diff options
-rw-r--r-- | source4/lib/socket/socket.c | 34 | ||||
-rw-r--r-- | source4/lib/socket/socket.h | 1 | ||||
-rw-r--r-- | source4/lib/tls/config.mk | 2 | ||||
-rw-r--r-- | source4/lib/tls/tls.c | 6 |
4 files changed, 29 insertions, 14 deletions
diff --git a/source4/lib/socket/socket.c b/source4/lib/socket/socket.c index e1f8bb4d86..ac64bc4ddc 100644 --- a/source4/lib/socket/socket.c +++ b/source4/lib/socket/socket.c @@ -66,6 +66,7 @@ _PUBLIC_ NTSTATUS socket_create_with_ops(TALLOC_CTX *mem_ctx, const struct socke /* by enabling "testnonblock" mode, all socket receive and send calls on non-blocking sockets will randomly recv/send less data than requested */ + if (!(flags & SOCKET_FLAG_BLOCK) && type == SOCKET_TYPE_STREAM && lp_parm_bool(-1, "socket", "testnonblock", False)) { @@ -185,14 +186,21 @@ _PUBLIC_ NTSTATUS socket_recv(struct socket_context *sock, void *buf, return NT_STATUS_NOT_IMPLEMENTED; } - if ((sock->flags & SOCKET_FLAG_TESTNONBLOCK) && wantlen > 1) { - if (random() % 10 == 0) { - *nread = 0; - return STATUS_MORE_ENTRIES; + if ((sock->flags & SOCKET_FLAG_TESTNONBLOCK) + && wantlen > 1) { + + /* The returning of 0 and MORE_ENTRIES is incompatible + with TLS and SASL sockets, as there is not a + constant event source to re-trigger the reads */ + + if (!(sock->flags & SOCKET_FLAG_FAKE)) { + if (random() % 10 == 0) { + *nread = 0; + return STATUS_MORE_ENTRIES; + } } return sock->ops->fn_recv(sock, buf, 1+(random() % wantlen), nread); } - return sock->ops->fn_recv(sock, buf, wantlen, nread); } @@ -229,17 +237,21 @@ _PUBLIC_ NTSTATUS socket_send(struct socket_context *sock, if (!sock->ops->fn_send) { return NT_STATUS_NOT_IMPLEMENTED; } - - if ((sock->flags & SOCKET_FLAG_TESTNONBLOCK) && blob->length > 1) { - DATA_BLOB blob2 = *blob; + + if ((sock->flags & SOCKET_FLAG_TESTNONBLOCK) + && blob->length > 1) { if (random() % 10 == 0) { *sendlen = 0; return STATUS_MORE_ENTRIES; } - blob2.length = 1+(random() % blob2.length); - return sock->ops->fn_send(sock, &blob2, sendlen); + /* The variable size sends are incompatilbe with TLS and SASL + * sockets, which require re-sends to be consistant */ + if (!(sock->flags & SOCKET_FLAG_FAKE)) { + DATA_BLOB blob2 = *blob; + blob2.length = 1+(random() % blob2.length); + return sock->ops->fn_send(sock, &blob2, sendlen); + } } - return sock->ops->fn_send(sock, blob, sendlen); } diff --git a/source4/lib/socket/socket.h b/source4/lib/socket/socket.h index fefa999e08..c0cf429887 100644 --- a/source4/lib/socket/socket.h +++ b/source4/lib/socket/socket.h @@ -102,6 +102,7 @@ enum socket_state { #define SOCKET_FLAG_BLOCK 0x00000001 #define SOCKET_FLAG_PEEK 0x00000002 #define SOCKET_FLAG_TESTNONBLOCK 0x00000004 +#define SOCKET_FLAG_FAKE 0x00000008 /* This is an implementation not directly on top of a real socket */ struct socket_context { enum socket_type type; diff --git a/source4/lib/tls/config.mk b/source4/lib/tls/config.mk index 2ab296049b..f75c613e73 100644 --- a/source4/lib/tls/config.mk +++ b/source4/lib/tls/config.mk @@ -5,7 +5,7 @@ OBJ_FILES = \ tls.o \ tlscert.o PUBLIC_DEPENDENCIES = \ - LIBTALLOC GNUTLS LIBSAMBA-CONFIG + LIBTALLOC GNUTLS LIBSAMBA-CONFIG samba-socket # # End SUBSYSTEM LIBTLS ################################################ diff --git a/source4/lib/tls/tls.c b/source4/lib/tls/tls.c index 936c18c0c6..1ba8ae9779 100644 --- a/source4/lib/tls/tls.c +++ b/source4/lib/tls/tls.c @@ -443,7 +443,8 @@ struct socket_context *tls_init_server(struct tls_params *params, NTSTATUS nt_status; nt_status = socket_create_with_ops(socket, &tls_socket_ops, &new_sock, - SOCKET_TYPE_STREAM, 0); + SOCKET_TYPE_STREAM, + socket->flags | SOCKET_FLAG_FAKE); if (!NT_STATUS_IS_OK(nt_status)) { return NULL; } @@ -522,7 +523,8 @@ struct socket_context *tls_init_client(struct socket_context *socket, NTSTATUS nt_status; nt_status = socket_create_with_ops(socket, &tls_socket_ops, &new_sock, - SOCKET_TYPE_STREAM, 0); + SOCKET_TYPE_STREAM, + socket->flags | SOCKET_FLAG_FAKE); if (!NT_STATUS_IS_OK(nt_status)) { return NULL; } |