[PATCHES] smbcontrol disconnect-client
Christof Schmitt
cs at samba.org
Fri Dec 6 16:15:38 MST 2013
Here are a few patches that Christian had developed some time ago. They
implement a 'smbcontrol disconnect-client <ip address>' call that
disconnects all clients from a certain IP address. That is useful when a
config file for a specific client has been changed and that change has
to be enforced.
Comments?
Christof
-------------- next part --------------
>From baddb0c712ebfda29a42b2ed02ec2ffa74065ad3 Mon Sep 17 00:00:00 2001
From: Christian Ambach <ambi at samba.org>
Date: Fri, 15 Mar 2013 15:06:41 +0100
Subject: [PATCH 1/4] s3:messaging add MSG_SMB_FORCE_CLIENT_DISCONNECT message
Reviewed-by: Christof Schmitt <cs at samba.org>
---
source3/librpc/idl/messaging.idl | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/source3/librpc/idl/messaging.idl b/source3/librpc/idl/messaging.idl
index 39532f0..6ec4126 100644
--- a/source3/librpc/idl/messaging.idl
+++ b/source3/librpc/idl/messaging.idl
@@ -89,6 +89,9 @@ interface messaging
MSG_SMB_NOTIFY_CLEANUP = 0x0314,
MSG_SMB_SCAVENGER = 0x0315,
+ /* shutdown connection for given client */
+ MSG_SMB_FORCE_CLIENT_DISCONNECT = 0x0316,
+
/* winbind messages */
MSG_WINBIND_FINISHED = 0x0401,
MSG_WINBIND_FORGET_STATE = 0x0402,
--
1.7.1
>From d33c7d384c9cc10aca3e5f5809e7309e608e8d30 Mon Sep 17 00:00:00 2001
From: Christian Ambach <ambi at samba.org>
Date: Fri, 15 Mar 2013 15:08:22 +0100
Subject: [PATCH 2/4] s3:smbd react on message that client should be disconnected
if MSG_SMB_FORCE_CLIENT_DISCONNECT message comes in and our client has
the IP address given as argument, then shutdown the connection immediately
Reviewed-by: Christof Schmitt <cs at samba.org>
---
source3/smbd/process.c | 32 ++++++++++++++++++++++++++++++++
source3/smbd/server.c | 13 +++++++++++++
2 files changed, 45 insertions(+), 0 deletions(-)
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 09fe910..ed97a3f 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -2563,6 +2563,32 @@ static int client_get_tcp_info(int sock, struct sockaddr_storage *server,
}
#endif
+static void msg_client_disconnect(struct messaging_context *msg_ctx,
+ void *private_data, uint32_t msg_type,
+ struct server_id server_id, DATA_BLOB *data)
+{
+ struct smbd_server_connection *sconn = talloc_get_type_abort(
+ private_data, struct smbd_server_connection);
+ const char *ip = (char *) data->data;
+ char *client_ip;
+
+ DEBUG(10, ("Got disconnect request for client IP %s\n", ip));
+
+ client_ip = tsocket_address_inet_addr_string(sconn->remote_address,
+ talloc_tos());
+ if (client_ip == NULL) {
+ return;
+ }
+
+ if (strequal(ip, client_ip)) {
+ DEBUG(1, ("Got client disconnect message for %s - "
+ "exiting immediately\n", ip));
+ exit_server_cleanly("Forced disconnect for client");
+ }
+
+ TALLOC_FREE(client_ip);
+}
+
/*
* Send keepalive packets to our client
*/
@@ -3528,6 +3554,12 @@ void smbd_process(struct tevent_context *ev_ctx,
messaging_register(sconn->msg_ctx, sconn,
MSG_SMB_CONF_UPDATED, smbd_conf_updated);
+ messaging_deregister(sconn->msg_ctx, MSG_SMB_FORCE_CLIENT_DISCONNECT,
+ NULL);
+ messaging_register(sconn->msg_ctx, sconn,
+ MSG_SMB_FORCE_CLIENT_DISCONNECT,
+ msg_client_disconnect);
+
/*
* Use the default MSG_DEBUG handler to avoid rebroadcasting
* MSGs to all child processes
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 36be019..6fb86e5 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -370,6 +370,17 @@ static void smb_parent_force_tdis(struct messaging_context *ctx,
messaging_send_to_children(ctx, msg_type, msg_data);
}
+static void smb_parent_disconnect_client(struct messaging_context *ctx,
+ void *data,
+ uint32_t msg_type,
