search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
smbd: Make reopen_from_fsp() public
[samba4-gss.git] / source3 / smbd / smb2_process.c
blob6931bfba81c1cb05049238eff2d8746023e3d395
1 /*
2 Unix SMB/CIFS implementation.
3 process incoming packets - main loop
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Volker Lendecke 2005-2007
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "includes.h"
22 #include "../lib/tsocket/tsocket.h"
23 #include "system/filesys.h"
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "source3/smbd/smbXsrv_session.h"
27 #include "smbd/smbXsrv_open.h"
28 #include "librpc/gen_ndr/netlogon.h"
29 #include "../lib/async_req/async_sock.h"
30 #include "ctdbd_conn.h"
31 #include "../lib/util/select.h"
32 #include "printing/queue_process.h"
33 #include "system/select.h"
34 #include "passdb.h"
35 #include "auth.h"
36 #include "messages.h"
37 #include "lib/messages_ctdb.h"
38 #include "smbprofile.h"
39 #include "rpc_server/spoolss/srv_spoolss_nt.h"
40 #include "../lib/util/tevent_ntstatus.h"
41 #include "../libcli/security/dom_sid.h"
42 #include "../libcli/security/security_token.h"
43 #include "lib/id_cache.h"
44 #include "lib/util/sys_rw_data.h"
45 #include "system/threads.h"
46 #include "lib/pthreadpool/pthreadpool_tevent.h"
47 #include "util_event.h"
48 #include "libcli/smb/smbXcli_base.h"
49 #include "lib/util/time_basic.h"
50 #include "source3/lib/substitute.h"
51 #include "source3/smbd/dir.h"
52
53 /* Internal message queue for deferred opens. */
54 struct pending_message_list {
55 struct pending_message_list *next, *prev;
56 struct timeval request_time; /* When was this first issued? */
57 struct smbd_server_connection *sconn;
58 struct smbXsrv_connection *xconn;
59 struct tevent_timer *te;
60 uint32_t seqnum;
61 bool encrypted;
62 bool processed;
63 DATA_BLOB buf;
64 struct deferred_open_record *open_rec;
65 };
66
67 static struct pending_message_list *get_deferred_open_message_smb(
68 struct smbd_server_connection *sconn, uint64_t mid);
69
70 #if !defined(WITH_SMB1SERVER)
71 bool smb1_srv_send(struct smbXsrv_connection *xconn,
72 char *buffer,
73 bool do_signing,
74 uint32_t seqnum,
75 bool do_encrypt)
76 {
77 size_t len = 0;
78 ssize_t ret;
79 len = smb_len_large(buffer) + 4;
80 ret = write_data(xconn->transport.sock, buffer, len);
81 return (ret > 0);
82 }
83 #endif
84
85 /*******************************************************************
86 Setup the word count and byte count for a smb1 message.
87 ********************************************************************/
88
89 size_t srv_smb1_set_message(char *buf,
90 size_t num_words,
91 size_t num_bytes,
92 bool zero)
93 {
94 if (zero && (num_words || num_bytes)) {
95 memset(buf + smb_size,'\0',num_words*2 + num_bytes);
96 }
97 SCVAL(buf,smb_wct,num_words);
98 SSVAL(buf,smb_vwv + num_words*SIZEOFWORD,num_bytes);
99 smb_setlen(buf,(smb_size + num_words*2 + num_bytes - 4));
100 return (smb_size + num_words*2 + num_bytes);
101 }
102
103 NTSTATUS read_packet_remainder(int fd, char *buffer,
104 unsigned int timeout, ssize_t len)
105 {
106 NTSTATUS status;
107
108 if (len <= 0) {
109 return NT_STATUS_OK;
110 }
111
112 status = read_fd_with_timeout(fd, buffer, len, len, timeout, NULL);
113 if (!NT_STATUS_IS_OK(status)) {
114 char addr[INET6_ADDRSTRLEN];
115 DEBUG(0, ("read_fd_with_timeout failed for client %s read "
116 "error = %s.\n",
117 get_peer_addr(fd, addr, sizeof(addr)),
118 nt_errstr(status)));
119 }
120 return status;
121 }
122
123 #if !defined(WITH_SMB1SERVER)
124 static NTSTATUS smb2_receive_raw_talloc(TALLOC_CTX *mem_ctx,
125 struct smbXsrv_connection *xconn,
126 int sock,
127 char **buffer, unsigned int timeout,
128 size_t *p_unread, size_t *plen)
129 {
130 char lenbuf[4];
131 size_t len;
132 NTSTATUS status;
133
134 *p_unread = 0;
135
136 status = read_smb_length_return_keepalive(sock, lenbuf, timeout,
137 &len);
138 if (!NT_STATUS_IS_OK(status)) {
139 return status;
140 }
141
142 /*
143 * The +4 here can't wrap, we've checked the length above already.
144 */
145
146 *buffer = talloc_array(mem_ctx, char, len+4);
147
148 if (*buffer == NULL) {
149 DEBUG(0, ("Could not allocate inbuf of length %d\n",
150 (int)len+4));
151 return NT_STATUS_NO_MEMORY;
152 }
153
154 memcpy(*buffer, lenbuf, sizeof(lenbuf));
155
156 status = read_packet_remainder(sock, (*buffer)+4, timeout, len);
157 if (!NT_STATUS_IS_OK(status)) {
158 return status;
159 }
160
161 *plen = len + 4;
162 return NT_STATUS_OK;
163 }
164
165 static NTSTATUS smb2_receive_talloc(TALLOC_CTX *mem_ctx,
166 struct smbXsrv_connection *xconn,
167 int sock,
168 char **buffer, unsigned int timeout,
169 size_t *p_unread, bool *p_encrypted,
170 size_t *p_len,
171 uint32_t *seqnum,
172 bool trusted_channel)
173 {
174 size_t len = 0;
175 NTSTATUS status;
176
177 *p_encrypted = false;
178
179 status = smb2_receive_raw_talloc(mem_ctx, xconn, sock, buffer, timeout,
180 p_unread, &len);
181 if (!NT_STATUS_IS_OK(status)) {
182 DEBUG(NT_STATUS_EQUAL(status, NT_STATUS_END_OF_FILE)?5:1,
183 ("smb2_receive_raw_talloc failed for client %s "
184 "read error = %s.\n",
185 smbXsrv_connection_dbg(xconn),
186 nt_errstr(status)) );
187 return status;
188 }
189
190 *p_len = len;
191 return NT_STATUS_OK;
192 }
193 #endif
194
195 NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx,
196 struct smbXsrv_connection *xconn,
197 int sock,
198 char **buffer, unsigned int timeout,
199 size_t *p_unread, bool *p_encrypted,
200 size_t *p_len,
201 uint32_t *seqnum,
202 bool trusted_channel)
203 {
204 #if defined(WITH_SMB1SERVER)
205 return smb1_receive_talloc(mem_ctx, xconn, sock, buffer, timeout,
206 p_unread, p_encrypted, p_len, seqnum,
207 trusted_channel);
208 #else
209 return smb2_receive_talloc(mem_ctx, xconn, sock, buffer, timeout,
210 p_unread, p_encrypted, p_len, seqnum,
211 trusted_channel);
212 #endif
213 }
214
215 /****************************************************************************
216 Function to delete a sharing violation open message by mid.
217 ****************************************************************************/
218
219 void remove_deferred_open_message_smb(struct smbXsrv_connection *xconn,
220 uint64_t mid)
221 {
222 struct smbd_server_connection *sconn = xconn->client->sconn;
223 struct pending_message_list *pml;
224
225 if (conn_using_smb2(sconn)) {
226 remove_deferred_open_message_smb2(xconn, mid);
227 return;
228 }
229
230 for (pml = sconn->deferred_open_queue; pml; pml = pml->next) {
231 if (mid == (uint64_t)SVAL(pml->buf.data,smb_mid)) {
232 DEBUG(10,("remove_deferred_open_message_smb: "
233 "deleting mid %llu len %u\n",
234 (unsigned long long)mid,
235 (unsigned int)pml->buf.length ));
236 DLIST_REMOVE(sconn->deferred_open_queue, pml);
237 TALLOC_FREE(pml);
238 return;
239 }
240 }
241 }
242
243 static void smbd_deferred_open_timer(struct tevent_context *ev,
244 struct tevent_timer *te,
245 struct timeval _tval,
246 void *private_data)
247 {
248 struct pending_message_list *msg = talloc_get_type(private_data,
249 struct pending_message_list);
250 struct smbd_server_connection *sconn = msg->sconn;
251 struct smbXsrv_connection *xconn = msg->xconn;
252 TALLOC_CTX *mem_ctx = talloc_tos();
253 uint64_t mid = (uint64_t)SVAL(msg->buf.data,smb_mid);
254 uint8_t *inbuf;
255
256 inbuf = (uint8_t *)talloc_memdup(mem_ctx, msg->buf.data,
257 msg->buf.length);
258 if (inbuf == NULL) {
259 exit_server("smbd_deferred_open_timer: talloc failed\n");
260 return;
261 }
262
263 /* We leave this message on the queue so the open code can
264 know this is a retry. */
265 DEBUG(5,("smbd_deferred_open_timer: trigger mid %llu.\n",
266 (unsigned long long)mid ));
267
268 /* Mark the message as processed so this is not
269 * re-processed in error. */
270 msg->processed = true;
271
272 process_smb(xconn,
273 inbuf,
274 msg->buf.length,
275 0,
276 msg->seqnum,
277 msg->encrypted);
278
279 /* If it's still there and was processed, remove it. */
280 msg = get_deferred_open_message_smb(sconn, mid);
281 if (msg && msg->processed) {
282 remove_deferred_open_message_smb(xconn, mid);
283 }
284 }
285
286 /****************************************************************************
287 Move a sharing violation open retry message to the front of the list and
288 schedule it for immediate processing.
