Before we send the secondary requests we need to remove the
old mid=>seqnum mapping and reset cli->mid and make the new
mid=>seqnum mapping "persistent".
The bug we had in cli_send_trans was this:
The first cli_send_smb() incremented cli->mid
and the secondary requests used the incremented mid,
but as cli->outbuf still had the correct mid,
we send the correct mid to the server. The real problem
was that the cli_send_smb() function stored the seqnum
under the wrong mid.
cli_send_nttrans() was totally broken and now follows the
same logic as cli_send_trans().
The good thing is that in practice the problem is unlikely to happen,
because max_xmit is large enough to avoid secondary requests.
metze
(cherry picked from commit
880fbc4e8cd67de73c4bcda94489eb1e1422a04b)
(cherry picked from commit
70466990b4b7c68ae95dbbcf741cd3f41f2dd0b3)
this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */
this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam));
this_lparam = MIN(lparam-tot_param,cli->max_xmit - 500); /* hack */
this_ldata = MIN(ldata-tot_data,cli->max_xmit - (500+this_lparam));
- client_set_trans_sign_state_off(cli, mid);
- client_set_trans_sign_state_on(cli, mid);
-
cli_set_message(cli->outbuf,trans==SMBtrans?8:9,0,True);
SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2));
cli_set_message(cli->outbuf,trans==SMBtrans?8:9,0,True);
SCVAL(cli->outbuf,smb_com,(trans==SMBtrans ? SMBtranss : SMBtranss2));
memcpy(outdata,data+tot_data,this_ldata);
cli_setup_bcc(cli, outdata+this_ldata);
memcpy(outdata,data+tot_data,this_ldata);
cli_setup_bcc(cli, outdata+this_ldata);
- /*
- * Save the mid we're using. We need this for finding
- * signing replies.
- */
- mid = cli->mid;
-
+
+ client_set_trans_sign_state_off(cli, mid);
+ cli->mid = mid;
if (!cli_send_smb(cli)) {
if (!cli_send_smb(cli)) {
- client_set_trans_sign_state_off(cli, mid);
-
- /* Ensure we use the same mid for the secondaries. */
- cli->mid = mid;
+ client_set_trans_sign_state_on(cli, mid);
tot_data += this_ldata;
tot_param += this_lparam;
tot_data += this_ldata;
tot_param += this_lparam;
memcpy(outdata,data+tot_data,this_ldata);
cli_setup_bcc(cli, outdata+this_ldata);
memcpy(outdata,data+tot_data,this_ldata);
cli_setup_bcc(cli, outdata+this_ldata);
- /*
- * Save the mid we're using. We need this for finding
- * signing replies.
- */
- mid = cli->mid;
-
+ client_set_trans_sign_state_off(cli, mid);
+ cli->mid = mid;
if (!cli_send_smb(cli)) {
if (!cli_send_smb(cli)) {
- client_set_trans_sign_state_off(cli, mid);
-
- /* Ensure we use the same mid for the secondaries. */
- cli->mid = mid;
+ client_set_trans_sign_state_on(cli, mid);
tot_data += this_ldata;
tot_param += this_lparam;
tot_data += this_ldata;
tot_param += this_lparam;