2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 #include "smbd/globals.h"
30 #include "fake_file.h"
31 #include "../librpc/gen_ndr/cli_spoolss.h"
32 #include "rpc_client/cli_spoolss.h"
33 #include "rpc_client/init_spoolss.h"
34 #include "rpc_server/rpc_ncacn_np.h"
35 #include "libcli/security/security.h"
37 /****************************************************************************
38 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
39 path or anything including wildcards.
40 We're assuming here that '/' is not the second byte in any multibyte char
41 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
43 ****************************************************************************/
45 /* Custom version for processing POSIX paths. */
46 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
48 static NTSTATUS check_path_syntax_internal(char *path,
50 bool *p_last_component_contains_wcard)
54 NTSTATUS ret = NT_STATUS_OK;
55 bool start_of_name_component = True;
56 bool stream_started = false;
58 *p_last_component_contains_wcard = False;
65 return NT_STATUS_OBJECT_NAME_INVALID;
68 return NT_STATUS_OBJECT_NAME_INVALID;
70 if (strchr_m(&s[1], ':')) {
71 return NT_STATUS_OBJECT_NAME_INVALID;
77 if ((*s == ':') && !posix_path && !stream_started) {
78 if (*p_last_component_contains_wcard) {
79 return NT_STATUS_OBJECT_NAME_INVALID;
81 /* Stream names allow more characters than file names.
82 We're overloading posix_path here to allow a wider
83 range of characters. If stream_started is true this
84 is still a Windows path even if posix_path is true.
87 stream_started = true;
88 start_of_name_component = false;
92 return NT_STATUS_OBJECT_NAME_INVALID;
96 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
98 * Safe to assume is not the second part of a mb char
99 * as this is handled below.
101 /* Eat multiple '/' or '\\' */
102 while (IS_PATH_SEP(*s,posix_path)) {
105 if ((d != path) && (*s != '\0')) {
106 /* We only care about non-leading or trailing '/' or '\\' */
110 start_of_name_component = True;
112 *p_last_component_contains_wcard = False;
116 if (start_of_name_component) {
117 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
118 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
121 * No mb char starts with '.' so we're safe checking the directory separator here.
124 /* If we just added a '/' - delete it */
125 if ((d > path) && (*(d-1) == '/')) {
130 /* Are we at the start ? Can't go back further if so. */
132 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
135 /* Go back one level... */
136 /* We know this is safe as '/' cannot be part of a mb sequence. */
137 /* NOTE - if this assumption is invalid we are not in good shape... */
138 /* Decrement d first as d points to the *next* char to write into. */
139 for (d--; d > path; d--) {
143 s += 2; /* Else go past the .. */
144 /* We're still at the start of a name component, just the previous one. */
147 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
159 if (*s <= 0x1f || *s == '|') {
160 return NT_STATUS_OBJECT_NAME_INVALID;
168 *p_last_component_contains_wcard = True;
177 /* Get the size of the next MB character. */
178 next_codepoint(s,&siz);
196 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
198 return NT_STATUS_INVALID_PARAMETER;
201 start_of_name_component = False;
209 /****************************************************************************
210 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
211 No wildcards allowed.
212 ****************************************************************************/
214 NTSTATUS check_path_syntax(char *path)
217 return check_path_syntax_internal(path, False, &ignore);
220 /****************************************************************************
221 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
222 Wildcards allowed - p_contains_wcard returns true if the last component contained
224 ****************************************************************************/
226 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
228 return check_path_syntax_internal(path, False, p_contains_wcard);
231 /****************************************************************************
232 Check the path for a POSIX client.
233 We're assuming here that '/' is not the second byte in any multibyte char
234 set (a safe assumption).
235 ****************************************************************************/
237 NTSTATUS check_path_syntax_posix(char *path)
240 return check_path_syntax_internal(path, True, &ignore);
243 /****************************************************************************
244 Pull a string and check the path allowing a wilcard - provide for error return.
245 ****************************************************************************/
247 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
248 const char *base_ptr,
255 bool *contains_wcard)
261 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
265 *err = NT_STATUS_INVALID_PARAMETER;
269 *contains_wcard = False;
271 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
273 * For a DFS path the function parse_dfs_path()
274 * will do the path processing, just make a copy.
280 if (lp_posix_pathnames()) {
281 *err = check_path_syntax_posix(*pp_dest);
283 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
289 /****************************************************************************
290 Pull a string and check the path - provide for error return.
291 ****************************************************************************/
293 size_t srvstr_get_path(TALLOC_CTX *ctx,
294 const char *base_ptr,
303 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
304 src_len, flags, err, &ignore);
307 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
308 char **pp_dest, const char *src, int flags,
309 NTSTATUS *err, bool *contains_wcard)
311 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
312 pp_dest, src, smbreq_bufrem(req, src),
313 flags, err, contains_wcard);
316 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
317 char **pp_dest, const char *src, int flags,
321 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
322 flags, err, &ignore);
325 /****************************************************************************
326 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
327 ****************************************************************************/
329 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
332 if ((fsp == NULL) || (conn == NULL)) {
333 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
336 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
337 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
343 /****************************************************************************
344 Check if we have a correct fsp pointing to a file.
345 ****************************************************************************/
347 bool check_fsp(connection_struct *conn, struct smb_request *req,
350 if (!check_fsp_open(conn, req, fsp)) {
353 if (fsp->is_directory) {
354 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
357 if (fsp->fh->fd == -1) {
358 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
361 fsp->num_smb_operations++;
365 /****************************************************************************
366 Check if we have a correct fsp pointing to a quota fake file. Replacement for
367 the CHECK_NTQUOTA_HANDLE_OK macro.
368 ****************************************************************************/
370 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
373 if (!check_fsp_open(conn, req, fsp)) {
377 if (fsp->is_directory) {
381 if (fsp->fake_file_handle == NULL) {
385 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
389 if (fsp->fake_file_handle->private_data == NULL) {
396 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
397 const char *name, int name_type)
400 char *trim_name_type;
401 const char *retarget_parm;
404 int retarget_type = 0x20;
405 int retarget_port = 139;
406 struct sockaddr_storage retarget_addr;
407 struct sockaddr_in *in_addr;
411 if (get_socket_port(sconn->sock) != 139) {
415 trim_name = talloc_strdup(talloc_tos(), name);
416 if (trim_name == NULL) {
419 trim_char(trim_name, ' ', ' ');
421 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
423 if (trim_name_type == NULL) {
427 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
428 trim_name_type, NULL);
429 if (retarget_parm == NULL) {
430 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
433 if (retarget_parm == NULL) {
437 retarget = talloc_strdup(trim_name, retarget_parm);
438 if (retarget == NULL) {
442 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
444 p = strchr(retarget, ':');
447 retarget_port = atoi(p);
450 p = strchr_m(retarget, '#');
453 sscanf(p, "%x", &retarget_type);
456 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
458 DEBUG(10, ("could not resolve %s\n", retarget));
462 if (retarget_addr.ss_family != AF_INET) {
463 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
467 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
469 _smb_setlen(outbuf, 6);
470 SCVAL(outbuf, 0, 0x84);
471 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
472 *(uint16_t *)(outbuf+8) = htons(retarget_port);
474 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
476 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
482 TALLOC_FREE(trim_name);
486 /****************************************************************************
487 Reply to a (netbios-level) special message.
488 ****************************************************************************/
490 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
492 int msg_type = CVAL(inbuf,0);
493 int msg_flags = CVAL(inbuf,1);
495 * We only really use 4 bytes of the outbuf, but for the smb_setlen
496 * calculation & friends (srv_send_smb uses that) we need the full smb
499 char outbuf[smb_size];
501 memset(outbuf, '\0', sizeof(outbuf));
503 smb_setlen(outbuf,0);
506 case 0x81: /* session request */
508 /* inbuf_size is guarenteed to be at least 4. */
510 int name_type1, name_type2;
511 int name_len1, name_len2;
515 if (sconn->nbt.got_session) {
516 exit_server_cleanly("multiple session request not permitted");
519 SCVAL(outbuf,0,0x82);
522 /* inbuf_size is guaranteed to be at least 4. */
523 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
524 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
525 DEBUG(0,("Invalid name length in session request\n"));
528 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
529 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
530 DEBUG(0,("Invalid name length in session request\n"));
534 name_type1 = name_extract((unsigned char *)inbuf,
535 inbuf_size,(unsigned int)4,name1);
536 name_type2 = name_extract((unsigned char *)inbuf,
537 inbuf_size,(unsigned int)(4 + name_len1),name2);
539 if (name_type1 == -1 || name_type2 == -1) {
540 DEBUG(0,("Invalid name type in session request\n"));
544 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
545 name1, name_type1, name2, name_type2));
547 if (netbios_session_retarget(sconn, name1, name_type1)) {
548 exit_server_cleanly("retargeted client");
552 * Windows NT/2k uses "*SMBSERVER" and XP uses
553 * "*SMBSERV" arrggg!!!
555 if (strequal(name1, "*SMBSERVER ")
556 || strequal(name1, "*SMBSERV ")) {
557 fstrcpy(name1, sconn->client_id.addr);
560 set_local_machine_name(name1, True);
561 set_remote_machine_name(name2, True);
563 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
564 get_local_machine_name(), get_remote_machine_name(),
567 if (name_type2 == 'R') {
568 /* We are being asked for a pathworks session ---
570 SCVAL(outbuf, 0,0x83);
574 /* only add the client's machine name to the list
575 of possibly valid usernames if we are operating
576 in share mode security */
577 if (lp_security() == SEC_SHARE) {
578 add_session_user(sconn, get_remote_machine_name());
581 reload_services(sconn->msg_ctx, sconn->sock, True);
584 sconn->nbt.got_session = true;
588 case 0x89: /* session keepalive request
589 (some old clients produce this?) */
590 SCVAL(outbuf,0,SMBkeepalive);
594 case 0x82: /* positive session response */
595 case 0x83: /* negative session response */
596 case 0x84: /* retarget session response */
597 DEBUG(0,("Unexpected session response\n"));
600 case SMBkeepalive: /* session keepalive */
605 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
606 msg_type, msg_flags));
608 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
612 /****************************************************************************
614 conn POINTER CAN BE NULL HERE !
615 ****************************************************************************/
617 void reply_tcon(struct smb_request *req)
619 connection_struct *conn = req->conn;
621 char *service_buf = NULL;
622 char *password = NULL;
627 DATA_BLOB password_blob;
628 TALLOC_CTX *ctx = talloc_tos();
629 struct smbd_server_connection *sconn = req->sconn;
631 START_PROFILE(SMBtcon);
633 if (req->buflen < 4) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
639 p = (const char *)req->buf + 1;
640 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
642 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
644 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
647 if (service_buf == NULL || password == NULL || dev == NULL) {
648 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
649 END_PROFILE(SMBtcon);
652 p = strrchr_m(service_buf,'\\');
656 service = service_buf;
659 password_blob = data_blob(password, pwlen+1);
661 conn = make_connection(sconn,service,password_blob,dev,
662 req->vuid,&nt_status);
665 data_blob_clear_free(&password_blob);
668 reply_nterror(req, nt_status);
669 END_PROFILE(SMBtcon);
673 reply_outbuf(req, 2, 0);
674 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
675 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
676 SSVAL(req->outbuf,smb_tid,conn->cnum);
678 DEBUG(3,("tcon service=%s cnum=%d\n",
679 service, conn->cnum));
681 END_PROFILE(SMBtcon);
685 /****************************************************************************
686 Reply to a tcon and X.
687 conn POINTER CAN BE NULL HERE !
688 ****************************************************************************/
690 void reply_tcon_and_X(struct smb_request *req)
692 connection_struct *conn = req->conn;
693 const char *service = NULL;
695 TALLOC_CTX *ctx = talloc_tos();
696 /* what the cleint thinks the device is */
697 char *client_devicetype = NULL;
698 /* what the server tells the client the share represents */
699 const char *server_devicetype;
705 struct smbd_server_connection *sconn = req->sconn;
707 START_PROFILE(SMBtconX);
710 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
711 END_PROFILE(SMBtconX);
715 passlen = SVAL(req->vwv+3, 0);
716 tcon_flags = SVAL(req->vwv+2, 0);
718 /* we might have to close an old one */
719 if ((tcon_flags & 0x1) && conn) {
720 close_cnum(conn,req->vuid);
725 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
726 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
727 END_PROFILE(SMBtconX);
731 if (sconn->smb1.negprot.encrypted_passwords) {
732 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
733 if (lp_security() == SEC_SHARE) {
735 * Security = share always has a pad byte
736 * after the password.
738 p = (const char *)req->buf + passlen + 1;
740 p = (const char *)req->buf + passlen;
743 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
744 /* Ensure correct termination */
745 password.data[passlen]=0;
746 p = (const char *)req->buf + passlen + 1;
749 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
752 data_blob_clear_free(&password);
753 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
754 END_PROFILE(SMBtconX);
759 * the service name can be either: \\server\share
760 * or share directly like on the DELL PowerVault 705
763 q = strchr_m(path+2,'\\');
765 data_blob_clear_free(&password);
766 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
767 END_PROFILE(SMBtconX);
775 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
776 &client_devicetype, p,
777 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
779 if (client_devicetype == NULL) {
780 data_blob_clear_free(&password);
781 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
782 END_PROFILE(SMBtconX);
786 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
788 conn = make_connection(sconn, service, password, client_devicetype,
789 req->vuid, &nt_status);
792 data_blob_clear_free(&password);
795 reply_nterror(req, nt_status);
796 END_PROFILE(SMBtconX);
801 server_devicetype = "IPC";
802 else if ( IS_PRINT(conn) )
803 server_devicetype = "LPT1:";
805 server_devicetype = "A:";
807 if (get_Protocol() < PROTOCOL_NT1) {
808 reply_outbuf(req, 2, 0);
809 if (message_push_string(&req->outbuf, server_devicetype,
810 STR_TERMINATE|STR_ASCII) == -1) {
811 reply_nterror(req, NT_STATUS_NO_MEMORY);
812 END_PROFILE(SMBtconX);
816 /* NT sets the fstype of IPC$ to the null string */
817 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
819 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
820 /* Return permissions. */
824 reply_outbuf(req, 7, 0);
827 perm1 = FILE_ALL_ACCESS;
828 perm2 = FILE_ALL_ACCESS;
830 perm1 = CAN_WRITE(conn) ?
835 SIVAL(req->outbuf, smb_vwv3, perm1);
836 SIVAL(req->outbuf, smb_vwv5, perm2);
838 reply_outbuf(req, 3, 0);
841 if ((message_push_string(&req->outbuf, server_devicetype,
842 STR_TERMINATE|STR_ASCII) == -1)
843 || (message_push_string(&req->outbuf, fstype,
844 STR_TERMINATE) == -1)) {
845 reply_nterror(req, NT_STATUS_NO_MEMORY);
846 END_PROFILE(SMBtconX);
850 /* what does setting this bit do? It is set by NT4 and
851 may affect the ability to autorun mounted cdroms */
852 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
853 (lp_csc_policy(SNUM(conn)) << 2));
855 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
856 DEBUG(2,("Serving %s as a Dfs root\n",
857 lp_servicename(SNUM(conn)) ));
858 SSVAL(req->outbuf, smb_vwv2,
859 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
864 DEBUG(3,("tconX service=%s \n",
867 /* set the incoming and outgoing tid to the just created one */
868 SSVAL(req->inbuf,smb_tid,conn->cnum);
869 SSVAL(req->outbuf,smb_tid,conn->cnum);
871 END_PROFILE(SMBtconX);
873 req->tid = conn->cnum;
878 /****************************************************************************
879 Reply to an unknown type.
880 ****************************************************************************/
882 void reply_unknown_new(struct smb_request *req, uint8 type)
884 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
885 smb_fn_name(type), type, type));
886 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
890 /****************************************************************************
892 conn POINTER CAN BE NULL HERE !
893 ****************************************************************************/
895 void reply_ioctl(struct smb_request *req)
897 connection_struct *conn = req->conn;
904 START_PROFILE(SMBioctl);
907 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
908 END_PROFILE(SMBioctl);
912 device = SVAL(req->vwv+1, 0);
913 function = SVAL(req->vwv+2, 0);
914 ioctl_code = (device << 16) + function;
916 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
918 switch (ioctl_code) {
919 case IOCTL_QUERY_JOB_INFO:
923 reply_force_doserror(req, ERRSRV, ERRnosupport);
924 END_PROFILE(SMBioctl);
928 reply_outbuf(req, 8, replysize+1);
929 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
930 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
931 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
932 p = smb_buf(req->outbuf);
933 memset(p, '\0', replysize+1); /* valgrind-safe. */
934 p += 1; /* Allow for alignment */
936 switch (ioctl_code) {
937 case IOCTL_QUERY_JOB_INFO:
939 files_struct *fsp = file_fsp(
940 req, SVAL(req->vwv+0, 0));
942 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
943 END_PROFILE(SMBioctl);
947 if (fsp->print_file) {
948 SSVAL(p, 0, fsp->print_file->rap_jobid);
952 srvstr_push((char *)req->outbuf, req->flags2, p+2,
954 STR_TERMINATE|STR_ASCII);
956 srvstr_push((char *)req->outbuf, req->flags2,
957 p+18, lp_servicename(SNUM(conn)),
958 13, STR_TERMINATE|STR_ASCII);
966 END_PROFILE(SMBioctl);
970 /****************************************************************************
971 Strange checkpath NTSTATUS mapping.
972 ****************************************************************************/
974 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
976 /* Strange DOS error code semantics only for checkpath... */
977 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
978 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
979 /* We need to map to ERRbadpath */
980 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
986 /****************************************************************************
987 Reply to a checkpath.
988 ****************************************************************************/
990 void reply_checkpath(struct smb_request *req)
992 connection_struct *conn = req->conn;
993 struct smb_filename *smb_fname = NULL;
996 TALLOC_CTX *ctx = talloc_tos();
998 START_PROFILE(SMBcheckpath);
1000 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1001 STR_TERMINATE, &status);
1003 if (!NT_STATUS_IS_OK(status)) {
1004 status = map_checkpath_error(req->flags2, status);
1005 reply_nterror(req, status);
1006 END_PROFILE(SMBcheckpath);
1010 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1012 status = filename_convert(ctx,
1014 req->flags2 & FLAGS2_DFS_PATHNAMES,
1020 if (!NT_STATUS_IS_OK(status)) {
1021 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1022 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1023 ERRSRV, ERRbadpath);
1024 END_PROFILE(SMBcheckpath);
1030 if (!VALID_STAT(smb_fname->st) &&
1031 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1032 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1033 smb_fname_str_dbg(smb_fname), strerror(errno)));
1034 status = map_nt_error_from_unix(errno);
1038 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1039 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1040 ERRDOS, ERRbadpath);
1044 reply_outbuf(req, 0, 0);
1047 /* We special case this - as when a Windows machine
1048 is parsing a path is steps through the components
1049 one at a time - if a component fails it expects
1050 ERRbadpath, not ERRbadfile.
1052 status = map_checkpath_error(req->flags2, status);
1053 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1055 * Windows returns different error codes if
1056 * the parent directory is valid but not the
1057 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1058 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1059 * if the path is invalid.
