*/
#include "includes.h"
+#include "system/filesys.h"
+#include "smbd/smbd.h"
#include "smbd/globals.h"
+#include "fake_file.h"
+#include "../libcli/security/security.h"
+#include "../librpc/gen_ndr/ndr_security.h"
+#include "passdb/lookup_sid.h"
+#include "auth.h"
+#include "ntioctl.h"
extern const struct generic_mapping file_generic_mapping;
char *pp = params;
char *pd = pdata;
int params_sent_thistime, data_sent_thistime, total_sent_thistime;
- int alignment_offset = 3;
+ int alignment_offset = 1;
int data_alignment_offset = 0;
- struct smbd_server_connection *sconn = smbd_server_conn;
+ struct smbd_server_connection *sconn = req->sconn;
int max_send = sconn->smb1.sessions.max_send;
/*
__LINE__,__FILE__);
}
show_msg((char *)req->outbuf);
- if (!srv_send_smb(smbd_server_fd(),
+ if (!srv_send_smb(sconn,
(char *)req->outbuf,
true, req->seqnum+1,
IS_CONN_ENCRYPTED(conn),
/* Send the packet */
show_msg((char *)req->outbuf);
- if (!srv_send_smb(smbd_server_fd(),
+ if (!srv_send_smb(sconn,
(char *)req->outbuf,
true, req->seqnum+1,
IS_CONN_ENCRYPTED(conn),
chain_reply(req);
}
+struct case_semantics_state {
+ connection_struct *conn;
+ bool case_sensitive;
+ bool case_preserve;
+ bool short_case_preserve;
+};
+
+/****************************************************************************
+ Restore case semantics.
+****************************************************************************/
+
+static int restore_case_semantics(struct case_semantics_state *state)
+{
+ state->conn->case_sensitive = state->case_sensitive;
+ state->conn->case_preserve = state->case_preserve;
+ state->conn->short_case_preserve = state->short_case_preserve;
+ return 0;
+}
+
+/****************************************************************************
+ Save case semantics.
+****************************************************************************/
+
+static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
+ connection_struct *conn)
+{
+ struct case_semantics_state *result;
+
+ if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
+ return NULL;
+ }
+
+ result->conn = conn;
+ result->case_sensitive = conn->case_sensitive;
+ result->case_preserve = conn->case_preserve;
+ result->short_case_preserve = conn->short_case_preserve;
+
+ /* Set to POSIX. */
+ conn->case_sensitive = True;
+ conn->case_preserve = True;
+ conn->short_case_preserve = True;
+
+ talloc_set_destructor(result, restore_case_semantics);
+
+ return result;
+}
+
/****************************************************************************
Reply to an NT create and X call.
****************************************************************************/
NTSTATUS status;
int oplock_request;
uint8_t oplock_granted = NO_OPLOCK_RETURN;
+ struct case_semantics_state *case_state = NULL;
TALLOC_CTX *ctx = talloc_tos();
START_PROFILE(SMBntcreateX);
if (req->wct < 24) {
reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- return;
+ goto out;
}
flags = IVAL(req->vwv+3, 1);
do_ntcreate_pipe_open(conn, req);
goto out;
}
- reply_doserror(req, ERRDOS, ERRnoaccess);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
goto out;
}
? BATCH_OPLOCK : 0;
}
+ if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
+ case_state = set_posix_case_semantics(ctx, conn);
+ if (!case_state) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ goto out;
+ }
+ }
+
status = filename_convert(ctx,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
NULL,
&smb_fname);
+ TALLOC_FREE(case_state);
+
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
reply_botherror(req,
goto out;
}
+ /*
+ * Bug #6898 - clients using Windows opens should
+ * never be able to set this attribute into the
+ * VFS.
