The branch, master has been updated
via 1b6ef968d83 dcesrv_reply: just drop responses if the connection is
already terminating
via e829f5d8ec3 dcesrv_core: add dcesrv_call_state->subreq in order to
allow tevent_req_cancel() on termination
via 87e37e73a9b witness.idl: add flag(NDR_PAHEX) to some hex based enums
via 290b0b04ae4 witness.idl: make some types public in order to be used
elsewhere
via 5beef87816d witness.idl: Set cifs as auth service name for the
witness interface
via 78ec47a6674 tdb: fix python/tdbdump.py example
via 3c73d201d45 examples/scripts: add smbXsrvdump
via 8e850685a10 smbXsrv.idl: add python bindings
via b96ce32f826 smbstatus: let --json dump also session channels
via 3f92a684abb smbstatus: let --json report the client_guid a session
belongs to
via c1c326ebccb smbXsrv_session: store session_global->client_guid
via 88b1c8723b3 s3:sessionid: export smbXsrv_session_global via
sessionid->global
via d52f7279063 lib/util: let is_zero_addr() return true for AF_UNSPEC
via 10b084f824f s3:smbd multichannel: improve smbXsrv_connection_dbg()
via 475784d63e9 s3:smbd multichannel: let a cross-node session binding
NT_STATUS_REQUEST_NOT_ACCEPTED
via 8a3707e3ed9 s3:smbd multichannel: always allow multichannel to the
ip of the queried connection
via f94d2ed13e6 libcli/security: remove PRIMARY_{USER,GROUP}_SID_INDEX
defines from security.h
via 6331d33ae49 libcli/smb: add new SMB2_SHAREFLAG_ defines in
smb2_constants.h
from f14a7065690 smbd: move access override for previous versions to the
SMB layer
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 1b6ef968d8370757cb472a1e3bfe030f8066c50d
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 24 14:42:35 2023 +0100
dcesrv_reply: just drop responses if the connection is already terminating
There's no reason to waste resources...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
Autobuild-User(master): Stefan Metzmacher <me...@samba.org>
Autobuild-Date(master): Tue Jan 9 11:26:55 UTC 2024 on atb-devel-224
commit e829f5d8ec3a77acb52a22d45e61dcce03762a10
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 24 14:02:02 2023 +0100
dcesrv_core: add dcesrv_call_state->subreq in order to allow
tevent_req_cancel() on termination
Requests might be cancelled if the connection got disconnected,
we got an ORPHANED or CO_CANCEL pdu.
But this is all opt-in for the backends to choose.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 87e37e73a9ba13ed92a33a385a387b225b2b9190
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Dec 29 10:20:02 2023 +0100
witness.idl: add flag(NDR_PAHEX) to some hex based enums
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 290b0b04ae41b835f864bba02b1320693ef199d3
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 24 16:38:06 2023 +0100
witness.idl: make some types public in order to be used elsewhere
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 5beef87816d103a729508ce88368c30c87b1fa4e
Author: Samuel Cabrero <scabr...@samba.org>
Date: Wed Oct 21 18:30:29 2020 +0200
witness.idl: Set cifs as auth service name for the witness interface
Windows clients use the 'cifs' service name to bind to the witness
interface.
Signed-off-by: Samuel Cabrero <scabr...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 78ec47a6674db65d738305cf00861aa711886a43
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 24 16:28:38 2023 +0100
tdb: fix python/tdbdump.py example
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 3c73d201d454a88135757065a2b238e6d94a1ac9
Author: Ralph Boehme <s...@samba.org>
Date: Sun Jan 28 15:35:44 2018 +0100
examples/scripts: add smbXsrvdump
A simple python tool to dump smbXsrv TDB databases.
