1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Commit Graph

112 Commits

Author SHA1 Message Date
Swen Schillig
b8f7f42565 ctdb: Remove double sanity checks from ctdb_tcp_read_cb
Within ctdb_tcp_read_cb the provided data is checked for sanity,
e.g. correct size and content. This is not required because it was
done already by the caller(queue_process).

Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Martin Schwenke <martins@samba.org>
Autobuild-Date(master): Wed Apr  4 09:31:04 CEST 2018 on sn-devel-144
2018-04-04 09:31:04 +02:00
Swen Schillig
aba3d50802 ctdb: Fixing possible memory leak in ctdb_tcp_read_cb
In case of an error condition the further processing of the data is cancelled
and the callback returns. In such a scenario the data has to be free'd.

Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-31 00:07:18 +02:00
Swen Schillig
611c9a0ba9 ctdb: Fixing memory leak in ctdb_tcp_tnode_cb
It is expected by the caller(queue_process) that the callback is
free'ing the memory referenced by the data pointer.

Signed-off-by: Swen Schillig <swen@vnet.ibm.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-03-31 00:07:18 +02:00
Gary Lockyer
34f7894719 ctdb/tcp/tcp_connect.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:20 +01:00
Martin Schwenke
bacf57c065 ctdb-tcp: Fix CID 1362724 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
0e73734822 ctdb-tcp: Set file descriptor to -1 after close.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Martin Schwenke
ce451c7cc6 ctdb-tcp: Fix CID 1362727 Unchecked return value from library
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12157

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2016-08-17 23:00:25 +02:00
Amitay Isaacs
a4ac97d6c0 ctdb-daemon: Use lib/util functions instead of redefinitions
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2016-06-08 10:33:19 +02:00
Michael Adam
537d5fc50e ctdb:tcp: add missing spaces in debug message in ctdb_tcp_node_connect()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-06-01 00:57:32 +02:00
Amitay Isaacs
921d815da0 ctdb-transport: Replace ctdb_logging.h with common/logging.h
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Michael Adam <obnox@samba.org>
2015-11-16 00:46:15 +01:00
Amitay Isaacs
4647787773 ctdb-daemon: Separate prototypes for common client/server functions
This groups function prototypes for common client/server functions in
common/common.h and removes them from ctdb_private.h.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
01c6c90e98 ctdb-daemon: Remove dependency on includes.h
Instead of includes.h, include the required header files explicitly.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
2fdb332fad ctdb-daemon: Stop using tevent compatibility definitions
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Amitay Isaacs
b900adc55c ctdb-daemon: Separate prototypes for system specific functions
This groups function prototypes for system specific functions in
common/system.h and removes them from ctdb_private.h.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-10-30 02:00:27 +01:00
Volker Lendecke
f54b2f7758 ctdb: Fix CID 1324447 Double close
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>

Autobuild-User(master): Amitay Isaacs <amitay@samba.org>
Autobuild-Date(master): Tue Sep 15 16:20:07 CEST 2015 on sn-devel-104
2015-09-15 16:20:07 +02:00
Michael Adam
7d49d9b4a1 ctdb-server: fix a possible fd leak in ctdb_tcp_listen_automatic()
sockets are created in a loop until an unused address is found.
But the unused socket fds were not closed.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2015-09-09 10:12:21 +02:00
David Disseldorp
12309f8bfb ctdb: check for talloc_asprintf() failure
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Wed Apr  1 15:36:03 CEST 2015 on sn-devel-104
2015-04-01 15:36:03 +02:00
Rajesh Joseph
801bdcde6a ctdb: Coverity fix for CID 1291643
CID 1291643: Resource leak: leaked_handle: Handle
variable lock_fd going out of scope leaks the handle.

Fix: on failure case release handle variable lock_fd

Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
Reviewed-by: Michael Adam <obnox@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>
2015-04-01 12:54:11 +02:00
Martin Schwenke
a5be2c245d ctdb-daemon: Store node addresses as ctdb_sock_addr rather than strings
Every time a nodemap is contructed the node IP addresses all need to
be parsed.  This isn't very productive use of CPU.

