diff options
| author | Jeremy Allison <jra@samba.org> | 2007-04-19 22:40:32 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:19:30 -0500 |
| commit | 0829e1ad1c3646efecf50729f493b9ee72ef0517 (patch) | |
| tree | fe0ee36b774cdd89a13745fd34be495cd5b4ed83 /source3 | |
| parent | 36da6cb5847df2754e8f9223e0784da6013c572b (diff) | |
| download | samba-0829e1ad1c3646efecf50729f493b9ee72ef0517.tar.gz samba-0829e1ad1c3646efecf50729f493b9ee72ef0517.tar.bz2 samba-0829e1ad1c3646efecf50729f493b9ee72ef0517.zip | |
r22391: Looks bigger than it is. Make "inbuf" available
to all callers of smb_setlen (via set_message()
calls). This will allow the server to reflect back
the correct encryption context.
Jeremy.
(This used to be commit 2d80a96120a5fe2fe726f00746d36d85044c4bdb)
Diffstat (limited to 'source3')
29 files changed, 378 insertions, 278 deletions
diff --git a/source3/include/smb_macros.h b/source3/include/smb_macros.h index 2b596d3c6b..4a49ef3ed4 100644 --- a/source3/include/smb_macros.h +++ b/source3/include/smb_macros.h @@ -162,15 +162,15 @@ #define HAS_CACHED_ERROR(fsp) ((fsp)->wbmpx_ptr && \ (fsp)->wbmpx_ptr->wr_discard) /* Macro to turn the cached error into an error packet */ -#define CACHED_ERROR(fsp) cached_error_packet(outbuf,fsp,__LINE__,__FILE__) +#define CACHED_ERROR(fsp) cached_error_packet(inbuf,outbuf,fsp,__LINE__,__FILE__) -#define ERROR_DOS(class,code) error_packet(outbuf,class,code,NT_STATUS_OK,__LINE__,__FILE__) -#define ERROR_NT(status) error_packet(outbuf,0,0,status,__LINE__,__FILE__) -#define ERROR_FORCE_NT(status) error_packet(outbuf,-1,-1,status,__LINE__,__FILE__) -#define ERROR_BOTH(status,class,code) error_packet(outbuf,class,code,status,__LINE__,__FILE__) +#define ERROR_DOS(class,code) error_packet(inbuf,outbuf,class,code,NT_STATUS_OK,__LINE__,__FILE__) +#define ERROR_NT(status) error_packet(inbuf,outbuf,0,0,status,__LINE__,__FILE__) +#define ERROR_FORCE_NT(status) error_packet(inbuf,outbuf,-1,-1,status,__LINE__,__FILE__) +#define ERROR_BOTH(status,class,code) error_packet(inbuf,outbuf,class,code,status,__LINE__,__FILE__) /* this is how errors are generated */ -#define UNIXERROR(defclass,deferror) unix_error_packet(outbuf,defclass,deferror,NT_STATUS_OK,__LINE__,__FILE__) +#define UNIXERROR(defclass,deferror) unix_error_packet(inbuf,outbuf,defclass,deferror,NT_STATUS_OK,__LINE__,__FILE__) /* these are the datagram types */ #define DGRAM_DIRECT_UNIQUE 0x10 diff --git a/source3/lib/util.c b/source3/lib/util.c index bb92466a05..a9065816cf 100644 --- a/source3/lib/util.c +++ b/source3/lib/util.c @@ -533,7 +533,7 @@ void smb_set_enclen(char *buf,int len,uint16 enc_ctx_num) Set the length and marker of an smb packet. ********************************************************************/ -void smb_setlen(char *buf,int len,const char *frombuf) +void smb_setlen(const char *frombuf, char *buf, int len) { _smb_setlen(buf,len); @@ -553,14 +553,14 @@ void smb_setlen(char *buf,int len,const char *frombuf) Setup the word count and byte count for a smb message. ********************************************************************/ -int set_message(char *buf,int num_words,int num_bytes,BOOL zero) +int set_message(const char *frombuf, char *buf,int num_words,int num_bytes,BOOL zero) { if (zero && (num_words || num_bytes)) { memset(buf + smb_size,'\0',num_words*2 + num_bytes); } SCVAL(buf,smb_wct,num_words); SSVAL(buf,smb_vwv + num_words*SIZEOFWORD,num_bytes); - smb_setlen(buf,smb_size + num_words*2 + num_bytes - 4, NULL); + smb_setlen(frombuf, buf,smb_size + num_words*2 + num_bytes - 4); return (smb_size + num_words*2 + num_bytes); } @@ -568,11 +568,11 @@ int set_message(char *buf,int num_words,int num_bytes,BOOL zero) Setup only the byte count for a smb message. ********************************************************************/ -int set_message_bcc(char *buf,int num_bytes) +int set_message_bcc(const char *frombuf, char *buf,int num_bytes) { int num_words = CVAL(buf,smb_wct); SSVAL(buf,smb_vwv + num_words*SIZEOFWORD,num_bytes); - smb_setlen(buf,smb_size + num_words*2 + num_bytes - 4, NULL); + smb_setlen(frombuf, buf,smb_size + num_words*2 + num_bytes - 4); return (smb_size + num_words*2 + num_bytes); } @@ -581,9 +581,11 @@ int set_message_bcc(char *buf,int num_bytes) message as a marker. ********************************************************************/ -int set_message_end(void *outbuf,void *end_ptr) +int set_message_end(const char *frombuf, void *outbuf,void *end_ptr) { - return set_message_bcc((char *)outbuf,PTR_DIFF(end_ptr,smb_buf((char *)outbuf))); + return set_message_bcc(frombuf, + (char *)outbuf, + PTR_DIFF(end_ptr,smb_buf((char *)outbuf))); } /******************************************************************* diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index dff098cd01..cc2a7304be 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -99,7 +99,7 @@ static NTSTATUS cli_session_setup_lanman2(struct cli_state *cli, /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,10, 0, True); + set_message(NULL,cli->outbuf,10, 0, True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -169,7 +169,7 @@ static NTSTATUS cli_session_setup_guest(struct cli_state *cli) uint32 capabilities = cli_session_setup_capabilities(cli); memset(cli->outbuf, '\0', smb_size); - set_message(cli->outbuf,13,0,True); + set_message(NULL,cli->outbuf,13,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -229,7 +229,7 @@ static NTSTATUS cli_session_setup_plaintext(struct cli_state *cli, fstr_sprintf( lanman, "Samba %s", SAMBA_VERSION_STRING); memset(cli->outbuf, '\0', smb_size); - set_message(cli->outbuf,13,0,True); + set_message(NULL,cli->outbuf,13,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -378,7 +378,7 @@ static NTSTATUS cli_session_setup_nt1(struct cli_state *cli, const char *user, /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,13,0,True); + set_message(NULL,cli->outbuf,13,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -458,7 +458,7 @@ static BOOL cli_session_setup_blob_send(struct cli_state *cli, DATA_BLOB blob) /* send a session setup command */ memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,12,0,True); + set_message(NULL,cli->outbuf,12,0,True); SCVAL(cli->outbuf,smb_com,SMBsesssetupX); cli_setup_packet(cli); @@ -982,7 +982,7 @@ NTSTATUS cli_session_setup(struct cli_state *cli, BOOL cli_ulogoff(struct cli_state *cli) { memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,2,0,True); + set_message(NULL,cli->outbuf,2,0,True); SCVAL(cli->outbuf,smb_com,SMBulogoffX); cli_setup_packet(cli); SSVAL(cli->outbuf,smb_vwv0,0xFF); @@ -1059,7 +1059,7 @@ BOOL cli_send_tconX(struct cli_state *cli, slprintf(fullshare, sizeof(fullshare)-1, "\\\\%s\\%s", cli->desthost, share); - set_message(cli->outbuf,4, 0, True); + set_message(NULL,cli->outbuf,4, 0, True); SCVAL(cli->outbuf,smb_com,SMBtconX); cli_setup_packet(cli); @@ -1110,7 +1110,7 @@ BOOL cli_send_tconX(struct cli_state *cli, BOOL cli_tdis(struct cli_state *cli) { memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,0,0,True); + set_message(NULL,cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBtdis); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -1142,7 +1142,7 @@ void cli_negprot_send(struct cli_state *cli) memset(cli->outbuf,'\0',smb_size); /* setup the protocol strings */ - set_message(cli->outbuf,0,0,True); + set_message(NULL,cli->outbuf,0,0,True); p = smb_buf(cli->outbuf); for (numprots=0; @@ -1182,7 +1182,7 @@ BOOL cli_negprot(struct cli_state *cli) numprots++) plength += strlen(prots[numprots].name)+2; - set_message(cli->outbuf,0,plength,True); + set_message(NULL,cli->outbuf,0,plength,True); p = smb_buf(cli->outbuf); for (numprots=0; @@ -1716,7 +1716,7 @@ NTSTATUS cli_raw_tcon(struct cli_state *cli, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf, 0, 0, True); + set_message(NULL,cli->outbuf, 0, 0, True); SCVAL(cli->outbuf,smb_com,SMBtcon); cli_setup_packet(cli); diff --git a/source3/libsmb/clidgram.c b/source3/libsmb/clidgram.c index 83ea81ddf1..2f64b2c05d 100644 --- a/source3/libsmb/clidgram.c +++ b/source3/libsmb/clidgram.c @@ -72,7 +72,7 @@ BOOL cli_send_mailslot(BOOL unique, const char *mailslot, /* Setup the smb part. */ ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */ memcpy(tmp,ptr,4); - set_message(ptr,17,strlen(mailslot) + 1 + len,True); + set_message(NULL,ptr,17,strlen(mailslot) + 1 + len,True); memcpy(ptr,tmp,4); SCVAL(ptr,smb_com,SMBtrans); diff --git a/source3/libsmb/clientgen.c b/source3/libsmb/clientgen.c index de575e83a2..e1dacb3921 100644 --- a/source3/libsmb/clientgen.c +++ b/source3/libsmb/clientgen.c @@ -298,7 +298,7 @@ void cli_setup_packet(struct cli_state *cli) void cli_setup_bcc(struct cli_state *cli, void *p) { - set_message_bcc(cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf))); + set_message_bcc(NULL,cli->outbuf, PTR_DIFF(p, smb_buf(cli->outbuf))); } /**************************************************************************** @@ -584,7 +584,7 @@ BOOL cli_echo(struct cli_state *cli, unsigned char *data, size_t length) SMB_ASSERT(length < 1024); memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,1,length,True); + set_message(NULL,cli->outbuf,1,length,True); SCVAL(cli->outbuf,smb_com,SMBecho); SSVAL(cli->outbuf,smb_tid,65535); SSVAL(cli->outbuf,smb_vwv0,1); diff --git a/source3/libsmb/clifile.c b/source3/libsmb/clifile.c index ce2081a81e..ad6029f224 100644 --- a/source3/libsmb/clifile.c +++ b/source3/libsmb/clifile.c @@ -390,7 +390,7 @@ BOOL cli_rename(struct cli_state *cli, const char *fname_src, const char *fname_ memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,1, 0, True); + set_message(NULL,cli->outbuf,1, 