diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/smb_server/handle.c | 6 | ||||
-rw-r--r-- | source4/smb_server/smb2/tcon.c | 30 | ||||
-rw-r--r-- | source4/smb_server/smb_server.h | 9 |
3 files changed, 26 insertions, 19 deletions
diff --git a/source4/smb_server/handle.c b/source4/smb_server/handle.c index 87575896bd..5b3b925e1b 100644 --- a/source4/smb_server/handle.c +++ b/source4/smb_server/handle.c @@ -27,7 +27,7 @@ /**************************************************************************** init the handle structures ****************************************************************************/ -NTSTATUS smbsrv_init_handles(struct smbsrv_tcon *tcon, uint64_t limit) +NTSTATUS smbsrv_init_handles(struct smbsrv_tcon *tcon, uint32_t limit) { /* * the idr_* functions take 'int' as limit, @@ -47,7 +47,7 @@ NTSTATUS smbsrv_init_handles(struct smbsrv_tcon *tcon, uint64_t limit) find a handle given a handle id ****************************************************************************/ static struct smbsrv_handle *smbsrv_handle_find(struct smbsrv_handles_context *handles_ctx, - uint64_t hid, struct timeval request_time) + uint32_t hid, struct timeval request_time) { void *p; struct smbsrv_handle *handle; @@ -77,7 +77,7 @@ struct smbsrv_handle *smbsrv_smb_handle_find(struct smbsrv_tcon *smb_tcon, } struct smbsrv_handle *smbsrv_smb2_handle_find(struct smbsrv_tcon *smb_tcon, - uint64_t hid, struct timeval request_time) + uint32_t hid, struct timeval request_time) { return smbsrv_handle_find(&smb_tcon->handles, hid, request_time); } diff --git a/source4/smb_server/smb2/tcon.c b/source4/smb_server/smb2/tcon.c index 023ca9b0a4..9dd2461a0e 100644 --- a/source4/smb_server/smb2/tcon.c +++ b/source4/smb_server/smb2/tcon.c @@ -41,9 +41,9 @@ struct ntvfs_handle *smb2srv_pull_handle(struct smb2srv_request *req, const uint { struct smbsrv_tcon *tcon; struct smbsrv_handle *handle; - uint64_t hid; + uint32_t hid; uint32_t tid; - uint32_t pad; + uint64_t uid; /* * if there're chained requests used the cached handle @@ -56,16 +56,20 @@ struct ntvfs_handle *smb2srv_pull_handle(struct smb2srv_request *req, const uint offset = 0; } - hid = BVAL(base, offset); - tid = IVAL(base, offset + 8); - pad = IVAL(base, offset + 12); + hid = IVAL(base, offset); + tid = IVAL(base, offset + 4); + uid = BVAL(base, offset + 8); - if (pad != UINT32_MAX) { + /* if it's the wildcard handle, don't waste time to search it... */ + if (hid == UINT32_MAX && tid == UINT32_MAX && uid == UINT64_MAX) { return NULL; } - /* if it's the wildcard handle, don't waste time to search it... */ - if (hid == UINT64_MAX && tid == UINT32_MAX) { + /* + * if the (v)uid part doesn't match the given session the handle isn't + * valid + */ + if (uid != req->session->vuid) { return NULL; } @@ -74,7 +78,7 @@ struct ntvfs_handle *smb2srv_pull_handle(struct smb2srv_request *req, const uint * as that TID in the SMB2 header says, but * the request should succeed nevertheless! * - * because if this we put the 32 bit TID into the + * because of this we put the 32 bit TID into the * 128 bit handle, so that we can extract the tcon from the * handle */ @@ -102,6 +106,8 @@ struct ntvfs_handle *smb2srv_pull_handle(struct smb2srv_request *req, const uint * as the handle may have overwritten the tcon * we need to set it on the request so that the * correct ntvfs context will be used for the ntvfs_*() request + * + * TODO: check if that's correct for chained requests as well! */ req->tcon = tcon; return handle->ntvfs; @@ -115,9 +121,9 @@ void smb2srv_push_handle(uint8_t *base, uint_t offset, struct ntvfs_handle *ntvf /* * the handle is 128 bit on the wire */ - SBVAL(base, offset, handle->hid); - SIVAL(base, offset + 8, handle->tcon->tid); - SIVAL(base, offset + 12,UINT32_MAX); + SIVAL(base, offset, handle->hid); + SIVAL(base, offset + 4, handle->tcon->tid); + SBVAL(base, offset + 8, handle->session->vuid); } static NTSTATUS smb2srv_handle_create_new(void *private_data, struct ntvfs_request *ntvfs, struct ntvfs_handle **_h) diff --git a/source4/smb_server/smb_server.h b/source4/smb_server/smb_server.h index f2ff622b40..83a3f29ce5 100644 --- a/source4/smb_server/smb_server.h +++ b/source4/smb_server/smb_server.h @@ -185,13 +185,14 @@ struct smbsrv_handle { /* * the value passed over the wire * - 16 bit for smb - * - 64 bit for smb2 + * - 32 bit for smb2 * Note: for SMB2 handles are 128 bit - * we'll fill the 2nd 64 bit with: + * we'll fill them with + * - 32 bit HID * - 32 bit TID - * - 32 bit 0xFFFFFFFF + * - 64 bit VUID */ - uint64_t hid; + uint32_t hid; /* * the ntvfs handle passed to the ntvfs backend |