summaryrefslogtreecommitdiff
path: root/source3/nmbd/nmbd_packets.c
AgeCommit message (Collapse)AuthorFilesLines
2011-01-07s3: Remove some unused codeVolker Lendecke1-9/+1
2011-01-07s3: Limit the number of unexpected clients to 200Volker Lendecke1-2/+4
DoS protection like the max winbind clients. Settable by nmbd:unexpected_clients
2011-01-07s3: Make nmbd listen on the unexpected socketVolker Lendecke1-0/+20
2011-01-05s3: Fix some nonempty blank linesVolker Lendecke1-26/+25
Autobuild-User: Volker Lendecke <vlendec@samba.org> Autobuild-Date: Wed Jan 5 16:03:24 CET 2011 on sn-devel-104
2010-12-23All calls to event_add_to_select_args() call GetTimeOfDay() andJeremy Allison1-5/+2
pass this in as the &now parameter. Push this call inside of event_add_to_select_args() to the correct point so it doesn't get called unless needed. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Dec 23 01:08:11 CET 2010 on sn-devel-104
2010-11-14Fix the unexpected.tdb database problem. Change nmbd to store theJeremy Allison1-2/+5
transaction id of packets it was requested to send via a client, and only store replies that match these ids. On the client side change clients to always attempt to ask nmbd first for name_query and node_status calls, and then fall back to doing socket calls if we can't talk to nmbd (either nmbd is not running, or we're not root and cannot open the messaging tdb's). Fix readers of unexpected.tdb to delete packets they've successfully read. This should fix a long standing problem of unexpected.tdb growing out of control in noisy NetBIOS envioronments with lots of bradcasts, yet still allow unprivileged client apps to work mostly as well as they already did (nmblookup for example) in an environment when nmbd isn't running. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Sun Nov 14 05:22:45 UTC 2010 on sn-devel-104
2010-10-01s3:events: Call all ready fd event handlers on each iteration of the main loopSteven Danneman1-3/+3
Previously, only one fd handler was being called per main message loop in all smbd child processes. In the case where multiple fds are available for reading the fd corresponding to the event closest to the beginning of the event list would be run. Obviously this is arbitrary and could cause unfairness. Usually, the first event fd is the network socket, meaning heavy load of client requests can starve out other fd events such as oplock or notify upcalls from the kernel. In this patch, I have changed the behavior of run_events() to unset any fd that it has already called a handler function, as well as decrement the number of fds that were returned from select(). This allows the caller of run_events() to iterate it, until all available fds have been handled. I then changed the main loop in smbd child processes to iterate run_events(). This way, all available fds are handled on each wake of select, while still checking for timed or signalled events between each handler function call. I also added an explicit check for EINTR from select(), which previously was masked by the fact that run_events() would handle any signal event before the return code was checked. This required a signature change to run_events() but all other callers should have no change in their behavior. I also fixed a bug in run_events() where it could be called with a selrtn value of -1, doing unecessary looping through the fd_event list when no fds were available. Also, remove the temporary echo handler hack, as all fds should be treated fairly now.
2010-10-01samba: share select wrappers.Günther Deschner1-0/+1
Guenther
2010-08-26s3-nmbd: move nmbd proto out of main proto.hGünther Deschner1-0/+1
Guenther
2010-02-10Fix unused variable warning after change to new DLINK macros.Jeremy Allison1-2/+0
Jeremy.
2010-02-10s3-nmbd: update nmbd to use new DLIST_ macrosAndrew Tridgell1-18/+2
(cherry picked from commit 4d23d777bc6d4fad20d0f3084fe658635812bee9)
2010-02-10More of the fix for bug #7118 - nmbd problems with socket address.Jeremy Allison1-0/+89
Add a simple "processed packet queue" cache to stop nmbd responding to packets received on the broadcast and non-broadcast socket (which it has opened when "nmbd bind explicit broadcast = yes"). This is a very simple packet queue - it only keeps the packets processed during a single call to listen_for_packets() (i.e. one select call). This means that if the delivery notification for a packet received on both broadcast and non-broadcast addresses is done in two different select calls, the packet will still be processed twice. This is a very rare occurrance and we can just live with it when it does as the protocol is stateless. If this is ever flagged as a repeatable problem then we can add a longer lived cache, using timeout processing to clear etc. etc. But without storing all packets processed we can never be *sure* we've eliminated the race condition so I'm going to go with this simple solution until someone proves a more complex one is needed :-). Jeremy.
2010-02-08Make "nmbd bind explicit broadcast" on by default.Jeremy Allison1-1/+1
Fix a comment typo. Jeremy.
