From 4604219ceba96955b3c4bf6ab31aa70c11442d61 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher Date: Wed, 26 Sep 2012 03:04:20 +0200 Subject: [PATCH] s3:smb2_create: don't take 'state->te' as indication for "was_deferred" (bug #9196) We always set state->te = NULL of TALLOC_FREE(state->te), before calling smbd_smb2_request_dispatch(), so open_was_deferred_smb2() always returned false, while dispatching it again. But it's remove_deferred_open_message_smb2_internal() which should reset this state. In developer mode validate_my_share_entries() did call smb_panic() before. metze --- source3/smbd/smb2_create.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/source3/smbd/smb2_create.c b/source3/smbd/smb2_create.c index 9318a83f489..812d9db1c05 100644 --- a/source3/smbd/smb2_create.c +++ b/source3/smbd/smb2_create.c @@ -377,6 +377,7 @@ static void smbd_smb2_request_create_done(struct tevent_req *tsubreq) struct smbd_smb2_create_state { struct smbd_smb2_request *smb2req; struct smb_request *smb1req; + bool open_was_deferred; struct timed_event *te; struct tevent_immediate *im; struct timeval request_time; @@ -1204,7 +1205,7 @@ bool open_was_deferred_smb2(struct smbd_server_connection *sconn, uint64_t mid) return false; } /* It's not in progress if there's no timeout event. */ - if (!state->te) { + if (!state->open_was_deferred) { return false; } @@ -1235,6 +1236,7 @@ static void remove_deferred_open_message_smb2_internal(struct smbd_smb2_request "mid %llu\n", (unsigned long long)mid )); + state->open_was_deferred = false; /* Ensure we don't have any outstanding timer event. */ TALLOC_FREE(state->te); /* Ensure we don't have any outstanding immediate event. */ @@ -1457,6 +1459,7 @@ bool push_deferred_open_message_smb2(struct smbd_smb2_request *smb2req, &end_time, true) )); + state->open_was_deferred = true; state->te = tevent_add_timer(smb2req->sconn->ev_ctx, state, end_time, -- 2.11.4.GIT