search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix for possible crash bug from Sebastian Krahmer (SuSE).
[Samba/gebeck_regimport.git] / source3 / smbd / process.c
blob5206dc70f80b754606c57476f65f61f31dc27777
1 /*
2 Unix SMB/CIFS implementation.
3 process incoming packets - main loop
4 Copyright (C) Andrew Tridgell 1992-1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20
21 #include "includes.h"
22
23 struct timeval smb_last_time;
24
25 static char *InBuffer = NULL;
26 char *OutBuffer = NULL;
27 char *last_inbuf = NULL;
28
29 /*
30 * Size of data we can send to client. Set
31 * by the client for all protocols above CORE.
32 * Set by us for CORE protocol.
33 */
34 int max_send = BUFFER_SIZE;
35 /*
36 * Size of the data we can receive. Set by us.
37 * Can be modified by the max xmit parameter.
38 */
39 int max_recv = BUFFER_SIZE;
40
41 extern int last_message;
42 extern int global_oplock_break;
43 extern userdom_struct current_user_info;
44 extern int smb_read_error;
45 SIG_ATOMIC_T reload_after_sighup = 0;
46 SIG_ATOMIC_T got_sig_term = 0;
47 BOOL global_machine_password_needs_changing = False;
48 extern int max_send;
49
50 /****************************************************************************
51 Function to return the current request mid from Inbuffer.
52 ****************************************************************************/
53
54 uint16 get_current_mid(void)
55 {
56 return SVAL(InBuffer,smb_mid);
57 }
58
59 /****************************************************************************
60 structure to hold a linked list of queued messages.
61 for processing.
62 ****************************************************************************/
63
64 typedef struct {
65 ubi_slNode msg_next;
66 char *msg_buf;
67 int msg_len;
68 } pending_message_list;
69
70 static ubi_slList smb_oplock_queue = { NULL, (ubi_slNodePtr)&smb_oplock_queue, 0};
71
72 /****************************************************************************
73 Function to push a message onto the tail of a linked list of smb messages ready
74 for processing.
75 ****************************************************************************/
76
77 static BOOL push_message(ubi_slList *list_head, char *buf, int msg_len)
78 {
79 pending_message_list *msg = (pending_message_list *)
80 malloc(sizeof(pending_message_list));
81
82 if(msg == NULL) {
83 DEBUG(0,("push_message: malloc fail (1)\n"));
84 return False;
85 }
86
87 msg->msg_buf = (char *)malloc(msg_len);
88 if(msg->msg_buf == NULL) {
89 DEBUG(0,("push_message: malloc fail (2)\n"));
90 SAFE_FREE(msg);
91 return False;
92 }
93
94 memcpy(msg->msg_buf, buf, msg_len);
95 msg->msg_len = msg_len;
96
97 ubi_slAddTail( list_head, msg);
98
99 /* Push the MID of this packet on the signing queue. */
100 srv_defer_sign_response(SVAL(buf,smb_mid));
101
102 return True;
103 }
104
105 /****************************************************************************
106 Function to push a smb message onto a linked list of local smb messages ready
107 for processing.
108 ****************************************************************************/
109
110 BOOL push_oplock_pending_smb_message(char *buf, int msg_len)
111 {
112 return push_message(&smb_oplock_queue, buf, msg_len);
113 }
114
115 /****************************************************************************
116 Do all async processing in here. This includes UDB oplock messages, kernel
117 oplock messages, change notify events etc.
118 ****************************************************************************/
119
120 static void async_processing(char *buffer, int buffer_len)
121 {
122 DEBUG(10,("async_processing: Doing async processing.\n"));
123
124 /* check for oplock messages (both UDP and kernel) */
125 if (receive_local_message(buffer, buffer_len, 1)) {
126 process_local_message(buffer, buffer_len);
127 }
128
129 if (got_sig_term) {
130 exit_server("Caught TERM signal");
131 }
132
133 /* check for async change notify events */
134 process_pending_change_notify_queue(0);
135
136 /* check for sighup processing */
137 if (reload_after_sighup) {
138 change_to_root_user();
139 DEBUG(1,("Reloading services after SIGHUP\n"));
140 reload_services(False);
141 reload_after_sighup = 0;
142 }
143 }
144
145 /****************************************************************************
146 Do a select on an two fd's - with timeout.
147
148 If a local udp message has been pushed onto the
149 queue (this can only happen during oplock break
150 processing) call async_processing()
151
152 If a pending smb message has been pushed onto the
153 queue (this can only happen during oplock break
154 processing) return this next.
155
156 If the first smbfd is ready then read an smb from it.
157 if the second (loopback UDP) fd is ready then read a message
158 from it and setup the buffer header to identify the length
159 and from address.
160 Returns False on timeout or error.
161 Else returns True.
162
163 The timeout is in milliseconds
164 ****************************************************************************/
165
166 static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout)
167 {
168 fd_set fds;
169 int selrtn;
170 struct timeval to;
171 int maxfd;
172
173 smb_read_error = 0;
174
175 again:
176
177 /*
178 * Note that this call must be before processing any SMB
179 * messages as we need to synchronously process any messages
180 * we may have sent to ourselves from the previous SMB.
181 */
182 message_dispatch();
183
184 /*
185 * Check to see if we already have a message on the smb queue.
186 * If so - copy and return it.
187 */
188 if(ubi_slCount(&smb_oplock_queue) != 0) {
189 pending_message_list *msg = (pending_message_list *)ubi_slRemHead(&smb_oplock_queue);
190 memcpy(buffer, msg->msg_buf, MIN(buffer_len, msg->msg_len));
191
192 /* Free the message we just copied. */
193 SAFE_FREE(msg->msg_buf);
194 SAFE_FREE(msg);
195
196 DEBUG(5,("receive_message_or_smb: returning queued smb message.\n"));
197 return True;
198 }
199
200
201 /*
202 * Setup the select read fd set.
203 */
204
205 FD_ZERO(&fds);
206
207 /*
208 * Ensure we process oplock break messages by preference.
209 * We have to do this before the select, after the select
210 * and if the select returns EINTR. This is due to the fact
211 * that the selects called from async_processing can eat an EINTR
212 * caused by a signal (we can't take the break message there).
213 * This is hideously complex - *MUST* be simplified for 3.0 ! JRA.
214 */
215
216 if (oplock_message_waiting(&fds)) {
217 DEBUG(10,("receive_message_or_smb: oplock_message is waiting.\n"));
218 async_processing(buffer, buffer_len);
219 /*
220 * After async processing we must go and do the select again, as
221 * the state of the flag in fds for the server file descriptor is
222 * indeterminate - we may have done I/O on it in the oplock processing. JRA.
