The branch, master has been updated via 1b6ef968d83 dcesrv_reply: just drop responses if the connection is already terminating via e829f5d8ec3 dcesrv_core: add dcesrv_call_state->subreq in order to allow tevent_req_cancel() on termination via 87e37e73a9b witness.idl: add flag(NDR_PAHEX) to some hex based enums via 290b0b04ae4 witness.idl: make some types public in order to be used elsewhere via 5beef87816d witness.idl: Set cifs as auth service name for the witness interface via 78ec47a6674 tdb: fix python/tdbdump.py example via 3c73d201d45 examples/scripts: add smbXsrvdump via 8e850685a10 smbXsrv.idl: add python bindings via b96ce32f826 smbstatus: let --json dump also session channels via 3f92a684abb smbstatus: let --json report the client_guid a session belongs to via c1c326ebccb smbXsrv_session: store session_global->client_guid via 88b1c8723b3 s3:sessionid: export smbXsrv_session_global via sessionid->global via d52f7279063 lib/util: let is_zero_addr() return true for AF_UNSPEC via 10b084f824f s3:smbd multichannel: improve smbXsrv_connection_dbg() via 475784d63e9 s3:smbd multichannel: let a cross-node session binding NT_STATUS_REQUEST_NOT_ACCEPTED via 8a3707e3ed9 s3:smbd multichannel: always allow multichannel to the ip of the queried connection via f94d2ed13e6 libcli/security: remove PRIMARY_{USER,GROUP}_SID_INDEX defines from security.h via 6331d33ae49 libcli/smb: add new SMB2_SHAREFLAG_ defines in smb2_constants.h from f14a7065690 smbd: move access override for previous versions to the SMB layer
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 1b6ef968d8370757cb472a1e3bfe030f8066c50d Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 24 14:42:35 2023 +0100 dcesrv_reply: just drop responses if the connection is already terminating There's no reason to waste resources... Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> Autobuild-User(master): Stefan Metzmacher <me...@samba.org> Autobuild-Date(master): Tue Jan 9 11:26:55 UTC 2024 on atb-devel-224 commit e829f5d8ec3a77acb52a22d45e61dcce03762a10 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 24 14:02:02 2023 +0100 dcesrv_core: add dcesrv_call_state->subreq in order to allow tevent_req_cancel() on termination Requests might be cancelled if the connection got disconnected, we got an ORPHANED or CO_CANCEL pdu. But this is all opt-in for the backends to choose. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 87e37e73a9ba13ed92a33a385a387b225b2b9190 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Dec 29 10:20:02 2023 +0100 witness.idl: add flag(NDR_PAHEX) to some hex based enums Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 290b0b04ae41b835f864bba02b1320693ef199d3 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 24 16:38:06 2023 +0100 witness.idl: make some types public in order to be used elsewhere Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 5beef87816d103a729508ce88368c30c87b1fa4e Author: Samuel Cabrero <scabr...@samba.org> Date: Wed Oct 21 18:30:29 2020 +0200 witness.idl: Set cifs as auth service name for the witness interface Windows clients use the 'cifs' service name to bind to the witness interface. Signed-off-by: Samuel Cabrero <scabr...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 78ec47a6674db65d738305cf00861aa711886a43 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 24 16:28:38 2023 +0100 tdb: fix python/tdbdump.py example Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3c73d201d454a88135757065a2b238e6d94a1ac9 Author: Ralph Boehme <s...@samba.org> Date: Sun Jan 28 15:35:44 2018 +0100 examples/scripts: add smbXsrvdump A simple python tool to dump smbXsrv TDB databases. Signed-off-by: Ralph Boehme <s...