Created attachment 14057 [details]
Patch to session setup for reset on zero vc
When "reset on zero vc" is enabled clients are being reset incorrectly when a new client connects using an IP address that's a substring of the existing client's address. For example, if a session is created by a client at 192.168.25.25, followed by a client at 192.168.25.2, the session for the client at 192.168.25.25 will be reset. This appears to be the result of using strstr to check for a match.
The error exists in 4.7.6 and has existed at least as far back as 4.5.
I've attached a patch that resolves the issue.
Created attachment 14083 [details]
Thanks for the report. Your patch has one small flaw: We don't use in-function declarations. See my attached proposal. Does that also help?
I have one worry: What about IPv6? I think both our patches *might* not be correct for that. On the other hand: Is IPv6 and SMB1 really an issue?
(In reply to Volker Lendecke from comment #1)
smbXsrv_session_add_channel() uses tsocket_address_string(),
while setup_new_vc_session() uses tsocket_address_inet_addr_string().
I think setup_new_vc_session() could also use tsocket_address_string()
and shutdown_other_smbds() would just need 'strcmp()'.
(In reply to Stefan Metzmacher from comment #2)
Ok, that's wrong, it includes the port number, which should be ignored.
strncmp() together with strrchr(':') to remove everything including and after the last ':' could work.
Created attachment 14095 [details]
Comment on attachment 14095 [details]
Looks good, thanks!
Joe can you give it a try and check if it works for you?
Pushed to master with metze's RB+ from this bug
Fixed as 31cba34a8f0e1301423468c6570530b0e298eb20 for 4.9.0