223 */
224 goto again;
225 }
226
227 FD_SET(smbd_server_fd(),&fds);
228 maxfd = setup_oplock_select_set(&fds);
229
230 to.tv_sec = timeout / 1000;
231 to.tv_usec = (timeout % 1000) * 1000;
232
233 selrtn = sys_select(MAX(maxfd,smbd_server_fd())+1,&fds,NULL,NULL,timeout>0?&to:NULL);
234
235 /* if we get EINTR then maybe we have received an oplock
236 signal - treat this as select returning 1. This is ugly, but
237 is the best we can do until the oplock code knows more about
238 signals */
239 if (selrtn == -1 && errno == EINTR) {
240 async_processing(buffer, buffer_len);
241 /*
242 * After async processing we must go and do the select again, as
243 * the state of the flag in fds for the server file descriptor is
244 * indeterminate - we may have done I/O on it in the oplock processing. JRA.
245 */
246 goto again;
247 }
248
249 /* Check if error */
250 if (selrtn == -1) {
251 /* something is wrong. Maybe the socket is dead? */
252 smb_read_error = READ_ERROR;
253 return False;
254 }
255
256 /* Did we timeout ? */
257 if (selrtn == 0) {
258 smb_read_error = READ_TIMEOUT;
259 return False;
260 }
261
262 /*
263 * Ensure we process oplock break messages by preference.
264 * This is IMPORTANT ! Otherwise we can starve other processes
265 * sending us an oplock break message. JRA.
266 */
267
268 if (oplock_message_waiting(&fds)) {
269 async_processing(buffer, buffer_len);
270 /*
271 * After async processing we must go and do the select again, as
272 * the state of the flag in fds for the server file descriptor is
273 * indeterminate - we may have done I/O on it in the oplock processing. JRA.
274 */
275 goto again;
276 }
277
278 return receive_smb(smbd_server_fd(), buffer, 0);
279 }
280
281 /****************************************************************************
282 Get the next SMB packet, doing the local message processing automatically.
283 ****************************************************************************/
284
285 BOOL receive_next_smb(char *inbuf, int bufsize, int timeout)
286 {
287 BOOL got_keepalive;
288 BOOL ret;
289
290 do {
291 ret = receive_message_or_smb(inbuf,bufsize,timeout);
292
293 got_keepalive = (ret && (CVAL(inbuf,0) == SMBkeepalive));
294 } while (ret && got_keepalive);
295
296 return ret;
297 }
298
299 /****************************************************************************
300 We're terminating and have closed all our files/connections etc.
301 If there are any pending local messages we need to respond to them
302 before termination so that other smbds don't think we just died whilst
303 holding oplocks.
304 ****************************************************************************/
305
306 void respond_to_all_remaining_local_messages(void)
307 {
308 char buffer[1024];
309
310 /*
311 * Assert we have no exclusive open oplocks.
312 */
313
314 if(get_number_of_exclusive_open_oplocks()) {
315 DEBUG(0,("respond_to_all_remaining_local_messages: PANIC : we have %d exclusive oplocks.\n",
316 get_number_of_exclusive_open_oplocks() ));
317 return;
318 }
319
320 /*
321 * Keep doing receive_local_message with a 1 ms timeout until
322 * we have no more messages.
323 */
324
325 while(receive_local_message(buffer, sizeof(buffer), 1)) {
326 /* Deal with oplock break requests from other smbd's. */
327 process_local_message(buffer, sizeof(buffer));
328 }
329
330 return;
331 }
332
333
334 /*
335 These flags determine some of the permissions required to do an operation
336
337 Note that I don't set NEED_WRITE on some write operations because they
338 are used by some brain-dead clients when printing, and I don't want to
339 force write permissions on print services.
340 */
341 #define AS_USER (1<<0)
342 #define NEED_WRITE (1<<1)
343 #define TIME_INIT (1<<2)
344 #define CAN_IPC (1<<3)
345 #define AS_GUEST (1<<5)
346 #define QUEUE_IN_OPLOCK (1<<6)
347
348 /*
349 define a list of possible SMB messages and their corresponding
350 functions. Any message that has a NULL function is unimplemented -
351 please feel free to contribute implementations!
352 */
353 static const struct smb_message_struct {
354 const char *name;
355 int (*fn)(connection_struct *conn, char *, char *, int, int);
356 int flags;
357 } smb_messages[256] = {
358
359 /* 0x00 */ { "SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
360 /* 0x01 */ { "SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
361 /* 0x02 */ { "SMBopen",reply_open,AS_USER | QUEUE_IN_OPLOCK },
362 /* 0x03 */ { "SMBcreate",reply_mknew,AS_USER},
363 /* 0x04 */ { "SMBclose",reply_close,AS_USER | CAN_IPC },
364 /* 0x05 */ { "SMBflush",reply_flush,AS_USER},
365 /* 0x06 */ { "SMBunlink",reply_unlink,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
366 /* 0x07 */ { "SMBmv",reply_mv,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
367 /* 0x08 */ { "SMBgetatr",reply_getatr,AS_USER},
368 /* 0x09 */ { "SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
