2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol
;
32 unsigned int smb_echo_count
= 0;
33 extern uint32 global_client_caps
;
35 extern struct current_user current_user
;
36 extern bool global_encrypted_passwords_negotiated
;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS
check_path_syntax_internal(char *path
,
51 bool *p_last_component_contains_wcard
)
55 NTSTATUS ret
= NT_STATUS_OK
;
56 bool start_of_name_component
= True
;
57 bool stream_started
= false;
59 *p_last_component_contains_wcard
= False
;
66 return NT_STATUS_OBJECT_NAME_INVALID
;
69 return NT_STATUS_OBJECT_NAME_INVALID
;
71 if (strchr_m(&s
[1], ':')) {
72 return NT_STATUS_OBJECT_NAME_INVALID
;
74 if (StrCaseCmp(s
, ":$DATA") != 0) {
75 return NT_STATUS_INVALID_PARAMETER
;
81 if (!stream_started
&& *s
== ':') {
82 if (*p_last_component_contains_wcard
) {
83 return NT_STATUS_OBJECT_NAME_INVALID
;
85 /* stream names allow more characters than file names */
86 stream_started
= true;
87 start_of_name_component
= false;
91 return NT_STATUS_OBJECT_NAME_INVALID
;
95 if (!stream_started
&& IS_PATH_SEP(*s
,posix_path
)) {
97 * Safe to assume is not the second part of a mb char
98 * as this is handled below.
100 /* Eat multiple '/' or '\\' */
101 while (IS_PATH_SEP(*s
,posix_path
)) {
104 if ((d
!= path
) && (*s
!= '\0')) {
105 /* We only care about non-leading or trailing '/' or '\\' */
109 start_of_name_component
= True
;
111 *p_last_component_contains_wcard
= False
;
115 if (start_of_name_component
) {
116 if ((s
[0] == '.') && (s
[1] == '.') && (IS_PATH_SEP(s
[2],posix_path
) || s
[2] == '\0')) {
117 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
120 * No mb char starts with '.' so we're safe checking the directory separator here.
123 /* If we just added a '/' - delete it */
124 if ((d
> path
) && (*(d
-1) == '/')) {
129 /* Are we at the start ? Can't go back further if so. */
131 ret
= NT_STATUS_OBJECT_PATH_SYNTAX_BAD
;
134 /* Go back one level... */
135 /* We know this is safe as '/' cannot be part of a mb sequence. */
136 /* NOTE - if this assumption is invalid we are not in good shape... */
137 /* Decrement d first as d points to the *next* char to write into. */
138 for (d
--; d
> path
; d
--) {
142 s
+= 2; /* Else go past the .. */
143 /* We're still at the start of a name component, just the previous one. */
146 } else if ((s
[0] == '.') && ((s
[1] == '\0') || IS_PATH_SEP(s
[1],posix_path
))) {
158 if (*s
<= 0x1f || *s
== '|') {
159 return NT_STATUS_OBJECT_NAME_INVALID
;
167 *p_last_component_contains_wcard
= True
;
176 /* Get the size of the next MB character. */
177 next_codepoint(s
,&siz
);
195 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
197 return NT_STATUS_INVALID_PARAMETER
;
200 start_of_name_component
= False
;
208 /****************************************************************************
209 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
210 No wildcards allowed.
211 ****************************************************************************/
213 NTSTATUS
check_path_syntax(char *path
)
216 return check_path_syntax_internal(path
, False
, &ignore
);
219 /****************************************************************************
220 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
221 Wildcards allowed - p_contains_wcard returns true if the last component contained
223 ****************************************************************************/
225 NTSTATUS
check_path_syntax_wcard(char *path
, bool *p_contains_wcard
)
227 return check_path_syntax_internal(path
, False
, p_contains_wcard
);
230 /****************************************************************************
231 Check the path for a POSIX client.
232 We're assuming here that '/' is not the second byte in any multibyte char
233 set (a safe assumption).
234 ****************************************************************************/
236 NTSTATUS
check_path_syntax_posix(char *path
)
239 return check_path_syntax_internal(path
, True
, &ignore
);
242 /****************************************************************************
243 Pull a string and check the path allowing a wilcard - provide for error return.
244 ****************************************************************************/
246 size_t srvstr_get_path_wcard(TALLOC_CTX
*ctx
,
254 bool *contains_wcard
)
261 ret
= srvstr_pull_buf_talloc(ctx
,
268 ret
= srvstr_pull_talloc(ctx
,
278 *err
= NT_STATUS_INVALID_PARAMETER
;
282 *contains_wcard
= False
;
284 if (smb_flags2
& FLAGS2_DFS_PATHNAMES
) {
286 * For a DFS path the function parse_dfs_path()
287 * will do the path processing, just make a copy.
293 if (lp_posix_pathnames()) {
294 *err
= check_path_syntax_posix(*pp_dest
);
296 *err
= check_path_syntax_wcard(*pp_dest
, contains_wcard
);
302 /****************************************************************************
303 Pull a string and check the path - provide for error return.
304 ****************************************************************************/
306 size_t srvstr_get_path(TALLOC_CTX
*ctx
,
320 ret
= srvstr_pull_buf_talloc(ctx
,
327 ret
= srvstr_pull_talloc(ctx
,
337 *err
= NT_STATUS_INVALID_PARAMETER
;
341 if (smb_flags2
& FLAGS2_DFS_PATHNAMES
) {
343 * For a DFS path the function parse_dfs_path()
344 * will do the path processing, just make a copy.
350 if (lp_posix_pathnames()) {
351 *err
= check_path_syntax_posix(*pp_dest
);
353 *err
= check_path_syntax(*pp_dest
);
359 /****************************************************************************
360 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
361 ****************************************************************************/
363 bool check_fsp_open(connection_struct
*conn
, struct smb_request
*req
,
364 files_struct
*fsp
, struct current_user
*user
)
366 if (!(fsp
) || !(conn
)) {
367 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
370 if (((conn
) != (fsp
)->conn
) || user
->vuid
!= (fsp
)->vuid
) {
371 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
377 /****************************************************************************
378 Check if we have a correct fsp pointing to a file. Replacement for the
380 ****************************************************************************/
382 bool check_fsp(connection_struct
*conn
, struct smb_request
*req
,
383 files_struct
*fsp
, struct current_user
*user
)
385 if (!check_fsp_open(conn
, req
, fsp
, user
)) {
388 if ((fsp
)->is_directory
) {
389 reply_nterror(req
, NT_STATUS_INVALID_DEVICE_REQUEST
);
392 if ((fsp
)->fh
->fd
== -1) {
393 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
396 (fsp
)->num_smb_operations
++;
400 /****************************************************************************
401 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
402 ****************************************************************************/
404 bool fsp_belongs_conn(connection_struct
*conn
, struct smb_request
*req
,
405 files_struct
*fsp
, struct current_user
*user
)
407 if ((fsp
) && (conn
) && ((conn
)==(fsp
)->conn
)
408 && (current_user
.vuid
==(fsp
)->vuid
)) {
412 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
416 /****************************************************************************
417 Reply to a (netbios-level) special message.
418 ****************************************************************************/
420 void reply_special(char *inbuf
)
422 int msg_type
= CVAL(inbuf
,0);
423 int msg_flags
= CVAL(inbuf
,1);
428 * We only really use 4 bytes of the outbuf, but for the smb_setlen
429 * calculation & friends (srv_send_smb uses that) we need the full smb
432 char outbuf
[smb_size
];
434 static bool already_got_session
= False
;
438 memset(outbuf
, '\0', sizeof(outbuf
));
440 smb_setlen(outbuf
,0);
443 case 0x81: /* session request */
445 if (already_got_session
) {
446 exit_server_cleanly("multiple session request not permitted");
449 SCVAL(outbuf
,0,0x82);
451 if (name_len(inbuf
+4) > 50 ||
452 name_len(inbuf
+4 + name_len(inbuf
+ 4)) > 50) {
453 DEBUG(0,("Invalid name length in session request\n"));
456 name_extract(inbuf
,4,name1
);
457 name_type
= name_extract(inbuf
,4 + name_len(inbuf
+ 4),name2
);
458 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
461 set_local_machine_name(name1
, True
);
462 set_remote_machine_name(name2
, True
);
464 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
465 get_local_machine_name(), get_remote_machine_name(),
468 if (name_type
== 'R') {
469 /* We are being asked for a pathworks session ---
471 SCVAL(outbuf
, 0,0x83);
475 /* only add the client's machine name to the list
476 of possibly valid usernames if we are operating
477 in share mode security */
478 if (lp_security() == SEC_SHARE
) {
479 add_session_user(get_remote_machine_name());
482 reload_services(True
);
485 already_got_session
= True
;
488 case 0x89: /* session keepalive request
489 (some old clients produce this?) */
490 SCVAL(outbuf
,0,SMBkeepalive
);
494 case 0x82: /* positive session response */
495 case 0x83: /* negative session response */
496 case 0x84: /* retarget session response */
497 DEBUG(0,("Unexpected session response\n"));
500 case SMBkeepalive
: /* session keepalive */
505 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
506 msg_type
, msg_flags
));
508 srv_send_smb(smbd_server_fd(), outbuf
, false);
512 /****************************************************************************
514 conn POINTER CAN BE NULL HERE !
515 ****************************************************************************/
517 void reply_tcon(struct smb_request
*req
)
519 connection_struct
*conn
= req
->conn
;
521 char *service_buf
= NULL
;
522 char *password
= NULL
;
527 DATA_BLOB password_blob
;
528 TALLOC_CTX
*ctx
= talloc_tos();
530 START_PROFILE(SMBtcon
);
532 if (smb_buflen(req
->inbuf
) < 4) {
533 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
534 END_PROFILE(SMBtcon
);
538 p
= smb_buf(req
->inbuf
)+1;
539 p
+= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
,
540 &service_buf
, p
, STR_TERMINATE
) + 1;
541 pwlen
= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
,
542 &password
, p
, STR_TERMINATE
) + 1;
544 p
+= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
,
545 &dev
, p
, STR_TERMINATE
) + 1;
547 if (service_buf
== NULL
|| password
== NULL
|| dev
== NULL
) {
548 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
549 END_PROFILE(SMBtcon
);
552 p
= strrchr_m(service_buf
,'\\');
556 service
= service_buf
;
559 password_blob
= data_blob(password
, pwlen
+1);
561 conn
= make_connection(service
,password_blob
,dev
,req
->vuid
,&nt_status
);
564 data_blob_clear_free(&password_blob
);
567 reply_nterror(req
, nt_status
);
568 END_PROFILE(SMBtcon
);
572 reply_outbuf(req
, 2, 0);
573 SSVAL(req
->outbuf
,smb_vwv0
,max_recv
);
574 SSVAL(req
->outbuf
,smb_vwv1
,conn
->cnum
);
575 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
577 DEBUG(3,("tcon service=%s cnum=%d\n",
578 service
, conn
->cnum
));
580 END_PROFILE(SMBtcon
);
584 /****************************************************************************
585 Reply to a tcon and X.
586 conn POINTER CAN BE NULL HERE !
587 ****************************************************************************/
589 void reply_tcon_and_X(struct smb_request
*req
)
591 connection_struct
*conn
= req
->conn
;
592 char *service
= NULL
;
594 TALLOC_CTX
*ctx
= talloc_tos();
595 /* what the cleint thinks the device is */
596 char *client_devicetype
= NULL
;
597 /* what the server tells the client the share represents */
598 const char *server_devicetype
;
605 START_PROFILE(SMBtconX
);
608 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
609 END_PROFILE(SMBtconX
);
613 passlen
= SVAL(req
->inbuf
,smb_vwv3
);
614 tcon_flags
= SVAL(req
->inbuf
,smb_vwv2
);
616 /* we might have to close an old one */
617 if ((tcon_flags
& 0x1) && conn
) {
618 close_cnum(conn
,req
->vuid
);
623 if ((passlen
> MAX_PASS_LEN
) || (passlen
>= smb_buflen(req
->inbuf
))) {
624 reply_doserror(req
, ERRDOS
, ERRbuftoosmall
);
625 END_PROFILE(SMBtconX
);
629 if (global_encrypted_passwords_negotiated
) {
630 password
= data_blob_talloc(talloc_tos(), smb_buf(req
->inbuf
),
632 if (lp_security() == SEC_SHARE
) {
634 * Security = share always has a pad byte
635 * after the password.
637 p
= smb_buf(req
->inbuf
) + passlen
+ 1;
639 p
= smb_buf(req
->inbuf
) + passlen
;
642 password
= data_blob_talloc(talloc_tos(), smb_buf(req
->inbuf
),
644 /* Ensure correct termination */
645 password
.data
[passlen
]=0;
646 p
= smb_buf(req
->inbuf
) + passlen
+ 1;
649 p
+= srvstr_pull_buf_talloc(ctx
, req
->inbuf
, req
->flags2
, &path
, p
,
653 data_blob_clear_free(&password
);
654 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
655 END_PROFILE(SMBtconX
);
660 * the service name can be either: \\server\share
661 * or share directly like on the DELL PowerVault 705
664 q
= strchr_m(path
+2,'\\');
666 data_blob_clear_free(&password
);
667 reply_doserror(req
, ERRDOS
, ERRnosuchshare
);
668 END_PROFILE(SMBtconX
);
676 p
+= srvstr_pull_talloc(ctx
, req
->inbuf
, req
->flags2
,
677 &client_devicetype
, p
,
678 MIN(6,smb_bufrem(req
->inbuf
, p
)), STR_ASCII
);
680 if (client_devicetype
== NULL
) {
681 data_blob_clear_free(&password
);
682 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
683 END_PROFILE(SMBtconX
);
687 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype
, service
));
689 conn
= make_connection(service
, password
, client_devicetype
,
690 req
->vuid
, &nt_status
);
693 data_blob_clear_free(&password
);
696 reply_nterror(req
, nt_status
);
697 END_PROFILE(SMBtconX
);
702 server_devicetype
= "IPC";
703 else if ( IS_PRINT(conn
) )
704 server_devicetype
= "LPT1:";
706 server_devicetype
= "A:";
708 if (Protocol
< PROTOCOL_NT1
) {
709 reply_outbuf(req
, 2, 0);
710 if (message_push_string(&req
->outbuf
, server_devicetype
,
711 STR_TERMINATE
|STR_ASCII
) == -1) {
712 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
713 END_PROFILE(SMBtconX
);
717 /* NT sets the fstype of IPC$ to the null string */
718 const char *fstype
= IS_IPC(conn
) ? "" : lp_fstype(SNUM(conn
));
720 if (tcon_flags
& TCONX_FLAG_EXTENDED_RESPONSE
) {
721 /* Return permissions. */
725 reply_outbuf(req
, 7, 0);
728 perm1
= FILE_ALL_ACCESS
;
729 perm2
= FILE_ALL_ACCESS
;
731 perm1
= CAN_WRITE(conn
) ?
736 SIVAL(req
->outbuf
, smb_vwv3
, perm1
);
737 SIVAL(req
->outbuf
, smb_vwv5
, perm2
);
739 reply_outbuf(req
, 3, 0);
742 if ((message_push_string(&req
->outbuf
, server_devicetype
,
743 STR_TERMINATE
|STR_ASCII
) == -1)
744 || (message_push_string(&req
->outbuf
, fstype
,
745 STR_TERMINATE
) == -1)) {
746 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
747 END_PROFILE(SMBtconX
);
751 /* what does setting this bit do? It is set by NT4 and
752 may affect the ability to autorun mounted cdroms */
753 SSVAL(req
->outbuf
, smb_vwv2
, SMB_SUPPORT_SEARCH_BITS
|
754 (lp_csc_policy(SNUM(conn
)) << 2));
756 init_dfsroot(conn
, req
->inbuf
, req
->outbuf
);
760 DEBUG(3,("tconX service=%s \n",
763 /* set the incoming and outgoing tid to the just created one */
764 SSVAL(req
->inbuf
,smb_tid
,conn
->cnum
);
765 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
767 END_PROFILE(SMBtconX
);
773 /****************************************************************************
774 Reply to an unknown type.
775 ****************************************************************************/
777 void reply_unknown_new(struct smb_request
*req
, uint8 type
)
779 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
780 smb_fn_name(type
), type
, type
));
781 reply_doserror(req
, ERRSRV
, ERRunknownsmb
);
785 /****************************************************************************
787 conn POINTER CAN BE NULL HERE !
788 ****************************************************************************/
790 void reply_ioctl(struct smb_request
*req
)
792 connection_struct
*conn
= req
->conn
;
799 START_PROFILE(SMBioctl
);
802 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
803 END_PROFILE(SMBioctl
);
807 device
= SVAL(req
->inbuf
,smb_vwv1
);
808 function
= SVAL(req
->inbuf
,smb_vwv2
);
809 ioctl_code
= (device
<< 16) + function
;
811 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code
));
813 switch (ioctl_code
) {
814 case IOCTL_QUERY_JOB_INFO
:
818 reply_doserror(req
, ERRSRV
, ERRnosupport
);
819 END_PROFILE(SMBioctl
);
823 reply_outbuf(req
, 8, replysize
+1);
824 SSVAL(req
->outbuf
,smb_vwv1
,replysize
); /* Total data bytes returned */
825 SSVAL(req
->outbuf
,smb_vwv5
,replysize
); /* Data bytes this buffer */
826 SSVAL(req
->outbuf
,smb_vwv6
,52); /* Offset to data */
827 p
= smb_buf(req
->outbuf
);
828 memset(p
, '\0', replysize
+1); /* valgrind-safe. */
829 p
+= 1; /* Allow for alignment */
831 switch (ioctl_code
) {
832 case IOCTL_QUERY_JOB_INFO
:
834 files_struct
*fsp
= file_fsp(SVAL(req
->inbuf
,
837 reply_doserror(req
, ERRDOS
, ERRbadfid
);
838 END_PROFILE(SMBioctl
);
841 SSVAL(p
,0,fsp
->rap_print_jobid
); /* Job number */
842 srvstr_push((char *)req
->outbuf
, req
->flags2
, p
+2,
844 STR_TERMINATE
|STR_ASCII
);
846 srvstr_push((char *)req
->outbuf
, req
->flags2
,
847 p
+18, lp_servicename(SNUM(conn
)),
848 13, STR_TERMINATE
|STR_ASCII
);
856 END_PROFILE(SMBioctl
);
860 /****************************************************************************
861 Strange checkpath NTSTATUS mapping.
862 ****************************************************************************/
864 static NTSTATUS
map_checkpath_error(const char *inbuf
, NTSTATUS status
)
866 /* Strange DOS error code semantics only for checkpath... */
867 if (!(SVAL(inbuf
,smb_flg2
) & FLAGS2_32_BIT_ERROR_CODES
)) {
868 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID
,status
)) {
869 /* We need to map to ERRbadpath */
870 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
876 /****************************************************************************
877 Reply to a checkpath.
878 ****************************************************************************/
880 void reply_checkpath(struct smb_request
*req
)
882 connection_struct
*conn
= req
->conn
;
884 SMB_STRUCT_STAT sbuf
;
886 TALLOC_CTX
*ctx
= talloc_tos();
888 START_PROFILE(SMBcheckpath
);
890 srvstr_get_path(ctx
,(char *)req
->inbuf
, req
->flags2
, &name
,
891 smb_buf(req
->inbuf
) + 1, 0,
892 STR_TERMINATE
, &status
);
893 if (!NT_STATUS_IS_OK(status
)) {
894 status
= map_checkpath_error((char *)req
->inbuf
, status
);
895 reply_nterror(req
, status
);
896 END_PROFILE(SMBcheckpath
);
900 status
= resolve_dfspath(ctx
, conn
,
901 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
904 if (!NT_STATUS_IS_OK(status
)) {
905 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
906 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
908 END_PROFILE(SMBcheckpath
);
914 DEBUG(3,("reply_checkpath %s mode=%d\n", name
, (int)SVAL(req
->inbuf
,smb_vwv0
)));
916 status
= unix_convert(ctx
, conn
, name
, False
, &name
, NULL
, &sbuf
);
917 if (!NT_STATUS_IS_OK(status
)) {
921 status
= check_name(conn
, name
);
922 if (!NT_STATUS_IS_OK(status
)) {
923 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name
,nt_errstr(status
)));
927 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,name
,&sbuf
) != 0)) {
928 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name
,strerror(errno
)));
929 status
= map_nt_error_from_unix(errno
);
933 if (!S_ISDIR(sbuf
.st_mode
)) {
934 reply_botherror(req
, NT_STATUS_NOT_A_DIRECTORY
,
936 END_PROFILE(SMBcheckpath
);
940 reply_outbuf(req
, 0, 0);
942 END_PROFILE(SMBcheckpath
);
947 END_PROFILE(SMBcheckpath
);
949 /* We special case this - as when a Windows machine
950 is parsing a path is steps through the components
951 one at a time - if a component fails it expects
952 ERRbadpath, not ERRbadfile.
954 status
= map_checkpath_error((char *)req
->inbuf
, status
);
955 if (NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
957 * Windows returns different error codes if
958 * the parent directory is valid but not the
959 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
960 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
961 * if the path is invalid.