2010-02-08s3:nmbd: also listen explicit on the subnet broadcast addressesStefan Metzmacher1-64/+125
And send replies always via the unicast address of the subnet. This behavior is off by default (as before) and can be enabled with "nmbd:bind explicit broadcast = yes". metze
2009-09-24Reduce debug log level from 0 -> 7 on non-critical message.Jeremy Allison1-1/+1
Jeremy.
2009-04-23Fix Coverity bug #902, uninitialized variable.Jeremy Allison1-1/+3
Jeremy.
2009-01-27s3:nmbd: as the sig_term() handler only sets a flag we don't need to block ↵Stefan Metzmacher1-8/+0
SIGTERM The arguments of commit d98bea900ee694cdba83149620c65bd7f8765f26 are no longer valid. metze
2009-01-22s3: always call run_events() before and after sys_select()Stefan Metzmacher1-9/+7
And always setup the fd events. metze
2008-10-23Use sockaddr_storage only where we rely on the size, use sockaddrJelmer Vernooij1-1/+1
otherwise (to clarify we can also pass in structs smaller than sockaddr_storage, such as sockaddr_in).
2008-08-09nmbd_packets: make queue_packet() public.Michael Adam1-3/+1
Michael (This used to be commit 363eb90ce8380ce1bbc74673936ba1e6d7eee23b)
2008-01-02Attempt to fix bug #3617. Mix of patches from Volker andJeremy Allison1-0/+5
myself. Use standard dlinklist macros. Jeremy. (This used to be commit 1b06ee69f6b737c1d6e7b29f8ae9621e6eb07d27)
2007-12-26Add SMB encryption. Still fixing client decrypt butJeremy Allison1-1/+1
negotiation works. Jeremy. (This used to be commit d78045601af787731f0737b8627450018902b104)
2007-12-13Arg. The fix for CVE-2007-6015 hadn't been merged into 3.2.Jeremy Allison1-0/+6
Do so now.... Jeremy. (This used to be commit 6b1246c29a0241c8e4bb98d659d847d010826b36)
2007-11-15Fix for CVE-2007-5398.Gerald (Jerry) Carter1-0/+6
== Subject: Remote code execution in Samba's WINS == server daemon (nmbd) when processing name == registration followed name query requests. == == CVE ID#: CVE-2007-5398 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) ... Secunia Research reported a vulnerability that allows for the execution of arbitrary code in nmbd. This defect may only be exploited when the "wins support" parameter has been enabled in smb.conf. (This used to be commit e40c372e0ddf631dd9162c1fdfaaa49c29915f23)
2007-10-24This is a large patch (sorry). Migrate from struct in_addrJeremy Allison1-2/+2
to struct sockaddr_storage in most places that matter (ie. not the nmbd and NetBIOS lookups). This passes make test on an IPv4 box, but I'll have to do more work/testing on IPv6 enabled boxes. This should now give us a framework for testing and finishing the IPv6 migration. It's at the state where someone with a working IPv6 setup should (theorecically) be able to type : smbclient //ipv6-address/share and have it work. Jeremy. (This used to be commit 98e154c3125d5732c37a72d74b0eb5cd7b6155fd)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-24/+24
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10Add start of IPv6 implementation. Currently most of this is avoidingJeremy Allison1-23/+31
IPv6 in winbindd, but moves most of the socket functions that were wrongly in lib/util.c into lib/util_sock.c and provides generic IPv4/6 independent versions of most things. Still lots of work to do, but now I can see how I'll fix the access check code. Nasty part that remains is the name resolution code which is used to returning arrays of in_addr structs. Jeremy. (This used to be commit 3f6bd0e1ec5cc6670f3d08f76fc2cd94c9cd1a08)
2007-10-10[GLUE] Rsync SAMBA_3_2_0 SVN r25598 in order to create the v3-2-test branch.Gerald (Jerry) Carter1-1/+1
(This used to be commit 5c6c8e1fe93f340005110a7833946191659d88ab)
2007-10-10r25492: Start adding IPv6 compatible code to lib/util_sock.c and deal withJeremy Allison1-27/+27
the ripple effects this causes. utmp has to change etc. Remove some global varables and store address/port in the unexpected db. Jeremy. (This used to be commit 18c6a2211d9e25233d01715b3f78977edcd6d869)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r22902: Add an event_context and a messaging_context to nmbd. Not used yet.Volker Lendecke1-7/+26
(This used to be commit 6d210fb8a13e93fe5b7bc160a343f74878dea727)