369 /* 0x0a */ { "SMBread",reply_read,AS_USER},
370 /* 0x0b */ { "SMBwrite",reply_write,AS_USER | CAN_IPC },
371 /* 0x0c */ { "SMBlock",reply_lock,AS_USER},
372 /* 0x0d */ { "SMBunlock",reply_unlock,AS_USER},
373 /* 0x0e */ { "SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
374 /* 0x0f */ { "SMBmknew",reply_mknew,AS_USER},
375 /* 0x10 */ { "SMBchkpth",reply_chkpth,AS_USER},
376 /* 0x11 */ { "SMBexit",reply_exit,0},
377 /* 0x12 */ { "SMBlseek",reply_lseek,AS_USER},
378 /* 0x13 */ { "SMBlockread",reply_lockread,AS_USER},
379 /* 0x14 */ { "SMBwriteunlock",reply_writeunlock,AS_USER},
380 /* 0x15 */ { NULL, NULL, 0 },
381 /* 0x16 */ { NULL, NULL, 0 },
382 /* 0x17 */ { NULL, NULL, 0 },
383 /* 0x18 */ { NULL, NULL, 0 },
384 /* 0x19 */ { NULL, NULL, 0 },
385 /* 0x1a */ { "SMBreadbraw",reply_readbraw,AS_USER},
386 /* 0x1b */ { "SMBreadBmpx",reply_readbmpx,AS_USER},
387 /* 0x1c */ { "SMBreadBs",NULL,0 },
388 /* 0x1d */ { "SMBwritebraw",reply_writebraw,AS_USER},
389 /* 0x1e */ { "SMBwriteBmpx",reply_writebmpx,AS_USER},
390 /* 0x1f */ { "SMBwriteBs",reply_writebs,AS_USER},
391 /* 0x20 */ { "SMBwritec",NULL,0},
392 /* 0x21 */ { NULL, NULL, 0 },
393 /* 0x22 */ { "SMBsetattrE",reply_setattrE,AS_USER | NEED_WRITE },
394 /* 0x23 */ { "SMBgetattrE",reply_getattrE,AS_USER },
395 /* 0x24 */ { "SMBlockingX",reply_lockingX,AS_USER },
396 /* 0x25 */ { "SMBtrans",reply_trans,AS_USER | CAN_IPC },
397 /* 0x26 */ { "SMBtranss",NULL,AS_USER | CAN_IPC},
398 /* 0x27 */ { "SMBioctl",reply_ioctl,0},
399 /* 0x28 */ { "SMBioctls",NULL,AS_USER},
400 /* 0x29 */ { "SMBcopy",reply_copy,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
401 /* 0x2a */ { "SMBmove",NULL,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
402 /* 0x2b */ { "SMBecho",reply_echo,0},
403 /* 0x2c */ { "SMBwriteclose",reply_writeclose,AS_USER},
404 /* 0x2d */ { "SMBopenX",reply_open_and_X,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
405 /* 0x2e */ { "SMBreadX",reply_read_and_X,AS_USER | CAN_IPC },
406 /* 0x2f */ { "SMBwriteX",reply_write_and_X,AS_USER | CAN_IPC },
407 /* 0x30 */ { NULL, NULL, 0 },
408 /* 0x31 */ { NULL, NULL, 0 },
409 /* 0x32 */ { "SMBtrans2", reply_trans2, AS_USER | CAN_IPC },
410 /* 0x33 */ { "SMBtranss2", reply_transs2, AS_USER},
411 /* 0x34 */ { "SMBfindclose", reply_findclose,AS_USER},
412 /* 0x35 */ { "SMBfindnclose", reply_findnclose, AS_USER},
413 /* 0x36 */ { NULL, NULL, 0 },
414 /* 0x37 */ { NULL, NULL, 0 },
415 /* 0x38 */ { NULL, NULL, 0 },
416 /* 0x39 */ { NULL, NULL, 0 },
417 /* 0x3a */ { NULL, NULL, 0 },
418 /* 0x3b */ { NULL, NULL, 0 },
419 /* 0x3c */ { NULL, NULL, 0 },
420 /* 0x3d */ { NULL, NULL, 0 },
421 /* 0x3e */ { NULL, NULL, 0 },
422 /* 0x3f */ { NULL, NULL, 0 },
423 /* 0x40 */ { NULL, NULL, 0 },
424 /* 0x41 */ { NULL, NULL, 0 },
425 /* 0x42 */ { NULL, NULL, 0 },
426 /* 0x43 */ { NULL, NULL, 0 },
427 /* 0x44 */ { NULL, NULL, 0 },
428 /* 0x45 */ { NULL, NULL, 0 },
429 /* 0x46 */ { NULL, NULL, 0 },
430 /* 0x47 */ { NULL, NULL, 0 },
431 /* 0x48 */ { NULL, NULL, 0 },
432 /* 0x49 */ { NULL, NULL, 0 },
433 /* 0x4a */ { NULL, NULL, 0 },
434 /* 0x4b */ { NULL, NULL, 0 },
435 /* 0x4c */ { NULL, NULL, 0 },
436 /* 0x4d */ { NULL, NULL, 0 },
437 /* 0x4e */ { NULL, NULL, 0 },
438 /* 0x4f */ { NULL, NULL, 0 },
439 /* 0x50 */ { NULL, NULL, 0 },
440 /* 0x51 */ { NULL, NULL, 0 },
441 /* 0x52 */ { NULL, NULL, 0 },
442 /* 0x53 */ { NULL, NULL, 0 },
443 /* 0x54 */ { NULL, NULL, 0 },
444 /* 0x55 */ { NULL, NULL, 0 },
445 /* 0x56 */ { NULL, NULL, 0 },
446 /* 0x57 */ { NULL, NULL, 0 },
447 /* 0x58 */ { NULL, NULL, 0 },
448 /* 0x59 */ { NULL, NULL, 0 },
449 /* 0x5a */ { NULL, NULL, 0 },
450 /* 0x5b */ { NULL, NULL, 0 },
451 /* 0x5c */ { NULL, NULL, 0 },
452 /* 0x5d */ { NULL, NULL, 0 },
453 /* 0x5e */ { NULL, NULL, 0 },
454 /* 0x5f */ { NULL, NULL, 0 },
455 /* 0x60 */ { NULL, NULL, 0 },
456 /* 0x61 */ { NULL, NULL, 0 },
457 /* 0x62 */ { NULL, NULL, 0 },
458 /* 0x63 */ { NULL, NULL, 0 },
459 /* 0x64 */ { NULL, NULL, 0 },
460 /* 0x65 */ { NULL, NULL, 0 },
461 /* 0x66 */ { NULL, NULL, 0 },
462 /* 0x67 */ { NULL, NULL, 0 },
463 /* 0x68 */ { NULL, NULL, 0 },
464 /* 0x69 */ { NULL, NULL, 0 },
465 /* 0x6a */ { NULL, NULL, 0 },
466 /* 0x6b */ { NULL, NULL, 0 },
467 /* 0x6c */ { NULL, NULL, 0 },
468 /* 0x6d */ { NULL, NULL, 0 },
469 /* 0x6e */ { NULL, NULL, 0 },
470 /* 0x6f */ { NULL, NULL, 0 },
471 /* 0x70 */ { "SMBtcon",reply_tcon,0},
472 /* 0x71 */ { "SMBtdis",reply_tdis,0},
473 /* 0x72 */ { "SMBnegprot",reply_negprot,0},
474 /* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0},
475 /* 0x74 */ { "SMBulogoffX", reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
476 /* 0x75 */ { "SMBtconX",reply_tcon_and_X,0},
477 /* 0x76 */ { NULL, NULL, 0 },
478 /* 0x77 */ { NULL, NULL, 0 },
479 /* 0x78 */ { NULL, NULL, 0 },
480 /* 0x79 */ { NULL, NULL, 0 },
481 /* 0x7a */ { NULL, NULL, 0 },
482 /* 0x7b */ { NULL, NULL, 0 },
483 /* 0x7c */ { NULL, NULL, 0 },
484 /* 0x7d */ { NULL, NULL, 0 },
