#include "auth.h"
#include "smbprofile.h"
#include "../lib/tsocket/tsocket.h"
+#include "lib/tevent_wait.h"
+#include "libcli/smb/smb_signing.h"
/****************************************************************************
Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
char **pp_dest, const char *src, int flags,
NTSTATUS *err, bool *contains_wcard)
{
- return srvstr_get_path_wcard(mem_ctx, (const char *)req->inbuf, req->flags2,
- pp_dest, src, smbreq_bufrem(req, src),
- flags, err, contains_wcard);
+ ssize_t bufrem = smbreq_bufrem(req, src);
+
+ if (bufrem < 0) {
+ *err = NT_STATUS_INVALID_PARAMETER;
+ return 0;
+ }
+
+ return srvstr_get_path_wcard(mem_ctx, (const char *)req->inbuf,
+ req->flags2, pp_dest, src, bufrem, flags,
+ err, contains_wcard);
}
size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
flags, err, &ignore);
}
+/**
+ * pull a string from the smb_buf part of a packet. In this case the
+ * string can either be null terminated or it can be terminated by the
+ * end of the smbbuf area
+ */
+size_t srvstr_pull_req_talloc(TALLOC_CTX *ctx, struct smb_request *req,
+ char **dest, const uint8_t *src, int flags)
+{
+ ssize_t bufrem = smbreq_bufrem(req, src);
+
+ if (bufrem < 0) {
+ return 0;
+ }
+
+ return pull_string_talloc(ctx, req->inbuf, req->flags2, dest, src,
+ bufrem, flags);
+}
+
/****************************************************************************
Check if we have a correct fsp pointing to a file. Basic check for open fsp.
****************************************************************************/
char *retarget;
char *p;
int retarget_type = 0x20;
- int retarget_port = 139;
+ int retarget_port = NBT_SMB_PORT;
struct sockaddr_storage retarget_addr;
struct sockaddr_in *in_addr;
bool ret = false;
uint8_t outbuf[10];
- if (get_socket_port(sconn->sock) != 139) {
+ if (get_socket_port(sconn->sock) != NBT_SMB_PORT) {
return false;
}
set_local_machine_name(name1, True);
set_remote_machine_name(name2, True);
+ if (is_ipaddress(sconn->remote_hostname)) {
+ char *p = discard_const_p(char, sconn->remote_hostname);
+
+ talloc_free(p);
+
+ sconn->remote_hostname = talloc_strdup(sconn,
+ get_remote_machine_name());
+ if (sconn->remote_hostname == NULL) {
+ exit_server_cleanly("could not copy remote name");
+ }
+ sconn->conn->remote_hostname = sconn->remote_hostname;
+ }
+
DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
get_local_machine_name(), get_remote_machine_name(),
name_type2));
break;
}
- /* only add the client's machine name to the list
- of possibly valid usernames if we are operating
- in share mode security */
- if (lp_security() == SEC_SHARE) {
- add_session_user(sconn, get_remote_machine_name());
- }
-
- reload_services(sconn->msg_ctx, sconn->sock, True);
+ reload_services(sconn, conn_snum_used, true);
reopen_logs();
sconn->nbt.got_session = true;
char *dev = NULL;
int pwlen=0;
NTSTATUS nt_status;
- const char *p;
- DATA_BLOB password_blob;
+ const uint8_t *p;
+ const char *p2;
TALLOC_CTX *ctx = talloc_tos();
struct smbd_server_connection *sconn = req->sconn;
+ NTTIME now = timeval_to_nttime(&req->request_time);
START_PROFILE(SMBtcon);
return;
}
- p = (const char *)req->buf + 1;
+ p = req->buf + 1;
p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
p += 1;
pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
END_PROFILE(SMBtcon);
return;
}
- p = strrchr_m(service_buf,'\\');
- if (p) {
- service = p+1;
+ p2 = strrchr_m(service_buf,'\\');
+ if (p2) {
+ service = p2+1;
} else {
service = service_buf;
}
- password_blob = data_blob(password, pwlen+1);
-
- conn = make_connection(sconn,service,password_blob,dev,
+ conn = make_connection(sconn, now, service, dev,
req->vuid,&nt_status);
req->conn = conn;
- data_blob_clear_free(&password_blob);
-
if (!conn) {
reply_nterror(req, nt_status);
END_PROFILE(SMBtcon);
{
connection_struct *conn = req->conn;
const char *service = NULL;
- DATA_BLOB password;
TALLOC_CTX *ctx = talloc_tos();
/* what the cleint thinks the device is */
char *client_devicetype = NULL;
NTSTATUS nt_status;
int passlen;
char *path = NULL;
- const char *p, *q;
- uint16 tcon_flags;
+ const uint8_t *p;
+ const char *q;
+ uint16_t tcon_flags;
+ struct smbXsrv_session *session = NULL;
+ NTTIME now = timeval_to_nttime(&req->request_time);
+ bool session_key_updated = false;
+ uint16_t optional_support = 0;
struct smbd_server_connection *sconn = req->sconn;
START_PROFILE(SMBtconX);
tcon_flags = SVAL(req->vwv+2, 0);
/* we might have to close an old one */
- if ((tcon_flags & 0x1) && conn) {
- close_cnum(conn,req->vuid);
+ if ((tcon_flags & TCONX_FLAG_DISCONNECT_TID) && conn) {
+ struct smbXsrv_tcon *tcon;
+ NTSTATUS status;
+
+ tcon = conn->tcon;
req->conn = NULL;
conn = NULL;
+
+ /*
+ * TODO: cancel all outstanding requests on the tcon
+ */
+ status = smbXsrv_tcon_disconnect(tcon, req->vuid);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("reply_tcon_and_X: "
+ "smbXsrv_tcon_disconnect() failed: %s\n",
+ nt_errstr(status)));
+ /*
+ * If we hit this case, there is something completely
+ * wrong, so we better disconnect the transport connection.
+ */
+ END_PROFILE(SMBtconX);
+ exit_server(__location__ ": smbXsrv_tcon_disconnect failed");
+ return;
+ }
+
+ TALLOC_FREE(tcon);
}
if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
}
if (sconn->smb1.negprot.encrypted_passwords) {
- password = data_blob_talloc(talloc_tos(), req->buf, passlen);
- if (lp_security() == SEC_SHARE) {
- /*
- * Security = share always has a pad byte
- * after the password.
- */
- p = (const char *)req->buf + passlen + 1;
- } else {
- p = (const char *)req->buf + passlen;
- }
+ p = req->buf + passlen;
} else {
- password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
- /* Ensure correct termination */
- password.data[passlen]=0;
- p = (const char *)req->buf + passlen + 1;
+ p = req->buf + passlen + 1;
}
p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
if (path == NULL) {
- data_blob_clear_free(&password);
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBtconX);
return;
if (*path=='\\') {
q = strchr_m(path+2,'\\');
if (!q) {
- data_blob_clear_free(&password);
reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
END_PROFILE(SMBtconX);
return;
MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
if (client_devicetype == NULL) {
- data_blob_clear_free(&password);
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBtconX);
return;
DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
- conn = make_connection(sconn, service, password, client_devicetype,
+ nt_status = smb1srv_session_lookup(req->sconn->conn,
+ req->vuid, now, &session);
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_USER_SESSION_DELETED)) {
+ reply_force_doserror(req, ERRSRV, ERRbaduid);
+ END_PROFILE(SMBtconX);
+ return;
+ }
+ if (NT_STATUS_EQUAL(nt_status, NT_STATUS_NETWORK_SESSION_EXPIRED)) {
+ reply_nterror(req, nt_status);
+ END_PROFILE(SMBtconX);
+ return;
+ }
+ if (!NT_STATUS_IS_OK(nt_status)) {
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ END_PROFILE(SMBtconX);
+ return;
+ }
+
+ if (session->global->auth_session_info == NULL) {
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ END_PROFILE(SMBtconX);
+ return;
+ }
+
+ /*
+ * If there is no application key defined yet
+ * we create one.
+ *
+ * This means we setup the application key on the
+ * first tcon that happens via the given session.
+ *
+ * Once the application key is defined, it does not
+ * change any more.
