2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol
;
32 unsigned int smb_echo_count
= 0;
33 extern uint32 global_client_caps
;
35 extern struct current_user current_user
;
36 extern bool global_encrypted_passwords_negotiated
;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS
check_path_syntax_internal(char *path
,
51 bool *p_last_component_contains_wcard
)
55 NTSTATUS ret
= NT_STATUS_OK
;
56 bool start_of_name_component
= True
;
58 *p_last_component_contains_wcard
= False
;
61 if (IS_PATH_SEP(*s
,posix_path
)) {
63 * Safe to assume is not the second part of a mb char
64 * as this is handled below.
66 /* Eat multiple '/' or '\\' */
67 while (IS_PATH_SEP(*s
,posix_path
)) {
70 if ((d
!= path
) && (*s
!= '\0')) {
71 /* We only care about non-leading or trailing '/' or '\\' */
75 start_of_name_component
= True
;
77 *p_last_component_contains_wcard
= False
;
81 if (start_of_name_component
) {
82 if ((s
[0] == '.') && (s
[1] == '.') && (IS_PATH_SEP(s
[2],posix_path
) || s
[2] == '\0')) {
83 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
86 * No mb char starts with '.' so we're safe checking the directory separator here.
89 /* If we just added a '/' - delete it */
90 if ((d
> path
) && (*(d
-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 ret
= NT_STATUS_OBJECT_PATH_SYNTAX_BAD
;
100 /* Go back one level... */
101 /* We know this is safe as '/' cannot be part of a mb sequence. */
102 /* NOTE - if this assumption is invalid we are not in good shape... */
103 /* Decrement d first as d points to the *next* char to write into. */
104 for (d
--; d
> path
; d
--) {
108 s
+= 2; /* Else go past the .. */
109 /* We're still at the start of a name component, just the previous one. */
112 } else if ((s
[0] == '.') && ((s
[1] == '\0') || IS_PATH_SEP(s
[1],posix_path
))) {
125 return NT_STATUS_OBJECT_NAME_INVALID
;
133 *p_last_component_contains_wcard
= True
;
142 /* Get the size of the next MB character. */
143 next_codepoint(s
,&siz
);
161 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
163 return NT_STATUS_INVALID_PARAMETER
;
166 start_of_name_component
= False
;
174 /****************************************************************************
175 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
176 No wildcards allowed.
177 ****************************************************************************/
179 NTSTATUS
check_path_syntax(char *path
)
182 return check_path_syntax_internal(path
, False
, &ignore
);
185 /****************************************************************************
186 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
187 Wildcards allowed - p_contains_wcard returns true if the last component contained
189 ****************************************************************************/
191 NTSTATUS
check_path_syntax_wcard(char *path
, bool *p_contains_wcard
)
193 return check_path_syntax_internal(path
, False
, p_contains_wcard
);
196 /****************************************************************************
197 Check the path for a POSIX client.
198 We're assuming here that '/' is not the second byte in any multibyte char
199 set (a safe assumption).
200 ****************************************************************************/
202 NTSTATUS
check_path_syntax_posix(char *path
)
205 return check_path_syntax_internal(path
, True
, &ignore
);
208 /****************************************************************************
209 Pull a string and check the path allowing a wilcard - provide for error return.
210 ****************************************************************************/
212 size_t srvstr_get_path_wcard(TALLOC_CTX
*ctx
,
220 bool *contains_wcard
)
227 ret
= srvstr_pull_buf_talloc(ctx
,
234 ret
= srvstr_pull_talloc(ctx
,
244 *err
= NT_STATUS_INVALID_PARAMETER
;
248 *contains_wcard
= False
;
250 if (smb_flags2
& FLAGS2_DFS_PATHNAMES
) {
252 * For a DFS path the function parse_dfs_path()
253 * will do the path processing, just make a copy.
259 if (lp_posix_pathnames()) {
260 *err
= check_path_syntax_posix(*pp_dest
);
262 *err
= check_path_syntax_wcard(*pp_dest
, contains_wcard
);
268 /****************************************************************************
269 Pull a string and check the path - provide for error return.
270 ****************************************************************************/
272 size_t srvstr_get_path(TALLOC_CTX
*ctx
,
286 ret
= srvstr_pull_buf_talloc(ctx
,
293 ret
= srvstr_pull_talloc(ctx
,
303 *err
= NT_STATUS_INVALID_PARAMETER
;
307 if (smb_flags2
& FLAGS2_DFS_PATHNAMES
) {
309 * For a DFS path the function parse_dfs_path()
310 * will do the path processing, just make a copy.
316 if (lp_posix_pathnames()) {
317 *err
= check_path_syntax_posix(*pp_dest
);
319 *err
= check_path_syntax(*pp_dest
);
325 /****************************************************************************
326 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
327 ****************************************************************************/
329 bool check_fsp_open(connection_struct
*conn
, struct smb_request
*req
,
330 files_struct
*fsp
, struct current_user
*user
)
332 if (!(fsp
) || !(conn
)) {
333 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
336 if (((conn
) != (fsp
)->conn
) || user
->vuid
!= (fsp
)->vuid
) {
337 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
343 /****************************************************************************
344 Check if we have a correct fsp pointing to a file. Replacement for the
346 ****************************************************************************/
348 bool check_fsp(connection_struct
*conn
, struct smb_request
*req
,
349 files_struct
*fsp
, struct current_user
*user
)
351 if (!check_fsp_open(conn
, req
, fsp
, user
)) {
354 if ((fsp
)->is_directory
) {
355 reply_nterror(req
, NT_STATUS_INVALID_DEVICE_REQUEST
);
358 if ((fsp
)->fh
->fd
== -1) {
359 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
362 (fsp
)->num_smb_operations
++;
366 /****************************************************************************
367 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
368 ****************************************************************************/
370 bool fsp_belongs_conn(connection_struct
*conn
, struct smb_request
*req
,
371 files_struct
*fsp
, struct current_user
*user
)
373 if ((fsp
) && (conn
) && ((conn
)==(fsp
)->conn
)
374 && (current_user
.vuid
==(fsp
)->vuid
)) {
378 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
382 /****************************************************************************
383 Reply to a (netbios-level) special message.
384 ****************************************************************************/
386 void reply_special(char *inbuf
)
388 int msg_type
= CVAL(inbuf
,0);
389 int msg_flags
= CVAL(inbuf
,1);
394 * We only really use 4 bytes of the outbuf, but for the smb_setlen
395 * calculation & friends (srv_send_smb uses that) we need the full smb
398 char outbuf
[smb_size
];
400 static bool already_got_session
= False
;
404 memset(outbuf
, '\0', sizeof(outbuf
));
406 smb_setlen(outbuf
,0);
409 case 0x81: /* session request */
411 if (already_got_session
) {
412 exit_server_cleanly("multiple session request not permitted");
415 SCVAL(outbuf
,0,0x82);
417 if (name_len(inbuf
+4) > 50 ||
418 name_len(inbuf
+4 + name_len(inbuf
+ 4)) > 50) {
419 DEBUG(0,("Invalid name length in session request\n"));
422 name_extract(inbuf
,4,name1
);
423 name_type
= name_extract(inbuf
,4 + name_len(inbuf
+ 4),name2
);
424 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
427 set_local_machine_name(name1
, True
);
428 set_remote_machine_name(name2
, True
);
430 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
431 get_local_machine_name(), get_remote_machine_name(),
434 if (name_type
== 'R') {
435 /* We are being asked for a pathworks session ---
437 SCVAL(outbuf
, 0,0x83);
441 /* only add the client's machine name to the list
442 of possibly valid usernames if we are operating
443 in share mode security */
444 if (lp_security() == SEC_SHARE
) {
445 add_session_user(get_remote_machine_name());
448 reload_services(True
);
451 already_got_session
= True
;
454 case 0x89: /* session keepalive request
455 (some old clients produce this?) */
456 SCVAL(outbuf
,0,SMBkeepalive
);
460 case 0x82: /* positive session response */
461 case 0x83: /* negative session response */
462 case 0x84: /* retarget session response */
463 DEBUG(0,("Unexpected session response\n"));
466 case SMBkeepalive
: /* session keepalive */
471 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
472 msg_type
, msg_flags
));
474 srv_send_smb(smbd_server_fd(), outbuf
, false);
478 /****************************************************************************
480 conn POINTER CAN BE NULL HERE !
481 ****************************************************************************/
483 void reply_tcon(struct smb_request
*req
)
485 connection_struct
*conn
= req
->conn
;
487 char *service_buf
= NULL
;
488 char *password
= NULL
;
493 DATA_BLOB password_blob
;
494 TALLOC_CTX
*ctx
= talloc_tos();
496 START_PROFILE(SMBtcon
);
498 if (smb_buflen(req
->inbuf
) < 4) {
499 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
500 END_PROFILE(SMBtcon
);
504 p
= smb_buf(req
->inbuf
)+1;
505 p
+= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
,
506 &service_buf
, p
, STR_TERMINATE
) + 1;
507 pwlen
= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
,
508 &password
, p
, STR_TERMINATE
) + 1;
510 p
+= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
,
511 &dev
, p
, STR_TERMINATE
) + 1;
513 if (service_buf
== NULL
|| password
== NULL
|| dev
== NULL
) {
514 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
515 END_PROFILE(SMBtcon
);
518 p
= strrchr_m(service_buf
,'\\');
522 service
= service_buf
;
525 password_blob
= data_blob(password
, pwlen
+1);
527 conn
= make_connection(service
,password_blob
,dev
,req
->vuid
,&nt_status
);
530 data_blob_clear_free(&password_blob
);
533 reply_nterror(req
, nt_status
);
534 END_PROFILE(SMBtcon
);
538 reply_outbuf(req
, 2, 0);
539 SSVAL(req
->outbuf
,smb_vwv0
,max_recv
);
540 SSVAL(req
->outbuf
,smb_vwv1
,conn
->cnum
);
541 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
543 DEBUG(3,("tcon service=%s cnum=%d\n",
544 service
, conn
->cnum
));
546 END_PROFILE(SMBtcon
);
550 /****************************************************************************
551 Reply to a tcon and X.
552 conn POINTER CAN BE NULL HERE !
553 ****************************************************************************/
555 void reply_tcon_and_X(struct smb_request
*req
)
557 connection_struct
*conn
= req
->conn
;
558 char *service
= NULL
;
560 TALLOC_CTX
*ctx
= talloc_tos();
561 /* what the cleint thinks the device is */
562 char *client_devicetype
= NULL
;
563 /* what the server tells the client the share represents */
564 const char *server_devicetype
;
571 START_PROFILE(SMBtconX
);
574 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
575 END_PROFILE(SMBtconX
);
579 passlen
= SVAL(req
->inbuf
,smb_vwv3
);
580 tcon_flags
= SVAL(req
->inbuf
,smb_vwv2
);
582 /* we might have to close an old one */
583 if ((tcon_flags
& 0x1) && conn
) {
584 close_cnum(conn
,req
->vuid
);
589 if ((passlen
> MAX_PASS_LEN
) || (passlen
>= smb_buflen(req
->inbuf
))) {
590 reply_doserror(req
, ERRDOS
, ERRbuftoosmall
);
591 END_PROFILE(SMBtconX
);
595 if (global_encrypted_passwords_negotiated
) {
596 password
= data_blob_talloc(talloc_tos(), smb_buf(req
->inbuf
),
598 if (lp_security() == SEC_SHARE
) {
600 * Security = share always has a pad byte
601 * after the password.
603 p
= smb_buf(req
->inbuf
) + passlen
+ 1;
605 p
= smb_buf(req
->inbuf
) + passlen
;
608 password
= data_blob_talloc(talloc_tos(), smb_buf(req
->inbuf
),
610 /* Ensure correct termination */
611 password
.data
[passlen
]=0;
612 p
= smb_buf(req
->inbuf
) + passlen
+ 1;
615 p
+= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
, &path
, p
,
619 data_blob_clear_free(&password
);
620 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
621 END_PROFILE(SMBtconX
);
626 * the service name can be either: \\server\share
627 * or share directly like on the DELL PowerVault 705
630 q
= strchr_m(path
+2,'\\');
632 data_blob_clear_free(&password
);
633 reply_doserror(req
, ERRDOS
, ERRnosuchshare
);
634 END_PROFILE(SMBtconX
);
642 p
+= srvstr_pull_talloc(ctx
, req
->inbuf
, req
->flags2
,
643 &client_devicetype
, p
,
644 MIN(6,smb_bufrem(req
->inbuf
, p
)), STR_ASCII
);
646 if (client_devicetype
== NULL
) {
647 data_blob_clear_free(&password
);
648 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
649 END_PROFILE(SMBtconX
);
653 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype
, service
));
655 conn
= make_connection(service
, password
, client_devicetype
,
656 req
->vuid
, &nt_status
);
659 data_blob_clear_free(&password
);
662 reply_nterror(req
, nt_status
);
663 END_PROFILE(SMBtconX
);
668 server_devicetype
= "IPC";
669 else if ( IS_PRINT(conn
) )
670 server_devicetype
= "LPT1:";
672 server_devicetype
= "A:";
674 if (Protocol
< PROTOCOL_NT1
) {
675 reply_outbuf(req
, 2, 0);
676 if (message_push_string(&req
->outbuf
, server_devicetype
,
677 STR_TERMINATE
|STR_ASCII
) == -1) {
678 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
679 END_PROFILE(SMBtconX
);
683 /* NT sets the fstype of IPC$ to the null string */
684 const char *fstype
= IS_IPC(conn
) ? "" : lp_fstype(SNUM(conn
));
686 if (tcon_flags
& TCONX_FLAG_EXTENDED_RESPONSE
) {
687 /* Return permissions. */
691 reply_outbuf(req
, 7, 0);
694 perm1
= FILE_ALL_ACCESS
;
695 perm2
= FILE_ALL_ACCESS
;
697 perm1
= CAN_WRITE(conn
) ?
702 SIVAL(req
->outbuf
, smb_vwv3
, perm1
);
703 SIVAL(req
->outbuf
, smb_vwv5
, perm2
);
705 reply_outbuf(req
, 3, 0);
708 if ((message_push_string(&req
->outbuf
, server_devicetype
,
709 STR_TERMINATE
|STR_ASCII
) == -1)
710 || (message_push_string(&req
->outbuf
, fstype
,
711 STR_TERMINATE
) == -1)) {
712 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
713 END_PROFILE(SMBtconX
);
717 /* what does setting this bit do? It is set by NT4 and
718 may affect the ability to autorun mounted cdroms */
719 SSVAL(req
->outbuf
, smb_vwv2
, SMB_SUPPORT_SEARCH_BITS
|
720 (lp_csc_policy(SNUM(conn
)) << 2));
722 init_dfsroot(conn
, req
->inbuf
, req
->outbuf
);
726 DEBUG(3,("tconX service=%s \n",
729 /* set the incoming and outgoing tid to the just created one */
730 SSVAL(req
->inbuf
,smb_tid
,conn
->cnum
);
731 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
733 END_PROFILE(SMBtconX
);
739 /****************************************************************************
740 Reply to an unknown type.
741 ****************************************************************************/
743 void reply_unknown_new(struct smb_request
*req
, uint8 type
)
745 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
746 smb_fn_name(type
), type
, type
));
747 reply_doserror(req
, ERRSRV
, ERRunknownsmb
);
751 /****************************************************************************
753 conn POINTER CAN BE NULL HERE !
754 ****************************************************************************/
756 void reply_ioctl(struct smb_request
*req
)
758 connection_struct
*conn
= req
->conn
;
765 START_PROFILE(SMBioctl
);
768 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
769 END_PROFILE(SMBioctl
);
773 device
= SVAL(req
->inbuf
,smb_vwv1
);
774 function
= SVAL(req
->inbuf
,smb_vwv2
);
775 ioctl_code
= (device
<< 16) + function
;
777 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code
));
779 switch (ioctl_code
) {
780 case IOCTL_QUERY_JOB_INFO
:
784 reply_doserror(req
, ERRSRV
, ERRnosupport
);
785 END_PROFILE(SMBioctl
);
789 reply_outbuf(req
, 8, replysize
+1);
790 SSVAL(req
->outbuf
,smb_vwv1
,replysize
); /* Total data bytes returned */
791 SSVAL(req
->outbuf
,smb_vwv5
,replysize
); /* Data bytes this buffer */
792 SSVAL(req
->outbuf
,smb_vwv6
,52); /* Offset to data */
793 p
= smb_buf(req
->outbuf
);
794 memset(p
, '\0', replysize
+1); /* valgrind-safe. */
795 p
+= 1; /* Allow for alignment */
797 switch (ioctl_code
) {
798 case IOCTL_QUERY_JOB_INFO
:
800 files_struct
*fsp
= file_fsp(SVAL(req
->inbuf
,
803 reply_doserror(req
, ERRDOS
, ERRbadfid
);
804 END_PROFILE(SMBioctl
);
807 SSVAL(p
,0,fsp
->rap_print_jobid
); /* Job number */
808 srvstr_push((char *)req
->outbuf
, req
->flags2
, p
+2,
810 STR_TERMINATE
|STR_ASCII
);
812 srvstr_push((char *)req
->outbuf
, req
->flags2
,
813 p
+18, lp_servicename(SNUM(conn
)),
814 13, STR_TERMINATE
|STR_ASCII
);
822 END_PROFILE(SMBioctl
);
826 /****************************************************************************
827 Strange checkpath NTSTATUS mapping.
828 ****************************************************************************/
830 static NTSTATUS
map_checkpath_error(const char *inbuf
, NTSTATUS status
)
832 /* Strange DOS error code semantics only for checkpath... */
833 if (!(SVAL(inbuf
,smb_flg2
) & FLAGS2_32_BIT_ERROR_CODES
)) {
834 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID
,status
)) {
835 /* We need to map to ERRbadpath */
836 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
842 /****************************************************************************
843 Reply to a checkpath.
844 ****************************************************************************/
846 void reply_checkpath(struct smb_request
*req
)
848 connection_struct
*conn
= req
->conn
;
850 SMB_STRUCT_STAT sbuf
;
852 TALLOC_CTX
*ctx
= talloc_tos();
854 START_PROFILE(SMBcheckpath
);
856 srvstr_get_path(ctx
,(char *)req
->inbuf
, req
->flags2
, &name
,
857 smb_buf(req
->inbuf
) + 1, 0,
858 STR_TERMINATE
, &status
);
859 if (!NT_STATUS_IS_OK(status
)) {
860 status
= map_checkpath_error((char *)req
->inbuf
, status
);
861 reply_nterror(req
, status
);
862 END_PROFILE(SMBcheckpath
);
866 status
= resolve_dfspath(ctx
, conn
,
867 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
870 if (!NT_STATUS_IS_OK(status
)) {
871 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
872 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
874 END_PROFILE(SMBcheckpath
);
880 DEBUG(3,("reply_checkpath %s mode=%d\n", name
, (int)SVAL(req
->inbuf
,smb_vwv0
)));
882 status
= unix_convert(ctx
, conn
, name
, False
, &name
, NULL
, &sbuf
);
883 if (!NT_STATUS_IS_OK(status
)) {
887 status
= check_name(conn
, name
);
888 if (!NT_STATUS_IS_OK(status
)) {
889 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name
,nt_errstr(status
)));
893 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,name
,&sbuf
) != 0)) {
894 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name
,strerror(errno
)));
895 status
= map_nt_error_from_unix(errno
);
899 if (!S_ISDIR(sbuf
.st_mode
)) {
900 reply_botherror(req
, NT_STATUS_NOT_A_DIRECTORY
,
902 END_PROFILE(SMBcheckpath
);
906 reply_outbuf(req
, 0, 0);
908 END_PROFILE(SMBcheckpath
);
913 END_PROFILE(SMBcheckpath
);
915 /* We special case this - as when a Windows machine
916 is parsing a path is steps through the components
917 one at a time - if a component fails it expects
918 ERRbadpath, not ERRbadfile.
920 status
= map_checkpath_error((char *)req
->inbuf
, status
);
921 if (NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
923 * Windows returns different error codes if
924 * the parent directory is valid but not the
925 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
926 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
927 * if the path is invalid.
