smbd: use remote arch caching

We're using the client guid as gencache db key, so this can only be used
with SMB 2_10 or higher.

The idea is that whenever we get a direct SMB2 negprot, we can then try
to see if a value is cached for the client's guid.

When a user logs off the cache entry is deleted.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 9c03b2ca8b86158db1814aff4c7dc828dd253c8b..6cfa64f1c75750489fd346cf3b61a60450582cb3 100644 (file)
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -162,6 +162,7 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
        uint32_t max_write = lp_smb2_max_write();
        NTTIME now = timeval_to_nttime(&req->request_time);
        bool signing_required = true;
+       bool ok;
 
        status = smbd_smb2_request_verify_sizes(req, 0x24);
        if (!NT_STATUS_IS_OK(status)) {
@@ -260,6 +261,17 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                }
        }
 
+       if ((dialect != SMB2_DIALECT_REVISION_2FF) &&
+           (protocol >= PROTOCOL_SMB2_10) &&
+           !GUID_all_zero(&in_guid))
+       {
+               ok = remote_arch_cache_update(&in_guid);
+               if (!ok) {
+                       return smbd_smb2_request_error(
+                               req, NT_STATUS_UNSUCCESSFUL);
+               }
+       }
+
        switch (get_remote_arch()) {
        case RA_VISTA:
        case RA_SAMBA:
@@ -532,7 +544,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
                static const uint8_t zeros[8];
                size_t pad = 0;
                size_t ofs;
-               bool ok;
 
                outdyn = data_blob_dup_talloc(req, security_buffer);
                if (outdyn.length != security_buffer.length) {

diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 821024fec185401c2cfa2e2c2a88754758e53b46..6a0caac13084ecdf2531380c3e1a312af2df36cd 100644 (file)
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -1306,6 +1306,9 @@ static void smbd_smb2_logoff_shutdown_done(struct tevent_req *subreq)
        struct smbd_smb2_logoff_state *state = tevent_req_data(
                req, struct smbd_smb2_logoff_state);
        NTSTATUS status;
+       bool ok;
+       const struct GUID *client_guid =
+               &state->smb2req->session->client->connections->smb2.client.guid;
 
        status = smb2srv_session_shutdown_recv(subreq);
        if (tevent_req_nterror(req, status)) {
@@ -1313,6 +1316,14 @@ static void smbd_smb2_logoff_shutdown_done(struct tevent_req *subreq)
        }
        TALLOC_FREE(subreq);
 
+       if (!GUID_all_zero(client_guid)) {
+               ok = remote_arch_cache_delete(client_guid);
+               if (!ok) {
+                       /* Most likely not an error, but not in cache */
+                       DBG_DEBUG("Deletion from remote arch cache failed\n");
+               }
+       }
+
        /*
         * As we've been awoken, we may have changed
         * uid in the meantime. Ensure we're still