+ */
+ if (session->global->application_key.length == 0 &&
+ session->global->signing_key.length > 0)
+ {
+ struct smbXsrv_session *x = session;
+ struct auth_session_info *session_info =
+ session->global->auth_session_info;
+ uint8_t session_key[16];
+
+ ZERO_STRUCT(session_key);
+ memcpy(session_key, x->global->signing_key.data,
+ MIN(x->global->signing_key.length, sizeof(session_key)));
+
+ /*
+ * The application key is truncated/padded to 16 bytes
+ */
+ x->global->application_key = data_blob_talloc(x->global,
+ session_key,
+ sizeof(session_key));
+ ZERO_STRUCT(session_key);
+ if (x->global->application_key.data == NULL) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBtconX);
+ return;
+ }
+
+ if (tcon_flags & TCONX_FLAG_EXTENDED_SIGNATURES) {
+ smb_key_derivation(x->global->application_key.data,
+ x->global->application_key.length,
+ x->global->application_key.data);
+ optional_support |= SMB_EXTENDED_SIGNATURES;
+ }
+
+ /*
+ * Place the application key into the session_info
+ */
+ data_blob_clear_free(&session_info->session_key);
+ session_info->session_key = data_blob_dup_talloc(session_info,
+ x->global->application_key);
+ if (session_info->session_key.data == NULL) {
+ data_blob_clear_free(&x->global->application_key);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBtconX);
+ return;
+ }
+ session_key_updated = true;
+ }
+
+ conn = make_connection(sconn, now, service, client_devicetype,
req->vuid, &nt_status);
req->conn =conn;
- data_blob_clear_free(&password);
-
if (!conn) {
+ if (session_key_updated) {
+ struct smbXsrv_session *x = session;
+ struct auth_session_info *session_info =
+ session->global->auth_session_info;
+ data_blob_clear_free(&x->global->application_key);
+ data_blob_clear_free(&session_info->session_key);
+ }
reply_nterror(req, nt_status);
END_PROFILE(SMBtconX);
return;
/* what does setting this bit do? It is set by NT4 and
may affect the ability to autorun mounted cdroms */
- SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
- (lp_csc_policy(SNUM(conn)) << 2));
+ optional_support |= SMB_SUPPORT_SEARCH_BITS;
+ optional_support |=
+ (lp_csc_policy(SNUM(conn)) << SMB_CSC_POLICY_SHIFT);
if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
DEBUG(2,("Serving %s as a Dfs root\n",
- lp_servicename(SNUM(conn)) ));
- SSVAL(req->outbuf, smb_vwv2,
- SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
+ lp_servicename(ctx, SNUM(conn)) ));
+ optional_support |= SMB_SHARE_IN_DFS;
}
+
+ SSVAL(req->outbuf, smb_vwv2, optional_support);
}
+ SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */
+ SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */
DEBUG(3,("tconX service=%s \n",
service));
END_PROFILE(SMBtconX);
req->tid = conn->cnum;
- chain_reply(req);
- return;
}
/****************************************************************************
return;
}
/* Job number */
- if (fsp->print_file) {
- SSVAL(p, 0, fsp->print_file->rap_jobid);
- } else {
- SSVAL(p, 0, 0);
- }
+ SSVAL(p, 0, print_spool_rap_jobid(fsp->print_file));
+
srvstr_push((char *)req->outbuf, req->flags2, p+2,
lp_netbios_name(), 15,
STR_TERMINATE|STR_ASCII);
if (conn) {
srvstr_push((char *)req->outbuf, req->flags2,
- p+18, lp_servicename(SNUM(conn)),
+ p+18,
+ lp_servicename(talloc_tos(),
+ SNUM(conn)),
13, STR_TERMINATE|STR_ASCII);
} else {
memset(p+18, 0, 13);
struct smb_filename *smb_fname = NULL;
char *fname = NULL;
int mode=0;
- SMB_OFF_T size=0;
+ off_t size=0;
time_t mtime=0;
const char *p;
NTSTATUS status;
char *directory = NULL;
struct smb_filename *smb_fname = NULL;
char *fname = NULL;
- SMB_OFF_T size;
+ off_t size;
uint32 mode;
struct timespec date;
uint32 dirtype;
SCVAL(status,0,(dirtype & 0x1F));
nt_status = dptr_create(conn,
+ NULL, /* req */
NULL, /* fsp */
directory,
True,
if ((dirtype&0x1F) == FILE_ATTRIBUTE_VOLUME) {
char buf[DIR_STRUCT_SIZE];
memcpy(buf,status,21);
- if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
+ if (!make_dir_struct(ctx,buf,"???????????",volume_label(ctx, SNUM(conn)),
0,FILE_ATTRIBUTE_VOLUME,0,!allow_long_path_components)) {
reply_nterror(req, NT_STATUS_NO_MEMORY);
goto out;
}
} else {
unsigned int i;
- maxentries = MIN(
- maxentries,
- ((BUFFER_SIZE -
- ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
- /DIR_STRUCT_SIZE));
+ size_t hdr_size = ((uint8_t *)smb_buf(req->outbuf) + 3 - req->outbuf);
+ size_t available_space = sconn->smb1.sessions.max_send - hdr_size;
+
+ maxentries = MIN(maxentries, available_space/DIR_STRUCT_SIZE);
DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
- directory,lp_dontdescend(SNUM(conn))));
- if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
+ directory,lp_dont_descend(ctx, SNUM(conn))));
+ if (in_list(directory, lp_dont_descend(ctx, SNUM(conn)),True)) {
check_descend = True;
}
struct smb_filename *smb_fname = NULL;
char *fname = NULL;
uint32 fattr=0;
- SMB_OFF_T size = 0;
+ off_t size = 0;
time_t mtime=0;
int info;
files_struct *fsp;
uint32 create_options = 0;
uint32_t private_flags = 0;
NTSTATUS status;
- bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
TALLOC_CTX *ctx = talloc_tos();
START_PROFILE(SMBopen);
goto out;
}
+ if (!map_open_params_to_ntcreate(fname, deny_mode,
+ OPENX_FILE_EXISTS_OPEN, &access_mask,
+ &share_mode, &create_disposition,
+ &create_options, &private_flags)) {
+ reply_force_doserror(req, ERRDOS, ERRbadaccess);
+ goto out;
+ }
+
status = filename_convert(ctx,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
- 0,
+ UCF_PREP_CREATEFILE,
NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
- if (!map_open_params_to_ntcreate(smb_fname->base_name, deny_mode,
- OPENX_FILE_EXISTS_OPEN, &access_mask,
- &share_mode, &create_disposition,
- &create_options, &private_flags)) {
- reply_force_doserror(req, ERRDOS, ERRbadaccess);
- goto out;
- }
-
status = SMB_VFS_CREATE_FILE(
conn, /* conn */
req, /* req */
goto out;
}
+ /* Ensure we're pointing at the correct stat struct. */
+ TALLOC_FREE(smb_fname);
+ smb_fname = fsp->fsp_name;
+
size = smb_fname->st.st_ex_size;
fattr = dos_mode(conn, smb_fname);
- /* Deal with other possible opens having a modified
- write time. JRA. */
- if (ask_sharemode) {
- struct timespec write_time_ts;
-
- ZERO_STRUCT(write_time_ts);
- get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
- if (!null_timespec(write_time_ts)) {
- update_stat_ex_mtime(&smb_fname->st, write_time_ts);
- }
- }
-
mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
if (fattr & FILE_ATTRIBUTE_DIRECTORY) {
CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
}
out:
- TALLOC_FREE(smb_fname);
END_PROFILE(SMBopen);
return;
}
goto out;
}
+ if (!map_open_params_to_ntcreate(fname, deny_mode,
+ smb_ofun,
+ &access_mask, &share_mode,
+ &create_disposition,
+ &create_options,
+ &private_flags)) {
+ reply_force_doserror(req, ERRDOS, ERRbadaccess);
+ goto out;
+ }
+
status = filename_convert(ctx,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
- 0,
+ UCF_PREP_CREATEFILE,
NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
- if (!map_open_params_to_ntcreate(smb_fname->base_name, deny_mode,
- smb_ofun,
- &access_mask, &share_mode,
- &create_disposition,
- &create_options,
- &private_flags)) {
- reply_force_doserror(req, ERRDOS, ERRbadaccess);
- goto out;
- }
-
status = SMB_VFS_CREATE_FILE(
conn, /* conn */
req, /* req */
reply_nterror(req, NT_STATUS_DISK_FULL);
goto out;
}
- retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
+ retval = vfs_set_filelen(fsp, (off_t)allocation_size);
if (retval < 0) {
close_file(req, fsp, ERROR_CLOSE);
reply_nterror(req, NT_STATUS_DISK_FULL);
reply_outbuf(req, 15, 0);
}
+ SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */
+ SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */
+
if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
SCVAL(req->outbuf, smb_flg,
CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
}
- chain_reply(req);
out:
TALLOC_FREE(smb_fname);
END_PROFILE(SMBopenX);
void reply_ulogoffX(struct smb_request *req)
{
struct smbd_server_connection *sconn = req->sconn;
- user_struct *vuser;
+ struct user_struct *vuser;
+ struct smbXsrv_session *session = NULL;
+ NTSTATUS status;
START_PROFILE(SMBulogoffX);
vuser = get_valid_user_struct(sconn, req->vuid);
if(vuser == NULL) {
- DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
- req->vuid));
+ DEBUG(3,("ulogoff, vuser id %llu does not map to user.\n",
+ (unsigned long long)req->vuid));
+
+ req->vuid = UID_FIELD_INVALID;
+ reply_force_doserror(req, ERRSRV, ERRbaduid);
+ END_PROFILE(SMBulogoffX);
+ return;
}
- /* in user level security we are supposed to close any files
- open by this user */
- if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
- file_close_user(sconn, req->vuid);
+ session = vuser->session;
+ vuser = NULL;
+
+ /*
+ * TODO: cancel all outstanding requests on the session
+ */
+ status = smbXsrv_session_logoff(session);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("reply_ulogoff: "
+ "smbXsrv_session_logoff() failed: %s\n",
+ nt_errstr(status)));
+ /*
+ * If we hit this case, there is something completely
+ * wrong, so we better disconnect the transport connection.
