source: trunk/server/source3/smbd/conn.c

Last change on this file was 920, checked in by Silvan Scherrer, 9 years ago

Samba Server: apply latest security patches to trunk
File size: 13.8 KB
Line 
1/*
2 Unix SMB/CIFS implementation.
3 Manage connections_struct structures
4 Copyright (C) Andrew Tridgell 1998
5 Copyright (C) Alexander Bokovoy 2002
6 Copyright (C) Jeremy Allison 2010
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20*/
21
22#include "includes.h"
23#include "smbd/smbd.h"
24#include "smbd/globals.h"
25#include "rpc_server/rpc_ncacn_np.h"
26#include "lib/util/bitmap.h"
27
28/* The connections bitmap is expanded in increments of BITMAP_BLOCK_SZ. The
29 * maximum size of the bitmap is the largest positive integer, but you will hit
30 * the "max connections" limit, looong before that.
31 */
32
33#define BITMAP_BLOCK_SZ 128
34
35/****************************************************************************
36 Init the conn structures.
37****************************************************************************/
38
39void conn_init(struct smbd_server_connection *sconn)
40{
41 sconn->smb1.tcons.Connections = NULL;
42 sconn->smb1.tcons.bmap = bitmap_talloc(sconn, BITMAP_BLOCK_SZ);
43}
44
45/****************************************************************************
46 Return the number of open connections.
47****************************************************************************/
48
49int conn_num_open(struct smbd_server_connection *sconn)
50{
51 return sconn->num_tcons_open;
52}
53
54/****************************************************************************
55 Check if a snum is in use.
56****************************************************************************/
57
58bool conn_snum_used(int snum)
59{
60 struct smbd_server_connection *sconn = smbd_server_conn;
61
62 if (sconn->using_smb2) {
63 /* SMB2 */
64 struct smbd_smb2_session *sess;
65 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
66 struct smbd_smb2_tcon *ptcon;
67
68 for (ptcon = sess->tcons.list; ptcon; ptcon = ptcon->next) {
69 if (ptcon->compat_conn &&
70 ptcon->compat_conn->params &&
71 (ptcon->compat_conn->params->service == snum)) {
72 return true;
73 }
74 }
75 }
76 } else {
77 /* SMB1 */
78 connection_struct *conn;
79 for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
80 if (conn->params->service == snum) {
81 return true;
82 }
83 }
84 }
85 return false;
86}
87
88/****************************************************************************
89 Find a conn given a cnum.
90****************************************************************************/
91
92connection_struct *conn_find(struct smbd_server_connection *sconn,unsigned cnum)
93{
94 if (sconn->using_smb2) {
95 /* SMB2 */
96 struct smbd_smb2_session *sess;
97 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
98 struct smbd_smb2_tcon *ptcon;
99
100 for (ptcon = sess->tcons.list; ptcon; ptcon = ptcon->next) {
101 if (ptcon->compat_conn &&
102 ptcon->compat_conn->cnum == cnum) {
103 return ptcon->compat_conn;
104 }
105 }
106 }
107 } else {
108 /* SMB1 */
109 int count=0;
110 connection_struct *conn;
111 for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next,count++) {
112 if (conn->cnum == cnum) {
113 if (count > 10) {
114 DLIST_PROMOTE(sconn->smb1.tcons.Connections,
115 conn);
116 }
117 return conn;
118 }
119 }
120 }
121
122 return NULL;
123}
124
125/****************************************************************************
126 Find first available connection slot, starting from a random position.
127 The randomisation stops problems with the server dieing and clients
128 thinking the server is still available.
