| blob | 3f4f6c7034792db459ccf3594b527a68897394c8 |
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 Main SMB server routines
5 Copyright (C) Andrew Tridgell 1992-1997
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
37 /* the last message the was processed */
40 /* a useful macro to debug the last message processed */
41 #define LAST_MESSAGE() smb_fn_name(last_message)
60 /*
61 * Indirection for file fd's. Needed as POSIX locking
62 * is based on file/process, not fd/process.
63 */
69 /*
70 * Size of data we can send to client. Set
71 * by the client for all protocols above CORE.
72 * Set by us for CORE protocol.
73 */
75 /*
76 * Size of the data we can receive. Set by us.
77 * Can be modified by the max xmit parameter.
78 */
81 /* a fnum to use when chaining */
84 /* number of open connections */
87 /* Oplock ipc UDP socket. */
90 /* Current number of oplocks we have outstanding. */
99 /* these can be set by some functions to override the error codes */
110 /* for readability... */
111 #define IS_DOS_READONLY(test_mode) (((test_mode) & aRONLY) != 0)
112 #define IS_DOS_DIR(test_mode) (((test_mode) & aDIR) != 0)
113 #define IS_DOS_ARCHIVE(test_mode) (((test_mode) & aARCH) != 0)
114 #define IS_DOS_SYSTEM(test_mode) (((test_mode) & aSYSTEM) != 0)
115 #define IS_DOS_HIDDEN(test_mode) (((test_mode) & aHIDDEN) != 0)
117 /****************************************************************************
118 when exiting, take the whole family
119 ****************************************************************************/
121 {
124 }
125 /****************************************************************************
126 Send a SIGTERM to our process group.
127 *****************************************************************************/
129 {
131 }
133 /****************************************************************************
134 change a dos mode to a unix mode
135 base permission for files:
136 everybody gets read bit set
137 dos readonly is represented in unix by removing everyone's write bit
138 dos archive is represented in unix by the user's execute bit
139 dos system is represented in unix by the group's execute bit
140 dos hidden is represented in unix by the other's execute bit
141 Then apply create mask,
142 then add force bits.
143 base permission for directories:
144 dos directory is represented in unix by unix's dir bit and the exec bit
145 Then apply create mask,
146 then add force bits.
147 ****************************************************************************/
149 {
156 /* We never make directories read only for the owner as under DOS a user
157 can always create a file in a read-only directory. */
159 /* Apply directory mask */
161 /* Add in force bits */
173 /* Apply mode mask */
175 /* Add in force bits */
177 }
179 }
182 /****************************************************************************
183 change a unix mode to a dos mode
184 ****************************************************************************/
186 {
203 }
217 #ifdef S_ISLNK
218 #if LINKS_READ_ONLY
221 #endif
222 #endif
224 /* hide files with a name starting with a . */
226 {
229 p++;
230 else
235 }
237 /* Optimization : Only call is_hidden_path if it's not already
238 hidden. */
240 {
242 }
255 }
257 /*******************************************************************
258 chmod a file - but preserve some bits
259 ********************************************************************/
261 {
270 }
278 /* preserve the s bits */
281 /* preserve the t bit */
282 #ifdef S_ISVTX
284 #endif
286 /* possibly preserve the x bits */
293 /* if we previously had any r bits set then leave them alone */
297 }
299 /* if we previously had any w bits set then leave them alone
300 if the new mode is not rdonly */
305 }
308 }
310 /*******************************************************************
311 Wrapper around sys_utime that possibly allows DOS semantics rather
312 than POSIX.
313 *******************************************************************/
316 {
332 /* We have permission (given by the Samba admin) to
333 break POSIX semantics and allow a user to change
334 the time on a file they don't own but can write to
335 (as DOS does).
336 */
341 /* Check if we have write access. */
349 /* We are allowed to become root and change the filetime. */
353 }
354 }
357 }
359 /*******************************************************************
360 Change a filetime - possibly allowing DOS semantics.
361 *******************************************************************/
364 {
373 }
376 }
378 /****************************************************************************
379 check if two filenames are equal
381 this needs to be careful about whether we are case sensitive
382 ****************************************************************************/
384 {
388 /* handle filenames ending in a single dot */
390 {
391 BOOL ret;
396 }
399 {
400 BOOL ret;
405 }
407 /* now normal filename handling */
412 }
415 /****************************************************************************
416 mangle the 2nd name and check if it is then equal to the first name
417 ****************************************************************************/
419 {
420 pstring tmpname;
429 }
432 /****************************************************************************
433 scan a directory to find a filename, matching without case sensitivity
435 If the name looks like a mangled name then try via the mangling functions
436 ****************************************************************************/
438 {
441 BOOL mangled;
442 pstring name2;
446 /* handle null paths */
453 }
458 /* open the directory */
460 {
463 }
465 /* now scan for matching names */
467 {
476 || fname_equal(name, name2)) /* name2 here was changed to dname - since 1.9.16p2 - not sure of reason (jra) */
477 {
478 /* we've found the file, change it's name and return */
483 }
484 }
488 }
490 /****************************************************************************
491 This routine is called to convert names from the dos namespace to unix
492 namespace. It needs to handle any case conversions, mangling, format
493 changes etc.
495 We assume that we have already done a chdir() to the right "root" directory
496 for this service.
498 The function will return False if some part of the name except for the last
499 part cannot be resolved
501 If the saved_last_component != 0, then the unmodified last component
502 of the pathname is returned there. This is used in an exceptional
503 case in reply_mv (so far). If saved_last_component == 0 then nothing
504 is returned there.
506 The bad_path arg is set to True if the filename walk failed. This is
507 used to pick the correct error code to return between ENOENT and ENOTDIR
508 as Windows applications depend on ERRbadpath being returned if a component
509 of a pathname does not exist.
510 ****************************************************************************/
512 {
515 pstring dirpath;
524 /* convert to basic unix format - removing \ chars and cleaning it up */
528 /* names must be relative to the root of the service - trim any leading /.
529 also trim trailing /'s */
532 /*
533 * Ensure saved_last_component is valid even if file exists.
