summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2011-12-14 10:23:30 +0100
committerStefan Metzmacher <metze@samba.org>2011-12-15 08:16:31 +0100
commit715933a3d3d1023df0d77c1765850e8579b84dfc (patch)
tree7e918292b4c54ef80fa25a95d9955be866804e9f /source3/smbd
parent0429471fe478b86a9857511a7b841601640c8bac (diff)
downloadsamba-715933a3d3d1023df0d77c1765850e8579b84dfc.tar.gz
samba-715933a3d3d1023df0d77c1765850e8579b84dfc.tar.bz2
samba-715933a3d3d1023df0d77c1765850e8579b84dfc.zip
s3:smbd: split ID_CACHE_* message handling into parent and child parts
metze
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/msg_idmap.c174
-rw-r--r--source3/smbd/process.c111
-rw-r--r--source3/smbd/proto.h4
-rw-r--r--source3/smbd/server.c49
4 files changed, 159 insertions, 179 deletions
diff --git a/source3/smbd/msg_idmap.c b/source3/smbd/msg_idmap.c
deleted file mode 100644
index 757cac0e3f..0000000000
--- a/source3/smbd/msg_idmap.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * Samba Unix/Linux SMB client library
- *
- * Copyright (C) Gregor Beck 2011
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "includes.h"
-#include "smbd/globals.h"
-#include "smbd/smbd.h"
-#include "../libcli/security/dom_sid.h"
-#include "../libcli/security/security_token.h"
-#include "idmap_cache.h"
-#include "passdb/lookup_sid.h"
-#include "auth.h"
-#include "messages.h"
-#include "lib/id_cache.h"
-
-static bool uid_in_use(const struct user_struct *user, uid_t uid)
-{
- while (user) {
- if (user->session_info &&
- (user->session_info->unix_token->uid == uid)) {
- return true;
- }
- user = user->next;
- }
- return false;
-}
-
-static bool gid_in_use(const struct user_struct *user, gid_t gid)
-{
- while (user) {
- if (user->session_info != NULL) {
- int i;
- struct security_unix_token *utok;
-
- utok = user->session_info->unix_token;
- if (utok->gid == gid) {
- return true;
- }
- for(i=0; i<utok->ngroups; i++) {
- if (utok->groups[i] == gid) {
- return true;
- }
- }
- }
- user = user->next;
- }
- return false;
-}
-
-static bool sid_in_use(const struct user_struct *user,
- const struct dom_sid *psid)
-{
- while (user) {
- struct security_token *tok;
-
- if (user->session_info == NULL) {
- continue;
- }
- tok = user->session_info->security_token;
- if (tok == NULL) {
- /*
- * Not sure session_info->security_token can
- * ever be NULL. This check might be not
- * necessary.
- */
- continue;
- }
- if (security_token_has_sid(tok, psid)) {
- return true;
- }
- user = user->next;
- }
- return false;
-}
-
-static bool id_in_use(const struct user_struct *user,
- const struct id_cache_ref *id)
-{
- switch(id->type) {
- case UID:
- return uid_in_use(user, id->id.uid);
- case GID:
- return gid_in_use(user, id->id.gid);
- case SID:
- return sid_in_use(user, &id->id.sid);
- default:
- break;
- }
- return false;
-}
-
-static void id_cache_kill(struct messaging_context *msg_ctx,
- void *private_data,
- uint32_t msg_type,
- struct server_id server_id,
- DATA_BLOB* data)
-{
- const char *msg = (data && data->data)