963 reply_botherror(req
, NT_STATUS_OBJECT_NAME_NOT_FOUND
,
968 reply_nterror(req
, status
);
971 /****************************************************************************
973 ****************************************************************************/
975 void reply_getatr(struct smb_request
*req
)
977 connection_struct
*conn
= req
->conn
;
979 SMB_STRUCT_STAT sbuf
;
985 TALLOC_CTX
*ctx
= talloc_tos();
987 START_PROFILE(SMBgetatr
);
989 p
= smb_buf(req
->inbuf
) + 1;
990 p
+= srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
, p
,
991 0, STR_TERMINATE
, &status
);
992 if (!NT_STATUS_IS_OK(status
)) {
993 reply_nterror(req
, status
);
994 END_PROFILE(SMBgetatr
);
998 status
= resolve_dfspath(ctx
, conn
,
999 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1002 if (!NT_STATUS_IS_OK(status
)) {
1003 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
1004 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1005 ERRSRV
, ERRbadpath
);
1006 END_PROFILE(SMBgetatr
);
1009 reply_nterror(req
, status
);
1010 END_PROFILE(SMBgetatr
);
1014 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1015 under WfWg - weird! */
1016 if (*fname
== '\0') {
1017 mode
= aHIDDEN
| aDIR
;
1018 if (!CAN_WRITE(conn
)) {
1024 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
,&sbuf
);
1025 if (!NT_STATUS_IS_OK(status
)) {
1026 reply_nterror(req
, status
);
1027 END_PROFILE(SMBgetatr
);
1030 status
= check_name(conn
, fname
);
1031 if (!NT_STATUS_IS_OK(status
)) {
1032 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname
,nt_errstr(status
)));
1033 reply_nterror(req
, status
);
1034 END_PROFILE(SMBgetatr
);
1037 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,fname
,&sbuf
) != 0)) {
1038 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname
,strerror(errno
)));
1039 reply_unixerror(req
, ERRDOS
,ERRbadfile
);
1040 END_PROFILE(SMBgetatr
);
1044 mode
= dos_mode(conn
,fname
,&sbuf
);
1045 size
= sbuf
.st_size
;
1046 mtime
= sbuf
.st_mtime
;
1052 reply_outbuf(req
, 10, 0);
1054 SSVAL(req
->outbuf
,smb_vwv0
,mode
);
1055 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1056 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
& ~1);
1058 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
);
1060 SIVAL(req
->outbuf
,smb_vwv3
,(uint32
)size
);
1062 if (Protocol
>= PROTOCOL_NT1
) {
1063 SSVAL(req
->outbuf
, smb_flg2
,
1064 SVAL(req
->outbuf
, smb_flg2
) | FLAGS2_IS_LONG_NAME
);
1067 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname
, mode
, (unsigned int)size
) );
1069 END_PROFILE(SMBgetatr
);
1073 /****************************************************************************
1075 ****************************************************************************/
1077 void reply_setatr(struct smb_request
*req
)
1079 struct timespec ts
[2];
1080 connection_struct
*conn
= req
->conn
;
1084 SMB_STRUCT_STAT sbuf
;
1087 TALLOC_CTX
*ctx
= talloc_tos();
1089 START_PROFILE(SMBsetatr
);
1094 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1098 p
= smb_buf(req
->inbuf
) + 1;
1099 p
+= srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
, p
,
1100 0, STR_TERMINATE
, &status
);
1101 if (!NT_STATUS_IS_OK(status
)) {
1102 reply_nterror(req
, status
);
1103 END_PROFILE(SMBsetatr
);
1107 status
= resolve_dfspath(ctx
, conn
,
1108 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1111 if (!NT_STATUS_IS_OK(status
)) {
1112 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
1113 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1114 ERRSRV
, ERRbadpath
);
1115 END_PROFILE(SMBsetatr
);
1118 reply_nterror(req
, status
);
1119 END_PROFILE(SMBsetatr
);
1123 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
1124 if (!NT_STATUS_IS_OK(status
)) {
1125 reply_nterror(req
, status
);
1126 END_PROFILE(SMBsetatr
);
1130 status
= check_name(conn
, fname
);
1131 if (!NT_STATUS_IS_OK(status
)) {
1132 reply_nterror(req
, status
);
1133 END_PROFILE(SMBsetatr
);
1137 if (fname
[0] == '.' && fname
[1] == '\0') {
1139 * Not sure here is the right place to catch this
1140 * condition. Might be moved to somewhere else later -- vl
1142 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
1143 END_PROFILE(SMBsetatr
);
1147 mode
= SVAL(req
->inbuf
,smb_vwv0
);
1148 mtime
= srv_make_unix_date3(req
->inbuf
+smb_vwv1
);
1150 ts
[1] = convert_time_t_to_timespec(mtime
);
1151 status
= smb_set_file_time(conn
, NULL
, fname
,
1153 if (!NT_STATUS_IS_OK(status
)) {
1154 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1155 END_PROFILE(SMBsetatr
);
1159 if (mode
!= FILE_ATTRIBUTE_NORMAL
) {
1160 if (VALID_STAT_OF_DIR(sbuf
))
1165 if (file_set_dosmode(conn
,fname
,mode
,&sbuf
,NULL
,false) != 0) {
1166 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1167 END_PROFILE(SMBsetatr
);
1172 reply_outbuf(req
, 0, 0);
1174 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname
, mode
) );
1176 END_PROFILE(SMBsetatr
);
1180 /****************************************************************************
1182 ****************************************************************************/
1184 void reply_dskattr(struct smb_request
*req
)
1186 connection_struct
*conn
= req
->conn
;
1187 SMB_BIG_UINT dfree
,dsize
,bsize
;
1188 START_PROFILE(SMBdskattr
);
1190 if (get_dfree_info(conn
,".",True
,&bsize
,&dfree
,&dsize
) == (SMB_BIG_UINT
)-1) {
1191 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
1192 END_PROFILE(SMBdskattr
);
1196 reply_outbuf(req
, 5, 0);
1198 if (Protocol
<= PROTOCOL_LANMAN2
) {
1199 double total_space
, free_space
;
1200 /* we need to scale this to a number that DOS6 can handle. We
1201 use floating point so we can handle large drives on systems
1202 that don't have 64 bit integers
1204 we end up displaying a maximum of 2G to DOS systems
1206 total_space
= dsize
* (double)bsize
;
1207 free_space
= dfree
* (double)bsize
;
1209 dsize
= (SMB_BIG_UINT
)((total_space
+63*512) / (64*512));
1210 dfree
= (SMB_BIG_UINT
)((free_space
+63*512) / (64*512));
1212 if (dsize
> 0xFFFF) dsize
= 0xFFFF;
1213 if (dfree
> 0xFFFF) dfree
= 0xFFFF;
1215 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1216 SSVAL(req
->outbuf
,smb_vwv1
,64); /* this must be 64 for dos systems */
1217 SSVAL(req
->outbuf
,smb_vwv2
,512); /* and this must be 512 */
1218 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1220 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1221 SSVAL(req
->outbuf
,smb_vwv1
,bsize
/512);
1222 SSVAL(req
->outbuf
,smb_vwv2
,512);
1223 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1226 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree
));
1228 END_PROFILE(SMBdskattr
);
1232 /****************************************************************************
1234 Can be called from SMBsearch, SMBffirst or SMBfunique.
1235 ****************************************************************************/
1237 void reply_search(struct smb_request
*req
)
1239 connection_struct
*conn
= req
->conn
;
1241 char *directory
= NULL
;
1247 unsigned int numentries
= 0;
1248 unsigned int maxentries
= 0;
1249 bool finished
= False
;
1255 bool check_descend
= False
;
1256 bool expect_close
= False
;
1258 bool mask_contains_wcard
= False
;
1259 bool allow_long_path_components
= (req
->flags2
& FLAGS2_LONG_PATH_COMPONENTS
) ? True
: False
;
1260 TALLOC_CTX
*ctx
= talloc_tos();
1261 bool ask_sharemode
= lp_parm_bool(SNUM(conn
), "smbd", "search ask sharemode", true);
1263 START_PROFILE(SMBsearch
);
1266 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1267 END_PROFILE(SMBsearch
);
1271 if (lp_posix_pathnames()) {
1272 reply_unknown_new(req
, CVAL(req
->inbuf
, smb_com
));
1273 END_PROFILE(SMBsearch
);
1277 /* If we were called as SMBffirst then we must expect close. */
1278 if(CVAL(req
->inbuf
,smb_com
) == SMBffirst
) {
1279 expect_close
= True
;
1282 reply_outbuf(req
, 1, 3);
1283 maxentries
= SVAL(req
->inbuf
,smb_vwv0
);
1284 dirtype
= SVAL(req
->inbuf
,smb_vwv1
);
1285 p
= smb_buf(req
->inbuf
) + 1;
1286 p
+= srvstr_get_path_wcard(ctx
,
1294 &mask_contains_wcard
);
1295 if (!NT_STATUS_IS_OK(nt_status
)) {
1296 reply_nterror(req
, nt_status
);
1297 END_PROFILE(SMBsearch
);
1301 nt_status
= resolve_dfspath_wcard(ctx
, conn
,
1302 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1305 &mask_contains_wcard
);
1306 if (!NT_STATUS_IS_OK(nt_status
)) {
1307 if (NT_STATUS_EQUAL(nt_status
,NT_STATUS_PATH_NOT_COVERED
)) {
1308 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1309 ERRSRV
, ERRbadpath
);
1310 END_PROFILE(SMBsearch
);
1313 reply_nterror(req
, nt_status
);
1314 END_PROFILE(SMBsearch
);
1319 status_len
= SVAL(p
, 0);
1322 /* dirtype &= ~aDIR; */
1324 if (status_len
== 0) {
1325 SMB_STRUCT_STAT sbuf
;
1327 nt_status
= unix_convert(ctx
, conn
, path
, True
,
1328 &directory
, NULL
, &sbuf
);
1329 if (!NT_STATUS_IS_OK(nt_status
)) {
1330 reply_nterror(req
, nt_status
);
1331 END_PROFILE(SMBsearch
);
1335 nt_status
= check_name(conn
, directory
);
1336 if (!NT_STATUS_IS_OK(nt_status
)) {
1337 reply_nterror(req
, nt_status
);
1338 END_PROFILE(SMBsearch
);
1342 p
= strrchr_m(directory
,'/');
1345 directory
= talloc_strdup(ctx
,".");
1347 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1348 END_PROFILE(SMBsearch
);
1356 if (*directory
== '\0') {
1357 directory
= talloc_strdup(ctx
,".");
1359 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1360 END_PROFILE(SMBsearch
);
1364 memset((char *)status
,'\0',21);
1365 SCVAL(status
,0,(dirtype
& 0x1F));
1367 nt_status
= dptr_create(conn
,
1373 mask_contains_wcard
,
1376 if (!NT_STATUS_IS_OK(nt_status
)) {
1377 reply_nterror(req
, nt_status
);
1378 END_PROFILE(SMBsearch
);
1381 dptr_num
= dptr_dnum(conn
->dirptr
);
1385 memcpy(status
,p
,21);
1386 status_dirtype
= CVAL(status
,0) & 0x1F;
1387 if (status_dirtype
!= (dirtype
& 0x1F)) {
1388 dirtype
= status_dirtype
;
1391 conn
->dirptr
= dptr_fetch(status
+12,&dptr_num
);
1392 if (!conn
->dirptr
) {
1395 string_set(&conn
->dirpath
,dptr_path(dptr_num
));
1396 mask
= dptr_wcard(dptr_num
);
1401 * For a 'continue' search we have no string. So
1402 * check from the initial saved string.
1404 mask_contains_wcard
= ms_has_wild(mask
);
1405 dirtype
= dptr_attr(dptr_num
);
1408 DEBUG(4,("dptr_num is %d\n",dptr_num
));
1410 if ((dirtype
&0x1F) == aVOLID
) {
1411 char buf
[DIR_STRUCT_SIZE
];
1412 memcpy(buf
,status
,21);
1413 if (!make_dir_struct(ctx
,buf
,"???????????",volume_label(SNUM(conn
)),
1414 0,aVOLID
,0,!allow_long_path_components
)) {
1415 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1416 END_PROFILE(SMBsearch
);
1419 dptr_fill(buf
+12,dptr_num
);
1420 if (dptr_zero(buf
+12) && (status_len
==0)) {
1425 if (message_push_blob(&req
->outbuf
,
1426 data_blob_const(buf
, sizeof(buf
)))
1428 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1429 END_PROFILE(SMBsearch
);
1437 ((uint8
*)smb_buf(req
->outbuf
) + 3 - req
->outbuf
))
1440 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1441 conn
->dirpath
,lp_dontdescend(SNUM(conn
))));
1442 if (in_list(conn
->dirpath
, lp_dontdescend(SNUM(conn
)),True
)) {
1443 check_descend
= True
;
1446 for (i
=numentries
;(i
<maxentries
) && !finished
;i
++) {
1447 finished
= !get_dir_entry(ctx
,
1458 char buf
[DIR_STRUCT_SIZE
];
1459 memcpy(buf
,status
,21);
1460 if (!make_dir_struct(ctx
,
1467 !allow_long_path_components
)) {
1468 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1469 END_PROFILE(SMBsearch
);
1472 if (!dptr_fill(buf
+12,dptr_num
)) {
1475 if (message_push_blob(&req
->outbuf
,
1476 data_blob_const(buf
, sizeof(buf
)))
1478 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1479 END_PROFILE(SMBsearch
);
1489 /* If we were called as SMBffirst with smb_search_id == NULL
1490 and no entries were found then return error and close dirptr
1493 if (numentries
== 0) {
1494 dptr_close(&dptr_num
);
1495 } else if(expect_close
&& status_len
== 0) {
1496 /* Close the dptr - we know it's gone */
1497 dptr_close(&dptr_num
);
1500 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1501 if(dptr_num
>= 0 && CVAL(req
->inbuf
,smb_com
) == SMBfunique
) {
1502 dptr_close(&dptr_num
);
1505 if ((numentries
== 0) && !mask_contains_wcard
) {
1506 reply_botherror(req
, STATUS_NO_MORE_FILES
, ERRDOS
, ERRnofiles
);
1507 END_PROFILE(SMBsearch
);
1511 SSVAL(req
->outbuf
,smb_vwv0
,numentries
);
1512 SSVAL(req
->outbuf
,smb_vwv1
,3 + numentries
* DIR_STRUCT_SIZE
);
1513 SCVAL(smb_buf(req
->outbuf
),0,5);
1514 SSVAL(smb_buf(req
->outbuf
),1,numentries
*DIR_STRUCT_SIZE
);
1516 /* The replies here are never long name. */
1517 SSVAL(req
->outbuf
, smb_flg2
,
1518 SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_IS_LONG_NAME
));
1519 if (!allow_long_path_components
) {
1520 SSVAL(req
->outbuf
, smb_flg2
,
1521 SVAL(req
->outbuf
, smb_flg2
)
1522 & (~FLAGS2_LONG_PATH_COMPONENTS
));
1525 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1526 SSVAL(req
->outbuf
, smb_flg2
,
1527 (SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_UNICODE_STRINGS
)));
1530 directory
= dptr_path(dptr_num
);
1533 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1534 smb_fn_name(CVAL(req
->inbuf
,smb_com
)),
1536 directory
? directory
: "./",
1541 END_PROFILE(SMBsearch
);
1545 /****************************************************************************
1546 Reply to a fclose (stop directory search).
1547 ****************************************************************************/
1549 void reply_fclose(struct smb_request
*req
)
1557 bool path_contains_wcard
= False
;
1558 TALLOC_CTX
*ctx
= talloc_tos();
1560 START_PROFILE(SMBfclose
);
1562 if (lp_posix_pathnames()) {
1563 reply_unknown_new(req
, CVAL(req
->inbuf
, smb_com
));
1564 END_PROFILE(SMBfclose
);
1568 p
= smb_buf(req
->inbuf
) + 1;
1569 p
+= srvstr_get_path_wcard(ctx
,
1577 &path_contains_wcard
);
1578 if (!NT_STATUS_IS_OK(err
)) {
1579 reply_nterror(req
, err
);
1580 END_PROFILE(SMBfclose
);
1584 status_len
= SVAL(p
,0);
1587 if (status_len
== 0) {
1588 reply_doserror(req
, ERRSRV
, ERRsrverror
);
1589 END_PROFILE(SMBfclose
);
1593 memcpy(status
,p
,21);
1595 if(dptr_fetch(status
+12,&dptr_num
)) {
1596 /* Close the dptr - we know it's gone */
1597 dptr_close(&dptr_num
);
1600 reply_outbuf(req
, 1, 0);
1601 SSVAL(req
->outbuf
,smb_vwv0
,0);
1603 DEBUG(3,("search close\n"));
1605 END_PROFILE(SMBfclose
);
1609 /****************************************************************************
1611 ****************************************************************************/
1613 void reply_open(struct smb_request
*req
)
1615 connection_struct
*conn
= req
->conn
;
1621 SMB_STRUCT_STAT sbuf
;
1628 uint32 create_disposition
;
1629 uint32 create_options
= 0;
1631 TALLOC_CTX
*ctx
= talloc_tos();
1633 START_PROFILE(SMBopen
);
1636 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1637 END_PROFILE(SMBopen
);
1641 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1642 deny_mode
= SVAL(req
->inbuf
,smb_vwv0
);
1643 dos_attr
= SVAL(req
->inbuf
,smb_vwv1
);
1645 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
1646 smb_buf(req
->inbuf
)+1, 0,
1647 STR_TERMINATE
, &status
);
1648 if (!NT_STATUS_IS_OK(status
)) {
1649 reply_nterror(req
, status
);
1650 END_PROFILE(SMBopen
);
1654 if (!map_open_params_to_ntcreate(
1655 fname
, deny_mode
, OPENX_FILE_EXISTS_OPEN
, &access_mask
,
1656 &share_mode
, &create_disposition
, &create_options
)) {
1657 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1658 END_PROFILE(SMBopen
);
1662 status
= create_file(conn
, /* conn */
1664 0, /* root_dir_fid */
1666 access_mask
, /* access_mask */
1667 share_mode
, /* share_access */
1668 create_disposition
, /* create_disposition*/
1669 create_options
, /* create_options */
1670 dos_attr
, /* file_attributes */
1671 oplock_request
, /* oplock_request */
1672 0, /* allocation_size */
1679 if (!NT_STATUS_IS_OK(status
)) {
1680 if (open_was_deferred(req
->mid
)) {
1681 /* We have re-scheduled this call. */
1682 END_PROFILE(SMBopen
);
1685 reply_openerror(req
, status
);
1686 END_PROFILE(SMBopen
);
1690 size
= sbuf
.st_size
;
1691 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1692 mtime
= sbuf
.st_mtime
;
1695 DEBUG(3,("attempt to open a directory %s\n",fsp
->fsp_name
));
1696 close_file(fsp
,ERROR_CLOSE
);
1697 reply_doserror(req
, ERRDOS
,ERRnoaccess
);
1698 END_PROFILE(SMBopen
);
1702 reply_outbuf(req
, 7, 0);
1703 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
1704 SSVAL(req
->outbuf
,smb_vwv1
,fattr
);
1705 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1706 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
& ~1);
1708 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
);
1710 SIVAL(req
->outbuf
,smb_vwv4
,(uint32
)size
);
1711 SSVAL(req
->outbuf
,smb_vwv6
,deny_mode
);
1713 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1714 SCVAL(req
->outbuf
,smb_flg
,
1715 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1718 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1719 SCVAL(req
->outbuf
,smb_flg
,
1720 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1722 END_PROFILE(SMBopen
);
1726 /****************************************************************************
1727 Reply to an open and X.
1728 ****************************************************************************/
1730 void reply_open_and_X(struct smb_request
*req
)
1732 connection_struct
*conn
= req
->conn
;
1737 /* Breakout the oplock request bits so we can set the
1738 reply bits separately. */
1739 int ex_oplock_request
;
1740 int core_oplock_request
;
1743 int smb_sattr
= SVAL(req
->inbuf
,smb_vwv4
);
1744 uint32 smb_time
= make_unix_date3(req
->inbuf
+smb_vwv6
);
1749 SMB_STRUCT_STAT sbuf
;
1753 SMB_BIG_UINT allocation_size
;
1754 ssize_t retval
= -1;
1757 uint32 create_disposition
;
1758 uint32 create_options
= 0;
1759 TALLOC_CTX
*ctx
= talloc_tos();
1761 START_PROFILE(SMBopenX
);
1763 if (req
->wct
< 15) {
1764 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1765 END_PROFILE(SMBopenX
);
1769 open_flags
= SVAL(req
->inbuf
,smb_vwv2
);
1770 deny_mode
= SVAL(req
->inbuf
,smb_vwv3
);
1771 smb_attr
= SVAL(req
->inbuf
,smb_vwv5
);
1772 ex_oplock_request
= EXTENDED_OPLOCK_REQUEST(req
->inbuf
);
1773 core_oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1774 oplock_request
= ex_oplock_request
| core_oplock_request
;
1775 smb_ofun
= SVAL(req
->inbuf
,smb_vwv8
);
1776 allocation_size
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv9
);
1778 /* If it's an IPC, pass off the pipe handler. */
1780 if (lp_nt_pipe_support()) {
1781 reply_open_pipe_and_X(conn
, req
);
1783 reply_doserror(req
, ERRSRV
, ERRaccess
);
1785 END_PROFILE(SMBopenX
);
1789 /* XXXX we need to handle passed times, sattr and flags */
1790 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
1791 smb_buf(req
->inbuf
), 0, STR_TERMINATE
,
1793 if (!NT_STATUS_IS_OK(status
)) {
1794 reply_nterror(req
, status
);
1795 END_PROFILE(SMBopenX
);
1799 if (!map_open_params_to_ntcreate(
1800 fname
, deny_mode
, smb_ofun
, &access_mask
,
1801 &share_mode
, &create_disposition
, &create_options
)) {
1802 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1803 END_PROFILE(SMBopenX
);
1807 status
= create_file(conn
, /* conn */
1809 0, /* root_dir_fid */
1811 access_mask
, /* access_mask */
1812 share_mode
, /* share_access */
1813 create_disposition
, /* create_disposition*/
1814 create_options
, /* create_options */
1815 smb_attr
, /* file_attributes */
1816 oplock_request
, /* oplock_request */
1817 0, /* allocation_size */
1821 &smb_action
, /* pinfo */
1824 if (!NT_STATUS_IS_OK(status
)) {
1825 END_PROFILE(SMBopenX
);
1826 if (open_was_deferred(req
->mid
)) {
1827 /* We have re-scheduled this call. */
1830 reply_openerror(req
, status
);
1834 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1835 if the file is truncated or created. */
1836 if (((smb_action
== FILE_WAS_CREATED
) || (smb_action
== FILE_WAS_OVERWRITTEN
)) && allocation_size
) {
1837 fsp
->initial_allocation_size
= smb_roundup(fsp
->conn
, allocation_size
);
1838 if (vfs_allocate_file_space(fsp
, fsp
->initial_allocation_size
) == -1) {
1839 close_file(fsp
,ERROR_CLOSE
);
1840 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1841 END_PROFILE(SMBopenX
);
1844 retval
= vfs_set_filelen(fsp
, (SMB_OFF_T
)allocation_size
);
1846 close_file(fsp
,ERROR_CLOSE
);
1847 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1848 END_PROFILE(SMBopenX
);
1851 sbuf
.st_size
= get_allocation_size(conn
,fsp
,&sbuf
);
1854 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1855 mtime
= sbuf
.st_mtime
;
1857 close_file(fsp
,ERROR_CLOSE
);
1858 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
1859 END_PROFILE(SMBopenX
);
1863 /* If the caller set the extended oplock request bit
1864 and we granted one (by whatever means) - set the
1865 correct bit for extended oplock reply.