534 */
539 else
541 }
547 /* check if it's a printer file */
549 {
551 {
553 fstring name2;
555 /* sanitise the name */
559 }
561 }
563 /* stat the name - if it exists then we are all done! */
571 /* a special case - if we don't have any mangling chars and are case
572 sensitive then searching won't help */
577 /* now we need to recursively match the name against the real
578 directory structure */
584 /* now match each part of the path name separately, trying the names
585 as is first, then trying to scan the directory for matching names */
587 {
588 /* pinpoint the end of this section of the filename */
591 /* chop the name at this point */
597 /* check if the name exists up to this point */
599 {
600 /* it exists. it must either be a directory or this must be
601 the last part of the path for it to be OK */
603 {
604 /* an intermediate part of the name isn't a directory */
608 }
609 }
610 else
611 {
612 pstring rest;
616 /* remember the rest of the pathname so it can be restored
617 later */
620 /* try to find this part of the path in the directory */
623 {
625 {
626 /* an intermediate part of the name can't be found */
629 /* We need to return the fact that the intermediate
630 name resolution failed. This is used to return an
631 error of ERRbadpath rather than ERRbadfile. Some
632 Windows applications depend on the difference between
633 these two errors.
634 */
637 }
639 /* just the last part of the name doesn't exist */
640 /* we may need to strupper() or strlower() it in case
641 this conversion is being used for file creation
642 purposes */
643 /* if the filename is of mixed case then don't normalise it */
648 /* check on the mangled stack to see if we can recover the
649 base of the filename */
655 }
657 /* restore the rest of the string */
659 {
662 }
663 }
665 /* add to the dirpath that we have resolved so far */
669 /* restore the / that we wiped out earlier */
671 }
673 /* the name has been resolved */
676 }
679 /****************************************************************************
680 normalise for DOS usage
681 ****************************************************************************/
683 {
684 /* check if the disk is beyond the max disk size */
687 /* convert to blocks - and don't overflow */
691 applications getting
692 div by 0 errors */
693 }
696 {
701 {
708 }
709 }
710 }
712 /****************************************************************************
713 return number of 1K blocks available on a path and total number
714 ****************************************************************************/
716 {
719 #ifdef QUOTAS
724 #endif
726 #ifndef NO_STATFS
727 #ifdef USE_STATVFS
729 #else
730 #ifdef ULTRIX
732 #else
734 #endif
735 #endif
736 #endif
738 /* possibly use system() to get the result */
740 {
742 pstring syscmd;
743 pstring outfile;
752 {
758 {
761 }
762 else
764 }
769 #ifdef QUOTAS
770 /* Ensure we return the min value between the users quota and
771 what's free on the disk. Thanks to Albrecht Gebhardt
772 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
773 */
775 {
780 /* maybe dfree and dfreeq are calculated using different bsizes
781 so convert dfree from bsize into bsizeq */
782 /* avoid overflows due to multiplication, so do not:
783 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
784 bsize and bsizeq are powers of 2 so its better to
785 to divide them getting a multiplication or division factor
786 for dfree. Rene Nieuwenhuizen (07-10-1997) */
789 else
794 }
795 #endif
797 }
799 #ifdef NO_STATFS
802 #else
803 #ifdef STATFS4
805 #else
806 #ifdef USE_STATVFS
808 #else
809 #ifdef STATFS3
811 #else
816 {
822 }
824 #ifdef ULTRIX
828 #else
829 #ifdef USE_STATVFS
831 #else
832 #ifdef USE_F_FSIZE
833 /* eg: osf1 has f_fsize = fundamental filesystem block size,
834 f_bsize = optimal transfer block size (MX: 94-04-19) */
836 #else
841 #ifdef STATFS4
843 #else
849 #if defined(SCO) || defined(ISC) || defined(MIPS)
851 #endif
853 /* handle rediculous bsize values - some OSes are broken */
861 {
865 }
867 #ifdef QUOTAS
868 /* Ensure we return the min value between the users quota and
869 what's free on the disk. Thanks to Albrecht Gebhardt
870 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
871 */
873 {
878 /* maybe dfree and dfreeq are calculated using different bsizes
879 so convert dfree from bsize into bsizeq */
880 /* avoid overflows due to multiplication, so do not:
881 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
882 bsize and bsizeq are powers of 2 so its better to
883 to divide them getting a multiplication or division factor
884 for dfree. Rene Nieuwenhuizen (07-10-1997) */
887 else
892 }
893 #endif
895 #endif
896 }
899 /****************************************************************************
900 wrap it to get filenames right
901 ****************************************************************************/
903 {
905 }
909 /****************************************************************************
910 check a filename - possibly caling reducename
912 This is called by every routine before it allows an operation on a filename.
913 It does any final confirmation necessary to ensure that the filename is
914 a valid one for the user to access.
915 ****************************************************************************/
917 {
918 BOOL ret;
923 {
926 }
930 /* Check if we are allowing users to follow symlinks */
931 /* Patch from David Clerc <David.Clerc@cui.unige.ch>
932 University of Geneva */
934 #ifdef S_ISLNK
936 {
940 {
943 }
944 }
945 #endif
951 }
953 /****************************************************************************
954 check a filename - possibly caling reducename
955 ****************************************************************************/
957 {
958 /* special case of pipe opens */
963 {
967 }
968 }
970 /****************************************************************************
971 fd support routines - attempt to do a sys_open
972 ****************************************************************************/
974 {
977 /* Fix for files ending in '.' */
980 {
983 }
985 #if (defined(ENAMETOOLONG) && defined(HAVE_PATHCONF))
987 {
992 {
994 p++;
995 }
997 {
1000 }
1001 else
1002 {
1006 p++;
1007 }
1009 {
1015 }
1016 }
1017 #endif
1019 }
1021 /****************************************************************************
1022 fd support routines - attempt to find an already open file by dev
1023 and inode - increments the ref_count of the returned file_fd_struct *.
1024 ****************************************************************************/
1026 {
1043 }
1044 }
1046 }
1048 /****************************************************************************
1049 fd support routines - attempt to find a empty slot in the FileFd array.
