[jcifs] Patch for lsa and samr handle leaks
Vella, Shon
svella at idauto.net
Fri Sep 19 16:21:28 MDT 2014
I had a customer who was getting jcifs.smb.SmbException: 0xC000011F
(NT_STATUS_TOO_MANY_OPEN_FILES) trying to resolve a whole bunch of SIDs
against an EMC Celerra NAS device. It looked very similar to what was
reported in https://lists.samba.org/archive/jcifs/2011-February/009492.html.
I finally tracked it down to LsaPolicyHandle.close() was empty. I'm
guessing that it isn't a problem when running against windows because it
probably cleans up the unclosed handles when the RPC handle is closed,
whereas it appears that the EMC device does not clean them up until the
connection is broken.
While I was at it I also noticed that SamrDomainHandle, SamrPolicyHandle,
and SamrAliasHandle also had empty close() methods. Fortunately, in both
cases most of the protocol pieces were already there, they just needed to
be hooked up.
Patch:
Index: src/main/java/jcifs/dcerpc/msrpc/SamrAliasHandle.java
===================================================================
--- src/main/java/jcifs/dcerpc/msrpc/SamrAliasHandle.java (revision 5164)
+++ src/main/java/jcifs/dcerpc/msrpc/SamrAliasHandle.java (revision )
@@ -26,10 +26,13 @@
public class SamrAliasHandle extends rpc.policy_handle {
+ DcerpcHandle handle;
+
public SamrAliasHandle(DcerpcHandle handle,
SamrDomainHandle domainHandle,
int access,
int rid) throws IOException {
+ this.handle = handle;
MsrpcSamrOpenAlias rpc = new MsrpcSamrOpenAlias(domainHandle,
access, rid, this);
handle.sendrecv(rpc);
if (rpc.retval != 0)
@@ -37,6 +40,10 @@
}
public void close() throws IOException {
+ MsrpcSamrCloseHandle rpc = new MsrpcSamrCloseHandle(this);
+ handle.sendrecv(rpc);
+ if (rpc.retval != 0)
+ throw new SmbException(rpc.retval, false);
}
}
Index: src/main/java/jcifs/dcerpc/msrpc/MsrpcLsarClose.java
===================================================================
--- src/main/java/jcifs/dcerpc/msrpc/MsrpcLsarClose.java (revision )
+++ src/main/java/jcifs/dcerpc/msrpc/MsrpcLsarClose.java (revision )
@@ -0,0 +1,29 @@
+/* jcifs msrpc client library in Java
+ * Copyright (C) 2006 "Michael B. Allen" <jcifs at samba dot org>
+ * "Eric Glass" <jcifs at samba dot org>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA
+ */
+
+package jcifs.dcerpc.msrpc;
+
+public class MsrpcLsarClose extends lsarpc.LsarClose {
+
+ public MsrpcLsarClose(LsaPolicyHandle policyHandle) {
+ super(policyHandle);
+ ptype = 0;
+ flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
+ }
+}
Index: src/main/java/jcifs/dcerpc/msrpc/SamrDomainHandle.java
===================================================================
--- src/main/java/jcifs/dcerpc/msrpc/SamrDomainHandle.java (revision 5164)
+++ src/main/java/jcifs/dcerpc/msrpc/SamrDomainHandle.java (revision )
@@ -26,10 +26,13 @@
public class SamrDomainHandle extends rpc.policy_handle {
+ DcerpcHandle handle;
+
public SamrDomainHandle(DcerpcHandle handle,
SamrPolicyHandle policyHandle,
int access,
rpc.sid_t sid) throws IOException {
+ this.handle = handle;
MsrpcSamrOpenDomain rpc = new MsrpcSamrOpenDomain(policyHandle,
access, sid, this);
handle.sendrecv(rpc);
if (rpc.retval != 0)
@@ -37,6 +40,10 @@
}
public void close() throws IOException {
+ MsrpcSamrCloseHandle rpc = new MsrpcSamrCloseHandle(this);
+ handle.sendrecv(rpc);
+ if (rpc.retval != 0)
+ throw new SmbException(rpc.retval, false);
}
}
Index: src/main/java/jcifs/dcerpc/msrpc/LsaPolicyHandle.java
===================================================================
--- src/main/java/jcifs/dcerpc/msrpc/LsaPolicyHandle.java (revision 5164)
+++ src/main/java/jcifs/dcerpc/msrpc/LsaPolicyHandle.java (revision )
@@ -27,7 +27,10 @@
public class LsaPolicyHandle extends rpc.policy_handle {
+ DcerpcHandle handle;
+
public LsaPolicyHandle(DcerpcHandle handle, String server, int access)
throws IOException {
+ this.handle = handle;
if (server == null)
server = "\\\\";
MsrpcLsarOpenPolicy2 rpc = new MsrpcLsarOpenPolicy2(server,
access, this);
@@ -37,6 +40,10 @@
}
public void close() throws IOException {
+ MsrpcLsarClose rpc = new MsrpcLsarClose(this);
+ handle.sendrecv(rpc);
+ if (rpc.retval != 0)
+ throw new SmbException(rpc.retval, false);
}
}
Index: src/main/java/jcifs/dcerpc/msrpc/SamrPolicyHandle.java
===================================================================
--- src/main/java/jcifs/dcerpc/msrpc/SamrPolicyHandle.java (revision 5164)
+++ src/main/java/jcifs/dcerpc/msrpc/SamrPolicyHandle.java (revision )
@@ -21,10 +21,14 @@
import java.io.IOException;
import jcifs.dcerpc.*;
+import jcifs.smb.SmbException;
public class SamrPolicyHandle extends rpc.policy_handle {
+ DcerpcHandle handle;
+
public SamrPolicyHandle(DcerpcHandle handle, String server, int
access) throws IOException {
+ this.handle = handle;
if (server == null)
server = "\\\\";
MsrpcSamrConnect4 rpc = new MsrpcSamrConnect4(server, access,
this);
@@ -40,6 +44,10 @@
}
public void close() throws IOException {
+ MsrpcSamrCloseHandle rpc = new MsrpcSamrCloseHandle(this);
+ handle.sendrecv(rpc);
+ if (rpc.retval != 0)
+ throw new SmbException(rpc.retval, false);
}
}
Index: src/main/java/jcifs/dcerpc/msrpc/MsrpcSamrCloseHandle.java
===================================================================
--- src/main/java/jcifs/dcerpc/msrpc/MsrpcSamrCloseHandle.java (revision )
+++ src/main/java/jcifs/dcerpc/msrpc/MsrpcSamrCloseHandle.java (revision )
@@ -0,0 +1,31 @@
+/* jcifs msrpc client library in Java
+ * Copyright (C) 2006 "Michael B. Allen" <jcifs at samba dot org>
+ * "Eric Glass" <jcifs at samba dot org>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
USA
+ */
+
+package jcifs.dcerpc.msrpc;
+
+import jcifs.dcerpc.rpc;
+
+public class MsrpcSamrCloseHandle extends samr.SamrCloseHandle {
+
+ public MsrpcSamrCloseHandle(rpc.policy_handle policyHandle) {
+ super(policyHandle);
+ ptype = 0;
+ flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
+ }
+}
Shon Vella
Product Engineer
iDENTiTYAUTOMATiON
www.identityautomation.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.samba.org/pipermail/jcifs/attachments/20140919/c3981584/attachment-0001.html>
More information about the jCIFS
mailing list