2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!posix_path && !stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started = true;
86 start_of_name_component = false;
90 return NT_STATUS_OBJECT_NAME_INVALID;
94 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s,posix_path)) {
103 if ((d != path) && (*s != '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component = True;
110 *p_last_component_contains_wcard = False;
114 if (start_of_name_component) {
115 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d > path) && (*(d-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d--; d > path; d--) {
141 s += 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
157 if (*s <= 0x1f || *s == '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID;
166 *p_last_component_contains_wcard = True;
175 /* Get the size of the next MB character. */
176 next_codepoint(s,&siz);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER;
199 start_of_name_component = False;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS check_path_syntax(char *path)
215 return check_path_syntax_internal(path, False, &ignore);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
226 return check_path_syntax_internal(path, False, p_contains_wcard);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS check_path_syntax_posix(char *path)
238 return check_path_syntax_internal(path, True, &ignore);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
246 const char *base_ptr,
253 bool *contains_wcard)
259 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
263 *err = NT_STATUS_INVALID_PARAMETER;
267 *contains_wcard = False;
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(*pp_dest);
281 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX *ctx,
292 const char *base_ptr,
301 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
302 src_len, flags, err, &ignore);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
306 char **pp_dest, const char *src, int flags,
307 NTSTATUS *err, bool *contains_wcard)
309 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
310 pp_dest, src, smbreq_bufrem(req, src),
311 flags, err, contains_wcard);
314 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
315 char **pp_dest, const char *src, int flags,
319 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
320 flags, err, &ignore);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
330 if (!(fsp) || !(conn)) {
331 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
334 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
335 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct *conn, struct smb_request *req,
348 if (!check_fsp_open(conn, req, fsp)) {
351 if ((fsp)->is_directory) {
352 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
355 if ((fsp)->fh->fd == -1) {
356 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
359 (fsp)->num_smb_operations++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
371 if (!check_fsp_open(conn, req, fsp)) {
375 if (fsp->is_directory) {
379 if (fsp->fake_file_handle == NULL) {
383 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
387 if (fsp->fake_file_handle->private_data == NULL) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
401 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
402 && (req->vuid == (fsp)->vuid)) {
406 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
410 /****************************************************************************
411 Reply to a (netbios-level) special message.
412 ****************************************************************************/
414 void reply_special(char *inbuf)
416 int msg_type = CVAL(inbuf,0);
417 int msg_flags = CVAL(inbuf,1);
422 * We only really use 4 bytes of the outbuf, but for the smb_setlen
423 * calculation & friends (srv_send_smb uses that) we need the full smb
426 char outbuf[smb_size];
430 memset(outbuf, '\0', sizeof(outbuf));
432 smb_setlen(outbuf,0);
435 case 0x81: /* session request */
437 if (already_got_session) {
438 exit_server_cleanly("multiple session request not permitted");
441 SCVAL(outbuf,0,0x82);
443 if (name_len(inbuf+4) > 50 ||
444 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
445 DEBUG(0,("Invalid name length in session request\n"));
448 name_extract(inbuf,4,name1);
449 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
450 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
453 set_local_machine_name(name1, True);
454 set_remote_machine_name(name2, True);
456 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
457 get_local_machine_name(), get_remote_machine_name(),
460 if (name_type == 'R') {
461 /* We are being asked for a pathworks session ---
463 SCVAL(outbuf, 0,0x83);
467 /* only add the client's machine name to the list
468 of possibly valid usernames if we are operating
469 in share mode security */
470 if (lp_security() == SEC_SHARE) {
471 add_session_user(get_remote_machine_name());
474 reload_services(True);
477 already_got_session = True;
480 case 0x89: /* session keepalive request
481 (some old clients produce this?) */
482 SCVAL(outbuf,0,SMBkeepalive);
486 case 0x82: /* positive session response */
487 case 0x83: /* negative session response */
488 case 0x84: /* retarget session response */
489 DEBUG(0,("Unexpected session response\n"));
492 case SMBkeepalive: /* session keepalive */
497 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
498 msg_type, msg_flags));
500 srv_send_smb(smbd_server_fd(), outbuf, false, NULL);
504 /****************************************************************************
506 conn POINTER CAN BE NULL HERE !
507 ****************************************************************************/
509 void reply_tcon(struct smb_request *req)
511 connection_struct *conn = req->conn;
513 char *service_buf = NULL;
514 char *password = NULL;
519 DATA_BLOB password_blob;
520 TALLOC_CTX *ctx = talloc_tos();
522 START_PROFILE(SMBtcon);
524 if (req->buflen < 4) {
525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
526 END_PROFILE(SMBtcon);
530 p = (const char *)req->buf + 1;
531 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
533 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
535 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
538 if (service_buf == NULL || password == NULL || dev == NULL) {
539 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
540 END_PROFILE(SMBtcon);
543 p = strrchr_m(service_buf,'\\');
547 service = service_buf;
550 password_blob = data_blob(password, pwlen+1);
552 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
555 data_blob_clear_free(&password_blob);
558 reply_nterror(req, nt_status);
559 END_PROFILE(SMBtcon);
563 reply_outbuf(req, 2, 0);
564 SSVAL(req->outbuf,smb_vwv0,max_recv);
565 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
566 SSVAL(req->outbuf,smb_tid,conn->cnum);
568 DEBUG(3,("tcon service=%s cnum=%d\n",
569 service, conn->cnum));
571 END_PROFILE(SMBtcon);
575 /****************************************************************************
576 Reply to a tcon and X.
577 conn POINTER CAN BE NULL HERE !
578 ****************************************************************************/
580 void reply_tcon_and_X(struct smb_request *req)
582 connection_struct *conn = req->conn;
583 const char *service = NULL;
585 TALLOC_CTX *ctx = talloc_tos();
586 /* what the cleint thinks the device is */
587 char *client_devicetype = NULL;
588 /* what the server tells the client the share represents */
589 const char *server_devicetype;
596 START_PROFILE(SMBtconX);
599 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
600 END_PROFILE(SMBtconX);
604 passlen = SVAL(req->vwv+3, 0);
605 tcon_flags = SVAL(req->vwv+2, 0);
607 /* we might have to close an old one */
608 if ((tcon_flags & 0x1) && conn) {
609 close_cnum(conn,req->vuid);
614 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
615 reply_doserror(req, ERRDOS, ERRbuftoosmall);
616 END_PROFILE(SMBtconX);
620 if (global_encrypted_passwords_negotiated) {
621 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
622 if (lp_security() == SEC_SHARE) {
624 * Security = share always has a pad byte
625 * after the password.
627 p = (const char *)req->buf + passlen + 1;
629 p = (const char *)req->buf + passlen;
632 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
633 /* Ensure correct termination */
634 password.data[passlen]=0;
635 p = (const char *)req->buf + passlen + 1;
638 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
641 data_blob_clear_free(&password);
642 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
643 END_PROFILE(SMBtconX);
648 * the service name can be either: \\server\share
649 * or share directly like on the DELL PowerVault 705
652 q = strchr_m(path+2,'\\');
654 data_blob_clear_free(&password);
655 reply_doserror(req, ERRDOS, ERRnosuchshare);
656 END_PROFILE(SMBtconX);
664 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
665 &client_devicetype, p,
666 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
668 if (client_devicetype == NULL) {
669 data_blob_clear_free(&password);
670 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
671 END_PROFILE(SMBtconX);
675 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
677 conn = make_connection(service, password, client_devicetype,
678 req->vuid, &nt_status);
681 data_blob_clear_free(&password);
684 reply_nterror(req, nt_status);
685 END_PROFILE(SMBtconX);
690 server_devicetype = "IPC";
691 else if ( IS_PRINT(conn) )
692 server_devicetype = "LPT1:";
694 server_devicetype = "A:";
696 if (Protocol < PROTOCOL_NT1) {
697 reply_outbuf(req, 2, 0);
698 if (message_push_string(&req->outbuf, server_devicetype,
699 STR_TERMINATE|STR_ASCII) == -1) {
700 reply_nterror(req, NT_STATUS_NO_MEMORY);
701 END_PROFILE(SMBtconX);
705 /* NT sets the fstype of IPC$ to the null string */
706 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
708 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
709 /* Return permissions. */
713 reply_outbuf(req, 7, 0);
716 perm1 = FILE_ALL_ACCESS;
717 perm2 = FILE_ALL_ACCESS;
719 perm1 = CAN_WRITE(conn) ?