Signed-off-by: Ralph Boehme <s...@samba.org>
Reviewed-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 8e850685a1052a16bea402df3e8057218080c373
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 24 16:09:58 2023 +0100
smbXsrv.idl: add python bindings
This is useful for some scripting examples and debugging...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit b96ce32f826ba03384e6a7535200d7e18354fc4b
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Dec 15 16:46:50 2023 +0100
smbstatus: let --json dump also session channels
This makes if easier to see how tcp connections belong
to a session or client_guid.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 3f92a684abb577b84d01b8f9124a7a459635d851
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Dec 28 10:36:25 2023 +0100
smbstatus: let --json report the client_guid a session belongs to
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit c1c326ebccb272acc918a97aff5b659cc299c9e5
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Dec 28 10:35:43 2023 +0100
smbXsrv_session: store session_global->client_guid
This is very useful for debugging...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 88b1c8723b30930585514dacd472e4941c69220c
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Dec 15 16:45:54 2023 +0100
s3:sessionid: export smbXsrv_session_global via sessionid->global
This will allow smbstatus --json to dump more details.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit d52f7279063817055b6816d9f8372e374c90f75f
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Dec 21 13:02:43 2023 +0100
lib/util: let is_zero_addr() return true for AF_UNSPEC
It means the completely zero'ed structure is detected
as zero address, as AF_UNSPEC is 0.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 10b084f824f839497405665b904cd54f8f5ff703
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Nov 17 13:36:02 2023 +0100
s3:smbd multichannel: improve smbXsrv_connection_dbg()
client_guid as well as local and remote address help a lot
for debugging...
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 475784d63e9381e8a76cd666842686c1b8d2d0b4
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Dec 22 21:50:57 2023 +0100
s3:smbd multichannel: let a cross-node session binding
NT_STATUS_REQUEST_NOT_ACCEPTED
This is better than NT_STATUS_USER_SESSION_DELETED, as it means the
client can keep it's session alive. Otherwise a windows client believes
the whole session is gone and all other channels are invalid.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 8a3707e3ed96df43c8f825527deb7d27fe0c6be8
Author: Stefan Metzmacher <me...@samba.org>
Date: Fri Dec 29 13:09:32 2023 +0100
s3:smbd multichannel: always allow multichannel to the ip of the queried
connection
We can announce the ip of the current connection even if it's
a moveable cluster address... as the client is already connected to it.
This change means in a typical ctdb cluster, where we only have public
addresses, the client can at least have more than one multichannel'ed
connection to the public ip.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit f94d2ed13e6aa54e7e4e4cc292c565de1711a2a9
Author: Stefan Metzmacher <me...@samba.org>
