2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol
;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS
check_path_syntax_internal(char *path
,
45 bool *p_last_component_contains_wcard
)
49 NTSTATUS ret
= NT_STATUS_OK
;
50 bool start_of_name_component
= True
;
51 bool stream_started
= false;
53 *p_last_component_contains_wcard
= False
;
60 return NT_STATUS_OBJECT_NAME_INVALID
;
63 return NT_STATUS_OBJECT_NAME_INVALID
;
65 if (strchr_m(&s
[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID
;
68 if (StrCaseCmp(s
, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER
;
75 if (!posix_path
&& !stream_started
&& *s
== ':') {
76 if (*p_last_component_contains_wcard
) {
77 return NT_STATUS_OBJECT_NAME_INVALID
;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started
= true;
86 start_of_name_component
= false;
90 return NT_STATUS_OBJECT_NAME_INVALID
;
94 if (!stream_started
&& IS_PATH_SEP(*s
,posix_path
)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s
,posix_path
)) {
103 if ((d
!= path
) && (*s
!= '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component
= True
;
110 *p_last_component_contains_wcard
= False
;
114 if (start_of_name_component
) {
115 if ((s
[0] == '.') && (s
[1] == '.') && (IS_PATH_SEP(s
[2],posix_path
) || s
[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d
> path
) && (*(d
-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret
= NT_STATUS_OBJECT_PATH_SYNTAX_BAD
;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d
--; d
> path
; d
--) {
141 s
+= 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s
[0] == '.') && ((s
[1] == '\0') || IS_PATH_SEP(s
[1],posix_path
))) {
157 if (*s
<= 0x1f || *s
== '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID
;
166 *p_last_component_contains_wcard
= True
;
175 /* Get the size of the next MB character. */
176 next_codepoint(s
,&siz
);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER
;
199 start_of_name_component
= False
;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS
check_path_syntax(char *path
)
215 return check_path_syntax_internal(path
, False
, &ignore
);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS
check_path_syntax_wcard(char *path
, bool *p_contains_wcard
)
226 return check_path_syntax_internal(path
, False
, p_contains_wcard
);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS
check_path_syntax_posix(char *path
)
238 return check_path_syntax_internal(path
, True
, &ignore
);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX
*ctx
,
246 const char *base_ptr
,
253 bool *contains_wcard
)
259 ret
= srvstr_pull_talloc(ctx
, base_ptr
, smb_flags2
, pp_dest
, src
,
263 *err
= NT_STATUS_INVALID_PARAMETER
;
267 *contains_wcard
= False
;
269 if (smb_flags2
& FLAGS2_DFS_PATHNAMES
) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err
= check_path_syntax_posix(*pp_dest
);
281 *err
= check_path_syntax_wcard(*pp_dest
, contains_wcard
);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX
*ctx
,
292 const char *base_ptr
,
301 return srvstr_get_path_wcard(ctx
, base_ptr
, smb_flags2
, pp_dest
, src
,
302 src_len
, flags
, err
, &ignore
);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX
*mem_ctx
, struct smb_request
*req
,
306 char **pp_dest
, const char *src
, int flags
,
307 NTSTATUS
*err
, bool *contains_wcard
)
309 return srvstr_get_path_wcard(mem_ctx
, (char *)req
->inbuf
, req
->flags2
,
310 pp_dest
, src
, smbreq_bufrem(req
, src
),
311 flags
, err
, contains_wcard
);
314 size_t srvstr_get_path_req(TALLOC_CTX
*mem_ctx
, struct smb_request
*req
,
315 char **pp_dest
, const char *src
, int flags
,
319 return srvstr_get_path_req_wcard(mem_ctx
, req
, pp_dest
, src
,
320 flags
, err
, &ignore
);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct
*conn
, struct smb_request
*req
,
330 if (!(fsp
) || !(conn
)) {
331 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
334 if (((conn
) != (fsp
)->conn
) || req
->vuid
!= (fsp
)->vuid
) {
335 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct
*conn
, struct smb_request
*req
,
348 if (!check_fsp_open(conn
, req
, fsp
)) {
351 if ((fsp
)->is_directory
) {
352 reply_nterror(req
, NT_STATUS_INVALID_DEVICE_REQUEST
);
355 if ((fsp
)->fh
->fd
== -1) {
356 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
359 (fsp
)->num_smb_operations
++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct
*conn
, struct smb_request
*req
,
371 if (!check_fsp_open(conn
, req
, fsp
)) {
375 if (fsp
->is_directory
) {
379 if (fsp
->fake_file_handle
== NULL
) {
383 if (fsp
->fake_file_handle
->type
!= FAKE_FILE_TYPE_QUOTA
) {
387 if (fsp
->fake_file_handle
->private_data
== NULL
) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct
*conn
, struct smb_request
*req
,
401 if ((fsp
) && (conn
) && ((conn
)==(fsp
)->conn
)
402 && (req
->vuid
== (fsp
)->vuid
)) {
406 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
410 /****************************************************************************
411 Reply to a (netbios-level) special message.
412 ****************************************************************************/
414 void reply_special(char *inbuf
)
416 int msg_type
= CVAL(inbuf
,0);
417 int msg_flags
= CVAL(inbuf
,1);
422 * We only really use 4 bytes of the outbuf, but for the smb_setlen
423 * calculation & friends (srv_send_smb uses that) we need the full smb
426 char outbuf
[smb_size
];
430 memset(outbuf
, '\0', sizeof(outbuf
));
432 smb_setlen(outbuf
,0);
435 case 0x81: /* session request */
437 if (already_got_session
) {
438 exit_server_cleanly("multiple session request not permitted");
441 SCVAL(outbuf
,0,0x82);
443 if (name_len(inbuf
+4) > 50 ||
444 name_len(inbuf
+4 + name_len(inbuf
+ 4)) > 50) {
445 DEBUG(0,("Invalid name length in session request\n"));
448 name_extract(inbuf
,4,name1
);
449 name_type
= name_extract(inbuf
,4 + name_len(inbuf
+ 4),name2
);
450 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
453 set_local_machine_name(name1
, True
);
454 set_remote_machine_name(name2
, True
);
456 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
457 get_local_machine_name(), get_remote_machine_name(),
460 if (name_type
== 'R') {
461 /* We are being asked for a pathworks session ---
463 SCVAL(outbuf
, 0,0x83);
467 /* only add the client's machine name to the list
468 of possibly valid usernames if we are operating
469 in share mode security */
470 if (lp_security() == SEC_SHARE
) {
471 add_session_user(get_remote_machine_name());
474 reload_services(True
);
477 already_got_session
= True
;
480 case 0x89: /* session keepalive request
481 (some old clients produce this?) */
482 SCVAL(outbuf
,0,SMBkeepalive
);
486 case 0x82: /* positive session response */
487 case 0x83: /* negative session response */
488 case 0x84: /* retarget session response */
489 DEBUG(0,("Unexpected session response\n"));
492 case SMBkeepalive
: /* session keepalive */
497 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
498 msg_type
, msg_flags
));
500 srv_send_smb(smbd_server_fd(), outbuf
, false, NULL
);
504 /****************************************************************************
506 conn POINTER CAN BE NULL HERE !
507 ****************************************************************************/
509 void reply_tcon(struct smb_request
*req
)
511 connection_struct
*conn
= req
->conn
;
513 char *service_buf
= NULL
;
514 char *password
= NULL
;
519 DATA_BLOB password_blob
;
520 TALLOC_CTX
*ctx
= talloc_tos();
522 START_PROFILE(SMBtcon
);
524 if (req
->buflen
< 4) {
525 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
526 END_PROFILE(SMBtcon
);
530 p
= (const char *)req
->buf
+ 1;
531 p
+= srvstr_pull_req_talloc(ctx
, req
, &service_buf
, p
, STR_TERMINATE
);
533 pwlen
= srvstr_pull_req_talloc(ctx
, req
, &password
, p
, STR_TERMINATE
);
535 p
+= srvstr_pull_req_talloc(ctx
, req
, &dev
, p
, STR_TERMINATE
);
538 if (service_buf
== NULL
|| password
== NULL
|| dev
== NULL
) {
539 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
540 END_PROFILE(SMBtcon
);
543 p
= strrchr_m(service_buf
,'\\');
547 service
= service_buf
;
550 password_blob
= data_blob(password
, pwlen
+1);
552 conn
= make_connection(service
,password_blob
,dev
,req
->vuid
,&nt_status
);
555 data_blob_clear_free(&password_blob
);
558 reply_nterror(req
, nt_status
);
559 END_PROFILE(SMBtcon
);
563 reply_outbuf(req
, 2, 0);
564 SSVAL(req
->outbuf
,smb_vwv0
,max_recv
);
565 SSVAL(req
->outbuf
,smb_vwv1
,conn
->cnum
);
566 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
568 DEBUG(3,("tcon service=%s cnum=%d\n",
569 service
, conn
->cnum
));
571 END_PROFILE(SMBtcon
);
575 /****************************************************************************
576 Reply to a tcon and X.
577 conn POINTER CAN BE NULL HERE !
578 ****************************************************************************/
580 void reply_tcon_and_X(struct smb_request
*req
)
582 connection_struct
*conn
= req
->conn
;
583 const char *service
= NULL
;
585 TALLOC_CTX
*ctx
= talloc_tos();
586 /* what the cleint thinks the device is */
587 char *client_devicetype
= NULL
;
588 /* what the server tells the client the share represents */
589 const char *server_devicetype
;
596 START_PROFILE(SMBtconX
);
599 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
600 END_PROFILE(SMBtconX
);
604 passlen
= SVAL(req
->vwv
+3, 0);
605 tcon_flags
= SVAL(req
->vwv
+2, 0);
607 /* we might have to close an old one */
608 if ((tcon_flags
& 0x1) && conn
) {
609 close_cnum(conn
,req
->vuid
);
614 if ((passlen
> MAX_PASS_LEN
) || (passlen
>= req
->buflen
)) {
615 reply_doserror(req
, ERRDOS
, ERRbuftoosmall
);
616 END_PROFILE(SMBtconX
);
620 if (global_encrypted_passwords_negotiated
) {
621 password
= data_blob_talloc(talloc_tos(), req
->buf
, passlen
);
622 if (lp_security() == SEC_SHARE
) {
624 * Security = share always has a pad byte
625 * after the password.
627 p
= (const char *)req
->buf
+ passlen
+ 1;
629 p
= (const char *)req
->buf
+ passlen
;
632 password
= data_blob_talloc(talloc_tos(), req
->buf
, passlen
+1);
633 /* Ensure correct termination */
634 password
.data
[passlen
]=0;
635 p
= (const char *)req
->buf
+ passlen
+ 1;
638 p
+= srvstr_pull_req_talloc(ctx
, req
, &path
, p
, STR_TERMINATE
);
641 data_blob_clear_free(&password
);
642 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
643 END_PROFILE(SMBtconX
);
648 * the service name can be either: \\server\share
649 * or share directly like on the DELL PowerVault 705
652 q
= strchr_m(path
+2,'\\');
654 data_blob_clear_free(&password
);
655 reply_doserror(req
, ERRDOS
, ERRnosuchshare
);
656 END_PROFILE(SMBtconX
);
664 p
+= srvstr_pull_talloc(ctx
, req
->inbuf
, req
->flags2
,
665 &client_devicetype
, p
,
666 MIN(6, smbreq_bufrem(req
, p
)), STR_ASCII
);
668 if (client_devicetype
== NULL
) {
669 data_blob_clear_free(&password
);
670 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
671 END_PROFILE(SMBtconX
);
675 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype
, service
));
677 conn
= make_connection(service
, password
, client_devicetype
,
678 req
->vuid
, &nt_status
);
681 data_blob_clear_free(&password
);
684 reply_nterror(req
, nt_status
);
685 END_PROFILE(SMBtconX
);
690 server_devicetype
= "IPC";
691 else if ( IS_PRINT(conn
) )
692 server_devicetype
= "LPT1:";
694 server_devicetype
= "A:";
696 if (Protocol
< PROTOCOL_NT1
) {
697 reply_outbuf(req
, 2, 0);
698 if (message_push_string(&req
->outbuf
, server_devicetype
,
699 STR_TERMINATE
|STR_ASCII
) == -1) {
700 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
701 END_PROFILE(SMBtconX
);
705 /* NT sets the fstype of IPC$ to the null string */
706 const char *fstype
= IS_IPC(conn
) ? "" : lp_fstype(SNUM(conn
));
708 if (tcon_flags
& TCONX_FLAG_EXTENDED_RESPONSE
) {
709 /* Return permissions. */
713 reply_outbuf(req
, 7, 0);
716 perm1
= FILE_ALL_ACCESS
;
717 perm2
= FILE_ALL_ACCESS
;
719 perm1
= CAN_WRITE(conn
) ?
724 SIVAL(req
->outbuf
, smb_vwv3
, perm1
);
725 SIVAL(req
->outbuf
, smb_vwv5
, perm2
);
727 reply_outbuf(req
, 3, 0);
730 if ((message_push_string(&req
->outbuf
, server_devicetype
,
731 STR_TERMINATE
|STR_ASCII
) == -1)
732 || (message_push_string(&req
->outbuf
, fstype
,
733 STR_TERMINATE
) == -1)) {
734 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
735 END_PROFILE(SMBtconX
);
739 /* what does setting this bit do? It is set by NT4 and
740 may affect the ability to autorun mounted cdroms */
741 SSVAL(req
->outbuf
, smb_vwv2
, SMB_SUPPORT_SEARCH_BITS
|
742 (lp_csc_policy(SNUM(conn
)) << 2));
744 if (lp_msdfs_root(SNUM(conn
)) && lp_host_msdfs()) {
745 DEBUG(2,("Serving %s as a Dfs root\n",
746 lp_servicename(SNUM(conn
)) ));
747 SSVAL(req
->outbuf
, smb_vwv2
,
748 SMB_SHARE_IN_DFS
| SVAL(req
->outbuf
, smb_vwv2
));
753 DEBUG(3,("tconX service=%s \n",
756 /* set the incoming and outgoing tid to the just created one */
757 SSVAL(req
->inbuf
,smb_tid
,conn
->cnum
);
758 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
760 END_PROFILE(SMBtconX
);
766 /****************************************************************************
767 Reply to an unknown type.
768 ****************************************************************************/
770 void reply_unknown_new(struct smb_request
*req
, uint8 type
)
772 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
773 smb_fn_name(type
), type
, type
));
774 reply_doserror(req
, ERRSRV
, ERRunknownsmb
);
778 /****************************************************************************
780 conn POINTER CAN BE NULL HERE !
781 ****************************************************************************/
783 void reply_ioctl(struct smb_request
*req
)
785 connection_struct
*conn
= req
->conn
;
792 START_PROFILE(SMBioctl
);
795 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
796 END_PROFILE(SMBioctl
);
800 device
= SVAL(req
->vwv
+1, 0);
801 function
= SVAL(req
->vwv
+2, 0);
802 ioctl_code
= (device
<< 16) + function
;
804 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code
));
806 switch (ioctl_code
) {
807 case IOCTL_QUERY_JOB_INFO
:
811 reply_doserror(req
, ERRSRV
, ERRnosupport
);
812 END_PROFILE(SMBioctl
);
816 reply_outbuf(req
, 8, replysize
+1);
817 SSVAL(req
->outbuf
,smb_vwv1
,replysize
); /* Total data bytes returned */
818 SSVAL(req
->outbuf
,smb_vwv5
,replysize
); /* Data bytes this buffer */
819 SSVAL(req
->outbuf
,smb_vwv6
,52); /* Offset to data */
820 p
= smb_buf(req
->outbuf
);
821 memset(p
, '\0', replysize
+1); /* valgrind-safe. */
822 p
+= 1; /* Allow for alignment */
824 switch (ioctl_code
) {
825 case IOCTL_QUERY_JOB_INFO
:
827 files_struct
*fsp
= file_fsp(
828 req
, SVAL(req
->vwv
+0, 0));
830 reply_doserror(req
, ERRDOS
, ERRbadfid
);
831 END_PROFILE(SMBioctl
);
834 SSVAL(p
,0,fsp
->rap_print_jobid
); /* Job number */
835 srvstr_push((char *)req
->outbuf
, req
->flags2
, p
+2,
837 STR_TERMINATE
|STR_ASCII
);
839 srvstr_push((char *)req
->outbuf
, req
->flags2
,
840 p
+18, lp_servicename(SNUM(conn
)),
841 13, STR_TERMINATE
|STR_ASCII
);
849 END_PROFILE(SMBioctl
);
853 /****************************************************************************
854 Strange checkpath NTSTATUS mapping.
855 ****************************************************************************/
857 static NTSTATUS
map_checkpath_error(uint16_t flags2
, NTSTATUS status
)
859 /* Strange DOS error code semantics only for checkpath... */
860 if (!(flags2
& FLAGS2_32_BIT_ERROR_CODES
)) {
861 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID
,status
)) {
862 /* We need to map to ERRbadpath */
863 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
869 /****************************************************************************
870 Reply to a checkpath.
871 ****************************************************************************/
873 void reply_checkpath(struct smb_request
*req
)
875 connection_struct
*conn
= req
->conn
;
877 SMB_STRUCT_STAT sbuf
;
879 TALLOC_CTX
*ctx
= talloc_tos();
881 START_PROFILE(SMBcheckpath
);
883 srvstr_get_path_req(ctx
, req
, &name
, (const char *)req
->buf
+ 1,
884 STR_TERMINATE
, &status
);
886 if (!NT_STATUS_IS_OK(status
)) {
887 status
= map_checkpath_error(req
->flags2
, status
);
888 reply_nterror(req
, status
);
889 END_PROFILE(SMBcheckpath
);
893 status
= resolve_dfspath(ctx
, conn
,
894 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
897 if (!NT_STATUS_IS_OK(status
)) {
898 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
899 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
901 END_PROFILE(SMBcheckpath
);
907 DEBUG(3,("reply_checkpath %s mode=%d\n", name
, (int)SVAL(req
->vwv
+0, 0)));
909 status
= unix_convert(ctx
, conn
, name
, False
, &name
, NULL
, &sbuf
);
910 if (!NT_STATUS_IS_OK(status
)) {
914 status
= check_name(conn
, name
);
915 if (!NT_STATUS_IS_OK(status
)) {
916 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name
,nt_errstr(status
)));
920 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,name
,&sbuf
) != 0)) {
921 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name
,strerror(errno
)));
922 status
= map_nt_error_from_unix(errno
);
926 if (!S_ISDIR(sbuf
.st_mode
)) {
927 reply_botherror(req
, NT_STATUS_NOT_A_DIRECTORY
,
929 END_PROFILE(SMBcheckpath
);
933 reply_outbuf(req
, 0, 0);
935 END_PROFILE(SMBcheckpath
);
940 END_PROFILE(SMBcheckpath
);
942 /* We special case this - as when a Windows machine
943 is parsing a path is steps through the components
944 one at a time - if a component fails it expects
945 ERRbadpath, not ERRbadfile.
947 status
= map_checkpath_error(req
->flags2
, status
);
948 if (NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
950 * Windows returns different error codes if
951 * the parent directory is valid but not the
952 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
953 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
954 * if the path is invalid.