+ */
+ END_PROFILE(SMBulogoffX);
+ exit_server(__location__ ": smbXsrv_session_logoff failed");
+ return;
}
- invalidate_vuid(sconn, req->vuid);
+ TALLOC_FREE(session);
reply_outbuf(req, 2, 0);
+ SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */
+ SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */
- DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
+ DEBUG(3, ("ulogoffX vuid=%llu\n",
+ (unsigned long long)req->vuid));
END_PROFILE(SMBulogoffX);
req->vuid = UID_FIELD_INVALID;
- chain_reply(req);
}
/****************************************************************************
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
- 0,
+ UCF_PREP_CREATEFILE,
NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
{
connection_struct *conn = req->conn;
struct smb_filename *smb_fname = NULL;
+ char *wire_name = NULL;
char *fname = NULL;
uint32 fattr;
files_struct *fsp;
int oplock_request;
- int tmpfd;
char *s;
NTSTATUS status;
+ int i;
TALLOC_CTX *ctx = talloc_tos();
START_PROFILE(SMBctemp);
fattr = SVAL(req->vwv+0, 0);
oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
- srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
+ srvstr_get_path_req(ctx, req, &wire_name, (const char *)req->buf+1,
STR_TERMINATE, &status);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
goto out;
}
- if (*fname) {
- fname = talloc_asprintf(ctx,
- "%s/TMXXXXXX",
- fname);
- } else {
- fname = talloc_strdup(ctx, "TMXXXXXX");
- }
- if (!fname) {
- reply_nterror(req, NT_STATUS_NO_MEMORY);
- goto out;
- }
+ for (i = 0; i < 10; i++) {
+ if (*wire_name) {
+ fname = talloc_asprintf(ctx,
+ "%s/TMP%s",
+ wire_name,
+ generate_random_str_list(ctx, 5, "0123456789"));
+ } else {
+ fname = talloc_asprintf(ctx,
+ "TMP%s",
+ generate_random_str_list(ctx, 5, "0123456789"));
+ }
- status = filename_convert(ctx, conn,
+ if (!fname) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ goto out;
+ }
+
+ status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
fname,
- 0,
+ UCF_PREP_CREATEFILE,
NULL,
&smb_fname);
- if (!NT_STATUS_IS_OK(status)) {
- if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
- reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
+ reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
ERRSRV, ERRbadpath);
+ goto out;
+ }
+ reply_nterror(req, status);
goto out;
}
- reply_nterror(req, status);
- goto out;
- }
-
- tmpfd = mkstemp(smb_fname->base_name);
- if (tmpfd == -1) {
- reply_nterror(req, map_nt_error_from_unix(errno));
- goto out;
- }
-
- SMB_VFS_STAT(conn, smb_fname);
-
- /* We should fail if file does not exist. */
- status = SMB_VFS_CREATE_FILE(
- conn, /* conn */
- req, /* req */
- 0, /* root_dir_fid */
- smb_fname, /* fname */
- FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
- FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
- FILE_OPEN, /* create_disposition*/
- 0, /* create_options */
- fattr, /* file_attributes */
- oplock_request, /* oplock_request */
- 0, /* allocation_size */
- 0, /* private_flags */
- NULL, /* sd */
- NULL, /* ea_list */
- &fsp, /* result */
- NULL); /* pinfo */
- /* close fd from mkstemp() */
- close(tmpfd);
+ /* Create the file. */
+ status = SMB_VFS_CREATE_FILE(
+ conn, /* conn */
+ req, /* req */
+ 0, /* root_dir_fid */
+ smb_fname, /* fname */
+ FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
+ FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
+ FILE_CREATE, /* create_disposition*/
+ 0, /* create_options */
+ fattr, /* file_attributes */
+ oplock_request, /* oplock_request */
+ 0, /* allocation_size */
+ 0, /* private_flags */
+ NULL, /* sd */
+ NULL, /* ea_list */
+ &fsp, /* result */
+ NULL); /* pinfo */
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
+ TALLOC_FREE(fname);
+ TALLOC_FREE(smb_fname);
+ continue;
+ }
- if (!NT_STATUS_IS_OK(status)) {
- if (open_was_deferred(req->sconn, req->mid)) {
- /* We have re-scheduled this call. */
+ if (!NT_STATUS_IS_OK(status)) {
+ if (open_was_deferred(req->sconn, req->mid)) {
+ /* We have re-scheduled this call. */
+ goto out;
+ }
+ reply_openerror(req, status);
goto out;
}
- reply_openerror(req, status);
+
+ break;
+ }
+
+ if (i == 10) {
+ /* Collision after 10 times... */
+ reply_nterror(req, status);
goto out;
}
fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
out:
TALLOC_FREE(smb_fname);
+ TALLOC_FREE(wire_name);
END_PROFILE(SMBctemp);
return;
}
return NT_STATUS_NO_SUCH_FILE;
}
- if (!dir_check_ftype(conn, fattr, dirtype)) {
+ if (!dir_check_ftype(fattr, dirtype)) {
if (fattr & FILE_ATTRIBUTE_DIRECTORY) {
return NT_STATUS_FILE_IS_A_DIRECTORY;
}
}
/* The set is across all open files on this dev/inode pair. */
- if (!set_delete_on_close(fsp, True, conn->session_info->unix_token)) {
+ if (!set_delete_on_close(fsp, True,
+ conn->session_info->security_token,
+ conn->session_info->unix_token)) {
close_file(req, fsp, NORMAL_CLOSE);
return NT_STATUS_ACCESS_DENIED;
}
status = do_unlink(conn, req, smb_fname, dirtype);
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(dir_hnd);
TALLOC_FREE(frame);
TALLOC_FREE(talloced);
- continue;
+ goto out;
}
count++;
Fake (read/write) sendfile. Returns -1 on read or write fail.
****************************************************************************/
-ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
+ssize_t fake_sendfile(files_struct *fsp, off_t startpos, size_t nread)
{
size_t bufsize;
size_t tosend = nread;
static void send_file_readbraw(connection_struct *conn,
struct smb_request *req,
files_struct *fsp,
- SMB_OFF_T startpos,
+ off_t startpos,
size_t nread,
ssize_t mincount)
{
struct smbd_server_connection *sconn = req->sconn;
ssize_t maxcount,mincount;
size_t nread = 0;
- SMB_OFF_T startpos;
+ off_t startpos;
files_struct *fsp;
struct lock_struct lock;
- SMB_OFF_T size = 0;
+ off_t size = 0;
START_PROFILE(SMBreadbraw);
- if (srv_is_signing_active(sconn) ||
- is_encrypted_packet(sconn, req->inbuf)) {
+ if (srv_is_signing_active(sconn) || req->encrypted) {
exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
"raw reads/writes are disallowed.");
}
return;
}
- flush_write_cache(fsp, READRAW_FLUSH);
+ flush_write_cache(fsp, SAMBA_READRAW_FLUSH);
startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
if(req->wct == 10) {
/*
* This is a large offset (64 bit) read.
*/
-#ifdef LARGE_SMB_OFF_T
- startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
-
-#else /* !LARGE_SMB_OFF_T */
-
- /*
- * Ensure we haven't been sent a >32 bit offset.
- */
-
- if(IVAL(req->vwv+8, 0) != 0) {
- DEBUG(0,("reply_readbraw: large offset "
- "(%x << 32) used and we don't support "
- "64 bit offsets.\n",
- (unsigned int)IVAL(req->vwv+8, 0) ));
- reply_readbraw_error(sconn);
- END_PROFILE(SMBreadbraw);
- return;
- }
-
-#endif /* LARGE_SMB_OFF_T */
+ startpos |= (((off_t)IVAL(req->vwv+8, 0)) << 32);
if(startpos < 0) {
DEBUG(0,("reply_readbraw: negative 64 bit "
nread = 0;
#endif
- DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
+ DEBUG( 3, ( "reply_readbraw: %s start=%.0f max=%lu "
"min=%lu nread=%lu\n",
- fsp->fnum, (double)startpos,
+ fsp_fnum_dbg(fsp), (double)startpos,
(unsigned long)maxcount,
(unsigned long)mincount,
(unsigned long)nread ) );
connection_struct *conn = req->conn;
ssize_t nread = -1;
char *data;
- SMB_OFF_T startpos;
+ off_t startpos;
size_t numtoread;
+ size_t maxtoread;
NTSTATUS status;
files_struct *fsp;
struct byte_range_lock *br_lck = NULL;
numtoread = SVAL(req->vwv+1, 0);
startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
- numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
-
- reply_outbuf(req, 5, numtoread + 3);
-
- data = smb_buf(req->outbuf) + 3;
-
/*
* NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
* protocol request that predates the read/write lock concept.