724 SIVAL(req->outbuf, smb_vwv3, perm1);
725 SIVAL(req->outbuf, smb_vwv5, perm2);
727 reply_outbuf(req, 3, 0);
730 if ((message_push_string(&req->outbuf, server_devicetype,
731 STR_TERMINATE|STR_ASCII) == -1)
732 || (message_push_string(&req->outbuf, fstype,
733 STR_TERMINATE) == -1)) {
734 reply_nterror(req, NT_STATUS_NO_MEMORY);
735 END_PROFILE(SMBtconX);
739 /* what does setting this bit do? It is set by NT4 and
740 may affect the ability to autorun mounted cdroms */
741 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
742 (lp_csc_policy(SNUM(conn)) << 2));
744 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
745 DEBUG(2,("Serving %s as a Dfs root\n",
746 lp_servicename(SNUM(conn)) ));
747 SSVAL(req->outbuf, smb_vwv2,
748 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
753 DEBUG(3,("tconX service=%s \n",
756 /* set the incoming and outgoing tid to the just created one */
757 SSVAL(req->inbuf,smb_tid,conn->cnum);
758 SSVAL(req->outbuf,smb_tid,conn->cnum);
760 END_PROFILE(SMBtconX);
766 /****************************************************************************
767 Reply to an unknown type.
768 ****************************************************************************/
770 void reply_unknown_new(struct smb_request *req, uint8 type)
772 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
773 smb_fn_name(type), type, type));
774 reply_doserror(req, ERRSRV, ERRunknownsmb);
778 /****************************************************************************
780 conn POINTER CAN BE NULL HERE !
781 ****************************************************************************/
783 void reply_ioctl(struct smb_request *req)
785 connection_struct *conn = req->conn;
792 START_PROFILE(SMBioctl);
795 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
796 END_PROFILE(SMBioctl);
800 device = SVAL(req->vwv+1, 0);
801 function = SVAL(req->vwv+2, 0);
802 ioctl_code = (device << 16) + function;
804 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
806 switch (ioctl_code) {
807 case IOCTL_QUERY_JOB_INFO:
811 reply_doserror(req, ERRSRV, ERRnosupport);
812 END_PROFILE(SMBioctl);
816 reply_outbuf(req, 8, replysize+1);
817 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
818 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
819 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
820 p = smb_buf(req->outbuf);
821 memset(p, '\0', replysize+1); /* valgrind-safe. */
822 p += 1; /* Allow for alignment */
824 switch (ioctl_code) {
825 case IOCTL_QUERY_JOB_INFO:
827 files_struct *fsp = file_fsp(
828 req, SVAL(req->vwv+0, 0));
830 reply_doserror(req, ERRDOS, ERRbadfid);
831 END_PROFILE(SMBioctl);
834 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
835 srvstr_push((char *)req->outbuf, req->flags2, p+2,
837 STR_TERMINATE|STR_ASCII);
839 srvstr_push((char *)req->outbuf, req->flags2,
840 p+18, lp_servicename(SNUM(conn)),
841 13, STR_TERMINATE|STR_ASCII);
849 END_PROFILE(SMBioctl);
853 /****************************************************************************
854 Strange checkpath NTSTATUS mapping.
855 ****************************************************************************/
857 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
859 /* Strange DOS error code semantics only for checkpath... */
860 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
861 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
862 /* We need to map to ERRbadpath */
863 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
869 /****************************************************************************
870 Reply to a checkpath.
871 ****************************************************************************/
873 void reply_checkpath(struct smb_request *req)
875 connection_struct *conn = req->conn;
877 SMB_STRUCT_STAT sbuf;
879 TALLOC_CTX *ctx = talloc_tos();
881 START_PROFILE(SMBcheckpath);
883 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
884 STR_TERMINATE, &status);
886 if (!NT_STATUS_IS_OK(status)) {
887 status = map_checkpath_error(req->flags2, status);
888 reply_nterror(req, status);
889 END_PROFILE(SMBcheckpath);
893 status = resolve_dfspath(ctx, conn,
894 req->flags2 & FLAGS2_DFS_PATHNAMES,
897 if (!NT_STATUS_IS_OK(status)) {
898 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
899 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
901 END_PROFILE(SMBcheckpath);
907 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
909 status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
910 if (!NT_STATUS_IS_OK(status)) {
914 status = check_name(conn, name);
915 if (!NT_STATUS_IS_OK(status)) {
916 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
920 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
921 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
922 status = map_nt_error_from_unix(errno);
926 if (!S_ISDIR(sbuf.st_mode)) {
927 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
929 END_PROFILE(SMBcheckpath);
933 reply_outbuf(req, 0, 0);
935 END_PROFILE(SMBcheckpath);
940 END_PROFILE(SMBcheckpath);
942 /* We special case this - as when a Windows machine
943 is parsing a path is steps through the components
944 one at a time - if a component fails it expects
945 ERRbadpath, not ERRbadfile.
947 status = map_checkpath_error(req->flags2, status);
948 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
950 * Windows returns different error codes if
951 * the parent directory is valid but not the
952 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
953 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
954 * if the path is invalid.