Date: Thu Dec 28 10:18:51 2023 +0100
libcli/security: remove PRIMARY_{USER,GROUP}_SID_INDEX defines from
security.h
These and more are also defined in security_token.h, which is later included
from security.h anyway.
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
commit 6331d33ae498e03368422e585c3e47cfc73dfdb2
Author: Stefan Metzmacher <me...@samba.org>
Date: Sat Dec 23 00:04:33 2023 +0100
libcli/smb: add new SMB2_SHAREFLAG_ defines in smb2_constants.h
Signed-off-by: Stefan Metzmacher <me...@samba.org>
Reviewed-by: Günther Deschner <g...@samba.org>
Reviewed-by: Andreas Schneider <a...@samba.org>
-----------------------------------------------------------------------
Summary of changes:
examples/scripts/debugging/smbXsrvdump | 87 ++++++++++++++++++++++++++++
lib/tdb/python/tdbdump.py | 9 ++-
lib/util/util_net.c | 3 +
libcli/security/security.h | 3 -
libcli/smb/smb2_constants.h | 4 +-
librpc/idl/witness.idl | 11 ++--
librpc/rpc/dcesrv_core.c | 102 +++++++++++++++++++++++++++++++--
librpc/rpc/dcesrv_core.h | 12 ++++
librpc/rpc/dcesrv_reply.c | 27 ++++++++-
source3/include/session.h | 1 +
source3/lib/sessionid_tdb.c | 1 +
source3/librpc/idl/smbXsrv.idl | 1 +
source3/librpc/idl/wscript_build | 2 +-
source3/smbd/smb2_ioctl_network_fs.c | 23 +++++++-
source3/smbd/smb2_process.c | 31 +++++++---
source3/smbd/smb2_sesssetup.c | 8 ++-
source3/smbd/smbXsrv_session.c | 1 +
source3/utils/status_json.c | 99 ++++++++++++++++++++++++++++++++
source4/librpc/wscript_build | 12 ++++
19 files changed, 409 insertions(+), 28 deletions(-)
create mode 100755 examples/scripts/debugging/smbXsrvdump
Changeset truncated at 500 lines:
diff --git a/examples/scripts/debugging/smbXsrvdump
b/examples/scripts/debugging/smbXsrvdump
new file mode 100755
index 00000000000..f5c3091dc0d
--- /dev/null
+++ b/examples/scripts/debugging/smbXsrvdump
@@ -0,0 +1,87 @@
+#!/usr/bin/env python3
+
+import sys
+
+sys.path.insert(0, "bin/python")
+
+import os
+import argparse
+import struct
+
+from samba.ndr import ndr_unpack, ndr_print
+from samba.dcerpc import smbXsrv
+from samba.dcerpc import server_id
+import tdb
+
+def print_watchers(num_watched, blob):
+ for i in range(0,num_watched):
+ id = ndr_unpack(server_id.server_id, blob[:24])
+ print(ndr_print(id))
+ blob = blob[24:]
+
+def print_record(data, ndr_type, watched, ctdb):
+ blob = data
+
+ if ctdb:
+ (rsn, dmaster, reserved1, flags) = struct.unpack('QIII',
bytes(blob[:20]))
+ blob = blob[24:]
+ print(" ctdb record header: rsn=%lu, dmaster=%u, reserved1=0x%x,
flags=0x%x len=%u" %
+ (rsn, dmaster, reserved1, flags, len(blob)))
+ if len(blob) == 0:
+ return
+
+ if watched:
+ (num_watched, ) = struct.unpack('I', bytes(blob[:4]))
+ blob = blob[4:]
+
+ deleted_bit = 1<<31
+ deleted = num_watched & deleted_bit
+
+ num_watched = num_watched & ~deleted_bit
+ if num_watched > 0:
+ if deleted:
+ deleted_str = "yes"
+ else:
+ deleted_str = "no"
+ print(" num_watched: %d, deleted: %s" % (num_watched,
deleted_str))
+ print_watchers(num_watched, blob)
+ blob = blob[num_watched*4:]
+
+ unpacked = ndr_unpack(ndr_type, blob, allow_remaining=True)
+ print(ndr_print(unpacked))
+
+if __name__ == "__main__":
+ parser = argparse.ArgumentParser()
+ parser.add_argument('path', help='Path to the TDB file')
