diff options
-rw-r--r-- | source3/include/includes.h | 10 | ||||
-rw-r--r-- | source3/include/ntdomain.h | 3 | ||||
-rw-r--r-- | source3/include/proto.h | 8 | ||||
-rw-r--r-- | source3/include/rpc_dce.h | 18 | ||||
-rw-r--r-- | source3/include/rpc_srvsvc.h | 2 | ||||
-rw-r--r-- | source3/lib/membuffer.c | 4 | ||||
-rw-r--r-- | source3/locking/locking_slow.c | 41 | ||||
-rw-r--r-- | source3/rpc_parse/parse_prs.c | 2 | ||||
-rw-r--r-- | source3/rpc_parse/parse_rpc.c | 41 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe_hnd.c | 26 | ||||
-rw-r--r-- | source3/rpc_server/srv_util.c | 17 | ||||
-rw-r--r-- | source3/smbd/ipc.c | 3 |
12 files changed, 137 insertions, 38 deletions
diff --git a/source3/include/includes.h b/source3/include/includes.h index 5df76668c6..2ba069aa76 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -606,11 +606,6 @@ char *mktemp(char *); /* No standard include */ not good for HPUX */ /* #define SIGCLD_IGNORE */ #define USE_SIGPROCMASK /* Needed to stop zombie processes on HPUX 9.x and 10.x.*/ -#ifdef HPUX10 -#ifdef SEMMSL -#undef SEMMSL -#endif /* SEMMSL */ -#endif /* HPUX10 */ #endif /* HPUX */ @@ -1137,6 +1132,11 @@ union semun { unsigned short *array; }; #endif +#if defined(HPUX) && defined(HPUX10) +#ifdef SEMMSL +#undef SEMMSL +#endif /* SEMMSL */ +#endif /* HPUX && HPUX10 */ #endif #ifdef AFS_AUTH diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 32812aa8b1..67fe879f9b 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -69,7 +69,8 @@ typedef struct RPC_HDR hdr; RPC_HDR_BA hdr_ba; RPC_HDR_RB hdr_rb; - RPC_HDR_RR hdr_rr; + RPC_HDR_REQ hdr_req; + RPC_HDR_RESP hdr_resp; RPC_AUTH_NTLMSSP_REQ ntlmssp_req; RPC_AUTH_NTLMSSP_RESP ntlmssp_resp; diff --git a/source3/include/proto.h b/source3/include/proto.h index ad9a36ca62..faf295f625 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -471,8 +471,10 @@ void make_rpc_hdr_ba(RPC_HDR_BA *rpc, uint8 num_results, uint16 result, uint16 reason, RPC_IFACE *transfer); void smb_io_rpc_hdr_ba(char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth); -void make_rpc_hdr_rr(RPC_HDR_RR *hdr, uint32 data_len, uint8 opnum); -void smb_io_rpc_hdr_rr(char *desc, RPC_HDR_RR *rpc, prs_struct *ps, int depth); +void make_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 data_len, uint16 opnum); +void smb_io_rpc_hdr_req(char *desc, RPC_HDR_REQ *rpc, prs_struct *ps, int depth); +void make_rpc_hdr_resp(RPC_HDR_RESP *hdr, uint32 data_len); +void smb_io_rpc_hdr_resp(char *desc, RPC_HDR_RESP *rpc, prs_struct *ps, int depth); void make_rpc_auth_ntlmssp_req(RPC_AUTH_NTLMSSP_REQ *req, fstring ntlmssp_str, uint32 ntlmssp_ver, uint32 unknown_0, fstring myname, fstring domain); @@ -1116,7 +1118,7 @@ void mem_buf_free(struct mem_buf **buf); void mem_free_chain(struct mem_buf **buf); void mem_free_data(struct mem_buf *buf); BOOL mem_realloc_data(struct mem_buf *buf, int new_size); -BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size); +BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size, BOOL force_grow); BOOL mem_find(struct mem_buf **buf, uint32 offset); uint32 mem_buf_len(struct mem_buf *buf); char *mem_data(struct