+ struct server_id srv_id,
+ DATA_BLOB* msg_data)
+{
+ if (am_parent) {
+ messaging_send_to_children(ctx, msg_type, msg_data);
+ }
+}
+
static void add_child_pid(struct smbd_parent_context *parent,
pid_t pid)
{
@@ -877,6 +888,8 @@ static bool open_sockets_smbd(struct smbd_parent_context *parent,
brl_revalidate);
messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS,
smb_parent_force_tdis);
+ messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_CLIENT_DISCONNECT,
+ smb_parent_disconnect_client);
messaging_register(msg_ctx, NULL,
ID_CACHE_DELETE, smbd_parent_id_cache_delete);
--
1.7.1
>From 4da6b09187ad1383a5b947761cdf8b8caaab22f9 Mon Sep 17 00:00:00 2001
From: Christian Ambach <ambi at samba.org>
Date: Fri, 15 Mar 2013 15:09:18 +0100
Subject: [PATCH 3/4] s3:utils/smbcontrol implement disconnect-client in smbcontrol
allows the admin to forcefully shutdown the connection of a specified client
Reviewed-by: Christof Schmitt <cs at samba.org>
---
source3/utils/smbcontrol.c | 23 +++++++++++++++++++++++
1 files changed, 23 insertions(+), 0 deletions(-)
diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c
index 00b23f7..b704a19 100644
--- a/source3/utils/smbcontrol.c
+++ b/source3/utils/smbcontrol.c
@@ -790,6 +790,27 @@ static bool do_closeshare(struct tevent_context *ev_ctx,
strlen(argv[1]) + 1);
}
+/* Disconnect a client */
+static bool do_disconnect_client(struct tevent_context *ev_ctx,
+ struct messaging_context *msg_ctx,
+ const struct server_id pid,
+ const int argc, const char **argv)
+{
+ if (argc != 2) {
+ fprintf(stderr, "Usage: smbcontrol <dest> disconnect-client "
+ "<IP address>\n");
+ return false;
+ }
+
+ if (!is_ipaddress_v4(argv[1]) && !is_ipaddress_v6(argv[1])) {
+ fprintf(stderr, "%s is not a valid IP address!\n", argv[1]);
+ return false;
+ }
+
+ return send_message(msg_ctx, pid, MSG_SMB_FORCE_CLIENT_DISCONNECT,
+ argv[1], strlen(argv[1]) + 1);
+}
+
/* Tell winbindd an IP got dropped */
static bool do_ip_dropped(struct tevent_context *ev_ctx,
@@ -1287,6 +1308,8 @@ static const struct {
{ "debuglevel", do_debuglevel, "Display current debuglevels" },
{ "printnotify", do_printnotify, "Send a print notify message" },
{ "close-share", do_closeshare, "Forcibly disconnect a share" },
+ { "disconnect-client", do_disconnect_client,
+ "Forcibly disconnect a client" },
{ "ip-dropped", do_ip_dropped, "Tell winbind that an IP got dropped" },
{ "lockretry", do_lockretry, "Force a blocking lock retry" },
{ "brl-revalidate", do_brl_revalidate, "Revalidate all brl entries" },
--
1.7.1
>From c0c88bedebedfa54ebcd8d7ae77a49ff9789bea7 Mon Sep 17 00:00:00 2001
From: Christof Schmitt <cs at samba.org>
Date: Fri, 6 Dec 2013 16:03:30 -0700
Subject: [PATCH 4/4] docs: Add disconnect-client to smbcontrol manpage
Signed-off-by: Christof Schmitt <cs at samba.org>
---
docs-xml/manpages/smbcontrol.1.xml | 9 +++++++++
1 files changed, 9 insertions(+), 0 deletions(-)
diff --git a/docs-xml/manpages/smbcontrol.1.xml b/docs-xml/manpages/smbcontrol.1.xml
index 64c9d48..ed6ad31 100644
--- a/docs-xml/manpages/smbcontrol.1.xml
+++ b/docs-xml/manpages/smbcontrol.1.xml
@@ -131,6 +131,15 @@
</varlistentry>
<varlistentry>
+ <term>disconnect-client</term>
+ <listitem><para>Order smbd to close the client connections from a
+ certain IP address. This message-type takes an argument of the IP
+ address from which client connections will be closed. This message
+ can only be sent to <constant>smbd</constant>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term>force-election</term>
<listitem><para>This message causes the <command>nmbd</command> daemon to
force a new browse master election. </para>
--
1.7.1
More information about the samba-technical
mailing list