0, True); SCVAL(cli->outbuf,smb_com,SMBmv); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -427,7 +427,7 @@ BOOL cli_ntrename(struct cli_state *cli, const char *fname_src, const char *fnam memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf, 4, 0, True); + set_message(NULL,cli->outbuf, 4, 0, True); SCVAL(cli->outbuf,smb_com,SMBntrename); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -465,7 +465,7 @@ BOOL cli_nt_hardlink(struct cli_state *cli, const char *fname_src, const char *f memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf, 4, 0, True); + set_message(NULL,cli->outbuf, 4, 0, True); SCVAL(cli->outbuf,smb_com,SMBntrename); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -503,7 +503,7 @@ BOOL cli_unlink_full(struct cli_state *cli, const char *fname, uint16 attrs) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,1, 0,True); + set_message(NULL,cli->outbuf,1, 0,True); SCVAL(cli->outbuf,smb_com,SMBunlink); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -548,7 +548,7 @@ BOOL cli_mkdir(struct cli_state *cli, const char *dname) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,0, 0,True); + set_message(NULL,cli->outbuf,0, 0,True); SCVAL(cli->outbuf,smb_com,SMBmkdir); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -583,7 +583,7 @@ BOOL cli_rmdir(struct cli_state *cli, const char *dname) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,0, 0, True); + set_message(NULL,cli->outbuf,0, 0, True); SCVAL(cli->outbuf,smb_com,SMBrmdir); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -665,7 +665,7 @@ int cli_nt_create_full(struct cli_state *cli, const char *fname, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,24,0,True); + set_message(NULL,cli->outbuf,24,0,True); SCVAL(cli->outbuf,smb_com,SMBntcreateX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -759,7 +759,7 @@ int cli_open(struct cli_state *cli, const char *fname, int flags, int share_mode memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,15,0,True); + set_message(NULL,cli->outbuf,15,0,True); SCVAL(cli->outbuf,smb_com,SMBopenX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -806,7 +806,7 @@ BOOL cli_close(struct cli_state *cli, int fnum) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,3,0,True); + set_message(NULL,cli->outbuf,3,0,True); SCVAL(cli->outbuf,smb_com,SMBclose); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -838,7 +838,7 @@ NTSTATUS cli_locktype(struct cli_state *cli, int fnum, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0', smb_size); - set_message(cli->outbuf,8,0,True); + set_message(NULL,cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -890,7 +890,7 @@ BOOL cli_lock(struct cli_state *cli, int fnum, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0', smb_size); - set_message(cli->outbuf,8,0,True); + set_message(NULL,cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -943,7 +943,7 @@ BOOL cli_unlock(struct cli_state *cli, int fnum, uint32 offset, uint32 len) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,8,0,True); + set_message(NULL,cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -995,7 +995,7 @@ BOOL cli_lock64(struct cli_state *cli, int fnum, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0', smb_size); - set_message(cli->outbuf,8,0,True); + set_message(NULL,cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1050,7 +1050,7 @@ BOOL cli_unlock64(struct cli_state *cli, int fnum, SMB_BIG_UINT offset, SMB_BIG_ memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,8,0,True); + set_message(NULL,cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBlockingX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1197,7 +1197,7 @@ BOOL cli_getattrE(struct cli_state *cli, int fd, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,1,0,True); + set_message(NULL,cli->outbuf,1,0,True); SCVAL(cli->outbuf,smb_com,SMBgetattrE); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1249,7 +1249,7 @@ BOOL cli_getatr(struct cli_state *cli, const char *fname, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,0,0,True); + set_message(NULL,cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBgetatr); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1301,7 +1301,7 @@ BOOL cli_setattrE(struct cli_state *cli, int fd, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,7,0,True); + set_message(NULL,cli->outbuf,7,0,True); SCVAL(cli->outbuf,smb_com,SMBsetattrE); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1340,7 +1340,7 @@ BOOL cli_setatr(struct cli_state *cli, const char *fname, uint16 attr, time_t t) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,8,0,True); + set_message(NULL,cli->outbuf,8,0,True); SCVAL(cli->outbuf,smb_com,SMBsetatr); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1382,7 +1382,7 @@ BOOL cli_chkpath(struct cli_state *cli, const char *path) *path2 = '\\'; memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,0,0,True); + set_message(NULL,cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBcheckpath); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -1409,7 +1409,7 @@ BOOL cli_chkpath(struct cli_state *cli, const char *path) BOOL cli_dskattr(struct cli_state *cli, int *bsize, int *total, int *avail) { memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,0,0,True); + set_message(NULL,cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBdskattr); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -1438,7 +1438,7 @@ int cli_ctemp(struct cli_state *cli, const char *path, char **tmp_path) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,3,0,True); + set_message(NULL,cli->outbuf,3,0,True); SCVAL(cli->outbuf,smb_com,SMBctemp); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -1488,7 +1488,7 @@ NTSTATUS cli_raw_ioctl(struct cli_state *cli, int fnum, uint32 code, DATA_BLOB * memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf, 3, 0, True); + set_message(NULL,cli->outbuf, 3, 0, True); SCVAL(cli->outbuf,smb_com,SMBioctl); cli_setup_packet(cli); diff --git a/source3/libsmb/clilist.c b/source3/libsmb/clilist.c index 3e76cd4775..8290a57742 100644 --- a/source3/libsmb/clilist.c +++ b/source3/libsmb/clilist.c @@ -418,7 +418,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,2,0,True); + set_message(NULL,cli->outbuf,2,0,True); SCVAL(cli->outbuf,smb_com,SMBsearch); @@ -475,7 +475,7 @@ int cli_list_old(struct cli_state *cli,const char *Mask,uint16 attribute, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,2,0,True); + set_message(NULL,cli->outbuf,2,0,True); SCVAL(cli->outbuf,smb_com,SMBfclose); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); diff --git a/source3/libsmb/climessage.c b/source3/libsmb/climessage.c index 1aa659c1ba..6850c4b8df 100644 --- a/source3/libsmb/climessage.c +++ b/source3/libsmb/climessage.c @@ -30,7 +30,7 @@ int cli_message_start_build(struct cli_state *cli, char *host, char *username) /* construct a SMBsendstrt command */ memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,0,0,True); + set_message(NULL,cli->outbuf,0,0,True); SCVAL(cli->outbuf,smb_com,SMBsendstrt); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -75,7 +75,7 @@ int cli_message_text_build(struct cli_state *cli, char *msg, int len, int grp) char *p; memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,1,0,True); + set_message(NULL,cli->outbuf,1,0,True); SCVAL(cli->outbuf,smb_com,SMBsendtxt); SSVAL(cli->outbuf,smb_tid,cli->cnum); cli_setup_packet(cli); @@ -125,7 +125,7 @@ int cli_message_end_build(struct cli_state *cli, int grp) char *p; memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,1,0,True); + set_message(NULL,cli->outbuf,1,0,True); SCVAL(cli->outbuf,smb_com,SMBsendend); SSVAL(cli->outbuf,smb_tid,cli->cnum); diff --git a/source3/libsmb/clioplock.c b/source3/libsmb/clioplock.c index 037d7147db..c08bde0248 100644 --- a/source3/libsmb/clioplock.c +++ b/source3/libsmb/clioplock.c @@ -32,7 +32,7 @@ BOOL cli_oplock_ack(struct cli_state *cli, int fnum, unsigned char level) cli->outbuf = buf; memset(buf,'\0',smb_size); - set_message(buf,8,0,True); + set_message(NULL,buf,8,0,True); SCVAL(buf,smb_com,SMBlockingX); SSVAL(buf,smb_tid, cli->cnum); diff --git a/source3/libsmb/cliprint.c b/source3/libsmb/cliprint.c index cb04e0ddcc..b09fb38906 100644 --- a/source3/libsmb/cliprint.c +++ b/source3/libsmb/cliprint.c @@ -194,7 +194,7 @@ int cli_spl_open(struct cli_state *cli, const char *fname, int flags, int share_ memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,15,0,True); + set_message(NULL,cli->outbuf,15,0,True); SCVAL(cli->outbuf,smb_com,SMBsplopen); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -241,7 +241,7 @@ BOOL cli_spl_close(struct cli_state *cli, int fnum) memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,3,0,True); + set_message(NULL,cli->outbuf,3,0,True); SCVAL(cli->outbuf,smb_com,SMBsplclose); SSVAL(cli->outbuf,smb_tid,cli->cnum); diff --git a/source3/libsmb/clireadwrite.c b/source3/libsmb/clireadwrite.c index 02fa804f41..1c72cb2942 100644 --- a/source3/libsmb/clireadwrite.c +++ b/source3/libsmb/clireadwrite.c @@ -35,7 +35,7 @@ static BOOL cli_issue_read(struct cli_state *cli, int fnum, off_t offset, if ((SMB_BIG_UINT)offset >> 32) bigoffset = True; - set_message(cli->outbuf,bigoffset ? 12 : 10,0,True); + set_message(NULL,cli->outbuf,bigoffset ? 