Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

686 lines
19 KiB

/**********************************************************************/
/** Microsoft Windows NT **/
/** Copyright(c) Microsoft Corp., 1993 **/
/**********************************************************************/
/*
connect.cxx
This module contains the main function for handling new connections.
After receiving a new connection this module creates a new USER_DATA
object to contain the information about a connection for processing.
Functions exported by this module:
FtpdNewConnection
FtpdNewConnectionEx
FILE HISTORY:
KeithMo 08-Mar-1993 Created.
MuraliK 03-April-1995
Rewrote to separate the notion of one thread/control connection +
other mods.
MuraliK 11-Oct-1995
Completely rewrote to support AcceptEx connections
*/
#include "ftpdp.hxx"
static CHAR PSZ_SERVICE_NOT_AVAILABLE[] =
"Service not available, closing control connection.";
//
// Private prototypes.
//
VOID
FtpReqResolveCallback(
ADDRCHECKARG pArg,
BOOL fSt,
LPSTR pName
)
{
// ignore fSt : DNS name is simply unavailable
//((LPUSER_DATA)pArg)->Reference();
if ( !AtqPostCompletionStatus( ((LPUSER_DATA)pArg)->QueryControlAio()->QueryAtqContext(),
0 ))
{
DereferenceUserDataAndKill( ((LPUSER_DATA)pArg) );
}
}
BOOL
ProcessNewClient(
IN SOCKET sNew,
IN PVOID EndpointObject,
IN FTP_SERVER_INSTANCE *pInstance,
IN BOOL fMaxConnExceeded,
IN PSOCKADDR_IN psockAddrRemote,
IN PSOCKADDR_IN psockAddrLocal = NULL,
IN PATQ_CONTEXT patqContext = NULL,
IN PVOID pvBuff = NULL,
IN DWORD cbWritten = 0,
OUT LPBOOL pfAtqToBeFreed = NULL
)
{
LPUSER_DATA pUserData = NULL;
DWORD err = NO_ERROR;
BOOL fReturn = FALSE;
DBG_CODE( CHAR pchAddr[32];);
BOOL fSockToBeFreed = TRUE;
BOOL fDereferenceInstance = FALSE;
AC_RESULT acIpAccess;
BOOL fNeedDnsCheck = FALSE;
BOOL fValid;
BOOL fUnbindOnFail;
DBG_CODE( InetNtoa( psockAddrRemote->sin_addr, pchAddr));
if ( pfAtqToBeFreed != NULL) {
*pfAtqToBeFreed = TRUE;
}
//
// Create a new connection object
//
if ( !fMaxConnExceeded ) {
pUserData = pInstance->AllocNewConnection();
}
if ( pUserData != NULL) {
pUserData->QueryAccessCheck()->BindAddr( (PSOCKADDR)psockAddrRemote );
if ( !pUserData->BindInstanceAccessCheck() ) {
fValid = FALSE;
fUnbindOnFail = FALSE;
}
else {
fUnbindOnFail = TRUE;
acIpAccess = pUserData->QueryAccessCheck()->CheckIpAccess( &fNeedDnsCheck );
if ( (acIpAccess == AC_IN_DENY_LIST) ||
((acIpAccess == AC_NOT_IN_GRANT_LIST) && !fNeedDnsCheck) ) {
SockPrintf2(
NULL,
sNew,
"%u Connection refused, unknown IP address.",
REPLY_NOT_LOGGED_IN
);
fValid = FALSE;
}
else {
fValid = TRUE;
}
}
//
// Start off processing this client connection.
//
// Once we make a reset call, the USER_DATA object is created
// with the socket and atq context.
// From now on USER_DATA will take care of freeing
// ATQ context & socket
//
if (fValid) {
fSockToBeFreed = FALSE;
fValid = pUserData->Reset(sNew,
EndpointObject,
psockAddrRemote->sin_addr,
psockAddrLocal,
patqContext,
pvBuff,
cbWritten,
acIpAccess );
}
if ( fValid ) {
IF_DEBUG( CLIENT) {
CHKINFO( ( DBG_CONTEXT,
" Established a new connection to %s"
" ( Socket = %d)\n",
pchAddr,
sNew));
}
//
// At this point we have the context for the AcceptExed socket.
