2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!posix_path && !stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started = true;
86 start_of_name_component = false;
90 return NT_STATUS_OBJECT_NAME_INVALID;
94 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s,posix_path)) {
103 if ((d != path) && (*s != '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component = True;
110 *p_last_component_contains_wcard = False;
114 if (start_of_name_component) {
115 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d > path) && (*(d-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d--; d > path; d--) {
141 s += 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
157 if (*s <= 0x1f || *s == '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID;
166 *p_last_component_contains_wcard = True;
175 /* Get the size of the next MB character. */
176 next_codepoint(s,&siz);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER;
199 start_of_name_component = False;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS check_path_syntax(char *path)
215 return check_path_syntax_internal(path, False, &ignore);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
226 return check_path_syntax_internal(path, False, p_contains_wcard);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS check_path_syntax_posix(char *path)
238 return check_path_syntax_internal(path, True, &ignore);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
246 const char *base_ptr,
253 bool *contains_wcard)
259 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
263 *err = NT_STATUS_INVALID_PARAMETER;
267 *contains_wcard = False;
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(*pp_dest);
281 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX *ctx,
292 const char *base_ptr,
301 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
302 src_len, flags, err, &ignore);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
306 char **pp_dest, const char *src, int flags,
307 NTSTATUS *err, bool *contains_wcard)
309 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
310 pp_dest, src, smbreq_bufrem(req, src),
311 flags, err, contains_wcard);
314 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
315 char **pp_dest, const char *src, int flags,
319 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
320 flags, err, &ignore);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
330 if (!(fsp) || !(conn)) {
331 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
334 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
335 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct *conn, struct smb_request *req,
348 if (!check_fsp_open(conn, req, fsp)) {
351 if ((fsp)->is_directory) {
352 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
355 if ((fsp)->fh->fd == -1) {
356 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
359 (fsp)->num_smb_operations++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
371 if (!check_fsp_open(conn, req, fsp)) {
375 if (fsp->is_directory) {
379 if (fsp->fake_file_handle == NULL) {
383 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
387 if (fsp->fake_file_handle->private_data == NULL) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
401 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
402 && (req->vuid == (fsp)->vuid)) {
406 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
410 static bool netbios_session_retarget(const char *name, int name_type)
413 char *trim_name_type;
414 const char *retarget_parm;
417 int retarget_type = 0x20;
418 int retarget_port = 139;
419 struct sockaddr_storage retarget_addr;
420 struct sockaddr_in *in_addr;
424 if (get_socket_port(smbd_server_fd()) != 139) {
428 trim_name = talloc_strdup(talloc_tos(), name);
429 if (trim_name == NULL) {
432 trim_char(trim_name, ' ', ' ');
434 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
436 if (trim_name_type == NULL) {
440 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
441 trim_name_type, NULL);
442 if (retarget_parm == NULL) {
443 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
446 if (retarget_parm == NULL) {
450 retarget = talloc_strdup(trim_name, retarget_parm);
451 if (retarget == NULL) {
455 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
457 p = strchr(retarget, ':');
460 retarget_port = atoi(p);
463 p = strchr_m(retarget, '#');
466 sscanf(p, "%x", &retarget_type);
469 ret = resolve_name(retarget, &retarget_addr, retarget_type);
471 DEBUG(10, ("could not resolve %s\n", retarget));
475 if (retarget_addr.ss_family != AF_INET) {
476 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
480 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
482 _smb_setlen(outbuf, 6);
483 SCVAL(outbuf, 0, 0x84);
484 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
485 *(uint16_t *)(outbuf+8) = htons(retarget_port);
487 if (!srv_send_smb(smbd_server_fd(), (char *)outbuf, false, 0, false,
489 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
495 TALLOC_FREE(trim_name);
499 /****************************************************************************
500 Reply to a (netbios-level) special message.
501 ****************************************************************************/
503 void reply_special(char *inbuf)
505 int msg_type = CVAL(inbuf,0);
506 int msg_flags = CVAL(inbuf,1);
508 char name_type1, name_type2;
509 struct smbd_server_connection *sconn = smbd_server_conn;
512 * We only really use 4 bytes of the outbuf, but for the smb_setlen
513 * calculation & friends (srv_send_smb uses that) we need the full smb
516 char outbuf[smb_size];
520 memset(outbuf, '\0', sizeof(outbuf));
522 smb_setlen(outbuf,0);
525 case 0x81: /* session request */
527 if (sconn->nbt.got_session) {
528 exit_server_cleanly("multiple session request not permitted");
531 SCVAL(outbuf,0,0x82);
533 if (name_len(inbuf+4) > 50 ||
534 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
535 DEBUG(0,("Invalid name length in session request\n"));
538 name_type1 = name_extract(inbuf,4,name1);
539 name_type2 = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
540 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
541 name1, name_type1, name2, name_type2));
543 if (netbios_session_retarget(name1, name_type1)) {
544 exit_server_cleanly("retargeted client");
547 set_local_machine_name(name1, True);
548 set_remote_machine_name(name2, True);
550 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
551 get_local_machine_name(), get_remote_machine_name(),
554 if (name_type2 == 'R') {
555 /* We are being asked for a pathworks session ---
557 SCVAL(outbuf, 0,0x83);
561 /* only add the client's machine name to the list
562 of possibly valid usernames if we are operating
563 in share mode security */
564 if (lp_security() == SEC_SHARE) {
565 add_session_user(sconn, get_remote_machine_name());
568 reload_services(True);
571 sconn->nbt.got_session = true;
574 case 0x89: /* session keepalive request
575 (some old clients produce this?) */
576 SCVAL(outbuf,0,SMBkeepalive);
580 case 0x82: /* positive session response */
581 case 0x83: /* negative session response */
582 case 0x84: /* retarget session response */
583 DEBUG(0,("Unexpected session response\n"));
586 case SMBkeepalive: /* session keepalive */
591 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
592 msg_type, msg_flags));
594 srv_send_smb(smbd_server_fd(), outbuf, false, 0, false, NULL);
598 /****************************************************************************
600 conn POINTER CAN BE NULL HERE !
601 ****************************************************************************/
603 void reply_tcon(struct smb_request *req)
605 connection_struct *conn = req->conn;
607 char *service_buf = NULL;
608 char *password = NULL;
613 DATA_BLOB password_blob;
614 TALLOC_CTX *ctx = talloc_tos();
615 struct smbd_server_connection *sconn = smbd_server_conn;
617 START_PROFILE(SMBtcon);
619 if (req->buflen < 4) {
620 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
621 END_PROFILE(SMBtcon);
625 p = (const char *)req->buf + 1;
626 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
628 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
630 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
633 if (service_buf == NULL || password == NULL || dev == NULL) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
638 p = strrchr_m(service_buf,'\\');
642 service = service_buf;
645 password_blob = data_blob(password, pwlen+1);
647 conn = make_connection(sconn,service,password_blob,dev,
648 req->vuid,&nt_status);
651 data_blob_clear_free(&password_blob);
654 reply_nterror(req, nt_status);
655 END_PROFILE(SMBtcon);
659 reply_outbuf(req, 2, 0);
660 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
661 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
662 SSVAL(req->outbuf,smb_tid,conn->cnum);
664 DEBUG(3,("tcon service=%s cnum=%d\n",
665 service, conn->cnum));
667 END_PROFILE(SMBtcon);
671 /****************************************************************************
672 Reply to a tcon and X.
673 conn POINTER CAN BE NULL HERE !
674 ****************************************************************************/
676 void reply_tcon_and_X(struct smb_request *req)
678 connection_struct *conn = req->conn;
679 const char *service = NULL;
681 TALLOC_CTX *ctx = talloc_tos();
682 /* what the cleint thinks the device is */
683 char *client_devicetype = NULL;
684 /* what the server tells the client the share represents */
685 const char *server_devicetype;
691 struct smbd_server_connection *sconn = smbd_server_conn;
693 START_PROFILE(SMBtconX);
696 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
697 END_PROFILE(SMBtconX);
701 passlen = SVAL(req->vwv+3, 0);
702 tcon_flags = SVAL(req->vwv+2, 0);
704 /* we might have to close an old one */
705 if ((tcon_flags & 0x1) && conn) {
706 close_cnum(sconn, conn,req->vuid);
711 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
712 reply_doserror(req, ERRDOS, ERRbuftoosmall);
713 END_PROFILE(SMBtconX);
717 if (sconn->smb1.negprot.encrypted_passwords) {
718 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
719 if (lp_security() == SEC_SHARE) {
721 * Security = share always has a pad byte
722 * after the password.
724 p = (const char *)req->buf + passlen + 1;
726 p = (const char *)req->buf + passlen;
729 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
730 /* Ensure correct termination */
731 password.data[passlen]=0;
732 p = (const char *)req->buf + passlen + 1;
735 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
738 data_blob_clear_free(&password);
739 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
740 END_PROFILE(SMBtconX);
745 * the service name can be either: \\server\share
746 * or share directly like on the DELL PowerVault 705
749 q = strchr_m(path+2,'\\');
751 data_blob_clear_free(&password);
752 reply_doserror(req, ERRDOS, ERRnosuchshare);
753 END_PROFILE(SMBtconX);
761 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
762 &client_devicetype, p,
763 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
765 if (client_devicetype == NULL) {
766 data_blob_clear_free(&password);
767 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
768 END_PROFILE(SMBtconX);
772 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
774 conn = make_connection(sconn, service, password, client_devicetype,
775 req->vuid, &nt_status);
778 data_blob_clear_free(&password);
781 reply_nterror(req, nt_status);
782 END_PROFILE(SMBtconX);
787 server_devicetype = "IPC";
788 else if ( IS_PRINT(conn) )
789 server_devicetype = "LPT1:";
791 server_devicetype = "A:";
793 if (Protocol < PROTOCOL_NT1) {
794 reply_outbuf(req, 2, 0);
795 if (message_push_string(&req->outbuf, server_devicetype,
796 STR_TERMINATE|STR_ASCII) == -1) {
797 reply_nterror(req, NT_STATUS_NO_MEMORY);
798 END_PROFILE(SMBtconX);
802 /* NT sets the fstype of IPC$ to the null string */
803 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
805 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
806 /* Return permissions. */
810 reply_outbuf(req, 7, 0);
813 perm1 = FILE_ALL_ACCESS;
814 perm2 = FILE_ALL_ACCESS;
816 perm1 = CAN_WRITE(conn) ?
821 SIVAL(req->outbuf, smb_vwv3, perm1);
822 SIVAL(req->outbuf, smb_vwv5, perm2);
824 reply_outbuf(req, 3, 0);
827 if ((message_push_string(&req->outbuf, server_devicetype,
828 STR_TERMINATE|STR_ASCII) == -1)
829 || (message_push_string(&req->outbuf, fstype,
830 STR_TERMINATE) == -1)) {
831 reply_nterror(req, NT_STATUS_NO_MEMORY);
832 END_PROFILE(SMBtconX);
836 /* what does setting this bit do? It is set by NT4 and
837 may affect the ability to autorun mounted cdroms */
838 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
839 (lp_csc_policy(SNUM(conn)) << 2));
841 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
842 DEBUG(2,("Serving %s as a Dfs root\n",
843 lp_servicename(SNUM(conn)) ));
844 SSVAL(req->outbuf, smb_vwv2,
845 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
850 DEBUG(3,("tconX service=%s \n",
853 /* set the incoming and outgoing tid to the just created one */
854 SSVAL(req->inbuf,smb_tid,conn->cnum);
855 SSVAL(req->outbuf,smb_tid,conn->cnum);
857 END_PROFILE(SMBtconX);
863 /****************************************************************************
864 Reply to an unknown type.
865 ****************************************************************************/
867 void reply_unknown_new(struct smb_request *req, uint8 type)
869 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
870 smb_fn_name(type), type, type));
871 reply_doserror(req, ERRSRV, ERRunknownsmb);
875 /****************************************************************************
877 conn POINTER CAN BE NULL HERE !
878 ****************************************************************************/
880 void reply_ioctl(struct smb_request *req)
882 connection_struct *conn = req->conn;
889 START_PROFILE(SMBioctl);
892 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
893 END_PROFILE(SMBioctl);
897 device = SVAL(req->vwv+1, 0);
898 function = SVAL(req->vwv+2, 0);
899 ioctl_code = (device << 16) + function;
901 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
903 switch (ioctl_code) {
904 case IOCTL_QUERY_JOB_INFO:
908 reply_doserror(req, ERRSRV, ERRnosupport);
909 END_PROFILE(SMBioctl);
913 reply_outbuf(req, 8, replysize+1);
914 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
915 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
916 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
917 p = smb_buf(req->outbuf);
918 memset(p, '\0', replysize+1); /* valgrind-safe. */
919 p += 1; /* Allow for alignment */
921 switch (ioctl_code) {
922 case IOCTL_QUERY_JOB_INFO:
924 files_struct *fsp = file_fsp(
925 req, SVAL(req->vwv+0, 0));
927 reply_doserror(req, ERRDOS, ERRbadfid);
928 END_PROFILE(SMBioctl);
931 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
932 srvstr_push((char *)req->outbuf, req->flags2, p+2,
934 STR_TERMINATE|STR_ASCII);
936 srvstr_push((char *)req->outbuf, req->flags2,
937 p+18, lp_servicename(SNUM(conn)),
938 13, STR_TERMINATE|STR_ASCII);
946 END_PROFILE(SMBioctl);
950 /****************************************************************************
951 Strange checkpath NTSTATUS mapping.
952 ****************************************************************************/
954 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
956 /* Strange DOS error code semantics only for checkpath... */
957 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
958 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
959 /* We need to map to ERRbadpath */
960 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
966 /****************************************************************************
967 Reply to a checkpath.
968 ****************************************************************************/
970 void reply_checkpath(struct smb_request *req)
972 connection_struct *conn = req->conn;
973 struct smb_filename *smb_fname = NULL;
976 TALLOC_CTX *ctx = talloc_tos();
978 START_PROFILE(SMBcheckpath);
980 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
981 STR_TERMINATE, &status);
983 if (!NT_STATUS_IS_OK(status)) {
984 status = map_checkpath_error(req->flags2, status);
985 reply_nterror(req, status);
986 END_PROFILE(SMBcheckpath);
990 status = resolve_dfspath(ctx, conn,
991 req->flags2 & FLAGS2_DFS_PATHNAMES,
994 if (!NT_STATUS_IS_OK(status)) {
995 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
996 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
998 END_PROFILE(SMBcheckpath);
1004 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1006 status = unix_convert(ctx, conn, name, &smb_fname, 0);
1007 if (!NT_STATUS_IS_OK(status)) {
1011 status = get_full_smb_filename(ctx, smb_fname, &name);
1012 if (!NT_STATUS_IS_OK(status)) {
1016 status = check_name(conn, name);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
1022 if (!VALID_STAT(smb_fname->st) &&
1023 (SMB_VFS_STAT(conn, name, &smb_fname->st) != 0)) {
1024 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
1025 status = map_nt_error_from_unix(errno);
1029 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1030 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1031 ERRDOS, ERRbadpath);
1035 reply_outbuf(req, 0, 0);
1037 TALLOC_FREE(smb_fname);
1038 END_PROFILE(SMBcheckpath);
1043 TALLOC_FREE(smb_fname);
1045 END_PROFILE(SMBcheckpath);
1047 /* We special case this - as when a Windows machine
1048 is parsing a path is steps through the components
1049 one at a time - if a component fails it expects
1050 ERRbadpath, not ERRbadfile.
1052 status = map_checkpath_error(req->flags2, status);
1053 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1055 * Windows returns different error codes if
1056 * the parent directory is valid but not the
1057 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1058 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1059 * if the path is invalid.
1061 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1062 ERRDOS, ERRbadpath);
1066 reply_nterror(req, status);
1069 /****************************************************************************
1071 ****************************************************************************/
1073 void reply_getatr(struct smb_request *req)
1075 connection_struct *conn = req->conn;
1076 struct smb_filename *smb_fname = NULL;
1083 TALLOC_CTX *ctx = talloc_tos();
1085 START_PROFILE(SMBgetatr);
1087 p = (const char *)req->buf + 1;
1088 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1089 if (!NT_STATUS_IS_OK(status)) {
1090 reply_nterror(req, status);
1094 status = resolve_dfspath(ctx, conn,
1095 req->flags2 & FLAGS2_DFS_PATHNAMES,
1098 if (!NT_STATUS_IS_OK(status)) {
1099 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1100 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1101 ERRSRV, ERRbadpath);
1104 reply_nterror(req, status);
1108 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1109 under WfWg - weird! */
1110 if (*fname == '\0') {
1111 mode = aHIDDEN | aDIR;
1112 if (!CAN_WRITE(conn)) {
1118 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1119 if (!NT_STATUS_IS_OK(status)) {
1120 reply_nterror(req, status);
1123 status = get_full_smb_filename(ctx, smb_fname, &fname);
1124 if (!NT_STATUS_IS_OK(status)) {
1125 reply_nterror(req, status);
1128 status = check_name(conn, fname);
1129 if (!NT_STATUS_IS_OK(status)) {
1130 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1131 reply_nterror(req, status);
1134 if (!VALID_STAT(smb_fname->st) &&
1135 (SMB_VFS_STAT(conn, fname, &smb_fname->st) != 0)) {
1136 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1137 reply_unixerror(req, ERRDOS,ERRbadfile);
1141 mode = dos_mode(conn, fname, &smb_fname->st);
1142 size = smb_fname->st.st_ex_size;
1143 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1149 reply_outbuf(req, 10, 0);
1151 SSVAL(req->outbuf,smb_vwv0,mode);
1152 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1153 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1155 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1157 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1159 if (Protocol >= PROTOCOL_NT1) {
1160 SSVAL(req->outbuf, smb_flg2,
1161 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1164 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1167 TALLOC_FREE(smb_fname);
1168 END_PROFILE(SMBgetatr);
1172 /****************************************************************************
1174 ****************************************************************************/
1176 void reply_setatr(struct smb_request *req)
1178 struct smb_file_time ft;
1179 connection_struct *conn = req->conn;
1180 struct smb_filename *smb_fname = NULL;
1186 TALLOC_CTX *ctx = talloc_tos();
1188 START_PROFILE(SMBsetatr);
1193 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1197 p = (const char *)req->buf + 1;
1198 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1199 if (!NT_STATUS_IS_OK(status)) {
1200 reply_nterror(req, status);
1204 status = resolve_dfspath(ctx, conn,
1205 req->flags2 & FLAGS2_DFS_PATHNAMES,
1208 if (!NT_STATUS_IS_OK(status)) {
1209 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1210 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1211 ERRSRV, ERRbadpath);
1214 reply_nterror(req, status);
1218 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1219 if (!NT_STATUS_IS_OK(status)) {
1220 reply_nterror(req, status);
1224 status = get_full_smb_filename(ctx, smb_fname, &fname);
1225 if (!NT_STATUS_IS_OK(status)) {
1226 reply_nterror(req, status);
1230 status = check_name(conn, fname);
1231 if (!NT_STATUS_IS_OK(status)) {
1232 reply_nterror(req, status);
1236 if (fname[0] == '.' && fname[1] == '\0') {
1238 * Not sure here is the right place to catch this
1239 * condition. Might be moved to somewhere else later -- vl
1241 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1245 mode = SVAL(req->vwv+0, 0);
1246 mtime = srv_make_unix_date3(req->vwv+1);
1248 ft.mtime = convert_time_t_to_timespec(mtime);
1249 status = smb_set_file_time(conn, NULL, fname,
1250 &smb_fname->st, &ft, true);
1251 if (!NT_STATUS_IS_OK(status)) {
1252 reply_unixerror(req, ERRDOS, ERRnoaccess);
1256 if (mode != FILE_ATTRIBUTE_NORMAL) {
1257 if (VALID_STAT_OF_DIR(smb_fname->st))
1262 if (file_set_dosmode(conn, fname, mode, &smb_fname->st, NULL,
1264 reply_unixerror(req, ERRDOS, ERRnoaccess);
1269 reply_outbuf(req, 0, 0);
1271 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1273 TALLOC_FREE(smb_fname);
1274 END_PROFILE(SMBsetatr);
1278 /****************************************************************************
1280 ****************************************************************************/
1282 void reply_dskattr(struct smb_request *req)
1284 connection_struct *conn = req->conn;
1285 uint64_t dfree,dsize,bsize;
1286 START_PROFILE(SMBdskattr);
1288 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1289 reply_unixerror(req, ERRHRD, ERRgeneral);
1290 END_PROFILE(SMBdskattr);
1294 reply_outbuf(req, 5, 0);
1296 if (Protocol <= PROTOCOL_LANMAN2) {
1297 double total_space, free_space;
1298 /* we need to scale this to a number that DOS6 can handle. We
1299 use floating point so we can handle large drives on systems
1300 that don't have 64 bit integers
1302 we end up displaying a maximum of 2G to DOS systems
1304 total_space = dsize * (double)bsize;
1305 free_space = dfree * (double)bsize;
1307 dsize = (uint64_t)((total_space+63*512) / (64*512));
1308 dfree = (uint64_t)((free_space+63*512) / (64*512));
1310 if (dsize > 0xFFFF) dsize = 0xFFFF;
1311 if (dfree > 0xFFFF) dfree = 0xFFFF;
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1315 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1318 SSVAL(req->outbuf,smb_vwv0,dsize);
1319 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1320 SSVAL(req->outbuf,smb_vwv2,512);
1321 SSVAL(req->outbuf,smb_vwv3,dfree);
1324 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1326 END_PROFILE(SMBdskattr);
1330 /****************************************************************************
