[SCM] Samba Shared Repository - branch master updated
Stefan Metzmacher
metze at samba.org
Fri Sep 23 04:31:02 MDT 2011
The branch, master has been updated
via 5494856 s3:smbd: disconnect the socket if we got an unexpected request
via 02d83d8 s3:smbd: don't call smbd_terminate_connection in smb2_validate_message_id() (bug #8476)
from 2a789c8 build: Fix waf build on MacOS X
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 5494856294384df4360d85e68abc03c43dc16e06
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Sep 23 06:37:35 2011 +0200
s3:smbd: disconnect the socket if we got an unexpected request
If we got a SMB2_OP_NEGPROT after the protocol is already negotiated
or if we got a non SMB2_OP_NEGPROT before the protocol was negotiated
we should close the connection (as windows does).
metze
Autobuild-User: Stefan Metzmacher <metze at samba.org>
Autobuild-Date: Fri Sep 23 12:30:50 CEST 2011 on sn-devel-104
commit 02d83d8fd4d21825110fd7da1ccb570a26e66ca6
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri Sep 23 06:08:51 2011 +0200
s3:smbd: don't call smbd_terminate_connection in smb2_validate_message_id() (bug #8476)
Only return false and the caller will terminate the connection.
metze
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/smb2_negprot.c | 1 -
source3/smbd/smb2_server.c | 25 +++++++++++++++++++++++--
2 files changed, 23 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c
index 15bff82..c5ac2d5 100644
--- a/source3/smbd/smb2_negprot.c
+++ b/source3/smbd/smb2_negprot.c
@@ -101,7 +101,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req)
uint32_t max_read = lp_smb2_max_read();
uint32_t max_write = lp_smb2_max_write();
-/* TODO: drop the connection with INVALID_PARAMETER */
status = smbd_smb2_request_verify_sizes(req, 0x24);
if (!NT_STATUS_IS_OK(status)) {
diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c
index 0ffeb48..35da2af 100644
--- a/source3/smbd/smb2_server.c
+++ b/source3/smbd/smb2_server.c
@@ -323,8 +323,9 @@ static bool smb2_validate_message_id(struct smbd_server_connection *sconn,
}
if (sconn->smb2.credits_granted == 0) {
- smbd_server_connection_terminate(sconn, "smb2_validate_message_id: "
- "terminating connection: client used more credits than granted\n");
+ DEBUG(0,("smb2_validate_message_id: client used more "
+ "credits than granted message_id (%llu)\n",
+ (unsigned long long)message_id));
return false;
}
@@ -1332,6 +1333,26 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req)
smb2_opcode_name(opcode),
(unsigned long long)mid));
+ if (get_Protocol() >= PROTOCOL_SMB2_02) {
+ /*
+ * once the protocol is negotiated
+ * SMB2_OP_NEGPROT is not allowed anymore
+ */
+ if (opcode == SMB2_OP_NEGPROT) {
+ /* drop the connection */
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ } else {
+ /*
+ * if the protocol is not negotiated yet
+ * only SMB2_OP_NEGPROT is allowed.
+ */
+ if (opcode != SMB2_OP_NEGPROT) {
+ /* drop the connection */
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+ }
+
allowed_flags = SMB2_HDR_FLAG_CHAINED |
SMB2_HDR_FLAG_SIGNED |
SMB2_HDR_FLAG_DFS;
--
Samba Shared Repository
More information about the samba-cvs
mailing list