929 reply_botherror(req
, NT_STATUS_OBJECT_NAME_NOT_FOUND
,
934 reply_nterror(req
, status
);
937 /****************************************************************************
939 ****************************************************************************/
941 void reply_getatr(struct smb_request
*req
)
943 connection_struct
*conn
= req
->conn
;
945 SMB_STRUCT_STAT sbuf
;
951 TALLOC_CTX
*ctx
= talloc_tos();
953 START_PROFILE(SMBgetatr
);
955 p
= smb_buf(req
->inbuf
) + 1;
956 p
+= srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
, p
,
957 0, STR_TERMINATE
, &status
);
958 if (!NT_STATUS_IS_OK(status
)) {
959 reply_nterror(req
, status
);
960 END_PROFILE(SMBgetatr
);
964 status
= resolve_dfspath(ctx
, conn
,
965 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
968 if (!NT_STATUS_IS_OK(status
)) {
969 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
970 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
972 END_PROFILE(SMBgetatr
);
975 reply_nterror(req
, status
);
976 END_PROFILE(SMBgetatr
);
980 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
981 under WfWg - weird! */
982 if (*fname
== '\0') {
983 mode
= aHIDDEN
| aDIR
;
984 if (!CAN_WRITE(conn
)) {
990 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
,&sbuf
);
991 if (!NT_STATUS_IS_OK(status
)) {
992 reply_nterror(req
, status
);
993 END_PROFILE(SMBgetatr
);
996 status
= check_name(conn
, fname
);
997 if (!NT_STATUS_IS_OK(status
)) {
998 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname
,nt_errstr(status
)));
999 reply_nterror(req
, status
);
1000 END_PROFILE(SMBgetatr
);
1003 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,fname
,&sbuf
) != 0)) {
1004 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname
,strerror(errno
)));
1005 reply_unixerror(req
, ERRDOS
,ERRbadfile
);
1006 END_PROFILE(SMBgetatr
);
1010 mode
= dos_mode(conn
,fname
,&sbuf
);
1011 size
= sbuf
.st_size
;
1012 mtime
= sbuf
.st_mtime
;
1018 reply_outbuf(req
, 10, 0);
1020 SSVAL(req
->outbuf
,smb_vwv0
,mode
);
1021 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1022 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
& ~1);
1024 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
);
1026 SIVAL(req
->outbuf
,smb_vwv3
,(uint32
)size
);
1028 if (Protocol
>= PROTOCOL_NT1
) {
1029 SSVAL(req
->outbuf
, smb_flg2
,
1030 SVAL(req
->outbuf
, smb_flg2
) | FLAGS2_IS_LONG_NAME
);
1033 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname
, mode
, (unsigned int)size
) );
1035 END_PROFILE(SMBgetatr
);
1039 /****************************************************************************
1041 ****************************************************************************/
1043 void reply_setatr(struct smb_request
*req
)
1045 struct timespec ts
[2];
1046 connection_struct
*conn
= req
->conn
;
1050 SMB_STRUCT_STAT sbuf
;
1053 TALLOC_CTX
*ctx
= talloc_tos();
1055 START_PROFILE(SMBsetatr
);
1060 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1064 p
= smb_buf(req
->inbuf
) + 1;
1065 p
+= srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
, p
,
1066 0, STR_TERMINATE
, &status
);
1067 if (!NT_STATUS_IS_OK(status
)) {
1068 reply_nterror(req
, status
);
1069 END_PROFILE(SMBsetatr
);
1073 status
= resolve_dfspath(ctx
, conn
,
1074 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1077 if (!NT_STATUS_IS_OK(status
)) {
1078 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
1079 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1080 ERRSRV
, ERRbadpath
);
1081 END_PROFILE(SMBsetatr
);
1084 reply_nterror(req
, status
);
1085 END_PROFILE(SMBsetatr
);
1089 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
1090 if (!NT_STATUS_IS_OK(status
)) {
1091 reply_nterror(req
, status
);
1092 END_PROFILE(SMBsetatr
);
1096 status
= check_name(conn
, fname
);
1097 if (!NT_STATUS_IS_OK(status
)) {
1098 reply_nterror(req
, status
);
1099 END_PROFILE(SMBsetatr
);
1103 if (fname
[0] == '.' && fname
[1] == '\0') {
1105 * Not sure here is the right place to catch this
1106 * condition. Might be moved to somewhere else later -- vl
1108 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
1109 END_PROFILE(SMBsetatr
);
1113 mode
= SVAL(req
->inbuf
,smb_vwv0
);
1114 mtime
= srv_make_unix_date3(req
->inbuf
+smb_vwv1
);
1116 ts
[1] = convert_time_t_to_timespec(mtime
);
1117 status
= smb_set_file_time(conn
, NULL
, fname
,
1119 if (!NT_STATUS_IS_OK(status
)) {
1120 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1121 END_PROFILE(SMBsetatr
);
1125 if (mode
!= FILE_ATTRIBUTE_NORMAL
) {
1126 if (VALID_STAT_OF_DIR(sbuf
))
1131 if (file_set_dosmode(conn
,fname
,mode
,&sbuf
,NULL
,false) != 0) {
1132 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1133 END_PROFILE(SMBsetatr
);
1138 reply_outbuf(req
, 0, 0);
1140 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname
, mode
) );
1142 END_PROFILE(SMBsetatr
);
1146 /****************************************************************************
1148 ****************************************************************************/
1150 void reply_dskattr(struct smb_request
*req
)
1152 connection_struct
*conn
= req
->conn
;
1153 SMB_BIG_UINT dfree
,dsize
,bsize
;
1154 START_PROFILE(SMBdskattr
);
1156 if (get_dfree_info(conn
,".",True
,&bsize
,&dfree
,&dsize
) == (SMB_BIG_UINT
)-1) {
1157 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
1158 END_PROFILE(SMBdskattr
);
1162 reply_outbuf(req
, 5, 0);
1164 if (Protocol
<= PROTOCOL_LANMAN2
) {
1165 double total_space
, free_space
;
1166 /* we need to scale this to a number that DOS6 can handle. We
1167 use floating point so we can handle large drives on systems
1168 that don't have 64 bit integers
1170 we end up displaying a maximum of 2G to DOS systems
1172 total_space
= dsize
* (double)bsize
;
1173 free_space
= dfree
* (double)bsize
;
1175 dsize
= (SMB_BIG_UINT
)((total_space
+63*512) / (64*512));
1176 dfree
= (SMB_BIG_UINT
)((free_space
+63*512) / (64*512));
1178 if (dsize
> 0xFFFF) dsize
= 0xFFFF;
1179 if (dfree
> 0xFFFF) dfree
= 0xFFFF;
1181 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1182 SSVAL(req
->outbuf
,smb_vwv1
,64); /* this must be 64 for dos systems */
1183 SSVAL(req
->outbuf
,smb_vwv2
,512); /* and this must be 512 */
1184 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1186 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1187 SSVAL(req
->outbuf
,smb_vwv1
,bsize
/512);
1188 SSVAL(req
->outbuf
,smb_vwv2
,512);
1189 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1192 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree
));
1194 END_PROFILE(SMBdskattr
);
1198 /****************************************************************************
1200 Can be called from SMBsearch, SMBffirst or SMBfunique.
1201 ****************************************************************************/
1203 void reply_search(struct smb_request
*req
)
1205 connection_struct
*conn
= req
->conn
;
1207 char *directory
= NULL
;
1213 unsigned int numentries
= 0;
1214 unsigned int maxentries
= 0;
1215 bool finished
= False
;
1221 bool check_descend
= False
;
1222 bool expect_close
= False
;
1224 bool mask_contains_wcard
= False
;
1225 bool allow_long_path_components
= (req
->flags2
& FLAGS2_LONG_PATH_COMPONENTS
) ? True
: False
;
1226 TALLOC_CTX
*ctx
= talloc_tos();
1227 bool ask_sharemode
= lp_parm_bool(SNUM(conn
), "smbd", "search ask sharemode", true);
1229 START_PROFILE(SMBsearch
);
1232 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1233 END_PROFILE(SMBsearch
);
1237 if (lp_posix_pathnames()) {
1238 reply_unknown_new(req
, CVAL(req
->inbuf
, smb_com
));
1239 END_PROFILE(SMBsearch
);
1243 /* If we were called as SMBffirst then we must expect close. */
1244 if(CVAL(req
->inbuf
,smb_com
) == SMBffirst
) {
1245 expect_close
= True
;
1248 reply_outbuf(req
, 1, 3);
1249 maxentries
= SVAL(req
->inbuf
,smb_vwv0
);
1250 dirtype
= SVAL(req
->inbuf
,smb_vwv1
);
1251 p
= smb_buf(req
->inbuf
) + 1;
1252 p
+= srvstr_get_path_wcard(ctx
,
1260 &mask_contains_wcard
);
1261 if (!NT_STATUS_IS_OK(nt_status
)) {
1262 reply_nterror(req
, nt_status
);
1263 END_PROFILE(SMBsearch
);
1267 nt_status
= resolve_dfspath_wcard(ctx
, conn
,
1268 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1271 &mask_contains_wcard
);
1272 if (!NT_STATUS_IS_OK(nt_status
)) {
1273 if (NT_STATUS_EQUAL(nt_status
,NT_STATUS_PATH_NOT_COVERED
)) {
1274 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1275 ERRSRV
, ERRbadpath
);
1276 END_PROFILE(SMBsearch
);
1279 reply_nterror(req
, nt_status
);
1280 END_PROFILE(SMBsearch
);
1285 status_len
= SVAL(p
, 0);
1288 /* dirtype &= ~aDIR; */
1290 if (status_len
== 0) {
1291 SMB_STRUCT_STAT sbuf
;
1293 nt_status
= unix_convert(ctx
, conn
, path
, True
,
1294 &directory
, NULL
, &sbuf
);
1295 if (!NT_STATUS_IS_OK(nt_status
)) {
1296 reply_nterror(req
, nt_status
);
1297 END_PROFILE(SMBsearch
);
1301 nt_status
= check_name(conn
, directory
);
1302 if (!NT_STATUS_IS_OK(nt_status
)) {
1303 reply_nterror(req
, nt_status
);
1304 END_PROFILE(SMBsearch
);
1308 p
= strrchr_m(directory
,'/');
1311 directory
= talloc_strdup(ctx
,".");
1313 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1314 END_PROFILE(SMBsearch
);
1322 if (*directory
== '\0') {
1323 directory
= talloc_strdup(ctx
,".");
1325 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1326 END_PROFILE(SMBsearch
);
1330 memset((char *)status
,'\0',21);
1331 SCVAL(status
,0,(dirtype
& 0x1F));
1333 nt_status
= dptr_create(conn
,
1339 mask_contains_wcard
,
1342 if (!NT_STATUS_IS_OK(nt_status
)) {
1343 reply_nterror(req
, nt_status
);
1344 END_PROFILE(SMBsearch
);
1347 dptr_num
= dptr_dnum(conn
->dirptr
);
1351 memcpy(status
,p
,21);
1352 status_dirtype
= CVAL(status
,0) & 0x1F;
1353 if (status_dirtype
!= (dirtype
& 0x1F)) {
1354 dirtype
= status_dirtype
;
1357 conn
->dirptr
= dptr_fetch(status
+12,&dptr_num
);
1358 if (!conn
->dirptr
) {
1361 string_set(&conn
->dirpath
,dptr_path(dptr_num
));
1362 mask
= dptr_wcard(dptr_num
);
1367 * For a 'continue' search we have no string. So
1368 * check from the initial saved string.
1370 mask_contains_wcard
= ms_has_wild(mask
);
1371 dirtype
= dptr_attr(dptr_num
);
1374 DEBUG(4,("dptr_num is %d\n",dptr_num
));
1376 if ((dirtype
&0x1F) == aVOLID
) {
1377 char buf
[DIR_STRUCT_SIZE
];
1378 memcpy(buf
,status
,21);
1379 if (!make_dir_struct(ctx
,buf
,"???????????",volume_label(SNUM(conn
)),
1380 0,aVOLID
,0,!allow_long_path_components
)) {
1381 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1382 END_PROFILE(SMBsearch
);
1385 dptr_fill(buf
+12,dptr_num
);
1386 if (dptr_zero(buf
+12) && (status_len
==0)) {
1391 if (message_push_blob(&req
->outbuf
,
1392 data_blob_const(buf
, sizeof(buf
)))
1394 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1395 END_PROFILE(SMBsearch
);
1403 ((uint8
*)smb_buf(req
->outbuf
) + 3 - req
->outbuf
))
1406 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1407 conn
->dirpath
,lp_dontdescend(SNUM(conn
))));
1408 if (in_list(conn
->dirpath
, lp_dontdescend(SNUM(conn
)),True
)) {
1409 check_descend
= True
;
1412 for (i
=numentries
;(i
<maxentries
) && !finished
;i
++) {
1413 finished
= !get_dir_entry(ctx
,
1424 char buf
[DIR_STRUCT_SIZE
];
1425 memcpy(buf
,status
,21);
1426 if (!make_dir_struct(ctx
,
1433 !allow_long_path_components
)) {
1434 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1435 END_PROFILE(SMBsearch
);
1438 if (!dptr_fill(buf
+12,dptr_num
)) {
1441 if (message_push_blob(&req
->outbuf
,
1442 data_blob_const(buf
, sizeof(buf
)))
1444 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1445 END_PROFILE(SMBsearch
);
1455 /* If we were called as SMBffirst with smb_search_id == NULL
1456 and no entries were found then return error and close dirptr
1459 if (numentries
== 0) {
1460 dptr_close(&dptr_num
);
1461 } else if(expect_close
&& status_len
== 0) {
1462 /* Close the dptr - we know it's gone */
1463 dptr_close(&dptr_num
);
1466 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1467 if(dptr_num
>= 0 && CVAL(req
->inbuf
,smb_com
) == SMBfunique
) {
1468 dptr_close(&dptr_num
);
1471 if ((numentries
== 0) && !mask_contains_wcard
) {
1472 reply_botherror(req
, STATUS_NO_MORE_FILES
, ERRDOS
, ERRnofiles
);
1473 END_PROFILE(SMBsearch
);
1477 SSVAL(req
->outbuf
,smb_vwv0
,numentries
);
1478 SSVAL(req
->outbuf
,smb_vwv1
,3 + numentries
* DIR_STRUCT_SIZE
);
1479 SCVAL(smb_buf(req
->outbuf
),0,5);
1480 SSVAL(smb_buf(req
->outbuf
),1,numentries
*DIR_STRUCT_SIZE
);
1482 /* The replies here are never long name. */
1483 SSVAL(req
->outbuf
, smb_flg2
,
1484 SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_IS_LONG_NAME
));
1485 if (!allow_long_path_components
) {
1486 SSVAL(req
->outbuf
, smb_flg2
,
1487 SVAL(req
->outbuf
, smb_flg2
)
1488 & (~FLAGS2_LONG_PATH_COMPONENTS
));
1491 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1492 SSVAL(req
->outbuf
, smb_flg2
,
1493 (SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_UNICODE_STRINGS
)));
1496 directory
= dptr_path(dptr_num
);
1499 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1500 smb_fn_name(CVAL(req
->inbuf
,smb_com
)),
1502 directory
? directory
: "./",
1507 END_PROFILE(SMBsearch
);
1511 /****************************************************************************
1512 Reply to a fclose (stop directory search).
1513 ****************************************************************************/
1515 void reply_fclose(struct smb_request
*req
)
1523 bool path_contains_wcard
= False
;
1524 TALLOC_CTX
*ctx
= talloc_tos();
1526 START_PROFILE(SMBfclose
);
1528 if (lp_posix_pathnames()) {
1529 reply_unknown_new(req
, CVAL(req
->inbuf
, smb_com
));
1530 END_PROFILE(SMBfclose
);
1534 p
= smb_buf(req
->inbuf
) + 1;
1535 p
+= srvstr_get_path_wcard(ctx
,
1543 &path_contains_wcard
);
1544 if (!NT_STATUS_IS_OK(err
)) {
1545 reply_nterror(req
, err
);
1546 END_PROFILE(SMBfclose
);
1550 status_len
= SVAL(p
,0);
1553 if (status_len
== 0) {
1554 reply_doserror(req
, ERRSRV
, ERRsrverror
);
1555 END_PROFILE(SMBfclose
);
1559 memcpy(status
,p
,21);
1561 if(dptr_fetch(status
+12,&dptr_num
)) {
1562 /* Close the dptr - we know it's gone */
1563 dptr_close(&dptr_num
);
1566 reply_outbuf(req
, 1, 0);
1567 SSVAL(req
->outbuf
,smb_vwv0
,0);
1569 DEBUG(3,("search close\n"));
1571 END_PROFILE(SMBfclose
);
1575 /****************************************************************************
1577 ****************************************************************************/
1579 void reply_open(struct smb_request
*req
)
1581 connection_struct
*conn
= req
->conn
;
1587 SMB_STRUCT_STAT sbuf
;
1594 uint32 create_disposition
;
1595 uint32 create_options
= 0;
1597 TALLOC_CTX
*ctx
= talloc_tos();
1599 START_PROFILE(SMBopen
);
1602 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1603 END_PROFILE(SMBopen
);
1607 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1608 deny_mode
= SVAL(req
->inbuf
,smb_vwv0
);
1609 dos_attr
= SVAL(req
->inbuf
,smb_vwv1
);
1611 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
1612 smb_buf(req
->inbuf
)+1, 0,
1613 STR_TERMINATE
, &status
);
1614 if (!NT_STATUS_IS_OK(status
)) {
1615 reply_nterror(req
, status
);
1616 END_PROFILE(SMBopen
);
1620 if (!map_open_params_to_ntcreate(
1621 fname
, deny_mode
, OPENX_FILE_EXISTS_OPEN
, &access_mask
,
1622 &share_mode
, &create_disposition
, &create_options
)) {
1623 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1624 END_PROFILE(SMBopen
);
1628 status
= create_file(conn
, /* conn */
1630 0, /* root_dir_fid */
1632 access_mask
, /* access_mask */
1633 share_mode
, /* share_access */
1634 create_disposition
, /* create_disposition*/
1635 create_options
, /* create_options */
1636 dos_attr
, /* file_attributes */
1637 oplock_request
, /* oplock_request */
1638 0, /* allocation_size */
1645 if (!NT_STATUS_IS_OK(status
)) {
1646 if (open_was_deferred(req
->mid
)) {
1647 /* We have re-scheduled this call. */
1648 END_PROFILE(SMBopen
);
1651 reply_openerror(req
, status
);
1652 END_PROFILE(SMBopen
);
1656 size
= sbuf
.st_size
;
1657 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1658 mtime
= sbuf
.st_mtime
;
1661 DEBUG(3,("attempt to open a directory %s\n",fsp
->fsp_name
));
1662 close_file(fsp
,ERROR_CLOSE
);
1663 reply_doserror(req
, ERRDOS
,ERRnoaccess
);
1664 END_PROFILE(SMBopen
);
1668 reply_outbuf(req
, 7, 0);
1669 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
1670 SSVAL(req
->outbuf
,smb_vwv1
,fattr
);
1671 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1672 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
& ~1);
1674 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
);
1676 SIVAL(req
->outbuf
,smb_vwv4
,(uint32
)size
);
1677 SSVAL(req
->outbuf
,smb_vwv6
,deny_mode
);
1679 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1680 SCVAL(req
->outbuf
,smb_flg
,
1681 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1684 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1685 SCVAL(req
->outbuf
,smb_flg
,
1686 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1688 END_PROFILE(SMBopen
);
1692 /****************************************************************************
1693 Reply to an open and X.
1694 ****************************************************************************/
1696 void reply_open_and_X(struct smb_request
*req
)
1698 connection_struct
*conn
= req
->conn
;
1703 /* Breakout the oplock request bits so we can set the
1704 reply bits separately. */
1705 int ex_oplock_request
;
1706 int core_oplock_request
;
1709 int smb_sattr
= SVAL(req
->inbuf
,smb_vwv4
);
1710 uint32 smb_time
= make_unix_date3(req
->inbuf
+smb_vwv6
);
1715 SMB_STRUCT_STAT sbuf
;
1719 SMB_BIG_UINT allocation_size
;
1720 ssize_t retval
= -1;
1723 uint32 create_disposition
;
1724 uint32 create_options
= 0;
1725 TALLOC_CTX
*ctx
= talloc_tos();
1727 START_PROFILE(SMBopenX
);
1729 if (req
->wct
< 15) {
1730 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1731 END_PROFILE(SMBopenX
);
1735 open_flags
= SVAL(req
->inbuf
,smb_vwv2
);
1736 deny_mode
= SVAL(req
->inbuf
,smb_vwv3
);
1737 smb_attr
= SVAL(req
->inbuf
,smb_vwv5
);
1738 ex_oplock_request
= EXTENDED_OPLOCK_REQUEST(req
->inbuf
);
1739 core_oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1740 oplock_request
= ex_oplock_request
| core_oplock_request
;
1741 smb_ofun
= SVAL(req
->inbuf
,smb_vwv8
);
1742 allocation_size
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv9
);
1744 /* If it's an IPC, pass off the pipe handler. */
1746 if (lp_nt_pipe_support()) {
1747 reply_open_pipe_and_X(conn
, req
);
1749 reply_doserror(req
, ERRSRV
, ERRaccess
);
1751 END_PROFILE(SMBopenX
);
1755 /* XXXX we need to handle passed times, sattr and flags */
1756 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
1757 smb_buf(req
->inbuf
), 0, STR_TERMINATE
,
1759 if (!NT_STATUS_IS_OK(status
)) {
1760 reply_nterror(req
, status
);
1761 END_PROFILE(SMBopenX
);
1765 if (!map_open_params_to_ntcreate(
1766 fname
, deny_mode
, smb_ofun
, &access_mask
,
1767 &share_mode
, &create_disposition
, &create_options
)) {
1768 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1769 END_PROFILE(SMBopenX
);
1773 status
= create_file(conn
, /* conn */
1775 0, /* root_dir_fid */
1777 access_mask
, /* access_mask */
1778 share_mode
, /* share_access */
1779 create_disposition
, /* create_disposition*/
1780 create_options
, /* create_options */
1781 smb_attr
, /* file_attributes */
1782 oplock_request
, /* oplock_request */
1783 0, /* allocation_size */
1787 &smb_action
, /* pinfo */
1790 if (!NT_STATUS_IS_OK(status
)) {
1791 END_PROFILE(SMBopenX
);
1792 if (open_was_deferred(req
->mid
)) {
1793 /* We have re-scheduled this call. */
1796 reply_openerror(req
, status
);
1800 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1801 if the file is truncated or created. */
1802 if (((smb_action
== FILE_WAS_CREATED
) || (smb_action
== FILE_WAS_OVERWRITTEN
)) && allocation_size
) {
1803 fsp
->initial_allocation_size
= smb_roundup(fsp
->conn
, allocation_size
);
1804 if (vfs_allocate_file_space(fsp
, fsp
->initial_allocation_size
) == -1) {
1805 close_file(fsp
,ERROR_CLOSE
);
1806 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1807 END_PROFILE(SMBopenX
);
1810 retval
= vfs_set_filelen(fsp
, (SMB_OFF_T
)allocation_size
);
1812 close_file(fsp
,ERROR_CLOSE
);
1813 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1814 END_PROFILE(SMBopenX
);
1817 sbuf
.st_size
= get_allocation_size(conn
,fsp
,&sbuf
);
1820 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1821 mtime
= sbuf
.st_mtime
;
1823 close_file(fsp
,ERROR_CLOSE
);
1824 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
1825 END_PROFILE(SMBopenX
);
1829 /* If the caller set the extended oplock request bit
1830 and we granted one (by whatever means) - set the
1831 correct bit for extended oplock reply.
