docs: Do not encourage unix passwords, and remove reference to password level
[Samba/bjacke.git] / source3 / printing / printspoolss.c
blobfc1e9c12e31ea5d75196fc6ae8c3b562047889cd
1 /*
2 Unix SMB/CIFS implementation.
3 Printing routines that bridge to spoolss
4 Copyright (C) Simo Sorce 2010
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 #include "includes.h"
21 #include "system/filesys.h"
22 #include "printing.h"
23 #include "rpc_client/rpc_client.h"
24 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
25 #include "rpc_server/rpc_ncacn_np.h"
26 #include "smbd/globals.h"
27 #include "../libcli/security/security.h"
29 struct print_file_data {
30 char *svcname;
31 char *docname;
32 char *filename;
33 struct policy_handle handle;
34 uint32_t jobid;
35 uint16 rap_jobid;
38 uint16_t print_spool_rap_jobid(struct print_file_data *print_file)
40 if (print_file == NULL) {
41 return 0;
44 return print_file->rap_jobid;
47 void print_spool_terminate(struct connection_struct *conn,
48 struct print_file_data *print_file);
50 /***************************************************************************
51 * Open a Document over spoolss
52 ***************************************************************************/
54 #define DOCNAME_DEFAULT "Remote Downlevel Document"
55 #ifndef PRINT_SPOOL_PREFIX
56 #define PRINT_SPOOL_PREFIX "smbprn."
57 #endif
59 NTSTATUS print_spool_open(files_struct *fsp,
60 const char *fname,
61 uint64_t current_vuid)
63 NTSTATUS status;
64 TALLOC_CTX *tmp_ctx;
65 struct print_file_data *pf;
66 struct dcerpc_binding_handle *b = NULL;
67 struct spoolss_DevmodeContainer devmode_ctr;
68 struct spoolss_DocumentInfoCtr info_ctr;
69 struct spoolss_DocumentInfo1 *info1;
70 int fd = -1;
71 WERROR werr;
72 mode_t mask;
74 tmp_ctx = talloc_new(fsp);
75 if (!tmp_ctx) {
76 return NT_STATUS_NO_MEMORY;
79 pf = talloc_zero(fsp, struct print_file_data);
80 if (!pf) {
81 status = NT_STATUS_NO_MEMORY;
82 goto done;
84 pf->svcname = lp_servicename(pf, SNUM(fsp->conn));
86 /* the document name is derived from the file name.
87 * "Remote Downlevel Document" is added in front to
88 * mimic what windows does in this case */
89 pf->docname = talloc_strdup(pf, DOCNAME_DEFAULT);
90 if (!pf->docname) {
91 status = NT_STATUS_NO_MEMORY;
92 goto done;
94 if (fname) {
95 const char *p = strrchr(fname, '/');
96 if (!p) {
97 p = fname;
99 pf->docname = talloc_asprintf_append(pf->docname, " %s", p);
100 if (!pf->docname) {
101 status = NT_STATUS_NO_MEMORY;
102 goto done;
107 * Ok, now we have to open an actual file.
108 * Here is the reason:
109 * We want to write the spool job to this file in
110 * smbd for scalability reason (and also because
111 * apparently window printer drivers can seek when
112 * spooling to a file).
113 * So we first create a file, and then we pass it
114 * to spoolss in output_file so it can monitor and
115 * take over once we call EndDocPrinter().
116 * Of course we will not start writing until
117 * StartDocPrinter() actually gives the ok.
118 * smbd spooler files do not include a print jobid
119 * path component, as the jobid is only known after
120 * calling StartDocPrinter().