485 /* 0x7e */ { NULL, NULL, 0 },
486 /* 0x7f */ { NULL, NULL, 0 },
487 /* 0x80 */ { "SMBdskattr",reply_dskattr,AS_USER},
488 /* 0x81 */ { "SMBsearch",reply_search,AS_USER},
489 /* 0x82 */ { "SMBffirst",reply_search,AS_USER},
490 /* 0x83 */ { "SMBfunique",reply_search,AS_USER},
491 /* 0x84 */ { "SMBfclose",reply_fclose,AS_USER},
492 /* 0x85 */ { NULL, NULL, 0 },
493 /* 0x86 */ { NULL, NULL, 0 },
494 /* 0x87 */ { NULL, NULL, 0 },
495 /* 0x88 */ { NULL, NULL, 0 },
496 /* 0x89 */ { NULL, NULL, 0 },
497 /* 0x8a */ { NULL, NULL, 0 },
498 /* 0x8b */ { NULL, NULL, 0 },
499 /* 0x8c */ { NULL, NULL, 0 },
500 /* 0x8d */ { NULL, NULL, 0 },
501 /* 0x8e */ { NULL, NULL, 0 },
502 /* 0x8f */ { NULL, NULL, 0 },
503 /* 0x90 */ { NULL, NULL, 0 },
504 /* 0x91 */ { NULL, NULL, 0 },
505 /* 0x92 */ { NULL, NULL, 0 },
506 /* 0x93 */ { NULL, NULL, 0 },
507 /* 0x94 */ { NULL, NULL, 0 },
508 /* 0x95 */ { NULL, NULL, 0 },
509 /* 0x96 */ { NULL, NULL, 0 },
510 /* 0x97 */ { NULL, NULL, 0 },
511 /* 0x98 */ { NULL, NULL, 0 },
512 /* 0x99 */ { NULL, NULL, 0 },
513 /* 0x9a */ { NULL, NULL, 0 },
514 /* 0x9b */ { NULL, NULL, 0 },
515 /* 0x9c */ { NULL, NULL, 0 },
516 /* 0x9d */ { NULL, NULL, 0 },
517 /* 0x9e */ { NULL, NULL, 0 },
518 /* 0x9f */ { NULL, NULL, 0 },
519 /* 0xa0 */ { "SMBnttrans", reply_nttrans, AS_USER | CAN_IPC | QUEUE_IN_OPLOCK},
520 /* 0xa1 */ { "SMBnttranss", reply_nttranss, AS_USER | CAN_IPC },
521 /* 0xa2 */ { "SMBntcreateX", reply_ntcreate_and_X, AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
522 /* 0xa3 */ { NULL, NULL, 0 },
523 /* 0xa4 */ { "SMBntcancel", reply_ntcancel, 0 },
524 /* 0xa5 */ { NULL, NULL, 0 },
525 /* 0xa6 */ { NULL, NULL, 0 },
526 /* 0xa7 */ { NULL, NULL, 0 },
527 /* 0xa8 */ { NULL, NULL, 0 },
528 /* 0xa9 */ { NULL, NULL, 0 },
529 /* 0xaa */ { NULL, NULL, 0 },
530 /* 0xab */ { NULL, NULL, 0 },
531 /* 0xac */ { NULL, NULL, 0 },
532 /* 0xad */ { NULL, NULL, 0 },
533 /* 0xae */ { NULL, NULL, 0 },
534 /* 0xaf */ { NULL, NULL, 0 },
535 /* 0xb0 */ { NULL, NULL, 0 },
536 /* 0xb1 */ { NULL, NULL, 0 },
537 /* 0xb2 */ { NULL, NULL, 0 },
538 /* 0xb3 */ { NULL, NULL, 0 },
539 /* 0xb4 */ { NULL, NULL, 0 },
540 /* 0xb5 */ { NULL, NULL, 0 },
541 /* 0xb6 */ { NULL, NULL, 0 },
542 /* 0xb7 */ { NULL, NULL, 0 },
543 /* 0xb8 */ { NULL, NULL, 0 },
544 /* 0xb9 */ { NULL, NULL, 0 },
545 /* 0xba */ { NULL, NULL, 0 },
546 /* 0xbb */ { NULL, NULL, 0 },
547 /* 0xbc */ { NULL, NULL, 0 },
548 /* 0xbd */ { NULL, NULL, 0 },
549 /* 0xbe */ { NULL, NULL, 0 },
550 /* 0xbf */ { NULL, NULL, 0 },
551 /* 0xc0 */ { "SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
552 /* 0xc1 */ { "SMBsplwr",reply_printwrite,AS_USER},
553 /* 0xc2 */ { "SMBsplclose",reply_printclose,AS_USER},
554 /* 0xc3 */ { "SMBsplretq",reply_printqueue,AS_USER},
555 /* 0xc4 */ { NULL, NULL, 0 },
556 /* 0xc5 */ { NULL, NULL, 0 },
557 /* 0xc6 */ { NULL, NULL, 0 },
558 /* 0xc7 */ { NULL, NULL, 0 },
559 /* 0xc8 */ { NULL, NULL, 0 },
560 /* 0xc9 */ { NULL, NULL, 0 },
561 /* 0xca */ { NULL, NULL, 0 },
562 /* 0xcb */ { NULL, NULL, 0 },
563 /* 0xcc */ { NULL, NULL, 0 },
564 /* 0xcd */ { NULL, NULL, 0 },
565 /* 0xce */ { NULL, NULL, 0 },
566 /* 0xcf */ { NULL, NULL, 0 },
567 /* 0xd0 */ { "SMBsends",reply_sends,AS_GUEST},
568 /* 0xd1 */ { "SMBsendb",NULL,AS_GUEST},
569 /* 0xd2 */ { "SMBfwdname",NULL,AS_GUEST},
570 /* 0xd3 */ { "SMBcancelf",NULL,AS_GUEST},
571 /* 0xd4 */ { "SMBgetmac",NULL,AS_GUEST},
572 /* 0xd5 */ { "SMBsendstrt",reply_sendstrt,AS_GUEST},
573 /* 0xd6 */ { "SMBsendend",reply_sendend,AS_GUEST},
574 /* 0xd7 */ { "SMBsendtxt",reply_sendtxt,AS_GUEST},
575 /* 0xd8 */ { NULL, NULL, 0 },
576 /* 0xd9 */ { NULL, NULL, 0 },
577 /* 0xda */ { NULL, NULL, 0 },
578 /* 0xdb */ { NULL, NULL, 0 },
579 /* 0xdc */ { NULL, NULL, 0 },
580 /* 0xdd */ { NULL, NULL, 0 },
581 /* 0xde */ { NULL, NULL, 0 },
582 /* 0xdf */ { NULL, NULL, 0 },
583 /* 0xe0 */ { NULL, NULL, 0 },
584 /* 0xe1 */ { NULL, NULL, 0 },
585 /* 0xe2 */ { NULL, NULL, 0 },
586 /* 0xe3 */ { NULL, NULL, 0 },
587 /* 0xe4 */ { NULL, NULL, 0 },
588 /* 0xe5 */ { NULL, NULL, 0 },
589 /* 0xe6 */ { NULL, NULL, 0 },
590 /* 0xe7 */ { NULL, NULL, 0 },
591 /* 0xe8 */ { NULL, NULL, 0 },
592 /* 0xe9 */ { NULL, NULL, 0 },
593 /* 0xea */ { NULL, NULL, 0 },
594 /* 0xeb */ { NULL, NULL, 0 },
595 /* 0xec */ { NULL, NULL, 0 },
596 /* 0xed */ { NULL, NULL, 0 },
597 /* 0xee */ { NULL, NULL, 0 },
598 /* 0xef */ { NULL, NULL, 0 },
599 /* 0xf0 */ { NULL, NULL, 0 },
600 /* 0xf1 */ { NULL, NULL, 0 },
601 /* 0xf2 */ { NULL, NULL, 0 },
602 /* 0xf3 */ { NULL, NULL, 0 },
603 /* 0xf4 */ { NULL, NULL, 0 },
604 /* 0xf5 */ { NULL, NULL, 0 },
605 /* 0xf6 */ { NULL, NULL, 0 },
606 /* 0xf7 */ { NULL, NULL, 0 },
607 /* 0xf8 */ { NULL, NULL, 0 },
608 /* 0xf9 */ { NULL, NULL, 0 },
609 /* 0xfa */ { NULL, NULL, 0 },
610 /* 0xfb */ { NULL, NULL, 0 },
611 /* 0xfc */ { NULL, NULL, 0 },
612 /* 0xfd */ { NULL, NULL, 0 },
613 /* 0xfe */ { NULL, NULL, 0 },
614 /* 0xff */ { NULL, NULL, 0 }
615
616 };
