2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol
;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS
check_path_syntax_internal(char *path
,
45 bool *p_last_component_contains_wcard
)
49 NTSTATUS ret
= NT_STATUS_OK
;
50 bool start_of_name_component
= True
;
51 bool stream_started
= false;
53 *p_last_component_contains_wcard
= False
;
60 return NT_STATUS_OBJECT_NAME_INVALID
;
63 return NT_STATUS_OBJECT_NAME_INVALID
;
65 if (strchr_m(&s
[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID
;
68 if (StrCaseCmp(s
, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER
;
75 if (!posix_path
&& !stream_started
&& *s
== ':') {
76 if (*p_last_component_contains_wcard
) {
77 return NT_STATUS_OBJECT_NAME_INVALID
;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started
= true;
86 start_of_name_component
= false;
90 return NT_STATUS_OBJECT_NAME_INVALID
;
94 if (!stream_started
&& IS_PATH_SEP(*s
,posix_path
)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s
,posix_path
)) {
103 if ((d
!= path
) && (*s
!= '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component
= True
;
110 *p_last_component_contains_wcard
= False
;
114 if (start_of_name_component
) {
115 if ((s
[0] == '.') && (s
[1] == '.') && (IS_PATH_SEP(s
[2],posix_path
) || s
[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d
> path
) && (*(d
-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret
= NT_STATUS_OBJECT_PATH_SYNTAX_BAD
;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d
--; d
> path
; d
--) {
141 s
+= 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s
[0] == '.') && ((s
[1] == '\0') || IS_PATH_SEP(s
[1],posix_path
))) {
157 if (*s
<= 0x1f || *s
== '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID
;
166 *p_last_component_contains_wcard
= True
;
175 /* Get the size of the next MB character. */
176 next_codepoint(s
,&siz
);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER
;
199 start_of_name_component
= False
;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS
check_path_syntax(char *path
)
215 return check_path_syntax_internal(path
, False
, &ignore
);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS
check_path_syntax_wcard(char *path
, bool *p_contains_wcard
)
226 return check_path_syntax_internal(path
, False
, p_contains_wcard
);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS
check_path_syntax_posix(char *path
)
238 return check_path_syntax_internal(path
, True
, &ignore
);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX
*ctx
,
246 const char *base_ptr
,
253 bool *contains_wcard
)
259 ret
= srvstr_pull_talloc(ctx
, base_ptr
, smb_flags2
, pp_dest
, src
,
263 *err
= NT_STATUS_INVALID_PARAMETER
;
267 *contains_wcard
= False
;
269 if (smb_flags2
& FLAGS2_DFS_PATHNAMES
) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err
= check_path_syntax_posix(*pp_dest
);
281 *err
= check_path_syntax_wcard(*pp_dest
, contains_wcard
);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX
*ctx
,
292 const char *base_ptr
,
301 return srvstr_get_path_wcard(ctx
, base_ptr
, smb_flags2
, pp_dest
, src
,
302 src_len
, flags
, err
, &ignore
);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX
*mem_ctx
, struct smb_request
*req
,
306 char **pp_dest
, const char *src
, int flags
,
307 NTSTATUS
*err
, bool *contains_wcard
)
309 return srvstr_get_path_wcard(mem_ctx
, (char *)req
->inbuf
, req
->flags2
,
310 pp_dest
, src
, smbreq_bufrem(req
, src
),
311 flags
, err
, contains_wcard
);
314 size_t srvstr_get_path_req(TALLOC_CTX
*mem_ctx
, struct smb_request
*req
,
315 char **pp_dest
, const char *src
, int flags
,
319 return srvstr_get_path_req_wcard(mem_ctx
, req
, pp_dest
, src
,
320 flags
, err
, &ignore
);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct
*conn
, struct smb_request
*req
,
330 if (!(fsp
) || !(conn
)) {
331 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
334 if (((conn
) != (fsp
)->conn
) || req
->vuid
!= (fsp
)->vuid
) {
335 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct
*conn
, struct smb_request
*req
,
348 if (!check_fsp_open(conn
, req
, fsp
)) {
351 if ((fsp
)->is_directory
) {
352 reply_nterror(req
, NT_STATUS_INVALID_DEVICE_REQUEST
);
355 if ((fsp
)->fh
->fd
== -1) {
356 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
359 (fsp
)->num_smb_operations
++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct
*conn
, struct smb_request
*req
,
371 if (!check_fsp_open(conn
, req
, fsp
)) {
375 if (fsp
->is_directory
) {
379 if (fsp
->fake_file_handle
== NULL
) {
383 if (fsp
->fake_file_handle
->type
!= FAKE_FILE_TYPE_QUOTA
) {
387 if (fsp
->fake_file_handle
->private_data
== NULL
) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct
*conn
, struct smb_request
*req
,
401 if ((fsp
) && (conn
) && ((conn
)==(fsp
)->conn
)
402 && (req
->vuid
== (fsp
)->vuid
)) {
406 reply_nterror(req
, NT_STATUS_INVALID_HANDLE
);
410 /****************************************************************************
411 Reply to a (netbios-level) special message.
412 ****************************************************************************/
414 void reply_special(char *inbuf
)
416 int msg_type
= CVAL(inbuf
,0);
417 int msg_flags
= CVAL(inbuf
,1);
422 * We only really use 4 bytes of the outbuf, but for the smb_setlen
423 * calculation & friends (srv_send_smb uses that) we need the full smb
426 char outbuf
[smb_size
];
430 memset(outbuf
, '\0', sizeof(outbuf
));
432 smb_setlen(outbuf
,0);
435 case 0x81: /* session request */
437 if (already_got_session
) {
438 exit_server_cleanly("multiple session request not permitted");
441 SCVAL(outbuf
,0,0x82);
443 if (name_len(inbuf
+4) > 50 ||
444 name_len(inbuf
+4 + name_len(inbuf
+ 4)) > 50) {
445 DEBUG(0,("Invalid name length in session request\n"));
448 name_extract(inbuf
,4,name1
);
449 name_type
= name_extract(inbuf
,4 + name_len(inbuf
+ 4),name2
);
450 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
453 set_local_machine_name(name1
, True
);
454 set_remote_machine_name(name2
, True
);
456 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
457 get_local_machine_name(), get_remote_machine_name(),
460 if (name_type
== 'R') {
461 /* We are being asked for a pathworks session ---
463 SCVAL(outbuf
, 0,0x83);
467 /* only add the client's machine name to the list
468 of possibly valid usernames if we are operating
469 in share mode security */
470 if (lp_security() == SEC_SHARE
) {
471 add_session_user(get_remote_machine_name());
474 reload_services(True
);
477 already_got_session
= True
;
480 case 0x89: /* session keepalive request
481 (some old clients produce this?) */
482 SCVAL(outbuf
,0,SMBkeepalive
);
486 case 0x82: /* positive session response */
487 case 0x83: /* negative session response */
488 case 0x84: /* retarget session response */
489 DEBUG(0,("Unexpected session response\n"));
492 case SMBkeepalive
: /* session keepalive */
497 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
498 msg_type
, msg_flags
));
500 srv_send_smb(smbd_server_fd(), outbuf
, false, NULL
);
504 /****************************************************************************
506 conn POINTER CAN BE NULL HERE !
507 ****************************************************************************/
509 void reply_tcon(struct smb_request
*req
)
511 connection_struct
*conn
= req
->conn
;
513 char *service_buf
= NULL
;
514 char *password
= NULL
;
519 DATA_BLOB password_blob
;
520 TALLOC_CTX
*ctx
= talloc_tos();
522 START_PROFILE(SMBtcon
);
524 if (req
->buflen
< 4) {
525 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
526 END_PROFILE(SMBtcon
);
530 p
= (const char *)req
->buf
+ 1;
531 p
+= srvstr_pull_req_talloc(ctx
, req
, &service_buf
, p
, STR_TERMINATE
);
533 pwlen
= srvstr_pull_req_talloc(ctx
, req
, &password
, p
, STR_TERMINATE
);
535 p
+= srvstr_pull_req_talloc(ctx
, req
, &dev
, p
, STR_TERMINATE
);
538 if (service_buf
== NULL
|| password
== NULL
|| dev
== NULL
) {
539 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
540 END_PROFILE(SMBtcon
);
543 p
= strrchr_m(service_buf
,'\\');
547 service
= service_buf
;
550 password_blob
= data_blob(password
, pwlen
+1);
552 conn
= make_connection(service
,password_blob
,dev
,req
->vuid
,&nt_status
);
555 data_blob_clear_free(&password_blob
);
558 reply_nterror(req
, nt_status
);
559 END_PROFILE(SMBtcon
);
563 reply_outbuf(req
, 2, 0);
564 SSVAL(req
->outbuf
,smb_vwv0
,max_recv
);
565 SSVAL(req
->outbuf
,smb_vwv1
,conn
->cnum
);
566 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
568 DEBUG(3,("tcon service=%s cnum=%d\n",
569 service
, conn
->cnum
));
571 END_PROFILE(SMBtcon
);
575 /****************************************************************************
576 Reply to a tcon and X.
577 conn POINTER CAN BE NULL HERE !
578 ****************************************************************************/
580 void reply_tcon_and_X(struct smb_request
*req
)
582 connection_struct
*conn
= req
->conn
;
583 const char *service
= NULL
;
585 TALLOC_CTX
*ctx
= talloc_tos();
586 /* what the cleint thinks the device is */
587 char *client_devicetype
= NULL
;
588 /* what the server tells the client the share represents */
589 const char *server_devicetype
;
596 START_PROFILE(SMBtconX
);
599 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
600 END_PROFILE(SMBtconX
);
604 passlen
= SVAL(req
->vwv
+3, 0);
605 tcon_flags
= SVAL(req
->vwv
+2, 0);
607 /* we might have to close an old one */
608 if ((tcon_flags
& 0x1) && conn
) {
609 close_cnum(conn
,req
->vuid
);
614 if ((passlen
> MAX_PASS_LEN
) || (passlen
>= req
->buflen
)) {
615 reply_doserror(req
, ERRDOS
, ERRbuftoosmall
);
616 END_PROFILE(SMBtconX
);
620 if (global_encrypted_passwords_negotiated
) {
621 password
= data_blob_talloc(talloc_tos(), req
->buf
, passlen
);
622 if (lp_security() == SEC_SHARE
) {
624 * Security = share always has a pad byte
625 * after the password.
627 p
= (const char *)req
->buf
+ passlen
+ 1;
629 p
= (const char *)req
->buf
+ passlen
;
632 password
= data_blob_talloc(talloc_tos(), req
->buf
, passlen
+1);
633 /* Ensure correct termination */
634 password
.data
[passlen
]=0;
635 p
= (const char *)req
->buf
+ passlen
+ 1;
638 p
+= srvstr_pull_req_talloc(ctx
, req
, &path
, p
, STR_TERMINATE
);
641 data_blob_clear_free(&password
);
642 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
643 END_PROFILE(SMBtconX
);
648 * the service name can be either: \\server\share
649 * or share directly like on the DELL PowerVault 705
652 q
= strchr_m(path
+2,'\\');
654 data_blob_clear_free(&password
);
655 reply_doserror(req
, ERRDOS
, ERRnosuchshare
);
656 END_PROFILE(SMBtconX
);
664 p
+= srvstr_pull_talloc(ctx
, req
->inbuf
, req
->flags2
,
665 &client_devicetype
, p
,
666 MIN(6, smbreq_bufrem(req
, p
)), STR_ASCII
);
668 if (client_devicetype
== NULL
) {
669 data_blob_clear_free(&password
);
670 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
671 END_PROFILE(SMBtconX
);
675 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype
, service
));
677 conn
= make_connection(service
, password
, client_devicetype
,
678 req
->vuid
, &nt_status
);
681 data_blob_clear_free(&password
);
684 reply_nterror(req
, nt_status
);
685 END_PROFILE(SMBtconX
);
690 server_devicetype
= "IPC";
691 else if ( IS_PRINT(conn
) )
692 server_devicetype
= "LPT1:";
694 server_devicetype
= "A:";
696 if (Protocol
< PROTOCOL_NT1
) {
697 reply_outbuf(req
, 2, 0);
698 if (message_push_string(&req
->outbuf
, server_devicetype
,
699 STR_TERMINATE
|STR_ASCII
) == -1) {
700 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
701 END_PROFILE(SMBtconX
);
705 /* NT sets the fstype of IPC$ to the null string */
706 const char *fstype
= IS_IPC(conn
) ? "" : lp_fstype(SNUM(conn
));
708 if (tcon_flags
& TCONX_FLAG_EXTENDED_RESPONSE
) {
709 /* Return permissions. */
713 reply_outbuf(req
, 7, 0);
716 perm1
= FILE_ALL_ACCESS
;
717 perm2
= FILE_ALL_ACCESS
;
719 perm1
= CAN_WRITE(conn
) ?
724 SIVAL(req
->outbuf
, smb_vwv3
, perm1
);
725 SIVAL(req
->outbuf
, smb_vwv5
, perm2
);
727 reply_outbuf(req
, 3, 0);
730 if ((message_push_string(&req
->outbuf
, server_devicetype
,
731 STR_TERMINATE
|STR_ASCII
) == -1)
732 || (message_push_string(&req
->outbuf
, fstype
,
733 STR_TERMINATE
) == -1)) {
734 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
735 END_PROFILE(SMBtconX
);
739 /* what does setting this bit do? It is set by NT4 and
740 may affect the ability to autorun mounted cdroms */
741 SSVAL(req
->outbuf
, smb_vwv2
, SMB_SUPPORT_SEARCH_BITS
|
742 (lp_csc_policy(SNUM(conn
)) << 2));
744 if (lp_msdfs_root(SNUM(conn
)) && lp_host_msdfs()) {
745 DEBUG(2,("Serving %s as a Dfs root\n",
746 lp_servicename(SNUM(conn
)) ));
747 SSVAL(req
->outbuf
, smb_vwv2
,
748 SMB_SHARE_IN_DFS
| SVAL(req
->outbuf
, smb_vwv2
));
753 DEBUG(3,("tconX service=%s \n",
756 /* set the incoming and outgoing tid to the just created one */
757 SSVAL(req
->inbuf
,smb_tid
,conn
->cnum
);
758 SSVAL(req
->outbuf
,smb_tid
,conn
->cnum
);
760 END_PROFILE(SMBtconX
);
766 /****************************************************************************
767 Reply to an unknown type.
768 ****************************************************************************/
770 void reply_unknown_new(struct smb_request
*req
, uint8 type
)
772 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
773 smb_fn_name(type
), type
, type
));
774 reply_doserror(req
, ERRSRV
, ERRunknownsmb
);
778 /****************************************************************************
780 conn POINTER CAN BE NULL HERE !
781 ****************************************************************************/
783 void reply_ioctl(struct smb_request
*req
)
785 connection_struct
*conn
= req
->conn
;
792 START_PROFILE(SMBioctl
);
795 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
796 END_PROFILE(SMBioctl
);
800 device
= SVAL(req
->vwv
+1, 0);
801 function
= SVAL(req
->vwv
+2, 0);
802 ioctl_code
= (device
<< 16) + function
;
804 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code
));
806 switch (ioctl_code
) {
807 case IOCTL_QUERY_JOB_INFO
:
811 reply_doserror(req
, ERRSRV
, ERRnosupport
);
812 END_PROFILE(SMBioctl
);
816 reply_outbuf(req
, 8, replysize
+1);
817 SSVAL(req
->outbuf
,smb_vwv1
,replysize
); /* Total data bytes returned */
818 SSVAL(req
->outbuf
,smb_vwv5
,replysize
); /* Data bytes this buffer */
819 SSVAL(req
->outbuf
,smb_vwv6
,52); /* Offset to data */
820 p
= smb_buf(req
->outbuf
);
821 memset(p
, '\0', replysize
+1); /* valgrind-safe. */
822 p
+= 1; /* Allow for alignment */
824 switch (ioctl_code
) {
825 case IOCTL_QUERY_JOB_INFO
:
827 files_struct
*fsp
= file_fsp(
828 req
, SVAL(req
->vwv
+0, 0));
830 reply_doserror(req
, ERRDOS
, ERRbadfid
);
831 END_PROFILE(SMBioctl
);
834 SSVAL(p
,0,fsp
->rap_print_jobid
); /* Job number */
835 srvstr_push((char *)req
->outbuf
, req
->flags2
, p
+2,
837 STR_TERMINATE
|STR_ASCII
);
839 srvstr_push((char *)req
->outbuf
, req
->flags2
,
840 p
+18, lp_servicename(SNUM(conn
)),
841 13, STR_TERMINATE
|STR_ASCII
);
849 END_PROFILE(SMBioctl
);
853 /****************************************************************************
854 Strange checkpath NTSTATUS mapping.
855 ****************************************************************************/
857 static NTSTATUS
map_checkpath_error(uint16_t flags2
, NTSTATUS status
)
859 /* Strange DOS error code semantics only for checkpath... */
860 if (!(flags2
& FLAGS2_32_BIT_ERROR_CODES
)) {
861 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID
,status
)) {
862 /* We need to map to ERRbadpath */
863 return NT_STATUS_OBJECT_PATH_NOT_FOUND
;
869 /****************************************************************************
870 Reply to a checkpath.
871 ****************************************************************************/
873 void reply_checkpath(struct smb_request
*req
)
875 connection_struct
*conn
= req
->conn
;
877 SMB_STRUCT_STAT sbuf
;
879 TALLOC_CTX
*ctx
= talloc_tos();
881 START_PROFILE(SMBcheckpath
);
883 srvstr_get_path_req(ctx
, req
, &name
, (const char *)req
->buf
+ 1,
884 STR_TERMINATE
, &status
);
886 if (!NT_STATUS_IS_OK(status
)) {
887 status
= map_checkpath_error(req
->flags2
, status
);
888 reply_nterror(req
, status
);
889 END_PROFILE(SMBcheckpath
);
893 status
= resolve_dfspath(ctx
, conn
,
894 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
897 if (!NT_STATUS_IS_OK(status
)) {
898 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
899 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
901 END_PROFILE(SMBcheckpath
);
907 DEBUG(3,("reply_checkpath %s mode=%d\n", name
, (int)SVAL(req
->vwv
+0, 0)));
909 status
= unix_convert(ctx
, conn
, name
, False
, &name
, NULL
, &sbuf
);
910 if (!NT_STATUS_IS_OK(status
)) {
914 status
= check_name(conn
, name
);
915 if (!NT_STATUS_IS_OK(status
)) {
916 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name
,nt_errstr(status
)));
920 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,name
,&sbuf
) != 0)) {
921 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name
,strerror(errno
)));
922 status
= map_nt_error_from_unix(errno
);
926 if (!S_ISDIR(sbuf
.st_mode
)) {
927 reply_botherror(req
, NT_STATUS_NOT_A_DIRECTORY
,
929 END_PROFILE(SMBcheckpath
);
933 reply_outbuf(req
, 0, 0);
935 END_PROFILE(SMBcheckpath
);
940 END_PROFILE(SMBcheckpath
);
942 /* We special case this - as when a Windows machine
943 is parsing a path is steps through the components
944 one at a time - if a component fails it expects
945 ERRbadpath, not ERRbadfile.
947 status
= map_checkpath_error(req
->flags2
, status
);
948 if (NT_STATUS_EQUAL(status
, NT_STATUS_OBJECT_NAME_NOT_FOUND
)) {
950 * Windows returns different error codes if
951 * the parent directory is valid but not the
952 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
953 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
954 * if the path is invalid.