- ? (const char *)data->data : "<NULL>";
- struct smbd_server_connection *sconn;
- struct user_struct *validated_users;
- struct id_cache_ref id;
-
- sconn = msg_ctx_to_sconn(msg_ctx);
- if (sconn == NULL) {
- DEBUG(1, ("could not find sconn\n"));
- return;
- }
-
- validated_users = sconn->smb1.sessions.validated_users;
-
- if (!id_cache_ref_parse(msg, &id)) {
- DEBUG(0, ("Invalid ?ID: %s\n", msg));
- return;
- }
-
- if (am_parent) {
- messaging_send_to_children(msg_ctx, msg_type, data);
- }
-
- if (id_in_use(validated_users, &id)) {
- exit_server_cleanly(msg);
- }
- id_cache_delete_from_cache(&id);
-}
-
-static void id_cache_flush(struct messaging_context *ctx,
- void* data,
- uint32_t msg_type,
- struct server_id srv_id,
- DATA_BLOB* msg_data)
-{
- id_cache_flush_message(ctx, data, msg_type, srv_id, msg_data);
-
- if (am_parent) {
- messaging_send_to_children(ctx, msg_type, msg_data);
- }
-}
-
-static void id_cache_delete(struct messaging_context *ctx,
- void* data,
- uint32_t msg_type,
- struct server_id srv_id,
- DATA_BLOB* msg_data)
-{
- id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
-
- if (am_parent) {
- messaging_send_to_children(ctx, msg_type, msg_data);
- }
-}
-
-
-void msg_idmap_register_msg(struct messaging_context *ctx)
-{
- messaging_register(ctx, NULL, ID_CACHE_FLUSH, id_cache_flush);
- messaging_register(ctx, NULL, ID_CACHE_DELETE, id_cache_delete);
- messaging_register(ctx, NULL, ID_CACHE_KILL, id_cache_kill);
-}
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index b3e4d0d9fb..e57faf1978 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -36,6 +36,9 @@
#include "rpc_server/spoolss/srv_spoolss_nt.h"
#include "libsmb/libsmb.h"
#include "../lib/util/tevent_ntstatus.h"
+#include "../libcli/security/dom_sid.h"
+#include "../libcli/security/security_token.h"
+#include "lib/id_cache.h"
extern bool global_machine_password_needs_changing;
@@ -2960,6 +2963,109 @@ static NTSTATUS smbd_register_ips(struct smbd_server_connection *sconn,
#endif
+static bool uid_in_use(const struct user_struct *user, uid_t uid)
+{
+ while (user) {
+ if (user->session_info &&
+ (user->session_info->unix_token->uid == uid)) {
+ return true;
+ }
+ user = user->next;
+ }
+ return false;
+}
+
+static bool gid_in_use(const struct user_struct *user, gid_t gid)
+{
+ while (user) {
+ if (user->session_info != NULL) {
+ int i;
+ struct security_unix_token *utok;
+
+ utok = user->session_info->unix_token;
+ if (utok->gid == gid) {
+ return true;
+ }
+ for(i=0; i<utok->ngroups; i++) {
+ if (utok->groups[i] == gid) {
+ return true;
+ }
+ }
+ }
+ user = user->next;
+ }
+ return false;
+}
+
+static bool sid_in_use(const struct user_struct *user,
+ const struct dom_sid *psid)
+{
+ while (user) {
+ struct security_token *tok;
+
+ if (user->session_info == NULL) {
+ continue;
+ }
+ tok = user->session_info->security_token;
+ if (tok == NULL) {
+ /*
+ * Not sure session_info->security_token can
+ * ever be NULL. This check might be not
+ * necessary.
