1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-22 22:04:08 +03:00

64 Commits

Author SHA1 Message Date
Gary Lockyer
8b3c582511 lib/async_req/async_sock.c set socket close on exec
Set SOCKET_CLOEXEC on the sockets returned by accept.  This ensures that
the socket is unavailable to any child process created by system().
Making it harder for malicious code to set up a command channel,
as seen in the exploit for CVE-2015-0240

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2017-12-18 04:38:19 +01:00
Stefan Metzmacher
4c08920b83 lib/async_req: add writev_cancel()
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-10-26 11:20:12 +02:00
Ralph Boehme
9c6a4ea278 async_req: make async_connect_send() "reentrant"
Allow callers to pass in socket fds that where already passed to an
earlier call of async_connect_send(). Callers expect this behaviour and
it was working until 05d4dbda8357712cb81008e0d611fdb0e7239587 broke it.

The proper fix would be to change callers to close the fd and start from
scratch with a fresh socket.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12105

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Thu Aug  4 05:03:21 CEST 2016 on sn-devel-144
2016-08-04 05:03:21 +02:00
Volker Lendecke
467ea855cc lib: Fix a signed/unsigned mixup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2016-06-13 10:10:11 +02:00
Volker Lendecke
6d26d7253e lib: Add accept_send/recv
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2016-06-07 14:34:10 +02:00
Ralph Boehme
05d4dbda83 async_req: fix non-blocking connect()
According to Stevens UNIX Network Programming and various other sources,
the correct handling for non-blocking connect() is:

- when the initial connect() return -1/EINPROGRESS polling the socket
  for *writeability*

- in the poll handler call getsocktopt() with SO_ERROR to get the
  finished connect() return value

Simply calling connect() a second time without error checking is
probably wrong and not portable. For a successfull connect() Linux
returns 0, but Solaris will return EISCONN:

24254:   0.0336  0.0002 connect(4, 0xFEFFECAC, 16, SOV_DEFAULT) Err#150 EINPROGRESS
24254:          AF_INET  name = 10.10.10.143  port = 1024
24254:   0.0349  0.0001 port_associate(3, 4, 0x00000004, 0x0000001D,0x080648A8) = 0
24254:   0.0495  0.0146 port_getn(3, 0xFEFFEB50, 1, 1, 0xFEFFEB60) = 1 [0]
24254:   0.0497  0.0002 connect(4, 0x080646E4, 16, SOV_DEFAULT) Err#133 EISCONN
24254:          AF_INET  name = 10.10.10.143  port = 1024

Bug: https://bugzilla.samba.org/show_bug.cgi?id=11564

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-10-20 20:22:22 +02:00
Uri Simchoni
0c6dc1ecf9 async_req: check for errors when monitoring socket for readability
Add an option to wait_for_read_send(), so that the request, upon
calling back, report whether the socket actually contains data
or is in EOF/error state. EOF is signalled via the EPIPE error.

This is useful for clients which do not expect data to arrive but
wait for readability to detect a closed socket (i.e. they do not
intend to actually read the socket when it's readable). Actual data
arrival would indicate a bug in this case, so the check can
be used to print an error message.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11397