12 : 10,0,True); SCVAL(cli->outbuf,smb_com,SMBreadX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -176,7 +176,7 @@ static BOOL cli_issue_readraw(struct cli_state *cli, int fnum, off_t offset, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,10,0,True); + set_message(NULL,cli->outbuf,10,0,True); SCVAL(cli->outbuf,smb_com,SMBreadbraw); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -285,9 +285,9 @@ static BOOL cli_issue_write(struct cli_state *cli, int fnum, off_t offset, } if (large_writex) - set_message(cli->outbuf,14,0,True); + set_message(NULL,cli->outbuf,14,0,True); else - set_message(cli->outbuf,12,0,True); + set_message(NULL,cli->outbuf,12,0,True); SCVAL(cli->outbuf,smb_com,SMBwriteX); SSVAL(cli->outbuf,smb_tid,cli->cnum); @@ -399,7 +399,7 @@ ssize_t cli_smbwrite(struct cli_state *cli, memset(cli->outbuf,'\0',smb_size); memset(cli->inbuf,'\0',smb_size); - set_message(cli->outbuf,5, 0,True); + set_message(NULL,cli->outbuf,5, 0,True); SCVAL(cli->outbuf,smb_com,SMBwrite); SSVAL(cli->outbuf,smb_tid,cli->cnum); diff --git a/source3/libsmb/clitrans.c b/source3/libsmb/clitrans.c index 33fddae202..3e3ebc1ce1 100644 --- a/source3/libsmb/clitrans.c +++ b/source3/libsmb/clitrans.c @@ -44,7 +44,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, this_ldata = MIN(ldata,cli->max_xmit - (500+lsetup*2+this_lparam)); memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,14+lsetup,0,True); + set_message(NULL,cli->outbuf,14+lsetup,0,True); SCVAL(cli->outbuf,smb_com,trans); SSVAL(cli->outbuf,smb_tid, cli->cnum); cli_setup_packet(cli); @@ -113,7 +113,7 @@ BOOL cli_send_trans(struct cli_state *cli, int trans, this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */ this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam)); - set_message(cli->outbuf,trans==SMBtrans?8:9,0,True); + set_message(NULL,cli->outbuf,trans==SMBtrans?8:9,0,True); SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2)); outparam = smb_buf(cli->outbuf); @@ -352,7 +352,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli, this_ldata = MIN(ldata,cli->max_xmit - (500+lsetup*2+this_lparam)); memset(cli->outbuf,'\0',smb_size); - set_message(cli->outbuf,19+lsetup,0,True); + set_message(NULL,cli->outbuf,19+lsetup,0,True); SCVAL(cli->outbuf,smb_com,SMBnttrans); SSVAL(cli->outbuf,smb_tid, cli->cnum); cli_setup_packet(cli); @@ -413,7 +413,7 @@ BOOL cli_send_nt_trans(struct cli_state *cli, this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */ this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam)); - set_message(cli->outbuf,18,0,True); + set_message(NULL,cli->outbuf,18,0,True); SCVAL(cli->outbuf,smb_com,SMBnttranss); /* XXX - these should probably be aligned */ diff --git a/source3/libsmb/smb_seal.c b/source3/libsmb/smb_seal.c index 2e3e2f4ce3..dde69570ab 100644 --- a/source3/libsmb/smb_seal.c +++ b/source3/libsmb/smb_seal.c @@ -95,7 +95,7 @@ NTSTATUS common_ntlm_decrypt_buffer(NTLMSSP_STATE *ntlmssp_state, char *buf) memcpy(buf + 8, inbuf + 8 + NTLMSSP_SIG_SIZE, data_len); /* Reset the length. */ - smb_setlen(buf, data_len + 4, inbuf); + smb_setlen(inbuf, buf, data_len + 4); SAFE_FREE(inbuf); return NT_STATUS_OK; @@ -204,7 +204,7 @@ static NTSTATUS common_gss_decrypt_buffer(struct smb_tran_enc_state_gss *gss_sta } memcpy(buf + 8, out_buf.value, out_buf.length); - smb_setlen(buf, out_buf.length + 4, out_buf.value); + smb_setlen(out_buf.value, buf, out_buf.length + 4); gss_release_buffer(&minor, &out_buf); return NT_STATUS_OK; diff --git a/source3/nmbd/nmbd_packets.c b/source3/nmbd/nmbd_packets.c index 87a38b9d2a..d34beb7ff6 100644 --- a/source3/nmbd/nmbd_packets.c +++ b/source3/nmbd/nmbd_packets.c @@ -1886,7 +1886,7 @@ BOOL send_mailslot(BOOL unique, const char *mailslot,char *buf, size_t len, /* Setup the smb part. */ ptr -= 4; /* XXX Ugliness because of handling of tcp SMB length. */ memcpy(tmp,ptr,4); - set_message(ptr,17,strlen(mailslot) + 1 + len,True); + set_message(NULL,ptr,17,strlen(mailslot) + 1 + len,True); memcpy(ptr,tmp,4); SCVAL(ptr,smb_com,SMBtrans); diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c index 6b403e1e36..0d4760a266 100644 --- a/source3/smbd/aio.c +++ b/source3/smbd/aio.c @@ -418,7 +418,7 @@ static int handle_aio_read_complete(struct aio_extra *aio_ex) aio_ex->acb.aio_nbytes, (int)nread ) ); } - smb_setlen(outbuf,outsize - 4,aio_ex->inbuf); + smb_setlen(aio_ex->inbuf,outbuf,outsize - 4); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) { exit_server_cleanly("handle_aio_read_complete: send_smb " diff --git a/source3/smbd/blocking.c b/source3/smbd/blocking.c index 58953bac11..d0caa29597 100644 --- a/source3/smbd/blocking.c +++ b/source3/smbd/blocking.c @@ -240,7 +240,7 @@ BOOL push_blocking_lock_request( struct byte_range_lock *br_lck, static void send_blocking_reply(char *outbuf, int outsize, const char *inbuf) { if(outsize > 4) { - smb_setlen(outbuf,outsize - 4, inbuf); + smb_setlen(inbuf, outbuf,outsize - 4); } if (!send_smb(smbd_server_fd(),outbuf)) { @@ -260,7 +260,7 @@ static void reply_lockingX_success(blocking_lock_record *blr) int outsize = 0; construct_reply_common(inbuf, outbuf); - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); /* * As this message is a lockingX call we must handle @@ -525,7 +525,7 @@ static BOOL process_trans2(blocking_lock_record *blr) SCVAL(outbuf,smb_com,SMBtrans2); SSVAL(params,0,0); /* Fake up max_data_bytes here - we know it fits. */ - send_trans2_replies(outbuf, max_send, params, 2, NULL, 0, 0xffff); + send_trans2_replies(inbuf, outbuf, max_send, params, 2, NULL, 0, 0xffff); return True; } diff --git a/source3/smbd/error.c b/source3/smbd/error.c index 0860b7d1d9..dc35c0fa64 100644 --- a/source3/smbd/error.c +++ b/source3/smbd/error.c @@ -29,7 +29,7 @@ extern uint32 global_client_caps; Create an error packet from a cached error. ****************************************************************************/ -int cached_error_packet(char *outbuf,files_struct *fsp,int line,const char *file) +int cached_error_packet(const char *inbuf,char *outbuf,files_struct *fsp,int line,const char *file) { write_bmpx_struct *wbmpx = fsp->wbmpx_ptr; int32 eclass = wbmpx->wr_errclass; @@ -38,14 +38,14 @@ int cached_error_packet(char *outbuf,files_struct *fsp,int line,const char *file /* We can now delete the auxiliary struct */ SAFE_FREE(fsp->wbmpx_ptr); - return error_packet(outbuf,eclass,err,ntstatus,line,file); + return error_packet(inbuf,outbuf,eclass,err,ntstatus,line,file); } /**************************************************************************** Create an error packet from errno. ****************************************************************************/ -int unix_error_packet(char *outbuf,int def_class,uint32 def_code, NTSTATUS def_status, int line, const char *file) +int unix_error_packet(const char *inbuf,char *outbuf,int def_class,uint32 def_code, NTSTATUS def_status, int line, const char *file) { int eclass=def_class; int ecode=def_code; @@ -66,7 +66,7 @@ int unix_error_packet(char *outbuf,int def_class,uint32 def_code, NTSTATUS def_s } } - return error_packet(outbuf,eclass,ecode,ntstatus,line,file); + return error_packet(inbuf,outbuf,eclass,ecode,ntstatus,line,file); } BOOL use_nt_status(void) @@ -126,9 +126,9 @@ void error_packet_set(char *outbuf, uint8 eclass, uint32 ecode, NTSTATUS ntstatu } } -int error_packet(char *outbuf, uint8 eclass, uint32 ecode, NTSTATUS ntstatus, int line, const char *file) +int error_packet(const char *inbuf, char *outbuf, uint8 eclass, uint32 ecode, NTSTATUS ntstatus, int line, const char *file) { - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(inbuf,outbuf,0,0,True); error_packet_set(outbuf, eclass, ecode, ntstatus, line, file); return outsize; } diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 6e5ff9f035..6b647fc72b 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -72,10 +72,13 @@ static void copy_trans_params_and_data(char *outbuf, int align, Send a trans reply. ****************************************************************************/ -void send_trans_reply(char *outbuf, - char *rparam, int rparam_len, - char *rdata, int rdata_len, - BOOL buffer_too_large) +void send_trans_reply(const char *inbuf, + char *outbuf, + char *rparam, + int rparam_len, + char *rdata, + int rdata_len, + BOOL buffer_too_large) { int this_ldata,this_lparam; int tot_data_sent = 0; @@ -97,11 +100,11 @@ void send_trans_reply(char *outbuf, ERROR_BOTH(STATUS_BUFFER_OVERFLOW,ERRDOS,ERRmoredata); } - set_message(outbuf,10,1+align+this_ldata+this_lparam,True); + set_message(inbuf,outbuf,10,1+align+this_ldata+this_lparam,True); copy_trans_params_and_data(outbuf, align, - rparam, tot_param_sent, this_lparam, - rdata, tot_data_sent, this_ldata); + rparam, tot_param_sent, this_lparam, + rdata, tot_data_sent, this_ldata); SSVAL(outbuf,smb_vwv0,lparam); SSVAL(outbuf,smb_vwv1,ldata); @@ -133,7 +136,7 @@ void send_trans_reply(char *outbuf, align = (this_lparam%4); - set_message(outbuf,10,1+this_ldata+this_lparam+align,False); + set_message(inbuf,outbuf,10,1+this_ldata+this_lparam+align,False); copy_trans_params_and_data(outbuf, align, rparam, tot_param_sent, this_lparam, @@ -160,7 +163,9 @@ void send_trans_reply(char *outbuf, Start the first part of an RPC reply which began with an SMBtrans request. ****************************************************************************/ -static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p) +static BOOL api_rpc_trans_reply(const char *inbuf, + char *outbuf, + smb_np_struct *p) { BOOL is_data_outstanding; char *rdata = (char *)SMB_MALLOC(p->max_trans_reply); @@ -177,7 +182,7 @@ static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p) return False; } - send_trans_reply(outbuf, NULL, 0, rdata, data_len, is_data_outstanding); + send_trans_reply(inbuf, outbuf, NULL, 0, rdata, data_len, is_data_outstanding); SAFE_FREE(rdata); return True; @@ -187,7 +192,11 @@ static BOOL api_rpc_trans_reply(char *outbuf, smb_np_struct *p) WaitNamedPipeHandleState ****************************************************************************/ -static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len) +static