diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/auth/auth.c | 31 | ||||
-rw-r--r-- | source4/auth/auth.h | 1 | ||||
-rw-r--r-- | source4/auth/auth_util.c | 2 | ||||
-rw-r--r-- | source4/libcli/auth/gensec_ntlmssp.c | 5 | ||||
-rw-r--r-- | source4/rpc_server/netlogon/dcerpc_netlogon.c | 5 | ||||
-rw-r--r-- | source4/smb_server/negprot.c | 2 | ||||
-rw-r--r-- | source4/smb_server/sesssetup.c | 2 | ||||
-rw-r--r-- | source4/smbd/process_single.c | 10 | ||||
-rw-r--r-- | source4/smbd/process_standard.c | 10 | ||||
-rw-r--r-- | source4/smbd/process_thread.c | 12 | ||||
-rw-r--r-- | source4/smbd/service.c | 37 |
11 files changed, 51 insertions, 66 deletions
diff --git a/source4/auth/auth.c b/source4/auth/auth.c index 0697cee1ac..62e2b93ecb 100644 --- a/source4/auth/auth.c +++ b/source4/auth/auth.c @@ -78,7 +78,7 @@ static const uint8_t *get_ntlm_challenge(struct auth_context *auth_context) uint8_t chal[8]; generate_random_buffer(chal, sizeof(chal)); - auth_context->challenge = data_blob_talloc(auth_context->mem_ctx, + auth_context->challenge = data_blob_talloc(auth_context, chal, sizeof(chal)); challenge_set_by = "random"; @@ -269,7 +269,7 @@ void free_auth_context(struct auth_context **auth_context) } } - talloc_destroy((*auth_context)->mem_ctx); + talloc_free(*auth_context); *auth_context = NULL; } } @@ -278,21 +278,15 @@ void free_auth_context(struct auth_context **auth_context) Make a auth_info struct ***************************************************************************/ -static NTSTATUS make_auth_context(struct auth_context **auth_context) +static NTSTATUS make_auth_context(TALLOC_CTX *mem_ctx, struct auth_context **auth_context) { - TALLOC_CTX *mem_ctx; - - mem_ctx = talloc_init("authentication context"); - - *auth_context = talloc(mem_ctx, sizeof(**auth_context)); + *auth_context = talloc_p(mem_ctx, struct auth_context); if (!*auth_context) { DEBUG(0,("make_auth_context: talloc failed!\n")); - talloc_destroy(mem_ctx); return NT_STATUS_NO_MEMORY; } ZERO_STRUCTP(*auth_context); - (*auth_context)->mem_ctx = mem_ctx; (*auth_context)->check_ntlm_password = check_ntlm_password; (*auth_context)->get_ntlm_challenge = get_ntlm_challenge; @@ -303,7 +297,8 @@ static NTSTATUS make_auth_context(struct auth_context **auth_context) Make a auth_info struct for the auth subsystem ***************************************************************************/ -static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, char **text_list) +static NTSTATUS make_auth_context_text_list(TALLOC_CTX *mem_ctx, + struct auth_context **auth_context, char **text_list) { struct auth_methods *list = NULL; struct auth_methods *t = NULL; @@ -314,7 +309,7 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, return NT_STATUS_UNSUCCESSFUL; } - if (!NT_STATUS_IS_OK(nt_status = make_auth_context(auth_context))) + if (!NT_STATUS_IS_OK(nt_status = make_auth_context(mem_ctx, auth_context))) return nt_status; for (;*text_list; text_list++) { @@ -362,7 +357,7 @@ static NTSTATUS make_auth_context_text_list(struct auth_context **auth_context, Make a auth_context struct for the auth subsystem ***************************************************************************/ -NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) +NTSTATUS make_auth_context_subsystem(TALLOC_CTX *mem_ctx, struct auth_context **auth_context) { char **auth_method_list = NULL; NTSTATUS nt_status; @@ -371,7 +366,8 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) return NT_STATUS_NO_MEMORY; } - if (!NT_STATUS_IS_OK(nt_status = make_auth_context_text_list(auth_context, auth_method_list))) { + nt_status = make_auth_context_text_list(mem_ctx, auth_context, auth_method_list); + if (!NT_STATUS_IS_OK(nt_status)) { str_list_free(&auth_method_list); return nt_status; } @@ -384,14 +380,15 @@ NTSTATUS make_auth_context_subsystem(struct auth_context **auth_context) Make a auth_info struct with a fixed challenge ***************************************************************************/ -NTSTATUS make_auth_context_fixed(struct auth_context **auth_context, uint8_t chal[8]) +NTSTATUS make_auth_context_fixed(TALLOC_CTX *mem_ctx, + struct auth_context **auth_context, uint8_t chal[8]) { NTSTATUS