[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Thu Aug 25 15:07:02 MDT 2011


The branch, master has been updated
       via  faa769e s3: Fix the build of vfs_aixacl2.c
       via  7781043 s3: Remove a bogus comment
       via  f533b50 s3: Pass smbd_server_connection to (unused) server_encryption_shutdown
       via  7e70f85 s3: Pass smbd_server_connection to srv_encrypt_buffer
       via  d4c4705 s3: Pass smbd_server_connection to srv_decrypt_buffer
       via  08262fe s3: Pass smbd_server_connection to srv_free_enc_buffer
       via  f9ef138 s3: Pass smbd_server_connection to is_encrypted_packet
       via  b4b9918 s3: Pass sconn to valid_smb_header
       via  4cb6e12 s3: Explicitly pass smb_srv_trans_enc_ctx to srv_enc_ctx
       via  16888be s3: Fix some nonempty blank lines
      from  50e30af s3: Fix bug 8385

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit faa769ec19b6486675048734837a6e2237d6f0a4
Author: SATOH Fumiyasu <fumiyas at osstech.co.jp>
Date:   Mon Aug 22 13:48:40 2011 +0900

    s3: Fix the build of vfs_aixacl2.c
    
    Autobuild-User: Volker Lendecke <vlendec at samba.org>
    Autobuild-Date: Thu Aug 25 23:06:12 CEST 2011 on sn-devel-104

commit 77810431c9568fa8a4047dc8c9eb19768f1e20a1
Author: Volker Lendecke <vl at samba.org>
Date:   Thu Aug 25 17:22:13 2011 +0200

    s3: Remove a bogus comment

commit f533b501051e9463a6398f3ae5eeb87a98343346
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 17:02:22 2011 +0200

    s3: Pass smbd_server_connection to (unused) server_encryption_shutdown

commit 7e70f85350c81f2b820d83da0d5d3ea46655e219
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 17:00:42 2011 +0200

    s3: Pass smbd_server_connection to srv_encrypt_buffer

commit d4c4705e5593a8f048da406fff596229d31d4151
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 16:58:51 2011 +0200

    s3: Pass smbd_server_connection to srv_decrypt_buffer

commit 08262fe9647f961bfb2b1eb2b7b9e8ed0318e466
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 16:52:25 2011 +0200

    s3: Pass smbd_server_connection to srv_free_enc_buffer

commit f9ef138ec7a7a6507e0bd9d7d8753027c002b562
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 16:49:20 2011 +0200

    s3: Pass smbd_server_connection to is_encrypted_packet

commit b4b9918cc80ffae55c0c75a93c229c7a29bbb230
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 16:44:01 2011 +0200

    s3: Pass sconn to valid_smb_header

commit 4cb6e1284c362aa0eabdb7d4f964390a0a455bd3
Author: Volker Lendecke <vl at samba.org>
Date:   Fri Aug 5 16:22:48 2011 +0200

    s3: Explicitly pass smb_srv_trans_enc_ctx to srv_enc_ctx

commit 16888be44a9d75f2770e4e7271d4a8d1b3e837f1
Author: Volker Lendecke <vl at samba.org>
Date:   Sat Jun 25 15:14:25 2011 +0200

    s3: Fix some nonempty blank lines

-----------------------------------------------------------------------

Summary of changes:
 source3/lib/ctdbd_conn.c       |    4 ----
 source3/lib/messages_ctdbd.c   |    6 +++---
 source3/modules/vfs_aixacl2.c  |    1 +
 source3/nmbd/nmbd_winsserver.c |    6 +++---
 source3/smbd/process.c         |   21 +++++++++++----------
 source3/smbd/proto.h           |   13 +++++++------
 source3/smbd/reply.c           |    9 +++++----
 source3/smbd/seal.c            |   18 ++++++++++--------
 8 files changed, 40 insertions(+), 38 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/lib/ctdbd_conn.c b/source3/lib/ctdbd_conn.c
index 79dc1f2..1b4f9ac 100644
--- a/source3/lib/ctdbd_conn.c
+++ b/source3/lib/ctdbd_conn.c
@@ -1358,10 +1358,6 @@ NTSTATUS ctdbd_register_ips(struct ctdbd_connection *conn,
 	}
 
 	conn->release_ip_handler = release_ip_handler;
-	/*
-	 * store the IP address of the server socket for later
-	 * comparison in release_ip()
-	 */
 	conn->release_ip_priv = private_data;
 