1061 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1062 ERRDOS, ERRbadpath);
1066 reply_nterror(req, status);
1069 TALLOC_FREE(smb_fname);
1070 END_PROFILE(SMBcheckpath);
1074 /****************************************************************************
1076 ****************************************************************************/
1078 void reply_getatr(struct smb_request *req)
1080 connection_struct *conn = req->conn;
1081 struct smb_filename *smb_fname = NULL;
1088 TALLOC_CTX *ctx = talloc_tos();
1089 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1091 START_PROFILE(SMBgetatr);
1093 p = (const char *)req->buf + 1;
1094 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1095 if (!NT_STATUS_IS_OK(status)) {
1096 reply_nterror(req, status);
1100 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1101 under WfWg - weird! */
1102 if (*fname == '\0') {
1103 mode = aHIDDEN | aDIR;
1104 if (!CAN_WRITE(conn)) {
1110 status = filename_convert(ctx,
1112 req->flags2 & FLAGS2_DFS_PATHNAMES,
1117 if (!NT_STATUS_IS_OK(status)) {
1118 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1119 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1120 ERRSRV, ERRbadpath);
1123 reply_nterror(req, status);
1126 if (!VALID_STAT(smb_fname->st) &&
1127 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1128 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1129 smb_fname_str_dbg(smb_fname),
1131 reply_nterror(req, map_nt_error_from_unix(errno));
1135 mode = dos_mode(conn, smb_fname);
1136 size = smb_fname->st.st_ex_size;
1138 if (ask_sharemode) {
1139 struct timespec write_time_ts;
1140 struct file_id fileid;
1142 ZERO_STRUCT(write_time_ts);
1143 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1144 get_file_infos(fileid, NULL, &write_time_ts);
1145 if (!null_timespec(write_time_ts)) {
1146 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1150 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1156 reply_outbuf(req, 10, 0);
1158 SSVAL(req->outbuf,smb_vwv0,mode);
1159 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1160 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1162 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1164 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1166 if (get_Protocol() >= PROTOCOL_NT1) {
1167 SSVAL(req->outbuf, smb_flg2,
1168 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1171 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1172 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1175 TALLOC_FREE(smb_fname);
1177 END_PROFILE(SMBgetatr);
1181 /****************************************************************************
1183 ****************************************************************************/
1185 void reply_setatr(struct smb_request *req)
1187 struct smb_file_time ft;
1188 connection_struct *conn = req->conn;
1189 struct smb_filename *smb_fname = NULL;
1195 TALLOC_CTX *ctx = talloc_tos();
1197 START_PROFILE(SMBsetatr);
1202 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1206 p = (const char *)req->buf + 1;
1207 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1208 if (!NT_STATUS_IS_OK(status)) {
1209 reply_nterror(req, status);
1213 status = filename_convert(ctx,
1215 req->flags2 & FLAGS2_DFS_PATHNAMES,
1220 if (!NT_STATUS_IS_OK(status)) {
1221 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1222 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1223 ERRSRV, ERRbadpath);
1226 reply_nterror(req, status);
1230 if (smb_fname->base_name[0] == '.' &&
1231 smb_fname->base_name[1] == '\0') {
1233 * Not sure here is the right place to catch this
1234 * condition. Might be moved to somewhere else later -- vl
1236 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1240 mode = SVAL(req->vwv+0, 0);
1241 mtime = srv_make_unix_date3(req->vwv+1);
1243 ft.mtime = convert_time_t_to_timespec(mtime);
1244 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1245 if (!NT_STATUS_IS_OK(status)) {
1246 reply_nterror(req, status);
1250 if (mode != FILE_ATTRIBUTE_NORMAL) {
1251 if (VALID_STAT_OF_DIR(smb_fname->st))
1256 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1258 reply_nterror(req, map_nt_error_from_unix(errno));
1263 reply_outbuf(req, 0, 0);
1265 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1268 TALLOC_FREE(smb_fname);
1269 END_PROFILE(SMBsetatr);
1273 /****************************************************************************
1275 ****************************************************************************/
1277 void reply_dskattr(struct smb_request *req)
1279 connection_struct *conn = req->conn;
1280 uint64_t dfree,dsize,bsize;
1281 START_PROFILE(SMBdskattr);
1283 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1284 reply_nterror(req, map_nt_error_from_unix(errno));
1285 END_PROFILE(SMBdskattr);
1289 reply_outbuf(req, 5, 0);
1291 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1292 double total_space, free_space;
1293 /* we need to scale this to a number that DOS6 can handle. We
1294 use floating point so we can handle large drives on systems
1295 that don't have 64 bit integers
1297 we end up displaying a maximum of 2G to DOS systems
1299 total_space = dsize * (double)bsize;
1300 free_space = dfree * (double)bsize;
1302 dsize = (uint64_t)((total_space+63*512) / (64*512));
1303 dfree = (uint64_t)((free_space+63*512) / (64*512));
1305 if (dsize > 0xFFFF) dsize = 0xFFFF;
1306 if (dfree > 0xFFFF) dfree = 0xFFFF;
1308 SSVAL(req->outbuf,smb_vwv0,dsize);
1309 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1310 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1311 SSVAL(req->outbuf,smb_vwv3,dfree);
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1315 SSVAL(req->outbuf,smb_vwv2,512);
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1319 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1321 END_PROFILE(SMBdskattr);
1326 * Utility function to split the filename from the directory.
1328 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1329 char **fname_dir_out,
1330 char **fname_mask_out)
1332 const char *p = NULL;
1333 char *fname_dir = NULL;
1334 char *fname_mask = NULL;
1336 p = strrchr_m(fname_in, '/');
1338 fname_dir = talloc_strdup(ctx, ".");
1339 fname_mask = talloc_strdup(ctx, fname_in);
1341 fname_dir = talloc_strndup(ctx, fname_in,
1342 PTR_DIFF(p, fname_in));
1343 fname_mask = talloc_strdup(ctx, p+1);
1346 if (!fname_dir || !fname_mask) {
1347 TALLOC_FREE(fname_dir);
1348 TALLOC_FREE(fname_mask);
1349 return NT_STATUS_NO_MEMORY;
1352 *fname_dir_out = fname_dir;
1353 *fname_mask_out = fname_mask;
1354 return NT_STATUS_OK;
1357 /****************************************************************************
1359 Can be called from SMBsearch, SMBffirst or SMBfunique.
1360 ****************************************************************************/
1362 void reply_search(struct smb_request *req)
1364 connection_struct *conn = req->conn;
1366 const char *mask = NULL;
1367 char *directory = NULL;
1368 struct smb_filename *smb_fname = NULL;
1372 struct timespec date;
1374 unsigned int numentries = 0;
1375 unsigned int maxentries = 0;
1376 bool finished = False;
1381 bool check_descend = False;
1382 bool expect_close = False;
1384 bool mask_contains_wcard = False;
1385 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1386 TALLOC_CTX *ctx = talloc_tos();
1387 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1388 struct dptr_struct *dirptr = NULL;
1389 struct smbd_server_connection *sconn = req->sconn;
1391 START_PROFILE(SMBsearch);
1394 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1398 if (lp_posix_pathnames()) {
1399 reply_unknown_new(req, req->cmd);
1403 /* If we were called as SMBffirst then we must expect close. */
1404 if(req->cmd == SMBffirst) {
1405 expect_close = True;
1408 reply_outbuf(req, 1, 3);
1409 maxentries = SVAL(req->vwv+0, 0);
1410 dirtype = SVAL(req->vwv+1, 0);
1411 p = (const char *)req->buf + 1;
1412 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1413 &nt_status, &mask_contains_wcard);
1414 if (!NT_STATUS_IS_OK(nt_status)) {
1415 reply_nterror(req, nt_status);
1420 status_len = SVAL(p, 0);
1423 /* dirtype &= ~aDIR; */
1425 if (status_len == 0) {
1426 nt_status = filename_convert(ctx, conn,
1427 req->flags2 & FLAGS2_DFS_PATHNAMES,
1429 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1430 &mask_contains_wcard,
1432 if (!NT_STATUS_IS_OK(nt_status)) {
1433 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1434 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1435 ERRSRV, ERRbadpath);
1438 reply_nterror(req, nt_status);
1442 directory = smb_fname->base_name;
1444 p = strrchr_m(directory,'/');
1445 if ((p != NULL) && (*directory != '/')) {
1447 directory = talloc_strndup(ctx, directory,
1448 PTR_DIFF(p, directory));
1451 directory = talloc_strdup(ctx,".");
1455 reply_nterror(req, NT_STATUS_NO_MEMORY);
1459 memset((char *)status,'\0',21);
1460 SCVAL(status,0,(dirtype & 0x1F));
1462 nt_status = dptr_create(conn,
1468 mask_contains_wcard,
1471 if (!NT_STATUS_IS_OK(nt_status)) {
1472 reply_nterror(req, nt_status);
1475 dptr_num = dptr_dnum(dirptr);
1478 const char *dirpath;
1480 memcpy(status,p,21);
1481 status_dirtype = CVAL(status,0) & 0x1F;
1482 if (status_dirtype != (dirtype & 0x1F)) {
1483 dirtype = status_dirtype;
1486 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1490 dirpath = dptr_path(sconn, dptr_num);
1491 directory = talloc_strdup(ctx, dirpath);
1493 reply_nterror(req, NT_STATUS_NO_MEMORY);
1497 mask = dptr_wcard(sconn, dptr_num);
1502 * For a 'continue' search we have no string. So
1503 * check from the initial saved string.
1505 mask_contains_wcard = ms_has_wild(mask);
1506 dirtype = dptr_attr(sconn, dptr_num);
1509 DEBUG(4,("dptr_num is %d\n",dptr_num));
1511 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1512 dptr_init_search_op(dirptr);
1514 if ((dirtype&0x1F) == aVOLID) {
1515 char buf[DIR_STRUCT_SIZE];
1516 memcpy(buf,status,21);
1517 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1518 0,aVOLID,0,!allow_long_path_components)) {
1519 reply_nterror(req, NT_STATUS_NO_MEMORY);
1522 dptr_fill(sconn, buf+12,dptr_num);
1523 if (dptr_zero(buf+12) && (status_len==0)) {
1528 if (message_push_blob(&req->outbuf,
1529 data_blob_const(buf, sizeof(buf)))
1531 reply_nterror(req, NT_STATUS_NO_MEMORY);
1539 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1542 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1543 directory,lp_dontdescend(SNUM(conn))));
1544 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1545 check_descend = True;
1548 for (i=numentries;(i<maxentries) && !finished;i++) {
1549 finished = !get_dir_entry(ctx,
1560 char buf[DIR_STRUCT_SIZE];
1561 memcpy(buf,status,21);
1562 if (!make_dir_struct(ctx,
1568 convert_timespec_to_time_t(date),
1569 !allow_long_path_components)) {
1570 reply_nterror(req, NT_STATUS_NO_MEMORY);
1573 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1576 if (message_push_blob(&req->outbuf,
1577 data_blob_const(buf, sizeof(buf)))
1579 reply_nterror(req, NT_STATUS_NO_MEMORY);
1589 /* If we were called as SMBffirst with smb_search_id == NULL
1590 and no entries were found then return error and close dirptr
1593 if (numentries == 0) {
1594 dptr_close(sconn, &dptr_num);
1595 } else if(expect_close && status_len == 0) {
1596 /* Close the dptr - we know it's gone */
1597 dptr_close(sconn, &dptr_num);
1600 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1601 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1602 dptr_close(sconn, &dptr_num);
1605 if ((numentries == 0) && !mask_contains_wcard) {
1606 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1610 SSVAL(req->outbuf,smb_vwv0,numentries);
1611 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1612 SCVAL(smb_buf(req->outbuf),0,5);
1613 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1615 /* The replies here are never long name. */
1616 SSVAL(req->outbuf, smb_flg2,
1617 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1618 if (!allow_long_path_components) {
1619 SSVAL(req->outbuf, smb_flg2,
1620 SVAL(req->outbuf, smb_flg2)
1621 & (~FLAGS2_LONG_PATH_COMPONENTS));
1624 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1625 SSVAL(req->outbuf, smb_flg2,
1626 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1628 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1629 smb_fn_name(req->cmd),
1636 TALLOC_FREE(directory);
1637 TALLOC_FREE(smb_fname);
1638 END_PROFILE(SMBsearch);
1642 /****************************************************************************
1643 Reply to a fclose (stop directory search).
1644 ****************************************************************************/
1646 void reply_fclose(struct smb_request *req)
1654 bool path_contains_wcard = False;
1655 TALLOC_CTX *ctx = talloc_tos();
1656 struct smbd_server_connection *sconn = req->sconn;
1658 START_PROFILE(SMBfclose);
1660 if (lp_posix_pathnames()) {
1661 reply_unknown_new(req, req->cmd);
1662 END_PROFILE(SMBfclose);
1666 p = (const char *)req->buf + 1;
1667 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1668 &err, &path_contains_wcard);
1669 if (!NT_STATUS_IS_OK(err)) {
1670 reply_nterror(req, err);
1671 END_PROFILE(SMBfclose);
1675 status_len = SVAL(p,0);
1678 if (status_len == 0) {
1679 reply_force_doserror(req, ERRSRV, ERRsrverror);
1680 END_PROFILE(SMBfclose);
1684 memcpy(status,p,21);
1686 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1687 /* Close the dptr - we know it's gone */
1688 dptr_close(sconn, &dptr_num);
1691 reply_outbuf(req, 1, 0);
1692 SSVAL(req->outbuf,smb_vwv0,0);
1694 DEBUG(3,("search close\n"));
1696 END_PROFILE(SMBfclose);
1700 /****************************************************************************
1702 ****************************************************************************/
1704 void reply_open(struct smb_request *req)
1706 connection_struct *conn = req->conn;
1707 struct smb_filename *smb_fname = NULL;
1719 uint32 create_disposition;
1720 uint32 create_options = 0;
1721 uint32_t private_flags = 0;
1723 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1724 TALLOC_CTX *ctx = talloc_tos();
1726 START_PROFILE(SMBopen);
1729 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1733 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1734 deny_mode = SVAL(req->vwv+0, 0);
1735 dos_attr = SVAL(req->vwv+1, 0);
1737 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1738 STR_TERMINATE, &status);
1739 if (!NT_STATUS_IS_OK(status)) {
1740 reply_nterror(req, status);
1744 status = filename_convert(ctx,
1746 req->flags2 & FLAGS2_DFS_PATHNAMES,
1751 if (!NT_STATUS_IS_OK(status)) {
1752 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1753 reply_botherror(req,
1754 NT_STATUS_PATH_NOT_COVERED,
1755 ERRSRV, ERRbadpath);
1758 reply_nterror(req, status);
1762 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1763 OPENX_FILE_EXISTS_OPEN, &access_mask,
1764 &share_mode, &create_disposition,
1765 &create_options, &private_flags)) {
1766 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1770 status = SMB_VFS_CREATE_FILE(
1773 0, /* root_dir_fid */
1774 smb_fname, /* fname */
1775 access_mask, /* access_mask */
1776 share_mode, /* share_access */
1777 create_disposition, /* create_disposition*/
1778 create_options, /* create_options */
1779 dos_attr, /* file_attributes */
1780 oplock_request, /* oplock_request */
1781 0, /* allocation_size */
1788 if (!NT_STATUS_IS_OK(status)) {
1789 if (open_was_deferred(req->mid)) {
1790 /* We have re-scheduled this call. */
1793 reply_openerror(req, status);
1797 size = smb_fname->st.st_ex_size;
1798 fattr = dos_mode(conn, smb_fname);
1800 /* Deal with other possible opens having a modified
1802 if (ask_sharemode) {
1803 struct timespec write_time_ts;
1805 ZERO_STRUCT(write_time_ts);
1806 get_file_infos(fsp->file_id, NULL, &write_time_ts);
1807 if (!null_timespec(write_time_ts)) {
1808 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1812 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1815 DEBUG(3,("attempt to open a directory %s\n",
1817 close_file(req, fsp, ERROR_CLOSE);
1818 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1819 ERRDOS, ERRnoaccess);
1823 reply_outbuf(req, 7, 0);
1824 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1825 SSVAL(req->outbuf,smb_vwv1,fattr);
1826 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1827 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1829 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1831 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1832 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1834 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1835 SCVAL(req->outbuf,smb_flg,
1836 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1839 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1840 SCVAL(req->outbuf,smb_flg,
1841 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1844 TALLOC_FREE(smb_fname);
1845 END_PROFILE(SMBopen);
1849 /****************************************************************************
1850 Reply to an open and X.
1851 ****************************************************************************/
1853 void reply_open_and_X(struct smb_request *req)
1855 connection_struct *conn = req->conn;
1856 struct smb_filename *smb_fname = NULL;
1861 /* Breakout the oplock request bits so we can set the
1862 reply bits separately. */
1863 int ex_oplock_request;
1864 int core_oplock_request;
1867 int smb_sattr = SVAL(req->vwv+4, 0);
1868 uint32 smb_time = make_unix_date3(req->vwv+6);
1876 uint64_t allocation_size;
1877 ssize_t retval = -1;
1880 uint32 create_disposition;
1881 uint32 create_options = 0;
1882 uint32_t private_flags = 0;
1883 TALLOC_CTX *ctx = talloc_tos();
1885 START_PROFILE(SMBopenX);
1887 if (req->wct < 15) {
1888 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1892 open_flags = SVAL(req->vwv+2, 0);
1893 deny_mode = SVAL(req->vwv+3, 0);
1894 smb_attr = SVAL(req->vwv+5, 0);
1895 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1896 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1897 oplock_request = ex_oplock_request | core_oplock_request;
1898 smb_ofun = SVAL(req->vwv+8, 0);
1899 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1901 /* If it's an IPC, pass off the pipe handler. */
1903 if (lp_nt_pipe_support()) {
1904 reply_open_pipe_and_X(conn, req);
1906 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1911 /* XXXX we need to handle passed times, sattr and flags */
1912 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1913 STR_TERMINATE, &status);
1914 if (!NT_STATUS_IS_OK(status)) {
1915 reply_nterror(req, status);
1919 status = filename_convert(ctx,
1921 req->flags2 & FLAGS2_DFS_PATHNAMES,
1926 if (!NT_STATUS_IS_OK(status)) {
1927 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1928 reply_botherror(req,
1929 NT_STATUS_PATH_NOT_COVERED,
1930 ERRSRV, ERRbadpath);
1933 reply_nterror(req, status);
1937 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1938 &access_mask, &share_mode,
1939 &create_disposition,
1942 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1946 status = SMB_VFS_CREATE_FILE(
1949 0, /* root_dir_fid */
1950 smb_fname, /* fname */
1951 access_mask, /* access_mask */
1952 share_mode, /* share_access */
1953 create_disposition, /* create_disposition*/
1954 create_options, /* create_options */
1955 smb_attr, /* file_attributes */
1956 oplock_request, /* oplock_request */
1957 0, /* allocation_size */
1962 &smb_action); /* pinfo */
1964 if (!NT_STATUS_IS_OK(status)) {
1965 if (open_was_deferred(req->mid)) {
1966 /* We have re-scheduled this call. */
1969 reply_openerror(req, status);
1973 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1974 if the file is truncated or created. */
1975 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1976 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1977 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1978 close_file(req, fsp, ERROR_CLOSE);
1979 reply_nterror(req, NT_STATUS_DISK_FULL);
1982 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1984 close_file(req, fsp, ERROR_CLOSE);
1985 reply_nterror(req, NT_STATUS_DISK_FULL);
1988 smb_fname->st.st_ex_size =
1989 SMB_VFS_GET_ALLOC_SIZE(conn, fsp, &smb_fname->st);
1992 fattr = dos_mode(conn, smb_fname);
1993 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1995 close_file(req, fsp, ERROR_CLOSE);
1996 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2000 /* If the caller set the extended oplock request bit
2001 and we granted one (by whatever means) - set the
2002 correct bit for extended oplock reply.
2005 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2006 smb_action |= EXTENDED_OPLOCK_GRANTED;
2009 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2010 smb_action |= EXTENDED_OPLOCK_GRANTED;
2013 /* If the caller set the core oplock request bit
2014 and we granted one (by whatever means) - set the
2015 correct bit for core oplock reply.