BOOL api_WNPHS(const char *inbuf, + char *outbuf, + smb_np_struct *p, + char *param, + int param_len) { uint16 priority; @@ -199,7 +208,7 @@ static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len if (wait_rpc_pipe_hnd_state(p, priority)) { /* now send the reply */ - send_trans_reply(outbuf, NULL, 0, NULL, 0, False); + send_trans_reply(inbuf, outbuf, NULL, 0, NULL, 0, False); return True; } return False; @@ -210,7 +219,11 @@ static BOOL api_WNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len SetNamedPipeHandleState ****************************************************************************/ -static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len) +static BOOL api_SNPHS(const char *inbuf, + char *outbuf, + smb_np_struct *p, + char *param, + int param_len) { uint16 id; @@ -222,7 +235,7 @@ static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len if (set_rpc_pipe_hnd_state(p, id)) { /* now send the reply */ - send_trans_reply(outbuf, NULL, 0, NULL, 0, False); + send_trans_reply(inbuf, outbuf, NULL, 0, NULL, 0, False); return True; } return False; @@ -233,7 +246,7 @@ static BOOL api_SNPHS(char *outbuf, smb_np_struct *p, char *param, int param_len When no reply is generated, indicate unsupported. ****************************************************************************/ -static BOOL api_no_reply(char *outbuf, int max_rdata_len) +static BOOL api_no_reply(const char *inbuf, char *outbuf, int max_rdata_len) { char rparam[4]; @@ -244,7 +257,7 @@ static BOOL api_no_reply(char *outbuf, int max_rdata_len) DEBUG(3,("Unsupported API fd command\n")); /* now send the reply */ - send_trans_reply(outbuf, rparam, 4, NULL, 0, False); + send_trans_reply(inbuf, outbuf, rparam, 4, NULL, 0, False); return -1; } @@ -253,9 +266,18 @@ static BOOL api_no_reply(char *outbuf, int max_rdata_len) Handle remote api calls delivered to a named pipe already opened. ****************************************************************************/ -static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf, - uint16 *setup,char *data,char *params, - int suwcnt,int tdscnt,int tpscnt,int mdrcnt,int mprcnt) +static int api_fd_reply(connection_struct *conn, + uint16 vuid, + const char *inbuf, + char *outbuf, + uint16 *setup, + char *data, + char *params, + int suwcnt, + int tdscnt, + int tpscnt, + int mdrcnt, + int mprcnt) { BOOL reply = False; smb_np_struct *p = NULL; @@ -283,7 +305,7 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf, /* Win9x does this call with a unicode pipe name, not a pnum. */ /* Just return success for now... */ DEBUG(3,("Got TRANSACT_WAITNAMEDPIPEHANDLESTATE on text pipe name\n")); - send_trans_reply(outbuf, NULL, 0, NULL, 0, False); + send_trans_reply(inbuf, outbuf, NULL, 0, NULL, 0, False); return -1; } @@ -309,51 +331,94 @@ static int api_fd_reply(connection_struct *conn,uint16 vuid,char *outbuf, /* dce/rpc command */ reply = write_to_pipe(p, data, tdscnt); if (reply) - reply = api_rpc_trans_reply(outbuf, p); + reply = api_rpc_trans_reply(inbuf, outbuf, p); break; case TRANSACT_WAITNAMEDPIPEHANDLESTATE: /* Wait Named Pipe Handle state */ - reply = api_WNPHS(outbuf, p, params, tpscnt); + reply = api_WNPHS(inbuf, outbuf, p, params, tpscnt); break; case TRANSACT_SETNAMEDPIPEHANDLESTATE: /* Set Named Pipe Handle state */ - reply = api_SNPHS(outbuf, p, params, tpscnt); + reply = api_SNPHS(inbuf, outbuf, p, params, tpscnt); break; default: return ERROR_NT(NT_STATUS_INVALID_PARAMETER); } if (!reply) - return api_no_reply(outbuf, mdrcnt); + return api_no_reply(inbuf, outbuf, mdrcnt); return -1; } /**************************************************************************** - handle named pipe commands - ****************************************************************************/ -static int named_pipe(connection_struct *conn,uint16 vuid, char *outbuf,char *name, - uint16 *setup,char *data,char *params, - int suwcnt,int tdscnt,int tpscnt, - int msrcnt,int mdrcnt,int mprcnt) + Handle named pipe commands. +****************************************************************************/ + +static int named_pipe(connection_struct *conn, + uint16 vuid, + const char *inbuf, + char *outbuf, + char *name, + uint16 *setup, + char *data, + char *params, + int suwcnt, + int tdscnt, + int tpscnt, + int msrcnt, + int mdrcnt, + int mprcnt) { DEBUG(3,("named pipe command on <%s> name\n", name)); - if (strequal(name,"LANMAN")) - return api_reply(conn,vuid,outbuf,data,params,tdscnt,tpscnt,mdrcnt,mprcnt); + if (strequal(name,"LANMAN")) { + return api_reply(conn, + vuid, + inbuf, + outbuf, + data, + params, + tdscnt, + tpscnt, + mdrcnt, + mprcnt); + } if (strequal(name,"WKSSVC") || strequal(name,"SRVSVC") || strequal(name,"WINREG") || strequal(name,"SAMR") || - strequal(name,"LSARPC")) - { + strequal(name,"LSARPC")) { DEBUG(4,("named pipe command from Win95 (wow!)\n")); - return api_fd_reply(conn,vuid,outbuf,setup,data,params,suwcnt,tdscnt,tpscnt,mdrcnt,mprcnt); + return api_fd_reply(conn, + vuid, + inbuf, + outbuf, + setup, + data, + params, + suwcnt, + tdscnt, + tpscnt, + mdrcnt, + mprcnt); } - if (strlen(name) < 1) - return api_fd_reply(conn,vuid,outbuf,setup,data,params,suwcnt,tdscnt,tpscnt,mdrcnt,mprcnt); + if (strlen(name) < 1) { + return api_fd_reply(conn, + vuid, + inbuf, + outbuf, + setup, + data, + params, + suwcnt, + tdscnt, + tpscnt, + mdrcnt, + mprcnt); + } if (setup) DEBUG(3,("unknown named pipe: setup 0x%X setup1=%d\n", (int)setup[0],(int)setup[1])); @@ -362,8 +427,10 @@ static int named_pipe(connection_struct *conn,uint16 vuid, char *outbuf,char *na } static NTSTATUS handle_trans(connection_struct *conn, - struct trans_state *state, - char *outbuf, int *outsize) + struct trans_state *state, + const char *inbuf, + char *outbuf, + int *outsize) { char *local_machine_name; int name_offset = 0; @@ -402,15 +469,18 @@ static NTSTATUS handle_trans(connection_struct *conn, name_offset++; DEBUG(5,("calling named_pipe\n")); - *outsize = named_pipe(conn, state->vuid, outbuf, - state->name+name_offset, - state->setup,state->data, - state->param, - state->setup_count,state->total_data, - state->total_param, - state->max_setup_return, - state->max_data_return, - state->max_param_return); + *outsize = named_pipe(conn, + state->vuid, + inbuf, + outbuf, + state->name+name_offset, + state->setup,state->data, + state->param, + state->setup_count,state->total_data, + state->total_param, + state->max_setup_return, + state->max_data_return, + state->max_param_return); if (*outsize == 0) { return NT_STATUS_NOT_SUPPORTED; @@ -426,8 +496,11 @@ static NTSTATUS handle_trans(connection_struct *conn, Reply to a SMBtrans. ****************************************************************************/ -int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, - int size, int bufsize) +int reply_trans(connection_struct *conn, + char *inbuf, + char *outbuf, + int size, + int bufsize) { int outsize = 0; unsigned int dsoff = SVAL(inbuf, smb_dsoff); @@ -552,7 +625,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, if ((state->received_param == state->total_param) && (state->received_data == state->total_data)) { - result = handle_trans(conn, state, outbuf, &outsize); + result = handle_trans(conn, state, inbuf, outbuf, &outsize); SAFE_FREE(state->data); SAFE_FREE(state->param); @@ -576,7 +649,7 @@ int reply_trans(connection_struct *conn, char *inbuf,char *outbuf, /* We need to send an interim response then receive the rest of the parameter/data bytes */ - outsize = set_message(outbuf,0,0,True); + outsize = set_message(inbuf,outbuf,0,0,True); show_msg(outbuf); END_PROFILE(SMBtrans); return outsize; @@ -687,7 +760,7 @@ int reply_transs(connection_struct *conn, char *inbuf,char *outbuf, */ SCVAL(outbuf,smb_com,SMBtrans); - result = handle_trans(conn, state, outbuf, &outsize); + result = handle_trans(conn, state, inbuf, outbuf, &outsize); DLIST_REMOVE(conn->pending_trans, state); SAFE_FREE(state->data); diff --git a/source3/smbd/lanman.c b/source3/smbd/lanman.c index 15e0284521..cd2750d759 100644 --- a/source3/smbd/lanman.c +++ b/source3/smbd/lanman.c @@ -4360,11 +4360,19 @@ static const struct { /**************************************************************************** - Handle remote api calls - ****************************************************************************/ + Handle remote api calls. +****************************************************************************/ -int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char *params, - int tdscnt,int tpscnt,int mdrcnt,int mprcnt) +int api_reply(connection_struct *conn, + uint16 vuid, + const char *inbuf, + char *outbuf, + char *data, + char *params, + int tdscnt, + int tpscnt, + int mdrcnt, + int mprcnt) { int api_command; char *rdata = NULL; @@ -4457,7 +4465,13 @@ int api_reply(connection_struct *conn,uint16 vuid,char *outbuf,char *data,char * /* If api_Unsupported returns false we can't return anything. */ if (reply) { - send_trans_reply(outbuf, rparam, rparam_len, rdata, rdata_len, False); + send_trans_reply(inbuf, + outbuf, + rparam, + rparam_len, + rdata, + rdata_len, + False); } SAFE_FREE(rdata); diff --git a/source3/smbd/message.c b/source3/smbd/message.c index fd53e60c14..e6a5015276 100644 --- a/source3/smbd/message.c +++ b/source3/smbd/message.c @@ -131,7 +131,7 @@ int reply_sends(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return(ERROR_DOS(ERRSRV,ERRmsgoff)); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(inbuf,outbuf,0,0,True); p = smb_buf(inbuf)+1; p += srvstr_pull_buf(inbuf, msgfrom, p, sizeof(msgfrom), STR_ASCII|STR_TERMINATE) + 1; @@ -170,7 +170,7 @@ int reply_sendstrt(connection_struct *conn, char *inbuf,char *outbuf, int