956 reply_botherror(req
, NT_STATUS_OBJECT_NAME_NOT_FOUND
,
961 reply_nterror(req
, status
);
964 /****************************************************************************
966 ****************************************************************************/
968 void reply_getatr(struct smb_request
*req
)
970 connection_struct
*conn
= req
->conn
;
972 SMB_STRUCT_STAT sbuf
;
978 TALLOC_CTX
*ctx
= talloc_tos();
980 START_PROFILE(SMBgetatr
);
982 p
= (const char *)req
->buf
+ 1;
983 p
+= srvstr_get_path_req(ctx
, req
, &fname
, p
, STR_TERMINATE
, &status
);
984 if (!NT_STATUS_IS_OK(status
)) {
985 reply_nterror(req
, status
);
986 END_PROFILE(SMBgetatr
);
990 status
= resolve_dfspath(ctx
, conn
,
991 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
994 if (!NT_STATUS_IS_OK(status
)) {
995 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
996 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
998 END_PROFILE(SMBgetatr
);
1001 reply_nterror(req
, status
);
1002 END_PROFILE(SMBgetatr
);
1006 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1007 under WfWg - weird! */
1008 if (*fname
== '\0') {
1009 mode
= aHIDDEN
| aDIR
;
1010 if (!CAN_WRITE(conn
)) {
1016 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
,&sbuf
);
1017 if (!NT_STATUS_IS_OK(status
)) {
1018 reply_nterror(req
, status
);
1019 END_PROFILE(SMBgetatr
);
1022 status
= check_name(conn
, fname
);
1023 if (!NT_STATUS_IS_OK(status
)) {
1024 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname
,nt_errstr(status
)));
1025 reply_nterror(req
, status
);
1026 END_PROFILE(SMBgetatr
);
1029 if (!VALID_STAT(sbuf
) && (SMB_VFS_STAT(conn
,fname
,&sbuf
) != 0)) {
1030 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname
,strerror(errno
)));
1031 reply_unixerror(req
, ERRDOS
,ERRbadfile
);
1032 END_PROFILE(SMBgetatr
);
1036 mode
= dos_mode(conn
,fname
,&sbuf
);
1037 size
= sbuf
.st_size
;
1038 mtime
= sbuf
.st_mtime
;
1044 reply_outbuf(req
, 10, 0);
1046 SSVAL(req
->outbuf
,smb_vwv0
,mode
);
1047 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1048 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
& ~1);
1050 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv1
,mtime
);
1052 SIVAL(req
->outbuf
,smb_vwv3
,(uint32
)size
);
1054 if (Protocol
>= PROTOCOL_NT1
) {
1055 SSVAL(req
->outbuf
, smb_flg2
,
1056 SVAL(req
->outbuf
, smb_flg2
) | FLAGS2_IS_LONG_NAME
);
1059 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname
, mode
, (unsigned int)size
) );
1061 END_PROFILE(SMBgetatr
);
1065 /****************************************************************************
1067 ****************************************************************************/
1069 void reply_setatr(struct smb_request
*req
)
1071 struct smb_file_time ft
;
1072 connection_struct
*conn
= req
->conn
;
1076 SMB_STRUCT_STAT sbuf
;
1079 TALLOC_CTX
*ctx
= talloc_tos();
1081 START_PROFILE(SMBsetatr
);
1086 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1090 p
= (const char *)req
->buf
+ 1;
1091 p
+= srvstr_get_path_req(ctx
, req
, &fname
, p
, STR_TERMINATE
, &status
);
1092 if (!NT_STATUS_IS_OK(status
)) {
1093 reply_nterror(req
, status
);
1094 END_PROFILE(SMBsetatr
);
1098 status
= resolve_dfspath(ctx
, conn
,
1099 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1102 if (!NT_STATUS_IS_OK(status
)) {
1103 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
1104 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1105 ERRSRV
, ERRbadpath
);
1106 END_PROFILE(SMBsetatr
);
1109 reply_nterror(req
, status
);
1110 END_PROFILE(SMBsetatr
);
1114 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
1115 if (!NT_STATUS_IS_OK(status
)) {
1116 reply_nterror(req
, status
);
1117 END_PROFILE(SMBsetatr
);
1121 status
= check_name(conn
, fname
);
1122 if (!NT_STATUS_IS_OK(status
)) {
1123 reply_nterror(req
, status
);
1124 END_PROFILE(SMBsetatr
);
1128 if (fname
[0] == '.' && fname
[1] == '\0') {
1130 * Not sure here is the right place to catch this
1131 * condition. Might be moved to somewhere else later -- vl
1133 reply_nterror(req
, NT_STATUS_ACCESS_DENIED
);
1134 END_PROFILE(SMBsetatr
);
1138 mode
= SVAL(req
->vwv
+0, 0);
1139 mtime
= srv_make_unix_date3(req
->vwv
+1);
1141 ft
.mtime
= convert_time_t_to_timespec(mtime
);
1142 status
= smb_set_file_time(conn
, NULL
, fname
,
1144 if (!NT_STATUS_IS_OK(status
)) {
1145 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1146 END_PROFILE(SMBsetatr
);
1150 if (mode
!= FILE_ATTRIBUTE_NORMAL
) {
1151 if (VALID_STAT_OF_DIR(sbuf
))
1156 if (file_set_dosmode(conn
,fname
,mode
,&sbuf
,NULL
,false) != 0) {
1157 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
1158 END_PROFILE(SMBsetatr
);
1163 reply_outbuf(req
, 0, 0);
1165 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname
, mode
) );
1167 END_PROFILE(SMBsetatr
);
1171 /****************************************************************************
1173 ****************************************************************************/
1175 void reply_dskattr(struct smb_request
*req
)
1177 connection_struct
*conn
= req
->conn
;
1178 uint64_t dfree
,dsize
,bsize
;
1179 START_PROFILE(SMBdskattr
);
1181 if (get_dfree_info(conn
,".",True
,&bsize
,&dfree
,&dsize
) == (uint64_t)-1) {
1182 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
1183 END_PROFILE(SMBdskattr
);
1187 reply_outbuf(req
, 5, 0);
1189 if (Protocol
<= PROTOCOL_LANMAN2
) {
1190 double total_space
, free_space
;
1191 /* we need to scale this to a number that DOS6 can handle. We
1192 use floating point so we can handle large drives on systems
1193 that don't have 64 bit integers
1195 we end up displaying a maximum of 2G to DOS systems
1197 total_space
= dsize
* (double)bsize
;
1198 free_space
= dfree
* (double)bsize
;
1200 dsize
= (uint64_t)((total_space
+63*512) / (64*512));
1201 dfree
= (uint64_t)((free_space
+63*512) / (64*512));
1203 if (dsize
> 0xFFFF) dsize
= 0xFFFF;
1204 if (dfree
> 0xFFFF) dfree
= 0xFFFF;
1206 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1207 SSVAL(req
->outbuf
,smb_vwv1
,64); /* this must be 64 for dos systems */
1208 SSVAL(req
->outbuf
,smb_vwv2
,512); /* and this must be 512 */
1209 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1211 SSVAL(req
->outbuf
,smb_vwv0
,dsize
);
1212 SSVAL(req
->outbuf
,smb_vwv1
,bsize
/512);
1213 SSVAL(req
->outbuf
,smb_vwv2
,512);
1214 SSVAL(req
->outbuf
,smb_vwv3
,dfree
);
1217 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree
));
1219 END_PROFILE(SMBdskattr
);
1223 /****************************************************************************
1225 Can be called from SMBsearch, SMBffirst or SMBfunique.
1226 ****************************************************************************/
1228 void reply_search(struct smb_request
*req
)
1230 connection_struct
*conn
= req
->conn
;
1231 const char *mask
= NULL
;
1232 char *directory
= NULL
;
1238 unsigned int numentries
= 0;
1239 unsigned int maxentries
= 0;
1240 bool finished
= False
;
1246 bool check_descend
= False
;
1247 bool expect_close
= False
;
1249 bool mask_contains_wcard
= False
;
1250 bool allow_long_path_components
= (req
->flags2
& FLAGS2_LONG_PATH_COMPONENTS
) ? True
: False
;
1251 TALLOC_CTX
*ctx
= talloc_tos();
1252 bool ask_sharemode
= lp_parm_bool(SNUM(conn
), "smbd", "search ask sharemode", true);
1254 START_PROFILE(SMBsearch
);
1257 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1258 END_PROFILE(SMBsearch
);
1262 if (lp_posix_pathnames()) {
1263 reply_unknown_new(req
, req
->cmd
);
1264 END_PROFILE(SMBsearch
);
1268 /* If we were called as SMBffirst then we must expect close. */
1269 if(req
->cmd
== SMBffirst
) {
1270 expect_close
= True
;
1273 reply_outbuf(req
, 1, 3);
1274 maxentries
= SVAL(req
->vwv
+0, 0);
1275 dirtype
= SVAL(req
->vwv
+1, 0);
1276 p
= (const char *)req
->buf
+ 1;
1277 p
+= srvstr_get_path_req_wcard(ctx
, req
, &path
, p
, STR_TERMINATE
,
1278 &nt_status
, &mask_contains_wcard
);
1279 if (!NT_STATUS_IS_OK(nt_status
)) {
1280 reply_nterror(req
, nt_status
);
1281 END_PROFILE(SMBsearch
);
1285 nt_status
= resolve_dfspath_wcard(ctx
, conn
,
1286 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
1289 &mask_contains_wcard
);
1290 if (!NT_STATUS_IS_OK(nt_status
)) {
1291 if (NT_STATUS_EQUAL(nt_status
,NT_STATUS_PATH_NOT_COVERED
)) {
1292 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
1293 ERRSRV
, ERRbadpath
);
1294 END_PROFILE(SMBsearch
);
1297 reply_nterror(req
, nt_status
);
1298 END_PROFILE(SMBsearch
);
1303 status_len
= SVAL(p
, 0);
1306 /* dirtype &= ~aDIR; */
1308 if (status_len
== 0) {
1309 SMB_STRUCT_STAT sbuf
;
1311 nt_status
= unix_convert(ctx
, conn
, path
, True
,
1312 &directory
, NULL
, &sbuf
);
1313 if (!NT_STATUS_IS_OK(nt_status
)) {
1314 reply_nterror(req
, nt_status
);
1315 END_PROFILE(SMBsearch
);
1319 nt_status
= check_name(conn
, directory
);
1320 if (!NT_STATUS_IS_OK(nt_status
)) {
1321 reply_nterror(req
, nt_status
);
1322 END_PROFILE(SMBsearch
);
1326 p
= strrchr_m(directory
,'/');
1327 if ((p
!= NULL
) && (*directory
!= '/')) {
1329 directory
= talloc_strndup(ctx
, directory
,
1330 PTR_DIFF(p
, directory
));
1333 directory
= talloc_strdup(ctx
,".");
1337 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1338 END_PROFILE(SMBsearch
);
1342 memset((char *)status
,'\0',21);
1343 SCVAL(status
,0,(dirtype
& 0x1F));
1345 nt_status
= dptr_create(conn
,
1351 mask_contains_wcard
,
1354 if (!NT_STATUS_IS_OK(nt_status
)) {
1355 reply_nterror(req
, nt_status
);
1356 END_PROFILE(SMBsearch
);
1359 dptr_num
= dptr_dnum(conn
->dirptr
);
1363 memcpy(status
,p
,21);
1364 status_dirtype
= CVAL(status
,0) & 0x1F;
1365 if (status_dirtype
!= (dirtype
& 0x1F)) {
1366 dirtype
= status_dirtype
;
1369 conn
->dirptr
= dptr_fetch(status
+12,&dptr_num
);
1370 if (!conn
->dirptr
) {
1373 string_set(&conn
->dirpath
,dptr_path(dptr_num
));
1374 mask
= dptr_wcard(dptr_num
);
1379 * For a 'continue' search we have no string. So
1380 * check from the initial saved string.
1382 mask_contains_wcard
= ms_has_wild(mask
);
1383 dirtype
= dptr_attr(dptr_num
);
1386 DEBUG(4,("dptr_num is %d\n",dptr_num
));
1388 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1389 dptr_init_search_op(conn
->dirptr
);
1391 if ((dirtype
&0x1F) == aVOLID
) {
1392 char buf
[DIR_STRUCT_SIZE
];
1393 memcpy(buf
,status
,21);
1394 if (!make_dir_struct(ctx
,buf
,"???????????",volume_label(SNUM(conn
)),
1395 0,aVOLID
,0,!allow_long_path_components
)) {
1396 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1397 END_PROFILE(SMBsearch
);
1400 dptr_fill(buf
+12,dptr_num
);
1401 if (dptr_zero(buf
+12) && (status_len
==0)) {
1406 if (message_push_blob(&req
->outbuf
,
1407 data_blob_const(buf
, sizeof(buf
)))
1409 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1410 END_PROFILE(SMBsearch
);
1418 ((uint8
*)smb_buf(req
->outbuf
) + 3 - req
->outbuf
))
1421 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1422 conn
->dirpath
,lp_dontdescend(SNUM(conn
))));
1423 if (in_list(conn
->dirpath
, lp_dontdescend(SNUM(conn
)),True
)) {
1424 check_descend
= True
;
1427 for (i
=numentries
;(i
<maxentries
) && !finished
;i
++) {
1428 finished
= !get_dir_entry(ctx
,
1439 char buf
[DIR_STRUCT_SIZE
];
1440 memcpy(buf
,status
,21);
1441 if (!make_dir_struct(ctx
,
1448 !allow_long_path_components
)) {
1449 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1450 END_PROFILE(SMBsearch
);
1453 if (!dptr_fill(buf
+12,dptr_num
)) {
1456 if (message_push_blob(&req
->outbuf
,
1457 data_blob_const(buf
, sizeof(buf
)))
1459 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
1460 END_PROFILE(SMBsearch
);
1470 /* If we were called as SMBffirst with smb_search_id == NULL
1471 and no entries were found then return error and close dirptr
1474 if (numentries
== 0) {
1475 dptr_close(&dptr_num
);
1476 } else if(expect_close
&& status_len
== 0) {
1477 /* Close the dptr - we know it's gone */
1478 dptr_close(&dptr_num
);
1481 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1482 if(dptr_num
>= 0 && req
->cmd
== SMBfunique
) {
1483 dptr_close(&dptr_num
);
1486 if ((numentries
== 0) && !mask_contains_wcard
) {
1487 reply_botherror(req
, STATUS_NO_MORE_FILES
, ERRDOS
, ERRnofiles
);
1488 END_PROFILE(SMBsearch
);
1492 SSVAL(req
->outbuf
,smb_vwv0
,numentries
);
1493 SSVAL(req
->outbuf
,smb_vwv1
,3 + numentries
* DIR_STRUCT_SIZE
);
1494 SCVAL(smb_buf(req
->outbuf
),0,5);
1495 SSVAL(smb_buf(req
->outbuf
),1,numentries
*DIR_STRUCT_SIZE
);
1497 /* The replies here are never long name. */
1498 SSVAL(req
->outbuf
, smb_flg2
,
1499 SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_IS_LONG_NAME
));
1500 if (!allow_long_path_components
) {
1501 SSVAL(req
->outbuf
, smb_flg2
,
1502 SVAL(req
->outbuf
, smb_flg2
)
1503 & (~FLAGS2_LONG_PATH_COMPONENTS
));
1506 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1507 SSVAL(req
->outbuf
, smb_flg2
,
1508 (SVAL(req
->outbuf
, smb_flg2
) & (~FLAGS2_UNICODE_STRINGS
)));
1511 directory
= dptr_path(dptr_num
);
1514 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1515 smb_fn_name(req
->cmd
),
1517 directory
? directory
: "./",
1522 END_PROFILE(SMBsearch
);
1526 /****************************************************************************
1527 Reply to a fclose (stop directory search).
1528 ****************************************************************************/
1530 void reply_fclose(struct smb_request
*req
)
1538 bool path_contains_wcard
= False
;
1539 TALLOC_CTX
*ctx
= talloc_tos();
1541 START_PROFILE(SMBfclose
);
1543 if (lp_posix_pathnames()) {
1544 reply_unknown_new(req
, req
->cmd
);
1545 END_PROFILE(SMBfclose
);
1549 p
= (const char *)req
->buf
+ 1;
1550 p
+= srvstr_get_path_req_wcard(ctx
, req
, &path
, p
, STR_TERMINATE
,
1551 &err
, &path_contains_wcard
);
1552 if (!NT_STATUS_IS_OK(err
)) {
1553 reply_nterror(req
, err
);
1554 END_PROFILE(SMBfclose
);
1558 status_len
= SVAL(p
,0);
1561 if (status_len
== 0) {
1562 reply_doserror(req
, ERRSRV
, ERRsrverror
);
1563 END_PROFILE(SMBfclose
);
1567 memcpy(status
,p
,21);
1569 if(dptr_fetch(status
+12,&dptr_num
)) {
1570 /* Close the dptr - we know it's gone */
1571 dptr_close(&dptr_num
);
1574 reply_outbuf(req
, 1, 0);
1575 SSVAL(req
->outbuf
,smb_vwv0
,0);
1577 DEBUG(3,("search close\n"));
1579 END_PROFILE(SMBfclose
);
1583 /****************************************************************************
1585 ****************************************************************************/
1587 void reply_open(struct smb_request
*req
)
1589 connection_struct
*conn
= req
->conn
;
1595 SMB_STRUCT_STAT sbuf
;
1602 uint32 create_disposition
;
1603 uint32 create_options
= 0;
1605 TALLOC_CTX
*ctx
= talloc_tos();
1607 START_PROFILE(SMBopen
);
1609 SET_STAT_INVALID(sbuf
);
1612 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1613 END_PROFILE(SMBopen
);
1617 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1618 deny_mode
= SVAL(req
->vwv
+0, 0);
1619 dos_attr
= SVAL(req
->vwv
+1, 0);
1621 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
+1,
1622 STR_TERMINATE
, &status
);
1623 if (!NT_STATUS_IS_OK(status
)) {
1624 reply_nterror(req
, status
);
1625 END_PROFILE(SMBopen
);
1629 if (!map_open_params_to_ntcreate(
1630 fname
, deny_mode
, OPENX_FILE_EXISTS_OPEN
, &access_mask
,
1631 &share_mode
, &create_disposition
, &create_options
)) {
1632 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1633 END_PROFILE(SMBopen
);
1637 status
= SMB_VFS_CREATE_FILE(
1640 0, /* root_dir_fid */
1642 CFF_DOS_PATH
, /* create_file_flags */
1643 access_mask
, /* access_mask */
1644 share_mode
, /* share_access */
1645 create_disposition
, /* create_disposition*/
1646 create_options
, /* create_options */
1647 dos_attr
, /* file_attributes */
1648 oplock_request
, /* oplock_request */
1649 0, /* allocation_size */
1656 if (!NT_STATUS_IS_OK(status
)) {
1657 if (open_was_deferred(req
->mid
)) {
1658 /* We have re-scheduled this call. */
1659 END_PROFILE(SMBopen
);
1662 reply_openerror(req
, status
);
1663 END_PROFILE(SMBopen
);
1667 size
= sbuf
.st_size
;
1668 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1669 mtime
= sbuf
.st_mtime
;
1672 DEBUG(3,("attempt to open a directory %s\n",fsp
->fsp_name
));
1673 close_file(req
, fsp
, ERROR_CLOSE
);
1674 reply_doserror(req
, ERRDOS
,ERRnoaccess
);
1675 END_PROFILE(SMBopen
);
1679 reply_outbuf(req
, 7, 0);
1680 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
1681 SSVAL(req
->outbuf
,smb_vwv1
,fattr
);
1682 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1683 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
& ~1);
1685 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv2
,mtime
);
1687 SIVAL(req
->outbuf
,smb_vwv4
,(uint32
)size
);
1688 SSVAL(req
->outbuf
,smb_vwv6
,deny_mode
);
1690 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1691 SCVAL(req
->outbuf
,smb_flg
,
1692 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1695 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1696 SCVAL(req
->outbuf
,smb_flg
,
1697 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1699 END_PROFILE(SMBopen
);
1703 /****************************************************************************
1704 Reply to an open and X.
1705 ****************************************************************************/
1707 void reply_open_and_X(struct smb_request
*req
)
1709 connection_struct
*conn
= req
->conn
;
1714 /* Breakout the oplock request bits so we can set the
1715 reply bits separately. */
1716 int ex_oplock_request
;
1717 int core_oplock_request
;
1720 int smb_sattr
= SVAL(req
->vwv
+4, 0);
1721 uint32 smb_time
= make_unix_date3(req
->vwv
+6);
1726 SMB_STRUCT_STAT sbuf
;
1730 uint64_t allocation_size
;
1731 ssize_t retval
= -1;
1734 uint32 create_disposition
;
1735 uint32 create_options
= 0;
1736 TALLOC_CTX
*ctx
= talloc_tos();
1738 START_PROFILE(SMBopenX
);
1740 if (req
->wct
< 15) {
1741 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1742 END_PROFILE(SMBopenX
);
1746 SET_STAT_INVALID(sbuf
);
1748 open_flags
= SVAL(req
->vwv
+2, 0);
1749 deny_mode
= SVAL(req
->vwv
+3, 0);
1750 smb_attr
= SVAL(req
->vwv
+5, 0);
1751 ex_oplock_request
= EXTENDED_OPLOCK_REQUEST(req
->inbuf
);
1752 core_oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1753 oplock_request
= ex_oplock_request
| core_oplock_request
;
1754 smb_ofun
= SVAL(req
->vwv
+8, 0);
1755 allocation_size
= (uint64_t)IVAL(req
->vwv
+9, 0);
1757 /* If it's an IPC, pass off the pipe handler. */
1759 if (lp_nt_pipe_support()) {
1760 reply_open_pipe_and_X(conn
, req
);
1762 reply_doserror(req
, ERRSRV
, ERRaccess
);
1764 END_PROFILE(SMBopenX
);
1768 /* XXXX we need to handle passed times, sattr and flags */
1769 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
,
1770 STR_TERMINATE
, &status
);
1771 if (!NT_STATUS_IS_OK(status
)) {
1772 reply_nterror(req
, status
);
1773 END_PROFILE(SMBopenX
);
1777 if (!map_open_params_to_ntcreate(
1778 fname
, deny_mode
, smb_ofun
, &access_mask
,
1779 &share_mode
, &create_disposition
, &create_options
)) {
1780 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRbadaccess
));
1781 END_PROFILE(SMBopenX
);
1785 status
= SMB_VFS_CREATE_FILE(
1788 0, /* root_dir_fid */
1790 CFF_DOS_PATH
, /* create_file_flags */
1791 access_mask
, /* access_mask */
1792 share_mode
, /* share_access */
1793 create_disposition
, /* create_disposition*/
1794 create_options
, /* create_options */
1795 smb_attr
, /* file_attributes */
1796 oplock_request
, /* oplock_request */
1797 0, /* allocation_size */
1801 &smb_action
, /* pinfo */
1804 if (!NT_STATUS_IS_OK(status
)) {
1805 END_PROFILE(SMBopenX
);
1806 if (open_was_deferred(req
->mid
)) {
1807 /* We have re-scheduled this call. */
1810 reply_openerror(req
, status
);
1814 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1815 if the file is truncated or created. */
1816 if (((smb_action
== FILE_WAS_CREATED
) || (smb_action
== FILE_WAS_OVERWRITTEN
)) && allocation_size
) {
1817 fsp
->initial_allocation_size
= smb_roundup(fsp
->conn
, allocation_size
);
1818 if (vfs_allocate_file_space(fsp
, fsp
->initial_allocation_size
) == -1) {
1819 close_file(req
, fsp
, ERROR_CLOSE
);
1820 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1821 END_PROFILE(SMBopenX
);
1824 retval
= vfs_set_filelen(fsp
, (SMB_OFF_T
)allocation_size
);
1826 close_file(req
, fsp
, ERROR_CLOSE
);
1827 reply_nterror(req
, NT_STATUS_DISK_FULL
);
1828 END_PROFILE(SMBopenX
);
1831 sbuf
.st_size
= SMB_VFS_GET_ALLOC_SIZE(conn
,fsp
,&sbuf
);
1834 fattr
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
1835 mtime
= sbuf
.st_mtime
;
1837 close_file(req
, fsp
, ERROR_CLOSE
);
1838 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
1839 END_PROFILE(SMBopenX
);
1843 /* If the caller set the extended oplock request bit
1844 and we granted one (by whatever means) - set the
1845 correct bit for extended oplock reply.
1848 if (ex_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1849 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1852 if(ex_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1853 smb_action
|= EXTENDED_OPLOCK_GRANTED
;
1856 /* If the caller set the core oplock request bit
1857 and we granted one (by whatever means) - set the
1858 correct bit for core oplock reply.