+ parser.add_argument('-c', '--ctdb',
+ default=False,
+ action="store_true",
+ help='The TDB database is from a ctdb cluster')
+ args = parser.parse_args()
+
+ watched = False
+ if 'smbXsrv_session' in args.path:
+ ndr_type = smbXsrv.session_globalB
+ watched = True
+ elif 'smbXsrv_open' in args.path:
+ ndr_type = smbXsrv.open_globalB
+ elif 'smbXsrv_client' in args.path:
+ ndr_type = smbXsrv.client_globalB
+ watched = True
+ elif 'smbXsrv_tcon' in args.path:
+ ndr_type = smbXsrv.tcon_globalB
+ elif 'smbXsrv_version' in args.path:
+ ndr_type = smbXsrv.version_globalB
+ else:
+ raise Exception("Failed to guess NDR type")
+
+ tdb = tdb.Tdb(args.path, 0, tdb.INCOMPATIBLE_HASH, os.O_RDONLY)
+
+ i = 1
+ for k in tdb.keys():
+ data = tdb.get(k)
+ print("Record: %d" % i)
+ print_record(data, ndr_type, watched, args.ctdb)
+ i = i + 1
+
+ tdb.close()
diff --git a/lib/tdb/python/tdbdump.py b/lib/tdb/python/tdbdump.py
index afc22d1d040..988e293fef7 100644
--- a/lib/tdb/python/tdbdump.py
+++ b/lib/tdb/python/tdbdump.py
@@ -1,12 +1,17 @@
#!/usr/bin/env python3
# Trivial reimplementation of tdbdump in Python
-import tdb, sys
+import sys
+
+sys.path.insert(0, "bin/python")
+
+import tdb
if len(sys.argv) < 2:
print("Usage: tdbdump.py <tdb-file>")
sys.exit(1)
db = tdb.Tdb(sys.argv[1])
-for (k, v) in db.items():
+for k in db.keys():
+ v = db.get(k)
print("{\nkey(%d) = %r\ndata(%d) = %r\n}" % (len(k), k, len(v), v))
diff --git a/lib/util/util_net.c b/lib/util/util_net.c
index acaa76ea74e..48c9552558b 100644
--- a/lib/util/util_net.c
+++ b/lib/util/util_net.c
@@ -642,6 +642,9 @@ bool is_zero_addr(const struct sockaddr_storage *pss)
const struct in_addr *pin = &((const struct sockaddr_in
*)pss)->sin_addr;
return is_zero_ip_v4(*pin);
}
+ if (pss->ss_family == AF_UNSPEC) {
+ return true;
+ }
return false;
}
diff --git a/libcli/security/security.h b/libcli/security/security.h
index 7c214bd3c1e..a1c26ed57f4 100644
--- a/libcli/security/security.h
+++ b/libcli/security/security.h
@@ -25,9 +25,6 @@
#include "librpc/gen_ndr/security.h"
-#define PRIMARY_USER_SID_INDEX 0
-#define PRIMARY_GROUP_SID_INDEX 1
-
/* File Specific access rights */
#define FILE_READ_DATA SEC_FILE_READ_DATA
#define FILE_WRITE_DATA SEC_FILE_WRITE_DATA
diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h
index edc8ec04739..a41be6399ac 100644
--- a/libcli/smb/smb2_constants.h
+++ b/libcli/smb/smb2_constants.h
@@ -201,7 +201,9 @@
#define SMB2_SHAREFLAG_ENABLE_HASH_V1 0x2000
#define SMB2_SHAREFLAG_ENABLE_HASH_V2 0x4000
#define SMB2_SHAREFLAG_ENCRYPT_DATA 0x8000
-#define SMB2_SHAREFLAG_ALL 0xFF33
+#define SMB2_SHAREFLAG_IDENTITY_REMOTING 0x00040000
+#define SMB2_SHAREFLAG_COMPRESS_DATA 0x00100000
+#define SMB2_SHAREFLAG_ISOLATED_TRANSPORT 0x00200000
/* SMB2 share capabilities */
#define SMB2_SHARE_CAP_DFS 0x8
diff --git a/librpc/idl/witness.idl b/librpc/idl/witness.idl
index 652c0e9cb65..f69c9bbc009 100644
--- a/librpc/idl/witness.idl
+++ b/librpc/idl/witness.idl
@@ -8,11 +8,12 @@ import "misc.idl";
pointer_default(unique),
helpstring("SMB Witness Service"),
helper("../librpc/ndr/ndr_witness.h"),
- endpoint("ncacn_ip_tcp:")
+ endpoint("ncacn_ip_tcp:"),
+ authservice("cifs")
]
interface witness
{
- typedef [v1_enum] enum {
