Created attachment 10968 [details] Patch to fix termination of asynchronous connections with pending calls Description: ============ Attached is a patch to fix how the dcerpc server handles termination of connection for dcerpc endpoints with PUSH notification like behaviors. The patch adds a DCESRV_CALL_STATE_FLAG_PROCESS_PENDING_CALL and set it to call->context->conn->state_flags during dcesrv_bind() and dcesrv_alter() calls if it was available in dce_call->state_flags. This patch loops over all contexts within dcesrv_cleanup_broken_connections to call the destructor and makes the unbind function for the endpoint responsible for managing/cleaning up context->conn->pending_call_list. Overview: ========= When implementing an asynchronous dcerpc endpoint that behaves as a PUSH notification service, the client sends a request for which the server does not send the reply unless there is either pending notifications to return or a timeout was reached. If the client closes the connection before the server returns, the connection is handled as a broken connection with pending calls on the dcerpc server and the destructor dcesrv_connection_context_destructor is never called. It also means that the unbind method on the interface is never called. A sample output is available below: ndr_pull_error(11): Pull bytes 4 (../librpc/ndr/ndr_basic.c:148) dcesrv: terminating connection due to 'NT_STATUS_BUFFER_TOO_SMALL' defered due to pending calls ndr_pull_error(11): Pull bytes 4 (../librpc/ndr/ndr_basic.c:148) dcesrv: terminating connection due to 'NT_STATUS_BUFFER_TOO_SMALL' defered due to pending calls With this patch applied, the unbind method of the interface is called and pending calls can be cleaned by the endpoint service: ndr_pull_error(11): Pull bytes 4 (../librpc/ndr/ndr_basic.c:148) Terminating connection - 'dcesrv: NT_STATUS_BUFFER_TOO_SMALL' imessaging: cleaning up /var/lib/samba/private/smbd.tmp/msg/msg.12698.43 single_terminate: reason[dcesrv: NT_STATUS_BUFFER_TOO_SMALL] mapiproxy/servers/default/asyncemsmdb/dcesrv_asyncemsmdb.c:339(dcerpc_server_asyncemsmdb_unbind): DISCONNECTION FROM CLIENT
Applied in master in fd90d270c7e97a639f42a96b674a674d1b51aa0d
Created attachment 10971 [details] patch for v4-1 series
Comment on attachment 10971 [details] patch for v4-1 series LGTM.
Created attachment 10975 [details] git-am fix for 4.2.next. Jelmer, please +1 for 4.2.next. Thanks, Jeremy.
Comment on attachment 10975 [details] git-am fix for 4.2.next. git cherry-pick from master.
Re-assigning to Karolin for inclusion in 4.2.next, 4.1.next. Karolin, Jelmer +1'ed the bug itself rather than the attachment, but it means the same thing :-). Jeremy.
A regression/crash introduced by this patch has been identified when an unknown dcerpc endpoint is queried in dcesrv_alter. I have created a bug entry and attached a fix to address this problem: https://bugzilla.samba.org/show_bug.cgi?id=11236
Pushed to autobuild-v4-[1|2]-test.
Pushed to both branches. Closing out bug report. Thanks!