2018 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2019 reply_outbuf(req, 19, 0);
2021 reply_outbuf(req, 15, 0);
2024 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2025 SCVAL(req->outbuf, smb_flg,
2026 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2029 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2030 SCVAL(req->outbuf, smb_flg,
2031 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2034 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2035 SSVAL(req->outbuf,smb_vwv3,fattr);
2036 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2037 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2039 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2041 SIVAL(req->outbuf,smb_vwv6,(uint32)smb_fname->st.st_ex_size);
2042 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2043 SSVAL(req->outbuf,smb_vwv11,smb_action);
2045 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2046 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2051 TALLOC_FREE(smb_fname);
2052 END_PROFILE(SMBopenX);
2056 /****************************************************************************
2057 Reply to a SMBulogoffX.
2058 ****************************************************************************/
2060 void reply_ulogoffX(struct smb_request *req)
2062 struct smbd_server_connection *sconn = req->sconn;
2065 START_PROFILE(SMBulogoffX);
2067 vuser = get_valid_user_struct(sconn, req->vuid);
2070 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2074 /* in user level security we are supposed to close any files
2075 open by this user */
2076 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2077 file_close_user(sconn, req->vuid);
2080 invalidate_vuid(sconn, req->vuid);
2082 reply_outbuf(req, 2, 0);
2084 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2086 END_PROFILE(SMBulogoffX);
2087 req->vuid = UID_FIELD_INVALID;
2091 /****************************************************************************
2092 Reply to a mknew or a create.
2093 ****************************************************************************/
2095 void reply_mknew(struct smb_request *req)
2097 connection_struct *conn = req->conn;
2098 struct smb_filename *smb_fname = NULL;
2101 struct smb_file_time ft;
2103 int oplock_request = 0;
2105 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2106 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2107 uint32 create_disposition;
2108 uint32 create_options = 0;
2109 TALLOC_CTX *ctx = talloc_tos();
2111 START_PROFILE(SMBcreate);
2115 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2119 fattr = SVAL(req->vwv+0, 0);
2120 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2123 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2125 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2126 STR_TERMINATE, &status);
2127 if (!NT_STATUS_IS_OK(status)) {
2128 reply_nterror(req, status);
2132 status = filename_convert(ctx,
2134 req->flags2 & FLAGS2_DFS_PATHNAMES,
2139 if (!NT_STATUS_IS_OK(status)) {
2140 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2141 reply_botherror(req,
2142 NT_STATUS_PATH_NOT_COVERED,
2143 ERRSRV, ERRbadpath);
2146 reply_nterror(req, status);
2150 if (fattr & aVOLID) {
2151 DEBUG(0,("Attempt to create file (%s) with volid set - "
2152 "please report this\n",
2153 smb_fname_str_dbg(smb_fname)));
2156 if(req->cmd == SMBmknew) {
2157 /* We should fail if file exists. */
2158 create_disposition = FILE_CREATE;
2160 /* Create if file doesn't exist, truncate if it does. */
2161 create_disposition = FILE_OVERWRITE_IF;
2164 status = SMB_VFS_CREATE_FILE(
2167 0, /* root_dir_fid */
2168 smb_fname, /* fname */
2169 access_mask, /* access_mask */
2170 share_mode, /* share_access */
2171 create_disposition, /* create_disposition*/
2172 create_options, /* create_options */
2173 fattr, /* file_attributes */
2174 oplock_request, /* oplock_request */
2175 0, /* allocation_size */
2176 0, /* private_flags */
2182 if (!NT_STATUS_IS_OK(status)) {
2183 if (open_was_deferred(req->mid)) {
2184 /* We have re-scheduled this call. */
2187 reply_openerror(req, status);
2191 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2192 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2193 if (!NT_STATUS_IS_OK(status)) {
2194 END_PROFILE(SMBcreate);
2198 reply_outbuf(req, 1, 0);
2199 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2201 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2202 SCVAL(req->outbuf,smb_flg,
2203 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2206 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2207 SCVAL(req->outbuf,smb_flg,
2208 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2211 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2212 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2213 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2214 (unsigned int)fattr));
2217 TALLOC_FREE(smb_fname);
2218 END_PROFILE(SMBcreate);
2222 /****************************************************************************
2223 Reply to a create temporary file.
2224 ****************************************************************************/
2226 void reply_ctemp(struct smb_request *req)
2228 connection_struct *conn = req->conn;
2229 struct smb_filename *smb_fname = NULL;
2237 TALLOC_CTX *ctx = talloc_tos();
2239 START_PROFILE(SMBctemp);
2242 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2246 fattr = SVAL(req->vwv+0, 0);
2247 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2249 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2250 STR_TERMINATE, &status);
2251 if (!NT_STATUS_IS_OK(status)) {
2252 reply_nterror(req, status);
2256 fname = talloc_asprintf(ctx,
2260 fname = talloc_strdup(ctx, "TMXXXXXX");
2264 reply_nterror(req, NT_STATUS_NO_MEMORY);
2268 status = filename_convert(ctx, conn,
2269 req->flags2 & FLAGS2_DFS_PATHNAMES,
2274 if (!NT_STATUS_IS_OK(status)) {
2275 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2276 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2277 ERRSRV, ERRbadpath);
2280 reply_nterror(req, status);
2284 tmpfd = mkstemp(smb_fname->base_name);
2286 reply_nterror(req, map_nt_error_from_unix(errno));
2290 SMB_VFS_STAT(conn, smb_fname);
2292 /* We should fail if file does not exist. */
2293 status = SMB_VFS_CREATE_FILE(
2296 0, /* root_dir_fid */
2297 smb_fname, /* fname */
2298 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2299 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2300 FILE_OPEN, /* create_disposition*/
2301 0, /* create_options */
2302 fattr, /* file_attributes */
2303 oplock_request, /* oplock_request */
2304 0, /* allocation_size */
2305 0, /* private_flags */
2311 /* close fd from mkstemp() */
2314 if (!NT_STATUS_IS_OK(status)) {
2315 if (open_was_deferred(req->mid)) {
2316 /* We have re-scheduled this call. */
2319 reply_openerror(req, status);
2323 reply_outbuf(req, 1, 0);
2324 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2326 /* the returned filename is relative to the directory */
2327 s = strrchr_m(fsp->fsp_name->base_name, '/');
2329 s = fsp->fsp_name->base_name;
2335 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2336 thing in the byte section. JRA */
2337 SSVALS(p, 0, -1); /* what is this? not in spec */
2339 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2341 reply_nterror(req, NT_STATUS_NO_MEMORY);
2345 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2346 SCVAL(req->outbuf, smb_flg,
2347 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2350 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2351 SCVAL(req->outbuf, smb_flg,
2352 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2355 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2356 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2357 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2359 TALLOC_FREE(smb_fname);
2360 END_PROFILE(SMBctemp);
2364 /*******************************************************************
2365 Check if a user is allowed to rename a file.
2366 ********************************************************************/
2368 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2373 if (!CAN_WRITE(conn)) {
2374 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2377 fmode = dos_mode(conn, fsp->fsp_name);
2378 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2379 return NT_STATUS_NO_SUCH_FILE;
2382 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2383 if (fsp->posix_open) {
2384 return NT_STATUS_OK;
2387 /* If no pathnames are open below this
2388 directory, allow the rename. */
2390 if (file_find_subpath(fsp)) {
2391 return NT_STATUS_ACCESS_DENIED;
2393 return NT_STATUS_OK;
2396 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2397 return NT_STATUS_OK;
2400 return NT_STATUS_ACCESS_DENIED;
2403 /*******************************************************************
2404 * unlink a file with all relevant access checks
2405 *******************************************************************/
2407 static NTSTATUS do_unlink(connection_struct *conn,
2408 struct smb_request *req,
2409 struct smb_filename *smb_fname,
2414 uint32 dirtype_orig = dirtype;
2417 bool posix_paths = lp_posix_pathnames();
2419 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2420 smb_fname_str_dbg(smb_fname),
2423 if (!CAN_WRITE(conn)) {
2424 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2428 ret = SMB_VFS_LSTAT(conn, smb_fname);
2430 ret = SMB_VFS_STAT(conn, smb_fname);
2433 return map_nt_error_from_unix(errno);
2436 fattr = dos_mode(conn, smb_fname);
2438 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2439 dirtype = aDIR|aARCH|aRONLY;
2442 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2444 return NT_STATUS_NO_SUCH_FILE;
2447 if (!dir_check_ftype(conn, fattr, dirtype)) {
2449 return NT_STATUS_FILE_IS_A_DIRECTORY;
2451 return NT_STATUS_NO_SUCH_FILE;
2454 if (dirtype_orig & 0x8000) {
2455 /* These will never be set for POSIX. */
2456 return NT_STATUS_NO_SUCH_FILE;
2460 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2461 return NT_STATUS_FILE_IS_A_DIRECTORY;
2464 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2465 return NT_STATUS_NO_SUCH_FILE;
2468 if (dirtype & 0xFF00) {
2469 /* These will never be set for POSIX. */
2470 return NT_STATUS_NO_SUCH_FILE;
2475 return NT_STATUS_NO_SUCH_FILE;
2478 /* Can't delete a directory. */
2480 return NT_STATUS_FILE_IS_A_DIRECTORY;
2485 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2486 return NT_STATUS_OBJECT_NAME_INVALID;
2487 #endif /* JRATEST */
2489 /* On open checks the open itself will check the share mode, so
2490 don't do it here as we'll get it wrong. */
2492 status = SMB_VFS_CREATE_FILE
2495 0, /* root_dir_fid */
2496 smb_fname, /* fname */
2497 DELETE_ACCESS, /* access_mask */
2498 FILE_SHARE_NONE, /* share_access */
2499 FILE_OPEN, /* create_disposition*/
2500 FILE_NON_DIRECTORY_FILE, /* create_options */
2501 /* file_attributes */
2502 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2503 FILE_ATTRIBUTE_NORMAL,
2504 0, /* oplock_request */
2505 0, /* allocation_size */
2506 0, /* private_flags */
2512 if (!NT_STATUS_IS_OK(status)) {
2513 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2514 nt_errstr(status)));
2518 status = can_set_delete_on_close(fsp, fattr);
2519 if (!NT_STATUS_IS_OK(status)) {
2520 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2522 smb_fname_str_dbg(smb_fname),
2523 nt_errstr(status)));
2524 close_file(req, fsp, NORMAL_CLOSE);
2528 /* The set is across all open files on this dev/inode pair. */
2529 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2530 close_file(req, fsp, NORMAL_CLOSE);
2531 return NT_STATUS_ACCESS_DENIED;
2534 return close_file(req, fsp, NORMAL_CLOSE);
2537 /****************************************************************************
2538 The guts of the unlink command, split out so it may be called by the NT SMB
2540 ****************************************************************************/
2542 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2543 uint32 dirtype, struct smb_filename *smb_fname,
2546 char *fname_dir = NULL;
2547 char *fname_mask = NULL;
2549 NTSTATUS status = NT_STATUS_OK;
2550 TALLOC_CTX *ctx = talloc_tos();
2552 /* Split up the directory from the filename/mask. */
2553 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2554 &fname_dir, &fname_mask);
2555 if (!NT_STATUS_IS_OK(status)) {
2560 * We should only check the mangled cache
2561 * here if unix_convert failed. This means
2562 * that the path in 'mask' doesn't exist
2563 * on the file system and so we need to look
2564 * for a possible mangle. This patch from
2565 * Tine Smukavec <valentin.smukavec@hermes.si>.
2568 if (!VALID_STAT(smb_fname->st) &&
2569 mangle_is_mangled(fname_mask, conn->params)) {
2570 char *new_mask = NULL;
2571 mangle_lookup_name_from_8_3(ctx, fname_mask,
2572 &new_mask, conn->params);
2574 TALLOC_FREE(fname_mask);
2575 fname_mask = new_mask;
2582 * Only one file needs to be unlinked. Append the mask back
2583 * onto the directory.
2585 TALLOC_FREE(smb_fname->base_name);
2586 smb_fname->base_name = talloc_asprintf(smb_fname,
2590 if (!smb_fname->base_name) {
2591 status = NT_STATUS_NO_MEMORY;
2595 dirtype = FILE_ATTRIBUTE_NORMAL;
2598 status = check_name(conn, smb_fname->base_name);
2599 if (!NT_STATUS_IS_OK(status)) {
2603 status = do_unlink(conn, req, smb_fname, dirtype);
2604 if (!NT_STATUS_IS_OK(status)) {
2610 struct smb_Dir *dir_hnd = NULL;
2612 const char *dname = NULL;
2613 char *talloced = NULL;
2615 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2616 status = NT_STATUS_OBJECT_NAME_INVALID;
2620 if (strequal(fname_mask,"????????.???")) {
2621 TALLOC_FREE(fname_mask);
2622 fname_mask = talloc_strdup(ctx, "*");
2624 status = NT_STATUS_NO_MEMORY;
2629 status = check_name(conn, fname_dir);
2630 if (!NT_STATUS_IS_OK(status)) {
2634 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2636 if (dir_hnd == NULL) {
2637 status = map_nt_error_from_unix(errno);
2641 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2642 the pattern matches against the long name, otherwise the short name
2643 We don't implement this yet XXXX
2646 status = NT_STATUS_NO_SUCH_FILE;
2648 while ((dname = ReadDirName(dir_hnd, &offset,
2649 &smb_fname->st, &talloced))) {
2650 TALLOC_CTX *frame = talloc_stackframe();
2652 if (!is_visible_file(conn, fname_dir, dname,
2653 &smb_fname->st, true)) {
2655 TALLOC_FREE(talloced);
2659 /* Quick check for "." and ".." */
2660 if (ISDOT(dname) || ISDOTDOT(dname)) {
2662 TALLOC_FREE(talloced);
2666 if(!mask_match(dname, fname_mask,
2667 conn->case_sensitive)) {
2669 TALLOC_FREE(talloced);
2673 TALLOC_FREE(smb_fname->base_name);
2674 smb_fname->base_name =
2675 talloc_asprintf(smb_fname, "%s/%s",
2678 if (!smb_fname->base_name) {
2679 TALLOC_FREE(dir_hnd);
2680 status = NT_STATUS_NO_MEMORY;
2682 TALLOC_FREE(talloced);
2686 status = check_name(conn, smb_fname->base_name);
2687 if (!NT_STATUS_IS_OK(status)) {
2688 TALLOC_FREE(dir_hnd);
2690 TALLOC_FREE(talloced);
2694 status = do_unlink(conn, req, smb_fname, dirtype);
2695 if (!NT_STATUS_IS_OK(status)) {
2697 TALLOC_FREE(talloced);
2702 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2703 smb_fname->base_name));
2706 TALLOC_FREE(talloced);
2708 TALLOC_FREE(dir_hnd);
2711 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2712 status = map_nt_error_from_unix(errno);
2716 TALLOC_FREE(fname_dir);
2717 TALLOC_FREE(fname_mask);
2721 /****************************************************************************
2723 ****************************************************************************/
2725 void reply_unlink(struct smb_request *req)
2727 connection_struct *conn = req->conn;
2729 struct smb_filename *smb_fname = NULL;
2732 bool path_contains_wcard = False;
2733 TALLOC_CTX *ctx = talloc_tos();
2735 START_PROFILE(SMBunlink);
2738 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2742 dirtype = SVAL(req->vwv+0, 0);
2744 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2745 STR_TERMINATE, &status,
2746 &path_contains_wcard);
2747 if (!NT_STATUS_IS_OK(status)) {
2748 reply_nterror(req, status);
2752 status = filename_convert(ctx, conn,
2753 req->flags2 & FLAGS2_DFS_PATHNAMES,
2755 UCF_COND_ALLOW_WCARD_LCOMP,
2756 &path_contains_wcard,
2758 if (!NT_STATUS_IS_OK(status)) {
2759 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2760 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2761 ERRSRV, ERRbadpath);
2764 reply_nterror(req, status);
2768 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2770 status = unlink_internals(conn, req, dirtype, smb_fname,
2771 path_contains_wcard);
2772 if (!NT_STATUS_IS_OK(status)) {
2773 if (open_was_deferred(req->mid)) {
2774 /* We have re-scheduled this call. */
2777 reply_nterror(req, status);
2781 reply_outbuf(req, 0, 0);
2783 TALLOC_FREE(smb_fname);
2784 END_PROFILE(SMBunlink);
2788 /****************************************************************************
2790 ****************************************************************************/
2792 static void fail_readraw(void)
2794 const char *errstr = talloc_asprintf(talloc_tos(),
2795 "FAIL ! reply_readbraw: socket write fail (%s)",
2800 exit_server_cleanly(errstr);
2803 /****************************************************************************
2804 Fake (read/write) sendfile. Returns -1 on read or write fail.
2805 ****************************************************************************/
2807 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2811 size_t tosend = nread;
2818 bufsize = MIN(nread, 65536);
2820 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2824 while (tosend > 0) {
2828 if (tosend > bufsize) {
2833 ret = read_file(fsp,buf,startpos,cur_read);
2839 /* If we had a short read, fill with zeros. */
2840 if (ret < cur_read) {
2841 memset(buf + ret, '\0', cur_read - ret);
2844 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2846 char addr[INET6_ADDRSTRLEN];
2848 * Try and give an error message saying what
2851 DEBUG(0, ("write_data failed for client %s. "
2853 get_peer_addr(fsp->conn->sconn->sock, addr,
2860 startpos += cur_read;
2864 return (ssize_t)nread;
2867 #if defined(WITH_SENDFILE)
2868 /****************************************************************************
2869 Deal with the case of sendfile reading less bytes from the file than
2870 requested. Fill with zeros (all we can do).
2871 ****************************************************************************/
2873 static void sendfile_short_send(files_struct *fsp,
2878 #define SHORT_SEND_BUFSIZE 1024
2879 if (nread < headersize) {
2880 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2881 "header for file %s (%s). Terminating\n",
2882 fsp_str_dbg(fsp), strerror(errno)));
2883 exit_server_cleanly("sendfile_short_send failed");
2886 nread -= headersize;
2888 if (nread < smb_maxcnt) {
2889 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2891 exit_server_cleanly("sendfile_short_send: "
2895 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2896 "with zeros !\n", fsp_str_dbg(fsp)));
2898 while (nread < smb_maxcnt) {
2900 * We asked for the real file size and told sendfile
2901 * to not go beyond the end of the file. But it can
2902 * happen that in between our fstat call and the
2903 * sendfile call the file was truncated. This is very
2904 * bad because we have already announced the larger
2905 * number of bytes to the client.
2907 * The best we can do now is to send 0-bytes, just as
2908 * a read from a hole in a sparse file would do.
2910 * This should happen rarely enough that I don't care
2911 * about efficiency here :-)
2915 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2916 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2918 char addr[INET6_ADDRSTRLEN];
2920 * Try and give an error message saying what
2923 DEBUG(0, ("write_data failed for client %s. "
2926 fsp->conn->sconn->sock, addr,
2929 exit_server_cleanly("sendfile_short_send: "
2930 "write_data failed");
2937 #endif /* defined WITH_SENDFILE */
2939 /****************************************************************************
2940 Return a readbraw error (4 bytes of zero).
2941 ****************************************************************************/
2943 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2949 smbd_lock_socket(sconn);
2950 if (write_data(sconn->sock,header,4) != 4) {
2951 char addr[INET6_ADDRSTRLEN];
2953 * Try and give an error message saying what
2956 DEBUG(0, ("write_data failed for client %s. "
2958 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2963 smbd_unlock_socket(sconn);
2966 /****************************************************************************
2967 Use sendfile in readbraw.
2968 ****************************************************************************/
2970 static void send_file_readbraw(connection_struct *conn,
2971 struct smb_request *req,
2977 struct smbd_server_connection *sconn = req->sconn;
2978 char *outbuf = NULL;
2981 #if defined(WITH_SENDFILE)
2983 * We can only use sendfile on a non-chained packet
2984 * but we can use on a non-oplocked file. tridge proved this
2985 * on a train in Germany :-). JRA.
2986 * reply_readbraw has already checked the length.
2989 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2990 (fsp->wcp == NULL) &&
2991 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
2992 ssize_t sendfile_read = -1;
2994 DATA_BLOB header_blob;
2996 _smb_setlen(header,nread);
2997 header_blob = data_blob_const(header, 4);
2999 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
3000 &header_blob, startpos,
3002 if (sendfile_read == -1) {
3003 /* Returning ENOSYS means no data at all was sent.
3004 * Do this as a normal read. */
3005 if (errno == ENOSYS) {
3006 goto normal_readbraw;
3010 * Special hack for broken Linux with no working sendfile. If we
3011 * return EINTR we sent the header but not the rest of the data.
3012 * Fake this up by doing read/write calls.
3014 if (errno == EINTR) {
3015 /* Ensure we don't do this again. */
3016 set_use_sendfile(SNUM(conn), False);
3017 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3019 if (fake_sendfile(fsp, startpos, nread) == -1) {
3020 DEBUG(0,("send_file_readbraw: "
3021 "fake_sendfile failed for "
3025 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3030 DEBUG(0,("send_file_readbraw: sendfile failed for "
3031 "file %s (%s). Terminating\n",
3032 fsp_str_dbg(fsp), strerror(errno)));
3033 exit_server_cleanly("send_file_readbraw sendfile failed");
3034 } else if (sendfile_read == 0) {
3036 * Some sendfile implementations return 0 to indicate
3037 * that there was a short read, but nothing was
3038 * actually written to the socket. In this case,
3039 * fallback to the normal read path so the header gets
3040 * the correct byte count.