1868 if (ex_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1869 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1872 if(ex_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1873 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1876 /* If the caller set the core oplock request bit
1877 and we granted one (by whatever means) - set the
1878 correct bit for core oplock reply.
1881 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1882 reply_outbuf(req
, 19, 0);
1884 reply_outbuf(req
, 15, 0);
1887 if (core_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1888 SCVAL(req
->outbuf
, smb_flg
,
1889 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1892 if(core_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1893 SCVAL(req
->outbuf
, smb_flg
,
1894 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1897 SSVAL(req
->outbuf
,smb_vwv2
,fsp
->fnum
);
1898 SSVAL(req
->outbuf
,smb_vwv3
,fattr
);
1899 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1900 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
& ~1);
1902 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
);
1904 SIVAL(req
->outbuf
,smb_vwv6
,(uint32
)sbuf
.st_size
);
1905 SSVAL(req
->outbuf
,smb_vwv8
,GET_OPENX_MODE(deny_mode
));
1906 SSVAL(req
->outbuf
,smb_vwv11
,smb_action
);
1908 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1909 SIVAL(req
->outbuf
, smb_vwv15
, STD_RIGHT_ALL_ACCESS
);
1912 END_PROFILE(SMBopenX
);
1917 /****************************************************************************
1918 Reply to a SMBulogoffX.
1919 ****************************************************************************/
1921 void reply_ulogoffX(struct smb_request
*req
)
1925 START_PROFILE(SMBulogoffX
);
1927 vuser
= get_valid_user_struct(req
->vuid
);
1930 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1934 /* in user level security we are supposed to close any files
1935 open by this user */
1936 if ((vuser
!= NULL
) && (lp_security() != SEC_SHARE
)) {
1937 file_close_user(req
->vuid
);
1940 invalidate_vuid(req
->vuid
);
1942 reply_outbuf(req
, 2, 0);
1944 DEBUG( 3, ( "ulogoffX vuid=%d\n", req
->vuid
) );
1946 END_PROFILE(SMBulogoffX
);
1950 /****************************************************************************
1951 Reply to a mknew or a create.
1952 ****************************************************************************/
1954 void reply_mknew(struct smb_request
*req
)
1956 connection_struct
*conn
= req
->conn
;
1960 struct timespec ts
[2];
1962 int oplock_request
= 0;
1963 SMB_STRUCT_STAT sbuf
;
1965 uint32 access_mask
= FILE_GENERIC_READ
| FILE_GENERIC_WRITE
;
1966 uint32 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1967 uint32 create_disposition
;
1968 uint32 create_options
= 0;
1969 TALLOC_CTX
*ctx
= talloc_tos();
1971 START_PROFILE(SMBcreate
);
1974 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1975 END_PROFILE(SMBcreate
);
1979 fattr
= SVAL(req
->inbuf
,smb_vwv0
);
1980 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1981 com
= SVAL(req
->inbuf
,smb_com
);
1983 ts
[1] =convert_time_t_to_timespec(
1984 srv_make_unix_date3(req
->inbuf
+ smb_vwv1
));
1987 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
1988 smb_buf(req
->inbuf
) + 1, 0,
1989 STR_TERMINATE
, &status
);
1990 if (!NT_STATUS_IS_OK(status
)) {
1991 reply_nterror(req
, status
);
1992 END_PROFILE(SMBcreate
);
1996 if (fattr
& aVOLID
) {
1997 DEBUG(0,("Attempt to create file (%s) with volid set - "
1998 "please report this\n", fname
));
2001 if(com
== SMBmknew
) {
2002 /* We should fail if file exists. */
2003 create_disposition
= FILE_CREATE
;
2005 /* Create if file doesn't exist, truncate if it does. */
2006 create_disposition
= FILE_OVERWRITE_IF
;
2009 status
= create_file(conn
, /* conn */
2011 0, /* root_dir_fid */
2013 access_mask
, /* access_mask */
2014 share_mode
, /* share_access */
2015 create_disposition
, /* create_disposition*/
2016 create_options
, /* create_options */
2017 fattr
, /* file_attributes */
2018 oplock_request
, /* oplock_request */
2019 0, /* allocation_size */
2026 if (!NT_STATUS_IS_OK(status
)) {
2027 END_PROFILE(SMBcreate
);
2028 if (open_was_deferred(req
->mid
)) {
2029 /* We have re-scheduled this call. */
2032 reply_openerror(req
, status
);
2036 ts
[0] = get_atimespec(&sbuf
); /* atime. */
2037 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
, &sbuf
, ts
, true);
2038 if (!NT_STATUS_IS_OK(status
)) {
2039 END_PROFILE(SMBcreate
);
2040 reply_openerror(req
, status
);
2044 reply_outbuf(req
, 1, 0);
2045 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2047 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2048 SCVAL(req
->outbuf
,smb_flg
,
2049 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2052 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2053 SCVAL(req
->outbuf
,smb_flg
,
2054 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2057 DEBUG( 2, ( "reply_mknew: file %s\n", fsp
->fsp_name
) );
2058 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2059 fsp
->fsp_name
, fsp
->fh
->fd
, (unsigned int)fattr
) );
2061 END_PROFILE(SMBcreate
);
2065 /****************************************************************************
2066 Reply to a create temporary file.
2067 ****************************************************************************/
2069 void reply_ctemp(struct smb_request
*req
)
2071 connection_struct
*conn
= req
->conn
;
2077 SMB_STRUCT_STAT sbuf
;
2080 TALLOC_CTX
*ctx
= talloc_tos();
2082 START_PROFILE(SMBctemp
);
2085 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2086 END_PROFILE(SMBctemp
);
2090 fattr
= SVAL(req
->inbuf
,smb_vwv0
);
2091 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
2093 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &fname
,
2094 smb_buf(req
->inbuf
)+1, 0, STR_TERMINATE
,
2096 if (!NT_STATUS_IS_OK(status
)) {
2097 reply_nterror(req
, status
);
2098 END_PROFILE(SMBctemp
);
2102 fname
= talloc_asprintf(ctx
,
2106 fname
= talloc_strdup(ctx
, "TMXXXXXX");
2110 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2111 END_PROFILE(SMBctemp
);
2115 status
= resolve_dfspath(ctx
, conn
,
2116 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2119 if (!NT_STATUS_IS_OK(status
)) {
2120 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2121 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2122 ERRSRV
, ERRbadpath
);
2123 END_PROFILE(SMBctemp
);
2126 reply_nterror(req
, status
);
2127 END_PROFILE(SMBctemp
);
2131 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
2132 if (!NT_STATUS_IS_OK(status
)) {
2133 reply_nterror(req
, status
);
2134 END_PROFILE(SMBctemp
);
2138 status
= check_name(conn
, CONST_DISCARD(char *,fname
));
2139 if (!NT_STATUS_IS_OK(status
)) {
2140 reply_nterror(req
, status
);
2141 END_PROFILE(SMBctemp
);
2145 tmpfd
= smb_mkstemp(fname
);
2147 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
2148 END_PROFILE(SMBctemp
);
2152 SMB_VFS_STAT(conn
,fname
,&sbuf
);
2154 /* We should fail if file does not exist. */
2155 status
= open_file_ntcreate(conn
, req
, fname
, &sbuf
,
2156 FILE_GENERIC_READ
| FILE_GENERIC_WRITE
,
2157 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
2164 /* close fd from smb_mkstemp() */
2167 if (!NT_STATUS_IS_OK(status
)) {
2168 if (open_was_deferred(req
->mid
)) {
2169 /* We have re-scheduled this call. */
2170 END_PROFILE(SMBctemp
);
2173 reply_openerror(req
, status
);
2174 END_PROFILE(SMBctemp
);
2178 reply_outbuf(req
, 1, 0);
2179 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2181 /* the returned filename is relative to the directory */
2182 s
= strrchr_m(fsp
->fsp_name
, '/');
2190 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2191 thing in the byte section. JRA */
2192 SSVALS(p
, 0, -1); /* what is this? not in spec */
2194 if (message_push_string(&req
->outbuf
, s
, STR_ASCII
|STR_TERMINATE
)
2196 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2197 END_PROFILE(SMBctemp
);
2201 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2202 SCVAL(req
->outbuf
, smb_flg
,
2203 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2206 if (EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2207 SCVAL(req
->outbuf
, smb_flg
,
2208 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2211 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp
->fsp_name
) );
2212 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp
->fsp_name
,
2213 fsp
->fh
->fd
, (unsigned int)sbuf
.st_mode
) );
2215 END_PROFILE(SMBctemp
);
2219 /*******************************************************************
2220 Check if a user is allowed to rename a file.
2221 ********************************************************************/
2223 static NTSTATUS
can_rename(connection_struct
*conn
, files_struct
*fsp
,
2224 uint16 dirtype
, SMB_STRUCT_STAT
*pst
)
2228 if (!CAN_WRITE(conn
)) {
2229 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2232 fmode
= dos_mode(conn
, fsp
->fsp_name
, pst
);
2233 if ((fmode
& ~dirtype
) & (aHIDDEN
| aSYSTEM
)) {
2234 return NT_STATUS_NO_SUCH_FILE
;
2237 if (S_ISDIR(pst
->st_mode
)) {
2238 return NT_STATUS_OK
;
2241 if (fsp
->access_mask
& (DELETE_ACCESS
|FILE_WRITE_ATTRIBUTES
)) {
2242 return NT_STATUS_OK
;
2245 return NT_STATUS_ACCESS_DENIED
;
2248 /*******************************************************************
2249 * unlink a file with all relevant access checks
2250 *******************************************************************/
2252 static NTSTATUS
do_unlink(connection_struct
*conn
,
2253 struct smb_request
*req
,
2257 SMB_STRUCT_STAT sbuf
;
2260 uint32 dirtype_orig
= dirtype
;
2263 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname
, dirtype
));
2265 if (!CAN_WRITE(conn
)) {
2266 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2269 if (SMB_VFS_LSTAT(conn
,fname
,&sbuf
) != 0) {
2270 return map_nt_error_from_unix(errno
);
2273 fattr
= dos_mode(conn
,fname
,&sbuf
);
2275 if (dirtype
& FILE_ATTRIBUTE_NORMAL
) {
2276 dirtype
= aDIR
|aARCH
|aRONLY
;
2279 dirtype
&= (aDIR
|aARCH
|aRONLY
|aHIDDEN
|aSYSTEM
);
2281 return NT_STATUS_NO_SUCH_FILE
;
2284 if (!dir_check_ftype(conn
, fattr
, dirtype
)) {
2286 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2288 return NT_STATUS_NO_SUCH_FILE
;
2291 if (dirtype_orig
& 0x8000) {
2292 /* These will never be set for POSIX. */
2293 return NT_STATUS_NO_SUCH_FILE
;
2297 if ((fattr
& dirtype
) & FILE_ATTRIBUTE_DIRECTORY
) {
2298 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2301 if ((fattr
& ~dirtype
) & (FILE_ATTRIBUTE_HIDDEN
|FILE_ATTRIBUTE_SYSTEM
)) {
2302 return NT_STATUS_NO_SUCH_FILE
;
2305 if (dirtype
& 0xFF00) {
2306 /* These will never be set for POSIX. */
2307 return NT_STATUS_NO_SUCH_FILE
;
2312 return NT_STATUS_NO_SUCH_FILE
;
2315 /* Can't delete a directory. */
2317 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2322 else if (dirtype
& aDIR
) /* Asked for a directory and it isn't. */
2323 return NT_STATUS_OBJECT_NAME_INVALID
;
2324 #endif /* JRATEST */
2326 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2328 On a Windows share, a file with read-only dosmode can be opened with
2329 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2330 fails with NT_STATUS_CANNOT_DELETE error.
2332 This semantic causes a problem that a user can not
2333 rename a file with read-only dosmode on a Samba share
2334 from a Windows command prompt (i.e. cmd.exe, but can rename
2335 from Windows Explorer).
2338 if (!lp_delete_readonly(SNUM(conn
))) {
2339 if (fattr
& aRONLY
) {
2340 return NT_STATUS_CANNOT_DELETE
;
2344 /* On open checks the open itself will check the share mode, so
2345 don't do it here as we'll get it wrong. */
2347 status
= create_file_unixpath
2351 DELETE_ACCESS
, /* access_mask */
2352 FILE_SHARE_NONE
, /* share_access */
2353 FILE_OPEN
, /* create_disposition*/
2354 FILE_NON_DIRECTORY_FILE
, /* create_options */
2355 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
2356 0, /* oplock_request */
2357 0, /* allocation_size */
2364 if (!NT_STATUS_IS_OK(status
)) {
2365 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2366 nt_errstr(status
)));
2370 /* The set is across all open files on this dev/inode pair. */
2371 if (!set_delete_on_close(fsp
, True
, ¤t_user
.ut
)) {
2372 close_file(fsp
, NORMAL_CLOSE
);
2373 return NT_STATUS_ACCESS_DENIED
;
2376 return close_file(fsp
,NORMAL_CLOSE
);
2379 /****************************************************************************
2380 The guts of the unlink command, split out so it may be called by the NT SMB
2382 ****************************************************************************/
2384 NTSTATUS
unlink_internals(connection_struct
*conn
, struct smb_request
*req
,
2385 uint32 dirtype
, const char *name_in
, bool has_wild
)
2387 const char *directory
= NULL
;
2392 NTSTATUS status
= NT_STATUS_OK
;
2393 SMB_STRUCT_STAT sbuf
;
2394 TALLOC_CTX
*ctx
= talloc_tos();
2396 status
= unix_convert(ctx
, conn
, name_in
, has_wild
, &name
, NULL
, &sbuf
);
2397 if (!NT_STATUS_IS_OK(status
)) {
2401 p
= strrchr_m(name
,'/');
2403 directory
= talloc_strdup(ctx
, ".");
2405 return NT_STATUS_NO_MEMORY
;
2415 * We should only check the mangled cache
2416 * here if unix_convert failed. This means
2417 * that the path in 'mask' doesn't exist
2418 * on the file system and so we need to look
2419 * for a possible mangle. This patch from
2420 * Tine Smukavec <valentin.smukavec@hermes.si>.
2423 if (!VALID_STAT(sbuf
) && mangle_is_mangled(mask
,conn
->params
)) {
2424 char *new_mask
= NULL
;
2425 mangle_lookup_name_from_8_3(ctx
,
2435 directory
= talloc_asprintf(ctx
,
2440 return NT_STATUS_NO_MEMORY
;
2443 dirtype
= FILE_ATTRIBUTE_NORMAL
;
2446 status
= check_name(conn
, directory
);
2447 if (!NT_STATUS_IS_OK(status
)) {
2451 status
= do_unlink(conn
, req
, directory
, dirtype
);
2452 if (!NT_STATUS_IS_OK(status
)) {
2458 struct smb_Dir
*dir_hnd
= NULL
;
2462 if ((dirtype
& SAMBA_ATTRIBUTES_MASK
) == aDIR
) {
2463 return NT_STATUS_OBJECT_NAME_INVALID
;
2466 if (strequal(mask
,"????????.???")) {
2471 status
= check_name(conn
, directory
);
2472 if (!NT_STATUS_IS_OK(status
)) {
2476 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
,
2478 if (dir_hnd
== NULL
) {
2479 return map_nt_error_from_unix(errno
);
2482 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2483 the pattern matches against the long name, otherwise the short name
2484 We don't implement this yet XXXX
2487 status
= NT_STATUS_NO_SUCH_FILE
;
2489 while ((dname
= ReadDirName(dir_hnd
, &offset
))) {
2493 if (!is_visible_file(conn
, directory
, dname
, &st
, True
)) {
2497 /* Quick check for "." and ".." */
2498 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
2502 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
2506 fname
= talloc_asprintf(ctx
, "%s/%s",
2510 return NT_STATUS_NO_MEMORY
;
2513 status
= check_name(conn
, fname
);
2514 if (!NT_STATUS_IS_OK(status
)) {
2515 TALLOC_FREE(dir_hnd
);
2519 status
= do_unlink(conn
, req
, fname
, dirtype
);
2520 if (!NT_STATUS_IS_OK(status
)) {
2526 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2531 TALLOC_FREE(dir_hnd
);
2534 if (count
== 0 && NT_STATUS_IS_OK(status
) && errno
!= 0) {
2535 status
= map_nt_error_from_unix(errno
);
2541 /****************************************************************************
2543 ****************************************************************************/
2545 void reply_unlink(struct smb_request
*req
)
2547 connection_struct
*conn
= req
->conn
;
2551 bool path_contains_wcard
= False
;
2552 TALLOC_CTX
*ctx
= talloc_tos();
2554 START_PROFILE(SMBunlink
);
2557 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2558 END_PROFILE(SMBunlink
);
2562 dirtype
= SVAL(req
->inbuf
,smb_vwv0
);
2564 srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &name
,
2565 smb_buf(req
->inbuf
) + 1, 0,
2566 STR_TERMINATE
, &status
, &path_contains_wcard
);
2567 if (!NT_STATUS_IS_OK(status
)) {
2568 reply_nterror(req
, status
);
2569 END_PROFILE(SMBunlink
);
2573 status
= resolve_dfspath_wcard(ctx
, conn
,
2574 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2577 &path_contains_wcard
);
2578 if (!NT_STATUS_IS_OK(status
)) {
2579 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2580 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2581 ERRSRV
, ERRbadpath
);
2582 END_PROFILE(SMBunlink
);
2585 reply_nterror(req
, status
);
2586 END_PROFILE(SMBunlink
);
2590 DEBUG(3,("reply_unlink : %s\n",name
));
2592 status
= unlink_internals(conn
, req
, dirtype
, name
,
2593 path_contains_wcard
);
2594 if (!NT_STATUS_IS_OK(status
)) {
2595 if (open_was_deferred(req
->mid
)) {
2596 /* We have re-scheduled this call. */
2597 END_PROFILE(SMBunlink
);
2600 reply_nterror(req
, status
);
2601 END_PROFILE(SMBunlink
);
2605 reply_outbuf(req
, 0, 0);
2606 END_PROFILE(SMBunlink
);
2611 /****************************************************************************
2613 ****************************************************************************/
2615 static void fail_readraw(void)
2617 const char *errstr
= talloc_asprintf(talloc_tos(),
2618 "FAIL ! reply_readbraw: socket write fail (%s)",
2623 exit_server_cleanly(errstr
);
2626 /****************************************************************************
2627 Fake (read/write) sendfile. Returns -1 on read or write fail.
2628 ****************************************************************************/
2630 static ssize_t
fake_sendfile(files_struct
*fsp
, SMB_OFF_T startpos
,
2634 size_t tosend
= nread
;
2641 bufsize
= MIN(nread
, 65536);
2643 if (!(buf
= SMB_MALLOC_ARRAY(char, bufsize
))) {
2647 while (tosend
> 0) {
2651 if (tosend
> bufsize
) {
2656 ret
= read_file(fsp
,buf
,startpos
,cur_read
);
2662 /* If we had a short read, fill with zeros. */
2663 if (ret
< cur_read
) {
2664 memset(buf
, '\0', cur_read
- ret
);
2667 if (write_data(smbd_server_fd(),buf
,cur_read
) != cur_read
) {
2672 startpos
+= cur_read
;
2676 return (ssize_t
)nread
;
2679 /****************************************************************************
2680 Return a readbraw error (4 bytes of zero).
2681 ****************************************************************************/
2683 static void reply_readbraw_error(void)
2687 if (write_data(smbd_server_fd(),header
,4) != 4) {
2692 /****************************************************************************
2693 Use sendfile in readbraw.
2694 ****************************************************************************/
2696 void send_file_readbraw(connection_struct
*conn
,
2702 char *outbuf
= NULL
;
2705 #if defined(WITH_SENDFILE)
2707 * We can only use sendfile on a non-chained packet
2708 * but we can use on a non-oplocked file. tridge proved this
2709 * on a train in Germany :-). JRA.
2710 * reply_readbraw has already checked the length.
2713 if ( (chain_size
== 0) && (nread
> 0) && (fsp
->base_fsp
== NULL
) &&
2714 (fsp
->wcp
== NULL
) && lp_use_sendfile(SNUM(conn
)) ) {
2716 DATA_BLOB header_blob
;
2718 _smb_setlen(header
,nread
);
2719 header_blob
= data_blob_const(header
, 4);
2721 if (SMB_VFS_SENDFILE(smbd_server_fd(), fsp
,
2722 &header_blob
, startpos
, nread
) == -1) {
2723 /* Returning ENOSYS means no data at all was sent.
2724 * Do this as a normal read. */
2725 if (errno
== ENOSYS
) {
2726 goto normal_readbraw
;
2730 * Special hack for broken Linux with no working sendfile. If we
2731 * return EINTR we sent the header but not the rest of the data.
