summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/lib/access.c6
-rw-r--r--source3/lib/util.c53
-rw-r--r--source3/lib/util_sock.c154
-rw-r--r--source3/libsmb/clientgen.c23
-rw-r--r--source3/nmbd/nmbd.c1
-rw-r--r--source3/rpc_server/srv_netlog.c2
-rw-r--r--source3/smbd/blocking.c5
-rw-r--r--source3/smbd/connection.c6
-rw-r--r--source3/smbd/ipc.c7
-rw-r--r--source3/smbd/nttrans.c10
-rw-r--r--source3/smbd/oplock.c10
-rw-r--r--source3/smbd/password.c6
-rw-r--r--source3/smbd/process.c26
-rw-r--r--source3/smbd/reply.c25
-rw-r--r--source3/smbd/server.c51
-rw-r--r--source3/smbd/service.c8
-rw-r--r--source3/smbd/ssl.c6
-rw-r--r--source3/smbd/trans2.c7
-rw-r--r--source3/web/cgi.c6
19 files changed, 195 insertions, 217 deletions
diff --git a/source3/lib/access.c b/source3/lib/access.c
index 01f559750f..d646c0823b 100644
--- a/source3/lib/access.c
+++ b/source3/lib/access.c
@@ -253,13 +253,13 @@ BOOL check_access(int sock, char *allow_list, char *deny_list)
if (!ret) {
if (allow_access(deny_list,allow_list,
- client_name(sock),client_addr(sock))) {
+ get_socket_name(sock),get_socket_addr(sock))) {
DEBUG(2,("Allowed connection from %s (%s)\n",
- client_name(sock),client_addr(sock)));
+ get_socket_name(sock),get_socket_addr(sock)));
ret = True;
} else {
DEBUG(0,("Denied connection from %s (%s)\n",
- client_name(sock),client_addr(sock)));
+ get_socket_name(sock),get_socket_addr(sock)));
}
}
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 7d10f9ccd2..ebb89c9d89 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -65,9 +65,6 @@ int Protocol = PROTOCOL_COREPLUS;
/* a default finfo structure to ensure all fields are sensible */
file_info def_finfo = {-1,0,0,0,0,0,0,""};
-/* the client file descriptor */
-extern int Client;
-
/* this is used by the chaining code */
int chain_size = 0;
@@ -1610,52 +1607,6 @@ BOOL zero_ip(struct in_addr ip)
}
-/*******************************************************************
- matchname - determine if host name matches IP address
- ******************************************************************/
-BOOL matchname(char *remotehost,struct in_addr addr)
-{
- struct hostent *hp;
- int i;
-
- if ((hp = Get_Hostbyname(remotehost)) == 0) {
- DEBUG(0,("Get_Hostbyname(%s): lookup failure.\n", remotehost));
- return False;
- }
-
- /*
- * Make sure that gethostbyname() returns the "correct" host name.
- * Unfortunately, gethostbyname("localhost") sometimes yields
- * "localhost.domain". Since the latter host name comes from the
- * local DNS, we just have to trust it (all bets are off if the local
- * DNS is perverted). We always check the address list, though.
- */
-
- if (strcasecmp(remotehost, hp->h_name)
- && strcasecmp(remotehost, "localhost")) {
- DEBUG(0,("host name/name mismatch: %s != %s\n",
- remotehost, hp->h_name));
- return False;
- }
-
- /* Look up the host address in the address list we just got. */
- for (i = 0; hp->h_addr_list[i]; i++) {
- if (memcmp(hp->h_addr_list[i], (caddr_t) & addr, sizeof(addr)) == 0)
- return True;
- }
-
- /*
- * The host name does not map to the original host address. Perhaps
- * someone has compromised a name server. More likely someone botched
- * it, but that could be dangerous, too.
- */
-
- DEBUG(0,("host name/address mismatch: %s != %s\n",
- inet_ntoa(addr), hp->h_name));
- return False;
-}
-
-
#if (defined(HAVE_NETGROUP) && defined(WITH_AUTOMOUNT))
/******************************************************************
Remove any mount options such as -rsize=2048,wsize=2048 etc.
@@ -1953,9 +1904,9 @@ void standard_sub_basic(char *str)
break;
}
case 'N' : string_sub(p,"%N", automount_server(username),l); break;
- case 'I' : string_sub(p,"%I", client_addr(Client),l); break;
+ case 'I' : string_sub(p,"%I", client_addr(),l); break;
case 'L' : string_sub(p,"%L", local_machine,l); break;
- case 'M' : string_sub(p,"%M", client_name(Client),l); break;
+ case 'M' : string_sub(p,"%M", client_name(),l); break;
case 'R' : string_sub(p,"%R", remote_proto,l); break;
case 'T' : string_sub(p,"%T", timestring(False),l); break;
case 'U' : string_sub(p,"%U", username,l); break;
diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c
index fd5ed71c9c..bf02e40520 100644
--- a/source3/lib/util_sock.c
+++ b/source3/lib/util_sock.c
@@ -32,9 +32,6 @@ extern int DEBUGLEVEL;
BOOL passive = False;
-/* the client file descriptor */
-int Client = -1;
-
/* the last IP received from */
struct in_addr lastip;
@@ -153,20 +150,6 @@ void set_socket_options(int fd, char *options)
}
/****************************************************************************
- Close the socket communication.