1332 Can be called from SMBsearch, SMBffirst or SMBfunique.
1333 ****************************************************************************/
1335 void reply_search(struct smb_request *req)
1337 connection_struct *conn = req->conn;
1338 const char *mask = NULL;
1339 char *directory = NULL;
1343 struct timespec date;
1345 unsigned int numentries = 0;
1346 unsigned int maxentries = 0;
1347 bool finished = False;
1353 bool check_descend = False;
1354 bool expect_close = False;
1356 bool mask_contains_wcard = False;
1357 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1358 TALLOC_CTX *ctx = talloc_tos();
1359 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1361 START_PROFILE(SMBsearch);
1364 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1365 END_PROFILE(SMBsearch);
1369 if (lp_posix_pathnames()) {
1370 reply_unknown_new(req, req->cmd);
1371 END_PROFILE(SMBsearch);
1375 /* If we were called as SMBffirst then we must expect close. */
1376 if(req->cmd == SMBffirst) {
1377 expect_close = True;
1380 reply_outbuf(req, 1, 3);
1381 maxentries = SVAL(req->vwv+0, 0);
1382 dirtype = SVAL(req->vwv+1, 0);
1383 p = (const char *)req->buf + 1;
1384 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1385 &nt_status, &mask_contains_wcard);
1386 if (!NT_STATUS_IS_OK(nt_status)) {
1387 reply_nterror(req, nt_status);
1388 END_PROFILE(SMBsearch);
1392 nt_status = resolve_dfspath_wcard(ctx, conn,
1393 req->flags2 & FLAGS2_DFS_PATHNAMES,
1396 &mask_contains_wcard);
1397 if (!NT_STATUS_IS_OK(nt_status)) {
1398 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1399 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1400 ERRSRV, ERRbadpath);
1401 END_PROFILE(SMBsearch);
1404 reply_nterror(req, nt_status);
1405 END_PROFILE(SMBsearch);
1410 status_len = SVAL(p, 0);
1413 /* dirtype &= ~aDIR; */
1415 if (status_len == 0) {
1416 struct smb_filename *smb_fname = NULL;
1418 nt_status = unix_convert(ctx, conn, path, &smb_fname,
1419 UCF_ALLOW_WCARD_LCOMP);
1420 if (!NT_STATUS_IS_OK(nt_status)) {
1421 reply_nterror(req, nt_status);
1422 END_PROFILE(SMBsearch);
1426 nt_status = get_full_smb_filename(ctx, smb_fname, &directory);
1427 TALLOC_FREE(smb_fname);
1428 if (!NT_STATUS_IS_OK(nt_status)) {
1429 reply_nterror(req, nt_status);
1430 END_PROFILE(SMBsearch);
1434 nt_status = check_name(conn, directory);
1435 if (!NT_STATUS_IS_OK(nt_status)) {
1436 reply_nterror(req, nt_status);
1437 END_PROFILE(SMBsearch);
1441 p = strrchr_m(directory,'/');
1442 if ((p != NULL) && (*directory != '/')) {
1444 directory = talloc_strndup(ctx, directory,
1445 PTR_DIFF(p, directory));
1448 directory = talloc_strdup(ctx,".");
1452 reply_nterror(req, NT_STATUS_NO_MEMORY);
1453 END_PROFILE(SMBsearch);
1457 memset((char *)status,'\0',21);
1458 SCVAL(status,0,(dirtype & 0x1F));
1460 nt_status = dptr_create(conn,
1466 mask_contains_wcard,
1469 if (!NT_STATUS_IS_OK(nt_status)) {
1470 reply_nterror(req, nt_status);
1471 END_PROFILE(SMBsearch);
1474 dptr_num = dptr_dnum(conn->dirptr);
1478 memcpy(status,p,21);
1479 status_dirtype = CVAL(status,0) & 0x1F;
1480 if (status_dirtype != (dirtype & 0x1F)) {
1481 dirtype = status_dirtype;
1484 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1485 if (!conn->dirptr) {
1488 string_set(&conn->dirpath,dptr_path(dptr_num));
1489 mask = dptr_wcard(dptr_num);
1494 * For a 'continue' search we have no string. So
1495 * check from the initial saved string.
1497 mask_contains_wcard = ms_has_wild(mask);
1498 dirtype = dptr_attr(dptr_num);
1501 DEBUG(4,("dptr_num is %d\n",dptr_num));
1503 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1504 dptr_init_search_op(conn->dirptr);
1506 if ((dirtype&0x1F) == aVOLID) {
1507 char buf[DIR_STRUCT_SIZE];
1508 memcpy(buf,status,21);
1509 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1510 0,aVOLID,0,!allow_long_path_components)) {
1511 reply_nterror(req, NT_STATUS_NO_MEMORY);
1512 END_PROFILE(SMBsearch);
1515 dptr_fill(buf+12,dptr_num);
1516 if (dptr_zero(buf+12) && (status_len==0)) {
1521 if (message_push_blob(&req->outbuf,
1522 data_blob_const(buf, sizeof(buf)))
1524 reply_nterror(req, NT_STATUS_NO_MEMORY);
1525 END_PROFILE(SMBsearch);
1533 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1536 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1537 conn->dirpath,lp_dontdescend(SNUM(conn))));
1538 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1539 check_descend = True;
1542 for (i=numentries;(i<maxentries) && !finished;i++) {
1543 finished = !get_dir_entry(ctx,
1554 char buf[DIR_STRUCT_SIZE];
1555 memcpy(buf,status,21);
1556 if (!make_dir_struct(ctx,
1562 convert_timespec_to_time_t(date),
1563 !allow_long_path_components)) {
1564 reply_nterror(req, NT_STATUS_NO_MEMORY);
1565 END_PROFILE(SMBsearch);
1568 if (!dptr_fill(buf+12,dptr_num)) {
1571 if (message_push_blob(&req->outbuf,
1572 data_blob_const(buf, sizeof(buf)))
1574 reply_nterror(req, NT_STATUS_NO_MEMORY);
1575 END_PROFILE(SMBsearch);
1585 /* If we were called as SMBffirst with smb_search_id == NULL
1586 and no entries were found then return error and close dirptr
1589 if (numentries == 0) {
1590 dptr_close(&dptr_num);
1591 } else if(expect_close && status_len == 0) {
1592 /* Close the dptr - we know it's gone */
1593 dptr_close(&dptr_num);
1596 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1597 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1598 dptr_close(&dptr_num);
1601 if ((numentries == 0) && !mask_contains_wcard) {
1602 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1603 END_PROFILE(SMBsearch);
1607 SSVAL(req->outbuf,smb_vwv0,numentries);
1608 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1609 SCVAL(smb_buf(req->outbuf),0,5);
1610 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1612 /* The replies here are never long name. */
1613 SSVAL(req->outbuf, smb_flg2,
1614 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1615 if (!allow_long_path_components) {
1616 SSVAL(req->outbuf, smb_flg2,
1617 SVAL(req->outbuf, smb_flg2)
1618 & (~FLAGS2_LONG_PATH_COMPONENTS));
1621 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1622 SSVAL(req->outbuf, smb_flg2,
1623 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1626 directory = dptr_path(dptr_num);
1629 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1630 smb_fn_name(req->cmd),
1632 directory ? directory : "./",
1637 END_PROFILE(SMBsearch);
1641 /****************************************************************************
1642 Reply to a fclose (stop directory search).
1643 ****************************************************************************/
1645 void reply_fclose(struct smb_request *req)
1653 bool path_contains_wcard = False;
1654 TALLOC_CTX *ctx = talloc_tos();
1656 START_PROFILE(SMBfclose);
1658 if (lp_posix_pathnames()) {
1659 reply_unknown_new(req, req->cmd);
1660 END_PROFILE(SMBfclose);
1664 p = (const char *)req->buf + 1;
1665 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1666 &err, &path_contains_wcard);
1667 if (!NT_STATUS_IS_OK(err)) {
1668 reply_nterror(req, err);
1669 END_PROFILE(SMBfclose);
1673 status_len = SVAL(p,0);
1676 if (status_len == 0) {
1677 reply_doserror(req, ERRSRV, ERRsrverror);
1678 END_PROFILE(SMBfclose);
1682 memcpy(status,p,21);
1684 if(dptr_fetch(status+12,&dptr_num)) {
1685 /* Close the dptr - we know it's gone */
1686 dptr_close(&dptr_num);
1689 reply_outbuf(req, 1, 0);
1690 SSVAL(req->outbuf,smb_vwv0,0);
1692 DEBUG(3,("search close\n"));
1694 END_PROFILE(SMBfclose);
1698 /****************************************************************************
1700 ****************************************************************************/
1702 void reply_open(struct smb_request *req)
1704 connection_struct *conn = req->conn;
1705 struct smb_filename *smb_fname = NULL;
1717 uint32 create_disposition;
1718 uint32 create_options = 0;
1720 TALLOC_CTX *ctx = talloc_tos();
1722 START_PROFILE(SMBopen);
1725 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1729 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1730 deny_mode = SVAL(req->vwv+0, 0);
1731 dos_attr = SVAL(req->vwv+1, 0);
1733 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1734 STR_TERMINATE, &status);
1735 if (!NT_STATUS_IS_OK(status)) {
1736 reply_nterror(req, status);
1740 if (!map_open_params_to_ntcreate(
1741 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1742 &share_mode, &create_disposition, &create_options)) {
1743 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1744 END_PROFILE(SMBopen);
1748 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1749 if (!NT_STATUS_IS_OK(status)) {
1750 reply_nterror(req, status);
1754 status = get_full_smb_filename(ctx, smb_fname, &fname);
1755 if (!NT_STATUS_IS_OK(status)) {
1756 reply_nterror(req, status);
1760 status = SMB_VFS_CREATE_FILE(
1763 0, /* root_dir_fid */
1765 0, /* create_file_flags */
1766 access_mask, /* access_mask */
1767 share_mode, /* share_access */
1768 create_disposition, /* create_disposition*/
1769 create_options, /* create_options */
1770 dos_attr, /* file_attributes */
1771 oplock_request, /* oplock_request */
1772 0, /* allocation_size */
1777 &smb_fname->st); /* psbuf */
1779 if (!NT_STATUS_IS_OK(status)) {
1780 if (open_was_deferred(req->mid)) {
1781 /* We have re-scheduled this call. */
1784 reply_openerror(req, status);
1788 size = smb_fname->st.st_ex_size;
1789 fattr = dos_mode(conn,fsp->fsp_name,&smb_fname->st);
1790 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1793 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1794 close_file(req, fsp, ERROR_CLOSE);
1795 reply_doserror(req, ERRDOS,ERRnoaccess);
1799 reply_outbuf(req, 7, 0);
1800 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1801 SSVAL(req->outbuf,smb_vwv1,fattr);
1802 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1803 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1805 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1807 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1808 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1810 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1811 SCVAL(req->outbuf,smb_flg,
1812 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1815 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1816 SCVAL(req->outbuf,smb_flg,
1817 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1820 TALLOC_FREE(smb_fname);
1821 END_PROFILE(SMBopen);
1825 /****************************************************************************
1826 Reply to an open and X.
1827 ****************************************************************************/
1829 void reply_open_and_X(struct smb_request *req)
1831 connection_struct *conn = req->conn;
1832 struct smb_filename *smb_fname = NULL;
1837 /* Breakout the oplock request bits so we can set the
1838 reply bits separately. */
1839 int ex_oplock_request;
1840 int core_oplock_request;
1843 int smb_sattr = SVAL(req->vwv+4, 0);
1844 uint32 smb_time = make_unix_date3(req->vwv+6);
1852 uint64_t allocation_size;
1853 ssize_t retval = -1;
1856 uint32 create_disposition;
1857 uint32 create_options = 0;
1858 TALLOC_CTX *ctx = talloc_tos();
1860 START_PROFILE(SMBopenX);
1862 if (req->wct < 15) {
1863 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1867 open_flags = SVAL(req->vwv+2, 0);
1868 deny_mode = SVAL(req->vwv+3, 0);
1869 smb_attr = SVAL(req->vwv+5, 0);
1870 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1871 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1872 oplock_request = ex_oplock_request | core_oplock_request;
1873 smb_ofun = SVAL(req->vwv+8, 0);
1874 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1876 /* If it's an IPC, pass off the pipe handler. */
1878 if (lp_nt_pipe_support()) {
1879 reply_open_pipe_and_X(conn, req);
1881 reply_doserror(req, ERRSRV, ERRaccess);
1886 /* XXXX we need to handle passed times, sattr and flags */
1887 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1888 STR_TERMINATE, &status);
1889 if (!NT_STATUS_IS_OK(status)) {
1890 reply_nterror(req, status);
1894 if (!map_open_params_to_ntcreate(
1895 fname, deny_mode, smb_ofun, &access_mask,
1896 &share_mode, &create_disposition, &create_options)) {
1897 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1901 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
1902 if (!NT_STATUS_IS_OK(status)) {
1903 reply_nterror(req, status);
1907 status = get_full_smb_filename(ctx, smb_fname, &fname);
1908 if (!NT_STATUS_IS_OK(status)) {
1909 reply_nterror(req, status);
1913 status = SMB_VFS_CREATE_FILE(
1916 0, /* root_dir_fid */
1918 0, /* create_file_flags */
1919 access_mask, /* access_mask */
1920 share_mode, /* share_access */
1921 create_disposition, /* create_disposition*/
1922 create_options, /* create_options */
1923 smb_attr, /* file_attributes */
1924 oplock_request, /* oplock_request */
1925 0, /* allocation_size */
1929 &smb_action, /* pinfo */
1930 &smb_fname->st); /* psbuf */
1932 if (!NT_STATUS_IS_OK(status)) {
1933 if (open_was_deferred(req->mid)) {
1934 /* We have re-scheduled this call. */
1937 reply_openerror(req, status);
1941 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1942 if the file is truncated or created. */
1943 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1944 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1945 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1946 close_file(req, fsp, ERROR_CLOSE);
1947 reply_nterror(req, NT_STATUS_DISK_FULL);
1950 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1952 close_file(req, fsp, ERROR_CLOSE);
1953 reply_nterror(req, NT_STATUS_DISK_FULL);
1956 smb_fname->st.st_ex_size =
1957 SMB_VFS_GET_ALLOC_SIZE(conn, fsp, &smb_fname->st);
1960 fattr = dos_mode(conn,fsp->fsp_name,&smb_fname->st);
1961 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1963 close_file(req, fsp, ERROR_CLOSE);
1964 reply_doserror(req, ERRDOS, ERRnoaccess);
1968 /* If the caller set the extended oplock request bit
1969 and we granted one (by whatever means) - set the
1970 correct bit for extended oplock reply.
1973 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1974 smb_action |= EXTENDED_OPLOCK_GRANTED;
1977 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1978 smb_action |= EXTENDED_OPLOCK_GRANTED;
1981 /* If the caller set the core oplock request bit
1982 and we granted one (by whatever means) - set the
1983 correct bit for core oplock reply.