956 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
961 reply_nterror(req, status);
964 /****************************************************************************
966 ****************************************************************************/
968 void reply_getatr(struct smb_request *req)
970 connection_struct *conn = req->conn;
972 SMB_STRUCT_STAT sbuf;
978 TALLOC_CTX *ctx = talloc_tos();
980 START_PROFILE(SMBgetatr);
982 p = (const char *)req->buf + 1;
983 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
984 if (!NT_STATUS_IS_OK(status)) {
985 reply_nterror(req, status);
986 END_PROFILE(SMBgetatr);
990 status = resolve_dfspath(ctx, conn,
991 req->flags2 & FLAGS2_DFS_PATHNAMES,
994 if (!NT_STATUS_IS_OK(status)) {
995 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
996 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
998 END_PROFILE(SMBgetatr);
1001 reply_nterror(req, status);
1002 END_PROFILE(SMBgetatr);
1006 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1007 under WfWg - weird! */
1008 if (*fname == '\0') {
1009 mode = aHIDDEN | aDIR;
1010 if (!CAN_WRITE(conn)) {
1016 status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 reply_nterror(req, status);
1019 END_PROFILE(SMBgetatr);
1022 status = check_name(conn, fname);
1023 if (!NT_STATUS_IS_OK(status)) {
1024 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1025 reply_nterror(req, status);
1026 END_PROFILE(SMBgetatr);
1029 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
1030 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1031 reply_unixerror(req, ERRDOS,ERRbadfile);
1032 END_PROFILE(SMBgetatr);
1036 mode = dos_mode(conn,fname,&sbuf);
1037 size = sbuf.st_size;
1038 mtime = sbuf.st_mtime;
1044 reply_outbuf(req, 10, 0);
1046 SSVAL(req->outbuf,smb_vwv0,mode);
1047 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1048 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1050 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1052 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1054 if (Protocol >= PROTOCOL_NT1) {
1055 SSVAL(req->outbuf, smb_flg2,
1056 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1059 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1061 END_PROFILE(SMBgetatr);
1065 /****************************************************************************
1067 ****************************************************************************/
1069 void reply_setatr(struct smb_request *req)
1071 struct smb_file_time ft;
1072 connection_struct *conn = req->conn;
1076 SMB_STRUCT_STAT sbuf;
1079 TALLOC_CTX *ctx = talloc_tos();
1081 START_PROFILE(SMBsetatr);
1086 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1090 p = (const char *)req->buf + 1;
1091 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1092 if (!NT_STATUS_IS_OK(status)) {
1093 reply_nterror(req, status);
1094 END_PROFILE(SMBsetatr);
1098 status = resolve_dfspath(ctx, conn,
1099 req->flags2 & FLAGS2_DFS_PATHNAMES,
1102 if (!NT_STATUS_IS_OK(status)) {
1103 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1104 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1105 ERRSRV, ERRbadpath);
1106 END_PROFILE(SMBsetatr);
1109 reply_nterror(req, status);
1110 END_PROFILE(SMBsetatr);
1114 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
1115 if (!NT_STATUS_IS_OK(status)) {
1116 reply_nterror(req, status);
1117 END_PROFILE(SMBsetatr);
1121 status = check_name(conn, fname);
1122 if (!NT_STATUS_IS_OK(status)) {
1123 reply_nterror(req, status);
1124 END_PROFILE(SMBsetatr);
1128 if (fname[0] == '.' && fname[1] == '\0') {
1130 * Not sure here is the right place to catch this
1131 * condition. Might be moved to somewhere else later -- vl
1133 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1134 END_PROFILE(SMBsetatr);
1138 mode = SVAL(req->vwv+0, 0);
1139 mtime = srv_make_unix_date3(req->vwv+1);
1141 ft.mtime = convert_time_t_to_timespec(mtime);
1142 status = smb_set_file_time(conn, NULL, fname,
1144 if (!NT_STATUS_IS_OK(status)) {
1145 reply_unixerror(req, ERRDOS, ERRnoaccess);
1146 END_PROFILE(SMBsetatr);
1150 if (mode != FILE_ATTRIBUTE_NORMAL) {
1151 if (VALID_STAT_OF_DIR(sbuf))
1156 if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) {
1157 reply_unixerror(req, ERRDOS, ERRnoaccess);
1158 END_PROFILE(SMBsetatr);
1163 reply_outbuf(req, 0, 0);
1165 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1167 END_PROFILE(SMBsetatr);
1171 /****************************************************************************
1173 ****************************************************************************/
1175 void reply_dskattr(struct smb_request *req)
1177 connection_struct *conn = req->conn;
1178 uint64_t dfree,dsize,bsize;
1179 START_PROFILE(SMBdskattr);
1181 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1182 reply_unixerror(req, ERRHRD, ERRgeneral);
1183 END_PROFILE(SMBdskattr);
1187 reply_outbuf(req, 5, 0);
1189 if (Protocol <= PROTOCOL_LANMAN2) {
1190 double total_space, free_space;
1191 /* we need to scale this to a number that DOS6 can handle. We
1192 use floating point so we can handle large drives on systems
1193 that don't have 64 bit integers
1195 we end up displaying a maximum of 2G to DOS systems
1197 total_space = dsize * (double)bsize;
1198 free_space = dfree * (double)bsize;
1200 dsize = (uint64_t)((total_space+63*512) / (64*512));
1201 dfree = (uint64_t)((free_space+63*512) / (64*512));
1203 if (dsize > 0xFFFF) dsize = 0xFFFF;
1204 if (dfree > 0xFFFF) dfree = 0xFFFF;
1206 SSVAL(req->outbuf,smb_vwv0,dsize);
1207 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1208 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1209 SSVAL(req->outbuf,smb_vwv3,dfree);
1211 SSVAL(req->outbuf,smb_vwv0,dsize);
1212 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1213 SSVAL(req->outbuf,smb_vwv2,512);
1214 SSVAL(req->outbuf,smb_vwv3,dfree);
1217 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1219 END_PROFILE(SMBdskattr);
1223 /****************************************************************************
1225 Can be called from SMBsearch, SMBffirst or SMBfunique.
1226 ****************************************************************************/
1228 void reply_search(struct smb_request *req)
1230 connection_struct *conn = req->conn;
1231 const char *mask = NULL;
1232 char *directory = NULL;
1238 unsigned int numentries = 0;
1239 unsigned int maxentries = 0;
1240 bool finished = False;
1246 bool check_descend = False;
1247 bool expect_close = False;
1249 bool mask_contains_wcard = False;
1250 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1251 TALLOC_CTX *ctx = talloc_tos();
1252 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1254 START_PROFILE(SMBsearch);
1257 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1258 END_PROFILE(SMBsearch);
1262 if (lp_posix_pathnames()) {
1263 reply_unknown_new(req, req->cmd);
1264 END_PROFILE(SMBsearch);
1268 /* If we were called as SMBffirst then we must expect close. */
1269 if(req->cmd == SMBffirst) {
1270 expect_close = True;
1273 reply_outbuf(req, 1, 3);
1274 maxentries = SVAL(req->vwv+0, 0);
1275 dirtype = SVAL(req->vwv+1, 0);
1276 p = (const char *)req->buf + 1;
1277 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1278 &nt_status, &mask_contains_wcard);
1279 if (!NT_STATUS_IS_OK(nt_status)) {
1280 reply_nterror(req, nt_status);
1281 END_PROFILE(SMBsearch);
1285 nt_status = resolve_dfspath_wcard(ctx, conn,
1286 req->flags2 & FLAGS2_DFS_PATHNAMES,
1289 &mask_contains_wcard);
1290 if (!NT_STATUS_IS_OK(nt_status)) {
1291 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1292 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1293 ERRSRV, ERRbadpath);
1294 END_PROFILE(SMBsearch);
1297 reply_nterror(req, nt_status);
1298 END_PROFILE(SMBsearch);
1303 status_len = SVAL(p, 0);
1306 /* dirtype &= ~aDIR; */
1308 if (status_len == 0) {
1309 SMB_STRUCT_STAT sbuf;
1311 nt_status = unix_convert(ctx, conn, path, True,
1312 &directory, NULL, &sbuf);
1313 if (!NT_STATUS_IS_OK(nt_status)) {
1314 reply_nterror(req, nt_status);
1315 END_PROFILE(SMBsearch);
1319 nt_status = check_name(conn, directory);
1320 if (!NT_STATUS_IS_OK(nt_status)) {
1321 reply_nterror(req, nt_status);
1322 END_PROFILE(SMBsearch);
1326 p = strrchr_m(directory,'/');
1327 if ((p != NULL) && (*directory != '/')) {
1329 directory = talloc_strndup(ctx, directory,
1330 PTR_DIFF(p, directory));
1333 directory = talloc_strdup(ctx,".");
1337 reply_nterror(req, NT_STATUS_NO_MEMORY);
1338 END_PROFILE(SMBsearch);
1342 memset((char *)status,'\0',21);
1343 SCVAL(status,0,(dirtype & 0x1F));
1345 nt_status = dptr_create(conn,
1351 mask_contains_wcard,
1354 if (!NT_STATUS_IS_OK(nt_status)) {
1355 reply_nterror(req, nt_status);
1356 END_PROFILE(SMBsearch);
1359 dptr_num = dptr_dnum(conn->dirptr);
1363 memcpy(status,p,21);
1364 status_dirtype = CVAL(status,0) & 0x1F;
1365 if (status_dirtype != (dirtype & 0x1F)) {
1366 dirtype = status_dirtype;
1369 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1370 if (!conn->dirptr) {
1373 string_set(&conn->dirpath,dptr_path(dptr_num));
1374 mask = dptr_wcard(dptr_num);
1379 * For a 'continue' search we have no string. So
1380 * check from the initial saved string.