1050 Increments the ref_count of the returned entry.
1051 ****************************************************************************/
1053 {
1067 /* Increment max used counter if neccessary, cuts down
1068 on search time when re-using */
1074 }
1075 }
1079 }
1081 /****************************************************************************
1082 fd support routines - attempt to re-open an already open fd as O_RDWR.
1083 Save the already open fd (we cannot close due to POSIX file locking braindamage.
1084 ****************************************************************************/
1086 {
1099 }
1101 /****************************************************************************
1102 fd support routines - attempt to close the file referenced by this fd.
1103 Decrements the ref_count and returns it.
1104 ****************************************************************************/
1106 {
1107 DEBUG(3,("fd_attempt_close on file_fd_struct %d, fd = %d, dev = %x, inode = %x, open_flags = %d, ref_count = %d.\n",
1127 }
1128 }
1130 }
1132 /****************************************************************************
1133 open a file
1134 ****************************************************************************/
1136 {
1138 pstring fname;
1150 /* check permissions */
1152 {
1156 }
1158 /* this handles a bug in Win95 - it doesn't say to create the file when it
1159 should */
1163 /*
1164 if (flags == O_WRONLY)
1165 DEBUG(3,("Bug in client? Set O_WRONLY without O_CREAT\n"));
1166 */
1168 /*
1169 * Ensure we have a valid struct stat so we can search the
1170 * open fd table.
1171 */
1180 }
1184 }
1185 }
1187 /*
1188 * Check to see if we have this file already
1189 * open. If we do, just use the already open fd and increment the
1190 * reference count (fd_get_already_open increments the ref_count).
1191 */
1196 /* File was already open. */
1201 }
1203 /*
1204 * If not opened O_RDWR try
1205 * and do that here - a chmod may have been done
1206 * between the last open and now.
1207 */
1211 /*
1212 * Ensure that if we wanted write access
1213 * it has been opened for write, and if we wanted read it
1214 * was open for read.
1215 */
1224 }
1228 /* We need to allocate a new file_fd_struct (this increments the
1229 ref_count). */
1232 /*
1233 * Whatever the requested flags, attempt read/write access,
1234 * as we don't know what flags future file opens may require.
1235 * If this fails, try again with the required flags.
1236 * Even if we open read/write when only read access was
1237 * requested the setting of the can_write flag in
1238 * the file_struct will protect us from errant
1239 * write requests. We never need to worry about O_APPEND
1240 * as this is not set anywhere in Samba.
1241 */
1243 /* Set the flags as needed without the read/write modes. */
1246 /*
1247 * On some systems opening a file for R/W access on a read only
1248 * filesystems sets errno to EROFS.
1249 */
1250 #ifdef EROFS
1261 }
1262 }
1263 }
1267 pstring dname;
1281 }
1282 }
1285 {
1288 /* Ensure the ref_count is decremented. */
1292 }
1295 {
1297 /* Do the fstat */
1299 /* Error - backout !! */
1302 /* Ensure the ref_count is decremented. */
1305 }
1307 }
1308 /* Set the correct entries in fd_ptr. */
1333 /*
1334 * If the printer is marked as postscript output a leading
1335 * file identifier to ensure the file is treated as a raw
1336 * postscript file.
1337 * This has a similar effect as CtrlD=0 in WIN.INI file.
1338 * tim@fsg.com 09/06/94
1339 */
1342 {
1345 }
1352 }
1354 #if USE_MMAP
1355 /* mmap it if read-only */
1357 {
1363 {
1366 }
1367 }
1368 #endif
1369 }
1371 /*******************************************************************
1372 sync a file
1373 ********************************************************************/
1375 {
1376 #ifndef NO_FSYNC
1378 #endif
1379 }
1381 /****************************************************************************
1382 run a file if it is a magic script
1383 ****************************************************************************/
1385 {
1391 {
1395 else
1396 p++;
1400 }
1402 {
1404 pstring magic_output;
1405 pstring fname;
1410 else
1417 }
1418 }
1421 /****************************************************************************
1422 close a file - possibly invalidating the read prediction
1424 If normal_close is 1 then this came from a normal SMBclose (or equivalent)
1425 operation otherwise it came as the result of some other operation such as
1426 the closing of the connection. In the latter case printing and
1427 magic scripts are not run
1428 ****************************************************************************/
1430 {
1437 #if USE_READ_PREDICTION
1439 #endif
1444 {
1447 }
1449 #if USE_MMAP
1451 {
1454 }
1455 #endif
1458 {
1461 }
1468 /* NT uses smbclose to start a print - weird */
1472 /* check for magic scripts */
1477 global_oplocks_open--;
1482 }
1486 /*******************************************************************
1487 reproduce the share mode access table
1488 ********************************************************************/
1491 {
1501 /* the new smbpub.zip spec says that if the file extension is
1502 .com, .dll, .exe or .sym then allow the open. I will force
1503 it to read-only as this seems sensible although the spec is
1504 a little unclear on this. */
1511 }
1514 }
1517 {
1533 }
1535 }
1537 /*******************************************************************
1538 check if the share mode on a file allows it to be deleted or unlinked
1539 return True if sharing doesn't prevent the operation
1540 ********************************************************************/
1542 {
1563 /*
1564 * Check if the share modes will give us access.
1565 */
1568 {
1569 BOOL broke_oplock;
1571 do
1572 {
1576 {
1579 /*
1580 * Break oplocks before checking share modes. See comment in
1581 * open_file_shared for details.
1582 * Check if someone has an oplock on this file. If so we must
1583 * break it before continuing.