2732 * Fake this up by doing read/write calls.
2734 if (errno
== EINTR
) {
2735 /* Ensure we don't do this again. */
2736 set_use_sendfile(SNUM(conn
), False
);
2737 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2739 if (fake_sendfile(fsp
, startpos
, nread
) == -1) {
2740 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2741 fsp
->fsp_name
, strerror(errno
) ));
2742 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2747 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2748 fsp
->fsp_name
, strerror(errno
) ));
2749 exit_server_cleanly("send_file_readbraw sendfile failed");
2758 outbuf
= TALLOC_ARRAY(NULL
, char, nread
+4);
2760 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2761 (unsigned)(nread
+4)));
2762 reply_readbraw_error();
2767 ret
= read_file(fsp
,outbuf
+4,startpos
,nread
);
2768 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2777 _smb_setlen(outbuf
,ret
);
2778 if (write_data(smbd_server_fd(),outbuf
,4+ret
) != 4+ret
)
2781 TALLOC_FREE(outbuf
);
2784 /****************************************************************************
2785 Reply to a readbraw (core+ protocol).
2786 ****************************************************************************/
2788 void reply_readbraw(struct smb_request
*req
)
2790 connection_struct
*conn
= req
->conn
;
2791 ssize_t maxcount
,mincount
;
2798 START_PROFILE(SMBreadbraw
);
2800 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
2801 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2802 "raw reads/writes are disallowed.");
2806 reply_readbraw_error();
2807 END_PROFILE(SMBreadbraw
);
2812 * Special check if an oplock break has been issued
2813 * and the readraw request croses on the wire, we must
2814 * return a zero length response here.
2817 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
2820 * We have to do a check_fsp by hand here, as
2821 * we must always return 4 zero bytes on error,
2825 if (!fsp
|| !conn
|| conn
!= fsp
->conn
||
2826 current_user
.vuid
!= fsp
->vuid
||
2827 fsp
->is_directory
|| fsp
->fh
->fd
== -1) {
2829 * fsp could be NULL here so use the value from the packet. JRA.
2831 DEBUG(3,("reply_readbraw: fnum %d not valid "
2833 (int)SVAL(req
->inbuf
,smb_vwv0
)));
2834 reply_readbraw_error();
2835 END_PROFILE(SMBreadbraw
);
2839 /* Do a "by hand" version of CHECK_READ. */
2840 if (!(fsp
->can_read
||
2841 ((req
->flags2
& FLAGS2_READ_PERMIT_EXECUTE
) &&
2842 (fsp
->access_mask
& FILE_EXECUTE
)))) {
2843 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2844 (int)SVAL(req
->inbuf
,smb_vwv0
)));
2845 reply_readbraw_error();
2846 END_PROFILE(SMBreadbraw
);
2850 flush_write_cache(fsp
, READRAW_FLUSH
);
2852 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv1
);
2853 if(req
->wct
== 10) {
2855 * This is a large offset (64 bit) read.
2857 #ifdef LARGE_SMB_OFF_T
2859 startpos
|= (((SMB_OFF_T
)IVAL(req
->inbuf
,smb_vwv8
)) << 32);
2861 #else /* !LARGE_SMB_OFF_T */
2864 * Ensure we haven't been sent a >32 bit offset.
2867 if(IVAL(req
->inbuf
,smb_vwv8
) != 0) {
2868 DEBUG(0,("reply_readbraw: large offset "
2869 "(%x << 32) used and we don't support "
2870 "64 bit offsets.\n",
2871 (unsigned int)IVAL(req
->inbuf
,smb_vwv8
) ));
2872 reply_readbraw_error();
2873 END_PROFILE(SMBreadbraw
);
2877 #endif /* LARGE_SMB_OFF_T */
2880 DEBUG(0,("reply_readbraw: negative 64 bit "
2881 "readraw offset (%.0f) !\n",
2882 (double)startpos
));
2883 reply_readbraw_error();
2884 END_PROFILE(SMBreadbraw
);
2889 maxcount
= (SVAL(req
->inbuf
,smb_vwv3
) & 0xFFFF);
2890 mincount
= (SVAL(req
->inbuf
,smb_vwv4
) & 0xFFFF);
2892 /* ensure we don't overrun the packet size */
2893 maxcount
= MIN(65535,maxcount
);
2895 if (is_locked(fsp
,(uint32
)req
->smbpid
,
2896 (SMB_BIG_UINT
)maxcount
,
2897 (SMB_BIG_UINT
)startpos
,
2899 reply_readbraw_error();
2900 END_PROFILE(SMBreadbraw
);
2904 if (SMB_VFS_FSTAT(fsp
, &st
) == 0) {
2908 if (startpos
>= size
) {
2911 nread
= MIN(maxcount
,(size
- startpos
));
2914 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2915 if (nread
< mincount
)
2919 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2920 "min=%lu nread=%lu\n",
2921 fsp
->fnum
, (double)startpos
,
2922 (unsigned long)maxcount
,
2923 (unsigned long)mincount
,
2924 (unsigned long)nread
) );
2926 send_file_readbraw(conn
, fsp
, startpos
, nread
, mincount
);
2928 DEBUG(5,("reply_readbraw finished\n"));
2929 END_PROFILE(SMBreadbraw
);
2933 #define DBGC_CLASS DBGC_LOCKING
2935 /****************************************************************************
2936 Reply to a lockread (core+ protocol).
2937 ****************************************************************************/
2939 void reply_lockread(struct smb_request
*req
)
2941 connection_struct
*conn
= req
->conn
;
2948 struct byte_range_lock
*br_lck
= NULL
;
2951 START_PROFILE(SMBlockread
);
2954 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2955 END_PROFILE(SMBlockread
);
2959 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
2961 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
2962 END_PROFILE(SMBlockread
);
2966 if (!CHECK_READ(fsp
,req
->inbuf
)) {
2967 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
2968 END_PROFILE(SMBlockread
);
2972 release_level_2_oplocks_on_change(fsp
);
2974 numtoread
= SVAL(req
->inbuf
,smb_vwv1
);
2975 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
2977 numtoread
= MIN(BUFFER_SIZE
- (smb_size
+ 3*2 + 3), numtoread
);
2979 reply_outbuf(req
, 5, numtoread
+ 3);
2981 data
= smb_buf(req
->outbuf
) + 3;
2984 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2985 * protocol request that predates the read/write lock concept.
2986 * Thus instead of asking for a read lock here we need to ask
2987 * for a write lock. JRA.
2988 * Note that the requested lock size is unaffected by max_recv.
2991 br_lck
= do_lock(smbd_messaging_context(),
2994 (SMB_BIG_UINT
)numtoread
,
2995 (SMB_BIG_UINT
)startpos
,
2998 False
, /* Non-blocking lock. */
3001 TALLOC_FREE(br_lck
);
3003 if (NT_STATUS_V(status
)) {
3004 reply_nterror(req
, status
);
3005 END_PROFILE(SMBlockread
);
3010 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3013 if (numtoread
> max_recv
) {
3014 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3015 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3016 (unsigned int)numtoread
, (unsigned int)max_recv
));
3017 numtoread
= MIN(numtoread
,max_recv
);
3019 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3022 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3023 END_PROFILE(SMBlockread
);
3027 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3029 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3030 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3031 p
= smb_buf(req
->outbuf
);
3032 SCVAL(p
,0,0); /* pad byte. */
3035 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3036 fsp
->fnum
, (int)numtoread
, (int)nread
));
3038 END_PROFILE(SMBlockread
);
3043 #define DBGC_CLASS DBGC_ALL
3045 /****************************************************************************
3047 ****************************************************************************/
3049 void reply_read(struct smb_request
*req
)
3051 connection_struct
*conn
= req
->conn
;
3059 START_PROFILE(SMBread
);
3062 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3063 END_PROFILE(SMBread
);
3067 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3069 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3070 END_PROFILE(SMBread
);
3074 if (!CHECK_READ(fsp
,req
->inbuf
)) {
3075 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3076 END_PROFILE(SMBread
);
3080 numtoread
= SVAL(req
->inbuf
,smb_vwv1
);
3081 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
3083 numtoread
= MIN(BUFFER_SIZE
-outsize
,numtoread
);
3086 * The requested read size cannot be greater than max_recv. JRA.
3088 if (numtoread
> max_recv
) {
3089 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3090 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3091 (unsigned int)numtoread
, (unsigned int)max_recv
));
3092 numtoread
= MIN(numtoread
,max_recv
);
3095 reply_outbuf(req
, 5, numtoread
+3);
3097 data
= smb_buf(req
->outbuf
) + 3;
3099 if (is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtoread
,
3100 (SMB_BIG_UINT
)startpos
, READ_LOCK
)) {
3101 reply_doserror(req
, ERRDOS
,ERRlock
);
3102 END_PROFILE(SMBread
);
3107 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3110 reply_unixerror(req
, ERRDOS
,ERRnoaccess
);
3111 END_PROFILE(SMBread
);
3115 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3117 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3118 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3119 SCVAL(smb_buf(req
->outbuf
),0,1);
3120 SSVAL(smb_buf(req
->outbuf
),1,nread
);
3122 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3123 fsp
->fnum
, (int)numtoread
, (int)nread
) );
3125 END_PROFILE(SMBread
);
3129 /****************************************************************************
3131 ****************************************************************************/
3133 static int setup_readX_header(char *outbuf
, size_t smb_maxcnt
)
3138 outsize
= srv_set_message(outbuf
,12,smb_maxcnt
,False
);
3139 data
= smb_buf(outbuf
);
3141 memset(outbuf
+smb_vwv0
,'\0',24); /* valgrind init. */
3143 SCVAL(outbuf
,smb_vwv0
,0xFF);
3144 SSVAL(outbuf
,smb_vwv2
,0xFFFF); /* Remaining - must be -1. */
3145 SSVAL(outbuf
,smb_vwv5
,smb_maxcnt
);
3146 SSVAL(outbuf
,smb_vwv6
,smb_offset(data
,outbuf
));
3147 SSVAL(outbuf
,smb_vwv7
,(smb_maxcnt
>> 16));
3148 SSVAL(smb_buf(outbuf
),-2,smb_maxcnt
);
3149 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3150 _smb_setlen_large(outbuf
,(smb_size
+ 12*2 + smb_maxcnt
- 4));
3154 /****************************************************************************
3155 Reply to a read and X - possibly using sendfile.
3156 ****************************************************************************/
3158 static void send_file_readX(connection_struct
*conn
, struct smb_request
*req
,
3159 files_struct
*fsp
, SMB_OFF_T startpos
,
3162 SMB_STRUCT_STAT sbuf
;
3165 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
3166 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3170 if (startpos
> sbuf
.st_size
) {
3172 } else if (smb_maxcnt
> (sbuf
.st_size
- startpos
)) {
3173 smb_maxcnt
= (sbuf
.st_size
- startpos
);
3176 if (smb_maxcnt
== 0) {
3180 #if defined(WITH_SENDFILE)
3182 * We can only use sendfile on a non-chained packet
3183 * but we can use on a non-oplocked file. tridge proved this
3184 * on a train in Germany :-). JRA.
3187 if ((chain_size
== 0) && (CVAL(req
->inbuf
,smb_vwv0
) == 0xFF) &&
3188 !is_encrypted_packet(req
->inbuf
) && (fsp
->base_fsp
== NULL
) &&
3189 lp_use_sendfile(SNUM(conn
)) && (fsp
->wcp
== NULL
) ) {
3190 uint8 headerbuf
[smb_size
+ 12 * 2];
3194 * Set up the packet header before send. We
3195 * assume here the sendfile will work (get the
3196 * correct amount of data).
3199 header
= data_blob_const(headerbuf
, sizeof(headerbuf
));
3201 construct_reply_common((char *)req
->inbuf
, (char *)headerbuf
);
3202 setup_readX_header((char *)headerbuf
, smb_maxcnt
);
3204 if ((nread
= SMB_VFS_SENDFILE(smbd_server_fd(), fsp
, &header
, startpos
, smb_maxcnt
)) == -1) {
3205 /* Returning ENOSYS or EINVAL means no data at all was sent.
3206 Do this as a normal read. */
3207 if (errno
== ENOSYS
|| errno
== EINVAL
) {
3212 * Special hack for broken Linux with no working sendfile. If we
3213 * return EINTR we sent the header but not the rest of the data.
3214 * Fake this up by doing read/write calls.
3217 if (errno
== EINTR
) {
3218 /* Ensure we don't do this again. */
3219 set_use_sendfile(SNUM(conn
), False
);
3220 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3221 nread
= fake_sendfile(fsp
, startpos
,
3224 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3225 fsp
->fsp_name
, strerror(errno
) ));
3226 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3228 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3229 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3230 /* No outbuf here means successful sendfile. */
3231 TALLOC_FREE(req
->outbuf
);
3235 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3236 fsp
->fsp_name
, strerror(errno
) ));
3237 exit_server_cleanly("send_file_readX sendfile failed");
3240 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3241 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3242 /* No outbuf here means successful sendfile. */
3243 TALLOC_FREE(req
->outbuf
);
3250 if ((smb_maxcnt
& 0xFF0000) > 0x10000) {
3251 uint8 headerbuf
[smb_size
+ 2*12];
3253 construct_reply_common((char *)req
->inbuf
, (char *)headerbuf
);
3254 setup_readX_header((char *)headerbuf
, smb_maxcnt
);
3256 /* Send out the header. */
3257 if (write_data(smbd_server_fd(), (char *)headerbuf
,
3258 sizeof(headerbuf
)) != sizeof(headerbuf
)) {
3259 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3260 fsp
->fsp_name
, strerror(errno
) ));
3261 exit_server_cleanly("send_file_readX sendfile failed");
3263 nread
= fake_sendfile(fsp
, startpos
, smb_maxcnt
);
3265 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3266 fsp
->fsp_name
, strerror(errno
) ));
3267 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3269 TALLOC_FREE(req
->outbuf
);
3272 reply_outbuf(req
, 12, smb_maxcnt
);
3274 nread
= read_file(fsp
, smb_buf(req
->outbuf
), startpos
,
3277 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3281 setup_readX_header((char *)req
->outbuf
, nread
);
3283 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3284 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3292 /****************************************************************************
3293 Reply to a read and X.
3294 ****************************************************************************/
3296 void reply_read_and_X(struct smb_request
*req
)
3298 connection_struct
*conn
= req
->conn
;
3302 bool big_readX
= False
;
3304 size_t smb_mincnt
= SVAL(req
->inbuf
,smb_vwv6
);
3307 START_PROFILE(SMBreadX
);
3309 if ((req
->wct
!= 10) && (req
->wct
!= 12)) {
3310 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3314 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv2
));
3315 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv3
);
3316 smb_maxcnt
= SVAL(req
->inbuf
,smb_vwv5
);
3318 /* If it's an IPC, pass off the pipe handler. */
3320 reply_pipe_read_and_X(req
);
3321 END_PROFILE(SMBreadX
);
3325 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3326 END_PROFILE(SMBreadX
);
3330 if (!CHECK_READ(fsp
,req
->inbuf
)) {
3331 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3332 END_PROFILE(SMBreadX
);
3336 if (global_client_caps
& CAP_LARGE_READX
) {
3337 size_t upper_size
= SVAL(req
->inbuf
,smb_vwv7
);
3338 smb_maxcnt
|= (upper_size
<<16);
3339 if (upper_size
> 1) {
3340 /* Can't do this on a chained packet. */
3341 if ((CVAL(req
->inbuf
,smb_vwv0
) != 0xFF)) {
3342 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3343 END_PROFILE(SMBreadX
);
3346 /* We currently don't do this on signed or sealed data. */
3347 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
3348 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3349 END_PROFILE(SMBreadX
);
3352 /* Is there room in the reply for this data ? */
3353 if (smb_maxcnt
> (0xFFFFFF - (smb_size
-4 + 12*2))) {
3355 NT_STATUS_INVALID_PARAMETER
);
3356 END_PROFILE(SMBreadX
);
3363 if (req
->wct
== 12) {
3364 #ifdef LARGE_SMB_OFF_T
3366 * This is a large offset (64 bit) read.
3368 startpos
|= (((SMB_OFF_T
)IVAL(req
->inbuf
,smb_vwv10
)) << 32);
3370 #else /* !LARGE_SMB_OFF_T */
3373 * Ensure we haven't been sent a >32 bit offset.
3376 if(IVAL(req
->inbuf
,smb_vwv10
) != 0) {
3377 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3378 "used and we don't support 64 bit offsets.\n",
3379 (unsigned int)IVAL(req
->inbuf
,smb_vwv10
) ));
3380 END_PROFILE(SMBreadX
);
3381 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3385 #endif /* LARGE_SMB_OFF_T */
3389 if (is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)smb_maxcnt
,
3390 (SMB_BIG_UINT
)startpos
, READ_LOCK
)) {
3391 END_PROFILE(SMBreadX
);
3392 reply_doserror(req
, ERRDOS
, ERRlock
);
3397 schedule_aio_read_and_X(conn
, req
, fsp
, startpos
, smb_maxcnt
)) {
3398 END_PROFILE(SMBreadX
);
3402 send_file_readX(conn
, req
, fsp
, startpos
, smb_maxcnt
);
3404 END_PROFILE(SMBreadX
);
3408 /****************************************************************************
3409 Error replies to writebraw must have smb_wct == 1. Fix this up.
3410 ****************************************************************************/
3412 void error_to_writebrawerr(struct smb_request
*req
)
3414 uint8
*old_outbuf
= req
->outbuf
;
3416 reply_outbuf(req
, 1, 0);
3418 memcpy(req
->outbuf
, old_outbuf
, smb_size
);
3419 TALLOC_FREE(old_outbuf
);
3422 /****************************************************************************
3423 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3424 ****************************************************************************/
3426 void reply_writebraw(struct smb_request
*req
)
3428 connection_struct
*conn
= req
->conn
;
3431 ssize_t total_written
=0;
3432 size_t numtowrite
=0;
3440 START_PROFILE(SMBwritebraw
);
3443 * If we ever reply with an error, it must have the SMB command
3444 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3447 SCVAL(req
->inbuf
,smb_com
,SMBwritec
);
3449 if (srv_is_signing_active()) {
3450 END_PROFILE(SMBwritebraw
);
3451 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3452 "raw reads/writes are disallowed.");
3455 if (req
->wct
< 12) {
3456 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3457 error_to_writebrawerr(req
);
3458 END_PROFILE(SMBwritebraw
);
3462 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3463 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3464 error_to_writebrawerr(req
);
3465 END_PROFILE(SMBwritebraw
);
3469 if (!CHECK_WRITE(fsp
)) {
3470 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3471 error_to_writebrawerr(req
);
3472 END_PROFILE(SMBwritebraw
);
3476 tcount
= IVAL(req
->inbuf
,smb_vwv1
);
3477 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv3
);
3478 write_through
= BITSETW(req
->inbuf
+smb_vwv7
,0);
3480 /* We have to deal with slightly different formats depending
3481 on whether we are using the core+ or lanman1.0 protocol */
3483 if(Protocol
<= PROTOCOL_COREPLUS
) {
3484 numtowrite
= SVAL(smb_buf(req
->inbuf
),-2);
3485 data
= smb_buf(req
->inbuf
);
3487 numtowrite
= SVAL(req
->inbuf
,smb_vwv10
);
3488 data
= smb_base(req
->inbuf
) + SVAL(req
->inbuf
, smb_vwv11
);
3491 /* Ensure we don't write bytes past the end of this packet. */
3492 if (data
+ numtowrite
> smb_base(req
->inbuf
) + smb_len(req
->inbuf
)) {
3493 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3494 error_to_writebrawerr(req
);
3495 END_PROFILE(SMBwritebraw
);
3499 if (is_locked(fsp
,(uint32
)req
->smbpid
,(SMB_BIG_UINT
)tcount
,
3500 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
3501 reply_doserror(req
, ERRDOS
, ERRlock
);
3502 error_to_writebrawerr(req
);
3503 END_PROFILE(SMBwritebraw
);
3508 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3511 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3512 "wrote=%d sync=%d\n",
3513 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3514 (int)nwritten
, (int)write_through
));
3516 if (nwritten
< (ssize_t
)numtowrite
) {
3517 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3518 error_to_writebrawerr(req
);
3519 END_PROFILE(SMBwritebraw
);
3523 total_written
= nwritten
;
3525 /* Allocate a buffer of 64k + length. */
3526 buf
= TALLOC_ARRAY(NULL
, char, 65540);
3528 reply_doserror(req
, ERRDOS
, ERRnomem
);
3529 error_to_writebrawerr(req
);
3530 END_PROFILE(SMBwritebraw
);
3534 /* Return a SMBwritebraw message to the redirector to tell
3535 * it to send more bytes */
3537 memcpy(buf
, req
->inbuf
, smb_size
);
3538 srv_set_message(buf
,Protocol
>PROTOCOL_COREPLUS
?1:0,0,True
);
3539 SCVAL(buf
,smb_com
,SMBwritebraw
);
3540 SSVALS(buf
,smb_vwv0
,0xFFFF);
3542 if (!srv_send_smb(smbd_server_fd(),
3544 IS_CONN_ENCRYPTED(conn
))) {
3545 exit_server_cleanly("reply_writebraw: srv_send_smb "
3549 /* Now read the raw data into the buffer and write it */
3550 status
= read_smb_length(smbd_server_fd(), buf
, SMB_SECONDARY_WAIT
,
3552 if (!NT_STATUS_IS_OK(status
)) {
3553 exit_server_cleanly("secondary writebraw failed");
3556 /* Set up outbuf to return the correct size */
3557 reply_outbuf(req
, 1, 0);
3559 if (numtowrite
!= 0) {
3561 if (numtowrite
> 0xFFFF) {
3562 DEBUG(0,("reply_writebraw: Oversize secondary write "
3563 "raw requested (%u). Terminating\n",
3564 (unsigned int)numtowrite
));
3565 exit_server_cleanly("secondary writebraw failed");
3568 if (tcount
> nwritten
+numtowrite
) {
3569 DEBUG(3,("reply_writebraw: Client overestimated the "
3571 (int)tcount
,(int)nwritten
,(int)numtowrite
));
3574 status
= read_data(smbd_server_fd(), buf
+4, numtowrite
);
3576 if (!NT_STATUS_IS_OK(status
)) {
3577 DEBUG(0,("reply_writebraw: Oversize secondary write "
3578 "raw read failed (%s). Terminating\n",
3579 nt_errstr(status
)));
3580 exit_server_cleanly("secondary writebraw failed");
3583 nwritten
= write_file(req
,fsp
,buf
+4,startpos
+nwritten
,numtowrite
);
3584 if (nwritten
== -1) {
3586 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3587 error_to_writebrawerr(req
);
3588 END_PROFILE(SMBwritebraw
);
3592 if (nwritten
< (ssize_t
)numtowrite
) {
3593 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3594 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3598 total_written
+= nwritten
;
3603 SSVAL(req
->outbuf
,smb_vwv0
,total_written
);
3605 status
= sync_file(conn
, fsp
, write_through
);
3606 if (!NT_STATUS_IS_OK(status
)) {
3607 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3608 fsp
->fsp_name
, nt_errstr(status
) ));
3609 reply_nterror(req
, status
);
3610 error_to_writebrawerr(req
);
3611 END_PROFILE(SMBwritebraw
);
3615 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3617 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3618 (int)total_written
));
3620 /* We won't return a status if write through is not selected - this
3621 * follows what WfWg does */
3622 END_PROFILE(SMBwritebraw
);
3624 if (!write_through
&& total_written
==tcount
) {
3626 #if RABBIT_PELLET_FIX
3628 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3629 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3632 if (!send_keepalive(smbd_server_fd())) {
3633 exit_server_cleanly("reply_writebraw: send of "
3634 "keepalive failed");
3637 TALLOC_FREE(req
->outbuf
);
3643 #define DBGC_CLASS DBGC_LOCKING
3645 /****************************************************************************