+ */
+ file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
+
status = SMB_VFS_CREATE_FILE(
conn, /* conn */
req, /* req */
file_attributes, /* file_attributes */
oplock_request, /* oplock_request */
allocation_size, /* allocation_size */
+ 0, /* private_flags */
NULL, /* sd */
NULL, /* ea_list */
&fsp, /* result */
/* We have re-scheduled this call, no error. */
goto out;
}
- if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
- reply_botherror(req, status, ERRDOS, ERRfilexists);
- }
- else {
- reply_nterror(req, status);
- }
+ reply_openerror(req, status);
goto out;
}
}
file_len = smb_fname->st.st_ex_size;
- fattr = dos_mode(conn, smb_fname);
- if (fattr == 0) {
- fattr = FILE_ATTRIBUTE_NORMAL;
- }
if (flags & EXTENDED_RESPONSE_REQUIRED) {
/* This is very strange. We
}
p += 4;
+ fattr = dos_mode(conn, smb_fname);
+ if (fattr == 0) {
+ fattr = FILE_ATTRIBUTE_NORMAL;
+ }
+
/* Deal with other possible opens having a modified
write time. JRA. */
ZERO_STRUCT(write_time_ts);
- get_file_infos(fsp->file_id, NULL, &write_time_ts);
+ get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
if (!null_timespec(write_time_ts)) {
update_stat_ex_mtime(&smb_fname->st, write_time_ts);
}
if(parameter_count < 54) {
DEBUG(0,("do_nt_transact_create_pipe - insufficient parameters (%u)\n", (unsigned int)parameter_count));
- reply_doserror(req, ERRDOS, ERRnoaccess);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
}
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
Internal fn to set security descriptors.
****************************************************************************/
-static NTSTATUS set_sd(files_struct *fsp, uint8 *data, uint32 sd_len,
- uint32 security_info_sent)
+NTSTATUS set_sd(files_struct *fsp, uint8_t *data, uint32_t sd_len,
+ uint32_t security_info_sent)
{
- SEC_DESC *psd = NULL;
+ struct security_descriptor *psd = NULL;
NTSTATUS status;
- if (sd_len == 0 || !lp_nt_acl_support(SNUM(fsp->conn))) {
+ if (sd_len == 0) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ if (!CAN_WRITE(fsp->conn)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if (!lp_nt_acl_support(SNUM(fsp->conn))) {
return NT_STATUS_OK;
}
}
if (psd->owner_sid == NULL) {
- security_info_sent &= ~OWNER_SECURITY_INFORMATION;
+ security_info_sent &= ~SECINFO_OWNER;
}
if (psd->group_sid == NULL) {
- security_info_sent &= ~GROUP_SECURITY_INFORMATION;
+ security_info_sent &= ~SECINFO_GROUP;
+ }
+
+ /* Ensure we have at least one thing set. */
+ if ((security_info_sent & (SECINFO_OWNER|SECINFO_GROUP|SECINFO_DACL|SECINFO_SACL)) == 0) {
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ /* Ensure we have the rights to do this. */
+ if (security_info_sent & SECINFO_OWNER) {
+ if (!(fsp->access_mask & SEC_STD_WRITE_OWNER)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
}
- /* Convert all the generic bits. */
- security_acl_map_generic(psd->dacl, &file_generic_mapping);
- security_acl_map_generic(psd->sacl, &file_generic_mapping);
+ if (security_info_sent & SECINFO_GROUP) {
+ if (!(fsp->access_mask & SEC_STD_WRITE_OWNER)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ }
+
+ if (security_info_sent & SECINFO_DACL) {
+ if (!(fsp->access_mask & SEC_STD_WRITE_DAC)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ /* Convert all the generic bits. */
+ if (psd->dacl) {
+ security_acl_map_generic(psd->dacl, &file_generic_mapping);
+ }
+ }
+
+ if (security_info_sent & SECINFO_SACL) {
+ if (!(fsp->access_mask & SEC_FLAG_SYSTEM_SECURITY)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+ /* Convert all the generic bits. */
+ if (psd->sacl) {
+ security_acl_map_generic(psd->sacl, &file_generic_mapping);
+ }
+ }
if (DEBUGLEVEL >= 10) {
DEBUG(10,("set_sd for file %s\n", fsp_str_dbg(fsp)));
uint64_t allocation_size;
int oplock_request;
uint8_t oplock_granted;
+ struct case_semantics_state *case_state = NULL;
TALLOC_CTX *ctx = talloc_tos();
DEBUG(5,("call_nt_transact_create\n"));
ppdata, data_count);
goto out;
}
- reply_doserror(req, ERRDOS, ERRnoaccess);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
goto out;
}
goto out;
}
+ if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
+ case_state = set_posix_case_semantics(ctx, conn);
+ if (!case_state) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ goto out;
+ }
+ }
+
status = filename_convert(ctx,
conn,
req->flags2 & FLAGS2_DFS_PATHNAMES,
NULL,
&smb_fname);
+ TALLOC_FREE(case_state);
+
if (!NT_STATUS_IS_OK(status)) {
if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
reply_botherror(req,
? BATCH_OPLOCK : 0;
}
+ /*
+ * Bug #6898 - clients using Windows opens should
+ * never be able to set this attribute into the
+ * VFS.