Signed-off-by: Uri Simchoni <urisimchoni@gmail.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-07-15 22:41:13 +02:00
Volker Lendecke
ddd61126fb lib: Fix CID 710685 Unchecked return value from library
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-06-23 22:12:08 +02:00
Volker Lendecke
cf598156dd lib: Fix CID 1306765 Unchecked return value from library
This one might be a bit controversial. I don't see from man fcntl how this
could fail. But if it does, we definitely do want to know about it. And here we
don't have any good way to tell our caller, so abort.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Jun 16 19:22:52 CEST 2015 on sn-devel-104
2015-06-16 19:22:52 +02:00
Volker Lendecke
90eefb1779 lib: Fix CID 1306764 Unchecked return value
tevent_req_oom exists right for this case :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: "Stefan (metze) Metzmacher" <metze@samba.org>
2015-06-16 16:33:10 +02:00
Stefan Metzmacher
64640cc99c lib/async_req: remove the tevent_fd as early as possible via a wait_for_read_cleanup() hook
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
a2a7cbc66c lib/async_req: remove the tevent_fd as early as possible via a read_packet_cleanup() hook
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
9a116b28ba lib/async_req: use tevent_req_nomem/tevent_req_post in read_packet_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
4f05f68abc lib/async_req: s/result/req/ in read_packet_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
0c11096956 lib/async_req: remove the tevent_fd as early as possible via a writev_cleanup() hook
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
d5a4b30f89 lib/async_req: simplify async_connect_* using a _cleanup() hook
This makes sure we remove the tevent_fd as soon as possible
and always reset the old_sockflags.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:18 +02:00
Stefan Metzmacher
be8c2ff103 lib/async_req: s/result/req/ in async_connect_send()
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:17 +02:00
Stefan Metzmacher
ccd038e152 lib/async_req: remove unused sendto_{send,recv} and recvfrom_{send,recv}
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11316

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2015-06-12 17:08:17 +02:00
Volker Lendecke
a610336886 lib: Move "iov_buf.[ch]" to lib/util
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2015-02-24 17:52:08 +01:00
Volker Lendecke
475cfb8dee lib: Use iov_advance in writev_handler
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2014-12-30 00:25:08 +01:00
Stefan Metzmacher
94b2641a53 CVE-2013-4408:async_sock: add some overflow detection to read_packet_handler()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10185

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2013-12-09 07:05:45 +01:00
Volker Lendecke
d67e614a07 lib: Add before/after hooks to async_connect
This will facilitiate [un]become_root for smbd to connect safely to ctdbd.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Christian Ambach <ambi@samba.org>
2013-05-17 11:22:45 +02:00
Volker Lendecke
9e17e7d7f2 lib/async_req: Retry read_packet with read(2)
This way it will also work with pipes

Autobuild-User: Volker Lendecke <vl@samba.org>
Autobuild-Date: Fri Mar 23 17:31:24 CET 2012 on sn-devel-104
2012-03-23 17:31:24 +01:00
Andrew Bartlett
d40fe50a67 build: avoid util.h as a public header name due to conflict with MacOS 2011-09-23 09:24:03 +02:00
Volker Lendecke
50e30afa60 s3: Fix bug 8385
Poll and select behave differently regarding error handling. When doing the
connect(2), we can not rely on poll telling us both readability and writability
upon error. Just always try a second connect(2). At least on Linux it returns 0
when it succeeded.

Signed-off-by: Jeremy Allison <jra@samba.org>

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Aug 25 19:39:12 CEST 2011 on sn-devel-104
2011-08-25 19:39:12 +02:00
Volker Lendecke
4281967990 Add wait_for_read_send/recv
Wait for readability of a socket as a tevent_req
2011-07-28 17:42:22 +02:00
Jeremy Allison
0efcc94fb8 Fix bug #8197 - winbind does not properly detect when a DC connection is dead.
Only waiting for writability doesn't get fd errors back with poll.
So always begin by selecting for readability, and if we get it then
see if bytes were available to read or it really is an error condition.

If bytes were available, remove the select on read as we know we
will retrieve the error when we've finished writing and start
reading the reply (or the write will timeout or fail).

Metze and Volker please check.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Jun  6 21:53:16 CEST 2011 on sn-devel-104
2011-06-06 21:53:16 +02:00
Matthias Dieter Wallnöfer
7d2d902d51 async_rec/async_sock.c - add an additional "const"
In order to suppress a build warning.