289 ****************************************************************************/
290
291 bool schedule_deferred_open_message_smb(struct smbXsrv_connection *xconn,
292 uint64_t mid)
293 {
294 struct smbd_server_connection *sconn = xconn->client->sconn;
295 struct pending_message_list *pml;
296 int i = 0;
297
298 if (conn_using_smb2(sconn)) {
299 return schedule_deferred_open_message_smb2(xconn, mid);
300 }
301
302 for (pml = sconn->deferred_open_queue; pml; pml = pml->next) {
303 uint64_t msg_mid = (uint64_t)SVAL(pml->buf.data,smb_mid);
304
305 DEBUG(10,("schedule_deferred_open_message_smb: [%d] "
306 "msg_mid = %llu\n",
307 i++,
308 (unsigned long long)msg_mid ));
309
310 if (mid == msg_mid) {
311 struct tevent_timer *te;
312
313 if (pml->processed) {
314 /* A processed message should not be
315 * rescheduled. */
316 DEBUG(0,("schedule_deferred_open_message_smb: LOGIC ERROR "
317 "message mid %llu was already processed\n",
318 (unsigned long long)msg_mid ));
319 continue;
320 }
321
322 DEBUG(10,("schedule_deferred_open_message_smb: "
323 "scheduling mid %llu\n",
324 (unsigned long long)mid ));
325
326 /*
327 * smbd_deferred_open_timer() calls
328 * process_smb() to redispatch the request
329 * including the required impersonation.
330 *
331 * So we can just use the raw tevent_context.
332 */
333 te = tevent_add_timer(xconn->client->raw_ev_ctx,
334 pml,
335 timeval_zero(),
336 smbd_deferred_open_timer,
337 pml);
338 if (!te) {
339 DEBUG(10,("schedule_deferred_open_message_smb: "
340 "event_add_timed() failed, "
341 "skipping mid %llu\n",
342 (unsigned long long)msg_mid ));
343 }
344
345 TALLOC_FREE(pml->te);
346 pml->te = te;
347 DLIST_PROMOTE(sconn->deferred_open_queue, pml);
348 return true;
349 }
350 }
351
352 DEBUG(10,("schedule_deferred_open_message_smb: failed to "
353 "find message mid %llu\n",
354 (unsigned long long)mid ));
355
356 return false;
357 }
358
359 /****************************************************************************
360 Return true if this mid is on the deferred queue and was not yet processed.
361 ****************************************************************************/
362
363 bool open_was_deferred(struct smbXsrv_connection *xconn, uint64_t mid)
364 {
365 struct smbd_server_connection *sconn = xconn->client->sconn;
366 struct pending_message_list *pml;
367
368 if (conn_using_smb2(sconn)) {
369 return open_was_deferred_smb2(xconn, mid);
370 }
371
372 for (pml = sconn->deferred_open_queue; pml; pml = pml->next) {
373 if (((uint64_t)SVAL(pml->buf.data,smb_mid)) == mid && !pml->processed) {
374 return True;
375 }
376 }
377 return False;
378 }
379
380 /****************************************************************************
381 Return the message queued by this mid.
382 ****************************************************************************/
383
384 static struct pending_message_list *get_deferred_open_message_smb(
385 struct smbd_server_connection *sconn, uint64_t mid)
386 {
387 struct pending_message_list *pml;
388
389 for (pml = sconn->deferred_open_queue; pml; pml = pml->next) {
390 if (((uint64_t)SVAL(pml->buf.data,smb_mid)) == mid) {
391 return pml;
392 }
393 }
394 return NULL;
395 }
396
397 /****************************************************************************
398 Get the state data queued by this mid.
399 ****************************************************************************/
400
401 bool get_deferred_open_message_state(struct smb_request *smbreq,
402 struct timeval *p_request_time,
403 struct deferred_open_record **open_rec)
404 {
405 struct pending_message_list *pml;
406
407 if (conn_using_smb2(smbreq->sconn)) {
408 return get_deferred_open_message_state_smb2(smbreq->smb2req,
409 p_request_time,
410 open_rec);
411 }
412
413 pml = get_deferred_open_message_smb(smbreq->sconn, smbreq->mid);
414 if (!pml) {
415 return false;
416 }
417 if (p_request_time) {
418 *p_request_time = pml->request_time;
419 }
420 if (open_rec != NULL) {
421 *open_rec = pml->open_rec;
422 }
423 return true;
424 }
425
426 bool push_deferred_open_message_smb(struct smb_request *req,
427 struct timeval timeout,
428 struct file_id id,
429 struct deferred_open_record *open_rec)
430 {
431 #if defined(WITH_SMB1SERVER)
432 if (req->smb2req) {
433 #endif
434 return push_deferred_open_message_smb2(req->smb2req,
435 req->request_time,
436 timeout,
437 id,
438 open_rec);
439 #if defined(WITH_SMB1SERVER)
440 } else {
441 return push_deferred_open_message_smb1(req, timeout,
442 id, open_rec);
443 }
444 #endif
445 }
446
447 static void construct_smb1_reply_common(uint8_t cmd, const uint8_t *inbuf,
448 char *outbuf)
449 {
450 uint16_t in_flags2 = SVAL(inbuf,smb_flg2);
451 uint16_t out_flags2 = common_flags2;
452
453 out_flags2 |= in_flags2 & FLAGS2_UNICODE_STRINGS;
454 out_flags2 |= in_flags2 & FLAGS2_SMB_SECURITY_SIGNATURES;
455 out_flags2 |= in_flags2 & FLAGS2_SMB_SECURITY_SIGNATURES_REQUIRED;
456
457 srv_smb1_set_message(outbuf,0,0,false);
458
459 SCVAL(outbuf, smb_com, cmd);
460 SIVAL(outbuf,smb_rcls,0);
461 SCVAL(outbuf,smb_flg, FLAG_REPLY | (CVAL(inbuf,smb_flg) & FLAG_CASELESS_PATHNAMES));
462 SSVAL(outbuf,smb_flg2, out_flags2);
463 memset(outbuf+smb_pidhigh,'\0',(smb_tid-smb_pidhigh));
464 memcpy(outbuf+smb_ss_field, inbuf+smb_ss_field, 8);
465
466 SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
467 SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
468 SSVAL(outbuf,smb_pidhigh,SVAL(inbuf,smb_pidhigh));
469 SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
470 SSVAL(outbuf,smb_mid,SVAL(inbuf,smb_mid));
471 }
472
473 void construct_smb1_reply_common_req(struct smb_request *req, char *outbuf)
474 {
475 construct_smb1_reply_common(req->cmd, req->inbuf, outbuf);
476 }
477
478 /*******************************************************************
479 allocate and initialize a reply packet
480 ********************************************************************/
481
482 bool create_smb1_outbuf(TALLOC_CTX *mem_ctx, struct smb_request *req,
483 const uint8_t *inbuf, char **outbuf,
484 uint8_t num_words, uint32_t num_bytes)
485 {
486 size_t smb_len = MIN_SMB_SIZE + VWV(num_words) + num_bytes;
487
488 /*
489 * Protect against integer wrap.
490 * The SMB layer reply can be up to 0xFFFFFF bytes.
491 */
492 if ((num_bytes > 0xffffff) || (smb_len > 0xffffff)) {
493 char *msg;
494 if (asprintf(&msg, "num_bytes too large: %u",
495 (unsigned)num_bytes) == -1) {
496 msg = discard_const_p(char, "num_bytes too large");
497 }
498 smb_panic(msg);
499 }
500
501 /*
502 * Here we include the NBT header for now.
503 */
504 *outbuf = talloc_array(mem_ctx, char,
505 NBT_HDR_SIZE + smb_len);
506 if (*outbuf == NULL) {
507 return false;
508 }
509
510 construct_smb1_reply_common(req->cmd, inbuf, *outbuf);
511 srv_smb1_set_message(*outbuf, num_words, num_bytes, false);
512 /*
513 * Zero out the word area, the caller has to take care of the bcc area
514 * himself
515 */
516 if (num_words != 0) {
517 memset(*outbuf + (NBT_HDR_SIZE + HDR_VWV), 0, VWV(num_words));
518 }
519
520 return true;
521 }
522
523 void reply_smb1_outbuf(struct smb_request *req, uint8_t num_words, uint32_t num_bytes)
524 {
525 char *outbuf;
526 if (!create_smb1_outbuf(req, req, req->inbuf, &outbuf, num_words,
527 num_bytes)) {
528 smb_panic("could not allocate output buffer\n");
529 }
530 req->outbuf = (uint8_t *)outbuf;
531 }
532
533 bool valid_smb1_header(const uint8_t *inbuf)
534 {
535 if (is_encrypted_packet(inbuf)) {
536 return true;
537 }
538 /*
539 * This used to be (strncmp(smb_base(inbuf),"\377SMB",4) == 0)
540 * but it just looks weird to call strncmp for this one.
