From 321191d5e2ec1eaf22728dcee944e0a250a7725d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Sep 2008 15:13:19 -0700 Subject: Restructure the module so it connects to the remote data sink on connect, and closes the socket on client disconnect. This should make it much more efficient. Store the remote fd in a private data pointer off the handle. Finally we need to remove the fstrings and convert to allocated buffer storage. Jeremy. --- source3/modules/vfs_smb_traffic_analyzer.c | 306 +++++++++++++++-------------- 1 file changed, 156 insertions(+), 150 deletions(-) (limited to 'source3/modules/vfs_smb_traffic_analyzer.c') diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index 9e4cf81638..cd843e6ad4 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -31,67 +31,8 @@ extern userdom_struct current_user_info; static int vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; -NTSTATUS vfs_smb_traffic_analyzer_init(void); - -static ssize_t smb_traffic_analyzer_write(vfs_handle_struct *handle, - files_struct *fsp, const void *data, size_t n); - -static ssize_t smb_traffic_analyzer_read(vfs_handle_struct *handle, - files_struct *fsp, void *data, size_t n); - -static ssize_t smb_traffic_analyzer_pwrite(vfs_handle_struct *handle, - files_struct *fsp, const void *data, size_t n, - SMB_OFF_T offset); - -static ssize_t smb_traffic_analyzer_pread(vfs_handle_struct *handle, - files_struct *fsp, void *data, size_t n, SMB_OFF_T offset); - - -/* VFS operations we use */ - -static vfs_op_tuple smb_traffic_analyzer_tuples[] = { - - {SMB_VFS_OP(smb_traffic_analyzer_read), SMB_VFS_OP_READ, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(smb_traffic_analyzer_pread), SMB_VFS_OP_PREAD, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(smb_traffic_analyzer_write), SMB_VFS_OP_WRITE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(smb_traffic_analyzer_pwrite), SMB_VFS_OP_PWRITE, - SMB_VFS_LAYER_LOGGER}, - {SMB_VFS_OP(NULL),SMB_VFS_OP_NOOP,SMB_VFS_LAYER_NOOP} - - }; - - -/* Module initialization */ - -NTSTATUS vfs_smb_traffic_analyzer_init(void) -{ - NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION, \ - "smb_traffic_analyzer", smb_traffic_analyzer_tuples); - - if (!NT_STATUS_IS_OK(ret)) - return ret; - - vfs_smb_traffic_analyzer_debug_level = - debug_add_class("smb_traffic_analyzer"); - - if (vfs_smb_traffic_analyzer_debug_level == -1) { - vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; - DEBUG(1, ("smb_traffic_analyzer: Couldn't register custom" - "debugging class!\n")); - } else { - DEBUG(3, ("smb_traffic_analyzer: Debug class number of" - "'smb_traffic_analyzer': %d\n", \ - vfs_smb_traffic_analyzer_debug_level)); - } - - return ret; -} - /* create the timestamp in sqlite compatible format */ -static void get_timestamp( char *String ) +static void get_timestamp(fstring str) { struct timeval tv; struct timezone tz; @@ -102,13 +43,13 @@ static void get_timestamp( char *String ) tm=localtime(&tv.tv_sec); seconds=(float) (tv.tv_usec / 1000); - fstr_sprintf(String,"%04d-%02d-%02d %02d:%02d:%02d.%03d", \ + fstr_sprintf(str,"%04d-%02d-%02d %02d:%02d:%02d.%03d", \ tm->tm_year+1900, tm->tm_mon+1, tm->tm_mday, \ tm->tm_hour, tm->tm_min, tm->tm_sec, (int)seconds); } -static int smb_traffic_analyzer_connMode( vfs_handle_struct *handle) +static int smb_traffic_analyzer_connMode(vfs_handle_struct *handle) { connection_struct *conn = handle->conn; const char *Mode; @@ -122,10 +63,9 @@ static int smb_traffic_analyzer_connMode( vfs_handle_struct *handle) } -/* Send data over a internet socket */ -static void smb_traffic_analyzer_send_data_inet_socket( char *String, - vfs_handle_struct *handle, const char *file_name, - bool