dum_si return(ERROR_DOS(ERRSRV,ERRmsgoff)); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); memset(msgbuf,'\0',sizeof(msgbuf)); msgpos = 0; @@ -202,7 +202,7 @@ int reply_sendtxt(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz return(ERROR_DOS(ERRSRV,ERRmsgoff)); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(inbuf,outbuf,0,0,True); msg = smb_buf(inbuf) + 1; @@ -233,7 +233,7 @@ int reply_sendend(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz return(ERROR_DOS(ERRSRV,ERRmsgoff)); } - outsize = set_message(outbuf,0,0,True); + outsize = set_message(inbuf,outbuf,0,0,True); DEBUG(3,("SMBsendend\n")); diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c index e1df08579d..1722c81d2a 100644 --- a/source3/smbd/negprot.c +++ b/source3/smbd/negprot.c @@ -56,7 +56,7 @@ static void get_challenge(char buff[8]) static int reply_corep(char *inbuf, char *outbuf) { - int outsize = set_message(outbuf,1,0,True); + int outsize = set_message(inbuf,outbuf,1,0,True); Protocol = PROTOCOL_CORE; @@ -70,7 +70,7 @@ static int reply_corep(char *inbuf, char *outbuf) static int reply_coreplus(char *inbuf, char *outbuf) { int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0); - int outsize = set_message(outbuf,13,0,True); + int outsize = set_message(inbuf,outbuf,13,0,True); SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support readbraw and writebraw (possibly) */ /* Reply, SMBlockread, SMBwritelock supported. */ @@ -99,7 +99,7 @@ static int reply_lanman1(char *inbuf, char *outbuf) if (global_encrypted_passwords_negotiated) secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE; - set_message(outbuf,13,global_encrypted_passwords_negotiated?8:0,True); + set_message(inbuf,outbuf,13,global_encrypted_passwords_negotiated?8:0,True); SSVAL(outbuf,smb_vwv1,secword); /* Create a token value and add it to the outgoing packet. */ if (global_encrypted_passwords_negotiated) { @@ -141,7 +141,7 @@ static int reply_lanman2(char *inbuf, char *outbuf) if (global_encrypted_passwords_negotiated) secword |= NEGOTIATE_SECURITY_CHALLENGE_RESPONSE; - set_message(outbuf,13,global_encrypted_passwords_negotiated?8:0,True); + set_message(inbuf,outbuf,13,global_encrypted_passwords_negotiated?8:0,True); SSVAL(outbuf,smb_vwv1,secword); SIVAL(outbuf,smb_vwv6,sys_getpid()); @@ -325,7 +325,7 @@ static int reply_nt1(char *inbuf, char *outbuf) } } - set_message(outbuf,17,0,True); + set_message(inbuf,outbuf,17,0,True); SCVAL(outbuf,smb_vwv1,secword); @@ -369,7 +369,7 @@ static int reply_nt1(char *inbuf, char *outbuf) } SSVAL(outbuf,smb_vwv17, p - q); /* length of challenge+domain strings */ - set_message_end(outbuf, p); + set_message_end(inbuf,outbuf, p); return (smb_len(outbuf)+4); } @@ -485,7 +485,7 @@ int reply_negprot(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,1,0,True); + int outsize = set_message(inbuf,outbuf,1,0,True); int Index=0; int choice= -1; int protocol; diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c index cf60720bc7..d18bbb180f 100644 --- a/source3/smbd/notify.c +++ b/source3/smbd/notify.c @@ -107,6 +107,7 @@ static BOOL notify_marshall_changes(int num_changes, static void change_notify_reply_packet(const char *request_buf, NTSTATUS error_code) { + const char *inbuf = request_buf; char outbuf[smb_size+38]; memset(outbuf, '\0', sizeof(outbuf)); @@ -118,7 +119,7 @@ static void change_notify_reply_packet(const char *request_buf, * Seems NT needs a transact command with an error code * in it. This is a longer packet than a simple error. */ - set_message(outbuf,18,0,False); + set_message(inbuf,outbuf,18,0,False); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) @@ -161,7 +162,7 @@ void change_notify_reply(const char *request_buf, uint32 max_param_count, construct_reply_common(request_buf, outbuf); - if (send_nt_replies(outbuf, buflen, NT_STATUS_OK, prs_data_p(&ps), + if (send_nt_replies(request_buf, outbuf, buflen, NT_STATUS_OK, prs_data_p(&ps), prs_offset(&ps), NULL, 0) == -1) { exit_server("change_notify_reply_packet: send_smb failed."); } diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 94de1c709c..fa9828ae03 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -68,8 +68,14 @@ static char *nttrans_realloc(char **ptr, size_t size) HACK ! Always assumes smb_setup field is zero. ****************************************************************************/ -int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error, - char *params, int paramsize, char *pdata, int datasize) +int send_nt_replies(const char *inbuf, + char *outbuf, + int bufsize, + NTSTATUS nt_error, + char *params, + int paramsize, + char *pdata, + int datasize) { int data_to_send = datasize; int params_to_send = paramsize; @@ -85,7 +91,7 @@ int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error, * transNT replies. */ - set_message(outbuf,18,0,True); + set_message(inbuf,outbuf,18,0,True); if (NT_STATUS_V(nt_error)) { ERROR_NT(nt_error); @@ -149,7 +155,7 @@ int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error, total_sent_thistime = MIN(total_sent_thistime, useable_space); - set_message(outbuf, 18, total_sent_thistime, True); + set_message(inbuf,outbuf, 18, total_sent_thistime, True); /* * Set total params and data to be sent. @@ -392,10 +398,10 @@ static int do_ntcreate_pipe_open(connection_struct *conn, * the wcnt to 42 ? It's definately * what happens on the wire.... */ - set_message(outbuf,50,0,True); + set_message(inbuf,outbuf,50,0,True); SCVAL(outbuf,smb_wct,42); } else { - set_message(outbuf,34,0,True); + set_message(inbuf,outbuf,34,0,True); } p = outbuf + smb_vwv2; @@ -454,7 +460,7 @@ int reply_ntcreate_and_X_quota(connection_struct *conn, return ERROR_NT(status); } - set_message(outbuf,34,0,True); + set_message(inbuf,outbuf,34,0,True); p = outbuf + smb_vwv2; @@ -876,10 +882,10 @@ int reply_ntcreate_and_X(connection_struct *conn, * the wcnt to 42 ? It's definately * what happens on the wire.... */ - set_message(outbuf,50,0,True); + set_message(inbuf,outbuf,50,0,True); SCVAL(outbuf,smb_wct,42); } else { - set_message(outbuf,34,0,True); + set_message(inbuf,outbuf,34,0,True); } p = outbuf + smb_vwv2; @@ -1042,7 +1048,7 @@ static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, cha DEBUG(5,("do_nt_transact_create_pipe: open name = %s\n", fname)); /* Send the required number of replies */ - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0); + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0); return -1; } @@ -1637,7 +1643,7 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o DEBUG(5,("call_nt_transact_create: open name = %s\n", fname)); /* Send the required number of replies */ - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0); + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, param_len, *ppdata, 0); return -1; } @@ -1898,7 +1904,7 @@ int reply_ntrename(connection_struct *conn, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBntrename); return(outsize); @@ -2045,7 +2051,7 @@ static int call_nt_transact_rename(connection_struct *conn, char *inbuf, char *o /* * Rename was successful. */ - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); DEBUG(3,("nt transact rename from = %s, to = %s succeeded.\n", fsp->fsp_name, new_name)); @@ -2133,7 +2139,7 @@ static int call_nt_transact_query_security_desc(connection_struct *conn, char *i if(max_data_count < sd_size) { - send_nt_replies(outbuf, bufsize, NT_STATUS_BUFFER_TOO_SMALL, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_BUFFER_TOO_SMALL, params, 4, *ppdata, 0); talloc_destroy(mem_ctx); return -1; @@ -2182,7 +2188,7 @@ security descriptor.\n")); talloc_destroy(mem_ctx); - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 4, data, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, 4, data, (int)sd_size); return -1; } @@ -2229,7 +2235,7 @@ static int call_nt_transact_set_security_desc(connection_struct *conn, char *inb done: - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); return -1; } @@ -2275,7 +2281,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou so we can know if we need to pre-allocate or not */ DEBUG(10,("FSCTL_SET_SPARSE: called on FID[0x%04X](but not implemented)\n", fidnum)); - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); return -1; @@ -2285,7 +2291,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou */ DEBUG(10,("FSCTL_0x000900C0: called on FID[0x%04X](but not implemented)\n",fidnum)); - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); return -1; @@ -2295,7 +2301,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou */ DEBUG(10,("FSCTL_GET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n",fidnum)); - send_nt_replies(outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT, NULL, 0, NULL, 0); return -1; @@ -2305,7 +2311,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou */ DEBUG(10,("FSCTL_SET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n",fidnum)); - send_nt_replies(outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT, NULL, 0, NULL, 0); return -1; @@ -2419,7 +2425,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou talloc_destroy(shadow_data->mem_ctx); - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, pdata, data_count); return -1; @@ -2472,7 +2478,7 @@ static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *ou */ /* this works for now... */ - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0); return -1; } @@ -2739,7 +2745,7 @@ static int call_nt_transact_get_user_quota(connection_struct *conn, char *inbuf, break; } - send_nt_replies(outbuf, bufsize, nt_status, params, param_len, + send_nt_replies(inbuf, outbuf, bufsize, nt_status, params, param_len, pdata, data_len); return -1; @@ -2857,7 +2863,7 @@ static