From e603929b9801ad6cc47dead19d27b42fe46489c7 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Mon, 5 Sep 2011 12:14:06 +0200 Subject: s3:smb2_server: max_trans, max_read and max_write are limited to 64 kilobytes Only if SMB2_CAP_LARGE_MTU is supported we should announce larger limits. metze --- source3/smbd/smb2_negprot.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'source3/smbd') diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 5ae916397b..27433982b1 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -77,6 +77,10 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) uint16_t dialect_count; uint16_t dialect = 0; uint32_t capabilities; + uint32_t max_limit; + uint32_t max_trans = lp_smb2_max_trans(); + uint32_t max_read = lp_smb2_max_read(); + uint32_t max_write = lp_smb2_max_write(); /* TODO: drop the connection with INVALID_PARAMETER */ @@ -139,6 +143,16 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) capabilities |= SMB2_CAP_DFS; } + /* + * Unless we implement SMB2_CAP_LARGE_MTU, + * 0x10000 (65536) is the maximum allowed message size + */ + max_limit = 0x10000; + + max_trans = MIN(max_limit, max_trans); + max_read = MIN(max_limit, max_read); + max_write = MIN(max_limit, max_write); + security_offset = SMB2_HDR_BODY + 0x40; #if 1 @@ -164,9 +178,9 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) negprot_spnego_blob.data, 16); /* server guid */ SIVAL(outbody.data, 0x18, capabilities); /* capabilities */ - SIVAL(outbody.data, 0x1C, lp_smb2_max_trans()); /* max transact size */ - SIVAL(outbody.data, 0x20, lp_smb2_max_read()); /* max read size */ - SIVAL(outbody.data, 0x24, lp_smb2_max_write()); /* max write size */ + SIVAL(outbody.data, 0x1C, max_trans); /* max transact size */ + SIVAL(outbody.data, 0x20, max_trans); /* max read size */ + SIVAL(outbody.data, 0x24, max_trans); /* max write size */ SBVAL(outbody.data, 0x28, 0); /* system time */ SBVAL(outbody.data, 0x30, 0); /* server start time */ SSVAL(outbody.data, 0x38, -- cgit