diff options
author | Jeremy Allison <jra@samba.org> | 2003-12-01 01:04:04 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2003-12-01 01:04:04 +0000 |
commit | 12d3246a6c0fe2d6241d7f7ec8573b263a559390 (patch) | |
tree | 97ed32a18e7037a4bcb072cd97760914e087ef41 /source3/libsmb/smb_signing.c | |
parent | 2ad1159990f5f1be37af12d36b35def37d69ab25 (diff) | |
download | samba-12d3246a6c0fe2d6241d7f7ec8573b263a559390.tar.gz samba-12d3246a6c0fe2d6241d7f7ec8573b263a559390.tar.bz2 samba-12d3246a6c0fe2d6241d7f7ec8573b263a559390.zip |
Better fix for client signing bug. Ensure we don't malloc/free trans signing
state info each packet.
Jeremy.
(This used to be commit 818cf32d6330f7e7855ce662326003e75d4a1d46)
Diffstat (limited to 'source3/libsmb/smb_signing.c')
-rw-r--r-- | source3/libsmb/smb_signing.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/source3/libsmb/smb_signing.c b/source3/libsmb/smb_signing.c index 755a1548eb..cb35fda220 100644 --- a/source3/libsmb/smb_signing.c +++ b/source3/libsmb/smb_signing.c @@ -457,9 +457,12 @@ BOOL cli_simple_set_signing(struct cli_state *cli, const DATA_BLOB user_session_ /*********************************************************** Tell client code we are in a multiple trans reply state. + We call this after the last outgoing trans2 packet (which + has incremented the sequence numbers), so we must save the + current mid and sequence number -2. ************************************************************/ -void cli_signing_trans_start(struct cli_state *cli) +void cli_signing_trans_start(struct cli_state *cli, uint16 mid) { struct smb_basic_signing_context *data = cli->sign_info.signing_context; @@ -469,9 +472,9 @@ void cli_signing_trans_start(struct cli_state *cli) data->trans_info = smb_xmalloc(sizeof(struct trans_info_context)); ZERO_STRUCTP(data->trans_info); - data->trans_info->send_seq_num = data->send_seq_num; - data->trans_info->mid = SVAL(cli->outbuf,smb_mid); - data->trans_info->reply_seq_num = data->send_seq_num+1; + data->trans_info->send_seq_num = data->send_seq_num-2; + data->trans_info->mid = mid; + data->trans_info->reply_seq_num = data->send_seq_num-1; DEBUG(10,("cli_signing_trans_start: storing mid = %u, reply_seq_num = %u, send_seq_num = %u \ data->send_seq_num = %u\n", @@ -492,10 +495,15 @@ void cli_signing_trans_stop(struct cli_state *cli) if (!cli->sign_info.doing_signing || !data) return; + DEBUG(10,("cli_signing_trans_stop: freeing mid = %u, reply_seq_num = %u, send_seq_num = %u \ +data->send_seq_num = %u\n", + (unsigned int)data->trans_info->mid, + (unsigned int)data->trans_info->reply_seq_num, + (unsigned int)data->trans_info->send_seq_num, + (unsigned int)data->send_seq_num )); + SAFE_FREE(data->trans_info); data->trans_info = NULL; - - data->send_seq_num += 2; } /*********************************************************** |