From d1112b03709b5e2695d00a4d71b46da01e15fd79 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 18 Jun 2012 16:23:13 -0700 Subject: [PATCH 1/2] Fix Bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params Found by Richard Sharpe . The correct command code in a reply to NT Transact Secondary (0xa1) is NT Transact (0xa0). --- source3/smbd/nttrans.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 429250e..e87d132 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -144,11 +144,6 @@ void send_nt_replies(connection_struct *conn, + data_alignment_offset); /* - * We might have had SMBnttranss in req->inbuf, fix that. - */ - SCVAL(req->outbuf, smb_com, SMBnttrans); - - /* * Set total params and data to be sent. */ @@ -3255,6 +3250,12 @@ void reply_nttranss(struct smb_request *req) show_msg((char *)req->inbuf); + /* Windows clients expect all replies to + an NT transact secondary (SMBnttranss 0xA1) + to have a command code of NT transact + (SMBnttrans 0xA0). See bug #8989 for details. */ + req->cmd = SMBnttrans; + if (req->wct < 18) { reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBnttranss); -- 1.7.9.5 From 4ec5c4e7f9f7d9493f297325d60ebe1408f0d2cf Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 18 Jun 2012 16:24:12 -0700 Subject: [PATCH 2/2] Same fix as bug 8989 - Samba 3.5.x (and probably all other versions of Samba) does not send correct responses to NT Transact Secondary when no data and no params for the Trans2 calls. See MS-CIFS 2.2.4.47.2 for details. --- source3/smbd/trans2.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index c7cf1a2..9514c72 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -863,12 +863,6 @@ void send_trans2_replies(connection_struct *conn, reply_outbuf(req, 10, total_sent_thistime + alignment_offset + data_alignment_offset); - /* - * We might have SMBtrans2s in req which was transferred to - * the outbuf, fix that. - */ - SCVAL(req->outbuf, smb_com, SMBtrans2); - /* Set total params and data to be sent */ SSVAL(req->outbuf,smb_tprcnt,paramsize); SSVAL(req->outbuf,smb_tdrcnt,datasize); @@ -8839,6 +8833,15 @@ void reply_transs2(struct smb_request *req) show_msg((char *)req->inbuf); + /* Windows clients expect all replies to + a transact secondary (SMBtranss2 0x33) + to have a command code of transact + (SMBtrans2 0x32). See bug #8989 + and also [MS-CIFS] section 2.2.4.47.2 + for details. + */ + req->cmd = SMBtrans2; + if (req->wct < 8) { reply_nterror(req, NT_STATUS_INVALID_PARAMETER); END_PROFILE(SMBtranss2); -- 1.7.9.5