1584 */
1586 {
1591 /* Oplock break.... */
1594 {
1599 }
1603 }
1605 /* someone else has a share lock on it, check to see
1606 if we can too */
1613 {
1616 }
1618 }
1620 /* XXXX exactly what share mode combinations should be allowed for
1621 deleting/renaming? */
1622 /* If we got here then either there were no share modes or
1623 all share modes were DENY_DOS and the pid == getpid() */
1626 free_and_exit:
1632 }
1634 /****************************************************************************
1635 C. Hoch 11/22/95
1636 Helper for open_file_shared.
1637 Truncate a file after checking locking; close file if locked.
1638 **************************************************************************/
1641 {
1644 /* If share modes are in force for this connection we
1645 have the share entry locked. Unlock it before closing. */
1650 /* Share mode no longer locked. */
1655 }
1656 else
1658 }
1659 }
1661 /****************************************************************************
1662 check if we can open a file with a share mode
1663 ****************************************************************************/
1666 {
1671 {
1675 }
1677 {
1685 {
1690 }
1698 }
1700 }
1702 /****************************************************************************
1703 open a file with a share mode
1704 ****************************************************************************/
1707 {
1724 /* this is for OS/2 EAs - try and say we don't support them */
1726 {
1728 /* OS/2 Workplace shell fix may be main code stream in a later release. */
1729 #ifdef OS2_WPS_FIX
1736 }
1739 {
1742 }
1749 /* note that we ignore the append flag as
1750 append does not mean the same thing under dos and unix */
1753 {
1767 }
1771 {
1773 {
1776 }
1778 }
1781 {
1785 }
1790 {
1795 {
1801 }
1803 /*
1804 * Check if the share modes will give us access.
1805 */
1808 {
1809 BOOL broke_oplock;
1811 do
1812 {
1816 {
1819 /*
1820 * By observation of NetBench, oplocks are broken *before* share
1821 * modes are checked. This allows a file to be closed by the client
1822 * if the share mode would deny access and the client has an oplock.
1823 * Check if someone has an oplock on this file. If so we must break
1824 * it before continuing.
1825 */
1827 {
1832 /* Oplock break.... */
1835 {
1843 }
1847 }
1849 /* someone else has a share lock on it, check to see
1850 if we can too */
1852 {
1859 }
1864 {
1867 }
1869 }
1873 }
1880 {
1883 }
1886 {
1890 {
1891 /* We created the file - thus we must now lock the share entry before creating it. */
1896 }
1899 {
1909 }
1917 {
1921 }
1922 /* We must create the share mode entry before truncate as
1923 truncate can fail due to locking and have to close the
1924 file (which expects the share_mode_entry to be there).
1925 */
1927 {
1929 /* JRA. Currently this only services Exlcusive and batch
1930 oplocks (no other opens on this file). This needs to
1931 be extended to level II oplocks (multiple reader
1932 oplocks). */
1936 {
1938 global_oplocks_open++;
1944 }
1945 else
1946 {
1949 }
1951 }
1955 }
1959 }
1961 /****************************************************************************
1962 seek a file. Try to avoid the seek if possible
1963 ****************************************************************************/
1965 {
1973 }
1975 /****************************************************************************
1976 read from a file
1977 ****************************************************************************/
1979 {
1982 #if USE_READ_PREDICTION
1984 {
1990 }
1991 #endif
1993 #if USE_MMAP
1995 {
1998 {
2004 }
2005 }
2006 #endif
2012 {
2015 }
2020 }
2023 }
2026 /****************************************************************************
2027 write to a file
2028 ****************************************************************************/
2030 {
2034 }
2043 }
2044 }
2045 }
2048 }
2051 /****************************************************************************
2052 load parameters specific to a connection/service
2053 ****************************************************************************/
2055 {
2061 {
2064 }
2073 {
2077 }
2092 }
2095 /****************************************************************************
2096 find a service entry
2097 ****************************************************************************/
2099 {
2106 /* now handle the special case of a home directory */
2108 {
2113 {
2116 {
2119 }
2120 }
2121 }
2123 /* If we still don't have a service, attempt to add it as a printer. */
2125 {
2129 {
2135 {
2142 }
2143 else
2145 }
2146 }
2148 /* just possibly it's a default service? */
2150 {
2157 }
2158 }
2159 }
2163 {
2166 }
2172 }
2175 /****************************************************************************
2176 create an error packet from a cached error.
2177 ****************************************************************************/
2179 {
2185 /* We can now delete the auxiliary struct */
2189 }
2192 struct
2193 {
2198 {
2210 #ifdef EDQUOT
2212 #endif
2213 #ifdef ENOTEMPTY
2215 #endif
2216 #ifdef EXDEV
2218 #endif
2221 };
2223 /****************************************************************************
2224 create an error packet from errno
2225 ****************************************************************************/
2227 {
2233 {
2238 }
2239 else
2240 {
2242 {
2244 {
2248 }
2249 i++;
2250 }
2251 }
2254 }
2257 /****************************************************************************
2258 create an error packet. Normally called using the ERROR() macro
2259 ****************************************************************************/
2261 {
2271 line,
2274 error_class,
2275 error_code));
2281 }
2284 #ifndef SIGCLD_IGNORE
2285 /****************************************************************************
2286 this prevents zombie child processes
2287 ****************************************************************************/
2289 {
2292 {
2296 }
2297 depth++;
2302 #ifdef USE_WAITPID
2304 #endif
2306 /* Stop zombies */
2307 /* Stevens, Adv. Unix Prog. says that on system V you must call
2308 wait before reinstalling the signal handler, because the kernel
2309 calls the handler from within the signal-call when there is a
2310 child that has exited. This would lead to an infinite recursion
2311 if done vice versa. */
2313 #ifndef DONT_REINSTALL_SIG
2314 #ifdef SIGCLD_IGNORE
2316 #else
2318 #endif
2319 #endif
2321 #ifndef USE_WAITPID
2323 #endif
2324 depth--;
2327 }
2328 #endif
2330 /****************************************************************************
2331 this is called when the client exits abruptly
2332 **************************************************************************/
2334 {
2341 #ifndef DONT_REINSTALL_SIG
2343 #endif
2346 }
2350 }
2352 /****************************************************************************
2353 open the socket communication
2354 ****************************************************************************/
2356 {
2360 {
2363 fd_set listen_set;
2367 /* Stop zombies */
2368 #ifdef SIGCLD_IGNORE
2370 #else
2372 #endif
2380 {
2381 /* We have been given an interfaces line, and been
2382 told to only bind to those interfaces. Create a
2383 socket per interface and bind to only these.