3042 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3043 "bytes falling back to the normal read: "
3044 "%s\n", fsp_str_dbg(fsp)));
3045 goto normal_readbraw;
3048 /* Deal with possible short send. */
3049 if (sendfile_read != 4+nread) {
3050 sendfile_short_send(fsp, sendfile_read, 4, nread);
3058 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3060 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3061 (unsigned)(nread+4)));
3062 reply_readbraw_error(sconn);
3067 ret = read_file(fsp,outbuf+4,startpos,nread);
3068 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3077 _smb_setlen(outbuf,ret);
3078 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3079 char addr[INET6_ADDRSTRLEN];
3081 * Try and give an error message saying what
3084 DEBUG(0, ("write_data failed for client %s. "
3086 get_peer_addr(fsp->conn->sconn->sock, addr,
3093 TALLOC_FREE(outbuf);
3096 /****************************************************************************
3097 Reply to a readbraw (core+ protocol).
3098 ****************************************************************************/
3100 void reply_readbraw(struct smb_request *req)
3102 connection_struct *conn = req->conn;
3103 struct smbd_server_connection *sconn = req->sconn;
3104 ssize_t maxcount,mincount;
3108 struct lock_struct lock;
3111 START_PROFILE(SMBreadbraw);
3113 if (srv_is_signing_active(sconn) ||
3114 is_encrypted_packet(req->inbuf)) {
3115 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3116 "raw reads/writes are disallowed.");
3120 reply_readbraw_error(sconn);
3121 END_PROFILE(SMBreadbraw);
3125 if (sconn->smb1.echo_handler.trusted_fde) {
3126 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3127 "'async smb echo handler = yes'\n"));
3128 reply_readbraw_error(sconn);
3129 END_PROFILE(SMBreadbraw);
3134 * Special check if an oplock break has been issued
3135 * and the readraw request croses on the wire, we must
3136 * return a zero length response here.
3139 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3142 * We have to do a check_fsp by hand here, as
3143 * we must always return 4 zero bytes on error,
3147 if (!fsp || !conn || conn != fsp->conn ||
3148 req->vuid != fsp->vuid ||
3149 fsp->is_directory || fsp->fh->fd == -1) {
3151 * fsp could be NULL here so use the value from the packet. JRA.
3153 DEBUG(3,("reply_readbraw: fnum %d not valid "
3155 (int)SVAL(req->vwv+0, 0)));
3156 reply_readbraw_error(sconn);
3157 END_PROFILE(SMBreadbraw);
3161 /* Do a "by hand" version of CHECK_READ. */
3162 if (!(fsp->can_read ||
3163 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3164 (fsp->access_mask & FILE_EXECUTE)))) {
3165 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3166 (int)SVAL(req->vwv+0, 0)));
3167 reply_readbraw_error(sconn);
3168 END_PROFILE(SMBreadbraw);
3172 flush_write_cache(fsp, READRAW_FLUSH);
3174 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3175 if(req->wct == 10) {
3177 * This is a large offset (64 bit) read.
3179 #ifdef LARGE_SMB_OFF_T
3181 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3183 #else /* !LARGE_SMB_OFF_T */
3186 * Ensure we haven't been sent a >32 bit offset.
3189 if(IVAL(req->vwv+8, 0) != 0) {
3190 DEBUG(0,("reply_readbraw: large offset "
3191 "(%x << 32) used and we don't support "
3192 "64 bit offsets.\n",
3193 (unsigned int)IVAL(req->vwv+8, 0) ));
3194 reply_readbraw_error();
3195 END_PROFILE(SMBreadbraw);
3199 #endif /* LARGE_SMB_OFF_T */
3202 DEBUG(0,("reply_readbraw: negative 64 bit "
3203 "readraw offset (%.0f) !\n",
3204 (double)startpos ));
3205 reply_readbraw_error(sconn);
3206 END_PROFILE(SMBreadbraw);
3211 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3212 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3214 /* ensure we don't overrun the packet size */
3215 maxcount = MIN(65535,maxcount);
3217 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3218 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3221 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3222 reply_readbraw_error(sconn);
3223 END_PROFILE(SMBreadbraw);
3227 if (fsp_stat(fsp) == 0) {
3228 size = fsp->fsp_name->st.st_ex_size;
3231 if (startpos >= size) {
3234 nread = MIN(maxcount,(size - startpos));
3237 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3238 if (nread < mincount)
3242 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3243 "min=%lu nread=%lu\n",
3244 fsp->fnum, (double)startpos,
3245 (unsigned long)maxcount,
3246 (unsigned long)mincount,
3247 (unsigned long)nread ) );
3249 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3251 DEBUG(5,("reply_readbraw finished\n"));
3253 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3255 END_PROFILE(SMBreadbraw);
3260 #define DBGC_CLASS DBGC_LOCKING
3262 /****************************************************************************
3263 Reply to a lockread (core+ protocol).
3264 ****************************************************************************/
3266 void reply_lockread(struct smb_request *req)
3268 connection_struct *conn = req->conn;
3275 struct byte_range_lock *br_lck = NULL;
3277 struct smbd_server_connection *sconn = req->sconn;
3279 START_PROFILE(SMBlockread);
3282 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3283 END_PROFILE(SMBlockread);
3287 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3289 if (!check_fsp(conn, req, fsp)) {
3290 END_PROFILE(SMBlockread);
3294 if (!CHECK_READ(fsp,req)) {
3295 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3296 END_PROFILE(SMBlockread);
3300 numtoread = SVAL(req->vwv+1, 0);
3301 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3303 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3305 reply_outbuf(req, 5, numtoread + 3);
3307 data = smb_buf(req->outbuf) + 3;
3310 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3311 * protocol request that predates the read/write lock concept.
3312 * Thus instead of asking for a read lock here we need to ask
3313 * for a write lock. JRA.
3314 * Note that the requested lock size is unaffected by max_recv.
3317 br_lck = do_lock(req->sconn->msg_ctx,
3319 (uint64_t)req->smbpid,
3320 (uint64_t)numtoread,
3324 False, /* Non-blocking lock. */
3328 TALLOC_FREE(br_lck);
3330 if (NT_STATUS_V(status)) {
3331 reply_nterror(req, status);
3332 END_PROFILE(SMBlockread);
3337 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3340 if (numtoread > sconn->smb1.negprot.max_recv) {
3341 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3342 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3343 (unsigned int)numtoread,
3344 (unsigned int)sconn->smb1.negprot.max_recv));
3345 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3347 nread = read_file(fsp,data,startpos,numtoread);
3350 reply_nterror(req, map_nt_error_from_unix(errno));
3351 END_PROFILE(SMBlockread);
3355 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3357 SSVAL(req->outbuf,smb_vwv0,nread);
3358 SSVAL(req->outbuf,smb_vwv5,nread+3);
3359 p = smb_buf(req->outbuf);
3360 SCVAL(p,0,0); /* pad byte. */
3363 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3364 fsp->fnum, (int)numtoread, (int)nread));
3366 END_PROFILE(SMBlockread);
3371 #define DBGC_CLASS DBGC_ALL
3373 /****************************************************************************
3375 ****************************************************************************/
3377 void reply_read(struct smb_request *req)
3379 connection_struct *conn = req->conn;
3386 struct lock_struct lock;
3387 struct smbd_server_connection *sconn = req->sconn;
3389 START_PROFILE(SMBread);
3392 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3393 END_PROFILE(SMBread);
3397 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3399 if (!check_fsp(conn, req, fsp)) {
3400 END_PROFILE(SMBread);
3404 if (!CHECK_READ(fsp,req)) {
3405 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3406 END_PROFILE(SMBread);
3410 numtoread = SVAL(req->vwv+1, 0);
3411 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3413 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3416 * The requested read size cannot be greater than max_recv. JRA.
3418 if (numtoread > sconn->smb1.negprot.max_recv) {
3419 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3420 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3421 (unsigned int)numtoread,
3422 (unsigned int)sconn->smb1.negprot.max_recv));
3423 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3426 reply_outbuf(req, 5, numtoread+3);
3428 data = smb_buf(req->outbuf) + 3;
3430 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3431 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3434 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3435 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3436 END_PROFILE(SMBread);
3441 nread = read_file(fsp,data,startpos,numtoread);
3444 reply_nterror(req, map_nt_error_from_unix(errno));
3448 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3450 SSVAL(req->outbuf,smb_vwv0,nread);
3451 SSVAL(req->outbuf,smb_vwv5,nread+3);
3452 SCVAL(smb_buf(req->outbuf),0,1);
3453 SSVAL(smb_buf(req->outbuf),1,nread);
3455 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3456 fsp->fnum, (int)numtoread, (int)nread ) );
3459 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3461 END_PROFILE(SMBread);
3465 /****************************************************************************
3467 ****************************************************************************/
3469 static int setup_readX_header(struct smb_request *req, char *outbuf,
3475 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3476 data = smb_buf(outbuf);
3478 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3480 SCVAL(outbuf,smb_vwv0,0xFF);
3481 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3482 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3483 SSVAL(outbuf,smb_vwv6,
3485 + 1 /* the wct field */
3486 + 12 * sizeof(uint16_t) /* vwv */
3487 + 2); /* the buflen field */
3488 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3489 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3490 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3491 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3495 /****************************************************************************
3496 Reply to a read and X - possibly using sendfile.
3497 ****************************************************************************/
3499 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3500 files_struct *fsp, SMB_OFF_T startpos,
3504 struct lock_struct lock;
3505 int saved_errno = 0;
3507 if(fsp_stat(fsp) == -1) {
3508 reply_nterror(req, map_nt_error_from_unix(errno));
3512 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3513 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3516 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3517 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3521 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3522 (startpos > fsp->fsp_name->st.st_ex_size)
3523 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3525 * We already know that we would do a short read, so don't
3526 * try the sendfile() path.
3528 goto nosendfile_read;
3531 #if defined(WITH_SENDFILE)
3533 * We can only use sendfile on a non-chained packet
3534 * but we can use on a non-oplocked file. tridge proved this
3535 * on a train in Germany :-). JRA.
3538 if (!req_is_in_chain(req) &&
3539 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3540 (fsp->wcp == NULL) &&
3541 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3542 uint8 headerbuf[smb_size + 12 * 2];
3546 * Set up the packet header before send. We
3547 * assume here the sendfile will work (get the
3548 * correct amount of data).
3551 header = data_blob_const(headerbuf, sizeof(headerbuf));
3553 construct_reply_common_req(req, (char *)headerbuf);
3554 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3556 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3557 startpos, smb_maxcnt);
3559 /* Returning ENOSYS means no data at all was sent.
3560 Do this as a normal read. */
3561 if (errno == ENOSYS) {
3566 * Special hack for broken Linux with no working sendfile. If we
3567 * return EINTR we sent the header but not the rest of the data.
3568 * Fake this up by doing read/write calls.
3571 if (errno == EINTR) {
3572 /* Ensure we don't do this again. */
3573 set_use_sendfile(SNUM(conn), False);
3574 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3575 nread = fake_sendfile(fsp, startpos,
3578 DEBUG(0,("send_file_readX: "
3579 "fake_sendfile failed for "
3583 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3585 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3586 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3587 /* No outbuf here means successful sendfile. */
3591 DEBUG(0,("send_file_readX: sendfile failed for file "
3592 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3594 exit_server_cleanly("send_file_readX sendfile failed");
3595 } else if (nread == 0) {
3597 * Some sendfile implementations return 0 to indicate
3598 * that there was a short read, but nothing was
3599 * actually written to the socket. In this case,
3600 * fallback to the normal read path so the header gets
3601 * the correct byte count.
3603 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3604 "falling back to the normal read: %s\n",
3609 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3610 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3612 /* Deal with possible short send. */
3613 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3614 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3616 /* No outbuf here means successful sendfile. */
3617 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3618 SMB_PERFCOUNT_END(&req->pcd);
3626 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3627 uint8 headerbuf[smb_size + 2*12];
3629 construct_reply_common_req(req, (char *)headerbuf);
3630 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3632 /* Send out the header. */
3633 if (write_data(req->sconn->sock, (char *)headerbuf,
3634 sizeof(headerbuf)) != sizeof(headerbuf)) {
3636 char addr[INET6_ADDRSTRLEN];
3638 * Try and give an error message saying what
3641 DEBUG(0, ("write_data failed for client %s. "
3643 get_peer_addr(req->sconn->sock, addr,
3647 DEBUG(0,("send_file_readX: write_data failed for file "
3648 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3650 exit_server_cleanly("send_file_readX sendfile failed");
3652 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3654 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3655 "file %s (%s).\n", fsp_str_dbg(fsp),
3657 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3664 reply_outbuf(req, 12, smb_maxcnt);
3666 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3667 saved_errno = errno;
3669 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3672 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3676 setup_readX_header(req, (char *)req->outbuf, nread);
3678 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3679 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3685 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3686 TALLOC_FREE(req->outbuf);
3690 /****************************************************************************
3691 Reply to a read and X.
3692 ****************************************************************************/
3694 void reply_read_and_X(struct smb_request *req)
3696 connection_struct *conn = req->conn;
3700 bool big_readX = False;
3702 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3705 START_PROFILE(SMBreadX);
3707 if ((req->wct != 10) && (req->wct != 12)) {
3708 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3712 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3713 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3714 smb_maxcnt = SVAL(req->vwv+5, 0);
3716 /* If it's an IPC, pass off the pipe handler. */
3718 reply_pipe_read_and_X(req);
3719 END_PROFILE(SMBreadX);
3723 if (!check_fsp(conn, req, fsp)) {
3724 END_PROFILE(SMBreadX);
3728 if (!CHECK_READ(fsp,req)) {
3729 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3730 END_PROFILE(SMBreadX);
3734 if (global_client_caps & CAP_LARGE_READX) {
3735 size_t upper_size = SVAL(req->vwv+7, 0);
3736 smb_maxcnt |= (upper_size<<16);
3737 if (upper_size > 1) {
3738 /* Can't do this on a chained packet. */
3739 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3740 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3741 END_PROFILE(SMBreadX);
3744 /* We currently don't do this on signed or sealed data. */
3745 if (srv_is_signing_active(req->sconn) ||
3746 is_encrypted_packet(req->inbuf)) {
3747 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3748 END_PROFILE(SMBreadX);
3751 /* Is there room in the reply for this data ? */
3752 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3754 NT_STATUS_INVALID_PARAMETER);
3755 END_PROFILE(SMBreadX);
3762 if (req->wct == 12) {
3763 #ifdef LARGE_SMB_OFF_T
3765 * This is a large offset (64 bit) read.
3767 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3769 #else /* !LARGE_SMB_OFF_T */
3772 * Ensure we haven't been sent a >32 bit offset.
3775 if(IVAL(req->vwv+10, 0) != 0) {
3776 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3777 "used and we don't support 64 bit offsets.\n",
3778 (unsigned int)IVAL(req->vwv+10, 0) ));
3779 END_PROFILE(SMBreadX);
3780 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3784 #endif /* LARGE_SMB_OFF_T */
3789 NTSTATUS status = schedule_aio_read_and_X(conn,
3794 if (NT_STATUS_IS_OK(status)) {
3795 /* Read scheduled - we're done. */
3798 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3799 /* Real error - report to client. */
3800 END_PROFILE(SMBreadX);
3801 reply_nterror(req, status);
3804 /* NT_STATUS_RETRY - fall back to sync read. */
3807 smbd_lock_socket(req->sconn);
3808 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3809 smbd_unlock_socket(req->sconn);
3812 END_PROFILE(SMBreadX);
3816 /****************************************************************************
3817 Error replies to writebraw must have smb_wct == 1. Fix this up.
3818 ****************************************************************************/
3820 void error_to_writebrawerr(struct smb_request *req)
3822 uint8 *old_outbuf = req->outbuf;
3824 reply_outbuf(req, 1, 0);
3826 memcpy(req->outbuf, old_outbuf, smb_size);
3827 TALLOC_FREE(old_outbuf);
3830 /****************************************************************************
3831 Read 4 bytes of a smb packet and return the smb length of the packet.
3832 Store the result in the buffer. This version of the function will
3833 never return a session keepalive (length of zero).
3834 Timeout is in milliseconds.
3835 ****************************************************************************/
3837 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3840 uint8_t msgtype = SMBkeepalive;
3842 while (msgtype == SMBkeepalive) {
3845 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3847 if (!NT_STATUS_IS_OK(status)) {
3848 char addr[INET6_ADDRSTRLEN];
3849 /* Try and give an error message
3850 * saying what client failed. */
3851 DEBUG(0, ("read_fd_with_timeout failed for "
3852 "client %s read error = %s.\n",
3853 get_peer_addr(fd,addr,sizeof(addr)),
3854 nt_errstr(status)));
3858 msgtype = CVAL(inbuf, 0);
3861 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3862 (unsigned long)len));
3864 return NT_STATUS_OK;
3867 /****************************************************************************
3868 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3869 ****************************************************************************/
3871 void reply_writebraw(struct smb_request *req)
3873 connection_struct *conn = req->conn;
3876 ssize_t total_written=0;
3877 size_t numtowrite=0;
3883 struct lock_struct lock;
3886 START_PROFILE(SMBwritebraw);
3889 * If we ever reply with an error, it must have the SMB command
3890 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3893 SCVAL(req->inbuf,smb_com,SMBwritec);
3895 if (srv_is_signing_active(req->sconn)) {
3896 END_PROFILE(SMBwritebraw);
3897 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3898 "raw reads/writes are disallowed.");
3901 if (req->wct < 12) {
3902 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3903 error_to_writebrawerr(req);
3904 END_PROFILE(SMBwritebraw);
3908 if (req->sconn->smb1.echo_handler.trusted_fde) {
3909 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3910 "'async smb echo handler = yes'\n"));
3911 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3912 error_to_writebrawerr(req);
3913 END_PROFILE(SMBwritebraw);
3917 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3918 if (!check_fsp(conn, req, fsp)) {
3919 error_to_writebrawerr(req);
3920 END_PROFILE(SMBwritebraw);
3924 if (!CHECK_WRITE(fsp)) {
3925 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3926 error_to_writebrawerr(req);
3927 END_PROFILE(SMBwritebraw);
3931 tcount = IVAL(req->vwv+1, 0);
3932 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3933 write_through = BITSETW(req->vwv+7,0);
3935 /* We have to deal with slightly different formats depending
3936 on whether we are using the core+ or lanman1.0 protocol */
3938 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3939 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3940 data = smb_buf(req->inbuf);
3942 numtowrite = SVAL(req->vwv+10, 0);
3943 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3946 /* Ensure we don't write bytes past the end of this packet. */
3947 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3948 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3949 error_to_writebrawerr(req);
3950 END_PROFILE(SMBwritebraw);
3954 if (!fsp->print_file) {
3955 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3956 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3959 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3960 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3961 error_to_writebrawerr(req);
3962 END_PROFILE(SMBwritebraw);
3968 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3971 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3972 "wrote=%d sync=%d\n",
3973 fsp->fnum, (double)startpos, (int)numtowrite,
3974 (int)nwritten, (int)write_through));
3976 if (nwritten < (ssize_t)numtowrite) {
3977 reply_nterror(req, NT_STATUS_DISK_FULL);
3978 error_to_writebrawerr(req);
3982 total_written = nwritten;
3984 /* Allocate a buffer of 64k + length. */
3985 buf = TALLOC_ARRAY(NULL, char, 65540);
3987 reply_nterror(req, NT_STATUS_NO_MEMORY);
3988 error_to_writebrawerr(req);
3992 /* Return a SMBwritebraw message to the redirector to tell
3993 * it to send more bytes */
3995 memcpy(buf, req->inbuf, smb_size);
3996 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
3997 SCVAL(buf,smb_com,SMBwritebraw);
3998 SSVALS(buf,smb_vwv0,0xFFFF);
4000 if (!srv_send_smb(req->sconn,
4002 false, 0, /* no signing */
4003 IS_CONN_ENCRYPTED(conn),
4005 exit_server_cleanly("reply_writebraw: srv_send_smb "
4009 /* Now read the raw data into the buffer and write it */
4010 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4012 if (!NT_STATUS_IS_OK(status)) {
4013 exit_server_cleanly("secondary writebraw failed");
4016 /* Set up outbuf to return the correct size */
4017 reply_outbuf(req, 1, 0);
4019 if (numtowrite != 0) {
4021 if (numtowrite > 0xFFFF) {
4022 DEBUG(0,("reply_writebraw: Oversize secondary write "
4023 "raw requested (%u). Terminating\n",
4024 (unsigned int)numtowrite ));
4025 exit_server_cleanly("secondary writebraw failed");
4028 if (tcount > nwritten+numtowrite) {
4029 DEBUG(3,("reply_writebraw: Client overestimated the "
4031 (int)tcount,(int)nwritten,(int)numtowrite));
4034 status = read_data(req->sconn->sock, buf+4, numtowrite);
4036 if (!NT_STATUS_IS_OK(status)) {
4037 char addr[INET6_ADDRSTRLEN];
4038 /* Try and give an error message
4039 * saying what client failed. */
4040 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4041 "raw read failed (%s) for client %s. "
4042 "Terminating\n", nt_errstr(status),
4043 get_peer_addr(req->sconn->sock, addr,
4045 exit_server_cleanly("secondary writebraw failed");
4048 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4049 if (nwritten == -1) {
4051 reply_nterror(req, map_nt_error_from_unix(errno));
4052 error_to_writebrawerr(req);
4056 if (nwritten < (ssize_t)numtowrite) {
4057 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4058 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4062 total_written += nwritten;
4067 SSVAL(req->outbuf,smb_vwv0,total_written);
4069 status = sync_file(conn, fsp, write_through);
4070 if (!NT_STATUS_IS_OK(status)) {
4071 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4072 fsp_str_dbg(fsp), nt_errstr(status)));
4073 reply_nterror(req, status);
4074 error_to_writebrawerr(req);
4078 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4080 fsp->fnum, (double)startpos, (int)numtowrite,
4081 (int)total_written));
4083 if (!fsp->print_file) {
4084 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4087 /* We won't return a status if write through is not selected - this
4088 * follows what WfWg does */
4089 END_PROFILE(SMBwritebraw);
4091 if (!write_through && total_written==tcount) {
4093 #if RABBIT_PELLET_FIX
4095 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4096 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4099 if (!send_keepalive(req->sconn->sock)) {
4100 exit_server_cleanly("reply_writebraw: send of "
4101 "keepalive failed");
4104 TALLOC_FREE(req->outbuf);
4109 if (!fsp->print_file) {
4110 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4113 END_PROFILE(SMBwritebraw);
4118 #define DBGC_CLASS DBGC_LOCKING
4120 /****************************************************************************