// Set the context in the AtqContext if need be.
//
if ( patqContext != NULL) {
//
// Associate client connection object with this control socket
// handle for future completions.
//
AtqContextSetInfo(patqContext,
ATQ_INFO_COMPLETION_CONTEXT,
(ULONG_PTR) pUserData->QueryControlAio());
}
if ( fNeedDnsCheck )
{
if ( !pUserData->QueryAccessCheck()->IsDnsResolved() ) {
BOOL fSync;
LPSTR pDns;
pUserData->SetNeedDnsCheck( TRUE );
if ( pUserData->QueryAccessCheck()->QueryDnsName( &fSync,
(ADDRCHECKFUNCEX)FtpReqResolveCallback,
(ADDRCHECKARG)pUserData,
&pDns )
&& !fSync ) {
return TRUE;
}
}
}
else {
pUserData->UnbindInstanceAccessCheck();
}
DBG_REQUIRE( pUserData->Reference() > 0);
fReturn = pUserData->ProcessAsyncIoCompletion(0, NO_ERROR,
pUserData->
QueryControlAio()
);
if ( !fReturn) {
err = GetLastError();
IF_DEBUG( ERROR) {
CHKINFO(( DBG_CONTEXT,
" Unable to start off a read to client(%s,%d)."
" Error = %lu\n",
pchAddr,
sNew,
err ));
}
}
//
// Decrement the ref count and free the connection.
//
DBG_ASSERT( (err == NO_ERROR) || pUserData->QueryReference() == 1);
DereferenceUserDataAndKill( pUserData);
} else {
if ( fUnbindOnFail )
{
pUserData->UnbindInstanceAccessCheck();
}
// reset operation failed. relase memory and exit.
err = GetLastError();
pUserData->Cleanup();
pInstance->RemoveConnection( pUserData);
pUserData = NULL;
}
} else {
err = GetLastError();
fDereferenceInstance = TRUE;
}
if ( (pUserData == NULL) || (err != NO_ERROR) ) {
//
// Failed to allocate new connection
// Reasons:
// 1) Max connecitons might have been exceeded.
// 2) Not enough memory is available.
// 3) Access check failed
//
// handle the failures and notify client.
//
if ( fMaxConnExceeded) {
CHAR rgchBuffer[MAX_REPLY_LENGTH];
DWORD len;
//
// Unable to insert new connection.
// The maxConnections may have exceeded.
// Destroy the client connection object and return.
// Possibly need to send an error message.
//
IF_DEBUG( ERROR) {
CHKINFO( ( DBG_CONTEXT,
" MaxConnections Exceeded. "
" Connection from %s refused at socket %d\n",
pchAddr, sNew));
}
// Format a message to send for the error case.
pInstance->LockConfig();
LPCSTR pszMsg = pInstance->QueryMaxClientsMsg();
pszMsg = (pszMsg == NULL) ? PSZ_SERVICE_NOT_AVAILABLE : pszMsg;
len = FtpFormatResponseMessage(REPLY_SERVICE_NOT_AVAILABLE,
pszMsg,
rgchBuffer,
MAX_REPLY_LENGTH);
pInstance->UnLockConfig();
DBG_ASSERT( len < MAX_REPLY_LENGTH);
// Send the formatted message
// Ignore error in sending this message.
SockSend( NULL, sNew, rgchBuffer, len);
} else {
// not enough memory for running this client connection
const CHAR * apszSubStrings[1];
CHAR pchAddr2[32];
InetNtoa( psockAddrRemote->sin_addr, pchAddr2 );
apszSubStrings[0] = pchAddr2;
g_pInetSvc->LogEvent(FTPD_EVENT_CANNOT_CREATE_CLIENT_THREAD,
1,
apszSubStrings,
err );
IF_DEBUG( ERROR) {
CHKINFO(( DBG_CONTEXT,
"Cannot create Client Connection for %s,"
" Error %lu\n",
pchAddr,
err ));
}
//
// Send a message to client if the socket is to be freed.