541 */
542 return (IVAL(smb_base(inbuf), 0) == 0x424D53FF);
543 }
544
545 /****************************************************************************
546 Process an smb from the client
547 ****************************************************************************/
548
549 static void process_smb2(struct smbXsrv_connection *xconn,
550 uint8_t *inbuf,
551 size_t nread,
552 size_t unread_bytes,
553 uint32_t seqnum,
554 bool encrypted)
555 {
556 const uint8_t *inpdu = inbuf + NBT_HDR_SIZE;
557 size_t pdulen = nread - NBT_HDR_SIZE;
558 NTSTATUS status = smbd_smb2_process_negprot(xconn, 0, inpdu, pdulen);
559 if (!NT_STATUS_IS_OK(status)) {
560 exit_server_cleanly("SMB2 negprot fail");
561 }
562 }
563
564 void process_smb(struct smbXsrv_connection *xconn,
565 uint8_t *inbuf,
566 size_t nread,
567 size_t unread_bytes,
568 uint32_t seqnum,
569 bool encrypted)
570 {
571 struct smbd_server_connection *sconn = xconn->client->sconn;
572 int msg_type = CVAL(inbuf,0);
573
574 DO_PROFILE_INC(request);
575
576 DEBUG( 6, ( "got message type 0x%x of len 0x%x\n", msg_type,
577 smb_len(inbuf) ) );
578 DEBUG(3, ("Transaction %d of length %d (%u toread)\n",
579 sconn->trans_num, (int)nread, (unsigned int)unread_bytes));
580
581 if (msg_type != NBSSmessage) {
582 /*
583 * NetBIOS session request, keepalive, etc.
584 */
585 reply_special(xconn, (char *)inbuf, nread);
586 goto done;
587 }
588
589 #if defined(WITH_SMB1SERVER)
590 if (lp_server_max_protocol() >= PROTOCOL_SMB2_02) {
591 /* At this point we're not really using smb2,
592 * we make the decision here.. */
593 if (smbd_is_smb2_header(inbuf, nread)) {
594 #endif
595 process_smb2(xconn,
596 inbuf,
597 nread,
598 unread_bytes,
599 seqnum,
600 encrypted);
601 return;
602 #if defined(WITH_SMB1SERVER)
603 }
604 if (nread >= smb_size && valid_smb1_header(inbuf)
605 && CVAL(inbuf, smb_com) != 0x72) {
606 /* This is a non-negprot SMB1 packet.
607 Disable SMB2 from now on. */
608 lp_do_parameter(-1, "server max protocol", "NT1");
609 }
610 }
611 process_smb1(xconn, inbuf, nread, unread_bytes, seqnum, encrypted);
612 #endif
613
614 done:
615 sconn->num_requests++;
616
617 /* The timeout_processing function isn't run nearly
618 often enough to implement 'max log size' without
619 overrunning the size of the file by many megabytes.
620 This is especially true if we are running at debug
621 level 10. Checking every 50 SMBs is a nice
622 tradeoff of performance vs log file size overrun. */
623
624 if ((sconn->num_requests % 50) == 0 &&
625 need_to_check_log_size()) {
626 change_to_root_user();
627 check_log_size();
628 }
629 }
630
631 NTSTATUS smbXsrv_connection_init_tables(struct smbXsrv_connection *conn,
632 enum protocol_types protocol)
633 {
634 NTSTATUS status;
635
636 conn->protocol = protocol;
637
638 if (conn->client->session_table != NULL) {
639 return NT_STATUS_OK;
640 }
641
642 if (protocol >= PROTOCOL_SMB2_02) {
643 status = smb2srv_session_table_init(conn);
644 if (!NT_STATUS_IS_OK(status)) {
645 conn->protocol = PROTOCOL_NONE;
646 return status;
647 }
648
649 status = smb2srv_open_table_init(conn);
650 if (!NT_STATUS_IS_OK(status)) {
651 conn->protocol = PROTOCOL_NONE;
652 return status;
653 }
654 } else {
655 #if defined(WITH_SMB1SERVER)
656 status = smb1srv_session_table_init(conn);
657 if (!NT_STATUS_IS_OK(status)) {
658 conn->protocol = PROTOCOL_NONE;
659 return status;
660 }
661
662 status = smb1srv_tcon_table_init(conn);
663 if (!NT_STATUS_IS_OK(status)) {
664 conn->protocol = PROTOCOL_NONE;
665 return status;
666 }
667
668 status = smb1srv_open_table_init(conn);
669 if (!NT_STATUS_IS_OK(status)) {
670 conn->protocol = PROTOCOL_NONE;
671 return status;
672 }
673 #else
674 conn->protocol = PROTOCOL_NONE;
675 return NT_STATUS_INVALID_NETWORK_RESPONSE;
676 #endif
677 }
678
679 set_Protocol(protocol);
680 return NT_STATUS_OK;
681 }
682
683 /**
684 * Create a debug string for the connection
685 *
686 * This is allocated to talloc_tos() or a string constant
687 * in certain corner cases. The returned string should
688 * hence not be free'd directly but only via the talloc stack.
689 */
690 const char *smbXsrv_connection_dbg(const struct smbXsrv_connection *xconn)
691 {
692 const char *ret = NULL;
693 char *raddr = NULL;
694 char *laddr = NULL;
695 struct GUID_txt_buf guid_buf = {};
696
697 /*
698 * TODO: this can be improved further later...
699 */
700
701 raddr = tsocket_address_string(xconn->remote_address, talloc_tos());
702 if (raddr == NULL) {
703 return "<tsocket_address_string() failed>";
704 }
705 laddr = tsocket_address_string(xconn->local_address, talloc_tos());
706 if (laddr == NULL) {
707 return "<tsocket_address_string() failed>";
708 }
709
710 ret = talloc_asprintf(talloc_tos(),
711 "PID=%d,CLIENT=%s,channel=%"PRIu64",remote=%s,local=%s",
712 getpid(),
713 GUID_buf_string(&xconn->smb2.client.guid, &guid_buf),
714 xconn->channel_id,
715 raddr,
716 laddr);
717 TALLOC_FREE(raddr);
718 TALLOC_FREE(laddr);
719 if (ret == NULL) {
720 return "<talloc_asprintf() failed>";
721 }
722
723 return ret;
724 }
725
726 /*
727 * Initialize a struct smb_request from an inbuf
728 */
729
730 bool init_smb1_request(struct smb_request *req,
731 struct smbd_server_connection *sconn,
732 struct smbXsrv_connection *xconn,
733 const uint8_t *inbuf,
734 size_t unread_bytes, bool encrypted,
735 uint32_t seqnum)
736 {
737 struct smbXsrv_tcon *tcon;
738 NTSTATUS status;
739 NTTIME now;
740 size_t req_size = smb_len(inbuf) + 4;
741
742 /* Ensure we have at least smb_size bytes. */
743 if (req_size < smb_size) {
744 DEBUG(0,("init_smb1_request: invalid request size %u\n",
745 (unsigned int)req_size ));
746 return false;
747 }
748
749 *req = (struct smb_request) { .cmd = 0};
750
751 req->request_time = timeval_current();
752 now = timeval_to_nttime(&req->request_time);
753
754 req->cmd = CVAL(inbuf, smb_com);
755 req->flags2 = SVAL(inbuf, smb_flg2);
756 req->smbpid = SVAL(inbuf, smb_pid);
757 req->mid = (uint64_t)SVAL(inbuf, smb_mid);
758 req->seqnum = seqnum;
759 req->vuid = SVAL(inbuf, smb_uid);
760 req->tid = SVAL(inbuf, smb_tid);
761 req->wct = CVAL(inbuf, smb_wct);
762 req->vwv = (const uint16_t *)(inbuf+smb_vwv);
763 req->buflen = smb_buflen(inbuf);
764 req->buf = (const uint8_t *)smb_buf_const(inbuf);
765 req->unread_bytes = unread_bytes;
766 req->encrypted = encrypted;
767 req->sconn = sconn;
768 req->xconn = xconn;
769 if (xconn != NULL) {
770 status = smb1srv_tcon_lookup(xconn, req->tid, now, &tcon);
771 if (NT_STATUS_IS_OK(status)) {
772 req->conn = tcon->compat;
773 }
774 }
775 req->posix_pathnames = lp_posix_pathnames();
776
777 /* Ensure we have at least wct words and 2 bytes of bcc. */
778 if (smb_size + req->wct*2 > req_size) {
779 DEBUG(0,("init_smb1_request: invalid wct number %u (size %u)\n",
780 (unsigned int)req->wct,
781 (unsigned int)req_size));
782 return false;
783 }
784 /* Ensure bcc is correct. */
785 if (((const uint8_t *)smb_buf_const(inbuf)) + req->buflen > inbuf + req_size) {
786 DEBUG(0,("init_smb1_request: invalid bcc number %u "
787 "(wct = %u, size %u)\n",
788 (unsigned int)req->buflen,
789 (unsigned int)req->wct,
790 (unsigned int)req_size));
791 return false;
792 }
793
794 return true;
795 }
796
797 /****************************************************************************
798 Construct a reply to the incoming packet.
799 ****************************************************************************/
800
801 static void construct_reply_smb1negprot(struct smbXsrv_connection *xconn,
802 char *inbuf, int size,
803 size_t unread_bytes)
804 {
805 struct smbd_server_connection *sconn = xconn->client->sconn;
806 struct smb_request *req;
807 NTSTATUS status;
808
809 if (!(req = talloc(talloc_tos(), struct smb_request))) {
810 smb_panic("could not allocate smb_request");
811 }
812
813 if (!init_smb1_request(req, sconn, xconn, (uint8_t *)inbuf, unread_bytes,
814 false, 0)) {
815 exit_server_cleanly("Invalid SMB request");
816 }
817
818 req->inbuf = (uint8_t *)talloc_move(req, &inbuf);
819
820 status = smb2_multi_protocol_reply_negprot(req);
821 if (req->outbuf == NULL) {
822 /*
823 * req->outbuf == NULL means we bootstrapped into SMB2.