Write) +/* Connect to an internet socket */ + +static int smb_traffic_analyzer_connect_inet_socket(vfs_handle_struct *handle) { /* Create a streaming Socket */ const char *Hostname; @@ -134,13 +74,11 @@ static void smb_traffic_analyzer_send_data_inet_socket( char *String, struct addrinfo hints; struct addrinfo *ailist = NULL; struct addrinfo *res = NULL; - char Sender[200]; - char TimeStamp[200]; connection_struct *conn = handle->conn; int ret; /* get port number, target system from the config parameters */ - Hostname=lp_parm_const_string(SNUM(conn), "smb_traffic_analyzer", + Hostname=lp_parm_const_string(SNUM(conn), "smb_traffic_analyzer", "host", "localhost"); ZERO_STRUCT(hints); @@ -154,14 +92,14 @@ static void smb_traffic_analyzer_send_data_inet_socket( char *String, &ailist); if (ret) { - DEBUG(3,("smb_traffic_analyzer_send_data_inet_socket: " + DEBUG(3,("smb_traffic_analyzer_connect_inet_socket: " "getaddrinfo failed for name %s [%s]\n", Hostname, gai_strerror(ret) )); - return; + return -1; } - port = atoi( lp_parm_const_string(SNUM(conn), + port = atoi( lp_parm_const_string(SNUM(conn), "smb_traffic_analyzer", "port", "9430")); DEBUG(3,("smb_traffic_analyzer: Internet socket mode. Hostname: %s," @@ -188,116 +126,129 @@ static void smb_traffic_analyzer_send_data_inet_socket( char *String, } if (sockfd == -1) { - DEBUG(1, ("smb_traffic_analyzer: unable to create socket, error is %s", + DEBUG(1, ("smb_traffic_analyzer: unable to create " + "socket, error is %s", strerror(errno))); - return; + return -1; } - strlcpy(Sender, String, sizeof(Sender)); - strlcat(Sender, ",\"", sizeof(Sender)); - strlcat(Sender, get_current_username(), sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - strlcat(Sender, current_user_info.domain, sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - if (Write) - strlcat(Sender, "W", sizeof(Sender)); - else - strlcat(Sender, "R", sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - strlcat(Sender, handle->conn->connectpath, sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender) - 1); - strlcat(Sender, file_name, sizeof(Sender) - 1); - strlcat(Sender, "\",\"", sizeof(Sender) - 1); - get_timestamp(TimeStamp); - strlcat(Sender, TimeStamp, sizeof(Sender) - 1); - strlcat(Sender, "\");", sizeof(Sender) - 1); - DEBUG(10, ("smb_traffic_analyzer: sending %s\n", Sender)); - if ( send(sockfd, Sender, strlen(Sender), 0) == -1 ) { - DEBUG(1, ("smb_traffic_analyzer: error sending data to socket!\n")); - close(sockfd); - return ; - } - - /* one operation, close the socket */ - close(sockfd); + return sockfd; } +/* Connect to a unix domain socket */ - -/* Send data over a unix domain socket */ -static void smb_traffic_analyzer_send_data_unix_socket( char *String , - vfs_handle_struct *handle, const char *file_name, - bool Write) +static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle) { /* Create the socket to stad */ int len, sock; struct sockaddr_un remote; - char Sender[200]; - char TimeStamp[200]; - DEBUG(7, ("smb_traffic_analyzer: Unix domain socket mode. Using " + DEBUG(7, ("smb_traffic_analyzer_connect_unix_socket: " + "Unix domain socket mode. Using " "/var/tmp/stadsocket\n")); if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { - DEBUG(1, ("smb_traffic_analyzer: Couldn create socket," + DEBUG(1, ("smb_traffic_analyzer_connect_unix_socket: " + "Couldn't create socket, " "make sure stad is running!\n")); } remote.sun_family = AF_UNIX; - strlcpy(remote.sun_path, "/var/tmp/stadsocket", + strlcpy(remote.sun_path, "/var/tmp/stadsocket", sizeof(remote.sun_path)); len=strlen(remote.sun_path) + sizeof(remote.sun_family); if (connect(sock, (struct sockaddr *)&remote, len) == -1 ) { - DEBUG(1, ("smb_traffic_analyzer: Could not connect to" + DEBUG(1, ("smb_traffic_analyzer_connect_unix_socket: " + "Could not connect to " "socket, make sure\nstad is running!