[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Wed Jul 8 17:17:04 UTC 2020
The branch, master has been updated
via 3afdf2a8618 s3:smbd: skip ctdb public ips in fsctl_network_iface_info()
via 79eaa196dc8 s3:smbd: disconnect the all client connections if a ctdb public ip dropped
via af51b75c611 s3:smbd: make smbXsrv_client_connection_pass_loop() more robust
via ab14a0d1624 s3:smbd: make sure smbXsrv_connection_disconnect_transport() closes the socket fd
via ecef3fe077d s3:smbd: make sure we detect stale smbXsrv_connection pointers in smbXsrv_session_auth0
via 876a84493bb s3:smbd: fill in xconn->client early in smbd_add_connection()
via dbe27672131 s3:smbd: handle NETWORK_ACCESS_DENIED in smbXsrv_client_connection_pass_loop()
via ad3c5c1a626 s3:smbd: consistently use DLIST_ADD* to fill client->connections in smbd_add_connection()
via 4d924528905 s3:ctdbd_conn: add ctdbd_control_get_public_ips() and ctdbd_find_in_public_ips()
via 57515a43fbd s3:ctdbd_conn: make use of samba_sockaddr in ctdbd_connect()
via ba66abef888 s3:ctdbd_conn: make use of ctdbd_control_local() in ctdbd_register_ips()
via 883657a7cfe selftest/Samba3: make use of 'smbd:FSCTL_SMBTORTURE = yes'
via bd1285d40d0 s3:smbd: implement FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
via 88b0da10627 s3:smbd: make use of the new ack infrastructure for oplock/lease breaks
via 8b8c5c4154f s3:smbd: force multi-channel to be turned off without FreeBSD/Linux support
via 3cd775af053 s3:smbd: add infrastructure to wait for TCP acks
via 557adf8cccc s3:smbd: add logic to retry break notifications on all available channels
via bc10e5039a9 docs-xml/smbdotconf: add "smb2 disable oplock break retry"
via 4230bcdf7e0 s3:smbd: convert smbd_smb2_send_break() into async smbd_smb2_break_send/recv()
via 37c52c2d498 s3:smbd: add smbd_smb2_send_queue.sendfile_body_size
via 61b9418784f s3:smbd: introduce smbXsrv_pending_break infrastructure
via 36812aadbd8 s3:smbd: avoid dereferencing client->connections
via c66110cf337 s3:smbd: setup client->global->client_guid even without multichannel support
via 66c0888d2e9 s3:smbd: pass down smbXsrv_client to smbd_smb2_send_{oplock,lease}_break()
via 42497b86399 s3:smbd: pass smbXsrv_client to downgrade_lease()
via 54bd3a46c84 s3:smbd: add smbd_server_disconnect_client[_ex]()
via 60d7f059a40 s3:smbd: remove unused session,tcon parameters from smbd_smb2_send_oplock_break()
via a1e5b8c77c1 s3:smbd: pass down session_id to smbd_smb2_send_break()
via acf80fd9437 s3:smbd: remove dead code from smbd_smb2_send_break()
via 5ad618bc67a s4:torture/smb2: add smb2.multichannel.oplocks.test3{_windows,specification}
via 5bb9da8cd78 s4:torture/smb2: (re-)add smb2.multichannel.leases.test4
via 2da65bed806 s4:torture/smb2: remove useless 'smb2.multichannel.leases.test4'
via f92f24ee266 s4:torture/smb2: fix smb2.multichannel.leases.test2 against windows
via 31e2b7f04ba s4:torture/smb2: split smb2.oplock.batch22 into a and b
via 3d7f81979c2 s4:torture/smb2: move smb2_transport blocking to the generic block.[ch]
via 68a351b7620 s4:torture/smb2: make use of FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
via 8c7bb245ff8 s4:torture/smb2: refactor block.c to block the OUTPUT path
via a52e7114df6 s4:torture/smb2: add break_info.oplock_skip_ack
via 2181f728edf s4:torture/smb2: move interface_info test to smb2.multichannel.generic
via 3559a1df9bc s4:torture/smb2: make use of transport_options.only_negprot for multichannel connections
via d2b8274438f s4:torture/smb2: simplify code to generate list of smb2 channels
via 5451882004c s4:torture/smb2: add const to options for test_multichannel_create_channel()
via ce7eaca7353 s4:libcli/smb2: add const to struct smbcli_options *options for smb2_connect()
via 7d06874478e s4:libcli/smb2: allow smb2_connect*() to fake session and tcon
via fe6a6ec4d48 s4:param: use struct initializer in lpcfg_smbcli_session_options()
via 9f3ab6a113d s4:param: use struct initializer in lpcfg_smbcli_options()
via 0d2566210a8 libcli/smb: define FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
via 816528923e9 s3:includes: change OPLOCK_BREAK_TIMEOUT from 30 to 35 seconds
via bd71d2d92c2 lib/util: allow to set TCP_USER_TIMEOUT socket option
from 4faab2a77a6 s3:dbwrap_watch: avoid recursion into dbwrap_do_locked() from dbwrap_watched_do_locked_{storev,delete}()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3afdf2a8618ef9ca7cfba279e87ab59c8ae3d662
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 15:32:11 2020 +0200
s3:smbd: skip ctdb public ips in fsctl_network_iface_info()
Multi-Channel clients should not connect to ctdb public ip addresses
(which move between nodes).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
Autobuild-Date(master): Wed Jul 8 17:16:40 UTC 2020 on sn-devel-184
commit 79eaa196dc8549ac4676ac055543bf0bfa542264
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 15:59:42 2020 +0200
s3:smbd: disconnect the all client connections if a ctdb public ip dropped
For now we keep it simple and any disconnect on a connection that
used a ctdb public address, will disconnect all other remaining
connections.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit af51b75c6118787ce8b4b1fcc8198ff15397788b
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 3 10:08:08 2020 +0200
s3:smbd: make smbXsrv_client_connection_pass_loop() more robust
Don't leak fds in the error paths.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit ab14a0d162472899c081c1cb477ac6c888b44e5d
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 3 09:55:57 2020 +0200
s3:smbd: make sure smbXsrv_connection_disconnect_transport() closes the socket fd
I assumed that TALLOC_FREE(xconn->transport.fde) would close the socket,
but until now we didn't use tevent_fd_set_auto_close().
