[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Thu Dec 15 06:25:04 MST 2011
The branch, master has been updated
via 19078b9 s3:smbd/globals: remove unused msg_ctx_to_sconn()
via 0345551 s3:smbd: pass smbd_server_connection and a snumused function pointer to reload_services()
via 5061dd2 s3:printing/spoolssd: pass event and messaging context to check_updater_child()
via 06c1c33 s3:rpc_server/spoolss: remove reload_services check from delete_printer_hook()
via e412b8b s3:smbd: split smb_conf_updated into parent and child versions
via 715933a s3:smbd: split ID_CACHE_* message handling into parent and child parts
from 0429471 lib/ccan: Fix some typos in libccan.m4
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 19078b9b0564ed2654a1dae1d23488f89aadb41f
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 13:26:36 2011 +0100
s3:smbd/globals: remove unused msg_ctx_to_sconn()
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Thu Dec 15 14:24:59 CET 2011 on sn-devel-104
commit 03455519e70253cb86007ac5a8960999e9aa5fa4
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 13:25:20 2011 +0100
s3:smbd: pass smbd_server_connection and a snumused function pointer to reload_services()
metze
commit 5061dd26d314baf38c7e8b3f8e495579baba49de
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 11:12:49 2011 +0100
s3:printing/spoolssd: pass event and messaging context to check_updater_child()
metze
commit 06c1c338e3fcaf6460f4e462c7f881ce2abc9ac7
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Dec 15 11:03:29 2011 +0100
s3:rpc_server/spoolss: remove reload_services check from delete_printer_hook()
As the spoolss code can run embedded or external relative to the
smbd file server process, it's very tricky to verify if a share
is still in use.
Checking the result of the "deleteprinter command" command should
be enough to check for success. We should not return WERR_ACCESS_DENIED
if the share is still in use, by the current client, as the primary
printer definition is already deleted.
metze
commit e412b8bfcce46720b913d42ac7f56d4e024162f0
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 12:39:36 2011 +0100
s3:smbd: split smb_conf_updated into parent and child versions
metze
commit 715933a3d3d1023df0d77c1765850e8579b84dfc
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Dec 14 10:23:30 2011 +0100
s3:smbd: split ID_CACHE_* message handling into parent and child parts
metze
-----------------------------------------------------------------------
Summary of changes:
source3/Makefile.in | 2 +-
source3/printing/spoolssd.c | 9 +-
source3/rpc_server/spoolss/srv_spoolss_nt.c | 20 ++--
source3/smbd/globals.c | 13 --
source3/smbd/globals.h | 2 -
source3/smbd/msg_idmap.c | 174 ---------------------------
source3/smbd/negprot.c | 4 +-
source3/smbd/process.c | 138 +++++++++++++++++++++-
source3/smbd/proto.h | 7 +-
source3/smbd/reply.c | 2 +-
source3/smbd/server.c | 74 +++++++++---
source3/smbd/server_reload.c | 20 ++--
source3/smbd/sesssetup.c | 10 +-
source3/smbd/smb2_sesssetup.c | 2 +-
source3/torture/vfstest.c | 2 +-
source3/wscript_build | 2 +-
16 files changed, 232 insertions(+), 249 deletions(-)
delete mode 100644 source3/smbd/msg_idmap.c
Changeset truncated at 500 lines:
diff --git a/source3/Makefile.in b/source3/Makefile.in
index b0c17f6..1389293 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -914,7 +914,7 @@ AUTH_OBJ = auth/auth.o @AUTH_STATIC@ auth/auth_util.o auth/token_util.o \
MANGLE_OBJ = smbd/mangle.o smbd/mangle_hash.o smbd/mangle_hash2.o
-SMBD_OBJ_MAIN = smbd/server.o smbd/server_exit.o smbd/msg_idmap.o
+SMBD_OBJ_MAIN = smbd/server.o smbd/server_exit.o
BUILDOPT_OBJ = smbd/build_options.o
diff --git a/source3/printing/spoolssd.c b/source3/printing/spoolssd.c
index 06ce61b..fa722e2 100644
--- a/source3/printing/spoolssd.c
+++ b/source3/printing/spoolssd.c
@@ -489,7 +489,8 @@ static void spoolss_handle_client(struct tevent_req *req)
extern pid_t background_lpq_updater_pid;
static char *bq_logfile;
-static void check_updater_child(void)
+static void check_updater_child(struct tevent_context *ev_ctx,
+ struct messaging_context *msg_ctx)
{
int status;
pid_t pid;
@@ -501,9 +502,7 @@ static void check_updater_child(void)
pid = sys_waitpid(background_lpq_updater_pid, &status, WNOHANG);
if (pid > 0) {
DEBUG(2, ("The background queue child died... Restarting!\n"));
- pid = start_background_queue(server_event_context(),
- server_messaging_context(),
- bq_logfile);