1382 mask_contains_wcard = ms_has_wild(mask);
1383 dirtype = dptr_attr(dptr_num);
1386 DEBUG(4,("dptr_num is %d\n",dptr_num));
1388 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1389 dptr_init_search_op(conn->dirptr);
1391 if ((dirtype&0x1F) == aVOLID) {
1392 char buf[DIR_STRUCT_SIZE];
1393 memcpy(buf,status,21);
1394 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1395 0,aVOLID,0,!allow_long_path_components)) {
1396 reply_nterror(req, NT_STATUS_NO_MEMORY);
1397 END_PROFILE(SMBsearch);
1400 dptr_fill(buf+12,dptr_num);
1401 if (dptr_zero(buf+12) && (status_len==0)) {
1406 if (message_push_blob(&req->outbuf,
1407 data_blob_const(buf, sizeof(buf)))
1409 reply_nterror(req, NT_STATUS_NO_MEMORY);
1410 END_PROFILE(SMBsearch);
1418 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1421 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1422 conn->dirpath,lp_dontdescend(SNUM(conn))));
1423 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1424 check_descend = True;
1427 for (i=numentries;(i<maxentries) && !finished;i++) {
1428 finished = !get_dir_entry(ctx,
1439 char buf[DIR_STRUCT_SIZE];
1440 memcpy(buf,status,21);
1441 if (!make_dir_struct(ctx,
1448 !allow_long_path_components)) {
1449 reply_nterror(req, NT_STATUS_NO_MEMORY);
1450 END_PROFILE(SMBsearch);
1453 if (!dptr_fill(buf+12,dptr_num)) {
1456 if (message_push_blob(&req->outbuf,
1457 data_blob_const(buf, sizeof(buf)))
1459 reply_nterror(req, NT_STATUS_NO_MEMORY);
1460 END_PROFILE(SMBsearch);
1470 /* If we were called as SMBffirst with smb_search_id == NULL
1471 and no entries were found then return error and close dirptr
1474 if (numentries == 0) {
1475 dptr_close(&dptr_num);
1476 } else if(expect_close && status_len == 0) {
1477 /* Close the dptr - we know it's gone */
1478 dptr_close(&dptr_num);
1481 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1482 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1483 dptr_close(&dptr_num);
1486 if ((numentries == 0) && !mask_contains_wcard) {
1487 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1488 END_PROFILE(SMBsearch);
1492 SSVAL(req->outbuf,smb_vwv0,numentries);
1493 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1494 SCVAL(smb_buf(req->outbuf),0,5);
1495 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1497 /* The replies here are never long name. */
1498 SSVAL(req->outbuf, smb_flg2,
1499 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1500 if (!allow_long_path_components) {
1501 SSVAL(req->outbuf, smb_flg2,
1502 SVAL(req->outbuf, smb_flg2)
1503 & (~FLAGS2_LONG_PATH_COMPONENTS));
1506 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1507 SSVAL(req->outbuf, smb_flg2,
1508 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1511 directory = dptr_path(dptr_num);
1514 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1515 smb_fn_name(req->cmd),
1517 directory ? directory : "./",
1522 END_PROFILE(SMBsearch);
1526 /****************************************************************************
1527 Reply to a fclose (stop directory search).
1528 ****************************************************************************/
1530 void reply_fclose(struct smb_request *req)
1538 bool path_contains_wcard = False;
1539 TALLOC_CTX *ctx = talloc_tos();
1541 START_PROFILE(SMBfclose);
1543 if (lp_posix_pathnames()) {
1544 reply_unknown_new(req, req->cmd);
1545 END_PROFILE(SMBfclose);
1549 p = (const char *)req->buf + 1;
1550 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1551 &err, &path_contains_wcard);
1552 if (!NT_STATUS_IS_OK(err)) {
1553 reply_nterror(req, err);
1554 END_PROFILE(SMBfclose);
1558 status_len = SVAL(p,0);
1561 if (status_len == 0) {
1562 reply_doserror(req, ERRSRV, ERRsrverror);
1563 END_PROFILE(SMBfclose);
1567 memcpy(status,p,21);
1569 if(dptr_fetch(status+12,&dptr_num)) {
1570 /* Close the dptr - we know it's gone */
1571 dptr_close(&dptr_num);
1574 reply_outbuf(req, 1, 0);
1575 SSVAL(req->outbuf,smb_vwv0,0);
1577 DEBUG(3,("search close\n"));
1579 END_PROFILE(SMBfclose);
1583 /****************************************************************************
1585 ****************************************************************************/
1587 void reply_open(struct smb_request *req)
1589 connection_struct *conn = req->conn;
1595 SMB_STRUCT_STAT sbuf;
1602 uint32 create_disposition;
1603 uint32 create_options = 0;
1605 TALLOC_CTX *ctx = talloc_tos();
1607 START_PROFILE(SMBopen);
1610 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1611 END_PROFILE(SMBopen);
1615 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1616 deny_mode = SVAL(req->vwv+0, 0);
1617 dos_attr = SVAL(req->vwv+1, 0);
1619 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1620 STR_TERMINATE, &status);
1621 if (!NT_STATUS_IS_OK(status)) {
1622 reply_nterror(req, status);
1623 END_PROFILE(SMBopen);
1627 if (!map_open_params_to_ntcreate(
1628 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1629 &share_mode, &create_disposition, &create_options)) {
1630 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1631 END_PROFILE(SMBopen);
1635 status = SMB_VFS_CREATE_FILE(
1638 0, /* root_dir_fid */
1640 CFF_DOS_PATH, /* create_file_flags */
1641 access_mask, /* access_mask */
1642 share_mode, /* share_access */
1643 create_disposition, /* create_disposition*/
1644 create_options, /* create_options */
1645 dos_attr, /* file_attributes */
1646 oplock_request, /* oplock_request */
1647 0, /* allocation_size */
1654 if (!NT_STATUS_IS_OK(status)) {
1655 if (open_was_deferred(req->mid)) {
1656 /* We have re-scheduled this call. */
1657 END_PROFILE(SMBopen);
1660 reply_openerror(req, status);
1661 END_PROFILE(SMBopen);
1665 size = sbuf.st_size;
1666 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1667 mtime = sbuf.st_mtime;
1670 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1671 close_file(req, fsp, ERROR_CLOSE);
1672 reply_doserror(req, ERRDOS,ERRnoaccess);
1673 END_PROFILE(SMBopen);
1677 reply_outbuf(req, 7, 0);
1678 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1679 SSVAL(req->outbuf,smb_vwv1,fattr);
1680 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1681 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1683 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1685 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1686 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1688 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1689 SCVAL(req->outbuf,smb_flg,
1690 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1693 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1694 SCVAL(req->outbuf,smb_flg,
1695 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1697 END_PROFILE(SMBopen);
1701 /****************************************************************************
