[SCM] Samba Shared Repository - branch master updated

Stefan Metzmacher metze at samba.org
Wed Jul 25 18:09:03 MDT 2012


The branch, master has been updated
       via  df08929 s3:smb2_sesssetup: reject SMB2_SESSION_FLAG_BINDING requests
       via  46e08eb s3:libcli/smb: add SMB2_SESSION_FLAG_BINDING
       via  859e5be s3:smb2_ioctl: fix GUID_compare() check in FSCTL_VALIDATE_NEGOTIATE_INFO
       via  3a85737 s3:smb2_ioctl: allow clients to send padding at the end of FSCTL_VALIDATE_NEGOTIATE_INFO
       via  3cce521 s3:smb2_ioctl: remove FSCTL_VALIDATE_NEGOTIATE_INFO_224 implementation
      from  5c3a0cb libcli/smb: setup tcon->smb2.should_encrypt in smb2cli_tcon_set_values()

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit df08929d28cab9f3d5fda573e2c2649b651f3e4c
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Jul 26 00:11:13 2012 +0200

    s3:smb2_sesssetup: reject SMB2_SESSION_FLAG_BINDING requests
    
    metze
    
    Autobuild-User(master): Stefan Metzmacher <metze at samba.org>
    Autobuild-Date(master): Thu Jul 26 02:08:56 CEST 2012 on sn-devel-104

commit 46e08eb75f7ca179c1708b601ccf4c601278fbda
Author: Stefan Metzmacher <metze at samba.org>
Date:   Thu Jul 26 00:10:38 2012 +0200

    s3:libcli/smb: add SMB2_SESSION_FLAG_BINDING
    
    metze

commit 859e5be07057c928bb9b7a32643304c8e03588e1
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Jul 25 16:43:58 2012 +0200

    s3:smb2_ioctl: fix GUID_compare() check in FSCTL_VALIDATE_NEGOTIATE_INFO
    
    metze

commit 3a857371916ed9867174233b6623c2260d438202
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Jul 25 16:38:45 2012 +0200

    s3:smb2_ioctl: allow clients to send padding at the end of FSCTL_VALIDATE_NEGOTIATE_INFO
    
    metze

commit 3cce5214f9d458f95885a5fc6b5a7b946a7b50a0
Author: Stefan Metzmacher <metze at samba.org>
Date:   Wed Jul 25 23:29:28 2012 +0200

    s3:smb2_ioctl: remove FSCTL_VALIDATE_NEGOTIATE_INFO_224 implementation
    
    Only Windows8 Beta uses this and it's broken, the client send wrong
    capabilities. Just returning an error seems to be fine for the Windows8 Beta
    client.
    
    metze

-----------------------------------------------------------------------

Summary of changes:
 libcli/smb/smb2_constants.h   |    5 ++-
 source3/smbd/smb2_ioctl.c     |   81 +----------------------------------------
 source3/smbd/smb2_sesssetup.c |   13 +++++++
 3 files changed, 19 insertions(+), 80 deletions(-)


Changeset truncated at 500 lines:

diff --git a/libcli/smb/smb2_constants.h b/libcli/smb/smb2_constants.h
index f2f28f8..a00a4a7 100644
--- a/libcli/smb/smb2_constants.h
+++ b/libcli/smb/smb2_constants.h
@@ -121,7 +121,10 @@
 		SMB2_CAP_ENCRYPTION)
 
 
-/* SMB2 session flags */
+/* SMB2 session (request) flags */
+#define SMB2_SESSION_FLAG_BINDING       0x01
+
+/* SMB2 session (response) flags */
 #define SMB2_SESSION_FLAG_IS_GUEST       0x0001
 #define SMB2_SESSION_FLAG_IS_NULL        0x0002
 #define SMB2_SESSION_FLAG_ENCRYPT_DATA   0x0004 /* in dialect >= 0x224 */
diff --git a/source3/smbd/smb2_ioctl.c b/source3/smbd/smb2_ioctl.c
index 36b44e6..3502d35 100644
--- a/source3/smbd/smb2_ioctl.c
+++ b/source3/smbd/smb2_ioctl.c
@@ -487,83 +487,6 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
 					req);
 		return req;
 
