[SCM] Samba Shared Repository - branch v3-2-test updated - initial-v3-2-unstable-969-g5d424cb

Jeremy Allison jra at samba.org
Sun Dec 30 06:49:17 GMT 2007 

The branch, v3-2-test has been updated
       via  5d424cb3060af89bde50bc7fe2989e3c1b8e91b2 (commit)
      from  1f96389afa7250af7393489fb538b8aed93d815c (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test


- Log -----------------------------------------------------------------
commit 5d424cb3060af89bde50bc7fe2989e3c1b8e91b2
Author: Jeremy Allison <jra at samba.org>
Date:   Sat Dec 29 22:36:49 2007 -0800

    Allow encryption context setup on IPC$.
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source/smbd/trans2.c |   34 +++++++++++++++++++++++++++-------
 1 files changed, 27 insertions(+), 7 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/smbd/trans2.c b/source/smbd/trans2.c
index 21bde12..6569255 100644
--- a/source/smbd/trans2.c
+++ b/source/smbd/trans2.c
@@ -2430,7 +2430,8 @@ static void call_trans2qfsinfo(connection_struct *conn,
 
 	info_level = SVAL(params,0);
 
-	if (conn->encrypt_level == Required && SVAL(req->inbuf,4) != 0x45FF ) {
+	if (IS_IPC(conn) || 
+			(conn->encrypt_level == Required && SVAL(req->inbuf,4) != 0x45FF )) {
 		if (info_level != SMB_QUERY_CIFS_UNIX_INFO) {
 			DEBUG(0,("call_trans2qfsinfo: encryption required "
 				"and info level 0x%x sent.\n",
@@ -2981,6 +2982,17 @@ static void call_trans2setfsinfo(connection_struct *conn,
 
 	info_level = SVAL(params,2);
 
+	if (IS_IPC(conn)) {
+		if (info_level != SMB_REQUEST_TRANSPORT_ENCRYPTION &&
+				info_level != SMB_SET_CIFS_UNIX_INFO) {
+			DEBUG(0,("call_trans2setfsinfo: not an allowed "
+				"info level (0x%x) on IPC$.\n",
+				(unsigned int)info_level));
+			reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+			return;
+		}
+	}
+
 	if (conn->encrypt_level == Required && SVAL(req->inbuf,4) != 0x45FF ) {
 		if (info_level != SMB_REQUEST_TRANSPORT_ENCRYPTION) {
 			DEBUG(0,("call_trans2setfsinfo: encryption required "
@@ -7276,12 +7288,20 @@ void reply_trans2(connection_struct *conn, struct smb_request *req)
 		return;
 	}
 
-	if (IS_IPC(conn) && (tran_call != TRANSACT2_OPEN)
-            && (tran_call != TRANSACT2_GET_DFS_REFERRAL)
-            && (tran_call != TRANSACT2_QFILEINFO)) {
-		reply_doserror(req, ERRSRV, ERRaccess);
-		END_PROFILE(SMBtrans2);
-		return;
+	if (IS_IPC(conn)) {
+		switch (tran_call) {
+		/* List the allowed trans2 calls on IPC$ */
+		case TRANSACT2_OPEN:
+		case TRANSACT2_GET_DFS_REFERRAL:
+		case TRANSACT2_QFILEINFO:
+		case TRANSACT2_QFSINFO:
+		case TRANSACT2_SETFSINFO:
+			break;
+		default:
+			reply_doserror(req, ERRSRV, ERRaccess);
+			END_PROFILE(SMBtrans2);
+			return;
+		}
 	}
 
 	if ((state = TALLOC_P(conn->mem_ctx, struct trans_state)) == NULL) {


-- 
Samba Shared Repository

More information about the samba-cvs mailing list