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit ecef3fe077d6a44659c7bb9d30dfcab61c64f0e8
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 1 18:02:16 2020 +0200
s3:smbd: make sure we detect stale smbXsrv_connection pointers in smbXsrv_session_auth0
Pointer values can be reused (yes, I hit that during my testing!).
Introduce a channel_id to identify connections and also add
some timestamps to make debugging easier.
This makes smbXsrv_session_find_auth() much more robust.
This is a similar change as 0cec96526bf4d3209caf36c4a19632ff5d5dd112:
"smb2_server: make sure we detect stale smbXsrv_connection pointers in smbXsrv_channel_global"
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 876a84493bb4c90edc01f49cdd332275383a8eb0
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 22:45:07 2020 +0200
s3:smbd: fill in xconn->client early in smbd_add_connection()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit dbe27672131593390218423acbf20d6a2ea45410
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 22:43:47 2020 +0200
s3:smbd: handle NETWORK_ACCESS_DENIED in smbXsrv_client_connection_pass_loop()
smbd_add_connection() may return a valid connection together with
NT_STATUS_NETWORK_ACCESS_DENIED.
We need additional cleanup for that case.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit ad3c5c1a626b73133a62f79eb58c4960912d7809
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 22:42:18 2020 +0200
s3:smbd: consistently use DLIST_ADD* to fill client->connections in smbd_add_connection()
We should not just overwrite the client->connections pointer if we
reject the connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 4d92452890539d894315db2255f99b24e4f2a348
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 15:14:04 2020 +0200
s3:ctdbd_conn: add ctdbd_control_get_public_ips() and ctdbd_find_in_public_ips()
These will be used in the multi channel code in order to handle
public ip addresses, which can move arround ctdb nodes.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 57515a43fbd9ad7071838319aaa663a57fabf440
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 15:11:44 2020 +0200
s3:ctdbd_conn: make use of samba_sockaddr in ctdbd_connect()
This avoids compiler warnings like this:
dereferencing type-punned pointer might break strict-aliasing rules [-Wstrict-aliasing]
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit ba66abef8887c71d9fb94980402796f8fbea1d5b
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jun 25 14:00:27 2020 +0200
s3:ctdbd_conn: make use of ctdbd_control_local() in ctdbd_register_ips()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11898
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 883657a7cfe0788b8c82b58a0379a8ea724df72a
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 23 15:56:34 2020 +0200
selftest/Samba3: make use of 'smbd:FSCTL_SMBTORTURE = yes'
This makes sure the lease/oplock break retry logic based on
missing TCP acks is tested.
We're still not able to run multichannel tests automatically,
as socket wrapper doesn't support fd-passing yet.
But this testing this with single channels is a good start.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit bd1285d40d0671a0ba80b4143a871426f369a926
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 8 16:33:45 2020 +0200
s3:smbd: implement FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This will be used by smbtorture in order to simulate channel failures
without relying on iptables.
'smbd:FSCTL_SMBTORTURE = yes' is required in order to active this.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 88b0da106276c95e5690aa91dc5586e46a47fc92
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 5 22:11:26 2020 +0200
s3:smbd: make use of the new ack infrastructure for oplock/lease breaks
This finally implements the retry of failed oplock/lease breaks.
Before smbd_smb2_break_send/recv completed directly after
sendmsg() passed the pdu to the kernel.
Now the completion is (at least) deferred until the
the next smbXsrv_connection_ack_checker() run happens
and smbd_smb2_send_queue_ack_bytes() found that
all bytes of the break notification left the kernel
send queue (and were TCP acked).
If the connection is disconnected all pending break
notifications are completed with an error, which is
then returned by smbd_smb2_break_recv().
smbXsrv_pending_break_submit() will then submit
another break notification via the next available
connection/channel.
The smbXsrv_connection_ack_checker() runs each
rto_usecs (between 0.2s and 1.0s). smbd_smb2_break_send()
will set a timeout of 6*rto_usecs (between 1.2s and 6s).
If smbXsrv_connection_ack_checker() detects via
smbd_smb2_send_queue_ack_bytes() that a pending break
notification is pending for more than its timeout
we'll disconnect the connection with NT_STATUS_IO_TIMEOUT.
This will be handled as any other disconnect and
will in turn also trigger the retry on the next channel.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 8b8c5c4154f581c5d79585017443dffc1602bdf6
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 8 12:23:47 2020 +0200
s3:smbd: force multi-channel to be turned off without FreeBSD/Linux support
For now it's safer to disable multi-channel without having support
for TIOCOUTQ/FIONWRITE on tcp sockets.
Using a fixed retransmission timeout (rto) of 1 second would be ok,
but we better require kernel support for requesting for unacked bytes
in the kernel send queue.
"force:server multi channel support = yes" can be used to overwrite
the compile time restriction (mainly for testing).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 3cd775af053f95a35492e66299110d4087c452d0
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 3 10:57:59 2020 +0200
s3:smbd: add infrastructure to wait for TCP acks
This will be the core of the logic that allows
us to retry break notifications.
When we start the "pending break cycle" we ask for
the current retransmission timemout (rto) on the TCP connection
and remember how many unacked bytes are in the kernel's
send queue. Each time we send bytes into the kernel
we add them to the unacked bytes.
We use a timer using the rto interval in order
to check the amount of unacked bytes again.
The provides send_queu_entry.ack.req will be completed
with tevent_req_done() when everything is completely acked,
tevent_req_nterror(NT_STATUS_IO_TIMEOUT) when
send_queu_entry.ack.timeout is expired or
tevent_req_nterror(connection_error) when the connection
gets disconnected.