+ */
+ continue;
+ }
+ if (security_token_has_sid(tok, psid)) {
+ return true;
+ }
+ user = user->next;
+ }
+ return false;
+}
+
+static bool id_in_use(const struct user_struct *user,
+ const struct id_cache_ref *id)
+{
+ switch(id->type) {
+ case UID:
+ return uid_in_use(user, id->id.uid);
+ case GID:
+ return gid_in_use(user, id->id.gid);
+ case SID:
+ return sid_in_use(user, &id->id.sid);
+ default:
+ break;
+ }
+ return false;
+}
+
+static void smbd_id_cache_kill(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB* data)
+{
+ const char *msg = (data && data->data)
+ ? (const char *)data->data : "<NULL>";
+ struct user_struct *validated_users;
+ struct id_cache_ref id;
+ struct smbd_server_connection *sconn =
+ talloc_get_type_abort(private_data,
+ struct smbd_server_connection);
+
+ validated_users = sconn->smb1.sessions.validated_users;
+
+ if (!id_cache_ref_parse(msg, &id)) {
+ DEBUG(0, ("Invalid ?ID: %s\n", msg));
+ return;
+ }
+
+ if (id_in_use(validated_users, &id)) {
+ exit_server_cleanly(msg);
+ }
+ id_cache_delete_from_cache(&id);
+}
+
/****************************************************************************
Process commands from the client
****************************************************************************/
@@ -3143,6 +3249,11 @@ void smbd_process(struct tevent_context *ev_ctx,
messaging_register(sconn->msg_ctx, sconn,
MSG_SMB_FILE_RENAME, msg_file_was_renamed);
+ id_cache_register_msgs(sconn->msg_ctx);
+ messaging_deregister(sconn->msg_ctx, ID_CACHE_KILL, NULL);
+ messaging_register(sconn->msg_ctx, sconn,
+ ID_CACHE_KILL, smbd_id_cache_kill);
+
/*
* Use the default MSG_DEBUG handler to avoid rebroadcasting
* MSGs to all child processes
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 0123e7dffb..2fd59a1f47 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -1182,8 +1182,4 @@ NTSTATUS vfs_streaminfo(connection_struct *conn,
void *avahi_start_register(TALLOC_CTX *mem_ctx, struct tevent_context *ev,
uint16_t port);
-/* The following definitions come from smbd/msg_idmap.c */
-
-void msg_idmap_register_msg(struct messaging_context *ctx);
-
#endif /* _SMBD_PROTO_H_ */
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 07d2b3ebff..7e1bddd23b 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -230,6 +230,48 @@ static void smbd_msg_debug(struct messaging_context *msg_ctx,
messaging_send_to_children(msg_ctx, MSG_DEBUG, data);
}
+static void smbd_parent_id_cache_kill(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB* data)
+{
+ const char *msg = (data && data->data)
+ ? (const char *)data->data : "<NULL>";
+ struct id_cache_ref id;
+
+ if (!id_cache_ref_parse(msg, &id)) {
+ DEBUG(0, ("Invalid ?ID: %s\n", msg));
+ return;
+ }
+
+ id_cache_delete_from_cache(&id);
+
+ messaging_send_to_children(msg_ctx, msg_type, data);
+}
+
+static void smbd_parent_id_cache_flush(struct messaging_context *ctx,
+ void* data,
+ uint32_t msg_type,
+ struct server_id srv_id,
+ DATA_BLOB* msg_data)
+{
+ id_cache_flush_message(ctx, data, msg_type, srv_id, msg_data);
+
+ messaging_send_to_children(ctx, msg_type, msg_data);
+}
+
+static void smbd_parent_id_cache_delete(struct messaging_context *ctx,
+ void* data,
+ uint32_t msg_type,
+ struct server_id srv_id,
+ DATA_BLOB* msg_data)
+{
+ id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
+
+ messaging_send_to_children(ctx, msg_type, msg_data);
+}
+
static void add_child_pid(struct smbd_parent_context *parent,
pid_t pid)
{
@@ -768,7 +810,12 @@ static bool open_sockets_smbd(struct smbd_parent_context *parent,
messaging_register(msg_ctx, NULL, MSG_SMB_BRL_VALIDATE,
brl_revalidate);
- msg_idmap_register_msg(msg_ctx);
+ messaging_register(msg_ctx, NULL,
+ ID_CACHE_FLUSH, smbd_parent_id_cache_flush);
+ messaging_register(msg_ctx, NULL,
+ ID_CACHE_DELETE, smbd_parent_id_cache_delete);
+ messaging_register(msg_ctx, NULL,
+ ID_CACHE_KILL, smbd_parent_id_cache_kill);
#ifdef CLUSTER_SUPPORT
if (lp_clustering()) {