From e8f7c60ec25fd6ab40357ad44baf98918346a22a Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 21 Dec 2010 18:07:52 -0800 Subject: My algorithm for determining whan an incoming sequence number can be allowed is incorrect. (I based it on the text in MS-SMB2, silly me :-). Fix it so incoming sequence numbers can range over the entire allowable bitmap range. This fixes a repeatable disconnect against Win7. Jeremy. --- source3/smbd/smb2_server.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'source3/smbd/smb2_server.c') diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 025f4036fc..38f221c597 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -113,7 +113,8 @@ static NTSTATUS smbd_initialize_smb2(struct smbd_server_connection *sconn) sconn->smb2.seqnum_low = 0; sconn->smb2.credits_granted = 0; sconn->smb2.max_credits = lp_smb2_max_credits(); - sconn->smb2.credits_bitmap = bitmap_talloc(sconn, 2*sconn->smb2.max_credits); + sconn->smb2.credits_bitmap = bitmap_talloc(sconn, + DEFAULT_SMB2_MAX_CREDIT_BITMAP_FACTOR*sconn->smb2.max_credits); if (sconn->smb2.credits_bitmap == NULL) { return NT_STATUS_NO_MEMORY; } @@ -306,12 +307,12 @@ static bool smb2_validate_message_id(struct smbd_server_connection *sconn, if (message_id < sconn->smb2.seqnum_low || message_id > (sconn->smb2.seqnum_low + - (2*sconn->smb2.credits_granted))) { + (sconn->smb2.max_credits * DEFAULT_SMB2_MAX_CREDIT_BITMAP_FACTOR))) { DEBUG(0,("smb2_validate_message_id: bad message_id " - "%llu (low = %llu, granted = %lu)\n", + "%llu (low = %llu, max = %lu)\n", (unsigned long long)message_id, (unsigned long long)sconn->smb2.seqnum_low, - (unsigned long)sconn->smb2.credits_granted )); + (unsigned long)sconn->smb2.max_credits )); return false; } @@ -321,7 +322,7 @@ static bool smb2_validate_message_id(struct smbd_server_connection *sconn, /* Mark the message_id as seen in the bitmap. */ bitmap_offset = (unsigned int)(message_id % - (uint64_t)(sconn->smb2.max_credits * 2)); + (uint64_t)(sconn->smb2.max_credits * DEFAULT_SMB2_MAX_CREDIT_BITMAP_FACTOR)); if (bitmap_query(credits_bm, bitmap_offset)) { DEBUG(0,("smb2_validate_message_id: duplicate message_id " "%llu (bm offset %u)\n", @@ -342,7 +343,7 @@ static bool smb2_validate_message_id(struct smbd_server_connection *sconn, bitmap_clear(credits_bm, bitmap_offset); sconn->smb2.seqnum_low += 1; bitmap_offset = (bitmap_offset + 1) % - (sconn->smb2.max_credits * 2); + (sconn->smb2.max_credits * DEFAULT_SMB2_MAX_CREDIT_BITMAP_FACTOR); } } -- cgit