1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Commit Graph

73 Commits

Author SHA1 Message Date
Volker Lendecke
b6b0c0cb7e lib: Use FIONREAD in wait_for_read_send/recv
ENOTSOCK looks ugly in straces...

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-03-16 17:09:31 +00:00
Volker Lendecke
e593f96960 lib: Make accept_recv() return the listening socket
This is helpful if you are in a listening loop with the same receiver
for many sockets doing the same thing.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-22 19:54:38 +00:00
Volker Lendecke
40e4958953 lib: Make accept_recv() return struct samba_sockaddr
Avoid casting problems by using the samba_sockaddr union

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-01-22 19:54:38 +00:00
Volker Lendecke
4524daafb8 lib: Fix a valgrind error
I just came across this failure with a new test:

==16654== Invalid read of size 4
==16654==    at 0x4950947: tevent_req_is_in_progress (tevent_req.c:270)
==16654==    by 0x5AEEE8F: writev_trigger (async_sock.c:375)
==16654==    by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
==16654==    by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
==16654==    by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
==16654==    by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
==16654==    by 0x495665A: std_event_loop_once (tevent_standard.c:110)
==16654==    by 0x494DFCE: _tevent_loop_once (tevent.c:772)
==16654==    by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
==16654==    by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==16654==    by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
==16654==    by 0x161BC5: run_test (torture.c:14896)
==16654==    by 0x162726: main (torture.c:15136)
==16654==  Address 0x91bb878 is 216 bytes inside a block of size 853 free'd
==16654==    at 0x48369AB: free (vg_replace_malloc.c:530)
==16654==    by 0x49B405E: _tc_free_internal (talloc.c:1221)
==16654==    by 0x49B4116: _talloc_free_internal (talloc.c:1247)
==16654==    by 0x49B547C: _talloc_free (talloc.c:1789)
==16654==    by 0x50ECE3B: smb2cli_req_writev_done (smbXcli_base.c:3468)
==16654==    by 0x4950648: _tevent_req_notify_callback (tevent_req.c:141)
==16654==    by 0x49507A9: tevent_req_finish (tevent_req.c:193)
==16654==    by 0x49507D6: _tevent_req_done (tevent_req.c:199)
==16654==    by 0x5AEEE28: writev_do (async_sock.c:363)
==16654==    by 0x5AEEE83: writev_trigger (async_sock.c:374)
==16654==    by 0x494F9E7: tevent_queue_immediate_trigger (tevent_queue.c:149)
==16654==    by 0x494F53C: tevent_common_invoke_immediate_handler (tevent_immediate.c:166)
==16654==    by 0x494F642: tevent_common_loop_immediate (tevent_immediate.c:203)
==16654==    by 0x4959E5E: epoll_event_loop_once (tevent_epoll.c:918)
==16654==    by 0x495665A: std_event_loop_once (tevent_standard.c:110)
==16654==    by 0x494DFCE: _tevent_loop_once (tevent.c:772)
==16654==    by 0x4950A6A: tevent_req_poll (tevent_req.c:300)
==16654==    by 0x4D166C9: tevent_req_poll_ntstatus (tevent_ntstatus.c:109)
==16654==    by 0x18C98B: run_readdir_timestamp (test_readdir_timestamp.c:489)
==16654==    by 0x161BC5: run_test (torture.c:14896)
==16654==    by 0x162726: main (torture.c:15136)
==16654==  Block was alloc'd at
==16654==    at 0x483577F: malloc (vg_replace_malloc.c:299)
==16654==    by 0x49B300F: __talloc_with_prefix (talloc.c:782)
==16654==    by 0x49B31E6: _talloc_pool (talloc.c:837)
==16654==    by 0x49B3394: _talloc_pooled_object (talloc.c:905)
==16654==    by 0x49501A6: _tevent_req_create (tevent_req.c:79)
==16654==    by 0x5AEE956: writev_send (async_sock.c:266)
==16654==    by 0x50ECBCA: smb2cli_req_compound_submit (smbXcli_base.c:3396)
==16654==    by 0x50ECD49: smb2cli_req_send (smbXcli_base.c:3447)
==16654==    by 0x50FE34F: smb2cli_create_send (smb2cli_create.c:153)
==16654==    by 0x490325E: cli_smb2_create_fnum_send (cli_smb2_fnum.c:273)
==16654==    by 0x48D0146: cli_ntcreate_send (clifile.c:2504)
==16654==    by 0x18B737: create_ts_send (test_readdir_timestamp.c:59)
==16654==    by 0x18BF77: create_ts_files_send (test_readdir_timestamp.c:253)
==16654==    by 0x18C35C: create_files_send (test_readdir_timestamp.c:336)
==16654==    by 0x18C953: run_readdir_timestamp (test_readdir_timestamp.c:482)
==16654==    by 0x161BC5: run_test (torture.c:14896)
==16654==    by 0x162726: main (torture.c:15136)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Thu Apr 23 21:53:38 UTC 2020 on sn-devel-184
2020-04-23 21:53:38 +00:00
Volker Lendecke
be394406ee lib: Try nonblocking writes in writev_send()
All callers now use nonblocking sockets, so that we can optimize by
doing early writes

