2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
33 unsigned int smb_echo_count = 0;
34 extern uint32 global_client_caps;
36 extern struct current_user current_user;
37 extern BOOL global_encrypted_passwords_negotiated;
39 /****************************************************************************
40 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
41 path or anything including wildcards.
42 We're assuming here that '/' is not the second byte in any multibyte char
43 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
45 ****************************************************************************/
47 /* Custom version for processing POSIX paths. */
48 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
50 NTSTATUS check_path_syntax_internal(pstring destname,
51 const pstring srcname,
53 BOOL *p_last_component_contains_wcard)
56 const char *s = srcname;
57 NTSTATUS ret = NT_STATUS_OK;
58 BOOL start_of_name_component = True;
60 *p_last_component_contains_wcard = False;
63 if (IS_PATH_SEP(*s,posix_path)) {
65 * Safe to assume is not the second part of a mb char
66 * as this is handled below.
68 /* Eat multiple '/' or '\\' */
69 while (IS_PATH_SEP(*s,posix_path)) {
72 if ((d != destname) && (*s != '\0')) {
73 /* We only care about non-leading or trailing '/' or '\\' */
77 start_of_name_component = True;
79 *p_last_component_contains_wcard = False;
83 if (start_of_name_component) {
84 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
85 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
88 * No mb char starts with '.' so we're safe checking the directory separator here.
91 /* If we just added a '/' - delete it */
92 if ((d > destname) && (*(d-1) == '/')) {
97 /* Are we at the start ? Can't go back further if so. */
99 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
102 /* Go back one level... */
103 /* We know this is safe as '/' cannot be part of a mb sequence. */
104 /* NOTE - if this assumption is invalid we are not in good shape... */
105 /* Decrement d first as d points to the *next* char to write into. */
106 for (d--; d > destname; d--) {
110 s += 2; /* Else go past the .. */
111 /* We're still at the start of a name component, just the previous one. */
114 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
127 return NT_STATUS_OBJECT_NAME_INVALID;
135 *p_last_component_contains_wcard = True;
144 /* Get the size of the next MB character. */
145 next_codepoint(s,&siz);
163 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
165 return NT_STATUS_INVALID_PARAMETER;
168 start_of_name_component = False;
175 /****************************************************************************
176 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
177 No wildcards allowed.
178 ****************************************************************************/
180 NTSTATUS check_path_syntax(pstring destname, const pstring srcname)
183 return check_path_syntax_internal(destname, srcname, False, &ignore);
186 /****************************************************************************
187 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
188 Wildcards allowed - p_contains_wcard returns true if the last component contained
190 ****************************************************************************/
192 NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard)
194 return check_path_syntax_internal(destname, srcname, False, p_contains_wcard);
197 /****************************************************************************
198 Check the path for a POSIX client.
199 We're assuming here that '/' is not the second byte in any multibyte char
200 set (a safe assumption).
201 ****************************************************************************/
203 NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname)
206 return check_path_syntax_internal(destname, srcname, True, &ignore);
209 /****************************************************************************
210 Pull a string and check the path allowing a wilcard - provide for error return.
211 ****************************************************************************/
213 size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags,
214 NTSTATUS *err, BOOL *contains_wcard)
217 char *tmppath_ptr = tmppath;
220 SMB_ASSERT(dest_len == sizeof(pstring));
224 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
226 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
229 *contains_wcard = False;
231 if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) {
233 * For a DFS path the function parse_dfs_path()
234 * will do the path processing, just make a copy.
236 pstrcpy(dest, tmppath);
241 if (lp_posix_pathnames()) {
242 *err = check_path_syntax_posix(dest, tmppath);
244 *err = check_path_syntax_wcard(dest, tmppath, contains_wcard);
250 /****************************************************************************
251 Pull a string and check the path - provide for error return.
252 ****************************************************************************/
254 size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err)
257 char *tmppath_ptr = tmppath;
260 SMB_ASSERT(dest_len == sizeof(pstring));
264 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
266 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
269 if (SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
274 pstrcpy(dest, tmppath);
279 if (lp_posix_pathnames()) {
280 *err = check_path_syntax_posix(dest, tmppath);
282 *err = check_path_syntax(dest, tmppath);
288 /****************************************************************************
289 Reply to a special message.
290 ****************************************************************************/
292 int reply_special(char *inbuf,char *outbuf)
295 int msg_type = CVAL(inbuf,0);
296 int msg_flags = CVAL(inbuf,1);
300 static BOOL already_got_session = False;
304 memset(outbuf,'\0',smb_size);
306 smb_setlen(outbuf,0);
309 case 0x81: /* session request */
311 if (already_got_session) {
312 exit_server_cleanly("multiple session request not permitted");
315 SCVAL(outbuf,0,0x82);
317 if (name_len(inbuf+4) > 50 ||
318 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
319 DEBUG(0,("Invalid name length in session request\n"));
322 name_extract(inbuf,4,name1);
323 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
324 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
327 set_local_machine_name(name1, True);
328 set_remote_machine_name(name2, True);
330 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
331 get_local_machine_name(), get_remote_machine_name(),
334 if (name_type == 'R') {
335 /* We are being asked for a pathworks session ---
337 SCVAL(outbuf, 0,0x83);
341 /* only add the client's machine name to the list
342 of possibly valid usernames if we are operating
343 in share mode security */
344 if (lp_security() == SEC_SHARE) {
345 add_session_user(get_remote_machine_name());
348 reload_services(True);
351 already_got_session = True;
354 case 0x89: /* session keepalive request
355 (some old clients produce this?) */
356 SCVAL(outbuf,0,SMBkeepalive);
360 case 0x82: /* positive session response */
361 case 0x83: /* negative session response */
362 case 0x84: /* retarget session response */
363 DEBUG(0,("Unexpected session response\n"));
366 case SMBkeepalive: /* session keepalive */
371 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
372 msg_type, msg_flags));
377 /****************************************************************************
379 conn POINTER CAN BE NULL HERE !
380 ****************************************************************************/
382 int reply_tcon(connection_struct *conn,
383 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
390 uint16 vuid = SVAL(inbuf,smb_uid);
394 DATA_BLOB password_blob;
396 START_PROFILE(SMBtcon);
398 *service_buf = *password = *dev = 0;
400 p = smb_buf(inbuf)+1;
401 p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1;
402 pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1;
404 p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1;
406 p = strrchr_m(service_buf,'\\');
410 service = service_buf;
413 password_blob = data_blob(password, pwlen+1);
415 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
417 data_blob_clear_free(&password_blob);
420 END_PROFILE(SMBtcon);
421 return ERROR_NT(nt_status);
424 outsize = set_message(outbuf,2,0,True);
425 SSVAL(outbuf,smb_vwv0,max_recv);
426 SSVAL(outbuf,smb_vwv1,conn->cnum);
427 SSVAL(outbuf,smb_tid,conn->cnum);
429 DEBUG(3,("tcon service=%s cnum=%d\n",
430 service, conn->cnum));
432 END_PROFILE(SMBtcon);
436 /****************************************************************************
437 Reply to a tcon and X.
438 conn POINTER CAN BE NULL HERE !
439 ****************************************************************************/
441 int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
446 /* what the cleint thinks the device is */
447 fstring client_devicetype;
448 /* what the server tells the client the share represents */
449 const char *server_devicetype;
451 uint16 vuid = SVAL(inbuf,smb_uid);
452 int passlen = SVAL(inbuf,smb_vwv3);
456 START_PROFILE(SMBtconX);
458 *service = *client_devicetype = 0;
460 /* we might have to close an old one */
461 if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) {
462 close_cnum(conn,vuid);
465 if (passlen > MAX_PASS_LEN) {
466 return ERROR_DOS(ERRDOS,ERRbuftoosmall);
469 if (global_encrypted_passwords_negotiated) {
470 password = data_blob(smb_buf(inbuf),passlen);
472 password = data_blob(smb_buf(inbuf),passlen+1);
473 /* Ensure correct termination */
474 password.data[passlen]=0;
477 p = smb_buf(inbuf) + passlen;
478 p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE);
481 * the service name can be either: \\server\share
482 * or share directly like on the DELL PowerVault 705
485 q = strchr_m(path+2,'\\');
487 END_PROFILE(SMBtconX);
488 return(ERROR_DOS(ERRDOS,ERRnosuchshare));
490 fstrcpy(service,q+1);
493 fstrcpy(service,path);
495 p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII);
497 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
499 conn = make_connection(service,password,client_devicetype,vuid,&nt_status);
501 data_blob_clear_free(&password);
504 END_PROFILE(SMBtconX);
505 return ERROR_NT(nt_status);
509 server_devicetype = "IPC";
510 else if ( IS_PRINT(conn) )
511 server_devicetype = "LPT1:";
513 server_devicetype = "A:";
515 if (Protocol < PROTOCOL_NT1) {
516 set_message(outbuf,2,0,True);
518 p += srvstr_push(outbuf, p, server_devicetype, -1,
519 STR_TERMINATE|STR_ASCII);
520 set_message_end(outbuf,p);
522 /* NT sets the fstype of IPC$ to the null string */
523 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
525 set_message(outbuf,3,0,True);
528 p += srvstr_push(outbuf, p, server_devicetype, -1,
529 STR_TERMINATE|STR_ASCII);
530 p += srvstr_push(outbuf, p, fstype, -1,
533 set_message_end(outbuf,p);
535 /* what does setting this bit do? It is set by NT4 and
536 may affect the ability to autorun mounted cdroms */
537 SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
538 (lp_csc_policy(SNUM(conn)) << 2));
540 init_dfsroot(conn, inbuf, outbuf);
544 DEBUG(3,("tconX service=%s \n",
547 /* set the incoming and outgoing tid to the just created one */
548 SSVAL(inbuf,smb_tid,conn->cnum);
549 SSVAL(outbuf,smb_tid,conn->cnum);
551 END_PROFILE(SMBtconX);
552 return chain_reply(inbuf,outbuf,length,bufsize);
555 /****************************************************************************
556 Reply to an unknown type.
557 ****************************************************************************/
559 int reply_unknown(char *inbuf,char *outbuf)
562 type = CVAL(inbuf,smb_com);
564 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
565 smb_fn_name(type), type, type));
567 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
570 /****************************************************************************
572 conn POINTER CAN BE NULL HERE !
573 ****************************************************************************/
575 int reply_ioctl(connection_struct *conn,
576 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
578 uint16 device = SVAL(inbuf,smb_vwv1);
579 uint16 function = SVAL(inbuf,smb_vwv2);
580 uint32 ioctl_code = (device << 16) + function;
581 int replysize, outsize;
583 START_PROFILE(SMBioctl);
585 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
587 switch (ioctl_code) {
588 case IOCTL_QUERY_JOB_INFO:
592 END_PROFILE(SMBioctl);
593 return(ERROR_DOS(ERRSRV,ERRnosupport));
596 outsize = set_message(outbuf,8,replysize+1,True);
597 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
598 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
599 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
600 p = smb_buf(outbuf) + 1; /* Allow for alignment */
602 switch (ioctl_code) {
603 case IOCTL_QUERY_JOB_INFO:
605 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
607 END_PROFILE(SMBioctl);
608 return(UNIXERROR(ERRDOS,ERRbadfid));
610 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
611 srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII);
613 srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII);
619 END_PROFILE(SMBioctl);
623 /****************************************************************************
624 Strange checkpath NTSTATUS mapping.
625 ****************************************************************************/
627 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
629 /* Strange DOS error code semantics only for checkpath... */
630 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
631 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
632 /* We need to map to ERRbadpath */
633 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
639 /****************************************************************************
640 Reply to a checkpath.
641 ****************************************************************************/
643 int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
647 SMB_STRUCT_STAT sbuf;
650 START_PROFILE(SMBcheckpath);
652 srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status);
653 if (!NT_STATUS_IS_OK(status)) {
654 END_PROFILE(SMBcheckpath);
655 status = map_checkpath_error(inbuf, status);
656 return ERROR_NT(status);
659 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name);
660 if (!NT_STATUS_IS_OK(status)) {
661 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
662 END_PROFILE(SMBcheckpath);
663 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
668 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0)));
670 status = unix_convert(conn, name, False, NULL, &sbuf);
671 if (!NT_STATUS_IS_OK(status)) {
675 status = check_name(conn, name);
676 if (!NT_STATUS_IS_OK(status)) {
677 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
681 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
682 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
683 status = map_nt_error_from_unix(errno);
687 if (!S_ISDIR(sbuf.st_mode)) {
688 END_PROFILE(SMBcheckpath);
689 return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath);
692 outsize = set_message(outbuf,0,0,False);
694 END_PROFILE(SMBcheckpath);
699 END_PROFILE(SMBcheckpath);
701 /* We special case this - as when a Windows machine
702 is parsing a path is steps through the components
703 one at a time - if a component fails it expects
704 ERRbadpath, not ERRbadfile.
706 status = map_checkpath_error(inbuf, status);
707 if(NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
709 * Windows returns different error codes if
710 * the parent directory is valid but not the
711 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
712 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
713 * if the path is invalid.
715 return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath);
718 return ERROR_NT(status);
721 /****************************************************************************
723 ****************************************************************************/
725 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
729 SMB_STRUCT_STAT sbuf;
736 START_PROFILE(SMBgetatr);
738 p = smb_buf(inbuf) + 1;
739 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
740 if (!NT_STATUS_IS_OK(status)) {
741 END_PROFILE(SMBgetatr);
742 return ERROR_NT(status);
745 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
746 if (!NT_STATUS_IS_OK(status)) {
747 END_PROFILE(SMBgetatr);
748 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
749 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
751 return ERROR_NT(status);
754 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
755 under WfWg - weird! */
756 if (*fname == '\0') {
757 mode = aHIDDEN | aDIR;
758 if (!CAN_WRITE(conn)) {
764 status = unix_convert(conn, fname, False, NULL,&sbuf);
765 if (!NT_STATUS_IS_OK(status)) {
766 END_PROFILE(SMBgetatr);
767 return ERROR_NT(status);
769 status = check_name(conn, fname);
770 if (!NT_STATUS_IS_OK(status)) {
771 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
772 END_PROFILE(SMBgetatr);
773 return ERROR_NT(status);
775 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
776 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
777 return UNIXERROR(ERRDOS,ERRbadfile);
780 mode = dos_mode(conn,fname,&sbuf);
782 mtime = sbuf.st_mtime;
788 outsize = set_message(outbuf,10,0,True);
790 SSVAL(outbuf,smb_vwv0,mode);
791 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
792 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
794 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
796 SIVAL(outbuf,smb_vwv3,(uint32)size);
798 if (Protocol >= PROTOCOL_NT1) {
799 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
802 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
804 END_PROFILE(SMBgetatr);
808 /****************************************************************************
810 ****************************************************************************/
812 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
818 SMB_STRUCT_STAT sbuf;
822 START_PROFILE(SMBsetatr);
824 p = smb_buf(inbuf) + 1;
825 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
826 if (!NT_STATUS_IS_OK(status)) {
827 END_PROFILE(SMBsetatr);
828 return ERROR_NT(status);
831 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
832 if (!NT_STATUS_IS_OK(status)) {
833 END_PROFILE(SMBsetatr);
834 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
835 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
837 return ERROR_NT(status);
840 status = unix_convert(conn, fname, False, NULL, &sbuf);
841 if (!NT_STATUS_IS_OK(status)) {
842 END_PROFILE(SMBsetatr);
843 return ERROR_NT(status);
846 status = check_name(conn, fname);
847 if (!NT_STATUS_IS_OK(status)) {
848 END_PROFILE(SMBsetatr);
849 return ERROR_NT(status);
852 if (fname[0] == '.' && fname[1] == '\0') {
854 * Not sure here is the right place to catch this
855 * condition. Might be moved to somewhere else later -- vl
857 END_PROFILE(SMBsetatr);
858 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
861 mode = SVAL(inbuf,smb_vwv0);
862 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
864 if (mode != FILE_ATTRIBUTE_NORMAL) {
865 if (VALID_STAT_OF_DIR(sbuf))
870 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
871 END_PROFILE(SMBsetatr);
872 return UNIXERROR(ERRDOS, ERRnoaccess);
876 if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) {
877 END_PROFILE(SMBsetatr);
878 return UNIXERROR(ERRDOS, ERRnoaccess);
881 outsize = set_message(outbuf,0,0,False);
883 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
885 END_PROFILE(SMBsetatr);
889 /****************************************************************************
891 ****************************************************************************/
893 int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
896 SMB_BIG_UINT dfree,dsize,bsize;
897 START_PROFILE(SMBdskattr);
899 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
900 END_PROFILE(SMBdskattr);
901 return(UNIXERROR(ERRHRD,ERRgeneral));
904 outsize = set_message(outbuf,5,0,True);
906 if (Protocol <= PROTOCOL_LANMAN2) {
907 double total_space, free_space;
908 /* we need to scale this to a number that DOS6 can handle. We
909 use floating point so we can handle large drives on systems
910 that don't have 64 bit integers
912 we end up displaying a maximum of 2G to DOS systems
914 total_space = dsize * (double)bsize;
915 free_space = dfree * (double)bsize;
917 dsize = (total_space+63*512) / (64*512);
918 dfree = (free_space+63*512) / (64*512);
920 if (dsize > 0xFFFF) dsize = 0xFFFF;
921 if (dfree > 0xFFFF) dfree = 0xFFFF;
923 SSVAL(outbuf,smb_vwv0,dsize);
924 SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
925 SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */
926 SSVAL(outbuf,smb_vwv3,dfree);
928 SSVAL(outbuf,smb_vwv0,dsize);
929 SSVAL(outbuf,smb_vwv1,bsize/512);
930 SSVAL(outbuf,smb_vwv2,512);
931 SSVAL(outbuf,smb_vwv3,dfree);
934 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
936 END_PROFILE(SMBdskattr);
940 /****************************************************************************
