The branch, master has been updated via 11f7445 docs: Add kill-client-ip to smbcontrol manpage via ac2ed5d s3:utils/smbcontrol implement kill-client-ip in smbcontrol via a26003d s3:smbd react on message that client should be disconnected via 4673b48 s3:messaging add MSG_SMB_KILL_CLIENT_IP message from 9acacb2 shadow_copy2: Fix some typos
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 11f744581813dcfe8bd036ab2a7fa40cb9209f6b Author: Christof Schmitt <c...@samba.org> Date: Fri Dec 6 16:03:30 2013 -0700 docs: Add kill-client-ip to smbcontrol manpage Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Christof Schmitt <c...@samba.org> Autobuild-Date(master): Thu Dec 12 20:45:44 CET 2013 on sn-devel-104 commit ac2ed5dfbfc9f3ea2978e7007052fedecd1f4013 Author: Christian Ambach <a...@samba.org> Date: Fri Mar 15 15:09:18 2013 +0100 s3:utils/smbcontrol implement kill-client-ip in smbcontrol allows the admin to forcefully shutdown the connection of a specified client by IP address Signed-off-by: Christian Ambach <a...@samba.org> Reviewed-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit a26003ddb69f5bb2c50d8482841669204848df00 Author: Christian Ambach <a...@samba.org> Date: Fri Mar 15 15:08:22 2013 +0100 s3:smbd react on message that client should be disconnected if MSG_SMB_KILL_CLIENT_IP message comes in and our client has the IP address given as argument, then shutdown the connection immediately Signed-off-by: Christian Ambach <a...@samba.org> Reviewed-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> commit 4673b488c9a41bcc5ad85a52a38f3c27d4ef790a Author: Christian Ambach <a...@samba.org> Date: Fri Mar 15 15:06:41 2013 +0100 s3:messaging add MSG_SMB_KILL_CLIENT_IP message Signed-off-by: Christian Ambach <a...@samba.org> Reviewed-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: docs-xml/manpages/smbcontrol.1.xml | 9 +++++++++ source3/librpc/idl/messaging.idl | 3 +++ source3/smbd/process.c | 32 ++++++++++++++++++++++++++++++++ source3/smbd/server.c | 13 +++++++++++++ source3/utils/smbcontrol.c | 23 +++++++++++++++++++++++ 5 files changed, 80 insertions(+), 0 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/manpages/smbcontrol.1.xml b/docs-xml/manpages/smbcontrol.1.xml index 64c9d48..4c36d63 100644 --- a/docs-xml/manpages/smbcontrol.1.xml +++ b/docs-xml/manpages/smbcontrol.1.xml @@ -131,6 +131,15 @@ </varlistentry> <varlistentry> + <term>kill-client-ip</term> + <listitem><para>Order smbd to close the client connections from a + given IP address. This message-type takes an argument of the IP + address from which client connections will be closed. This message + can only be sent to <constant>smbd</constant>.</para> + </listitem> + </varlistentry> + + <varlistentry> <term>force-election</term> <listitem><para>This message causes the <command>nmbd</command> daemon to force a new browse master election. </para> diff --git a/source3/librpc/idl/messaging.idl b/source3/librpc/idl/messaging.idl index 39532f0..583eaf0 100644 --- a/source3/librpc/idl/messaging.idl +++ b/source3/librpc/idl/messaging.idl @@ -89,6 +89,9 @@ interface messaging MSG_SMB_NOTIFY_CLEANUP = 0x0314, MSG_SMB_SCAVENGER = 0x0315, + /* shutdown connection for given client */ + MSG_SMB_KILL_CLIENT_IP = 0x0316, + /* winbind messages */ MSG_WINBIND_FINISHED = 0x0401, MSG_WINBIND_FORGET_STATE = 0x0402, diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 09fe910..7d9f767 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -2563,6 +2563,32 @@ static int client_get_tcp_info(int sock, struct sockaddr_storage *server, } #endif +static void