diff options
| author | Martin Schwenke <martin@meltin.net> | 2018-06-26 20:12:23 +1000 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2018-07-09 12:55:26 +0200 |
| commit | 7fd58cbec458a353f8732c7becadb5fc2315695c (patch) | |
| tree | ca9d1a10f1f4c57970adfc918ebbda9435686f2e /ctdb/server | |
| parent | b521f79e4ab64c0de5f1c9a81f051fb1f3a8514d (diff) | |
| download | samba-7fd58cbec458a353f8732c7becadb5fc2315695c.tar.gz | |
ctdb-daemon: Only consider client ID for local database attach
The comment immediately above this code says "don't allow local
clients to attach" and then looks up the client ID regardless of
whether the request is local or remote.
This means that an intentional remote attach from a client will not
work correctly. No real client should ever do that since clients
attach so they an access databases locally. Perhaps some sanity
checks should be added.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13500
Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Amitay Isaacs <amitay@gmail.com>
(cherry picked from commit 63255ef92552da92956c05160f33622d0bbc3a28)
Diffstat (limited to 'ctdb/server')
| -rw-r--r-- | ctdb/server/ctdb_control.c | 32 | ||||
| -rw-r--r-- | ctdb/server/ctdb_ltdb_server.c | 9 |
2 files changed, 30 insertions, 11 deletions
diff --git a/ctdb/server/ctdb_control.c b/ctdb/server/ctdb_control.c index f7a8b6b6e65..063cd1d3a8f 100644 --- a/ctdb/server/ctdb_control.c +++ b/ctdb/server/ctdb_control.c @@ -267,18 +267,34 @@ static int32_t ctdb_control_dispatch(struct ctdb_context *ctdb, } case CTDB_CONTROL_DB_ATTACH: - return ctdb_control_db_attach(ctdb, indata, outdata, 0, client_id, - c, async_reply); + return ctdb_control_db_attach(ctdb, + indata, + outdata, + 0, + srcnode, + client_id, + c, + async_reply); case CTDB_CONTROL_DB_ATTACH_PERSISTENT: - return ctdb_control_db_attach(ctdb, indata, outdata, - CTDB_DB_FLAGS_PERSISTENT, client_id, - c, async_reply); + return ctdb_control_db_attach(ctdb, + indata, + outdata, + CTDB_DB_FLAGS_PERSISTENT, + srcnode, + client_id, + c, + async_reply); case CTDB_CONTROL_DB_ATTACH_REPLICATED: - return ctdb_control_db_attach(ctdb, indata, outdata, - CTDB_DB_FLAGS_REPLICATED, client_id, - c, async_reply); + return ctdb_control_db_attach(ctdb, + indata, + outdata, + CTDB_DB_FLAGS_REPLICATED, + srcnode, + client_id, + c, + async_reply); case CTDB_CONTROL_SET_CALL: return control_not_implemented("SET_CALL", NULL); diff --git a/ctdb/server/ctdb_ltdb_server.c b/ctdb/server/ctdb_ltdb_server.c index 1962f854683..ca5bb124f5f 100644 --- a/ctdb/server/ctdb_ltdb_server.c +++ b/ctdb/server/ctdb_ltdb_server.c @@ -1105,9 +1105,12 @@ int ctdb_process_deferred_attach(struct ctdb_context *ctdb) /* a client has asked to attach a new database */ -int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, +int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, + TDB_DATA indata, TDB_DATA *outdata, - uint8_t db_flags, uint32_t client_id, + uint8_t db_flags, + uint32_t srcnode, + uint32_t client_id, struct ctdb_req_control_old *c, bool *async_reply) { @@ -1128,7 +1131,7 @@ int32_t ctdb_control_db_attach(struct ctdb_context *ctdb, TDB_DATA indata, * allow all attach from the network since these are always from remote * recovery daemons. */ - if (client_id != 0) { + if (srcnode == ctdb->pnn && client_id != 0) { client = reqid_find(ctdb->idr, client_id, struct ctdb_client); } if (client != NULL) { |