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 8e850685a1052a16bea402df3e8057218080c373 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 24 16:09:58 2023 +0100 smbXsrv.idl: add python bindings This is useful for some scripting examples and debugging... Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit b96ce32f826ba03384e6a7535200d7e18354fc4b Author: Stefan Metzmacher <me...@samba.org> Date: Fri Dec 15 16:46:50 2023 +0100 smbstatus: let --json dump also session channels This makes if easier to see how tcp connections belong to a session or client_guid. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 3f92a684abb577b84d01b8f9124a7a459635d851 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Dec 28 10:36:25 2023 +0100 smbstatus: let --json report the client_guid a session belongs to Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit c1c326ebccb272acc918a97aff5b659cc299c9e5 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Dec 28 10:35:43 2023 +0100 smbXsrv_session: store session_global->client_guid This is very useful for debugging... Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 88b1c8723b30930585514dacd472e4941c69220c Author: Stefan Metzmacher <me...@samba.org> Date: Fri Dec 15 16:45:54 2023 +0100 s3:sessionid: export smbXsrv_session_global via sessionid->global This will allow smbstatus --json to dump more details. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit d52f7279063817055b6816d9f8372e374c90f75f Author: Stefan Metzmacher <me...@samba.org> Date: Thu Dec 21 13:02:43 2023 +0100 lib/util: let is_zero_addr() return true for AF_UNSPEC It means the completely zero'ed structure is detected as zero address, as AF_UNSPEC is 0. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 10b084f824f839497405665b904cd54f8f5ff703 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Nov 17 13:36:02 2023 +0100 s3:smbd multichannel: improve smbXsrv_connection_dbg() client_guid as well as local and remote address help a lot for debugging... Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 475784d63e9381e8a76cd666842686c1b8d2d0b4 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Dec 22 21:50:57 2023 +0100 s3:smbd multichannel: let a cross-node session binding NT_STATUS_REQUEST_NOT_ACCEPTED This is better than NT_STATUS_USER_SESSION_DELETED, as it means the client can keep it's session alive. Otherwise a windows client believes the whole session is gone and all other channels are invalid. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 8a3707e3ed96df43c8f825527deb7d27fe0c6be8 Author: Stefan Metzmacher <me...@samba.org> Date: Fri Dec 29 13:09:32 2023 +0100 s3:smbd multichannel: always allow multichannel to the ip of the queried connection We can announce the ip of the current connection even if it's a moveable cluster address... as the client is already connected to it. This change means in a typical ctdb cluster, where we only have public addresses, the client can at least have more than one multichannel'ed connection to the public ip. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit f94d2ed13e6aa54e7e4e4cc292c565de1711a2a9 Author: Stefan Metzmacher <me...@samba.org> Date: Thu Dec 28 10:18:51 2023 +0100 libcli/security: remove PRIMARY_{USER,GROUP}_SID_INDEX defines from security.h These and more are also defined in security_token.h, which is later included from security.h anyway. Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> commit 6331d33ae498e03368422e585c3e47cfc73dfdb2 Author: Stefan Metzmacher <me...@samba.org> Date: Sat Dec 23 00:04:33 2023 +0100 libcli/smb: add new SMB2_SHAREFLAG_ defines in smb2_constants.h Signed-off-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Reviewed-by: Andreas Schneider <a...