* Thus instead of asking for a read lock here we need to ask
* for a write lock. JRA.
- * Note that the requested lock size is unaffected by max_recv.
+ * Note that the requested lock size is unaffected by max_send.
*/
br_lck = do_lock(req->sconn->msg_ctx,
WINDOWS_LOCK,
False, /* Non-blocking lock. */
&status,
- NULL,
NULL);
TALLOC_FREE(br_lck);
}
/*
- * However the requested READ size IS affected by max_recv. Insanity.... JRA.
+ * However the requested READ size IS affected by max_send. Insanity.... JRA.
*/
+ maxtoread = sconn->smb1.sessions.max_send - (smb_size + 5*2 + 3);
- if (numtoread > sconn->smb1.negprot.max_recv) {
- DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
+ if (numtoread > maxtoread) {
+ DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u/%u). \
Returning short read of maximum allowed for compatibility with Windows 2000.\n",
- (unsigned int)numtoread,
- (unsigned int)sconn->smb1.negprot.max_recv));
- numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
+ (unsigned int)numtoread, (unsigned int)maxtoread,
+ (unsigned int)sconn->smb1.sessions.max_send));
+ numtoread = maxtoread;
}
+
+ reply_outbuf(req, 5, numtoread + 3);
+
+ data = smb_buf(req->outbuf) + 3;
+
nread = read_file(fsp,data,startpos,numtoread);
if (nread < 0) {
SCVAL(p,0,0); /* pad byte. */
SSVAL(p,1,nread);
- DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
- fsp->fnum, (int)numtoread, (int)nread));
+ DEBUG(3,("lockread %s num=%d nread=%d\n",
+ fsp_fnum_dbg(fsp), (int)numtoread, (int)nread));
END_PROFILE(SMBlockread);
return;
{
connection_struct *conn = req->conn;
size_t numtoread;
+ size_t maxtoread;
ssize_t nread = 0;
char *data;
- SMB_OFF_T startpos;
- int outsize = 0;
+ off_t startpos;
files_struct *fsp;
struct lock_struct lock;
struct smbd_server_connection *sconn = req->sconn;
numtoread = SVAL(req->vwv+1, 0);
startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
- numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
-
/*
- * The requested read size cannot be greater than max_recv. JRA.
+ * The requested read size cannot be greater than max_send. JRA.
*/
- if (numtoread > sconn->smb1.negprot.max_recv) {
- DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
+ maxtoread = sconn->smb1.sessions.max_send - (smb_size + 5*2 + 3);
+
+ if (numtoread > maxtoread) {
+ DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u/%u). \
Returning short read of maximum allowed for compatibility with Windows 2000.\n",
- (unsigned int)numtoread,
- (unsigned int)sconn->smb1.negprot.max_recv));
- numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
+ (unsigned int)numtoread, (unsigned int)maxtoread,
+ (unsigned int)sconn->smb1.sessions.max_send));
+ numtoread = maxtoread;
}
reply_outbuf(req, 5, numtoread+3);
SCVAL(smb_buf(req->outbuf),0,1);
SSVAL(smb_buf(req->outbuf),1,nread);
- DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
- fsp->fnum, (int)numtoread, (int)nread ) );
+ DEBUG(3, ("read %s num=%d nread=%d\n",
+ fsp_fnum_dbg(fsp), (int)numtoread, (int)nread));
strict_unlock:
SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
size_t smb_maxcnt)
{
int outsize;
- char *data;
outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
- data = smb_buf(outbuf);
memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
SSVAL(outbuf,smb_vwv5,smb_maxcnt);
SSVAL(outbuf,smb_vwv6,
- req_wct_ofs(req)
+ (smb_wct - 4) /* offset from smb header to wct */
+ 1 /* the wct field */
+ 12 * sizeof(uint16_t) /* vwv */
+ 2); /* the buflen field */
****************************************************************************/
static void send_file_readX(connection_struct *conn, struct smb_request *req,
- files_struct *fsp, SMB_OFF_T startpos,
+ files_struct *fsp, off_t startpos,
size_t smb_maxcnt)
{
ssize_t nread = -1;
struct lock_struct lock;
int saved_errno = 0;
- if(fsp_stat(fsp) == -1) {
- reply_nterror(req, map_nt_error_from_unix(errno));
- return;
- }
-
init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
(uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
&lock);
return;
}
- if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
- (startpos > fsp->fsp_name->st.st_ex_size)
- || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
- /*
- * We already know that we would do a short read, so don't
- * try the sendfile() path.
- */
- goto nosendfile_read;
- }
-
/*
* We can only use sendfile on a non-chained packet
* but we can use on a non-oplocked file. tridge proved this
*/
if (!req_is_in_chain(req) &&
- !is_encrypted_packet(req->sconn, req->inbuf) &&
+ !req->encrypted &&
(fsp->base_fsp == NULL) &&
(fsp->wcp == NULL) &&
lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
uint8 headerbuf[smb_size + 12 * 2];
DATA_BLOB header;
+ if(fsp_stat(fsp) == -1) {
+ reply_nterror(req, map_nt_error_from_unix(errno));
+ goto strict_unlock;
+ }
+
+ if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
+ (startpos > fsp->fsp_name->st.st_ex_size) ||
+ (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
+ /*
+ * We already know that we would do a short read, so don't
+ * try the sendfile() path.
+ */
+ goto nosendfile_read;
+ }
+
/*
* Set up the packet header before send. We
* assume here the sendfile will work (get the
strerror(errno)));
exit_server_cleanly("send_file_readX: fake_sendfile failed");
}
- DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
- fsp->fnum, (int)smb_maxcnt, (int)nread ) );
+ DEBUG(3, ("send_file_readX: fake_sendfile %s max=%d nread=%d\n",
+ fsp_fnum_dbg(fsp), (int)smb_maxcnt, (int)nread));
/* No outbuf here means successful sendfile. */
goto strict_unlock;
}
goto normal_read;
}
- DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
- fsp->fnum, (int)smb_maxcnt, (int)nread ) );
+ DEBUG(3, ("send_file_readX: sendfile %s max=%d nread=%d\n",
+ fsp_fnum_dbg(fsp), (int)smb_maxcnt, (int)nread));
/* Deal with possible short send. */
if (nread != smb_maxcnt + sizeof(headerbuf)) {
nosendfile_read:
reply_outbuf(req, 12, smb_maxcnt);
+ SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */
+ SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */
nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
saved_errno = errno;
setup_readX_header(req, (char *)req->outbuf, nread);
- DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
- fsp->fnum, (int)smb_maxcnt, (int)nread ) );
-
- chain_reply(req);
+ DEBUG(3, ("send_file_readX %s max=%d nread=%d\n",
+ fsp_fnum_dbg(fsp), (int)smb_maxcnt, (int)nread));
return;
strict_unlock:
return;
}
+/****************************************************************************
+ Work out how much space we have for a read return.
+****************************************************************************/
+
+static size_t calc_max_read_pdu(const struct smb_request *req)
+{
+ if (req->sconn->conn->protocol < PROTOCOL_NT1) {
+ return req->sconn->smb1.sessions.max_send;
+ }
+
+ if (!lp_large_readwrite()) {
+ return req->sconn->smb1.sessions.max_send;
+ }
+
+ if (req_is_in_chain(req)) {
+ return req->sconn->smb1.sessions.max_send;
+ }
+
+ if (req->encrypted) {
+ /*
+ * Don't take encrypted traffic up to the
+ * limit. There are padding considerations
+ * that make that tricky.
+ */
+ return req->sconn->smb1.sessions.max_send;
+ }
+
+ if (srv_is_signing_active(req->sconn)) {
+ return 0x1FFFF;
+ }
+
+ if (!lp_unix_extensions()) {
+ return 0x1FFFF;
+ }
+
+ /*
+ * We can do ultra-large POSIX reads.
+ */
+ return 0xFFFFFF;
+}
+
+/****************************************************************************
+ Calculate how big a read can be. Copes with all clients. It's always
+ safe to return a short read - Windows does this.
+****************************************************************************/
+
+static size_t calc_read_size(const struct smb_request *req,
+ size_t upper_size,
+ size_t lower_size)
+{
+ size_t max_pdu = calc_max_read_pdu(req);
+ size_t total_size = 0;
+ size_t hdr_len = MIN_SMB_SIZE + VWV(12);
+ size_t max_len = max_pdu - hdr_len;
+
+ /*
+ * Windows explicitly ignores upper size of 0xFFFF.
