svn commit: samba r18363 - in branches/SAMBA_4_0/source/rpc_server:
.
abartlet at samba.org
abartlet at samba.org
Mon Sep 11 06:17:13 GMT 2006
Author: abartlet
Date: 2006-09-11 06:17:12 +0000 (Mon, 11 Sep 2006)
New Revision: 18363
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=18363
Log:
Found a rather nasty bug in our fragment handling.
We were adding packet fragments onto the *reply* queue, not the
recieve queue. This worked, as long as we got a whole packet before
we did any reply work, but failed once the backend called a remote
LDAP server (and I presume something invoked the event loop).
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c
branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h
Changeset:
Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c 2006-09-11 06:15:39 UTC (rev 18362)
+++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.c 2006-09-11 06:17:12 UTC (rev 18363)
@@ -133,12 +133,12 @@
}
/*
- find a call that is pending in our call list
+ find the earlier parts of a fragmented call awaiting reassembily
*/
-static struct dcesrv_call_state *dcesrv_find_call(struct dcesrv_connection *dce_conn, uint16_t call_id)
+static struct dcesrv_call_state *dcesrv_find_fragmented_call(struct dcesrv_connection *dce_conn, uint16_t call_id)
{
struct dcesrv_call_state *c;
- for (c=dce_conn->call_list;c;c=c->next) {
+ for (c=dce_conn->incoming_fragmented_call_list;c;c=c->next) {
if (c->pkt.call_id == call_id) {
return c;
}
@@ -1013,7 +1013,7 @@
/* this is a continuation of an existing call - find the call then
tack it on the end */
- call = dcesrv_find_call(dce_conn, call2->pkt.call_id);
+ call = dcesrv_find_fragmented_call(dce_conn, call2->pkt.call_id);
if (!call) {
return dcesrv_fault(call2, DCERPC_FAULT_OTHER);
}
@@ -1049,10 +1049,11 @@
}
/* this may not be the last pdu in the chain - if its isn't then
- just put it on the call_list and wait for the rest */
+ just put it on the incoming_fragmented_call_list and wait for the rest */
if (call->pkt.ptype == DCERPC_PKT_REQUEST &&
!(call->pkt.pfc_flags & DCERPC_PFC_FLAG_LAST)) {
- DLIST_ADD_END(dce_conn->call_list, call, struct dcesrv_call_state *);
+ DLIST_ADD_END(dce_conn->incoming_fragmented_call_list, call,
+ struct dcesrv_call_state *);
return NT_STATUS_OK;
}
Modified: branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h
===================================================================
--- branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h 2006-09-11 06:15:39 UTC (rev 18362)
+++ branches/SAMBA_4_0/source/rpc_server/dcerpc_server.h 2006-09-11 06:17:12 UTC (rev 18363)
@@ -168,12 +168,15 @@
/* a list of established context_ids */
struct dcesrv_connection_context *contexts;
- /* the state of the current calls */
- struct dcesrv_call_state *call_list;
+ /* the state of the current incoming call fragments */
+ struct dcesrv_call_state *incoming_fragmented_call_list;
/* the state of the async pending calls */
struct dcesrv_call_state *pending_call_list;
+ /* the state of the current outgoing calls */
+ struct dcesrv_call_state *call_list;
+
/* the maximum size the client wants to receive */
uint32_t cli_max_recv_frag;
More information about the samba-cvs
mailing list