1834 if (ex_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1835 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1838 if(ex_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1839 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1842 /* If the caller set the core oplock request bit
1843 and we granted one (by whatever means) - set the
1844 correct bit for core oplock reply.
1847 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1848 reply_outbuf(req
, 19, 0);
1850 reply_outbuf(req
, 15, 0);
1853 if (core_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1854 SCVAL(req
->outbuf
, smb_flg
,
1855 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1858 if(core_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1859 SCVAL(req
->outbuf
, smb_flg
,
1860 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1863 SSVAL(req
->outbuf
,smb_vwv2
,fsp
->fnum
);
1864 SSVAL(req
->outbuf
,smb_vwv3
,fattr
);
1865 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1866 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
& ~1);
1868 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
);
1870 SIVAL(req
->outbuf
,smb_vwv6
,(uint32
)sbuf
.st_size
);
1871 SSVAL(req
->outbuf
,smb_vwv8
,GET_OPENX_MODE(deny_mode
));
1872 SSVAL(req
->outbuf
,smb_vwv11
,smb_action
);
1874 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1875 SIVAL(req
->outbuf
, smb_vwv15
, STD_RIGHT_ALL_ACCESS
);
1878 END_PROFILE(SMBopenX
);
1883 /****************************************************************************
1884 Reply to a SMBulogoffX.
1885 ****************************************************************************/
1887 void reply_ulogoffX(struct smb_request
*req
)
1891 START_PROFILE(SMBulogoffX
);
1893 vuser
= get_valid_user_struct(req
->vuid
);
1896 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1900 /* in user level security we are supposed to close any files
1901 open by this user */
1902 if ((vuser
!= NULL
) && (lp_security() != SEC_SHARE
)) {
1903 file_close_user(req
->vuid
);
1906 invalidate_vuid(req
->vuid
);
1908 reply_outbuf(req
, 2, 0);
1910 DEBUG( 3, ( "ulogoffX vuid=%d\n", req
->vuid
) );
1912 END_PROFILE(SMBulogoffX
);
1916 /****************************************************************************
1917 Reply to a mknew or a create.
1918 ****************************************************************************/
1920 void reply_mknew(struct smb_request
*req
)
1922 connection_struct
*conn
= req
->conn
;
1926 struct timespec ts
[2];
1928 int oplock_request
= 0;
1929 SMB_STRUCT_STAT sbuf
;
1931 uint32 access_mask
= FILE_GENERIC_READ
| FILE_GENERIC_WRITE
;
1932 uint32 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1933 uint32 create_disposition
;
1934 uint32 create_options
= 0;
1935 TALLOC_CTX
*ctx
= talloc_tos();
1937 START_PROFILE(SMBcreate
);
1940 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1941 END_PROFILE(SMBcreate
);
1945 fattr
= SVAL(req
->inbuf
,smb_vwv0
);
1946 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1947 com
= SVAL(req
->inbuf
,smb_com
);
1949 ts
[1] =convert_time_t_to_timespec(
1950 srv_make_unix_date3(req
->inbuf
+ smb_vwv1
));
1953 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
1954 smb_buf(req
->inbuf
) + 1, 0,
1955 STR_TERMINATE
, &status
);
1956 if (!NT_STATUS_IS_OK(status
)) {
1957 reply_nterror(req
, status
);
1958 END_PROFILE(SMBcreate
);
1962 if (fattr
& aVOLID
) {
1963 DEBUG(0,("Attempt to create file (%s) with volid set - "
1964 "please report this\n", fname
));
1967 if(com
== SMBmknew
) {
1968 /* We should fail if file exists. */
1969 create_disposition
= FILE_CREATE
;
1971 /* Create if file doesn't exist, truncate if it does. */
1972 create_disposition
= FILE_OVERWRITE_IF
;
1975 status
= create_file(conn
, /* conn */
1977 0, /* root_dir_fid */
1979 access_mask
, /* access_mask */
1980 share_mode
, /* share_access */
1981 create_disposition
, /* create_disposition*/
1982 create_options
, /* create_options */
1983 fattr
, /* file_attributes */
1984 oplock_request
, /* oplock_request */
1985 0, /* allocation_size */
1992 if (!NT_STATUS_IS_OK(status
)) {
1993 END_PROFILE(SMBcreate
);
1994 if (open_was_deferred(req
->mid
)) {
1995 /* We have re-scheduled this call. */
1998 reply_openerror(req
, status
);
2002 ts
[0] = get_atimespec(&sbuf
); /* atime. */
2003 status
= smb_set_file_time(conn
, fsp
, fname
, &sbuf
, ts
, true);
2004 if (!NT_STATUS_IS_OK(status
)) {
2005 END_PROFILE(SMBcreate
);
2006 reply_openerror(req
, status
);
2010 reply_outbuf(req
, 1, 0);
2011 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2013 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2014 SCVAL(req
->outbuf
,smb_flg
,
2015 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2018 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2019 SCVAL(req
->outbuf
,smb_flg
,
2020 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2023 DEBUG( 2, ( "reply_mknew: file %s\n", fsp
->fsp_name
) );
2024 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2025 fsp
->fsp_name
, fsp
->fh
->fd
, (unsigned int)fattr
) );
2027 END_PROFILE(SMBcreate
);
2031 /****************************************************************************
2032 Reply to a create temporary file.
2033 ****************************************************************************/
2035 void reply_ctemp(struct smb_request
*req
)
2037 connection_struct
*conn
= req
->conn
;
2043 SMB_STRUCT_STAT sbuf
;
2046 TALLOC_CTX
*ctx
= talloc_tos();
2048 START_PROFILE(SMBctemp
);
2051 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2052 END_PROFILE(SMBctemp
);
2056 fattr
= SVAL(req
->inbuf
,smb_vwv0
);
2057 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
2059 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
2060 smb_buf(req
->inbuf
)+1, 0, STR_TERMINATE
,
2062 if (!NT_STATUS_IS_OK(status
)) {
2063 reply_nterror(req
, status
);
2064 END_PROFILE(SMBctemp
);
2068 fname
= talloc_asprintf(ctx
,
2072 fname
= talloc_strdup(ctx
, "TMXXXXXX");
2076 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2077 END_PROFILE(SMBctemp
);
2081 status
= resolve_dfspath(ctx
, conn
,
2082 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2085 if (!NT_STATUS_IS_OK(status
)) {
2086 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2087 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2088 ERRSRV
, ERRbadpath
);
2089 END_PROFILE(SMBctemp
);
2092 reply_nterror(req
, status
);
2093 END_PROFILE(SMBctemp
);
2097 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
2098 if (!NT_STATUS_IS_OK(status
)) {
2099 reply_nterror(req
, status
);
2100 END_PROFILE(SMBctemp
);
2104 status
= check_name(conn
, CONST_DISCARD(char *,fname
));
2105 if (!NT_STATUS_IS_OK(status
)) {
2106 reply_nterror(req
, status
);
2107 END_PROFILE(SMBctemp
);
2111 tmpfd
= smb_mkstemp(fname
);
2113 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
2114 END_PROFILE(SMBctemp
);
2118 SMB_VFS_STAT(conn
,fname
,&sbuf
);
2120 /* We should fail if file does not exist. */
2121 status
= open_file_ntcreate(conn
, req
, fname
, &sbuf
,
2122 FILE_GENERIC_READ
| FILE_GENERIC_WRITE
,
2123 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
2130 /* close fd from smb_mkstemp() */
2133 if (!NT_STATUS_IS_OK(status
)) {
2134 if (open_was_deferred(req
->mid
)) {
2135 /* We have re-scheduled this call. */
2136 END_PROFILE(SMBctemp
);
2139 reply_openerror(req
, status
);
2140 END_PROFILE(SMBctemp
);
2144 reply_outbuf(req
, 1, 0);
2145 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2147 /* the returned filename is relative to the directory */
2148 s
= strrchr_m(fsp
->fsp_name
, '/');
2156 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2157 thing in the byte section. JRA */
2158 SSVALS(p
, 0, -1); /* what is this? not in spec */
2160 if (message_push_string(&req
->outbuf
, s
, STR_ASCII
|STR_TERMINATE
)
2162 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2163 END_PROFILE(SMBctemp
);
2167 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2168 SCVAL(req
->outbuf
, smb_flg
,
2169 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2172 if (EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2173 SCVAL(req
->outbuf
, smb_flg
,
2174 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2177 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp
->fsp_name
) );
2178 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp
->fsp_name
,
2179 fsp
->fh
->fd
, (unsigned int)sbuf
.st_mode
) );
2181 END_PROFILE(SMBctemp
);
2185 /*******************************************************************
2186 Check if a user is allowed to rename a file.
2187 ********************************************************************/
2189 static NTSTATUS
can_rename(connection_struct
*conn
, files_struct
*fsp
,
2190 uint16 dirtype
, SMB_STRUCT_STAT
*pst
)
2194 if (!CAN_WRITE(conn
)) {
2195 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2198 fmode
= dos_mode(conn
, fsp
->fsp_name
, pst
);
2199 if ((fmode
& ~dirtype
) & (aHIDDEN
| aSYSTEM
)) {
2200 return NT_STATUS_NO_SUCH_FILE
;
2203 if (S_ISDIR(pst
->st_mode
)) {
2204 return NT_STATUS_OK
;
2207 if (fsp
->access_mask
& (DELETE_ACCESS
|FILE_WRITE_ATTRIBUTES
)) {
2208 return NT_STATUS_OK
;
2211 return NT_STATUS_ACCESS_DENIED
;
2214 /*******************************************************************
2215 * unlink a file with all relevant access checks
2216 *******************************************************************/
2218 static NTSTATUS
do_unlink(connection_struct
*conn
,
2219 struct smb_request
*req
,
2223 SMB_STRUCT_STAT sbuf
;
2226 uint32 dirtype_orig
= dirtype
;
2229 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname
, dirtype
));
2231 if (!CAN_WRITE(conn
)) {
2232 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2235 if (SMB_VFS_LSTAT(conn
,fname
,&sbuf
) != 0) {
2236 return map_nt_error_from_unix(errno
);
2239 fattr
= dos_mode(conn
,fname
,&sbuf
);
2241 if (dirtype
& FILE_ATTRIBUTE_NORMAL
) {
2242 dirtype
= aDIR
|aARCH
|aRONLY
;
2245 dirtype
&= (aDIR
|aARCH
|aRONLY
|aHIDDEN
|aSYSTEM
);
2247 return NT_STATUS_NO_SUCH_FILE
;
2250 if (!dir_check_ftype(conn
, fattr
, dirtype
)) {
2252 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2254 return NT_STATUS_NO_SUCH_FILE
;
2257 if (dirtype_orig
& 0x8000) {
2258 /* These will never be set for POSIX. */
2259 return NT_STATUS_NO_SUCH_FILE
;
2263 if ((fattr
& dirtype
) & FILE_ATTRIBUTE_DIRECTORY
) {
2264 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2267 if ((fattr
& ~dirtype
) & (FILE_ATTRIBUTE_HIDDEN
|FILE_ATTRIBUTE_SYSTEM
)) {
2268 return NT_STATUS_NO_SUCH_FILE
;
2271 if (dirtype
& 0xFF00) {
2272 /* These will never be set for POSIX. */
2273 return NT_STATUS_NO_SUCH_FILE
;
2278 return NT_STATUS_NO_SUCH_FILE
;
2281 /* Can't delete a directory. */
2283 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2288 else if (dirtype
& aDIR
) /* Asked for a directory and it isn't. */
2289 return NT_STATUS_OBJECT_NAME_INVALID
;
2290 #endif /* JRATEST */
2292 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2294 On a Windows share, a file with read-only dosmode can be opened with
2295 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2296 fails with NT_STATUS_CANNOT_DELETE error.
2298 This semantic causes a problem that a user can not
2299 rename a file with read-only dosmode on a Samba share
2300 from a Windows command prompt (i.e. cmd.exe, but can rename
2301 from Windows Explorer).
2304 if (!lp_delete_readonly(SNUM(conn
))) {
2305 if (fattr
& aRONLY
) {
2306 return NT_STATUS_CANNOT_DELETE
;
2310 /* On open checks the open itself will check the share mode, so
2311 don't do it here as we'll get it wrong. */
2313 status
= create_file_unixpath
2317 DELETE_ACCESS
, /* access_mask */
2318 FILE_SHARE_NONE
, /* share_access */
2319 FILE_OPEN
, /* create_disposition*/
2320 FILE_NON_DIRECTORY_FILE
, /* create_options */
2321 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
2322 0, /* oplock_request */
2323 0, /* allocation_size */
2330 if (!NT_STATUS_IS_OK(status
)) {
2331 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2332 nt_errstr(status
)));
2336 /* The set is across all open files on this dev/inode pair. */
2337 if (!set_delete_on_close(fsp
, True
, ¤t_user
.ut
)) {
2338 close_file(fsp
, NORMAL_CLOSE
);
2339 return NT_STATUS_ACCESS_DENIED
;
2342 return close_file(fsp
,NORMAL_CLOSE
);
2345 /****************************************************************************
2346 The guts of the unlink command, split out so it may be called by the NT SMB
2348 ****************************************************************************/
2350 NTSTATUS
unlink_internals(connection_struct
*conn
, struct smb_request
*req
,
2351 uint32 dirtype
, const char *name_in
, bool has_wild
)
2353 const char *directory
= NULL
;
2358 NTSTATUS status
= NT_STATUS_OK
;
2359 SMB_STRUCT_STAT sbuf
;
2360 TALLOC_CTX
*ctx
= talloc_tos();
2362 status
= unix_convert(ctx
, conn
, name_in
, has_wild
, &name
, NULL
, &sbuf
);
2363 if (!NT_STATUS_IS_OK(status
)) {
2367 p
= strrchr_m(name
,'/');
2369 directory
= talloc_strdup(ctx
, ".");
2371 return NT_STATUS_NO_MEMORY
;
2381 * We should only check the mangled cache
2382 * here if unix_convert failed. This means
2383 * that the path in 'mask' doesn't exist
2384 * on the file system and so we need to look
2385 * for a possible mangle. This patch from
2386 * Tine Smukavec <valentin.smukavec@hermes.si>.
2389 if (!VALID_STAT(sbuf
) && mangle_is_mangled(mask
,conn
->params
)) {
2390 char *new_mask
= NULL
;
2391 mangle_lookup_name_from_8_3(ctx
,
2401 directory
= talloc_asprintf(ctx
,
2406 return NT_STATUS_NO_MEMORY
;
2409 dirtype
= FILE_ATTRIBUTE_NORMAL
;
2412 status
= check_name(conn
, directory
);
2413 if (!NT_STATUS_IS_OK(status
)) {
2417 status
= do_unlink(conn
, req
, directory
, dirtype
);
2418 if (!NT_STATUS_IS_OK(status
)) {
2424 struct smb_Dir
*dir_hnd
= NULL
;
2428 if ((dirtype
& SAMBA_ATTRIBUTES_MASK
) == aDIR
) {
2429 return NT_STATUS_OBJECT_NAME_INVALID
;
2432 if (strequal(mask
,"????????.???")) {
2437 status
= check_name(conn
, directory
);
2438 if (!NT_STATUS_IS_OK(status
)) {
2442 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
,
2444 if (dir_hnd
== NULL
) {
2445 return map_nt_error_from_unix(errno
);
2448 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2449 the pattern matches against the long name, otherwise the short name
2450 We don't implement this yet XXXX
2453 status
= NT_STATUS_NO_SUCH_FILE
;
2455 while ((dname
= ReadDirName(dir_hnd
, &offset
))) {
2459 if (!is_visible_file(conn
, directory
, dname
, &st
, True
)) {
2463 /* Quick check for "." and ".." */
2464 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
2468 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
2472 fname
= talloc_asprintf(ctx
, "%s/%s",
2476 return NT_STATUS_NO_MEMORY
;
2479 status
= check_name(conn
, fname
);
2480 if (!NT_STATUS_IS_OK(status
)) {
2481 TALLOC_FREE(dir_hnd
);
2485 status
= do_unlink(conn
, req
, fname
, dirtype
);
2486 if (!NT_STATUS_IS_OK(status
)) {
2492 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2497 TALLOC_FREE(dir_hnd
);
2500 if (count
== 0 && NT_STATUS_IS_OK(status
)) {
2501 status
= map_nt_error_from_unix(errno
);
2507 /****************************************************************************
2509 ****************************************************************************/
2511 void reply_unlink(struct smb_request
*req
)
2513 connection_struct
*conn
= req
->conn
;
2517 bool path_contains_wcard
= False
;
2518 TALLOC_CTX
*ctx
= talloc_tos();
2520 START_PROFILE(SMBunlink
);
2523 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2524 END_PROFILE(SMBunlink
);
2528 dirtype
= SVAL(req
->inbuf
,smb_vwv0
);
2530 srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &name
,
2531 smb_buf(req
->inbuf
) + 1, 0,
2532 STR_TERMINATE
, &status
, &path_contains_wcard
);
2533 if (!NT_STATUS_IS_OK(status
)) {
2534 reply_nterror(req
, status
);
2535 END_PROFILE(SMBunlink
);
2539 status
= resolve_dfspath_wcard(ctx
, conn
,
2540 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2543 &path_contains_wcard
);
2544 if (!NT_STATUS_IS_OK(status
)) {
2545 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2546 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2547 ERRSRV
, ERRbadpath
);
2548 END_PROFILE(SMBunlink
);
2551 reply_nterror(req
, status
);
2552 END_PROFILE(SMBunlink
);
2556 DEBUG(3,("reply_unlink : %s\n",name
));
2558 status
= unlink_internals(conn
, req
, dirtype
, name
,
2559 path_contains_wcard
);
2560 if (!NT_STATUS_IS_OK(status
)) {
2561 if (open_was_deferred(req
->mid
)) {
2562 /* We have re-scheduled this call. */
2563 END_PROFILE(SMBunlink
);
2566 reply_nterror(req
, status
);
2567 END_PROFILE(SMBunlink
);
2571 reply_outbuf(req
, 0, 0);
2572 END_PROFILE(SMBunlink
);
2577 /****************************************************************************
2579 ****************************************************************************/
2581 static void fail_readraw(void)
2583 const char *errstr
= talloc_asprintf(talloc_tos(),
2584 "FAIL ! reply_readbraw: socket write fail (%s)",
2589 exit_server_cleanly(errstr
);
2592 /****************************************************************************
2593 Fake (read/write) sendfile. Returns -1 on read or write fail.
2594 ****************************************************************************/
2596 static ssize_t
fake_sendfile(files_struct
*fsp
, SMB_OFF_T startpos
,
2600 size_t tosend
= nread
;
2607 bufsize
= MIN(nread
, 65536);
2609 if (!(buf
= SMB_MALLOC_ARRAY(char, bufsize
))) {
2613 while (tosend
> 0) {
2617 if (tosend
> bufsize
) {
2622 ret
= read_file(fsp
,buf
,startpos
,cur_read
);
2628 /* If we had a short read, fill with zeros. */
2629 if (ret
< cur_read
) {
2630 memset(buf
, '\0', cur_read
- ret
);
2633 if (write_data(smbd_server_fd(),buf
,cur_read
) != cur_read
) {
2638 startpos
+= cur_read
;
2642 return (ssize_t
)nread
;
2645 /****************************************************************************
2646 Return a readbraw error (4 bytes of zero).
2647 ****************************************************************************/
2649 static void reply_readbraw_error(void)
2653 if (write_data(smbd_server_fd(),header
,4) != 4) {
2658 /****************************************************************************
2659 Use sendfile in readbraw.
2660 ****************************************************************************/
2662 void send_file_readbraw(connection_struct
*conn
,
2668 char *outbuf
= NULL
;
2671 #if defined(WITH_SENDFILE)
2673 * We can only use sendfile on a non-chained packet
2674 * but we can use on a non-oplocked file. tridge proved this
2675 * on a train in Germany :-). JRA.
2676 * reply_readbraw has already checked the length.
2679 if ( (chain_size
== 0) && (nread
> 0) && (fsp
->base_fsp
== NULL
) &&
2680 (fsp
->wcp
== NULL
) && lp_use_sendfile(SNUM(conn
)) ) {
2682 DATA_BLOB header_blob
;
2684 _smb_setlen(header
,nread
);
2685 header_blob
= data_blob_const(header
, 4);
2687 if (SMB_VFS_SENDFILE(smbd_server_fd(), fsp
,
2688 &header_blob
, startpos
, nread
) == -1) {
2689 /* Returning ENOSYS means no data at all was sent.
2690 * Do this as a normal read. */
2691 if (errno
== ENOSYS
) {
2692 goto normal_readbraw
;
2696 * Special hack for broken Linux with no working sendfile. If we
2697 * return EINTR we sent the header but not the rest of the data.
2698 * Fake this up by doing read/write calls.