1702 Reply to an open and X.
1703 ****************************************************************************/
1705 void reply_open_and_X(struct smb_request *req)
1707 connection_struct *conn = req->conn;
1712 /* Breakout the oplock request bits so we can set the
1713 reply bits separately. */
1714 int ex_oplock_request;
1715 int core_oplock_request;
1718 int smb_sattr = SVAL(req->vwv+4, 0);
1719 uint32 smb_time = make_unix_date3(req->vwv+6);
1724 SMB_STRUCT_STAT sbuf;
1728 uint64_t allocation_size;
1729 ssize_t retval = -1;
1732 uint32 create_disposition;
1733 uint32 create_options = 0;
1734 TALLOC_CTX *ctx = talloc_tos();
1736 START_PROFILE(SMBopenX);
1738 if (req->wct < 15) {
1739 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1740 END_PROFILE(SMBopenX);
1744 open_flags = SVAL(req->vwv+2, 0);
1745 deny_mode = SVAL(req->vwv+3, 0);
1746 smb_attr = SVAL(req->vwv+5, 0);
1747 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1748 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1749 oplock_request = ex_oplock_request | core_oplock_request;
1750 smb_ofun = SVAL(req->vwv+8, 0);
1751 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1753 /* If it's an IPC, pass off the pipe handler. */
1755 if (lp_nt_pipe_support()) {
1756 reply_open_pipe_and_X(conn, req);
1758 reply_doserror(req, ERRSRV, ERRaccess);
1760 END_PROFILE(SMBopenX);
1764 /* XXXX we need to handle passed times, sattr and flags */
1765 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1766 STR_TERMINATE, &status);
1767 if (!NT_STATUS_IS_OK(status)) {
1768 reply_nterror(req, status);
1769 END_PROFILE(SMBopenX);
1773 if (!map_open_params_to_ntcreate(
1774 fname, deny_mode, smb_ofun, &access_mask,
1775 &share_mode, &create_disposition, &create_options)) {
1776 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1777 END_PROFILE(SMBopenX);
1781 status = SMB_VFS_CREATE_FILE(
1784 0, /* root_dir_fid */
1786 CFF_DOS_PATH, /* create_file_flags */
1787 access_mask, /* access_mask */
1788 share_mode, /* share_access */
1789 create_disposition, /* create_disposition*/
1790 create_options, /* create_options */
1791 smb_attr, /* file_attributes */
1792 oplock_request, /* oplock_request */
1793 0, /* allocation_size */
1797 &smb_action, /* pinfo */
1800 if (!NT_STATUS_IS_OK(status)) {
1801 END_PROFILE(SMBopenX);
1802 if (open_was_deferred(req->mid)) {
1803 /* We have re-scheduled this call. */
1806 reply_openerror(req, status);
1810 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1811 if the file is truncated or created. */
1812 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1813 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1814 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1815 close_file(req, fsp, ERROR_CLOSE);
1816 reply_nterror(req, NT_STATUS_DISK_FULL);
1817 END_PROFILE(SMBopenX);
1820 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1822 close_file(req, fsp, ERROR_CLOSE);
1823 reply_nterror(req, NT_STATUS_DISK_FULL);
1824 END_PROFILE(SMBopenX);
1827 sbuf.st_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf);
1830 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1831 mtime = sbuf.st_mtime;
1833 close_file(req, fsp, ERROR_CLOSE);
1834 reply_doserror(req, ERRDOS, ERRnoaccess);
1835 END_PROFILE(SMBopenX);
1839 /* If the caller set the extended oplock request bit
1840 and we granted one (by whatever means) - set the
1841 correct bit for extended oplock reply.
1844 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1845 smb_action |= EXTENDED_OPLOCK_GRANTED;
1848 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1849 smb_action |= EXTENDED_OPLOCK_GRANTED;
1852 /* If the caller set the core oplock request bit
1853 and we granted one (by whatever means) - set the
1854 correct bit for core oplock reply.
1857 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1858 reply_outbuf(req, 19, 0);
1860 reply_outbuf(req, 15, 0);
1863 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1864 SCVAL(req->outbuf, smb_flg,
1865 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1868 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1869 SCVAL(req->outbuf, smb_flg,
1870 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1873 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1874 SSVAL(req->outbuf,smb_vwv3,fattr);
1875 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1876 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1878 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1880 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1881 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1882 SSVAL(req->outbuf,smb_vwv11,smb_action);
1884 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1885 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1888 END_PROFILE(SMBopenX);
1893 /****************************************************************************
1894 Reply to a SMBulogoffX.
1895 ****************************************************************************/
1897 void reply_ulogoffX(struct smb_request *req)
1901 START_PROFILE(SMBulogoffX);
1903 vuser = get_valid_user_struct(req->vuid);
1906 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1910 /* in user level security we are supposed to close any files
1911 open by this user */
1912 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1913 file_close_user(req->vuid);
1916 invalidate_vuid(req->vuid);
1918 reply_outbuf(req, 2, 0);
1920 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1922 END_PROFILE(SMBulogoffX);
1926 /****************************************************************************
1927 Reply to a mknew or a create.
1928 ****************************************************************************/
1930 void reply_mknew(struct smb_request *req)
1932 connection_struct *conn = req->conn;
1935 struct smb_file_time ft;
1937 int oplock_request = 0;
1938 SMB_STRUCT_STAT sbuf;
1940 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1941 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1942 uint32 create_disposition;
1943 uint32 create_options = 0;
1944 TALLOC_CTX *ctx = talloc_tos();
1946 START_PROFILE(SMBcreate);
1950 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1951 END_PROFILE(SMBcreate);
1955 fattr = SVAL(req->vwv+0, 0);
1956 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1959 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
1961 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
1962 STR_TERMINATE, &status);
1963 if (!NT_STATUS_IS_OK(status)) {
1964 reply_nterror(req, status);
1965 END_PROFILE(SMBcreate);
1969 if (fattr & aVOLID) {
1970 DEBUG(0,("Attempt to create file (%s) with volid set - "
1971 "please report this\n", fname));
1974 if(req->cmd == SMBmknew) {
1975 /* We should fail if file exists. */
1976 create_disposition = FILE_CREATE;
1978 /* Create if file doesn't exist, truncate if it does. */
1979 create_disposition = FILE_OVERWRITE_IF;
1982 status = SMB_VFS_CREATE_FILE(
1985 0, /* root_dir_fid */
1987 CFF_DOS_PATH, /* create_file_flags */
1988 access_mask, /* access_mask */
1989 share_mode, /* share_access */
1990 create_disposition, /* create_disposition*/
1991 create_options, /* create_options */
1992 fattr, /* file_attributes */
1993 oplock_request, /* oplock_request */
1994 0, /* allocation_size */
2001 if (!NT_STATUS_IS_OK(status)) {
2002 END_PROFILE(SMBcreate);
2003 if (open_was_deferred(req->mid)) {
2004 /* We have re-scheduled this call. */
2007 reply_openerror(req, status);
2011 ft.atime = get_atimespec(&sbuf); /* atime. */
2012 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, &ft, true);
2013 if (!NT_STATUS_IS_OK(status)) {
2014 END_PROFILE(SMBcreate);
2015 reply_openerror(req, status);
2019 reply_outbuf(req, 1, 0);
2020 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2022 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2023 SCVAL(req->outbuf,smb_flg,
2024 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2027 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2028 SCVAL(req->outbuf,smb_flg,
2029 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2032 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2033 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2034 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2036 END_PROFILE(SMBcreate);
2040 /****************************************************************************
