[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 97e7c3b s3-selftest: convert xattr-tdb-1 vfstest driver into a
subunit test
via 748d8f5 s3-selftest: convert stream_depot vfstest driver into a
subunit test
via 08baa11 fix printf warning in net connections
via 31980cf s3:utils: remove standalone cclean tool
via 37ed821 s3:doc manpage for "net connections cleanup"
via 1c2bae0 s3:net add command "connections cleanup"
from 65976d6 s3-vfs: Set errno in xattr emulation
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 97e7c3b8bd84edd69f6344249b24ae64e2a8b0fe
Author: Andrew Bartlett
Date: Thu Aug 16 08:55:43 2012 +1000
s3-selftest: convert xattr-tdb-1 vfstest driver into a subunit test
We don't use the simple smb.conf because we need to override all the
paths for this to work as non-root without a panic, so we use the s3dc
environment, which already loads this module.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett
Autobuild-Date(master): Thu Aug 16 02:55:19 CEST 2012 on sn-devel-104
commit 748d8f5310501bb585c9be1b261554ec690a3132
Author: Andrew Bartlett
Date: Thu Aug 16 08:37:54 2012 +1000
s3-selftest: convert stream_depot vfstest driver into a subunit test
This gives us our first automated coverage of the vfstest binary.
We don't use the simple smb.conf because we need to override all the
paths for this to work as non-root without a panic, so we use the s3dc
environment, which already loads this module.
Andrew Bartlett
commit 08baa11ab869551f61dc7a7d363587b70582ffeb
Author: Andrew Bartlett
Date: Thu Aug 16 07:47:57 2012 +1000
fix printf warning in net connections
commit 31980cf5cb9fd6238d1ed096e885410e85d5ac00
Author: Gregor Beck
Date: Fri Jul 13 15:31:16 2012 +0200
s3:utils: remove standalone cclean tool
Signed-off-by: Andrew Bartlett
commit 37ed821798a0c141efe01096f3669f8fb9a62928
Author: Gregor Beck
Date: Mon Jul 16 15:10:46 2012 +0200
s3:doc manpage for "net connections cleanup"
Signed-off-by: Andrew Bartlett
commit 1c2bae062d202c69d5b92b634f6b9ced3ea2a0ba
Author: Gregor Beck
Date: Mon Jul 16 09:34:15 2012 +0200
s3:net add command "connections cleanup"
Signed-off-by: Andrew Bartlett
---
Summary of changes:
docs-xml/manpages-3/net.8.xml | 39 +++
packaging/RHEL-CTDB/samba.spec.tmpl |1 -
source3/Makefile.in | 14 +--
source3/script/tests/stream-depot/run.sh | 37 ++-
source3/script/tests/stream-depot/smb.conf|5 -
source3/script/tests/xattr-tdb-1/run.sh | 55 +-
source3/script/tests/xattr-tdb-1/smb.conf |5 -
source3/selftest/tests.py |5 +
source3/utils/net.c |7 ++
source3/utils/{cclean.c => net_connections.c} | 144 ++---
source3/utils/net_proto.h |4 +
source3/wscript_build | 14 +---
12 files changed, 196 insertions(+), 134 deletions(-)
delete mode 100644 source3/script/tests/stream-depot/smb.conf
delete mode 100644 source3/script/tests/xattr-tdb-1/smb.conf
rename source3/utils/{cclean.c => net_connections.c} (64%)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages-3/net.8.xml b/docs-xml/manpages-3/net.8.xml
index c85f87f..7a7ca6d 100644
--- a/docs-xml/manpages-3/net.8.xml
+++ b/docs-xml/manpages-3/net.8.xml
@@ -2112,6 +2112,45 @@ string.
+CONNECTIONS
+
+Manipulate Samba's connections database.
+
+
+The registry commands are:
+
+net connections cleanup - Remove orphaned entries from the connections
database.
+
+
+
+
+ CONNECTIONS CLEANUP [-avT]
+ Remove orphaned entries from the connections database. This may be
necessary if restarting smbd isn't an option.
+
+-a|--auto
+
+ Noninteractive mode, don't ask.
+
+
+
+-v|--verbose
+
+ Produce more output.