// If it is already freed, then we cannot send message
//
if ( fSockToBeFreed) {
SockPrintf2(NULL, sNew,
"%u Service not available,"
" closing control connection.",
REPLY_SERVICE_NOT_AVAILABLE );
} else {
IF_DEBUG( CLIENT) {
DBGPRINTF( ( DBG_CONTEXT,
" Unable to send closed error message to "
" %s (%d)\n",
pchAddr2, sNew
));
}
}
}
//
// Unable to create a new connection object.
// Report error and shut this.
//
IF_DEBUG( ERROR) {
CHKINFO( ( DBG_CONTEXT,
"Cannot create new FTP Request object to %s."
" Error= %u\n",
pchAddr,
err));
}
if ( fSockToBeFreed ) {
if ( patqContext != NULL) {
// ensure that socket is shut down.
DBG_REQUIRE( AtqCloseSocket( patqContext, TRUE));
} else {
CloseSocket( sNew);
}
}
fReturn = (FALSE);
} // if ( pcc == NULL)
if ( pfAtqToBeFreed != NULL) {
*pfAtqToBeFreed = fSockToBeFreed;
}
if ( fDereferenceInstance ) {
pInstance->DecrementCurrentConnections();
pInstance->Dereference();
}
return (fReturn);
} // ProcessNewClient()
//
// Public functions.
//
VOID
FtpdNewConnection(
IN SOCKET sNew,
IN SOCKADDR_IN * psockaddr,
IN PVOID EndpointContext,
IN PVOID EndpointObject
)
/*++
Call back function for processing the connections from clients.
This function creates a new UserData object if permitted for the new
client request and starts off a receive for the given connection
using Async read on control channel established.
Arguments:
sNew control socket for the new client connection
psockAddr pointer to the client's address.
Returns:
None
History:
KeithMo 08-Mar-1993 Created.
MuraliK 04-April-1995
ReCreated for using async Io threading model.
--*/
{
BOOL fProcessed;
BOOL fMaxConnExceeded;
INT cbAddr = sizeof(SOCKADDR);
SOCKADDR_IN sockaddr;
FTP_SERVER_INSTANCE *pInstance;
DBG_ASSERT( sNew != INVALID_SOCKET );
DBG_ASSERT( psockaddr != NULL );
DBG_ASSERT( psockaddr->sin_family == AF_INET ); // temporary
g_pFTPStats->IncrConnectionAttempts();
if ( g_pInetSvc->QueryCurrentServiceState() != SERVICE_RUNNING ) {
IF_DEBUG( ERROR) {
DBG_CODE( CHAR pchAddr[32];);
DBG_CODE( InetNtoa(((SOCKADDR_IN *) psockaddr)->sin_addr,
pchAddr));
CHKINFO( ( DBG_CONTEXT,
"Service is not running or AccessCheck failed for"
" Connection from %s\n",
pchAddr));
}
SockPrintf2(NULL,
sNew,
"%u %s", // the blank after %u is essential
REPLY_SERVICE_NOT_AVAILABLE,
"Service not available, closing control connection." );
goto error_exit;
}
if (getsockname( sNew, (PSOCKADDR)&sockaddr, &cbAddr ) != 0) {
goto error_exit;
}
//
// Find Instance
//
pInstance = (FTP_SERVER_INSTANCE *)
((PIIS_ENDPOINT)EndpointContext)->FindAndReferenceInstance(
(LPCSTR)NULL,
sockaddr.sin_addr.s_addr,
&fMaxConnExceeded
);
if ( pInstance == NULL ) {
//
// Site is not permitted to access this server.
// Dont establish this connection. We should send a message.
//
SockPrintf2(NULL, sNew,
"%u Connection refused, unknown IP address.",
REPLY_NOT_LOGGED_IN);
goto error_exit;
}
fProcessed = ProcessNewClient( sNew,
EndpointObject,
pInstance,
fMaxConnExceeded,
psockaddr);
if ( fProcessed) {
pInstance->QueryStatsObj()->CheckAndSetMaxConnections();
}
return;
error_exit:
CloseSocket( sNew);
return;
} // FtpdNewConnection()
VOID
FtpdNewConnectionEx(
IN VOID * patqContext,
IN DWORD cbWritten,
IN DWORD dwError,
IN OVERLAPPED * lpo
)
/*++
Description:
Callback function for new connections when using AcceptEx.
