2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
32 unsigned int smb_echo_count = 0;
33 extern uint32 global_client_caps;
35 extern struct current_user current_user;
36 extern BOOL global_encrypted_passwords_negotiated;
38 /****************************************************************************
39 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
40 path or anything including wildcards.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 /* Custom version for processing POSIX paths. */
47 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
49 static NTSTATUS check_path_syntax_internal(char *path,
51 BOOL *p_last_component_contains_wcard)
55 NTSTATUS ret = NT_STATUS_OK;
56 BOOL start_of_name_component = True;
58 *p_last_component_contains_wcard = False;
61 if (IS_PATH_SEP(*s,posix_path)) {
63 * Safe to assume is not the second part of a mb char
64 * as this is handled below.
66 /* Eat multiple '/' or '\\' */
67 while (IS_PATH_SEP(*s,posix_path)) {
70 if ((d != path) && (*s != '\0')) {
71 /* We only care about non-leading or trailing '/' or '\\' */
75 start_of_name_component = True;
77 *p_last_component_contains_wcard = False;
81 if (start_of_name_component) {
82 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
83 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
86 * No mb char starts with '.' so we're safe checking the directory separator here.
89 /* If we just added a '/' - delete it */
90 if ((d > path) && (*(d-1) == '/')) {
95 /* Are we at the start ? Can't go back further if so. */
97 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
100 /* Go back one level... */
101 /* We know this is safe as '/' cannot be part of a mb sequence. */
102 /* NOTE - if this assumption is invalid we are not in good shape... */
103 /* Decrement d first as d points to the *next* char to write into. */
104 for (d--; d > path; d--) {
108 s += 2; /* Else go past the .. */
109 /* We're still at the start of a name component, just the previous one. */
112 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
125 return NT_STATUS_OBJECT_NAME_INVALID;
133 *p_last_component_contains_wcard = True;
142 /* Get the size of the next MB character. */
143 next_codepoint(s,&siz);
161 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
163 return NT_STATUS_INVALID_PARAMETER;
166 start_of_name_component = False;
173 /****************************************************************************
174 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
175 No wildcards allowed.
176 ****************************************************************************/
178 NTSTATUS check_path_syntax(char *path)
181 return check_path_syntax_internal(path, False, &ignore);
184 /****************************************************************************
185 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
186 Wildcards allowed - p_contains_wcard returns true if the last component contained
188 ****************************************************************************/
190 NTSTATUS check_path_syntax_wcard(char *path, BOOL *p_contains_wcard)
192 return check_path_syntax_internal(path, False, p_contains_wcard);
195 /****************************************************************************
196 Check the path for a POSIX client.
197 We're assuming here that '/' is not the second byte in any multibyte char
198 set (a safe assumption).
199 ****************************************************************************/
201 NTSTATUS check_path_syntax_posix(char *path)
204 return check_path_syntax_internal(path, True, &ignore);
207 /****************************************************************************
208 Pull a string and check the path allowing a wilcard - provide for error return.
209 ****************************************************************************/
211 size_t srvstr_get_path_wcard(const char *inbuf, uint16 smb_flags2, char *dest,
212 const char *src, size_t dest_len, size_t src_len,
213 int flags, NTSTATUS *err, BOOL *contains_wcard)
217 SMB_ASSERT(dest_len == sizeof(pstring));
221 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
224 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
225 dest_len, src_len, flags);
228 *contains_wcard = False;
230 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
232 * For a DFS path the function parse_dfs_path()
233 * will do the path processing, just make a copy.
239 if (lp_posix_pathnames()) {
240 *err = check_path_syntax_posix(dest);
242 *err = check_path_syntax_wcard(dest, contains_wcard);
248 /****************************************************************************
249 Pull a string and check the path - provide for error return.
250 ****************************************************************************/
252 size_t srvstr_get_path(const char *inbuf, uint16 smb_flags2, char *dest,
253 const char *src, size_t dest_len, size_t src_len,
254 int flags, NTSTATUS *err)
258 SMB_ASSERT(dest_len == sizeof(pstring));
262 ret = srvstr_pull_buf(inbuf, smb_flags2, dest, src,
265 ret = srvstr_pull(inbuf, smb_flags2, dest, src,
266 dest_len, src_len, flags);
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(dest);
281 *err = check_path_syntax(dest);
287 /****************************************************************************
288 Check if we have a correct fsp pointing to a file. Replacement for the
290 ****************************************************************************/
292 BOOL check_fsp(connection_struct *conn, struct smb_request *req,
293 files_struct *fsp, struct current_user *user)
295 if (!(fsp) || !(conn)) {
296 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
299 if (((conn) != (fsp)->conn) || user->vuid != (fsp)->vuid) {
300 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
303 if ((fsp)->is_directory) {
304 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
307 if ((fsp)->fh->fd == -1) {
308 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
311 (fsp)->num_smb_operations++;
315 /****************************************************************************
316 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
317 ****************************************************************************/
319 BOOL fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
320 files_struct *fsp, struct current_user *user)
322 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
323 && (current_user.vuid==(fsp)->vuid)) {
327 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
331 /****************************************************************************
332 Reply to a (netbios-level) special message.
333 ****************************************************************************/
335 void reply_special(char *inbuf)
337 int msg_type = CVAL(inbuf,0);
338 int msg_flags = CVAL(inbuf,1);
343 * We only really use 4 bytes of the outbuf, but for the smb_setlen
344 * calculation & friends (send_smb uses that) we need the full smb
347 char outbuf[smb_size];
349 static BOOL already_got_session = False;
353 memset(outbuf, '\0', sizeof(outbuf));
355 smb_setlen(inbuf,outbuf,0);
358 case 0x81: /* session request */
360 if (already_got_session) {
361 exit_server_cleanly("multiple session request not permitted");
364 SCVAL(outbuf,0,0x82);
366 if (name_len(inbuf+4) > 50 ||
367 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
368 DEBUG(0,("Invalid name length in session request\n"));
371 name_extract(inbuf,4,name1);
372 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
373 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
376 set_local_machine_name(name1, True);
377 set_remote_machine_name(name2, True);
379 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
380 get_local_machine_name(), get_remote_machine_name(),
383 if (name_type == 'R') {
384 /* We are being asked for a pathworks session ---
386 SCVAL(outbuf, 0,0x83);
390 /* only add the client's machine name to the list
391 of possibly valid usernames if we are operating
392 in share mode security */
393 if (lp_security() == SEC_SHARE) {
394 add_session_user(get_remote_machine_name());
397 reload_services(True);
400 already_got_session = True;
403 case 0x89: /* session keepalive request
404 (some old clients produce this?) */
405 SCVAL(outbuf,0,SMBkeepalive);
409 case 0x82: /* positive session response */
410 case 0x83: /* negative session response */
411 case 0x84: /* retarget session response */
412 DEBUG(0,("Unexpected session response\n"));
415 case SMBkeepalive: /* session keepalive */
420 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
421 msg_type, msg_flags));
423 send_smb(smbd_server_fd(), outbuf);
427 /****************************************************************************
429 conn POINTER CAN BE NULL HERE !
430 ****************************************************************************/
432 int reply_tcon(connection_struct *conn,
433 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
437 char *service_buf = NULL;
438 char *password = NULL;
441 uint16 vuid = SVAL(inbuf,smb_uid);
445 DATA_BLOB password_blob;
447 START_PROFILE(SMBtcon);
449 ctx = talloc_init("reply_tcon");
451 END_PROFILE(SMBtcon);
452 return ERROR_NT(NT_STATUS_NO_MEMORY);
455 p = smb_buf(inbuf)+1;
456 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
457 &service_buf, p, STR_TERMINATE) + 1;
458 pwlen = srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
459 &password, p, STR_TERMINATE) + 1;
461 p += srvstr_pull_buf_talloc(ctx, inbuf, SVAL(inbuf, smb_flg2),
462 &dev, p, STR_TERMINATE) + 1;
464 if (service_buf == NULL || password == NULL || dev == NULL) {
466 END_PROFILE(SMBtcon);
467 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
469 p = strrchr_m(service_buf,'\\');
473 service = service_buf;
476 password_blob = data_blob(password, pwlen+1);
478 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
480 data_blob_clear_free(&password_blob);
484 END_PROFILE(SMBtcon);
485 return ERROR_NT(nt_status);
488 outsize = set_message(inbuf,outbuf,2,0,True);
489 SSVAL(outbuf,smb_vwv0,max_recv);
490 SSVAL(outbuf,smb_vwv1,conn->cnum);
491 SSVAL(outbuf,smb_tid,conn->cnum);
493 DEBUG(3,("tcon service=%s cnum=%d\n",
494 service, conn->cnum));
496 END_PROFILE(SMBtcon);
501 /****************************************************************************
502 Reply to a tcon and X.
503 conn POINTER CAN BE NULL HERE !
504 ****************************************************************************/
506 void reply_tcon_and_X(connection_struct *conn, struct smb_request *req)
508 char *service = NULL;
511 TALLOC_CTX *ctx = NULL;
512 /* what the cleint thinks the device is */
513 char *client_devicetype = NULL;
514 /* what the server tells the client the share represents */
515 const char *server_devicetype;
522 START_PROFILE(SMBtconX);
525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
526 END_PROFILE(SMBtconX);
530 passlen = SVAL(req->inbuf,smb_vwv3);
531 tcon_flags = SVAL(req->inbuf,smb_vwv2);
533 /* we might have to close an old one */
534 if ((tcon_flags & 0x1) && conn) {
535 close_cnum(conn,req->vuid);
538 if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) {
539 reply_doserror(req, ERRDOS, ERRbuftoosmall);
540 END_PROFILE(SMBtconX);
544 if (global_encrypted_passwords_negotiated) {
545 password = data_blob(smb_buf(req->inbuf),passlen);
546 if (lp_security() == SEC_SHARE) {
548 * Security = share always has a pad byte
549 * after the password.