+ */
+ file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
+
status = SMB_VFS_CREATE_FILE(
conn, /* conn */
req, /* req */
file_attributes, /* file_attributes */
oplock_request, /* oplock_request */
allocation_size, /* allocation_size */
+ 0, /* private_flags */
sd, /* sd */
ea_list, /* ea_list */
&fsp, /* result */
}
file_len = smb_fname->st.st_ex_size;
- fattr = dos_mode(conn, smb_fname);
- if (fattr == 0) {
- fattr = FILE_ATTRIBUTE_NORMAL;
- }
/* Realloc the size of parameters and data we will return */
if (flags & EXTENDED_RESPONSE_REQUIRED) {
}
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
goto out;
}
}
p += 8;
+ fattr = dos_mode(conn, smb_fname);
+ if (fattr == 0) {
+ fattr = FILE_ATTRIBUTE_NORMAL;
+ }
+
/* Deal with other possible opens having a modified
write time. JRA. */
ZERO_STRUCT(write_time_ts);
- get_file_infos(fsp->file_id, NULL, &write_time_ts);
+ get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
if (!null_timespec(write_time_ts)) {
update_stat_ex_mtime(&smb_fname->st, write_time_ts);
}
SOFF_T(p,0,file_len);
p += 8;
if (flags & EXTENDED_RESPONSE_REQUIRED) {
- SSVAL(p,2,0x7);
+ uint16_t file_status = (NO_EAS|NO_SUBSTREAMS|NO_REPARSETAG);
+ size_t num_names = 0;
+ unsigned int num_streams;
+ struct stream_struct *streams = NULL;
+
+ /* Do we have any EA's ? */
+ status = get_ea_names_from_file(ctx, conn, fsp,
+ smb_fname->base_name, NULL, &num_names);
+ if (NT_STATUS_IS_OK(status) && num_names) {
+ file_status &= ~NO_EAS;
+ }
+ status = SMB_VFS_STREAMINFO(conn, NULL, smb_fname->base_name, ctx,
+ &num_streams, &streams);
+ /* There is always one stream, ::$DATA. */
+ if (NT_STATUS_IS_OK(status) && num_streams > 1) {
+ file_status &= ~NO_SUBSTREAMS;
+ }
+ TALLOC_FREE(streams);
+ SSVAL(p,2,file_status);
}
p += 4;
SCVAL(p,0,fsp->is_directory ? 1 : 0);
*/
START_PROFILE(SMBntcancel);
- srv_cancel_sign_response(smbd_server_conn);
- remove_pending_change_notify_requests_by_mid(req->mid);
- remove_pending_lock_requests_by_mid(req->mid);
+ srv_cancel_sign_response(req->sconn);
+ remove_pending_change_notify_requests_by_mid(req->sconn, req->mid);
+ remove_pending_lock_requests_by_mid_smb1(req->sconn, req->mid);
- DEBUG(3,("reply_ntcancel: cancel called on mid = %d.\n", req->mid));
+ DEBUG(3,("reply_ntcancel: cancel called on mid = %llu.\n",
+ (unsigned long long)req->mid));
END_PROFILE(SMBntcancel);
return;
req, /* req */
0, /* root_dir_fid */
smb_fname_src, /* fname */
- FILE_READ_DATA, /* access_mask */
+ FILE_READ_DATA|FILE_READ_ATTRIBUTES|
+ FILE_READ_EA, /* access_mask */
(FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
FILE_SHARE_DELETE),
FILE_OPEN, /* create_disposition*/
FILE_ATTRIBUTE_NORMAL, /* file_attributes */
NO_OPLOCK, /* oplock_request */
0, /* allocation_size */
+ 0, /* private_flags */
NULL, /* sd */
NULL, /* ea_list */
&fsp1, /* result */
req, /* req */
0, /* root_dir_fid */
smb_fname_dst, /* fname */
- FILE_WRITE_DATA, /* access_mask */
+ FILE_WRITE_DATA|FILE_WRITE_ATTRIBUTES|
+ FILE_WRITE_EA, /* access_mask */
(FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
FILE_SHARE_DELETE),
FILE_CREATE, /* create_disposition*/