942 Can be called from SMBsearch, SMBffirst or SMBfunique.
943 ****************************************************************************/
945 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
955 unsigned int numentries = 0;
956 unsigned int maxentries = 0;
957 BOOL finished = False;
963 BOOL check_descend = False;
964 BOOL expect_close = False;
966 BOOL mask_contains_wcard = False;
967 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
969 START_PROFILE(SMBsearch);
971 if (lp_posix_pathnames()) {
972 END_PROFILE(SMBsearch);
973 return reply_unknown(inbuf, outbuf);
976 *mask = *directory = *fname = 0;
978 /* If we were called as SMBffirst then we must expect close. */
979 if(CVAL(inbuf,smb_com) == SMBffirst) {
983 outsize = set_message(outbuf,1,3,True);
984 maxentries = SVAL(inbuf,smb_vwv0);
985 dirtype = SVAL(inbuf,smb_vwv1);
986 p = smb_buf(inbuf) + 1;
987 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard);
988 if (!NT_STATUS_IS_OK(nt_status)) {
989 END_PROFILE(SMBsearch);
990 return ERROR_NT(nt_status);
993 nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard);
994 if (!NT_STATUS_IS_OK(nt_status)) {
995 END_PROFILE(SMBsearch);
996 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
997 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
999 return ERROR_NT(nt_status);
1003 status_len = SVAL(p, 0);
1006 /* dirtype &= ~aDIR; */
1008 if (status_len == 0) {
1009 SMB_STRUCT_STAT sbuf;
1011 pstrcpy(directory,path);
1012 nt_status = unix_convert(conn, directory, True, NULL, &sbuf);
1013 if (!NT_STATUS_IS_OK(nt_status)) {
1014 END_PROFILE(SMBsearch);
1015 return ERROR_NT(nt_status);
1018 nt_status = check_name(conn, directory);
1019 if (!NT_STATUS_IS_OK(nt_status)) {
1020 END_PROFILE(SMBsearch);
1021 return ERROR_NT(nt_status);
1024 p = strrchr_m(directory,'/');
1026 pstrcpy(mask,directory);
1027 pstrcpy(directory,".");
1033 if (*directory == '\0') {
1034 pstrcpy(directory,".");
1036 memset((char *)status,'\0',21);
1037 SCVAL(status,0,(dirtype & 0x1F));
1041 memcpy(status,p,21);
1042 status_dirtype = CVAL(status,0) & 0x1F;
1043 if (status_dirtype != (dirtype & 0x1F)) {
1044 dirtype = status_dirtype;
1047 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1048 if (!conn->dirptr) {
1051 string_set(&conn->dirpath,dptr_path(dptr_num));
1052 pstrcpy(mask, dptr_wcard(dptr_num));
1054 * For a 'continue' search we have no string. So
1055 * check from the initial saved string.
1057 mask_contains_wcard = ms_has_wild(mask);
1060 p = smb_buf(outbuf) + 3;
1062 if (status_len == 0) {
1063 nt_status = dptr_create(conn,
1067 SVAL(inbuf,smb_pid),
1069 mask_contains_wcard,
1072 if (!NT_STATUS_IS_OK(nt_status)) {
1073 return ERROR_NT(nt_status);
1075 dptr_num = dptr_dnum(conn->dirptr);
1077 dirtype = dptr_attr(dptr_num);
1080 DEBUG(4,("dptr_num is %d\n",dptr_num));
1082 if ((dirtype&0x1F) == aVOLID) {
1083 memcpy(p,status,21);
1084 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1085 0,aVOLID,0,!allow_long_path_components);
1086 dptr_fill(p+12,dptr_num);
1087 if (dptr_zero(p+12) && (status_len==0)) {
1092 p += DIR_STRUCT_SIZE;
1095 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1097 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1098 conn->dirpath,lp_dontdescend(SNUM(conn))));
1099 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1100 check_descend = True;
1103 for (i=numentries;(i<maxentries) && !finished;i++) {
1104 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1106 memcpy(p,status,21);
1107 make_dir_struct(p,mask,fname,size, mode,date,
1108 !allow_long_path_components);
1109 if (!dptr_fill(p+12,dptr_num)) {
1113 p += DIR_STRUCT_SIZE;
1120 /* If we were called as SMBffirst with smb_search_id == NULL
1121 and no entries were found then return error and close dirptr
1124 if (numentries == 0) {
1125 dptr_close(&dptr_num);
1126 } else if(expect_close && status_len == 0) {
1127 /* Close the dptr - we know it's gone */
1128 dptr_close(&dptr_num);
1131 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1132 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1133 dptr_close(&dptr_num);
1136 if ((numentries == 0) && !mask_contains_wcard) {
1137 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1140 SSVAL(outbuf,smb_vwv0,numentries);
1141 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1142 SCVAL(smb_buf(outbuf),0,5);
1143 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1145 /* The replies here are never long name. */
1146 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1147 if (!allow_long_path_components) {
1148 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1151 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1152 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1154 outsize += DIR_STRUCT_SIZE*numentries;
1155 smb_setlen(outbuf,outsize - 4);
1157 if ((! *directory) && dptr_path(dptr_num))
1158 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1160 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1161 smb_fn_name(CVAL(inbuf,smb_com)),
1162 mask, directory, dirtype, numentries, maxentries ) );
1164 END_PROFILE(SMBsearch);
1168 /****************************************************************************
1169 Reply to a fclose (stop directory search).
1170 ****************************************************************************/
1172 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1181 BOOL path_contains_wcard = False;
1183 START_PROFILE(SMBfclose);
1185 if (lp_posix_pathnames()) {
1186 END_PROFILE(SMBfclose);
1187 return reply_unknown(inbuf, outbuf);
1190 outsize = set_message(outbuf,1,0,True);
1191 p = smb_buf(inbuf) + 1;
1192 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard);
1193 if (!NT_STATUS_IS_OK(err)) {
1194 END_PROFILE(SMBfclose);
1195 return ERROR_NT(err);
1198 status_len = SVAL(p,0);
1201 if (status_len == 0) {
1202 END_PROFILE(SMBfclose);
1203 return ERROR_DOS(ERRSRV,ERRsrverror);
1206 memcpy(status,p,21);
1208 if(dptr_fetch(status+12,&dptr_num)) {
1209 /* Close the dptr - we know it's gone */
1210 dptr_close(&dptr_num);
1213 SSVAL(outbuf,smb_vwv0,0);
1215 DEBUG(3,("search close\n"));
1217 END_PROFILE(SMBfclose);
1221 /****************************************************************************
1223 ****************************************************************************/
1225 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1233 SMB_STRUCT_STAT sbuf;
1235 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1237 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1240 uint32 create_disposition;
1241 uint32 create_options = 0;
1243 START_PROFILE(SMBopen);
1245 deny_mode = SVAL(inbuf,smb_vwv0);
1247 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1248 if (!NT_STATUS_IS_OK(status)) {
1249 END_PROFILE(SMBopen);
1250 return ERROR_NT(status);
1253 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1254 if (!NT_STATUS_IS_OK(status)) {
1255 END_PROFILE(SMBopen);
1256 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1257 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1259 return ERROR_NT(status);
1262 status = unix_convert(conn, fname, False, NULL, &sbuf);
1263 if (!NT_STATUS_IS_OK(status)) {
1264 END_PROFILE(SMBopen);
1265 return ERROR_NT(status);
1268 status = check_name(conn, fname);
1269 if (!NT_STATUS_IS_OK(status)) {
1270 END_PROFILE(SMBopen);
1271 return ERROR_NT(status);
1274 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1275 &access_mask, &share_mode, &create_disposition, &create_options)) {
1276 END_PROFILE(SMBopen);
1277 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1280 status = open_file_ntcreate(conn,fname,&sbuf,
1289 if (!NT_STATUS_IS_OK(status)) {
1290 END_PROFILE(SMBopen);
1291 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1292 /* We have re-scheduled this call. */
1295 return ERROR_NT(status);
1298 size = sbuf.st_size;
1299 fattr = dos_mode(conn,fname,&sbuf);
1300 mtime = sbuf.st_mtime;
1303 DEBUG(3,("attempt to open a directory %s\n",fname));
1304 close_file(fsp,ERROR_CLOSE);
1305 END_PROFILE(SMBopen);
1306 return ERROR_DOS(ERRDOS,ERRnoaccess);
1309 outsize = set_message(outbuf,7,0,True);
1310 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1311 SSVAL(outbuf,smb_vwv1,fattr);
1312 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1313 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1315 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1317 SIVAL(outbuf,smb_vwv4,(uint32)size);
1318 SSVAL(outbuf,smb_vwv6,deny_mode);
1320 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1321 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1324 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1325 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1327 END_PROFILE(SMBopen);
1331 /****************************************************************************
1332 Reply to an open and X.
1333 ****************************************************************************/
1335 int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1338 uint16 open_flags = SVAL(inbuf,smb_vwv2);
1339 int deny_mode = SVAL(inbuf,smb_vwv3);
1340 uint32 smb_attr = SVAL(inbuf,smb_vwv5);
1341 /* Breakout the oplock request bits so we can set the
1342 reply bits separately. */
1343 int ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf);
1344 int core_oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1345 int oplock_request = ex_oplock_request | core_oplock_request;
1347 int smb_sattr = SVAL(inbuf,smb_vwv4);
1348 uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
1350 int smb_ofun = SVAL(inbuf,smb_vwv8);
1353 SMB_STRUCT_STAT sbuf;
1357 SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9);
1358 ssize_t retval = -1;
1361 uint32 create_disposition;
1362 uint32 create_options = 0;
1364 START_PROFILE(SMBopenX);
1366 /* If it's an IPC, pass off the pipe handler. */
1368 if (lp_nt_pipe_support()) {
1369 END_PROFILE(SMBopenX);
1370 return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize);
1372 END_PROFILE(SMBopenX);
1373 return ERROR_DOS(ERRSRV,ERRaccess);
1377 /* XXXX we need to handle passed times, sattr and flags */
1378 srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
1379 if (!NT_STATUS_IS_OK(status)) {
1380 END_PROFILE(SMBopenX);
1381 return ERROR_NT(status);
1384 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1385 if (!NT_STATUS_IS_OK(status)) {
1386 END_PROFILE(SMBopenX);
1387 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1388 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1390 return ERROR_NT(status);
1393 status = unix_convert(conn, fname, False, NULL, &sbuf);
1394 if (!NT_STATUS_IS_OK(status)) {
1395 END_PROFILE(SMBopenX);
1396 return ERROR_NT(status);
1399 status = check_name(conn, fname);
1400 if (!NT_STATUS_IS_OK(status)) {
1401 END_PROFILE(SMBopenX);
1402 return ERROR_NT(status);
1405 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1408 &create_disposition,
1410 END_PROFILE(SMBopenX);
1411 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1414 status = open_file_ntcreate(conn,fname,&sbuf,
1423 if (!NT_STATUS_IS_OK(status)) {
1424 END_PROFILE(SMBopenX);
1425 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1426 /* We have re-scheduled this call. */
1429 return ERROR_NT(status);
1432 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1433 if the file is truncated or created. */
1434 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1435 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1436 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1437 close_file(fsp,ERROR_CLOSE);
1438 END_PROFILE(SMBopenX);
1439 return ERROR_NT(NT_STATUS_DISK_FULL);
1441 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1443 close_file(fsp,ERROR_CLOSE);
1444 END_PROFILE(SMBopenX);
1445 return ERROR_NT(NT_STATUS_DISK_FULL);
1447 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1450 fattr = dos_mode(conn,fname,&sbuf);
1451 mtime = sbuf.st_mtime;
1453 close_file(fsp,ERROR_CLOSE);
1454 END_PROFILE(SMBopenX);
1455 return ERROR_DOS(ERRDOS,ERRnoaccess);
1458 /* If the caller set the extended oplock request bit
1459 and we granted one (by whatever means) - set the
1460 correct bit for extended oplock reply.
1463 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1464 smb_action |= EXTENDED_OPLOCK_GRANTED;
1467 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1468 smb_action |= EXTENDED_OPLOCK_GRANTED;
1471 /* If the caller set the core oplock request bit
1472 and we granted one (by whatever means) - set the
1473 correct bit for core oplock reply.
1476 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1477 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1480 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1481 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1484 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1485 set_message(outbuf,19,0,True);
1487 set_message(outbuf,15,0,True);
1489 SSVAL(outbuf,smb_vwv2,fsp->fnum);
1490 SSVAL(outbuf,smb_vwv3,fattr);
1491 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1492 srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1);
1494 srv_put_dos_date3(outbuf,smb_vwv4,mtime);
1496 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
1497 SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1498 SSVAL(outbuf,smb_vwv11,smb_action);
1500 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1501 SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1504 END_PROFILE(SMBopenX);
1505 return chain_reply(inbuf,outbuf,length,bufsize);
1508 /****************************************************************************
1509 Reply to a SMBulogoffX.
1510 conn POINTER CAN BE NULL HERE !