-****************************************************************************/
-
-void close_sockets(void )
-{
-#ifdef WITH_SSL
- sslutil_disconnect(Client);
-#endif /* WITH_SSL */
-
- close(Client);
- Client = -1;
-}
-
-/****************************************************************************
Read from a socket.
****************************************************************************/
@@ -725,7 +708,6 @@ BOOL send_null_session_msg(int fd)
if (ret <= 0)
{
DEBUG(0,("send_null_session_msg: Error writing %d bytes to client. %d. Exiting\n",(int)len,(int)ret));
- close_sockets();
exit(1);
}
nwritten += ret;
@@ -752,7 +734,6 @@ BOOL send_smb(int fd,char *buffer)
if (ret <= 0)
{
DEBUG(0,("Error writing %d bytes to client. %d. Exiting\n",(int)len,(int)ret));
- close_sockets();
exit(1);
}
nwritten += ret;
@@ -951,14 +932,9 @@ connect_again:
expanded if more variables need reseting.
******************************************************************/
-static BOOL global_client_name_done = False;
-static BOOL global_client_addr_done = False;
void reset_globals_after_fork(void)
{
- global_client_name_done = False;
- global_client_addr_done = False;
-
/*
* Re-seed the random crypto generator, so all smbd's
* started from the same parent won't generate the same
@@ -969,71 +945,120 @@ void reset_globals_after_fork(void)
generate_random_buffer( &dummy, 1, True);
}
}
-
+
+/* the following 3 client_*() functions are nasty ways of allowing
+ some generic functions to get info that really should be hidden in
+ particular modules */
+static int client_fd = -1;
+
+void client_setfd(int fd)
+{
+ client_fd = fd;
+}
+
+char *client_name(void)
+{
+ return get_socket_name(client_fd);
+}
+
+char *client_addr(void)
+{
+ return get_socket_addr(client_fd);
+}
+
/*******************************************************************
- return the DNS name of the client
+ matchname - determine if host name matches IP address. Used to
+ confirm a hostname lookup to prevent spoof attacks
******************************************************************/
-
-char *client_name(int fd)
+static BOOL matchname(char *remotehost,struct in_addr addr)
{
- struct sockaddr sa;
- struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
- int length = sizeof(sa);
- static pstring name_buf;
struct hostent *hp;
- static int last_fd=-1;
+ int i;
- if (global_client_name_done && last_fd == fd)
- return name_buf;
+ if ((hp = Get_Hostbyname(remotehost)) == 0) {
+ DEBUG(0,("Get_Hostbyname(%s): lookup failure.\n", remotehost));
+ return False;
+ }
+
+ /*
+ * Make sure that gethostbyname() returns the "correct" host name.
+ * Unfortunately, gethostbyname("localhost") sometimes yields
+ * "localhost.domain". Since the latter host name comes from the
+ * local DNS, we just have to trust it (all bets are off if the local
+ * DNS is perverted). We always check the address list, though.
+ */
- last_fd = fd;
- global_client_name_done = False;
-
- pstrcpy(name_buf,"UNKNOWN");
-
- if (fd == -1) {
- return name_buf;
+ if (strcasecmp(remotehost, hp->h_name)
+ && strcasecmp(remotehost, "localhost")) {
+ DEBUG(0,("host name/name mismatch: %s != %s\n",
+ remotehost, hp->h_name));
+ return False;
}
- if (getpeername(fd, &sa, &length) < 0) {
- DEBUG(0,("getpeername failed. Error was %s\n", strerror(errno) ));
- return name_buf;
+ /* Look up the host address in the address list we just got. */
+ for (i = 0; hp->h_addr_list[i]; i++) {
+ if (memcmp(hp->h_addr_list[i], (caddr_t) & addr, sizeof(addr)) == 0)
+ return True;
}
+ /*
+ * The host name does not map to the original host address. Perhaps
+ * someone has compromised a name server. More likely someone botched
+ * it, but that could be dangerous, too.