+
+
+
+-T|--test
+
+ Dry run, show what changes would be made but don't touch anything.
+
+
+
+
+
+
+
+
+
EVENTLOG
Starting with version 3.4.0 net can read, dump, import and export native
diff --git a/packaging/RHEL-CTDB/samba.spec.tmpl
b/packaging/RHEL-CTDB/samba.spec.tmpl
index 7d68d27..a9111d2 100644
--- a/packaging/RHEL-CTDB/samba.spec.tmpl
+++ b/packaging/RHEL-CTDB/samba.spec.tmpl
@@ -399,7 +399,6 @@ exit 0
%{_bindir}/tdbdump
%{_bindir}/tdbrestore
%{_bindir}/eventlogadm
-%{_bindir}/cclean
%{_libarchdir}/samba/auth/script.so
%{_libarchdir}/samba/vfs/acl_tdb.so
diff --git a/source3/Makefile.in b/source3/Makefile.in
index 2635cfa..38e8bb1 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -212,7 +212,7 @@ SBIN_PROGS = bin/smbd bin/
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 10d2193 Fix smbclient/tarmode panic on connecting to Windows 2000
clients.
from 5c0a169 s3-auth Use correct RID for domain guests primary group
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 10d21935d69579f381f85cdd19883f57b8030fef
Author: Salvador I. Gonzalez
Date: Sat Aug 11 13:46:41 2012 -0400
Fix smbclient/tarmode panic on connecting to Windows 2000 clients.
'Freed frame ../source3/libsmb/clilist.c:934, expected
../source3/client/clitar.c:821'
Cause: (strequal(finfo->name,"..") || strequal(finfo->name,"."))
evaluates to true, do_tar returns without freeing ctx
Fix bug #9088 - [PATCH] Freed frame ../source3/libsmb/clilist.c:934,
expected
../source3/client/clitar.c:821.
---
Summary of changes:
source3/client/clitar.c | 27 +++
1 files changed, 19 insertions(+), 8 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/client/clitar.c b/source3/client/clitar.c
index b658688..9a40c3e 100644
--- a/source3/client/clitar.c
+++ b/source3/client/clitar.c
@@ -837,8 +837,10 @@ static NTSTATUS do_tar(struct cli_state *cli_state, struct
file_info *finfo,
TALLOC_CTX *ctx = talloc_stackframe();
NTSTATUS status = NT_STATUS_OK;
- if (strequal(finfo->name,"..") || strequal(finfo->name,"."))
- return NT_STATUS_OK;
+ if (strequal(finfo->name,"..") || strequal(finfo->name,".")) {
+ status = NT_STATUS_OK;
+ goto cleanup;
+ }
/* Is it on the exclude list ? */
if (!tar_excl && clipn) {
@@ -851,7 +853,8 @@ static NTSTATUS do_tar(struct cli_state *cli_state, struct
file_info *finfo,
client_get_cur_dir(),
finfo->name);
if (!exclaim) {
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto cleanup;
}
DEBUG(5, ("...tar_re_search: %d\n", tar_re_search));
@@ -860,7 +863,8 @@ static NTSTATUS do_tar(struct cli_state *cli_state, struct
file_info *finfo,
(tar_re_search && mask_match_list(exclaim,
cliplist, clipn, True))) {
DEBUG(3,("Skipping file %s\n", exclaim));
TALLOC_FREE(exclaim);
- return NT_STATUS_OK;
+ status = NT_STATUS_OK;
+ goto cleanup;
}
TALLOC_FREE(exclaim);
}
@@ -872,7 +876,8 @@ static NTSTATUS do_tar(struct cli_state *cli_state, struct
file_info *finfo,
saved_curdir = talloc_strdup(ctx, client_get_cur_dir());
if (!saved_curdir) {
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto cleanup;
}
DEBUG(5, ("strlen(cur_dir)=%d, \
@@ -885,7 +890,8 @@ strlen(finfo->name)=%d\nname=%s,cur_dir=%s\n",
client_get_cur_dir(),
finfo->name);
if (!new_cd) {
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto cleanup;
}
client_set_cur_dir(new_cd);
@@ -904,7 +910,8 @@ strlen(finfo->name)=%d\nname=%s,cur_dir=%s\n",
"%s*",
client_get_cur_dir());
if (!mtar_mask) {
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto cleanup;
