diff options
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/aio.c | 8 | ||||
-rw-r--r-- | source3/smbd/nttrans.c | 12 | ||||
-rw-r--r-- | source3/smbd/open.c | 5 | ||||
-rw-r--r-- | source3/smbd/reply.c | 5 | ||||
-rw-r--r-- | source3/smbd/sesssetup.c | 23 |
5 files changed, 40 insertions, 13 deletions
diff --git a/source3/smbd/aio.c b/source3/smbd/aio.c index 2889e3c13f..74275368bd 100644 --- a/source3/smbd/aio.c +++ b/source3/smbd/aio.c @@ -268,12 +268,15 @@ bool schedule_aio_read_and_X(connection_struct *conn, a->aio_sigevent.sigev_signo = RT_SIGNAL_AIO; a->aio_sigevent.sigev_value.sival_int = aio_ex->mid; + become_root(); if (SMB_VFS_AIO_READ(fsp,a) == -1) { DEBUG(0,("schedule_aio_read_and_X: aio_read failed. " "Error %s\n", strerror(errno) )); delete_aio_ex(aio_ex); + unbecome_root(); return False; } + unbecome_root(); DEBUG(10,("schedule_aio_read_and_X: scheduled aio_read for file %s, " "offset %.0f, len = %u (mid = %u)\n", @@ -366,13 +369,16 @@ bool schedule_aio_write_and_X(connection_struct *conn, a->aio_sigevent.sigev_signo = RT_SIGNAL_AIO; a->aio_sigevent.sigev_value.sival_int = aio_ex->mid; + become_root(); if (SMB_VFS_AIO_WRITE(fsp,a) == -1) { DEBUG(3,("schedule_aio_wrote_and_X: aio_write failed. " "Error %s\n", strerror(errno) )); delete_aio_ex(aio_ex); + unbecome_root(); return False; } - + unbecome_root(); + release_level_2_oplocks_on_change(fsp); if (!write_through && !lp_syncalways(SNUM(fsp->conn)) diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 149e6ecbd9..b6951272d7 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -455,6 +455,12 @@ void reply_ntcreate_and_X(struct smb_request *req) fname)); /* + * we need to remove ignored bits when they come directly from the client + * because we reuse some of them for internal stuff + */ + create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK; + + /* * If it's an IPC, use the pipe handler. */ @@ -858,6 +864,12 @@ static void call_nt_transact_create(connection_struct *conn, allocation_size |= (((SMB_BIG_UINT)IVAL(params,16)) << 32); #endif + /* + * we need to remove ignored bits when they come directly from the client + * because we reuse some of them for internal stuff + */ + create_options &= ~NTCREATEX_OPTIONS_MUST_IGNORE_MASK; + /* Ensure the data_len is correct for the sd and ea values given. */ if ((ea_len + sd_len > data_count) || (ea_len > data_count) || (sd_len > data_count) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 03efd09f06..8b32907a4b 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2560,6 +2560,11 @@ NTSTATUS create_file_unixpath(connection_struct *conn, goto fail; } + if (create_options & NTCREATEX_OPTIONS_INVALID_PARAM_MASK) { + status = NT_STATUS_INVALID_PARAMETER; + goto fail; + } + if (req == NULL) { oplock_request |= INTERNAL_OPEN_ONLY; } diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index b3d691fbe7..06aa835cb0 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -3198,8 +3198,9 @@ static void send_file_readX(connection_struct *conn, struct smb_request *req, setup_readX_header((char *)headerbuf, smb_maxcnt); if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) { - /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */ - if (errno == ENOSYS) { + /* Returning ENOSYS or EINVAL means no data at all was sent. + Do this as a normal read. */ + if (errno == ENOSYS || errno == EINVAL) { goto normal_read; } diff --git a/source3/smbd/sesssetup.c b/source3/smbd/sesssetup.c index 041596b953..9c9d0a97bc 100644 --- a/source3/smbd/sesssetup.c +++ b/source3/smbd/sesssetup.c @@ -1738,16 +1738,19 @@ void reply_sesssetup_and_X(struct smb_request *req) return; } - nt_status = create_local_token(server_info); - if (!NT_STATUS_IS_OK(nt_status)) { - DEBUG(10, ("create_local_token failed: %s\n", - nt_errstr(nt_status))); - data_blob_free(&nt_resp); - data_blob_free(&lm_resp); - data_blob_clear_free(&plaintext_password); - reply_nterror(req, nt_status_squash(nt_status)); - END_PROFILE(SMBsesssetupX); - return; + if (!server_info->ptok) { + nt_status = create_local_token(server_info); + + if (!NT_STATUS_IS_OK(nt_status)) { + DEBUG(10, ("create_local_token failed: %s\n", + nt_errstr(nt_status))); + data_blob_free(&nt_resp); + data_blob_free(&lm_resp); + data_blob_clear_free(&plaintext_password); + reply_nterror(req, nt_status_squash(nt_status)); + END_PROFILE(SMBsesssetupX); + return; + } } data_blob_clear_free(&plaintext_password); |