1511 ****************************************************************************/
1513 int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1515 uint16 vuid = SVAL(inbuf,smb_uid);
1516 user_struct *vuser = get_valid_user_struct(vuid);
1517 START_PROFILE(SMBulogoffX);
1520 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid));
1522 /* in user level security we are supposed to close any files
1523 open by this user */
1524 if ((vuser != 0) && (lp_security() != SEC_SHARE))
1525 file_close_user(vuid);
1527 invalidate_vuid(vuid);
1529 set_message(outbuf,2,0,True);
1531 DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) );
1533 END_PROFILE(SMBulogoffX);
1534 return chain_reply(inbuf,outbuf,length,bufsize);
1537 /****************************************************************************
1538 Reply to a mknew or a create.
1539 ****************************************************************************/
1541 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1546 uint32 fattr = SVAL(inbuf,smb_vwv0);
1547 struct timespec ts[2];
1549 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1550 SMB_STRUCT_STAT sbuf;
1552 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1553 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1554 uint32 create_disposition;
1555 uint32 create_options = 0;
1557 START_PROFILE(SMBcreate);
1559 com = SVAL(inbuf,smb_com);
1561 ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(inbuf + smb_vwv1)); /* mtime. */
1563 srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status);
1564 if (!NT_STATUS_IS_OK(status)) {
1565 END_PROFILE(SMBcreate);
1566 return ERROR_NT(status);
1569 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1570 if (!NT_STATUS_IS_OK(status)) {
1571 END_PROFILE(SMBcreate);
1572 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1573 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1575 return ERROR_NT(status);
1578 status = unix_convert(conn, fname, False, NULL, &sbuf);
1579 if (!NT_STATUS_IS_OK(status)) {
1580 END_PROFILE(SMBcreate);
1581 return ERROR_NT(status);
1584 status = check_name(conn, fname);
1585 if (!NT_STATUS_IS_OK(status)) {
1586 END_PROFILE(SMBcreate);
1587 return ERROR_NT(status);
1590 if (fattr & aVOLID) {
1591 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1594 if(com == SMBmknew) {
1595 /* We should fail if file exists. */
1596 create_disposition = FILE_CREATE;
1598 /* Create if file doesn't exist, truncate if it does. */
1599 create_disposition = FILE_OVERWRITE_IF;
1602 /* Open file using ntcreate. */
1603 status = open_file_ntcreate(conn,fname,&sbuf,
1612 if (!NT_STATUS_IS_OK(status)) {
1613 END_PROFILE(SMBcreate);
1614 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1615 /* We have re-scheduled this call. */
1618 return ERROR_NT(status);
1621 ts[0] = get_atimespec(&sbuf); /* atime. */
1622 file_ntimes(conn, fname, ts);
1624 outsize = set_message(outbuf,1,0,True);
1625 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1627 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1628 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1631 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1632 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1635 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1636 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1638 END_PROFILE(SMBcreate);
1642 /****************************************************************************
1643 Reply to a create temporary file.
1644 ****************************************************************************/
1646 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1650 uint32 fattr = SVAL(inbuf,smb_vwv0);
1652 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1654 SMB_STRUCT_STAT sbuf;
1657 unsigned int namelen;
1659 START_PROFILE(SMBctemp);
1661 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1662 if (!NT_STATUS_IS_OK(status)) {
1663 END_PROFILE(SMBctemp);
1664 return ERROR_NT(status);
1667 pstrcat(fname,"/TMXXXXXX");
1669 pstrcat(fname,"TMXXXXXX");
1672 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1673 if (!NT_STATUS_IS_OK(status)) {
1674 END_PROFILE(SMBctemp);
1675 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1676 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1678 return ERROR_NT(status);
1681 status = unix_convert(conn, fname, False, NULL, &sbuf);
1682 if (!NT_STATUS_IS_OK(status)) {
1683 END_PROFILE(SMBctemp);
1684 return ERROR_NT(status);
1687 status = check_name(conn, fname);
1688 if (!NT_STATUS_IS_OK(status)) {
1689 END_PROFILE(SMBctemp);
1690 return ERROR_NT(status);
1693 tmpfd = smb_mkstemp(fname);
1695 END_PROFILE(SMBctemp);
1696 return(UNIXERROR(ERRDOS,ERRnoaccess));
1699 SMB_VFS_STAT(conn,fname,&sbuf);
1701 /* We should fail if file does not exist. */
1702 status = open_file_ntcreate(conn,fname,&sbuf,
1703 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1704 FILE_SHARE_READ|FILE_SHARE_WRITE,
1711 /* close fd from smb_mkstemp() */
1714 if (!NT_STATUS_IS_OK(status)) {
1715 END_PROFILE(SMBctemp);
1716 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1717 /* We have re-scheduled this call. */
1720 return ERROR_NT(status);
1723 outsize = set_message(outbuf,1,0,True);
1724 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1726 /* the returned filename is relative to the directory */
1727 s = strrchr_m(fname, '/');
1734 p = smb_buf(outbuf);
1736 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1737 thing in the byte section. JRA */
1738 SSVALS(p, 0, -1); /* what is this? not in spec */
1740 namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE);
1742 outsize = set_message_end(outbuf, p);
1744 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1745 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1748 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1749 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1752 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1753 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1754 (unsigned int)sbuf.st_mode ) );
1756 END_PROFILE(SMBctemp);
1760 /*******************************************************************
1761 Check if a user is allowed to rename a file.
1762 ********************************************************************/
1764 static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst)
1770 if (!CAN_WRITE(conn)) {
1771 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1774 fmode = dos_mode(conn,fname,pst);
1775 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1776 return NT_STATUS_NO_SUCH_FILE;
1779 if (S_ISDIR(pst->st_mode)) {
1780 return NT_STATUS_OK;
1783 status = open_file_ntcreate(conn, fname, pst,
1785 FILE_SHARE_READ|FILE_SHARE_WRITE,
1788 FILE_ATTRIBUTE_NORMAL,
1792 if (!NT_STATUS_IS_OK(status)) {
1795 close_file(fsp,NORMAL_CLOSE);
1796 return NT_STATUS_OK;
1799 /*******************************************************************
1800 Check if a user is allowed to delete a file.
1801 ********************************************************************/
1803 static NTSTATUS can_delete(connection_struct *conn, char *fname,
1804 uint32 dirtype, BOOL can_defer)
1806 SMB_STRUCT_STAT sbuf;
1809 uint32 dirtype_orig = dirtype;
1812 DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype ));
1814 if (!CAN_WRITE(conn)) {
1815 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1818 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
1819 return map_nt_error_from_unix(errno);
1822 fattr = dos_mode(conn,fname,&sbuf);
1824 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
1825 dirtype = aDIR|aARCH|aRONLY;
1828 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
1830 return NT_STATUS_NO_SUCH_FILE;
1833 if (!dir_check_ftype(conn, fattr, dirtype)) {
1835 return NT_STATUS_FILE_IS_A_DIRECTORY;
1837 return NT_STATUS_NO_SUCH_FILE;
1840 if (dirtype_orig & 0x8000) {
1841 /* These will never be set for POSIX. */
1842 return NT_STATUS_NO_SUCH_FILE;
1846 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
1847 return NT_STATUS_FILE_IS_A_DIRECTORY;
1850 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
1851 return NT_STATUS_NO_SUCH_FILE;
1854 if (dirtype & 0xFF00) {
1855 /* These will never be set for POSIX. */
1856 return NT_STATUS_NO_SUCH_FILE;
1861 return NT_STATUS_NO_SUCH_FILE;
1864 /* Can't delete a directory. */
1866 return NT_STATUS_FILE_IS_A_DIRECTORY;
1871 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
1872 return NT_STATUS_OBJECT_NAME_INVALID;
1873 #endif /* JRATEST */
1875 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
1877 On a Windows share, a file with read-only dosmode can be opened with
1878 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
1879 fails with NT_STATUS_CANNOT_DELETE error.
1881 This semantic causes a problem that a user can not
1882 rename a file with read-only dosmode on a Samba share
1883 from a Windows command prompt (i.e. cmd.exe, but can rename
1884 from Windows Explorer).
1887 if (!lp_delete_readonly(SNUM(conn))) {
1888 if (fattr & aRONLY) {
1889 return NT_STATUS_CANNOT_DELETE;
1893 /* On open checks the open itself will check the share mode, so
1894 don't do it here as we'll get it wrong. */
1896 status = open_file_ntcreate(conn, fname, &sbuf,
1901 FILE_ATTRIBUTE_NORMAL,
1902 can_defer ? 0 : INTERNAL_OPEN_ONLY,
1905 if (NT_STATUS_IS_OK(status)) {
1906 close_file(fsp,NORMAL_CLOSE);
1911 /****************************************************************************
1912 The guts of the unlink command, split out so it may be called by the NT SMB
1914 ****************************************************************************/
1916 NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype,
1917 char *name, BOOL has_wild, BOOL can_defer)
1923 NTSTATUS status = NT_STATUS_OK;
1924 SMB_STRUCT_STAT sbuf;
1926 *directory = *mask = 0;
1928 status = unix_convert(conn, name, has_wild, NULL, &sbuf);
1929 if (!NT_STATUS_IS_OK(status)) {
1933 p = strrchr_m(name,'/');
1935 pstrcpy(directory,".");
1939 pstrcpy(directory,name);
1944 * We should only check the mangled cache
1945 * here if unix_convert failed. This means
1946 * that the path in 'mask' doesn't exist
1947 * on the file system and so we need to look
1948 * for a possible mangle. This patch from
1949 * Tine Smukavec <valentin.smukavec@hermes.si>.
1952 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params))
1953 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
1956 pstrcat(directory,"/");
1957 pstrcat(directory,mask);
1959 dirtype = FILE_ATTRIBUTE_NORMAL;
1962 status = check_name(conn, directory);
1963 if (!NT_STATUS_IS_OK(status)) {
1967 status = can_delete(conn,directory,dirtype,can_defer);
1968 if (!NT_STATUS_IS_OK(status)) {
1972 if (SMB_VFS_UNLINK(conn,directory) == 0) {
1974 notify_fname(conn, NOTIFY_ACTION_REMOVED,
1975 FILE_NOTIFY_CHANGE_FILE_NAME,
1979 struct smb_Dir *dir_hnd = NULL;
1983 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
1984 return NT_STATUS_OBJECT_NAME_INVALID;
1987 if (strequal(mask,"????????.???")) {
1991 status = check_name(conn, directory);
1992 if (!NT_STATUS_IS_OK(status)) {
1996 dir_hnd = OpenDir(conn, directory, mask, dirtype);
1997 if (dir_hnd == NULL) {
1998 return map_nt_error_from_unix(errno);
2001 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2002 the pattern matches against the long name, otherwise the short name
2003 We don't implement this yet XXXX
2006 status = NT_STATUS_NO_SUCH_FILE;
2008 while ((dname = ReadDirName(dir_hnd, &offset))) {
2011 pstrcpy(fname,dname);
2013 if (!is_visible_file(conn, directory, dname, &st, True)) {
2017 /* Quick check for "." and ".." */
2018 if (fname[0] == '.') {
2019 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2024 if(!mask_match(fname, mask, conn->case_sensitive)) {
2028 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2030 status = check_name(conn, fname);
2031 if (!NT_STATUS_IS_OK(status)) {
2036 status = can_delete(conn, fname, dirtype, can_defer);
2037 if (!NT_STATUS_IS_OK(status)) {
2040 if (SMB_VFS_UNLINK(conn,fname) == 0) {
2042 DEBUG(3,("unlink_internals: succesful unlink "
2044 notify_fname(conn, NOTIFY_ACTION_REMOVED,
2045 FILE_NOTIFY_CHANGE_FILE_NAME,
2053 if (count == 0 && NT_STATUS_IS_OK(status)) {
2054 status = map_nt_error_from_unix(errno);
2060 /****************************************************************************
2062 ****************************************************************************/
2064 int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
2071 BOOL path_contains_wcard = False;
2073 START_PROFILE(SMBunlink);
2075 dirtype = SVAL(inbuf,smb_vwv0);
2077 srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
2078 if (!NT_STATUS_IS_OK(status)) {
2079 END_PROFILE(SMBunlink);
2080 return ERROR_NT(status);
2083 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &path_contains_wcard);
2084 if (!NT_STATUS_IS_OK(status)) {
2085 END_PROFILE(SMBunlink);
2086 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2087 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
2089 return ERROR_NT(status);
2092 DEBUG(3,("reply_unlink : %s\n",name));
2094 status = unlink_internals(conn, dirtype, name, path_contains_wcard,
2096 if (!NT_STATUS_IS_OK(status)) {
2097 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
2098 /* We have re-scheduled this call. */
2101 return ERROR_NT(status);
2104 outsize = set_message(outbuf,0,0,False);
2106 END_PROFILE(SMBunlink);
2110 /****************************************************************************
2112 ****************************************************************************/
2114 static void fail_readraw(void)
2117 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2119 exit_server_cleanly(errstr);
2122 #if defined(WITH_SENDFILE)
2123 /****************************************************************************
2124 Fake (read/write) sendfile. Returns -1 on read or write fail.
2125 ****************************************************************************/
2127 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize)
2131 /* Paranioa check... */
2132 if (nread > bufsize) {
2137 ret = read_file(fsp,buf,startpos,nread);
2143 /* If we had a short read, fill with zeros. */
2145 memset(buf, '\0', nread - ret);
2148 if (write_data(smbd_server_fd(),buf,nread) != nread) {
2152 return (ssize_t)nread;
2156 /****************************************************************************
2157 Use sendfile in readbraw.
2158 ****************************************************************************/
2160 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2161 ssize_t mincount, char *outbuf, int out_buffsize)
2165 #if defined(WITH_SENDFILE)
2167 * We can only use sendfile on a non-chained packet
2168 * but we can use on a non-oplocked file. tridge proved this
2169 * on a train in Germany :-). JRA.
2170 * reply_readbraw has already checked the length.
2173 if ( (chain_size == 0) && (nread > 0) &&
2174 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2177 _smb_setlen(outbuf,nread);
2178 header.data = (uint8 *)outbuf;
2182 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2183 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2184 if (errno == ENOSYS) {
2185 goto normal_readbraw;
2189 * Special hack for broken Linux with no working sendfile. If we
2190 * return EINTR we sent the header but not the rest of the data.
2191 * Fake this up by doing read/write calls.
2193 if (errno == EINTR) {
2194 /* Ensure we don't do this again. */
2195 set_use_sendfile(SNUM(conn), False);
2196 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2198 if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) {
2199 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2200 fsp->fsp_name, strerror(errno) ));
2201 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2206 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2207 fsp->fsp_name, strerror(errno) ));
2208 exit_server_cleanly("send_file_readbraw sendfile failed");
2218 ret = read_file(fsp,outbuf+4,startpos,nread);
2219 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2228 _smb_setlen(outbuf,ret);
2229 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2233 /****************************************************************************
2234 Reply to a readbraw (core+ protocol).
2235 ****************************************************************************/
2237 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2239 ssize_t maxcount,mincount;
2242 char *header = outbuf;
2244 START_PROFILE(SMBreadbraw);
2246 if (srv_is_signing_active()) {
2247 exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2251 * Special check if an oplock break has been issued
2252 * and the readraw request croses on the wire, we must
2253 * return a zero length response here.
2256 fsp = file_fsp(inbuf,smb_vwv0);
2258 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2260 * fsp could be NULL here so use the value from the packet. JRA.
2262 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2263 _smb_setlen(header,0);
2264 if (write_data(smbd_server_fd(),header,4) != 4)
2266 END_PROFILE(SMBreadbraw);
2270 CHECK_FSP(fsp,conn);
2272 flush_write_cache(fsp, READRAW_FLUSH);
2274 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2275 if(CVAL(inbuf,smb_wct) == 10) {
2277 * This is a large offset (64 bit) read.
2279 #ifdef LARGE_SMB_OFF_T
2281 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2283 #else /* !LARGE_SMB_OFF_T */
2286 * Ensure we haven't been sent a >32 bit offset.
2289 if(IVAL(inbuf,smb_vwv8) != 0) {
2290 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2291 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2292 _smb_setlen(header,0);
2293 if (write_data(smbd_server_fd(),header,4) != 4)
2295 END_PROFILE(SMBreadbraw);
2299 #endif /* LARGE_SMB_OFF_T */
2302 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2303 _smb_setlen(header,0);
2304 if (write_data(smbd_server_fd(),header,4) != 4)
2306 END_PROFILE(SMBreadbraw);
2310 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2311 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2313 /* ensure we don't overrun the packet size */
2314 maxcount = MIN(65535,maxcount);
2316 if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2320 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2324 if (startpos >= size) {
2327 nread = MIN(maxcount,(size - startpos));
2331 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2332 if (nread < mincount)
2336 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2337 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2339 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2341 DEBUG(5,("readbraw finished\n"));
2342 END_PROFILE(SMBreadbraw);
2347 #define DBGC_CLASS DBGC_LOCKING
2349 /****************************************************************************
2350 Reply to a lockread (core+ protocol).
2351 ****************************************************************************/
2353 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2361 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2362 struct byte_range_lock *br_lck = NULL;
2363 START_PROFILE(SMBlockread);
2365 CHECK_FSP(fsp,conn);
2366 if (!CHECK_READ(fsp,inbuf)) {
2367 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2370 release_level_2_oplocks_on_change(fsp);
2372 numtoread = SVAL(inbuf,smb_vwv1);
2373 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2375 outsize = set_message(outbuf,5,3,True);
2376 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2377 data = smb_buf(outbuf) + 3;
2380 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2381 * protocol request that predates the read/write lock concept.
2382 * Thus instead of asking for a read lock here we need to ask
2383 * for a write lock. JRA.
2384 * Note that the requested lock size is unaffected by max_recv.
