2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "system/filesys.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
32 #include "fake_file.h"
33 #include "rpc_client/rpc_client.h"
34 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
35 #include "rpc_client/cli_spoolss.h"
36 #include "rpc_client/init_spoolss.h"
37 #include "rpc_server/rpc_ncacn_np.h"
38 #include "libcli/security/security.h"
39 #include "libsmb/nmblib.h"
42 /****************************************************************************
43 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
44 path or anything including wildcards.
45 We're assuming here that '/' is not the second byte in any multibyte char
46 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
48 ****************************************************************************/
50 /* Custom version for processing POSIX paths. */
51 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
53 static NTSTATUS check_path_syntax_internal(char *path,
55 bool *p_last_component_contains_wcard)
59 NTSTATUS ret = NT_STATUS_OK;
60 bool start_of_name_component = True;
61 bool stream_started = false;
63 *p_last_component_contains_wcard = False;
70 return NT_STATUS_OBJECT_NAME_INVALID;
73 return NT_STATUS_OBJECT_NAME_INVALID;
75 if (strchr_m(&s[1], ':')) {
76 return NT_STATUS_OBJECT_NAME_INVALID;
82 if ((*s == ':') && !posix_path && !stream_started) {
83 if (*p_last_component_contains_wcard) {
84 return NT_STATUS_OBJECT_NAME_INVALID;
86 /* Stream names allow more characters than file names.
87 We're overloading posix_path here to allow a wider
88 range of characters. If stream_started is true this
89 is still a Windows path even if posix_path is true.
92 stream_started = true;
93 start_of_name_component = false;
97 return NT_STATUS_OBJECT_NAME_INVALID;
101 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
103 * Safe to assume is not the second part of a mb char
104 * as this is handled below.
106 /* Eat multiple '/' or '\\' */
107 while (IS_PATH_SEP(*s,posix_path)) {
110 if ((d != path) && (*s != '\0')) {
111 /* We only care about non-leading or trailing '/' or '\\' */
115 start_of_name_component = True;
117 *p_last_component_contains_wcard = False;
121 if (start_of_name_component) {
122 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
123 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
126 * No mb char starts with '.' so we're safe checking the directory separator here.
129 /* If we just added a '/' - delete it */
130 if ((d > path) && (*(d-1) == '/')) {
135 /* Are we at the start ? Can't go back further if so. */
137 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
140 /* Go back one level... */
141 /* We know this is safe as '/' cannot be part of a mb sequence. */
142 /* NOTE - if this assumption is invalid we are not in good shape... */
143 /* Decrement d first as d points to the *next* char to write into. */
144 for (d--; d > path; d--) {
148 s += 2; /* Else go past the .. */
149 /* We're still at the start of a name component, just the previous one. */
152 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
164 if (*s <= 0x1f || *s == '|') {
165 return NT_STATUS_OBJECT_NAME_INVALID;
173 *p_last_component_contains_wcard = True;
182 /* Get the size of the next MB character. */
183 next_codepoint(s,&siz);
201 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
203 return NT_STATUS_INVALID_PARAMETER;
206 start_of_name_component = False;
214 /****************************************************************************
215 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
216 No wildcards allowed.
217 ****************************************************************************/
219 NTSTATUS check_path_syntax(char *path)
222 return check_path_syntax_internal(path, False, &ignore);
225 /****************************************************************************
226 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
227 Wildcards allowed - p_contains_wcard returns true if the last component contained
229 ****************************************************************************/
231 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
233 return check_path_syntax_internal(path, False, p_contains_wcard);
236 /****************************************************************************
237 Check the path for a POSIX client.
238 We're assuming here that '/' is not the second byte in any multibyte char
239 set (a safe assumption).
240 ****************************************************************************/
242 NTSTATUS check_path_syntax_posix(char *path)
245 return check_path_syntax_internal(path, True, &ignore);
248 /****************************************************************************
249 Pull a string and check the path allowing a wilcard - provide for error return.
250 ****************************************************************************/
252 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
253 const char *base_ptr,
260 bool *contains_wcard)
266 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
270 *err = NT_STATUS_INVALID_PARAMETER;
274 *contains_wcard = False;
276 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
278 * For a DFS path the function parse_dfs_path()
279 * will do the path processing, just make a copy.
285 if (lp_posix_pathnames()) {
286 *err = check_path_syntax_posix(*pp_dest);
288 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
294 /****************************************************************************
295 Pull a string and check the path - provide for error return.
296 ****************************************************************************/
298 size_t srvstr_get_path(TALLOC_CTX *ctx,
299 const char *base_ptr,
308 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
309 src_len, flags, err, &ignore);
312 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
313 char **pp_dest, const char *src, int flags,
314 NTSTATUS *err, bool *contains_wcard)
316 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
317 pp_dest, src, smbreq_bufrem(req, src),
318 flags, err, contains_wcard);
321 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
322 char **pp_dest, const char *src, int flags,
326 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
327 flags, err, &ignore);
330 /****************************************************************************
331 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
332 ****************************************************************************/
334 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
337 if ((fsp == NULL) || (conn == NULL)) {
338 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
342 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
348 /****************************************************************************
349 Check if we have a correct fsp pointing to a file.
350 ****************************************************************************/
352 bool check_fsp(connection_struct *conn, struct smb_request *req,
355 if (!check_fsp_open(conn, req, fsp)) {
358 if (fsp->is_directory) {
359 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
362 if (fsp->fh->fd == -1) {
363 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
366 fsp->num_smb_operations++;
370 /****************************************************************************
371 Check if we have a correct fsp pointing to a quota fake file. Replacement for
372 the CHECK_NTQUOTA_HANDLE_OK macro.
373 ****************************************************************************/
375 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
378 if (!check_fsp_open(conn, req, fsp)) {
382 if (fsp->is_directory) {
386 if (fsp->fake_file_handle == NULL) {
390 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
394 if (fsp->fake_file_handle->private_data == NULL) {
401 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
402 const char *name, int name_type)
405 char *trim_name_type;
406 const char *retarget_parm;
409 int retarget_type = 0x20;
410 int retarget_port = 139;
411 struct sockaddr_storage retarget_addr;
412 struct sockaddr_in *in_addr;
416 if (get_socket_port(sconn->sock) != 139) {
420 trim_name = talloc_strdup(talloc_tos(), name);
421 if (trim_name == NULL) {
424 trim_char(trim_name, ' ', ' ');
426 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
428 if (trim_name_type == NULL) {
432 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
433 trim_name_type, NULL);
434 if (retarget_parm == NULL) {
435 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
438 if (retarget_parm == NULL) {
442 retarget = talloc_strdup(trim_name, retarget_parm);
443 if (retarget == NULL) {
447 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
449 p = strchr(retarget, ':');
452 retarget_port = atoi(p);
455 p = strchr_m(retarget, '#');
458 sscanf(p, "%x", &retarget_type);
461 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
463 DEBUG(10, ("could not resolve %s\n", retarget));
467 if (retarget_addr.ss_family != AF_INET) {
468 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
472 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
474 _smb_setlen(outbuf, 6);
475 SCVAL(outbuf, 0, 0x84);
476 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
477 *(uint16_t *)(outbuf+8) = htons(retarget_port);
479 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
481 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
487 TALLOC_FREE(trim_name);
491 /****************************************************************************
492 Reply to a (netbios-level) special message.
493 ****************************************************************************/
495 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
497 int msg_type = CVAL(inbuf,0);
498 int msg_flags = CVAL(inbuf,1);
500 * We only really use 4 bytes of the outbuf, but for the smb_setlen
501 * calculation & friends (srv_send_smb uses that) we need the full smb
504 char outbuf[smb_size];
506 memset(outbuf, '\0', sizeof(outbuf));
508 smb_setlen(outbuf,0);
511 case 0x81: /* session request */
513 /* inbuf_size is guarenteed to be at least 4. */
515 int name_type1, name_type2;
516 int name_len1, name_len2;
520 if (sconn->nbt.got_session) {
521 exit_server_cleanly("multiple session request not permitted");
524 SCVAL(outbuf,0,0x82);
527 /* inbuf_size is guaranteed to be at least 4. */
528 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
529 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
530 DEBUG(0,("Invalid name length in session request\n"));
533 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
534 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
535 DEBUG(0,("Invalid name length in session request\n"));
539 name_type1 = name_extract((unsigned char *)inbuf,
540 inbuf_size,(unsigned int)4,name1);
541 name_type2 = name_extract((unsigned char *)inbuf,
542 inbuf_size,(unsigned int)(4 + name_len1),name2);
544 if (name_type1 == -1 || name_type2 == -1) {
545 DEBUG(0,("Invalid name type in session request\n"));
549 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
550 name1, name_type1, name2, name_type2));
552 if (netbios_session_retarget(sconn, name1, name_type1)) {
553 exit_server_cleanly("retargeted client");
557 * Windows NT/2k uses "*SMBSERVER" and XP uses
558 * "*SMBSERV" arrggg!!!
560 if (strequal(name1, "*SMBSERVER ")
561 || strequal(name1, "*SMBSERV ")) {
562 fstrcpy(name1, sconn->client_id.addr);
565 set_local_machine_name(name1, True);
566 set_remote_machine_name(name2, True);
568 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
569 get_local_machine_name(), get_remote_machine_name(),
572 if (name_type2 == 'R') {
573 /* We are being asked for a pathworks session ---
575 SCVAL(outbuf, 0,0x83);
579 /* only add the client's machine name to the list
580 of possibly valid usernames if we are operating
581 in share mode security */
582 if (lp_security() == SEC_SHARE) {
583 add_session_user(sconn, get_remote_machine_name());
586 reload_services(sconn->msg_ctx, sconn->sock, True);
589 sconn->nbt.got_session = true;
593 case 0x89: /* session keepalive request
594 (some old clients produce this?) */
595 SCVAL(outbuf,0,SMBkeepalive);
599 case 0x82: /* positive session response */
600 case 0x83: /* negative session response */
601 case 0x84: /* retarget session response */
602 DEBUG(0,("Unexpected session response\n"));
605 case SMBkeepalive: /* session keepalive */
610 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
611 msg_type, msg_flags));
613 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
617 /****************************************************************************
619 conn POINTER CAN BE NULL HERE !
620 ****************************************************************************/
622 void reply_tcon(struct smb_request *req)
624 connection_struct *conn = req->conn;
626 char *service_buf = NULL;
627 char *password = NULL;
632 DATA_BLOB password_blob;
633 TALLOC_CTX *ctx = talloc_tos();
634 struct smbd_server_connection *sconn = req->sconn;
636 START_PROFILE(SMBtcon);
638 if (req->buflen < 4) {
639 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
640 END_PROFILE(SMBtcon);
644 p = (const char *)req->buf + 1;
645 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
647 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
649 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
652 if (service_buf == NULL || password == NULL || dev == NULL) {
653 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
654 END_PROFILE(SMBtcon);
657 p = strrchr_m(service_buf,'\\');
661 service = service_buf;
664 password_blob = data_blob(password, pwlen+1);
666 conn = make_connection(sconn,service,password_blob,dev,
667 req->vuid,&nt_status);
670 data_blob_clear_free(&password_blob);
673 reply_nterror(req, nt_status);
674 END_PROFILE(SMBtcon);
678 reply_outbuf(req, 2, 0);
679 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
680 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
681 SSVAL(req->outbuf,smb_tid,conn->cnum);
683 DEBUG(3,("tcon service=%s cnum=%d\n",
684 service, conn->cnum));
686 END_PROFILE(SMBtcon);
690 /****************************************************************************
691 Reply to a tcon and X.
692 conn POINTER CAN BE NULL HERE !
693 ****************************************************************************/
695 void reply_tcon_and_X(struct smb_request *req)
697 connection_struct *conn = req->conn;
698 const char *service = NULL;
700 TALLOC_CTX *ctx = talloc_tos();
701 /* what the cleint thinks the device is */
702 char *client_devicetype = NULL;
703 /* what the server tells the client the share represents */
704 const char *server_devicetype;
710 struct smbd_server_connection *sconn = req->sconn;
712 START_PROFILE(SMBtconX);
715 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
716 END_PROFILE(SMBtconX);
720 passlen = SVAL(req->vwv+3, 0);
721 tcon_flags = SVAL(req->vwv+2, 0);
723 /* we might have to close an old one */
724 if ((tcon_flags & 0x1) && conn) {
725 close_cnum(conn,req->vuid);
730 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
731 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
732 END_PROFILE(SMBtconX);
736 if (sconn->smb1.negprot.encrypted_passwords) {
737 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
738 if (lp_security() == SEC_SHARE) {
740 * Security = share always has a pad byte
741 * after the password.
743 p = (const char *)req->buf + passlen + 1;
745 p = (const char *)req->buf + passlen;
748 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
749 /* Ensure correct termination */
750 password.data[passlen]=0;
751 p = (const char *)req->buf + passlen + 1;
754 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
757 data_blob_clear_free(&password);
758 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
759 END_PROFILE(SMBtconX);
764 * the service name can be either: \\server\share
765 * or share directly like on the DELL PowerVault 705
768 q = strchr_m(path+2,'\\');
770 data_blob_clear_free(&password);
771 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
772 END_PROFILE(SMBtconX);
780 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
781 &client_devicetype, p,
782 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
784 if (client_devicetype == NULL) {
785 data_blob_clear_free(&password);
786 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
787 END_PROFILE(SMBtconX);
791 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
793 conn = make_connection(sconn, service, password, client_devicetype,
794 req->vuid, &nt_status);
797 data_blob_clear_free(&password);
800 reply_nterror(req, nt_status);
801 END_PROFILE(SMBtconX);
806 server_devicetype = "IPC";
807 else if ( IS_PRINT(conn) )
808 server_devicetype = "LPT1:";
810 server_devicetype = "A:";
812 if (get_Protocol() < PROTOCOL_NT1) {
813 reply_outbuf(req, 2, 0);
814 if (message_push_string(&req->outbuf, server_devicetype,
815 STR_TERMINATE|STR_ASCII) == -1) {
816 reply_nterror(req, NT_STATUS_NO_MEMORY);
817 END_PROFILE(SMBtconX);
821 /* NT sets the fstype of IPC$ to the null string */
822 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
824 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
825 /* Return permissions. */
829 reply_outbuf(req, 7, 0);
832 perm1 = FILE_ALL_ACCESS;
833 perm2 = FILE_ALL_ACCESS;
835 perm1 = CAN_WRITE(conn) ?
840 SIVAL(req->outbuf, smb_vwv3, perm1);
841 SIVAL(req->outbuf, smb_vwv5, perm2);
843 reply_outbuf(req, 3, 0);
846 if ((message_push_string(&req->outbuf, server_devicetype,
847 STR_TERMINATE|STR_ASCII) == -1)
848 || (message_push_string(&req->outbuf, fstype,
849 STR_TERMINATE) == -1)) {
850 reply_nterror(req, NT_STATUS_NO_MEMORY);
851 END_PROFILE(SMBtconX);
855 /* what does setting this bit do? It is set by NT4 and
856 may affect the ability to autorun mounted cdroms */
857 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
858 (lp_csc_policy(SNUM(conn)) << 2));
860 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
861 DEBUG(2,("Serving %s as a Dfs root\n",
862 lp_servicename(SNUM(conn)) ));
863 SSVAL(req->outbuf, smb_vwv2,
864 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
869 DEBUG(3,("tconX service=%s \n",
872 /* set the incoming and outgoing tid to the just created one */
873 SSVAL(req->inbuf,smb_tid,conn->cnum);
874 SSVAL(req->outbuf,smb_tid,conn->cnum);
876 END_PROFILE(SMBtconX);
878 req->tid = conn->cnum;
883 /****************************************************************************
884 Reply to an unknown type.
885 ****************************************************************************/
887 void reply_unknown_new(struct smb_request *req, uint8 type)
889 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
890 smb_fn_name(type), type, type));
891 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
895 /****************************************************************************
897 conn POINTER CAN BE NULL HERE !
898 ****************************************************************************/
900 void reply_ioctl(struct smb_request *req)
902 connection_struct *conn = req->conn;
909 START_PROFILE(SMBioctl);
912 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
913 END_PROFILE(SMBioctl);
917 device = SVAL(req->vwv+1, 0);
918 function = SVAL(req->vwv+2, 0);
919 ioctl_code = (device << 16) + function;
921 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
923 switch (ioctl_code) {
924 case IOCTL_QUERY_JOB_INFO:
928 reply_force_doserror(req, ERRSRV, ERRnosupport);
929 END_PROFILE(SMBioctl);
933 reply_outbuf(req, 8, replysize+1);
934 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
935 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
936 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
937 p = smb_buf(req->outbuf);
938 memset(p, '\0', replysize+1); /* valgrind-safe. */
939 p += 1; /* Allow for alignment */
941 switch (ioctl_code) {
942 case IOCTL_QUERY_JOB_INFO:
944 files_struct *fsp = file_fsp(
945 req, SVAL(req->vwv+0, 0));
947 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
948 END_PROFILE(SMBioctl);
952 if (fsp->print_file) {
953 SSVAL(p, 0, fsp->print_file->rap_jobid);
957 srvstr_push((char *)req->outbuf, req->flags2, p+2,
959 STR_TERMINATE|STR_ASCII);
961 srvstr_push((char *)req->outbuf, req->flags2,
962 p+18, lp_servicename(SNUM(conn)),
963 13, STR_TERMINATE|STR_ASCII);
971 END_PROFILE(SMBioctl);
975 /****************************************************************************
976 Strange checkpath NTSTATUS mapping.
977 ****************************************************************************/
979 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
981 /* Strange DOS error code semantics only for checkpath... */
982 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
983 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
984 /* We need to map to ERRbadpath */
985 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
991 /****************************************************************************
992 Reply to a checkpath.
993 ****************************************************************************/
995 void reply_checkpath(struct smb_request *req)
997 connection_struct *conn = req->conn;
998 struct smb_filename *smb_fname = NULL;
1001 TALLOC_CTX *ctx = talloc_tos();
1003 START_PROFILE(SMBcheckpath);
1005 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1006 STR_TERMINATE, &status);
1008 if (!NT_STATUS_IS_OK(status)) {
1009 status = map_checkpath_error(req->flags2, status);
1010 reply_nterror(req, status);
1011 END_PROFILE(SMBcheckpath);
1015 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1017 status = filename_convert(ctx,
1019 req->flags2 & FLAGS2_DFS_PATHNAMES,
1025 if (!NT_STATUS_IS_OK(status)) {
1026 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1027 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1028 ERRSRV, ERRbadpath);
1029 END_PROFILE(SMBcheckpath);
1035 if (!VALID_STAT(smb_fname->st) &&
1036 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1037 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1038 smb_fname_str_dbg(smb_fname), strerror(errno)));
1039 status = map_nt_error_from_unix(errno);
1043 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1044 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1045 ERRDOS, ERRbadpath);
1049 reply_outbuf(req, 0, 0);
1052 /* We special case this - as when a Windows machine
1053 is parsing a path is steps through the components
1054 one at a time - if a component fails it expects
1055 ERRbadpath, not ERRbadfile.
1057 status = map_checkpath_error(req->flags2, status);
1058 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1060 * Windows returns different error codes if
1061 * the parent directory is valid but not the
1062 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1063 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1064 * if the path is invalid.
