4 files changed, 49 insertions, 28 deletions

diff --git a/source4/libcli/raw/clisocket.c b/source4/libcli/raw/clisocket.c
index 1dcf2d1c53..49838e8a1c 100644
--- a/source4/libcli/raw/clisocket.c
+++ b/source4/libcli/raw/clisocket.c
@@ -59,12 +59,7 @@ struct composite_context *smbcli_sock_connect_send(TALLOC_CTX *mem_ctx,
 	if (result == NULL) goto failed;
 	result->state = COMPOSITE_STATE_IN_PROGRESS;
 
-	if (event_ctx != NULL) {
-		result->event_ctx = talloc_reference(result, event_ctx);
-	} else {
-		result->event_ctx = event_context_init(result);
-	}
-
+	result->event_ctx = talloc_reference(result, event_ctx);
 	if (result->event_ctx == NULL) goto failed;
 
 	state = talloc(result, struct sock_connect_state);
@@ -202,6 +197,11 @@ _PUBLIC_ struct smbcli_socket *smbcli_sock_connect_byname(const char *host, cons
 	TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 	struct smbcli_socket *result;
 
+	if (event_ctx == NULL) {
+		DEBUG(0, ("Invalid NULL event context passed in as parameter\n"));
+		return NULL;
+	}
+
 	if (tmp_ctx == NULL) {
 		DEBUG(0, ("talloc_new failed\n"));
 		return NULL;
@@ -214,16 +214,6 @@ _PUBLIC_ struct smbcli_socket *smbcli_sock_connect_byname(const char *host, cons
 		return NULL;
 	}
 
-	if (event_ctx == NULL) {
-		event_ctx = event_context_init(mem_ctx);
-	}
-
-	if (event_ctx == NULL) {
-		DEBUG(0, ("event_context_init failed\n"));
-		talloc_free(tmp_ctx);
-		return NULL;
-	}
-
 	/* allow hostnames of the form NAME#xx and do a netbios lookup */
 	if ((p = strchr(name, '#'))) {
 		name_type = strtol(p+1, NULL, 16);
diff --git a/source4/libcli/raw/interfaces.h b/source4/libcli/raw/interfaces.h
index 3965c58204..bad3743721 100644
--- a/source4/libcli/raw/interfaces.h
+++ b/source4/libcli/raw/interfaces.h
@@ -1587,6 +1587,14 @@ union smb_open {
 
 			/* optional list of extended attributes */
 			struct smb_ea_list eas;
+
+			struct smb2_create_blobs {
+				uint32_t num_blobs;
+				struct smb2_create_blob {
+					const char *tag;
+					DATA_BLOB data;
+				} *blobs;
+			} blobs;
 		} in;
 		struct {
 			union smb_handle file;
@@ -1706,19 +1714,27 @@ union smb_read {
 
 			/* static body buffer 48 (0x30) bytes */
 			/* uint16_t buffer_code;  0x31 = 0x30 + 1 */
-			uint16_t _pad;
+			uint8_t _pad;
+			uint8_t reserved;
 			uint32_t length;
 			uint64_t offset;
 			/* struct smb2_handle handle; */
-			uint64_t unknown1; /* 0x0000000000000000 */
-			uint64_t unknown2; /* 0x0000000000000000 */
+			uint32_t min_count;
+			uint32_t channel;
+			uint32_t remaining;
+			/* the docs give no indication of what
+			   these channel variables are for */
+			uint16_t channel_offset;
+			uint16_t channel_length;
 		} in;
 		struct {
 			/* static body buffer 16 (0x10) bytes */
 			/* uint16_t buffer_code;  0x11 = 0x10 + 1 */
-			/* uint16_t data_ofs; */
+			/* uint8_t data_ofs; */
+			/* uint8_t reserved; */
 			/* uint32_t data_size; */
-			uint64_t unknown1; /* 0x0000000000000000 */
+			uint32_t remaining;
+			uint32_t reserved;
 
 			/* dynamic body */
 			DATA_BLOB data;
@@ -1846,7 +1862,8 @@ enum smb_lock_level {
 	RAW_LOCK_LOCK,
 	RAW_LOCK_UNLOCK,
 	RAW_LOCK_LOCKX,
-	RAW_LOCK_SMB2
+	RAW_LOCK_SMB2,
+	RAW_LOCK_SMB2_BREAK
 };
 
 /* the generic interface is defined to be equal to the lockingX interface */
@@ -1909,6 +1926,20 @@ union smb_lock {
 			uint16_t unknown1;
 		} out;
 	} smb2;
+
+	/* SMB2 Break */
+	struct smb2_break {
+		enum smb_lock_level level;
+		struct {
+			union smb_handle file;
+
+			/* static body buffer 24 (0x18) bytes */
+			uint8_t oplock_level;
+			uint8_t reserved;
+			uint32_t reserved2;
+			/* struct smb2_handle handle; */
+		} in, out;
+	} smb2_break;
 };
 
 
diff --git a/source4/libcli/raw/rawrequest.c b/source4/libcli/raw/rawrequest.c
index a42c710547..ef856c6ea1 100644
--- a/source4/libcli/raw/rawrequest.c
+++ b/source4/libcli/raw/rawrequest.c
@@ -700,10 +700,10 @@ DATA_BLOB smbcli_req_pull_blob(struct request_bufinfo *bufinfo, TALLOC_CTX *mem_
 static bool smbcli_req_data_oob(struct request_bufinfo *bufinfo, const uint8_t *ptr, uint32_t count)
 {
 	/* be careful with wraparound! */
-	if (ptr < bufinfo->data ||
-	    ptr >= bufinfo->data + bufinfo->data_size ||
+	if ((uintptr_t)ptr < (uintptr_t)bufinfo->data ||
+	    (uintptr_t)ptr >= (uintptr_t)bufinfo->data + bufinfo->data_size ||
 	    count > bufinfo->data_size ||
-	    ptr + count > bufinfo->data + bufinfo->data_size) {
+	    (uintptr_t)ptr + count > (uintptr_t)bufinfo->data + bufinfo->data_size) {
 		return true;
 	}
 	return false;
diff --git a/source4/libcli/raw/rawtrans.c b/source4/libcli/raw/rawtrans.c
index 29881afd2b..0f15b2151b 100644
--- a/source4/libcli/raw/rawtrans.c
+++ b/source4/libcli/raw/rawtrans.c
@@ -40,10 +40,10 @@ static bool raw_trans_oob(struct smbcli_request *req,
 	ptr = req->in.hdr + offset;
 	
 	/* be careful with wraparound! */
-	if (ptr < req->in.data ||
-	    ptr >= req->in.data + req->in.data_size ||
+	if ((uintptr_t)ptr < (uintptr_t)req->in.data ||
+	    (uintptr_t)ptr >= (uintptr_t)req->in.data + req->in.data_size ||
 	    count > req->in.data_size ||
-	    ptr + count > req->in.data + req->in.data_size) {
+	    (uintptr_t)ptr + count > (uintptr_t)req->in.data + req->in.data_size) {
 		return true;
 	}
 	return false;