824 */
825 return;
826 }
827 if (!NT_STATUS_IS_OK(status)) {
828 if (!smb1_srv_send(req->xconn,
829 (char *)req->outbuf,
830 true,
831 req->seqnum + 1,
832 IS_CONN_ENCRYPTED(req->conn) ||
833 req->encrypted)) {
834 exit_server_cleanly("construct_reply_smb1negprot: "
835 "smb1_srv_send failed.");
836 }
837 TALLOC_FREE(req);
838 } else {
839 /* This code path should only *ever* bootstrap into SMB2. */
840 exit_server_cleanly("Internal error SMB1negprot didn't reply "
841 "with an SMB2 packet");
842 }
843 }
844
845 static void smbd_server_connection_write_handler(
846 struct smbXsrv_connection *xconn)
847 {
848 /* TODO: make write nonblocking */
849 }
850
851 static void smbd_smb2_server_connection_read_handler(
852 struct smbXsrv_connection *xconn, int fd)
853 {
854 char lenbuf[NBT_HDR_SIZE];
855 size_t len = 0;
856 uint8_t *buffer = NULL;
857 size_t bufferlen = 0;
858 NTSTATUS status;
859 uint8_t msg_type = 0;
860
861 /* Read the first 4 bytes - contains length of remainder. */
862 status = read_smb_length_return_keepalive(fd, lenbuf, 0, &len);
863 if (!NT_STATUS_IS_OK(status)) {
864 exit_server_cleanly("failed to receive request length");
865 return;
866 }
867
868 /* Integer wrap check. */
869 if (len + NBT_HDR_SIZE < len) {
870 exit_server_cleanly("Invalid length on initial request");
871 return;
872 }
873
874 /*
875 * The +4 here can't wrap, we've checked the length above already.
876 */
877 bufferlen = len+NBT_HDR_SIZE;
878
879 buffer = talloc_array(talloc_tos(), uint8_t, bufferlen);
880 if (buffer == NULL) {
881 DBG_ERR("Could not allocate request inbuf of length %zu\n",
882 bufferlen);
883 exit_server_cleanly("talloc fail");
884 return;
885 }
886
887 /* Copy the NBT_HDR_SIZE length. */
888 memcpy(buffer, lenbuf, sizeof(lenbuf));
889
890 status = read_packet_remainder(fd, (char *)buffer+NBT_HDR_SIZE, 0, len);
891 if (!NT_STATUS_IS_OK(status)) {
892 exit_server_cleanly("Failed to read remainder of initial request");
893 return;
894 }
895
896 /* Check the message type. */
897 msg_type = PULL_LE_U8(buffer,0);
898 if (msg_type == NBSSrequest) {
899 /*
900 * clients can send this request before
901 * bootstrapping into SMB2. Cope with this
902 * message only, don't allow any other strange
903 * NBSS types.
904 */
905 reply_special(xconn, (char *)buffer, bufferlen);
906 xconn->client->sconn->num_requests++;
907 return;
908 }
909
910 /* Only a 'normal' message type allowed now. */
911 if (msg_type != NBSSmessage) {
912 DBG_ERR("Invalid message type %d\n", msg_type);
913 exit_server_cleanly("Invalid message type for initial request");
914 return;
915 }
916
917 /* Could this be an SMB1 negprot bootstrap into SMB2 ? */
918 if (bufferlen < smb_size) {
919 exit_server_cleanly("Invalid initial SMB1 or SMB2 packet");
920 return;
921 }
922 if (valid_smb1_header(buffer)) {
923 /* Can *only* allow an SMB1 negprot here. */
924 uint8_t cmd = PULL_LE_U8(buffer, smb_com);
925 if (cmd != SMBnegprot) {
926 DBG_ERR("Incorrect SMB1 command 0x%hhx, "
927 "should be SMBnegprot (0x72)\n",
928 cmd);
929 exit_server_cleanly("Invalid initial SMB1 packet");
930 }
931 /* Minimal process_smb(). */
932 show_msg((char *)buffer);
933 construct_reply_smb1negprot(xconn, (char *)buffer,
934 bufferlen, 0);
935 xconn->client->sconn->trans_num++;
936 xconn->client->sconn->num_requests++;
937 return;
938
939 } else if (!smbd_is_smb2_header(buffer, bufferlen)) {
940 exit_server_cleanly("Invalid initial SMB2 packet");
941 return;
942 }
943
944 /* Here we know we're a valid SMB2 packet. */
945
946 /*
947 * Point at the start of the SMB2 PDU.
948 * len is the length of the SMB2 PDU.
949 */
950
951 status = smbd_smb2_process_negprot(xconn,
952 0,
953 (const uint8_t *)buffer+NBT_HDR_SIZE,
954 len);
955 if (!NT_STATUS_IS_OK(status)) {
956 exit_server_cleanly("SMB2 negprot fail");
957 }
958 return;
959 }
960
961 static void smbd_server_connection_handler(struct tevent_context *ev,
962 struct tevent_fd *fde,
963 uint16_t flags,
964 void *private_data)
965 {
966 struct smbXsrv_connection *xconn =
967 talloc_get_type_abort(private_data,
968 struct smbXsrv_connection);
969
970 if (!NT_STATUS_IS_OK(xconn->transport.status)) {
971 /*
972 * we're not supposed to do any io
973 */
974 TEVENT_FD_NOT_READABLE(xconn->transport.fde);
975 TEVENT_FD_NOT_WRITEABLE(xconn->transport.fde);
976 return;
977 }
978
979 if (flags & TEVENT_FD_WRITE) {
980 smbd_server_connection_write_handler(xconn);
981 return;
982 }
983 if (flags & TEVENT_FD_READ) {
984 #if defined(WITH_SMB1SERVER)
985 if (lp_server_min_protocol() > PROTOCOL_NT1) {
986 #endif
987 smbd_smb2_server_connection_read_handler(xconn,
988 xconn->transport.sock);
989 #if defined(WITH_SMB1SERVER)
990 } else {
991 smbd_smb1_server_connection_read_handler(xconn,
992 xconn->transport.sock);
993 }
994 #endif
995 return;
996 }
997 }
998
999 struct smbd_release_ip_state {
1000 struct smbXsrv_connection *xconn;
1001 struct tevent_immediate *im;
1002 struct sockaddr_storage srv;
1003 struct sockaddr_storage clnt;
1004 char addr[INET6_ADDRSTRLEN];
1005 };
1006
1007 static int release_ip(struct tevent_context *ev,
1008 uint32_t src_vnn,
1009 uint32_t dst_vnn,
1010 uint64_t dst_srvid,
1011 const uint8_t *msg,
1012 size_t msglen,
1013 void *private_data);
1014
1015 static int smbd_release_ip_state_destructor(struct smbd_release_ip_state *s)
1016 {
1017 struct ctdbd_connection *cconn = messaging_ctdb_connection();
1018 struct smbXsrv_connection *xconn = s->xconn;
1019
1020 if (cconn == NULL) {
1021 return 0;
1022 }
1023
1024 if (NT_STATUS_EQUAL(xconn->transport.status, NT_STATUS_CONNECTION_IN_USE)) {
1025 ctdbd_passed_ips(cconn, &s->srv, &s->clnt, release_ip, s);
1026 } else {
1027 ctdbd_unregister_ips(cconn, &s->srv, &s->clnt, release_ip, s);
1028 }
1029
1030 return 0;
1031 }
1032
1033 static void smbd_release_ip_immediate(struct tevent_context *ctx,
1034 struct tevent_immediate *im,
1035 void *private_data)
1036 {
1037 struct smbd_release_ip_state *state =
1038 talloc_get_type_abort(private_data,
1039 struct smbd_release_ip_state);
1040 struct smbXsrv_connection *xconn = state->xconn;
1041
1042 if (!NT_STATUS_EQUAL(xconn->transport.status, NT_STATUS_ADDRESS_CLOSED)) {
1043 /*
1044 * smbd_server_connection_terminate() already triggered ?
1045 */
1046 return;
1047 }
1048
1049 smbd_server_connection_terminate(xconn, "CTDB_SRVID_RELEASE_IP");
1050 }
1051
1052 /****************************************************************************
1053 received when we should release a specific IP
1054 ****************************************************************************/
1055 static int release_ip(struct tevent_context *ev,
1056 uint32_t src_vnn, uint32_t dst_vnn,
1057 uint64_t dst_srvid,
1058 const uint8_t *msg, size_t msglen,
1059 void *private_data)
1060 {
1061 struct smbd_release_ip_state *state =
1062 talloc_get_type_abort(private_data,
1063 struct smbd_release_ip_state);
1064 struct smbXsrv_connection *xconn = state->xconn;
1065 const char *ip;
1066 const char *addr = state->addr;
1067 const char *p = addr;
1068
1069 if (msglen == 0) {
1070 return 0;
1071 }
1072 if (msg[msglen-1] != '\0') {
1073 return 0;
1074 }
1075
1076 ip = (const char *)msg;
1077
1078 if (!NT_STATUS_IS_OK(xconn->transport.status)) {
1079 /* avoid recursion */
1080 return 0;
1081 }
1082
1083 if (strncmp("::ffff:", addr, 7) == 0) {
1084 p = addr + 7;
1085 }
1086
1087 DEBUG(10, ("Got release IP message for %s, "
1088 "our address is %s\n", ip, p));
1089
1090 if ((strcmp(p, ip) == 0) || ((p != addr) && strcmp(addr, ip) == 0)) {
1091 DEBUG(0,("Got release IP message for our IP %s - exiting immediately\n",
1092 ip));
1093 /*
1094 * With SMB2 we should do a clean disconnect,
1095 * the previous_session_id in the session setup
1096 * will cleanup the old session, tcons and opens.
1097 *
1098 * A clean disconnect is needed in order to support
1099 * durable handles.
1100 *
1101 * Note: typically this is never triggered
1102 * as we got a TCP RST (triggered by ctdb event scripts)
1103 * before we get CTDB_SRVID_RELEASE_IP.
1104 *
1105 * We used to call _exit(1) here, but as this was mostly never
1106 * triggered and has implication on our process model,
1107 * we can just use smbd_server_connection_terminate()
1108 * (also for SMB1).