fattr, /* file_attributes */
NO_OPLOCK, /* oplock_request */
0, /* allocation_size */
+ 0, /* private_flags */
NULL, /* sd */
NULL, /* ea_list */
&fsp2, /* result */
close_file(NULL, fsp1, NORMAL_CLOSE);
/* Ensure the modtime is set correctly on the destination file. */
- set_close_write_time(NULL, fsp2, smb_fname_src->st.st_ex_mtime);
+ set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
status = close_file(NULL, fsp2, NORMAL_CLOSE);
uint32_t ucf_flags_dst = 0;
uint16 rename_type;
TALLOC_CTX *ctx = talloc_tos();
+ bool stream_rename = false;
START_PROFILE(SMBntrename);
goto out;
}
- /* The newname must begin with a ':' if the oldname contains a ':'. */
- if (strchr_m(oldname, ':') && (newname[0] != ':')) {
- reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
- goto out;
+ if (!lp_posix_pathnames()) {
+ /* The newname must begin with a ':' if the
+ oldname contains a ':'. */
+ if (strchr_m(oldname, ':')) {
+ if (newname[0] != ':') {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ goto out;
+ }
+ stream_rename = true;
+ }
}
/*
goto out;
}
+ if (stream_rename) {
+ /* smb_fname_new must be the same as smb_fname_old. */
+ TALLOC_FREE(smb_fname_new->base_name);
+ smb_fname_new->base_name = talloc_strdup(smb_fname_new,
+ smb_fname_old->base_name);
+ if (!smb_fname_new->base_name) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ goto out;
+ }
+ }
+
DEBUG(3,("reply_ntrename: %s -> %s\n",
smb_fname_str_dbg(smb_fname_old),
smb_fname_str_dbg(smb_fname_new)));
status = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
} else {
status = hardlink_internals(ctx, conn,
+ req,
+ false,
smb_fname_old,
smb_fname_new);
}
bool recursive;
if(setup_count < 6) {
- reply_doserror(req, ERRDOS, ERRbadfunc);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
DEBUG(3,("call_nt_transact_notify_change\n"));
if(!fsp) {
- reply_doserror(req, ERRDOS, ERRbadfid);
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
return;
}
* here.
*/
- change_notify_reply(fsp->conn, req,
+ change_notify_reply(req,
NT_STATUS_OK,
max_param_count,
fsp->notify,
TALLOC_CTX *ctx = talloc_tos();
if(parameter_count < 5) {
- reply_doserror(req, ERRDOS, ERRbadfunc);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
Fake up a completely empty SD.
*******************************************************************************/
-static NTSTATUS get_null_nt_acl(TALLOC_CTX *mem_ctx, SEC_DESC **ppsd)
+static NTSTATUS get_null_nt_acl(TALLOC_CTX *mem_ctx, struct security_descriptor **ppsd)
{
size_t sd_size;
/****************************************************************************
Reply to query a security descriptor.
+ Callable from SMB2 and SMB2.
+ If it returns NT_STATUS_BUFFER_TOO_SMALL, pdata_size is initialized with
+ the required size.
+****************************************************************************/
+
+NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
+ TALLOC_CTX *mem_ctx,
+ files_struct *fsp,
+ uint32_t security_info_wanted,
+ uint32_t max_data_count,
+ uint8_t **ppmarshalled_sd,
+ size_t *psd_size)
+{
+ NTSTATUS status;
+ struct security_descriptor *psd = NULL;
+
+ /*
+ * Get the permissions to return.