+ typedef [flag(NDR_PAHEX),v1_enum,public] enum {
WITNESS_V1 = 0x00010001,
WITNESS_V2 = 0x00020000,
WITNESS_UNSPECIFIED_VERSION = 0xFFFFFFFF
@@ -21,7 +22,7 @@ interface witness
/*****************/
/* Function 0x00 */
- typedef [enum16bit] enum {
+ typedef [flag(NDR_PAHEX),enum16bit] enum {
WITNESS_STATE_UNKNOWN = 0x00,
WITNESS_STATE_AVAILABLE = 0x01,
WITNESS_STATE_UNAVAILABLE = 0xff
@@ -79,7 +80,7 @@ interface witness
WITNESS_NOTIFY_IP_CHANGE = 4
} witness_notifyResponse_type;
- typedef [v1_enum] enum {
+ typedef [flag(NDR_PAHEX),v1_enum] enum {
WITNESS_RESOURCE_STATE_UNKNOWN = 0x00,
WITNESS_RESOURCE_STATE_AVAILABLE = 0x01,
WITNESS_RESOURCE_STATE_UNAVAILABLE = 0xff
@@ -134,7 +135,7 @@ interface witness
/*****************/
/* Function 0x04 */
- typedef [bitmap32bit] bitmap {
+ typedef [bitmap32bit,public] bitmap {
WITNESS_REGISTER_NONE = 0x00,
WITNESS_REGISTER_IP_NOTIFICATION = 0x01
} witness_RegisterEx_flags;
diff --git a/librpc/rpc/dcesrv_core.c b/librpc/rpc/dcesrv_core.c
index 24f619d7337..c0a4150e3b3 100644
--- a/librpc/rpc/dcesrv_core.c
+++ b/librpc/rpc/dcesrv_core.c
@@ -165,6 +165,24 @@ static struct dcesrv_call_state
*dcesrv_find_fragmented_call(struct dcesrv_conne
return NULL;
}
+/*
+ find a pending request
+*/
+static struct dcesrv_call_state *dcesrv_find_pending_call(
+ struct dcesrv_connection *dce_conn,
+ uint32_t call_id)
+{
+ struct dcesrv_call_state *c = NULL;
+
+ for (c = dce_conn->pending_call_list; c != NULL; c = c->next) {
+ if (c->pkt.call_id == call_id) {
+ return c;
+ }
+ }
+
+ return NULL;
+}
+
/*
* register a principal for an auth_type
*
@@ -2508,11 +2526,68 @@ static NTSTATUS dcesrv_process_ncacn_packet(struct
dcesrv_connection *dce_conn,
status = dcesrv_request(call);
break;
case DCERPC_PKT_CO_CANCEL:
+ existing = dcesrv_find_fragmented_call(dce_conn,
+ call->pkt.call_id);
+ if (existing != NULL) {
+ /*
+ * If the call is still waiting for
+ * more fragments, it's not pending yet,
+ * for now we just remember we got CO_CANCEL,
+ * but ignore it otherwise.
+ *
+ * This matches what windows is doing...
+ */
+ existing->got_co_cancel = true;
+ SMB_ASSERT(existing->subreq == NULL);
+ existing = NULL;
+ }
+ existing = dcesrv_find_pending_call(dce_conn,
+ call->pkt.call_id);
+ if (existing != NULL) {
+ /*
+ * Give the backend a chance to react
+ * on CO_CANCEL, but note it's ignored
+ * by default.
+ */
+ existing->got_co_cancel = true;
+ if (existing->subreq != NULL) {
+ tevent_req_cancel(existing->subreq);
+ }
+ existing = NULL;
+ }
+ status = NT_STATUS_OK;
+ TALLOC_FREE(call);
+ break;
case DCERPC_PKT_ORPHANED:
- /*
- * Window just ignores CO_CANCEL and ORPHANED,
- * so we do...
- */
+ existing = dcesrv_find_fragmented_call(dce_conn,
+ call->pkt.call_id);
+ if (existing != NULL) {
+ /*
+ * If the call is still waiting for
+ * more fragments, it's not pending yet,
+ * for now we just remember we got ORPHANED,
+ * but ignore it otherwise.
+ *
+ * This matches what windows is doing...
+ */
+ existing->got_orphaned = true;
+ SMB_ASSERT(existing->subreq == NULL);
+ existing = NULL;
+ }
+ existing = dcesrv_find_pending_call(dce_conn,
+ call->pkt.call_id);
+ if (existing != NULL) {
+ /*
+ * Give the backend a chance to react
+ * on ORPHANED, but note it's ignored
+ * by default.