mem_buf **buf, uint32 offset); diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h index 9aacaaab87..2e3995e43d 100644 --- a/source3/include/rpc_dce.h +++ b/source3/include/rpc_dce.h @@ -75,16 +75,24 @@ typedef struct rpc_hdr_info } RPC_HDR; -/* RPC_HDR_RR - ms request / response rpc header */ -typedef struct rpc_hdr_rr_info +/* RPC_HDR_REQ - ms request rpc header */ +typedef struct rpc_hdr_req_info { uint32 alloc_hint; /* allocation hint - data size (bytes) minus header and tail. */ - uint8 context_id; /* 0 - presentation context identifier */ + uint16 context_id; /* 0 - presentation context identifier */ + uint16 opnum; /* opnum */ + +} RPC_HDR_REQ; + +/* RPC_HDR_RESP - ms response rpc header */ +typedef struct rpc_hdr_resp_info +{ + uint32 alloc_hint; /* allocation hint - data size (bytes) minus header and tail. */ + uint16 context_id; /* 0 - presentation context identifier */ uint8 cancel_count; /* 0 - cancel count */ - uint8 opnum; /* opnum */ uint8 reserved; /* 0 - reserved. */ -} RPC_HDR_RR; +} RPC_HDR_RESP; /* this seems to be the same string name depending on the name of the pipe, * but is more likely to be linked to the interface name diff --git a/source3/include/rpc_srvsvc.h b/source3/include/rpc_srvsvc.h index 4d11b915e4..6ba137da2f 100644 --- a/source3/include/rpc_srvsvc.h +++ b/source3/include/rpc_srvsvc.h @@ -249,7 +249,7 @@ typedef struct r_net_conn_enum_info /* oops - this is going to take up a *massive* amount of stack. */ /* the UNISTR2s already have 1024 uint16 chars in them... */ -#define MAX_SHARE_ENTRIES 32 +#define MAX_SHARE_ENTRIES 128 /* SH_INFO_1 (pointers to level 1 share info strings) */ typedef struct ptr_share_info1 diff --git a/source3/lib/membuffer.c b/source3/lib/membuffer.c index cf832c13cc..90b07047d3 100644 --- a/source3/lib/membuffer.c +++ b/source3/lib/membuffer.c @@ -293,11 +293,11 @@ BOOL mem_realloc_data(struct mem_buf *buf, int new_size) /******************************************************************* reallocate a memory buffer, retrospectively :-) ********************************************************************/ -BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size) +BOOL mem_grow_data(struct mem_buf **buf, BOOL io, int new_size, BOOL force_grow) { if (new_size + (*buf)->margin >= (*buf)->data_size) { - if (io) + if (io && !force_grow) { DEBUG(3,("mem_grow_data: cannot resize when reading from a data stream\n")); } diff --git a/source3/locking/locking_slow.c b/source3/locking/locking_slow.c index de2bb1701c..d6ac6efac1 100644 --- a/source3/locking/locking_slow.c +++ b/source3/locking/locking_slow.c @@ -502,8 +502,17 @@ mode file %s (%s)\n", fname, strerror(errno))); return 0; } /* Now truncate the file at this point. */ +#ifdef FTRUNCATE_NEEDS_ROOT + become_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + if(ftruncate(fd, newsize)!