2700 if (errno
== EINTR
) {
2701 /* Ensure we don't do this again. */
2702 set_use_sendfile(SNUM(conn
), False
);
2703 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2705 if (fake_sendfile(fsp
, startpos
, nread
) == -1) {
2706 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2707 fsp
->fsp_name
, strerror(errno
) ));
2708 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2713 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2714 fsp
->fsp_name
, strerror(errno
) ));
2715 exit_server_cleanly("send_file_readbraw sendfile failed");
2724 outbuf
= TALLOC_ARRAY(NULL
, char, nread
+4);
2726 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2727 (unsigned)(nread
+4)));
2728 reply_readbraw_error();
2733 ret
= read_file(fsp
,outbuf
+4,startpos
,nread
);
2734 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2743 _smb_setlen(outbuf
,ret
);
2744 if (write_data(smbd_server_fd(),outbuf
,4+ret
) != 4+ret
)
2747 TALLOC_FREE(outbuf
);
2750 /****************************************************************************
2751 Reply to a readbraw (core+ protocol).
2752 ****************************************************************************/
2754 void reply_readbraw(struct smb_request
*req
)
2756 connection_struct
*conn
= req
->conn
;
2757 ssize_t maxcount
,mincount
;
2764 START_PROFILE(SMBreadbraw
);
2766 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
2767 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2768 "raw reads/writes are disallowed.");
2772 reply_readbraw_error();
2773 END_PROFILE(SMBreadbraw
);
2778 * Special check if an oplock break has been issued
2779 * and the readraw request croses on the wire, we must
2780 * return a zero length response here.
2783 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
2786 * We have to do a check_fsp by hand here, as
2787 * we must always return 4 zero bytes on error,
2791 if (!fsp
|| !conn
|| conn
!= fsp
->conn
||
2792 current_user
.vuid
!= fsp
->vuid
||
2793 fsp
->is_directory
|| fsp
->fh
->fd
== -1) {
2795 * fsp could be NULL here so use the value from the packet. JRA.
2797 DEBUG(3,("reply_readbraw: fnum %d not valid "
2799 (int)SVAL(req
->inbuf
,smb_vwv0
)));
2800 reply_readbraw_error();
2801 END_PROFILE(SMBreadbraw
);
2805 /* Do a "by hand" version of CHECK_READ. */
2806 if (!(fsp
->can_read
||
2807 ((req
->flags2
& FLAGS2_READ_PERMIT_EXECUTE
) &&
2808 (fsp
->access_mask
& FILE_EXECUTE
)))) {
2809 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2810 (int)SVAL(req
->inbuf
,smb_vwv0
)));
2811 reply_readbraw_error();
2812 END_PROFILE(SMBreadbraw
);
2816 flush_write_cache(fsp
, READRAW_FLUSH
);
2818 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv1
);
2819 if(req
->wct
== 10) {
2821 * This is a large offset (64 bit) read.
2823 #ifdef LARGE_SMB_OFF_T
2825 startpos
|= (((SMB_OFF_T
)IVAL(req
->inbuf
,smb_vwv8
)) << 32);
2827 #else /* !LARGE_SMB_OFF_T */
2830 * Ensure we haven't been sent a >32 bit offset.
2833 if(IVAL(req
->inbuf
,smb_vwv8
) != 0) {
2834 DEBUG(0,("reply_readbraw: large offset "
2835 "(%x << 32) used and we don't support "
2836 "64 bit offsets.\n",
2837 (unsigned int)IVAL(req
->inbuf
,smb_vwv8
) ));
2838 reply_readbraw_error();
2839 END_PROFILE(SMBreadbraw
);
2843 #endif /* LARGE_SMB_OFF_T */
2846 DEBUG(0,("reply_readbraw: negative 64 bit "
2847 "readraw offset (%.0f) !\n",
2848 (double)startpos
));
2849 reply_readbraw_error();
2850 END_PROFILE(SMBreadbraw
);
2855 maxcount
= (SVAL(req
->inbuf
,smb_vwv3
) & 0xFFFF);
2856 mincount
= (SVAL(req
->inbuf
,smb_vwv4
) & 0xFFFF);
2858 /* ensure we don't overrun the packet size */
2859 maxcount
= MIN(65535,maxcount
);
2861 if (is_locked(fsp
,(uint32
)req
->smbpid
,
2862 (SMB_BIG_UINT
)maxcount
,
2863 (SMB_BIG_UINT
)startpos
,
2865 reply_readbraw_error();
2866 END_PROFILE(SMBreadbraw
);
2870 if (SMB_VFS_FSTAT(fsp
, &st
) == 0) {
2874 if (startpos
>= size
) {
2877 nread
= MIN(maxcount
,(size
- startpos
));
2880 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2881 if (nread
< mincount
)
2885 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2886 "min=%lu nread=%lu\n",
2887 fsp
->fnum
, (double)startpos
,
2888 (unsigned long)maxcount
,
2889 (unsigned long)mincount
,
2890 (unsigned long)nread
) );
2892 send_file_readbraw(conn
, fsp
, startpos
, nread
, mincount
);
2894 DEBUG(5,("reply_readbraw finished\n"));
2895 END_PROFILE(SMBreadbraw
);
2899 #define DBGC_CLASS DBGC_LOCKING
2901 /****************************************************************************
2902 Reply to a lockread (core+ protocol).
2903 ****************************************************************************/
2905 void reply_lockread(struct smb_request
*req
)
2907 connection_struct
*conn
= req
->conn
;
2914 struct byte_range_lock
*br_lck
= NULL
;
2917 START_PROFILE(SMBlockread
);
2920 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2921 END_PROFILE(SMBlockread
);
2925 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
2927 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
2928 END_PROFILE(SMBlockread
);
2932 if (!CHECK_READ(fsp
,req
->inbuf
)) {
2933 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
2934 END_PROFILE(SMBlockread
);
2938 release_level_2_oplocks_on_change(fsp
);
2940 numtoread
= SVAL(req
->inbuf
,smb_vwv1
);
2941 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
2943 numtoread
= MIN(BUFFER_SIZE
- (smb_size
+ 3*2 + 3), numtoread
);
2945 reply_outbuf(req
, 5, numtoread
+ 3);
2947 data
= smb_buf(req
->outbuf
) + 3;
2950 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2951 * protocol request that predates the read/write lock concept.
2952 * Thus instead of asking for a read lock here we need to ask
2953 * for a write lock. JRA.
2954 * Note that the requested lock size is unaffected by max_recv.
2957 br_lck
= do_lock(smbd_messaging_context(),
2960 (SMB_BIG_UINT
)numtoread
,
2961 (SMB_BIG_UINT
)startpos
,
2964 False
, /* Non-blocking lock. */
2967 TALLOC_FREE(br_lck
);
2969 if (NT_STATUS_V(status
)) {
2970 reply_nterror(req
, status
);
2971 END_PROFILE(SMBlockread
);
2976 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2979 if (numtoread
> max_recv
) {
2980 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2981 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2982 (unsigned int)numtoread
, (unsigned int)max_recv
));
2983 numtoread
= MIN(numtoread
,max_recv
);
2985 nread
= read_file(fsp
,data
,startpos
,numtoread
);
2988 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
2989 END_PROFILE(SMBlockread
);
2993 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
2995 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
2996 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
2997 p
= smb_buf(req
->outbuf
);
2998 SCVAL(p
,0,0); /* pad byte. */
3001 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3002 fsp
->fnum
, (int)numtoread
, (int)nread
));
3004 END_PROFILE(SMBlockread
);
3009 #define DBGC_CLASS DBGC_ALL
3011 /****************************************************************************
3013 ****************************************************************************/
3015 void reply_read(struct smb_request
*req
)
3017 connection_struct
*conn
= req
->conn
;
3025 START_PROFILE(SMBread
);
3028 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3029 END_PROFILE(SMBread
);
3033 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3035 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3036 END_PROFILE(SMBread
);
3040 if (!CHECK_READ(fsp
,req
->inbuf
)) {
3041 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3042 END_PROFILE(SMBread
);
3046 numtoread
= SVAL(req
->inbuf
,smb_vwv1
);
3047 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
3049 numtoread
= MIN(BUFFER_SIZE
-outsize
,numtoread
);
3052 * The requested read size cannot be greater than max_recv. JRA.
3054 if (numtoread
> max_recv
) {
3055 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3056 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3057 (unsigned int)numtoread
, (unsigned int)max_recv
));
3058 numtoread
= MIN(numtoread
,max_recv
);
3061 reply_outbuf(req
, 5, numtoread
+3);
3063 data
= smb_buf(req
->outbuf
) + 3;
3065 if (is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtoread
,
3066 (SMB_BIG_UINT
)startpos
, READ_LOCK
)) {
3067 reply_doserror(req
, ERRDOS
,ERRlock
);
3068 END_PROFILE(SMBread
);
3073 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3076 reply_unixerror(req
, ERRDOS
,ERRnoaccess
);
3077 END_PROFILE(SMBread
);
3081 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3083 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3084 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3085 SCVAL(smb_buf(req
->outbuf
),0,1);
3086 SSVAL(smb_buf(req
->outbuf
),1,nread
);
3088 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3089 fsp
->fnum
, (int)numtoread
, (int)nread
) );
3091 END_PROFILE(SMBread
);
3095 /****************************************************************************
3097 ****************************************************************************/
3099 static int setup_readX_header(char *outbuf
, size_t smb_maxcnt
)
3104 outsize
= srv_set_message(outbuf
,12,smb_maxcnt
,False
);
3105 data
= smb_buf(outbuf
);
3107 memset(outbuf
+smb_vwv0
,'\0',24); /* valgrind init. */
3109 SCVAL(outbuf
,smb_vwv0
,0xFF);
3110 SSVAL(outbuf
,smb_vwv2
,0xFFFF); /* Remaining - must be -1. */
3111 SSVAL(outbuf
,smb_vwv5
,smb_maxcnt
);
3112 SSVAL(outbuf
,smb_vwv6
,smb_offset(data
,outbuf
));
3113 SSVAL(outbuf
,smb_vwv7
,(smb_maxcnt
>> 16));
3114 SSVAL(smb_buf(outbuf
),-2,smb_maxcnt
);
3115 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3116 _smb_setlen_large(outbuf
,(smb_size
+ 12*2 + smb_maxcnt
- 4));
3120 /****************************************************************************
3121 Reply to a read and X - possibly using sendfile.
3122 ****************************************************************************/
3124 static void send_file_readX(connection_struct
*conn
, struct smb_request
*req
,
3125 files_struct
*fsp
, SMB_OFF_T startpos
,
3128 SMB_STRUCT_STAT sbuf
;
3131 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
3132 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3136 if (startpos
> sbuf
.st_size
) {
3138 } else if (smb_maxcnt
> (sbuf
.st_size
- startpos
)) {
3139 smb_maxcnt
= (sbuf
.st_size
- startpos
);
3142 if (smb_maxcnt
== 0) {
3146 #if defined(WITH_SENDFILE)
3148 * We can only use sendfile on a non-chained packet
3149 * but we can use on a non-oplocked file. tridge proved this
3150 * on a train in Germany :-). JRA.
3153 if ((chain_size
== 0) && (CVAL(req
->inbuf
,smb_vwv0
) == 0xFF) &&
3154 !is_encrypted_packet(req
->inbuf
) && (fsp
->base_fsp
== NULL
) &&
3155 lp_use_sendfile(SNUM(conn
)) && (fsp
->wcp
== NULL
) ) {
3156 uint8 headerbuf
[smb_size
+ 12 * 2];
3160 * Set up the packet header before send. We
3161 * assume here the sendfile will work (get the
3162 * correct amount of data).
3165 header
= data_blob_const(headerbuf
, sizeof(headerbuf
));
3167 construct_reply_common((char *)req
->inbuf
, (char *)headerbuf
);
3168 setup_readX_header((char *)headerbuf
, smb_maxcnt
);
3170 if ((nread
= SMB_VFS_SENDFILE(smbd_server_fd(), fsp
, &header
, startpos
, smb_maxcnt
)) == -1) {
3171 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
3172 if (errno
== ENOSYS
) {
3177 * Special hack for broken Linux with no working sendfile. If we
3178 * return EINTR we sent the header but not the rest of the data.
3179 * Fake this up by doing read/write calls.
3182 if (errno
== EINTR
) {
3183 /* Ensure we don't do this again. */
3184 set_use_sendfile(SNUM(conn
), False
);
3185 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3186 nread
= fake_sendfile(fsp
, startpos
,
3189 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3190 fsp
->fsp_name
, strerror(errno
) ));
3191 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3193 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3194 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3195 /* No outbuf here means successful sendfile. */
3196 TALLOC_FREE(req
->outbuf
);
3200 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3201 fsp
->fsp_name
, strerror(errno
) ));
3202 exit_server_cleanly("send_file_readX sendfile failed");
3205 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3206 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3207 /* No outbuf here means successful sendfile. */
3208 TALLOC_FREE(req
->outbuf
);
3215 if ((smb_maxcnt
& 0xFF0000) > 0x10000) {
3216 uint8 headerbuf
[smb_size
+ 2*12];
3218 construct_reply_common((char *)req
->inbuf
, (char *)headerbuf
);
3219 setup_readX_header((char *)headerbuf
, smb_maxcnt
);
3221 /* Send out the header. */
3222 if (write_data(smbd_server_fd(), (char *)headerbuf
,
3223 sizeof(headerbuf
)) != sizeof(headerbuf
)) {
3224 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3225 fsp
->fsp_name
, strerror(errno
) ));
3226 exit_server_cleanly("send_file_readX sendfile failed");
3228 nread
= fake_sendfile(fsp
, startpos
, smb_maxcnt
);
3230 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3231 fsp
->fsp_name
, strerror(errno
) ));
3232 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3234 TALLOC_FREE(req
->outbuf
);
3237 reply_outbuf(req
, 12, smb_maxcnt
);
3239 nread
= read_file(fsp
, smb_buf(req
->outbuf
), startpos
,
3242 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3246 setup_readX_header((char *)req
->outbuf
, nread
);
3248 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3249 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3257 /****************************************************************************
3258 Reply to a read and X.
3259 ****************************************************************************/
3261 void reply_read_and_X(struct smb_request
*req
)
3263 connection_struct
*conn
= req
->conn
;
3267 bool big_readX
= False
;
3269 size_t smb_mincnt
= SVAL(req
->inbuf
,smb_vwv6
);
3272 START_PROFILE(SMBreadX
);
3274 if ((req
->wct
!= 10) && (req
->wct
!= 12)) {
3275 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3279 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv2
));
3280 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv3
);
3281 smb_maxcnt
= SVAL(req
->inbuf
,smb_vwv5
);
3283 /* If it's an IPC, pass off the pipe handler. */
3285 reply_pipe_read_and_X(req
);
3286 END_PROFILE(SMBreadX
);
3290 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3291 END_PROFILE(SMBreadX
);
3295 if (!CHECK_READ(fsp
,req
->inbuf
)) {
3296 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3297 END_PROFILE(SMBreadX
);
3301 if (global_client_caps
& CAP_LARGE_READX
) {
3302 size_t upper_size
= SVAL(req
->inbuf
,smb_vwv7
);
3303 smb_maxcnt
|= (upper_size
<<16);
3304 if (upper_size
> 1) {
3305 /* Can't do this on a chained packet. */
3306 if ((CVAL(req
->inbuf
,smb_vwv0
) != 0xFF)) {
3307 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3308 END_PROFILE(SMBreadX
);
3311 /* We currently don't do this on signed or sealed data. */
3312 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
3313 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3314 END_PROFILE(SMBreadX
);
3317 /* Is there room in the reply for this data ? */
3318 if (smb_maxcnt
> (0xFFFFFF - (smb_size
-4 + 12*2))) {
3320 NT_STATUS_INVALID_PARAMETER
);
3321 END_PROFILE(SMBreadX
);
3328 if (req
->wct
== 12) {
3329 #ifdef LARGE_SMB_OFF_T
3331 * This is a large offset (64 bit) read.
3333 startpos
|= (((SMB_OFF_T
)IVAL(req
->inbuf
,smb_vwv10
)) << 32);
3335 #else /* !LARGE_SMB_OFF_T */
3338 * Ensure we haven't been sent a >32 bit offset.
3341 if(IVAL(req
->inbuf
,smb_vwv10
) != 0) {
3342 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3343 "used and we don't support 64 bit offsets.\n",
3344 (unsigned int)IVAL(req
->inbuf
,smb_vwv10
) ));
3345 END_PROFILE(SMBreadX
);
3346 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3350 #endif /* LARGE_SMB_OFF_T */
3354 if (is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)smb_maxcnt
,
3355 (SMB_BIG_UINT
)startpos
, READ_LOCK
)) {
3356 END_PROFILE(SMBreadX
);
3357 reply_doserror(req
, ERRDOS
, ERRlock
);
3362 schedule_aio_read_and_X(conn
, req
, fsp
, startpos
, smb_maxcnt
)) {
3363 END_PROFILE(SMBreadX
);
3367 send_file_readX(conn
, req
, fsp
, startpos
, smb_maxcnt
);
3369 END_PROFILE(SMBreadX
);
3373 /****************************************************************************
3374 Error replies to writebraw must have smb_wct == 1. Fix this up.
3375 ****************************************************************************/
3377 void error_to_writebrawerr(struct smb_request
*req
)
3379 uint8
*old_outbuf
= req
->outbuf
;
3381 reply_outbuf(req
, 1, 0);
3383 memcpy(req
->outbuf
, old_outbuf
, smb_size
);
3384 TALLOC_FREE(old_outbuf
);
3387 /****************************************************************************
3388 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3389 ****************************************************************************/
3391 void reply_writebraw(struct smb_request
*req
)
3393 connection_struct
*conn
= req
->conn
;
3396 ssize_t total_written
=0;
3397 size_t numtowrite
=0;
3405 START_PROFILE(SMBwritebraw
);
3408 * If we ever reply with an error, it must have the SMB command
3409 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3412 SCVAL(req
->inbuf
,smb_com
,SMBwritec
);
3414 if (srv_is_signing_active()) {
3415 END_PROFILE(SMBwritebraw
);
3416 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3417 "raw reads/writes are disallowed.");
3420 if (req
->wct
< 12) {
3421 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3422 error_to_writebrawerr(req
);
3423 END_PROFILE(SMBwritebraw
);
3427 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3428 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3429 error_to_writebrawerr(req
);
3430 END_PROFILE(SMBwritebraw
);
3434 if (!CHECK_WRITE(fsp
)) {
3435 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3436 error_to_writebrawerr(req
);
3437 END_PROFILE(SMBwritebraw
);
3441 tcount
= IVAL(req
->inbuf
,smb_vwv1
);
3442 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv3
);
3443 write_through
= BITSETW(req
->inbuf
+smb_vwv7
,0);
3445 /* We have to deal with slightly different formats depending
3446 on whether we are using the core+ or lanman1.0 protocol */
3448 if(Protocol
<= PROTOCOL_COREPLUS
) {
3449 numtowrite
= SVAL(smb_buf(req
->inbuf
),-2);
3450 data
= smb_buf(req
->inbuf
);
3452 numtowrite
= SVAL(req
->inbuf
,smb_vwv10
);
3453 data
= smb_base(req
->inbuf
) + SVAL(req
->inbuf
, smb_vwv11
);
3456 /* Ensure we don't write bytes past the end of this packet. */
3457 if (data
+ numtowrite
> smb_base(req
->inbuf
) + smb_len(req
->inbuf
)) {
3458 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3459 error_to_writebrawerr(req
);
3460 END_PROFILE(SMBwritebraw
);
3464 if (is_locked(fsp
,(uint32
)req
->smbpid
,(SMB_BIG_UINT
)tcount
,
3465 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
3466 reply_doserror(req
, ERRDOS
, ERRlock
);
3467 error_to_writebrawerr(req
);
3468 END_PROFILE(SMBwritebraw
);
3473 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3476 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3477 "wrote=%d sync=%d\n",
3478 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3479 (int)nwritten
, (int)write_through
));
3481 if (nwritten
< (ssize_t
)numtowrite
) {
3482 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3483 error_to_writebrawerr(req
);
3484 END_PROFILE(SMBwritebraw
);
3488 total_written
= nwritten
;
3490 /* Allocate a buffer of 64k + length. */
3491 buf
= TALLOC_ARRAY(NULL
, char, 65540);
3493 reply_doserror(req
, ERRDOS
, ERRnomem
);
3494 error_to_writebrawerr(req
);
3495 END_PROFILE(SMBwritebraw
);
3499 /* Return a SMBwritebraw message to the redirector to tell
3500 * it to send more bytes */
3502 memcpy(buf
, req
->inbuf
, smb_size
);
3503 srv_set_message(buf
,Protocol
>PROTOCOL_COREPLUS
?1:0,0,True
);
3504 SCVAL(buf
,smb_com
,SMBwritebraw
);
3505 SSVALS(buf
,smb_vwv0
,0xFFFF);
3507 if (!srv_send_smb(smbd_server_fd(),
3509 IS_CONN_ENCRYPTED(conn
))) {
3510 exit_server_cleanly("reply_writebraw: srv_send_smb "
3514 /* Now read the raw data into the buffer and write it */
3515 status
= read_smb_length(smbd_server_fd(), buf
, SMB_SECONDARY_WAIT
,
3517 if (!NT_STATUS_IS_OK(status
)) {
3518 exit_server_cleanly("secondary writebraw failed");
3521 /* Set up outbuf to return the correct size */
3522 reply_outbuf(req
, 1, 0);
3524 if (numtowrite
!= 0) {
3526 if (numtowrite
> 0xFFFF) {
3527 DEBUG(0,("reply_writebraw: Oversize secondary write "
3528 "raw requested (%u). Terminating\n",
3529 (unsigned int)numtowrite
));
3530 exit_server_cleanly("secondary writebraw failed");
3533 if (tcount
> nwritten
+numtowrite
) {
3534 DEBUG(3,("reply_writebraw: Client overestimated the "
3536 (int)tcount
,(int)nwritten
,(int)numtowrite
));
3539 status
= read_data(smbd_server_fd(), buf
+4, numtowrite
);
3541 if (!NT_STATUS_IS_OK(status
)) {
3542 DEBUG(0,("reply_writebraw: Oversize secondary write "
3543 "raw read failed (%s). Terminating\n",
3544 nt_errstr(status
)));
3545 exit_server_cleanly("secondary writebraw failed");
3548 nwritten
= write_file(req
,fsp
,buf
+4,startpos
+nwritten
,numtowrite
);
3549 if (nwritten
== -1) {
3551 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3552 error_to_writebrawerr(req
);
3553 END_PROFILE(SMBwritebraw
);
3557 if (nwritten
< (ssize_t
)numtowrite
) {
3558 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3559 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3563 total_written
+= nwritten
;
3568 SSVAL(req
->outbuf
,smb_vwv0
,total_written
);
3570 status
= sync_file(conn
, fsp
, write_through
);
3571 if (!NT_STATUS_IS_OK(status
)) {
3572 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3573 fsp
->fsp_name
, nt_errstr(status
) ));
3574 reply_nterror(req
, status
);
3575 error_to_writebrawerr(req
);
3576 END_PROFILE(SMBwritebraw
);
3580 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3582 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3583 (int)total_written
));
3585 /* We won't return a status if write through is not selected - this
3586 * follows what WfWg does */
3587 END_PROFILE(SMBwritebraw
);
3589 if (!write_through
&& total_written
==tcount
) {
3591 #if RABBIT_PELLET_FIX
3593 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3594 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3597 if (!send_keepalive(smbd_server_fd())) {
3598 exit_server_cleanly("reply_writebraw: send of "
3599 "keepalive failed");
3602 TALLOC_FREE(req
->outbuf
);
3608 #define DBGC_CLASS DBGC_LOCKING
3610 /****************************************************************************