\n")); close(sock); + return -1; + } + return sock; +} + +/* Send data over a socket */ + +static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, + char *str, + const char *file_name, + bool Write) +{ + int *psockfd = NULL; + char Sender[200]; + char TimeStamp[200]; + + SMB_VFS_HANDLE_GET_DATA(handle, psockfd, int, return); + + if (psockfd == NULL || *psockfd == -1) { + DEBUG(1, ("smb_traffic_analyzer_send_data: socket is " + "closed\n")); return; } - strlcpy(Sender, String, sizeof(Sender)); + + strlcpy(Sender, str, sizeof(Sender)); strlcat(Sender, ",\"", sizeof(Sender)); strlcat(Sender, get_current_username(), sizeof(Sender)); - strlcat(Sender,"\",\"",sizeof(Sender)); + strlcat(Sender, "\",\"", sizeof(Sender)); strlcat(Sender, current_user_info.domain, sizeof(Sender)); strlcat(Sender, "\",\"", sizeof(Sender)); - if (Write) + if (Write) strlcat(Sender, "W", sizeof(Sender)); else strlcat(Sender, "R", sizeof(Sender)); strlcat(Sender, "\",\"", sizeof(Sender)); strlcat(Sender, handle->conn->connectpath, sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - strlcat(Sender, file_name, sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - get_timestamp(TimeStamp); - strlcat(Sender, TimeStamp, sizeof(Sender)); - strlcat(Sender, "\");", sizeof(Sender)); - - DEBUG(10, ("smb_traffic_analyzer: sending %s\n", Sender)); - if ( send(sock, Sender, strlen(Sender), 0) == -1 ) { - DEBUG(1, ("smb_traffic_analyzer: error sending data to" - "socket!\n")); - close(sock); - return; + strlcat(Sender, "\",\"", sizeof(Sender) - 1); + strlcat(Sender, file_name, sizeof(Sender) - 1); + strlcat(Sender, "\",\"", sizeof(Sender) - 1); + get_timestamp(TimeStamp); + strlcat(Sender, TimeStamp, sizeof(Sender) - 1); + strlcat(Sender, "\");", sizeof(Sender) - 1); + DEBUG(10, ("smb_traffic_analyzer_send_data_socket: sending %s\n", + Sender)); + if (send(*psockfd, Sender, strlen(Sender), 0) == -1 ) { + DEBUG(1, ("smb_traffic_analyzer_send_data_socket: " + "error sending data to socket!\n")); + return ; } +} - /* one operation, close the socket */ - close(sock); - return; +static void smb_traffic_analyzer_free_data(void **pptr) +{ + int *pfd = *(int **)pptr; + if(!pfd) { + return; + } + if (*pfd != -1) { + close(*pfd); + } + TALLOC_FREE(pfd); } -static void smb_traffic_analyzer_send_data( char *Buffer , vfs_handle_struct \ - *handle, char *file_name, bool Write, files_struct *fsp) +static int smb_traffic_analyzer_connect(struct vfs_handle_struct *handle, + const char *service, + const char *user) { + int *pfd = TALLOC_P(handle, int); - if (smb_traffic_analyzer_connMode(handle) == UNIX_DOMAIN_SOCKET) { - smb_traffic_analyzer_send_data_unix_socket(Buffer, handle, \ - fsp->fsp_name, Write); - } else { - smb_traffic_analyzer_send_data_inet_socket(Buffer, handle, \ - fsp->fsp_name, Write); - } -} + if (!pfd) { + errno = ENOMEM; + return -1; + } + if (smb_traffic_analyzer_connMode(handle) == UNIX_DOMAIN_SOCKET) { + *pfd = smb_traffic_analyzer_connect_unix_socket(handle); + } else { + *pfd = smb_traffic_analyzer_connect_inet_socket(handle); + } + if (*pfd == -1) { + return -1; + } + /* Store the private data. */ + SMB_VFS_HANDLE_SET_DATA(handle, pfd, smb_traffic_analyzer_free_data, + int, return -1); + return SMB_VFS_NEXT_CONNECT(handle, service, user); +} /* VFS Functions: write, read, pread, pwrite for now */ @@ -308,11 +259,14 @@ static ssize_t smb_traffic_analyzer_read(vfs_handle_struct *handle, \ fstring Buffer; result = SMB_VFS_NEXT_READ(handle, fsp, data, n); - DEBUG(10, ("smb_traffic_analyzer: READ: %s\n", fsp->fsp_name )); + DEBUG(10, ("smb_traffic_analyzer_read: READ: %s\n", fsp->fsp_name )); fstr_sprintf(Buffer, "%u", (uint) result); - smb_traffic_analyzer_send_data(Buffer, handle, fsp->fsp_name, false, fsp); + smb_traffic_analyzer_send_data(handle, + Buffer, + fsp->fsp_name, + false); return result; } @@ -325,10 +279,13 @@ static ssize_t smb_traffic_analyzer_pread(vfs_handle_struct *handle, \ result = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); - DEBUG(10, ("smb_traffic_analyzer: READ: %s\n", fsp->fsp_name )); + DEBUG(10, ("smb_traffic_analyzer_pread: PREAD: %s\n", fsp->fsp_name )); fstr_sprintf(Buffer,"%u", (uint) result); - smb_traffic_analyzer_send_data(Buffer, handle, fsp->fsp_name, false, fsp); + smb_traffic_analyzer_send_data(handle, + Buffer, + fsp->fsp_name, + false); return result; } @@ -341,11 +298,13 @@ static ssize_t smb_traffic_analyzer_write(vfs_handle_struct *handle, \ result = SMB_VFS_NEXT_WRITE(handle, fsp, data, n); - DEBUG(10, ("smb_traffic_analyzer: WRITE: %s\n", fsp->fsp_name )); + DEBUG(10, ("smb_traffic_analyzer_write: WRITE: %s\n", fsp->fsp_name )); fstr_sprintf(Buffer, "%u", (uint) result); - smb_traffic_analyzer_send_data(Buffer, handle, fsp->fsp_name, \ - true, fsp ); + smb_traffic_analyzer_send_data(handle, + Buffer, + fsp->fsp_name, + true); return result; } @@ -357,9 +316,56 @@ static ssize_t smb_traffic_analyzer_pwrite(vfs_handle_struct *handle, \ result = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset); - DEBUG(10, ("smb_traffic_analyzer: PWRITE: %s\n", fsp->fsp_name )); + DEBUG(10, ("smb_traffic_analyzer_pwrite: PWRITE: %s\n", fsp->fsp_name )); fstr_sprintf(Buffer, "%u", (uint) result); - smb_traffic_analyzer_send_data(Buffer, handle, fsp->fsp_name, true, fsp); + smb_traffic_analyzer_send_data(handle, + Buffer, + fsp->fsp_name, + true); return result; } + +/* VFS operations we use */ + +static vfs_op_tuple smb_traffic_analyzer_tuples[] = { + + {SMB_VFS_OP(smb_traffic_analyzer_connect), SMB_VFS_OP_CONNECT, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_read), SMB_VFS_OP_READ, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_pread), SMB_VFS_OP_PREAD, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_write), SMB_VFS_OP_WRITE, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(smb_traffic_analyzer_pwrite), SMB_VFS_OP_PWRITE, + SMB_VFS_LAYER_LOGGER}, + {SMB_VFS_OP(NULL),SMB_VFS_OP_NOOP,SMB_VFS_LAYER_NOOP} +}; + +/* Module initialization */ + +NTSTATUS vfs_smb_traffic_analyzer_init(void) +{ + NTSTATUS ret = smb_register_vfs(SMB_VFS_INTERFACE_VERSION, \ + "smb_traffic_analyzer", smb_traffic_analyzer_tuples); + + if (!NT_STATUS_IS_OK(ret)) { + return ret; + } + + vfs_smb_traffic_analyzer_debug_level = + debug_add_class("smb_traffic_analyzer"); + + if (vfs_smb_traffic_analyzer_debug_level == -1) { + vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; + DEBUG(1, ("smb_traffic_analyzer_init: Couldn't register custom" + "debugging class!\n")); + } else { + DEBUG(3, ("smb_traffic_analyzer_init: Debug class number of" + "'smb_traffic_analyzer': %d\n", \ + vfs_smb_traffic_analyzer_debug_level)); + } + + return ret; +} -- cgit From 4e6445a0720d7265f0bddff71cd2e17d6b2ac057 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Sep 2008 15:21:58 -0700 Subject: Remove current_user_info - not needed. Jeremy. --- source3/modules/vfs_smb_traffic_analyzer.