129****************************************************************************/
130
131connection_struct *conn_new(struct smbd_server_connection *sconn)
132{
133 connection_struct *conn;
134 int i;
135 int find_offset = 1;
136
137 if (sconn->using_smb2) {
138 /* SMB2 */
139 if (!(conn=TALLOC_ZERO_P(NULL, connection_struct)) ||
140 !(conn->params = TALLOC_P(conn, struct share_params))) {
141 DEBUG(0,("TALLOC_ZERO() failed!\n"));
142 TALLOC_FREE(conn);
143 return NULL;
144 }
145 conn->sconn = sconn;
146 return conn;
147 }
148
149 /* SMB1 */
150find_again:
151 i = bitmap_find(sconn->smb1.tcons.bmap, find_offset);
152
153 if (i == -1) {
154 /* Expand the connections bitmap. */
155 int oldsz = sconn->smb1.tcons.bmap->n;
156 int newsz = sconn->smb1.tcons.bmap->n +
157 BITMAP_BLOCK_SZ;
158 struct bitmap * nbmap;
159
160 if (newsz <= oldsz) {
161 /* Integer wrap. */
162 DEBUG(0,("ERROR! Out of connection structures\n"));
163 return NULL;
164 }
165
166 DEBUG(4,("resizing connections bitmap from %d to %d\n",
167 oldsz, newsz));
168
169 nbmap = bitmap_talloc(sconn, newsz);
170 if (!nbmap) {
171 DEBUG(0,("ERROR! malloc fail.\n"));
172 return NULL;
173 }
174
175 bitmap_copy(nbmap, sconn->smb1.tcons.bmap);
176 TALLOC_FREE(sconn->smb1.tcons.bmap);
177
178 sconn->smb1.tcons.bmap = nbmap;
179 find_offset = oldsz; /* Start next search in the new portion. */
180
181 goto find_again;
182 }
183
184 /* The bitmap position is used below as the connection number
185 * conn->cnum). This ends up as the TID field in the SMB header,
186 * which is limited to 16 bits (we skip 0xffff which is the
187 * NULL TID).
188 */
189 if (i > 65534) {
190 DEBUG(0, ("Maximum connection limit reached\n"));
191 return NULL;
192 }
193
194 if (!(conn=TALLOC_ZERO_P(NULL, connection_struct)) ||
195 !(conn->params = TALLOC_P(conn, struct share_params))) {
196 DEBUG(0,("TALLOC_ZERO() failed!\n"));
197 TALLOC_FREE(conn);
198 return NULL;
199 }
200 conn->sconn = sconn;
201 conn->cnum = i;
202 conn->force_group_gid = (gid_t)-1;
203
204 bitmap_set(sconn->smb1.tcons.bmap, i);
205
206 sconn->num_tcons_open++;
207
208 string_set(&conn->connectpath,"");
209 string_set(&conn->origpath,"");
210
211 DLIST_ADD(sconn->smb1.tcons.Connections, conn);
212
213 return conn;
214}
215
216/****************************************************************************
217 Close all conn structures.
218 Return true if any were closed.
219****************************************************************************/
220
221bool conn_close_all(struct smbd_server_connection *sconn)
222{
223 bool ret = false;
224 if (sconn->using_smb2) {
225 /* SMB2 */
226 struct smbd_smb2_session *sess;
227 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
228 struct smbd_smb2_tcon *tcon, *tc_next;
229
230 for (tcon = sess->tcons.list; tcon; tcon = tc_next) {
231 tc_next = tcon->next;
232 TALLOC_FREE(tcon);
233 ret = true;
234 }
235 }
236 } else {
237 /* SMB1 */
238 connection_struct *conn, *next;
239
240 for (conn=sconn->smb1.tcons.Connections;conn;conn=next) {
241 next=conn->next;
242 set_current_service(conn, 0, True);
243 close_cnum(conn, conn->vuid);
244 ret = true;
245 }
246 }
247 return ret;
