diff options
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/aio.c | 156 | ||||
| -rw-r--r-- | source3/smbd/blocking.c | 7 | ||||
| -rw-r--r-- | source3/smbd/dnsregister.c | 208 | ||||
| -rw-r--r-- | source3/smbd/file_access.c | 11 | ||||
| -rw-r--r-- | source3/smbd/filename.c | 30 | ||||
| -rw-r--r-- | source3/smbd/globals.c | 15 | ||||
| -rw-r--r-- | source3/smbd/globals.h | 12 | ||||
| -rw-r--r-- | source3/smbd/ipc.c | 148 | ||||
| -rw-r--r-- | source3/smbd/lanman.c | 218 | ||||
| -rw-r--r-- | source3/smbd/mangle_hash.c | 2 | ||||
| -rw-r--r-- | source3/smbd/mangle_hash2.c | 2 | ||||
| -rw-r--r-- | source3/smbd/negprot.c | 2 | ||||
| -rw-r--r-- | source3/smbd/nttrans.c | 4 | ||||
| -rw-r--r-- | source3/smbd/open.c | 70 | ||||
| -rw-r--r-- | source3/smbd/oplock.c | 64 | ||||
| -rw-r--r-- | source3/smbd/oplock_irix.c | 15 | ||||
| -rw-r--r-- | source3/smbd/oplock_linux.c | 66 | ||||
| -rw-r--r-- | source3/smbd/pipes.c | 247 | ||||
| -rw-r--r-- | source3/smbd/posix_acls.c | 560 | ||||
| -rw-r--r-- | source3/smbd/process.c | 396 | ||||
| -rw-r--r-- | source3/smbd/reply.c | 55 | ||||
| -rw-r--r-- | source3/smbd/server.c | 821 | ||||
| -rw-r--r-- | source3/smbd/sesssetup.c | 4 | ||||
| -rw-r--r-- | source3/smbd/trans2.c | 52 |
24 files changed, 1694 insertions, 1471 deletions
diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c index 54ae45a789..64d512d675 100644 --- a/source3/smbd/aio.c +++ b/source3/smbd/aio.c @@ -109,58 +109,6 @@ static struct aio_extra *find_aio_ex(uint16 mid) *****************************************************************************/ /**************************************************************************** - Signal handler when an aio request completes. -*****************************************************************************/ - -void aio_request_done(uint16_t mid) -{ - if (aio_signals_received < aio_pending_size) { - aio_pending_array[aio_signals_received] = mid; - aio_signals_received++; - } - /* Else signal is lost. */ -} - -static void signal_handler(int sig, siginfo_t *info, void *unused) -{ - aio_request_done(info->si_value.sival_int); - sys_select_signal(RT_SIGNAL_AIO); -} - -/**************************************************************************** - Is there a signal waiting ? -*****************************************************************************/ - -bool aio_finished(void) -{ - return (aio_signals_received != 0); -} - -/**************************************************************************** - Initialize the signal handler for aio read/write. -*****************************************************************************/ - -void initialize_async_io_handler(void) -{ - struct sigaction act; - - aio_pending_size = lp_maxmux(); - aio_pending_array = SMB_MALLOC_ARRAY(uint16, aio_pending_size); - SMB_ASSERT(aio_pending_array != NULL); - - ZERO_STRUCT(act); - act.sa_sigaction = signal_handler; - act.sa_flags = SA_SIGINFO; - sigemptyset( &act.sa_mask ); - if (sigaction(RT_SIGNAL_AIO, &act, NULL) != 0) { - DEBUG(0,("Failed to setup RT_SIGNAL_AIO handler\n")); - } - - /* the signal can start off blocked due to a bug in bash */ - BlockSignals(False, RT_SIGNAL_AIO); -} - -/**************************************************************************** Set up an aio request from a SMBreadX call. *****************************************************************************/ @@ -193,8 +141,7 @@ bool schedule_aio_read_and_X(connection_struct *conn, /* Only do this on non-chained and non-chaining reads not using the * write cache. */ - if (chain_size !=0 || (CVAL(req->vwv+0, 0) != 0xFF) - || (lp_write_cache_size(SNUM(conn)) != 0) ) { + if (req_is_in_chain(req) || (lp_write_cache_size(SNUM(conn)) != 0)) { return False; } @@ -290,8 +237,7 @@ bool schedule_aio_write_and_X(connection_struct *conn, /* Only do this on non-chained and non-chaining reads not using the * write cache. */ - if (chain_size !=0 || (CVAL(req->vwv+0, 0) != 0xFF) - || (lp_write_cache_size(SNUM(conn)) != 0) ) { + if (req_is_in_chain(req) || (lp_write_cache_size(SNUM(conn)) != 0)) { return False; } @@ -573,57 +519,47 @@ static bool handle_aio_completed(struct aio_extra *aio_ex, int *perr) Returns non-zero errno if fail or zero if all ok. *****************************************************************************/ -int process_aio_queue(void) +void smbd_aio_complete_mid(unsigned int mid) { - int i; + files_struct *fsp = NULL; + struct aio_extra *aio_ex = find_aio_ex(mid); int ret = 0; - BlockSignals(True, RT_SIGNAL_AIO); - - DEBUG(10,("process_aio_queue: signals_received = %d\n", - (int)aio_signals_received)); - DEBUG(10,("process_aio_queue: outstanding_aio_calls = %d\n", - outstanding_aio_calls)); + DEBUG(10,("smbd_aio_complete_mid: mid[%u]\n", mid)); - if (!aio_signals_received) { - BlockSignals(False, RT_SIGNAL_AIO); - return 0; + if (!aio_ex) { + DEBUG(3,("smbd_aio_complete_mid: Can't find record to " + "match mid %u.\n", mid)); + srv_cancel_sign_response(mid); + return; } - /* Drain all the complete aio_reads. */ - for (i = 0; i < aio_signals_received; i++) { - uint16 mid = aio_pending_array[i]; - files_struct *fsp = NULL; - struct aio_extra *aio_ex = find_aio_ex(mid); - - if (!aio_ex) { - DEBUG(3,("process_aio_queue: Can't find record to " - "match mid %u.\n", (unsigned int)mid)); - srv_cancel_sign_response(mid); - continue; - } + fsp = aio_ex->fsp; + if (fsp == NULL) { + /* file was closed whilst I/O was outstanding. Just + * ignore. */ + DEBUG( 3,( "smbd_aio_complete_mid: file closed whilst " + "aio outstanding (mid[%u]).\n", mid)); + srv_cancel_sign_response(mid); + return; + } - fsp = aio_ex->fsp; - if (fsp == NULL) { - /* file was closed whilst I/O was outstanding. Just - * ignore. */ - DEBUG( 3,( "process_aio_queue: file closed whilst " - "aio outstanding.\n")); - srv_cancel_sign_response(mid); - continue; - } + if (!handle_aio_completed(aio_ex, &ret)) { + return; + } - if (!handle_aio_completed(aio_ex, &ret)) { - continue; - } + TALLOC_FREE(aio_ex); +} - TALLOC_FREE(aio_ex); - } +static void smbd_aio_signal_handler(struct tevent_context *ev_ctx, + struct tevent_signal *se, + int signum, int count, + void *_info, void *private_data) +{ + siginfo_t *info = (siginfo_t *)_info; + unsigned int mid = (unsigned int)info->si_value.sival_int; - outstanding_aio_calls -= aio_signals_received; - aio_signals_received = 0; - BlockSignals(False, RT_SIGNAL_AIO); - return ret; + smbd_aio_complete_mid(mid); } /**************************************************************************** @@ -755,19 +691,28 @@ void cancel_aio_by_fsp(files_struct *fsp) } } -#else -bool aio_finished(void) -{ - return False; -} +/**************************************************************************** + Initialize the signal handler for aio read/write. +*****************************************************************************/ void initialize_async_io_handler(void) { + aio_signal_event = tevent_add_signal(smbd_event_context(), + smbd_event_context(), + RT_SIGNAL_AIO, SA_SIGINFO, + smbd_aio_signal_handler, + NULL); + if (!aio_signal_event) { + exit_server("Failed to setup RT_SIGNAL_AIO handler"); + } + + /* tevent supports 100 signal with SA_SIGINFO */ + aio_pending_size = 100; } -int process_aio_queue(void) +#else +void initialize_async_io_handler(void) { - return False; } bool schedule_aio_read_and_X(connection_struct *conn, @@ -795,4 +740,7 @@ int wait_for_aio_completion(files_struct *fsp) { return ENOSYS; } + +void smbd_aio_complete_mid(unsigned int mid); + #endif diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c index 9936fb219f..ac1ff00858 100644 --- a/source3/smbd/blocking.c +++ b/source3/smbd/blocking.c @@ -47,11 +47,6 @@ typedef struct blocking_lock_record { Determine if this is a secondary element of a chained SMB. **************************************************************************/ -static bool in_chained_smb(void) -{ - return (chain_size != 0); -} - static void received_unlock_msg(struct messaging_context *msg, void *private_data, uint32_t msg_type, @@ -144,7 +139,7 @@ bool push_blocking_lock_request( struct byte_range_lock *br_lck, blocking_lock_record *blr; NTSTATUS status; - if(in_chained_smb() ) { + if(req_is_in_chain(req)) { DEBUG(0,("push_blocking_lock_request: cannot queue a chained request (currently).\n")); return False; } diff --git a/source3/smbd/dnsregister.c b/source3/smbd/dnsregister.c index c092251fee..2fd95f9fb7 100644 --- a/source3/smbd/dnsregister.c +++ b/source3/smbd/dnsregister.c @@ -35,18 +35,16 @@ #include <dns_sd.h> struct dns_reg_state { + struct tevent_context *event_ctx; + uint16_t port; DNSServiceRef srv_ref; - struct timed_event *retry_handler; + struct tevent_timer *te; + int fd; + struct tevent_fd *fde; }; -void dns_register_close(struct dns_reg_state **dns_state_ptr) +static int dns_reg_state_destructor(struct dns_reg_state *dns_state) { - struct dns_reg_state *dns_state = *dns_state_ptr; - - if (dns_state == NULL) { - return; - } - if (dns_state->srv_ref != NULL) { /* Close connection to the mDNS daemon */ DNSServiceRefDeallocate(dns_state->srv_ref); @@ -54,81 +52,52 @@ void dns_register_close(struct dns_reg_state **dns_state_ptr) } /* Clear event handler */ - if (dns_state->retry_handler != NULL) { - TALLOC_FREE(dns_state->retry_handler); - dns_state->retry_handler = NULL; - } + TALLOC_FREE(dns_state->te); + TALLOC_FREE(dns_state->fde); + dns_state->fd = -1; - talloc_free(dns_state); - *dns_state_ptr = NULL; + return 0; } -static void dns_register_smbd_retry(struct event_context *ctx, - struct timed_event *te, - const struct timeval *now, - void *private_data) +static void dns_register_smbd_retry(struct tevent_context *ctx, + struct tevent_timer *te, + struct timeval now, + void *private_data); +static void dns_register_smbd_fde_handler(struct tevent_context *ev, + struct tevent_fd *fde, + uint16_t flags, + void *private_data); + +static bool dns_register_smbd_schedule(struct dns_reg_state *dns_state, + struct timeval tval) { - struct dns_reg_state *dns_state = (struct dns_reg_state *)private_data; - - /* Clear previous registration state to force new - * registration attempt. Clears event handler. - */ - dns_register_close(&dns_state); -} - -static void schedule_dns_register_smbd_retry(struct dns_reg_state *dns_state, - struct timeval *timeout) -{ - struct timed_event * event; - - dns_state->srv_ref = NULL; - event= event_add_timed(smbd_event_context(), - NULL, - timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0), - dns_register_smbd_retry, - dns_state); + dns_reg_state_destructor(dns_state); + + dns_state->te = tevent_add_timer(dns_state->event_ctx, + dns_state, + tval, + dns_register_smbd_retry, + dns_state); + if (!dns_state->te) { + return false; + } - dns_state->retry_handler = event; - get_timed_events_timeout(smbd_event_context(), timeout); + return true; } -/* Kick off a mDNS request to register the "_smb._tcp" on the specified port. - * We really ought to register on all the ports we are listening on. This will - * have to be an exercise for some-one who knows the DNS registration API a bit - * better. - */ -void dns_register_smbd(struct dns_reg_state ** dns_state_ptr, - unsigned port, - int *maxfd, - fd_set *listen_set, - struct timeval *timeout) +static void dns_register_smbd_retry(struct tevent_context *ctx, + struct tevent_timer *te, + struct timeval now, + void *private_data) { - int mdnsd_conn_fd; + struct dns_reg_state *dns_state = talloc_get_type_abort(private_data, + struct dns_reg_state); DNSServiceErrorType err; - struct dns_reg_state *dns_state = *dns_state_ptr; - - if (dns_state == NULL) { - *dns_state_ptr = dns_state = talloc(NULL, struct dns_reg_state); - if (dns_state == NULL) { - return; - } - } - - /* Quit if a re-try attempt has been scheduled. */ - if (dns_state->retry_handler != NULL) { - return; - } - /* If a registration is active add conn - * fd to select listen_set and return - */ - if (dns_state->srv_ref != NULL) { - mdnsd_conn_fd = DNSServiceRefSockFD(dns_state->srv_ref); - FD_SET(mdnsd_conn_fd, listen_set); - return; - } + dns_reg_state_destructor(dns_state); - DEBUG(6, ("registering _smb._tcp service on port %d\n", port)); + DEBUG(6, ("registering _smb._tcp service on port %d\n", + dns_state->port)); /* Register service with DNS. Connects with the mDNS * daemon running on the local system to perform DNS @@ -140,7 +109,7 @@ void dns_register_smbd(struct dns_reg_state ** dns_state_ptr, "_smb._tcp" /* service type */, NULL /* domain */, "" /* SRV target host name */, - htons(port), + htons(dns_state->port), 0 /* TXT record len */, NULL /* TXT record data */, NULL /* callback func */, @@ -150,62 +119,81 @@ void dns_register_smbd(struct dns_reg_state ** dns_state_ptr, /* Failed to register service. Schedule a re-try attempt. */ DEBUG(3, ("unable to register with mDNS (err %d)\n", err)); - schedule_dns_register_smbd_retry(dns_state, timeout); - return; + goto retry; + } + + dns_state->fd = DNSServiceRefSockFD(dns_state->srv_ref); + if (dns_state->fd == -1) { + goto retry; } - mdnsd_conn_fd = DNSServiceRefSockFD(dns_state->srv_ref); - FD_SET(mdnsd_conn_fd, listen_set); - *maxfd = MAX(*maxfd, mdnsd_conn_fd); - *timeout = timeval_zero(); + dns_state->fde = tevent_add_fd(dns_state->event_ctx, + dns_state, + dns_state->fd, + TEVENT_FD_READ, + dns_register_smbd_fde_handler, + dns_state); + if (!dns_state->fde) { + goto retry; + } + return; + retry: + dns_register_smbd_schedule(dns_state, + timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0)); } /* Processes reply from mDNS daemon. Returns true if a reply was received */ -bool dns_register_smbd_reply(struct dns_reg_state *dns_state, - fd_set *lfds, struct timeval *timeout) +static void dns_register_smbd_fde_handler(struct tevent_context *ev, + struct tevent_fd *fde, + uint16_t flags, + void *private_data) { - int mdnsd_conn_fd = -1; + struct dns_reg_state *dns_state = talloc_get_type_abort(private_data, + struct dns_reg_state); + DNSServiceErrorType err; - if (dns_state->srv_ref == NULL) { - return false; + err = DNSServiceProcessResult(dns_state->srv_ref); + if (err != kDNSServiceErr_NoError) { + DEBUG(3, ("failed to process mDNS result (err %d), re-trying\n", + err)); + goto retry; } - mdnsd_conn_fd = DNSServiceRefSockFD(dns_state->srv_ref); + talloc_free(dns_state); + return; - /* Process reply from daemon. Handles any errors. */ - if ((mdnsd_conn_fd != -1) && (FD_ISSET(mdnsd_conn_fd,lfds)) ) { - DNSServiceErrorType err; - - err = DNSServiceProcessResult(dns_state->srv_ref); - if (err != kDNSServiceErr_NoError) { - DEBUG(3, ("failed to process mDNS result (err %d), re-trying\n", - err)); - schedule_dns_register_smbd_retry(dns_state, timeout); - } + retry: + dns_register_smbd_schedule(dns_state, + timeval_current_ofs(DNS_REG_RETRY_INTERVAL, 0)); +} - return true; +bool smbd_setup_mdns_registration(struct tevent_context *ev, + TALLOC_CTX *mem_ctx, + uint16_t port) +{ + struct dns_reg_state *dns_state; + + dns_state = talloc_zero(mem_ctx, struct dns_reg_state); + if (dns_state == NULL) { + return false; } + dns_state->event_ctx = ev; + dns_state->port = port; + dns_state->fd = -1; + + talloc_set_destructor(dns_state, dns_reg_state_destructor); - return false; + return dns_register_smbd_schedule(dns_state, timeval_zero()); } #else /* WITH_DNSSD_SUPPORT */ - void dns_register_smbd(struct dns_reg_state ** dns_state_ptr, - unsigned port, - int *maxfd, - fd_set *listen_set, - struct timeval *timeout) -{} - - void dns_register_close(struct dns_reg_state ** dns_state_ptr) -{} - - bool dns_register_smbd_reply(struct dns_reg_state *dns_state, - fd_set *lfds, struct timeval *timeout) +bool smbd_setup_mdns_registration(struct tevent_context *ev, + TALLOC_CTX *mem_ctx, + uint16_t port) { - return false; + return true; } #endif /* WITH_DNSSD_SUPPORT */ diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c index d44e63a89a..fe7ba1cc46 100644 --- a/source3/smbd/file_access.c +++ b/source3/smbd/file_access.c @@ -113,16 +113,11 @@ bool can_delete_file_in_directory(connection_struct *conn, const char *fname) * having the DELETE bit on the file itself and second if that does * not help, by the DELETE_CHILD bit on the containing directory. * - * Here we check the other way round because with just posix - * permissions looking at the file itself will never grant DELETE, so - * by looking at the directory first we save one get_acl call. + * Here we only check the directory permissions, we will + * check the file DELETE permission separately. */ - if (can_access_file_acl(conn, dname, FILE_DELETE_CHILD)) { - return true; - } - - return can_access_file_acl(conn, fname, DELETE_ACCESS); + return can_access_file_acl(conn, dname, FILE_DELETE_CHILD); } /**************************************************************************** diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c index d240ecfa64..003cb0ffd4 100644 --- a/source3/smbd/filename.c +++ b/source3/smbd/filename.c @@ -126,7 +126,9 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, char *stream = NULL; bool component_was_mangled = False; bool name_has_wildcard = False; + bool posix_pathnames = false; NTSTATUS result; + int ret = -1; SET_STAT_INVALID(*pst); *pp_conv_path = NULL; @@ -225,7 +227,9 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, } } - if (!lp_posix_pathnames()) { + posix_pathnames = lp_posix_pathnames(); + + if (!posix_pathnames) { stream = strchr_m(name, ':'); if (stream != NULL) { @@ -268,7 +272,13 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, * stat