551 p = smb_buf(req->inbuf) + passlen + 1;
553 p = smb_buf(req->inbuf) + passlen;
556 password = data_blob(smb_buf(req->inbuf),passlen+1);
557 /* Ensure correct termination */
558 password.data[passlen]=0;
559 p = smb_buf(req->inbuf) + passlen + 1;
562 ctx = talloc_init("reply_tcon_and_X");
564 data_blob_clear_free(&password);
565 reply_nterror(req, NT_STATUS_NO_MEMORY);
566 END_PROFILE(SMBtconX);
569 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p,
573 data_blob_clear_free(&password);
575 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
576 END_PROFILE(SMBtconX);
581 * the service name can be either: \\server\share
582 * or share directly like on the DELL PowerVault 705
585 q = strchr_m(path+2,'\\');
587 data_blob_clear_free(&password);
589 reply_doserror(req, ERRDOS, ERRnosuchshare);
590 END_PROFILE(SMBtconX);
598 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
599 &client_devicetype, p,
600 MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
602 if (client_devicetype == NULL) {
603 data_blob_clear_free(&password);
605 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
606 END_PROFILE(SMBtconX);
610 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
612 conn = make_connection(service, password, client_devicetype,
613 req->vuid, &nt_status);
615 data_blob_clear_free(&password);
619 reply_nterror(req, nt_status);
620 END_PROFILE(SMBtconX);
625 server_devicetype = "IPC";
626 else if ( IS_PRINT(conn) )
627 server_devicetype = "LPT1:";
629 server_devicetype = "A:";
631 if (Protocol < PROTOCOL_NT1) {
632 reply_outbuf(req, 2, 0);
633 if (message_push_string(&req->outbuf, server_devicetype,
634 STR_TERMINATE|STR_ASCII) == -1) {
636 reply_nterror(req, NT_STATUS_NO_MEMORY);
637 END_PROFILE(SMBtconX);
641 /* NT sets the fstype of IPC$ to the null string */
642 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
644 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
645 /* Return permissions. */
649 reply_outbuf(req, 7, 0);
652 perm1 = FILE_ALL_ACCESS;
653 perm2 = FILE_ALL_ACCESS;
655 perm1 = CAN_WRITE(conn) ?
660 SIVAL(req->outbuf, smb_vwv3, perm1);
661 SIVAL(req->outbuf, smb_vwv5, perm2);
663 reply_outbuf(req, 3, 0);
666 if ((message_push_string(&req->outbuf, server_devicetype,
667 STR_TERMINATE|STR_ASCII) == -1)
668 || (message_push_string(&req->outbuf, fstype,
669 STR_TERMINATE) == -1)) {
671 reply_nterror(req, NT_STATUS_NO_MEMORY);
672 END_PROFILE(SMBtconX);
676 /* what does setting this bit do? It is set by NT4 and
677 may affect the ability to autorun mounted cdroms */
678 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
679 (lp_csc_policy(SNUM(conn)) << 2));
681 init_dfsroot(conn, req->inbuf, req->outbuf);
685 DEBUG(3,("tconX service=%s \n",
688 /* set the incoming and outgoing tid to the just created one */
689 SSVAL(req->inbuf,smb_tid,conn->cnum);
690 SSVAL(req->outbuf,smb_tid,conn->cnum);
693 END_PROFILE(SMBtconX);
695 chain_reply_new(req);
699 /****************************************************************************
700 Reply to an unknown type.
701 ****************************************************************************/
703 int reply_unknown(char *inbuf,char *outbuf)
706 type = CVAL(inbuf,smb_com);
708 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
709 smb_fn_name(type), type, type));
711 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
714 void reply_unknown_new(struct smb_request *req, uint8 type)
716 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
717 smb_fn_name(type), type, type));
718 reply_doserror(req, ERRSRV, ERRunknownsmb);
722 /****************************************************************************
724 conn POINTER CAN BE NULL HERE !
725 ****************************************************************************/
727 int reply_ioctl(connection_struct *conn,
728 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
730 uint16 device = SVAL(inbuf,smb_vwv1);
731 uint16 function = SVAL(inbuf,smb_vwv2);
732 uint32 ioctl_code = (device << 16) + function;
733 int replysize, outsize;
735 START_PROFILE(SMBioctl);
737 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
739 switch (ioctl_code) {
740 case IOCTL_QUERY_JOB_INFO:
744 END_PROFILE(SMBioctl);
745 return(ERROR_DOS(ERRSRV,ERRnosupport));
748 outsize = set_message(inbuf,outbuf,8,replysize+1,True);
749 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
750 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
751 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
752 p = smb_buf(outbuf) + 1; /* Allow for alignment */
754 switch (ioctl_code) {
755 case IOCTL_QUERY_JOB_INFO:
757 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
759 END_PROFILE(SMBioctl);
760 return(UNIXERROR(ERRDOS,ERRbadfid));
762 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
763 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+2,
765 STR_TERMINATE|STR_ASCII);
767 srvstr_push(outbuf, SVAL(outbuf, smb_flg2),
768 p+18, lp_servicename(SNUM(conn)),
769 13, STR_TERMINATE|STR_ASCII);
775 END_PROFILE(SMBioctl);
779 /****************************************************************************
780 Strange checkpath NTSTATUS mapping.
781 ****************************************************************************/
783 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
785 /* Strange DOS error code semantics only for checkpath... */
786 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
787 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
788 /* We need to map to ERRbadpath */
789 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
795 /****************************************************************************
796 Reply to a checkpath.
797 ****************************************************************************/
799 void reply_checkpath(connection_struct *conn, struct smb_request *req)
802 SMB_STRUCT_STAT sbuf;
805 START_PROFILE(SMBcheckpath);
807 srvstr_get_path((char *)req->inbuf, req->flags2, name,
808 smb_buf(req->inbuf) + 1, sizeof(name), 0,
809 STR_TERMINATE, &status);
810 if (!NT_STATUS_IS_OK(status)) {
811 status = map_checkpath_error((char *)req->inbuf, status);
812 reply_nterror(req, status);
813 END_PROFILE(SMBcheckpath);
817 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES, name);
818 if (!NT_STATUS_IS_OK(status)) {
819 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
820 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
822 END_PROFILE(SMBcheckpath);
828 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
830 status = unix_convert(conn, name, False, NULL, &sbuf);
831 if (!NT_STATUS_IS_OK(status)) {
835 status = check_name(conn, name);
836 if (!NT_STATUS_IS_OK(status)) {
837 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
841 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
842 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
843 status = map_nt_error_from_unix(errno);
847 if (!S_ISDIR(sbuf.st_mode)) {
848 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
850 END_PROFILE(SMBcheckpath);
854 reply_outbuf(req, 0, 0);
856 END_PROFILE(SMBcheckpath);
861 END_PROFILE(SMBcheckpath);
863 /* We special case this - as when a Windows machine
864 is parsing a path is steps through the components
865 one at a time - if a component fails it expects
866 ERRbadpath, not ERRbadfile.
868 status = map_checkpath_error((char *)req->inbuf, status);
869 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
871 * Windows returns different error codes if
872 * the parent directory is valid but not the
873 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
874 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
875 * if the path is invalid.
877 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
882 reply_nterror(req, status);
885 /****************************************************************************
887 ****************************************************************************/
889 void reply_getatr(connection_struct *conn, struct smb_request *req)
892 SMB_STRUCT_STAT sbuf;
899 START_PROFILE(SMBgetatr);
901 p = smb_buf(req->inbuf) + 1;
902 p += srvstr_get_path((char *)req->inbuf, req->flags2, fname, p,
903 sizeof(fname), 0, STR_TERMINATE, &status);
904 if (!NT_STATUS_IS_OK(status)) {
905 reply_nterror(req, status);
906 END_PROFILE(SMBgetatr);
910 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
912 if (!NT_STATUS_IS_OK(status)) {
913 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
914 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
916 END_PROFILE(SMBgetatr);
919 reply_nterror(req, status);
920 END_PROFILE(SMBgetatr);
924 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
925 under WfWg - weird! */
926 if (*fname == '\0') {
927 mode = aHIDDEN | aDIR;
928 if (!CAN_WRITE(conn)) {
934 status = unix_convert(conn, fname, False, NULL,&sbuf);
935 if (!NT_STATUS_IS_OK(status)) {
936 reply_nterror(req, status);
937 END_PROFILE(SMBgetatr);
940 status = check_name(conn, fname);
941 if (!NT_STATUS_IS_OK(status)) {
942 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
943 reply_nterror(req, status);
944 END_PROFILE(SMBgetatr);
947 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
948 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
949 reply_unixerror(req, ERRDOS,ERRbadfile);
950 END_PROFILE(SMBgetatr);
954 mode = dos_mode(conn,fname,&sbuf);
956 mtime = sbuf.st_mtime;
962 reply_outbuf(req, 10, 0);
964 SSVAL(req->outbuf,smb_vwv0,mode);
965 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
966 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
968 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
970 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
972 if (Protocol >= PROTOCOL_NT1) {
973 SSVAL(req->outbuf, smb_flg2,
974 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
977 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
979 END_PROFILE(SMBgetatr);
983 /****************************************************************************
985 ****************************************************************************/
987 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
993 SMB_STRUCT_STAT sbuf;
997 START_PROFILE(SMBsetatr);
999 p = smb_buf(inbuf) + 1;
1000 p += srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, p,
1001 sizeof(fname), 0, STR_TERMINATE, &status);
1002 if (!NT_STATUS_IS_OK(status)) {
1003 END_PROFILE(SMBsetatr);
1004 return ERROR_NT(status);
1007 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1008 if (!NT_STATUS_IS_OK(status)) {
1009 END_PROFILE(SMBsetatr);
1010 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1011 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1013 return ERROR_NT(status);
1016 status = unix_convert(conn, fname, False, NULL, &sbuf);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 END_PROFILE(SMBsetatr);
1019 return ERROR_NT(status);
1022 status = check_name(conn, fname);
1023 if (!NT_STATUS_IS_OK(status)) {
1024 END_PROFILE(SMBsetatr);
1025 return ERROR_NT(status);
1028 if (fname[0] == '.' && fname[1] == '\0') {
1030 * Not sure here is the right place to catch this
1031 * condition. Might be moved to somewhere else later -- vl
1033 END_PROFILE(SMBsetatr);
1034 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
1037 mode = SVAL(inbuf,smb_vwv0);
1038 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
1040 if (mode != FILE_ATTRIBUTE_NORMAL) {
1041 if (VALID_STAT_OF_DIR(sbuf))
1046 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
1047 END_PROFILE(SMBsetatr);
1048 return UNIXERROR(ERRDOS, ERRnoaccess);
1052 if (!set_filetime(conn,fname,convert_time_t_to_timespec(mtime))) {
1053 END_PROFILE(SMBsetatr);
1054 return UNIXERROR(ERRDOS, ERRnoaccess);
1057 outsize = set_message(inbuf,outbuf,0,0,False);
1059 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1061 END_PROFILE(SMBsetatr);
1065 /****************************************************************************
1067 ****************************************************************************/
1069 void reply_dskattr(connection_struct *conn, struct smb_request *req)
1071 SMB_BIG_UINT dfree,dsize,bsize;
1072 START_PROFILE(SMBdskattr);
1074 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1075 reply_unixerror(req, ERRHRD, ERRgeneral);
1076 END_PROFILE(SMBdskattr);
1080 reply_outbuf(req, 5, 0);
1082 if (Protocol <= PROTOCOL_LANMAN2) {
1083 double total_space, free_space;
1084 /* we need to scale this to a number that DOS6 can handle. We
1085 use floating point so we can handle large drives on systems
1086 that don't have 64 bit integers
1088 we end up displaying a maximum of 2G to DOS systems
1090 total_space = dsize * (double)bsize;
1091 free_space = dfree * (double)bsize;
1093 dsize = (total_space+63*512) / (64*512);
1094 dfree = (free_space+63*512) / (64*512);
1096 if (dsize > 0xFFFF) dsize = 0xFFFF;
1097 if (dfree > 0xFFFF) dfree = 0xFFFF;
1099 SSVAL(req->outbuf,smb_vwv0,dsize);
1100 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1101 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1102 SSVAL(req->outbuf,smb_vwv3,dfree);
1104 SSVAL(req->outbuf,smb_vwv0,dsize);
1105 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1106 SSVAL(req->outbuf,smb_vwv2,512);
1107 SSVAL(req->outbuf,smb_vwv3,dfree);
1110 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1112 END_PROFILE(SMBdskattr);
1116 /****************************************************************************