3646 Reply to a writeunlock (core+).
3647 ****************************************************************************/
3649 void reply_writeunlock(struct smb_request
*req
)
3651 connection_struct
*conn
= req
->conn
;
3652 ssize_t nwritten
= -1;
3656 NTSTATUS status
= NT_STATUS_OK
;
3659 START_PROFILE(SMBwriteunlock
);
3662 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3663 END_PROFILE(SMBwriteunlock
);
3667 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3669 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3670 END_PROFILE(SMBwriteunlock
);
3674 if (!CHECK_WRITE(fsp
)) {
3675 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3676 END_PROFILE(SMBwriteunlock
);
3680 numtowrite
= SVAL(req
->inbuf
,smb_vwv1
);
3681 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
3682 data
= smb_buf(req
->inbuf
) + 3;
3685 && is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtowrite
,
3686 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
3687 reply_doserror(req
, ERRDOS
, ERRlock
);
3688 END_PROFILE(SMBwriteunlock
);
3692 /* The special X/Open SMB protocol handling of
3693 zero length writes is *NOT* done for
3695 if(numtowrite
== 0) {
3698 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3701 status
= sync_file(conn
, fsp
, False
/* write through */);
3702 if (!NT_STATUS_IS_OK(status
)) {
3703 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3704 fsp
->fsp_name
, nt_errstr(status
) ));
3705 reply_nterror(req
, status
);
3706 END_PROFILE(SMBwriteunlock
);
3710 if(((nwritten
< numtowrite
) && (numtowrite
!= 0))||(nwritten
< 0)) {
3711 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3712 END_PROFILE(SMBwriteunlock
);
3717 status
= do_unlock(smbd_messaging_context(),
3720 (SMB_BIG_UINT
)numtowrite
,
3721 (SMB_BIG_UINT
)startpos
,
3724 if (NT_STATUS_V(status
)) {
3725 reply_nterror(req
, status
);
3726 END_PROFILE(SMBwriteunlock
);
3731 reply_outbuf(req
, 1, 0);
3733 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3735 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3736 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3738 END_PROFILE(SMBwriteunlock
);
3743 #define DBGC_CLASS DBGC_ALL
3745 /****************************************************************************
3747 ****************************************************************************/
3749 void reply_write(struct smb_request
*req
)
3751 connection_struct
*conn
= req
->conn
;
3753 ssize_t nwritten
= -1;
3759 START_PROFILE(SMBwrite
);
3762 END_PROFILE(SMBwrite
);
3763 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3767 /* If it's an IPC, pass off the pipe handler. */
3769 reply_pipe_write(req
);
3770 END_PROFILE(SMBwrite
);
3774 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
3776 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
3777 END_PROFILE(SMBwrite
);
3781 if (!CHECK_WRITE(fsp
)) {
3782 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3783 END_PROFILE(SMBwrite
);
3787 numtowrite
= SVAL(req
->inbuf
,smb_vwv1
);
3788 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
3789 data
= smb_buf(req
->inbuf
) + 3;
3791 if (is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtowrite
,
3792 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
3793 reply_doserror(req
, ERRDOS
, ERRlock
);
3794 END_PROFILE(SMBwrite
);
3799 * X/Open SMB protocol says that if smb_vwv1 is
3800 * zero then the file size should be extended or
3801 * truncated to the size given in smb_vwv[2-3].
3804 if(numtowrite
== 0) {
3806 * This is actually an allocate call, and set EOF. JRA.
3808 nwritten
= vfs_allocate_file_space(fsp
, (SMB_OFF_T
)startpos
);
3810 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3811 END_PROFILE(SMBwrite
);
3814 nwritten
= vfs_set_filelen(fsp
, (SMB_OFF_T
)startpos
);
3816 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3817 END_PROFILE(SMBwrite
);
3820 trigger_write_time_update_immediate(fsp
);
3822 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3825 status
= sync_file(conn
, fsp
, False
);
3826 if (!NT_STATUS_IS_OK(status
)) {
3827 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3828 fsp
->fsp_name
, nt_errstr(status
) ));
3829 reply_nterror(req
, status
);
3830 END_PROFILE(SMBwrite
);
3834 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
3835 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3836 END_PROFILE(SMBwrite
);
3840 reply_outbuf(req
, 1, 0);
3842 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3844 if (nwritten
< (ssize_t
)numtowrite
) {
3845 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3846 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3849 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3851 END_PROFILE(SMBwrite
);
3855 /****************************************************************************
3856 Ensure a buffer is a valid writeX for recvfile purposes.
3857 ****************************************************************************/
3859 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3860 (2*14) + /* word count (including bcc) */ \
3863 bool is_valid_writeX_buffer(const uint8_t *inbuf
)
3866 connection_struct
*conn
= NULL
;
3867 unsigned int doff
= 0;
3868 size_t len
= smb_len_large(inbuf
);
3870 if (is_encrypted_packet(inbuf
)) {
3871 /* Can't do this on encrypted
3876 if (CVAL(inbuf
,smb_com
) != SMBwriteX
) {
3880 if (CVAL(inbuf
,smb_vwv0
) != 0xFF ||
3881 CVAL(inbuf
,smb_wct
) != 14) {
3882 DEBUG(10,("is_valid_writeX_buffer: chained or "
3883 "invalid word length.\n"));
3887 conn
= conn_find(SVAL(inbuf
, smb_tid
));
3889 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
3893 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
3896 if (IS_PRINT(conn
)) {
3897 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
3900 doff
= SVAL(inbuf
,smb_vwv11
);
3902 numtowrite
= SVAL(inbuf
,smb_vwv10
);
3904 if (len
> doff
&& len
- doff
> 0xFFFF) {
3905 numtowrite
|= (((size_t)SVAL(inbuf
,smb_vwv9
))<<16);
3908 if (numtowrite
== 0) {
3909 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
3913 /* Ensure the sizes match up. */
3914 if (doff
< STANDARD_WRITE_AND_X_HEADER_SIZE
) {
3915 /* no pad byte...old smbclient :-( */
3916 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
3918 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE
));
3922 if (len
- doff
!= numtowrite
) {
3923 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
3924 "len = %u, doff = %u, numtowrite = %u\n",
3927 (unsigned int)numtowrite
));
3931 DEBUG(10,("is_valid_writeX_buffer: true "
3932 "len = %u, doff = %u, numtowrite = %u\n",
3935 (unsigned int)numtowrite
));
3940 /****************************************************************************
3941 Reply to a write and X.
3942 ****************************************************************************/
3944 void reply_write_and_X(struct smb_request
*req
)
3946 connection_struct
*conn
= req
->conn
;
3952 unsigned int smb_doff
;
3953 unsigned int smblen
;
3957 START_PROFILE(SMBwriteX
);
3959 if ((req
->wct
!= 12) && (req
->wct
!= 14)) {
3960 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3961 END_PROFILE(SMBwriteX
);
3965 numtowrite
= SVAL(req
->inbuf
,smb_vwv10
);
3966 smb_doff
= SVAL(req
->inbuf
,smb_vwv11
);
3967 smblen
= smb_len(req
->inbuf
);
3969 if (req
->unread_bytes
> 0xFFFF ||
3970 (smblen
> smb_doff
&&
3971 smblen
- smb_doff
> 0xFFFF)) {
3972 numtowrite
|= (((size_t)SVAL(req
->inbuf
,smb_vwv9
))<<16);
3975 if (req
->unread_bytes
) {
3976 /* Can't do a recvfile write on IPC$ */
3978 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3979 END_PROFILE(SMBwriteX
);
3982 if (numtowrite
!= req
->unread_bytes
) {
3983 reply_doserror(req
, ERRDOS
, ERRbadmem
);
3984 END_PROFILE(SMBwriteX
);
3988 if (smb_doff
> smblen
|| smb_doff
+ numtowrite
< numtowrite
||
3989 smb_doff
+ numtowrite
> smblen
) {
3990 reply_doserror(req
, ERRDOS
, ERRbadmem
);
3991 END_PROFILE(SMBwriteX
);
3996 /* If it's an IPC, pass off the pipe handler. */
3998 if (req
->unread_bytes
) {
3999 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4000 END_PROFILE(SMBwriteX
);
4003 reply_pipe_write_and_X(req
);
4004 END_PROFILE(SMBwriteX
);
4008 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv2
));
4009 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv3
);
4010 write_through
= BITSETW(req
->inbuf
+smb_vwv7
,0);
4012 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4013 END_PROFILE(SMBwriteX
);
4017 if (!CHECK_WRITE(fsp
)) {
4018 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4019 END_PROFILE(SMBwriteX
);
4023 data
= smb_base(req
->inbuf
) + smb_doff
;
4025 if(req
->wct
== 14) {
4026 #ifdef LARGE_SMB_OFF_T
4028 * This is a large offset (64 bit) write.
4030 startpos
|= (((SMB_OFF_T
)IVAL(req
->inbuf
,smb_vwv12
)) << 32);
4032 #else /* !LARGE_SMB_OFF_T */
4035 * Ensure we haven't been sent a >32 bit offset.
4038 if(IVAL(req
->inbuf
,smb_vwv12
) != 0) {
4039 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4040 "used and we don't support 64 bit offsets.\n",
4041 (unsigned int)IVAL(req
->inbuf
,smb_vwv12
) ));
4042 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4043 END_PROFILE(SMBwriteX
);
4047 #endif /* LARGE_SMB_OFF_T */
4050 if (is_locked(fsp
,(uint32
)req
->smbpid
,
4051 (SMB_BIG_UINT
)numtowrite
,
4052 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
4053 reply_doserror(req
, ERRDOS
, ERRlock
);
4054 END_PROFILE(SMBwriteX
);
4058 /* X/Open SMB protocol says that, unlike SMBwrite
4059 if the length is zero then NO truncation is
4060 done, just a write of zero. To truncate a file,
4063 if(numtowrite
== 0) {
4067 if ((req
->unread_bytes
== 0) &&
4068 schedule_aio_write_and_X(conn
, req
, fsp
, data
, startpos
,
4070 END_PROFILE(SMBwriteX
);
4074 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4077 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4078 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
4079 END_PROFILE(SMBwriteX
);
4083 reply_outbuf(req
, 6, 0);
4084 SSVAL(req
->outbuf
,smb_vwv2
,nwritten
);
4085 SSVAL(req
->outbuf
,smb_vwv4
,nwritten
>>16);
4087 if (nwritten
< (ssize_t
)numtowrite
) {
4088 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
4089 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
4092 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4093 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
4095 status
= sync_file(conn
, fsp
, write_through
);
4096 if (!NT_STATUS_IS_OK(status
)) {
4097 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4098 fsp
->fsp_name
, nt_errstr(status
) ));
4099 reply_nterror(req
, status
);
4100 END_PROFILE(SMBwriteX
);
4104 END_PROFILE(SMBwriteX
);
4109 /****************************************************************************
4111 ****************************************************************************/
4113 void reply_lseek(struct smb_request
*req
)
4115 connection_struct
*conn
= req
->conn
;
4121 START_PROFILE(SMBlseek
);
4124 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4125 END_PROFILE(SMBlseek
);
4129 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4131 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4135 flush_write_cache(fsp
, SEEK_FLUSH
);
4137 mode
= SVAL(req
->inbuf
,smb_vwv1
) & 3;
4138 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4139 startpos
= (SMB_OFF_T
)IVALS(req
->inbuf
,smb_vwv2
);
4148 res
= fsp
->fh
->pos
+ startpos
;
4159 if (umode
== SEEK_END
) {
4160 if((res
= SMB_VFS_LSEEK(fsp
,startpos
,umode
)) == -1) {
4161 if(errno
== EINVAL
) {
4162 SMB_OFF_T current_pos
= startpos
;
4163 SMB_STRUCT_STAT sbuf
;
4165 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
4166 reply_unixerror(req
, ERRDOS
,
4168 END_PROFILE(SMBlseek
);
4172 current_pos
+= sbuf
.st_size
;
4174 res
= SMB_VFS_LSEEK(fsp
,0,SEEK_SET
);
4179 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
4180 END_PROFILE(SMBlseek
);
4187 reply_outbuf(req
, 2, 0);
4188 SIVAL(req
->outbuf
,smb_vwv0
,res
);
4190 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4191 fsp
->fnum
, (double)startpos
, (double)res
, mode
));
4193 END_PROFILE(SMBlseek
);
4197 /****************************************************************************
4199 ****************************************************************************/
4201 void reply_flush(struct smb_request
*req
)
4203 connection_struct
*conn
= req
->conn
;
4207 START_PROFILE(SMBflush
);
4210 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4214 fnum
= SVAL(req
->inbuf
,smb_vwv0
);
4215 fsp
= file_fsp(fnum
);
4217 if ((fnum
!= 0xFFFF) && !check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4222 file_sync_all(conn
);
4224 NTSTATUS status
= sync_file(conn
, fsp
, True
);
4225 if (!NT_STATUS_IS_OK(status
)) {
4226 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4227 fsp
->fsp_name
, nt_errstr(status
) ));
4228 reply_nterror(req
, status
);
4229 END_PROFILE(SMBflush
);
4234 reply_outbuf(req
, 0, 0);
4236 DEBUG(3,("flush\n"));
4237 END_PROFILE(SMBflush
);
4241 /****************************************************************************
4243 conn POINTER CAN BE NULL HERE !
4244 ****************************************************************************/
4246 void reply_exit(struct smb_request
*req
)
4248 START_PROFILE(SMBexit
);
4250 file_close_pid(req
->smbpid
, req
->vuid
);
4252 reply_outbuf(req
, 0, 0);
4254 DEBUG(3,("exit\n"));
4256 END_PROFILE(SMBexit
);
4260 /****************************************************************************
4261 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4262 ****************************************************************************/
4264 void reply_close(struct smb_request
*req
)
4266 connection_struct
*conn
= req
->conn
;
4267 NTSTATUS status
= NT_STATUS_OK
;
4268 files_struct
*fsp
= NULL
;
4269 START_PROFILE(SMBclose
);
4272 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4273 END_PROFILE(SMBclose
);
4277 /* If it's an IPC, pass off to the pipe handler. */
4279 reply_pipe_close(conn
, req
);
4280 END_PROFILE(SMBclose
);
4284 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4287 * We can only use CHECK_FSP if we know it's not a directory.
4290 if(!fsp
|| (fsp
->conn
!= conn
) || (fsp
->vuid
!= current_user
.vuid
)) {
4291 reply_doserror(req
, ERRDOS
, ERRbadfid
);
4292 END_PROFILE(SMBclose
);
4296 if(fsp
->is_directory
) {
4298 * Special case - close NT SMB directory handle.
4300 DEBUG(3,("close directory fnum=%d\n", fsp
->fnum
));
4301 status
= close_file(fsp
,NORMAL_CLOSE
);
4305 * Close ordinary file.
4308 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4309 fsp
->fh
->fd
, fsp
->fnum
,
4310 conn
->num_files_open
));
4313 * Take care of any time sent in the close.
4316 t
= srv_make_unix_date3(req
->inbuf
+smb_vwv1
);
4317 set_close_write_time(fsp
, convert_time_t_to_timespec(t
));
4320 * close_file() returns the unix errno if an error
4321 * was detected on close - normally this is due to
4322 * a disk full error. If not then it was probably an I/O error.
4325 status
= close_file(fsp
,NORMAL_CLOSE
);
4328 if (!NT_STATUS_IS_OK(status
)) {
4329 reply_nterror(req
, status
);
4330 END_PROFILE(SMBclose
);
4334 reply_outbuf(req
, 0, 0);
4335 END_PROFILE(SMBclose
);
4339 /****************************************************************************
4340 Reply to a writeclose (Core+ protocol).
4341 ****************************************************************************/
4343 void reply_writeclose(struct smb_request
*req
)
4345 connection_struct
*conn
= req
->conn
;
4347 ssize_t nwritten
= -1;
4348 NTSTATUS close_status
= NT_STATUS_OK
;
4351 struct timespec mtime
;
4354 START_PROFILE(SMBwriteclose
);
4357 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4358 END_PROFILE(SMBwriteclose
);
4362 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4364 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4365 END_PROFILE(SMBwriteclose
);
4368 if (!CHECK_WRITE(fsp
)) {
4369 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
4370 END_PROFILE(SMBwriteclose
);
4374 numtowrite
= SVAL(req
->inbuf
,smb_vwv1
);
4375 startpos
= IVAL_TO_SMB_OFF_T(req
->inbuf
,smb_vwv2
);
4376 mtime
= convert_time_t_to_timespec(srv_make_unix_date3(
4377 req
->inbuf
+smb_vwv4
));
4378 data
= smb_buf(req
->inbuf
) + 1;
4381 && is_locked(fsp
, (uint32
)req
->smbpid
, (SMB_BIG_UINT
)numtowrite
,
4382 (SMB_BIG_UINT
)startpos
, WRITE_LOCK
)) {
4383 reply_doserror(req
, ERRDOS
,ERRlock
);
4384 END_PROFILE(SMBwriteclose
);
4388 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4390 set_close_write_time(fsp
, mtime
);
4393 * More insanity. W2K only closes the file if writelen > 0.
4398 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4400 close_status
= close_file(fsp
,NORMAL_CLOSE
);
4403 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4404 fsp
->fnum
, (int)numtowrite
, (int)nwritten
,
4405 conn
->num_files_open
));
4407 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4408 reply_doserror(req
, ERRHRD
, ERRdiskfull
);
4409 END_PROFILE(SMBwriteclose
);
4413 if(!NT_STATUS_IS_OK(close_status
)) {
4414 reply_nterror(req
, close_status
);
4415 END_PROFILE(SMBwriteclose
);
4419 reply_outbuf(req
, 1, 0);
4421 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
4422 END_PROFILE(SMBwriteclose
);
4427 #define DBGC_CLASS DBGC_LOCKING
4429 /****************************************************************************
4431 ****************************************************************************/
4433 void reply_lock(struct smb_request
*req
)
4435 connection_struct
*conn
= req
->conn
;
4436 SMB_BIG_UINT count
,offset
;
4439 struct byte_range_lock
*br_lck
= NULL
;
4441 START_PROFILE(SMBlock
);
4444 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4445 END_PROFILE(SMBlock
);
4449 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4451 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4452 END_PROFILE(SMBlock
);
4456 release_level_2_oplocks_on_change(fsp
);
4458 count
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv1
);
4459 offset
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv3
);
4461 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4462 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
));
4464 br_lck
= do_lock(smbd_messaging_context(),
4471 False
, /* Non-blocking lock. */
4475 TALLOC_FREE(br_lck
);
4477 if (NT_STATUS_V(status
)) {
4478 reply_nterror(req
, status
);
4479 END_PROFILE(SMBlock
);
4483 reply_outbuf(req
, 0, 0);
4485 END_PROFILE(SMBlock
);
4489 /****************************************************************************
4491 ****************************************************************************/
4493 void reply_unlock(struct smb_request
*req
)
4495 connection_struct
*conn
= req
->conn
;
4496 SMB_BIG_UINT count
,offset
;
4500 START_PROFILE(SMBunlock
);
4503 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4504 END_PROFILE(SMBunlock
);
4508 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4510 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4511 END_PROFILE(SMBunlock
);
4515 count
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv1
);
4516 offset
= (SMB_BIG_UINT
)IVAL(req
->inbuf
,smb_vwv3
);
4518 status
= do_unlock(smbd_messaging_context(),
4525 if (NT_STATUS_V(status
)) {
4526 reply_nterror(req
, status
);
4527 END_PROFILE(SMBunlock
);
4531 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4532 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
) );
4534 reply_outbuf(req
, 0, 0);
4536 END_PROFILE(SMBunlock
);
4541 #define DBGC_CLASS DBGC_ALL
4543 /****************************************************************************
4545 conn POINTER CAN BE NULL HERE !
