[SCM] Samba Shared Repository - branch master updated
Volker Lendecke
vlendec at samba.org
Wed Jan 11 08:18:01 UTC 2023
The branch, master has been updated
via 7ffa732d828 s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c
via 2fe95f6a302 s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets.
via 55f4ac65f91 s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close().
from d7bab36ad11 tests/krb5: Use Python bindings for LZ77+Huffman compression
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7ffa732d8280c2e88daab6c3b97de71a3cdfb3ba
Author: Jeremy Allison <jra at samba.org>
Date: Mon Jan 9 17:33:14 2023 -0800
s3: smbd: Move check_fsp_open() and check_fsp() to smb1_reply.c
As these functions can implicitly call reply_nterror(..., NT_STATUS_INVALID_HANDLE)
they should never be available to SMB2 code paths.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
Autobuild-User(master): Volker Lendecke <vl at samba.org>
Autobuild-Date(master): Wed Jan 11 08:17:04 UTC 2023 on sn-devel-184
commit 2fe95f6a3020ed2d582f94ab7640e8ef640a1c36
Author: Jeremy Allison <jra at samba.org>
Date: Mon Jan 9 17:22:12 2023 -0800
s3: smbd: Ensure check_fsp_ntquota_handle() doesn't send SMB1 error packets.
check_fsp_ntquota_handle() is called from SMB2 codepaths as
well as from SMB1. Even in the SMB1 cases the callers of
check_fsp_ntquota_handle() handle sendng the error packet when
check_fsp_ntquota_handle returns false so on a 'return false'
we'd end up sending an error packet twice.
The SMB2 callers of check_fsp_ntquota_handle()
already check that fsp is valid, so there's
no danger of us sending an SMB1 error packet
over the SMB2 stream (so I'm not classing
this as a bug to be back-ported).
Fix check_fsp_ntquota_handle() by inlineing
the check_fsp_open() functionality without
the reply_nterror() calls.
This will allow the next commit to move check_fsp_open()
with the implicit reply_nterror() and also check_fsp()
(which calls check_fsp_open()) into the SMB1 smb1_reply.c
file as SMB1-only code.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
commit 55f4ac65f9120d12ed4059b5c3214e9a97f97205
Author: Jeremy Allison <jra at samba.org>
Date: Mon Jan 9 17:28:06 2023 -0800
s3: smbd: SMB1 check_fsp_open() implicitly calls reply_nterror(.., NT_STATUS_INVALID_HANDLE) on error so don't duplicate in reply_close().
We'd end up sending 2 SMB1 error packets in this case.
Signed-off-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Volker Lendecke <vl at samba.org>
-----------------------------------------------------------------------
Summary of changes:
source3/smbd/smb1_reply.c | 41 ++++++++++++++++++++++++++++++++++++++++-
source3/smbd/smb2_reply.c | 46 +++++-----------------------------------------
2 files changed, 45 insertions(+), 42 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/smbd/smb1_reply.c b/source3/smbd/smb1_reply.c
index d53f5902da4..de6b4d99f79 100644
--- a/source3/smbd/smb1_reply.c
+++ b/source3/smbd/smb1_reply.c
@@ -52,6 +52,46 @@
#include "source3/printing/rap_jobid.h"
#include "source3/lib/substitute.h"
+/****************************************************************************
+ Check if we have a correct fsp pointing to a file. Basic check for open fsp.
+****************************************************************************/
+
+bool check_fsp_open(connection_struct *conn, struct smb_request *req,
+ files_struct *fsp)
+{
+ if ((fsp == NULL) || (conn == NULL)) {
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ return false;
+ }
+ if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ return false;
+ }
+ return true;
+}
+
+/****************************************************************************
+ Check if we have a correct fsp pointing to a file.
+****************************************************************************/
+
+bool check_fsp(connection_struct *conn, struct smb_request *req,
+ files_struct *fsp)
+{
+ if (!check_fsp_open(conn, req, fsp)) {
+ return false;
+ }
+ if (fsp->fsp_flags.is_directory) {
+ reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
+ return false;
+ }
+ if (fsp_get_pathref_fd(fsp) == -1) {
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+ return false;
+ }
+ fsp->num_smb_operations++;
+ return true;
+}
+
/****************************************************************************
Reply to a tcon.
conn POINTER CAN BE NULL HERE !
@@ -4744,7 +4784,6 @@ void reply_close(struct smb_request *smb1req)
*/
if (!check_fsp_open(conn, smb1req, fsp)) {
- reply_nterror(smb1req, NT_STATUS_INVALID_HANDLE);
END_PROFILE(SMBclose);
return;
}
diff --git a/source3/smbd/smb2_reply.c b/source3/smbd/smb2_reply.c
index 90aa92193b9..76e3cf789cd 100644
--- a/source3/smbd/smb2_reply.c
+++ b/source3/smbd/smb2_reply.c
@@ -524,46 +524,6 @@ size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req,
bufrem, flags);
}
-/****************************************************************************
- Check if we have a correct fsp pointing to a file. Basic check for open fsp.
-****************************************************************************/
-
-bool check_fsp_open(connection_struct *conn, struct smb_request *req,
- files_struct *fsp)
-{
- if ((fsp == NULL) || (conn == NULL)) {
- reply_nterror(req, NT_STATUS_INVALID_HANDLE);
- return False;
- }
- if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
- reply_nterror(req, NT_STATUS_INVALID_HANDLE);
- return False;
- }
- return True;
-}
-
-/****************************************************************************
- Check if we have a correct fsp pointing to a file.
-****************************************************************************/
-
-bool check_fsp(connection_struct *conn, struct smb_request *req,
- files_struct *fsp)
-{
- if (!check_fsp_open(conn, req, fsp)) {
- return False;
- }
- if (fsp->fsp_flags.is_directory) {
- reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
- return False;
- }
- if (fsp_get_pathref_fd(fsp) == -1) {
- reply_nterror(req, NT_STATUS_ACCESS_DENIED);
- return False;
- }
- fsp->num_smb_operations++;
- return True;
-}
-
/****************************************************************************
Check if we have a correct fsp pointing to a quota fake file. Replacement for
the CHECK_NTQUOTA_HANDLE_OK macro.
@@ -572,7 +532,11 @@ bool check_fsp(connection_struct *conn, struct smb_request *req,
bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
files_struct *fsp)
{
- if (!check_fsp_open(conn, req, fsp)) {
+ if ((fsp == NULL) || (conn == NULL)) {
+ return false;
+ }
+
+ if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
return false;
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list