Acked-by: Volker and Metze

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Wed Mar 23 10:26:23 CET 2011 on sn-devel-104
2011-03-23 10:26:23 +01:00
Volker Lendecke
65f4f22cb4 Use sockaddr_storage in async sendto/recvfrom 2010-12-29 22:44:06 +01:00
Volker Lendecke
c4b18bd860 async_send->sendto, async_recv->recvfrom 2010-12-28 12:59:11 +01:00
Stefan Metzmacher
f0d6e61977 async_sock: return -1/EPIPE if we're getting an end of file on read.
This makes the error handling in the callers easier.

metze
2009-09-21 06:04:53 +02:00
Volker Lendecke
b706265786 Fix a = vs == error in writev_handler 2009-06-15 07:48:48 +02:00
Stefan Metzmacher
faabc97c9a async_sock: try fix the source4 build on FreeBSD, Solaris, SLES8
metze
2009-06-08 09:40:06 +02:00
Volker Lendecke
a731eb64d9 Fix an uninitialized variable read in async_connect_send 2009-06-06 10:42:55 +02:00
Volker Lendecke
74330085ec Only err on readability if writev_send was explicitly asked to do so
A socket might be readable for other reasons
2009-06-04 12:05:00 +02:00
Volker Lendecke
625851a50f Handle EINTR in async_sock.c 2009-05-30 09:51:02 +02:00
Kai Blin
57ea909b32 libwbclient: Add async call framework. 2009-05-30 09:17:37 +02:00
Volker Lendecke
9d8766e176 async_sock: Change license to LGPLv3+ 2009-05-29 18:17:38 +02:00
Volker Lendecke
9de2efaa5b Change async_connect to use connect instead of getsockopt to get the error
On my Linux box, this is definitely the more reliable strategy with unix domain
sockets, and according to my tests it also works correctly with TCP sockets.
2009-05-24 13:50:54 +02:00
Volker Lendecke
a8e02b591b Add "err_on_readability" to writev_send
A socket where the other side has closed only becomes readable. To catch
errors early when sitting in a pure writev, we need to also test for
readability.
2009-05-24 13:47:29 +02:00
Volker Lendecke
1a69ba8945 Allow NULL queue to writev_send 2009-05-24 13:45:35 +02:00
Volker Lendecke
ccd293ba0e Remove async_req 2009-04-08 23:11:59 +02:00
Volker Lendecke
d3825d5d10 Use recv instead of read in read_packet_handler
This way the socket wrapper pcap file also sees the replies :-)
2009-04-05 13:45:15 +02:00
Volker Lendecke
b693f7f067 Remove some transitional code in writev_send 2009-03-17 17:31:22 +01:00
Stefan Metzmacher
b96aa69dff async_sock: fix truncating of the temporary iovec in writev_send/recv()
Volker: please check!

metze
2009-03-11 17:33:30 +01:00
Volker Lendecke
fe486d7b9f Add "queue" to writev_send
Unless higher levels queue themselves somehow, writev will *always* be queued.
So the queueing should be done at the right level.
2009-03-08 11:20:59 +01:00
Simo Sorce
67d41d0fc7 Make struct tevent_req opaque
Move struct tevent_req in tevent_internal, and ad getters and setters
for private data and the callback function.
This patch also renames 'private_state' into 'data'. What is held in this
pointer is in fact data and not a state like enum tevent_req_state.
Calling it 'state' is confusing.

The functions addedd are:
tevent_req_set_callback() - sets req->async.fn and req->async.private_data
tevent_req_set_print_fn() - sets req->private_print
tevent_req_callback_data() - gets req->async.private_data
tevent_req_data() - gets rea->data

This way it is much simpler to keep API/ABI compatibility in the future.
2009-03-02 11:02:09 -05:00
Volker Lendecke
ddd3da8ab7 Simplify async_connect_send slightly 2009-02-28 12:32:22 +01:00
Volker Lendecke
423c1d88fc Remove async_req based async_send 2009-02-25 13:04:19 +01:00
Volker Lendecke
00ad0c4a43 Remove async_req based async_recv 2009-02-25 13:04:18 +01:00