The Samba-Bugzilla – Attachment 6679 Details for
Bug 8292
Disable SMB2 for 3.6
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for v3-6-test
tmp.diff (text/plain), 12.11 KB, created by
Stefan Metzmacher
on 2011-07-11 19:42:47 UTC
(
hide
)
Description:
Patch for v3-6-test
Filename:
MIME Type:
Creator:
Stefan Metzmacher
Created:
2011-07-11 19:42:47 UTC
Size:
12.11 KB
patch
obsolete
>From 1c83fdd28015e66ad39a48131b4f0899ade4e7ea Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Mon, 4 Jul 2011 15:57:20 +0200 >Subject: [PATCH 1/3] s3:smb2_server: there's no reason to check the session id twice on a smb2_tcon request > >metze > >Autobuild-User: Stefan Metzmacher <metze@samba.org> >Autobuild-Date: Mon Jul 4 17:34:13 CEST 2011 on sn-devel-104 >(cherry picked from commit 7c96e96e9881ec1ad7b41f0ab241a5b0ac17b93f) >--- > source3/smbd/smb2_server.c | 5 ----- > 1 files changed, 0 insertions(+), 5 deletions(-) > >diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c >index 0944e57..fab7028 100644 >--- a/source3/smbd/smb2_server.c >+++ b/source3/smbd/smb2_server.c >@@ -1172,11 +1172,6 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >- status = smbd_smb2_request_check_session(req); >- if (!NT_STATUS_IS_OK(status)) { >- return_value = smbd_smb2_request_error(req, status); >- break; >- } > > { > START_PROFILE(smb2_tcon); >-- >1.7.4.1 > > >From 54ecfd8eedccd6692b82e15312c351d07a7d585f Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Thu, 7 Jul 2011 16:38:33 +0200 >Subject: [PATCH 2/3] s3:smb2_server: call change_to_root_user() or smbd_smb2_request_check_tcon() > >For all requests which don't operate on a tcon, we should call >change_to_root_user(), to match the SMB1 behavior. > >For SMB1 we do the following operations without AS_USER: > >/* 0x70 */ { "SMBtcon",reply_tcon,0}, >/* 0x71 */ { "SMBtdis",reply_tdis,DO_CHDIR}, >/* 0x72 */ { "SMBnegprot",reply_negprot,0}, >/* 0x73 */ { "SMBsesssetupX",reply_sesssetup_and_X,0}, >/* 0x74 */ { "SMBulogoffX",reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */ >/* 0x75 */ { "SMBtconX",reply_tcon_and_X,0}, >... >/* 0x2b */ { "SMBecho",reply_echo,0}, >... >/* 0xa4 */ { "SMBntcancel",reply_ntcancel, 0 }, > >For SMB2tdis we still call smbd_smb2_request_check_tcon() >as close_cnum() calls change_to_root_user() when needed. > >metze > >Signed-off-by: Jeremy Allison <jra@samba.org> >(cherry picked from commit eea210eba7c20e6d04b13cf8ccd3011ee7c99157) >--- > source3/smbd/smb2_server.c | 29 ++++++++++++++++++++++++++--- > 1 files changed, 26 insertions(+), 3 deletions(-) > >diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c >index fab7028..242647c 100644 >--- a/source3/smbd/smb2_server.c >+++ b/source3/smbd/smb2_server.c >@@ -1139,6 +1139,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > > switch (opcode) { > case SMB2_OP_NEGPROT: >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ > { > START_PROFILE(smb2_negprot); > return_value = smbd_smb2_request_process_negprot(req); >@@ -1147,6 +1150,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > > case SMB2_OP_SESSSETUP: >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ > { > START_PROFILE(smb2_sesssetup); > return_value = smbd_smb2_request_process_sesssetup(req); >@@ -1160,6 +1166,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > } > >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ > { > START_PROFILE(smb2_logoff); > return_value = smbd_smb2_request_process_logoff(req); >@@ -1173,6 +1182,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > } > >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ > { > START_PROFILE(smb2_tcon); > return_value = smbd_smb2_request_process_tcon(req); >@@ -1190,6 +1202,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, status); > break; > } >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ > > { > START_PROFILE(smb2_tdis); >@@ -1333,6 +1348,9 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > > case SMB2_OP_CANCEL: >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ > { > START_PROFILE(smb2_cancel); > return_value = smbd_smb2_request_process_cancel(req); >@@ -1341,9 +1359,14 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > > case SMB2_OP_KEEPALIVE: >- {START_PROFILE(smb2_keepalive); >- return_value = smbd_smb2_request_process_keepalive(req); >- END_PROFILE(smb2_keepalive);} >+ /* This call needs to be run as root */ >+ change_to_root_user(); >+ >+ { >+ START_PROFILE(smb2_keepalive); >+ return_value = smbd_smb2_request_process_keepalive(req); >+ END_PROFILE(smb2_keepalive); >+ } > break; > > case SMB2_OP_FIND: >-- >1.7.4.1 > > >From 95593d8b568bd7cf19355e140770d9fc6e0dbee6 Mon Sep 17 00:00:00 2001 >From: Stefan Metzmacher <metze@samba.org> >Date: Fri, 8 Jul 2011 09:08:39 +0200 >Subject: [PATCH 3/3] s3:smb2_server: add some comments about change_to_user() and change_to_root_user() > >metze > >Autobuild-User: Stefan Metzmacher <metze@samba.org> >Autobuild-Date: Fri Jul 8 13:45:46 CEST 2011 on sn-devel-104 >(cherry picked from commit dbfb88aef30a755c29015bff4699eb17925a4988) >--- > source3/smbd/smb2_server.c | 100 +++++++++++++++++++++++++++++++++++++++++++- > 1 files changed, 98 insertions(+), 2 deletions(-) > >diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c >index 242647c..91c1703 100644 >--- a/source3/smbd/smb2_server.c >+++ b/source3/smbd/smb2_server.c >@@ -1104,6 +1104,14 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER); > } > >+ /* >+ * Check if the client provided a valid session id, >+ * if so smbd_smb2_request_check_session() calls >+ * set_current_user_info(). >+ * >+ * As some command don't require a valid session id >+ * we defer the check of the session_status >+ */ > session_status = smbd_smb2_request_check_session(req); > > req->do_signing = false; >@@ -1182,7 +1190,13 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > } > >- /* This call needs to be run as root */ >+ /* >+ * This call needs to be run as root. >+ * >+ * smbd_smb2_request_process_tcon() >+ * calls make_connection_snum(), which will call >+ * change_to_user(), when needed. >+ */ > change_to_root_user(); > > { >@@ -1197,6 +1211,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1218,6 +1238,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1236,6 +1262,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1254,6 +1286,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1272,6 +1310,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1290,6 +1334,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1312,6 +1362,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > /* Too ugly to live ? JRA. */ >@@ -1334,6 +1390,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1348,7 +1410,11 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > break; > > case SMB2_OP_CANCEL: >- /* This call needs to be run as root */ >+ /* >+ * This call needs to be run as root >+ * >+ * That is what we also do in the SMB1 case. >+ */ > change_to_root_user(); > > { >@@ -1374,6 +1440,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1392,6 +1464,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1410,6 +1488,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1428,6 +1512,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >@@ -1446,6 +1536,12 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) > return_value = smbd_smb2_request_error(req, session_status); > break; > } >+ /* >+ * This call needs to be run as user. >+ * >+ * smbd_smb2_request_check_tcon() >+ * calls change_to_user() on success. >+ */ > status = smbd_smb2_request_check_tcon(req); > if (!NT_STATUS_IS_OK(status)) { > return_value = smbd_smb2_request_error(req, status); >-- >1.7.4.1 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=6679">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Flags:
vl
:
review+
Actions:
View
Attachments on
bug 8292
:
6669
|
6671
|
6672
| 6679