+ * See [MS-SMB].pdf <26> Section 2.2.4.2.1:
+ * We must do the same as these will never fit even in
+ * an extended size NetBIOS packet.
+ */
+ if (upper_size == 0xFFFF) {
+ upper_size = 0;
+ }
+
+ if (req->sconn->conn->protocol < PROTOCOL_NT1) {
+ upper_size = 0;
+ }
+
+ total_size = ((upper_size<<16) | lower_size);
+
+ /*
+ * LARGE_READX test shows it's always safe to return
+ * a short read. Windows does so.
+ */
+ return MIN(total_size, max_len);
+}
+
/****************************************************************************
Reply to a read and X.
****************************************************************************/
void reply_read_and_X(struct smb_request *req)
{
- struct smbd_server_connection *sconn = req->sconn;
connection_struct *conn = req->conn;
files_struct *fsp;
- SMB_OFF_T startpos;
+ off_t startpos;
size_t smb_maxcnt;
+ size_t upper_size;
bool big_readX = False;
#if 0
size_t smb_mincnt = SVAL(req->vwv+6, 0);
return;
}
- if ((sconn->smb1.unix_info.client_cap_low & CIFS_UNIX_LARGE_READ_CAP) ||
- (get_remote_arch() == RA_SAMBA)) {
+ upper_size = SVAL(req->vwv+7, 0);
+ smb_maxcnt = calc_read_size(req, upper_size, smb_maxcnt);
+ if (smb_maxcnt > (0x1FFFF - (MIN_SMB_SIZE + VWV(12)))) {
/*
- * This is Samba only behavior (up to Samba 3.6)!
- *
- * Windows 2008 R2 ignores the upper_size,
- * so we do unless unix extentions are active
- * or "smbclient" is talking to us.
+ * This is a heuristic to avoid keeping large
+ * outgoing buffers around over long-lived aio
+ * requests.
*/
- size_t upper_size = SVAL(req->vwv+7, 0);
- smb_maxcnt |= (upper_size<<16);
- if (upper_size > 1) {
- /* Can't do this on a chained packet. */
- if ((CVAL(req->vwv+0, 0) != 0xFF)) {
- reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
- END_PROFILE(SMBreadX);
- return;
- }
- /* We currently don't do this on signed or sealed data. */
- if (srv_is_signing_active(req->sconn) ||
- is_encrypted_packet(req->sconn, req->inbuf)) {
- reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
- END_PROFILE(SMBreadX);
- return;
- }
- /* Is there room in the reply for this data ? */
- if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
- reply_nterror(req,
- NT_STATUS_INVALID_PARAMETER);
- END_PROFILE(SMBreadX);
- return;
- }
- big_readX = True;
- }
+ big_readX = True;
}
if (req->wct == 12) {
-#ifdef LARGE_SMB_OFF_T
/*
* This is a large offset (64 bit) read.
*/
- startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
-
-#else /* !LARGE_SMB_OFF_T */
-
- /*
- * Ensure we haven't been sent a >32 bit offset.
- */
-
- if(IVAL(req->vwv+10, 0) != 0) {
- DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
- "used and we don't support 64 bit offsets.\n",
- (unsigned int)IVAL(req->vwv+10, 0) ));
- END_PROFILE(SMBreadX);
- reply_nterror(req, NT_STATUS_ACCESS_DENIED);
- return;
- }
-
-#endif /* LARGE_SMB_OFF_T */
+ startpos |= (((off_t)IVAL(req->vwv+10, 0)) << 32);
}
ssize_t total_written=0;
size_t numtowrite=0;
size_t tcount;
- SMB_OFF_T startpos;
+ off_t startpos;
const char *data=NULL;
bool write_through;
files_struct *fsp;
nwritten = write_file(req,fsp,data,startpos,numtowrite);
}
- DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
+ DEBUG(3, ("reply_writebraw: initial write %s start=%.0f num=%d "
"wrote=%d sync=%d\n",
- fsp->fnum, (double)startpos, (int)numtowrite,
+ fsp_fnum_dbg(fsp), (double)startpos, (int)numtowrite,
(int)nwritten, (int)write_through));
if (nwritten < (ssize_t)numtowrite) {
goto strict_unlock;
}
- DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
+ DEBUG(3,("reply_writebraw: secondart write %s start=%.0f num=%d "
"wrote=%d\n",
- fsp->fnum, (double)startpos, (int)numtowrite,
+ fsp_fnum_dbg(fsp), (double)startpos, (int)numtowrite,
(int)total_written));
if (!fsp->print_file) {
connection_struct *conn = req->conn;
ssize_t nwritten = -1;
size_t numtowrite;
- SMB_OFF_T startpos;
+ off_t startpos;
const char *data;
NTSTATUS status = NT_STATUS_OK;
files_struct *fsp;
SSVAL(req->outbuf,smb_vwv0,nwritten);
- DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
- fsp->fnum, (int)numtowrite, (int)nwritten));
+ DEBUG(3, ("writeunlock %s num=%d wrote=%d\n",
+ fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten));
strict_unlock:
if (numtowrite && !fsp->print_file) {
connection_struct *conn = req->conn;
size_t numtowrite;
ssize_t nwritten = -1;
- SMB_OFF_T startpos;
+ off_t startpos;
const char *data;
files_struct *fsp;
struct lock_struct lock;
/*
* This is actually an allocate call, and set EOF. JRA.
*/
- nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
+ nwritten = vfs_allocate_file_space(fsp, (off_t)startpos);
if (nwritten < 0) {
reply_nterror(req, NT_STATUS_DISK_FULL);
goto strict_unlock;
}
- nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
+ nwritten = vfs_set_filelen(fsp, (off_t)startpos);
if (nwritten < 0) {
reply_nterror(req, NT_STATUS_DISK_FULL);
goto strict_unlock;
SSVAL(req->outbuf,smb_err,ERRdiskfull);
}
- DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
+ DEBUG(3, ("write %s num=%d wrote=%d\n", fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten));
strict_unlock:
if (!fsp->print_file) {
const uint8_t *inbuf)
{
size_t numtowrite;
- connection_struct *conn = NULL;
unsigned int doff = 0;
size_t len = smb_len_large(inbuf);
+ uint16_t fnum;
+ struct smbXsrv_open *op = NULL;
+ struct files_struct *fsp = NULL;
+ NTSTATUS status;
if (is_encrypted_packet(sconn, inbuf)) {
/* Can't do this on encrypted
return false;
}
- conn = conn_find(sconn, SVAL(inbuf, smb_tid));
- if (conn == NULL) {
- DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
+ fnum = SVAL(inbuf, smb_vwv2);
+ status = smb1srv_open_lookup(sconn->conn,
+ fnum,
+ 0, /* now */
+ &op);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10,("is_valid_writeX_buffer: bad fnum\n"));
return false;
}
- if (IS_IPC(conn)) {
+ fsp = op->compat;
+ if (fsp == NULL) {
+ DEBUG(10,("is_valid_writeX_buffer: bad fsp\n"));
+ return false;
+ }
+ if (fsp->conn == NULL) {
+ DEBUG(10,("is_valid_writeX_buffer: bad fsp->conn\n"));
+ return false;
+ }
+
+ if (IS_IPC(fsp->conn)) {
DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
return false;
}
- if (IS_PRINT(conn)) {
+ if (IS_PRINT(fsp->conn)) {
DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
return false;
}
connection_struct *conn = req->conn;
files_struct *fsp;
struct lock_struct lock;
- SMB_OFF_T startpos;
+ off_t startpos;
size_t numtowrite;
bool write_through;
ssize_t nwritten;
if ((req->wct != 12) && (req->wct != 14)) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
numtowrite = SVAL(req->vwv+10, 0);
/* Can't do a recvfile write on IPC$ */
if (IS_IPC(conn)) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
if (numtowrite != req->unread_bytes) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
} else {
if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
smb_doff + numtowrite > smblen) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
}
if (IS_IPC(conn)) {
if (req->unread_bytes) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
reply_pipe_write_and_X(req);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
fsp = file_fsp(req, SVAL(req->vwv+2, 0));
write_through = BITSETW(req->vwv+7,0);
if (!check_fsp(conn, req, fsp)) {
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
if (!CHECK_WRITE(fsp)) {
reply_nterror(req, NT_STATUS_ACCESS_DENIED);
- END_PROFILE(SMBwriteX);
- return;
+ goto out;
}
data = smb_base(req->inbuf) + smb_doff;
if(req->wct == 14) {
-#ifdef LARGE_SMB_OFF_T
/*
* This is a large offset (64 bit) write.
*/
- startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
-
-#else /* !LARGE_SMB_OFF_T */
-
- /*
- * Ensure we haven't been sent a >32 bit offset.