@samba.org> ----------------------------------------------------------------------- Summary of changes: examples/scripts/debugging/smbXsrvdump | 87 ++++++++++++++++++++++++++++ lib/tdb/python/tdbdump.py | 9 ++- lib/util/util_net.c | 3 + libcli/security/security.h | 3 - libcli/smb/smb2_constants.h | 4 +- librpc/idl/witness.idl | 11 ++-- librpc/rpc/dcesrv_core.c | 102 +++++++++++++++++++++++++++++++-- librpc/rpc/dcesrv_core.h | 12 ++++ librpc/rpc/dcesrv_reply.c | 27 ++++++++- source3/include/session.h | 1 + source3/lib/sessionid_tdb.c | 1 + source3/librpc/idl/smbXsrv.idl | 1 + source3/librpc/idl/wscript_build | 2 +- source3/smbd/smb2_ioctl_network_fs.c | 23 +++++++- source3/smbd/smb2_process.c | 31 +++++++--- source3/smbd/smb2_sesssetup.c | 8 ++- source3/smbd/smbXsrv_session.c | 1 + source3/utils/status_json.c | 99 ++++++++++++++++++++++++++++++++ source4/librpc/wscript_build | 12 ++++ 19 files changed, 409 insertions(+), 28 deletions(-) create mode 100755 examples/scripts/debugging/smbXsrvdump Changeset truncated at 500 lines: diff --git a/examples/scripts/debugging/smbXsrvdump b/examples/scripts/debugging/smbXsrvdump new file mode 100755 index 00000000000..f5c3091dc0d --- /dev/null +++ b/examples/scripts/debugging/smbXsrvdump @@ -0,0 +1,87 @@ +#!/usr/bin/env python3 + +import sys + +sys.path.insert(0, "bin/python") + +import os +import argparse +import struct + +from samba.ndr import ndr_unpack, ndr_print +from samba.dcerpc import smbXsrv +from samba.dcerpc import server_id +import tdb + +def print_watchers(num_watched, blob): + for i in range(0,num_watched): + id = ndr_unpack(server_id.server_id, blob[:24]) + print(ndr_print(id)) + blob = blob[24:] + +def print_record(data, ndr_type, watched, ctdb): + blob = data + + if ctdb: + (rsn, dmaster, reserved1, flags) = struct.unpack('QIII', bytes(blob[:20])) + blob = blob[24:] + print(" ctdb record header: rsn=%lu, dmaster=%u, reserved1=0x%x, flags=0x%x len=%u" % + (rsn, dmaster, reserved1, flags, len(blob))) + if len(blob) == 0: + return + + if watched: + (num_watched, ) = struct.unpack('I', bytes(blob[:4])) + blob = blob[4:] + + deleted_bit = 1<<31 + deleted = num_watched & deleted_bit + + num_watched = num_watched & ~deleted_bit + if num_watched > 0: + if deleted: + deleted_str = "yes" + else: + deleted_str = "no" + print(" num_watched: %d, deleted: %s" % (num_watched, deleted_str)) + print_watchers(num_watched, blob) + blob = blob[num_watched*4:] + + unpacked = ndr_unpack(ndr_type, blob, allow_remaining=True) + print(ndr_print(unpacked)) + +if __name__ == "__main__": + parser = argparse.ArgumentParser() + parser.add_argument('path', help='Path to the TDB file') + parser.add_argument('-c', '--ctdb', + default=False, + action="store_true", + help='The TDB database is from a ctdb cluster') + args = parser.parse_args() + + watched = False + if 'smbXsrv_session' in args.path: + ndr_type = smbXsrv.session_globalB + watched = True + elif 'smbXsrv_open' in args.path: + ndr_type = smbXsrv.open_globalB + elif 'smbXsrv_client' in args.path: + ndr_type = smbXsrv.client_globalB + watched = True + elif 'smbXsrv_tcon' in args.path: + ndr_type = smbXsrv.tcon_globalB + elif 'smbXsrv_version' in args.path: + ndr_type = smbXsrv.version_globalB + else: + raise Exception("Failed to guess NDR type") + + tdb = tdb.Tdb(args.path, 0, tdb.INCOMPATIBLE_HASH, os.O_RDONLY) + + i = 1 + for k in tdb.keys(): + data = tdb.get(k) + print("Record: %d" % i) + print_record(data, ndr_type, watched, args.ctdb) + i = i + 1 + + tdb.close() diff --git a/lib/tdb/python/tdbdump.py b/lib/tdb/python/tdbdump.py index afc22d1d040..988e293fef7 100644 --- a/lib/tdb/python/tdbdump.py +++ b/lib/tdb/python/tdbdump.py @@ -1,12 +1,17 @@ #!