+ pid = start_background_queue(ev_ctx, msg_ctx, bq_logfile);
background_lpq_updater_pid = pid;
}
}
@@ -543,7 +542,7 @@ static void spoolssd_sigchld_handler(struct tevent_context *ev_ctx,
pfh_manage_pool(ev_ctx, msg_ctx, &pf_spoolss_cfg, spoolss_pool);
/* also check if the updater child is alive and well */
- check_updater_child();
+ check_updater_child(ev_ctx, msg_ctx);
}
static bool spoolssd_setup_children_monitor(struct tevent_context *ev_ctx,
diff --git a/source3/rpc_server/spoolss/srv_spoolss_nt.c b/source3/rpc_server/spoolss/srv_spoolss_nt.c
index 1a9111c..87df565 100644
--- a/source3/rpc_server/spoolss/srv_spoolss_nt.c
+++ b/source3/rpc_server/spoolss/srv_spoolss_nt.c
@@ -417,14 +417,6 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
if (ret != 0)
return WERR_BADFID; /* What to return here? */
- /* go ahead and re-read the services immediately */
- become_root();
- reload_services(msg_ctx, -1, false);
- unbecome_root();
-
- if ( lp_servicenumber( sharename ) >= 0 )
- return WERR_ACCESS_DENIED;
-
return WERR_OK;
}
@@ -6210,6 +6202,16 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const
/****************************************************************************
****************************************************************************/
+static bool spoolss_conn_snum_used(struct smbd_server_connection *sconn,
+ int snum)
+{
+ /*
+ * As we do not know if we are embedded in the file server process
+ * or not, we have to pretend that all shares are in use.
+ */
+ return true;
+}
+
static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
struct spoolss_SetPrinterInfo2 *info2,
const char *remote_machine,
@@ -6268,7 +6270,7 @@ static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
/* reload our services immediately */
become_root();
- reload_services(msg_ctx, -1, false);
+ reload_services(NULL, spoolss_conn_snum_used, false);
unbecome_root();
numlines = 0;
diff --git a/source3/smbd/globals.c b/source3/smbd/globals.c
index 3199a37..ff8c51b 100644
--- a/source3/smbd/globals.c
+++ b/source3/smbd/globals.c
@@ -104,19 +104,6 @@ bool exit_firsttime = true;
struct smbd_server_connection *smbd_server_conn = NULL;
-struct smbd_server_connection *msg_ctx_to_sconn(struct messaging_context *msg_ctx)
-{
- struct server_id my_id, msg_id;
-
- my_id = messaging_server_id(smbd_server_conn->msg_ctx);
- msg_id = messaging_server_id(msg_ctx);
-
- if (!procid_equal(&my_id, &msg_id)) {
- return NULL;
- }
- return smbd_server_conn;
-}
-
struct memcache *smbd_memcache(void)
{
if (!smbd_memcache_ctx) {
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index d5b2de7..3c6aa12 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -614,6 +614,4 @@ struct smbd_server_connection {
extern struct smbd_server_connection *smbd_server_conn;
-struct smbd_server_connection *msg_ctx_to_sconn(struct messaging_context *msg_ctx);
-
void smbd_init_globals(void);
diff --git a/source3/smbd/msg_idmap.c b/source3/smbd/msg_idmap.c
deleted file mode 100644
index 757cac0..0000000
--- a/source3/smbd/msg_idmap.c
+++ /dev/null
@@ -1,174 +0,0 @@
-/*
- * Samba Unix/Linux SMB client library
- *
- * Copyright (C) Gregor Beck 2011
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-#include "includes.h"
-#include "smbd/globals.h"
-#include "smbd/smbd.h"
-#include "../libcli/security/dom_sid.h"
-#include "../libcli/security/security_token.h"
-#include "idmap_cache.h"
-#include "passdb/lookup_sid.h"
-#include "auth.h"
-#include "messages.h"
-#include "lib/id_cache.h"
-
-static bool uid_in_use(const struct user_struct *user, uid_t uid)
-{
- while (user) {
- if (user->session_info &&
- (user->session_info->unix_token->uid == uid)) {
- return true;
- }
- user = user->next;
- }
- return false;
-}
-
-static bool gid_in_use(const struct user_struct *user, gid_t gid)
-{
- while (user) {
- if (user->session_info != NULL) {
- int i;
- struct security_unix_token *utok;
-
- utok = user->session_info->unix_token;
- if (utok->gid == gid) {
- return true;
- }
- for(i=0; i<utok->ngroups; i++) {
- if (utok->groups[i] == gid) {
- return true;
- }
- }
- }
- user = user->next;
- }
- return false;
-}
-
-static bool sid_in_use(const struct user_struct *user,
- const struct dom_sid *psid)
-{
- while (user) {
- struct security_token *tok;
-
- if (user->session_info == NULL) {
- continue;
- }
- tok = user->session_info->security_token;
- if (tok == NULL) {
- /*
- * Not sure session_info->security_token can
- * ever be NULL. This check might be not
- * necessary.
