2 Unix SMB/Netbios implementation.
4 Main SMB server routines
5 Copyright (C) Andrew Tridgell 1992-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 pstring servicesf = CONFIGFILE;
26 extern pstring debugf;
27 extern pstring sesssetup_user;
28 extern fstring myworkgroup;
30 char *InBuffer = NULL;
31 char *OutBuffer = NULL;
32 char *last_inbuf = NULL;
37 /* the last message the was processed */
38 int last_message = -1;
40 /* a useful macro to debug the last message processed */
41 #define LAST_MESSAGE() smb_fn_name(last_message)
44 extern int DEBUGLEVEL;
45 extern int case_default;
46 extern BOOL case_sensitive;
47 extern BOOL case_preserve;
48 extern BOOL use_mangled_map;
49 extern BOOL short_case_preserve;
50 extern BOOL case_mangle;
51 time_t smb_last_time=(time_t)0;
53 extern int smb_read_error;
55 extern pstring user_socket_options;
58 extern int dcelogin_atmost_once;
61 connection_struct Connections[MAX_CONNECTIONS];
62 files_struct Files[MAX_OPEN_FILES];
65 * Indirection for file fd's. Needed as POSIX locking
66 * is based on file/process, not fd/process.
68 file_fd_struct FileFd[MAX_OPEN_FILES];
69 int max_file_fd_used = 0;
74 * Size of data we can send to client. Set
75 * by the client for all protocols above CORE.
76 * Set by us for CORE protocol.
78 int max_send = BUFFER_SIZE;
80 * Size of the data we can receive. Set by us.
81 * Can be modified by the max xmit parameter.
83 int max_recv = BUFFER_SIZE;
85 /* a fnum to use when chaining */
88 /* number of open connections */
89 static int num_connections_open = 0;
91 /* Oplock ipc UDP socket. */
93 uint16 oplock_port = 0;
94 /* Current number of oplocks we have outstanding. */
95 int32 global_oplocks_open = 0;
97 BOOL global_oplock_break = False;
99 extern fstring remote_machine;
101 extern pstring OriginalDir;
103 /* these can be set by some functions to override the error codes */
104 int unix_ERR_class=SUCCESS;
108 extern int extra_time_offset;
110 extern pstring myhostname;
112 static int find_free_connection(int hash);
114 /* for readability... */
115 #define IS_DOS_READONLY(test_mode) (((test_mode) & aRONLY) != 0)
116 #define IS_DOS_DIR(test_mode) (((test_mode) & aDIR) != 0)
117 #define IS_DOS_ARCHIVE(test_mode) (((test_mode) & aARCH) != 0)
118 #define IS_DOS_SYSTEM(test_mode) (((test_mode) & aSYSTEM) != 0)
119 #define IS_DOS_HIDDEN(test_mode) (((test_mode) & aHIDDEN) != 0)
121 /****************************************************************************
122 when exiting, take the whole family
123 ****************************************************************************/
126 exit_server("caught signal");
127 return 0; /* Keep -Wall happy :-) */
129 /****************************************************************************
130 Send a SIGTERM to our process group.
131 *****************************************************************************/
134 if(am_parent) kill(0,SIGTERM);
137 /****************************************************************************
138 change a dos mode to a unix mode
139 base permission for files:
140 everybody gets read bit set
141 dos readonly is represented in unix by removing everyone's write bit
142 dos archive is represented in unix by the user's execute bit
143 dos system is represented in unix by the group's execute bit
144 dos hidden is represented in unix by the other's execute bit
145 Then apply create mask,
147 base permission for directories:
148 dos directory is represented in unix by unix's dir bit and the exec bit
149 Then apply create mask,
151 ****************************************************************************/
152 mode_t unix_mode(int cnum,int dosmode)
154 mode_t result = (S_IRUSR | S_IRGRP | S_IROTH);
156 if ( !IS_DOS_READONLY(dosmode) )
157 result |= (S_IWUSR | S_IWGRP | S_IWOTH);
159 if (IS_DOS_DIR(dosmode)) {
160 /* We never make directories read only for the owner as under DOS a user
161 can always create a file in a read-only directory. */
162 result |= (S_IFDIR | S_IXUSR | S_IXGRP | S_IXOTH | S_IWUSR);
163 /* Apply directory mask */
164 result &= lp_dir_mode(SNUM(cnum));
165 /* Add in force bits */
166 result |= lp_force_dir_mode(SNUM(cnum));
168 if (MAP_ARCHIVE(cnum) && IS_DOS_ARCHIVE(dosmode))
171 if (MAP_SYSTEM(cnum) && IS_DOS_SYSTEM(dosmode))
174 if (MAP_HIDDEN(cnum) && IS_DOS_HIDDEN(dosmode))
177 /* Apply mode mask */
178 result &= lp_create_mode(SNUM(cnum));
179 /* Add in force bits */
180 result |= lp_force_create_mode(SNUM(cnum));
186 /****************************************************************************
187 change a unix mode to a dos mode
188 ****************************************************************************/
189 int dos_mode(int cnum,char *path,struct stat *sbuf)
192 extern struct current_user current_user;
194 DEBUG(8,("dos_mode: %d %s\n", cnum, path));
196 if (CAN_WRITE(cnum) && !lp_alternate_permissions(SNUM(cnum))) {
197 if (!((sbuf->st_mode & S_IWOTH) ||
198 Connections[cnum].admin_user ||
199 ((sbuf->st_mode & S_IWUSR) && current_user.uid==sbuf->st_uid) ||
200 ((sbuf->st_mode & S_IWGRP) &&
201 in_group(sbuf->st_gid,current_user.gid,
202 current_user.ngroups,current_user.igroups))))
205 if ((sbuf->st_mode & S_IWUSR) == 0)
209 if (MAP_ARCHIVE(cnum) && ((sbuf->st_mode & S_IXUSR) != 0))
212 if (MAP_SYSTEM(cnum) && ((sbuf->st_mode & S_IXGRP) != 0))
215 if (MAP_HIDDEN(cnum) && ((sbuf->st_mode & S_IXOTH) != 0))
218 if (S_ISDIR(sbuf->st_mode))
219 result = aDIR | (result & aRONLY);
223 if (S_ISLNK(sbuf->st_mode) && S_ISDIR(sbuf->st_mode))
228 /* hide files with a name starting with a . */
229 if (lp_hide_dot_files(SNUM(cnum)))
231 char *p = strrchr(path,'/');
237 if (p[0] == '.' && p[1] != '.' && p[1] != 0)
241 /* Optimization : Only call is_hidden_path if it's not already
243 if (!(result & aHIDDEN) && IS_HIDDEN_PATH(cnum,path))
248 DEBUG(8,("dos_mode returning "));
250 if (result & aHIDDEN) DEBUG(8, ("h"));
251 if (result & aRONLY ) DEBUG(8, ("r"));
252 if (result & aSYSTEM) DEBUG(8, ("s"));
253 if (result & aDIR ) DEBUG(8, ("d"));
254 if (result & aARCH ) DEBUG(8, ("a"));
261 /*******************************************************************
262 chmod a file - but preserve some bits
263 ********************************************************************/
264 int dos_chmod(int cnum,char *fname,int dosmode,struct stat *st)
273 if (sys_stat(fname,st)) return(-1);
276 if (S_ISDIR(st->st_mode)) dosmode |= aDIR;
278 if (dos_mode(cnum,fname,st) == dosmode) return(0);
280 unixmode = unix_mode(cnum,dosmode);
282 /* preserve the s bits */
283 mask |= (S_ISUID | S_ISGID);
285 /* preserve the t bit */
290 /* possibly preserve the x bits */
291 if (!MAP_ARCHIVE(cnum)) mask |= S_IXUSR;
292 if (!MAP_SYSTEM(cnum)) mask |= S_IXGRP;
293 if (!MAP_HIDDEN(cnum)) mask |= S_IXOTH;
295 unixmode |= (st->st_mode & mask);
297 /* if we previously had any r bits set then leave them alone */
298 if ((tmp = st->st_mode & (S_IRUSR|S_IRGRP|S_IROTH))) {
299 unixmode &= ~(S_IRUSR|S_IRGRP|S_IROTH);
303 /* if we previously had any w bits set then leave them alone
304 if the new mode is not rdonly */
305 if (!IS_DOS_READONLY(dosmode) &&
306 (tmp = st->st_mode & (S_IWUSR|S_IWGRP|S_IWOTH))) {
307 unixmode &= ~(S_IWUSR|S_IWGRP|S_IWOTH);
311 return(sys_chmod(fname,unixmode));
314 /*******************************************************************
315 Wrapper around sys_utime that possibly allows DOS semantics rather
317 *******************************************************************/
319 int file_utime(int cnum, char *fname, struct utimbuf *times)
321 extern struct current_user current_user;
327 if(sys_utime(fname, times) == 0)
330 if((errno != EPERM) && (errno != EACCES))
333 if(!lp_dos_filetimes(SNUM(cnum)))
336 /* We have permission (given by the Samba admin) to
337 break POSIX semantics and allow a user to change
338 the time on a file they don't own but can write to
342 if(sys_stat(fname,&sb) != 0)
345 /* Check if we have write access. */
346 if (CAN_WRITE(cnum)) {
347 if (((sb.st_mode & S_IWOTH) ||
348 Connections[cnum].admin_user ||
349 ((sb.st_mode & S_IWUSR) && current_user.uid==sb.st_uid) ||
350 ((sb.st_mode & S_IWGRP) &&
351 in_group(sb.st_gid,current_user.gid,
352 current_user.ngroups,current_user.igroups)))) {
353 /* We are allowed to become root and change the filetime. */
355 ret = sys_utime(fname, times);
356 unbecome_root(False);
363 /*******************************************************************
364 Change a filetime - possibly allowing DOS semantics.
365 *******************************************************************/
367 BOOL set_filetime(int cnum, char *fname, time_t mtime)
369 struct utimbuf times;
371 if (null_mtime(mtime)) return(True);
373 times.modtime = times.actime = mtime;
375 if (file_utime(cnum, fname, ×)) {
376 DEBUG(4,("set_filetime(%s) failed: %s\n",fname,strerror(errno)));
382 /****************************************************************************
383 check if two filenames are equal
385 this needs to be careful about whether we are case sensitive
386 ****************************************************************************/
387 static BOOL fname_equal(char *name1, char *name2)
389 int l1 = strlen(name1);
390 int l2 = strlen(name2);
392 /* handle filenames ending in a single dot */
393 if (l1-l2 == 1 && name1[l1-1] == '.' && lp_strip_dot())
397 ret = fname_equal(name1,name2);
402 if (l2-l1 == 1 && name2[l2-1] == '.' && lp_strip_dot())
406 ret = fname_equal(name1,name2);
411 /* now normal filename handling */
413 return(strcmp(name1,name2) == 0);
415 return(strequal(name1,name2));
419 /****************************************************************************
420 mangle the 2nd name and check if it is then equal to the first name
421 ****************************************************************************/
422 static BOOL mangled_equal(char *name1, char *name2)
426 if (is_8_3(name2, True))
429 strcpy(tmpname,name2);
430 mangle_name_83(tmpname);
432 return(strequal(name1,tmpname));
436 /****************************************************************************
437 scan a directory to find a filename, matching without case sensitivity
439 If the name looks like a mangled name then try via the mangling functions
440 ****************************************************************************/
441 static BOOL scan_directory(char *path, char *name,int cnum,BOOL docache)
448 mangled = is_mangled(name);
450 /* handle null paths */
454 if (docache && (dname = DirCacheCheck(path,name,SNUM(cnum)))) {
460 * The incoming name can be mangled, and if we de-mangle it
461 * here it will not compare correctly against the filename (name2)
462 * read from the directory and then mangled by the name_map_mangle()
463 * call. We need to mangle both names or neither.
467 mangled = !check_mangled_stack(name);
469 /* open the directory */
470 if (!(cur_dir = OpenDir(cnum, path, True)))
472 DEBUG(3,("scan dir didn't open dir [%s]\n",path));
476 /* now scan for matching names */
477 while ((dname = ReadDirName(cur_dir)))
480 (strequal(dname,".") || strequal(dname,"..")))
483 pstrcpy(name2,dname);
484 if (!name_map_mangle(name2,False,SNUM(cnum))) continue;
486 if ((mangled && mangled_equal(name,name2))
487 || fname_equal(name, name2))
489 /* we've found the file, change it's name and return */
490 if (docache) DirCacheAdd(path,name,dname,SNUM(cnum));
501 /****************************************************************************
502 This routine is called to convert names from the dos namespace to unix
503 namespace. It needs to handle any case conversions, mangling, format
506 We assume that we have already done a chdir() to the right "root" directory
509 The function will return False if some part of the name except for the last
510 part cannot be resolved
512 If the saved_last_component != 0, then the unmodified last component
513 of the pathname is returned there. This is used in an exceptional
514 case in reply_mv (so far). If saved_last_component == 0 then nothing
517 The bad_path arg is set to True if the filename walk failed. This is
518 used to pick the correct error code to return between ENOENT and ENOTDIR
519 as Windows applications depend on ERRbadpath being returned if a component
520 of a pathname does not exist.
521 ****************************************************************************/
522 BOOL unix_convert(char *name,int cnum,pstring saved_last_component, BOOL *bad_path)
532 if(saved_last_component)
533 *saved_last_component = 0;
535 /* convert to basic unix format - removing \ chars and cleaning it up */
537 unix_clean_name(name);
539 /* names must be relative to the root of the service - trim any leading /.
540 also trim trailing /'s */
541 trim_string(name,"/","/");
544 * Ensure saved_last_component is valid even if file exists.
546 if(saved_last_component) {
547 end = strrchr(name, '/');
549 strcpy(saved_last_component, end + 1);
551 strcpy(saved_last_component, name);
554 if (!case_sensitive &&
555 (!case_preserve || (is_8_3(name, False) && !short_case_preserve)))
558 /* check if it's a printer file */
559 if (Connections[cnum].printer)
561 if ((! *name) || strchr(name,'/') || !is_8_3(name, True))
565 sprintf(name2,"%.6s.XXXXXX",remote_machine);
566 /* sanitise the name */
567 for (s=name2 ; *s ; s++)
568 if (!issafe(*s)) *s = '_';
569 strcpy(name,(char *)mktemp(name2));
574 /* stat the name - if it exists then we are all done! */
575 if (sys_stat(name,&st) == 0)
580 DEBUG(5,("unix_convert(%s,%d)\n",name,cnum));
582 /* a special case - if we don't have any mangling chars and are case
583 sensitive then searching won't help */
584 if (case_sensitive && !is_mangled(name) &&
585 !lp_strip_dot() && !use_mangled_map && (saved_errno != ENOENT))
588 /* now we need to recursively match the name against the real
589 directory structure */
592 while (strncmp(start,"./",2) == 0)
595 /* now match each part of the path name separately, trying the names
596 as is first, then trying to scan the directory for matching names */
597 for (;start;start = (end?end+1:(char *)NULL))
599 /* pinpoint the end of this section of the filename */
600 end = strchr(start, '/');
602 /* chop the name at this point */
605 if(saved_last_component != 0)
606 strcpy(saved_last_component, end ? end + 1 : start);
608 /* check if the name exists up to this point */
609 if (sys_stat(name, &st) == 0)
611 /* it exists. it must either be a directory or this must be
612 the last part of the path for it to be OK */
613 if (end && !(st.st_mode & S_IFDIR))
615 /* an intermediate part of the name isn't a directory */
616 DEBUG(5,("Not a dir %s\n",start));
627 /* remember the rest of the pathname so it can be restored
629 if (end) pstrcpy(rest,end+1);
631 /* try to find this part of the path in the directory */
632 if (strchr(start,'?') || strchr(start,'*') ||
633 !scan_directory(dirpath, start, cnum, end?True:False))
637 /* an intermediate part of the name can't be found */
638 DEBUG(5,("Intermediate not found %s\n",start));
640 /* We need to return the fact that the intermediate
641 name resolution failed. This is used to return an
642 error of ERRbadpath rather than ERRbadfile. Some
643 Windows applications depend on the difference between
650 /* just the last part of the name doesn't exist */
651 /* we may need to strupper() or strlower() it in case
652 this conversion is being used for file creation
654 /* if the filename is of mixed case then don't normalise it */
655 if (!case_preserve &&
656 (!strhasupper(start) || !strhaslower(start)))
659 /* check on the mangled stack to see if we can recover the
660 base of the filename */
661 if (is_mangled(start))
662 check_mangled_stack(start);
664 DEBUG(5,("New file %s\n",start));
668 /* restore the rest of the string */
671 strcpy(start+strlen(start)+1,rest);
672 end = start + strlen(start);
676 /* add to the dirpath that we have resolved so far */
677 if (*dirpath) strcat(dirpath,"/");
678 strcat(dirpath,start);
680 /* restore the / that we wiped out earlier */
684 /* the name has been resolved */
685 DEBUG(5,("conversion finished %s\n",name));
690 /****************************************************************************
691 normalise for DOS usage
692 ****************************************************************************/
693 static void disk_norm(int *bsize,int *dfree,int *dsize)
695 /* check if the disk is beyond the max disk size */
696 int maxdisksize = lp_maxdisksize();
698 /* convert to blocks - and don't overflow */
699 maxdisksize = ((maxdisksize*1024)/(*bsize))*1024;
700 if (*dsize > maxdisksize) *dsize = maxdisksize;
701 if (*dfree > maxdisksize) *dfree = maxdisksize-1; /* the -1 should stop
706 while (*dfree > WORDMAX || *dsize > WORDMAX || *bsize < 512)
711 if (*bsize > WORDMAX )
714 if (*dsize > WORDMAX)
716 if (*dfree > WORDMAX)
723 /****************************************************************************
724 return number of 1K blocks available on a path and total number
725 ****************************************************************************/
726 int disk_free(char *path,int *bsize,int *dfree,int *dsize)
728 char *df_command = lp_dfree_command();
749 /* possibly use system() to get the result */
750 if (df_command && *df_command)
756 sprintf(outfile,"%s/dfree.smb.%d",tmpdir(),(int)getpid());
757 sprintf(syscmd,"%s %s",df_command,path);
758 standard_sub_basic(syscmd);
760 ret = smbrun(syscmd,outfile,False);
761 DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret));
764 FILE *f = fopen(outfile,"r");
770 fscanf(f,"%d %d %d",dsize,dfree,bsize);
774 DEBUG(0,("Can't open %s\n",outfile));
778 disk_norm(bsize,dfree,dsize);
779 dfree_retval = ((*bsize)/1024)*(*dfree);
781 /* Ensure we return the min value between the users quota and
782 what's free on the disk. Thanks to Albrecht Gebhardt
783 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
785 if (disk_quotas(path, &bsizeq, &dfreeq, &dsizeq))
787 disk_norm(&bsizeq, &dfreeq, &dsizeq);
788 dfreeq_retval = ((bsizeq)/1024)*(dfreeq);
789 dfree_retval = ( dfree_retval < dfreeq_retval ) ?
