[PATCHES BUG 13407] rpc_server: Fix NetSessEnum with stale sessions
Jeremy Allison
jra at samba.org
Wed Apr 25 17:58:20 UTC 2018
On Wed, Apr 25, 2018 at 10:21:31AM -0700, Christof Schmitt via samba-technical wrote:
> The problem here is that sessions entries in smbXsrv_global_session do
> not expire. smbstatus -p filters out the stale sessions with a process
> check. This is missing for NetSessEnum; adding this seems to be the
> easiest fix, assuming that this does not happen often.
>
> The other approach would be to run a clean up on the database, e.g. in
> cleanupd after a process crash, but that would require traversing the
> database and checking all processes.
Good (and correct IMHO) fix. Thanks Christof ! RB+ and pushed
to autobuild. Thanks a lot for the tests too.
> From 8d936e431088805794bcce43720b81ba5b489568 Mon Sep 17 00:00:00 2001
> From: Christof Schmitt <cs at samba.org>
> Date: Tue, 24 Apr 2018 12:18:49 -0700
> Subject: [PATCH 1/3] rpcclient: Print number of entries for NetSessEnum
>
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
>
> Signed-off-by: Christof Schmitt <cs at samba.org>
> ---
> source3/rpcclient/cmd_srvsvc.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/source3/rpcclient/cmd_srvsvc.c b/source3/rpcclient/cmd_srvsvc.c
> index e7929e7..f78fb9a1 100644
> --- a/source3/rpcclient/cmd_srvsvc.c
> +++ b/source3/rpcclient/cmd_srvsvc.c
> @@ -883,6 +883,8 @@ static WERROR cmd_srvsvc_net_sess_enum(struct rpc_pipe_client *cli,
> goto done;
> }
>
> + d_printf("Received %d entries.\n", total_entries);
> +
> done:
> return result;
> }
> --
> 1.8.3.1
>
>
> From e10b4c3a2e8e5345e3a1928a2e836986847754f7 Mon Sep 17 00:00:00 2001
> From: Christof Schmitt <cs at samba.org>
> Date: Tue, 24 Apr 2018 13:52:59 -0700
> Subject: [PATCH 2/3] selftest: Add testcase for querying sessions after smbd
> crash
>
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
>
> Signed-off-by: Christof Schmitt <cs at samba.org>
> ---
> selftest/knownfail | 1 +
> source3/script/tests/test_rpcclient_netsessenum.sh | 55 ++++++++++++++++++++++
> source3/selftest/tests.py | 6 +++
> 3 files changed, 62 insertions(+)
> create mode 100755 source3/script/tests/test_rpcclient_netsessenum.sh
>
> diff --git a/selftest/knownfail b/selftest/knownfail
> index a2aeed2..44bdbd8 100644
> --- a/selftest/knownfail
> +++ b/selftest/knownfail
> @@ -343,3 +343,4 @@
> # Disabling NTLM means you can't use samr to change the password
> ^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\)
> ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\)
> +^samba3.blackbox.rpcclient_netsessenum.count2\(ad_member\)
> diff --git a/source3/script/tests/test_rpcclient_netsessenum.sh b/source3/script/tests/test_rpcclient_netsessenum.sh
> new file mode 100755
> index 0000000..9abb3ae
> --- /dev/null
> +++ b/source3/script/tests/test_rpcclient_netsessenum.sh
> @@ -0,0 +1,55 @@
> +#!/bin/sh
> +#
> +# Blackbox tests for the rpcclient srvsvc commands
> +#
> +# Copyright (C) 2018 Christof Schmitt
> +
> +if [ $# -lt 6 ]; then
> +cat <<EOF
> +Usage: $0 DOMAIN ADMIN_USER ADMIN_PASSWORD SERVER RPCCLIENT SMBTORTURE3 SHARE
> +EOF
> +exit 1;
> +fi
> +
> +DOMAIN="$1"
> +ADMIN_USER="$2"
> +ADMIN_PASSWORD="$3"
> +SERVER="$4"
> +RPCCLIENT="$5"
> +SMBTORTURE3="$6"
> +SHARE="$7"
> +
> +USERPASS="-U$DOMAIN/$ADMIN_USER%$ADMIN_PASSWORD"
> +RPCCLIENTCMD="$RPCCLIENT $SERVER $USERPASS"
> +
> +incdir=$(dirname $0)/../../../testprogs/blackbox
> +. $incdir/subunit.sh
> +
> +failed=0
> +
> +#
> +# Verify initial number of sessions.