the name - if it exists then we are all done! */ - if (SMB_VFS_STAT(conn,name,&st) == 0) { + if (posix_pathnames) { + ret = SMB_VFS_LSTAT(conn,name,&st); + } else { + ret = SMB_VFS_STAT(conn,name,&st); + } + + if (ret == 0) { /* Ensure we catch all names with in "/." this is disallowed under Windows. */ const char *p = strstr(name, "/."); /* mb safe. */ @@ -380,7 +390,13 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, * Check if the name exists up to this point. */ - if (SMB_VFS_STAT(conn,name, &st) == 0) { + if (posix_pathnames) { + ret = SMB_VFS_LSTAT(conn,name, &st); + } else { + ret = SMB_VFS_STAT(conn,name, &st); + } + + if (ret == 0) { /* * It exists. it must either be a directory or this must * be the last part of the path for it to be OK. @@ -598,7 +614,13 @@ NTSTATUS unix_convert(TALLOC_CTX *ctx, * if it exists. JRA. */ - if (SMB_VFS_STAT(conn,name, &st) == 0) { + if (posix_pathnames) { + ret = SMB_VFS_LSTAT(conn,name, &st); + } else { + ret = SMB_VFS_STAT(conn,name, &st); + } + + if (ret == 0) { *pst = st; } else { SET_STAT_INVALID(st); diff --git a/source3/smbd/globals.c b/source3/smbd/globals.c index c5681223f9..3f8cb411e5 100644 --- a/source3/smbd/globals.c +++ b/source3/smbd/globals.c @@ -22,10 +22,9 @@ #if defined(WITH_AIO) struct aio_extra *aio_list_head = NULL; +struct tevent_signal *aio_signal_event = NULL; int aio_pending_size = 0; -sig_atomic_t aio_signals_received = 0; int outstanding_aio_calls = 0; -uint16 *aio_pending_array = NULL; #endif /* dlink list we store pending lock records on. */ @@ -125,8 +124,6 @@ int max_send = BUFFER_SIZE; * Can be modified by the max xmit parameter. */ int max_recv = BUFFER_SIZE; -SIG_ATOMIC_T reload_after_sighup = 0; -SIG_ATOMIC_T got_sig_term = 0; uint16 last_session_tag = UID_FIELD_INVALID; int trans_num = 0; char *orig_inbuf = NULL; @@ -172,11 +169,6 @@ struct vfs_init_function_entry *backends = NULL; char *sparse_buf = NULL; char *LastDir = NULL; -#if HAVE_KERNEL_OPLOCKS_LINUX -SIG_ATOMIC_T oplock_signals_received = 0; -SIG_ATOMIC_T fd_pending_array[FD_PENDING_SIZE]; -#endif - /* Current number of oplocks we have outstanding. */ int32_t exclusive_oplocks_open = 0; int32_t level_II_oplocks_open = 0; @@ -186,7 +178,6 @@ struct kernel_oplocks *koplocks = NULL; struct notify_mid_map *notify_changes_by_mid = NULL; int am_parent = 1; -SIG_ATOMIC_T got_sig_cld = 0; int server_fd = -1; struct event_context *smbd_event_ctx = NULL; struct messaging_context *smbd_msg_ctx = NULL; @@ -205,8 +196,4 @@ void smbd_init_globals(void) ZERO_STRUCT(conn_ctx_stack); ZERO_STRUCT(sec_ctx_stack); - -#if HAVE_KERNEL_OPLOCKS_LINUX - ZERO_STRUCT(fd_pending_array); -#endif } diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h index 2c4f8b5821..6ac92ed3dd 100644 --- a/source3/smbd/globals.h +++ b/source3/smbd/globals.h @@ -20,10 +20,9 @@ #if defined(WITH_AIO) struct aio_extra; extern struct aio_extra *aio_list_head; +extern struct tevent_signal *aio_signal_event; extern int aio_pending_size; -extern sig_atomic_t aio_signals_received; extern int outstanding_aio_calls; -extern uint16_t *aio_pending_array; #endif /* dlink list we store pending lock records on. */ @@ -124,8 +123,6 @@ extern int max_send; * Can be modified by the max xmit parameter. */ extern int max_recv; -extern SIG_ATOMIC_T reload_after_sighup; -extern SIG_ATOMIC_T got_sig_term; extern uint16 last_session_tag; extern int trans_num; extern char *orig_inbuf; @@ -184,12 +181,6 @@ extern struct vfs_init_function_entry *backends; extern char *sparse_buf; extern char *LastDir; -#if HAVE_KERNEL_OPLOCKS_LINUX -extern SIG_ATOMIC_T oplock_signals_received; -#define FD_PENDING_SIZE 100 -extern SIG_ATOMIC_T fd_pending_array[FD_PENDING_SIZE]; -#endif - /* Current number of oplocks we have outstanding. */ extern int32_t exclusive_oplocks_open; extern int32_t level_II_oplocks_open; @@ -199,7 +190,6 @@ extern struct kernel_oplocks *koplocks; extern struct notify_mid_map *notify_changes_by_mid; extern int am_parent; -extern SIG_ATOMIC_T got_sig_cld; extern int server_fd; extern struct event_context *smbd_event_ctx; extern struct messaging_context *smbd_msg_ctx; diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 7c150561b1..9c7528dfa7 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -204,40 +204,137 @@ void send_trans_reply(connection_struct *conn, Start the first part of an RPC reply which began with an SMBtrans request. ****************************************************************************/ -static void api_rpc_trans_reply(connection_struct *conn, - struct smb_request *req, - files_struct *fsp, - int max_trans_reply) +struct dcerpc_cmd_state { + struct fake_file_handle *handle; + uint8_t *data; + size_t num_data; + size_t max_read; +}; + +static void api_dcerpc_cmd_write_done(struct async_req *subreq); +static void api_dcerpc_cmd_read_done(struct async_req *subreq); + +static void api_dcerpc_cmd(connection_struct *conn, struct smb_request *req, + files_struct *fsp, uint8_t *data, size_t length, + size_t max_read) { - bool is_data_outstanding; - uint8_t *rdata = SMB_MALLOC_ARRAY(uint8_t, max_trans_reply); - ssize_t data_len; - NTSTATUS status; + struct async_req *subreq; + struct dcerpc_cmd_state *state; + + if (!fsp_is_np(fsp)) { + api_no_reply(conn, req); + return; + } - if(rdata == NULL) { - DEBUG(0,("api_rpc_trans_reply: malloc fail.\n")); + state = talloc(req, struct dcerpc_cmd_state); + if (state == NULL) { reply_nterror(req, NT_STATUS_NO_MEMORY); return; } + req->async_priv = state; - if (!fsp_is_np(fsp)) { - SAFE_FREE(rdata); - api_no_reply(conn,req); + state->handle = fsp->fake_file_handle; + + /* + * This memdup severely sucks. But doing it properly essentially means + * to rewrite lanman.c, something which I don't really want to do now. + */ + state->data = (uint8_t *)talloc_memdup(state, data, length); + if (state->data == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); return; } + state->num_data = length; + state->max_read = max_read; + + subreq = np_write_send(state, smbd_event_context(), state->handle, + state->data, length); + if (subreq == NULL) { + TALLOC_FREE(state); + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + subreq->async.fn = api_dcerpc_cmd_write_done; + subreq->async.priv = talloc_move(conn, &req); +} + +static void api_dcerpc_cmd_write_done(struct async_req *subreq) +{ + struct smb_request *req = talloc_get_type_abort( + subreq->async.priv, struct smb_request); + struct dcerpc_cmd_state *state = talloc_get_type_abort( + req->async_priv, struct dcerpc_cmd_state); + NTSTATUS status; + ssize_t nwritten = -1; + + status = np_write_recv(subreq, &nwritten); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status) || (nwritten != state->num_data)) { + DEBUG(10, ("Could not write to pipe: %s (%d/%d)\n", + nt_errstr(status), (int)state->num_data, + (int)nwritten)); + reply_nterror(req, NT_STATUS_PIPE_NOT_AVAILABLE); + goto send; + } + + state->data = TALLOC_REALLOC_ARRAY(state, state->data, uint8_t, + state->max_read); + if (state->data == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + goto send; + } + + subreq = np_read_send(req->conn, smbd_event_context(), + state->handle, state->data, state->max_read); + if (subreq == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + goto send; + } + + subreq->async.fn = api_dcerpc_cmd_read_done; + subreq->async.priv = req; + return; + + send: + if (!srv_send_smb( + smbd_server_fd(), (char *)req->outbuf, + IS_CONN_ENCRYPTED(req->conn) || req->encrypted)) { + exit_server_cleanly("construct_reply: srv_send_smb failed."); + } + TALLOC_FREE(req); +} + +static void api_dcerpc_cmd_read_done(struct async_req *subreq) +{ + struct smb_request *req = talloc_get_type_abort( + subreq->async.priv, struct smb_request); + struct dcerpc_cmd_state *state = talloc_get_type_abort( + req->async_priv, struct dcerpc_cmd_state); + NTSTATUS status; + ssize_t nread; + bool is_data_outstanding; + + status = np_read_recv(subreq, &nread, &is_data_outstanding); + TALLOC_FREE(subreq); - status = np_read(fsp->fake_file_handle, rdata, max_trans_reply, - &data_len, &is_data_outstanding); if (!NT_STATUS_IS_OK(status)) { - SAFE_FREE(rdata); - api_no_reply(conn,req); + DEBUG(10, ("Could not read from to pipe: %s\n", + nt_errstr(status))); + reply_nterror(req, status); + + if (!srv_send_smb(smbd_server_fd(), (char *)req->outbuf, + IS_CONN_ENCRYPTED(req->conn) + ||req->encrypted)) { + exit_server_cleanly("construct_reply: srv_send_smb " + "failed."); + } + TALLOC_FREE(req); return; } - send_trans_reply(conn, req, NULL, 0, (char *)rdata, data_len, + send_trans_reply(req->conn, req, NULL, 0, (char *)state->data, nread, is_data_outstanding); - SAFE_FREE(rdata); - return; + TALLOC_FREE(req); } /**************************************************************************** @@ -310,7 +407,6 @@ static void api_fd_reply(connection_struct *conn, uint16 vuid, struct files_struct *fsp; int pnum; int subcommand; - NTSTATUS status; DEBUG(5,("api_fd_reply\n")); @@ -360,14 +456,8 @@ static void api_fd_reply(connection_struct *conn, uint16 vuid, switch (subcommand) { case TRANSACT_DCERPCCMD: { /* dce/rpc command */ - ssize_t nwritten; - status = np_write(fsp->fake_file_handle, data, tdscnt, - &nwritten); - if (!NT_STATUS_IS_OK(status)) { - api_no_reply(conn, req); - return; - } - api_rpc_trans_reply(conn, req, fsp, mdrcnt); + api_dcerpc_cmd(conn, req, fsp, (uint8_t *)data, tdscnt, + mdrcnt); break; } case TRANSACT_WAITNAMEDPIPEHANDLESTATE: diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index c8e35783c0..4807e62436 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -6,17 +6,17 @@ SMB Version handling Copyright (C) John H Terpstra 1995-1998 - + This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. - + This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - + You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ @@ -876,9 +876,9 @@ static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, /* remove any trailing username */ if ((p = strchr_m(QueueName,'%'))) *p = 0; - + DEBUG(3,("api_DosPrintQGetInfo uLevel=%d name=%s\n",uLevel,QueueName)); - + /* check it's a supported varient */ if (!prefix_ok(str1,"zWrLh")) return False; @@ -899,11 +899,11 @@ static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, SSVAL(*rparam,4,0); return(True); } - + snum = find_service(QueueName); if ( !(lp_snum_ok(snum) && lp_print_ok(snum)) ) return False; - + if (uLevel==52) { count = get_printerdrivernumber(snum); DEBUG(3,("api_DosPrintQGetInfo: Driver files count: %d\n",count)); @@ -934,7 +934,7 @@ static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, } *rdata_len = desc.usedlen; - + /* * We must set the return code to ERRbuftoosmall * in order to support lanman style printing with Win NT/2k @@ -942,7 +942,7 @@ static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, */ if (!mdrcnt && lp_disable_spoolss()) desc.errcode = ERRbuftoosmall; - + *rdata_len = desc.usedlen; *rparam_len = 6; *rparam = smb_realloc_limit(*rparam,*rparam_len); @@ -954,7 +954,7 @@ static bool api_DosPrintQGetInfo(connection_struct *conn, uint16 vuid, SSVALS(*rparam,0,desc.errcode); SSVAL(*rparam,2,0); SSVAL(*rparam,4,desc.neededlen); - + DEBUG(4,("printqgetinfo: errorcode %d\n",desc.errcode)); SAFE_FREE(queue); @@ -986,7 +986,7 @@ static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, print_status_struct *status = NULL; int *subcntarr = NULL; int queuecnt = 0, subcnt = 0, succnt = 0; - + if (!param_format || !output_format1 || !p) { return False; } @@ -994,7 +994,7 @@ static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, memset((char *)&desc,'\0',sizeof(desc)); DEBUG(3,("DosPrintQEnum uLevel=%d\n",uLevel)); - + if (!prefix_ok(param_format,"WrLeh")) { return False; } @@ -1071,7 +1071,7 @@ static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, } SAFE_FREE(subcntarr); - + *rdata_len = desc.usedlen; *rparam_len = 8; *rparam = smb_realloc_limit(*rparam,*rparam_len); @@ -1082,7 +1082,7 @@ static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, SSVAL(*rparam,2,0); SSVAL(*rparam,4,succnt); SSVAL(*rparam,6,queuecnt); - + for (i = 0; i < queuecnt; i++) { if (queue) { SAFE_FREE(queue[i]); @@ -1091,7 +1091,7 @@ static bool api_DosPrintQEnum(connection_struct *conn, uint16 vuid, SAFE_FREE(queue); SAFE_FREE(status); - + return True; err: @@ -1248,11 +1248,11 @@ static int get_server_info(uint32 servertype, DEBUG(4,("s: dom mismatch ")); ok = False; } - + if (!strequal(domain, s->domain) && !(servertype & SV_TYPE_DOMAIN_ENUM)) { ok = False; } - + /* We should never return a server type with a SV_TYPE_LOCAL_LIST_ONLY set. */ s->type &= ~SV_TYPE_LOCAL_LIST_ONLY; @@ -1266,7 +1266,7 @@ static int get_server_info(uint32 servertype, s->name, s->type, s->comment, s->domain)); } } - + TALLOC_FREE(lines); return count; } @@ -1284,7 +1284,7 @@ static int fill_srv_info(struct srv_info_struct *service, char* p2; int l2; int len; - + switch (uLevel) { case 0: struct_len = 16; @@ -1295,7 +1295,7 @@ static int fill_srv_info(struct srv_info_struct *service, default: return -1; } - + if (!buf) { len = 0; switch (uLevel) { @@ -1308,7 +1308,7 @@ static int fill_srv_info(struct srv_info_struct *service, *stringspace = len; return struct_len + len; } - + len = struct_len; p = *buf; if (*buflen < struct_len) { @@ -1324,7 +1324,7 @@ static int fill_srv_info(struct srv_info_struct *service, if (!baseaddr) { baseaddr = p; } - + switch (uLevel) { case 0: push_ascii(p,service->name, MAX_NETBIOSNAME_LEN, STR_TERMINATE); @@ -1416,7 +1416,7 @@ static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid, if (!check_server_info(uLevel,str2)) { return False; } - + DEBUG(4, ("server request level: %s %8x ", str2, servertype)); DEBUG(4, ("domains_req:%s ", BOOLSTR(domain_request))); DEBUG(4, ("local_only:%s\n", BOOLSTR(local_request))); @@ -1454,7 +1454,7 @@ static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid, data_len += fill_srv_info(s,uLevel,0,&f_len,0,&s_len,0); DEBUG(4,("fill_srv_info %20s %8x %25s %15s\n", s->name, s->type, s->comment, s->domain)); - + if (data_len <= buf_len) { counted++; fixed_len += f_len; @@ -1470,7 +1470,7 @@ static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid, if (!*rdata) { return False; } - + p2 = (*rdata) + fixed_len; /* auxilliary data (strings) will go here */ p = *rdata; f_len = fixed_len; @@ -1493,7 +1493,7 @@ static bool api_RNetServerEnum(connection_struct *conn, uint16 vuid, count2--; } } - + *rparam_len = 8; *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { @@ -1540,9 +1540,9 @@ static bool api_RNetGroupGetUsers(connection_struct *conn, uint16 vuid, if (!prefix_ok(str1,"zWrLeh")) { return False; } - + *rdata_len = 0; - + *rparam_len = 8; *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { @@ -1599,7 +1599,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, char* p2; int l2; int len; - + switch( uLevel ) { case 0: struct_len = 13; @@ -1616,8 +1616,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, default: return -1; } - - + if (!buf) { len = 0; @@ -1635,7 +1634,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, } return struct_len + len; } - + len = struct_len; p = *buf; if ((*buflen) < struct_len) { @@ -1653,9 +1652,9 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, if (!baseaddr) { baseaddr = p; } - + push_ascii(p,lp_servicename(snum),13, STR_TERMINATE); - + if (uLevel > 0) { int type; @@ -1671,7 +1670,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, SIVAL(p,16,PTR_DIFF(p2,baseaddr)); len += CopyExpanded(conn,snum,&p2,lp_comment(snum),&l2); } - + if (uLevel > 1) { SSVAL(p,20,ACCESS_READ|ACCESS_WRITE|ACCESS_CREATE); /* permissions */ SSVALS(p,22,-1); /* max uses */ @@ -1680,7 +1679,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, len += CopyAndAdvance(&p2,lp_pathname(snum),&l2); memset(p+30,0,SHPWLEN+2); /* passwd (reserved), pad field */ } - + if (uLevel > 2) { memset(p+40,0,SHPWLEN+2); SSVAL(p,50,0); @@ -1691,7 +1690,7 @@ static int fill_share_info(connection_struct *conn, int snum, int uLevel, SSVAL(p,64,0); SSVAL(p,66,0); } - + if (stringbuf) { (*buf) = p + struct_len; (*buflen) -= struct_len; @@ -1718,7 +1717,7 @@ static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, char *p = skip_string(param,tpscnt,netname); int uLevel = get_safe_SVAL(param,tpscnt,p,0,-1); int snum; - + if (!str1 || !str2 || !netname || !p) { return False; } @@ -1727,7 +1726,7 @@ static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, if (snum < 0) { return False; } - + /* check it's a supported varient */ if (!prefix_ok(str1,"zWrLh")) { return False; @@ -1735,7 +1734,7 @@ static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, if (!check_share_info(uLevel,str2)) { return False; } - + *rdata = smb_realloc_limit(*rdata,mdrcnt); if (!*rdata) { return False; @@ -1745,7 +1744,7 @@ static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, if (*rdata_len < 0) { return False; } - + *rparam_len = 6; *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { @@ -1754,7 +1753,7 @@ static bool api_RNetShareGetInfo(connection_struct *conn,uint16 vuid, SSVAL(*rparam,0,NERR_Success); SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); - + return True; } @@ -1790,7 +1789,7 @@ static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, int i; int data_len, fixed_len, string_len; int f_len = 0, s_len = 0; - + if (!str1 || !str2 || !p) { return False; } @@ -1801,7 +1800,7 @@ static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, if (!check_share_info(uLevel,str2)) { return False; } - + /* Ensure all the usershares are loaded. */ become_root(); load_registry_shares(); @@ -1834,7 +1833,7 @@ static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, if (!