1861 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1862 reply_outbuf(req
, 19, 0);
1864 reply_outbuf(req
, 15, 0);
1867 if (core_oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
1868 SCVAL(req
->outbuf
, smb_flg
,
1869 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1872 if(core_oplock_request
&& EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
1873 SCVAL(req
->outbuf
, smb_flg
,
1874 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
1877 SSVAL(req
->outbuf
,smb_vwv2
,fsp
->fnum
);
1878 SSVAL(req
->outbuf
,smb_vwv3
,fattr
);
1879 if(lp_dos_filetime_resolution(SNUM(conn
)) ) {
1880 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
& ~1);
1882 srv_put_dos_date3((char *)req
->outbuf
,smb_vwv4
,mtime
);
1884 SIVAL(req
->outbuf
,smb_vwv6
,(uint32
)sbuf
.st_size
);
1885 SSVAL(req
->outbuf
,smb_vwv8
,GET_OPENX_MODE(deny_mode
));
1886 SSVAL(req
->outbuf
,smb_vwv11
,smb_action
);
1888 if (open_flags
& EXTENDED_RESPONSE_REQUIRED
) {
1889 SIVAL(req
->outbuf
, smb_vwv15
, STD_RIGHT_ALL_ACCESS
);
1892 END_PROFILE(SMBopenX
);
1897 /****************************************************************************
1898 Reply to a SMBulogoffX.
1899 ****************************************************************************/
1901 void reply_ulogoffX(struct smb_request
*req
)
1905 START_PROFILE(SMBulogoffX
);
1907 vuser
= get_valid_user_struct(req
->vuid
);
1910 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1914 /* in user level security we are supposed to close any files
1915 open by this user */
1916 if ((vuser
!= NULL
) && (lp_security() != SEC_SHARE
)) {
1917 file_close_user(req
->vuid
);
1920 invalidate_vuid(req
->vuid
);
1922 reply_outbuf(req
, 2, 0);
1924 DEBUG( 3, ( "ulogoffX vuid=%d\n", req
->vuid
) );
1926 END_PROFILE(SMBulogoffX
);
1930 /****************************************************************************
1931 Reply to a mknew or a create.
1932 ****************************************************************************/
1934 void reply_mknew(struct smb_request
*req
)
1936 connection_struct
*conn
= req
->conn
;
1939 struct smb_file_time ft
;
1941 int oplock_request
= 0;
1942 SMB_STRUCT_STAT sbuf
;
1944 uint32 access_mask
= FILE_GENERIC_READ
| FILE_GENERIC_WRITE
;
1945 uint32 share_mode
= FILE_SHARE_READ
|FILE_SHARE_WRITE
;
1946 uint32 create_disposition
;
1947 uint32 create_options
= 0;
1948 TALLOC_CTX
*ctx
= talloc_tos();
1950 START_PROFILE(SMBcreate
);
1952 SET_STAT_INVALID(sbuf
);
1955 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
1956 END_PROFILE(SMBcreate
);
1960 fattr
= SVAL(req
->vwv
+0, 0);
1961 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
1964 ft
.mtime
= convert_time_t_to_timespec(srv_make_unix_date3(req
->vwv
+1));
1966 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
+ 1,
1967 STR_TERMINATE
, &status
);
1968 if (!NT_STATUS_IS_OK(status
)) {
1969 reply_nterror(req
, status
);
1970 END_PROFILE(SMBcreate
);
1974 if (fattr
& aVOLID
) {
1975 DEBUG(0,("Attempt to create file (%s) with volid set - "
1976 "please report this\n", fname
));
1979 if(req
->cmd
== SMBmknew
) {
1980 /* We should fail if file exists. */
1981 create_disposition
= FILE_CREATE
;
1983 /* Create if file doesn't exist, truncate if it does. */
1984 create_disposition
= FILE_OVERWRITE_IF
;
1987 status
= SMB_VFS_CREATE_FILE(
1990 0, /* root_dir_fid */
1992 CFF_DOS_PATH
, /* create_file_flags */
1993 access_mask
, /* access_mask */
1994 share_mode
, /* share_access */
1995 create_disposition
, /* create_disposition*/
1996 create_options
, /* create_options */
1997 fattr
, /* file_attributes */
1998 oplock_request
, /* oplock_request */
1999 0, /* allocation_size */
2006 if (!NT_STATUS_IS_OK(status
)) {
2007 END_PROFILE(SMBcreate
);
2008 if (open_was_deferred(req
->mid
)) {
2009 /* We have re-scheduled this call. */
2012 reply_openerror(req
, status
);
2016 ft
.atime
= get_atimespec(&sbuf
); /* atime. */
2017 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
, &sbuf
, &ft
, true);
2018 if (!NT_STATUS_IS_OK(status
)) {
2019 END_PROFILE(SMBcreate
);
2020 reply_openerror(req
, status
);
2024 reply_outbuf(req
, 1, 0);
2025 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2027 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2028 SCVAL(req
->outbuf
,smb_flg
,
2029 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2032 if(EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2033 SCVAL(req
->outbuf
,smb_flg
,
2034 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2037 DEBUG( 2, ( "reply_mknew: file %s\n", fsp
->fsp_name
) );
2038 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2039 fsp
->fsp_name
, fsp
->fh
->fd
, (unsigned int)fattr
) );
2041 END_PROFILE(SMBcreate
);
2045 /****************************************************************************
2046 Reply to a create temporary file.
2047 ****************************************************************************/
2049 void reply_ctemp(struct smb_request
*req
)
2051 connection_struct
*conn
= req
->conn
;
2057 SMB_STRUCT_STAT sbuf
;
2060 TALLOC_CTX
*ctx
= talloc_tos();
2062 START_PROFILE(SMBctemp
);
2065 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2066 END_PROFILE(SMBctemp
);
2070 fattr
= SVAL(req
->vwv
+0, 0);
2071 oplock_request
= CORE_OPLOCK_REQUEST(req
->inbuf
);
2073 srvstr_get_path_req(ctx
, req
, &fname
, (const char *)req
->buf
+1,
2074 STR_TERMINATE
, &status
);
2075 if (!NT_STATUS_IS_OK(status
)) {
2076 reply_nterror(req
, status
);
2077 END_PROFILE(SMBctemp
);
2081 fname
= talloc_asprintf(ctx
,
2085 fname
= talloc_strdup(ctx
, "TMXXXXXX");
2089 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2090 END_PROFILE(SMBctemp
);
2094 status
= resolve_dfspath(ctx
, conn
,
2095 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2098 if (!NT_STATUS_IS_OK(status
)) {
2099 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2100 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2101 ERRSRV
, ERRbadpath
);
2102 END_PROFILE(SMBctemp
);
2105 reply_nterror(req
, status
);
2106 END_PROFILE(SMBctemp
);
2110 status
= unix_convert(ctx
, conn
, fname
, False
, &fname
, NULL
, &sbuf
);
2111 if (!NT_STATUS_IS_OK(status
)) {
2112 reply_nterror(req
, status
);
2113 END_PROFILE(SMBctemp
);
2117 status
= check_name(conn
, fname
);
2118 if (!NT_STATUS_IS_OK(status
)) {
2119 reply_nterror(req
, status
);
2120 END_PROFILE(SMBctemp
);
2124 tmpfd
= smb_mkstemp(fname
);
2126 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
2127 END_PROFILE(SMBctemp
);
2131 SET_STAT_INVALID(sbuf
);
2132 SMB_VFS_STAT(conn
,fname
,&sbuf
);
2134 /* We should fail if file does not exist. */
2135 status
= SMB_VFS_CREATE_FILE(
2138 0, /* root_dir_fid */
2140 0, /* create_file_flags */
2141 FILE_GENERIC_READ
| FILE_GENERIC_WRITE
, /* access_mask */
2142 FILE_SHARE_READ
| FILE_SHARE_WRITE
, /* share_access */
2143 FILE_OPEN
, /* create_disposition*/
2144 0, /* create_options */
2145 fattr
, /* file_attributes */
2146 oplock_request
, /* oplock_request */
2147 0, /* allocation_size */
2154 /* close fd from smb_mkstemp() */
2157 if (!NT_STATUS_IS_OK(status
)) {
2158 if (open_was_deferred(req
->mid
)) {
2159 /* We have re-scheduled this call. */
2160 END_PROFILE(SMBctemp
);
2163 reply_openerror(req
, status
);
2164 END_PROFILE(SMBctemp
);
2168 reply_outbuf(req
, 1, 0);
2169 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
2171 /* the returned filename is relative to the directory */
2172 s
= strrchr_m(fsp
->fsp_name
, '/');
2180 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2181 thing in the byte section. JRA */
2182 SSVALS(p
, 0, -1); /* what is this? not in spec */
2184 if (message_push_string(&req
->outbuf
, s
, STR_ASCII
|STR_TERMINATE
)
2186 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
2187 END_PROFILE(SMBctemp
);
2191 if (oplock_request
&& lp_fake_oplocks(SNUM(conn
))) {
2192 SCVAL(req
->outbuf
, smb_flg
,
2193 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2196 if (EXCLUSIVE_OPLOCK_TYPE(fsp
->oplock_type
)) {
2197 SCVAL(req
->outbuf
, smb_flg
,
2198 CVAL(req
->outbuf
,smb_flg
)|CORE_OPLOCK_GRANTED
);
2201 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp
->fsp_name
) );
2202 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp
->fsp_name
,
2203 fsp
->fh
->fd
, (unsigned int)sbuf
.st_mode
) );
2205 END_PROFILE(SMBctemp
);
2209 /*******************************************************************
2210 Check if a user is allowed to rename a file.
2211 ********************************************************************/
2213 static NTSTATUS
can_rename(connection_struct
*conn
, files_struct
*fsp
,
2214 uint16 dirtype
, SMB_STRUCT_STAT
*pst
)
2218 if (!CAN_WRITE(conn
)) {
2219 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2222 fmode
= dos_mode(conn
, fsp
->fsp_name
, pst
);
2223 if ((fmode
& ~dirtype
) & (aHIDDEN
| aSYSTEM
)) {
2224 return NT_STATUS_NO_SUCH_FILE
;
2227 if (S_ISDIR(pst
->st_mode
)) {
2228 if (fsp
->posix_open
) {
2229 return NT_STATUS_OK
;
2232 /* If no pathnames are open below this
2233 directory, allow the rename. */
2235 if (file_find_subpath(fsp
)) {
2236 return NT_STATUS_ACCESS_DENIED
;
2238 return NT_STATUS_OK
;
2241 if (fsp
->access_mask
& (DELETE_ACCESS
|FILE_WRITE_ATTRIBUTES
)) {
2242 return NT_STATUS_OK
;
2245 return NT_STATUS_ACCESS_DENIED
;
2248 /*******************************************************************
2249 * unlink a file with all relevant access checks
2250 *******************************************************************/
2252 static NTSTATUS
do_unlink(connection_struct
*conn
,
2253 struct smb_request
*req
,
2257 SMB_STRUCT_STAT sbuf
;
2260 uint32 dirtype_orig
= dirtype
;
2263 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname
, dirtype
));
2265 if (!CAN_WRITE(conn
)) {
2266 return NT_STATUS_MEDIA_WRITE_PROTECTED
;
2269 if (SMB_VFS_LSTAT(conn
,fname
,&sbuf
) != 0) {
2270 return map_nt_error_from_unix(errno
);
2273 fattr
= dos_mode(conn
,fname
,&sbuf
);
2275 if (dirtype
& FILE_ATTRIBUTE_NORMAL
) {
2276 dirtype
= aDIR
|aARCH
|aRONLY
;
2279 dirtype
&= (aDIR
|aARCH
|aRONLY
|aHIDDEN
|aSYSTEM
);
2281 return NT_STATUS_NO_SUCH_FILE
;
2284 if (!dir_check_ftype(conn
, fattr
, dirtype
)) {
2286 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2288 return NT_STATUS_NO_SUCH_FILE
;
2291 if (dirtype_orig
& 0x8000) {
2292 /* These will never be set for POSIX. */
2293 return NT_STATUS_NO_SUCH_FILE
;
2297 if ((fattr
& dirtype
) & FILE_ATTRIBUTE_DIRECTORY
) {
2298 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2301 if ((fattr
& ~dirtype
) & (FILE_ATTRIBUTE_HIDDEN
|FILE_ATTRIBUTE_SYSTEM
)) {
2302 return NT_STATUS_NO_SUCH_FILE
;
2305 if (dirtype
& 0xFF00) {
2306 /* These will never be set for POSIX. */
2307 return NT_STATUS_NO_SUCH_FILE
;
2312 return NT_STATUS_NO_SUCH_FILE
;
2315 /* Can't delete a directory. */
2317 return NT_STATUS_FILE_IS_A_DIRECTORY
;
2322 else if (dirtype
& aDIR
) /* Asked for a directory and it isn't. */
2323 return NT_STATUS_OBJECT_NAME_INVALID
;
2324 #endif /* JRATEST */
2326 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2328 On a Windows share, a file with read-only dosmode can be opened with
2329 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2330 fails with NT_STATUS_CANNOT_DELETE error.
2332 This semantic causes a problem that a user can not
2333 rename a file with read-only dosmode on a Samba share
2334 from a Windows command prompt (i.e. cmd.exe, but can rename
2335 from Windows Explorer).
2338 if (!lp_delete_readonly(SNUM(conn
))) {
2339 if (fattr
& aRONLY
) {
2340 return NT_STATUS_CANNOT_DELETE
;
2344 /* On open checks the open itself will check the share mode, so
2345 don't do it here as we'll get it wrong. */
2347 status
= SMB_VFS_CREATE_FILE
2350 0, /* root_dir_fid */
2352 0, /* create_file_flags */
2353 DELETE_ACCESS
, /* access_mask */
2354 FILE_SHARE_NONE
, /* share_access */
2355 FILE_OPEN
, /* create_disposition*/
2356 FILE_NON_DIRECTORY_FILE
, /* create_options */
2357 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
2358 0, /* oplock_request */
2359 0, /* allocation_size */
2366 if (!NT_STATUS_IS_OK(status
)) {
2367 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2368 nt_errstr(status
)));
2372 /* The set is across all open files on this dev/inode pair. */
2373 if (!set_delete_on_close(fsp
, True
, &conn
->server_info
->utok
)) {
2374 close_file(req
, fsp
, NORMAL_CLOSE
);
2375 return NT_STATUS_ACCESS_DENIED
;
2378 return close_file(req
, fsp
, NORMAL_CLOSE
);
2381 /****************************************************************************
2382 The guts of the unlink command, split out so it may be called by the NT SMB
2384 ****************************************************************************/
2386 NTSTATUS
unlink_internals(connection_struct
*conn
, struct smb_request
*req
,
2387 uint32 dirtype
, const char *name_in
, bool has_wild
)
2389 const char *directory
= NULL
;
2394 NTSTATUS status
= NT_STATUS_OK
;
2395 SMB_STRUCT_STAT sbuf
, st
;
2396 TALLOC_CTX
*ctx
= talloc_tos();
2398 status
= unix_convert(ctx
, conn
, name_in
, has_wild
, &name
, NULL
, &sbuf
);
2399 if (!NT_STATUS_IS_OK(status
)) {
2403 p
= strrchr_m(name
,'/');
2405 directory
= talloc_strdup(ctx
, ".");
2407 return NT_STATUS_NO_MEMORY
;
2417 * We should only check the mangled cache
2418 * here if unix_convert failed. This means
2419 * that the path in 'mask' doesn't exist
2420 * on the file system and so we need to look
2421 * for a possible mangle. This patch from
2422 * Tine Smukavec <valentin.smukavec@hermes.si>.
2425 if (!VALID_STAT(sbuf
) && mangle_is_mangled(mask
,conn
->params
)) {
2426 char *new_mask
= NULL
;
2427 mangle_lookup_name_from_8_3(ctx
,
2437 directory
= talloc_asprintf(ctx
,
2442 return NT_STATUS_NO_MEMORY
;
2445 dirtype
= FILE_ATTRIBUTE_NORMAL
;
2448 status
= check_name(conn
, directory
);
2449 if (!NT_STATUS_IS_OK(status
)) {
2453 status
= do_unlink(conn
, req
, directory
, dirtype
);
2454 if (!NT_STATUS_IS_OK(status
)) {
2460 struct smb_Dir
*dir_hnd
= NULL
;
2464 if ((dirtype
& SAMBA_ATTRIBUTES_MASK
) == aDIR
) {
2465 return NT_STATUS_OBJECT_NAME_INVALID
;
2468 if (strequal(mask
,"????????.???")) {
2473 status
= check_name(conn
, directory
);
2474 if (!NT_STATUS_IS_OK(status
)) {
2478 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
,
2480 if (dir_hnd
== NULL
) {
2481 return map_nt_error_from_unix(errno
);
2484 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2485 the pattern matches against the long name, otherwise the short name
2486 We don't implement this yet XXXX
2489 status
= NT_STATUS_NO_SUCH_FILE
;
2491 while ((dname
= ReadDirName(dir_hnd
, &offset
, &st
))) {
2494 if (!is_visible_file(conn
, directory
, dname
, &st
,
2500 /* Quick check for "." and ".." */
2501 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
2505 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
2509 fname
= talloc_asprintf(ctx
, "%s/%s",
2513 return NT_STATUS_NO_MEMORY
;
2516 status
= check_name(conn
, fname
);
2517 if (!NT_STATUS_IS_OK(status
)) {
2518 TALLOC_FREE(dir_hnd
);
2522 status
= do_unlink(conn
, req
, fname
, dirtype
);
2523 if (!NT_STATUS_IS_OK(status
)) {
2529 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2534 TALLOC_FREE(dir_hnd
);
2537 if (count
== 0 && NT_STATUS_IS_OK(status
) && errno
!= 0) {
2538 status
= map_nt_error_from_unix(errno
);
2544 /****************************************************************************
2546 ****************************************************************************/
2548 void reply_unlink(struct smb_request
*req
)
2550 connection_struct
*conn
= req
->conn
;
2554 bool path_contains_wcard
= False
;
2555 TALLOC_CTX
*ctx
= talloc_tos();
2557 START_PROFILE(SMBunlink
);
2560 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
2561 END_PROFILE(SMBunlink
);
2565 dirtype
= SVAL(req
->vwv
+0, 0);
2567 srvstr_get_path_req_wcard(ctx
, req
, &name
, (const char *)req
->buf
+ 1,
2568 STR_TERMINATE
, &status
,
2569 &path_contains_wcard
);
2570 if (!NT_STATUS_IS_OK(status
)) {
2571 reply_nterror(req
, status
);
2572 END_PROFILE(SMBunlink
);
2576 status
= resolve_dfspath_wcard(ctx
, conn
,
2577 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
2580 &path_contains_wcard
);
2581 if (!NT_STATUS_IS_OK(status
)) {
2582 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
2583 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
2584 ERRSRV
, ERRbadpath
);
2585 END_PROFILE(SMBunlink
);
2588 reply_nterror(req
, status
);
2589 END_PROFILE(SMBunlink
);
2593 DEBUG(3,("reply_unlink : %s\n",name
));
2595 status
= unlink_internals(conn
, req
, dirtype
, name
,
2596 path_contains_wcard
);
2597 if (!NT_STATUS_IS_OK(status
)) {
2598 if (open_was_deferred(req
->mid
)) {
2599 /* We have re-scheduled this call. */
2600 END_PROFILE(SMBunlink
);
2603 reply_nterror(req
, status
);
2604 END_PROFILE(SMBunlink
);
2608 reply_outbuf(req
, 0, 0);
2609 END_PROFILE(SMBunlink
);
2614 /****************************************************************************
2616 ****************************************************************************/
2618 static void fail_readraw(void)
2620 const char *errstr
= talloc_asprintf(talloc_tos(),
2621 "FAIL ! reply_readbraw: socket write fail (%s)",
2626 exit_server_cleanly(errstr
);
2629 /****************************************************************************
2630 Fake (read/write) sendfile. Returns -1 on read or write fail.
2631 ****************************************************************************/
2633 static ssize_t
fake_sendfile(files_struct
*fsp
, SMB_OFF_T startpos
,
2637 size_t tosend
= nread
;
2644 bufsize
= MIN(nread
, 65536);
2646 if (!(buf
= SMB_MALLOC_ARRAY(char, bufsize
))) {
2650 while (tosend
> 0) {
2654 if (tosend
> bufsize
) {
2659 ret
= read_file(fsp
,buf
,startpos
,cur_read
);
2665 /* If we had a short read, fill with zeros. */
2666 if (ret
< cur_read
) {
2667 memset(buf
+ ret
, '\0', cur_read
- ret
);
2670 if (write_data(smbd_server_fd(),buf
,cur_read
) != cur_read
) {
2675 startpos
+= cur_read
;
2679 return (ssize_t
)nread
;
2682 #if defined(WITH_SENDFILE)
2683 /****************************************************************************
2684 Deal with the case of sendfile reading less bytes from the file than
2685 requested. Fill with zeros (all we can do).
2686 ****************************************************************************/
2688 static void sendfile_short_send(files_struct
*fsp
,
2693 #define SHORT_SEND_BUFSIZE 1024
2694 if (nread
< headersize
) {
2695 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2696 "header for file %s (%s). Terminating\n",
2697 fsp
->fsp_name
, strerror(errno
) ));
2698 exit_server_cleanly("sendfile_short_send failed");
2701 nread
-= headersize
;
2703 if (nread
< smb_maxcnt
) {
2704 char *buf
= SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE
);
2706 exit_server_cleanly("sendfile_short_send: "
2710 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2711 "with zeros !\n", fsp
->fsp_name
));
2713 while (nread
< smb_maxcnt
) {
2715 * We asked for the real file size and told sendfile
2716 * to not go beyond the end of the file. But it can
2717 * happen that in between our fstat call and the
2718 * sendfile call the file was truncated. This is very
2719 * bad because we have already announced the larger
2720 * number of bytes to the client.
2722 * The best we can do now is to send 0-bytes, just as
2723 * a read from a hole in a sparse file would do.
2725 * This should happen rarely enough that I don't care
2726 * about efficiency here :-)
2730 to_write
= MIN(SHORT_SEND_BUFSIZE
, smb_maxcnt
- nread
);
2731 if (write_data(smbd_server_fd(), buf
, to_write
) != to_write
) {
2732 exit_server_cleanly("sendfile_short_send: "
2733 "write_data failed");
2740 #endif /* defined WITH_SENDFILE */
2742 /****************************************************************************
2743 Return a readbraw error (4 bytes of zero).
2744 ****************************************************************************/
2746 static void reply_readbraw_error(void)
2750 if (write_data(smbd_server_fd(),header
,4) != 4) {
2755 /****************************************************************************
2756 Use sendfile in readbraw.
2757 ****************************************************************************/
2759 static void send_file_readbraw(connection_struct
*conn
,
2760 struct smb_request
*req
,
2766 char *outbuf
= NULL
;
2769 #if defined(WITH_SENDFILE)
2771 * We can only use sendfile on a non-chained packet
2772 * but we can use on a non-oplocked file. tridge proved this
2773 * on a train in Germany :-). JRA.
2774 * reply_readbraw has already checked the length.
2777 if ( !req_is_in_chain(req
) && (nread
> 0) && (fsp
->base_fsp
== NULL
) &&
2778 (fsp
->wcp
== NULL
) && lp_use_sendfile(SNUM(conn
)) ) {
2779 ssize_t sendfile_read
= -1;
2781 DATA_BLOB header_blob
;
2783 _smb_setlen(header
,nread
);
2784 header_blob
= data_blob_const(header
, 4);
2786 if ((sendfile_read
= SMB_VFS_SENDFILE(smbd_server_fd(), fsp
,
2787 &header_blob
, startpos
, nread
)) == -1) {
2788 /* Returning ENOSYS means no data at all was sent.
2789 * Do this as a normal read. */
2790 if (errno
== ENOSYS
) {
2791 goto normal_readbraw
;
2795 * Special hack for broken Linux with no working sendfile. If we
2796 * return EINTR we sent the header but not the rest of the data.
2797 * Fake this up by doing read/write calls.
2799 if (errno
== EINTR
) {
2800 /* Ensure we don't do this again. */
2801 set_use_sendfile(SNUM(conn
), False
);
2802 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2804 if (fake_sendfile(fsp
, startpos
, nread
) == -1) {
2805 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2806 fsp
->fsp_name
, strerror(errno
) ));
2807 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2812 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2813 fsp
->fsp_name
, strerror(errno
) ));
2814 exit_server_cleanly("send_file_readbraw sendfile failed");
2815 } else if (sendfile_read
== 0) {
2817 * Some sendfile implementations return 0 to indicate
2818 * that there was a short read, but nothing was
2819 * actually written to the socket. In this case,
2820 * fallback to the normal read path so the header gets
2821 * the correct byte count.
