The Samba-Bugzilla – Attachment 2075 Details for
Bug 3967
Problem accessing shares after upgrade to 3.0.23a with smbclient
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
look (text/plain), 12.15 KB, created by
Jeremy Allison
on 2006-07-28 16:13:09 UTC
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2006-07-28 16:13:09 UTC
Size:
12.15 KB
patch
obsolete
>Index: libsmb/smb_signing.c >=================================================================== >--- libsmb/smb_signing.c (revision 17290) >+++ libsmb/smb_signing.c (working copy) >@@ -23,9 +23,10 @@ > > /* Lookup a packet's MID (multiplex id) and figure out it's sequence number */ > struct outstanding_packet_lookup { >+ struct outstanding_packet_lookup *prev, *next; > uint16 mid; > uint32 reply_seq_num; >- struct outstanding_packet_lookup *prev, *next; >+ BOOL can_delete; /* Set to False in trans state. */ > }; > > struct smb_basic_signing_context { >@@ -51,6 +52,7 @@ > > t->mid = mid; > t->reply_seq_num = reply_seq_num; >+ t->can_delete = True; > > /* > * Add to the *start* of the list not the end of the list. >@@ -77,14 +79,29 @@ > *reply_seq_num = t->reply_seq_num; > DEBUG(10,("get_sequence_for_reply: found seq = %u mid = %u\n", > (unsigned int)t->reply_seq_num, (unsigned int)t->mid )); >- DLIST_REMOVE(*list, t); >- SAFE_FREE(t); >+ if (t->can_delete) { >+ DLIST_REMOVE(*list, t); >+ SAFE_FREE(t); >+ } > return True; > } > } > return False; > } > >+static BOOL set_sequence_can_delete_flag(struct outstanding_packet_lookup **list, uint16 mid, BOOL can_delete_entry) >+{ >+ struct outstanding_packet_lookup *t; >+ >+ for (t = *list; t; t = t->next) { >+ if (t->mid == mid) { >+ t->can_delete = can_delete_entry; >+ return True; >+ } >+ } >+ return False; >+} >+ > /*********************************************************** > SMB signing - Common code before we set a new signing implementation > ************************************************************/ >@@ -580,6 +597,52 @@ > } > > /*********************************************************** >+ Enter trans/trans2/nttrans state. >+************************************************************/ >+ >+BOOL client_set_trans_sign_state_on(struct cli_state *cli, uint16 mid) >+{ >+ struct smb_sign_info *si = &cli->sign_info; >+ struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context; >+ >+ if (!si->doing_signing) { >+ return True; >+ } >+ >+ if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, False)) { >+ return False; >+ } >+ >+ return True; >+} >+ >+/*********************************************************** >+ Leave trans/trans2/nttrans state. >+************************************************************/ >+ >+BOOL client_set_trans_sign_state_off(struct cli_state *cli, uint16 mid) >+{ >+ uint32 reply_seq_num; >+ struct smb_sign_info *si = &cli->sign_info; >+ struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context; >+ >+ if (!si->doing_signing) { >+ return True; >+ } >+ >+ if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, True)) { >+ return False; >+ } >+ >+ /* Now delete the stored mid entry. */ >+ if (!get_sequence_for_reply(&data->outstanding_packet_list, mid, &reply_seq_num)) { >+ return False; >+ } >+ >+ return True; >+} >+ >+/*********************************************************** > SMB signing - Server implementation - send the MAC. > ************************************************************/ > >Index: libsmb/clitrans.c >=================================================================== >--- libsmb/clitrans.c (revision 17290) >+++ libsmb/clitrans.c (working copy) >@@ -95,9 +95,14 @@ > return False; > } > >+ /* Note we're in a trans state. Save the sequence >+ * numbers for replies. */ >+ client_set_trans_sign_state_on(cli, mid); >+ > if (this_ldata < ldata || this_lparam < lparam) { > /* receive interim response */ > if (!cli_receive_smb(cli) || cli_is_error(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return(False); > } > >@@ -139,6 +144,7 @@ > > show_msg(cli->outbuf); > if (!cli_send_smb(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return False; > } > >@@ -150,9 +156,6 @@ > } > } > >- /* Note we're in a trans