diff options
author | Jeremy Allison <jra@samba.org> | 2010-04-07 10:32:01 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2010-04-07 10:32:01 -0700 |
commit | 556b42a351e3584550f79d1c7ad83b44f3a5562b (patch) | |
tree | af6506859e20b9136b95f9d3ec4e8f13b6f8dd05 | |
parent | 146c1618e44591a11afade87f67797e6f80fa813 (diff) | |
download | samba-556b42a351e3584550f79d1c7ad83b44f3a5562b.tar.gz samba-556b42a351e3584550f79d1c7ad83b44f3a5562b.tar.bz2 samba-556b42a351e3584550f79d1c7ad83b44f3a5562b.zip |
On compound requests, MS-SMB2 says clients MAY use 0xFFFFFFFF for compound tid and 0xFFFFFFFFFFFFFFFF for compound sessionid values. Cope with this.
Jeremy.
-rw-r--r-- | source3/smbd/smb2_sesssetup.c | 20 | ||||
-rw-r--r-- | source3/smbd/smb2_tcon.c | 19 |
2 files changed, 39 insertions, 0 deletions
diff --git a/source3/smbd/smb2_sesssetup.c b/source3/smbd/smb2_sesssetup.c index 0df4bd6c56..b3ea3fae9f 100644 --- a/source3/smbd/smb2_sesssetup.c +++ b/source3/smbd/smb2_sesssetup.c @@ -338,15 +338,29 @@ static NTSTATUS smbd_smb2_session_setup(struct smbd_smb2_request *req, NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req) { const uint8_t *inhdr; + const uint8_t *outhdr; int i = req->current_idx; uint64_t in_session_id; void *p; struct smbd_smb2_session *session; + bool chained_fixup = false; inhdr = (const uint8_t *)req->in.vector[i+0].iov_base; in_session_id = BVAL(inhdr, SMB2_HDR_SESSION_ID); + if (i > 2 && in_session_id == (0xFFFFFFFFFFFFFFFFLL)) { + /* + * Chained request - fill in session_id from + * the previous request out.vector[].iov_base. + * We can't modify the inhdr here as we have + * yet to check signing. + */ + outhdr = (const uint8_t *)req->out.vector[i-3].iov_base; + in_session_id = BVAL(outhdr, SMB2_HDR_SESSION_ID); + chained_fixup = true; + } + /* lookup an existing session */ p = idr_find(req->sconn->smb2.sessions.idtree, in_session_id); if (p == NULL) { @@ -363,6 +377,12 @@ NTSTATUS smbd_smb2_request_check_session(struct smbd_smb2_request *req) pdb_get_domain(session->server_info->sam_account)); req->session = session; + + if (chained_fixup) { + /* Fix up our own outhdr. */ + outhdr = (const uint8_t *)req->out.vector[i].iov_base; + SBVAL(outhdr, SMB2_HDR_SESSION_ID, in_session_id); + } return NT_STATUS_OK; } diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c index bd33007c18..3eb9da29a0 100644 --- a/source3/smbd/smb2_tcon.c +++ b/source3/smbd/smb2_tcon.c @@ -220,15 +220,27 @@ static NTSTATUS smbd_smb2_tree_connect(struct smbd_smb2_request *req, NTSTATUS smbd_smb2_request_check_tcon(struct smbd_smb2_request *req) { const uint8_t *inhdr; + const uint8_t *outhdr; int i = req->current_idx; uint32_t in_tid; void *p; struct smbd_smb2_tcon *tcon; + bool chained_fixup = false; inhdr = (const uint8_t *)req->in.vector[i+0].iov_base; in_tid = IVAL(inhdr, SMB2_HDR_TID); + if (i > 2 && in_tid == (0xFFFFFFFF)) { + /* + * Chained request - fill in tid from + * the previous request out.vector[].iov_base. + */ + outhdr = (const uint8_t *)req->out.vector[i-3].iov_base; + in_tid = IVAL(outhdr, SMB2_HDR_TID); + chained_fixup = true; + } + /* lookup an existing session */ p = idr_find(req->session->tcons.idtree, in_tid); if (p == NULL) { @@ -246,6 +258,13 @@ NTSTATUS smbd_smb2_request_check_tcon(struct smbd_smb2_request *req) } req->tcon = tcon; + + if (chained_fixup) { + /* Fix up our own outhdr. */ + outhdr = (const uint8_t *)req->out.vector[i].iov_base; + SIVAL(outhdr, SMB2_HDR_TID, in_tid); + } + return NT_STATUS_OK; } |