2823 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2824 "bytes falling back to the normal read: "
2825 "%s\n", fsp
->fsp_name
));
2826 goto normal_readbraw
;
2829 /* Deal with possible short send. */
2830 if (sendfile_read
!= 4+nread
) {
2831 sendfile_short_send(fsp
, sendfile_read
, 4, nread
);
2839 outbuf
= TALLOC_ARRAY(NULL
, char, nread
+4);
2841 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2842 (unsigned)(nread
+4)));
2843 reply_readbraw_error();
2848 ret
= read_file(fsp
,outbuf
+4,startpos
,nread
);
2849 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2858 _smb_setlen(outbuf
,ret
);
2859 if (write_data(smbd_server_fd(),outbuf
,4+ret
) != 4+ret
)
2862 TALLOC_FREE(outbuf
);
2865 /****************************************************************************
2866 Reply to a readbraw (core+ protocol).
2867 ****************************************************************************/
2869 void reply_readbraw(struct smb_request
*req
)
2871 connection_struct
*conn
= req
->conn
;
2872 ssize_t maxcount
,mincount
;
2876 struct lock_struct lock
;
2880 START_PROFILE(SMBreadbraw
);
2882 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
2883 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2884 "raw reads/writes are disallowed.");
2888 reply_readbraw_error();
2889 END_PROFILE(SMBreadbraw
);
2894 * Special check if an oplock break has been issued
2895 * and the readraw request croses on the wire, we must
2896 * return a zero length response here.
2899 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
2902 * We have to do a check_fsp by hand here, as
2903 * we must always return 4 zero bytes on error,
2907 if (!fsp
|| !conn
|| conn
!= fsp
->conn
||
2908 req
->vuid
!= fsp
->vuid
||
2909 fsp
->is_directory
|| fsp
->fh
->fd
== -1) {
2911 * fsp could be NULL here so use the value from the packet. JRA.
2913 DEBUG(3,("reply_readbraw: fnum %d not valid "
2915 (int)SVAL(req
->vwv
+0, 0)));
2916 reply_readbraw_error();
2917 END_PROFILE(SMBreadbraw
);
2921 /* Do a "by hand" version of CHECK_READ. */
2922 if (!(fsp
->can_read
||
2923 ((req
->flags2
& FLAGS2_READ_PERMIT_EXECUTE
) &&
2924 (fsp
->access_mask
& FILE_EXECUTE
)))) {
2925 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2926 (int)SVAL(req
->vwv
+0, 0)));
2927 reply_readbraw_error();
2928 END_PROFILE(SMBreadbraw
);
2932 flush_write_cache(fsp
, READRAW_FLUSH
);
2934 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+1, 0);
2935 if(req
->wct
== 10) {
2937 * This is a large offset (64 bit) read.
2939 #ifdef LARGE_SMB_OFF_T
2941 startpos
|= (((SMB_OFF_T
)IVAL(req
->vwv
+8, 0)) << 32);
2943 #else /* !LARGE_SMB_OFF_T */
2946 * Ensure we haven't been sent a >32 bit offset.
2949 if(IVAL(req
->vwv
+8, 0) != 0) {
2950 DEBUG(0,("reply_readbraw: large offset "
2951 "(%x << 32) used and we don't support "
2952 "64 bit offsets.\n",
2953 (unsigned int)IVAL(req
->vwv
+8, 0) ));
2954 reply_readbraw_error();
2955 END_PROFILE(SMBreadbraw
);
2959 #endif /* LARGE_SMB_OFF_T */
2962 DEBUG(0,("reply_readbraw: negative 64 bit "
2963 "readraw offset (%.0f) !\n",
2964 (double)startpos
));
2965 reply_readbraw_error();
2966 END_PROFILE(SMBreadbraw
);
2971 maxcount
= (SVAL(req
->vwv
+3, 0) & 0xFFFF);
2972 mincount
= (SVAL(req
->vwv
+4, 0) & 0xFFFF);
2974 /* ensure we don't overrun the packet size */
2975 maxcount
= MIN(65535,maxcount
);
2977 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
2978 (uint64_t)startpos
, (uint64_t)maxcount
, READ_LOCK
,
2981 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
2982 reply_readbraw_error();
2983 END_PROFILE(SMBreadbraw
);
2987 if (SMB_VFS_FSTAT(fsp
, &st
) == 0) {
2991 if (startpos
>= size
) {
2994 nread
= MIN(maxcount
,(size
- startpos
));
2997 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2998 if (nread
< mincount
)
3002 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3003 "min=%lu nread=%lu\n",
3004 fsp
->fnum
, (double)startpos
,
3005 (unsigned long)maxcount
,
3006 (unsigned long)mincount
,
3007 (unsigned long)nread
) );
3009 send_file_readbraw(conn
, req
, fsp
, startpos
, nread
, mincount
);
3011 DEBUG(5,("reply_readbraw finished\n"));
3013 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3015 END_PROFILE(SMBreadbraw
);
3020 #define DBGC_CLASS DBGC_LOCKING
3022 /****************************************************************************
3023 Reply to a lockread (core+ protocol).
3024 ****************************************************************************/
3026 void reply_lockread(struct smb_request
*req
)
3028 connection_struct
*conn
= req
->conn
;
3035 struct byte_range_lock
*br_lck
= NULL
;
3038 START_PROFILE(SMBlockread
);
3041 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3042 END_PROFILE(SMBlockread
);
3046 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3048 if (!check_fsp(conn
, req
, fsp
)) {
3049 END_PROFILE(SMBlockread
);
3053 if (!CHECK_READ(fsp
,req
)) {
3054 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3055 END_PROFILE(SMBlockread
);
3059 numtoread
= SVAL(req
->vwv
+1, 0);
3060 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3062 numtoread
= MIN(BUFFER_SIZE
- (smb_size
+ 3*2 + 3), numtoread
);
3064 reply_outbuf(req
, 5, numtoread
+ 3);
3066 data
= smb_buf(req
->outbuf
) + 3;
3069 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3070 * protocol request that predates the read/write lock concept.
3071 * Thus instead of asking for a read lock here we need to ask
3072 * for a write lock. JRA.
3073 * Note that the requested lock size is unaffected by max_recv.
3076 br_lck
= do_lock(smbd_messaging_context(),
3079 (uint64_t)numtoread
,
3083 False
, /* Non-blocking lock. */
3087 TALLOC_FREE(br_lck
);
3089 if (NT_STATUS_V(status
)) {
3090 reply_nterror(req
, status
);
3091 END_PROFILE(SMBlockread
);
3096 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3099 if (numtoread
> max_recv
) {
3100 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3101 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3102 (unsigned int)numtoread
, (unsigned int)max_recv
));
3103 numtoread
= MIN(numtoread
,max_recv
);
3105 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3108 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3109 END_PROFILE(SMBlockread
);
3113 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3115 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3116 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3117 p
= smb_buf(req
->outbuf
);
3118 SCVAL(p
,0,0); /* pad byte. */
3121 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3122 fsp
->fnum
, (int)numtoread
, (int)nread
));
3124 END_PROFILE(SMBlockread
);
3129 #define DBGC_CLASS DBGC_ALL
3131 /****************************************************************************
3133 ****************************************************************************/
3135 void reply_read(struct smb_request
*req
)
3137 connection_struct
*conn
= req
->conn
;
3144 struct lock_struct lock
;
3146 START_PROFILE(SMBread
);
3149 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3150 END_PROFILE(SMBread
);
3154 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3156 if (!check_fsp(conn
, req
, fsp
)) {
3157 END_PROFILE(SMBread
);
3161 if (!CHECK_READ(fsp
,req
)) {
3162 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3163 END_PROFILE(SMBread
);
3167 numtoread
= SVAL(req
->vwv
+1, 0);
3168 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3170 numtoread
= MIN(BUFFER_SIZE
-outsize
,numtoread
);
3173 * The requested read size cannot be greater than max_recv. JRA.
3175 if (numtoread
> max_recv
) {
3176 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3177 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3178 (unsigned int)numtoread
, (unsigned int)max_recv
));
3179 numtoread
= MIN(numtoread
,max_recv
);
3182 reply_outbuf(req
, 5, numtoread
+3);
3184 data
= smb_buf(req
->outbuf
) + 3;
3186 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3187 (uint64_t)startpos
, (uint64_t)numtoread
, READ_LOCK
,
3190 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3191 reply_doserror(req
, ERRDOS
,ERRlock
);
3192 END_PROFILE(SMBread
);
3197 nread
= read_file(fsp
,data
,startpos
,numtoread
);
3200 reply_unixerror(req
, ERRDOS
,ERRnoaccess
);
3204 srv_set_message((char *)req
->outbuf
, 5, nread
+3, False
);
3206 SSVAL(req
->outbuf
,smb_vwv0
,nread
);
3207 SSVAL(req
->outbuf
,smb_vwv5
,nread
+3);
3208 SCVAL(smb_buf(req
->outbuf
),0,1);
3209 SSVAL(smb_buf(req
->outbuf
),1,nread
);
3211 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3212 fsp
->fnum
, (int)numtoread
, (int)nread
) );
3215 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3217 END_PROFILE(SMBread
);
3221 /****************************************************************************
3223 ****************************************************************************/
3225 static int setup_readX_header(struct smb_request
*req
, char *outbuf
,
3231 outsize
= srv_set_message(outbuf
,12,smb_maxcnt
,False
);
3232 data
= smb_buf(outbuf
);
3234 memset(outbuf
+smb_vwv0
,'\0',24); /* valgrind init. */
3236 SCVAL(outbuf
,smb_vwv0
,0xFF);
3237 SSVAL(outbuf
,smb_vwv2
,0xFFFF); /* Remaining - must be -1. */
3238 SSVAL(outbuf
,smb_vwv5
,smb_maxcnt
);
3239 SSVAL(outbuf
,smb_vwv6
,
3241 + 1 /* the wct field */
3242 + 12 * sizeof(uint16_t) /* vwv */
3243 + 2); /* the buflen field */
3244 SSVAL(outbuf
,smb_vwv7
,(smb_maxcnt
>> 16));
3245 SSVAL(outbuf
,smb_vwv11
,smb_maxcnt
);
3246 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3247 _smb_setlen_large(outbuf
,(smb_size
+ 12*2 + smb_maxcnt
- 4));
3251 /****************************************************************************
3252 Reply to a read and X - possibly using sendfile.
3253 ****************************************************************************/
3255 static void send_file_readX(connection_struct
*conn
, struct smb_request
*req
,
3256 files_struct
*fsp
, SMB_OFF_T startpos
,
3259 SMB_STRUCT_STAT sbuf
;
3261 struct lock_struct lock
;
3263 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
3264 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3268 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3269 (uint64_t)startpos
, (uint64_t)smb_maxcnt
, READ_LOCK
,
3272 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3273 reply_doserror(req
, ERRDOS
, ERRlock
);
3277 if (!S_ISREG(sbuf
.st_mode
) || (startpos
> sbuf
.st_size
)
3278 || (smb_maxcnt
> (sbuf
.st_size
- startpos
))) {
3280 * We already know that we would do a short read, so don't
3281 * try the sendfile() path.
3283 goto nosendfile_read
;
3286 #if defined(WITH_SENDFILE)
3288 * We can only use sendfile on a non-chained packet
3289 * but we can use on a non-oplocked file. tridge proved this
3290 * on a train in Germany :-). JRA.
3293 if (!req_is_in_chain(req
) &&
3294 !is_encrypted_packet(req
->inbuf
) && (fsp
->base_fsp
== NULL
) &&
3295 lp_use_sendfile(SNUM(conn
)) && (fsp
->wcp
== NULL
) ) {
3296 uint8 headerbuf
[smb_size
+ 12 * 2];
3300 * Set up the packet header before send. We
3301 * assume here the sendfile will work (get the
3302 * correct amount of data).
3305 header
= data_blob_const(headerbuf
, sizeof(headerbuf
));
3307 construct_reply_common_req(req
, (char *)headerbuf
);
3308 setup_readX_header(req
, (char *)headerbuf
, smb_maxcnt
);
3310 if ((nread
= SMB_VFS_SENDFILE(smbd_server_fd(), fsp
, &header
, startpos
, smb_maxcnt
)) == -1) {
3311 /* Returning ENOSYS means no data at all was sent.
3312 Do this as a normal read. */
3313 if (errno
== ENOSYS
) {
3318 * Special hack for broken Linux with no working sendfile. If we
3319 * return EINTR we sent the header but not the rest of the data.
3320 * Fake this up by doing read/write calls.
3323 if (errno
== EINTR
) {
3324 /* Ensure we don't do this again. */
3325 set_use_sendfile(SNUM(conn
), False
);
3326 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3327 nread
= fake_sendfile(fsp
, startpos
,
3330 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3331 fsp
->fsp_name
, strerror(errno
) ));
3332 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3334 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3335 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3336 /* No outbuf here means successful sendfile. */
3340 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3341 fsp
->fsp_name
, strerror(errno
) ));
3342 exit_server_cleanly("send_file_readX sendfile failed");
3343 } else if (nread
== 0) {
3345 * Some sendfile implementations return 0 to indicate
3346 * that there was a short read, but nothing was
3347 * actually written to the socket. In this case,
3348 * fallback to the normal read path so the header gets
3349 * the correct byte count.
3351 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3352 "falling back to the normal read: %s\n",
3357 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3358 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3360 /* Deal with possible short send. */
3361 if (nread
!= smb_maxcnt
+ sizeof(headerbuf
)) {
3362 sendfile_short_send(fsp
, nread
, sizeof(headerbuf
), smb_maxcnt
);
3364 /* No outbuf here means successful sendfile. */
3365 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req
->pcd
, nread
);
3366 SMB_PERFCOUNT_END(&req
->pcd
);
3374 if ((smb_maxcnt
& 0xFF0000) > 0x10000) {
3375 uint8 headerbuf
[smb_size
+ 2*12];
3377 construct_reply_common_req(req
, (char *)headerbuf
);
3378 setup_readX_header(req
, (char *)headerbuf
, smb_maxcnt
);
3380 /* Send out the header. */
3381 if (write_data(smbd_server_fd(), (char *)headerbuf
,
3382 sizeof(headerbuf
)) != sizeof(headerbuf
)) {
3383 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3384 fsp
->fsp_name
, strerror(errno
) ));
3385 exit_server_cleanly("send_file_readX sendfile failed");
3387 nread
= fake_sendfile(fsp
, startpos
, smb_maxcnt
);
3389 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3390 fsp
->fsp_name
, strerror(errno
) ));
3391 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3398 reply_outbuf(req
, 12, smb_maxcnt
);
3400 nread
= read_file(fsp
, smb_buf(req
->outbuf
), startpos
, smb_maxcnt
);
3402 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3405 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
3409 setup_readX_header(req
, (char *)req
->outbuf
, nread
);
3411 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3412 fsp
->fnum
, (int)smb_maxcnt
, (int)nread
) );
3418 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3419 TALLOC_FREE(req
->outbuf
);
3423 /****************************************************************************
3424 Reply to a read and X.
3425 ****************************************************************************/
3427 void reply_read_and_X(struct smb_request
*req
)
3429 connection_struct
*conn
= req
->conn
;
3433 bool big_readX
= False
;
3435 size_t smb_mincnt
= SVAL(req
->vwv
+6, 0);
3438 START_PROFILE(SMBreadX
);
3440 if ((req
->wct
!= 10) && (req
->wct
!= 12)) {
3441 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3445 fsp
= file_fsp(req
, SVAL(req
->vwv
+2, 0));
3446 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+3, 0);
3447 smb_maxcnt
= SVAL(req
->vwv
+5, 0);
3449 /* If it's an IPC, pass off the pipe handler. */
3451 reply_pipe_read_and_X(req
);
3452 END_PROFILE(SMBreadX
);
3456 if (!check_fsp(conn
, req
, fsp
)) {
3457 END_PROFILE(SMBreadX
);
3461 if (!CHECK_READ(fsp
,req
)) {
3462 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3463 END_PROFILE(SMBreadX
);
3467 if (global_client_caps
& CAP_LARGE_READX
) {
3468 size_t upper_size
= SVAL(req
->vwv
+7, 0);
3469 smb_maxcnt
|= (upper_size
<<16);
3470 if (upper_size
> 1) {
3471 /* Can't do this on a chained packet. */
3472 if ((CVAL(req
->vwv
+0, 0) != 0xFF)) {
3473 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3474 END_PROFILE(SMBreadX
);
3477 /* We currently don't do this on signed or sealed data. */
3478 if (srv_is_signing_active() || is_encrypted_packet(req
->inbuf
)) {
3479 reply_nterror(req
, NT_STATUS_NOT_SUPPORTED
);
3480 END_PROFILE(SMBreadX
);
3483 /* Is there room in the reply for this data ? */
3484 if (smb_maxcnt
> (0xFFFFFF - (smb_size
-4 + 12*2))) {
3486 NT_STATUS_INVALID_PARAMETER
);
3487 END_PROFILE(SMBreadX
);
3494 if (req
->wct
== 12) {
3495 #ifdef LARGE_SMB_OFF_T
3497 * This is a large offset (64 bit) read.
3499 startpos
|= (((SMB_OFF_T
)IVAL(req
->vwv
+10, 0)) << 32);
3501 #else /* !LARGE_SMB_OFF_T */
3504 * Ensure we haven't been sent a >32 bit offset.
3507 if(IVAL(req
->vwv
+10, 0) != 0) {
3508 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3509 "used and we don't support 64 bit offsets.\n",
3510 (unsigned int)IVAL(req
->vwv
+10, 0) ));
3511 END_PROFILE(SMBreadX
);
3512 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3516 #endif /* LARGE_SMB_OFF_T */
3521 schedule_aio_read_and_X(conn
, req
, fsp
, startpos
, smb_maxcnt
)) {
3525 send_file_readX(conn
, req
, fsp
, startpos
, smb_maxcnt
);
3528 END_PROFILE(SMBreadX
);
3532 /****************************************************************************
3533 Error replies to writebraw must have smb_wct == 1. Fix this up.
3534 ****************************************************************************/
3536 void error_to_writebrawerr(struct smb_request
*req
)
3538 uint8
*old_outbuf
= req
->outbuf
;
3540 reply_outbuf(req
, 1, 0);
3542 memcpy(req
->outbuf
, old_outbuf
, smb_size
);
3543 TALLOC_FREE(old_outbuf
);
3546 /****************************************************************************
3547 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3548 ****************************************************************************/
3550 void reply_writebraw(struct smb_request
*req
)
3552 connection_struct
*conn
= req
->conn
;
3555 ssize_t total_written
=0;
3556 size_t numtowrite
=0;
3562 struct lock_struct lock
;
3565 START_PROFILE(SMBwritebraw
);
3568 * If we ever reply with an error, it must have the SMB command
3569 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3572 SCVAL(req
->inbuf
,smb_com
,SMBwritec
);
3574 if (srv_is_signing_active()) {
3575 END_PROFILE(SMBwritebraw
);
3576 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3577 "raw reads/writes are disallowed.");
3580 if (req
->wct
< 12) {
3581 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3582 error_to_writebrawerr(req
);
3583 END_PROFILE(SMBwritebraw
);
3587 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3588 if (!check_fsp(conn
, req
, fsp
)) {
3589 error_to_writebrawerr(req
);
3590 END_PROFILE(SMBwritebraw
);
3594 if (!CHECK_WRITE(fsp
)) {
3595 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3596 error_to_writebrawerr(req
);
3597 END_PROFILE(SMBwritebraw
);
3601 tcount
= IVAL(req
->vwv
+1, 0);
3602 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+3, 0);
3603 write_through
= BITSETW(req
->vwv
+7,0);
3605 /* We have to deal with slightly different formats depending
3606 on whether we are using the core+ or lanman1.0 protocol */
3608 if(Protocol
<= PROTOCOL_COREPLUS
) {
3609 numtowrite
= SVAL(smb_buf(req
->inbuf
),-2);
3610 data
= smb_buf(req
->inbuf
);
3612 numtowrite
= SVAL(req
->vwv
+10, 0);
3613 data
= smb_base(req
->inbuf
) + SVAL(req
->vwv
+11, 0);
3616 /* Ensure we don't write bytes past the end of this packet. */
3617 if (data
+ numtowrite
> smb_base(req
->inbuf
) + smb_len(req
->inbuf
)) {
3618 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3619 error_to_writebrawerr(req
);
3620 END_PROFILE(SMBwritebraw
);
3624 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3625 (uint64_t)startpos
, (uint64_t)tcount
, WRITE_LOCK
,
3628 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3629 reply_doserror(req
, ERRDOS
, ERRlock
);
3630 error_to_writebrawerr(req
);
3631 END_PROFILE(SMBwritebraw
);
3636 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3639 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3640 "wrote=%d sync=%d\n",
3641 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3642 (int)nwritten
, (int)write_through
));
3644 if (nwritten
< (ssize_t
)numtowrite
) {
3645 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3646 error_to_writebrawerr(req
);
3650 total_written
= nwritten
;
3652 /* Allocate a buffer of 64k + length. */
3653 buf
= TALLOC_ARRAY(NULL
, char, 65540);
3655 reply_doserror(req
, ERRDOS
, ERRnomem
);
3656 error_to_writebrawerr(req
);
3660 /* Return a SMBwritebraw message to the redirector to tell
3661 * it to send more bytes */
3663 memcpy(buf
, req
->inbuf
, smb_size
);
3664 srv_set_message(buf
,Protocol
>PROTOCOL_COREPLUS
?1:0,0,True
);
3665 SCVAL(buf
,smb_com
,SMBwritebraw
);
3666 SSVALS(buf
,smb_vwv0
,0xFFFF);
3668 if (!srv_send_smb(smbd_server_fd(),
3670 IS_CONN_ENCRYPTED(conn
),
3672 exit_server_cleanly("reply_writebraw: srv_send_smb "
3676 /* Now read the raw data into the buffer and write it */
3677 status
= read_smb_length(smbd_server_fd(), buf
, SMB_SECONDARY_WAIT
,
3679 if (!NT_STATUS_IS_OK(status
)) {
3680 exit_server_cleanly("secondary writebraw failed");
3683 /* Set up outbuf to return the correct size */
3684 reply_outbuf(req
, 1, 0);
3686 if (numtowrite
!= 0) {
3688 if (numtowrite
> 0xFFFF) {
3689 DEBUG(0,("reply_writebraw: Oversize secondary write "
3690 "raw requested (%u). Terminating\n",
3691 (unsigned int)numtowrite
));
3692 exit_server_cleanly("secondary writebraw failed");
3695 if (tcount
> nwritten
+numtowrite
) {
3696 DEBUG(3,("reply_writebraw: Client overestimated the "
3698 (int)tcount
,(int)nwritten
,(int)numtowrite
));
3701 status
= read_data(smbd_server_fd(), buf
+4, numtowrite
);
3703 if (!NT_STATUS_IS_OK(status
)) {
3704 DEBUG(0,("reply_writebraw: Oversize secondary write "
3705 "raw read failed (%s). Terminating\n",
3706 nt_errstr(status
)));
3707 exit_server_cleanly("secondary writebraw failed");
3710 nwritten
= write_file(req
,fsp
,buf
+4,startpos
+nwritten
,numtowrite
);
3711 if (nwritten
== -1) {
3713 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3714 error_to_writebrawerr(req
);
3718 if (nwritten
< (ssize_t
)numtowrite
) {
3719 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3720 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3724 total_written
+= nwritten
;
3729 SSVAL(req
->outbuf
,smb_vwv0
,total_written
);
3731 status
= sync_file(conn
, fsp
, write_through
);
3732 if (!NT_STATUS_IS_OK(status
)) {
3733 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3734 fsp
->fsp_name
, nt_errstr(status
) ));
3735 reply_nterror(req
, status
);
3736 error_to_writebrawerr(req
);
3740 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3742 fsp
->fnum
, (double)startpos
, (int)numtowrite
,
3743 (int)total_written
));
3745 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3747 /* We won't return a status if write through is not selected - this
3748 * follows what WfWg does */
3749 END_PROFILE(SMBwritebraw
);
3751 if (!write_through
&& total_written
==tcount
) {
3753 #if RABBIT_PELLET_FIX
3755 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3756 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3759 if (!send_keepalive(smbd_server_fd())) {
3760 exit_server_cleanly("reply_writebraw: send of "
3761 "keepalive failed");
3764 TALLOC_FREE(req
->outbuf
);
3769 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3771 END_PROFILE(SMBwritebraw
);
3776 #define DBGC_CLASS DBGC_LOCKING
3778 /****************************************************************************