It works with support from the FreeBSD and Linux kernels.
For other platforms we just have a fixed rto of 1 second.
And pretend all bytes are acked when we recheck after 1 second.
So only a connection error could trigger tevent_req_nterror(),
but there's no timeout. A follow up commit will most likely
disable support for multi-channel if we don't have kernel support.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 557adf8ccccf0aed8084ffde0dfeecc5695b5265
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 18:05:39 2020 +0200
s3:smbd: add logic to retry break notifications on all available channels
For leases we need to use any available connection with the same
client_guid. That means all connections in the client->connections list.
We try the oldest connection first, as that's what windows is doing.
For oplocks we implement the same as that's what the specification
says. Windows behaves different and we have
'smb2 disable oplock break retry = yes' in order to behave like Windows.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit bc10e5039a9056474f0cab03a798d85d62d47254
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 23 17:39:10 2020 +0200
docs-xml/smbdotconf: add "smb2 disable oplock break retry"
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 4230bcdf7e068423c291df37d3dbf736b4cb92a2
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 18:05:39 2020 +0200
s3:smbd: convert smbd_smb2_send_break() into async smbd_smb2_break_send/recv()
This will make it possible to detect errors in order to retry sending
the break on another connection.
For now we always report NT_STATUS_OK, when we delivered the break
notification to the kernel send queue. But that will change in
the following commits.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 37c52c2d49830940397a164864044dbd1f5d6c6a
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 5 20:14:10 2020 +0200
s3:smbd: add smbd_smb2_send_queue.sendfile_body_size
The following patches require the size of the full sendfile() pdu.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 61b9418784f27b799338ea5aeab02b39bbd39ad1
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 17:13:22 2020 +0200
s3:smbd: introduce smbXsrv_pending_break infrastructure
This prepares support for oplock/lease break replay from
the server to the client.
We need some state in order to do replays later.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 36812aadbd89802b1495cb257223e0d5d2d50e9c
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 8 10:15:56 2020 +0200
s3:smbd: avoid dereferencing client->connections
There're typically better ways to get the same information.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit c66110cf33758ee0da035a05585195621b60a393
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 8 13:59:26 2020 +0200
s3:smbd: setup client->global->client_guid even without multichannel support
It's too confusing if client->global->client_guid and
client->connections->smb2.client.guid don't have the same value.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 66c0888d2e9a76d59fd29cc7be3597e60235e503
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 16:50:22 2020 +0200
s3:smbd: pass down smbXsrv_client to smbd_smb2_send_{oplock,lease}_break()
Which connection is actually used should not matter to the main logic.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 42497b8639965de7b800b25ce20052ef7b44fb05
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 16:33:23 2020 +0200
s3:smbd: pass smbXsrv_client to downgrade_lease()
This prepares for multichannel support, where breaks are not bound
to a single connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 54bd3a46c84b87aa4d391c797c363df954b9b686
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 16:43:43 2020 +0200
s3:smbd: add smbd_server_disconnect_client[_ex]()
With multichannel things may not happen only on one connection.
We may need to disconnect all connections of a client, when something
bad happens.
The first users of this will be the lease/oplock break code,
if they are not able allocate memory or something similar
we need to bail out.
Having a special smbXsrv_client based function is better than
calling exit_server*() directly.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 60d7f059a40457ab9fa01f1bf2eeddc1c3b7d0ab
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 19 14:10:21 2020 +0200
s3:smbd: remove unused session,tcon parameters from smbd_smb2_send_oplock_break()
They are no longer used. However we'll make use of
op->compat->vuid in the next commits, as the session id should be part
of oplock breaks.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit a1e5b8c77c1e409e22d72086853ba4a5331e279c
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jun 5 20:12:57 2020 +0200
s3:smbd: pass down session_id to smbd_smb2_send_break()
Oplock break should contain a valid session id of the open file handle,
as file handles are relative to a session.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit acf80fd94374644e26b6bdef7f39a63f62ba57ba
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue May 19 13:33:27 2020 +0200
s3:smbd: remove dead code from smbd_smb2_send_break()
Starting with commit 0a924d13cf4bb570cce3955cf0de9d8678b37dbe
("smbd: Send SMB2 oplock breaks unencrypted") we always passed in
session=NULL and tcon=NULL.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 5ad618bc67a36fcd811271ccfff4ac35b9806410
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 8 15:03:30 2020 +0200
s4:torture/smb2: add smb2.multichannel.oplocks.test3{_windows,specification}
This is similar to the smb2.multichannel.leases.test5,
but it tests the oplock case instead of leases.
With Oplocks Windows only sends a single break on the latest channel,
this is not what the spec says...
Maybe we should have a similar test that would expect the
behavior from the [MS-SMB2] (3/4/2020 rev 60.0)
"3.3.4.6 Object Store Indicates an Oplock Break":
...
If the server implements the SMB 3.x dialect family, SMB2 Oplock Break
Notification MUST be sent to the client using the first available
connection in Open.Session.ChannelList where Channel.Connection is not
NULL. If the server fails to send the notification to the client, the
server MUST retry the send using an alternate connection, if available,
in Open.Session.ChannelList.
...
Here I add one test that demonstrates the Windows behavior:
smb2.multichannel.oplocks.test3_windows
and a 2nd test that demonstrates the behavior from MS-SMB2.
smb2.multichannel.oplocks.test3_specification
Note that Windows 10 seems to behave differently and it's not
possible to open all 32 channel used by this test.
Against remote servers it's required to run iptables as root:
#> smbtorture //server/torture -Uu%p \
--option="torture:use_iptables=yes" \
--option="torture:iptables_command=sudo /sbin/iptables" \
smb2.multichannel.oplocks.test3_windows
#> smbtorture //server/torture -Uu%p \
--option="torture:use_iptables=yes" \
--option="torture:iptables_command=sudo /sbin/iptables" \
smb2.multichannel.oplocks.test3_specification
The test will also work against a Samba server
with 'smbd:FSCTL_SMBTORTURE = yes', and won't require iptables
in that case.