nt_status; - if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(auth_context))) { + if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(mem_ctx, auth_context))) { return nt_status; } - (*auth_context)->challenge = data_blob_talloc((*auth_context)->mem_ctx, chal, 8); + (*auth_context)->challenge = data_blob_talloc(*auth_context, chal, 8); (*auth_context)->challenge_set_by = "fixed"; return nt_status; } diff --git a/source4/auth/auth.h b/source4/auth/auth.h index 6f2c7134e7..2f35b36a15 100644 --- a/source4/auth/auth.h +++ b/source4/auth/auth.h @@ -119,7 +119,6 @@ struct auth_context { /* methods, in the order they should be called */ struct auth_methods *auth_method_list; - TALLOC_CTX *mem_ctx; const uint8_t *(*get_ntlm_challenge)(struct auth_context *auth_context); NTSTATUS (*check_ntlm_password)(struct auth_context *auth_context, const struct auth_usersupplied_info *user_info, diff --git a/source4/auth/auth_util.c b/source4/auth/auth_util.c index ab725249c7..f508cff35e 100644 --- a/source4/auth/auth_util.c +++ b/source4/auth/auth_util.c @@ -512,7 +512,7 @@ BOOL make_auth_methods(struct auth_context *auth_context, struct auth_methods ** smb_panic("make_auth_methods: pointer to auth_method pointer is NULL!\n"); } - *auth_method = talloc(auth_context->mem_ctx, sizeof(**auth_method)); + *auth_method = talloc_p(auth_context, struct auth_methods); if (!*auth_method) { DEBUG(0,("make_auth_method: malloc failed!\n")); return False; diff --git a/source4/libcli/auth/gensec_ntlmssp.c b/source4/libcli/auth/gensec_ntlmssp.c index 7270797f52..40f3e605eb 100644 --- a/source4/libcli/auth/gensec_ntlmssp.c +++ b/source4/libcli/auth/gensec_ntlmssp.c @@ -65,7 +65,7 @@ static NTSTATUS auth_ntlmssp_set_challenge(struct ntlmssp_state *ntlmssp_state, SMB_ASSERT(challenge->length == 8); - auth_context->challenge = data_blob_talloc(auth_context->mem_ctx, + auth_context->challenge = data_blob_talloc(auth_context, challenge->data, challenge->length); auth_context->challenge_set_by = "NTLMSSP callback (NTLM2)"; @@ -189,7 +189,8 @@ static NTSTATUS gensec_ntlmssp_server_start(struct gensec_security *gensec_secur } ntlmssp_state = gensec_ntlmssp_state->ntlmssp_state; - if (!NT_STATUS_IS_OK(nt_status = make_auth_context_subsystem(&gensec_ntlmssp_state->auth_context))) { + nt_status = make_auth_context_subsystem(gensec_security, &gensec_ntlmssp_state->auth_context); + if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } diff --git a/source4/rpc_server/netlogon/dcerpc_netlogon.c b/source4/rpc_server/netlogon/dcerpc_netlogon.c index fdd5ead660..d35a8476df 100644 --- a/source4/rpc_server/netlogon/dcerpc_netlogon.c +++ b/source4/rpc_server/netlogon/dcerpc_netlogon.c @@ -498,7 +498,7 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, r->in.logon.password->ntpassword.hash, sizeof(r->in.logon.password->ntpassword.hash)); - nt_status = make_auth_context_subsystem(&auth_context); + nt_status = make_auth_context_subsystem(pipe_state, &auth_context); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } @@ -515,7 +515,8 @@ static NTSTATUS netr_LogonSamLogonWithFlags(struct dcesrv_call_state *dce_call, case 2: case 6: - nt_status = make_auth_context_fixed(&auth_context, r->in.logon.network->challenge); + nt_status = make_auth_context_fixed(pipe_state, + &auth_context, r->in.logon.network->challenge); if (!NT_STATUS_IS_OK(nt_status)) { return nt_status; } diff --git a/source4/smb_server/negprot.c b/source4/smb_server/negprot.c index 576fcc22bf..2baf1cf0f1 100644 --- a/source4/smb_server/negprot.c +++ b/source4/smb_server/negprot.c @@ -34,7 +34,7 @@ static void get_challenge(struct smbsrv_connection *smb_conn, char buff[8]) DEBUG(10, ("get challenge: creating negprot_global_auth_context\n")); - nt_status = make_auth_context_subsystem(&smb_conn->negotiate.auth_context); + nt_status = make_auth_context_subsystem(smb_conn, &smb_conn->negotiate.auth_context); if (!NT_STATUS_IS_OK(nt_status)) { DEBUG(0, ("make_auth_context_subsystem returned %s", nt_errstr(nt_status))); diff --git a/source4/smb_server/sesssetup.c b/source4/smb_server/sesssetup.c index 4cb0447d32..2af4d2237f 100644 --- a/source4/smb_server/sesssetup.c +++ b/source4/smb_server/sesssetup.c @@ -118,7 +118,7 @@ static NTSTATUS sesssetup_nt1(struct smbsrv_request *req, union smb_sesssetup *s make_user_info_guest(&user_info); } - status = make_auth_context_subsystem(&auth_context); + status = make_auth_context_subsystem(req->smb_conn, &auth_context); if (!NT_STATUS_IS_OK(status)) { return status; diff --git a/source4/smbd/process_single.c b/source4/smbd/process_single.c index 62d780277c..12a265b62f 100644 --- a/source4/smbd/process_single.c +++ b/source4/smbd/process_single.c @@ -71,15 +71,7 @@ static void single_terminate_connection(struct server_connection *conn, const ch DEBUG(2,("single_terminate_connection: reason[%s]\n",reason)); if (conn) { - if (conn->service) { - conn->service->ops->close_connection(conn,reason); - } - - if (conn->server_socket) { - DLIST_REMOVE(conn->server_socket->connection_list,conn); - } - - server_destroy_connection(conn); + talloc_free(conn); } } diff --git a/source4/smbd/process_standard.c b/source4/smbd/process_standard.c index 1bb30c2ef0..194c6d24cc 100644 --- a/source4/smbd/process_standard.c +++ b/source4/smbd/process_standard.c @@ -94,15 +94,7 @@ static void standard_terminate_connection(struct server_connection *conn, const DEBUG(2,("single_terminate_connection: reason[%s]\n",reason)); if (conn) { - if (conn->service) { - conn->service->ops->close_connection(conn,reason); - } - - if (conn->server_socket) { - DLIST_REMOVE(conn->server_socket->connection_list,conn); - } - - server_destroy_connection(conn); + talloc_free(conn->service->srv_ctx); } /* terminate this process */ diff --git a/source4/smbd/process_thread.c b/source4/smbd/process_thread.c index 4e11137f37..55688f85e8 100644 --- a/source4/smbd/process_thread.c +++ b/source4/smbd/process_thread.c @@ -117,17 +117,7 @@ static void thread_terminate_connection(struct server_connection *conn, const ch DEBUG(0,("thread_terminate_connection: reason[%s]\n",reason)); if (conn) { - if (conn->service) { - conn->service->ops->close_connection(conn,reason); - } - - if (conn->server_socket) { - MUTEX_LOCK_BY_ID(MUTEX_SMBD); - DLIST_REMOVE(conn->server_socket->connection_list,conn); - MUTEX_UNLOCK_BY_ID(MUTEX_SMBD); - } - - server_destroy_connection(conn); + talloc_free(conn); } /* terminate this thread */ diff --git a/source4/smbd/service.c b/source4/smbd/service.c index e3eb4a02c1..1f6033c238 100644 --- a/source4/smbd/service.c +++ b/source4/smbd/service.c @@ -172,6 +172,29 @@ struct server_socket *service_setup_socket(struct server_service *service, return srv_sock; } +/* + destructor that handles necessary event context changes + */ +static int server_destructor(void *ptr) +{ + struct server_connection *conn = ptr; + + if (conn->service) { + conn->service->ops->close_connection(conn, "shutdown"); + } + + socket_destroy(conn->socket); + + event_remove_fd(conn->event.ctx, conn->event.fde); + conn->event.fde = NULL; + event_remove_timed(conn->event.ctx, conn->event.idle); + conn->event.idle = NULL; + + DLIST_REMOVE(conn->server_socket->connection_list, conn); + + return 0; +} + struct server_connection *server_setup_connection(struct event_context *ev, struct server_socket *server_socket, struct socket_context *sock, @@ -215,6 +238,8 @@ struct server_connection *server_setup_connection(struct event_context *ev, srv_conn->event.fde = event_add_fd(ev,&fde); srv_conn->event.idle = event_add_timed(ev,&idle); + talloc_set_destructor(srv_conn, server_destructor); + if (!socket_check_access(sock, "smbd", lp_hostsallow(-1), lp_hostsdeny(-1))) { server_terminate_connection(srv_conn, "denied by access rules"); return NULL; @@ -232,18 +257,6 @@ void server_terminate_connection(struct server_connection *srv_conn, const char srv_conn->service->model_ops->terminate_connection(srv_conn, reason); } -void server_destroy_connection(struct server_connection *srv_conn) -{ - socket_destroy(srv_conn->socket); - - event_remove_fd(srv_conn->event.ctx, srv_conn->event.fde); - srv_conn->event.fde = NULL; - event_remove_timed(srv_conn->event.ctx, srv_conn->event.idle); - srv_conn->event.idle = NULL; - - talloc_free(srv_conn); -} - void server_io_handler(struct event_context *ev, struct fd_event *fde, time_t t, uint16_t flags) { struct server_connection *conn = fde->private; |