2387 br_lck = do_lock(fsp,
2388 (uint32)SVAL(inbuf,smb_pid),
2389 (SMB_BIG_UINT)numtoread,
2390 (SMB_BIG_UINT)startpos,
2393 False, /* Non-blocking lock. */
2395 TALLOC_FREE(br_lck);
2397 if (NT_STATUS_V(status)) {
2398 END_PROFILE(SMBlockread);
2399 return ERROR_NT(status);
2403 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2406 if (numtoread > max_recv) {
2407 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2408 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2409 (unsigned int)numtoread, (unsigned int)max_recv ));
2410 numtoread = MIN(numtoread,max_recv);
2412 nread = read_file(fsp,data,startpos,numtoread);
2415 END_PROFILE(SMBlockread);
2416 return(UNIXERROR(ERRDOS,ERRnoaccess));
2420 SSVAL(outbuf,smb_vwv0,nread);
2421 SSVAL(outbuf,smb_vwv5,nread+3);
2422 SSVAL(smb_buf(outbuf),1,nread);
2424 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2425 fsp->fnum, (int)numtoread, (int)nread));
2427 END_PROFILE(SMBlockread);
2432 #define DBGC_CLASS DBGC_ALL
2434 /****************************************************************************
2436 ****************************************************************************/
2438 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2445 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2446 START_PROFILE(SMBread);
2448 CHECK_FSP(fsp,conn);
2449 if (!CHECK_READ(fsp,inbuf)) {
2450 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2453 numtoread = SVAL(inbuf,smb_vwv1);
2454 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2456 outsize = set_message(outbuf,5,3,True);
2457 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2459 * The requested read size cannot be greater than max_recv. JRA.
2461 if (numtoread > max_recv) {
2462 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2463 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2464 (unsigned int)numtoread, (unsigned int)max_recv ));
2465 numtoread = MIN(numtoread,max_recv);
2468 data = smb_buf(outbuf) + 3;
2470 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2471 END_PROFILE(SMBread);
2472 return ERROR_DOS(ERRDOS,ERRlock);
2476 nread = read_file(fsp,data,startpos,numtoread);
2479 END_PROFILE(SMBread);
2480 return(UNIXERROR(ERRDOS,ERRnoaccess));
2484 SSVAL(outbuf,smb_vwv0,nread);
2485 SSVAL(outbuf,smb_vwv5,nread+3);
2486 SCVAL(smb_buf(outbuf),0,1);
2487 SSVAL(smb_buf(outbuf),1,nread);
2489 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2490 fsp->fnum, (int)numtoread, (int)nread ) );
2492 END_PROFILE(SMBread);
2496 /****************************************************************************
2497 Reply to a read and X - possibly using sendfile.
2498 ****************************************************************************/
2500 int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf,
2501 files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt)
2505 char *data = smb_buf(outbuf);
2507 #if defined(WITH_SENDFILE)
2509 * We can only use sendfile on a non-chained packet
2510 * but we can use on a non-oplocked file. tridge proved this
2511 * on a train in Germany :-). JRA.
2514 if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) &&
2515 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2516 SMB_STRUCT_STAT sbuf;
2519 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1)
2520 return(UNIXERROR(ERRDOS,ERRnoaccess));
2522 if (startpos > sbuf.st_size)
2525 if (smb_maxcnt > (sbuf.st_size - startpos))
2526 smb_maxcnt = (sbuf.st_size - startpos);
2528 if (smb_maxcnt == 0)
2532 * Set up the packet header before send. We
2533 * assume here the sendfile will work (get the
2534 * correct amount of data).
2537 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2538 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2539 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2540 SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1));
2541 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2542 SCVAL(outbuf,smb_vwv0,0xFF);
2543 set_message(outbuf,12,smb_maxcnt,False);
2544 header.data = (uint8 *)outbuf;
2545 header.length = data - outbuf;
2548 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2549 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2550 if (errno == ENOSYS) {
2555 * Special hack for broken Linux with no working sendfile. If we
2556 * return EINTR we sent the header but not the rest of the data.
2557 * Fake this up by doing read/write calls.
2560 if (errno == EINTR) {
2561 /* Ensure we don't do this again. */
2562 set_use_sendfile(SNUM(conn), False);
2563 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2565 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2566 len_outbuf - (data-outbuf))) == -1) {
2567 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2568 fsp->fsp_name, strerror(errno) ));
2569 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2571 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2572 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2573 /* Returning -1 here means successful sendfile. */
2577 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2578 fsp->fsp_name, strerror(errno) ));
2579 exit_server_cleanly("send_file_readX sendfile failed");
2582 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2583 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2584 /* Returning -1 here means successful sendfile. */
2592 nread = read_file(fsp,data,startpos,smb_maxcnt);
2595 return(UNIXERROR(ERRDOS,ERRnoaccess));
2598 outsize = set_message(outbuf,12,nread,False);
2599 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2600 SSVAL(outbuf,smb_vwv5,nread);
2601 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2602 SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1));
2603 SSVAL(smb_buf(outbuf),-2,nread);
2605 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2606 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2608 /* Returning the number of bytes we want to send back - including header. */
2612 /****************************************************************************
2613 Reply to a read and X.
2614 ****************************************************************************/
2616 int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2618 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2619 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2621 size_t smb_maxcnt = SVAL(inbuf,smb_vwv5);
2623 size_t smb_mincnt = SVAL(inbuf,smb_vwv6);
2626 START_PROFILE(SMBreadX);
2628 /* If it's an IPC, pass off the pipe handler. */
2630 END_PROFILE(SMBreadX);
2631 return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize);
2634 CHECK_FSP(fsp,conn);
2635 if (!CHECK_READ(fsp,inbuf)) {
2636 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2639 set_message(outbuf,12,0,True);
2641 if (global_client_caps & CAP_LARGE_READX) {
2642 if (SVAL(inbuf,smb_vwv7) == 1) {
2643 smb_maxcnt |= (1<<16);
2645 if (smb_maxcnt > BUFFER_SIZE) {
2646 DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n",
2647 (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE));
2648 END_PROFILE(SMBreadX);
2649 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
2653 if(CVAL(inbuf,smb_wct) == 12) {
2654 #ifdef LARGE_SMB_OFF_T
2656 * This is a large offset (64 bit) read.
2658 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32);
2660 #else /* !LARGE_SMB_OFF_T */
2663 * Ensure we haven't been sent a >32 bit offset.
2666 if(IVAL(inbuf,smb_vwv10) != 0) {
2667 DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \
2668 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) ));
2669 END_PROFILE(SMBreadX);
2670 return ERROR_DOS(ERRDOS,ERRbadaccess);
2673 #endif /* LARGE_SMB_OFF_T */
2677 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2678 END_PROFILE(SMBreadX);
2679 return ERROR_DOS(ERRDOS,ERRlock);
2682 if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) {
2683 END_PROFILE(SMBreadX);
2687 nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt);
2689 nread = chain_reply(inbuf,outbuf,length,bufsize);
2691 END_PROFILE(SMBreadX);
2695 /****************************************************************************
2696 Reply to a writebraw (core+ or LANMAN1.0 protocol).
2697 ****************************************************************************/
2699 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2702 ssize_t total_written=0;
2703 size_t numtowrite=0;
2708 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2710 START_PROFILE(SMBwritebraw);
2712 if (srv_is_signing_active()) {
2713 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
2716 CHECK_FSP(fsp,conn);
2717 if (!CHECK_WRITE(fsp)) {
2718 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2721 tcount = IVAL(inbuf,smb_vwv1);
2722 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2723 write_through = BITSETW(inbuf+smb_vwv7,0);
2725 /* We have to deal with slightly different formats depending
2726 on whether we are using the core+ or lanman1.0 protocol */
2728 if(Protocol <= PROTOCOL_COREPLUS) {
2729 numtowrite = SVAL(smb_buf(inbuf),-2);
2730 data = smb_buf(inbuf);
2732 numtowrite = SVAL(inbuf,smb_vwv10);
2733 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
2736 /* force the error type */
2737 SCVAL(inbuf,smb_com,SMBwritec);
2738 SCVAL(outbuf,smb_com,SMBwritec);
2740 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2741 END_PROFILE(SMBwritebraw);
2742 return(ERROR_DOS(ERRDOS,ERRlock));
2746 nwritten = write_file(fsp,data,startpos,numtowrite);
2748 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
2749 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
2751 if (nwritten < (ssize_t)numtowrite) {
2752 END_PROFILE(SMBwritebraw);
2753 return(UNIXERROR(ERRHRD,ERRdiskfull));
2756 total_written = nwritten;
2758 /* Return a message to the redirector to tell it to send more bytes */
2759 SCVAL(outbuf,smb_com,SMBwritebraw);
2760 SSVALS(outbuf,smb_vwv0,-1);
2761 outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
2763 if (!send_smb(smbd_server_fd(),outbuf))
2764 exit_server_cleanly("reply_writebraw: send_smb failed.");
2766 /* Now read the raw data into the buffer and write it */
2767 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
2768 exit_server_cleanly("secondary writebraw failed");
2771 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
2772 numtowrite = smb_len(inbuf);
2774 /* Set up outbuf to return the correct return */
2775 outsize = set_message(outbuf,1,0,True);
2776 SCVAL(outbuf,smb_com,SMBwritec);
2778 if (numtowrite != 0) {
2780 if (numtowrite > BUFFER_SIZE) {
2781 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
2782 (unsigned int)numtowrite ));
2783 exit_server_cleanly("secondary writebraw failed");
2786 if (tcount > nwritten+numtowrite) {
2787 DEBUG(3,("Client overestimated the write %d %d %d\n",
2788 (int)tcount,(int)nwritten,(int)numtowrite));
2791 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
2792 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
2794 exit_server_cleanly("secondary writebraw failed");
2797 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
2798 if (nwritten == -1) {
2799 END_PROFILE(SMBwritebraw);
2800 return(UNIXERROR(ERRHRD,ERRdiskfull));
2803 if (nwritten < (ssize_t)numtowrite) {
2804 SCVAL(outbuf,smb_rcls,ERRHRD);
2805 SSVAL(outbuf,smb_err,ERRdiskfull);
2809 total_written += nwritten;
2812 SSVAL(outbuf,smb_vwv0,total_written);
2814 sync_file(conn, fsp, write_through);
2816 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
2817 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
2819 /* we won't return a status if write through is not selected - this follows what WfWg does */
2820 END_PROFILE(SMBwritebraw);
2821 if (!write_through && total_written==tcount) {
2823 #if RABBIT_PELLET_FIX
2825 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
2826 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
2828 if (!send_keepalive(smbd_server_fd()))
2829 exit_server_cleanly("reply_writebraw: send of keepalive failed");
2838 #define DBGC_CLASS DBGC_LOCKING
2840 /****************************************************************************
2841 Reply to a writeunlock (core+).
2842 ****************************************************************************/
2844 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
2845 int size, int dum_buffsize)
2847 ssize_t nwritten = -1;
2851 NTSTATUS status = NT_STATUS_OK;
2852 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2854 START_PROFILE(SMBwriteunlock);
2856 CHECK_FSP(fsp,conn);
2857 if (!CHECK_WRITE(fsp)) {
2858 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2861 numtowrite = SVAL(inbuf,smb_vwv1);
2862 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2863 data = smb_buf(inbuf) + 3;
2865 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2866 END_PROFILE(SMBwriteunlock);
2867 return ERROR_DOS(ERRDOS,ERRlock);
2870 /* The special X/Open SMB protocol handling of
2871 zero length writes is *NOT* done for
2873 if(numtowrite == 0) {
2876 nwritten = write_file(fsp,data,startpos,numtowrite);
2879 sync_file(conn, fsp, False /* write through */);
2881 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2882 END_PROFILE(SMBwriteunlock);
2883 return(UNIXERROR(ERRHRD,ERRdiskfull));
2887 status = do_unlock(fsp,
2888 (uint32)SVAL(inbuf,smb_pid),
2889 (SMB_BIG_UINT)numtowrite,
2890 (SMB_BIG_UINT)startpos,
2893 if (NT_STATUS_V(status)) {
2894 END_PROFILE(SMBwriteunlock);
2895 return ERROR_NT(status);
2899 outsize = set_message(outbuf,1,0,True);
2901 SSVAL(outbuf,smb_vwv0,nwritten);
2903 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
2904 fsp->fnum, (int)numtowrite, (int)nwritten));
2906 END_PROFILE(SMBwriteunlock);
2911 #define DBGC_CLASS DBGC_ALL
2913 /****************************************************************************
2915 ****************************************************************************/
2917 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
2920 ssize_t nwritten = -1;
2923 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2925 START_PROFILE(SMBwrite);
2927 /* If it's an IPC, pass off the pipe handler. */
2929 END_PROFILE(SMBwrite);
2930 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
2933 CHECK_FSP(fsp,conn);
2934 if (!CHECK_WRITE(fsp)) {
2935 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2938 numtowrite = SVAL(inbuf,smb_vwv1);
2939 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2940 data = smb_buf(inbuf) + 3;
2942 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2943 END_PROFILE(SMBwrite);
2944 return ERROR_DOS(ERRDOS,ERRlock);
2948 * X/Open SMB protocol says that if smb_vwv1 is
2949 * zero then the file size should be extended or
2950 * truncated to the size given in smb_vwv[2-3].
2953 if(numtowrite == 0) {
2955 * This is actually an allocate call, and set EOF. JRA.
2957 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
2959 END_PROFILE(SMBwrite);
2960 return ERROR_NT(NT_STATUS_DISK_FULL);
2962 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
2964 END_PROFILE(SMBwrite);
2965 return ERROR_NT(NT_STATUS_DISK_FULL);
2968 nwritten = write_file(fsp,data,startpos,numtowrite);
2970 sync_file(conn, fsp, False);
2972 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2973 END_PROFILE(SMBwrite);
2974 return(UNIXERROR(ERRHRD,ERRdiskfull));
2977 outsize = set_message(outbuf,1,0,True);
2979 SSVAL(outbuf,smb_vwv0,nwritten);
2981 if (nwritten < (ssize_t)numtowrite) {
2982 SCVAL(outbuf,smb_rcls,ERRHRD);
2983 SSVAL(outbuf,smb_err,ERRdiskfull);
2986 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
2988 END_PROFILE(SMBwrite);
2992 /****************************************************************************
2993 Reply to a write and X.
2994 ****************************************************************************/
2996 int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2998 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2999 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3000 size_t numtowrite = SVAL(inbuf,smb_vwv10);
3001 BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
3002 ssize_t nwritten = -1;
3003 unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
3004 unsigned int smblen = smb_len(inbuf);
3006 BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
3007 START_PROFILE(SMBwriteX);
3009 /* If it's an IPC, pass off the pipe handler. */
3011 END_PROFILE(SMBwriteX);
3012 return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
3015 CHECK_FSP(fsp,conn);
3016 if (!CHECK_WRITE(fsp)) {
3017 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3020 set_message(outbuf,6,0,True);
3022 /* Deal with possible LARGE_WRITEX */
3024 numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
3027 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3028 END_PROFILE(SMBwriteX);
3029 return ERROR_DOS(ERRDOS,ERRbadmem);
3032 data = smb_base(inbuf) + smb_doff;
3034 if(CVAL(inbuf,smb_wct) == 14) {
3035 #ifdef LARGE_SMB_OFF_T
3037 * This is a large offset (64 bit) write.
3039 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32);
3041 #else /* !LARGE_SMB_OFF_T */
3044 * Ensure we haven't been sent a >32 bit offset.