617
618 /*******************************************************************
619 Dump a packet to a file.
620 ********************************************************************/
621
622 static void smb_dump(const char *name, int type, char *data, ssize_t len)
623 {
624 int fd, i;
625 pstring fname;
626 if (DEBUGLEVEL < 50) return;
627
628 if (len < 4) len = smb_len(data)+4;
629 for (i=1;i<100;i++) {
630 slprintf(fname,sizeof(fname)-1, "/tmp/%s.%d.%s", name, i,
631 type ? "req" : "resp");
632 fd = open(fname, O_WRONLY|O_CREAT|O_EXCL, 0644);
633 if (fd != -1 || errno != EEXIST) break;
634 }
635 if (fd != -1) {
636 ssize_t ret = write(fd, data, len);
637 if (ret != len)
638 DEBUG(0,("smb_dump: problem: write returned %d\n", (int)ret ));
639 close(fd);
640 DEBUG(0,("created %s len %lu\n", fname, (unsigned long)len));
641 }
642 }
643
644
645 /****************************************************************************
646 Do a switch on the message type, and return the response size
647 ****************************************************************************/
648
649 static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize)
650 {
651 static pid_t pid= (pid_t)-1;
652 int outsize = 0;
653 extern uint16 global_smbpid;
654
655 type &= 0xff;
656
657 if (pid == (pid_t)-1)
658 pid = sys_getpid();
659
660 errno = 0;
661 last_message = type;
662
663 /* Make sure this is an SMB packet. smb_size contains NetBIOS header so subtract 4 from it. */
664 if ((strncmp(smb_base(inbuf),"\377SMB",4) != 0) || (size < (smb_size - 4))) {
665 DEBUG(2,("Non-SMB packet of length %d. Terminating server\n",smb_len(inbuf)));
666 exit_server("Non-SMB packet");
667 return(-1);
668 }
669
670 /* yuck! this is an interim measure before we get rid of our
671 current inbuf/outbuf system */
672 global_smbpid = SVAL(inbuf,smb_pid);
673
674 if (smb_messages[type].fn == NULL) {
675 DEBUG(0,("Unknown message type %d!\n",type));
676 smb_dump("Unknown", 1, inbuf, size);
677 outsize = reply_unknown(inbuf,outbuf);
678 } else {
679 int flags = smb_messages[type].flags;
680 static uint16 last_session_tag = UID_FIELD_INVALID;
681 /* In share mode security we must ignore the vuid. */
682 uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
683 connection_struct *conn = conn_find(SVAL(inbuf,smb_tid));
684
685 DEBUG(3,("switch message %s (pid %d)\n",smb_fn_name(type),(int)pid));
686
687 smb_dump(smb_fn_name(type), 1, inbuf, size);
688 if(global_oplock_break) {
689 if(flags & QUEUE_IN_OPLOCK) {
690 /*
691 * Queue this message as we are the process of an oplock break.
692 */
693
694 DEBUG( 2, ( "switch_message: queueing message due to being in " ) );
695 DEBUGADD( 2, ( "oplock break state.\n" ) );
696
697 push_oplock_pending_smb_message( inbuf, size );
698 return -1;
699 }
700 }
701
702 /* Ensure this value is replaced in the incoming packet. */
703 SSVAL(inbuf,smb_uid,session_tag);
704
705 /*
706 * Ensure the correct username is in current_user_info.
707 * This is a really ugly bugfix for problems with
708 * multiple session_setup_and_X's being done and
709 * allowing %U and %G substitutions to work correctly.
710 * There is a reason this code is done here, don't
711 * move it unless you know what you're doing... :-).
712 * JRA.
713 */
714
715 if (session_tag != last_session_tag) {
716 user_struct *vuser = NULL;
717
718 last_session_tag = session_tag;
719 if(session_tag != UID_FIELD_INVALID)
720 vuser = get_valid_user_struct(session_tag);
721 if(vuser != NULL)
722 set_current_user_info(&vuser->user);
723 }
724
725 /* does this protocol need to be run as root? */
726 if (!(flags & AS_USER))
727 change_to_root_user();
728
729 /* does this protocol need a valid tree connection? */
730 if ((flags & AS_USER) && !conn)
731 return ERROR_DOS(ERRSRV, ERRinvnid);
732
733
734 /* does this protocol need to be run as the connected user? */
735 if ((flags & AS_USER) && !change_to_user(conn,session_tag)) {
736 if (flags & AS_GUEST)
737 flags &= ~AS_USER;
738 else
739 return(ERROR_DOS(ERRSRV,ERRaccess));
740 }
741
742 /* this code is to work around a bug is MS client 3 without
743 introducing a security hole - it needs to be able to do
744 print queue checks as guest if it isn't logged in properly */
745 if (flags & AS_USER)
746 flags &= ~AS_GUEST;
747
748 /* does it need write permission? */
749 if ((flags & NEED_WRITE) && !CAN_WRITE(conn))
750 return(ERROR_DOS(ERRSRV,ERRaccess));
751
752 /* ipc services are limited */
753 if (IS_IPC(conn) && (flags & AS_USER) && !(flags & CAN_IPC))
754 return(ERROR_DOS(ERRSRV,ERRaccess));
755
756 /* load service specific parameters */
757 if (conn && !set_current_service(conn,(flags & AS_USER)?True:False))
758 return(ERROR_DOS(ERRSRV,ERRaccess));
759
760 /* does this protocol need to be run as guest? */
761 if ((flags & AS_GUEST) && (!change_to_guest() ||
762 !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))))
763 return(ERROR_DOS(ERRSRV,ERRaccess));
764
765 last_inbuf = inbuf;
766
767 outsize = smb_messages[type].fn(conn, inbuf,outbuf,size,bufsize);
768 }
769
770 smb_dump(smb_fn_name(type), 0, outbuf, outsize);
771
772 return(outsize);
773 }
774
775
776 /****************************************************************************
777 Construct a reply to the incoming packet.
778 ****************************************************************************/
779
780 static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
781 {
782 int type = CVAL(inbuf,smb_com);
783 int outsize = 0;
784 int msg_type = CVAL(inbuf,0);
785
786 GetTimeOfDay(&smb_last_time);
787
788 chain_size = 0;
789 file_chain_reset();
790 reset_chain_p();
791
792 if (msg_type != 0)
793 return(reply_special(inbuf,outbuf));
794
795 construct_reply_common(inbuf, outbuf);
796
797 outsize = switch_message(type,inbuf,outbuf,size,bufsize);
798
799 outsize += chain_size;
800
801 if(outsize > 4)
802 smb_setlen(outbuf,outsize - 4);
803 return(outsize);
804 }
805
806 /****************************************************************************
807 Keep track of the number of running smbd's. This functionality is used to
808 'hard' limit Samba overhead on resource constrained systems.