= 0) { + +#ifdef FTRUNCATE_NEEDS_ROOT + unbecome_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + DEBUG(0,("ERROR: get_share_modes: failed to ftruncate share \ mode file %s to size %d (%s)\n", fname, newsize, strerror(errno))); if(*old_shares) @@ -515,6 +524,10 @@ mode file %s to size %d (%s)\n", fname, newsize, strerror(errno))); } } +#ifdef FTRUNCATE_NEEDS_ROOT + unbecome_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + if(buf) free(buf); @@ -653,15 +666,29 @@ mode file %s (%s)\n", fname, strerror(errno))); free(buf); return; } + /* Now truncate the file at this point. */ +#ifdef FTRUNCATE_NEEDS_ROOT + become_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + if(ftruncate(fd, newsize) != 0) { + +#ifdef FTRUNCATE_NEEDS_ROOT + unbecome_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + DEBUG(0,("ERROR: del_share_mode: failed to ftruncate share \ mode file %s to size %d (%s)\n", fname, newsize, strerror(errno))); if(buf) free(buf); return; } + +#ifdef FTRUNCATE_NEEDS_ROOT + unbecome_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ } /******************************************************************* @@ -795,8 +822,18 @@ deleting it (%s).\n",fname, strerror(errno))); } /* Now truncate the file at this point - just for safety. */ + +#ifdef FTRUNCATE_NEEDS_ROOT + become_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + if(ftruncate(fd, header_size + (SMF_ENTRY_LENGTH*num_entries))!= 0) { + +#ifdef FTRUNCATE_NEEDS_ROOT + unbecome_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + DEBUG(0,("ERROR: set_share_mode: failed to ftruncate share \ mode file %s to size %d (%s)\n", fname, header_size + (SMF_ENTRY_LENGTH*num_entries), strerror(errno))); @@ -805,6 +842,10 @@ mode file %s to size %d (%s)\n", fname, header_size + (SMF_ENTRY_LENGTH*num_entr return False; } +#ifdef FTRUNCATE_NEEDS_ROOT + unbecome_root(False); +#endif /* FTRUNCATE_NEEDS_ROOT */ + if(buf) free(buf); diff --git a/source3/rpc_parse/parse_prs.c b/source3/rpc_parse/parse_prs.c index 799bd1cc94..0baf05597c 100644 --- a/source3/rpc_parse/parse_prs.c +++ b/source3/rpc_parse/parse_prs.c @@ -86,7 +86,7 @@ void prs_align(prs_struct *ps) ********************************************************************/ BOOL prs_grow(prs_struct *ps) { - return mem_grow_data(&(ps->data), ps->io, ps->offset); + return mem_grow_data(&(ps->data), ps->io, ps->offset, False); } diff --git a/source3/rpc_parse/parse_rpc.c b/source3/rpc_parse/parse_rpc.c index b025d3f1c8..8a5b6c172e 100644 --- a/source3/rpc_parse/parse_rpc.c +++ b/source3/rpc_parse/parse_rpc.c @@ -384,33 +384,58 @@ void smb_io_rpc_hdr_ba(char *desc, RPC_HDR_BA *rpc, prs_struct *ps, int depth) } /******************************************************************* -creates an RPC_HDR_RR structure. +creates an RPC_HDR_REQ structure. ********************************************************************/ -void make_rpc_hdr_rr(RPC_HDR_RR *hdr, uint32 data_len, uint8 opnum) +void make_rpc_hdr_req(RPC_HDR_REQ *hdr, uint32 data_len, uint16 opnum) { if (hdr == NULL) return; hdr->alloc_hint = data_len - 0x18; /* allocation hint */ hdr->context_id = 0; /* presentation context identifier */ - hdr->cancel_count = 0; /* cancel count */ hdr->opnum = opnum; /* opnum */ +} + +/******************************************************************* +reads or writes an RPC_HDR_REQ structure. +********************************************************************/ +void