1118 Can be called from SMBsearch, SMBffirst or SMBfunique.
1119 ****************************************************************************/
1121 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1131 unsigned int numentries = 0;
1132 unsigned int maxentries = 0;
1133 BOOL finished = False;
1139 BOOL check_descend = False;
1140 BOOL expect_close = False;
1142 BOOL mask_contains_wcard = False;
1143 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1145 START_PROFILE(SMBsearch);
1147 if (lp_posix_pathnames()) {
1148 END_PROFILE(SMBsearch);
1149 return reply_unknown(inbuf, outbuf);
1152 *mask = *directory = *fname = 0;
1154 /* If we were called as SMBffirst then we must expect close. */
1155 if(CVAL(inbuf,smb_com) == SMBffirst) {
1156 expect_close = True;
1159 outsize = set_message(inbuf,outbuf,1,3,True);
1160 maxentries = SVAL(inbuf,smb_vwv0);
1161 dirtype = SVAL(inbuf,smb_vwv1);
1162 p = smb_buf(inbuf) + 1;
1163 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1164 sizeof(path), 0, STR_TERMINATE, &nt_status,
1165 &mask_contains_wcard);
1166 if (!NT_STATUS_IS_OK(nt_status)) {
1167 END_PROFILE(SMBsearch);
1168 return ERROR_NT(nt_status);
1171 nt_status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, path, &mask_contains_wcard);
1172 if (!NT_STATUS_IS_OK(nt_status)) {
1173 END_PROFILE(SMBsearch);
1174 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1175 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1177 return ERROR_NT(nt_status);
1181 status_len = SVAL(p, 0);
1184 /* dirtype &= ~aDIR; */
1186 if (status_len == 0) {
1187 SMB_STRUCT_STAT sbuf;
1189 pstrcpy(directory,path);
1190 nt_status = unix_convert(conn, directory, True, NULL, &sbuf);
1191 if (!NT_STATUS_IS_OK(nt_status)) {
1192 END_PROFILE(SMBsearch);
1193 return ERROR_NT(nt_status);
1196 nt_status = check_name(conn, directory);
1197 if (!NT_STATUS_IS_OK(nt_status)) {
1198 END_PROFILE(SMBsearch);
1199 return ERROR_NT(nt_status);
1202 p = strrchr_m(directory,'/');
1204 pstrcpy(mask,directory);
1205 pstrcpy(directory,".");
1211 if (*directory == '\0') {
1212 pstrcpy(directory,".");
1214 memset((char *)status,'\0',21);
1215 SCVAL(status,0,(dirtype & 0x1F));
1219 memcpy(status,p,21);
1220 status_dirtype = CVAL(status,0) & 0x1F;
1221 if (status_dirtype != (dirtype & 0x1F)) {
1222 dirtype = status_dirtype;
1225 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1226 if (!conn->dirptr) {
1229 string_set(&conn->dirpath,dptr_path(dptr_num));
1230 pstrcpy(mask, dptr_wcard(dptr_num));
1232 * For a 'continue' search we have no string. So
1233 * check from the initial saved string.
1235 mask_contains_wcard = ms_has_wild(mask);
1238 p = smb_buf(outbuf) + 3;
1240 if (status_len == 0) {
1241 nt_status = dptr_create(conn,
1245 SVAL(inbuf,smb_pid),
1247 mask_contains_wcard,
1250 if (!NT_STATUS_IS_OK(nt_status)) {
1251 return ERROR_NT(nt_status);
1253 dptr_num = dptr_dnum(conn->dirptr);
1255 dirtype = dptr_attr(dptr_num);
1258 DEBUG(4,("dptr_num is %d\n",dptr_num));
1260 if ((dirtype&0x1F) == aVOLID) {
1261 memcpy(p,status,21);
1262 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1263 0,aVOLID,0,!allow_long_path_components);
1264 dptr_fill(p+12,dptr_num);
1265 if (dptr_zero(p+12) && (status_len==0)) {
1270 p += DIR_STRUCT_SIZE;
1273 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1275 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1276 conn->dirpath,lp_dontdescend(SNUM(conn))));
1277 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1278 check_descend = True;
1281 for (i=numentries;(i<maxentries) && !finished;i++) {
1282 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1284 memcpy(p,status,21);
1285 make_dir_struct(p,mask,fname,size, mode,date,
1286 !allow_long_path_components);
1287 if (!dptr_fill(p+12,dptr_num)) {
1291 p += DIR_STRUCT_SIZE;
1298 /* If we were called as SMBffirst with smb_search_id == NULL
1299 and no entries were found then return error and close dirptr
1302 if (numentries == 0) {
1303 dptr_close(&dptr_num);
1304 } else if(expect_close && status_len == 0) {
1305 /* Close the dptr - we know it's gone */
1306 dptr_close(&dptr_num);
1309 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1310 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1311 dptr_close(&dptr_num);
1314 if ((numentries == 0) && !mask_contains_wcard) {
1315 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1318 SSVAL(outbuf,smb_vwv0,numentries);
1319 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1320 SCVAL(smb_buf(outbuf),0,5);
1321 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1323 /* The replies here are never long name. */
1324 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1325 if (!allow_long_path_components) {
1326 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1329 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1330 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1332 outsize += DIR_STRUCT_SIZE*numentries;
1333 smb_setlen(inbuf,outbuf,outsize - 4);
1335 if ((! *directory) && dptr_path(dptr_num))
1336 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1338 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1339 smb_fn_name(CVAL(inbuf,smb_com)),
1340 mask, directory, dirtype, numentries, maxentries ) );
1342 END_PROFILE(SMBsearch);
1346 /****************************************************************************
1347 Reply to a fclose (stop directory search).
1348 ****************************************************************************/
1350 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1359 BOOL path_contains_wcard = False;
1361 START_PROFILE(SMBfclose);
1363 if (lp_posix_pathnames()) {
1364 END_PROFILE(SMBfclose);
1365 return reply_unknown(inbuf, outbuf);
1368 outsize = set_message(inbuf,outbuf,1,0,True);
1369 p = smb_buf(inbuf) + 1;
1370 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), path, p,
1371 sizeof(path), 0, STR_TERMINATE, &err,
1372 &path_contains_wcard);
1373 if (!NT_STATUS_IS_OK(err)) {
1374 END_PROFILE(SMBfclose);
1375 return ERROR_NT(err);
1378 status_len = SVAL(p,0);
1381 if (status_len == 0) {
1382 END_PROFILE(SMBfclose);
1383 return ERROR_DOS(ERRSRV,ERRsrverror);
1386 memcpy(status,p,21);
1388 if(dptr_fetch(status+12,&dptr_num)) {
1389 /* Close the dptr - we know it's gone */
1390 dptr_close(&dptr_num);
1393 SSVAL(outbuf,smb_vwv0,0);
1395 DEBUG(3,("search close\n"));
1397 END_PROFILE(SMBfclose);
1401 /****************************************************************************
1403 ****************************************************************************/
1405 void reply_open(connection_struct *conn, struct smb_request *req)
1412 SMB_STRUCT_STAT sbuf;
1419 uint32 create_disposition;
1420 uint32 create_options = 0;
1423 START_PROFILE(SMBopen);
1426 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1427 END_PROFILE(SMBopen);
1431 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1432 deny_mode = SVAL(req->inbuf,smb_vwv0);
1433 dos_attr = SVAL(req->inbuf,smb_vwv1);
1435 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1436 smb_buf(req->inbuf)+1, sizeof(fname), 0,
1437 STR_TERMINATE, &status);
1438 if (!NT_STATUS_IS_OK(status)) {
1439 reply_nterror(req, status);
1440 END_PROFILE(SMBopen);
1444 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1446 if (!NT_STATUS_IS_OK(status)) {
1447 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1448 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1449 ERRSRV, ERRbadpath);
1450 END_PROFILE(SMBopen);
1453 reply_nterror(req, status);
1454 END_PROFILE(SMBopen);
1458 status = unix_convert(conn, fname, False, NULL, &sbuf);
1459 if (!NT_STATUS_IS_OK(status)) {
1460 reply_nterror(req, status);
1461 END_PROFILE(SMBopen);
1465 status = check_name(conn, fname);
1466 if (!NT_STATUS_IS_OK(status)) {
1467 reply_nterror(req, status);
1468 END_PROFILE(SMBopen);
1472 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1473 &access_mask, &share_mode, &create_disposition, &create_options)) {
1474 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1475 END_PROFILE(SMBopen);
1479 status = open_file_ntcreate(conn, req, fname, &sbuf,
1488 if (!NT_STATUS_IS_OK(status)) {
1489 if (open_was_deferred(req->mid)) {
1490 /* We have re-scheduled this call. */
1491 END_PROFILE(SMBopen);
1494 reply_nterror(req, status);
1495 END_PROFILE(SMBopen);
1499 size = sbuf.st_size;
1500 fattr = dos_mode(conn,fname,&sbuf);
1501 mtime = sbuf.st_mtime;
1504 DEBUG(3,("attempt to open a directory %s\n",fname));
1505 close_file(fsp,ERROR_CLOSE);
1506 reply_doserror(req, ERRDOS,ERRnoaccess);
1507 END_PROFILE(SMBopen);
1511 reply_outbuf(req, 7, 0);
1512 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1513 SSVAL(req->outbuf,smb_vwv1,fattr);
1514 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1515 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1517 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1519 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1520 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1522 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1523 SCVAL(req->outbuf,smb_flg,
1524 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1527 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1528 SCVAL(req->outbuf,smb_flg,
1529 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1531 END_PROFILE(SMBopen);
1535 /****************************************************************************
