We investigate how a new channel is added to an existing channel on a multichannel connection.
We first need to familiarise ourselves on how a new incoming connection is handled.
To summarise how a new connection is created
a) From the main thread, we call main()->open_sockets_smbd()->smbd_open_one_socket()->tevent_add_fd() to set a tevent handler to call smbd_accept_connection() whenever a new connection is opened with the samba server.
b) For a new connection coming in, the server calls smbd_accept_connection() which forks a child process and calls smbd_process() in the child.
c) Within smbd_process() a new client(struct smbXsrv_client) and a new xconn(struct smbXsrv_connection) are created. The xconn itself is added to the connection list on the new client which was created.
d) Within smbd_add_connection(), we also add a tevent fd handler smbd_server_connection_handler() to handle incoming data on the new socket created for the client.
We also setup the infrastructure necessary to pass the socket file descriptor when a new client is created within smbd_process()->smbXsrv_client_create(), we setup the messaging infrastructure to handle incoming message requests for the message id MSG_SMBXSRV_CONNECTION_PASS.
ie. For incoming requests for message id MSG_SMBXSRV_CONNECTION_PASS, we call handler smbXsrv_client_connection_pass_loop()
At this point, the socket is established. When data is first sent onto the socket by the client, it is handled by the tevent handler smbd_server_connection_handler() followed by smbd_server_connection_read_handler() which subsequently calls process_smb() to process the incoming request.
It is here where we start differentiating between SMB1 and later connections
At this point the buffer containing the incoming request is stored in the smbd_smb2_request *req.
We call smbd_smb2_request_dispatch() to handle the data.
Since this is the first call sent by the client, it is a negotiate request which is handled by smbd_smb2_request_process_negprot().
At this point, the smbd process for the new process sends the original smbd process a message with the data required to transfer the channel to the original process.
We call the handler for the message and process the incoming data.
At this point, we have
a) Added a new connection xconn to the existing client from the original connection.
b) Set the data handler for the socket file descriptor to smbd_server_connection_handler() so that any incoming data is handled by the samba thread handling the original connection.
c) Terminated the new samba thread created for the new channel and handle all new incoming request in handler specified in b.
Friday, May 17, 2019
Steps 1) I use a windows server is available with an AD configured. A samba server with kerberos configured can be used too. 2) Setup /e...
SMB connection is established over 3 steps. 1) Negotiation: The client and the server exchange a list of their own capabilities. We have ...
/usr/sbin/cifs.upcall is the request-key help program used to obtain certain data like kerberos keys or results of dns calls from userland p...
The investigation is driven by a user request to reduce the time spent by the client waiting for a request to an unresponsive server. The ...