2384 */
2387 {
2391 }
2393 /* Now open a listen socket for each of the interfaces. */
2395 {
2399 {
2402 }
2406 /* ready to listen */
2408 {
2412 }
2414 }
2415 }
2416 else
2417 {
2418 /* Just bind to 0.0.0.0 - accept connections from anywhere. */
2421 /* open an incoming socket */
2426 /* ready to listen */
2428 {
2432 }
2436 }
2438 /* now accept incoming connections - forking a new process
2439 for each incoming connection */
2442 {
2443 fd_set lfds;
2453 /* Find the sockets that are read-ready - accept on these. */
2455 {
2461 {
2463 {
2465 /* Clear this so we don't look at it again. */
2468 }
2469 }
2477 {
2480 }
2482 #ifdef NO_FORK_DEBUG
2483 #ifndef NO_SIGNAL_TEST
2490 {
2491 /* Child code ... */
2493 #ifndef NO_SIGNAL_TEST
2497 /* close the listening socket(s) */
2501 /* close our standard file descriptors */
2508 /* Reset global variables in util.c so that
2509 client substitutions will be done correctly
2510 in the process.
2511 */
2514 }
2516 #endif /NO_FORK_DEBUG */
2520 else
2521 {
2522 /* Started from inetd. fd 0 is the socket. */
2523 /* We will abort gracefully when the client or remote system
2524 goes away */
2525 #ifndef NO_SIGNAL_TEST
2527 #endif
2530 /* close our standard file descriptors */
2535 }
2538 }
2540 /****************************************************************************
2541 process an smb from the client - split out from the process() code so
2542 it can be used by the oplock break code.
2543 ****************************************************************************/
2546 {
2554 /* on the first packet, check the global hosts allow/ hosts
2555 deny parameters before doing any parsing of the packet
2556 passed to us by the client. This prevents attacks on our
2557 parsing code from hosts not in the hosts allow list */
2559 /* send a negative session response "not listining on calling
2560 name" */
2566 }
2567 }
2572 #ifdef WITH_VTP
2574 {
2577 }
2578 #endif
2586 {
2591 {
2594 }
2595 else
2597 }
2598 trans_num++;
2599 }
2601 /****************************************************************************
2602 open the oplock IPC socket communication
2603 ****************************************************************************/
2605 {
2611 /* Open a lookback UDP socket on a random port. */
2614 {
2619 }
2621 /* Find out the transient UDP port we have been allocated. */
2623 {
2630 }
2637 }
2639 /****************************************************************************
2640 process an oplock break message.
2641 ****************************************************************************/
2643 {
2644 int32 msg_len;
2645 uint16 from_port;
2656 /* Switch on message command - currently OPLOCK_BREAK_CMD is the
2657 only valid request. */
2660 {
2662 /* Ensure that the msg length is correct. */
2664 {
2668 }
2669 {
2682 /*
2683 * If we have no record of any currently open oplocks,
2684 * it's not an error, as a close command may have
2685 * just been issued on the file that was oplocked.
2686 * Just return success in this case.
2687 */
2690 {
2692 {
2696 }
2697 }
2698 else
2699 {
2702 }
2704 /* Send the message back after OR'ing in the 'REPLY' bit. */
2714 {
2718 }
2724 }
2726 /*
2727 * Keep this as a debug case - eventually we can remove it.
2728 */
2734 {
2738 }
2740 {
2748 }
2755 }
2757 }
2759 /****************************************************************************
2760 Process an oplock break directly.
2761 ****************************************************************************/
2763 {
2776 {
2781 }
2788 }
2789 }
2791 /* We need to search the file open table for the
2792 entry containing this dev and inode, and ensure
2793 we have an oplock on it. */
2795 {
2797 {
2803 }
2804 }
2807 {
2808 /* The file could have been closed in the meantime - return success. */
2812 }
2814 /* Ensure we have an oplock on the file */
2816 /* There is a potential race condition in that an oplock could
2817 have been broken due to another udp request, and yet there are
2818 still oplock break messages being sent in the udp message
2819 queue for this file. So return true if we don't have an oplock,
2820 as we may have just freed it.
2821 */
2824 {
2828 }
2830 /* Now comes the horrid part. We must send an oplock break to the client,
2831 and then process incoming messages until we get a close or oplock release.
2832 */
2834 /* Prepare the SMBlockingX message. */
2846 /* Change this when we have level II oplocks. */
2851 /* We need this in case a readraw crosses on the wire. */
2854 /* Process incoming messages. */
2856 /* JRA - If we don't get a break from the client in OPLOCK_BREAK_TIMEOUT
2857 seconds we should just die.... */
2862 {
2864 {
2865 /*
2866 * Die if we got an error.
2867 */
2884 }
2887 /*
2888 * Die if we go over the time limit.
2889 */
2892 {
2899 }
2900 }
2902 /* We need this in case a readraw crossed on the wire. */
2906 /*
2907 * If the client did not respond we must die.
2908 */
2911 {
2917 }
2920 {
2921 /* The lockingX reply will have removed the oplock flag
2922 from the sharemode. */
2923 /* Paranoia.... */
2925 global_oplocks_open--;
2926 }
2928 /* Santity check - remove this later. JRA */
2930 {
2932 global_oplocks_open));
2934 }
2940 }
2942 /****************************************************************************
2943 Send an oplock break message to another smbd process. If the oplock is held
2944 by the local smbd then call the oplock break function directly.
2945 ****************************************************************************/
2949 {
2955 {
2956 /* We are breaking our own oplock, make sure it's us. */
2958 {
2962 }
2966 /* Call oplock break direct. */
2968 }
2970 /* We need to send a OPLOCK_BREAK_CMD message to the
2971 port in the share mode entry. */
2980 /* set the address and port */
2987 for dev = %x, inode = %x\n", timestring(), share_entry->pid, share_entry->op_port, dev, inode));
2991 {
2997 }
2999 /*
3000 * Now we must await the oplock broken message coming back
3001 * from the target smbd process. Timeout if it fails to
3002 * return in (OPLOCK_BREAK_TIMEOUT + OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR) seconds.