1066 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1067 ERRDOS, ERRbadpath);
1071 reply_nterror(req, status);
1074 TALLOC_FREE(smb_fname);
1075 END_PROFILE(SMBcheckpath);
1079 /****************************************************************************
1081 ****************************************************************************/
1083 void reply_getatr(struct smb_request *req)
1085 connection_struct *conn = req->conn;
1086 struct smb_filename *smb_fname = NULL;
1093 TALLOC_CTX *ctx = talloc_tos();
1094 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1096 START_PROFILE(SMBgetatr);
1098 p = (const char *)req->buf + 1;
1099 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1100 if (!NT_STATUS_IS_OK(status)) {
1101 reply_nterror(req, status);
1105 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1106 under WfWg - weird! */
1107 if (*fname == '\0') {
1108 mode = aHIDDEN | aDIR;
1109 if (!CAN_WRITE(conn)) {
1115 status = filename_convert(ctx,
1117 req->flags2 & FLAGS2_DFS_PATHNAMES,
1122 if (!NT_STATUS_IS_OK(status)) {
1123 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1124 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1125 ERRSRV, ERRbadpath);
1128 reply_nterror(req, status);
1131 if (!VALID_STAT(smb_fname->st) &&
1132 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1133 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1134 smb_fname_str_dbg(smb_fname),
1136 reply_nterror(req, map_nt_error_from_unix(errno));
1140 mode = dos_mode(conn, smb_fname);
1141 size = smb_fname->st.st_ex_size;
1143 if (ask_sharemode) {
1144 struct timespec write_time_ts;
1145 struct file_id fileid;
1147 ZERO_STRUCT(write_time_ts);
1148 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1149 get_file_infos(fileid, 0, NULL, &write_time_ts);
1150 if (!null_timespec(write_time_ts)) {
1151 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1155 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1161 reply_outbuf(req, 10, 0);
1163 SSVAL(req->outbuf,smb_vwv0,mode);
1164 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1165 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1167 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1169 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1171 if (get_Protocol() >= PROTOCOL_NT1) {
1172 SSVAL(req->outbuf, smb_flg2,
1173 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1176 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1177 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1180 TALLOC_FREE(smb_fname);
1182 END_PROFILE(SMBgetatr);
1186 /****************************************************************************
1188 ****************************************************************************/
1190 void reply_setatr(struct smb_request *req)
1192 struct smb_file_time ft;
1193 connection_struct *conn = req->conn;
1194 struct smb_filename *smb_fname = NULL;
1200 TALLOC_CTX *ctx = talloc_tos();
1202 START_PROFILE(SMBsetatr);
1207 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1211 p = (const char *)req->buf + 1;
1212 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1213 if (!NT_STATUS_IS_OK(status)) {
1214 reply_nterror(req, status);
1218 status = filename_convert(ctx,
1220 req->flags2 & FLAGS2_DFS_PATHNAMES,
1225 if (!NT_STATUS_IS_OK(status)) {
1226 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1227 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1228 ERRSRV, ERRbadpath);
1231 reply_nterror(req, status);
1235 if (smb_fname->base_name[0] == '.' &&
1236 smb_fname->base_name[1] == '\0') {
1238 * Not sure here is the right place to catch this
1239 * condition. Might be moved to somewhere else later -- vl
1241 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1245 mode = SVAL(req->vwv+0, 0);
1246 mtime = srv_make_unix_date3(req->vwv+1);
1248 ft.mtime = convert_time_t_to_timespec(mtime);
1249 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1250 if (!NT_STATUS_IS_OK(status)) {
1251 reply_nterror(req, status);
1255 if (mode != FILE_ATTRIBUTE_NORMAL) {
1256 if (VALID_STAT_OF_DIR(smb_fname->st))
1261 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1263 reply_nterror(req, map_nt_error_from_unix(errno));
1268 reply_outbuf(req, 0, 0);
1270 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1273 TALLOC_FREE(smb_fname);
1274 END_PROFILE(SMBsetatr);
1278 /****************************************************************************
1280 ****************************************************************************/
1282 void reply_dskattr(struct smb_request *req)
1284 connection_struct *conn = req->conn;
1285 uint64_t dfree,dsize,bsize;
1286 START_PROFILE(SMBdskattr);
1288 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1289 reply_nterror(req, map_nt_error_from_unix(errno));
1290 END_PROFILE(SMBdskattr);
1294 reply_outbuf(req, 5, 0);
1296 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1297 double total_space, free_space;
1298 /* we need to scale this to a number that DOS6 can handle. We
1299 use floating point so we can handle large drives on systems
1300 that don't have 64 bit integers
1302 we end up displaying a maximum of 2G to DOS systems
1304 total_space = dsize * (double)bsize;
1305 free_space = dfree * (double)bsize;
1307 dsize = (uint64_t)((total_space+63*512) / (64*512));
1308 dfree = (uint64_t)((free_space+63*512) / (64*512));
1310 if (dsize > 0xFFFF) dsize = 0xFFFF;
1311 if (dfree > 0xFFFF) dfree = 0xFFFF;
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1315 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1318 SSVAL(req->outbuf,smb_vwv0,dsize);
1319 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1320 SSVAL(req->outbuf,smb_vwv2,512);
1321 SSVAL(req->outbuf,smb_vwv3,dfree);
1324 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1326 END_PROFILE(SMBdskattr);
1331 * Utility function to split the filename from the directory.
1333 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1334 char **fname_dir_out,
1335 char **fname_mask_out)
1337 const char *p = NULL;
1338 char *fname_dir = NULL;
1339 char *fname_mask = NULL;
1341 p = strrchr_m(fname_in, '/');
1343 fname_dir = talloc_strdup(ctx, ".");
1344 fname_mask = talloc_strdup(ctx, fname_in);
1346 fname_dir = talloc_strndup(ctx, fname_in,
1347 PTR_DIFF(p, fname_in));
1348 fname_mask = talloc_strdup(ctx, p+1);
1351 if (!fname_dir || !fname_mask) {
1352 TALLOC_FREE(fname_dir);
1353 TALLOC_FREE(fname_mask);
1354 return NT_STATUS_NO_MEMORY;
1357 *fname_dir_out = fname_dir;
1358 *fname_mask_out = fname_mask;
1359 return NT_STATUS_OK;
1362 /****************************************************************************
1364 Can be called from SMBsearch, SMBffirst or SMBfunique.
1365 ****************************************************************************/
1367 void reply_search(struct smb_request *req)
1369 connection_struct *conn = req->conn;
1371 const char *mask = NULL;
1372 char *directory = NULL;
1373 struct smb_filename *smb_fname = NULL;
1377 struct timespec date;
1379 unsigned int numentries = 0;
1380 unsigned int maxentries = 0;
1381 bool finished = False;
1386 bool check_descend = False;
1387 bool expect_close = False;
1389 bool mask_contains_wcard = False;
1390 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1391 TALLOC_CTX *ctx = talloc_tos();
1392 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1393 struct dptr_struct *dirptr = NULL;
1394 struct smbd_server_connection *sconn = req->sconn;
1396 START_PROFILE(SMBsearch);
1399 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1403 if (lp_posix_pathnames()) {
1404 reply_unknown_new(req, req->cmd);
1408 /* If we were called as SMBffirst then we must expect close. */
1409 if(req->cmd == SMBffirst) {
1410 expect_close = True;
1413 reply_outbuf(req, 1, 3);
1414 maxentries = SVAL(req->vwv+0, 0);
1415 dirtype = SVAL(req->vwv+1, 0);
1416 p = (const char *)req->buf + 1;
1417 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1418 &nt_status, &mask_contains_wcard);
1419 if (!NT_STATUS_IS_OK(nt_status)) {
1420 reply_nterror(req, nt_status);
1425 status_len = SVAL(p, 0);
1428 /* dirtype &= ~aDIR; */
1430 if (status_len == 0) {
1431 nt_status = filename_convert(ctx, conn,
1432 req->flags2 & FLAGS2_DFS_PATHNAMES,
1434 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1435 &mask_contains_wcard,
1437 if (!NT_STATUS_IS_OK(nt_status)) {
1438 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1439 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1440 ERRSRV, ERRbadpath);
1443 reply_nterror(req, nt_status);
1447 directory = smb_fname->base_name;
1449 p = strrchr_m(directory,'/');
1450 if ((p != NULL) && (*directory != '/')) {
1452 directory = talloc_strndup(ctx, directory,
1453 PTR_DIFF(p, directory));
1456 directory = talloc_strdup(ctx,".");
1460 reply_nterror(req, NT_STATUS_NO_MEMORY);
1464 memset((char *)status,'\0',21);
1465 SCVAL(status,0,(dirtype & 0x1F));
1467 nt_status = dptr_create(conn,
1474 mask_contains_wcard,
1477 if (!NT_STATUS_IS_OK(nt_status)) {
1478 reply_nterror(req, nt_status);
1481 dptr_num = dptr_dnum(dirptr);
1484 const char *dirpath;
1486 memcpy(status,p,21);
1487 status_dirtype = CVAL(status,0) & 0x1F;
1488 if (status_dirtype != (dirtype & 0x1F)) {
1489 dirtype = status_dirtype;
1492 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1496 dirpath = dptr_path(sconn, dptr_num);
1497 directory = talloc_strdup(ctx, dirpath);
1499 reply_nterror(req, NT_STATUS_NO_MEMORY);
1503 mask = dptr_wcard(sconn, dptr_num);
1508 * For a 'continue' search we have no string. So
1509 * check from the initial saved string.
1511 mask_contains_wcard = ms_has_wild(mask);
1512 dirtype = dptr_attr(sconn, dptr_num);
1515 DEBUG(4,("dptr_num is %d\n",dptr_num));
1517 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1518 dptr_init_search_op(dirptr);
1520 if ((dirtype&0x1F) == aVOLID) {
1521 char buf[DIR_STRUCT_SIZE];
1522 memcpy(buf,status,21);
1523 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1524 0,aVOLID,0,!allow_long_path_components)) {
1525 reply_nterror(req, NT_STATUS_NO_MEMORY);
1528 dptr_fill(sconn, buf+12,dptr_num);
1529 if (dptr_zero(buf+12) && (status_len==0)) {
1534 if (message_push_blob(&req->outbuf,
1535 data_blob_const(buf, sizeof(buf)))
1537 reply_nterror(req, NT_STATUS_NO_MEMORY);
1545 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1548 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1549 directory,lp_dontdescend(SNUM(conn))));
1550 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1551 check_descend = True;
1554 for (i=numentries;(i<maxentries) && !finished;i++) {
1555 finished = !get_dir_entry(ctx,
1566 char buf[DIR_STRUCT_SIZE];
1567 memcpy(buf,status,21);
1568 if (!make_dir_struct(ctx,
1574 convert_timespec_to_time_t(date),
1575 !allow_long_path_components)) {
1576 reply_nterror(req, NT_STATUS_NO_MEMORY);
1579 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1582 if (message_push_blob(&req->outbuf,
1583 data_blob_const(buf, sizeof(buf)))
1585 reply_nterror(req, NT_STATUS_NO_MEMORY);
1595 /* If we were called as SMBffirst with smb_search_id == NULL
1596 and no entries were found then return error and close dirptr
1599 if (numentries == 0) {
1600 dptr_close(sconn, &dptr_num);
1601 } else if(expect_close && status_len == 0) {
1602 /* Close the dptr - we know it's gone */
1603 dptr_close(sconn, &dptr_num);
1606 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1607 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1608 dptr_close(sconn, &dptr_num);
1611 if ((numentries == 0) && !mask_contains_wcard) {
1612 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1616 SSVAL(req->outbuf,smb_vwv0,numentries);
1617 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1618 SCVAL(smb_buf(req->outbuf),0,5);
1619 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1621 /* The replies here are never long name. */
1622 SSVAL(req->outbuf, smb_flg2,
1623 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1624 if (!allow_long_path_components) {
1625 SSVAL(req->outbuf, smb_flg2,
1626 SVAL(req->outbuf, smb_flg2)
1627 & (~FLAGS2_LONG_PATH_COMPONENTS));
1630 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1631 SSVAL(req->outbuf, smb_flg2,
1632 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1634 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1635 smb_fn_name(req->cmd),
1642 TALLOC_FREE(directory);
1643 TALLOC_FREE(smb_fname);
1644 END_PROFILE(SMBsearch);
1648 /****************************************************************************
1649 Reply to a fclose (stop directory search).
1650 ****************************************************************************/
1652 void reply_fclose(struct smb_request *req)
1660 bool path_contains_wcard = False;
1661 TALLOC_CTX *ctx = talloc_tos();
1662 struct smbd_server_connection *sconn = req->sconn;
1664 START_PROFILE(SMBfclose);
1666 if (lp_posix_pathnames()) {
1667 reply_unknown_new(req, req->cmd);
1668 END_PROFILE(SMBfclose);
1672 p = (const char *)req->buf + 1;
1673 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1674 &err, &path_contains_wcard);
1675 if (!NT_STATUS_IS_OK(err)) {
1676 reply_nterror(req, err);
1677 END_PROFILE(SMBfclose);
1681 status_len = SVAL(p,0);
1684 if (status_len == 0) {
1685 reply_force_doserror(req, ERRSRV, ERRsrverror);
1686 END_PROFILE(SMBfclose);
1690 memcpy(status,p,21);
1692 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1693 /* Close the dptr - we know it's gone */
1694 dptr_close(sconn, &dptr_num);
1697 reply_outbuf(req, 1, 0);
1698 SSVAL(req->outbuf,smb_vwv0,0);
1700 DEBUG(3,("search close\n"));
1702 END_PROFILE(SMBfclose);
1706 /****************************************************************************
1708 ****************************************************************************/
1710 void reply_open(struct smb_request *req)
1712 connection_struct *conn = req->conn;
1713 struct smb_filename *smb_fname = NULL;
1725 uint32 create_disposition;
1726 uint32 create_options = 0;
1727 uint32_t private_flags = 0;
1729 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1730 TALLOC_CTX *ctx = talloc_tos();
1732 START_PROFILE(SMBopen);
1735 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1739 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1740 deny_mode = SVAL(req->vwv+0, 0);
1741 dos_attr = SVAL(req->vwv+1, 0);
1743 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1744 STR_TERMINATE, &status);
1745 if (!NT_STATUS_IS_OK(status)) {
1746 reply_nterror(req, status);
1750 status = filename_convert(ctx,
1752 req->flags2 & FLAGS2_DFS_PATHNAMES,
1757 if (!NT_STATUS_IS_OK(status)) {
1758 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1759 reply_botherror(req,
1760 NT_STATUS_PATH_NOT_COVERED,
1761 ERRSRV, ERRbadpath);
1764 reply_nterror(req, status);
1768 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1769 OPENX_FILE_EXISTS_OPEN, &access_mask,
1770 &share_mode, &create_disposition,
1771 &create_options, &private_flags)) {
1772 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1776 status = SMB_VFS_CREATE_FILE(
1779 0, /* root_dir_fid */
1780 smb_fname, /* fname */
1781 access_mask, /* access_mask */
1782 share_mode, /* share_access */
1783 create_disposition, /* create_disposition*/
1784 create_options, /* create_options */
1785 dos_attr, /* file_attributes */
1786 oplock_request, /* oplock_request */
1787 0, /* allocation_size */
1794 if (!NT_STATUS_IS_OK(status)) {
1795 if (open_was_deferred(req->mid)) {
1796 /* We have re-scheduled this call. */
1799 reply_openerror(req, status);
1803 size = smb_fname->st.st_ex_size;
1804 fattr = dos_mode(conn, smb_fname);
1806 /* Deal with other possible opens having a modified
1808 if (ask_sharemode) {
1809 struct timespec write_time_ts;
1811 ZERO_STRUCT(write_time_ts);
1812 get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
1813 if (!null_timespec(write_time_ts)) {
1814 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1818 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1821 DEBUG(3,("attempt to open a directory %s\n",
1823 close_file(req, fsp, ERROR_CLOSE);
1824 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1825 ERRDOS, ERRnoaccess);
1829 reply_outbuf(req, 7, 0);
1830 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1831 SSVAL(req->outbuf,smb_vwv1,fattr);
1832 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1833 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1835 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1837 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1838 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1840 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1841 SCVAL(req->outbuf,smb_flg,
1842 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1845 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1846 SCVAL(req->outbuf,smb_flg,
1847 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1850 TALLOC_FREE(smb_fname);
1851 END_PROFILE(SMBopen);
1855 /****************************************************************************
1856 Reply to an open and X.
1857 ****************************************************************************/
1859 void reply_open_and_X(struct smb_request *req)
1861 connection_struct *conn = req->conn;
1862 struct smb_filename *smb_fname = NULL;
1867 /* Breakout the oplock request bits so we can set the
1868 reply bits separately. */
1869 int ex_oplock_request;
1870 int core_oplock_request;
1873 int smb_sattr = SVAL(req->vwv+4, 0);
1874 uint32 smb_time = make_unix_date3(req->vwv+6);
1882 uint64_t allocation_size;
1883 ssize_t retval = -1;
1886 uint32 create_disposition;
1887 uint32 create_options = 0;
1888 uint32_t private_flags = 0;
1889 TALLOC_CTX *ctx = talloc_tos();
1891 START_PROFILE(SMBopenX);
1893 if (req->wct < 15) {
1894 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1898 open_flags = SVAL(req->vwv+2, 0);
1899 deny_mode = SVAL(req->vwv+3, 0);
1900 smb_attr = SVAL(req->vwv+5, 0);
1901 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1902 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1903 oplock_request = ex_oplock_request | core_oplock_request;
1904 smb_ofun = SVAL(req->vwv+8, 0);
1905 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1907 /* If it's an IPC, pass off the pipe handler. */
1909 if (lp_nt_pipe_support()) {
1910 reply_open_pipe_and_X(conn, req);
1912 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1917 /* XXXX we need to handle passed times, sattr and flags */
1918 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1919 STR_TERMINATE, &status);
1920 if (!NT_STATUS_IS_OK(status)) {
1921 reply_nterror(req, status);
1925 status = filename_convert(ctx,
1927 req->flags2 & FLAGS2_DFS_PATHNAMES,
1932 if (!NT_STATUS_IS_OK(status)) {
1933 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1934 reply_botherror(req,
1935 NT_STATUS_PATH_NOT_COVERED,
1936 ERRSRV, ERRbadpath);
1939 reply_nterror(req, status);
1943 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1944 &access_mask, &share_mode,
1945 &create_disposition,
1948 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1952 status = SMB_VFS_CREATE_FILE(
1955 0, /* root_dir_fid */
1956 smb_fname, /* fname */
1957 access_mask, /* access_mask */
1958 share_mode, /* share_access */
1959 create_disposition, /* create_disposition*/
1960 create_options, /* create_options */
1961 smb_attr, /* file_attributes */
1962 oplock_request, /* oplock_request */
1963 0, /* allocation_size */
1968 &smb_action); /* pinfo */
1970 if (!NT_STATUS_IS_OK(status)) {
1971 if (open_was_deferred(req->mid)) {
1972 /* We have re-scheduled this call. */
1975 reply_openerror(req, status);
1979 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1980 if the file is truncated or created. */
1981 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1982 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1983 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1984 close_file(req, fsp, ERROR_CLOSE);
1985 reply_nterror(req, NT_STATUS_DISK_FULL);
1988 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1990 close_file(req, fsp, ERROR_CLOSE);
1991 reply_nterror(req, NT_STATUS_DISK_FULL);
1994 status = vfs_stat_fsp(fsp);
1995 if (!NT_STATUS_IS_OK(status)) {
1996 close_file(req, fsp, ERROR_CLOSE);
1997 reply_nterror(req, status);
2002 fattr = dos_mode(conn, fsp->fsp_name);
2003 mtime = convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime);
2005 close_file(req, fsp, ERROR_CLOSE);
2006 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2010 /* If the caller set the extended oplock request bit
2011 and we granted one (by whatever means) - set the
2012 correct bit for extended oplock reply.
2015 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2016 smb_action |= EXTENDED_OPLOCK_GRANTED;
2019 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2020 smb_action |= EXTENDED_OPLOCK_GRANTED;
2023 /* If the caller set the core oplock request bit
2024 and we granted one (by whatever means) - set the
2025 correct bit for core oplock reply.