- */
-
- if(IVAL(req->vwv+12, 0) != 0) {
- DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
- "used and we don't support 64 bit offsets.\n",
- (unsigned int)IVAL(req->vwv+12, 0) ));
- reply_nterror(req, NT_STATUS_ACCESS_DENIED);
- END_PROFILE(SMBwriteX);
- return;
- }
+ startpos |= (((off_t)IVAL(req->vwv+12, 0)) << 32);
-#endif /* LARGE_SMB_OFF_T */
}
/* X/Open SMB protocol says that, unlike SMBwrite
}
reply_outbuf(req, 6, 0);
+ SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */
+ SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */
SSVAL(req->outbuf,smb_vwv2,nwritten);
SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
- if (nwritten < (ssize_t)numtowrite) {
- SCVAL(req->outbuf,smb_rcls,ERRHRD);
- SSVAL(req->outbuf,smb_err,ERRdiskfull);
- }
-
- DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
- fsp->fnum, (int)numtowrite, (int)nwritten));
+ DEBUG(3,("writeX %s num=%d wrote=%d\n",
+ fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten));
status = sync_file(conn, fsp, write_through);
if (!NT_STATUS_IS_OK(status)) {
}
END_PROFILE(SMBwriteX);
- chain_reply(req);
return;
out:
+ if (req->unread_bytes) {
+ /* writeX failed. drain socket. */
+ if (drain_socket(req->sconn->sock, req->unread_bytes) !=
+ req->unread_bytes) {
+ smb_panic("failed to drain pending bytes");
+ }
+ req->unread_bytes = 0;
+ }
+
END_PROFILE(SMBwriteX);
return;
}
void reply_lseek(struct smb_request *req)
{
connection_struct *conn = req->conn;
- SMB_OFF_T startpos;
- SMB_OFF_T res= -1;
+ off_t startpos;
+ off_t res= -1;
int mode,umode;
files_struct *fsp;
return;
}
- flush_write_cache(fsp, SEEK_FLUSH);
+ flush_write_cache(fsp, SAMBA_SEEK_FLUSH);
mode = SVAL(req->vwv+1, 0) & 3;
/* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
- startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
+ startpos = (off_t)IVALS(req->vwv+2, 0);
switch (mode) {
case 0:
if (umode == SEEK_END) {
if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
if(errno == EINVAL) {
- SMB_OFF_T current_pos = startpos;
+ off_t current_pos = startpos;
if(fsp_stat(fsp) == -1) {
reply_nterror(req,
reply_outbuf(req, 2, 0);
SIVAL(req->outbuf,smb_vwv0,res);
- DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
- fsp->fnum, (double)startpos, (double)res, mode));
+ DEBUG(3,("lseek %s ofs=%.0f newpos = %.0f mode=%d\n",
+ fsp_fnum_dbg(fsp), (double)startpos, (double)res, mode));
END_PROFILE(SMBlseek);
return;
return;
}
-/****************************************************************************
- Reply to a close - has to deal with closing a directory opened by NT SMB's.
-****************************************************************************/
+struct reply_close_state {
+ files_struct *fsp;
+ struct smb_request *smbreq;
+};
+
+static void do_smb1_close(struct tevent_req *req);
void reply_close(struct smb_request *req)
{
return;
}
- if(fsp->is_directory) {
- /*
- * Special case - close NT SMB directory handle.
- */
- DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
- status = close_file(req, fsp, NORMAL_CLOSE);
- } else {
- time_t t;
- /*
- * Close ordinary file.
- */
+ DEBUG(3, ("Close %s fd=%d %s (numopen=%d)\n",
+ fsp->is_directory ? "directory" : "file",
+ fsp->fh->fd, fsp_fnum_dbg(fsp),
+ conn->num_files_open));
- DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
- fsp->fh->fd, fsp->fnum,
- conn->num_files_open));
+ if (!fsp->is_directory) {
+ time_t t;
/*
* Take care of any time sent in the close.
t = srv_make_unix_date3(req->vwv+1);
set_close_write_time(fsp, convert_time_t_to_timespec(t));
+ }
+
+ if (fsp->num_aio_requests != 0) {
+
+ struct reply_close_state *state;
+
+ DEBUG(10, ("closing with aio %u requests pending\n",
+ fsp->num_aio_requests));
/*
- * close_file() returns the unix errno if an error
- * was detected on close - normally this is due to
- * a disk full error. If not then it was probably an I/O error.
+ * We depend on the aio_extra destructor to take care of this
+ * close request once fsp->num_aio_request drops to 0.
*/
- status = close_file(req, fsp, NORMAL_CLOSE);
- }
+ fsp->deferred_close = tevent_wait_send(
+ fsp, fsp->conn->sconn->ev_ctx);
+ if (fsp->deferred_close == NULL) {
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ state = talloc(fsp, struct reply_close_state);
+ if (state == NULL) {
+ TALLOC_FREE(fsp->deferred_close);
+ status = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+ state->fsp = fsp;
+ state->smbreq = talloc_move(fsp, &req);
+ tevent_req_set_callback(fsp->deferred_close, do_smb1_close,
+ state);
+ END_PROFILE(SMBclose);
+ return;
+ }
+
+ /*
+ * close_file() returns the unix errno if an error was detected on
+ * close - normally this is due to a disk full error. If not then it
+ * was probably an I/O error.
+ */
+ status = close_file(req, fsp, NORMAL_CLOSE);
+done:
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
END_PROFILE(SMBclose);
return;
}
+static void do_smb1_close(struct tevent_req *req)
+{
+ struct reply_close_state *state = tevent_req_callback_data(
+ req, struct reply_close_state);
+ struct smb_request *smbreq;
+ NTSTATUS status;
+ int ret;
+
+ ret = tevent_wait_recv(req);
+ TALLOC_FREE(req);
+ if (ret != 0) {
+ DEBUG(10, ("tevent_wait_recv returned %s\n",
+ strerror(ret)));
+ /*
+ * Continue anyway, this should never happen
+ */
+ }
+
+ /*
+ * fsp->smb2_close_request right now is a talloc grandchild of
+ * fsp. When we close_file(fsp), it would go with it. No chance to
+ * reply...
+ */
+ smbreq = talloc_move(talloc_tos(), &state->smbreq);
+
+ status = close_file(smbreq, state->fsp, NORMAL_CLOSE);
+ if (NT_STATUS_IS_OK(status)) {
+ reply_outbuf(smbreq, 0, 0);
+ } else {
+ reply_nterror(smbreq, status);
+ }
+ if (!srv_send_smb(smbreq->sconn,
+ (char *)smbreq->outbuf,
+ true,
+ smbreq->seqnum+1,
+ IS_CONN_ENCRYPTED(smbreq->conn)||smbreq->encrypted,
+ NULL)) {
+ exit_server_cleanly("handle_aio_read_complete: srv_send_smb "
+ "failed.");
+ }
+ TALLOC_FREE(smbreq);
+}
+
/****************************************************************************
Reply to a writeclose (Core+ protocol).
****************************************************************************/
size_t numtowrite;
ssize_t nwritten = -1;
NTSTATUS close_status = NT_STATUS_OK;
- SMB_OFF_T startpos;
+ off_t startpos;
const char *data;
struct timespec mtime;
files_struct *fsp;
mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
data = (const char *)req->buf + 1;
- if (!fsp->print_file) {
+ if (fsp->print_file == NULL) {
init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
(uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
&lock);
nwritten = write_file(req,fsp,data,startpos,numtowrite);
+ if (fsp->print_file == NULL) {
+ SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
+ }
+
set_close_write_time(fsp, mtime);
/*
* JRA.