1986 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1987 reply_outbuf(req, 19, 0);
1989 reply_outbuf(req, 15, 0);
1992 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1993 SCVAL(req->outbuf, smb_flg,
1994 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1997 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1998 SCVAL(req->outbuf, smb_flg,
1999 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2002 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2003 SSVAL(req->outbuf,smb_vwv3,fattr);
2004 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2005 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2007 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2009 SIVAL(req->outbuf,smb_vwv6,(uint32)smb_fname->st.st_ex_size);
2010 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2011 SSVAL(req->outbuf,smb_vwv11,smb_action);
2013 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2014 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
2019 TALLOC_FREE(smb_fname);
2020 END_PROFILE(SMBopenX);
2024 /****************************************************************************
2025 Reply to a SMBulogoffX.
2026 ****************************************************************************/
2028 void reply_ulogoffX(struct smb_request *req)
2030 struct smbd_server_connection *sconn = smbd_server_conn;
2033 START_PROFILE(SMBulogoffX);
2035 vuser = get_valid_user_struct(sconn, req->vuid);
2038 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2042 /* in user level security we are supposed to close any files
2043 open by this user */
2044 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2045 file_close_user(req->vuid);
2048 invalidate_vuid(sconn, req->vuid);
2050 reply_outbuf(req, 2, 0);
2052 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2054 END_PROFILE(SMBulogoffX);
2058 /****************************************************************************
2059 Reply to a mknew or a create.
2060 ****************************************************************************/
2062 void reply_mknew(struct smb_request *req)
2064 connection_struct *conn = req->conn;
2065 struct smb_filename *smb_fname = NULL;
2068 struct smb_file_time ft;
2070 int oplock_request = 0;
2072 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2073 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2074 uint32 create_disposition;
2075 uint32 create_options = 0;
2076 TALLOC_CTX *ctx = talloc_tos();
2078 START_PROFILE(SMBcreate);
2082 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2086 fattr = SVAL(req->vwv+0, 0);
2087 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2090 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2092 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2093 STR_TERMINATE, &status);
2094 if (!NT_STATUS_IS_OK(status)) {
2095 reply_nterror(req, status);
2099 if (fattr & aVOLID) {
2100 DEBUG(0,("Attempt to create file (%s) with volid set - "
2101 "please report this\n", fname));
2104 if(req->cmd == SMBmknew) {
2105 /* We should fail if file exists. */
2106 create_disposition = FILE_CREATE;
2108 /* Create if file doesn't exist, truncate if it does. */
2109 create_disposition = FILE_OVERWRITE_IF;
2112 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
2113 if (!NT_STATUS_IS_OK(status)) {
2114 reply_nterror(req, status);
2118 status = get_full_smb_filename(ctx, smb_fname, &fname);
2119 if (!NT_STATUS_IS_OK(status)) {
2120 reply_nterror(req, status);
2124 status = SMB_VFS_CREATE_FILE(
2127 0, /* root_dir_fid */
2129 0, /* create_file_flags */
2130 access_mask, /* access_mask */
2131 share_mode, /* share_access */
2132 create_disposition, /* create_disposition*/
2133 create_options, /* create_options */
2134 fattr, /* file_attributes */
2135 oplock_request, /* oplock_request */
2136 0, /* allocation_size */
2141 &smb_fname->st); /* psbuf */
2143 if (!NT_STATUS_IS_OK(status)) {
2144 if (open_was_deferred(req->mid)) {
2145 /* We have re-scheduled this call. */
2148 reply_openerror(req, status);
2152 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2153 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &smb_fname->st,
2155 if (!NT_STATUS_IS_OK(status)) {
2156 END_PROFILE(SMBcreate);
2160 reply_outbuf(req, 1, 0);
2161 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2163 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2164 SCVAL(req->outbuf,smb_flg,
2165 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2168 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2169 SCVAL(req->outbuf,smb_flg,
2170 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2173 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2174 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2175 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2178 TALLOC_FREE(smb_fname);
2179 END_PROFILE(SMBcreate);
2183 /****************************************************************************
2184 Reply to a create temporary file.
2185 ****************************************************************************/
2187 void reply_ctemp(struct smb_request *req)
2189 connection_struct *conn = req->conn;
2190 struct smb_filename *smb_fname = NULL;
2198 TALLOC_CTX *ctx = talloc_tos();
2200 START_PROFILE(SMBctemp);
2203 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2207 fattr = SVAL(req->vwv+0, 0);
2208 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2210 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2211 STR_TERMINATE, &status);
2212 if (!NT_STATUS_IS_OK(status)) {
2213 reply_nterror(req, status);
2217 fname = talloc_asprintf(ctx,
2221 fname = talloc_strdup(ctx, "TMXXXXXX");
2225 reply_nterror(req, NT_STATUS_NO_MEMORY);
2229 status = resolve_dfspath(ctx, conn,
2230 req->flags2 & FLAGS2_DFS_PATHNAMES,
2233 if (!NT_STATUS_IS_OK(status)) {
2234 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2235 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2236 ERRSRV, ERRbadpath);
2239 reply_nterror(req, status);
2243 status = unix_convert(ctx, conn, fname, &smb_fname, 0);
2244 if (!NT_STATUS_IS_OK(status)) {
2245 reply_nterror(req, status);
2249 status = get_full_smb_filename(ctx, smb_fname, &fname);
2250 if (!NT_STATUS_IS_OK(status)) {
2251 reply_nterror(req, status);
2255 status = check_name(conn, fname);
2256 if (!NT_STATUS_IS_OK(status)) {
2257 reply_nterror(req, status);
2261 tmpfd = mkstemp(fname);
2263 reply_unixerror(req, ERRDOS, ERRnoaccess);
2267 SET_STAT_INVALID(smb_fname->st);
2268 SMB_VFS_STAT(conn, fname, &smb_fname->st);
2270 /* We should fail if file does not exist. */
2271 status = SMB_VFS_CREATE_FILE(
2274 0, /* root_dir_fid */
2276 0, /* create_file_flags */
2277 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2278 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2279 FILE_OPEN, /* create_disposition*/
2280 0, /* create_options */
2281 fattr, /* file_attributes */
2282 oplock_request, /* oplock_request */
2283 0, /* allocation_size */
2288 &smb_fname->st); /* psbuf */
2290 /* close fd from mkstemp() */
2293 if (!NT_STATUS_IS_OK(status)) {
2294 if (open_was_deferred(req->mid)) {
2295 /* We have re-scheduled this call. */
2298 reply_openerror(req, status);
2302 reply_outbuf(req, 1, 0);
2303 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2305 /* the returned filename is relative to the directory */
2306 s = strrchr_m(fsp->fsp_name, '/');
2314 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2315 thing in the byte section. JRA */
2316 SSVALS(p, 0, -1); /* what is this? not in spec */
2318 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2320 reply_nterror(req, NT_STATUS_NO_MEMORY);
2324 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2325 SCVAL(req->outbuf, smb_flg,
2326 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2329 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2330 SCVAL(req->outbuf, smb_flg,
2331 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2334 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2335 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2336 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2338 TALLOC_FREE(smb_fname);
2339 END_PROFILE(SMBctemp);
2343 /*******************************************************************
2344 Check if a user is allowed to rename a file.
2345 ********************************************************************/
2347 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2348 uint16 dirtype, SMB_STRUCT_STAT *pst)
2352 if (!CAN_WRITE(conn)) {
2353 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2356 fmode = dos_mode(conn, fsp->fsp_name, pst);
2357 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2358 return NT_STATUS_NO_SUCH_FILE;
2361 if (S_ISDIR(pst->st_ex_mode)) {
2362 if (fsp->posix_open) {
2363 return NT_STATUS_OK;
2366 /* If no pathnames are open below this
2367 directory, allow the rename. */
2369 if (file_find_subpath(fsp)) {
2370 return NT_STATUS_ACCESS_DENIED;
2372 return NT_STATUS_OK;
2375 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2376 return NT_STATUS_OK;
2379 return NT_STATUS_ACCESS_DENIED;
2382 /*******************************************************************
2383 * unlink a file with all relevant access checks
2384 *******************************************************************/
2386 static NTSTATUS do_unlink(connection_struct *conn,
2387 struct smb_request *req,
2391 SMB_STRUCT_STAT sbuf;
2394 uint32 dirtype_orig = dirtype;
2397 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2399 if (!CAN_WRITE(conn)) {
2400 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2403 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2404 return map_nt_error_from_unix(errno);
2407 fattr = dos_mode(conn,fname,&sbuf);
2409 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2410 dirtype = aDIR|aARCH|aRONLY;
2413 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2415 return NT_STATUS_NO_SUCH_FILE;
2418 if (!dir_check_ftype(conn, fattr, dirtype)) {
2420 return NT_STATUS_FILE_IS_A_DIRECTORY;
2422 return NT_STATUS_NO_SUCH_FILE;
2425 if (dirtype_orig & 0x8000) {
2426 /* These will never be set for POSIX. */
2427 return NT_STATUS_NO_SUCH_FILE;
2431 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2432 return NT_STATUS_FILE_IS_A_DIRECTORY;
2435 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2436 return NT_STATUS_NO_SUCH_FILE;
2439 if (dirtype & 0xFF00) {
2440 /* These will never be set for POSIX. */
2441 return NT_STATUS_NO_SUCH_FILE;
2446 return NT_STATUS_NO_SUCH_FILE;
2449 /* Can't delete a directory. */
2451 return NT_STATUS_FILE_IS_A_DIRECTORY;
2456 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2457 return NT_STATUS_OBJECT_NAME_INVALID;
2458 #endif /* JRATEST */
2460 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2462 On a Windows share, a file with read-only dosmode can be opened with
2463 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2464 fails with NT_STATUS_CANNOT_DELETE error.
2466 This semantic causes a problem that a user can not
2467 rename a file with read-only dosmode on a Samba share
2468 from a Windows command prompt (i.e. cmd.exe, but can rename
2469 from Windows Explorer).
2472 if (!lp_delete_readonly(SNUM(conn))) {
2473 if (fattr & aRONLY) {
2474 return NT_STATUS_CANNOT_DELETE;
2478 /* On open checks the open itself will check the share mode, so
2479 don't do it here as we'll get it wrong. */
2481 status = SMB_VFS_CREATE_FILE
2484 0, /* root_dir_fid */
2486 0, /* create_file_flags */
2487 DELETE_ACCESS, /* access_mask */
2488 FILE_SHARE_NONE, /* share_access */
2489 FILE_OPEN, /* create_disposition*/
2490 FILE_NON_DIRECTORY_FILE, /* create_options */
2491 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2492 0, /* oplock_request */
2493 0, /* allocation_size */
2500 if (!NT_STATUS_IS_OK(status)) {
2501 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2502 nt_errstr(status)));
2506 /* The set is across all open files on this dev/inode pair. */
2507 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2508 close_file(req, fsp, NORMAL_CLOSE);
2509 return NT_STATUS_ACCESS_DENIED;
2512 return close_file(req, fsp, NORMAL_CLOSE);
2515 /****************************************************************************
2516 The guts of the unlink command, split out so it may be called by the NT SMB
2518 ****************************************************************************/
2520 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2521 uint32 dirtype, const char *name_in, bool has_wild)
2523 struct smb_filename *smb_fname = NULL;
2524 const char *directory = NULL;
2529 NTSTATUS status = NT_STATUS_OK;
2531 TALLOC_CTX *ctx = talloc_tos();
2533 status = unix_convert(ctx, conn, name_in, &smb_fname,
2534 has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
2535 if (!NT_STATUS_IS_OK(status)) {
2539 status = get_full_smb_filename(ctx, smb_fname, &name);
2540 if (!NT_STATUS_IS_OK(status)) {
2541 TALLOC_FREE(smb_fname);
2545 p = strrchr_m(name,'/');
2547 directory = talloc_strdup(ctx, ".");
2549 TALLOC_FREE(smb_fname);
2550 return NT_STATUS_NO_MEMORY;
2560 * We should only check the mangled cache
2561 * here if unix_convert failed. This means
2562 * that the path in 'mask' doesn't exist
2563 * on the file system and so we need to look
2564 * for a possible mangle. This patch from
2565 * Tine Smukavec <valentin.smukavec@hermes.si>.
2568 if (!VALID_STAT(smb_fname->st) && mangle_is_mangled(mask,conn->params)) {
2569 char *new_mask = NULL;
2570 mangle_lookup_name_from_8_3(ctx,
2578 TALLOC_FREE(smb_fname);
2581 directory = talloc_asprintf(ctx,
2586 return NT_STATUS_NO_MEMORY;
2589 dirtype = FILE_ATTRIBUTE_NORMAL;
2592 status = check_name(conn, directory);
2593 if (!NT_STATUS_IS_OK(status)) {
2597 status = do_unlink(conn, req, directory, dirtype);
2598 if (!NT_STATUS_IS_OK(status)) {
2604 struct smb_Dir *dir_hnd = NULL;
2608 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2609 return NT_STATUS_OBJECT_NAME_INVALID;
2612 if (strequal(mask,"????????.???")) {
2617 status = check_name(conn, directory);
2618 if (!NT_STATUS_IS_OK(status)) {
2622 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2624 if (dir_hnd == NULL) {
2625 return map_nt_error_from_unix(errno);
2628 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2629 the pattern matches against the long name, otherwise the short name
2630 We don't implement this yet XXXX
2633 status = NT_STATUS_NO_SUCH_FILE;
2635 while ((dname = ReadDirName(dir_hnd, &offset, &st))) {
2638 if (!is_visible_file(conn, directory, dname, &st,
2644 /* Quick check for "." and ".." */
2645 if (ISDOT(dname) || ISDOTDOT(dname)) {
2649 if(!mask_match(dname, mask, conn->case_sensitive)) {
2653 fname = talloc_asprintf(ctx, "%s/%s",
2657 return NT_STATUS_NO_MEMORY;
2660 status = check_name(conn, fname);
2661 if (!NT_STATUS_IS_OK(status)) {
2662 TALLOC_FREE(dir_hnd);
2666 status = do_unlink(conn, req, fname, dirtype);
2667 if (!NT_STATUS_IS_OK(status)) {
2673 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2678 TALLOC_FREE(dir_hnd);
2681 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2682 status = map_nt_error_from_unix(errno);
2688 /****************************************************************************
2690 ****************************************************************************/
2692 void reply_unlink(struct smb_request *req)
2694 connection_struct *conn = req->conn;
2698 bool path_contains_wcard = False;
2699 TALLOC_CTX *ctx = talloc_tos();
2701 START_PROFILE(SMBunlink);
2704 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2705 END_PROFILE(SMBunlink);
2709 dirtype = SVAL(req->vwv+0, 0);
2711 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2712 STR_TERMINATE, &status,
2713 &path_contains_wcard);
2714 if (!NT_STATUS_IS_OK(status)) {
2715 reply_nterror(req, status);
2716 END_PROFILE(SMBunlink);
2720 status = resolve_dfspath_wcard(ctx, conn,
2721 req->flags2 & FLAGS2_DFS_PATHNAMES,
2724 &path_contains_wcard);
2725 if (!NT_STATUS_IS_OK(status)) {
2726 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2727 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2728 ERRSRV, ERRbadpath);
2729 END_PROFILE(SMBunlink);
2732 reply_nterror(req, status);
2733 END_PROFILE(SMBunlink);
2737 DEBUG(3,("reply_unlink : %s\n",name));
2739 status = unlink_internals(conn, req, dirtype, name,
2740 path_contains_wcard);
2741 if (!NT_STATUS_IS_OK(status)) {
2742 if (open_was_deferred(req->mid)) {
2743 /* We have re-scheduled this call. */
2744 END_PROFILE(SMBunlink);
2747 reply_nterror(req, status);
2748 END_PROFILE(SMBunlink);
2752 reply_outbuf(req, 0, 0);
2753 END_PROFILE(SMBunlink);
2758 /****************************************************************************
2760 ****************************************************************************/
2762 static void fail_readraw(void)
2764 const char *errstr = talloc_asprintf(talloc_tos(),
2765 "FAIL ! reply_readbraw: socket write fail (%s)",
2770 exit_server_cleanly(errstr);
2773 /****************************************************************************
2774 Fake (read/write) sendfile. Returns -1 on read or write fail.
2775 ****************************************************************************/
2777 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2781 size_t tosend = nread;
2788 bufsize = MIN(nread, 65536);
2790 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2794 while (tosend > 0) {
2798 if (tosend > bufsize) {
2803 ret = read_file(fsp,buf,startpos,cur_read);
2809 /* If we had a short read, fill with zeros. */
2810 if (ret < cur_read) {
2811 memset(buf + ret, '\0', cur_read - ret);
2814 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2819 startpos += cur_read;
2823 return (ssize_t)nread;
2826 #if defined(WITH_SENDFILE)
2827 /****************************************************************************
2828 Deal with the case of sendfile reading less bytes from the file than
2829 requested. Fill with zeros (all we can do).
2830 ****************************************************************************/
2832 static void sendfile_short_send(files_struct *fsp,
2837 #define SHORT_SEND_BUFSIZE 1024
2838 if (nread < headersize) {
2839 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2840 "header for file %s (%s). Terminating\n",
2841 fsp->fsp_name, strerror(errno) ));
2842 exit_server_cleanly("sendfile_short_send failed");
2845 nread -= headersize;
2847 if (nread < smb_maxcnt) {
2848 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2850 exit_server_cleanly("sendfile_short_send: "
2854 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2855 "with zeros !\n", fsp->fsp_name));
2857 while (nread < smb_maxcnt) {
2859 * We asked for the real file size and told sendfile
2860 * to not go beyond the end of the file. But it can
2861 * happen that in between our fstat call and the
2862 * sendfile call the file was truncated. This is very
2863 * bad because we have already announced the larger
2864 * number of bytes to the client.
2866 * The best we can do now is to send 0-bytes, just as
2867 * a read from a hole in a sparse file would do.
2869 * This should happen rarely enough that I don't care
2870 * about efficiency here :-)
2874 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2875 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2876 exit_server_cleanly("sendfile_short_send: "
2877 "write_data failed");
2884 #endif /* defined WITH_SENDFILE */
2886 /****************************************************************************
2887 Return a readbraw error (4 bytes of zero).
2888 ****************************************************************************/
2890 static void reply_readbraw_error(void)
2894 if (write_data(smbd_server_fd(),header,4) != 4) {
2899 /****************************************************************************
2900 Use sendfile in readbraw.
2901 ****************************************************************************/
2903 static void send_file_readbraw(connection_struct *conn,
2904 struct smb_request *req,
2910 char *outbuf = NULL;
2913 #if defined(WITH_SENDFILE)
2915 * We can only use sendfile on a non-chained packet
2916 * but we can use on a non-oplocked file. tridge proved this
2917 * on a train in Germany :-). JRA.
2918 * reply_readbraw has already checked the length.
2921 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2922 (fsp->wcp == NULL) &&
2923 lp_use_sendfile(SNUM(conn), smbd_server_conn->smb1.signing_state) ) {
2924 ssize_t sendfile_read = -1;
2926 DATA_BLOB header_blob;
2928 _smb_setlen(header,nread);
2929 header_blob = data_blob_const(header, 4);
2931 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2932 &header_blob, startpos, nread)) == -1) {
2933 /* Returning ENOSYS means no data at all was sent.
2934 * Do this as a normal read. */
2935 if (errno == ENOSYS) {
2936 goto normal_readbraw;
2940 * Special hack for broken Linux with no working sendfile. If we
2941 * return EINTR we sent the header but not the rest of the data.
2942 * Fake this up by doing read/write calls.
2944 if (errno == EINTR) {
2945 /* Ensure we don't do this again. */
2946 set_use_sendfile(SNUM(conn), False);
2947 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2949 if (fake_sendfile(fsp, startpos, nread) == -1) {
2950 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2951 fsp->fsp_name, strerror(errno) ));
2952 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2957 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2958 fsp->fsp_name, strerror(errno) ));
2959 exit_server_cleanly("send_file_readbraw sendfile failed");
2960 } else if (sendfile_read == 0) {
2962 * Some sendfile implementations return 0 to indicate
2963 * that there was a short read, but nothing was
2964 * actually written to the socket. In this case,
2965 * fallback to the normal read path so the header gets
2966 * the correct byte count.
2968 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2969 "bytes falling back to the normal read: "
2970 "%s\n", fsp->fsp_name));
2971 goto normal_readbraw;
2974 /* Deal with possible short send. */
2975 if (sendfile_read != 4+nread) {
2976 sendfile_short_send(fsp, sendfile_read, 4, nread);
2984 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2986 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2987 (unsigned)(nread+4)));
2988 reply_readbraw_error();
2993 ret = read_file(fsp,outbuf+4,startpos,nread);
2994 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3003 _smb_setlen(outbuf,ret);
3004 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
3007 TALLOC_FREE(outbuf);
3010 /****************************************************************************
3011 Reply to a readbraw (core+ protocol).
3012 ****************************************************************************/
3014 void reply_readbraw(struct smb_request *req)
3016 connection_struct *conn = req->conn;
3017 ssize_t maxcount,mincount;
3021 struct lock_struct lock;
3025 START_PROFILE(SMBreadbraw);
3027 if (srv_is_signing_active(smbd_server_conn) ||
3028 is_encrypted_packet(req->inbuf)) {
3029 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3030 "raw reads/writes are disallowed.");
3034 reply_readbraw_error();
3035 END_PROFILE(SMBreadbraw);
3040 * Special check if an oplock break has been issued
3041 * and the readraw request croses on the wire, we must
3042 * return a zero length response here.
3045 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3048 * We have to do a check_fsp by hand here, as
3049 * we must always return 4 zero bytes on error,
3053 if (!fsp || !conn || conn != fsp->conn ||
3054 req->vuid != fsp->vuid ||
3055 fsp->is_directory || fsp->fh->fd == -1) {
3057 * fsp could be NULL here so use the value from the packet. JRA.
3059 DEBUG(3,("reply_readbraw: fnum %d not valid "
3061 (int)SVAL(req->vwv+0, 0)));
3062 reply_readbraw_error();
3063 END_PROFILE(SMBreadbraw);
3067 /* Do a "by hand" version of CHECK_READ. */
3068 if (!(fsp->can_read ||
3069 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3070 (fsp->access_mask & FILE_EXECUTE)))) {
3071 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3072 (int)SVAL(req->vwv+0, 0)));
3073 reply_readbraw_error();
3074 END_PROFILE(SMBreadbraw);
3078 flush_write_cache(fsp, READRAW_FLUSH);
3080 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3081 if(req->wct == 10) {
3083 * This is a large offset (64 bit) read.