Samba will get a "smb2 disable oplock break retry" configuration
option to switch between both behaviors, as it's much more common with Samba
that leases are not supported and clients will fallback to
oplocks together with multichannel.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 5bb9da8cd783049a448c4df8b4b31099a87b4822
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 8 15:03:30 2020 +0200
s4:torture/smb2: (re-)add smb2.multichannel.leases.test4
This tests 32 channels, which is the maximum Windows Server
versions support. (Note that Windows 10 (a Client OS as SMB server,
seems to support only 20 channels and may differ in other aspects,
so we ignore that for now).
This works at least against Windows Server 2019
and we see lease break notification retries every ~ 1.3 seconds
with ~ 5 TCP retransmissions. At that rate we see the remaining
5 retries after the conflicting SMB2 Create already returned.
Older Windows Server versions use much longer timeouts in the TCP-stack,
they send lease break notification retries less often and only 4 in
total, all other channels get TCP-RST packets because of missing
TCP keepalive packets before they're used.
The intervals between lease break notification retries are
~19 seconds for 2012[_R2] and ~25 seconds for 2016.
It means that only ~2 lease break notifications arrive before
the open returns after ~35 seconds.
Note that Windows 10 seems to behave differently and it's not
possible to open all 32 channel used by this test.
Against remote servers it's required to run iptables as root:
#> smbtorture //server/torture -Uu%p \
--option="torture:use_iptables=yes" \
--option="torture:iptables_command=sudo /sbin/iptables" \
smb2.multichannel.leases.test4
The test will also work against a Samba server
with 'smbd:FSCTL_SMBTORTURE = yes', and won't require iptables
in that case.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 2da65bed806d50c6418bb887602374a847b7de08
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 23 16:01:54 2020 +0200
s4:torture/smb2: remove useless 'smb2.multichannel.leases.test4'
Having a test that would only pass against Samba makes things way
to complex, they're already complex and we should try to behave
like windows as much as possible.
The next commit will add a better test that will work against Windows
Servers and the future Samba servers.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit f92f24ee2663ce739bc24bbd0c4a2455901d2680
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 23 12:38:49 2020 +0200
s4:torture/smb2: fix smb2.multichannel.leases.test2 against windows
We still receive the break on the blocked channel,
it's only the response ACKs, which we are blocking (or simulate to
block).
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 31e2b7f04ba547c2fee84700822f464308945ac8
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 23 00:09:38 2020 +0200
s4:torture/smb2: split smb2.oplock.batch22 into a and b
batch22a tests the timeout on a valid connection
and batch22b tests the timeout on a broken/blocked connection.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 3d7f81979c2db790930b369671e8346f0bb25331
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 22 17:30:28 2020 +0200
s4:torture/smb2: move smb2_transport blocking to the generic block.[ch]
We may want to use this in other places too, not only multichannel.c
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 68a351b7620a87fc8191666e49058cbfdee62e67
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 8 16:33:45 2020 +0200
s4:torture/smb2: make use of FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This is a way to test without being able to use iptables.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 8c7bb245ff84b1603935c45969c3bec004dff335
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 29 09:18:12 2020 -0700
s4:torture/smb2: refactor block.c to block the OUTPUT path
In order to create useful tests, we should block the outgoing
tcp packets only. That means we're able to see incoming
break notifications, but prevent outgoing TCP ACKs to be delivered
to the server.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit a52e7114df631e09f74eab16765ec00bff474549
Author: Stefan Metzmacher <metze at samba.org>
Date: Tue Jun 2 14:52:07 2020 +0200
s4:torture/smb2: add break_info.oplock_skip_ack
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 2181f728edf933d5c0f94990122ea55097ec8217
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 26 10:18:04 2019 +0200
s4:torture/smb2: move interface_info test to smb2.multichannel.generic
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
commit 3559a1df9bc80bf3b2a11faf020149dd9facfe4c
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 1 18:37:44 2020 +0200
s4:torture/smb2: make use of transport_options.only_negprot for multichannel connections
This avoid useless session setups and tree connects on the wire.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit d2b8274438f8701ab79d773d72ac003a32bbfb51
Author: Günther Deschner <gd at samba.org>
Date: Thu Sep 26 10:18:33 2019 +0200
s4:torture/smb2: simplify code to generate list of smb2 channels
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Pair-Programmed-With: Stefan Metzmacher <metze at samba.org>
Signed-off-by: Guenther Deschner <gd at samba.org>
Signed-off-by: Stefan Metzmacher <metze at samba.org>
commit 5451882004c29bb06bb20d735d96d21928bc54d1
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 3 11:56:19 2020 +0200
s4:torture/smb2: add const to options for test_multichannel_create_channel()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit ce7eaca7353289ee4959406a39536a1efbc9d2ac
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Jul 3 11:54:42 2020 +0200
s4:libcli/smb2: add const to struct smbcli_options *options for smb2_connect()
It will just be passed to smb2_connect_ext(), which already takes a
const pointer.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 7d06874478edb29a14eedcd8d634f3bf5d8dee50
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jul 1 18:27:40 2020 +0200
s4:libcli/smb2: allow smb2_connect*() to fake session and tcon
For multichannel connection we want a way to have just a connection
with a negprot finished.
For now we just fake a tcon and session in order to avoid changes in the
caller. We can clean that up later if needed.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit fe6a6ec4d4843f4eecbb88e1664fbbc8e355a0ca
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 2 13:25:43 2020 +0200
s4:param: use struct initializer in lpcfg_smbcli_session_options()
We should zero all fields not initialiazed explicitly.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 9f3ab6a113d33bd028f7891dc0c96568c6ab9ce0
Author: Stefan Metzmacher <metze at samba.org>
Date: Thu Jul 2 13:25:43 2020 +0200
s4:param: use struct initializer in lpcfg_smbcli_options()
We should zero all fields not initialiazed explicitly.
