Attachment #153305 for bug #222299

View | Details | Raw Unified | Return to bug 222299
Collapse All | Expand All

Lines 3626-3632 static void readline_callback(void) Link Here

(-)a/source/client/client.c (-1 / +1 lines)
3626	session keepalives and then drop them here.	3626	session keepalives and then drop them here.
3627	*/	3627	*/
3628	if (FD_ISSET(cli->fd,&fds)) {	3628	if (FD_ISSET(cli->fd,&fds)) {
3629	if (!receive_smb(cli->fd,cli->inbuf,0)) {	3629	if (!receive_smb(cli->fd,cli->inbuf,cli->bufsize,0)) {
3630	DEBUG(0, ("Read from server failed, maybe it closed the "	3630	DEBUG(0, ("Read from server failed, maybe it closed the "
3631	"connection\n"));	3631	"connection\n"));
3632	return;	3632	return;

Lines 3304-3310 static void readline_callback(void) Link Here

(-)a/source/client/smbctool.c (-1 / +1 lines)
3304	session keepalives and then drop them here.	3304	session keepalives and then drop them here.
3305	*/	3305	*/
3306	if (FD_ISSET(cli->fd,&fds)) {	3306	if (FD_ISSET(cli->fd,&fds)) {
3307	receive_smb(cli->fd,cli->inbuf,0);	3307	receive_smb(cli->fd,cli->inbuf,cli->bufsize,0);
3308	goto again;	3308	goto again;
3309	}	3309	}
3310		3310




}

/****************************************************************************
 Read an smb from a fd. 
 BUFFER_SIZE+SAFETY_MARGIN.
 The timeout is in milliseconds. 
 This function will return on receipt of a session keepalive packet.
 Doesn't check the MAC on signed packets.
****************************************************************************/

BOOL receive_smb_raw(int fd, char *buffer, size_t buflen, unsigned int timeout)
{
	ssize_t len,ret;


		return False;
	}

	if (len > buflen) {
	 * A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
	 * of header. Don't print the error if this fits.... JRA.
	 */

	if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
		DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len));
		if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) {

		/*
		 * smb_read_error may have already been
		 * set. Only set it here if not already set. Global
		 * variables still suck :-). JRA.
		 */

		if (smb_read_error == 0)
			smb_read_error = READ_ERROR;
		return False;
		}
	}

	if(len > 0) {

 Checks the MAC on signed packets.
****************************************************************************/

BOOL receive_smb(int fd, char *buffer, size_t buflen, unsigned int timeout)
{
	if (!receive_smb_raw(fd, buffer, buflen, timeout)) {
		return False;
	}





}

/****************************************************************************
 Read an smb from a fd ignoring all keepalive packets.
 *MUST* be of size BUFFER_SIZE+SAFETY_MARGIN.
 The timeout is in milliseconds

 This is exactly the same as receive_smb except that it never returns

 should never go into a blocking read.
****************************************************************************/

static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout)
{
	BOOL ret;

	for(;;) {
		ret = receive_smb_raw(fd, buffer, bufsize, timeout);

		if (!ret) {
			DEBUG(10,("client_receive_smb failed\n"));

		return False; 

 again:
	ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout);
	
	if (ret) {
		/* it might be an oplock break request */

Lines 521-527 static BOOL receive_message_or_smb(char *buffer, int buffer_len, int timeout) Link Here

(-)a/source/smbd/process.c (-1 / +2 lines)
521	goto again;	521	goto again;
522	}	522	}
523		523
524	return receive_smb(smbd_server_fd(), buffer, 0);	524	return receive_smb(smbd_server_fd(), buffer,
		525	BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE, 0);
525	}	526	}
526		527
527	/*	528	/*

Lines 140-146 static void filter_child(int c, struct in_addr dest_ip) Link Here

(-)a/source/utils/smbfilter.c (-2 / +2 lines)
140	if (num <= 0) continue;	140	if (num <= 0) continue;
141		141
142	if (c != -1 && FD_ISSET(c, &fds)) {	142	if (c != -1 && FD_ISSET(c, &fds)) {
143	if (!receive_smb(c, packet, 0)) {	143	if (!receive_smb(c, packet, BUFFER_SIZE, 0)) {
144	d_printf("client closed connection\n");	144	d_printf("client closed connection\n");
145	exit(0);	145	exit(0);
146	}	146	}
Lines 151-157 static void filter_child(int c, struct in_addr dest_ip) Link Here
151	}	151	}
152	}	152	}
153	if (s != -1 && FD_ISSET(s, &fds)) {	153	if (s != -1 && FD_ISSET(s, &fds)) {
154	if (!receive_smb(s, packet, 0)) {	154	if (!receive_smb(s, packet, BUFFER_SIZE, 0)) {
155	d_printf("server closed connection\n");	155	d_printf("server closed connection\n");
156	exit(0);	156	exit(0);
157	}	157	}