1536 Reply to an open and X.
1537 ****************************************************************************/
1539 void reply_open_and_X(connection_struct *conn, struct smb_request *req)
1545 /* Breakout the oplock request bits so we can set the
1546 reply bits separately. */
1547 int ex_oplock_request;
1548 int core_oplock_request;
1551 int smb_sattr = SVAL(req->inbuf,smb_vwv4);
1552 uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
1557 SMB_STRUCT_STAT sbuf;
1561 SMB_BIG_UINT allocation_size;
1562 ssize_t retval = -1;
1565 uint32 create_disposition;
1566 uint32 create_options = 0;
1568 START_PROFILE(SMBopenX);
1570 if (req->wct < 15) {
1571 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1572 END_PROFILE(SMBopenX);
1576 open_flags = SVAL(req->inbuf,smb_vwv2);
1577 deny_mode = SVAL(req->inbuf,smb_vwv3);
1578 smb_attr = SVAL(req->inbuf,smb_vwv5);
1579 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1580 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1581 oplock_request = ex_oplock_request | core_oplock_request;
1582 smb_ofun = SVAL(req->inbuf,smb_vwv8);
1583 allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9);
1585 /* If it's an IPC, pass off the pipe handler. */
1587 if (lp_nt_pipe_support()) {
1588 reply_open_pipe_and_X(conn, req);
1590 reply_doserror(req, ERRSRV, ERRaccess);
1592 END_PROFILE(SMBopenX);
1596 /* XXXX we need to handle passed times, sattr and flags */
1597 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1598 smb_buf(req->inbuf), sizeof(fname), 0, STR_TERMINATE,
1600 if (!NT_STATUS_IS_OK(status)) {
1601 reply_nterror(req, status);
1602 END_PROFILE(SMBopenX);
1606 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1608 if (!NT_STATUS_IS_OK(status)) {
1609 END_PROFILE(SMBopenX);
1610 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1611 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1612 ERRSRV, ERRbadpath);
1615 reply_nterror(req, status);
1619 status = unix_convert(conn, fname, False, NULL, &sbuf);
1620 if (!NT_STATUS_IS_OK(status)) {
1621 reply_nterror(req, status);
1622 END_PROFILE(SMBopenX);
1626 status = check_name(conn, fname);
1627 if (!NT_STATUS_IS_OK(status)) {
1628 reply_nterror(req, status);
1629 END_PROFILE(SMBopenX);
1633 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1636 &create_disposition,
1638 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1639 END_PROFILE(SMBopenX);
1643 status = open_file_ntcreate(conn, req, fname, &sbuf,
1652 if (!NT_STATUS_IS_OK(status)) {
1653 END_PROFILE(SMBopenX);
1654 if (open_was_deferred(req->mid)) {
1655 /* We have re-scheduled this call. */
1658 reply_nterror(req, status);
1662 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1663 if the file is truncated or created. */
1664 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1665 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1666 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1667 close_file(fsp,ERROR_CLOSE);
1668 reply_nterror(req, NT_STATUS_DISK_FULL);
1669 END_PROFILE(SMBopenX);
1672 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1674 close_file(fsp,ERROR_CLOSE);
1675 reply_nterror(req, NT_STATUS_DISK_FULL);
1676 END_PROFILE(SMBopenX);
1679 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1682 fattr = dos_mode(conn,fname,&sbuf);
1683 mtime = sbuf.st_mtime;
1685 close_file(fsp,ERROR_CLOSE);
1686 reply_doserror(req, ERRDOS, ERRnoaccess);
1687 END_PROFILE(SMBopenX);
1691 /* If the caller set the extended oplock request bit
1692 and we granted one (by whatever means) - set the
1693 correct bit for extended oplock reply.
1696 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1697 smb_action |= EXTENDED_OPLOCK_GRANTED;
1700 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1701 smb_action |= EXTENDED_OPLOCK_GRANTED;
1704 /* If the caller set the core oplock request bit
1705 and we granted one (by whatever means) - set the
1706 correct bit for core oplock reply.
1709 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1710 reply_outbuf(req, 19, 0);
1712 reply_outbuf(req, 15, 0);
1715 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1716 SCVAL(req->outbuf, smb_flg,
1717 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1720 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1721 SCVAL(req->outbuf, smb_flg,
1722 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1725 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1726 SSVAL(req->outbuf,smb_vwv3,fattr);
1727 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1728 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1730 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1732 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1733 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1734 SSVAL(req->outbuf,smb_vwv11,smb_action);
1736 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1737 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1740 END_PROFILE(SMBopenX);
1741 chain_reply_new(req);
1745 /****************************************************************************
1746 Reply to a SMBulogoffX.
1747 conn POINTER CAN BE NULL HERE !
1748 ****************************************************************************/
1750 void reply_ulogoffX(connection_struct *conn, struct smb_request *req)
1754 START_PROFILE(SMBulogoffX);
1756 vuser = get_valid_user_struct(req->vuid);
1759 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1763 /* in user level security we are supposed to close any files
1764 open by this user */
1765 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1766 file_close_user(req->vuid);
1769 invalidate_vuid(req->vuid);
1771 reply_outbuf(req, 2, 0);
1773 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1775 END_PROFILE(SMBulogoffX);
1776 chain_reply_new(req);
1779 /****************************************************************************
1780 Reply to a mknew or a create.
1781 ****************************************************************************/
1783 void reply_mknew(connection_struct *conn, struct smb_request *req)
1788 struct timespec ts[2];
1790 int oplock_request = 0;
1791 SMB_STRUCT_STAT sbuf;
1793 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1794 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1795 uint32 create_disposition;
1796 uint32 create_options = 0;
1798 START_PROFILE(SMBcreate);
1801 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1802 END_PROFILE(SMBcreate);
1806 fattr = SVAL(req->inbuf,smb_vwv0);
1807 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1808 com = SVAL(req->inbuf,smb_com);
1810 ts[1] =convert_time_t_to_timespec(
1811 srv_make_unix_date3(req->inbuf + smb_vwv1));
1814 srvstr_get_path((char *)req->inbuf, req->flags2, fname,
1815 smb_buf(req->inbuf) + 1, sizeof(fname), 0,
1816 STR_TERMINATE, &status);
1817 if (!NT_STATUS_IS_OK(status)) {
1818 reply_nterror(req, status);
1819 END_PROFILE(SMBcreate);
1823 status = resolve_dfspath(conn, req->flags2 & FLAGS2_DFS_PATHNAMES,
1825 if (!NT_STATUS_IS_OK(status)) {
1826 END_PROFILE(SMBcreate);
1827 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1828 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1829 ERRSRV, ERRbadpath);
1832 reply_nterror(req, status);
1836 status = unix_convert(conn, fname, False, NULL, &sbuf);
1837 if (!NT_STATUS_IS_OK(status)) {
1838 reply_nterror(req, status);
1839 END_PROFILE(SMBcreate);
1843 status = check_name(conn, fname);
1844 if (!NT_STATUS_IS_OK(status)) {
1845 reply_nterror(req, status);
1846 END_PROFILE(SMBcreate);
1850 if (fattr & aVOLID) {
1851 DEBUG(0,("Attempt to create file (%s) with volid set - "
1852 "please report this\n", fname));
1855 if(com == SMBmknew) {
1856 /* We should fail if file exists. */
1857 create_disposition = FILE_CREATE;
1859 /* Create if file doesn't exist, truncate if it does. */
1860 create_disposition = FILE_OVERWRITE_IF;
1863 /* Open file using ntcreate. */
1864 status = open_file_ntcreate(conn, req, fname, &sbuf,
1873 if (!NT_STATUS_IS_OK(status)) {
1874 END_PROFILE(SMBcreate);
1875 if (open_was_deferred(req->mid)) {
1876 /* We have re-scheduled this call. */
1879 reply_nterror(req, status);
1883 ts[0] = get_atimespec(&sbuf); /* atime. */
1884 file_ntimes(conn, fname, ts);
1886 reply_outbuf(req, 1, 0);
1888 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1890 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1891 SCVAL(req->outbuf,smb_flg,
1892 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1895 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1896 SCVAL(req->outbuf,smb_flg,
1897 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1900 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1901 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
1902 fname, fsp->fh->fd, (unsigned int)fattr ) );
1904 END_PROFILE(SMBcreate);
1908 /****************************************************************************
1909 Reply to a create temporary file.
1910 ****************************************************************************/
1912 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1916 uint32 fattr = SVAL(inbuf,smb_vwv0);
1918 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1920 SMB_STRUCT_STAT sbuf;
1923 unsigned int namelen;
1924 struct smb_request req;
1926 START_PROFILE(SMBctemp);
1928 init_smb_request(&req, (uint8 *)inbuf);
1930 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), fname, smb_buf(inbuf)+1,
1931 sizeof(fname), 0, STR_TERMINATE, &status);
1932 if (!NT_STATUS_IS_OK(status)) {
1933 END_PROFILE(SMBctemp);
1934 return ERROR_NT(status);
1937 pstrcat(fname,"/TMXXXXXX");
1939 pstrcat(fname,"TMXXXXXX");
1942 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, fname);
1943 if (!NT_STATUS_IS_OK(status)) {
1944 END_PROFILE(SMBctemp);
1945 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1946 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
1948 return ERROR_NT(status);
1951 status = unix_convert(conn, fname, False, NULL, &sbuf);
1952 if (!NT_STATUS_IS_OK(status)) {
1953 END_PROFILE(SMBctemp);
1954 return ERROR_NT(status);
1957 status = check_name(conn, fname);
1958 if (!NT_STATUS_IS_OK(status)) {
1959 END_PROFILE(SMBctemp);
1960 return ERROR_NT(status);
1963 tmpfd = smb_mkstemp(fname);
1965 END_PROFILE(SMBctemp);
1966 return(UNIXERROR(ERRDOS,ERRnoaccess));
1969 SMB_VFS_STAT(conn,fname,&sbuf);
1971 /* We should fail if file does not exist. */
1972 status = open_file_ntcreate(conn, &req, fname, &sbuf,
1973 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1974 FILE_SHARE_READ|FILE_SHARE_WRITE,
1981 /* close fd from smb_mkstemp() */
1984 if (!NT_STATUS_IS_OK(status)) {
1985 END_PROFILE(SMBctemp);
1986 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1987 /* We have re-scheduled this call. */
1990 return ERROR_NT(status);
1993 outsize = set_message(inbuf,outbuf,1,0,True);
1994 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1996 /* the returned filename is relative to the directory */
1997 s = strrchr_m(fname, '/');
2004 p = smb_buf(outbuf);
2006 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2007 thing in the byte section. JRA */
2008 SSVALS(p, 0, -1); /* what is this? not in spec */
2010 namelen = srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p, s, -1,
2011 STR_ASCII|STR_TERMINATE);
2013 outsize = set_message_end(inbuf,outbuf, p);
2015 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2016 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2019 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2020 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2023 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
2024 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
2025 (unsigned int)sbuf.st_mode ) );
