The branch, master has been updated via 5f3a765 smbd: Factor out smbd_smb2_send_break via afb2b64 smbd: Rename smbd_smb2_send_oplock_break_state->buf to ->body via 0d4bf91 smbd: no "dyn" in smbd_smb2_send_oplock_break via b7fe854 smbd: Make hdr a field of its own in smbd_smb2_send_oplock_break via 49de2e9 smbd: Make tf a field of its own in smbd_smb2_send_oplock_break via 6fcc4f8 smbd: Make nbt_hdr a field of its own in smbd_smb2_send_oplock_break from caa42ed s4-auth-krb: Fix talloc access after free in smb_krb5_update_keytab
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 5f3a7656726f808b649fb8dbdafff557867907d6 Author: Volker Lendecke <v...@samba.org> Date: Mon Jul 7 10:13:56 2014 +0000 smbd: Factor out smbd_smb2_send_break Most of this routine can be re-used for sending lease breaks Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> Autobuild-User(master): Volker Lendecke <v...@samba.org> Autobuild-Date(master): Tue Jul 8 19:54:09 CEST 2014 on sn-devel-104 commit afb2b64e75726273b67545f2f6264b9e06362add Author: Volker Lendecke <v...@samba.org> Date: Mon Jul 7 10:05:08 2014 +0000 smbd: Rename smbd_smb2_send_oplock_break_state->buf to ->body Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 0d4bf9150f2b9d56429c6de13570713904412376 Author: Volker Lendecke <v...@samba.org> Date: Mon Jul 7 09:54:12 2014 +0000 smbd: no "dyn" in smbd_smb2_send_oplock_break We don't need the assignment to state->vector[1+SMBD_SMB2_DYN_IOV_OFS], this is zero-initialized by talloc_zero Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit b7fe8541404667e3d82e36d74c62e62cc52fc309 Author: Volker Lendecke <v...@samba.org> Date: Mon Jul 7 09:35:40 2014 +0000 smbd: Make hdr a field of its own in smbd_smb2_send_oplock_break Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 49de2e9df60143f900775ce7deb03873216ab2d0 Author: Volker Lendecke <v...@samba.org> Date: Mon Jul 7 09:35:40 2014 +0000 smbd: Make tf a field of its own in smbd_smb2_send_oplock_break This actually saves a few bytes in .text. Maybe due to the struct assignments? Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> commit 6fcc4f8aebdacdf12e1c5f2f112c6416720d12b3 Author: Volker Lendecke <v...@samba.org> Date: Mon Jul 7 09:35:40 2014 +0000 smbd: Make nbt_hdr a field of its own in smbd_smb2_send_oplock_break Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Stefan Metzmacher <me...@samba.org> ----------------------------------------------------------------------- Summary of changes: source3/smbd/smb2_server.c | 134 ++++++++++++++++++++++++------------------- 1 files changed, 75 insertions(+), 59 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 166fb6b..d61929e 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -2720,51 +2720,44 @@ NTSTATUS smbd_smb2_request_error_ex(struct smbd_smb2_request *req, } -struct smbd_smb2_send_oplock_break_state { +struct smbd_smb2_send_break_state { struct