2028 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2029 reply_outbuf(req, 19, 0);
2031 reply_outbuf(req, 15, 0);
2034 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2035 SCVAL(req->outbuf, smb_flg,
2036 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2039 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2040 SCVAL(req->outbuf, smb_flg,
2041 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2044 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2045 SSVAL(req->outbuf,smb_vwv3,fattr);
2046 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2047 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2049 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2051 SIVAL(req->outbuf,smb_vwv6,(uint32)fsp->fsp_name->st.st_ex_size);
2052 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2053 SSVAL(req->outbuf,smb_vwv11,smb_action);
2055 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2056 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2061 TALLOC_FREE(smb_fname);
2062 END_PROFILE(SMBopenX);
2066 /****************************************************************************
2067 Reply to a SMBulogoffX.
2068 ****************************************************************************/
2070 void reply_ulogoffX(struct smb_request *req)
2072 struct smbd_server_connection *sconn = req->sconn;
2075 START_PROFILE(SMBulogoffX);
2077 vuser = get_valid_user_struct(sconn, req->vuid);
2080 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2084 /* in user level security we are supposed to close any files
2085 open by this user */
2086 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2087 file_close_user(sconn, req->vuid);
2090 invalidate_vuid(sconn, req->vuid);
2092 reply_outbuf(req, 2, 0);
2094 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2096 END_PROFILE(SMBulogoffX);
2097 req->vuid = UID_FIELD_INVALID;
2101 /****************************************************************************
2102 Reply to a mknew or a create.
2103 ****************************************************************************/
2105 void reply_mknew(struct smb_request *req)
2107 connection_struct *conn = req->conn;
2108 struct smb_filename *smb_fname = NULL;
2111 struct smb_file_time ft;
2113 int oplock_request = 0;
2115 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2116 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2117 uint32 create_disposition;
2118 uint32 create_options = 0;
2119 TALLOC_CTX *ctx = talloc_tos();
2121 START_PROFILE(SMBcreate);
2125 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2129 fattr = SVAL(req->vwv+0, 0);
2130 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2133 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2135 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2136 STR_TERMINATE, &status);
2137 if (!NT_STATUS_IS_OK(status)) {
2138 reply_nterror(req, status);
2142 status = filename_convert(ctx,
2144 req->flags2 & FLAGS2_DFS_PATHNAMES,
2149 if (!NT_STATUS_IS_OK(status)) {
2150 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2151 reply_botherror(req,
2152 NT_STATUS_PATH_NOT_COVERED,
2153 ERRSRV, ERRbadpath);
2156 reply_nterror(req, status);
2160 if (fattr & aVOLID) {
2161 DEBUG(0,("Attempt to create file (%s) with volid set - "
2162 "please report this\n",
2163 smb_fname_str_dbg(smb_fname)));
2166 if(req->cmd == SMBmknew) {
2167 /* We should fail if file exists. */
2168 create_disposition = FILE_CREATE;
2170 /* Create if file doesn't exist, truncate if it does. */
2171 create_disposition = FILE_OVERWRITE_IF;
2174 status = SMB_VFS_CREATE_FILE(
2177 0, /* root_dir_fid */
2178 smb_fname, /* fname */
2179 access_mask, /* access_mask */
2180 share_mode, /* share_access */
2181 create_disposition, /* create_disposition*/
2182 create_options, /* create_options */
2183 fattr, /* file_attributes */
2184 oplock_request, /* oplock_request */
2185 0, /* allocation_size */
2186 0, /* private_flags */
2192 if (!NT_STATUS_IS_OK(status)) {
2193 if (open_was_deferred(req->mid)) {
2194 /* We have re-scheduled this call. */
2197 reply_openerror(req, status);
2201 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2202 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2203 if (!NT_STATUS_IS_OK(status)) {
2204 END_PROFILE(SMBcreate);
2208 reply_outbuf(req, 1, 0);
2209 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2211 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2212 SCVAL(req->outbuf,smb_flg,
2213 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2216 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2217 SCVAL(req->outbuf,smb_flg,
2218 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2221 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2222 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2223 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2224 (unsigned int)fattr));
2227 TALLOC_FREE(smb_fname);
2228 END_PROFILE(SMBcreate);
2232 /****************************************************************************
2233 Reply to a create temporary file.
2234 ****************************************************************************/
2236 void reply_ctemp(struct smb_request *req)
2238 connection_struct *conn = req->conn;
2239 struct smb_filename *smb_fname = NULL;
2247 TALLOC_CTX *ctx = talloc_tos();
2249 START_PROFILE(SMBctemp);
2252 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2256 fattr = SVAL(req->vwv+0, 0);
2257 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2259 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2260 STR_TERMINATE, &status);
2261 if (!NT_STATUS_IS_OK(status)) {
2262 reply_nterror(req, status);
2266 fname = talloc_asprintf(ctx,
2270 fname = talloc_strdup(ctx, "TMXXXXXX");
2274 reply_nterror(req, NT_STATUS_NO_MEMORY);
2278 status = filename_convert(ctx, conn,
2279 req->flags2 & FLAGS2_DFS_PATHNAMES,
2284 if (!NT_STATUS_IS_OK(status)) {
2285 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2286 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2287 ERRSRV, ERRbadpath);
2290 reply_nterror(req, status);
2294 tmpfd = mkstemp(smb_fname->base_name);
2296 reply_nterror(req, map_nt_error_from_unix(errno));
2300 SMB_VFS_STAT(conn, smb_fname);
2302 /* We should fail if file does not exist. */
2303 status = SMB_VFS_CREATE_FILE(
2306 0, /* root_dir_fid */
2307 smb_fname, /* fname */
2308 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2309 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2310 FILE_OPEN, /* create_disposition*/
2311 0, /* create_options */
2312 fattr, /* file_attributes */
2313 oplock_request, /* oplock_request */
2314 0, /* allocation_size */
2315 0, /* private_flags */
2321 /* close fd from mkstemp() */
2324 if (!NT_STATUS_IS_OK(status)) {
2325 if (open_was_deferred(req->mid)) {
2326 /* We have re-scheduled this call. */
2329 reply_openerror(req, status);
2333 reply_outbuf(req, 1, 0);
2334 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2336 /* the returned filename is relative to the directory */
2337 s = strrchr_m(fsp->fsp_name->base_name, '/');
2339 s = fsp->fsp_name->base_name;
2345 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2346 thing in the byte section. JRA */
2347 SSVALS(p, 0, -1); /* what is this? not in spec */
2349 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2351 reply_nterror(req, NT_STATUS_NO_MEMORY);
2355 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2356 SCVAL(req->outbuf, smb_flg,
2357 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2360 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2361 SCVAL(req->outbuf, smb_flg,
2362 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2365 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2366 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2367 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2369 TALLOC_FREE(smb_fname);
2370 END_PROFILE(SMBctemp);
2374 /*******************************************************************
2375 Check if a user is allowed to rename a file.
2376 ********************************************************************/
2378 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2383 if (!CAN_WRITE(conn)) {
2384 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2387 fmode = dos_mode(conn, fsp->fsp_name);
2388 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2389 return NT_STATUS_NO_SUCH_FILE;
2392 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2393 if (fsp->posix_open) {
2394 return NT_STATUS_OK;
2397 /* If no pathnames are open below this
2398 directory, allow the rename. */
2400 if (file_find_subpath(fsp)) {
2401 return NT_STATUS_ACCESS_DENIED;
2403 return NT_STATUS_OK;
2406 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2407 return NT_STATUS_OK;
2410 return NT_STATUS_ACCESS_DENIED;
2413 /*******************************************************************
2414 * unlink a file with all relevant access checks
2415 *******************************************************************/
2417 static NTSTATUS do_unlink(connection_struct *conn,
2418 struct smb_request *req,
2419 struct smb_filename *smb_fname,
2424 uint32 dirtype_orig = dirtype;
2427 bool posix_paths = lp_posix_pathnames();
2429 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2430 smb_fname_str_dbg(smb_fname),
2433 if (!CAN_WRITE(conn)) {
2434 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2438 ret = SMB_VFS_LSTAT(conn, smb_fname);
2440 ret = SMB_VFS_STAT(conn, smb_fname);
2443 return map_nt_error_from_unix(errno);
2446 fattr = dos_mode(conn, smb_fname);
2448 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2449 dirtype = aDIR|aARCH|aRONLY;
2452 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2454 return NT_STATUS_NO_SUCH_FILE;
2457 if (!dir_check_ftype(conn, fattr, dirtype)) {
2459 return NT_STATUS_FILE_IS_A_DIRECTORY;
2461 return NT_STATUS_NO_SUCH_FILE;
2464 if (dirtype_orig & 0x8000) {
2465 /* These will never be set for POSIX. */
2466 return NT_STATUS_NO_SUCH_FILE;
2470 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2471 return NT_STATUS_FILE_IS_A_DIRECTORY;
2474 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2475 return NT_STATUS_NO_SUCH_FILE;
2478 if (dirtype & 0xFF00) {
2479 /* These will never be set for POSIX. */
2480 return NT_STATUS_NO_SUCH_FILE;
2485 return NT_STATUS_NO_SUCH_FILE;
2488 /* Can't delete a directory. */
2490 return NT_STATUS_FILE_IS_A_DIRECTORY;
2495 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2496 return NT_STATUS_OBJECT_NAME_INVALID;
2497 #endif /* JRATEST */
2499 /* On open checks the open itself will check the share mode, so
2500 don't do it here as we'll get it wrong. */
2502 status = SMB_VFS_CREATE_FILE
2505 0, /* root_dir_fid */
2506 smb_fname, /* fname */
2507 DELETE_ACCESS, /* access_mask */
2508 FILE_SHARE_NONE, /* share_access */
2509 FILE_OPEN, /* create_disposition*/
2510 FILE_NON_DIRECTORY_FILE, /* create_options */
2511 /* file_attributes */
2512 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2513 FILE_ATTRIBUTE_NORMAL,
2514 0, /* oplock_request */
2515 0, /* allocation_size */
2516 0, /* private_flags */
2522 if (!NT_STATUS_IS_OK(status)) {
2523 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2524 nt_errstr(status)));
2528 status = can_set_delete_on_close(fsp, fattr);
2529 if (!NT_STATUS_IS_OK(status)) {
2530 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2532 smb_fname_str_dbg(smb_fname),
2533 nt_errstr(status)));
2534 close_file(req, fsp, NORMAL_CLOSE);
2538 /* The set is across all open files on this dev/inode pair. */
2539 if (!set_delete_on_close(fsp, True, &conn->session_info->utok)) {
2540 close_file(req, fsp, NORMAL_CLOSE);
2541 return NT_STATUS_ACCESS_DENIED;
2544 return close_file(req, fsp, NORMAL_CLOSE);
2547 /****************************************************************************
2548 The guts of the unlink command, split out so it may be called by the NT SMB
2550 ****************************************************************************/
2552 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2553 uint32 dirtype, struct smb_filename *smb_fname,
2556 char *fname_dir = NULL;
2557 char *fname_mask = NULL;
2559 NTSTATUS status = NT_STATUS_OK;
2560 TALLOC_CTX *ctx = talloc_tos();
2562 /* Split up the directory from the filename/mask. */
2563 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2564 &fname_dir, &fname_mask);
2565 if (!NT_STATUS_IS_OK(status)) {
2570 * We should only check the mangled cache
2571 * here if unix_convert failed. This means
2572 * that the path in 'mask' doesn't exist
2573 * on the file system and so we need to look
2574 * for a possible mangle. This patch from
2575 * Tine Smukavec <valentin.smukavec@hermes.si>.
2578 if (!VALID_STAT(smb_fname->st) &&
2579 mangle_is_mangled(fname_mask, conn->params)) {
2580 char *new_mask = NULL;
2581 mangle_lookup_name_from_8_3(ctx, fname_mask,
2582 &new_mask, conn->params);
2584 TALLOC_FREE(fname_mask);
2585 fname_mask = new_mask;
2592 * Only one file needs to be unlinked. Append the mask back
2593 * onto the directory.
2595 TALLOC_FREE(smb_fname->base_name);
2596 if (ISDOT(fname_dir)) {
2597 /* Ensure we use canonical names on open. */
2598 smb_fname->base_name = talloc_asprintf(smb_fname,
2602 smb_fname->base_name = talloc_asprintf(smb_fname,
2607 if (!smb_fname->base_name) {
2608 status = NT_STATUS_NO_MEMORY;
2612 dirtype = FILE_ATTRIBUTE_NORMAL;
2615 status = check_name(conn, smb_fname->base_name);
2616 if (!NT_STATUS_IS_OK(status)) {
2620 status = do_unlink(conn, req, smb_fname, dirtype);
2621 if (!NT_STATUS_IS_OK(status)) {
2627 struct smb_Dir *dir_hnd = NULL;
2629 const char *dname = NULL;
2630 char *talloced = NULL;
2632 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2633 status = NT_STATUS_OBJECT_NAME_INVALID;
2637 if (strequal(fname_mask,"????????.???")) {
2638 TALLOC_FREE(fname_mask);
2639 fname_mask = talloc_strdup(ctx, "*");
2641 status = NT_STATUS_NO_MEMORY;
2646 status = check_name(conn, fname_dir);
2647 if (!NT_STATUS_IS_OK(status)) {
2651 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2653 if (dir_hnd == NULL) {
2654 status = map_nt_error_from_unix(errno);
2658 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2659 the pattern matches against the long name, otherwise the short name
2660 We don't implement this yet XXXX
2663 status = NT_STATUS_NO_SUCH_FILE;
2665 while ((dname = ReadDirName(dir_hnd, &offset,
2666 &smb_fname->st, &talloced))) {
2667 TALLOC_CTX *frame = talloc_stackframe();
2669 if (!is_visible_file(conn, fname_dir, dname,
2670 &smb_fname->st, true)) {
2672 TALLOC_FREE(talloced);
2676 /* Quick check for "." and ".." */
2677 if (ISDOT(dname) || ISDOTDOT(dname)) {
2679 TALLOC_FREE(talloced);
2683 if(!mask_match(dname, fname_mask,
2684 conn->case_sensitive)) {
2686 TALLOC_FREE(talloced);
2690 TALLOC_FREE(smb_fname->base_name);
2691 if (ISDOT(fname_dir)) {
2692 /* Ensure we use canonical names on open. */
2693 smb_fname->base_name =
2694 talloc_asprintf(smb_fname, "%s",
2697 smb_fname->base_name =
2698 talloc_asprintf(smb_fname, "%s/%s",
2702 if (!smb_fname->base_name) {
2703 TALLOC_FREE(dir_hnd);
2704 status = NT_STATUS_NO_MEMORY;
2706 TALLOC_FREE(talloced);
2710 status = check_name(conn, smb_fname->base_name);
2711 if (!NT_STATUS_IS_OK(status)) {
2712 TALLOC_FREE(dir_hnd);
2714 TALLOC_FREE(talloced);
2718 status = do_unlink(conn, req, smb_fname, dirtype);
2719 if (!NT_STATUS_IS_OK(status)) {
2721 TALLOC_FREE(talloced);
2726 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2727 smb_fname->base_name));
2730 TALLOC_FREE(talloced);
2732 TALLOC_FREE(dir_hnd);
2735 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2736 status = map_nt_error_from_unix(errno);
2740 TALLOC_FREE(fname_dir);
2741 TALLOC_FREE(fname_mask);
2745 /****************************************************************************
2747 ****************************************************************************/
2749 void reply_unlink(struct smb_request *req)
2751 connection_struct *conn = req->conn;
2753 struct smb_filename *smb_fname = NULL;
2756 bool path_contains_wcard = False;
2757 TALLOC_CTX *ctx = talloc_tos();
2759 START_PROFILE(SMBunlink);
2762 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2766 dirtype = SVAL(req->vwv+0, 0);
2768 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2769 STR_TERMINATE, &status,
2770 &path_contains_wcard);
2771 if (!NT_STATUS_IS_OK(status)) {
2772 reply_nterror(req, status);
2776 status = filename_convert(ctx, conn,
2777 req->flags2 & FLAGS2_DFS_PATHNAMES,
2779 UCF_COND_ALLOW_WCARD_LCOMP,
2780 &path_contains_wcard,
2782 if (!NT_STATUS_IS_OK(status)) {
2783 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2784 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2785 ERRSRV, ERRbadpath);
2788 reply_nterror(req, status);
2792 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2794 status = unlink_internals(conn, req, dirtype, smb_fname,
2795 path_contains_wcard);
2796 if (!NT_STATUS_IS_OK(status)) {
2797 if (open_was_deferred(req->mid)) {
2798 /* We have re-scheduled this call. */
2801 reply_nterror(req, status);
2805 reply_outbuf(req, 0, 0);
2807 TALLOC_FREE(smb_fname);
2808 END_PROFILE(SMBunlink);
2812 /****************************************************************************
2814 ****************************************************************************/
2816 static void fail_readraw(void)
2818 const char *errstr = talloc_asprintf(talloc_tos(),
2819 "FAIL ! reply_readbraw: socket write fail (%s)",
2824 exit_server_cleanly(errstr);
2827 /****************************************************************************
2828 Fake (read/write) sendfile. Returns -1 on read or write fail.
2829 ****************************************************************************/
2831 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
2834 size_t tosend = nread;
2841 bufsize = MIN(nread, 65536);
2843 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2847 while (tosend > 0) {
2851 if (tosend > bufsize) {
2856 ret = read_file(fsp,buf,startpos,cur_read);
2862 /* If we had a short read, fill with zeros. */
2863 if (ret < cur_read) {
2864 memset(buf + ret, '\0', cur_read - ret);
2867 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2869 char addr[INET6_ADDRSTRLEN];
2871 * Try and give an error message saying what
2874 DEBUG(0, ("write_data failed for client %s. "
2876 get_peer_addr(fsp->conn->sconn->sock, addr,
2883 startpos += cur_read;
2887 return (ssize_t)nread;
2890 /****************************************************************************
2891 Deal with the case of sendfile reading less bytes from the file than
2892 requested. Fill with zeros (all we can do).
2893 ****************************************************************************/
2895 void sendfile_short_send(files_struct *fsp,
2900 #define SHORT_SEND_BUFSIZE 1024
2901 if (nread < headersize) {
2902 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2903 "header for file %s (%s). Terminating\n",
2904 fsp_str_dbg(fsp), strerror(errno)));
2905 exit_server_cleanly("sendfile_short_send failed");
2908 nread -= headersize;
2910 if (nread < smb_maxcnt) {
2911 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2913 exit_server_cleanly("sendfile_short_send: "
2917 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2918 "with zeros !\n", fsp_str_dbg(fsp)));
2920 while (nread < smb_maxcnt) {
2922 * We asked for the real file size and told sendfile
2923 * to not go beyond the end of the file. But it can
2924 * happen that in between our fstat call and the
2925 * sendfile call the file was truncated. This is very
2926 * bad because we have already announced the larger
2927 * number of bytes to the client.
2929 * The best we can do now is to send 0-bytes, just as
2930 * a read from a hole in a sparse file would do.
2932 * This should happen rarely enough that I don't care
2933 * about efficiency here :-)
2937 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2938 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2940 char addr[INET6_ADDRSTRLEN];
2942 * Try and give an error message saying what
2945 DEBUG(0, ("write_data failed for client %s. "
2948 fsp->conn->sconn->sock, addr,
2951 exit_server_cleanly("sendfile_short_send: "
2952 "write_data failed");
2960 /****************************************************************************
2961 Return a readbraw error (4 bytes of zero).
2962 ****************************************************************************/
2964 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2970 smbd_lock_socket(sconn);
2971 if (write_data(sconn->sock,header,4) != 4) {
2972 char addr[INET6_ADDRSTRLEN];
2974 * Try and give an error message saying what
2977 DEBUG(0, ("write_data failed for client %s. "
2979 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2984 smbd_unlock_socket(sconn);
2987 /****************************************************************************
2988 Use sendfile in readbraw.
2989 ****************************************************************************/
2991 static void send_file_readbraw(connection_struct *conn,
2992 struct smb_request *req,
2998 struct smbd_server_connection *sconn = req->sconn;
2999 char *outbuf = NULL;
3003 * We can only use sendfile on a non-chained packet
3004 * but we can use on a non-oplocked file. tridge proved this
3005 * on a train in Germany :-). JRA.
3006 * reply_readbraw has already checked the length.
3009 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
3010 (fsp->wcp == NULL) &&
3011 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3012 ssize_t sendfile_read = -1;
3014 DATA_BLOB header_blob;
3016 _smb_setlen(header,nread);
3017 header_blob = data_blob_const(header, 4);
3019 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
3020 &header_blob, startpos,
3022 if (sendfile_read == -1) {
3023 /* Returning ENOSYS means no data at all was sent.
3024 * Do this as a normal read. */
3025 if (errno == ENOSYS) {
3026 goto normal_readbraw;
3030 * Special hack for broken Linux with no working sendfile. If we
3031 * return EINTR we sent the header but not the rest of the data.
3032 * Fake this up by doing read/write calls.
3034 if (errno == EINTR) {
3035 /* Ensure we don't do this again. */
3036 set_use_sendfile(SNUM(conn), False);
3037 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3039 if (fake_sendfile(fsp, startpos, nread) == -1) {
3040 DEBUG(0,("send_file_readbraw: "
3041 "fake_sendfile failed for "
3045 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3050 DEBUG(0,("send_file_readbraw: sendfile failed for "
3051 "file %s (%s). Terminating\n",
3052 fsp_str_dbg(fsp), strerror(errno)));
3053 exit_server_cleanly("send_file_readbraw sendfile failed");
3054 } else if (sendfile_read == 0) {
3056 * Some sendfile implementations return 0 to indicate
3057 * that there was a short read, but nothing was
3058 * actually written to the socket. In this case,
3059 * fallback to the normal read path so the header gets
3060 * the correct byte count.
