1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source3/librpc
Stefan Metzmacher 52dd57d4b3 smbXsrv_client: notify a different node to drop a connection by client guid.
If a client disconnected all its interfaces and reconnects when
the come back, it will likely start from any ip address returned
dns, which means it can try to connect to a different ctdb node.
The old node may not have noticed the disconnect and still holds
the client_guid based smbd.

Up unil now the new node returned NT_STATUS_NOT_SUPPORTED to
the SMB2 Negotiate request, as messaging_send_iov[_from]() will
return -1/ENOSYS if a file descriptor os passed to a process on
a different node.

Now we tell the other node to teardown all client connections
belonging to the client-guid.

Note that this is not authenticated, but if an attacker can
capture the client-guid, he can also inject TCP resets anyway,
to get the same effect.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15159

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Sep  2 20:59:15 UTC 2022 on sn-devel-184

(cherry picked from commit 8591d94243)
2022-10-18 08:34:17 +00:00
..
crypto librpc: match gensec_gssapi and call gsskrb5_set_dns_canonicalize() for Heimdal 2021-12-09 07:42:38 +00:00
gen_ndr
idl smbXsrv_client: notify a different node to drop a connection by client guid. 2022-10-18 08:34:17 +00:00
rpc s3:rpc_server: Delete unused code and doc references 2021-12-10 14:02:30 +00:00
wscript_build idl: Define messages sent between samba-dcerpcd and rpcd's 2021-12-10 14:02:30 +00:00