956 reply_botherror(req
, NT_STATUS_OBJECT_NAME_NOT_FOUND
,
961 reply_nterror(req
, status
);
964 /****************************************************************************
966 ****************************************************************************/
968 void reply_getatr(struct smb_request
*req
)
970 connection_struct
*conn
= req
->conn
;
972 SMB_STRUCT_STAT sbuf
;
978 TALLOC_CTX
*ctx
= talloc_tos();
980 START_PROFILE(SMBgetatr
);
982 p
= (const char *)req
->buf
+ 1;
983 p
+= srvstr_get_path_req(ctx
, req
, &fname
, p
, STR_TERMINATE
, &status
);
984 if (!NT_STATUS_IS_OK(status
)) {
985 reply_nterror(req
, status
);
986 END_PROFILE(SMBgetatr
);
990 status
= resolve_dfspath(ctx
, conn
,
991 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
994 if (!NT_STATUS_IS_OK(status
)) {
995 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
996 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
998 END_PROFILE(SMBgetatr
);
1001 reply_nterror(req
, status
);
1002 END_PROFILE(SMBgetatr
);
1006 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1007 under WfWg - weird! */
1008 if (*fname
== '\0') {
1009 mode
= aHIDDEN
| aDIR
;
1010 if (!CAN_WRITE(conn
)) {
1016 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
,&sbuf
);
1017 if (!NT_STATUS_IS_OK(status
)) {
1018 reply_nterror(req
, status
);
1019 END_PROFILE(SMBgetatr
);
1022 status
= check_name(conn
, fname
);
1023 if (!NT_STATUS_IS_OK(status
)) {
1024 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname
,nt_errstr(status
)));
1025 reply_nterror(req
, status
);
1026 END_PROFILE(SMBgetatr
);
1029 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,fname
,&sbuf
) != 0)) {
1030 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname
,strerror(errno
)));
1031 reply_unixerror(req
, ERRDOS
,ERRbadfile
);
1032 END_PROFILE(SMBgetatr
);
1036 mode
= dos_mode(conn
,fname
,&sbuf
);
1037 size
= sbuf
.st_size
;
1038 mtime
= sbuf
.st_mtime
;
1044 reply_outbuf(req
, 10, 0);
1046 SSVAL(req
->outbuf
,smb_vwv0
,mode
);
1047 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1048 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
& ~1);
1050 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
);
1052 SIVAL(req
->outbuf
,smb_vwv3
,(uint32
)size
);
1054 if (Protocol
>= PROTOCOL_NT1
) {
1055 SSVAL(req
->outbuf
, smb_flg2
,
1056 SVAL(req
->outbuf
, smb_flg2
) | FLAGS2_IS_LONG_NAME
);
1059 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname
, mode
, (unsigned int)size
) );
1061 END_PROFILE(SMBgetatr
);
1065 /****************************************************************************
1067 ****************************************************************************/
1069 void reply_setatr(struct smb_request
*req
)
1071 struct smb_file_time ft
;
1072 connection_struct
*conn
= req
->conn
;
1076 SMB_STRUCT_STAT sbuf
;
1079 TALLOC_CTX
*ctx
= talloc_tos();
1081 START_PROFILE(SMBsetatr
);
1086 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1090 p
= (const char *)req
->buf
+ 1;
1091 p
+= srvstr_get_path_req(ctx
, req
, &fname
, p
, STR_TERMINATE
, &status
);
1092 if (!NT_STATUS_IS_OK(status
)) {
1093 reply_nterror(req
, status
);
1094 END_PROFILE(SMBsetatr
);
1098 status
= resolve_dfspath(ctx
, conn
,
1099 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1102 if (!NT_STATUS_IS_OK(status
)) {
1103 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
1104 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1105 ERRSRV
, ERRbadpath
);
1106 END_PROFILE(SMBsetatr
);
1109 reply_nterror(req
, status
);
1110 END_PROFILE(SMBsetatr
);
1114 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
1115 if (!NT_STATUS_IS_OK(status
)) {
1116 reply_nterror(req
, status
);
1117 END_PROFILE(SMBsetatr
);
1121 status
= check_name(conn
, fname
);
1122 if (!NT_STATUS_IS_OK(status
)) {
1123 reply_nterror(req
, status
);
1124 END_PROFILE(SMBsetatr
);
1128 if (fname
[0] == '.' && fname
[1] == '\0') {
1130 * Not sure here is the right place to catch this
1131 * condition. Might be moved to somewhere else later -- vl
1133 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
1134 END_PROFILE(SMBsetatr
);
1138 mode
= SVAL(req
->vwv
+0, 0);
1139 mtime
= srv_make_unix_date3(req
->vwv
+1);
1141 ft
.mtime
= convert_time_t_to_timespec(mtime
);
1142 status
= smb_set_file_time(conn
, NULL
, fname
,
1144 if (!NT_STATUS_IS_OK(status
)) {
1145 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1146 END_PROFILE(SMBsetatr
);
1150 if (mode
!= FILE_ATTRIBUTE_NORMAL
) {
1151 if (VALID_STAT_OF_DIR(sbuf
))
1156 if (file_set_dosmode(conn
,fname
,mode
,&sbuf
,NULL
,false) != 0) {
1157 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1158 END_PROFILE(SMBsetatr
);
1163 reply_outbuf(req
, 0, 0);
1165 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname
, mode
) );
1167 END_PROFILE(SMBsetatr
);
1171 /****************************************************************************
1173 ****************************************************************************/
1175 void reply_dskattr(struct smb_request
*req
)
1177 connection_struct
*conn
= req
->conn
;
1178 uint64_t dfree
,dsize
,bsize
;
1179 START_PROFILE(SMBdskattr
);
1181 if (get_dfree_info(conn
,".",True
,&bsize
,&dfree
,&dsize
) == (uint64_t)-1) {
1182 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
1183 END_PROFILE(SMBdskattr
);
1187 reply_outbuf(req
, 5, 0);
1189 if (Protocol
<= PROTOCOL_LANMAN2
) {
1190 double total_space
, free_space
;
1191 /* we need to scale this to a number that DOS6 can handle. We
1192 use floating point so we can handle large drives on systems
1193 that don't have 64 bit integers
1195 we end up displaying a maximum of 2G to DOS systems
1197 total_space
= dsize
* (double)bsize
;
1198 free_space
= dfree
* (double)bsize
;
1200 dsize
= (uint64_t)((total_space
+63*512) / (64*512));
1201 dfree
= (uint64_t)((free_space
+63*512) / (64*512));
1203 if (dsize
> 0xFFFF) dsize
= 0xFFFF;
1204 if (dfree
> 0xFFFF) dfree
= 0xFFFF;
1206 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1207 SSVAL(req
->outbuf
,smb_vwv1
,64); /* this must be 64 for dos systems */
1208 SSVAL(req
->outbuf
,smb_vwv2
,512); /* and this must be 512 */
1209 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1211 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1212 SSVAL(req
->outbuf
,smb_vwv1
,bsize
/512);
1213 SSVAL(req
->outbuf
,smb_vwv2
,512);
1214 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1217 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree
));
1219 END_PROFILE(SMBdskattr
);
1223 /****************************************************************************
1225 Can be called from SMBsearch, SMBffirst or SMBfunique.
1226 ****************************************************************************/
1228 void reply_search(struct smb_request
*req
)
1230 connection_struct
*conn
= req
->conn
;
1231 const char *mask
= NULL
;
1232 char *directory
= NULL
;
1238 unsigned int numentries
= 0;
1239 unsigned int maxentries
= 0;
1240 bool finished
= False
;
1246 bool check_descend
= False
;
1247 bool expect_close
= False
;
1249 bool mask_contains_wcard
= False
;
1250 bool allow_long_path_components
= (req
->flags2
& FLAGS2_LONG_PATH_COMPONENTS
) ? True
: False
;
1251 TALLOC_CTX
*ctx
= talloc_tos();
1252 bool ask_sharemode
= lp_parm_bool(SNUM(conn
), "smbd", "search ask sharemode", true);
1254 START_PROFILE(SMBsearch
);
1257 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1258 END_PROFILE(SMBsearch
);
1262 if (lp_posix_pathnames()) {
1263 reply_unknown_new(req
, req
->cmd
);
1264 END_PROFILE(SMBsearch
);
1268 /* If we were called as SMBffirst then we must expect close. */
1269 if(req
->cmd
== SMBffirst
) {
1270 expect_close
= True
;
1273 reply_outbuf(req
, 1, 3);
1274 maxentries
= SVAL(req
->vwv
+0, 0);
1275 dirtype
= SVAL(req
->vwv
+1, 0);
1276 p
= (const char *)req
->buf
+ 1;
1277 p
+= srvstr_get_path_req_wcard(ctx
, req
, &path
, p
, STR_TERMINATE
,
1278 &nt_status
, &mask_contains_wcard
);
1279 if (!NT_STATUS_IS_OK(nt_status
)) {
1280 reply_nterror(req
, nt_status
);
1281 END_PROFILE(SMBsearch
);
1285 nt_status
= resolve_dfspath_wcard(ctx
, conn
,
1286 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1289 &mask_contains_wcard
);
1290 if (!NT_STATUS_IS_OK(nt_status
)) {
1291 if (NT_STATUS_EQUAL(nt_status
,NT_STATUS_PATH_NOT_COVERED
)) {
1292 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1293 ERRSRV
, ERRbadpath
);
1294 END_PROFILE(SMBsearch
);
1297 reply_nterror(req
, nt_status
);
1298 END_PROFILE(SMBsearch
);
1303 status_len
= SVAL(p
, 0);
1306 /* dirtype &= ~aDIR; */
1308 if (status_len
== 0) {
1309 SMB_STRUCT_STAT sbuf
;
1311 nt_status
= unix_convert(ctx
, conn
, path
, True
,
1312 &directory
, NULL
, &sbuf
);
1313 if (!NT_STATUS_IS_OK(nt_status
)) {
1314 reply_nterror(req
, nt_status
);
1315 END_PROFILE(SMBsearch
);
1319 nt_status
= check_name(conn
, directory
);
1320 if (!NT_STATUS_IS_OK(nt_status
)) {
1321 reply_nterror(req
, nt_status
);
1322 END_PROFILE(SMBsearch
);
1326 p
= strrchr_m(directory
,'/');
1327 if ((p
!= NULL
) && (*directory
!= '/')) {
1329 directory
= talloc_strndup(ctx
, directory
,
1330 PTR_DIFF(p
, directory
));
1333 directory
= talloc_strdup(ctx
,".");
1337 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1338 END_PROFILE(SMBsearch
);
1342 memset((char *)status
,'\0',21);
1343 SCVAL(status
,0,(dirtype
& 0x1F));
1345 nt_status
= dptr_create(conn
,
1351 mask_contains_wcard
,
1354 if (!NT_STATUS_IS_OK(nt_status
)) {
1355 reply_nterror(req
, nt_status
);
1356 END_PROFILE(SMBsearch
);
1359 dptr_num
= dptr_dnum(conn
->dirptr
);
1363 memcpy(status
,p
,21);
1364 status_dirtype
= CVAL(status
,0) & 0x1F;
1365 if (status_dirtype
!= (dirtype
& 0x1F)) {
1366 dirtype
= status_dirtype
;
1369 conn
->dirptr
= dptr_fetch(status
+12,&dptr_num
);
1370 if (!conn
->dirptr
) {
1373 string_set(&conn
->dirpath
,dptr_path(dptr_num
));
1374 mask
= dptr_wcard(dptr_num
);
1379 * For a 'continue' search we have no string. So
1380 * check from the initial saved string.
1382 mask_contains_wcard
= ms_has_wild(mask
);
1383 dirtype
= dptr_attr(dptr_num
);
1386 DEBUG(4,("dptr_num is %d\n",dptr_num
));
1388 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1389 dptr_init_search_op(conn
->dirptr
);
1391 if ((dirtype
&0x1F) == aVOLID
) {
1392 char buf
[DIR_STRUCT_SIZE
];
1393 memcpy(buf
,status
,21);
1394 if (!make_dir_struct(ctx
,buf
,"???????????",volume_label(SNUM(conn
)),
1395 0,aVOLID
,0,!allow_long_path_components
)) {
1396 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1397 END_PROFILE(SMBsearch
);
1400 dptr_fill(buf
+12,dptr_num
);
1401 if (dptr_zero(buf
+12) && (status_len
==0)) {
1406 if (message_push_blob(&req
->outbuf
,
1407 data_blob_const(buf
, sizeof(buf
)))
1409 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1410 END_PROFILE(SMBsearch
);
1418 ((uint8
*)smb_buf(req
->outbuf
) + 3 - req
->outbuf
))
1421 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1422 conn
->dirpath
,lp_dontdescend(SNUM(conn
))));
1423 if (in_list(conn
->dirpath
, lp_dontdescend(SNUM(conn
)),True
)) {
1424 check_descend
= True
;
1427 for (i
=numentries
;(i
<maxentries
) && !finished
;i
++) {
1428 finished
= !get_dir_entry(ctx
,
1439 char buf
[DIR_STRUCT_SIZE
];
1440 memcpy(buf
,status
,21);
1441 if (!make_dir_struct(ctx
,
1448 !allow_long_path_components
)) {
1449 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1450 END_PROFILE(SMBsearch
);
1453 if (!dptr_fill(buf
+12,dptr_num
)) {
1456 if (message_push_blob(&req
->outbuf
,
1457 data_blob_const(buf
, sizeof(buf
)))
1459 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1460 END_PROFILE(SMBsearch
);
1470 /* If we were called as SMBffirst with smb_search_id == NULL
1471 and no entries were found then return error and close dirptr
1474 if (numentries
== 0) {
1475 dptr_close(&dptr_num
);
1476 } else if(expect_close
&& status_len
== 0) {
1477 /* Close the dptr - we know it's gone */
1478 dptr_close(&dptr_num
);
1481 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1482 if(dptr_num
>= 0 && req
->cmd
== SMBfunique
) {
1483 dptr_close(&dptr_num
);
1486 if ((numentries
== 0) && !mask_contains_wcard
) {
1487 reply_botherror(req
, STATUS_NO_MORE_FILES
, ERRDOS
, ERRnofiles
);
1488 END_PROFILE(SMBsearch
);
1492 SSVAL(req
->outbuf
,smb_vwv0
,numentries
);
1493 SSVAL(req
->outbuf
,smb_vwv1
,3 + numentries
* DIR_STRUCT_SIZE
);
1494 SCVAL(smb_buf(req
->outbuf
),0,5);
1495 SSVAL(smb_buf(req
->outbuf
),1,numentries
*DIR_STRUCT_SIZE
);
1497 /* The replies here are never long name. */
1498 SSVAL(req
->outbuf
, smb_flg2
,
1499 SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_IS_LONG_NAME
));
1500 if (!allow_long_path_components
) {
1501 SSVAL(req
->outbuf
, smb_flg2
,
1502 SVAL(req
->outbuf
, smb_flg2
)
1503 & (~FLAGS2_LONG_PATH_COMPONENTS
));
1506 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1507 SSVAL(req
->outbuf
, smb_flg2
,
1508 (SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_UNICODE_STRINGS
)));
1511 directory
= dptr_path(dptr_num
);
1514 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1515 smb_fn_name(req
->cmd
),
1517 directory
? directory
: "./",
1522 END_PROFILE(SMBsearch
);
1526 /****************************************************************************
1527 Reply to a fclose (stop directory search).
1528 ****************************************************************************/
1530 void reply_fclose(struct smb_request
*req
)
1538 bool path_contains_wcard
= False
;
1539 TALLOC_CTX
*ctx
= talloc_tos();
1541 START_PROFILE(SMBfclose
);
1543 if (lp_posix_pathnames()) {
1544 reply_unknown_new(req
, req
->cmd
);
1545 END_PROFILE(SMBfclose
);
1549 p
= (const char *)req
->buf
+ 1;
1550 p
+= srvstr_get_path_req_wcard(ctx
, req
, &path
, p
, STR_TERMINATE
,
1551 &err
, &path_contains_wcard
);
1552 if (!NT_STATUS_IS_OK(err
)) {
1553 reply_nterror(req
, err
);
1554 END_PROFILE(SMBfclose
);
1558 status_len
= SVAL(p
,0);
1561 if (status_len
== 0) {
1562 reply_doserror(req
, ERRSRV
, ERRsrverror
);
1563 END_PROFILE(SMBfclose
);
1567 memcpy(status
,p
,21);
1569 if(dptr_fetch(status
+12,&dptr_num
)) {
1570 /* Close the dptr - we know it's gone */
1571 dptr_close(&dptr_num
);
1574 reply_outbuf(req
, 1, 0);
1575 SSVAL(req
->outbuf
,smb_vwv0
,0);
1577 DEBUG(3,("search close\n"));
1579 END_PROFILE(SMBfclose
);
1583 /****************************************************************************
1585 ****************************************************************************/
1587 void reply_open(struct smb_request
*req
)
1589 connection_struct
*conn
= req
->conn
;
1595 SMB_STRUCT_STAT sbuf
;
1602 uint32 create_disposition
;
1603 uint32 create_options
= 0;
1605 TALLOC_CTX
*ctx
= talloc_tos();
1607 START_PROFILE(SMBopen
);
1609 SET_STAT_INVALID(sbuf
);
1612 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1613 END_PROFILE(SMBopen
);
1617 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1618 deny_mode
= SVAL(req
->vwv
+0, 0);
1619 dos_attr
= SVAL(req
->vwv
+1, 0);
1621 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
+1,
1622 STR_TERMINATE
, &status
);
1623 if (!NT_STATUS_IS_OK(status
)) {
1624 reply_nterror(req
, status
);
1625 END_PROFILE(SMBopen
);
1629 if (!map_open_params_to_ntcreate(
1630 fname
, deny_mode
, OPENX_FILE_EXISTS_OPEN
, &access_mask
,
1631 &share_mode
, &create_disposition
, &create_options
)) {
1632 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1633 END_PROFILE(SMBopen
);
1637 status
= SMB_VFS_CREATE_FILE(
1640 0, /* root_dir_fid */
1642 CFF_DOS_PATH
, /* create_file_flags */
1643 access_mask
, /* access_mask */
1644 share_mode
, /* share_access */
1645 create_disposition
, /* create_disposition*/
1646 create_options
, /* create_options */
1647 dos_attr
, /* file_attributes */
1648 oplock_request
, /* oplock_request */
1649 0, /* allocation_size */
1656 if (!NT_STATUS_IS_OK(status
)) {
1657 if (open_was_deferred(req
->mid
)) {
1658 /* We have re-scheduled this call. */
1659 END_PROFILE(SMBopen
);
1662 reply_openerror(req
, status
);
1663 END_PROFILE(SMBopen
);
1667 size
= sbuf
.st_size
;
1668 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1669 mtime
= sbuf
.st_mtime
;
1672 DEBUG(3,("attempt to open a directory %s\n",fsp
->fsp_name
));
1673 close_file(req
, fsp
, ERROR_CLOSE
);
1674 reply_doserror(req
, ERRDOS
,ERRnoaccess
);
1675 END_PROFILE(SMBopen
);
1679 reply_outbuf(req
, 7, 0);
1680 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
1681 SSVAL(req
->outbuf
,smb_vwv1
,fattr
);
1682 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1683 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
& ~1);
1685 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
);
1687 SIVAL(req
->outbuf
,smb_vwv4
,(uint32
)size
);
1688 SSVAL(req
->outbuf
,smb_vwv6
,deny_mode
);
1690 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1691 SCVAL(req
->outbuf
,smb_flg
,
1692 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1695 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1696 SCVAL(req
->outbuf
,smb_flg
,
1697 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1699 END_PROFILE(SMBopen
);
1703 /****************************************************************************
1704 Reply to an open and X.
1705 ****************************************************************************/
1707 void reply_open_and_X(struct smb_request
*req
)
1709 connection_struct
*conn
= req
->conn
;
1714 /* Breakout the oplock request bits so we can set the
1715 reply bits separately. */
1716 int ex_oplock_request
;
1717 int core_oplock_request
;
1720 int smb_sattr
= SVAL(req
->vwv
+4, 0);
1721 uint32 smb_time
= make_unix_date3(req
->vwv
+6);
1726 SMB_STRUCT_STAT sbuf
;
1730 uint64_t allocation_size
;
1731 ssize_t retval
= -1;
1734 uint32 create_disposition
;
1735 uint32 create_options
= 0;
1736 TALLOC_CTX
*ctx
= talloc_tos();
1738 START_PROFILE(SMBopenX
);
1740 if (req
->wct
< 15) {
1741 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1742 END_PROFILE(SMBopenX
);
1746 SET_STAT_INVALID(sbuf
);
1748 open_flags
= SVAL(req
->vwv
+2, 0);
1749 deny_mode
= SVAL(req
->vwv
+3, 0);
1750 smb_attr
= SVAL(req
->vwv
+5, 0);
1751 ex_oplock_request
= EXTENDED_OPLOCK_REQUEST(req
->inbuf
);
1752 core_oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1753 oplock_request
= ex_oplock_request
| core_oplock_request
;
1754 smb_ofun
= SVAL(req
->vwv
+8, 0);
1755 allocation_size
= (uint64_t)IVAL(req
->vwv
+9, 0);
1757 /* If it's an IPC, pass off the pipe handler. */
1759 if (lp_nt_pipe_support()) {
1760 reply_open_pipe_and_X(conn
, req
);
1762 reply_doserror(req
, ERRSRV
, ERRaccess
);
1764 END_PROFILE(SMBopenX
);
1768 /* XXXX we need to handle passed times, sattr and flags */
1769 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
,
1770 STR_TERMINATE
, &status
);
1771 if (!NT_STATUS_IS_OK(status
)) {
1772 reply_nterror(req
, status
);
1773 END_PROFILE(SMBopenX
);
1777 if (!map_open_params_to_ntcreate(
1778 fname
, deny_mode
, smb_ofun
, &access_mask
,
1779 &share_mode
, &create_disposition
, &create_options
)) {
1780 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1781 END_PROFILE(SMBopenX
);
1785 status
= SMB_VFS_CREATE_FILE(
1788 0, /* root_dir_fid */
1790 CFF_DOS_PATH
, /* create_file_flags */
1791 access_mask
, /* access_mask */
1792 share_mode
, /* share_access */
1793 create_disposition
, /* create_disposition*/
1794 create_options
, /* create_options */
1795 smb_attr
, /* file_attributes */
1796 oplock_request
, /* oplock_request */
1797 0, /* allocation_size */
1801 &smb_action
, /* pinfo */
1804 if (!NT_STATUS_IS_OK(status
)) {
1805 END_PROFILE(SMBopenX
);
1806 if (open_was_deferred(req
->mid
)) {
1807 /* We have re-scheduled this call. */
1810 reply_openerror(req
, status
);
1814 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1815 if the file is truncated or created. */
1816 if (((smb_action
== FILE_WAS_CREATED
) || (smb_action
== FILE_WAS_OVERWRITTEN
)) && allocation_size
) {
1817 fsp
->initial_allocation_size
= smb_roundup(fsp
->conn
, allocation_size
);
1818 if (vfs_allocate_file_space(fsp
, fsp
->initial_allocation_size
) == -1) {
1819 close_file(req
, fsp
, ERROR_CLOSE
);
1820 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1821 END_PROFILE(SMBopenX
);
1824 retval
= vfs_set_filelen(fsp
, (SMB_OFF_T
)allocation_size
);
1826 close_file(req
, fsp
, ERROR_CLOSE
);
1827 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1828 END_PROFILE(SMBopenX
);
1831 sbuf
.st_size
= SMB_VFS_GET_ALLOC_SIZE(conn
,fsp
,&sbuf
);
1834 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1835 mtime
= sbuf
.st_mtime
;
1837 close_file(req
, fsp
, ERROR_CLOSE
);
1838 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
1839 END_PROFILE(SMBopenX
);
1843 /* If the caller set the extended oplock request bit
1844 and we granted one (by whatever means) - set the
1845 correct bit for extended oplock reply.
1848 if (ex_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1849 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1852 if(ex_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1853 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1856 /* If the caller set the core oplock request bit
1857 and we granted one (by whatever means) - set the
1858 correct bit for core oplock reply.
