r24009: Revert to the 3.0.25 logic for parsing the client's protocols. hpisgr8

with gcc still gives timeouts which worry me.

Volker
(This used to be commit c30835b4f0416b2b2b7d77d31b0fca0606f2387a)

diff --git a/source3/smbd/negprot.c b/source3/smbd/negprot.c
index 7602490c2d340e53c12c6a84720deb707e6cb7ee..a8578d56b537ae79f8afd88a8953e22289082cd0 100644 (file)
--- a/source3/smbd/negprot.c
+++ b/source3/smbd/negprot.c
@@ -511,6 +511,7 @@ void reply_negprot(connection_struct *conn, struct smb_request *req)
        int choice= -1;
        int protocol;
        char *p;
+       int bcc = SVAL(smb_buf(req->inbuf),-2);
        int arch = ARCH_ALL;
        int num_cliprotos;
        char **cliprotos;
@@ -533,23 +534,14 @@ void reply_negprot(connection_struct *conn, struct smb_request *req)
                return;
        }
 
-       p = smb_buf(req->inbuf);
+       p = smb_buf(req->inbuf) + 1;
 
        num_cliprotos = 0;
        cliprotos = NULL;
 
-       while (smb_bufrem(req->inbuf, p) > 0) {
-               char **tmp;
-
-               if (p[0] != 0x02) {
-                       DEBUG(3, ("Invalid string specifier %x, expected "
-                                 "0x02\n", (int)p[0]));
-                       reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
-                       END_PROFILE(SMBnegprot);
-                       return;
-               }
+       while (p < (smb_buf(req->inbuf) + bcc)) { 
 
-               p += 1; /* Skip the "0x02" */
+               char **tmp;
 
                tmp = TALLOC_REALLOC_ARRAY(tmp_talloc_ctx(), cliprotos, char *,
                                           num_cliprotos+1);
@@ -576,7 +568,7 @@ void reply_negprot(connection_struct *conn, struct smb_request *req)
                          cliprotos[num_cliprotos]));
 
                num_cliprotos += 1;
-               p += strlen(p) + 1;
+               p += strlen(p) + 2;
        }
 
        for (i=0; i<num_cliprotos; i++) {