790 dfree_retval : dfreeq_retval ;
791 /* maybe dfree and dfreeq are calculated using different bsizes
792 so convert dfree from bsize into bsizeq */
793 /* avoid overflows due to multiplication, so do not:
794 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
795 bsize and bsizeq are powers of 2 so its better to
796 to divide them getting a multiplication or division factor
797 for dfree. Rene Nieuwenhuizen (07-10-1997) */
798 if (*bsize >= bsizeq)
799 *dfree = *dfree * (*bsize / bsizeq);
801 *dfree = *dfree / (bsizeq / *bsize);
802 *dfree = ( *dfree < dfreeq ) ? *dfree : dfreeq ;
807 return(dfree_retval);
811 DEBUG(1,("Warning - no statfs function\n"));
815 if (statfs(path,&fs,sizeof(fs),0) != 0)
818 if (statvfs(path, &fs))
821 if (statfs(path,&fs,sizeof(fs)) == -1)
823 if (statfs(path,&fs) == -1)
825 #endif /* USE_STATVFS */
828 DEBUG(3,("dfree call failed code errno=%d\n",errno));
832 return(((*bsize)/1024)*(*dfree));
837 *dfree = fs.fd_req.bfree;
838 *dsize = fs.fd_req.btot;
841 *bsize = fs.f_frsize;
844 /* eg: osf1 has f_fsize = fundamental filesystem block size,
845 f_bsize = optimal transfer block size (MX: 94-04-19) */
850 #endif /* USE_STATVFS */
855 *dfree = fs.f_bavail;
857 *dsize = fs.f_blocks;
860 #if defined(SCO) || defined(ISC) || defined(MIPS)
864 /* handle rediculous bsize values - some OSes are broken */
865 if ((*bsize) < 512 || (*bsize)>0xFFFF) *bsize = 1024;
867 disk_norm(bsize,dfree,dsize);
873 DEBUG(0,("dfree seems to be broken on your system\n"));
874 *dsize = 20*1024*1024/(*bsize);
875 *dfree = MAX(1,*dfree);
877 dfree_retval = ((*bsize)/1024)*(*dfree);
879 /* Ensure we return the min value between the users quota and
880 what's free on the disk. Thanks to Albrecht Gebhardt
881 <albrecht.gebhardt@uni-klu.ac.at> for this fix.
883 if (disk_quotas(path, &bsizeq, &dfreeq, &dsizeq))
885 disk_norm(&bsizeq, &dfreeq, &dsizeq);
886 dfreeq_retval = ((bsizeq)/1024)*(dfreeq);
887 dfree_retval = ( dfree_retval < dfreeq_retval ) ?
888 dfree_retval : dfreeq_retval ;
889 /* maybe dfree and dfreeq are calculated using different bsizes
890 so convert dfree from bsize into bsizeq */
891 /* avoid overflows due to multiplication, so do not:
892 *dfree = ((*dfree) * (*bsize)) / (bsizeq);
893 bsize and bsizeq are powers of 2 so its better to
894 to divide them getting a multiplication or division factor
895 for dfree. Rene Nieuwenhuizen (07-10-1997) */
896 if (*bsize >= bsizeq)
897 *dfree = *dfree * (*bsize / bsizeq);
899 *dfree = *dfree / (bsizeq / *bsize);
900 *dfree = ( *dfree < dfreeq ) ? *dfree : dfreeq ;
905 return(dfree_retval);
910 /****************************************************************************
911 wrap it to get filenames right
912 ****************************************************************************/
913 int sys_disk_free(char *path,int *bsize,int *dfree,int *dsize)
915 return(disk_free(dos_to_unix(path,False),bsize,dfree,dsize));
920 /****************************************************************************
921 check a filename - possibly caling reducename
923 This is called by every routine before it allows an operation on a filename.
924 It does any final confirmation necessary to ensure that the filename is
925 a valid one for the user to access.
926 ****************************************************************************/
927 BOOL check_name(char *name,int cnum)
933 if( IS_VETO_PATH(cnum, name))
935 DEBUG(5,("file path name %s vetoed\n",name));
939 ret = reduce_name(name,Connections[cnum].connectpath,lp_widelinks(SNUM(cnum)));
941 /* Check if we are allowing users to follow symlinks */
942 /* Patch from David Clerc <David.Clerc@cui.unige.ch>
943 University of Geneva */
946 if (!lp_symlinks(SNUM(cnum)))
949 if ( (sys_lstat(name,&statbuf) != -1) &&
950 (S_ISLNK(statbuf.st_mode)) )
952 DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
959 DEBUG(5,("check_name on %s failed\n",name));
964 /****************************************************************************
965 check a filename - possibly caling reducename
966 ****************************************************************************/
967 static void check_for_pipe(char *fname)
969 /* special case of pipe opens */
973 if (strstr(s,"pipe/"))
975 DEBUG(3,("Rejecting named pipe open for %s\n",fname));
976 unix_ERR_class = ERRSRV;
977 unix_ERR_code = ERRaccess;
981 /****************************************************************************
982 fd support routines - attempt to do a sys_open
983 ****************************************************************************/
984 static int fd_attempt_open(char *fname, int flags, int mode)
986 int fd = sys_open(fname,flags,mode);
988 /* Fix for files ending in '.' */
989 if((fd == -1) && (errno == ENOENT) &&
990 (strchr(fname,'.')==NULL))
993 fd = sys_open(fname,flags,mode);
996 #if (defined(ENAMETOOLONG) && defined(HAVE_PATHCONF))
997 if ((fd == -1) && (errno == ENAMETOOLONG))
1000 char *p = strrchr(fname, '/');
1002 if (p == fname) /* name is "/xxx" */
1004 max_len = pathconf("/", _PC_NAME_MAX);
1007 else if ((p == NULL) || (p == fname))
1010 max_len = pathconf(".", _PC_NAME_MAX);
1015 max_len = pathconf(fname, _PC_NAME_MAX);
1019 if (strlen(p) > max_len)
1021 char tmp = p[max_len];
1024 if ((fd = sys_open(fname,flags,mode)) == -1)
1032 /****************************************************************************
1033 fd support routines - attempt to find an already open file by dev
1034 and inode - increments the ref_count of the returned file_fd_struct *.
1035 ****************************************************************************/
1036 static file_fd_struct *fd_get_already_open(struct stat *sbuf)
1039 file_fd_struct *fd_ptr;
1044 for(i = 0; i <= max_file_fd_used; i++) {
1045 fd_ptr = &FileFd[i];
1046 if((fd_ptr->ref_count > 0) &&
1047 (((uint32)sbuf->st_dev) == fd_ptr->dev) &&
1048 (((uint32)sbuf->st_ino) == fd_ptr->inode)) {
1049 fd_ptr->ref_count++;
1051 ("Re-used file_fd_struct %d, dev = %x, inode = %x, ref_count = %d\n",
1052 i, fd_ptr->dev, fd_ptr->inode, fd_ptr->ref_count));
1059 /****************************************************************************
1060 fd support routines - attempt to find a empty slot in the FileFd array.
1061 Increments the ref_count of the returned entry.
1062 ****************************************************************************/
1063 static file_fd_struct *fd_get_new()
1066 file_fd_struct *fd_ptr;
1068 for(i = 0; i < MAX_OPEN_FILES; i++) {
1069 fd_ptr = &FileFd[i];
1070 if(fd_ptr->ref_count == 0) {
1071 fd_ptr->dev = (uint32)-1;
1072 fd_ptr->inode = (uint32)-1;
1074 fd_ptr->fd_readonly = -1;
1075 fd_ptr->fd_writeonly = -1;
1076 fd_ptr->real_open_flags = -1;
1077 fd_ptr->ref_count++;
1078 /* Increment max used counter if neccessary, cuts down
1079 on search time when re-using */
1080 if(i > max_file_fd_used)
1081 max_file_fd_used = i;
1082 DEBUG(3,("Allocated new file_fd_struct %d, dev = %x, inode = %x\n",
1083 i, fd_ptr->dev, fd_ptr->inode));
1087 DEBUG(1,("ERROR! Out of file_fd structures - perhaps increase MAX_OPEN_FILES?\
1092 /****************************************************************************
1093 fd support routines - attempt to re-open an already open fd as O_RDWR.
1094 Save the already open fd (we cannot close due to POSIX file locking braindamage.
1095 ****************************************************************************/
1096 static void fd_attempt_reopen(char *fname, int mode, file_fd_struct *fd_ptr)
1098 int fd = sys_open( fname, O_RDWR, mode);
1103 if(fd_ptr->real_open_flags == O_RDONLY)
1104 fd_ptr->fd_readonly = fd_ptr->fd;
1105 if(fd_ptr->real_open_flags == O_WRONLY)
1106 fd_ptr->fd_writeonly = fd_ptr->fd;
1109 fd_ptr->real_open_flags = O_RDWR;
1112 /****************************************************************************
1113 fd support routines - attempt to close the file referenced by this fd.
1114 Decrements the ref_count and returns it.
1115 ****************************************************************************/
1116 static int fd_attempt_close(file_fd_struct *fd_ptr)
1118 DEBUG(3,("fd_attempt_close on file_fd_struct %d, fd = %d, dev = %x, inode = %x, open_flags = %d, ref_count = %d.\n",
1119 fd_ptr - &FileFd[0],
1120 fd_ptr->fd, fd_ptr->dev, fd_ptr->inode,
1121 fd_ptr->real_open_flags,
1122 fd_ptr->ref_count));
1123 if(fd_ptr->ref_count > 0) {
1124 fd_ptr->ref_count--;
1125 if(fd_ptr->ref_count == 0) {
1126 if(fd_ptr->fd != -1)
1128 if(fd_ptr->fd_readonly != -1)
1129 close(fd_ptr->fd_readonly);
1130 if(fd_ptr->fd_writeonly != -1)
1131 close(fd_ptr->fd_writeonly);
1133 fd_ptr->fd_readonly = -1;
1134 fd_ptr->fd_writeonly = -1;
1135 fd_ptr->real_open_flags = -1;
1136 fd_ptr->dev = (uint32)-1;
1137 fd_ptr->inode = (uint32)-1;
1140 return fd_ptr->ref_count;
1143 /****************************************************************************
1145 ****************************************************************************/
1146 static void open_file(int fnum,int cnum,char *fname1,int flags,int mode, struct stat *sbuf)
1148 extern struct current_user current_user;
1150 struct stat statbuf;
1151 file_fd_struct *fd_ptr;
1152 files_struct *fsp = &Files[fnum];
1153 int accmode = (flags & (O_RDONLY | O_WRONLY | O_RDWR));
1157 fsp->granted_oplock = False;
1160 pstrcpy(fname,fname1);
1162 /* check permissions */
1165 * This code was changed after seeing a client open request
1166 * containing the open mode of (DENY_WRITE/read-only) with
1167 * the 'create if not exist' bit set. The previous code
1168 * would fail to open the file read only on a read-only share
1169 * as it was checking the flags parameter directly against O_RDONLY,
1170 * this was failing as the flags parameter was set to O_RDONLY|O_CREAT.
1174 if (!CAN_WRITE(cnum) && !Connections[cnum].printer) {
1175 /* It's a read-only share - fail if we wanted to write. */
1176 if(accmode != O_RDONLY) {
1177 DEBUG(3,("Permission denied opening %s\n",fname));
1178 check_for_pipe(fname);
1181 else if(flags & O_CREAT) {
1182 /* We don't want to write - but we must make sure that O_CREAT
1183 doesn't create the file if we have write access into the
1190 /* this handles a bug in Win95 - it doesn't say to create the file when it
1192 if (Connections[cnum].printer)
1196 if (flags == O_WRONLY)
1197 DEBUG(3,("Bug in client? Set O_WRONLY without O_CREAT\n"));
1201 * Ensure we have a valid struct stat so we can search the
1205 if(stat(fname, &statbuf) < 0) {
1206 if(errno != ENOENT) {
1207 DEBUG(3,("Error doing stat on file %s (%s)\n",
1208 fname,strerror(errno)));
1210 check_for_pipe(fname);
1220 * Check to see if we have this file already
1221 * open. If we do, just use the already open fd and increment the
1222 * reference count (fd_get_already_open increments the ref_count).
1224 if((fd_ptr = fd_get_already_open(sbuf))!= 0) {
1226 /* File was already open. */
1227 if((flags & O_CREAT) && (flags & O_EXCL)) {
1228 fd_ptr->ref_count--;
1234 * If not opened O_RDWR try
1235 * and do that here - a chmod may have been done
1236 * between the last open and now.
1238 if(fd_ptr->real_open_flags != O_RDWR)
1239 fd_attempt_reopen(fname, mode, fd_ptr);
1242 * Ensure that if we wanted write access
1243 * it has been opened for write, and if we wanted read it
1244 * was open for read.
1246 if(((accmode == O_WRONLY) && (fd_ptr->real_open_flags == O_RDONLY)) ||
1247 ((accmode == O_RDONLY) && (fd_ptr->real_open_flags == O_WRONLY)) ||
1248 ((accmode == O_RDWR) && (fd_ptr->real_open_flags != O_RDWR))) {
1249 DEBUG(3,("Error opening (already open for flags=%d) file %s (%s) (flags=%d)\n",
1250 fd_ptr->real_open_flags, fname,strerror(EACCES),flags));
1251 check_for_pipe(fname);
1252 fd_ptr->ref_count--;
1258 /* We need to allocate a new file_fd_struct (this increments the
1260 if((fd_ptr = fd_get_new()) == 0)
1263 * Whatever the requested flags, attempt read/write access,
1264 * as we don't know what flags future file opens may require.
1265 * If this fails, try again with the required flags.
1266 * Even if we open read/write when only read access was
1267 * requested the setting of the can_write flag in
1268 * the file_struct will protect us from errant
1269 * write requests. We never need to worry about O_APPEND
1270 * as this is not set anywhere in Samba.
1272 fd_ptr->real_open_flags = O_RDWR;
1273 /* Set the flags as needed without the read/write modes. */
1274 open_flags = flags & ~(O_RDWR|O_WRONLY|O_RDONLY);
1275 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDWR, mode);
1277 * On some systems opening a file for R/W access on a read only
1278 * filesystems sets errno to EROFS.
1281 if((fd_ptr->fd == -1) && ((errno == EACCES) || (errno == EROFS))) {
1282 #else /* No EROFS */
1283 if((fd_ptr->fd == -1) && (errno == EACCES)) {
1285 if(flags & O_WRONLY) {
1286 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_WRONLY, mode);
1287 fd_ptr->real_open_flags = O_WRONLY;
1289 fd_ptr->fd = fd_attempt_open(fname, open_flags|O_RDONLY, mode);
1290 fd_ptr->real_open_flags = O_RDONLY;
1295 if ((fd_ptr->fd >=0) &&
1296 Connections[cnum].printer && lp_minprintspace(SNUM(cnum))) {
1300 pstrcpy(dname,fname);
1301 p = strrchr(dname,'/');
1303 if (sys_disk_free(dname,&dum1,&dum2,&dum3) <
1304 lp_minprintspace(SNUM(cnum))) {
1305 fd_attempt_close(fd_ptr);
1307 if(fd_ptr->ref_count == 0)
1316 DEBUG(3,("Error opening file %s (%s) (flags=%d)\n",
1317 fname,strerror(errno),flags));
1318 /* Ensure the ref_count is decremented. */
1319 fd_attempt_close(fd_ptr);
1320 check_for_pipe(fname);
1324 if (fd_ptr->fd >= 0)
1328 if(fstat(fd_ptr->fd, &statbuf) == -1) {
1329 /* Error - backout !! */
1330 DEBUG(3,("Error doing fstat on fd %d, file %s (%s)\n",
1331 fd_ptr->fd, fname,strerror(errno)));
1332 /* Ensure the ref_count is decremented. */
1333 fd_attempt_close(fd_ptr);
1338 /* Set the correct entries in fd_ptr. */
1339 fd_ptr->dev = (uint32)sbuf->st_dev;
1340 fd_ptr->inode = (uint32)sbuf->st_ino;
1342 fsp->fd_ptr = fd_ptr;
1343 Connections[cnum].num_files_open++;
1344 fsp->mode = sbuf->st_mode;
1345 GetTimeOfDay(&fsp->open_time);
1346 fsp->vuid = current_user.vuid;
1350 fsp->mmap_ptr = NULL;
1352 fsp->can_lock = True;
1353 fsp->can_read = ((flags & O_WRONLY)==0);
1354 fsp->can_write = ((flags & (O_WRONLY|O_RDWR))!=0);
1355 fsp->share_mode = 0;
1356 fsp->print_file = Connections[cnum].printer;
1357 fsp->modified = False;
1358 fsp->granted_oplock = False;
1359 fsp->sent_oplock_break = False;
1361 string_set(&fsp->name,dos_to_unix(fname,False));
1362 fsp->wbmpx_ptr = NULL;
1365 * If the printer is marked as postscript output a leading
1366 * file identifier to ensure the file is treated as a raw
1368 * This has a similar effect as CtrlD=0 in WIN.INI file.