*rdata) { return False; } - + p2 = (*rdata) + fixed_len; /* auxiliary data (strings) will go here */ p = *rdata; f_len = fixed_len; @@ -1853,7 +1852,7 @@ static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, } } } - + *rparam_len = 8; *rparam = smb_realloc_limit(*rparam,*rparam_len); if (!*rparam) { @@ -1863,7 +1862,7 @@ static bool api_RNetShareEnum( connection_struct *conn, uint16 vuid, SSVAL(*rparam,2,0); SSVAL(*rparam,4,counted); SSVAL(*rparam,6,total); - + DEBUG(3,("RNetShareEnum gave %d entries of %d (%d %d %d %d)\n", counted,total,uLevel, buf_len,*rdata_len,mdrcnt)); @@ -2004,7 +2003,7 @@ static bool api_RNetShareAdd(connection_struct *conn,uint16 vuid, SSVAL(*rparam,2,0); /* converter word */ SSVAL(*rparam,4,*rdata_len); *rdata_len = 0; - + return True; error_exit: @@ -2042,7 +2041,7 @@ static bool api_RNetGroupEnum(connection_struct *conn,uint16 vuid, struct samr_displayentry *entries; int num_entries; - + if (!str1 || !str2 || !p) { return False; } @@ -2282,8 +2281,11 @@ static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid, int num_users=0; int errflags=0; int i, resume_context, cli_buf_size; - struct pdb_search *search; - struct samr_displayentry *users; + uint32_t resume_handle; + + struct rpc_pipe_client *samr_pipe; + struct policy_handle samr_handle, domain_handle; + NTSTATUS status; char *str1 = get_safe_str_ptr(param,tpscnt,param,2); char *str2 = skip_string(param,tpscnt,str1); @@ -2328,40 +2330,88 @@ static bool api_RNetUserEnum(connection_struct *conn, uint16 vuid, p = *rdata; endp = *rdata + *rdata_len; - become_root(); - search = pdb_search_users(ACB_NORMAL); - unbecome_root(); - if (search == NULL) { - DEBUG(0, ("api_RNetUserEnum:unable to open sam database.\n")); - return False; + status = rpc_pipe_open_internal( + talloc_tos(), &ndr_table_samr.syntax_id, rpc_samr_dispatch, + conn->server_info, &samr_pipe); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("api_RNetUserEnum: Could not connect to samr: %s\n", + nt_errstr(status))); + return false; } - become_root(); - num_users = pdb_search_entries(search, resume_context, 0xffffffff, - &users); - unbecome_root(); + status = rpccli_samr_Connect2(samr_pipe, talloc_tos(), global_myname(), + SAMR_ACCESS_OPEN_DOMAIN, &samr_handle); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("api_RNetUserEnum: samr_Connect2 failed: %s\n", + nt_errstr(status))); + return false; + } + + status = rpccli_samr_OpenDomain(samr_pipe, talloc_tos(), &samr_handle, + SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS, + get_global_sam_sid(), &domain_handle); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("api_RNetUserEnum: samr_OpenDomain failed: %s\n", + nt_errstr(status))); + return false; + } errflags=NERR_Success; - for (i=0; i<num_users; i++) { - const char *name = users[i].account_name; + resume_handle = 0; - if(((PTR_DIFF(p,*rdata)+21)<=*rdata_len)&&(strlen(name)<=21)) { - strlcpy(p,name,PTR_DIFF(endp,p)); - DEBUG(10,("api_RNetUserEnum:adding entry %d username " - "%s\n",count_sent,p)); - p += 21; - count_sent++; - } else { - /* set overflow error */ - DEBUG(10,("api_RNetUserEnum:overflow on entry %d " - "username %s\n",count_sent,name)); - errflags=234; + while (true) { + struct samr_SamArray *sam_entries; + uint32_t num_entries; + + status = rpccli_samr_EnumDomainUsers(samr_pipe, talloc_tos(), + &domain_handle, + &resume_handle, + 0, &sam_entries, 1, + &num_entries); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("rpccli_samr_EnumDomainUsers returned " + "%s\n", nt_errstr(status))); + break; + } + + if (num_entries == 0) { + DEBUG(10, ("rpccli_samr_EnumDomainUsers returned " + "no entries -- done\n")); + break; + } + + for (i=0; i<num_entries; i++) { + const char *name; + + name = sam_entries->entries[i].name.string; + + if(((PTR_DIFF(p,*rdata)+21)<=*rdata_len) + &&(strlen(name)<=21)) { + strlcpy(p,name,PTR_DIFF(endp,p)); + DEBUG(10,("api_RNetUserEnum:adding entry %d " + "username %s\n",count_sent,p)); + p += 21; + count_sent++; + } else { + /* set overflow error */ + DEBUG(10,("api_RNetUserEnum:overflow on entry %d " + "username %s\n",count_sent,name)); + errflags=234; + break; + } + } + + if (errflags != NERR_Success) { break; } + + TALLOC_FREE(sam_entries); } - pdb_search_destroy(search); + rpccli_samr_Close(samr_pipe, talloc_tos(), &domain_handle); + rpccli_samr_Close(samr_pipe, talloc_tos(), &samr_handle); *rdata_len = PTR_DIFF(p,*rdata); @@ -2538,7 +2588,7 @@ static bool api_SetUserPassword(connection_struct *conn,uint16 vuid, memset((char *)pass1,'\0',sizeof(fstring)); memset((char *)pass2,'\0',sizeof(fstring)); - + return(True); } @@ -2677,7 +2727,7 @@ static bool api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, } errcode = NERR_notsupported; - + switch (function) { case 81: /* delete */ if (print_job_delete(conn->server_info, snum, jobid, &werr)) @@ -2695,7 +2745,7 @@ static bool api_RDosPrintJobDel(connection_struct *conn,uint16 vuid, if (!W_ERROR_IS_OK(werr)) errcode = W_ERROR_V(werr); - + out: SSVAL(*rparam,0,errcode); SSVAL(*rparam,2,0); /* converter word */ @@ -2845,9 +2895,9 @@ static bool api_PrintJobInfo(connection_struct *conn, uint16 vuid, sharename)); return False; } - + *rdata_len = 0; - + /* check it's a supported varient */ if ((strcmp(str1,"WWsTP")) || (!check_printjob_info(&desc,uLevel,str2))) @@ -2884,7 +2934,7 @@ static bool api_PrintJobInfo(connection_struct *conn, uint16 vuid, out: SSVALS(*rparam,0,errcode); SSVAL(*rparam,2,0); /* converter word */ - + return(True); } @@ -3638,7 +3688,7 @@ static bool api_WWkstaUserLogon(connection_struct *conn,uint16 vuid, desc.buflen = mdrcnt; desc.subformat = NULL; desc.format = str2; - + if (init_package(&desc,1,0)) { PACKI(&desc,"W",0); /* code */ PACKS(&desc,"B21",name); /* eff. name */ @@ -3870,11 +3920,11 @@ static bool api_WPrintJobEnumerate(connection_struct *conn, uint16 vuid, if (strcmp(str1,"zWrLeh") != 0) { return False; } - + if (uLevel > 2) { return False; /* defined only for uLevel 0,1,2 */ } - + if (!check_printjob_info(&desc,uLevel,str2)) { return False; } diff --git a/source3/smbd/mangle_hash.c b/source3/smbd/mangle_hash.c index ebd93ff5d0..96fe4d2cab 100644 --- a/source3/smbd/mangle_hash.c +++ b/source3/smbd/mangle_hash.c @@ -53,7 +53,7 @@ * */ -static const char basechars[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%"; +static const char basechars[43]="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ_-!@#$%"; #define MANGLE_BASE (sizeof(basechars)/sizeof(char)-1) #define mangle(V) ((char)(basechars[(V) % MANGLE_BASE])) diff --git a/source3/smbd/mangle_hash2.c b/source3/smbd/mangle_hash2.c index 859e5e7227..3a3939c511 100644 --- a/source3/smbd/mangle_hash2.c +++ b/source3/smbd/mangle_hash2.c @@ -85,7 +85,7 @@ #define FLAG_CHECK(c, flag) (char_flags[(unsigned char)(c)] & (flag)) /* these are the characters we use in the 8.3 hash. Must be 36 chars long */ -static const char * const basechars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; +static const char basechars[36] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; #define base_forward(v) basechars[v] /* the list of reserved dos names - all of these are illegal */ diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index 729d144ea1..57608a9b40 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -212,7 +212,7 @@ static DATA_BLOB negprot_spnego(void) */ - if (lp_security() != SEC_ADS && !lp_use_kerberos_keytab()) { + if (lp_security() != SEC_ADS && !USE_KERBEROS_KEYTAB) { #if 0 /* Code for PocketPC client */ blob = data_blob(guid, 16); diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 1ee3edbdbe..0ad4df6e90 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -621,7 +621,7 @@ void reply_ntcreate_and_X(struct smb_request *req) p += 8; SIVAL(p,0,fattr); /* File Attributes. */ p += 4; - SOFF_T(p, 0, get_allocation_size(conn,fsp,&sbuf)); + SOFF_T(p, 0, SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf)); p += 8; SOFF_T(p,0,file_len); p += 8; @@ -1086,7 +1086,7 @@ static void call_nt_transact_create(connection_struct *conn, p += 8; SIVAL(p,0,fattr); /* File Attributes. */ p += 4; - SOFF_T(p, 0, get_allocation_size(conn,fsp,&sbuf)); + SOFF_T(p, 0, SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf)); p += 8; SOFF_T(p,0,file_len); p += 8; diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 7d23b92359..f7a52d7bd2 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -67,13 +67,15 @@ NTSTATUS smb1_file_se_access_check(const struct security_descriptor *sd, static NTSTATUS check_open_rights(struct connection_struct *conn, const char *fname, - uint32_t access_mask) + uint32_t access_mask, + uint32_t *access_granted) { /* Check if we have rights to open. */ NTSTATUS status; - uint32_t access_granted = 0; struct security_descriptor *sd; + *access_granted = 0; + status = SMB_VFS_GET_NT_ACL(conn, fname, (OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | @@ -90,9 +92,17 @@ static NTSTATUS check_open_rights(struct connection_struct *conn, status = smb1_file_se_access_check(sd, conn->server_info->ptok, access_mask, - &access_granted); + access_granted); TALLOC_FREE(sd); + + DEBUG(10,("check_open_rights: file %s requesting " + "0x%x returning 0x%x (%s)\n", + fname, + (unsigned int)access_mask, + (unsigned int)*access_granted, + nt_errstr(status) )); + return status; } @@ -415,14 +425,49 @@ static NTSTATUS open_file(files_struct *fsp, } else { fsp->fh->fd = -1; /* What we used to call a stat open. */ if (file_existed) { + uint32_t access_granted = 0; + status = check_open_rights(conn, path, - access_mask); + access_mask, + &access_granted); if (!NT_STATUS_IS_OK(status)) { - DEBUG(10, ("open_file: Access denied on " - "file %s\n", - path)); - return status; + if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) { + if ((access_mask & DELETE_ACCESS) && + (access_granted == DELETE_ACCESS) && + can_delete_file_in_directory(conn, path)) { + /* Were we trying to do a stat open + * for delete and didn't get DELETE + * access (only) ? Check if the + * directory allows DELETE_CHILD. + * See here: + * http://blogs.msdn.com/oldnewthing/archive/2004/06/04/148426.aspx + * for details. */ + + DEBUG(10,("open_file: overrode ACCESS_DENIED " + "on file %s\n", + path )); + } else { + DEBUG(10, ("open_file: Access denied on " + "file %s\n", + path)); + return status; + } + } else if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) && + fsp->posix_open && + S_ISLNK(psbuf->st_mode)) { + /* This is a POSIX stat open for delete + * or rename on a symlink that points + * nowhere. Allow. */ + DEBUG(10, ("open_file: allowing POSIX open " + "on bad symlink %s\n", + path )); + } else { + DEBUG(10, ("open_file: check_open_rights " + "on file %s returned %s\n", + path, nt_errstr(status) )); + return status; + } } } } @@ -2395,9 +2440,11 @@ static NTSTATUS open_directory(connection_struct *conn, } if (info == FILE_WAS_OPENED) { + uint32_t access_granted = 0; status = check_open_rights(conn, fname, - access_mask); + access_mask, + &access_granted); if (!NT_STATUS_IS_OK(status)) { DEBUG(10, ("open_directory: check_open_rights on " "file %s failed with %s\n", @@ -2826,8 +2873,11 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, && (create_disposition != FILE_CREATE) && (share_access & FILE_SHARE_DELETE) && (access_mask & DELETE_ACCESS) - && (!can_delete_file_in_directory(conn, fname))) { + && (!(can_delete_file_in_directory(conn, fname) || + can_access_file_acl(conn, fname, DELETE_ACCESS)))) { status = NT_STATUS_ACCESS_DENIED; + DEBUG(10,("create_file_unixpath: open file %s " + "for delete ACCESS_DENIED\n", fname )); goto fail; } diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index e4b5016538..788d2f7238 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -32,61 +32,23 @@ int32 get_number_of_exclusive_open_oplocks(void) return exclusive_oplocks_open; } -/**************************************************************************** - Return True if an oplock message is pending. -****************************************************************************/ - -bool oplock_message_waiting(void) -{ - if (koplocks && koplocks->ops->msg_waiting(koplocks)) { - return True; - } - - return False; -} - -/**************************************************************************** - Find out if there are any kernel oplock messages waiting and process them - if so. pfds is the fd_set from the main select loop (which contains any - kernel oplock fd if that's what the system uses (IRIX). If may be NULL if - we're calling this in a shutting down state. -****************************************************************************/ - -void process_kernel_oplocks(struct messaging_context *msg_ctx) +/* + * helper function used by the kernel oplock backends to post the break message + */ +void break_kernel_oplock(struct messaging_context *msg_ctx, files_struct *fsp) { - /* - * We need to check for kernel oplocks before going into the select - * here, as the EINTR generated by the linux kernel oplock may have - * already been eaten. JRA. - */ - - if (!koplocks) { - return; - } + uint8_t msg[MSG_SMB_KERNEL_BREAK_SIZE]; - while (koplocks->ops->msg_waiting(koplocks)) { - files_struct *fsp; - char msg[MSG_SMB_KERNEL_BREAK_SIZE]; + /* Put the kernel break info into the message. */ + push_file_id_16((char *)msg, &fsp->file_id); + SIVAL(msg,16,fsp->fh->gen_id); - fsp = koplocks->ops->receive_message(koplocks); + /* Don't need to be root here as we're only ever + sending to ourselves. */ - if (fsp == NULL) { - DEBUG(3, ("Kernel oplock message announced, but none " - "received\n")); - return; - } - - /* Put the kernel break info into the message. */ - push_file_id_16(msg, &fsp->file_id); - SIVAL(msg,16,fsp->fh->gen_id); - - /* Don't need to be root here as we're only ever - sending to ourselves. */ - - messaging_send_buf(msg_ctx, procid_self(), - MSG_SMB_KERNEL_BREAK, - (uint8 *)&msg, MSG_SMB_KERNEL_BREAK_SIZE); - } + messaging_send_buf(msg_ctx, procid_self(), + MSG_SMB_KERNEL_BREAK, + msg, MSG_SMB_KERNEL_BREAK_SIZE); } /**************************************************************************** diff --git a/source3/smbd/oplock_irix.c b/source3/smbd/oplock_irix.c index 0cfa960425..d7f45e67de 100644 --- a/source3/smbd/oplock_irix.c +++ b/source3/smbd/oplock_irix.c @@ -252,13 +252,6 @@ static void irix_release_kernel_oplock(struct kernel_oplocks *_ctx, } } -static bool irix_oplock_msg_waiting(struct kernel_oplocks *_ctx) -{ - struct irix_oplocks_context *ctx = talloc_get_type(_ctx->private_data, - struct irix_oplocks_context); - return ctx->pending; -} - static void irix_oplocks_read_fde_handler(struct event_context *ev, struct fd_event *fde, uint16_t flags, @@ -266,10 +259,10 @@ static void irix_oplocks_read_fde_handler(struct event_context *ev, { struct irix_oplocks_context *ctx = talloc_get_type(private_data, struct irix_oplocks_context); + files_struct *fsp; - ctx->pending = true; - process_kernel_oplocks(smbd_messaging_context()); - ctx->pending = false; + fsp = irix_oplock_receive_message(ctx->ctx); + break_kernel_oplock(smbd_messaging_context(), fsp); } /**************************************************************************** @@ -277,10 +270,8 @@ static void irix_oplocks_read_fde_handler(struct event_context *ev, ****************************************************************************/ static const struct kernel_oplocks_ops irix_koplocks = { - .receive_message = irix_oplock_receive_message, .set_oplock = irix_set_kernel_oplock, .release_oplock = irix_release_kernel_oplock, - .msg_waiting = irix_oplock_msg_waiting }; struct kernel_oplocks *irix_init_kernel_oplocks(TALLOC_CTX *mem_ctx) diff --git a/source3/smbd/oplock_linux.c b/source3/smbd/oplock_linux.c index 8087167ff4..51cce0ed48 100644 --- a/source3/smbd/oplock_linux.c +++ b/source3/smbd/oplock_linux.c @@ -43,19 +43,6 @@ #define F_SETSIG 10 #endif -/**************************************************************************** - Handle a LEASE signal, incrementing the signals_received and blocking the signal. -****************************************************************************/ - -static void signal_handler(int sig, siginfo_t *info, void *unused) -{ - if (oplock_signals_received < FD_PENDING_SIZE - 1) { - fd_pending_array[oplock_signals_received] = (SIG_ATOMIC_T)info->si_fd; - oplock_signals_received++; - } /* Else signal is lost. */ - sys_select_signal(RT_SIGNAL_LEASE); -} - /* * public function to get linux lease capability. Needed by some VFS modules (eg. gpfs.c) */ @@ -101,24 +88,17 @@ int linux_setlease(int fd, int leasetype) * oplock break protocol. ****************************************************************************/ -static files_struct *linux_oplock_receive_message(struct kernel_oplocks *ctx) +static void linux_oplock_signal_handler(struct tevent_context *ev_ctx, + struct tevent_signal *se, + int signum, int count, + void *_info, void *private_data) { - int fd; + siginfo_t *info = (siginfo_t *)_info; + int fd = info->si_fd; files_struct *fsp; - BlockSignals(True, RT_SIGNAL_LEASE); - fd = fd_pending_array[0]; fsp = file_find_fd(fd); - fd_pending_array[0] = (SIG_ATOMIC_T)-1; - if (oplock_signals_received > 1) - memmove(CONST_DISCARD(void *, &fd_pending_array[0]), - CONST_DISCARD(void *, &fd_pending_array[1]), - sizeof(SIG_ATOMIC_T)*(oplock_signals_received-1)); - oplock_signals_received--; - /* now we can receive more signals */ - BlockSignals(False, RT_SIGNAL_LEASE); - - return fsp; + break_kernel_oplock(smbd_messaging_context(), fsp); } /**************************************************************************** @@ -180,15 +160,6 @@ static void linux_release_kernel_oplock(struct kernel_oplocks *ctx, } /**************************************************************************** - See if a oplock message is waiting. -****************************************************************************/ - -static bool linux_oplock_msg_waiting(struct kernel_oplocks *ctx) -{ - return oplock_signals_received != 0; -} - -/**************************************************************************** See if the kernel supports oplocks. ****************************************************************************/ @@ -208,16 +179,14 @@ static bool linux_oplocks_available(void) ****************************************************************************/ static const struct kernel_oplocks_ops linux_koplocks = { - .receive_message = linux_oplock_receive_message, .set_oplock = linux_set_kernel_oplock, .release_oplock = linux_release_kernel_oplock, - .msg_waiting = linux_oplock_msg_waiting }; struct kernel_oplocks *linux_init_kernel_oplocks(TALLOC_CTX *mem_ctx) { - struct sigaction act; struct kernel_oplocks *ctx; + struct tevent_signal *se; if (!linux_oplocks_available()) { DEBUG(3,("Linux kernel oplocks not available\n")); @@ -232,19 +201,18 @@ struct kernel_oplocks *linux_init_kernel_oplocks(TALLOC_CTX *mem_ctx) ctx->ops = &linux_koplocks; - ZERO_STRUCT(act); - - act.sa_handler = NULL; - act.sa_sigaction = signal_handler; - act.sa_flags = SA_SIGINFO; - sigemptyset( &act.sa_mask ); - if (sigaction(RT_SIGNAL_LEASE, &act, NULL) != 0) { - DEBUG(0,("Failed to setup RT_SIGNAL_LEASE handler\n")); + se = tevent_add_signal(smbd_event_context(), + ctx, + RT_SIGNAL_LEASE, SA_SIGINFO, + linux_oplock_signal_handler, + ctx); + if (!se) { + DEBUG(0,("Failed to setup RT_SIGNAL_LEASE handler")); + TALLOC_FREE(ctx); return NULL; } - /* the signal can start off blocked due to a bug in bash */ - BlockSignals(False, RT_SIGNAL_LEASE); + ctx->private_data = se; DEBUG(3,("Linux kernel oplocks enabled\n")); diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index b148cff045..f287adc92d 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -144,12 +144,18 @@ void reply_open_pipe_and_X(connection_struct *conn, struct smb_request *req) Reply to a write on a pipe. ****************************************************************************/ +struct pipe_write_state { + size_t numtowrite; +}; + +static void pipe_write_done(struct async_req *subreq); + void reply_pipe_write(struct smb_request *req) { files_struct *fsp = file_fsp(req, SVAL(req->vwv+0, 0)); - size_t numtowrite = SVAL(req->vwv+1, 0); - ssize_t nwritten; const uint8_t *data; + struct pipe_write_state *state; + struct async_req *subreq; if (!fsp_is_np(fsp)) { reply_doserror(req, ERRDOS, ERRbadfid); @@ -161,39 +167,59 @@ void reply_pipe_write(struct smb_request *req) return; } + state = talloc(req, struct pipe_write_state); + if (state == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + req->async_priv = state; + + state->numtowrite = SVAL(req->vwv+1, 0); + data = req->buf + 3; - if (numtowrite == 0) { - nwritten = 0; - } else { - NTSTATUS status; - if (!fsp_is_np(fsp)) { - reply_nterror(req, NT_STATUS_INVALID_HANDLE); - return; - } - DEBUG(6, ("reply_pipe_write: %x name: %s len: %d\n", - (int)fsp->fnum, fsp->fsp_name, (int)numtowrite)); - status = np_write(fsp->fake_file_handle, data, numtowrite, - &nwritten); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); - return; - } + DEBUG(6, ("reply_pipe_write: %x name: %s len: %d\n", (int)fsp->fnum, + fsp->fsp_name, (int)state->numtowrite)); + + subreq = np_write_send(state, smbd_event_context(), + fsp->fake_file_handle, data, state->numtowrite); + if (subreq == NULL) { + TALLOC_FREE(state); + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; } + subreq->async.fn = pipe_write_done; + subreq->async.priv = talloc_move(req->conn, &req); +} + +static void pipe_write_done(struct async_req *subreq) +{ + struct smb_request *req = talloc_get_type_abort( + subreq->async.priv, struct smb_request); + struct pipe_write_state *state = talloc_get_type_abort( + req->async_priv, struct pipe_write_state); + NTSTATUS status; + ssize_t nwritten = -1; - if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0)) { + status = np_write_recv(subreq, &nwritten); + TALLOC_FREE(subreq); + if ((nwritten == 0 && state->numtowrite != 0) || (nwritten < 0)) { reply_unixerror(req, ERRDOS, ERRnoaccess); - return; + goto send; } reply_outbuf(req, 1, 0); SSVAL(req->outbuf,smb_vwv0,nwritten); - - DEBUG(3,("write-IPC pnum=%04x nwritten=%d\n", fsp->fnum, - (int)nwritten)); - return; + DEBUG(3,("write-IPC nwritten=%d\n", (int)nwritten)); + + send: + if (!srv_send_smb(smbd_server_fd(), (char *)req->outbuf, + IS_CONN_ENCRYPTED(req->conn)||req->encrypted)) { + exit_server_cleanly("construct_reply: srv_send_smb failed."); + } + TALLOC_FREE(req); } /**************************************************************************** @@ -203,16 +229,20 @@ void reply_pipe_write(struct smb_request *req) wrinkles to handle pipes. ****************************************************************************/ +struct pipe_write_andx_state { + bool pipe_start_message_raw; + size_t numtowrite; +}; + +static void pipe_write_andx_done(struct async_req *subreq); + void reply_pipe_write_and_X(struct smb_request *req) { files_struct *fsp = file_fsp(req, SVAL(req->vwv+2, 0)); - size_t numtowrite = SVAL(req->vwv+10, 0); - ssize_t nwritten; int smb_doff = SVAL(req->vwv+11, 0); - bool pipe_start_message_raw = - ((SVAL(req->vwv+7, 0) & (PIPE_START_MESSAGE|PIPE_RAW_MODE)) - == (PIPE_START_MESSAGE|PIPE_RAW_MODE)); uint8_t *data; + struct pipe_write_andx_state *state; + struct async_req *subreq; if (!fsp_is_np(fsp)) { reply_doserror(req, ERRDOS, ERRbadfid); @@ -224,55 +254,76 @@ void reply_pipe_write_and_X(struct smb_request *req) return; } + state = talloc(req, struct pipe_write_andx_state); + if (state == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + req->async_priv = state; + + state->numtowrite = SVAL(req->vwv+10, 0); + state->pipe_start_message_raw = + ((SVAL(req->vwv+7, 0) & (PIPE_START_MESSAGE|PIPE_RAW_MODE)) + == (PIPE_START_MESSAGE|PIPE_RAW_MODE)); + DEBUG(6, ("reply_pipe_write_and_X: %x name: %s len: %d\n", - (int)fsp->fnum, fsp->fsp_name, (int)numtowrite)); + (int)fsp->fnum, fsp->fsp_name, (int)state->numtowrite)); data = (uint8_t *)smb_base(req->inbuf) + smb_doff; - if (numtowrite == 0) { - nwritten = 0; - } else { - NTSTATUS status; - - if(pipe_start_message_raw) { - /* - * For the start of a message in named pipe byte mode, - * the first two bytes are a length-of-pdu field. Ignore - * them (we don't trust the client). JRA. - */ - if(numtowrite < 2) { - DEBUG(0,("reply_pipe_write_and_X: start of " - "message set and not enough data " - "sent.(%u)\n", - (unsigned int)numtowrite )); - reply_unixerror(req, ERRDOS, ERRnoaccess); - return; - } - - data += 2; - numtowrite -= 2; - } - status = np_write(fsp->fake_file_handle, data, numtowrite, - &nwritten); - if (!NT_STATUS_IS_OK(status)) { - reply_nterror(req, status); + if (state->pipe_start_message_raw) { + /* + * For the start of a message in named pipe byte mode, + * the first two bytes are a length-of-pdu field. Ignore + * them (we don't trust the client). JRA. + */ + if (state->numtowrite < 2) { + DEBUG(0,("reply_pipe_write_and_X: start of message " + "set and not enough data sent.(%u)\n", + (unsigned int)state->numtowrite )); + reply_unixerror(req, ERRDOS, ERRnoaccess); return; } + + data += 2; + state->numtowrite -= 2; } - if ((nwritten == 0 && numtowrite != 0) || (nwritten < 0)) { - reply_unixerror(req, ERRDOS,ERRnoaccess); + subreq = np_write_send(state, smbd_event_context(), + fsp->fake_file_handle, data, state->numtowrite); + if (subreq == NULL) { + TALLOC_FREE(state); + reply_nterror(req, NT_STATUS_NO_MEMORY); return; } + subreq->async.fn = pipe_write_andx_done; + subreq->async.priv = talloc_move(req->conn, &req); +} + +static void pipe_write_andx_done(struct async_req *subreq) +{ + struct smb_request *req = talloc_get_type_abort( + subreq->async.priv, struct smb_request); + struct pipe_write_andx_state *state = talloc_get_type_abort( + req->async_priv, struct pipe_write_andx_state); + NTSTATUS status; + ssize_t nwritten = -1; + + status = np_write_recv(subreq, &nwritten); + TALLOC_FREE(subreq); + if (!NT_STATUS_IS_OK(status) || (nwritten != state->numtowrite)) { + reply_unixerror(req, ERRDOS,ERRnoaccess); + goto done; + } reply_outbuf(req, 6, 0); - nwritten = (pipe_start_message_raw ? nwritten + 2 : nwritten); + nwritten = (state->pipe_start_message_raw ? nwritten + 2 : nwritten); SSVAL(req->outbuf,smb_vwv2,nwritten); - - DEBUG(3,("writeX-IPC pnum=%04x nwritten=%d\n", fsp->fnum, - (int)nwritten)); + DEBUG(3,("writeX-IPC nwritten=%d\n", (int)nwritten)); + + done: chain_reply(req); } @@ -282,15 +333,20 @@ void reply_pipe_write_and_X(struct smb_request *req) wrinkles to handle pipes. ****************************************************************************/ +struct pipe_read_andx_state { + uint8_t *outbuf; + int smb_mincnt; + int smb_maxcnt; +}; + +static void pipe_read_andx_done(struct async_req *subreq); + void reply_pipe_read_and_X(struct smb_request *req) { files_struct *fsp = file_fsp(req, SVAL(req->vwv+0, 0)); - int smb_maxcnt = SVAL(req->vwv+5, 0); - int smb_mincnt = SVAL(req->vwv+6, 0); - ssize_t nread; uint8_t *data; - bool unused; - NTSTATUS status; + struct pipe_read_andx_state *state; + struct async_req *subreq; /* we don't use the offset given to use for pipe reads. This is deliberate, instead we always return the next lump of @@ -309,18 +365,56 @@ void reply_pipe_read_and_X(struct smb_request *req) return; } - reply_outbuf(req, 12, smb_maxcnt); + state = talloc(req, struct pipe_read_andx_state); + if (state == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + req->async_priv = state; + state->smb_maxcnt = SVAL(req->vwv+5, 0); + state->smb_mincnt = SVAL(req->vwv+6, 0); + + reply_outbuf(req, 12, state->smb_maxcnt); data = (uint8_t *)smb_buf(req->outbuf); - status = np_read(fsp->fake_file_handle, data, smb_maxcnt, &nread, - &unused); + /* + * We have to tell the upper layers that we're async. + */ + state->outbuf = req->outbuf; + req->outbuf = NULL; + + subreq = np_read_send(state, smbd_event_context(), + fsp->fake_file_handle, data, + state->smb_maxcnt); + if (subreq == NULL) { + reply_nterror(req, NT_STATUS_NO_MEMORY); + return; + } + subreq->async.fn = pipe_read_andx_done; + subreq->async.priv = talloc_move(req->conn, &req); +} +static void pipe_read_andx_done(struct async_req *subreq) +{ + struct smb_request *req = talloc_get_type_abort( + subreq->async.priv, struct smb_request); + struct pipe_read_andx_state *state = talloc_get_type_abort( + req->async_priv, struct pipe_read_andx_state); + NTSTATUS status; + ssize_t nread; + bool is_data_outstanding; + + status = np_read_recv(subreq, &nread, &is_data_outstanding); + TALLOC_FREE(subreq); if (!NT_STATUS_IS_OK(status)) { - reply_doserror(req, ERRDOS, ERRnoaccess); - return; + reply_nterror(req, status); + goto done; } + req->outbuf = state->outbuf; + state->outbuf = NULL; + srv_set_message((char *)req->outbuf, 12, nread, False); SSVAL(req->outbuf,smb_vwv5,nread); @@ -329,10 +423,11 @@ void reply_pipe_read_and_X(struct smb_request *req) + 1 /* the wct field */ + 12 * sizeof(uint16_t) /* vwv */ + 2); /* the buflen field */ - SSVAL(req->outbuf,smb_vwv11,smb_maxcnt); + SSVAL(req->outbuf,smb_vwv11,state->smb_maxcnt); - DEBUG(3,("readX-IPC pnum=%04x min=%d max=%d nread=%d\n", - fsp->fnum, smb_mincnt, smb_maxcnt, (int)nread)); + DEBUG(3,("readX-IPC min=%d max=%d nread=%d\n", + state->smb_mincnt, state->smb_maxcnt, (int)nread)); + done: chain_reply(req); } diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 72f5c94bc5..7ea6e39fcb 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -1,7 +1,7 @@ /* Unix SMB/CIFS implementation. SMB NT Security Descriptor / Unix permission conversion. - Copyright (C) Jeremy Allison 1994-2000. + Copyright (C) Jeremy Allison 1994-2009. Copyright (C) Andreas Gruenbacher 2002. This program is free software; you can redistribute it and/or modify @@ -47,30 +47,65 @@ typedef struct canon_ace { enum ace_owner owner_type; enum ace_attribute attr; posix_id unix_ug; - bool inherited; + uint8_t ace_flags; /* From windows ACE entry. */ } canon_ace; #define ALL_ACE_PERMS (S_IRUSR|S_IWUSR|S_IXUSR) /* * EA format of user.SAMBA_PAI (Samba_Posix_Acl_Interitance) - * attribute on disk. + * attribute on disk - version 1. + * All values are little endian. * - * | 1 | 1 | 2 | 2 | .... + * | 1 | 1 | 2 | 2 | .... * +------+------+-------------+---------------------+-------------+--------------------+ * | vers | flag | num_entries | num_default_entries | ..entries.. | default_entries... | * +------+------+-------------+---------------------+-------------+--------------------+ + * + * Entry format is : + * + * | 1 | 4 | + * +------+-------------------+ + * | value| uid/gid or world | + * | type | value | + * +------+-------------------+ + * + * Version 2 format. Stores extra Windows metadata about an ACL. + * + * | 1 | 2 | 2 | 2 | .... + * +------+----------+-------------+---------------------+-------------+--------------------+ + * | vers | ace | num_entries | num_default_entries | ..entries.. | default_entries... | + * | 2 | type | | | | | + * +------+----------+-------------+---------------------+-------------+--------------------+ + * + * Entry format is : + * + * | 1 | 1 | 4 | + * +------+------+-------------------+ + * | ace | value| uid/gid or world | + * | flag | type | value | + * +------+-------------------+------+ + * */ -#define PAI_VERSION_OFFSET 0 -#define PAI_FLAG_OFFSET 1 -#define PAI_NUM_ENTRIES_OFFSET 2 -#define PAI_NUM_DEFAULT_ENTRIES_OFFSET 4 -#define PAI_ENTRIES_BASE 6 +#define PAI_VERSION_OFFSET 0 + +#define PAI_V1_FLAG_OFFSET 1 +#define PAI_V1_NUM_ENTRIES_OFFSET 2 +#define PAI_V1_NUM_DEFAULT_ENTRIES_OFFSET 4 +#define PAI_V1_ENTRIES_BASE 6 +#define PAI_V1_ACL_FLAG_PROTECTED 0x1 +#define PAI_V1_ENTRY_LENGTH 5 + +#define PAI_V1_VERSION 1 -#define PAI_VERSION 1 -#define PAI_ACL_FLAG_PROTECTED 0x1 -#define PAI_ENTRY_LENGTH 5 +#define PAI_V2_TYPE_OFFSET 1 +#define PAI_V2_NUM_ENTRIES_OFFSET 3 +#define PAI_V2_NUM_DEFAULT_ENTRIES_OFFSET 5 +#define PAI_V2_ENTRIES_BASE 7 +#define PAI_V2_ENTRY_LENGTH 6 + +#define PAI_V2_VERSION 2 /* * In memory format of user.SAMBA_PAI attribute. @@ -78,12 +113,13 @@ typedef struct canon_ace { struct pai_entry { struct pai_entry *next, *prev; + uint8_t ace_flags; enum ace_owner owner_type; posix_id unix_ug; }; struct pai_val { - bool pai_protected; + uint16_t sd_type; unsigned int num_entries; struct pai_entry *entry_list; unsigned int num_def_entries; @@ -94,19 +130,19 @@ struct pai_val { Return a uint32 of the pai_entry principal. ************************************************************************/ -static uint32 get_pai_entry_val(struct pai_entry *paie) +static uint32_t get_pai_entry_val(struct pai_entry *paie) { switch (paie->owner_type) { case UID_ACE: DEBUG(10,("get_pai_entry_val: uid = %u\n", (unsigned int)paie->unix_ug.uid )); - return (uint32)paie->unix_ug.uid; + return (uint32_t)paie->unix_ug.uid; case GID_ACE: DEBUG(10,("get_pai_entry_val: gid = %u\n", (unsigned int)paie->unix_ug.gid )); - return (uint32)paie->unix_ug.gid; + return (uint32_t)paie->unix_ug.gid; case WORLD_ACE: default: DEBUG(10,("get_pai_entry_val: world ace\n")); - return (uint32)-1; + return (uint32_t)-1; } } @@ -114,41 +150,30 @@ static uint32 get_pai_entry_val(struct pai_entry *paie) Return a uint32 of the entry principal. ************************************************************************/ -static uint32 get_entry_val(canon_ace *ace_entry) +static uint32_t get_entry_val(canon_ace *ace_entry) { switch (ace_entry->owner_type) { case UID_ACE: DEBUG(10,("get_entry_val: uid = %u\n", (unsigned int)ace_entry->unix_ug.uid )); - return (uint32)ace_entry->unix_ug.uid; + return (uint32_t)ace_entry->unix_ug.uid; case GID_ACE: DEBUG(10,("get_entry_val: gid = %u\n", (unsigned int)ace_entry->unix_ug.gid )); - return (uint32)ace_entry->unix_ug.gid; + return (uint32_t)ace_entry->unix_ug.gid; case WORLD_ACE: default: DEBUG(10,("get_entry_val: world ace\n")); - return (uint32)-1; + return (uint32_t)-1; } } /************************************************************************ - Count the inherited entries. -************************************************************************/ - -static unsigned int num_inherited_entries(canon_ace *ace_list) -{ - unsigned int num_entries = 0; - - for (; ace_list; ace_list = ace_list->next) - if (ace_list->inherited) - num_entries++; - return num_entries; -} - -/************************************************************************ - Create the on-disk format. Caller must free. + Create the on-disk format (always v2 now). Caller must free. ************************************************************************/ -static char *create_pai_buf(canon_ace *file_ace_list, canon_ace *dir_ace_list, bool pai_protected, size_t *store_size) +static char *create_pai_buf_v2(canon_ace *file_ace_list, + canon_ace *dir_ace_list, + uint16_t sd_type, + size_t *store_size) { char *pai_buf = NULL; canon_ace *ace_list = NULL; @@ -156,17 +181,18 @@ static char *create_pai_buf(canon_ace *file_ace_list, canon_ace *dir_ace_list, b unsigned int num_entries = 0; unsigned int num_def_entries = 0; - for (ace_list = file_ace_list; ace_list; ace_list = ace_list->next) - if (ace_list->inherited) - num_entries++; + for (ace_list = file_ace_list; ace_list; ace_list = ace_list->next) { + num_entries++; + } - for (ace_list = dir_ace_list; ace_list; ace_list = ace_list->next) - if (ace_list->inherited) - num_def_entries++; + for (ace_list = dir_ace_list; ace_list; ace_list = ace_list->next) { + num_def_entries++; + } - DEBUG(10,("create_pai_buf: num_entries = %u, num_def_entries = %u\n", num_entries, num_def_entries )); + DEBUG(10,("create_pai_buf_v2: num_entries = %u, num_def_entries = %u\n", num_entries, num_def_entries )); - *store_size = PAI_ENTRIES_BASE + ((num_entries + num_def_entries)*PAI_ENTRY_LENGTH); + *store_size = PAI_V2_ENTRIES_BASE + + ((num_entries + num_def_entries)*PAI_V2_ENTRY_LENGTH); pai_buf = (char *)SMB_MALLOC(*store_size); if (!pai_buf) { @@ -174,34 +200,32 @@ static char *create_pai_buf(canon_ace *file_ace_list, canon_ace *dir_ace_list, b } /* Set up the header. */ - memset(pai_buf, '\0', PAI_ENTRIES_BASE); - SCVAL(pai_buf,PAI_VERSION_OFFSET,PAI_VERSION); - SCVAL(pai_buf,PAI_FLAG_OFFSET,(pai_protected ? PAI_ACL_FLAG_PROTECTED : 0)); - SSVAL(pai_buf,PAI_NUM_ENTRIES_OFFSET,num_entries); - SSVAL(pai_buf,PAI_NUM_DEFAULT_ENTRIES_OFFSET,num_def_entries); + memset(pai_buf, '\0', PAI_V2_ENTRIES_BASE); + SCVAL(pai_buf,PAI_VERSION_OFFSET,PAI_V2_VERSION); + SSVAL(pai_buf,PAI_V2_TYPE_OFFSET, sd_type); + SSVAL(pai_buf,PAI_V2_NUM_ENTRIES_OFFSET,num_entries); + SSVAL(pai_buf,PAI_V2_NUM_DEFAULT_ENTRIES_OFFSET,num_def_entries); - entry_offset = pai_buf + PAI_ENTRIES_BASE; + entry_offset = pai_buf + PAI_V2_ENTRIES_BASE; for (ace_list = file_ace_list; ace_list; ace_list = ace_list->next) { - if (ace_list->inherited) { - uint8 type_val = (unsigned char)ace_list->owner_type; - uint32 entry_val = get_entry_val(ace_list); + uint8_t type_val = (uint8_t)ace_list->owner_type; + uint32_t entry_val = get_entry_val(ace_list); - SCVAL(entry_offset,0,type_val); - SIVAL(entry_offset,1,entry_val); - entry_offset += PAI_ENTRY_LENGTH; - } + SCVAL(entry_offset,0,ace_list->ace_flags); + SCVAL(entry_offset,1,type_val); + SIVAL(entry_offset,2,entry_val); + entry_offset += PAI_V2_ENTRY_LENGTH; } for (ace_list = dir_ace_list; ace_list; ace_list = ace_list->next) { - if (ace_list->inherited) { - uint8 type_val = (unsigned char)ace_list->owner_type; - uint32 entry_val = get_entry_val(ace_list); + uint8_t type_val = (uint8_t)ace_list->owner_type; + uint32_t entry_val = get_entry_val(ace_list); - SCVAL(entry_offset,0,type_val); - SIVAL(entry_offset,1,entry_val); - entry_offset += PAI_ENTRY_LENGTH; - } + SCVAL(entry_offset,0,ace_list->ace_flags); + SCVAL(entry_offset,1,type_val); + SIVAL(entry_offset,2,entry_val); + entry_offset += PAI_V2_ENTRY_LENGTH; } return pai_buf; @@ -211,44 +235,39 @@ static char *create_pai_buf(canon_ace *file_ace_list, canon_ace *dir_ace_list, b Store the user.SAMBA_PAI attribute on disk. ************************************************************************/ -static void store_inheritance_attributes(files_struct *fsp, canon_ace *file_ace_list, - canon_ace *dir_ace_list, bool pai_protected) +static void store_inheritance_attributes(files_struct *fsp, + canon_ace *file_ace_list, + canon_ace *dir_ace_list, + uint16_t sd_type) { int ret; size_t store_size; char *pai_buf; - if (!lp_map_acl_inherit(SNUM(fsp->conn))) - return; - - /* - * Don't store if this ACL isn't protected and - * none of the entries in it are marked as inherited. - */ - - if (!pai_protected && num_inherited_entries(file_ace_list) == 0 && num_inherited_entries(dir_ace_list) == 0) { - /* Instead just remove the attribute if it exists. */ - if (fsp->fh->fd != -1) - SMB_VFS_FREMOVEXATTR(fsp, SAMBA_POSIX_INHERITANCE_EA_NAME); - else - SMB_VFS_REMOVEXATTR(fsp->conn, fsp->fsp_name, SAMBA_POSIX_INHERITANCE_EA_NAME); + if (!lp_map_acl_inherit(SNUM(fsp->conn))) { return; } - pai_buf = create_pai_buf(file_ace_list, dir_ace_list, pai_protected, &store_size); + pai_buf = create_pai_buf_v2(file_ace_list, dir_ace_list, + sd_type, &store_size); - if (fsp->fh->fd != -1) + if (fsp->fh->fd != -1) { ret = SMB_VFS_FSETXATTR(fsp, SAMBA_POSIX_INHERITANCE_EA_NAME, pai_buf, store_size, 0); - else + } else { ret = SMB_VFS_SETXATTR(fsp->conn,fsp->fsp_name, SAMBA_POSIX_INHERITANCE_EA_NAME, pai_buf, store_size, 0); + } SAFE_FREE(pai_buf); - DEBUG(10,("store_inheritance_attribute:%s for file %s\n", pai_protected ? " (protected)" : "", fsp->fsp_name)); - if (ret == -1 && !no_acl_syscall_error(errno)) + DEBUG(10,("store_inheritance_attribute: type 0x%x for file %s\n", + (unsigned int)sd_type, + fsp->fsp_name)); + + if (ret == -1 && !no_acl_syscall_error(errno)) { DEBUG(1,("store_inheritance_attribute: Error %s\n", strerror(errno) )); + } } /************************************************************************ @@ -272,161 +291,290 @@ static void free_inherited_info(struct pai_val *pal) } /************************************************************************ - Was this ACL protected ? -************************************************************************/ - -static bool get_protected_flag(struct pai_val *pal) -{ - if (!pal) - return False; - return pal->pai_protected; -} - -/************************************************************************ - Was this ACE inherited ? + Get any stored ACE flags. ************************************************************************/ -static bool get_inherited_flag(struct pai_val *pal, canon_ace *ace_entry, bool default_ace) +static uint16_t get_pai_flags(struct pai_val *pal, canon_ace *ace_entry, bool default_ace) { struct pai_entry *paie; - if (!pal) - return False; + if (!pal) { + return 0; + } /* If the entry exists it is inherited. */ for (paie = (default_ace ? pal->def_entry_list : pal->entry_list); paie; paie = paie->next) { if (ace_entry->owner_type == paie->owner_type && get_entry_val(ace_entry) == get_pai_entry_val(paie)) - return True; + return paie->ace_flags; } - return False; + return 0; } /************************************************************************ - Ensure an attribute just read is valid. + Ensure an attribute just read is valid - v1. ************************************************************************/ -static bool check_pai_ok(char *pai_buf, size_t pai_buf_data_size) +static bool check_pai_ok_v1(const char *pai_buf, size_t pai_buf_data_size) { uint16 num_entries; uint16 num_def_entries; - if (pai_buf_data_size < PAI_ENTRIES_BASE) { + if (pai_buf_data_size < PAI_V1_ENTRIES_BASE) { /* Corrupted - too small. */ - return False; + return false; } - if (CVAL(pai_buf,PAI_VERSION_OFFSET) != PAI_VERSION) - return False; + if (CVAL(pai_buf,PAI_VERSION_OFFSET) != PAI_V1_VERSION) { + return false; + } - num_entries = SVAL(pai_buf,PAI_NUM_ENTRIES_OFFSET); - num_def_entries = SVAL(pai_buf,PAI_NUM_DEFAULT_ENTRIES_OFFSET); + num_entries = SVAL(pai_buf,PAI_V1_NUM_ENTRIES_OFFSET); + num_def_entries = SVAL(pai_buf,PAI_V1_NUM_DEFAULT_ENTRIES_OFFSET); /* Check the entry lists match. */ /* Each entry is 5 bytes (type plus 4 bytes of uid or gid). */ - if (((num_entries + num_def_entries)*PAI_ENTRY_LENGTH) + PAI_ENTRIES_BASE != pai_buf_data_size) - return False; + if (((num_entries + num_def_entries)*PAI_V1_ENTRY_LENGTH) + + PAI_V1_ENTRIES_BASE != pai_buf_data_size) { + return false; + } - return True; + return true; +} + +/************************************************************************ + Ensure an attribute just read is valid - v2. +************************************************************************/ + +static bool check_pai_ok_v2(const char *pai_buf, size_t pai_buf_data_size) +{ + uint16 num_entries; + uint16 num_def_entries; + + if (pai_buf_data_size < PAI_V2_ENTRIES_BASE) { + /* Corrupted - too small. */ + return false; + } + + if (CVAL(pai_buf,PAI_VERSION_OFFSET) != PAI_V2_VERSION) { + return false; + } + + num_entries = SVAL(pai_buf,PAI_V2_NUM_ENTRIES_OFFSET); + num_def_entries = SVAL(pai_buf,PAI_V2_NUM_DEFAULT_ENTRIES_OFFSET); + + /* Check the entry lists match. */ + /* Each entry is 6 bytes (flags + type + 4 bytes of uid or gid). */ + + if (((num_entries + num_def_entries)*PAI_V2_ENTRY_LENGTH) + + PAI_V2_ENTRIES_BASE != pai_buf_data_size) { + return false; + } + + return true; } +/************************************************************************ + Decode the owner. +************************************************************************/ + +static bool get_pai_owner_type(struct pai_entry *paie, const char *entry_offset) +{ + paie->owner_type = (enum ace_owner)CVAL(entry_offset,0); + switch( paie->owner_type) { + case UID_ACE: + paie->unix_ug.uid = (uid_t)IVAL(entry_offset,1); + DEBUG(10,("get_pai_owner_type: uid = %u\n", + (unsigned int)paie->unix_ug.uid )); + break; + case GID_ACE: + paie->unix_ug.gid = (gid_t)IVAL(entry_offset,1); + DEBUG(10,("get_pai_owner_type: gid = %u\n", + (unsigned int)paie->unix_ug.gid )); + break; + case WORLD_ACE: + paie->unix_ug.world = -1; + DEBUG(10,("get_pai_owner_type: world ace\n")); + break; + default: + return false; + } + return true; +} /************************************************************************ - Convert to in-memory format. + Process v2 entries. ************************************************************************/ -static struct pai_val *create_pai_val(char *buf, size_t size) +static const char *create_pai_v1_entries(struct pai_val *paiv, + const char *entry_offset, + bool def_entry) { - char *entry_offset; - struct pai_val *paiv = NULL; int i; - if (!check_pai_ok(buf, size)) + for (i = 0; i < paiv->num_entries; i++) { + struct pai_entry *paie = SMB_MALLOC_P(struct pai_entry); + if (!paie) { + return NULL; + } + + paie->ace_flags = SEC_ACE_FLAG_INHERITED_ACE; + if (!get_pai_owner_type(paie, entry_offset)) { + return NULL; + } + + if (!def_entry) { + DLIST_ADD(paiv->entry_list, paie); + } else { + DLIST_ADD(paiv->def_entry_list, paie); + } + entry_offset += PAI_V1_ENTRY_LENGTH; + } + return entry_offset; +} + +/************************************************************************ + Convert to in-memory format from version 1. +************************************************************************/ + +static struct pai_val *create_pai_val_v1(const char *buf, size_t size) +{ + const char *entry_offset; + struct pai_val *paiv = NULL; + + if (!check_pai_ok_v1(buf, size)) { return NULL; + } paiv = SMB_MALLOC_P(struct pai_val); - if (!paiv) + if (!paiv) { return NULL; + } memset(paiv, '\0', sizeof(struct pai_val)); - paiv->pai_protected = (CVAL(buf,PAI_FLAG_OFFSET) == PAI_ACL_FLAG_PROTECTED); + paiv->sd_type = (CVAL(buf,PAI_V1_FLAG_OFFSET) == PAI_V1_ACL_FLAG_PROTECTED) ? + SE_DESC_DACL_PROTECTED : 0; - paiv->num_entries = SVAL(buf,PAI_NUM_ENTRIES_OFFSET); - paiv->num_def_entries = SVAL(buf,PAI_NUM_DEFAULT_ENTRIES_OFFSET); + paiv->num_entries = SVAL(buf,PAI_V1_NUM_ENTRIES_OFFSET); + paiv->num_def_entries = SVAL(buf,PAI_V1_NUM_DEFAULT_ENTRIES_OFFSET); - entry_offset = buf + PAI_ENTRIES_BASE; + entry_offset = buf + PAI_V1_ENTRIES_BASE; - DEBUG(10,("create_pai_val:%s num_entries = %u, num_def_entries = %u\n", - paiv->pai_protected ? " (pai_protected)" : "", paiv->num_entries, paiv->num_def_entries )); + DEBUG(10,("create_pai_val: num_entries = %u, num_def_entries = %u\n", + paiv->num_entries, paiv->num_def_entries )); - for (i = 0; i < paiv->num_entries; i++) { - struct pai_entry *paie; + entry_offset = create_pai_v1_entries(paiv, entry_offset, false); + if (entry_offset == NULL) { + free_inherited_info(paiv); + return NULL; + } + entry_offset = create_pai_v1_entries(paiv, entry_offset, true); + if (entry_offset == NULL) { + free_inherited_info(paiv); + return NULL; + } + + return paiv; +} + +/************************************************************************ + Process v2 entries. +************************************************************************/ + +static const char *create_pai_v2_entries(struct pai_val *paiv, + const char *entry_offset, + bool def_entry) +{ + int i; - paie = SMB_MALLOC_P(struct pai_entry); + for (i = 0; i < paiv->num_entries; i++) { + struct pai_entry *paie = SMB_MALLOC_P(struct pai_entry); if (!paie) { - free_inherited_info(paiv); return NULL; } - paie->owner_type = (enum ace_owner)CVAL(entry_offset,0); - switch( paie->owner_type) { - case UID_ACE: - paie->unix_ug.uid = (uid_t)IVAL(entry_offset,1); - DEBUG(10,("create_pai_val: uid = %u\n", (unsigned int)paie->unix_ug.uid )); - break; - case GID_ACE: - paie->unix_ug.gid = (gid_t)IVAL(entry_offset,1); - DEBUG(10,("create_pai_val: gid = %u\n", (unsigned int)paie->unix_ug.gid )); - break; - case WORLD_ACE: - paie->unix_ug.world = -1; - DEBUG(10,("create_pai_val: world ace\n")); - break; - default: - free_inherited_info(paiv); - return NULL; - } - entry_offset += PAI_ENTRY_LENGTH; - DLIST_ADD(paiv->entry_list, paie); - } + paie->ace_flags = CVAL(entry_offset,0); - for (i = 0; i < paiv->num_def_entries; i++) { - struct pai_entry *paie; + entry_offset++; - paie = SMB_MALLOC_P(struct pai_entry); - if (!paie) { - free_inherited_info(paiv); + if (!get_pai_owner_type(paie, entry_offset)) { return NULL; } - - paie->owner_type = (enum ace_owner)CVAL(entry_offset,0); - switch( paie->owner_type) { - case UID_ACE: - paie->unix_ug.uid = (uid_t)IVAL(entry_offset,1); - DEBUG(10,("create_pai_val: (def) uid = %u\n", (unsigned int)paie->unix_ug.uid )); - break; - case GID_ACE: - paie->unix_ug.gid = (gid_t)IVAL(entry_offset,1); - DEBUG(10,("create_pai_val: (def) gid = %u\n", (unsigned int)paie->unix_ug.gid )); - break; - case WORLD_ACE: - paie->unix_ug.world = -1; - DEBUG(10,("create_pai_val: (def) world ace\n")); - break; - default: - free_inherited_info(paiv); - return NULL; + if (!def_entry) { + DLIST_ADD(paiv->entry_list, paie); + } else { + DLIST_ADD(paiv->def_entry_list, paie); } - entry_offset += PAI_ENTRY_LENGTH; - DLIST_ADD(paiv->def_entry_list, paie); + entry_offset += PAI_V2_ENTRY_LENGTH; + } + return entry_offset; +} + +/************************************************************************ + Convert to in-memory format from version 2. +************************************************************************/ + +static struct pai_val *create_pai_val_v2(const char *buf, size_t size) +{ + const char *entry_offset; + struct pai_val *paiv = NULL; + + if (!check_pai_ok_v2(buf, size)) { + return NULL; + } + + paiv = SMB_MALLOC_P(struct pai_val); + if (!paiv) { + return NULL; + } + + memset(paiv, '\0', sizeof(struct pai_val)); + + paiv->sd_type = SVAL(buf,PAI_V2_TYPE_OFFSET); + + paiv->num_entries = SVAL(buf,PAI_V2_NUM_ENTRIES_OFFSET); + paiv->num_def_entries = SVAL(buf,PAI_V2_NUM_DEFAULT_ENTRIES_OFFSET); + + entry_offset = buf + PAI_V2_ENTRIES_BASE; + + DEBUG(10,("create_pai_val_v2: num_entries = %u, num_def_entries = %u\n", + paiv->num_entries, paiv->num_def_entries )); + + entry_offset = create_pai_v2_entries(paiv, entry_offset, false); + if (entry_offset == NULL) { + free_inherited_info(paiv); + return NULL; + } + entry_offset = create_pai_v2_entries(paiv, entry_offset, true); + if (entry_offset == NULL) { + free_inherited_info(paiv); + return NULL; } return paiv; } /************************************************************************ + Convert to in-memory format - from either version 1 or 2. +************************************************************************/ + +static struct pai_val *create_pai_val(const char *buf, size_t size) +{ + if (size < 1) { + return NULL; + } + if (CVAL(buf,PAI_VERSION_OFFSET) == PAI_V1_VERSION) { + return create_pai_val_v1(buf, size); + } else if (CVAL(buf,PAI_VERSION_OFFSET) == PAI_V2_VERSION) { + return create_pai_val_v2(buf, size); + } else { + return NULL; + } +} + +/************************************************************************ Load the user.SAMBA_PAI attribute. ************************************************************************/ @@ -437,19 +585,22 @@ static struct pai_val *fload_inherited_info(files_struct *fsp) struct pai_val *paiv = NULL; ssize_t ret; - if (!lp_map_acl_inherit(SNUM(fsp->conn))) + if (!lp_map_acl_inherit(SNUM(fsp->conn))) { return NULL; + } - if ((pai_buf = (char *)SMB_MALLOC(pai_buf_size)) == NULL) + if ((pai_buf = (char *)SMB_MALLOC(pai_buf_size)) == NULL) { return NULL; + } do { - if (fsp->fh->fd != -1) + if (fsp->fh->fd != -1) { ret = SMB_VFS_FGETXATTR(fsp, SAMBA_POSIX_INHERITANCE_EA_NAME, pai_buf, pai_buf_size); - else + } else { ret = SMB_VFS_GETXATTR(fsp->conn,fsp->fsp_name,SAMBA_POSIX_INHERITANCE_EA_NAME, pai_buf, pai_buf_size); + } if (ret == -1) { if (errno != ERANGE) { @@ -483,8 +634,11 @@ static struct pai_val *fload_inherited_info(files_struct *fsp) paiv = create_pai_val(pai_buf, ret); - if (paiv && paiv->pai_protected) - DEBUG(10,("load_inherited_info: ACL is protected for file %s\n", fsp->fsp_name)); + if (paiv) { + DEBUG(10,("load_inherited_info: ACL type is 0x%x for file %s\n", + (unsigned int)paiv->sd_type, + fsp->fsp_name)); + } SAFE_FREE(pai_buf); return paiv; @@ -547,8 +701,10 @@ static struct pai_val *load_inherited_info(const struct connection_struct *conn, paiv = create_pai_val(pai_buf, ret); - if (paiv && paiv->pai_protected) { - DEBUG(10,("load_inherited_info: ACL is protected for file %s\n", fname)); + if (paiv) { + DEBUG(10,("load_inherited_info: ACL type 0x%x for file %s\n", + (unsigned int)paiv->sd_type, + fname)); } SAFE_FREE(pai_buf); @@ -641,8 +797,8 @@ static void print_canon_ace(canon_ace *pace, int num) dbgtext( "MASK " ); break; } - if (pace->inherited) - dbgtext( "(inherited) "); + + dbgtext( "ace_flags = 0x%x ", (unsigned int)pace->ace_flags); dbgtext( "perms "); dbgtext( "%c", pace->perms & S_IRUSR ? 