3047 if(IVAL(inbuf,smb_vwv12) != 0) {
3048 DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \
3049 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) ));
3050 END_PROFILE(SMBwriteX);
3051 return ERROR_DOS(ERRDOS,ERRbadaccess);
3054 #endif /* LARGE_SMB_OFF_T */
3057 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3058 END_PROFILE(SMBwriteX);
3059 return ERROR_DOS(ERRDOS,ERRlock);
3062 /* X/Open SMB protocol says that, unlike SMBwrite
3063 if the length is zero then NO truncation is
3064 done, just a write of zero. To truncate a file,
3067 if(numtowrite == 0) {
3071 if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize,
3072 fsp,data,startpos,numtowrite)) {
3073 END_PROFILE(SMBwriteX);
3077 nwritten = write_file(fsp,data,startpos,numtowrite);
3080 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3081 END_PROFILE(SMBwriteX);
3082 return(UNIXERROR(ERRHRD,ERRdiskfull));
3085 SSVAL(outbuf,smb_vwv2,nwritten);
3087 SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
3089 if (nwritten < (ssize_t)numtowrite) {
3090 SCVAL(outbuf,smb_rcls,ERRHRD);
3091 SSVAL(outbuf,smb_err,ERRdiskfull);
3094 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3095 fsp->fnum, (int)numtowrite, (int)nwritten));
3097 sync_file(conn, fsp, write_through);
3099 END_PROFILE(SMBwriteX);
3100 return chain_reply(inbuf,outbuf,length,bufsize);
3103 /****************************************************************************
3105 ****************************************************************************/
3107 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3113 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3114 START_PROFILE(SMBlseek);
3116 CHECK_FSP(fsp,conn);
3118 flush_write_cache(fsp, SEEK_FLUSH);
3120 mode = SVAL(inbuf,smb_vwv1) & 3;
3121 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3122 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3131 res = fsp->fh->pos + startpos;
3142 if (umode == SEEK_END) {
3143 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3144 if(errno == EINVAL) {
3145 SMB_OFF_T current_pos = startpos;
3146 SMB_STRUCT_STAT sbuf;
3148 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3149 END_PROFILE(SMBlseek);
3150 return(UNIXERROR(ERRDOS,ERRnoaccess));
3153 current_pos += sbuf.st_size;
3155 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3160 END_PROFILE(SMBlseek);
3161 return(UNIXERROR(ERRDOS,ERRnoaccess));
3167 outsize = set_message(outbuf,2,0,True);
3168 SIVAL(outbuf,smb_vwv0,res);
3170 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3171 fsp->fnum, (double)startpos, (double)res, mode));
3173 END_PROFILE(SMBlseek);
3177 /****************************************************************************
3179 ****************************************************************************/
3181 int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3183 int outsize = set_message(outbuf,0,0,False);
3184 uint16 fnum = SVAL(inbuf,smb_vwv0);
3185 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3186 START_PROFILE(SMBflush);
3189 CHECK_FSP(fsp,conn);
3192 file_sync_all(conn);
3194 sync_file(conn,fsp, True);
3197 DEBUG(3,("flush\n"));
3198 END_PROFILE(SMBflush);
3202 /****************************************************************************
3204 conn POINTER CAN BE NULL HERE !
3205 ****************************************************************************/
3207 int reply_exit(connection_struct *conn,
3208 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3211 START_PROFILE(SMBexit);
3213 file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid));
3215 outsize = set_message(outbuf,0,0,False);
3217 DEBUG(3,("exit\n"));
3219 END_PROFILE(SMBexit);
3223 /****************************************************************************
3224 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3225 ****************************************************************************/
3227 int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
3230 NTSTATUS status = NT_STATUS_OK;
3232 files_struct *fsp = NULL;
3233 START_PROFILE(SMBclose);
3235 outsize = set_message(outbuf,0,0,False);
3237 /* If it's an IPC, pass off to the pipe handler. */
3239 END_PROFILE(SMBclose);
3240 return reply_pipe_close(conn, inbuf,outbuf);
3243 fsp = file_fsp(inbuf,smb_vwv0);
3246 * We can only use CHECK_FSP if we know it's not a directory.
3249 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3250 END_PROFILE(SMBclose);
3251 return ERROR_DOS(ERRDOS,ERRbadfid);
3254 if(fsp->is_directory) {
3256 * Special case - close NT SMB directory handle.
3258 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3259 status = close_file(fsp,NORMAL_CLOSE);
3262 * Close ordinary file.
3265 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3266 fsp->fh->fd, fsp->fnum,
3267 conn->num_files_open));
3270 * Take care of any time sent in the close.
3273 fsp_set_pending_modtime(fsp,
3274 convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv1)));
3277 * close_file() returns the unix errno if an error
3278 * was detected on close - normally this is due to
3279 * a disk full error. If not then it was probably an I/O error.
3282 status = close_file(fsp,NORMAL_CLOSE);
3285 if(!NT_STATUS_IS_OK(status)) {
3286 END_PROFILE(SMBclose);
3287 return ERROR_NT(status);
3290 END_PROFILE(SMBclose);
3294 /****************************************************************************
3295 Reply to a writeclose (Core+ protocol).
3296 ****************************************************************************/
3298 int reply_writeclose(connection_struct *conn,
3299 char *inbuf,char *outbuf, int size, int dum_buffsize)
3302 ssize_t nwritten = -1;
3304 NTSTATUS close_status = NT_STATUS_OK;
3307 struct timespec mtime;
3308 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3309 START_PROFILE(SMBwriteclose);
3311 CHECK_FSP(fsp,conn);
3312 if (!CHECK_WRITE(fsp)) {
3313 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3316 numtowrite = SVAL(inbuf,smb_vwv1);
3317 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3318 mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4));
3319 data = smb_buf(inbuf) + 1;
3321 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3322 END_PROFILE(SMBwriteclose);
3323 return ERROR_DOS(ERRDOS,ERRlock);
3326 nwritten = write_file(fsp,data,startpos,numtowrite);
3328 set_filetime(conn, fsp->fsp_name, mtime);
3331 * More insanity. W2K only closes the file if writelen > 0.
3336 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3338 close_status = close_file(fsp,NORMAL_CLOSE);
3341 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3342 fsp->fnum, (int)numtowrite, (int)nwritten,
3343 conn->num_files_open));
3345 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3346 END_PROFILE(SMBwriteclose);
3347 return(UNIXERROR(ERRHRD,ERRdiskfull));
3350 if(!NT_STATUS_IS_OK(close_status)) {
3351 END_PROFILE(SMBwriteclose);
3352 return ERROR_NT(close_status);
3355 outsize = set_message(outbuf,1,0,True);
3357 SSVAL(outbuf,smb_vwv0,nwritten);
3358 END_PROFILE(SMBwriteclose);
3363 #define DBGC_CLASS DBGC_LOCKING
3365 /****************************************************************************
3367 ****************************************************************************/
3369 int reply_lock(connection_struct *conn,
3370 char *inbuf,char *outbuf, int length, int dum_buffsize)
3372 int outsize = set_message(outbuf,0,0,False);
3373 SMB_BIG_UINT count,offset;
3375 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3376 struct byte_range_lock *br_lck = NULL;
3378 START_PROFILE(SMBlock);
3380 CHECK_FSP(fsp,conn);
3382 release_level_2_oplocks_on_change(fsp);
3384 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3385 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3387 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3388 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3390 br_lck = do_lock(fsp,
3391 (uint32)SVAL(inbuf,smb_pid),
3396 False, /* Non-blocking lock. */
3399 TALLOC_FREE(br_lck);
3401 if (NT_STATUS_V(status)) {
3402 END_PROFILE(SMBlock);
3403 return ERROR_NT(status);
3406 END_PROFILE(SMBlock);
3410 /****************************************************************************
3412 ****************************************************************************/
3414 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3417 int outsize = set_message(outbuf,0,0,False);
3418 SMB_BIG_UINT count,offset;
3420 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3421 START_PROFILE(SMBunlock);
3423 CHECK_FSP(fsp,conn);
3425 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3426 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3428 status = do_unlock(fsp,
3429 (uint32)SVAL(inbuf,smb_pid),
3434 if (NT_STATUS_V(status)) {
3435 END_PROFILE(SMBunlock);
3436 return ERROR_NT(status);
3439 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3440 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3442 END_PROFILE(SMBunlock);
3447 #define DBGC_CLASS DBGC_ALL
3449 /****************************************************************************
3451 conn POINTER CAN BE NULL HERE !
3452 ****************************************************************************/
3454 int reply_tdis(connection_struct *conn,
3455 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3457 int outsize = set_message(outbuf,0,0,False);
3459 START_PROFILE(SMBtdis);
3461 vuid = SVAL(inbuf,smb_uid);
3464 DEBUG(4,("Invalid connection in tdis\n"));
3465 END_PROFILE(SMBtdis);
3466 return ERROR_DOS(ERRSRV,ERRinvnid);
3471 close_cnum(conn,vuid);
3473 END_PROFILE(SMBtdis);
3477 /****************************************************************************
3479 conn POINTER CAN BE NULL HERE !
3480 ****************************************************************************/
3482 int reply_echo(connection_struct *conn,
3483 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3485 int smb_reverb = SVAL(inbuf,smb_vwv0);
3487 unsigned int data_len = smb_buflen(inbuf);
3488 int outsize = set_message(outbuf,1,data_len,True);
3489 START_PROFILE(SMBecho);
3491 if (data_len > BUFFER_SIZE) {
3492 DEBUG(0,("reply_echo: data_len too large.\n"));
3493 END_PROFILE(SMBecho);
3497 /* copy any incoming data back out */
3499 memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len);
3501 if (smb_reverb > 100) {
3502 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3506 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3507 SSVAL(outbuf,smb_vwv0,seq_num);
3509 smb_setlen(outbuf,outsize - 4);
3512 if (!send_smb(smbd_server_fd(),outbuf))
3513 exit_server_cleanly("reply_echo: send_smb failed.");
3516 DEBUG(3,("echo %d times\n", smb_reverb));
3520 END_PROFILE(SMBecho);
3524 /****************************************************************************
3525 Reply to a printopen.
3526 ****************************************************************************/
3528 int reply_printopen(connection_struct *conn,
3529 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3535 START_PROFILE(SMBsplopen);
3537 if (!CAN_PRINT(conn)) {
3538 END_PROFILE(SMBsplopen);
3539 return ERROR_DOS(ERRDOS,ERRnoaccess);
3542 /* Open for exclusive use, write only. */
3543 status = print_fsp_open(conn, NULL, &fsp);
3545 if (!NT_STATUS_IS_OK(status)) {
3546 END_PROFILE(SMBsplopen);
3547 return(ERROR_NT(status));
3550 outsize = set_message(outbuf,1,0,True);
3551 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3553 DEBUG(3,("openprint fd=%d fnum=%d\n",
3554 fsp->fh->fd, fsp->fnum));
3556 END_PROFILE(SMBsplopen);
3560 /****************************************************************************
3561 Reply to a printclose.
3562 ****************************************************************************/
3564 int reply_printclose(connection_struct *conn,
3565 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3567 int outsize = set_message(outbuf,0,0,False);
3568 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3570 START_PROFILE(SMBsplclose);
3572 CHECK_FSP(fsp,conn);
3574 if (!CAN_PRINT(conn)) {
3575 END_PROFILE(SMBsplclose);
3576 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
3579 DEBUG(3,("printclose fd=%d fnum=%d\n",
3580 fsp->fh->fd,fsp->fnum));
3582 status = close_file(fsp,NORMAL_CLOSE);
3584 if(!NT_STATUS_IS_OK(status)) {
3585 END_PROFILE(SMBsplclose);
3586 return ERROR_NT(status);
3589 END_PROFILE(SMBsplclose);
3593 /****************************************************************************
3594 Reply to a printqueue.
3595 ****************************************************************************/
3597 int reply_printqueue(connection_struct *conn,
3598 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3600 int outsize = set_message(outbuf,2,3,True);
3601 int max_count = SVAL(inbuf,smb_vwv0);
3602 int start_index = SVAL(inbuf,smb_vwv1);
3603 START_PROFILE(SMBsplretq);
3605 /* we used to allow the client to get the cnum wrong, but that
3606 is really quite gross and only worked when there was only
3607 one printer - I think we should now only accept it if they
3608 get it right (tridge) */
3609 if (!CAN_PRINT(conn)) {
3610 END_PROFILE(SMBsplretq);
3611 return ERROR_DOS(ERRDOS,ERRnoaccess);
3614 SSVAL(outbuf,smb_vwv0,0);
3615 SSVAL(outbuf,smb_vwv1,0);
3616 SCVAL(smb_buf(outbuf),0,1);
3617 SSVAL(smb_buf(outbuf),1,0);
3619 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
3620 start_index, max_count));
3623 print_queue_struct *queue = NULL;
3624 print_status_struct status;
3625 char *p = smb_buf(outbuf) + 3;
3626 int count = print_queue_status(SNUM(conn), &queue, &status);
3627 int num_to_get = ABS(max_count);
3628 int first = (max_count>0?start_index:start_index+max_count+1);
3634 num_to_get = MIN(num_to_get,count-first);
3637 for (i=first;i<first+num_to_get;i++) {
3638 srv_put_dos_date2(p,0,queue[i].time);
3639 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
3640 SSVAL(p,5, queue[i].job);
3641 SIVAL(p,7,queue[i].size);
3643 srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII);
3648 outsize = set_message(outbuf,2,28*count+3,False);
3649 SSVAL(outbuf,smb_vwv0,count);
3650 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
3651 SCVAL(smb_buf(outbuf),0,1);
3652 SSVAL(smb_buf(outbuf),1,28*count);
3657 DEBUG(3,("%d entries returned in queue\n",count));
3660 END_PROFILE(SMBsplretq);
3664 /****************************************************************************
3665 Reply to a printwrite.
3666 ****************************************************************************/
3668 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3671 int outsize = set_message(outbuf,0,0,False);
3673 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3675 START_PROFILE(SMBsplwr);
3677 if (!CAN_PRINT(conn)) {
3678 END_PROFILE(SMBsplwr);
3679 return ERROR_DOS(ERRDOS,ERRnoaccess);
3682 CHECK_FSP(fsp,conn);
3683 if (!CHECK_WRITE(fsp)) {
3684 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3687 numtowrite = SVAL(smb_buf(inbuf),1);
3688 data = smb_buf(inbuf) + 3;
3690 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
3691 END_PROFILE(SMBsplwr);
3692 return(UNIXERROR(ERRHRD,ERRdiskfull));
3695 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
3697 END_PROFILE(SMBsplwr);
3701 /****************************************************************************
3703 ****************************************************************************/
3705 int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3710 SMB_STRUCT_STAT sbuf;
3712 START_PROFILE(SMBmkdir);
3714 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3715 if (!NT_STATUS_IS_OK(status)) {
3716 END_PROFILE(SMBmkdir);
3717 return ERROR_NT(status);
3720 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory);
3721 if (!NT_STATUS_IS_OK(status)) {
3722 END_PROFILE(SMBmkdir);
3723 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
3724 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
3726 return ERROR_NT(status);
3729 status = unix_convert(conn, directory, False, NULL, &sbuf);
3730 if (!NT_STATUS_IS_OK(status)) {
3731 END_PROFILE(SMBmkdir);
3732 return ERROR_NT(status);
3735 status = check_name(conn, directory);
3736 if (!NT_STATUS_IS_OK(status)) {
3737 END_PROFILE(SMBmkdir);
3738 return ERROR_NT(status);
3741 status = create_directory(conn, directory);
3743 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
3745 if (!NT_STATUS_IS_OK(status)) {
3747 if (!use_nt_status()
3748 && NT_STATUS_EQUAL(status,
3749 NT_STATUS_OBJECT_NAME_COLLISION)) {
3751 * Yes, in the DOS error code case we get a
3752 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
3753 * samba4 torture test.
3755 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
3758 END_PROFILE(SMBmkdir);
3759 return ERROR_NT(status);
3762 outsize = set_message(outbuf,0,0,False);
3764 DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) );
3766 END_PROFILE(SMBmkdir);
3770 /****************************************************************************
3771 Static function used by reply_rmdir to delete an entire directory
3772 tree recursively. Return True on ok, False on fail.
3773 ****************************************************************************/
3775 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
3777 const char *dname = NULL;
3780 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3785 while((dname = ReadDirName(dir_hnd, &offset))) {
3789 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3792 if (!is_visible_file(conn, directory, dname, &st, False))
3795 /* Construct the full name. */
3796 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3802 pstrcpy(fullname, directory);
3803 pstrcat(fullname, "/");
3804 pstrcat(fullname, dname);
3806 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
3811 if(st.st_mode & S_IFDIR) {
3812 if(!recursive_rmdir(conn, fullname)) {
3816 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
3820 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
3829 /****************************************************************************
3830 The internals of the rmdir code - called elsewhere.
3831 ****************************************************************************/
3833 NTSTATUS rmdir_internals(connection_struct *conn, const char *directory)
3838 ret = SMB_VFS_RMDIR(conn,directory);
3840 notify_fname(conn, NOTIFY_ACTION_REMOVED,
3841 FILE_NOTIFY_CHANGE_DIR_NAME,
3843 return NT_STATUS_OK;
3846 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
3848 * Check to see if the only thing in this directory are
3849 * vetoed files/directories. If so then delete them and
3850 * retry. If we fail to delete any of them (and we *don't*
3851 * do a recursive delete) then fail the rmdir.