1861 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1862 reply_outbuf(req
, 19, 0);
1864 reply_outbuf(req
, 15, 0);
1867 if (core_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1868 SCVAL(req
->outbuf
, smb_flg
,
1869 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1872 if(core_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1873 SCVAL(req
->outbuf
, smb_flg
,
1874 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1877 SSVAL(req
->outbuf
,smb_vwv2
,fsp
->fnum
);
1878 SSVAL(req
->outbuf
,smb_vwv3
,fattr
);
1879 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1880 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
& ~1);
1882 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
);
1884 SIVAL(req
->outbuf
,smb_vwv6
,(uint32
)sbuf
.st_size
);
1885 SSVAL(req
->outbuf
,smb_vwv8
,GET_OPENX_MODE(deny_mode
));
1886 SSVAL(req
->outbuf
,smb_vwv11
,smb_action
);
1888 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1889 SIVAL(req
->outbuf
, smb_vwv15
, STD_RIGHT_ALL_ACCESS
);
1892 END_PROFILE(SMBopenX
);
1897 /****************************************************************************
1898 Reply to a SMBulogoffX.
1899 ****************************************************************************/
1901 void reply_ulogoffX(struct smb_request
*req
)
1905 START_PROFILE(SMBulogoffX
);
1907 vuser
= get_valid_user_struct(req
->vuid
);
1910 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1914 /* in user level security we are supposed to close any files
1915 open by this user */
1916 if ((vuser
!= NULL
) && (lp_security() != SEC_SHARE
)) {
1917 file_close_user(req
->vuid
);
1920 invalidate_vuid(req
->vuid
);
1922 reply_outbuf(req
, 2, 0);
1924 DEBUG( 3, ( "ulogoffX vuid=%d\n", req
->vuid
) );
1926 END_PROFILE(SMBulogoffX
);
1930 /****************************************************************************
1931 Reply to a mknew or a create.
1932 ****************************************************************************/
1934 void reply_mknew(struct smb_request
*req
)
1936 connection_struct
*conn
= req
->conn
;
1939 struct smb_file_time ft
;
1941 int oplock_request
= 0;
1942 SMB_STRUCT_STAT sbuf
;
1944 uint32 access_mask
= FILE_GENERIC_READ
| FILE_GENERIC_WRITE
;
1945 uint32 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1946 uint32 create_disposition
;
1947 uint32 create_options
= 0;
1948 TALLOC_CTX
*ctx
= talloc_tos();
1950 START_PROFILE(SMBcreate
);
1952 SET_STAT_INVALID(sbuf
);
1955 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1956 END_PROFILE(SMBcreate
);
1960 fattr
= SVAL(req
->vwv
+0, 0);
1961 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1964 ft
.mtime
= convert_time_t_to_timespec(srv_make_unix_date3(req
->vwv
+1));
1966 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
+ 1,
1967 STR_TERMINATE
, &status
);
1968 if (!NT_STATUS_IS_OK(status
)) {
1969 reply_nterror(req
, status
);
1970 END_PROFILE(SMBcreate
);
1974 if (fattr
& aVOLID
) {
1975 DEBUG(0,("Attempt to create file (%s) with volid set - "
1976 "please report this\n", fname
));
1979 if(req
->cmd
== SMBmknew
) {
1980 /* We should fail if file exists. */
1981 create_disposition
= FILE_CREATE
;
1983 /* Create if file doesn't exist, truncate if it does. */
1984 create_disposition
= FILE_OVERWRITE_IF
;
1987 status
= SMB_VFS_CREATE_FILE(
1990 0, /* root_dir_fid */
1992 CFF_DOS_PATH
, /* create_file_flags */
1993 access_mask
, /* access_mask */
1994 share_mode
, /* share_access */
1995 create_disposition
, /* create_disposition*/
1996 create_options
, /* create_options */
1997 fattr
, /* file_attributes */
1998 oplock_request
, /* oplock_request */
1999 0, /* allocation_size */
2006 if (!NT_STATUS_IS_OK(status
)) {
2007 END_PROFILE(SMBcreate
);
2008 if (open_was_deferred(req
->mid
)) {
2009 /* We have re-scheduled this call. */
2012 reply_openerror(req
, status
);
2016 ft
.atime
= get_atimespec(&sbuf
); /* atime. */
2017 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
, &sbuf
, &ft
, true);
2018 if (!NT_STATUS_IS_OK(status
)) {
2019 END_PROFILE(SMBcreate
);
2020 reply_openerror(req
, status
);
2024 reply_outbuf(req
, 1, 0);
2025 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2027 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2028 SCVAL(req
->outbuf
,smb_flg
,
2029 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2032 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2033 SCVAL(req
->outbuf
,smb_flg
,
2034 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2037 DEBUG( 2, ( "reply_mknew: file %s\n", fsp
->fsp_name
) );
2038 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2039 fsp
->fsp_name
, fsp
->fh
->fd
, (unsigned int)fattr
) );
2041 END_PROFILE(SMBcreate
);
2045 /****************************************************************************
2046 Reply to a create temporary file.
2047 ****************************************************************************/
2049 void reply_ctemp(struct smb_request
*req
)
2051 connection_struct
*conn
= req
->conn
;
2057 SMB_STRUCT_STAT sbuf
;
2060 TALLOC_CTX
*ctx
= talloc_tos();
2062 START_PROFILE(SMBctemp
);
2065 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2066 END_PROFILE(SMBctemp
);
2070 fattr
= SVAL(req
->vwv
+0, 0);
2071 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
2073 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
+1,
2074 STR_TERMINATE
, &status
);
2075 if (!NT_STATUS_IS_OK(status
)) {
2076 reply_nterror(req
, status
);
2077 END_PROFILE(SMBctemp
);
2081 fname
= talloc_asprintf(ctx
,
2085 fname
= talloc_strdup(ctx
, "TMXXXXXX");
2089 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2090 END_PROFILE(SMBctemp
);
2094 status
= resolve_dfspath(ctx
, conn
,
2095 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2098 if (!NT_STATUS_IS_OK(status
)) {
2099 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2100 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2101 ERRSRV
, ERRbadpath
);
2102 END_PROFILE(SMBctemp
);
2105 reply_nterror(req
, status
);
2106 END_PROFILE(SMBctemp
);
2110 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
2111 if (!NT_STATUS_IS_OK(status
)) {
2112 reply_nterror(req
, status
);
2113 END_PROFILE(SMBctemp
);
2117 status
= check_name(conn
, fname
);
2118 if (!NT_STATUS_IS_OK(status
)) {
2119 reply_nterror(req
, status
);
2120 END_PROFILE(SMBctemp
);
2124 tmpfd
= smb_mkstemp(fname
);
2126 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
2127 END_PROFILE(SMBctemp
);
2131 SET_STAT_INVALID(sbuf
);
2132 SMB_VFS_STAT(conn
,fname
,&sbuf
);
2134 /* We should fail if file does not exist. */
2135 status
= SMB_VFS_CREATE_FILE(
2138 0, /* root_dir_fid */
2140 0, /* create_file_flags */
2141 FILE_GENERIC_READ
| FILE_GENERIC_WRITE
, /* access_mask */
2142 FILE_SHARE_READ
| FILE_SHARE_WRITE
, /* share_access */
2143 FILE_OPEN
, /* create_disposition*/
2144 0, /* create_options */
2145 fattr
, /* file_attributes */
2146 oplock_request
, /* oplock_request */
2147 0, /* allocation_size */
2154 /* close fd from smb_mkstemp() */
2157 if (!NT_STATUS_IS_OK(status
)) {
2158 if (open_was_deferred(req
->mid
)) {
2159 /* We have re-scheduled this call. */
2160 END_PROFILE(SMBctemp
);
2163 reply_openerror(req
, status
);
2164 END_PROFILE(SMBctemp
);
2168 reply_outbuf(req
, 1, 0);
2169 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2171 /* the returned filename is relative to the directory */
2172 s
= strrchr_m(fsp
->fsp_name
, '/');
2180 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2181 thing in the byte section. JRA */
2182 SSVALS(p
, 0, -1); /* what is this? not in spec */
2184 if (message_push_string(&req
->outbuf
, s
, STR_ASCII
|STR_TERMINATE
)
2186 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2187 END_PROFILE(SMBctemp
);
2191 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2192 SCVAL(req
->outbuf
, smb_flg
,
2193 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2196 if (EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2197 SCVAL(req
->outbuf
, smb_flg
,
2198 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2201 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp
->fsp_name
) );
2202 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp
->fsp_name
,
2203 fsp
->fh
->fd
, (unsigned int)sbuf
.st_mode
) );
2205 END_PROFILE(SMBctemp
);
2209 /*******************************************************************
2210 Check if a user is allowed to rename a file.
2211 ********************************************************************/
2213 static NTSTATUS
can_rename(connection_struct
*conn
, files_struct
*fsp
,
2214 uint16 dirtype
, SMB_STRUCT_STAT
*pst
)
2218 if (!CAN_WRITE(conn
)) {
2219 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2222 fmode
= dos_mode(conn
, fsp
->fsp_name
, pst
);
2223 if ((fmode
& ~dirtype
) & (aHIDDEN
| aSYSTEM
)) {
2224 return NT_STATUS_NO_SUCH_FILE
;
2227 if (S_ISDIR(pst
->st_mode
)) {
2228 if (fsp
->posix_open
) {
2229 return NT_STATUS_OK
;
2232 /* If no pathnames are open below this
2233 directory, allow the rename. */
2235 if (file_find_subpath(fsp
)) {
2236 return NT_STATUS_ACCESS_DENIED
;
2238 return NT_STATUS_OK
;
2241 if (fsp
->access_mask
& (DELETE_ACCESS
|FILE_WRITE_ATTRIBUTES
)) {
2242 return NT_STATUS_OK
;
2245 return NT_STATUS_ACCESS_DENIED
;
2248 /*******************************************************************
2249 * unlink a file with all relevant access checks
2250 *******************************************************************/
2252 static NTSTATUS
do_unlink(connection_struct
*conn
,
2253 struct smb_request
*req
,
2257 SMB_STRUCT_STAT sbuf
;
2260 uint32 dirtype_orig
= dirtype
;
2263 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname
, dirtype
));
2265 if (!CAN_WRITE(conn
)) {
2266 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2269 if (SMB_VFS_LSTAT(conn
,fname
,&sbuf
) != 0) {
2270 return map_nt_error_from_unix(errno
);
2273 fattr
= dos_mode(conn
,fname
,&sbuf
);
2275 if (dirtype
& FILE_ATTRIBUTE_NORMAL
) {
2276 dirtype
= aDIR
|aARCH
|aRONLY
;
2279 dirtype
&= (aDIR
|aARCH
|aRONLY
|aHIDDEN
|aSYSTEM
);
2281 return NT_STATUS_NO_SUCH_FILE
;
2284 if (!dir_check_ftype(conn
, fattr
, dirtype
)) {
2286 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2288 return NT_STATUS_NO_SUCH_FILE
;
2291 if (dirtype_orig
& 0x8000) {
2292 /* These will never be set for POSIX. */
2293 return NT_STATUS_NO_SUCH_FILE
;
2297 if ((fattr
& dirtype
) & FILE_ATTRIBUTE_DIRECTORY
) {
2298 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2301 if ((fattr
& ~dirtype
) & (FILE_ATTRIBUTE_HIDDEN
|FILE_ATTRIBUTE_SYSTEM
)) {
2302 return NT_STATUS_NO_SUCH_FILE
;
2305 if (dirtype
& 0xFF00) {
2306 /* These will never be set for POSIX. */
2307 return NT_STATUS_NO_SUCH_FILE
;
2312 return NT_STATUS_NO_SUCH_FILE
;
2315 /* Can't delete a directory. */
2317 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2322 else if (dirtype
& aDIR
) /* Asked for a directory and it isn't. */
2323 return NT_STATUS_OBJECT_NAME_INVALID
;
2324 #endif /* JRATEST */
2326 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2328 On a Windows share, a file with read-only dosmode can be opened with
2329 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2330 fails with NT_STATUS_CANNOT_DELETE error.
2332 This semantic causes a problem that a user can not
2333 rename a file with read-only dosmode on a Samba share
2334 from a Windows command prompt (i.e. cmd.exe, but can rename
2335 from Windows Explorer).
2338 if (!lp_delete_readonly(SNUM(conn
))) {
2339 if (fattr
& aRONLY
) {
2340 return NT_STATUS_CANNOT_DELETE
;
2344 /* On open checks the open itself will check the share mode, so
2345 don't do it here as we'll get it wrong. */
2347 status
= SMB_VFS_CREATE_FILE
2350 0, /* root_dir_fid */
2352 0, /* create_file_flags */
2353 DELETE_ACCESS
, /* access_mask */
2354 FILE_SHARE_NONE
, /* share_access */
2355 FILE_OPEN
, /* create_disposition*/
2356 FILE_NON_DIRECTORY_FILE
, /* create_options */
2357 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
2358 0, /* oplock_request */
2359 0, /* allocation_size */
2366 if (!NT_STATUS_IS_OK(status
)) {
2367 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2368 nt_errstr(status
)));
2372 /* The set is across all open files on this dev/inode pair. */
2373 if (!set_delete_on_close(fsp
, True
, &conn
->server_info
->utok
)) {
2374 close_file(req
, fsp
, NORMAL_CLOSE
);
2375 return NT_STATUS_ACCESS_DENIED
;
2378 return close_file(req
, fsp
, NORMAL_CLOSE
);
2381 /****************************************************************************
2382 The guts of the unlink command, split out so it may be called by the NT SMB
2384 ****************************************************************************/
2386 NTSTATUS
unlink_internals(connection_struct
*conn
, struct smb_request
*req
,
2387 uint32 dirtype
, const char *name_in
, bool has_wild
)
2389 const char *directory
= NULL
;
2394 NTSTATUS status
= NT_STATUS_OK
;
2395 SMB_STRUCT_STAT sbuf
, st
;
2396 TALLOC_CTX
*ctx
= talloc_tos();
2398 status
= unix_convert(ctx
, conn
, name_in
, has_wild
, &name
, NULL
, &sbuf
);
2399 if (!NT_STATUS_IS_OK(status
)) {
2403 p
= strrchr_m(name
,'/');
2405 directory
= talloc_strdup(ctx
, ".");
2407 return NT_STATUS_NO_MEMORY
;
2417 * We should only check the mangled cache
2418 * here if unix_convert failed. This means
2419 * that the path in 'mask' doesn't exist
2420 * on the file system and so we need to look
2421 * for a possible mangle. This patch from
2422 * Tine Smukavec <valentin.smukavec@hermes.si>.
2425 if (!VALID_STAT(sbuf
) && mangle_is_mangled(mask
,conn
->params
)) {
2426 char *new_mask
= NULL
;
2427 mangle_lookup_name_from_8_3(ctx
,
2437 directory
= talloc_asprintf(ctx
,
2442 return NT_STATUS_NO_MEMORY
;
2445 dirtype
= FILE_ATTRIBUTE_NORMAL
;
2448 status
= check_name(conn
, directory
);
2449 if (!NT_STATUS_IS_OK(status
)) {
2453 status
= do_unlink(conn
, req
, directory
, dirtype
);
2454 if (!NT_STATUS_IS_OK(status
)) {
2460 struct smb_Dir
*dir_hnd
= NULL
;
2464 if ((dirtype
& SAMBA_ATTRIBUTES_MASK
) == aDIR
) {
2465 return NT_STATUS_OBJECT_NAME_INVALID
;
2468 if (strequal(mask
,"????????.???")) {
2473 status
= check_name(conn
, directory
);
2474 if (!NT_STATUS_IS_OK(status
)) {
2478 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
,
2480 if (dir_hnd
== NULL
) {
2481 return map_nt_error_from_unix(errno
);
2484 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2485 the pattern matches against the long name, otherwise the short name
2486 We don't implement this yet XXXX
2489 status
= NT_STATUS_NO_SUCH_FILE
;
2491 while ((dname
= ReadDirName(dir_hnd
, &offset
, &st
))) {
2494 if (!is_visible_file(conn
, directory
, dname
, &st
,
2500 /* Quick check for "." and ".." */
2501 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
2505 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
2509 fname
= talloc_asprintf(ctx
, "%s/%s",
2513 return NT_STATUS_NO_MEMORY
;
2516 status
= check_name(conn
, fname
);
2517 if (!NT_STATUS_IS_OK(status
)) {
2518 TALLOC_FREE(dir_hnd
);
2522 status
= do_unlink(conn
, req
, fname
, dirtype
);
2523 if (!NT_STATUS_IS_OK(status
)) {
2529 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2534 TALLOC_FREE(dir_hnd
);
2537 if (count
== 0 && NT_STATUS_IS_OK(status
) && errno
!= 0) {
2538 status
= map_nt_error_from_unix(errno
);
2544 /****************************************************************************
2546 ****************************************************************************/
2548 void reply_unlink(struct smb_request
*req
)
2550 connection_struct
*conn
= req
->conn
;
2554 bool path_contains_wcard
= False
;
2555 TALLOC_CTX
*ctx
= talloc_tos();
2557 START_PROFILE(SMBunlink
);
2560 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2561 END_PROFILE(SMBunlink
);
2565 dirtype
= SVAL(req
->vwv
+0, 0);
2567 srvstr_get_path_req_wcard(ctx
, req
, &name
, (const char *)req
->buf
+ 1,
2568 STR_TERMINATE
, &status
,
2569 &path_contains_wcard
);
2570 if (!NT_STATUS_IS_OK(status
)) {
2571 reply_nterror(req
, status
);
2572 END_PROFILE(SMBunlink
);
2576 status
= resolve_dfspath_wcard(ctx
, conn
,
2577 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2580 &path_contains_wcard
);
2581 if (!NT_STATUS_IS_OK(status
)) {
2582 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2583 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2584 ERRSRV
, ERRbadpath
);
2585 END_PROFILE(SMBunlink
);
2588 reply_nterror(req
, status
);
2589 END_PROFILE(SMBunlink
);
2593 DEBUG(3,("reply_unlink : %s\n",name
));
2595 status
= unlink_internals(conn
, req
, dirtype
, name
,
2596 path_contains_wcard
);
2597 if (!NT_STATUS_IS_OK(status
)) {
2598 if (open_was_deferred(req
->mid
)) {
2599 /* We have re-scheduled this call. */
2600 END_PROFILE(SMBunlink
);
2603 reply_nterror(req
, status
);
2604 END_PROFILE(SMBunlink
);
2608 reply_outbuf(req
, 0, 0);
2609 END_PROFILE(SMBunlink
);
2614 /****************************************************************************
2616 ****************************************************************************/
2618 static void fail_readraw(void)
2620 const char *errstr
= talloc_asprintf(talloc_tos(),
2621 "FAIL ! reply_readbraw: socket write fail (%s)",
2626 exit_server_cleanly(errstr
);
2629 /****************************************************************************
2630 Fake (read/write) sendfile. Returns -1 on read or write fail.
2631 ****************************************************************************/
2633 static ssize_t
fake_sendfile(files_struct
*fsp
, SMB_OFF_T startpos
,
2637 size_t tosend
= nread
;
2644 bufsize
= MIN(nread
, 65536);
2646 if (!(buf
= SMB_MALLOC_ARRAY(char, bufsize
))) {
2650 while (tosend
> 0) {
2654 if (tosend
> bufsize
) {
2659 ret
= read_file(fsp
,buf
,startpos
,cur_read
);
2665 /* If we had a short read, fill with zeros. */
2666 if (ret
< cur_read
) {
2667 memset(buf
, '\0', cur_read
- ret
);
2670 if (write_data(smbd_server_fd(),buf
,cur_read
) != cur_read
) {
2675 startpos
+= cur_read
;
2679 return (ssize_t
)nread
;
2682 #if defined(WITH_SENDFILE)
2683 /****************************************************************************
2684 Deal with the case of sendfile reading less bytes from the file than
2685 requested. Fill with zeros (all we can do).
2686 ****************************************************************************/
2688 static void sendfile_short_send(files_struct
*fsp
,
2693 if (nread
< headersize
) {
2694 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2695 "header for file %s (%s). Terminating\n",
2696 fsp
->fsp_name
, strerror(errno
) ));
2697 exit_server_cleanly("sendfile_short_send failed");
2700 nread
-= headersize
;
2702 if (nread
< smb_maxcnt
) {
2703 char *buf
= SMB_CALLOC_ARRAY(char, 1024);
2705 exit_server_cleanly("sendfile_short_send: "
2709 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2710 "with zeros !\n", fsp
->fsp_name
));
2712 while (nread
< smb_maxcnt
) {
2714 * We asked for the real file size and told sendfile
2715 * to not go beyond the end of the file. But it can
2716 * happen that in between our fstat call and the
2717 * sendfile call the file was truncated. This is very
2718 * bad because we have already announced the larger
2719 * number of bytes to the client.
2721 * The best we can do now is to send 0-bytes, just as
2722 * a read from a hole in a sparse file would do.
2724 * This should happen rarely enough that I don't care
2725 * about efficiency here :-)
2729 to_write
= MIN(sizeof(buf
), smb_maxcnt
- nread
);
2730 if (write_data(smbd_server_fd(), buf
, to_write
) != to_write
) {
2731 exit_server_cleanly("sendfile_short_send: "
2732 "write_data failed");
2739 #endif /* defined WITH_SENDFILE */
2741 /****************************************************************************
2742 Return a readbraw error (4 bytes of zero).
2743 ****************************************************************************/
2745 static void reply_readbraw_error(void)
2749 if (write_data(smbd_server_fd(),header
,4) != 4) {
2754 /****************************************************************************
2755 Use sendfile in readbraw.
2756 ****************************************************************************/
2758 static void send_file_readbraw(connection_struct
*conn
,
2759 struct smb_request
*req
,
2765 char *outbuf
= NULL
;
2768 #if defined(WITH_SENDFILE)
2770 * We can only use sendfile on a non-chained packet
2771 * but we can use on a non-oplocked file. tridge proved this
2772 * on a train in Germany :-). JRA.
2773 * reply_readbraw has already checked the length.
2776 if ( !req_is_in_chain(req
) && (nread
> 0) && (fsp
->base_fsp
== NULL
) &&
2777 (fsp
->wcp
== NULL
) && lp_use_sendfile(SNUM(conn
)) ) {
2778 ssize_t sendfile_read
= -1;
2780 DATA_BLOB header_blob
;
2782 _smb_setlen(header
,nread
);
2783 header_blob
= data_blob_const(header
, 4);
2785 if ((sendfile_read
= SMB_VFS_SENDFILE(smbd_server_fd(), fsp
,
2786 &header_blob
, startpos
, nread
)) == -1) {
2787 /* Returning ENOSYS means no data at all was sent.
2788 * Do this as a normal read. */
2789 if (errno
== ENOSYS
) {
2790 goto normal_readbraw
;
2794 * Special hack for broken Linux with no working sendfile. If we
2795 * return EINTR we sent the header but not the rest of the data.
2796 * Fake this up by doing read/write calls.
2798 if (errno
== EINTR
) {
2799 /* Ensure we don't do this again. */
2800 set_use_sendfile(SNUM(conn
), False
);
2801 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2803 if (fake_sendfile(fsp
, startpos
, nread
) == -1) {
2804 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2805 fsp
->fsp_name
, strerror(errno
) ));
2806 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2811 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2812 fsp
->fsp_name
, strerror(errno
) ));
2813 exit_server_cleanly("send_file_readbraw sendfile failed");
2814 } else if (sendfile_read
== 0) {
2816 * Some sendfile implementations return 0 to indicate
2817 * that there was a short read, but nothing was
2818 * actually written to the socket. In this case,
2819 * fallback to the normal read path so the header gets
2820 * the correct byte count.