'r' : '-'); dbgtext( "%c", pace->perms & S_IWUSR ? 'w' : '-'); @@ -1519,7 +1675,9 @@ static bool create_canon_ace_lists(files_struct *fsp, current_ace->perms |= map_nt_perms( &psa->access_mask, S_IRUSR); current_ace->attr = (psa->type == SEC_ACE_TYPE_ACCESS_ALLOWED) ? ALLOW_ACE : DENY_ACE; - current_ace->inherited = ((psa->flags & SEC_ACE_FLAG_INHERITED_ACE) ? True : False); + + /* Store the ace_flag. */ + current_ace->ace_flags = psa->flags; /* * Now add the created ace to either the file list, the directory @@ -2160,7 +2318,7 @@ static void arrange_posix_perms(const char *filename, canon_ace **pp_list_head) other_ace = ace; } } - + if (!owner_ace || !other_ace) { DEBUG(0,("arrange_posix_perms: Invalid POSIX permissions for file %s, missing owner or other.\n", filename )); @@ -2184,7 +2342,7 @@ static void arrange_posix_perms(const char *filename, canon_ace **pp_list_head) *pp_list_head = list_head; } - + /**************************************************************************** Create a linked list of canonical ACE entries. ****************************************************************************/ @@ -2297,7 +2455,7 @@ static canon_ace *canonicalise_acl(struct connection_struct *conn, ace->trustee = sid; ace->unix_ug = unix_ug; ace->owner_type = owner_type; - ace->inherited = get_inherited_flag(pal, ace, (the_acl_type == SMB_ACL_TYPE_DEFAULT)); + ace->ace_flags = get_pai_flags(pal, ace, (the_acl_type == SMB_ACL_TYPE_DEFAULT)); DLIST_ADD(list_head, ace); } @@ -2968,8 +3126,7 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, &ace->trustee, nt_acl_type, acc, - ace->inherited ? - SEC_ACE_FLAG_INHERITED_ACE : 0); + ace->ace_flags); } /* The User must have access to a profile share - even @@ -2990,11 +3147,10 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, &ace->trustee, nt_acl_type, acc, + ace->ace_flags | SEC_ACE_FLAG_OBJECT_INHERIT| SEC_ACE_FLAG_CONTAINER_INHERIT| - SEC_ACE_FLAG_INHERIT_ONLY| - (ace->inherited ? - SEC_ACE_FLAG_INHERITED_ACE : 0)); + SEC_ACE_FLAG_INHERIT_ONLY); } /* The User must have access to a profile share - even @@ -3045,8 +3201,10 @@ static NTSTATUS posix_get_nt_acl_common(struct connection_struct *conn, * flag doesn't seem to bother Windows NT. * Always set this if map acl inherit is turned off. */ - if (get_protected_flag(pal) || !lp_map_acl_inherit(SNUM(conn))) { - psd->type |= SE_DESC_DACL_PROTECTED; + if (pal == NULL || !lp_map_acl_inherit(SNUM(conn))) { + psd->type |= SEC_DESC_DACL_PROTECTED; + } else { + psd->type |= pal->sd_type; } if (psd->dacl) { @@ -3236,7 +3394,7 @@ NTSTATUS append_parent_acl(files_struct *fsp, int info; unsigned int i, j; SEC_DESC *psd = dup_sec_desc(talloc_tos(), pcsd); - bool is_dacl_protected = (pcsd->type & SE_DESC_DACL_PROTECTED); + bool is_dacl_protected = (pcsd->type & SEC_DESC_DACL_PROTECTED); ZERO_STRUCT(sbuf); @@ -3617,8 +3775,10 @@ NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC if (set_acl_as_root) { become_root(); } - store_inheritance_attributes(fsp, file_ace_list, dir_ace_list, - (psd->type & SE_DESC_DACL_PROTECTED) ? True : False); + store_inheritance_attributes(fsp, + file_ace_list, + dir_ace_list, + psd->type); if (set_acl_as_root) { unbecome_root(); } diff --git a/source3/smbd/process.c b/source3/smbd/process.c index a025bb4197..c9fc1fbb6a 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -692,57 +692,55 @@ struct idle_event *event_add_idle(struct event_context *event_ctx, return result; } -/**************************************************************************** - Do all async processing in here. This includes kernel oplock messages, change - notify events etc. -****************************************************************************/ - -static void async_processing(void) +static void smbd_sig_term_handler(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data) { - DEBUG(10,("async_processing: Doing async processing.\n")); - - process_aio_queue(); - - process_kernel_oplocks(smbd_messaging_context()); - - /* Do the aio check again after receive_local_message as it does a - select and may have eaten our signal. */ - /* Is this till true? -- vl */ - process_aio_queue(); + exit_server_cleanly("termination signal"); +} - if (got_sig_term) { - exit_server_cleanly("termination signal"); - } +void smbd_setup_sig_term_handler(void) +{ + struct tevent_signal *se; - /* check for sighup processing */ - if (reload_after_sighup) { - change_to_root_user(); - DEBUG(1,("Reloading services after SIGHUP\n")); - reload_services(False); - reload_after_sighup = 0; + se = tevent_add_signal(smbd_event_context(), + smbd_event_context(), + SIGTERM, 0, + smbd_sig_term_handler, + NULL); + if (!se) { + exit_server("failed to setup SIGTERM handler"); } } -/**************************************************************************** - Do a select on an two fd's - with timeout. - - If a local udp message has been pushed onto the - queue (this can only happen during oplock break - processing) call async_processing() - - If a pending smb message has been pushed onto the - queue (this can only happen during oplock break - processing) return this next. +static void smbd_sig_hup_handler(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data) +{ + change_to_root_user(); + DEBUG(1,("Reloading services after SIGHUP\n")); + reload_services(False); +} - If the first smbfd is ready then read an smb from it. - if the second (loopback UDP) fd is ready then read a message - from it and setup the buffer header to identify the length - and from address. - Returns False on timeout or error. - Else returns True. +void smbd_setup_sig_hup_handler(void) +{ + struct tevent_signal *se; -The timeout is in milliseconds -****************************************************************************/ + se = tevent_add_signal(smbd_event_context(), + smbd_event_context(), + SIGHUP, 0, + smbd_sig_hup_handler, + NULL); + if (!se) { + exit_server("failed to setup SIGHUP handler"); + } +} static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection *conn) { @@ -762,26 +760,6 @@ static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection * FD_ZERO(&w_fds); /* - * Ensure we process oplock break messages by preference. - * We have to do this before the select, after the select - * and if the select returns EINTR. This is due to the fact - * that the selects called from async_processing can eat an EINTR - * caused by a signal (we can't take the break message there). - * This is hideously complex - *MUST* be simplified for 3.0 ! JRA. - */ - - if (oplock_message_waiting()) { - DEBUG(10,("receive_message_or_smb: oplock_message is waiting.\n")); - async_processing(); - /* - * After async processing we must go and do the select again, as - * the state of the flag in fds for the server file descriptor is - * indeterminate - we may have done I/O on it in the oplock processing. JRA. - */ - return NT_STATUS_RETRY; - } - - /* * Are there any timed events waiting ? If so, ensure we don't * select for longer than it would take to wait for them. */ @@ -814,20 +792,6 @@ static NTSTATUS smbd_server_connection_loop_once(struct smbd_server_connection * return NT_STATUS_RETRY; } - /* if we get EINTR then maybe we have received an oplock - signal - treat this as select returning 1. This is ugly, but - is the best we can do until the oplock code knows more about - signals */ - if (selrtn == -1 && errno == EINTR) { - async_processing(); - /* - * After async processing we must go and do the select again, as - * the state of the flag in fds for the server file descriptor is - * indeterminate - we may have done I/O on it in the oplock processing. JRA. - */ - return NT_STATUS_RETRY; - } - /* Check if error */ if (selrtn == -1) { /* something is wrong. Maybe the socket is dead? */ @@ -866,31 +830,6 @@ NTSTATUS allow_new_trans(struct trans_state *list, int mid) return NT_STATUS_OK; } -/**************************************************************************** - We're terminating and have closed all our files/connections etc. - If there are any pending local messages we need to respond to them - before termination so that other smbds don't think we just died whilst - holding oplocks. -****************************************************************************/ - -void respond_to_all_remaining_local_messages(void) -{ - /* - * Assert we have no exclusive open oplocks. - */ - - if(get_number_of_exclusive_open_oplocks()) { - DEBUG(0,("respond_to_all_remaining_local_messages: PANIC : we have %d exclusive oplocks.\n", - get_number_of_exclusive_open_oplocks() )); - return; - } - - process_kernel_oplocks(smbd_messaging_context()); - - return; -} - - /* These flags determine some of the permissions required to do an operation @@ -1420,8 +1359,6 @@ static void construct_reply(char *inbuf, int size, size_t unread_bytes, bool enc connection_struct *conn; struct smb_request *req; - chain_size = 0; - if (!(req = talloc(talloc_tos(), struct smb_request))) { smb_panic("could not allocate smb_request"); } @@ -1830,9 +1767,8 @@ void check_reload(time_t t) mypid = getpid(); } - if (reload_after_sighup || (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK)) { + if (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK) { reload_services(True); - reload_after_sighup = False; last_smb_conf_reload_time = t; } @@ -1903,12 +1839,135 @@ static void smbd_server_connection_handler(struct event_context *ev, } } + +/**************************************************************************** +received when we should release a specific IP +****************************************************************************/ +static void release_ip(const char *ip, void *priv) +{ + char addr[INET6_ADDRSTRLEN]; + + if (strcmp(client_socket_addr(get_client_fd(),addr,sizeof(addr)), ip) == 0) { + /* we can't afford to do a clean exit - that involves + database writes, which would potentially mean we + are still running after the failover has finished - + we have to get rid of this process ID straight + away */ + DEBUG(0,("Got release IP message for our IP %s - exiting immediately\n", + ip)); + /* note we must exit with non-zero status so the unclean handler gets + called in the parent, so that the brl database is tickled */ + _exit(1); + } +} + +static void msg_release_ip(struct messaging_context *msg_ctx, void *private_data, + uint32_t msg_type, struct server_id server_id, DATA_BLOB *data) +{ + release_ip((char *)data->data, NULL); +} + +#ifdef CLUSTER_SUPPORT +static int client_get_tcp_info(struct sockaddr_storage *server, + struct sockaddr_storage *client) +{ + socklen_t length; + if (server_fd == -1) { + return -1; + } + length = sizeof(*server); + if (getsockname(server_fd, (struct sockaddr *)server, &length) != 0) { + return -1; + } + length = sizeof(*client); + if (getpeername(server_fd, (struct sockaddr *)client, &length) != 0) { + return -1; + } + return 0; +} +#endif + +/* + * Send keepalive packets to our client + */ +static bool keepalive_fn(const struct timeval *now, void *private_data) +{ + if (!send_keepalive(smbd_server_fd())) { + DEBUG( 2, ( "Keepalive failed - exiting.\n" ) ); + return False; + } + return True; +} + +/* + * Do the recurring check if we're idle + */ +static bool deadtime_fn(const struct timeval *now, void *private_data) +{ + if ((conn_num_open() == 0) + || (conn_idle_all(now->tv_sec))) { + DEBUG( 2, ( "Closing idle connection\n" ) ); + messaging_send(smbd_messaging_context(), procid_self(), + MSG_SHUTDOWN, &data_blob_null); + return False; + } + + return True; +} + +/* + * Do the recurring log file and smb.conf reload checks. + */ + +static bool housekeeping_fn(const struct timeval *now, void *private_data) +{ + change_to_root_user(); + + /* update printer queue caches if necessary */ + update_monitored_printq_cache(); + + /* check if we need to reload services */ + check_reload(time(NULL)); + + /* Change machine password if neccessary. */ + attempt_machine_password_change(); + + /* + * Force a log file check. + */ + force_check_log_size(); + check_log_size(); + return true; +} + /**************************************************************************** Process commands from the client ****************************************************************************/ void smbd_process(void) { + TALLOC_CTX *frame = talloc_stackframe(); + char remaddr[INET6_ADDRSTRLEN]; + + smbd_server_conn = talloc_zero(smbd_event_context(), struct smbd_server_connection); + if (!smbd_server_conn) { + exit_server("failed to create smbd_server_connection"); + } + + /* Ensure child is set to blocking mode */ + set_blocking(smbd_server_fd(),True); + + set_socket_options(smbd_server_fd(),"SO_KEEPALIVE"); + set_socket_options(smbd_server_fd(), lp_socket_options()); + + /* this is needed so that we get decent entries + in smbstatus for port 445 connects */ + set_remote_machine_name(get_peer_addr(smbd_server_fd(), + remaddr, + sizeof(remaddr)), + false); + reload_services(true); + /* * Before the first packet, check the global hosts allow/ hosts deny * parameters before doing any parsing of packets passed to us by the @@ -1931,12 +1990,96 @@ void smbd_process(void) exit_server_cleanly("connection denied"); } - max_recv = MIN(lp_maxxmit(),BUFFER_SIZE); + static_init_rpc; - smbd_server_conn = talloc_zero(smbd_event_context(), struct smbd_server_connection); - if (!smbd_server_conn) { - exit_server("failed to create smbd_server_connection"); + init_modules(); + + if (!init_account_policy()) { + exit_server("Could not open account policy tdb.\n"); + } + + if (*lp_rootdir()) { + if (chroot(lp_rootdir()) != 0) { + DEBUG(0,("Failed changed root to %s\n", lp_rootdir())); + exit_server("Failed to chroot()"); + } + DEBUG(0,("Changed root to %s\n", lp_rootdir())); + } + + /* Setup oplocks */ + if (!init_oplocks(smbd_messaging_context())) + exit_server("Failed to init oplocks"); + + /* Setup aio signal handler. */ + initialize_async_io_handler(); + + /* register our message handlers */ + messaging_register(smbd_messaging_context(), NULL, + MSG_SMB_FORCE_TDIS, msg_force_tdis); + messaging_register(smbd_messaging_context(), NULL, + MSG_SMB_RELEASE_IP, msg_release_ip); + messaging_register(smbd_messaging_context(), NULL, + MSG_SMB_CLOSE_FILE, msg_close_file); + + if ((lp_keepalive() != 0) + && !(event_add_idle(smbd_event_context(), NULL, + timeval_set(lp_keepalive(), 0), + "keepalive", keepalive_fn, + NULL))) { + DEBUG(0, ("Could not add keepalive event\n")); + exit(1); + } + + if (!(event_add_idle(smbd_event_context(), NULL, + timeval_set(IDLE_CLOSED_TIMEOUT, 0), + "deadtime", deadtime_fn, NULL))) { + DEBUG(0, ("Could not add deadtime event\n")); + exit(1); } + + if (!(event_add_idle(smbd_event_context(), NULL, + timeval_set(SMBD_SELECT_TIMEOUT, 0), + "housekeeping", housekeeping_fn, NULL))) { + DEBUG(0, ("Could not add housekeeping event\n")); + exit(1); + } + +#ifdef CLUSTER_SUPPORT + + if (lp_clustering()) { + /* + * We need to tell ctdb about our client's TCP + * connection, so that for failover ctdbd can send + * tickle acks, triggering a reconnection by the + * client. + */ + + struct sockaddr_storage srv, clnt; + + if (client_get_tcp_info(&srv, &clnt) == 0) { + + NTSTATUS status; + + status = ctdbd_register_ips( + messaging_ctdbd_connection(), + &srv, &clnt, release_ip, NULL); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(0, ("ctdbd_register_ips failed: %s\n", + nt_errstr(status))); + } + } else + { + DEBUG(0,("Unable to get tcp info for " + "CTDB_CONTROL_TCP_CLIENT: %s\n", + strerror(errno))); + } + } + +#endif + + max_recv = MIN(lp_maxxmit(),BUFFER_SIZE); + smbd_server_conn->fde = event_add_fd(smbd_event_context(), smbd_server_conn, smbd_server_fd(), @@ -1947,9 +2090,12 @@ void smbd_process(void) exit_server("failed to create smbd_server_connection fde"); } + TALLOC_FREE(frame); + while (True) { NTSTATUS status; - TALLOC_CTX *frame = talloc_stackframe_pool(8192); + + frame = talloc_stackframe_pool(8192); errno = 0; @@ -1958,9 +2104,35 @@ void smbd_process(void) !NT_STATUS_IS_OK(status)) { DEBUG(3, ("smbd_server_connection_loop_once failed: %s," " exiting\n", nt_errstr(status))); - return; + break; } TALLOC_FREE(frame); } + + exit_server_cleanly(NULL); +} + +bool req_is_in_chain(struct smb_request *req) +{ + if (req->vwv != (uint16_t *)(req->inbuf+smb_vwv)) { + /* + * We're right now handling a subsequent request, so we must + * be in a chain + */ + return true; + } + + if (!is_andx_req(req->cmd)) { + return false; + } + + if (req->wct < 2) { + /* + * Okay, an illegal request, but definitely not chained :-) + */ + return false; + } + + return (CVAL(req->vwv+0, 0) != 0xFF); } diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 52dab0a013..bb5fadd465 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -1816,7 +1816,7 @@ void reply_open_and_X(struct smb_request *req) END_PROFILE(SMBopenX); return; } - sbuf.st_size = get_allocation_size(conn,fsp,&sbuf); + sbuf.st_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf); } fattr = dos_mode(conn,fsp->fsp_name,&sbuf); @@ -2728,11 +2728,12 @@ static void reply_readbraw_error(void) Use sendfile in readbraw. ****************************************************************************/ -void send_file_readbraw(connection_struct *conn, - files_struct *fsp, - SMB_OFF_T startpos, - size_t nread, - ssize_t mincount) +static void send_file_readbraw(connection_struct *conn, + struct smb_request *req, + files_struct *fsp, + SMB_OFF_T startpos, + size_t nread, + ssize_t mincount) { char *outbuf = NULL; ssize_t ret=0; @@ -2745,7 +2746,7 @@ void send_file_readbraw(connection_struct *conn, * reply_readbraw has already checked the length. */ - if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) && + if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) && (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) { ssize_t sendfile_read = -1; char header[4]; @@ -2963,7 +2964,7 @@ void reply_readbraw(struct smb_request *req) (unsigned long)mincount, (unsigned long)nread ) ); - send_file_readbraw(conn, fsp, startpos, nread, mincount); + send_file_readbraw(conn, req, fsp, startpos, nread, mincount); DEBUG(5,("reply_readbraw finished\n")); END_PROFILE(SMBreadbraw); @@ -3229,7 +3230,7 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, * on a train in Germany :-). JRA. */ - if ((chain_size == 0) && (CVAL(req->vwv+0, 0) == 0xFF) && + if (!req_is_in_chain(req) && !