[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Wed May 6 17:22:05 MDT 2015
The branch, master has been updated
via c49ad3f s3:selftest: run smb2.notify with --signing=required
via f719414 s3:smb2_tcon: cancel pending requests on all connections on tdis
via 5871d3d s3:smb2_sesssetup: remove unused smbd_smb2_session_setup_* destructors
via 50aeb6b s3:smb2_sesssetup: add smbd_smb2_session_setup_wrap_send/recv()
via 8f0d4d1 s3:smb2_sesssetup: always assign smb2req->session when a session was created.
via 95057fe s3:smb2_sesssetup: let smbd_smb2_logoff_* use smbXsrv_session_shutdown_*
via cc9d52e s3:smbXsrv_session: cancel pending requests when we logoff a previous session
via 4fceb45 s3:smbXsrv_session: add smb2srv_session_shutdown_send/recv helper functions
via b6c34a0 s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_logoff_all_callback()
via 7fea421 s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_destructor()
via f435c89 s4:torture/smb2: add smb2.notify.session-reconnect test
via a8ec77e s4:torture/smb2: add smb2.notify.invalid-reauth test
via 44f9e10 s4:torture/smb2: add smb2.notify.close test
via 4bfa6b0 s4:torture/smb2: verify STATUS_NOTIFY_CLEANUP return value
via 5169e9b s3:smbd: use STATUS_NOTIFY_CLEANUP on smb2 logoff (explicit and implicit) and tdis
via a5981d1 s3:smbd: use STATUS_NOTIFY_CLEANUP when closing a smb2 directory handle
via 2c47fb1 s3:smbd: add a smbd_notify_cancel_by_map() helper function
from e8081af winbind: Fix CID 1035545 Uninitialized scalar variable
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit c49ad3f89530d078fdd6ffcd1a6dc8c38be9169b
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:26:41 2015 +0200
s3:selftest: run smb2.notify with --signing=required
This reproduces a bug withe implicit canceled requests.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Thu May 7 01:21:44 CEST 2015 on sn-devel-104
commit f71941491bbba20f394bd2f44425d7c21e90ba92
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 16:50:55 2015 +0200
s3:smb2_tcon: cancel pending requests on all connections on tdis
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5871d3da871349cba058bb91218ae58107cf05c8
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:29:03 2015 +0200
s3:smb2_sesssetup: remove unused smbd_smb2_session_setup_* destructors
The cleanup of a failing session setup is now handled in
smbd_smb2_session_setup_wrap_*().
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 50aeb6b38b14d6c26229834ece3c32eb50f9e56a
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:21:25 2015 +0200
s3:smb2_sesssetup: add smbd_smb2_session_setup_wrap_send/recv()
The wrapper calls smbXsrv_session_shutdown_send/recv() in case of an error,
this makes sure a failing reauth shuts down the session like an explicit logoff.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 8f0d4d1132b74615dc6198ab736590dec52effda
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:27:26 2015 +0200
s3:smb2_sesssetup: always assign smb2req->session when a session was created.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 95057fe375348b918cb2ca58109f4c110a4a5f77
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:20:06 2015 +0200
s3:smb2_sesssetup: let smbd_smb2_logoff_* use smbXsrv_session_shutdown_*
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit cc9d52e10f4f1b192171e03674061d4e8e6bcc84
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:13:27 2015 +0200
s3:smbXsrv_session: cancel pending requests when we logoff a previous session
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4fceb4531ccd6bb1fd6ebd7b6eb5b894959bc010
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 09:57:03 2015 +0200
s3:smbXsrv_session: add smb2srv_session_shutdown_send/recv helper functions
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit b6c34a07760141bda3e78624d62eb556bb70da65
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:17:34 2015 +0200
s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_logoff_all_callback()
smbXsrv_session_logoff_all_callback() is called when the last transport
connection is gone, which means we won't need to sign any response...