2027 END_PROFILE(SMBctemp);
2031 /*******************************************************************
2032 Check if a user is allowed to rename a file.
2033 ********************************************************************/
2035 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2036 uint16 dirtype, SMB_STRUCT_STAT *pst)
2040 if (!CAN_WRITE(conn)) {
2041 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2044 fmode = dos_mode(conn, fsp->fsp_name, pst);
2045 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2046 return NT_STATUS_NO_SUCH_FILE;
2049 if (S_ISDIR(pst->st_mode)) {
2050 return NT_STATUS_OK;
2053 if (fsp->access_mask & DELETE_ACCESS) {
2054 return NT_STATUS_OK;
2057 return NT_STATUS_ACCESS_DENIED;
2060 /*******************************************************************
2061 * unlink a file with all relevant access checks
2062 *******************************************************************/
2064 static NTSTATUS do_unlink(connection_struct *conn, struct smb_request *req,
2065 char *fname, uint32 dirtype)
2067 SMB_STRUCT_STAT sbuf;
2070 uint32 dirtype_orig = dirtype;
2073 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2075 if (!CAN_WRITE(conn)) {
2076 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2079 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2080 return map_nt_error_from_unix(errno);
2083 fattr = dos_mode(conn,fname,&sbuf);
2085 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2086 dirtype = aDIR|aARCH|aRONLY;
2089 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2091 return NT_STATUS_NO_SUCH_FILE;
2094 if (!dir_check_ftype(conn, fattr, dirtype)) {
2096 return NT_STATUS_FILE_IS_A_DIRECTORY;
2098 return NT_STATUS_NO_SUCH_FILE;
2101 if (dirtype_orig & 0x8000) {
2102 /* These will never be set for POSIX. */
2103 return NT_STATUS_NO_SUCH_FILE;
2107 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2108 return NT_STATUS_FILE_IS_A_DIRECTORY;
2111 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2112 return NT_STATUS_NO_SUCH_FILE;
2115 if (dirtype & 0xFF00) {
2116 /* These will never be set for POSIX. */
2117 return NT_STATUS_NO_SUCH_FILE;
2122 return NT_STATUS_NO_SUCH_FILE;
2125 /* Can't delete a directory. */
2127 return NT_STATUS_FILE_IS_A_DIRECTORY;
2132 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2133 return NT_STATUS_OBJECT_NAME_INVALID;
2134 #endif /* JRATEST */
2136 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2138 On a Windows share, a file with read-only dosmode can be opened with
2139 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2140 fails with NT_STATUS_CANNOT_DELETE error.
2142 This semantic causes a problem that a user can not
2143 rename a file with read-only dosmode on a Samba share
2144 from a Windows command prompt (i.e. cmd.exe, but can rename
2145 from Windows Explorer).
2148 if (!lp_delete_readonly(SNUM(conn))) {
2149 if (fattr & aRONLY) {
2150 return NT_STATUS_CANNOT_DELETE;
2154 /* On open checks the open itself will check the share mode, so
2155 don't do it here as we'll get it wrong. */
2157 status = open_file_ntcreate(conn, req, fname, &sbuf,
2162 FILE_ATTRIBUTE_NORMAL,
2163 req != NULL ? 0 : INTERNAL_OPEN_ONLY,
2166 if (!NT_STATUS_IS_OK(status)) {
2167 DEBUG(10, ("open_file_ntcreate failed: %s\n",
2168 nt_errstr(status)));
2172 /* The set is across all open files on this dev/inode pair. */
2173 if (!set_delete_on_close(fsp, True, ¤t_user.ut)) {
2174 close_file(fsp, NORMAL_CLOSE);
2175 return NT_STATUS_ACCESS_DENIED;
2178 return close_file(fsp,NORMAL_CLOSE);
2181 /****************************************************************************
2182 The guts of the unlink command, split out so it may be called by the NT SMB
2184 ****************************************************************************/
2186 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2187 uint32 dirtype, char *name, BOOL has_wild)
2193 NTSTATUS status = NT_STATUS_OK;
2194 SMB_STRUCT_STAT sbuf;
2196 *directory = *mask = 0;
2198 status = unix_convert(conn, name, has_wild, NULL, &sbuf);
2199 if (!NT_STATUS_IS_OK(status)) {
2203 p = strrchr_m(name,'/');
2205 pstrcpy(directory,".");
2209 pstrcpy(directory,name);
2214 * We should only check the mangled cache
2215 * here if unix_convert failed. This means
2216 * that the path in 'mask' doesn't exist
2217 * on the file system and so we need to look
2218 * for a possible mangle. This patch from
2219 * Tine Smukavec <valentin.smukavec@hermes.si>.
2222 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params))
2223 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
2226 pstrcat(directory,"/");
2227 pstrcat(directory,mask);
2229 dirtype = FILE_ATTRIBUTE_NORMAL;
2232 status = check_name(conn, directory);
2233 if (!NT_STATUS_IS_OK(status)) {
2237 status = do_unlink(conn, req, directory, dirtype);
2238 if (!NT_STATUS_IS_OK(status)) {
2244 struct smb_Dir *dir_hnd = NULL;
2248 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2249 return NT_STATUS_OBJECT_NAME_INVALID;
2252 if (strequal(mask,"????????.???")) {
2256 status = check_name(conn, directory);
2257 if (!NT_STATUS_IS_OK(status)) {
2261 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2262 if (dir_hnd == NULL) {
2263 return map_nt_error_from_unix(errno);
2266 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2267 the pattern matches against the long name, otherwise the short name
2268 We don't implement this yet XXXX
2271 status = NT_STATUS_NO_SUCH_FILE;
2273 while ((dname = ReadDirName(dir_hnd, &offset))) {
2276 pstrcpy(fname,dname);
2278 if (!is_visible_file(conn, directory, dname, &st, True)) {
2282 /* Quick check for "." and ".." */
2283 if (fname[0] == '.') {
2284 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2289 if(!mask_match(fname, mask, conn->case_sensitive)) {
2293 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2295 status = check_name(conn, fname);
2296 if (!NT_STATUS_IS_OK(status)) {
2301 status = do_unlink(conn, req, fname, dirtype);
2302 if (!NT_STATUS_IS_OK(status)) {
2307 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",
2313 if (count == 0 && NT_STATUS_IS_OK(status)) {
2314 status = map_nt_error_from_unix(errno);
2320 /****************************************************************************
2322 ****************************************************************************/
2324 void reply_unlink(connection_struct *conn, struct smb_request *req)
2329 BOOL path_contains_wcard = False;
2331 START_PROFILE(SMBunlink);
2334 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2335 END_PROFILE(SMBunlink);
2339 dirtype = SVAL(req->inbuf,smb_vwv0);
2341 srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name,
2342 smb_buf(req->inbuf) + 1, sizeof(name), 0,
2343 STR_TERMINATE, &status, &path_contains_wcard);
2344 if (!NT_STATUS_IS_OK(status)) {
2345 reply_nterror(req, status);
2346 END_PROFILE(SMBunlink);
2350 status = resolve_dfspath_wcard(conn,
2351 req->flags2 & FLAGS2_DFS_PATHNAMES,
2352 name, &path_contains_wcard);
2353 if (!NT_STATUS_IS_OK(status)) {
2354 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2355 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2356 ERRSRV, ERRbadpath);
2357 END_PROFILE(SMBunlink);
2360 reply_nterror(req, status);
2361 END_PROFILE(SMBunlink);
2365 DEBUG(3,("reply_unlink : %s\n",name));
2367 status = unlink_internals(conn, req, dirtype, name,
2368 path_contains_wcard);
2369 if (!NT_STATUS_IS_OK(status)) {
2370 if (open_was_deferred(req->mid)) {
2371 /* We have re-scheduled this call. */
2372 END_PROFILE(SMBunlink);
2375 reply_nterror(req, status);
2376 END_PROFILE(SMBunlink);
2380 reply_outbuf(req, 0, 0);
2381 END_PROFILE(SMBunlink);
2386 /****************************************************************************
2388 ****************************************************************************/
2390 static void fail_readraw(void)
2393 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2395 exit_server_cleanly(errstr);
2398 /****************************************************************************
2399 Fake (read/write) sendfile. Returns -1 on read or write fail.
2400 ****************************************************************************/
2402 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2406 size_t tosend = nread;
2413 bufsize = MIN(nread, 65536);
2415 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2419 while (tosend > 0) {
2423 if (tosend > bufsize) {
2428 ret = read_file(fsp,buf,startpos,cur_read);
2434 /* If we had a short read, fill with zeros. */
2435 if (ret < cur_read) {
2436 memset(buf, '\0', cur_read - ret);
2439 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2444 startpos += cur_read;
2448 return (ssize_t)nread;
2451 /****************************************************************************
2452 Return a readbraw error (4 bytes of zero).
2453 ****************************************************************************/
2455 static void reply_readbraw_error(void)
2459 if (write_data(smbd_server_fd(),header,4) != 4) {
2464 /****************************************************************************
2465 Use sendfile in readbraw.
2466 ****************************************************************************/
2468 void send_file_readbraw(connection_struct *conn,
2474 char *outbuf = NULL;
2477 #if defined(WITH_SENDFILE)
2479 * We can only use sendfile on a non-chained packet
2480 * but we can use on a non-oplocked file. tridge proved this
2481 * on a train in Germany :-). JRA.
2482 * reply_readbraw has already checked the length.
2485 if ( (chain_size == 0) && (nread > 0) &&
2486 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2488 DATA_BLOB header_blob;
2490 _smb_setlen(header,nread);
2491 header_blob = data_blob_const(header, 4);
2493 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd,
2494 &header_blob, startpos, nread) == -1) {
2495 /* Returning ENOSYS means no data at all was sent.
2496 * Do this as a normal read. */
2497 if (errno == ENOSYS) {
2498 goto normal_readbraw;
2502 * Special hack for broken Linux with no working sendfile. If we
2503 * return EINTR we sent the header but not the rest of the data.
2504 * Fake this up by doing read/write calls.
2506 if (errno == EINTR) {
2507 /* Ensure we don't do this again. */
2508 set_use_sendfile(SNUM(conn), False);
2509 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2511 if (fake_sendfile(fsp, startpos, nread) == -1) {
2512 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2513 fsp->fsp_name, strerror(errno) ));
2514 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2519 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2520 fsp->fsp_name, strerror(errno) ));
2521 exit_server_cleanly("send_file_readbraw sendfile failed");
2530 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2532 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2533 (unsigned)(nread+4)));
2534 reply_readbraw_error();
2539 ret = read_file(fsp,outbuf+4,startpos,nread);
2540 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2549 _smb_setlen(outbuf,ret);
2550 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2553 TALLOC_FREE(outbuf);
2556 /****************************************************************************
2557 Reply to a readbraw (core+ protocol).
2558 ****************************************************************************/
2560 void reply_readbraw(connection_struct *conn, struct smb_request *req)
2562 ssize_t maxcount,mincount;
2569 START_PROFILE(SMBreadbraw);
2571 if (srv_is_signing_active()) {
2572 exit_server_cleanly("reply_readbraw: SMB signing is active - "
2573 "raw reads/writes are disallowed.");
2577 reply_readbraw_error();
2578 END_PROFILE(SMBreadbraw);
2583 * Special check if an oplock break has been issued
2584 * and the readraw request croses on the wire, we must
2585 * return a zero length response here.