4121 Reply to a writeunlock (core+).
4122 ****************************************************************************/
4124 void reply_writeunlock(struct smb_request *req)
4126 connection_struct *conn = req->conn;
4127 ssize_t nwritten = -1;
4131 NTSTATUS status = NT_STATUS_OK;
4133 struct lock_struct lock;
4134 int saved_errno = 0;
4136 START_PROFILE(SMBwriteunlock);
4139 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4140 END_PROFILE(SMBwriteunlock);
4144 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4146 if (!check_fsp(conn, req, fsp)) {
4147 END_PROFILE(SMBwriteunlock);
4151 if (!CHECK_WRITE(fsp)) {
4152 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4153 END_PROFILE(SMBwriteunlock);
4157 numtowrite = SVAL(req->vwv+1, 0);
4158 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4159 data = (const char *)req->buf + 3;
4161 if (!fsp->print_file && numtowrite > 0) {
4162 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4163 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4166 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4167 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4168 END_PROFILE(SMBwriteunlock);
4173 /* The special X/Open SMB protocol handling of
4174 zero length writes is *NOT* done for
4176 if(numtowrite == 0) {
4179 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4180 saved_errno = errno;
4183 status = sync_file(conn, fsp, False /* write through */);
4184 if (!NT_STATUS_IS_OK(status)) {
4185 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4186 fsp_str_dbg(fsp), nt_errstr(status)));
4187 reply_nterror(req, status);
4192 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4196 if((nwritten < numtowrite) && (numtowrite != 0)) {
4197 reply_nterror(req, NT_STATUS_DISK_FULL);
4201 if (numtowrite && !fsp->print_file) {
4202 status = do_unlock(req->sconn->msg_ctx,
4204 (uint64_t)req->smbpid,
4205 (uint64_t)numtowrite,
4209 if (NT_STATUS_V(status)) {
4210 reply_nterror(req, status);
4215 reply_outbuf(req, 1, 0);
4217 SSVAL(req->outbuf,smb_vwv0,nwritten);
4219 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4220 fsp->fnum, (int)numtowrite, (int)nwritten));
4223 if (numtowrite && !fsp->print_file) {
4224 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4227 END_PROFILE(SMBwriteunlock);
4232 #define DBGC_CLASS DBGC_ALL
4234 /****************************************************************************
4236 ****************************************************************************/
4238 void reply_write(struct smb_request *req)
4240 connection_struct *conn = req->conn;
4242 ssize_t nwritten = -1;
4246 struct lock_struct lock;
4248 int saved_errno = 0;
4250 START_PROFILE(SMBwrite);
4253 END_PROFILE(SMBwrite);
4254 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4258 /* If it's an IPC, pass off the pipe handler. */
4260 reply_pipe_write(req);
4261 END_PROFILE(SMBwrite);
4265 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4267 if (!check_fsp(conn, req, fsp)) {
4268 END_PROFILE(SMBwrite);
4272 if (!CHECK_WRITE(fsp)) {
4273 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4274 END_PROFILE(SMBwrite);
4278 numtowrite = SVAL(req->vwv+1, 0);
4279 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4280 data = (const char *)req->buf + 3;
4282 if (!fsp->print_file) {
4283 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4284 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4287 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4288 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4289 END_PROFILE(SMBwrite);
4295 * X/Open SMB protocol says that if smb_vwv1 is
4296 * zero then the file size should be extended or
4297 * truncated to the size given in smb_vwv[2-3].
4300 if(numtowrite == 0) {
4302 * This is actually an allocate call, and set EOF. JRA.
4304 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4306 reply_nterror(req, NT_STATUS_DISK_FULL);
4309 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4311 reply_nterror(req, NT_STATUS_DISK_FULL);
4314 trigger_write_time_update_immediate(fsp);
4316 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4319 status = sync_file(conn, fsp, False);
4320 if (!NT_STATUS_IS_OK(status)) {
4321 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4322 fsp_str_dbg(fsp), nt_errstr(status)));
4323 reply_nterror(req, status);
4328 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4332 if((nwritten == 0) && (numtowrite != 0)) {
4333 reply_nterror(req, NT_STATUS_DISK_FULL);
4337 reply_outbuf(req, 1, 0);
4339 SSVAL(req->outbuf,smb_vwv0,nwritten);
4341 if (nwritten < (ssize_t)numtowrite) {
4342 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4343 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4346 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4349 if (!fsp->print_file) {
4350 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4353 END_PROFILE(SMBwrite);
4357 /****************************************************************************
4358 Ensure a buffer is a valid writeX for recvfile purposes.
4359 ****************************************************************************/
4361 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4362 (2*14) + /* word count (including bcc) */ \
4365 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4366 const uint8_t *inbuf)
4369 connection_struct *conn = NULL;
4370 unsigned int doff = 0;
4371 size_t len = smb_len_large(inbuf);
4373 if (is_encrypted_packet(inbuf)) {
4374 /* Can't do this on encrypted
4379 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4383 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4384 CVAL(inbuf,smb_wct) != 14) {
4385 DEBUG(10,("is_valid_writeX_buffer: chained or "
4386 "invalid word length.\n"));
4390 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4392 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4396 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4399 if (IS_PRINT(conn)) {
4400 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4403 doff = SVAL(inbuf,smb_vwv11);
4405 numtowrite = SVAL(inbuf,smb_vwv10);
4407 if (len > doff && len - doff > 0xFFFF) {
4408 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4411 if (numtowrite == 0) {
4412 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4416 /* Ensure the sizes match up. */
4417 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4418 /* no pad byte...old smbclient :-( */
4419 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4421 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4425 if (len - doff != numtowrite) {
4426 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4427 "len = %u, doff = %u, numtowrite = %u\n",
4430 (unsigned int)numtowrite ));
4434 DEBUG(10,("is_valid_writeX_buffer: true "
4435 "len = %u, doff = %u, numtowrite = %u\n",
4438 (unsigned int)numtowrite ));
4443 /****************************************************************************
4444 Reply to a write and X.
4445 ****************************************************************************/
4447 void reply_write_and_X(struct smb_request *req)
4449 connection_struct *conn = req->conn;
4451 struct lock_struct lock;
4456 unsigned int smb_doff;
4457 unsigned int smblen;
4460 int saved_errno = 0;
4462 START_PROFILE(SMBwriteX);
4464 if ((req->wct != 12) && (req->wct != 14)) {
4465 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4466 END_PROFILE(SMBwriteX);
4470 numtowrite = SVAL(req->vwv+10, 0);
4471 smb_doff = SVAL(req->vwv+11, 0);
4472 smblen = smb_len(req->inbuf);
4474 if (req->unread_bytes > 0xFFFF ||
4475 (smblen > smb_doff &&
4476 smblen - smb_doff > 0xFFFF)) {
4477 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4480 if (req->unread_bytes) {
4481 /* Can't do a recvfile write on IPC$ */
4483 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4484 END_PROFILE(SMBwriteX);
4487 if (numtowrite != req->unread_bytes) {
4488 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4489 END_PROFILE(SMBwriteX);
4493 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4494 smb_doff + numtowrite > smblen) {
4495 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4496 END_PROFILE(SMBwriteX);
4501 /* If it's an IPC, pass off the pipe handler. */
4503 if (req->unread_bytes) {
4504 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4505 END_PROFILE(SMBwriteX);
4508 reply_pipe_write_and_X(req);
4509 END_PROFILE(SMBwriteX);
4513 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4514 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4515 write_through = BITSETW(req->vwv+7,0);
4517 if (!check_fsp(conn, req, fsp)) {
4518 END_PROFILE(SMBwriteX);
4522 if (!CHECK_WRITE(fsp)) {
4523 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4524 END_PROFILE(SMBwriteX);
4528 data = smb_base(req->inbuf) + smb_doff;
4530 if(req->wct == 14) {
4531 #ifdef LARGE_SMB_OFF_T
4533 * This is a large offset (64 bit) write.
4535 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4537 #else /* !LARGE_SMB_OFF_T */
4540 * Ensure we haven't been sent a >32 bit offset.
4543 if(IVAL(req->vwv+12, 0) != 0) {
4544 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4545 "used and we don't support 64 bit offsets.\n",
4546 (unsigned int)IVAL(req->vwv+12, 0) ));
4547 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4548 END_PROFILE(SMBwriteX);
4552 #endif /* LARGE_SMB_OFF_T */
4555 /* X/Open SMB protocol says that, unlike SMBwrite
4556 if the length is zero then NO truncation is
4557 done, just a write of zero. To truncate a file,
4560 if(numtowrite == 0) {
4563 if (req->unread_bytes == 0) {
4564 status = schedule_aio_write_and_X(conn,
4571 if (NT_STATUS_IS_OK(status)) {
4572 /* write scheduled - we're done. */
4575 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4576 /* Real error - report to client. */
4577 reply_nterror(req, status);
4580 /* NT_STATUS_RETRY - fall through to sync write. */
4583 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4584 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4587 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4588 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4592 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4593 saved_errno = errno;
4595 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4599 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4603 if((nwritten == 0) && (numtowrite != 0)) {
4604 reply_nterror(req, NT_STATUS_DISK_FULL);
4608 reply_outbuf(req, 6, 0);
4609 SSVAL(req->outbuf,smb_vwv2,nwritten);
4610 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4612 if (nwritten < (ssize_t)numtowrite) {
4613 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4614 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4617 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4618 fsp->fnum, (int)numtowrite, (int)nwritten));
4620 status = sync_file(conn, fsp, write_through);
4621 if (!NT_STATUS_IS_OK(status)) {
4622 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4623 fsp_str_dbg(fsp), nt_errstr(status)));
4624 reply_nterror(req, status);
4628 END_PROFILE(SMBwriteX);
4633 END_PROFILE(SMBwriteX);
4637 /****************************************************************************
4639 ****************************************************************************/
4641 void reply_lseek(struct smb_request *req)
4643 connection_struct *conn = req->conn;
4649 START_PROFILE(SMBlseek);
4652 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4653 END_PROFILE(SMBlseek);
4657 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4659 if (!check_fsp(conn, req, fsp)) {
4663 flush_write_cache(fsp, SEEK_FLUSH);
4665 mode = SVAL(req->vwv+1, 0) & 3;
4666 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4667 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4676 res = fsp->fh->pos + startpos;
4687 if (umode == SEEK_END) {
4688 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4689 if(errno == EINVAL) {
4690 SMB_OFF_T current_pos = startpos;
4692 if(fsp_stat(fsp) == -1) {
4694 map_nt_error_from_unix(errno));
4695 END_PROFILE(SMBlseek);
4699 current_pos += fsp->fsp_name->st.st_ex_size;
4701 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4706 reply_nterror(req, map_nt_error_from_unix(errno));
4707 END_PROFILE(SMBlseek);
4714 reply_outbuf(req, 2, 0);
4715 SIVAL(req->outbuf,smb_vwv0,res);
4717 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4718 fsp->fnum, (double)startpos, (double)res, mode));
4720 END_PROFILE(SMBlseek);
4724 /****************************************************************************
4726 ****************************************************************************/
4728 void reply_flush(struct smb_request *req)
4730 connection_struct *conn = req->conn;
4734 START_PROFILE(SMBflush);
4737 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4741 fnum = SVAL(req->vwv+0, 0);
4742 fsp = file_fsp(req, fnum);
4744 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4749 file_sync_all(conn);
4751 NTSTATUS status = sync_file(conn, fsp, True);
4752 if (!NT_STATUS_IS_OK(status)) {
4753 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4754 fsp_str_dbg(fsp), nt_errstr(status)));
4755 reply_nterror(req, status);
4756 END_PROFILE(SMBflush);
4761 reply_outbuf(req, 0, 0);
4763 DEBUG(3,("flush\n"));
4764 END_PROFILE(SMBflush);
4768 /****************************************************************************
4770 conn POINTER CAN BE NULL HERE !
4771 ****************************************************************************/
4773 void reply_exit(struct smb_request *req)
4775 START_PROFILE(SMBexit);
4777 file_close_pid(req->sconn, req->smbpid, req->vuid);
4779 reply_outbuf(req, 0, 0);
4781 DEBUG(3,("exit\n"));
4783 END_PROFILE(SMBexit);
4787 /****************************************************************************
4788 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4789 ****************************************************************************/
4791 void reply_close(struct smb_request *req)
4793 connection_struct *conn = req->conn;
4794 NTSTATUS status = NT_STATUS_OK;
4795 files_struct *fsp = NULL;
4796 START_PROFILE(SMBclose);
4799 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4800 END_PROFILE(SMBclose);
4804 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4807 * We can only use check_fsp if we know it's not a directory.
4810 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4811 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4812 END_PROFILE(SMBclose);
4816 if(fsp->is_directory) {
4818 * Special case - close NT SMB directory handle.
4820 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4821 status = close_file(req, fsp, NORMAL_CLOSE);
4825 * Close ordinary file.
4828 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4829 fsp->fh->fd, fsp->fnum,
4830 conn->num_files_open));
4833 * Take care of any time sent in the close.
4836 t = srv_make_unix_date3(req->vwv+1);
4837 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4840 * close_file() returns the unix errno if an error
4841 * was detected on close - normally this is due to
4842 * a disk full error. If not then it was probably an I/O error.
4845 status = close_file(req, fsp, NORMAL_CLOSE);
4848 if (!NT_STATUS_IS_OK(status)) {
4849 reply_nterror(req, status);
4850 END_PROFILE(SMBclose);
4854 reply_outbuf(req, 0, 0);
4855 END_PROFILE(SMBclose);
4859 /****************************************************************************
4860 Reply to a writeclose (Core+ protocol).
4861 ****************************************************************************/
4863 void reply_writeclose(struct smb_request *req)
4865 connection_struct *conn = req->conn;
4867 ssize_t nwritten = -1;
4868 NTSTATUS close_status = NT_STATUS_OK;
4871 struct timespec mtime;
4873 struct lock_struct lock;
4875 START_PROFILE(SMBwriteclose);
4878 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4879 END_PROFILE(SMBwriteclose);
4883 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4885 if (!check_fsp(conn, req, fsp)) {
4886 END_PROFILE(SMBwriteclose);
4889 if (!CHECK_WRITE(fsp)) {
4890 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4891 END_PROFILE(SMBwriteclose);
4895 numtowrite = SVAL(req->vwv+1, 0);
4896 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4897 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4898 data = (const char *)req->buf + 1;
4900 if (!fsp->print_file) {
4901 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4902 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4905 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4906 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4907 END_PROFILE(SMBwriteclose);
4912 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4914 set_close_write_time(fsp, mtime);
4917 * More insanity. W2K only closes the file if writelen > 0.
4922 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4923 "file %s\n", fsp_str_dbg(fsp)));
4924 close_status = close_file(req, fsp, NORMAL_CLOSE);
4927 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4928 fsp->fnum, (int)numtowrite, (int)nwritten,
4929 conn->num_files_open));
4931 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4932 reply_nterror(req, NT_STATUS_DISK_FULL);
4936 if(!NT_STATUS_IS_OK(close_status)) {
4937 reply_nterror(req, close_status);
4941 reply_outbuf(req, 1, 0);
4943 SSVAL(req->outbuf,smb_vwv0,nwritten);
4946 if (numtowrite && !fsp->print_file) {
4947 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4950 END_PROFILE(SMBwriteclose);
4955 #define DBGC_CLASS DBGC_LOCKING
4957 /****************************************************************************
4959 ****************************************************************************/
4961 void reply_lock(struct smb_request *req)
4963 connection_struct *conn = req->conn;
4964 uint64_t count,offset;
4967 struct byte_range_lock *br_lck = NULL;
4969 START_PROFILE(SMBlock);
4972 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4973 END_PROFILE(SMBlock);
4977 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4979 if (!check_fsp(conn, req, fsp)) {
4980 END_PROFILE(SMBlock);
4984 count = (uint64_t)IVAL(req->vwv+1, 0);
4985 offset = (uint64_t)IVAL(req->vwv+3, 0);
4987 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4988 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4990 br_lck = do_lock(req->sconn->msg_ctx,
4992 (uint64_t)req->smbpid,
4997 False, /* Non-blocking lock. */
5002 TALLOC_FREE(br_lck);
5004 if (NT_STATUS_V(status)) {
5005 reply_nterror(req, status);
5006 END_PROFILE(SMBlock);
5010 reply_outbuf(req, 0, 0);
5012 END_PROFILE(SMBlock);
5016 /****************************************************************************
5018 ****************************************************************************/
5020 void reply_unlock(struct smb_request *req)
5022 connection_struct *conn = req->conn;
5023 uint64_t count,offset;
5027 START_PROFILE(SMBunlock);
5030 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5031 END_PROFILE(SMBunlock);
5035 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5037 if (!check_fsp(conn, req, fsp)) {
5038 END_PROFILE(SMBunlock);
5042 count = (uint64_t)IVAL(req->vwv+1, 0);
5043 offset = (uint64_t)IVAL(req->vwv+3, 0);
5045 status = do_unlock(req->sconn->msg_ctx,
5047 (uint64_t)req->smbpid,
5052 if (NT_STATUS_V(status)) {
5053 reply_nterror(req, status);
5054 END_PROFILE(SMBunlock);
5058 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5059 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5061 reply_outbuf(req, 0, 0);
5063 END_PROFILE(SMBunlock);
5068 #define DBGC_CLASS DBGC_ALL
5070 /****************************************************************************
5072 conn POINTER CAN BE NULL HERE !
5073 ****************************************************************************/
5075 void reply_tdis(struct smb_request *req)
5077 connection_struct *conn = req->conn;
5078 START_PROFILE(SMBtdis);
5081 DEBUG(4,("Invalid connection in tdis\n"));
5082 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5083 END_PROFILE(SMBtdis);
5089 close_cnum(conn,req->vuid);
5092 reply_outbuf(req, 0, 0);
5093 END_PROFILE(SMBtdis);
5097 /****************************************************************************
5099 conn POINTER CAN BE NULL HERE !