1369 * tim@fsg.com 09/06/94
1371 if (fsp->print_file && POSTSCRIPT(cnum) &&
1374 DEBUG(3,("Writing postscript line\n"));
1375 write_file(fnum,"%!\n",3);
1378 DEBUG(2,("%s %s opened file %s read=%s write=%s (numopen=%d fnum=%d)\n",
1379 timestring(),Connections[cnum].user,fname,
1380 BOOLSTR(fsp->can_read),BOOLSTR(fsp->can_write),
1381 Connections[cnum].num_files_open,fnum));
1386 /* mmap it if read-only */
1387 if (!fsp->can_write)
1389 fsp->mmap_size = file_size(fname);
1390 fsp->mmap_ptr = (char *)mmap(NULL,fsp->mmap_size,
1391 PROT_READ,MAP_SHARED,fsp->fd_ptr->fd,0);
1393 if (fsp->mmap_ptr == (char *)-1 || !fsp->mmap_ptr)
1395 DEBUG(3,("Failed to mmap() %s - %s\n",fname,strerror(errno)));
1396 fsp->mmap_ptr = NULL;
1402 /*******************************************************************
1404 ********************************************************************/
1405 void sync_file(int fnum)
1408 fsync(Files[fnum].fd_ptr->fd);
1412 /****************************************************************************
1413 run a file if it is a magic script
1414 ****************************************************************************/
1415 static void check_magic(int fnum,int cnum)
1417 if (!*lp_magicscript(SNUM(cnum)))
1420 DEBUG(5,("checking magic for %s\n",Files[fnum].name));
1424 if (!(p = strrchr(Files[fnum].name,'/')))
1425 p = Files[fnum].name;
1429 if (!strequal(lp_magicscript(SNUM(cnum)),p))
1435 pstring magic_output;
1437 pstrcpy(fname,Files[fnum].name);
1439 if (*lp_magicoutput(SNUM(cnum)))
1440 pstrcpy(magic_output,lp_magicoutput(SNUM(cnum)));
1442 sprintf(magic_output,"%s.out",fname);
1445 ret = smbrun(fname,magic_output,False);
1446 DEBUG(3,("Invoking magic command %s gave %d\n",fname,ret));
1452 /****************************************************************************
1453 close a file - possibly invalidating the read prediction
1455 If normal_close is 1 then this came from a normal SMBclose (or equivalent)
1456 operation otherwise it came as the result of some other operation such as
1457 the closing of the connection. In the latter case printing and
1458 magic scripts are not run
1459 ****************************************************************************/
1460 void close_file(int fnum, BOOL normal_close)
1462 files_struct *fs_p = &Files[fnum];
1463 int cnum = fs_p->cnum;
1464 uint32 dev = fs_p->fd_ptr->dev;
1465 uint32 inode = fs_p->fd_ptr->inode;
1468 Files[fnum].reserved = False;
1470 #if USE_READ_PREDICTION
1471 invalidate_read_prediction(fs_p->fd_ptr->fd);
1475 Connections[cnum].num_files_open--;
1478 free((char *)fs_p->wbmpx_ptr);
1479 fs_p->wbmpx_ptr = NULL;
1485 munmap(fs_p->mmap_ptr,fs_p->mmap_size);
1486 fs_p->mmap_ptr = NULL;
1490 if (lp_share_modes(SNUM(cnum)))
1492 lock_share_entry( cnum, dev, inode, &token);
1493 del_share_mode(token, fnum);
1496 fd_attempt_close(fs_p->fd_ptr);
1498 if (lp_share_modes(SNUM(cnum)))
1499 unlock_share_entry( cnum, dev, inode, token);
1501 /* NT uses smbclose to start a print - weird */
1502 if (normal_close && fs_p->print_file)
1505 /* check for magic scripts */
1507 check_magic(fnum,cnum);
1509 if(fs_p->granted_oplock == True)
1510 global_oplocks_open--;
1512 fs_p->sent_oplock_break = False;
1514 DEBUG(2,("%s %s closed file %s (numopen=%d)\n",
1515 timestring(),Connections[cnum].user,fs_p->name,
1516 Connections[cnum].num_files_open));
1519 enum {AFAIL,AREAD,AWRITE,AALL};
1521 /*******************************************************************
1522 reproduce the share mode access table
1523 ********************************************************************/
1524 static int access_table(int new_deny,int old_deny,int old_mode,
1525 int share_pid,char *fname)
1527 if (new_deny == DENY_ALL || old_deny == DENY_ALL) return(AFAIL);
1529 if (new_deny == DENY_DOS || old_deny == DENY_DOS) {
1531 if (old_deny == new_deny && share_pid == pid)
1534 if (old_mode == 0) return(AREAD);
1536 /* the new smbpub.zip spec says that if the file extension is
1537 .com, .dll, .exe or .sym then allow the open. I will force
1538 it to read-only as this seems sensible although the spec is
1539 a little unclear on this. */
1540 if ((fname = strrchr(fname,'.'))) {
1541 if (strequal(fname,".com") ||
1542 strequal(fname,".dll") ||
1543 strequal(fname,".exe") ||
1544 strequal(fname,".sym"))
1554 if (old_deny==DENY_WRITE && old_mode==0) return(AREAD);
1555 if (old_deny==DENY_READ && old_mode==0) return(AWRITE);
1556 if (old_deny==DENY_NONE && old_mode==0) return(AALL);
1559 if (old_deny==DENY_WRITE && old_mode==1) return(AREAD);
1560 if (old_deny==DENY_READ && old_mode==1) return(AWRITE);
1561 if (old_deny==DENY_NONE && old_mode==1) return(AALL);
1564 if (old_deny==DENY_WRITE) return(AREAD);
1565 if (old_deny==DENY_READ) return(AWRITE);
1566 if (old_deny==DENY_NONE) return(AALL);
1572 /*******************************************************************
1573 check if the share mode on a file allows it to be deleted or unlinked
1574 return True if sharing doesn't prevent the operation
1575 ********************************************************************/
1576 BOOL check_file_sharing(int cnum,char *fname, BOOL rename_op)
1580 share_mode_entry *old_shares = 0;
1581 int num_share_modes;
1587 if(!lp_share_modes(SNUM(cnum)))
1590 if (stat(fname,&sbuf) == -1) return(True);
1592 dev = (uint32)sbuf.st_dev;
1593 inode = (uint32)sbuf.st_ino;
1595 lock_share_entry(cnum, dev, inode, &token);
1596 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1599 * Check if the share modes will give us access.
1602 if(num_share_modes != 0)
1609 broke_oplock = False;
1610 for(i = 0; i < num_share_modes; i++)
1612 share_mode_entry *share_entry = &old_shares[i];
1615 * Break oplocks before checking share modes. See comment in
1616 * open_file_shared for details.
1617 * Check if someone has an oplock on this file. If so we must
1618 * break it before continuing.
1620 if(share_entry->op_type & BATCH_OPLOCK)
1624 * It appears that the NT redirector may have a bug, in that
1625 * it tries to do an SMBmv on a file that it has open with a
1626 * batch oplock, and then fails to respond to the oplock break
1627 * request. This only seems to occur when the client is doing an
1628 * SMBmv to the smbd it is using - thus we try and detect this
1629 * condition by checking if the file being moved is open and oplocked by
1630 * this smbd process, and then not sending the oplock break in this
1631 * special case. If the file was open with a deny mode that
1632 * prevents the move the SMBmv will fail anyway with a share
1633 * violation error. JRA.
1635 if(rename_op && (share_entry->pid == pid))
1637 DEBUG(0,("check_file_sharing: NT redirector workaround - rename attempted on \
1638 batch oplocked file %s, dev = %x, inode = %x\n", fname, dev, inode));
1640 * This next line is a test that allows the deny-mode
1641 * processing to be skipped. This seems to be needed as
1642 * NT insists on the rename succeeding (in Office 9x no less !).
1643 * This should be removed as soon as (a) MS fix the redirector
1644 * bug or (b) NT SMB support in Samba makes NT not issue the
1645 * call (as is my fervent hope). JRA.
1651 DEBUG(5,("check_file_sharing: breaking oplock (%x) on file %s, \
1652 dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
1654 /* Oplock break.... */
1655 unlock_share_entry(cnum, dev, inode, token);
1656 if(request_oplock_break(share_entry, dev, inode) == False)
1658 free((char *)old_shares);
1659 DEBUG(0,("check_file_sharing: FAILED when breaking oplock (%x) on file %s, \
1660 dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
1663 lock_share_entry(cnum, dev, inode, &token);
1664 broke_oplock = True;
1669 /* someone else has a share lock on it, check to see
1671 if ((share_entry->share_mode != DENY_DOS) || (share_entry->pid != pid))
1678 free((char *)old_shares);
1679 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1681 } while(broke_oplock);
1684 /* XXXX exactly what share mode combinations should be allowed for
1685 deleting/renaming? */
1686 /* If we got here then either there were no share modes or
1687 all share modes were DENY_DOS and the pid == getpid() */
1692 unlock_share_entry(cnum, dev, inode, token);
1693 if(old_shares != NULL)
1694 free((char *)old_shares);
1698 /****************************************************************************
1700 Helper for open_file_shared.
1701 Truncate a file after checking locking; close file if locked.
1702 **************************************************************************/
1703 static void truncate_unless_locked(int fnum, int cnum, int token,
1706 if (Files[fnum].can_write){
1707 if (is_locked(fnum,cnum,0x3FFFFFFF,0)){
1708 /* If share modes are in force for this connection we
1709 have the share entry locked. Unlock it before closing. */
1710 if (*share_locked && lp_share_modes(SNUM(cnum)))
1711 unlock_share_entry( cnum, Files[fnum].fd_ptr->dev,
1712 Files[fnum].fd_ptr->inode, token);
1713 close_file(fnum,False);
1714 /* Share mode no longer locked. */
1715 *share_locked = False;
1717 unix_ERR_class = ERRDOS;
1718 unix_ERR_code = ERRlock;
1721 ftruncate(Files[fnum].fd_ptr->fd,0);
1725 /****************************************************************************
1726 check if we can open a file with a share mode
1727 ****************************************************************************/
1728 int check_share_mode( share_mode_entry *share, int deny_mode, char *fname,
1729 BOOL fcbopen, int *flags)
1731 int old_open_mode = share->share_mode &0xF;
1732 int old_deny_mode = (share->share_mode >>4)&7;
1734 if (old_deny_mode > 4 || old_open_mode > 2)
1736 DEBUG(0,("Invalid share mode found (%d,%d,%d) on file %s\n",
1737 deny_mode,old_deny_mode,old_open_mode,fname));
1742 int access_allowed = access_table(deny_mode,old_deny_mode,old_open_mode,
1745 if ((access_allowed == AFAIL) ||
1746 (!fcbopen && (access_allowed == AREAD && *flags == O_RDWR)) ||
1747 (access_allowed == AREAD && *flags == O_WRONLY) ||
1748 (access_allowed == AWRITE && *flags == O_RDONLY))
1750 DEBUG(2,("Share violation on file (%d,%d,%d,%d,%s,fcbopen = %d, flags = %d) = %d\n",
1751 deny_mode,old_deny_mode,old_open_mode,
1752 share->pid,fname, fcbopen, *flags, access_allowed));
1756 if (access_allowed == AREAD)
1759 if (access_allowed == AWRITE)
1766 /****************************************************************************
1767 open a file with a share mode
1768 ****************************************************************************/
1769 void open_file_shared(int fnum,int cnum,char *fname,int share_mode,int ofun,
1770 int mode,int oplock_request, int *Access,int *action)
1772 files_struct *fs_p = &Files[fnum];
1775 int deny_mode = (share_mode>>4)&7;
1777 BOOL file_existed = file_exist(fname,&sbuf);
1778 BOOL share_locked = False;
1779 BOOL fcbopen = False;
1783 int num_share_modes = 0;
1788 /* this is for OS/2 EAs - try and say we don't support them */
1789 if (strstr(fname,".+,;=[]."))
1791 unix_ERR_class = ERRDOS;
1792 /* OS/2 Workplace shell fix may be main code stream in a later release. */
1794 unix_ERR_code = ERRcannotopen;
1795 #else /* OS2_WPS_FIX */
1796 unix_ERR_code = ERROR_EAS_NOT_SUPPORTED;
1797 #endif /* OS2_WPS_FIX */
1802 if ((ofun & 0x3) == 0 && file_existed)
1810 if ((ofun & 0x3) == 2)
1813 /* note that we ignore the append flag as
1814 append does not mean the same thing under dos and unix */
1816 switch (share_mode&0xF)
1833 if (flags != O_RDONLY && file_existed &&
1834 (!CAN_WRITE(cnum) || IS_DOS_READONLY(dos_mode(cnum,fname,&sbuf))))
1844 if (deny_mode > DENY_NONE && deny_mode!=DENY_FCB)
1846 DEBUG(2,("Invalid deny mode %d on file %s\n",deny_mode,fname));
1851 if (deny_mode == DENY_FCB) deny_mode = DENY_DOS;
1853 if (lp_share_modes(SNUM(cnum)))
1856 share_mode_entry *old_shares = 0;
1860 dev = (uint32)sbuf.st_dev;
1861 inode = (uint32)sbuf.st_ino;
1862 lock_share_entry(cnum, dev, inode, &token);
1863 share_locked = True;
1864 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1868 * Check if the share modes will give us access.
1871 if(share_locked && (num_share_modes != 0))
1878 broke_oplock = False;
1879 for(i = 0; i < num_share_modes; i++)
1881 share_mode_entry *share_entry = &old_shares[i];
1884 * By observation of NetBench, oplocks are broken *before* share
1885 * modes are checked. This allows a file to be closed by the client
1886 * if the share mode would deny access and the client has an oplock.
1887 * Check if someone has an oplock on this file. If so we must break
1888 * it before continuing.
1890 if(share_entry->op_type & (EXCLUSIVE_OPLOCK|BATCH_OPLOCK))
1893 DEBUG(5,("open_file_shared: breaking oplock (%x) on file %s, \
1894 dev = %x, inode = %x\n", share_entry->op_type, fname, dev, inode));
1896 /* Oplock break.... */
1897 unlock_share_entry(cnum, dev, inode, token);
1898 if(request_oplock_break(share_entry, dev, inode) == False)
1900 free((char *)old_shares);
1901 DEBUG(0,("open_file_shared: FAILED when breaking oplock (%x) on file %s, \
1902 dev = %x, inode = %x\n", old_shares[i].op_type, fname, dev, inode));
1904 unix_ERR_class = ERRDOS;
1905 unix_ERR_code = ERRbadshare;
1908 lock_share_entry(cnum, dev, inode, &token);
1909 broke_oplock = True;
1913 /* someone else has a share lock on it, check to see
1915 if(check_share_mode(share_entry, deny_mode, fname, fcbopen, &flags) == False)
1917 free((char *)old_shares);
1918 unlock_share_entry(cnum, dev, inode, token);
1920 unix_ERR_class = ERRDOS;
1921 unix_ERR_code = ERRbadshare;
1929 free((char *)old_shares);
1930 num_share_modes = get_share_modes(cnum, token, dev, inode, &old_shares);
1932 } while(broke_oplock);
1936 free((char *)old_shares);
1939 DEBUG(4,("calling open_file with flags=0x%X flags2=0x%X mode=0%o\n",
1940 flags,flags2,mode));
1942 open_file(fnum,cnum,fname,flags|(flags2&~(O_TRUNC)),mode,file_existed ? &sbuf : 0);
1943 if (!fs_p->open && flags==O_RDWR && errno!=ENOENT && fcbopen)
1946 open_file(fnum,cnum,fname,flags,mode,file_existed ? &sbuf : 0 );
1953 if((share_locked == False) && lp_share_modes(SNUM(cnum)))
1955 /* We created the file - thus we must now lock the share entry before creating it. */
1956 dev = fs_p->fd_ptr->dev;
1957 inode = fs_p->fd_ptr->inode;
1958 lock_share_entry(cnum, dev, inode, &token);
1959 share_locked = True;
1975 fs_p->share_mode = (deny_mode<<4) | open_mode;
1978 (*Access) = open_mode;
1982 if (file_existed && !(flags2 & O_TRUNC)) *action = 1;
1983 if (!file_existed) *action = 2;
1984 if (file_existed && (flags2 & O_TRUNC)) *action = 3;
1986 /* We must create the share mode entry before truncate as
1987 truncate can fail due to locking and have to close the
1988 file (which expects the share_mode_entry to be there).