int call_nt_transact_set_user_quota(connection_struct *conn, char *inbuf, return ERROR_DOS(ERRSRV,ERRerror); } - send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len, + send_nt_replies(inbuf, outbuf, bufsize, NT_STATUS_OK, params, param_len, pdata, data_len); return -1; @@ -3141,7 +3147,7 @@ int reply_nttrans(connection_struct *conn, /* We need to send an interim response then receive the rest of the parameter/data bytes */ - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); show_msg(outbuf); END_PROFILE(SMBnttrans); return outsize; diff --git a/source3/smbd/oplock.c b/source3/smbd/oplock.c index 423d6b3a99..26ee52b797 100644 --- a/source3/smbd/oplock.c +++ b/source3/smbd/oplock.c @@ -259,7 +259,7 @@ static char *new_break_smb_message(TALLOC_CTX *mem_ctx, } memset(result,'\0',smb_size); - set_message(result,8,0,True); + set_message(NULL,result,8,0,True); SCVAL(result,smb_com,SMBlockingX); SSVAL(result,smb_tid,fsp->conn->cnum); SSVAL(result,smb_pid,0xFFFF); diff --git a/source3/smbd/pipes.c b/source3/smbd/pipes.c index 52660da2ff..bec2f19f86 100644 --- a/source3/smbd/pipes.c +++ b/source3/smbd/pipes.c @@ -108,7 +108,7 @@ int reply_open_pipe_and_X(connection_struct *conn, } /* Prepare the reply */ - set_message(outbuf,15,0,True); + set_message(inbuf,outbuf,15,0,True); /* Mark the opened file as an existing named pipe in message mode. */ SSVAL(outbuf,smb_vwv9,2); @@ -162,7 +162,7 @@ int reply_pipe_write(char *inbuf,char *outbuf,int length,int dum_bufsize) return (UNIXERROR(ERRDOS,ERRnoaccess)); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); @@ -224,7 +224,7 @@ int reply_pipe_write_and_X(char *inbuf,char *outbuf,int length,int bufsize) return (UNIXERROR(ERRDOS,ERRnoaccess)); } - set_message(outbuf,6,0,True); + set_message(inbuf,outbuf,6,0,True); nwritten = (pipe_start_message_raw ? nwritten + 2 : nwritten); SSVAL(outbuf,smb_vwv2,nwritten); @@ -260,7 +260,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) return(ERROR_DOS(ERRDOS,ERRbadfid)); } - set_message(outbuf,12,0,True); + set_message(inbuf,outbuf,12,0,True); data = smb_buf(outbuf); nread = read_from_pipe(p, data, smb_maxcnt, &unused); @@ -277,7 +277,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) p->pnum, smb_mincnt, smb_maxcnt, nread)); /* Ensure we set up the message length to include the data length read. */ - set_message_bcc(outbuf,nread); + set_message_bcc(inbuf,outbuf,nread); return chain_reply(inbuf,outbuf,length,bufsize); } @@ -288,7 +288,7 @@ int reply_pipe_read_and_X(char *inbuf,char *outbuf,int length,int bufsize) int reply_pipe_close(connection_struct *conn, char *inbuf,char *outbuf) { smb_np_struct *p = get_rpc_pipe_p(inbuf,smb_vwv0); - int outsize = set_message(outbuf,0,0,True); + int outsize = set_message(inbuf,outbuf,0,0,True); if (!p) { return(ERROR_DOS(ERRDOS,ERRbadfid)); diff --git a/source3/smbd/process.c b/source3/smbd/process.c index c6bcfb7394..ff1170f552 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1040,7 +1040,7 @@ static int construct_reply(char *inbuf,char *outbuf,int size,int bufsize) outsize += chain_size; if(outsize > 4) { - smb_setlen(outbuf,outsize - 4, inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); } return(outsize); } @@ -1129,7 +1129,7 @@ void remove_from_common_flags2(uint32 v) void construct_reply_common(const char *inbuf, char *outbuf) { - set_message(outbuf,0,0,False); + set_message(inbuf,outbuf,0,0,False); SCVAL(outbuf,smb_com,CVAL(inbuf,smb_com)); SIVAL(outbuf,smb_rcls,0); @@ -1220,7 +1220,7 @@ int chain_reply(char *inbuf,char *outbuf,int size,int bufsize) } /* And set it in the header. */ - smb_setlen(inbuf2, new_size, inbuf); + smb_setlen(inbuf, inbuf2, new_size); /* create the out buffer */ construct_reply_common(inbuf2, outbuf2); diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 1b6f861cb8..bf739aa643 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -303,7 +303,7 @@ int reply_special(char *inbuf,char *outbuf) memset(outbuf,'\0',smb_size); - smb_setlen(outbuf,0,inbuf); + smb_setlen(inbuf,outbuf,0); switch (msg_type) { case 0x81: /* session request */ @@ -421,7 +421,7 @@ int reply_tcon(connection_struct *conn, return ERROR_NT(nt_status); } - outsize = set_message(outbuf,2,0,True); + outsize = set_message(inbuf,outbuf,2,0,True); SSVAL(outbuf,smb_vwv0,max_recv); SSVAL(outbuf,smb_vwv1,conn->cnum); SSVAL(outbuf,smb_tid,conn->cnum); @@ -523,11 +523,11 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt server_devicetype = "A:"; if (Protocol < PROTOCOL_NT1) { - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); p = smb_buf(outbuf); p += srvstr_push(outbuf, p, server_devicetype, -1, STR_TERMINATE|STR_ASCII); - set_message_end(outbuf,p); + set_message_end(inbuf,outbuf,p); } else { /* NT sets the fstype of IPC$ to the null string */ const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn)); @@ -537,7 +537,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt uint32 perm1 = 0; uint32 perm2 = 0; - set_message(outbuf,7,0,True); + set_message(inbuf,outbuf,7,0,True); if (IS_IPC(conn)) { perm1 = FILE_ALL_ACCESS; @@ -551,7 +551,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt SIVAL(outbuf, smb_vwv3, perm1); SIVAL(outbuf, smb_vwv5, perm2); } else { - set_message(outbuf,3,0,True); + set_message(inbuf,outbuf,3,0,True); } p = smb_buf(outbuf); @@ -560,7 +560,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p += srvstr_push(outbuf, p, fstype, -1, STR_TERMINATE); - set_message_end(outbuf,p); + set_message_end(inbuf,outbuf,p); /* what does setting this bit do? It is set by NT4 and may affect the ability to autorun mounted cdroms */ @@ -623,7 +623,7 @@ int reply_ioctl(connection_struct *conn, return(ERROR_DOS(ERRSRV,ERRnosupport)); } - outsize = set_message(outbuf,8,replysize+1,True); + outsize = set_message(inbuf,outbuf,8,replysize+1,True); SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */ SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */ SSVAL(outbuf,smb_vwv6,52); /* Offset to data */ @@ -719,7 +719,7 @@ int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_s return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBcheckpath); return outsize; @@ -815,7 +815,7 @@ int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size } } - outsize = set_message(outbuf,10,0,True); + outsize = set_message(inbuf,outbuf,10,0,True); SSVAL(outbuf,smb_vwv0,mode); if(lp_dos_filetime_resolution(SNUM(conn)) ) { @@ -908,7 +908,7 @@ int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return UNIXERROR(ERRDOS, ERRnoaccess); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) ); @@ -931,7 +931,7 @@ int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz return(UNIXERROR(ERRHRD,ERRgeneral)); } - outsize = set_message(outbuf,5,0,True); + outsize = set_message(inbuf,outbuf,5,0,True); if (Protocol <= PROTOCOL_LANMAN2) { double total_space, free_space; @@ -1010,7 +1010,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size expect_close = True; } - outsize = set_message(outbuf,1,3,True); + outsize = set_message(inbuf,outbuf,1,3,True); maxentries = SVAL(inbuf,smb_vwv0); dirtype = SVAL(inbuf,smb_vwv1); p = smb_buf(inbuf) + 1; @@ -1182,7 +1182,7 @@ int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS))); outsize += DIR_STRUCT_SIZE*numentries; - smb_setlen(outbuf,outsize - 4,inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); if ((! *directory) && dptr_path(dptr_num)) slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); @@ -1217,7 +1217,7 @@ int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return reply_unknown(inbuf, outbuf); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); p = smb_buf(inbuf) + 1; p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard); if (!NT_STATUS_IS_OK(err)) { @@ -1336,7 +1336,7 @@ int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRDOS,ERRnoaccess); } - outsize = set_message(outbuf,7,0,True); + outsize = set_message(inbuf,outbuf,7,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); SSVAL(outbuf,smb_vwv1,fattr); if(lp_dos_filetime_resolution(SNUM(conn)) ) { @@ -1512,9 +1512,9 @@ int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt } if (open_flags & EXTENDED_RESPONSE_REQUIRED) { - set_message(outbuf,19,0,True); + set_message(inbuf,outbuf,19,0,True); } else { - set_message(outbuf,15,0,True); + set_message(inbuf,outbuf,15,0,True); } SSVAL(outbuf,smb_vwv2,fsp->fnum); SSVAL(outbuf,smb_vwv3,fattr); @@ -1556,7 +1556,7 @@ int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length, invalidate_vuid(vuid); - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) ); @@ -1651,7 +1651,7 @@ int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, ts[0] = get_atimespec(&sbuf); /* atime. */ file_ntimes(conn, fname, ts); - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { @@ -1750,7 +1750,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); /* the returned filename is relative to the directory */ @@ -1769,7 +1769,7 @@ int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, #endif namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE); p += namelen; - outsize = set_message_end(outbuf, p); + outsize = set_message_end(inbuf,outbuf, p); if (oplock_request && lp_fake_oplocks(SNUM(conn))) { SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED); @@ -2131,7 +2131,7 @@ int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBunlink); return outsize; @@ -2402,7 +2402,7 @@ int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - outsize = set_message(outbuf,5,3,True); + outsize = set_message(inbuf,outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); data = smb_buf(outbuf) + 3; @@ -2483,7 +2483,7 @@ int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int numtoread = SVAL(inbuf,smb_vwv1); startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2); - outsize = set_message(outbuf,5,3,True); + outsize = set_message(inbuf,outbuf,5,3,True); numtoread = MIN(BUFFER_SIZE-outsize,numtoread); /* * The requested read size cannot be greater than max_recv. JRA. @@ -2570,7 +2570,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1)); SSVAL(smb_buf(outbuf),-2,smb_maxcnt); SCVAL(outbuf,smb_vwv0,0xFF); - set_message(outbuf,12,smb_maxcnt,False); + set_message(inbuf,outbuf,12,smb_maxcnt,False); header.data = (uint8 *)outbuf; header.length = data - outbuf; header.free = NULL; @@ -2625,7 +2625,7 @@ int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length return(UNIXERROR(ERRDOS,ERRnoaccess)); } - outsize = set_message(outbuf,12,nread,False); + outsize = set_message(inbuf,outbuf,12,nread,False); SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */ SSVAL(outbuf,smb_vwv5,nread); SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf)); @@ -2666,7 +2666,7 @@ int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt return(ERROR_DOS(ERRDOS,ERRbadaccess)); } - set_message(outbuf,12,0,True); + set_message(inbuf,outbuf,12,0,True); if (global_client_caps & CAP_LARGE_READX) { if (SVAL(inbuf,smb_vwv7) == 1) { @@ -2790,7 +2790,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, /* Return a message to the redirector to tell it to send more bytes */ SCVAL(outbuf,smb_com,SMBwritebraw); SSVALS(outbuf,smb_vwv0,-1); - outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); + outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server_cleanly("reply_writebraw: send_smb failed."); @@ -2804,7 +2804,7 @@ int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, numtowrite = smb_len(inbuf); /* Set up outbuf to return the correct return */ - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SCVAL(outbuf,smb_com,SMBwritec); if (numtowrite != 0) { @@ -2928,7 +2928,7 @@ int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf, } } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); @@ -3006,7 +3006,7 @@ int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int d return(UNIXERROR(ERRHRD,ERRdiskfull)); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); @@ -3049,7 +3049,7 @@ int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int leng return(ERROR_DOS(ERRDOS,ERRbadaccess)); } - set_message(outbuf,6,0,True); + set_message(inbuf,outbuf,6,0,True); /* Deal with possible LARGE_WRITEX */ if (large_writeX) { @@ -3196,7 +3196,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int fsp->fh->pos = res; - outsize = set_message(outbuf,2,0,True); + outsize = set_message(inbuf,outbuf,2,0,True); SIVAL(outbuf,smb_vwv0,res); DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n", @@ -3212,7 +3212,7 @@ int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); uint16 fnum = SVAL(inbuf,smb_vwv0); files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBflush); @@ -3244,7 +3244,7 @@ int reply_exit(connection_struct *conn, file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid)); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG(3,("exit\n")); @@ -3264,7 +3264,7 @@ int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = NULL; START_PROFILE(SMBclose); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); /* If it's an IPC, pass off to the pipe handler. */ if (IS_IPC(conn)) { @@ -3384,7 +3384,7 @@ int reply_writeclose(connection_struct *conn, return ERROR_NT(close_status); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,nwritten); END_PROFILE(SMBwriteclose); @@ -3401,7 +3401,7 @@ int reply_writeclose(connection_struct *conn, int reply_lock(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3446,7 +3446,7 @@ int reply_lock(connection_struct *conn, int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); SMB_BIG_UINT count,offset; NTSTATUS status; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3486,7 +3486,7 @@ int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size, int reply_tdis(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); uint16 vuid; START_PROFILE(SMBtdis); @@ -3517,7 +3517,7 @@ int reply_echo(connection_struct *conn, int smb_reverb = SVAL(inbuf,smb_vwv0); int seq_num; unsigned int data_len = smb_buflen(inbuf); - int outsize = set_message(outbuf,1,data_len,True); + int outsize = set_message(inbuf,outbuf,1,data_len,True); START_PROFILE(SMBecho); if (data_len > BUFFER_SIZE) { @@ -3538,7 +3538,7 @@ int reply_echo(connection_struct *conn, for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) { SSVAL(outbuf,smb_vwv0,seq_num); - smb_setlen(outbuf,outsize - 4,inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) @@ -3579,7 +3579,7 @@ int reply_printopen(connection_struct *conn, return(ERROR_NT(status)); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,fsp->fnum); DEBUG(3,("openprint fd=%d fnum=%d\n", @@ -3596,7 +3596,7 @@ int reply_printopen(connection_struct *conn, int reply_printclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); files_struct *fsp = file_fsp(inbuf,smb_vwv0); NTSTATUS status; START_PROFILE(SMBsplclose); @@ -3629,7 +3629,7 @@ int reply_printclose(connection_struct *conn, int reply_printqueue(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { - int outsize = set_message(outbuf,2,3,True); + int outsize = set_message(inbuf,outbuf,2,3,True); int max_count = SVAL(inbuf,smb_vwv0); int start_index = SVAL(inbuf,smb_vwv1); START_PROFILE(SMBsplretq); @@ -3677,7 +3677,7 @@ int reply_printqueue(connection_struct *conn, } if (count > 0) { - outsize = set_message(outbuf,2,28*count+3,False); + outsize = set_message(inbuf,outbuf,2,28*count+3,False); SSVAL(outbuf,smb_vwv0,count); SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1)); SCVAL(smb_buf(outbuf),0,1); @@ -3700,7 +3700,7 @@ int reply_printqueue(connection_struct *conn, int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize) { int numtowrite; - int outsize = set_message(outbuf,0,0,False); + int outsize = set_message(inbuf,outbuf,0,0,False); char *data; files_struct *fsp = file_fsp(inbuf,smb_vwv0); @@ -3791,7 +3791,7 @@ int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) ); @@ -4002,7 +4002,7 @@ int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); DEBUG( 3, ( "rmdir %s\n", directory ) ); @@ -4763,7 +4763,7 @@ int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_NT(status); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); END_PROFILE(SMBmv); return(outsize); @@ -5110,7 +5110,7 @@ int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, return ERROR_DOS(ERRDOS,error); } - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,count); END_PROFILE(SMBcopy); @@ -5159,7 +5159,7 @@ int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size set_conn_connectpath(conn,newdir); } - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh)); DEBUG(3,("setdir %s\n", newdir)); @@ -5605,7 +5605,7 @@ int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf, return ERROR_NT(status); } - set_message(outbuf,2,0,True); + set_message(inbuf,outbuf,2,0,True); DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n", fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks)); @@ -5641,7 +5641,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, return ERROR_DOS(ERRSRV,ERRuseSTD); } - outsize = set_message(outbuf,8,0,True); + outsize = set_message(inbuf,outbuf,8,0,True); CHECK_FSP(fsp,conn); if (!CHECK_READ(fsp,inbuf)) { @@ -5677,7 +5677,7 @@ int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length, if (nread < (ssize_t)N) tcount = total_read + nread; - set_message(outbuf,8,nread+pad,False); + set_message(inbuf,outbuf,8,nread+pad,False); SIVAL(outbuf,smb_vwv0,startpos); SSVAL(outbuf,smb_vwv2,tcount); SSVAL(outbuf,smb_vwv6,nread); @@ -5706,7 +5706,7 @@ int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBsetattrE); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf,outbuf,0,0,False); if(!fsp || (fsp->conn != conn)) { END_PROFILE(SMBsetattrE); @@ -5837,7 +5837,7 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, SMBwritebmpx */ SCVAL(outbuf,smb_com,SMBwriteBmpx); - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */ @@ -5846,13 +5846,13 @@ int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, if (write_through && tcount==nwritten) { /* We need to send both a primary and a secondary response */ - smb_setlen(outbuf,outsize - 4,inbuf); + smb_setlen(inbuf,outbuf,outsize - 4); show_msg(outbuf); if (!send_smb(smbd_server_fd(),outbuf)) exit_server_cleanly("reply_writebmpx: send_smb failed."); /* Now the secondary */ - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SCVAL(outbuf,smb_com,SMBwritec); SSVAL(outbuf,smb_vwv0,nwritten); } @@ -5938,7 +5938,7 @@ int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_siz wbms->wr_total_written += nwritten; if(wbms->wr_total_written >= tcount) { if (write_through) { - outsize = set_message(outbuf,1,0,True); + outsize = set_message(inbuf,outbuf,1,0,True); SSVAL(outbuf,smb_vwv0,wbms->wr_total_written); send_response = True; } @@ -5968,7 +5968,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, files_struct *fsp = file_fsp(inbuf,smb_vwv0); START_PROFILE(SMBgetattrE); - outsize = set_message(outbuf,11,0,True); + outsize = set_message(inbuf,outbuf,11,0,True); if(!fsp || (fsp->conn != conn)) { END_PROFILE(SMBgetattrE); diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 7b5528222e..188b7bfb81 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -96,15 +96,18 @@ static void sessionsetup_start_signing_engine(const auth_serversupplied_info *se Send a security blob via a session setup reply. ****************************************************************************/ -static BOOL reply_sesssetup_blob(connection_struct *conn, char *outbuf, - DATA_BLOB blob, NTSTATUS nt_status) +static BOOL reply_sesssetup_blob(connection_struct *conn, + const char *inbuf, + char *outbuf, + DATA_BLOB blob, + NTSTATUS nt_status) { char *p; if (!NT_STATUS_IS_OK(nt_status) && !NT_STATUS_EQUAL(nt_status, NT_STATUS_MORE_PROCESSING_REQUIRED)) { ERROR_NT(nt_status_squash(nt_status)); } else { - set_message(outbuf,4,0,True); + set_message(inbuf,outbuf,4,0,True); nt_status = nt_status_squash(nt_status); SIVAL(outbuf, smb_rcls, NT_STATUS_V(nt_status)); @@ -118,7 +121,7 @@ static BOOL reply_sesssetup_blob(connection_struct *conn, char *outbuf, p += add_signature( outbuf, p ); - set_message_end(outbuf,p); + set_message_end(inbuf,outbuf,p); } show_msg(outbuf); @@ -292,7 +295,7 @@ static int reply_spnego_kerberos(connection_struct *conn, } ap_rep_wrapped = spnego_gen_krb5_wrap(ap_rep, TOK_ID_KRB_ERROR); response = spnego_gen_auth_response(&ap_rep_wrapped, ret, OID_KERBEROS5_OLD); - reply_sesssetup_blob(conn, outbuf, response, NT_STATUS_MORE_PROCESSING_REQUIRED); + reply_sesssetup_blob(conn, inbuf, outbuf, response, NT_STATUS_MORE_PROCESSING_REQUIRED); /* * In this one case we don't invalidate the intermediate vuid. @@ -520,7 +523,7 @@ static int reply_spnego_kerberos(connection_struct *conn, /* current_user_info is changed on new vuid */ reload_services( True ); - set_message(outbuf,4,0,True); + set_message(inbuf,outbuf,4,0,True); SSVAL(outbuf, smb_vwv3, 0); if (server_info->guest) { @@ -539,7 +542,7 @@ static int reply_spnego_kerberos(connection_struct *conn, ap_rep_wrapped = data_blob(NULL, 0); } response = spnego_gen_auth_response(&ap_rep_wrapped, ret, OID_KERBEROS5_OLD); - reply_sesssetup_blob(conn, outbuf, response, ret); + reply_sesssetup_blob(conn, inbuf, outbuf, response, ret); data_blob_free(&ap_rep); data_blob_free(&ap_rep_wrapped); @@ -593,7 +596,7 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out /* current_user_info is changed on new vuid */ reload_services( True ); - set_message(outbuf,4,0,True); + set_message(inbuf,outbuf,4,0,True); SSVAL(outbuf, smb_vwv3, 0); if (server_info->guest) { @@ -612,7 +615,7 @@ static BOOL reply_spnego_ntlmssp(connection_struct *conn, char *inbuf, char *out response = *ntlmssp_blob; } - ret = reply_sesssetup_blob(conn, outbuf, response, nt_status); + ret = reply_sesssetup_blob(conn, inbuf, outbuf, response, nt_status); if (wrap) { data_blob_free(&response); } @@ -1513,11 +1516,11 @@ int reply_sesssetup_and_X(connection_struct *conn, char *inbuf,char *outbuf, data_blob_clear_free(&plaintext_password); /* it's ok - setup a reply */ - set_message(outbuf,3,0,True); + set_message(inbuf,outbuf,3,0,True); if (Protocol >= PROTOCOL_NT1) { char *p = smb_buf( outbuf ); p += add_signature( outbuf, p ); - set_message_end( outbuf, p ); + set_message_end(inbuf, outbuf, p ); /* perhaps grab OS version here?? */ } diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 8f1226c666..12a9e19301 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -577,7 +577,8 @@ static struct ea_list *ea_list_union(struct ea_list *name_list, struct ea_list * HACK ! Always assumes smb_setup field is zero. ****************************************************************************/ -int send_trans2_replies(char *outbuf, +int send_trans2_replies(const char *inbuf, + char *outbuf, int bufsize, const char *params, int paramsize, @@ -602,7 +603,7 @@ int send_trans2_replies(char *outbuf, /* Initially set the wcnt area to be 10 - this is true for all trans2 replies */ - set_message(outbuf,10,0,True); + set_message(inbuf,outbuf,10,0,True); /* Modify the data_to_send and datasize and set the error if we're trying to send more than max_data_bytes. We still send @@ -657,7 +658,7 @@ int send_trans2_replies(char *outbuf, total_sent_thistime = MIN(total_sent_thistime, useable_space+ alignment_offset + data_alignment_offset); - set_message(outbuf, 10, total_sent_thistime, True); + set_message(inbuf, outbuf, 10, total_sent_thistime, True); /* Set total params and data to be sent */ SSVAL(outbuf,smb_tprcnt,paramsize); @@ -950,7 +951,7 @@ static int call_trans2open(connection_struct *conn, char *inbuf, char *outbuf, i } /* Send the required number of replies */ - send_trans2_replies(outbuf, bufsize, params, 30, *ppdata, 0, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 30, *ppdata, 0, max_data_bytes); return -1; } @@ -1929,7 +1930,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd SSVAL(params,6,0); /* Never an EA error */ SSVAL(params,8,last_entry_off); - send_trans2_replies( outbuf, bufsize, params, 10, pdata, PTR_DIFF(p,pdata), max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 10, pdata, PTR_DIFF(p,pdata), max_data_bytes); if ((! *directory) && dptr_path(dptr_num)) slprintf(directory,sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); @@ -2222,7 +2223,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd SSVAL(params,4,0); /* Never an EA error */ SSVAL(params,6,last_entry_off); - send_trans2_replies( outbuf, bufsize, params, 8, pdata, PTR_DIFF(p,pdata), max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 8, pdata, PTR_DIFF(p,pdata), max_data_bytes); if ((! *directory) && dptr_path(dptr_num)) slprintf(directory,sizeof(directory)-1, "(%s)",dptr_path(dptr_num)); @@ -2703,7 +2704,7 @@ cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned } - send_trans2_replies( outbuf, bufsize, params, 0, pdata, data_len, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 0, pdata, data_len, max_data_bytes); DEBUG( 4, ( "%s info_level = %d\n", smb_fn_name(CVAL(inbuf,smb_com)), info_level) ); @@ -2804,7 +2805,7 @@ cap_low = 0x%x, cap_high = 0x%x\n", return ERROR_NT(status); } - send_trans2_replies(outbuf, bufsize, *pparams, param_len, *ppdata, data_len, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, *pparams, param_len, *ppdata, data_len, max_data_bytes); if (NT_STATUS_IS_OK(status)) { /* Server-side transport encryption is now *on*. */ @@ -2899,7 +2900,7 @@ cap_low = 0x%x, cap_high = 0x%x\n", * like windows do... * --metze */ - outsize = set_message(outbuf,10,0,True); + outsize = set_message(inbuf, outbuf,10,0,True); return outsize; } @@ -4018,7 +4019,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd return ERROR_NT(NT_STATUS_INVALID_LEVEL); } - send_trans2_replies(outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, param_size, *ppdata, data_size, max_data_bytes); return(-1); } @@ -5692,7 +5693,7 @@ static int call_trans2setfilepathinfo(connection_struct *conn, char *inbuf, char DEBUG(3,("call_trans2setfilepathinfo: Cancelling print job (%s)\n", fsp->fsp_name )); SSVAL(params,0,0); - send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes); return(-1); } else return (UNIXERROR(ERRDOS,ERRbadpath)); @@ -6023,7 +6024,7 @@ static int call_trans2setfilepathinfo(connection_struct *conn, char *inbuf, char } SSVAL(params,0,0); - send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, data_return_size, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 2, *ppdata, data_return_size, max_data_bytes); return -1; } @@ -6122,7 +6123,7 @@ static int call_trans2mkdir(connection_struct *conn, char *inbuf, char *outbuf, SSVAL(params,0,0); - send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes); return(-1); } @@ -6171,7 +6172,7 @@ static int call_trans2findnotifyfirst(connection_struct *conn, char *inbuf, char if(fnf_handle == 0) fnf_handle = 257; - send_trans2_replies(outbuf, bufsize, params, 6, *ppdata, 0, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 6, *ppdata, 0, max_data_bytes); return(-1); } @@ -6199,7 +6200,7 @@ static int call_trans2findnotifynext(connection_struct *conn, char *inbuf, char SSVAL(params,0,0); /* No changes */ SSVAL(params,2,0); /* No EA errors */ - send_trans2_replies(outbuf, bufsize, params, 4, *ppdata, 0, max_data_bytes); + send_trans2_replies(inbuf, outbuf, bufsize, params, 4, *ppdata, 0, max_data_bytes); return(-1); } @@ -6234,7 +6235,7 @@ static int call_trans2getdfsreferral(connection_struct *conn, char* inbuf, char* return ERROR_NT(status); SSVAL(outbuf,smb_flg2,SVAL(outbuf,smb_flg2) | FLAGS2_DFS_PATHNAMES); - send_trans2_replies(outbuf,bufsize,0,0,*ppdata,reply_size, max_data_bytes); + send_trans2_replies(inbuf, outbuf,bufsize,0,0,*ppdata,reply_size, max_data_bytes); return(-1); } @@ -6272,7 +6273,7 @@ static int call_trans2ioctl(connection_struct *conn, char* inbuf, char* outbuf, SSVAL(pdata,0,fsp->rap_print_jobid); /* Job number */ srvstr_push( outbuf, pdata + 2, global_myname(), 15, STR_ASCII|STR_TERMINATE); /* Our NetBIOS name */ srvstr_push( outbuf, pdata+18, lp_servicename(SNUM(conn)), 13, STR_ASCII|STR_TERMINATE); /* Service name */ - send_trans2_replies(outbuf,bufsize,*pparams,0,*ppdata,32, max_data_bytes); + send_trans2_replies(inbuf, outbuf,bufsize,*pparams,0,*ppdata,32, max_data_bytes); return(-1); } else { DEBUG(2,("Unknown TRANS2_IOCTL\n")); @@ -6295,7 +6296,7 @@ int reply_findclose(connection_struct *conn, dptr_close(&dptr_num); - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf, outbuf,0,0,False); DEBUG(3,("SMBfindclose dptr_num = %d\n", dptr_num)); @@ -6322,7 +6323,7 @@ int reply_findnclose(connection_struct *conn, findnotifyfirst - so any dptr_num is ok here. Just ignore it. */ - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf, outbuf,0,0,False); DEBUG(3,("SMB_findnclose dptr_num = %d\n", dptr_num)); @@ -6640,7 +6641,7 @@ int reply_trans2(connection_struct *conn, char *inbuf,char *outbuf, /* We need to send an interim response then receive the rest of the parameter/data bytes */ - outsize = set_message(outbuf,0,0,False); + outsize = set_message(inbuf, outbuf,0,0,False); show_msg(outbuf); END_PROFILE(SMBtrans2); return outsize; |