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) && lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) { uint8 headerbuf[smb_size + 12 * 2]; @@ -5615,7 +5616,13 @@ NTSTATUS rename_internals_fsp(connection_struct *conn, return map_nt_error_from_unix(errno); } } else { - if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) { + int ret = -1; + if (fsp->posix_open) { + ret = SMB_VFS_LSTAT(conn,fsp->fsp_name,&sbuf); + } else { + ret = SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf); + } + if (ret == -1) { return map_nt_error_from_unix(errno); } } @@ -5720,6 +5727,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, const char *dname; long offset = 0; int create_options = 0; + bool posix_pathnames = lp_posix_pathnames(); ZERO_STRUCT(sbuf1); ZERO_STRUCT(sbuf2); @@ -5831,7 +5839,11 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, } ZERO_STRUCT(sbuf1); - SMB_VFS_STAT(conn, directory, &sbuf1); + if (posix_pathnames) { + SMB_VFS_LSTAT(conn, directory, &sbuf1); + } else { + SMB_VFS_STAT(conn, directory, &sbuf1); + } if (S_ISDIR(sbuf1.st_mode)) { create_options |= FILE_DIRECTORY_FILE; @@ -5848,7 +5860,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, FILE_SHARE_WRITE), FILE_OPEN, /* create_disposition*/ create_options, /* create_options */ - 0, /* file_attributes */ + posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */ 0, /* oplock_request */ 0, /* allocation_size */ NULL, /* sd */ @@ -5947,7 +5959,11 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, } ZERO_STRUCT(sbuf1); - SMB_VFS_STAT(conn, fname, &sbuf1); + if (posix_pathnames) { + SMB_VFS_LSTAT(conn, fname, &sbuf1); + } else { + SMB_VFS_STAT(conn, fname, &sbuf1); + } create_options = 0; @@ -5966,7 +5982,7 @@ NTSTATUS rename_internals(TALLOC_CTX *ctx, FILE_SHARE_WRITE), FILE_OPEN, /* create_disposition*/ create_options, /* create_options */ - 0, /* file_attributes */ + posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */ 0, /* oplock_request */ 0, /* allocation_size */ NULL, /* sd */ @@ -7166,7 +7182,14 @@ void reply_setattrE(struct smb_request *req) return; } } else { - if (SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf) == -1) { + int ret = -1; + + if (fsp->posix_open) { + ret = SMB_VFS_LSTAT(conn, fsp->fsp_name, &sbuf); + } else { + ret = SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf); + } + if (ret == -1) { status = map_nt_error_from_unix(errno); reply_nterror(req, status); END_PROFILE(SMBsetattrE); @@ -7281,7 +7304,7 @@ void reply_getattrE(struct smb_request *req) SIVAL(req->outbuf, smb_vwv6, 0); SIVAL(req->outbuf, smb_vwv8, 0); } else { - uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf); + uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &sbuf); SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size); SIVAL(req->outbuf, smb_vwv8, allocation_size); } diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 505763014e..5f6783e05c 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -45,26 +45,6 @@ int get_client_fd(void) return server_fd; } -#ifdef CLUSTER_SUPPORT -static int client_get_tcp_info(struct sockaddr_storage *server, - struct sockaddr_storage *client) -{ - socklen_t length; - if (server_fd == -1) { - return -1; - } - length = sizeof(*server); - if (getsockname(server_fd, (struct sockaddr *)server, &length) != 0) { - return -1; - } - length = sizeof(*client); - if (getpeername(server_fd, (struct sockaddr *)client, &length) != 0) { - return -1; - } - return 0; -} -#endif - struct event_context *smbd_event_context(void) { if (!smbd_event_ctx) { @@ -134,35 +114,6 @@ static void smb_stat_cache_delete(struct messaging_context *msg, } /**************************************************************************** - Terminate signal. -****************************************************************************/ - -static void sig_term(void) -{ - got_sig_term = 1; - sys_select_signal(SIGTERM); -} - -/**************************************************************************** - Catch a sighup. -****************************************************************************/ - -static void sig_hup(int sig) -{ - reload_after_sighup = 1; - sys_select_signal(SIGHUP); -} - -/**************************************************************************** - Catch a sigcld -****************************************************************************/ -static void sig_cld(int sig) -{ - got_sig_cld = 1; - sys_select_signal(SIGCLD); -} - -/**************************************************************************** Send a SIGTERM to our process group. *****************************************************************************/ @@ -185,27 +136,6 @@ static void msg_sam_sync(struct messaging_context *msg, DEBUG(10, ("** sam sync message received, ignoring\n")); } - -/**************************************************************************** - Open the socket communication - inetd. -****************************************************************************/ - -static bool open_sockets_inetd(void) -{ - /* Started from inetd. fd 0 is the socket. */ - /* We will abort gracefully when the client or remote system - goes away */ - smbd_set_server_fd(dup(0)); - - /* close our standard file descriptors */ - close_low_fds(False); /* Don't close stderr */ - - set_socket_options(smbd_server_fd(),"SO_KEEPALIVE"); - set_socket_options(smbd_server_fd(), lp_socket_options()); - - return True; -} - static void msg_exit_server(struct messaging_context *msg, void *private_data, uint32_t msg_type, @@ -321,46 +251,271 @@ static bool allowable_number_of_smbd_processes(void) return num_children < max_processes; } +static void smbd_sig_chld_handler(struct tevent_context *ev, + struct tevent_signal *se, + int signum, + int count, + void *siginfo, + void *private_data) +{ + pid_t pid; + int status; + + while ((pid = sys_waitpid(-1, &status, WNOHANG)) > 0) { + bool unclean_shutdown = False; + + /* If the child terminated normally, assume + it was an unclean shutdown unless the + status is 0 + */ + if (WIFEXITED(status)) { + unclean_shutdown = WEXITSTATUS(status); + } + /* If the child terminated due to a signal + we always assume it was unclean. + */ + if (WIFSIGNALED(status)) { + unclean_shutdown = True; + } + remove_child_pid(pid, unclean_shutdown); + } +} + +static void smbd_setup_sig_chld_handler(void) +{ + struct tevent_signal *se; + + se = tevent_add_signal(smbd_event_context(), + smbd_event_context(), + SIGCHLD, 0, + smbd_sig_chld_handler, + NULL); + if (!se) { + exit_server("failed to setup SIGCHLD handler"); + } +} + +struct smbd_open_socket; + +struct smbd_parent_context { + bool interactive; + + /* the list of listening sockets */ + struct smbd_open_socket *sockets; +}; + +struct smbd_open_socket { + struct smbd_open_socket *prev, *next; + struct smbd_parent_context *parent; + int fd; + struct tevent_fd *fde; +}; + +static void smbd_open_socket_close_fn(struct tevent_context *ev, + struct tevent_fd *fde, + int fd, + void *private_data) +{ + /* this might be the socket_wrapper swrap_close() */ + close(fd); +} + +static void smbd_accept_connection(struct tevent_context *ev, + struct tevent_fd *fde, + uint16_t flags, + void *private_data) +{ + struct smbd_open_socket *s = talloc_get_type_abort(private_data, + struct smbd_open_socket); + struct sockaddr_storage addr; + socklen_t in_addrlen = sizeof(addr); + pid_t pid = 0; + + smbd_set_server_fd(accept(s->fd,(struct sockaddr *)&addr,&in_addrlen)); + + if (smbd_server_fd() == -1 && errno == EINTR) + return; + + if (smbd_server_fd() == -1) { + DEBUG(0,("open_sockets_smbd: accept: %s\n", + strerror(errno))); + return; + } + + if (s->parent->interactive) { + smbd_process(); + exit_server_cleanly("end of interactive mode"); + return; + } + + if (!allowable_number_of_smbd_processes()) { + close(smbd_server_fd()); + smbd_set_server_fd(-1); + return; + } + + pid = sys_fork(); + if (pid == 0) { + /* Child code ... */ + am_parent = 0; + + /* Stop zombies, the parent explicitly handles + * them, counting worker smbds. */ + CatchChild(); + + /* close our standard file + descriptors */ + close_low_fds(False); + + TALLOC_FREE(s->parent); + s = NULL; + + if (!reinit_after_fork( + smbd_messaging_context(), + smbd_event_context(), + true)) { + DEBUG(0,("reinit_after_fork() failed\n")); + smb_panic("reinit_after_fork() failed"); + } + + smbd_setup_sig_term_handler(); + smbd_setup_sig_hup_handler(); + + smbd_process(); + exit_server_cleanly("end of child"); + return; + } else if (pid < 0) { + DEBUG(0,("smbd_accept_connection: sys_fork() failed: %s\n", + strerror(errno))); + } + + /* The parent doesn't need this socket */ + close(smbd_server_fd()); + + /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu: + Clear the closed fd info out of server_fd -- + and more importantly, out of client_fd in + util_sock.c, to avoid a possible + getpeername failure if we reopen the logs + and use %I in the filename. + */ + + smbd_set_server_fd(-1); + + if (pid != 0) { + add_child_pid(pid); + } + + /* Force parent to check log size after + * spawning child. Fix from + * klausr@ITAP.Physik.Uni-Stuttgart.De. The + * parent smbd will log to logserver.smb. It + * writes only two messages for each child + * started/finished. But each child writes, + * say, 50 messages also in logserver.smb, + * begining with the debug_count of the + * parent, before the child opens its own log + * file logserver.client. In a worst case + * scenario the size of logserver.smb would be + * checked after about 50*50=2500 messages + * (ca. 100kb). + * */ + force_check_log_size(); +} + +static bool smbd_open_one_socket(struct smbd_parent_context *parent, + const struct sockaddr_storage *ifss, + uint16_t port) +{ + struct smbd_open_socket *s; + + s = talloc(parent, struct smbd_open_socket); + if (!s) { + return false; + } + + s->parent = parent; + s->fd = open_socket_in(SOCK_STREAM, + port, + parent->sockets == NULL ? 0 : 2, + ifss, + true); + if (s->fd == -1) { + DEBUG(0,("smbd_open_once_socket: open_socket_in: " + "%s\n", strerror(errno))); + close(s->fd); + TALLOC_FREE(s); + /* + * We ignore an error here, as we've done before + */ + return true; + } + + /* ready to listen */ + set_socket_options(s->fd, "SO_KEEPALIVE"); + set_socket_options(s->fd, lp_socket_options()); + + /* Set server socket to + * non-blocking for the accept. */ + set_blocking(s->fd, False); + + if (listen(s->fd, SMBD_LISTEN_BACKLOG) == -1) { + DEBUG(0,("open_sockets_smbd: listen: " + "%s\n", strerror(errno))); + close(s->fd); + TALLOC_FREE(s); + return false; + } + + s->fde = tevent_add_fd(smbd_event_context(), + s, + s->fd, TEVENT_FD_READ, + smbd_accept_connection, + s); + if (!s->fde) { + DEBUG(0,("open_sockets_smbd: " + "tevent_add_fd: %s\n", + strerror(errno))); + close(s->fd); + TALLOC_FREE(s); + return false; + } + tevent_fd_set_close_fn(s->fde, smbd_open_socket_close_fn); + + DLIST_ADD_END(parent->sockets, s, struct smbd_open_socket *); + + return true; +} + /**************************************************************************** Open the socket communication. ****************************************************************************/ -static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ports) +static bool open_sockets_smbd(struct smbd_parent_context *parent, + const char *smb_ports) { int num_interfaces = iface_count(); - int num_sockets = 0; - int fd_listenset[FD_SETSIZE]; - fd_set listen_set; - int s; - int maxfd = 0; int i; char *ports; - struct dns_reg_state * dns_reg = NULL; unsigned dns_port = 0; - if (!is_daemon) { - return open_sockets_inetd(); - } - #ifdef HAVE_ATEXIT atexit(killkids); #endif /* Stop zombies */ - CatchSignal(SIGCLD, sig_cld); - - FD_ZERO(&listen_set); + smbd_setup_sig_chld_handler(); /* use a reasonable default set of ports - listing on 445 and 139 */ if (!smb_ports) { ports = lp_smb_ports(); if (!ports || !*ports) { - ports = smb_xstrdup(SMB_PORTS); + ports = talloc_strdup(talloc_tos(), SMB_PORTS); } else { - ports = smb_xstrdup(ports); + ports = talloc_strdup(talloc_tos(), ports); } } else { - ports = smb_xstrdup(smb_ports); + ports = talloc_strdup(talloc_tos(), smb_ports); } if (lp_interfaces() && lp_bind_interfaces_only()) { @@ -372,7 +527,6 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ /* Now open a listen socket for each of the interfaces. */ for(i = 0; i < num_interfaces; i++) { - TALLOC_CTX *frame = NULL; const struct sockaddr_storage *ifss = iface_n_sockaddr_storage(i); char *tok; @@ -385,64 +539,22 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ continue; } - frame = talloc_stackframe(); for (ptr=ports; - next_token_talloc(frame,&ptr, &tok, " \t,");) { + next_token_talloc(talloc_tos(),&ptr, &tok, " \t,");) { unsigned port = atoi(tok); if (port == 0 || port > 0xffff) { continue; } - /* Keep the first port for mDNS service - * registration. - */ - if (dns_port == 0) { - dns_port = port; - } - - s = fd_listenset[num_sockets] = - open_socket_in(SOCK_STREAM, - port, - num_sockets == 0 ? 0 : 2, - ifss, - true); - if(s == -1) { - continue; - } - - /* ready to listen */ - set_socket_options(s,"SO_KEEPALIVE"); - set_socket_options(s,lp_socket_options()); - - /* Set server socket to - * non-blocking for the accept. */ - set_blocking(s,False); - - if (listen(s, SMBD_LISTEN_BACKLOG) == -1) { - DEBUG(0,("open_sockets_smbd: listen: " - "%s\n", strerror(errno))); - close(s); - TALLOC_FREE(frame); - return False; - } - FD_SET(s,&listen_set); - maxfd = MAX( maxfd, s); - - num_sockets++; - if (num_sockets >= FD_SETSIZE) { - DEBUG(0,("open_sockets_smbd: Too " - "many sockets to bind to\n")); - TALLOC_FREE(frame); - return False; + if (!smbd_open_one_socket(parent, ifss, port)) { + return false; } } - TALLOC_FREE(frame); } } else { /* Just bind to 0.0.0.0 - accept connections from anywhere. */ - TALLOC_CTX *frame = talloc_stackframe(); char *tok; const char *ptr; const char *sock_addr = lp_socket_address(); @@ -459,8 +571,8 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ } for (sock_ptr=sock_addr; - next_token_talloc(frame, &sock_ptr, &sock_tok, " \t,"); ) { - for (ptr=ports; next_token_talloc(frame, &ptr, &tok, " \t,"); ) { + next_token_talloc(talloc_tos(), &sock_ptr, &sock_tok, " \t,"); ) { + for (ptr=ports; next_token_talloc(talloc_tos(), &ptr, &tok, " \t,"); ) { struct sockaddr_storage ss; unsigned port = atoi(tok); @@ -481,52 +593,14 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ continue; } - s = open_socket_in(SOCK_STREAM, - port, - num_sockets == 0 ? 0 : 2, - &ss, - true); - if (s == -1) { - continue; - } - - /* ready to listen */ - set_socket_options(s,"SO_KEEPALIVE"); - set_socket_options(s,lp_socket_options()); - - /* Set server socket to non-blocking - * for the accept. */ - set_blocking(s,False); - - if (listen(s, SMBD_LISTEN_BACKLOG) == -1) { - DEBUG(0,("open_sockets_smbd: " - "listen: %s\n", - strerror(errno))); - close(s); - TALLOC_FREE(frame); - return False; - } - - fd_listenset[num_sockets] = s; - FD_SET(s,&listen_set); - maxfd = MAX( maxfd, s); - - num_sockets++; - - if (num_sockets >= FD_SETSIZE) { - DEBUG(0,("open_sockets_smbd: Too " - "many sockets to bind to\n")); - TALLOC_FREE(frame); - return False; + if (!smbd_open_one_socket(parent, &ss, port)) { + return false; } } } - TALLOC_FREE(frame); } - SAFE_FREE(ports); - - if (num_sockets == 0) { + if (parent->sockets == NULL) { DEBUG(0,("open_sockets_smbd: No " "sockets available to bind to.