2822 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2823 "bytes falling back to the normal read: "
2824 "%s\n", fsp
->fsp_name
));
2825 goto normal_readbraw
;
2828 /* Deal with possible short send. */
2829 if (sendfile_read
!= 4+nread
) {
2830 sendfile_short_send(fsp
, sendfile_read
, 4, nread
);
2838 outbuf
= TALLOC_ARRAY(NULL
, char, nread
+4);
2840 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2841 (unsigned)(nread
+4)));
2842 reply_readbraw_error();
2847 ret
= read_file(fsp
,outbuf
+4,startpos
,nread
);
2848 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2857 _smb_setlen(outbuf
,ret
);
2858 if (write_data(smbd_server_fd(),outbuf
,4+ret
) != 4+ret
)
2861 TALLOC_FREE(outbuf
);
2864 /****************************************************************************
2865 Reply to a readbraw (core+ protocol).
2866 ****************************************************************************/
2868 void reply_readbraw(struct smb_request
*req
)
2870 connection_struct
*conn
= req
->conn
;
2871 ssize_t maxcount
,mincount
;
2875 struct lock_struct lock
;
2879 START_PROFILE(SMBreadbraw
);
2881 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
2882 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2883 "raw reads/writes are disallowed.");
2887 reply_readbraw_error();
2888 END_PROFILE(SMBreadbraw
);
2893 * Special check if an oplock break has been issued
2894 * and the readraw request croses on the wire, we must
2895 * return a zero length response here.
2898 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
2901 * We have to do a check_fsp by hand here, as
2902 * we must always return 4 zero bytes on error,
2906 if (!fsp
|| !conn
|| conn
!= fsp
->conn
||
2907 req
->vuid
!= fsp
->vuid
||
2908 fsp
->is_directory
|| fsp
->fh
->fd
== -1) {
2910 * fsp could be NULL here so use the value from the packet. JRA.
2912 DEBUG(3,("reply_readbraw: fnum %d not valid "
2914 (int)SVAL(req
->vwv
+0, 0)));
2915 reply_readbraw_error();
2916 END_PROFILE(SMBreadbraw
);
2920 /* Do a "by hand" version of CHECK_READ. */
2921 if (!(fsp
->can_read
||
2922 ((req
->flags2
& FLAGS2_READ_PERMIT_EXECUTE
) &&
2923 (fsp
->access_mask
& FILE_EXECUTE
)))) {
2924 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2925 (int)SVAL(req
->vwv
+0, 0)));
2926 reply_readbraw_error();
2927 END_PROFILE(SMBreadbraw
);
2931 flush_write_cache(fsp
, READRAW_FLUSH
);
2933 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+1, 0);
2934 if(req
->wct
== 10) {
2936 * This is a large offset (64 bit) read.
2938 #ifdef LARGE_SMB_OFF_T
2940 startpos
|= (((SMB_OFF_T
)IVAL(req
->vwv
+8, 0)) << 32);
2942 #else /* !LARGE_SMB_OFF_T */
2945 * Ensure we haven't been sent a >32 bit offset.
2948 if(IVAL(req
->vwv
+8, 0) != 0) {
2949 DEBUG(0,("reply_readbraw: large offset "
2950 "(%x << 32) used and we don't support "
2951 "64 bit offsets.\n",
2952 (unsigned int)IVAL(req
->vwv
+8, 0) ));
2953 reply_readbraw_error();
2954 END_PROFILE(SMBreadbraw
);
2958 #endif /* LARGE_SMB_OFF_T */
2961 DEBUG(0,("reply_readbraw: negative 64 bit "
2962 "readraw offset (%.0f) !\n",
2963 (double)startpos
));
2964 reply_readbraw_error();
2965 END_PROFILE(SMBreadbraw
);
2970 maxcount
= (SVAL(req
->vwv
+3, 0) & 0xFFFF);
2971 mincount
= (SVAL(req
->vwv
+4, 0) & 0xFFFF);
2973 /* ensure we don't overrun the packet size */
2974 maxcount
= MIN(65535,maxcount
);
2976 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
2977 (uint64_t)startpos
, (uint64_t)maxcount
, READ_LOCK
,
2980 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
2981 reply_readbraw_error();
2982 END_PROFILE(SMBreadbraw
);
2986 if (SMB_VFS_FSTAT(fsp
, &st
) == 0) {
2990 if (startpos
>= size
) {
2993 nread
= MIN(maxcount
,(size
- startpos
));
2996 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2997 if (nread
< mincount
)
3001 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3002 "min=%lu nread=%lu\n",
3003 fsp
->fnum
, (double)startpos
,
3004 (unsigned long)maxcount
,
3005 (unsigned long)mincount
,
3006 (unsigned long)nread
) );
3008 send_file_readbraw(conn
, req
, fsp
, startpos
, nread
, mincount
);
3010 DEBUG(5,("reply_readbraw finished\n"));
3012 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3014 END_PROFILE(SMBreadbraw
);
3019 #define DBGC_CLASS DBGC_LOCKING
3021 /****************************************************************************
3022 Reply to a lockread (core+ protocol).
3023 ****************************************************************************/
3025 void reply_lockread(struct smb_request
*req
)
3027 connection_struct
*conn
= req
->conn
;
3034 struct byte_range_lock
*br_lck
= NULL
;
3037 START_PROFILE(SMBlockread
);
3040 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3041 END_PROFILE(SMBlockread
);
3045 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3047 if (!check_fsp(conn
, req
, fsp
)) {
3048 END_PROFILE(SMBlockread
);
3052 if (!CHECK_READ(fsp
,req
)) {
3053 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3054 END_PROFILE(SMBlockread
);
3058 numtoread
= SVAL(req
->vwv
+1, 0);
3059 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3061 numtoread
= MIN(BUFFER_SIZE
- (smb_size
+ 3*2 + 3), numtoread
);
3063 reply_outbuf(req
, 5, numtoread
+ 3);
3065 data
= smb_buf(req
->outbuf
) + 3;
3068 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3069 * protocol request that predates the read/write lock concept.
3070 * Thus instead of asking for a read lock here we need to ask
3071 * for a write lock. JRA.
3072 * Note that the requested lock size is unaffected by max_recv.
3075 br_lck
= do_lock(smbd_messaging_context(),
3078 (uint64_t)numtoread
,
3082 False
, /* Non-blocking lock. */
3086 TALLOC_FREE(br_lck
);
3088 if (NT_STATUS_V(status
)) {
3089 reply_nterror(req
, status
);
3090 END_PROFILE(SMBlockread
);
3095 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3098 if (numtoread
> max_recv
) {
3099 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3100 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3101 (unsigned int)numtoread
, (unsigned int)max_recv
));
3102 numtoread
= MIN(numtoread
,max_recv
);
3104 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3107 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3108 END_PROFILE(SMBlockread
);
3112 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3114 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3115 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3116 p
= smb_buf(req
->outbuf
);
3117 SCVAL(p
,0,0); /* pad byte. */
3120 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3121 fsp
->fnum
, (int)numtoread
, (int)nread
));
3123 END_PROFILE(SMBlockread
);
3128 #define DBGC_CLASS DBGC_ALL
3130 /****************************************************************************
3132 ****************************************************************************/
3134 void reply_read(struct smb_request
*req
)
3136 connection_struct
*conn
= req
->conn
;
3143 struct lock_struct lock
;
3145 START_PROFILE(SMBread
);
3148 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3149 END_PROFILE(SMBread
);
3153 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3155 if (!check_fsp(conn
, req
, fsp
)) {
3156 END_PROFILE(SMBread
);
3160 if (!CHECK_READ(fsp
,req
)) {
3161 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3162 END_PROFILE(SMBread
);
3166 numtoread
= SVAL(req
->vwv
+1, 0);
3167 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3169 numtoread
= MIN(BUFFER_SIZE
-outsize
,numtoread
);
3172 * The requested read size cannot be greater than max_recv. JRA.
3174 if (numtoread
> max_recv
) {
3175 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3176 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3177 (unsigned int)numtoread
, (unsigned int)max_recv
));
3178 numtoread
= MIN(numtoread
,max_recv
);
3181 reply_outbuf(req
, 5, numtoread
+3);
3183 data
= smb_buf(req
->outbuf
) + 3;
3185 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3186 (uint64_t)startpos
, (uint64_t)numtoread
, READ_LOCK
,
3189 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3190 reply_doserror(req
, ERRDOS
,ERRlock
);
3191 END_PROFILE(SMBread
);
3196 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3199 reply_unixerror(req
, ERRDOS
,ERRnoaccess
);
3203 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3205 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3206 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3207 SCVAL(smb_buf(req
->outbuf
),0,1);
3208 SSVAL(smb_buf(req
->outbuf
),1,nread
);
3210 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3211 fsp
->fnum
, (int)numtoread
, (int)nread
) );
3214 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3216 END_PROFILE(SMBread
);
3220 /****************************************************************************
3222 ****************************************************************************/
3224 static int setup_readX_header(struct smb_request
*req
, char *outbuf
,
3230 outsize
= srv_set_message(outbuf
,12,smb_maxcnt
,False
);
3231 data
= smb_buf(outbuf
);
3233 memset(outbuf
+smb_vwv0
,'\0',24); /* valgrind init. */
3235 SCVAL(outbuf
,smb_vwv0
,0xFF);
3236 SSVAL(outbuf
,smb_vwv2
,0xFFFF); /* Remaining - must be -1. */
3237 SSVAL(outbuf
,smb_vwv5
,smb_maxcnt
);
3238 SSVAL(outbuf
,smb_vwv6
,
3240 + 1 /* the wct field */
3241 + 12 * sizeof(uint16_t) /* vwv */
3242 + 2); /* the buflen field */
3243 SSVAL(outbuf
,smb_vwv7
,(smb_maxcnt
>> 16));
3244 SSVAL(outbuf
,smb_vwv11
,smb_maxcnt
);
3245 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3246 _smb_setlen_large(outbuf
,(smb_size
+ 12*2 + smb_maxcnt
- 4));
3250 /****************************************************************************
3251 Reply to a read and X - possibly using sendfile.
3252 ****************************************************************************/
3254 static void send_file_readX(connection_struct
*conn
, struct smb_request
*req
,
3255 files_struct
*fsp
, SMB_OFF_T startpos
,
3258 SMB_STRUCT_STAT sbuf
;
3261 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
3262 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3266 if (startpos
> sbuf
.st_size
) {
3268 } else if (smb_maxcnt
> (sbuf
.st_size
- startpos
)) {
3269 smb_maxcnt
= (sbuf
.st_size
- startpos
);
3272 if (smb_maxcnt
== 0) {
3276 #if defined(WITH_SENDFILE)
3278 * We can only use sendfile on a non-chained packet
3279 * but we can use on a non-oplocked file. tridge proved this
3280 * on a train in Germany :-). JRA.
3283 if (!req_is_in_chain(req
) &&
3284 !is_encrypted_packet(req
->inbuf
) && (fsp
->base_fsp
== NULL
) &&
3285 lp_use_sendfile(SNUM(conn
)) && (fsp
->wcp
== NULL
) ) {
3286 uint8 headerbuf
[smb_size
+ 12 * 2];
3290 * Set up the packet header before send. We
3291 * assume here the sendfile will work (get the
3292 * correct amount of data).
3295 header
= data_blob_const(headerbuf
, sizeof(headerbuf
));
3297 construct_reply_common_req(req
, (char *)headerbuf
);
3298 setup_readX_header(req
, (char *)headerbuf
, smb_maxcnt
);
3300 if ((nread
= SMB_VFS_SENDFILE(smbd_server_fd(), fsp
, &header
, startpos
, smb_maxcnt
)) == -1) {
3301 /* Returning ENOSYS means no data at all was sent.
3302 Do this as a normal read. */
3303 if (errno
== ENOSYS
) {
3308 * Special hack for broken Linux with no working sendfile. If we
3309 * return EINTR we sent the header but not the rest of the data.
3310 * Fake this up by doing read/write calls.
3313 if (errno
== EINTR
) {
3314 /* Ensure we don't do this again. */
3315 set_use_sendfile(SNUM(conn
), False
);
3316 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3317 nread
= fake_sendfile(fsp
, startpos
,
3320 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3321 fsp
->fsp_name
, strerror(errno
) ));
3322 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3324 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3325 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3326 /* No outbuf here means successful sendfile. */
3327 TALLOC_FREE(req
->outbuf
);
3331 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3332 fsp
->fsp_name
, strerror(errno
) ));
3333 exit_server_cleanly("send_file_readX sendfile failed");
3334 } else if (nread
== 0) {
3336 * Some sendfile implementations return 0 to indicate
3337 * that there was a short read, but nothing was
3338 * actually written to the socket. In this case,
3339 * fallback to the normal read path so the header gets
3340 * the correct byte count.
3342 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3343 "falling back to the normal read: %s\n",
3348 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3349 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3351 /* Deal with possible short send. */
3352 if (nread
!= smb_maxcnt
+ sizeof(headerbuf
)) {
3353 sendfile_short_send(fsp
, nread
, sizeof(headerbuf
), smb_maxcnt
);
3356 /* No outbuf here means successful sendfile. */
3357 TALLOC_FREE(req
->outbuf
);
3358 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req
->pcd
, nread
);
3359 SMB_PERFCOUNT_END(&req
->pcd
);
3366 if ((smb_maxcnt
& 0xFF0000) > 0x10000) {
3367 uint8 headerbuf
[smb_size
+ 2*12];
3369 construct_reply_common_req(req
, (char *)headerbuf
);
3370 setup_readX_header(req
, (char *)headerbuf
, smb_maxcnt
);
3372 /* Send out the header. */
3373 if (write_data(smbd_server_fd(), (char *)headerbuf
,
3374 sizeof(headerbuf
)) != sizeof(headerbuf
)) {
3375 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3376 fsp
->fsp_name
, strerror(errno
) ));
3377 exit_server_cleanly("send_file_readX sendfile failed");
3379 nread
= fake_sendfile(fsp
, startpos
, smb_maxcnt
);
3381 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3382 fsp
->fsp_name
, strerror(errno
) ));
3383 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3385 TALLOC_FREE(req
->outbuf
);
3389 reply_outbuf(req
, 12, smb_maxcnt
);
3391 nread
= read_file(fsp
, smb_buf(req
->outbuf
), startpos
, smb_maxcnt
);
3393 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3397 setup_readX_header(req
, (char *)req
->outbuf
, nread
);
3399 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3400 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3405 /****************************************************************************
3406 Reply to a read and X.
3407 ****************************************************************************/
3409 void reply_read_and_X(struct smb_request
*req
)
3411 connection_struct
*conn
= req
->conn
;
3415 struct lock_struct lock
;
3416 bool big_readX
= False
;
3418 size_t smb_mincnt
= SVAL(req
->vwv
+6, 0);
3421 START_PROFILE(SMBreadX
);
3423 if ((req
->wct
!= 10) && (req
->wct
!= 12)) {
3424 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3428 fsp
= file_fsp(req
, SVAL(req
->vwv
+2, 0));
3429 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+3, 0);
3430 smb_maxcnt
= SVAL(req
->vwv
+5, 0);
3432 /* If it's an IPC, pass off the pipe handler. */
3434 reply_pipe_read_and_X(req
);
3435 END_PROFILE(SMBreadX
);
3439 if (!check_fsp(conn
, req
, fsp
)) {
3440 END_PROFILE(SMBreadX
);
3444 if (!CHECK_READ(fsp
,req
)) {
3445 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3446 END_PROFILE(SMBreadX
);
3450 if (global_client_caps
& CAP_LARGE_READX
) {
3451 size_t upper_size
= SVAL(req
->vwv
+7, 0);
3452 smb_maxcnt
|= (upper_size
<<16);
3453 if (upper_size
> 1) {
3454 /* Can't do this on a chained packet. */
3455 if ((CVAL(req
->vwv
+0, 0) != 0xFF)) {
3456 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3457 END_PROFILE(SMBreadX
);
3460 /* We currently don't do this on signed or sealed data. */
3461 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
3462 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3463 END_PROFILE(SMBreadX
);
3466 /* Is there room in the reply for this data ? */
3467 if (smb_maxcnt
> (0xFFFFFF - (smb_size
-4 + 12*2))) {
3469 NT_STATUS_INVALID_PARAMETER
);
3470 END_PROFILE(SMBreadX
);
3477 if (req
->wct
== 12) {
3478 #ifdef LARGE_SMB_OFF_T
3480 * This is a large offset (64 bit) read.
3482 startpos
|= (((SMB_OFF_T
)IVAL(req
->vwv
+10, 0)) << 32);
3484 #else /* !LARGE_SMB_OFF_T */
3487 * Ensure we haven't been sent a >32 bit offset.
3490 if(IVAL(req
->vwv
+10, 0) != 0) {
3491 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3492 "used and we don't support 64 bit offsets.\n",
3493 (unsigned int)IVAL(req
->vwv
+10, 0) ));
3494 END_PROFILE(SMBreadX
);
3495 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3499 #endif /* LARGE_SMB_OFF_T */
3503 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3504 (uint64_t)startpos
, (uint64_t)smb_maxcnt
, READ_LOCK
,
3507 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3508 END_PROFILE(SMBreadX
);
3509 reply_doserror(req
, ERRDOS
, ERRlock
);
3514 schedule_aio_read_and_X(conn
, req
, fsp
, startpos
, smb_maxcnt
)) {
3518 send_file_readX(conn
, req
, fsp
, startpos
, smb_maxcnt
);
3521 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3523 END_PROFILE(SMBreadX
);
3527 /****************************************************************************
3528 Error replies to writebraw must have smb_wct == 1. Fix this up.
3529 ****************************************************************************/
3531 void error_to_writebrawerr(struct smb_request
*req
)
3533 uint8
*old_outbuf
= req
->outbuf
;
3535 reply_outbuf(req
, 1, 0);
3537 memcpy(req
->outbuf
, old_outbuf
, smb_size
);
3538 TALLOC_FREE(old_outbuf
);
3541 /****************************************************************************
3542 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3543 ****************************************************************************/
3545 void reply_writebraw(struct smb_request
*req
)
3547 connection_struct
*conn
= req
->conn
;
3550 ssize_t total_written
=0;
3551 size_t numtowrite
=0;
3557 struct lock_struct lock
;
3560 START_PROFILE(SMBwritebraw
);
3563 * If we ever reply with an error, it must have the SMB command
3564 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3567 SCVAL(req
->inbuf
,smb_com
,SMBwritec
);
3569 if (srv_is_signing_active()) {
3570 END_PROFILE(SMBwritebraw
);
3571 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3572 "raw reads/writes are disallowed.");
3575 if (req
->wct
< 12) {
3576 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3577 error_to_writebrawerr(req
);
3578 END_PROFILE(SMBwritebraw
);
3582 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3583 if (!check_fsp(conn
, req
, fsp
)) {
3584 error_to_writebrawerr(req
);
3585 END_PROFILE(SMBwritebraw
);
3589 if (!CHECK_WRITE(fsp
)) {
3590 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3591 error_to_writebrawerr(req
);
3592 END_PROFILE(SMBwritebraw
);
3596 tcount
= IVAL(req
->vwv
+1, 0);
3597 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+3, 0);
3598 write_through
= BITSETW(req
->vwv
+7,0);
3600 /* We have to deal with slightly different formats depending
3601 on whether we are using the core+ or lanman1.0 protocol */
3603 if(Protocol
<= PROTOCOL_COREPLUS
) {
3604 numtowrite
= SVAL(smb_buf(req
->inbuf
),-2);
3605 data
= smb_buf(req
->inbuf
);
3607 numtowrite
= SVAL(req
->vwv
+10, 0);
3608 data
= smb_base(req
->inbuf
) + SVAL(req
->vwv
+11, 0);
3611 /* Ensure we don't write bytes past the end of this packet. */
3612 if (data
+ numtowrite
> smb_base(req
->inbuf
) + smb_len(req
->inbuf
)) {
3613 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3614 error_to_writebrawerr(req
);
3615 END_PROFILE(SMBwritebraw
);
3619 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3620 (uint64_t)startpos
, (uint64_t)tcount
, WRITE_LOCK
,
3623 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3624 reply_doserror(req
, ERRDOS
, ERRlock
);
3625 error_to_writebrawerr(req
);
3626 END_PROFILE(SMBwritebraw
);
3631 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3634 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3635 "wrote=%d sync=%d\n",
3636 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3637 (int)nwritten
, (int)write_through
));
3639 if (nwritten
< (ssize_t
)numtowrite
) {
3640 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3641 error_to_writebrawerr(req
);
3645 total_written
= nwritten
;
3647 /* Allocate a buffer of 64k + length. */
3648 buf
= TALLOC_ARRAY(NULL
, char, 65540);
3650 reply_doserror(req
, ERRDOS
, ERRnomem
);
3651 error_to_writebrawerr(req
);
3655 /* Return a SMBwritebraw message to the redirector to tell
3656 * it to send more bytes */
3658 memcpy(buf
, req
->inbuf
, smb_size
);
3659 srv_set_message(buf
,Protocol
>PROTOCOL_COREPLUS
?1:0,0,True
);
3660 SCVAL(buf
,smb_com
,SMBwritebraw
);
3661 SSVALS(buf
,smb_vwv0
,0xFFFF);
3663 if (!srv_send_smb(smbd_server_fd(),
3665 IS_CONN_ENCRYPTED(conn
),
3667 exit_server_cleanly("reply_writebraw: srv_send_smb "
3671 /* Now read the raw data into the buffer and write it */
3672 status
= read_smb_length(smbd_server_fd(), buf
, SMB_SECONDARY_WAIT
,
3674 if (!NT_STATUS_IS_OK(status
)) {
3675 exit_server_cleanly("secondary writebraw failed");
3678 /* Set up outbuf to return the correct size */
3679 reply_outbuf(req
, 1, 0);
3681 if (numtowrite
!= 0) {
3683 if (numtowrite
> 0xFFFF) {
3684 DEBUG(0,("reply_writebraw: Oversize secondary write "
3685 "raw requested (%u). Terminating\n",
3686 (unsigned int)numtowrite
));
3687 exit_server_cleanly("secondary writebraw failed");
3690 if (tcount
> nwritten
+numtowrite
) {
3691 DEBUG(3,("reply_writebraw: Client overestimated the "
3693 (int)tcount
,(int)nwritten
,(int)numtowrite
));
3696 status
= read_data(smbd_server_fd(), buf
+4, numtowrite
);
3698 if (!NT_STATUS_IS_OK(status
)) {
3699 DEBUG(0,("reply_writebraw: Oversize secondary write "
3700 "raw read failed (%s). Terminating\n",
3701 nt_errstr(status
)));
3702 exit_server_cleanly("secondary writebraw failed");
3705 nwritten
= write_file(req
,fsp
,buf
+4,startpos
+nwritten
,numtowrite
);
3706 if (nwritten
== -1) {
3708 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3709 error_to_writebrawerr(req
);
3713 if (nwritten
< (ssize_t
)numtowrite
) {
3714 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3715 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3719 total_written
+= nwritten
;
3724 SSVAL(req
->outbuf
,smb_vwv0
,total_written
);
3726 status
= sync_file(conn
, fsp
, write_through
);
3727 if (!NT_STATUS_IS_OK(status
)) {
3728 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3729 fsp
->fsp_name
, nt_errstr(status
) ));
3730 reply_nterror(req
, status
);
3731 error_to_writebrawerr(req
);
3735 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3737 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3738 (int)total_written
));
3740 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3742 /* We won't return a status if write through is not selected - this
3743 * follows what WfWg does */
3744 END_PROFILE(SMBwritebraw
);
3746 if (!write_through
&& total_written
==tcount
) {
3748 #if RABBIT_PELLET_FIX
3750 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3751 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3754 if (!send_keepalive(smbd_server_fd())) {
3755 exit_server_cleanly("reply_writebraw: send of "
3756 "keepalive failed");
3759 TALLOC_FREE(req
->outbuf
);
3764 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3766 END_PROFILE(SMBwritebraw
);
3771 #define DBGC_CLASS DBGC_LOCKING
3773 /****************************************************************************
