[SCM] Samba Shared Repository - branch v4-1-test updated

Karolin Seeger kseeger at samba.org
Mon Jun 2 11:07:03 MDT 2014


The branch, v4-1-test has been updated
       via  814b88c printing: fix purge of all print jobs
       via  af13e3e s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
       via  f3fd95f s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
      from  bb0871c bug #10609: CVE-2014-0239 Don't reply to replies

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-1-test


- Log -----------------------------------------------------------------
commit 814b88cfc176436169700b597e576143a735c22b
Author: David Disseldorp <ddiss at samba.org>
Date:   Wed May 21 21:55:58 2014 +0200

    printing: fix purge of all print jobs
    
    The incorrect (system) jobid is currently passed to the job deletion
    function.
    
    Bug: https://bugzilla.samba.org/show_bug.cgi?id=10612
    
    Reported-by: Franz Pförtsch <franz.pfoertsch at brose.com>
    Signed-off-by: David Disseldorp <ddiss at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    (cherry picked from commit efb4684a3fc0b32a71eab013000f730e6b144a67)
    
    Autobuild-User(v4-1-test): Karolin Seeger <kseeger at samba.org>
    Autobuild-Date(v4-1-test): Mon Jun  2 19:06:43 CEST 2014 on sn-devel-104

commit af13e3e0a5d198e33ca0d104593e84b910ffc0af
Author: Jeremy Allison <jra at samba.org>
Date:   Wed May 21 11:57:16 2014 -0700

    s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
    
    put_long_date_timespec() correctly calls round_timespec()
    on the time parameters, and is the correct function to
    use when writing *any* file-based NTTIME on the wire.
    
    Move from using NTTIME variables internally
    in the server to struct timespec variables, which is
    what all the other server code uses. Only map to
    NTTIME as the last step of marshalling the output
    data.
    
    The previous SMB2 create code missed the round_timespec()
    call before marshalling.
    
    Bug 3124 - xcopy /d with samba shares works not as aspected
    
    https://bugzilla.samba.org/show_bug.cgi?id=3124
    
    which is a regression from a long-ago bug with
    SMB1.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>

commit f3fd95f621845c71c6dcf997e162f6b91574a55f
Author: Jeremy Allison <jra at samba.org>
Date:   Wed May 21 11:31:44 2014 -0700

    s3: smb2: Move from using SBVAL to put NTTIMEs on the wire to put_long_date_timespec.
    
    put_long_date_timespec() correctly calls round_timespec()
    on the time parameters, and is the correct function to
    use when writing *any* file-based NTTIME on the wire.
    
    The smb2_close() code being modified already did this by
    hand, and so this doesn't change any of the functionality, only
    makes the SMB2 code match all of the other server
    code in Samba. Move from using NTTIME variables internally
    in the server to struct timespec variables, which is
    what all the other server code uses. Only map to
    NTTIME as the last step of marshalling the output
    data.
    
    Not following the put_long_date_timespec()
    convention in the SMB2 create code caused the
    round_timespec() step to have been missed in
    that code - thus bug:
    
    Bug 3124 - xcopy /d with samba shares works not as aspected
    
    https://bugzilla.samba.org/show_bug.cgi?id=3124
    
    which is a regression from a long-ago bug with
    SMB1.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/printing/printing.c |   23 +++++++--
 source3/smbd/smb2_close.c   |  127 +++++++++++++++++++------------------------
 source3/smbd/smb2_create.c  |   85 +++++++++++++++--------------
 3 files changed, 119 insertions(+), 116 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index b126bd5..52d24dc 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -3373,13 +3373,28 @@ WERROR print_queue_purge(const struct auth_session_info *server_info,
 	if ( can_job_admin )
 		become_root();
 
-	for (i=0;i<njobs;i++) {
-		bool owner = is_owner(server_info, lp_const_servicename(snum),
-				      queue[i].sysjob);
+	for (i = 0; i < njobs; i++) {
+		struct tdb_print_db *pdb;
+		int jobid;
+		bool owner;
+		pdb = get_print_db_byname(lp_const_servicename(snum));
+		if (pdb == NULL) {
+			DEBUG(1, ("failed to find printdb for %s\n",
+				  lp_const_servicename(snum)));
+			continue;
+		}
+		jobid = sysjob_to_jobid_pdb(pdb, queue[i].sysjob);
+		if (jobid == (uint32_t)-1) {
+			DEBUG(2, ("jobid for system job %d not found\n",
+				  queue[i].sysjob));
+			continue;	/* unix job */
+		}
+		owner = is_owner(server_info, lp_const_servicename(snum),
+				 jobid);
 