5100 ****************************************************************************/
5102 void reply_echo(struct smb_request *req)
5104 connection_struct *conn = req->conn;
5105 struct smb_perfcount_data local_pcd;
5106 struct smb_perfcount_data *cur_pcd;
5110 START_PROFILE(SMBecho);
5112 smb_init_perfcount_data(&local_pcd);
5115 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5116 END_PROFILE(SMBecho);
5120 smb_reverb = SVAL(req->vwv+0, 0);
5122 reply_outbuf(req, 1, req->buflen);
5124 /* copy any incoming data back out */
5125 if (req->buflen > 0) {
5126 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5129 if (smb_reverb > 100) {
5130 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5134 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5136 /* this makes sure we catch the request pcd */
5137 if (seq_num == smb_reverb) {
5138 cur_pcd = &req->pcd;
5140 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5141 cur_pcd = &local_pcd;
5144 SSVAL(req->outbuf,smb_vwv0,seq_num);
5146 show_msg((char *)req->outbuf);
5147 if (!srv_send_smb(req->sconn,
5148 (char *)req->outbuf,
5149 true, req->seqnum+1,
5150 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5152 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5155 DEBUG(3,("echo %d times\n", smb_reverb));
5157 TALLOC_FREE(req->outbuf);
5159 END_PROFILE(SMBecho);
5163 /****************************************************************************
5164 Reply to a printopen.
5165 ****************************************************************************/
5167 void reply_printopen(struct smb_request *req)
5169 connection_struct *conn = req->conn;
5173 START_PROFILE(SMBsplopen);
5176 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5177 END_PROFILE(SMBsplopen);
5181 if (!CAN_PRINT(conn)) {
5182 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5183 END_PROFILE(SMBsplopen);
5187 status = file_new(req, conn, &fsp);
5188 if(!NT_STATUS_IS_OK(status)) {
5189 reply_nterror(req, status);
5190 END_PROFILE(SMBsplopen);
5194 /* Open for exclusive use, write only. */
5195 status = print_spool_open(fsp, NULL, req->vuid);
5197 if (!NT_STATUS_IS_OK(status)) {
5198 file_free(req, fsp);
5199 reply_nterror(req, status);
5200 END_PROFILE(SMBsplopen);
5204 reply_outbuf(req, 1, 0);
5205 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5207 DEBUG(3,("openprint fd=%d fnum=%d\n",
5208 fsp->fh->fd, fsp->fnum));
5210 END_PROFILE(SMBsplopen);
5214 /****************************************************************************
5215 Reply to a printclose.
5216 ****************************************************************************/
5218 void reply_printclose(struct smb_request *req)
5220 connection_struct *conn = req->conn;
5224 START_PROFILE(SMBsplclose);
5227 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5228 END_PROFILE(SMBsplclose);
5232 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5234 if (!check_fsp(conn, req, fsp)) {
5235 END_PROFILE(SMBsplclose);
5239 if (!CAN_PRINT(conn)) {
5240 reply_force_doserror(req, ERRSRV, ERRerror);
5241 END_PROFILE(SMBsplclose);
5245 DEBUG(3,("printclose fd=%d fnum=%d\n",
5246 fsp->fh->fd,fsp->fnum));
5248 status = close_file(req, fsp, NORMAL_CLOSE);
5250 if(!NT_STATUS_IS_OK(status)) {
5251 reply_nterror(req, status);
5252 END_PROFILE(SMBsplclose);
5256 reply_outbuf(req, 0, 0);
5258 END_PROFILE(SMBsplclose);
5262 /****************************************************************************
5263 Reply to a printqueue.
5264 ****************************************************************************/
5266 void reply_printqueue(struct smb_request *req)
5268 connection_struct *conn = req->conn;
5272 START_PROFILE(SMBsplretq);
5275 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5276 END_PROFILE(SMBsplretq);
5280 max_count = SVAL(req->vwv+0, 0);
5281 start_index = SVAL(req->vwv+1, 0);
5283 /* we used to allow the client to get the cnum wrong, but that
5284 is really quite gross and only worked when there was only
5285 one printer - I think we should now only accept it if they
5286 get it right (tridge) */
5287 if (!CAN_PRINT(conn)) {
5288 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5289 END_PROFILE(SMBsplretq);
5293 reply_outbuf(req, 2, 3);
5294 SSVAL(req->outbuf,smb_vwv0,0);
5295 SSVAL(req->outbuf,smb_vwv1,0);
5296 SCVAL(smb_buf(req->outbuf),0,1);
5297 SSVAL(smb_buf(req->outbuf),1,0);
5299 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5300 start_index, max_count));
5303 TALLOC_CTX *mem_ctx = talloc_tos();
5306 const char *sharename = lp_servicename(SNUM(conn));
5307 struct rpc_pipe_client *cli = NULL;
5308 struct policy_handle handle;
5309 struct spoolss_DevmodeContainer devmode_ctr;
5310 union spoolss_JobInfo *info;
5312 uint32_t num_to_get;
5316 ZERO_STRUCT(handle);
5318 status = rpc_pipe_open_interface(conn,
5319 &ndr_table_spoolss.syntax_id,
5321 &conn->sconn->client_id,
5322 conn->sconn->msg_ctx,
5324 if (!NT_STATUS_IS_OK(status)) {
5325 DEBUG(0, ("reply_printqueue: "
5326 "could not connect to spoolss: %s\n",
5327 nt_errstr(status)));
5328 reply_nterror(req, status);
5332 ZERO_STRUCT(devmode_ctr);
5334 status = rpccli_spoolss_OpenPrinter(cli, mem_ctx,
5337 SEC_FLAG_MAXIMUM_ALLOWED,
5340 if (!NT_STATUS_IS_OK(status)) {
5341 reply_nterror(req, status);
5344 if (!W_ERROR_IS_OK(werr)) {
5345 reply_nterror(req, werror_to_ntstatus(werr));
5349 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5357 if (!W_ERROR_IS_OK(werr)) {
5358 reply_nterror(req, werror_to_ntstatus(werr));
5362 if (max_count > 0) {
5363 first = start_index;
5365 first = start_index + max_count + 1;
5368 if (first >= count) {
5371 num_to_get = first + MIN(ABS(max_count), count - first);
5374 for (i = first; i < num_to_get; i++) {
5377 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5379 uint16_t qrapjobid = pjobid_to_rap(sharename,
5380 info[i].info2.job_id);
5382 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5388 srv_put_dos_date2(p, 0, qtime);
5389 SCVAL(p, 4, qstatus);
5390 SSVAL(p, 5, qrapjobid);
5391 SIVAL(p, 7, info[i].info2.size);
5393 srvstr_push(blob, req->flags2, p+12,
5394 info[i].info2.notify_name, 16, STR_ASCII);
5396 if (message_push_blob(
5399 blob, sizeof(blob))) == -1) {
5400 reply_nterror(req, NT_STATUS_NO_MEMORY);
5406 SSVAL(req->outbuf,smb_vwv0,count);
5407 SSVAL(req->outbuf,smb_vwv1,
5408 (max_count>0?first+count:first-1));
5409 SCVAL(smb_buf(req->outbuf),0,1);
5410 SSVAL(smb_buf(req->outbuf),1,28*count);
5414 DEBUG(3, ("%u entries returned in queue\n",
5418 if (cli && is_valid_policy_hnd(&handle)) {
5419 rpccli_spoolss_ClosePrinter(cli, mem_ctx, &handle, NULL);
5424 END_PROFILE(SMBsplretq);
5428 /****************************************************************************
5429 Reply to a printwrite.
5430 ****************************************************************************/
5432 void reply_printwrite(struct smb_request *req)
5434 connection_struct *conn = req->conn;
5439 START_PROFILE(SMBsplwr);
5442 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5443 END_PROFILE(SMBsplwr);
5447 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5449 if (!check_fsp(conn, req, fsp)) {
5450 END_PROFILE(SMBsplwr);
5454 if (!fsp->print_file) {
5455 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5456 END_PROFILE(SMBsplwr);
5460 if (!CHECK_WRITE(fsp)) {
5461 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5462 END_PROFILE(SMBsplwr);
5466 numtowrite = SVAL(req->buf, 1);
5468 if (req->buflen < numtowrite + 3) {
5469 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5470 END_PROFILE(SMBsplwr);
5474 data = (const char *)req->buf + 3;
5476 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5477 reply_nterror(req, map_nt_error_from_unix(errno));
5478 END_PROFILE(SMBsplwr);
5482 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5484 END_PROFILE(SMBsplwr);
5488 /****************************************************************************
5490 ****************************************************************************/
5492 void reply_mkdir(struct smb_request *req)
5494 connection_struct *conn = req->conn;
5495 struct smb_filename *smb_dname = NULL;
5496 char *directory = NULL;
5498 TALLOC_CTX *ctx = talloc_tos();
5500 START_PROFILE(SMBmkdir);
5502 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5503 STR_TERMINATE, &status);
5504 if (!NT_STATUS_IS_OK(status)) {
5505 reply_nterror(req, status);
5509 status = filename_convert(ctx, conn,
5510 req->flags2 & FLAGS2_DFS_PATHNAMES,
5515 if (!NT_STATUS_IS_OK(status)) {
5516 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5517 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5518 ERRSRV, ERRbadpath);
5521 reply_nterror(req, status);
5525 status = create_directory(conn, req, smb_dname);
5527 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5529 if (!NT_STATUS_IS_OK(status)) {
5531 if (!use_nt_status()
5532 && NT_STATUS_EQUAL(status,
5533 NT_STATUS_OBJECT_NAME_COLLISION)) {
5535 * Yes, in the DOS error code case we get a
5536 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5537 * samba4 torture test.
5539 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5542 reply_nterror(req, status);
5546 reply_outbuf(req, 0, 0);
5548 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5550 TALLOC_FREE(smb_dname);
5551 END_PROFILE(SMBmkdir);
5555 /****************************************************************************
5557 ****************************************************************************/
5559 void reply_rmdir(struct smb_request *req)
5561 connection_struct *conn = req->conn;
5562 struct smb_filename *smb_dname = NULL;
5563 char *directory = NULL;
5565 TALLOC_CTX *ctx = talloc_tos();
5566 files_struct *fsp = NULL;
5568 struct smbd_server_connection *sconn = req->sconn;
5570 START_PROFILE(SMBrmdir);
5572 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5573 STR_TERMINATE, &status);
5574 if (!NT_STATUS_IS_OK(status)) {
5575 reply_nterror(req, status);
5579 status = filename_convert(ctx, conn,
5580 req->flags2 & FLAGS2_DFS_PATHNAMES,
5585 if (!NT_STATUS_IS_OK(status)) {
5586 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5587 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5588 ERRSRV, ERRbadpath);
5591 reply_nterror(req, status);
5595 if (is_ntfs_stream_smb_fname(smb_dname)) {
5596 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5600 status = SMB_VFS_CREATE_FILE(
5603 0, /* root_dir_fid */
5604 smb_dname, /* fname */
5605 DELETE_ACCESS, /* access_mask */
5606 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5608 FILE_OPEN, /* create_disposition*/
5609 FILE_DIRECTORY_FILE, /* create_options */
5610 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5611 0, /* oplock_request */
5612 0, /* allocation_size */
5613 0, /* private_flags */
5619 if (!NT_STATUS_IS_OK(status)) {
5620 if (open_was_deferred(req->mid)) {
5621 /* We have re-scheduled this call. */
5624 reply_nterror(req, status);
5628 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5629 if (!NT_STATUS_IS_OK(status)) {
5630 close_file(req, fsp, ERROR_CLOSE);
5631 reply_nterror(req, status);
5635 if (!set_delete_on_close(fsp, true, &conn->server_info->utok)) {
5636 close_file(req, fsp, ERROR_CLOSE);
5637 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5641 status = close_file(req, fsp, NORMAL_CLOSE);
5642 if (!NT_STATUS_IS_OK(status)) {
5643 reply_nterror(req, status);
5645 reply_outbuf(req, 0, 0);
5648 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5650 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5652 TALLOC_FREE(smb_dname);
5653 END_PROFILE(SMBrmdir);
5657 /*******************************************************************
5658 Resolve wildcards in a filename rename.
5659 ********************************************************************/
5661 static bool resolve_wildcards(TALLOC_CTX *ctx,
5666 char *name2_copy = NULL;
5671 char *p,*p2, *pname1, *pname2;
5673 name2_copy = talloc_strdup(ctx, name2);
5678 pname1 = strrchr_m(name1,'/');
5679 pname2 = strrchr_m(name2_copy,'/');
5681 if (!pname1 || !pname2) {
5685 /* Truncate the copy of name2 at the last '/' */
5688 /* Now go past the '/' */
5692 root1 = talloc_strdup(ctx, pname1);
5693 root2 = talloc_strdup(ctx, pname2);
5695 if (!root1 || !root2) {
5699 p = strrchr_m(root1,'.');
5702 ext1 = talloc_strdup(ctx, p+1);
5704 ext1 = talloc_strdup(ctx, "");
5706 p = strrchr_m(root2,'.');
5709 ext2 = talloc_strdup(ctx, p+1);
5711 ext2 = talloc_strdup(ctx, "");
5714 if (!ext1 || !ext2) {
5722 /* Hmmm. Should this be mb-aware ? */
5725 } else if (*p2 == '*') {
5727 root2 = talloc_asprintf(ctx, "%s%s",
5746 /* Hmmm. Should this be mb-aware ? */
5749 } else if (*p2 == '*') {
5751 ext2 = talloc_asprintf(ctx, "%s%s",
5767 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5772 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5784 /****************************************************************************
5785 Ensure open files have their names updated. Updated to notify other smbd's
5787 ****************************************************************************/
5789 static void rename_open_files(connection_struct *conn,
5790 struct share_mode_lock *lck,
5791 const struct smb_filename *smb_fname_dst)
5794 bool did_rename = False;
5797 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5798 fsp = file_find_di_next(fsp)) {
5799 /* fsp_name is a relative path under the fsp. To change this for other
5800 sharepaths we need to manipulate relative paths. */
5801 /* TODO - create the absolute path and manipulate the newname
5802 relative to the sharepath. */
5803 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5806 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5807 "(file_id %s) from %s -> %s\n", fsp->fnum,
5808 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5809 smb_fname_str_dbg(smb_fname_dst)));
5811 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5812 if (NT_STATUS_IS_OK(status)) {
5818 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5819 "for %s\n", file_id_string_tos(&lck->id),
5820 smb_fname_str_dbg(smb_fname_dst)));
5823 /* Send messages to all smbd's (not ourself) that the name has changed. */
5824 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5829 /****************************************************************************
5830 We need to check if the source path is a parent directory of the destination
5831 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5832 refuse the rename with a sharing violation. Under UNIX the above call can
5833 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5834 probably need to check that the client is a Windows one before disallowing
5835 this as a UNIX client (one with UNIX extensions) can know the source is a
5836 symlink and make this decision intelligently. Found by an excellent bug
5837 report from <AndyLiebman@aol.com>.
5838 ****************************************************************************/
5840 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5841 const struct smb_filename *smb_fname_dst)
5843 const char *psrc = smb_fname_src->base_name;
5844 const char *pdst = smb_fname_dst->base_name;
5847 if (psrc[0] == '.' && psrc[1] == '/') {
5850 if (pdst[0] == '.' && pdst[1] == '/') {
5853 if ((slen = strlen(psrc)) > strlen(pdst)) {
5856 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5860 * Do the notify calls from a rename
5863 static void notify_rename(connection_struct *conn, bool is_dir,
5864 const struct smb_filename *smb_fname_src,
5865 const struct smb_filename *smb_fname_dst)
5867 char *parent_dir_src = NULL;
5868 char *parent_dir_dst = NULL;
5871 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5872 : FILE_NOTIFY_CHANGE_FILE_NAME;
5874 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5875 &parent_dir_src, NULL) ||
5876 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5877 &parent_dir_dst, NULL)) {
5881 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5882 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5883 smb_fname_src->base_name);
5884 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5885 smb_fname_dst->base_name);
5888 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5889 smb_fname_src->base_name);
5890 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5891 smb_fname_dst->base_name);
5894 /* this is a strange one. w2k3 gives an additional event for
5895 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5896 files, but not directories */
5898 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5899 FILE_NOTIFY_CHANGE_ATTRIBUTES
5900 |FILE_NOTIFY_CHANGE_CREATION,
5901 smb_fname_dst->base_name);
5904 TALLOC_FREE(parent_dir_src);
5905 TALLOC_FREE(parent_dir_dst);
5908 /****************************************************************************
5909 Rename an open file - given an fsp.
5910 ****************************************************************************/
5912 NTSTATUS rename_internals_fsp(connection_struct *conn,
5914 const struct smb_filename *smb_fname_dst_in,
5916 bool replace_if_exists)
5918 TALLOC_CTX *ctx = talloc_tos();
5919 struct smb_filename *smb_fname_dst = NULL;
5920 NTSTATUS status = NT_STATUS_OK;
5921 struct share_mode_lock *lck = NULL;
5922 bool dst_exists, old_is_stream, new_is_stream;
5924 status = check_name(conn, smb_fname_dst_in->base_name);
5925 if (!NT_STATUS_IS_OK(status)) {
5929 /* Make a copy of the dst smb_fname structs */
5931 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5932 if (!NT_STATUS_IS_OK(status)) {
5936 /* Ensure the dst smb_fname contains a '/' */
5937 if(strrchr_m(smb_fname_dst->base_name,'/') == 0) {
5939 tmp = talloc_asprintf(smb_fname_dst, "./%s",
5940 smb_fname_dst->base_name);
5942 status = NT_STATUS_NO_MEMORY;
5945 TALLOC_FREE(smb_fname_dst->base_name);
5946 smb_fname_dst->base_name = tmp;
5950 * Check for special case with case preserving and not
5951 * case sensitive. If the old last component differs from the original
5952 * last component only by case, then we should allow
5953 * the rename (user is trying to change the case of the
5956 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5957 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5958 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5960 char *fname_dst_lcomp_base_mod = NULL;
5961 struct smb_filename *smb_fname_orig_lcomp = NULL;
5964 * Get the last component of the destination name. Note that
5965 * we guarantee that destination name contains a '/' character
5968 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5969 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5970 if (!fname_dst_lcomp_base_mod) {
5971 status = NT_STATUS_NO_MEMORY;
5976 * Create an smb_filename struct using the original last
5977 * component of the destination.
5979 status = create_synthetic_smb_fname_split(ctx,
5980 smb_fname_dst->original_lcomp, NULL,
5981 &smb_fname_orig_lcomp);
5982 if (!NT_STATUS_IS_OK(status)) {
5983 TALLOC_FREE(fname_dst_lcomp_base_mod);
5987 /* If the base names only differ by case, use original. */
5988 if(!strcsequal(fname_dst_lcomp_base_mod,
5989 smb_fname_orig_lcomp->base_name)) {
5992 * Replace the modified last component with the
5995 *last_slash = '\0'; /* Truncate at the '/' */
5996 tmp = talloc_asprintf(smb_fname_dst,
5998 smb_fname_dst->base_name,
5999 smb_fname_orig_lcomp->base_name);
6001 status = NT_STATUS_NO_MEMORY;
6002 TALLOC_FREE(fname_dst_lcomp_base_mod);
6003 TALLOC_FREE(smb_fname_orig_lcomp);
6006 TALLOC_FREE(smb_fname_dst->base_name);
6007 smb_fname_dst->base_name = tmp;
6010 /* If the stream_names only differ by case, use original. */
6011 if(!strcsequal(smb_fname_dst->stream_name,
6012 smb_fname_orig_lcomp->stream_name)) {
6014 /* Use the original stream. */
6015 tmp = talloc_strdup(smb_fname_dst,
6016 smb_fname_orig_lcomp->stream_name);
6018 status = NT_STATUS_NO_MEMORY;
6019 TALLOC_FREE(fname_dst_lcomp_base_mod);
6020 TALLOC_FREE(smb_fname_orig_lcomp);
6023 TALLOC_FREE(smb_fname_dst->stream_name);
6024 smb_fname_dst->stream_name = tmp;
6026 TALLOC_FREE(fname_dst_lcomp_base_mod);
6027 TALLOC_FREE(smb_fname_orig_lcomp);
6031 * If the src and dest names are identical - including case,
6032 * don't do the rename, just return success.
6035 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6036 strcsequal(fsp->fsp_name->stream_name,
6037 smb_fname_dst->stream_name)) {
6038 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6039 "- returning success\n",
6040 smb_fname_str_dbg(smb_fname_dst)));
6041 status = NT_STATUS_OK;
6045 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6046 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6048 /* Return the correct error code if both names aren't streams. */
6049 if (!old_is_stream && new_is_stream) {
6050 status = NT_STATUS_OBJECT_NAME_INVALID;
6054 if (old_is_stream && !new_is_stream) {
6055 status = NT_STATUS_INVALID_PARAMETER;
6059 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6061 if(!replace_if_exists && dst_exists) {
6062 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6063 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6064 smb_fname_str_dbg(smb_fname_dst)));
6065 status = NT_STATUS_OBJECT_NAME_COLLISION;
6070 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6071 &smb_fname_dst->st);
6072 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6074 /* The file can be open when renaming a stream */
6075 if (dst_fsp && !new_is_stream) {
6076 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6077 status = NT_STATUS_ACCESS_DENIED;
6082 /* Ensure we have a valid stat struct for the source. */
6083 status = vfs_stat_fsp(fsp);
6084 if (!NT_STATUS_IS_OK(status)) {
6088 status = can_rename(conn, fsp, attrs);
6090 if (!NT_STATUS_IS_OK(status)) {
6091 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6092 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6093 smb_fname_str_dbg(smb_fname_dst)));
6094 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6095 status = NT_STATUS_ACCESS_DENIED;
6099 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6100 status = NT_STATUS_ACCESS_DENIED;
6103 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6107 * We have the file open ourselves, so not being able to get the
6108 * corresponding share mode lock is a fatal error.