3774 Reply to a writeunlock (core+).
3775 ****************************************************************************/
3777 void reply_writeunlock(struct smb_request
*req
)
3779 connection_struct
*conn
= req
->conn
;
3780 ssize_t nwritten
= -1;
3784 NTSTATUS status
= NT_STATUS_OK
;
3786 struct lock_struct lock
;
3788 START_PROFILE(SMBwriteunlock
);
3791 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3792 END_PROFILE(SMBwriteunlock
);
3796 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3798 if (!check_fsp(conn
, req
, fsp
)) {
3799 END_PROFILE(SMBwriteunlock
);
3803 if (!CHECK_WRITE(fsp
)) {
3804 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3805 END_PROFILE(SMBwriteunlock
);
3809 numtowrite
= SVAL(req
->vwv
+1, 0);
3810 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3811 data
= (const char *)req
->buf
+ 3;
3814 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3815 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
3818 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3819 reply_doserror(req
, ERRDOS
, ERRlock
);
3820 END_PROFILE(SMBwriteunlock
);
3825 /* The special X/Open SMB protocol handling of
3826 zero length writes is *NOT* done for
3828 if(numtowrite
== 0) {
3831 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3834 status
= sync_file(conn
, fsp
, False
/* write through */);
3835 if (!NT_STATUS_IS_OK(status
)) {
3836 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3837 fsp
->fsp_name
, nt_errstr(status
) ));
3838 reply_nterror(req
, status
);
3842 if(((nwritten
< numtowrite
) && (numtowrite
!= 0))||(nwritten
< 0)) {
3843 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3848 status
= do_unlock(smbd_messaging_context(),
3851 (uint64_t)numtowrite
,
3855 if (NT_STATUS_V(status
)) {
3856 reply_nterror(req
, status
);
3861 reply_outbuf(req
, 1, 0);
3863 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3865 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3866 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3870 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3873 END_PROFILE(SMBwriteunlock
);
3878 #define DBGC_CLASS DBGC_ALL
3880 /****************************************************************************
3882 ****************************************************************************/
3884 void reply_write(struct smb_request
*req
)
3886 connection_struct
*conn
= req
->conn
;
3888 ssize_t nwritten
= -1;
3892 struct lock_struct lock
;
3895 START_PROFILE(SMBwrite
);
3898 END_PROFILE(SMBwrite
);
3899 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3903 /* If it's an IPC, pass off the pipe handler. */
3905 reply_pipe_write(req
);
3906 END_PROFILE(SMBwrite
);
3910 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3912 if (!check_fsp(conn
, req
, fsp
)) {
3913 END_PROFILE(SMBwrite
);
3917 if (!CHECK_WRITE(fsp
)) {
3918 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3919 END_PROFILE(SMBwrite
);
3923 numtowrite
= SVAL(req
->vwv
+1, 0);
3924 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3925 data
= (const char *)req
->buf
+ 3;
3927 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3928 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
3931 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3932 reply_doserror(req
, ERRDOS
, ERRlock
);
3933 END_PROFILE(SMBwrite
);
3938 * X/Open SMB protocol says that if smb_vwv1 is
3939 * zero then the file size should be extended or
3940 * truncated to the size given in smb_vwv[2-3].
3943 if(numtowrite
== 0) {
3945 * This is actually an allocate call, and set EOF. JRA.
3947 nwritten
= vfs_allocate_file_space(fsp
, (SMB_OFF_T
)startpos
);
3949 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3952 nwritten
= vfs_set_filelen(fsp
, (SMB_OFF_T
)startpos
);
3954 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3957 trigger_write_time_update_immediate(fsp
);
3959 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3962 status
= sync_file(conn
, fsp
, False
);
3963 if (!NT_STATUS_IS_OK(status
)) {
3964 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3965 fsp
->fsp_name
, nt_errstr(status
) ));
3966 reply_nterror(req
, status
);
3970 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
3971 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3975 reply_outbuf(req
, 1, 0);
3977 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3979 if (nwritten
< (ssize_t
)numtowrite
) {
3980 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3981 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3984 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3987 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3989 END_PROFILE(SMBwrite
);
3993 /****************************************************************************
3994 Ensure a buffer is a valid writeX for recvfile purposes.
3995 ****************************************************************************/
3997 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3998 (2*14) + /* word count (including bcc) */ \
4001 bool is_valid_writeX_buffer(const uint8_t *inbuf
)
4004 connection_struct
*conn
= NULL
;
4005 unsigned int doff
= 0;
4006 size_t len
= smb_len_large(inbuf
);
4008 if (is_encrypted_packet(inbuf
)) {
4009 /* Can't do this on encrypted
4014 if (CVAL(inbuf
,smb_com
) != SMBwriteX
) {
4018 if (CVAL(inbuf
,smb_vwv0
) != 0xFF ||
4019 CVAL(inbuf
,smb_wct
) != 14) {
4020 DEBUG(10,("is_valid_writeX_buffer: chained or "
4021 "invalid word length.\n"));
4025 conn
= conn_find(SVAL(inbuf
, smb_tid
));
4027 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4031 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4034 if (IS_PRINT(conn
)) {
4035 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4038 doff
= SVAL(inbuf
,smb_vwv11
);
4040 numtowrite
= SVAL(inbuf
,smb_vwv10
);
4042 if (len
> doff
&& len
- doff
> 0xFFFF) {
4043 numtowrite
|= (((size_t)SVAL(inbuf
,smb_vwv9
))<<16);
4046 if (numtowrite
== 0) {
4047 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4051 /* Ensure the sizes match up. */
4052 if (doff
< STANDARD_WRITE_AND_X_HEADER_SIZE
) {
4053 /* no pad byte...old smbclient :-( */
4054 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4056 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE
));
4060 if (len
- doff
!= numtowrite
) {
4061 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4062 "len = %u, doff = %u, numtowrite = %u\n",
4065 (unsigned int)numtowrite
));
4069 DEBUG(10,("is_valid_writeX_buffer: true "
4070 "len = %u, doff = %u, numtowrite = %u\n",
4073 (unsigned int)numtowrite
));
4078 /****************************************************************************
4079 Reply to a write and X.
4080 ****************************************************************************/
4082 void reply_write_and_X(struct smb_request
*req
)
4084 connection_struct
*conn
= req
->conn
;
4086 struct lock_struct lock
;
4091 unsigned int smb_doff
;
4092 unsigned int smblen
;
4096 START_PROFILE(SMBwriteX
);
4098 if ((req
->wct
!= 12) && (req
->wct
!= 14)) {
4099 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4100 END_PROFILE(SMBwriteX
);
4104 numtowrite
= SVAL(req
->vwv
+10, 0);
4105 smb_doff
= SVAL(req
->vwv
+11, 0);
4106 smblen
= smb_len(req
->inbuf
);
4108 if (req
->unread_bytes
> 0xFFFF ||
4109 (smblen
> smb_doff
&&
4110 smblen
- smb_doff
> 0xFFFF)) {
4111 numtowrite
|= (((size_t)SVAL(req
->vwv
+9, 0))<<16);
4114 if (req
->unread_bytes
) {
4115 /* Can't do a recvfile write on IPC$ */
4117 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4118 END_PROFILE(SMBwriteX
);
4121 if (numtowrite
!= req
->unread_bytes
) {
4122 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4123 END_PROFILE(SMBwriteX
);
4127 if (smb_doff
> smblen
|| smb_doff
+ numtowrite
< numtowrite
||
4128 smb_doff
+ numtowrite
> smblen
) {
4129 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4130 END_PROFILE(SMBwriteX
);
4135 /* If it's an IPC, pass off the pipe handler. */
4137 if (req
->unread_bytes
) {
4138 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4139 END_PROFILE(SMBwriteX
);
4142 reply_pipe_write_and_X(req
);
4143 END_PROFILE(SMBwriteX
);
4147 fsp
= file_fsp(req
, SVAL(req
->vwv
+2, 0));
4148 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+3, 0);
4149 write_through
= BITSETW(req
->vwv
+7,0);
4151 if (!check_fsp(conn
, req
, fsp
)) {
4152 END_PROFILE(SMBwriteX
);
4156 if (!CHECK_WRITE(fsp
)) {
4157 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4158 END_PROFILE(SMBwriteX
);
4162 data
= smb_base(req
->inbuf
) + smb_doff
;
4164 if(req
->wct
== 14) {
4165 #ifdef LARGE_SMB_OFF_T
4167 * This is a large offset (64 bit) write.
4169 startpos
|= (((SMB_OFF_T
)IVAL(req
->vwv
+12, 0)) << 32);
4171 #else /* !LARGE_SMB_OFF_T */
4174 * Ensure we haven't been sent a >32 bit offset.
4177 if(IVAL(req
->vwv
+12, 0) != 0) {
4178 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4179 "used and we don't support 64 bit offsets.\n",
4180 (unsigned int)IVAL(req
->vwv
+12, 0) ));
4181 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4182 END_PROFILE(SMBwriteX
);
4186 #endif /* LARGE_SMB_OFF_T */
4189 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
4190 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
4193 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
4194 reply_doserror(req
, ERRDOS
, ERRlock
);
4195 END_PROFILE(SMBwriteX
);
4199 /* X/Open SMB protocol says that, unlike SMBwrite
4200 if the length is zero then NO truncation is
4201 done, just a write of zero. To truncate a file,
4204 if(numtowrite
== 0) {
4208 if ((req
->unread_bytes
== 0) &&
4209 schedule_aio_write_and_X(conn
, req
, fsp
, data
, startpos
,
4214 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4217 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4218 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
4222 reply_outbuf(req
, 6, 0);
4223 SSVAL(req
->outbuf
,smb_vwv2
,nwritten
);
4224 SSVAL(req
->outbuf
,smb_vwv4
,nwritten
>>16);
4226 if (nwritten
< (ssize_t
)numtowrite
) {
4227 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
4228 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
4231 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4232 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
4234 status
= sync_file(conn
, fsp
, write_through
);
4235 if (!NT_STATUS_IS_OK(status
)) {
4236 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4237 fsp
->fsp_name
, nt_errstr(status
) ));
4238 reply_nterror(req
, status
);
4242 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
4244 END_PROFILE(SMBwriteX
);
4249 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
4251 END_PROFILE(SMBwriteX
);
4255 /****************************************************************************
4257 ****************************************************************************/
4259 void reply_lseek(struct smb_request
*req
)
4261 connection_struct
*conn
= req
->conn
;
4267 START_PROFILE(SMBlseek
);
4270 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4271 END_PROFILE(SMBlseek
);
4275 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4277 if (!check_fsp(conn
, req
, fsp
)) {
4281 flush_write_cache(fsp
, SEEK_FLUSH
);
4283 mode
= SVAL(req
->vwv
+1, 0) & 3;
4284 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4285 startpos
= (SMB_OFF_T
)IVALS(req
->vwv
+2, 0);
4294 res
= fsp
->fh
->pos
+ startpos
;
4305 if (umode
== SEEK_END
) {
4306 if((res
= SMB_VFS_LSEEK(fsp
,startpos
,umode
)) == -1) {
4307 if(errno
== EINVAL
) {
4308 SMB_OFF_T current_pos
= startpos
;
4309 SMB_STRUCT_STAT sbuf
;
4311 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
4312 reply_unixerror(req
, ERRDOS
,
4314 END_PROFILE(SMBlseek
);
4318 current_pos
+= sbuf
.st_size
;
4320 res
= SMB_VFS_LSEEK(fsp
,0,SEEK_SET
);
4325 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
4326 END_PROFILE(SMBlseek
);
4333 reply_outbuf(req
, 2, 0);
4334 SIVAL(req
->outbuf
,smb_vwv0
,res
);
4336 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4337 fsp
->fnum
, (double)startpos
, (double)res
, mode
));
4339 END_PROFILE(SMBlseek
);
4343 /****************************************************************************
4345 ****************************************************************************/
4347 void reply_flush(struct smb_request
*req
)
4349 connection_struct
*conn
= req
->conn
;
4353 START_PROFILE(SMBflush
);
4356 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4360 fnum
= SVAL(req
->vwv
+0, 0);
4361 fsp
= file_fsp(req
, fnum
);
4363 if ((fnum
!= 0xFFFF) && !check_fsp(conn
, req
, fsp
)) {
4368 file_sync_all(conn
);
4370 NTSTATUS status
= sync_file(conn
, fsp
, True
);
4371 if (!NT_STATUS_IS_OK(status
)) {
4372 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4373 fsp
->fsp_name
, nt_errstr(status
) ));
4374 reply_nterror(req
, status
);
4375 END_PROFILE(SMBflush
);
4380 reply_outbuf(req
, 0, 0);
4382 DEBUG(3,("flush\n"));
4383 END_PROFILE(SMBflush
);
4387 /****************************************************************************
4389 conn POINTER CAN BE NULL HERE !
4390 ****************************************************************************/
4392 void reply_exit(struct smb_request
*req
)
4394 START_PROFILE(SMBexit
);
4396 file_close_pid(req
->smbpid
, req
->vuid
);
4398 reply_outbuf(req
, 0, 0);
4400 DEBUG(3,("exit\n"));
4402 END_PROFILE(SMBexit
);
4406 /****************************************************************************
4407 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4408 ****************************************************************************/
4410 void reply_close(struct smb_request
*req
)
4412 connection_struct
*conn
= req
->conn
;
4413 NTSTATUS status
= NT_STATUS_OK
;
4414 files_struct
*fsp
= NULL
;
4415 START_PROFILE(SMBclose
);
4418 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4419 END_PROFILE(SMBclose
);
4423 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4426 * We can only use check_fsp if we know it's not a directory.
4429 if(!fsp
|| (fsp
->conn
!= conn
) || (fsp
->vuid
!= req
->vuid
)) {
4430 reply_doserror(req
, ERRDOS
, ERRbadfid
);
4431 END_PROFILE(SMBclose
);
4435 if(fsp
->is_directory
) {
4437 * Special case - close NT SMB directory handle.
4439 DEBUG(3,("close directory fnum=%d\n", fsp
->fnum
));
4440 status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4444 * Close ordinary file.
4447 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4448 fsp
->fh
->fd
, fsp
->fnum
,
4449 conn
->num_files_open
));
4452 * Take care of any time sent in the close.
4455 t
= srv_make_unix_date3(req
->vwv
+1);
4456 set_close_write_time(fsp
, convert_time_t_to_timespec(t
));
4459 * close_file() returns the unix errno if an error
4460 * was detected on close - normally this is due to
4461 * a disk full error. If not then it was probably an I/O error.
4464 status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4467 if (!NT_STATUS_IS_OK(status
)) {
4468 reply_nterror(req
, status
);
4469 END_PROFILE(SMBclose
);
4473 reply_outbuf(req
, 0, 0);
4474 END_PROFILE(SMBclose
);
4478 /****************************************************************************
4479 Reply to a writeclose (Core+ protocol).
4480 ****************************************************************************/
4482 void reply_writeclose(struct smb_request
*req
)
4484 connection_struct
*conn
= req
->conn
;
4486 ssize_t nwritten
= -1;
4487 NTSTATUS close_status
= NT_STATUS_OK
;
4490 struct timespec mtime
;
4492 struct lock_struct lock
;
4494 START_PROFILE(SMBwriteclose
);
4497 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4498 END_PROFILE(SMBwriteclose
);
4502 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4504 if (!check_fsp(conn
, req
, fsp
)) {
4505 END_PROFILE(SMBwriteclose
);
4508 if (!CHECK_WRITE(fsp
)) {
4509 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
4510 END_PROFILE(SMBwriteclose
);
4514 numtowrite
= SVAL(req
->vwv
+1, 0);
4515 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
4516 mtime
= convert_time_t_to_timespec(srv_make_unix_date3(req
->vwv
+4));
4517 data
= (const char *)req
->buf
+ 1;
4520 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
4521 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
4524 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
4525 reply_doserror(req
, ERRDOS
,ERRlock
);
4526 END_PROFILE(SMBwriteclose
);
4531 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4533 set_close_write_time(fsp
, mtime
);
4536 * More insanity. W2K only closes the file if writelen > 0.
4541 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4543 close_status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4546 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4547 fsp
->fnum
, (int)numtowrite
, (int)nwritten
,
4548 conn
->num_files_open
));
4550 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4551 reply_doserror(req
, ERRHRD
, ERRdiskfull
);
4555 if(!NT_STATUS_IS_OK(close_status
)) {
4556 reply_nterror(req
, close_status
);
4560 reply_outbuf(req
, 1, 0);
4562 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
4566 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
4569 END_PROFILE(SMBwriteclose
);
4574 #define DBGC_CLASS DBGC_LOCKING
4576 /****************************************************************************
4578 ****************************************************************************/
4580 void reply_lock(struct smb_request
*req
)
4582 connection_struct
*conn
= req
->conn
;
4583 uint64_t count
,offset
;
4586 struct byte_range_lock
*br_lck
= NULL
;
4588 START_PROFILE(SMBlock
);
4591 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4592 END_PROFILE(SMBlock
);
4596 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4598 if (!check_fsp(conn
, req
, fsp
)) {
4599 END_PROFILE(SMBlock
);
4603 count
= (uint64_t)IVAL(req
->vwv
+1, 0);
4604 offset
= (uint64_t)IVAL(req
->vwv
+3, 0);
4606 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4607 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
));
4609 br_lck
= do_lock(smbd_messaging_context(),
4616 False
, /* Non-blocking lock. */
4621 TALLOC_FREE(br_lck
);
4623 if (NT_STATUS_V(status
)) {
4624 reply_nterror(req
, status
);
4625 END_PROFILE(SMBlock
);
4629 reply_outbuf(req
, 0, 0);
4631 END_PROFILE(SMBlock
);
4635 /****************************************************************************
4637 ****************************************************************************/
4639 void reply_unlock(struct smb_request
*req
)
4641 connection_struct
*conn
= req
->conn
;
4642 uint64_t count
,offset
;
4646 START_PROFILE(SMBunlock
);
4649 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4650 END_PROFILE(SMBunlock
);
4654 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4656 if (!check_fsp(conn
, req
, fsp
)) {
4657 END_PROFILE(SMBunlock
);
4661 count
= (uint64_t)IVAL(req
->vwv
+1, 0);
4662 offset
= (uint64_t)IVAL(req
->vwv
+3, 0);
4664 status
= do_unlock(smbd_messaging_context(),
4671 if (NT_STATUS_V(status
)) {
4672 reply_nterror(req
, status
);
4673 END_PROFILE(SMBunlock
);
4677 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4678 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
) );
4680 reply_outbuf(req
, 0, 0);
4682 END_PROFILE(SMBunlock
);
4687 #define DBGC_CLASS DBGC_ALL
4689 /****************************************************************************
4691 conn POINTER CAN BE NULL HERE !
4692 ****************************************************************************/
4694 void reply_tdis(struct smb_request
*req
)
4696 connection_struct
*conn
= req
->conn
;
4697 START_PROFILE(SMBtdis
);
4700 DEBUG(4,("Invalid connection in tdis\n"));
4701 reply_doserror(req
, ERRSRV
, ERRinvnid
);
4702 END_PROFILE(SMBtdis
);
4708 close_cnum(conn
,req
->vuid
);
4711 reply_outbuf(req
, 0, 0);
4712 END_PROFILE(SMBtdis
);
4716 /****************************************************************************
4718 conn POINTER CAN BE NULL HERE !
