The branch, master has been updated via 4732f5b s4:torture/smb2/lock: remove samba4 specific checks for NETWORK_NAME_DELETED/USER_SESSION_DELETED via 1f4bf0f s4:libcli/smb2: ignore SMB2_OP_CANCEL responses via caef1c7 s4:libcli/smb2: correctly sign SMB2_OP_CANCEL request if they belong to a session via 28b48f8 s4:libcli/smb2: don't try to check the signing if we got NT_STATUS_USER_SESSION_DELETED from 417c16e s3:dbwrap_ctdb: improve the check for skipping the __db_sequence_number__ record in traverse
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 4732f5b2108f6c16849f8c7a7fae3cc486cf0fe3 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 28 08:47:56 2011 +0200 s4:torture/smb2/lock: remove samba4 specific checks for NETWORK_NAME_DELETED/USER_SESSION_DELETED Most Windows versions have a strange order to verify the session id, tree id and file id. (They should be checked in that order, but windows seems to check the file id before the others). metze Autobuild-User: Stefan Metzmacher <me...@samba.org> Autobuild-Date: Wed Sep 28 21:12:07 CEST 2011 on sn-devel-104 commit 1f4bf0fb0fbcecd6de92047f6f68bf822af67a09 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 28 08:23:24 2011 +0200 s4:libcli/smb2: ignore SMB2_OP_CANCEL responses If there're a problem with signing or the session doesn't exists any more the server responses with a failure, instead of not sending a response. For now we ignore the reponse, as there's not much we could do with it and it's not likely that we generate bad requests, which trigger that behavior, except for testing. metze commit caef1c7d2132fb9f669dd1e77c06172408386fc3 Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 28 07:50:42 2011 +0200 s4:libcli/smb2: correctly sign SMB2_OP_CANCEL request if they belong to a session metze commit 28b48f84984684af91c3a1e55d2054e57db0084c Author: Stefan Metzmacher <me...@samba.org> Date: Wed Sep 28 06:43:51 2011 +0200 s4:libcli/smb2: don't try to check the signing if we got NT_STATUS_USER_SESSION_DELETED metze ----------------------------------------------------------------------- Summary of changes: source4/libcli/smb2/cancel.c | 1 + source4/libcli/smb2/transport.c | 13 ++++++++++++- source4/torture/smb2/lock.c | 26 ++++++++++++++------------ 3 files changed, 27 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/source4/libcli/smb2/cancel.c b/source4/libcli/smb2/cancel.c index 28ef309..9fcb8cf 100644 --- a/source4/libcli/smb2/cancel.c +++ b/source4/libcli/smb2/cancel.c @@ -57,6 +57,7 @@ NTSTATUS smb2_cancel(struct smb2_request *r) SBVAL(c->out.hdr, SMB2_HDR_MESSAGE_ID, c->seqnum); if (r->session) { SBVAL(c->out.hdr, SMB2_HDR_SESSION_ID, r->session->uid); + c->session = r->session; } SSVAL(c->out.body, 0x02, 0); diff --git a/source4/libcli/smb2/transport.c b/source4/libcli/smb2/transport.c index 538cb5f..c17bbfd 100644 --- a/source4/libcli/smb2/transport.c +++ b/source4/libcli/smb2/transport.c @@ -277,6 +277,16 @@ static NTSTATUS smb2_transport_finish_recv(void *private_data, DATA_BLOB blob) return smb2_handle_oplock_break(transport, &blob); } + if (opcode == SMB2_OP_CANCEL) { + /* + * ignore responses to cancel requests, + * this can happen if signing was wrong or + * we specified the wrong session id + */ + talloc_free(buffer); + return NT_STATUS_OK; + } + /* match the incoming request against the list of pending requests */ for (req=transport->pending_recv; req; req=req->next) { if (req->seqnum == seqnum) break; @@ -322,7 +332,8 @@ static NTSTATUS smb2_transport_finish_recv(void *private_data, DATA_BLOB blob) req->in.body_size = req->in.size - (SMB2_HDR_BODY+NBT_HDR_SIZE); } - if (req->session && req->session->signing_active) { + if (req->session && req->session->signing_active && + !NT_STATUS_EQUAL(req->status, NT_STATUS_USER_SESSION_DELETED)) { status = smb2_check_signature(&req->in, req->session->session_key); if (!NT_STATUS_IS_OK(status)) { diff --git a/source4/torture/smb2/lock.c b/source4/torture/smb2/lock.c index 5bccf04..aee8292 100644 --- a/source4/torture/smb2/lock.c +++ b/source4/torture/smb2/lock.c @@ -1056,12 +1056,13 @@ static bool test_cancel_tdis(struct torture_context *torture, lck.in.file.handle = h; el[0].flags = SMB2_LOCK_FLAG_UNLOCK; status = smb2_lock(tree, &lck); - if (torture_setting_bool(torture, "samba4", false)) { - /* checking if the tcon supplied are still valid - * should happen before you validate a file handle, - * so we should return USER_SESSION_DELETED */ - CHECK_STATUS(status, NT_STATUS_NETWORK_NAME_DELETED); - } else { + /* + * Most Windows versions have a strange order to + * verify the session id, tree id and file id. + * (They should be checked in that order, but windows + * seems to check the file id before the others). + */ + if (!NT_STATUS_EQUAL(status, NT_STATUS_NETWORK_NAME_DELETED)) { CHECK_STATUS(status, NT_STATUS_FILE_CLOSED); } @@ -1141,12 +1142,13 @@ static bool test_cancel_logoff(struct torture_context *torture, lck.in.file.handle = h; el[0].flags = SMB2_LOCK_FLAG_UNLOCK; status = smb2_lock(tree, &lck); - if (torture_setting_bool(torture, "samba4", false)) { - /* checking if the credential supplied are still valid - * should happen before you validate a file handle, - * so we should return USER_SESSION_DELETED */ - CHECK_STATUS(status, NT_STATUS_USER_SESSION_DELETED); - } else { + /* + * Most Windows versions have a strange order to + * verify the session id, tree id and file id. + * (They should be checked in that order, but windows + * seems to check the file id before the others). + */ + if (!NT_STATUS_EQUAL(status, NT_STATUS_USER_SESSION_DELETED)) { CHECK_STATUS(status, NT_STATUS_FILE_CLOSED); } -- Samba Shared Repository