+ */
+
+ DEBUG(0,("host name/address mismatch: %s != %s\n",
+ inet_ntoa(addr), hp->h_name));
+ return False;
+}
+
+
+/*******************************************************************
+ return the DNS name of the remote end of a socket
+ ******************************************************************/
+char *get_socket_name(int fd)
+{
+ static pstring name_buf;
+ static fstring addr_buf;
+ struct hostent *hp;
+ struct in_addr addr;
+ char *p;
+
+ p = get_socket_addr(fd);
+
+ /* it might be the same as the last one - save some DNS work */
+ if (strcmp(p, addr_buf) == 0) return name_buf;
+
+ pstrcpy(name_buf,"UNKNOWN");
+ if (fd == -1) return name_buf;
+
+ fstrcpy(addr_buf, p);
+
+ if (inet_aton(p, &addr) == 0) return name_buf;
+
/* Look up the remote host name. */
- if ((hp = gethostbyaddr((char *) &sockin->sin_addr,
- sizeof(sockin->sin_addr),
- AF_INET)) == 0) {
- DEBUG(1,("Gethostbyaddr failed for %s\n",client_addr(fd)));
- StrnCpy(name_buf,client_addr(fd),sizeof(name_buf) - 1);
+ if ((hp = gethostbyaddr((char *)&addr.s_addr, sizeof(addr.s_addr), AF_INET)) == 0) {
+ DEBUG(1,("Gethostbyaddr failed for %s\n",p));
+ pstrcpy(name_buf, p);
} else {
- StrnCpy(name_buf,(char *)hp->h_name,sizeof(name_buf) - 1);
- if (!matchname(name_buf, sockin->sin_addr)) {
- DEBUG(0,("Matchname failed on %s %s\n",name_buf,client_addr(fd)));
+ pstrcpy(name_buf,(char *)hp->h_name);
+ if (!matchname(name_buf, addr)) {
+ DEBUG(0,("Matchname failed on %s %s\n",name_buf,p));
pstrcpy(name_buf,"UNKNOWN");
}
}
- global_client_name_done = True;
return name_buf;
}
/*******************************************************************
- return the IP addr of the client as a string
+ return the IP addr of the remote end of a socket as a string
******************************************************************/
-
-char *client_addr(int fd)
+char *get_socket_addr(int fd)
{
struct sockaddr sa;
struct sockaddr_in *sockin = (struct sockaddr_in *) (&sa);
int length = sizeof(sa);
static fstring addr_buf;
- static int last_fd = -1;
-
- if (global_client_addr_done && fd == last_fd)
- return addr_buf;
-
- last_fd = fd;
- global_client_addr_done = False;
fstrcpy(addr_buf,"0.0.0.0");
@@ -1048,7 +1073,6 @@ char *client_addr(int fd)
fstrcpy(addr_buf,(char *)inet_ntoa(sockin->sin_addr));
- global_client_addr_done = True;
return addr_buf;
}
diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c
index 29c228ecfa..6472cf0380 100644
--- a/source3/libsmb/clientgen.c
+++ b/source3/libsmb/clientgen.c
@@ -88,10 +88,9 @@ static BOOL cli_send_smb(struct cli_state *cli)
}
}
if (ret <= 0) {
- DEBUG(0,("Error writing %d bytes to client. %d. Exiting\n",
+ DEBUG(0,("Error writing %d bytes to client. %d\n",
(int)len,(int)ret));
- close_sockets();
- exit(1);
+ return False;
}
nwritten += ret;
}
@@ -1516,11 +1515,11 @@ size_t cli_read(struct cli_state *cli, int fnum, char *buf, off_t offset, size_t
if (size2 > block) {
DEBUG(0,("server returned more than we wanted!\n"));
- exit(1);
+ return -1;
}
if (mid >= issued) {
DEBUG(0,("invalid mid from server!\n"));
- exit(1);
+ return -1;
}
p = smb_base(cli->inbuf) + SVAL(cli->inbuf,smb_vwv6);
@@ -2551,7 +2550,6 @@ retry:
/* SESSION RETARGET */
putip((char *)&cli->dest_ip,cli->inbuf+4);
- close_sockets();
cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip, port, LONG_CONNECT_TIMEOUT);
if (cli->fd == -1)
return False;
@@ -2561,7 +2559,18 @@ retry:
set_socket_options(cli->fd,user_socket_options);
/* Try again */
- return cli_session_request(cli, calling, called);
+ {
+ static int depth;
+ BOOL ret;
+ if (depth > 4) {
+ DEBUG(0,("Retarget recursion - failing\n"));
+ return False;
+ }
+ depth++;
+ ret = cli_session_request(cli, calling, called);
+ depth--;
+ return ret;
+ }
} /* C. Hoch 9/14/95 End */
#ifdef WITH_SSL
diff --git a/source3/nmbd/nmbd.c b/source3/nmbd/nmbd.c
index 57d025c660..c7ebe48822 100644
--- a/source3/nmbd/nmbd.c
+++ b/source3/nmbd/nmbd.c
@@ -859,7 +859,6 @@ static void usage(char *pname)
#endif /* SIGUSR2 */
process();
- close_sockets();
if (dbf)
fclose(dbf);
diff --git a/source3/rpc_server/srv_netlog.c b/source3/rpc_server/srv_netlog.c
index 7f893e2633..a198b6b98a 100644
--- a/source3/rpc_server/srv_netlog.c
+++ b/source3/rpc_server/srv_netlog.c
@@ -276,7 +276,7 @@ static BOOL get_md4pw(char *md4pw, char *mach_name, char *mach_acct)
*/
if (!allow_access(lp_domain_hostsdeny(), lp_domain_hostsallow(),
- client_name(Client), client_addr(Client)))
+ client_name(), client_addr()))
{
DEBUG(0,("get_md4pw: Workstation %s denied access to domain\n", mach_acct));