3003 * While we get messages that aren't ours, loop.
3004 */
3007 {
3009 int32 reply_msg_len;
3010 uint16 reply_from_port;
3015 {
3017 {
3021 /*
3022 * This is a hack to make handling of failing clients more robust.
3023 * If a oplock break response message is not received in the timeout
3024 * period we may assume that the smbd servicing that client holding
3025 * the oplock has died and the client changes were lost anyway, so
3026 * we should continue to try and open the file.
3027 */
3029 }
3030 else
3035 }
3037 /*
3038 * If the response we got was not an answer to our message, but
3039 * was a completely different request, push it onto the pending
3040 * udp message stack so that we can deal with it in the main loop.
3041 * It may be another oplock break request to us.
3042 */
3044 /*
3045 * Local note from JRA. There exists the possibility of a denial
3046 * of service attack here by allowing non-root processes running
3047 * on a local machine sending many of these pending messages to
3048 * a smbd port. Currently I'm not sure how to restrict the messages
3049 * I will queue (although I could add a limit to the queue) to
3050 * those received by root processes only. There should be a
3051 * way to make this bulletproof....
3052 */
3060 {
3061 /* Ignore it. */
3065 }
3072 {
3079 }
3082 }
3087 }
3089 /****************************************************************************
3090 Get the next SMB packet, doing the local message processing automatically.
3091 ****************************************************************************/
3094 {
3096 BOOL ret;
3098 do
3099 {
3104 {
3105 /* Deal with oplock break requests from other smbd's. */
3108 }
3109 }
3113 }
3115 /****************************************************************************
3116 check if a snum is in use
3117 ****************************************************************************/
3119 {
3125 }
3127 /****************************************************************************
3128 reload the services file
3129 **************************************************************************/
3131 {
3132 BOOL ret;
3135 {
3136 pstring fname;
3139 {
3142 }
3143 }
3154 /* perhaps the config filename is now set */
3162 {
3167 }
3168 }
3172 /* this forces service parameters to be flushed */
3176 }
3180 /****************************************************************************
3181 this prevents zombie child processes
3182 ****************************************************************************/
3184 {
3188 #ifndef DONT_REINSTALL_SIG
3190 #endif
3193 }
3195 /****************************************************************************
3196 Setup the groups a user belongs to.
3197 ****************************************************************************/
3201 {
3203 {
3205 {
3209 }
3210 }
3211 else
3212 {
3223 {
3226 }
3235 /* The following bit of code is very strange. It is due to the
3236 fact that some OSes use int* and some use gid_t* for
3237 getgroups, and some (like SunOS) use both, one in prototypes,
3238 and one in man pages and the actual code. Thus we detect it
3239 dynamically using some very ugly code */
3241 {
3242 /* does getgroups return ints or gid_t ?? */
3255 {
3258 }
3259 else
3260 {
3264 {
3266 }
3269 }
3270 }
3275 }
3277 }
3279 /****************************************************************************
3280 make a connection to a service
3281 ****************************************************************************/
3283 {
3296 {
3298 {
3301 }
3305 }
3308 {
3313 {
3316 }
3317 }
3321 }
3323 /* you can only connect to the IPC$ service as an ipc device */
3328 {
3331 else
3333 }
3335 /* if the request is as a printer and you can't print then refuse */
3340 }
3342 /* lowercase the user name */
3345 /* add it as a possible user name */
3348 /* shall we let them in? */
3350 {
3353 }
3357 {
3360 }
3365 /* find out some info about the user */
3369 {
3372 }
3376 {
3377 pstring list;
3389 }
3391 /* admin user check */
3393 /* JRA - original code denied admin user if the share was
3394 marked read_only. Changed as I don't think this is needed,
3395 but old code left in case there is a problem here.
3396 */
3398 #if 0
3400 #else
3401 )
3402 #endif
3403 {
3406 }
3407 else
3427 #if HAVE_GETGRNAM
3429 {
3431 pstring gname;
3434 /* default service may be a group name */
3439 {
3442 }
3443 else
3445 }
3446 #endif
3449 {
3451 fstring fuser;
3455 {
3461 }
3462 else
3464 }
3466 {
3467 pstring s;
3472 }
3474 /* groups stuff added by ih */
3481 {
3482 /* Find all the groups this uid is in and store them. Used by become_user() */
3486 /* check number of connections */
3490 {
3493 }
3503 /* execute any "root preexec = " line */
3505 {
3506 pstring cmd;
3511 }
3514 {
3522 }
3524 }
3527 {
3537 }
3539 }
3543 #if SOFTLINK_OPTIMISATION
3544 /* resolve any soft links early */
3545 {
3546 pstring s;
3551 }
3552 #endif
3554 num_connections_open++;
3557 /* execute any "preexec = " line */
3559 {
3560 pstring cmd;
3564 }
3566 /* we've finished with the sensitive stuff */
3569 /* Add veto/hide lists */
3571 {
3575 }
3577 {
3578 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
3580 remote_machine,
3586 }
3589 }
3592 /****************************************************************************
3593 find first available file slot
3594 ****************************************************************************/
3596 {
3598 /* we start at 1 here for an obscure reason I can't now remember,
3599 but I think is important :-) */
3605 }
3607 /****************************************************************************
3608 find first available connection slot, starting from a random position.
3609 The randomisation stops problems with the server dieing and clients
3610 thinking the server is still available.