Instead, parse each string once when the nodes file is loaded.  This
results in much simpler code.

This code also removes the use of ctdb_address.  Duplicating the port
is pointless without an abstraction layer around ctdb_address.  If
CTDB gets an incompatible transport in the future then add an
abstraction layer.

Note that the infiniband code is not updated.  Compilation of the
infiniband code is already broken.  Fixing it will be a separate,
properly tested effort.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>
2015-03-23 12:23:12 +01:00
Martin Schwenke
876529054a ctdb-daemon: Set node PNN in one place
This is currently set in 2 places.  One of them makes the node loading
code difficult to refactor.  Also, when the surrounding code in either
place is touched then it might get broken.

This only needs to be done once at startup, not on every reload.  So
do it once in a very obvious way, sacrificing a few CPU cycles for
some added clarity.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
2015-03-23 12:23:12 +01:00
Amitay Isaacs
a54db687ac ctdb: Rename CTDB_VERSION to CTDB_PROTOCOL
CTDB_VERSION really is the ctdb protocol version.

Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
2014-10-28 05:42:05 +01:00
Amitay Isaacs
7793aa5617 ctdb-build: Use CTDB_RUNDIR instead of VARDIR/run/ctdb
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2014-06-24 07:23:13 +02:00
Amitay Isaacs
12fa8ed0cd ctdb-tcp: Coverity fixes
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-11-19 17:13:06 +01:00
Amitay Isaacs
c393c8027f tcp: Create socket lock in /var/run/ctdb instead of /tmp
Signed-off-by: Amitay Isaacs <amitay@gmail.com>
Pair-programmed-with: Martin Schwenke <martin@meltin.net>

(This used to be ctdb commit b9b9f6738fba5c32e87cb9c36b358355b444fb9b)
2013-10-25 12:06:06 +11:00
Sumit Bose
157f1cfefd Fixes for various issues found by Coverity
Signed-off-by: Amitay Isaacs <amitay@gmail.com>

(This used to be ctdb commit 05bfdbbd0d4abdfbcf28e3930086723508b35952)
2013-07-11 15:16:55 +10:00
Mathieu Parent
d82b9ae410 build: Fix tdb.h path to enable building with system TDB library
(This used to be ctdb commit f8bf99de3a5f56be67aaa67ed836458b1cf73e86)
2013-06-14 16:45:27 +10:00
Martin Schwenke
6fbd3ea2c2 ctdbd: Initialise the node flags in just one place
Currently flags are initialised in 2 places.  One of them is in
ctdb_tcp_listen_automatic(), which just seems wrong.  This makes the
code easier to follow by just doing it in ctdb_start_daemon().

This means that the flags are now initialised later than previously.
However, it is still done before the transport is started and before
clients can connect.

In future it might make sense to do a similar thing with setting the
PNN.  However, the current optimisation is reasonably obvious...

Signed-off-by: Martin Schwenke <martin@meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>

(This used to be ctdb commit 2bbee8ac23ad5b7adf7122d8c91d5f0d54582507)
2013-01-07 10:35:39 +11:00
Martin Schwenke
80a2bb84e7 ctdbd: Remove debug option --node-ip, use --listen instead
This effectively reverts d96cb02c2c24f9eabbc53d3d38e90dea49cff3e0

Signed-off-by: Martin Schwenke <martin@meltin.net>
Pair-programmed-with: Amitay Isaacs <amitay@gmail.com>

(This used to be ctdb commit 496387a585b2c5778c808cf02b8e1435abde4c3e)
2013-01-07 10:35:39 +11:00
Martin Schwenke
3c5374a5c2 ctdbd: Log a meaningful message if the nodes file/list is empty
Right now the message says it can't bind to any of the
addresses... even when there aren't any!