return False;
diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c
index c90f475b46..ea8d2fd053 100644
--- a/source3/smbd/blocking.c
+++ b/source3/smbd/blocking.c
@@ -21,7 +21,6 @@
#include "includes.h"
extern int DEBUGLEVEL;
-extern int Client;
extern char *OutBuffer;
/****************************************************************************
@@ -134,7 +133,7 @@ static void send_blocking_reply(char *outbuf, int outsize)
if(outsize > 4)
smb_setlen(outbuf,outsize - 4);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/****************************************************************************
@@ -180,7 +179,7 @@ static void generic_blocking_lock_error(blocking_lock_record *blr, int eclass, i
SSVAL(outbuf,smb_flg2, SVAL(outbuf,smb_flg2) | FLAGS2_32_BIT_ERROR_CODES);
ERROR(eclass,ecode);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/****************************************************************************
diff --git a/source3/smbd/connection.c b/source3/smbd/connection.c
index c796fee8b5..9c859e4d89 100644
--- a/source3/smbd/connection.c
+++ b/source3/smbd/connection.c
@@ -71,7 +71,6 @@ BOOL claim_connection(connection_struct *conn,char *name,int max_connections,BOO
struct connections_key key;
struct connections_data crec;
TDB_DATA kbuf, dbuf;
- extern int Client;
if (max_connections <= 0)
return(True);
@@ -106,7 +105,7 @@ BOOL claim_connection(connection_struct *conn,char *name,int max_connections,BOO
crec.start = time(NULL);
StrnCpy(crec.machine,remote_machine,sizeof(crec.machine)-1);
- StrnCpy(crec.addr,conn?conn->client_address:client_addr(Client),sizeof(crec.addr)-1);
+ StrnCpy(crec.addr,conn?conn->client_address:client_addr(),sizeof(crec.addr)-1);
dbuf.dptr = (char *)&crec;
dbuf.dsize = sizeof(crec);
@@ -343,7 +342,6 @@ static void utmp_yield(pid_t pid, const connection_struct *conn)
static void utmp_claim(const struct connect_record *crec, const connection_struct *conn)
{
- extern int Client;
struct utmp u;
if (conn == NULL) {
@@ -359,7 +357,7 @@ static void utmp_claim(const struct connect_record *crec, const connection_struc
DEBUG(2,("utmp_claim: conn: user:%s cnum:%d i:%d\n",
conn->user, conn->cnum, i));
DEBUG(2,("utmp_claim: crec: pid:%d, cnum:%d name:%s addr:%s mach:%s DNS:%s\n",
- crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_name(Client)));
+ crec->pid, crec->cnum, crec->name, crec->addr, crec->machine, client_name()));
memset((char *)&u, '\0', sizeof(struct utmp));
diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c
index 271b0e253b..46ef677f38 100644
--- a/source3/smbd/ipc.c
+++ b/source3/smbd/ipc.c
@@ -58,7 +58,6 @@ extern fstring global_myworkgroup;
#define SNLEN 15 /* service name length */
#define QNLEN 12 /* queue name maximum length */
-extern int Client;
extern int smb_read_error;
static BOOL api_Unsupported(connection_struct *conn,uint16 vuid, char *param,char *data,
@@ -212,7 +211,7 @@ static void send_trans_reply(char *outbuf,
SSVAL(outbuf,smb_vwv9,0);
show_msg(outbuf);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
tot_data_sent = this_ldata;
tot_param_sent = this_lparam;
@@ -245,7 +244,7 @@ static void send_trans_reply(char *outbuf,
SSVAL(outbuf,smb_vwv9,0);
show_msg(outbuf);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
tot_data_sent += this_ldata;
tot_param_sent += this_lparam;
@@ -3608,7 +3607,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, int size, int
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
show_msg(outbuf);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/* receive the rest of the trans packet */
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 54e67f5593..bd77f17802 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -24,7 +24,6 @@
extern int DEBUGLEVEL;
extern int Protocol;
-extern int Client;
extern int smb_read_error;
extern int global_oplock_break;
extern BOOL case_sensitive;
@@ -88,7 +87,7 @@ static int send_nt_replies(char *inbuf, char *outbuf, int bufsize, uint32 nt_err
*/
if(params_to_send == 0 && data_to_send == 0) {
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
return 0;
}
@@ -217,7 +216,7 @@ static int send_nt_replies(char *inbuf, char *outbuf, int bufsize, uint32 nt_err
params_to_send, data_to_send, paramsize, datasize));
/* Send the packet */
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
pp += params_sent_thistime;
pd += data_sent_thistime;
@@ -1422,7 +1421,6 @@ static ubi_slList change_notify_queue = { NULL, (ubi_slNodePtr)&change_notify_qu
static void change_notify_reply_packet(char *inbuf, int error_class, uint32 error_code)