}
DEBUG(5, ("Doing list with mtar_mask: %s\n", mtar_mask));
do_list(mtar_mask, attribute, do_tar, False, True);
@@ -918,11 +925,15 @@ strlen(finfo->name)=%d\nname=%s,cur_dir=%s\n",
client_get_cur_dir(),
finfo->name);
if (!rname) {
- return NT_STATUS_NO_MEMORY;
+ status = NT_STATUS_NO_MEMORY;
+ goto cleanup;
}
status = do_atar(rname,finfo->name,finfo);
TALLOC_FREE(rname);
}
+
+ cleanup:
+ TALLOC_FREE(ctx);
return status;
}
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated via 5c0a169 s3-auth Use correct RID for domain guests primary group from 68aedaf Revert "s3:auth make sure the primary group sid is usable" http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test - Log - commit 5c0a169275ccf046190a0d08d93fc37e6b9bcf75 Author: Andrew Bartlett Date: Sun Jul 15 14:38:18 2012 +1000 s3-auth Use correct RID for domain guests primary group This was incorrect in commit 9dd7e7fc2d6d1aa7f3c3b741ac134e087ce808fd as the RID was from the BUILTIN domain, but this creates a guest account token for the real domain. Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Thu Jul 19 05:56:28 CEST 2012 on sn-devel-104 Fix bug #9067 - Domain Guest have wrong primary group RID. --- Summary of changes: source3/auth/auth_util.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c index cb1d319..fc93641 100644 --- a/source3/auth/auth_util.c +++ b/source3/auth/auth_util.c @@ -734,7 +734,7 @@ static NTSTATUS get_guest_info3(TALLOC_CTX *mem_ctx, info3->base.rid = DOMAIN_RID_GUEST; /* Primary gid */ - info3->base.primary_gid = BUILTIN_RID_GUESTS; + info3->base.primary_gid = DOMAIN_RID_GUESTS; TALLOC_FREE(pwd); return NT_STATUS_OK; -- Samba Shared Repository
[SCM] Samba Shared Repository - branch v3-6-test updated
The branch, v3-6-test has been updated
via 68aedaf Revert "s3:auth make sure the primary group sid is usable"
from d80fbbe s3: Fix a crash in reply_lockingX_error
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test
- Log -
commit 68aedaf59787971cd9520cef3a345d99da079ca3
Author: Andrew Bartlett
Date: Sun Jul 15 12:22:44 2012 +1000
Revert "s3:auth make sure the primary group sid is usable"
This reverts commit 00089fd74af740f832573d904312854e494a869e.
The issue with this patch, which I did sign off on, is that for the
domain member case, we already know that the SID is reasonable and
valid, and we indeed rely on that, because we keep it as an additonal
group anyway. The primary group is not so special that we need to do
extra validation.
Calling this function may put a user into the domain 'domain users'
group, even if they are not in that group to start with.
Andrew Bartlett
Fix bug #9066 - Domain Users incorrectly added as addition group on domain
members.
---
Summary of changes:
source3/auth/auth_util.c | 43 +--
1 files changed, 13 insertions(+), 30 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index c7e266a..cb1d319 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -1250,11 +1250,11 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
char *found_username = NULL;
const char *nt_domain;
const char *nt_username;
+ struct dom_sid user_sid;
+ struct dom_sid group_sid;
bool username_was_mapped;
struct passwd *pwd;
struct auth_serversupplied_info *result;
- struct dom_sid *group_sid;
- struct netr_SamInfo3 *i3;
/*
Here is where we should check the list of
@@ -1262,6 +1262,15 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
matches.
