The Samba-Bugzilla – Attachment 3288 Details for
Bug 5436
Reports "Server packet had invalid SMB signature" with some Win2K servers
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
5436.diff (text/plain), 5.37 KB, created by
Volker Lendecke
on 2008-05-13 10:07:01 UTC
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Volker Lendecke
Created:
2008-05-13 10:07:01 UTC
Size:
5.37 KB
patch
obsolete
>diff --git a/source/libsmb/clitrans.c b/source/libsmb/clitrans.c >index f43a2aa..441f5a0 100644 >--- a/source/libsmb/clitrans.c >+++ b/source/libsmb/clitrans.c >@@ -95,9 +95,14 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, > return False; > } > >+ /* Note we're in a trans state. Save the sequence >+ * numbers for replies. */ >+ client_set_trans_sign_state_on(cli, mid); >+ > if (this_ldata < ldata || this_lparam < lparam) { > /* receive interim response */ > if (!cli_receive_smb(cli) || cli_is_error(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return(False); > } > >@@ -108,6 +113,9 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, > this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */ > this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam)); > >+ client_set_trans_sign_state_off(cli, mid); >+ client_set_trans_sign_state_on(cli, mid); >+ > set_message(cli->outbuf,trans==SMBtrans?8:9,0,True); > SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2)); > >@@ -139,6 +147,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, > > show_msg(cli->outbuf); > if (!cli_send_smb(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return False; > } > >@@ -317,6 +326,7 @@ BOOL cli_receive_trans(struct cli_state *cli,int trans, > > out: > >+ client_set_trans_sign_state_off(cli, SVAL(cli->inbuf,smb_mid)); > return ret; > } > >@@ -384,9 +394,14 @@ BOOL cli_send_nt_trans(struct cli_state *cli, > return False; > } > >+ /* Note we're in a trans state. Save the sequence >+ * numbers for replies. */ >+ client_set_trans_sign_state_on(cli, mid); >+ > if (this_ldata < ldata || this_lparam < lparam) { > /* receive interim response */ > if (!cli_receive_smb(cli) || cli_is_error(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return(False); > } > >@@ -428,6 +443,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli, > show_msg(cli->outbuf); > > if (!cli_send_smb(cli)) { >+ client_set_trans_sign_state_off(cli, mid); > return False; > } > >@@ -627,5 +643,6 @@ BOOL cli_receive_nt_trans(struct cli_state *cli, > > out: > >+ client_set_trans_sign_state_off(cli, SVAL(cli->inbuf,smb_mid)); > return ret; > } >diff --git a/source/libsmb/smb_signing.c b/source/libsmb/smb_signing.c >index 6768c2a..df74b2d 100644 >--- a/source/libsmb/smb_signing.c >+++ b/source/libsmb/smb_signing.c >@@ -26,6 +26,7 @@ struct outstanding_packet_lookup { > struct outstanding_packet_lookup *prev, *next; > uint16 mid; > uint32 reply_seq_num; >+ BOOL can_delete; /* Set to False in trans state. */ > }; > > struct smb_basic_signing_context { >@@ -42,9 +43,7 @@ static BOOL store_sequence_for_reply(struct outstanding_packet_lookup **list, > /* Ensure we only add a mid once. */ > for (t = *list; t; t = t->next) { > if (t->mid == mid) { >- DLIST_REMOVE(*list, t); >- SAFE_FREE(t); >- break; >+ return False; > } > } > >@@ -53,6 +52,7 @@ static BOOL store_sequence_for_reply(struct outstanding_packet_lookup **list, > > t->mid = mid; > t->reply_seq_num = reply_seq_num; >+ t->can_delete = True; > > /* > * Add to the *start* of the list not the end of the list. >@@ -79,8 +79,23 @@ static BOOL get_sequence_for_reply(struct outstanding_packet_lookup **list, > *reply_seq_num = t->reply_seq_num; > DEBUG(10,("get_sequence_for_reply: found seq = %u mid = %u\n", > (unsigned int)t->reply_seq_num, (unsigned int)t->mid )); >- DLIST_REMOVE(*list, t); >- SAFE_FREE(t); >+ if (t->can_delete) { >+ DLIST_REMOVE(*list, t); >+ SAFE_FREE(t); >+ } >+ return True; >+ } >+ } >+ return False; >+} >+ >+static BOOL set_sequence_can_delete_flag(struct outstanding_packet_lookup **list, uint16 mid, BOOL can_delete_entry) >+{ >+ struct outstanding_packet_lookup *t; >+ >+ for (t = *list; t; t = t->next) { >+ if (t->mid == mid) { >+ t->can_delete = can_delete_entry; > return True; > } > } >@@ -589,6 +604,60 @@ BOOL cli_check_sign_mac(struct cli_state *cli) > } > > /*********************************************************** >+ Enter trans/trans2/nttrans state. >+************************************************************/ >+ >+BOOL client_set_trans_sign_state_on(struct cli_state *cli, uint16 mid) >+{ >+ struct smb_sign_info *si = &cli->sign_info; >+ struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context; >+ >+ if (!si->doing_signing) { >+ return True; >+ } >+ >+ if (!data) { >+ return False; >+ } >+ >+ if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, False)) { >+ return False; >+ } >+ >+ return True; >+} >+ >+/*********************************************************** >+ Leave trans/trans2/nttrans state. >+************************************************************/ >+ >+BOOL client_set_trans_sign_state_off(struct cli_state *cli, uint16 mid) >+{ >+ uint32 reply_seq_num; >+ struct smb_sign_info *si = &cli->sign_info; >+ struct smb_basic_signing_context *data = (struct smb_basic_signing_context *)si->signing_context; >+ >+ if (!si->doing_signing) { >+ return True; >+ } >+ >+ if (!data) { >+ return False; >+ } >+ >+ if (!set_sequence_can_delete_flag(&data->outstanding_packet_list, mid, True)) { >+ return False; >+ } >+ >+ /* Now delete the stored mid entry. */ >+ if (!get_sequence_for_reply(&data->outstanding_packet_list, mid, &reply_seq_num)) { >+ return False; >+ } >+ >+ return True; >+} >+ >+/*********************************************************** > SMB signing - Server implementation - send the MAC. > ************************************************************/ >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 5436
:
3274
|
3283
|
3284
| 3288 |
6039