From 57ee1ea819817bf671f7088c0bda5dfece00a745 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 13 Jun 2012 12:11:51 +0200 Subject: [PATCH 1/3] s3:smbd: try to make fsp->fh->gen_id as globally unique as possible This makes sure the value is never 0 nor UINT64_MAX. metze --- source3/smbd/files.c | 14 +++++++++++++- 1 files changed, 13 insertions(+), 1 deletions(-) diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 97db348..0615207 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -28,12 +28,20 @@ #define FILE_HANDLE_OFFSET 0x1000 /**************************************************************************** - Return a unique number identifying this fsp over the life of this pid. + Return a unique number identifying this fsp over the life of this pid, + and try to make it as globally unique as possible. ****************************************************************************/ static unsigned long get_gen_count(struct smbd_server_connection *sconn) { + if (sconn->file_gen_counter == 0) { + generate_random_buffer(&sconn->file_gen_counter, + sizeof(sconn->file_gen_counter)); + } sconn->file_gen_counter += 1; + if (sconn->file_gen_counter == UINT64_MAX) { + sconn->file_gen_counter = 0; + } if (sconn->file_gen_counter == 0) { sconn->file_gen_counter += 1; } @@ -315,6 +323,10 @@ files_struct *file_find_dif(struct smbd_server_connection *sconn, int count=0; files_struct *fsp; + if (gen_id == 0) { + return NULL; + } + for (fsp=sconn->files; fsp; fsp=fsp->next,count++) { /* We can have a fsp->fh->fd == -1 here as it could be a stat open. */ if (file_id_equal(&fsp->file_id, &id) && -- 1.7.4.1 From a7a95fd4d785edead63919fbc6d2423c9b82cc9b Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 13 Jun 2012 15:40:23 +0200 Subject: [PATCH 2/3] s3:smbd: only set fsp->fh->gen for a client connection For faked connections, like dfs and printing, we leave it as 0. metze --- source3/smbd/files.c | 3 ++- 1 files changed, 2 insertions(+), 1 deletions(-) diff --git a/source3/smbd/files.c b/source3/smbd/files.c index 0615207..c7fa873 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -113,7 +113,6 @@ NTSTATUS file_new(struct smb_request *req, connection_struct *conn, fsp->fnum = -1; fsp->conn = conn; - fsp->fh->gen_id = get_gen_count(sconn); GetTimeOfDay(&fsp->open_time); if (sconn->file_bmap != NULL) { @@ -123,6 +122,8 @@ NTSTATUS file_new(struct smb_request *req, connection_struct *conn, fsp->fnum = i + FILE_HANDLE_OFFSET; SMB_ASSERT(fsp->fnum < 65536); + + fsp->fh->gen_id = get_gen_count(sconn); } DLIST_ADD(sconn->files, fsp); -- 1.7.4.1 From da724623447687040dd2db503830c055bcfe407c Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 13 Jun 2012 12:13:01 +0200 Subject: [PATCH 3/3] s3:smbd: use fsp->fh->gen_id as persistent_file_id part for SMB2 (bug #8995) metze --- source3/smbd/files.c | 8 ++++---- source3/smbd/smb2_break.c | 2 +- source3/smbd/smb2_create.c | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/source3/smbd/files.c b/source3/smbd/files.c index c7fa873..6377913 100644 --- a/source3/smbd/files.c +++ b/source3/smbd/files.c @@ -601,10 +601,6 @@ struct files_struct *file_fsp_smb2(struct smbd_smb2_request *smb2req, return smb2req->compat_chain_fsp; } - if (persistent_id != volatile_id) { - return NULL; - } - if (volatile_id > UINT16_MAX) { return NULL; } @@ -614,6 +610,10 @@ struct files_struct *file_fsp_smb2(struct smbd_smb2_request *smb2req, return NULL; } + if (persistent_id != (uint64_t)fsp->fh->gen_id) { + return NULL; + } + if (smb2req->tcon == NULL) { return NULL; } diff --git a/source3/smbd/smb2_break.c b/source3/smbd/smb2_break.c index 75505e5..93f5ca3 100644 --- a/source3/smbd/smb2_break.c +++ b/source3/smbd/smb2_break.c @@ -245,7 +245,7 @@ void send_break_message_smb2(files_struct *fsp, int level) (unsigned int)smb2_oplock_level )); status = smbd_smb2_send_oplock_break(fsp->conn->sconn, - (uint64_t)fsp->fnum, + (uint64_t)fsp->fh->gen_id, (uint64_t)fsp->fnum, smb2_oplock_level); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 2aedfb6..b3b366e 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -822,7 +822,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx, if (state->out_file_attributes == 0) { state->out_file_attributes = FILE_ATTRIBUTE_NORMAL; } - state->out_file_id_persistent = result->fnum; + state->out_file_id_persistent = result->fh->gen_id; state->out_file_id_volatile = result->fnum; state->out_context_blobs = out_context_blobs; -- 1.7.4.1