3062 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3063 "bytes falling back to the normal read: "
3064 "%s\n", fsp_str_dbg(fsp)));
3065 goto normal_readbraw;
3068 /* Deal with possible short send. */
3069 if (sendfile_read != 4+nread) {
3070 sendfile_short_send(fsp, sendfile_read, 4, nread);
3077 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3079 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3080 (unsigned)(nread+4)));
3081 reply_readbraw_error(sconn);
3086 ret = read_file(fsp,outbuf+4,startpos,nread);
3087 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3096 _smb_setlen(outbuf,ret);
3097 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3098 char addr[INET6_ADDRSTRLEN];
3100 * Try and give an error message saying what
3103 DEBUG(0, ("write_data failed for client %s. "
3105 get_peer_addr(fsp->conn->sconn->sock, addr,
3112 TALLOC_FREE(outbuf);
3115 /****************************************************************************
3116 Reply to a readbraw (core+ protocol).
3117 ****************************************************************************/
3119 void reply_readbraw(struct smb_request *req)
3121 connection_struct *conn = req->conn;
3122 struct smbd_server_connection *sconn = req->sconn;
3123 ssize_t maxcount,mincount;
3127 struct lock_struct lock;
3130 START_PROFILE(SMBreadbraw);
3132 if (srv_is_signing_active(sconn) ||
3133 is_encrypted_packet(req->inbuf)) {
3134 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3135 "raw reads/writes are disallowed.");
3139 reply_readbraw_error(sconn);
3140 END_PROFILE(SMBreadbraw);
3144 if (sconn->smb1.echo_handler.trusted_fde) {
3145 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3146 "'async smb echo handler = yes'\n"));
3147 reply_readbraw_error(sconn);
3148 END_PROFILE(SMBreadbraw);
3153 * Special check if an oplock break has been issued
3154 * and the readraw request croses on the wire, we must
3155 * return a zero length response here.
3158 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3161 * We have to do a check_fsp by hand here, as
3162 * we must always return 4 zero bytes on error,
3166 if (!fsp || !conn || conn != fsp->conn ||
3167 req->vuid != fsp->vuid ||
3168 fsp->is_directory || fsp->fh->fd == -1) {
3170 * fsp could be NULL here so use the value from the packet. JRA.
3172 DEBUG(3,("reply_readbraw: fnum %d not valid "
3174 (int)SVAL(req->vwv+0, 0)));
3175 reply_readbraw_error(sconn);
3176 END_PROFILE(SMBreadbraw);
3180 /* Do a "by hand" version of CHECK_READ. */
3181 if (!(fsp->can_read ||
3182 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3183 (fsp->access_mask & FILE_EXECUTE)))) {
3184 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3185 (int)SVAL(req->vwv+0, 0)));
3186 reply_readbraw_error(sconn);
3187 END_PROFILE(SMBreadbraw);
3191 flush_write_cache(fsp, READRAW_FLUSH);
3193 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3194 if(req->wct == 10) {
3196 * This is a large offset (64 bit) read.
3198 #ifdef LARGE_SMB_OFF_T
3200 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3202 #else /* !LARGE_SMB_OFF_T */
3205 * Ensure we haven't been sent a >32 bit offset.
3208 if(IVAL(req->vwv+8, 0) != 0) {
3209 DEBUG(0,("reply_readbraw: large offset "
3210 "(%x << 32) used and we don't support "
3211 "64 bit offsets.\n",
3212 (unsigned int)IVAL(req->vwv+8, 0) ));
3213 reply_readbraw_error();
3214 END_PROFILE(SMBreadbraw);
3218 #endif /* LARGE_SMB_OFF_T */
3221 DEBUG(0,("reply_readbraw: negative 64 bit "
3222 "readraw offset (%.0f) !\n",
3223 (double)startpos ));
3224 reply_readbraw_error(sconn);
3225 END_PROFILE(SMBreadbraw);
3230 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3231 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3233 /* ensure we don't overrun the packet size */
3234 maxcount = MIN(65535,maxcount);
3236 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3237 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3240 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3241 reply_readbraw_error(sconn);
3242 END_PROFILE(SMBreadbraw);
3246 if (fsp_stat(fsp) == 0) {
3247 size = fsp->fsp_name->st.st_ex_size;
3250 if (startpos >= size) {
3253 nread = MIN(maxcount,(size - startpos));
3256 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3257 if (nread < mincount)
3261 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3262 "min=%lu nread=%lu\n",
3263 fsp->fnum, (double)startpos,
3264 (unsigned long)maxcount,
3265 (unsigned long)mincount,
3266 (unsigned long)nread ) );
3268 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3270 DEBUG(5,("reply_readbraw finished\n"));
3272 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3274 END_PROFILE(SMBreadbraw);
3279 #define DBGC_CLASS DBGC_LOCKING
3281 /****************************************************************************
3282 Reply to a lockread (core+ protocol).
3283 ****************************************************************************/
3285 void reply_lockread(struct smb_request *req)
3287 connection_struct *conn = req->conn;
3294 struct byte_range_lock *br_lck = NULL;
3296 struct smbd_server_connection *sconn = req->sconn;
3298 START_PROFILE(SMBlockread);
3301 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3302 END_PROFILE(SMBlockread);
3306 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3308 if (!check_fsp(conn, req, fsp)) {
3309 END_PROFILE(SMBlockread);
3313 if (!CHECK_READ(fsp,req)) {
3314 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3315 END_PROFILE(SMBlockread);
3319 numtoread = SVAL(req->vwv+1, 0);
3320 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3322 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3324 reply_outbuf(req, 5, numtoread + 3);
3326 data = smb_buf(req->outbuf) + 3;
3329 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3330 * protocol request that predates the read/write lock concept.
3331 * Thus instead of asking for a read lock here we need to ask
3332 * for a write lock. JRA.
3333 * Note that the requested lock size is unaffected by max_recv.
3336 br_lck = do_lock(req->sconn->msg_ctx,
3338 (uint64_t)req->smbpid,
3339 (uint64_t)numtoread,
3343 False, /* Non-blocking lock. */
3347 TALLOC_FREE(br_lck);
3349 if (NT_STATUS_V(status)) {
3350 reply_nterror(req, status);
3351 END_PROFILE(SMBlockread);
3356 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3359 if (numtoread > sconn->smb1.negprot.max_recv) {
3360 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3361 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3362 (unsigned int)numtoread,
3363 (unsigned int)sconn->smb1.negprot.max_recv));
3364 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3366 nread = read_file(fsp,data,startpos,numtoread);
3369 reply_nterror(req, map_nt_error_from_unix(errno));
3370 END_PROFILE(SMBlockread);
3374 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3376 SSVAL(req->outbuf,smb_vwv0,nread);
3377 SSVAL(req->outbuf,smb_vwv5,nread+3);
3378 p = smb_buf(req->outbuf);
3379 SCVAL(p,0,0); /* pad byte. */
3382 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3383 fsp->fnum, (int)numtoread, (int)nread));
3385 END_PROFILE(SMBlockread);
3390 #define DBGC_CLASS DBGC_ALL
3392 /****************************************************************************
3394 ****************************************************************************/
3396 void reply_read(struct smb_request *req)
3398 connection_struct *conn = req->conn;
3405 struct lock_struct lock;
3406 struct smbd_server_connection *sconn = req->sconn;
3408 START_PROFILE(SMBread);
3411 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3412 END_PROFILE(SMBread);
3416 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3418 if (!check_fsp(conn, req, fsp)) {
3419 END_PROFILE(SMBread);
3423 if (!CHECK_READ(fsp,req)) {
3424 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3425 END_PROFILE(SMBread);
3429 numtoread = SVAL(req->vwv+1, 0);
3430 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3432 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3435 * The requested read size cannot be greater than max_recv. JRA.
3437 if (numtoread > sconn->smb1.negprot.max_recv) {
3438 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3439 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3440 (unsigned int)numtoread,
3441 (unsigned int)sconn->smb1.negprot.max_recv));
3442 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3445 reply_outbuf(req, 5, numtoread+3);
3447 data = smb_buf(req->outbuf) + 3;
3449 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3450 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3453 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3454 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3455 END_PROFILE(SMBread);
3460 nread = read_file(fsp,data,startpos,numtoread);
3463 reply_nterror(req, map_nt_error_from_unix(errno));
3467 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3469 SSVAL(req->outbuf,smb_vwv0,nread);
3470 SSVAL(req->outbuf,smb_vwv5,nread+3);
3471 SCVAL(smb_buf(req->outbuf),0,1);
3472 SSVAL(smb_buf(req->outbuf),1,nread);
3474 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3475 fsp->fnum, (int)numtoread, (int)nread ) );
3478 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3480 END_PROFILE(SMBread);
3484 /****************************************************************************
3486 ****************************************************************************/
3488 static int setup_readX_header(struct smb_request *req, char *outbuf,
3494 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3495 data = smb_buf(outbuf);
3497 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3499 SCVAL(outbuf,smb_vwv0,0xFF);
3500 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3501 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3502 SSVAL(outbuf,smb_vwv6,
3504 + 1 /* the wct field */
3505 + 12 * sizeof(uint16_t) /* vwv */
3506 + 2); /* the buflen field */
3507 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3508 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3509 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3510 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3514 /****************************************************************************
3515 Reply to a read and X - possibly using sendfile.
3516 ****************************************************************************/
3518 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3519 files_struct *fsp, SMB_OFF_T startpos,
3523 struct lock_struct lock;
3524 int saved_errno = 0;
3526 if(fsp_stat(fsp) == -1) {
3527 reply_nterror(req, map_nt_error_from_unix(errno));
3531 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3532 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3535 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3536 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3540 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3541 (startpos > fsp->fsp_name->st.st_ex_size)
3542 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3544 * We already know that we would do a short read, so don't
3545 * try the sendfile() path.
3547 goto nosendfile_read;
3551 * We can only use sendfile on a non-chained packet
3552 * but we can use on a non-oplocked file. tridge proved this
3553 * on a train in Germany :-). JRA.
3556 if (!req_is_in_chain(req) &&
3557 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3558 (fsp->wcp == NULL) &&
3559 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3560 uint8 headerbuf[smb_size + 12 * 2];
3564 * Set up the packet header before send. We
3565 * assume here the sendfile will work (get the
3566 * correct amount of data).
3569 header = data_blob_const(headerbuf, sizeof(headerbuf));
3571 construct_reply_common_req(req, (char *)headerbuf);
3572 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3574 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3575 startpos, smb_maxcnt);
3577 /* Returning ENOSYS means no data at all was sent.
3578 Do this as a normal read. */
3579 if (errno == ENOSYS) {
3584 * Special hack for broken Linux with no working sendfile. If we
3585 * return EINTR we sent the header but not the rest of the data.
3586 * Fake this up by doing read/write calls.
3589 if (errno == EINTR) {
3590 /* Ensure we don't do this again. */
3591 set_use_sendfile(SNUM(conn), False);
3592 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3593 nread = fake_sendfile(fsp, startpos,
3596 DEBUG(0,("send_file_readX: "
3597 "fake_sendfile failed for "
3601 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3603 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3604 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3605 /* No outbuf here means successful sendfile. */
3609 DEBUG(0,("send_file_readX: sendfile failed for file "
3610 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3612 exit_server_cleanly("send_file_readX sendfile failed");
3613 } else if (nread == 0) {
3615 * Some sendfile implementations return 0 to indicate
3616 * that there was a short read, but nothing was
3617 * actually written to the socket. In this case,
3618 * fallback to the normal read path so the header gets
3619 * the correct byte count.
3621 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3622 "falling back to the normal read: %s\n",
3627 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3628 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3630 /* Deal with possible short send. */
3631 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3632 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3634 /* No outbuf here means successful sendfile. */
3635 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3636 SMB_PERFCOUNT_END(&req->pcd);
3642 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3643 uint8 headerbuf[smb_size + 2*12];
3645 construct_reply_common_req(req, (char *)headerbuf);
3646 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3648 /* Send out the header. */
3649 if (write_data(req->sconn->sock, (char *)headerbuf,
3650 sizeof(headerbuf)) != sizeof(headerbuf)) {
3652 char addr[INET6_ADDRSTRLEN];
3654 * Try and give an error message saying what
3657 DEBUG(0, ("write_data failed for client %s. "
3659 get_peer_addr(req->sconn->sock, addr,
3663 DEBUG(0,("send_file_readX: write_data failed for file "
3664 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3666 exit_server_cleanly("send_file_readX sendfile failed");
3668 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3670 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3671 "file %s (%s).\n", fsp_str_dbg(fsp),
3673 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3680 reply_outbuf(req, 12, smb_maxcnt);
3682 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3683 saved_errno = errno;
3685 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3688 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3692 setup_readX_header(req, (char *)req->outbuf, nread);
3694 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3695 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3701 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3702 TALLOC_FREE(req->outbuf);
3706 /****************************************************************************
3707 Reply to a read and X.
3708 ****************************************************************************/
3710 void reply_read_and_X(struct smb_request *req)
3712 connection_struct *conn = req->conn;
3716 bool big_readX = False;
3718 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3721 START_PROFILE(SMBreadX);
3723 if ((req->wct != 10) && (req->wct != 12)) {
3724 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3728 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3729 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3730 smb_maxcnt = SVAL(req->vwv+5, 0);
3732 /* If it's an IPC, pass off the pipe handler. */
3734 reply_pipe_read_and_X(req);
3735 END_PROFILE(SMBreadX);
3739 if (!check_fsp(conn, req, fsp)) {
3740 END_PROFILE(SMBreadX);
3744 if (!CHECK_READ(fsp,req)) {
3745 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3746 END_PROFILE(SMBreadX);
3750 if (global_client_caps & CAP_LARGE_READX) {
3751 size_t upper_size = SVAL(req->vwv+7, 0);
3752 smb_maxcnt |= (upper_size<<16);
3753 if (upper_size > 1) {
3754 /* Can't do this on a chained packet. */
3755 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3756 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3757 END_PROFILE(SMBreadX);
3760 /* We currently don't do this on signed or sealed data. */
3761 if (srv_is_signing_active(req->sconn) ||
3762 is_encrypted_packet(req->inbuf)) {
3763 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3764 END_PROFILE(SMBreadX);
3767 /* Is there room in the reply for this data ? */
3768 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3770 NT_STATUS_INVALID_PARAMETER);
3771 END_PROFILE(SMBreadX);
3778 if (req->wct == 12) {
3779 #ifdef LARGE_SMB_OFF_T
3781 * This is a large offset (64 bit) read.
3783 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3785 #else /* !LARGE_SMB_OFF_T */
3788 * Ensure we haven't been sent a >32 bit offset.
3791 if(IVAL(req->vwv+10, 0) != 0) {
3792 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3793 "used and we don't support 64 bit offsets.\n",
3794 (unsigned int)IVAL(req->vwv+10, 0) ));
3795 END_PROFILE(SMBreadX);
3796 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3800 #endif /* LARGE_SMB_OFF_T */
3805 NTSTATUS status = schedule_aio_read_and_X(conn,
3810 if (NT_STATUS_IS_OK(status)) {
3811 /* Read scheduled - we're done. */
3814 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3815 /* Real error - report to client. */
3816 END_PROFILE(SMBreadX);
3817 reply_nterror(req, status);
3820 /* NT_STATUS_RETRY - fall back to sync read. */
3823 smbd_lock_socket(req->sconn);
3824 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3825 smbd_unlock_socket(req->sconn);
3828 END_PROFILE(SMBreadX);
3832 /****************************************************************************
3833 Error replies to writebraw must have smb_wct == 1. Fix this up.
3834 ****************************************************************************/
3836 void error_to_writebrawerr(struct smb_request *req)
3838 uint8 *old_outbuf = req->outbuf;
3840 reply_outbuf(req, 1, 0);
3842 memcpy(req->outbuf, old_outbuf, smb_size);
3843 TALLOC_FREE(old_outbuf);
3846 /****************************************************************************
3847 Read 4 bytes of a smb packet and return the smb length of the packet.
3848 Store the result in the buffer. This version of the function will
3849 never return a session keepalive (length of zero).
3850 Timeout is in milliseconds.
3851 ****************************************************************************/
3853 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3856 uint8_t msgtype = SMBkeepalive;
3858 while (msgtype == SMBkeepalive) {
3861 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3863 if (!NT_STATUS_IS_OK(status)) {
3864 char addr[INET6_ADDRSTRLEN];
3865 /* Try and give an error message
3866 * saying what client failed. */
3867 DEBUG(0, ("read_fd_with_timeout failed for "
3868 "client %s read error = %s.\n",
3869 get_peer_addr(fd,addr,sizeof(addr)),
3870 nt_errstr(status)));
3874 msgtype = CVAL(inbuf, 0);
3877 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3878 (unsigned long)len));
3880 return NT_STATUS_OK;
3883 /****************************************************************************
3884 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3885 ****************************************************************************/
3887 void reply_writebraw(struct smb_request *req)
3889 connection_struct *conn = req->conn;
3892 ssize_t total_written=0;
3893 size_t numtowrite=0;
3899 struct lock_struct lock;
3902 START_PROFILE(SMBwritebraw);
3905 * If we ever reply with an error, it must have the SMB command
3906 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3909 SCVAL(req->inbuf,smb_com,SMBwritec);
3911 if (srv_is_signing_active(req->sconn)) {
3912 END_PROFILE(SMBwritebraw);
3913 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3914 "raw reads/writes are disallowed.");
3917 if (req->wct < 12) {
3918 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3919 error_to_writebrawerr(req);
3920 END_PROFILE(SMBwritebraw);
3924 if (req->sconn->smb1.echo_handler.trusted_fde) {
3925 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3926 "'async smb echo handler = yes'\n"));
3927 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3928 error_to_writebrawerr(req);
3929 END_PROFILE(SMBwritebraw);
3933 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3934 if (!check_fsp(conn, req, fsp)) {
3935 error_to_writebrawerr(req);
3936 END_PROFILE(SMBwritebraw);
3940 if (!CHECK_WRITE(fsp)) {
3941 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3942 error_to_writebrawerr(req);
3943 END_PROFILE(SMBwritebraw);
3947 tcount = IVAL(req->vwv+1, 0);
3948 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3949 write_through = BITSETW(req->vwv+7,0);
3951 /* We have to deal with slightly different formats depending
3952 on whether we are using the core+ or lanman1.0 protocol */
3954 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3955 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3956 data = smb_buf(req->inbuf);
3958 numtowrite = SVAL(req->vwv+10, 0);
3959 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3962 /* Ensure we don't write bytes past the end of this packet. */
3963 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3964 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3965 error_to_writebrawerr(req);
3966 END_PROFILE(SMBwritebraw);
3970 if (!fsp->print_file) {
3971 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3972 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3975 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3976 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3977 error_to_writebrawerr(req);
3978 END_PROFILE(SMBwritebraw);
3984 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3987 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3988 "wrote=%d sync=%d\n",
3989 fsp->fnum, (double)startpos, (int)numtowrite,
3990 (int)nwritten, (int)write_through));
3992 if (nwritten < (ssize_t)numtowrite) {
3993 reply_nterror(req, NT_STATUS_DISK_FULL);
3994 error_to_writebrawerr(req);
3998 total_written = nwritten;
4000 /* Allocate a buffer of 64k + length. */
4001 buf = TALLOC_ARRAY(NULL, char, 65540);
4003 reply_nterror(req, NT_STATUS_NO_MEMORY);
4004 error_to_writebrawerr(req);
4008 /* Return a SMBwritebraw message to the redirector to tell
4009 * it to send more bytes */
4011 memcpy(buf, req->inbuf, smb_size);
4012 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
4013 SCVAL(buf,smb_com,SMBwritebraw);
4014 SSVALS(buf,smb_vwv0,0xFFFF);
4016 if (!srv_send_smb(req->sconn,
4018 false, 0, /* no signing */
4019 IS_CONN_ENCRYPTED(conn),
4021 exit_server_cleanly("reply_writebraw: srv_send_smb "
4025 /* Now read the raw data into the buffer and write it */
4026 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4028 if (!NT_STATUS_IS_OK(status)) {
4029 exit_server_cleanly("secondary writebraw failed");
4032 /* Set up outbuf to return the correct size */
4033 reply_outbuf(req, 1, 0);
4035 if (numtowrite != 0) {
4037 if (numtowrite > 0xFFFF) {
4038 DEBUG(0,("reply_writebraw: Oversize secondary write "
4039 "raw requested (%u). Terminating\n",
4040 (unsigned int)numtowrite ));
4041 exit_server_cleanly("secondary writebraw failed");
4044 if (tcount > nwritten+numtowrite) {
4045 DEBUG(3,("reply_writebraw: Client overestimated the "
4047 (int)tcount,(int)nwritten,(int)numtowrite));
4050 status = read_data(req->sconn->sock, buf+4, numtowrite);
4052 if (!NT_STATUS_IS_OK(status)) {
4053 char addr[INET6_ADDRSTRLEN];
4054 /* Try and give an error message
4055 * saying what client failed. */
4056 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4057 "raw read failed (%s) for client %s. "
4058 "Terminating\n", nt_errstr(status),
4059 get_peer_addr(req->sconn->sock, addr,
4061 exit_server_cleanly("secondary writebraw failed");
4064 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4065 if (nwritten == -1) {
4067 reply_nterror(req, map_nt_error_from_unix(errno));
4068 error_to_writebrawerr(req);
4072 if (nwritten < (ssize_t)numtowrite) {
4073 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4074 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4078 total_written += nwritten;
4083 SSVAL(req->outbuf,smb_vwv0,total_written);
4085 status = sync_file(conn, fsp, write_through);
4086 if (!NT_STATUS_IS_OK(status)) {
4087 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4088 fsp_str_dbg(fsp), nt_errstr(status)));
4089 reply_nterror(req, status);
4090 error_to_writebrawerr(req);
4094 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4096 fsp->fnum, (double)startpos, (int)numtowrite,
4097 (int)total_written));
4099 if (!fsp->print_file) {
4100 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4103 /* We won't return a status if write through is not selected - this
4104 * follows what WfWg does */
4105 END_PROFILE(SMBwritebraw);
4107 if (!write_through && total_written==tcount) {
4109 #if RABBIT_PELLET_FIX
4111 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4112 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4115 if (!send_keepalive(req->sconn->sock)) {
4116 exit_server_cleanly("reply_writebraw: send of "
4117 "keepalive failed");
4120 TALLOC_FREE(req->outbuf);
4125 if (!fsp->print_file) {
4126 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4129 END_PROFILE(SMBwritebraw);
4134 #define DBGC_CLASS DBGC_LOCKING
4136 /****************************************************************************
