The branch, master has been updated
via dabb056 s3-auth_samba4: use new_server_id_task() to allocate server
id values
via 442a81e s3-lib Add a way to allocate the task_id value in server_id
via f10c638 s4-messaging: Fill in the whole server_id in all use cases
from 645e4bb s4-torture: convert samba3misc tests to use torture_failure
and torture_assert
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit dabb0562500bb83ded8243705065c4ef6ebb5049
Author: Andrew Bartlett <abart...@samba.org>
Date: Wed Apr 25 17:40:35 2012 +1000
s3-auth_samba4: use new_server_id_task() to allocate server id values
This is rather than just picking a random number out of the air.
Andrew Bartlett
Autobuild-User: Andrew Bartlett <abart...@samba.org>
Autobuild-Date: Mon Apr 30 11:29:34 CEST 2012 on sn-devel-104
commit 442a81e7b282eef85d3c7d978846a531b55cbd5f
Author: Andrew Bartlett <abart...@samba.org>
Date: Thu Jul 21 16:29:38 2011 +1000
s3-lib Add a way to allocate the task_id value in server_id
This safely allocates the task_id so that when we have multiple event
contexts, they can each have their own messaging context, particularly
for the imessaging subsystem under source4.
Andrew Bartlett
commit f10c63810077a6759a9df4e9c653066f9f355d96
Author: Andrew Bartlett <abart...@samba.org>
Date: Mon Apr 30 15:44:01 2012 +1000
s4-messaging: Fill in the whole server_id in all use cases
This started per https://bugzilla.samba.org/show_bug.cgi?id=8872#c4
and avoids any possible collision with a different process.
We also need to ensure that across a Samba installation on a single
node that id.vnn is the same. Samba4 previously used 0, while Samba3
used NONCLUSTER_VNN. When a message is sent between these 'different'
nodes, the error NT_STATUS_INVALID_DEVICE_REQUEST is raised.
Andrew Bartlett
-----------------------------------------------------------------------
Summary of changes:
librpc/idl/server_id.idl | 3 ++
source3/Makefile.in | 3 +-
source3/auth/auth_samba4.c | 33 +++++++++++++++++++++++-----
source3/include/proto.h | 1 +
source3/include/serverid.h | 3 --
source3/lib/util.c | 42 +++++++++++++++++++++++++++++++++++++
source4/cluster/local.c | 3 ++
source4/lib/messaging/messaging.c | 7 +++++-
8 files changed, 83 insertions(+), 12 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/server_id.idl b/librpc/idl/server_id.idl
index ac2e9ab..554e428 100644
--- a/librpc/idl/server_id.idl
+++ b/librpc/idl/server_id.idl
@@ -11,6 +11,9 @@ interface server_id
const int NONCLUSTER_VNN = 0xFFFFFFFF;
+ /** Don't verify this unique id */
+ const int SERVERID_UNIQUE_ID_NOT_TO_VERIFY = 0xFFFFFFFFFFFFFFFFULL;
+
/* used to look like the following, note that unique_id was not
* marshalled at all...
diff --git a/source3/Makefile.in b/source3/Makefile.in
index e5aba23..37419de 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -484,7 +484,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ)
$(LIBTSOCKET_OBJ) \
lib/file_id.o lib/idmap_cache.o \
../libcli/security/dom_sid.o ../libcli/security/security_descriptor.o
\
../libcli/security/security_token.o ../libcli/security/util_sid.o \
- ../libcli/smb/util.o
+ ../libcli/smb/util.o ../lib/util/idtree.o
LIB_DUMMY_OBJ = lib/smbd_shim.o lib/dummyparam.o
LIB_NONSMBD_OBJ = $(LIB_OBJ) $(LIB_DUMMY_OBJ)
@@ -593,7 +593,6 @@ LIBTSOCKET_OBJ = ../lib/tsocket/tsocket.o \
CLDAP_OBJ = libads/cldap.o \
../libcli/cldap/cldap.o \
- ../lib/util/idtree.o \
$(LIBCLI_LDAP_MESSAGE_OBJ) $(LIBCLI_LDAP_NDR_OBJ)
TLDAP_OBJ = lib/tldap.o lib/tldap_util.o lib/util_tsock.o
diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c
index 6692f18..1bf4227 100644
--- a/source3/auth/auth_samba4.c
+++ b/source3/auth/auth_samba4.c
@@ -107,6 +107,7 @@ static NTSTATUS prepare_gensec(TALLOC_CTX *mem_ctx,
struct gensec_security *gensec_ctx;
struct imessaging_context *msg_ctx;
struct cli_credentials *server_credentials;
+ struct server_id *server_id;
lp_ctx = loadparm_init_s3(frame, loadparm_s3_context());
if (lp_ctx == NULL) {
@@ -121,15 +122,25 @@ static NTSTATUS prepare_gensec(TALLOC_CTX *mem_ctx,
return NT_STATUS_INVALID_SERVER_STATE;
}
- msg_ctx = imessaging_client_init(frame,
- lp_ctx,
- event_ctx);
+ server_id = new_server_id_task(frame);
+ if (server_id == NULL) {
+ DEBUG(1, ("new_server_id_task failed\n"));
+ TALLOC_FREE(frame);
+ return NT_STATUS_INVALID_SERVER_STATE;
+ }
+
+ msg_ctx = imessaging_init(frame,
+ lp_ctx,
+ *server_id,
+ event_ctx, true);
if (msg_ctx == NULL) {