1109 *
1110 * We don't call smbd_server_connection_terminate() directly
1111 * as we might be called from within ctdbd_migrate(),
1112 * we need to defer our action to the next event loop
1113 */
1114 tevent_schedule_immediate(state->im,
1115 xconn->client->raw_ev_ctx,
1116 smbd_release_ip_immediate,
1117 state);
1118
1119 /*
1120 * Make sure we don't get any io on the connection.
1121 */
1122 xconn->transport.status = NT_STATUS_ADDRESS_CLOSED;
1123 return EADDRNOTAVAIL;
1124 }
1125
1126 return 0;
1127 }
1128
1129 static int match_cluster_movable_ip(uint32_t total_ip_count,
1130 const struct sockaddr_storage *ip,
1131 bool is_movable_ip,
1132 void *private_data)
1133 {
1134 const struct sockaddr_storage *srv = private_data;
1135 struct samba_sockaddr pub_ip = {
1136 .u = {
1137 .ss = *ip,
1138 },
1139 };
1140 struct samba_sockaddr srv_ip = {
1141 .u = {
1142 .ss = *srv,
1143 },
1144 };
1145
1146 if (is_movable_ip && sockaddr_equal(&pub_ip.u.sa, &srv_ip.u.sa)) {
1147 return EADDRNOTAVAIL;
1148 }
1149
1150 return 0;
1151 }
1152
1153 static NTSTATUS smbd_register_ips(struct smbXsrv_connection *xconn,
1154 struct sockaddr_storage *srv,
1155 struct sockaddr_storage *clnt)
1156 {
1157 struct smbd_release_ip_state *state;
1158 struct ctdbd_connection *cconn;
1159 int ret;
1160
1161 cconn = messaging_ctdb_connection();
1162 if (cconn == NULL) {
1163 return NT_STATUS_NO_MEMORY;
1164 }
1165
1166 state = talloc_zero(xconn, struct smbd_release_ip_state);
1167 if (state == NULL) {
1168 return NT_STATUS_NO_MEMORY;
1169 }
1170 state->xconn = xconn;
1171 state->im = tevent_create_immediate(state);
1172 if (state->im == NULL) {
1173 return NT_STATUS_NO_MEMORY;
1174 }
1175 state->srv = *srv;
1176 state->clnt = *clnt;
1177 if (print_sockaddr(state->addr, sizeof(state->addr), srv) == NULL) {
1178 return NT_STATUS_NO_MEMORY;
1179 }
1180
1181 if (xconn->client->server_multi_channel_enabled) {
1182 ret = ctdbd_public_ip_foreach(cconn,
1183 match_cluster_movable_ip,
1184 srv);
1185 if (ret == EADDRNOTAVAIL) {
1186 xconn->has_cluster_movable_ip = true;
1187 DBG_DEBUG("cluster movable IP on %s\n",
1188 smbXsrv_connection_dbg(xconn));
1189 } else if (ret != 0) {
1190 DBG_ERR("failed to iterate cluster IPs: %s\n",
1191 strerror(ret));
1192 return NT_STATUS_INTERNAL_ERROR;
1193 }
1194 }
1195
1196 ret = ctdbd_register_ips(cconn, srv, clnt, release_ip, state);
1197 if (ret != 0) {
1198 return map_nt_error_from_unix(ret);
1199 }
1200
1201 talloc_set_destructor(state, smbd_release_ip_state_destructor);
1202
1203 return NT_STATUS_OK;
1204 }
1205
1206 static int smbXsrv_connection_destructor(struct smbXsrv_connection *xconn)
1207 {
1208 DBG_DEBUG("xconn[%s]\n", smbXsrv_connection_dbg(xconn));
1209 return 0;
1210 }
1211
1212 NTSTATUS smbd_add_connection(struct smbXsrv_client *client, int sock_fd,
1213 NTTIME now, struct smbXsrv_connection **_xconn)
1214 {
1215 TALLOC_CTX *frame = talloc_stackframe();
1216 struct smbXsrv_connection *xconn;
1217 struct sockaddr_storage ss_srv;
1218 void *sp_srv = (void *)&ss_srv;
1219 struct sockaddr *sa_srv = (struct sockaddr *)sp_srv;
1220 struct sockaddr_storage ss_clnt;
1221 void *sp_clnt = (void *)&ss_clnt;
1222 struct sockaddr *sa_clnt = (struct sockaddr *)sp_clnt;
1223 socklen_t sa_socklen;
1224 struct tsocket_address *local_address = NULL;
1225 struct tsocket_address *remote_address = NULL;
1226 const char *remaddr = NULL;
1227 char *p;
1228 const char *rhost = NULL;
1229 int ret;
1230 int tmp;
1231
1232 *_xconn = NULL;
1233
1234 DO_PROFILE_INC(connect);
1235
1236 xconn = talloc_zero(client, struct smbXsrv_connection);
1237 if (xconn == NULL) {
1238 DEBUG(0,("talloc_zero(struct smbXsrv_connection)\n"));
1239 TALLOC_FREE(frame);
1240 return NT_STATUS_NO_MEMORY;
1241 }
1242 talloc_set_destructor(xconn, smbXsrv_connection_destructor);
1243 talloc_steal(frame, xconn);
1244 xconn->client = client;
1245 xconn->connect_time = now;
1246 if (client->next_channel_id != 0) {
1247 xconn->channel_id = client->next_channel_id++;
1248 }
1249
1250 xconn->transport.sock = sock_fd;
1251 #if defined(WITH_SMB1SERVER)
1252 smbd_echo_init(xconn);
1253 #endif
1254 xconn->protocol = PROTOCOL_NONE;
1255
1256 /* Ensure child is set to blocking mode */
1257 set_blocking(sock_fd,True);
1258
1259 set_socket_options(sock_fd, "SO_KEEPALIVE");
1260 set_socket_options(sock_fd, lp_socket_options());
1261
1262 sa_socklen = sizeof(ss_clnt);
1263 ret = getpeername(sock_fd, sa_clnt, &sa_socklen);
1264 if (ret != 0) {
1265 int saved_errno = errno;
1266 int level = (errno == ENOTCONN)?2:0;
1267 DEBUG(level,("getpeername() failed - %s\n",
1268 strerror(saved_errno)));
1269 TALLOC_FREE(frame);
1270 return map_nt_error_from_unix_common(saved_errno);
1271 }
1272 ret = tsocket_address_bsd_from_sockaddr(xconn,
1273 sa_clnt, sa_socklen,
1274 &remote_address);
1275 if (ret != 0) {
1276 int saved_errno = errno;
1277 DEBUG(0,("%s: tsocket_address_bsd_from_sockaddr remote failed - %s\n",
1278 __location__, strerror(saved_errno)));
1279 TALLOC_FREE(frame);
1280 return map_nt_error_from_unix_common(saved_errno);
1281 }
1282
1283 sa_socklen = sizeof(ss_srv);
1284 ret = getsockname(sock_fd, sa_srv, &sa_socklen);
1285 if (ret != 0) {
1286 int saved_errno = errno;
1287 int level = (errno == ENOTCONN)?2:0;
1288 DEBUG(level,("getsockname() failed - %s\n",
1289 strerror(saved_errno)));
1290 TALLOC_FREE(frame);
1291 return map_nt_error_from_unix_common(saved_errno);
1292 }
1293 ret = tsocket_address_bsd_from_sockaddr(xconn,
1294 sa_srv, sa_socklen,
1295 &local_address);
1296 if (ret != 0) {
1297 int saved_errno = errno;
1298 DEBUG(0,("%s: tsocket_address_bsd_from_sockaddr remote failed - %s\n",
1299 __location__, strerror(saved_errno)));
1300 TALLOC_FREE(frame);
1301 return map_nt_error_from_unix_common(saved_errno);
1302 }
1303
1304 if (tsocket_address_is_inet(remote_address, "ip")) {
1305 remaddr = tsocket_address_inet_addr_string(remote_address,
1306 talloc_tos());
1307 if (remaddr == NULL) {
1308 DEBUG(0,("%s: tsocket_address_inet_addr_string remote failed - %s\n",
1309 __location__, strerror(errno)));
1310 TALLOC_FREE(frame);
1311 return NT_STATUS_NO_MEMORY;
1312 }
1313 } else {
1314 remaddr = "0.0.0.0";
1315 }
1316
1317 /*
1318 * Before the first packet, check the global hosts allow/ hosts deny
1319 * parameters before doing any parsing of packets passed to us by the
1320 * client. This prevents attacks on our parsing code from hosts not in
1321 * the hosts allow list.
1322 */
1323
1324 ret = get_remote_hostname(remote_address,
1325 &p, talloc_tos());
1326 if (ret < 0) {
1327 int saved_errno = errno;
1328 DEBUG(0,("%s: get_remote_hostname failed - %s\n",
1329 __location__, strerror(saved_errno)));
1330 TALLOC_FREE(frame);
1331 return map_nt_error_from_unix_common(saved_errno);
1332 }
1333 rhost = p;
1334 if (strequal(rhost, "UNKNOWN")) {
1335 rhost = remaddr;
1336 }
1337
1338 xconn->local_address = local_address;
1339 xconn->remote_address = remote_address;
1340 xconn->remote_hostname = talloc_strdup(xconn, rhost);
1341 if (xconn->remote_hostname == NULL) {
1342 return NT_STATUS_NO_MEMORY;
1343 }
1344
1345 if (!srv_init_signing(xconn)) {
1346 DEBUG(0, ("Failed to init smb_signing\n"));
1347 TALLOC_FREE(frame);
1348 return NT_STATUS_INTERNAL_ERROR;
1349 }
1350
1351 if (!allow_access(lp_hosts_deny(-1), lp_hosts_allow(-1),
1352 xconn->remote_hostname,
1353 remaddr)) {
1354 DEBUG( 1, ("Connection denied from %s to %s\n",
1355 tsocket_address_string(remote_address, talloc_tos()),
1356 tsocket_address_string(local_address, talloc_tos())));
1357
1358 /*
1359 * We return a valid xconn
1360 * so that the caller can return an error message
1361 * to the client
1362 */
1363 DLIST_ADD_END(client->connections, xconn);
1364 talloc_steal(client, xconn);
1365
1366 *_xconn = xconn;
1367 TALLOC_FREE(frame);
1368 return NT_STATUS_NETWORK_ACCESS_DENIED;
1369 }
1370
1371 DEBUG(10, ("Connection allowed from %s to %s\n",
1372 tsocket_address_string(remote_address, talloc_tos()),
1373 tsocket_address_string(local_address, talloc_tos())));
1374
1375 if (lp_clustering()) {
1376 /*
1377 * We need to tell ctdb about our client's TCP
1378 * connection, so that for failover ctdbd can send
1379 * tickle acks, triggering a reconnection by the
1380 * client.
