search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3:smbd: always allow SMB1 signing, but only announce it if configured.
[Samba.git] / source3 / smbd / smbXsrv_version.c
blobb24dae9f12f044dc316df1e3231840111de24195
1 /*
2 Unix SMB/CIFS implementation.
3
4 Copyright (C) Stefan Metzmacher 2012
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "system/filesys.h"
22 #include "smbd/globals.h"
23 #include "dbwrap/dbwrap.h"
24 #include "dbwrap/dbwrap_open.h"
25 #include "lib/util/util_tdb.h"
26 #include "librpc/gen_ndr/ndr_smbXsrv.h"
27 #include "serverid.h"
28
29 /*
30 * This implements a version scheme for file server internal
31 * states. smbXsrv_version_global.tdb stores the possible
32 * and current versions of structure formats (struct smbXsrv_*_global)
33 * per cluster node.
34 *
35 * If the supported versions doesn't match a version of any
36 * of the other nodes, it refused to start.
37 *
38 * This should prevent silent corruption of the internal
39 * databases and structures, if two incompatible implementations
40 * read and write.
41 *
42 * In future this can be used to implement rolling code upgrades
43 * in a cluster, but for now it is simple.
44 */
45
46 static struct db_context *smbXsrv_version_global_db_ctx = NULL;
47 static uint32_t smbXsrv_version_global_current_version = UINT32_MAX;
48
49 NTSTATUS smbXsrv_version_global_init(const struct server_id *server_id)
50 {
51 const char *global_path = NULL;
52 struct db_context *db_ctx = NULL;
53 struct db_record *db_rec = NULL;
54 TDB_DATA key;
55 TDB_DATA val;
56 DATA_BLOB blob;
57 struct smbXsrv_version_globalB global_blob;
58 enum ndr_err_code ndr_err;
59 struct smbXsrv_version_global0 *global = NULL;
60 uint32_t i;
61 uint32_t num_valid = 0;
62 struct smbXsrv_version_node0 *valid = NULL;
63 struct smbXsrv_version_node0 *local_node = NULL;
64 bool exists;
65 NTSTATUS status;
66 const char *key_string = "smbXsrv_version_global";
67 TALLOC_CTX *frame;
68
69 if (smbXsrv_version_global_db_ctx != NULL) {
70 return NT_STATUS_OK;
71 }
72
73 frame = talloc_stackframe();
74
75 global_path = lock_path("smbXsrv_version_global.tdb");
76
77 db_ctx = db_open(NULL, global_path,
78 0, /* hash_size */
79 TDB_DEFAULT |
80 TDB_CLEAR_IF_FIRST |
81 TDB_INCOMPATIBLE_HASH,
82 O_RDWR | O_CREAT, 0600,
83 DBWRAP_LOCK_ORDER_1,
84 DBWRAP_FLAG_NONE);
85 if (db_ctx == NULL) {
86 status = map_nt_error_from_unix_common(errno);
87 DEBUG(0,("smbXsrv_version_global_init: "
88 "failed to open[%s] - %s\n",
89 global_path, nt_errstr(status)));
90 TALLOC_FREE(frame);
91 return status;
92 }
93
94 key = string_term_tdb_data(key_string);
95
96 db_rec = dbwrap_fetch_locked(db_ctx, db_ctx, key);
97 if (db_rec == NULL) {
98 status = NT_STATUS_INTERNAL_DB_ERROR;
99 DEBUG(0,("smbXsrv_version_global_init: "
100 "dbwrap_fetch_locked(%s) - %s\n",
101 key_string, nt_errstr(status)));
102 TALLOC_FREE(frame);
103 return status;
104 }
105
106 val = dbwrap_record_get_value(db_rec);
107 if (val.dsize == 0) {
108 global = talloc_zero(frame, struct smbXsrv_version_global0);
109 if (global == NULL) {
110 DEBUG(0,("smbXsrv_version_global_init: "
111 "talloc_zero failed - %s\n", __location__));
112 TALLOC_FREE(frame);
113 return NT_STATUS_NO_MEMORY;
114 }
115 ZERO_STRUCT(global_blob);
116 global_blob.version = SMBXSRV_VERSION_CURRENT;
117 global_blob.info.info0 = global;
118 } else {
119 blob = data_blob_const(val.dptr, val.dsize);
120
121 ndr_err = ndr_pull_struct_blob(&blob, frame, &global_blob,
122 (ndr_pull_flags_fn_t)ndr_pull_smbXsrv_version_globalB);
123 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
124 status = ndr_map_error2ntstatus(ndr_err);
125 DEBUG(0,("smbXsrv_version_global_init: "
126 "ndr_pull_smbXsrv_version_globalB - %s\n",
