sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-24 02:04:21 +03:00
Code

smbd:smb2: successfully answer a DHnC request when the initial create was DH2Q

Browse Source 
I.e. the durable reconnect attempt is v1 while the original create was durable
v2 including the create guid.

Implement this by skipping the create_guid verification when
the reconnect request is v1.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Michael Adam 2013-09-25 23:20:18 +02:00 committed by Stefan Metzmacher
parent 9769f06977
commit 1bd2ab4161
3 changed files with 18 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
source3/smbd/globals.h
View File

@ -457,7 +457,7 @@ NTSTATUS smb2srv_open_lookup(struct smbXsrv_connection *conn,
NTSTATUS smb2srv_open_recreate(struct smbXsrv_connection *conn,
struct auth_session_info *session_info,
uint64_t persistent_id,
struct GUID create_guid,
const struct GUID *create_guid,
NTTIME now,
struct smbXsrv_open **_open);
struct smbXsrv_open_global0;

11
source3/smbd/smb2_create.c
View File

@ -550,7 +550,8 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
uint64_t allocation_size = 0;
struct smb2_create_blob *twrp = NULL;
struct smb2_create_blob *qfid = NULL;
struct GUID create_guid = GUID_zero();
struct GUID _create_guid = GUID_zero();
struct GUID *create_guid = NULL;
bool update_open = false;
bool durable_requested = false;
uint32_t durable_timeout_msec = 0;
@ -668,10 +669,11 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
create_guid_blob = data_blob_const(p + 16, 16);
status = GUID_from_ndr_blob(&create_guid_blob,
&create_guid);
&_create_guid);
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
create_guid = &_create_guid;
/*
* we need to store the create_guid later
*/
@ -706,10 +708,11 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
create_guid_blob = data_blob_const(p + 16, 16);
status = GUID_from_ndr_blob(&create_guid_blob,
&create_guid);
&_create_guid);
if (tevent_req_nterror(req, status)) {
return tevent_req_post(req, ev);
}
create_guid = &_create_guid;
do_durable_reconnect = true;
}
@ -940,7 +943,7 @@ static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
}
if (update_open) {
op->global->create_guid = create_guid;
op->global->create_guid = _create_guid;
status = smbXsrv_open_update(op);
DEBUG(10, ("smb2_create_send: smbXsrv_open_update "

12
source3/smbd/smbXsrv_open.c
View File

@ -1168,7 +1168,7 @@ NTSTATUS smb2srv_open_lookup(struct smbXsrv_connection *conn,
NTSTATUS smb2srv_open_recreate(struct smbXsrv_connection *conn,
struct auth_session_info *session_info,
uint64_t persistent_id,
struct GUID create_guid,
const struct GUID *create_guid,
NTTIME now,
struct smbXsrv_open **_open)
{
@ -1207,7 +1207,15 @@ NTSTATUS smb2srv_open_recreate(struct smbXsrv_connection *conn,
return status;
}
if (!GUID_equal(&op->global->create_guid, &create_guid)) {
/*
* If the provided create_guid is NULL, this means that
* the reconnect request was a v1 request. In that case
* we should skipt the create GUID verification, since
* it is valid to v1-reconnect a v2-opened handle.
*/
if ((create_guid != NULL) &&
!GUID_equal(&op->global->create_guid, create_guid))
{
TALLOC_FREE(op);
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}