From 4d39976dddf2adf6a0d659050c3a21a6e0ff8ab2 Mon Sep 17 00:00:00 2001
From: Andrew Tridgell <tridge@samba.org>
Date: Wed, 21 May 2008 22:12:20 +1000
Subject: fixed SMB2 locking

- SMB2 locking is different in several ways from SMB locking. To fix
  it properly we will need a new generic mapping structure for
  locking, but for now do a best effort mapping

- added locking to gentest_smb2
(This used to be commit ea6d9cf602302adafe0f9d5f5f90a9b26d1ead6f)
---
 source4/smb_server/smb2/fileio.c | 30 ++++++++++++++++++++++--------
 1 file changed, 22 insertions(+), 8 deletions(-)

(limited to 'source4/smb_server/smb2/fileio.c')

diff --git a/source4/smb_server/smb2/fileio.c b/source4/smb_server/smb2/fileio.c
index b6b35d3d89..0feb259038 100644
--- a/source4/smb_server/smb2/fileio.c
+++ b/source4/smb_server/smb2/fileio.c
@@ -247,7 +247,7 @@ static void smb2srv_lock_send(struct ntvfs_request *ntvfs)
 	SMB2SRV_CHECK_ASYNC_STATUS_ERR(io, union smb_lock);
 	SMB2SRV_CHECK(smb2srv_setup_reply(req, 0x04, false, 0));
 
-	SSVAL(req->out.body,	0x02,	io->smb2.out.unknown1);
+	SSVAL(req->out.body,	0x02,	io->smb2.out.reserved);
 
 	smb2srv_send_reply(req);
 }
@@ -255,20 +255,34 @@ static void smb2srv_lock_send(struct ntvfs_request *ntvfs)
 void smb2srv_lock_recv(struct smb2srv_request *req)
 {
 	union smb_lock *io;
+	int i;
 
 	SMB2SRV_CHECK_BODY_SIZE(req, 0x30, false);
 	SMB2SRV_TALLOC_IO_PTR(io, union smb_lock);
 	SMB2SRV_SETUP_NTVFS_REQUEST(smb2srv_lock_send, NTVFS_ASYNC_STATE_MAY_ASYNC);
 
 	io->smb2.level			= RAW_LOCK_SMB2;
-
-	io->smb2.in.unknown1		= SVAL(req->in.body, 0x02);
-	io->smb2.in.unknown2		= IVAL(req->in.body, 0x04);
+	io->smb2.in.lock_count		= SVAL(req->in.body, 0x02);
+	io->smb2.in.reserved		= IVAL(req->in.body, 0x04);
 	io->smb2.in.file.ntvfs		= smb2srv_pull_handle(req, req->in.body, 0x08);
-	io->smb2.in.offset		= BVAL(req->in.body, 0x18);
-	io->smb2.in.count		= BVAL(req->in.body, 0x20);
-	io->smb2.in.unknown5		= IVAL(req->in.body, 0x24);
-	io->smb2.in.flags		= IVAL(req->in.body, 0x28);
+	if (req->in.body_size < 24 + 24*(uint64_t)io->smb2.in.lock_count) {
+		DEBUG(0,("%s: lock buffer too small\n", __location__));
+		smb2srv_send_error(req,  NT_STATUS_FOOBAR);
+		return;
+	}
+	io->smb2.in.locks = talloc_array(io, struct smb2_lock_element, 
+					 io->smb2.in.lock_count);
+	if (io->smb2.in.locks == NULL) {
+		smb2srv_send_error(req, NT_STATUS_NO_MEMORY);
+		return;
+	}
+
+	for (i=0;i<io->smb2.in.lock_count;i++) {
+		io->smb2.in.locks[i].offset	= BVAL(req->in.body, 24 + i*24);
+		io->smb2.in.locks[i].length	= BVAL(req->in.body, 32 + i*24);
+		io->smb2.in.locks[i].flags	= IVAL(req->in.body, 40 + i*24);
+		io->smb2.in.locks[i].reserved	= IVAL(req->in.body, 44 + i*24);
+	}
 
 	SMB2SRV_CHECK_FILE_HANDLE(io->smb2.in.file.ntvfs);
 	SMB2SRV_CALL_NTVFS_BACKEND(ntvfs_lock(req->ntvfs, io));
-- 
cgit