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 7fea42110596e8e9da0155d726aaa72223107fbd
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 16:09:40 2015 +0200
s3:smbXsrv_session: clear smb2req->session of pending requests in smbXsrv_session_destructor()
This won't be needed typically needed as the caller is supposted to cancel
the requests already, but this makes sure we don't keep dangling pointers.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit f435c89d61385272bf5b79f82f6e1373908d2b94
Author: Stefan Metzmacher <metze at samba.org>
Date: Sat May 2 09:57:03 2015 +0200
s4:torture/smb2: add smb2.notify.session-reconnect test
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit a8ec77e86b17213eeb6a51a835639d79e9486223
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:20:50 2015 +0200
s4:torture/smb2: add smb2.notify.invalid-reauth test
An invalid reauth closes the session.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 44f9e1052de81a0a3052997e7e19a01813fbec43
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:20:50 2015 +0200
s4:torture/smb2: add smb2.notify.close test
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11182
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 4bfa6b024e530694741c7c07171fa09762578389
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:19:42 2015 +0200
s4:torture/smb2: verify STATUS_NOTIFY_CLEANUP return value
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 5169e9b20c69092d04b596f48ca0e69a46af438f
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:02:38 2015 +0200
s3:smbd: use STATUS_NOTIFY_CLEANUP on smb2 logoff (explicit and implicit) and tdis
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit a5981d137461e5715c92a4fb4cdeaa650f34e999
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:02:38 2015 +0200
s3:smbd: use STATUS_NOTIFY_CLEANUP when closing a smb2 directory handle
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
commit 2c47fb16089602a42f62124520e58bdcd8c7d053
Author: Stefan Metzmacher <metze at samba.org>
Date: Fri May 1 20:04:55 2015 +0200
s3:smbd: add a smbd_notify_cancel_by_map() helper function
Signed-off-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
selftest/knownfail | 1 -
source3/selftest/tests.py | 3 +
source3/smbd/close.c | 15 +-
source3/smbd/globals.h | 5 +
source3/smbd/notify.c | 33 +++-
source3/smbd/smb2_sesssetup.c | 361 +++++++++++++++++++++--------------------
source3/smbd/smb2_tcon.c | 66 ++++----
source3/smbd/smbXsrv_session.c | 212 +++++++++++++++++++++++-
source4/torture/smb2/notify.c | 235 +++++++++++++++++++++++++++
9 files changed, 708 insertions(+), 223 deletions(-)
Changeset truncated at 500 lines:
diff --git a/selftest/knownfail b/selftest/knownfail
index 3262c9c..26aed77 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -189,7 +189,6 @@
^samba3.smb2.create.blob
^samba3.smb2.create.open
^samba3.smb2.notify.valid-req
-^samba3.smb2.notify.dir
^samba3.smb2.notify.rec
^samba3.smb2.durable-open.delete_on_close2
^samba3.smb2.durable-v2-open.app-instance
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 7436d26..dd06e07 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -383,6 +383,9 @@ for t in tests:
elif t == "local.nss":
for env in ["nt4_dc:local", "ad_member:local", "nt4_member:local", "ad_dc:local", "ad_dc_ntvfs:local"]:
plansmbtorture4testsuite(t, env, '//$SERVER/tmp -U$USERNAME%$PASSWORD')
+ elif t == "smb2.notify":
+ plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --signing=required')
+ plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD --signing=required')
else:
plansmbtorture4testsuite(t, "nt4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "ad_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
diff --git a/source3/smbd/close.c b/source3/smbd/close.c
index 09be2e7..0e75bf0 100644
--- a/source3/smbd/close.c
+++ b/source3/smbd/close.c
@@ -1050,6 +1050,13 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
NTSTATUS status1 = NT_STATUS_OK;
const struct security_token *del_nt_token = NULL;
const struct security_unix_token *del_token = NULL;
+ NTSTATUS notify_status;
+
+ if (fsp->conn->sconn->using_smb2) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ } else {
+ notify_status = NT_STATUS_OK;
+ }
/*
* NT can set delete_on_close of the last open
@@ -1159,8 +1166,8 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
* now fail as the directory has been deleted.