1990 if (lp_share_modes(SNUM(cnum)))
1993 /* JRA. Currently this only services Exlcusive and batch
1994 oplocks (no other opens on this file). This needs to
1995 be extended to level II oplocks (multiple reader
1998 if(oplock_request && (num_share_modes == 0) && lp_oplocks(SNUM(cnum)) &&
1999 !IS_VETO_OPLOCK_PATH(cnum,fname))
2001 fs_p->granted_oplock = True;
2002 fs_p->sent_oplock_break = False;
2003 global_oplocks_open++;
2006 DEBUG(5,("open_file_shared: granted oplock (%x) on file %s, \
2007 dev = %x, inode = %x\n", oplock_request, fname, dev, inode));
2015 set_share_mode(token, fnum, port, oplock_request);
2018 if ((flags2&O_TRUNC) && file_existed)
2019 truncate_unless_locked(fnum,cnum,token,&share_locked);
2022 if (share_locked && lp_share_modes(SNUM(cnum)))
2023 unlock_share_entry( cnum, dev, inode, token);
2026 /****************************************************************************
2027 seek a file. Try to avoid the seek if possible
2028 ****************************************************************************/
2029 int seek_file(int fnum,uint32 pos)
2032 if (Files[fnum].print_file && POSTSCRIPT(Files[fnum].cnum))
2035 Files[fnum].pos = (int)(lseek(Files[fnum].fd_ptr->fd,pos+offset,SEEK_SET)
2037 return(Files[fnum].pos);
2040 /****************************************************************************
2042 ****************************************************************************/
2043 int read_file(int fnum,char *data,uint32 pos,int n)
2047 #if USE_READ_PREDICTION
2048 if (!Files[fnum].can_write)
2050 ret = read_predict(Files[fnum].fd_ptr->fd,pos,data,NULL,n);
2059 if (Files[fnum].mmap_ptr)
2061 int num = MIN(n,(int)(Files[fnum].mmap_size-pos));
2064 memcpy(data,Files[fnum].mmap_ptr+pos,num);
2076 if (seek_file(fnum,pos) != pos)
2078 DEBUG(3,("Failed to seek to %d\n",pos));
2083 readret = read(Files[fnum].fd_ptr->fd,data,n);
2084 if (readret > 0) ret += readret;
2091 /****************************************************************************
2093 ****************************************************************************/
2094 int write_file(int fnum,char *data,int n)
2096 if (!Files[fnum].can_write) {
2101 if (!Files[fnum].modified) {
2103 Files[fnum].modified = True;
2104 if (fstat(Files[fnum].fd_ptr->fd,&st) == 0) {
2105 int dosmode = dos_mode(Files[fnum].cnum,Files[fnum].name,&st);
2106 if (MAP_ARCHIVE(Files[fnum].cnum) && !IS_DOS_ARCHIVE(dosmode)) {
2107 dos_chmod(Files[fnum].cnum,Files[fnum].name,dosmode | aARCH,&st);
2112 return(write_data(Files[fnum].fd_ptr->fd,data,n));
2116 /****************************************************************************
2117 load parameters specific to a connection/service
2118 ****************************************************************************/
2119 BOOL become_service(int cnum,BOOL do_chdir)
2121 extern char magic_char;
2122 static int last_cnum = -1;
2125 if (!OPEN_CNUM(cnum))
2131 Connections[cnum].lastused = smb_last_time;
2136 ChDir(Connections[cnum].connectpath) != 0 &&
2137 ChDir(Connections[cnum].origpath) != 0)
2139 DEBUG(0,("%s chdir (%s) failed cnum=%d\n",timestring(),
2140 Connections[cnum].connectpath,cnum));
2144 if (cnum == last_cnum)
2149 case_default = lp_defaultcase(snum);
2150 case_preserve = lp_preservecase(snum);
2151 short_case_preserve = lp_shortpreservecase(snum);
2152 case_mangle = lp_casemangle(snum);
2153 case_sensitive = lp_casesensitive(snum);
2154 magic_char = lp_magicchar(snum);
2155 use_mangled_map = (*lp_mangled_map(snum) ? True:False);
2160 /****************************************************************************
2161 find a service entry
2162 ****************************************************************************/
2163 int find_service(char *service)
2167 string_sub(service,"\\","/");
2169 iService = lp_servicenumber(service);
2171 /* now handle the special case of a home directory */
2174 char *phome_dir = get_home_dir(service);
2175 DEBUG(3,("checking for home directory %s gave %s\n",service,
2176 phome_dir?phome_dir:"(NULL)"));
2180 if ((iHomeService = lp_servicenumber(HOMES_NAME)) >= 0)
2182 lp_add_home(service,iHomeService,phome_dir);
2183 iService = lp_servicenumber(service);
2188 /* If we still don't have a service, attempt to add it as a printer. */
2191 int iPrinterService;
2193 if ((iPrinterService = lp_servicenumber(PRINTERS_NAME)) >= 0)
2197 DEBUG(3,("checking whether %s is a valid printer name...\n", service));
2199 if ((pszTemp != NULL) && pcap_printername_ok(service, pszTemp))
2201 DEBUG(3,("%s is a valid printer name\n", service));
2202 DEBUG(3,("adding %s as a printer service\n", service));
2203 lp_add_printer(service,iPrinterService);
2204 iService = lp_servicenumber(service);
2206 DEBUG(0,("failed to add %s as a printer service!\n", service));
2209 DEBUG(3,("%s is not a valid printer name\n", service));
2213 /* just possibly it's a default service? */
2216 char *defservice = lp_defaultservice();
2217 if (defservice && *defservice && !strequal(defservice,service)) {
2218 iService = find_service(defservice);
2219 if (iService >= 0) {
2220 string_sub(service,"_","/");
2221 iService = lp_add_service(service,iService);
2227 if (!VALID_SNUM(iService))
2229 DEBUG(0,("Invalid snum %d for %s\n",iService,service));
2234 DEBUG(3,("find_service() failed to find service %s\n", service));
2240 /****************************************************************************
2241 create an error packet from a cached error.
2242 ****************************************************************************/
2243 int cached_error_packet(char *inbuf,char *outbuf,int fnum,int line)
2245 write_bmpx_struct *wbmpx = Files[fnum].wbmpx_ptr;
2247 int32 eclass = wbmpx->wr_errclass;
2248 int32 err = wbmpx->wr_error;
2250 /* We can now delete the auxiliary struct */
2251 free((char *)wbmpx);
2252 Files[fnum].wbmpx_ptr = NULL;
2253 return error_packet(inbuf,outbuf,eclass,err,line);
2262 } unix_smb_errmap[] =
2264 {EPERM,ERRDOS,ERRnoaccess},
2265 {EACCES,ERRDOS,ERRnoaccess},
2266 {ENOENT,ERRDOS,ERRbadfile},
2267 {ENOTDIR,ERRDOS,ERRbadpath},
2268 {EIO,ERRHRD,ERRgeneral},
2269 {EBADF,ERRSRV,ERRsrverror},
2270 {EINVAL,ERRSRV,ERRsrverror},
2271 {EEXIST,ERRDOS,ERRfilexists},
2272 {ENFILE,ERRDOS,ERRnofids},
2273 {EMFILE,ERRDOS,ERRnofids},
2274 {ENOSPC,ERRHRD,ERRdiskfull},
2276 {EDQUOT,ERRHRD,ERRdiskfull},
2279 {ENOTEMPTY,ERRDOS,ERRnoaccess},
2282 {EXDEV,ERRDOS,ERRdiffdevice},
2284 {EROFS,ERRHRD,ERRnowrite},
2288 /****************************************************************************
2289 create an error packet from errno
2290 ****************************************************************************/
2291 int unix_error_packet(char *inbuf,char *outbuf,int def_class,uint32 def_code,int line)
2293 int eclass=def_class;
2297 if (unix_ERR_class != SUCCESS)
2299 eclass = unix_ERR_class;
2300 ecode = unix_ERR_code;
2301 unix_ERR_class = SUCCESS;
2306 while (unix_smb_errmap[i].smbclass != 0)
2308 if (unix_smb_errmap[i].unixerror == errno)
2310 eclass = unix_smb_errmap[i].smbclass;
2311 ecode = unix_smb_errmap[i].smbcode;
2318 return(error_packet(inbuf,outbuf,eclass,ecode,line));
2322 /****************************************************************************
2323 create an error packet. Normally called using the ERROR() macro
2324 ****************************************************************************/
2325 int error_packet(char *inbuf,char *outbuf,int error_class,uint32 error_code,int line)
2327 int outsize = set_message(outbuf,0,0,True);
2329 cmd = CVAL(inbuf,smb_com);
2331 CVAL(outbuf,smb_rcls) = error_class;
2332 SSVAL(outbuf,smb_err,error_code);
2334 DEBUG(3,("%s error packet at line %d cmd=%d (%s) eclass=%d ecode=%d\n",
2337 (int)CVAL(inbuf,smb_com),
2338 smb_fn_name(CVAL(inbuf,smb_com)),
2343 DEBUG(3,("error string = %s\n",strerror(errno)));
2349 #ifndef SIGCLD_IGNORE
2350 /****************************************************************************
2351 this prevents zombie child processes
2352 ****************************************************************************/
2353 static int sig_cld()
2355 static int depth = 0;
2358 DEBUG(0,("ERROR: Recursion in sig_cld? Perhaps you need `#define USE_WAITPID'?\n"));
2364 BlockSignals(True,SIGCLD);
2365 DEBUG(5,("got SIGCLD\n"));
2368 while (sys_waitpid((pid_t)-1,(int *)NULL, WNOHANG) > 0);
2372 /* Stevens, Adv. Unix Prog. says that on system V you must call
2373 wait before reinstalling the signal handler, because the kernel
2374 calls the handler from within the signal-call when there is a
2375 child that has exited. This would lead to an infinite recursion
2376 if done vice versa. */
2378 #ifndef DONT_REINSTALL_SIG
2379 #ifdef SIGCLD_IGNORE
2380 signal(SIGCLD, SIG_IGN);
2382 signal(SIGCLD, SIGNAL_CAST sig_cld);
2387 while (wait3(WAIT3_CAST1 NULL, WNOHANG, WAIT3_CAST2 NULL) > 0);
2390 BlockSignals(False,SIGCLD);
2395 /****************************************************************************
2396 this is called when the client exits abruptly
2397 **************************************************************************/
2398 static int sig_pipe()
2400 struct cli_state *cli;
2401 BlockSignals(True,SIGPIPE);
2403 if ((cli = server_client()) && cli->initialised) {
2404 DEBUG(3,("lost connection to password server\n"));
2406 #ifndef DONT_REINSTALL_SIG
2407 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2409 BlockSignals(False,SIGPIPE);
2413 exit_server("Got sigpipe\n");
2417 /****************************************************************************
2418 open the socket communication
2419 ****************************************************************************/
2420 static BOOL open_sockets(BOOL is_daemon,int port)
2426 int num_interfaces = iface_count();
2427 int fd_listenset[FD_SETSIZE];
2433 #ifdef SIGCLD_IGNORE
2434 signal(SIGCLD, SIG_IGN);
2436 signal(SIGCLD, SIGNAL_CAST sig_cld);
2442 FD_ZERO(&listen_set);
2444 if(lp_interfaces() && lp_bind_interfaces_only())
2446 /* We have been given an interfaces line, and been
2447 told to only bind to those interfaces. Create a
2448 socket per interface and bind to only these.
2451 if(num_interfaces > FD_SETSIZE)
2453 DEBUG(0,("open_sockets: Too many interfaces specified to bind to. Number was %d \
2454 max can be %d\n", num_interfaces, FD_SETSIZE));
2458 /* Now open a listen socket for each of the interfaces. */
2459 for(i = 0; i < num_interfaces; i++)
2461 struct in_addr *ifip = iface_n_ip(i);
2465 DEBUG(0,("open_sockets: interface %d has NULL IP address !\n", i));
2468 s = fd_listenset[i] = open_socket_in(SOCK_STREAM, port, 0, ifip->s_addr);
2471 /* ready to listen */
2472 if (listen(s, 5) == -1)
2474 DEBUG(0,("listen: %s\n",strerror(errno)));
2478 FD_SET(s,&listen_set);
2483 /* Just bind to 0.0.0.0 - accept connections from anywhere. */
2486 /* open an incoming socket */
2487 s = open_socket_in(SOCK_STREAM, port, 0,interpret_addr(lp_socket_address()));
2491 /* ready to listen */
2492 if (listen(s, 5) == -1)
2494 DEBUG(0,("open_sockets: listen: %s\n",strerror(errno)));
2499 fd_listenset[0] = s;
2500 FD_SET(s,&listen_set);
2503 /* now accept incoming connections - forking a new process
2504 for each incoming connection */
2505 DEBUG(2,("waiting for a connection\n"));
2511 memcpy((char *)&lfds, (char *)&listen_set, sizeof(listen_set));
2513 num = sys_select(&lfds,NULL);
2515 if (num == -1 && errno == EINTR)
2518 /* Find the sockets that are read-ready - accept on these. */
2519 for( ; num > 0; num--)
2521 struct sockaddr addr;
2522 int in_addrlen = sizeof(addr);
2525 for(i = 0; i < num_interfaces; i++)
2527 if(FD_ISSET(fd_listenset[i],&lfds))
2529 s = fd_listenset[i];
2530 /* Clear this so we don't look at it again. */
2531 FD_CLR(fd_listenset[i],&lfds);
2536 Client = accept(s,&addr,&in_addrlen);
2538 if (Client == -1 && errno == EINTR)
2543 DEBUG(0,("open_sockets: accept: %s\n",strerror(errno)));
2547 #ifdef NO_FORK_DEBUG
2548 #ifndef NO_SIGNAL_TEST
2549 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2550 signal(SIGCLD, SIGNAL_CAST SIG_DFL);
2551 #endif /* NO_SIGNAL_TEST */
2553 #else /* NO_FORK_DEBUG */
2554 if (Client != -1 && fork()==0)
2556 /* Child code ... */
2558 #ifndef NO_SIGNAL_TEST
2559 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2560 signal(SIGCLD, SIGNAL_CAST SIG_DFL);
2561 #endif /* NO_SIGNAL_TEST */
2562 /* close the listening socket(s) */
2563 for(i = 0; i < num_interfaces; i++)
2564 close(fd_listenset[i]);
2566 /* close our standard file descriptors */
2570 set_socket_options(Client,"SO_KEEPALIVE");
2571 set_socket_options(Client,user_socket_options);
2573 /* Reset global variables in util.c so that
2574 client substitutions will be done correctly
2577 reset_globals_after_fork();
2580 close(Client); /* The parent doesn't need this socket */
2581 #endif /* NO_FORK_DEBUG */
2584 } /* end if is_daemon */
2587 /* Started from inetd. fd 0 is the socket. */
2588 /* We will abort gracefully when the client or remote system
2590 #ifndef NO_SIGNAL_TEST
2591 signal(SIGPIPE, SIGNAL_CAST sig_pipe);
2595 /* close our standard file descriptors */
2598 set_socket_options(Client,"SO_KEEPALIVE");
2599 set_socket_options(Client,user_socket_options);
2605 /****************************************************************************
2606 process an smb from the client - split out from the process() code so
2607 it can be used by the oplock break code.
2608 ****************************************************************************/
2610 static void process_smb(char *inbuf, char *outbuf)
2613 static int trans_num;
2614 int msg_type = CVAL(inbuf,0);
2615 int32 len = smb_len(inbuf);
2616 int nread = len + 4;
2618 if (trans_num == 0) {
2619 /* on the first packet, check the global hosts allow/ hosts
2620 deny parameters before doing any parsing of the packet
2621 passed to us by the client. This prevents attacks on our
2622 parsing code from hosts not in the hosts allow list */
2623 if (!check_access(-1)) {
2624 /* send a negative session response "not listining on calling
2626 static unsigned char buf[5] = {0x83, 0, 0, 1, 0x81};
2627 DEBUG(1,("%s Connection denied from %s\n",
2628 timestring(),client_addr(Client)));
2629 send_smb(Client,(char *)buf);
2630 exit_server("connection denied");
2634 DEBUG(6,("got message type 0x%x of len 0x%x\n",msg_type,len));
2635 DEBUG(3,("%s Transaction %d of length %d\n",timestring(),trans_num,nread));
2638 if(trans_num == 1 && VT_Check(inbuf))
2647 else if(msg_type == 0x85)
2648 return; /* Keepalive packet. */
2650 nread = construct_reply(inbuf,outbuf,nread,max_send);
2654 if (CVAL(outbuf,0) == 0)
2657 if (nread != smb_len(outbuf) + 4)
2659 DEBUG(0,("ERROR: Invalid message response size! %d %d\n",
2660 nread, smb_len(outbuf)));
2663 send_smb(Client,outbuf);
2668 /****************************************************************************
2669 open the oplock IPC socket communication
2670 ****************************************************************************/
2671 static BOOL open_oplock_ipc()
2673 struct sockaddr_in sock_name;
2674 int len = sizeof(sock_name);
2676 DEBUG(3,("open_oplock_ipc: opening loopback UDP socket.\n"));
2678 /* Open a lookback UDP socket on a random port. */
2679 oplock_sock = open_socket_in(SOCK_DGRAM, 0, 0, htonl(INADDR_LOOPBACK));
2680 if (oplock_sock == -1)
2682 DEBUG(0,("open_oplock_ipc: Failed to get local UDP socket for \
2683 address %x. Error was %s\n", htonl(INADDR_LOOPBACK), strerror(errno)));
2688 /* Find out the transient UDP port we have been allocated. */
2689 if(getsockname(oplock_sock, (struct sockaddr *)&sock_name, &len)<0)
2691 DEBUG(0,("open_oplock_ipc: Failed to get local UDP port. Error was %s\n",
2698 oplock_port = ntohs(sock_name.sin_port);
2700 DEBUG(3,("open_oplock ipc: pid = %d, oplock_port = %u\n",
2701 getpid(), oplock_port));
2706 /****************************************************************************
2707 process an oplock break message.
2708 ****************************************************************************/
2709 static BOOL process_local_message(int sock, char *buffer, int buf_size)
2715 msg_len = IVAL(buffer,UDP_CMD_LEN_OFFSET);
2716 from_port = SVAL(buffer,UDP_CMD_PORT_OFFSET);
2718 msg_start = &buffer[UDP_CMD_HEADER_LEN];
2720 DEBUG(5,("process_local_message: Got a message of length %d from port (%d)\n",
2721 msg_len, from_port));
2723 /* Switch on message command - currently OPLOCK_BREAK_CMD is the
2724 only valid request. */
2726 switch(SVAL(msg_start,UDP_MESSAGE_CMD_OFFSET))
2728 case OPLOCK_BREAK_CMD:
2729 /* Ensure that the msg length is correct. */
2730 if(msg_len != OPLOCK_BREAK_MSG_LEN)
2732 DEBUG(0,("process_local_message: incorrect length for OPLOCK_BREAK_CMD (was %d, \
2733 should be %d).\n", msg_len, OPLOCK_BREAK_MSG_LEN));
2737 uint32 remotepid = IVAL(msg_start,OPLOCK_BREAK_PID_OFFSET);
2738 uint32 dev = IVAL(msg_start,OPLOCK_BREAK_DEV_OFFSET);
2739 uint32 inode = IVAL(msg_start, OPLOCK_BREAK_INODE_OFFSET);
2740 struct timeval tval;
2741 struct sockaddr_in toaddr;
2743 tval.tv_sec = IVAL(msg_start, OPLOCK_BREAK_SEC_OFFSET);
2744 tval.tv_usec = IVAL(msg_start, OPLOCK_BREAK_USEC_OFFSET);
2746 DEBUG(5,("process_local_message: oplock break request from \
2747 pid %d, port %d, dev = %x, inode = %x\n", remotepid, from_port, dev, inode));
2750 * If we have no record of any currently open oplocks,
2751 * it's not an error, as a close command may have
2752 * just been issued on the file that was oplocked.
2753 * Just return success in this case.
2756 if(global_oplocks_open != 0)
2758 if(oplock_break(dev, inode, &tval) == False)
2760 DEBUG(0,("process_local_message: oplock break failed - \
2761 not returning udp message.\n"));
2767 DEBUG(3,("process_local_message: oplock break requested with no outstanding \
2768 oplocks. Returning success.\n"));
2771 /* Send the message back after OR'ing in the 'REPLY' bit. */
2772 SSVAL(msg_start,UDP_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD | CMD_REPLY);
2774 bzero((char *)&toaddr,sizeof(toaddr));
2775 toaddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
2776 toaddr.sin_port = htons(from_port);
2777 toaddr.sin_family = AF_INET;
2779 if(sendto( sock, msg_start, OPLOCK_BREAK_MSG_LEN, 0,
2780 (struct sockaddr *)&toaddr, sizeof(toaddr)) < 0)
2782 DEBUG(0,("process_local_message: sendto process %d failed. Errno was %s\n",
2783 remotepid, strerror(errno)));
2787 DEBUG(5,("process_local_message: oplock break reply sent to \
2788 pid %d, port %d, for file dev = %x, inode = %x\n", remotepid,
2789 from_port, dev, inode));
2794 * Keep this as a debug case - eventually we can remove it.