4137 Reply to a writeunlock (core+).
4138 ****************************************************************************/
4140 void reply_writeunlock(struct smb_request *req)
4142 connection_struct *conn = req->conn;
4143 ssize_t nwritten = -1;
4147 NTSTATUS status = NT_STATUS_OK;
4149 struct lock_struct lock;
4150 int saved_errno = 0;
4152 START_PROFILE(SMBwriteunlock);
4155 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4156 END_PROFILE(SMBwriteunlock);
4160 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4162 if (!check_fsp(conn, req, fsp)) {
4163 END_PROFILE(SMBwriteunlock);
4167 if (!CHECK_WRITE(fsp)) {
4168 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4169 END_PROFILE(SMBwriteunlock);
4173 numtowrite = SVAL(req->vwv+1, 0);
4174 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4175 data = (const char *)req->buf + 3;
4177 if (!fsp->print_file && numtowrite > 0) {
4178 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4179 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4182 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4183 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4184 END_PROFILE(SMBwriteunlock);
4189 /* The special X/Open SMB protocol handling of
4190 zero length writes is *NOT* done for
4192 if(numtowrite == 0) {
4195 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4196 saved_errno = errno;
4199 status = sync_file(conn, fsp, False /* write through */);
4200 if (!NT_STATUS_IS_OK(status)) {
4201 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4202 fsp_str_dbg(fsp), nt_errstr(status)));
4203 reply_nterror(req, status);
4208 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4212 if((nwritten < numtowrite) && (numtowrite != 0)) {
4213 reply_nterror(req, NT_STATUS_DISK_FULL);
4217 if (numtowrite && !fsp->print_file) {
4218 status = do_unlock(req->sconn->msg_ctx,
4220 (uint64_t)req->smbpid,
4221 (uint64_t)numtowrite,
4225 if (NT_STATUS_V(status)) {
4226 reply_nterror(req, status);
4231 reply_outbuf(req, 1, 0);
4233 SSVAL(req->outbuf,smb_vwv0,nwritten);
4235 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4236 fsp->fnum, (int)numtowrite, (int)nwritten));
4239 if (numtowrite && !fsp->print_file) {
4240 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4243 END_PROFILE(SMBwriteunlock);
4248 #define DBGC_CLASS DBGC_ALL
4250 /****************************************************************************
4252 ****************************************************************************/
4254 void reply_write(struct smb_request *req)
4256 connection_struct *conn = req->conn;
4258 ssize_t nwritten = -1;
4262 struct lock_struct lock;
4264 int saved_errno = 0;
4266 START_PROFILE(SMBwrite);
4269 END_PROFILE(SMBwrite);
4270 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4274 /* If it's an IPC, pass off the pipe handler. */
4276 reply_pipe_write(req);
4277 END_PROFILE(SMBwrite);
4281 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4283 if (!check_fsp(conn, req, fsp)) {
4284 END_PROFILE(SMBwrite);
4288 if (!CHECK_WRITE(fsp)) {
4289 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4290 END_PROFILE(SMBwrite);
4294 numtowrite = SVAL(req->vwv+1, 0);
4295 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4296 data = (const char *)req->buf + 3;
4298 if (!fsp->print_file) {
4299 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4300 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4303 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4304 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4305 END_PROFILE(SMBwrite);
4311 * X/Open SMB protocol says that if smb_vwv1 is
4312 * zero then the file size should be extended or
4313 * truncated to the size given in smb_vwv[2-3].
4316 if(numtowrite == 0) {
4318 * This is actually an allocate call, and set EOF. JRA.
4320 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4322 reply_nterror(req, NT_STATUS_DISK_FULL);
4325 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4327 reply_nterror(req, NT_STATUS_DISK_FULL);
4330 trigger_write_time_update_immediate(fsp);
4332 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4335 status = sync_file(conn, fsp, False);
4336 if (!NT_STATUS_IS_OK(status)) {
4337 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4338 fsp_str_dbg(fsp), nt_errstr(status)));
4339 reply_nterror(req, status);
4344 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4348 if((nwritten == 0) && (numtowrite != 0)) {
4349 reply_nterror(req, NT_STATUS_DISK_FULL);
4353 reply_outbuf(req, 1, 0);
4355 SSVAL(req->outbuf,smb_vwv0,nwritten);
4357 if (nwritten < (ssize_t)numtowrite) {
4358 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4359 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4362 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4365 if (!fsp->print_file) {
4366 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4369 END_PROFILE(SMBwrite);
4373 /****************************************************************************
4374 Ensure a buffer is a valid writeX for recvfile purposes.
4375 ****************************************************************************/
4377 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4378 (2*14) + /* word count (including bcc) */ \
4381 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4382 const uint8_t *inbuf)
4385 connection_struct *conn = NULL;
4386 unsigned int doff = 0;
4387 size_t len = smb_len_large(inbuf);
4389 if (is_encrypted_packet(inbuf)) {
4390 /* Can't do this on encrypted
4395 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4399 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4400 CVAL(inbuf,smb_wct) != 14) {
4401 DEBUG(10,("is_valid_writeX_buffer: chained or "
4402 "invalid word length.\n"));
4406 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4408 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4412 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4415 if (IS_PRINT(conn)) {
4416 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4419 doff = SVAL(inbuf,smb_vwv11);
4421 numtowrite = SVAL(inbuf,smb_vwv10);
4423 if (len > doff && len - doff > 0xFFFF) {
4424 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4427 if (numtowrite == 0) {
4428 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4432 /* Ensure the sizes match up. */
4433 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4434 /* no pad byte...old smbclient :-( */
4435 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4437 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4441 if (len - doff != numtowrite) {
4442 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4443 "len = %u, doff = %u, numtowrite = %u\n",
4446 (unsigned int)numtowrite ));
4450 DEBUG(10,("is_valid_writeX_buffer: true "
4451 "len = %u, doff = %u, numtowrite = %u\n",
4454 (unsigned int)numtowrite ));
4459 /****************************************************************************
4460 Reply to a write and X.
4461 ****************************************************************************/
4463 void reply_write_and_X(struct smb_request *req)
4465 connection_struct *conn = req->conn;
4467 struct lock_struct lock;
4472 unsigned int smb_doff;
4473 unsigned int smblen;
4476 int saved_errno = 0;
4478 START_PROFILE(SMBwriteX);
4480 if ((req->wct != 12) && (req->wct != 14)) {
4481 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4482 END_PROFILE(SMBwriteX);
4486 numtowrite = SVAL(req->vwv+10, 0);
4487 smb_doff = SVAL(req->vwv+11, 0);
4488 smblen = smb_len(req->inbuf);
4490 if (req->unread_bytes > 0xFFFF ||
4491 (smblen > smb_doff &&
4492 smblen - smb_doff > 0xFFFF)) {
4493 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4496 if (req->unread_bytes) {
4497 /* Can't do a recvfile write on IPC$ */
4499 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4500 END_PROFILE(SMBwriteX);
4503 if (numtowrite != req->unread_bytes) {
4504 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4505 END_PROFILE(SMBwriteX);
4509 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4510 smb_doff + numtowrite > smblen) {
4511 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4512 END_PROFILE(SMBwriteX);
4517 /* If it's an IPC, pass off the pipe handler. */
4519 if (req->unread_bytes) {
4520 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4521 END_PROFILE(SMBwriteX);
4524 reply_pipe_write_and_X(req);
4525 END_PROFILE(SMBwriteX);
4529 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4530 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4531 write_through = BITSETW(req->vwv+7,0);
4533 if (!check_fsp(conn, req, fsp)) {
4534 END_PROFILE(SMBwriteX);
4538 if (!CHECK_WRITE(fsp)) {
4539 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4540 END_PROFILE(SMBwriteX);
4544 data = smb_base(req->inbuf) + smb_doff;
4546 if(req->wct == 14) {
4547 #ifdef LARGE_SMB_OFF_T
4549 * This is a large offset (64 bit) write.
4551 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4553 #else /* !LARGE_SMB_OFF_T */
4556 * Ensure we haven't been sent a >32 bit offset.
4559 if(IVAL(req->vwv+12, 0) != 0) {
4560 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4561 "used and we don't support 64 bit offsets.\n",
4562 (unsigned int)IVAL(req->vwv+12, 0) ));
4563 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4564 END_PROFILE(SMBwriteX);
4568 #endif /* LARGE_SMB_OFF_T */
4571 /* X/Open SMB protocol says that, unlike SMBwrite
4572 if the length is zero then NO truncation is
4573 done, just a write of zero. To truncate a file,
4576 if(numtowrite == 0) {
4579 if (req->unread_bytes == 0) {
4580 status = schedule_aio_write_and_X(conn,
4587 if (NT_STATUS_IS_OK(status)) {
4588 /* write scheduled - we're done. */
4591 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4592 /* Real error - report to client. */
4593 reply_nterror(req, status);
4596 /* NT_STATUS_RETRY - fall through to sync write. */
4599 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4600 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4603 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4604 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4608 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4609 saved_errno = errno;
4611 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4615 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4619 if((nwritten == 0) && (numtowrite != 0)) {
4620 reply_nterror(req, NT_STATUS_DISK_FULL);
4624 reply_outbuf(req, 6, 0);
4625 SSVAL(req->outbuf,smb_vwv2,nwritten);
4626 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4628 if (nwritten < (ssize_t)numtowrite) {
4629 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4630 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4633 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4634 fsp->fnum, (int)numtowrite, (int)nwritten));
4636 status = sync_file(conn, fsp, write_through);
4637 if (!NT_STATUS_IS_OK(status)) {
4638 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4639 fsp_str_dbg(fsp), nt_errstr(status)));
4640 reply_nterror(req, status);
4644 END_PROFILE(SMBwriteX);
4649 END_PROFILE(SMBwriteX);
4653 /****************************************************************************
4655 ****************************************************************************/
4657 void reply_lseek(struct smb_request *req)
4659 connection_struct *conn = req->conn;
4665 START_PROFILE(SMBlseek);
4668 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4669 END_PROFILE(SMBlseek);
4673 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4675 if (!check_fsp(conn, req, fsp)) {
4679 flush_write_cache(fsp, SEEK_FLUSH);
4681 mode = SVAL(req->vwv+1, 0) & 3;
4682 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4683 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4692 res = fsp->fh->pos + startpos;
4703 if (umode == SEEK_END) {
4704 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4705 if(errno == EINVAL) {
4706 SMB_OFF_T current_pos = startpos;
4708 if(fsp_stat(fsp) == -1) {
4710 map_nt_error_from_unix(errno));
4711 END_PROFILE(SMBlseek);
4715 current_pos += fsp->fsp_name->st.st_ex_size;
4717 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4722 reply_nterror(req, map_nt_error_from_unix(errno));
4723 END_PROFILE(SMBlseek);
4730 reply_outbuf(req, 2, 0);
4731 SIVAL(req->outbuf,smb_vwv0,res);
4733 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4734 fsp->fnum, (double)startpos, (double)res, mode));
4736 END_PROFILE(SMBlseek);
4740 /****************************************************************************
4742 ****************************************************************************/
4744 void reply_flush(struct smb_request *req)
4746 connection_struct *conn = req->conn;
4750 START_PROFILE(SMBflush);
4753 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4757 fnum = SVAL(req->vwv+0, 0);
4758 fsp = file_fsp(req, fnum);
4760 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4765 file_sync_all(conn);
4767 NTSTATUS status = sync_file(conn, fsp, True);
4768 if (!NT_STATUS_IS_OK(status)) {
4769 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4770 fsp_str_dbg(fsp), nt_errstr(status)));
4771 reply_nterror(req, status);
4772 END_PROFILE(SMBflush);
4777 reply_outbuf(req, 0, 0);
4779 DEBUG(3,("flush\n"));
4780 END_PROFILE(SMBflush);
4784 /****************************************************************************
4786 conn POINTER CAN BE NULL HERE !
4787 ****************************************************************************/
4789 void reply_exit(struct smb_request *req)
4791 START_PROFILE(SMBexit);
4793 file_close_pid(req->sconn, req->smbpid, req->vuid);
4795 reply_outbuf(req, 0, 0);
4797 DEBUG(3,("exit\n"));
4799 END_PROFILE(SMBexit);
4803 /****************************************************************************
4804 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4805 ****************************************************************************/
4807 void reply_close(struct smb_request *req)
4809 connection_struct *conn = req->conn;
4810 NTSTATUS status = NT_STATUS_OK;
4811 files_struct *fsp = NULL;
4812 START_PROFILE(SMBclose);
4815 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4816 END_PROFILE(SMBclose);
4820 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4823 * We can only use check_fsp if we know it's not a directory.
4826 if (!check_fsp_open(conn, req, fsp)) {
4827 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4828 END_PROFILE(SMBclose);
4832 if(fsp->is_directory) {
4834 * Special case - close NT SMB directory handle.
4836 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4837 status = close_file(req, fsp, NORMAL_CLOSE);
4841 * Close ordinary file.
4844 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4845 fsp->fh->fd, fsp->fnum,
4846 conn->num_files_open));
4849 * Take care of any time sent in the close.
4852 t = srv_make_unix_date3(req->vwv+1);
4853 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4856 * close_file() returns the unix errno if an error
4857 * was detected on close - normally this is due to
4858 * a disk full error. If not then it was probably an I/O error.
4861 status = close_file(req, fsp, NORMAL_CLOSE);
4864 if (!NT_STATUS_IS_OK(status)) {
4865 reply_nterror(req, status);
4866 END_PROFILE(SMBclose);
4870 reply_outbuf(req, 0, 0);
4871 END_PROFILE(SMBclose);
4875 /****************************************************************************
4876 Reply to a writeclose (Core+ protocol).
4877 ****************************************************************************/
4879 void reply_writeclose(struct smb_request *req)
4881 connection_struct *conn = req->conn;
4883 ssize_t nwritten = -1;
4884 NTSTATUS close_status = NT_STATUS_OK;
4887 struct timespec mtime;
4889 struct lock_struct lock;
4891 START_PROFILE(SMBwriteclose);
4894 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4895 END_PROFILE(SMBwriteclose);
4899 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4901 if (!check_fsp(conn, req, fsp)) {
4902 END_PROFILE(SMBwriteclose);
4905 if (!CHECK_WRITE(fsp)) {
4906 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4907 END_PROFILE(SMBwriteclose);
4911 numtowrite = SVAL(req->vwv+1, 0);
4912 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4913 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4914 data = (const char *)req->buf + 1;
4916 if (!fsp->print_file) {
4917 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4918 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4921 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4922 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4923 END_PROFILE(SMBwriteclose);
4928 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4930 set_close_write_time(fsp, mtime);
4933 * More insanity. W2K only closes the file if writelen > 0.
4938 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4939 "file %s\n", fsp_str_dbg(fsp)));
4940 close_status = close_file(req, fsp, NORMAL_CLOSE);
4943 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4944 fsp->fnum, (int)numtowrite, (int)nwritten,
4945 conn->num_files_open));
4947 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4948 reply_nterror(req, NT_STATUS_DISK_FULL);
4952 if(!NT_STATUS_IS_OK(close_status)) {
4953 reply_nterror(req, close_status);
4957 reply_outbuf(req, 1, 0);
4959 SSVAL(req->outbuf,smb_vwv0,nwritten);
4962 if (numtowrite && !fsp->print_file) {
4963 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4966 END_PROFILE(SMBwriteclose);
4971 #define DBGC_CLASS DBGC_LOCKING
4973 /****************************************************************************
4975 ****************************************************************************/
4977 void reply_lock(struct smb_request *req)
4979 connection_struct *conn = req->conn;
4980 uint64_t count,offset;
4983 struct byte_range_lock *br_lck = NULL;
4985 START_PROFILE(SMBlock);
4988 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4989 END_PROFILE(SMBlock);
4993 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4995 if (!check_fsp(conn, req, fsp)) {
4996 END_PROFILE(SMBlock);
5000 count = (uint64_t)IVAL(req->vwv+1, 0);
5001 offset = (uint64_t)IVAL(req->vwv+3, 0);
5003 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5004 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
5006 br_lck = do_lock(req->sconn->msg_ctx,
5008 (uint64_t)req->smbpid,
5013 False, /* Non-blocking lock. */
5018 TALLOC_FREE(br_lck);
5020 if (NT_STATUS_V(status)) {
5021 reply_nterror(req, status);
5022 END_PROFILE(SMBlock);
5026 reply_outbuf(req, 0, 0);
5028 END_PROFILE(SMBlock);
5032 /****************************************************************************
5034 ****************************************************************************/
5036 void reply_unlock(struct smb_request *req)
5038 connection_struct *conn = req->conn;
5039 uint64_t count,offset;
5043 START_PROFILE(SMBunlock);
5046 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5047 END_PROFILE(SMBunlock);
5051 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5053 if (!check_fsp(conn, req, fsp)) {
5054 END_PROFILE(SMBunlock);
5058 count = (uint64_t)IVAL(req->vwv+1, 0);
5059 offset = (uint64_t)IVAL(req->vwv+3, 0);
5061 status = do_unlock(req->sconn->msg_ctx,
5063 (uint64_t)req->smbpid,
5068 if (NT_STATUS_V(status)) {
5069 reply_nterror(req, status);
5070 END_PROFILE(SMBunlock);
5074 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5075 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5077 reply_outbuf(req, 0, 0);
5079 END_PROFILE(SMBunlock);
5084 #define DBGC_CLASS DBGC_ALL
5086 /****************************************************************************
5088 conn POINTER CAN BE NULL HERE !
5089 ****************************************************************************/
5091 void reply_tdis(struct smb_request *req)
5093 connection_struct *conn = req->conn;
5094 START_PROFILE(SMBtdis);
5097 DEBUG(4,("Invalid connection in tdis\n"));
5098 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5099 END_PROFILE(SMBtdis);
5105 close_cnum(conn,req->vuid);
5108 reply_outbuf(req, 0, 0);
5109 END_PROFILE(SMBtdis);
5113 /****************************************************************************
5115 conn POINTER CAN BE NULL HERE !