809 ****************************************************************************/
810
811 static BOOL process_count_update_successful = False;
812
813 static int32 increment_smbd_process_count(void)
814 {
815 int32 total_smbds;
816
817 if (lp_max_smbd_processes()) {
818 total_smbds = 0;
819 if (tdb_change_int32_atomic(conn_tdb_ctx(), "INFO/total_smbds", &total_smbds, 1) == -1)
820 return 1;
821 process_count_update_successful = True;
822 return total_smbds + 1;
823 }
824 return 1;
825 }
826
827 void decrement_smbd_process_count(void)
828 {
829 int32 total_smbds;
830
831 if (lp_max_smbd_processes() && process_count_update_successful) {
832 total_smbds = 1;
833 tdb_change_int32_atomic(conn_tdb_ctx(), "INFO/total_smbds", &total_smbds, -1);
834 }
835 }
836
837 static BOOL smbd_process_limit(void)
838 {
839 int32 total_smbds;
840
841 if (lp_max_smbd_processes()) {
842
843 /* Always add one to the smbd process count, as exit_server() always
844 * subtracts one.
845 */
846
847 if (!conn_tdb_ctx()) {
848 DEBUG(0,("smbd_process_limit: max smbd processes parameter set with status parameter not \
849 set. Ignoring max smbd restriction.\n"));
850 return False;
851 }
852
853 total_smbds = increment_smbd_process_count();
854 return total_smbds > lp_max_smbd_processes();
855 }
856 else
857 return False;
858 }
859
860 /****************************************************************************
861 Process an smb from the client - split out from the smbd_process() code so
862 it can be used by the oplock break code.
863 ****************************************************************************/
864
865 void process_smb(char *inbuf, char *outbuf)
866 {
867 static int trans_num;
868 int msg_type = CVAL(inbuf,0);
869 int32 len = smb_len(inbuf);
870 int nread = len + 4;
871
872 DO_PROFILE_INC(smb_count);
873
874 if (trans_num == 0) {
875 /* on the first packet, check the global hosts allow/ hosts
876 deny parameters before doing any parsing of the packet
877 passed to us by the client. This prevents attacks on our
878 parsing code from hosts not in the hosts allow list */
879 if (smbd_process_limit() ||
880 !check_access(smbd_server_fd(), lp_hostsallow(-1), lp_hostsdeny(-1))) {
881 /* send a negative session response "not listening on calling name" */
882 static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
883 DEBUG( 1, ( "Connection denied from %s\n", client_addr() ) );
884 (void)send_smb(smbd_server_fd(),(char *)buf);
885 exit_server("connection denied");
886 }
887 }
888
889 DEBUG( 6, ( "got message type 0x%x of len 0x%x\n", msg_type, len ) );
890 DEBUG( 3, ( "Transaction %d of length %d\n", trans_num, nread ) );
891
892 if (msg_type == 0)
893 show_msg(inbuf);
894 else if(msg_type == SMBkeepalive)
895 return; /* Keepalive packet. */
896
897 nread = construct_reply(inbuf,outbuf,nread,max_send);
898
899 if(nread > 0) {
900 if (CVAL(outbuf,0) == 0)
901 show_msg(outbuf);
902
903 if (nread != smb_len(outbuf) + 4) {
904 DEBUG(0,("ERROR: Invalid message response size! %d %d\n",
905 nread, smb_len(outbuf)));
906 } else if (!send_smb(smbd_server_fd(),outbuf)) {
907 exit_server("process_smb: send_smb failed.");
908 }
909 }
910 trans_num++;
911 }
912
913 /****************************************************************************
914 Return a string containing the function name of a SMB command.
915 ****************************************************************************/
916
917 const char *smb_fn_name(int type)
918 {
919 const char *unknown_name = "SMBunknown";
920
921 if (smb_messages[type].name == NULL)
922 return(unknown_name);
923
924 return(smb_messages[type].name);
925 }
926
927 /****************************************************************************
928 Helper functions for contruct_reply.
929 ****************************************************************************/
930
931 static uint32 common_flags2 = FLAGS2_LONG_PATH_COMPONENTS|FLAGS2_EXTENDED_SECURITY|FLAGS2_32_BIT_ERROR_CODES;
932
933 void remove_from_common_flags2(uint32 v)
934 {
935 common_flags2 &= ~v;
936 }
937
938 void construct_reply_common(char *inbuf,char *outbuf)
939 {
940 memset(outbuf,'\0',smb_size);
941
942 set_message(outbuf,0,0,True);
943 SCVAL(outbuf,smb_com,CVAL(inbuf,smb_com));
944
945 memcpy(outbuf+4,inbuf+4,4);
946 SCVAL(outbuf,smb_rcls,SMB_SUCCESS);
947 SCVAL(outbuf,smb_reh,0);
948 SCVAL(outbuf,smb_flg, FLAG_REPLY | (CVAL(inbuf,smb_flg) & FLAG_CASELESS_PATHNAMES));
949 SSVAL(outbuf,smb_flg2,
950 (SVAL(inbuf,smb_flg2) & FLAGS2_UNICODE_STRINGS) |
951 common_flags2);
952
953 SSVAL(outbuf,smb_err,SMB_SUCCESS);
954 SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
955 SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
956 SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
957 SSVAL(outbuf,smb_mid,SVAL(inbuf,smb_mid));
958 }
959
960 /****************************************************************************
961 Construct a chained reply and add it to the already made reply
962 ****************************************************************************/
963
964 int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
965 {
966 static char *orig_inbuf;
967 static char *orig_outbuf;
968 int smb_com1, smb_com2 = CVAL(inbuf,smb_vwv0);
969 unsigned smb_off2 = SVAL(inbuf,smb_vwv1);
970 char *inbuf2, *outbuf2;
971 int outsize2;
972 char inbuf_saved[smb_wct];
973 char outbuf_saved[smb_wct];
974 int wct = CVAL(outbuf,smb_wct);
975 int outsize = smb_size + 2*wct + SVAL(outbuf,smb_vwv0+2*wct);
976
977 /* maybe its not chained */
978 if (smb_com2 == 0xFF) {
979 SCVAL(outbuf,smb_vwv0,0xFF);
980 return outsize;
981 }
982
983 if (chain_size == 0) {
984 /* this is the first part of the chain */
985 orig_inbuf = inbuf;
986 orig_outbuf = outbuf;
987 }
988
989 /*
990 * The original Win95 redirector dies on a reply to
991 * a lockingX and read chain unless the chain reply is
992 * 4 byte aligned. JRA.
