[SCM] Samba Shared Repository - branch master updated

Volker Lendecke vlendec at samba.org
Wed Jan 11 08:18:01 UTC 2023 

The branch, master has been updated
       via  7ffa732d828 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c
       via  2fe95f6a302 s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets.
       via  55f4ac65f91 s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close().
      from  d7bab36ad11 tests/krb5: Use Python bindings for LZ77+Huffman compression

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 7ffa732d8280c2e88daab6c3b97de71a3cdfb3ba
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Jan 9 17:33:14 2023 -0800

    s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c
    
    As these functions can implicitly call reply_nterror(..., NT_STATUS_INVALID_HANDLE)
    they should never be available to SMB2 code paths.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>
    
    Autobuild-User(master): Volker Lendecke <vl at samba.org>
    Autobuild-Date(master): Wed Jan 11 08:17:04 UTC 2023 on sn-devel-184

commit 2fe95f6a3020ed2d582f94ab7640e8ef640a1c36
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Jan 9 17:22:12 2023 -0800

    s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets.
    
    check_fsp_ntquota_handle() is called from SMB2 codepaths as
    well as from SMB1. Even in the SMB1 cases the callers of
    check_fsp_ntquota_handle() handle sendng the error packet when
    check_fsp_ntquota_handle returns false so on a 'return false'
    we'd end up sending an error packet twice.
    
    The SMB2 callers of check_fsp_ntquota_handle()
    already check that fsp is valid, so there's
    no danger of us sending an SMB1 error packet
    over the SMB2 stream (so I'm not classing
    this as a bug to be back-ported).
    
    Fix check_fsp_ntquota_handle() by inlineing
    the check_fsp_open() functionality without
    the reply_nterror() calls.
    
    This will allow the next commit to move check_fsp_open()
    with the implicit reply_nterror() and also check_fsp()
    (which calls check_fsp_open()) into the SMB1 smb1_reply.c
    file as SMB1-only code.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>

commit 55f4ac65f9120d12ed4059b5c3214e9a97f97205
Author: Jeremy Allison <jra at samba.org>
Date:   Mon Jan 9 17:28:06 2023 -0800

    s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close().
    
    We'd end up sending 2 SMB1 error packets in this case.
    
    Signed-off-by: Jeremy Allison <jra at samba.org>
    Reviewed-by: Volker Lendecke <vl at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/smb1_reply.c | 41 ++++++++++++++++++++++++++++++++++++++++-
 source3/smbd/smb2_reply.c | 46 +++++-----------------------------------------
 2 files changed, 45 insertions(+), 42 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/smb1_reply.c b/source3/smbd/smb1_reply.c
index d53f5902da4..de6b4d99f79 100644
--- a/source3/smbd/smb1_reply.c
+++ b/source3/smbd/smb1_reply.c
@@ -52,6 +52,46 @@
 #include "source3/printing/rap_jobid.h"
 #include "source3/lib/substitute.h"
 
+/****************************************************************************
+ Check if we have a correct fsp pointing to a file. Basic check for open fsp.
+****************************************************************************/
+
+bool check_fsp_open(connection_struct *conn, struct smb_request *req,
+                    files_struct *fsp)
+{
+	if ((fsp == NULL) || (conn == NULL)) {
+		reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+		return false;
+	}
+	if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
+		reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+		return false;
+	}
+	return true;
+}
+
+/****************************************************************************
+ Check if we have a correct fsp pointing to a file.
+****************************************************************************/
+
+bool check_fsp(connection_struct *conn, struct smb_request *req,
+               files_struct *fsp)
+{
+	if (!check_fsp_open(conn, req, fsp)) {
+		return false;
+	}
+	if (fsp->fsp_flags.is_directory) {
+		reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
+		return false;
+	}
+	if (fsp_get_pathref_fd(fsp) == -1) {
+		reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+		return false;
+	}
+	fsp->num_smb_operations++;
+	return true;
+}
+
 /****************************************************************************
  Reply to a tcon.
  conn POINTER CAN BE NULL HERE !
@@ -4744,7 +4784,6 @@ void reply_close(struct smb_request *smb1req)
 	 */
 
 	if (!check_fsp_open(conn, smb1req, fsp)) {
-		reply_nterror(smb1req, NT_STATUS_INVALID_HANDLE);
 		END_PROFILE(SMBclose);
 		return;
 	}
diff --git a/source3/smbd/smb2_reply.c b/source3/smbd/smb2_reply.c
index 90aa92193b9..76e3cf789cd 100644
--- a/source3/smbd/smb2_reply.c
+++ b/source3/smbd/smb2_reply.c
@@ -524,46 +524,6 @@ size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req,
 				  bufrem, flags);
 }
 
-/****************************************************************************
- Check if we have a correct fsp pointing to a file. Basic check for open fsp.
-****************************************************************************/
-
-bool check_fsp_open(connection_struct *conn, struct smb_request *req,
-		    files_struct *fsp)
-{
-	if ((fsp == NULL) || (conn == NULL)) {
-		reply_nterror(req, NT_STATUS_INVALID_HANDLE);
-		return False;
-	}
-	if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
-		reply_nterror(req, NT_STATUS_INVALID_HANDLE);
-		return False;
-	}
-	return True;
-}
-
-/****************************************************************************
- Check if we have a correct fsp pointing to a file.
-****************************************************************************/
-
-bool check_fsp(connection_struct *conn, struct smb_request *req,
-	       files_struct *fsp)
-{
-	if (!check_fsp_open(conn, req, fsp)) {
-		return False;
-	}
-	if (fsp->fsp_flags.is_directory) {
-		reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
-		return False;
-	}
-	if (fsp_get_pathref_fd(fsp) == -1) {
-		reply_nterror(req, NT_STATUS_ACCESS_DENIED);
-		return False;
-	}
-	fsp->num_smb_operations++;
-	return True;
-}
-
 /****************************************************************************
  Check if we have a correct fsp pointing to a quota fake file. Replacement for
  the CHECK_NTQUOTA_HANDLE_OK macro.
@@ -572,7 +532,11 @@ bool check_fsp(connection_struct *conn, struct smb_request *req,
 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
 			      files_struct *fsp)
 {
-	if (!check_fsp_open(conn, req, fsp)) {
+	if ((fsp == NULL) || (conn == NULL)) {
+		return false;
+	}
+
+	if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
 		return false;
 	}
 


-- 
Samba Shared Repository

More information about the samba-cvs mailing list