 	/*
diff --git a/source3/lib/messages_ctdbd.c b/source3/lib/messages_ctdbd.c
index b9ee049..3140f65 100644
--- a/source3/lib/messages_ctdbd.c
+++ b/source3/lib/messages_ctdbd.c
@@ -2,17 +2,17 @@
    Unix SMB/CIFS implementation.
    Samba internal messaging functions
    Copyright (C) 2007 by Volker Lendecke
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
diff --git a/source3/modules/vfs_aixacl2.c b/source3/modules/vfs_aixacl2.c
index e74c00f..5ded2a8 100644
--- a/source3/modules/vfs_aixacl2.c
+++ b/source3/modules/vfs_aixacl2.c
@@ -18,6 +18,7 @@
  */
 
 #include "includes.h"
+#include "system/filesys.h"
 #include "smbd/smbd.h"
 #include "nfs4_acls.h"
 
diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c
index 6ac6007..48c10e2 100644
--- a/source3/nmbd/nmbd_winsserver.c
+++ b/source3/nmbd/nmbd_winsserver.c
@@ -1878,9 +1878,9 @@ void fetch_all_active_wins_1b_names(void)
  Deal with the special name query for *<1b>.
 ***********************************************************************/
 
-static void process_wins_dmb_query_request(struct subnet_record *subrec,  
+static void process_wins_dmb_query_request(struct subnet_record *subrec,
                                            struct packet_struct *p)
-{  
+{
 	struct name_record *namerec = NULL;
 	char *prdata;
 	int num_ips;
@@ -2156,7 +2156,7 @@ received for name %s from IP %s on subnet %s. Error - should not be sent to WINS
 			nmb_namestr(question), inet_ntoa(from_ip), subrec->subnet_name));
 		return;
 	}
-  
+
 	DEBUG(3,("wins_process_name_release_request: %s name release for name %s \
 IP %s\n", releasing_group_name ? "Group" : "Unique", nmb_namestr(question), inet_ntoa(from_ip) ));
 
diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 6d391df..a60d77e 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -144,7 +144,7 @@ bool srv_send_smb(struct smbd_server_connection *sconn, char *buffer,
 	}
 
 	if (do_encrypt) {
-		NTSTATUS status = srv_encrypt_buffer(buffer, &buf_out);
+		NTSTATUS status = srv_encrypt_buffer(sconn, buffer, &buf_out);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(0, ("send_smb: SMB encryption failed "
 				"on outgoing packet! Error %s\n",
@@ -168,12 +168,12 @@ bool srv_send_smb(struct smbd_server_connection *sconn, char *buffer,
 			 get_peer_addr(sconn->sock, addr, sizeof(addr)),
 			 (int)ret, strerror(errno) ));
 
-		srv_free_enc_buffer(buf_out);
+		srv_free_enc_buffer(sconn, buf_out);
 		goto out;
 	}
 
 	SMB_PERFCOUNT_SET_MSGLEN_OUT(pcd, len);
-	srv_free_enc_buffer(buf_out);
+	srv_free_enc_buffer(sconn, buf_out);
 out:
 	SMB_PERFCOUNT_END(pcd);
 
@@ -199,9 +199,10 @@ int srv_set_message(char *buf,
 	return (smb_size + num_words*2 + num_bytes);
 }
 
-static bool valid_smb_header(const uint8_t *inbuf)
+static bool valid_smb_header(struct smbd_server_connection *sconn,
+			     const uint8_t *inbuf)
 {
-	if (is_encrypted_packet(inbuf)) {
+	if (is_encrypted_packet(sconn, inbuf)) {
 		return true;
 	}
 	/*
@@ -463,8 +464,8 @@ static NTSTATUS receive_smb_talloc(TALLOC_CTX *mem_ctx,
 		return status;
 	}
 