248}
249
250/****************************************************************************
251 Update last used timestamps.
252****************************************************************************/
253
254static void conn_lastused_update(struct smbd_server_connection *sconn,time_t t)
255{
256 if (sconn->using_smb2) {
257 /* SMB2 */
258 struct smbd_smb2_session *sess;
259 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
260 struct smbd_smb2_tcon *ptcon;
261
262 for (ptcon = sess->tcons.list; ptcon; ptcon = ptcon->next) {
263 connection_struct *conn = ptcon->compat_conn;
264 /* Update if connection wasn't idle. */
265 if (conn && conn->lastused != conn->lastused_count) {
266 conn->lastused = t;
267 conn->lastused_count = t;
268 }
269 }
270 }
271 } else {
272 /* SMB1 */
273 connection_struct *conn;
274 for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
275 /* Update if connection wasn't idle. */
276 if (conn->lastused != conn->lastused_count) {
277 conn->lastused = t;
278 conn->lastused_count = t;
279 }
280 }
281 }
282}
283
284/****************************************************************************
285 Idle inactive connections.
286****************************************************************************/
287
288bool conn_idle_all(struct smbd_server_connection *sconn, time_t t)
289{
290 int deadtime = lp_deadtime()*60;
291
292 conn_lastused_update(sconn, t);
293
294 if (deadtime <= 0) {
295 deadtime = DEFAULT_SMBD_TIMEOUT;
296 }
297
298 if (sconn->using_smb2) {
299 /* SMB2 */
300 struct smbd_smb2_session *sess;
301 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
302 struct smbd_smb2_tcon *ptcon;
303
304 for (ptcon = sess->tcons.list; ptcon; ptcon = ptcon->next) {
305 time_t age;
306 connection_struct *conn = ptcon->compat_conn;
307
308 if (conn == NULL) {
309 continue;
310 }
311
312 age = t - conn->lastused;
313 /* close dirptrs on connections that are idle */
314 if (age > DPTR_IDLE_TIMEOUT) {
315 dptr_idlecnum(conn);
316 }
317
318 if (conn->num_files_open > 0 || age < deadtime) {
319 return false;
320 }
321 }
322 }
323 } else {
324 /* SMB1 */
325 connection_struct *conn;
326 for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
327 time_t age = t - conn->lastused;
328
329 /* close dirptrs on connections that are idle */
330 if (age > DPTR_IDLE_TIMEOUT) {
331 dptr_idlecnum(conn);
332 }
333
334 if (conn->num_files_open > 0 || age < deadtime) {
335 return false;
336 }
337 }
338 }
339
340 /*
341 * Check all pipes for any open handles. We cannot
342 * idle with a handle open.
343 */
344 if (check_open_pipes()) {
345 return false;
346 }
347
348 return true;
349}
350
351/****************************************************************************
352 Clear a vuid out of the validity cache, and as the 'owner' of a connection.
353****************************************************************************/
354
355void conn_clear_vuid_caches(struct smbd_server_connection *sconn,uint16_t vuid)
356{
357 connection_struct *conn;
358
359 if (sconn->using_smb2) {
360 /* SMB2 */
361 struct smbd_smb2_session *sess;
362 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
363 struct smbd_smb2_tcon *ptcon;
364
365 for (ptcon = sess->tcons.list; ptcon; ptcon = ptcon->next) {
366 if (ptcon->compat_conn) {
367 if (ptcon->compat_conn->vuid == vuid) {
368 ptcon->compat_conn->vuid = UID_FIELD_INVALID;
369 }
370 conn_clear_vuid_cache(ptcon->compat_conn, vuid);
371 }
372 }
373 }
374 } else {
375 /* SMB1 */
376 for (conn=sconn->smb1.tcons.Connections;conn;conn=conn->next) {
377 if (conn->vuid == vuid) {
378 conn->vuid = UID_FIELD_INVALID;
379 }
380 conn_clear_vuid_cache(conn, vuid);