2797 DEBUG(0,("process_local_message: Received unsolicited break \
2798 reply - dumping info.\n"));
2800 if(msg_len != OPLOCK_BREAK_MSG_LEN)
2802 DEBUG(0,("process_local_message: ubr: incorrect length for reply \
2803 (was %d, should be %d).\n", msg_len, OPLOCK_BREAK_MSG_LEN));
2808 uint32 remotepid = IVAL(msg_start,OPLOCK_BREAK_PID_OFFSET);
2809 uint32 dev = IVAL(msg_start,OPLOCK_BREAK_DEV_OFFSET);
2810 uint32 inode = IVAL(msg_start, OPLOCK_BREAK_INODE_OFFSET);
2812 DEBUG(0,("process_local_message: unsolicited oplock break reply from \
2813 pid %d, port %d, dev = %x, inode = %x\n", remotepid, from_port, dev, inode));
2819 DEBUG(0,("process_local_message: unknown UDP message command code (%x) - ignoring.\n",
2820 (unsigned int)SVAL(msg_start,0)));
2826 /****************************************************************************
2827 Process an oplock break directly.
2828 ****************************************************************************/
2829 BOOL oplock_break(uint32 dev, uint32 inode, struct timeval *tval)
2833 char *outbuf = NULL;
2834 files_struct *fsp = NULL;
2837 BOOL shutdown_server = False;
2839 DEBUG(3,("%s oplock_break: called for dev = %x, inode = %x. Current \
2840 global_oplocks_open = %d\n", timestring(), dev, inode, global_oplocks_open));
2842 /* We need to search the file open table for the
2843 entry containing this dev and inode, and ensure
2844 we have an oplock on it. */
2845 for( fnum = 0; fnum < MAX_OPEN_FILES; fnum++)
2849 if((Files[fnum].fd_ptr->dev == dev) && (Files[fnum].fd_ptr->inode == inode) &&
2850 (Files[fnum].open_time.tv_sec == tval->tv_sec) &&
2851 (Files[fnum].open_time.tv_usec == tval->tv_usec)) {
2860 /* The file could have been closed in the meantime - return success. */
2861 DEBUG(0,("%s oplock_break: cannot find open file with dev = %x, inode = %x (fnum = %d) \
2862 allowing break to succeed.\n", timestring(), dev, inode, fnum));
2866 /* Ensure we have an oplock on the file */
2868 /* There is a potential race condition in that an oplock could
2869 have been broken due to another udp request, and yet there are
2870 still oplock break messages being sent in the udp message
2871 queue for this file. So return true if we don't have an oplock,
2872 as we may have just freed it.
2875 if(!fsp->granted_oplock)
2877 DEBUG(0,("%s oplock_break: file %s (fnum = %d, dev = %x, inode = %x) has no oplock. Allowing break to succeed regardless.\n", timestring(), fsp->name, fnum, dev, inode));
2881 /* mark the oplock break as sent - we don't want to send twice! */
2882 if (fsp->sent_oplock_break)
2884 DEBUG(0,("%s oplock_break: ERROR: oplock_break already sent for file %s (fnum = %d, dev = %x, inode = %x)\n", timestring(), fsp->name, fnum, dev, inode));
2886 /* We have to fail the open here as we cannot send another oplock break on this
2887 file whilst we are awaiting a response from the client - neither can we
2888 allow another open to succeed while we are waiting for the client. */
2892 /* Now comes the horrid part. We must send an oplock break to the client,
2893 and then process incoming messages until we get a close or oplock release.
2894 At this point we know we need a new inbuf/outbuf buffer pair.
2895 We cannot use these staticaly as we may recurse into here due to
2896 messages crossing on the wire.
2899 if((inbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
2901 DEBUG(0,("oplock_break: malloc fail for input buffer.\n"));
2905 if((outbuf = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN))==NULL)
2907 DEBUG(0,("oplock_break: malloc fail for output buffer.\n"));
2913 /* Prepare the SMBlockingX message. */
2914 bzero(outbuf,smb_size);
2915 set_message(outbuf,8,0,True);
2917 SCVAL(outbuf,smb_com,SMBlockingX);
2918 SSVAL(outbuf,smb_tid,fsp->cnum);
2919 SSVAL(outbuf,smb_pid,0xFFFF);
2920 SSVAL(outbuf,smb_uid,0);
2921 SSVAL(outbuf,smb_mid,0xFFFF);
2922 SCVAL(outbuf,smb_vwv0,0xFF);
2923 SSVAL(outbuf,smb_vwv2,fnum);
2924 SCVAL(outbuf,smb_vwv3,LOCKING_ANDX_OPLOCK_RELEASE);
2925 /* Change this when we have level II oplocks. */
2926 SCVAL(outbuf,smb_vwv3+1,OPLOCKLEVEL_NONE);
2928 send_smb(Client, outbuf);
2930 /* Remember we just sent an oplock break on this file. */
2931 fsp->sent_oplock_break = True;
2933 /* We need this in case a readraw crosses on the wire. */
2934 global_oplock_break = True;
2936 /* Process incoming messages. */
2938 /* JRA - If we don't get a break from the client in OPLOCK_BREAK_TIMEOUT
2939 seconds we should just die.... */
2941 start_time = time(NULL);
2943 while(OPEN_FNUM(fnum) && fsp->granted_oplock)
2945 if(receive_smb(Client,inbuf,OPLOCK_BREAK_TIMEOUT * 1000) == False)
2948 * Die if we got an error.
2951 if (smb_read_error == READ_EOF)
2952 DEBUG(0,("%s oplock_break: end of file from client\n", timestring()));
2954 if (smb_read_error == READ_ERROR)
2955 DEBUG(0,("%s oplock_break: receive_smb error (%s)\n",
2956 timestring(), strerror(errno)));
2958 if (smb_read_error == READ_TIMEOUT)
2959 DEBUG(0,("%s oplock_break: receive_smb timed out after %d seconds.\n",
2960 timestring(), OPLOCK_BREAK_TIMEOUT));
2962 DEBUG(0,("%s oplock_break failed for file %s (fnum = %d, dev = %x, \
2963 inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
2964 shutdown_server = True;
2969 * There are certain SMB requests that we shouldn't allow
2970 * to recurse. opens, renames and deletes are the obvious
2971 * ones. This is handled in the switch_message() function.
2972 * If global_oplock_break is set they will push the packet onto
2973 * the pending smb queue and return -1 (no reply).
2977 process_smb(inbuf, outbuf);
2980 * Die if we go over the time limit.
2983 if((time(NULL) - start_time) > OPLOCK_BREAK_TIMEOUT)
2985 DEBUG(0,("%s oplock_break: no break received from client within \
2986 %d seconds.\n", timestring(), OPLOCK_BREAK_TIMEOUT));
2987 DEBUG(0,("%s oplock_break failed for file %s (fnum = %d, dev = %x, \
2988 inode = %x).\n", timestring(), fsp->name, fnum, dev, inode));
2989 shutdown_server = True;
2994 /* Free the buffers we've been using to recurse. */
2998 /* We need this in case a readraw crossed on the wire. */
2999 if(global_oplock_break)
3000 global_oplock_break = False;
3003 * If the client did not respond we must die.
3008 DEBUG(0,("%s oplock_break: client failure in break - shutting down this smbd.\n",
3012 exit_server("oplock break failure");
3017 /* The lockingX reply will have removed the oplock flag
3018 from the sharemode. */
3020 fsp->granted_oplock = False;
3021 fsp->sent_oplock_break = False;
3022 global_oplocks_open--;
3025 /* Santity check - remove this later. JRA */
3026 if(global_oplocks_open < 0)
3028 DEBUG(0,("oplock_break: global_oplocks_open < 0 (%d). PANIC ERROR\n",
3029 global_oplocks_open));
3030 exit_server("oplock_break: global_oplocks_open < 0");
3033 DEBUG(3,("%s oplock_break: returning success for fnum = %d, dev = %x, inode = %x. Current \
3034 global_oplocks_open = %d\n", timestring(), fnum, dev, inode, global_oplocks_open));
3039 /****************************************************************************
3040 Send an oplock break message to another smbd process. If the oplock is held
3041 by the local smbd then call the oplock break function directly.
3042 ****************************************************************************/
3044 BOOL request_oplock_break(share_mode_entry *share_entry,
3045 uint32 dev, uint32 inode)
3047 char op_break_msg[OPLOCK_BREAK_MSG_LEN];
3048 struct sockaddr_in addr_out;
3053 if(pid == share_entry->pid)
3055 /* We are breaking our own oplock, make sure it's us. */
3056 if(share_entry->op_port != oplock_port)
3058 DEBUG(0,("request_oplock_break: corrupt share mode entry - pid = %d, port = %d \
3059 should be %d\n", pid, share_entry->op_port, oplock_port));
3063 DEBUG(5,("request_oplock_break: breaking our own oplock\n"));
3065 /* Call oplock break direct. */
3066 return oplock_break(dev, inode, &share_entry->time);
3069 /* We need to send a OPLOCK_BREAK_CMD message to the
3070 port in the share mode entry. */
3072 SSVAL(op_break_msg,UDP_MESSAGE_CMD_OFFSET,OPLOCK_BREAK_CMD);
3073 SIVAL(op_break_msg,OPLOCK_BREAK_PID_OFFSET,pid);
3074 SIVAL(op_break_msg,OPLOCK_BREAK_DEV_OFFSET,dev);
3075 SIVAL(op_break_msg,OPLOCK_BREAK_INODE_OFFSET,inode);
3076 SIVAL(op_break_msg,OPLOCK_BREAK_SEC_OFFSET,(uint32)share_entry->time.tv_sec);
3077 SIVAL(op_break_msg,OPLOCK_BREAK_USEC_OFFSET,(uint32)share_entry->time.tv_usec);
3079 /* set the address and port */
3080 bzero((char *)&addr_out,sizeof(addr_out));
3081 addr_out.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
3082 addr_out.sin_port = htons( share_entry->op_port );
3083 addr_out.sin_family = AF_INET;
3085 DEBUG(3,("%s request_oplock_break: sending a oplock break message to pid %d on port %d \
3086 for dev = %x, inode = %x\n", timestring(), share_entry->pid, share_entry->op_port, dev, inode));
3088 if(sendto(oplock_sock,op_break_msg,OPLOCK_BREAK_MSG_LEN,0,
3089 (struct sockaddr *)&addr_out,sizeof(addr_out)) < 0)
3091 DEBUG(0,("%s request_oplock_break: failed when sending a oplock break message \
3092 to pid %d on port %d for dev = %x, inode = %x. Error was %s\n",
3093 timestring(), share_entry->pid, share_entry->op_port, dev, inode,
3099 * Now we must await the oplock broken message coming back
3100 * from the target smbd process. Timeout if it fails to
3101 * return in (OPLOCK_BREAK_TIMEOUT + OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR) seconds.
3102 * While we get messages that aren't ours, loop.
3105 start_time = time(NULL);
3106 time_left = OPLOCK_BREAK_TIMEOUT+OPLOCK_BREAK_TIMEOUT_FUDGEFACTOR;
3108 while(time_left >= 0)
3110 char op_break_reply[UDP_CMD_HEADER_LEN+OPLOCK_BREAK_MSG_LEN];
3111 int32 reply_msg_len;
3112 uint16 reply_from_port;
3113 char *reply_msg_start;
3115 if(receive_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply),
3116 time_left ? time_left * 1000 : 1) == False)
3118 if(smb_read_error == READ_TIMEOUT)
3120 DEBUG(0,("%s request_oplock_break: no response received to oplock break request to \
3121 pid %d on port %d for dev = %x, inode = %x\n", timestring(), share_entry->pid,
3122 share_entry->op_port, dev, inode));
3124 * This is a hack to make handling of failing clients more robust.
3125 * If a oplock break response message is not received in the timeout
3126 * period we may assume that the smbd servicing that client holding
3127 * the oplock has died and the client changes were lost anyway, so
3128 * we should continue to try and open the file.
3133 DEBUG(0,("%s request_oplock_break: error in response received to oplock break request to \
3134 pid %d on port %d for dev = %x, inode = %x. Error was (%s).\n", timestring, share_entry->pid,
3135 share_entry->op_port, dev, inode, strerror(errno)));
3139 reply_msg_len = IVAL(op_break_reply,UDP_CMD_LEN_OFFSET);
3140 reply_from_port = SVAL(op_break_reply,UDP_CMD_PORT_OFFSET);
3142 reply_msg_start = &op_break_reply[UDP_CMD_HEADER_LEN];
3144 if(reply_msg_len != OPLOCK_BREAK_MSG_LEN)
3147 DEBUG(0,("%s request_oplock_break: invalid message length received. Ignoring\n",
3153 * Test to see if this is the reply we are awaiting.
3156 if((SVAL(reply_msg_start,UDP_MESSAGE_CMD_OFFSET) & CMD_REPLY) &&
3157 (reply_from_port == share_entry->op_port) &&
3158 (memcmp(&reply_msg_start[OPLOCK_BREAK_PID_OFFSET],
3159 &op_break_msg[OPLOCK_BREAK_PID_OFFSET],
3160 OPLOCK_BREAK_MSG_LEN - OPLOCK_BREAK_PID_OFFSET) == 0))
3163 * This is the reply we've been waiting for.
3170 * This is another message - probably a break request.
3171 * Process it to prevent potential deadlock.
3172 * Note that the code in switch_message() prevents
3173 * us from recursing into here as any SMB requests
3174 * we might process that would cause another oplock
3175 * break request to be made will be queued.
3179 process_local_message(oplock_sock, op_break_reply, sizeof(op_break_reply));
3182 time_left -= (time(NULL) - start_time);
3185 DEBUG(3,("%s request_oplock_break: broke oplock.\n", timestring()));
3190 /****************************************************************************
3191 Get the next SMB packet, doing the local message processing automatically.
3192 ****************************************************************************/
3194 BOOL receive_next_smb(int smbfd, int oplockfd, char *inbuf, int bufsize, int timeout)
3196 BOOL got_smb = False;
3201 ret = receive_message_or_smb(smbfd,oplockfd,inbuf,bufsize,
3206 /* Deal with oplock break requests from other smbd's. */
3207 process_local_message(oplock_sock, inbuf, bufsize);
3211 if(ret && (CVAL(inbuf,0) == 0x85))
3213 /* Keepalive packet. */
3218 while(ret && !got_smb);
3223 /****************************************************************************
3224 check if a snum is in use
3225 ****************************************************************************/
3226 BOOL snum_used(int snum)
3229 for (i=0;i<MAX_CONNECTIONS;i++)
3230 if (OPEN_CNUM(i) && (SNUM(i) == snum))
3235 /****************************************************************************
3236 reload the services file
3237 **************************************************************************/
3238 BOOL reload_services(BOOL test)
3245 pstrcpy(fname,lp_configfile());
3246 if (file_exist(fname,NULL) && !strcsequal(fname,servicesf))
3248 pstrcpy(servicesf,fname);
3255 if (test && !lp_file_list_changed())
3258 lp_killunused(snum_used);
3260 ret = lp_load(servicesf,False,False,True);
3262 /* perhaps the config filename is now set */
3264 reload_services(True);
3273 set_socket_options(Client,"SO_KEEPALIVE");
3274 set_socket_options(Client,user_socket_options);
3278 reset_mangled_stack( lp_mangledstack() );
3280 /* this forces service parameters to be flushed */
3281 become_service(-1,True);
3288 /****************************************************************************
3289 this prevents zombie child processes
3290 ****************************************************************************/
3291 static int sig_hup()
3293 BlockSignals(True,SIGHUP);
3294 DEBUG(0,("Got SIGHUP\n"));
3295 reload_services(False);
3296 #ifndef DONT_REINSTALL_SIG
3297 signal(SIGHUP,SIGNAL_CAST sig_hup);
3299 BlockSignals(False,SIGHUP);
3304 /****************************************************************************
3305 make a connection to a service
3306 ****************************************************************************/
3307 int make_connection(char *service,char *user,char *password, int pwlen, char *dev,uint16 vuid)
3311 struct passwd *pass = NULL;
3312 connection_struct *pcon;
3318 snum = find_service(service);
3321 if (strequal(service,"IPC$"))
3323 DEBUG(3,("%s refusing IPC connection\n",timestring()));
3327 DEBUG(0,("%s couldn't find service %s\n",timestring(),service));
3331 if (strequal(service,HOMES_NAME))
3333 if (*user && Get_Pwnam(user,True))
3334 return(make_connection(user,user,password,pwlen,dev,vuid));
3336 if (validated_username(vuid))
3338 strcpy(user,validated_username(vuid));
3339 return(make_connection(user,user,password,pwlen,dev,vuid));
3343 if (!lp_snum_ok(snum) || !check_access(snum)) {
3347 /* you can only connect to the IPC$ service as an ipc device */
3348 if (strequal(service,"IPC$"))
3351 if (*dev == '?' || !*dev)
3353 if (lp_print_ok(snum))
3354 strcpy(dev,"LPT1:");
3359 /* if the request is as a printer and you can't print then refuse */
3361 if (!lp_print_ok(snum) && (strncmp(dev,"LPT",3) == 0)) {
3362 DEBUG(1,("Attempt to connect to non-printer as a printer\n"));
3366 /* lowercase the user name */
3369 /* add it as a possible user name */
3370 add_session_user(service);
3372 /* shall we let them in? */
3373 if (!authorise_login(snum,user,password,pwlen,&guest,&force,vuid))
3375 DEBUG(2,("%s invalid username/password for %s\n",timestring(),service));
3379 cnum = find_free_connection(str_checksum(service) + str_checksum(user));
3382 DEBUG(0,("%s couldn't find free connection\n",timestring()));
3386 pcon = &Connections[cnum];
3387 bzero((char *)pcon,sizeof(*pcon));
3389 /* find out some info about the user */
3390 pass = Get_Pwnam(user,True);
3394 DEBUG(0,("%s couldn't find account %s\n",timestring(),user));
3398 pcon->read_only = lp_readonly(snum);
3402 StrnCpy(list,lp_readlist(snum),sizeof(pstring)-1);
3403 string_sub(list,"%S",service);
3405 if (user_in_list(user,list))
3406 pcon->read_only = True;
3408 StrnCpy(list,lp_writelist(snum),sizeof(pstring)-1);
3409 string_sub(list,"%S",service);
3411 if (user_in_list(user,list))
3412 pcon->read_only = False;
3415 /* admin user check */
3417 /* JRA - original code denied admin user if the share was
3418 marked read_only. Changed as I don't think this is needed,
3419 but old code left in case there is a problem here.
