svn commit: samba r13029 - in trunk/source/modules: .

Thu Jan 19 00:34:52 GMT 2006

Author: jra
Date: 2006-01-19 00:34:52 +0000 (Thu, 19 Jan 2006)
New Revision: 13029

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=13029

Log:
Fix for #3419 - vfs_full_audit *never* worked
correctly. Static variables were used !
Jeremy.

Modified:
   trunk/source/modules/vfs_full_audit.c


Changeset:
Modified: trunk/source/modules/vfs_full_audit.c
===================================================================

--- trunk/source/modules/vfs_full_audit.c	2006-01-19 00:34:48 UTC (rev 13028)
+++ trunk/source/modules/vfs_full_audit.c	2006-01-19 00:34:52 UTC (rev 13029)
@@ -35,6 +35,9 @@
  * full_audit:success = open opendir
  * full_audit:failure = all
  *
+ * vfs op can be "all" which means log all operations.
+ * vfs op can be "none" which means no logging.
+ *
  * This leads to syslog entries of the form:
  * smbd_audit: nobody|192.168.234.1|opendir|ok|.
  * smbd_audit: nobody|192.168.234.1|open|fail (File not found)|r|x.txt
@@ -61,6 +64,11 @@
 
 static int vfs_full_audit_debug_level = DBGC_VFS;
 
+struct vfs_full_audit_private_data {
+	struct bitmap *success_ops;
+	struct bitmap *failure_ops;
+};
+
 #undef DBGC_CLASS
 #define DBGC_CLASS vfs_full_audit_debug_level
 
@@ -662,24 +670,33 @@
 	return prefix;
 }
 
-static struct bitmap *success_ops = NULL;
+static BOOL log_success(vfs_handle_struct *handle, vfs_op_type op)
+{
+	struct vfs_full_audit_private_data *pd = NULL;
 
-static BOOL log_success(vfs_op_type op)
-{
-	if (success_ops == NULL)
+	SMB_VFS_HANDLE_GET_DATA(handle, pd,
+		struct vfs_full_audit_private_data,
+		return True);
+
+	if (pd->success_ops == NULL) {
 		return True;
+	}
 
-	return bitmap_query(success_ops, op);
+	return bitmap_query(pd->success_ops, op);
 }
 
-static struct bitmap *failure_ops = NULL;
+static BOOL log_failure(vfs_handle_struct *handle, vfs_op_type op)
+{
+	struct vfs_full_audit_private_data *pd = NULL;
 
-static BOOL log_failure(vfs_op_type op)
-{
-	if (failure_ops == NULL)
+	SMB_VFS_HANDLE_GET_DATA(handle, pd,
+		struct vfs_full_audit_private_data,
+		return True);
+
+	if (pd->failure_ops == NULL)
 		return True;
 
-	return bitmap_query(failure_ops, op);
+	return bitmap_query(pd->failure_ops, op);
 }
 
 static void init_bitmap(struct bitmap **bm, const char **ops)
@@ -706,6 +723,10 @@
 			break;
 		}
 
+		if (strequal(*ops, "none")) {
+			break;
+		}
+
 		for (i=0; i<SMB_VFS_OP_LAST; i++) {
 			if (vfs_op_names[i].name == NULL) {
 				smb_panic("vfs_full_audit.c: name table not "
@@ -747,10 +768,10 @@
 	pstring op_msg;
 	va_list ap;
 
-	if (success && (!log_success(op)))
+	if (success && (!log_success(handle, op)))
 		return;
 
-	if (!success && (!log_failure(op)))
+	if (!success && (!log_failure(handle, op)))
 		return;
 
 	if (success)
@@ -768,6 +789,22 @@
 	return;
 }
 
+/* Free function for the private data. */
+
+static void free_private_data(void **p_data)
+{
+	struct vfs_full_audit_private_data *pd = *(struct vfs_full_audit_private_data **)p_data;
+
+	if (pd->success_ops) {
+		bitmap_free(pd->success_ops);
+	}
+	if (pd->failure_ops) {
+		bitmap_free(pd->failure_ops);
+	}
+	SAFE_FREE(pd);
+	*p_data = NULL;
+}
+
 /* Implementation of vfs_ops.  Pass everything on to the default
    operation but log event first. */
 
@@ -775,18 +812,29 @@
 			 const char *svc, const char *user)
 {
 	int result;
+	struct vfs_full_audit_private_data *pd = NULL;
 	const char *none[] = { NULL };
 	const char *all [] = { "all" };
 
+	pd = SMB_MALLOC_P(struct vfs_full_audit_private_data);
+	if (!pd) {
+		return -1;
+	}
+	ZERO_STRUCTP(pd);
+
 	openlog("smbd_audit", 0, audit_syslog_facility(handle));
 
-	init_bitmap(&success_ops,
+	init_bitmap(&pd->success_ops,
 		    lp_parm_string_list(SNUM(conn), "full_audit", "success",
 					none));
-	init_bitmap(&failure_ops,
+	init_bitmap(&pd->failure_ops,
 		    lp_parm_string_list(SNUM(conn), "full_audit", "failure",
 					all));
 
+	/* Store the private data. */
+	SMB_VFS_HANDLE_SET_DATA(handle, pd, free_private_data,
+				struct vfs_full_audit_private_data, return -1);
+
 	result = SMB_VFS_NEXT_CONNECT(handle, conn, svc, user);
 
 	do_log(SMB_VFS_OP_CONNECT, True, handle,
@@ -803,12 +851,9 @@
 	do_log(SMB_VFS_OP_DISCONNECT, True, handle,
 	       "%s", lp_servicename(SNUM(conn)));
 
-	bitmap_free(success_ops);
-	success_ops = NULL;
+	/* The bitmaps will be disconnected when the private
+	   data is deleted. */
 
-	bitmap_free(failure_ops);
-	failure_ops = NULL;
-
 	return;
 }
 
@@ -2003,4 +2048,3 @@
 	
 	return ret;
 }
-