/usr/bin/env python3 # Trivial reimplementation of tdbdump in Python -import tdb, sys +import sys + +sys.path.insert(0, "bin/python") + +import tdb if len(sys.argv) < 2: print("Usage: tdbdump.py <tdb-file>") sys.exit(1) db = tdb.Tdb(sys.argv[1]) -for (k, v) in db.items(): +for k in db.keys(): + v = db.get(k) print("{\nkey(%d) = %r\ndata(%d) = %r\n}" % (len(k), k, len(v), v)) diff --git a/lib/util/util_net.c b/lib/util/util_net.c index acaa76ea74e..48c9552558b 100644 --- a/lib/util/util_net.c +++ b/lib/util/util_net.c @@ -642,6 +642,9 @@ bool is_zero_addr(const struct sockaddr_storage *pss) const struct in_addr *pin = &((const struct sockaddr_in *)pss)->sin_addr; return is_zero_ip_v4(*pin); } + if (pss->ss_family == AF_UNSPEC) { + return true; + } return false; } diff --git a/libcli/security/security.h b/libcli/security/security.h index 7c214bd3c1e..a1c26ed57f4 100644 --- a/libcli/security/security.h +++ b/libcli/security/security.h @@ -25,9 +25,6 @@ #include "librpc/gen_ndr/security.h" -#define PRIMARY_USER_SID_INDEX 0 -#define PRIMARY_GROUP_SID_INDEX 1 - /* File Specific access rights */ #define FILE_READ_DATA SEC_FILE_READ_DATA #define FILE_WRITE_DATA SEC_FILE_WRITE_DATA diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h index edc8ec04739..a41be6399ac 100644 --- a/libcli/smb/smb2_constants.h +++ b/libcli/smb/smb2_constants.h @@ -201,7 +201,9 @@ #define SMB2_SHAREFLAG_ENABLE_HASH_V1 0x2000 #define SMB2_SHAREFLAG_ENABLE_HASH_V2 0x4000 #define SMB2_SHAREFLAG_ENCRYPT_DATA 0x8000 -#define SMB2_SHAREFLAG_ALL 0xFF33 +#define SMB2_SHAREFLAG_IDENTITY_REMOTING 0x00040000 +#define SMB2_SHAREFLAG_COMPRESS_DATA 0x00100000 +#define SMB2_SHAREFLAG_ISOLATED_TRANSPORT 0x00200000 /* SMB2 share capabilities */ #define SMB2_SHARE_CAP_DFS 0x8 diff --git a/librpc/idl/witness.idl b/librpc/idl/witness.idl index 652c0e9cb65..f69c9bbc009 100644 --- a/librpc/idl/witness.idl +++ b/librpc/idl/witness.idl @@ -8,11 +8,12 @@ import "misc.idl"; pointer_default(unique), helpstring("SMB Witness Service"), helper("../librpc/ndr/ndr_witness.h"), - endpoint("ncacn_ip_tcp:") + endpoint("ncacn_ip_tcp:"), + authservice("cifs") ] interface witness { - typedef [v1_enum] enum { + typedef [flag(NDR_PAHEX),v1_enum,public] enum { WITNESS_V1 = 0x00010001, WITNESS_V2 = 0x00020000, WITNESS_UNSPECIFIED_VERSION = 0xFFFFFFFF @@ -21,7 +22,7 @@ interface witness /*****************/ /* Function 0x00 */ - typedef [enum16bit] enum { + typedef [flag(NDR_PAHEX),enum16bit] enum { WITNESS_STATE_UNKNOWN = 0x00, WITNESS_STATE_AVAILABLE = 0x01, WITNESS_STATE_UNAVAILABLE = 0xff @@ -79,7 +80,7 @@ interface witness WITNESS_NOTIFY_IP_CHANGE = 4 } witness_notifyResponse_type; - typedef [v1_enum] enum { + typedef [flag(NDR_PAHEX),v1_enum] enum { WITNESS_RESOURCE_STATE_UNKNOWN = 0x00, WITNESS_RESOURCE_STATE_AVAILABLE = 0x01, WITNESS_RESOURCE_STATE_UNAVAILABLE = 0xff @@ -134,7 +135,7 @@ interface witness /*****************/ /* Function 0x04 */ - typedef [bitmap32bit] bitmap { + typedef [bitmap32bit,public] bitmap { WITNESS_REGISTER_NONE = 0x00, WITNESS_REGISTER_IP_NOTIFICATION = 0x01 } witness_RegisterEx_flags; diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c index 24f619d7337..c0a4150e3b3 100644 --- a/librpc/rpc/dcesrv_core.c +++ b/librpc/rpc/dcesrv_core.c @@ -165,6 +165,24 @@ static struct dcesrv_call_state *dcesrv_find_fragmented_call(struct dcesrv_conne return NULL; } +/* + find a pending request +*/ +static struct dcesrv_call_state *dcesrv_find_pending_call( + struct dcesrv_connection *dce_conn, + uint32_t call_id) +{ + struct dcesrv_call_state *c = NULL; + + for (c = dce_conn->pending_call_list; c != NULL; c = c->next) { + if (c->pkt.call_id == call_id) { + return c; + } + } + + return NULL; +} + /* * register a principal for an auth_type * @@ -2508,11 +2526,68 @@ static NTSTATUS dcesrv_process_ncacn_packet(struct dcesrv_connection *dce_conn, status = dcesrv_request(call); break; case DCERPC_PKT_CO_CANCEL: + existing = dcesrv_find_fragmented_call(dce_conn, + call->pkt.call_id); + if (existing != NULL) { + /* + * If the call is still waiting for + * more fragments, it's not pending yet, + * for now we just remember we got CO_CANCEL, + * but ignore it otherwise. + * + * This matches what windows is doing... + */ + existing->got_co_cancel = true; + SMB_ASSERT(existing->subreq == NULL); + existing = NULL; + } + existing = dcesrv_find_pending_call(dce_conn, + call->pkt.call_id); + if (existing != NULL) { + /* + * Give the backend a chance to react + * on CO_CANCEL, but note it's ignored + * by default. + */ + existing->got_co_cancel = true; + if (existing->subreq != NULL) { + tevent_req_cancel(existing->subreq); + } + existing = NULL; + } + status = NT_STATUS_OK; + TALLOC_FREE(call); + break; case DCERPC_PKT_ORPHANED: - /* - * Window just ignores CO_CANCEL and ORPHANED, - * so we do... - */ + existing = dcesrv_find_fragmented_call(dce_conn, + call->pkt.call_id); + if (existing != NULL) { + /* + * If the call is still waiting for + * more fragments, it's not pending yet, + * for now we just remember we got ORPHANED, + * but ignore it otherwise. + * + * This matches what windows is doing... + */ + existing->got_orphaned = true; + SMB_ASSERT(existing->subreq == NULL); + existing = NULL; + } + existing = dcesrv_find_pending_call(dce_conn, + call->pkt.call_id); + if (existing != NULL) { + /* + * Give the backend a chance to react + * on ORPHANED, but note it's ignored + * by default. + */ + existing->got_orphaned = true; + if (existing->subreq != NULL) { + tevent_req_cancel(existing->subreq); + } + existing = NULL; + } status = NT_STATUS_OK; TALLOC_FREE(call); break; @@ -2796,6 +2871,7 @@ const struct dcesrv_critical_sizes *dcerpc_module_version(void) _PUBLIC_ void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn, const char *reason) { struct dcesrv_context *dce_ctx = dce_conn->dce_ctx; + struct dcesrv_call_state *c = NULL, *n = NULL; struct dcesrv_auth *a = NULL; dce_conn->wait_send = NULL; @@ -2811,6 +2887,7 @@ _PUBLIC_ void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn, co a->auth_invalid = true; } +no_pending: if (dce_conn->pending_call_list == NULL) { char *full_reason = talloc_asprintf(dce_conn, "dcesrv: %s", reason); @@ -2831,6 +2908,23 @@ _PUBLIC_ void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn, co dce_conn->terminate = "dcesrv: deferred terminating connection - no memory"; } DLIST_ADD_END(dce_ctx->broken_connections, dce_conn); + + for (c = dce_conn->pending_call_list; c != NULL; c = n) { + n = c->next; + + c->got_disconnect = true; + if (c->subreq != NULL) { + tevent_req_cancel(c->subreq); + } + } + + if (dce_conn->pending_call_list == NULL) { + /* + * tevent_req_cancel() was able to made progress + * and we don't have pending calls anymore. + */ + goto no_pending; + } } _PUBLIC_ void dcesrv_cleanup_broken_connections(struct dcesrv_context *dce_ctx) diff --git a/librpc/rpc/dcesrv_core.h b/librpc/rpc/dcesrv_core.h index e45c85a7f7f..3758c8d7de2 100644 --- a/librpc/rpc/dcesrv_core.h +++ b/librpc/rpc/dcesrv_core.h @@ -158,6 +158,18 @@ struct dcesrv_call_state { struct dcerpc_auth in_auth_info; struct dcerpc_auth _out_auth_info; struct dcerpc_auth *out_auth_info; + + /* + * Optional subreq for pending calls, + * will be used to call tevent_req_cancel() + * if the connection terminates, + * we got an ORPHANED PDU + * or got a CO_CANCEL PDU + */ + bool got_disconnect; + bool got_orphaned; + bool got_co_cancel; + struct tevent_req *subreq; }; /* diff --git a/librpc/rpc/dcesrv_reply.c b/librpc/rpc/dcesrv_reply.c index 94a616c7f59..6d605168176 100644 --- a/librpc/rpc/dcesrv_reply.c +++ b/librpc/rpc/dcesrv_reply.c @@ -92,6 +92,16 @@ NTSTATUS dcesrv_fault_with_flags(struct dcesrv_call_state *call, struct data_blob_list_item *rep; NTSTATUS status; + if (call->conn->terminate != NULL) { + /* + * If we're already disconnecting + * we should just drop a possible + * response + */ + talloc_free(call); + return NT_STATUS_OK; + } + /* setup a fault */ dcesrv_init_hdr(&pkt, lpcfg_rpc_big_endian(call->conn->dce_ctx->lp_ctx)); pkt.auth_length = 0; @@ -149,12 +159,27 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state *call) struct dcesrv_auth *auth = call->auth_state; size_t sig_size = 0; - /* call the reply function */ + /* + * call the reply function, + * it's mostly for debug messages + * and dcesrv_fault() also checks for + * (call->conn->terminate != NULL) internally. + */ status = context->iface->reply(call, call, call->r); if (!NT_STATUS_IS_OK(status)) { return dcesrv_fault(call, call->fault_code); } + if (call->conn->terminate != NULL) { + /* + * If we're already disconnecting + * we should just drop a possible + * response + */ + talloc_free(call); + return NT_STATUS_OK; + } + /* form the reply NDR */ push = ndr_push_init_ctx(call); NT_STATUS_HAVE_NO_MEMORY(push); diff --git a/source3/include/session.h b/source3/include/session.h index 268c059a8ed..40c25e514bb 100644 --- a/source3/include/session.h +++ b/source3/include/session.h @@ -43,5 +43,6 @@ struct sessionid { uint16_t cipher; uint16_t signing; uint8_t signing_flags; + const struct smbXsrv_session_global0 *global; }; diff --git a/source3/lib/sessionid_tdb.c b/source3/lib/sessionid_tdb.c index 32962253908..2376fd42a25 100644 --- a/source3/lib/sessionid_tdb.c +++ b/source3/lib/sessionid_tdb.c @@ -44,6 +44,7 @@ static int sessionid_traverse_read_fn(struct smbXsrv_session_global0 *global, .connect_start = nt_time_to_unix(global->creation_time), .pid = global->channels[0].server_id, .connection_dialect = global->connection_dialect, + .global = global, }; if (session_info != NULL) { diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl index 173bc64db77..4eb43e6dd3c 100644 --- a/source3/librpc/idl/smbXsrv.idl +++ b/source3/librpc/idl/smbXsrv.idl @@ -266,6 +266,7 @@ interface smbXsrv uint32 auth_session_info_seqnum; auth_session_info *auth_session_info; uint16 connection_dialect; + GUID client_guid; smbXsrv_signing_flags signing_flags; uint16 signing_algo; smbXsrv_encrpytion_flags encryption_flags; diff --git a/source3/librpc/idl/wscript_build b/source3/librpc/idl/wscript_build index 28541d715b8..d12049b76d6 100644 --- a/source3/librpc/idl/wscript_build +++ b/source3/librpc/idl/wscript_build @@ -10,7 +10,7 @@ bld.SAMBA_PIDL_LIST('PIDL', smbXsrv.idl leases_db.idl ''', - options='--includedir=%s --header --ndr-parser' % topinclude, + options='--includedir=%s --header --ndr-parser --client --python' % topinclude, output_dir='../gen_ndr') bld.SAMBA_PIDL_LIST('PIDL', diff --git a/source3/smbd/smb2_ioctl_network_fs.c b/source3/smbd/smb2_ioctl_network_fs.c index 9ef99dca90f..bcfa37fdf97 100644 --- a/source3/smbd/smb2_ioctl_network_fs.c +++ b/source3/smbd/smb2_ioctl_network_fs.c @@ -362,6 +362,7 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX *mem_ctx, uint32_t in_max_output, DATA_BLOB *out_output) { + struct samba_sockaddr xconn_srv_addr = { .sa_socklen = 0, }; struct fsctl_net_iface_info *array = NULL; struct fsctl_net_iface_info *first = NULL; struct fsctl_net_iface_info *last = NULL; @@ -369,6 +370,7 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX *mem_ctx, size_t num_ifaces; enum ndr_err_code ndr_err; struct cluster_movable_ips *cluster_movable_ips = NULL; + ssize_t sret; int ret; if (in_input->length != 0) { @@ -410,6 +412,14 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX *mem_ctx, } } + sret = tsocket_address_bsd_sockaddr(xconn->local_address, + &xconn_srv_addr.u.sa, + sizeof(xconn_srv_addr.u.ss)); + if (sret < 0) { + return NT_STATUS_INTERNAL_ERROR; + } + xconn_srv_addr.sa_socklen = sret; -- Samba Shared Repository