The branch, master has been updated via dabb056 s3-auth_samba4: use new_server_id_task() to allocate server id values via 442a81e s3-lib Add a way to allocate the task_id value in server_id via f10c638 s4-messaging: Fill in the whole server_id in all use cases from 645e4bb s4-torture: convert samba3misc tests to use torture_failure and torture_assert
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit dabb0562500bb83ded8243705065c4ef6ebb5049 Author: Andrew Bartlett <abart...@samba.org> Date: Wed Apr 25 17:40:35 2012 +1000 s3-auth_samba4: use new_server_id_task() to allocate server id values This is rather than just picking a random number out of the air. Andrew Bartlett Autobuild-User: Andrew Bartlett <abart...@samba.org> Autobuild-Date: Mon Apr 30 11:29:34 CEST 2012 on sn-devel-104 commit 442a81e7b282eef85d3c7d978846a531b55cbd5f Author: Andrew Bartlett <abart...@samba.org> Date: Thu Jul 21 16:29:38 2011 +1000 s3-lib Add a way to allocate the task_id value in server_id This safely allocates the task_id so that when we have multiple event contexts, they can each have their own messaging context, particularly for the imessaging subsystem under source4. Andrew Bartlett commit f10c63810077a6759a9df4e9c653066f9f355d96 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Apr 30 15:44:01 2012 +1000 s4-messaging: Fill in the whole server_id in all use cases This started per https://bugzilla.samba.org/show_bug.cgi?id=8872#c4 and avoids any possible collision with a different process. We also need to ensure that across a Samba installation on a single node that id.vnn is the same. Samba4 previously used 0, while Samba3 used NONCLUSTER_VNN. When a message is sent between these 'different' nodes, the error NT_STATUS_INVALID_DEVICE_REQUEST is raised. Andrew Bartlett ----------------------------------------------------------------------- Summary of changes: librpc/idl/server_id.idl | 3 ++ source3/Makefile.in | 3 +- source3/auth/auth_samba4.c | 33 +++++++++++++++++++++++----- source3/include/proto.h | 1 + source3/include/serverid.h | 3 -- source3/lib/util.c | 42 +++++++++++++++++++++++++++++++++++++ source4/cluster/local.c | 3 ++ source4/lib/messaging/messaging.c | 7 +++++- 8 files changed, 83 insertions(+), 12 deletions(-) Changeset truncated at 500 lines: diff --git a/librpc/idl/server_id.idl b/librpc/idl/server_id.idl index ac2e9ab..554e428 100644 --- a/librpc/idl/server_id.idl +++ b/librpc/idl/server_id.idl @@ -11,6 +11,9 @@ interface server_id const int NONCLUSTER_VNN = 0xFFFFFFFF; + /** Don't verify this unique id */ + const int SERVERID_UNIQUE_ID_NOT_TO_VERIFY = 0xFFFFFFFFFFFFFFFFULL; + /* used to look like the following, note that unique_id was not * marshalled at all... diff --git a/source3/Makefile.in b/source3/Makefile.in index e5aba23..37419de 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -484,7 +484,7 @@ LIB_OBJ = $(LIBSAMBAUTIL_OBJ) $(UTIL_OBJ) $(CRYPTO_OBJ) $(LIBTSOCKET_OBJ) \ lib/file_id.o lib/idmap_cache.o \ ../libcli/security/dom_sid.o ../libcli/security/security_descriptor.o \ ../libcli/security/security_token.o ../libcli/security/util_sid.o \ - ../libcli/smb/util.o + ../libcli/smb/util.o ../lib/util/idtree.o LIB_DUMMY_OBJ = lib/smbd_shim.o lib/dummyparam.o LIB_NONSMBD_OBJ = $(LIB_OBJ) $(LIB_DUMMY_OBJ) @@ -593,7 +593,6 @@ LIBTSOCKET_OBJ = ../lib/tsocket/tsocket.o \ CLDAP_OBJ = libads/cldap.o \ ../libcli/cldap/cldap.o \ - ../lib/util/idtree.o \ $(LIBCLI_LDAP_MESSAGE_OBJ) $(LIBCLI_LDAP_NDR_OBJ) TLDAP_OBJ = lib/tldap.o lib/tldap_util.o lib/util_tsock.o diff --git a/source3/auth/auth_samba4.c b/source3/auth/auth_samba4.c index 6692f18..1bf4227 100644 --- a/source3/auth/auth_samba4.c +++ b/source3/auth/auth_samba4.c @@ -107,6 +107,7 @@ static NTSTATUS prepare_gensec(TALLOC_CTX *mem_ctx, struct gensec_security *gensec_ctx; struct imessaging_context *msg_ctx; struct cli_credentials *server_credentials; + struct server_id *server_id; lp_ctx = loadparm_init_s3(frame, loadparm_s3_context()); if (lp_ctx == NULL) { @@ -121,15 +122,25 @@ static NTSTATUS prepare_gensec(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_SERVER_STATE; } - msg_ctx = imessaging_client_init(frame, - lp_ctx, - event_ctx); + server_id = new_server_id_task(frame); + if (server_id == NULL) { + DEBUG(1, ("new_server_id_task failed\n")); + TALLOC_FREE(frame); + return NT_STATUS_INVALID_SERVER_STATE; + } + + msg_ctx = imessaging_init(frame, + lp_ctx, + *server_id, + event_ctx, true); if (msg_ctx == NULL) { DEBUG(1, ("imessaging_init