2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 3 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include "system/filesys.h"
23 #include "smbd/smbd.h"
24 #include "smbd/globals.h"
25 #include "../libcli/smb/smb_common.h"
26 #include "libcli/security/security.h"
27 #include "../lib/util/tevent_ntstatus.h"
28 #include "rpc_server/srv_pipe_hnd.h"
30 static struct tevent_req *smbd_smb2_read_send(TALLOC_CTX *mem_ctx,
31 struct tevent_context *ev,
32 struct smbd_smb2_request *smb2req,
33 struct files_struct *in_fsp,
37 uint32_t in_remaining);
38 static NTSTATUS smbd_smb2_read_recv(struct tevent_req *req,
41 uint32_t *out_remaining);
43 static void smbd_smb2_request_read_done(struct tevent_req *subreq);
44 NTSTATUS smbd_smb2_request_process_read(struct smbd_smb2_request *req)
46 struct smbXsrv_connection *xconn = req->xconn;
48 const uint8_t *inbody;
51 uint64_t in_file_id_persistent;
52 uint64_t in_file_id_volatile;
53 struct files_struct *in_fsp;
54 uint32_t in_minimum_count;
55 uint32_t in_remaining_bytes;
56 struct tevent_req *subreq;
58 status = smbd_smb2_request_verify_sizes(req, 0x31);
59 if (!NT_STATUS_IS_OK(status)) {
60 return smbd_smb2_request_error(req, status);
62 inbody = SMBD_SMB2_IN_BODY_PTR(req);
64 in_length = IVAL(inbody, 0x04);
65 in_offset = BVAL(inbody, 0x08);
66 in_file_id_persistent = BVAL(inbody, 0x10);
67 in_file_id_volatile = BVAL(inbody, 0x18);
68 in_minimum_count = IVAL(inbody, 0x20);
69 in_remaining_bytes = IVAL(inbody, 0x28);
71 /* check the max read size */
72 if (in_length > xconn->smb2.server.max_read) {
73 DEBUG(2,("smbd_smb2_request_process_read: "
74 "client ignored max read: %s: 0x%08X: 0x%08X\n",
75 __location__, in_length, xconn->smb2.server.max_read));
76 return smbd_smb2_request_error(req, NT_STATUS_INVALID_PARAMETER);
79 status = smbd_smb2_request_verify_creditcharge(req, in_length);
80 if (!NT_STATUS_IS_OK(status)) {
81 return smbd_smb2_request_error(req, status);
84 in_fsp = file_fsp_smb2(req, in_file_id_persistent, in_file_id_volatile);
86 return smbd_smb2_request_error(req, NT_STATUS_FILE_CLOSED);
89 subreq = smbd_smb2_read_send(req, req->sconn->ev_ctx,
96 return smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
98 tevent_req_set_callback(subreq, smbd_smb2_request_read_done, req);
100 return smbd_smb2_request_pending_queue(req, subreq, 500);
103 static void smbd_smb2_request_read_done(struct tevent_req *subreq)
105 struct smbd_smb2_request *req = tevent_req_callback_data(subreq,
106 struct smbd_smb2_request);
109 uint8_t out_data_offset;
110 DATA_BLOB out_data_buffer = data_blob_null;
111 uint32_t out_data_remaining = 0;
113 NTSTATUS error; /* transport error */
115 status = smbd_smb2_read_recv(subreq,
118 &out_data_remaining);
120 if (!NT_STATUS_IS_OK(status)) {
121 error = smbd_smb2_request_error(req, status);
122 if (!NT_STATUS_IS_OK(error)) {
123 smbd_server_connection_terminate(req->xconn,
130 out_data_offset = SMB2_HDR_BODY + 0x10;
132 outbody = smbd_smb2_generate_outbody(req, 0x10);
133 if (outbody.data == NULL) {
134 error = smbd_smb2_request_error(req, NT_STATUS_NO_MEMORY);
135 if (!NT_STATUS_IS_OK(error)) {
136 smbd_server_connection_terminate(req->xconn,
143 SSVAL(outbody.data, 0x00, 0x10 + 1); /* struct size */
144 SCVAL(outbody.data, 0x02,
145 out_data_offset); /* data offset */
146 SCVAL(outbody.data, 0x03, 0); /* reserved */
147 SIVAL(outbody.data, 0x04,
148 out_data_buffer.length); /* data length */
149 SIVAL(outbody.data, 0x08,
150 out_data_remaining); /* data remaining */
151 SIVAL(outbody.data, 0x0C, 0); /* reserved */
153 outdyn = out_data_buffer;
155 error = smbd_smb2_request_done(req, outbody, &outdyn);
156 if (!NT_STATUS_IS_OK(error)) {