3611 Reply to a writeunlock (core+).
3612 ****************************************************************************/
3614 void reply_writeunlock(struct smb_request
*req
)
3616 connection_struct
*conn
= req
->conn
;
3617 ssize_t nwritten
= -1;
3621 NTSTATUS status
= NT_STATUS_OK
;
3624 START_PROFILE(SMBwriteunlock
);
3627 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3628 END_PROFILE(SMBwriteunlock
);
3632 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3634 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3635 END_PROFILE(SMBwriteunlock
);
3639 if (!CHECK_WRITE(fsp
)) {
3640 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3641 END_PROFILE(SMBwriteunlock
);
3645 numtowrite
= SVAL(req
->inbuf
,smb_vwv1
);
3646 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
3647 data
= smb_buf(req
->inbuf
) + 3;
3650 && is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtowrite
,
3651 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
3652 reply_doserror(req
, ERRDOS
, ERRlock
);
3653 END_PROFILE(SMBwriteunlock
);
3657 /* The special X/Open SMB protocol handling of
3658 zero length writes is *NOT* done for
3660 if(numtowrite
== 0) {
3663 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3666 status
= sync_file(conn
, fsp
, False
/* write through */);
3667 if (!NT_STATUS_IS_OK(status
)) {
3668 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3669 fsp
->fsp_name
, nt_errstr(status
) ));
3670 reply_nterror(req
, status
);
3671 END_PROFILE(SMBwriteunlock
);
3675 if(((nwritten
< numtowrite
) && (numtowrite
!= 0))||(nwritten
< 0)) {
3676 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3677 END_PROFILE(SMBwriteunlock
);
3682 status
= do_unlock(smbd_messaging_context(),
3685 (SMB_BIG_UINT
)numtowrite
,
3686 (SMB_BIG_UINT
)startpos
,
3689 if (NT_STATUS_V(status
)) {
3690 reply_nterror(req
, status
);
3691 END_PROFILE(SMBwriteunlock
);
3696 reply_outbuf(req
, 1, 0);
3698 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3700 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3701 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3703 END_PROFILE(SMBwriteunlock
);
3708 #define DBGC_CLASS DBGC_ALL
3710 /****************************************************************************
3712 ****************************************************************************/
3714 void reply_write(struct smb_request
*req
)
3716 connection_struct
*conn
= req
->conn
;
3718 ssize_t nwritten
= -1;
3724 START_PROFILE(SMBwrite
);
3727 END_PROFILE(SMBwrite
);
3728 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3732 /* If it's an IPC, pass off the pipe handler. */
3734 reply_pipe_write(req
);
3735 END_PROFILE(SMBwrite
);
3739 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3741 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3742 END_PROFILE(SMBwrite
);
3746 if (!CHECK_WRITE(fsp
)) {
3747 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3748 END_PROFILE(SMBwrite
);
3752 numtowrite
= SVAL(req
->inbuf
,smb_vwv1
);
3753 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
3754 data
= smb_buf(req
->inbuf
) + 3;
3756 if (is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtowrite
,
3757 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
3758 reply_doserror(req
, ERRDOS
, ERRlock
);
3759 END_PROFILE(SMBwrite
);
3764 * X/Open SMB protocol says that if smb_vwv1 is
3765 * zero then the file size should be extended or
3766 * truncated to the size given in smb_vwv[2-3].
3769 if(numtowrite
== 0) {
3771 * This is actually an allocate call, and set EOF. JRA.
3773 nwritten
= vfs_allocate_file_space(fsp
, (SMB_OFF_T
)startpos
);
3775 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3776 END_PROFILE(SMBwrite
);
3779 nwritten
= vfs_set_filelen(fsp
, (SMB_OFF_T
)startpos
);
3781 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3782 END_PROFILE(SMBwrite
);
3786 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3788 status
= sync_file(conn
, fsp
, False
);
3789 if (!NT_STATUS_IS_OK(status
)) {
3790 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3791 fsp
->fsp_name
, nt_errstr(status
) ));
3792 reply_nterror(req
, status
);
3793 END_PROFILE(SMBwrite
);
3797 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
3798 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3799 END_PROFILE(SMBwrite
);
3803 reply_outbuf(req
, 1, 0);
3805 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3807 if (nwritten
< (ssize_t
)numtowrite
) {
3808 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3809 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3812 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3814 END_PROFILE(SMBwrite
);
3818 /****************************************************************************
3819 Ensure a buffer is a valid writeX for recvfile purposes.
3820 ****************************************************************************/
3822 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3823 (2*14) + /* word count (including bcc) */ \
3826 bool is_valid_writeX_buffer(const uint8_t *inbuf
)
3829 connection_struct
*conn
= NULL
;
3830 unsigned int doff
= 0;
3831 size_t len
= smb_len_large(inbuf
);
3833 if (is_encrypted_packet(inbuf
)) {
3834 /* Can't do this on encrypted
3839 if (CVAL(inbuf
,smb_com
) != SMBwriteX
) {
3843 if (CVAL(inbuf
,smb_vwv0
) != 0xFF ||
3844 CVAL(inbuf
,smb_wct
) != 14) {
3845 DEBUG(10,("is_valid_writeX_buffer: chained or "
3846 "invalid word length.\n"));
3850 conn
= conn_find(SVAL(inbuf
, smb_tid
));
3852 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
3856 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
3859 doff
= SVAL(inbuf
,smb_vwv11
);
3861 numtowrite
= SVAL(inbuf
,smb_vwv10
);
3863 if (len
> doff
&& len
- doff
> 0xFFFF) {
3864 numtowrite
|= (((size_t)SVAL(inbuf
,smb_vwv9
))<<16);
3867 if (numtowrite
== 0) {
3868 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
3872 /* Ensure the sizes match up. */
3873 if (doff
< STANDARD_WRITE_AND_X_HEADER_SIZE
) {
3874 /* no pad byte...old smbclient :-( */
3875 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
3877 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE
));
3881 if (len
- doff
!= numtowrite
) {
3882 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
3883 "len = %u, doff = %u, numtowrite = %u\n",
3886 (unsigned int)numtowrite
));
3890 DEBUG(10,("is_valid_writeX_buffer: true "
3891 "len = %u, doff = %u, numtowrite = %u\n",
3894 (unsigned int)numtowrite
));
3899 /****************************************************************************
3900 Reply to a write and X.
3901 ****************************************************************************/
3903 void reply_write_and_X(struct smb_request
*req
)
3905 connection_struct
*conn
= req
->conn
;
3911 unsigned int smb_doff
;
3912 unsigned int smblen
;
3916 START_PROFILE(SMBwriteX
);
3918 if ((req
->wct
!= 12) && (req
->wct
!= 14)) {
3919 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3920 END_PROFILE(SMBwriteX
);
3924 numtowrite
= SVAL(req
->inbuf
,smb_vwv10
);
3925 smb_doff
= SVAL(req
->inbuf
,smb_vwv11
);
3926 smblen
= smb_len(req
->inbuf
);
3928 if (req
->unread_bytes
> 0xFFFF ||
3929 (smblen
> smb_doff
&&
3930 smblen
- smb_doff
> 0xFFFF)) {
3931 numtowrite
|= (((size_t)SVAL(req
->inbuf
,smb_vwv9
))<<16);
3934 if (req
->unread_bytes
) {
3935 /* Can't do a recvfile write on IPC$ */
3937 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3938 END_PROFILE(SMBwriteX
);
3941 if (numtowrite
!= req
->unread_bytes
) {
3942 reply_doserror(req
, ERRDOS
, ERRbadmem
);
3943 END_PROFILE(SMBwriteX
);
3947 if (smb_doff
> smblen
|| smb_doff
+ numtowrite
< numtowrite
||
3948 smb_doff
+ numtowrite
> smblen
) {
3949 reply_doserror(req
, ERRDOS
, ERRbadmem
);
3950 END_PROFILE(SMBwriteX
);
3955 /* If it's an IPC, pass off the pipe handler. */
3957 if (req
->unread_bytes
) {
3958 reply_doserror(req
, ERRDOS
, ERRbadmem
);
3959 END_PROFILE(SMBwriteX
);
3962 reply_pipe_write_and_X(req
);
3963 END_PROFILE(SMBwriteX
);
3967 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv2
));
3968 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv3
);
3969 write_through
= BITSETW(req
->inbuf
+smb_vwv7
,0);
3971 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3972 END_PROFILE(SMBwriteX
);
3976 if (!CHECK_WRITE(fsp
)) {
3977 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3978 END_PROFILE(SMBwriteX
);
3982 data
= smb_base(req
->inbuf
) + smb_doff
;
3984 if(req
->wct
== 14) {
3985 #ifdef LARGE_SMB_OFF_T
3987 * This is a large offset (64 bit) write.
3989 startpos
|= (((SMB_OFF_T
)IVAL(req
->inbuf
,smb_vwv12
)) << 32);
3991 #else /* !LARGE_SMB_OFF_T */
3994 * Ensure we haven't been sent a >32 bit offset.
3997 if(IVAL(req
->inbuf
,smb_vwv12
) != 0) {
3998 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
3999 "used and we don't support 64 bit offsets.\n",
4000 (unsigned int)IVAL(req
->inbuf
,smb_vwv12
) ));
4001 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4002 END_PROFILE(SMBwriteX
);
4006 #endif /* LARGE_SMB_OFF_T */
4009 if (is_locked(fsp
,(uint32
)req
->smbpid
,
4010 (SMB_BIG_UINT
)numtowrite
,
4011 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
4012 reply_doserror(req
, ERRDOS
, ERRlock
);
4013 END_PROFILE(SMBwriteX
);
4017 /* X/Open SMB protocol says that, unlike SMBwrite
4018 if the length is zero then NO truncation is
4019 done, just a write of zero. To truncate a file,
4022 if(numtowrite
== 0) {
4026 if ((req
->unread_bytes
== 0) &&
4027 schedule_aio_write_and_X(conn
, req
, fsp
, data
, startpos
,
4029 END_PROFILE(SMBwriteX
);
4033 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4036 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4037 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
4038 END_PROFILE(SMBwriteX
);
4042 reply_outbuf(req
, 6, 0);
4043 SSVAL(req
->outbuf
,smb_vwv2
,nwritten
);
4044 SSVAL(req
->outbuf
,smb_vwv4
,nwritten
>>16);
4046 if (nwritten
< (ssize_t
)numtowrite
) {
4047 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
4048 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
4051 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4052 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
4054 status
= sync_file(conn
, fsp
, write_through
);
4055 if (!NT_STATUS_IS_OK(status
)) {
4056 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4057 fsp
->fsp_name
, nt_errstr(status
) ));
4058 reply_nterror(req
, status
);
4059 END_PROFILE(SMBwriteX
);
4063 END_PROFILE(SMBwriteX
);
4068 /****************************************************************************
4070 ****************************************************************************/
4072 void reply_lseek(struct smb_request
*req
)
4074 connection_struct
*conn
= req
->conn
;
4080 START_PROFILE(SMBlseek
);
4083 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4084 END_PROFILE(SMBlseek
);
4088 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4090 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4094 flush_write_cache(fsp
, SEEK_FLUSH
);
4096 mode
= SVAL(req
->inbuf
,smb_vwv1
) & 3;
4097 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4098 startpos
= (SMB_OFF_T
)IVALS(req
->inbuf
,smb_vwv2
);
4107 res
= fsp
->fh
->pos
+ startpos
;
4118 if (umode
== SEEK_END
) {
4119 if((res
= SMB_VFS_LSEEK(fsp
,startpos
,umode
)) == -1) {
4120 if(errno
== EINVAL
) {
4121 SMB_OFF_T current_pos
= startpos
;
4122 SMB_STRUCT_STAT sbuf
;
4124 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
4125 reply_unixerror(req
, ERRDOS
,
4127 END_PROFILE(SMBlseek
);
4131 current_pos
+= sbuf
.st_size
;
4133 res
= SMB_VFS_LSEEK(fsp
,0,SEEK_SET
);
4138 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
4139 END_PROFILE(SMBlseek
);
4146 reply_outbuf(req
, 2, 0);
4147 SIVAL(req
->outbuf
,smb_vwv0
,res
);
4149 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4150 fsp
->fnum
, (double)startpos
, (double)res
, mode
));
4152 END_PROFILE(SMBlseek
);
4156 /****************************************************************************
4158 ****************************************************************************/
4160 void reply_flush(struct smb_request
*req
)
4162 connection_struct
*conn
= req
->conn
;
4166 START_PROFILE(SMBflush
);
4169 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4173 fnum
= SVAL(req
->inbuf
,smb_vwv0
);
4174 fsp
= file_fsp(fnum
);
4176 if ((fnum
!= 0xFFFF) && !check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4181 file_sync_all(conn
);
4183 NTSTATUS status
= sync_file(conn
, fsp
, True
);
4184 if (!NT_STATUS_IS_OK(status
)) {
4185 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4186 fsp
->fsp_name
, nt_errstr(status
) ));
4187 reply_nterror(req
, status
);
4188 END_PROFILE(SMBflush
);
4193 reply_outbuf(req
, 0, 0);
4195 DEBUG(3,("flush\n"));
4196 END_PROFILE(SMBflush
);
4200 /****************************************************************************
4202 conn POINTER CAN BE NULL HERE !
4203 ****************************************************************************/
4205 void reply_exit(struct smb_request
*req
)
4207 START_PROFILE(SMBexit
);
4209 file_close_pid(req
->smbpid
, req
->vuid
);
4211 reply_outbuf(req
, 0, 0);
4213 DEBUG(3,("exit\n"));
4215 END_PROFILE(SMBexit
);
4219 /****************************************************************************
4220 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4221 ****************************************************************************/
4223 void reply_close(struct smb_request
*req
)
4225 connection_struct
*conn
= req
->conn
;
4226 NTSTATUS status
= NT_STATUS_OK
;
4227 files_struct
*fsp
= NULL
;
4228 START_PROFILE(SMBclose
);
4231 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4232 END_PROFILE(SMBclose
);
4236 /* If it's an IPC, pass off to the pipe handler. */
4238 reply_pipe_close(conn
, req
);
4239 END_PROFILE(SMBclose
);
4243 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4246 * We can only use CHECK_FSP if we know it's not a directory.
4249 if(!fsp
|| (fsp
->conn
!= conn
) || (fsp
->vuid
!= current_user
.vuid
)) {
4250 reply_doserror(req
, ERRDOS
, ERRbadfid
);
4251 END_PROFILE(SMBclose
);
4255 if(fsp
->is_directory
) {
4257 * Special case - close NT SMB directory handle.
4259 DEBUG(3,("close directory fnum=%d\n", fsp
->fnum
));
4260 status
= close_file(fsp
,NORMAL_CLOSE
);
4264 * Close ordinary file.
4267 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4268 fsp
->fh
->fd
, fsp
->fnum
,
4269 conn
->num_files_open
));
4272 * Take care of any time sent in the close.
4275 t
= srv_make_unix_date3(req
->inbuf
+smb_vwv1
);
4276 set_close_write_time(fsp
, convert_time_t_to_timespec(t
));
4279 * close_file() returns the unix errno if an error
4280 * was detected on close - normally this is due to
4281 * a disk full error. If not then it was probably an I/O error.
4284 status
= close_file(fsp
,NORMAL_CLOSE
);
4287 if (!NT_STATUS_IS_OK(status
)) {
4288 reply_nterror(req
, status
);
4289 END_PROFILE(SMBclose
);
4293 reply_outbuf(req
, 0, 0);
4294 END_PROFILE(SMBclose
);
4298 /****************************************************************************
4299 Reply to a writeclose (Core+ protocol).
4300 ****************************************************************************/
4302 void reply_writeclose(struct smb_request
*req
)
4304 connection_struct
*conn
= req
->conn
;
4306 ssize_t nwritten
= -1;
4307 NTSTATUS close_status
= NT_STATUS_OK
;
4310 struct timespec mtime
;
4313 START_PROFILE(SMBwriteclose
);
4316 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4317 END_PROFILE(SMBwriteclose
);
4321 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4323 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4324 END_PROFILE(SMBwriteclose
);
4327 if (!CHECK_WRITE(fsp
)) {
4328 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
4329 END_PROFILE(SMBwriteclose
);
4333 numtowrite
= SVAL(req
->inbuf
,smb_vwv1
);
4334 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
4335 mtime
= convert_time_t_to_timespec(srv_make_unix_date3(
4336 req
->inbuf
+smb_vwv4
));
4337 data
= smb_buf(req
->inbuf
) + 1;
4340 && is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtowrite
,
4341 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
4342 reply_doserror(req
, ERRDOS
,ERRlock
);
4343 END_PROFILE(SMBwriteclose
);
4347 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4349 set_close_write_time(fsp
, mtime
);
4352 * More insanity. W2K only closes the file if writelen > 0.
4357 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4359 close_status
= close_file(fsp
,NORMAL_CLOSE
);
4362 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4363 fsp
->fnum
, (int)numtowrite
, (int)nwritten
,
4364 conn
->num_files_open
));
4366 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4367 reply_doserror(req
, ERRHRD
, ERRdiskfull
);
4368 END_PROFILE(SMBwriteclose
);
4372 if(!NT_STATUS_IS_OK(close_status
)) {
4373 reply_nterror(req
, close_status
);
4374 END_PROFILE(SMBwriteclose
);
4378 reply_outbuf(req
, 1, 0);
4380 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
4381 END_PROFILE(SMBwriteclose
);
4386 #define DBGC_CLASS DBGC_LOCKING
4388 /****************************************************************************
4390 ****************************************************************************/
4392 void reply_lock(struct smb_request
*req
)
4394 connection_struct
*conn
= req
->conn
;
4395 SMB_BIG_UINT count
,offset
;
4398 struct byte_range_lock
*br_lck
= NULL
;
4400 START_PROFILE(SMBlock
);
4403 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4404 END_PROFILE(SMBlock
);
4408 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4410 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4411 END_PROFILE(SMBlock
);
4415 release_level_2_oplocks_on_change(fsp
);
4417 count
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv1
);
4418 offset
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv3
);
4420 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4421 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
));
4423 br_lck
= do_lock(smbd_messaging_context(),
4430 False
, /* Non-blocking lock. */
4434 TALLOC_FREE(br_lck
);
4436 if (NT_STATUS_V(status
)) {
4437 reply_nterror(req
, status
);
4438 END_PROFILE(SMBlock
);
4442 reply_outbuf(req
, 0, 0);
4444 END_PROFILE(SMBlock
);
4448 /****************************************************************************
4450 ****************************************************************************/
4452 void reply_unlock(struct smb_request
*req
)
4454 connection_struct
*conn
= req
->conn
;
4455 SMB_BIG_UINT count
,offset
;
4459 START_PROFILE(SMBunlock
);
4462 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4463 END_PROFILE(SMBunlock
);
4467 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4469 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4470 END_PROFILE(SMBunlock
);
4474 count
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv1
);
4475 offset
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv3
);
4477 status
= do_unlock(smbd_messaging_context(),
4484 if (NT_STATUS_V(status
)) {
4485 reply_nterror(req
, status
);
4486 END_PROFILE(SMBunlock
);
4490 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4491 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
) );
4493 reply_outbuf(req
, 0, 0);
4495 END_PROFILE(SMBunlock
);
4500 #define DBGC_CLASS DBGC_ALL
4502 /****************************************************************************
4504 conn POINTER CAN BE NULL HERE !