Return to bug 222299

Lines 654-667 ssize_t read_smb_length(int fd, char *inbuf, unsigned int timeout) Link Here

(-)a/source/lib/util_sock.c (-21 / +13 lines)
654	}	654	}
655		655
656	/****************************************************************************	656	/****************************************************************************
657	Read an smb from a fd. Note that the buffer MUST be of size	657	Read an smb from a fd.
658	BUFFER_SIZE+SAFETY_MARGIN.
659	The timeout is in milliseconds.	658	The timeout is in milliseconds.
660	This function will return on receipt of a session keepalive packet.	659	This function will return on receipt of a session keepalive packet.
661	Doesn't check the MAC on signed packets.	660	Doesn't check the MAC on signed packets.
662	****************************************************************************/	661	****************************************************************************/
663		662
664	BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout)	663	BOOL receive_smb_raw(int fd, char *buffer, size_t buflen, unsigned int timeout)
665	{	664	{
666	ssize_t len,ret;	665	ssize_t len,ret;
667		666
Lines 682-706 BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout) Link Here
682	return False;	681	return False;
683	}	682	}
684		683
685	/*	684	if (len > buflen) {
686	* A WRITEX with CAP_LARGE_WRITEX can be 64k worth of data plus 65 bytes
687	* of header. Don't print the error if this fits.... JRA.
688	*/
689
690	if (len > (BUFFER_SIZE + LARGE_WRITEX_HDR_SIZE)) {
691	DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len));	685	DEBUG(0,("Invalid packet length! (%lu bytes).\n",(unsigned long)len));
692	if (len > BUFFER_SIZE + (SAFETY_MARGIN/2)) {
693		686
694	/*	687	/*
695	* Correct fix. smb_read_error may have already been	688	* smb_read_error may have already been
696	* set. Only set it here if not already set. Global	689	* set. Only set it here if not already set. Global
697	* variables still suck :-). JRA.	690	* variables still suck :-). JRA.
698	*/	691	*/
699		692
700	if (smb_read_error == 0)	693	if (smb_read_error == 0)
701	smb_read_error = READ_ERROR;	694	smb_read_error = READ_ERROR;
702	return False;	695	return False;
703	}
704	}	696	}
705		697
706	if(len > 0) {	698	if(len > 0) {
Lines 730-738 BOOL receive_smb_raw(int fd, char *buffer, unsigned int timeout) Link Here
730	Checks the MAC on signed packets.	722	Checks the MAC on signed packets.
731	****************************************************************************/	723	****************************************************************************/
732		724
733	BOOL receive_smb(int fd, char *buffer, unsigned int timeout)	725	BOOL receive_smb(int fd, char *buffer, size_t buflen, unsigned int timeout)
734	{	726	{
735	if (!receive_smb_raw(fd, buffer, timeout)) {	727	if (!receive_smb_raw(fd, buffer, buflen, timeout)) {
736	return False;	728	return False;
737	}	729	}
738		730

Lines 44-51 int cli_set_port(struct cli_state *cli, int port) Link Here

(-)a/source/libsmb/clientgen.c (-5 / +4 lines)
44	}	44	}
45		45
46	/****************************************************************************	46	/****************************************************************************
47	Read an smb from a fd ignoring all keepalive packets. Note that the buffer	47	Read an smb from a fd ignoring all keepalive packets.
48	MUST be of size BUFFER_SIZE+SAFETY_MARGIN.
49	The timeout is in milliseconds	48	The timeout is in milliseconds
50		49
51	This is exactly the same as receive_smb except that it never returns	50	This is exactly the same as receive_smb except that it never returns
Lines 54-65 int cli_set_port(struct cli_state *cli, int port) Link Here
54	should never go into a blocking read.	53	should never go into a blocking read.
55	****************************************************************************/	54	****************************************************************************/
56		55
57	static BOOL client_receive_smb(int fd,char *buffer, unsigned int timeout)	56	static BOOL client_receive_smb(int fd,char *buffer, size_t bufsize, unsigned int timeout)
58	{	57	{
59	BOOL ret;	58	BOOL ret;
60		59
61	for(;;) {	60	for(;;) {
62	ret = receive_smb_raw(fd, buffer, timeout);	61	ret = receive_smb_raw(fd, buffer, bufsize, timeout);
63		62
64	if (!ret) {	63	if (!ret) {
65	DEBUG(10,("client_receive_smb failed\n"));	64	DEBUG(10,("client_receive_smb failed\n"));
Lines 88-94 BOOL cli_receive_smb(struct cli_state *cli) Link Here
88	return False;	87	return False;
89		88
90	again:	89	again:
91	ret = client_receive_smb(cli->fd,cli->inbuf,cli->timeout);	90	ret = client_receive_smb(cli->fd,cli->inbuf, cli->bufsize, cli->timeout);
92		91
93	if (ret) {	92	if (ret) {
94	/* it might be an oplock break request */	93	/* it might be an oplock break request */