From 9ee7017a3abb868f9bd15b79ebb9e1654780d131 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Fri, 23 Sep 2011 06:37:35 +0200 Subject: [PATCH] s3:smbd: disconnect the socket if we got an unexpected request If we got a SMB2_OP_NEGPROT after the protocol is already negotiated or if we got a non SMB2_OP_NEGPROT before the protocol was negotiated we should close the connection (as windows does). metze Autobuild-User: Stefan Metzmacher Autobuild-Date: Fri Sep 23 12:30:50 CEST 2011 on sn-devel-104 (cherry picked from commit 5494856294384df4360d85e68abc03c43dc16e06) (cherry picked from commit 8d54841f640212a5c3d026df3fbfd1f7c99ac7f7) --- source3/smbd/smb2_negprot.c | 1 - source3/smbd/smb2_server.c | 20 ++++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/source3/smbd/smb2_negprot.c b/source3/smbd/smb2_negprot.c index 414f5905404..a9d432ac76d 100644 --- a/source3/smbd/smb2_negprot.c +++ b/source3/smbd/smb2_negprot.c @@ -81,7 +81,6 @@ NTSTATUS smbd_smb2_request_process_negprot(struct smbd_smb2_request *req) uint32_t max_read = lp_smb2_max_read(); uint32_t max_write = lp_smb2_max_write(); -/* TODO: drop the connection with INVALID_PARAMETER */ status = smbd_smb2_request_verify_sizes(req, 0x24); if (!NT_STATUS_IS_OK(status)) { diff --git a/source3/smbd/smb2_server.c b/source3/smbd/smb2_server.c index 0d22d84deee..1c50d217765 100644 --- a/source3/smbd/smb2_server.c +++ b/source3/smbd/smb2_server.c @@ -1203,6 +1203,26 @@ NTSTATUS smbd_smb2_request_dispatch(struct smbd_smb2_request *req) smb2_opcode_name(opcode), (unsigned long long)mid)); + if (get_Protocol() >= PROTOCOL_SMB2) { + /* + * once the protocol is negotiated + * SMB2_OP_NEGPROT is not allowed anymore + */ + if (opcode == SMB2_OP_NEGPROT) { + /* drop the connection */ + return NT_STATUS_INVALID_PARAMETER; + } + } else { + /* + * if the protocol is not negotiated yet + * only SMB2_OP_NEGPROT is allowed. + */ + if (opcode != SMB2_OP_NEGPROT) { + /* drop the connection */ + return NT_STATUS_INVALID_PARAMETER; + } + } + allowed_flags = SMB2_HDR_FLAG_CHAINED | SMB2_HDR_FLAG_SIGNED | SMB2_HDR_FLAG_DFS; -- 2.11.4.GIT