1381 */
1382 NTSTATUS status;
1383
1384 status = smbd_register_ips(xconn, &ss_srv, &ss_clnt);
1385 if (!NT_STATUS_IS_OK(status)) {
1386 DEBUG(0, ("ctdbd_register_ips failed: %s\n",
1387 nt_errstr(status)));
1388 }
1389 }
1390
1391 tmp = lp_max_xmit();
1392 tmp = MAX(tmp, SMB_BUFFER_SIZE_MIN);
1393 tmp = MIN(tmp, SMB_BUFFER_SIZE_MAX);
1394
1395 #if defined(WITH_SMB1SERVER)
1396 xconn->smb1.negprot.max_recv = tmp;
1397
1398 xconn->smb1.sessions.done_sesssetup = false;
1399 xconn->smb1.sessions.max_send = SMB_BUFFER_SIZE_MAX;
1400 #endif
1401
1402 xconn->transport.fde = tevent_add_fd(client->raw_ev_ctx,
1403 xconn,
1404 sock_fd,
1405 TEVENT_FD_READ,
1406 smbd_server_connection_handler,
1407 xconn);
1408 if (!xconn->transport.fde) {
1409 TALLOC_FREE(frame);
1410 return NT_STATUS_NO_MEMORY;
1411 }
1412 tevent_fd_set_auto_close(xconn->transport.fde);
1413
1414 /* for now we only have one connection */
1415 DLIST_ADD_END(client->connections, xconn);
1416 talloc_steal(client, xconn);
1417
1418 *_xconn = xconn;
1419 TALLOC_FREE(frame);
1420 return NT_STATUS_OK;
1421 }
1422
1423 static bool uid_in_use(struct auth_session_info *session_info,
1424 uid_t uid)
1425 {
1426 if (session_info->unix_token->uid == uid) {
1427 return true;
1428 }
1429 return false;
1430 }
1431
1432 static bool gid_in_use(struct auth_session_info *session_info,
1433 gid_t gid)
1434 {
1435 uint32_t i;
1436 struct security_unix_token *utok = NULL;
1437
1438 utok = session_info->unix_token;
1439 if (utok->gid == gid) {
1440 return true;
1441 }
1442
1443 for(i = 0; i < utok->ngroups; i++) {
1444 if (utok->groups[i] == gid) {
1445 return true;
1446 }
1447 }
1448 return false;
1449 }
1450
1451 static bool sid_in_use(struct auth_session_info *session_info,
1452 const struct dom_sid *psid)
1453 {
1454 struct security_token *tok = NULL;
1455
1456 tok = session_info->security_token;
1457 if (tok == NULL) {
1458 /*
1459 * Not sure session_info->security_token can
1460 * ever be NULL. This check might be not
1461 * necessary.
1462 */
1463 return false;
1464 }
1465 if (security_token_has_sid(tok, psid)) {
1466 return true;
1467 }
1468 return false;
1469 }
1470
1471 struct id_in_use_state {
1472 const struct id_cache_ref *id;
1473 bool match;
1474 };
1475
1476 static int id_in_use_cb(struct smbXsrv_session *session,
1477 void *private_data)
1478 {
1479 struct id_in_use_state *state = (struct id_in_use_state *)
1480 private_data;
1481 struct auth_session_info *session_info =
1482 session->global->auth_session_info;
1483
1484 switch(state->id->type) {
1485 case UID:
1486 state->match = uid_in_use(session_info, state->id->id.uid);
1487 break;
1488 case GID:
1489 state->match = gid_in_use(session_info, state->id->id.gid);
1490 break;
1491 case SID:
1492 state->match = sid_in_use(session_info, &state->id->id.sid);
1493 break;
1494 default:
1495 state->match = false;
1496 break;
1497 }
1498 if (state->match) {
1499 return -1;
1500 }
1501 return 0;
1502 }
1503
1504 static bool id_in_use(struct smbd_server_connection *sconn,
1505 const struct id_cache_ref *id)
1506 {
1507 struct id_in_use_state state;
1508 NTSTATUS status;
1509
1510 state = (struct id_in_use_state) {
1511 .id = id,
1512 .match = false,
1513 };
1514
1515 status = smbXsrv_session_local_traverse(sconn->client,
1516 id_in_use_cb,
1517 &state);
1518 if (!NT_STATUS_IS_OK(status)) {
1519 return false;
1520 }
1521
1522 return state.match;
1523 }
1524
1525 /****************************************************************************
1526 Check if services need reloading.
1527 ****************************************************************************/
1528
1529 static void check_reload(struct smbd_server_connection *sconn, time_t t)
1530 {
1531
1532 if (last_smb_conf_reload_time == 0) {
1533 last_smb_conf_reload_time = t;
1534 }
1535
1536 if (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK) {
1537 reload_services(sconn, conn_snum_used, true);
1538 last_smb_conf_reload_time = t;
1539 }
1540 }
1541
1542 static void msg_kill_client_ip(struct messaging_context *msg_ctx,
1543 void *private_data, uint32_t msg_type,
1544 struct server_id server_id, DATA_BLOB *data)
1545 {
1546 struct smbd_server_connection *sconn = talloc_get_type_abort(
1547 private_data, struct smbd_server_connection);
1548 const char *ip = (char *) data->data;
1549 char *client_ip;
1550
1551 DBG_DEBUG("Got kill request for client IP %s\n", ip);
1552
1553 client_ip = tsocket_address_inet_addr_string(sconn->remote_address,
1554 talloc_tos());
1555 if (client_ip == NULL) {
1556 return;
1557 }
1558
1559 if (strequal(ip, client_ip)) {
1560 DBG_WARNING("Got kill client message for %s - "
1561 "exiting immediately\n", ip);
1562 exit_server_cleanly("Forced disconnect for client");
1563 }
1564
1565 TALLOC_FREE(client_ip);
1566 }
1567
1568 static void msg_kill_client_with_server_ip(struct messaging_context *msg_ctx,
1569 void *private_data,
1570 uint32_t msg_type,
1571 struct server_id server_id,
1572 DATA_BLOB *data)
1573 {
1574 struct smbd_server_connection *sconn = talloc_get_type_abort(
1575 private_data, struct smbd_server_connection);
1576 const char *ip = (char *) data->data;
1577 char *server_ip = NULL;
1578 TALLOC_CTX *ctx = NULL;
1579
1580 DBG_NOTICE("Got kill request for source IP %s\n", ip);
1581 ctx = talloc_stackframe();
1582
1583 server_ip = tsocket_address_inet_addr_string(sconn->local_address, ctx);
1584 if (server_ip == NULL) {
1585 goto out_free;
1586 }
1587
1588 if (strequal(ip, server_ip)) {
1589 DBG_NOTICE(
1590 "Got ip dropped message for %s - exiting immediately\n",
1591 ip);
1592 TALLOC_FREE(ctx);
1593 exit_server_cleanly("Forced disconnect for client");
1594 }
1595
1596 out_free:
1597 TALLOC_FREE(ctx);
1598 }
1599
1600 /*
1601 * Do the recurring check if we're idle
1602 */
1603 static bool deadtime_fn(const struct timeval *now, void *private_data)
1604 {
1605 struct smbd_server_connection *sconn =
1606 (struct smbd_server_connection *)private_data;
1607
1608 if ((conn_num_open(sconn) == 0)
1609 || (conn_idle_all(sconn, now->tv_sec))) {
1610 DEBUG( 2, ( "Closing idle connection\n" ) );
1611 messaging_send(sconn->msg_ctx,
1612 messaging_server_id(sconn->msg_ctx),
1613 MSG_SHUTDOWN, &data_blob_null);
1614 return False;
1615 }
1616
1617 return True;
1618 }
1619
1620 /*
1621 * Do the recurring log file and smb.conf reload checks.
1622 */
1623
1624 static bool housekeeping_fn(const struct timeval *now, void *private_data)
1625 {
1626 struct smbd_server_connection *sconn = talloc_get_type_abort(
1627 private_data, struct smbd_server_connection);
1628
1629 DEBUG(5, ("housekeeping\n"));
1630
1631 change_to_root_user();
1632
1633 /* check if we need to reload services */
1634 check_reload(sconn, time_mono(NULL));
1635
1636 /*
1637 * Force a log file check.