5116 ****************************************************************************/
5118 void reply_echo(struct smb_request *req)
5120 connection_struct *conn = req->conn;
5121 struct smb_perfcount_data local_pcd;
5122 struct smb_perfcount_data *cur_pcd;
5126 START_PROFILE(SMBecho);
5128 smb_init_perfcount_data(&local_pcd);
5131 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5132 END_PROFILE(SMBecho);
5136 smb_reverb = SVAL(req->vwv+0, 0);
5138 reply_outbuf(req, 1, req->buflen);
5140 /* copy any incoming data back out */
5141 if (req->buflen > 0) {
5142 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5145 if (smb_reverb > 100) {
5146 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5150 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5152 /* this makes sure we catch the request pcd */
5153 if (seq_num == smb_reverb) {
5154 cur_pcd = &req->pcd;
5156 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5157 cur_pcd = &local_pcd;
5160 SSVAL(req->outbuf,smb_vwv0,seq_num);
5162 show_msg((char *)req->outbuf);
5163 if (!srv_send_smb(req->sconn,
5164 (char *)req->outbuf,
5165 true, req->seqnum+1,
5166 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5168 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5171 DEBUG(3,("echo %d times\n", smb_reverb));
5173 TALLOC_FREE(req->outbuf);
5175 END_PROFILE(SMBecho);
5179 /****************************************************************************
5180 Reply to a printopen.
5181 ****************************************************************************/
5183 void reply_printopen(struct smb_request *req)
5185 connection_struct *conn = req->conn;
5189 START_PROFILE(SMBsplopen);
5192 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5193 END_PROFILE(SMBsplopen);
5197 if (!CAN_PRINT(conn)) {
5198 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5199 END_PROFILE(SMBsplopen);
5203 status = file_new(req, conn, &fsp);
5204 if(!NT_STATUS_IS_OK(status)) {
5205 reply_nterror(req, status);
5206 END_PROFILE(SMBsplopen);
5210 /* Open for exclusive use, write only. */
5211 status = print_spool_open(fsp, NULL, req->vuid);
5213 if (!NT_STATUS_IS_OK(status)) {
5214 file_free(req, fsp);
5215 reply_nterror(req, status);
5216 END_PROFILE(SMBsplopen);
5220 reply_outbuf(req, 1, 0);
5221 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5223 DEBUG(3,("openprint fd=%d fnum=%d\n",
5224 fsp->fh->fd, fsp->fnum));
5226 END_PROFILE(SMBsplopen);
5230 /****************************************************************************
5231 Reply to a printclose.
5232 ****************************************************************************/
5234 void reply_printclose(struct smb_request *req)
5236 connection_struct *conn = req->conn;
5240 START_PROFILE(SMBsplclose);
5243 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5244 END_PROFILE(SMBsplclose);
5248 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5250 if (!check_fsp(conn, req, fsp)) {
5251 END_PROFILE(SMBsplclose);
5255 if (!CAN_PRINT(conn)) {
5256 reply_force_doserror(req, ERRSRV, ERRerror);
5257 END_PROFILE(SMBsplclose);
5261 DEBUG(3,("printclose fd=%d fnum=%d\n",
5262 fsp->fh->fd,fsp->fnum));
5264 status = close_file(req, fsp, NORMAL_CLOSE);
5266 if(!NT_STATUS_IS_OK(status)) {
5267 reply_nterror(req, status);
5268 END_PROFILE(SMBsplclose);
5272 reply_outbuf(req, 0, 0);
5274 END_PROFILE(SMBsplclose);
5278 /****************************************************************************
5279 Reply to a printqueue.
5280 ****************************************************************************/
5282 void reply_printqueue(struct smb_request *req)
5284 connection_struct *conn = req->conn;
5288 START_PROFILE(SMBsplretq);
5291 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5292 END_PROFILE(SMBsplretq);
5296 max_count = SVAL(req->vwv+0, 0);
5297 start_index = SVAL(req->vwv+1, 0);
5299 /* we used to allow the client to get the cnum wrong, but that
5300 is really quite gross and only worked when there was only
5301 one printer - I think we should now only accept it if they
5302 get it right (tridge) */
5303 if (!CAN_PRINT(conn)) {
5304 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5305 END_PROFILE(SMBsplretq);
5309 reply_outbuf(req, 2, 3);
5310 SSVAL(req->outbuf,smb_vwv0,0);
5311 SSVAL(req->outbuf,smb_vwv1,0);
5312 SCVAL(smb_buf(req->outbuf),0,1);
5313 SSVAL(smb_buf(req->outbuf),1,0);
5315 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5316 start_index, max_count));
5319 TALLOC_CTX *mem_ctx = talloc_tos();
5322 const char *sharename = lp_servicename(SNUM(conn));
5323 struct rpc_pipe_client *cli = NULL;
5324 struct dcerpc_binding_handle *b = NULL;
5325 struct policy_handle handle;
5326 struct spoolss_DevmodeContainer devmode_ctr;
5327 union spoolss_JobInfo *info;
5329 uint32_t num_to_get;
5333 ZERO_STRUCT(handle);
5335 status = rpc_pipe_open_interface(conn,
5336 &ndr_table_spoolss.syntax_id,
5338 &conn->sconn->client_id,
5339 conn->sconn->msg_ctx,
5341 if (!NT_STATUS_IS_OK(status)) {
5342 DEBUG(0, ("reply_printqueue: "
5343 "could not connect to spoolss: %s\n",
5344 nt_errstr(status)));
5345 reply_nterror(req, status);
5348 b = cli->binding_handle;
5350 ZERO_STRUCT(devmode_ctr);
5352 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx,
5355 SEC_FLAG_MAXIMUM_ALLOWED,
5358 if (!NT_STATUS_IS_OK(status)) {
5359 reply_nterror(req, status);
5362 if (!W_ERROR_IS_OK(werr)) {
5363 reply_nterror(req, werror_to_ntstatus(werr));
5367 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5375 if (!W_ERROR_IS_OK(werr)) {
5376 reply_nterror(req, werror_to_ntstatus(werr));
5380 if (max_count > 0) {
5381 first = start_index;
5383 first = start_index + max_count + 1;
5386 if (first >= count) {
5389 num_to_get = first + MIN(ABS(max_count), count - first);
5392 for (i = first; i < num_to_get; i++) {
5395 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5397 uint16_t qrapjobid = pjobid_to_rap(sharename,
5398 info[i].info2.job_id);
5400 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5406 srv_put_dos_date2(p, 0, qtime);
5407 SCVAL(p, 4, qstatus);
5408 SSVAL(p, 5, qrapjobid);
5409 SIVAL(p, 7, info[i].info2.size);
5411 srvstr_push(blob, req->flags2, p+12,
5412 info[i].info2.notify_name, 16, STR_ASCII);
5414 if (message_push_blob(
5417 blob, sizeof(blob))) == -1) {
5418 reply_nterror(req, NT_STATUS_NO_MEMORY);
5424 SSVAL(req->outbuf,smb_vwv0,count);
5425 SSVAL(req->outbuf,smb_vwv1,
5426 (max_count>0?first+count:first-1));
5427 SCVAL(smb_buf(req->outbuf),0,1);
5428 SSVAL(smb_buf(req->outbuf),1,28*count);
5432 DEBUG(3, ("%u entries returned in queue\n",
5436 if (b && is_valid_policy_hnd(&handle)) {
5437 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr);
5442 END_PROFILE(SMBsplretq);
5446 /****************************************************************************
5447 Reply to a printwrite.
5448 ****************************************************************************/
5450 void reply_printwrite(struct smb_request *req)
5452 connection_struct *conn = req->conn;
5457 START_PROFILE(SMBsplwr);
5460 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5461 END_PROFILE(SMBsplwr);
5465 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5467 if (!check_fsp(conn, req, fsp)) {
5468 END_PROFILE(SMBsplwr);
5472 if (!fsp->print_file) {
5473 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5474 END_PROFILE(SMBsplwr);
5478 if (!CHECK_WRITE(fsp)) {
5479 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5480 END_PROFILE(SMBsplwr);
5484 numtowrite = SVAL(req->buf, 1);
5486 if (req->buflen < numtowrite + 3) {
5487 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5488 END_PROFILE(SMBsplwr);
5492 data = (const char *)req->buf + 3;
5494 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5495 reply_nterror(req, map_nt_error_from_unix(errno));
5496 END_PROFILE(SMBsplwr);
5500 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5502 END_PROFILE(SMBsplwr);
5506 /****************************************************************************
5508 ****************************************************************************/
5510 void reply_mkdir(struct smb_request *req)
5512 connection_struct *conn = req->conn;
5513 struct smb_filename *smb_dname = NULL;
5514 char *directory = NULL;
5516 TALLOC_CTX *ctx = talloc_tos();
5518 START_PROFILE(SMBmkdir);
5520 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5521 STR_TERMINATE, &status);
5522 if (!NT_STATUS_IS_OK(status)) {
5523 reply_nterror(req, status);
5527 status = filename_convert(ctx, conn,
5528 req->flags2 & FLAGS2_DFS_PATHNAMES,
5533 if (!NT_STATUS_IS_OK(status)) {
5534 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5535 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5536 ERRSRV, ERRbadpath);
5539 reply_nterror(req, status);
5543 status = create_directory(conn, req, smb_dname);
5545 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5547 if (!NT_STATUS_IS_OK(status)) {
5549 if (!use_nt_status()
5550 && NT_STATUS_EQUAL(status,
5551 NT_STATUS_OBJECT_NAME_COLLISION)) {
5553 * Yes, in the DOS error code case we get a
5554 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5555 * samba4 torture test.
5557 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5560 reply_nterror(req, status);
5564 reply_outbuf(req, 0, 0);
5566 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5568 TALLOC_FREE(smb_dname);
5569 END_PROFILE(SMBmkdir);
5573 /****************************************************************************
5575 ****************************************************************************/
5577 void reply_rmdir(struct smb_request *req)
5579 connection_struct *conn = req->conn;
5580 struct smb_filename *smb_dname = NULL;
5581 char *directory = NULL;
5583 TALLOC_CTX *ctx = talloc_tos();
5584 files_struct *fsp = NULL;
5586 struct smbd_server_connection *sconn = req->sconn;
5588 START_PROFILE(SMBrmdir);
5590 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5591 STR_TERMINATE, &status);
5592 if (!NT_STATUS_IS_OK(status)) {
5593 reply_nterror(req, status);
5597 status = filename_convert(ctx, conn,
5598 req->flags2 & FLAGS2_DFS_PATHNAMES,
5603 if (!NT_STATUS_IS_OK(status)) {
5604 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5605 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5606 ERRSRV, ERRbadpath);
5609 reply_nterror(req, status);
5613 if (is_ntfs_stream_smb_fname(smb_dname)) {
5614 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5618 status = SMB_VFS_CREATE_FILE(
5621 0, /* root_dir_fid */
5622 smb_dname, /* fname */
5623 DELETE_ACCESS, /* access_mask */
5624 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5626 FILE_OPEN, /* create_disposition*/
5627 FILE_DIRECTORY_FILE, /* create_options */
5628 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5629 0, /* oplock_request */
5630 0, /* allocation_size */
5631 0, /* private_flags */
5637 if (!NT_STATUS_IS_OK(status)) {
5638 if (open_was_deferred(req->mid)) {
5639 /* We have re-scheduled this call. */
5642 reply_nterror(req, status);
5646 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5647 if (!NT_STATUS_IS_OK(status)) {
5648 close_file(req, fsp, ERROR_CLOSE);
5649 reply_nterror(req, status);
5653 if (!set_delete_on_close(fsp, true, &conn->session_info->utok)) {
5654 close_file(req, fsp, ERROR_CLOSE);
5655 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5659 status = close_file(req, fsp, NORMAL_CLOSE);
5660 if (!NT_STATUS_IS_OK(status)) {
5661 reply_nterror(req, status);
5663 reply_outbuf(req, 0, 0);
5666 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5668 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5670 TALLOC_FREE(smb_dname);
5671 END_PROFILE(SMBrmdir);
5675 /*******************************************************************
5676 Resolve wildcards in a filename rename.
5677 ********************************************************************/
5679 static bool resolve_wildcards(TALLOC_CTX *ctx,
5684 char *name2_copy = NULL;
5689 char *p,*p2, *pname1, *pname2;
5691 name2_copy = talloc_strdup(ctx, name2);
5696 pname1 = strrchr_m(name1,'/');
5697 pname2 = strrchr_m(name2_copy,'/');
5699 if (!pname1 || !pname2) {
5703 /* Truncate the copy of name2 at the last '/' */
5706 /* Now go past the '/' */
5710 root1 = talloc_strdup(ctx, pname1);
5711 root2 = talloc_strdup(ctx, pname2);
5713 if (!root1 || !root2) {
5717 p = strrchr_m(root1,'.');
5720 ext1 = talloc_strdup(ctx, p+1);
5722 ext1 = talloc_strdup(ctx, "");
5724 p = strrchr_m(root2,'.');
5727 ext2 = talloc_strdup(ctx, p+1);
5729 ext2 = talloc_strdup(ctx, "");
5732 if (!ext1 || !ext2) {
5740 /* Hmmm. Should this be mb-aware ? */
5743 } else if (*p2 == '*') {
5745 root2 = talloc_asprintf(ctx, "%s%s",
5764 /* Hmmm. Should this be mb-aware ? */
5767 } else if (*p2 == '*') {
5769 ext2 = talloc_asprintf(ctx, "%s%s",
5785 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5790 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5802 /****************************************************************************
5803 Ensure open files have their names updated. Updated to notify other smbd's
5805 ****************************************************************************/
5807 static void rename_open_files(connection_struct *conn,
5808 struct share_mode_lock *lck,
5809 uint32_t orig_name_hash,
5810 const struct smb_filename *smb_fname_dst)
5813 bool did_rename = False;
5815 uint32_t new_name_hash;
5817 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5818 fsp = file_find_di_next(fsp)) {
5819 /* fsp_name is a relative path under the fsp. To change this for other
5820 sharepaths we need to manipulate relative paths. */
5821 /* TODO - create the absolute path and manipulate the newname
5822 relative to the sharepath. */
5823 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5826 if (fsp->name_hash != orig_name_hash) {
5829 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5830 "(file_id %s) from %s -> %s\n", fsp->fnum,
5831 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5832 smb_fname_str_dbg(smb_fname_dst)));
5834 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5835 if (NT_STATUS_IS_OK(status)) {
5837 new_name_hash = fsp->name_hash;
5842 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5843 "for %s\n", file_id_string_tos(&lck->id),
5844 smb_fname_str_dbg(smb_fname_dst)));
5847 /* Send messages to all smbd's (not ourself) that the name has changed. */
5848 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5849 orig_name_hash, new_name_hash,
5854 /****************************************************************************
5855 We need to check if the source path is a parent directory of the destination
5856 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5857 refuse the rename with a sharing violation. Under UNIX the above call can
5858 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5859 probably need to check that the client is a Windows one before disallowing
5860 this as a UNIX client (one with UNIX extensions) can know the source is a
5861 symlink and make this decision intelligently. Found by an excellent bug
5862 report from <AndyLiebman@aol.com>.
5863 ****************************************************************************/
5865 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5866 const struct smb_filename *smb_fname_dst)
5868 const char *psrc = smb_fname_src->base_name;
5869 const char *pdst = smb_fname_dst->base_name;
5872 if (psrc[0] == '.' && psrc[1] == '/') {
5875 if (pdst[0] == '.' && pdst[1] == '/') {
5878 if ((slen = strlen(psrc)) > strlen(pdst)) {
5881 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5885 * Do the notify calls from a rename
5888 static void notify_rename(connection_struct *conn, bool is_dir,
5889 const struct smb_filename *smb_fname_src,
5890 const struct smb_filename *smb_fname_dst)
5892 char *parent_dir_src = NULL;
5893 char *parent_dir_dst = NULL;
5896 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5897 : FILE_NOTIFY_CHANGE_FILE_NAME;
5899 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5900 &parent_dir_src, NULL) ||
5901 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5902 &parent_dir_dst, NULL)) {
5906 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5907 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5908 smb_fname_src->base_name);
5909 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5910 smb_fname_dst->base_name);
5913 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5914 smb_fname_src->base_name);
5915 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5916 smb_fname_dst->base_name);
5919 /* this is a strange one. w2k3 gives an additional event for
5920 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5921 files, but not directories */
5923 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5924 FILE_NOTIFY_CHANGE_ATTRIBUTES
5925 |FILE_NOTIFY_CHANGE_CREATION,
5926 smb_fname_dst->base_name);
5929 TALLOC_FREE(parent_dir_src);
5930 TALLOC_FREE(parent_dir_dst);
5933 /****************************************************************************
5934 Rename an open file - given an fsp.
5935 ****************************************************************************/
5937 NTSTATUS rename_internals_fsp(connection_struct *conn,
5939 const struct smb_filename *smb_fname_dst_in,
5941 bool replace_if_exists)
5943 TALLOC_CTX *ctx = talloc_tos();
5944 struct smb_filename *smb_fname_dst = NULL;
5945 NTSTATUS status = NT_STATUS_OK;
5946 struct share_mode_lock *lck = NULL;
5947 bool dst_exists, old_is_stream, new_is_stream;
5949 status = check_name(conn, smb_fname_dst_in->base_name);
5950 if (!NT_STATUS_IS_OK(status)) {
5954 /* Make a copy of the dst smb_fname structs */
5956 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5957 if (!NT_STATUS_IS_OK(status)) {
5962 * Check for special case with case preserving and not
5963 * case sensitive. If the old last component differs from the original
5964 * last component only by case, then we should allow
5965 * the rename (user is trying to change the case of the
5968 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5969 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5970 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5972 char *fname_dst_lcomp_base_mod = NULL;
5973 struct smb_filename *smb_fname_orig_lcomp = NULL;
5976 * Get the last component of the destination name.
5978 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5980 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5982 fname_dst_lcomp_base_mod = talloc_strdup(ctx, smb_fname_dst->base_name);
5984 if (!fname_dst_lcomp_base_mod) {
5985 status = NT_STATUS_NO_MEMORY;
5990 * Create an smb_filename struct using the original last
5991 * component of the destination.
5993 status = create_synthetic_smb_fname_split(ctx,
5994 smb_fname_dst->original_lcomp, NULL,
5995 &smb_fname_orig_lcomp);
5996 if (!NT_STATUS_IS_OK(status)) {
5997 TALLOC_FREE(fname_dst_lcomp_base_mod);
6001 /* If the base names only differ by case, use original. */
6002 if(!strcsequal(fname_dst_lcomp_base_mod,
6003 smb_fname_orig_lcomp->base_name)) {
6006 * Replace the modified last component with the
6010 *last_slash = '\0'; /* Truncate at the '/' */
6011 tmp = talloc_asprintf(smb_fname_dst,
6013 smb_fname_dst->base_name,
6014 smb_fname_orig_lcomp->base_name);
6016 tmp = talloc_asprintf(smb_fname_dst,
6018 smb_fname_orig_lcomp->base_name);
6021 status = NT_STATUS_NO_MEMORY;
6022 TALLOC_FREE(fname_dst_lcomp_base_mod);
6023 TALLOC_FREE(smb_fname_orig_lcomp);
6026 TALLOC_FREE(smb_fname_dst->base_name);
6027 smb_fname_dst->base_name = tmp;
6030 /* If the stream_names only differ by case, use original. */
6031 if(!strcsequal(smb_fname_dst->stream_name,
6032 smb_fname_orig_lcomp->stream_name)) {
6034 /* Use the original stream. */
6035 tmp = talloc_strdup(smb_fname_dst,
6036 smb_fname_orig_lcomp->stream_name);
6038 status = NT_STATUS_NO_MEMORY;
6039 TALLOC_FREE(fname_dst_lcomp_base_mod);
6040 TALLOC_FREE(smb_fname_orig_lcomp);
6043 TALLOC_FREE(smb_fname_dst->stream_name);
6044 smb_fname_dst->stream_name = tmp;
6046 TALLOC_FREE(fname_dst_lcomp_base_mod);
6047 TALLOC_FREE(smb_fname_orig_lcomp);
6051 * If the src and dest names are identical - including case,
6052 * don't do the rename, just return success.
6055 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6056 strcsequal(fsp->fsp_name->stream_name,
6057 smb_fname_dst->stream_name)) {
6058 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6059 "- returning success\n",
6060 smb_fname_str_dbg(smb_fname_dst)));
6061 status = NT_STATUS_OK;
6065 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6066 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6068 /* Return the correct error code if both names aren't streams. */
6069 if (!old_is_stream && new_is_stream) {
6070 status = NT_STATUS_OBJECT_NAME_INVALID;
6074 if (old_is_stream && !new_is_stream) {
6075 status = NT_STATUS_INVALID_PARAMETER;
6079 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6081 if(!replace_if_exists && dst_exists) {
6082 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6083 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6084 smb_fname_str_dbg(smb_fname_dst)));
6085 status = NT_STATUS_OBJECT_NAME_COLLISION;
6090 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6091 &smb_fname_dst->st);
6092 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6094 /* The file can be open when renaming a stream */
6095 if (dst_fsp && !new_is_stream) {
6096 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6097 status = NT_STATUS_ACCESS_DENIED;
6102 /* Ensure we have a valid stat struct for the source. */
6103 status = vfs_stat_fsp(fsp);
6104 if (!NT_STATUS_IS_OK(status)) {
6108 status = can_rename(conn, fsp, attrs);
6110 if (!NT_STATUS_IS_OK(status)) {
6111 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6112 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6113 smb_fname_str_dbg(smb_fname_dst)));
6114 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6115 status = NT_STATUS_ACCESS_DENIED;
6119 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6120 status = NT_STATUS_ACCESS_DENIED;
6123 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6127 * We have the file open ourselves, so not being able to get the
6128 * corresponding share mode lock is a fatal error.