4719 ****************************************************************************/
4721 void reply_echo(struct smb_request
*req
)
4723 connection_struct
*conn
= req
->conn
;
4724 struct smb_perfcount_data local_pcd
;
4725 struct smb_perfcount_data
*cur_pcd
;
4729 START_PROFILE(SMBecho
);
4731 smb_init_perfcount_data(&local_pcd
);
4734 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4735 END_PROFILE(SMBecho
);
4739 smb_reverb
= SVAL(req
->vwv
+0, 0);
4741 reply_outbuf(req
, 1, req
->buflen
);
4743 /* copy any incoming data back out */
4744 if (req
->buflen
> 0) {
4745 memcpy(smb_buf(req
->outbuf
), req
->buf
, req
->buflen
);
4748 if (smb_reverb
> 100) {
4749 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb
));
4753 for (seq_num
= 1 ; seq_num
<= smb_reverb
; seq_num
++) {
4755 /* this makes sure we catch the request pcd */
4756 if (seq_num
== smb_reverb
) {
4757 cur_pcd
= &req
->pcd
;
4759 SMB_PERFCOUNT_COPY_CONTEXT(&req
->pcd
, &local_pcd
);
4760 cur_pcd
= &local_pcd
;
4763 SSVAL(req
->outbuf
,smb_vwv0
,seq_num
);
4765 show_msg((char *)req
->outbuf
);
4766 if (!srv_send_smb(smbd_server_fd(),
4767 (char *)req
->outbuf
,
4768 IS_CONN_ENCRYPTED(conn
)||req
->encrypted
,
4770 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4773 DEBUG(3,("echo %d times\n", smb_reverb
));
4775 TALLOC_FREE(req
->outbuf
);
4777 END_PROFILE(SMBecho
);
4781 /****************************************************************************
4782 Reply to a printopen.
4783 ****************************************************************************/
4785 void reply_printopen(struct smb_request
*req
)
4787 connection_struct
*conn
= req
->conn
;
4789 SMB_STRUCT_STAT sbuf
;
4792 START_PROFILE(SMBsplopen
);
4795 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4796 END_PROFILE(SMBsplopen
);
4800 if (!CAN_PRINT(conn
)) {
4801 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4802 END_PROFILE(SMBsplopen
);
4806 status
= file_new(req
, conn
, &fsp
);
4807 if(!NT_STATUS_IS_OK(status
)) {
4808 reply_nterror(req
, status
);
4809 END_PROFILE(SMBsplopen
);
4813 /* Open for exclusive use, write only. */
4814 status
= print_fsp_open(req
, conn
, NULL
, req
->vuid
, fsp
, &sbuf
);
4816 if (!NT_STATUS_IS_OK(status
)) {
4817 reply_nterror(req
, status
);
4818 END_PROFILE(SMBsplopen
);
4822 reply_outbuf(req
, 1, 0);
4823 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
4825 DEBUG(3,("openprint fd=%d fnum=%d\n",
4826 fsp
->fh
->fd
, fsp
->fnum
));
4828 END_PROFILE(SMBsplopen
);
4832 /****************************************************************************
4833 Reply to a printclose.
4834 ****************************************************************************/
4836 void reply_printclose(struct smb_request
*req
)
4838 connection_struct
*conn
= req
->conn
;
4842 START_PROFILE(SMBsplclose
);
4845 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4846 END_PROFILE(SMBsplclose
);
4850 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4852 if (!check_fsp(conn
, req
, fsp
)) {
4853 END_PROFILE(SMBsplclose
);
4857 if (!CAN_PRINT(conn
)) {
4858 reply_nterror(req
, NT_STATUS_DOS(ERRSRV
, ERRerror
));
4859 END_PROFILE(SMBsplclose
);
4863 DEBUG(3,("printclose fd=%d fnum=%d\n",
4864 fsp
->fh
->fd
,fsp
->fnum
));
4866 status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4868 if(!NT_STATUS_IS_OK(status
)) {
4869 reply_nterror(req
, status
);
4870 END_PROFILE(SMBsplclose
);
4874 reply_outbuf(req
, 0, 0);
4876 END_PROFILE(SMBsplclose
);
4880 /****************************************************************************
4881 Reply to a printqueue.
4882 ****************************************************************************/
4884 void reply_printqueue(struct smb_request
*req
)
4886 connection_struct
*conn
= req
->conn
;
4890 START_PROFILE(SMBsplretq
);
4893 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4894 END_PROFILE(SMBsplretq
);
4898 max_count
= SVAL(req
->vwv
+0, 0);
4899 start_index
= SVAL(req
->vwv
+1, 0);
4901 /* we used to allow the client to get the cnum wrong, but that
4902 is really quite gross and only worked when there was only
4903 one printer - I think we should now only accept it if they
4904 get it right (tridge) */
4905 if (!CAN_PRINT(conn
)) {
4906 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4907 END_PROFILE(SMBsplretq
);
4911 reply_outbuf(req
, 2, 3);
4912 SSVAL(req
->outbuf
,smb_vwv0
,0);
4913 SSVAL(req
->outbuf
,smb_vwv1
,0);
4914 SCVAL(smb_buf(req
->outbuf
),0,1);
4915 SSVAL(smb_buf(req
->outbuf
),1,0);
4917 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4918 start_index
, max_count
));
4921 print_queue_struct
*queue
= NULL
;
4922 print_status_struct status
;
4923 int count
= print_queue_status(SNUM(conn
), &queue
, &status
);
4924 int num_to_get
= ABS(max_count
);
4925 int first
= (max_count
>0?start_index
:start_index
+max_count
+1);
4931 num_to_get
= MIN(num_to_get
,count
-first
);
4934 for (i
=first
;i
<first
+num_to_get
;i
++) {
4938 srv_put_dos_date2(p
,0,queue
[i
].time
);
4939 SCVAL(p
,4,(queue
[i
].status
==LPQ_PRINTING
?2:3));
4940 SSVAL(p
,5, queue
[i
].job
);
4941 SIVAL(p
,7,queue
[i
].size
);
4943 srvstr_push(blob
, req
->flags2
, p
+12,
4944 queue
[i
].fs_user
, 16, STR_ASCII
);
4946 if (message_push_blob(
4949 blob
, sizeof(blob
))) == -1) {
4950 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
4951 END_PROFILE(SMBsplretq
);
4957 SSVAL(req
->outbuf
,smb_vwv0
,count
);
4958 SSVAL(req
->outbuf
,smb_vwv1
,
4959 (max_count
>0?first
+count
:first
-1));
4960 SCVAL(smb_buf(req
->outbuf
),0,1);
4961 SSVAL(smb_buf(req
->outbuf
),1,28*count
);
4966 DEBUG(3,("%d entries returned in queue\n",count
));
4969 END_PROFILE(SMBsplretq
);
4973 /****************************************************************************
4974 Reply to a printwrite.
4975 ****************************************************************************/
4977 void reply_printwrite(struct smb_request
*req
)
4979 connection_struct
*conn
= req
->conn
;
4984 START_PROFILE(SMBsplwr
);
4987 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4988 END_PROFILE(SMBsplwr
);
4992 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4994 if (!check_fsp(conn
, req
, fsp
)) {
4995 END_PROFILE(SMBsplwr
);
4999 if (!CAN_PRINT(conn
)) {
5000 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
5001 END_PROFILE(SMBsplwr
);
5005 if (!CHECK_WRITE(fsp
)) {
5006 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
5007 END_PROFILE(SMBsplwr
);
5011 numtowrite
= SVAL(req
->buf
, 1);
5013 if (req
->buflen
< numtowrite
+ 3) {
5014 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
5015 END_PROFILE(SMBsplwr
);
5019 data
= (const char *)req
->buf
+ 3;
5021 if (write_file(req
,fsp
,data
,-1,numtowrite
) != numtowrite
) {
5022 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
5023 END_PROFILE(SMBsplwr
);
5027 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp
->fnum
, numtowrite
) );
5029 END_PROFILE(SMBsplwr
);
5033 /****************************************************************************
5035 ****************************************************************************/
5037 void reply_mkdir(struct smb_request
*req
)
5039 connection_struct
*conn
= req
->conn
;
5040 char *directory
= NULL
;
5042 SMB_STRUCT_STAT sbuf
;
5043 TALLOC_CTX
*ctx
= talloc_tos();
5045 START_PROFILE(SMBmkdir
);
5047 srvstr_get_path_req(ctx
, req
, &directory
, (const char *)req
->buf
+ 1,
5048 STR_TERMINATE
, &status
);
5049 if (!NT_STATUS_IS_OK(status
)) {
5050 reply_nterror(req
, status
);
5051 END_PROFILE(SMBmkdir
);
5055 status
= resolve_dfspath(ctx
, conn
,
5056 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5059 if (!NT_STATUS_IS_OK(status
)) {
5060 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5061 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5062 ERRSRV
, ERRbadpath
);
5063 END_PROFILE(SMBmkdir
);
5066 reply_nterror(req
, status
);
5067 END_PROFILE(SMBmkdir
);
5071 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
, NULL
, &sbuf
);
5072 if (!NT_STATUS_IS_OK(status
)) {
5073 reply_nterror(req
, status
);
5074 END_PROFILE(SMBmkdir
);
5078 status
= check_name(conn
, directory
);
5079 if (!NT_STATUS_IS_OK(status
)) {
5080 reply_nterror(req
, status
);
5081 END_PROFILE(SMBmkdir
);
5085 status
= create_directory(conn
, req
, directory
);
5087 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status
)));
5089 if (!NT_STATUS_IS_OK(status
)) {
5091 if (!use_nt_status()
5092 && NT_STATUS_EQUAL(status
,
5093 NT_STATUS_OBJECT_NAME_COLLISION
)) {
5095 * Yes, in the DOS error code case we get a
5096 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5097 * samba4 torture test.
5099 status
= NT_STATUS_DOS(ERRDOS
, ERRnoaccess
);
5102 reply_nterror(req
, status
);
5103 END_PROFILE(SMBmkdir
);
5107 reply_outbuf(req
, 0, 0);
5109 DEBUG( 3, ( "mkdir %s\n", directory
) );
5111 END_PROFILE(SMBmkdir
);
5115 /****************************************************************************
5116 Static function used by reply_rmdir to delete an entire directory
5117 tree recursively. Return True on ok, False on fail.
5118 ****************************************************************************/
5120 static bool recursive_rmdir(TALLOC_CTX
*ctx
,
5121 connection_struct
*conn
,
5124 const char *dname
= NULL
;
5128 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
, directory
,
5134 while((dname
= ReadDirName(dir_hnd
, &offset
, &st
))) {
5135 char *fullname
= NULL
;
5137 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5141 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
5145 /* Construct the full name. */
5146 fullname
= talloc_asprintf(ctx
,
5156 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5161 if(st
.st_mode
& S_IFDIR
) {
5162 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
5166 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5170 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5174 TALLOC_FREE(fullname
);
5176 TALLOC_FREE(dir_hnd
);
5180 /****************************************************************************
5181 The internals of the rmdir code - called elsewhere.
5182 ****************************************************************************/
5184 NTSTATUS
rmdir_internals(TALLOC_CTX
*ctx
,
5185 connection_struct
*conn
,
5186 const char *directory
)
5191 /* Might be a symlink. */
5192 if(SMB_VFS_LSTAT(conn
, directory
, &st
) != 0) {
5193 return map_nt_error_from_unix(errno
);
5196 if (S_ISLNK(st
.st_mode
)) {
5197 /* Is what it points to a directory ? */
5198 if(SMB_VFS_STAT(conn
, directory
, &st
) != 0) {
5199 return map_nt_error_from_unix(errno
);
5201 if (!(S_ISDIR(st
.st_mode
))) {
5202 return NT_STATUS_NOT_A_DIRECTORY
;
5204 ret
= SMB_VFS_UNLINK(conn
,directory
);
5206 ret
= SMB_VFS_RMDIR(conn
,directory
);
5209 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5210 FILE_NOTIFY_CHANGE_DIR_NAME
,
5212 return NT_STATUS_OK
;
5215 if(((errno
== ENOTEMPTY
)||(errno
== EEXIST
)) && lp_veto_files(SNUM(conn
))) {
5217 * Check to see if the only thing in this directory are
5218 * vetoed files/directories. If so then delete them and
5219 * retry. If we fail to delete any of them (and we *don't*
5220 * do a recursive delete) then fail the rmdir.
5224 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
,
5225 directory
, NULL
, 0);
5227 if(dir_hnd
== NULL
) {
5232 while ((dname
= ReadDirName(dir_hnd
, &dirpos
, &st
))) {
5233 if((strcmp(dname
, ".") == 0) || (strcmp(dname
, "..")==0))
5235 if (!is_visible_file(conn
, directory
, dname
, &st
, False
))
5237 if(!IS_VETO_PATH(conn
, dname
)) {
5238 TALLOC_FREE(dir_hnd
);
5244 /* We only have veto files/directories.
5245 * Are we allowed to delete them ? */
5247 if(!lp_recursive_veto_delete(SNUM(conn
))) {
5248 TALLOC_FREE(dir_hnd
);
5253 /* Do a recursive delete. */
5254 RewindDir(dir_hnd
,&dirpos
);
5255 while ((dname
= ReadDirName(dir_hnd
, &dirpos
, &st
))) {
5256 char *fullname
= NULL
;
5258 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5261 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
5265 fullname
= talloc_asprintf(ctx
,
5275 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5278 if(st
.st_mode
& S_IFDIR
) {
5279 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
5282 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5285 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5288 TALLOC_FREE(fullname
);
5290 TALLOC_FREE(dir_hnd
);
5291 /* Retry the rmdir */
5292 ret
= SMB_VFS_RMDIR(conn
,directory
);
5298 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5299 "%s\n", directory
,strerror(errno
)));
5300 return map_nt_error_from_unix(errno
);
5303 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5304 FILE_NOTIFY_CHANGE_DIR_NAME
,
5307 return NT_STATUS_OK
;
5310 /****************************************************************************
5312 ****************************************************************************/
5314 void reply_rmdir(struct smb_request
*req
)
5316 connection_struct
*conn
= req
->conn
;
5317 char *directory
= NULL
;
5318 SMB_STRUCT_STAT sbuf
;
5320 TALLOC_CTX
*ctx
= talloc_tos();
5322 START_PROFILE(SMBrmdir
);
5324 srvstr_get_path_req(ctx
, req
, &directory
, (const char *)req
->buf
+ 1,
5325 STR_TERMINATE
, &status
);
5326 if (!NT_STATUS_IS_OK(status
)) {
5327 reply_nterror(req
, status
);
5328 END_PROFILE(SMBrmdir
);
5332 status
= resolve_dfspath(ctx
, conn
,
5333 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5336 if (!NT_STATUS_IS_OK(status
)) {
5337 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5338 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5339 ERRSRV
, ERRbadpath
);
5340 END_PROFILE(SMBrmdir
);
5343 reply_nterror(req
, status
);
5344 END_PROFILE(SMBrmdir
);
5348 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
,
5350 if (!NT_STATUS_IS_OK(status
)) {
5351 reply_nterror(req
, status
);
5352 END_PROFILE(SMBrmdir
);
5356 status
= check_name(conn
, directory
);
5357 if (!NT_STATUS_IS_OK(status
)) {
5358 reply_nterror(req
, status
);
5359 END_PROFILE(SMBrmdir
);
5363 dptr_closepath(directory
, req
->smbpid
);
5364 status
= rmdir_internals(ctx
, conn
, directory
);
5365 if (!NT_STATUS_IS_OK(status
)) {
5366 reply_nterror(req
, status
);
5367 END_PROFILE(SMBrmdir
);
5371 reply_outbuf(req
, 0, 0);
5373 DEBUG( 3, ( "rmdir %s\n", directory
) );
5375 END_PROFILE(SMBrmdir
);
5379 /*******************************************************************
5380 Resolve wildcards in a filename rename.
5381 ********************************************************************/
5383 static bool resolve_wildcards(TALLOC_CTX
*ctx
,
5388 char *name2_copy
= NULL
;
5393 char *p
,*p2
, *pname1
, *pname2
;
5395 name2_copy
= talloc_strdup(ctx
, name2
);
5400 pname1
= strrchr_m(name1
,'/');
5401 pname2
= strrchr_m(name2_copy
,'/');
5403 if (!pname1
|| !pname2
) {
5407 /* Truncate the copy of name2 at the last '/' */
5410 /* Now go past the '/' */
5414 root1
= talloc_strdup(ctx
, pname1
);
5415 root2
= talloc_strdup(ctx
, pname2
);
5417 if (!root1
|| !root2
) {
5421 p
= strrchr_m(root1
,'.');
5424 ext1
= talloc_strdup(ctx
, p
+1);
5426 ext1
= talloc_strdup(ctx
, "");
5428 p
= strrchr_m(root2
,'.');
5431 ext2
= talloc_strdup(ctx
, p
+1);
5433 ext2
= talloc_strdup(ctx
, "");
5436 if (!ext1
|| !ext2
) {
5444 /* Hmmm. Should this be mb-aware ? */
5447 } else if (*p2
== '*') {
5449 root2
= talloc_asprintf(ctx
, "%s%s",
5468 /* Hmmm. Should this be mb-aware ? */
5471 } else if (*p2
== '*') {
5473 ext2
= talloc_asprintf(ctx
, "%s%s",
5489 *pp_newname
= talloc_asprintf(ctx
, "%s/%s.%s",
5494 *pp_newname
= talloc_asprintf(ctx
, "%s/%s",
5506 /****************************************************************************
5507 Ensure open files have their names updated. Updated to notify other smbd's
5509 ****************************************************************************/
5511 static void rename_open_files(connection_struct
*conn
,
5512 struct share_mode_lock
*lck
,
5513 const char *newname
)
5516 bool did_rename
= False
;
5518 for(fsp
= file_find_di_first(lck
->id
); fsp
;
5519 fsp
= file_find_di_next(fsp
)) {
5520 /* fsp_name is a relative path under the fsp. To change this for other
5521 sharepaths we need to manipulate relative paths. */
5522 /* TODO - create the absolute path and manipulate the newname
5523 relative to the sharepath. */
5524 if (!strequal(fsp
->conn
->connectpath
, conn
->connectpath
)) {
5527 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5528 fsp
->fnum
, file_id_string_tos(&fsp
->file_id
),
5529 fsp
->fsp_name
, newname
));
5530 string_set(&fsp
->fsp_name
, newname
);
5535 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5536 file_id_string_tos(&lck
->id
), newname
));
5539 /* Send messages to all smbd's (not ourself) that the name has changed. */
5540 rename_share_filename(smbd_messaging_context(), lck
, conn
->connectpath
,
5544 /****************************************************************************
5545 We need to check if the source path is a parent directory of the destination
5546 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5547 refuse the rename with a sharing violation. Under UNIX the above call can
5548 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5549 probably need to check that the client is a Windows one before disallowing
5550 this as a UNIX client (one with UNIX extensions) can know the source is a
5551 symlink and make this decision intelligently. Found by an excellent bug
5552 report from <AndyLiebman@aol.com>.
5553 ****************************************************************************/
5555 static bool rename_path_prefix_equal(const char *src
, const char *dest
)
5557 const char *psrc
= src
;
5558 const char *pdst
= dest
;
5561 if (psrc
[0] == '.' && psrc
[1] == '/') {
5564 if (pdst
[0] == '.' && pdst
[1] == '/') {
5567 if ((slen
= strlen(psrc
)) > strlen(pdst
)) {
5570 return ((memcmp(psrc
, pdst
, slen
) == 0) && pdst
[slen
] == '/');
5574 * Do the notify calls from a rename
5577 static void notify_rename(connection_struct
*conn
, bool is_dir
,
5578 const char *oldpath
, const char *newpath
)
5580 char *olddir
, *newdir
;
5581 const char *oldname
, *newname
;
5584 mask
= is_dir
? FILE_NOTIFY_CHANGE_DIR_NAME
5585 : FILE_NOTIFY_CHANGE_FILE_NAME
;
5587 if (!parent_dirname(talloc_tos(), oldpath
, &olddir
, &oldname
)
5588 || !parent_dirname(talloc_tos(), newpath
, &newdir
, &newname
)) {
5589 TALLOC_FREE(olddir
);
5593 if (strcmp(olddir
, newdir
) == 0) {
5594 notify_fname(conn
, NOTIFY_ACTION_OLD_NAME
, mask
, oldpath
);
5595 notify_fname(conn
, NOTIFY_ACTION_NEW_NAME
, mask
, newpath
);
5598 notify_fname(conn
, NOTIFY_ACTION_REMOVED
, mask
, oldpath
);
5599 notify_fname(conn
, NOTIFY_ACTION_ADDED
, mask
, newpath
);
5601 TALLOC_FREE(olddir
);
5602 TALLOC_FREE(newdir
);
5604 /* this is a strange one. w2k3 gives an additional event for
5605 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5606 files, but not directories */
5608 notify_fname(conn
, NOTIFY_ACTION_MODIFIED
,
5609 FILE_NOTIFY_CHANGE_ATTRIBUTES
5610 |FILE_NOTIFY_CHANGE_CREATION
,
5615 /****************************************************************************
5616 Rename an open file - given an fsp.
5617 ****************************************************************************/
5619 NTSTATUS
rename_internals_fsp(connection_struct
*conn
,
5622 const char *newname_last_component
,
5624 bool replace_if_exists
)
5626 TALLOC_CTX
*ctx
= talloc_tos();
5627 SMB_STRUCT_STAT sbuf
, sbuf1
;
5628 NTSTATUS status
= NT_STATUS_OK
;
5629 struct share_mode_lock
*lck
= NULL
;
5630 bool dst_exists
, old_is_stream
, new_is_stream
;
5634 status
= check_name(conn
, newname
);
5635 if (!NT_STATUS_IS_OK(status
)) {
5639 /* Ensure newname contains a '/' */
5640 if(strrchr_m(newname
,'/') == 0) {
5641 newname
= talloc_asprintf(ctx
,
5645 return NT_STATUS_NO_MEMORY
;
5650 * Check for special case with case preserving and not
5651 * case sensitive. If the old last component differs from the original
5652 * last component only by case, then we should allow
5653 * the rename (user is trying to change the case of the
5657 if((conn
->case_sensitive
== False
) && (conn
->case_preserve
== True
) &&
5658 strequal(newname
, fsp
->fsp_name
)) {
5660 char *newname_modified_last_component
= NULL
;
5663 * Get the last component of the modified name.
5664 * Note that we guarantee that newname contains a '/'
5667 p
= strrchr_m(newname
,'/');
5668 newname_modified_last_component
= talloc_strdup(ctx
,
5670 if (!newname_modified_last_component
) {
5671 return NT_STATUS_NO_MEMORY
;
5674 if(strcsequal(newname_modified_last_component
,
5675 newname_last_component
) == False
) {
5677 * Replace the modified last component with
5680 *p
= '\0'; /* Truncate at the '/' */
5681 newname
= talloc_asprintf(ctx
,
5684 newname_last_component
);
5689 * If the src and dest names are identical - including case,
5690 * don't do the rename, just return success.