1638 */
1639 force_check_log_size();
1640 check_log_size();
1641 return true;
1642 }
1643
1644 static void smbd_sig_term_handler(struct tevent_context *ev,
1645 struct tevent_signal *se,
1646 int signum,
1647 int count,
1648 void *siginfo,
1649 void *private_data)
1650 {
1651 exit_server_cleanly("termination signal");
1652 }
1653
1654 static void smbd_setup_sig_term_handler(struct smbd_server_connection *sconn)
1655 {
1656 struct tevent_signal *se;
1657
1658 se = tevent_add_signal(sconn->ev_ctx,
1659 sconn,
1660 SIGTERM, 0,
1661 smbd_sig_term_handler,
1662 sconn);
1663 if (!se) {
1664 exit_server("failed to setup SIGTERM handler");
1665 }
1666 }
1667
1668 static void smbd_sig_hup_handler(struct tevent_context *ev,
1669 struct tevent_signal *se,
1670 int signum,
1671 int count,
1672 void *siginfo,
1673 void *private_data)
1674 {
1675 struct smbd_server_connection *sconn =
1676 talloc_get_type_abort(private_data,
1677 struct smbd_server_connection);
1678
1679 change_to_root_user();
1680 DBG_NOTICE("Reloading services after SIGHUP\n");
1681 reload_services(sconn, conn_snum_used, false);
1682 }
1683
1684 static void smbd_setup_sig_hup_handler(struct smbd_server_connection *sconn)
1685 {
1686 struct tevent_signal *se;
1687
1688 se = tevent_add_signal(sconn->ev_ctx,
1689 sconn,
1690 SIGHUP, 0,
1691 smbd_sig_hup_handler,
1692 sconn);
1693 if (!se) {
1694 exit_server("failed to setup SIGHUP handler");
1695 }
1696 }
1697
1698 static void smbd_conf_updated(struct messaging_context *msg,
1699 void *private_data,
1700 uint32_t msg_type,
1701 struct server_id server_id,
1702 DATA_BLOB *data)
1703 {
1704 struct smbd_server_connection *sconn =
1705 talloc_get_type_abort(private_data,
1706 struct smbd_server_connection);
1707
1708 DEBUG(10,("smbd_conf_updated: Got message saying smb.conf was "
1709 "updated. Reloading.\n"));
1710 change_to_root_user();
1711 reload_services(sconn, conn_snum_used, false);
1712 }
1713
1714 static void smbd_id_cache_kill(struct messaging_context *msg_ctx,
1715 void *private_data,
1716 uint32_t msg_type,
1717 struct server_id server_id,
1718 DATA_BLOB* data)
1719 {
1720 const char *msg = (data && data->data)
1721 ? (const char *)data->data : "<NULL>";
1722 struct id_cache_ref id;
1723 struct smbd_server_connection *sconn =
1724 talloc_get_type_abort(private_data,
1725 struct smbd_server_connection);
1726
1727 if (!id_cache_ref_parse(msg, &id)) {
1728 DEBUG(0, ("Invalid ?ID: %s\n", msg));
1729 return;
1730 }
1731
1732 if (id_in_use(sconn, &id)) {
1733 exit_server_cleanly(msg);
1734 }
1735 id_cache_delete_from_cache(&id);
1736 }
1737
1738 struct smbd_tevent_trace_state {
1739 struct tevent_context *ev;
1740 TALLOC_CTX *frame;
1741 SMBPROFILE_BASIC_ASYNC_STATE(profile_idle);
1742 struct timeval before_wait_tv;
1743 struct timeval after_wait_tv;
1744 };
1745
1746 static inline void smbd_tevent_trace_callback_before_wait(
1747 struct smbd_tevent_trace_state *state)
1748 {
1749 struct timeval now = timeval_current();
1750 struct timeval diff;
1751
1752 diff = tevent_timeval_until(&state->after_wait_tv, &now);
1753 if (diff.tv_sec > 3) {
1754 DBG_ERR("Handling event took %ld seconds!\n", (long)diff.tv_sec);
1755 }
1756 state->before_wait_tv = now;
1757 }
1758
1759 static inline void smbd_tevent_trace_callback_after_wait(
1760 struct smbd_tevent_trace_state *state)
1761 {
1762 struct timeval now = timeval_current();
1763 struct timeval diff;
1764
1765 diff = tevent_timeval_until(&state->before_wait_tv, &now);
1766 if (diff.tv_sec > 30) {
1767 DBG_NOTICE("No event for %ld seconds!\n", (long)diff.tv_sec);
1768 }
1769 state->after_wait_tv = now;
1770 }
1771
1772 static inline void smbd_tevent_trace_callback_before_loop_once(
1773 struct smbd_tevent_trace_state *state)
1774 {
1775 talloc_free(state->frame);
1776 state->frame = talloc_stackframe_pool(8192);
1777 }
1778
1779 static inline void smbd_tevent_trace_callback_after_loop_once(
1780 struct smbd_tevent_trace_state *state)
1781 {
1782 TALLOC_FREE(state->frame);
1783 }
1784
1785 static void smbd_tevent_trace_callback(enum tevent_trace_point point,
1786 void *private_data)
1787 {
1788 struct smbd_tevent_trace_state *state =
1789 (struct smbd_tevent_trace_state *)private_data;
1790
1791 switch (point) {
1792 case TEVENT_TRACE_BEFORE_WAIT:
1793 break;
1794 case TEVENT_TRACE_AFTER_WAIT:
1795 break;
1796 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1797 smbd_tevent_trace_callback_before_loop_once(state);
1798 break;
1799 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1800 smbd_tevent_trace_callback_after_loop_once(state);
1801 break;
1802 }
1803
1804 errno = 0;
1805 }
1806
1807 static void smbd_tevent_trace_callback_debug(enum tevent_trace_point point,
1808 void *private_data)
1809 {
1810 struct smbd_tevent_trace_state *state =
1811 (struct smbd_tevent_trace_state *)private_data;
1812
1813 switch (point) {
1814 case TEVENT_TRACE_BEFORE_WAIT:
1815 smbd_tevent_trace_callback_before_wait(state);
1816 break;
1817 case TEVENT_TRACE_AFTER_WAIT:
1818 smbd_tevent_trace_callback_after_wait(state);
1819 break;
1820 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1821 smbd_tevent_trace_callback_before_loop_once(state);
1822 break;
1823 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1824 smbd_tevent_trace_callback_after_loop_once(state);
1825 break;
1826 }
1827
1828 errno = 0;
1829 }
1830
1831 static void smbd_tevent_trace_callback_profile(enum tevent_trace_point point,
1832 void *private_data)
1833 {
1834 struct smbd_tevent_trace_state *state =
1835 (struct smbd_tevent_trace_state *)private_data;
1836
1837 switch (point) {
1838 case TEVENT_TRACE_BEFORE_WAIT:
1839 smbd_tevent_trace_callback_before_wait(state);
1840 if (!smbprofile_dump_pending()) {
1841 /*
1842 * If there's no dump pending
1843 * we don't want to schedule a new 1 sec timer.
1844 *
1845 * Instead we want to sleep as long as nothing happens.
1846 */
1847 smbprofile_dump_setup(NULL);
1848 }
1849 SMBPROFILE_BASIC_ASYNC_START(idle, profile_p, state->profile_idle);
1850 break;
1851 case TEVENT_TRACE_AFTER_WAIT:
1852 smbd_tevent_trace_callback_after_wait(state);
1853 SMBPROFILE_BASIC_ASYNC_END(state->profile_idle);
1854 if (!smbprofile_dump_pending()) {
1855 /*
1856 * We need to flush our state after sleeping
1857 * (hopefully a long time).
1858 */
1859 smbprofile_dump();
1860 /*
1861 * future profiling events should trigger timers
1862 * on our main event context.