4546 ****************************************************************************/
4548 void reply_tdis(struct smb_request
*req
)
4550 connection_struct
*conn
= req
->conn
;
4551 START_PROFILE(SMBtdis
);
4554 DEBUG(4,("Invalid connection in tdis\n"));
4555 reply_doserror(req
, ERRSRV
, ERRinvnid
);
4556 END_PROFILE(SMBtdis
);
4562 close_cnum(conn
,req
->vuid
);
4565 reply_outbuf(req
, 0, 0);
4566 END_PROFILE(SMBtdis
);
4570 /****************************************************************************
4572 conn POINTER CAN BE NULL HERE !
4573 ****************************************************************************/
4575 void reply_echo(struct smb_request
*req
)
4577 connection_struct
*conn
= req
->conn
;
4580 unsigned int data_len
= smb_buflen(req
->inbuf
);
4582 START_PROFILE(SMBecho
);
4585 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4586 END_PROFILE(SMBecho
);
4590 if (data_len
> BUFFER_SIZE
) {
4591 DEBUG(0,("reply_echo: data_len too large.\n"));
4592 reply_nterror(req
, NT_STATUS_INSUFFICIENT_RESOURCES
);
4593 END_PROFILE(SMBecho
);
4597 smb_reverb
= SVAL(req
->inbuf
,smb_vwv0
);
4599 reply_outbuf(req
, 1, data_len
);
4601 /* copy any incoming data back out */
4603 memcpy(smb_buf(req
->outbuf
),smb_buf(req
->inbuf
),data_len
);
4606 if (smb_reverb
> 100) {
4607 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb
));
4611 for (seq_num
=1 ; seq_num
<= smb_reverb
; seq_num
++) {
4612 SSVAL(req
->outbuf
,smb_vwv0
,seq_num
);
4614 show_msg((char *)req
->outbuf
);
4615 if (!srv_send_smb(smbd_server_fd(),
4616 (char *)req
->outbuf
,
4617 IS_CONN_ENCRYPTED(conn
)||req
->encrypted
))
4618 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4621 DEBUG(3,("echo %d times\n", smb_reverb
));
4623 TALLOC_FREE(req
->outbuf
);
4627 END_PROFILE(SMBecho
);
4631 /****************************************************************************
4632 Reply to a printopen.
4633 ****************************************************************************/
4635 void reply_printopen(struct smb_request
*req
)
4637 connection_struct
*conn
= req
->conn
;
4640 SMB_STRUCT_STAT sbuf
;
4642 START_PROFILE(SMBsplopen
);
4645 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4646 END_PROFILE(SMBsplopen
);
4650 if (!CAN_PRINT(conn
)) {
4651 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4652 END_PROFILE(SMBsplopen
);
4656 status
= file_new(conn
, &fsp
);
4657 if(!NT_STATUS_IS_OK(status
)) {
4658 reply_nterror(req
, status
);
4659 END_PROFILE(SMBsplopen
);
4663 /* Open for exclusive use, write only. */
4664 status
= print_fsp_open(conn
, NULL
, fsp
, &sbuf
);
4666 if (!NT_STATUS_IS_OK(status
)) {
4668 reply_nterror(req
, status
);
4669 END_PROFILE(SMBsplopen
);
4673 reply_outbuf(req
, 1, 0);
4674 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
4676 DEBUG(3,("openprint fd=%d fnum=%d\n",
4677 fsp
->fh
->fd
, fsp
->fnum
));
4679 END_PROFILE(SMBsplopen
);
4683 /****************************************************************************
4684 Reply to a printclose.
4685 ****************************************************************************/
4687 void reply_printclose(struct smb_request
*req
)
4689 connection_struct
*conn
= req
->conn
;
4693 START_PROFILE(SMBsplclose
);
4696 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4697 END_PROFILE(SMBsplclose
);
4701 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4703 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4704 END_PROFILE(SMBsplclose
);
4708 if (!CAN_PRINT(conn
)) {
4709 reply_nterror(req
, NT_STATUS_DOS(ERRSRV
, ERRerror
));
4710 END_PROFILE(SMBsplclose
);
4714 DEBUG(3,("printclose fd=%d fnum=%d\n",
4715 fsp
->fh
->fd
,fsp
->fnum
));
4717 status
= close_file(fsp
,NORMAL_CLOSE
);
4719 if(!NT_STATUS_IS_OK(status
)) {
4720 reply_nterror(req
, status
);
4721 END_PROFILE(SMBsplclose
);
4725 reply_outbuf(req
, 0, 0);
4727 END_PROFILE(SMBsplclose
);
4731 /****************************************************************************
4732 Reply to a printqueue.
4733 ****************************************************************************/
4735 void reply_printqueue(struct smb_request
*req
)
4737 connection_struct
*conn
= req
->conn
;
4741 START_PROFILE(SMBsplretq
);
4744 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4745 END_PROFILE(SMBsplretq
);
4749 max_count
= SVAL(req
->inbuf
,smb_vwv0
);
4750 start_index
= SVAL(req
->inbuf
,smb_vwv1
);
4752 /* we used to allow the client to get the cnum wrong, but that
4753 is really quite gross and only worked when there was only
4754 one printer - I think we should now only accept it if they
4755 get it right (tridge) */
4756 if (!CAN_PRINT(conn
)) {
4757 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4758 END_PROFILE(SMBsplretq
);
4762 reply_outbuf(req
, 2, 3);
4763 SSVAL(req
->outbuf
,smb_vwv0
,0);
4764 SSVAL(req
->outbuf
,smb_vwv1
,0);
4765 SCVAL(smb_buf(req
->outbuf
),0,1);
4766 SSVAL(smb_buf(req
->outbuf
),1,0);
4768 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4769 start_index
, max_count
));
4772 print_queue_struct
*queue
= NULL
;
4773 print_status_struct status
;
4774 int count
= print_queue_status(SNUM(conn
), &queue
, &status
);
4775 int num_to_get
= ABS(max_count
);
4776 int first
= (max_count
>0?start_index
:start_index
+max_count
+1);
4782 num_to_get
= MIN(num_to_get
,count
-first
);
4785 for (i
=first
;i
<first
+num_to_get
;i
++) {
4789 srv_put_dos_date2(p
,0,queue
[i
].time
);
4790 SCVAL(p
,4,(queue
[i
].status
==LPQ_PRINTING
?2:3));
4791 SSVAL(p
,5, queue
[i
].job
);
4792 SIVAL(p
,7,queue
[i
].size
);
4794 srvstr_push(blob
, req
->flags2
, p
+12,
4795 queue
[i
].fs_user
, 16, STR_ASCII
);
4797 if (message_push_blob(
4800 blob
, sizeof(blob
))) == -1) {
4801 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
4802 END_PROFILE(SMBsplretq
);
4808 SSVAL(req
->outbuf
,smb_vwv0
,count
);
4809 SSVAL(req
->outbuf
,smb_vwv1
,
4810 (max_count
>0?first
+count
:first
-1));
4811 SCVAL(smb_buf(req
->outbuf
),0,1);
4812 SSVAL(smb_buf(req
->outbuf
),1,28*count
);
4817 DEBUG(3,("%d entries returned in queue\n",count
));
4820 END_PROFILE(SMBsplretq
);
4824 /****************************************************************************
4825 Reply to a printwrite.
4826 ****************************************************************************/
4828 void reply_printwrite(struct smb_request
*req
)
4830 connection_struct
*conn
= req
->conn
;
4835 START_PROFILE(SMBsplwr
);
4838 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4839 END_PROFILE(SMBsplwr
);
4843 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
4845 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
4846 END_PROFILE(SMBsplwr
);
4850 if (!CAN_PRINT(conn
)) {
4851 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4852 END_PROFILE(SMBsplwr
);
4856 if (!CHECK_WRITE(fsp
)) {
4857 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4858 END_PROFILE(SMBsplwr
);
4862 numtowrite
= SVAL(smb_buf(req
->inbuf
),1);
4864 if (smb_buflen(req
->inbuf
) < numtowrite
+ 3) {
4865 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4866 END_PROFILE(SMBsplwr
);
4870 data
= smb_buf(req
->inbuf
) + 3;
4872 if (write_file(req
,fsp
,data
,-1,numtowrite
) != numtowrite
) {
4873 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
4874 END_PROFILE(SMBsplwr
);
4878 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp
->fnum
, numtowrite
) );
4880 END_PROFILE(SMBsplwr
);
4884 /****************************************************************************
4886 ****************************************************************************/
4888 void reply_mkdir(struct smb_request
*req
)
4890 connection_struct
*conn
= req
->conn
;
4891 char *directory
= NULL
;
4893 SMB_STRUCT_STAT sbuf
;
4894 TALLOC_CTX
*ctx
= talloc_tos();
4896 START_PROFILE(SMBmkdir
);
4898 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &directory
,
4899 smb_buf(req
->inbuf
) + 1, 0,
4900 STR_TERMINATE
, &status
);
4901 if (!NT_STATUS_IS_OK(status
)) {
4902 reply_nterror(req
, status
);
4903 END_PROFILE(SMBmkdir
);
4907 status
= resolve_dfspath(ctx
, conn
,
4908 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
4911 if (!NT_STATUS_IS_OK(status
)) {
4912 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
4913 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
4914 ERRSRV
, ERRbadpath
);
4915 END_PROFILE(SMBmkdir
);
4918 reply_nterror(req
, status
);
4919 END_PROFILE(SMBmkdir
);
4923 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
, NULL
, &sbuf
);
4924 if (!NT_STATUS_IS_OK(status
)) {
4925 reply_nterror(req
, status
);
4926 END_PROFILE(SMBmkdir
);
4930 status
= check_name(conn
, directory
);
4931 if (!NT_STATUS_IS_OK(status
)) {
4932 reply_nterror(req
, status
);
4933 END_PROFILE(SMBmkdir
);
4937 status
= create_directory(conn
, req
, directory
);
4939 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status
)));
4941 if (!NT_STATUS_IS_OK(status
)) {
4943 if (!use_nt_status()
4944 && NT_STATUS_EQUAL(status
,
4945 NT_STATUS_OBJECT_NAME_COLLISION
)) {
4947 * Yes, in the DOS error code case we get a
4948 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4949 * samba4 torture test.
4951 status
= NT_STATUS_DOS(ERRDOS
, ERRnoaccess
);
4954 reply_nterror(req
, status
);
4955 END_PROFILE(SMBmkdir
);
4959 reply_outbuf(req
, 0, 0);
4961 DEBUG( 3, ( "mkdir %s\n", directory
) );
4963 END_PROFILE(SMBmkdir
);
4967 /****************************************************************************
4968 Static function used by reply_rmdir to delete an entire directory
4969 tree recursively. Return True on ok, False on fail.
4970 ****************************************************************************/
4972 static bool recursive_rmdir(TALLOC_CTX
*ctx
,
4973 connection_struct
*conn
,
4976 const char *dname
= NULL
;
4979 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
, directory
,
4985 while((dname
= ReadDirName(dir_hnd
, &offset
))) {
4986 char *fullname
= NULL
;
4989 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
4993 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
4997 /* Construct the full name. */
4998 fullname
= talloc_asprintf(ctx
,
5008 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5013 if(st
.st_mode
& S_IFDIR
) {
5014 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
5018 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5022 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5026 TALLOC_FREE(fullname
);
5028 TALLOC_FREE(dir_hnd
);
5032 /****************************************************************************
5033 The internals of the rmdir code - called elsewhere.
5034 ****************************************************************************/
5036 NTSTATUS
rmdir_internals(TALLOC_CTX
*ctx
,
5037 connection_struct
*conn
,
5038 const char *directory
)
5043 /* Might be a symlink. */
5044 if(SMB_VFS_LSTAT(conn
, directory
, &st
) != 0) {
5045 return map_nt_error_from_unix(errno
);
5048 if (S_ISLNK(st
.st_mode
)) {
5049 /* Is what it points to a directory ? */
5050 if(SMB_VFS_STAT(conn
, directory
, &st
) != 0) {
5051 return map_nt_error_from_unix(errno
);
5053 if (!(S_ISDIR(st
.st_mode
))) {
5054 return NT_STATUS_NOT_A_DIRECTORY
;
5056 ret
= SMB_VFS_UNLINK(conn
,directory
);
5058 ret
= SMB_VFS_RMDIR(conn
,directory
);
5061 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5062 FILE_NOTIFY_CHANGE_DIR_NAME
,
5064 return NT_STATUS_OK
;
5067 if(((errno
== ENOTEMPTY
)||(errno
== EEXIST
)) && lp_veto_files(SNUM(conn
))) {
5069 * Check to see if the only thing in this directory are
5070 * vetoed files/directories. If so then delete them and
5071 * retry. If we fail to delete any of them (and we *don't*
5072 * do a recursive delete) then fail the rmdir.
5076 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
,
5077 directory
, NULL
, 0);
5079 if(dir_hnd
== NULL
) {
5084 while ((dname
= ReadDirName(dir_hnd
,&dirpos
))) {
5085 if((strcmp(dname
, ".") == 0) || (strcmp(dname
, "..")==0))
5087 if (!is_visible_file(conn
, directory
, dname
, &st
, False
))
5089 if(!IS_VETO_PATH(conn
, dname
)) {
5090 TALLOC_FREE(dir_hnd
);
5096 /* We only have veto files/directories.
5097 * Are we allowed to delete them ? */
5099 if(!lp_recursive_veto_delete(SNUM(conn
))) {
5100 TALLOC_FREE(dir_hnd
);
5105 /* Do a recursive delete. */
5106 RewindDir(dir_hnd
,&dirpos
);
5107 while ((dname
= ReadDirName(dir_hnd
,&dirpos
))) {
5108 char *fullname
= NULL
;
5110 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5113 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
5117 fullname
= talloc_asprintf(ctx
,
5127 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5130 if(st
.st_mode
& S_IFDIR
) {
5131 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
5134 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5137 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5140 TALLOC_FREE(fullname
);
5142 TALLOC_FREE(dir_hnd
);
5143 /* Retry the rmdir */
5144 ret
= SMB_VFS_RMDIR(conn
,directory
);
5150 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5151 "%s\n", directory
,strerror(errno
)));
5152 return map_nt_error_from_unix(errno
);
5155 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5156 FILE_NOTIFY_CHANGE_DIR_NAME
,
5159 return NT_STATUS_OK
;
5162 /****************************************************************************
5164 ****************************************************************************/
5166 void reply_rmdir(struct smb_request
*req
)
5168 connection_struct
*conn
= req
->conn
;
5169 char *directory
= NULL
;
5170 SMB_STRUCT_STAT sbuf
;
5172 TALLOC_CTX
*ctx
= talloc_tos();
5174 START_PROFILE(SMBrmdir
);
5176 srvstr_get_path(ctx
, (char *)req
->inbuf
, req
->flags2
, &directory
,
5177 smb_buf(req
->inbuf
) + 1, 0,
5178 STR_TERMINATE
, &status
);
5179 if (!NT_STATUS_IS_OK(status
)) {
5180 reply_nterror(req
, status
);
5181 END_PROFILE(SMBrmdir
);
5185 status
= resolve_dfspath(ctx
, conn
,
5186 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5189 if (!NT_STATUS_IS_OK(status
)) {
5190 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5191 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5192 ERRSRV
, ERRbadpath
);
5193 END_PROFILE(SMBrmdir
);
5196 reply_nterror(req
, status
);
5197 END_PROFILE(SMBrmdir
);
5201 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
,
5203 if (!NT_STATUS_IS_OK(status
)) {
5204 reply_nterror(req
, status
);
5205 END_PROFILE(SMBrmdir
);
5209 status
= check_name(conn
, directory
);
5210 if (!NT_STATUS_IS_OK(status
)) {
5211 reply_nterror(req
, status
);
5212 END_PROFILE(SMBrmdir
);
5216 dptr_closepath(directory
, req
->smbpid
);
5217 status
= rmdir_internals(ctx
, conn
, directory
);
5218 if (!NT_STATUS_IS_OK(status
)) {
5219 reply_nterror(req
, status
);
5220 END_PROFILE(SMBrmdir
);
5224 reply_outbuf(req
, 0, 0);
5226 DEBUG( 3, ( "rmdir %s\n", directory
) );
5228 END_PROFILE(SMBrmdir
);
5232 /*******************************************************************
5233 Resolve wildcards in a filename rename.
5234 ********************************************************************/
5236 static bool resolve_wildcards(TALLOC_CTX
*ctx
,
5241 char *name2_copy
= NULL
;
5246 char *p
,*p2
, *pname1
, *pname2
;
5248 name2_copy
= talloc_strdup(ctx
, name2
);
5253 pname1
= strrchr_m(name1
,'/');
5254 pname2
= strrchr_m(name2_copy
,'/');
5256 if (!pname1
|| !pname2
) {
5260 /* Truncate the copy of name2 at the last '/' */
5263 /* Now go past the '/' */
5267 root1
= talloc_strdup(ctx
, pname1
);
5268 root2
= talloc_strdup(ctx
, pname2
);
5270 if (!root1
|| !root2
) {
5274 p
= strrchr_m(root1
,'.');
5277 ext1
= talloc_strdup(ctx
, p
+1);
5279 ext1
= talloc_strdup(ctx
, "");
5281 p
= strrchr_m(root2
,'.');
5284 ext2
= talloc_strdup(ctx
, p
+1);
5286 ext2
= talloc_strdup(ctx
, "");
5289 if (!ext1
|| !ext2
) {
5297 /* Hmmm. Should this be mb-aware ? */
5300 } else if (*p2
== '*') {
5302 root2
= talloc_asprintf(ctx
, "%s%s",
5321 /* Hmmm. Should this be mb-aware ? */
5324 } else if (*p2
== '*') {
5326 ext2
= talloc_asprintf(ctx
, "%s%s",
5342 *pp_newname
= talloc_asprintf(ctx
, "%s/%s.%s",
5347 *pp_newname
= talloc_asprintf(ctx
, "%s/%s",
5359 /****************************************************************************
5360 Ensure open files have their names updated. Updated to notify other smbd's
5362 ****************************************************************************/
5364 static void rename_open_files(connection_struct
*conn
,
5365 struct share_mode_lock
*lck
,
5366 const char *newname
)
5369 bool did_rename
= False
;
5371 for(fsp
= file_find_di_first(lck
->id
); fsp
;
5372 fsp
= file_find_di_next(fsp
)) {
5373 /* fsp_name is a relative path under the fsp. To change this for other
5374 sharepaths we need to manipulate relative paths. */
5375 /* TODO - create the absolute path and manipulate the newname
5376 relative to the sharepath. */
5377 if (!strequal(fsp
->conn
->connectpath
, conn
->connectpath
)) {
5380 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5381 fsp
->fnum
, file_id_string_tos(&fsp
->file_id
),
5382 fsp
->fsp_name
, newname
));
5383 string_set(&fsp
->fsp_name
, newname
);
5388 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5389 file_id_string_tos(&lck
->id
), newname
));
5392 /* Send messages to all smbd's (not ourself) that the name has changed. */
5393 rename_share_filename(smbd_messaging_context(), lck
, conn
->connectpath
,
5397 /****************************************************************************
5398 We need to check if the source path is a parent directory of the destination
5399 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5400 refuse the rename with a sharing violation. Under UNIX the above call can
5401 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5402 probably need to check that the client is a Windows one before disallowing
5403 this as a UNIX client (one with UNIX extensions) can know the source is a
5404 symlink and make this decision intelligently. Found by an excellent bug
5405 report from <AndyLiebman@aol.com>.
5406 ****************************************************************************/
5408 static bool rename_path_prefix_equal(const char *src
, const char *dest
)
5410 const char *psrc
= src
;
5411 const char *pdst
= dest
;
5414 if (psrc
[0] == '.' && psrc
[1] == '/') {
5417 if (pdst
[0] == '.' && pdst
[1] == '/') {
5420 if ((slen
= strlen(psrc
)) > strlen(pdst
)) {
5423 return ((memcmp(psrc
, pdst
, slen
) == 0) && pdst
[slen
] == '/');
5427 * Do the notify calls from a rename
5430 static void notify_rename(connection_struct
*conn
, bool is_dir
,
5431 const char *oldpath
, const char *newpath
)
5433 char *olddir
, *newdir
;
5434 const char *oldname
, *newname
;
5437 mask
= is_dir
? FILE_NOTIFY_CHANGE_DIR_NAME
5438 : FILE_NOTIFY_CHANGE_FILE_NAME
;
5440 if (!parent_dirname_talloc(NULL
, oldpath
, &olddir
, &oldname
)
5441 || !parent_dirname_talloc(NULL
, newpath
, &newdir
, &newname
)) {
5442 TALLOC_FREE(olddir
);
5446 if (strcmp(olddir
, newdir
) == 0) {
5447 notify_fname(conn
, NOTIFY_ACTION_OLD_NAME
, mask
, oldpath
);
5448 notify_fname(conn
, NOTIFY_ACTION_NEW_NAME
, mask
, newpath
);
5451 notify_fname(conn
, NOTIFY_ACTION_REMOVED
, mask
, oldpath
);
5452 notify_fname(conn
, NOTIFY_ACTION_ADDED
, mask
, newpath
);
5454 TALLOC_FREE(olddir
);
5455 TALLOC_FREE(newdir
);
5457 /* this is a strange one. w2k3 gives an additional event for
5458 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5459 files, but not directories */
5461 notify_fname(conn
, NOTIFY_ACTION_MODIFIED
,
5462 FILE_NOTIFY_CHANGE_ATTRIBUTES
5463 |FILE_NOTIFY_CHANGE_CREATION
,
5468 /****************************************************************************
5469 Rename an open file - given an fsp.
5470 ****************************************************************************/
5472 NTSTATUS
rename_internals_fsp(connection_struct
*conn
,
5475 const char *newname_last_component
,
5477 bool replace_if_exists
)
5479 TALLOC_CTX
*ctx
= talloc_tos();
5480 SMB_STRUCT_STAT sbuf
, sbuf1
;
5481 NTSTATUS status
= NT_STATUS_OK
;
5482 struct share_mode_lock
*lck
= NULL
;
5487 status
= check_name(conn
, newname
);
5488 if (!NT_STATUS_IS_OK(status
)) {
5492 /* Ensure newname contains a '/' */
5493 if(strrchr_m(newname
,'/') == 0) {
5494 newname
= talloc_asprintf(ctx
,
5498 return NT_STATUS_NO_MEMORY
;
5503 * Check for special case with case preserving and not
5504 * case sensitive. If the old last component differs from the original
5505 * last component only by case, then we should allow
5506 * the rename (user is trying to change the case of the
5510 if((conn
->case_sensitive
== False
) && (conn
->case_preserve
== True
) &&
5511 strequal(newname
, fsp
->fsp_name
)) {
5513 char *newname_modified_last_component
= NULL
;
5516 * Get the last component of the modified name.