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 0d2566210a89a3916f52535c534e55fbf889456e
Author: Stefan Metzmacher <metze at samba.org>
Date: Mon Jun 8 16:33:45 2020 +0200
libcli/smb: define FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT
This will be used by smbtorture in order to simulate channel failures
without relying on iptables.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit 816528923e9df51cf6f958190704013cf4ca4740
Author: Stefan Metzmacher <metze at samba.org>
Date: Wed Jun 3 14:41:12 2020 +0200
s3:includes: change OPLOCK_BREAK_TIMEOUT from 30 to 35 seconds
This is what windows is using for normal oplock and lease breaks.
Note that windows uses higher values for persistent handles,
they use 60 seconds for oplocks and 180 seconds for leases.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Günther Deschner <gd at samba.org>
commit bd71d2d92c2186bc503449085e53fcb7564cbb42
Author: Günther Deschner <gd at samba.org>
Date: Wed Sep 20 20:21:49 2017 +0200
lib/util: allow to set TCP_USER_TIMEOUT socket option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11897
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
-----------------------------------------------------------------------
Summary of changes:
.../protocol/servermultichannelsupport.xml | 5 +
.../protocol/smb2_disable_oplock_break_retry.xml | 39 +
docs-xml/smbdotconf/tuning/socketoptions.xml | 1 +
lib/util/util_net.c | 3 +
libcli/smb/smb_constants.h | 8 +
selftest/knownfail | 2 +-
selftest/target/Samba3.pm | 1 +
source3/include/ctdbd_conn.h | 8 +
source3/include/local.h | 2 +-
source3/lib/ctdb_dummy.c | 15 +
source3/lib/ctdbd_conn.c | 102 +-
source3/librpc/idl/smbXsrv.idl | 6 +
source3/locking/leases_util.c | 2 +-
source3/smbd/globals.h | 30 +-
source3/smbd/open.c | 2 +-
source3/smbd/oplock.c | 26 +-
source3/smbd/process.c | 25 +-
source3/smbd/proto.h | 3 +-
source3/smbd/smb2_break.c | 58 +-
source3/smbd/smb2_glue.c | 10 +-
source3/smbd/smb2_ioctl.c | 43 +
source3/smbd/smb2_ioctl_network_fs.c | 28 +
source3/smbd/smb2_negprot.c | 6 +
source3/smbd/smb2_read.c | 1 +
source3/smbd/smb2_server.c | 839 +++++++++--
source3/smbd/smb2_sesssetup.c | 2 +-
source3/smbd/smbXsrv_client.c | 38 +-
source3/smbd/smbXsrv_session.c | 5 +
source4/libcli/raw/libcliraw.h | 1 +
source4/libcli/smb2/connect.c | 11 +-
source4/param/loadparm.c | 38 +-
source4/torture/smb2/block.c | 480 +++---
source4/torture/smb2/block.h | 42 +-
source4/torture/smb2/multichannel.c | 1580 +++++++++++++-------
source4/torture/smb2/oplock.c | 105 +-
source4/torture/smb2/oplock_break_handler.c | 4 +
source4/torture/smb2/oplock_break_handler.h | 1 +
37 files changed, 2614 insertions(+), 958 deletions(-)
create mode 100644 docs-xml/smbdotconf/protocol/smb2_disable_oplock_break_retry.xml
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/protocol/servermultichannelsupport.xml b/docs-xml/smbdotconf/protocol/servermultichannelsupport.xml
index e39785427a6..5f87298b4bd 100644
--- a/docs-xml/smbdotconf/protocol/servermultichannelsupport.xml
+++ b/docs-xml/smbdotconf/protocol/servermultichannelsupport.xml
@@ -15,6 +15,11 @@
it may result in data corruption under some race conditions.
Future releases may improve this situation.
</para>
+
+ <para>Due to dependencies to kernel APIs of Linux or FreeBSD, it's only possible
+ to use this feature on Linux and FreeBSD for now. For testing this restriction
+ can be overwritten by specifying <constant>force:server multi channel support=yes</constant>
+ in addition.</para>
</description>
<value type="default">no</value>
diff --git a/docs-xml/smbdotconf/protocol/smb2_disable_oplock_break_retry.xml b/docs-xml/smbdotconf/protocol/smb2_disable_oplock_break_retry.xml
new file mode 100644
index 00000000000..1b67100b7eb
--- /dev/null
+++ b/docs-xml/smbdotconf/protocol/smb2_disable_oplock_break_retry.xml
@@ -0,0 +1,39 @@
+<samba:parameter name="smb2 disable oplock break retry"
+ context="G"
+ type="boolean"
+ xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+ <para>This boolean parameter controls whether
+ <citerefentry><refentrytitle>smbd</refentrytitle>
+ <manvolnum>8</manvolnum></citerefentry> will trigger
+ smb2 oplock break notification retries when using
+ <smbconfoption name="server multi channel support">yes</smbconfoption>.
+ </para>
+
+ <para>The [MS-SMB2] specification documents that a server should
+ send smb2 oplock break notification retries on all available channel
+ to the given client.</para>
+
+ <para>But Windows Server versions (at least up to 2019) do not send
+ smb2 oplock break notification retries on channel failures.