3611 ****************************************************************************/
3613 {
3618 again:
3621 {
3623 {
3626 }
3627 i++;
3630 }
3633 {
3636 }
3640 }
3643 /****************************************************************************
3644 reply for the core protocol
3645 ****************************************************************************/
3647 {
3653 }
3656 /****************************************************************************
3657 reply for the coreplus protocol
3658 ****************************************************************************/
3660 {
3664 readbraw and writebraw (possibly) */
3671 }
3674 /****************************************************************************
3675 reply for the lanman 1.0 protocol
3676 ****************************************************************************/
3678 {
3689 /* Create a token value and add it to the outgoing packet. */
3700 readbraw writebraw (possibly) */
3707 }
3710 /****************************************************************************
3711 reply for the lanman 2.0 protocol
3712 ****************************************************************************/
3714 {
3725 }
3730 }
3742 }
3743 }
3762 }
3765 /****************************************************************************
3766 reply for the nt protocol
3767 ****************************************************************************/
3769 {
3770 /* dual names + lock_and_read + nt SMBs + remote API calls */
3772 /*
3773 other valid capabilities which we may support at some time...
3774 CAP_LARGE_FILES|CAP_NT_SMBS|CAP_RPC_REMOTE_APIS;
3775 CAP_LARGE_READX|CAP_STATUS32|CAP_LEVEL_II_OPLOCKS;
3776 */
3788 }
3793 }
3802 }
3803 }
3807 }
3812 /* decide where (if) to put the encryption challenge, and
3813 follow it with the OEM'd domain name
3814 */
3838 }
3840 /* these are the protocol lists used for auto architecture detection:
3842 WinNT 3.51:
3843 protocol [PC NETWORK PROGRAM 1.0]
3844 protocol [XENIX CORE]
3845 protocol [MICROSOFT NETWORKS 1.03]
3846 protocol [LANMAN1.0]
3847 protocol [Windows for Workgroups 3.1a]
3848 protocol [LM1.2X002]
3849 protocol [LANMAN2.1]
3850 protocol [NT LM 0.12]
3852 Win95:
3853 protocol [PC NETWORK PROGRAM 1.0]
3854 protocol [XENIX CORE]
3855 protocol [MICROSOFT NETWORKS 1.03]
3856 protocol [LANMAN1.0]
3857 protocol [Windows for Workgroups 3.1a]
3858 protocol [LM1.2X002]
3859 protocol [LANMAN2.1]
3860 protocol [NT LM 0.12]
3862 OS/2:
3863 protocol [PC NETWORK PROGRAM 1.0]
3864 protocol [XENIX CORE]
3865 protocol [LANMAN1.0]
3866 protocol [LM1.2X002]
3867 protocol [LANMAN2.1]
3868 */
3870 /*
3871 * Modified to recognize the architecture of the remote machine better.
3872 *
3873 * This appears to be the matrix of which protocol is used by which
3874 * MS product.
3875 Protocol WfWg Win95 WinNT OS/2
3876 PC NETWORK PROGRAM 1.0 1 1 1 1
3877 XENIX CORE 2 2
3878 MICROSOFT NETWORKS 3.0 2 2
3879 DOS LM1.2X002 3 3
3880 MICROSOFT NETWORKS 1.03 3
3881 DOS LANMAN2.1 4 4
3882 LANMAN1.0 4 3
3883 Windows for Workgroups 3.1a 5 5 5
3884 LM1.2X002 6 4
3885 LANMAN2.1 7 5
3886 NT LM 0.12 6 8
3887 *
3888 * tim@fsg.com 09/29/95
3889 */
3892 #define ARCH_WIN95 0x2
3894 #define ARCH_WINNT 0x8
3895 #define ARCH_SAMBA 0x10
3897 #define ARCH_ALL 0x1F
3899 /* List of supported protocols, most desired first */
3916 };
3919 /****************************************************************************
3920 reply to a negprot
3921 ****************************************************************************/
3923 {
3934 {
3935 Index++;
3956 }
3959 }
3980 }
3982 /* possibly reload - change of architecture */
3985 /* a special case to stop password server loops */
3990 /* Check for protocols, most desirable first */
3992 {
3997 {
4000 Index++;
4002 }
4005 }
4014 }
4017 }
4023 }
4026 /****************************************************************************
4027 close all open files for a connection
4028 ****************************************************************************/
4030 {
4035 }
4036 }
4040 /****************************************************************************
4041 close a cnum
4042 ****************************************************************************/
4044 {
4050 {
4053 }
4070 /* execute any "postexec = " line */
4072 {
4073 pstring cmd;
4078 }
4081 /* execute any "root postexec = " line */
4083 {
4084 pstring cmd;
4088 }
4091 num_connections_open--;
4093 {
4100 }
4109 }
4112 /****************************************************************************
4113 simple routines to do connection counting
4114 ****************************************************************************/
4116 {
4118 pstring fname;
4140 {
4143 }
4147 /* find a free spot */
4149 {
4151 {
4155 }
4158 }
4161 {
4165 }
4169 /* remove our mark */
4172 {
4176 }
4182 }
4185 /****************************************************************************
4186 simple routines to do connection counting
4187 ****************************************************************************/
4189 {
4191 pstring fname;
4214 {
4219 }
4226 {
4229 }
4231 /* find a free spot */
4233 {
4238 {
4241 }
4244 {
4250 }
4252 {
4255 }
4256 }
4259 {
4263 }
4265 /* fill in the crec */
4278 /* make our mark */
4281 {
4284 }
4288 }
4290 #if DUMP_CORE
4291 /*******************************************************************
4292 prepare to dump a core file - carefully!
4293 ********************************************************************/
4295 {
4297 pstring dname;
4307 #ifndef NO_GETRLIMIT
4308 #ifdef RLIMIT_CORE
4309 {
4316 }
4317 #endif
4318 #endif
4323 }
4324 #endif
4326 /****************************************************************************
4327 exit the server
4328 ****************************************************************************/
4330 {
4342 #ifdef DFS_AUTH
4345 #endif
4354 #if DUMP_CORE
4356 #endif
4357 }
4363 }
4365 /****************************************************************************
4366 do some standard substitutions in a string
4367 ****************************************************************************/
4369 {
4377 else
4386 }
4387 }
4388 }
4390 }
4392 /*
4393 These flags determine some of the permissions required to do an operation
4395 Note that I don't set NEED_WRITE on some write operations because they
4396 are used by some brain-dead clients when printing, and I don't want to
4397 force write permissions on print services.