381 }
382 }
383}
384
385/****************************************************************************
386 Free a conn structure - internal part.
387****************************************************************************/
388
389static void conn_free_internal(connection_struct *conn)
390{
391 vfs_handle_struct *handle = NULL, *thandle = NULL;
392 struct trans_state *state = NULL;
393
394 /* Free vfs_connection_struct */
395 handle = conn->vfs_handles;
396 while(handle) {
397 thandle = handle->next;
398 DLIST_REMOVE(conn->vfs_handles, handle);
399 if (handle->free_data)
400 handle->free_data(&handle->data);
401 handle = thandle;
402 }
403
404 /* Free any pending transactions stored on this conn. */
405 for (state = conn->pending_trans; state; state = state->next) {
406 /* state->setup is a talloc child of state. */
407 SAFE_FREE(state->param);
408 SAFE_FREE(state->data);
409 }
410
411 free_namearray(conn->veto_list);
412 free_namearray(conn->hide_list);
413 free_namearray(conn->veto_oplock_list);
414 free_namearray(conn->aio_write_behind_list);
415
416 string_free(&conn->connectpath);
417 string_free(&conn->origpath);
418
419 ZERO_STRUCTP(conn);
420 talloc_destroy(conn);
421}
422
423/****************************************************************************
424 Free a conn structure.
425****************************************************************************/
426
427void conn_free(connection_struct *conn)
428{
429 if (conn->sconn == NULL) {
430 conn_free_internal(conn);
431 return;
432 }
433
434 if (conn->sconn->using_smb2) {
435 /* SMB2 */
436 conn_free_internal(conn);
437 return;
438 }
439
440 /* SMB1 */
441 DLIST_REMOVE(conn->sconn->smb1.tcons.Connections, conn);
442
443 if (conn->sconn->smb1.tcons.bmap != NULL) {
444 /*
445 * Can be NULL for fake connections created by
446 * create_conn_struct()
447 */
448 bitmap_clear(conn->sconn->smb1.tcons.bmap, conn->cnum);
449 }
450
451 SMB_ASSERT(conn->sconn->num_tcons_open > 0);
452 conn->sconn->num_tcons_open--;
453
454 conn_free_internal(conn);
455}
456
457/****************************************************************************
458 Receive a smbcontrol message to forcibly unmount a share.
459 The message contains just a share name and all instances of that
460 share are unmounted.
461 The special sharename '*' forces unmount of all shares.
462****************************************************************************/
463
464void msg_force_tdis(struct messaging_context *msg,
465 void *private_data,
466 uint32_t msg_type,
467 struct server_id server_id,
468 DATA_BLOB *data)
469{
470 struct smbd_server_connection *sconn;
471 connection_struct *conn, *next;
472 fstring sharename;
473
474 sconn = msg_ctx_to_sconn(msg);
475 if (sconn == NULL) {
476 DEBUG(1, ("could not find sconn\n"));
477 return;
478 }
479
480 fstrcpy(sharename, (const char *)data->data);
481
482 if (strcmp(sharename, "*") == 0) {
483 DEBUG(1,("Forcing close of all shares\n"));
484 conn_close_all(sconn);
485 goto done;
486 }
487
488 if (sconn->using_smb2) {
489 /* SMB2 */
490 struct smbd_smb2_session *sess;
491 for (sess = sconn->smb2.sessions.list; sess; sess = sess->next) {
492 struct smbd_smb2_tcon *tcon, *tc_next;
493
494 for (tcon = sess->tcons.list; tcon; tcon = tc_next) {
495 tc_next = tcon->next;
496 if (tcon->compat_conn &&
497 strequal(lp_servicename(SNUM(tcon->compat_conn)),
498 sharename)) {
499 DEBUG(1,("Forcing close of share %s cnum=%d\n",
500 sharename, tcon->compat_conn->cnum));
501 TALLOC_FREE(tcon);
502 }
503 }
504 }
505 } else {
506 /* SMB1 */
507 for (conn=sconn->smb1.tcons.Connections;conn;conn=next) {
508 next=conn->next;
509 if (strequal(lp_servicename(SNUM(conn)), sharename)) {
510 DEBUG(1,("Forcing close of share %s cnum=%d\n",
511 sharename, conn->cnum));
512 close_cnum(conn, (uint16)-1);
513 }
514 }
515 }
516
517 done:
518
519 change_to_root_user();
520 reload_services(msg, -1, true);
521}
Note: See TracBrowser for help on using the repository browser.