3855 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3857 if(dir_hnd == NULL) {
3862 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3863 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3865 if (!is_visible_file(conn, directory, dname, &st, False))
3867 if(!IS_VETO_PATH(conn, dname)) {
3874 /* We only have veto files/directories. Recursive delete. */
3876 RewindDir(dir_hnd,&dirpos);
3877 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3880 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3882 if (!is_visible_file(conn, directory, dname, &st, False))
3885 /* Construct the full name. */
3886 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3891 pstrcpy(fullname, directory);
3892 pstrcat(fullname, "/");
3893 pstrcat(fullname, dname);
3895 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
3897 if(st.st_mode & S_IFDIR) {
3898 if(lp_recursive_veto_delete(SNUM(conn))) {
3899 if(!recursive_rmdir(conn, fullname))
3902 if(SMB_VFS_RMDIR(conn,fullname) != 0)
3904 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
3908 /* Retry the rmdir */
3909 ret = SMB_VFS_RMDIR(conn,directory);
3915 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
3916 "%s\n", directory,strerror(errno)));
3917 return map_nt_error_from_unix(errno);
3920 notify_fname(conn, NOTIFY_ACTION_REMOVED,
3921 FILE_NOTIFY_CHANGE_DIR_NAME,
3924 return NT_STATUS_OK;
3927 /****************************************************************************
3929 ****************************************************************************/
3931 int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3935 SMB_STRUCT_STAT sbuf;
3937 START_PROFILE(SMBrmdir);
3939 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3940 if (!NT_STATUS_IS_OK(status)) {
3941 END_PROFILE(SMBrmdir);
3942 return ERROR_NT(status);
3945 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, directory);
3946 if (!NT_STATUS_IS_OK(status)) {
3947 END_PROFILE(SMBrmdir);
3948 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
3949 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
3951 return ERROR_NT(status);
3954 status = unix_convert(conn, directory, False, NULL, &sbuf);
3955 if (!NT_STATUS_IS_OK(status)) {
3956 END_PROFILE(SMBrmdir);
3957 return ERROR_NT(status);
3960 status = check_name(conn, directory);
3961 if (!NT_STATUS_IS_OK(status)) {
3962 END_PROFILE(SMBrmdir);
3963 return ERROR_NT(status);
3966 dptr_closepath(directory,SVAL(inbuf,smb_pid));
3967 status = rmdir_internals(conn, directory);
3968 if (!NT_STATUS_IS_OK(status)) {
3969 END_PROFILE(SMBrmdir);
3970 return ERROR_NT(status);
3973 outsize = set_message(outbuf,0,0,False);
3975 DEBUG( 3, ( "rmdir %s\n", directory ) );
3977 END_PROFILE(SMBrmdir);
3981 /*******************************************************************
3982 Resolve wildcards in a filename rename.
3983 Note that name is in UNIX charset and thus potentially can be more
3984 than fstring buffer (255 bytes) especially in default UTF-8 case.
3985 Therefore, we use pstring inside and all calls should ensure that
3986 name2 is at least pstring-long (they do already)
3987 ********************************************************************/
3989 static BOOL resolve_wildcards(const char *name1, char *name2)
3991 pstring root1,root2;
3993 char *p,*p2, *pname1, *pname2;
3994 int available_space, actual_space;
3996 pname1 = strrchr_m(name1,'/');
3997 pname2 = strrchr_m(name2,'/');
3999 if (!pname1 || !pname2)
4002 pstrcpy(root1,pname1);
4003 pstrcpy(root2,pname2);
4004 p = strrchr_m(root1,'.');
4011 p = strrchr_m(root2,'.');
4025 } else if (*p2 == '*') {
4041 } else if (*p2 == '*') {
4051 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4054 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4055 if (actual_space >= available_space - 1) {
4056 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4057 actual_space - available_space));
4060 pstrcpy_base(pname2, root2, name2);
4066 /****************************************************************************
4067 Ensure open files have their names updated. Updated to notify other smbd's
4069 ****************************************************************************/
4071 static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck,
4072 SMB_DEV_T dev, SMB_INO_T inode, const char *newname)
4075 BOOL did_rename = False;
4077 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
4078 /* fsp_name is a relative path under the fsp. To change this for other
4079 sharepaths we need to manipulate relative paths. */
4080 /* TODO - create the absolute path and manipulate the newname
4081 relative to the sharepath. */
4082 if (fsp->conn != conn) {
4085 DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n",
4086 fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode,
4087 fsp->fsp_name, newname ));
4088 string_set(&fsp->fsp_name, newname);
4093 DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n",
4094 (unsigned int)dev, (double)inode, newname ));
4097 /* Send messages to all smbd's (not ourself) that the name has changed. */
4098 rename_share_filename(lck, conn->connectpath, newname);
4101 /****************************************************************************
4102 We need to check if the source path is a parent directory of the destination
4103 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4104 refuse the rename with a sharing violation. Under UNIX the above call can
4105 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4106 probably need to check that the client is a Windows one before disallowing
4107 this as a UNIX client (one with UNIX extensions) can know the source is a
4108 symlink and make this decision intelligently. Found by an excellent bug
4109 report from <AndyLiebman@aol.com>.
4110 ****************************************************************************/
4112 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4114 const char *psrc = src;
4115 const char *pdst = dest;
4118 if (psrc[0] == '.' && psrc[1] == '/') {
4121 if (pdst[0] == '.' && pdst[1] == '/') {
4124 if ((slen = strlen(psrc)) > strlen(pdst)) {
4127 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4130 /****************************************************************************
4131 Rename an open file - given an fsp.
4132 ****************************************************************************/
4134 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists)
4136 SMB_STRUCT_STAT sbuf;
4137 pstring newname_last_component;
4138 NTSTATUS status = NT_STATUS_OK;
4140 struct share_mode_lock *lck = NULL;
4144 status = unix_convert(conn, newname, False, newname_last_component, &sbuf);
4145 if (!NT_STATUS_IS_OK(status)) {
4149 status = check_name(conn, newname);
4150 if (!NT_STATUS_IS_OK(status)) {
4154 /* Ensure newname contains a '/' */
4155 if(strrchr_m(newname,'/') == 0) {
4158 pstrcpy(tmpstr, "./");
4159 pstrcat(tmpstr, newname);
4160 pstrcpy(newname, tmpstr);
4164 * Check for special case with case preserving and not
4165 * case sensitive. If the old last component differs from the original
4166 * last component only by case, then we should allow
4167 * the rename (user is trying to change the case of the
4171 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4172 strequal(newname, fsp->fsp_name)) {
4174 pstring newname_modified_last_component;
4177 * Get the last component of the modified name.
4178 * Note that we guarantee that newname contains a '/'
4181 p = strrchr_m(newname,'/');
4182 pstrcpy(newname_modified_last_component,p+1);
4184 if(strcsequal(newname_modified_last_component,
4185 newname_last_component) == False) {
4187 * Replace the modified last component with
4190 pstrcpy(p+1, newname_last_component);
4195 * If the src and dest names are identical - including case,
4196 * don't do the rename, just return success.
4199 if (strcsequal(fsp->fsp_name, newname)) {
4200 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4202 return NT_STATUS_OK;
4205 dest_exists = vfs_object_exist(conn,newname,NULL);
4207 if(!replace_if_exists && dest_exists) {
4208 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4209 fsp->fsp_name,newname));
4210 return NT_STATUS_OBJECT_NAME_COLLISION;
4213 status = can_rename(conn,newname,attrs,&sbuf);
4215 if (dest_exists && !NT_STATUS_IS_OK(status)) {
4216 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4217 nt_errstr(status), fsp->fsp_name,newname));
4218 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
4219 status = NT_STATUS_ACCESS_DENIED;
4223 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4224 return NT_STATUS_ACCESS_DENIED;
4227 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL);
4229 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4230 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4231 fsp->fsp_name,newname));
4232 rename_open_files(conn, lck, fsp->dev, fsp->inode, newname);
4234 return NT_STATUS_OK;
4239 if (errno == ENOTDIR || errno == EISDIR) {
4240 status = NT_STATUS_OBJECT_NAME_COLLISION;
4242 status = map_nt_error_from_unix(errno);
4245 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4246 nt_errstr(status), fsp->fsp_name,newname));
4252 * Do the notify calls from a rename
4255 static void notify_rename(connection_struct *conn, BOOL is_dir,
4256 const char *oldpath, const char *newpath)
4258 char *olddir, *newdir;
4259 const char *oldname, *newname;
4262 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
4263 : FILE_NOTIFY_CHANGE_FILE_NAME;
4265 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
4266 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
4267 TALLOC_FREE(olddir);
4271 if (strcmp(olddir, newdir) == 0) {
4272 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
4273 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
4276 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
4277 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
4279 TALLOC_FREE(olddir);
4280 TALLOC_FREE(newdir);
4282 /* this is a strange one. w2k3 gives an additional event for
4283 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
4284 files, but not directories */
4286 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
4287 FILE_NOTIFY_CHANGE_ATTRIBUTES
4288 |FILE_NOTIFY_CHANGE_CREATION,
4293 /****************************************************************************
4294 The guts of the rename command, split out so it may be called by the NT SMB
4296 ****************************************************************************/
4298 NTSTATUS rename_internals(connection_struct *conn,
4302 BOOL replace_if_exists,
4308 pstring last_component_src;
4309 pstring last_component_dest;
4312 NTSTATUS status = NT_STATUS_OK;
4313 SMB_STRUCT_STAT sbuf1, sbuf2;
4314 struct share_mode_lock *lck = NULL;
4315 struct smb_Dir *dir_hnd = NULL;
4320 *directory = *mask = 0;
4325 status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1);
4326 if (!NT_STATUS_IS_OK(status)) {
4330 status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2);
4331 if (!NT_STATUS_IS_OK(status)) {
4336 * Split the old name into directory and last component
4337 * strings. Note that unix_convert may have stripped off a
4338 * leading ./ from both name and newname if the rename is
4339 * at the root of the share. We need to make sure either both
4340 * name and newname contain a / character or neither of them do
4341 * as this is checked in resolve_wildcards().
4344 p = strrchr_m(name,'/');
4346 pstrcpy(directory,".");
4350 pstrcpy(directory,name);
4352 *p = '/'; /* Replace needed for exceptional test below. */
4356 * We should only check the mangled cache
4357 * here if unix_convert failed. This means
4358 * that the path in 'mask' doesn't exist
4359 * on the file system and so we need to look
4360 * for a possible mangle. This patch from
4361 * Tine Smukavec <valentin.smukavec@hermes.si>.
4364 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
4365 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4368 if (!src_has_wild) {
4370 * No wildcards - just process the one file.
4372 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4374 /* Add a terminating '/' to the directory name. */
4375 pstrcat(directory,"/");
4376 pstrcat(directory,mask);
4378 /* Ensure newname contains a '/' also */
4379 if(strrchr_m(newname,'/') == 0) {
4382 pstrcpy(tmpstr, "./");
4383 pstrcat(tmpstr, newname);
4384 pstrcpy(newname, tmpstr);
4387 DEBUG(3, ("rename_internals: case_sensitive = %d, "
4388 "case_preserve = %d, short case preserve = %d, "
4389 "directory = %s, newname = %s, "
4390 "last_component_dest = %s, is_8_3 = %d\n",
4391 conn->case_sensitive, conn->case_preserve,
4392 conn->short_case_preserve, directory,
4393 newname, last_component_dest, is_short_name));
4395 /* Ensure the source name is valid for us to access. */
4396 status = check_name(conn, directory);
4397 if (!NT_STATUS_IS_OK(status)) {
4401 /* The dest name still may have wildcards. */
4402 if (dest_has_wild) {
4403 if (!resolve_wildcards(directory,newname)) {
4404 DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n",
4405 directory,newname));
4406 return NT_STATUS_NO_MEMORY;
4411 * Check for special case with case preserving and not
4412 * case sensitive, if directory and newname are identical,
4413 * and the old last component differs from the original
4414 * last component only by case, then we should allow
4415 * the rename (user is trying to change the case of the
4418 if((conn->case_sensitive == False) &&
4419 (((conn->case_preserve == True) &&
4420 (is_short_name == False)) ||
4421 ((conn->short_case_preserve == True) &&
4422 (is_short_name == True))) &&
4423 strcsequal(directory, newname)) {
4424 pstring modified_last_component;
4427 * Get the last component of the modified name.
4428 * Note that we guarantee that newname contains a '/'
4431 p = strrchr_m(newname,'/');
4432 pstrcpy(modified_last_component,p+1);
4434 if(strcsequal(modified_last_component,
4435 last_component_dest) == False) {
4437 * Replace the modified last component with
4440 pstrcpy(p+1, last_component_dest);
4444 /* Ensure the dest name is valid for us to access. */
4445 status = check_name(conn, newname);
4446 if (!NT_STATUS_IS_OK(status)) {
4451 * The source object must exist.
4454 if (!vfs_object_exist(conn, directory, &sbuf1)) {
4455 DEBUG(3, ("rename_internals: source doesn't exist "
4456 "doing rename %s -> %s\n",
4457 directory,newname));
4459 if (errno == ENOTDIR || errno == EISDIR
4460 || errno == ENOENT) {
4462 * Must return different errors depending on
4463 * whether the parent directory existed or
4467 p = strrchr_m(directory, '/');
4469 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4471 if (vfs_object_exist(conn, directory, NULL))
4472 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4473 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4475 status = map_nt_error_from_unix(errno);
4476 DEBUG(3, ("rename_internals: Error %s rename %s -> "
4477 "%s\n", nt_errstr(status), directory,
4483 status = can_rename(conn,directory,attrs,&sbuf1);
4485 if (!NT_STATUS_IS_OK(status)) {
4486 DEBUG(3,("rename_internals: Error %s rename %s -> "
4487 "%s\n", nt_errstr(status), directory,
4493 * If the src and dest names are identical - including case,
4494 * don't do the rename, just return success.
4497 if (strcsequal(directory, newname)) {
4498 rename_open_files(conn, NULL, sbuf1.st_dev,
4499 sbuf1.st_ino, newname);
4500 DEBUG(3, ("rename_internals: identical names in "
4501 "rename %s - returning success\n",
4503 return NT_STATUS_OK;
4506 if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) {
4507 DEBUG(3,("rename_internals: dest exists doing "
4508 "rename %s -> %s\n", directory, newname));
4509 return NT_STATUS_OBJECT_NAME_COLLISION;
4512 if (rename_path_prefix_equal(directory, newname)) {
4513 return NT_STATUS_SHARING_VIOLATION;
4516 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino,
4519 if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
4520 DEBUG(3,("rename_internals: succeeded doing rename "
4521 "on %s -> %s\n", directory, newname));
4522 rename_open_files(conn, lck, sbuf1.st_dev,
4523 sbuf1.st_ino, newname);
4525 notify_rename(conn, S_ISDIR(sbuf1.st_mode),
4526 directory, newname);
4527 return NT_STATUS_OK;
4531 if (errno == ENOTDIR || errno == EISDIR) {
4532 status = NT_STATUS_OBJECT_NAME_COLLISION;
4534 status = map_nt_error_from_unix(errno);
4537 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4538 nt_errstr(status), directory,newname));
4544 * Wildcards - process each file that matches.
