On Mon, Apr 20, 2009 at 10:04:55AM -0600, Bo Yang wrote:
> Taking cm_connect_lsa() for example. Assuming network
> connectionis good initially, but when
> cli_rpc_pipe_open_spnego_ntlmssp() isinvoked, remote end
> is closed. So, it returnsNT_STATUS_BROKEN_PIPE(mapped from
> EPIPE). Then we go to schannel oranonymous, which makes no
> difference. Because the socket is brokennow(but fd is
> owned by current process, winbindd), the fd(socket)
> won'tbe writable or readable any more. Then have a look at
> whattevent_req_poll() does, req is always in progress,
> tevent_loop_once()--> s3_event_loop_once() ---> add the fd
> to select's writefds set---> select times out and returns
> 0. again and again,tevent_req_poll() loops forever........
> I think we should do a test after each rpc call to see if
> thestatus is BROKEN PIPE, if it is, we must close the
> socket and free allpipes. We must close socket first, and
> set cli->fd to -1. Otherwise,pipe's destructor will try to
> write to the fd, which causetevent_req_poll() loops
> forever. My previous patch to test ifcli->fd must be there
> to make this work, otherwise, winbindd justcrash in
> FD_SET(-1, &writefds)....
Isn't it that we eventually end up in an smb request? What
happens if we close the fd at the right place?
What about the attached patch?
Description: Text document