summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>1997-11-29 02:40:31 +0000
committerAndrew Tridgell <tridge@samba.org>1997-11-29 02:40:31 +0000
commitcf9d07cc7d41627a59ea3bec5ba2b9eebb894ab5 (patch)
tree84f271f49fb416ba4c4272d3218895d8706f30af /source3
parent7c025b60ac6a5247ef88ee1d8c6064346c98b5a3 (diff)
downloadsamba-cf9d07cc7d41627a59ea3bec5ba2b9eebb894ab5.tar.gz
samba-cf9d07cc7d41627a59ea3bec5ba2b9eebb894ab5.tar.bz2
samba-cf9d07cc7d41627a59ea3bec5ba2b9eebb894ab5.zip
added a sent_oplock_break element to Files[] as a paranoia check so we
can't sent a oplock break twice on the same file. changed some debug levels in the oplock code to level 0 so we can track down a bug zero the returned Files[] entry in find_free_file() don't try to overcome client bugs in the handling of non-encrypted passwords if in server level security mode added paranoid null termination of password buffers slight change to my ajt_panic() routine (This used to be commit e360c79c9cec681c4609783019749773d3e79386)
Diffstat (limited to 'source3')
-rw-r--r--source3/include/smb.h1
-rw-r--r--source3/lib/util.c2
-rw-r--r--source3/smbd/reply.c10
-rw-r--r--source3/smbd/server.c24
4 files changed, 26 insertions, 11 deletions
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 49854a2512..bd60c1077a 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1454,6 +1454,7 @@ typedef struct
BOOL print_file;
BOOL modified;
BOOL granted_oplock;
+ BOOL sent_oplock_break;
char *name;
} files_struct;
diff --git a/source3/lib/util.c b/source3/lib/util.c
index 4d098013f2..ac9c701b70 100644
--- a/source3/lib/util.c
+++ b/source3/lib/util.c
@@ -3855,7 +3855,7 @@ my own panic function - not suitable for general use
********************************************************************/
void ajt_panic(void)
{
- system("/usr/bin/X11/xedit -display ljus:0 /tmp/ERROR_FAULT");
+ system("/usr/bin/X11/xedit -display solen:0 /tmp/ERROR_FAULT");
}
#endif
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 2c646d99f5..ec94ab0552 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -260,7 +260,6 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize)
int connection_num;
uint16 vuid = SVAL(inbuf,smb_uid);
int passlen = SVAL(inbuf,smb_vwv3);
- BOOL doencrypt = SMBENCRYPT();
*service = *user = *password = *devicename = 0;
@@ -279,7 +278,7 @@ int reply_tcon_and_X(char *inbuf,char *outbuf,int length,int bufsize)
password[passlen]=0;
path = smb_buf(inbuf) + passlen;
- if (!doencrypt || passlen != 24) {
+ if (passlen != 24) {
if (strequal(password," "))
*password = 0;
passlen = strlen(password);
@@ -412,9 +411,10 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
}
memcpy(smb_apasswd,smb_buf(inbuf),smb_apasslen);
+ smb_apasswd[smb_apasslen] = 0;
pstrcpy(user,smb_buf(inbuf)+smb_apasslen);
- if (lp_security() != SEC_SERVER && !doencrypt) {
+ if (!doencrypt && (lp_security() != SEC_SERVER)) {
smb_apasslen = strlen(smb_apasswd);
}
} else {
@@ -448,12 +448,14 @@ int reply_sesssetup_and_X(char *inbuf,char *outbuf,int length,int bufsize)
passlen1 = MIN(passlen1, MAX_PASS_LEN);
passlen2 = MIN(passlen2, MAX_PASS_LEN);
- if(doencrypt) {
+ if(doencrypt || (lp_security() == SEC_SERVER)) {
/* Save the lanman2 password and the NT md4 password. */
smb_apasslen = passlen1;
memcpy(smb_apasswd,p,smb_apasslen);
+ smb_apasswd[smb_apasslen] = 0;
smb_ntpasslen = passlen2;
memcpy(smb_ntpasswd,p+passlen1,smb_ntpasslen);
+ smb_ntpasswd[smb_ntpasslen] = 0;
} else {
/* both Win95 and WinNT stuff up the password lengths for
non-encrypting systems. Uggh.
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 536e89bf18..77c8fc319f 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1935,6 +1935,7 @@ dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
!IS_VETO_OPLOCK_PATH(cnum,fname))
{
fs_p->granted_oplock = True;
+ fs_p->sent_oplock_break = False;
global_oplocks_open++;
port = oplock_port;
@@ -2807,7 +2808,7 @@ global_oplocks_open = %d\n", timestring(), dev, inode, global_oplocks_open));
if(fsp == NULL)
{
/* The file could have been closed in the meantime - return success. */
- DEBUG(3,("%s oplock_break: cannot find open file with dev = %x, inode = %x (fnum = %d) \
+ DEBUG(0,("%s oplock_break: cannot find open file with dev = %x, inode = %x (fnum = %d) \
allowing break to succeed.\n", timestring(), dev, inode, fnum));
return True;
}
@@ -2823,11 +2824,19 @@ allowing break to succeed.\n", timestring(), dev, inode, fnum));
if(!fsp->granted_oplock)
{
- DEBUG(3,("%s oplock_break: file %s (fnum = %d, dev = %x, inode = %x) has no oplock. \
-Allowing break to succeed regardless.\n", timestring(), fsp->name, fnum, dev, inode));
+ DEBUG(0,("%s oplock_break: file %s (fnum = %d, dev = %x, inode = %x) has no oplock. Allowing break to succeed regardless.\n", timestring(), fsp->name, fnum, dev, inode));
return True;
}
+ /* mark the oplock break as sent - we don't want to send twice! */
+ if (fsp->sent_oplock_break)
+ {
+ DEBUG(0,("%s ERROR: oplock_break already sent for file %s (fnum = %d, dev = %x, inode = %x)\n", timestring(), fsp->name, fnum, dev, inode));
+ return True;
+ }
+
+ fsp->sent_oplock_break = True;
+
/* Now comes the horrid part. We must send an oplock break to the client,
and then process incoming messages until we get a close or oplock release.
*/
@@ -2923,7 +2932,7 @@ inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
from the sharemode. */
/* Paranoia.... */
fsp->granted_oplock = False;
- global_oplocks_open--;
+ global_oplocks_open--;
}
/* Santity check - remove this later. JRA */
@@ -3599,8 +3608,11 @@ int find_free_file(void )
/* we start at 1 here for an obscure reason I can't now remember,
but I think is important :-) */
for (i=1;i<MAX_OPEN_FILES;i++)
- if (!Files[i].open)
- return(i);
+ if (!Files[i].open) {
+ /* paranoia */
+ memset(&Files[i], 0, sizeof(Files[i]));
+ return(i);
+ }
DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
return(-1);
}