smbd_server_connection *sconn; struct smbd_smb2_send_queue queue_entry; - uint8_t buf[NBT_HDR_SIZE + SMB2_TF_HDR_SIZE + SMB2_HDR_BODY + 0x18]; + uint8_t nbt_hdr[NBT_HDR_SIZE]; + uint8_t tf[SMB2_TF_HDR_SIZE]; + uint8_t hdr[SMB2_HDR_BODY]; struct iovec vector[1+SMBD_SMB2_NUM_IOV_PER_REQ]; + uint8_t body[1]; }; -NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, +static NTSTATUS smbd_smb2_send_break(struct smbd_server_connection *sconn, struct smbXsrv_session *session, struct smbXsrv_tcon *tcon, - struct smbXsrv_open *op, - uint8_t oplock_level) + const uint8_t *body, + size_t body_len) { - struct smbd_smb2_send_oplock_break_state *state; + struct smbd_smb2_send_break_state *state; struct smbXsrv_connection *conn = sconn->conn; - uint8_t *tf; - size_t tf_len; - uint8_t *hdr; - uint8_t *body; - size_t body_len; - uint8_t *dyn; - size_t dyn_len; bool do_encryption = session->global->encryption_required; uint64_t nonce_high = 0; uint64_t nonce_low = 0; NTSTATUS status; + size_t statelen; if (tcon->global->encryption_required) { do_encryption = true; } - state = talloc_zero(sconn, struct smbd_smb2_send_oplock_break_state); + statelen = offsetof(struct smbd_smb2_send_break_state, body) + + body_len; + + state = talloc_zero_size(sconn, statelen); if (state == NULL) { return NT_STATUS_NO_MEMORY; } + talloc_set_name_const(state, "struct smbd_smb2_send_break_state"); state->sconn = sconn; - tf = state->buf + NBT_HDR_SIZE; - tf_len = SMB2_TF_HDR_SIZE; - hdr = tf + tf_len; - body = hdr + SMB2_HDR_BODY; - body_len = 0x18; - dyn = body + body_len; - dyn_len = 0; - if (do_encryption) { nonce_high = session->nonce_high; nonce_low = session->nonce_low; @@ -2776,52 +2769,57 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, } } - SIVAL(tf, SMB2_TF_PROTOCOL_ID, SMB2_TF_MAGIC); - SBVAL(tf, SMB2_TF_NONCE+0, nonce_low); - SBVAL(tf, SMB2_TF_NONCE+8, nonce_high); - SBVAL(tf, SMB2_TF_SESSION_ID, session->global->session_wire_id); - - SIVAL(hdr, 0, SMB2_MAGIC); - SSVAL(hdr, SMB2_HDR_LENGTH, SMB2_HDR_BODY); - SSVAL(hdr, SMB2_HDR_EPOCH, 0); - SIVAL(hdr, SMB2_HDR_STATUS, 0); - SSVAL(hdr, SMB2_HDR_OPCODE, SMB2_OP_BREAK); - SSVAL(hdr, SMB2_HDR_CREDIT, 0); - SIVAL(hdr, SMB2_HDR_FLAGS, SMB2_HDR_FLAG_REDIRECT); - SIVAL(hdr, SMB2_HDR_NEXT_COMMAND, 0); - SBVAL(hdr, SMB2_HDR_MESSAGE_ID, UINT64_MAX); - SIVAL(hdr, SMB2_HDR_PID, 0); - SIVAL(hdr, SMB2_HDR_TID, 0); - SBVAL(hdr, SMB2_HDR_SESSION_ID, 0); - memset(hdr+SMB2_HDR_SIGNATURE, 0, 16); - - SSVAL(body, 0x00, body_len); + SIVAL(state->tf, SMB2_TF_PROTOCOL_ID, SMB2_TF_MAGIC); + SBVAL(state->tf, SMB2_TF_NONCE+0, nonce_low); + SBVAL(state->tf, SMB2_TF_NONCE+8, nonce_high); + SBVAL(state->tf, SMB2_TF_SESSION_ID, session->global->session_wire_id); - SCVAL(body, 0x02, oplock_level); - SCVAL(body, 0x03, 0); /* reserved */ - SIVAL(body, 0x04, 0); /* reserved */ - SBVAL(body, 0x08, op->global->open_persistent_id); - SBVAL(body, 