2588 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2591 * We have to do a check_fsp by hand here, as
2592 * we must always return 4 zero bytes on error,
2596 if (!fsp || !conn || conn != fsp->conn ||
2597 current_user.vuid != fsp->vuid ||
2598 fsp->is_directory || fsp->fh->fd == -1) {
2600 * fsp could be NULL here so use the value from the packet. JRA.
2602 DEBUG(3,("reply_readbraw: fnum %d not valid "
2604 (int)SVAL(req->inbuf,smb_vwv0)));
2605 reply_readbraw_error();
2606 END_PROFILE(SMBreadbraw);
2610 /* Do a "by hand" version of CHECK_READ. */
2611 if (!(fsp->can_read ||
2612 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2613 (fsp->access_mask & FILE_EXECUTE)))) {
2614 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2615 (int)SVAL(req->inbuf,smb_vwv0)));
2616 reply_readbraw_error();
2617 END_PROFILE(SMBreadbraw);
2621 flush_write_cache(fsp, READRAW_FLUSH);
2623 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1);
2624 if(req->wct == 10) {
2626 * This is a large offset (64 bit) read.
2628 #ifdef LARGE_SMB_OFF_T
2630 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv8)) << 32);
2632 #else /* !LARGE_SMB_OFF_T */
2635 * Ensure we haven't been sent a >32 bit offset.
2638 if(IVAL(req->inbuf,smb_vwv8) != 0) {
2639 DEBUG(0,("reply_readbraw: large offset "
2640 "(%x << 32) used and we don't support "
2641 "64 bit offsets.\n",
2642 (unsigned int)IVAL(req->inbuf,smb_vwv8) ));
2643 reply_readbraw_error();
2644 END_PROFILE(SMBreadbraw);
2648 #endif /* LARGE_SMB_OFF_T */
2651 DEBUG(0,("reply_readbraw: negative 64 bit "
2652 "readraw offset (%.0f) !\n",
2653 (double)startpos ));
2654 reply_readbraw_error();
2655 END_PROFILE(SMBreadbraw);
2660 maxcount = (SVAL(req->inbuf,smb_vwv3) & 0xFFFF);
2661 mincount = (SVAL(req->inbuf,smb_vwv4) & 0xFFFF);
2663 /* ensure we don't overrun the packet size */
2664 maxcount = MIN(65535,maxcount);
2666 if (is_locked(fsp,(uint32)req->smbpid,
2667 (SMB_BIG_UINT)maxcount,
2668 (SMB_BIG_UINT)startpos,
2670 reply_readbraw_error();
2671 END_PROFILE(SMBreadbraw);
2675 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2679 if (startpos >= size) {
2682 nread = MIN(maxcount,(size - startpos));
2685 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2686 if (nread < mincount)
2690 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2691 "min=%lu nread=%lu\n",
2692 fsp->fnum, (double)startpos,
2693 (unsigned long)maxcount,
2694 (unsigned long)mincount,
2695 (unsigned long)nread ) );
2697 send_file_readbraw(conn, fsp, startpos, nread, mincount);
2699 DEBUG(5,("reply_readbraw finished\n"));
2700 END_PROFILE(SMBreadbraw);
2704 #define DBGC_CLASS DBGC_LOCKING
2706 /****************************************************************************
2707 Reply to a lockread (core+ protocol).
2708 ****************************************************************************/
2710 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2718 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2719 struct byte_range_lock *br_lck = NULL;
2720 START_PROFILE(SMBlockread);
2722 CHECK_FSP(fsp,conn);
2723 if (!CHECK_READ(fsp,inbuf)) {
2724 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2727 release_level_2_oplocks_on_change(fsp);
2729 numtoread = SVAL(inbuf,smb_vwv1);
2730 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2732 outsize = set_message(inbuf,outbuf,5,3,True);
2733 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2734 data = smb_buf(outbuf) + 3;
2737 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2738 * protocol request that predates the read/write lock concept.
2739 * Thus instead of asking for a read lock here we need to ask
2740 * for a write lock. JRA.
2741 * Note that the requested lock size is unaffected by max_recv.
2744 br_lck = do_lock(smbd_messaging_context(),
2746 (uint32)SVAL(inbuf,smb_pid),
2747 (SMB_BIG_UINT)numtoread,
2748 (SMB_BIG_UINT)startpos,
2751 False, /* Non-blocking lock. */
2754 TALLOC_FREE(br_lck);
2756 if (NT_STATUS_V(status)) {
2757 END_PROFILE(SMBlockread);
2758 return ERROR_NT(status);
2762 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2765 if (numtoread > max_recv) {
2766 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2767 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2768 (unsigned int)numtoread, (unsigned int)max_recv ));
2769 numtoread = MIN(numtoread,max_recv);
2771 nread = read_file(fsp,data,startpos,numtoread);
2774 END_PROFILE(SMBlockread);
2775 return(UNIXERROR(ERRDOS,ERRnoaccess));
2779 SSVAL(outbuf,smb_vwv0,nread);
2780 SSVAL(outbuf,smb_vwv5,nread+3);
2781 SSVAL(smb_buf(outbuf),1,nread);
2783 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2784 fsp->fnum, (int)numtoread, (int)nread));
2786 END_PROFILE(SMBlockread);
2791 #define DBGC_CLASS DBGC_ALL
2793 /****************************************************************************
2795 ****************************************************************************/
2797 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2804 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
2805 START_PROFILE(SMBread);
2807 CHECK_FSP(fsp,conn);
2808 if (!CHECK_READ(fsp,inbuf)) {
2809 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2812 numtoread = SVAL(inbuf,smb_vwv1);
2813 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2815 outsize = set_message(inbuf,outbuf,5,3,True);
2816 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2818 * The requested read size cannot be greater than max_recv. JRA.
2820 if (numtoread > max_recv) {
2821 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2822 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2823 (unsigned int)numtoread, (unsigned int)max_recv ));
2824 numtoread = MIN(numtoread,max_recv);
2827 data = smb_buf(outbuf) + 3;
2829 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2830 END_PROFILE(SMBread);
2831 return ERROR_DOS(ERRDOS,ERRlock);
2835 nread = read_file(fsp,data,startpos,numtoread);
2838 END_PROFILE(SMBread);
2839 return(UNIXERROR(ERRDOS,ERRnoaccess));
2843 SSVAL(outbuf,smb_vwv0,nread);
2844 SSVAL(outbuf,smb_vwv5,nread+3);
2845 SCVAL(smb_buf(outbuf),0,1);
2846 SSVAL(smb_buf(outbuf),1,nread);
2848 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2849 fsp->fnum, (int)numtoread, (int)nread ) );
2851 END_PROFILE(SMBread);
2855 /****************************************************************************
2857 ****************************************************************************/
2859 static int setup_readX_header(const uint8 *inbuf, uint8 *outbuf,
2865 outsize = set_message((char *)inbuf, (char *)outbuf,12,smb_maxcnt,
2867 data = smb_buf(outbuf);
2869 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2870 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2871 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2872 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
2873 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2874 SCVAL(outbuf,smb_vwv0,0xFF);
2875 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
2876 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
2880 /****************************************************************************
2881 Reply to a read and X - possibly using sendfile.
2882 ****************************************************************************/
2884 static void send_file_readX(connection_struct *conn, struct smb_request *req,
2885 files_struct *fsp, SMB_OFF_T startpos,
2888 SMB_STRUCT_STAT sbuf;
2891 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
2892 reply_unixerror(req, ERRDOS, ERRnoaccess);
2896 if (startpos > sbuf.st_size) {
2898 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
2899 smb_maxcnt = (sbuf.st_size - startpos);
2902 if (smb_maxcnt == 0) {
2906 #if defined(WITH_SENDFILE)
2908 * We can only use sendfile on a non-chained packet
2909 * but we can use on a non-oplocked file. tridge proved this
2910 * on a train in Germany :-). JRA.
2913 if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) &&
2914 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2915 uint8 headerbuf[smb_size + 12 * 2];
2919 * Set up the packet header before send. We
2920 * assume here the sendfile will work (get the
2921 * correct amount of data).
2924 header = data_blob_const(headerbuf, sizeof(headerbuf));
2926 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
2927 setup_readX_header(req->inbuf, headerbuf, smb_maxcnt);
2929 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2930 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2931 if (errno == ENOSYS) {
2936 * Special hack for broken Linux with no working sendfile. If we
2937 * return EINTR we sent the header but not the rest of the data.
2938 * Fake this up by doing read/write calls.
2941 if (errno == EINTR) {
2942 /* Ensure we don't do this again. */
2943 set_use_sendfile(SNUM(conn), False);
2944 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2945 nread = fake_sendfile(fsp, startpos,
2948 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2949 fsp->fsp_name, strerror(errno) ));
2950 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2952 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2953 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2954 /* No outbuf here means successful sendfile. */
2955 TALLOC_FREE(req->outbuf);
2959 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2960 fsp->fsp_name, strerror(errno) ));
2961 exit_server_cleanly("send_file_readX sendfile failed");
2964 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2965 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2966 /* No outbuf here means successful sendfile. */
2967 TALLOC_FREE(req->outbuf);
2975 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
2976 uint8 headerbuf[smb_size + 2*12];
2978 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
2979 setup_readX_header(req->inbuf, headerbuf, smb_maxcnt);
2981 /* Send out the header. */
2982 if (write_data(smbd_server_fd(), (char *)headerbuf,
2983 sizeof(headerbuf)) != sizeof(headerbuf)) {
2984 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
2985 fsp->fsp_name, strerror(errno) ));
2986 exit_server_cleanly("send_file_readX sendfile failed");
2988 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
2990 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2991 fsp->fsp_name, strerror(errno) ));
2992 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2994 TALLOC_FREE(req->outbuf);
2997 reply_outbuf(req, 12, smb_maxcnt);
2999 nread = read_file(fsp, smb_buf(req->outbuf), startpos,
3002 reply_unixerror(req, ERRDOS, ERRnoaccess);
3006 setup_readX_header(req->inbuf, req->outbuf, nread);
3008 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3009 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3011 chain_reply_new(req);
3017 /****************************************************************************
3018 Reply to a read and X.
3019 ****************************************************************************/
3021 void reply_read_and_X(connection_struct *conn, struct smb_request *req)
3026 BOOL big_readX = False;
3028 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
3031 START_PROFILE(SMBreadX);
3033 if ((req->wct != 10) && (req->wct != 12)) {
3034 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3038 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3039 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3040 smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
3042 /* If it's an IPC, pass off the pipe handler. */
3044 reply_pipe_read_and_X(req);
3045 END_PROFILE(SMBreadX);
3049 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3050 END_PROFILE(SMBreadX);
3054 if (!CHECK_READ(fsp,req->inbuf)) {
3055 reply_doserror(req, ERRDOS,ERRbadaccess);
3056 END_PROFILE(SMBreadX);
3060 if (global_client_caps & CAP_LARGE_READX) {
3061 size_t upper_size = SVAL(req->inbuf,smb_vwv7);
3062 smb_maxcnt |= (upper_size<<16);
3063 if (upper_size > 1) {
3064 /* Can't do this on a chained packet. */
3065 if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) {
3066 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3067 END_PROFILE(SMBreadX);
3070 /* We currently don't do this on signed or sealed data. */
3071 if (srv_is_signing_active() || srv_encryption_on()) {
3072 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3073 END_PROFILE(SMBreadX);
3076 /* Is there room in the reply for this data ? */
3077 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3079 NT_STATUS_INVALID_PARAMETER);
3080 END_PROFILE(SMBreadX);
3087 if (req->wct == 12) {
3088 #ifdef LARGE_SMB_OFF_T
3090 * This is a large offset (64 bit) read.