2041 Reply to a create temporary file.
2042 ****************************************************************************/
2044 void reply_ctemp(struct smb_request *req)
2046 connection_struct *conn = req->conn;
2052 SMB_STRUCT_STAT sbuf;
2055 TALLOC_CTX *ctx = talloc_tos();
2057 START_PROFILE(SMBctemp);
2060 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2061 END_PROFILE(SMBctemp);
2065 fattr = SVAL(req->vwv+0, 0);
2066 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2068 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2069 STR_TERMINATE, &status);
2070 if (!NT_STATUS_IS_OK(status)) {
2071 reply_nterror(req, status);
2072 END_PROFILE(SMBctemp);
2076 fname = talloc_asprintf(ctx,
2080 fname = talloc_strdup(ctx, "TMXXXXXX");
2084 reply_nterror(req, NT_STATUS_NO_MEMORY);
2085 END_PROFILE(SMBctemp);
2089 status = resolve_dfspath(ctx, conn,
2090 req->flags2 & FLAGS2_DFS_PATHNAMES,
2093 if (!NT_STATUS_IS_OK(status)) {
2094 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2095 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2096 ERRSRV, ERRbadpath);
2097 END_PROFILE(SMBctemp);
2100 reply_nterror(req, status);
2101 END_PROFILE(SMBctemp);
2105 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
2106 if (!NT_STATUS_IS_OK(status)) {
2107 reply_nterror(req, status);
2108 END_PROFILE(SMBctemp);
2112 status = check_name(conn, fname);
2113 if (!NT_STATUS_IS_OK(status)) {
2114 reply_nterror(req, status);
2115 END_PROFILE(SMBctemp);
2119 tmpfd = smb_mkstemp(fname);
2121 reply_unixerror(req, ERRDOS, ERRnoaccess);
2122 END_PROFILE(SMBctemp);
2126 SMB_VFS_STAT(conn,fname,&sbuf);
2128 /* We should fail if file does not exist. */
2129 status = SMB_VFS_CREATE_FILE(
2132 0, /* root_dir_fid */
2134 0, /* create_file_flags */
2135 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2136 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2137 FILE_OPEN, /* create_disposition*/
2138 0, /* create_options */
2139 fattr, /* file_attributes */
2140 oplock_request, /* oplock_request */
2141 0, /* allocation_size */
2148 /* close fd from smb_mkstemp() */
2151 if (!NT_STATUS_IS_OK(status)) {
2152 if (open_was_deferred(req->mid)) {
2153 /* We have re-scheduled this call. */
2154 END_PROFILE(SMBctemp);
2157 reply_openerror(req, status);
2158 END_PROFILE(SMBctemp);
2162 reply_outbuf(req, 1, 0);
2163 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2165 /* the returned filename is relative to the directory */
2166 s = strrchr_m(fsp->fsp_name, '/');
2174 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2175 thing in the byte section. JRA */
2176 SSVALS(p, 0, -1); /* what is this? not in spec */
2178 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2180 reply_nterror(req, NT_STATUS_NO_MEMORY);
2181 END_PROFILE(SMBctemp);
2185 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2186 SCVAL(req->outbuf, smb_flg,
2187 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2190 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2191 SCVAL(req->outbuf, smb_flg,
2192 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2195 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2196 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2197 fsp->fh->fd, (unsigned int)sbuf.st_mode ) );
2199 END_PROFILE(SMBctemp);
2203 /*******************************************************************
2204 Check if a user is allowed to rename a file.
2205 ********************************************************************/
2207 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2208 uint16 dirtype, SMB_STRUCT_STAT *pst)
2212 if (!CAN_WRITE(conn)) {
2213 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2216 fmode = dos_mode(conn, fsp->fsp_name, pst);
2217 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2218 return NT_STATUS_NO_SUCH_FILE;
2221 if (S_ISDIR(pst->st_mode)) {
2222 if (fsp->posix_open) {
2223 return NT_STATUS_OK;
2226 /* If no pathnames are open below this
2227 directory, allow the rename. */
2229 if (file_find_subpath(fsp)) {
2230 return NT_STATUS_ACCESS_DENIED;
2232 return NT_STATUS_OK;
2235 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2236 return NT_STATUS_OK;
2239 return NT_STATUS_ACCESS_DENIED;
2242 /*******************************************************************
2243 * unlink a file with all relevant access checks
2244 *******************************************************************/
2246 static NTSTATUS do_unlink(connection_struct *conn,
2247 struct smb_request *req,
2251 SMB_STRUCT_STAT sbuf;
2254 uint32 dirtype_orig = dirtype;
2257 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2259 if (!CAN_WRITE(conn)) {
2260 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2263 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2264 return map_nt_error_from_unix(errno);
2267 fattr = dos_mode(conn,fname,&sbuf);
2269 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2270 dirtype = aDIR|aARCH|aRONLY;
2273 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2275 return NT_STATUS_NO_SUCH_FILE;
2278 if (!dir_check_ftype(conn, fattr, dirtype)) {
2280 return NT_STATUS_FILE_IS_A_DIRECTORY;
2282 return NT_STATUS_NO_SUCH_FILE;
2285 if (dirtype_orig & 0x8000) {
2286 /* These will never be set for POSIX. */
2287 return NT_STATUS_NO_SUCH_FILE;
2291 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2292 return NT_STATUS_FILE_IS_A_DIRECTORY;
2295 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2296 return NT_STATUS_NO_SUCH_FILE;
2299 if (dirtype & 0xFF00) {
2300 /* These will never be set for POSIX. */
2301 return NT_STATUS_NO_SUCH_FILE;
2306 return NT_STATUS_NO_SUCH_FILE;
2309 /* Can't delete a directory. */
2311 return NT_STATUS_FILE_IS_A_DIRECTORY;
2316 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2317 return NT_STATUS_OBJECT_NAME_INVALID;
2318 #endif /* JRATEST */
2320 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2322 On a Windows share, a file with read-only dosmode can be opened with
2323 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2324 fails with NT_STATUS_CANNOT_DELETE error.
2326 This semantic causes a problem that a user can not
2327 rename a file with read-only dosmode on a Samba share
2328 from a Windows command prompt (i.e. cmd.exe, but can rename
2329 from Windows Explorer).
2332 if (!lp_delete_readonly(SNUM(conn))) {
2333 if (fattr & aRONLY) {
2334 return NT_STATUS_CANNOT_DELETE;
2338 /* On open checks the open itself will check the share mode, so
2339 don't do it here as we'll get it wrong. */
2341 status = SMB_VFS_CREATE_FILE
2344 0, /* root_dir_fid */
2346 0, /* create_file_flags */
2347 DELETE_ACCESS, /* access_mask */
2348 FILE_SHARE_NONE, /* share_access */
2349 FILE_OPEN, /* create_disposition*/
2350 FILE_NON_DIRECTORY_FILE, /* create_options */
2351 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2352 0, /* oplock_request */
2353 0, /* allocation_size */
2360 if (!NT_STATUS_IS_OK(status)) {
2361 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2362 nt_errstr(status)));
2366 /* The set is across all open files on this dev/inode pair. */
2367 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2368 close_file(req, fsp, NORMAL_CLOSE);
2369 return NT_STATUS_ACCESS_DENIED;
2372 return close_file(req, fsp, NORMAL_CLOSE);
2375 /****************************************************************************
2376 The guts of the unlink command, split out so it may be called by the NT SMB
2378 ****************************************************************************/
2380 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2381 uint32 dirtype, const char *name_in, bool has_wild)
2383 const char *directory = NULL;
2388 NTSTATUS status = NT_STATUS_OK;
2389 SMB_STRUCT_STAT sbuf, st;
2390 TALLOC_CTX *ctx = talloc_tos();
2392 status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
2393 if (!NT_STATUS_IS_OK(status)) {
2397 p = strrchr_m(name,'/');
2399 directory = talloc_strdup(ctx, ".");
2401 return NT_STATUS_NO_MEMORY;
2411 * We should only check the mangled cache
2412 * here if unix_convert failed. This means
2413 * that the path in 'mask' doesn't exist
2414 * on the file system and so we need to look
2415 * for a possible mangle. This patch from
2416 * Tine Smukavec <valentin.smukavec@hermes.si>.