127 nt_errstr(status)));
128 TALLOC_FREE(frame);
129 return status;
130 }
131
132 switch (global_blob.version) {
133 case SMBXSRV_VERSION_0:
134 global = global_blob.info.info0;
135 if (global == NULL) {
136 status = NT_STATUS_INTERNAL_DB_CORRUPTION;
137 break;
138 }
139 status = NT_STATUS_OK;
140 break;
141 default:
142 status = NT_STATUS_REVISION_MISMATCH;
143 break;
144 }
145
146 if (!NT_STATUS_IS_OK(status)) {
147 DEBUG(0,("smbXsrv_version_global_init - %s\n",
148 nt_errstr(status)));
149 NDR_PRINT_DEBUG(smbXsrv_version_globalB, &global_blob);
150 TALLOC_FREE(frame);
151 return status;
152 }
153 }
154
155 valid = talloc_zero_array(global,
156 struct smbXsrv_version_node0,
157 global->num_nodes + 1);
158 if (valid == NULL) {
159 DEBUG(0,("smbXsrv_version_global_init: "
160 "talloc_zero_array failed - %s\n", __location__));
161 TALLOC_FREE(frame);
162 return NT_STATUS_NO_MEMORY;
163 }
164
165 num_valid = 0;
166 for (i=0; i < global->num_nodes; i++) {
167 struct smbXsrv_version_node0 *n = &global->nodes[i];
168
169 exists = serverid_exists(&n->server_id);
170 if (!exists) {
171 continue;
172 }
173
174 if (n->min_version > n->max_version) {
175 status = NT_STATUS_INTERNAL_DB_CORRUPTION;
176 DEBUG(0,("smbXsrv_version_global_init - %s\n",
177 nt_errstr(status)));
178 NDR_PRINT_DEBUG(smbXsrv_version_globalB, &global_blob);
179 TALLOC_FREE(frame);
180 return status;
181 }
182
183 if (n->min_version > global_blob.version) {
184 status = NT_STATUS_INTERNAL_DB_CORRUPTION;
185 DEBUG(0,("smbXsrv_version_global_init - %s\n",
186 nt_errstr(status)));
187 NDR_PRINT_DEBUG(smbXsrv_version_globalB, &global_blob);
188 TALLOC_FREE(frame);
189 return status;
190 }
191
192 if (n->max_version < global_blob.version) {
193 status = NT_STATUS_INTERNAL_DB_CORRUPTION;
194 DEBUG(0,("smbXsrv_version_global_init - %s\n",
195 nt_errstr(status)));
196 NDR_PRINT_DEBUG(smbXsrv_version_globalB, &global_blob);
197 TALLOC_FREE(frame);
198 return status;
199 }
200
201 valid[num_valid] = *n;
202 if (server_id->vnn == n->server_id.vnn) {
203 local_node = &valid[num_valid];
204 }
205 num_valid++;
206 }
207
208 if (local_node == NULL) {
209 local_node = &valid[num_valid];
210 num_valid++;
211 }
212
213 local_node->server_id = *server_id;
214 local_node->min_version = SMBXSRV_VERSION_0;
215 local_node->max_version = SMBXSRV_VERSION_CURRENT;
216 local_node->current_version = global_blob.version;
217
218 global->num_nodes = num_valid;
219 global->nodes = valid;
220
221 global_blob.seqnum += 1;
222 global_blob.info.info0 = global;
223
224 ndr_err = ndr_push_struct_blob(&blob, db_rec, &global_blob,
225 (ndr_push_flags_fn_t)ndr_push_smbXsrv_version_globalB);
226 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
227 status = ndr_map_error2ntstatus(ndr_err);
228 DEBUG(0,("smbXsrv_version_global_init: "
229 "ndr_push_smbXsrv_version_globalB - %s\n",
230 nt_errstr(status)));
231 TALLOC_FREE(frame);
232 return status;
233 }
234
235 val = make_tdb_data(blob.data, blob.length);
236 status = dbwrap_record_store(db_rec, val, TDB_REPLACE);
237 TALLOC_FREE(db_rec);
238 if (!NT_STATUS_IS_OK(status)) {
239 DEBUG(0,("smbXsrv_version_global_init: "
240 "dbwrap_record_store - %s\n",
241 nt_errstr(status)));
242 TALLOC_FREE(frame);
243 return status;
244 }
245
246 DEBUG(10,("smbXsrv_version_global_init\n"));
247 if (DEBUGLVL(10)) {
248 NDR_PRINT_DEBUG(smbXsrv_version_globalB, &global_blob);
249 }
250
251 smbXsrv_version_global_db_ctx = db_ctx;
252 smbXsrv_version_global_current_version = global_blob.version;
253
254 TALLOC_FREE(frame);
255 return NT_STATUS_OK;
256 }
257
258 uint32_t smbXsrv_version_global_current(void)
259 {
260 return smbXsrv_version_global_current_version;
261 }
Samba GIT mirror