> +#
> +$RPCCLIENTCMD -c NetSessEnum | grep Received
> +RC=$?
> +testit "netsessenum" test $RC = 0 || failed=$(expr $failed + 1)
> +
> +OUT=$($RPCCLIENTCMD -c NetSessEnum | grep Received)
> +test "$OUT" = "Received 1 entries."
> +RC=$?
> +testit "count1" test $RC -eq 0 || failed=$(expr $failed + 1)
> +
> +#
> +# Inject smbd crash
> +#
> +$SMBTORTURE3 //"$SERVER"/"$SHARE" "$USERPASS" CLEANUP1
> +
> +#
> +# Verify number of sessions after crash
> +#
> +OUT=$($RPCCLIENTCMD -c NetSessEnum | grep Received)
> +test "$OUT" = "Received 1 entries."
> +RC=$?
> +testit "count2" test $RC -eq 0 || failed=$(expr $failed + 1)
> +
> +testok $0 $failed
> diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
> index 06bda70..810cb5e 100755
> --- a/source3/selftest/tests.py
> +++ b/source3/selftest/tests.py
> @@ -639,6 +639,12 @@ plantestsuite("samba3.blackbox.smbclient.encryption_off", "simpleserver",
> "$USERNAME", "$PASSWORD", "$SERVER",
> smbclient3])
>
> +plantestsuite("samba3.blackbox.rpcclient_netsessenum", "ad_member",
> + [os.path.join(samba3srcdir,
> + "script/tests/test_rpcclient_netsessenum.sh"),
> + "$DOMAIN", "$DC_USERNAME", "$DC_PASSWORD", "$SERVER",
> + os.path.join(bindir(), "rpcclient"), smbtorture3, "tmp"])
> +
> # The ktest environment uses:
> # server min protocol = SMB3_00
> # client max protocol = SMB3
> --
> 1.8.3.1
>
>
> From eab0119b464622945d0fb4130027baec495eb193 Mon Sep 17 00:00:00 2001
> From: Christof Schmitt <cs at samba.org>
> Date: Tue, 24 Apr 2018 13:53:41 -0700
> Subject: [PATCH 3/3] rpc_server: Fix NetSessEnum with stale sessions
>
> BUG: https://bugzilla.samba.org/show_bug.cgi?id=13407
>
> Signed-off-by: Christof Schmitt <cs at samba.org>
> ---
> selftest/knownfail | 1 -
> source3/smbd/session.c | 4 ++++
> 2 files changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/selftest/knownfail b/selftest/knownfail
> index 44bdbd8..a2aeed2 100644
> --- a/selftest/knownfail
> +++ b/selftest/knownfail
> @@ -343,4 +343,3 @@
> # Disabling NTLM means you can't use samr to change the password
> ^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\)
> ^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\)
> -^samba3.blackbox.rpcclient_netsessenum.count2\(ad_member\)
> diff --git a/source3/smbd/session.c b/source3/smbd/session.c
> index 4ddb856..8b4c660 100644
> --- a/source3/smbd/session.c
> +++ b/source3/smbd/session.c
> @@ -139,6 +139,10 @@ static int gather_sessioninfo(const char *key, struct sessionid *session,
> return 0;
> }
>
> + if (!process_exists(session->pid)) {
> + return 0;
> + }
> +
> sesslist->sessions = talloc_realloc(
> sesslist->mem_ctx, sesslist->sessions, struct sessionid,
> sesslist->count+1);
> --
> 1.8.3.1
>
More information about the samba-technical
mailing list