157 smbd_server_connection_terminate(req->xconn,
163 struct smbd_smb2_read_state {
164 struct smbd_smb2_request *smb2req;
165 struct smb_request *smbreq;
170 DATA_BLOB out_headers;
171 uint8_t _out_hdr_buf[NBT_HDR_SIZE + SMB2_HDR_BODY + 0x10];
173 uint32_t out_remaining;
176 static int smb2_smb2_read_state_deny_destructor(struct smbd_smb2_read_state *state)
181 /* struct smbd_smb2_read_state destructor. Send the SMB2_READ data. */
182 static int smb2_sendfile_send_data(struct smbd_smb2_read_state *state)
184 struct lock_struct lock;
185 uint32_t in_length = state->in_length;
186 uint64_t in_offset = state->in_offset;
187 files_struct *fsp = state->fsp;
188 const DATA_BLOB *hdr = state->smb2req->queue_entry.sendfile_header;
189 struct smbXsrv_connection *xconn = state->smb2req->xconn;
194 nread = SMB_VFS_SENDFILE(xconn->transport.sock,
199 DEBUG(10,("smb2_sendfile_send_data: SMB_VFS_SENDFILE returned %d on file %s\n",
207 * Returning ENOSYS means no data at all was sent.
208 Do this as a normal read. */
209 if (errno == ENOSYS) {
213 if (errno == EINTR) {
215 * Special hack for broken Linux with no working sendfile. If we
216 * return EINTR we sent the header but not the rest of the data.
217 * Fake this up by doing read/write calls.
219 set_use_sendfile(SNUM(fsp->conn), false);
220 nread = fake_sendfile(xconn, fsp, in_offset, in_length);
223 DEBUG(0,("smb2_sendfile_send_data: fake_sendfile "
224 "failed for file %s (%s) for client %s. "
226 fsp_str_dbg(fsp), strerror(saved_errno),
227 smbXsrv_connection_dbg(xconn)));
228 exit_server_cleanly("smb2_sendfile_send_data: "
229 "fake_sendfile failed");
234 DEBUG(0,("smb2_sendfile_send_data: sendfile failed for file "
235 "%s (%s) for client %s. Terminating\n",
236 fsp_str_dbg(fsp), strerror(saved_errno),
237 smbXsrv_connection_dbg(xconn)));
238 exit_server_cleanly("smb2_sendfile_send_data: sendfile failed");
239 } else if (nread == 0) {
241 * Some sendfile implementations return 0 to indicate
242 * that there was a short read, but nothing was
243 * actually written to the socket. In this case,
244 * fallback to the normal read path so the header gets
245 * the correct byte count.
247 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
248 "falling back to the normal read: %s\n",
254 * We got a short read
259 /* Send out the header. */
260 ret = write_data(xconn->transport.sock,
261 (const char *)hdr->data, hdr->length);
262 if (ret != hdr->length) {
264 DEBUG(0,("smb2_sendfile_send_data: write_data failed for file "
265 "%s (%s) for client %s. Terminating\n",
266 fsp_str_dbg(fsp), strerror(saved_errno),
267 smbXsrv_connection_dbg(xconn)));
268 exit_server_cleanly("smb2_sendfile_send_data: write_data failed");
270 nread = fake_sendfile(xconn, fsp, in_offset, in_length);
273 DEBUG(0,("smb2_sendfile_send_data: fake_sendfile "
274 "failed for file %s (%s) for client %s. "
276 fsp_str_dbg(fsp), strerror(saved_errno),
277 smbXsrv_connection_dbg(xconn)));
278 exit_server_cleanly("smb2_sendfile_send_data: "
279 "fake_sendfile failed");
284 if (nread < in_length) {
285 ret = sendfile_short_send(xconn, fsp, nread,
286 hdr->length, in_length);
289 DEBUG(0,("smb2_sendfile_send_data: sendfile_short_send "
290 "failed for file %s (%s) for client %s. "
292 fsp_str_dbg(fsp), strerror(saved_errno),
293 smbXsrv_connection_dbg(xconn)));
294 exit_server_cleanly("smb2_sendfile_send_data: "
295 "sendfile_short_send failed");
299 init_strict_lock_struct(fsp,
300 fsp->op->global->open_persistent_id,
306 SMB_VFS_STRICT_UNLOCK(fsp->conn, fsp, &lock);
310 static NTSTATUS schedule_smb2_sendfile_read(struct smbd_smb2_request *smb2req,
311 struct smbd_smb2_read_state *state)
313 files_struct *fsp = state->fsp;
316 * We cannot use sendfile if...
