len = smb_len(buf_out) + 4;
- while (nwritten < len) {
- ret = write_data(fd,buf_out+nwritten,len - nwritten);
- if (ret <= 0) {
- DEBUG(0,("Error writing %d bytes to client. %d. (%s)\n",
- (int)len,(int)ret, strerror(errno) ));
- srv_free_enc_buffer(buf_out);
- goto out;
- }
- nwritten += ret;
+ ret = write_data(fd,buf_out+nwritten,len - nwritten);
+ if (ret <= 0) {
+ DEBUG(0,("Error writing %d bytes to client. %d. (%s)\n",
+ (int)len,(int)ret, strerror(errno) ));
+ srv_free_enc_buffer(buf_out);
+ goto out;
}
SMB_PERFCOUNT_SET_MSGLEN_OUT(pcd, len);
size_t unread_bytes,
bool encrypted)
{
+ struct smbd_server_connection *sconn = smbd_server_conn;
size_t req_size = smb_len(inbuf) + 4;
/* Ensure we have at least smb_size bytes. */
if (req_size < smb_size) {
req->buf = (const uint8_t *)smb_buf(inbuf);
req->unread_bytes = unread_bytes;
req->encrypted = encrypted;
- req->conn = conn_find(req->tid);
+ req->conn = conn_find(sconn,req->tid);
req->chain_fsp = NULL;
req->chain_outbuf = NULL;
smb_init_perfcount_data(&req->pcd);
int flags;
uint16 session_tag;
connection_struct *conn = NULL;
+ struct smbd_server_connection *sconn = smbd_server_conn;
errno = 0;
* JRA.
*/
- if (session_tag != last_session_tag) {
+ if (session_tag != sconn->smb1.sessions.last_session_tag) {
user_struct *vuser = NULL;
- last_session_tag = session_tag;
+ sconn->smb1.sessions.last_session_tag = session_tag;
if(session_tag != UID_FIELD_INVALID) {
- vuser = get_valid_user_struct(session_tag);
+ vuser = get_valid_user_struct(sconn, session_tag);
if (vuser) {
set_current_user_info(
vuser->server_info->sanitized_username,
}
}
}
-
/* Does this call need to be run as the connected user? */
if (flags & AS_USER) {
}
return NULL;
}
-
+#ifdef HAVE_INOTIFY
+ if (conn->force_recheck_perm) {
+ int old;
+ int iService = -1;
+ const char *service = NULL;
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ conn->force_recheck_perm = false;
+ DEBUG(5, ("switch_message: rechecking permission for connection %x\n",
+ (unsigned int)conn));
+ old = SNUM(conn);
+ service = lp_servicename(old);
+ conn->read_only = False;
+ if (lp_snum_ok(old) && am_usershare(old)) {
+ iService = load_usershare_service(service);
+ if (iService < 0 || old != iService) {
+ /* non-exist service */
+ DEBUG(5, ("switch_message: deleting connection %x\n",
+ (unsigned int)conn));
+ DEBUG(5, ("snum %d, sname %s\n",
+ old, service ? service : "NULL"));
+ delete_share_security(service);
+ set_current_service(NULL, 0, True);
+ close_cnum(smbd_server_conn, conn, conn->vuid);
+ lp_killservice(old);
+ reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
+ return NULL;
+ }
+
+ /*
+ * Don't have to reauthentication here, but
+ * need to check share permissions.....
+ * the vuid cache is a problem..
+ */
+
+ if (!change_to_root_user()) {
+ smb_panic("cann't change to root user!\n");
+ }
+
+ if (!change_to_user_force_recheck(conn, session_tag,
+ True, &status)) {
+ reply_nterror(req, status);
+ remove_deferred_open_smb_message(req->mid);
+ return conn;
+ }
+ }
+ } else {
+ NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
+ if (!change_to_user_force_recheck(conn, session_tag,
+ False, &status)) {
+ reply_nterror(req, status);
+ remove_deferred_open_smb_message(req->mid);
+ return conn;
+ }
+ }
+#else
if (!change_to_user(conn,session_tag)) {
reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRbaduid));
remove_deferred_open_smb_message(req->mid);
return conn;
}
+#endif
/* All NEED_WRITE and CAN_IPC flags must also have AS_USER. */
goto done;
}
+ if (smbd_server_conn->allow_smb2) {
+ if (smbd_is_smb2_header(inbuf, nread)) {
+ smbd_smb2_first_negprot(smbd_server_conn, inbuf, nread);
+ return;
+ }
+ smbd_server_conn->allow_smb2 = false;
+ }
+
show_msg((char *)inbuf);
construct_reply((char *)inbuf,nread,unread_bytes,seqnum,encrypted,deferred_pcd);
trans_num++;
done:
- conn->num_requests++;
+ conn->smb1.num_requests++;
/* The timeout_processing function isn't run nearly
often enough to implement 'max log size' without
level 10. Checking every 50 SMBs is a nice
tradeoff of performance vs log file size overrun. */
- if ((conn->num_requests % 50) == 0 &&
+ if ((conn->smb1.num_requests % 50) == 0 &&
need_to_check_log_size()) {
change_to_root_user();
check_log_size();
}
req->outbuf = NULL;
} else {
+ /*
+ * Update smb headers where subsequent chained commands
+ * may have updated them.