993 */
994
995 outsize = (outsize + 3) & ~3;
996
997 /* we need to tell the client where the next part of the reply will be */
998 SSVAL(outbuf,smb_vwv1,smb_offset(outbuf+outsize,outbuf));
999 SCVAL(outbuf,smb_vwv0,smb_com2);
1000
1001 /* remember how much the caller added to the chain, only counting stuff
1002 after the parameter words */
1003 chain_size += outsize - smb_wct;
1004
1005 /* work out pointers into the original packets. The
1006 headers on these need to be filled in */
1007 inbuf2 = orig_inbuf + smb_off2 + 4 - smb_wct;
1008 outbuf2 = orig_outbuf + SVAL(outbuf,smb_vwv1) + 4 - smb_wct;
1009
1010 /* remember the original command type */
1011 smb_com1 = CVAL(orig_inbuf,smb_com);
1012
1013 /* save the data which will be overwritten by the new headers */
1014 memcpy(inbuf_saved,inbuf2,smb_wct);
1015 memcpy(outbuf_saved,outbuf2,smb_wct);
1016
1017 /* give the new packet the same header as the last part of the SMB */
1018 memmove(inbuf2,inbuf,smb_wct);
1019
1020 /* create the in buffer */
1021 SCVAL(inbuf2,smb_com,smb_com2);
1022
1023 /* create the out buffer */
1024 construct_reply_common(inbuf2, outbuf2);
1025
1026 DEBUG(3,("Chained message\n"));
1027 show_msg(inbuf2);
1028
1029 /* process the request */
1030 outsize2 = switch_message(smb_com2,inbuf2,outbuf2,size-chain_size,
1031 bufsize-chain_size);
1032
1033 /* copy the new reply and request headers over the old ones, but
1034 preserve the smb_com field */
1035 memmove(orig_outbuf,outbuf2,smb_wct);
1036 SCVAL(orig_outbuf,smb_com,smb_com1);
1037
1038 /* restore the saved data, being careful not to overwrite any
1039 data from the reply header */
1040 memcpy(inbuf2,inbuf_saved,smb_wct);
1041
1042 {
1043 int ofs = smb_wct - PTR_DIFF(outbuf2,orig_outbuf);
1044 if (ofs < 0) ofs = 0;
1045 memmove(outbuf2+ofs,outbuf_saved+ofs,smb_wct-ofs);
1046 }
1047
1048 return outsize2;
1049 }
1050
1051 /****************************************************************************
1052 Setup the needed select timeout.
1053 ****************************************************************************/
1054
1055 static int setup_select_timeout(void)
1056 {
1057 int select_timeout;
1058 int t;
1059
1060 select_timeout = blocking_locks_timeout(SMBD_SELECT_TIMEOUT);
1061 select_timeout *= 1000;
1062
1063 t = change_notify_timeout();
1064 if (t != -1)
1065 select_timeout = MIN(select_timeout, t*1000);
1066
1067 if (print_notify_messages_pending())
1068 select_timeout = MIN(select_timeout, 1000);
1069
1070 return select_timeout;
1071 }
1072
1073 /****************************************************************************
1074 Check if services need reloading.
1075 ****************************************************************************/
1076
1077 void check_reload(int t)
1078 {
1079 static time_t last_smb_conf_reload_time = 0;
1080
1081 if(last_smb_conf_reload_time == 0)
1082 last_smb_conf_reload_time = t;
1083
1084 if (reload_after_sighup || (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK)) {
1085 reload_services(True);
1086 reload_after_sighup = False;
1087 last_smb_conf_reload_time = t;
1088 }
1089 }
1090
1091 /****************************************************************************
1092 Process any timeout housekeeping. Return False if the caller should exit.
1093 ****************************************************************************/
1094
1095 static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_timeout_processing_time)
1096 {
1097 static time_t last_keepalive_sent_time = 0;
1098 static time_t last_idle_closed_check = 0;
1099 time_t t;
1100 BOOL allidle = True;
1101 extern int keepalive;
1102
1103 if (smb_read_error == READ_EOF) {
1104 DEBUG(3,("timeout_processing: End of file from client (client has disconnected).\n"));
1105 return False;
1106 }
1107
1108 if (smb_read_error == READ_ERROR) {
1109 DEBUG(3,("timeout_processing: receive_smb error (%s) Exiting\n",
1110 strerror(errno)));
1111 return False;
1112 }
1113
1114 if (smb_read_error == READ_BAD_SIG) {
1115 DEBUG(3,("timeout_processing: receive_smb error bad smb signature. Exiting\n"));
1116 return False;
1117 }
1118
1119 *last_timeout_processing_time = t = time(NULL);
1120
1121 if(last_keepalive_sent_time == 0)
1122 last_keepalive_sent_time = t;
1123
1124 if(last_idle_closed_check == 0)
1125 last_idle_closed_check = t;
1126
1127 /* become root again if waiting */
1128 change_to_root_user();
1129
1130 /* run all registered idle events */
1131 smb_run_idle_events(t);
1132
1133 /* check if we need to reload services */
1134 check_reload(t);
1135
1136 /* automatic timeout if all connections are closed */
1137 if (conn_num_open()==0 && (t - last_idle_closed_check) >= IDLE_CLOSED_TIMEOUT) {
1138 DEBUG( 2, ( "Closing idle connection\n" ) );
1139 return False;
1140 } else {
1141 last_idle_closed_check = t;
1142 }
1143
1144 if (keepalive && (t - last_keepalive_sent_time)>keepalive) {
1145 extern struct auth_context *negprot_global_auth_context;
1146 if (!send_keepalive(smbd_server_fd())) {
1147 DEBUG( 2, ( "Keepalive failed - exiting.\n" ) );
1148 return False;
1149 }
1150
1151 /* send a keepalive for a password server or the like.