{
- extern int Client;
char outbuf[smb_size+38];
memset(outbuf, '\0', sizeof(outbuf));
@@ -1447,7 +1445,7 @@ static void change_notify_reply_packet(char *inbuf, int error_class, uint32 erro
*/
set_message(outbuf,18,0,False);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
/****************************************************************************
@@ -2589,7 +2587,7 @@ due to being in oplock break state.\n" ));
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
while( num_data_sofar < total_data_count || num_params_sofar < total_parameter_count) {
BOOL ret;
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 218961d88c..e794d2d923 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -753,7 +753,6 @@ static files_struct *initial_break_processing(SMB_DEV_T dev, SMB_INO_T inode, st
BOOL oplock_break_level2(files_struct *fsp, BOOL local_request, int token)
{
- extern int Client;
extern uint32 global_client_caps;
char outbuf[128];
BOOL got_lock = False;
@@ -781,7 +780,7 @@ BOOL oplock_break_level2(files_struct *fsp, BOOL local_request, int token)
/* Prepare the SMBlockingX message. */
prepare_break_message( outbuf, fsp, False);
- send_smb(Client, outbuf);
+ send_smb(smbd_server_fd(), outbuf);
}
/*
@@ -832,7 +831,6 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
{
extern uint32 global_client_caps;
extern struct current_user current_user;
- extern int Client;
char *inbuf = NULL;
char *outbuf = NULL;
files_struct *fsp = NULL;
@@ -923,7 +921,7 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
fsp->sent_oplock_break = using_levelII?
LEVEL_II_BREAK_SENT:EXCLUSIVE_BREAK_SENT;
- send_smb(Client, outbuf);
+ send_smb(smbd_server_fd(), outbuf);
/* We need this in case a readraw crosses on the wire. */
global_oplock_break = True;
@@ -958,7 +956,7 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
while((fsp = initial_break_processing(dev, inode, tval)) &&
OPEN_FSP(fsp) && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type))
{
- if(receive_smb(Client,inbuf, timeout) == False)
+ if(receive_smb(smbd_server_fd(),inbuf, timeout) == False)
{
/*
* Die if we got an error.
@@ -1019,7 +1017,6 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
{
DEBUG( 0, ( "oplock_break: unable to re-become user!" ) );
DEBUGADD( 0, ( "Shutting down server\n" ) );
- close_sockets();
close(oplock_sock);
exit_server("unable to re-become user");
}
@@ -1059,7 +1056,6 @@ static BOOL oplock_break(SMB_DEV_T dev, SMB_INO_T inode, struct timeval *tval, B
{
DEBUG( 0, ( "oplock_break: client failure in break - " ) );
DEBUGADD( 0, ( "shutting down this smbd.\n" ) );
- close_sockets();
close(oplock_sock);
exit_server("oplock break failure");
}
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index bdb0385a48..208dbd2bff 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -943,8 +943,7 @@ BOOL check_hosts_equiv(char *user)
/* note: don't allow hosts.equiv on root */
if (fname && *fname && (pass->pw_uid != 0)) {
- extern int Client;
- if (check_user_equiv(user,client_name(Client),fname))
+ if (check_user_equiv(user,client_name(),fname))
return(True);
}
@@ -952,9 +951,8 @@ BOOL check_hosts_equiv(char *user)
{
char *home = get_user_home_dir(user);
if (home) {
- extern int Client;
slprintf(rhostsfile, sizeof(rhostsfile)-1, "%s/.rhosts", home);
- if (check_user_equiv(user,client_name(Client),rhostsfile))
+ if (check_user_equiv(user,client_name(),rhostsfile))
return(True);
}
}
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 403990a79d..2383b7a3a5 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -133,7 +133,6 @@ The timeout is in milli seconds
static BOOL receive_message_or_smb(char *buffer, int buffer_len,
int timeout, BOOL *got_smb)
{
- extern int Client;
fd_set fds;
int selrtn;
struct timeval to;
@@ -167,13 +166,13 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len,
*/
FD_ZERO(&fds);
- FD_SET(Client,&fds);
+ FD_SET(smbd_server_fd(),&fds);
maxfd = setup_oplock_select_set(&fds);
to.tv_sec = timeout / 1000;
to.tv_usec = (timeout % 1000) * 1000;
- selrtn = sys_select(MAX(maxfd,Client)+1,&fds,timeout>0?&to:NULL);
+ selrtn = sys_select(MAX(maxfd,smbd_server_fd())+1,&fds,timeout>0?&to:NULL);
/* Check if error */
if(selrtn == -1) {
@@ -188,10 +187,10 @@ static BOOL receive_message_or_smb(char *buffer, int buffer_len,
return False;
}
- if (FD_ISSET(Client,&fds))
+ if (FD_ISSET(smbd_server_fd(),&fds))
{
*got_smb = True;
- return receive_smb(Client, buffer, 0);
+ return receive_smb(smbd_server_fd(), buffer, 0);
}
else
{