+ */
+
+ if ((security_info_wanted & SECINFO_SACL) &&
+ !(fsp->access_mask & SEC_FLAG_SYSTEM_SECURITY)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if ((security_info_wanted & (SECINFO_DACL|SECINFO_OWNER|SECINFO_GROUP)) &&
+ !(fsp->access_mask & SEC_STD_READ_CONTROL)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if (!lp_nt_acl_support(SNUM(conn))) {
+ status = get_null_nt_acl(mem_ctx, &psd);
+ } else {
+ status = SMB_VFS_FGET_NT_ACL(
+ fsp, security_info_wanted, &psd);
+ }
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
+ if (!(security_info_wanted & SECINFO_OWNER)) {
+ psd->owner_sid = NULL;
+ }
+ if (!(security_info_wanted & SECINFO_GROUP)) {
+ psd->group_sid = NULL;
+ }
+ if (!(security_info_wanted & SECINFO_DACL)) {
+ psd->dacl = NULL;
+ }
+ if (!(security_info_wanted & SECINFO_SACL)) {
+ psd->sacl = NULL;
+ }
+
+ /* If the SACL/DACL is NULL, but was requested, we mark that it is
+ * present in the reply to match Windows behavior */
+ if (psd->sacl == NULL &&
+ security_info_wanted & SECINFO_SACL)
+ psd->type |= SEC_DESC_SACL_PRESENT;
+ if (psd->dacl == NULL &&
+ security_info_wanted & SECINFO_DACL)
+ psd->type |= SEC_DESC_DACL_PRESENT;
+
+ *psd_size = ndr_size_security_descriptor(psd, 0);
+
+ DEBUG(3,("smbd_do_query_security_desc: sd_size = %lu.\n",
+ (unsigned long)*psd_size));
+
+ if (DEBUGLEVEL >= 10) {
+ DEBUG(10,("smbd_do_query_security_desc for file %s\n",
+ fsp_str_dbg(fsp)));
+ NDR_PRINT_DEBUG(security_descriptor, psd);
+ }
+
+ if (max_data_count < *psd_size) {
+ TALLOC_FREE(psd);
+ return NT_STATUS_BUFFER_TOO_SMALL;
+ }
+
+ status = marshall_sec_desc(mem_ctx, psd,
+ ppmarshalled_sd, psd_size);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(psd);
+ return status;
+ }
+
+ TALLOC_FREE(psd);
+ return NT_STATUS_OK;
+}
+
+/****************************************************************************
+ SMB1 reply to query a security descriptor.
****************************************************************************/
static void call_nt_transact_query_security_desc(connection_struct *conn,
{
char *params = *ppparams;
char *data = *ppdata;
- SEC_DESC *psd = NULL;
- size_t sd_size;
+ size_t sd_size = 0;
uint32 security_info_wanted;
files_struct *fsp = NULL;
NTSTATUS status;
- DATA_BLOB blob;
+ uint8_t *marshalled_sd = NULL;
if(parameter_count < 8) {
- reply_doserror(req, ERRDOS, ERRbadfunc);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
fsp = file_fsp(req, SVAL(params,0));
if(!fsp) {
- reply_doserror(req, ERRDOS, ERRbadfid);
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
return;
}
params = nttrans_realloc(ppparams, 4);
if(params == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
* Get the permissions to return.
*/
- if (!lp_nt_acl_support(SNUM(conn))) {
- status = get_null_nt_acl(talloc_tos(), &psd);
- } else {
- status = SMB_VFS_FGET_NT_ACL(
- fsp, security_info_wanted, &psd);
- }
+ status = smbd_do_query_security_desc(conn,
+ talloc_tos(),
+ fsp,
+ security_info_wanted,
+ max_data_count,
+ &marshalled_sd,
+ &sd_size);
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_BUFFER_TOO_SMALL)) {
+ SIVAL(params,0,(uint32_t)sd_size);
+ send_nt_replies(conn, req, NT_STATUS_BUFFER_TOO_SMALL,
+ params, 4, NULL, 0);
+ return;
+ }
+
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;
}
- /* If the SACL/DACL is NULL, but was requested, we mark that it is
- * present in the reply to match Windows behavior */
- if (psd->sacl == NULL &&
- security_info_wanted & SACL_SECURITY_INFORMATION)
- psd->type |= SEC_DESC_SACL_PRESENT;
- if (psd->dacl == NULL &&
- security_info_wanted & DACL_SECURITY_INFORMATION)
- psd->type |= SEC_DESC_DACL_PRESENT;
-
- sd_size = ndr_size_security_descriptor(psd, NULL, 0);
-
- DEBUG(3,("call_nt_transact_query_security_desc: sd_size = %lu.\n",(unsigned long)sd_size));
-
- if (DEBUGLEVEL >= 10) {
- DEBUG(10,("call_nt_transact_query_security_desc for file %s\n",
- fsp_str_dbg(fsp)));
- NDR_PRINT_DEBUG(security_descriptor, psd);
- }
+ SMB_ASSERT(sd_size > 0);
- SIVAL(params,0,(uint32)sd_size);
+ SIVAL(params,0,(uint32_t)sd_size);
if (max_data_count < sd_size) {
send_nt_replies(conn, req, NT_STATUS_BUFFER_TOO_SMALL,
- params, 4, *ppdata, 0);
+ params, 4, NULL, 0);
return;
}
/*
- * Allocate the data we will point this at.
+ * Allocate the data we will return.
