When connecting to a DFS target libsmbclient leaves four sockets open even after calling smbc_free_context(). Running... lsof | grep microsoft ...shows four connections labelled "microsoft-ds (ESTABLISHED)" to the target server. The connections only close once the parent process is terminated. This is not an issue in small, short run binaries but with longer running processes such as php-libsmbclient these connections can keep increasing and in extreme cases crash the server. This does not occur with non-DFS connections. In these cases the connections are all closed when calling smbc_free_context().
Created attachment 10946 [details] Makes use of code from cli_shutdown to ensure that all sockets are closed when calling smbc_free_context for a DFS connection. Note that this patch is merely a demonstration. The problem seems to be with the cli_shutdown function in clientgen.c. I've added in debug statements to both cli_shutdown and _cli_shutdown but they never display - in fact the function doesn't seem to execute at all. In the attached "patch" (I use the term loosely) I've taken the code from both cli_shutdown and _cli_shutdown and dropped it into smbc_free_context. With the patch applied there are no more leaking sockets. I'll keep investigating. Notes:- In libsmb_context I've had to comment out:- if (smbc_getFunctionPurgeCachedServers(context)(context)) { ...to get things to work. I assume that this is because SMBC_remove_unused_server also makes use of the cli_shutdown function. From cli_shutdown in clientgen.c I've had to comment out:- if (cli_head == s->cli) ...since this doesn't ever seem to be true even when using DFS. From cli_shutdown in clientgen.c I've had to change:- for (p = cli_head->next; p; p = next) { ...to... for (p = cli_head; p; p = next) { ...otherwise two sockets would remain open. (All of the above is shown in the attachment.)
How are you calling smbc_free_context() ? What is the value you are passing into int shutdown_ctx ?
Sorry, should have added that previously. To get this working I'm passing 1 since that's the condition to get cli_shutdown() called from inside smbc_free_context().
Can you post me a simple libsmbclient program I can use to reproduce this ? That would help a lot in tracking this down.
Pretty sure this is a duplicate of: https://bugzilla.samba.org/show_bug.cgi?id=11624 I just posted a fix to that bug report. Can you test it and let me know if it fixes the problem ? Jeremy. *** This bug has been marked as a duplicate of bug 11624 ***