smb_io_rpc_hdr_req(char *desc, RPC_HDR_REQ *rpc, prs_struct *ps, int depth) +{ + if (rpc == NULL) return; + + prs_debug(ps, depth, desc, "smb_io_rpc_hdr_req"); + depth++; + + prs_uint32("alloc_hint", ps, depth, &(rpc->alloc_hint)); + prs_uint16("context_id", ps, depth, &(rpc->context_id)); + prs_uint16("opnum ", ps, depth, &(rpc->opnum)); +} + +/******************************************************************* +creates an RPC_HDR_RESP structure. +********************************************************************/ +void make_rpc_hdr_resp(RPC_HDR_RESP *hdr, uint32 data_len) +{ + if (hdr == NULL) return; + + hdr->alloc_hint = data_len - 0x18; /* allocation hint */ + hdr->context_id = 0; /* presentation context identifier */ + hdr->cancel_count = 0; /* cancel count */ hdr->reserved = 0; /* 0 - reserved */ } /******************************************************************* -reads or writes an RPC_HDR_RR structure. +reads or writes an RPC_HDR_RESP structure. ********************************************************************/ -void smb_io_rpc_hdr_rr(char *desc, RPC_HDR_RR *rpc, prs_struct *ps, int depth) +void smb_io_rpc_hdr_resp(char *desc, RPC_HDR_RESP *rpc, prs_struct *ps, int depth) { if (rpc == NULL) return; - prs_debug(ps, depth, desc, "smb_io_rpc_hdr_rr"); + prs_debug(ps, depth, desc, "smb_io_rpc_hdr_resp"); depth++; prs_uint32("alloc_hint", ps, depth, &(rpc->alloc_hint)); - prs_uint8 ("context_id", ps, depth, &(rpc->context_id)); + prs_uint16("context_id", ps, depth, &(rpc->context_id)); prs_uint8 ("cancel_ct ", ps, depth, &(rpc->cancel_count)); - prs_uint8 ("opnum ", ps, depth, &(rpc->opnum)); prs_uint8 ("reserved ", ps, depth, &(rpc->reserved)); } diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index e4893fee89..a371e48bfd 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -157,9 +157,10 @@ int read_pipe(uint16 pnum, char *data, uint32 pos, int n) if (OPEN_PNUM(pnum - PIPE_HANDLE_OFFSET)) { - int num; - int len; - uint32 rpc_frag_pos; + int num = 0; + int len = 0; + uint32 hdr_num = 0; + uint32 rpc_frag_pos = 0; DEBUG(6,("OK\n")); @@ -169,9 +170,14 @@ int read_pipe(uint16 pnum, char *data, uint32 pos, int n) return 0; } + DEBUG(6,("read_pipe: p: %p max_rdata_len: %d data_pos: %d num: %d\n", + p, p->max_rdata_len, data_pos, num)); + /* the read request starts from where the SMBtrans2 left off. */ data_pos += p->max_rdata_len; + rpc_frag_pos = data_pos % p->hdr.frag_len; + /* headers accumulate an offset */ data_pos -= p->hdr_offsets; @@ -182,22 +188,32 @@ int read_pipe(uint16 pnum, char *data, uint32 pos, int n) if (!IS_BITS_SET_ALL(p->hdr.flags, RPC_FLG_LAST)) { - rpc_frag_pos = data_pos % p->hdr.frag_len; + DEBUG(5,("read_pipe: hdr_offsets: %d rpc_frag_pos: %d frag_len: %d\n", + p->hdr_offsets, rpc_frag_pos, p->hdr.frag_len)); if (rpc_frag_pos == 0) { + /* this is subtracted from the total data bytes, later */ + hdr_num = 0x18; + /* create and copy in a new header. */ create_rpc_reply(p, data_pos, p->rdata.offset); mem_buf_copy(data, p->rhdr.data, 0, 0x18); /* make room in data stream for header */ p->hdr_offsets += 0x18; + data += 0x18; + + DEBUG(6,("read_pipe: hdr_offsets: %d\n", p->hdr_offsets)); } } if (num > 0) { - mem_buf_copy(data, p->rhdr.data, data_pos, num); + DEBUG(6,("read_pipe: adjusted data_pos: %d num: %d\n", + data_pos, num - hdr_num)); + mem_buf_copy(data, p->rhdr.data, data_pos, num - hdr_num); + return num; } diff --git a/source3/rpc_server/srv_util.c b/source3/rpc_server/srv_util.c index 7be259029a..3f4d66eab2 100644 --- a/source3/rpc_server/srv_util.c +++ b/source3/rpc_server/srv_util.c @@ -173,13 +173,16 @@ void get_domain_user_groups(char *domain_groups, char *user) BOOL create_rpc_reply(pipes_struct *p, uint32 data_start, uint32 data_end) { + DEBUG(5,("create_rpc_reply: data_start: %d data_end: %d max_tsize: %d\n", + data_start, data_end, p->hdr_ba.bba.max_tsize)); + mem_buf_init(&(p->rhdr.data), 0); mem_alloc_data(p->rhdr.data, 0x18); p->rhdr.align = 4; p->rhdr.io = False; - p->hdr_rr.alloc_hint = data_end - data_start; /* calculate remaining data to be sent */ + p->hdr_resp.alloc_hint = data_end - data_start; /* calculate remaining data to be sent */ p->hdr.pkt_type = RPC_RESPONSE; /* mark header as an rpc response */ /* set up rpc header (fragmentation issues) */ @@ -192,10 +195,10 @@ BOOL create_rpc_reply(pipes_struct *p, p->hdr.flags = 0; } - if (p->hdr_rr.alloc_hint + 0x18 <= p->hdr_ba.bba.max_tsize) + if (p->hdr_resp.alloc_hint + 0x18 <= p->hdr_ba.bba.max_tsize) { p->hdr.flags |= RPC_FLG_LAST; - p->hdr.frag_len = p->hdr_rr.alloc_hint + 0x18; + p->hdr.frag_len = p->hdr_resp.alloc_hint + 0x18; } else { @@ -208,7 +211,7 @@ BOOL create_rpc_reply(pipes_struct *p, /* store the header in the data stream */ p->rhdr.offset = 0; smb_io_rpc_hdr ("hdr", &(p->hdr ), &(p->rhdr), 0); - smb_io_rpc_hdr_rr("rr" , &(p->hdr_rr), &(p->rhdr), 0); + smb_io_rpc_hdr_resp("resp", &(p->hdr_resp), &(p->rhdr), 0); return p->rhdr.data != NULL && p->rhdr.offset == 0x18; } @@ -222,11 +225,11 @@ static BOOL api_rpc_command(pipes_struct *p, prs_struct *data) { int fn_num; - DEBUG(4,("api_rpc_command: %s op 0x%x - ", rpc_name, p->hdr_rr.opnum)); + DEBUG(4,("api_rpc_command: %s op 0x%x - ", rpc_name, p->hdr_req.opnum)); for (fn_num = 0; api_rpc_cmds[fn_num].name; fn_num++) { - if (api_rpc_cmds[fn_num].opnum == p->hdr_rr.opnum && api_rpc_cmds[fn_num].fn != NULL) + if (api_rpc_cmds[fn_num].opnum == p->hdr_req.opnum && api_rpc_cmds[fn_num].fn != NULL) { DEBUG(3,("api_rpc_command: %s\n", api_rpc_cmds[fn_num].name)); break; @@ -280,7 +283,7 @@ BOOL api_rpcTNP(pipes_struct *p, char *rpc_name, struct api_struct *api_rpc_cmds } /* read the rpc header */ - smb_io_rpc_hdr_rr("", &(p->hdr_rr), data, 0); + smb_io_rpc_hdr_req("req", &(p->hdr_req), data, 0); /* interpret the command */ if (!api_rpc_command(p, rpc_name, api_rpc_cmds, data)) diff --git a/source3/smbd/ipc.c b/source3/smbd/ipc.c index 6d0a8d55dd..62951219bf 100644 --- a/source3/smbd/ipc.c +++ b/source3/smbd/ipc.c @@ -3367,6 +3367,9 @@ static int api_fd_reply(int cnum,uint16 vuid,char *outbuf, /* record maximum data length that can be transmitted in an SMBtrans */ p->max_rdata_len = mdrcnt; + DEBUG(10,("api_fd_reply: p:%p max_rdata_len: %d\n", + p, p->max_rdata_len)); + switch (subcommand) { case 0x26: |