*/
struct bitmap *bitmap;
bool multicredit;
+
+ /*
+ * See Samba bug 10839.
+ *
+ * According to [MS-SMB2] 3.2.4.1.5 Sending
+ * Multi-Credit Requests:
+ *
+ * > For all other requests, the client MUST set
+ * > CreditCharge to 1, even if the payload size of a
+ * > request or the anticipated response is greater
+ * > than 65536
+ *
+ * For notify, getinfo and setinfo we can only check
+ * for 1 credit and ignore in_output_buffer_length
+ * here.
+ */
+ bool ignore_broken_multicredit;
} credits;
bool allow_2ff;
uint64_t in_file_id_volatile;
struct files_struct *in_fsp;
struct tevent_req *subreq;
+ uint32_t credit_charge;
status = smbd_smb2_request_verify_sizes(req, 0x29);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
- status = smbd_smb2_request_verify_creditcharge(req,
- MAX(in_input_buffer.length,in_output_buffer_length));
+ credit_charge = MAX(in_input_buffer.length, in_output_buffer_length);
+ if (xconn->smb2.credits.ignore_broken_multicredit) {
+ /*
+ * see comment in globals.h where ignore_broken_multicredit
+ * is defined
+ */
+ credit_charge = 65536;
+ }
+
+ status = smbd_smb2_request_verify_creditcharge(req, credit_charge);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
xconn->smb2.server.max_read = max_read;
xconn->smb2.server.max_write = max_write;
+ xconn->smb2.credits.ignore_broken_multicredit =
+ lp_parm_bool(-1, "smbd", "ignore broken multicredit",
+ false);
+
if (xconn->protocol < PROTOCOL_SMB2_10) {
/*
* SMB2_02 doesn't support client guids
struct files_struct *in_fsp;
uint64_t in_completion_filter;
struct tevent_req *subreq;
+ uint32_t credit_charge;
status = smbd_smb2_request_verify_sizes(req, 0x20);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
- status = smbd_smb2_request_verify_creditcharge(req,
- in_output_buffer_length);
+ credit_charge = in_output_buffer_length;
+ if (xconn->smb2.credits.ignore_broken_multicredit) {
+ /*
+ * see comment in globals.h where ignore_broken_multicredit
+ * is defined
+ */
+ credit_charge = 65536;
+ }
+ status = smbd_smb2_request_verify_creditcharge(req, credit_charge);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}
uint64_t in_file_id_volatile;
struct files_struct *in_fsp;
struct tevent_req *subreq;
+ uint32_t credit_charge;
status = smbd_smb2_request_verify_sizes(req, 0x21);
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
}
- status = smbd_smb2_request_verify_creditcharge(req,
- in_input_buffer.length);
+ credit_charge = in_input_buffer.length;
+ if (xconn->smb2.credits.ignore_broken_multicredit) {
+ /*
+ * see comment in globals.h where ignore_broken_multicredit
+ * is defined
+ */
+ credit_charge = 65536;
+ }
+
+ status = smbd_smb2_request_verify_creditcharge(req, credit_charge);
+ if (!NT_STATUS_IS_OK(status)) {
+ return smbd_smb2_request_error(req, status);
+ }
+
if (!NT_STATUS_IS_OK(status)) {
return smbd_smb2_request_error(req, status);
}