3085 #ifdef LARGE_SMB_OFF_T
3087 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3089 #else /* !LARGE_SMB_OFF_T */
3092 * Ensure we haven't been sent a >32 bit offset.
3095 if(IVAL(req->vwv+8, 0) != 0) {
3096 DEBUG(0,("reply_readbraw: large offset "
3097 "(%x << 32) used and we don't support "
3098 "64 bit offsets.\n",
3099 (unsigned int)IVAL(req->vwv+8, 0) ));
3100 reply_readbraw_error();
3101 END_PROFILE(SMBreadbraw);
3105 #endif /* LARGE_SMB_OFF_T */
3108 DEBUG(0,("reply_readbraw: negative 64 bit "
3109 "readraw offset (%.0f) !\n",
3110 (double)startpos ));
3111 reply_readbraw_error();
3112 END_PROFILE(SMBreadbraw);
3117 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3118 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3120 /* ensure we don't overrun the packet size */
3121 maxcount = MIN(65535,maxcount);
3123 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3124 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3127 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3128 reply_readbraw_error();
3129 END_PROFILE(SMBreadbraw);
3133 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
3134 size = st.st_ex_size;
3137 if (startpos >= size) {
3140 nread = MIN(maxcount,(size - startpos));
3143 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3144 if (nread < mincount)
3148 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3149 "min=%lu nread=%lu\n",
3150 fsp->fnum, (double)startpos,
3151 (unsigned long)maxcount,
3152 (unsigned long)mincount,
3153 (unsigned long)nread ) );
3155 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3157 DEBUG(5,("reply_readbraw finished\n"));
3159 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3161 END_PROFILE(SMBreadbraw);
3166 #define DBGC_CLASS DBGC_LOCKING
3168 /****************************************************************************
3169 Reply to a lockread (core+ protocol).
3170 ****************************************************************************/
3172 void reply_lockread(struct smb_request *req)
3174 connection_struct *conn = req->conn;
3181 struct byte_range_lock *br_lck = NULL;
3183 struct smbd_server_connection *sconn = smbd_server_conn;
3185 START_PROFILE(SMBlockread);
3188 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3189 END_PROFILE(SMBlockread);
3193 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3195 if (!check_fsp(conn, req, fsp)) {
3196 END_PROFILE(SMBlockread);
3200 if (!CHECK_READ(fsp,req)) {
3201 reply_doserror(req, ERRDOS, ERRbadaccess);
3202 END_PROFILE(SMBlockread);
3206 numtoread = SVAL(req->vwv+1, 0);
3207 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3209 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3211 reply_outbuf(req, 5, numtoread + 3);
3213 data = smb_buf(req->outbuf) + 3;
3216 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3217 * protocol request that predates the read/write lock concept.
3218 * Thus instead of asking for a read lock here we need to ask
3219 * for a write lock. JRA.
3220 * Note that the requested lock size is unaffected by max_recv.
3223 br_lck = do_lock(smbd_messaging_context(),
3226 (uint64_t)numtoread,
3230 False, /* Non-blocking lock. */
3234 TALLOC_FREE(br_lck);
3236 if (NT_STATUS_V(status)) {
3237 reply_nterror(req, status);
3238 END_PROFILE(SMBlockread);
3243 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3246 if (numtoread > sconn->smb1.negprot.max_recv) {
3247 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3248 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3249 (unsigned int)numtoread,
3250 (unsigned int)sconn->smb1.negprot.max_recv));
3251 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3253 nread = read_file(fsp,data,startpos,numtoread);
3256 reply_unixerror(req, ERRDOS, ERRnoaccess);
3257 END_PROFILE(SMBlockread);
3261 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3263 SSVAL(req->outbuf,smb_vwv0,nread);
3264 SSVAL(req->outbuf,smb_vwv5,nread+3);
3265 p = smb_buf(req->outbuf);
3266 SCVAL(p,0,0); /* pad byte. */
3269 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3270 fsp->fnum, (int)numtoread, (int)nread));
3272 END_PROFILE(SMBlockread);
3277 #define DBGC_CLASS DBGC_ALL
3279 /****************************************************************************
3281 ****************************************************************************/
3283 void reply_read(struct smb_request *req)
3285 connection_struct *conn = req->conn;
3292 struct lock_struct lock;
3293 struct smbd_server_connection *sconn = smbd_server_conn;
3295 START_PROFILE(SMBread);
3298 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3299 END_PROFILE(SMBread);
3303 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3305 if (!check_fsp(conn, req, fsp)) {
3306 END_PROFILE(SMBread);
3310 if (!CHECK_READ(fsp,req)) {
3311 reply_doserror(req, ERRDOS, ERRbadaccess);
3312 END_PROFILE(SMBread);
3316 numtoread = SVAL(req->vwv+1, 0);
3317 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3319 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3322 * The requested read size cannot be greater than max_recv. JRA.
3324 if (numtoread > sconn->smb1.negprot.max_recv) {
3325 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3326 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3327 (unsigned int)numtoread,
3328 (unsigned int)sconn->smb1.negprot.max_recv));
3329 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3332 reply_outbuf(req, 5, numtoread+3);
3334 data = smb_buf(req->outbuf) + 3;
3336 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3337 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3340 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3341 reply_doserror(req, ERRDOS,ERRlock);
3342 END_PROFILE(SMBread);
3347 nread = read_file(fsp,data,startpos,numtoread);
3350 reply_unixerror(req, ERRDOS,ERRnoaccess);
3354 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3356 SSVAL(req->outbuf,smb_vwv0,nread);
3357 SSVAL(req->outbuf,smb_vwv5,nread+3);
3358 SCVAL(smb_buf(req->outbuf),0,1);
3359 SSVAL(smb_buf(req->outbuf),1,nread);
3361 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3362 fsp->fnum, (int)numtoread, (int)nread ) );
3365 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3367 END_PROFILE(SMBread);
3371 /****************************************************************************
3373 ****************************************************************************/
3375 static int setup_readX_header(struct smb_request *req, char *outbuf,
3381 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3382 data = smb_buf(outbuf);
3384 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3386 SCVAL(outbuf,smb_vwv0,0xFF);
3387 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3388 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3389 SSVAL(outbuf,smb_vwv6,
3391 + 1 /* the wct field */
3392 + 12 * sizeof(uint16_t) /* vwv */
3393 + 2); /* the buflen field */
3394 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3395 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3396 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3397 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3401 /****************************************************************************
3402 Reply to a read and X - possibly using sendfile.
3403 ****************************************************************************/
3405 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3406 files_struct *fsp, SMB_OFF_T startpos,
3409 SMB_STRUCT_STAT sbuf;
3411 struct lock_struct lock;
3413 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3414 reply_unixerror(req, ERRDOS, ERRnoaccess);
3418 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3419 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3422 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3423 reply_doserror(req, ERRDOS, ERRlock);
3427 if (!S_ISREG(sbuf.st_ex_mode) || (startpos > sbuf.st_ex_size)
3428 || (smb_maxcnt > (sbuf.st_ex_size - startpos))) {
3430 * We already know that we would do a short read, so don't
3431 * try the sendfile() path.
3433 goto nosendfile_read;
3436 #if defined(WITH_SENDFILE)
3438 * We can only use sendfile on a non-chained packet
3439 * but we can use on a non-oplocked file. tridge proved this
3440 * on a train in Germany :-). JRA.
3443 if (!req_is_in_chain(req) &&
3444 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3445 (fsp->wcp == NULL) &&
3446 lp_use_sendfile(SNUM(conn), smbd_server_conn->smb1.signing_state) ) {
3447 uint8 headerbuf[smb_size + 12 * 2];
3451 * Set up the packet header before send. We
3452 * assume here the sendfile will work (get the
3453 * correct amount of data).
3456 header = data_blob_const(headerbuf, sizeof(headerbuf));
3458 construct_reply_common_req(req, (char *)headerbuf);
3459 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3461 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3462 /* Returning ENOSYS means no data at all was sent.
3463 Do this as a normal read. */
3464 if (errno == ENOSYS) {
3469 * Special hack for broken Linux with no working sendfile. If we
3470 * return EINTR we sent the header but not the rest of the data.
3471 * Fake this up by doing read/write calls.
3474 if (errno == EINTR) {
3475 /* Ensure we don't do this again. */
3476 set_use_sendfile(SNUM(conn), False);
3477 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3478 nread = fake_sendfile(fsp, startpos,
3481 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3482 fsp->fsp_name, strerror(errno) ));
3483 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3485 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3486 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3487 /* No outbuf here means successful sendfile. */
3491 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3492 fsp->fsp_name, strerror(errno) ));
3493 exit_server_cleanly("send_file_readX sendfile failed");
3494 } else if (nread == 0) {
3496 * Some sendfile implementations return 0 to indicate
3497 * that there was a short read, but nothing was
3498 * actually written to the socket. In this case,
3499 * fallback to the normal read path so the header gets
3500 * the correct byte count.
3502 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3503 "falling back to the normal read: %s\n",
3508 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3509 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3511 /* Deal with possible short send. */
3512 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3513 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3515 /* No outbuf here means successful sendfile. */
3516 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3517 SMB_PERFCOUNT_END(&req->pcd);
3525 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3526 uint8 headerbuf[smb_size + 2*12];
3528 construct_reply_common_req(req, (char *)headerbuf);
3529 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3531 /* Send out the header. */
3532 if (write_data(smbd_server_fd(), (char *)headerbuf,
3533 sizeof(headerbuf)) != sizeof(headerbuf)) {
3534 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3535 fsp->fsp_name, strerror(errno) ));
3536 exit_server_cleanly("send_file_readX sendfile failed");
3538 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3540 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3541 fsp->fsp_name, strerror(errno) ));
3542 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3549 reply_outbuf(req, 12, smb_maxcnt);
3551 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3553 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3556 reply_unixerror(req, ERRDOS, ERRnoaccess);
3560 setup_readX_header(req, (char *)req->outbuf, nread);
3562 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3563 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3569 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3570 TALLOC_FREE(req->outbuf);
3574 /****************************************************************************
3575 Reply to a read and X.
3576 ****************************************************************************/
3578 void reply_read_and_X(struct smb_request *req)
3580 connection_struct *conn = req->conn;
3584 bool big_readX = False;
3586 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3589 START_PROFILE(SMBreadX);
3591 if ((req->wct != 10) && (req->wct != 12)) {
3592 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3596 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3597 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3598 smb_maxcnt = SVAL(req->vwv+5, 0);
3600 /* If it's an IPC, pass off the pipe handler. */
3602 reply_pipe_read_and_X(req);
3603 END_PROFILE(SMBreadX);
3607 if (!check_fsp(conn, req, fsp)) {
3608 END_PROFILE(SMBreadX);
3612 if (!CHECK_READ(fsp,req)) {
3613 reply_doserror(req, ERRDOS,ERRbadaccess);
3614 END_PROFILE(SMBreadX);
3618 if (global_client_caps & CAP_LARGE_READX) {
3619 size_t upper_size = SVAL(req->vwv+7, 0);
3620 smb_maxcnt |= (upper_size<<16);
3621 if (upper_size > 1) {
3622 /* Can't do this on a chained packet. */
3623 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3624 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3625 END_PROFILE(SMBreadX);
3628 /* We currently don't do this on signed or sealed data. */
3629 if (srv_is_signing_active(smbd_server_conn) ||
3630 is_encrypted_packet(req->inbuf)) {
3631 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3632 END_PROFILE(SMBreadX);
3635 /* Is there room in the reply for this data ? */
3636 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3638 NT_STATUS_INVALID_PARAMETER);
3639 END_PROFILE(SMBreadX);
3646 if (req->wct == 12) {
3647 #ifdef LARGE_SMB_OFF_T
3649 * This is a large offset (64 bit) read.
3651 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3653 #else /* !LARGE_SMB_OFF_T */
3656 * Ensure we haven't been sent a >32 bit offset.
3659 if(IVAL(req->vwv+10, 0) != 0) {
3660 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3661 "used and we don't support 64 bit offsets.\n",
3662 (unsigned int)IVAL(req->vwv+10, 0) ));
3663 END_PROFILE(SMBreadX);
3664 reply_doserror(req, ERRDOS, ERRbadaccess);
3668 #endif /* LARGE_SMB_OFF_T */
3673 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3677 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3680 END_PROFILE(SMBreadX);
3684 /****************************************************************************
3685 Error replies to writebraw must have smb_wct == 1. Fix this up.
3686 ****************************************************************************/
3688 void error_to_writebrawerr(struct smb_request *req)
3690 uint8 *old_outbuf = req->outbuf;
3692 reply_outbuf(req, 1, 0);
3694 memcpy(req->outbuf, old_outbuf, smb_size);
3695 TALLOC_FREE(old_outbuf);
3698 /****************************************************************************
3699 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3700 ****************************************************************************/
3702 void reply_writebraw(struct smb_request *req)
3704 connection_struct *conn = req->conn;
3707 ssize_t total_written=0;
3708 size_t numtowrite=0;
3714 struct lock_struct lock;
3717 START_PROFILE(SMBwritebraw);
3720 * If we ever reply with an error, it must have the SMB command
3721 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3724 SCVAL(req->inbuf,smb_com,SMBwritec);
3726 if (srv_is_signing_active(smbd_server_conn)) {
3727 END_PROFILE(SMBwritebraw);
3728 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3729 "raw reads/writes are disallowed.");
3732 if (req->wct < 12) {
3733 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3734 error_to_writebrawerr(req);
3735 END_PROFILE(SMBwritebraw);
3739 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3740 if (!check_fsp(conn, req, fsp)) {
3741 error_to_writebrawerr(req);
3742 END_PROFILE(SMBwritebraw);
3746 if (!CHECK_WRITE(fsp)) {
3747 reply_doserror(req, ERRDOS, ERRbadaccess);
3748 error_to_writebrawerr(req);
3749 END_PROFILE(SMBwritebraw);
3753 tcount = IVAL(req->vwv+1, 0);
3754 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3755 write_through = BITSETW(req->vwv+7,0);
3757 /* We have to deal with slightly different formats depending
3758 on whether we are using the core+ or lanman1.0 protocol */
3760 if(Protocol <= PROTOCOL_COREPLUS) {
3761 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3762 data = smb_buf(req->inbuf);
3764 numtowrite = SVAL(req->vwv+10, 0);
3765 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3768 /* Ensure we don't write bytes past the end of this packet. */
3769 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3770 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3771 error_to_writebrawerr(req);
3772 END_PROFILE(SMBwritebraw);
3776 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3777 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3780 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3781 reply_doserror(req, ERRDOS, ERRlock);
3782 error_to_writebrawerr(req);
3783 END_PROFILE(SMBwritebraw);
3788 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3791 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3792 "wrote=%d sync=%d\n",
3793 fsp->fnum, (double)startpos, (int)numtowrite,
3794 (int)nwritten, (int)write_through));
3796 if (nwritten < (ssize_t)numtowrite) {
3797 reply_unixerror(req, ERRHRD, ERRdiskfull);
3798 error_to_writebrawerr(req);
3802 total_written = nwritten;
3804 /* Allocate a buffer of 64k + length. */
3805 buf = TALLOC_ARRAY(NULL, char, 65540);
3807 reply_doserror(req, ERRDOS, ERRnomem);
3808 error_to_writebrawerr(req);
3812 /* Return a SMBwritebraw message to the redirector to tell
3813 * it to send more bytes */
3815 memcpy(buf, req->inbuf, smb_size);
3816 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3817 SCVAL(buf,smb_com,SMBwritebraw);
3818 SSVALS(buf,smb_vwv0,0xFFFF);
3820 if (!srv_send_smb(smbd_server_fd(),
3822 false, 0, /* no signing */
3823 IS_CONN_ENCRYPTED(conn),
3825 exit_server_cleanly("reply_writebraw: srv_send_smb "
3829 /* Now read the raw data into the buffer and write it */
3830 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3832 if (!NT_STATUS_IS_OK(status)) {
3833 exit_server_cleanly("secondary writebraw failed");
3836 /* Set up outbuf to return the correct size */
3837 reply_outbuf(req, 1, 0);
3839 if (numtowrite != 0) {
3841 if (numtowrite > 0xFFFF) {
3842 DEBUG(0,("reply_writebraw: Oversize secondary write "
3843 "raw requested (%u). Terminating\n",
3844 (unsigned int)numtowrite ));
3845 exit_server_cleanly("secondary writebraw failed");
3848 if (tcount > nwritten+numtowrite) {
3849 DEBUG(3,("reply_writebraw: Client overestimated the "
3851 (int)tcount,(int)nwritten,(int)numtowrite));
3854 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3856 if (!NT_STATUS_IS_OK(status)) {
3857 DEBUG(0,("reply_writebraw: Oversize secondary write "
3858 "raw read failed (%s). Terminating\n",
3859 nt_errstr(status)));
3860 exit_server_cleanly("secondary writebraw failed");
3863 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3864 if (nwritten == -1) {
3866 reply_unixerror(req, ERRHRD, ERRdiskfull);
3867 error_to_writebrawerr(req);
3871 if (nwritten < (ssize_t)numtowrite) {
3872 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3873 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3877 total_written += nwritten;
3882 SSVAL(req->outbuf,smb_vwv0,total_written);
3884 status = sync_file(conn, fsp, write_through);
3885 if (!NT_STATUS_IS_OK(status)) {
3886 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3887 fsp->fsp_name, nt_errstr(status) ));
3888 reply_nterror(req, status);
3889 error_to_writebrawerr(req);
3893 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3895 fsp->fnum, (double)startpos, (int)numtowrite,
3896 (int)total_written));
3898 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3900 /* We won't return a status if write through is not selected - this
3901 * follows what WfWg does */
3902 END_PROFILE(SMBwritebraw);
3904 if (!write_through && total_written==tcount) {
3906 #if RABBIT_PELLET_FIX
3908 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3909 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3912 if (!send_keepalive(smbd_server_fd())) {
3913 exit_server_cleanly("reply_writebraw: send of "
3914 "keepalive failed");
3917 TALLOC_FREE(req->outbuf);
3922 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3924 END_PROFILE(SMBwritebraw);
3929 #define DBGC_CLASS DBGC_LOCKING
3931 /****************************************************************************
3932 Reply to a writeunlock (core+).
3933 ****************************************************************************/
3935 void reply_writeunlock(struct smb_request *req)
3937 connection_struct *conn = req->conn;
3938 ssize_t nwritten = -1;
3942 NTSTATUS status = NT_STATUS_OK;
3944 struct lock_struct lock;
3946 START_PROFILE(SMBwriteunlock);
3949 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3950 END_PROFILE(SMBwriteunlock);
3954 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3956 if (!check_fsp(conn, req, fsp)) {
3957 END_PROFILE(SMBwriteunlock);
3961 if (!CHECK_WRITE(fsp)) {
3962 reply_doserror(req, ERRDOS,ERRbadaccess);
3963 END_PROFILE(SMBwriteunlock);
3967 numtowrite = SVAL(req->vwv+1, 0);
3968 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3969 data = (const char *)req->buf + 3;
3972 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3973 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
3976 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3977 reply_doserror(req, ERRDOS, ERRlock);
3978 END_PROFILE(SMBwriteunlock);
3983 /* The special X/Open SMB protocol handling of
3984 zero length writes is *NOT* done for
3986 if(numtowrite == 0) {
3989 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3992 status = sync_file(conn, fsp, False /* write through */);
3993 if (!NT_STATUS_IS_OK(status)) {
3994 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3995 fsp->fsp_name, nt_errstr(status) ));
3996 reply_nterror(req, status);
4000 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
4001 reply_unixerror(req, ERRHRD, ERRdiskfull);
4006 status = do_unlock(smbd_messaging_context(),
4009 (uint64_t)numtowrite,
4013 if (NT_STATUS_V(status)) {
4014 reply_nterror(req, status);
4019 reply_outbuf(req, 1, 0);
4021 SSVAL(req->outbuf,smb_vwv0,nwritten);
4023 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4024 fsp->fnum, (int)numtowrite, (int)nwritten));
4028 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4031 END_PROFILE(SMBwriteunlock);
4036 #define DBGC_CLASS DBGC_ALL
4038 /****************************************************************************
4040 ****************************************************************************/
4042 void reply_write(struct smb_request *req)
4044 connection_struct *conn = req->conn;
4046 ssize_t nwritten = -1;
4050 struct lock_struct lock;
4053 START_PROFILE(SMBwrite);
4056 END_PROFILE(SMBwrite);
4057 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4061 /* If it's an IPC, pass off the pipe handler. */
4063 reply_pipe_write(req);
4064 END_PROFILE(SMBwrite);
4068 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4070 if (!check_fsp(conn, req, fsp)) {
4071 END_PROFILE(SMBwrite);
4075 if (!CHECK_WRITE(fsp)) {
4076 reply_doserror(req, ERRDOS, ERRbadaccess);
4077 END_PROFILE(SMBwrite);
4081 numtowrite = SVAL(req->vwv+1, 0);
4082 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4083 data = (const char *)req->buf + 3;
4085 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4086 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4089 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4090 reply_doserror(req, ERRDOS, ERRlock);
4091 END_PROFILE(SMBwrite);
4096 * X/Open SMB protocol says that if smb_vwv1 is
4097 * zero then the file size should be extended or
4098 * truncated to the size given in smb_vwv[2-3].