 		if (owner || can_job_admin) {
 			print_job_delete1(server_event_context(), msg_ctx,
-					  snum, queue[i].sysjob);
+					  snum, jobid);
 		}
 	}
 
diff --git a/source3/smbd/smb2_close.c b/source3/smbd/smb2_close.c
index c4f0f19..37b2b4c 100644
--- a/source3/smbd/smb2_close.c
+++ b/source3/smbd/smb2_close.c
@@ -32,10 +32,10 @@ static struct tevent_req *smbd_smb2_close_send(TALLOC_CTX *mem_ctx,
 					       uint16_t in_flags);
 static NTSTATUS smbd_smb2_close_recv(struct tevent_req *req,
 				     uint16_t *out_flags,
-				     NTTIME *out_creation_time,
-				     NTTIME *out_last_access_time,
-				     NTTIME *out_last_write_time,
-				     NTTIME *out_change_time,
+				     struct timespec *out_creation_ts,
+				     struct timespec *out_last_access_ts,
+				     struct timespec *out_last_write_ts,
+				     struct timespec *out_change_ts,
 				     uint64_t *out_allocation_size,
 				     uint64_t *out_end_of_file,
 				     uint32_t *out_file_attributes);
@@ -84,10 +84,11 @@ static void smbd_smb2_request_close_done(struct tevent_req *subreq)
 		struct smbd_smb2_request);
 	DATA_BLOB outbody;
 	uint16_t out_flags;
-	NTTIME out_creation_time;
-	NTTIME out_last_access_time;
-	NTTIME out_last_write_time;
-	NTTIME out_change_time;
+	connection_struct *conn = req->tcon->compat;
+	struct timespec out_creation_ts = { 0, };
+	struct timespec out_last_access_ts = { 0, };
+	struct timespec out_last_write_ts = { 0, };
+	struct timespec out_change_ts = { 0, };
 	uint64_t out_allocation_size;
 	uint64_t out_end_of_file;
 	uint32_t out_file_attributes;
@@ -96,10 +97,10 @@ static void smbd_smb2_request_close_done(struct tevent_req *subreq)
 
 	status = smbd_smb2_close_recv(subreq,
 				      &out_flags,
-				      &out_creation_time,
-				      &out_last_access_time,
-				      &out_last_write_time,
-				      &out_change_time,
+				      &out_creation_ts,
+				      &out_last_access_ts,
+				      &out_last_write_ts,
+				      &out_change_ts,
 				      &out_allocation_size,
 				      &out_end_of_file,
 				      &out_file_attributes);
@@ -128,10 +129,14 @@ static void smbd_smb2_request_close_done(struct tevent_req *subreq)
 	SSVAL(outbody.data, 0x00, 0x3C);	/* struct size */
 	SSVAL(outbody.data, 0x02, out_flags);
 	SIVAL(outbody.data, 0x04, 0);		/* reserved */
-	SBVAL(outbody.data, 0x08, out_creation_time);
-	SBVAL(outbody.data, 0x10, out_last_access_time);
-	SBVAL(outbody.data, 0x18, out_last_write_time);
-	SBVAL(outbody.data, 0x20, out_change_time);
+	put_long_date_timespec(conn->ts_res,
+		(char *)outbody.data + 0x08, out_creation_ts);
+	put_long_date_timespec(conn->ts_res,
+		(char *)outbody.data + 0x10, out_last_access_ts);
+	put_long_date_timespec(conn->ts_res,
+		(char *)outbody.data + 0x18, out_last_write_ts);
+	put_long_date_timespec(conn->ts_res,
+		(char *)outbody.data + 0x20, out_change_ts);
 	SBVAL(outbody.data, 0x28, out_allocation_size);
 	SBVAL(outbody.data, 0x30, out_end_of_file);
 	SIVAL(outbody.data, 0x38, out_file_attributes);
@@ -148,10 +153,10 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req,
 				struct files_struct *fsp,
 				uint16_t in_flags,
 				uint16_t *out_flags,
-				NTTIME *out_creation_time,
-				NTTIME *out_last_access_time,
-				NTTIME *out_last_write_time,
-				NTTIME *out_change_time,
+				struct timespec *out_creation_ts,
+				struct timespec *out_last_access_ts,
+				struct timespec *out_last_write_ts,
+				struct timespec *out_change_ts,
 				uint64_t *out_allocation_size,
 				uint64_t *out_end_of_file,
 				uint32_t *out_file_attributes)
@@ -160,23 +165,18 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req,
 	struct smb_request *smbreq;
 	connection_struct *conn = req->tcon->compat;
 	struct smb_filename *smb_fname = NULL;
-	struct timespec mdate_ts, adate_ts, cdate_ts, create_date_ts;
 	uint64_t allocation_size = 0;
 	uint64_t file_size = 0;
 	uint32_t dos_attrs = 0;
 	uint16_t flags = 0;
 	bool posix_open = false;
 