3092 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32);
3094 #else /* !LARGE_SMB_OFF_T */
3097 * Ensure we haven't been sent a >32 bit offset.
3100 if(IVAL(req->inbuf,smb_vwv10) != 0) {
3101 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3102 "used and we don't support 64 bit offsets.\n",
3103 (unsigned int)IVAL(req->inbuf,smb_vwv10) ));
3104 END_PROFILE(SMBreadX);
3105 reply_doserror(req, ERRDOS, ERRbadaccess);
3109 #endif /* LARGE_SMB_OFF_T */
3113 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt,
3114 (SMB_BIG_UINT)startpos, READ_LOCK)) {
3115 END_PROFILE(SMBreadX);
3116 reply_doserror(req, ERRDOS, ERRlock);
3121 && schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3122 END_PROFILE(SMBreadX);
3123 reply_post_legacy(req, -1);
3127 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3129 END_PROFILE(SMBreadX);
3133 /****************************************************************************
3134 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3135 ****************************************************************************/
3137 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3140 ssize_t total_written=0;
3141 size_t numtowrite=0;
3146 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3149 START_PROFILE(SMBwritebraw);
3151 if (srv_is_signing_active()) {
3152 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
3155 CHECK_FSP(fsp,conn);
3156 if (!CHECK_WRITE(fsp)) {
3157 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3160 tcount = IVAL(inbuf,smb_vwv1);
3161 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3162 write_through = BITSETW(inbuf+smb_vwv7,0);
3164 /* We have to deal with slightly different formats depending
3165 on whether we are using the core+ or lanman1.0 protocol */
3167 if(Protocol <= PROTOCOL_COREPLUS) {
3168 numtowrite = SVAL(smb_buf(inbuf),-2);
3169 data = smb_buf(inbuf);
3171 numtowrite = SVAL(inbuf,smb_vwv10);
3172 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
3175 /* force the error type */
3176 SCVAL(inbuf,smb_com,SMBwritec);
3177 SCVAL(outbuf,smb_com,SMBwritec);
3179 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3180 END_PROFILE(SMBwritebraw);
3181 return(ERROR_DOS(ERRDOS,ERRlock));
3185 nwritten = write_file(fsp,data,startpos,numtowrite);
3187 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
3188 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
3190 if (nwritten < (ssize_t)numtowrite) {
3191 END_PROFILE(SMBwritebraw);
3192 return(UNIXERROR(ERRHRD,ERRdiskfull));
3195 total_written = nwritten;
3197 /* Return a message to the redirector to tell it to send more bytes */
3198 SCVAL(outbuf,smb_com,SMBwritebraw);
3199 SSVALS(outbuf,smb_vwv0,-1);
3200 outsize = set_message(inbuf,outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3202 if (!send_smb(smbd_server_fd(),outbuf))
3203 exit_server_cleanly("reply_writebraw: send_smb failed.");
3205 /* Now read the raw data into the buffer and write it */
3206 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
3207 exit_server_cleanly("secondary writebraw failed");
3210 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
3211 numtowrite = smb_len(inbuf);
3213 /* Set up outbuf to return the correct return */
3214 outsize = set_message(inbuf,outbuf,1,0,True);
3215 SCVAL(outbuf,smb_com,SMBwritec);
3217 if (numtowrite != 0) {
3219 if (numtowrite > BUFFER_SIZE) {
3220 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
3221 (unsigned int)numtowrite ));
3222 exit_server_cleanly("secondary writebraw failed");
3225 if (tcount > nwritten+numtowrite) {
3226 DEBUG(3,("Client overestimated the write %d %d %d\n",
3227 (int)tcount,(int)nwritten,(int)numtowrite));
3230 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
3231 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
3233 exit_server_cleanly("secondary writebraw failed");
3236 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
3237 if (nwritten == -1) {
3238 END_PROFILE(SMBwritebraw);
3239 return(UNIXERROR(ERRHRD,ERRdiskfull));
3242 if (nwritten < (ssize_t)numtowrite) {
3243 SCVAL(outbuf,smb_rcls,ERRHRD);
3244 SSVAL(outbuf,smb_err,ERRdiskfull);
3248 total_written += nwritten;
3251 SSVAL(outbuf,smb_vwv0,total_written);
3253 status = sync_file(conn, fsp, write_through);
3254 if (!NT_STATUS_IS_OK(status)) {
3255 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3256 fsp->fsp_name, nt_errstr(status) ));
3257 END_PROFILE(SMBwritebraw);
3258 return ERROR_NT(status);
3261 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
3262 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
3264 /* we won't return a status if write through is not selected - this follows what WfWg does */
3265 END_PROFILE(SMBwritebraw);
3266 if (!write_through && total_written==tcount) {
3268 #if RABBIT_PELLET_FIX
3270 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3271 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
3273 if (!send_keepalive(smbd_server_fd()))
3274 exit_server_cleanly("reply_writebraw: send of keepalive failed");
3283 #define DBGC_CLASS DBGC_LOCKING
3285 /****************************************************************************
3286 Reply to a writeunlock (core+).
3287 ****************************************************************************/
3289 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
3290 int size, int dum_buffsize)
3292 ssize_t nwritten = -1;
3296 NTSTATUS status = NT_STATUS_OK;
3297 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3299 START_PROFILE(SMBwriteunlock);
3301 CHECK_FSP(fsp,conn);
3302 if (!CHECK_WRITE(fsp)) {
3303 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3306 numtowrite = SVAL(inbuf,smb_vwv1);
3307 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3308 data = smb_buf(inbuf) + 3;
3310 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3311 END_PROFILE(SMBwriteunlock);
3312 return ERROR_DOS(ERRDOS,ERRlock);
3315 /* The special X/Open SMB protocol handling of
3316 zero length writes is *NOT* done for
3318 if(numtowrite == 0) {
3321 nwritten = write_file(fsp,data,startpos,numtowrite);
3324 status = sync_file(conn, fsp, False /* write through */);
3325 if (!NT_STATUS_IS_OK(status)) {
3326 END_PROFILE(SMBwriteunlock);
3327 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3328 fsp->fsp_name, nt_errstr(status) ));
3329 return ERROR_NT(status);
3332 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3333 END_PROFILE(SMBwriteunlock);
3334 return(UNIXERROR(ERRHRD,ERRdiskfull));
3338 status = do_unlock(smbd_messaging_context(),
3340 (uint32)SVAL(inbuf,smb_pid),
3341 (SMB_BIG_UINT)numtowrite,
3342 (SMB_BIG_UINT)startpos,
3345 if (NT_STATUS_V(status)) {
3346 END_PROFILE(SMBwriteunlock);
3347 return ERROR_NT(status);
3351 outsize = set_message(inbuf,outbuf,1,0,True);
3353 SSVAL(outbuf,smb_vwv0,nwritten);
3355 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3356 fsp->fnum, (int)numtowrite, (int)nwritten));
3358 END_PROFILE(SMBwriteunlock);
3363 #define DBGC_CLASS DBGC_ALL
3365 /****************************************************************************
3367 ****************************************************************************/
3369 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
3372 ssize_t nwritten = -1;
3375 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3378 START_PROFILE(SMBwrite);
3380 /* If it's an IPC, pass off the pipe handler. */
3382 END_PROFILE(SMBwrite);
3383 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
3386 CHECK_FSP(fsp,conn);
3387 if (!CHECK_WRITE(fsp)) {
3388 END_PROFILE(SMBwrite);
3389 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3392 numtowrite = SVAL(inbuf,smb_vwv1);
3393 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3394 data = smb_buf(inbuf) + 3;
3396 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3397 END_PROFILE(SMBwrite);
3398 return ERROR_DOS(ERRDOS,ERRlock);
3402 * X/Open SMB protocol says that if smb_vwv1 is
3403 * zero then the file size should be extended or
3404 * truncated to the size given in smb_vwv[2-3].
3407 if(numtowrite == 0) {
3409 * This is actually an allocate call, and set EOF. JRA.
3411 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3413 END_PROFILE(SMBwrite);
3414 return ERROR_NT(NT_STATUS_DISK_FULL);
3416 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3418 END_PROFILE(SMBwrite);
3419 return ERROR_NT(NT_STATUS_DISK_FULL);
3422 nwritten = write_file(fsp,data,startpos,numtowrite);
3424 status = sync_file(conn, fsp, False);
3425 if (!NT_STATUS_IS_OK(status)) {
3426 END_PROFILE(SMBwrite);
3427 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3428 fsp->fsp_name, nt_errstr(status) ));
3429 return ERROR_NT(status);
3432 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3433 END_PROFILE(SMBwrite);
3434 return(UNIXERROR(ERRHRD,ERRdiskfull));
3437 outsize = set_message(inbuf,outbuf,1,0,True);
3439 SSVAL(outbuf,smb_vwv0,nwritten);
3441 if (nwritten < (ssize_t)numtowrite) {
3442 SCVAL(outbuf,smb_rcls,ERRHRD);
3443 SSVAL(outbuf,smb_err,ERRdiskfull);
3446 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3448 END_PROFILE(SMBwrite);
3452 /****************************************************************************
3453 Reply to a write and X.
3454 ****************************************************************************/
3456 void reply_write_and_X(connection_struct *conn, struct smb_request *req)
3463 unsigned int smb_doff;
3464 unsigned int smblen;
3469 START_PROFILE(SMBwriteX);
3471 if ((req->wct != 12) && (req->wct != 14)) {
3472 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3473 END_PROFILE(SMBwriteX);
3477 numtowrite = SVAL(req->inbuf,smb_vwv10);
3478 smb_doff = SVAL(req->inbuf,smb_vwv11);
3479 smblen = smb_len(req->inbuf);
3480 large_writeX = ((req->wct == 14) && (smblen > 0xFFFF));
3482 /* Deal with possible LARGE_WRITEX */
3484 numtowrite |= ((((size_t)SVAL(req->inbuf,smb_vwv9)) & 1 )<<16);
3487 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3488 reply_doserror(req, ERRDOS, ERRbadmem);
3489 END_PROFILE(SMBwriteX);
3493 /* If it's an IPC, pass off the pipe handler. */
3495 reply_pipe_write_and_X(req);
3496 END_PROFILE(SMBwriteX);
3500 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3501 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3502 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3504 if (!check_fsp(conn, req, fsp, ¤t_user)) {
3505 END_PROFILE(SMBwriteX);
3509 if (!CHECK_WRITE(fsp)) {
3510 reply_doserror(req, ERRDOS, ERRbadaccess);
3511 END_PROFILE(SMBwriteX);
3515 data = smb_base(req->inbuf) + smb_doff;
3517 if(req->wct == 14) {
3518 #ifdef LARGE_SMB_OFF_T
3520 * This is a large offset (64 bit) write.