4398 */
4399 #define AS_USER (1<<0)
4400 #define NEED_WRITE (1<<1)
4401 #define TIME_INIT (1<<2)
4402 #define CAN_IPC (1<<3)
4403 #define AS_GUEST (1<<5)
4406 /*
4407 define a list of possible SMB messages and their corresponding
4408 functions. Any message that has a NULL function is unimplemented -
4409 please feel free to contribute implementations!
4410 */
4411 struct smb_message_struct
4412 {
4417 #if PROFILING
4419 #endif
4420 }
4421 smb_messages[] = {
4423 /* CORE PROTOCOL */
4440 /* note that SMBmknew and SMBcreate are deliberately overloaded */
4453 /* this is a Pathworks specific call, allowing the
4454 changing of the root path */
4467 /* CORE+ PROTOCOL FOLLOWS */
4475 /* LANMAN1.0 PROTOCOL FOLLOWS */
4499 /* LANMAN2.0 PROTOCOL FOLLOWS */
4505 /* messaging routines */
4511 /* NON-IMPLEMENTED PARTS OF THE CORE PROTOCOL */
4517 };
4519 /****************************************************************************
4520 return a string containing the function name of a SMB command
4521 ****************************************************************************/
4523 {
4537 }
4540 /****************************************************************************
4541 do a switch on the message type, and return the response size
4542 ****************************************************************************/
4544 {
4551 #if PROFILING
4557 #endif
4565 /* make sure this is an SMB packet */
4567 {
4570 }
4577 {
4580 }
4581 else
4582 {
4585 {
4590 /* does this protocol need to be run as root? */
4594 /* does this protocol need to be run as the connected user? */
4598 else
4600 }
4601 /* this code is to work around a bug is MS client 3 without
4602 introducing a security hole - it needs to be able to do
4603 print queue checks as guest if it isn't logged in properly */
4607 /* does it need write permission? */
4611 /* ipc services are limited */
4615 /* load service specific parameters */
4619 /* does this protocol need to be run as guest? */
4626 }
4627 else
4628 {
4630 }
4631 }
4633 #if PROFILING
4636 {
4639 }
4640 {
4646 }
4650 #endif
4653 }
4656 /****************************************************************************
4657 construct a chained reply and add it to the already made reply
4658 **************************************************************************/
4660 {
4673 /* maybe its not chained */
4677 }
4680 /* this is the first part of the chain */
4683 }
4685 /* we need to tell the client where the next part of the reply will be */
4689 /* remember how much the caller added to the chain, only counting stuff
4690 after the parameter words */
4693 /* work out pointers into the original packets. The
4694 headers on these need to be filled in */
4698 /* remember the original command type */
4701 /* save the data which will be overwritten by the new headers */
4705 /* give the new packet the same header as the last part of the SMB */
4708 /* create the in buffer */
4711 /* create the out buffer */
4720 means a reply */
4731 /* process the request */
4735 /* copy the new reply and request headers over the old ones, but
4736 preserve the smb_com field */
4740 /* restore the saved data, being careful not to overwrite any
4741 data from the reply header */
4743 {
4747 }
4750 }
4754 /****************************************************************************
4755 construct a reply to the incoming packet
4756 ****************************************************************************/
4758 {
4782 means a reply */
4797 }
4799 /****************************************************************************
4800 process commands from the client
4801 ****************************************************************************/
4803 {
4814 #if PRIME_NMBD
4816 {
4822 }
4823 #endif
4825 /* re-initialise the timezone */
4829 {
4839 #if USE_READ_PREDICTION
4842 #endif
4850 {
4857 {
4860 }
4863 {
4866 }
4869 {
4873 }
4877 /* become root again if waiting */
4880 /* check for smb.conf reload */
4882 {
4885 /* reload services, if files have changed. */
4887 }
4889 /* automatic timeout if all connections are closed */
4891 {
4894 }
4897 {
4902 }
4903 /* also send a keepalive to the password server if its still
4904 connected */
4908 }
4910 /* check for connection timeouts */
4913 {
4914 /* close dirptrs on connections that are idle */
4921 }
4924 {
4927 }
4928 }
4932 else
4934 }
4935 }
4938 /****************************************************************************
4939 initialise connect, service and file structs
4940 ****************************************************************************/
4942 {
4947 {
4956 }
4959 {
4963 }
4966 {
4975 }
4977 /* for RPC pipes */
4980 #ifdef NTDOMAIN
4981 /* for LSA handles */
4983 #endif
4986 }
4988 /****************************************************************************
4989 usage on the program
4990 ****************************************************************************/
4992 {
4995 printf("Usage: %s [-D] [-p port] [-d debuglevel] [-l log basename] [-s services file]\n",pname);
5005 }
5008 /****************************************************************************
5009 main program
5010 ****************************************************************************/
5012 {
5014 /* shall I run as a daemon */
5021 #ifdef NEED_AUTH_PARAMETERS
5023 #endif
5025 #ifdef SecureWare
5027 #endif
5039 /* make absolutely sure we run as root - to handle cases whre people
5040 are crazy enough to have it setuid */
5041 #ifdef USE_SETRES
5043 #else
5048 #endif
5053 /* we want total control over the permissions on created files,
5054 so set our umask to 0 */
5061 /* this is for people who can't start the program correctly */
5063 {
5064 argv++;
5065 argc--;
5066 }
5070 {
5081 {
5084 }
5093 {
5096 }
5104 else
5117 }
5124 #ifndef NO_GETRLIMIT
5125 #ifdef RLIMIT_NOFILE
5126 {
5133 }
5134 #endif
5135 #endif
5142 {
5145 }
5156 #ifndef NO_SIGNAL_TEST
5158 #endif
5163 {
5166 }
5169 {
5172 }
5176 }
5179 {
5184 #ifdef O_NONBLOCK
5185 O_NONBLOCK |
5186 #endif
5188 {
5191 }
5193 {
5196 }
5199 {
5202 }
5203 /* Leave pid file open & locked for the duration... */
5204 }
5212 /* possibly reload the services file. */
5218 {
5221 }
5223 /* Setup the oplock IPC socket. */
5232 }