+ That means they do not implement the behavior specified
+ in [MS-SMB2].</para>
+
+ <para>By default Samba behaves according to the specification
+ and send smb2 oplock break notification retries.</para>
+
+ <para>Warning: Only enable this option if existing clients can't
+ handle possible retries and it turns out that the Windows Server
+ behavior is required.</para>
+
+ <para>Note: it's likely that this option gets removed again
+ if future Windows versions change their behavior.</para>
+
+ <para>Note: this only applies to oplocks and not SMB2 leases.</para>
+</description>
+
+<related>server multi channel support</related>
+
+<value type="default">no</value>
+<value type="example">yes</value>
+</samba:parameter>
diff --git a/docs-xml/smbdotconf/tuning/socketoptions.xml b/docs-xml/smbdotconf/tuning/socketoptions.xml
index c0bd785cb78..d2be5148fde 100644
--- a/docs-xml/smbdotconf/tuning/socketoptions.xml
+++ b/docs-xml/smbdotconf/tuning/socketoptions.xml
@@ -71,6 +71,7 @@
<listitem><para>TCP_KEEPALIVE_THRESHOLD *</para></listitem>
<listitem><para>TCP_KEEPALIVE_ABORT_THRESHOLD *</para></listitem>
<listitem><para>TCP_DEFER_ACCEPT *</para></listitem>
+ <listitem><para>TCP_USER_TIMEOUT *</para></listitem>
</itemizedlist>
<para>Those marked with a <emphasis>'*'</emphasis> take an integer
diff --git a/lib/util/util_net.c b/lib/util/util_net.c
index 6cfb35c87a4..ad6ee792084 100644
--- a/lib/util/util_net.c
+++ b/lib/util/util_net.c
@@ -1035,6 +1035,9 @@ static const smb_socket_option socket_options[] = {
#endif
#ifdef TCP_DEFER_ACCEPT
{"TCP_DEFER_ACCEPT", IPPROTO_TCP, TCP_DEFER_ACCEPT, 0, OPT_INT},
+#endif
+#ifdef TCP_USER_TIMEOUT
+ {"TCP_USER_TIMEOUT", IPPROTO_TCP, TCP_USER_TIMEOUT, 0, OPT_INT},
#endif
{NULL,0,0,0,0}};
diff --git a/libcli/smb/smb_constants.h b/libcli/smb/smb_constants.h
index ee350d14154..b424b13cde4 100644
--- a/libcli/smb/smb_constants.h
+++ b/libcli/smb/smb_constants.h
@@ -582,6 +582,14 @@ enum csc_policy {
(FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0200 | FSCTL_METHOD_BUFFERED)
#define FSCTL_VALIDATE_NEGOTIATE_INFO (FSCTL_NETWORK_FILESYSTEM | FSCTL_ACCESS_ANY | 0x0204 | FSCTL_METHOD_BUFFERED)
+/*
+ * For testing various details we use special codes via
+ * smbtorture in order to test failures
+ */
+#define FSCTL_SMBTORTURE 0x83840000
+#define FSCTL_SMBTORTURE_FORCE_UNACKED_TIMEOUT \
+ (FSCTL_SMBTORTURE | FSCTL_ACCESS_WRITE | 0x0000 | FSCTL_METHOD_NEITHER)
+
/*
* A few values from [MS-FSCC] 2.1.2.1 Reparse Tags
*/
diff --git a/selftest/knownfail b/selftest/knownfail
index c5f1f447838..4fe503f4cc1 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -160,7 +160,7 @@
^samba4.smb2.oplock.levelii500\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.levelii502\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.brl1\(.*\)$ # samba 4 oplocks are a mess
-^samba4.smb2.oplock.batch22\(.*\)$ # samba 4 oplocks are a mess
+^samba4.smb2.oplock.batch22.\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.batch19\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.batch12\(.*\)$ # samba 4 oplocks are a mess
^samba4.smb2.oplock.batch11\(.*\)$ # samba 4 oplocks are a mess
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 2e2f74efb79..79feaa188ed 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -2204,6 +2204,7 @@ sub provision($$)
bind interfaces only = yes
panic action = cd $self->{srcdir} && $self->{srcdir}/selftest/gdb_backtrace %d %\$(MAKE_TEST_BINARY)
smbd:suicide mode = yes
+ smbd:FSCTL_SMBTORTURE = yes
client min protocol = SMB2_02
server min protocol = SMB2_02
diff --git a/source3/include/ctdbd_conn.h b/source3/include/ctdbd_conn.h
index 7aaab4e6bd2..b77dd06fd09 100644
--- a/source3/include/ctdbd_conn.h
+++ b/source3/include/ctdbd_conn.h
@@ -85,6 +85,14 @@ int ctdbd_register_ips(struct ctdbd_connection *conn,
void *private_data),
void *private_data);
+struct ctdb_public_ip_list_old;
+int ctdbd_control_get_public_ips(struct ctdbd_connection *conn,
+ uint32_t flags,
+ TALLOC_CTX *mem_ctx,
+ struct ctdb_public_ip_list_old **_ips);
+bool ctdbd_find_in_public_ips(const struct ctdb_public_ip_list_old *ips,
+ const struct sockaddr_storage *ip);
+
int ctdbd_control_local(struct ctdbd_connection *conn, uint32_t opcode,
uint64_t srvid, uint32_t flags, TDB_DATA data,
TALLOC_CTX *mem_ctx, TDB_DATA *outdata,
diff --git a/source3/include/local.h b/source3/include/local.h
index 82c3325008c..297e5572fdb 100644
--- a/source3/include/local.h
+++ b/source3/include/local.h
@@ -128,7 +128,7 @@
/* Timout (in seconds) to wait for an oplock break
message to return from the client. */
-#define OPLOCK_BREAK_TIMEOUT 30
+#define OPLOCK_BREAK_TIMEOUT 35