4101 if(numtowrite == 0) {
4103 * This is actually an allocate call, and set EOF. JRA.
4105 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4107 reply_nterror(req, NT_STATUS_DISK_FULL);
4110 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4112 reply_nterror(req, NT_STATUS_DISK_FULL);
4115 trigger_write_time_update_immediate(fsp);
4117 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4120 status = sync_file(conn, fsp, False);
4121 if (!NT_STATUS_IS_OK(status)) {
4122 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4123 fsp->fsp_name, nt_errstr(status) ));
4124 reply_nterror(req, status);
4128 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4129 reply_unixerror(req, ERRHRD, ERRdiskfull);
4133 reply_outbuf(req, 1, 0);
4135 SSVAL(req->outbuf,smb_vwv0,nwritten);
4137 if (nwritten < (ssize_t)numtowrite) {
4138 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4139 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4142 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4145 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4147 END_PROFILE(SMBwrite);
4151 /****************************************************************************
4152 Ensure a buffer is a valid writeX for recvfile purposes.
4153 ****************************************************************************/
4155 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4156 (2*14) + /* word count (including bcc) */ \
4159 bool is_valid_writeX_buffer(const uint8_t *inbuf)
4162 connection_struct *conn = NULL;
4163 unsigned int doff = 0;
4164 size_t len = smb_len_large(inbuf);
4165 struct smbd_server_connection *sconn = smbd_server_conn;
4167 if (is_encrypted_packet(inbuf)) {
4168 /* Can't do this on encrypted
4173 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4177 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4178 CVAL(inbuf,smb_wct) != 14) {
4179 DEBUG(10,("is_valid_writeX_buffer: chained or "
4180 "invalid word length.\n"));
4184 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4186 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4190 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4193 if (IS_PRINT(conn)) {
4194 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4197 doff = SVAL(inbuf,smb_vwv11);
4199 numtowrite = SVAL(inbuf,smb_vwv10);
4201 if (len > doff && len - doff > 0xFFFF) {
4202 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4205 if (numtowrite == 0) {
4206 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4210 /* Ensure the sizes match up. */
4211 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4212 /* no pad byte...old smbclient :-( */
4213 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4215 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4219 if (len - doff != numtowrite) {
4220 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4221 "len = %u, doff = %u, numtowrite = %u\n",
4224 (unsigned int)numtowrite ));
4228 DEBUG(10,("is_valid_writeX_buffer: true "
4229 "len = %u, doff = %u, numtowrite = %u\n",
4232 (unsigned int)numtowrite ));
4237 /****************************************************************************
4238 Reply to a write and X.
4239 ****************************************************************************/
4241 void reply_write_and_X(struct smb_request *req)
4243 connection_struct *conn = req->conn;
4245 struct lock_struct lock;
4250 unsigned int smb_doff;
4251 unsigned int smblen;
4255 START_PROFILE(SMBwriteX);
4257 if ((req->wct != 12) && (req->wct != 14)) {
4258 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4259 END_PROFILE(SMBwriteX);
4263 numtowrite = SVAL(req->vwv+10, 0);
4264 smb_doff = SVAL(req->vwv+11, 0);
4265 smblen = smb_len(req->inbuf);
4267 if (req->unread_bytes > 0xFFFF ||
4268 (smblen > smb_doff &&
4269 smblen - smb_doff > 0xFFFF)) {
4270 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4273 if (req->unread_bytes) {
4274 /* Can't do a recvfile write on IPC$ */
4276 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4277 END_PROFILE(SMBwriteX);
4280 if (numtowrite != req->unread_bytes) {
4281 reply_doserror(req, ERRDOS, ERRbadmem);
4282 END_PROFILE(SMBwriteX);
4286 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4287 smb_doff + numtowrite > smblen) {
4288 reply_doserror(req, ERRDOS, ERRbadmem);
4289 END_PROFILE(SMBwriteX);
4294 /* If it's an IPC, pass off the pipe handler. */
4296 if (req->unread_bytes) {
4297 reply_doserror(req, ERRDOS, ERRbadmem);
4298 END_PROFILE(SMBwriteX);
4301 reply_pipe_write_and_X(req);
4302 END_PROFILE(SMBwriteX);
4306 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4307 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4308 write_through = BITSETW(req->vwv+7,0);
4310 if (!check_fsp(conn, req, fsp)) {
4311 END_PROFILE(SMBwriteX);
4315 if (!CHECK_WRITE(fsp)) {
4316 reply_doserror(req, ERRDOS, ERRbadaccess);
4317 END_PROFILE(SMBwriteX);
4321 data = smb_base(req->inbuf) + smb_doff;
4323 if(req->wct == 14) {
4324 #ifdef LARGE_SMB_OFF_T
4326 * This is a large offset (64 bit) write.
4328 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4330 #else /* !LARGE_SMB_OFF_T */
4333 * Ensure we haven't been sent a >32 bit offset.
4336 if(IVAL(req->vwv+12, 0) != 0) {
4337 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4338 "used and we don't support 64 bit offsets.\n",
4339 (unsigned int)IVAL(req->vwv+12, 0) ));
4340 reply_doserror(req, ERRDOS, ERRbadaccess);
4341 END_PROFILE(SMBwriteX);
4345 #endif /* LARGE_SMB_OFF_T */
4348 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4349 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4352 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4353 reply_doserror(req, ERRDOS, ERRlock);
4354 END_PROFILE(SMBwriteX);
4358 /* X/Open SMB protocol says that, unlike SMBwrite
4359 if the length is zero then NO truncation is
4360 done, just a write of zero. To truncate a file,
4363 if(numtowrite == 0) {
4367 if ((req->unread_bytes == 0) &&
4368 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4373 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4376 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4377 reply_unixerror(req, ERRHRD, ERRdiskfull);
4381 reply_outbuf(req, 6, 0);
4382 SSVAL(req->outbuf,smb_vwv2,nwritten);
4383 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4385 if (nwritten < (ssize_t)numtowrite) {
4386 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4387 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4390 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4391 fsp->fnum, (int)numtowrite, (int)nwritten));
4393 status = sync_file(conn, fsp, write_through);
4394 if (!NT_STATUS_IS_OK(status)) {
4395 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4396 fsp->fsp_name, nt_errstr(status) ));
4397 reply_nterror(req, status);
4401 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4403 END_PROFILE(SMBwriteX);
4408 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4410 END_PROFILE(SMBwriteX);
4414 /****************************************************************************
4416 ****************************************************************************/
4418 void reply_lseek(struct smb_request *req)
4420 connection_struct *conn = req->conn;
4426 START_PROFILE(SMBlseek);
4429 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4430 END_PROFILE(SMBlseek);
4434 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4436 if (!check_fsp(conn, req, fsp)) {
4440 flush_write_cache(fsp, SEEK_FLUSH);
4442 mode = SVAL(req->vwv+1, 0) & 3;
4443 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4444 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4453 res = fsp->fh->pos + startpos;
4464 if (umode == SEEK_END) {
4465 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4466 if(errno == EINVAL) {
4467 SMB_OFF_T current_pos = startpos;
4468 SMB_STRUCT_STAT sbuf;
4470 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4471 reply_unixerror(req, ERRDOS,
4473 END_PROFILE(SMBlseek);
4477 current_pos += sbuf.st_ex_size;
4479 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4484 reply_unixerror(req, ERRDOS, ERRnoaccess);
4485 END_PROFILE(SMBlseek);
4492 reply_outbuf(req, 2, 0);
4493 SIVAL(req->outbuf,smb_vwv0,res);
4495 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4496 fsp->fnum, (double)startpos, (double)res, mode));
4498 END_PROFILE(SMBlseek);
4502 /****************************************************************************
4504 ****************************************************************************/
4506 void reply_flush(struct smb_request *req)
4508 connection_struct *conn = req->conn;
4512 START_PROFILE(SMBflush);
4515 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4519 fnum = SVAL(req->vwv+0, 0);
4520 fsp = file_fsp(req, fnum);
4522 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4527 file_sync_all(conn);
4529 NTSTATUS status = sync_file(conn, fsp, True);
4530 if (!NT_STATUS_IS_OK(status)) {
4531 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4532 fsp->fsp_name, nt_errstr(status) ));
4533 reply_nterror(req, status);
4534 END_PROFILE(SMBflush);
4539 reply_outbuf(req, 0, 0);
4541 DEBUG(3,("flush\n"));
4542 END_PROFILE(SMBflush);
4546 /****************************************************************************
4548 conn POINTER CAN BE NULL HERE !
4549 ****************************************************************************/
4551 void reply_exit(struct smb_request *req)
4553 START_PROFILE(SMBexit);
4555 file_close_pid(req->smbpid, req->vuid);
4557 reply_outbuf(req, 0, 0);
4559 DEBUG(3,("exit\n"));
4561 END_PROFILE(SMBexit);
4565 /****************************************************************************
4566 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4567 ****************************************************************************/
4569 void reply_close(struct smb_request *req)
4571 connection_struct *conn = req->conn;
4572 NTSTATUS status = NT_STATUS_OK;
4573 files_struct *fsp = NULL;
4574 START_PROFILE(SMBclose);
4577 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4578 END_PROFILE(SMBclose);
4582 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4585 * We can only use check_fsp if we know it's not a directory.
4588 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4589 reply_doserror(req, ERRDOS, ERRbadfid);
4590 END_PROFILE(SMBclose);
4594 if(fsp->is_directory) {
4596 * Special case - close NT SMB directory handle.
4598 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4599 status = close_file(req, fsp, NORMAL_CLOSE);
4603 * Close ordinary file.
4606 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4607 fsp->fh->fd, fsp->fnum,
4608 conn->num_files_open));
4611 * Take care of any time sent in the close.
4614 t = srv_make_unix_date3(req->vwv+1);
4615 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4618 * close_file() returns the unix errno if an error
4619 * was detected on close - normally this is due to
4620 * a disk full error. If not then it was probably an I/O error.
4623 status = close_file(req, fsp, NORMAL_CLOSE);
4626 if (!NT_STATUS_IS_OK(status)) {
4627 reply_nterror(req, status);
4628 END_PROFILE(SMBclose);
4632 reply_outbuf(req, 0, 0);
4633 END_PROFILE(SMBclose);
4637 /****************************************************************************
4638 Reply to a writeclose (Core+ protocol).
4639 ****************************************************************************/
4641 void reply_writeclose(struct smb_request *req)
4643 connection_struct *conn = req->conn;
4645 ssize_t nwritten = -1;
4646 NTSTATUS close_status = NT_STATUS_OK;
4649 struct timespec mtime;
4651 struct lock_struct lock;
4653 START_PROFILE(SMBwriteclose);
4656 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4657 END_PROFILE(SMBwriteclose);
4661 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4663 if (!check_fsp(conn, req, fsp)) {
4664 END_PROFILE(SMBwriteclose);
4667 if (!CHECK_WRITE(fsp)) {
4668 reply_doserror(req, ERRDOS,ERRbadaccess);
4669 END_PROFILE(SMBwriteclose);
4673 numtowrite = SVAL(req->vwv+1, 0);
4674 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4675 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4676 data = (const char *)req->buf + 1;
4679 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4680 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4683 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4684 reply_doserror(req, ERRDOS,ERRlock);
4685 END_PROFILE(SMBwriteclose);
4690 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4692 set_close_write_time(fsp, mtime);
4695 * More insanity. W2K only closes the file if writelen > 0.
4700 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4702 close_status = close_file(req, fsp, NORMAL_CLOSE);
4705 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4706 fsp->fnum, (int)numtowrite, (int)nwritten,
4707 conn->num_files_open));
4709 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4710 reply_doserror(req, ERRHRD, ERRdiskfull);
4714 if(!NT_STATUS_IS_OK(close_status)) {
4715 reply_nterror(req, close_status);
4719 reply_outbuf(req, 1, 0);
4721 SSVAL(req->outbuf,smb_vwv0,nwritten);
4725 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4728 END_PROFILE(SMBwriteclose);
4733 #define DBGC_CLASS DBGC_LOCKING
4735 /****************************************************************************
4737 ****************************************************************************/
4739 void reply_lock(struct smb_request *req)
4741 connection_struct *conn = req->conn;
4742 uint64_t count,offset;
4745 struct byte_range_lock *br_lck = NULL;
4747 START_PROFILE(SMBlock);
4750 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4751 END_PROFILE(SMBlock);
4755 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4757 if (!check_fsp(conn, req, fsp)) {
4758 END_PROFILE(SMBlock);
4762 count = (uint64_t)IVAL(req->vwv+1, 0);
4763 offset = (uint64_t)IVAL(req->vwv+3, 0);
4765 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4766 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4768 br_lck = do_lock(smbd_messaging_context(),
4775 False, /* Non-blocking lock. */
4780 TALLOC_FREE(br_lck);
4782 if (NT_STATUS_V(status)) {
4783 reply_nterror(req, status);
4784 END_PROFILE(SMBlock);
4788 reply_outbuf(req, 0, 0);
4790 END_PROFILE(SMBlock);
4794 /****************************************************************************
4796 ****************************************************************************/
4798 void reply_unlock(struct smb_request *req)
4800 connection_struct *conn = req->conn;
4801 uint64_t count,offset;
4805 START_PROFILE(SMBunlock);
4808 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4809 END_PROFILE(SMBunlock);
4813 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4815 if (!check_fsp(conn, req, fsp)) {
4816 END_PROFILE(SMBunlock);
4820 count = (uint64_t)IVAL(req->vwv+1, 0);
4821 offset = (uint64_t)IVAL(req->vwv+3, 0);
4823 status = do_unlock(smbd_messaging_context(),
4830 if (NT_STATUS_V(status)) {
4831 reply_nterror(req, status);
4832 END_PROFILE(SMBunlock);
4836 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4837 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4839 reply_outbuf(req, 0, 0);
4841 END_PROFILE(SMBunlock);
4846 #define DBGC_CLASS DBGC_ALL
4848 /****************************************************************************
4850 conn POINTER CAN BE NULL HERE !
4851 ****************************************************************************/
4853 void reply_tdis(struct smb_request *req)
4855 struct smbd_server_connection *sconn = smbd_server_conn;
4856 connection_struct *conn = req->conn;
4857 START_PROFILE(SMBtdis);
4860 DEBUG(4,("Invalid connection in tdis\n"));
4861 reply_doserror(req, ERRSRV, ERRinvnid);
4862 END_PROFILE(SMBtdis);
4868 close_cnum(sconn, conn,req->vuid);
4871 reply_outbuf(req, 0, 0);
4872 END_PROFILE(SMBtdis);
4876 /****************************************************************************
4878 conn POINTER CAN BE NULL HERE !
4879 ****************************************************************************/
4881 void reply_echo(struct smb_request *req)
4883 connection_struct *conn = req->conn;
4884 struct smb_perfcount_data local_pcd;
4885 struct smb_perfcount_data *cur_pcd;
4889 START_PROFILE(SMBecho);
4891 smb_init_perfcount_data(&local_pcd);
4894 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4895 END_PROFILE(SMBecho);
4899 smb_reverb = SVAL(req->vwv+0, 0);
4901 reply_outbuf(req, 1, req->buflen);
4903 /* copy any incoming data back out */
4904 if (req->buflen > 0) {
4905 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4908 if (smb_reverb > 100) {
4909 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4913 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
4915 /* this makes sure we catch the request pcd */
4916 if (seq_num == smb_reverb) {
4917 cur_pcd = &req->pcd;
4919 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
4920 cur_pcd = &local_pcd;
4923 SSVAL(req->outbuf,smb_vwv0,seq_num);
4925 show_msg((char *)req->outbuf);
4926 if (!srv_send_smb(smbd_server_fd(),
4927 (char *)req->outbuf,
4928 true, req->seqnum+1,
4929 IS_CONN_ENCRYPTED(conn)||req->encrypted,
4931 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4934 DEBUG(3,("echo %d times\n", smb_reverb));
4936 TALLOC_FREE(req->outbuf);
4938 END_PROFILE(SMBecho);
4942 /****************************************************************************
4943 Reply to a printopen.
4944 ****************************************************************************/
4946 void reply_printopen(struct smb_request *req)
4948 connection_struct *conn = req->conn;
4950 SMB_STRUCT_STAT sbuf;
4953 START_PROFILE(SMBsplopen);
4956 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4957 END_PROFILE(SMBsplopen);
4961 if (!CAN_PRINT(conn)) {
4962 reply_doserror(req, ERRDOS, ERRnoaccess);
4963 END_PROFILE(SMBsplopen);
4967 status = file_new(req, conn, &fsp);
4968 if(!NT_STATUS_IS_OK(status)) {
4969 reply_nterror(req, status);
4970 END_PROFILE(SMBsplopen);
4974 /* Open for exclusive use, write only. */
4975 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
4977 if (!NT_STATUS_IS_OK(status)) {
4978 file_free(req, fsp);
4979 reply_nterror(req, status);
4980 END_PROFILE(SMBsplopen);
4984 reply_outbuf(req, 1, 0);
4985 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4987 DEBUG(3,("openprint fd=%d fnum=%d\n",
4988 fsp->fh->fd, fsp->fnum));
4990 END_PROFILE(SMBsplopen);
4994 /****************************************************************************