-	ZERO_STRUCT(create_date_ts);
-	ZERO_STRUCT(adate_ts);
-	ZERO_STRUCT(mdate_ts);
-	ZERO_STRUCT(cdate_ts);
+	ZERO_STRUCTP(out_creation_ts);
+	ZERO_STRUCTP(out_last_access_ts);
+	ZERO_STRUCTP(out_last_write_ts);
+	ZERO_STRUCTP(out_change_ts);
 
 	*out_flags = 0;
-	*out_creation_time = 0;
-	*out_last_access_time = 0;
-	*out_last_write_time = 0;
-	*out_change_time = 0;
 	*out_allocation_size = 0;
 	*out_end_of_file = 0;
 	*out_file_attributes = 0;
@@ -212,16 +212,16 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req,
 		if (ret == 0) {
 			flags = SMB2_CLOSE_FLAGS_FULL_INFORMATION;
 			dos_attrs = dos_mode(conn, smb_fname);
-			mdate_ts = smb_fname->st.st_ex_mtime;
-			adate_ts = smb_fname->st.st_ex_atime;
-			create_date_ts = get_create_timespec(conn, NULL, smb_fname);
-			cdate_ts = get_change_timespec(conn, NULL, smb_fname);
+			*out_last_write_ts = smb_fname->st.st_ex_mtime;
+			*out_last_access_ts = smb_fname->st.st_ex_atime;
+			*out_creation_ts = get_create_timespec(conn, NULL, smb_fname);
+			*out_change_ts = get_change_timespec(conn, NULL, smb_fname);
 
 			if (lp_dos_filetime_resolution(SNUM(conn))) {
-				dos_filetime_timespec(&create_date_ts);
-				dos_filetime_timespec(&mdate_ts);
-				dos_filetime_timespec(&adate_ts);
-				dos_filetime_timespec(&cdate_ts);
+				dos_filetime_timespec(out_creation_ts);
+				dos_filetime_timespec(out_last_write_ts);
+				dos_filetime_timespec(out_last_access_ts);
+				dos_filetime_timespec(out_change_ts);
 			}
 			if (!(dos_attrs & FILE_ATTRIBUTE_DIRECTORY)) {
 				file_size = get_file_size_stat(&smb_fname->st);
@@ -232,19 +232,6 @@ static NTSTATUS smbd_smb2_close(struct smbd_smb2_request *req,
 	}
 
 	*out_flags = flags;
-
-	round_timespec(conn->ts_res, &create_date_ts);
-	unix_timespec_to_nt_time(out_creation_time, create_date_ts);
-
-	round_timespec(conn->ts_res, &adate_ts);
-	unix_timespec_to_nt_time(out_last_access_time, adate_ts);
-
-	round_timespec(conn->ts_res, &mdate_ts);
-	unix_timespec_to_nt_time(out_last_write_time, mdate_ts);
-
-	round_timespec(conn->ts_res, &cdate_ts);
-	unix_timespec_to_nt_time(out_change_time, cdate_ts);
-
 	*out_allocation_size = allocation_size;
 	*out_end_of_file = file_size;
 	*out_file_attributes = dos_attrs;
@@ -257,10 +244,10 @@ struct smbd_smb2_close_state {
 	struct files_struct *in_fsp;
 	uint16_t in_flags;
 	uint16_t out_flags;
-	NTTIME out_creation_time;
-	NTTIME out_last_access_time;
-	NTTIME out_last_write_time;
-	NTTIME out_change_time;
+	struct timespec out_creation_ts;
+	struct timespec out_last_access_ts;
+	struct timespec out_last_write_ts;
+	struct timespec out_change_ts;
 	uint64_t out_allocation_size;
 	uint64_t out_end_of_file;
 	uint32_t out_file_attributes;
@@ -302,10 +289,10 @@ static struct tevent_req *smbd_smb2_close_send(TALLOC_CTX *mem_ctx,
 				 state->in_fsp,
 				 state->in_flags,
 				 &state->out_flags,
-				 &state->out_creation_time,
-				 &state->out_last_access_time,
-				 &state->out_last_write_time,
-				 &state->out_change_time,
+				 &state->out_creation_ts,
+				 &state->out_last_access_ts,
+				 &state->out_last_write_ts,
+				 &state->out_change_ts,
 				 &state->out_allocation_size,
 				 &state->out_end_of_file,
 				 &state->out_file_attributes);
@@ -340,10 +327,10 @@ static void smbd_smb2_close_do(struct tevent_req *subreq)
 				 state->in_fsp,
 				 state->in_flags,
 				 &state->out_flags,
-				 &state->out_creation_time,
-				 &state->out_last_access_time,
-				 &state->out_last_write_time,
-				 &state->out_change_time,
+				 &state->out_creation_ts,
+				 &state->out_last_access_ts,
+				 &state->out_last_write_ts,
+				 &state->out_change_ts,
 				 &state->out_allocation_size,
 				 &state->out_end_of_file,
 				 &state->out_file_attributes);
@@ -355,10 +342,10 @@ static void smbd_smb2_close_do(struct tevent_req *subreq)
 