6111 SMB_ASSERT(lck != NULL);
6113 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6114 uint32 create_options = fsp->fh->private_options;
6116 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6117 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6118 smb_fname_str_dbg(smb_fname_dst)));
6120 if (!lp_posix_pathnames() &&
6121 (lp_map_archive(SNUM(conn)) ||
6122 lp_store_dos_attributes(SNUM(conn)))) {
6123 /* We must set the archive bit on the newly
6125 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6126 uint32_t old_dosmode = dos_mode(conn,
6128 file_set_dosmode(conn,
6130 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6136 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6139 rename_open_files(conn, lck, smb_fname_dst);
6142 * A rename acts as a new file create w.r.t. allowing an initial delete
6143 * on close, probably because in Windows there is a new handle to the
6144 * new file. If initial delete on close was requested but not
6145 * originally set, we need to set it here. This is probably not 100% correct,
6146 * but will work for the CIFSFS client which in non-posix mode
6147 * depends on these semantics. JRA.
6150 if (create_options & FILE_DELETE_ON_CLOSE) {
6151 status = can_set_delete_on_close(fsp, 0);
6153 if (NT_STATUS_IS_OK(status)) {
6154 /* Note that here we set the *inital* delete on close flag,
6155 * not the regular one. The magic gets handled in close. */
6156 fsp->initial_delete_on_close = True;
6160 status = NT_STATUS_OK;
6166 if (errno == ENOTDIR || errno == EISDIR) {
6167 status = NT_STATUS_OBJECT_NAME_COLLISION;
6169 status = map_nt_error_from_unix(errno);
6172 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6173 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6174 smb_fname_str_dbg(smb_fname_dst)));
6177 TALLOC_FREE(smb_fname_dst);
6182 /****************************************************************************
6183 The guts of the rename command, split out so it may be called by the NT SMB
6185 ****************************************************************************/
6187 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6188 connection_struct *conn,
6189 struct smb_request *req,
6190 struct smb_filename *smb_fname_src,
6191 struct smb_filename *smb_fname_dst,
6193 bool replace_if_exists,
6196 uint32_t access_mask)
6198 char *fname_src_dir = NULL;
6199 char *fname_src_mask = NULL;
6201 NTSTATUS status = NT_STATUS_OK;
6202 struct smb_Dir *dir_hnd = NULL;
6203 const char *dname = NULL;
6204 char *talloced = NULL;
6206 int create_options = 0;
6207 bool posix_pathnames = lp_posix_pathnames();
6210 * Split the old name into directory and last component
6211 * strings. Note that unix_convert may have stripped off a
6212 * leading ./ from both name and newname if the rename is
6213 * at the root of the share. We need to make sure either both
6214 * name and newname contain a / character or neither of them do
6215 * as this is checked in resolve_wildcards().
6218 /* Split up the directory from the filename/mask. */
6219 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6220 &fname_src_dir, &fname_src_mask);
6221 if (!NT_STATUS_IS_OK(status)) {
6222 status = NT_STATUS_NO_MEMORY;
6227 * We should only check the mangled cache
6228 * here if unix_convert failed. This means
6229 * that the path in 'mask' doesn't exist
6230 * on the file system and so we need to look
6231 * for a possible mangle. This patch from
6232 * Tine Smukavec <valentin.smukavec@hermes.si>.
6235 if (!VALID_STAT(smb_fname_src->st) &&
6236 mangle_is_mangled(fname_src_mask, conn->params)) {
6237 char *new_mask = NULL;
6238 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6241 TALLOC_FREE(fname_src_mask);
6242 fname_src_mask = new_mask;
6246 if (!src_has_wild) {
6250 * Only one file needs to be renamed. Append the mask back
6251 * onto the directory.
6253 TALLOC_FREE(smb_fname_src->base_name);
6254 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6258 if (!smb_fname_src->base_name) {
6259 status = NT_STATUS_NO_MEMORY;
6263 /* Ensure dst fname contains a '/' also */
6264 if(strrchr_m(smb_fname_dst->base_name, '/') == 0) {
6266 tmp = talloc_asprintf(smb_fname_dst, "./%s",
6267 smb_fname_dst->base_name);
6269 status = NT_STATUS_NO_MEMORY;
6272 TALLOC_FREE(smb_fname_dst->base_name);
6273 smb_fname_dst->base_name = tmp;
6276 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6277 "case_preserve = %d, short case preserve = %d, "
6278 "directory = %s, newname = %s, "
6279 "last_component_dest = %s\n",
6280 conn->case_sensitive, conn->case_preserve,
6281 conn->short_case_preserve,
6282 smb_fname_str_dbg(smb_fname_src),
6283 smb_fname_str_dbg(smb_fname_dst),
6284 smb_fname_dst->original_lcomp));
6286 /* The dest name still may have wildcards. */
6287 if (dest_has_wild) {
6288 char *fname_dst_mod = NULL;
6289 if (!resolve_wildcards(smb_fname_dst,
6290 smb_fname_src->base_name,
6291 smb_fname_dst->base_name,
6293 DEBUG(6, ("rename_internals: resolve_wildcards "
6295 smb_fname_src->base_name,
6296 smb_fname_dst->base_name));
6297 status = NT_STATUS_NO_MEMORY;
6300 TALLOC_FREE(smb_fname_dst->base_name);
6301 smb_fname_dst->base_name = fname_dst_mod;
6304 ZERO_STRUCT(smb_fname_src->st);
6305 if (posix_pathnames) {
6306 SMB_VFS_LSTAT(conn, smb_fname_src);
6308 SMB_VFS_STAT(conn, smb_fname_src);
6311 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6312 create_options |= FILE_DIRECTORY_FILE;
6315 status = SMB_VFS_CREATE_FILE(
6318 0, /* root_dir_fid */
6319 smb_fname_src, /* fname */
6320 access_mask, /* access_mask */
6321 (FILE_SHARE_READ | /* share_access */
6323 FILE_OPEN, /* create_disposition*/
6324 create_options, /* create_options */
6325 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6326 0, /* oplock_request */
6327 0, /* allocation_size */
6328 0, /* private_flags */
6334 if (!NT_STATUS_IS_OK(status)) {
6335 DEBUG(3, ("Could not open rename source %s: %s\n",
6336 smb_fname_str_dbg(smb_fname_src),
6337 nt_errstr(status)));
6341 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6342 attrs, replace_if_exists);
6344 close_file(req, fsp, NORMAL_CLOSE);
6346 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6347 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6348 smb_fname_str_dbg(smb_fname_dst)));
6354 * Wildcards - process each file that matches.
6356 if (strequal(fname_src_mask, "????????.???")) {
6357 TALLOC_FREE(fname_src_mask);
6358 fname_src_mask = talloc_strdup(ctx, "*");
6359 if (!fname_src_mask) {
6360 status = NT_STATUS_NO_MEMORY;
6365 status = check_name(conn, fname_src_dir);
6366 if (!NT_STATUS_IS_OK(status)) {
6370 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6372 if (dir_hnd == NULL) {
6373 status = map_nt_error_from_unix(errno);
6377 status = NT_STATUS_NO_SUCH_FILE;
6379 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6380 * - gentest fix. JRA
6383 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6385 files_struct *fsp = NULL;
6386 char *destname = NULL;
6387 bool sysdir_entry = False;
6389 /* Quick check for "." and ".." */
6390 if (ISDOT(dname) || ISDOTDOT(dname)) {
6392 sysdir_entry = True;
6394 TALLOC_FREE(talloced);
6399 if (!is_visible_file(conn, fname_src_dir, dname,
6400 &smb_fname_src->st, false)) {
6401 TALLOC_FREE(talloced);
6405 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6406 TALLOC_FREE(talloced);
6411 status = NT_STATUS_OBJECT_NAME_INVALID;
6415 TALLOC_FREE(smb_fname_src->base_name);
6416 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6420 if (!smb_fname_src->base_name) {
6421 status = NT_STATUS_NO_MEMORY;
6425 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6426 smb_fname_dst->base_name,
6428 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6429 smb_fname_src->base_name, destname));
6430 TALLOC_FREE(talloced);
6434 status = NT_STATUS_NO_MEMORY;
6438 TALLOC_FREE(smb_fname_dst->base_name);
6439 smb_fname_dst->base_name = destname;
6441 ZERO_STRUCT(smb_fname_src->st);
6442 if (posix_pathnames) {
6443 SMB_VFS_LSTAT(conn, smb_fname_src);
6445 SMB_VFS_STAT(conn, smb_fname_src);
6450 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6451 create_options |= FILE_DIRECTORY_FILE;
6454 status = SMB_VFS_CREATE_FILE(
6457 0, /* root_dir_fid */
6458 smb_fname_src, /* fname */
6459 access_mask, /* access_mask */
6460 (FILE_SHARE_READ | /* share_access */
6462 FILE_OPEN, /* create_disposition*/
6463 create_options, /* create_options */
6464 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6465 0, /* oplock_request */
6466 0, /* allocation_size */
6467 0, /* private_flags */
6473 if (!NT_STATUS_IS_OK(status)) {
6474 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6475 "returned %s rename %s -> %s\n",
6477 smb_fname_str_dbg(smb_fname_src),
6478 smb_fname_str_dbg(smb_fname_dst)));
6482 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6484 if (!smb_fname_dst->original_lcomp) {
6485 status = NT_STATUS_NO_MEMORY;
6489 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6490 attrs, replace_if_exists);
6492 close_file(req, fsp, NORMAL_CLOSE);
6494 if (!NT_STATUS_IS_OK(status)) {
6495 DEBUG(3, ("rename_internals_fsp returned %s for "
6496 "rename %s -> %s\n", nt_errstr(status),
6497 smb_fname_str_dbg(smb_fname_src),
6498 smb_fname_str_dbg(smb_fname_dst)));
6504 DEBUG(3,("rename_internals: doing rename on %s -> "
6505 "%s\n", smb_fname_str_dbg(smb_fname_src),
6506 smb_fname_str_dbg(smb_fname_src)));
6507 TALLOC_FREE(talloced);
6509 TALLOC_FREE(dir_hnd);
6511 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6512 status = map_nt_error_from_unix(errno);
6516 TALLOC_FREE(talloced);
6517 TALLOC_FREE(fname_src_dir);
6518 TALLOC_FREE(fname_src_mask);
6522 /****************************************************************************
6524 ****************************************************************************/
6526 void reply_mv(struct smb_request *req)
6528 connection_struct *conn = req->conn;
6530 char *newname = NULL;
6534 bool src_has_wcard = False;
6535 bool dest_has_wcard = False;
6536 TALLOC_CTX *ctx = talloc_tos();
6537 struct smb_filename *smb_fname_src = NULL;
6538 struct smb_filename *smb_fname_dst = NULL;
6540 START_PROFILE(SMBmv);
6543 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6547 attrs = SVAL(req->vwv+0, 0);
6549 p = (const char *)req->buf + 1;
6550 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6551 &status, &src_has_wcard);
6552 if (!NT_STATUS_IS_OK(status)) {
6553 reply_nterror(req, status);
6557 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6558 &status, &dest_has_wcard);
6559 if (!NT_STATUS_IS_OK(status)) {
6560 reply_nterror(req, status);
6564 status = filename_convert(ctx,
6566 req->flags2 & FLAGS2_DFS_PATHNAMES,
6568 UCF_COND_ALLOW_WCARD_LCOMP,
6572 if (!NT_STATUS_IS_OK(status)) {
6573 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6574 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6575 ERRSRV, ERRbadpath);
6578 reply_nterror(req, status);
6582 status = filename_convert(ctx,
6584 req->flags2 & FLAGS2_DFS_PATHNAMES,
6586 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6590 if (!NT_STATUS_IS_OK(status)) {
6591 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6592 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6593 ERRSRV, ERRbadpath);
6596 reply_nterror(req, status);
6600 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6601 smb_fname_str_dbg(smb_fname_dst)));
6603 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6604 attrs, False, src_has_wcard, dest_has_wcard,
6606 if (!NT_STATUS_IS_OK(status)) {
6607 if (open_was_deferred(req->mid)) {
6608 /* We have re-scheduled this call. */
6611 reply_nterror(req, status);
6615 reply_outbuf(req, 0, 0);
6617 TALLOC_FREE(smb_fname_src);
6618 TALLOC_FREE(smb_fname_dst);
6623 /*******************************************************************
6624 Copy a file as part of a reply_copy.
6625 ******************************************************************/
6628 * TODO: check error codes on all callers
6631 NTSTATUS copy_file(TALLOC_CTX *ctx,
6632 connection_struct *conn,
6633 struct smb_filename *smb_fname_src,
6634 struct smb_filename *smb_fname_dst,
6637 bool target_is_directory)
6639 struct smb_filename *smb_fname_dst_tmp = NULL;
6641 files_struct *fsp1,*fsp2;
6643 uint32 new_create_disposition;
6647 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6648 if (!NT_STATUS_IS_OK(status)) {
6653 * If the target is a directory, extract the last component from the
6654 * src filename and append it to the dst filename
6656 if (target_is_directory) {
6659 /* dest/target can't be a stream if it's a directory. */
6660 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6662 p = strrchr_m(smb_fname_src->base_name,'/');
6666 p = smb_fname_src->base_name;
6668 smb_fname_dst_tmp->base_name =
6669 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6671 if (!smb_fname_dst_tmp->base_name) {
6672 status = NT_STATUS_NO_MEMORY;
6677 status = vfs_file_exist(conn, smb_fname_src);
6678 if (!NT_STATUS_IS_OK(status)) {
6682 if (!target_is_directory && count) {
6683 new_create_disposition = FILE_OPEN;
6685 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6687 &new_create_disposition,
6690 status = NT_STATUS_INVALID_PARAMETER;
6695 /* Open the src file for reading. */
6696 status = SMB_VFS_CREATE_FILE(
6699 0, /* root_dir_fid */
6700 smb_fname_src, /* fname */
6701 FILE_GENERIC_READ, /* access_mask */
6702 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6703 FILE_OPEN, /* create_disposition*/
6704 0, /* create_options */
6705 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6706 INTERNAL_OPEN_ONLY, /* oplock_request */
6707 0, /* allocation_size */
6708 0, /* private_flags */
6714 if (!NT_STATUS_IS_OK(status)) {
6718 dosattrs = dos_mode(conn, smb_fname_src);
6720 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6721 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6724 /* Open the dst file for writing. */
6725 status = SMB_VFS_CREATE_FILE(
6728 0, /* root_dir_fid */
6729 smb_fname_dst, /* fname */
6730 FILE_GENERIC_WRITE, /* access_mask */
6731 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6732 new_create_disposition, /* create_disposition*/
6733 0, /* create_options */
6734 dosattrs, /* file_attributes */
6735 INTERNAL_OPEN_ONLY, /* oplock_request */
6736 0, /* allocation_size */
6737 0, /* private_flags */
6743 if (!NT_STATUS_IS_OK(status)) {
6744 close_file(NULL, fsp1, ERROR_CLOSE);
6748 if ((ofun&3) == 1) {
6749 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6750 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6752 * Stop the copy from occurring.
6755 smb_fname_src->st.st_ex_size = 0;
6759 /* Do the actual copy. */
6760 if (smb_fname_src->st.st_ex_size) {
6761 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6764 close_file(NULL, fsp1, NORMAL_CLOSE);
6766 /* Ensure the modtime is set correctly on the destination file. */
6767 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6770 * As we are opening fsp1 read-only we only expect
6771 * an error on close on fsp2 if we are out of space.
6772 * Thus we don't look at the error return from the
6775 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6777 if (!NT_STATUS_IS_OK(status)) {
6781 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6782 status = NT_STATUS_DISK_FULL;
6786 status = NT_STATUS_OK;
6789 TALLOC_FREE(smb_fname_dst_tmp);
6793 /****************************************************************************
6794 Reply to a file copy.
6795 ****************************************************************************/
6797 void reply_copy(struct smb_request *req)
6799 connection_struct *conn = req->conn;
6800 struct smb_filename *smb_fname_src = NULL;
6801 struct smb_filename *smb_fname_dst = NULL;
6802 char *fname_src = NULL;
6803 char *fname_dst = NULL;
6804 char *fname_src_mask = NULL;
6805 char *fname_src_dir = NULL;
6808 int error = ERRnoaccess;
6812 bool target_is_directory=False;
6813 bool source_has_wild = False;
6814 bool dest_has_wild = False;
6816 TALLOC_CTX *ctx = talloc_tos();
6818 START_PROFILE(SMBcopy);
6821 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6825 tid2 = SVAL(req->vwv+0, 0);
6826 ofun = SVAL(req->vwv+1, 0);
6827 flags = SVAL(req->vwv+2, 0);
6829 p = (const char *)req->buf;
6830 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6831 &status, &source_has_wild);
6832 if (!NT_STATUS_IS_OK(status)) {
6833 reply_nterror(req, status);
6836 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6837 &status, &dest_has_wild);
6838 if (!NT_STATUS_IS_OK(status)) {
6839 reply_nterror(req, status);
6843 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6845 if (tid2 != conn->cnum) {
6846 /* can't currently handle inter share copies XXXX */
6847 DEBUG(3,("Rejecting inter-share copy\n"));
6848 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6852 status = filename_convert(ctx, conn,
6853 req->flags2 & FLAGS2_DFS_PATHNAMES,
6855 UCF_COND_ALLOW_WCARD_LCOMP,
6858 if (!NT_STATUS_IS_OK(status)) {
6859 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6860 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6861 ERRSRV, ERRbadpath);
6864 reply_nterror(req, status);
6868 status = filename_convert(ctx, conn,
6869 req->flags2 & FLAGS2_DFS_PATHNAMES,
6871 UCF_COND_ALLOW_WCARD_LCOMP,
6874 if (!NT_STATUS_IS_OK(status)) {
6875 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6876 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6877 ERRSRV, ERRbadpath);
6880 reply_nterror(req, status);
6884 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6886 if ((flags&1) && target_is_directory) {
6887 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6891 if ((flags&2) && !target_is_directory) {
6892 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6896 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6897 /* wants a tree copy! XXXX */
6898 DEBUG(3,("Rejecting tree copy\n"));
6899 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6903 /* Split up the directory from the filename/mask. */
6904 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6905 &fname_src_dir, &fname_src_mask);
6906 if (!NT_STATUS_IS_OK(status)) {
6907 reply_nterror(req, NT_STATUS_NO_MEMORY);
6912 * We should only check the mangled cache
6913 * here if unix_convert failed. This means
6914 * that the path in 'mask' doesn't exist
6915 * on the file system and so we need to look
6916 * for a possible mangle. This patch from
6917 * Tine Smukavec <valentin.smukavec@hermes.si>.
6919 if (!VALID_STAT(smb_fname_src->st) &&
6920 mangle_is_mangled(fname_src_mask, conn->params)) {
6921 char *new_mask = NULL;
6922 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6923 &new_mask, conn->params);
6925 /* Use demangled name if one was successfully found. */
6927 TALLOC_FREE(fname_src_mask);
6928 fname_src_mask = new_mask;
6932 if (!source_has_wild) {
6935 * Only one file needs to be copied. Append the mask back onto
6938 TALLOC_FREE(smb_fname_src->base_name);
6939 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6943 if (!smb_fname_src->base_name) {
6944 reply_nterror(req, NT_STATUS_NO_MEMORY);
6948 if (dest_has_wild) {
6949 char *fname_dst_mod = NULL;
6950 if (!resolve_wildcards(smb_fname_dst,
6951 smb_fname_src->base_name,
6952 smb_fname_dst->base_name,
6954 reply_nterror(req, NT_STATUS_NO_MEMORY);
6957 TALLOC_FREE(smb_fname_dst->base_name);
6958 smb_fname_dst->base_name = fname_dst_mod;
6961 status = check_name(conn, smb_fname_src->base_name);
6962 if (!NT_STATUS_IS_OK(status)) {
6963 reply_nterror(req, status);
6967 status = check_name(conn, smb_fname_dst->base_name);
6968 if (!NT_STATUS_IS_OK(status)) {
6969 reply_nterror(req, status);
6973 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
6974 ofun, count, target_is_directory);
6976 if(!NT_STATUS_IS_OK(status)) {
6977 reply_nterror(req, status);
6983 struct smb_Dir *dir_hnd = NULL;
6984 const char *dname = NULL;
6985 char *talloced = NULL;
6989 * There is a wildcard that requires us to actually read the
6990 * src dir and copy each file matching the mask to the dst.