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'source3/modules/vfs_smb_traffic_analyzer.c') diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index cd843e6ad4..12c893fae7 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -27,8 +27,6 @@ /* Prototypes */ -extern userdom_struct current_user_info; - static int vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; /* create the timestamp in sqlite compatible format */ @@ -187,9 +185,9 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, strlcpy(Sender, str, sizeof(Sender)); strlcat(Sender, ",\"", sizeof(Sender)); - strlcat(Sender, get_current_username(), sizeof(Sender)); + strlcat(Sender, handle->conn->server_info->sanitized_username, sizeof(Sender)); strlcat(Sender, "\",\"", sizeof(Sender)); - strlcat(Sender, current_user_info.domain, sizeof(Sender)); + strlcat(Sender, pdb_get_domain(handle->conn->server_info->sam_account), sizeof(Sender)); strlcat(Sender, "\",\"", sizeof(Sender)); if (Write) strlcat(Sender, "W", sizeof(Sender)); -- cgit From c164ff2be5f9af7cc83e43d8c54b54186444fac0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 30 Sep 2008 16:19:37 -0700 Subject: Convert to allocated strings. Use write_data(), not send as this doesn't correctly deal with EINTR. Jim and Holger please check this still works. Jeremy. --- source3/modules/vfs_smb_traffic_analyzer.c | 100 ++++++++++++----------------- 1 file changed, 42 insertions(+), 58 deletions(-) (limited to 'source3/modules/vfs_smb_traffic_analyzer.c') diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index 12c893fae7..3925424214 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -24,29 +24,8 @@ #define UNIX_DOMAIN_SOCKET 1 #define INTERNET_SOCKET 0 - -/* Prototypes */ - static int vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; -/* create the timestamp in sqlite compatible format */ -static void get_timestamp(fstring str) -{ - struct timeval tv; - struct timezone tz; - struct tm *tm; - int seconds; - - gettimeofday(&tv, &tz); - tm=localtime(&tv.tv_sec); - seconds=(float) (tv.tv_usec / 1000); - - fstr_sprintf(str,"%04d-%02d-%02d %02d:%02d:%02d.%03d", \ - tm->tm_year+1900, tm->tm_mon+1, tm->tm_mday, \ - tm->tm_hour, tm->tm_min, tm->tm_sec, (int)seconds); - -} - static int smb_traffic_analyzer_connMode(vfs_handle_struct *handle) { connection_struct *conn = handle->conn; @@ -58,7 +37,6 @@ static int smb_traffic_analyzer_connMode(vfs_handle_struct *handle) } else { return INTERNET_SOCKET; } - } /* Connect to an internet socket */ @@ -167,13 +145,16 @@ static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle) /* Send data over a socket */ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, - char *str, + ssize_t result, const char *file_name, bool Write) { int *psockfd = NULL; - char Sender[200]; - char TimeStamp[200]; + struct timeval tv; + struct tm *tm = NULL; + int seconds; + char *str = NULL; + size_t len; SMB_VFS_HANDLE_GET_DATA(handle, psockfd, int, return); @@ -183,27 +164,39 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, return; } - strlcpy(Sender, str, sizeof(Sender)); - strlcat(Sender, ",\"", sizeof(Sender)); - strlcat(Sender, handle->conn->server_info->sanitized_username, sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - strlcat(Sender, pdb_get_domain(handle->conn->server_info->sam_account), sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - if (Write) - strlcat(Sender, "W", sizeof(Sender)); - else - strlcat(Sender, "R", sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender)); - strlcat(Sender, handle->conn->connectpath, sizeof(Sender)); - strlcat(Sender, "\",\"", sizeof(Sender) - 1); - strlcat(Sender, file_name, sizeof(Sender) - 1); - strlcat(Sender, "\",\"", sizeof(Sender) - 1); - get_timestamp(TimeStamp); - strlcat(Sender, TimeStamp, sizeof(Sender) - 1); - strlcat(Sender, "\");", sizeof(Sender) - 1); + GetTimeOfDay(&tv); + tm=localtime(&tv.tv_sec); + if (!tm) { + return; + } + seconds=(float) (tv.tv_usec / 1000); + + str = talloc_asprintf(talloc_tos(), + "%u,\"%s\",\"%s\",\"%c\",\"%s\",\"%s\"," + "\"%04d-%02d-%02d %02d:%02d:%02d.