*/
data = nttrans_realloc(ppdata, sd_size);
if(data == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
- status = marshall_sec_desc(talloc_tos(), psd,
- &blob.data, &blob.length);
-
- if (!NT_STATUS_IS_OK(status)) {
- reply_nterror(req, status);
- return;
- }
-
- SMB_ASSERT(sd_size == blob.length);
- memcpy(data, blob.data, sd_size);
+ memcpy(data, marshalled_sd, sd_size);
send_nt_replies(conn, req, NT_STATUS_OK, params, 4, data, (int)sd_size);
NTSTATUS status;
if(parameter_count < 8) {
- reply_doserror(req, ERRDOS, ERRbadfunc);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
if((fsp = file_fsp(req, SVAL(params,0))) == NULL) {
- reply_doserror(req, ERRDOS, ERRbadfid);
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ return;
+ }
+
+ if (!CAN_WRITE(fsp->conn)) {
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return;
}
fsp_str_dbg(fsp), (unsigned int)security_info_sent));
if (data_count == 0) {
- reply_doserror(req, ERRDOS, ERRnoaccess);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
switch (function) {
case FSCTL_SET_SPARSE:
- /* pretend this succeeded - tho strictly we should
- mark the file sparse (if the local fs supports it)
- so we can know if we need to pre-allocate or not */
+ {
+ bool set_sparse = true;
+ NTSTATUS status;
- DEBUG(10,("FSCTL_SET_SPARSE: called on FID[0x%04X](but not implemented)\n", fidnum));
+ if (data_count >= 1 && pdata[0] == 0) {
+ set_sparse = false;
+ }
+
+ DEBUG(10,("FSCTL_SET_SPARSE: called on FID[0x%04X]set[%u]\n",
+ fidnum, set_sparse));
+
+ if (!check_fsp_open(conn, req, fsp)) {
+ return;
+ }
+
+ status = file_set_sparse(conn, fsp, set_sparse);
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(9,("FSCTL_SET_SPARSE: fname[%s] set[%u] - %s\n",
+ smb_fname_str_dbg(fsp->fsp_name), set_sparse, nt_errstr(status)));
+ reply_nterror(req, status);
+ return;
+ }
+
+ DEBUG(10,("FSCTL_SET_SPARSE: fname[%s] set[%u] - %s\n",
+ smb_fname_str_dbg(fsp->fsp_name), set_sparse, nt_errstr(status)));
send_nt_replies(conn, req, NT_STATUS_OK, NULL, 0, NULL, 0);
return;
-
+ }
case FSCTL_CREATE_OR_GET_OBJECT_ID:
{
unsigned char objid[16];
DEBUG(10,("FSCTL_CREATE_OR_GET_OBJECT_ID: called on FID[0x%04X]\n",fidnum));
- if (!fsp_belongs_conn(conn, req, fsp)) {
+ if (!check_fsp_open(conn, req, fsp)) {
return;
}
uint32 i;
char *cur_pdata;
- if (!fsp_belongs_conn(conn, req, fsp)) {
+ if (!check_fsp_open(conn, req, fsp)) {
return;
}
*
* but I have to check that --metze
*/
- DOM_SID sid;
+ struct dom_sid sid;
uid_t uid;
- size_t sid_len = MIN(data_count-4,SID_MAX_SIZE);
+ size_t sid_len;
DEBUG(10,("FSCTL_FIND_FILES_BY_SID: called on FID[0x%04X]\n",fidnum));
- if (!fsp_belongs_conn(conn, req, fsp)) {
+ if (!check_fsp_open(conn, req, fsp)) {
+ return;
+ }
+
+ if (data_count < 8) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
+ sid_len = MIN(data_count-4,SID_MAX_SIZE);
+
/* unknown 4 bytes: this is not the length of the sid :-( */
/*unknown = IVAL(pdata,0);*/
- sid_parse(pdata+4,sid_len,&sid);
+ if (!sid_parse(pdata+4,sid_len,&sid)) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
DEBUGADD(10, ("for SID: %s\n", sid_string_dbg(&sid)));
if (!sid_to_uid(&sid, &uid)) {
send_nt_replies(conn, req, NT_STATUS_OK, NULL, 0, NULL, 0);
return;
}
+ case FSCTL_QUERY_ALLOCATED_RANGES:
+ {
+ /* FIXME: This is just a dummy reply, telling that all of the
+ * file is allocated. MKS cp needs that.
+ * Adding the real allocated ranges via FIEMAP on Linux
+ * and SEEK_DATA/SEEK_HOLE on Solaris is needed to make
+ * this FSCTL correct for sparse files.