- */
- continue;
- }
- if (security_token_has_sid(tok, psid)) {
- return true;
- }
- user = user->next;
- }
- return false;
-}
-
-static bool id_in_use(const struct user_struct *user,
- const struct id_cache_ref *id)
-{
- switch(id->type) {
- case UID:
- return uid_in_use(user, id->id.uid);
- case GID:
- return gid_in_use(user, id->id.gid);
- case SID:
- return sid_in_use(user, &id->id.sid);
- default:
- break;
- }
- return false;
-}
-
-static void id_cache_kill(struct messaging_context *msg_ctx,
- void *private_data,
- uint32_t msg_type,
- struct server_id server_id,
- DATA_BLOB* data)
-{
- const char *msg = (data && data->data)
- ? (const char *)data->data : "<NULL>";
- struct smbd_server_connection *sconn;
- struct user_struct *validated_users;
- struct id_cache_ref id;
-
- sconn = msg_ctx_to_sconn(msg_ctx);
- if (sconn == NULL) {
- DEBUG(1, ("could not find sconn\n"));
- return;
- }
-
- validated_users = sconn->smb1.sessions.validated_users;
-
- if (!id_cache_ref_parse(msg, &id)) {
- DEBUG(0, ("Invalid ?ID: %s\n", msg));
- return;
- }
-
- if (am_parent) {
- messaging_send_to_children(msg_ctx, msg_type, data);
- }
-
- if (id_in_use(validated_users, &id)) {
- exit_server_cleanly(msg);
- }
- id_cache_delete_from_cache(&id);
-}
-
-static void id_cache_flush(struct messaging_context *ctx,
- void* data,
- uint32_t msg_type,
- struct server_id srv_id,
- DATA_BLOB* msg_data)
-{
- id_cache_flush_message(ctx, data, msg_type, srv_id, msg_data);
-
- if (am_parent) {
- messaging_send_to_children(ctx, msg_type, msg_data);
- }
-}
-
-static void id_cache_delete(struct messaging_context *ctx,
- void* data,
- uint32_t msg_type,
- struct server_id srv_id,
- DATA_BLOB* msg_data)
-{
- id_cache_delete_message(ctx, data, msg_type, srv_id, msg_data);
-
- if (am_parent) {
- messaging_send_to_children(ctx, msg_type, msg_data);
- }
-}
-
-
-void msg_idmap_register_msg(struct messaging_context *ctx)
-{
- messaging_register(ctx, NULL, ID_CACHE_FLUSH, id_cache_flush);
- messaging_register(ctx, NULL, ID_CACHE_DELETE, id_cache_delete);
- messaging_register(ctx, NULL, ID_CACHE_KILL, id_cache_kill);
-}
diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index ae9ce5a..52ef96d 100644
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -714,7 +714,7 @@ void reply_negprot(struct smb_request *req)
}
/* possibly reload - change of architecture */
- reload_services(sconn->msg_ctx, sconn->sock, True);
+ reload_services(sconn, conn_snum_used, true);
/* moved from the netbios session setup code since we don't have that
when the client connects to port 445. Of course there is a small
@@ -740,7 +740,7 @@ void reply_negprot(struct smb_request *req)
if(choice != -1) {
fstrcpy(remote_proto,supported_protocols[protocol].short_name);
- reload_services(sconn->msg_ctx, sconn->sock, True);
+ reload_services(sconn, conn_snum_used, true);
supported_protocols[protocol].proto_reply_fn(req, choice);
DEBUG(3,("Selected protocol %s\n",supported_protocols[protocol].proto_name));
} else {
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index b3e4d0d..c448267 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -36,6 +36,9 @@
#include "rpc_server/spoolss/srv_spoolss_nt.h"
#include "libsmb/libsmb.h"
#include "../lib/util/tevent_ntstatus.h"
+#include "../libcli/security/dom_sid.h"
+#include "../libcli/security/security_token.h"
+#include "lib/id_cache.h"
extern bool global_machine_password_needs_changing;
@@ -905,7 +908,7 @@ static void smbd_sig_hup_handler(struct tevent_context *ev,
change_to_root_user();
DEBUG(1,("Reloading services after SIGHUP\n"));
- reload_services(sconn->msg_ctx, sconn->sock, false);
+ reload_services(sconn, conn_snum_used, false);
}
void smbd_setup_sig_hup_handler(struct smbd_server_connection *sconn)