/* Timout (in seconds) to add to the oplock break timeout
to wait for the smbd to smbd message to return. */
diff --git a/source3/lib/ctdb_dummy.c b/source3/lib/ctdb_dummy.c
index 144c8507758..062fa999b06 100644
--- a/source3/lib/ctdb_dummy.c
+++ b/source3/lib/ctdb_dummy.c
@@ -62,6 +62,21 @@ int ctdbd_register_ips(struct ctdbd_connection *conn,
return ENOSYS;
}
+int ctdbd_control_get_public_ips(struct ctdbd_connection *conn,
+ uint32_t flags,
+ TALLOC_CTX *mem_ctx,
+ struct ctdb_public_ip_list_old **_ips)
+{
+ *_ips = NULL;
+ return ENOSYS;
+}
+
+bool ctdbd_find_in_public_ips(const struct ctdb_public_ip_list_old *ips,
+ const struct sockaddr_storage *ip)
+{
+ return false;
+}
+
bool ctdbd_process_exists(struct ctdbd_connection *conn, uint32_t vnn,
pid_t pid, uint64_t unique_id)
{
diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index f258f1109ed..a4a9f4e0cae 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -24,6 +24,7 @@
#include "serverid.h"
#include "ctdbd_conn.h"
#include "system/select.h"
+#include "lib/util/util_net.h"
#include "lib/util/sys_rw_data.h"
#include "lib/util/iov_buf.h"
#include "lib/util/select.h"
@@ -275,10 +276,17 @@ uint32_t ctdbd_vnn(const struct ctdbd_connection *conn)
static int ctdbd_connect(const char *sockname, int *pfd)
{
- struct sockaddr_un addr = { 0, };
+ struct samba_sockaddr addr = {
+ .sa_socklen = sizeof(struct sockaddr_un),
+ .u = {
+ .un = {
+ .sun_family = AF_UNIX,
+ },
+ },
+ };
int fd;
- socklen_t salen;
size_t namelen;
+ int ret;
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd == -1) {
@@ -287,19 +295,18 @@ static int ctdbd_connect(const char *sockname, int *pfd)
return err;
}
- addr.sun_family = AF_UNIX;
-
- namelen = strlcpy(addr.sun_path, sockname, sizeof(addr.sun_path));
- if (namelen >= sizeof(addr.sun_path)) {
+ namelen = strlcpy(addr.u.un.sun_path,
+ sockname,
+ sizeof(addr.u.un.sun_path));
+ if (namelen >= sizeof(addr.u.un.sun_path)) {
DEBUG(3, ("%s: Socket name too long: %s\n", __func__,
sockname));
close(fd);
return ENAMETOOLONG;
}
- salen = sizeof(struct sockaddr_un);
-
- if (connect(fd, (struct sockaddr *)(void *)&addr, salen) == -1) {
+ ret = connect(fd, &addr.u.sa, addr.sa_socklen);
+ if (ret == -1) {
int err = errno;
DEBUG(1, ("connect(%s) failed: %s\n", sockname,
strerror(err)));
@@ -1162,16 +1169,85 @@ int ctdbd_register_ips(struct ctdbd_connection *conn,
* can send an extra ack to trigger a reset for our client, so it
* immediately reconnects
*/
- ret = ctdbd_control(conn, CTDB_CURRENT_NODE,
- CTDB_CONTROL_TCP_CLIENT, 0,
- CTDB_CTRL_FLAG_NOREPLY, data, NULL, NULL,
- NULL);
+ ret = ctdbd_control_local(conn,
+ CTDB_CONTROL_TCP_CLIENT, 0,
+ CTDB_CTRL_FLAG_NOREPLY, data, NULL, NULL,
+ NULL);
if (ret != 0) {
return ret;
}
return 0;
}
+int ctdbd_control_get_public_ips(struct ctdbd_connection *conn,
+ uint32_t flags,
+ TALLOC_CTX *mem_ctx,
+ struct ctdb_public_ip_list_old **_ips)
+{
+ struct ctdb_public_ip_list_old *ips = NULL;
+ TDB_DATA outdata;
+ int32_t cstatus = -1;
+ size_t min_dsize;
+ size_t max_ips;
+ int ret;
+
+ *_ips = NULL;
+
+ ret = ctdbd_control_local(conn,
+ CTDB_CONTROL_GET_PUBLIC_IPS,
+ 0, /* srvid */
+ flags,
+ tdb_null, /* indata */
+ mem_ctx,
+ &outdata,
+ &cstatus);
+ if (ret != 0 || cstatus != 0) {
+ DBG_ERR("ctdb_control for getpublicips failed ret:%d cstatus:%d\n",
+ ret, (int)cstatus);
+ return -1;
+ }
+
+ min_dsize = offsetof(struct ctdb_public_ip_list_old, ips);
+ if (outdata.dsize < min_dsize) {
+ DBG_ERR("outdata.dsize=%zu < min_dsize=%zu\n",
+ outdata.dsize, min_dsize);
+ return -1;
+ }
+ max_ips = (outdata.dsize - min_dsize)/sizeof(struct ctdb_public_ip);
+ ips = (struct ctdb_public_ip_list_old *)outdata.dptr;
+ if ((size_t)ips->num > max_ips) {
+ DBG_ERR("ips->num=%zu > max_ips=%zu\n",
+ (size_t)ips->num, max_ips);
+ return -1;
+ }
+
+ *_ips = ips;
+ return 0;
+}
+
+bool ctdbd_find_in_public_ips(const struct ctdb_public_ip_list_old *ips,
+ const struct sockaddr_storage *ip)
+{
+ uint32_t i;
+
+ for (i=0; i < ips->num; i++) {
+ struct samba_sockaddr tmp = {
+ .u = {
+ .ss = *ip,
+ },
+ };
+ bool match;
+
+ match = sockaddr_equal(&ips->ips[i].addr.sa,
+ &tmp.u.sa);
+ if (match) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
/*
call a control on the local node
*/
diff --git a/source3/librpc/idl/smbXsrv.idl b/source3/librpc/idl/smbXsrv.idl
index 2e8e2bbcd31..a74ac42b312 100644
--- a/source3/librpc/idl/smbXsrv.idl
+++ b/source3/librpc/idl/smbXsrv.idl
@@ -142,6 +142,11 @@ interface smbXsrv
[ignore] struct smbXsrv_connection *connections;
boolean8 server_multi_channel_enabled;
hyper next_channel_id;
+
+ /*
+ * A List of pending breaks.