6131 SMB_ASSERT(lck != NULL);
6133 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6134 uint32 create_options = fsp->fh->private_options;
6136 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6137 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6138 smb_fname_str_dbg(smb_fname_dst)));
6140 if (!lp_posix_pathnames() &&
6141 (lp_map_archive(SNUM(conn)) ||
6142 lp_store_dos_attributes(SNUM(conn)))) {
6143 /* We must set the archive bit on the newly
6145 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6146 uint32_t old_dosmode = dos_mode(conn,
6148 file_set_dosmode(conn,
6150 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6156 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6159 rename_open_files(conn, lck, fsp->name_hash, smb_fname_dst);
6162 * A rename acts as a new file create w.r.t. allowing an initial delete
6163 * on close, probably because in Windows there is a new handle to the
6164 * new file. If initial delete on close was requested but not
6165 * originally set, we need to set it here. This is probably not 100% correct,
6166 * but will work for the CIFSFS client which in non-posix mode
6167 * depends on these semantics. JRA.
6170 if (create_options & FILE_DELETE_ON_CLOSE) {
6171 status = can_set_delete_on_close(fsp, 0);
6173 if (NT_STATUS_IS_OK(status)) {
6174 /* Note that here we set the *inital* delete on close flag,
6175 * not the regular one. The magic gets handled in close. */
6176 fsp->initial_delete_on_close = True;
6180 status = NT_STATUS_OK;
6186 if (errno == ENOTDIR || errno == EISDIR) {
6187 status = NT_STATUS_OBJECT_NAME_COLLISION;
6189 status = map_nt_error_from_unix(errno);
6192 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6193 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6194 smb_fname_str_dbg(smb_fname_dst)));
6197 TALLOC_FREE(smb_fname_dst);
6202 /****************************************************************************
6203 The guts of the rename command, split out so it may be called by the NT SMB
6205 ****************************************************************************/
6207 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6208 connection_struct *conn,
6209 struct smb_request *req,
6210 struct smb_filename *smb_fname_src,
6211 struct smb_filename *smb_fname_dst,
6213 bool replace_if_exists,
6216 uint32_t access_mask)
6218 char *fname_src_dir = NULL;
6219 char *fname_src_mask = NULL;
6221 NTSTATUS status = NT_STATUS_OK;
6222 struct smb_Dir *dir_hnd = NULL;
6223 const char *dname = NULL;
6224 char *talloced = NULL;
6226 int create_options = 0;
6227 bool posix_pathnames = lp_posix_pathnames();
6230 * Split the old name into directory and last component
6231 * strings. Note that unix_convert may have stripped off a
6232 * leading ./ from both name and newname if the rename is
6233 * at the root of the share. We need to make sure either both
6234 * name and newname contain a / character or neither of them do
6235 * as this is checked in resolve_wildcards().
6238 /* Split up the directory from the filename/mask. */
6239 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6240 &fname_src_dir, &fname_src_mask);
6241 if (!NT_STATUS_IS_OK(status)) {
6242 status = NT_STATUS_NO_MEMORY;
6247 * We should only check the mangled cache
6248 * here if unix_convert failed. This means
6249 * that the path in 'mask' doesn't exist
6250 * on the file system and so we need to look
6251 * for a possible mangle. This patch from
6252 * Tine Smukavec <valentin.smukavec@hermes.si>.
6255 if (!VALID_STAT(smb_fname_src->st) &&
6256 mangle_is_mangled(fname_src_mask, conn->params)) {
6257 char *new_mask = NULL;
6258 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6261 TALLOC_FREE(fname_src_mask);
6262 fname_src_mask = new_mask;
6266 if (!src_has_wild) {
6270 * Only one file needs to be renamed. Append the mask back
6271 * onto the directory.
6273 TALLOC_FREE(smb_fname_src->base_name);
6274 if (ISDOT(fname_src_dir)) {
6275 /* Ensure we use canonical names on open. */
6276 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6280 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6285 if (!smb_fname_src->base_name) {
6286 status = NT_STATUS_NO_MEMORY;
6290 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6291 "case_preserve = %d, short case preserve = %d, "
6292 "directory = %s, newname = %s, "
6293 "last_component_dest = %s\n",
6294 conn->case_sensitive, conn->case_preserve,
6295 conn->short_case_preserve,
6296 smb_fname_str_dbg(smb_fname_src),
6297 smb_fname_str_dbg(smb_fname_dst),
6298 smb_fname_dst->original_lcomp));
6300 /* The dest name still may have wildcards. */
6301 if (dest_has_wild) {
6302 char *fname_dst_mod = NULL;
6303 if (!resolve_wildcards(smb_fname_dst,
6304 smb_fname_src->base_name,
6305 smb_fname_dst->base_name,
6307 DEBUG(6, ("rename_internals: resolve_wildcards "
6309 smb_fname_src->base_name,
6310 smb_fname_dst->base_name));
6311 status = NT_STATUS_NO_MEMORY;
6314 TALLOC_FREE(smb_fname_dst->base_name);
6315 smb_fname_dst->base_name = fname_dst_mod;
6318 ZERO_STRUCT(smb_fname_src->st);
6319 if (posix_pathnames) {
6320 SMB_VFS_LSTAT(conn, smb_fname_src);
6322 SMB_VFS_STAT(conn, smb_fname_src);
6325 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6326 create_options |= FILE_DIRECTORY_FILE;
6329 status = SMB_VFS_CREATE_FILE(
6332 0, /* root_dir_fid */
6333 smb_fname_src, /* fname */
6334 access_mask, /* access_mask */
6335 (FILE_SHARE_READ | /* share_access */
6337 FILE_OPEN, /* create_disposition*/
6338 create_options, /* create_options */
6339 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6340 0, /* oplock_request */
6341 0, /* allocation_size */
6342 0, /* private_flags */
6348 if (!NT_STATUS_IS_OK(status)) {
6349 DEBUG(3, ("Could not open rename source %s: %s\n",
6350 smb_fname_str_dbg(smb_fname_src),
6351 nt_errstr(status)));
6355 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6356 attrs, replace_if_exists);
6358 close_file(req, fsp, NORMAL_CLOSE);
6360 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6361 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6362 smb_fname_str_dbg(smb_fname_dst)));
6368 * Wildcards - process each file that matches.
6370 if (strequal(fname_src_mask, "????????.???")) {
6371 TALLOC_FREE(fname_src_mask);
6372 fname_src_mask = talloc_strdup(ctx, "*");
6373 if (!fname_src_mask) {
6374 status = NT_STATUS_NO_MEMORY;
6379 status = check_name(conn, fname_src_dir);
6380 if (!NT_STATUS_IS_OK(status)) {
6384 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6386 if (dir_hnd == NULL) {
6387 status = map_nt_error_from_unix(errno);
6391 status = NT_STATUS_NO_SUCH_FILE;
6393 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6394 * - gentest fix. JRA
6397 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6399 files_struct *fsp = NULL;
6400 char *destname = NULL;
6401 bool sysdir_entry = False;
6403 /* Quick check for "." and ".." */
6404 if (ISDOT(dname) || ISDOTDOT(dname)) {
6406 sysdir_entry = True;
6408 TALLOC_FREE(talloced);
6413 if (!is_visible_file(conn, fname_src_dir, dname,
6414 &smb_fname_src->st, false)) {
6415 TALLOC_FREE(talloced);
6419 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6420 TALLOC_FREE(talloced);
6425 status = NT_STATUS_OBJECT_NAME_INVALID;
6429 TALLOC_FREE(smb_fname_src->base_name);
6430 if (ISDOT(fname_src_dir)) {
6431 /* Ensure we use canonical names on open. */
6432 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6436 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6441 if (!smb_fname_src->base_name) {
6442 status = NT_STATUS_NO_MEMORY;
6446 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6447 smb_fname_dst->base_name,
6449 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6450 smb_fname_src->base_name, destname));
6451 TALLOC_FREE(talloced);
6455 status = NT_STATUS_NO_MEMORY;
6459 TALLOC_FREE(smb_fname_dst->base_name);
6460 smb_fname_dst->base_name = destname;
6462 ZERO_STRUCT(smb_fname_src->st);
6463 if (posix_pathnames) {
6464 SMB_VFS_LSTAT(conn, smb_fname_src);
6466 SMB_VFS_STAT(conn, smb_fname_src);
6471 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6472 create_options |= FILE_DIRECTORY_FILE;
6475 status = SMB_VFS_CREATE_FILE(
6478 0, /* root_dir_fid */
6479 smb_fname_src, /* fname */
6480 access_mask, /* access_mask */
6481 (FILE_SHARE_READ | /* share_access */
6483 FILE_OPEN, /* create_disposition*/
6484 create_options, /* create_options */
6485 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6486 0, /* oplock_request */
6487 0, /* allocation_size */
6488 0, /* private_flags */
6494 if (!NT_STATUS_IS_OK(status)) {
6495 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6496 "returned %s rename %s -> %s\n",
6498 smb_fname_str_dbg(smb_fname_src),
6499 smb_fname_str_dbg(smb_fname_dst)));
6503 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6505 if (!smb_fname_dst->original_lcomp) {
6506 status = NT_STATUS_NO_MEMORY;
6510 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6511 attrs, replace_if_exists);
6513 close_file(req, fsp, NORMAL_CLOSE);
6515 if (!NT_STATUS_IS_OK(status)) {
6516 DEBUG(3, ("rename_internals_fsp returned %s for "
6517 "rename %s -> %s\n", nt_errstr(status),
6518 smb_fname_str_dbg(smb_fname_src),
6519 smb_fname_str_dbg(smb_fname_dst)));
6525 DEBUG(3,("rename_internals: doing rename on %s -> "
6526 "%s\n", smb_fname_str_dbg(smb_fname_src),
6527 smb_fname_str_dbg(smb_fname_src)));
6528 TALLOC_FREE(talloced);
6530 TALLOC_FREE(dir_hnd);
6532 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6533 status = map_nt_error_from_unix(errno);
6537 TALLOC_FREE(talloced);
6538 TALLOC_FREE(fname_src_dir);
6539 TALLOC_FREE(fname_src_mask);
6543 /****************************************************************************
6545 ****************************************************************************/
6547 void reply_mv(struct smb_request *req)
6549 connection_struct *conn = req->conn;
6551 char *newname = NULL;
6555 bool src_has_wcard = False;
6556 bool dest_has_wcard = False;
6557 TALLOC_CTX *ctx = talloc_tos();
6558 struct smb_filename *smb_fname_src = NULL;
6559 struct smb_filename *smb_fname_dst = NULL;
6560 bool stream_rename = false;
6562 START_PROFILE(SMBmv);
6565 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6569 attrs = SVAL(req->vwv+0, 0);
6571 p = (const char *)req->buf + 1;
6572 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6573 &status, &src_has_wcard);
6574 if (!NT_STATUS_IS_OK(status)) {
6575 reply_nterror(req, status);
6579 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6580 &status, &dest_has_wcard);
6581 if (!NT_STATUS_IS_OK(status)) {
6582 reply_nterror(req, status);
6586 if (!lp_posix_pathnames()) {
6587 /* The newname must begin with a ':' if the
6588 name contains a ':'. */
6589 if (strchr_m(name, ':')) {
6590 if (newname[0] != ':') {
6591 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6594 stream_rename = true;
6598 status = filename_convert(ctx,
6600 req->flags2 & FLAGS2_DFS_PATHNAMES,
6602 UCF_COND_ALLOW_WCARD_LCOMP,
6606 if (!NT_STATUS_IS_OK(status)) {
6607 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6608 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6609 ERRSRV, ERRbadpath);
6612 reply_nterror(req, status);
6616 status = filename_convert(ctx,
6618 req->flags2 & FLAGS2_DFS_PATHNAMES,
6620 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6624 if (!NT_STATUS_IS_OK(status)) {
6625 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6626 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6627 ERRSRV, ERRbadpath);
6630 reply_nterror(req, status);
6634 if (stream_rename) {
6635 /* smb_fname_dst->base_name must be the same as
6636 smb_fname_src->base_name. */
6637 TALLOC_FREE(smb_fname_dst->base_name);
6638 smb_fname_dst->base_name = talloc_strdup(smb_fname_dst,
6639 smb_fname_src->base_name);
6640 if (!smb_fname_dst->base_name) {
6641 reply_nterror(req, NT_STATUS_NO_MEMORY);
6646 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6647 smb_fname_str_dbg(smb_fname_dst)));
6649 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6650 attrs, False, src_has_wcard, dest_has_wcard,
6652 if (!NT_STATUS_IS_OK(status)) {
6653 if (open_was_deferred(req->mid)) {
6654 /* We have re-scheduled this call. */
6657 reply_nterror(req, status);
6661 reply_outbuf(req, 0, 0);
6663 TALLOC_FREE(smb_fname_src);
6664 TALLOC_FREE(smb_fname_dst);
6669 /*******************************************************************
6670 Copy a file as part of a reply_copy.
6671 ******************************************************************/
6674 * TODO: check error codes on all callers
6677 NTSTATUS copy_file(TALLOC_CTX *ctx,
6678 connection_struct *conn,
6679 struct smb_filename *smb_fname_src,
6680 struct smb_filename *smb_fname_dst,
6683 bool target_is_directory)
6685 struct smb_filename *smb_fname_dst_tmp = NULL;
6687 files_struct *fsp1,*fsp2;
6689 uint32 new_create_disposition;
6693 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6694 if (!NT_STATUS_IS_OK(status)) {
6699 * If the target is a directory, extract the last component from the
6700 * src filename and append it to the dst filename
6702 if (target_is_directory) {
6705 /* dest/target can't be a stream if it's a directory. */
6706 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6708 p = strrchr_m(smb_fname_src->base_name,'/');
6712 p = smb_fname_src->base_name;
6714 smb_fname_dst_tmp->base_name =
6715 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6717 if (!smb_fname_dst_tmp->base_name) {
6718 status = NT_STATUS_NO_MEMORY;
6723 status = vfs_file_exist(conn, smb_fname_src);
6724 if (!NT_STATUS_IS_OK(status)) {
6728 if (!target_is_directory && count) {
6729 new_create_disposition = FILE_OPEN;
6731 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6733 &new_create_disposition,
6736 status = NT_STATUS_INVALID_PARAMETER;
6741 /* Open the src file for reading. */
6742 status = SMB_VFS_CREATE_FILE(
6745 0, /* root_dir_fid */
6746 smb_fname_src, /* fname */
6747 FILE_GENERIC_READ, /* access_mask */
6748 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6749 FILE_OPEN, /* create_disposition*/
6750 0, /* create_options */
6751 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6752 INTERNAL_OPEN_ONLY, /* oplock_request */
6753 0, /* allocation_size */
6754 0, /* private_flags */
6760 if (!NT_STATUS_IS_OK(status)) {
6764 dosattrs = dos_mode(conn, smb_fname_src);
6766 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6767 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6770 /* Open the dst file for writing. */
6771 status = SMB_VFS_CREATE_FILE(
6774 0, /* root_dir_fid */
6775 smb_fname_dst, /* fname */
6776 FILE_GENERIC_WRITE, /* access_mask */
6777 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6778 new_create_disposition, /* create_disposition*/
6779 0, /* create_options */
6780 dosattrs, /* file_attributes */
6781 INTERNAL_OPEN_ONLY, /* oplock_request */
6782 0, /* allocation_size */
6783 0, /* private_flags */
6789 if (!NT_STATUS_IS_OK(status)) {
6790 close_file(NULL, fsp1, ERROR_CLOSE);
6794 if (ofun & OPENX_FILE_EXISTS_OPEN) {
6795 ret = SMB_VFS_LSEEK(fsp2, 0, SEEK_END);
6797 DEBUG(0, ("error - vfs lseek returned error %s\n",
6799 status = map_nt_error_from_unix(errno);
6800 close_file(NULL, fsp1, ERROR_CLOSE);
6801 close_file(NULL, fsp2, ERROR_CLOSE);
6806 /* Do the actual copy. */
6807 if (smb_fname_src->st.st_ex_size) {
6808 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6813 close_file(NULL, fsp1, NORMAL_CLOSE);
6815 /* Ensure the modtime is set correctly on the destination file. */
6816 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6819 * As we are opening fsp1 read-only we only expect
6820 * an error on close on fsp2 if we are out of space.
6821 * Thus we don't look at the error return from the
6824 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6826 if (!NT_STATUS_IS_OK(status)) {
6830 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6831 status = NT_STATUS_DISK_FULL;
6835 status = NT_STATUS_OK;
6838 TALLOC_FREE(smb_fname_dst_tmp);
6842 /****************************************************************************
6843 Reply to a file copy.
6844 ****************************************************************************/
6846 void reply_copy(struct smb_request *req)
6848 connection_struct *conn = req->conn;
6849 struct smb_filename *smb_fname_src = NULL;
6850 struct smb_filename *smb_fname_dst = NULL;
6851 char *fname_src = NULL;
6852 char *fname_dst = NULL;
6853 char *fname_src_mask = NULL;
6854 char *fname_src_dir = NULL;
6857 int error = ERRnoaccess;
6861 bool target_is_directory=False;
6862 bool source_has_wild = False;
6863 bool dest_has_wild = False;
6865 TALLOC_CTX *ctx = talloc_tos();
6867 START_PROFILE(SMBcopy);
6870 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6874 tid2 = SVAL(req->vwv+0, 0);
6875 ofun = SVAL(req->vwv+1, 0);
6876 flags = SVAL(req->vwv+2, 0);
6878 p = (const char *)req->buf;
6879 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6880 &status, &source_has_wild);
6881 if (!NT_STATUS_IS_OK(status)) {
6882 reply_nterror(req, status);
6885 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6886 &status, &dest_has_wild);
6887 if (!NT_STATUS_IS_OK(status)) {
6888 reply_nterror(req, status);
6892 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6894 if (tid2 != conn->cnum) {
6895 /* can't currently handle inter share copies XXXX */
6896 DEBUG(3,("Rejecting inter-share copy\n"));
6897 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6901 status = filename_convert(ctx, conn,
6902 req->flags2 & FLAGS2_DFS_PATHNAMES,
6904 UCF_COND_ALLOW_WCARD_LCOMP,
6907 if (!NT_STATUS_IS_OK(status)) {
6908 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6909 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6910 ERRSRV, ERRbadpath);
6913 reply_nterror(req, status);
6917 status = filename_convert(ctx, conn,
6918 req->flags2 & FLAGS2_DFS_PATHNAMES,
6920 UCF_COND_ALLOW_WCARD_LCOMP,
6923 if (!NT_STATUS_IS_OK(status)) {
6924 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6925 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6926 ERRSRV, ERRbadpath);
6929 reply_nterror(req, status);
6933 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6935 if ((flags&1) && target_is_directory) {
6936 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6940 if ((flags&2) && !target_is_directory) {
6941 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6945 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6946 /* wants a tree copy! XXXX */
6947 DEBUG(3,("Rejecting tree copy\n"));
6948 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6952 /* Split up the directory from the filename/mask. */
6953 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6954 &fname_src_dir, &fname_src_mask);
6955 if (!NT_STATUS_IS_OK(status)) {
6956 reply_nterror(req, NT_STATUS_NO_MEMORY);
6961 * We should only check the mangled cache
6962 * here if unix_convert failed. This means
6963 * that the path in 'mask' doesn't exist
6964 * on the file system and so we need to look
6965 * for a possible mangle. This patch from
6966 * Tine Smukavec <valentin.smukavec@hermes.si>.
6968 if (!VALID_STAT(smb_fname_src->st) &&
6969 mangle_is_mangled(fname_src_mask, conn->params)) {
6970 char *new_mask = NULL;
6971 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6972 &new_mask, conn->params);
6974 /* Use demangled name if one was successfully found. */
6976 TALLOC_FREE(fname_src_mask);
6977 fname_src_mask = new_mask;
6981 if (!source_has_wild) {
6984 * Only one file needs to be copied. Append the mask back onto
6987 TALLOC_FREE(smb_fname_src->base_name);
6988 if (ISDOT(fname_src_dir)) {
6989 /* Ensure we use canonical names on open. */
6990 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6994 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6999 if (!smb_fname_src->base_name) {
7000 reply_nterror(req, NT_STATUS_NO_MEMORY);
7004 if (dest_has_wild) {
7005 char *fname_dst_mod = NULL;
7006 if (!resolve_wildcards(smb_fname_dst,
7007 smb_fname_src->base_name,
7008 smb_fname_dst->base_name,
7010 reply_nterror(req, NT_STATUS_NO_MEMORY);
7013 TALLOC_FREE(smb_fname_dst->base_name);
7014 smb_fname_dst->base_name = fname_dst_mod;
7017 status = check_name(conn, smb_fname_src->base_name);
7018 if (!NT_STATUS_IS_OK(status)) {
7019 reply_nterror(req, status);
7023 status = check_name(conn, smb_fname_dst->base_name);
7024 if (!NT_STATUS_IS_OK(status)) {
7025 reply_nterror(req, status);
7029 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
7030 ofun, count, target_is_directory);
7032 if(!NT_STATUS_IS_OK(status)) {
7033 reply_nterror(req, status);
7039 struct smb_Dir *dir_hnd = NULL;
7040 const char *dname = NULL;
7041 char *talloced = NULL;
7045 * There is a wildcard that requires us to actually read the
7046 * src dir and copy each file matching the mask to the dst.