3779 Reply to a writeunlock (core+).
3780 ****************************************************************************/
3782 void reply_writeunlock(struct smb_request
*req
)
3784 connection_struct
*conn
= req
->conn
;
3785 ssize_t nwritten
= -1;
3789 NTSTATUS status
= NT_STATUS_OK
;
3791 struct lock_struct lock
;
3793 START_PROFILE(SMBwriteunlock
);
3796 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3797 END_PROFILE(SMBwriteunlock
);
3801 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3803 if (!check_fsp(conn
, req
, fsp
)) {
3804 END_PROFILE(SMBwriteunlock
);
3808 if (!CHECK_WRITE(fsp
)) {
3809 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
3810 END_PROFILE(SMBwriteunlock
);
3814 numtowrite
= SVAL(req
->vwv
+1, 0);
3815 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3816 data
= (const char *)req
->buf
+ 3;
3819 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3820 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
3823 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3824 reply_doserror(req
, ERRDOS
, ERRlock
);
3825 END_PROFILE(SMBwriteunlock
);
3830 /* The special X/Open SMB protocol handling of
3831 zero length writes is *NOT* done for
3833 if(numtowrite
== 0) {
3836 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3839 status
= sync_file(conn
, fsp
, False
/* write through */);
3840 if (!NT_STATUS_IS_OK(status
)) {
3841 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3842 fsp
->fsp_name
, nt_errstr(status
) ));
3843 reply_nterror(req
, status
);
3847 if(((nwritten
< numtowrite
) && (numtowrite
!= 0))||(nwritten
< 0)) {
3848 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3853 status
= do_unlock(smbd_messaging_context(),
3856 (uint64_t)numtowrite
,
3860 if (NT_STATUS_V(status
)) {
3861 reply_nterror(req
, status
);
3866 reply_outbuf(req
, 1, 0);
3868 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3870 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3871 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3875 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3878 END_PROFILE(SMBwriteunlock
);
3883 #define DBGC_CLASS DBGC_ALL
3885 /****************************************************************************
3887 ****************************************************************************/
3889 void reply_write(struct smb_request
*req
)
3891 connection_struct
*conn
= req
->conn
;
3893 ssize_t nwritten
= -1;
3897 struct lock_struct lock
;
3900 START_PROFILE(SMBwrite
);
3903 END_PROFILE(SMBwrite
);
3904 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
3908 /* If it's an IPC, pass off the pipe handler. */
3910 reply_pipe_write(req
);
3911 END_PROFILE(SMBwrite
);
3915 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
3917 if (!check_fsp(conn
, req
, fsp
)) {
3918 END_PROFILE(SMBwrite
);
3922 if (!CHECK_WRITE(fsp
)) {
3923 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
3924 END_PROFILE(SMBwrite
);
3928 numtowrite
= SVAL(req
->vwv
+1, 0);
3929 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
3930 data
= (const char *)req
->buf
+ 3;
3932 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
3933 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
3936 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
3937 reply_doserror(req
, ERRDOS
, ERRlock
);
3938 END_PROFILE(SMBwrite
);
3943 * X/Open SMB protocol says that if smb_vwv1 is
3944 * zero then the file size should be extended or
3945 * truncated to the size given in smb_vwv[2-3].
3948 if(numtowrite
== 0) {
3950 * This is actually an allocate call, and set EOF. JRA.
3952 nwritten
= vfs_allocate_file_space(fsp
, (SMB_OFF_T
)startpos
);
3954 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3957 nwritten
= vfs_set_filelen(fsp
, (SMB_OFF_T
)startpos
);
3959 reply_nterror(req
, NT_STATUS_DISK_FULL
);
3962 trigger_write_time_update_immediate(fsp
);
3964 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
3967 status
= sync_file(conn
, fsp
, False
);
3968 if (!NT_STATUS_IS_OK(status
)) {
3969 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3970 fsp
->fsp_name
, nt_errstr(status
) ));
3971 reply_nterror(req
, status
);
3975 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
3976 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
3980 reply_outbuf(req
, 1, 0);
3982 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
3984 if (nwritten
< (ssize_t
)numtowrite
) {
3985 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
3986 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
3989 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
3992 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
3994 END_PROFILE(SMBwrite
);
3998 /****************************************************************************
3999 Ensure a buffer is a valid writeX for recvfile purposes.
4000 ****************************************************************************/
4002 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4003 (2*14) + /* word count (including bcc) */ \
4006 bool is_valid_writeX_buffer(const uint8_t *inbuf
)
4009 connection_struct
*conn
= NULL
;
4010 unsigned int doff
= 0;
4011 size_t len
= smb_len_large(inbuf
);
4013 if (is_encrypted_packet(inbuf
)) {
4014 /* Can't do this on encrypted
4019 if (CVAL(inbuf
,smb_com
) != SMBwriteX
) {
4023 if (CVAL(inbuf
,smb_vwv0
) != 0xFF ||
4024 CVAL(inbuf
,smb_wct
) != 14) {
4025 DEBUG(10,("is_valid_writeX_buffer: chained or "
4026 "invalid word length.\n"));
4030 conn
= conn_find(SVAL(inbuf
, smb_tid
));
4032 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4036 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4039 if (IS_PRINT(conn
)) {
4040 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4043 doff
= SVAL(inbuf
,smb_vwv11
);
4045 numtowrite
= SVAL(inbuf
,smb_vwv10
);
4047 if (len
> doff
&& len
- doff
> 0xFFFF) {
4048 numtowrite
|= (((size_t)SVAL(inbuf
,smb_vwv9
))<<16);
4051 if (numtowrite
== 0) {
4052 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4056 /* Ensure the sizes match up. */
4057 if (doff
< STANDARD_WRITE_AND_X_HEADER_SIZE
) {
4058 /* no pad byte...old smbclient :-( */
4059 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4061 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE
));
4065 if (len
- doff
!= numtowrite
) {
4066 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4067 "len = %u, doff = %u, numtowrite = %u\n",
4070 (unsigned int)numtowrite
));
4074 DEBUG(10,("is_valid_writeX_buffer: true "
4075 "len = %u, doff = %u, numtowrite = %u\n",
4078 (unsigned int)numtowrite
));
4083 /****************************************************************************
4084 Reply to a write and X.
4085 ****************************************************************************/
4087 void reply_write_and_X(struct smb_request
*req
)
4089 connection_struct
*conn
= req
->conn
;
4091 struct lock_struct lock
;
4096 unsigned int smb_doff
;
4097 unsigned int smblen
;
4101 START_PROFILE(SMBwriteX
);
4103 if ((req
->wct
!= 12) && (req
->wct
!= 14)) {
4104 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4105 END_PROFILE(SMBwriteX
);
4109 numtowrite
= SVAL(req
->vwv
+10, 0);
4110 smb_doff
= SVAL(req
->vwv
+11, 0);
4111 smblen
= smb_len(req
->inbuf
);
4113 if (req
->unread_bytes
> 0xFFFF ||
4114 (smblen
> smb_doff
&&
4115 smblen
- smb_doff
> 0xFFFF)) {
4116 numtowrite
|= (((size_t)SVAL(req
->vwv
+9, 0))<<16);
4119 if (req
->unread_bytes
) {
4120 /* Can't do a recvfile write on IPC$ */
4122 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4123 END_PROFILE(SMBwriteX
);
4126 if (numtowrite
!= req
->unread_bytes
) {
4127 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4128 END_PROFILE(SMBwriteX
);
4132 if (smb_doff
> smblen
|| smb_doff
+ numtowrite
< numtowrite
||
4133 smb_doff
+ numtowrite
> smblen
) {
4134 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4135 END_PROFILE(SMBwriteX
);
4140 /* If it's an IPC, pass off the pipe handler. */
4142 if (req
->unread_bytes
) {
4143 reply_doserror(req
, ERRDOS
, ERRbadmem
);
4144 END_PROFILE(SMBwriteX
);
4147 reply_pipe_write_and_X(req
);
4148 END_PROFILE(SMBwriteX
);
4152 fsp
= file_fsp(req
, SVAL(req
->vwv
+2, 0));
4153 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+3, 0);
4154 write_through
= BITSETW(req
->vwv
+7,0);
4156 if (!check_fsp(conn
, req
, fsp
)) {
4157 END_PROFILE(SMBwriteX
);
4161 if (!CHECK_WRITE(fsp
)) {
4162 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4163 END_PROFILE(SMBwriteX
);
4167 data
= smb_base(req
->inbuf
) + smb_doff
;
4169 if(req
->wct
== 14) {
4170 #ifdef LARGE_SMB_OFF_T
4172 * This is a large offset (64 bit) write.
4174 startpos
|= (((SMB_OFF_T
)IVAL(req
->vwv
+12, 0)) << 32);
4176 #else /* !LARGE_SMB_OFF_T */
4179 * Ensure we haven't been sent a >32 bit offset.
4182 if(IVAL(req
->vwv
+12, 0) != 0) {
4183 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4184 "used and we don't support 64 bit offsets.\n",
4185 (unsigned int)IVAL(req
->vwv
+12, 0) ));
4186 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
4187 END_PROFILE(SMBwriteX
);
4191 #endif /* LARGE_SMB_OFF_T */
4194 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
4195 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
4198 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
4199 reply_doserror(req
, ERRDOS
, ERRlock
);
4200 END_PROFILE(SMBwriteX
);
4204 /* X/Open SMB protocol says that, unlike SMBwrite
4205 if the length is zero then NO truncation is
4206 done, just a write of zero. To truncate a file,
4209 if(numtowrite
== 0) {
4213 if ((req
->unread_bytes
== 0) &&
4214 schedule_aio_write_and_X(conn
, req
, fsp
, data
, startpos
,
4219 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4222 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4223 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
4227 reply_outbuf(req
, 6, 0);
4228 SSVAL(req
->outbuf
,smb_vwv2
,nwritten
);
4229 SSVAL(req
->outbuf
,smb_vwv4
,nwritten
>>16);
4231 if (nwritten
< (ssize_t
)numtowrite
) {
4232 SCVAL(req
->outbuf
,smb_rcls
,ERRHRD
);
4233 SSVAL(req
->outbuf
,smb_err
,ERRdiskfull
);
4236 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4237 fsp
->fnum
, (int)numtowrite
, (int)nwritten
));
4239 status
= sync_file(conn
, fsp
, write_through
);
4240 if (!NT_STATUS_IS_OK(status
)) {
4241 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4242 fsp
->fsp_name
, nt_errstr(status
) ));
4243 reply_nterror(req
, status
);
4247 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
4249 END_PROFILE(SMBwriteX
);
4254 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
4256 END_PROFILE(SMBwriteX
);
4260 /****************************************************************************
4262 ****************************************************************************/
4264 void reply_lseek(struct smb_request
*req
)
4266 connection_struct
*conn
= req
->conn
;
4272 START_PROFILE(SMBlseek
);
4275 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4276 END_PROFILE(SMBlseek
);
4280 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4282 if (!check_fsp(conn
, req
, fsp
)) {
4286 flush_write_cache(fsp
, SEEK_FLUSH
);
4288 mode
= SVAL(req
->vwv
+1, 0) & 3;
4289 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4290 startpos
= (SMB_OFF_T
)IVALS(req
->vwv
+2, 0);
4299 res
= fsp
->fh
->pos
+ startpos
;
4310 if (umode
== SEEK_END
) {
4311 if((res
= SMB_VFS_LSEEK(fsp
,startpos
,umode
)) == -1) {
4312 if(errno
== EINVAL
) {
4313 SMB_OFF_T current_pos
= startpos
;
4314 SMB_STRUCT_STAT sbuf
;
4316 if(SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
4317 reply_unixerror(req
, ERRDOS
,
4319 END_PROFILE(SMBlseek
);
4323 current_pos
+= sbuf
.st_size
;
4325 res
= SMB_VFS_LSEEK(fsp
,0,SEEK_SET
);
4330 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
4331 END_PROFILE(SMBlseek
);
4338 reply_outbuf(req
, 2, 0);
4339 SIVAL(req
->outbuf
,smb_vwv0
,res
);
4341 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4342 fsp
->fnum
, (double)startpos
, (double)res
, mode
));
4344 END_PROFILE(SMBlseek
);
4348 /****************************************************************************
4350 ****************************************************************************/
4352 void reply_flush(struct smb_request
*req
)
4354 connection_struct
*conn
= req
->conn
;
4358 START_PROFILE(SMBflush
);
4361 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4365 fnum
= SVAL(req
->vwv
+0, 0);
4366 fsp
= file_fsp(req
, fnum
);
4368 if ((fnum
!= 0xFFFF) && !check_fsp(conn
, req
, fsp
)) {
4373 file_sync_all(conn
);
4375 NTSTATUS status
= sync_file(conn
, fsp
, True
);
4376 if (!NT_STATUS_IS_OK(status
)) {
4377 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4378 fsp
->fsp_name
, nt_errstr(status
) ));
4379 reply_nterror(req
, status
);
4380 END_PROFILE(SMBflush
);
4385 reply_outbuf(req
, 0, 0);
4387 DEBUG(3,("flush\n"));
4388 END_PROFILE(SMBflush
);
4392 /****************************************************************************
4394 conn POINTER CAN BE NULL HERE !
4395 ****************************************************************************/
4397 void reply_exit(struct smb_request
*req
)
4399 START_PROFILE(SMBexit
);
4401 file_close_pid(req
->smbpid
, req
->vuid
);
4403 reply_outbuf(req
, 0, 0);
4405 DEBUG(3,("exit\n"));
4407 END_PROFILE(SMBexit
);
4411 /****************************************************************************
4412 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4413 ****************************************************************************/
4415 void reply_close(struct smb_request
*req
)
4417 connection_struct
*conn
= req
->conn
;
4418 NTSTATUS status
= NT_STATUS_OK
;
4419 files_struct
*fsp
= NULL
;
4420 START_PROFILE(SMBclose
);
4423 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4424 END_PROFILE(SMBclose
);
4428 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4431 * We can only use check_fsp if we know it's not a directory.
4434 if(!fsp
|| (fsp
->conn
!= conn
) || (fsp
->vuid
!= req
->vuid
)) {
4435 reply_doserror(req
, ERRDOS
, ERRbadfid
);
4436 END_PROFILE(SMBclose
);
4440 if(fsp
->is_directory
) {
4442 * Special case - close NT SMB directory handle.
4444 DEBUG(3,("close directory fnum=%d\n", fsp
->fnum
));
4445 status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4449 * Close ordinary file.
4452 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4453 fsp
->fh
->fd
, fsp
->fnum
,
4454 conn
->num_files_open
));
4457 * Take care of any time sent in the close.
4460 t
= srv_make_unix_date3(req
->vwv
+1);
4461 set_close_write_time(fsp
, convert_time_t_to_timespec(t
));
4464 * close_file() returns the unix errno if an error
4465 * was detected on close - normally this is due to
4466 * a disk full error. If not then it was probably an I/O error.
4469 status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4472 if (!NT_STATUS_IS_OK(status
)) {
4473 reply_nterror(req
, status
);
4474 END_PROFILE(SMBclose
);
4478 reply_outbuf(req
, 0, 0);
4479 END_PROFILE(SMBclose
);
4483 /****************************************************************************
4484 Reply to a writeclose (Core+ protocol).
4485 ****************************************************************************/
4487 void reply_writeclose(struct smb_request
*req
)
4489 connection_struct
*conn
= req
->conn
;
4491 ssize_t nwritten
= -1;
4492 NTSTATUS close_status
= NT_STATUS_OK
;
4495 struct timespec mtime
;
4497 struct lock_struct lock
;
4499 START_PROFILE(SMBwriteclose
);
4502 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4503 END_PROFILE(SMBwriteclose
);
4507 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4509 if (!check_fsp(conn
, req
, fsp
)) {
4510 END_PROFILE(SMBwriteclose
);
4513 if (!CHECK_WRITE(fsp
)) {
4514 reply_doserror(req
, ERRDOS
,ERRbadaccess
);
4515 END_PROFILE(SMBwriteclose
);
4519 numtowrite
= SVAL(req
->vwv
+1, 0);
4520 startpos
= IVAL_TO_SMB_OFF_T(req
->vwv
+2, 0);
4521 mtime
= convert_time_t_to_timespec(srv_make_unix_date3(req
->vwv
+4));
4522 data
= (const char *)req
->buf
+ 1;
4525 init_strict_lock_struct(fsp
, (uint32
)req
->smbpid
,
4526 (uint64_t)startpos
, (uint64_t)numtowrite
, WRITE_LOCK
,
4529 if (!SMB_VFS_STRICT_LOCK(conn
, fsp
, &lock
)) {
4530 reply_doserror(req
, ERRDOS
,ERRlock
);
4531 END_PROFILE(SMBwriteclose
);
4536 nwritten
= write_file(req
,fsp
,data
,startpos
,numtowrite
);
4538 set_close_write_time(fsp
, mtime
);
4541 * More insanity. W2K only closes the file if writelen > 0.
4546 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4548 close_status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4551 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4552 fsp
->fnum
, (int)numtowrite
, (int)nwritten
,
4553 conn
->num_files_open
));
4555 if(((nwritten
== 0) && (numtowrite
!= 0))||(nwritten
< 0)) {
4556 reply_doserror(req
, ERRHRD
, ERRdiskfull
);
4560 if(!NT_STATUS_IS_OK(close_status
)) {
4561 reply_nterror(req
, close_status
);
4565 reply_outbuf(req
, 1, 0);
4567 SSVAL(req
->outbuf
,smb_vwv0
,nwritten
);
4571 SMB_VFS_STRICT_UNLOCK(conn
, fsp
, &lock
);
4574 END_PROFILE(SMBwriteclose
);
4579 #define DBGC_CLASS DBGC_LOCKING
4581 /****************************************************************************
4583 ****************************************************************************/
4585 void reply_lock(struct smb_request
*req
)
4587 connection_struct
*conn
= req
->conn
;
4588 uint64_t count
,offset
;
4591 struct byte_range_lock
*br_lck
= NULL
;
4593 START_PROFILE(SMBlock
);
4596 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4597 END_PROFILE(SMBlock
);
4601 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4603 if (!check_fsp(conn
, req
, fsp
)) {
4604 END_PROFILE(SMBlock
);
4608 count
= (uint64_t)IVAL(req
->vwv
+1, 0);
4609 offset
= (uint64_t)IVAL(req
->vwv
+3, 0);
4611 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4612 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
));
4614 br_lck
= do_lock(smbd_messaging_context(),
4621 False
, /* Non-blocking lock. */
4626 TALLOC_FREE(br_lck
);
4628 if (NT_STATUS_V(status
)) {
4629 reply_nterror(req
, status
);
4630 END_PROFILE(SMBlock
);
4634 reply_outbuf(req
, 0, 0);
4636 END_PROFILE(SMBlock
);
4640 /****************************************************************************
4642 ****************************************************************************/
4644 void reply_unlock(struct smb_request
*req
)
4646 connection_struct
*conn
= req
->conn
;
4647 uint64_t count
,offset
;
4651 START_PROFILE(SMBunlock
);
4654 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4655 END_PROFILE(SMBunlock
);
4659 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4661 if (!check_fsp(conn
, req
, fsp
)) {
4662 END_PROFILE(SMBunlock
);
4666 count
= (uint64_t)IVAL(req
->vwv
+1, 0);
4667 offset
= (uint64_t)IVAL(req
->vwv
+3, 0);
4669 status
= do_unlock(smbd_messaging_context(),
4676 if (NT_STATUS_V(status
)) {
4677 reply_nterror(req
, status
);
4678 END_PROFILE(SMBunlock
);
4682 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4683 fsp
->fh
->fd
, fsp
->fnum
, (double)offset
, (double)count
) );
4685 reply_outbuf(req
, 0, 0);
4687 END_PROFILE(SMBunlock
);
4692 #define DBGC_CLASS DBGC_ALL
4694 /****************************************************************************
4696 conn POINTER CAN BE NULL HERE !
4697 ****************************************************************************/
4699 void reply_tdis(struct smb_request
*req
)
4701 connection_struct
*conn
= req
->conn
;
4702 START_PROFILE(SMBtdis
);
4705 DEBUG(4,("Invalid connection in tdis\n"));
4706 reply_doserror(req
, ERRSRV
, ERRinvnid
);
4707 END_PROFILE(SMBtdis
);
4713 close_cnum(conn
,req
->vuid
);
4716 reply_outbuf(req
, 0, 0);
4717 END_PROFILE(SMBtdis
);
4721 /****************************************************************************
4723 conn POINTER CAN BE NULL HERE !