@@ -419,7 +418,6 @@ static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize
static int num_smb_messages =
sizeof(smb_messages) / sizeof(struct smb_message_struct);
int match;
- extern int Client;
extern int global_smbpid;
if (pid == (pid_t)-1)
@@ -535,7 +533,7 @@ static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize
/* does this protocol need to be run as guest? */
if ((flags & AS_GUEST) &&
(!become_guest() ||
- !check_access(Client, lp_hostsallow(-1), lp_hostsdeny(-1)))) {
+ !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1)))) {
return(ERROR(ERRSRV,ERRaccess));
}
@@ -589,7 +587,6 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
****************************************************************************/
void process_smb(char *inbuf, char *outbuf)
{
- extern int Client;
#ifdef WITH_SSL
extern BOOL sslEnabled; /* don't use function for performance reasons */
static int sslConnected = 0;
@@ -608,13 +605,13 @@ void process_smb(char *inbuf, char *outbuf)
deny parameters before doing any parsing of the packet
passed to us by the client. This prevents attacks on our
parsing code from hosts not in the hosts allow list */
- if (!check_access(Client, lp_hostsallow(-1), lp_hostsdeny(-1))) {
+ if (!check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))) {
/* send a negative session response "not listining on calling
name" */
static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
DEBUG( 1, ( "Connection denied from %s\n",
- client_addr(Client) ) );
- send_smb(Client,(char *)buf);
+ client_addr() ) );
+ send_smb(smbd_server_fd(),(char *)buf);
exit_server("connection denied");
}
}
@@ -624,7 +621,7 @@ void process_smb(char *inbuf, char *outbuf)
#ifdef WITH_SSL
if(sslEnabled && !sslConnected){
- sslConnected = sslutil_negotiate_ssl(Client, msg_type);
+ sslConnected = sslutil_negotiate_ssl(smbd_server_fd(), msg_type);
if(sslConnected < 0){ /* an error occured */
exit_server("SSL negotiation failed");
}else if(sslConnected){
@@ -660,7 +657,7 @@ void process_smb(char *inbuf, char *outbuf)
nread, smb_len(outbuf)));
}
else
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
trans_num++;
}
@@ -851,7 +848,6 @@ void check_reload(int t)
static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_timeout_processing_time)
{
- extern int Client;
static time_t last_keepalive_sent_time = 0;
static time_t last_idle_closed_check = 0;
time_t t;
@@ -897,7 +893,7 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t
if (keepalive && (t - last_keepalive_sent_time)>keepalive)
{
struct cli_state *cli = server_client();
- if (!send_keepalive(Client)) {
+ if (!send_keepalive(smbd_server_fd())) {
DEBUG( 2, ( "Keepalive failed - exiting.\n" ) );
return False;
}
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 81d3ef32b3..3ada28364b 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -40,7 +40,6 @@ extern BOOL short_case_preserve;
extern pstring sesssetup_user;
extern pstring global_myname;
extern fstring global_myworkgroup;
-extern int Client;
extern int global_oplock_break;
uint32 global_client_caps = 0;
unsigned int smb_echo_count = 0;
@@ -55,7 +54,7 @@ static void overflow_attack(int len)
dbgtext( "ERROR: Invalid password length %d.\n", len );
dbgtext( "Your machine may be under attack by someone " );
dbgtext( "attempting to exploit an old bug.\n" );
- dbgtext( "Attack was from IP = %s.\n", client_addr(Client) );
+ dbgtext( "Attack was from IP = %s.\n", client_addr() );
}
exit_server("possible attack");
}
@@ -2048,7 +2047,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
if(global_oplock_break)
{
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
DEBUG(5,("readbraw - oplock break finished\n"));
return -1;
}
@@ -2061,7 +2060,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
*/
DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
return(-1);
}
@@ -2088,7 +2087,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
return(-1);
}
@@ -2098,7 +2097,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n",
(double)startpos ));
_smb_setlen(header,0);
- transfer_file(0,Client,(SMB_OFF_T)0,header,4,0);
+ transfer_file(0,smbd_server_fd(),(SMB_OFF_T)0,header,4,0);
return(-1);
}
}
@@ -2167,7 +2166,7 @@ int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_s
if (ret < mincount) ret = 0;
_smb_setlen(header,ret);
- transfer_file(0,Client,0,header,4+ret,0);
+ transfer_file(0,smbd_server_fd(),0,header,4+ret,0);
#endif /* UNSAFE_READRAW */
DEBUG(5,("readbraw finished\n"));
@@ -2403,10 +2402,10 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size,
CVAL(outbuf,smb_com) = SMBwritebraw;