 static NTSTATUS smbd_smb2_close_recv(struct tevent_req *req,
 				     uint16_t *out_flags,
-				     NTTIME *out_creation_time,
-				     NTTIME *out_last_access_time,
-				     NTTIME *out_last_write_time,
-				     NTTIME *out_change_time,
+				     struct timespec *out_creation_ts,
+				     struct timespec *out_last_access_ts,
+				     struct timespec *out_last_write_ts,
+				     struct timespec *out_change_ts,
 				     uint64_t *out_allocation_size,
 				     uint64_t *out_end_of_file,
 				     uint32_t *out_file_attributes)
@@ -374,10 +361,10 @@ static NTSTATUS smbd_smb2_close_recv(struct tevent_req *req,
 	}
 
 	*out_flags = state->out_flags;
-	*out_creation_time = state->out_creation_time;
-	*out_last_access_time = state->out_last_access_time;
-	*out_last_write_time = state->out_last_write_time;
-	*out_change_time = state->out_change_time;
+	*out_creation_ts = state->out_creation_ts;
+	*out_last_access_ts = state->out_last_access_ts;
+	*out_last_write_ts = state->out_last_write_ts;
+	*out_change_ts = state->out_change_ts;
 	*out_allocation_size = state->out_allocation_size;
 	*out_end_of_file = state->out_end_of_file;
 	*out_file_attributes = state->out_file_attributes;
diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index 8430bd2..2c35559 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -85,10 +85,10 @@ static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
 			TALLOC_CTX *mem_ctx,
 			uint8_t *out_oplock_level,
 			uint32_t *out_create_action,
-			NTTIME *out_creation_time,
-			NTTIME *out_last_access_time,
-			NTTIME *out_last_write_time,
-			NTTIME *out_change_time,
+			struct timespec *out_creation_ts,
+			struct timespec *out_last_access_ts,
+			struct timespec *out_last_write_ts,
+			struct timespec *out_change_ts,
 			uint64_t *out_allocation_size,
 			uint64_t *out_end_of_file,
 			uint32_t *out_file_attributes,
@@ -269,10 +269,11 @@ static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
 	DATA_BLOB outdyn;
 	uint8_t out_oplock_level = 0;
 	uint32_t out_create_action = 0;
-	NTTIME out_creation_time = 0;
-	NTTIME out_last_access_time = 0;
-	NTTIME out_last_write_time = 0;
-	NTTIME out_change_time = 0;
+	connection_struct *conn = smb2req->tcon->compat;
+	struct timespec out_creation_ts = { 0, };
+	struct timespec out_last_access_ts = { 0, };
+	struct timespec out_last_write_ts = { 0, };
+	struct timespec out_change_ts = { 0, };
 	uint64_t out_allocation_size = 0;
 	uint64_t out_end_of_file = 0;
 	uint32_t out_file_attributes = 0;
@@ -288,10 +289,10 @@ static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
 				       smb2req,
 				       &out_oplock_level,
 				       &out_create_action,
-				       &out_creation_time,
-				       &out_last_access_time,
-				       &out_last_write_time,
-				       &out_change_time,
+				       &out_creation_ts,
+				       &out_last_access_ts,
+				       &out_last_write_ts,
+				       &out_change_ts,
 				       &out_allocation_size,
 				       &out_end_of_file,
 				       &out_file_attributes,
@@ -340,14 +341,18 @@ static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
 	SCVAL(outbody.data, 0x03, 0);		/* reserved */
 	SIVAL(outbody.data, 0x04,
 	      out_create_action);		/* create action */
-	SBVAL(outbody.data, 0x08,
-	      out_creation_time);		/* creation time */
-	SBVAL(outbody.data, 0x10,
-	      out_last_access_time);		/* last access time */
-	SBVAL(outbody.data, 0x18,
-	      out_last_write_time);		/* last write time */
-	SBVAL(outbody.data, 0x20,
-	      out_change_time);			/* change time */
+	put_long_date_timespec(conn->ts_res,
+	      (char *)outbody.data + 0x08,
+	      out_creation_ts);			/* creation time */
+	put_long_date_timespec(conn->ts_res,
+	      (char *)outbody.data + 0x10,
+	      out_last_access_ts);		/* last access time */
+	put_long_date_timespec(conn->ts_res,
+	      (char *)outbody.data + 0x18,
+	      out_last_write_ts);		/* last write time */
+	put_long_date_timespec(conn->ts_res,
+	      (char *)outbody.data + 0x20,
+	      out_change_ts);			/* change time */
 	SBVAL(outbody.data, 0x28,
 	      out_allocation_size);		/* allocation size */
 	SBVAL(outbody.data, 0x30,
@@ -385,10 +390,10 @@ struct smbd_smb2_create_state {
 	DATA_BLOB private_data;
 	uint8_t out_oplock_level;
 	uint32_t out_create_action;
-	NTTIME out_creation_time;
-	NTTIME out_last_access_time;
-	NTTIME out_last_write_time;
-	NTTIME out_change_time;
+	struct timespec out_creation_ts;
+	struct timespec out_last_access_ts;
+	struct timespec out_last_write_ts;
+	struct timespec out_change_ts;
 	uint64_t out_allocation_size;
 	uint64_t out_end_of_file;
 	uint32_t out_file_attributes;
@@ -1027,16 +1032,12 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		update_stat_ex_mtime(&result->fsp_name->st, write_time_ts);
 	}
 