4995 Reply to a printclose.
4996 ****************************************************************************/
4998 void reply_printclose(struct smb_request *req)
5000 connection_struct *conn = req->conn;
5004 START_PROFILE(SMBsplclose);
5007 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5008 END_PROFILE(SMBsplclose);
5012 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5014 if (!check_fsp(conn, req, fsp)) {
5015 END_PROFILE(SMBsplclose);
5019 if (!CAN_PRINT(conn)) {
5020 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
5021 END_PROFILE(SMBsplclose);
5025 DEBUG(3,("printclose fd=%d fnum=%d\n",
5026 fsp->fh->fd,fsp->fnum));
5028 status = close_file(req, fsp, NORMAL_CLOSE);
5030 if(!NT_STATUS_IS_OK(status)) {
5031 reply_nterror(req, status);
5032 END_PROFILE(SMBsplclose);
5036 reply_outbuf(req, 0, 0);
5038 END_PROFILE(SMBsplclose);
5042 /****************************************************************************
5043 Reply to a printqueue.
5044 ****************************************************************************/
5046 void reply_printqueue(struct smb_request *req)
5048 connection_struct *conn = req->conn;
5052 START_PROFILE(SMBsplretq);
5055 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5056 END_PROFILE(SMBsplretq);
5060 max_count = SVAL(req->vwv+0, 0);
5061 start_index = SVAL(req->vwv+1, 0);
5063 /* we used to allow the client to get the cnum wrong, but that
5064 is really quite gross and only worked when there was only
5065 one printer - I think we should now only accept it if they
5066 get it right (tridge) */
5067 if (!CAN_PRINT(conn)) {
5068 reply_doserror(req, ERRDOS, ERRnoaccess);
5069 END_PROFILE(SMBsplretq);
5073 reply_outbuf(req, 2, 3);
5074 SSVAL(req->outbuf,smb_vwv0,0);
5075 SSVAL(req->outbuf,smb_vwv1,0);
5076 SCVAL(smb_buf(req->outbuf),0,1);
5077 SSVAL(smb_buf(req->outbuf),1,0);
5079 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5080 start_index, max_count));
5083 print_queue_struct *queue = NULL;
5084 print_status_struct status;
5085 int count = print_queue_status(SNUM(conn), &queue, &status);
5086 int num_to_get = ABS(max_count);
5087 int first = (max_count>0?start_index:start_index+max_count+1);
5093 num_to_get = MIN(num_to_get,count-first);
5096 for (i=first;i<first+num_to_get;i++) {
5100 srv_put_dos_date2(p,0,queue[i].time);
5101 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
5102 SSVAL(p,5, queue[i].job);
5103 SIVAL(p,7,queue[i].size);
5105 srvstr_push(blob, req->flags2, p+12,
5106 queue[i].fs_user, 16, STR_ASCII);
5108 if (message_push_blob(
5111 blob, sizeof(blob))) == -1) {
5112 reply_nterror(req, NT_STATUS_NO_MEMORY);
5113 END_PROFILE(SMBsplretq);
5119 SSVAL(req->outbuf,smb_vwv0,count);
5120 SSVAL(req->outbuf,smb_vwv1,
5121 (max_count>0?first+count:first-1));
5122 SCVAL(smb_buf(req->outbuf),0,1);
5123 SSVAL(smb_buf(req->outbuf),1,28*count);
5128 DEBUG(3,("%d entries returned in queue\n",count));
5131 END_PROFILE(SMBsplretq);
5135 /****************************************************************************
5136 Reply to a printwrite.
5137 ****************************************************************************/
5139 void reply_printwrite(struct smb_request *req)
5141 connection_struct *conn = req->conn;
5146 START_PROFILE(SMBsplwr);
5149 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5150 END_PROFILE(SMBsplwr);
5154 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5156 if (!check_fsp(conn, req, fsp)) {
5157 END_PROFILE(SMBsplwr);
5161 if (!CAN_PRINT(conn)) {
5162 reply_doserror(req, ERRDOS, ERRnoaccess);
5163 END_PROFILE(SMBsplwr);
5167 if (!CHECK_WRITE(fsp)) {
5168 reply_doserror(req, ERRDOS, ERRbadaccess);
5169 END_PROFILE(SMBsplwr);
5173 numtowrite = SVAL(req->buf, 1);
5175 if (req->buflen < numtowrite + 3) {
5176 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5177 END_PROFILE(SMBsplwr);
5181 data = (const char *)req->buf + 3;
5183 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
5184 reply_unixerror(req, ERRHRD, ERRdiskfull);
5185 END_PROFILE(SMBsplwr);
5189 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5191 END_PROFILE(SMBsplwr);
5195 /****************************************************************************
5197 ****************************************************************************/
5199 void reply_mkdir(struct smb_request *req)
5201 connection_struct *conn = req->conn;
5202 struct smb_filename *smb_dname = NULL;
5203 char *directory = NULL;
5205 TALLOC_CTX *ctx = talloc_tos();
5207 START_PROFILE(SMBmkdir);
5209 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5210 STR_TERMINATE, &status);
5211 if (!NT_STATUS_IS_OK(status)) {
5212 reply_nterror(req, status);
5216 status = resolve_dfspath(ctx, conn,
5217 req->flags2 & FLAGS2_DFS_PATHNAMES,
5220 if (!NT_STATUS_IS_OK(status)) {
5221 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5222 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5223 ERRSRV, ERRbadpath);
5226 reply_nterror(req, status);
5230 status = unix_convert(ctx, conn, directory, &smb_dname, 0);
5231 if (!NT_STATUS_IS_OK(status)) {
5232 reply_nterror(req, status);
5236 status = check_name(conn, smb_dname->base_name);
5237 if (!NT_STATUS_IS_OK(status)) {
5238 reply_nterror(req, status);
5242 status = create_directory(conn, req, smb_dname);
5244 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5246 if (!NT_STATUS_IS_OK(status)) {
5248 if (!use_nt_status()
5249 && NT_STATUS_EQUAL(status,
5250 NT_STATUS_OBJECT_NAME_COLLISION)) {
5252 * Yes, in the DOS error code case we get a
5253 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5254 * samba4 torture test.
5256 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5259 reply_nterror(req, status);
5263 reply_outbuf(req, 0, 0);
5265 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5267 TALLOC_FREE(smb_dname);
5268 END_PROFILE(SMBmkdir);
5272 /****************************************************************************
5273 Static function used by reply_rmdir to delete an entire directory
5274 tree recursively. Return True on ok, False on fail.
5275 ****************************************************************************/
5277 static bool recursive_rmdir(TALLOC_CTX *ctx,
5278 connection_struct *conn,
5281 const char *dname = NULL;
5285 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
5291 while((dname = ReadDirName(dir_hnd, &offset, &st))) {
5292 char *fullname = NULL;
5294 if (ISDOT(dname) || ISDOTDOT(dname)) {
5298 if (!is_visible_file(conn, directory, dname, &st, False)) {
5302 /* Construct the full name. */
5303 fullname = talloc_asprintf(ctx,
5313 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5318 if(st.st_ex_mode & S_IFDIR) {
5319 if(!recursive_rmdir(ctx, conn, fullname)) {
5323 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5327 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5331 TALLOC_FREE(fullname);
5333 TALLOC_FREE(dir_hnd);
5337 /****************************************************************************
5338 The internals of the rmdir code - called elsewhere.
5339 ****************************************************************************/
5341 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5342 connection_struct *conn,
5343 const char *directory)
5348 /* Might be a symlink. */
5349 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
5350 return map_nt_error_from_unix(errno);
5353 if (S_ISLNK(st.st_ex_mode)) {
5354 /* Is what it points to a directory ? */
5355 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5356 return map_nt_error_from_unix(errno);
5358 if (!(S_ISDIR(st.st_ex_mode))) {
5359 return NT_STATUS_NOT_A_DIRECTORY;
5361 ret = SMB_VFS_UNLINK(conn,directory);
5363 ret = SMB_VFS_RMDIR(conn,directory);
5366 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5367 FILE_NOTIFY_CHANGE_DIR_NAME,
5369 return NT_STATUS_OK;
5372 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5374 * Check to see if the only thing in this directory are
5375 * vetoed files/directories. If so then delete them and
5376 * retry. If we fail to delete any of them (and we *don't*
5377 * do a recursive delete) then fail the rmdir.
5381 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5382 directory, NULL, 0);
5384 if(dir_hnd == NULL) {
5389 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5390 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5392 if (!is_visible_file(conn, directory, dname, &st, False))
5394 if(!IS_VETO_PATH(conn, dname)) {
5395 TALLOC_FREE(dir_hnd);
5401 /* We only have veto files/directories.
5402 * Are we allowed to delete them ? */
5404 if(!lp_recursive_veto_delete(SNUM(conn))) {
5405 TALLOC_FREE(dir_hnd);
5410 /* Do a recursive delete. */
5411 RewindDir(dir_hnd,&dirpos);
5412 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5413 char *fullname = NULL;
5415 if (ISDOT(dname) || ISDOTDOT(dname)) {
5418 if (!is_visible_file(conn, directory, dname, &st, False)) {
5422 fullname = talloc_asprintf(ctx,
5432 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5435 if(st.st_ex_mode & S_IFDIR) {
5436 if(!recursive_rmdir(ctx, conn, fullname)) {
5439 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5442 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5445 TALLOC_FREE(fullname);
5447 TALLOC_FREE(dir_hnd);
5448 /* Retry the rmdir */
5449 ret = SMB_VFS_RMDIR(conn,directory);
5455 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5456 "%s\n", directory,strerror(errno)));
5457 return map_nt_error_from_unix(errno);
5460 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5461 FILE_NOTIFY_CHANGE_DIR_NAME,
5464 return NT_STATUS_OK;
5467 /****************************************************************************
5469 ****************************************************************************/
5471 void reply_rmdir(struct smb_request *req)
5473 connection_struct *conn = req->conn;
5474 struct smb_filename *smb_dname = NULL;
5475 char *directory = NULL;
5477 TALLOC_CTX *ctx = talloc_tos();
5479 START_PROFILE(SMBrmdir);
5481 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5482 STR_TERMINATE, &status);
5483 if (!NT_STATUS_IS_OK(status)) {
5484 reply_nterror(req, status);
5488 status = resolve_dfspath(ctx, conn,
5489 req->flags2 & FLAGS2_DFS_PATHNAMES,
5492 if (!NT_STATUS_IS_OK(status)) {
5493 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5494 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5495 ERRSRV, ERRbadpath);
5498 reply_nterror(req, status);
5502 status = unix_convert(ctx, conn, directory, &smb_dname, 0);
5503 if (!NT_STATUS_IS_OK(status)) {
5504 reply_nterror(req, status);
5508 status = get_full_smb_filename(ctx, smb_dname, &directory);
5509 if (!NT_STATUS_IS_OK(status)) {
5510 reply_nterror(req, status);
5514 status = check_name(conn, directory);
5515 if (!NT_STATUS_IS_OK(status)) {
5516 reply_nterror(req, status);
5520 dptr_closepath(directory, req->smbpid);
5521 status = rmdir_internals(ctx, conn, directory);
5522 if (!NT_STATUS_IS_OK(status)) {
5523 reply_nterror(req, status);
5527 reply_outbuf(req, 0, 0);
5529 DEBUG( 3, ( "rmdir %s\n", directory ) );
5531 TALLOC_FREE(smb_dname);
5532 END_PROFILE(SMBrmdir);
5536 /*******************************************************************
5537 Resolve wildcards in a filename rename.
5538 ********************************************************************/
5540 static bool resolve_wildcards(TALLOC_CTX *ctx,
5545 char *name2_copy = NULL;
5550 char *p,*p2, *pname1, *pname2;
5552 name2_copy = talloc_strdup(ctx, name2);
5557 pname1 = strrchr_m(name1,'/');
5558 pname2 = strrchr_m(name2_copy,'/');
5560 if (!pname1 || !pname2) {
5564 /* Truncate the copy of name2 at the last '/' */
5567 /* Now go past the '/' */
5571 root1 = talloc_strdup(ctx, pname1);
5572 root2 = talloc_strdup(ctx, pname2);
5574 if (!root1 || !root2) {
5578 p = strrchr_m(root1,'.');
5581 ext1 = talloc_strdup(ctx, p+1);
5583 ext1 = talloc_strdup(ctx, "");
5585 p = strrchr_m(root2,'.');
5588 ext2 = talloc_strdup(ctx, p+1);
5590 ext2 = talloc_strdup(ctx, "");
5593 if (!ext1 || !ext2) {
5601 /* Hmmm. Should this be mb-aware ? */
5604 } else if (*p2 == '*') {
5606 root2 = talloc_asprintf(ctx, "%s%s",
5625 /* Hmmm. Should this be mb-aware ? */
5628 } else if (*p2 == '*') {
5630 ext2 = talloc_asprintf(ctx, "%s%s",
5646 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5651 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5663 /****************************************************************************
5664 Ensure open files have their names updated. Updated to notify other smbd's
5666 ****************************************************************************/
5668 static void rename_open_files(connection_struct *conn,
5669 struct share_mode_lock *lck,
5670 const char *newname)
5673 bool did_rename = False;
5675 for(fsp = file_find_di_first(lck->id); fsp;
5676 fsp = file_find_di_next(fsp)) {
5677 /* fsp_name is a relative path under the fsp. To change this for other
5678 sharepaths we need to manipulate relative paths. */
5679 /* TODO - create the absolute path and manipulate the newname
5680 relative to the sharepath. */
5681 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5684 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5685 fsp->fnum, file_id_string_tos(&fsp->file_id),
5686 fsp->fsp_name, newname ));
5687 string_set(&fsp->fsp_name, newname);
5692 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5693 file_id_string_tos(&lck->id), newname ));
5696 /* Send messages to all smbd's (not ourself) that the name has changed. */
5697 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5701 /****************************************************************************
5702 We need to check if the source path is a parent directory of the destination
5703 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5704 refuse the rename with a sharing violation. Under UNIX the above call can
5705 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5706 probably need to check that the client is a Windows one before disallowing
5707 this as a UNIX client (one with UNIX extensions) can know the source is a
5708 symlink and make this decision intelligently. Found by an excellent bug
5709 report from <AndyLiebman@aol.com>.
5710 ****************************************************************************/
5712 static bool rename_path_prefix_equal(const char *src, const char *dest)
5714 const char *psrc = src;
5715 const char *pdst = dest;
5718 if (psrc[0] == '.' && psrc[1] == '/') {
5721 if (pdst[0] == '.' && pdst[1] == '/') {
5724 if ((slen = strlen(psrc)) > strlen(pdst)) {
5727 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5731 * Do the notify calls from a rename
5734 static void notify_rename(connection_struct *conn, bool is_dir,
5735 const char *oldpath, const char *newpath)
5737 char *olddir, *newdir;
5738 const char *oldname, *newname;
5741 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5742 : FILE_NOTIFY_CHANGE_FILE_NAME;
5744 if (!parent_dirname(talloc_tos(), oldpath, &olddir, &oldname)
5745 || !parent_dirname(talloc_tos(), newpath, &newdir, &newname)) {
5746 TALLOC_FREE(olddir);
5750 if (strcmp(olddir, newdir) == 0) {
5751 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5752 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5755 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5756 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5758 TALLOC_FREE(olddir);
5759 TALLOC_FREE(newdir);
5761 /* this is a strange one. w2k3 gives an additional event for
5762 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5763 files, but not directories */
5765 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5766 FILE_NOTIFY_CHANGE_ATTRIBUTES
5767 |FILE_NOTIFY_CHANGE_CREATION,
5772 /****************************************************************************
5773 Rename an open file - given an fsp.
5774 ****************************************************************************/
5776 NTSTATUS rename_internals_fsp(connection_struct *conn,
5779 const char *newname_last_component,
5781 bool replace_if_exists)
5783 TALLOC_CTX *ctx = talloc_tos();
5784 SMB_STRUCT_STAT sbuf, sbuf1;
5785 NTSTATUS status = NT_STATUS_OK;
5786 struct share_mode_lock *lck = NULL;
5787 bool dst_exists, old_is_stream, new_is_stream;
5791 status = check_name(conn, newname);
5792 if (!NT_STATUS_IS_OK(status)) {
5796 /* Ensure newname contains a '/' */
5797 if(strrchr_m(newname,'/') == 0) {
5798 newname = talloc_asprintf(ctx,
5802 return NT_STATUS_NO_MEMORY;
5807 * Check for special case with case preserving and not
5808 * case sensitive. If the old last component differs from the original
5809 * last component only by case, then we should allow
5810 * the rename (user is trying to change the case of the
5814 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5815 strequal(newname, fsp->fsp_name)) {
5817 char *newname_modified_last_component = NULL;
5820 * Get the last component of the modified name.
5821 * Note that we guarantee that newname contains a '/'
5824 p = strrchr_m(newname,'/');
5825 newname_modified_last_component = talloc_strdup(ctx,
5827 if (!newname_modified_last_component) {
5828 return NT_STATUS_NO_MEMORY;
5831 if(strcsequal(newname_modified_last_component,
5832 newname_last_component) == False) {
5834 * Replace the modified last component with
5837 *p = '\0'; /* Truncate at the '/' */
5838 newname = talloc_asprintf(ctx,
5841 newname_last_component);
5846 * If the src and dest names are identical - including case,
5847 * don't do the rename, just return success.
5850 if (strcsequal(fsp->fsp_name, newname)) {
5851 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5853 return NT_STATUS_OK;
5856 old_is_stream = is_ntfs_stream_name(fsp->fsp_name);
5857 new_is_stream = is_ntfs_stream_name(newname);
5859 /* Return the correct error code if both names aren't streams. */
5860 if (!old_is_stream && new_is_stream) {
5861 return NT_STATUS_OBJECT_NAME_INVALID;
5864 if (old_is_stream && !new_is_stream) {
5865 return NT_STATUS_INVALID_PARAMETER;
5869 * Have vfs_object_exist also fill sbuf1
5871 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5873 if(!replace_if_exists && dst_exists) {
5874 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5875 fsp->fsp_name,newname));
5876 return NT_STATUS_OBJECT_NAME_COLLISION;
5880 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5881 files_struct *dst_fsp = file_find_di_first(fileid);
5882 /* The file can be open when renaming a stream */
5883 if (dst_fsp && !new_is_stream) {
5884 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5885 return NT_STATUS_ACCESS_DENIED;
5889 /* Ensure we have a valid stat struct for the source. */
5890 if (fsp->fh->fd != -1) {
5891 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5892 return map_nt_error_from_unix(errno);
5896 if (fsp->posix_open) {
5897 ret = SMB_VFS_LSTAT(conn,fsp->fsp_name,&sbuf);
5899 ret = SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf);
5902 return map_nt_error_from_unix(errno);
5906 status = can_rename(conn, fsp, attrs, &sbuf);
5908 if (!NT_STATUS_IS_OK(status)) {
5909 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5910 nt_errstr(status), fsp->fsp_name,newname));
5911 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5912 status = NT_STATUS_ACCESS_DENIED;
5916 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5917 return NT_STATUS_ACCESS_DENIED;
5920 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5924 * We have the file open ourselves, so not being able to get the
5925 * corresponding share mode lock is a fatal error.
5928 SMB_ASSERT(lck != NULL);
5930 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5931 uint32 create_options = fsp->fh->private_options;
5933 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5934 fsp->fsp_name,newname));
5936 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5938 rename_open_files(conn, lck, newname);
5941 * A rename acts as a new file create w.r.t. allowing an initial delete
5942 * on close, probably because in Windows there is a new handle to the
5943 * new file. If initial delete on close was requested but not
5944 * originally set, we need to set it here. This is probably not 100% correct,
5945 * but will work for the CIFSFS client which in non-posix mode
5946 * depends on these semantics. JRA.