5693 if (strcsequal(fsp
->fsp_name
, newname
)) {
5694 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5696 return NT_STATUS_OK
;
5699 old_is_stream
= is_ntfs_stream_name(fsp
->fsp_name
);
5700 new_is_stream
= is_ntfs_stream_name(newname
);
5702 /* Return the correct error code if both names aren't streams. */
5703 if (!old_is_stream
&& new_is_stream
) {
5704 return NT_STATUS_OBJECT_NAME_INVALID
;
5707 if (old_is_stream
&& !new_is_stream
) {
5708 return NT_STATUS_INVALID_PARAMETER
;
5712 * Have vfs_object_exist also fill sbuf1
5714 dst_exists
= vfs_object_exist(conn
, newname
, &sbuf1
);
5716 if(!replace_if_exists
&& dst_exists
) {
5717 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5718 fsp
->fsp_name
,newname
));
5719 return NT_STATUS_OBJECT_NAME_COLLISION
;
5723 struct file_id fileid
= vfs_file_id_from_sbuf(conn
, &sbuf1
);
5724 files_struct
*dst_fsp
= file_find_di_first(fileid
);
5725 /* The file can be open when renaming a stream */
5726 if (dst_fsp
&& !new_is_stream
) {
5727 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5728 return NT_STATUS_ACCESS_DENIED
;
5732 /* Ensure we have a valid stat struct for the source. */
5733 if (fsp
->fh
->fd
!= -1) {
5734 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
5735 return map_nt_error_from_unix(errno
);
5739 if (fsp
->posix_open
) {
5740 ret
= SMB_VFS_LSTAT(conn
,fsp
->fsp_name
,&sbuf
);
5742 ret
= SMB_VFS_STAT(conn
,fsp
->fsp_name
,&sbuf
);
5745 return map_nt_error_from_unix(errno
);
5749 status
= can_rename(conn
, fsp
, attrs
, &sbuf
);
5751 if (!NT_STATUS_IS_OK(status
)) {
5752 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5753 nt_errstr(status
), fsp
->fsp_name
,newname
));
5754 if (NT_STATUS_EQUAL(status
,NT_STATUS_SHARING_VIOLATION
))
5755 status
= NT_STATUS_ACCESS_DENIED
;
5759 if (rename_path_prefix_equal(fsp
->fsp_name
, newname
)) {
5760 return NT_STATUS_ACCESS_DENIED
;
5763 lck
= get_share_mode_lock(talloc_tos(), fsp
->file_id
, NULL
, NULL
,
5767 * We have the file open ourselves, so not being able to get the
5768 * corresponding share mode lock is a fatal error.
5771 SMB_ASSERT(lck
!= NULL
);
5773 if(SMB_VFS_RENAME(conn
,fsp
->fsp_name
, newname
) == 0) {
5774 uint32 create_options
= fsp
->fh
->private_options
;
5776 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5777 fsp
->fsp_name
,newname
));
5779 notify_rename(conn
, fsp
->is_directory
, fsp
->fsp_name
, newname
);
5781 rename_open_files(conn
, lck
, newname
);
5784 * A rename acts as a new file create w.r.t. allowing an initial delete
5785 * on close, probably because in Windows there is a new handle to the
5786 * new file. If initial delete on close was requested but not
5787 * originally set, we need to set it here. This is probably not 100% correct,
5788 * but will work for the CIFSFS client which in non-posix mode
5789 * depends on these semantics. JRA.
5792 if (create_options
& FILE_DELETE_ON_CLOSE
) {
5793 status
= can_set_delete_on_close(fsp
, True
, 0);
5795 if (NT_STATUS_IS_OK(status
)) {
5796 /* Note that here we set the *inital* delete on close flag,
5797 * not the regular one. The magic gets handled in close. */
5798 fsp
->initial_delete_on_close
= True
;
5802 return NT_STATUS_OK
;
5807 if (errno
== ENOTDIR
|| errno
== EISDIR
) {
5808 status
= NT_STATUS_OBJECT_NAME_COLLISION
;
5810 status
= map_nt_error_from_unix(errno
);
5813 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5814 nt_errstr(status
), fsp
->fsp_name
,newname
));
5819 /****************************************************************************
5820 The guts of the rename command, split out so it may be called by the NT SMB
5822 ****************************************************************************/
5824 NTSTATUS
rename_internals(TALLOC_CTX
*ctx
,
5825 connection_struct
*conn
,
5826 struct smb_request
*req
,
5827 const char *name_in
,
5828 const char *newname_in
,
5830 bool replace_if_exists
,
5833 uint32_t access_mask
)
5835 char *directory
= NULL
;
5837 char *last_component_src
= NULL
;
5838 char *last_component_dest
= NULL
;
5840 char *newname
= NULL
;
5843 NTSTATUS status
= NT_STATUS_OK
;
5844 SMB_STRUCT_STAT sbuf1
, sbuf2
;
5845 struct smb_Dir
*dir_hnd
= NULL
;
5848 int create_options
= 0;
5849 bool posix_pathnames
= lp_posix_pathnames();
5854 status
= unix_convert(ctx
, conn
, name_in
, src_has_wild
, &name
,
5855 &last_component_src
, &sbuf1
);
5856 if (!NT_STATUS_IS_OK(status
)) {
5860 status
= unix_convert(ctx
, conn
, newname_in
, dest_has_wild
, &newname
,
5861 &last_component_dest
, &sbuf2
);
5862 if (!NT_STATUS_IS_OK(status
)) {
5867 * Split the old name into directory and last component
5868 * strings. Note that unix_convert may have stripped off a
5869 * leading ./ from both name and newname if the rename is
5870 * at the root of the share. We need to make sure either both
5871 * name and newname contain a / character or neither of them do
5872 * as this is checked in resolve_wildcards().
5875 p
= strrchr_m(name
,'/');
5877 directory
= talloc_strdup(ctx
, ".");
5879 return NT_STATUS_NO_MEMORY
;
5884 directory
= talloc_strdup(ctx
, name
);
5886 return NT_STATUS_NO_MEMORY
;
5889 *p
= '/'; /* Replace needed for exceptional test below. */
5893 * We should only check the mangled cache
5894 * here if unix_convert failed. This means
5895 * that the path in 'mask' doesn't exist
5896 * on the file system and so we need to look
5897 * for a possible mangle. This patch from
5898 * Tine Smukavec <valentin.smukavec@hermes.si>.
5901 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
5902 char *new_mask
= NULL
;
5903 mangle_lookup_name_from_8_3(ctx
,
5912 if (!src_has_wild
) {
5916 * No wildcards - just process the one file.
5918 bool is_short_name
= mangle_is_8_3(name
, True
, conn
->params
);
5920 /* Add a terminating '/' to the directory name. */
5921 directory
= talloc_asprintf_append(directory
,
5925 return NT_STATUS_NO_MEMORY
;
5928 /* Ensure newname contains a '/' also */
5929 if(strrchr_m(newname
,'/') == 0) {
5930 newname
= talloc_asprintf(ctx
,
5934 return NT_STATUS_NO_MEMORY
;
5938 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5939 "case_preserve = %d, short case preserve = %d, "
5940 "directory = %s, newname = %s, "
5941 "last_component_dest = %s, is_8_3 = %d\n",
5942 conn
->case_sensitive
, conn
->case_preserve
,
5943 conn
->short_case_preserve
, directory
,
5944 newname
, last_component_dest
, is_short_name
));
5946 /* The dest name still may have wildcards. */
5947 if (dest_has_wild
) {
5948 char *mod_newname
= NULL
;
5949 if (!resolve_wildcards(ctx
,
5950 directory
,newname
,&mod_newname
)) {
5951 DEBUG(6, ("rename_internals: resolve_wildcards "
5955 return NT_STATUS_NO_MEMORY
;
5957 newname
= mod_newname
;
5961 if (posix_pathnames
) {
5962 SMB_VFS_LSTAT(conn
, directory
, &sbuf1
);
5964 SMB_VFS_STAT(conn
, directory
, &sbuf1
);
5967 if (S_ISDIR(sbuf1
.st_mode
)) {
5968 create_options
|= FILE_DIRECTORY_FILE
;
5971 status
= SMB_VFS_CREATE_FILE(
5974 0, /* root_dir_fid */
5975 directory
, /* fname */
5976 0, /* create_file_flags */
5977 access_mask
, /* access_mask */
5978 (FILE_SHARE_READ
| /* share_access */
5980 FILE_OPEN
, /* create_disposition*/
5981 create_options
, /* create_options */
5982 posix_pathnames
? FILE_FLAG_POSIX_SEMANTICS
|0777 : 0, /* file_attributes */
5983 0, /* oplock_request */
5984 0, /* allocation_size */
5989 &sbuf1
); /* psbuf */
5991 if (!NT_STATUS_IS_OK(status
)) {
5992 DEBUG(3, ("Could not open rename source %s: %s\n",
5993 directory
, nt_errstr(status
)));
5997 status
= rename_internals_fsp(conn
, fsp
, newname
,
5998 last_component_dest
,
5999 attrs
, replace_if_exists
);
6001 close_file(req
, fsp
, NORMAL_CLOSE
);
6003 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6004 nt_errstr(status
), directory
,newname
));
6010 * Wildcards - process each file that matches.
6012 if (strequal(mask
,"????????.???")) {
6017 status
= check_name(conn
, directory
);
6018 if (!NT_STATUS_IS_OK(status
)) {
6022 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, attrs
);
6023 if (dir_hnd
== NULL
) {
6024 return map_nt_error_from_unix(errno
);
6027 status
= NT_STATUS_NO_SUCH_FILE
;
6029 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6030 * - gentest fix. JRA
6033 while ((dname
= ReadDirName(dir_hnd
, &offset
, &sbuf1
))) {
6034 files_struct
*fsp
= NULL
;
6036 char *destname
= NULL
;
6037 bool sysdir_entry
= False
;
6039 /* Quick check for "." and ".." */
6040 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
6042 sysdir_entry
= True
;
6048 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
6052 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
6057 status
= NT_STATUS_OBJECT_NAME_INVALID
;
6061 fname
= talloc_asprintf(ctx
,
6066 return NT_STATUS_NO_MEMORY
;
6069 if (!resolve_wildcards(ctx
,
6070 fname
,newname
,&destname
)) {
6071 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6077 return NT_STATUS_NO_MEMORY
;
6081 if (posix_pathnames
) {
6082 SMB_VFS_LSTAT(conn
, fname
, &sbuf1
);
6084 SMB_VFS_STAT(conn
, fname
, &sbuf1
);
6089 if (S_ISDIR(sbuf1
.st_mode
)) {
6090 create_options
|= FILE_DIRECTORY_FILE
;
6093 status
= SMB_VFS_CREATE_FILE(
6096 0, /* root_dir_fid */
6098 0, /* create_file_flags */
6099 access_mask
, /* access_mask */
6100 (FILE_SHARE_READ
| /* share_access */
6102 FILE_OPEN
, /* create_disposition*/
6103 create_options
, /* create_options */
6104 posix_pathnames
? FILE_FLAG_POSIX_SEMANTICS
|0777 : 0, /* file_attributes */
6105 0, /* oplock_request */
6106 0, /* allocation_size */
6111 &sbuf1
); /* psbuf */
6113 if (!NT_STATUS_IS_OK(status
)) {
6114 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6115 "returned %s rename %s -> %s\n",
6116 nt_errstr(status
), directory
, newname
));
6120 status
= rename_internals_fsp(conn
, fsp
, destname
, dname
,
6121 attrs
, replace_if_exists
);
6123 close_file(req
, fsp
, NORMAL_CLOSE
);
6125 if (!NT_STATUS_IS_OK(status
)) {
6126 DEBUG(3, ("rename_internals_fsp returned %s for "
6127 "rename %s -> %s\n", nt_errstr(status
),
6128 directory
, newname
));
6134 DEBUG(3,("rename_internals: doing rename on %s -> "
6135 "%s\n",fname
,destname
));
6138 TALLOC_FREE(destname
);
6140 TALLOC_FREE(dir_hnd
);
6142 if (count
== 0 && NT_STATUS_IS_OK(status
) && errno
!= 0) {
6143 status
= map_nt_error_from_unix(errno
);
6149 /****************************************************************************
6151 ****************************************************************************/
6153 void reply_mv(struct smb_request
*req
)
6155 connection_struct
*conn
= req
->conn
;
6157 char *newname
= NULL
;
6161 bool src_has_wcard
= False
;
6162 bool dest_has_wcard
= False
;
6163 TALLOC_CTX
*ctx
= talloc_tos();
6165 START_PROFILE(SMBmv
);
6168 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6173 attrs
= SVAL(req
->vwv
+0, 0);
6175 p
= (const char *)req
->buf
+ 1;
6176 p
+= srvstr_get_path_req_wcard(ctx
, req
, &name
, p
, STR_TERMINATE
,
6177 &status
, &src_has_wcard
);
6178 if (!NT_STATUS_IS_OK(status
)) {
6179 reply_nterror(req
, status
);
6184 p
+= srvstr_get_path_req_wcard(ctx
, req
, &newname
, p
, STR_TERMINATE
,
6185 &status
, &dest_has_wcard
);
6186 if (!NT_STATUS_IS_OK(status
)) {
6187 reply_nterror(req
, status
);
6192 status
= resolve_dfspath_wcard(ctx
, conn
,
6193 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6197 if (!NT_STATUS_IS_OK(status
)) {
6198 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6199 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6200 ERRSRV
, ERRbadpath
);
6204 reply_nterror(req
, status
);
6209 status
= resolve_dfspath_wcard(ctx
, conn
,
6210 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6214 if (!NT_STATUS_IS_OK(status
)) {
6215 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6216 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6217 ERRSRV
, ERRbadpath
);
6221 reply_nterror(req
, status
);
6226 DEBUG(3,("reply_mv : %s -> %s\n",name
,newname
));
6228 status
= rename_internals(ctx
, conn
, req
, name
, newname
, attrs
, False
,
6229 src_has_wcard
, dest_has_wcard
, DELETE_ACCESS
);
6230 if (!NT_STATUS_IS_OK(status
)) {
6231 if (open_was_deferred(req
->mid
)) {
6232 /* We have re-scheduled this call. */
6236 reply_nterror(req
, status
);
6241 reply_outbuf(req
, 0, 0);
6247 /*******************************************************************
6248 Copy a file as part of a reply_copy.
6249 ******************************************************************/
6252 * TODO: check error codes on all callers
6255 NTSTATUS
copy_file(TALLOC_CTX
*ctx
,
6256 connection_struct
*conn
,
6261 bool target_is_directory
)
6263 SMB_STRUCT_STAT src_sbuf
, sbuf2
;
6265 files_struct
*fsp1
,*fsp2
;
6268 uint32 new_create_disposition
;
6271 dest
= talloc_strdup(ctx
, dest1
);
6273 return NT_STATUS_NO_MEMORY
;
6275 if (target_is_directory
) {
6276 const char *p
= strrchr_m(src
,'/');
6282 dest
= talloc_asprintf_append(dest
,
6286 return NT_STATUS_NO_MEMORY
;
6290 if (!vfs_file_exist(conn
,src
,&src_sbuf
)) {
6292 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
6295 if (!target_is_directory
&& count
) {
6296 new_create_disposition
= FILE_OPEN
;
6298 if (!map_open_params_to_ntcreate(dest1
,0,ofun
,
6299 NULL
, NULL
, &new_create_disposition
, NULL
)) {
6301 return NT_STATUS_INVALID_PARAMETER
;
6305 status
= SMB_VFS_CREATE_FILE(
6308 0, /* root_dir_fid */
6310 0, /* create_file_flags */
6311 FILE_GENERIC_READ
, /* access_mask */
6312 FILE_SHARE_READ
| FILE_SHARE_WRITE
, /* share_access */
6313 FILE_OPEN
, /* create_disposition*/
6314 0, /* create_options */
6315 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
6316 INTERNAL_OPEN_ONLY
, /* oplock_request */
6317 0, /* allocation_size */
6322 &src_sbuf
); /* psbuf */
6324 if (!NT_STATUS_IS_OK(status
)) {
6329 dosattrs
= dos_mode(conn
, src
, &src_sbuf
);
6330 if (SMB_VFS_STAT(conn
,dest
,&sbuf2
) == -1) {
6331 ZERO_STRUCTP(&sbuf2
);
6334 status
= SMB_VFS_CREATE_FILE(
6337 0, /* root_dir_fid */
6339 0, /* create_file_flags */
6340 FILE_GENERIC_WRITE
, /* access_mask */
6341 FILE_SHARE_READ
| FILE_SHARE_WRITE
, /* share_access */
6342 new_create_disposition
, /* create_disposition*/
6343 0, /* create_options */
6344 dosattrs
, /* file_attributes */
6345 INTERNAL_OPEN_ONLY
, /* oplock_request */
6346 0, /* allocation_size */
6351 &sbuf2
); /* psbuf */
6355 if (!NT_STATUS_IS_OK(status
)) {
6356 close_file(NULL
, fsp1
, ERROR_CLOSE
);
6360 if ((ofun
&3) == 1) {
6361 if(SMB_VFS_LSEEK(fsp2
,0,SEEK_END
) == -1) {
6362 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno
) ));
6364 * Stop the copy from occurring.
6367 src_sbuf
.st_size
= 0;
6371 if (src_sbuf
.st_size
) {
6372 ret
= vfs_transfer_file(fsp1
, fsp2
, src_sbuf
.st_size
);
6375 close_file(NULL
, fsp1
, NORMAL_CLOSE
);
6377 /* Ensure the modtime is set correctly on the destination file. */
6378 set_close_write_time(fsp2
, get_mtimespec(&src_sbuf
));
6381 * As we are opening fsp1 read-only we only expect
6382 * an error on close on fsp2 if we are out of space.
6383 * Thus we don't look at the error return from the
6386 status
= close_file(NULL
, fsp2
, NORMAL_CLOSE
);
6388 if (!NT_STATUS_IS_OK(status
)) {
6392 if (ret
!= (SMB_OFF_T
)src_sbuf
.st_size
) {
6393 return NT_STATUS_DISK_FULL
;
6396 return NT_STATUS_OK
;
6399 /****************************************************************************
6400 Reply to a file copy.
6401 ****************************************************************************/
6403 void reply_copy(struct smb_request
*req
)
6405 connection_struct
*conn
= req
->conn
;
6407 char *newname
= NULL
;
6408 char *directory
= NULL
;
6409 const char *mask
= NULL
;
6410 const char mask_star
[] = "*";
6413 int error
= ERRnoaccess
;
6418 bool target_is_directory
=False
;
6419 bool source_has_wild
= False
;
6420 bool dest_has_wild
= False
;
6421 SMB_STRUCT_STAT sbuf1
, sbuf2
;
6423 TALLOC_CTX
*ctx
= talloc_tos();
6425 START_PROFILE(SMBcopy
);
6428 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6429 END_PROFILE(SMBcopy
);
6433 tid2
= SVAL(req
->vwv
+0, 0);
6434 ofun
= SVAL(req
->vwv
+1, 0);
6435 flags
= SVAL(req
->vwv
+2, 0);
6437 p
= (const char *)req
->buf
;
6438 p
+= srvstr_get_path_req_wcard(ctx
, req
, &name
, p
, STR_TERMINATE
,
6439 &status
, &source_has_wild
);
6440 if (!NT_STATUS_IS_OK(status
)) {
6441 reply_nterror(req
, status
);
6442 END_PROFILE(SMBcopy
);
6445 p
+= srvstr_get_path_req_wcard(ctx
, req
, &newname
, p
, STR_TERMINATE
,
6446 &status
, &dest_has_wild
);
6447 if (!NT_STATUS_IS_OK(status
)) {
6448 reply_nterror(req
, status
);
6449 END_PROFILE(SMBcopy
);
6453 DEBUG(3,("reply_copy : %s -> %s\n",name
,newname
));
6455 if (tid2
!= conn
->cnum
) {
6456 /* can't currently handle inter share copies XXXX */
6457 DEBUG(3,("Rejecting inter-share copy\n"));
6458 reply_doserror(req
, ERRSRV
, ERRinvdevice
);
6459 END_PROFILE(SMBcopy
);
6463 status
= resolve_dfspath_wcard(ctx
, conn
,
6464 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6468 if (!NT_STATUS_IS_OK(status
)) {
6469 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6470 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6471 ERRSRV
, ERRbadpath
);
6472 END_PROFILE(SMBcopy
);
6475 reply_nterror(req
, status
);
6476 END_PROFILE(SMBcopy
);
6480 status
= resolve_dfspath_wcard(ctx
, conn
,
6481 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6485 if (!NT_STATUS_IS_OK(status
)) {
6486 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6487 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6488 ERRSRV
, ERRbadpath
);
6489 END_PROFILE(SMBcopy
);
6492 reply_nterror(req
, status
);
6493 END_PROFILE(SMBcopy
);
6497 status
= unix_convert(ctx
, conn
, name
, source_has_wild
,
6498 &name
, NULL
, &sbuf1
);
6499 if (!NT_STATUS_IS_OK(status
)) {
6500 reply_nterror(req
, status
);
6501 END_PROFILE(SMBcopy
);
6505 status
= unix_convert(ctx
, conn
, newname
, dest_has_wild
,
6506 &newname
, NULL
, &sbuf2
);
6507 if (!NT_STATUS_IS_OK(status
)) {
6508 reply_nterror(req
, status
);
6509 END_PROFILE(SMBcopy
);
6513 target_is_directory
= VALID_STAT_OF_DIR(sbuf2
);
6515 if ((flags
&1) && target_is_directory
) {
6516 reply_doserror(req
, ERRDOS
, ERRbadfile
);
6517 END_PROFILE(SMBcopy
);
6521 if ((flags
&2) && !target_is_directory
) {
6522 reply_doserror(req
, ERRDOS
, ERRbadpath
);
6523 END_PROFILE(SMBcopy
);
6527 if ((flags
&(1<<5)) && VALID_STAT_OF_DIR(sbuf1
)) {
6528 /* wants a tree copy! XXXX */
6529 DEBUG(3,("Rejecting tree copy\n"));
6530 reply_doserror(req
, ERRSRV
, ERRerror
);
6531 END_PROFILE(SMBcopy
);
6535 p
= strrchr_m(name
,'/');
6537 directory
= talloc_strndup(ctx
, name
, PTR_DIFF(p
, name
));
6540 directory
= talloc_strdup(ctx
, "./");
6545 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6546 END_PROFILE(SMBcopy
);
6551 * We should only check the mangled cache
6552 * here if unix_convert failed. This means
6553 * that the path in 'mask' doesn't exist
6554 * on the file system and so we need to look
6555 * for a possible mangle. This patch from
6556 * Tine Smukavec <valentin.smukavec@hermes.si>.