*/
+ if (!sid_compose(&user_sid, info3->base.domain_sid, info3->base.rid)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!sid_compose(&group_sid, info3->base.domain_sid,
+info3->base.primary_gid)) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
nt_username = talloc_strdup(mem_ctx, info3->base.account_name.string);
if (!nt_username) {
/* If the server didn't give us one, just use the one we sent
@@ -1313,43 +1322,17 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
}
/* copy in the info3 */
- result->info3 = i3 = copy_netr_SamInfo3(result, info3);
+ result->info3 = copy_netr_SamInfo3(result, info3);
if (result->info3 == NULL) {
TALLOC_FREE(result);
return NT_STATUS_NO_MEMORY;
}
/* Fill in the unix info we found on the way */
+
result->utok.uid = pwd->pw_uid;
result->utok.gid = pwd->pw_gid;
- /* We can't just trust that the primary group sid sent us is something
-* we can really use. Obtain the useable sid, and store the original
-* one as an additional group if it had to be replaced */
- nt_status = get_primary_group_sid(mem_ctx, found_username,
- &pwd, &group_sid);
- if (!NT_STATUS_IS_OK(nt_status)) {
- TALLOC_FREE(result);
- return nt_status;
- }
-
- /* store and check if it is the same we got originally */
- sid_peek_rid(group_sid, &i3->base.primary_gid);
- if (i3->base.primary_gid != info3->base.primary_gid) {
- uint32_t n = i3->base.groups.count;
- /* not the same, store the original as an additional group */
- i3->base.groups.rids =
- talloc_realloc(i3, i3->base.groups.rids,
- struct samr_RidWithAttribute, n + 1);
- if (i3->base.groups.rids == NULL) {
- TALLOC_FREE(result);
- return NT_STATUS_NO_MEMORY;
- }
- i3->base.groups.rids[n].rid = info3->base.primary_gid;
- i3->base.groups.rids[n].attributes = SE_GROUP_ENABLED;
- i3->base.groups.count = n + 1;
- }
-
/* ensure we are never given NULL session keys */
if (memcmp(info3->base.key.key, zeros, sizeof(zeros)) == 0) {
--
Samba Shared Repository
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via 65976d6 s3-vfs: Set errno in xattr emulation
via cc3bdaa s3-vfs: Avoid loops in VFS modules: call _NEXT functions in
xattr emulation
via 898c5e1 s3-vfs: ensure we strictly free the talloc_stackframe
via f9b9433 s4-selftest: Fix test name for samba.tests.dcerpc.bare
via fd42bc1 librpc/idl: Make smb_acl_t public so we can pull/push it as
a blob
from d2d5fb1 libcli/smb: verify decrypted SMB2 pdus correctly
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit 65976d680acd48aa9f59664f715fa9ce40185955
Author: Andrew Bartlett
Date: Wed Aug 15 22:22:26 2012 +1000
s3-vfs: Set errno in xattr emulation
The caller may check this errno.
Andrew Bartlett
Autobuild-User(master): Andrew Bartlett
Autobuild-Date(master): Wed Aug 15 18:05:33 CEST 2012 on sn-devel-104
commit cc3bdaaf0a5586e0f840466719f9f8387c5cddd0
Author: Andrew Bartlett
Date: Wed Aug 15 22:21:48 2012 +1000
s3-vfs: Avoid loops in VFS modules: call _NEXT functions in xattr emulation
We need to call the next module in the stack otherwise we will loop if
the stat call is in turn implemented in terms of extended attribute
lookup.
Andrew Bartlett
commit 898c5e140ddca47eac9e2150fb571d6eac3ed7d2
Author: Andrew Bartlett
Date: Wed Aug 15 21:22:18 2012 +1000
s3-vfs: ensure we strictly free the talloc_stackframe
We must do this when leaving the function or else in development, we
will panic.
