ace = dir_ace; ace != NULL; ace = ace->next) {
- SEC_ACCESS acc;
-
- acc = map_canon_ace_perms(SNUM(conn),
+ uint32_t acc = map_canon_ace_perms(SNUM(conn),
&nt_acl_type,
ace->perms,
S_ISDIR(sbuf->st_mode));
@@ -3005,10 +3000,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn,
/* The User must have access to a profile share - even
* if we can't map the SID. */
if (lp_profile_acls(SNUM(conn))) {
- SEC_ACCESS acc;
-
- init_sec_access(&acc,FILE_GENERIC_ALL);
- init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, acc,
+ init_sec_ace(&nt_ace_list[num_aces++], &global_sid_Builtin_Users, SEC_ACE_TYPE_ACCESS_ALLOWED, FILE_GENERIC_ALL,
SEC_ACE_FLAG_OBJECT_INHERIT|SEC_ACE_FLAG_CONTAINER_INHERIT|
SEC_ACE_FLAG_INHERIT_ONLY|0);
}
@@ -3223,26 +3215,26 @@ int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid)
Take care of parent ACL inheritance.
****************************************************************************/
-static NTSTATUS append_parent_acl(files_struct *fsp,
- SMB_STRUCT_STAT *psbuf,
- SEC_DESC *psd,
+NTSTATUS append_parent_acl(files_struct *fsp,
+ const SEC_DESC *pcsd,
SEC_DESC **pp_new_sd)
{
SEC_DESC *parent_sd = NULL;
files_struct *parent_fsp = NULL;
- TALLOC_CTX *mem_ctx = talloc_parent(psd);
+ TALLOC_CTX *mem_ctx = talloc_tos();
char *parent_name = NULL;
SEC_ACE *new_ace = NULL;
- unsigned int num_aces = psd->dacl->num_aces;
+ unsigned int num_aces = pcsd->dacl->num_aces;
SMB_STRUCT_STAT sbuf;
NTSTATUS status;
int info;
unsigned int i, j;
- bool is_dacl_protected = (psd->type & SE_DESC_DACL_PROTECTED);
+ SEC_DESC *psd = dup_sec_desc(talloc_tos(), pcsd);
+ bool is_dacl_protected = (pcsd->type & SE_DESC_DACL_PROTECTED);
ZERO_STRUCT(sbuf);
- if (mem_ctx == NULL) {
+ if (psd == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -3398,11 +3390,6 @@ static NTSTATUS append_parent_acl(files_struct *fsp,
parent_name));
}
- /* This sucks. psd should be const and we should
- * be doing a deep-copy here. We're getting away
- * with is as we know parent_sd is talloced off
- * talloc_tos() as well as psd. JRA. */
-
psd->dacl->aces = new_ace;
psd->dacl->num_aces = i;
psd->type &= ~(SE_DESC_DACL_AUTO_INHERITED|
@@ -3418,7 +3405,7 @@ static NTSTATUS append_parent_acl(files_struct *fsp,
This should be the only external function needed for the UNIX style set ACL.
****************************************************************************/
-NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
+NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd)
{
connection_struct *conn = fsp->conn;
uid_t user = (uid_t)-1;
@@ -3529,10 +3516,12 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
SE_DESC_DACL_AUTO_INHERIT_REQ))==
(SE_DESC_DACL_AUTO_INHERITED|
SE_DESC_DACL_AUTO_INHERIT_REQ) ) {
- status = append_parent_acl(fsp, &sbuf, psd, &psd);
+ SEC_DESC *new_sd = NULL;
+ status = append_parent_acl(fsp, psd, &new_sd);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
+ psd = new_sd;
}
acl_perms = unpack_canon_ace( fsp, &sbuf, &file_owner_sid, &file_grp_sid,
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index b2d19e11e3..32629fd392 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -706,7 +706,7 @@ The timeout is in milliseconds
****************************************************************************/
static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer,
- size_t *buffer_len, int timeout,
+ size_t *buffer_len,
size_t *p_unread, bool *p_encrypted)
{
fd_set r_fds, w_fds;
@@ -720,13 +720,8 @@ static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer,
again:
- if (timeout >= 0) {
- to.tv_sec = timeout / 1000;
- to.tv_usec = (timeout % 1000) * 1000;
- } else {
- to.tv_sec = SMBD_SELECT_TIMEOUT;
- to.tv_usec = 0;
- }
+ to.tv_sec = SMBD_SELECT_TIMEOUT;
+ to.tv_usec = 0;
/*
* Note that this call must be before processing any SMB
@@ -869,7 +864,7 @@ static NTSTATUS receive_message_or_smb(TALLOC_CTX *mem_ctx, char **buffer,
/* Did we timeout ? */
if (selrtn == 0) {
- return NT_STATUS_IO_TIMEOUT;
+ goto again;
}
/*
@@ -1837,23 +1832,6 @@ void chain_reply(struct smb_request *req)
}
/****************************************************************************
- Setup the needed select timeout in milliseconds.