2007-10-10r22391: Looks bigger than it is. Make "inbuf" availableJeremy Allison1-1/+1
to all callers of smb_setlen (via set_message() calls). This will allow the server to reflect back the correct encryption context. Jeremy. (This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
2007-10-10r22045: As Volker noticed, skip_string's last argument isJeremy Allison1-1/+1
redundent. Remove it. Jeremy. (This used to be commit 140881cfbb59ce4a699b5900efe02bf315be7bd5)
2007-10-10r22014: Make us pass RANDOMIPC test again :-(. This is an ugly check-in,Jeremy Allison1-3/+3
but I've no option. Jeremy. (This used to be commit c3a565081d70b209a4f9e6e8f1859bf7194a5f74)
2007-10-10r13887: Fix coverity bug CID #94. mem leak on error codepath.Jeremy Allison1-0/+2
Jeremy. (This used to be commit dd47e0ef1175a57ec2e9b797ac942cb79f4a5d05)
2007-10-10r13884: Fix coverity CID #95. Resource leak on error path.Jeremy Allison1-0/+2
Jeremy. (This used to be commit f4bf550b5757024b41062784b185b52a1a0e11f4)
2007-10-10r10656: BIG merge from trunk. Features not copied overGerald Carter1-2/+2
* \PIPE\unixinfo * winbindd's {group,alias}membership new functions * winbindd's lookupsids() functionality * swat (trunk changes to be reverted as per discussion with Deryck) (This used to be commit 939c3cb5d78e3a2236209b296aa8aba8bdce32d3)
2007-10-10r5082: Don't blindly copy question rr_type and class, set correctly as requiredJeremy Allison1-10/+7
by rfc1002. Jeremy. (This used to be commit 422fb43dda13e0840245ae272b7621640b8ad220)
2007-10-10r5077: Use correct type for rr record on negative name query reply.Jeremy Allison1-0/+3
Jeremy. (This used to be commit 86c5548d272c0804c0188ae744ae1bb17eb817f6)
2007-10-10r5076: Ensure that WINS negative name query responses and WACK packetsJeremy Allison1-1/+10
use the correct RR type of 0xA instead of reflecting back what the query RR type was (0x20). See rfc1002 sections 4.2.14 and 4.2.16. Jeremy. (This used to be commit ab8c9240044f1ef3d5c6ac4850c8ec615c2e32fd)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-5/+5
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r3877: Final (I hope :-) fix for #2050 from Lars Müller for select maxfd's.Jeremy Allison1-16/+6
Jeremy. (This used to be commit 65fc39fc388244923d1e36076b5a4116aa434be5)
2007-10-10r3864: Fix from Lars Müller <lmuelle@suse.de> for bug #2050.Jeremy Allison1-3/+19
Make nmbd use maxfd+1 in select also. Jeremy. (This used to be commit e3ca22b80dc1c22f0e5c829d11724c79e317641f)
2007-10-10r2224: Make nmbd more robust against bad netbios packets.Jeremy Allison1-6/+38
Jeremy. (This used to be commit dd9b17abd6b32c090840c1a0b797fd774711cb3a)
2004-03-15Use "unix netbios name" type unstring - 64 bytes long to manipulate netbiosJeremy Allison1-2/+2
names in nmbd. Allows conversion from dos codepage mb strings (ie. SJIS) to expand to utf8 size on read. Jeremy. (This used to be commit 834d816caf9cd6318da00febde50d9233469dac2)
2004-03-13Modified fix for bugid #784. Based on a patch from moriyama@miraclelinux.com ↵Jeremy Allison1-4/+4
(MORIYAMA Masayuki). Don't use nstrings to hold workgroup and netbios names. The problem with them is that MB netbios and workgroup names in unix charset (particularly utf8) may be up to 3x bigger than the name when represented in dos charset (ie. cp932). So go back to using fstrings for these but translate into nstrings (ie. 16 byte length values) for transport on the wire. Jeremy. (This used to be commit b4ea493599ab414f7828b83f40a5a8b43479ff64)
2003-11-05Fix for bug #771. Fix packet length for browse list reply.Jeremy Allison1-1/+1
Jeremy. (This used to be commit d085c94dacffbe8199e83315340e4f60d1f0b9a5)
2003-08-27Fix the character set handling properly in nmbd. Also fix bug whereJeremy Allison1-1316/+1183
iconv wasn't re-initialised on reading of "charset" parameters. This caused workgroup name to be set incorrectly if it contained an extended character. Jeremy. (This used to be commit 84ae44678a6c59c999bc1023fdd9b7ad87f4ec18)
2003-03-18NMBD string parinoia and memcpy() parinoia fixes from HEAD.Andrew Bartlett1-5/+10
Andrew Bartlett (This used to be commit fb29caddd987f94989f852584b912eeee45b50da)