3421 if (user_in_list(user,lp_admin_users(snum))
3423 && !pcon->read_only)
3428 pcon->admin_user = True;
3429 DEBUG(0,("%s logged in as admin user (root privileges)\n",user));
3432 pcon->admin_user = False;
3434 pcon->force_user = force;
3436 pcon->uid = pass->pw_uid;
3437 pcon->gid = pass->pw_gid;
3438 pcon->num_files_open = 0;
3439 pcon->lastused = time(NULL);
3440 pcon->service = snum;
3442 pcon->printer = (strncmp(dev,"LPT",3) == 0);
3443 pcon->ipc = (strncmp(dev,"IPC",3) == 0);
3444 pcon->dirptr = NULL;
3445 pcon->veto_list = NULL;
3446 pcon->hide_list = NULL;
3447 pcon->veto_oplock_list = NULL;
3448 string_set(&pcon->dirpath,"");
3449 string_set(&pcon->user,user);
3452 if (*lp_force_group(snum))
3457 StrnCpy(gname,lp_force_group(snum),sizeof(pstring)-1);
3458 /* default service may be a group name */
3459 string_sub(gname,"%S",service);
3460 gptr = (struct group *)getgrnam(gname);
3464 pcon->gid = gptr->gr_gid;
3465 DEBUG(3,("Forced group %s\n",gname));
3468 DEBUG(1,("Couldn't find group %s\n",gname));
3472 if (*lp_force_user(snum))
3474 struct passwd *pass2;
3476 fstrcpy(fuser,lp_force_user(snum));
3477 pass2 = (struct passwd *)Get_Pwnam(fuser,True);
3480 pcon->uid = pass2->pw_uid;
3481 string_set(&pcon->user,fuser);
3482 fstrcpy(user,fuser);
3483 pcon->force_user = True;
3484 DEBUG(3,("Forced user %s\n",fuser));
3487 DEBUG(1,("Couldn't find user %s\n",fuser));
3492 pstrcpy(s,lp_pathname(snum));
3493 standard_sub(cnum,s);
3494 string_set(&pcon->connectpath,s);
3495 DEBUG(3,("Connect path is %s\n",s));
3498 /* groups stuff added by ih */
3500 pcon->igroups = NULL;
3501 pcon->groups = NULL;
3506 /* Find all the groups this uid is in and store them. Used by become_user() */
3507 setup_groups(pcon->user,pcon->uid,pcon->gid,
3508 &pcon->ngroups,&pcon->igroups,&pcon->groups,&pcon->attrs);
3510 /* check number of connections */
3511 if (!claim_connection(cnum,
3512 lp_servicename(SNUM(cnum)),
3513 lp_max_connections(SNUM(cnum)),False))
3515 DEBUG(1,("too many connections - rejected\n"));
3519 if (lp_status(SNUM(cnum)))
3520 claim_connection(cnum,"STATUS.",MAXSTATUS,False);
3525 /* execute any "root preexec = " line */
3526 if (*lp_rootpreexec(SNUM(cnum)))
3529 pstrcpy(cmd,lp_rootpreexec(SNUM(cnum)));
3530 standard_sub(cnum,cmd);
3531 DEBUG(5,("cmd=%s\n",cmd));
3532 smbrun(cmd,NULL,False);
3535 if (!become_user(&Connections[cnum], cnum,pcon->vuid))
3537 DEBUG(0,("Can't become connected user!\n"));
3539 if (!IS_IPC(cnum)) {
3540 yield_connection(cnum,
3541 lp_servicename(SNUM(cnum)),
3542 lp_max_connections(SNUM(cnum)));
3543 if (lp_status(SNUM(cnum))) yield_connection(cnum,"STATUS.",MAXSTATUS);
3548 if (ChDir(pcon->connectpath) != 0)
3550 DEBUG(0,("Can't change directory to %s (%s)\n",
3551 pcon->connectpath,strerror(errno)));
3554 if (!IS_IPC(cnum)) {
3555 yield_connection(cnum,
3556 lp_servicename(SNUM(cnum)),
3557 lp_max_connections(SNUM(cnum)));
3558 if (lp_status(SNUM(cnum))) yield_connection(cnum,"STATUS.",MAXSTATUS);
3563 string_set(&pcon->origpath,pcon->connectpath);
3565 #if SOFTLINK_OPTIMISATION
3566 /* resolve any soft links early */
3569 pstrcpy(s,pcon->connectpath);
3571 string_set(&pcon->connectpath,s);
3572 ChDir(pcon->connectpath);
3576 num_connections_open++;
3577 add_session_user(user);
3579 /* execute any "preexec = " line */
3580 if (*lp_preexec(SNUM(cnum)))
3583 pstrcpy(cmd,lp_preexec(SNUM(cnum)));
3584 standard_sub(cnum,cmd);
3585 smbrun(cmd,NULL,False);
3588 /* we've finished with the sensitive stuff */
3591 /* Add veto/hide lists */
3592 if (!IS_IPC(cnum) && !IS_PRINT(cnum))
3594 set_namearray( &pcon->veto_list, lp_veto_files(SNUM(cnum)));
3595 set_namearray( &pcon->hide_list, lp_hide_files(SNUM(cnum)));
3596 set_namearray( &pcon->veto_oplock_list, lp_veto_oplocks(SNUM(cnum)));
3601 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) connect to service %s as user %s (uid=%d,gid=%d) (pid %d)\n",
3604 client_addr(Client),
3605 lp_servicename(SNUM(cnum)),user,
3614 /****************************************************************************
3615 Attempt to break an oplock on a file (if oplocked).
3616 Returns True if the file was closed as a result of
3617 the oplock break, False otherwise.
3618 Used as a last ditch attempt to free a space in the
3619 file table when we have run out.
3620 ****************************************************************************/
3622 static BOOL attempt_close_oplocked_file(files_struct *fp)
3625 DEBUG(5,("attempt_close_oplocked_file: checking file %s.\n", fp->name));
3627 if (fp->open && fp->granted_oplock && !fp->sent_oplock_break) {
3629 /* Try and break the oplock. */
3630 file_fd_struct *fsp = fp->fd_ptr;
3631 if(oplock_break( fsp->dev, fsp->inode, &fp->open_time)) {
3632 if(!fp->open) /* Did the oplock break close the file ? */
3640 /****************************************************************************
3641 find first available file slot
3642 ****************************************************************************/
3643 int find_free_file(void )
3646 static int first_file;
3648 /* we want to give out file handles differently on each new
3649 connection because of a common bug in MS clients where they try to
3650 reuse a file descriptor from an earlier smb connection. This code
3651 increases the chance that the errant client will get an error rather
3652 than causing corruption */
3653 if (first_file == 0) {
3654 first_file = (getpid() ^ (int)time(NULL)) % MAX_OPEN_FILES;
3655 if (first_file == 0) first_file = 1;
3658 if (first_file >= MAX_OPEN_FILES)
3661 for (i=first_file;i<MAX_OPEN_FILES;i++)
3662 if (!Files[i].open && !Files[i].reserved) {
3663 memset(&Files[i], 0, sizeof(Files[i]));
3665 Files[i].reserved = True;
3669 /* returning a file handle of 0 is a bad idea - so we start at 1 */
3670 for (i=1;i<first_file;i++)
3671 if (!Files[i].open && !Files[i].reserved) {
3672 memset(&Files[i], 0, sizeof(Files[i]));
3674 Files[i].reserved = True;
3679 * Before we give up, go through the open files
3680 * and see if there are any files opened with a
3681 * batch oplock. If so break the oplock and then
3682 * re-use that entry (if it becomes closed).
3683 * This may help as NT/95 clients tend to keep
3684 * files batch oplocked for quite a long time
3685 * after they have finished with them.
3687 for (i=first_file;i<MAX_OPEN_FILES;i++) {
3688 if(attempt_close_oplocked_file( &Files[i])) {
3689 memset(&Files[i], 0, sizeof(Files[i]));
3691 Files[i].reserved = True;
3696 for (i=1;i<MAX_OPEN_FILES;i++) {
3697 if(attempt_close_oplocked_file( &Files[i])) {
3698 memset(&Files[i], 0, sizeof(Files[i]));
3700 Files[i].reserved = True;
3705 DEBUG(1,("ERROR! Out of file structures - perhaps increase MAX_OPEN_FILES?\n"));
3709 /****************************************************************************
3710 find first available connection slot, starting from a random position.
3711 The randomisation stops problems with the server dieing and clients
3712 thinking the server is still available.
3713 ****************************************************************************/
3714 static int find_free_connection(int hash )
3718 hash = (hash % (MAX_CONNECTIONS-2))+1;
3722 for (i=hash+1;i!=hash;)
3724 if (!Connections[i].open && Connections[i].used == used)
3726 DEBUG(3,("found free connection number %d\n",i));
3730 if (i == MAX_CONNECTIONS)
3740 DEBUG(1,("ERROR! Out of connection structures\n"));
3745 /****************************************************************************
3746 reply for the core protocol
3747 ****************************************************************************/
3748 int reply_corep(char *outbuf)
3750 int outsize = set_message(outbuf,1,0,True);
3752 Protocol = PROTOCOL_CORE;
3758 /****************************************************************************
3759 reply for the coreplus protocol
3760 ****************************************************************************/
3761 int reply_coreplus(char *outbuf)
3763 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
3764 int outsize = set_message(outbuf,13,0,True);
3765 SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
3766 readbraw and writebraw (possibly) */
3767 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
3768 SSVAL(outbuf,smb_vwv1,0x1); /* user level security, don't encrypt */
3770 Protocol = PROTOCOL_COREPLUS;
3776 /****************************************************************************
3777 reply for the lanman 1.0 protocol
3778 ****************************************************************************/
3779 int reply_lanman1(char *outbuf)
3781 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
3783 BOOL doencrypt = SMBENCRYPT();
3784 time_t t = time(NULL);
3786 if (lp_security()>=SEC_USER) secword |= 1;
3787 if (doencrypt) secword |= 2;
3789 set_message(outbuf,13,doencrypt?8:0,True);
3790 SSVAL(outbuf,smb_vwv1,secword);
3791 /* Create a token value and add it to the outgoing packet. */
3793 generate_next_challenge(smb_buf(outbuf));
3795 Protocol = PROTOCOL_LANMAN1;
3797 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
3798 SSVAL(outbuf,smb_vwv2,max_recv);
3799 SSVAL(outbuf,smb_vwv3,lp_maxmux()); /* maxmux */
3800 SSVAL(outbuf,smb_vwv4,1);
3801 SSVAL(outbuf,smb_vwv5,raw); /* tell redirector we support
3802 readbraw writebraw (possibly) */
3803 SIVAL(outbuf,smb_vwv6,getpid());
3804 SSVAL(outbuf,smb_vwv10, TimeDiff(t)/60);
3806 put_dos_date(outbuf,smb_vwv8,t);
3808 return (smb_len(outbuf)+4);
3812 /****************************************************************************
3813 reply for the lanman 2.0 protocol
3814 ****************************************************************************/
3815 int reply_lanman2(char *outbuf)
3817 int raw = (lp_readraw()?1:0) | (lp_writeraw()?2:0);
3819 BOOL doencrypt = SMBENCRYPT();
3820 time_t t = time(NULL);
3821 struct cli_state *cli = NULL;
3825 if (lp_security() == SEC_SERVER) {
3826 cli = server_cryptkey();
3830 DEBUG(3,("using password server validation\n"));
3831 doencrypt = ((cli->sec_mode & 2) != 0);
3834 if (lp_security()>=SEC_USER) secword |= 1;
3835 if (doencrypt) secword |= 2;
3840 generate_next_challenge(cryptkey);
3842 memcpy(cryptkey, cli->cryptkey, 8);
3843 set_challenge(cli->cryptkey);
3847 set_message(outbuf,13,crypt_len,True);
3848 SSVAL(outbuf,smb_vwv1,secword);
3849 SIVAL(outbuf,smb_vwv6,getpid());
3851 memcpy(smb_buf(outbuf), cryptkey, 8);
3853 Protocol = PROTOCOL_LANMAN2;
3855 CVAL(outbuf,smb_flg) = 0x81; /* Reply, SMBlockread, SMBwritelock supported */
3856 SSVAL(outbuf,smb_vwv2,max_recv);
3857 SSVAL(outbuf,smb_vwv3,lp_maxmux());
3858 SSVAL(outbuf,smb_vwv4,1);
3859 SSVAL(outbuf,smb_vwv5,raw); /* readbraw and/or writebraw */
3860 SSVAL(outbuf,smb_vwv10, TimeDiff(t)/60);
3861 put_dos_date(outbuf,smb_vwv8,t);
3863 return (smb_len(outbuf)+4);
3867 /****************************************************************************
3868 reply for the nt protocol
3869 ****************************************************************************/
3870 int reply_nt1(char *outbuf)
3872 /* dual names + lock_and_read + nt SMBs + remote API calls */
3873 int capabilities = CAP_NT_FIND|CAP_LOCK_AND_READ|CAP_RPC_REMOTE_APIS;
3875 other valid capabilities which we may support at some time...
3876 CAP_LARGE_FILES|CAP_NT_SMBS|CAP_RPC_REMOTE_APIS;
3877 CAP_LARGE_READX|CAP_STATUS32|CAP_LEVEL_II_OPLOCKS;
3881 BOOL doencrypt = SMBENCRYPT();
3882 time_t t = time(NULL);
3884 struct cli_state *cli = NULL;
3888 if (lp_security() == SEC_SERVER) {
3889 cli = server_cryptkey();
3893 DEBUG(3,("using password server validation\n"));
3894 doencrypt = ((cli->sec_mode & 2) != 0);
3900 generate_next_challenge(cryptkey);
3902 memcpy(cryptkey, cli->cryptkey, 8);
3903 set_challenge(cli->cryptkey);
3907 if (lp_readraw() && lp_writeraw()) {
3908 capabilities |= CAP_RAW_MODE;
3911 if (lp_security() >= SEC_USER) secword |= 1;
3912 if (doencrypt) secword |= 2;
3914 /* decide where (if) to put the encryption challenge, and
3915 follow it with the OEM'd domain name
3917 data_len = crypt_len + strlen(myworkgroup) + 1;
3919 set_message(outbuf,17,data_len,True);
3920 strcpy(smb_buf(outbuf)+crypt_len, myworkgroup);
3922 CVAL(outbuf,smb_vwv1) = secword;
3923 SSVALS(outbuf,smb_vwv16+1,crypt_len);
3925 memcpy(smb_buf(outbuf), cryptkey, 8);
3927 Protocol = PROTOCOL_NT1;
3929 SSVAL(outbuf,smb_vwv1+1,lp_maxmux()); /* maxmpx */
3930 SSVAL(outbuf,smb_vwv2+1,1); /* num vcs */
3931 SIVAL(outbuf,smb_vwv3+1,0xffff); /* max buffer. LOTS! */
3932 SIVAL(outbuf,smb_vwv5+1,0x10000); /* raw size. full 64k */
3933 SIVAL(outbuf,smb_vwv7+1,getpid()); /* session key */
3934 SIVAL(outbuf,smb_vwv9+1,capabilities); /* capabilities */
3935 put_long_date(outbuf+smb_vwv11+1,t);
3936 SSVALS(outbuf,smb_vwv15+1,TimeDiff(t)/60);
3937 SSVAL(outbuf,smb_vwv17,data_len); /* length of challenge+domain strings */
3939 return (smb_len(outbuf)+4);
3942 /* these are the protocol lists used for auto architecture detection:
3945 protocol [PC NETWORK PROGRAM 1.0]
3946 protocol [XENIX CORE]
3947 protocol [MICROSOFT NETWORKS 1.03]
3948 protocol [LANMAN1.0]
3949 protocol [Windows for Workgroups 3.1a]
3950 protocol [LM1.2X002]
3951 protocol [LANMAN2.1]
3952 protocol [NT LM 0.12]
3955 protocol [PC NETWORK PROGRAM 1.0]
3956 protocol [XENIX CORE]
3957 protocol [MICROSOFT NETWORKS 1.03]
3958 protocol [LANMAN1.0]
3959 protocol [Windows for Workgroups 3.1a]
3960 protocol [LM1.2X002]
3961 protocol [LANMAN2.1]
3962 protocol [NT LM 0.12]
3965 protocol [PC NETWORK PROGRAM 1.0]
3966 protocol [XENIX CORE]
3967 protocol [LANMAN1.0]
3968 protocol [LM1.2X002]
3969 protocol [LANMAN2.1]
3973 * Modified to recognize the architecture of the remote machine better.
