summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth.c5
-rw-r--r--source3/auth/auth_server.c85
-rw-r--r--source3/include/auth.h6
-rw-r--r--source3/smbd/process.c18
4 files changed, 61 insertions, 53 deletions
diff --git a/source3/auth/auth.c b/source3/auth/auth.c
index 0b868b265e..dd5481767b 100644
--- a/source3/auth/auth.c
+++ b/source3/auth/auth.c
@@ -333,10 +333,7 @@ static void free_auth_context(struct auth_context **auth_context)
if (*auth_context) {
/* Free private data of context's authentication methods */
for (auth_method = (*auth_context)->auth_method_list; auth_method; auth_method = auth_method->next) {
- if (auth_method->free_private_data) {
- auth_method->free_private_data (&auth_method->private_data);
- auth_method->private_data = NULL;
- }
+ TALLOC_FREE(auth_method->private_data);
}
talloc_destroy((*auth_context)->mem_ctx);
diff --git a/source3/auth/auth_server.c b/source3/auth/auth_server.c
index c7243e8468..c140ef48f9 100644
--- a/source3/auth/auth_server.c
+++ b/source3/auth/auth_server.c
@@ -136,38 +136,72 @@ static struct cli_state *server_cryptkey(TALLOC_CTX *mem_ctx)
return cli;
}
+struct server_security_state {
+ struct cli_state *cli;
+};
+
/****************************************************************************
- Clean up our allocated cli.
+ Send a 'keepalive' packet down the cli pipe.
****************************************************************************/
-static void free_server_private_data(void **private_data_pointer)
+static BOOL send_server_keepalive(const struct timeval *now,
+ void *private_data)
{
- struct cli_state **cli = (struct cli_state **)private_data_pointer;
- if (*cli && (*cli)->initialised) {
- DEBUG(10, ("Shutting down smbserver connection\n"));
- cli_shutdown(*cli);
+ struct server_security_state *state = talloc_get_type_abort(
+ private_data, struct server_security_state);
+
+ if (!state->cli || !state->cli->initialised) {
+ return False;
+ }
+
+ if (send_keepalive(state->cli->fd)) {
+ return True;
}
- *private_data_pointer = NULL;
+
+ DEBUG( 2, ( "send_server_keepalive: password server keepalive "
+ "failed.\n"));
+ cli_shutdown(state->cli);
+ state->cli = NULL;
+ return False;
}
-/****************************************************************************
- Send a 'keepalive' packet down the cli pipe.
-****************************************************************************/
+static int destroy_server_security(struct server_security_state *state)
+{
+ if (state->cli) {
+ cli_shutdown(state->cli);
+ }
+ return 0;
+}
-static void send_server_keepalive(void **private_data_pointer)
+static struct server_security_state *make_server_security_state(struct cli_state *cli)
{
- /* also send a keepalive to the password server if its still
- connected */
- if (private_data_pointer) {
- struct cli_state *cli = (struct cli_state *)(*private_data_pointer);
- if (cli && cli->initialised) {
- if (!send_keepalive(cli->fd)) {
- DEBUG( 2, ( "send_server_keepalive: password server keepalive failed.\n"));
- cli_shutdown(cli);
- *private_data_pointer = NULL;
- }
+ struct server_security_state *result;
+
+ if (!(result = talloc(NULL, struct server_security_state))) {
+ DEBUG(0, ("talloc failed\n"));
+ cli_shutdown(cli);
+ return NULL;
+ }
+
+ result->cli = cli;
+ talloc_set_destructor(result, destroy_server_security);
+
+ if (lp_keepalive() != 0) {
+ struct timeval interval;
+ interval.tv_sec = lp_keepalive();
+ interval.tv_usec = 0;
+
+ if (event_add_idle(smbd_event_context(), result, interval,
+ "server_security_keepalive",
+ send_server_keepalive,
+ result) == NULL) {
+ DEBUG(0, ("event_add_idle failed\n"));
+ TALLOC_FREE(result);
+ return NULL;
}
}
+
+ return result;
}
/****************************************************************************
@@ -190,7 +224,8 @@ static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_conte
/* However, it is still a perfectly fine connection
to pass that unencrypted password over */
- *my_private_data = (void *)cli;
+ *my_private_data =
+ (void *)make_server_security_state(cli);
return data_blob(NULL, 0);
} else if (cli->secblob.length < 8) {
@@ -200,7 +235,9 @@ static DATA_BLOB auth_get_challenge_server(const struct auth_context *auth_conte
return data_blob(NULL, 0);
}
- *my_private_data = (void *)cli;
+ if (!(*my_private_data = (void *)make_server_security_state(cli))) {
+ return data_blob(NULL,0);
+ }
/* The return must be allocated on the caller's mem_ctx, as our own will be
destoyed just after the call. */
@@ -415,8 +452,6 @@ static NTSTATUS auth_init_smbserver(struct auth_context *auth_context, const cha
(*auth_method)->name = "smbserver";
(*auth_method)->auth = check_smbserver_security;
(*auth_method)->get_chal = auth_get_challenge_server;
- (*auth_method)->send_keepalive = send_server_keepalive;
- (*auth_method)->free_private_data = free_server_private_data;
return NT_STATUS_OK;
}
diff --git a/source3/include/auth.h b/source3/include/auth.h
index de75ff68f6..4e7eb469ba 100644
--- a/source3/include/auth.h
+++ b/source3/include/auth.h
@@ -115,12 +115,6 @@ typedef struct auth_methods
/* Used to keep tabs on things like the cli for SMB server authentication */
void *private_data;
-
- /* Function to clean up the above arbitary structure */
- void (*free_private_data)(void **private_data);
-
- /* Function to send a keepalive message on the above structure */
- void (*send_keepalive)(void **private_data);
} auth_methods;
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 5edb2c1009..76af8f2054 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1328,7 +1328,6 @@ void check_reload(time_t t)
static BOOL timeout_processing(int *select_timeout,
time_t *last_timeout_processing_time)
{
- static time_t last_keepalive_sent_time = 0;
static time_t last_idle_closed_check = 0;
time_t t;
BOOL allidle = True;
@@ -1351,9 +1350,6 @@ static BOOL timeout_processing(int *select_timeout,
*last_timeout_processing_time = t = time(NULL);
- if(last_keepalive_sent_time == 0)
- last_keepalive_sent_time = t;
-
if(last_idle_closed_check == 0)
last_idle_closed_check = t;
@@ -1371,20 +1367,6 @@ static BOOL timeout_processing(int *select_timeout,
last_idle_closed_check = t;
}
- if (lp_keepalive() && (t - last_keepalive_sent_time)> lp_keepalive()) {
- /* send a keepalive for a password server or the like.
- This is attached to the auth_info created in the
- negprot */
- if (negprot_global_auth_context && negprot_global_auth_context->challenge_set_method
- && negprot_global_auth_context->challenge_set_method->send_keepalive) {
-
- negprot_global_auth_context->challenge_set_method->send_keepalive
- (&negprot_global_auth_context->challenge_set_method->private_data);
- }
-
- last_keepalive_sent_time = t;
- }
-
/* check for connection timeouts */
allidle = conn_idle_all(t);