4724 ****************************************************************************/
4726 void reply_echo(struct smb_request
*req
)
4728 connection_struct
*conn
= req
->conn
;
4729 struct smb_perfcount_data local_pcd
;
4730 struct smb_perfcount_data
*cur_pcd
;
4734 START_PROFILE(SMBecho
);
4736 smb_init_perfcount_data(&local_pcd
);
4739 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4740 END_PROFILE(SMBecho
);
4744 smb_reverb
= SVAL(req
->vwv
+0, 0);
4746 reply_outbuf(req
, 1, req
->buflen
);
4748 /* copy any incoming data back out */
4749 if (req
->buflen
> 0) {
4750 memcpy(smb_buf(req
->outbuf
), req
->buf
, req
->buflen
);
4753 if (smb_reverb
> 100) {
4754 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb
));
4758 for (seq_num
= 1 ; seq_num
<= smb_reverb
; seq_num
++) {
4760 /* this makes sure we catch the request pcd */
4761 if (seq_num
== smb_reverb
) {
4762 cur_pcd
= &req
->pcd
;
4764 SMB_PERFCOUNT_COPY_CONTEXT(&req
->pcd
, &local_pcd
);
4765 cur_pcd
= &local_pcd
;
4768 SSVAL(req
->outbuf
,smb_vwv0
,seq_num
);
4770 show_msg((char *)req
->outbuf
);
4771 if (!srv_send_smb(smbd_server_fd(),
4772 (char *)req
->outbuf
,
4773 IS_CONN_ENCRYPTED(conn
)||req
->encrypted
,
4775 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4778 DEBUG(3,("echo %d times\n", smb_reverb
));
4780 TALLOC_FREE(req
->outbuf
);
4782 END_PROFILE(SMBecho
);
4786 /****************************************************************************
4787 Reply to a printopen.
4788 ****************************************************************************/
4790 void reply_printopen(struct smb_request
*req
)
4792 connection_struct
*conn
= req
->conn
;
4794 SMB_STRUCT_STAT sbuf
;
4797 START_PROFILE(SMBsplopen
);
4800 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4801 END_PROFILE(SMBsplopen
);
4805 if (!CAN_PRINT(conn
)) {
4806 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4807 END_PROFILE(SMBsplopen
);
4811 status
= file_new(req
, conn
, &fsp
);
4812 if(!NT_STATUS_IS_OK(status
)) {
4813 reply_nterror(req
, status
);
4814 END_PROFILE(SMBsplopen
);
4818 /* Open for exclusive use, write only. */
4819 status
= print_fsp_open(req
, conn
, NULL
, req
->vuid
, fsp
, &sbuf
);
4821 if (!NT_STATUS_IS_OK(status
)) {
4822 reply_nterror(req
, status
);
4823 END_PROFILE(SMBsplopen
);
4827 reply_outbuf(req
, 1, 0);
4828 SSVAL(req
->outbuf
,smb_vwv0
,fsp
->fnum
);
4830 DEBUG(3,("openprint fd=%d fnum=%d\n",
4831 fsp
->fh
->fd
, fsp
->fnum
));
4833 END_PROFILE(SMBsplopen
);
4837 /****************************************************************************
4838 Reply to a printclose.
4839 ****************************************************************************/
4841 void reply_printclose(struct smb_request
*req
)
4843 connection_struct
*conn
= req
->conn
;
4847 START_PROFILE(SMBsplclose
);
4850 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4851 END_PROFILE(SMBsplclose
);
4855 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4857 if (!check_fsp(conn
, req
, fsp
)) {
4858 END_PROFILE(SMBsplclose
);
4862 if (!CAN_PRINT(conn
)) {
4863 reply_nterror(req
, NT_STATUS_DOS(ERRSRV
, ERRerror
));
4864 END_PROFILE(SMBsplclose
);
4868 DEBUG(3,("printclose fd=%d fnum=%d\n",
4869 fsp
->fh
->fd
,fsp
->fnum
));
4871 status
= close_file(req
, fsp
, NORMAL_CLOSE
);
4873 if(!NT_STATUS_IS_OK(status
)) {
4874 reply_nterror(req
, status
);
4875 END_PROFILE(SMBsplclose
);
4879 reply_outbuf(req
, 0, 0);
4881 END_PROFILE(SMBsplclose
);
4885 /****************************************************************************
4886 Reply to a printqueue.
4887 ****************************************************************************/
4889 void reply_printqueue(struct smb_request
*req
)
4891 connection_struct
*conn
= req
->conn
;
4895 START_PROFILE(SMBsplretq
);
4898 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4899 END_PROFILE(SMBsplretq
);
4903 max_count
= SVAL(req
->vwv
+0, 0);
4904 start_index
= SVAL(req
->vwv
+1, 0);
4906 /* we used to allow the client to get the cnum wrong, but that
4907 is really quite gross and only worked when there was only
4908 one printer - I think we should now only accept it if they
4909 get it right (tridge) */
4910 if (!CAN_PRINT(conn
)) {
4911 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
4912 END_PROFILE(SMBsplretq
);
4916 reply_outbuf(req
, 2, 3);
4917 SSVAL(req
->outbuf
,smb_vwv0
,0);
4918 SSVAL(req
->outbuf
,smb_vwv1
,0);
4919 SCVAL(smb_buf(req
->outbuf
),0,1);
4920 SSVAL(smb_buf(req
->outbuf
),1,0);
4922 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4923 start_index
, max_count
));
4926 print_queue_struct
*queue
= NULL
;
4927 print_status_struct status
;
4928 int count
= print_queue_status(SNUM(conn
), &queue
, &status
);
4929 int num_to_get
= ABS(max_count
);
4930 int first
= (max_count
>0?start_index
:start_index
+max_count
+1);
4936 num_to_get
= MIN(num_to_get
,count
-first
);
4939 for (i
=first
;i
<first
+num_to_get
;i
++) {
4943 srv_put_dos_date2(p
,0,queue
[i
].time
);
4944 SCVAL(p
,4,(queue
[i
].status
==LPQ_PRINTING
?2:3));
4945 SSVAL(p
,5, queue
[i
].job
);
4946 SIVAL(p
,7,queue
[i
].size
);
4948 srvstr_push(blob
, req
->flags2
, p
+12,
4949 queue
[i
].fs_user
, 16, STR_ASCII
);
4951 if (message_push_blob(
4954 blob
, sizeof(blob
))) == -1) {
4955 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
4956 END_PROFILE(SMBsplretq
);
4962 SSVAL(req
->outbuf
,smb_vwv0
,count
);
4963 SSVAL(req
->outbuf
,smb_vwv1
,
4964 (max_count
>0?first
+count
:first
-1));
4965 SCVAL(smb_buf(req
->outbuf
),0,1);
4966 SSVAL(smb_buf(req
->outbuf
),1,28*count
);
4971 DEBUG(3,("%d entries returned in queue\n",count
));
4974 END_PROFILE(SMBsplretq
);
4978 /****************************************************************************
4979 Reply to a printwrite.
4980 ****************************************************************************/
4982 void reply_printwrite(struct smb_request
*req
)
4984 connection_struct
*conn
= req
->conn
;
4989 START_PROFILE(SMBsplwr
);
4992 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
4993 END_PROFILE(SMBsplwr
);
4997 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
4999 if (!check_fsp(conn
, req
, fsp
)) {
5000 END_PROFILE(SMBsplwr
);
5004 if (!CAN_PRINT(conn
)) {
5005 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
5006 END_PROFILE(SMBsplwr
);
5010 if (!CHECK_WRITE(fsp
)) {
5011 reply_doserror(req
, ERRDOS
, ERRbadaccess
);
5012 END_PROFILE(SMBsplwr
);
5016 numtowrite
= SVAL(req
->buf
, 1);
5018 if (req
->buflen
< numtowrite
+ 3) {
5019 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
5020 END_PROFILE(SMBsplwr
);
5024 data
= (const char *)req
->buf
+ 3;
5026 if (write_file(req
,fsp
,data
,-1,numtowrite
) != numtowrite
) {
5027 reply_unixerror(req
, ERRHRD
, ERRdiskfull
);
5028 END_PROFILE(SMBsplwr
);
5032 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp
->fnum
, numtowrite
) );
5034 END_PROFILE(SMBsplwr
);
5038 /****************************************************************************
5040 ****************************************************************************/
5042 void reply_mkdir(struct smb_request
*req
)
5044 connection_struct
*conn
= req
->conn
;
5045 char *directory
= NULL
;
5047 SMB_STRUCT_STAT sbuf
;
5048 TALLOC_CTX
*ctx
= talloc_tos();
5050 START_PROFILE(SMBmkdir
);
5052 srvstr_get_path_req(ctx
, req
, &directory
, (const char *)req
->buf
+ 1,
5053 STR_TERMINATE
, &status
);
5054 if (!NT_STATUS_IS_OK(status
)) {
5055 reply_nterror(req
, status
);
5056 END_PROFILE(SMBmkdir
);
5060 status
= resolve_dfspath(ctx
, conn
,
5061 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5064 if (!NT_STATUS_IS_OK(status
)) {
5065 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5066 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5067 ERRSRV
, ERRbadpath
);
5068 END_PROFILE(SMBmkdir
);
5071 reply_nterror(req
, status
);
5072 END_PROFILE(SMBmkdir
);
5076 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
, NULL
, &sbuf
);
5077 if (!NT_STATUS_IS_OK(status
)) {
5078 reply_nterror(req
, status
);
5079 END_PROFILE(SMBmkdir
);
5083 status
= check_name(conn
, directory
);
5084 if (!NT_STATUS_IS_OK(status
)) {
5085 reply_nterror(req
, status
);
5086 END_PROFILE(SMBmkdir
);
5090 status
= create_directory(conn
, req
, directory
);
5092 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status
)));
5094 if (!NT_STATUS_IS_OK(status
)) {
5096 if (!use_nt_status()
5097 && NT_STATUS_EQUAL(status
,
5098 NT_STATUS_OBJECT_NAME_COLLISION
)) {
5100 * Yes, in the DOS error code case we get a
5101 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5102 * samba4 torture test.
5104 status
= NT_STATUS_DOS(ERRDOS
, ERRnoaccess
);
5107 reply_nterror(req
, status
);
5108 END_PROFILE(SMBmkdir
);
5112 reply_outbuf(req
, 0, 0);
5114 DEBUG( 3, ( "mkdir %s\n", directory
) );
5116 END_PROFILE(SMBmkdir
);
5120 /****************************************************************************
5121 Static function used by reply_rmdir to delete an entire directory
5122 tree recursively. Return True on ok, False on fail.
5123 ****************************************************************************/
5125 static bool recursive_rmdir(TALLOC_CTX
*ctx
,
5126 connection_struct
*conn
,
5129 const char *dname
= NULL
;
5133 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
, directory
,
5139 while((dname
= ReadDirName(dir_hnd
, &offset
, &st
))) {
5140 char *fullname
= NULL
;
5142 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5146 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
5150 /* Construct the full name. */
5151 fullname
= talloc_asprintf(ctx
,
5161 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5166 if(st
.st_mode
& S_IFDIR
) {
5167 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
5171 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5175 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5179 TALLOC_FREE(fullname
);
5181 TALLOC_FREE(dir_hnd
);
5185 /****************************************************************************
5186 The internals of the rmdir code - called elsewhere.
5187 ****************************************************************************/
5189 NTSTATUS
rmdir_internals(TALLOC_CTX
*ctx
,
5190 connection_struct
*conn
,
5191 const char *directory
)
5196 /* Might be a symlink. */
5197 if(SMB_VFS_LSTAT(conn
, directory
, &st
) != 0) {
5198 return map_nt_error_from_unix(errno
);
5201 if (S_ISLNK(st
.st_mode
)) {
5202 /* Is what it points to a directory ? */
5203 if(SMB_VFS_STAT(conn
, directory
, &st
) != 0) {
5204 return map_nt_error_from_unix(errno
);
5206 if (!(S_ISDIR(st
.st_mode
))) {
5207 return NT_STATUS_NOT_A_DIRECTORY
;
5209 ret
= SMB_VFS_UNLINK(conn
,directory
);
5211 ret
= SMB_VFS_RMDIR(conn
,directory
);
5214 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5215 FILE_NOTIFY_CHANGE_DIR_NAME
,
5217 return NT_STATUS_OK
;
5220 if(((errno
== ENOTEMPTY
)||(errno
== EEXIST
)) && lp_veto_files(SNUM(conn
))) {
5222 * Check to see if the only thing in this directory are
5223 * vetoed files/directories. If so then delete them and
5224 * retry. If we fail to delete any of them (and we *don't*
5225 * do a recursive delete) then fail the rmdir.
5229 struct smb_Dir
*dir_hnd
= OpenDir(talloc_tos(), conn
,
5230 directory
, NULL
, 0);
5232 if(dir_hnd
== NULL
) {
5237 while ((dname
= ReadDirName(dir_hnd
, &dirpos
, &st
))) {
5238 if((strcmp(dname
, ".") == 0) || (strcmp(dname
, "..")==0))
5240 if (!is_visible_file(conn
, directory
, dname
, &st
, False
))
5242 if(!IS_VETO_PATH(conn
, dname
)) {
5243 TALLOC_FREE(dir_hnd
);
5249 /* We only have veto files/directories.
5250 * Are we allowed to delete them ? */
5252 if(!lp_recursive_veto_delete(SNUM(conn
))) {
5253 TALLOC_FREE(dir_hnd
);
5258 /* Do a recursive delete. */
5259 RewindDir(dir_hnd
,&dirpos
);
5260 while ((dname
= ReadDirName(dir_hnd
, &dirpos
, &st
))) {
5261 char *fullname
= NULL
;
5263 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
5266 if (!is_visible_file(conn
, directory
, dname
, &st
, False
)) {
5270 fullname
= talloc_asprintf(ctx
,
5280 if(SMB_VFS_LSTAT(conn
,fullname
, &st
) != 0) {
5283 if(st
.st_mode
& S_IFDIR
) {
5284 if(!recursive_rmdir(ctx
, conn
, fullname
)) {
5287 if(SMB_VFS_RMDIR(conn
,fullname
) != 0) {
5290 } else if(SMB_VFS_UNLINK(conn
,fullname
) != 0) {
5293 TALLOC_FREE(fullname
);
5295 TALLOC_FREE(dir_hnd
);
5296 /* Retry the rmdir */
5297 ret
= SMB_VFS_RMDIR(conn
,directory
);
5303 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5304 "%s\n", directory
,strerror(errno
)));
5305 return map_nt_error_from_unix(errno
);
5308 notify_fname(conn
, NOTIFY_ACTION_REMOVED
,
5309 FILE_NOTIFY_CHANGE_DIR_NAME
,
5312 return NT_STATUS_OK
;
5315 /****************************************************************************
5317 ****************************************************************************/
5319 void reply_rmdir(struct smb_request
*req
)
5321 connection_struct
*conn
= req
->conn
;
5322 char *directory
= NULL
;
5323 SMB_STRUCT_STAT sbuf
;
5325 TALLOC_CTX
*ctx
= talloc_tos();
5327 START_PROFILE(SMBrmdir
);
5329 srvstr_get_path_req(ctx
, req
, &directory
, (const char *)req
->buf
+ 1,
5330 STR_TERMINATE
, &status
);
5331 if (!NT_STATUS_IS_OK(status
)) {
5332 reply_nterror(req
, status
);
5333 END_PROFILE(SMBrmdir
);
5337 status
= resolve_dfspath(ctx
, conn
,
5338 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
5341 if (!NT_STATUS_IS_OK(status
)) {
5342 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
5343 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
5344 ERRSRV
, ERRbadpath
);
5345 END_PROFILE(SMBrmdir
);
5348 reply_nterror(req
, status
);
5349 END_PROFILE(SMBrmdir
);
5353 status
= unix_convert(ctx
, conn
, directory
, False
, &directory
,
5355 if (!NT_STATUS_IS_OK(status
)) {
5356 reply_nterror(req
, status
);
5357 END_PROFILE(SMBrmdir
);
5361 status
= check_name(conn
, directory
);
5362 if (!NT_STATUS_IS_OK(status
)) {
5363 reply_nterror(req
, status
);
5364 END_PROFILE(SMBrmdir
);
5368 dptr_closepath(directory
, req
->smbpid
);
5369 status
= rmdir_internals(ctx
, conn
, directory
);
5370 if (!NT_STATUS_IS_OK(status
)) {
5371 reply_nterror(req
, status
);
5372 END_PROFILE(SMBrmdir
);
5376 reply_outbuf(req
, 0, 0);
5378 DEBUG( 3, ( "rmdir %s\n", directory
) );
5380 END_PROFILE(SMBrmdir
);
5384 /*******************************************************************
5385 Resolve wildcards in a filename rename.
5386 ********************************************************************/
5388 static bool resolve_wildcards(TALLOC_CTX
*ctx
,
5393 char *name2_copy
= NULL
;
5398 char *p
,*p2
, *pname1
, *pname2
;
5400 name2_copy
= talloc_strdup(ctx
, name2
);
5405 pname1
= strrchr_m(name1
,'/');
5406 pname2
= strrchr_m(name2_copy
,'/');
5408 if (!pname1
|| !pname2
) {
5412 /* Truncate the copy of name2 at the last '/' */
5415 /* Now go past the '/' */
5419 root1
= talloc_strdup(ctx
, pname1
);
5420 root2
= talloc_strdup(ctx
, pname2
);
5422 if (!root1
|| !root2
) {
5426 p
= strrchr_m(root1
,'.');
5429 ext1
= talloc_strdup(ctx
, p
+1);
5431 ext1
= talloc_strdup(ctx
, "");
5433 p
= strrchr_m(root2
,'.');
5436 ext2
= talloc_strdup(ctx
, p
+1);
5438 ext2
= talloc_strdup(ctx
, "");
5441 if (!ext1
|| !ext2
) {
5449 /* Hmmm. Should this be mb-aware ? */
5452 } else if (*p2
== '*') {
5454 root2
= talloc_asprintf(ctx
, "%s%s",
5473 /* Hmmm. Should this be mb-aware ? */
5476 } else if (*p2
== '*') {
5478 ext2
= talloc_asprintf(ctx
, "%s%s",
5494 *pp_newname
= talloc_asprintf(ctx
, "%s/%s.%s",
5499 *pp_newname
= talloc_asprintf(ctx
, "%s/%s",
5511 /****************************************************************************
5512 Ensure open files have their names updated. Updated to notify other smbd's
5514 ****************************************************************************/
5516 static void rename_open_files(connection_struct
*conn
,
5517 struct share_mode_lock
*lck
,
5518 const char *newname
)
5521 bool did_rename
= False
;
5523 for(fsp
= file_find_di_first(lck
->id
); fsp
;
5524 fsp
= file_find_di_next(fsp
)) {
5525 /* fsp_name is a relative path under the fsp. To change this for other
5526 sharepaths we need to manipulate relative paths. */
5527 /* TODO - create the absolute path and manipulate the newname
5528 relative to the sharepath. */
5529 if (!strequal(fsp
->conn
->connectpath
, conn
->connectpath
)) {
5532 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5533 fsp
->fnum
, file_id_string_tos(&fsp
->file_id
),
5534 fsp
->fsp_name
, newname
));
5535 string_set(&fsp
->fsp_name
, newname
);
5540 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5541 file_id_string_tos(&lck
->id
), newname
));
5544 /* Send messages to all smbd's (not ourself) that the name has changed. */
5545 rename_share_filename(smbd_messaging_context(), lck
, conn
->connectpath
,
5549 /****************************************************************************
5550 We need to check if the source path is a parent directory of the destination
5551 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5552 refuse the rename with a sharing violation. Under UNIX the above call can
5553 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5554 probably need to check that the client is a Windows one before disallowing
5555 this as a UNIX client (one with UNIX extensions) can know the source is a
5556 symlink and make this decision intelligently. Found by an excellent bug
5557 report from <AndyLiebman@aol.com>.
5558 ****************************************************************************/
5560 static bool rename_path_prefix_equal(const char *src
, const char *dest
)
5562 const char *psrc
= src
;
5563 const char *pdst
= dest
;
5566 if (psrc
[0] == '.' && psrc
[1] == '/') {
5569 if (pdst
[0] == '.' && pdst
[1] == '/') {
5572 if ((slen
= strlen(psrc
)) > strlen(pdst
)) {
5575 return ((memcmp(psrc
, pdst
, slen
) == 0) && pdst
[slen
] == '/');
5579 * Do the notify calls from a rename
5582 static void notify_rename(connection_struct
*conn
, bool is_dir
,
5583 const char *oldpath
, const char *newpath
)
5585 char *olddir
, *newdir
;
5586 const char *oldname
, *newname
;
5589 mask
= is_dir
? FILE_NOTIFY_CHANGE_DIR_NAME
5590 : FILE_NOTIFY_CHANGE_FILE_NAME
;
5592 if (!parent_dirname(talloc_tos(), oldpath
, &olddir
, &oldname
)
5593 || !parent_dirname(talloc_tos(), newpath
, &newdir
, &newname
)) {
5594 TALLOC_FREE(olddir
);
5598 if (strcmp(olddir
, newdir
) == 0) {
5599 notify_fname(conn
, NOTIFY_ACTION_OLD_NAME
, mask
, oldpath
);
5600 notify_fname(conn
, NOTIFY_ACTION_NEW_NAME
, mask
, newpath
);
5603 notify_fname(conn
, NOTIFY_ACTION_REMOVED
, mask
, oldpath
);
5604 notify_fname(conn
, NOTIFY_ACTION_ADDED
, mask
, newpath
);
5606 TALLOC_FREE(olddir
);
5607 TALLOC_FREE(newdir
);
5609 /* this is a strange one. w2k3 gives an additional event for
5610 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5611 files, but not directories */
5613 notify_fname(conn
, NOTIFY_ACTION_MODIFIED
,
5614 FILE_NOTIFY_CHANGE_ATTRIBUTES
5615 |FILE_NOTIFY_CHANGE_CREATION
,
5620 /****************************************************************************
5621 Rename an open file - given an fsp.
5622 ****************************************************************************/
5624 NTSTATUS
rename_internals_fsp(connection_struct
*conn
,
5627 const char *newname_last_component
,
5629 bool replace_if_exists
)
5631 TALLOC_CTX
*ctx
= talloc_tos();
5632 SMB_STRUCT_STAT sbuf
, sbuf1
;
5633 NTSTATUS status
= NT_STATUS_OK
;
5634 struct share_mode_lock
*lck
= NULL
;
5635 bool dst_exists
, old_is_stream
, new_is_stream
;
5639 status
= check_name(conn
, newname
);
5640 if (!NT_STATUS_IS_OK(status
)) {
5644 /* Ensure newname contains a '/' */
5645 if(strrchr_m(newname
,'/') == 0) {
5646 newname
= talloc_asprintf(ctx
,
5650 return NT_STATUS_NO_MEMORY
;
5655 * Check for special case with case preserving and not
5656 * case sensitive. If the old last component differs from the original
5657 * last component only by case, then we should allow
5658 * the rename (user is trying to change the case of the
5662 if((conn
->case_sensitive
== False
) && (conn
->case_preserve
== True
) &&
5663 strequal(newname
, fsp
->fsp_name
)) {
5665 char *newname_modified_last_component
= NULL
;
5668 * Get the last component of the modified name.
5669 * Note that we guarantee that newname contains a '/'
5672 p
= strrchr_m(newname
,'/');
5673 newname_modified_last_component
= talloc_strdup(ctx
,
5675 if (!newname_modified_last_component
) {
5676 return NT_STATUS_NO_MEMORY
;
5679 if(strcsequal(newname_modified_last_component
,
5680 newname_last_component
) == False
) {
5682 * Replace the modified last component with
5685 *p
= '\0'; /* Truncate at the '/' */
5686 newname
= talloc_asprintf(ctx
,
5689 newname_last_component
);
5694 * If the src and dest names are identical - including case,
5695 * don't do the rename, just return success.