317 * We were not configured to do so OR
318 * Signing is active OR
319 * This is a compound SMB2 operation OR
320 * fsp is a STREAM file OR
321 * We're using a write cache OR
322 * It's not a regular file OR
323 * Requested offset is greater than file size OR
324 * there's not enough data in the file.
325 * Phew :-). Luckily this means most
326 * reads on most normal files. JRA.
329 if (!lp__use_sendfile(SNUM(fsp->conn)) ||
330 smb2req->do_signing ||
331 smb2req->do_encryption ||
332 smb2req->in.vector_count >= (2*SMBD_SMB2_NUM_IOV_PER_REQ) ||
333 (fsp->base_fsp != NULL) ||
334 (fsp->wcp != NULL) ||
335 (!S_ISREG(fsp->fsp_name->st.st_ex_mode)) ||
336 (state->in_offset >= fsp->fsp_name->st.st_ex_size) ||
337 (fsp->fsp_name->st.st_ex_size < state->in_offset + state->in_length))
339 return NT_STATUS_RETRY;
342 /* We've already checked there's this amount of data
344 state->out_data.length = state->in_length;
345 state->out_remaining = 0;
347 state->out_headers = data_blob_const(state->_out_hdr_buf,
348 sizeof(state->_out_hdr_buf));
352 static void smbd_smb2_read_pipe_done(struct tevent_req *subreq);
354 /*******************************************************************
355 Common read complete processing function for both synchronous and
357 *******************************************************************/
359 NTSTATUS smb2_read_complete(struct tevent_req *req, ssize_t nread, int err)
361 struct smbd_smb2_read_state *state = tevent_req_data(req,
362 struct smbd_smb2_read_state);
363 files_struct *fsp = state->fsp;
366 NTSTATUS status = map_nt_error_from_unix(err);
368 DEBUG( 3,( "smb2_read_complete: file %s nread = %d. "
369 "Error = %s (NTSTATUS %s)\n",
377 if (nread == 0 && state->in_length != 0) {
378 DEBUG(5,("smb2_read_complete: read_file[%s] end of file\n",
380 return NT_STATUS_END_OF_FILE;
383 if (nread < state->in_minimum) {
384 DEBUG(5,("smb2_read_complete: read_file[%s] read less %d than "
385 "minimum requested %u. Returning end of file\n",
388 (unsigned int)state->in_minimum));
389 return NT_STATUS_END_OF_FILE;
392 DEBUG(3,("smbd_smb2_read: %s, file %s, length=%lu offset=%lu read=%lu\n",
395 (unsigned long)state->in_length,
396 (unsigned long)state->in_offset,
397 (unsigned long)nread));
399 state->out_data.length = nread;
400 state->out_remaining = 0;
405 static bool smbd_smb2_read_cancel(struct tevent_req *req)
407 struct smbd_smb2_read_state *state =
409 struct smbd_smb2_read_state);
411 return cancel_smb2_aio(state->smbreq);
414 static struct tevent_req *smbd_smb2_read_send(TALLOC_CTX *mem_ctx,
415 struct tevent_context *ev,
416 struct smbd_smb2_request *smb2req,
417 struct files_struct *fsp,
421 uint32_t in_remaining)
424 struct tevent_req *req = NULL;
425 struct smbd_smb2_read_state *state = NULL;
426 struct smb_request *smbreq = NULL;
427 connection_struct *conn = smb2req->tcon->compat;
429 struct lock_struct lock;
432 req = tevent_req_create(mem_ctx, &state,
433 struct smbd_smb2_read_state);
437 state->smb2req = smb2req;
438 state->in_length = in_length;
439 state->in_offset = in_offset;
440 state->in_minimum = in_minimum;
441 state->out_data = data_blob_null;
442 state->out_remaining = 0;
444 DEBUG(10,("smbd_smb2_read: %s - %s\n",
445 fsp_str_dbg(fsp), fsp_fnum_dbg(fsp)));
447 smbreq = smbd_smb2_fake_smb_request(smb2req);
448 if (tevent_req_nomem(smbreq, req)) {
449 return tevent_req_post(req, ev);
451 state->smbreq = smbreq;
453 if (fsp->is_directory) {
454 tevent_req_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
455 return tevent_req_post(req, ev);
460 if (IS_IPC(smbreq->conn)) {
461 struct tevent_req *subreq = NULL;
463 state->out_data = data_blob_talloc(state, NULL, in_length);
464 if (in_length > 0 && tevent_req_nomem(state->out_data.data, req)) {
465 return tevent_req_post(req, ev);
468 if (!fsp_is_np(fsp)) {