6991 * Right now streams won't be copied, but this could
6992 * presumably be added with a nested loop for reach dir entry.
6994 SMB_ASSERT(!smb_fname_src->stream_name);
6995 SMB_ASSERT(!smb_fname_dst->stream_name);
6997 smb_fname_src->stream_name = NULL;
6998 smb_fname_dst->stream_name = NULL;
7000 if (strequal(fname_src_mask,"????????.???")) {
7001 TALLOC_FREE(fname_src_mask);
7002 fname_src_mask = talloc_strdup(ctx, "*");
7003 if (!fname_src_mask) {
7004 reply_nterror(req, NT_STATUS_NO_MEMORY);
7009 status = check_name(conn, fname_src_dir);
7010 if (!NT_STATUS_IS_OK(status)) {
7011 reply_nterror(req, status);
7015 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7016 if (dir_hnd == NULL) {
7017 status = map_nt_error_from_unix(errno);
7018 reply_nterror(req, status);
7024 /* Iterate over the src dir copying each entry to the dst. */
7025 while ((dname = ReadDirName(dir_hnd, &offset,
7026 &smb_fname_src->st, &talloced))) {
7027 char *destname = NULL;
7029 if (ISDOT(dname) || ISDOTDOT(dname)) {
7030 TALLOC_FREE(talloced);
7034 if (!is_visible_file(conn, fname_src_dir, dname,
7035 &smb_fname_src->st, false)) {
7036 TALLOC_FREE(talloced);
7040 if(!mask_match(dname, fname_src_mask,
7041 conn->case_sensitive)) {
7042 TALLOC_FREE(talloced);
7046 error = ERRnoaccess;
7048 /* Get the src smb_fname struct setup. */
7049 TALLOC_FREE(smb_fname_src->base_name);
7050 smb_fname_src->base_name =
7051 talloc_asprintf(smb_fname_src, "%s/%s",
7052 fname_src_dir, dname);
7054 if (!smb_fname_src->base_name) {
7055 TALLOC_FREE(dir_hnd);
7056 TALLOC_FREE(talloced);
7057 reply_nterror(req, NT_STATUS_NO_MEMORY);
7061 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7062 smb_fname_dst->base_name,
7064 TALLOC_FREE(talloced);
7068 TALLOC_FREE(dir_hnd);
7069 TALLOC_FREE(talloced);
7070 reply_nterror(req, NT_STATUS_NO_MEMORY);
7074 TALLOC_FREE(smb_fname_dst->base_name);
7075 smb_fname_dst->base_name = destname;
7077 status = check_name(conn, smb_fname_src->base_name);
7078 if (!NT_STATUS_IS_OK(status)) {
7079 TALLOC_FREE(dir_hnd);
7080 TALLOC_FREE(talloced);
7081 reply_nterror(req, status);
7085 status = check_name(conn, smb_fname_dst->base_name);
7086 if (!NT_STATUS_IS_OK(status)) {
7087 TALLOC_FREE(dir_hnd);
7088 TALLOC_FREE(talloced);
7089 reply_nterror(req, status);
7093 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7094 smb_fname_src->base_name,
7095 smb_fname_dst->base_name));
7097 status = copy_file(ctx, conn, smb_fname_src,
7098 smb_fname_dst, ofun, count,
7099 target_is_directory);
7100 if (NT_STATUS_IS_OK(status)) {
7104 TALLOC_FREE(talloced);
7106 TALLOC_FREE(dir_hnd);
7110 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7114 reply_outbuf(req, 1, 0);
7115 SSVAL(req->outbuf,smb_vwv0,count);
7117 TALLOC_FREE(smb_fname_src);
7118 TALLOC_FREE(smb_fname_dst);
7119 TALLOC_FREE(fname_src);
7120 TALLOC_FREE(fname_dst);
7121 TALLOC_FREE(fname_src_mask);
7122 TALLOC_FREE(fname_src_dir);
7124 END_PROFILE(SMBcopy);
7129 #define DBGC_CLASS DBGC_LOCKING
7131 /****************************************************************************
7132 Get a lock pid, dealing with large count requests.
7133 ****************************************************************************/
7135 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7136 bool large_file_format)
7138 if(!large_file_format)
7139 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7141 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7144 /****************************************************************************
7145 Get a lock count, dealing with large count requests.
7146 ****************************************************************************/
7148 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7149 bool large_file_format)
7153 if(!large_file_format) {
7154 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7157 #if defined(HAVE_LONGLONG)
7158 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7159 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7160 #else /* HAVE_LONGLONG */
7163 * NT4.x seems to be broken in that it sends large file (64 bit)
7164 * lockingX calls even if the CAP_LARGE_FILES was *not*
7165 * negotiated. For boxes without large unsigned ints truncate the
7166 * lock count by dropping the top 32 bits.
7169 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7170 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7171 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7172 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7173 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7176 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7177 #endif /* HAVE_LONGLONG */
7183 #if !defined(HAVE_LONGLONG)
7184 /****************************************************************************
7185 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7186 ****************************************************************************/
7188 static uint32 map_lock_offset(uint32 high, uint32 low)
7192 uint32 highcopy = high;
7195 * Try and find out how many significant bits there are in high.
7198 for(i = 0; highcopy; i++)
7202 * We use 31 bits not 32 here as POSIX
7203 * lock offsets may not be negative.
7206 mask = (~0) << (31 - i);
7209 return 0; /* Fail. */
7215 #endif /* !defined(HAVE_LONGLONG) */
7217 /****************************************************************************
7218 Get a lock offset, dealing with large offset requests.
7219 ****************************************************************************/
7221 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7222 bool large_file_format, bool *err)
7224 uint64_t offset = 0;
7228 if(!large_file_format) {
7229 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7232 #if defined(HAVE_LONGLONG)
7233 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7234 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7235 #else /* HAVE_LONGLONG */
7238 * NT4.x seems to be broken in that it sends large file (64 bit)
7239 * lockingX calls even if the CAP_LARGE_FILES was *not*
7240 * negotiated. For boxes without large unsigned ints mangle the
7241 * lock offset by mapping the top 32 bits onto the lower 32.
7244 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7245 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7246 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7249 if((new_low = map_lock_offset(high, low)) == 0) {
7251 return (uint64_t)-1;
7254 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7255 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7256 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7257 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7260 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7261 #endif /* HAVE_LONGLONG */
7267 NTSTATUS smbd_do_locking(struct smb_request *req,
7271 uint16_t num_ulocks,
7272 struct smbd_lock_element *ulocks,
7274 struct smbd_lock_element *locks,
7277 connection_struct *conn = req->conn;
7279 NTSTATUS status = NT_STATUS_OK;
7283 /* Data now points at the beginning of the list
7284 of smb_unlkrng structs */
7285 for(i = 0; i < (int)num_ulocks; i++) {
7286 struct smbd_lock_element *e = &ulocks[i];
7288 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7289 "pid %u, file %s\n",
7292 (unsigned int)e->smblctx,
7295 if (e->brltype != UNLOCK_LOCK) {
7296 /* this can only happen with SMB2 */
7297 return NT_STATUS_INVALID_PARAMETER;
7300 status = do_unlock(req->sconn->msg_ctx,
7307 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7308 nt_errstr(status)));
7310 if (!NT_STATUS_IS_OK(status)) {
7315 /* Setup the timeout in seconds. */
7317 if (!lp_blocking_locks(SNUM(conn))) {
7321 /* Data now points at the beginning of the list
7322 of smb_lkrng structs */
7324 for(i = 0; i < (int)num_locks; i++) {
7325 struct smbd_lock_element *e = &locks[i];
7327 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7328 "%llu, file %s timeout = %d\n",
7331 (unsigned long long)e->smblctx,
7335 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7336 struct blocking_lock_record *blr = NULL;
7338 if (num_locks > 1) {
7340 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7341 * if the lock vector contains one entry. When given mutliple cancel
7342 * requests in a single PDU we expect the server to return an
7343 * error. Windows servers seem to accept the request but only
7344 * cancel the first lock.
7345 * JRA - Do what Windows does (tm) :-).
7349 /* MS-CIFS (2.2.4.32.1) behavior. */
7350 return NT_STATUS_DOS(ERRDOS,
7351 ERRcancelviolation);
7353 /* Windows behavior. */
7355 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7356 "cancel request\n"));
7362 if (lp_blocking_locks(SNUM(conn))) {
7364 /* Schedule a message to ourselves to
7365 remove the blocking lock record and
7366 return the right error. */
7368 blr = blocking_lock_cancel_smb1(fsp,
7374 NT_STATUS_FILE_LOCK_CONFLICT);
7376 return NT_STATUS_DOS(
7378 ERRcancelviolation);
7381 /* Remove a matching pending lock. */
7382 status = do_lock_cancel(fsp,
7389 bool blocking_lock = timeout ? true : false;
7390 bool defer_lock = false;
7391 struct byte_range_lock *br_lck;
7392 uint64_t block_smblctx;
7394 br_lck = do_lock(req->sconn->msg_ctx,
7406 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7407 /* Windows internal resolution for blocking locks seems
7408 to be about 200ms... Don't wait for less than that. JRA. */
7409 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7410 timeout = lp_lock_spin_time();
7415 /* If a lock sent with timeout of zero would fail, and
7416 * this lock has been requested multiple times,
7417 * according to brl_lock_failed() we convert this
7418 * request to a blocking lock with a timeout of between
7419 * 150 - 300 milliseconds.
7421 * If lp_lock_spin_time() has been set to 0, we skip
7422 * this blocking retry and fail immediately.
7424 * Replacement for do_lock_spin(). JRA. */
7426 if (!req->sconn->using_smb2 &&
7427 br_lck && lp_blocking_locks(SNUM(conn)) &&
7428 lp_lock_spin_time() && !blocking_lock &&
7429 NT_STATUS_EQUAL((status),
7430 NT_STATUS_FILE_LOCK_CONFLICT))
7433 timeout = lp_lock_spin_time();
7436 if (br_lck && defer_lock) {
7438 * A blocking lock was requested. Package up
7439 * this smb into a queued request and push it
7440 * onto the blocking lock queue.
7442 if(push_blocking_lock_request(br_lck,
7453 TALLOC_FREE(br_lck);
7455 return NT_STATUS_OK;
7459 TALLOC_FREE(br_lck);
7462 if (!NT_STATUS_IS_OK(status)) {
7467 /* If any of the above locks failed, then we must unlock
7468 all of the previous locks (X/Open spec). */
7470 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7472 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7473 i = -1; /* we want to skip the for loop */
7477 * Ensure we don't do a remove on the lock that just failed,
7478 * as under POSIX rules, if we have a lock already there, we
7479 * will delete it (and we shouldn't) .....
7481 for(i--; i >= 0; i--) {
7482 struct smbd_lock_element *e = &locks[i];
7484 do_unlock(req->sconn->msg_ctx,
7494 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7495 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7497 return NT_STATUS_OK;
7500 /****************************************************************************
7501 Reply to a lockingX request.
7502 ****************************************************************************/
7504 void reply_lockingX(struct smb_request *req)
7506 connection_struct *conn = req->conn;
7508 unsigned char locktype;
7509 unsigned char oplocklevel;
7514 const uint8_t *data;
7515 bool large_file_format;
7517 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7518 struct smbd_lock_element *ulocks;
7519 struct smbd_lock_element *locks;
7522 START_PROFILE(SMBlockingX);
7525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7526 END_PROFILE(SMBlockingX);
7530 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7531 locktype = CVAL(req->vwv+3, 0);
7532 oplocklevel = CVAL(req->vwv+3, 1);
7533 num_ulocks = SVAL(req->vwv+6, 0);
7534 num_locks = SVAL(req->vwv+7, 0);
7535 lock_timeout = IVAL(req->vwv+4, 0);
7536 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7538 if (!check_fsp(conn, req, fsp)) {
7539 END_PROFILE(SMBlockingX);
7545 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7546 /* we don't support these - and CANCEL_LOCK makes w2k
7547 and XP reboot so I don't really want to be
7548 compatible! (tridge) */
7549 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7550 END_PROFILE(SMBlockingX);
7554 /* Check if this is an oplock break on a file
7555 we have granted an oplock on.
7557 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7558 /* Client can insist on breaking to none. */
7559 bool break_to_none = (oplocklevel == 0);
7562 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7563 "for fnum = %d\n", (unsigned int)oplocklevel,
7567 * Make sure we have granted an exclusive or batch oplock on
7571 if (fsp->oplock_type == 0) {
7573 /* The Samba4 nbench simulator doesn't understand
7574 the difference between break to level2 and break
7575 to none from level2 - it sends oplock break
7576 replies in both cases. Don't keep logging an error
7577 message here - just ignore it. JRA. */
7579 DEBUG(5,("reply_lockingX: Error : oplock break from "
7580 "client for fnum = %d (oplock=%d) and no "
7581 "oplock granted on this file (%s).\n",
7582 fsp->fnum, fsp->oplock_type,
7585 /* if this is a pure oplock break request then don't
7587 if (num_locks == 0 && num_ulocks == 0) {
7588 END_PROFILE(SMBlockingX);
7591 END_PROFILE(SMBlockingX);
7592 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7597 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7599 result = remove_oplock(fsp);
7601 result = downgrade_oplock(fsp);
7605 DEBUG(0, ("reply_lockingX: error in removing "
7606 "oplock on file %s\n", fsp_str_dbg(fsp)));
7607 /* Hmmm. Is this panic justified? */
7608 smb_panic("internal tdb error");
7611 reply_to_oplock_break_requests(fsp);
7613 /* if this is a pure oplock break request then don't send a
7615 if (num_locks == 0 && num_ulocks == 0) {
7616 /* Sanity check - ensure a pure oplock break is not a
7618 if(CVAL(req->vwv+0, 0) != 0xff)
7619 DEBUG(0,("reply_lockingX: Error : pure oplock "
7620 "break is a chained %d request !\n",
7621 (unsigned int)CVAL(req->vwv+0, 0)));
7622 END_PROFILE(SMBlockingX);
7628 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7629 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7630 END_PROFILE(SMBlockingX);
7634 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7635 if (ulocks == NULL) {
7636 reply_nterror(req, NT_STATUS_NO_MEMORY);
7637 END_PROFILE(SMBlockingX);
7641 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7642 if (locks == NULL) {
7643 reply_nterror(req, NT_STATUS_NO_MEMORY);
7644 END_PROFILE(SMBlockingX);
7648 /* Data now points at the beginning of the list
7649 of smb_unlkrng structs */
7650 for(i = 0; i < (int)num_ulocks; i++) {
7651 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7652 ulocks[i].count = get_lock_count(data, i, large_file_format);
7653 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7654 ulocks[i].brltype = UNLOCK_LOCK;
7657 * There is no error code marked "stupid client bug".... :-).
7660 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7661 END_PROFILE(SMBlockingX);
7666 /* Now do any requested locks */
7667 data += ((large_file_format ? 20 : 10)*num_ulocks);
7669 /* Data now points at the beginning of the list
7670 of smb_lkrng structs */
7672 for(i = 0; i < (int)num_locks; i++) {
7673 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7674 locks[i].count = get_lock_count(data, i, large_file_format);
7675 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7677 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7678 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7679 locks[i].brltype = PENDING_READ_LOCK;
7681 locks[i].brltype = READ_LOCK;
7684 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7685 locks[i].brltype = PENDING_WRITE_LOCK;
7687 locks[i].brltype = WRITE_LOCK;
7692 * There is no error code marked "stupid client bug".... :-).
7695 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7696 END_PROFILE(SMBlockingX);
7701 status = smbd_do_locking(req, fsp,
7702 locktype, lock_timeout,
7706 if (!NT_STATUS_IS_OK(status)) {
7707 END_PROFILE(SMBlockingX);
7708 reply_nterror(req, status);
7712 END_PROFILE(SMBlockingX);
7716 reply_outbuf(req, 2, 0);
7718 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7719 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7721 END_PROFILE(SMBlockingX);
7726 #define DBGC_CLASS DBGC_ALL
7728 /****************************************************************************
7729 Reply to a SMBreadbmpx (read block multiplex) request.
7730 Always reply with an error, if someone has a platform really needs this,
7731 please contact vl@samba.org
7732 ****************************************************************************/
7734 void reply_readbmpx(struct smb_request *req)
7736 START_PROFILE(SMBreadBmpx);
7737 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7738 END_PROFILE(SMBreadBmpx);
7742 /****************************************************************************
7743 Reply to a SMBreadbs (read block multiplex secondary) request.
7744 Always reply with an error, if someone has a platform really needs this,
7745 please contact vl@samba.org
7746 ****************************************************************************/
7748 void reply_readbs(struct smb_request *req)
7750 START_PROFILE(SMBreadBs);
7751 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7752 END_PROFILE(SMBreadBs);
7756 /****************************************************************************
7757 Reply to a SMBsetattrE.
7758 ****************************************************************************/
7760 void reply_setattrE(struct smb_request *req)
7762 connection_struct *conn = req->conn;
7763 struct smb_file_time ft;
7767 START_PROFILE(SMBsetattrE);
7771 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7775 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7777 if(!fsp || (fsp->conn != conn)) {
7778 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7783 * Convert the DOS times into unix times.
7786 ft.atime = convert_time_t_to_timespec(
7787 srv_make_unix_date2(req->vwv+3));
7788 ft.mtime = convert_time_t_to_timespec(
7789 srv_make_unix_date2(req->vwv+5));
7790 ft.create_time = convert_time_t_to_timespec(
7791 srv_make_unix_date2(req->vwv+1));
7793 reply_outbuf(req, 0, 0);
7796 * Patch from Ray Frush <frush@engr.colostate.edu>
7797 * Sometimes times are sent as zero - ignore them.
7800 /* Ensure we have a valid stat struct for the source. */
7801 status = vfs_stat_fsp(fsp);
7802 if (!NT_STATUS_IS_OK(status)) {
7803 reply_nterror(req, status);
7807 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7808 if (!NT_STATUS_IS_OK(status)) {
7809 reply_nterror(req, status);
7813 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7816 (unsigned int)ft.atime.tv_sec,
7817 (unsigned int)ft.mtime.tv_sec,
7818 (unsigned int)ft.create_time.tv_sec
7821 END_PROFILE(SMBsetattrE);
7826 /* Back from the dead for OS/2..... JRA. */
7828 /****************************************************************************
7829 Reply to a SMBwritebmpx (write block multiplex primary) request.
7830 Always reply with an error, if someone has a platform really needs this,
7831 please contact vl@samba.org
7832 ****************************************************************************/
7834 void reply_writebmpx(struct smb_request *req)
7836 START_PROFILE(SMBwriteBmpx);
7837 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7838 END_PROFILE(SMBwriteBmpx);
7842 /****************************************************************************
7843 Reply to a SMBwritebs (write block multiplex secondary) request.
7844 Always reply with an error, if someone has a platform really needs this,
7845 please contact vl@samba.org
7846 ****************************************************************************/
7848 void reply_writebs(struct smb_request *req)
7850 START_PROFILE(SMBwriteBs);
7851 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7852 END_PROFILE(SMBwriteBs);
7856 /****************************************************************************
7857 Reply to a SMBgetattrE.
7858 ****************************************************************************/
7860 void reply_getattrE(struct smb_request *req)
7862 connection_struct *conn = req->conn;
7865 struct timespec create_ts;
7867 START_PROFILE(SMBgetattrE);
7870 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7871 END_PROFILE(SMBgetattrE);
7875 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7877 if(!fsp || (fsp->conn != conn)) {
7878 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7879 END_PROFILE(SMBgetattrE);
7883 /* Do an fstat on this file */
7885 reply_nterror(req, map_nt_error_from_unix(errno));
7886 END_PROFILE(SMBgetattrE);
7890 mode = dos_mode(conn, fsp->fsp_name);
7893 * Convert the times into dos times. Set create
7894 * date to be last modify date as UNIX doesn't save
7898 reply_outbuf(req, 11, 0);
7900 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7901 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7902 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7903 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7904 /* Should we check pending modtime here ? JRA */
7905 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7906 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7909 SIVAL(req->outbuf, smb_vwv6, 0);
7910 SIVAL(req->outbuf, smb_vwv8, 0);
7912 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7913 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7914 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7916 SSVAL(req->outbuf,smb_vwv10, mode);
7918 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7920 END_PROFILE(SMBgetattrE);
git.samba.org / ab / samba.git / .git / blob