Signed-off-by: Martin Schwenke <martin@meltin.net>

(This used to be ctdb commit 553455b386aa7848a516a921dfc14eb87c8a3fc1)
2012-07-26 22:10:54 +10:00
Ronnie Sahlberg
dfdec4a07c We dont need to serialize the "probe which address this node is" if we have given an explicit --node-ip on the commandline
(This used to be ctdb commit e3dc5bd3f1ef1f0ed08f57a5b5bafcac936e9ed0)
2012-05-10 17:42:06 +10:00
Amitay Isaacs
4392591555 Remove explicit include of lib/tevent/tevent.h.
Signed-off-by: Amitay Isaacs <amitay@gmail.com>

(This used to be ctdb commit 0681014ca5ed2a9b56f63fdace7f894beccf8a9a)
2012-04-13 17:28:14 +10:00
Martin Schwenke
52ff485958 Added some #ifndefs to stop files being included multiple times.
Signed-off-by: Martin Schwenke <martin@meltin.net>

(This used to be ctdb commit fdca12c25e6fce6206135b994dedf44265e4eb09)
2011-11-11 14:31:50 +11:00
Rusty Russell
f93440c4b7 event: Update events to latest Samba version 0.9.8
In Samba this is now called "tevent", and while we use the backwards
compatibility wrappers they don't offer EVENT_FD_AUTOCLOSE: that is now
a separate tevent_fd_set_auto_close() function.

This is based on Samba version 7f29f817fa.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>


(This used to be ctdb commit 85e5e760cc91eb3157d3a88996ce474491646726)
2010-08-18 09:16:31 +09:30
Rusty Russell
7061ceffd8 Report client for queue errors.
We've been seeing "Invalid packet of length 0" errors, but we don't know
what is sending them.  Add a name for each queue, and print nread.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>


(This used to be ctdb commit e6cf0e8f14f4263fbd8b995418909199924827e9)
2010-07-01 23:08:49 +10:00
Ronnie Sahlberg
d7c00d8d7e Drop the debug level for logging fd creation to DEBUG_DEBUG
(This used to be ctdb commit eae1d4f9e52e73b4d8769868fffdafa590d03784)
2010-02-04 06:37:41 +11:00
Stefan Metzmacher
ee97e2676d tcp: don't log an error when we succefully bind to the desired address
metze

(This used to be ctdb commit 752a9c81de97be509de7e7feddde749cc5ee22a8)
2009-10-26 14:20:23 +11:00
Ronnie Sahlberg
a92ba7f729 lower the debug levels for the "create FD messages" so we dont fill up the logs.
(This used to be ctdb commit 87146db2769c2ec494813685bf9cec0d2a6336c3)
2009-10-21 15:26:24 +11:00
Ronnie Sahlberg
9de3652380 add logging everytime we create a filedescriptor in the main ctdb daemon
so we can spot if there are leaks.

plug two leaks for filedescriptors related to when sending ARP fail
and one leak when we can not parse the local address during tcp connection establish

(This used to be ctdb commit ddd089810a14efe4be6e1ff3eccaa604e4913c9e)
2009-10-15 11:24:54 +11:00
Ronnie Sahlberg
66c8d4fb3d make it possible to start the daemon in STOPPED mode
(This used to be ctdb commit 866aa995dc029db6e510060e9e95a8ca149094ac)
2009-07-09 11:57:20 +10:00
Ronnie Sahlberg
e6170b5389 add a new node state : DELETED.
This is used to mark nodes as being DELETED internally in ctdb
so that nodes are not renumbered if / when they are removed from the nodes file.

