2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
13 * Copyright 2015 Nexenta Systems, Inc. All rights reserved.
17 * This is the named pipe service for smbd.
20 #include <sys/types.h>
34 #include <smbsrv/libsmb.h>
35 #include <smbsrv/libmlsvc.h>
36 #include <smbsrv/smb_xdr.h>
39 struct pipe_listener
{
47 static void *pipesvc_listener(void *);
48 static void *pipesvc_worker(void *);
49 static int pipe_send(ndr_pipe_t
*, void *, size_t);
50 static int pipe_recv(ndr_pipe_t
*, void *, size_t);
52 mutex_t pipesvc_mutex
= DEFAULTMUTEX
;
53 int pipesvc_workers_max
= 500;
54 int pipesvc_workers_cur
= 0;
56 uint16_t pipe_max_msgsize
= SMB_PIPE_MAX_MSGSIZE
;
59 * Allow more opens on SRVSVC because that's used by many clients
60 * to get the share list, etc.
62 #define SRVSVC_MAX_OPENS 200
63 #define DEF_MAX_OPENS 50
66 static struct pipe_listener
67 pipe_listeners
[NLISTENERS
] = {
68 { "eventlog", DEF_MAX_OPENS
, 0, 0 },
69 { "lsarpc", DEF_MAX_OPENS
, 0, 0 },
70 { "lsass", DEF_MAX_OPENS
, 0, 0 },
71 { "netdfs", DEF_MAX_OPENS
, 0, 0 },
72 { "netlogon", DEF_MAX_OPENS
, 0, 0 },
73 { "samr", DEF_MAX_OPENS
, 0, 0 },
74 { "spoolss", DEF_MAX_OPENS
, 0, 0 },
75 { "srvsvc", SRVSVC_MAX_OPENS
, 0, 0 },
76 { "svcctl", DEF_MAX_OPENS
, 0, 0 },
77 { "winreg", DEF_MAX_OPENS
, 0, 0 },
78 { "wkssvc", DEF_MAX_OPENS
, 0, 0 },
82 np_new(struct pipe_listener
*pl
, int fid
)
88 * Allocating ndr_pipe_t + smb_netuserinfo_t as one.
89 * We could just make that part of ndr_pipe_t, but
90 * that struct is opaque to libmlrpc.
92 len
= sizeof (*np
) + sizeof (smb_netuserinfo_t
);
99 np
->np_endpoint
= pl
->name
;
100 np
->np_user
= (void*)(np
+ 1);
101 np
->np_send
= pipe_send
;
102 np
->np_recv
= pipe_recv
;
104 np
->np_max_xmit_frag
= pipe_max_msgsize
;
105 np
->np_max_recv_frag
= pipe_max_msgsize
;
111 np_free(ndr_pipe_t
*np
)
113 (void) close(np
->np_fid
);
118 * Create the smbd opipe door service.
119 * Returns the door descriptor on success. Otherwise returns -1.
122 smbd_pipesvc_start(void)
125 pthread_attr_t tattr
;
126 struct pipe_listener
*pl
;
129 if (mlsvc_init() != 0) {
130 smbd_report("msrpc initialization failed");
134 (void) pthread_attr_init(&tattr
);
135 (void) pthread_attr_setdetachstate(&tattr
, PTHREAD_CREATE_DETACHED
);
137 for (i
= 0; i
< NLISTENERS
; i
++) {
138 pl
= &pipe_listeners
[i
];
141 if (strcasecmp(pl
->name
, "spoolss") == 0 &&
142 smb_config_getbool(SMB_CI_PRINT_ENABLE
) == B_FALSE
)
145 rc
= pthread_create(&tid
, &tattr
, pipesvc_listener
, pl
);
148 pipe_listeners
[i
].tid
= tid
;
152 smbd_report("pipesvc pthread_create, %d", rc
);
155 (void) pthread_attr_destroy(&tattr
);
161 smbd_pipesvc_stop(void)
165 (void) mutex_lock(&pipesvc_mutex
);
166 for (i
= 0; i
< NLISTENERS
; i
++) {
167 if (pipe_listeners
[i
].tid
== 0)
169 (void) pthread_kill(pipe_listeners
[i
].tid
, SIGTERM
);
170 pipe_listeners
[i
].tid
= 0;
172 (void) mutex_unlock(&pipesvc_mutex
);
176 pipesvc_listener(void *varg
)
178 struct sockaddr_un sa
;
179 int err
, listen_fd
, newfd
, snlen
;
180 struct pipe_listener
*pl
= varg
;
185 listen_fd
= socket(AF_UNIX
, SOCK_STREAM
, 0);
187 smbd_report("pipesvc_listener, so_create: %d", errno
);
191 bzero(&sa
, sizeof (sa
));
192 sa
.sun_family
= AF_UNIX
;
193 (void) snprintf(sa
.sun_path
, sizeof (sa
.sun_path
),
194 "%s/%s", SMB_PIPE_DIR
, pl
->name
);
196 /* Bind it to a listening name. */
