s3:smbd react on message that client should be disconnected

if MSG_SMB_KILL_CLIENT_IP message comes in and our client has
the IP address given as argument, then shutdown the connection immediately

Signed-off-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 09fe910219a2c571547686775292660af98232c7..7d9f76719276e2fc6cca294ff83a1004aaec952c 100644 (file)
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -2563,6 +2563,32 @@ static int client_get_tcp_info(int sock, struct sockaddr_storage *server,
 }
 #endif
 
+static void msg_kill_client_ip(struct messaging_context *msg_ctx,
+                                 void *private_data, uint32_t msg_type,
+                                 struct server_id server_id, DATA_BLOB *data)
+{
+       struct smbd_server_connection *sconn = talloc_get_type_abort(
+               private_data, struct smbd_server_connection);
+       const char *ip = (char *) data->data;
+       char *client_ip;
+
+       DEBUG(10, ("Got kill request for client IP %s\n", ip));
+
+       client_ip = tsocket_address_inet_addr_string(sconn->remote_address,
+                                                    talloc_tos());
+       if (client_ip == NULL) {
+               return;
+       }
+
+       if (strequal(ip, client_ip)) {
+               DEBUG(1, ("Got kill client message for %s - "
+                         "exiting immediately\n", ip));
+               exit_server_cleanly("Forced disconnect for client");
+       }
+
+       TALLOC_FREE(client_ip);
+}
+
 /*
  * Send keepalive packets to our client
  */
@@ -3528,6 +3554,12 @@ void smbd_process(struct tevent_context *ev_ctx,
        messaging_register(sconn->msg_ctx, sconn,
                           MSG_SMB_CONF_UPDATED, smbd_conf_updated);
 
+       messaging_deregister(sconn->msg_ctx, MSG_SMB_KILL_CLIENT_IP,
+                            NULL);
+       messaging_register(sconn->msg_ctx, sconn,
+                          MSG_SMB_KILL_CLIENT_IP,
+                          msg_kill_client_ip);
+
        /*
         * Use the default MSG_DEBUG handler to avoid rebroadcasting
         * MSGs to all child processes

diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 36be01948ea8b2c0d860e5707c7523d0cd3eccbc..99b0a10a821f867801bade287f296965fe68007a 100644 (file)
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -370,6 +370,17 @@ static void smb_parent_force_tdis(struct messaging_context *ctx,
        messaging_send_to_children(ctx, msg_type, msg_data);
 }
 
+static void smb_parent_kill_client_by_ip(struct messaging_context *ctx,
+                                        void *data,
+                                        uint32_t msg_type,
+                                        struct server_id srv_id,
+                                        DATA_BLOB* msg_data)
+{
+       if (am_parent) {
+               messaging_send_to_children(ctx, msg_type, msg_data);
+       }
+}
+
 static void add_child_pid(struct smbd_parent_context *parent,
                          pid_t pid)
 {
@@ -877,6 +888,8 @@ static bool open_sockets_smbd(struct smbd_parent_context *parent,
                           brl_revalidate);
        messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
                           smb_parent_force_tdis);
+       messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP,
+                          smb_parent_kill_client_by_ip);
 
        messaging_register(msg_ctx, NULL,
                           ID_CACHE_DELETE, smbd_parent_id_cache_delete);