2419 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2420 char *new_mask = NULL;
2421 mangle_lookup_name_from_8_3(ctx,
2431 directory = talloc_asprintf(ctx,
2436 return NT_STATUS_NO_MEMORY;
2439 dirtype = FILE_ATTRIBUTE_NORMAL;
2442 status = check_name(conn, directory);
2443 if (!NT_STATUS_IS_OK(status)) {
2447 status = do_unlink(conn, req, directory, dirtype);
2448 if (!NT_STATUS_IS_OK(status)) {
2454 struct smb_Dir *dir_hnd = NULL;
2458 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2459 return NT_STATUS_OBJECT_NAME_INVALID;
2462 if (strequal(mask,"????????.???")) {
2467 status = check_name(conn, directory);
2468 if (!NT_STATUS_IS_OK(status)) {
2472 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2474 if (dir_hnd == NULL) {
2475 return map_nt_error_from_unix(errno);
2478 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2479 the pattern matches against the long name, otherwise the short name
2480 We don't implement this yet XXXX
2483 status = NT_STATUS_NO_SUCH_FILE;
2485 while ((dname = ReadDirName(dir_hnd, &offset, &st))) {
2488 if (!is_visible_file(conn, directory, dname, &st,
2494 /* Quick check for "." and ".." */
2495 if (ISDOT(dname) || ISDOTDOT(dname)) {
2499 if(!mask_match(dname, mask, conn->case_sensitive)) {
2503 fname = talloc_asprintf(ctx, "%s/%s",
2507 return NT_STATUS_NO_MEMORY;
2510 status = check_name(conn, fname);
2511 if (!NT_STATUS_IS_OK(status)) {
2512 TALLOC_FREE(dir_hnd);
2516 status = do_unlink(conn, req, fname, dirtype);
2517 if (!NT_STATUS_IS_OK(status)) {
2523 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2528 TALLOC_FREE(dir_hnd);
2531 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2532 status = map_nt_error_from_unix(errno);
2538 /****************************************************************************
2540 ****************************************************************************/
2542 void reply_unlink(struct smb_request *req)
2544 connection_struct *conn = req->conn;
2548 bool path_contains_wcard = False;
2549 TALLOC_CTX *ctx = talloc_tos();
2551 START_PROFILE(SMBunlink);
2554 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2555 END_PROFILE(SMBunlink);
2559 dirtype = SVAL(req->vwv+0, 0);
2561 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2562 STR_TERMINATE, &status,
2563 &path_contains_wcard);
2564 if (!NT_STATUS_IS_OK(status)) {
2565 reply_nterror(req, status);
2566 END_PROFILE(SMBunlink);
2570 status = resolve_dfspath_wcard(ctx, conn,
2571 req->flags2 & FLAGS2_DFS_PATHNAMES,
2574 &path_contains_wcard);
2575 if (!NT_STATUS_IS_OK(status)) {
2576 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2577 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2578 ERRSRV, ERRbadpath);
2579 END_PROFILE(SMBunlink);
2582 reply_nterror(req, status);
2583 END_PROFILE(SMBunlink);
2587 DEBUG(3,("reply_unlink : %s\n",name));
2589 status = unlink_internals(conn, req, dirtype, name,
2590 path_contains_wcard);
2591 if (!NT_STATUS_IS_OK(status)) {
2592 if (open_was_deferred(req->mid)) {
2593 /* We have re-scheduled this call. */
2594 END_PROFILE(SMBunlink);
2597 reply_nterror(req, status);
2598 END_PROFILE(SMBunlink);
2602 reply_outbuf(req, 0, 0);
2603 END_PROFILE(SMBunlink);
2608 /****************************************************************************
2610 ****************************************************************************/
2612 static void fail_readraw(void)
2614 const char *errstr = talloc_asprintf(talloc_tos(),
2615 "FAIL ! reply_readbraw: socket write fail (%s)",
2620 exit_server_cleanly(errstr);
2623 /****************************************************************************
2624 Fake (read/write) sendfile. Returns -1 on read or write fail.
2625 ****************************************************************************/
2627 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2631 size_t tosend = nread;
2638 bufsize = MIN(nread, 65536);
2640 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2644 while (tosend > 0) {
2648 if (tosend > bufsize) {
2653 ret = read_file(fsp,buf,startpos,cur_read);
2659 /* If we had a short read, fill with zeros. */
2660 if (ret < cur_read) {
2661 memset(buf, '\0', cur_read - ret);
2664 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2669 startpos += cur_read;
2673 return (ssize_t)nread;
2676 /****************************************************************************
2677 Deal with the case of sendfile reading less bytes from the file than
2678 requested. Fill with zeros (all we can do).
2679 ****************************************************************************/
2681 static void sendfile_short_send(files_struct *fsp,
2686 if (nread < headersize) {
2687 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2688 "header for file %s (%s). Terminating\n",
2689 fsp->fsp_name, strerror(errno) ));
2690 exit_server_cleanly("sendfile_short_send failed");
2693 nread -= headersize;
2695 if (nread < smb_maxcnt) {
2696 char *buf = SMB_CALLOC_ARRAY(char, 1024);
2698 exit_server_cleanly("sendfile_short_send: "
2702 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2703 "with zeros !\n", fsp->fsp_name));
2705 while (nread < smb_maxcnt) {
2707 * We asked for the real file size and told sendfile
2708 * to not go beyond the end of the file. But it can
2709 * happen that in between our fstat call and the
2710 * sendfile call the file was truncated. This is very
2711 * bad because we have already announced the larger
2712 * number of bytes to the client.
2714 * The best we can do now is to send 0-bytes, just as
2715 * a read from a hole in a sparse file would do.
2717 * This should happen rarely enough that I don't care
2718 * about efficiency here :-)
2722 to_write = MIN(sizeof(buf), smb_maxcnt - nread);
2723 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2724 exit_server_cleanly("sendfile_short_send: "
2725 "write_data failed");
2733 /****************************************************************************
2734 Return a readbraw error (4 bytes of zero).
2735 ****************************************************************************/
2737 static void reply_readbraw_error(void)
2741 if (write_data(smbd_server_fd(),header,4) != 4) {
2746 /****************************************************************************
2747 Use sendfile in readbraw.
2748 ****************************************************************************/
2750 static void send_file_readbraw(connection_struct *conn,
2751 struct smb_request *req,
2757 char *outbuf = NULL;
2760 #if defined(WITH_SENDFILE)
2762 * We can only use sendfile on a non-chained packet
2763 * but we can use on a non-oplocked file. tridge proved this
2764 * on a train in Germany :-). JRA.
2765 * reply_readbraw has already checked the length.
2768 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2769 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2770 ssize_t sendfile_read = -1;
2772 DATA_BLOB header_blob;
2774 _smb_setlen(header,nread);
2775 header_blob = data_blob_const(header, 4);
2777 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2778 &header_blob, startpos, nread)) == -1) {
2779 /* Returning ENOSYS means no data at all was sent.
2780 * Do this as a normal read. */
2781 if (errno == ENOSYS) {
2782 goto normal_readbraw;
2786 * Special hack for broken Linux with no working sendfile. If we
2787 * return EINTR we sent the header but not the rest of the data.
2788 * Fake this up by doing read/write calls.
2790 if (errno == EINTR) {
2791 /* Ensure we don't do this again. */
2792 set_use_sendfile(SNUM(conn), False);
2793 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2795 if (fake_sendfile(fsp, startpos, nread) == -1) {
2796 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2797 fsp->fsp_name, strerror(errno) ));
2798 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2803 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2804 fsp->fsp_name, strerror(errno) ));
2805 exit_server_cleanly("send_file_readbraw sendfile failed");
2806 } else if (sendfile_read == 0) {
2808 * Some sendfile implementations return 0 to indicate
2809 * that there was a short read, but nothing was
2810 * actually written to the socket. In this case,
2811 * fallback to the normal read path so the header gets
2812 * the correct byte count.
