From 3cbaf59726fc9fb7fc5a3124b3e1b8c5480a568e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 23 May 2000 01:27:19 +0000 Subject: Fixed bug where file access was allowed on IPC$ share. Return correct error codes on invalid share name. Jeremy. (This used to be commit 420d6bc4809cef9d74354175d0fa956ab4e8ac3c) --- source3/smbd/nttrans.c | 3 +++ source3/smbd/reply.c | 6 +++--- source3/smbd/service.c | 4 ++-- source3/smbd/trans2.c | 3 +++ 4 files changed, 11 insertions(+), 5 deletions(-) diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 5f58962799..cfd0faaf4f 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -2512,6 +2512,9 @@ due to being in oplock break state.\n" )); return -1; } + if (IS_IPC(conn) && (function_code != NT_TRANSACT_CREATE)) + return (ERROR(ERRSRV,ERRaccess)); + outsize = set_message(outbuf,0,0,True); /* diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index eddd06e343..c2db6dd082 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -156,8 +156,8 @@ work out what error to give to a failed connection static int connection_error(char *inbuf,char *outbuf,int ecode) { - if (ecode == ERRnoipc) - return(ERROR(ERRDOS,ERRnoipc)); + if (ecode == ERRnoipc || ecode == ERRnosuchshare) + return(ERROR(ERRDOS,ecode)); return(ERROR(ERRSRV,ecode)); } @@ -295,7 +295,7 @@ int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int lengt p = strchr(path+2,'\\'); if (!p) - return(ERROR(ERRSRV,ERRinvnetname)); + return(ERROR(ERRDOS,ERRnosuchshare)); fstrcpy(service,p+1); p = strchr(service,'%'); if (p) { diff --git a/source3/smbd/service.c b/source3/smbd/service.c index fa3bc3cb10..e6c8b2a6d8 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -212,7 +212,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int DEBUG(0,("%s (%s) couldn't find service %s\n", remote_machine, client_addr(), service)); - *ecode = ERRinvnetname; + *ecode = ERRnosuchshare; return NULL; } @@ -567,7 +567,7 @@ connection_struct *make_connection(char *service,char *user,char *password, int yield_connection(conn,"",MAXSTATUS); } conn_free(conn); - *ecode = ERRinvnetname; + *ecode = ERRnosuchshare; return NULL; } diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 18452158c8..f4cc9b218f 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -2234,6 +2234,9 @@ int reply_trans2(connection_struct *conn, return -1; } + if (IS_IPC(conn) && (tran_call != TRANSACT2_OPEN)) + return(ERROR(ERRSRV,ERRaccess)); + outsize = set_message(outbuf,0,0,True); /* All trans2 messages we handle have smb_sucnt == 1 - ensure this -- cgit