5698 if (strcsequal(fsp
->fsp_name
, newname
)) {
5699 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5701 return NT_STATUS_OK
;
5704 old_is_stream
= is_ntfs_stream_name(fsp
->fsp_name
);
5705 new_is_stream
= is_ntfs_stream_name(newname
);
5707 /* Return the correct error code if both names aren't streams. */
5708 if (!old_is_stream
&& new_is_stream
) {
5709 return NT_STATUS_OBJECT_NAME_INVALID
;
5712 if (old_is_stream
&& !new_is_stream
) {
5713 return NT_STATUS_INVALID_PARAMETER
;
5717 * Have vfs_object_exist also fill sbuf1
5719 dst_exists
= vfs_object_exist(conn
, newname
, &sbuf1
);
5721 if(!replace_if_exists
&& dst_exists
) {
5722 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5723 fsp
->fsp_name
,newname
));
5724 return NT_STATUS_OBJECT_NAME_COLLISION
;
5728 struct file_id fileid
= vfs_file_id_from_sbuf(conn
, &sbuf1
);
5729 files_struct
*dst_fsp
= file_find_di_first(fileid
);
5730 /* The file can be open when renaming a stream */
5731 if (dst_fsp
&& !new_is_stream
) {
5732 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5733 return NT_STATUS_ACCESS_DENIED
;
5737 /* Ensure we have a valid stat struct for the source. */
5738 if (fsp
->fh
->fd
!= -1) {
5739 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
5740 return map_nt_error_from_unix(errno
);
5744 if (fsp
->posix_open
) {
5745 ret
= SMB_VFS_LSTAT(conn
,fsp
->fsp_name
,&sbuf
);
5747 ret
= SMB_VFS_STAT(conn
,fsp
->fsp_name
,&sbuf
);
5750 return map_nt_error_from_unix(errno
);
5754 status
= can_rename(conn
, fsp
, attrs
, &sbuf
);
5756 if (!NT_STATUS_IS_OK(status
)) {
5757 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5758 nt_errstr(status
), fsp
->fsp_name
,newname
));
5759 if (NT_STATUS_EQUAL(status
,NT_STATUS_SHARING_VIOLATION
))
5760 status
= NT_STATUS_ACCESS_DENIED
;
5764 if (rename_path_prefix_equal(fsp
->fsp_name
, newname
)) {
5765 return NT_STATUS_ACCESS_DENIED
;
5768 lck
= get_share_mode_lock(talloc_tos(), fsp
->file_id
, NULL
, NULL
,
5772 * We have the file open ourselves, so not being able to get the
5773 * corresponding share mode lock is a fatal error.
5776 SMB_ASSERT(lck
!= NULL
);
5778 if(SMB_VFS_RENAME(conn
,fsp
->fsp_name
, newname
) == 0) {
5779 uint32 create_options
= fsp
->fh
->private_options
;
5781 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5782 fsp
->fsp_name
,newname
));
5784 notify_rename(conn
, fsp
->is_directory
, fsp
->fsp_name
, newname
);
5786 rename_open_files(conn
, lck
, newname
);
5789 * A rename acts as a new file create w.r.t. allowing an initial delete
5790 * on close, probably because in Windows there is a new handle to the
5791 * new file. If initial delete on close was requested but not
5792 * originally set, we need to set it here. This is probably not 100% correct,
5793 * but will work for the CIFSFS client which in non-posix mode
5794 * depends on these semantics. JRA.
5797 if (create_options
& FILE_DELETE_ON_CLOSE
) {
5798 status
= can_set_delete_on_close(fsp
, True
, 0);
5800 if (NT_STATUS_IS_OK(status
)) {
5801 /* Note that here we set the *inital* delete on close flag,
5802 * not the regular one. The magic gets handled in close. */
5803 fsp
->initial_delete_on_close
= True
;
5807 return NT_STATUS_OK
;
5812 if (errno
== ENOTDIR
|| errno
== EISDIR
) {
5813 status
= NT_STATUS_OBJECT_NAME_COLLISION
;
5815 status
= map_nt_error_from_unix(errno
);
5818 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5819 nt_errstr(status
), fsp
->fsp_name
,newname
));
5824 /****************************************************************************
5825 The guts of the rename command, split out so it may be called by the NT SMB
5827 ****************************************************************************/
5829 NTSTATUS
rename_internals(TALLOC_CTX
*ctx
,
5830 connection_struct
*conn
,
5831 struct smb_request
*req
,
5832 const char *name_in
,
5833 const char *newname_in
,
5835 bool replace_if_exists
,
5838 uint32_t access_mask
)
5840 char *directory
= NULL
;
5842 char *last_component_src
= NULL
;
5843 char *last_component_dest
= NULL
;
5845 char *newname
= NULL
;
5848 NTSTATUS status
= NT_STATUS_OK
;
5849 SMB_STRUCT_STAT sbuf1
, sbuf2
;
5850 struct smb_Dir
*dir_hnd
= NULL
;
5853 int create_options
= 0;
5854 bool posix_pathnames
= lp_posix_pathnames();
5859 status
= unix_convert(ctx
, conn
, name_in
, src_has_wild
, &name
,
5860 &last_component_src
, &sbuf1
);
5861 if (!NT_STATUS_IS_OK(status
)) {
5865 status
= unix_convert(ctx
, conn
, newname_in
, dest_has_wild
, &newname
,
5866 &last_component_dest
, &sbuf2
);
5867 if (!NT_STATUS_IS_OK(status
)) {
5872 * Split the old name into directory and last component
5873 * strings. Note that unix_convert may have stripped off a
5874 * leading ./ from both name and newname if the rename is
5875 * at the root of the share. We need to make sure either both
5876 * name and newname contain a / character or neither of them do
5877 * as this is checked in resolve_wildcards().
5880 p
= strrchr_m(name
,'/');
5882 directory
= talloc_strdup(ctx
, ".");
5884 return NT_STATUS_NO_MEMORY
;
5889 directory
= talloc_strdup(ctx
, name
);
5891 return NT_STATUS_NO_MEMORY
;
5894 *p
= '/'; /* Replace needed for exceptional test below. */
5898 * We should only check the mangled cache
5899 * here if unix_convert failed. This means
5900 * that the path in 'mask' doesn't exist
5901 * on the file system and so we need to look
5902 * for a possible mangle. This patch from
5903 * Tine Smukavec <valentin.smukavec@hermes.si>.
5906 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
5907 char *new_mask
= NULL
;
5908 mangle_lookup_name_from_8_3(ctx
,
5917 if (!src_has_wild
) {
5921 * No wildcards - just process the one file.
5923 /* Add a terminating '/' to the directory name. */
5924 directory
= talloc_asprintf_append(directory
,
5928 return NT_STATUS_NO_MEMORY
;
5931 /* Ensure newname contains a '/' also */
5932 if(strrchr_m(newname
,'/') == 0) {
5933 newname
= talloc_asprintf(ctx
,
5937 return NT_STATUS_NO_MEMORY
;
5941 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5942 "case_preserve = %d, short case preserve = %d, "
5943 "directory = %s, newname = %s, "
5944 "last_component_dest = %s\n",
5945 conn
->case_sensitive
, conn
->case_preserve
,
5946 conn
->short_case_preserve
, directory
,
5947 newname
, last_component_dest
));
5949 /* The dest name still may have wildcards. */
5950 if (dest_has_wild
) {
5951 char *mod_newname
= NULL
;
5952 if (!resolve_wildcards(ctx
,
5953 directory
,newname
,&mod_newname
)) {
5954 DEBUG(6, ("rename_internals: resolve_wildcards "
5958 return NT_STATUS_NO_MEMORY
;
5960 newname
= mod_newname
;
5964 if (posix_pathnames
) {
5965 SMB_VFS_LSTAT(conn
, directory
, &sbuf1
);
5967 SMB_VFS_STAT(conn
, directory
, &sbuf1
);
5970 if (S_ISDIR(sbuf1
.st_mode
)) {
5971 create_options
|= FILE_DIRECTORY_FILE
;
5974 status
= SMB_VFS_CREATE_FILE(
5977 0, /* root_dir_fid */
5978 directory
, /* fname */
5979 0, /* create_file_flags */
5980 access_mask
, /* access_mask */
5981 (FILE_SHARE_READ
| /* share_access */
5983 FILE_OPEN
, /* create_disposition*/
5984 create_options
, /* create_options */
5985 posix_pathnames
? FILE_FLAG_POSIX_SEMANTICS
|0777 : 0, /* file_attributes */
5986 0, /* oplock_request */
5987 0, /* allocation_size */
5992 &sbuf1
); /* psbuf */
5994 if (!NT_STATUS_IS_OK(status
)) {
5995 DEBUG(3, ("Could not open rename source %s: %s\n",
5996 directory
, nt_errstr(status
)));
6000 status
= rename_internals_fsp(conn
, fsp
, newname
,
6001 last_component_dest
,
6002 attrs
, replace_if_exists
);
6004 close_file(req
, fsp
, NORMAL_CLOSE
);
6006 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6007 nt_errstr(status
), directory
,newname
));
6013 * Wildcards - process each file that matches.
6015 if (strequal(mask
,"????????.???")) {
6020 status
= check_name(conn
, directory
);
6021 if (!NT_STATUS_IS_OK(status
)) {
6025 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, attrs
);
6026 if (dir_hnd
== NULL
) {
6027 return map_nt_error_from_unix(errno
);
6030 status
= NT_STATUS_NO_SUCH_FILE
;
6032 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6033 * - gentest fix. JRA
6036 while ((dname
= ReadDirName(dir_hnd
, &offset
, &sbuf1
))) {
6037 files_struct
*fsp
= NULL
;
6039 char *destname
= NULL
;
6040 bool sysdir_entry
= False
;
6042 /* Quick check for "." and ".." */
6043 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
6045 sysdir_entry
= True
;
6051 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
6055 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
6060 status
= NT_STATUS_OBJECT_NAME_INVALID
;
6064 fname
= talloc_asprintf(ctx
,
6069 return NT_STATUS_NO_MEMORY
;
6072 if (!resolve_wildcards(ctx
,
6073 fname
,newname
,&destname
)) {
6074 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6080 return NT_STATUS_NO_MEMORY
;
6084 if (posix_pathnames
) {
6085 SMB_VFS_LSTAT(conn
, fname
, &sbuf1
);
6087 SMB_VFS_STAT(conn
, fname
, &sbuf1
);
6092 if (S_ISDIR(sbuf1
.st_mode
)) {
6093 create_options
|= FILE_DIRECTORY_FILE
;
6096 status
= SMB_VFS_CREATE_FILE(
6099 0, /* root_dir_fid */
6101 0, /* create_file_flags */
6102 access_mask
, /* access_mask */
6103 (FILE_SHARE_READ
| /* share_access */
6105 FILE_OPEN
, /* create_disposition*/
6106 create_options
, /* create_options */
6107 posix_pathnames
? FILE_FLAG_POSIX_SEMANTICS
|0777 : 0, /* file_attributes */
6108 0, /* oplock_request */
6109 0, /* allocation_size */
6114 &sbuf1
); /* psbuf */
6116 if (!NT_STATUS_IS_OK(status
)) {
6117 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6118 "returned %s rename %s -> %s\n",
6119 nt_errstr(status
), directory
, newname
));
6123 status
= rename_internals_fsp(conn
, fsp
, destname
, dname
,
6124 attrs
, replace_if_exists
);
6126 close_file(req
, fsp
, NORMAL_CLOSE
);
6128 if (!NT_STATUS_IS_OK(status
)) {
6129 DEBUG(3, ("rename_internals_fsp returned %s for "
6130 "rename %s -> %s\n", nt_errstr(status
),
6131 directory
, newname
));
6137 DEBUG(3,("rename_internals: doing rename on %s -> "
6138 "%s\n",fname
,destname
));
6141 TALLOC_FREE(destname
);
6143 TALLOC_FREE(dir_hnd
);
6145 if (count
== 0 && NT_STATUS_IS_OK(status
) && errno
!= 0) {
6146 status
= map_nt_error_from_unix(errno
);
6152 /****************************************************************************
6154 ****************************************************************************/
6156 void reply_mv(struct smb_request
*req
)
6158 connection_struct
*conn
= req
->conn
;
6160 char *newname
= NULL
;
6164 bool src_has_wcard
= False
;
6165 bool dest_has_wcard
= False
;
6166 TALLOC_CTX
*ctx
= talloc_tos();
6168 START_PROFILE(SMBmv
);
6171 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6176 attrs
= SVAL(req
->vwv
+0, 0);
6178 p
= (const char *)req
->buf
+ 1;
6179 p
+= srvstr_get_path_req_wcard(ctx
, req
, &name
, p
, STR_TERMINATE
,
6180 &status
, &src_has_wcard
);
6181 if (!NT_STATUS_IS_OK(status
)) {
6182 reply_nterror(req
, status
);
6187 p
+= srvstr_get_path_req_wcard(ctx
, req
, &newname
, p
, STR_TERMINATE
,
6188 &status
, &dest_has_wcard
);
6189 if (!NT_STATUS_IS_OK(status
)) {
6190 reply_nterror(req
, status
);
6195 status
= resolve_dfspath_wcard(ctx
, conn
,
6196 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6200 if (!NT_STATUS_IS_OK(status
)) {
6201 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6202 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6203 ERRSRV
, ERRbadpath
);
6207 reply_nterror(req
, status
);
6212 status
= resolve_dfspath_wcard(ctx
, conn
,
6213 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6217 if (!NT_STATUS_IS_OK(status
)) {
6218 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6219 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6220 ERRSRV
, ERRbadpath
);
6224 reply_nterror(req
, status
);
6229 DEBUG(3,("reply_mv : %s -> %s\n",name
,newname
));
6231 status
= rename_internals(ctx
, conn
, req
, name
, newname
, attrs
, False
,
6232 src_has_wcard
, dest_has_wcard
, DELETE_ACCESS
);
6233 if (!NT_STATUS_IS_OK(status
)) {
6234 if (open_was_deferred(req
->mid
)) {
6235 /* We have re-scheduled this call. */
6239 reply_nterror(req
, status
);
6244 reply_outbuf(req
, 0, 0);
6250 /*******************************************************************
6251 Copy a file as part of a reply_copy.
6252 ******************************************************************/
6255 * TODO: check error codes on all callers
6258 NTSTATUS
copy_file(TALLOC_CTX
*ctx
,
6259 connection_struct
*conn
,
6264 bool target_is_directory
)
6266 SMB_STRUCT_STAT src_sbuf
, sbuf2
;
6268 files_struct
*fsp1
,*fsp2
;
6271 uint32 new_create_disposition
;
6274 dest
= talloc_strdup(ctx
, dest1
);
6276 return NT_STATUS_NO_MEMORY
;
6278 if (target_is_directory
) {
6279 const char *p
= strrchr_m(src
,'/');
6285 dest
= talloc_asprintf_append(dest
,
6289 return NT_STATUS_NO_MEMORY
;
6293 if (!vfs_file_exist(conn
,src
,&src_sbuf
)) {
6295 return NT_STATUS_OBJECT_NAME_NOT_FOUND
;
6298 if (!target_is_directory
&& count
) {
6299 new_create_disposition
= FILE_OPEN
;
6301 if (!map_open_params_to_ntcreate(dest1
,0,ofun
,
6302 NULL
, NULL
, &new_create_disposition
, NULL
)) {
6304 return NT_STATUS_INVALID_PARAMETER
;
6308 status
= SMB_VFS_CREATE_FILE(
6311 0, /* root_dir_fid */
6313 0, /* create_file_flags */
6314 FILE_GENERIC_READ
, /* access_mask */
6315 FILE_SHARE_READ
| FILE_SHARE_WRITE
, /* share_access */
6316 FILE_OPEN
, /* create_disposition*/
6317 0, /* create_options */
6318 FILE_ATTRIBUTE_NORMAL
, /* file_attributes */
6319 INTERNAL_OPEN_ONLY
, /* oplock_request */
6320 0, /* allocation_size */
6325 &src_sbuf
); /* psbuf */
6327 if (!NT_STATUS_IS_OK(status
)) {
6332 dosattrs
= dos_mode(conn
, src
, &src_sbuf
);
6333 if (SMB_VFS_STAT(conn
,dest
,&sbuf2
) == -1) {
6334 ZERO_STRUCTP(&sbuf2
);
6337 status
= SMB_VFS_CREATE_FILE(
6340 0, /* root_dir_fid */
6342 0, /* create_file_flags */
6343 FILE_GENERIC_WRITE
, /* access_mask */
6344 FILE_SHARE_READ
| FILE_SHARE_WRITE
, /* share_access */
6345 new_create_disposition
, /* create_disposition*/
6346 0, /* create_options */
6347 dosattrs
, /* file_attributes */
6348 INTERNAL_OPEN_ONLY
, /* oplock_request */
6349 0, /* allocation_size */
6354 &sbuf2
); /* psbuf */
6358 if (!NT_STATUS_IS_OK(status
)) {
6359 close_file(NULL
, fsp1
, ERROR_CLOSE
);
6363 if ((ofun
&3) == 1) {
6364 if(SMB_VFS_LSEEK(fsp2
,0,SEEK_END
) == -1) {
6365 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno
) ));
6367 * Stop the copy from occurring.
6370 src_sbuf
.st_size
= 0;
6374 if (src_sbuf
.st_size
) {
6375 ret
= vfs_transfer_file(fsp1
, fsp2
, src_sbuf
.st_size
);
6378 close_file(NULL
, fsp1
, NORMAL_CLOSE
);
6380 /* Ensure the modtime is set correctly on the destination file. */
6381 set_close_write_time(fsp2
, get_mtimespec(&src_sbuf
));
6384 * As we are opening fsp1 read-only we only expect
6385 * an error on close on fsp2 if we are out of space.
6386 * Thus we don't look at the error return from the
6389 status
= close_file(NULL
, fsp2
, NORMAL_CLOSE
);
6391 if (!NT_STATUS_IS_OK(status
)) {
6395 if (ret
!= (SMB_OFF_T
)src_sbuf
.st_size
) {
6396 return NT_STATUS_DISK_FULL
;
6399 return NT_STATUS_OK
;
6402 /****************************************************************************
6403 Reply to a file copy.
6404 ****************************************************************************/
6406 void reply_copy(struct smb_request
*req
)
6408 connection_struct
*conn
= req
->conn
;
6410 char *newname
= NULL
;
6411 char *directory
= NULL
;
6412 const char *mask
= NULL
;
6413 const char mask_star
[] = "*";
6416 int error
= ERRnoaccess
;
6421 bool target_is_directory
=False
;
6422 bool source_has_wild
= False
;
6423 bool dest_has_wild
= False
;
6424 SMB_STRUCT_STAT sbuf1
, sbuf2
;
6426 TALLOC_CTX
*ctx
= talloc_tos();
6428 START_PROFILE(SMBcopy
);
6431 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6432 END_PROFILE(SMBcopy
);
6436 tid2
= SVAL(req
->vwv
+0, 0);
6437 ofun
= SVAL(req
->vwv
+1, 0);
6438 flags
= SVAL(req
->vwv
+2, 0);
6440 p
= (const char *)req
->buf
;
6441 p
+= srvstr_get_path_req_wcard(ctx
, req
, &name
, p
, STR_TERMINATE
,
6442 &status
, &source_has_wild
);
6443 if (!NT_STATUS_IS_OK(status
)) {
6444 reply_nterror(req
, status
);
6445 END_PROFILE(SMBcopy
);
6448 p
+= srvstr_get_path_req_wcard(ctx
, req
, &newname
, p
, STR_TERMINATE
,
6449 &status
, &dest_has_wild
);
6450 if (!NT_STATUS_IS_OK(status
)) {
6451 reply_nterror(req
, status
);
6452 END_PROFILE(SMBcopy
);
6456 DEBUG(3,("reply_copy : %s -> %s\n",name
,newname
));
6458 if (tid2
!= conn
->cnum
) {
6459 /* can't currently handle inter share copies XXXX */
6460 DEBUG(3,("Rejecting inter-share copy\n"));
6461 reply_doserror(req
, ERRSRV
, ERRinvdevice
);
6462 END_PROFILE(SMBcopy
);
6466 status
= resolve_dfspath_wcard(ctx
, conn
,
6467 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6471 if (!NT_STATUS_IS_OK(status
)) {
6472 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6473 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6474 ERRSRV
, ERRbadpath
);
6475 END_PROFILE(SMBcopy
);
6478 reply_nterror(req
, status
);
6479 END_PROFILE(SMBcopy
);
6483 status
= resolve_dfspath_wcard(ctx
, conn
,
6484 req
->flags2
& FLAGS2_DFS_PATHNAMES
,
6488 if (!NT_STATUS_IS_OK(status
)) {
6489 if (NT_STATUS_EQUAL(status
,NT_STATUS_PATH_NOT_COVERED
)) {
6490 reply_botherror(req
, NT_STATUS_PATH_NOT_COVERED
,
6491 ERRSRV
, ERRbadpath
);
6492 END_PROFILE(SMBcopy
);
6495 reply_nterror(req
, status
);
6496 END_PROFILE(SMBcopy
);
6500 status
= unix_convert(ctx
, conn
, name
, source_has_wild
,
6501 &name
, NULL
, &sbuf1
);
6502 if (!NT_STATUS_IS_OK(status
)) {
6503 reply_nterror(req
, status
);
6504 END_PROFILE(SMBcopy
);
6508 status
= unix_convert(ctx
, conn
, newname
, dest_has_wild
,
6509 &newname
, NULL
, &sbuf2
);
6510 if (!NT_STATUS_IS_OK(status
)) {
6511 reply_nterror(req
, status
);
6512 END_PROFILE(SMBcopy
);
6516 target_is_directory
= VALID_STAT_OF_DIR(sbuf2
);
6518 if ((flags
&1) && target_is_directory
) {
6519 reply_doserror(req
, ERRDOS
, ERRbadfile
);
6520 END_PROFILE(SMBcopy
);
6524 if ((flags
&2) && !target_is_directory
) {
6525 reply_doserror(req
, ERRDOS
, ERRbadpath
);
6526 END_PROFILE(SMBcopy
);
6530 if ((flags
&(1<<5)) && VALID_STAT_OF_DIR(sbuf1
)) {
6531 /* wants a tree copy! XXXX */
6532 DEBUG(3,("Rejecting tree copy\n"));
6533 reply_doserror(req
, ERRSRV
, ERRerror
);
6534 END_PROFILE(SMBcopy
);
6538 p
= strrchr_m(name
,'/');
6540 directory
= talloc_strndup(ctx
, name
, PTR_DIFF(p
, name
));
6543 directory
= talloc_strdup(ctx
, "./");
6548 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6549 END_PROFILE(SMBcopy
);
6554 * We should only check the mangled cache
6555 * here if unix_convert failed. This means
6556 * that the path in 'mask' doesn't exist
6557 * on the file system and so we need to look
6558 * for a possible mangle. This patch from
6559 * Tine Smukavec <valentin.smukavec@hermes.si>.