\n")); return false; @@ -565,57 +639,37 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ MSG_SMB_INJECT_FAULT, msg_inject_fault); #endif + if (dns_port != 0) { + smbd_setup_mdns_registration(smbd_event_context(), + parent, dns_port); + } + + return true; +} + +static void smbd_parent_loop(struct smbd_parent_context *parent) +{ /* now accept incoming connections - forking a new process for each incoming connection */ DEBUG(2,("waiting for a connection\n")); while (1) { struct timeval now, idle_timeout; fd_set r_fds, w_fds; + int maxfd = 0; int num; - - if (got_sig_cld) { - pid_t pid; - int status; - - got_sig_cld = False; - - while ((pid = sys_waitpid(-1, &status, WNOHANG)) > 0) { - bool unclean_shutdown = False; - - /* If the child terminated normally, assume - it was an unclean shutdown unless the - status is 0 - */ - if (WIFEXITED(status)) { - unclean_shutdown = WEXITSTATUS(status); - } - /* If the child terminated due to a signal - we always assume it was unclean. - */ - if (WIFSIGNALED(status)) { - unclean_shutdown = True; - } - remove_child_pid(pid, unclean_shutdown); - } - } + TALLOC_CTX *frame = talloc_stackframe(); if (run_events(smbd_event_context(), 0, NULL, NULL)) { + TALLOC_FREE(frame); continue; } idle_timeout = timeval_zero(); - memcpy((char *)&r_fds, (char *)&listen_set, - sizeof(listen_set)); FD_ZERO(&w_fds); + FD_ZERO(&r_fds); GetTimeOfDay(&now); - /* Kick off our mDNS registration. */ - if (dns_port != 0) { - dns_register_smbd(&dns_reg, dns_port, &maxfd, - &r_fds, &idle_timeout); - } - event_add_to_select_args(smbd_event_context(), &now, &r_fds, &w_fds, &idle_timeout, &maxfd); @@ -624,26 +678,13 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ timeval_is_zero(&idle_timeout) ? NULL : &idle_timeout); - if (run_events(smbd_event_context(), num, &r_fds, &w_fds)) { - continue; - } - - if (num == -1 && errno == EINTR) { - if (got_sig_term) { - exit_server_cleanly(NULL); - } - - /* check for sighup processing */ - if (reload_after_sighup) { - change_to_root_user(); - DEBUG(1,("Reloading services after SIGHUP\n")); - reload_services(False); - reload_after_sighup = 0; - } + /* check if we need to reload services */ + check_reload(time(NULL)); + if (run_events(smbd_event_context(), num, &r_fds, &w_fds)) { + TALLOC_FREE(frame); continue; } - /* If the idle timeout fired and we don't have any connected * users, exit gracefully. We should be running under a process @@ -652,128 +693,7 @@ static bool open_sockets_smbd(bool is_daemon, bool interactive, const char *smb_ if (num == 0 && count_all_current_connections() == 0) { exit_server_cleanly("idle timeout"); } - - /* process pending nDNS responses */ - if (dns_register_smbd_reply(dns_reg, &r_fds, &idle_timeout)) { - --num; - } - - /* check if we need to reload services */ - check_reload(time(NULL)); - - /* Find the sockets that are read-ready - - accept on these. */ - for( ; num > 0; num--) { - struct sockaddr addr; - socklen_t in_addrlen = sizeof(addr); - pid_t child = 0; - - s = -1; - for(i = 0; i < num_sockets; i++) { - if(FD_ISSET(fd_listenset[i],&r_fds)) { - s = fd_listenset[i]; - /* Clear this so we don't look - at it again. */ - FD_CLR(fd_listenset[i],&r_fds); - break; - } - } - - smbd_set_server_fd(accept(s,&addr,&in_addrlen)); - - if (smbd_server_fd() == -1 && errno == EINTR) - continue; - - if (smbd_server_fd() == -1) { - DEBUG(2,("open_sockets_smbd: accept: %s\n", - strerror(errno))); - continue; - } - - /* Ensure child is set to blocking mode */ - set_blocking(smbd_server_fd(),True); - - if (smbd_server_fd() != -1 && interactive) - return True; - - if (allowable_number_of_smbd_processes() && - smbd_server_fd() != -1 && - ((child = sys_fork())==0)) { - char remaddr[INET6_ADDRSTRLEN]; - - /* Child code ... */ - - /* Stop zombies, the parent explicitly handles - * them, counting worker smbds. */ - CatchChild(); - - /* close the listening socket(s) */ - for(i = 0; i < num_sockets; i++) - close(fd_listenset[i]); - - /* close our mDNS daemon handle */ - dns_register_close(&dns_reg); - - /* close our standard file - descriptors */ - close_low_fds(False); - am_parent = 0; - - set_socket_options(smbd_server_fd(),"SO_KEEPALIVE"); - set_socket_options(smbd_server_fd(), - lp_socket_options()); - - /* this is needed so that we get decent entries - in smbstatus for port 445 connects */ - set_remote_machine_name(get_peer_addr(smbd_server_fd(), - remaddr, - sizeof(remaddr)), - false); - - if (!reinit_after_fork( - smbd_messaging_context(), - smbd_event_context(), - true)) { - DEBUG(0,("reinit_after_fork() failed\n")); - smb_panic("reinit_after_fork() failed"); - } - - return True; - } - /* The parent doesn't need this socket */ - close(smbd_server_fd()); - - /* Sun May 6 18:56:14 2001 ackley@cs.unm.edu: - Clear the closed fd info out of server_fd -- - and more importantly, out of client_fd in - util_sock.c, to avoid a possible - getpeername failure if we reopen the logs - and use %I in the filename. - */ - - smbd_set_server_fd(-1); - - if (child != 0) { - add_child_pid(child); - } - - /* Force parent to check log size after - * spawning child. Fix from - * klausr@ITAP.Physik.Uni-Stuttgart.De. The - * parent smbd will log to logserver.smb. It - * writes only two messages for each child - * started/finished. But each child writes, - * say, 50 messages also in logserver.smb, - * begining with the debug_count of the - * parent, before the child opens its own log - * file logserver.client. In a worst case - * scenario the size of logserver.smb would be - * checked after about 50*50=2500 messages - * (ca. 100kb). - * */ - force_check_log_size(); - - } /* end for num */ + TALLOC_FREE(frame); } /* end while 1 */ /* NOTREACHED return True; */ @@ -897,8 +817,6 @@ static void exit_server_common(enum server_exit_reason how, /* delete our entry in the connections database. */ yield_connection(NULL,""); - respond_to_all_remaining_local_messages(); - #ifdef WITH_DFS if (dcelogin_atmost_once) { dfs_unlogin(); @@ -963,34 +881,6 @@ void exit_server_fault(void) exit_server("critical server fault"); } - -/**************************************************************************** -received when we should release a specific IP -****************************************************************************/ -static void release_ip(const char *ip, void *priv) -{ - char addr[INET6_ADDRSTRLEN]; - - if (strcmp(client_socket_addr(get_client_fd(),addr,sizeof(addr)), ip) == 0) { - /* we can't afford to do a clean exit - that involves - database writes, which would potentially mean we - are still running after the failover has finished - - we have to get rid of this process ID straight - away */ - DEBUG(0,("Got release IP message for our IP %s - exiting immediately\n", - ip)); - /* note we must exit with non-zero status so the unclean handler gets - called in the parent, so that the brl database is tickled */ - _exit(1); - } -} - -static void msg_release_ip(struct messaging_context *msg_ctx, void *private_data, - uint32_t msg_type, struct server_id server_id, DATA_BLOB *data) -{ - release_ip((char *)data->data, NULL); -} - /**************************************************************************** Initialise connect, service and file structs. ****************************************************************************/ @@ -1017,59 +907,6 @@ static bool init_structs(void ) return True; } -/* - * Send keepalive packets to our client - */ -static bool keepalive_fn(const struct timeval *now, void *private_data) -{ - if (!send_keepalive(smbd_server_fd())) { - DEBUG( 2, ( "Keepalive failed - exiting.\n" ) ); - return False; - } - return True; -} - -/* - * Do the recurring check if we're idle - */ -static bool deadtime_fn(const struct timeval *now, void *private_data) -{ - if ((conn_num_open() == 0) - || (conn_idle_all(now->tv_sec))) { - DEBUG( 2, ( "Closing idle connection\n" ) ); - messaging_send(smbd_messaging_context(), procid_self(), - MSG_SHUTDOWN, &data_blob_null); - return False; - } - - return True; -} - -/* - * Do the recurring log file and smb.conf reload checks. - */ - -static bool housekeeping_fn(const struct timeval *now, void *private_data) -{ - change_to_root_user(); - - /* update printer queue caches if necessary */ - update_monitored_printq_cache(); - - /* check if we need to reload services */ - check_reload(time(NULL)); - - /* Change machine password if neccessary. */ - attempt_machine_password_change(); - - /* - * Force a log file check. - */ - force_check_log_size(); - check_log_size(); - return true; -} - /**************************************************************************** main program. ****************************************************************************/ @@ -1114,6 +951,7 @@ extern void build_options(bool screen); POPT_COMMON_DYNCONFIG POPT_TABLEEND }; + struct smbd_parent_context *parent = NULL; TALLOC_CTX *frame = talloc_stackframe(); /* Setup tos. */ smbd_init_globals(); @@ -1199,9 +1037,6 @@ extern void build_options(bool screen); fault_setup((void (*)(void *))exit_server_fault); dump_core_setup("smbd"); - CatchSignal(SIGTERM , SIGNAL_CAST sig_term); - CatchSignal(SIGHUP,SIGNAL_CAST sig_hup); - /* we are never interested in SIGPIPE */ BlockSignals(True,SIGPIPE); @@ -1311,6 +1146,9 @@ extern void build_options(bool screen); exit(1); } + smbd_setup_sig_term_handler(); + smbd_setup_sig_hup_handler(); + /* Setup all the TDB's - including CLEAR_IF_FIRST tdb's. */ if (smbd_memcache() == NULL) { @@ -1372,111 +1210,36 @@ extern void build_options(bool screen); start_background_queue(); } - if (!open_sockets_smbd(is_daemon, interactive, ports)) - exit(1); - - /* - * everything after this point is run after the fork() - */ - - static_init_rpc; - - init_modules(); - - /* Possibly reload the services file. Only worth doing in - * daemon mode. In inetd mode, we know we only just loaded this. - */ - if (is_daemon) { - reload_services(True); - } - - if (!init_account_policy()) { - DEBUG(0,("Could not open account policy tdb.\n")); - exit(1); - } + if (!is_daemon) { + /* inetd mode */ + TALLOC_FREE(frame); - if (*lp_rootdir()) { - if (chroot(lp_rootdir()) == 0) - DEBUG(2,("Changed root to %s\n", lp_rootdir())); - } + /* Started from inetd. fd 0 is the socket. */ + /* We will abort gracefully when the client or remote system + goes away */ + smbd_set_server_fd(dup(0)); - /* Setup oplocks */ - if (!init_oplocks(smbd_messaging_context())) - exit(1); + /* close our standard file descriptors */ + close_low_fds(False); /* Don't close stderr */ - /* Setup aio signal handler. */ - initialize_async_io_handler(); + smbd_process(); - /* register our message handlers */ - messaging_register(smbd_messaging_context(), NULL, - MSG_SMB_FORCE_TDIS, msg_force_tdis); - messaging_register(smbd_messaging_context(), NULL, - MSG_SMB_RELEASE_IP, msg_release_ip); - messaging_register(smbd_messaging_context(), NULL, - MSG_SMB_CLOSE_FILE, msg_close_file); - - if ((lp_keepalive() != 0) - && !(event_add_idle(smbd_event_context(), NULL, - timeval_set(lp_keepalive(), 0), - "keepalive", keepalive_fn, - NULL))) { - DEBUG(0, ("Could not add keepalive event\n")); - exit(1); + exit_server_cleanly(NULL); + return(0); } - if (!(event_add_idle(smbd_event_context(), NULL, - timeval_set(IDLE_CLOSED_TIMEOUT, 0), - "deadtime", deadtime_fn, NULL))) { - DEBUG(0, ("Could not add deadtime event\n")); - exit(1); + parent = talloc_zero(smbd_event_context(), struct smbd_parent_context); + if (!parent) { + exit_server("talloc(struct smbd_parent_context) failed"); } + parent->interactive = interactive; - if (!(event_add_idle(smbd_event_context(), NULL, - timeval_set(SMBD_SELECT_TIMEOUT, 0), - "housekeeping", housekeeping_fn, NULL))) { - DEBUG(0, ("Could not add housekeeping event\n")); - exit(1); - } - -#ifdef CLUSTER_SUPPORT - - if (lp_clustering()) { - /* - * We need to tell ctdb about our client's TCP - * connection, so that for failover ctdbd can send - * tickle acks, triggering a reconnection by the - * client. - */ - - struct sockaddr_storage srv, clnt; - - if (client_get_tcp_info(&srv, &clnt) == 0) { - - NTSTATUS status; - - status = ctdbd_register_ips( - messaging_ctdbd_connection(), - &srv, &clnt, release_ip, NULL); - - if (!NT_STATUS_IS_OK(status)) { - DEBUG(0, ("ctdbd_register_ips failed: %s\n", - nt_errstr(status))); - } - } else - { - DEBUG(0,("Unable to get tcp info for " - "CTDB_CONTROL_TCP_CLIENT: %s\n", - strerror(errno))); - } - } - -#endif + if (!open_sockets_smbd(parent, ports)) + exit_server("open_sockets_smbd() failed"); TALLOC_FREE(frame); - smbd_process(); - - namecache_shutdown(); + smbd_parent_loop(parent); exit_server_cleanly(NULL); return(0); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index a2ad56bea1..7a03ef7f3c 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -795,7 +795,7 @@ static void reply_spnego_negotiate(struct smb_request *req, #ifdef HAVE_KRB5 if (kerb_mech && ((lp_security()==SEC_ADS) || - lp_use_kerberos_keytab()) ) { + USE_KERBEROS_KEYTAB) ) { bool destroy_vuid = True; reply_spnego_kerberos(req, &secblob, kerb_mech, vuid, &destroy_vuid); @@ -887,7 +887,7 @@ static void reply_spnego_auth(struct smb_request *req, (unsigned long)secblob.length)); #ifdef HAVE_KRB5 if (kerb_mech && ((lp_security()==SEC_ADS) || - lp_use_kerberos_keytab()) ) { + USE_KERBEROS_KEYTAB)) { bool destroy_vuid = True; reply_spnego_kerberos(req, &secblob, kerb_mech, vuid, &destroy_vuid); diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 1b161d5338..6c082a8273 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -29,7 +29,6 @@ extern enum protocol_types Protocol; -#define get_file_size(sbuf) ((sbuf).st_size) #define DIR_ENTRY_SAFETY_MARGIN 4096 static char *store_file_unix_basic(connection_struct *conn, @@ -59,31 +58,6 @@ uint64_t smb_roundup(connection_struct *conn, uint64_t val) return val; } -/******************************************************************** - Given a stat buffer return the allocated size on disk, taking into - account sparse files. -********************************************************************/ - -uint64_t get_allocation_size(connection_struct *conn, files_struct *fsp, const SMB_STRUCT_STAT *sbuf) -{ - uint64_t ret; - - if(S_ISDIR(sbuf->st_mode)) { - return 0; - } - -#if defined(HAVE_STAT_ST_BLOCKS) && defined(STAT_ST_BLOCKSIZE) - ret = (uint64_t)STAT_ST_BLOCKSIZE * (uint64_t)sbuf->st_blocks; -#else - ret = (uint64_t)get_file_size(*sbuf); -#endif - - if (fsp && fsp->initial_allocation_size) - ret = MAX(ret,fsp->initial_allocation_size); - - return smb_roundup(conn, ret); -} - /**************************************************************************** Utility functions for dealing with extended attributes. ****************************************************************************/ @@ -1034,7 +1008,7 @@ static void call_trans2open(connection_struct *conn, return; } - size = get_file_size(sbuf); + size = get_file_size_stat(&sbuf); fattr = dos_mode(conn,fsp->fsp_name,&sbuf); mtime = sbuf.st_mtime; inode = sbuf.st_ino; @@ -1424,9 +1398,9 @@ static bool get_lanman2_dir_entry(TALLOC_CTX *ctx, } if (!(mode & aDIR)) { - file_size = get_file_size(sbuf); + file_size = get_file_size_stat(&sbuf); } - allocation_size = get_allocation_size(conn,NULL,&sbuf); + allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,NULL,&sbuf); mdate_ts = get_mtimespec(&sbuf); adate_ts = get_atimespec(&sbuf); @@ -3523,10 +3497,10 @@ static char *store_file_unix_basic(connection_struct *conn, DEBUG(10,("store_file_unix_basic: SMB_QUERY_FILE_UNIX_BASIC\n")); DEBUG(4,("store_file_unix_basic: st_mode=%o\n",(int)psbuf->st_mode)); - SOFF_T(pdata,0,get_file_size(*psbuf)); /* File size 64 Bit */ + SOFF_T(pdata,0,get_file_size_stat(psbuf)); /* File size 64 Bit */ pdata += 8; - SOFF_T(pdata,0,get_allocation_size(conn,fsp,psbuf)); /* Number of bytes used on disk - 64 Bit */ + SOFF_T(pdata,0,SMB_VFS_GET_ALLOC_SIZE(conn,fsp,psbuf)); /* Number of bytes used on disk - 64 Bit */ pdata += 8; put_long_date_timespec(pdata,get_ctimespec(psbuf)); /* Change Time 64 Bit */ @@ -4094,7 +4068,7 @@ static void call_trans2qfilepathinfo(connection_struct *conn, fullpathname = fname; if (!(mode & aDIR)) - file_size = get_file_size(sbuf); + file_size = get_file_size_stat(&sbuf); /* Pull out any data sent here before we realloc. */ switch (info_level) { @@ -4180,7 +4154,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd mtime_ts = get_mtimespec(&sbuf); atime_ts = get_atimespec(&sbuf); - allocation_size = get_allocation_size(conn,fsp,&sbuf); + allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf); if (!fsp) { /* Do we have this path open ? */ @@ -4188,7 +4162,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd fileid = vfs_file_id_from_sbuf(conn, &sbuf); fsp1 = file_find_di_first(fileid); if (fsp1 && fsp1->initial_allocation_size) { - allocation_size = get_allocation_size(conn, fsp1, &sbuf); + allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn, fsp1, &sbuf); } } @@ -5044,7 +5018,7 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, DEBUG(6,("smb_set_file_size: size: %.0f ", (double)size)); - if (size == get_file_size(*psbuf)) { + if (size == get_file_size_stat(psbuf)) { return NT_STATUS_OK; } @@ -5832,7 +5806,7 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, if (fsp && fsp->fh->fd != -1) { /* Open file handle. */ /* Only change if needed. */ - if (allocation_size != get_file_size(*psbuf)) { + if (allocation_size != get_file_size_stat(psbuf)) { if (vfs_allocate_file_space(fsp, allocation_size) == -1) { return map_nt_error_from_unix(errno); } @@ -5874,7 +5848,7 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, } /* Only change if needed. */ - if (allocation_size != get_file_size(*psbuf)) { + if (allocation_size != get_file_size_stat(psbuf)) { if (vfs_allocate_file_space(new_fsp, allocation_size) == -1) { status = map_nt_error_from_unix(errno); close_file(req, new_fsp, NORMAL_CLOSE); @@ -6101,7 +6075,7 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n", /* Ensure we don't try and change anything else. */ raw_unixmode = SMB_MODE_NO_CHANGE; - size = get_file_size(*psbuf); + size = get_file_size_stat(psbuf); ft.atime = get_atimespec(psbuf); ft.mtime = get_mtimespec(psbuf); /* @@ -6117,7 +6091,7 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n", * */ if (!size) { - size = get_file_size(*psbuf); + size = get_file_size_stat(psbuf); } #endif |