+ */
+ NTSTATUS status;
+ uint64_t offset, length;
+
+ if (!check_fsp_open(conn, req, fsp)) {
+ return;
+ }
+
+ if (data_count != 16) {
+ DEBUG(0,("FSCTL_QUERY_ALLOCATED_RANGES: data_count(%u) != 16 is invalid!\n",
+ data_count));
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
+
+ if (max_data_count < 16) {
+ DEBUG(0,("FSCTL_QUERY_ALLOCATED_RANGES: max_data_count(%u) < 16 is invalid!\n",
+ max_data_count));
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
+
+ offset = BVAL(pdata,0);
+ length = BVAL(pdata,8);
+
+ if (offset + length < offset) {
+ /* No 64-bit integer wrap. */
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
+
+ status = vfs_stat_fsp(fsp);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ return;
+ }
+
+ if (offset > fsp->fsp_name->st.st_ex_size ||
+ fsp->fsp_name->st.st_ex_size == 0 ||
+ length == 0) {
+ send_nt_replies(conn, req, NT_STATUS_OK, NULL, 0, NULL, 0);
+ } else {
+ uint64_t end = offset + length;
+ end = MIN(end, fsp->fsp_name->st.st_ex_size);
+ SBVAL(pdata,0,0);
+ SBVAL(pdata,8,end);
+ send_nt_replies(conn, req, NT_STATUS_OK, NULL, 0,
+ pdata, 16);
+ }
+ return;
+ }
+ case FSCTL_IS_VOLUME_DIRTY:
+ DEBUG(10,("FSCTL_IS_VOLUME_DIRTY: called on FID[0x%04X] "
+ "(but not implemented)\n", (int)fidnum));
+ /*
+ * http://msdn.microsoft.com/en-us/library/cc232128%28PROT.10%29.aspx
+ * says we have to respond with NT_STATUS_INVALID_PARAMETER
+ */
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
default:
+ /* Only print this once... */
if (!logged_ioctl_message) {
- logged_ioctl_message = true; /* Only print this once... */
- DEBUG(0,("call_nt_transact_ioctl(0x%x): Currently not implemented.\n",
+ logged_ioctl_message = true;
+ DEBUG(2,("call_nt_transact_ioctl(0x%x): "
+ "Currently not implemented.\n",
function));
}
}
files_struct *fsp = NULL;
uint16 level = 0;
size_t sid_len;
- DOM_SID sid;
+ struct dom_sid sid;
bool start_enum = True;
SMB_NTQUOTA_STRUCT qt;
SMB_NTQUOTA_LIST *tmp_list;
ZERO_STRUCT(qt);
/* access check */
- if (conn->server_info->utok.uid != 0) {
+ if (conn->session_info->utok.uid != 0) {
DEBUG(1,("get_user_quota: access_denied service [%s] user "
"[%s]\n", lp_servicename(SNUM(conn)),
- conn->server_info->unix_name));
- reply_doserror(req, ERRDOS, ERRnoaccess);
+ conn->session_info->unix_name));
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return;
}
if (parameter_count < 4) {
DEBUG(0,("TRANSACT_GET_USER_QUOTA: requires %d >= 4 bytes parameters\n",parameter_count));
- reply_doserror(req, ERRDOS, ERRinvalidparam);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
param_len = 4;
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
}
if (start_enum && vfs_get_user_ntquota_list(fsp,&(qt_handle->quota_list))!=0) {
- reply_doserror(req, ERRSRV, ERRerror);
+ reply_nterror(req, NT_STATUS_INTERNAL_ERROR);
return;
}
param_len = 4;
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
pdata = nttrans_realloc(ppdata, max_data_count);/* should be max data count from client*/
if(pdata == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
tmp_list=tmp_list->next,entry+=entry_len,qt_len+=entry_len) {
sid_len = ndr_size_dom_sid(
- &tmp_list->quotas->sid, NULL, 0);
+ &tmp_list->quotas->sid, 0);
entry_len = 40 + sid_len;
/* nextoffset entry 4 bytes */
if (data_count < 8) {
DEBUG(0,("TRANSACT_GET_USER_QUOTA_FOR_SID: requires %d >= %d bytes data\n",data_count,8));
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
}
sid_len = IVAL(pdata,4);
/* Ensure this is less than 1mb. */
if (sid_len > (1024*1024)) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
if (data_count < 8+sid_len) {
DEBUG(0,("TRANSACT_GET_USER_QUOTA_FOR_SID: requires %d >= %lu bytes data\n",data_count,(unsigned long)(8+sid_len)));
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
}
break;
}
- sid_parse(pdata+8,sid_len,&sid);
+ if (!sid_parse(pdata+8,sid_len,&sid)) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
if (vfs_get_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &qt)!=0) {