-	if (is_encrypted_packet((uint8_t *)*buffer)) {
-		status = srv_decrypt_buffer(*buffer);
+	if (is_encrypted_packet(sconn, (uint8_t *)*buffer)) {
+		status = srv_decrypt_buffer(sconn, *buffer);
 		if (!NT_STATUS_IS_OK(status)) {
 			DEBUG(0, ("receive_smb_talloc: SMB decryption failed on "
 				"incoming packet! Error %s\n",
@@ -1371,7 +1372,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in
 
 	/* Make sure this is an SMB packet. smb_size contains NetBIOS header
 	 * so subtract 4 from it. */
-	if (!valid_smb_header(req->inbuf)
+	if (!valid_smb_header(sconn, req->inbuf)
 	    || (size < (smb_size - 4))) {
 		DEBUG(2,("Non-SMB packet of length %d. Terminating server\n",
 			 smb_len(req->inbuf)));
@@ -1611,7 +1612,7 @@ static void process_smb(struct smbd_server_connection *sconn,
 		if (smbd_is_smb2_header(inbuf, nread)) {
 			smbd_smb2_first_negprot(sconn, inbuf, nread);
 			return;
-		} else if (nread >= smb_size && valid_smb_header(inbuf)
+		} else if (nread >= smb_size && valid_smb_header(sconn, inbuf)
 				&& CVAL(inbuf, smb_com) != 0x72) {
 			/* This is a non-negprot SMB1 packet.
 			   Disable SMB2 from now on. */
@@ -2665,7 +2666,7 @@ static bool smbd_echo_reply(uint8_t *inbuf, size_t inbuf_len,
 		DEBUG(10, ("Got short packet: %d bytes\n", (int)inbuf_len));
 		return false;
 	}
-	if (!valid_smb_header(inbuf)) {
+	if (!valid_smb_header(smbd_server_conn, inbuf)) {
 		DEBUG(10, ("Got invalid SMB header\n"));
 		return false;
 	}
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 289c012..d271d7f 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -48,7 +48,6 @@
 
 /* The following definitions come from smbd/signing.c  */
 
-struct smbd_server_connection;
 bool srv_check_sign_mac(struct smbd_server_connection *conn,
 			const char *inbuf, uint32_t *seqnum, bool trusted_channel);
 void srv_calculate_sign_mac(struct smbd_server_connection *conn,
@@ -937,17 +936,19 @@ void reply_getattrE(struct smb_request *req);
 
 /* The following definitions come from smbd/seal.c  */
 
-bool is_encrypted_packet(const uint8_t *inbuf);
-void srv_free_enc_buffer(char *buf);
-NTSTATUS srv_decrypt_buffer(char *buf);
-NTSTATUS srv_encrypt_buffer(char *buf, char **buf_out);
+bool is_encrypted_packet(struct smbd_server_connection *sconn,
+			 const uint8_t *inbuf);
+void srv_free_enc_buffer(struct smbd_server_connection *sconn, char *buf);
+NTSTATUS srv_decrypt_buffer(struct smbd_server_connection *sconn, char *buf);
+NTSTATUS srv_encrypt_buffer(struct smbd_server_connection *sconn, char *buf,
+			    char **buf_out);
 NTSTATUS srv_request_encryption_setup(connection_struct *conn,
 					unsigned char **ppdata,
 					size_t *p_data_size,
 					unsigned char **pparam,
 					size_t *p_param_size);
 NTSTATUS srv_encryption_start(connection_struct *conn);
-void server_encryption_shutdown(void);
+void server_encryption_shutdown(struct smbd_server_connection *sconn);
 
 /* The following definitions come from smbd/sec_ctx.c  */
 
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index cd07c6d..124c610 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -3158,7 +3158,7 @@ void reply_readbraw(struct smb_request *req)
 	START_PROFILE(SMBreadbraw);
 
 	if (srv_is_signing_active(sconn) ||
-	    is_encrypted_packet(req->inbuf)) {
+	    is_encrypted_packet(sconn, req->inbuf)) {
 		exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
 			"raw reads/writes are disallowed.");
 	}
@@ -3582,7 +3582,8 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req,
 	 */
 
