From 92bd7b0db82bffc951af7862edde95852edc756d Mon Sep 17 00:00:00 2001
From: Stefan Metzmacher <metze@samba.org>
Date: Tue, 28 Aug 2012 09:33:51 +0200
Subject: s3:smb2_create: check for SMB2_CREATE_TAG_DHNC first

metze

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Sep  5 12:27:25 CEST 2012 on sn-devel-104
---
 source3/smbd/smb2_create.c | 57 ++++++++++++----------------------------------
 1 file changed, 14 insertions(+), 43 deletions(-)

diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c
index c1cfa0cef3..2c308b1ee6 100644
--- a/source3/smbd/smb2_create.c
+++ b/source3/smbd/smb2_create.c
@@ -431,6 +431,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 	struct timespec write_time_ts;
 	struct smb2_create_blobs out_context_blobs;
 	int requested_oplock_level;
+	struct smb2_create_blob *dhnc = NULL;
 
 	ZERO_STRUCT(out_context_blobs);
 
@@ -468,6 +469,19 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 			in_name ));
 	}
 
+	dhnc = smb2_create_blob_find(&in_context_blobs,
+				     SMB2_CREATE_TAG_DHNC);
+
+	if (dhnc) {
+		if (dhnc->data.length != 16) {
+			tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
+			return tevent_req_post(req, ev);
+		}
+		/* we don't support durable handles yet */
+		tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
+		return tevent_req_post(req, ev);
+	}
+
 	if (IS_IPC(smb1req->conn)) {
 		const char *pipe_name = in_name;
 
@@ -507,7 +521,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		struct smb2_create_blob *secd = NULL;
 		struct security_descriptor *sec_desc = NULL;
 		struct smb2_create_blob *dhnq = NULL;
-		struct smb2_create_blob *dhnc = NULL;
 		struct smb2_create_blob *alsi = NULL;
 		uint64_t allocation_size = 0;
 		struct smb2_create_blob *twrp = NULL;
@@ -521,8 +534,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 					     SMB2_CREATE_TAG_SECD);
 		dhnq = smb2_create_blob_find(&in_context_blobs,
 					     SMB2_CREATE_TAG_DHNQ);
-		dhnc = smb2_create_blob_find(&in_context_blobs,
-					     SMB2_CREATE_TAG_DHNC);
 		alsi = smb2_create_blob_find(&in_context_blobs,
 					     SMB2_CREATE_TAG_ALSI);
 		twrp = smb2_create_blob_find(&in_context_blobs,
@@ -536,11 +547,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		}
 
 		if (exta) {
-			if (dhnc) {
-				tevent_req_nterror(req,NT_STATUS_OBJECT_NAME_NOT_FOUND);
-				return tevent_req_post(req, ev);
-			}
-
 			ea_list = read_nttrans_ea_list(mem_ctx,
 				(const char *)exta->data.data, exta->data.length);
 			if (!ea_list) {
@@ -551,11 +557,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		}
 
 		if (mxac) {
-			if (dhnc) {
-				tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
-				return tevent_req_post(req, ev);
-			}
-
 			if (mxac->data.length == 0) {
 				max_access_time = 0;
 			} else if (mxac->data.length == 8) {
@@ -569,11 +570,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		if (secd) {
 			enum ndr_err_code ndr_err;
 
-			if (dhnc) {
-				tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
-				return tevent_req_post(req, ev);
-			}
-
 			sec_desc = talloc_zero(state, struct security_descriptor);
 			if (tevent_req_nomem(sec_desc, req)) {
 				return tevent_req_post(req, ev);
@@ -591,11 +587,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 		}
 
 		if (dhnq) {
-			if (dhnc) {
-				tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
-				return tevent_req_post(req, ev);
-			}
-
 			if (dhnq->data.length != 16) {
 				tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
 				return tevent_req_post(req, ev);
@@ -606,22 +597,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 			 */
 		}
 
-		if (dhnc) {
-			if (dhnc->data.length != 16) {
-				tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
-				return tevent_req_post(req, ev);
-			}
-			/* we don't support durable handles yet */
-			tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
-			return tevent_req_post(req, ev);
-		}
-
 		if (alsi) {
-			if (dhnc) {
-				tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
-				return tevent_req_post(req, ev);
-			}
-
 			if (alsi->data.length != 8) {
 				tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
 				return tevent_req_post(req, ev);
@@ -634,11 +610,6 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
 			time_t t;
 			struct tm *tm;
 
-			if (dhnc) {
-				tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
-				return tevent_req_post(req, ev);
-			}
-
 			if (twrp->data.length != 8) {
 				tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
 				return tevent_req_post(req, ev);
-- 
cgit