SSVALS(outbuf,smb_vwv0,-1);
outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
/* Now read the raw data into the buffer and write it */
- if (read_smb_length(Client,inbuf,SMB_SECONDARY_WAIT) == -1) {
+ if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
exit_server("secondary writebraw failed");
}
@@ -2419,7 +2418,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size,
(int)tcount,(int)nwritten,(int)numtowrite));
}
- nwritten = vfs_transfer_file(Client, NULL, -1, fsp,
+ nwritten = vfs_transfer_file(smbd_server_fd(), NULL, -1, fsp,
(SMB_OFF_T)numtowrite,NULL,0,
startpos+nwritten);
total_written += nwritten;
@@ -3002,7 +3001,7 @@ int reply_echo(connection_struct *conn,
smb_setlen(outbuf,outsize - 4);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
}
DEBUG(3,("echo %d times\n", smb_reverb));
@@ -4346,7 +4345,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,
SSVAL(outbuf,smb_vwv6,nread);
SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
total_read += nread;
startpos += nread;
@@ -4437,7 +4436,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size,
if (write_through && tcount==nwritten) {
/* we need to send both a primary and a secondary response */
smb_setlen(outbuf,outsize - 4);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
/* now the secondary */
outsize = set_message(outbuf,1,0,True);
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 401c236374..576f6d14d2 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -47,6 +47,26 @@ extern int dcelogin_atmost_once;
extern fstring remote_machine;
extern pstring OriginalDir;
+
+/* really we should have a top level context structure that has the
+ client file descriptor as an element. That would require a major rewrite :(
+
+ the following 2 functions are an alternative - they make the file
+ descriptor private to smbd
+ */
+static int server_fd;
+
+int smbd_server_fd(void)
+{
+ return server_fd;
+}
+
+void smbd_set_server_fd(int fd)
+{
+ server_fd = fd;
+ client_setfd(fd);
+}
+
/****************************************************************************
when exiting, take the whole family
****************************************************************************/
@@ -70,18 +90,16 @@ static void killkids(void)
****************************************************************************/
static BOOL open_sockets_inetd(void)
{
- extern int Client;
-
/* Started from inetd. fd 0 is the socket. */
/* We will abort gracefully when the client or remote system
goes away */
- Client = dup(0);
+ smbd_set_server_fd(dup(0));
/* close our standard file descriptors */
close_low_fds();
- set_socket_options(Client,"SO_KEEPALIVE");
- set_socket_options(Client,user_socket_options);
+ set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
+ set_socket_options(smbd_server_fd(),user_socket_options);
return True;
}
@@ -92,7 +110,6 @@ static BOOL open_sockets_inetd(void)
****************************************************************************/
static BOOL open_sockets(BOOL is_daemon,int port)
{
- extern int Client;
int num_interfaces = iface_count();
int fd_listenset[FD_SETSIZE];
fd_set listen_set;
@@ -211,18 +228,18 @@ max can be %d\n",
}
}
- Client = accept(s,&addr,&in_addrlen);
+ smbd_set_server_fd(accept(s,&addr,&in_addrlen));
- if (Client == -1 && errno == EINTR)
+ if (smbd_server_fd() == -1 && errno == EINTR)
continue;
- if (Client == -1) {
+ if (smbd_server_fd() == -1) {
DEBUG(0,("open_sockets: accept: %s\n",
strerror(errno)));
continue;
}
- if (Client != -1 && fork()==0) {
+ if (smbd_server_fd() != -1 && fork()==0) {
/* Child code ... */
/* close the listening socket(s) */
@@ -234,8 +251,8 @@ max can be %d\n",
close_low_fds();
am_parent = 0;
- set_socket_options(Client,"SO_KEEPALIVE");
- set_socket_options(Client,user_socket_options);
+ set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
+ set_socket_options(smbd_server_fd(),user_socket_options);
/* Reset global variables in util.c so
that client substitutions will be
@@ -252,7 +269,7 @@ max can be %d\n",
return True;
}
/* The parent doesn't need this socket */
- close(Client);
+ close(smbd_server_fd());
/* Force parent to check log size after
* spawning child. Fix from
@@ -320,10 +337,9 @@ BOOL reload_services(BOOL test)
load_interfaces();
{
- extern int Client;
- if (Client != -1) {
- set_socket_options(Client,"SO_KEEPALIVE");
- set_socket_options(Client,user_socket_options);
+ if (smbd_server_fd() != -1) {
+ set_socket_options(smbd_server_fd(),"SO_KEEPALIVE");
+ set_socket_options(smbd_server_fd(),user_socket_options);
}
}