1863 */
1864 smbprofile_dump_setup(state->ev);
1865 }
1866 break;
1867 case TEVENT_TRACE_BEFORE_LOOP_ONCE:
1868 smbd_tevent_trace_callback_before_loop_once(state);
1869 break;
1870 case TEVENT_TRACE_AFTER_LOOP_ONCE:
1871 smbd_tevent_trace_callback_after_loop_once(state);
1872 break;
1873 }
1874
1875 errno = 0;
1876 }
1877
1878 /****************************************************************************
1879 Process commands from the client
1880 ****************************************************************************/
1881
1882 void smbd_process(struct tevent_context *ev_ctx,
1883 struct messaging_context *msg_ctx,
1884 int sock_fd,
1885 bool interactive)
1886 {
1887 const struct loadparm_substitution *lp_sub =
1888 loadparm_s3_global_substitution();
1889 struct smbXsrv_client *client = NULL;
1890 struct smbd_server_connection *sconn = NULL;
1891 struct smbXsrv_connection *xconn = NULL;
1892 const char *locaddr = NULL;
1893 const char *remaddr = NULL;
1894 int ret;
1895 NTSTATUS status;
1896 struct timeval tv = timeval_current();
1897 struct smbd_tevent_trace_state trace_state = {
1898 .ev = ev_ctx,
1899 .frame = talloc_stackframe(),
1900 .before_wait_tv = tv,
1901 .after_wait_tv = tv,
1902 };
1903 bool debug = lp_parm_bool(GLOBAL_SECTION_SNUM,
1904 "smbd",
1905 "debug events",
1906 CHECK_DEBUGLVL(DBGLVL_DEBUG));
1907 NTTIME now = timeval_to_nttime(&tv);
1908 char *chroot_dir = NULL;
1909 int rc;
1910
1911 status = smbXsrv_client_create(ev_ctx, ev_ctx, msg_ctx, now, &client);
1912 if (!NT_STATUS_IS_OK(status)) {
1913 DBG_ERR("smbXsrv_client_create(): %s\n", nt_errstr(status));
1914 exit_server_cleanly("talloc_zero(struct smbXsrv_client).\n");
1915 }
1916
1917 /*
1918 * TODO: remove this...:-)
1919 */
1920 global_smbXsrv_client = client;
1921
1922 sconn = talloc_zero(client, struct smbd_server_connection);
1923 if (sconn == NULL) {
1924 exit_server("failed to create smbd_server_connection");
1925 }
1926
1927 client->sconn = sconn;
1928 sconn->client = client;
1929
1930 sconn->ev_ctx = ev_ctx;
1931 sconn->msg_ctx = msg_ctx;
1932
1933 ret = pthreadpool_tevent_init(sconn, lp_aio_max_threads(),
1934 &sconn->pool);
1935 if (ret != 0) {
1936 exit_server("pthreadpool_tevent_init() failed.");
1937 }
1938
1939 if (!interactive) {
1940 smbd_setup_sig_term_handler(sconn);
1941 smbd_setup_sig_hup_handler(sconn);
1942 }
1943
1944 status = smbd_add_connection(client, sock_fd, now, &xconn);
1945 if (NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_ACCESS_DENIED)) {
1946 /*
1947 * send a negative session response "not listening on calling
1948 * name"
1949 */
1950 unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
1951 (void)smb1_srv_send(xconn, (char *)buf, false, 0, false);
1952 exit_server_cleanly("connection denied");
1953 } else if (!NT_STATUS_IS_OK(status)) {
1954 exit_server_cleanly(nt_errstr(status));
1955 }
1956
1957 sconn->local_address =
1958 tsocket_address_copy(xconn->local_address, sconn);
1959 if (sconn->local_address == NULL) {
1960 exit_server_cleanly("tsocket_address_copy() failed");
1961 }
1962 sconn->remote_address =
1963 tsocket_address_copy(xconn->remote_address, sconn);
1964 if (sconn->remote_address == NULL) {
1965 exit_server_cleanly("tsocket_address_copy() failed");
1966 }
1967 sconn->remote_hostname =
1968 talloc_strdup(sconn, xconn->remote_hostname);
1969 if (sconn->remote_hostname == NULL) {
1970 exit_server_cleanly("tsocket_strdup() failed");
1971 }
1972
1973 client->global->local_address =
1974 tsocket_address_string(sconn->local_address,
1975 client->global);
1976 if (client->global->local_address == NULL) {
1977 exit_server_cleanly("tsocket_address_string() failed");
1978 }
1979 client->global->remote_address =
1980 tsocket_address_string(sconn->remote_address,
1981 client->global);
1982 if (client->global->remote_address == NULL) {
1983 exit_server_cleanly("tsocket_address_string() failed");
1984 }
1985 client->global->remote_name =
1986 talloc_strdup(client->global, sconn->remote_hostname);
1987 if (client->global->remote_name == NULL) {
1988 exit_server_cleanly("tsocket_strdup() failed");
1989 }
1990
1991 if (tsocket_address_is_inet(sconn->local_address, "ip")) {
1992 locaddr = tsocket_address_inet_addr_string(
1993 sconn->local_address,
1994 talloc_tos());
1995 if (locaddr == NULL) {
1996 DEBUG(0,("%s: tsocket_address_inet_addr_string remote failed - %s\n",
1997 __location__, strerror(errno)));
1998 exit_server_cleanly("tsocket_address_inet_addr_string remote failed.\n");
1999 }
2000 } else {
2001 locaddr = "0.0.0.0";
2002 }
2003
2004 if (tsocket_address_is_inet(sconn->remote_address, "ip")) {
2005 remaddr = tsocket_address_inet_addr_string(
2006 sconn->remote_address,
2007 talloc_tos());
2008 if (remaddr == NULL) {
2009 DEBUG(0,("%s: tsocket_address_inet_addr_string remote failed - %s\n",
2010 __location__, strerror(errno)));
2011 exit_server_cleanly("tsocket_address_inet_addr_string remote failed.\n");
2012 }
2013 } else {
2014 remaddr = "0.0.0.0";
2015 }
2016
2017 /* this is needed so that we get decent entries
2018 in smbstatus for port 445 connects */
2019 set_remote_machine_name(remaddr, false);
2020 reload_services(sconn, conn_snum_used, true);
2021 sub_set_socket_ids(remaddr,
2022 sconn->remote_hostname,
2023 locaddr);
2024
2025 if (lp_preload_modules()) {
2026 smb_load_all_modules_absoute_path(lp_preload_modules());
2027 }
2028
2029 if (!init_account_policy()) {
2030 exit_server("Could not open account policy tdb.\n");
2031 }
2032
2033 chroot_dir = lp_root_directory(talloc_tos(), lp_sub);
2034 if (chroot_dir[0] != '\0') {
2035 rc = chdir(chroot_dir);
2036 if (rc != 0) {
2037 DBG_ERR("Failed to chdir to %s\n", chroot_dir);
2038 exit_server("Failed to chdir()");
2039 }
2040
2041 rc = chroot(chroot_dir);
2042 if (rc != 0) {
2043 DBG_ERR("Failed to change root to %s\n", chroot_dir);
2044 exit_server("Failed to chroot()");
2045 }
2046 DBG_WARNING("Changed root to %s\n", chroot_dir);
2047
2048 TALLOC_FREE(chroot_dir);
2049 }
2050
2051 if (!file_init(sconn)) {
2052 exit_server("file_init() failed");
2053 }
2054
2055 /* Setup oplocks */
2056 if (!init_oplocks(sconn))
2057 exit_server("Failed to init oplocks");
2058
2059 /* register our message handlers */
2060 messaging_register(sconn->msg_ctx, sconn,
2061 MSG_SMB_FORCE_TDIS, msg_force_tdis);
2062 messaging_register(
2063 sconn->msg_ctx,
2064 sconn,
2065 MSG_SMB_FORCE_TDIS_DENIED,
2066 msg_force_tdis_denied);
2067 messaging_register(sconn->msg_ctx, sconn,
2068 MSG_SMB_CLOSE_FILE, msg_close_file);
2069 messaging_register(sconn->msg_ctx, sconn,
2070 MSG_SMB_FILE_RENAME, msg_file_was_renamed);
2071
2072 id_cache_register_msgs(sconn->msg_ctx);
2073 messaging_deregister(sconn->msg_ctx, ID_CACHE_KILL, NULL);
2074 messaging_register(sconn->msg_ctx, sconn,
2075 ID_CACHE_KILL, smbd_id_cache_kill);
2076
2077 messaging_deregister(sconn->msg_ctx,
2078 MSG_SMB_CONF_UPDATED, sconn->ev_ctx);
2079 messaging_register(sconn->msg_ctx, sconn,
2080 MSG_SMB_CONF_UPDATED, smbd_conf_updated);
2081
2082 messaging_deregister(sconn->msg_ctx, MSG_SMB_KILL_CLIENT_IP,
2083 NULL);
2084 messaging_register(sconn->msg_ctx, sconn,
2085 MSG_SMB_KILL_CLIENT_IP,
2086 msg_kill_client_ip);
2087
2088 messaging_deregister(sconn->msg_ctx, MSG_SMB_TELL_NUM_CHILDREN, NULL);
2089
2090 /*
2091 * Use the default MSG_DEBUG handler to avoid rebroadcasting
2092 * MSGs to all child processes
2093 */
2094 messaging_deregister(sconn->msg_ctx,
2095 MSG_DEBUG, NULL);
2096 messaging_register(sconn->msg_ctx, NULL,
2097 MSG_DEBUG, debug_message);
2098
2099 messaging_deregister(sconn->msg_ctx, MSG_SMB_IP_DROPPED, NULL);
2100 messaging_register(sconn->msg_ctx,
2101 sconn,
2102 MSG_SMB_IP_DROPPED,
2103 msg_kill_client_with_server_ip);
2104
2105 #if defined(WITH_SMB1SERVER)
2106 if ((lp_keepalive() != 0) &&
2107 !(event_add_idle(ev_ctx,
2108 NULL,
2109 tevent_timeval_set(lp_keepalive(), 0),
2110 "keepalive",
2111 keepalive_fn,
2112 sconn)))
2113 {
2114 DEBUG(0, ("Could not add keepalive event\n"));
2115 exit(1);
2116 }
2117 #endif
2118
2119 if (!(event_add_idle(ev_ctx,
2120 NULL,
2121 tevent_timeval_set(IDLE_CLOSED_TIMEOUT, 0),
2122 "deadtime",
2123 deadtime_fn,
2124 sconn)))
2125 {
2126 DEBUG(0, ("Could not add deadtime event\n"));
2127 exit(1);
2128 }
2129
2130 if (!(event_add_idle(ev_ctx,
2131 NULL,
2132 tevent_timeval_set(SMBD_HOUSEKEEPING_INTERVAL, 0),
2133 "housekeeping",
2134 housekeeping_fn,
2135 sconn)))
2136 {
2137 DEBUG(0, ("Could not add housekeeping event\n"));
2138 exit(1);
2139 }
2140
2141 smbprofile_dump_setup(ev_ctx);
2142
2143 if (!init_dptrs(sconn)) {
2144 exit_server("init_dptrs() failed");
2145 }
2146
2147 TALLOC_FREE(trace_state.frame);
2148
2149 if (smbprofile_active()) {
2150 tevent_set_trace_callback(ev_ctx,
2151 smbd_tevent_trace_callback_profile,
2152 &trace_state);
2153 } else if (debug) {
2154 tevent_set_trace_callback(ev_ctx,
2155 smbd_tevent_trace_callback_debug,
2156 &trace_state);
2157 } else {
2158 tevent_set_trace_callback(ev_ctx,
2159 smbd_tevent_trace_callback,
2160 &trace_state);
2161 }
2162
2163 ret = tevent_loop_wait(ev_ctx);
2164 if (ret != 0) {
2165 DEBUG(1, ("tevent_loop_wait failed: %d, %s,"
2166 " exiting\n", ret, strerror(errno)));
2167 }
2168
2169 TALLOC_FREE(trace_state.frame);
2170
2171 exit_server_cleanly(NULL);
2172 }
GSS-enabled samba4