-****************************************************************************/
-
-static int setup_select_timeout(void)
-{
- int select_timeout;
-
- select_timeout = SMBD_SELECT_TIMEOUT*1000;
-
- if (print_notify_messages_pending()) {
- select_timeout = MIN(select_timeout, 1000);
- }
-
- return select_timeout;
-}
-
-/****************************************************************************
Check if services need reloading.
****************************************************************************/
@@ -1907,113 +1885,18 @@ void check_reload(time_t t)
}
/****************************************************************************
- Process any timeout housekeeping. Return False if the caller should exit.
-****************************************************************************/
-
-static void timeout_processing(int *select_timeout,
- time_t *last_timeout_processing_time)
-{
- time_t t;
-
- *last_timeout_processing_time = t = time(NULL);
-
- /* become root again if waiting */
- change_to_root_user();
-
- /* check if we need to reload services */
- check_reload(t);
-
- if(global_machine_password_needs_changing &&
- /* for ADS we need to do a regular ADS password change, not a domain
- password change */
- lp_security() == SEC_DOMAIN) {
-
- unsigned char trust_passwd_hash[16];
- time_t lct;
- void *lock;
-
- /*
- * We're in domain level security, and the code that
- * read the machine password flagged that the machine
- * password needs changing.
- */
-
- /*
- * First, open the machine password file with an exclusive lock.
- */
-
- lock = secrets_get_trust_account_lock(NULL, lp_workgroup());
-
- if (lock == NULL) {
- DEBUG(0,("process: unable to lock the machine account password for \
-machine %s in domain %s.\n", global_myname(), lp_workgroup() ));
- return;
- }
-
- if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) {
- DEBUG(0,("process: unable to read the machine account password for \
-machine %s in domain %s.\n", global_myname(), lp_workgroup()));
- TALLOC_FREE(lock);
- return;
- }
-
- /*
- * Make sure someone else hasn't already done this.
- */
-
- if(t < lct + lp_machine_password_timeout()) {
- global_machine_password_needs_changing = False;
- TALLOC_FREE(lock);
- return;
- }
-
- /* always just contact the PDC here */
-
- change_trust_account_password( lp_workgroup(), NULL);
- global_machine_password_needs_changing = False;
- TALLOC_FREE(lock);
- }
-
- /* update printer queue caches if necessary */
-
- update_monitored_printq_cache();
-
- /*
- * Now we are root, check if the log files need pruning.
- * Force a log file check.
- */
- force_check_log_size();
- check_log_size();
-
- /* Send any queued printer notify message to interested smbd's. */
-
- print_notify_send_messages(smbd_messaging_context(), 0);
-
- /*
- * Modify the select timeout depending upon
- * what we have remaining in our queues.
- */
-
- *select_timeout = setup_select_timeout();
-
- return;
-}
-
-/****************************************************************************
Process commands from the client
****************************************************************************/
void smbd_process(void)
{
- time_t last_timeout_processing_time = time(NULL);
unsigned int num_smbs = 0;
size_t unread_bytes = 0;
max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
while (True) {
- int select_timeout = setup_select_timeout();
- int num_echos;
+ NTSTATUS status;
char *inbuf = NULL;
size_t inbuf_len = 0;
bool encrypted = false;
@@ -2021,82 +1904,24 @@ void smbd_process(void)
errno = 0;
- /* Did someone ask for immediate checks on things like blocking locks ? */
- if (select_timeout == 0) {
- timeout_processing(&select_timeout,
- &last_timeout_processing_time);
- num_smbs = 0; /* Reset smb counter. */
- }
-
run_events(smbd_event_context(), 0, NULL, NULL);
- while (True) {
- NTSTATUS status;
-
- status = receive_message_or_smb(
- talloc_tos(), &inbuf, &inbuf_len,
- select_timeout, &unread_bytes, &encrypted);
-
- if (NT_STATUS_IS_OK(status)) {
- break;
- }
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_IO_TIMEOUT)) {
- timeout_processing(
- &select_timeout,
- &last_timeout_processing_time);
- continue;
- }
+ status = receive_message_or_smb(
+ talloc_tos(), &inbuf, &inbuf_len,
+ &unread_bytes, &encrypted);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(3, ("receive_message_or_smb failed: %s, "
"exiting\n", nt_errstr(status)));
return;
-
- num_smbs = 0; /* Reset smb counter. */
}
-
- /*
- * Ensure we do timeout processing if the SMB we just got was
- * only an echo request. This allows us to set the select
- * timeout in 'receive_message_or_smb()' to any value we like
- * without worrying that the client will send echo requests
- * faster than the select timeout, thus starving out the
- * essential processing (change notify, blocking locks) that
- * the timeout code does. JRA.