*/
+ DEBUG(3,("writeclose %s num=%d wrote=%d (numopen=%d)\n",
+ fsp_fnum_dbg(fsp), (int)numtowrite, (int)nwritten,
+ (numtowrite) ? conn->num_files_open - 1 : conn->num_files_open));
+
if (numtowrite) {
DEBUG(3,("reply_writeclose: zero length write doesn't close "
"file %s\n", fsp_str_dbg(fsp)));
close_status = close_file(req, fsp, NORMAL_CLOSE);
+ fsp = NULL;
}
- DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
- fsp->fnum, (int)numtowrite, (int)nwritten,
- conn->num_files_open));
-
if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
reply_nterror(req, NT_STATUS_DISK_FULL);
- goto strict_unlock;
+ goto out;
}
if(!NT_STATUS_IS_OK(close_status)) {
reply_nterror(req, close_status);
- goto strict_unlock;
+ goto out;
}
reply_outbuf(req, 1, 0);
SSVAL(req->outbuf,smb_vwv0,nwritten);
-strict_unlock:
- if (numtowrite && !fsp->print_file) {
- SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
- }
+out:
END_PROFILE(SMBwriteclose);
return;
count = (uint64_t)IVAL(req->vwv+1, 0);
offset = (uint64_t)IVAL(req->vwv+3, 0);
- DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
- fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
+ DEBUG(3,("lock fd=%d %s offset=%.0f count=%.0f\n",
+ fsp->fh->fd, fsp_fnum_dbg(fsp), (double)offset, (double)count));
br_lck = do_lock(req->sconn->msg_ctx,
fsp,
WINDOWS_LOCK,
False, /* Non-blocking lock. */
&status,
- NULL,
NULL);
TALLOC_FREE(br_lck);
return;
}
- DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
- fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
+ DEBUG( 3, ( "unlock fd=%d %s offset=%.0f count=%.0f\n",
+ fsp->fh->fd, fsp_fnum_dbg(fsp), (double)offset, (double)count ) );
reply_outbuf(req, 0, 0);
void reply_tdis(struct smb_request *req)
{
+ NTSTATUS status;
connection_struct *conn = req->conn;
+ struct smbXsrv_tcon *tcon;
+
START_PROFILE(SMBtdis);
if (!conn) {
DEBUG(4,("Invalid connection in tdis\n"));
- reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
+ reply_force_doserror(req, ERRSRV, ERRinvnid);
END_PROFILE(SMBtdis);
return;
}
- conn->used = False;
-
- close_cnum(conn,req->vuid);
+ tcon = conn->tcon;
req->conn = NULL;
+ /*
+ * TODO: cancel all outstanding requests on the tcon
+ */
+ status = smbXsrv_tcon_disconnect(tcon, req->vuid);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(0, ("reply_tdis: "
+ "smbXsrv_tcon_disconnect() failed: %s\n",
+ nt_errstr(status)));
+ /*
+ * If we hit this case, there is something completely
+ * wrong, so we better disconnect the transport connection.
+ */
+ END_PROFILE(SMBtdis);
+ exit_server(__location__ ": smbXsrv_tcon_disconnect failed");
+ return;
+ }
+
+ TALLOC_FREE(tcon);
+
reply_outbuf(req, 0, 0);
END_PROFILE(SMBtdis);
return;
reply_outbuf(req, 1, 0);
SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
- DEBUG(3,("openprint fd=%d fnum=%d\n",
- fsp->fh->fd, fsp->fnum));
+ DEBUG(3,("openprint fd=%d %s\n",
+ fsp->fh->fd, fsp_fnum_dbg(fsp)));
END_PROFILE(SMBsplopen);
return;
return;
}
- DEBUG(3,("printclose fd=%d fnum=%d\n",
- fsp->fh->fd,fsp->fnum));
+ DEBUG(3,("printclose fd=%d %s\n",
+ fsp->fh->fd, fsp_fnum_dbg(fsp)));
status = close_file(req, fsp, NORMAL_CLOSE);
TALLOC_CTX *mem_ctx = talloc_tos();
NTSTATUS status;
WERROR werr;
- const char *sharename = lp_servicename(SNUM(conn));
+ const char *sharename = lp_servicename(mem_ctx, SNUM(conn));
struct rpc_pipe_client *cli = NULL;
struct dcerpc_binding_handle *b = NULL;
struct policy_handle handle;
ZERO_STRUCT(handle);
status = rpc_pipe_open_interface(conn,
- &ndr_table_spoolss.syntax_id,
+ &ndr_table_spoolss,
conn->session_info,
conn->sconn->remote_address,
conn->sconn->msg_ctx,
data = (const char *)req->buf + 3;
- if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
+ if (write_file(req,fsp,data,(off_t)-1,numtowrite) != numtowrite) {
reply_nterror(req, map_nt_error_from_unix(errno));
END_PROFILE(SMBsplwr);
return;
}
- DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
+ DEBUG(3, ("printwrite %s num=%d\n", fsp_fnum_dbg(fsp), numtowrite));
END_PROFILE(SMBsplwr);
return;
status = filename_convert(ctx, conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
directory,
- 0,
+ UCF_PREP_CREATEFILE,
NULL,
&smb_dname);
if (!NT_STATUS_IS_OK(status)) {
goto out;
}
- if (!set_delete_on_close(fsp, true, conn->session_info->unix_token)) {
+ if (!set_delete_on_close(fsp, true,
+ conn->session_info->security_token,
+ conn->session_info->unix_token)) {
close_file(req, fsp, ERROR_CLOSE);
reply_nterror(req, NT_STATUS_ACCESS_DENIED);
goto out;
static void rename_open_files(connection_struct *conn,
struct share_mode_lock *lck,
+ struct file_id id,
uint32_t orig_name_hash,
const struct smb_filename *smb_fname_dst)
{
NTSTATUS status;
uint32_t new_name_hash = 0;
- for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
+ for(fsp = file_find_di_first(conn->sconn, id); fsp;
fsp = file_find_di_next(fsp)) {
/* fsp_name is a relative path under the fsp. To change this for other
sharepaths we need to manipulate relative paths. */
if (fsp->name_hash != orig_name_hash) {
continue;
}
- DEBUG(10, ("rename_open_files: renaming file fnum %d "
- "(file_id %s) from %s -> %s\n", fsp->fnum,
+ DEBUG(10, ("rename_open_files: renaming file %s "
+ "(file_id %s) from %s -> %s\n", fsp_fnum_dbg(fsp),
file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
smb_fname_str_dbg(smb_fname_dst)));
if (!did_rename) {
DEBUG(10, ("rename_open_files: no open files on file_id %s "
- "for %s\n", file_id_string_tos(&lck->id),
+ "for %s\n", file_id_string_tos(&id),
smb_fname_str_dbg(smb_fname_dst)));
}
/* Send messages to all smbd's (not ourself) that the name has changed. */
- rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
+ rename_share_filename(conn->sconn->msg_ctx, lck, id, conn->connectpath,
orig_name_hash, new_name_hash,
smb_fname_dst);
/* Make a copy of the dst smb_fname structs */
- status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
- if (!NT_STATUS_IS_OK(status)) {
+ smb_fname_dst = cp_smb_filename(ctx, smb_fname_dst_in);
+ if (smb_fname_dst == NULL) {
+ status = NT_STATUS_NO_MEMORY;
goto out;
}
* Create an smb_filename struct using the original last
* component of the destination.
*/
- status = create_synthetic_smb_fname_split(ctx,
- smb_fname_dst->original_lcomp, NULL,
- &smb_fname_orig_lcomp);
- if (!NT_STATUS_IS_OK(status)) {
+ smb_fname_orig_lcomp = synthetic_smb_fname_split(
+ ctx, smb_fname_dst->original_lcomp, NULL);
+ if (smb_fname_orig_lcomp == NULL) {
+ status = NT_STATUS_NO_MEMORY;
TALLOC_FREE(fname_dst_lcomp_base_mod);
goto out;
}
status = NT_STATUS_ACCESS_DENIED;
}
- lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
- NULL);
+ lck = get_existing_share_mode_lock(talloc_tos(), fsp->file_id);
/*
* We have the file open ourselves, so not being able to get the
"%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
smb_fname_str_dbg(smb_fname_dst)));
- if (!lp_posix_pathnames() &&
+ if (!fsp->is_directory &&
+ !lp_posix_pathnames() &&
(lp_map_archive(SNUM(conn)) ||
lp_store_dos_attributes(SNUM(conn)))) {
/* We must set the archive bit on the newly
notify_rename(conn, fsp->is_directory, fsp->fsp_name,
smb_fname_dst);
- rename_open_files(conn, lck, fsp->name_hash, smb_fname_dst);
+ rename_open_files(conn, lck, fsp->file_id, fsp->name_hash,
+ smb_fname_dst);
/*
* A rename acts as a new file create w.r.t. allowing an initial delete
long offset = 0;
int create_options = 0;
bool posix_pathnames = lp_posix_pathnames();
+ int rc;
/*
* Split the old name into directory and last component
ZERO_STRUCT(smb_fname_src->st);
if (posix_pathnames) {
- SMB_VFS_LSTAT(conn, smb_fname_src);
+ rc = SMB_VFS_LSTAT(conn, smb_fname_src);
} else {
- SMB_VFS_STAT(conn, smb_fname_src);
+ rc = SMB_VFS_STAT(conn, smb_fname_src);
+ }
+ if (rc == -1) {
+ status = map_nt_error_from_unix_common(errno);
+ goto out;
}
if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
TALLOC_CTX *ctx = talloc_tos();
struct smb_filename *smb_fname_src = NULL;
struct smb_filename *smb_fname_dst = NULL;
+ uint32_t src_ucf_flags = lp_posix_pathnames() ? UCF_UNIX_NAME_LOOKUP : UCF_COND_ALLOW_WCARD_LCOMP;
+ uint32_t dst_ucf_flags = UCF_SAVE_LCOMP | (lp_posix_pathnames() ? 0 : UCF_COND_ALLOW_WCARD_LCOMP);
bool stream_rename = false;
START_PROFILE(SMBmv);
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
name,
- UCF_COND_ALLOW_WCARD_LCOMP,
+ src_ucf_flags,
&src_has_wcard,
&smb_fname_src);
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
newname,
- UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
+ dst_ucf_flags,
&dest_has_wcard,
&smb_fname_dst);
bool target_is_directory)
{
struct smb_filename *smb_fname_dst_tmp = NULL;
- SMB_OFF_T ret=-1;
+ off_t ret=-1;
files_struct *fsp1,*fsp2;
uint32 dosattrs;
uint32 new_create_disposition;
NTSTATUS status;
- status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
- if (!NT_STATUS_IS_OK(status)) {
- return status;
+ smb_fname_dst_tmp = cp_smb_filename(ctx, smb_fname_dst);
+ if (smb_fname_dst_tmp == NULL) {
+ return NT_STATUS_NO_MEMORY;
}
/*
goto out;
}
- if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
+ if (ret != (off_t)smb_fname_src->st.st_ex_size) {
status = NT_STATUS_DISK_FULL;
goto out;
}
if(!large_file_format) {
count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
} else {
-
-#if defined(HAVE_LONGLONG)
count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
-#else /* HAVE_LONGLONG */
-
- /*
- * NT4.x seems to be broken in that it sends large file (64 bit)
- * lockingX calls even if the CAP_LARGE_FILES was *not*
- * negotiated. For boxes without large unsigned ints truncate the
- * lock count by dropping the top 32 bits.