+ */
+ SCVAL(req->chain_outbuf, smb_tid, CVAL(req->outbuf, smb_tid));
+ SCVAL(req->chain_outbuf, smb_uid, CVAL(req->outbuf, smb_uid));
+
if (!smb_splice_chain(&req->chain_outbuf,
CVAL(req->outbuf, smb_com),
CVAL(req->outbuf, smb_wct),
static void release_ip(const char *ip, void *priv)
{
char addr[INET6_ADDRSTRLEN];
+ char *p = addr;
+
+ client_socket_addr(get_client_fd(),addr,sizeof(addr));
- if (strcmp(client_socket_addr(get_client_fd(),addr,sizeof(addr)), ip) == 0) {
+ if (strncmp("::ffff:", addr, 7) == 0) {
+ p = addr + 7;
+ }
+
+ if ((strcmp(p, ip) == 0) || ((p != addr) && strcmp(addr, ip) == 0)) {
/* we can't afford to do a clean exit - that involves
database writes, which would potentially mean we
are still running after the failover has finished -
*/
static bool deadtime_fn(const struct timeval *now, void *private_data)
{
- if ((conn_num_open() == 0)
- || (conn_idle_all(now->tv_sec))) {
+ struct smbd_server_connection *sconn = smbd_server_conn;
+ if ((conn_num_open(sconn) == 0)
+ || (conn_idle_all(sconn, now->tv_sec))) {
DEBUG( 2, ( "Closing idle connection\n" ) );
messaging_send(smbd_messaging_context(), procid_self(),
MSG_SHUTDOWN, &data_blob_null);
exit_server("failed to create smbd_server_connection");
}
+ if (lp_maxprotocol() == PROTOCOL_SMB2 &&
+ lp_security() != SEC_SHARE) {
+ smbd_server_conn->allow_smb2 = true;
+ }
+
/* Ensure child is set to blocking mode */
set_blocking(smbd_server_fd(),True);
messaging_register(smbd_messaging_context(), NULL,
MSG_SMB_CLOSE_FILE, msg_close_file);
+ /*
+ * Use the default MSG_DEBUG handler to avoid rebroadcasting
+ * MSGs to all child processes
+ */
+ messaging_deregister(smbd_messaging_context(),
+ MSG_DEBUG, NULL);
+ messaging_register(smbd_messaging_context(), NULL,
+ MSG_DEBUG, debug_message);
+
if ((lp_keepalive() != 0)
&& !(event_add_idle(smbd_event_context(), NULL,
timeval_set(lp_keepalive(), 0),
#endif
- max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
+ smbd_server_conn->nbt.got_session = false;
+
+ smbd_server_conn->smb1.negprot.max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
+
+ smbd_server_conn->smb1.sessions.done_sesssetup = false;
+ smbd_server_conn->smb1.sessions.max_send = BUFFER_SIZE;
+ smbd_server_conn->smb1.sessions.last_session_tag = UID_FIELD_INVALID;
+ /* users from session setup */
+ smbd_server_conn->smb1.sessions.session_userlist = NULL;
+ /* workgroup from session setup. */
+ smbd_server_conn->smb1.sessions.session_workgroup = NULL;
+ /* this holds info on user ids that are already validated for this VC */
+ smbd_server_conn->smb1.sessions.validated_users = NULL;
+ smbd_server_conn->smb1.sessions.next_vuid = VUID_OFFSET;
+ smbd_server_conn->smb1.sessions.num_validated_vuids = 0;
+#ifdef HAVE_NETGROUP
+ smbd_server_conn->smb1.sessions.my_yp_domain = NULL;
+#endif
+
+ conn_init(smbd_server_conn);
- smbd_server_conn->fde = event_add_fd(smbd_event_context(),
- smbd_server_conn,
- smbd_server_fd(),
- EVENT_FD_READ,
- smbd_server_connection_handler,
- smbd_server_conn);
- if (!smbd_server_conn->fde) {
+ smbd_server_conn->smb1.fde = event_add_fd(smbd_event_context(),
+ smbd_server_conn,
+ smbd_server_fd(),
+ EVENT_FD_READ,
+ smbd_server_connection_handler,
+ smbd_server_conn);
+ if (!smbd_server_conn->smb1.fde) {
exit_server("failed to create smbd_server_connection fde");
}
git.samba.org / samba.git / blobdiff