ZERO_STRUCT(qt);
param_len = 4;
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
pdata = nttrans_realloc(ppdata, data_len);
if(pdata == NULL) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
return;
}
default:
DEBUG(0,("do_nt_transact_get_user_quota: fnum %d unknown level 0x%04hX\n",fsp->fnum,level));
- reply_doserror(req, ERRSRV, ERRerror);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
break;
}
int data_len=0,param_len=0;
SMB_NTQUOTA_STRUCT qt;
size_t sid_len;
- DOM_SID sid;
+ struct dom_sid sid;
files_struct *fsp = NULL;
ZERO_STRUCT(qt);
/* access check */
- if (conn->server_info->utok.uid != 0) {
+ if (conn->session_info->utok.uid != 0) {
DEBUG(1,("set_user_quota: access_denied service [%s] user "
"[%s]\n", lp_servicename(SNUM(conn)),
- conn->server_info->unix_name));
- reply_doserror(req, ERRDOS, ERRnoaccess);
+ conn->session_info->unix_name));
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
return;
}
if (parameter_count < 2) {
DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= 2 bytes parameters\n",parameter_count));
- reply_doserror(req, ERRDOS, ERRinvalidparam);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
if (data_count < 40) {
DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= %d bytes data\n",data_count,40));
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
/* sid len */
sid_len = IVAL(pdata,4);
- if (data_count < 40+sid_len) {
+ if (data_count < 40+sid_len || (40+sid_len < sid_len)) {
DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= %lu bytes data\n",data_count,(unsigned long)40+sid_len));
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
return;
}
((qt.usedspace != 0xFFFFFFFF)||
(IVAL(pdata,20)!=0xFFFFFFFF))) {
/* more than 32 bits? */
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
}
#endif /* LARGE_SMB_OFF_T */
((qt.softlim != 0xFFFFFFFF)||
(IVAL(pdata,28)!=0xFFFFFFFF))) {
/* more than 32 bits? */
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
}
#endif /* LARGE_SMB_OFF_T */
((qt.hardlim != 0xFFFFFFFF)||
(IVAL(pdata,36)!=0xFFFFFFFF))) {
/* more than 32 bits? */
- reply_doserror(req, ERRDOS, ERRunknownlevel);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
}
#endif /* LARGE_SMB_OFF_T */
- sid_parse(pdata+40,sid_len,&sid);
+ if (!sid_parse(pdata+40,sid_len,&sid)) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
+
DEBUGADD(8,("SID: %s\n", sid_string_dbg(&sid)));
/* 44 unknown bytes left... */
if (vfs_set_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &qt)!=0) {
- reply_doserror(req, ERRSRV, ERRerror);
+ reply_nterror(req, NT_STATUS_INTERNAL_ERROR);
return;
}
/* Error in request */
DEBUG(0,("handle_nttrans: Unknown request %d in "
"nttrans call\n", state->call));
- reply_doserror(req, ERRSRV, ERRerror);
+ reply_nterror(req, NT_STATUS_INVALID_LEVEL);
return;
}
return;
function_code = SVAL(req->vwv+18, 0);
if (IS_IPC(conn) && (function_code != NT_TRANSACT_CREATE)) {
- reply_doserror(req, ERRSRV, ERRaccess);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
END_PROFILE(SMBnttrans);
return;
}
}
if ((state = TALLOC_P(conn, struct trans_state)) == NULL) {
- reply_doserror(req, ERRSRV, ERRaccess);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBnttrans);
return;
}
/* Don't allow more than 128mb for each value. */
if ((state->total_data > (1024*1024*128)) ||
(state->total_param > (1024*1024*128))) {
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBnttrans);
return;
}
DEBUG(0,("reply_nttrans: data malloc fail for %u "
"bytes !\n", (unsigned int)state->total_data));
TALLOC_FREE(state);
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBnttrans);
return;
}
"bytes !\n", (unsigned int)state->total_param));
SAFE_FREE(state->data);
TALLOC_FREE(state);
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBnttrans);
return;
}
SAFE_FREE(state->data);
SAFE_FREE(state->param);
TALLOC_FREE(state);
- reply_doserror(req, ERRDOS, ERRnomem);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBnttrans);
return;
}