5517 * Note that we guarantee that newname contains a '/'
5520 p
= strrchr_m(newname
,'/');
5521 newname_modified_last_component
= talloc_strdup(ctx
,
5523 if (!newname_modified_last_component
) {
5524 return NT_STATUS_NO_MEMORY
;
5527 if(strcsequal(newname_modified_last_component
,
5528 newname_last_component
) == False
) {
5530 * Replace the modified last component with
5533 *p
= '\0'; /* Truncate at the '/' */
5534 newname
= talloc_asprintf(ctx
,
5537 newname_last_component
);
5542 * If the src and dest names are identical - including case,
5543 * don't do the rename, just return success.
5546 if (strcsequal(fsp
->fsp_name
, newname
)) {
5547 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5549 return NT_STATUS_OK
;
5553 * Have vfs_object_exist also fill sbuf1
5555 dst_exists
= vfs_object_exist(conn
, newname
, &sbuf1
);
5557 if(!replace_if_exists
&& dst_exists
) {
5558 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5559 fsp
->fsp_name
,newname
));
5560 return NT_STATUS_OBJECT_NAME_COLLISION
;
5563 if(replace_if_exists
&& dst_exists
) {
5564 /* Ensure both or neither are stream names. */
5565 if (is_ntfs_stream_name(fsp
->fsp_name
) !=
5566 is_ntfs_stream_name(newname
)) {
5567 return NT_STATUS_INVALID_PARAMETER
;
5572 struct file_id fileid
= vfs_file_id_from_sbuf(conn
, &sbuf1
);
5573 files_struct
*dst_fsp
= file_find_di_first(fileid
);
5575 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5576 return NT_STATUS_ACCESS_DENIED
;
5580 /* Ensure we have a valid stat struct for the source. */
5581 if (fsp
->fh
->fd
!= -1) {
5582 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
5583 return map_nt_error_from_unix(errno
);
5586 if (SMB_VFS_STAT(conn
,fsp
->fsp_name
,&sbuf
) == -1) {
5587 return map_nt_error_from_unix(errno
);
5591 status
= can_rename(conn
, fsp
, attrs
, &sbuf
);
5593 if (!NT_STATUS_IS_OK(status
)) {
5594 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5595 nt_errstr(status
), fsp
->fsp_name
,newname
));
5596 if (NT_STATUS_EQUAL(status
,NT_STATUS_SHARING_VIOLATION
))
5597 status
= NT_STATUS_ACCESS_DENIED
;
5601 if (rename_path_prefix_equal(fsp
->fsp_name
, newname
)) {
5602 return NT_STATUS_ACCESS_DENIED
;
5605 lck
= get_share_mode_lock(talloc_tos(), fsp
->file_id
, NULL
, NULL
,
5609 * We have the file open ourselves, so not being able to get the
5610 * corresponding share mode lock is a fatal error.
5613 SMB_ASSERT(lck
!= NULL
);
5615 if(SMB_VFS_RENAME(conn
,fsp
->fsp_name
, newname
) == 0) {
5616 uint32 create_options
= fsp
->fh
->private_options
;
5618 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5619 fsp
->fsp_name
,newname
));
5621 notify_rename(conn
, fsp
->is_directory
, fsp
->fsp_name
, newname
);
5623 rename_open_files(conn
, lck
, newname
);
5626 * A rename acts as a new file create w.r.t. allowing an initial delete
5627 * on close, probably because in Windows there is a new handle to the
5628 * new file. If initial delete on close was requested but not
5629 * originally set, we need to set it here. This is probably not 100% correct,
5630 * but will work for the CIFSFS client which in non-posix mode
5631 * depends on these semantics. JRA.
5634 set_allow_initial_delete_on_close(lck
, fsp
, True
);
5636 if (create_options
& FILE_DELETE_ON_CLOSE
) {
5637 status
= can_set_delete_on_close(fsp
, True
, 0);
5639 if (NT_STATUS_IS_OK(status
)) {
5640 /* Note that here we set the *inital* delete on close flag,
5641 * not the regular one. The magic gets handled in close. */
5642 fsp
->initial_delete_on_close
= True
;
5646 return NT_STATUS_OK
;
5651 if (errno
== ENOTDIR
|| errno
== EISDIR
) {
5652 status
= NT_STATUS_OBJECT_NAME_COLLISION
;
5654 status
= map_nt_error_from_unix(errno
);
5657 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5658 nt_errstr(status
), fsp
->fsp_name
,newname
));
5663 /****************************************************************************
5664 The guts of the rename command, split out so it may be called by the NT SMB
5666 ****************************************************************************/
5668 NTSTATUS
rename_internals(TALLOC_CTX
*ctx
,
5669 connection_struct
*conn
,
5670 struct smb_request
*req
,
5671 const char *name_in
,
5672 const char *newname_in
,
5674 bool replace_if_exists
,
5677 uint32_t access_mask
)
5679 char *directory
= NULL
;
5681 char *last_component_src
= NULL
;
5682 char *last_component_dest
= NULL
;
5684 char *newname
= NULL
;
5687 NTSTATUS status
= NT_STATUS_OK
;
5688 SMB_STRUCT_STAT sbuf1
, sbuf2
;
5689 struct smb_Dir
*dir_hnd
= NULL
;
5696 status
= unix_convert(ctx
, conn
, name_in
, src_has_wild
, &name
,
5697 &last_component_src
, &sbuf1
);
5698 if (!NT_STATUS_IS_OK(status
)) {
5702 status
= unix_convert(ctx
, conn
, newname_in
, dest_has_wild
, &newname
,
5703 &last_component_dest
, &sbuf2
);
5704 if (!NT_STATUS_IS_OK(status
)) {
5709 * Split the old name into directory and last component
5710 * strings. Note that unix_convert may have stripped off a
5711 * leading ./ from both name and newname if the rename is
5712 * at the root of the share. We need to make sure either both
5713 * name and newname contain a / character or neither of them do
5714 * as this is checked in resolve_wildcards().
5717 p
= strrchr_m(name
,'/');
5719 directory
= talloc_strdup(ctx
, ".");
5721 return NT_STATUS_NO_MEMORY
;
5726 directory
= talloc_strdup(ctx
, name
);
5728 return NT_STATUS_NO_MEMORY
;
5731 *p
= '/'; /* Replace needed for exceptional test below. */
5735 * We should only check the mangled cache
5736 * here if unix_convert failed. This means
5737 * that the path in 'mask' doesn't exist
5738 * on the file system and so we need to look
5739 * for a possible mangle. This patch from
5740 * Tine Smukavec <valentin.smukavec@hermes.si>.
5743 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
5744 char *new_mask
= NULL
;
5745 mangle_lookup_name_from_8_3(ctx
,
5754 if (!src_has_wild
) {
5758 * No wildcards - just process the one file.
5760 bool is_short_name
= mangle_is_8_3(name
, True
, conn
->params
);
5762 /* Add a terminating '/' to the directory name. */
5763 directory
= talloc_asprintf_append(directory
,
5767 return NT_STATUS_NO_MEMORY
;
5770 /* Ensure newname contains a '/' also */
5771 if(strrchr_m(newname
,'/') == 0) {
5772 newname
= talloc_asprintf(ctx
,
5776 return NT_STATUS_NO_MEMORY
;
5780 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5781 "case_preserve = %d, short case preserve = %d, "
5782 "directory = %s, newname = %s, "
5783 "last_component_dest = %s, is_8_3 = %d\n",
5784 conn
->case_sensitive
, conn
->case_preserve
,
5785 conn
->short_case_preserve
, directory
,
5786 newname
, last_component_dest
, is_short_name
));
5788 /* The dest name still may have wildcards. */
5789 if (dest_has_wild
) {
5790 char *mod_newname
= NULL
;
5791 if (!resolve_wildcards(ctx
,
5792 directory
,newname
,&mod_newname
)) {
5793 DEBUG(6, ("rename_internals: resolve_wildcards "
5797 return NT_STATUS_NO_MEMORY
;
5799 newname
= mod_newname
;
5803 SMB_VFS_STAT(conn
, directory
, &sbuf1
);
5805 status
= S_ISDIR(sbuf1
.st_mode
) ?
5806 open_directory(conn
, req
, directory
, &sbuf1
,
5808 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5809 FILE_OPEN
, 0, 0, NULL
,
5811 : open_file_ntcreate(conn
, req
, directory
, &sbuf1
,
5813 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5814 FILE_OPEN
, 0, 0, 0, NULL
,
5817 if (!NT_STATUS_IS_OK(status
)) {
5818 DEBUG(3, ("Could not open rename source %s: %s\n",
5819 directory
, nt_errstr(status
)));
5823 status
= rename_internals_fsp(conn
, fsp
, newname
,
5824 last_component_dest
,
5825 attrs
, replace_if_exists
);
5827 close_file(fsp
, NORMAL_CLOSE
);
5829 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5830 nt_errstr(status
), directory
,newname
));
5836 * Wildcards - process each file that matches.
5838 if (strequal(mask
,"????????.???")) {
5843 status
= check_name(conn
, directory
);
5844 if (!NT_STATUS_IS_OK(status
)) {
5848 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, attrs
);
5849 if (dir_hnd
== NULL
) {
5850 return map_nt_error_from_unix(errno
);
5853 status
= NT_STATUS_NO_SUCH_FILE
;
5855 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5856 * - gentest fix. JRA
5859 while ((dname
= ReadDirName(dir_hnd
, &offset
))) {
5860 files_struct
*fsp
= NULL
;
5862 char *destname
= NULL
;
5863 bool sysdir_entry
= False
;
5865 /* Quick check for "." and ".." */
5866 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5868 sysdir_entry
= True
;
5874 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
5878 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
5883 status
= NT_STATUS_OBJECT_NAME_INVALID
;
5887 fname
= talloc_asprintf(ctx
,
5892 return NT_STATUS_NO_MEMORY
;
5895 if (!resolve_wildcards(ctx
,
5896 fname
,newname
,&destname
)) {
5897 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5903 return NT_STATUS_NO_MEMORY
;
5907 SMB_VFS_STAT(conn
, fname
, &sbuf1
);
5909 status
= S_ISDIR(sbuf1
.st_mode
) ?
5910 open_directory(conn
, req
, fname
, &sbuf1
,
5912 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5913 FILE_OPEN
, 0, 0, NULL
,
5915 : open_file_ntcreate(conn
, req
, fname
, &sbuf1
,
5917 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
5918 FILE_OPEN
, 0, 0, 0, NULL
,
5921 if (!NT_STATUS_IS_OK(status
)) {
5922 DEBUG(3,("rename_internals: open_file_ntcreate "
5923 "returned %s rename %s -> %s\n",
5924 nt_errstr(status
), directory
, newname
));
5928 status
= rename_internals_fsp(conn
, fsp
, destname
, dname
,
5929 attrs
, replace_if_exists
);
5931 close_file(fsp
, NORMAL_CLOSE
);
5933 if (!NT_STATUS_IS_OK(status
)) {
5934 DEBUG(3, ("rename_internals_fsp returned %s for "
5935 "rename %s -> %s\n", nt_errstr(status
),
5936 directory
, newname
));
5942 DEBUG(3,("rename_internals: doing rename on %s -> "
5943 "%s\n",fname
,destname
));
5946 TALLOC_FREE(destname
);
5948 TALLOC_FREE(dir_hnd
);
5950 if (count
== 0 && NT_STATUS_IS_OK(status
) && errno
!= 0) {
5951 status
= map_nt_error_from_unix(errno
);
5957 /****************************************************************************
5959 ****************************************************************************/
5961 void reply_mv(struct smb_request
*req
)
5963 connection_struct
*conn
= req
->conn
;
5965 char *newname
= NULL
;
5969 bool src_has_wcard
= False
;
5970 bool dest_has_wcard
= False
;
5971 TALLOC_CTX
*ctx
= talloc_tos();
5973 START_PROFILE(SMBmv
);
5976 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
5981 attrs
= SVAL(req
->inbuf
,smb_vwv0
);
5983 p
= smb_buf(req
->inbuf
) + 1;
5984 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &name
, p
,
5985 0, STR_TERMINATE
, &status
,
5987 if (!NT_STATUS_IS_OK(status
)) {
5988 reply_nterror(req
, status
);
5993 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &newname
, p
,
5994 0, STR_TERMINATE
, &status
,
5996 if (!NT_STATUS_IS_OK(status
)) {
5997 reply_nterror(req
, status
);
6002 status
= resolve_dfspath_wcard(ctx
, conn
,
6003 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6007 if (!NT_STATUS_IS_OK(status
)) {
6008 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6009 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6010 ERRSRV
, ERRbadpath
);
6014 reply_nterror(req
, status
);
6019 status
= resolve_dfspath_wcard(ctx
, conn
,
6020 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6024 if (!NT_STATUS_IS_OK(status
)) {
6025 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6026 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6027 ERRSRV
, ERRbadpath
);
6031 reply_nterror(req
, status
);
6036 DEBUG(3,("reply_mv : %s -> %s\n",name
,newname
));
6038 status
= rename_internals(ctx
, conn
, req
, name
, newname
, attrs
, False
,
6039 src_has_wcard
, dest_has_wcard
, DELETE_ACCESS
);
6040 if (!NT_STATUS_IS_OK(status
)) {
6041 if (open_was_deferred(req
->mid
)) {
6042 /* We have re-scheduled this call. */
6046 reply_nterror(req
, status
);
6051 reply_outbuf(req
, 0, 0);
6057 /*******************************************************************
6058 Copy a file as part of a reply_copy.
6059 ******************************************************************/
6062 * TODO: check error codes on all callers
6065 NTSTATUS
copy_file(TALLOC_CTX
*ctx
,
6066 connection_struct
*conn
,
6071 bool target_is_directory
)
6073 SMB_STRUCT_STAT src_sbuf
, sbuf2
;
6075 files_struct
*fsp1
,*fsp2
;
6078 uint32 new_create_disposition
;
6081 dest
= talloc_strdup(ctx
, dest1
);
6083 return NT_STATUS_NO_MEMORY
;
6085 if (target_is_directory
) {
6086 const char *p
= strrchr_m(src
,'/');
6092 dest
= talloc_asprintf_append(dest
,
6096 return NT_STATUS_NO_MEMORY
;
6100 if (!vfs_file_exist(conn
,src
,&src_sbuf
)) {
6102 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
6105 if (!target_is_directory
&& count
) {
6106 new_create_disposition
= FILE_OPEN
;
6108 if (!map_open_params_to_ntcreate(dest1
,0,ofun
,
6109 NULL
, NULL
, &new_create_disposition
, NULL
)) {
6111 return NT_STATUS_INVALID_PARAMETER
;
6115 status
= open_file_ntcreate(conn
, NULL
, src
, &src_sbuf
,
6117 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
6120 FILE_ATTRIBUTE_NORMAL
,
6124 if (!NT_STATUS_IS_OK(status
)) {
6129 dosattrs
= dos_mode(conn
, src
, &src_sbuf
);
6130 if (SMB_VFS_STAT(conn
,dest
,&sbuf2
) == -1) {
6131 ZERO_STRUCTP(&sbuf2
);
6134 status
= open_file_ntcreate(conn
, NULL
, dest
, &sbuf2
,
6136 FILE_SHARE_READ
|FILE_SHARE_WRITE
,
6137 new_create_disposition
,
6145 if (!NT_STATUS_IS_OK(status
)) {
6146 close_file(fsp1
,ERROR_CLOSE
);
6150 if ((ofun
&3) == 1) {
6151 if(SMB_VFS_LSEEK(fsp2
,0,SEEK_END
) == -1) {
6152 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno
) ));
6154 * Stop the copy from occurring.
6157 src_sbuf
.st_size
= 0;
6161 if (src_sbuf
.st_size
) {
6162 ret
= vfs_transfer_file(fsp1
, fsp2
, src_sbuf
.st_size
);
6165 close_file(fsp1
,NORMAL_CLOSE
);
6167 /* Ensure the modtime is set correctly on the destination file. */
6168 set_close_write_time(fsp2
, get_mtimespec(&src_sbuf
));
6171 * As we are opening fsp1 read-only we only expect
6172 * an error on close on fsp2 if we are out of space.
6173 * Thus we don't look at the error return from the
6176 status
= close_file(fsp2
,NORMAL_CLOSE
);
6178 if (!NT_STATUS_IS_OK(status
)) {
6182 if (ret
!= (SMB_OFF_T
)src_sbuf
.st_size
) {
6183 return NT_STATUS_DISK_FULL
;
6186 return NT_STATUS_OK
;
6189 /****************************************************************************
6190 Reply to a file copy.
6191 ****************************************************************************/
6193 void reply_copy(struct smb_request
*req
)
6195 connection_struct
*conn
= req
->conn
;
6197 char *newname
= NULL
;
6198 char *directory
= NULL
;
6202 int error
= ERRnoaccess
;
6207 bool target_is_directory
=False
;
6208 bool source_has_wild
= False
;
6209 bool dest_has_wild
= False
;
6210 SMB_STRUCT_STAT sbuf1
, sbuf2
;
6212 TALLOC_CTX
*ctx
= talloc_tos();
6214 START_PROFILE(SMBcopy
);
6217 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6218 END_PROFILE(SMBcopy
);
6222 tid2
= SVAL(req
->inbuf
,smb_vwv0
);
6223 ofun
= SVAL(req
->inbuf
,smb_vwv1
);
6224 flags
= SVAL(req
->inbuf
,smb_vwv2
);
6226 p
= smb_buf(req
->inbuf
);
6227 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &name
, p
,
6228 0, STR_TERMINATE
, &status
,
6230 if (!NT_STATUS_IS_OK(status
)) {
6231 reply_nterror(req
, status
);
6232 END_PROFILE(SMBcopy
);
6235 p
+= srvstr_get_path_wcard(ctx
, (char *)req
->inbuf
, req
->flags2
, &newname
, p
,
6236 0, STR_TERMINATE
, &status
,
6238 if (!NT_STATUS_IS_OK(status
)) {
6239 reply_nterror(req
, status
);
6240 END_PROFILE(SMBcopy
);
6244 DEBUG(3,("reply_copy : %s -> %s\n",name
,newname
));
6246 if (tid2
!= conn
->cnum
) {
6247 /* can't currently handle inter share copies XXXX */
6248 DEBUG(3,("Rejecting inter-share copy\n"));
6249 reply_doserror(req
, ERRSRV
, ERRinvdevice
);
6250 END_PROFILE(SMBcopy
);
6254 status
= resolve_dfspath_wcard(ctx
, conn
,
6255 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6259 if (!NT_STATUS_IS_OK(status
)) {
6260 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6261 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6262 ERRSRV
, ERRbadpath
);
6263 END_PROFILE(SMBcopy
);
6266 reply_nterror(req
, status
);
6267 END_PROFILE(SMBcopy
);
6271 status
= resolve_dfspath_wcard(ctx
, conn
,
6272 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6276 if (!NT_STATUS_IS_OK(status
)) {
6277 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6278 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6279 ERRSRV
, ERRbadpath
);
6280 END_PROFILE(SMBcopy
);
6283 reply_nterror(req
, status
);
6284 END_PROFILE(SMBcopy
);
6288 status
= unix_convert(ctx
, conn
, name
, source_has_wild
,
6289 &name
, NULL
, &sbuf1
);
6290 if (!NT_STATUS_IS_OK(status
)) {
6291 reply_nterror(req
, status
);
6292 END_PROFILE(SMBcopy
);
6296 status
= unix_convert(ctx
, conn
, newname
, dest_has_wild
,
6297 &newname
, NULL
, &sbuf2
);
6298 if (!NT_STATUS_IS_OK(status
)) {
6299 reply_nterror(req
, status
);
6300 END_PROFILE(SMBcopy
);
6304 target_is_directory
= VALID_STAT_OF_DIR(sbuf2
);
6306 if ((flags
&1) && target_is_directory
) {
6307 reply_doserror(req
, ERRDOS
, ERRbadfile
);
6308 END_PROFILE(SMBcopy
);
6312 if ((flags
&2) && !target_is_directory
) {
6313 reply_doserror(req
, ERRDOS
, ERRbadpath
);
6314 END_PROFILE(SMBcopy
);
6318 if ((flags
&(1<<5)) && VALID_STAT_OF_DIR(sbuf1
)) {
6319 /* wants a tree copy! XXXX */
6320 DEBUG(3,("Rejecting tree copy\n"));
6321 reply_doserror(req
, ERRSRV
, ERRerror
);
6322 END_PROFILE(SMBcopy
);
6326 p
= strrchr_m(name
,'/');
6328 directory
= talloc_strdup(ctx
, "./");
6330 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6331 END_PROFILE(SMBcopy
);
6337 directory
= talloc_strdup(ctx
, name
);
6339 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6340 END_PROFILE(SMBcopy
);
6347 * We should only check the mangled cache
6348 * here if unix_convert failed. This means
6349 * that the path in 'mask' doesn't exist
6350 * on the file system and so we need to look
6351 * for a possible mangle. This patch from
6352 * Tine Smukavec <valentin.smukavec@hermes.si>.
