[SCM] Samba Shared Repository - branch v3-5-test updated
Karolin Seeger
kseeger at samba.org
Mon Jul 4 13:53:38 MDT 2011
The branch, v3-5-test has been updated
via 48355da s3:nmbd_subnetdb: close all sockets attached to a subnet in close_subnet() (bug #8276)
via 9d5738f s3:nmbd_packets: make sure create_listen_fdset() returns initialized data (bug #8276)
from 1da14b9 s3:smbldap: make smbldap_connect_system self contained
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit 48355dae98885ca0d44dbf4206a0bdf16c64fced
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 30 10:09:56 2011 +0200
s3:nmbd_subnetdb: close all sockets attached to a subnet in close_subnet() (bug #8276)
metze
(cherry picked from commit 75e9f2110876137a57632d223248ac51dbfc4569)
commit 9d5738f779b803fb257537d6308a5f34625cb1b0
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 30 09:56:06 2011 +0200
s3:nmbd_packets: make sure create_listen_fdset() returns initialized data (bug #8276)
Fix bug #7949 (DoS in Winbind and smbd with many file descriptors open)
(commit feb3fcd0fa4bda0967b881315595d7702f4d1752) changed the bahavior,
so that we skipped some sockets.
This should work for v3-5-test.
metze
-----------------------------------------------------------------------
Summary of changes:
source3/nmbd/nmbd_packets.c | 44 ++++++++++++++++++++++++-----------------
source3/nmbd/nmbd_subnetdb.c | 14 ++++++++++--
2 files changed, 37 insertions(+), 21 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c
index 0eafb2c..e53eebb 100644
--- a/source3/nmbd/nmbd_packets.c
+++ b/source3/nmbd/nmbd_packets.c
@@ -1729,19 +1729,23 @@ only use %d.\n", count, FD_SETSIZE));
for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) {
if (subrec->nmb_sock < 0 || subrec->nmb_sock >= FD_SETSIZE) {
/* We have to ignore sockets outside FD_SETSIZE. */
- continue;
+ sock_array[num++] = -1;
+ } else {
+ FD_SET(subrec->nmb_sock,pset);
+ sock_array[num++] = subrec->nmb_sock;
+ *maxfd = MAX( *maxfd, subrec->nmb_sock);
}
- FD_SET(subrec->nmb_sock,pset);
- sock_array[num++] = subrec->nmb_sock;
- *maxfd = MAX( *maxfd, subrec->nmb_sock);
if (subrec->nmb_bcast < 0 || subrec->nmb_bcast >= FD_SETSIZE) {
/* We have to ignore sockets outside FD_SETSIZE. */
- continue;
+ sock_array[num++] = -1;
+ } else {
+ sock_array[num++] = subrec->nmb_bcast;
+ if (subrec->nmb_bcast != -1) {
+ FD_SET(subrec->nmb_bcast,pset);
+ *maxfd = MAX( *maxfd, subrec->nmb_bcast);
+ }
}
- sock_array[num++] = subrec->nmb_bcast;
- FD_SET(subrec->nmb_bcast,pset);
- *maxfd = MAX( *maxfd, subrec->nmb_bcast);
}
/* Add in the lp_socket_address() interface on 138. */
@@ -1761,23 +1765,27 @@ only use %d.\n", count, FD_SETSIZE));
for (subrec = FIRST_SUBNET; subrec; subrec = NEXT_SUBNET_EXCLUDING_UNICAST(subrec)) {
if (subrec->dgram_sock < 0 || subrec->dgram_sock >= FD_SETSIZE) {
/* We have to ignore sockets outside FD_SETSIZE. */
- continue;
+ sock_array[num++] = -1;
+ } else {
+ FD_SET(subrec->dgram_sock,pset);
+ sock_array[num++] = subrec->dgram_sock;
+ *maxfd = MAX( *maxfd, subrec->dgram_sock);
}
- FD_SET(subrec->dgram_sock,pset);
- sock_array[num++] = subrec->dgram_sock;
- *maxfd = MAX( *maxfd, subrec->dgram_sock);
if (subrec->dgram_bcast < 0 || subrec->dgram_bcast >= FD_SETSIZE) {
/* We have to ignore sockets outside FD_SETSIZE. */
- continue;
- }
- sock_array[num++] = subrec->dgram_bcast;
- if (subrec->dgram_bcast != -1) {
- FD_SET(subrec->dgram_bcast,pset);
- *maxfd = MAX( *maxfd, subrec->dgram_bcast);
+ sock_array[num++] = -1;
+ } else {
+ sock_array[num++] = subrec->dgram_bcast;
+ if (subrec->dgram_bcast != -1) {
+ FD_SET(subrec->dgram_bcast,pset);
+ *maxfd = MAX( *maxfd, subrec->dgram_bcast);
+ }
}
}
+ SMB_ASSERT(count == num);
+
*listen_number = count;
SAFE_FREE(*ppset);
diff --git a/source3/nmbd/nmbd_subnetdb.c b/source3/nmbd/nmbd_subnetdb.c
index 703e229..48dbe66 100644
--- a/source3/nmbd/nmbd_subnetdb.c
+++ b/source3/nmbd/nmbd_subnetdb.c
@@ -55,13 +55,21 @@ yet and it may be in use by a response record
void close_subnet(struct subnet_record *subrec)
{
+ if (subrec->nmb_sock != -1) {
+ close(subrec->nmb_sock);
+ subrec->nmb_sock = -1;
+ }
+ if (subrec->nmb_bcast != -1) {
+ close(subrec->nmb_bcast);
+ subrec->nmb_bcast = -1;
+ }
if (subrec->dgram_sock != -1) {
close(subrec->dgram_sock);
subrec->dgram_sock = -1;
}
- if (subrec->nmb_sock != -1) {
- close(subrec->nmb_sock);
- subrec->nmb_sock = -1;
+ if (subrec->dgram_bcast != -1) {
+ close(subrec->dgram_bcast);
+ subrec->dgram_bcast = -1;
}
DLIST_REMOVE(subnetlist, subrec);
--
Samba Shared Repository
More information about the samba-cvs
mailing list