%03d\");", + (unsigned int)result, + handle->conn->server_info->sanitized_username, + pdb_get_domain(handle->conn->server_info->sam_account), + Write ? 'W' : 'R', + handle->conn->connectpath, + file_name, + tm->tm_year+1900, + tm->tm_mon+1, + tm->tm_mday, + tm->tm_hour, + tm->tm_min, + tm->tm_sec, + (int)seconds); + + if (!str) { + return; + } + + len = strlen(str); + DEBUG(10, ("smb_traffic_analyzer_send_data_socket: sending %s\n", - Sender)); - if (send(*psockfd, Sender, strlen(Sender), 0) == -1 ) { + str)); + if (write_data(*psockfd, str, len) != len) { DEBUG(1, ("smb_traffic_analyzer_send_data_socket: " "error sending data to socket!\n")); return ; @@ -254,15 +247,12 @@ static ssize_t smb_traffic_analyzer_read(vfs_handle_struct *handle, \ files_struct *fsp, void *data, size_t n) { ssize_t result; - fstring Buffer; result = SMB_VFS_NEXT_READ(handle, fsp, data, n); DEBUG(10, ("smb_traffic_analyzer_read: READ: %s\n", fsp->fsp_name )); - fstr_sprintf(Buffer, "%u", (uint) result); - smb_traffic_analyzer_send_data(handle, - Buffer, + result, fsp->fsp_name, false); return result; @@ -273,15 +263,13 @@ static ssize_t smb_traffic_analyzer_pread(vfs_handle_struct *handle, \ files_struct *fsp, void *data, size_t n, SMB_OFF_T offset) { ssize_t result; - fstring Buffer; result = SMB_VFS_NEXT_PREAD(handle, fsp, data, n, offset); DEBUG(10, ("smb_traffic_analyzer_pread: PREAD: %s\n", fsp->fsp_name )); - fstr_sprintf(Buffer,"%u", (uint) result); smb_traffic_analyzer_send_data(handle, - Buffer, + result, fsp->fsp_name, false); @@ -292,15 +280,13 @@ static ssize_t smb_traffic_analyzer_write(vfs_handle_struct *handle, \ files_struct *fsp, const void *data, size_t n) { ssize_t result; - fstring Buffer; result = SMB_VFS_NEXT_WRITE(handle, fsp, data, n); DEBUG(10, ("smb_traffic_analyzer_write: WRITE: %s\n", fsp->fsp_name )); - fstr_sprintf(Buffer, "%u", (uint) result); smb_traffic_analyzer_send_data(handle, - Buffer, + result, fsp->fsp_name, true); return result; @@ -310,15 +296,13 @@ static ssize_t smb_traffic_analyzer_pwrite(vfs_handle_struct *handle, \ files_struct *fsp, const void *data, size_t n, SMB_OFF_T offset) { ssize_t result; - fstring Buffer; result = SMB_VFS_NEXT_PWRITE(handle, fsp, data, n, offset); DEBUG(10, ("smb_traffic_analyzer_pwrite: PWRITE: %s\n", fsp->fsp_name )); - fstr_sprintf(Buffer, "%u", (uint) result); smb_traffic_analyzer_send_data(handle, - Buffer, + result, fsp->fsp_name, true); return result; -- cgit From 370cbe0060cb2670c7f65100954dac6c63030ca0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 1 Oct 2008 12:50:29 -0700 Subject: Turn the socket connections into a refcounted list - in the common case there'll now only be one socket per smbd. Changed the format of the wire data to (a) include a version number (V1) as the first element. (b) removed the ";)" at the end an replaced it with a "\n". Receiver can change back if needed, and now receiver can just log "as-is" to a text file (making testing easier). Added my (C). Sorry Holger, but I've changed quite a bit now. Jeremy. --- source3/modules/vfs_smb_traffic_analyzer.c | 139 ++++++++++++++++++++--------- 1 file changed, 95 insertions(+), 44 deletions(-) (limited to 'source3/modules/vfs_smb_traffic_analyzer.c') diff --git a/source3/modules/vfs_smb_traffic_analyzer.c b/source3/modules/vfs_smb_traffic_analyzer.c index 3925424214..ff61768495 100644 --- a/source3/modules/vfs_smb_traffic_analyzer.c +++ b/source3/modules/vfs_smb_traffic_analyzer.c @@ -3,6 +3,7 @@ * on the net. * * Copyright (C) Holger Hetterich, 2008 + * Copyright (C) Jeremy Allison, 2008 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,12 +22,14 @@ #include "includes.h" /* abstraction for the send_over_network function */ -#define UNIX_DOMAIN_SOCKET 1 -#define INTERNET_SOCKET 0 + +enum sock_type {INTERNET_SOCKET = 0, UNIX_DOMAIN_SOCKET}; + +#define LOCAL_PATHNAME "/var/tmp/stadsocket" static int vfs_smb_traffic_analyzer_debug_level = DBGC_VFS; -static int smb_traffic_analyzer_connMode(vfs_handle_struct *handle) +static enum sock_type smb_traffic_analyzer_connMode(vfs_handle_struct *handle) { connection_struct *conn = handle->conn; const char *Mode; @@ -41,28 +44,22 @@ static int smb_traffic_analyzer_connMode(vfs_handle_struct *handle) /* Connect to an internet socket */ -static int smb_traffic_analyzer_connect_inet_socket(vfs_handle_struct *handle) +static int smb_traffic_analyzer_connect_inet_socket(vfs_handle_struct *handle, + const char *name, uint16_t port) { /* Create a streaming Socket */ - const char *Hostname; int sockfd = -1; - uint16_t port; struct addrinfo hints; struct addrinfo *ailist = NULL; struct addrinfo *res = NULL; - connection_struct *conn = handle->conn; int ret; - /* get port number, target system from the config parameters */ - Hostname=lp_parm_const_string(SNUM(conn), "smb_traffic_analyzer", - "host", "localhost"); - ZERO_STRUCT(hints); /* By default make sure it supports TCP. */ hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_ADDRCONFIG; - ret = getaddrinfo(Hostname, + ret = getaddrinfo(name, NULL, &hints, &ailist); @@ -70,16 +67,13 @@ static int smb_traffic_analyzer_connect_inet_socket(vfs_handle_struct *handle) if (ret) { DEBUG(3,("smb_traffic_analyzer_connect_inet_socket: " "getaddrinfo failed for name %s [%s]\n", - Hostname, + name, gai_strerror(ret) )); return -1; } - port = atoi( lp_parm_const_string(SNUM(conn), - "smb_traffic_analyzer", "port", "9430")); - DEBUG(3,("smb_traffic_analyzer: Internet socket mode. Hostname: %s," - "Port: %i\n", Hostname, port)); + "Port: %i\n", name, port)); for (res = ailist; res; res = res->ai_next) { struct sockaddr_storage ss; @@ -113,15 +107,16 @@ static int smb_traffic_analyzer_connect_inet_socket(vfs_handle_struct *handle) /* Connect to a unix domain socket */ -static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle) +static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle, + const char *name) { /* Create the socket to stad */ int len, sock; struct sockaddr_un remote; DEBUG(7, ("smb_traffic_analyzer_connect_unix_socket: " - "Unix domain socket mode. Using " - "/var/tmp/stadsocket\n")); + "Unix domain socket mode. Using %s\n", + name )); if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) { DEBUG(1, ("smb_traffic_analyzer_connect_unix_socket: " @@ -129,7 +124,7 @@ static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle) "make sure stad is running!\n")); } remote.sun_family = AF_UNIX; - strlcpy(remote.sun_path, "/var/tmp/stadsocket", + strlcpy(remote.sun_path, name, sizeof(remote.sun_path)); len=strlen(remote.sun_path) + sizeof(remote.sun_family); if (connect(sock, (struct sockaddr *)&remote, len) == -1 ) { @@ -142,6 +137,16 @@ static int smb_traffic_analyzer_connect_unix_socket(vfs_handle_struct *handle) return sock; } +/* Private data allowing shared connection sockets. */ + +struct refcounted_sock { + struct refcounted_sock *next, *prev; + char *name; + uint16_t port; + int sock; + unsigned int ref_count; +}; + /* Send data over a socket */ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, @@ -149,16 +154,16 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, const char *file_name, bool Write) { - int *psockfd = NULL; + struct refcounted_sock *rf_sock = NULL; struct timeval tv; struct tm *tm = NULL; int seconds; char *str = NULL; size_t len; - SMB_VFS_HANDLE_GET_DATA(handle, psockfd, int, return); + SMB_VFS_HANDLE_GET_DATA(handle, rf_sock, struct refcounted_sock, return); - if (psockfd == NULL || *psockfd == -1) { + if (rf_sock == NULL || rf_sock->sock == -1) { DEBUG(1, ("smb_traffic_analyzer_send_data: socket is " "closed\n")); return; @@ -172,8 +177,8 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, seconds=(float) (tv.tv_usec / 1000); str = talloc_asprintf(talloc_tos(), - "%u,\"%s\",\"%s\",\"%c\",\"%s\",\"%s\"," - "\"%04d-%02d-%02d %02d:%02d:%02d.