*/
- if(NT_STATUS_IS_OK(status)) {
- remove_pending_change_notify_requests_by_fid(fsp, NT_STATUS_DELETE_PENDING);
+ if (NT_STATUS_IS_OK(status)) {
+ notify_status = NT_STATUS_DELETE_PENDING;
}
} else {
if (!del_share_mode(lck, fsp)) {
@@ -1169,10 +1176,10 @@ static NTSTATUS close_directory(struct smb_request *req, files_struct *fsp,
}
TALLOC_FREE(lck);
- remove_pending_change_notify_requests_by_fid(
- fsp, NT_STATUS_OK);
}
+ remove_pending_change_notify_requests_by_fid(fsp, notify_status);
+
status1 = fd_close(fsp);
if (!NT_STATUS_IS_OK(status1)) {
diff --git a/source3/smbd/globals.h b/source3/smbd/globals.h
index c7e2608..22cf5d6 100644
--- a/source3/smbd/globals.h
+++ b/source3/smbd/globals.h
@@ -537,6 +537,11 @@ struct smbXsrv_channel_global0;
NTSTATUS smbXsrv_session_find_channel(const struct smbXsrv_session *session,
const struct smbXsrv_connection *conn,
struct smbXsrv_channel_global0 **_c);
+struct tevent_req *smb2srv_session_shutdown_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct smbXsrv_session *session,
+ struct smbd_smb2_request *current_req);
+NTSTATUS smb2srv_session_shutdown_recv(struct tevent_req *req);
NTSTATUS smbXsrv_session_logoff(struct smbXsrv_session *session);
NTSTATUS smbXsrv_session_logoff_all(struct smbXsrv_connection *conn);
NTSTATUS smb1srv_session_table_init(struct smbXsrv_connection *conn);
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c
index 3f2d07c..b3079d2 100644
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -375,6 +375,31 @@ static void change_notify_remove_request(struct smbd_server_connection *sconn,
TALLOC_FREE(req);
}
+static void smbd_notify_cancel_by_map(struct notify_mid_map *map)
+{
+ struct smb_request *smbreq = map->req->req;
+ struct smbd_server_connection *sconn = smbreq->sconn;
+ struct smbd_smb2_request *smb2req = smbreq->smb2req;
+ NTSTATUS notify_status = NT_STATUS_CANCELLED;
+
+ if (smb2req != NULL) {
+ if (smb2req->session == NULL) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ } else if (!NT_STATUS_IS_OK(smb2req->session->status)) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ }
+ if (smb2req->tcon == NULL) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ } else if (!NT_STATUS_IS_OK(smb2req->tcon->status)) {
+ notify_status = STATUS_NOTIFY_CLEANUP;
+ }
+ }
+
+ change_notify_reply(smbreq, notify_status,
+ 0, NULL, map->req->reply_fn);
+ change_notify_remove_request(sconn, map->req);
+}
+
/****************************************************************************
Delete entries by mid from the change notify pending queue. Always send reply.