state. Save the sequence >- * numbers for replies. */ >- > return(True); > } > >@@ -168,6 +171,7 @@ > unsigned int total_param=0; > unsigned int this_data,this_param; > NTSTATUS status; >+ BOOL ret = False; > > *data_len = *param_len = 0; > >@@ -182,7 +186,7 @@ > DEBUG(0,("Expected %s response, got command 0x%02x\n", > trans==SMBtrans?"SMBtrans":"SMBtrans2", > CVAL(cli->inbuf,smb_com))); >- return(False); >+ return False; > } > > /* >@@ -194,7 +198,7 @@ > status = cli_nt_error(cli); > > if (NT_STATUS_IS_ERR(status) || NT_STATUS_EQUAL(status,STATUS_NO_MORE_FILES)) { >- return False; >+ goto out; > } > > /* parse out the lengths */ >@@ -206,7 +210,7 @@ > *data = SMB_REALLOC(*data,total_data); > if (!(*data)) { > DEBUG(0,("cli_receive_trans: failed to enlarge data buffer\n")); >- return False; >+ goto out; > } > } > >@@ -214,7 +218,7 @@ > *param = SMB_REALLOC(*param,total_param); > if (!(*param)) { > DEBUG(0,("cli_receive_trans: failed to enlarge param buffer\n")); >- return False; >+ goto out; > } > } > >@@ -225,7 +229,7 @@ > if (this_data + *data_len > total_data || > this_param + *param_len > total_param) { > DEBUG(1,("Data overflow in cli_receive_trans\n")); >- return False; >+ goto out; > } > > if (this_data + *data_len < this_data || >@@ -233,7 +237,7 @@ > this_param + *param_len < this_param || > this_param + *param_len < *param_len) { > DEBUG(1,("Data overflow in cli_receive_trans\n")); >- return False; >+ goto out; > } > > if (this_data) { >@@ -245,14 +249,14 @@ > data_offset_out + this_data < data_offset_out || > data_offset_out + this_data < this_data) { > DEBUG(1,("Data overflow in cli_receive_trans\n")); >- return False; >+ goto out; > } > if (data_offset_in > cli->bufsize || > data_offset_in + this_data > cli->bufsize || > data_offset_in + this_data < data_offset_in || > data_offset_in + this_data < this_data) { > DEBUG(1,("Data overflow in cli_receive_trans\n")); >- return False; >+ goto out; > } > > memcpy(*data + data_offset_out, smb_base(cli->inbuf) + data_offset_in, this_data); >@@ -266,14 +270,14 @@ > param_offset_out + this_param < param_offset_out || > param_offset_out + this_param < this_param) { > DEBUG(1,("Param overflow in cli_receive_trans\n")); >- return False; >+ goto out; > } > if (param_offset_in > cli->bufsize || > param_offset_in + this_param > cli->bufsize || > param_offset_in + this_param < param_offset_in || > param_offset_in + this_param < this_param) { > DEBUG(1,("Param overflow in cli_receive_trans\n")); >- return False; >+ goto out; > } > > memcpy(*param + param_offset_out, smb_base(cli->inbuf) + param_offset_in, this_param); >@@ -281,11 +285,13 @@ > *data_len += this_data; > *param_len += this_param; > >- if (total_data <= *data_len && total_param <= *param_len) >+ if (total_data <= *data_len && total_param <= *param_len) { >+ ret = True; > break; >+ } > > if (!cli_receive_smb(cli)) { >- return False; >+ goto out; > } > > show_msg(cli->inbuf); >@@ -295,10 +301,10 @@ > DEBUG(0,("Expected %s response, got command 0x%02x\n", > trans==SMBtrans?"SMBtrans":"SMBtrans2", > CVAL(cli->inbuf,smb_com))); >- return(False); >+ goto out; > } > if (NT_STATUS_IS_ERR(cli_nt_error(cli))) { >- return(False); >+ goto out; > } > > /* parse out the total lengths again - they can shrink! */ >@@ -307,12 +313,16 @@ > if (SVAL(cli->inbuf,smb_tprcnt) < total_param) > total_param = SVAL(cli->inbuf,smb_tprcnt); > >- if (total_data <= *data_len && total_param <= *param_len) >+ if (total_data <= *data_len && total_param <= *param_len) { >+ ret = True; > break; >- >+ } > } > >- return(True); >+ out: >+ >+ client_set_trans_sign_state_off(cli, SVAL(cli->inbuf,smb_mid)); >+ return ret; > } > > /**************************************************************************** >@@ -379,9 +389,14 @@ > return False; > } > >+ /* Note we're in a trans state. Save the sequence >+ * numbers for replies. */ >+ client_set_trans_sign_state_on(cli, mid); >+ > if (this_ldata < ldata || this_lparam < lparam) { > /* receive interim response */ > if (!cli_receive_smb(cli) || cli_is_error(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return(False); > } > >@@ -423,6 +438,7 @@ > show_msg(cli->outbuf); > > if (!cli_send_smb(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return False; > } > >@@ -434,9 +450,6 @@ > } > } > >- /* Note we're in a trans state. Save the sequence >- * numbers for replies. */ >- > return(True); > } > >@@ -453,6 +466,7 @@ > unsigned int this_data,this_param; > uint8 eclass; > uint32 ecode; >+ BOOL ret = False; > > *data_len = *param_len = 0; > >@@ -477,7 +491,7 @@ > if (cli_is_dos_error(cli)) { > cli_dos_error(cli, &eclass, &ecode); > if (!