469 tevent_req_nterror(req, NT_STATUS_FILE_CLOSED);
470 return tevent_req_post(req, ev);
473 subreq = np_read_send(state, ev,
474 fsp->fake_file_handle,
475 state->out_data.data,
476 state->out_data.length);
477 if (tevent_req_nomem(subreq, req)) {
478 return tevent_req_post(req, ev);
480 tevent_req_set_callback(subreq,
481 smbd_smb2_read_pipe_done,
486 if (!CHECK_READ(fsp, smbreq)) {
487 tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
488 return tevent_req_post(req, ev);
491 status = schedule_smb2_aio_read(fsp->conn,
499 if (NT_STATUS_IS_OK(status)) {
501 * Doing an async read, allow this
502 * request to be canceled
504 tevent_req_set_cancel_fn(req, smbd_smb2_read_cancel);
508 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
509 /* Real error in setting up aio. Fail. */
510 tevent_req_nterror(req, status);
511 return tevent_req_post(req, ev);
514 /* Fallback to synchronous. */
516 init_strict_lock_struct(fsp,
517 fsp->op->global->open_persistent_id,
523 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
524 tevent_req_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
525 return tevent_req_post(req, ev);
528 /* Try sendfile in preference. */
529 status = schedule_smb2_sendfile_read(smb2req, state);
530 if (NT_STATUS_IS_OK(status)) {
531 tevent_req_done(req);
532 return tevent_req_post(req, ev);
534 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
535 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
536 tevent_req_nterror(req, status);
537 return tevent_req_post(req, ev);
541 /* Ok, read into memory. Allocate the out buffer. */
542 state->out_data = data_blob_talloc(state, NULL, in_length);
543 if (in_length > 0 && tevent_req_nomem(state->out_data.data, req)) {
544 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
545 return tevent_req_post(req, ev);
548 nread = read_file(fsp,
549 (char *)state->out_data.data,
555 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
557 DEBUG(10,("smbd_smb2_read: file %s, %s, offset=%llu "
558 "len=%llu returned %lld\n",
561 (unsigned long long)in_offset,
562 (unsigned long long)in_length,
565 status = smb2_read_complete(req, nread, saved_errno);
566 if (!NT_STATUS_IS_OK(status)) {
567 tevent_req_nterror(req, status);
570 tevent_req_done(req);
572 return tevent_req_post(req, ev);
575 static void smbd_smb2_read_pipe_done(struct tevent_req *subreq)
577 struct tevent_req *req = tevent_req_callback_data(subreq,
579 struct smbd_smb2_read_state *state = tevent_req_data(req,
580 struct smbd_smb2_read_state);
583 bool is_data_outstanding;
585 status = np_read_recv(subreq, &nread, &is_data_outstanding);
587 if (!NT_STATUS_IS_OK(status)) {
588 NTSTATUS old = status;
589 status = nt_status_np_pipe(old);
590 tevent_req_nterror(req, status);
594 if (nread == 0 && state->out_data.length != 0) {
595 tevent_req_nterror(req, NT_STATUS_END_OF_FILE);
599 state->out_data.length = nread;
600 state->out_remaining = 0;
603 * TODO: add STATUS_BUFFER_OVERFLOW handling, once we also
604 * handle it in SMB1 pipe_read_andx_done().
607 tevent_req_done(req);
610 static NTSTATUS smbd_smb2_read_recv(struct tevent_req *req,
613 uint32_t *out_remaining)
616 struct smbd_smb2_read_state *state = tevent_req_data(req,
617 struct smbd_smb2_read_state);
619 if (tevent_req_is_nterror(req, &status)) {
620 tevent_req_received(req);
624 *out_data = state->out_data;
625 talloc_steal(mem_ctx, out_data->data);
626 *out_remaining = state->out_remaining;
628 if (state->out_headers.length > 0) {
629 talloc_steal(mem_ctx, state);
630 talloc_set_destructor(state, smb2_smb2_read_state_deny_destructor);
631 tevent_req_received(req);
632 state->smb2req->queue_entry.sendfile_header = &state->out_headers;
633 talloc_set_destructor(state, smb2_sendfile_send_data);
635 tevent_req_received(req);
git.samba.org / nivanova / samba-autobuild / .git / blob