Andrew Bartlett
commit f9b9433b752a663cdfda03967bd969cac5cf16bf
Author: Andrew Bartlett
Date: Wed Aug 15 20:33:46 2012 +1000
s4-selftest: Fix test name for samba.tests.dcerpc.bare
commit fd42bc1846929d163cdf25a0e66feba16bffc442
Author: Andrew Bartlett
Date: Wed Aug 15 20:33:27 2012 +1000
librpc/idl: Make smb_acl_t public so we can pull/push it as a blob
---
Summary of changes:
librpc/idl/smb_acl.idl |2 +-
source3/modules/vfs_posix_eadb.c |9 +++--
source3/modules/vfs_xattr_tdb.c| 16 +---
source3/modules/wscript_build |9 +
.../scripting/python/samba/tests/dcerpc/bare.py|2 +-
5 files changed, 27 insertions(+), 11 deletions(-)
Changeset truncated at 500 lines:
diff --git a/librpc/idl/smb_acl.idl b/librpc/idl/smb_acl.idl
index 9586958..856312f 100644
--- a/librpc/idl/smb_acl.idl
+++ b/librpc/idl/smb_acl.idl
@@ -48,7 +48,7 @@ interface smb_acl
gid_t gid;
} smb_acl_entry;
- typedef struct {
+ [public] typedef struct {
int size;
int count;
int next;
diff --git a/source3/modules/vfs_posix_eadb.c b/source3/modules/vfs_posix_eadb.c
index e1b90ff..fff7c11 100644
--- a/source3/modules/vfs_posix_eadb.c
+++ b/source3/modules/vfs_posix_eadb.c
@@ -52,6 +52,11 @@ static ssize_t posix_eadb_getattr(struct tdb_wrap *db_ctx,
status = pull_xattr_blob_tdb_raw(db_ctx, talloc_tos(), name, fname, fd,
size, &blob);
+ if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
+ errno = ENOATTR;
+ return -1;
+ }
+
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("posix_eadb_fetch_attrs failed: %s\n",
nt_errstr(status)));
@@ -293,9 +298,9 @@ static int posix_eadb_unlink(vfs_handle_struct *handle,
}
if (lp_posix_pathnames()) {
- ret = SMB_VFS_LSTAT(handle->conn, smb_fname_tmp);
+ ret = SMB_VFS_NEXT_LSTAT(handle, smb_fname_tmp);
} else {
- ret = SMB_VFS_STAT(handle->conn, smb_fname_tmp);
+ ret = SMB_VFS_NEXT_STAT(handle, smb_fname_tmp);
}
if (ret == -1) {
goto out;
diff --git a/source3/modules/vfs_xattr_tdb.c b/source3/modules/vfs_xattr_tdb.c
index 0352539..719ac0c 100644
--- a/source3/modules/vfs_xattr_tdb.c
+++ b/source3/modules/vfs_xattr_tdb.c
@@ -50,6 +50,7 @@ static ssize_t xattr_tdb_getxattr(struct vfs_handle_struct
*handle,
xattr_size = xattr_tdb_getattr(db, frame, &id, name, &blob);
if (xattr_size < 0) {
+ errno = ENOATTR;
TALLOC_FREE(frame);
return -1;
}
@@ -74,9 +75,9 @@ static ssize_t xattr_tdb_fgetxattr(struct vfs_handle_struct
*handle,
DATA_BLOB blob;
TALLOC_CTX *frame = talloc_stackframe();
- SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context, return -1);
+ SMB_VFS_HANDLE_GET_DATA(handle, db, struct db_context,
TALLOC_FREE(frame); return -1);
- if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
+ if (SMB_VFS_NEXT_FSTAT(handle, fsp, &sbuf) == -1) {
TALLOC_FREE(frame);
[SCM] Samba Shared Repository - branch master updated
The branch, master has been updated
via d2d5fb1 libcli/smb: verify decrypted SMB2 pdus correctly
via 7a7e9b1 libcli/smb: fix parsing of compounded messages within a
SMB2_TRANSFORM pdu
via 84f6b0f libcli/smb: fix smb2cli_req_compound_submit for multiple
encrypted messages
via b596a11 s3:smb2_server: do calculations based on
SMBD_SMB2_NUM_IOV_PER_REQ in smbd_smb2_request_validate()
via 7ffee47 libcli/smb: all flags except SMB2_HDR_FLAG_ASYNC should be
cleared in a cancel request.
from 24b1143 s3-sysacls: Remove sys_acl_free_qualifier() as it is a no-op
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -
commit d2d5fb1abfcb9d21fe2742d53de00c7638fad14d
Author: Stefan Metzmacher
Date: Tue Aug 14 09:35:59 2012 +0200
libcli/smb: verify decrypted SMB2 pdus correctly
We need to make sure we got a encrypted response if we asked
for it.