*****************************************************************************/
@@ -394,9 +419,7 @@ void remove_pending_change_notify_requests_by_mid(
return;
}
- change_notify_reply(map->req->req,
- NT_STATUS_CANCELLED, 0, NULL, map->req->reply_fn);
- change_notify_remove_request(sconn, map->req);
+ smbd_notify_cancel_by_map(map);
}
void smbd_notify_cancel_by_smbreq(const struct smb_request *smbreq)
@@ -414,9 +437,7 @@ void smbd_notify_cancel_by_smbreq(const struct smb_request *smbreq)
return;
}
- change_notify_reply(map->req->req,
- NT_STATUS_CANCELLED, 0, NULL, map->req->reply_fn);
- change_notify_remove_request(sconn, map->req);
+ smbd_notify_cancel_by_map(map);
}
static struct files_struct *smbd_notify_cancel_deleted_fn(
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c
index fb7edce..c56e480 100644
--- a/source3/smbd/smb2_sesssetup.c
+++ b/source3/smbd/smb2_sesssetup.c
@@ -29,7 +29,7 @@
#include "../libcli/security/security.h"
#include "../lib/util/tevent_ntstatus.h"
-static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
+static struct tevent_req *smbd_smb2_session_setup_wrap_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
uint64_t in_session_id,
@@ -37,7 +37,7 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
uint8_t in_security_mode,
uint64_t in_previous_session_id,
DATA_BLOB in_security_buffer);
-static NTSTATUS smbd_smb2_session_setup_recv(struct tevent_req *req,
+static NTSTATUS smbd_smb2_session_setup_wrap_recv(struct tevent_req *req,
uint16_t *out_session_flags,
TALLOC_CTX *mem_ctx,
DATA_BLOB *out_security_buffer,
@@ -87,14 +87,14 @@ NTSTATUS smbd_smb2_request_process_sesssetup(struct smbd_smb2_request *smb2req)
in_security_buffer.data = SMBD_SMB2_IN_DYN_PTR(smb2req);
in_security_buffer.length = in_security_length;
- subreq = smbd_smb2_session_setup_send(smb2req,
- smb2req->sconn->ev_ctx,
- smb2req,
- in_session_id,
- in_flags,
- in_security_mode,
- in_previous_session_id,
- in_security_buffer);
+ subreq = smbd_smb2_session_setup_wrap_send(smb2req,
+ smb2req->sconn->ev_ctx,
+ smb2req,
+ in_session_id,
+ in_flags,
+ in_security_mode,
+ in_previous_session_id,
+ in_security_buffer);
if (subreq == NULL) {
return smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
}
@@ -118,11 +118,11 @@ static void smbd_smb2_request_sesssetup_done(struct tevent_req *subreq)
NTSTATUS status;
NTSTATUS error; /* transport error */
- status = smbd_smb2_session_setup_recv(subreq,
- &out_session_flags,
- smb2req,
- &out_security_buffer,
- &out_session_id);
+ status = smbd_smb2_session_setup_wrap_recv(subreq,
+ &out_session_flags,
+ smb2req,
+ &out_security_buffer,
+ &out_session_id);
TALLOC_FREE(subreq);
if (!NT_STATUS_IS_OK(status) &&
!NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
@@ -368,7 +368,6 @@ static NTSTATUS smbd_smb2_auth_generic_return(struct smbXsrv_session *session,
* we attach the session to the request
* so that the response can be signed
*/
- smb2req->session = session;
if (!guest) {
smb2req->do_signing = true;
}
@@ -449,94 +448,12 @@ struct smbd_smb2_session_setup_state {
uint16_t out_session_flags;
DATA_BLOB out_security_buffer;
uint64_t out_session_id;
- /* The following pointer is owned by state->session. */
- struct smbd_smb2_session_setup_state **pp_self_ref;
};
-static int pp_self_ref_destructor(struct smbd_smb2_session_setup_state **pp_state)
-{
- (*pp_state)->session = NULL;
- /*
- * To make things clearer, ensure the pp_self_ref
- * pointer is nulled out. We're never going to
- * access this again.
- */
- (*pp_state)->pp_self_ref = NULL;
- return 0;
-}
-
-static int smbd_smb2_session_setup_state_destructor(struct smbd_smb2_session_setup_state *state)
-{
- struct smbXsrv_connection *xconn;
- struct smbd_smb2_request *preq;
-
- /*
- * If state->session is not NULL,
- * we move the session from the session table to the request on failure
- * so that the error response can be correctly signed, but the session
- * is then really deleted when the request is done.
- */
-
- if (state->session == NULL) {
- return 0;
- }
-
- state->session->status = NT_STATUS_USER_SESSION_DELETED;
- state->smb2req->session = talloc_move(state->smb2req, &state->session);
-
- /*
- * We own the session now - we don't need the
- * tag talloced on session that keeps track of session independently.
- */
- TALLOC_FREE(state->pp_self_ref);
-
- /*
- * We've made this session owned by the current request.
- * Ensure that any outstanding requests don't also refer
- * to it.