4546 if (strequal(mask,"????????.???")) {
4550 status = check_name(conn, directory);
4551 if (!NT_STATUS_IS_OK(status)) {
4555 dir_hnd = OpenDir(conn, directory, mask, attrs);
4556 if (dir_hnd == NULL) {
4557 return map_nt_error_from_unix(errno);
4560 status = NT_STATUS_NO_SUCH_FILE;
4562 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4563 * - gentest fix. JRA
4566 while ((dname = ReadDirName(dir_hnd, &offset))) {
4568 BOOL sysdir_entry = False;
4570 pstrcpy(fname,dname);
4572 /* Quick check for "." and ".." */
4573 if (fname[0] == '.') {
4574 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4576 sysdir_entry = True;
4583 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
4587 if(!mask_match(fname, mask, conn->case_sensitive)) {
4592 status = NT_STATUS_OBJECT_NAME_INVALID;
4596 status = NT_STATUS_ACCESS_DENIED;
4597 slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname);
4599 /* Ensure the source name is valid for us to access. */
4600 status = check_name(conn, fname);
4601 if (!NT_STATUS_IS_OK(status)) {
4605 if (!vfs_object_exist(conn, fname, &sbuf1)) {
4606 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4607 DEBUG(6, ("rename %s failed. Error %s\n",
4608 fname, nt_errstr(status)));
4611 status = can_rename(conn,fname,attrs,&sbuf1);
4612 if (!NT_STATUS_IS_OK(status)) {
4613 DEBUG(6, ("rename %s refused\n", fname));
4616 pstrcpy(destname,newname);
4618 if (!resolve_wildcards(fname,destname)) {
4619 DEBUG(6, ("resolve_wildcards %s %s failed\n",
4624 /* Ensure the dest name is valid for us to access. */
4625 status = check_name(conn, destname);
4626 if (!NT_STATUS_IS_OK(status)) {
4630 if (strcsequal(fname,destname)) {
4631 rename_open_files(conn, NULL, sbuf1.st_dev,
4632 sbuf1.st_ino, newname);
4633 DEBUG(3,("rename_internals: identical names "
4634 "in wildcard rename %s - success\n",
4637 status = NT_STATUS_OK;
4641 if (!replace_if_exists && vfs_file_exist(conn,destname, NULL)) {
4642 DEBUG(6,("file_exist %s\n", destname));
4643 status = NT_STATUS_OBJECT_NAME_COLLISION;
4647 if (rename_path_prefix_equal(fname, destname)) {
4648 return NT_STATUS_SHARING_VIOLATION;
4651 lck = get_share_mode_lock(NULL, sbuf1.st_dev,
4652 sbuf1.st_ino, NULL, NULL);
4654 if (!SMB_VFS_RENAME(conn,fname,destname)) {
4655 rename_open_files(conn, lck, sbuf1.st_dev,
4656 sbuf1.st_ino, newname);
4658 status = NT_STATUS_OK;
4661 DEBUG(3,("rename_internals: doing rename on %s -> "
4662 "%s\n",fname,destname));
4666 if (count == 0 && NT_STATUS_IS_OK(status)) {
4667 status = map_nt_error_from_unix(errno);
4673 /****************************************************************************
4675 ****************************************************************************/
4677 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
4684 uint32 attrs = SVAL(inbuf,smb_vwv0);
4686 BOOL src_has_wcard = False;
4687 BOOL dest_has_wcard = False;
4689 START_PROFILE(SMBmv);
4691 p = smb_buf(inbuf) + 1;
4692 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &src_has_wcard);
4693 if (!NT_STATUS_IS_OK(status)) {
4695 return ERROR_NT(status);
4698 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wcard);
4699 if (!NT_STATUS_IS_OK(status)) {
4701 return ERROR_NT(status);
4704 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &src_has_wcard);
4705 if (!NT_STATUS_IS_OK(status)) {
4707 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4708 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
4710 return ERROR_NT(status);
4713 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wcard);
4714 if (!NT_STATUS_IS_OK(status)) {
4716 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4717 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
4719 return ERROR_NT(status);
4722 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
4724 status = rename_internals(conn, name, newname, attrs, False, src_has_wcard, dest_has_wcard);
4725 if (!NT_STATUS_IS_OK(status)) {
4727 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
4728 /* We have re-scheduled this call. */
4731 return ERROR_NT(status);
4734 outsize = set_message(outbuf,0,0,False);
4740 /*******************************************************************
4741 Copy a file as part of a reply_copy.
4742 ******************************************************************/
4745 * TODO: check error codes on all callers
4748 NTSTATUS copy_file(connection_struct *conn,
4753 BOOL target_is_directory)
4755 SMB_STRUCT_STAT src_sbuf, sbuf2;
4757 files_struct *fsp1,*fsp2;
4760 uint32 new_create_disposition;
4763 pstrcpy(dest,dest1);
4764 if (target_is_directory) {
4765 char *p = strrchr_m(src,'/');
4775 if (!vfs_file_exist(conn,src,&src_sbuf)) {
4776 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4779 if (!target_is_directory && count) {
4780 new_create_disposition = FILE_OPEN;
4782 if (!map_open_params_to_ntcreate(dest1,0,ofun,
4783 NULL, NULL, &new_create_disposition, NULL)) {
4784 return NT_STATUS_INVALID_PARAMETER;
4788 status = open_file_ntcreate(conn,src,&src_sbuf,
4790 FILE_SHARE_READ|FILE_SHARE_WRITE,
4793 FILE_ATTRIBUTE_NORMAL,
4797 if (!NT_STATUS_IS_OK(status)) {
4801 dosattrs = dos_mode(conn, src, &src_sbuf);
4802 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
4803 ZERO_STRUCTP(&sbuf2);
4806 status = open_file_ntcreate(conn,dest,&sbuf2,
4808 FILE_SHARE_READ|FILE_SHARE_WRITE,
4809 new_create_disposition,
4815 if (!NT_STATUS_IS_OK(status)) {
4816 close_file(fsp1,ERROR_CLOSE);
4820 if ((ofun&3) == 1) {
4821 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
4822 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
4824 * Stop the copy from occurring.
4827 src_sbuf.st_size = 0;
4831 if (src_sbuf.st_size) {
4832 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
4835 close_file(fsp1,NORMAL_CLOSE);
4837 /* Ensure the modtime is set correctly on the destination file. */
4838 fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf));
4841 * As we are opening fsp1 read-only we only expect
4842 * an error on close on fsp2 if we are out of space.
4843 * Thus we don't look at the error return from the
4846 status = close_file(fsp2,NORMAL_CLOSE);
4848 if (!NT_STATUS_IS_OK(status)) {
4852 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
4853 return NT_STATUS_DISK_FULL;
4856 return NT_STATUS_OK;
4859 /****************************************************************************
4860 Reply to a file copy.
4861 ****************************************************************************/
4863 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4868 pstring mask,newname;
4871 int error = ERRnoaccess;
4873 int tid2 = SVAL(inbuf,smb_vwv0);
4874 int ofun = SVAL(inbuf,smb_vwv1);
4875 int flags = SVAL(inbuf,smb_vwv2);
4876 BOOL target_is_directory=False;
4877 BOOL source_has_wild = False;
4878 BOOL dest_has_wild = False;
4879 SMB_STRUCT_STAT sbuf1, sbuf2;
4881 START_PROFILE(SMBcopy);
4883 *directory = *mask = 0;
4886 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &source_has_wild);
4887 if (!NT_STATUS_IS_OK(status)) {
4888 END_PROFILE(SMBcopy);
4889 return ERROR_NT(status);
4891 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &dest_has_wild);
4892 if (!NT_STATUS_IS_OK(status)) {
4893 END_PROFILE(SMBcopy);
4894 return ERROR_NT(status);
4897 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
4899 if (tid2 != conn->cnum) {
4900 /* can't currently handle inter share copies XXXX */
4901 DEBUG(3,("Rejecting inter-share copy\n"));
4902 END_PROFILE(SMBcopy);
4903 return ERROR_DOS(ERRSRV,ERRinvdevice);
4906 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild);
4907 if (!NT_STATUS_IS_OK(status)) {
4908 END_PROFILE(SMBcopy);
4909 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4910 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
4912 return ERROR_NT(status);
4915 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild);
4916 if (!NT_STATUS_IS_OK(status)) {
4917 END_PROFILE(SMBcopy);
4918 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4919 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
4921 return ERROR_NT(status);
4924 status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1);
4925 if (!NT_STATUS_IS_OK(status)) {
4926 END_PROFILE(SMBcopy);
4927 return ERROR_NT(status);
4930 status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2);
4931 if (!NT_STATUS_IS_OK(status)) {
4932 END_PROFILE(SMBcopy);
4933 return ERROR_NT(status);
4936 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
4938 if ((flags&1) && target_is_directory) {
4939 END_PROFILE(SMBcopy);
4940 return ERROR_DOS(ERRDOS,ERRbadfile);
4943 if ((flags&2) && !target_is_directory) {
4944 END_PROFILE(SMBcopy);
4945 return ERROR_DOS(ERRDOS,ERRbadpath);
4948 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
4949 /* wants a tree copy! XXXX */
4950 DEBUG(3,("Rejecting tree copy\n"));
4951 END_PROFILE(SMBcopy);
4952 return ERROR_DOS(ERRSRV,ERRerror);
4955 p = strrchr_m(name,'/');
4957 pstrcpy(directory,"./");
4961 pstrcpy(directory,name);
4966 * We should only check the mangled cache
4967 * here if unix_convert failed. This means
4968 * that the path in 'mask' doesn't exist
4969 * on the file system and so we need to look
4970 * for a possible mangle. This patch from
4971 * Tine Smukavec <valentin.smukavec@hermes.si>.
4974 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
4975 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4978 if (!source_has_wild) {
4979 pstrcat(directory,"/");
4980 pstrcat(directory,mask);
4981 if (dest_has_wild) {
4982 if (!resolve_wildcards(directory,newname)) {
4983 END_PROFILE(SMBcopy);
4984 return ERROR_NT(NT_STATUS_NO_MEMORY);
4988 status = check_name(conn, directory);
4989 if (!NT_STATUS_IS_OK(status)) {
4990 return ERROR_NT(status);
4993 status = check_name(conn, newname);
4994 if (!NT_STATUS_IS_OK(status)) {
4995 return ERROR_NT(status);
4998 status = copy_file(conn,directory,newname,ofun,
4999 count,target_is_directory);
5001 if(!NT_STATUS_IS_OK(status)) {
5002 END_PROFILE(SMBcopy);
5003 return ERROR_NT(status);
5008 struct smb_Dir *dir_hnd = NULL;
5013 if (strequal(mask,"????????.???"))
5016 status = check_name(conn, directory);
5017 if (!NT_STATUS_IS_OK(status)) {
5018 return ERROR_NT(status);
5021 dir_hnd = OpenDir(conn, directory, mask, 0);
5022 if (dir_hnd == NULL) {
5023 status = map_nt_error_from_unix(errno);
5024 return ERROR_NT(status);
5029 while ((dname = ReadDirName(dir_hnd, &offset))) {
5031 pstrcpy(fname,dname);
5033 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5037 if(!mask_match(fname, mask, conn->case_sensitive)) {
5041 error = ERRnoaccess;
5042 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
5043 pstrcpy(destname,newname);
5044 if (!resolve_wildcards(fname,destname)) {
5048 status = check_name(conn, fname);
5049 if (!NT_STATUS_IS_OK(status)) {
5050 return ERROR_NT(status);
5053 status = check_name(conn, destname);
5054 if (!NT_STATUS_IS_OK(status)) {
5055 return ERROR_NT(status);
5058 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
5060 status = copy_file(conn,fname,destname,ofun,
5061 count,target_is_directory);
5062 if (NT_STATUS_IS_OK(status)) {
5071 /* Error on close... */
5073 END_PROFILE(SMBcopy);
5074 return(UNIXERROR(ERRHRD,ERRgeneral));
5077 END_PROFILE(SMBcopy);
5078 return ERROR_DOS(ERRDOS,error);
5081 outsize = set_message(outbuf,1,0,True);
5082 SSVAL(outbuf,smb_vwv0,count);
5084 END_PROFILE(SMBcopy);
5088 /****************************************************************************
5090 ****************************************************************************/
5092 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5099 START_PROFILE(pathworks_setdir);
5102 if (!CAN_SETDIR(snum)) {
5103 END_PROFILE(pathworks_setdir);
5104 return ERROR_DOS(ERRDOS,ERRnoaccess);
5107 srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status);
5108 if (!NT_STATUS_IS_OK(status)) {
5109 END_PROFILE(pathworks_setdir);
5110 return ERROR_NT(status);
5113 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir);
5114 if (!NT_STATUS_IS_OK(status)) {
5115 END_PROFILE(pathworks_setdir);
5116 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5117 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5119 return ERROR_NT(status);
5122 if (strlen(newdir) != 0) {
5123 if (!vfs_directory_exist(conn,newdir,NULL)) {
5124 END_PROFILE(pathworks_setdir);
5125 return ERROR_DOS(ERRDOS,ERRbadpath);
5127 set_conn_connectpath(conn,newdir);
5130 outsize = set_message(outbuf,0,0,False);
5131 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5133 DEBUG(3,("setdir %s\n", newdir));
5135 END_PROFILE(pathworks_setdir);
5140 #define DBGC_CLASS DBGC_LOCKING
5142 /****************************************************************************
5143 Get a lock pid, dealing with large count requests.
5144 ****************************************************************************/
5146 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5148 if(!large_file_format)
5149 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5151 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5154 /****************************************************************************
5155 Get a lock count, dealing with large count requests.
5156 ****************************************************************************/
5158 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5160 SMB_BIG_UINT count = 0;
5162 if(!large_file_format) {
5163 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5166 #if defined(HAVE_LONGLONG)
5167 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5168 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5169 #else /* HAVE_LONGLONG */
5172 * NT4.x seems to be broken in that it sends large file (64 bit)
5173 * lockingX calls even if the CAP_LARGE_FILES was *not*
5174 * negotiated. For boxes without large unsigned ints truncate the
5175 * lock count by dropping the top 32 bits.
5178 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5179 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5180 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5181 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5182 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5185 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5186 #endif /* HAVE_LONGLONG */
5192 #if !defined(HAVE_LONGLONG)
5193 /****************************************************************************
5194 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5195 ****************************************************************************/
5197 static uint32 map_lock_offset(uint32 high, uint32 low)
5201 uint32 highcopy = high;
5204 * Try and find out how many significant bits there are in high.
5207 for(i = 0; highcopy; i++)
5211 * We use 31 bits not 32 here as POSIX
5212 * lock offsets may not be negative.
5215 mask = (~0) << (31 - i);
5218 return 0; /* Fail. */
5224 #endif /* !defined(HAVE_LONGLONG) */
5226 /****************************************************************************
5227 Get a lock offset, dealing with large offset requests.
5228 ****************************************************************************/
5230 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5232 SMB_BIG_UINT offset = 0;
5236 if(!large_file_format) {
5237 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5240 #if defined(HAVE_LONGLONG)
5241 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5242 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5243 #else /* HAVE_LONGLONG */
5246 * NT4.x seems to be broken in that it sends large file (64 bit)
5247 * lockingX calls even if the CAP_LARGE_FILES was *not*
5248 * negotiated. For boxes without large unsigned ints mangle the
5249 * lock offset by mapping the top 32 bits onto the lower 32.
5252 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5253 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5254 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5257 if((new_low = map_lock_offset(high, low)) == 0) {
5259 return (SMB_BIG_UINT)-1;
5262 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5263 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5264 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5265 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5268 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5269 #endif /* HAVE_LONGLONG */
5275 /****************************************************************************
5276 Reply to a lockingX request.
5277 ****************************************************************************/
5279 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
5280 int length, int bufsize)
5282 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
5283 unsigned char locktype = CVAL(inbuf,smb_vwv3);
5284 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
5285 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
5286 uint16 num_locks = SVAL(inbuf,smb_vwv7);
5287 SMB_BIG_UINT count = 0, offset = 0;
5289 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
5292 BOOL large_file_format =
5293 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5295 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5297 START_PROFILE(SMBlockingX);
5299 CHECK_FSP(fsp,conn);
5301 data = smb_buf(inbuf);
5303 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5304 /* we don't support these - and CANCEL_LOCK makes w2k
5305 and XP reboot so I don't really want to be
5306 compatible! (tridge) */
5307 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5310 /* Check if this is an oplock break on a file
5311 we have granted an oplock on.