+ */
+ [ignore] struct smbXsrv_pending_break *pending_breaks;
} smbXsrv_client;
typedef union {
@@ -279,6 +284,7 @@ interface smbXsrv
uint8 in_security_mode;
NTTIME creation_time;
NTTIME idle_time;
+ hyper channel_id;
} smbXsrv_session_auth0;
typedef struct {
diff --git a/source3/locking/leases_util.c b/source3/locking/leases_util.c
index d307f420c7c..cb62bffbd7d 100644
--- a/source3/locking/leases_util.c
+++ b/source3/locking/leases_util.c
@@ -90,5 +90,5 @@ bool fsp_lease_type_is_exclusive(struct files_struct *fsp)
const struct GUID *fsp_client_guid(const files_struct *fsp)
{
- return &fsp->conn->sconn->client->connections->smb2.client.guid;
+ return &fsp->conn->sconn->client->global->client_guid;
}
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index 2a963439bef..fcf33a699c6 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -229,6 +229,12 @@ void smbd_server_connection_terminate_ex(struct smbXsrv_connection *xconn,
#define smbd_server_connection_terminate(xconn, reason) \
smbd_server_connection_terminate_ex(xconn, reason, __location__)
+void smbd_server_disconnect_client_ex(struct smbXsrv_client *client,
+ const char *reason,
+ const char *location);
+#define smbd_server_disconnect_client(__client, __reason) \
+ smbd_server_disconnect_client_ex(__client, __reason, __location__)
+
const char *smb2_opcode_name(uint16_t opcode);
bool smbd_is_smb2_header(const uint8_t *inbuf, size_t size);
bool smbd_smb2_is_compound(const struct smbd_smb2_request *req);
@@ -244,6 +250,8 @@ NTSTATUS smbd_smb2_process_negprot(struct smbXsrv_connection *xconn,
DATA_BLOB smbd_smb2_generate_outbody(struct smbd_smb2_request *req, size_t size);
+bool smbXsrv_server_multi_channel_enabled(void);
+
NTSTATUS smbd_smb2_request_error_ex(struct smbd_smb2_request *req,
NTSTATUS status,
DATA_BLOB *info,
@@ -257,12 +265,10 @@ NTSTATUS smbd_smb2_request_done_ex(struct smbd_smb2_request *req,
#define smbd_smb2_request_done(req, body, dyn) \
smbd_smb2_request_done_ex(req, NT_STATUS_OK, body, dyn, __location__)
-NTSTATUS smbd_smb2_send_oplock_break(struct smbXsrv_connection *xconn,
- struct smbXsrv_session *session,
- struct smbXsrv_tcon *tcon,
+NTSTATUS smbd_smb2_send_oplock_break(struct smbXsrv_client *client,
struct smbXsrv_open *op,
uint8_t oplock_level);
-NTSTATUS smbd_smb2_send_lease_break(struct smbXsrv_connection *xconn,
+NTSTATUS smbd_smb2_send_lease_break(struct smbXsrv_client *client,
uint16_t new_epoch,
uint32_t lease_flags,
struct smb2_lease_key *lease_key,
@@ -355,6 +361,7 @@ struct smbXsrv_connection {
const struct tsocket_address *local_address;
const struct tsocket_address *remote_address;
const char *remote_hostname;
+ bool has_ctdb_public_ip;
enum protocol_types protocol;
@@ -368,6 +375,14 @@ struct smbXsrv_connection {
} nbt;
} transport;
+ struct {
+ bool force_unacked_timeout;
+ uint64_t unacked_bytes;
+ uint32_t rto_usecs;
+ struct tevent_req *checker_subreq;
+ struct smbd_smb2_send_queue *queue;
+ } ack;
+
struct {
struct {
/*
@@ -678,10 +693,17 @@ struct smbd_smb2_send_queue {
struct smbd_smb2_send_queue *prev, *next;
DATA_BLOB *sendfile_header;
+ uint32_t sendfile_body_size;
NTSTATUS *sendfile_status;
struct iovec *vector;
int count;
+ struct {
+ struct tevent_req *req;
+ struct timeval timeout;
+ uint64_t required_acked_bytes;
+ } ack;
+
TALLOC_CTX *mem_ctx;
};
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index fa3d21fe38e..79b72784249 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -5444,7 +5444,7 @@ static NTSTATUS lease_match(connection_struct *conn,
state.id = vfs_file_id_from_sbuf(conn, &fname->st);
}
- status = leases_db_parse(&sconn->client->connections->smb2.client.guid,
+ status = leases_db_parse(&sconn->client->global->client_guid,
lease_key, lease_match_parser, &state);
if (!NT_STATUS_IS_OK(status)) {
/*
diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c
index 1c1510f3aab..a83a076152d 100644
--- a/source3/smbd/oplock.c
+++ b/source3/smbd/oplock.c
@@ -335,7 +335,7 @@ static void lease_timeout_handler(struct tevent_context *ctx,
DEBUG(1, ("lease break timed out for file %s -- replying anyway\n",
fsp_str_dbg(fsp)));
- (void)downgrade_lease(lease->sconn->client->connections,
+ (void)downgrade_lease(lease->sconn->client,
1,
&fsp->file_id,
&lease->lease.lease_key,
@@ -409,7 +409,7 @@ bool fsp_lease_update(struct files_struct *fsp)
struct downgrade_lease_additional_state {
struct tevent_immediate *im;
- struct smbXsrv_connection *xconn;
+ struct smbXsrv_client *client;
uint32_t break_flags;
struct smb2_lease_key lease_key;
uint32_t break_from;
@@ -424,10 +424,9 @@ static void downgrade_lease_additional_trigger(struct tevent_context *ev,
struct downgrade_lease_additional_state *state =
talloc_get_type_abort(private_data,
struct downgrade_lease_additional_state);
- struct smbXsrv_connection *xconn = state->xconn;
NTSTATUS status;
- status = smbd_smb2_send_lease_break(xconn,
+ status = smbd_smb2_send_lease_break(state->client,
state->new_epoch,
state->break_flags,
--
Samba Shared Repository
More information about the samba-cvs
mailing list