1152 This is attached to the auth_info created in the
1153 negprot */
1154 if (negprot_global_auth_context && negprot_global_auth_context->challenge_set_method
1155 && negprot_global_auth_context->challenge_set_method->send_keepalive) {
1156
1157 negprot_global_auth_context->challenge_set_method->send_keepalive
1158 (&negprot_global_auth_context->challenge_set_method->private_data);
1159 }
1160
1161 last_keepalive_sent_time = t;
1162 }
1163
1164 /* check for connection timeouts */
1165 allidle = conn_idle_all(t, deadtime);
1166
1167 if (allidle && conn_num_open()>0) {
1168 DEBUG(2,("Closing idle connection 2.\n"));
1169 return False;
1170 }
1171
1172 if(global_machine_password_needs_changing &&
1173 /* for ADS we need to do a regular ADS password change, not a domain
1174 password change */
1175 lp_security() == SEC_DOMAIN) {
1176
1177 unsigned char trust_passwd_hash[16];
1178 time_t lct;
1179
1180 /*
1181 * We're in domain level security, and the code that
1182 * read the machine password flagged that the machine
1183 * password needs changing.
1184 */
1185
1186 /*
1187 * First, open the machine password file with an exclusive lock.
1188 */
1189
1190 if (secrets_lock_trust_account_password(lp_workgroup(), True) == False) {
1191 DEBUG(0,("process: unable to lock the machine account password for \
1192 machine %s in domain %s.\n", global_myname(), lp_workgroup() ));
1193 return True;
1194 }
1195
1196 if(!secrets_fetch_trust_account_password(lp_workgroup(), trust_passwd_hash, &lct, NULL)) {
1197 DEBUG(0,("process: unable to read the machine account password for \
1198 machine %s in domain %s.\n", global_myname(), lp_workgroup()));
1199 secrets_lock_trust_account_password(lp_workgroup(), False);
1200 return True;
1201 }
1202
1203 /*
1204 * Make sure someone else hasn't already done this.
1205 */
1206
1207 if(t < lct + lp_machine_password_timeout()) {
1208 global_machine_password_needs_changing = False;
1209 secrets_lock_trust_account_password(lp_workgroup(), False);
1210 return True;
1211 }
1212
1213 /* always just contact the PDC here */
1214
1215 change_trust_account_password( lp_workgroup(), NULL);
1216 global_machine_password_needs_changing = False;
1217 secrets_lock_trust_account_password(lp_workgroup(), False);
1218 }
1219
1220 /*
1221 * Check to see if we have any blocking locks
1222 * outstanding on the queue.
1223 */
1224 process_blocking_lock_queue(t);
1225
1226 /* update printer queue caches if necessary */
1227
1228 update_monitored_printq_cache();
1229
1230 /*
1231 * Check to see if we have any change notifies
1232 * outstanding on the queue.
1233 */
1234 process_pending_change_notify_queue(t);
1235
1236 /*
1237 * Now we are root, check if the log files need pruning.
1238 * Force a log file check.
1239 */
1240 force_check_log_size();
1241 check_log_size();
1242
1243 /* Send any queued printer notify message to interested smbd's. */
1244
1245 print_notify_send_messages(0);
1246
1247 /*
1248 * Modify the select timeout depending upon
1249 * what we have remaining in our queues.
1250 */
1251
1252 *select_timeout = setup_select_timeout();
1253
1254 return True;
1255 }
1256
1257 /****************************************************************************
1258 process commands from the client
1259 ****************************************************************************/
1260
1261 void smbd_process(void)
1262 {
1263 extern int smb_echo_count;
1264 time_t last_timeout_processing_time = time(NULL);
1265 unsigned int num_smbs = 0;
1266 const size_t total_buffer_size = BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE + SAFETY_MARGIN;
1267
1268 InBuffer = (char *)malloc(total_buffer_size);
1269 OutBuffer = (char *)malloc(total_buffer_size);
1270 if ((InBuffer == NULL) || (OutBuffer == NULL))
1271 return;
1272
1273 #if defined(DEVELOPER)
1274 clobber_region(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, InBuffer, total_buffer_size);
1275 clobber_region(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, OutBuffer, total_buffer_size);
1276 #endif
1277
1278 max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
1279
1280 while (True) {
1281 int deadtime = lp_deadtime()*60;
1282 int select_timeout = setup_select_timeout();
1283 int num_echos;
1284
1285 if (deadtime <= 0)
1286 deadtime = DEFAULT_SMBD_TIMEOUT;
1287
1288 errno = 0;
1289
1290 /* free up temporary memory */
1291 lp_talloc_free();
1292 main_loop_talloc_free();
1293
1294 /* run all registered idle events */
1295 smb_run_idle_events(time(NULL));
1296
1297
1298 /* Did someone ask for immediate checks on things like blocking locks ? */
1299 if (select_timeout == 0) {
1300 if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
1301 return;
1302 num_smbs = 0; /* Reset smb counter. */
1303 }
1304
1305 #if defined(DEVELOPER)
1306 clobber_region(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, InBuffer, total_buffer_size);
1307 #endif
1308
1309 while (!receive_message_or_smb(InBuffer,BUFFER_SIZE+LARGE_WRITEX_HDR_SIZE,select_timeout)) {
1310 if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
1311 return;
1312 num_smbs = 0; /* Reset smb counter. */
1313 }
1314
1315 /*
1316 * Ensure we do timeout processing if the SMB we just got was
1317 * only an echo request. This allows us to set the select
1318 * timeout in 'receive_message_or_smb()' to any value we like
1319 * without worrying that the client will send echo requests
1320 * faster than the select timeout, thus starving out the
1321 * essential processing (change notify, blocking locks) that
1322 * the timeout code does. JRA.
1323 */
1324 num_echos = smb_echo_count;
1325
1326 clobber_region(SAFE_STRING_FUNCTION_NAME, SAFE_STRING_LINE, OutBuffer, total_buffer_size);
1327
1328 process_smb(InBuffer, OutBuffer);
1329
1330 if (smb_echo_count != num_echos) {
1331 if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
1332 return;
1333 num_smbs = 0; /* Reset smb counter. */
1334 }
1335
1336 num_smbs++;
1337
1338 /*
1339 * If we are getting smb requests in a constant stream
1340 * with no echos, make sure we attempt timeout processing
1341 * every select_timeout milliseconds - but only check for this
1342 * every 200 smb requests.
1343 */
1344
1345 if ((num_smbs % 200) == 0) {
1346 time_t new_check_time = time(NULL);
1347 if(new_check_time - last_timeout_processing_time >= (select_timeout/1000)) {
1348 if(!timeout_processing( deadtime, &select_timeout, &last_timeout_processing_time))
1349 return;
1350 num_smbs = 0; /* Reset smb counter. */
1351 last_timeout_processing_time = new_check_time; /* Reset time. */
1352 }
1353 }
1354
1355 /* The timeout_processing function isn't run nearly
1356 often enough to implement 'max log size' without
1357 overrunning the size of the file by many megabytes.
1358 This is especially true if we are running at debug
1359 level 10. Checking every 50 SMBs is a nice
1360 tradeoff of performance vs log file size overrun. */
1361
1362 if ((num_smbs % 50) == 0 && need_to_check_log_size()) {
1363 change_to_root_user();
1364 check_log_size();
1365 }
1366 }
1367 }
reg import