3975 * This appears to be the matrix of which protocol is used by which
3977 Protocol WfWg Win95 WinNT OS/2
3978 PC NETWORK PROGRAM 1.0 1 1 1 1
3980 MICROSOFT NETWORKS 3.0 2 2
3982 MICROSOFT NETWORKS 1.03 3
3985 Windows for Workgroups 3.1a 5 5 5
3990 * tim@fsg.com 09/29/95
3993 #define ARCH_WFWG 0x3 /* This is a fudge because WfWg is like Win95 */
3994 #define ARCH_WIN95 0x2
3995 #define ARCH_OS2 0xC /* Again OS/2 is like NT */
3996 #define ARCH_WINNT 0x8
3997 #define ARCH_SAMBA 0x10
3999 #define ARCH_ALL 0x1F
4001 /* List of supported protocols, most desired first */
4005 int (*proto_reply_fn)(char *);
4007 } supported_protocols[] = {
4008 {"NT LANMAN 1.0", "NT1", reply_nt1, PROTOCOL_NT1},
4009 {"NT LM 0.12", "NT1", reply_nt1, PROTOCOL_NT1},
4010 {"LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4011 {"Samba", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4012 {"DOS LM1.2X002", "LANMAN2", reply_lanman2, PROTOCOL_LANMAN2},
4013 {"LANMAN1.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1},
4014 {"MICROSOFT NETWORKS 3.0", "LANMAN1", reply_lanman1, PROTOCOL_LANMAN1},
4015 {"MICROSOFT NETWORKS 1.03", "COREPLUS", reply_coreplus, PROTOCOL_COREPLUS},
4016 {"PC NETWORK PROGRAM 1.0", "CORE", reply_corep, PROTOCOL_CORE},
4021 /****************************************************************************
4023 ****************************************************************************/
4024 static int reply_negprot(char *inbuf,char *outbuf)
4026 int outsize = set_message(outbuf,1,0,True);
4031 int bcc = SVAL(smb_buf(inbuf),-2);
4032 int arch = ARCH_ALL;
4034 p = smb_buf(inbuf)+1;
4035 while (p < (smb_buf(inbuf) + bcc))
4038 DEBUG(3,("Requested protocol [%s]\n",p));
4039 if (strcsequal(p,"Windows for Workgroups 3.1a"))
4040 arch &= ( ARCH_WFWG | ARCH_WIN95 | ARCH_WINNT );
4041 else if (strcsequal(p,"DOS LM1.2X002"))
4042 arch &= ( ARCH_WFWG | ARCH_WIN95 );
4043 else if (strcsequal(p,"DOS LANMAN2.1"))
4044 arch &= ( ARCH_WFWG | ARCH_WIN95 );
4045 else if (strcsequal(p,"NT LM 0.12"))
4046 arch &= ( ARCH_WIN95 | ARCH_WINNT );
4047 else if (strcsequal(p,"LANMAN2.1"))
4048 arch &= ( ARCH_WINNT | ARCH_OS2 );
4049 else if (strcsequal(p,"LM1.2X002"))
4050 arch &= ( ARCH_WINNT | ARCH_OS2 );
4051 else if (strcsequal(p,"MICROSOFT NETWORKS 1.03"))
4053 else if (strcsequal(p,"XENIX CORE"))
4054 arch &= ( ARCH_WINNT | ARCH_OS2 );
4055 else if (strcsequal(p,"Samba")) {
4065 set_remote_arch(RA_SAMBA);
4068 set_remote_arch(RA_WFWG);
4071 set_remote_arch(RA_WIN95);
4074 set_remote_arch(RA_WINNT);
4077 set_remote_arch(RA_OS2);
4080 set_remote_arch(RA_UNKNOWN);
4084 /* possibly reload - change of architecture */
4085 reload_services(True);
4087 /* a special case to stop password server loops */
4088 if (Index == 1 && strequal(remote_machine,myhostname) &&
4089 lp_security()==SEC_SERVER)
4090 exit_server("Password server loop!");
4092 /* Check for protocols, most desirable first */
4093 for (protocol = 0; supported_protocols[protocol].proto_name; protocol++)
4095 p = smb_buf(inbuf)+1;
4097 if (lp_maxprotocol() >= supported_protocols[protocol].protocol_level)
4098 while (p < (smb_buf(inbuf) + bcc))
4100 if (strequal(p,supported_protocols[protocol].proto_name))
4109 SSVAL(outbuf,smb_vwv0,choice);
4111 extern fstring remote_proto;
4112 fstrcpy(remote_proto,supported_protocols[protocol].short_name);
4113 reload_services(True);
4114 outsize = supported_protocols[protocol].proto_reply_fn(outbuf);
4115 DEBUG(3,("Selected protocol %s\n",supported_protocols[protocol].proto_name));
4118 DEBUG(0,("No protocol supported !\n"));
4120 SSVAL(outbuf,smb_vwv0,choice);
4122 DEBUG(5,("%s negprot index=%d\n",timestring(),choice));
4128 /****************************************************************************
4129 close all open files for a connection
4130 ****************************************************************************/
4131 static void close_open_files(int cnum)
4134 for (i=0;i<MAX_OPEN_FILES;i++)
4135 if( Files[i].cnum == cnum && Files[i].open) {
4136 close_file(i,False);
4142 /****************************************************************************
4144 ****************************************************************************/
4145 void close_cnum(int cnum, uint16 vuid)
4148 DirCacheFlush(SNUM(cnum));
4152 if (!OPEN_CNUM(cnum))
4154 DEBUG(0,("Can't close cnum %d\n",cnum));
4158 DEBUG(IS_IPC(cnum)?3:1,("%s %s (%s) closed connection to service %s\n",
4160 remote_machine,client_addr(Client),
4161 lp_servicename(SNUM(cnum))));
4163 yield_connection(cnum,
4164 lp_servicename(SNUM(cnum)),
4165 lp_max_connections(SNUM(cnum)));
4167 if (lp_status(SNUM(cnum)))
4168 yield_connection(cnum,"STATUS.",MAXSTATUS);
4170 close_open_files(cnum);
4171 dptr_closecnum(cnum);
4173 /* execute any "postexec = " line */
4174 if (*lp_postexec(SNUM(cnum)) && become_user(&Connections[cnum], cnum,vuid))
4177 strcpy(cmd,lp_postexec(SNUM(cnum)));
4178 standard_sub(cnum,cmd);
4179 smbrun(cmd,NULL,False);
4184 /* execute any "root postexec = " line */
4185 if (*lp_rootpostexec(SNUM(cnum)))
4188 strcpy(cmd,lp_rootpostexec(SNUM(cnum)));
4189 standard_sub(cnum,cmd);
4190 smbrun(cmd,NULL,False);
4193 Connections[cnum].open = False;
4194 num_connections_open--;
4195 if (Connections[cnum].ngroups && Connections[cnum].groups)
4197 if (Connections[cnum].igroups != (int *)Connections[cnum].groups)
4198 free(Connections[cnum].groups);
4199 free(Connections[cnum].igroups);
4200 Connections[cnum].groups = NULL;
4201 Connections[cnum].igroups = NULL;
4202 Connections[cnum].ngroups = 0;
4205 free_namearray(Connections[cnum].veto_list);
4206 free_namearray(Connections[cnum].hide_list);
4207 free_namearray(Connections[cnum].veto_oplock_list);
4209 string_set(&Connections[cnum].user,"");
4210 string_set(&Connections[cnum].dirpath,"");
4211 string_set(&Connections[cnum].connectpath,"");
4217 /*******************************************************************
4218 prepare to dump a core file - carefully!
4219 ********************************************************************/
4220 static BOOL dump_core(void)
4224 pstrcpy(dname,debugf);
4225 if ((p=strrchr(dname,'/'))) *p=0;
4226 strcat(dname,"/corefiles");
4228 sys_chown(dname,getuid(),getgid());
4230 if (chdir(dname)) return(False);
4233 #ifndef NO_GETRLIMIT
4237 getrlimit(RLIMIT_CORE, &rlp);
4238 rlp.rlim_cur = MAX(4*1024*1024,rlp.rlim_cur);
4239 setrlimit(RLIMIT_CORE, &rlp);
4240 getrlimit(RLIMIT_CORE, &rlp);
4241 DEBUG(3,("Core limits now %d %d\n",rlp.rlim_cur,rlp.rlim_max));
4247 DEBUG(0,("Dumping core in %s\n",dname));
4252 /****************************************************************************
4254 ****************************************************************************/
4255 void exit_server(char *reason)
4257 static int firsttime=1;
4260 if (!firsttime) exit(0);
4264 DEBUG(2,("Closing connections\n"));
4265 for (i=0;i<MAX_CONNECTIONS;i++)
4266 if (Connections[i].open)
4267 close_cnum(i,(uint16)-1);
4269 if (dcelogin_atmost_once)
4273 int oldlevel = DEBUGLEVEL;
4275 DEBUG(0,("Last message was %s\n",smb_fn_name(last_message)));
4277 show_msg(last_inbuf);
4278 DEBUGLEVEL = oldlevel;
4279 DEBUG(0,("===============================================================\n"));
4281 if (dump_core()) return;
4287 DEBUG(3,("%s Server exit (%s)\n",timestring(),reason?reason:""));
4291 /****************************************************************************
4292 do some standard substitutions in a string
4293 ****************************************************************************/
4294 void standard_sub(int cnum,char *str)
4296 if (VALID_CNUM(cnum)) {
4299 for ( s=str ; (p=strchr(s, '%')) != NULL ; s=p ) {
4301 case 'H' : if ((home = get_home_dir(Connections[cnum].user))!=NULL)
4302 string_sub(p,"%H",home);
4306 case 'P' : string_sub(p,"%P",Connections[cnum].connectpath); break;
4307 case 'S' : string_sub(p,"%S",lp_servicename(Connections[cnum].service)); break;
4308 case 'g' : string_sub(p,"%g",gidtoname(Connections[cnum].gid)); break;
4309 case 'u' : string_sub(p,"%u",Connections[cnum].user); break;
4311 * Patch from jkf@soton.ac.uk
4312 * Left the %N (NIS server name) in standard_sub_basic as it
4313 * is a feature for logon servers, hence uses the username.
4314 * The %p (NIS server path) code is here as it is used
4315 * instead of the default "path =" string in [homes] and so
4316 * needs the service name, not the username.
4318 case 'p' : string_sub(p,"%p",automount_path(lp_servicename(Connections[cnum].service))); break;
4319 case '\0' : p++; break; /* don't run off the end of the string */
4320 default : p+=2; break;
4324 standard_sub_basic(str);
4328 These flags determine some of the permissions required to do an operation
4330 Note that I don't set NEED_WRITE on some write operations because they
4331 are used by some brain-dead clients when printing, and I don't want to
4332 force write permissions on print services.
4334 #define AS_USER (1<<0)
4335 #define NEED_WRITE (1<<1)
4336 #define TIME_INIT (1<<2)
4337 #define CAN_IPC (1<<3)
4338 #define AS_GUEST (1<<5)
4339 #define QUEUE_IN_OPLOCK (1<<6)
4342 define a list of possible SMB messages and their corresponding
4343 functions. Any message that has a NULL function is unimplemented -
4344 please feel free to contribute implementations!
4346 struct smb_message_struct
4360 {SMBnegprot,"SMBnegprot",reply_negprot,0},
4361 {SMBtcon,"SMBtcon",reply_tcon,0},
4362 {SMBtdis,"SMBtdis",reply_tdis,0},
4363 {SMBexit,"SMBexit",reply_exit,0},
4364 {SMBioctl,"SMBioctl",reply_ioctl,0},
4365 {SMBecho,"SMBecho",reply_echo,0},
4366 {SMBsesssetupX,"SMBsesssetupX",reply_sesssetup_and_X,0},
4367 {SMBtconX,"SMBtconX",reply_tcon_and_X,0},
4368 {SMBulogoffX, "SMBulogoffX", reply_ulogoffX, 0}, /* ulogoff doesn't give a valid TID */
4369 {SMBgetatr,"SMBgetatr",reply_getatr,AS_USER},
4370 {SMBsetatr,"SMBsetatr",reply_setatr,AS_USER | NEED_WRITE},
4371 {SMBchkpth,"SMBchkpth",reply_chkpth,AS_USER},
4372 {SMBsearch,"SMBsearch",reply_search,AS_USER},
4373 {SMBopen,"SMBopen",reply_open,AS_USER | QUEUE_IN_OPLOCK },
4375 /* note that SMBmknew and SMBcreate are deliberately overloaded */
4376 {SMBcreate,"SMBcreate",reply_mknew,AS_USER},
4377 {SMBmknew,"SMBmknew",reply_mknew,AS_USER},
4379 {SMBunlink,"SMBunlink",reply_unlink,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
4380 {SMBread,"SMBread",reply_read,AS_USER},
4381 {SMBwrite,"SMBwrite",reply_write,AS_USER},
4382 {SMBclose,"SMBclose",reply_close,AS_USER | CAN_IPC},
4383 {SMBmkdir,"SMBmkdir",reply_mkdir,AS_USER | NEED_WRITE},
4384 {SMBrmdir,"SMBrmdir",reply_rmdir,AS_USER | NEED_WRITE},
4385 {SMBdskattr,"SMBdskattr",reply_dskattr,AS_USER},
4386 {SMBmv,"SMBmv",reply_mv,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK},
4388 /* this is a Pathworks specific call, allowing the
4389 changing of the root path */
4390 {pSETDIR,"pSETDIR",reply_setdir,AS_USER},
4392 {SMBlseek,"SMBlseek",reply_lseek,AS_USER},
4393 {SMBflush,"SMBflush",reply_flush,AS_USER},
4394 {SMBctemp,"SMBctemp",reply_ctemp,AS_USER | QUEUE_IN_OPLOCK },
4395 {SMBsplopen,"SMBsplopen",reply_printopen,AS_USER | QUEUE_IN_OPLOCK },
4396 {SMBsplclose,"SMBsplclose",reply_printclose,AS_USER},
4397 {SMBsplretq,"SMBsplretq",reply_printqueue,AS_USER|AS_GUEST},
4398 {SMBsplwr,"SMBsplwr",reply_printwrite,AS_USER},
4399 {SMBlock,"SMBlock",reply_lock,AS_USER},
4400 {SMBunlock,"SMBunlock",reply_unlock,AS_USER},
4402 /* CORE+ PROTOCOL FOLLOWS */
4404 {SMBreadbraw,"SMBreadbraw",reply_readbraw,AS_USER},
4405 {SMBwritebraw,"SMBwritebraw",reply_writebraw,AS_USER},
4406 {SMBwriteclose,"SMBwriteclose",reply_writeclose,AS_USER},
4407 {SMBlockread,"SMBlockread",reply_lockread,AS_USER},
4408 {SMBwriteunlock,"SMBwriteunlock",reply_writeunlock,AS_USER},
4410 /* LANMAN1.0 PROTOCOL FOLLOWS */
4412 {SMBreadBmpx,"SMBreadBmpx",reply_readbmpx,AS_USER},
4413 {SMBreadBs,"SMBreadBs",NULL,AS_USER},
4414 {SMBwriteBmpx,"SMBwriteBmpx",reply_writebmpx,AS_USER},
4415 {SMBwriteBs,"SMBwriteBs",reply_writebs,AS_USER},
4416 {SMBwritec,"SMBwritec",NULL,AS_USER},
4417 {SMBsetattrE,"SMBsetattrE",reply_setattrE,AS_USER | NEED_WRITE},
4418 {SMBgetattrE,"SMBgetattrE",reply_getattrE,AS_USER},
4419 {SMBtrans,"SMBtrans",reply_trans,AS_USER | CAN_IPC},
4420 {SMBtranss,"SMBtranss",NULL,AS_USER | CAN_IPC},
4421 {SMBioctls,"SMBioctls",NULL,AS_USER},
4422 {SMBcopy,"SMBcopy",reply_copy,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
4423 {SMBmove,"SMBmove",NULL,AS_USER | NEED_WRITE | QUEUE_IN_OPLOCK },
4425 {SMBopenX,"SMBopenX",reply_open_and_X,AS_USER | CAN_IPC | QUEUE_IN_OPLOCK },
4426 {SMBreadX,"SMBreadX",reply_read_and_X,AS_USER | CAN_IPC },
4427 {SMBwriteX,"SMBwriteX",reply_write_and_X,AS_USER},
4428 {SMBlockingX,"SMBlockingX",reply_lockingX,AS_USER},
4430 {SMBffirst,"SMBffirst",reply_search,AS_USER},
4431 {SMBfunique,"SMBfunique",reply_search,AS_USER},
4432 {SMBfclose,"SMBfclose",reply_fclose,AS_USER},
4434 /* LANMAN2.0 PROTOCOL FOLLOWS */
4435 {SMBfindnclose, "SMBfindnclose", reply_findnclose, AS_USER},
4436 {SMBfindclose, "SMBfindclose", reply_findclose,AS_USER},
4437 {SMBtrans2, "SMBtrans2", reply_trans2, AS_USER | QUEUE_IN_OPLOCK },
4438 {SMBtranss2, "SMBtranss2", reply_transs2, AS_USER},
4440 /* messaging routines */
4441 {SMBsends,"SMBsends",reply_sends,AS_GUEST},
4442 {SMBsendstrt,"SMBsendstrt",reply_sendstrt,AS_GUEST},
4443 {SMBsendend,"SMBsendend",reply_sendend,AS_GUEST},
4444 {SMBsendtxt,"SMBsendtxt",reply_sendtxt,AS_GUEST},
4446 /* NON-IMPLEMENTED PARTS OF THE CORE PROTOCOL */
4448 {SMBsendb,"SMBsendb",NULL,AS_GUEST},
4449 {SMBfwdname,"SMBfwdname",NULL,AS_GUEST},
4450 {SMBcancelf,"SMBcancelf",NULL,AS_GUEST},
4451 {SMBgetmac,"SMBgetmac",NULL,AS_GUEST}
4454 /****************************************************************************
4455 return a string containing the function name of a SMB command
4456 ****************************************************************************/
4457 char *smb_fn_name(int type)
4459 static char *unknown_name = "SMBunknown";
4460 static int num_smb_messages =
4461 sizeof(smb_messages) / sizeof(struct smb_message_struct);
4464 for (match=0;match<num_smb_messages;match++)
4465 if (smb_messages[match].code == type)
4468 if (match == num_smb_messages)
4469 return(unknown_name);
4471 return(smb_messages[match].name);
4475 /****************************************************************************
4476 do a switch on the message type, and return the response size
4477 ****************************************************************************/
4478 static int switch_message(int type,char *inbuf,char *outbuf,int size,int bufsize)
4482 static int num_smb_messages =
4483 sizeof(smb_messages) / sizeof(struct smb_message_struct);
4487 struct timeval msg_start_time;
4488 struct timeval msg_end_time;
4489 static unsigned long total_time = 0;
4491 GetTimeOfDay(&msg_start_time);
4498 last_message = type;
4500 /* make sure this is an SMB packet */
4501 if (strncmp(smb_base(inbuf),"\377SMB",4) != 0)
4503 DEBUG(2,("Non-SMB packet of length %d\n",smb_len(inbuf)));
4507 for (match=0;match<num_smb_messages;match++)
4508 if (smb_messages[match].code == type)
4511 if (match == num_smb_messages)
4513 DEBUG(0,("Unknown message type %d!\n",type));
4514 outsize = reply_unknown(inbuf,outbuf);
4518 DEBUG(3,("switch message %s (pid %d)\n",smb_messages[match].name,pid));
4520 if(global_oplock_break && (smb_messages[match].flags & QUEUE_IN_OPLOCK))
4523 * Queue this message as we are the process of an oplock break.
