From 4b6e5b7e695b15d391d79730b280dfd0d4cee8ab Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Thu, 1 Jun 2006 16:39:40 +0000 Subject: [PATCH] DEVEL15-windows-smb-mods-20060524 Prevent smb_FindVCP from returning dead virtual circuits Treat "*." as an alias for "all" (cherry picked from commit b753ef7265b1970d1e38f3c65532af929102e1d6) --- src/WINNT/afsd/smb.c | 11 +++++------ src/WINNT/afsd/smb3.c | 7 +++++-- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/src/WINNT/afsd/smb.c b/src/WINNT/afsd/smb.c index 5423c20099..89ab3def23 100644 --- a/src/WINNT/afsd/smb.c +++ b/src/WINNT/afsd/smb.c @@ -860,7 +860,8 @@ smb_vc_t *smb_FindVC(unsigned short lsn, int flags, int lana) osi_panic("afsd: invalid smb_vc_t detected in smb_allVCsp", __FILE__, __LINE__); - if (lsn == vcp->lsn && lana == vcp->lana) { + if (lsn == vcp->lsn && lana == vcp->lana && + !(vcp->flags & SMB_VCFLAG_ALREADYDEAD)) { smb_HoldVCNoLock(vcp); break; } @@ -1095,10 +1096,6 @@ void smb_CleanupDeadVC(smb_vc_t *vcp) uidpNext = vcp->usersp; } - lock_ObtainMutex(&vcp->mx); - vcp->flags &= ~SMB_VCFLAG_CLEAN_IN_PROGRESS; - lock_ReleaseMutex(&vcp->mx); - /* The vcp is now on the deadVCsp list. We intentionally drop the * reference so that the refcount can reach 0 and we can delete it */ smb_ReleaseVCNoLock(vcp); @@ -7731,6 +7728,8 @@ void smb_Server(VOID *parmp) * then we are in big trouble. This means either : * a) we have the wrong NCB. * b) Netbios screwed up the call. + * c) The VC was already marked dead before we were able to + * process the call * Obviously this implies that * ( LSNs[idx_session] != ncbp->ncb_lsn || * lanas[idx_session] != ncbp->ncb_lana_num ) @@ -7745,7 +7744,7 @@ void smb_Server(VOID *parmp) ncbp->ncb_lana_num); /* Also log in the trace log. */ - osi_Log4(smb_logp, "Server: BAD VCP!" + osi_Log4(smb_logp, "Server: VCP does not exist!" "LSNs[idx_session]=[%d]," "lanas[idx_session]=[%d]," "ncbp->ncb_lsn=[%d]," diff --git a/src/WINNT/afsd/smb3.c b/src/WINNT/afsd/smb3.c index fe174afa91..6489e3b9ad 100644 --- a/src/WINNT/afsd/smb3.c +++ b/src/WINNT/afsd/smb3.c @@ -1027,6 +1027,8 @@ long smb_ReceiveV3TreeConnectX(smb_vc_t *vcp, smb_packet_t *inp, smb_packet_t *o tidp = smb_FindTID(vcp, newTid, SMB_FLAG_CREATE); if (!ipc) { + if (!strcmp(shareName, "*.")) + strcpy(shareName, "all"); shareFound = smb_FindShare(vcp, uidp, shareName, &sharePath); if (!shareFound) { smb_ReleaseUID(uidp); @@ -1669,7 +1671,7 @@ long smb_ReceiveRAPNetShareGetInfo(smb_vc_t *vcp, smb_tran2Packet_t *p, smb_pack outp = smb_GetTran2ResponsePacket(vcp, p, op, totalParam, totalData); - if(!stricmp(shareName,"all")) { + if(!stricmp(shareName,"all") || !strcmp(shareName,"*.")) { rv = RegOpenKeyEx(HKEY_LOCAL_MACHINE, AFSREG_CLT_SVC_PARAM_SUBKEY, 0, KEY_QUERY_VALUE, &hkParam); if (rv == ERROR_SUCCESS) { @@ -3228,7 +3230,8 @@ smb_ReceiveTran2GetDFSReferral(smb_vc_t *vcp, smb_tran2Packet_t *p, smb_packet_t requestFileName[0] == '\\' && !_strnicmp(cm_NetbiosName,&requestFileName[1],nbnLen) && requestFileName[nbnLen+1] == '\\' && - !_strnicmp("all",&requestFileName[nbnLen+2],3)) + (!_strnicmp("all",&requestFileName[nbnLen+2],3) || + !_strnicmp("*.",&requestFileName[nbnLen+2],2))) { USHORT * sp; struct smb_v2_referral * v2ref;