[Q] enumprinterdrivers 2|3 is broken
It appears that we are never protecting ourselves from \\ slashes in
the incoming server name in spoolss requests. While doing
enumprinterdrivers 2 and 3 levels we call
rpc_server/srv_spoolss_nt.c:enumprinterdrivers_level2() which formats
returned strings as "\\\\%s\%s" where first parameter is server name.
Therefore, our response is sending \\\\ slashes.
In particular, this is different to what Windows does: it looks they
simply normalize slashes everywhere.
This difference actually has a harm effect: Windows client thinks that
a driver is changed on the server and reloads it from the Samba server
on each opening of the printer properties. This is quite noticeable
for large drivers as network consumption increases.
We could normalize name in
rpc_parse/rpc_parse_spoolss.c:spoolss_io_q_enumprinterdrivers()
(reffering to 3-0-stable source) or could strip/normalize in
enumprinterdrivers_level2(). Not sure which way is better and safer.
This logical error exists in rpc code in 3-0 and upwards.
--
/ Alexander Bokovoy
Re: [Q] enumprinterdrivers 2|3 is broken
On Wed, Jul 02, 2008 at 02:59:10PM +0400, Alexander Bokovoy wrote:[color=blue]
> It appears that we are never protecting ourselves from \\ slashes in
> the incoming server name in spoolss requests. While doing
> enumprinterdrivers 2 and 3 levels we call
> rpc_server/srv_spoolss_nt.c:enumprinterdrivers_level2() which formats
> returned strings as "\\\\%s\%s" where first parameter is server name.
> Therefore, our response is sending \\\\ slashes.
>
> In particular, this is different to what Windows does: it looks they
> simply normalize slashes everywhere.
>
> This difference actually has a harm effect: Windows client thinks that
> a driver is changed on the server and reloads it from the Samba server
> on each opening of the printer properties. This is quite noticeable
> for large drivers as network consumption increases.
>
> We could normalize name in
> rpc_parse/rpc_parse_spoolss.c:spoolss_io_q_enumprinterdrivers()
> (reffering to 3-0-stable source) or could strip/normalize in
> enumprinterdrivers_level2(). Not sure which way is better and safer.[/color]
What does Windows do to normalize the servername ? Do they send
it as '\\servername' or just 'servername' ?
Jeremy.
Re: [Q] enumprinterdrivers 2|3 is broken
On Wed, Jul 02, 2008 at 02:59:10PM +0400, Alexander Bokovoy wrote:[color=blue]
> It appears that we are never protecting ourselves from \\ slashes in
> the incoming server name in spoolss requests. While doing
> enumprinterdrivers 2 and 3 levels we call
> rpc_server/srv_spoolss_nt.c:enumprinterdrivers_level2() which formats
> returned strings as "\\\\%s\%s" where first parameter is server name.
> Therefore, our response is sending \\\\ slashes.
>
> In particular, this is different to what Windows does: it looks they
> simply normalize slashes everywhere.
>
> This difference actually has a harm effect: Windows client thinks that
> a driver is changed on the server and reloads it from the Samba server
> on each opening of the printer properties. This is quite noticeable
> for large drivers as network consumption increases.
>
> We could normalize name in
> rpc_parse/rpc_parse_spoolss.c:spoolss_io_q_enumprinterdrivers()
> (reffering to 3-0-stable source) or could strip/normalize in
> enumprinterdrivers_level2(). Not sure which way is better and safer.
>
> This logical error exists in rpc code in 3-0 and upwards.[/color]
Alexander, can you test this patch for me please ?
Should fix all uses of \\[\\..]servername to be
a canonical \\servername.
Jeremy.
Re: [Q] enumprinterdrivers 2|3 is broken
Jeremy,
2008/7/3 Jeremy Allison <jra@samba.org>:[color=blue][color=green]
>> This difference actually has a harm effect: Windows client thinks that
>> a driver is changed on the server and reloads it from the Samba server
>> on each opening of the printer properties. This is quite noticeable
>> for large drivers as network consumption increases.
>>
>> We could normalize name in
>> rpc_parse/rpc_parse_spoolss.c:spoolss_io_q_enumprinterdrivers()
>> (reffering to 3-0-stable source) or could strip/normalize in
>> enumprinterdrivers_level2(). Not sure which way is better and safer.
>>
>> This logical error exists in rpc code in 3-0 and upwards.[/color]
>
> Alexander, can you test this patch for me please ?
>
> Should fix all uses of \\[\\..]servername to be
> a canonical \\servername.[/color]
Sorry for slow responses, I'm on vacation with my family and only have
ten or so minutes per day to check email/look through the code. I see
you put the fix into v3-0-test, I'll ask a reporter to re-test.
--
/ Alexander Bokovoy
Re: [Q] enumprinterdrivers 2|3 is broken
2008/7/3 Alexander Bokovoy <ab@samba.org>:[color=blue][color=green]
>> Alexander, can you test this patch for me please ?
>>
>> Should fix all uses of \\[\\..]servername to be
>> a canonical \\servername.[/color]
> Sorry for slow responses, I'm on vacation with my family and only have
> ten or so minutes per day to check email/look through the code. I see
> you put the fix into v3-0-test, I'll ask a reporter to re-test.[/color]
Quick test showed that printer properties are indeed displayed
correctly now from Windows machines. The impact on traffic use while
downloading drivers will be measured next week when the reporter will
have an opportunity to upgrade a production network.
--
/ Alexander Bokovoy
Re: [Q] enumprinterdrivers 2|3 is broken
Jeremy,
2008/7/9 Jeremy Allison <jra@samba.org>:[color=blue][color=green][color=darkred]
>> > you put the fix into v3-0-test, I'll ask a reporter to re-test.[/color]
>> Quick test showed that printer properties are indeed displayed
>> correctly now from Windows machines. The impact on traffic use while
>> downloading drivers will be measured next week when the reporter will
>> have an opportunity to upgrade a production network.[/color]
>
> Ping. Did this fix help ?[/color]
Just got back to internet connection after a week in forests. Asked a
bug reporter on production update and haven't got response yet. I'll
be back at home on Monday, more info by that time, I think.
--
/ Alexander Bokovoy