This is used to be able to do "ctdb reloadnodes" at runtime without
causing nodes to be renumbered.
To do this, instead of deleting a node from the nodes file, just comment it out like

   1.0.0.1
   #1.0.0.2
   1.0.0.3

After removing 1.0.0.2 from the cluster,  the remaining nodes retain their
pnn's from prior to the deletion, namely 0 and 2

Any line in the nodes file that is commented out represents a DELETED pnn

(This used to be ctdb commit 6a5e4fd7fa391206b463bb4e976502f3ac5bd343)
2009-06-01 14:18:34 +10:00
Ronnie Sahlberg
7265c713db we need to set the port properly in the parse_ip helper
(This used to be ctdb commit 43fe18d86995744ba61c7a6405b70edcb265930a)
2009-03-24 13:45:11 +11:00
Ronnie Sahlberg
869941c0cf From C Cowan, AIX needs to set sockaddr.sa_len to a consistent value for
the address type used or the connect() call will fail.

(This used to be ctdb commit d416c0e1e57a42f7ab52de903dbd8b5e111decfe)
2009-03-16 09:21:24 +11:00
Michael Adam
3cca0f75e4 Fix treatment of link local ipv6 addresses: set the scope id.
metze / Michael

Signed-off-by: Michael Adam <obnox@samba.org>

(This used to be ctdb commit 9d12de1ca6107801dada927729e755c0949d73bf)
2009-01-19 22:50:53 +01:00
root
e54347fa4e redo and update how we synchronize flags across the cluster.
this simplifies the code and should close a race condition between the local recovery daemon and a remote node when flags are changing.

(This used to be ctdb commit 32d460b8469eb53145f04161a5d01166f9b5f09e)
2008-12-05 16:32:30 +11:00
root
bf67153402 some platforms are very picky about the third argument passed to bind().
and would complain if sa.family is AF_INET and the third argument is not exactly the size of a sockaddr_in.

We used to pass a union containing both a sockaddr_in and a sockaddr_in6  which would mean that on those platforms bind() would fail since the passed structure for AF_INET would be too big.

Thus we need to set and pass the appropriate size to bind. At the same time for thos eplatforms we can also set sin[6]_size to the expected size.
(bind() on those platforms were isurprisingly perfectly ok with sin_len was "too big")

(This used to be ctdb commit 5d3018c37179966f75183d9a98790eaaaf1d2cfc)
2008-12-05 10:33:38 +11:00
Ronnie Sahlberg
edb7241c05 redesign how reloadnodes is implemented.
modify the transport methods to allow to restart individual connections
and set up destructors properly.

only tear down/set-up tcp connections to nodes removed from the cluster
or nodes added to the cluster.
Leave tcp connections to unchanged nodes connected.

make "ctdb reloadnodes" explicitely cause a recovery of the cluster once
the files have been realoaded

(This used to be ctdb commit d1057ed6de7de9f2a64d8fa012c52647e89b515b)
2008-12-02 13:26:30 +11:00
Ronnie Sahlberg
1778280d50 When we reload the nodes file
instead of shutting down/restarting the entire tcp layer
just bounce all outgoing connections and reconnect

(This used to be ctdb commit e701a531868149f16561011e65794a4a46ee6596)
2008-10-07 18:12:54 +11:00
Ronnie Sahlberg
ef997d344f initial ipv6 patch
Signed-off-by: Ronnie Sahlberg <ronniesahlberg@gmail.com>

(This used to be ctdb commit 1f131f21386f428bbbbb29098d56c2f64596583b)
2008-08-19 14:58:29 +10:00
Ronnie Sahlberg
66919db3d7 We can not assume that just because we could complete a TCP handshake
to the remote node  that
1, we are in fact talking to a CTDB daemon
2, that IF we are talking to a ctdb daemon, it is operational.

So, we can not blindly mark the node as CONNECTED just because
we can open a TCP connection.

Instead we rely on "If we did get a KEEPALIVE from the remote node,
is is connected"

(This used to be ctdb commit 60e2cb175c449ae65793a3e1ffb60cf030a3a0d5)
2008-07-18 10:59:34 +10:00
root
fb5cc54206 listen_fd is auto-closed
Closing it here just causes an epoll error, and may close a fd in use by
another structure to be closed. This caused a infinite recovery loop

(This used to be ctdb commit bc251ac7029c2689776a8c31b28ac1d233d52d4f)
2008-05-08 17:14:00 +10:00