0x10, op->global->open_volatile_id); + SIVAL(state->hdr, 0, SMB2_MAGIC); + SSVAL(state->hdr, SMB2_HDR_LENGTH, SMB2_HDR_BODY); + SSVAL(state->hdr, SMB2_HDR_EPOCH, 0); + SIVAL(state->hdr, SMB2_HDR_STATUS, 0); + SSVAL(state->hdr, SMB2_HDR_OPCODE, SMB2_OP_BREAK); + SSVAL(state->hdr, SMB2_HDR_CREDIT, 0); + SIVAL(state->hdr, SMB2_HDR_FLAGS, SMB2_HDR_FLAG_REDIRECT); + SIVAL(state->hdr, SMB2_HDR_NEXT_COMMAND, 0); + SBVAL(state->hdr, SMB2_HDR_MESSAGE_ID, UINT64_MAX); + SIVAL(state->hdr, SMB2_HDR_PID, 0); + SIVAL(state->hdr, SMB2_HDR_TID, 0); + SBVAL(state->hdr, SMB2_HDR_SESSION_ID, 0); + memset(state->hdr+SMB2_HDR_SIGNATURE, 0, 16); - state->vector[0].iov_base = (void *)state->buf; - state->vector[0].iov_len = NBT_HDR_SIZE; + state->vector[0] = (struct iovec) { + .iov_base = state->nbt_hdr, + .iov_len = sizeof(state->nbt_hdr) + }; if (do_encryption) { - state->vector[1+SMBD_SMB2_TF_IOV_OFS].iov_base = tf; - state->vector[1+SMBD_SMB2_TF_IOV_OFS].iov_len = tf_len; + state->vector[1+SMBD_SMB2_TF_IOV_OFS] = (struct iovec) { + .iov_base = state->tf, + .iov_len = sizeof(state->tf) + }; } else { - state->vector[1+SMBD_SMB2_TF_IOV_OFS].iov_base = NULL; - state->vector[1+SMBD_SMB2_TF_IOV_OFS].iov_len = 0; + state->vector[1+SMBD_SMB2_TF_IOV_OFS] = (struct iovec) { + .iov_base = NULL, + .iov_len = 0 + }; } - state->vector[1+SMBD_SMB2_HDR_IOV_OFS].iov_base = hdr; - state->vector[1+SMBD_SMB2_HDR_IOV_OFS].iov_len = SMB2_HDR_BODY; + state->vector[1+SMBD_SMB2_HDR_IOV_OFS] = (struct iovec) { + .iov_base = state->hdr, + .iov_len = sizeof(state->hdr) + }; - state->vector[1+SMBD_SMB2_BODY_IOV_OFS].iov_base = body; - state->vector[1+SMBD_SMB2_BODY_IOV_OFS].iov_len = body_len; + memcpy(state->body, body, body_len); - state->vector[1+SMBD_SMB2_DYN_IOV_OFS].iov_base = dyn; - state->vector[1+SMBD_SMB2_DYN_IOV_OFS].iov_len = dyn_len; + state->vector[1+SMBD_SMB2_BODY_IOV_OFS] = (struct iovec) { + .iov_base = state->body, + .iov_len = body_len /* no sizeof(state->body) .. :-) */ + }; + + /* + * state->vector[1+SMBD_SMB2_DYN_IOV_OFS] is NULL by talloc_zero above + */ smb2_setup_nbt_length(state->vector, 1 + SMBD_SMB2_NUM_IOV_PER_REQ); @@ -2851,6 +2849,24 @@ NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, return NT_STATUS_OK; } +NTSTATUS smbd_smb2_send_oplock_break(struct smbd_server_connection *sconn, + struct smbXsrv_session *session, + struct smbXsrv_tcon *tcon, + struct smbXsrv_open *op, + uint8_t oplock_level) +{ + uint8_t body[0x18]; + + SSVAL(body, 0x00, sizeof(body)); + SCVAL(body, 0x02, oplock_level); + SCVAL(body, 0x03, 0); /* reserved */ + SIVAL(body, 0x04, 0); /* reserved */ + SBVAL(body, 0x08, op->global->open_persistent_id); + SBVAL(body, 0x10, op->global->open_volatile_id); + + return smbd_smb2_send_break(sconn, session, tcon, body, sizeof(body)); +} + static bool is_smb2_recvfile_write(struct smbd_smb2_request_read_state *state) { NTSTATUS status; -- Samba Shared Repository