- */
- xconn = state->smb2req->xconn;
-
- for (preq = xconn->smb2.requests; preq != NULL; preq = preq->next) {
- if (preq == state->smb2req) {
- continue;
- }
- if (preq->session == state->smb2req->session) {
- preq->session = NULL;
- /*
- * If we no longer have a session we can't
- * sign or encrypt replies.
- */
- preq->do_signing = false;
- preq->do_encryption = false;
- }
- }
-
- return 0;
-}
-
static void smbd_smb2_session_setup_gensec_done(struct tevent_req *subreq);
static void smbd_smb2_session_setup_previous_done(struct tevent_req *subreq);
static void smbd_smb2_session_setup_auth_return(struct tevent_req *req);
-/************************************************************************
- We have to tag the state->session pointer with memory talloc'ed
- on it to ensure it gets NULL'ed out if the underlying struct smbXsrv_session
- is deleted by shutdown whilst this request is in flight.
-************************************************************************/
-
-static NTSTATUS tag_state_session_ptr(struct smbd_smb2_session_setup_state *state)
-{
- state->pp_self_ref = talloc_zero(state->session,
- struct smbd_smb2_session_setup_state *);
- if (state->pp_self_ref == NULL) {
- return NT_STATUS_NO_MEMORY;
- }
- *state->pp_self_ref = state;
- talloc_set_destructor(state->pp_self_ref, pp_self_ref_destructor);
- return NT_STATUS_OK;
-}
-
static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct smbd_smb2_request *smb2req,
@@ -578,8 +495,6 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
return tevent_req_post(req, ev);
}
- talloc_set_destructor(state, smbd_smb2_session_setup_state_destructor);
-
if (state->in_session_id == 0) {
/* create a new session */
status = smbXsrv_session_create(state->smb2req->xconn,
@@ -587,6 +502,7 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
+ smb2req->session = state->session;
} else {
if (smb2req->session == NULL) {
tevent_req_nterror(req, NT_STATUS_USER_SESSION_DELETED);
@@ -609,11 +525,6 @@ static struct tevent_req *smbd_smb2_session_setup_send(TALLOC_CTX *mem_ctx,
}
}
- status = tag_state_session_ptr(state);
- if (tevent_req_nterror(req, status)) {
- return tevent_req_post(req, ev);
- }
-
if (state->session->gensec == NULL) {
status = auth_generic_prepare(state->session,
state->smb2req->xconn->remote_address,
@@ -668,9 +579,6 @@ static void smbd_smb2_session_setup_gensec_done(struct tevent_req *subreq)
if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
state->out_session_id = state->session->global->session_wire_id;
- /* we want to keep the session */
- state->session = NULL;
- TALLOC_FREE(state->pp_self_ref);
tevent_req_nterror(req, status);
return;
}
@@ -735,9 +643,6 @@ static void smbd_smb2_session_setup_auth_return(struct tevent_req *req)
if (tevent_req_nterror(req, status)) {
return;
}
- /* we want to keep the session */
- state->session = NULL;
- TALLOC_FREE(state->pp_self_ref);
tevent_req_done(req);
return;
}
@@ -752,9 +657,6 @@ static void smbd_smb2_session_setup_auth_return(struct tevent_req *req)
return;
}
- /* we want to keep the session */
- state->session = NULL;
- TALLOC_FREE(state->pp_self_ref);
tevent_req_done(req);
return;
}
@@ -788,6 +690,162 @@ static NTSTATUS smbd_smb2_session_setup_recv(struct tevent_req *req,
return status;
}
+struct smbd_smb2_session_setup_wrap_state {
+ struct tevent_context *ev;
+ struct smbd_smb2_request *smb2req;
+ uint64_t in_session_id;
+ uint8_t in_flags;
+ uint8_t in_security_mode;