If we don't get a encrypted response, we use a similar logic
as with signing to propagated wellknown errors to the higher
layer and set state->smb2.signing_skipped = true.
metze
Autobuild-User(master): Stefan Metzmacher
Autobuild-Date(master): Wed Aug 15 16:26:26 CEST 2012 on sn-devel-104
commit 7a7e9b1c76f3967cc8cdae34e5d64759305e592a
Author: Stefan Metzmacher
Date: Tue Aug 14 09:33:01 2012 +0200
libcli/smb: fix parsing of compounded messages within a SMB2_TRANSFORM pdu
One SMB2_TRANSFORM pdu wraps multiple SMB2 pdus.
We inject the SMB2_TRANSFORM header to each response which was wrapped
inside. This allows the next layer to verify if the SMB2 pdu was encrypted.
metze
commit 84f6b0f962a9106e0c108cdcd5eb5a1599cd8097
Author: Stefan Metzmacher
Date: Tue Aug 14 09:30:43 2012 +0200
libcli/smb: fix smb2cli_req_compound_submit for multiple encrypted messages
There should be only one SMB2_TRANSFORM header for all compound requests.
metze
commit b596a116fd006bdc78bccef4dc5b9c9ad2807365
Author: Stefan Metzmacher
Date: Wed Aug 15 14:43:40 2012 +0200
s3:smb2_server: do calculations based on SMBD_SMB2_NUM_IOV_PER_REQ in
smbd_smb2_request_validate()
metze
commit 7ffee47bc6cc2039a32a527e19e4a76c257fc6b0
Author: Stefan Metzmacher
Date: Wed Aug 15 14:17:25 2012 +0200
libcli/smb: all flags except SMB2_HDR_FLAG_ASYNC should be cleared in a
cancel request.
metze
---
Summary of changes:
libcli/smb/smbXcli_base.c | 230 ++-
source3/smbd/smb2_server.c |6 +-
2 files changed, 163 insertions(+), 73 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/smb/smbXcli_base.c b/libcli/smb/smbXcli_base.c
index dad869c..45da5fd 100644
--- a/libcli/smb/smbXcli_base.c
+++ b/libcli/smb/smbXcli_base.c
@@ -243,6 +243,7 @@ struct smbXcli_req_state {
bool should_sign;
bool should_encrypt;
+ uint64_t encryption_session_id;
bool signing_skipped;
bool notify_async;
@@ -2422,6 +2423,12 @@ static bool smb2cli_req_cancel(struct tevent_req *req)
}
substate = tevent_req_data(subreq, struct smbXcli_req_state);
+ /*
+* clear everything but the SMB2_HDR_FLAG_ASYNC flag
+* e.g. if SMB2_HDR_FLAG_CHAINED is set we get INVALID_PARAMETER back
+*/
+ flags &= SMB2_HDR_FLAG_ASYNC;
+
if (flags & SMB2_HDR_FLAG_ASYNC) {
mid = 0;
}
@@ -2595,14 +2602,17 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req
**reqs,
struct tevent_req *subreq;
struct iovec *iov;
int i, num_iov, nbt_len;
+ int tf_iov = -1;
+ const DATA_BLOB *encryption_key = NULL;
+ uint64_t encryption_session_id = 0;
/*
-* 1 for the nbt length
-* per request: TRANSFORM, HDR, fixed, dyn, padding
+* 1 for the nbt length, optional TRANSFORM
+* per request: HDR, fixed, dyn, padding
* -1 because the last one does not need padding
*/
- iov = talloc_array(reqs[0], struct iovec, 1 + 5*num_reqs - 1);
+ iov = talloc_array(reqs[0], struct iovec, 1 + 1 + 4*num_reqs - 1);
if (iov == NULL) {
return NT_STATUS_NO_MEMORY;
}
@@ -2610,8 +2620,65 @@ NTSTATUS smb2cli_req_compound_submit(struct tevent_req
**reqs,
num_iov = 1;
nbt_len = 0;
+ /*
+* the session of the first request that requires encryption
+* specifies the encryption key.
+*/
+ for (i=0; iconn)) {
+ return NT_STATUS_CONNECTION_DISCONNECTED;
+ }
+
+ if ((state->conn->protocol != PROTOCOL_NONE) &&
+ (state->conn->protocol < PROTOCOL_SMB2_02)) {
+ return NT_STATUS_