(eclass == ERRDOS && ecode == ERRmoredata)) { >- return(False); >+ goto out; > } > } > >@@ -487,7 +501,7 @@ > if (cli_is_nt_error(cli)) { > if (!NT_STATUS_EQUAL(cli_nt_error(cli), > NT_STATUS_BUFFER_TOO_SMALL)) { >- return(False); >+ goto out; > } > } > >@@ -500,7 +514,7 @@ > *data = SMB_REALLOC(*data,total_data); > if (!(*data)) { > DEBUG(0,("cli_receive_nt_trans: failed to enlarge data buffer to %d\n",total_data)); >- return False; >+ goto out; > } > } > >@@ -508,7 +522,7 @@ > *param = SMB_REALLOC(*param,total_param); > if (!(*param)) { > DEBUG(0,("cli_receive_nt_trans: failed to enlarge param buffer to %d\n", total_param)); >- return False; >+ goto out; > } > } > >@@ -519,7 +533,7 @@ > if (this_data + *data_len > total_data || > this_param + *param_len > total_param) { > DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); >- return False; >+ goto out; > } > > if (this_data + *data_len < this_data || >@@ -527,7 +541,7 @@ > this_param + *param_len < this_param || > this_param + *param_len < *param_len) { > DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); >- return False; >+ goto out; > } > > if (this_data) { >@@ -539,14 +553,14 @@ > data_offset_out + this_data < data_offset_out || > data_offset_out + this_data < this_data) { > DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); >- return False; >+ goto out; > } > if (data_offset_in > cli->bufsize || > data_offset_in + this_data > cli->bufsize || > data_offset_in + this_data < data_offset_in || > data_offset_in + this_data < this_data) { > DEBUG(1,("Data overflow in cli_receive_nt_trans\n")); >- return False; >+ goto out; > } > > memcpy(*data + data_offset_out, smb_base(cli->inbuf) + data_offset_in, this_data); >@@ -561,14 +575,14 @@ > param_offset_out + this_param < param_offset_out || > param_offset_out + this_param < this_param) { > DEBUG(1,("Param overflow in cli_receive_nt_trans\n")); >- return False; >+ goto out; > } > if (param_offset_in > cli->bufsize || > param_offset_in + this_param > cli->bufsize || > param_offset_in + this_param < param_offset_in || > param_offset_in + this_param < this_param) { > DEBUG(1,("Param overflow in cli_receive_nt_trans\n")); >- return False; >+ goto out; > } > > memcpy(*param + param_offset_out, smb_base(cli->inbuf) + param_offset_in, this_param); >@@ -577,11 +591,13 @@ > *data_len += this_data; > *param_len += this_param; > >- if (total_data <= *data_len && total_param <= *param_len) >+ if (total_data <= *data_len && total_param <= *param_len) { >+ ret = True; > break; >+ } > > if (!cli_receive_smb(cli)) { >- return False; >+ goto out; > } > > show_msg(cli->inbuf); >@@ -590,12 +606,12 @@ > if (CVAL(cli->inbuf,smb_com) != SMBnttrans) { > DEBUG(0,("Expected SMBnttrans response, got command 0x%02x\n", > CVAL(cli->inbuf,smb_com))); >- return(False); >+ goto out; > } > if (cli_is_dos_error(cli)) { > cli_dos_error(cli, &eclass, &ecode); > if(!(eclass == ERRDOS && ecode == ERRmoredata)) { >- return(False); >+ goto out; > } > } > /* >@@ -604,7 +620,7 @@ > if (cli_is_nt_error(cli)) { > if (!NT_STATUS_EQUAL(cli_nt_error(cli), > NT_STATUS_BUFFER_TOO_SMALL)) { >- return(False); >+ goto out; > } > } > >@@ -614,9 +630,14 @@ > if (SVAL(cli->inbuf,smb_ntr_TotalParameterCount) < total_param) > total_param = SVAL(cli->inbuf,smb_ntr_TotalParameterCount); > >- if (total_data <= *data_len && total_param <= *param_len) >+ if (total_data <= *data_len && total_param <= *param_len) { >+ ret = True; > break; >+ } > } > >- return(True); >+ out: >+ >+ client_set_trans_sign_state_off(cli, SVAL(cli->inbuf,smb_mid)); >+ return ret; > }
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 3967
:
2066
|
2067
|
2074
| 2075