123 pf->filename = talloc_asprintf(pf, "%s/%sXXXXXX",
124 lp_pathname(talloc_tos(),
125 SNUM(fsp->conn)),
126 PRINT_SPOOL_PREFIX);
127 if (!pf->filename) {
128 status = NT_STATUS_NO_MEMORY;
129 goto done;
131 errno = 0;
132 mask = umask(S_IRWXO | S_IRWXG);
133 fd = mkstemp(pf->filename);
134 umask(mask);
135 if (fd == -1) {
136 if (errno == EACCES) {
137 /* Common setup error, force a report. */
138 DEBUG(0, ("Insufficient permissions "
139 "to open spool file %s.\n",
140 pf->filename));
141 } else {
142 /* Normal case, report at level 3 and above. */
143 DEBUG(3, ("can't open spool file %s,\n",
144 pf->filename));
145 DEBUGADD(3, ("errno = %d (%s).\n",
146 errno, strerror(errno)));
148 status = map_nt_error_from_unix(errno);
149 goto done;
152 /* now open a document over spoolss so that it does
153 * all printer verification, and eventually assigns
154 * a job id */
156 status = rpc_pipe_open_interface(fsp->conn,
157 &ndr_table_spoolss.syntax_id,
158 fsp->conn->session_info,
159 fsp->conn->sconn->remote_address,
160 fsp->conn->sconn->msg_ctx,
161 &fsp->conn->spoolss_pipe);
162 if (!NT_STATUS_IS_OK(status)) {
163 goto done;
165 b = fsp->conn->spoolss_pipe->binding_handle;
167 ZERO_STRUCT(devmode_ctr);
169 status = dcerpc_spoolss_OpenPrinter(b, pf, pf->svcname,
170 "RAW", devmode_ctr,
171 PRINTER_ACCESS_USE,
172 &pf->handle, &werr);
173 if (!NT_STATUS_IS_OK(status)) {
174 goto done;
176 if (!W_ERROR_IS_OK(werr)) {
177 status = werror_to_ntstatus(werr);
178 goto done;
181 info1 = talloc(tmp_ctx, struct spoolss_DocumentInfo1);
182 if (info1 == NULL) {
183 status = NT_STATUS_NO_MEMORY;
184 goto done;
186 info1->document_name = pf->docname;
187 info1->output_file = pf->filename;
188 info1->datatype = "RAW";
190 info_ctr.level = 1;
191 info_ctr.info.info1 = info1;
193 status = dcerpc_spoolss_StartDocPrinter(b, tmp_ctx,
194 &pf->handle,
195 &info_ctr,
196 &pf->jobid,
197 &werr);
198 if (!NT_STATUS_IS_OK(status)) {
199 goto done;
201 if (!W_ERROR_IS_OK(werr)) {
202 status = werror_to_ntstatus(werr);
203 goto done;
206 /* Convert to RAP id. */
207 pf->rap_jobid = pjobid_to_rap(pf->svcname, pf->jobid);
208 if (pf->rap_jobid == 0) {
209 /* No errno around here */
210 status = NT_STATUS_ACCESS_DENIED;
211 goto done;
214 /* setup a full fsp */
215 fsp->fsp_name = synthetic_smb_fname(fsp, pf->filename, NULL, NULL);
216 if (fsp->fsp_name == NULL) {
217 status = NT_STATUS_NO_MEMORY;
218 goto done;
221 if (sys_fstat(fd, &fsp->fsp_name->st, false) != 0) {
222 status = map_nt_error_from_unix(errno);
223 goto done;
226 fsp->file_id = vfs_file_id_from_sbuf(fsp->conn, &fsp->fsp_name->st);
227 fsp->fh->fd = fd;
229 fsp->vuid = current_vuid;
230 fsp->can_lock = false;
231 fsp->can_read = false;
232 fsp->access_mask = FILE_GENERIC_WRITE;
233 fsp->can_write = true;
234 fsp->modified = false;
235 fsp->oplock_type = NO_OPLOCK;
236 fsp->sent_oplock_break = NO_BREAK_SENT;
237 fsp->is_directory = false;
239 fsp->print_file = pf;
241 status = NT_STATUS_OK;
242 done:
243 if (!NT_STATUS_IS_OK(status)) {
244 if (fd != -1) {
245 close(fd);
246 if (fsp->print_file) {
247 unlink(fsp->print_file->filename);
250 /* We need to delete the job from spoolss too */
251 if (pf->jobid) {
252 print_spool_terminate(fsp->conn, pf);
255 talloc_free(tmp_ctx);
256 return status;
259 int print_spool_write(files_struct *fsp,
260 const char *data, uint32_t size,
261 off_t offset, uint32_t *written)
263 SMB_STRUCT_STAT st;
264 ssize_t n;
265 int ret;
267 *written = 0;
269 /* first of all stat file to find out if it is still there.