4505 ****************************************************************************/
4507 void reply_tdis(struct smb_request
*req
)
4509 connection_struct
*conn
= req
->conn
;
4510 START_PROFILE(SMBtdis
);
4513 DEBUG(4,("Invalid connection in tdis\n"));
4514 reply_doserror(req
, ERRSRV
, ERRinvnid
);
4515 END_PROFILE(SMBtdis
);
4521 close_cnum(conn
,req
->vuid
);
4524 reply_outbuf(req
, 0, 0);
4525 END_PROFILE(SMBtdis
);
4529 /****************************************************************************
4531 conn POINTER CAN BE NULL HERE !
4532 ****************************************************************************/
4534 void reply_echo(struct smb_request
*req
)
4536 connection_struct
*conn
= req
->conn
;
4539 unsigned int data_len
= smb_buflen(req
->inbuf
);
4541 START_PROFILE(SMBecho
);
4544 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4545 END_PROFILE(SMBecho
);
4549 if (data_len
> BUFFER_SIZE
) {
4550 DEBUG(0,("reply_echo: data_len too large.\n"));
4551 reply_nterror(req
, NT_STATUS_INSUFFICIENT_RESOURCES
);
4552 END_PROFILE(SMBecho
);
4556 smb_reverb
= SVAL(req
->inbuf
,smb_vwv0
);
4558 reply_outbuf(req
, 1, data_len
);
4560 /* copy any incoming data back out */
4562 memcpy(smb_buf(req
->outbuf
),smb_buf(req
->inbuf
),data_len
);
4565 if (smb_reverb
> 100) {
4566 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb
));
4570 for (seq_num
=1 ; seq_num
<= smb_reverb
; seq_num
++) {
4571 SSVAL(req
->outbuf
,smb_vwv0
,seq_num
);
4573 show_msg((char *)req
->outbuf
);
4574 if (!srv_send_smb(smbd_server_fd(),
4575 (char *)req
->outbuf
,
4576 IS_CONN_ENCRYPTED(conn
)||req
->encrypted
))
4577 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4580 DEBUG(3,("echo %d times\n", smb_reverb
));
4582 TALLOC_FREE(req
->outbuf
);
4586 END_PROFILE(SMBecho
);
4590 /****************************************************************************
4591 Reply to a printopen.
4592 ****************************************************************************/
4594 void reply_printopen(struct smb_request
*req
)
4596 connection_struct
*conn
= req
->conn
;
4600 START_PROFILE(SMBsplopen
);
4603 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4604 END_PROFILE(SMBsplopen
);
4608 if (!CAN_PRINT(conn
)) {
4609 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4610 END_PROFILE(SMBsplopen
);
4614 /* Open for exclusive use, write only. */
4615 status
= print_fsp_open(conn
, NULL
, &fsp
);
4617 if (!NT_STATUS_IS_OK(status
)) {
4618 reply_nterror(req
, status
);
4619 END_PROFILE(SMBsplopen
);
4623 reply_outbuf(req
, 1, 0);
4624 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
4626 DEBUG(3,("openprint fd=%d fnum=%d\n",
4627 fsp
->fh
->fd
, fsp
->fnum
));
4629 END_PROFILE(SMBsplopen
);
4633 /****************************************************************************
4634 Reply to a printclose.
4635 ****************************************************************************/
4637 void reply_printclose(struct smb_request
*req
)
4639 connection_struct
*conn
= req
->conn
;
4643 START_PROFILE(SMBsplclose
);
4646 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4647 END_PROFILE(SMBsplclose
);
4651 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4653 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4654 END_PROFILE(SMBsplclose
);
4658 if (!CAN_PRINT(conn
)) {
4659 reply_nterror(req
, NT_STATUS_DOS(ERRSRV
, ERRerror
));
4660 END_PROFILE(SMBsplclose
);
4664 DEBUG(3,("printclose fd=%d fnum=%d\n",
4665 fsp
->fh
->fd
,fsp
->fnum
));
4667 status
= close_file(fsp
,NORMAL_CLOSE
);
4669 if(!NT_STATUS_IS_OK(status
)) {
4670 reply_nterror(req
, status
);
4671 END_PROFILE(SMBsplclose
);
4675 END_PROFILE(SMBsplclose
);
4679 /****************************************************************************
4680 Reply to a printqueue.
4681 ****************************************************************************/
4683 void reply_printqueue(struct smb_request
*req
)
4685 connection_struct
*conn
= req
->conn
;
4689 START_PROFILE(SMBsplretq
);
4692 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4693 END_PROFILE(SMBsplretq
);
4697 max_count
= SVAL(req
->inbuf
,smb_vwv0
);
4698 start_index
= SVAL(req
->inbuf
,smb_vwv1
);
4700 /* we used to allow the client to get the cnum wrong, but that
4701 is really quite gross and only worked when there was only
4702 one printer - I think we should now only accept it if they
4703 get it right (tridge) */
4704 if (!CAN_PRINT(conn
)) {
4705 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4706 END_PROFILE(SMBsplretq
);
4710 reply_outbuf(req
, 2, 3);
4711 SSVAL(req
->outbuf
,smb_vwv0
,0);
4712 SSVAL(req
->outbuf
,smb_vwv1
,0);
4713 SCVAL(smb_buf(req
->outbuf
),0,1);
4714 SSVAL(smb_buf(req
->outbuf
),1,0);
4716 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4717 start_index
, max_count
));
4720 print_queue_struct
*queue
= NULL
;
4721 print_status_struct status
;
4722 int count
= print_queue_status(SNUM(conn
), &queue
, &status
);
4723 int num_to_get
= ABS(max_count
);
4724 int first
= (max_count
>0?start_index
:start_index
+max_count
+1);
4730 num_to_get
= MIN(num_to_get
,count
-first
);
4733 for (i
=first
;i
<first
+num_to_get
;i
++) {
4737 srv_put_dos_date2(p
,0,queue
[i
].time
);
4738 SCVAL(p
,4,(queue
[i
].status
==LPQ_PRINTING
?2:3));
4739 SSVAL(p
,5, queue
[i
].job
);
4740 SIVAL(p
,7,queue
[i
].size
);
4742 srvstr_push(blob
, req
->flags2
, p
+12,
4743 queue
[i
].fs_user
, 16, STR_ASCII
);
4745 if (message_push_blob(
4748 blob
, sizeof(blob
))) == -1) {
4749 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
4750 END_PROFILE(SMBsplretq
);
4756 SSVAL(req
->outbuf
,smb_vwv0
,count
);
4757 SSVAL(req
->outbuf
,smb_vwv1
,
4758 (max_count
>0?first
+count
:first
-1));
4759 SCVAL(smb_buf(req
->outbuf
),0,1);
4760 SSVAL(smb_buf(req
->outbuf
),1,28*count
);
4765 DEBUG(3,("%d entries returned in queue\n",count
));
4768 END_PROFILE(SMBsplretq
);
4772 /****************************************************************************
4773 Reply to a printwrite.
4774 ****************************************************************************/
4776 void reply_printwrite(struct smb_request
*req
)
4778 connection_struct
*conn
= req
->conn
;
4783 START_PROFILE(SMBsplwr
);
4786 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4787 END_PROFILE(SMBsplwr
);
4791 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4793 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4794 END_PROFILE(SMBsplwr
);
4798 if (!CAN_PRINT(conn
)) {
4799 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4800 END_PROFILE(SMBsplwr
);
4804 if (!CHECK_WRITE(fsp
)) {
4805 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4806 END_PROFILE(SMBsplwr
);
4810 numtowrite
= SVAL(smb_buf(req
->inbuf
),1);
4812 if (smb_buflen(req
->inbuf
) < numtowrite
+ 3) {
4813 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4814 END_PROFILE(SMBsplwr
);
4818 data
= smb_buf(req
->inbuf
) + 3;
4820 if (write_file(req
,fsp
,data
,-1,numtowrite
) != numtowrite
) {
4821 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
4822 END_PROFILE(SMBsplwr
);
4826 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp
->fnum
, numtowrite
) );
4828 END_PROFILE(SMBsplwr
);
4832 /****************************************************************************
4834 ****************************************************************************/
4836 void reply_mkdir(struct smb_request
*req
)
4838 connection_struct
*conn
= req
->conn
;
4839 char *directory
= NULL
;
4841 SMB_STRUCT_STAT sbuf
;
4842 TALLOC_CTX
*ctx
= talloc_tos();
4844 START_PROFILE(SMBmkdir
);
4846 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &directory
,
4847 smb_buf(req
->inbuf
) + 1, 0,
4848 STR_TERMINATE
, &status
);
4849 if (!NT_STATUS_IS_OK(status
)) {
4850 reply_nterror(req
, status
);
4851 END_PROFILE(SMBmkdir
);
4855 status
= resolve_dfspath(ctx
, conn
,
4856 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
4859 if (!NT_STATUS_IS_OK(status
)) {
4860 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
4861 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
4862 ERRSRV
, ERRbadpath
);
4863 END_PROFILE(SMBmkdir
);
4866 reply_nterror(req
, status
);
4867 END_PROFILE(SMBmkdir
);
4871 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
, NULL
, &sbuf
);
4872 if (!NT_STATUS_IS_OK(status
)) {
4873 reply_nterror(req
, status
);
4874 END_PROFILE(SMBmkdir
);
4878 status
= check_name(conn
, directory
);
4879 if (!NT_STATUS_IS_OK(status
)) {
4880 reply_nterror(req
, status
);
4881 END_PROFILE(SMBmkdir
);
4885 status
= create_directory(conn
, req
, directory
);
4887 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status
)));
4889 if (!NT_STATUS_IS_OK(status
)) {
4891 if (!use_nt_status()
4892 && NT_STATUS_EQUAL(status
,
4893 NT_STATUS_OBJECT_NAME_COLLISION
)) {
4895 * Yes, in the DOS error code case we get a
4896 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4897 * samba4 torture test.
4899 status
= NT_STATUS_DOS(ERRDOS
, ERRnoaccess
);
4902 reply_nterror(req
, status
);
4903 END_PROFILE(SMBmkdir
);
4907 reply_outbuf(req
, 0, 0);
4909 DEBUG( 3, ( "mkdir %s\n", directory
) );
4911 END_PROFILE(SMBmkdir
);
4915 /****************************************************************************
4916 Static function used by reply_rmdir to delete an entire directory
4917 tree recursively. Return True on ok, False on fail.
4918 ****************************************************************************/
4920 static bool recursive_rmdir(TALLOC_CTX
*ctx
,
4921 connection_struct
*conn
,
4924 const char *dname
= NULL
;
4927 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
, directory
,
4933 while((dname
= ReadDirName(dir_hnd
, &offset
))) {
4934 char *fullname
= NULL
;
4937 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
4941 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
4945 /* Construct the full name. */
4946 fullname
= talloc_asprintf(ctx
,
4956 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
4961 if(st
.st_mode
& S_IFDIR
) {
4962 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
4966 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
4970 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
4974 TALLOC_FREE(fullname
);
4976 TALLOC_FREE(dir_hnd
);
4980 /****************************************************************************
4981 The internals of the rmdir code - called elsewhere.
4982 ****************************************************************************/
4984 NTSTATUS
rmdir_internals(TALLOC_CTX
*ctx
,
4985 connection_struct
*conn
,
4986 const char *directory
)
4991 /* Might be a symlink. */
4992 if(SMB_VFS_LSTAT(conn
, directory
, &st
) != 0) {
4993 return map_nt_error_from_unix(errno
);
4996 if (S_ISLNK(st
.st_mode
)) {
4997 /* Is what it points to a directory ? */
4998 if(SMB_VFS_STAT(conn
, directory
, &st
) != 0) {
4999 return map_nt_error_from_unix(errno
);
5001 if (!(S_ISDIR(st
.st_mode
))) {
5002 return NT_STATUS_NOT_A_DIRECTORY
;
5004 ret
= SMB_VFS_UNLINK(conn
,directory
);
5006 ret
= SMB_VFS_RMDIR(conn
,directory
);
5009 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5010 FILE_NOTIFY_CHANGE_DIR_NAME
,
5012 return NT_STATUS_OK
;
5015 if(((errno
== ENOTEMPTY
)||(errno
== EEXIST
)) && lp_veto_files(SNUM(conn
))) {
5017 * Check to see if the only thing in this directory are
5018 * vetoed files/directories. If so then delete them and
5019 * retry. If we fail to delete any of them (and we *don't*
5020 * do a recursive delete) then fail the rmdir.
5024 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
,
5025 directory
, NULL
, 0);
5027 if(dir_hnd
== NULL
) {
5032 while ((dname
= ReadDirName(dir_hnd
,&dirpos
))) {
5033 if((strcmp(dname
, ".") == 0) || (strcmp(dname
, "..")==0))
5035 if (!is_visible_file(conn
, directory
, dname
, &st
, False
))
5037 if(!IS_VETO_PATH(conn
, dname
)) {
5038 TALLOC_FREE(dir_hnd
);
5044 /* We only have veto files/directories. Recursive delete. */
5046 RewindDir(dir_hnd
,&dirpos
);
5047 while ((dname
= ReadDirName(dir_hnd
,&dirpos
))) {
5048 char *fullname
= NULL
;
5050 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5053 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
5057 fullname
= talloc_asprintf(ctx
,
5067 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5070 if(st
.st_mode
& S_IFDIR
) {
5071 if(lp_recursive_veto_delete(SNUM(conn
))) {
5072 if(!recursive_rmdir(ctx
, conn
, fullname
))
5075 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5078 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5081 TALLOC_FREE(fullname
);
5083 TALLOC_FREE(dir_hnd
);
5084 /* Retry the rmdir */
5085 ret
= SMB_VFS_RMDIR(conn
,directory
);
5091 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5092 "%s\n", directory
,strerror(errno
)));
5093 return map_nt_error_from_unix(errno
);
5096 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5097 FILE_NOTIFY_CHANGE_DIR_NAME
,
5100 return NT_STATUS_OK
;
5103 /****************************************************************************
5105 ****************************************************************************/
5107 void reply_rmdir(struct smb_request
*req
)
5109 connection_struct
*conn
= req
->conn
;
5110 char *directory
= NULL
;
5111 SMB_STRUCT_STAT sbuf
;
5113 TALLOC_CTX
*ctx
= talloc_tos();
5115 START_PROFILE(SMBrmdir
);
5117 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &directory
,
5118 smb_buf(req
->inbuf
) + 1, 0,
5119 STR_TERMINATE
, &status
);
5120 if (!NT_STATUS_IS_OK(status
)) {
5121 reply_nterror(req
, status
);
5122 END_PROFILE(SMBrmdir
);
5126 status
= resolve_dfspath(ctx
, conn
,
5127 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5130 if (!NT_STATUS_IS_OK(status
)) {
5131 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5132 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5133 ERRSRV
, ERRbadpath
);
5134 END_PROFILE(SMBrmdir
);
5137 reply_nterror(req
, status
);
5138 END_PROFILE(SMBrmdir
);
5142 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
,
5144 if (!NT_STATUS_IS_OK(status
)) {
5145 reply_nterror(req
, status
);
5146 END_PROFILE(SMBrmdir
);
5150 status
= check_name(conn
, directory
);
5151 if (!NT_STATUS_IS_OK(status
)) {
5152 reply_nterror(req
, status
);
5153 END_PROFILE(SMBrmdir
);
5157 dptr_closepath(directory
, req
->smbpid
);
5158 status
= rmdir_internals(ctx
, conn
, directory
);
5159 if (!NT_STATUS_IS_OK(status
)) {
5160 reply_nterror(req
, status
);
5161 END_PROFILE(SMBrmdir
);
5165 reply_outbuf(req
, 0, 0);
5167 DEBUG( 3, ( "rmdir %s\n", directory
) );
5169 END_PROFILE(SMBrmdir
);
5173 /*******************************************************************
5174 Resolve wildcards in a filename rename.
5175 ********************************************************************/
5177 static bool resolve_wildcards(TALLOC_CTX
*ctx
,
5182 char *name2_copy
= NULL
;
5187 char *p
,*p2
, *pname1
, *pname2
;
5189 name2_copy
= talloc_strdup(ctx
, name2
);
5194 pname1
= strrchr_m(name1
,'/');
5195 pname2
= strrchr_m(name2_copy
,'/');
5197 if (!pname1
|| !pname2
) {
5201 /* Truncate the copy of name2 at the last '/' */
5204 /* Now go past the '/' */
5208 root1
= talloc_strdup(ctx
, pname1
);
5209 root2
= talloc_strdup(ctx
, pname2
);
5211 if (!root1
|| !root2
) {
5215 p
= strrchr_m(root1
,'.');
5218 ext1
= talloc_strdup(ctx
, p
+1);
5220 ext1
= talloc_strdup(ctx
, "");
5222 p
= strrchr_m(root2
,'.');
5225 ext2
= talloc_strdup(ctx
, p
+1);
5227 ext2
= talloc_strdup(ctx
, "");
5230 if (!ext1
|| !ext2
) {
5238 /* Hmmm. Should this be mb-aware ? */
5241 } else if (*p2
== '*') {
5243 root2
= talloc_asprintf(ctx
, "%s%s",
5262 /* Hmmm. Should this be mb-aware ? */
5265 } else if (*p2
== '*') {
5267 ext2
= talloc_asprintf(ctx
, "%s%s",
5283 *pp_newname
= talloc_asprintf(ctx
, "%s/%s.%s",
5288 *pp_newname
= talloc_asprintf(ctx
, "%s/%s",
5300 /****************************************************************************
5301 Ensure open files have their names updated. Updated to notify other smbd's
5303 ****************************************************************************/
5305 static void rename_open_files(connection_struct
*conn
,
5306 struct share_mode_lock
*lck
,
5307 const char *newname
)
5310 bool did_rename
= False
;
5312 for(fsp
= file_find_di_first(lck
->id
); fsp
;
5313 fsp
= file_find_di_next(fsp
)) {
5314 /* fsp_name is a relative path under the fsp. To change this for other
5315 sharepaths we need to manipulate relative paths. */
5316 /* TODO - create the absolute path and manipulate the newname
5317 relative to the sharepath. */
5318 if (!strequal(fsp
->conn
->connectpath
, conn
->connectpath
)) {
5321 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5322 fsp
->fnum
, file_id_string_tos(&fsp
->file_id
),
5323 fsp
->fsp_name
, newname
));
5324 string_set(&fsp
->fsp_name
, newname
);
5329 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5330 file_id_string_tos(&lck
->id
), newname
));
5333 /* Send messages to all smbd's (not ourself) that the name has changed. */
5334 rename_share_filename(smbd_messaging_context(), lck
, conn
->connectpath
,
5338 /****************************************************************************
5339 We need to check if the source path is a parent directory of the destination
5340 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5341 refuse the rename with a sharing violation. Under UNIX the above call can
5342 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5343 probably need to check that the client is a Windows one before disallowing
5344 this as a UNIX client (one with UNIX extensions) can know the source is a
5345 symlink and make this decision intelligently. Found by an excellent bug
5346 report from <AndyLiebman@aol.com>.
5347 ****************************************************************************/
5349 static bool rename_path_prefix_equal(const char *src
, const char *dest
)
5351 const char *psrc
= src
;
5352 const char *pdst
= dest
;
5355 if (psrc
[0] == '.' && psrc
[1] == '/') {
5358 if (pdst
[0] == '.' && pdst
[1] == '/') {
5361 if ((slen
= strlen(psrc
)) > strlen(pdst
)) {
5364 return ((memcmp(psrc
, pdst
, slen
) == 0) && pdst
[slen
] == '/');
5368 * Do the notify calls from a rename
5371 static void notify_rename(connection_struct
*conn
, bool is_dir
,
5372 const char *oldpath
, const char *newpath
)
5374 char *olddir
, *newdir
;
5375 const char *oldname
, *newname
;
5378 mask
= is_dir
? FILE_NOTIFY_CHANGE_DIR_NAME
5379 : FILE_NOTIFY_CHANGE_FILE_NAME
;
5381 if (!parent_dirname_talloc(NULL
, oldpath
, &olddir
, &oldname
)
5382 || !parent_dirname_talloc(NULL
, newpath
, &newdir
, &newname
)) {
5383 TALLOC_FREE(olddir
);
5387 if (strcmp(olddir
, newdir
) == 0) {
5388 notify_fname(conn
, NOTIFY_ACTION_OLD_NAME
, mask
, oldpath
);
5389 notify_fname(conn
, NOTIFY_ACTION_NEW_NAME
, mask
, newpath
);
5392 notify_fname(conn
, NOTIFY_ACTION_REMOVED
, mask
, oldpath
);
5393 notify_fname(conn
, NOTIFY_ACTION_ADDED
, mask
, newpath
);
5395 TALLOC_FREE(olddir
);
5396 TALLOC_FREE(newdir
);
5398 /* this is a strange one. w2k3 gives an additional event for
5399 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5400 files, but not directories */
5402 notify_fname(conn
, NOTIFY_ACTION_MODIFIED
,
5403 FILE_NOTIFY_CHANGE_ATTRIBUTES
5404 |FILE_NOTIFY_CHANGE_CREATION
,
5409 /****************************************************************************
5410 Rename an open file - given an fsp.
5411 ****************************************************************************/
5413 NTSTATUS
rename_internals_fsp(connection_struct
*conn
,
5416 const char *newname_last_component
,
5418 bool replace_if_exists
)
5420 TALLOC_CTX
*ctx
= talloc_tos();
5421 SMB_STRUCT_STAT sbuf
, sbuf1
;
5422 NTSTATUS status
= NT_STATUS_OK
;
5423 struct share_mode_lock
*lck
= NULL
;
5428 status
= check_name(conn
, newname
);
5429 if (!NT_STATUS_IS_OK(status
)) {
5433 /* Ensure newname contains a '/' */
5434 if(strrchr_m(newname
,'/') == 0) {
5435 newname
= talloc_asprintf(ctx
,
5439 return NT_STATUS_NO_MEMORY
;
5444 * Check for special case with case preserving and not
5445 * case sensitive. If the old last component differs from the original
5446 * last component only by case, then we should allow
5447 * the rename (user is trying to change the case of the
5451 if((conn
->case_sensitive
== False
) && (conn
->case_preserve
== True
) &&
5452 strequal(newname
, fsp
->fsp_name
)) {
5454 char *newname_modified_last_component
= NULL
;
5457 * Get the last component of the modified name.