@@ -776,7 +792,6 @@ static void usage(char *pname)
exit(1);
smbd_process();
- close_sockets();
exit_server("normal exit");
return(0);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 3abd55de0c..24ba79906b 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -195,7 +195,6 @@ connection_struct *make_connection(char *service,char *user,char *password, int
struct passwd *pass = NULL;
BOOL guest = False;
BOOL force = False;
- extern int Client;
connection_struct *conn;
int ret;
@@ -203,7 +202,6 @@ connection_struct *make_connection(char *service,char *user,char *password, int
snum = find_service(service);
if (snum < 0) {
- extern int Client;
if (strequal(service,"IPC$")) {
DEBUG(3,("refusing IPC connection\n"));
*ecode = ERRnoipc;
@@ -211,7 +209,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
}
DEBUG(0,("%s (%s) couldn't find service %s\n",
- remote_machine, client_addr(Client), service));
+ remote_machine, client_addr(), service));
*ecode = ERRinvnetname;
return NULL;
}
@@ -247,7 +245,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
}
if (!lp_snum_ok(snum) ||
- !check_access(Client,
+ !check_access(smbd_server_fd(),
lp_hostsallow(snum), lp_hostsdeny(snum))) {
*ecode = ERRaccess;
return NULL;
@@ -342,7 +340,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int
conn->vuid = vuid;
conn->uid = pass->pw_uid;
conn->gid = pass->pw_gid;
- safe_strcpy(conn->client_address, client_addr(Client), sizeof(conn->client_address)-1);
+ safe_strcpy(conn->client_address, client_addr(), sizeof(conn->client_address)-1);
conn->num_files_open = 0;
conn->lastused = time(NULL);
conn->service = snum;
diff --git a/source3/smbd/ssl.c b/source3/smbd/ssl.c
index be9aae7c5c..65d6532d48 100644
--- a/source3/smbd/ssl.c
+++ b/source3/smbd/ssl.c
@@ -248,20 +248,20 @@ char *reqHosts, *resignHosts;
reqHosts = lp_ssl_hosts();
resignHosts = lp_ssl_hosts_resign();
- if(!allow_access(resignHosts, reqHosts, client_name(fd), client_addr(fd))){
+ if(!allow_access(resignHosts, reqHosts, get_socket_name(fd), get_socket_addr(fd))){
sslEnabled = False;
return 0;
}
if(msg_type != 0x81){ /* first packet must be a session request */
DEBUG( 0, ( "Client %s did not use session setup; access denied\n",
- client_addr(fd) ) );
+ client_addr() ) );
send_smb(fd, (char *)buf);
return -1;
}
buf[4] = 0x8e; /* negative session response: use SSL */
send_smb(fd, (char *)buf);
if(sslutil_accept(fd) != 0){
- DEBUG( 0, ( "Client %s failed SSL negotiation!\n", client_addr(fd) ) );
+ DEBUG( 0, ( "Client %s failed SSL negotiation!\n", client_addr() ) );
return -1;
}
return 1;
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index f1fa30b0c6..2ca06ab746 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -27,7 +27,6 @@
extern int DEBUGLEVEL;
extern int Protocol;
extern BOOL case_sensitive;
-extern int Client;
extern int smb_read_error;
extern fstring local_machine;
extern int global_oplock_break;
@@ -66,7 +65,7 @@ static int send_trans2_replies(char *outbuf, int bufsize, char *params,
the empty packet */
if(params_to_send == 0 && data_to_send == 0)
{
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
return 0;
}
@@ -161,7 +160,7 @@ static int send_trans2_replies(char *outbuf, int bufsize, char *params,
params_to_send, data_to_send, paramsize, datasize));
/* Send the packet */
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
pp += params_sent_thistime;
pd += data_sent_thistime;
@@ -2288,7 +2287,7 @@ int reply_trans2(connection_struct *conn,
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
outsize = set_message(outbuf,0,0,True);
- send_smb(Client,outbuf);
+ send_smb(smbd_server_fd(),outbuf);
while (num_data_sofar < total_data ||
num_params_sofar < total_params) {
diff --git a/source3/web/cgi.c b/source3/web/cgi.c
index b33feb30c2..ea73a0f1a7 100644
--- a/source3/web/cgi.c
+++ b/source3/web/cgi.c
@@ -504,7 +504,7 @@ void cgi_setup(char *rootdir, int auth_required)
f = sys_fopen("/tmp/cgi.log", "a");
if (f) fprintf(f,"\n[Date: %s %s (%s)]\n",
http_timestring(time(NULL)),
- client_name(1), client_addr(1));
+ get_socket_name(1), get_socket_addr(1));
#endif
/* we are a mini-web server. We need to read the request from stdin
@@ -604,7 +604,7 @@ return the hostname of the client
char *cgi_remote_host(void)
{
if (inetd_server) {
- return client_name(1);
+ return get_socket_name(1);
}
return getenv("REMOTE_HOST");
}
@@ -615,7 +615,7 @@ return the hostname of the client
char *cgi_remote_addr(void)
{
if (inetd_server) {
- return client_addr(1);
+ return get_socket_addr(1);
}
return getenv("REMOTE_ADDR");
}