+ uint64_t in_previous_session_id;
+ DATA_BLOB in_security_buffer;
+ uint16_t out_session_flags;
+ DATA_BLOB out_security_buffer;
+ uint64_t out_session_id;
+ NTSTATUS error;
+};
+
+static void smbd_smb2_session_setup_wrap_setup_done(struct tevent_req *subreq);
+static void smbd_smb2_session_setup_wrap_shutdown_done(struct tevent_req *subreq);
+
+static struct tevent_req *smbd_smb2_session_setup_wrap_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct smbd_smb2_request *smb2req,
+ uint64_t in_session_id,
+ uint8_t in_flags,
+ uint8_t in_security_mode,
+ uint64_t in_previous_session_id,
+ DATA_BLOB in_security_buffer)
+{
+ struct tevent_req *req;
+ struct smbd_smb2_session_setup_wrap_state *state;
+ struct tevent_req *subreq;
+
+ req = tevent_req_create(mem_ctx, &state,
+ struct smbd_smb2_session_setup_wrap_state);
+ if (req == NULL) {
+ return NULL;
+ }
+ state->ev = ev;
+ state->smb2req = smb2req;
+ state->in_session_id = in_session_id;
+ state->in_flags = in_flags;
+ state->in_security_mode = in_security_mode;
+ state->in_previous_session_id = in_previous_session_id;
+ state->in_security_buffer = in_security_buffer;
+
+ subreq = smbd_smb2_session_setup_send(state, state->ev,
+ state->smb2req,
+ state->in_session_id,
+ state->in_flags,
+ state->in_security_mode,
+ state->in_previous_session_id,
+ state->in_security_buffer);
+ if (tevent_req_nomem(subreq, req)) {
+ return tevent_req_post(req, ev);
+ }
+ tevent_req_set_callback(subreq,
+ smbd_smb2_session_setup_wrap_setup_done, req);
+
+ return req;
+}
+
+static void smbd_smb2_session_setup_wrap_setup_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req =
+ tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct smbd_smb2_session_setup_wrap_state *state =
+ tevent_req_data(req,
+ struct smbd_smb2_session_setup_wrap_state);
+ NTSTATUS status;
+
+ status = smbd_smb2_session_setup_recv(subreq,
+ &state->out_session_flags,
+ state,
+ &state->out_security_buffer,
+ &state->out_session_id);
+ TALLOC_FREE(subreq);
+ if (NT_STATUS_IS_OK(status)) {
+ tevent_req_done(req);
+ return;
+ }
+ if (NT_STATUS_EQUAL(status, NT_STATUS_MORE_PROCESSING_REQUIRED)) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ if (state->smb2req->session == NULL) {
+ tevent_req_nterror(req, status);
+ return;
+ }
+
+ state->error = status;
+
+ subreq = smb2srv_session_shutdown_send(state, state->ev,
+ state->smb2req->session,
+ state->smb2req);
+ if (tevent_req_nomem(subreq, req)) {
+ return;
+ }
+ tevent_req_set_callback(subreq,
+ smbd_smb2_session_setup_wrap_shutdown_done,
+ req);
+}
+
+static void smbd_smb2_session_setup_wrap_shutdown_done(struct tevent_req *subreq)
+{
+ struct tevent_req *req =
+ tevent_req_callback_data(subreq,
+ struct tevent_req);
+ struct smbd_smb2_session_setup_wrap_state *state =
+ tevent_req_data(req,
+ struct smbd_smb2_session_setup_wrap_state);
+ NTSTATUS status;
+
+ status = smb2srv_session_shutdown_recv(subreq);
+ TALLOC_FREE(subreq);
+ if (tevent_req_nterror(req, status)) {
+ return;
+ }
+
+ /*
+ * we may need to sign the response, so we need to keep
+ * the session until the response is sent to the wire.
+ */
+ talloc_steal(state->smb2req, state->smb2req->session);
+
+ tevent_req_nterror(req, state->error);
+}
+
+static NTSTATUS smbd_smb2_session_setup_wrap_recv(struct tevent_req *req,
+ uint16_t *out_session_flags,
+ TALLOC_CTX *mem_ctx,
--
Samba Shared Repository
More information about the samba-cvs
mailing list