5949 if (create_options & FILE_DELETE_ON_CLOSE) {
5950 status = can_set_delete_on_close(fsp, True, 0);
5952 if (NT_STATUS_IS_OK(status)) {
5953 /* Note that here we set the *inital* delete on close flag,
5954 * not the regular one. The magic gets handled in close. */
5955 fsp->initial_delete_on_close = True;
5959 return NT_STATUS_OK;
5964 if (errno == ENOTDIR || errno == EISDIR) {
5965 status = NT_STATUS_OBJECT_NAME_COLLISION;
5967 status = map_nt_error_from_unix(errno);
5970 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5971 nt_errstr(status), fsp->fsp_name,newname));
5976 /****************************************************************************
5977 The guts of the rename command, split out so it may be called by the NT SMB
5979 ****************************************************************************/
5981 NTSTATUS rename_internals(TALLOC_CTX *ctx,
5982 connection_struct *conn,
5983 struct smb_request *req,
5984 const char *name_in,
5985 const char *newname_in,
5987 bool replace_if_exists,
5990 uint32_t access_mask)
5992 struct smb_filename *smb_fname = NULL;
5993 struct smb_filename *smb_fname_new = NULL;
5994 char *directory = NULL;
5997 char *newname = NULL;
6000 NTSTATUS status = NT_STATUS_OK;
6001 struct smb_Dir *dir_hnd = NULL;
6004 int create_options = 0;
6005 bool posix_pathnames = lp_posix_pathnames();
6007 status = unix_convert(ctx, conn, name_in, &smb_fname,
6008 src_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6009 if (!NT_STATUS_IS_OK(status)) {
6013 status = get_full_smb_filename(ctx, smb_fname, &name);
6014 if (!NT_STATUS_IS_OK(status)) {
6018 status = unix_convert(ctx, conn, newname_in, &smb_fname_new,
6020 (dest_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0)));
6021 if (!NT_STATUS_IS_OK(status)) {
6025 status = get_full_smb_filename(ctx, smb_fname_new, &newname);
6026 if (!NT_STATUS_IS_OK(status)) {
6031 * Split the old name into directory and last component
6032 * strings. Note that unix_convert may have stripped off a
6033 * leading ./ from both name and newname if the rename is
6034 * at the root of the share. We need to make sure either both
6035 * name and newname contain a / character or neither of them do
6036 * as this is checked in resolve_wildcards().
6039 p = strrchr_m(name,'/');
6041 directory = talloc_strdup(ctx, ".");
6043 status = NT_STATUS_NO_MEMORY;
6049 directory = talloc_strdup(ctx, name);
6051 status = NT_STATUS_NO_MEMORY;
6055 *p = '/'; /* Replace needed for exceptional test below. */
6059 * We should only check the mangled cache
6060 * here if unix_convert failed. This means
6061 * that the path in 'mask' doesn't exist
6062 * on the file system and so we need to look
6063 * for a possible mangle. This patch from
6064 * Tine Smukavec <valentin.smukavec@hermes.si>.
6067 if (!VALID_STAT(smb_fname->st) && mangle_is_mangled(mask, conn->params)) {
6068 char *new_mask = NULL;
6069 mangle_lookup_name_from_8_3(ctx,
6078 if (!src_has_wild) {
6082 * No wildcards - just process the one file.
6084 /* Add a terminating '/' to the directory name. */
6085 directory = talloc_asprintf_append(directory,
6089 status = NT_STATUS_NO_MEMORY;
6093 /* Ensure newname contains a '/' also */
6094 if(strrchr_m(newname,'/') == 0) {
6095 newname = talloc_asprintf(ctx,
6099 status = NT_STATUS_NO_MEMORY;
6104 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6105 "case_preserve = %d, short case preserve = %d, "
6106 "directory = %s, newname = %s, "
6107 "last_component_dest = %s\n",
6108 conn->case_sensitive, conn->case_preserve,
6109 conn->short_case_preserve, directory,
6110 newname, smb_fname_new->original_lcomp));
6112 /* The dest name still may have wildcards. */
6113 if (dest_has_wild) {
6114 char *mod_newname = NULL;
6115 if (!resolve_wildcards(ctx,
6116 directory,newname,&mod_newname)) {
6117 DEBUG(6, ("rename_internals: resolve_wildcards "
6121 status = NT_STATUS_NO_MEMORY;
6124 newname = mod_newname;
6127 ZERO_STRUCT(smb_fname->st);
6128 if (posix_pathnames) {
6129 SMB_VFS_LSTAT(conn, directory, &smb_fname->st);
6131 SMB_VFS_STAT(conn, directory, &smb_fname->st);
6134 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
6135 create_options |= FILE_DIRECTORY_FILE;
6138 status = SMB_VFS_CREATE_FILE(
6141 0, /* root_dir_fid */
6142 directory, /* fname */
6143 0, /* create_file_flags */
6144 access_mask, /* access_mask */
6145 (FILE_SHARE_READ | /* share_access */
6147 FILE_OPEN, /* create_disposition*/
6148 create_options, /* create_options */
6149 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6150 0, /* oplock_request */
6151 0, /* allocation_size */
6156 &smb_fname->st); /* psbuf */
6158 if (!NT_STATUS_IS_OK(status)) {
6159 DEBUG(3, ("Could not open rename source %s: %s\n",
6160 directory, nt_errstr(status)));
6164 status = rename_internals_fsp(conn, fsp, newname,
6165 smb_fname_new->original_lcomp,
6166 attrs, replace_if_exists);
6168 close_file(req, fsp, NORMAL_CLOSE);
6170 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6171 nt_errstr(status), directory,newname));
6177 * Wildcards - process each file that matches.
6179 if (strequal(mask,"????????.???")) {
6184 status = check_name(conn, directory);
6185 if (!NT_STATUS_IS_OK(status)) {
6189 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs);
6190 if (dir_hnd == NULL) {
6191 status = map_nt_error_from_unix(errno);
6195 status = NT_STATUS_NO_SUCH_FILE;
6197 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6198 * - gentest fix. JRA
6201 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname->st))) {
6202 files_struct *fsp = NULL;
6204 char *destname = NULL;
6205 bool sysdir_entry = False;
6207 /* Quick check for "." and ".." */
6208 if (ISDOT(dname) || ISDOTDOT(dname)) {
6210 sysdir_entry = True;
6216 if (!is_visible_file(conn, directory, dname, &smb_fname->st,
6221 if(!mask_match(dname, mask, conn->case_sensitive)) {
6226 status = NT_STATUS_OBJECT_NAME_INVALID;
6230 fname = talloc_asprintf(ctx,
6235 status = NT_STATUS_NO_MEMORY;
6239 if (!resolve_wildcards(ctx,
6240 fname,newname,&destname)) {
6241 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6247 status = NT_STATUS_NO_MEMORY;
6251 ZERO_STRUCT(smb_fname->st);
6252 if (posix_pathnames) {
6253 SMB_VFS_LSTAT(conn, fname, &smb_fname->st);
6255 SMB_VFS_STAT(conn, fname, &smb_fname->st);
6260 if (S_ISDIR(smb_fname->st.st_ex_mode)) {
6261 create_options |= FILE_DIRECTORY_FILE;
6264 status = SMB_VFS_CREATE_FILE(
6267 0, /* root_dir_fid */
6269 0, /* create_file_flags */
6270 access_mask, /* access_mask */
6271 (FILE_SHARE_READ | /* share_access */
6273 FILE_OPEN, /* create_disposition*/
6274 create_options, /* create_options */
6275 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6276 0, /* oplock_request */
6277 0, /* allocation_size */
6282 &smb_fname->st); /* psbuf */
6284 if (!NT_STATUS_IS_OK(status)) {
6285 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6286 "returned %s rename %s -> %s\n",
6287 nt_errstr(status), directory, newname));
6291 status = rename_internals_fsp(conn, fsp, destname, dname,
6292 attrs, replace_if_exists);
6294 close_file(req, fsp, NORMAL_CLOSE);
6296 if (!NT_STATUS_IS_OK(status)) {
6297 DEBUG(3, ("rename_internals_fsp returned %s for "
6298 "rename %s -> %s\n", nt_errstr(status),
6299 directory, newname));
6305 DEBUG(3,("rename_internals: doing rename on %s -> "
6306 "%s\n",fname,destname));
6309 TALLOC_FREE(destname);
6311 TALLOC_FREE(dir_hnd);
6313 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6314 status = map_nt_error_from_unix(errno);
6318 TALLOC_FREE(smb_fname);
6319 TALLOC_FREE(smb_fname_new);
6323 /****************************************************************************
6325 ****************************************************************************/
6327 void reply_mv(struct smb_request *req)
6329 connection_struct *conn = req->conn;
6331 char *newname = NULL;
6335 bool src_has_wcard = False;
6336 bool dest_has_wcard = False;
6337 TALLOC_CTX *ctx = talloc_tos();
6339 START_PROFILE(SMBmv);
6342 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6347 attrs = SVAL(req->vwv+0, 0);
6349 p = (const char *)req->buf + 1;
6350 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6351 &status, &src_has_wcard);
6352 if (!NT_STATUS_IS_OK(status)) {
6353 reply_nterror(req, status);
6358 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6359 &status, &dest_has_wcard);
6360 if (!NT_STATUS_IS_OK(status)) {
6361 reply_nterror(req, status);
6366 status = resolve_dfspath_wcard(ctx, conn,
6367 req->flags2 & FLAGS2_DFS_PATHNAMES,
6371 if (!NT_STATUS_IS_OK(status)) {
6372 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6373 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6374 ERRSRV, ERRbadpath);
6378 reply_nterror(req, status);
6383 status = resolve_dfspath_wcard(ctx, conn,
6384 req->flags2 & FLAGS2_DFS_PATHNAMES,
6388 if (!NT_STATUS_IS_OK(status)) {
6389 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6390 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6391 ERRSRV, ERRbadpath);
6395 reply_nterror(req, status);
6400 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6402 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6403 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6404 if (!NT_STATUS_IS_OK(status)) {
6405 if (open_was_deferred(req->mid)) {
6406 /* We have re-scheduled this call. */
6410 reply_nterror(req, status);
6415 reply_outbuf(req, 0, 0);
6421 /*******************************************************************
6422 Copy a file as part of a reply_copy.
6423 ******************************************************************/
6426 * TODO: check error codes on all callers
6429 NTSTATUS copy_file(TALLOC_CTX *ctx,
6430 connection_struct *conn,
6431 struct smb_filename *smb_fname_src,
6432 struct smb_filename *smb_fname_dst,
6435 bool target_is_directory)
6437 struct smb_filename *smb_fname_dst_tmp = NULL;
6438 char *fname_src = NULL;
6439 char *fname_dst = NULL;
6441 files_struct *fsp1,*fsp2;
6443 uint32 new_create_disposition;
6447 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6448 if (!NT_STATUS_IS_OK(status)) {
6453 * If the target is a directory, extract the last component from the
6454 * src filename and append it to the dst filename
6456 if (target_is_directory) {
6459 /* dest/target can't be a stream if it's a directory. */
6460 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6462 p = strrchr_m(smb_fname_src->base_name,'/');
6466 p = smb_fname_src->base_name;
6468 smb_fname_dst_tmp->base_name =
6469 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6471 if (!smb_fname_dst_tmp->base_name) {
6472 status = NT_STATUS_NO_MEMORY;
6477 status = vfs_file_exist(conn, smb_fname_src);
6478 if (!NT_STATUS_IS_OK(status)) {
6482 if (!target_is_directory && count) {
6483 new_create_disposition = FILE_OPEN;
6485 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp->base_name,
6486 0, ofun, NULL, NULL,
6487 &new_create_disposition,
6489 status = NT_STATUS_INVALID_PARAMETER;
6494 status = get_full_smb_filename(talloc_tos(), smb_fname_src, &fname_src);
6495 if (!NT_STATUS_IS_OK(status)) {
6499 /* Open the src file for reading. */
6500 status = SMB_VFS_CREATE_FILE(
6503 0, /* root_dir_fid */
6504 fname_src, /* fname */
6505 0, /* create_file_flags */
6506 FILE_GENERIC_READ, /* access_mask */
6507 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6508 FILE_OPEN, /* create_disposition*/
6509 0, /* create_options */
6510 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6511 INTERNAL_OPEN_ONLY, /* oplock_request */
6512 0, /* allocation_size */
6517 &smb_fname_src->st); /* psbuf */
6519 if (!NT_STATUS_IS_OK(status)) {
6523 dosattrs = dos_mode(conn, fname_src, &smb_fname_src->st);
6525 status = get_full_smb_filename(talloc_tos(), smb_fname_dst_tmp, &fname_dst);
6526 if (!NT_STATUS_IS_OK(status)) {
6530 if (SMB_VFS_STAT(conn, fname_dst, &smb_fname_dst_tmp->st) == -1) {
6531 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6534 /* Open the dst file for writing. */
6535 status = SMB_VFS_CREATE_FILE(
6538 0, /* root_dir_fid */
6539 fname_dst, /* fname */
6540 0, /* create_file_flags */
6541 FILE_GENERIC_WRITE, /* access_mask */
6542 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6543 new_create_disposition, /* create_disposition*/
6544 0, /* create_options */
6545 dosattrs, /* file_attributes */
6546 INTERNAL_OPEN_ONLY, /* oplock_request */
6547 0, /* allocation_size */
6552 &smb_fname_dst_tmp->st); /* psbuf */
6554 if (!NT_STATUS_IS_OK(status)) {
6555 close_file(NULL, fsp1, ERROR_CLOSE);
6559 if ((ofun&3) == 1) {
6560 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6561 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6563 * Stop the copy from occurring.
6566 smb_fname_src->st.st_ex_size = 0;
6570 /* Do the actual copy. */
6571 if (smb_fname_src->st.st_ex_size) {
6572 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6575 close_file(NULL, fsp1, NORMAL_CLOSE);
6577 /* Ensure the modtime is set correctly on the destination file. */
6578 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6581 * As we are opening fsp1 read-only we only expect
6582 * an error on close on fsp2 if we are out of space.
6583 * Thus we don't look at the error return from the
6586 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6588 if (!NT_STATUS_IS_OK(status)) {
6592 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6593 status = NT_STATUS_DISK_FULL;
6597 status = NT_STATUS_OK;
6600 TALLOC_FREE(smb_fname_dst_tmp);
6601 TALLOC_FREE(fname_src);
6602 TALLOC_FREE(fname_dst);
6606 /****************************************************************************
6607 Reply to a file copy.
6608 ****************************************************************************/
6610 void reply_copy(struct smb_request *req)
6612 connection_struct *conn = req->conn;
6613 struct smb_filename *smb_fname_src = NULL;
6614 struct smb_filename *smb_fname_dst = NULL;
6615 char *fname_src = NULL;
6616 char *fname_dst = NULL;
6617 char *fname_src_mask = NULL;
6618 char *fname_src_dir = NULL;
6621 int error = ERRnoaccess;
6626 bool target_is_directory=False;
6627 bool source_has_wild = False;
6628 bool dest_has_wild = False;
6630 TALLOC_CTX *ctx = talloc_tos();
6632 START_PROFILE(SMBcopy);
6635 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6639 tid2 = SVAL(req->vwv+0, 0);
6640 ofun = SVAL(req->vwv+1, 0);
6641 flags = SVAL(req->vwv+2, 0);
6643 p = (const char *)req->buf;
6644 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6645 &status, &source_has_wild);
6646 if (!NT_STATUS_IS_OK(status)) {
6647 reply_nterror(req, status);
6650 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6651 &status, &dest_has_wild);
6652 if (!NT_STATUS_IS_OK(status)) {
6653 reply_nterror(req, status);
6657 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6659 if (tid2 != conn->cnum) {
6660 /* can't currently handle inter share copies XXXX */
6661 DEBUG(3,("Rejecting inter-share copy\n"));
6662 reply_doserror(req, ERRSRV, ERRinvdevice);
6666 status = resolve_dfspath_wcard(ctx, conn,
6667 req->flags2 & FLAGS2_DFS_PATHNAMES,
6671 if (!NT_STATUS_IS_OK(status)) {
6672 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6673 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6674 ERRSRV, ERRbadpath);
6677 reply_nterror(req, status);
6681 status = resolve_dfspath_wcard(ctx, conn,
6682 req->flags2 & FLAGS2_DFS_PATHNAMES,
6686 if (!NT_STATUS_IS_OK(status)) {
6687 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6688 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6689 ERRSRV, ERRbadpath);
6692 reply_nterror(req, status);
6696 status = unix_convert(ctx, conn, fname_src, &smb_fname_src,
6697 source_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6698 if (!NT_STATUS_IS_OK(status)) {
6699 reply_nterror(req, status);
6703 status = unix_convert(ctx, conn, fname_dst, &smb_fname_dst,
6704 dest_has_wild ? UCF_ALLOW_WCARD_LCOMP : 0);
6705 if (!NT_STATUS_IS_OK(status)) {
6706 reply_nterror(req, status);
6710 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6712 if ((flags&1) && target_is_directory) {
6713 reply_doserror(req, ERRDOS, ERRbadfile);
6717 if ((flags&2) && !target_is_directory) {
6718 reply_doserror(req, ERRDOS, ERRbadpath);
6722 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6723 /* wants a tree copy! XXXX */
6724 DEBUG(3,("Rejecting tree copy\n"));
6725 reply_doserror(req, ERRSRV, ERRerror);
6729 /* Split up the directory from the filename/mask. */
6730 p = strrchr_m(smb_fname_src->base_name,'/');
6732 fname_src_dir = talloc_strndup(ctx, smb_fname_src->base_name,
6733 PTR_DIFF(p, smb_fname_src->base_name));
6734 fname_src_mask = talloc_strdup(ctx, p+1);
6736 fname_src_dir = talloc_strdup(ctx, "./");
6737 fname_src_mask = talloc_strdup(ctx, smb_fname_src->base_name);
6740 if (!fname_src_dir || !fname_src_mask) {
6741 reply_nterror(req, NT_STATUS_NO_MEMORY);
6746 * We should only check the mangled cache
6747 * here if unix_convert failed. This means
6748 * that the path in 'mask' doesn't exist
6749 * on the file system and so we need to look
6750 * for a possible mangle. This patch from
6751 * Tine Smukavec <valentin.smukavec@hermes.si>.
6753 if (!VALID_STAT(smb_fname_src->st) &&
6754 mangle_is_mangled(fname_src_mask, conn->params)) {
6755 char *new_mask = NULL;
6756 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6757 &new_mask, conn->params);
6759 /* Use demangled name if one was successfully found. */
6761 TALLOC_FREE(fname_src_mask);
6762 fname_src_mask = new_mask;
6766 if (!source_has_wild) {
6769 * Only one file needs to be copied. Append the mask back onto
6772 TALLOC_FREE(smb_fname_src->base_name);
6773 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6777 if (!smb_fname_src->base_name) {
6778 reply_nterror(req, NT_STATUS_NO_MEMORY);
6782 if (dest_has_wild) {
6783 char *fname_dst_mod = NULL;
6784 if (!resolve_wildcards(smb_fname_dst,
6785 smb_fname_src->base_name,
6786 smb_fname_dst->base_name,
6788 reply_nterror(req, NT_STATUS_NO_MEMORY);
6791 TALLOC_FREE(smb_fname_dst->base_name);
6792 smb_fname_dst->base_name = fname_dst_mod;
6795 status = check_name(conn, smb_fname_src->base_name);
6796 if (!NT_STATUS_IS_OK(status)) {
6797 reply_nterror(req, status);
6801 status = check_name(conn, smb_fname_dst->base_name);
6802 if (!NT_STATUS_IS_OK(status)) {
6803 reply_nterror(req, status);
6807 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
6808 ofun, count, target_is_directory);
6810 if(!NT_STATUS_IS_OK(status)) {
6811 reply_nterror(req, status);
6817 struct smb_Dir *dir_hnd = NULL;
6818 const char *dname = NULL;
6822 * There is a wildcard that requires us to actually read the
6823 * src dir and copy each file matching the mask to the dst.