+ */
+ existing->got_orphaned = true;
+ if (existing->subreq != NULL) {
+ tevent_req_cancel(existing->subreq);
+ }
+ existing = NULL;
+ }
status = NT_STATUS_OK;
TALLOC_FREE(call);
break;
@@ -2796,6 +2871,7 @@ const struct dcesrv_critical_sizes
*dcerpc_module_version(void)
_PUBLIC_ void dcesrv_terminate_connection(struct dcesrv_connection *dce_conn,
const char *reason)
{
struct dcesrv_context *dce_ctx = dce_conn->dce_ctx;
+ struct dcesrv_call_state *c = NULL, *n = NULL;
struct dcesrv_auth *a = NULL;
dce_conn->wait_send = NULL;
@@ -2811,6 +2887,7 @@ _PUBLIC_ void dcesrv_terminate_connection(struct
dcesrv_connection *dce_conn, co
a->auth_invalid = true;
}
+no_pending:
if (dce_conn->pending_call_list == NULL) {
char *full_reason = talloc_asprintf(dce_conn, "dcesrv: %s",
reason);
@@ -2831,6 +2908,23 @@ _PUBLIC_ void dcesrv_terminate_connection(struct
dcesrv_connection *dce_conn, co
dce_conn->terminate = "dcesrv: deferred terminating connection
- no memory";
}
DLIST_ADD_END(dce_ctx->broken_connections, dce_conn);
+
+ for (c = dce_conn->pending_call_list; c != NULL; c = n) {
+ n = c->next;
+
+ c->got_disconnect = true;
+ if (c->subreq != NULL) {
+ tevent_req_cancel(c->subreq);
+ }
+ }
+
+ if (dce_conn->pending_call_list == NULL) {
+ /*
+ * tevent_req_cancel() was able to made progress
+ * and we don't have pending calls anymore.
+ */
+ goto no_pending;
+ }
}
_PUBLIC_ void dcesrv_cleanup_broken_connections(struct dcesrv_context *dce_ctx)
diff --git a/librpc/rpc/dcesrv_core.h b/librpc/rpc/dcesrv_core.h
index e45c85a7f7f..3758c8d7de2 100644
--- a/librpc/rpc/dcesrv_core.h
+++ b/librpc/rpc/dcesrv_core.h
@@ -158,6 +158,18 @@ struct dcesrv_call_state {
struct dcerpc_auth in_auth_info;
struct dcerpc_auth _out_auth_info;
struct dcerpc_auth *out_auth_info;
+
+ /*
+ * Optional subreq for pending calls,
+ * will be used to call tevent_req_cancel()
+ * if the connection terminates,
+ * we got an ORPHANED PDU
+ * or got a CO_CANCEL PDU
+ */
+ bool got_disconnect;
+ bool got_orphaned;
+ bool got_co_cancel;
+ struct tevent_req *subreq;
};
/*
diff --git a/librpc/rpc/dcesrv_reply.c b/librpc/rpc/dcesrv_reply.c
index 94a616c7f59..6d605168176 100644
--- a/librpc/rpc/dcesrv_reply.c
+++ b/librpc/rpc/dcesrv_reply.c
@@ -92,6 +92,16 @@ NTSTATUS dcesrv_fault_with_flags(struct dcesrv_call_state
*call,
struct data_blob_list_item *rep;
NTSTATUS status;
+ if (call->conn->terminate != NULL) {
+ /*
+ * If we're already disconnecting
+ * we should just drop a possible
+ * response
+ */
+ talloc_free(call);
+ return NT_STATUS_OK;
+ }
+
/* setup a fault */
dcesrv_init_hdr(&pkt,
lpcfg_rpc_big_endian(call->conn->dce_ctx->lp_ctx));
pkt.auth_length = 0;
@@ -149,12 +159,27 @@ _PUBLIC_ NTSTATUS dcesrv_reply(struct dcesrv_call_state
*call)
struct dcesrv_auth *auth = call->auth_state;
size_t sig_size = 0;
- /* call the reply function */
+ /*
+ * call the reply function,
+ * it's mostly for debug messages
+ * and dcesrv_fault() also checks for
+ * (call->conn->terminate != NULL) internally.