4526 DEBUG(2,("%s: switch_message: queueing message due to being in oplock break state.\n",
4529 push_smb_message( inbuf, size);
4533 if (smb_messages[match].fn)
4535 int cnum = SVAL(inbuf,smb_tid);
4536 int flags = smb_messages[match].flags;
4537 /* In share mode security we must ignore the vuid. */
4538 uint16 session_tag = (lp_security() == SEC_SHARE) ? UID_FIELD_INVALID : SVAL(inbuf,smb_uid);
4539 /* Ensure this value is replaced in the incoming packet. */
4540 SSVAL(inbuf,smb_uid,session_tag);
4542 /* does this protocol need to be run as root? */
4543 if (!(flags & AS_USER))
4546 /* does this protocol need to be run as the connected user? */
4547 if ((flags & AS_USER) && !become_user(&Connections[cnum], cnum,session_tag)) {
4548 if (flags & AS_GUEST)
4551 return(ERROR(ERRSRV,ERRinvnid));
4553 /* this code is to work around a bug is MS client 3 without
4554 introducing a security hole - it needs to be able to do
4555 print queue checks as guest if it isn't logged in properly */
4556 if (flags & AS_USER)
4559 /* does it need write permission? */
4560 if ((flags & NEED_WRITE) && !CAN_WRITE(cnum))
4561 return(ERROR(ERRSRV,ERRaccess));
4563 /* ipc services are limited */
4564 if (IS_IPC(cnum) && (flags & AS_USER) && !(flags & CAN_IPC))
4565 return(ERROR(ERRSRV,ERRaccess));
4567 /* load service specific parameters */
4568 if (OPEN_CNUM(cnum) && !become_service(cnum,(flags & AS_USER)?True:False))
4569 return(ERROR(ERRSRV,ERRaccess));
4571 /* does this protocol need to be run as guest? */
4572 if ((flags & AS_GUEST) && (!become_guest() || !check_access(-1)))
4573 return(ERROR(ERRSRV,ERRaccess));
4577 outsize = smb_messages[match].fn(inbuf,outbuf,size,bufsize);
4581 outsize = reply_unknown(inbuf,outbuf);
4586 GetTimeOfDay(&msg_end_time);
4587 if (!(smb_messages[match].flags & TIME_INIT))
4589 smb_messages[match].time = 0;
4590 smb_messages[match].flags |= TIME_INIT;
4593 unsigned long this_time =
4594 (msg_end_time.tv_sec - msg_start_time.tv_sec)*1e6 +
4595 (msg_end_time.tv_usec - msg_start_time.tv_usec);
4596 smb_messages[match].time += this_time;
4597 total_time += this_time;
4599 DEBUG(2,("TIME %s %d usecs %g pct\n",
4600 smb_fn_name(type),smb_messages[match].time,
4601 (100.0*smb_messages[match].time) / total_time));
4608 /****************************************************************************
4609 construct a chained reply and add it to the already made reply
4610 **************************************************************************/
4611 int chain_reply(char *inbuf,char *outbuf,int size,int bufsize)
4613 static char *orig_inbuf;
4614 static char *orig_outbuf;
4615 int smb_com1, smb_com2 = CVAL(inbuf,smb_vwv0);
4616 unsigned smb_off2 = SVAL(inbuf,smb_vwv1);
4617 char *inbuf2, *outbuf2;
4619 char inbuf_saved[smb_wct];
4620 char outbuf_saved[smb_wct];
4621 extern int chain_size;
4622 int wct = CVAL(outbuf,smb_wct);
4623 int outsize = smb_size + 2*wct + SVAL(outbuf,smb_vwv0+2*wct);
4625 /* maybe its not chained */
4626 if (smb_com2 == 0xFF) {
4627 CVAL(outbuf,smb_vwv0) = 0xFF;
4631 if (chain_size == 0) {
4632 /* this is the first part of the chain */
4634 orig_outbuf = outbuf;
4637 /* we need to tell the client where the next part of the reply will be */
4638 SSVAL(outbuf,smb_vwv1,smb_offset(outbuf+outsize,outbuf));
4639 CVAL(outbuf,smb_vwv0) = smb_com2;
4641 /* remember how much the caller added to the chain, only counting stuff
4642 after the parameter words */
4643 chain_size += outsize - smb_wct;
4645 /* work out pointers into the original packets. The
4646 headers on these need to be filled in */
4647 inbuf2 = orig_inbuf + smb_off2 + 4 - smb_wct;
4648 outbuf2 = orig_outbuf + SVAL(outbuf,smb_vwv1) + 4 - smb_wct;
4650 /* remember the original command type */
4651 smb_com1 = CVAL(orig_inbuf,smb_com);
4653 /* save the data which will be overwritten by the new headers */
4654 memcpy(inbuf_saved,inbuf2,smb_wct);
4655 memcpy(outbuf_saved,outbuf2,smb_wct);
4657 /* give the new packet the same header as the last part of the SMB */
4658 memmove(inbuf2,inbuf,smb_wct);
4660 /* create the in buffer */
4661 CVAL(inbuf2,smb_com) = smb_com2;
4663 /* create the out buffer */
4664 bzero(outbuf2,smb_size);
4665 set_message(outbuf2,0,0,True);
4666 CVAL(outbuf2,smb_com) = CVAL(inbuf2,smb_com);
4668 memcpy(outbuf2+4,inbuf2+4,4);
4669 CVAL(outbuf2,smb_rcls) = SUCCESS;
4670 CVAL(outbuf2,smb_reh) = 0;
4671 CVAL(outbuf2,smb_flg) = 0x80 | (CVAL(inbuf2,smb_flg) & 0x8); /* bit 7 set
4673 SSVAL(outbuf2,smb_flg2,1); /* say we support long filenames */
4674 SSVAL(outbuf2,smb_err,SUCCESS);
4675 SSVAL(outbuf2,smb_tid,SVAL(inbuf2,smb_tid));
4676 SSVAL(outbuf2,smb_pid,SVAL(inbuf2,smb_pid));
4677 SSVAL(outbuf2,smb_uid,SVAL(inbuf2,smb_uid));
4678 SSVAL(outbuf2,smb_mid,SVAL(inbuf2,smb_mid));
4680 DEBUG(3,("Chained message\n"));
4683 /* process the request */
4684 outsize2 = switch_message(smb_com2,inbuf2,outbuf2,size-chain_size,
4685 bufsize-chain_size);
4687 /* copy the new reply and request headers over the old ones, but
4688 preserve the smb_com field */
4689 memmove(orig_outbuf,outbuf2,smb_wct);
4690 CVAL(orig_outbuf,smb_com) = smb_com1;
4692 /* restore the saved data, being careful not to overwrite any
4693 data from the reply header */
4694 memcpy(inbuf2,inbuf_saved,smb_wct);
4696 int ofs = smb_wct - PTR_DIFF(outbuf2,orig_outbuf);
4697 if (ofs < 0) ofs = 0;
4698 memmove(outbuf2+ofs,outbuf_saved+ofs,smb_wct-ofs);
4706 /****************************************************************************
4707 construct a reply to the incoming packet
4708 ****************************************************************************/
4709 int construct_reply(char *inbuf,char *outbuf,int size,int bufsize)
4711 int type = CVAL(inbuf,smb_com);
4713 int msg_type = CVAL(inbuf,0);
4714 extern int chain_size;
4716 smb_last_time = time(NULL);
4722 bzero(outbuf,smb_size);
4725 return(reply_special(inbuf,outbuf));
4727 CVAL(outbuf,smb_com) = CVAL(inbuf,smb_com);
4728 set_message(outbuf,0,0,True);
4730 memcpy(outbuf+4,inbuf+4,4);
4731 CVAL(outbuf,smb_rcls) = SUCCESS;
4732 CVAL(outbuf,smb_reh) = 0;
4733 CVAL(outbuf,smb_flg) = 0x80 | (CVAL(inbuf,smb_flg) & 0x8); /* bit 7 set
4735 SSVAL(outbuf,smb_flg2,1); /* say we support long filenames */
4736 SSVAL(outbuf,smb_err,SUCCESS);
4737 SSVAL(outbuf,smb_tid,SVAL(inbuf,smb_tid));
4738 SSVAL(outbuf,smb_pid,SVAL(inbuf,smb_pid));
4739 SSVAL(outbuf,smb_uid,SVAL(inbuf,smb_uid));
4740 SSVAL(outbuf,smb_mid,SVAL(inbuf,smb_mid));
4742 outsize = switch_message(type,inbuf,outbuf,size,bufsize);
4744 outsize += chain_size;
4747 smb_setlen(outbuf,outsize - 4);
4751 /****************************************************************************
4752 process commands from the client
4753 ****************************************************************************/
4754 static void process(void)
4758 InBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
4759 OutBuffer = (char *)malloc(BUFFER_SIZE + SAFETY_MARGIN);
4760 if ((InBuffer == NULL) || (OutBuffer == NULL))
4763 InBuffer += SMB_ALIGNMENT;
4764 OutBuffer += SMB_ALIGNMENT;
4767 DEBUG(3,("priming nmbd\n"));
4770 ip = *interpret_addr2("localhost");
4771 if (zero_ip(ip)) ip = *interpret_addr2("127.0.0.1");
4773 send_one_packet(OutBuffer,1,ip,NMB_PORT,SOCK_DGRAM);
4777 /* re-initialise the timezone */
4782 int deadtime = lp_deadtime()*60;
4784 int last_keepalive=0;
4785 int service_load_counter = 0;
4786 BOOL got_smb = False;
4789 deadtime = DEFAULT_SMBD_TIMEOUT;
4791 #if USE_READ_PREDICTION
4792 if (lp_readprediction())
4793 do_read_prediction();
4798 for (counter=SMBD_SELECT_LOOP;
4799 !receive_message_or_smb(Client,oplock_sock,
4800 InBuffer,BUFFER_SIZE,SMBD_SELECT_LOOP*1000,&got_smb);
4801 counter += SMBD_SELECT_LOOP)
4805 BOOL allidle = True;
4806 extern int keepalive;
4808 if (counter > 365 * 3600) /* big number of seconds. */
4811 service_load_counter = 0;
4814 if (smb_read_error == READ_EOF)
4816 DEBUG(3,("end of file from client\n"));
4820 if (smb_read_error == READ_ERROR)
4822 DEBUG(3,("receive_smb error (%s) exiting\n",
4829 /* become root again if waiting */
4832 /* check for smb.conf reload */
4833 if (counter >= service_load_counter + SMBD_RELOAD_CHECK)
4835 service_load_counter = counter;
4837 /* reload services, if files have changed. */
4838 reload_services(True);
4841 /* automatic timeout if all connections are closed */
4842 if (num_connections_open==0 && counter >= IDLE_CLOSED_TIMEOUT)
4844 DEBUG(2,("%s Closing idle connection\n",timestring()));
4848 if (keepalive && (counter-last_keepalive)>keepalive)
4850 struct cli_state *cli = server_client();
4851 if (!send_keepalive(Client)) {
4852 DEBUG(2,("%s Keepalive failed - exiting\n",timestring()));
4855 /* also send a keepalive to the password server if its still
4857 if (cli && cli->initialised)
4858 send_keepalive(cli->fd);
4859 last_keepalive = counter;
4862 /* check for connection timeouts */
4863 for (i=0;i<MAX_CONNECTIONS;i++)
4864 if (Connections[i].open)
4866 /* close dirptrs on connections that are idle */
4867 if ((t-Connections[i].lastused)>DPTR_IDLE_TIMEOUT)
4870 if (Connections[i].num_files_open > 0 ||
4871 (t-Connections[i].lastused)<deadtime)
4875 if (allidle && num_connections_open>0)
4877 DEBUG(2,("%s Closing idle connection 2\n",timestring()));
4883 process_smb(InBuffer, OutBuffer);
4885 process_local_message(oplock_sock, InBuffer, BUFFER_SIZE);
4890 /****************************************************************************
4891 initialise connect, service and file structs
4892 ****************************************************************************/
4893 static void init_structs(void )
4896 get_myname(myhostname,NULL);
4898 for (i=0;i<MAX_CONNECTIONS;i++)
4900 Connections[i].open = False;
4901 Connections[i].num_files_open=0;
4902 Connections[i].lastused=0;
4903 Connections[i].used=False;
4904 string_init(&Connections[i].user,"");
4905 string_init(&Connections[i].dirpath,"");
4906 string_init(&Connections[i].connectpath,"");
4907 string_init(&Connections[i].origpath,"");
4910 for (i=0;i<MAX_OPEN_FILES;i++)
4912 Files[i].open = False;
4913 string_init(&Files[i].name,"");
4917 for (i=0;i<MAX_OPEN_FILES;i++)
4919 file_fd_struct *fd_ptr = &FileFd[i];
4920 fd_ptr->ref_count = 0;
4921 fd_ptr->dev = (int32)-1;
4922 fd_ptr->inode = (int32)-1;
4924 fd_ptr->fd_readonly = -1;
4925 fd_ptr->fd_writeonly = -1;
4926 fd_ptr->real_open_flags = -1;
4930 init_rpc_pipe_hnd();
4932 /* for LSA handles */
4933 init_lsa_policy_hnd();
4938 /****************************************************************************
4939 usage on the program
4940 ****************************************************************************/
4941 static void usage(char *pname)
4943 DEBUG(0,("Incorrect program usage - are you sure the command line is correct?\n"));
4945 printf("Usage: %s [-D] [-p port] [-d debuglevel] [-l log basename] [-s services file]\n",pname);
4946 printf("Version %s\n",VERSION);
4947 printf("\t-D become a daemon\n");
4948 printf("\t-p port listen on the specified port\n");
4949 printf("\t-d debuglevel set the debuglevel\n");
4950 printf("\t-l log basename. Basename for log/debug files\n");
4951 printf("\t-s services file. Filename of services file\n");
4952 printf("\t-P passive only\n");
4953 printf("\t-a overwrite log file, don't append\n");
4958 /****************************************************************************
4960 ****************************************************************************/
4961 int main(int argc,char *argv[])
4963 extern BOOL append_log;
4964 /* shall I run as a daemon */
4965 BOOL is_daemon = False;
4966 int port = SMB_PORT;
4968 extern char *optarg;
4970 #ifdef NEED_AUTH_PARAMETERS
4971 set_auth_parameters(argc,argv);
4982 strcpy(debugf,SMBLOGFILE);
4984 strcpy(remote_machine, "smb");
4986 setup_logging(argv[0],False);
4988 charset_initialise();
4990 /* make absolutely sure we run as root - to handle cases where people
4991 are crazy enough to have it setuid */
5001 fault_setup(exit_server);
5002 signal(SIGTERM , SIGNAL_CAST dflt_sig);
5004 /* we want total control over the permissions on created files,
5005 so set our umask to 0 */
5012 /* this is for people who can't start the program correctly */
5013 while (argc > 1 && (*argv[1] != '-'))
5019 while ((opt = getopt(argc, argv, "O:i:l:s:d:Dp:hPaf:")) != EOF)
5023 strcpy(user_socket_options,optarg);
5026 strcpy(scope,optarg);
5030 extern BOOL passive;
5035 strcpy(servicesf,optarg);
5038 strcpy(debugf,optarg);
5042 extern BOOL append_log;
5043 append_log = !append_log;
5053 DEBUGLEVEL = atoi(optarg);
5056 port = atoi(optarg);
5069 DEBUG(2,("%s smbd version %s started\n",timestring(),VERSION));
5070 DEBUG(2,("Copyright Andrew Tridgell 1992-1997\n"));
5072 #ifndef NO_GETRLIMIT
5073 #ifdef RLIMIT_NOFILE
5076 getrlimit(RLIMIT_NOFILE, &rlp);
5078 * Set the fd limit to be MAX_OPEN_FILES + 10 to account for the
5079 * extra fd we need to read directories, as well as the log files
5080 * and standard handles etc.
5082 rlp.rlim_cur = (MAX_OPEN_FILES+10>rlp.rlim_max)? rlp.rlim_max:MAX_OPEN_FILES+10;
5083 setrlimit(RLIMIT_NOFILE, &rlp);
5084 getrlimit(RLIMIT_NOFILE, &rlp);
5085 DEBUG(3,("Maximum number of open files per session is %d\n",rlp.rlim_cur));
5091 DEBUG(2,("uid=%d gid=%d euid=%d egid=%d\n",
5092 getuid(),getgid(),geteuid(),getegid()));
5094 if (sizeof(uint16) < 2 || sizeof(uint32) < 4)
5096 DEBUG(0,("ERROR: Samba is not configured correctly for the word size on your machine\n"));
5102 if (!reload_services(False))
5105 codepage_initialise(lp_client_code_page());
5107 strcpy(myworkgroup, lp_workgroup());
5109 #ifndef NO_SIGNAL_TEST
5110 signal(SIGHUP,SIGNAL_CAST sig_hup);
5113 /* Setup the signals that allow the debug log level
5114 to by dynamically changed. */
5116 /* If we are using the malloc debug code we can't use
5117 SIGUSR1 and SIGUSR2 to do debug level changes. */
5120 #if defined(SIGUSR1)
5121 signal( SIGUSR1, SIGNAL_CAST sig_usr1 );
5122 #endif /* SIGUSR1 */
5124 #if defined(SIGUSR2)
5125 signal( SIGUSR2, SIGNAL_CAST sig_usr2 );
5126 #endif /* SIGUSR2 */
5127 #endif /* MEM_MAN */
5129 DEBUG(3,("%s loaded services\n",timestring()));
5131 if (!is_daemon && !is_a_socket(0))
5133 DEBUG(0,("standard input is not a socket, assuming -D option\n"));
5139 DEBUG(3,("%s becoming a daemon\n",timestring()));
5143 if (!directory_exist(lp_lockdir(), NULL)) {
5144 mkdir(lp_lockdir(), 0755);
5148 pidfile_create("smbd");
5151 if (!open_sockets(is_daemon,port))
5154 if (!locking_init(0))
5157 /* possibly reload the services file. */
5158 reload_services(True);
5160 max_recv = MIN(lp_maxxmit(),BUFFER_SIZE);
5164 if (sys_chroot(lp_rootdir()) == 0)
5165 DEBUG(2,("%s changed root to %s\n",timestring(),lp_rootdir()));
5168 /* Setup the oplock IPC socket. */
5169 if(!open_oplock_ipc())
5175 exit_server("normal exit");