[PATCHES BUG 13407] rpc_server: Fix NetSessEnum with stale sessions

Jeremy Allison jra at samba.org
Wed Apr 25 17:58:20 UTC 2018 

On Wed, Apr 25, 2018 at 10:21:31AM -0700, Christof Schmitt via samba-technical wrote:
> The problem here is that sessions entries in smbXsrv_global_session do
> not expire. smbstatus -p filters out the stale sessions with a process
> check. This is missing for NetSessEnum; adding this seems to be the
> easiest fix, assuming that this does not happen often.
> 
> The other approach would be to run a clean up on the database, e.g. in
> cleanupd after a process crash, but that would require traversing the
> database and checking all processes.

Good (and correct IMHO) fix. Thanks Christof ! RB+ and pushed
to autobuild. Thanks a lot for the tests too.

> From 8d936e431088805794bcce43720b81ba5b489568 Mon Sep 17 00:00:00 2001
> From: Christof Schmitt <cs at samba.org>
> Date: Tue, 24 Apr 2018 12:18:49 -0700
> Subject: [PATCH 1/3] rpcclient: Print number of entries for NetSessEnum
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
> 
> Signed-off-by: Christof Schmitt <cs at samba.org>
> ---
>  source3/rpcclient/cmd_srvsvc.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c
> index e7929e7..f78fb9a1 100644
> --- a/source3/rpcclient/cmd_srvsvc.c
> +++ b/source3/rpcclient/cmd_srvsvc.c
> @@ -883,6 +883,8 @@ static WERROR cmd_srvsvc_net_sess_enum(struct rpc_pipe_client *cli,
>  		goto done;
>  	}
>  
> +	d_printf("Received %d entries.\n", total_entries);
> +
>   done:
>  	return result;
>  }
> -- 
> 1.8.3.1
> 
> 
> From e10b4c3a2e8e5345e3a1928a2e836986847754f7 Mon Sep 17 00:00:00 2001
> From: Christof Schmitt <cs at samba.org>
> Date: Tue, 24 Apr 2018 13:52:59 -0700
> Subject: [PATCH 2/3] selftest: Add testcase for querying sessions after smbd
>  crash
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
> 
> Signed-off-by: Christof Schmitt <cs at samba.org>
> ---
>  selftest/knownfail                                 |  1 +
>  source3/script/tests/test_rpcclient_netsessenum.sh | 55 ++++++++++++++++++++++
>  source3/selftest/tests.py                          |  6 +++
>  3 files changed, 62 insertions(+)
>  create mode 100755 source3/script/tests/test_rpcclient_netsessenum.sh
> 
> diff --git a/selftest/knownfail b/selftest/knownfail
> index a2aeed2..44bdbd8 100644
> --- a/selftest/knownfail
> +++ b/selftest/knownfail
> @@ -343,3 +343,4 @@
>  # Disabling NTLM means you can't use samr to change the password
>  ^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\)
>  ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\)
> +^samba3.blackbox.rpcclient_netsessenum.count2\(ad_member\)
> diff --git a/source3/script/tests/test_rpcclient_netsessenum.sh b/source3/script/tests/test_rpcclient_netsessenum.sh
> new file mode 100755
> index 0000000..9abb3ae
> --- /dev/null
> +++ b/source3/script/tests/test_rpcclient_netsessenum.sh
> @@ -0,0 +1,55 @@
> +#!/bin/sh
> +#
> +# Blackbox tests for the rpcclient srvsvc commands
> +#
> +# Copyright (C) 2018 Christof Schmitt
> +
> +if [ $# -lt 6 ]; then
> +cat <<EOF
> +Usage: $0 DOMAIN ADMIN_USER ADMIN_PASSWORD SERVER RPCCLIENT SMBTORTURE3 SHARE
> +EOF
> +exit 1;
> +fi
> +
> +DOMAIN="$1"
> +ADMIN_USER="$2"