DEBUG(1, ("imessaging_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
+ talloc_reparent(frame, msg_ctx, server_id);
+
server_credentials
= cli_credentials_init(frame);
if (!server_credentials) {
@@ -179,6 +190,7 @@ static NTSTATUS make_auth4_context_s4(TALLOC_CTX *mem_ctx,
struct tevent_context *event_ctx;
TALLOC_CTX *frame = talloc_stackframe();
struct imessaging_context *msg_ctx;
+ struct server_id *server_id;
lp_ctx = loadparm_init_s3(frame, loadparm_s3_context());
if (lp_ctx == NULL) {
@@ -193,14 +205,23 @@ static NTSTATUS make_auth4_context_s4(TALLOC_CTX *mem_ctx,
return NT_STATUS_INVALID_SERVER_STATE;
}
- msg_ctx = imessaging_client_init(frame,
- lp_ctx,
- event_ctx);
+ server_id = new_server_id_task(frame);
+ if (server_id == NULL) {
+ DEBUG(1, ("new_server_id_task failed\n"));
+ TALLOC_FREE(frame);
+ return NT_STATUS_INVALID_SERVER_STATE;
+ }
+
+ msg_ctx = imessaging_init(frame,
+ lp_ctx,
+ *server_id,
+ event_ctx, true);
if (msg_ctx == NULL) {
DEBUG(1, ("imessaging_init failed\n"));
TALLOC_FREE(frame);
return NT_STATUS_INVALID_SERVER_STATE;
}
+ talloc_reparent(frame, msg_ctx, server_id);
status = auth_context_create(mem_ctx,
event_ctx,
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 8392b68..c2c74fa 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -517,6 +517,7 @@ uint32 get_my_vnn(void);
void set_my_unique_id(uint64_t unique_id);
struct server_id pid_to_procid(pid_t pid);
struct server_id procid_self(void);
+struct server_id *new_server_id_task(TALLOC_CTX *mem_ctx);
bool procid_equal(const struct server_id *p1, const struct server_id *p2);
bool cluster_id_equal(const struct server_id *id1,
const struct server_id *id2);
diff --git a/source3/include/serverid.h b/source3/include/serverid.h
index 8fc06a1..1833f53 100644
--- a/source3/include/serverid.h
+++ b/source3/include/serverid.h
@@ -22,9 +22,6 @@
#include "includes.h"
-/** Don't verify this unique id */
-#define SERVERID_UNIQUE_ID_NOT_TO_VERIFY 0xFFFFFFFFFFFFFFFFULL
-
/*
* Register a server with its unique id
*/
diff --git a/source3/lib/util.c b/source3/lib/util.c
index e43cfbb..7913ce9 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -2016,6 +2016,48 @@ struct server_id procid_self(void)
return pid_to_procid(getpid());
}
+static struct idr_context *task_id_tree;
+
+static int free_task_id(struct server_id *server_id)
+{
+ idr_remove(task_id_tree, server_id->task_id);
+ return 0;
+}
+
+/* Return a server_id with a unique task_id element. Free the
+ * returned pointer to de-allocate the task_id via a talloc destructor
+ * (ie, use talloc_free()) */
+struct server_id *new_server_id_task(TALLOC_CTX *mem_ctx)
+{
+ struct server_id *server_id;
+ int task_id;
+ if (!task_id_tree) {
+ task_id_tree = idr_init(NULL);
+ if (!task_id_tree) {
+ return NULL;
+ }
+ }
+
+ server_id = talloc(mem_ctx, struct server_id);
+
+ if (!server_id) {
+ return NULL;
+ }
+ *server_id = procid_self();
+
+ /* 0 is the default server_id, so we need to start with 1 */
+ task_id = idr_get_new_above(task_id_tree, server_id, 1, INT32_MAX);
+
+ if (task_id == -1) {
+ talloc_free(server_id);
+ return NULL;
+ }
+
+ talloc_set_destructor(server_id, free_task_id);
+ server_id->task_id = task_id;
+ return server_id;
+}
+
bool procid_equal(const struct server_id *p1, const struct server_id *p2)
{
if (p1->pid != p2->pid)
diff --git a/source4/cluster/local.c b/source4/cluster/local.c
index 24cbe81..df67bcf 100644
--- a/source4/cluster/local.c
+++ b/source4/cluster/local.c
@@ -37,6 +37,9 @@ static struct server_id local_id(struct cluster_ops *ops,
uint64_t pid, uint32_t
ZERO_STRUCT(server_id);
server_id.pid = pid;
server_id.task_id = task_id;
+ server_id.vnn = NONCLUSTER_VNN;
+ /* This is because we are not in the s3 serverid database */
+ server_id.unique_id = SERVERID_UNIQUE_ID_NOT_TO_VERIFY;
return server_id;
}
diff --git a/source4/lib/messaging/messaging.c
b/source4/lib/messaging/messaging.c
index 80812c2..4d69b94 100644
--- a/source4/lib/messaging/messaging.c
+++ b/source4/lib/messaging/messaging.c
@@ -663,7 +663,12 @@ struct imessaging_context
*imessaging_client_init(TALLOC_CTX *mem_ctx,
{
struct server_id id;
ZERO_STRUCT(id);
- id.pid = generate_random() % 0x10000000;
+ id.pid = getpid();
+ id.task_id = generate_random();
+ id.vnn = NONCLUSTER_VNN;
+
+ /* This is because we are not in the s3 serverid database */
+ id.unique_id = SERVERID_UNIQUE_ID_NOT_TO_VERIFY;
return imessaging_init(mem_ctx, lp_ctx, id, ev, true);
}
--
Samba Shared Repository