msg_kill_client_ip(struct messaging_context *msg_ctx, + void *private_data, uint32_t msg_type, + struct server_id server_id, DATA_BLOB *data) +{ + struct smbd_server_connection *sconn = talloc_get_type_abort( + private_data, struct smbd_server_connection); + const char *ip = (char *) data->data; + char *client_ip; + + DEBUG(10, ("Got kill request for client IP %s\n", ip)); + + client_ip = tsocket_address_inet_addr_string(sconn->remote_address, + talloc_tos()); + if (client_ip == NULL) { + return; + } + + if (strequal(ip, client_ip)) { + DEBUG(1, ("Got kill client message for %s - " + "exiting immediately\n", ip)); + exit_server_cleanly("Forced disconnect for client"); + } + + TALLOC_FREE(client_ip); +} + /* * Send keepalive packets to our client */ @@ -3528,6 +3554,12 @@ void smbd_process(struct tevent_context *ev_ctx, messaging_register(sconn->msg_ctx, sconn, MSG_SMB_CONF_UPDATED, smbd_conf_updated); + messaging_deregister(sconn->msg_ctx, MSG_SMB_KILL_CLIENT_IP, + NULL); + messaging_register(sconn->msg_ctx, sconn, + MSG_SMB_KILL_CLIENT_IP, + msg_kill_client_ip); + /* * Use the default MSG_DEBUG handler to avoid rebroadcasting * MSGs to all child processes diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 36be019..99b0a10 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -370,6 +370,17 @@ static void smb_parent_force_tdis(struct messaging_context *ctx, messaging_send_to_children(ctx, msg_type, msg_data); } +static void smb_parent_kill_client_by_ip(struct messaging_context *ctx, + void *data, + uint32_t msg_type, + struct server_id srv_id, + DATA_BLOB* msg_data) +{ + if (am_parent) { + messaging_send_to_children(ctx, msg_type, msg_data); + } +} + static void add_child_pid(struct smbd_parent_context *parent, pid_t pid) { @@ -877,6 +888,8 @@ static bool open_sockets_smbd(struct smbd_parent_context *parent, brl_revalidate); messaging_register(msg_ctx, NULL, MSG_SMB_FORCE_TDIS, smb_parent_force_tdis); + messaging_register(msg_ctx, NULL, MSG_SMB_KILL_CLIENT_IP, + smb_parent_kill_client_by_ip); messaging_register(msg_ctx, NULL, ID_CACHE_DELETE, smbd_parent_id_cache_delete); diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index 00b23f7..ea1f609 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -790,6 +790,27 @@ static bool do_closeshare(struct tevent_context *ev_ctx, strlen(argv[1]) + 1); } +/* Kill a client by IP address */ +static bool do_kill_client_by_ip(struct tevent_context *ev_ctx, + struct messaging_context *msg_ctx, + const struct server_id pid, + const int argc, const char **argv) +{ + if (argc != 2) { + fprintf(stderr, "Usage: smbcontrol <dest> kill-client-ip " + "<IP address>\n"); + return false; + } + + if (!is_ipaddress_v4(argv[1]) && !is_ipaddress_v6(argv[1])) { + fprintf(stderr, "%s is not a valid IP address!\n", argv[1]); + return false; + } + + return send_message(msg_ctx, pid, MSG_SMB_KILL_CLIENT_IP, + argv[1], strlen(argv[1]) + 1); +} + /* Tell winbindd an IP got dropped */ static bool do_ip_dropped(struct tevent_context *ev_ctx, @@ -1287,6 +1308,8 @@ static const struct { { "debuglevel", do_debuglevel, "Display current debuglevels" }, { "printnotify", do_printnotify, "Send a print notify message" }, { "close-share", do_closeshare, "Forcibly disconnect a share" }, + { "kill-client-ip", do_kill_client_by_ip, + "Forcibly disconnect a client with a specific IP address" }, { "ip-dropped", do_ip_dropped, "Tell winbind that an IP got dropped" }, { "lockretry", do_lockretry, "Force a blocking lock retry" }, { "brl-revalidate", do_brl_revalidate, "Revalidate all brl entries" }, -- Samba Shared Repository