From 7a0ed93169e2c274b5386d153e4265b018f39b74 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 1 Nov 2008 15:51:19 +0100 Subject: Remove unused extern declaration --- source3/smbd/process.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index a8b93d8e1c..4d415b2d27 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -20,8 +20,6 @@ #include "includes.h" -extern int smb_echo_count; - /* * Size of data we can send to client. Set * by the client for all protocols above CORE. -- cgit From 7f9d6f80efbc211977b13ece80fff6adbea929ac Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 1 Nov 2008 16:24:42 +0100 Subject: Add a "buflen" struct member to smb_request This removes some explicit inbuf references and also removes a pointless check in reply_echo. The buflen can never be more than 64k, this is just a 16 bit value. --- source3/smbd/process.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 4d415b2d27..8e1add3fb1 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -375,6 +375,7 @@ void init_smb_request(struct smb_request *req, req->vuid = SVAL(inbuf, smb_uid); req->tid = SVAL(inbuf, smb_tid); req->wct = CVAL(inbuf, smb_wct); + req->buflen = smb_buflen(inbuf); req->unread_bytes = unread_bytes; req->encrypted = encrypted; req->conn = conn_find(req->tid); @@ -388,10 +389,10 @@ void init_smb_request(struct smb_request *req, exit_server_cleanly("Invalid SMB request"); } /* Ensure bcc is correct. */ - if (((uint8 *)smb_buf(inbuf)) + smb_buflen(inbuf) > inbuf + req_size) { + if (((uint8 *)smb_buf(inbuf)) + req->buflen > inbuf + req_size) { DEBUG(0,("init_smb_request: invalid bcc number %u " "(wct = %u, size %u)\n", - (unsigned int)smb_buflen(inbuf), + (unsigned int)req->buflen, (unsigned int)req->wct, (unsigned int)req_size)); exit_server_cleanly("Invalid SMB request"); -- cgit From 7bdb571ec4eea6689fa08f40be8b4c0133504f50 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 1 Nov 2008 17:35:48 +0100 Subject: Remove a bunch of direct inbuf references by adding "buf" to smb_request --- source3/smbd/process.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 8e1add3fb1..bd665f3868 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -376,6 +376,7 @@ void init_smb_request(struct smb_request *req, req->tid = SVAL(inbuf, smb_tid); req->wct = CVAL(inbuf, smb_wct); req->buflen = smb_buflen(inbuf); + req->buf = (const uint8_t *)smb_buf(inbuf); req->unread_bytes = unread_bytes; req->encrypted = encrypted; req->conn = conn_find(req->tid); -- cgit From 2bab73a18d22284c68fefb091c3c6869898ef576 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 2 Nov 2008 12:20:47 +0100 Subject: Remove a bunch of direct inbuf references by adding "vwv" to smb_request --- source3/smbd/process.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index bd665f3868..e32eea96a6 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -375,6 +375,7 @@ void init_smb_request(struct smb_request *req, req->vuid = SVAL(inbuf, smb_uid); req->tid = SVAL(inbuf, smb_tid); req->wct = CVAL(inbuf, smb_wct); + req->vwv = (uint16_t *)(inbuf+smb_vwv); req->buflen = smb_buflen(inbuf); req->buf = (const uint8_t *)smb_buf(inbuf); req->unread_bytes = unread_bytes; -- cgit From 7808a2594c22ff452d54d2e9e272aa60e4b7e482 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 2 Nov 2008 22:33:20 +0100 Subject: Remove some inbuf references by adding "cmd" to smb_request --- source3/smbd/process.c | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index e32eea96a6..215ae20077 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -369,6 +369,7 @@ void init_smb_request(struct smb_request *req, (unsigned int)req_size )); exit_server_cleanly("Invalid SMB request"); } + req->cmd = CVAL(inbuf, smb_com); req->flags2 = SVAL(inbuf, smb_flg2); req->smbpid = SVAL(inbuf, smb_pid); req->mid = SVAL(inbuf, smb_mid); @@ -1451,8 +1452,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in /* encrypted required from now on. */ conn->encrypt_level = Required; } else if (ENCRYPTION_REQUIRED(conn)) { - uint8 com = CVAL(req->inbuf,smb_com); - if (com != SMBtrans2 && com != SMBtranss2) { + if (req->cmd != SMBtrans2 && req->cmd != SMBtranss2) { exit_server_cleanly("encryption required " "on connection"); return conn; @@ -1487,7 +1487,6 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in static void construct_reply(char *inbuf, int size, size_t unread_bytes, bool encrypted) { - uint8 type = CVAL(inbuf,smb_com); connection_struct *conn; struct smb_request *req; @@ -1498,7 +1497,7 @@ static void construct_reply(char *inbuf, int size, size_t unread_bytes, bool enc } init_smb_request(req, (uint8 *)inbuf, unread_bytes, encrypted); - conn = switch_message(type, req, size); + conn = switch_message(req->cmd, req, size); if (req->unread_bytes) { /* writeX failed. drain socket. */ -- cgit From 0953688012dcacca5b28a19c7a2d8393428ca151 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 3 Nov 2008 15:25:02 +0100 Subject: Trigger (and fix) a bug in Samba3 making smbd an infinite data source A deferred open directly followed by a ulogoffX makes smbd3 send an infinite stream of ERRinvuid replies :-( --- source3/smbd/process.c | 1 + 1 file changed, 1 insertion(+) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 215ae20077..bd0acbc3c6 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1424,6 +1424,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in if (!change_to_user(conn,session_tag)) { reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRbaduid)); + remove_deferred_open_smb_message(req->mid); return conn; } -- cgit From e4897a5376309bd73727f4130bf9bc6170158a6f Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 3 Nov 2008 20:16:09 +0100 Subject: Add construct_reply_common_req wrapper The goal is to remove the remaining direct calls to construct_reply_common. --- source3/smbd/process.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index bd0acbc3c6..1dcfb4b122 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1608,6 +1608,11 @@ void construct_reply_common(const char *inbuf, char *outbuf) SSVAL(outbuf,smb_mid,SVAL(inbuf,smb_mid)); } +void construct_reply_common_req(struct smb_request *req, char *outbuf) +{ + return construct_reply_common((char *)req->inbuf, outbuf); +} + /**************************************************************************** Construct a chained reply and add it to the already made reply ****************************************************************************/ -- cgit From b8125663d90d9748b71a25a06a357167958dd18e Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 3 Nov 2008 21:55:05 +0100 Subject: Make "inbuf" a talloc child of "smb_request" for normal smb requests This is necessary if we want to keep the whole smb_request for deferred ops. The explicit settings of req->inbuf will be removed once all those deferring operations are converted to store the whole request and not just the inbuf. --- source3/smbd/process.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 1dcfb4b122..958e8634e9 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -400,7 +400,6 @@ void init_smb_request(struct smb_request *req, (unsigned int)req_size)); exit_server_cleanly("Invalid SMB request"); } - req->inbuf = inbuf; req->outbuf = NULL; } @@ -1497,6 +1496,7 @@ static void construct_reply(char *inbuf, int size, size_t unread_bytes, bool enc smb_panic("could not allocate smb_request"); } init_smb_request(req, (uint8 *)inbuf, unread_bytes, encrypted); + req->inbuf = (uint8_t *)talloc_move(req, &inbuf); conn = switch_message(req->cmd, req, size); @@ -1723,6 +1723,7 @@ void chain_reply(struct smb_request *req) smb_panic("could not allocate smb_request"); } init_smb_request(req2, (uint8 *)inbuf2,0, req->encrypted); + req2->inbuf = (uint8_t *)inbuf2; req2->chain_fsp = req->chain_fsp; /* process the request */ @@ -1931,8 +1932,6 @@ void smbd_process(void) process_smb(inbuf, inbuf_len, unread_bytes, encrypted); - TALLOC_FREE(inbuf); - num_smbs++; /* The timeout_processing function isn't run nearly -- cgit From b9211deba8aa6e0da4e66b6675b1e4baaaea55e1 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Wed, 5 Nov 2008 10:48:43 +0100 Subject: Fix the build --- source3/smbd/process.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 958e8634e9..7931fbebab 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1610,7 +1610,7 @@ void construct_reply_common(const char *inbuf, char *outbuf) void construct_reply_common_req(struct smb_request *req, char *outbuf) { - return construct_reply_common((char *)req->inbuf, outbuf); + construct_reply_common((char *)req->inbuf, outbuf); } /**************************************************************************** -- cgit From 5a33e906f651ea84ec909fd6453e13a9489bd391 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 7 Nov 2008 21:02:11 +0100 Subject: Make "construct_reply_common" static --- source3/smbd/process.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 7931fbebab..b3cd2f26c8 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -37,6 +37,8 @@ SIG_ATOMIC_T got_sig_term = 0; extern bool global_machine_password_needs_changing; extern int max_send; +static void construct_reply_common(const char *inbuf, char *outbuf); + /* Accessor function for smb_read_error for smbd functions. */ /**************************************************************************** @@ -1590,7 +1592,7 @@ void remove_from_common_flags2(uint32 v) common_flags2 &= ~v; } -void construct_reply_common(const char *inbuf, char *outbuf) +static void construct_reply_common(const char *inbuf, char *outbuf) { srv_set_message(outbuf,0,0,false); -- cgit