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Mar 25 10:41:29 UTC 2020 on sn-devel-184
2020-03-25 10:41:29 +00:00
Volker Lendecke
79f55ba327 lib: Use optimize_empty in writev_send()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-03-25 09:04:28 +00:00
Volker Lendecke
051b7c135c lib: Simplify writev_cancel()
We can only reasonably cancel a writev request that is still
queued. Once writing has started, cancel is pointless. Simplify the
if-conditions.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2020-03-25 09:04:27 +00:00
Stefan Metzmacher
09ea7248e0 lib/async_req: remove useless "reentrant" support from async_connect_send()
Now that open_socket_out*() doesn't do the strange reentrant calls,
we can remove support for this in async_connect_send(), so that we'll
never get any new users of this.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-26 19:45:37 +00:00
Stefan Metzmacher
048a4230b2 lib/async_req: make sure we return errors early from async_connect_send/recv
While it is true that [e]poll() only needs POLLOUT
and POLLERR/POLLHUP are added implicitly.
For tevent we need TEVENT_FD_READ in order to see POLLERR/POLLHUP.

The socket becomes only readable when we hit an error.
Waiting for TEVENT_FD_WRITE is needed for getting success,
while TEVENT_FD_READ is required to get failures.

This matches what we have in tstream_bsd_connect_send().

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2020-02-26 19:45:36 +00:00
Gary Lockyer
8b3c582511 lib/async_req/async_sock.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:19 +01:00
Stefan Metzmacher
4c08920b83 lib/async_req: add writev_cancel()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:12 +02:00
Ralph Boehme
9c6a4ea278 async_req: make async_connect_send() "reentrant"
Allow callers to pass in socket fds that where already passed to an
earlier call of async_connect_send(). Callers expect this behaviour and
it was working until 05d4dbda83 broke it.

The proper fix would be to change callers to close the fd and start from
scratch with a fresh socket.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12105

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Aug  4 05:03:21 CEST 2016 on sn-devel-144
2016-08-04 05:03:21 +02:00
Volker Lendecke
467ea855cc lib: Fix a signed/unsigned mixup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-06-13 10:10:11 +02:00
Volker Lendecke
6d26d7253e lib: Add accept_send/recv
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-06-07 14:34:10 +02:00
Ralph Boehme
05d4dbda83 async_req: fix non-blocking connect()
According to Stevens UNIX Network Programming and various other sources,
the correct handling for non-blocking connect() is:

- when the initial connect() return -1/EINPROGRESS polling the socket
  for *writeability*

- in the poll handler call getsocktopt() with SO_ERROR to get the
  finished connect() return value

Simply calling connect() a second time without error checking is
probably wrong and not portable. For a successfull connect() Linux
returns 0, but Solaris will return EISCONN:

24254:   0.0336  0.0002 connect(4, 0xFEFFECAC, 16, SOV_DEFAULT) Err#150 EINPROGRESS
24254:          AF_INET  name = 10.10.10.143  port = 1024
24254:   0.0349  0.0001 port_associate(3, 4, 0x00000004, 0x0000001D,0x080648A8) = 0
24254:   0.0495  0.0146 port_getn(3, 0xFEFFEB50, 1, 1, 0xFEFFEB60) = 1 [0]
24254:   0.0497  0.0002 connect(4, 0x080646E4, 16, SOV_DEFAULT) Err#133 EISCONN
24254:          AF_INET  name = 10.10.10.143  port = 1024

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-10-20 20:22:22 +02:00
Uri Simchoni
0c6dc1ecf9 async_req: check for errors when monitoring socket for readability
Add an option to wait_for_read_send(), so that the request, upon
calling back, report whether the socket actually contains data
or is in EOF/error state. EOF is signalled via the EPIPE error.

This is useful for clients which do not expect data to arrive but
wait for readability to detect a closed socket (i.e. they do not
intend to actually read the socket when it's readable). Actual data
arrival would indicate a bug in this case, so the check can
be used to print an error message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397

Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-07-15 22:41:13 +02:00
Volker Lendecke
ddd61126fb lib: Fix CID 710685 Unchecked return value from library
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Volker Lendecke
cf598156dd lib: Fix CID 1306765 Unchecked return value from library
This one might be a bit controversial. I don't see from man fcntl how this
could fail. But if it does, we definitely do want to know about it. And here we
don't have any good way to tell our caller, so abort.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jun 16 19:22:52 CEST 2015 on sn-devel-104
2015-06-16 19:22:52 +02:00
Volker Lendecke
90eefb1779 lib: Fix CID 1306764 Unchecked return value
tevent_req_oom exists right for this case :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
2015-06-16 16:33:10 +02:00
Stefan Metzmacher
64640cc99c lib/async_req: remove the tevent_fd as early as possible via a wait_for_read_cleanup() hook
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
a2a7cbc66c lib/async_req: remove the tevent_fd as early as possible via a read_packet_cleanup() hook
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
9a116b28ba lib/async_req: use tevent_req_nomem/tevent_req_post in read_packet_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
4f05f68abc lib/async_req: s/result/req/ in read_packet_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
0c11096956 lib/async_req: remove the tevent_fd as early as possible via a writev_cleanup() hook
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
d5a4b30f89 lib/async_req: simplify async_connect_* using a _cleanup() hook
This makes sure we remove the tevent_fd as soon as possible
and always reset the old_sockflags.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
be8c2ff103 lib/async_req: s/result/req/ in async_connect_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:17 +02:00
Stefan Metzmacher
ccd038e152 lib/async_req: remove unused sendto_{send,recv} and recvfrom_{send,recv}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:17 +02:00
Volker Lendecke
a610336886 lib: Move "iov_buf.[ch]" to lib/util
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:08 +01:00
Volker Lendecke
475cfb8dee lib: Use iov_advance in writev_handler
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-30 00:25:08 +01:00
Stefan Metzmacher
94b2641a53 CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-12-09 07:05:45 +01:00
Volker Lendecke
d67e614a07 lib: Add before/after hooks to async_connect
This will facilitiate [un]become_root for smbd to connect safely to ctdbd.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-05-17 11:22:45 +02:00
Volker Lendecke
9e17e7d7f2 lib/async_req: Retry read_packet with read(2)
This way it will also work with pipes

Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri Mar 23 17:31:24 CET 2012 on sn-devel-104
2012-03-23 17:31:24 +01:00
Andrew Bartlett
d40fe50a67 build: avoid util.h as a public header name due to conflict with MacOS 2011-09-23 09:24:03 +02:00
Volker Lendecke
50e30afa60 s3: Fix bug 8385
Poll and select behave differently regarding error handling. When doing the
connect(2), we can not rely on poll telling us both readability and writability
upon error. Just always try a second connect(2). At least on Linux it returns 0
when it succeeded.

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Aug 25 19:39:12 CEST 2011 on sn-devel-104
2011-08-25 19:39:12 +02:00
Volker Lendecke
4281967990 Add wait_for_read_send/recv
Wait for readability of a socket as a tevent_req
2011-07-28 17:42:22 +02:00
Jeremy Allison
0efcc94fb8 Fix bug #8197 - winbind does not properly detect when a DC connection is dead.
Only waiting for writability doesn't get fd errors back with poll.
So always begin by selecting for readability, and if we get it then
see if bytes were available to read or it really is an error condition.

If bytes were available, remove the select on read as we know we
will retrieve the error when we've finished writing and start
reading the reply (or the write will timeout or fail).

Metze and Volker please check.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Jun  6 21:53:16 CEST 2011 on sn-devel-104
2011-06-06 21:53:16 +02:00
Matthias Dieter Wallnöfer
7d2d902d51 async_rec/async_sock.c - add an additional "const"
In order to suppress a build warning.

Acked-by: Volker and Metze

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Mar 23 10:26:23 CET 2011 on sn-devel-104
2011-03-23 10:26:23 +01:00
Volker Lendecke
65f4f22cb4 Use sockaddr_storage in async sendto/recvfrom 2010-12-29 22:44:06 +01:00
Volker Lendecke
c4b18bd860 async_send->sendto, async_recv->recvfrom 2010-12-28 12:59:11 +01:00
Stefan Metzmacher
f0d6e61977 async_sock: return -1/EPIPE if we're getting an end of file on read.
This makes the error handling in the callers easier.

metze
2009-09-21 06:04:53 +02:00
Volker Lendecke
b706265786 Fix a = vs == error in writev_handler 2009-06-15 07:48:48 +02:00
Stefan Metzmacher
faabc97c9a async_sock: try fix the source4 build on FreeBSD, Solaris, SLES8
metze
2009-06-08 09:40:06 +02:00
Volker Lendecke
a731eb64d9 Fix an uninitialized variable read in async_connect_send 2009-06-06 10:42:55 +02:00
Volker Lendecke
74330085ec Only err on readability if writev_send was explicitly asked to do so
A socket might be readable for other reasons
2009-06-04 12:05:00 +02:00
Volker Lendecke
625851a50f Handle EINTR in async_sock.c 2009-05-30 09:51:02 +02:00
Kai Blin
57ea909b32 libwbclient: Add async call framework. 2009-05-30 09:17:37 +02:00
Volker Lendecke
9d8766e176 async_sock: Change license to LGPLv3+ 2009-05-29 18:17:38 +02:00
Volker Lendecke
9de2efaa5b Change async_connect to use connect instead of getsockopt to get the error
On my Linux box, this is definitely the more reliable strategy with unix domain
sockets, and according to my tests it also works correctly with TCP sockets.
2009-05-24 13:50:54 +02:00
Volker Lendecke
a8e02b591b Add "err_on_readability" to writev_send
A socket where the other side has closed only becomes readable. To catch
errors early when sitting in a pure writev, we need to also test for
readability.
2009-05-24 13:47:29 +02:00
Volker Lendecke
1a69ba8945 Allow NULL queue to writev_send 2009-05-24 13:45:35 +02:00