- */
- num_echos = smb_echo_count;
-
process_smb(inbuf, inbuf_len, unread_bytes, encrypted);
TALLOC_FREE(inbuf);
- if (smb_echo_count != num_echos) {
- timeout_processing(&select_timeout,
- &last_timeout_processing_time);
- num_smbs = 0; /* Reset smb counter. */
- }
-
num_smbs++;
- /*
- * If we are getting smb requests in a constant stream
- * with no echos, make sure we attempt timeout processing
- * every select_timeout milliseconds - but only check for this
- * every 200 smb requests.
- */
-
- if ((num_smbs % 200) == 0) {
- time_t new_check_time = time(NULL);
- if(new_check_time - last_timeout_processing_time >= (select_timeout/1000)) {
- timeout_processing(
- &select_timeout,
- &last_timeout_processing_time);
- num_smbs = 0; /* Reset smb counter. */
- last_timeout_processing_time = new_check_time; /* Reset time. */
- }
- }
-
/* The timeout_processing function isn't run nearly
often enough to implement 'max log size' without
overrunning the size of the file by many megabytes.
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 6933533672..48403073f7 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -29,7 +29,6 @@
/* look in server.c for some explanation of these variables */
extern enum protocol_types Protocol;
extern int max_recv;
-unsigned int smb_echo_count = 0;
extern uint32 global_client_caps;
extern bool global_encrypted_passwords_negotiated;
@@ -340,8 +339,7 @@ bool check_fsp_open(connection_struct *conn, struct smb_request *req,
}
/****************************************************************************
- Check if we have a correct fsp pointing to a file. Replacement for the
- CHECK_FSP macro.
+ Check if we have a correct fsp pointing to a file.
****************************************************************************/
bool check_fsp(connection_struct *conn, struct smb_request *req,
@@ -4273,7 +4271,7 @@ void reply_close(struct smb_request *req)
fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
/*
- * We can only use CHECK_FSP if we know it's not a directory.
+ * We can only use check_fsp if we know it's not a directory.
*/
if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
@@ -4611,8 +4609,6 @@ void reply_echo(struct smb_request *req)
TALLOC_FREE(req->outbuf);
- smb_echo_count++;
-
END_PROFILE(SMBecho);
return;
}
@@ -5583,10 +5579,10 @@ NTSTATUS rename_internals_fsp(connection_struct *conn,
DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
fsp->fsp_name,newname));
- rename_open_files(conn, lck, newname);
-
notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
+ rename_open_files(conn, lck, newname);
+
/*
* A rename acts as a new file create w.r.t. allowing an initial delete
* on close, probably because in Windows there is a new handle to the
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 53116f3d98..69a483e4fc 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1067,6 +1067,30 @@ static bool deadtime_fn(const struct timeval *now, void *private_data)
return True;
}
+/*
+ * Do the recurring log file and smb.conf reload checks.
+ */
+
+static bool housekeeping_fn(const struct timeval *now, void *private_data)
+{
+ change_to_root_user();
+
+ /* update printer queue caches if necessary */
+ update_monitored_printq_cache();
+
+ /* check if we need to reload services */
+ check_reload(time(NULL));
+
+ /* Change machine password if neccessary. */
+ attempt_machine_password_change();
+
+ /*
+ * Force a log file check.
+ */
+ force_check_log_size();
+ check_log_size();
+ return true;
+}
/****************************************************************************
main program.
@@ -1426,6 +1450,13 @@ extern void build_options(bool screen);
exit(1);
}
+ if (!(event_add_idle(smbd_event_context(), NULL,
+ timeval_set(SMBD_SELECT_TIMEOUT, 0),
+ "housekeeping", housekeeping_fn, NULL))) {
+ DEBUG(0, ("Could not add housekeeping event\n"));
+ exit(1);
+ }
+
#ifdef CLUSTER_SUPPORT
if (lp_clustering()) {