This function verifies if this is a valid connection
( maybe using IP level authentication)
and creates a new connection object
The connection object is added to list of active connections.
If the max number of connections permitted is exceeded,
the client connection object is destroyed and
connection is rejected.
Arguments:
patqContext: pointer to ATQ context for the IO operation
cbWritten: count of bytes available from first read operation
dwError: error if any from initial operation
lpo: indicates if this function was called as a result
of IO completion or due to some error.
Returns:
None.
--*/
{
BOOL fProcessed = FALSE;
BOOL fAtqContextToBeFreed = TRUE;
BOOL fMaxConnExceeded;
PSOCKADDR_IN psockAddrLocal = NULL;
PSOCKADDR_IN psockAddrRemote = NULL;
SOCKET sNew = INVALID_SOCKET;
PVOID pvBuff = NULL;
PIIS_ENDPOINT pEndpoint;
FTP_SERVER_INSTANCE *pInstance;
if ( (dwError != NO_ERROR) || !lpo) {
DBGPRINTF(( DBG_CONTEXT, "FtpdNewConnectionEx() completion failed."
" Error = %d. AtqContext=%08x\n",
dwError, patqContext));
//
// For now free up the resources.
//
goto exit;
}
g_pFTPStats->IncrConnectionAttempts();
DBG_ASSERT( patqContext != NULL);
AtqGetAcceptExAddrs( (PATQ_CONTEXT ) patqContext,
&sNew,
&pvBuff,
(PVOID*)&pEndpoint,
(PSOCKADDR *)&psockAddrLocal,
(PSOCKADDR *)&psockAddrRemote);
DBG_ASSERT( pEndpoint != NULL );
IF_DEBUG( CONNECTION ) {
DBGPRINTF(( DBG_CONTEXT,
" New connection. AtqCont=%08x, buff=%08x, cb=%d\n",
patqContext, pvBuff, cbWritten));
}
if ( g_pInetSvc->QueryCurrentServiceState() != SERVICE_RUNNING ) {
DBGPRINTF((DBG_CONTEXT,"Connection attempt on inactive service\n"));
SockPrintf2(NULL,
sNew,
"%u %s", // the blank after %u is essential
REPLY_SERVICE_NOT_AVAILABLE,
"Service not available, closing control connection." );
goto exit;
}
//
// Find Instance
//
pInstance = (FTP_SERVER_INSTANCE*)pEndpoint->FindAndReferenceInstance(
(LPCSTR)NULL,
psockAddrLocal->sin_addr.s_addr,
&fMaxConnExceeded
);
if (pInstance == NULL ) {
//
// Site is not permitted to access this server.
// Dont establish this connection. We should send a message.
//
DBGPRINTF((DBG_CONTEXT,
"Unable to find instance [err %d]\n",GetLastError()));
goto exit;
}
//
// Set the timeout for future IOs on this context
//
AtqContextSetInfo( (PATQ_CONTEXT) patqContext,
ATQ_INFO_TIMEOUT,
(ULONG_PTR) pInstance->QueryConnectionTimeout()
);
if ( pInstance->QueryBandwidthInfo() )
{
AtqContextSetInfo( (PATQ_CONTEXT) patqContext,
ATQ_INFO_BANDWIDTH_INFO,
(ULONG_PTR) pInstance->QueryBandwidthInfo() );
}
fProcessed = ProcessNewClient( sNew,
NULL,
pInstance,
fMaxConnExceeded,
psockAddrRemote,
psockAddrLocal,
(PATQ_CONTEXT ) patqContext,
pvBuff,
cbWritten,
&fAtqContextToBeFreed);
if ( fProcessed) {
pInstance->QueryStatsObj()->CheckAndSetMaxConnections();
}
exit:
if ( !fProcessed && fAtqContextToBeFreed ) {
//
// We failed to process this connection. Free up resources properly
//
DBG_REQUIRE( AtqCloseSocket( (PATQ_CONTEXT )patqContext, FALSE));
AtqFreeContext( (PATQ_CONTEXT ) patqContext, TRUE );
}
return;
} // FtpdNewConnectionEx