-	unix_timespec_to_nt_time(&state->out_creation_time,
-			get_create_timespec(smb1req->conn, result,
-					result->fsp_name));
-	unix_timespec_to_nt_time(&state->out_last_access_time,
-			result->fsp_name->st.st_ex_atime);
-	unix_timespec_to_nt_time(&state->out_last_write_time,
-			result->fsp_name->st.st_ex_mtime);
-	unix_timespec_to_nt_time(&state->out_change_time,
-			get_change_timespec(smb1req->conn, result,
-					result->fsp_name));
+	state->out_creation_ts = get_create_timespec(smb1req->conn,
+					result, result->fsp_name);
+	state->out_last_access_ts = result->fsp_name->st.st_ex_atime;
+	state->out_last_write_ts = result->fsp_name->st.st_ex_mtime;
+	state->out_change_ts = get_change_timespec(smb1req->conn,
+					result, result->fsp_name);
 	state->out_allocation_size =
 			SMB_VFS_GET_ALLOC_SIZE(smb1req->conn, result,
 					       &(result->fsp_name->st));
@@ -1059,10 +1060,10 @@ static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
 			TALLOC_CTX *mem_ctx,
 			uint8_t *out_oplock_level,
 			uint32_t *out_create_action,
-			NTTIME *out_creation_time,
-			NTTIME *out_last_access_time,
-			NTTIME *out_last_write_time,
-			NTTIME *out_change_time,
+			struct timespec *out_creation_ts,
+			struct timespec *out_last_access_ts,
+			struct timespec *out_last_write_ts,
+			struct timespec *out_change_ts,
 			uint64_t *out_allocation_size,
 			uint64_t *out_end_of_file,
 			uint32_t *out_file_attributes,
@@ -1081,10 +1082,10 @@ static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
 
 	*out_oplock_level	= state->out_oplock_level;
 	*out_create_action	= state->out_create_action;
-	*out_creation_time	= state->out_creation_time;
-	*out_last_access_time	= state->out_last_access_time;
-	*out_last_write_time	= state->out_last_write_time;
-	*out_change_time	= state->out_change_time;
+	*out_creation_ts	= state->out_creation_ts;
+	*out_last_access_ts	= state->out_last_access_ts;
+	*out_last_write_ts	= state->out_last_write_ts;
+	*out_change_ts		= state->out_change_ts;
 	*out_allocation_size	= state->out_allocation_size;
 	*out_end_of_file	= state->out_end_of_file;
 	*out_file_attributes	= state->out_file_attributes;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list