7047 * Right now streams won't be copied, but this could
7048 * presumably be added with a nested loop for reach dir entry.
7050 SMB_ASSERT(!smb_fname_src->stream_name);
7051 SMB_ASSERT(!smb_fname_dst->stream_name);
7053 smb_fname_src->stream_name = NULL;
7054 smb_fname_dst->stream_name = NULL;
7056 if (strequal(fname_src_mask,"????????.???")) {
7057 TALLOC_FREE(fname_src_mask);
7058 fname_src_mask = talloc_strdup(ctx, "*");
7059 if (!fname_src_mask) {
7060 reply_nterror(req, NT_STATUS_NO_MEMORY);
7065 status = check_name(conn, fname_src_dir);
7066 if (!NT_STATUS_IS_OK(status)) {
7067 reply_nterror(req, status);
7071 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7072 if (dir_hnd == NULL) {
7073 status = map_nt_error_from_unix(errno);
7074 reply_nterror(req, status);
7080 /* Iterate over the src dir copying each entry to the dst. */
7081 while ((dname = ReadDirName(dir_hnd, &offset,
7082 &smb_fname_src->st, &talloced))) {
7083 char *destname = NULL;
7085 if (ISDOT(dname) || ISDOTDOT(dname)) {
7086 TALLOC_FREE(talloced);
7090 if (!is_visible_file(conn, fname_src_dir, dname,
7091 &smb_fname_src->st, false)) {
7092 TALLOC_FREE(talloced);
7096 if(!mask_match(dname, fname_src_mask,
7097 conn->case_sensitive)) {
7098 TALLOC_FREE(talloced);
7102 error = ERRnoaccess;
7104 /* Get the src smb_fname struct setup. */
7105 TALLOC_FREE(smb_fname_src->base_name);
7106 if (ISDOT(fname_src_dir)) {
7107 /* Ensure we use canonical names on open. */
7108 smb_fname_src->base_name =
7109 talloc_asprintf(smb_fname_src, "%s",
7112 smb_fname_src->base_name =
7113 talloc_asprintf(smb_fname_src, "%s/%s",
7114 fname_src_dir, dname);
7117 if (!smb_fname_src->base_name) {
7118 TALLOC_FREE(dir_hnd);
7119 TALLOC_FREE(talloced);
7120 reply_nterror(req, NT_STATUS_NO_MEMORY);
7124 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7125 smb_fname_dst->base_name,
7127 TALLOC_FREE(talloced);
7131 TALLOC_FREE(dir_hnd);
7132 TALLOC_FREE(talloced);
7133 reply_nterror(req, NT_STATUS_NO_MEMORY);
7137 TALLOC_FREE(smb_fname_dst->base_name);
7138 smb_fname_dst->base_name = destname;
7140 status = check_name(conn, smb_fname_src->base_name);
7141 if (!NT_STATUS_IS_OK(status)) {
7142 TALLOC_FREE(dir_hnd);
7143 TALLOC_FREE(talloced);
7144 reply_nterror(req, status);
7148 status = check_name(conn, smb_fname_dst->base_name);
7149 if (!NT_STATUS_IS_OK(status)) {
7150 TALLOC_FREE(dir_hnd);
7151 TALLOC_FREE(talloced);
7152 reply_nterror(req, status);
7156 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7157 smb_fname_src->base_name,
7158 smb_fname_dst->base_name));
7160 status = copy_file(ctx, conn, smb_fname_src,
7161 smb_fname_dst, ofun, count,
7162 target_is_directory);
7163 if (NT_STATUS_IS_OK(status)) {
7167 TALLOC_FREE(talloced);
7169 TALLOC_FREE(dir_hnd);
7173 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7177 reply_outbuf(req, 1, 0);
7178 SSVAL(req->outbuf,smb_vwv0,count);
7180 TALLOC_FREE(smb_fname_src);
7181 TALLOC_FREE(smb_fname_dst);
7182 TALLOC_FREE(fname_src);
7183 TALLOC_FREE(fname_dst);
7184 TALLOC_FREE(fname_src_mask);
7185 TALLOC_FREE(fname_src_dir);
7187 END_PROFILE(SMBcopy);
7192 #define DBGC_CLASS DBGC_LOCKING
7194 /****************************************************************************
7195 Get a lock pid, dealing with large count requests.
7196 ****************************************************************************/
7198 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7199 bool large_file_format)
7201 if(!large_file_format)
7202 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7204 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7207 /****************************************************************************
7208 Get a lock count, dealing with large count requests.
7209 ****************************************************************************/
7211 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7212 bool large_file_format)
7216 if(!large_file_format) {
7217 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7220 #if defined(HAVE_LONGLONG)
7221 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7222 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7223 #else /* HAVE_LONGLONG */
7226 * NT4.x seems to be broken in that it sends large file (64 bit)
7227 * lockingX calls even if the CAP_LARGE_FILES was *not*
7228 * negotiated. For boxes without large unsigned ints truncate the
7229 * lock count by dropping the top 32 bits.
7232 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7233 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7234 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7235 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7236 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7239 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7240 #endif /* HAVE_LONGLONG */
7246 #if !defined(HAVE_LONGLONG)
7247 /****************************************************************************
7248 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7249 ****************************************************************************/
7251 static uint32 map_lock_offset(uint32 high, uint32 low)
7255 uint32 highcopy = high;
7258 * Try and find out how many significant bits there are in high.
7261 for(i = 0; highcopy; i++)
7265 * We use 31 bits not 32 here as POSIX
7266 * lock offsets may not be negative.
7269 mask = (~0) << (31 - i);
7272 return 0; /* Fail. */
7278 #endif /* !defined(HAVE_LONGLONG) */
7280 /****************************************************************************
7281 Get a lock offset, dealing with large offset requests.
7282 ****************************************************************************/
7284 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7285 bool large_file_format, bool *err)
7287 uint64_t offset = 0;
7291 if(!large_file_format) {
7292 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7295 #if defined(HAVE_LONGLONG)
7296 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7297 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7298 #else /* HAVE_LONGLONG */
7301 * NT4.x seems to be broken in that it sends large file (64 bit)
7302 * lockingX calls even if the CAP_LARGE_FILES was *not*
7303 * negotiated. For boxes without large unsigned ints mangle the
7304 * lock offset by mapping the top 32 bits onto the lower 32.
7307 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7308 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7309 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7312 if((new_low = map_lock_offset(high, low)) == 0) {
7314 return (uint64_t)-1;
7317 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7318 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7319 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7320 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7323 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7324 #endif /* HAVE_LONGLONG */
7330 NTSTATUS smbd_do_locking(struct smb_request *req,
7334 uint16_t num_ulocks,
7335 struct smbd_lock_element *ulocks,
7337 struct smbd_lock_element *locks,
7340 connection_struct *conn = req->conn;
7342 NTSTATUS status = NT_STATUS_OK;
7346 /* Data now points at the beginning of the list
7347 of smb_unlkrng structs */
7348 for(i = 0; i < (int)num_ulocks; i++) {
7349 struct smbd_lock_element *e = &ulocks[i];
7351 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7352 "pid %u, file %s\n",
7355 (unsigned int)e->smblctx,
7358 if (e->brltype != UNLOCK_LOCK) {
7359 /* this can only happen with SMB2 */
7360 return NT_STATUS_INVALID_PARAMETER;
7363 status = do_unlock(req->sconn->msg_ctx,
7370 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7371 nt_errstr(status)));
7373 if (!NT_STATUS_IS_OK(status)) {
7378 /* Setup the timeout in seconds. */
7380 if (!lp_blocking_locks(SNUM(conn))) {
7384 /* Data now points at the beginning of the list
7385 of smb_lkrng structs */
7387 for(i = 0; i < (int)num_locks; i++) {
7388 struct smbd_lock_element *e = &locks[i];
7390 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7391 "%llu, file %s timeout = %d\n",
7394 (unsigned long long)e->smblctx,
7398 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7399 struct blocking_lock_record *blr = NULL;
7401 if (num_locks > 1) {
7403 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7404 * if the lock vector contains one entry. When given mutliple cancel
7405 * requests in a single PDU we expect the server to return an
7406 * error. Windows servers seem to accept the request but only
7407 * cancel the first lock.
7408 * JRA - Do what Windows does (tm) :-).
7412 /* MS-CIFS (2.2.4.32.1) behavior. */
7413 return NT_STATUS_DOS(ERRDOS,
7414 ERRcancelviolation);
7416 /* Windows behavior. */
7418 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7419 "cancel request\n"));
7425 if (lp_blocking_locks(SNUM(conn))) {
7427 /* Schedule a message to ourselves to
7428 remove the blocking lock record and
7429 return the right error. */
7431 blr = blocking_lock_cancel_smb1(fsp,
7437 NT_STATUS_FILE_LOCK_CONFLICT);
7439 return NT_STATUS_DOS(
7441 ERRcancelviolation);
7444 /* Remove a matching pending lock. */
7445 status = do_lock_cancel(fsp,
7452 bool blocking_lock = timeout ? true : false;
7453 bool defer_lock = false;
7454 struct byte_range_lock *br_lck;
7455 uint64_t block_smblctx;
7457 br_lck = do_lock(req->sconn->msg_ctx,
7469 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7470 /* Windows internal resolution for blocking locks seems
7471 to be about 200ms... Don't wait for less than that. JRA. */
7472 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7473 timeout = lp_lock_spin_time();
7478 /* If a lock sent with timeout of zero would fail, and
7479 * this lock has been requested multiple times,
7480 * according to brl_lock_failed() we convert this
7481 * request to a blocking lock with a timeout of between
7482 * 150 - 300 milliseconds.
7484 * If lp_lock_spin_time() has been set to 0, we skip
7485 * this blocking retry and fail immediately.
7487 * Replacement for do_lock_spin(). JRA. */
7489 if (!req->sconn->using_smb2 &&
7490 br_lck && lp_blocking_locks(SNUM(conn)) &&
7491 lp_lock_spin_time() && !blocking_lock &&
7492 NT_STATUS_EQUAL((status),
7493 NT_STATUS_FILE_LOCK_CONFLICT))
7496 timeout = lp_lock_spin_time();
7499 if (br_lck && defer_lock) {
7501 * A blocking lock was requested. Package up
7502 * this smb into a queued request and push it
7503 * onto the blocking lock queue.
7505 if(push_blocking_lock_request(br_lck,
7516 TALLOC_FREE(br_lck);
7518 return NT_STATUS_OK;
7522 TALLOC_FREE(br_lck);
7525 if (!NT_STATUS_IS_OK(status)) {
7530 /* If any of the above locks failed, then we must unlock
7531 all of the previous locks (X/Open spec). */
7533 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7535 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7536 i = -1; /* we want to skip the for loop */
7540 * Ensure we don't do a remove on the lock that just failed,
7541 * as under POSIX rules, if we have a lock already there, we
7542 * will delete it (and we shouldn't) .....
7544 for(i--; i >= 0; i--) {
7545 struct smbd_lock_element *e = &locks[i];
7547 do_unlock(req->sconn->msg_ctx,
7557 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7558 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7560 return NT_STATUS_OK;
7563 /****************************************************************************
7564 Reply to a lockingX request.
7565 ****************************************************************************/
7567 void reply_lockingX(struct smb_request *req)
7569 connection_struct *conn = req->conn;
7571 unsigned char locktype;
7572 unsigned char oplocklevel;
7577 const uint8_t *data;
7578 bool large_file_format;
7580 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7581 struct smbd_lock_element *ulocks;
7582 struct smbd_lock_element *locks;
7585 START_PROFILE(SMBlockingX);
7588 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7589 END_PROFILE(SMBlockingX);
7593 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7594 locktype = CVAL(req->vwv+3, 0);
7595 oplocklevel = CVAL(req->vwv+3, 1);
7596 num_ulocks = SVAL(req->vwv+6, 0);
7597 num_locks = SVAL(req->vwv+7, 0);
7598 lock_timeout = IVAL(req->vwv+4, 0);
7599 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7601 if (!check_fsp(conn, req, fsp)) {
7602 END_PROFILE(SMBlockingX);
7608 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7609 /* we don't support these - and CANCEL_LOCK makes w2k
7610 and XP reboot so I don't really want to be
7611 compatible! (tridge) */
7612 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7613 END_PROFILE(SMBlockingX);
7617 /* Check if this is an oplock break on a file
7618 we have granted an oplock on.
7620 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7621 /* Client can insist on breaking to none. */
7622 bool break_to_none = (oplocklevel == 0);
7625 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7626 "for fnum = %d\n", (unsigned int)oplocklevel,
7630 * Make sure we have granted an exclusive or batch oplock on
7634 if (fsp->oplock_type == 0) {
7636 /* The Samba4 nbench simulator doesn't understand
7637 the difference between break to level2 and break
7638 to none from level2 - it sends oplock break
7639 replies in both cases. Don't keep logging an error
7640 message here - just ignore it. JRA. */
7642 DEBUG(5,("reply_lockingX: Error : oplock break from "
7643 "client for fnum = %d (oplock=%d) and no "
7644 "oplock granted on this file (%s).\n",
7645 fsp->fnum, fsp->oplock_type,
7648 /* if this is a pure oplock break request then don't
7650 if (num_locks == 0 && num_ulocks == 0) {
7651 END_PROFILE(SMBlockingX);
7654 END_PROFILE(SMBlockingX);
7655 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7660 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7662 result = remove_oplock(fsp);
7664 result = downgrade_oplock(fsp);
7668 DEBUG(0, ("reply_lockingX: error in removing "
7669 "oplock on file %s\n", fsp_str_dbg(fsp)));
7670 /* Hmmm. Is this panic justified? */
7671 smb_panic("internal tdb error");
7674 reply_to_oplock_break_requests(fsp);
7676 /* if this is a pure oplock break request then don't send a
7678 if (num_locks == 0 && num_ulocks == 0) {
7679 /* Sanity check - ensure a pure oplock break is not a
7681 if(CVAL(req->vwv+0, 0) != 0xff)
7682 DEBUG(0,("reply_lockingX: Error : pure oplock "
7683 "break is a chained %d request !\n",
7684 (unsigned int)CVAL(req->vwv+0, 0)));
7685 END_PROFILE(SMBlockingX);
7691 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7692 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7693 END_PROFILE(SMBlockingX);
7697 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7698 if (ulocks == NULL) {
7699 reply_nterror(req, NT_STATUS_NO_MEMORY);
7700 END_PROFILE(SMBlockingX);
7704 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7705 if (locks == NULL) {
7706 reply_nterror(req, NT_STATUS_NO_MEMORY);
7707 END_PROFILE(SMBlockingX);
7711 /* Data now points at the beginning of the list
7712 of smb_unlkrng structs */
7713 for(i = 0; i < (int)num_ulocks; i++) {
7714 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7715 ulocks[i].count = get_lock_count(data, i, large_file_format);
7716 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7717 ulocks[i].brltype = UNLOCK_LOCK;
7720 * There is no error code marked "stupid client bug".... :-).
7723 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7724 END_PROFILE(SMBlockingX);
7729 /* Now do any requested locks */
7730 data += ((large_file_format ? 20 : 10)*num_ulocks);
7732 /* Data now points at the beginning of the list
7733 of smb_lkrng structs */
7735 for(i = 0; i < (int)num_locks; i++) {
7736 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7737 locks[i].count = get_lock_count(data, i, large_file_format);
7738 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7740 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7741 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7742 locks[i].brltype = PENDING_READ_LOCK;
7744 locks[i].brltype = READ_LOCK;
7747 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7748 locks[i].brltype = PENDING_WRITE_LOCK;
7750 locks[i].brltype = WRITE_LOCK;
7755 * There is no error code marked "stupid client bug".... :-).
7758 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7759 END_PROFILE(SMBlockingX);
7764 status = smbd_do_locking(req, fsp,
7765 locktype, lock_timeout,
7769 if (!NT_STATUS_IS_OK(status)) {
7770 END_PROFILE(SMBlockingX);
7771 reply_nterror(req, status);
7775 END_PROFILE(SMBlockingX);
7779 reply_outbuf(req, 2, 0);
7781 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7782 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7784 END_PROFILE(SMBlockingX);
7789 #define DBGC_CLASS DBGC_ALL
7791 /****************************************************************************
7792 Reply to a SMBreadbmpx (read block multiplex) request.
7793 Always reply with an error, if someone has a platform really needs this,
7794 please contact vl@samba.org
7795 ****************************************************************************/
7797 void reply_readbmpx(struct smb_request *req)
7799 START_PROFILE(SMBreadBmpx);
7800 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7801 END_PROFILE(SMBreadBmpx);
7805 /****************************************************************************
7806 Reply to a SMBreadbs (read block multiplex secondary) request.
7807 Always reply with an error, if someone has a platform really needs this,
7808 please contact vl@samba.org
7809 ****************************************************************************/
7811 void reply_readbs(struct smb_request *req)
7813 START_PROFILE(SMBreadBs);
7814 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7815 END_PROFILE(SMBreadBs);
7819 /****************************************************************************
7820 Reply to a SMBsetattrE.
7821 ****************************************************************************/
7823 void reply_setattrE(struct smb_request *req)
7825 connection_struct *conn = req->conn;
7826 struct smb_file_time ft;
7830 START_PROFILE(SMBsetattrE);
7834 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7838 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7840 if(!fsp || (fsp->conn != conn)) {
7841 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7846 * Convert the DOS times into unix times.
7849 ft.atime = convert_time_t_to_timespec(
7850 srv_make_unix_date2(req->vwv+3));
7851 ft.mtime = convert_time_t_to_timespec(
7852 srv_make_unix_date2(req->vwv+5));
7853 ft.create_time = convert_time_t_to_timespec(
7854 srv_make_unix_date2(req->vwv+1));
7856 reply_outbuf(req, 0, 0);
7859 * Patch from Ray Frush <frush@engr.colostate.edu>
7860 * Sometimes times are sent as zero - ignore them.
7863 /* Ensure we have a valid stat struct for the source. */
7864 status = vfs_stat_fsp(fsp);
7865 if (!NT_STATUS_IS_OK(status)) {
7866 reply_nterror(req, status);
7870 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7871 if (!NT_STATUS_IS_OK(status)) {
7872 reply_nterror(req, status);
7876 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7879 (unsigned int)ft.atime.tv_sec,
7880 (unsigned int)ft.mtime.tv_sec,
7881 (unsigned int)ft.create_time.tv_sec
7884 END_PROFILE(SMBsetattrE);
7889 /* Back from the dead for OS/2..... JRA. */
7891 /****************************************************************************
7892 Reply to a SMBwritebmpx (write block multiplex primary) request.
7893 Always reply with an error, if someone has a platform really needs this,
7894 please contact vl@samba.org
7895 ****************************************************************************/
7897 void reply_writebmpx(struct smb_request *req)
7899 START_PROFILE(SMBwriteBmpx);
7900 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7901 END_PROFILE(SMBwriteBmpx);
7905 /****************************************************************************
7906 Reply to a SMBwritebs (write block multiplex secondary) request.
7907 Always reply with an error, if someone has a platform really needs this,
7908 please contact vl@samba.org
7909 ****************************************************************************/
7911 void reply_writebs(struct smb_request *req)
7913 START_PROFILE(SMBwriteBs);
7914 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7915 END_PROFILE(SMBwriteBs);
7919 /****************************************************************************
7920 Reply to a SMBgetattrE.
7921 ****************************************************************************/
7923 void reply_getattrE(struct smb_request *req)
7925 connection_struct *conn = req->conn;
7928 struct timespec create_ts;
7930 START_PROFILE(SMBgetattrE);
7933 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7934 END_PROFILE(SMBgetattrE);
7938 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7940 if(!fsp || (fsp->conn != conn)) {
7941 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7942 END_PROFILE(SMBgetattrE);
7946 /* Do an fstat on this file */
7948 reply_nterror(req, map_nt_error_from_unix(errno));
7949 END_PROFILE(SMBgetattrE);
7953 mode = dos_mode(conn, fsp->fsp_name);
7956 * Convert the times into dos times. Set create
7957 * date to be last modify date as UNIX doesn't save
7961 reply_outbuf(req, 11, 0);
7963 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7964 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7965 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7966 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7967 /* Should we check pending modtime here ? JRA */
7968 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7969 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7972 SIVAL(req->outbuf, smb_vwv6, 0);
7973 SIVAL(req->outbuf, smb_vwv8, 0);
7975 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7976 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7977 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7979 SSVAL(req->outbuf,smb_vwv10, mode);
7981 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7983 END_PROFILE(SMBgetattrE);