%03d\");", + "V1,%u,\"%s\",\"%s\",\"%c\",\"%s\",\"%s\"," + "\"%04d-%02d-%02d %02d:%02d:%02d.%03d\"\n", (unsigned int)result, handle->conn->server_info->sanitized_username, pdb_get_domain(handle->conn->server_info->sam_account), @@ -196,48 +201,94 @@ static void smb_traffic_analyzer_send_data(vfs_handle_struct *handle, DEBUG(10, ("smb_traffic_analyzer_send_data_socket: sending %s\n", str)); - if (write_data(*psockfd, str, len) != len) { + if (write_data(rf_sock->sock, str, len) != len) { DEBUG(1, ("smb_traffic_analyzer_send_data_socket: " "error sending data to socket!\n")); return ; } } +static struct refcounted_sock *sock_list; + static void smb_traffic_analyzer_free_data(void **pptr) { - int *pfd = *(int **)pptr; - if(!pfd) { + struct refcounted_sock *rf_sock = *(struct refcounted_sock **)pptr; + if (rf_sock == NULL) { return; } - if (*pfd != -1) { - close(*pfd); + rf_sock->ref_count--; + if (rf_sock->ref_count != 0) { + return; + } + if (rf_sock->sock != -1) { + close(rf_sock->sock); } - TALLOC_FREE(pfd); + DLIST_REMOVE(sock_list, rf_sock); + TALLOC_FREE(rf_sock); } static int smb_traffic_analyzer_connect(struct vfs_handle_struct *handle, const char *service, const char *user) { - int *pfd = TALLOC_P(handle, int); + connection_struct *conn = handle->conn; + enum sock_type st = smb_traffic_analyzer_connMode(handle); + struct refcounted_sock *rf_sock = NULL; + const char *name = (st == UNIX_DOMAIN_SOCKET) ? LOCAL_PATHNAME : + lp_parm_const_string(SNUM(conn), + "smb_traffic_analyzer", + "host", "localhost"); + uint16_t port = (st == UNIX_DOMAIN_SOCKET) ? 0 : + atoi( lp_parm_const_string(SNUM(conn), + "smb_traffic_analyzer", "port", "9430")); - if (!pfd) { - errno = ENOMEM; - return -1; + /* Are we already connected ? */ + for (rf_sock = sock_list; rf_sock; rf_sock = rf_sock->next) { + if (port == rf_sock->port && + (strcmp(name, rf_sock->name) == 0)) { + break; + } } - if (smb_traffic_analyzer_connMode(handle) == UNIX_DOMAIN_SOCKET) { - *pfd = smb_traffic_analyzer_connect_unix_socket(handle); + /* If we're connected already, just increase the + * reference count. */ + if (rf_sock) { + rf_sock->ref_count++; } else { - *pfd = smb_traffic_analyzer_connect_inet_socket(handle); - } - if (*pfd == -1) { - return -1; + /* New connection. */ + rf_sock = TALLOC_ZERO_P(NULL, struct refcounted_sock); + if (rf_sock == NULL) { + errno = ENOMEM; + return -1; + } + rf_sock->name = talloc_strdup(rf_sock, name); + if (rf_sock->name == NULL) { + TALLOC_FREE(rf_sock); + errno = ENOMEM; + return -1; + } + rf_sock->port = port; + rf_sock->ref_count = 1; + + if (st == UNIX_DOMAIN_SOCKET) { + rf_sock->sock = smb_traffic_analyzer_connect_unix_socket(handle, + name); + } else { + + rf_sock->sock = smb_traffic_analyzer_connect_inet_socket(handle, + name, + port); + } + if (rf_sock->sock == -1) { + TALLOC_FREE(rf_sock); + return -1; + } + DLIST_ADD(sock_list, rf_sock); } /* Store the private data. */ - SMB_VFS_HANDLE_SET_DATA(handle, pfd, smb_traffic_analyzer_free_data, - int, return -1); + SMB_VFS_HANDLE_SET_DATA(handle, rf_sock, smb_traffic_analyzer_free_data, + struct refcounted_sock, return -1); return SMB_VFS_NEXT_CONNECT(handle, service, user); } -- cgit