From 94fc44a93c46cece9b9fa947bff62087dbcd89fa Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 12 Feb 2001 16:18:02 +0000 Subject: Merge of JohnR's changes to appliance-head, JF's changes to 2.2, updated the POSIX_ACL code to be in sync. Jeremy. (This used to be commit c0517d6f4e3079feca1309fd1ea7b21e83f0de02) --- source3/smbd/process.c | 29 +++++++++++++++++++++++++++-- 1 file changed, 27 insertions(+), 2 deletions(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index eb18219992..461fa99f39 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -769,6 +769,30 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize) return(outsize); } +/**************************************************************************** + Keep track of the number of running smbd's. This functionality is used to + 'hard' limit Samba overhead on resource constrained systems. +****************************************************************************/ +static BOOL smbd_process_limit(void) +{ + int total_smbds; + + if (lp_max_smbd_processes()) { + + /* Always add one to the smbd process count, as exit_server() always + * subtracts one. + */ + tdb_lock_bystring(conn_tdb_ctx(), "INFO/total_smbds"); + total_smbds = tdb_fetch_int(conn_tdb_ctx(), "INFO/total_smbds"); + total_smbds = total_smbds < 0 ? 1 : total_smbds + 1; + tdb_store_int(conn_tdb_ctx(), "INFO/total_smbds", total_smbds); + tdb_unlock_bystring(conn_tdb_ctx(), "INFO/total_smbds"); + + return total_smbds > lp_max_smbd_processes(); + } + else + return False; +} /**************************************************************************** process an smb from the client - split out from the process() code so @@ -792,8 +816,9 @@ void process_smb(char *inbuf, char *outbuf) deny parameters before doing any parsing of the packet passed to us by the client. This prevents attacks on our parsing code from hosts not in the hosts allow list */ - if (!check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))) { - /* send a negative session response "not listining on calling + if (smbd_process_limit() || + !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))) { + /* send a negative session response "not listening on calling name" */ static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81}; DEBUG( 1, ( "Connection denied from %s\n", -- cgit