-	case FSCTL_VALIDATE_NEGOTIATE_INFO_224:
-	{
-		struct smbXsrv_connection *conn = smbreq->sconn->conn;
-		uint32_t in_capabilities;
-		DATA_BLOB in_guid_blob;
-		struct GUID in_guid;
-		uint16_t in_security_mode;
-		uint16_t in_max_dialect;
-		uint16_t max_dialect;
-		DATA_BLOB out_guid_blob;
-		NTSTATUS status;
-
-		if (in_input.length != 0x18) {
-			tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
-			return tevent_req_post(req, ev);
-		}
-
-		if (in_max_output < 0x18) {
-			tevent_req_nterror(req, NT_STATUS_BUFFER_TOO_SMALL);
-			return tevent_req_post(req, ev);
-		}
-
-		in_capabilities = IVAL(in_input.data, 0x00);
-		in_guid_blob = data_blob_const(in_input.data + 0x04, 16);
-		in_security_mode = SVAL(in_input.data, 0x14);
-		in_max_dialect = SVAL(in_input.data, 0x16);
-
-		status = GUID_from_ndr_blob(&in_guid_blob, &in_guid);
-		if (tevent_req_nterror(req, status)) {
-			return tevent_req_post(req, ev);
-		}
-
-		max_dialect = conn->smb2.client.dialects[conn->smb2.client.num_dialects-1];
-		if (in_max_dialect != max_dialect) {
-			state->disconnect = true;
-			tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
-			return tevent_req_post(req, ev);
-		}
-
-		if (!GUID_compare(&in_guid, &conn->smb2.client.guid)) {
-			state->disconnect = true;
-			tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
-			return tevent_req_post(req, ev);
-		}
-
-		if (in_security_mode != conn->smb2.client.security_mode) {
-			state->disconnect = true;
-			tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
-			return tevent_req_post(req, ev);
-		}
-
-		if (in_capabilities != conn->smb2.client.capabilities) {
-			state->disconnect = true;
-			tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
-			return tevent_req_post(req, ev);
-		}
-
-		status = GUID_to_ndr_blob(&conn->smb2.server.guid, state,
-					  &out_guid_blob);
-		if (tevent_req_nterror(req, status)) {
-			return tevent_req_post(req, ev);
-		}
-
-		state->out_output = data_blob_talloc(state, NULL, 0x18);
-		if (tevent_req_nomem(state->out_output.data, req)) {
-			return tevent_req_post(req, ev);
-		}
-
-		SIVAL(state->out_output.data, 0x00, conn->smb2.server.capabilities);
-		memcpy(state->out_output.data+0x04, out_guid_blob.data, 16);
-		SIVAL(state->out_output.data, 0x14, conn->smb2.server.security_mode);
-		SIVAL(state->out_output.data, 0x16, conn->smb2.server.dialect);
-
-		tevent_req_done(req);
-		return tevent_req_post(req, ev);
-	}
-
 	case FSCTL_VALIDATE_NEGOTIATE_INFO:
 	{
 		struct smbXsrv_connection *conn = smbreq->sconn->conn;
@@ -586,7 +509,7 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
 		in_security_mode = SVAL(in_input.data, 0x14);
 		in_num_dialects = SVAL(in_input.data, 0x16);
 
-		if (in_input.length != (0x18 + in_num_dialects*2)) {
+		if (in_input.length < (0x18 + in_num_dialects*2)) {
 			tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
 			return tevent_req_post(req, ev);
 		}
@@ -617,7 +540,7 @@ static struct tevent_req *smbd_smb2_ioctl_send(TALLOC_CTX *mem_ctx,
 			}
 		}
 
-		if (!GUID_compare(&in_guid, &conn->smb2.client.guid)) {
+		if (GUID_compare(&in_guid, &conn->smb2.client.guid) != 0) {
 			state->disconnect = true;
 			tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
 			return tevent_req_post(req, ev);
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index 85bcc05..5355292 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -441,6 +441,19 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
 	state->in_previous_session_id = in_previous_session_id;
 	state->in_security_buffer = in_security_buffer;
 
+	if (in_flags & SMB2_SESSION_FLAG_BINDING) {
+		if (smb2req->sconn->conn->protocol < PROTOCOL_SMB2_22) {
+			tevent_req_nterror(req, NT_STATUS_REQUEST_NOT_ACCEPTED);
+			return tevent_req_post(req, ev);
+		}
+
+		/*
+		 * We do not support multi channel.
+		 */
+		tevent_req_nterror(req, NT_STATUS_NOT_SUPPORTED);
+		return tevent_req_post(req, ev);
+	}
+
 	talloc_set_destructor(state, smbd_smb2_session_setup_state_destructor);
 
 	if (state->in_session_id == 0) {


-- 
Samba Shared Repository


More information about the samba-cvs mailing list