5458 * Note that we guarantee that newname contains a '/'
5461 p
= strrchr_m(newname
,'/');
5462 newname_modified_last_component
= talloc_strdup(ctx
,
5464 if (!newname_modified_last_component
) {
5465 return NT_STATUS_NO_MEMORY
;
5468 if(strcsequal(newname_modified_last_component
,
5469 newname_last_component
) == False
) {
5471 * Replace the modified last component with
5474 *p
= '\0'; /* Truncate at the '/' */
5475 newname
= talloc_asprintf(ctx
,
5478 newname_last_component
);
5483 * If the src and dest names are identical - including case,
5484 * don't do the rename, just return success.
5487 if (strcsequal(fsp
->fsp_name
, newname
)) {
5488 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5490 return NT_STATUS_OK
;
5494 * Have vfs_object_exist also fill sbuf1
5496 dst_exists
= vfs_object_exist(conn
, newname
, &sbuf1
);
5498 if(!replace_if_exists
&& dst_exists
) {
5499 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5500 fsp
->fsp_name
,newname
));
5501 return NT_STATUS_OBJECT_NAME_COLLISION
;
5505 struct file_id fileid
= vfs_file_id_from_sbuf(conn
, &sbuf1
);
5506 files_struct
*dst_fsp
= file_find_di_first(fileid
);
5508 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5509 return NT_STATUS_ACCESS_DENIED
;
5513 /* Ensure we have a valid stat struct for the source. */
5514 if (fsp
->fh
->fd
!= -1) {
5515 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
5516 return map_nt_error_from_unix(errno
);
5519 if (SMB_VFS_STAT(conn
,fsp
->fsp_name
,&sbuf
) == -1) {
5520 return map_nt_error_from_unix(errno
);
5524 status
= can_rename(conn
, fsp
, attrs
, &sbuf
);
5526 if (!NT_STATUS_IS_OK(status
)) {
5527 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5528 nt_errstr(status
), fsp
->fsp_name
,newname
));
5529 if (NT_STATUS_EQUAL(status
,NT_STATUS_SHARING_VIOLATION
))
5530 status
= NT_STATUS_ACCESS_DENIED
;
5534 if (rename_path_prefix_equal(fsp
->fsp_name
, newname
)) {
5535 return NT_STATUS_ACCESS_DENIED
;
5538 lck
= get_share_mode_lock(talloc_tos(), fsp
->file_id
, NULL
, NULL
,
5542 * We have the file open ourselves, so not being able to get the
5543 * corresponding share mode lock is a fatal error.
5546 SMB_ASSERT(lck
!= NULL
);
5548 if(SMB_VFS_RENAME(conn
,fsp
->fsp_name
, newname
) == 0) {
5549 uint32 create_options
= fsp
->fh
->private_options
;
5551 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5552 fsp
->fsp_name
,newname
));
5554 rename_open_files(conn
, lck
, newname
);
5556 notify_rename(conn
, fsp
->is_directory
, fsp
->fsp_name
, newname
);
5559 * A rename acts as a new file create w.r.t. allowing an initial delete
5560 * on close, probably because in Windows there is a new handle to the
5561 * new file. If initial delete on close was requested but not
5562 * originally set, we need to set it here. This is probably not 100% correct,
5563 * but will work for the CIFSFS client which in non-posix mode
5564 * depends on these semantics. JRA.
5567 set_allow_initial_delete_on_close(lck
, fsp
, True
);
5569 if (create_options
& FILE_DELETE_ON_CLOSE
) {
5570 status
= can_set_delete_on_close(fsp
, True
, 0);
5572 if (NT_STATUS_IS_OK(status
)) {
5573 /* Note that here we set the *inital* delete on close flag,
5574 * not the regular one. The magic gets handled in close. */
5575 fsp
->initial_delete_on_close
= True
;
5579 return NT_STATUS_OK
;
5584 if (errno
== ENOTDIR
|| errno
== EISDIR
) {
5585 status
= NT_STATUS_OBJECT_NAME_COLLISION
;
5587 status
= map_nt_error_from_unix(errno
);
5590 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5591 nt_errstr(status
), fsp
->fsp_name
,newname
));
5596 /****************************************************************************
5597 The guts of the rename command, split out so it may be called by the NT SMB
5599 ****************************************************************************/
5601 NTSTATUS
rename_internals(TALLOC_CTX
*ctx
,
5602 connection_struct
*conn
,
5603 struct smb_request
*req
,
5604 const char *name_in
,
5605 const char *newname_in
,
5607 bool replace_if_exists
,
5610 uint32_t access_mask
)
5612 char *directory
= NULL
;
5614 char *last_component_src
= NULL
;
5615 char *last_component_dest
= NULL
;
5617 char *newname
= NULL
;
5620 NTSTATUS status
= NT_STATUS_OK
;
5621 SMB_STRUCT_STAT sbuf1
, sbuf2
;
5622 struct smb_Dir
*dir_hnd
= NULL
;
5629 status
= unix_convert(ctx
, conn
, name_in
, src_has_wild
, &name
,
5630 &last_component_src
, &sbuf1
);
5631 if (!NT_STATUS_IS_OK(status
)) {
5635 status
= unix_convert(ctx
, conn
, newname_in
, dest_has_wild
, &newname
,
5636 &last_component_dest
, &sbuf2
);
5637 if (!NT_STATUS_IS_OK(status
)) {
5642 * Split the old name into directory and last component
5643 * strings. Note that unix_convert may have stripped off a
5644 * leading ./ from both name and newname if the rename is
5645 * at the root of the share. We need to make sure either both
5646 * name and newname contain a / character or neither of them do
5647 * as this is checked in resolve_wildcards().
5650 p
= strrchr_m(name
,'/');
5652 directory
= talloc_strdup(ctx
, ".");
5654 return NT_STATUS_NO_MEMORY
;
5659 directory
= talloc_strdup(ctx
, name
);
5661 return NT_STATUS_NO_MEMORY
;
5664 *p
= '/'; /* Replace needed for exceptional test below. */
5668 * We should only check the mangled cache
5669 * here if unix_convert failed. This means
5670 * that the path in 'mask' doesn't exist
5671 * on the file system and so we need to look
5672 * for a possible mangle. This patch from
5673 * Tine Smukavec <valentin.smukavec@hermes.si>.
5676 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
5677 char *new_mask
= NULL
;
5678 mangle_lookup_name_from_8_3(ctx
,
5687 if (!src_has_wild
) {
5691 * No wildcards - just process the one file.
5693 bool is_short_name
= mangle_is_8_3(name
, True
, conn
->params
);
5695 /* Add a terminating '/' to the directory name. */
5696 directory
= talloc_asprintf_append(directory
,
5700 return NT_STATUS_NO_MEMORY
;
5703 /* Ensure newname contains a '/' also */
5704 if(strrchr_m(newname
,'/') == 0) {
5705 newname
= talloc_asprintf(ctx
,
5709 return NT_STATUS_NO_MEMORY
;
5713 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5714 "case_preserve = %d, short case preserve = %d, "
5715 "directory = %s, newname = %s, "
5716 "last_component_dest = %s, is_8_3 = %d\n",
5717 conn
->case_sensitive
, conn
->case_preserve
,
5718 conn
->short_case_preserve
, directory
,
5719 newname
, last_component_dest
, is_short_name
));
5721 /* The dest name still may have wildcards. */
5722 if (dest_has_wild
) {
5723 char *mod_newname
= NULL
;
5724 if (!resolve_wildcards(ctx
,
5725 directory
,newname
,&mod_newname
)) {
5726 DEBUG(6, ("rename_internals: resolve_wildcards "
5730 return NT_STATUS_NO_MEMORY
;
5732 newname
= mod_newname
;
5736 SMB_VFS_STAT(conn
, directory
, &sbuf1
);
5738 status
= S_ISDIR(sbuf1
.st_mode
) ?
5739 open_directory(conn
, req
, directory
, &sbuf1
,
5741 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5742 FILE_OPEN
, 0, 0, NULL
,
5744 : open_file_ntcreate(conn
, req
, directory
, &sbuf1
,
5746 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5747 FILE_OPEN
, 0, 0, 0, NULL
,
5750 if (!NT_STATUS_IS_OK(status
)) {
5751 DEBUG(3, ("Could not open rename source %s: %s\n",
5752 directory
, nt_errstr(status
)));
5756 status
= rename_internals_fsp(conn
, fsp
, newname
,
5757 last_component_dest
,
5758 attrs
, replace_if_exists
);
5760 close_file(fsp
, NORMAL_CLOSE
);
5762 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5763 nt_errstr(status
), directory
,newname
));
5769 * Wildcards - process each file that matches.
5771 if (strequal(mask
,"????????.???")) {
5776 status
= check_name(conn
, directory
);
5777 if (!NT_STATUS_IS_OK(status
)) {
5781 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, attrs
);
5782 if (dir_hnd
== NULL
) {
5783 return map_nt_error_from_unix(errno
);
5786 status
= NT_STATUS_NO_SUCH_FILE
;
5788 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5789 * - gentest fix. JRA
5792 while ((dname
= ReadDirName(dir_hnd
, &offset
))) {
5793 files_struct
*fsp
= NULL
;
5795 char *destname
= NULL
;
5796 bool sysdir_entry
= False
;
5798 /* Quick check for "." and ".." */
5799 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5801 sysdir_entry
= True
;
5807 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
5811 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
5816 status
= NT_STATUS_OBJECT_NAME_INVALID
;
5820 fname
= talloc_asprintf(ctx
,
5825 return NT_STATUS_NO_MEMORY
;
5828 if (!resolve_wildcards(ctx
,
5829 fname
,newname
,&destname
)) {
5830 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5836 return NT_STATUS_NO_MEMORY
;
5840 SMB_VFS_STAT(conn
, fname
, &sbuf1
);
5842 status
= S_ISDIR(sbuf1
.st_mode
) ?
5843 open_directory(conn
, req
, fname
, &sbuf1
,
5845 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5846 FILE_OPEN
, 0, 0, NULL
,
5848 : open_file_ntcreate(conn
, req
, fname
, &sbuf1
,
5850 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5851 FILE_OPEN
, 0, 0, 0, NULL
,
5854 if (!NT_STATUS_IS_OK(status
)) {
5855 DEBUG(3,("rename_internals: open_file_ntcreate "
5856 "returned %s rename %s -> %s\n",
5857 nt_errstr(status
), directory
, newname
));
5861 status
= rename_internals_fsp(conn
, fsp
, destname
, dname
,
5862 attrs
, replace_if_exists
);
5864 close_file(fsp
, NORMAL_CLOSE
);
5866 if (!NT_STATUS_IS_OK(status
)) {
5867 DEBUG(3, ("rename_internals_fsp returned %s for "
5868 "rename %s -> %s\n", nt_errstr(status
),
5869 directory
, newname
));
5875 DEBUG(3,("rename_internals: doing rename on %s -> "
5876 "%s\n",fname
,destname
));
5879 TALLOC_FREE(destname
);
5881 TALLOC_FREE(dir_hnd
);
5883 if (count
== 0 && NT_STATUS_IS_OK(status
)) {
5884 status
= map_nt_error_from_unix(errno
);
5890 /****************************************************************************
5892 ****************************************************************************/
5894 void reply_mv(struct smb_request
*req
)
5896 connection_struct
*conn
= req
->conn
;
5898 char *newname
= NULL
;
5902 bool src_has_wcard
= False
;
5903 bool dest_has_wcard
= False
;
5904 TALLOC_CTX
*ctx
= talloc_tos();
5906 START_PROFILE(SMBmv
);
5909 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
5914 attrs
= SVAL(req
->inbuf
,smb_vwv0
);
5916 p
= smb_buf(req
->inbuf
) + 1;
5917 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &name
, p
,
5918 0, STR_TERMINATE
, &status
,
5920 if (!NT_STATUS_IS_OK(status
)) {
5921 reply_nterror(req
, status
);
5926 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &newname
, p
,
5927 0, STR_TERMINATE
, &status
,
5929 if (!NT_STATUS_IS_OK(status
)) {
5930 reply_nterror(req
, status
);
5935 status
= resolve_dfspath_wcard(ctx
, conn
,
5936 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5940 if (!NT_STATUS_IS_OK(status
)) {
5941 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5942 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5943 ERRSRV
, ERRbadpath
);
5947 reply_nterror(req
, status
);
5952 status
= resolve_dfspath_wcard(ctx
, conn
,
5953 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5957 if (!NT_STATUS_IS_OK(status
)) {
5958 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5959 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5960 ERRSRV
, ERRbadpath
);
5964 reply_nterror(req
, status
);
5969 DEBUG(3,("reply_mv : %s -> %s\n",name
,newname
));
5971 status
= rename_internals(ctx
, conn
, req
, name
, newname
, attrs
, False
,
5972 src_has_wcard
, dest_has_wcard
, DELETE_ACCESS
);
5973 if (!NT_STATUS_IS_OK(status
)) {
5974 if (open_was_deferred(req
->mid
)) {
5975 /* We have re-scheduled this call. */
5979 reply_nterror(req
, status
);
5984 reply_outbuf(req
, 0, 0);
5990 /*******************************************************************
5991 Copy a file as part of a reply_copy.
5992 ******************************************************************/
5995 * TODO: check error codes on all callers
5998 NTSTATUS
copy_file(TALLOC_CTX
*ctx
,
5999 connection_struct
*conn
,
6004 bool target_is_directory
)
6006 SMB_STRUCT_STAT src_sbuf
, sbuf2
;
6008 files_struct
*fsp1
,*fsp2
;
6011 uint32 new_create_disposition
;
6014 dest
= talloc_strdup(ctx
, dest1
);
6016 return NT_STATUS_NO_MEMORY
;
6018 if (target_is_directory
) {
6019 const char *p
= strrchr_m(src
,'/');
6025 dest
= talloc_asprintf_append(dest
,
6029 return NT_STATUS_NO_MEMORY
;
6033 if (!vfs_file_exist(conn
,src
,&src_sbuf
)) {
6035 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
6038 if (!target_is_directory
&& count
) {
6039 new_create_disposition
= FILE_OPEN
;
6041 if (!map_open_params_to_ntcreate(dest1
,0,ofun
,
6042 NULL
, NULL
, &new_create_disposition
, NULL
)) {
6044 return NT_STATUS_INVALID_PARAMETER
;
6048 status
= open_file_ntcreate(conn
, NULL
, src
, &src_sbuf
,
6050 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
6053 FILE_ATTRIBUTE_NORMAL
,
6057 if (!NT_STATUS_IS_OK(status
)) {
6062 dosattrs
= dos_mode(conn
, src
, &src_sbuf
);
6063 if (SMB_VFS_STAT(conn
,dest
,&sbuf2
) == -1) {
6064 ZERO_STRUCTP(&sbuf2
);
6067 status
= open_file_ntcreate(conn
, NULL
, dest
, &sbuf2
,
6069 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
6070 new_create_disposition
,
6078 if (!NT_STATUS_IS_OK(status
)) {
6079 close_file(fsp1
,ERROR_CLOSE
);
6083 if ((ofun
&3) == 1) {
6084 if(SMB_VFS_LSEEK(fsp2
,0,SEEK_END
) == -1) {
6085 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno
) ));
6087 * Stop the copy from occurring.
6090 src_sbuf
.st_size
= 0;
6094 if (src_sbuf
.st_size
) {
6095 ret
= vfs_transfer_file(fsp1
, fsp2
, src_sbuf
.st_size
);
6098 close_file(fsp1
,NORMAL_CLOSE
);
6100 /* Ensure the modtime is set correctly on the destination file. */
6101 set_close_write_time(fsp2
, get_mtimespec(&src_sbuf
));
6104 * As we are opening fsp1 read-only we only expect
6105 * an error on close on fsp2 if we are out of space.
6106 * Thus we don't look at the error return from the
6109 status
= close_file(fsp2
,NORMAL_CLOSE
);
6111 if (!NT_STATUS_IS_OK(status
)) {
6115 if (ret
!= (SMB_OFF_T
)src_sbuf
.st_size
) {
6116 return NT_STATUS_DISK_FULL
;
6119 return NT_STATUS_OK
;
6122 /****************************************************************************
6123 Reply to a file copy.
6124 ****************************************************************************/
6126 void reply_copy(struct smb_request
*req
)
6128 connection_struct
*conn
= req
->conn
;
6130 char *newname
= NULL
;
6131 char *directory
= NULL
;
6135 int error
= ERRnoaccess
;
6140 bool target_is_directory
=False
;
6141 bool source_has_wild
= False
;
6142 bool dest_has_wild
= False
;
6143 SMB_STRUCT_STAT sbuf1
, sbuf2
;
6145 TALLOC_CTX
*ctx
= talloc_tos();
6147 START_PROFILE(SMBcopy
);
6150 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6151 END_PROFILE(SMBcopy
);
6155 tid2
= SVAL(req
->inbuf
,smb_vwv0
);
6156 ofun
= SVAL(req
->inbuf
,smb_vwv1
);
6157 flags
= SVAL(req
->inbuf
,smb_vwv2
);
6159 p
= smb_buf(req
->inbuf
);
6160 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &name
, p
,
6161 0, STR_TERMINATE
, &status
,
6163 if (!NT_STATUS_IS_OK(status
)) {
6164 reply_nterror(req
, status
);
6165 END_PROFILE(SMBcopy
);
6168 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &newname
, p
,
6169 0, STR_TERMINATE
, &status
,
6171 if (!NT_STATUS_IS_OK(status
)) {
6172 reply_nterror(req
, status
);
6173 END_PROFILE(SMBcopy
);
6177 DEBUG(3,("reply_copy : %s -> %s\n",name
,newname
));
6179 if (tid2
!= conn
->cnum
) {
6180 /* can't currently handle inter share copies XXXX */
6181 DEBUG(3,("Rejecting inter-share copy\n"));
6182 reply_doserror(req
, ERRSRV
, ERRinvdevice
);
6183 END_PROFILE(SMBcopy
);
6187 status
= resolve_dfspath_wcard(ctx
, conn
,
6188 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6192 if (!NT_STATUS_IS_OK(status
)) {
6193 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6194 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6195 ERRSRV
, ERRbadpath
);
6196 END_PROFILE(SMBcopy
);
6199 reply_nterror(req
, status
);
6200 END_PROFILE(SMBcopy
);
6204 status
= resolve_dfspath_wcard(ctx
, conn
,
6205 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6209 if (!NT_STATUS_IS_OK(status
)) {
6210 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6211 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6212 ERRSRV
, ERRbadpath
);
6213 END_PROFILE(SMBcopy
);
6216 reply_nterror(req
, status
);
6217 END_PROFILE(SMBcopy
);
6221 status
= unix_convert(ctx
, conn
, name
, source_has_wild
,
6222 &name
, NULL
, &sbuf1
);
6223 if (!NT_STATUS_IS_OK(status
)) {
6224 reply_nterror(req
, status
);
6225 END_PROFILE(SMBcopy
);
6229 status
= unix_convert(ctx
, conn
, newname
, dest_has_wild
,
6230 &newname
, NULL
, &sbuf2
);
6231 if (!NT_STATUS_IS_OK(status
)) {
6232 reply_nterror(req
, status
);
6233 END_PROFILE(SMBcopy
);
6237 target_is_directory
= VALID_STAT_OF_DIR(sbuf2
);
6239 if ((flags
&1) && target_is_directory
) {
6240 reply_doserror(req
, ERRDOS
, ERRbadfile
);
6241 END_PROFILE(SMBcopy
);
6245 if ((flags
&2) && !target_is_directory
) {
6246 reply_doserror(req
, ERRDOS
, ERRbadpath
);
6247 END_PROFILE(SMBcopy
);
6251 if ((flags
&(1<<5)) && VALID_STAT_OF_DIR(sbuf1
)) {
6252 /* wants a tree copy! XXXX */
6253 DEBUG(3,("Rejecting tree copy\n"));
6254 reply_doserror(req
, ERRSRV
, ERRerror
);
6255 END_PROFILE(SMBcopy
);
6259 p
= strrchr_m(name
,'/');
6261 directory
= talloc_strdup(ctx
, "./");
6263 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6264 END_PROFILE(SMBcopy
);
6270 directory
= talloc_strdup(ctx
, name
);
6272 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6273 END_PROFILE(SMBcopy
);
6280 * We should only check the mangled cache
6281 * here if unix_convert failed. This means
6282 * that the path in 'mask' doesn't exist
6283 * on the file system and so we need to look
6284 * for a possible mangle. This patch from
6285 * Tine Smukavec <valentin.smukavec@hermes.si>.