2814 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2815 "bytes falling back to the normal read: "
2816 "%s\n", fsp->fsp_name));
2817 goto normal_readbraw;
2820 /* Deal with possible short send. */
2821 if (sendfile_read != 4+nread) {
2822 sendfile_short_send(fsp, sendfile_read, 4, nread);
2830 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2832 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2833 (unsigned)(nread+4)));
2834 reply_readbraw_error();
2839 ret = read_file(fsp,outbuf+4,startpos,nread);
2840 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2849 _smb_setlen(outbuf,ret);
2850 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2853 TALLOC_FREE(outbuf);
2856 /****************************************************************************
2857 Reply to a readbraw (core+ protocol).
2858 ****************************************************************************/
2860 void reply_readbraw(struct smb_request *req)
2862 connection_struct *conn = req->conn;
2863 ssize_t maxcount,mincount;
2867 struct lock_struct lock;
2871 START_PROFILE(SMBreadbraw);
2873 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
2874 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2875 "raw reads/writes are disallowed.");
2879 reply_readbraw_error();
2880 END_PROFILE(SMBreadbraw);
2885 * Special check if an oplock break has been issued
2886 * and the readraw request croses on the wire, we must
2887 * return a zero length response here.
2890 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
2893 * We have to do a check_fsp by hand here, as
2894 * we must always return 4 zero bytes on error,
2898 if (!fsp || !conn || conn != fsp->conn ||
2899 req->vuid != fsp->vuid ||
2900 fsp->is_directory || fsp->fh->fd == -1) {
2902 * fsp could be NULL here so use the value from the packet. JRA.
2904 DEBUG(3,("reply_readbraw: fnum %d not valid "
2906 (int)SVAL(req->vwv+0, 0)));
2907 reply_readbraw_error();
2908 END_PROFILE(SMBreadbraw);
2912 /* Do a "by hand" version of CHECK_READ. */
2913 if (!(fsp->can_read ||
2914 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2915 (fsp->access_mask & FILE_EXECUTE)))) {
2916 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2917 (int)SVAL(req->vwv+0, 0)));
2918 reply_readbraw_error();
2919 END_PROFILE(SMBreadbraw);
2923 flush_write_cache(fsp, READRAW_FLUSH);
2925 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
2926 if(req->wct == 10) {
2928 * This is a large offset (64 bit) read.
2930 #ifdef LARGE_SMB_OFF_T
2932 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
2934 #else /* !LARGE_SMB_OFF_T */
2937 * Ensure we haven't been sent a >32 bit offset.
2940 if(IVAL(req->vwv+8, 0) != 0) {
2941 DEBUG(0,("reply_readbraw: large offset "
2942 "(%x << 32) used and we don't support "
2943 "64 bit offsets.\n",
2944 (unsigned int)IVAL(req->vwv+8, 0) ));
2945 reply_readbraw_error();
2946 END_PROFILE(SMBreadbraw);
2950 #endif /* LARGE_SMB_OFF_T */
2953 DEBUG(0,("reply_readbraw: negative 64 bit "
2954 "readraw offset (%.0f) !\n",
2955 (double)startpos ));
2956 reply_readbraw_error();
2957 END_PROFILE(SMBreadbraw);
2962 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
2963 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
2965 /* ensure we don't overrun the packet size */
2966 maxcount = MIN(65535,maxcount);
2968 init_strict_lock_struct(fsp, (uint32)req->smbpid,
2969 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
2972 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
2973 reply_readbraw_error();
2974 END_PROFILE(SMBreadbraw);
2978 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
2982 if (startpos >= size) {
2985 nread = MIN(maxcount,(size - startpos));
2988 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2989 if (nread < mincount)
2993 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2994 "min=%lu nread=%lu\n",
2995 fsp->fnum, (double)startpos,
2996 (unsigned long)maxcount,
2997 (unsigned long)mincount,
2998 (unsigned long)nread ) );
3000 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3002 DEBUG(5,("reply_readbraw finished\n"));
3004 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3006 END_PROFILE(SMBreadbraw);
3011 #define DBGC_CLASS DBGC_LOCKING
3013 /****************************************************************************
3014 Reply to a lockread (core+ protocol).
3015 ****************************************************************************/
3017 void reply_lockread(struct smb_request *req)
3019 connection_struct *conn = req->conn;
3026 struct byte_range_lock *br_lck = NULL;
3029 START_PROFILE(SMBlockread);
3032 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3033 END_PROFILE(SMBlockread);
3037 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3039 if (!check_fsp(conn, req, fsp)) {
3040 END_PROFILE(SMBlockread);
3044 if (!CHECK_READ(fsp,req)) {
3045 reply_doserror(req, ERRDOS, ERRbadaccess);
3046 END_PROFILE(SMBlockread);
3050 numtoread = SVAL(req->vwv+1, 0);
3051 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3053 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3055 reply_outbuf(req, 5, numtoread + 3);
3057 data = smb_buf(req->outbuf) + 3;
3060 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3061 * protocol request that predates the read/write lock concept.
3062 * Thus instead of asking for a read lock here we need to ask
3063 * for a write lock. JRA.
3064 * Note that the requested lock size is unaffected by max_recv.
3067 br_lck = do_lock(smbd_messaging_context(),
3070 (uint64_t)numtoread,
3074 False, /* Non-blocking lock. */
3078 TALLOC_FREE(br_lck);
3080 if (NT_STATUS_V(status)) {
3081 reply_nterror(req, status);
3082 END_PROFILE(SMBlockread);
3087 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3090 if (numtoread > max_recv) {
3091 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3092 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3093 (unsigned int)numtoread, (unsigned int)max_recv ));
3094 numtoread = MIN(numtoread,max_recv);
3096 nread = read_file(fsp,data,startpos,numtoread);
3099 reply_unixerror(req, ERRDOS, ERRnoaccess);
3100 END_PROFILE(SMBlockread);
3104 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3106 SSVAL(req->outbuf,smb_vwv0,nread);
3107 SSVAL(req->outbuf,smb_vwv5,nread+3);
3108 p = smb_buf(req->outbuf);
3109 SCVAL(p,0,0); /* pad byte. */
3112 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3113 fsp->fnum, (int)numtoread, (int)nread));
3115 END_PROFILE(SMBlockread);
3120 #define DBGC_CLASS DBGC_ALL
3122 /****************************************************************************
3124 ****************************************************************************/
3126 void reply_read(struct smb_request *req)
3128 connection_struct *conn = req->conn;
3135 struct lock_struct lock;
3137 START_PROFILE(SMBread);
3140 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3141 END_PROFILE(SMBread);
3145 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3147 if (!check_fsp(conn, req, fsp)) {
3148 END_PROFILE(SMBread);
3152 if (!CHECK_READ(fsp,req)) {
3153 reply_doserror(req, ERRDOS, ERRbadaccess);
3154 END_PROFILE(SMBread);
3158 numtoread = SVAL(req->vwv+1, 0);
3159 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3161 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3164 * The requested read size cannot be greater than max_recv. JRA.
3166 if (numtoread > max_recv) {
3167 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3168 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3169 (unsigned int)numtoread, (unsigned int)max_recv ));
3170 numtoread = MIN(numtoread,max_recv);
3173 reply_outbuf(req, 5, numtoread+3);
3175 data = smb_buf(req->outbuf) + 3;
3177 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3178 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3181 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3182 reply_doserror(req, ERRDOS,ERRlock);
3183 END_PROFILE(SMBread);
3188 nread = read_file(fsp,data,startpos,numtoread);
3191 reply_unixerror(req, ERRDOS,ERRnoaccess);
git.samba.org / ira / wip.git / blob