6559 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
6560 char *new_mask
= NULL
;
6561 mangle_lookup_name_from_8_3(ctx
,
6570 if (!source_has_wild
) {
6571 directory
= talloc_asprintf_append(directory
,
6574 if (dest_has_wild
) {
6575 char *mod_newname
= NULL
;
6576 if (!resolve_wildcards(ctx
,
6577 directory
,newname
,&mod_newname
)) {
6578 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6579 END_PROFILE(SMBcopy
);
6582 newname
= mod_newname
;
6585 status
= check_name(conn
, directory
);
6586 if (!NT_STATUS_IS_OK(status
)) {
6587 reply_nterror(req
, status
);
6588 END_PROFILE(SMBcopy
);
6592 status
= check_name(conn
, newname
);
6593 if (!NT_STATUS_IS_OK(status
)) {
6594 reply_nterror(req
, status
);
6595 END_PROFILE(SMBcopy
);
6599 status
= copy_file(ctx
,conn
,directory
,newname
,ofun
,
6600 count
,target_is_directory
);
6602 if(!NT_STATUS_IS_OK(status
)) {
6603 reply_nterror(req
, status
);
6604 END_PROFILE(SMBcopy
);
6610 struct smb_Dir
*dir_hnd
= NULL
;
6611 const char *dname
= NULL
;
6614 if (strequal(mask
,"????????.???")) {
6618 status
= check_name(conn
, directory
);
6619 if (!NT_STATUS_IS_OK(status
)) {
6620 reply_nterror(req
, status
);
6621 END_PROFILE(SMBcopy
);
6625 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, 0);
6626 if (dir_hnd
== NULL
) {
6627 status
= map_nt_error_from_unix(errno
);
6628 reply_nterror(req
, status
);
6629 END_PROFILE(SMBcopy
);
6635 while ((dname
= ReadDirName(dir_hnd
, &offset
, &sbuf1
))) {
6636 char *destname
= NULL
;
6639 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
6643 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
6647 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
6651 error
= ERRnoaccess
;
6652 fname
= talloc_asprintf(ctx
,
6657 TALLOC_FREE(dir_hnd
);
6658 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6659 END_PROFILE(SMBcopy
);
6663 if (!resolve_wildcards(ctx
,
6664 fname
,newname
,&destname
)) {
6668 TALLOC_FREE(dir_hnd
);
6669 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6670 END_PROFILE(SMBcopy
);
6674 status
= check_name(conn
, fname
);
6675 if (!NT_STATUS_IS_OK(status
)) {
6676 TALLOC_FREE(dir_hnd
);
6677 reply_nterror(req
, status
);
6678 END_PROFILE(SMBcopy
);
6682 status
= check_name(conn
, destname
);
6683 if (!NT_STATUS_IS_OK(status
)) {
6684 TALLOC_FREE(dir_hnd
);
6685 reply_nterror(req
, status
);
6686 END_PROFILE(SMBcopy
);
6690 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname
, destname
));
6692 status
= copy_file(ctx
,conn
,fname
,destname
,ofun
,
6693 count
,target_is_directory
);
6694 if (NT_STATUS_IS_OK(status
)) {
6698 TALLOC_FREE(destname
);
6700 TALLOC_FREE(dir_hnd
);
6705 /* Error on close... */
6707 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
6708 END_PROFILE(SMBcopy
);
6712 reply_doserror(req
, ERRDOS
, error
);
6713 END_PROFILE(SMBcopy
);
6717 reply_outbuf(req
, 1, 0);
6718 SSVAL(req
->outbuf
,smb_vwv0
,count
);
6720 END_PROFILE(SMBcopy
);
6725 #define DBGC_CLASS DBGC_LOCKING
6727 /****************************************************************************
6728 Get a lock pid, dealing with large count requests.
6729 ****************************************************************************/
6731 uint32
get_lock_pid(const uint8_t *data
, int data_offset
,
6732 bool large_file_format
)
6734 if(!large_file_format
)
6735 return (uint32
)SVAL(data
,SMB_LPID_OFFSET(data_offset
));
6737 return (uint32
)SVAL(data
,SMB_LARGE_LPID_OFFSET(data_offset
));
6740 /****************************************************************************
6741 Get a lock count, dealing with large count requests.
6742 ****************************************************************************/
6744 uint64_t get_lock_count(const uint8_t *data
, int data_offset
,
6745 bool large_file_format
)
6749 if(!large_file_format
) {
6750 count
= (uint64_t)IVAL(data
,SMB_LKLEN_OFFSET(data_offset
));
6753 #if defined(HAVE_LONGLONG)
6754 count
= (((uint64_t) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
))) << 32) |
6755 ((uint64_t) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)));
6756 #else /* HAVE_LONGLONG */
6759 * NT4.x seems to be broken in that it sends large file (64 bit)
6760 * lockingX calls even if the CAP_LARGE_FILES was *not*
6761 * negotiated. For boxes without large unsigned ints truncate the
6762 * lock count by dropping the top 32 bits.
6765 if(IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)) != 0) {
6766 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6767 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)),
6768 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)) ));
6769 SIVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
),0);
6772 count
= (uint64_t)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
));
6773 #endif /* HAVE_LONGLONG */
6779 #if !defined(HAVE_LONGLONG)
6780 /****************************************************************************
6781 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6782 ****************************************************************************/
6784 static uint32
map_lock_offset(uint32 high
, uint32 low
)
6788 uint32 highcopy
= high
;
6791 * Try and find out how many significant bits there are in high.
6794 for(i
= 0; highcopy
; i
++)
6798 * We use 31 bits not 32 here as POSIX
6799 * lock offsets may not be negative.
6802 mask
= (~0) << (31 - i
);
6805 return 0; /* Fail. */
6811 #endif /* !defined(HAVE_LONGLONG) */
6813 /****************************************************************************
6814 Get a lock offset, dealing with large offset requests.
6815 ****************************************************************************/
6817 uint64_t get_lock_offset(const uint8_t *data
, int data_offset
,
6818 bool large_file_format
, bool *err
)
6820 uint64_t offset
= 0;
6824 if(!large_file_format
) {
6825 offset
= (uint64_t)IVAL(data
,SMB_LKOFF_OFFSET(data_offset
));
6828 #if defined(HAVE_LONGLONG)
6829 offset
= (((uint64_t) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
))) << 32) |
6830 ((uint64_t) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
)));
6831 #else /* HAVE_LONGLONG */
6834 * NT4.x seems to be broken in that it sends large file (64 bit)
6835 * lockingX calls even if the CAP_LARGE_FILES was *not*
6836 * negotiated. For boxes without large unsigned ints mangle the
6837 * lock offset by mapping the top 32 bits onto the lower 32.
6840 if(IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
)) != 0) {
6841 uint32 low
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6842 uint32 high
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
));
6845 if((new_low
= map_lock_offset(high
, low
)) == 0) {
6847 return (uint64_t)-1;
6850 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6851 (unsigned int)high
, (unsigned int)low
, (unsigned int)new_low
));
6852 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
),0);
6853 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
),new_low
);
6856 offset
= (uint64_t)IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6857 #endif /* HAVE_LONGLONG */
6863 /****************************************************************************
6864 Reply to a lockingX request.
6865 ****************************************************************************/
6867 void reply_lockingX(struct smb_request
*req
)
6869 connection_struct
*conn
= req
->conn
;
6871 unsigned char locktype
;
6872 unsigned char oplocklevel
;
6875 uint64_t count
= 0, offset
= 0;
6879 const uint8_t *data
;
6880 bool large_file_format
;
6882 NTSTATUS status
= NT_STATUS_UNSUCCESSFUL
;
6884 START_PROFILE(SMBlockingX
);
6887 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6888 END_PROFILE(SMBlockingX
);
6892 fsp
= file_fsp(req
, SVAL(req
->vwv
+2, 0));
6893 locktype
= CVAL(req
->vwv
+3, 0);
6894 oplocklevel
= CVAL(req
->vwv
+3, 1);
6895 num_ulocks
= SVAL(req
->vwv
+6, 0);
6896 num_locks
= SVAL(req
->vwv
+7, 0);
6897 lock_timeout
= IVAL(req
->vwv
+4, 0);
6898 large_file_format
= (locktype
& LOCKING_ANDX_LARGE_FILES
)?True
:False
;
6900 if (!check_fsp(conn
, req
, fsp
)) {
6901 END_PROFILE(SMBlockingX
);
6907 if (locktype
& LOCKING_ANDX_CHANGE_LOCKTYPE
) {
6908 /* we don't support these - and CANCEL_LOCK makes w2k
6909 and XP reboot so I don't really want to be
6910 compatible! (tridge) */
6911 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRnoatomiclocks
));
6912 END_PROFILE(SMBlockingX
);
6916 /* Check if this is an oplock break on a file
6917 we have granted an oplock on.
6919 if ((locktype
& LOCKING_ANDX_OPLOCK_RELEASE
)) {
6920 /* Client can insist on breaking to none. */
6921 bool break_to_none
= (oplocklevel
== 0);
6924 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6925 "for fnum = %d\n", (unsigned int)oplocklevel
,
6929 * Make sure we have granted an exclusive or batch oplock on
6933 if (fsp
->oplock_type
== 0) {
6935 /* The Samba4 nbench simulator doesn't understand
6936 the difference between break to level2 and break
6937 to none from level2 - it sends oplock break
6938 replies in both cases. Don't keep logging an error
6939 message here - just ignore it. JRA. */
6941 DEBUG(5,("reply_lockingX: Error : oplock break from "
6942 "client for fnum = %d (oplock=%d) and no "
6943 "oplock granted on this file (%s).\n",
6944 fsp
->fnum
, fsp
->oplock_type
, fsp
->fsp_name
));
6946 /* if this is a pure oplock break request then don't
6948 if (num_locks
== 0 && num_ulocks
== 0) {
6949 END_PROFILE(SMBlockingX
);
6952 END_PROFILE(SMBlockingX
);
6953 reply_doserror(req
, ERRDOS
, ERRlock
);
6958 if ((fsp
->sent_oplock_break
== BREAK_TO_NONE_SENT
) ||
6960 result
= remove_oplock(fsp
);
6962 result
= downgrade_oplock(fsp
);
6966 DEBUG(0, ("reply_lockingX: error in removing "
6967 "oplock on file %s\n", fsp
->fsp_name
));
6968 /* Hmmm. Is this panic justified? */
6969 smb_panic("internal tdb error");
6972 reply_to_oplock_break_requests(fsp
);
6974 /* if this is a pure oplock break request then don't send a
6976 if (num_locks
== 0 && num_ulocks
== 0) {
6977 /* Sanity check - ensure a pure oplock break is not a
6979 if(CVAL(req
->vwv
+0, 0) != 0xff)
6980 DEBUG(0,("reply_lockingX: Error : pure oplock "
6981 "break is a chained %d request !\n",
6982 (unsigned int)CVAL(req
->vwv
+0, 0)));
6983 END_PROFILE(SMBlockingX
);
6989 (num_ulocks
+ num_locks
) * (large_file_format
? 20 : 10)) {
6990 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6991 END_PROFILE(SMBlockingX
);
6995 /* Data now points at the beginning of the list
6996 of smb_unlkrng structs */
6997 for(i
= 0; i
< (int)num_ulocks
; i
++) {
6998 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6999 count
= get_lock_count( data
, i
, large_file_format
);
7000 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
7003 * There is no error code marked "stupid client bug".... :-).
7006 END_PROFILE(SMBlockingX
);
7007 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7011 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
7012 "pid %u, file %s\n", (double)offset
, (double)count
,
7013 (unsigned int)lock_pid
, fsp
->fsp_name
));
7015 status
= do_unlock(smbd_messaging_context(),
7022 DEBUG(10, ("reply_lockingX: unlock returned %s\n",
7023 nt_errstr(status
)));
7025 if (NT_STATUS_V(status
)) {
7026 END_PROFILE(SMBlockingX
);
7027 reply_nterror(req
, status
);
7032 /* Setup the timeout in seconds. */
7034 if (!lp_blocking_locks(SNUM(conn
))) {
7038 /* Now do any requested locks */
7039 data
+= ((large_file_format
? 20 : 10)*num_ulocks
);
7041 /* Data now points at the beginning of the list
7042 of smb_lkrng structs */
7044 for(i
= 0; i
< (int)num_locks
; i
++) {
7045 enum brl_type lock_type
= ((locktype
& LOCKING_ANDX_SHARED_LOCK
) ?
7046 READ_LOCK
:WRITE_LOCK
);
7047 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
7048 count
= get_lock_count( data
, i
, large_file_format
);
7049 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
7052 * There is no error code marked "stupid client bug".... :-).
7055 END_PROFILE(SMBlockingX
);
7056 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7060 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
7061 "%u, file %s timeout = %d\n", (double)offset
,
7062 (double)count
, (unsigned int)lock_pid
,
7063 fsp
->fsp_name
, (int)lock_timeout
));
7065 if (locktype
& LOCKING_ANDX_CANCEL_LOCK
) {
7066 struct blocking_lock_record
*blr
= NULL
;
7068 if (lp_blocking_locks(SNUM(conn
))) {
7070 /* Schedule a message to ourselves to
7071 remove the blocking lock record and
7072 return the right error. */
7074 blr
= blocking_lock_cancel(fsp
,
7080 NT_STATUS_FILE_LOCK_CONFLICT
);
7082 END_PROFILE(SMBlockingX
);
7087 ERRcancelviolation
));
7091 /* Remove a matching pending lock. */
7092 status
= do_lock_cancel(fsp
,
7099 bool blocking_lock
= lock_timeout
? True
: False
;
7100 bool defer_lock
= False
;
7101 struct byte_range_lock
*br_lck
;
7102 uint32 block_smbpid
;
7104 br_lck
= do_lock(smbd_messaging_context(),
7116 if (br_lck
&& blocking_lock
&& ERROR_WAS_LOCK_DENIED(status
)) {
7117 /* Windows internal resolution for blocking locks seems
7118 to be about 200ms... Don't wait for less than that. JRA. */
7119 if (lock_timeout
!= -1 && lock_timeout
< lp_lock_spin_time()) {
7120 lock_timeout
= lp_lock_spin_time();
7125 /* This heuristic seems to match W2K3 very well. If a
7126 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7127 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7128 far as I can tell. Replacement for do_lock_spin(). JRA. */
7130 if (br_lck
&& lp_blocking_locks(SNUM(conn
)) && !blocking_lock
&&
7131 NT_STATUS_EQUAL((status
), NT_STATUS_FILE_LOCK_CONFLICT
)) {
7133 lock_timeout
= lp_lock_spin_time();
7136 if (br_lck
&& defer_lock
) {
7138 * A blocking lock was requested. Package up
7139 * this smb into a queued request and push it
7140 * onto the blocking lock queue.
7142 if(push_blocking_lock_request(br_lck
,
7153 TALLOC_FREE(br_lck
);
7154 END_PROFILE(SMBlockingX
);
7159 TALLOC_FREE(br_lck
);
7162 if (NT_STATUS_V(status
)) {
7163 END_PROFILE(SMBlockingX
);
7164 reply_nterror(req
, status
);
7169 /* If any of the above locks failed, then we must unlock
7170 all of the previous locks (X/Open spec). */
7172 if (!(locktype
& LOCKING_ANDX_CANCEL_LOCK
) &&
7176 * Ensure we don't do a remove on the lock that just failed,
7177 * as under POSIX rules, if we have a lock already there, we
7178 * will delete it (and we shouldn't) .....
7180 for(i
--; i
>= 0; i
--) {
7181 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
7182 count
= get_lock_count( data
, i
, large_file_format
);
7183 offset
= get_lock_offset( data
, i
, large_file_format
,
7187 * There is no error code marked "stupid client
7191 END_PROFILE(SMBlockingX
);
7192 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7196 do_unlock(smbd_messaging_context(),
7203 END_PROFILE(SMBlockingX
);
7204 reply_nterror(req
, status
);
7208 reply_outbuf(req
, 2, 0);
7210 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7211 fsp
->fnum
, (unsigned int)locktype
, num_locks
, num_ulocks
));
7213 END_PROFILE(SMBlockingX
);
7218 #define DBGC_CLASS DBGC_ALL
7220 /****************************************************************************
7221 Reply to a SMBreadbmpx (read block multiplex) request.
7222 Always reply with an error, if someone has a platform really needs this,
7223 please contact vl@samba.org
7224 ****************************************************************************/
7226 void reply_readbmpx(struct smb_request
*req
)
7228 START_PROFILE(SMBreadBmpx
);
7229 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7230 END_PROFILE(SMBreadBmpx
);
7234 /****************************************************************************
7235 Reply to a SMBreadbs (read block multiplex secondary) request.
7236 Always reply with an error, if someone has a platform really needs this,
7237 please contact vl@samba.org
7238 ****************************************************************************/
7240 void reply_readbs(struct smb_request
*req
)
7242 START_PROFILE(SMBreadBs
);
7243 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7244 END_PROFILE(SMBreadBs
);
7248 /****************************************************************************
7249 Reply to a SMBsetattrE.
7250 ****************************************************************************/
7252 void reply_setattrE(struct smb_request
*req
)
7254 connection_struct
*conn
= req
->conn
;
7255 struct smb_file_time ft
;
7257 SMB_STRUCT_STAT sbuf
;
7260 START_PROFILE(SMBsetattrE
);
7264 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7265 END_PROFILE(SMBsetattrE
);
7269 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
7271 if(!fsp
|| (fsp
->conn
!= conn
)) {
7272 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7273 END_PROFILE(SMBsetattrE
);
7279 * Convert the DOS times into unix times.
7282 ft
.atime
= convert_time_t_to_timespec(
7283 srv_make_unix_date2(req
->vwv
+3));
7284 ft
.mtime
= convert_time_t_to_timespec(
7285 srv_make_unix_date2(req
->vwv
+5));
7286 ft
.create_time
= convert_time_t_to_timespec(
7287 srv_make_unix_date2(req
->vwv
+1));
7289 reply_outbuf(req
, 0, 0);
7292 * Patch from Ray Frush <frush@engr.colostate.edu>
7293 * Sometimes times are sent as zero - ignore them.
7296 /* Ensure we have a valid stat struct for the source. */
7297 if (fsp
->fh
->fd
!= -1) {
7298 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
7299 status
= map_nt_error_from_unix(errno
);
7300 reply_nterror(req
, status
);
7301 END_PROFILE(SMBsetattrE
);
7307 if (fsp
->posix_open
) {
7308 ret
= SMB_VFS_LSTAT(conn
, fsp
->fsp_name
, &sbuf
);
7310 ret
= SMB_VFS_STAT(conn
, fsp
->fsp_name
, &sbuf
);
7313 status
= map_nt_error_from_unix(errno
);
7314 reply_nterror(req
, status
);
7315 END_PROFILE(SMBsetattrE
);
7320 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
,
7322 if (!NT_STATUS_IS_OK(status
)) {
7323 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7324 END_PROFILE(SMBsetattrE
);
7328 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7331 (unsigned int)ft
.atime
.tv_sec
,
7332 (unsigned int)ft
.mtime
.tv_sec
,
7333 (unsigned int)ft
.create_time
.tv_sec
7336 END_PROFILE(SMBsetattrE
);
7341 /* Back from the dead for OS/2..... JRA. */
7343 /****************************************************************************
7344 Reply to a SMBwritebmpx (write block multiplex primary) request.
7345 Always reply with an error, if someone has a platform really needs this,
7346 please contact vl@samba.org
7347 ****************************************************************************/
7349 void reply_writebmpx(struct smb_request
*req
)
7351 START_PROFILE(SMBwriteBmpx
);
7352 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7353 END_PROFILE(SMBwriteBmpx
);
7357 /****************************************************************************
7358 Reply to a SMBwritebs (write block multiplex secondary) request.
7359 Always reply with an error, if someone has a platform really needs this,
7360 please contact vl@samba.org
7361 ****************************************************************************/
7363 void reply_writebs(struct smb_request
*req
)
7365 START_PROFILE(SMBwriteBs
);
7366 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7367 END_PROFILE(SMBwriteBs
);
7371 /****************************************************************************
7372 Reply to a SMBgetattrE.
7373 ****************************************************************************/
7375 void reply_getattrE(struct smb_request
*req
)
7377 connection_struct
*conn
= req
->conn
;
7378 SMB_STRUCT_STAT sbuf
;
7381 struct timespec create_ts
;
7383 START_PROFILE(SMBgetattrE
);
7386 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7387 END_PROFILE(SMBgetattrE
);
7391 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
7393 if(!fsp
|| (fsp
->conn
!= conn
)) {
7394 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7395 END_PROFILE(SMBgetattrE
);
7399 /* Do an fstat on this file */
7400 if(fsp_stat(fsp
, &sbuf
)) {
7401 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
7402 END_PROFILE(SMBgetattrE
);
7406 mode
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
7409 * Convert the times into dos times. Set create
7410 * date to be last modify date as UNIX doesn't save
7414 reply_outbuf(req
, 11, 0);
7416 create_ts
= get_create_timespec(&sbuf
,
7417 lp_fake_dir_create_times(SNUM(conn
)));
7418 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv0
, create_ts
.tv_sec
);
7419 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv2
, sbuf
.st_atime
);
7420 /* Should we check pending modtime here ? JRA */
7421 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv4
, sbuf
.st_mtime
);
7424 SIVAL(req
->outbuf
, smb_vwv6
, 0);
7425 SIVAL(req
->outbuf
, smb_vwv8
, 0);
7427 uint32 allocation_size
= SMB_VFS_GET_ALLOC_SIZE(conn
,fsp
, &sbuf
);
7428 SIVAL(req
->outbuf
, smb_vwv6
, (uint32
)sbuf
.st_size
);
7429 SIVAL(req
->outbuf
, smb_vwv8
, allocation_size
);
7431 SSVAL(req
->outbuf
,smb_vwv10
, mode
);
7433 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp
->fnum
));
7435 END_PROFILE(SMBgetattrE
);