5313 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5314 /* Client can insist on breaking to none. */
5315 BOOL break_to_none = (oplocklevel == 0);
5318 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5319 "for fnum = %d\n", (unsigned int)oplocklevel,
5323 * Make sure we have granted an exclusive or batch oplock on
5327 if (fsp->oplock_type == 0) {
5329 /* The Samba4 nbench simulator doesn't understand
5330 the difference between break to level2 and break
5331 to none from level2 - it sends oplock break
5332 replies in both cases. Don't keep logging an error
5333 message here - just ignore it. JRA. */
5335 DEBUG(5,("reply_lockingX: Error : oplock break from "
5336 "client for fnum = %d (oplock=%d) and no "
5337 "oplock granted on this file (%s).\n",
5338 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5340 /* if this is a pure oplock break request then don't
5342 if (num_locks == 0 && num_ulocks == 0) {
5343 END_PROFILE(SMBlockingX);
5346 END_PROFILE(SMBlockingX);
5347 return ERROR_DOS(ERRDOS,ERRlock);
5351 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5353 result = remove_oplock(fsp);
5355 result = downgrade_oplock(fsp);
5359 DEBUG(0, ("reply_lockingX: error in removing "
5360 "oplock on file %s\n", fsp->fsp_name));
5361 /* Hmmm. Is this panic justified? */
5362 smb_panic("internal tdb error");
5365 reply_to_oplock_break_requests(fsp);
5367 /* if this is a pure oplock break request then don't send a
5369 if (num_locks == 0 && num_ulocks == 0) {
5370 /* Sanity check - ensure a pure oplock break is not a
5372 if(CVAL(inbuf,smb_vwv0) != 0xff)
5373 DEBUG(0,("reply_lockingX: Error : pure oplock "
5374 "break is a chained %d request !\n",
5375 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5376 END_PROFILE(SMBlockingX);
5382 * We do this check *after* we have checked this is not a oplock break
5383 * response message. JRA.
5386 release_level_2_oplocks_on_change(fsp);
5388 /* Data now points at the beginning of the list
5389 of smb_unlkrng structs */
5390 for(i = 0; i < (int)num_ulocks; i++) {
5391 lock_pid = get_lock_pid( data, i, large_file_format);
5392 count = get_lock_count( data, i, large_file_format);
5393 offset = get_lock_offset( data, i, large_file_format, &err);
5396 * There is no error code marked "stupid client bug".... :-).
5399 END_PROFILE(SMBlockingX);
5400 return ERROR_DOS(ERRDOS,ERRnoaccess);
5403 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5404 "pid %u, file %s\n", (double)offset, (double)count,
5405 (unsigned int)lock_pid, fsp->fsp_name ));
5407 status = do_unlock(fsp,
5413 if (NT_STATUS_V(status)) {
5414 END_PROFILE(SMBlockingX);
5415 return ERROR_NT(status);
5419 /* Setup the timeout in seconds. */
5421 if (!lp_blocking_locks(SNUM(conn))) {
5425 /* Now do any requested locks */
5426 data += ((large_file_format ? 20 : 10)*num_ulocks);
5428 /* Data now points at the beginning of the list
5429 of smb_lkrng structs */
5431 for(i = 0; i < (int)num_locks; i++) {
5432 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5433 READ_LOCK:WRITE_LOCK);
5434 lock_pid = get_lock_pid( data, i, large_file_format);
5435 count = get_lock_count( data, i, large_file_format);
5436 offset = get_lock_offset( data, i, large_file_format, &err);
5439 * There is no error code marked "stupid client bug".... :-).
5442 END_PROFILE(SMBlockingX);
5443 return ERROR_DOS(ERRDOS,ERRnoaccess);
5446 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5447 "%u, file %s timeout = %d\n", (double)offset,
5448 (double)count, (unsigned int)lock_pid,
5449 fsp->fsp_name, (int)lock_timeout ));
5451 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5452 if (lp_blocking_locks(SNUM(conn))) {
5454 /* Schedule a message to ourselves to
5455 remove the blocking lock record and
5456 return the right error. */
5458 if (!blocking_lock_cancel(fsp,
5464 NT_STATUS_FILE_LOCK_CONFLICT)) {
5465 END_PROFILE(SMBlockingX);
5466 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation));
5469 /* Remove a matching pending lock. */
5470 status = do_lock_cancel(fsp,
5476 BOOL blocking_lock = lock_timeout ? True : False;
5477 BOOL defer_lock = False;
5478 struct byte_range_lock *br_lck;
5480 br_lck = do_lock(fsp,
5489 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
5490 /* Windows internal resolution for blocking locks seems
5491 to be about 200ms... Don't wait for less than that. JRA. */
5492 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
5493 lock_timeout = lp_lock_spin_time();
5498 /* This heuristic seems to match W2K3 very well. If a
5499 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
5500 it pretends we asked for a timeout of between 150 - 300 milliseconds as
5501 far as I can tell. Replacement for do_lock_spin(). JRA. */
5503 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
5504 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
5506 lock_timeout = lp_lock_spin_time();
5509 if (br_lck && defer_lock) {
5511 * A blocking lock was requested. Package up
5512 * this smb into a queued request and push it
5513 * onto the blocking lock queue.
5515 if(push_blocking_lock_request(br_lck,
5525 TALLOC_FREE(br_lck);
5526 END_PROFILE(SMBlockingX);
5531 TALLOC_FREE(br_lck);
5534 if (NT_STATUS_V(status)) {
5535 END_PROFILE(SMBlockingX);
5536 return ERROR_NT(status);
5540 /* If any of the above locks failed, then we must unlock
5541 all of the previous locks (X/Open spec). */
5543 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
5547 * Ensure we don't do a remove on the lock that just failed,
5548 * as under POSIX rules, if we have a lock already there, we
5549 * will delete it (and we shouldn't) .....
5551 for(i--; i >= 0; i--) {
5552 lock_pid = get_lock_pid( data, i, large_file_format);
5553 count = get_lock_count( data, i, large_file_format);
5554 offset = get_lock_offset( data, i, large_file_format,
5558 * There is no error code marked "stupid client
5562 END_PROFILE(SMBlockingX);
5563 return ERROR_DOS(ERRDOS,ERRnoaccess);
5572 END_PROFILE(SMBlockingX);
5573 return ERROR_NT(status);
5576 set_message(outbuf,2,0,True);
5578 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5579 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5581 END_PROFILE(SMBlockingX);
5582 return chain_reply(inbuf,outbuf,length,bufsize);
5586 #define DBGC_CLASS DBGC_ALL
5588 /****************************************************************************
5589 Reply to a SMBreadbmpx (read block multiplex) request.
5590 ****************************************************************************/
5592 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
5603 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5604 START_PROFILE(SMBreadBmpx);
5606 /* this function doesn't seem to work - disable by default */
5607 if (!lp_readbmpx()) {
5608 END_PROFILE(SMBreadBmpx);
5609 return ERROR_DOS(ERRSRV,ERRuseSTD);
5612 outsize = set_message(outbuf,8,0,True);
5614 CHECK_FSP(fsp,conn);
5615 if (!CHECK_READ(fsp,inbuf)) {
5616 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5619 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
5620 maxcount = SVAL(inbuf,smb_vwv3);
5622 data = smb_buf(outbuf);
5623 pad = ((long)data)%4;
5628 max_per_packet = bufsize-(outsize+pad);
5632 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
5633 END_PROFILE(SMBreadBmpx);
5634 return ERROR_DOS(ERRDOS,ERRlock);
5638 size_t N = MIN(max_per_packet,tcount-total_read);
5640 nread = read_file(fsp,data,startpos,N);
5645 if (nread < (ssize_t)N)
5646 tcount = total_read + nread;
5648 set_message(outbuf,8,nread+pad,False);
5649 SIVAL(outbuf,smb_vwv0,startpos);
5650 SSVAL(outbuf,smb_vwv2,tcount);
5651 SSVAL(outbuf,smb_vwv6,nread);
5652 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
5655 if (!send_smb(smbd_server_fd(),outbuf))
5656 exit_server_cleanly("reply_readbmpx: send_smb failed.");
5658 total_read += nread;
5660 } while (total_read < (ssize_t)tcount);
5662 END_PROFILE(SMBreadBmpx);
5666 /****************************************************************************
5667 Reply to a SMBsetattrE.
5668 ****************************************************************************/
5670 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5672 struct timespec ts[2];
5674 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5675 START_PROFILE(SMBsetattrE);
5677 outsize = set_message(outbuf,0,0,False);
5679 if(!fsp || (fsp->conn != conn)) {
5680 END_PROFILE(SMBsetattrE);
5681 return ERROR_DOS(ERRDOS,ERRbadfid);
5685 * Convert the DOS times into unix times. Ignore create
5686 * time as UNIX can't set this.
5689 ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */
5690 ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */
5693 * Patch from Ray Frush <frush@engr.colostate.edu>
5694 * Sometimes times are sent as zero - ignore them.
5697 if (null_timespec(ts[0]) && null_timespec(ts[1])) {
5698 /* Ignore request */
5699 if( DEBUGLVL( 3 ) ) {
5700 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
5701 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
5703 END_PROFILE(SMBsetattrE);
5705 } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) {
5706 /* set modify time = to access time if modify time was unset */
5710 /* Set the date on this file */
5711 /* Should we set pending modtime here ? JRA */
5712 if(file_ntimes(conn, fsp->fsp_name, ts)) {
5713 END_PROFILE(SMBsetattrE);
5714 return ERROR_DOS(ERRDOS,ERRnoaccess);
5717 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
5719 (unsigned int)ts[0].tv_sec,
5720 (unsigned int)ts[1].tv_sec));
5722 END_PROFILE(SMBsetattrE);
5727 /* Back from the dead for OS/2..... JRA. */
5729 /****************************************************************************
5730 Reply to a SMBwritebmpx (write block multiplex primary) request.
5731 ****************************************************************************/
5733 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5736 ssize_t nwritten = -1;
5743 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5744 START_PROFILE(SMBwriteBmpx);
5746 CHECK_FSP(fsp,conn);
5747 if (!CHECK_WRITE(fsp)) {
5748 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5750 if (HAS_CACHED_ERROR(fsp)) {
5751 return(CACHED_ERROR(fsp));
5754 tcount = SVAL(inbuf,smb_vwv1);
5755 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
5756 write_through = BITSETW(inbuf+smb_vwv7,0);
5757 numtowrite = SVAL(inbuf,smb_vwv10);
5758 smb_doff = SVAL(inbuf,smb_vwv11);
5760 data = smb_base(inbuf) + smb_doff;
5762 /* If this fails we need to send an SMBwriteC response,
5763 not an SMBwritebmpx - set this up now so we don't forget */
5764 SCVAL(outbuf,smb_com,SMBwritec);
5766 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
5767 END_PROFILE(SMBwriteBmpx);
5768 return(ERROR_DOS(ERRDOS,ERRlock));
5771 nwritten = write_file(fsp,data,startpos,numtowrite);
5773 sync_file(conn, fsp, write_through);
5775 if(nwritten < (ssize_t)numtowrite) {
5776 END_PROFILE(SMBwriteBmpx);
5777 return(UNIXERROR(ERRHRD,ERRdiskfull));
5780 /* If the maximum to be written to this file
5781 is greater than what we just wrote then set
5782 up a secondary struct to be attached to this
5783 fd, we will use this to cache error messages etc. */
5785 if((ssize_t)tcount > nwritten) {
5786 write_bmpx_struct *wbms;
5787 if(fsp->wbmpx_ptr != NULL)
5788 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
5790 wbms = SMB_MALLOC_P(write_bmpx_struct);
5792 DEBUG(0,("Out of memory in reply_readmpx\n"));
5793 END_PROFILE(SMBwriteBmpx);
5794 return(ERROR_DOS(ERRSRV,ERRnoresource));
5796 wbms->wr_mode = write_through;
5797 wbms->wr_discard = False; /* No errors yet */
5798 wbms->wr_total_written = nwritten;
5799 wbms->wr_errclass = 0;
5801 fsp->wbmpx_ptr = wbms;
5804 /* We are returning successfully, set the message type back to
5806 SCVAL(outbuf,smb_com,SMBwriteBmpx);
5808 outsize = set_message(outbuf,1,0,True);
5810 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
5812 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
5813 fsp->fnum, (int)numtowrite, (int)nwritten ) );
5815 if (write_through && tcount==nwritten) {
5816 /* We need to send both a primary and a secondary response */
5817 smb_setlen(outbuf,outsize - 4);
5819 if (!send_smb(smbd_server_fd(),outbuf))
5820 exit_server_cleanly("reply_writebmpx: send_smb failed.");
5822 /* Now the secondary */
5823 outsize = set_message(outbuf,1,0,True);
5824 SCVAL(outbuf,smb_com,SMBwritec);
5825 SSVAL(outbuf,smb_vwv0,nwritten);
5828 END_PROFILE(SMBwriteBmpx);
5832 /****************************************************************************
5833 Reply to a SMBwritebs (write block multiplex secondary) request.
5834 ****************************************************************************/
5836 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5839 ssize_t nwritten = -1;
5846 write_bmpx_struct *wbms;
5847 BOOL send_response = False;
5848 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5849 START_PROFILE(SMBwriteBs);
5851 CHECK_FSP(fsp,conn);
5852 if (!CHECK_WRITE(fsp)) {
5853 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5856 tcount = SVAL(inbuf,smb_vwv1);
5857 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
5858 numtowrite = SVAL(inbuf,smb_vwv6);
5859 smb_doff = SVAL(inbuf,smb_vwv7);
5861 data = smb_base(inbuf) + smb_doff;
5863 /* We need to send an SMBwriteC response, not an SMBwritebs */
5864 SCVAL(outbuf,smb_com,SMBwritec);
5866 /* This fd should have an auxiliary struct attached,
5867 check that it does */
5868 wbms = fsp->wbmpx_ptr;
5870 END_PROFILE(SMBwriteBs);
5874 /* If write through is set we can return errors, else we must cache them */
5875 write_through = wbms->wr_mode;
5877 /* Check for an earlier error */
5878 if(wbms->wr_discard) {
5879 END_PROFILE(SMBwriteBs);
5880 return -1; /* Just discard the packet */
5883 nwritten = write_file(fsp,data,startpos,numtowrite);
5885 sync_file(conn, fsp, write_through);
5887 if (nwritten < (ssize_t)numtowrite) {
5889 /* We are returning an error - we can delete the aux struct */
5892 fsp->wbmpx_ptr = NULL;
5893 END_PROFILE(SMBwriteBs);
5894 return(ERROR_DOS(ERRHRD,ERRdiskfull));
5896 wbms->wr_errclass = ERRHRD;
5897 wbms->wr_error = ERRdiskfull;
5898 wbms->wr_status = NT_STATUS_DISK_FULL;
5899 wbms->wr_discard = True;
5900 END_PROFILE(SMBwriteBs);
5904 /* Increment the total written, if this matches tcount
5905 we can discard the auxiliary struct (hurrah !) and return a writeC */
5906 wbms->wr_total_written += nwritten;
5907 if(wbms->wr_total_written >= tcount) {
5908 if (write_through) {
5909 outsize = set_message(outbuf,1,0,True);
5910 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
5911 send_response = True;
5915 fsp->wbmpx_ptr = NULL;
5919 END_PROFILE(SMBwriteBs);
5923 END_PROFILE(SMBwriteBs);
5927 /****************************************************************************
5928 Reply to a SMBgetattrE.
5929 ****************************************************************************/
5931 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5933 SMB_STRUCT_STAT sbuf;
5936 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5937 START_PROFILE(SMBgetattrE);
5939 outsize = set_message(outbuf,11,0,True);
5941 if(!fsp || (fsp->conn != conn)) {
5942 END_PROFILE(SMBgetattrE);
5943 return ERROR_DOS(ERRDOS,ERRbadfid);
5946 /* Do an fstat on this file */
5947 if(fsp_stat(fsp, &sbuf)) {
5948 END_PROFILE(SMBgetattrE);
5949 return(UNIXERROR(ERRDOS,ERRnoaccess));
5952 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
5955 * Convert the times into dos times. Set create
5956 * date to be last modify date as UNIX doesn't save
5960 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
5961 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
5962 /* Should we check pending modtime here ? JRA */
5963 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
5966 SIVAL(outbuf,smb_vwv6,0);
5967 SIVAL(outbuf,smb_vwv8,0);
5969 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
5970 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
5971 SIVAL(outbuf,smb_vwv8,allocation_size);
5973 SSVAL(outbuf,smb_vwv10, mode);
5975 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
5977 END_PROFILE(SMBgetattrE);