+ */
status = context->iface->reply(call, call, call->r);
if (!NT_STATUS_IS_OK(status)) {
return dcesrv_fault(call, call->fault_code);
}
+ if (call->conn->terminate != NULL) {
+ /*
+ * If we're already disconnecting
+ * we should just drop a possible
+ * response
+ */
+ talloc_free(call);
+ return NT_STATUS_OK;
+ }
+
/* form the reply NDR */
push = ndr_push_init_ctx(call);
NT_STATUS_HAVE_NO_MEMORY(push);
diff --git a/source3/include/session.h b/source3/include/session.h
index 268c059a8ed..40c25e514bb 100644
--- a/source3/include/session.h
+++ b/source3/include/session.h
@@ -43,5 +43,6 @@ struct sessionid {
uint16_t cipher;
uint16_t signing;
uint8_t signing_flags;
+ const struct smbXsrv_session_global0 *global;
};
diff --git a/source3/lib/sessionid_tdb.c b/source3/lib/sessionid_tdb.c
index 32962253908..2376fd42a25 100644
--- a/source3/lib/sessionid_tdb.c
+++ b/source3/lib/sessionid_tdb.c
@@ -44,6 +44,7 @@ static int sessionid_traverse_read_fn(struct
smbXsrv_session_global0 *global,
.connect_start = nt_time_to_unix(global->creation_time),
.pid = global->channels[0].server_id,
.connection_dialect = global->connection_dialect,
+ .global = global,
};
if (session_info != NULL) {
diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl
index 173bc64db77..4eb43e6dd3c 100644
--- a/source3/librpc/idl/smbXsrv.idl
+++ b/source3/librpc/idl/smbXsrv.idl
@@ -266,6 +266,7 @@ interface smbXsrv
uint32
auth_session_info_seqnum;
auth_session_info *auth_session_info;
uint16 connection_dialect;
+ GUID client_guid;
smbXsrv_signing_flags signing_flags;
uint16 signing_algo;
smbXsrv_encrpytion_flags encryption_flags;
diff --git a/source3/librpc/idl/wscript_build b/source3/librpc/idl/wscript_build
index 28541d715b8..d12049b76d6 100644
--- a/source3/librpc/idl/wscript_build
+++ b/source3/librpc/idl/wscript_build
@@ -10,7 +10,7 @@ bld.SAMBA_PIDL_LIST('PIDL',
smbXsrv.idl
leases_db.idl
''',
- options='--includedir=%s --header --ndr-parser' %
topinclude,
+ options='--includedir=%s --header --ndr-parser --client
--python' % topinclude,
output_dir='../gen_ndr')
bld.SAMBA_PIDL_LIST('PIDL',
diff --git a/source3/smbd/smb2_ioctl_network_fs.c
b/source3/smbd/smb2_ioctl_network_fs.c
index 9ef99dca90f..bcfa37fdf97 100644
--- a/source3/smbd/smb2_ioctl_network_fs.c
+++ b/source3/smbd/smb2_ioctl_network_fs.c
@@ -362,6 +362,7 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX
*mem_ctx,
uint32_t in_max_output,
DATA_BLOB *out_output)
{
+ struct samba_sockaddr xconn_srv_addr = { .sa_socklen = 0, };
struct fsctl_net_iface_info *array = NULL;
struct fsctl_net_iface_info *first = NULL;
struct fsctl_net_iface_info *last = NULL;
@@ -369,6 +370,7 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX
*mem_ctx,
size_t num_ifaces;
enum ndr_err_code ndr_err;
struct cluster_movable_ips *cluster_movable_ips = NULL;
+ ssize_t sret;
int ret;
if (in_input->length != 0) {
@@ -410,6 +412,14 @@ static NTSTATUS fsctl_network_iface_info(TALLOC_CTX
*mem_ctx,
}
}
+ sret = tsocket_address_bsd_sockaddr(xconn->local_address,
+ &xconn_srv_addr.u.sa,
+ sizeof(xconn_srv_addr.u.ss));
+ if (sret < 0) {
+ return NT_STATUS_INTERNAL_ERROR;
+ }
+ xconn_srv_addr.sa_socklen = sret;
--
Samba Shared Repository