6562 if (!VALID_STAT(sbuf1
) && mangle_is_mangled(mask
, conn
->params
)) {
6563 char *new_mask
= NULL
;
6564 mangle_lookup_name_from_8_3(ctx
,
6573 if (!source_has_wild
) {
6574 directory
= talloc_asprintf_append(directory
,
6577 if (dest_has_wild
) {
6578 char *mod_newname
= NULL
;
6579 if (!resolve_wildcards(ctx
,
6580 directory
,newname
,&mod_newname
)) {
6581 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6582 END_PROFILE(SMBcopy
);
6585 newname
= mod_newname
;
6588 status
= check_name(conn
, directory
);
6589 if (!NT_STATUS_IS_OK(status
)) {
6590 reply_nterror(req
, status
);
6591 END_PROFILE(SMBcopy
);
6595 status
= check_name(conn
, newname
);
6596 if (!NT_STATUS_IS_OK(status
)) {
6597 reply_nterror(req
, status
);
6598 END_PROFILE(SMBcopy
);
6602 status
= copy_file(ctx
,conn
,directory
,newname
,ofun
,
6603 count
,target_is_directory
);
6605 if(!NT_STATUS_IS_OK(status
)) {
6606 reply_nterror(req
, status
);
6607 END_PROFILE(SMBcopy
);
6613 struct smb_Dir
*dir_hnd
= NULL
;
6614 const char *dname
= NULL
;
6617 if (strequal(mask
,"????????.???")) {
6621 status
= check_name(conn
, directory
);
6622 if (!NT_STATUS_IS_OK(status
)) {
6623 reply_nterror(req
, status
);
6624 END_PROFILE(SMBcopy
);
6628 dir_hnd
= OpenDir(talloc_tos(), conn
, directory
, mask
, 0);
6629 if (dir_hnd
== NULL
) {
6630 status
= map_nt_error_from_unix(errno
);
6631 reply_nterror(req
, status
);
6632 END_PROFILE(SMBcopy
);
6638 while ((dname
= ReadDirName(dir_hnd
, &offset
, &sbuf1
))) {
6639 char *destname
= NULL
;
6642 if (ISDOT(dname
) || ISDOTDOT(dname
)) {
6646 if (!is_visible_file(conn
, directory
, dname
, &sbuf1
, False
)) {
6650 if(!mask_match(dname
, mask
, conn
->case_sensitive
)) {
6654 error
= ERRnoaccess
;
6655 fname
= talloc_asprintf(ctx
,
6660 TALLOC_FREE(dir_hnd
);
6661 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6662 END_PROFILE(SMBcopy
);
6666 if (!resolve_wildcards(ctx
,
6667 fname
,newname
,&destname
)) {
6671 TALLOC_FREE(dir_hnd
);
6672 reply_nterror(req
, NT_STATUS_NO_MEMORY
);
6673 END_PROFILE(SMBcopy
);
6677 status
= check_name(conn
, fname
);
6678 if (!NT_STATUS_IS_OK(status
)) {
6679 TALLOC_FREE(dir_hnd
);
6680 reply_nterror(req
, status
);
6681 END_PROFILE(SMBcopy
);
6685 status
= check_name(conn
, destname
);
6686 if (!NT_STATUS_IS_OK(status
)) {
6687 TALLOC_FREE(dir_hnd
);
6688 reply_nterror(req
, status
);
6689 END_PROFILE(SMBcopy
);
6693 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname
, destname
));
6695 status
= copy_file(ctx
,conn
,fname
,destname
,ofun
,
6696 count
,target_is_directory
);
6697 if (NT_STATUS_IS_OK(status
)) {
6701 TALLOC_FREE(destname
);
6703 TALLOC_FREE(dir_hnd
);
6708 /* Error on close... */
6710 reply_unixerror(req
, ERRHRD
, ERRgeneral
);
6711 END_PROFILE(SMBcopy
);
6715 reply_doserror(req
, ERRDOS
, error
);
6716 END_PROFILE(SMBcopy
);
6720 reply_outbuf(req
, 1, 0);
6721 SSVAL(req
->outbuf
,smb_vwv0
,count
);
6723 END_PROFILE(SMBcopy
);
6728 #define DBGC_CLASS DBGC_LOCKING
6730 /****************************************************************************
6731 Get a lock pid, dealing with large count requests.
6732 ****************************************************************************/
6734 uint32
get_lock_pid(const uint8_t *data
, int data_offset
,
6735 bool large_file_format
)
6737 if(!large_file_format
)
6738 return (uint32
)SVAL(data
,SMB_LPID_OFFSET(data_offset
));
6740 return (uint32
)SVAL(data
,SMB_LARGE_LPID_OFFSET(data_offset
));
6743 /****************************************************************************
6744 Get a lock count, dealing with large count requests.
6745 ****************************************************************************/
6747 uint64_t get_lock_count(const uint8_t *data
, int data_offset
,
6748 bool large_file_format
)
6752 if(!large_file_format
) {
6753 count
= (uint64_t)IVAL(data
,SMB_LKLEN_OFFSET(data_offset
));
6756 #if defined(HAVE_LONGLONG)
6757 count
= (((uint64_t) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
))) << 32) |
6758 ((uint64_t) IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)));
6759 #else /* HAVE_LONGLONG */
6762 * NT4.x seems to be broken in that it sends large file (64 bit)
6763 * lockingX calls even if the CAP_LARGE_FILES was *not*
6764 * negotiated. For boxes without large unsigned ints truncate the
6765 * lock count by dropping the top 32 bits.
6768 if(IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)) != 0) {
6769 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6770 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
)),
6771 (unsigned int)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
)) ));
6772 SIVAL(data
,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset
),0);
6775 count
= (uint64_t)IVAL(data
,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset
));
6776 #endif /* HAVE_LONGLONG */
6782 #if !defined(HAVE_LONGLONG)
6783 /****************************************************************************
6784 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6785 ****************************************************************************/
6787 static uint32
map_lock_offset(uint32 high
, uint32 low
)
6791 uint32 highcopy
= high
;
6794 * Try and find out how many significant bits there are in high.
6797 for(i
= 0; highcopy
; i
++)
6801 * We use 31 bits not 32 here as POSIX
6802 * lock offsets may not be negative.
6805 mask
= (~0) << (31 - i
);
6808 return 0; /* Fail. */
6814 #endif /* !defined(HAVE_LONGLONG) */
6816 /****************************************************************************
6817 Get a lock offset, dealing with large offset requests.
6818 ****************************************************************************/
6820 uint64_t get_lock_offset(const uint8_t *data
, int data_offset
,
6821 bool large_file_format
, bool *err
)
6823 uint64_t offset
= 0;
6827 if(!large_file_format
) {
6828 offset
= (uint64_t)IVAL(data
,SMB_LKOFF_OFFSET(data_offset
));
6831 #if defined(HAVE_LONGLONG)
6832 offset
= (((uint64_t) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
))) << 32) |
6833 ((uint64_t) IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
)));
6834 #else /* HAVE_LONGLONG */
6837 * NT4.x seems to be broken in that it sends large file (64 bit)
6838 * lockingX calls even if the CAP_LARGE_FILES was *not*
6839 * negotiated. For boxes without large unsigned ints mangle the
6840 * lock offset by mapping the top 32 bits onto the lower 32.
6843 if(IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
)) != 0) {
6844 uint32 low
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6845 uint32 high
= IVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
));
6848 if((new_low
= map_lock_offset(high
, low
)) == 0) {
6850 return (uint64_t)-1;
6853 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6854 (unsigned int)high
, (unsigned int)low
, (unsigned int)new_low
));
6855 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset
),0);
6856 SIVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
),new_low
);
6859 offset
= (uint64_t)IVAL(data
,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset
));
6860 #endif /* HAVE_LONGLONG */
6866 /****************************************************************************
6867 Reply to a lockingX request.
6868 ****************************************************************************/
6870 void reply_lockingX(struct smb_request
*req
)
6872 connection_struct
*conn
= req
->conn
;
6874 unsigned char locktype
;
6875 unsigned char oplocklevel
;
6878 uint64_t count
= 0, offset
= 0;
6882 const uint8_t *data
;
6883 bool large_file_format
;
6885 NTSTATUS status
= NT_STATUS_UNSUCCESSFUL
;
6887 START_PROFILE(SMBlockingX
);
6890 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6891 END_PROFILE(SMBlockingX
);
6895 fsp
= file_fsp(req
, SVAL(req
->vwv
+2, 0));
6896 locktype
= CVAL(req
->vwv
+3, 0);
6897 oplocklevel
= CVAL(req
->vwv
+3, 1);
6898 num_ulocks
= SVAL(req
->vwv
+6, 0);
6899 num_locks
= SVAL(req
->vwv
+7, 0);
6900 lock_timeout
= IVAL(req
->vwv
+4, 0);
6901 large_file_format
= (locktype
& LOCKING_ANDX_LARGE_FILES
)?True
:False
;
6903 if (!check_fsp(conn
, req
, fsp
)) {
6904 END_PROFILE(SMBlockingX
);
6910 if (locktype
& LOCKING_ANDX_CHANGE_LOCKTYPE
) {
6911 /* we don't support these - and CANCEL_LOCK makes w2k
6912 and XP reboot so I don't really want to be
6913 compatible! (tridge) */
6914 reply_nterror(req
, NT_STATUS_DOS(ERRDOS
, ERRnoatomiclocks
));
6915 END_PROFILE(SMBlockingX
);
6919 /* Check if this is an oplock break on a file
6920 we have granted an oplock on.
6922 if ((locktype
& LOCKING_ANDX_OPLOCK_RELEASE
)) {
6923 /* Client can insist on breaking to none. */
6924 bool break_to_none
= (oplocklevel
== 0);
6927 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6928 "for fnum = %d\n", (unsigned int)oplocklevel
,
6932 * Make sure we have granted an exclusive or batch oplock on
6936 if (fsp
->oplock_type
== 0) {
6938 /* The Samba4 nbench simulator doesn't understand
6939 the difference between break to level2 and break
6940 to none from level2 - it sends oplock break
6941 replies in both cases. Don't keep logging an error
6942 message here - just ignore it. JRA. */
6944 DEBUG(5,("reply_lockingX: Error : oplock break from "
6945 "client for fnum = %d (oplock=%d) and no "
6946 "oplock granted on this file (%s).\n",
6947 fsp
->fnum
, fsp
->oplock_type
, fsp
->fsp_name
));
6949 /* if this is a pure oplock break request then don't
6951 if (num_locks
== 0 && num_ulocks
== 0) {
6952 END_PROFILE(SMBlockingX
);
6955 END_PROFILE(SMBlockingX
);
6956 reply_doserror(req
, ERRDOS
, ERRlock
);
6961 if ((fsp
->sent_oplock_break
== BREAK_TO_NONE_SENT
) ||
6963 result
= remove_oplock(fsp
);
6965 result
= downgrade_oplock(fsp
);
6969 DEBUG(0, ("reply_lockingX: error in removing "
6970 "oplock on file %s\n", fsp
->fsp_name
));
6971 /* Hmmm. Is this panic justified? */
6972 smb_panic("internal tdb error");
6975 reply_to_oplock_break_requests(fsp
);
6977 /* if this is a pure oplock break request then don't send a
6979 if (num_locks
== 0 && num_ulocks
== 0) {
6980 /* Sanity check - ensure a pure oplock break is not a
6982 if(CVAL(req
->vwv
+0, 0) != 0xff)
6983 DEBUG(0,("reply_lockingX: Error : pure oplock "
6984 "break is a chained %d request !\n",
6985 (unsigned int)CVAL(req
->vwv
+0, 0)));
6986 END_PROFILE(SMBlockingX
);
6992 (num_ulocks
+ num_locks
) * (large_file_format
? 20 : 10)) {
6993 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
6994 END_PROFILE(SMBlockingX
);
6998 /* Data now points at the beginning of the list
6999 of smb_unlkrng structs */
7000 for(i
= 0; i
< (int)num_ulocks
; i
++) {
7001 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
7002 count
= get_lock_count( data
, i
, large_file_format
);
7003 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
7006 * There is no error code marked "stupid client bug".... :-).
7009 END_PROFILE(SMBlockingX
);
7010 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7014 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
7015 "pid %u, file %s\n", (double)offset
, (double)count
,
7016 (unsigned int)lock_pid
, fsp
->fsp_name
));
7018 status
= do_unlock(smbd_messaging_context(),
7025 DEBUG(10, ("reply_lockingX: unlock returned %s\n",
7026 nt_errstr(status
)));
7028 if (NT_STATUS_V(status
)) {
7029 END_PROFILE(SMBlockingX
);
7030 reply_nterror(req
, status
);
7035 /* Setup the timeout in seconds. */
7037 if (!lp_blocking_locks(SNUM(conn
))) {
7041 /* Now do any requested locks */
7042 data
+= ((large_file_format
? 20 : 10)*num_ulocks
);
7044 /* Data now points at the beginning of the list
7045 of smb_lkrng structs */
7047 for(i
= 0; i
< (int)num_locks
; i
++) {
7048 enum brl_type lock_type
= ((locktype
& LOCKING_ANDX_SHARED_LOCK
) ?
7049 READ_LOCK
:WRITE_LOCK
);
7050 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
7051 count
= get_lock_count( data
, i
, large_file_format
);
7052 offset
= get_lock_offset( data
, i
, large_file_format
, &err
);
7055 * There is no error code marked "stupid client bug".... :-).
7058 END_PROFILE(SMBlockingX
);
7059 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7063 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
7064 "%u, file %s timeout = %d\n", (double)offset
,
7065 (double)count
, (unsigned int)lock_pid
,
7066 fsp
->fsp_name
, (int)lock_timeout
));
7068 if (locktype
& LOCKING_ANDX_CANCEL_LOCK
) {
7069 struct blocking_lock_record
*blr
= NULL
;
7071 if (lp_blocking_locks(SNUM(conn
))) {
7073 /* Schedule a message to ourselves to
7074 remove the blocking lock record and
7075 return the right error. */
7077 blr
= blocking_lock_cancel(fsp
,
7083 NT_STATUS_FILE_LOCK_CONFLICT
);
7085 END_PROFILE(SMBlockingX
);
7090 ERRcancelviolation
));
7094 /* Remove a matching pending lock. */
7095 status
= do_lock_cancel(fsp
,
7102 bool blocking_lock
= lock_timeout
? True
: False
;
7103 bool defer_lock
= False
;
7104 struct byte_range_lock
*br_lck
;
7105 uint32 block_smbpid
;
7107 br_lck
= do_lock(smbd_messaging_context(),
7119 if (br_lck
&& blocking_lock
&& ERROR_WAS_LOCK_DENIED(status
)) {
7120 /* Windows internal resolution for blocking locks seems
7121 to be about 200ms... Don't wait for less than that. JRA. */
7122 if (lock_timeout
!= -1 && lock_timeout
< lp_lock_spin_time()) {
7123 lock_timeout
= lp_lock_spin_time();
7128 /* This heuristic seems to match W2K3 very well. If a
7129 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7130 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7131 far as I can tell. Replacement for do_lock_spin(). JRA. */
7133 if (br_lck
&& lp_blocking_locks(SNUM(conn
)) && !blocking_lock
&&
7134 NT_STATUS_EQUAL((status
), NT_STATUS_FILE_LOCK_CONFLICT
)) {
7136 lock_timeout
= lp_lock_spin_time();
7139 if (br_lck
&& defer_lock
) {
7141 * A blocking lock was requested. Package up
7142 * this smb into a queued request and push it
7143 * onto the blocking lock queue.
7145 if(push_blocking_lock_request(br_lck
,
7156 TALLOC_FREE(br_lck
);
7157 END_PROFILE(SMBlockingX
);
7162 TALLOC_FREE(br_lck
);
7165 if (NT_STATUS_V(status
)) {
7166 END_PROFILE(SMBlockingX
);
7167 reply_nterror(req
, status
);
7172 /* If any of the above locks failed, then we must unlock
7173 all of the previous locks (X/Open spec). */
7175 if (!(locktype
& LOCKING_ANDX_CANCEL_LOCK
) &&
7179 * Ensure we don't do a remove on the lock that just failed,
7180 * as under POSIX rules, if we have a lock already there, we
7181 * will delete it (and we shouldn't) .....
7183 for(i
--; i
>= 0; i
--) {
7184 lock_pid
= get_lock_pid( data
, i
, large_file_format
);
7185 count
= get_lock_count( data
, i
, large_file_format
);
7186 offset
= get_lock_offset( data
, i
, large_file_format
,
7190 * There is no error code marked "stupid client
7194 END_PROFILE(SMBlockingX
);
7195 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7199 do_unlock(smbd_messaging_context(),
7206 END_PROFILE(SMBlockingX
);
7207 reply_nterror(req
, status
);
7211 reply_outbuf(req
, 2, 0);
7213 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7214 fsp
->fnum
, (unsigned int)locktype
, num_locks
, num_ulocks
));
7216 END_PROFILE(SMBlockingX
);
7221 #define DBGC_CLASS DBGC_ALL
7223 /****************************************************************************
7224 Reply to a SMBreadbmpx (read block multiplex) request.
7225 Always reply with an error, if someone has a platform really needs this,
7226 please contact vl@samba.org
7227 ****************************************************************************/
7229 void reply_readbmpx(struct smb_request
*req
)
7231 START_PROFILE(SMBreadBmpx
);
7232 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7233 END_PROFILE(SMBreadBmpx
);
7237 /****************************************************************************
7238 Reply to a SMBreadbs (read block multiplex secondary) request.
7239 Always reply with an error, if someone has a platform really needs this,
7240 please contact vl@samba.org
7241 ****************************************************************************/
7243 void reply_readbs(struct smb_request
*req
)
7245 START_PROFILE(SMBreadBs
);
7246 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7247 END_PROFILE(SMBreadBs
);
7251 /****************************************************************************
7252 Reply to a SMBsetattrE.
7253 ****************************************************************************/
7255 void reply_setattrE(struct smb_request
*req
)
7257 connection_struct
*conn
= req
->conn
;
7258 struct smb_file_time ft
;
7260 SMB_STRUCT_STAT sbuf
;
7263 START_PROFILE(SMBsetattrE
);
7267 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7268 END_PROFILE(SMBsetattrE
);
7272 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
7274 if(!fsp
|| (fsp
->conn
!= conn
)) {
7275 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7276 END_PROFILE(SMBsetattrE
);
7282 * Convert the DOS times into unix times.
7285 ft
.atime
= convert_time_t_to_timespec(
7286 srv_make_unix_date2(req
->vwv
+3));
7287 ft
.mtime
= convert_time_t_to_timespec(
7288 srv_make_unix_date2(req
->vwv
+5));
7289 ft
.create_time
= convert_time_t_to_timespec(
7290 srv_make_unix_date2(req
->vwv
+1));
7292 reply_outbuf(req
, 0, 0);
7295 * Patch from Ray Frush <frush@engr.colostate.edu>
7296 * Sometimes times are sent as zero - ignore them.
7299 /* Ensure we have a valid stat struct for the source. */
7300 if (fsp
->fh
->fd
!= -1) {
7301 if (SMB_VFS_FSTAT(fsp
, &sbuf
) == -1) {
7302 status
= map_nt_error_from_unix(errno
);
7303 reply_nterror(req
, status
);
7304 END_PROFILE(SMBsetattrE
);
7310 if (fsp
->posix_open
) {
7311 ret
= SMB_VFS_LSTAT(conn
, fsp
->fsp_name
, &sbuf
);
7313 ret
= SMB_VFS_STAT(conn
, fsp
->fsp_name
, &sbuf
);
7316 status
= map_nt_error_from_unix(errno
);
7317 reply_nterror(req
, status
);
7318 END_PROFILE(SMBsetattrE
);
7323 status
= smb_set_file_time(conn
, fsp
, fsp
->fsp_name
,
7325 if (!NT_STATUS_IS_OK(status
)) {
7326 reply_doserror(req
, ERRDOS
, ERRnoaccess
);
7327 END_PROFILE(SMBsetattrE
);
7331 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7334 (unsigned int)ft
.atime
.tv_sec
,
7335 (unsigned int)ft
.mtime
.tv_sec
,
7336 (unsigned int)ft
.create_time
.tv_sec
7339 END_PROFILE(SMBsetattrE
);
7344 /* Back from the dead for OS/2..... JRA. */
7346 /****************************************************************************
7347 Reply to a SMBwritebmpx (write block multiplex primary) request.
7348 Always reply with an error, if someone has a platform really needs this,
7349 please contact vl@samba.org
7350 ****************************************************************************/
7352 void reply_writebmpx(struct smb_request
*req
)
7354 START_PROFILE(SMBwriteBmpx
);
7355 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7356 END_PROFILE(SMBwriteBmpx
);
7360 /****************************************************************************
7361 Reply to a SMBwritebs (write block multiplex secondary) request.
7362 Always reply with an error, if someone has a platform really needs this,
7363 please contact vl@samba.org
7364 ****************************************************************************/
7366 void reply_writebs(struct smb_request
*req
)
7368 START_PROFILE(SMBwriteBs
);
7369 reply_doserror(req
, ERRSRV
, ERRuseSTD
);
7370 END_PROFILE(SMBwriteBs
);
7374 /****************************************************************************
7375 Reply to a SMBgetattrE.
7376 ****************************************************************************/
7378 void reply_getattrE(struct smb_request
*req
)
7380 connection_struct
*conn
= req
->conn
;
7381 SMB_STRUCT_STAT sbuf
;
7384 struct timespec create_ts
;
7386 START_PROFILE(SMBgetattrE
);
7389 reply_nterror(req
, NT_STATUS_INVALID_PARAMETER
);
7390 END_PROFILE(SMBgetattrE
);
7394 fsp
= file_fsp(req
, SVAL(req
->vwv
+0, 0));
7396 if(!fsp
|| (fsp
->conn
!= conn
)) {
7397 reply_doserror(req
, ERRDOS
, ERRbadfid
);
7398 END_PROFILE(SMBgetattrE
);
7402 /* Do an fstat on this file */
7403 if(fsp_stat(fsp
, &sbuf
)) {
7404 reply_unixerror(req
, ERRDOS
, ERRnoaccess
);
7405 END_PROFILE(SMBgetattrE
);
7409 mode
= dos_mode(conn
,fsp
->fsp_name
,&sbuf
);
7412 * Convert the times into dos times. Set create
7413 * date to be last modify date as UNIX doesn't save
7417 reply_outbuf(req
, 11, 0);
7419 create_ts
= get_create_timespec(&sbuf
,
7420 lp_fake_dir_create_times(SNUM(conn
)));
7421 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv0
, create_ts
.tv_sec
);
7422 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv2
, sbuf
.st_atime
);
7423 /* Should we check pending modtime here ? JRA */
7424 srv_put_dos_date2((char *)req
->outbuf
, smb_vwv4
, sbuf
.st_mtime
);
7427 SIVAL(req
->outbuf
, smb_vwv6
, 0);
7428 SIVAL(req
->outbuf
, smb_vwv8
, 0);
7430 uint32 allocation_size
= SMB_VFS_GET_ALLOC_SIZE(conn
,fsp
, &sbuf
);
7431 SIVAL(req
->outbuf
, smb_vwv6
, (uint32
)sbuf
.st_size
);
7432 SIVAL(req
->outbuf
, smb_vwv8
, allocation_size
);
7434 SSVAL(req
->outbuf
,smb_vwv10
, mode
);
7436 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp
->fnum
));
7438 END_PROFILE(SMBgetattrE
);