failed\n")); TALLOC_FREE(frame); return NT_STATUS_INVALID_SERVER_STATE; } + talloc_reparent(frame, msg_ctx, server_id); + server_credentials = cli_credentials_init(frame); if (!server_credentials) { @@ -179,6 +190,7 @@ static NTSTATUS make_auth4_context_s4(TALLOC_CTX *mem_ctx, struct tevent_context *event_ctx; TALLOC_CTX *frame = talloc_stackframe(); struct imessaging_context *msg_ctx; + struct server_id *server_id; lp_ctx = loadparm_init_s3(frame, loadparm_s3_context()); if (lp_ctx == NULL) { @@ -193,14 +205,23 @@ static NTSTATUS make_auth4_context_s4(TALLOC_CTX *mem_ctx, return NT_STATUS_INVALID_SERVER_STATE; } - msg_ctx = imessaging_client_init(frame, - lp_ctx, - event_ctx); + server_id = new_server_id_task(frame); + if (server_id == NULL) { + DEBUG(1, ("new_server_id_task failed\n")); + TALLOC_FREE(frame); + return NT_STATUS_INVALID_SERVER_STATE; + } + + msg_ctx = imessaging_init(frame, + lp_ctx, + *server_id, + event_ctx, true); if (msg_ctx == NULL) { DEBUG(1, ("imessaging_init failed\n")); TALLOC_FREE(frame); return NT_STATUS_INVALID_SERVER_STATE; } + talloc_reparent(frame, msg_ctx, server_id); status = auth_context_create(mem_ctx, event_ctx, diff --git a/source3/include/proto.h b/source3/include/proto.h index 8392b68..c2c74fa 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -517,6 +517,7 @@ uint32 get_my_vnn(void); void set_my_unique_id(uint64_t unique_id); struct server_id pid_to_procid(pid_t pid); struct server_id procid_self(void); +struct server_id *new_server_id_task(TALLOC_CTX *mem_ctx); bool procid_equal(const struct server_id *p1, const struct server_id *p2); bool cluster_id_equal(const struct server_id *id1, const struct server_id *id2); diff --git a/source3/include/serverid.h b/source3/include/serverid.h index 8fc06a1..1833f53 100644 --- a/source3/include/serverid.h +++ b/source3/include/serverid.h @@ -22,9 +22,6 @@ #include "includes.h" -/** Don't verify this unique id */ -#define SERVERID_UNIQUE_ID_NOT_TO_VERIFY 0xFFFFFFFFFFFFFFFFULL - /* * Register a server with its unique id */ diff --git a/source3/lib/util.c b/source3/lib/util.c index e43cfbb..7913ce9 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -2016,6 +2016,48 @@ struct server_id procid_self(void) return pid_to_procid(getpid()); } +static struct idr_context *task_id_tree; + +static int free_task_id(struct server_id *server_id) +{ + idr_remove(task_id_tree, server_id->task_id); + return 0; +} + +/* Return a server_id with a unique task_id element. Free the + * returned pointer to de-allocate the task_id via a talloc destructor + * (ie, use talloc_free()) */ +struct server_id *new_server_id_task(TALLOC_CTX *mem_ctx) +{ + struct server_id *server_id; + int task_id; + if (!task_id_tree) { + task_id_tree = idr_init(NULL); + if (!task_id_tree) { + return NULL; + } + } + + server_id = talloc(mem_ctx, struct server_id); + + if (!server_id) { + return NULL; + } + *server_id = procid_self(); + + /* 0 is the default server_id, so we need to start with 1 */ + task_id = idr_get_new_above(task_id_tree, server_id, 1, INT32_MAX); + + if (task_id == -1) { + talloc_free(server_id); + return NULL; + } + + talloc_set_destructor(server_id, free_task_id); + server_id->task_id = task_id; + return server_id; +} + bool procid_equal(const struct server_id *p1, const struct server_id *p2) { if (p1->pid != p2->pid) diff --git a/source4/cluster/local.c b/source4/cluster/local.c index 24cbe81..df67bcf 100644 --- a/source4/cluster/local.c +++ b/source4/cluster/local.c @@ -37,6 +37,9 @@ static struct server_id local_id(struct cluster_ops *ops, uint64_t pid, uint32_t ZERO_STRUCT(server_id); server_id.pid = pid; server_id.task_id = task_id; + server_id.vnn = NONCLUSTER_VNN; + /* This is because we are not in the s3 serverid database */ + server_id.unique_id = SERVERID_UNIQUE_ID_NOT_TO_VERIFY; return server_id; } diff --git a/source4/lib/messaging/messaging.c b/source4/lib/messaging/messaging.c index 80812c2..4d69b94 100644 --- a/source4/lib/messaging/messaging.c +++ b/source4/lib/messaging/messaging.c @@ -663,7 +663,12 @@ struct imessaging_context *imessaging_client_init(TALLOC_CTX *mem_ctx, { struct server_id id; ZERO_STRUCT(id); - id.pid = generate_random() % 0x10000000; + id.pid = getpid(); + id.task_id = generate_random(); + id.vnn = NONCLUSTER_VNN; + + /* This is because we are not in the s3 serverid database */ + id.unique_id = SERVERID_UNIQUE_ID_NOT_TO_VERIFY; return imessaging_init(mem_ctx, lp_ctx, id, ev, true); } -- Samba Shared Repository