 	if (!req_is_in_chain(req) &&
-	    !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
+	    !is_encrypted_packet(req->sconn, req->inbuf) &&
+	    (fsp->base_fsp == NULL) &&
 	    (fsp->wcp == NULL) &&
 	    lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
 		uint8 headerbuf[smb_size + 12 * 2];
@@ -3787,7 +3788,7 @@ void reply_read_and_X(struct smb_request *req)
 			}
 			/* We currently don't do this on signed or sealed data. */
 			if (srv_is_signing_active(req->sconn) ||
-			    is_encrypted_packet(req->inbuf)) {
+			    is_encrypted_packet(req->sconn, req->inbuf)) {
 				reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
 				END_PROFILE(SMBreadX);
 				return;
@@ -4414,7 +4415,7 @@ bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
 	unsigned int doff = 0;
 	size_t len = smb_len_large(inbuf);
 
-	if (is_encrypted_packet(inbuf)) {
+	if (is_encrypted_packet(sconn, inbuf)) {
 		/* Can't do this on encrypted
 		 * connections. */
 		return false;
diff --git a/source3/smbd/seal.c b/source3/smbd/seal.c
index fa25cad..c0aaa5a 100644
--- a/source3/smbd/seal.c
+++ b/source3/smbd/seal.c
@@ -46,16 +46,17 @@ struct smb_srv_trans_enc_ctx {
  Return global enc context - this must change if we ever do multiple contexts.
 ******************************************************************************/
 
-static uint16_t srv_enc_ctx(void)
+static uint16_t srv_enc_ctx(const struct smb_srv_trans_enc_ctx *ec)
 {
-	return srv_trans_enc_ctx->es->enc_ctx_num;
+	return ec->es->enc_ctx_num;
 }
 
 /******************************************************************************
  Is this an incoming encrypted packet ?
 ******************************************************************************/
 
-bool is_encrypted_packet(const uint8_t *inbuf)
+bool is_encrypted_packet(struct smbd_server_connection *sconn,
+			 const uint8_t *inbuf)
 {
 	NTSTATUS status;
 	uint16_t enc_num;
@@ -73,7 +74,7 @@ bool is_encrypted_packet(const uint8_t *inbuf)
 	}
 
 	/* Encrypted messages are 0xFF'E'<ctx> */
-	if (srv_trans_enc_ctx && enc_num == srv_enc_ctx()) {
+	if (srv_trans_enc_ctx && enc_num == srv_enc_ctx(srv_trans_enc_ctx)) {
 		return true;
 	}
 	return false;
@@ -323,7 +324,7 @@ static NTSTATUS make_srv_encryption_context(const struct tsocket_address *remote
  Free an encryption-allocated buffer.
 ******************************************************************************/
 
-void srv_free_enc_buffer(char *buf)
+void srv_free_enc_buffer(struct smbd_server_connection *sconn, char *buf)
 {
 	/* We know this is an smb buffer, and we
 	 * didn't malloc, only copy, for a keepalive,
@@ -342,7 +343,7 @@ void srv_free_enc_buffer(char *buf)
  Decrypt an incoming buffer.
 ******************************************************************************/
 
-NTSTATUS srv_decrypt_buffer(char *buf)
+NTSTATUS srv_decrypt_buffer(struct smbd_server_connection *sconn, char *buf)
 {
 	/* Ignore non-session messages. */
 	if(CVAL(buf,0)) {
@@ -360,7 +361,8 @@ NTSTATUS srv_decrypt_buffer(char *buf)
  Encrypt an outgoing buffer. Return the encrypted pointer in buf_out.
 ******************************************************************************/
 
-NTSTATUS srv_encrypt_buffer(char *buf, char **buf_out)
+NTSTATUS srv_encrypt_buffer(struct smbd_server_connection *sconn, char *buf,
+			    char **buf_out)
 {
 	*buf_out = buf;
 
@@ -801,7 +803,7 @@ NTSTATUS srv_encryption_start(connection_struct *conn)
  Shutdown all server contexts.
 ******************************************************************************/
 
-void server_encryption_shutdown(void)
+void server_encryption_shutdown(struct smbd_server_connection *sconn)
 {
 	srv_free_encryption_context(&partial_srv_trans_enc_ctx);
 	srv_free_encryption_context(&srv_trans_enc_ctx);


-- 
Samba Shared Repository


More information about the samba-cvs mailing list