- */
-
- if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
- DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
- (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
- (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
- SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
- }
-
- count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
-#endif /* HAVE_LONGLONG */
}
return count;
}
-#if !defined(HAVE_LONGLONG)
-/****************************************************************************
- Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
-****************************************************************************/
-
-static uint32 map_lock_offset(uint32 high, uint32 low)
-{
- unsigned int i;
- uint32 mask = 0;
- uint32 highcopy = high;
-
- /*
- * Try and find out how many significant bits there are in high.
- */
-
- for(i = 0; highcopy; i++)
- highcopy >>= 1;
-
- /*
- * We use 31 bits not 32 here as POSIX
- * lock offsets may not be negative.
- */
-
- mask = (~0) << (31 - i);
-
- if(low & mask)
- return 0; /* Fail. */
-
- high <<= (31 - i);
-
- return (high|low);
-}
-#endif /* !defined(HAVE_LONGLONG) */
-
/****************************************************************************
Get a lock offset, dealing with large offset requests.
****************************************************************************/
if(!large_file_format) {
offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
} else {
-
-#if defined(HAVE_LONGLONG)
offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
-#else /* HAVE_LONGLONG */
-
- /*
- * NT4.x seems to be broken in that it sends large file (64 bit)
- * lockingX calls even if the CAP_LARGE_FILES was *not*
- * negotiated. For boxes without large unsigned ints mangle the
- * lock offset by mapping the top 32 bits onto the lower 32.
- */
-
- if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
- uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
- uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
- uint32 new_low = 0;
-
- if((new_low = map_lock_offset(high, low)) == 0) {
- *err = True;
- return (uint64_t)-1;
- }
-
- DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
- (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
- SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
- SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
- }
-
- offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
-#endif /* HAVE_LONGLONG */
}
return offset;
files_struct *fsp,
uint8_t type,
int32_t timeout,
- uint16_t num_ulocks,
- struct smbd_lock_element *ulocks,
uint16_t num_locks,
struct smbd_lock_element *locks,
bool *async)
*async = false;
- /* Data now points at the beginning of the list
- of smb_unlkrng structs */
- for(i = 0; i < (int)num_ulocks; i++) {
- struct smbd_lock_element *e = &ulocks[i];
-
- DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
- "pid %u, file %s\n",
- (double)e->offset,
- (double)e->count,
- (unsigned int)e->smblctx,
- fsp_str_dbg(fsp)));
-
- if (e->brltype != UNLOCK_LOCK) {
- /* this can only happen with SMB2 */
- return NT_STATUS_INVALID_PARAMETER;
- }
-
- status = do_unlock(req->sconn->msg_ctx,
- fsp,
- e->smblctx,
- e->count,
- e->offset,
- WINDOWS_LOCK);
-
- DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
- nt_errstr(status)));
-
- if (!NT_STATUS_IS_OK(status)) {
- return status;
- }
- }
-
/* Setup the timeout in seconds. */
if (!lp_blocking_locks(SNUM(conn))) {
timeout = 0;
}
- /* Data now points at the beginning of the list
- of smb_lkrng structs */
-
for(i = 0; i < (int)num_locks; i++) {
struct smbd_lock_element *e = &locks[i];
e->smblctx,
e->count,
e->offset,
- WINDOWS_LOCK,
- blr);
+ WINDOWS_LOCK);
} else {
bool blocking_lock = timeout ? true : false;
bool defer_lock = false;
WINDOWS_LOCK,
blocking_lock,
&status,
- &block_smblctx,
- NULL);
+ &block_smblctx);
if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
/* Windows internal resolution for blocking locks seems
return status;
}
- DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
- fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
+ DEBUG(3, ("smbd_do_locking: %s type=%d num_locks=%d\n",
+ fsp_fnum_dbg(fsp), (unsigned int)type, num_locks));
+
+ return NT_STATUS_OK;
+}
+
+NTSTATUS smbd_do_unlocking(struct smb_request *req,
+ files_struct *fsp,
+ uint16_t num_ulocks,
+ struct smbd_lock_element *ulocks)
+{
+ int i;
+
+ for(i = 0; i < (int)num_ulocks; i++) {
+ struct smbd_lock_element *e = &ulocks[i];
+ NTSTATUS status;
+
+ DEBUG(10,("%s: unlock start=%.0f, len=%.0f for "
+ "pid %u, file %s\n", __func__,
+ (double)e->offset,
+ (double)e->count,
+ (unsigned int)e->smblctx,
+ fsp_str_dbg(fsp)));
+
+ if (e->brltype != UNLOCK_LOCK) {
+ /* this can only happen with SMB2 */
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ status = do_unlock(req->sconn->msg_ctx,
+ fsp,
+ e->smblctx,
+ e->count,
+ e->offset,
+ WINDOWS_LOCK);
+
+ DEBUG(10, ("%s: unlock returned %s\n", __func__,
+ nt_errstr(status)));
+
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+ }
+
+ DEBUG(3, ("%s: %s num_ulocks=%d\n", __func__, fsp_fnum_dbg(fsp),
+ num_ulocks));
return NT_STATUS_OK;
}
bool result;
DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
- "for fnum = %d\n", (unsigned int)oplocklevel,
- fsp->fnum ));
+ "for %s\n", (unsigned int)oplocklevel,
+ fsp_fnum_dbg(fsp)));
/*
* Make sure we have granted an exclusive or batch oplock on
message here - just ignore it. JRA. */
DEBUG(5,("reply_lockingX: Error : oplock break from "
- "client for fnum = %d (oplock=%d) and no "
+ "client for %s (oplock=%d) and no "
"oplock granted on this file (%s).\n",
- fsp->fnum, fsp->oplock_type,
+ fsp_fnum_dbg(fsp), fsp->oplock_type,
fsp_str_dbg(fsp)));
/* if this is a pure oplock break request then don't
smb_panic("internal tdb error");
}
- reply_to_oplock_break_requests(fsp);
-
/* if this is a pure oplock break request then don't send a
* reply */
if (num_locks == 0 && num_ulocks == 0) {
}
}
+ status = smbd_do_unlocking(req, fsp, num_ulocks, ulocks);
+ if (!NT_STATUS_IS_OK(status)) {
+ END_PROFILE(SMBlockingX);
+ reply_nterror(req, status);
+ return;
+ }
+
status = smbd_do_locking(req, fsp,
locktype, lock_timeout,
- num_ulocks, ulocks,
num_locks, locks,
&async);
if (!NT_STATUS_IS_OK(status)) {
}
reply_outbuf(req, 2, 0);
+ SSVAL(req->outbuf, smb_vwv0, 0xff); /* andx chain ends */
+ SSVAL(req->outbuf, smb_vwv1, 0); /* no andx offset */
- DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
- fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
+ DEBUG(3, ("lockingX %s type=%d num_locks=%d num_ulocks=%d\n",
+ fsp_fnum_dbg(fsp), (unsigned int)locktype, num_locks, num_ulocks));
END_PROFILE(SMBlockingX);
- chain_reply(req);
}
#undef DBGC_CLASS
goto out;
}
- DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
+ DEBUG( 3, ( "reply_setattrE %s actime=%u modtime=%u "
" createtime=%u\n",
- fsp->fnum,
+ fsp_fnum_dbg(fsp),
(unsigned int)ft.atime.tv_sec,
(unsigned int)ft.mtime.tv_sec,
(unsigned int)ft.create_time.tv_sec
}
SSVAL(req->outbuf,smb_vwv10, mode);
- DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
+ DEBUG( 3, ( "reply_getattrE %s\n", fsp_fnum_dbg(fsp)));
END_PROFILE(SMBgetattrE);
return;