[SCM] Samba Shared Repository - branch master updated

Wed, 24 Feb 2010 18:14:19 -0800 

The branch, master has been updated
       via  d1950d6... Make conn_close_all() safe to call from SMB2 sessions 
(fix crash bug).
      from  3c20251... s4:ldb Fix segfault in ldbsearch store_referral callback

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit d1950d66c4ed38918323bdb8c0bb11700a47bdc3
Author: Jeremy Allison <[email protected]>
Date:   Wed Feb 24 18:11:07 2010 -0800

    Make conn_close_all() safe to call from SMB2 sessions (fix crash bug).
    
    Ensure we don't call close_cnum() with SMB2, also talloc_move the
    compat_conn pointer from the NULL context onto the tcon context
    in SMB2 as it's conceptually owned by that pointer.
    
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/conn.c      |   27 +++++++++++++++++++--------
 source3/smbd/smb2_tcon.c |    6 ++++--
 2 files changed, 23 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/conn.c b/source3/smbd/conn.c
index 959fcd7..51f880d 100644
--- a/source3/smbd/conn.c
+++ b/source3/smbd/conn.c
@@ -177,15 +177,26 @@ return true if any were closed
 ****************************************************************************/
 bool conn_close_all(struct smbd_server_connection *sconn)
 {
-       connection_struct *conn, *next;
-       bool ret = false;
-       for (conn=sconn->smb1.tcons.Connections;conn;conn=next) {
-               next=conn->next;
-               set_current_service(conn, 0, True);
-               close_cnum(conn, conn->vuid);
-               ret = true;
+       if (sconn->allow_smb2) {
+               /* SMB2 */
+               if (sconn->smb2.sessions.list &&
+                               sconn->smb2.sessions.list->tcons.list) {
+                       return true;
+               }
+               return false;
+       } else {
+               /* SMB1 */
+               connection_struct *conn, *next;
+               bool ret = false;
+
+               for (conn=sconn->smb1.tcons.Connections;conn;conn=next) {
+                       next=conn->next;
+                       set_current_service(conn, 0, True);
+                       close_cnum(conn, conn->vuid);
+                       ret = true;
+               }
+               return ret;
        }
-       return ret;
 }
 
 /****************************************************************************
diff --git a/source3/smbd/smb2_tcon.c b/source3/smbd/smb2_tcon.c
index 70c5e88..bd33007 100644
--- a/source3/smbd/smb2_tcon.c
+++ b/source3/smbd/smb2_tcon.c
@@ -150,6 +150,7 @@ static NTSTATUS smbd_smb2_tree_connect(struct 
smbd_smb2_request *req,
        fstring service;
        int snum = -1;
        struct smbd_smb2_tcon *tcon;
+       connection_struct *compat_conn = NULL;
        int id;
        NTSTATUS status;
 
@@ -196,14 +197,15 @@ static NTSTATUS smbd_smb2_tree_connect(struct 
smbd_smb2_request *req,
        tcon->session = req->session;
        talloc_set_destructor(tcon, smbd_smb2_tcon_destructor);
 
-       tcon->compat_conn = make_connection_snum(req->sconn,
+       compat_conn = make_connection_snum(req->sconn,
                                        snum, req->session->compat_vuser,
                                        data_blob_null, "???",
                                        &status);
-       if (tcon->compat_conn == NULL) {
+       if (compat_conn == NULL) {
                TALLOC_FREE(tcon);
                return status;
        }
+       tcon->compat_conn = talloc_move(tcon, &compat_conn);
        tcon->compat_conn->cnum = tcon->tid;
 
        *out_share_type = 0x01;


-- 
Samba Shared Repository

Reply via email to