@@ -922,6 +925,22 @@ void smbd_setup_sig_hup_handler(struct smbd_server_connection *sconn)
}
}
+static void smbd_conf_updated(struct messaging_context *msg,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB *data)
+{
+ struct smbd_server_connection *sconn =
+ talloc_get_type_abort(private_data,
+ struct smbd_server_connection);
+
+ DEBUG(10,("smbd_conf_updated: Got message saying smb.conf was "
+ "updated. Reloading.\n"));
+ change_to_root_user();
+ reload_services(sconn, conn_snum_used, false);
+}
+
static NTSTATUS smbd_server_connection_loop_once(struct tevent_context *ev_ctx,
struct smbd_server_connection *conn)
{
@@ -2202,7 +2221,7 @@ static void check_reload(struct smbd_server_connection *sconn, time_t t)
}
if (t >= last_smb_conf_reload_time+SMBD_RELOAD_CHECK) {
- reload_services(sconn->msg_ctx, sconn->sock, True);
+ reload_services(sconn, conn_snum_used, true);
last_smb_conf_reload_time = t;
}
}
@@ -2960,6 +2979,109 @@ static NTSTATUS smbd_register_ips(struct smbd_server_connection *sconn,
#endif
+static bool uid_in_use(const struct user_struct *user, uid_t uid)
+{
+ while (user) {
+ if (user->session_info &&
+ (user->session_info->unix_token->uid == uid)) {
+ return true;
+ }
+ user = user->next;
+ }
+ return false;
+}
+
+static bool gid_in_use(const struct user_struct *user, gid_t gid)
+{
+ while (user) {
+ if (user->session_info != NULL) {
+ int i;
+ struct security_unix_token *utok;
+
+ utok = user->session_info->unix_token;
+ if (utok->gid == gid) {
+ return true;
+ }
+ for(i=0; i<utok->ngroups; i++) {
+ if (utok->groups[i] == gid) {
+ return true;
+ }
+ }
+ }
+ user = user->next;
+ }
+ return false;
+}
+
+static bool sid_in_use(const struct user_struct *user,
+ const struct dom_sid *psid)
+{
+ while (user) {
+ struct security_token *tok;
+
+ if (user->session_info == NULL) {
+ continue;
+ }
+ tok = user->session_info->security_token;
+ if (tok == NULL) {
+ /*
+ * Not sure session_info->security_token can
+ * ever be NULL. This check might be not
+ * necessary.
+ */
+ continue;
+ }
+ if (security_token_has_sid(tok, psid)) {
+ return true;
+ }
+ user = user->next;
+ }
+ return false;
+}
+
+static bool id_in_use(const struct user_struct *user,
+ const struct id_cache_ref *id)
+{
+ switch(id->type) {
+ case UID:
+ return uid_in_use(user, id->id.uid);
+ case GID:
+ return gid_in_use(user, id->id.gid);
+ case SID:
+ return sid_in_use(user, &id->id.sid);
+ default:
+ break;
+ }
+ return false;
+}
+
+static void smbd_id_cache_kill(struct messaging_context *msg_ctx,
+ void *private_data,
+ uint32_t msg_type,
+ struct server_id server_id,
+ DATA_BLOB* data)
+{
+ const char *msg = (data && data->data)
+ ? (const char *)data->data : "<NULL>";
+ struct user_struct *validated_users;
+ struct id_cache_ref id;
+ struct smbd_server_connection *sconn =
+ talloc_get_type_abort(private_data,
+ struct smbd_server_connection);
+
+ validated_users = sconn->smb1.sessions.validated_users;
+
+ if (!id_cache_ref_parse(msg, &id)) {
+ DEBUG(0, ("Invalid ?ID: %s\n", msg));
+ return;
+ }
+
+ if (id_in_use(validated_users, &id)) {
+ exit_server_cleanly(msg);
+ }
+ id_cache_delete_from_cache(&id);
+}
+
/****************************************************************************
Process commands from the client
****************************************************************************/
@@ -3061,7 +3183,7 @@ void smbd_process(struct tevent_context *ev_ctx,
/* this is needed so that we get decent entries
in smbstatus for port 445 connects */
set_remote_machine_name(remaddr, false);
- reload_services(sconn->msg_ctx, sconn->sock, true);
+ reload_services(sconn, conn_snum_used, true);
--
Samba Shared Repository
More information about the samba-cvs
mailing list