270 * spoolss may have deleted it to signal someone has killed
271 * the job through it's interface */
273 if (sys_fstat(fsp->fh->fd, &st, false) != 0) {
274 ret = errno;
275 DEBUG(3, ("printfile_offset: sys_fstat failed on %s (%s)\n",
276 fsp_str_dbg(fsp), strerror(ret)));
277 return ret;
280 /* check if the file is unlinked, this will signal spoolss has
281 * killed it, just return an error and close the file */
282 if (st.st_ex_nlink == 0) {
283 close(fsp->fh->fd);
284 return EBADF;
287 /* When print files go beyond 4GB, the 32-bit offset sent in
288 * old SMBwrite calls is relative to the current 4GB chunk
289 * we're writing to.
290 * Discovered by Sebastian Kloska <oncaphillis@snafu.de>.
292 if (offset < 0xffffffff00000000LL) {
293 offset = (st.st_ex_size & 0xffffffff00000000LL) + offset;
296 n = write_data_at_offset(fsp->fh->fd, data, size, offset);
297 if (n == -1) {
298 ret = errno;
299 print_spool_terminate(fsp->conn, fsp->print_file);
300 } else {
301 *written = n;
302 ret = 0;
305 return ret;
308 void print_spool_end(files_struct *fsp, enum file_close_type close_type)
310 NTSTATUS status;
311 WERROR werr;
312 struct dcerpc_binding_handle *b = NULL;
314 b = fsp->conn->spoolss_pipe->binding_handle;
316 switch (close_type) {
317 case NORMAL_CLOSE:
318 case SHUTDOWN_CLOSE:
319 /* this also automatically calls spoolss_EndDocPrinter */
320 status = dcerpc_spoolss_ClosePrinter(b, fsp->print_file,
321 &fsp->print_file->handle,
322 &werr);
323 if (!NT_STATUS_IS_OK(status) ||
324 !NT_STATUS_IS_OK(status = werror_to_ntstatus(werr))) {
325 DEBUG(3, ("Failed to close printer %s [%s]\n",
326 fsp->print_file->svcname, nt_errstr(status)));
328 break;
329 case ERROR_CLOSE:
330 print_spool_terminate(fsp->conn, fsp->print_file);
331 break;
336 void print_spool_terminate(struct connection_struct *conn,
337 struct print_file_data *print_file)
339 NTSTATUS status;
340 WERROR werr;
341 struct dcerpc_binding_handle *b = NULL;
343 rap_jobid_delete(print_file->svcname, print_file->jobid);
345 status = rpc_pipe_open_interface(conn,
346 &ndr_table_spoolss.syntax_id,
347 conn->session_info,
348 conn->sconn->remote_address,
349 conn->sconn->msg_ctx,
350 &conn->spoolss_pipe);
351 if (!NT_STATUS_IS_OK(status)) {
352 DEBUG(0, ("print_spool_terminate: "
353 "Failed to get spoolss pipe [%s]\n",
354 nt_errstr(status)));
355 return;
357 b = conn->spoolss_pipe->binding_handle;
359 status = dcerpc_spoolss_SetJob(b, print_file,
360 &print_file->handle,
361 print_file->jobid,
362 NULL, SPOOLSS_JOB_CONTROL_DELETE,
363 &werr);
364 if (!NT_STATUS_IS_OK(status) ||
365 !NT_STATUS_IS_OK(status = werror_to_ntstatus(werr))) {
366 DEBUG(3, ("Failed to delete job %d [%s]\n",
367 print_file->jobid, nt_errstr(status)));
368 return;
370 status = dcerpc_spoolss_ClosePrinter(b, print_file,
371 &print_file->handle,
372 &werr);
373 if (!NT_STATUS_IS_OK(status) ||
374 !NT_STATUS_IS_OK(status = werror_to_ntstatus(werr))) {
375 DEBUG(3, ("Failed to close printer %s [%s]\n",
376 print_file->svcname, nt_errstr(status)));
377 return;