6824 * Right now streams won't be copied, but this could
6825 * presumably be added with a nested loop for reach dir entry.
6827 SMB_ASSERT(!smb_fname_src->stream_name);
6828 SMB_ASSERT(!smb_fname_dst->stream_name);
6830 smb_fname_src->stream_name = NULL;
6831 smb_fname_dst->stream_name = NULL;
6833 if (strequal(fname_src_mask,"????????.???")) {
6834 TALLOC_FREE(fname_src_mask);
6835 fname_src_mask = talloc_strdup(ctx, "*");
6836 if (!fname_src_mask) {
6837 reply_nterror(req, NT_STATUS_NO_MEMORY);
6842 status = check_name(conn, fname_src_dir);
6843 if (!NT_STATUS_IS_OK(status)) {
6844 reply_nterror(req, status);
6848 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
6849 if (dir_hnd == NULL) {
6850 status = map_nt_error_from_unix(errno);
6851 reply_nterror(req, status);
6857 /* Iterate over the src dir copying each entry to the dst. */
6858 while ((dname = ReadDirName(dir_hnd, &offset,
6859 &smb_fname_src->st))) {
6860 char *destname = NULL;
6862 if (ISDOT(dname) || ISDOTDOT(dname)) {
6866 if (!is_visible_file(conn, fname_src_dir, dname,
6867 &smb_fname_src->st, false)) {
6871 if(!mask_match(dname, fname_src_mask,
6872 conn->case_sensitive)) {
6876 error = ERRnoaccess;
6878 /* Get the src smb_fname struct setup. */
6879 TALLOC_FREE(smb_fname_src->base_name);
6880 smb_fname_src->base_name =
6881 talloc_asprintf(smb_fname_src, "%s/%s",
6882 fname_src_dir, dname);
6884 if (!smb_fname_src->base_name) {
6885 TALLOC_FREE(dir_hnd);
6886 reply_nterror(req, NT_STATUS_NO_MEMORY);
6890 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6891 smb_fname_dst->base_name,
6896 TALLOC_FREE(dir_hnd);
6897 reply_nterror(req, NT_STATUS_NO_MEMORY);
6901 TALLOC_FREE(smb_fname_dst->base_name);
6902 smb_fname_dst->base_name = destname;
6904 status = check_name(conn, smb_fname_src->base_name);
6905 if (!NT_STATUS_IS_OK(status)) {
6906 TALLOC_FREE(dir_hnd);
6907 reply_nterror(req, status);
6911 status = check_name(conn, smb_fname_dst->base_name);
6912 if (!NT_STATUS_IS_OK(status)) {
6913 TALLOC_FREE(dir_hnd);
6914 reply_nterror(req, status);
6918 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
6919 smb_fname_src->base_name,
6920 smb_fname_dst->base_name));
6922 status = copy_file(ctx, conn, smb_fname_src,
6923 smb_fname_dst, ofun, count,
6924 target_is_directory);
6925 if (NT_STATUS_IS_OK(status)) {
6929 TALLOC_FREE(dir_hnd);
6934 /* Error on close... */
6936 reply_unixerror(req, ERRHRD, ERRgeneral);
6940 reply_doserror(req, ERRDOS, error);
6944 reply_outbuf(req, 1, 0);
6945 SSVAL(req->outbuf,smb_vwv0,count);
6947 TALLOC_FREE(smb_fname_src);
6948 TALLOC_FREE(smb_fname_dst);
6949 TALLOC_FREE(fname_src);
6950 TALLOC_FREE(fname_dst);
6951 TALLOC_FREE(fname_src_mask);
6952 TALLOC_FREE(fname_src_dir);
6954 END_PROFILE(SMBcopy);
6959 #define DBGC_CLASS DBGC_LOCKING
6961 /****************************************************************************
6962 Get a lock pid, dealing with large count requests.
6963 ****************************************************************************/
6965 uint32 get_lock_pid(const uint8_t *data, int data_offset,
6966 bool large_file_format)
6968 if(!large_file_format)
6969 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6971 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6974 /****************************************************************************
6975 Get a lock count, dealing with large count requests.
6976 ****************************************************************************/
6978 uint64_t get_lock_count(const uint8_t *data, int data_offset,
6979 bool large_file_format)
6983 if(!large_file_format) {
6984 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6987 #if defined(HAVE_LONGLONG)
6988 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6989 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6990 #else /* HAVE_LONGLONG */
6993 * NT4.x seems to be broken in that it sends large file (64 bit)
6994 * lockingX calls even if the CAP_LARGE_FILES was *not*
6995 * negotiated. For boxes without large unsigned ints truncate the
6996 * lock count by dropping the top 32 bits.
6999 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7000 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7001 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7002 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7003 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7006 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7007 #endif /* HAVE_LONGLONG */
7013 #if !defined(HAVE_LONGLONG)
7014 /****************************************************************************
7015 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7016 ****************************************************************************/
7018 static uint32 map_lock_offset(uint32 high, uint32 low)
7022 uint32 highcopy = high;
7025 * Try and find out how many significant bits there are in high.
7028 for(i = 0; highcopy; i++)
7032 * We use 31 bits not 32 here as POSIX
7033 * lock offsets may not be negative.
7036 mask = (~0) << (31 - i);
7039 return 0; /* Fail. */
7045 #endif /* !defined(HAVE_LONGLONG) */
7047 /****************************************************************************
7048 Get a lock offset, dealing with large offset requests.
7049 ****************************************************************************/
7051 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7052 bool large_file_format, bool *err)
7054 uint64_t offset = 0;
7058 if(!large_file_format) {
7059 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7062 #if defined(HAVE_LONGLONG)
7063 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7064 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7065 #else /* HAVE_LONGLONG */
7068 * NT4.x seems to be broken in that it sends large file (64 bit)
7069 * lockingX calls even if the CAP_LARGE_FILES was *not*
7070 * negotiated. For boxes without large unsigned ints mangle the
7071 * lock offset by mapping the top 32 bits onto the lower 32.
7074 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7075 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7076 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7079 if((new_low = map_lock_offset(high, low)) == 0) {
7081 return (uint64_t)-1;
7084 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7085 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7086 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7087 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7090 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7091 #endif /* HAVE_LONGLONG */
7097 /****************************************************************************
7098 Reply to a lockingX request.
7099 ****************************************************************************/
7101 void reply_lockingX(struct smb_request *req)
7103 connection_struct *conn = req->conn;
7105 unsigned char locktype;
7106 unsigned char oplocklevel;
7109 uint64_t count = 0, offset = 0;
7113 const uint8_t *data;
7114 bool large_file_format;
7116 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7118 START_PROFILE(SMBlockingX);
7121 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7122 END_PROFILE(SMBlockingX);
7126 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7127 locktype = CVAL(req->vwv+3, 0);
7128 oplocklevel = CVAL(req->vwv+3, 1);
7129 num_ulocks = SVAL(req->vwv+6, 0);
7130 num_locks = SVAL(req->vwv+7, 0);
7131 lock_timeout = IVAL(req->vwv+4, 0);
7132 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7134 if (!check_fsp(conn, req, fsp)) {
7135 END_PROFILE(SMBlockingX);
7141 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7142 /* we don't support these - and CANCEL_LOCK makes w2k
7143 and XP reboot so I don't really want to be
7144 compatible! (tridge) */
7145 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
7146 END_PROFILE(SMBlockingX);
7150 /* Check if this is an oplock break on a file
7151 we have granted an oplock on.
7153 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7154 /* Client can insist on breaking to none. */
7155 bool break_to_none = (oplocklevel == 0);
7158 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7159 "for fnum = %d\n", (unsigned int)oplocklevel,
7163 * Make sure we have granted an exclusive or batch oplock on
7167 if (fsp->oplock_type == 0) {
7169 /* The Samba4 nbench simulator doesn't understand
7170 the difference between break to level2 and break
7171 to none from level2 - it sends oplock break
7172 replies in both cases. Don't keep logging an error
7173 message here - just ignore it. JRA. */
7175 DEBUG(5,("reply_lockingX: Error : oplock break from "
7176 "client for fnum = %d (oplock=%d) and no "
7177 "oplock granted on this file (%s).\n",
7178 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
7180 /* if this is a pure oplock break request then don't
7182 if (num_locks == 0 && num_ulocks == 0) {
7183 END_PROFILE(SMBlockingX);
7186 END_PROFILE(SMBlockingX);
7187 reply_doserror(req, ERRDOS, ERRlock);
7192 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7194 result = remove_oplock(fsp);
7196 result = downgrade_oplock(fsp);
7200 DEBUG(0, ("reply_lockingX: error in removing "
7201 "oplock on file %s\n", fsp->fsp_name));
7202 /* Hmmm. Is this panic justified? */
7203 smb_panic("internal tdb error");
7206 reply_to_oplock_break_requests(fsp);
7208 /* if this is a pure oplock break request then don't send a
7210 if (num_locks == 0 && num_ulocks == 0) {
7211 /* Sanity check - ensure a pure oplock break is not a
7213 if(CVAL(req->vwv+0, 0) != 0xff)
7214 DEBUG(0,("reply_lockingX: Error : pure oplock "
7215 "break is a chained %d request !\n",
7216 (unsigned int)CVAL(req->vwv+0, 0)));
7217 END_PROFILE(SMBlockingX);
7223 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7224 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7225 END_PROFILE(SMBlockingX);
7229 /* Data now points at the beginning of the list
7230 of smb_unlkrng structs */
7231 for(i = 0; i < (int)num_ulocks; i++) {
7232 lock_pid = get_lock_pid( data, i, large_file_format);
7233 count = get_lock_count( data, i, large_file_format);
7234 offset = get_lock_offset( data, i, large_file_format, &err);
7237 * There is no error code marked "stupid client bug".... :-).
7240 END_PROFILE(SMBlockingX);
7241 reply_doserror(req, ERRDOS, ERRnoaccess);
7245 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
7246 "pid %u, file %s\n", (double)offset, (double)count,
7247 (unsigned int)lock_pid, fsp->fsp_name ));
7249 status = do_unlock(smbd_messaging_context(),
7256 DEBUG(10, ("reply_lockingX: unlock returned %s\n",
7257 nt_errstr(status)));
7259 if (NT_STATUS_V(status)) {
7260 END_PROFILE(SMBlockingX);
7261 reply_nterror(req, status);
7266 /* Setup the timeout in seconds. */
7268 if (!lp_blocking_locks(SNUM(conn))) {
7272 /* Now do any requested locks */
7273 data += ((large_file_format ? 20 : 10)*num_ulocks);
7275 /* Data now points at the beginning of the list
7276 of smb_lkrng structs */
7278 for(i = 0; i < (int)num_locks; i++) {
7279 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
7280 READ_LOCK:WRITE_LOCK);
7281 lock_pid = get_lock_pid( data, i, large_file_format);
7282 count = get_lock_count( data, i, large_file_format);
7283 offset = get_lock_offset( data, i, large_file_format, &err);
7286 * There is no error code marked "stupid client bug".... :-).
7289 END_PROFILE(SMBlockingX);
7290 reply_doserror(req, ERRDOS, ERRnoaccess);
7294 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
7295 "%u, file %s timeout = %d\n", (double)offset,
7296 (double)count, (unsigned int)lock_pid,
7297 fsp->fsp_name, (int)lock_timeout ));
7299 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7300 struct blocking_lock_record *blr = NULL;
7302 if (lp_blocking_locks(SNUM(conn))) {
7304 /* Schedule a message to ourselves to
7305 remove the blocking lock record and
7306 return the right error. */
7308 blr = blocking_lock_cancel(fsp,
7314 NT_STATUS_FILE_LOCK_CONFLICT);
7316 END_PROFILE(SMBlockingX);
7321 ERRcancelviolation));
7325 /* Remove a matching pending lock. */
7326 status = do_lock_cancel(fsp,
7333 bool blocking_lock = lock_timeout ? True : False;
7334 bool defer_lock = False;
7335 struct byte_range_lock *br_lck;
7336 uint32 block_smbpid;
7338 br_lck = do_lock(smbd_messaging_context(),
7350 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7351 /* Windows internal resolution for blocking locks seems
7352 to be about 200ms... Don't wait for less than that. JRA. */
7353 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
7354 lock_timeout = lp_lock_spin_time();
7359 /* This heuristic seems to match W2K3 very well. If a
7360 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7361 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7362 far as I can tell. Replacement for do_lock_spin(). JRA. */
7364 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
7365 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
7367 lock_timeout = lp_lock_spin_time();
7370 if (br_lck && defer_lock) {
7372 * A blocking lock was requested. Package up
7373 * this smb into a queued request and push it
7374 * onto the blocking lock queue.
7376 if(push_blocking_lock_request(br_lck,
7387 TALLOC_FREE(br_lck);
7388 END_PROFILE(SMBlockingX);
7393 TALLOC_FREE(br_lck);
7396 if (NT_STATUS_V(status)) {
7397 END_PROFILE(SMBlockingX);
7398 reply_nterror(req, status);
7403 /* If any of the above locks failed, then we must unlock
7404 all of the previous locks (X/Open spec). */
7406 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
7410 * Ensure we don't do a remove on the lock that just failed,
7411 * as under POSIX rules, if we have a lock already there, we
7412 * will delete it (and we shouldn't) .....
7414 for(i--; i >= 0; i--) {
7415 lock_pid = get_lock_pid( data, i, large_file_format);
7416 count = get_lock_count( data, i, large_file_format);
7417 offset = get_lock_offset( data, i, large_file_format,
7421 * There is no error code marked "stupid client
7425 END_PROFILE(SMBlockingX);
7426 reply_doserror(req, ERRDOS, ERRnoaccess);
7430 do_unlock(smbd_messaging_context(),
7437 END_PROFILE(SMBlockingX);
7438 reply_nterror(req, status);
7442 reply_outbuf(req, 2, 0);
7444 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7445 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7447 END_PROFILE(SMBlockingX);
7452 #define DBGC_CLASS DBGC_ALL
7454 /****************************************************************************
7455 Reply to a SMBreadbmpx (read block multiplex) request.
7456 Always reply with an error, if someone has a platform really needs this,
7457 please contact vl@samba.org
7458 ****************************************************************************/
7460 void reply_readbmpx(struct smb_request *req)
7462 START_PROFILE(SMBreadBmpx);
7463 reply_doserror(req, ERRSRV, ERRuseSTD);
7464 END_PROFILE(SMBreadBmpx);
7468 /****************************************************************************
7469 Reply to a SMBreadbs (read block multiplex secondary) request.
7470 Always reply with an error, if someone has a platform really needs this,
7471 please contact vl@samba.org
7472 ****************************************************************************/
7474 void reply_readbs(struct smb_request *req)
7476 START_PROFILE(SMBreadBs);
7477 reply_doserror(req, ERRSRV, ERRuseSTD);
7478 END_PROFILE(SMBreadBs);
7482 /****************************************************************************
7483 Reply to a SMBsetattrE.
7484 ****************************************************************************/
7486 void reply_setattrE(struct smb_request *req)
7488 connection_struct *conn = req->conn;
7489 struct smb_file_time ft;
7491 SMB_STRUCT_STAT sbuf;
7494 START_PROFILE(SMBsetattrE);
7498 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7499 END_PROFILE(SMBsetattrE);
7503 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7505 if(!fsp || (fsp->conn != conn)) {
7506 reply_doserror(req, ERRDOS, ERRbadfid);
7507 END_PROFILE(SMBsetattrE);
7513 * Convert the DOS times into unix times.
7516 ft.atime = convert_time_t_to_timespec(
7517 srv_make_unix_date2(req->vwv+3));
7518 ft.mtime = convert_time_t_to_timespec(
7519 srv_make_unix_date2(req->vwv+5));
7520 ft.create_time = convert_time_t_to_timespec(
7521 srv_make_unix_date2(req->vwv+1));
7523 reply_outbuf(req, 0, 0);
7526 * Patch from Ray Frush <frush@engr.colostate.edu>
7527 * Sometimes times are sent as zero - ignore them.
7530 /* Ensure we have a valid stat struct for the source. */
7531 if (fsp->fh->fd != -1) {
7532 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7533 status = map_nt_error_from_unix(errno);
7534 reply_nterror(req, status);
7535 END_PROFILE(SMBsetattrE);
7541 if (fsp->posix_open) {
7542 ret = SMB_VFS_LSTAT(conn, fsp->fsp_name, &sbuf);
7544 ret = SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf);
7547 status = map_nt_error_from_unix(errno);
7548 reply_nterror(req, status);
7549 END_PROFILE(SMBsetattrE);
7554 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7556 if (!NT_STATUS_IS_OK(status)) {
7557 reply_doserror(req, ERRDOS, ERRnoaccess);
7558 END_PROFILE(SMBsetattrE);
7562 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7565 (unsigned int)ft.atime.tv_sec,
7566 (unsigned int)ft.mtime.tv_sec,
7567 (unsigned int)ft.create_time.tv_sec
7570 END_PROFILE(SMBsetattrE);
7575 /* Back from the dead for OS/2..... JRA. */
7577 /****************************************************************************
7578 Reply to a SMBwritebmpx (write block multiplex primary) request.
7579 Always reply with an error, if someone has a platform really needs this,
7580 please contact vl@samba.org
7581 ****************************************************************************/
7583 void reply_writebmpx(struct smb_request *req)
7585 START_PROFILE(SMBwriteBmpx);
7586 reply_doserror(req, ERRSRV, ERRuseSTD);
7587 END_PROFILE(SMBwriteBmpx);
7591 /****************************************************************************
7592 Reply to a SMBwritebs (write block multiplex secondary) request.
7593 Always reply with an error, if someone has a platform really needs this,
7594 please contact vl@samba.org
7595 ****************************************************************************/
7597 void reply_writebs(struct smb_request *req)
7599 START_PROFILE(SMBwriteBs);
7600 reply_doserror(req, ERRSRV, ERRuseSTD);
7601 END_PROFILE(SMBwriteBs);
7605 /****************************************************************************
7606 Reply to a SMBgetattrE.
7607 ****************************************************************************/
7609 void reply_getattrE(struct smb_request *req)
7611 connection_struct *conn = req->conn;
7612 SMB_STRUCT_STAT sbuf;
7615 struct timespec create_ts;
7617 START_PROFILE(SMBgetattrE);
7620 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7621 END_PROFILE(SMBgetattrE);
7625 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7627 if(!fsp || (fsp->conn != conn)) {
7628 reply_doserror(req, ERRDOS, ERRbadfid);
7629 END_PROFILE(SMBgetattrE);
7633 /* Do an fstat on this file */
7634 if(fsp_stat(fsp, &sbuf)) {
7635 reply_unixerror(req, ERRDOS, ERRnoaccess);
7636 END_PROFILE(SMBgetattrE);
7640 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7643 * Convert the times into dos times. Set create
7644 * date to be last modify date as UNIX doesn't save
7648 reply_outbuf(req, 11, 0);
7650 create_ts = sbuf.st_ex_btime;
7651 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7652 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7653 convert_timespec_to_time_t(sbuf.st_ex_atime));
7654 /* Should we check pending modtime here ? JRA */
7655 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7656 convert_timespec_to_time_t(sbuf.st_ex_mtime));
7659 SIVAL(req->outbuf, smb_vwv6, 0);
7660 SIVAL(req->outbuf, smb_vwv8, 0);
7662 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &sbuf);
7663 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_ex_size);
7664 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7666 SSVAL(req->outbuf,smb_vwv10, mode);
7668 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7670 END_PROFILE(SMBgetattrE);
git.samba.org / samba.git / blob