[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-4272-gf1c0d56

Jeremy Allison Mon, 20 Oct 2008 11:06:40 -0700

The branch, v3-3-test has been updated
       via  f1c0d56e8230bb4a8c085ad885cf05cbcc8297ec (commit)
       via  b6ce6dd1d82314ce3194dc450e67dec948e1a6b2 (commit)
       via  3c609efe12ee941dc0474e39b5e90ad39a075ff2 (commit)
      from  e3550c235e6a59749c1e57b469289069f7e541d4 (commit)


http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit f1c0d56e8230bb4a8c085ad885cf05cbcc8297ec
Author: Volker Lendecke <[EMAIL PROTECTED]>
Date:   Mon Oct 20 11:05:45 2008 -0700

    "fn_new"->"fn" in smb_messages[], we got beyond that :-)

commit b6ce6dd1d82314ce3194dc450e67dec948e1a6b2
Author: Volker Lendecke <[EMAIL PROTECTED]>
Date:   Mon Oct 20 11:05:31 2008 -0700

    Use a direct compare instead of calling strncmp in valid_smb_header

commit 3c609efe12ee941dc0474e39b5e90ad39a075ff2
Author: Volker Lendecke <[EMAIL PROTECTED]>
Date:   Mon Oct 20 11:05:13 2008 -0700

    Move the global hosts_allow() check out of the processing loop:

-----------------------------------------------------------------------

Summary of changes:
 source/smbd/process.c |   53 +++++++++++++++++++++++++++---------------------
 1 files changed, 30 insertions(+), 23 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/smbd/process.c b/source/smbd/process.c
index 0b8ff4f..338f606 100644
--- a/source/smbd/process.c
+++ b/source/smbd/process.c
@@ -105,7 +105,11 @@ static bool valid_smb_header(const uint8_t *inbuf)
        if (is_encrypted_packet(inbuf)) {
                return true;
        }
-       return (strncmp(smb_base(inbuf),"\377SMB",4) == 0);
+       /*
+        * This used to be (strncmp(smb_base(inbuf),"\377SMB",4) == 0)
+        * but it just looks weird to call strncmp for this one.
+        */
+       return (IVAL(smb_base(inbuf), 0) == 0x424D53FF);
 }
 
 /* Socket functions for smbd packet processing. */
@@ -973,7 +977,7 @@ force write permissions on print services.
 */
 static const struct smb_message_struct {
        const char *name;
-       void (*fn_new)(struct smb_request *req);
+       void (*fn)(struct smb_request *req);
        int flags;
 } smb_messages[256] = {
 
@@ -1349,7 +1353,7 @@ static connection_struct *switch_message(uint8 type, 
struct smb_request *req, in
                exit_server_cleanly("Non-SMB packet");
        }
 
-       if (smb_messages[type].fn_new == NULL) {
+       if (smb_messages[type].fn == NULL) {
                DEBUG(0,("Unknown message type %d!\n",type));
                smb_dump("Unknown", 1, (char *)req->inbuf, size);
                reply_unknown_new(req, type);
@@ -1471,7 +1475,7 @@ static connection_struct *switch_message(uint8 type, 
struct smb_request *req, in
                return conn;
        }
 
-       smb_messages[type].fn_new(req);
+       smb_messages[type].fn(req);
        return req->conn;
 }
 
@@ -1535,25 +1539,6 @@ static void process_smb(char *inbuf, size_t nread, 
size_t unread_bytes, bool enc
 
        DO_PROFILE_INC(smb_count);
 
-       if (trans_num == 0) {
-               char addr[INET6_ADDRSTRLEN];
-
-               /* on the first packet, check the global hosts allow/ hosts
-               deny parameters before doing any parsing of the packet
-               passed to us by the client.  This prevents attacks on our
-               parsing code from hosts not in the hosts allow list */
-
-               if (!check_access(smbd_server_fd(), lp_hostsallow(-1),
-                                 lp_hostsdeny(-1))) {
-                       /* send a negative session response "not listening on 
calling name" */
-                       static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
-                       DEBUG( 1, ( "Connection denied from %s\n",
-                               client_addr(get_client_fd(),addr,sizeof(addr)) 
) );
-                       (void)srv_send_smb(smbd_server_fd(),(char *)buf,false);
-                       exit_server_cleanly("connection denied");
-               }
-       }
-
        DEBUG( 6, ( "got message type 0x%x of len 0x%x\n", msg_type,
                    smb_len(inbuf) ) );
        DEBUG( 3, ( "Transaction %d of length %d (%u toread)\n", trans_num,
@@ -1893,6 +1878,28 @@ void smbd_process(void)
        unsigned int num_smbs = 0;
        size_t unread_bytes = 0;
 
+       char addr[INET6_ADDRSTRLEN];
+
+       /*
+        * Before the first packet, check the global hosts allow/ hosts deny
+        * parameters before doing any parsing of packets passed to us by the
+        * client. This prevents attacks on our parsing code from hosts not in
+        * the hosts allow list.
+        */
+
+       if (!check_access(smbd_server_fd(), lp_hostsallow(-1),
+                         lp_hostsdeny(-1))) {
+               /*
+                * send a negative session response "not listening on calling
+                * name"
+                */
+               unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
+               DEBUG( 1, ("Connection denied from %s\n",
+                          client_addr(get_client_fd(),addr,sizeof(addr)) ) );
+               (void)srv_send_smb(smbd_server_fd(),(char *)buf,false);
+               exit_server_cleanly("connection denied");
+       }
+
        max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
 
        while (True) {


-- 
Samba Shared Repository

[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-4272-gf1c0d56

Reply via email to