Handling DCERPC Broken Connections in Endpoint Server

Mon Mar 19 14:14:08 UTC 2018

Patch is pretty simple, it's at the end.

I'm seeing this issue with OpenChange's MAPIProxy module.  I'm running
MAPIProxy as a true proxy (dcerpc_mapiproxy:server = false in smb.conf).
I'm trying to update MAPIProxy to support multi process mode when running
as a proxy since it doesn't need any handles.  It all works well except
Outlook uses an async RPC call and this causes the connection to be placed
on the broken connections list and the process hangs around forever.  The
MAPIProxy module can be updated to call  dcesrv_cleanup_broken_connections at
the end of dcerpc_binding_handle_async_call_done.  (dcesrv_mapiproxy.c).

Murray

diff --git a/source4/rpc_server/dcerpc_server.c
b/source4/rpc_server/dcerpc_server.c
index 6a985c5c63c..f2f83234b16 100644
--- a/source4/rpc_server/dcerpc_server.c
+++ b/source4/rpc_server/dcerpc_server.c
@@ -2413,7 +2413,7 @@ static void dcesrv_terminate_connection(struct
dcesrv_connection *dce_conn, cons
        DLIST_ADD_END(dce_ctx->broken_connections, dce_conn);
 }

-static void dcesrv_cleanup_broken_connections(struct dcesrv_context
*dce_ctx)
+_PUBLIC_ void dcesrv_cleanup_broken_connections(struct dcesrv_context
*dce_ctx)
 {
        struct dcesrv_connection *cur, *next;

diff --git a/source4/rpc_server/dcerpc_server.h
b/source4/rpc_server/dcerpc_server.h
index c038075e0dd..2988ccb3547 100644
--- a/source4/rpc_server/dcerpc_server.h
+++ b/source4/rpc_server/dcerpc_server.h
@@ -493,4 +493,6 @@ _PUBLIC_ NTSTATUS
dcesrv_interface_bind_reject_connect(struct dcesrv_call_state
 _PUBLIC_ NTSTATUS dcesrv_interface_bind_allow_connect(struct
dcesrv_call_state *dce_call,
                                                      const struct
dcesrv_interface *iface);

+_PUBLIC_ void dcesrv_cleanup_broken_connections(struct dcesrv_context
*dce_ctx);
+
 #endif /* SAMBA_DCERPC_SERVER_H */


On Mon, Mar 12, 2018 at 8:20 PM, Andrew Bartlett <abartlet at samba.org> wrote:

> On Fri, 2018-03-09 at 15:37 -0500, Murray McCulligh via samba-technical
> wrote:
> > Currently if a connection is broken and an async RPC call is pending,
> > the connection is placed on the broken connections list.  These are
> > cleaned up if a future connection is created.  However if the
> > standard process model (multi-process) is being used by and endpoint
> > server no future connections will be created in that same process and
> > the connection is never cleaned up.
> >
> > Is it possible to make dcesrv_cleanup_broken_connections
> > (source4/rpc_server/dcerpc_server.c) a public method?  (Adding to the
> > header and adding _PUBLIC_ to the function definition)
> >
> > This would allow the endpoint server to call it if it detects the
> > async RPC call is complete.
> >
> > I don’t see any obvious issues with this change, there are other
> > functions such as dcesrv_reply that are public to complete the async
> > RPC call.
>
> That sound reasonable Murray.  Could you come up with a patch and
> ideally a test case?
>
> Where in particular are you seeing this, and what happens?  (To better
> understand your use case).
>
> Thanks,
>
> Andrew Bartlett
> --
> Andrew Bartlett
> https://samba.org/~abartlet/
> Authentication Developer, Samba Team         https://samba.org
> Samba Development and Support, Catalyst IT
> https://catalyst.net.nz/services/samba
>
>
>
>
>