197 (void) unlink(sa
.sun_path
);
198 if (bind(listen_fd
, (struct sockaddr
*)&sa
, sizeof (sa
)) < 0) {
199 smbd_report("pipesvc_listener, so_bind: %d", errno
);
200 (void) close(listen_fd
);
204 if (listen(listen_fd
, SOMAXCONN
) < 0) {
205 smbd_report("pipesvc_listener, listen: %d", errno
);
206 (void) close(listen_fd
);
213 newfd
= accept(listen_fd
, (struct sockaddr
*)&sa
, &snlen
);
220 /* normal termination */
223 smbd_report("pipesvc_listener, "
224 "accept failed: %d", errno
);
226 smbd_report("pipesvc_listener, accept: %d", err
);
230 np
= np_new(pl
, newfd
);
232 smbd_report("pipesvc_listener, alloc1 failed");
237 rc
= pthread_create(&tid
, NULL
, pipesvc_worker
, np
);
239 smbd_report("pipesvc_listener, pthread_create: %d",
244 (void) pthread_detach(tid
);
246 /* Note: np_free in pipesvc_worker */
251 (void) close(listen_fd
);
257 pipesvc_worker(void *varg
)
261 ndr_pipe_t
*np
= varg
;
262 struct pipe_listener
*pl
= np
->np_listener
;
267 (void) mutex_lock(&pipesvc_mutex
);
268 if (pipesvc_workers_cur
>= pipesvc_workers_max
||
269 pl
->current
>= pl
->max_allowed
) {
270 (void) mutex_unlock(&pipesvc_mutex
);
271 status
= NT_STATUS_PIPE_NOT_AVAILABLE
;
272 (void) send(np
->np_fid
, &status
, sizeof (status
), 0);
275 pipesvc_workers_cur
++;
277 if (pl
->max_seen
< pl
->current
)
278 pl
->max_seen
= pl
->current
;
279 (void) mutex_unlock(&pipesvc_mutex
);
282 * The smbsrv kmod sends us one initial message containing an
283 * XDR encoded smb_netuserinfo_t that we read and decode here,
284 * all unbeknownst to libmlrpc.
286 * Might be nice to enhance getpeerucred() so it can give us
287 * all the info smb_netuserinfo_t carries, and then use that,
288 * which would allow using a more generic RPC service.
290 rc
= pipe_recv(np
, &phdr
, sizeof (phdr
));
292 smbd_report("pipesvc_worker, recv1: %d", rc
);
295 if (phdr
.ph_magic
!= SMB_PIPE_HDR_MAGIC
||
296 phdr
.ph_uilen
> 8192) {
297 smbd_report("pipesvc_worker, bad hdr");
300 buf
= malloc(phdr
.ph_uilen
);
302 smbd_report("pipesvc_worker, alloc1 failed");
305 rc
= pipe_recv(np
, buf
, phdr
.ph_uilen
);
307 smbd_report("pipesvc_worker, recv2: %d", rc
);
311 xdrmem_create(&xdrs
, buf
, phdr
.ph_uilen
, XDR_DECODE
);
312 if (!smb_netuserinfo_xdr(&xdrs
, np
->np_user
)) {
313 smbd_report("pipesvc_worker, bad uinfo");
318 * Later, could disallow opens of some pipes by
319 * anonymous users, etc. For now, reply "OK".
322 rc
= pipe_send(np
, &status
, sizeof (status
));
324 smbd_report("pipesvc_worker, send1: %d", rc
);
329 * Run the RPC service loop worker, which
330 * returns when it sees the pipe close.
334 xdrs
.x_op
= XDR_FREE
;
335 (void) smb_netuserinfo_xdr(&xdrs
, np
->np_user
);
342 (void) mutex_lock(&pipesvc_mutex
);
343 pipesvc_workers_cur
--;
345 (void) mutex_unlock(&pipesvc_mutex
);
348 /* Cleanup what came in by varg. */
349 (void) shutdown(np
->np_fid
, SHUT_RDWR
);
355 * These are the transport get/put callback functions provided
356 * via the ndr_pipe_t object to the libmlrpc`ndr_pipe_worker.
357 * These are called only with known PDU sizes and should
358 * loop as needed to transfer the entire message.
361 pipe_recv(ndr_pipe_t
*np
, void *buf
, size_t len
)
366 x
= recv(np
->np_fid
, buf
, len
, 0);
371 buf
= (char *)buf
+ x
;
379 pipe_send(ndr_pipe_t
*np
, void *buf
, size_t len
)
384 x
= send(np
->np_fid
, buf
, len
, 0);
389 buf
= (char *)buf
+ x
;