6288 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
6289 char *new_mask
= NULL
;
6290 mangle_lookup_name_from_8_3(ctx
,
6299 if (!source_has_wild
) {
6300 directory
= talloc_asprintf_append(directory
,
6303 if (dest_has_wild
) {
6304 char *mod_newname
= NULL
;
6305 if (!resolve_wildcards(ctx
,
6306 directory
,newname
,&mod_newname
)) {
6307 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6308 END_PROFILE(SMBcopy
);
6311 newname
= mod_newname
;
6314 status
= check_name(conn
, directory
);
6315 if (!NT_STATUS_IS_OK(status
)) {
6316 reply_nterror(req
, status
);
6317 END_PROFILE(SMBcopy
);
6321 status
= check_name(conn
, newname
);
6322 if (!NT_STATUS_IS_OK(status
)) {
6323 reply_nterror(req
, status
);
6324 END_PROFILE(SMBcopy
);
6328 status
= copy_file(ctx
,conn
,directory
,newname
,ofun
,
6329 count
,target_is_directory
);
6331 if(!NT_STATUS_IS_OK(status
)) {
6332 reply_nterror(req
, status
);
6333 END_PROFILE(SMBcopy
);
6339 struct smb_Dir
*dir_hnd
= NULL
;
6340 const char *dname
= NULL
;
6343 if (strequal(mask
,"????????.???")) {
6348 status
= check_name(conn
, directory
);
6349 if (!NT_STATUS_IS_OK(status
)) {
6350 reply_nterror(req
, status
);
6351 END_PROFILE(SMBcopy
);
6355 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, 0);
6356 if (dir_hnd
== NULL
) {
6357 status
= map_nt_error_from_unix(errno
);
6358 reply_nterror(req
, status
);
6359 END_PROFILE(SMBcopy
);
6365 while ((dname
= ReadDirName(dir_hnd
, &offset
))) {
6366 char *destname
= NULL
;
6369 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
6373 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
6377 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
6381 error
= ERRnoaccess
;
6382 fname
= talloc_asprintf(ctx
,
6387 TALLOC_FREE(dir_hnd
);
6388 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6389 END_PROFILE(SMBcopy
);
6393 if (!resolve_wildcards(ctx
,
6394 fname
,newname
,&destname
)) {
6398 TALLOC_FREE(dir_hnd
);
6399 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6400 END_PROFILE(SMBcopy
);
6404 status
= check_name(conn
, fname
);
6405 if (!NT_STATUS_IS_OK(status
)) {
6406 TALLOC_FREE(dir_hnd
);
6407 reply_nterror(req
, status
);
6408 END_PROFILE(SMBcopy
);
6412 status
= check_name(conn
, destname
);
6413 if (!NT_STATUS_IS_OK(status
)) {
6414 TALLOC_FREE(dir_hnd
);
6415 reply_nterror(req
, status
);
6416 END_PROFILE(SMBcopy
);
6420 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname
, destname
));
6422 status
= copy_file(ctx
,conn
,fname
,destname
,ofun
,
6423 count
,target_is_directory
);
6424 if (NT_STATUS_IS_OK(status
)) {
6428 TALLOC_FREE(destname
);
6430 TALLOC_FREE(dir_hnd
);
6435 /* Error on close... */
6437 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
6438 END_PROFILE(SMBcopy
);
6442 reply_doserror(req
, ERRDOS
, error
);
6443 END_PROFILE(SMBcopy
);
6447 reply_outbuf(req
, 1, 0);
6448 SSVAL(req
->outbuf
,smb_vwv0
,count
);
6450 END_PROFILE(SMBcopy
);
6455 #define DBGC_CLASS DBGC_LOCKING
6457 /****************************************************************************
6458 Get a lock pid, dealing with large count requests.
6459 ****************************************************************************/
6461 uint32
get_lock_pid( char *data
, int data_offset
, bool large_file_format
)
6463 if(!large_file_format
)
6464 return (uint32
)SVAL(data
,SMB_LPID_OFFSET(data_offset
));
6466 return (uint32
)SVAL(data
,SMB_LARGE_LPID_OFFSET(data_offset
));
6469 /****************************************************************************
6470 Get a lock count, dealing with large count requests.
6471 ****************************************************************************/
6473 SMB_BIG_UINT
get_lock_count( char *data
, int data_offset
, bool large_file_format
)
6475 SMB_BIG_UINT count
= 0;
6477 if(!large_file_format
) {
6478 count
= (SMB_BIG_UINT
)IVAL(data
,SMB_LKLEN_OFFSET(data_offset
));
6481 #if defined(HAVE_LONGLONG)
6482 count
= (((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
))) << 32) |
6483 ((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)));
6484 #else /* HAVE_LONGLONG */
6487 * NT4.x seems to be broken in that it sends large file (64 bit)
6488 * lockingX calls even if the CAP_LARGE_FILES was *not*
6489 * negotiated. For boxes without large unsigned ints truncate the
6490 * lock count by dropping the top 32 bits.
6493 if(IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)) != 0) {
6494 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6495 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)),
6496 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)) ));
6497 SIVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
),0);
6500 count
= (SMB_BIG_UINT
)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
));
6501 #endif /* HAVE_LONGLONG */
6507 #if !defined(HAVE_LONGLONG)
6508 /****************************************************************************
6509 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6510 ****************************************************************************/
6512 static uint32
map_lock_offset(uint32 high
, uint32 low
)
6516 uint32 highcopy
= high
;
6519 * Try and find out how many significant bits there are in high.
6522 for(i
= 0; highcopy
; i
++)
6526 * We use 31 bits not 32 here as POSIX
6527 * lock offsets may not be negative.
6530 mask
= (~0) << (31 - i
);
6533 return 0; /* Fail. */
6539 #endif /* !defined(HAVE_LONGLONG) */
6541 /****************************************************************************
6542 Get a lock offset, dealing with large offset requests.
6543 ****************************************************************************/
6545 SMB_BIG_UINT
get_lock_offset( char *data
, int data_offset
, bool large_file_format
, bool *err
)
6547 SMB_BIG_UINT offset
= 0;
6551 if(!large_file_format
) {
6552 offset
= (SMB_BIG_UINT
)IVAL(data
,SMB_LKOFF_OFFSET(data_offset
));
6555 #if defined(HAVE_LONGLONG)
6556 offset
= (((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
))) << 32) |
6557 ((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
)));
6558 #else /* HAVE_LONGLONG */
6561 * NT4.x seems to be broken in that it sends large file (64 bit)
6562 * lockingX calls even if the CAP_LARGE_FILES was *not*
6563 * negotiated. For boxes without large unsigned ints mangle the
6564 * lock offset by mapping the top 32 bits onto the lower 32.
6567 if(IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
)) != 0) {
6568 uint32 low
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6569 uint32 high
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
));
6572 if((new_low
= map_lock_offset(high
, low
)) == 0) {
6574 return (SMB_BIG_UINT
)-1;
6577 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6578 (unsigned int)high
, (unsigned int)low
, (unsigned int)new_low
));
6579 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
),0);
6580 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
),new_low
);
6583 offset
= (SMB_BIG_UINT
)IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6584 #endif /* HAVE_LONGLONG */
6590 /****************************************************************************
6591 Reply to a lockingX request.
6592 ****************************************************************************/
6594 void reply_lockingX(struct smb_request
*req
)
6596 connection_struct
*conn
= req
->conn
;
6598 unsigned char locktype
;
6599 unsigned char oplocklevel
;
6602 SMB_BIG_UINT count
= 0, offset
= 0;
6607 bool large_file_format
;
6609 NTSTATUS status
= NT_STATUS_UNSUCCESSFUL
;
6611 START_PROFILE(SMBlockingX
);
6614 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6615 END_PROFILE(SMBlockingX
);
6619 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv2
));
6620 locktype
= CVAL(req
->inbuf
,smb_vwv3
);
6621 oplocklevel
= CVAL(req
->inbuf
,smb_vwv3
+1);
6622 num_ulocks
= SVAL(req
->inbuf
,smb_vwv6
);
6623 num_locks
= SVAL(req
->inbuf
,smb_vwv7
);
6624 lock_timeout
= IVAL(req
->inbuf
,smb_vwv4
);
6625 large_file_format
= (locktype
& LOCKING_ANDX_LARGE_FILES
)?True
:False
;
6627 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
6628 END_PROFILE(SMBlockingX
);
6632 data
= smb_buf(req
->inbuf
);
6634 if (locktype
& LOCKING_ANDX_CHANGE_LOCKTYPE
) {
6635 /* we don't support these - and CANCEL_LOCK makes w2k
6636 and XP reboot so I don't really want to be
6637 compatible! (tridge) */
6638 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRnoatomiclocks
));
6639 END_PROFILE(SMBlockingX
);
6643 /* Check if this is an oplock break on a file
6644 we have granted an oplock on.
6646 if ((locktype
& LOCKING_ANDX_OPLOCK_RELEASE
)) {
6647 /* Client can insist on breaking to none. */
6648 bool break_to_none
= (oplocklevel
== 0);
6651 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6652 "for fnum = %d\n", (unsigned int)oplocklevel
,
6656 * Make sure we have granted an exclusive or batch oplock on
6660 if (fsp
->oplock_type
== 0) {
6662 /* The Samba4 nbench simulator doesn't understand
6663 the difference between break to level2 and break
6664 to none from level2 - it sends oplock break
6665 replies in both cases. Don't keep logging an error
6666 message here - just ignore it. JRA. */
6668 DEBUG(5,("reply_lockingX: Error : oplock break from "
6669 "client for fnum = %d (oplock=%d) and no "
6670 "oplock granted on this file (%s).\n",
6671 fsp
->fnum
, fsp
->oplock_type
, fsp
->fsp_name
));
6673 /* if this is a pure oplock break request then don't
6675 if (num_locks
== 0 && num_ulocks
== 0) {
6676 END_PROFILE(SMBlockingX
);
6679 END_PROFILE(SMBlockingX
);
6680 reply_doserror(req
, ERRDOS
, ERRlock
);
6685 if ((fsp
->sent_oplock_break
== BREAK_TO_NONE_SENT
) ||
6687 result
= remove_oplock(fsp
);
6689 result
= downgrade_oplock(fsp
);
6693 DEBUG(0, ("reply_lockingX: error in removing "
6694 "oplock on file %s\n", fsp
->fsp_name
));
6695 /* Hmmm. Is this panic justified? */
6696 smb_panic("internal tdb error");
6699 reply_to_oplock_break_requests(fsp
);
6701 /* if this is a pure oplock break request then don't send a
6703 if (num_locks
== 0 && num_ulocks
== 0) {
6704 /* Sanity check - ensure a pure oplock break is not a
6706 if(CVAL(req
->inbuf
,smb_vwv0
) != 0xff)
6707 DEBUG(0,("reply_lockingX: Error : pure oplock "
6708 "break is a chained %d request !\n",
6709 (unsigned int)CVAL(req
->inbuf
,
6711 END_PROFILE(SMBlockingX
);
6717 * We do this check *after* we have checked this is not a oplock break
6718 * response message. JRA.
6721 release_level_2_oplocks_on_change(fsp
);
6723 if (smb_buflen(req
->inbuf
) <
6724 (num_ulocks
+ num_locks
) * (large_file_format
? 20 : 10)) {
6725 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6726 END_PROFILE(SMBlockingX
);
6730 /* Data now points at the beginning of the list
6731 of smb_unlkrng structs */
6732 for(i
= 0; i
< (int)num_ulocks
; i
++) {
6733 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6734 count
= get_lock_count( data
, i
, large_file_format
);
6735 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
6738 * There is no error code marked "stupid client bug".... :-).
6741 END_PROFILE(SMBlockingX
);
6742 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
6746 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
6747 "pid %u, file %s\n", (double)offset
, (double)count
,
6748 (unsigned int)lock_pid
, fsp
->fsp_name
));
6750 status
= do_unlock(smbd_messaging_context(),
6757 if (NT_STATUS_V(status
)) {
6758 END_PROFILE(SMBlockingX
);
6759 reply_nterror(req
, status
);
6764 /* Setup the timeout in seconds. */
6766 if (!lp_blocking_locks(SNUM(conn
))) {
6770 /* Now do any requested locks */
6771 data
+= ((large_file_format
? 20 : 10)*num_ulocks
);
6773 /* Data now points at the beginning of the list
6774 of smb_lkrng structs */
6776 for(i
= 0; i
< (int)num_locks
; i
++) {
6777 enum brl_type lock_type
= ((locktype
& LOCKING_ANDX_SHARED_LOCK
) ?
6778 READ_LOCK
:WRITE_LOCK
);
6779 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6780 count
= get_lock_count( data
, i
, large_file_format
);
6781 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
6784 * There is no error code marked "stupid client bug".... :-).
6787 END_PROFILE(SMBlockingX
);
6788 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
6792 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6793 "%u, file %s timeout = %d\n", (double)offset
,
6794 (double)count
, (unsigned int)lock_pid
,
6795 fsp
->fsp_name
, (int)lock_timeout
));
6797 if (locktype
& LOCKING_ANDX_CANCEL_LOCK
) {
6798 if (lp_blocking_locks(SNUM(conn
))) {
6800 /* Schedule a message to ourselves to
6801 remove the blocking lock record and
6802 return the right error. */
6804 if (!blocking_lock_cancel(fsp
,
6810 NT_STATUS_FILE_LOCK_CONFLICT
)) {
6811 END_PROFILE(SMBlockingX
);
6816 ERRcancelviolation
));
6820 /* Remove a matching pending lock. */
6821 status
= do_lock_cancel(fsp
,
6827 bool blocking_lock
= lock_timeout
? True
: False
;
6828 bool defer_lock
= False
;
6829 struct byte_range_lock
*br_lck
;
6830 uint32 block_smbpid
;
6832 br_lck
= do_lock(smbd_messaging_context(),
6843 if (br_lck
&& blocking_lock
&& ERROR_WAS_LOCK_DENIED(status
)) {
6844 /* Windows internal resolution for blocking locks seems
6845 to be about 200ms... Don't wait for less than that. JRA. */
6846 if (lock_timeout
!= -1 && lock_timeout
< lp_lock_spin_time()) {
6847 lock_timeout
= lp_lock_spin_time();
6852 /* This heuristic seems to match W2K3 very well. If a
6853 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6854 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6855 far as I can tell. Replacement for do_lock_spin(). JRA. */
6857 if (br_lck
&& lp_blocking_locks(SNUM(conn
)) && !blocking_lock
&&
6858 NT_STATUS_EQUAL((status
), NT_STATUS_FILE_LOCK_CONFLICT
)) {
6860 lock_timeout
= lp_lock_spin_time();
6863 if (br_lck
&& defer_lock
) {
6865 * A blocking lock was requested. Package up
6866 * this smb into a queued request and push it
6867 * onto the blocking lock queue.
6869 if(push_blocking_lock_request(br_lck
,
6880 TALLOC_FREE(br_lck
);
6881 END_PROFILE(SMBlockingX
);
6886 TALLOC_FREE(br_lck
);
6889 if (NT_STATUS_V(status
)) {
6890 END_PROFILE(SMBlockingX
);
6891 reply_nterror(req
, status
);
6896 /* If any of the above locks failed, then we must unlock
6897 all of the previous locks (X/Open spec). */
6899 if (!(locktype
& LOCKING_ANDX_CANCEL_LOCK
) &&
6903 * Ensure we don't do a remove on the lock that just failed,
6904 * as under POSIX rules, if we have a lock already there, we
6905 * will delete it (and we shouldn't) .....
6907 for(i
--; i
>= 0; i
--) {
6908 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6909 count
= get_lock_count( data
, i
, large_file_format
);
6910 offset
= get_lock_offset( data
, i
, large_file_format
,
6914 * There is no error code marked "stupid client
6918 END_PROFILE(SMBlockingX
);
6919 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
6923 do_unlock(smbd_messaging_context(),
6930 END_PROFILE(SMBlockingX
);
6931 reply_nterror(req
, status
);
6935 reply_outbuf(req
, 2, 0);
6937 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
6938 fsp
->fnum
, (unsigned int)locktype
, num_locks
, num_ulocks
));
6940 END_PROFILE(SMBlockingX
);
6945 #define DBGC_CLASS DBGC_ALL
6947 /****************************************************************************
6948 Reply to a SMBreadbmpx (read block multiplex) request.
6949 Always reply with an error, if someone has a platform really needs this,
6950 please contact vl@samba.org
6951 ****************************************************************************/
6953 void reply_readbmpx(struct smb_request
*req
)
6955 START_PROFILE(SMBreadBmpx
);
6956 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
6957 END_PROFILE(SMBreadBmpx
);
6961 /****************************************************************************
6962 Reply to a SMBreadbs (read block multiplex secondary) request.
6963 Always reply with an error, if someone has a platform really needs this,
6964 please contact vl@samba.org
6965 ****************************************************************************/
6967 void reply_readbs(struct smb_request
*req
)
6969 START_PROFILE(SMBreadBs
);
6970 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
6971 END_PROFILE(SMBreadBs
);
6975 /****************************************************************************
6976 Reply to a SMBsetattrE.
6977 ****************************************************************************/
6979 void reply_setattrE(struct smb_request
*req
)
6981 connection_struct
*conn
= req
->conn
;
6982 struct timespec ts
[2];
6984 SMB_STRUCT_STAT sbuf
;
6987 START_PROFILE(SMBsetattrE
);
6990 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6991 END_PROFILE(SMBsetattrE
);
6995 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
6997 if(!fsp
|| (fsp
->conn
!= conn
)) {
6998 reply_doserror(req
, ERRDOS
, ERRbadfid
);
6999 END_PROFILE(SMBsetattrE
);
7005 * Convert the DOS times into unix times. Ignore create
7006 * time as UNIX can't set this.
7009 ts
[0] = convert_time_t_to_timespec(
7010 srv_make_unix_date2(req
->inbuf
+smb_vwv3
)); /* atime. */
7011 ts
[1] = convert_time_t_to_timespec(
7012 srv_make_unix_date2(req
->inbuf
+smb_vwv5
)); /* mtime. */
7014 reply_outbuf(req
, 0, 0);
7017 * Patch from Ray Frush <frush@engr.colostate.edu>
7018 * Sometimes times are sent as zero - ignore them.
7021 /* Ensure we have a valid stat struct for the source. */
7022 if (fsp
->fh
->fd
!= -1) {
7023 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
7024 status
= map_nt_error_from_unix(errno
);
7025 reply_nterror(req
, status
);
7026 END_PROFILE(SMBsetattrE
);
7030 if (SMB_VFS_STAT(conn
, fsp
->fsp_name
, &sbuf
) == -1) {
7031 status
= map_nt_error_from_unix(errno
);
7032 reply_nterror(req
, status
);
7033 END_PROFILE(SMBsetattrE
);
7038 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
,
7040 if (!NT_STATUS_IS_OK(status
)) {
7041 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7042 END_PROFILE(SMBsetattrE
);
7046 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
7048 (unsigned int)ts
[0].tv_sec
,
7049 (unsigned int)ts
[1].tv_sec
));
7051 END_PROFILE(SMBsetattrE
);
7056 /* Back from the dead for OS/2..... JRA. */
7058 /****************************************************************************
7059 Reply to a SMBwritebmpx (write block multiplex primary) request.
7060 Always reply with an error, if someone has a platform really needs this,
7061 please contact vl@samba.org
7062 ****************************************************************************/
7064 void reply_writebmpx(struct smb_request
*req
)
7066 START_PROFILE(SMBwriteBmpx
);
7067 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7068 END_PROFILE(SMBwriteBmpx
);
7072 /****************************************************************************
7073 Reply to a SMBwritebs (write block multiplex secondary) request.
7074 Always reply with an error, if someone has a platform really needs this,
7075 please contact vl@samba.org
7076 ****************************************************************************/
7078 void reply_writebs(struct smb_request
*req
)
7080 START_PROFILE(SMBwriteBs
);
7081 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7082 END_PROFILE(SMBwriteBs
);
7086 /****************************************************************************
7087 Reply to a SMBgetattrE.
7088 ****************************************************************************/
7090 void reply_getattrE(struct smb_request
*req
)
7092 connection_struct
*conn
= req
->conn
;
7093 SMB_STRUCT_STAT sbuf
;
7097 START_PROFILE(SMBgetattrE
);
7100 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7101 END_PROFILE(SMBgetattrE
);
7105 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
7107 if(!fsp
|| (fsp
->conn
!= conn
)) {
7108 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7109 END_PROFILE(SMBgetattrE
);
7113 /* Do an fstat on this file */
7114 if(fsp_stat(fsp
, &sbuf
)) {
7115 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
7116 END_PROFILE(SMBgetattrE
);
7120 mode
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
7123 * Convert the times into dos times. Set create
7124 * date to be last modify date as UNIX doesn't save
7128 reply_outbuf(req
, 11, 0);
7130 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv0
,
7131 get_create_time(&sbuf
,
7132 lp_fake_dir_create_times(SNUM(conn
))));
7133 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv2
, sbuf
.st_atime
);
7134 /* Should we check pending modtime here ? JRA */
7135 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv4
, sbuf
.st_mtime
);
7138 SIVAL(req
->outbuf
, smb_vwv6
, 0);
7139 SIVAL(req
->outbuf
, smb_vwv8
, 0);
7141 uint32 allocation_size
= get_allocation_size(conn
,fsp
, &sbuf
);
7142 SIVAL(req
->outbuf
, smb_vwv6
, (uint32
)sbuf
.st_size
);
7143 SIVAL(req
->outbuf
, smb_vwv8
, allocation_size
);
7145 SSVAL(req
->outbuf
,smb_vwv10
, mode
);
7147 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp
->fnum
));
7149 END_PROFILE(SMBgetattrE
);