> +ADMIN_PASSWORD="$3"
> +SERVER="$4"
> +RPCCLIENT="$5"
> +SMBTORTURE3="$6"
> +SHARE="$7"
> +
> +USERPASS="-U$DOMAIN/$ADMIN_USER%$ADMIN_PASSWORD"
> +RPCCLIENTCMD="$RPCCLIENT $SERVER $USERPASS"
> +
> +incdir=$(dirname $0)/../../../testprogs/blackbox
> +. $incdir/subunit.sh
> +
> +failed=0
> +
> +#
> +# Verify initial number of sessions.
> +#
> +$RPCCLIENTCMD -c NetSessEnum | grep Received
> +RC=$?
> +testit "netsessenum" test $RC = 0 || failed=$(expr $failed + 1)
> +
> +OUT=$($RPCCLIENTCMD -c NetSessEnum | grep Received)
> +test "$OUT" = "Received 1 entries."
> +RC=$?
> +testit "count1" test $RC -eq 0  || failed=$(expr $failed + 1)
> +
> +#
> +# Inject smbd crash
> +#
> +$SMBTORTURE3 //"$SERVER"/"$SHARE" "$USERPASS" CLEANUP1
> +
> +#
> +# Verify number of sessions after crash
> +#
> +OUT=$($RPCCLIENTCMD -c NetSessEnum | grep Received)
> +test "$OUT" = "Received 1 entries."
> +RC=$?
> +testit "count2" test $RC -eq 0  || failed=$(expr $failed + 1)
> +
> +testok $0 $failed
> diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
> index 06bda70..810cb5e 100755
> --- a/source3/selftest/tests.py
> +++ b/source3/selftest/tests.py
> @@ -639,6 +639,12 @@ plantestsuite("samba3.blackbox.smbclient.encryption_off", "simpleserver",
>                 "$USERNAME", "$PASSWORD", "$SERVER",
>                 smbclient3])
>  
> +plantestsuite("samba3.blackbox.rpcclient_netsessenum", "ad_member",
> +              [os.path.join(samba3srcdir,
> +                            "script/tests/test_rpcclient_netsessenum.sh"),
> +               "$DOMAIN", "$DC_USERNAME", "$DC_PASSWORD", "$SERVER",
> +               os.path.join(bindir(), "rpcclient"), smbtorture3, "tmp"])
> +
>  # The ktest environment uses:
>  # server min protocol = SMB3_00
>  # client max protocol = SMB3
> -- 
> 1.8.3.1
> 
> 
> From eab0119b464622945d0fb4130027baec495eb193 Mon Sep 17 00:00:00 2001
> From: Christof Schmitt <cs at samba.org>
> Date: Tue, 24 Apr 2018 13:53:41 -0700
> Subject: [PATCH 3/3] rpc_server: Fix NetSessEnum with stale sessions
> 
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
> 
> Signed-off-by: Christof Schmitt <cs at samba.org>
> ---
>  selftest/knownfail     | 1 -
>  source3/smbd/session.c | 4 ++++
>  2 files changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/selftest/knownfail b/selftest/knownfail
> index 44bdbd8..a2aeed2 100644
> --- a/selftest/knownfail
> +++ b/selftest/knownfail
> @@ -343,4 +343,3 @@
>  # Disabling NTLM means you can't use samr to change the password
>  ^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\)
>  ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\)
> -^samba3.blackbox.rpcclient_netsessenum.count2\(ad_member\)
> diff --git a/source3/smbd/session.c b/source3/smbd/session.c
> index 4ddb856..8b4c660 100644
> --- a/source3/smbd/session.c
> +++ b/source3/smbd/session.c
> @@ -139,6 +139,10 @@ static int gather_sessioninfo(const char *key, struct sessionid *session,
>  		return 0;
>  	}
>  
> +	if (!process_exists(session->pid)) {
> +		return 0;
> +	}
> +
>  	sesslist->sessions = talloc_realloc(
>  		sesslist->mem_ctx, sesslist->sessions, struct sessionid,
>  		sesslist->count+1);
> -- 
> 1.8.3.1
>

More information about the samba-technical mailing list