6355 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
6356 char *new_mask
= NULL
;
6357 mangle_lookup_name_from_8_3(ctx
,
6366 if (!source_has_wild
) {
6367 directory
= talloc_asprintf_append(directory
,
6370 if (dest_has_wild
) {
6371 char *mod_newname
= NULL
;
6372 if (!resolve_wildcards(ctx
,
6373 directory
,newname
,&mod_newname
)) {
6374 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6375 END_PROFILE(SMBcopy
);
6378 newname
= mod_newname
;
6381 status
= check_name(conn
, directory
);
6382 if (!NT_STATUS_IS_OK(status
)) {
6383 reply_nterror(req
, status
);
6384 END_PROFILE(SMBcopy
);
6388 status
= check_name(conn
, newname
);
6389 if (!NT_STATUS_IS_OK(status
)) {
6390 reply_nterror(req
, status
);
6391 END_PROFILE(SMBcopy
);
6395 status
= copy_file(ctx
,conn
,directory
,newname
,ofun
,
6396 count
,target_is_directory
);
6398 if(!NT_STATUS_IS_OK(status
)) {
6399 reply_nterror(req
, status
);
6400 END_PROFILE(SMBcopy
);
6406 struct smb_Dir
*dir_hnd
= NULL
;
6407 const char *dname
= NULL
;
6410 if (strequal(mask
,"????????.???")) {
6415 status
= check_name(conn
, directory
);
6416 if (!NT_STATUS_IS_OK(status
)) {
6417 reply_nterror(req
, status
);
6418 END_PROFILE(SMBcopy
);
6422 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, 0);
6423 if (dir_hnd
== NULL
) {
6424 status
= map_nt_error_from_unix(errno
);
6425 reply_nterror(req
, status
);
6426 END_PROFILE(SMBcopy
);
6432 while ((dname
= ReadDirName(dir_hnd
, &offset
))) {
6433 char *destname
= NULL
;
6436 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
6440 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
6444 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
6448 error
= ERRnoaccess
;
6449 fname
= talloc_asprintf(ctx
,
6454 TALLOC_FREE(dir_hnd
);
6455 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6456 END_PROFILE(SMBcopy
);
6460 if (!resolve_wildcards(ctx
,
6461 fname
,newname
,&destname
)) {
6465 TALLOC_FREE(dir_hnd
);
6466 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6467 END_PROFILE(SMBcopy
);
6471 status
= check_name(conn
, fname
);
6472 if (!NT_STATUS_IS_OK(status
)) {
6473 TALLOC_FREE(dir_hnd
);
6474 reply_nterror(req
, status
);
6475 END_PROFILE(SMBcopy
);
6479 status
= check_name(conn
, destname
);
6480 if (!NT_STATUS_IS_OK(status
)) {
6481 TALLOC_FREE(dir_hnd
);
6482 reply_nterror(req
, status
);
6483 END_PROFILE(SMBcopy
);
6487 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname
, destname
));
6489 status
= copy_file(ctx
,conn
,fname
,destname
,ofun
,
6490 count
,target_is_directory
);
6491 if (NT_STATUS_IS_OK(status
)) {
6495 TALLOC_FREE(destname
);
6497 TALLOC_FREE(dir_hnd
);
6502 /* Error on close... */
6504 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
6505 END_PROFILE(SMBcopy
);
6509 reply_doserror(req
, ERRDOS
, error
);
6510 END_PROFILE(SMBcopy
);
6514 reply_outbuf(req
, 1, 0);
6515 SSVAL(req
->outbuf
,smb_vwv0
,count
);
6517 END_PROFILE(SMBcopy
);
6522 #define DBGC_CLASS DBGC_LOCKING
6524 /****************************************************************************
6525 Get a lock pid, dealing with large count requests.
6526 ****************************************************************************/
6528 uint32
get_lock_pid( char *data
, int data_offset
, bool large_file_format
)
6530 if(!large_file_format
)
6531 return (uint32
)SVAL(data
,SMB_LPID_OFFSET(data_offset
));
6533 return (uint32
)SVAL(data
,SMB_LARGE_LPID_OFFSET(data_offset
));
6536 /****************************************************************************
6537 Get a lock count, dealing with large count requests.
6538 ****************************************************************************/
6540 SMB_BIG_UINT
get_lock_count( char *data
, int data_offset
, bool large_file_format
)
6542 SMB_BIG_UINT count
= 0;
6544 if(!large_file_format
) {
6545 count
= (SMB_BIG_UINT
)IVAL(data
,SMB_LKLEN_OFFSET(data_offset
));
6548 #if defined(HAVE_LONGLONG)
6549 count
= (((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
))) << 32) |
6550 ((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)));
6551 #else /* HAVE_LONGLONG */
6554 * NT4.x seems to be broken in that it sends large file (64 bit)
6555 * lockingX calls even if the CAP_LARGE_FILES was *not*
6556 * negotiated. For boxes without large unsigned ints truncate the
6557 * lock count by dropping the top 32 bits.
6560 if(IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)) != 0) {
6561 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6562 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)),
6563 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)) ));
6564 SIVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
),0);
6567 count
= (SMB_BIG_UINT
)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
));
6568 #endif /* HAVE_LONGLONG */
6574 #if !defined(HAVE_LONGLONG)
6575 /****************************************************************************
6576 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6577 ****************************************************************************/
6579 static uint32
map_lock_offset(uint32 high
, uint32 low
)
6583 uint32 highcopy
= high
;
6586 * Try and find out how many significant bits there are in high.
6589 for(i
= 0; highcopy
; i
++)
6593 * We use 31 bits not 32 here as POSIX
6594 * lock offsets may not be negative.
6597 mask
= (~0) << (31 - i
);
6600 return 0; /* Fail. */
6606 #endif /* !defined(HAVE_LONGLONG) */
6608 /****************************************************************************
6609 Get a lock offset, dealing with large offset requests.
6610 ****************************************************************************/
6612 SMB_BIG_UINT
get_lock_offset( char *data
, int data_offset
, bool large_file_format
, bool *err
)
6614 SMB_BIG_UINT offset
= 0;
6618 if(!large_file_format
) {
6619 offset
= (SMB_BIG_UINT
)IVAL(data
,SMB_LKOFF_OFFSET(data_offset
));
6622 #if defined(HAVE_LONGLONG)
6623 offset
= (((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
))) << 32) |
6624 ((SMB_BIG_UINT
) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
)));
6625 #else /* HAVE_LONGLONG */
6628 * NT4.x seems to be broken in that it sends large file (64 bit)
6629 * lockingX calls even if the CAP_LARGE_FILES was *not*
6630 * negotiated. For boxes without large unsigned ints mangle the
6631 * lock offset by mapping the top 32 bits onto the lower 32.
6634 if(IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
)) != 0) {
6635 uint32 low
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6636 uint32 high
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
));
6639 if((new_low
= map_lock_offset(high
, low
)) == 0) {
6641 return (SMB_BIG_UINT
)-1;
6644 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6645 (unsigned int)high
, (unsigned int)low
, (unsigned int)new_low
));
6646 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
),0);
6647 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
),new_low
);
6650 offset
= (SMB_BIG_UINT
)IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6651 #endif /* HAVE_LONGLONG */
6657 /****************************************************************************
6658 Reply to a lockingX request.
6659 ****************************************************************************/
6661 void reply_lockingX(struct smb_request
*req
)
6663 connection_struct
*conn
= req
->conn
;
6665 unsigned char locktype
;
6666 unsigned char oplocklevel
;
6669 SMB_BIG_UINT count
= 0, offset
= 0;
6674 bool large_file_format
;
6676 NTSTATUS status
= NT_STATUS_UNSUCCESSFUL
;
6678 START_PROFILE(SMBlockingX
);
6681 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6682 END_PROFILE(SMBlockingX
);
6686 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv2
));
6687 locktype
= CVAL(req
->inbuf
,smb_vwv3
);
6688 oplocklevel
= CVAL(req
->inbuf
,smb_vwv3
+1);
6689 num_ulocks
= SVAL(req
->inbuf
,smb_vwv6
);
6690 num_locks
= SVAL(req
->inbuf
,smb_vwv7
);
6691 lock_timeout
= IVAL(req
->inbuf
,smb_vwv4
);
6692 large_file_format
= (locktype
& LOCKING_ANDX_LARGE_FILES
)?True
:False
;
6694 if (!check_fsp(conn
, req
, fsp
, ¤t_user
)) {
6695 END_PROFILE(SMBlockingX
);
6699 data
= smb_buf(req
->inbuf
);
6701 if (locktype
& LOCKING_ANDX_CHANGE_LOCKTYPE
) {
6702 /* we don't support these - and CANCEL_LOCK makes w2k
6703 and XP reboot so I don't really want to be
6704 compatible! (tridge) */
6705 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRnoatomiclocks
));
6706 END_PROFILE(SMBlockingX
);
6710 /* Check if this is an oplock break on a file
6711 we have granted an oplock on.
6713 if ((locktype
& LOCKING_ANDX_OPLOCK_RELEASE
)) {
6714 /* Client can insist on breaking to none. */
6715 bool break_to_none
= (oplocklevel
== 0);
6718 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6719 "for fnum = %d\n", (unsigned int)oplocklevel
,
6723 * Make sure we have granted an exclusive or batch oplock on
6727 if (fsp
->oplock_type
== 0) {
6729 /* The Samba4 nbench simulator doesn't understand
6730 the difference between break to level2 and break
6731 to none from level2 - it sends oplock break
6732 replies in both cases. Don't keep logging an error
6733 message here - just ignore it. JRA. */
6735 DEBUG(5,("reply_lockingX: Error : oplock break from "
6736 "client for fnum = %d (oplock=%d) and no "
6737 "oplock granted on this file (%s).\n",
6738 fsp
->fnum
, fsp
->oplock_type
, fsp
->fsp_name
));
6740 /* if this is a pure oplock break request then don't
6742 if (num_locks
== 0 && num_ulocks
== 0) {
6743 END_PROFILE(SMBlockingX
);
6746 END_PROFILE(SMBlockingX
);
6747 reply_doserror(req
, ERRDOS
, ERRlock
);
6752 if ((fsp
->sent_oplock_break
== BREAK_TO_NONE_SENT
) ||
6754 result
= remove_oplock(fsp
);
6756 result
= downgrade_oplock(fsp
);
6760 DEBUG(0, ("reply_lockingX: error in removing "
6761 "oplock on file %s\n", fsp
->fsp_name
));
6762 /* Hmmm. Is this panic justified? */
6763 smb_panic("internal tdb error");
6766 reply_to_oplock_break_requests(fsp
);
6768 /* if this is a pure oplock break request then don't send a
6770 if (num_locks
== 0 && num_ulocks
== 0) {
6771 /* Sanity check - ensure a pure oplock break is not a
6773 if(CVAL(req
->inbuf
,smb_vwv0
) != 0xff)
6774 DEBUG(0,("reply_lockingX: Error : pure oplock "
6775 "break is a chained %d request !\n",
6776 (unsigned int)CVAL(req
->inbuf
,
6778 END_PROFILE(SMBlockingX
);
6784 * We do this check *after* we have checked this is not a oplock break
6785 * response message. JRA.
6788 release_level_2_oplocks_on_change(fsp
);
6790 if (smb_buflen(req
->inbuf
) <
6791 (num_ulocks
+ num_locks
) * (large_file_format
? 20 : 10)) {
6792 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6793 END_PROFILE(SMBlockingX
);
6797 /* Data now points at the beginning of the list
6798 of smb_unlkrng structs */
6799 for(i
= 0; i
< (int)num_ulocks
; i
++) {
6800 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6801 count
= get_lock_count( data
, i
, large_file_format
);
6802 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
6805 * There is no error code marked "stupid client bug".... :-).
6808 END_PROFILE(SMBlockingX
);
6809 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
6813 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
6814 "pid %u, file %s\n", (double)offset
, (double)count
,
6815 (unsigned int)lock_pid
, fsp
->fsp_name
));
6817 status
= do_unlock(smbd_messaging_context(),
6824 if (NT_STATUS_V(status
)) {
6825 END_PROFILE(SMBlockingX
);
6826 reply_nterror(req
, status
);
6831 /* Setup the timeout in seconds. */
6833 if (!lp_blocking_locks(SNUM(conn
))) {
6837 /* Now do any requested locks */
6838 data
+= ((large_file_format
? 20 : 10)*num_ulocks
);
6840 /* Data now points at the beginning of the list
6841 of smb_lkrng structs */
6843 for(i
= 0; i
< (int)num_locks
; i
++) {
6844 enum brl_type lock_type
= ((locktype
& LOCKING_ANDX_SHARED_LOCK
) ?
6845 READ_LOCK
:WRITE_LOCK
);
6846 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6847 count
= get_lock_count( data
, i
, large_file_format
);
6848 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
6851 * There is no error code marked "stupid client bug".... :-).
6854 END_PROFILE(SMBlockingX
);
6855 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
6859 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6860 "%u, file %s timeout = %d\n", (double)offset
,
6861 (double)count
, (unsigned int)lock_pid
,
6862 fsp
->fsp_name
, (int)lock_timeout
));
6864 if (locktype
& LOCKING_ANDX_CANCEL_LOCK
) {
6865 if (lp_blocking_locks(SNUM(conn
))) {
6867 /* Schedule a message to ourselves to
6868 remove the blocking lock record and
6869 return the right error. */
6871 if (!blocking_lock_cancel(fsp
,
6877 NT_STATUS_FILE_LOCK_CONFLICT
)) {
6878 END_PROFILE(SMBlockingX
);
6883 ERRcancelviolation
));
6887 /* Remove a matching pending lock. */
6888 status
= do_lock_cancel(fsp
,
6894 bool blocking_lock
= lock_timeout
? True
: False
;
6895 bool defer_lock
= False
;
6896 struct byte_range_lock
*br_lck
;
6897 uint32 block_smbpid
;
6899 br_lck
= do_lock(smbd_messaging_context(),
6910 if (br_lck
&& blocking_lock
&& ERROR_WAS_LOCK_DENIED(status
)) {
6911 /* Windows internal resolution for blocking locks seems
6912 to be about 200ms... Don't wait for less than that. JRA. */
6913 if (lock_timeout
!= -1 && lock_timeout
< lp_lock_spin_time()) {
6914 lock_timeout
= lp_lock_spin_time();
6919 /* This heuristic seems to match W2K3 very well. If a
6920 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6921 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6922 far as I can tell. Replacement for do_lock_spin(). JRA. */
6924 if (br_lck
&& lp_blocking_locks(SNUM(conn
)) && !blocking_lock
&&
6925 NT_STATUS_EQUAL((status
), NT_STATUS_FILE_LOCK_CONFLICT
)) {
6927 lock_timeout
= lp_lock_spin_time();
6930 if (br_lck
&& defer_lock
) {
6932 * A blocking lock was requested. Package up
6933 * this smb into a queued request and push it
6934 * onto the blocking lock queue.
6936 if(push_blocking_lock_request(br_lck
,
6947 TALLOC_FREE(br_lck
);
6948 END_PROFILE(SMBlockingX
);
6953 TALLOC_FREE(br_lck
);
6956 if (NT_STATUS_V(status
)) {
6957 END_PROFILE(SMBlockingX
);
6958 reply_nterror(req
, status
);
6963 /* If any of the above locks failed, then we must unlock
6964 all of the previous locks (X/Open spec). */
6966 if (!(locktype
& LOCKING_ANDX_CANCEL_LOCK
) &&
6970 * Ensure we don't do a remove on the lock that just failed,
6971 * as under POSIX rules, if we have a lock already there, we
6972 * will delete it (and we shouldn't) .....
6974 for(i
--; i
>= 0; i
--) {
6975 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
6976 count
= get_lock_count( data
, i
, large_file_format
);
6977 offset
= get_lock_offset( data
, i
, large_file_format
,
6981 * There is no error code marked "stupid client
6985 END_PROFILE(SMBlockingX
);
6986 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
6990 do_unlock(smbd_messaging_context(),
6997 END_PROFILE(SMBlockingX
);
6998 reply_nterror(req
, status
);
7002 reply_outbuf(req
, 2, 0);
7004 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7005 fsp
->fnum
, (unsigned int)locktype
, num_locks
, num_ulocks
));
7007 END_PROFILE(SMBlockingX
);
7012 #define DBGC_CLASS DBGC_ALL
7014 /****************************************************************************
7015 Reply to a SMBreadbmpx (read block multiplex) request.
7016 Always reply with an error, if someone has a platform really needs this,
7017 please contact vl@samba.org
7018 ****************************************************************************/
7020 void reply_readbmpx(struct smb_request
*req
)
7022 START_PROFILE(SMBreadBmpx
);
7023 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7024 END_PROFILE(SMBreadBmpx
);
7028 /****************************************************************************
7029 Reply to a SMBreadbs (read block multiplex secondary) request.
7030 Always reply with an error, if someone has a platform really needs this,
7031 please contact vl@samba.org
7032 ****************************************************************************/
7034 void reply_readbs(struct smb_request
*req
)
7036 START_PROFILE(SMBreadBs
);
7037 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7038 END_PROFILE(SMBreadBs
);
7042 /****************************************************************************
7043 Reply to a SMBsetattrE.
7044 ****************************************************************************/
7046 void reply_setattrE(struct smb_request
*req
)
7048 connection_struct
*conn
= req
->conn
;
7049 struct timespec ts
[2];
7051 SMB_STRUCT_STAT sbuf
;
7054 START_PROFILE(SMBsetattrE
);
7057 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7058 END_PROFILE(SMBsetattrE
);
7062 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
7064 if(!fsp
|| (fsp
->conn
!= conn
)) {
7065 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7066 END_PROFILE(SMBsetattrE
);
7072 * Convert the DOS times into unix times. Ignore create
7073 * time as UNIX can't set this.
7076 ts
[0] = convert_time_t_to_timespec(
7077 srv_make_unix_date2(req
->inbuf
+smb_vwv3
)); /* atime. */
7078 ts
[1] = convert_time_t_to_timespec(
7079 srv_make_unix_date2(req
->inbuf
+smb_vwv5
)); /* mtime. */
7081 reply_outbuf(req
, 0, 0);
7084 * Patch from Ray Frush <frush@engr.colostate.edu>
7085 * Sometimes times are sent as zero - ignore them.
7088 /* Ensure we have a valid stat struct for the source. */
7089 if (fsp
->fh
->fd
!= -1) {
7090 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
7091 status
= map_nt_error_from_unix(errno
);
7092 reply_nterror(req
, status
);
7093 END_PROFILE(SMBsetattrE
);
7097 if (SMB_VFS_STAT(conn
, fsp
->fsp_name
, &sbuf
) == -1) {
7098 status
= map_nt_error_from_unix(errno
);
7099 reply_nterror(req
, status
);
7100 END_PROFILE(SMBsetattrE
);
7105 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
,
7107 if (!NT_STATUS_IS_OK(status
)) {
7108 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7109 END_PROFILE(SMBsetattrE
);
7113 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
7115 (unsigned int)ts
[0].tv_sec
,
7116 (unsigned int)ts
[1].tv_sec
));
7118 END_PROFILE(SMBsetattrE
);
7123 /* Back from the dead for OS/2..... JRA. */
7125 /****************************************************************************
7126 Reply to a SMBwritebmpx (write block multiplex primary) request.
7127 Always reply with an error, if someone has a platform really needs this,
7128 please contact vl@samba.org
7129 ****************************************************************************/
7131 void reply_writebmpx(struct smb_request
*req
)
7133 START_PROFILE(SMBwriteBmpx
);
7134 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7135 END_PROFILE(SMBwriteBmpx
);
7139 /****************************************************************************
7140 Reply to a SMBwritebs (write block multiplex secondary) request.
7141 Always reply with an error, if someone has a platform really needs this,
7142 please contact vl@samba.org
7143 ****************************************************************************/
7145 void reply_writebs(struct smb_request
*req
)
7147 START_PROFILE(SMBwriteBs
);
7148 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7149 END_PROFILE(SMBwriteBs
);
7153 /****************************************************************************
7154 Reply to a SMBgetattrE.
7155 ****************************************************************************/
7157 void reply_getattrE(struct smb_request
*req
)
7159 connection_struct
*conn
= req
->conn
;
7160 SMB_STRUCT_STAT sbuf
;
7163 struct timespec create_ts
;
7165 START_PROFILE(SMBgetattrE
);
7168 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7169 END_PROFILE(SMBgetattrE
);
7173 fsp
= file_fsp(SVAL(req
->inbuf
,smb_vwv0
));
7175 if(!fsp
|| (fsp
->conn
!= conn
)) {
7176 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7177 END_PROFILE(SMBgetattrE
);
7181 /* Do an fstat on this file */
7182 if(fsp_stat(fsp
, &sbuf
)) {
7183 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
7184 END_PROFILE(SMBgetattrE
);
7188 mode
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
7191 * Convert the times into dos times. Set create
7192 * date to be last modify date as UNIX doesn't save
7196 reply_outbuf(req
, 11, 0);
7198 create_ts
= get_create_timespec(&sbuf
,
7199 lp_fake_dir_create_times(SNUM(conn
)));
7200 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv0
, create_ts
.tv_sec
);
7201 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv2
, sbuf
.st_atime
);
7202 /* Should we check pending modtime here ? JRA */
7203 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv4
, sbuf
.st_mtime
);
7206 SIVAL(req
->outbuf
, smb_vwv6
, 0);
7207 SIVAL(req
->outbuf
, smb_vwv8
, 0);
7209 uint32 allocation_size
= get_allocation_size(conn
,fsp
, &sbuf
);
7210 SIVAL(req
->outbuf
, smb_vwv6
, (uint32
)sbuf
.st_size
);
7211 SIVAL(req
->outbuf
, smb_vwv8
, allocation_size
);
7213 SSVAL(req
->outbuf
,smb_vwv10
, mode
);
7215 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp
->fnum
));
7217 END_PROFILE(SMBgetattrE
);