3522 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
3524 #else /* !LARGE_SMB_OFF_T */
3527 * Ensure we haven't been sent a >32 bit offset.
3530 if(IVAL(req->inbuf,smb_vwv12) != 0) {
3531 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
3532 "used and we don't support 64 bit offsets.\n",
3533 (unsigned int)IVAL(inbuf,smb_vwv12) ));
3534 reply_doserror(req, ERRDOS, ERRbadaccess);
3535 END_PROFILE(SMBwriteX);
3539 #endif /* LARGE_SMB_OFF_T */
3542 if (is_locked(fsp,(uint32)req->smbpid,
3543 (SMB_BIG_UINT)numtowrite,
3544 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3545 reply_doserror(req, ERRDOS, ERRlock);
3546 END_PROFILE(SMBwriteX);
3550 /* X/Open SMB protocol says that, unlike SMBwrite
3551 if the length is zero then NO truncation is
3552 done, just a write of zero. To truncate a file,
3555 if(numtowrite == 0) {
3559 if (schedule_aio_write_and_X(conn, req, fsp, data, startpos,
3561 END_PROFILE(SMBwriteX);
3565 nwritten = write_file(fsp,data,startpos,numtowrite);
3568 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3569 reply_unixerror(req, ERRHRD, ERRdiskfull);
3570 END_PROFILE(SMBwriteX);
3574 reply_outbuf(req, 6, 0);
3575 SSVAL(req->outbuf,smb_vwv2,nwritten);
3577 SSVAL(req->outbuf,smb_vwv4,(nwritten>>16)&1);
3579 if (nwritten < (ssize_t)numtowrite) {
3580 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3581 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3584 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3585 fsp->fnum, (int)numtowrite, (int)nwritten));
3587 status = sync_file(conn, fsp, write_through);
3588 if (!NT_STATUS_IS_OK(status)) {
3589 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
3590 fsp->fsp_name, nt_errstr(status) ));
3591 reply_nterror(req, status);
3592 END_PROFILE(SMBwriteX);
3596 END_PROFILE(SMBwriteX);
3597 chain_reply_new(req);
3601 /****************************************************************************
3603 ****************************************************************************/
3605 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3611 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3612 START_PROFILE(SMBlseek);
3614 CHECK_FSP(fsp,conn);
3616 flush_write_cache(fsp, SEEK_FLUSH);
3618 mode = SVAL(inbuf,smb_vwv1) & 3;
3619 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3620 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3629 res = fsp->fh->pos + startpos;
3640 if (umode == SEEK_END) {
3641 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3642 if(errno == EINVAL) {
3643 SMB_OFF_T current_pos = startpos;
3644 SMB_STRUCT_STAT sbuf;
3646 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3647 END_PROFILE(SMBlseek);
3648 return(UNIXERROR(ERRDOS,ERRnoaccess));
3651 current_pos += sbuf.st_size;
3653 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3658 END_PROFILE(SMBlseek);
3659 return(UNIXERROR(ERRDOS,ERRnoaccess));
3665 outsize = set_message(inbuf,outbuf,2,0,True);
3666 SIVAL(outbuf,smb_vwv0,res);
3668 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3669 fsp->fnum, (double)startpos, (double)res, mode));
3671 END_PROFILE(SMBlseek);
3675 /****************************************************************************
3677 ****************************************************************************/
3679 void reply_flush(connection_struct *conn, struct smb_request *req)
3684 START_PROFILE(SMBflush);
3687 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3691 fnum = SVAL(req->inbuf,smb_vwv0);
3692 fsp = file_fsp(fnum);
3694 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp, ¤t_user)) {
3699 file_sync_all(conn);
3701 NTSTATUS status = sync_file(conn, fsp, True);
3702 if (!NT_STATUS_IS_OK(status)) {
3703 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
3704 fsp->fsp_name, nt_errstr(status) ));
3705 reply_nterror(req, status);
3706 END_PROFILE(SMBflush);
3711 reply_outbuf(req, 0, 0);
3713 DEBUG(3,("flush\n"));
3714 END_PROFILE(SMBflush);
3718 /****************************************************************************
3720 conn POINTER CAN BE NULL HERE !
3721 ****************************************************************************/
3723 void reply_exit(connection_struct *conn, struct smb_request *req)
3725 START_PROFILE(SMBexit);
3727 file_close_pid(req->smbpid, req->vuid);
3729 reply_outbuf(req, 0, 0);
3731 DEBUG(3,("exit\n"));
3733 END_PROFILE(SMBexit);
3737 /****************************************************************************
3738 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3739 ****************************************************************************/
3741 void reply_close(connection_struct *conn, struct smb_request *req)
3743 NTSTATUS status = NT_STATUS_OK;
3744 files_struct *fsp = NULL;
3745 START_PROFILE(SMBclose);
3748 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3749 END_PROFILE(SMBclose);
3753 /* If it's an IPC, pass off to the pipe handler. */
3755 reply_pipe_close(conn, req);
3756 END_PROFILE(SMBclose);
3760 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3763 * We can only use CHECK_FSP if we know it's not a directory.
3766 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3767 reply_doserror(req, ERRDOS, ERRbadfid);
3768 END_PROFILE(SMBclose);
3772 if(fsp->is_directory) {
3774 * Special case - close NT SMB directory handle.
3776 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3777 status = close_file(fsp,NORMAL_CLOSE);
3780 * Close ordinary file.
3783 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3784 fsp->fh->fd, fsp->fnum,
3785 conn->num_files_open));
3788 * Take care of any time sent in the close.
3791 fsp_set_pending_modtime(fsp, convert_time_t_to_timespec(
3792 srv_make_unix_date3(
3793 req->inbuf+smb_vwv1)));
3796 * close_file() returns the unix errno if an error
3797 * was detected on close - normally this is due to
3798 * a disk full error. If not then it was probably an I/O error.
3801 status = close_file(fsp,NORMAL_CLOSE);
3804 if (!NT_STATUS_IS_OK(status)) {
3805 reply_nterror(req, status);
3806 END_PROFILE(SMBclose);
3810 reply_outbuf(req, 0, 0);
3811 END_PROFILE(SMBclose);
3815 /****************************************************************************
3816 Reply to a writeclose (Core+ protocol).
3817 ****************************************************************************/
3819 int reply_writeclose(connection_struct *conn,
3820 char *inbuf,char *outbuf, int size, int dum_buffsize)
3823 ssize_t nwritten = -1;
3825 NTSTATUS close_status = NT_STATUS_OK;
3828 struct timespec mtime;
3829 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3830 START_PROFILE(SMBwriteclose);
3832 CHECK_FSP(fsp,conn);
3833 if (!CHECK_WRITE(fsp)) {
3834 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3837 numtowrite = SVAL(inbuf,smb_vwv1);
3838 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3839 mtime = convert_time_t_to_timespec(srv_make_unix_date3(inbuf+smb_vwv4));
3840 data = smb_buf(inbuf) + 1;
3842 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3843 END_PROFILE(SMBwriteclose);
3844 return ERROR_DOS(ERRDOS,ERRlock);
3847 nwritten = write_file(fsp,data,startpos,numtowrite);
3849 set_filetime(conn, fsp->fsp_name, mtime);
3852 * More insanity. W2K only closes the file if writelen > 0.
3857 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3859 close_status = close_file(fsp,NORMAL_CLOSE);
3862 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3863 fsp->fnum, (int)numtowrite, (int)nwritten,
3864 conn->num_files_open));
3866 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3867 END_PROFILE(SMBwriteclose);
3868 return(UNIXERROR(ERRHRD,ERRdiskfull));
3871 if(!NT_STATUS_IS_OK(close_status)) {
3872 END_PROFILE(SMBwriteclose);
3873 return ERROR_NT(close_status);
3876 outsize = set_message(inbuf,outbuf,1,0,True);
3878 SSVAL(outbuf,smb_vwv0,nwritten);
3879 END_PROFILE(SMBwriteclose);
3884 #define DBGC_CLASS DBGC_LOCKING
3886 /****************************************************************************
3888 ****************************************************************************/
3890 int reply_lock(connection_struct *conn,
3891 char *inbuf,char *outbuf, int length, int dum_buffsize)
3893 int outsize = set_message(inbuf,outbuf,0,0,False);
3894 SMB_BIG_UINT count,offset;
3896 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3897 struct byte_range_lock *br_lck = NULL;
3899 START_PROFILE(SMBlock);
3901 CHECK_FSP(fsp,conn);
3903 release_level_2_oplocks_on_change(fsp);
3905 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3906 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3908 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3909 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3911 br_lck = do_lock(smbd_messaging_context(),
3913 (uint32)SVAL(inbuf,smb_pid),
3918 False, /* Non-blocking lock. */
3922 TALLOC_FREE(br_lck);
3924 if (NT_STATUS_V(status)) {
3925 END_PROFILE(SMBlock);
3926 return ERROR_NT(status);
3929 END_PROFILE(SMBlock);
3933 /****************************************************************************
3935 ****************************************************************************/
3937 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3940 int outsize = set_message(inbuf,outbuf,0,0,False);
3941 SMB_BIG_UINT count,offset;
3943 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
3944 START_PROFILE(SMBunlock);
3946 CHECK_FSP(fsp,conn);
3948 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3949 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3951 status = do_unlock(smbd_messaging_context(),
3953 (uint32)SVAL(inbuf,smb_pid),
3958 if (NT_STATUS_V(status)) {
3959 END_PROFILE(SMBunlock);
3960 return ERROR_NT(status);
3963 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3964 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3966 END_PROFILE(SMBunlock);
3971 #define DBGC_CLASS DBGC_ALL
3973 /****************************************************************************
3975 conn POINTER CAN BE NULL HERE !
3976 ****************************************************************************/
3978 void reply_tdis(connection_struct *conn, struct smb_request *req)
3980 START_PROFILE(SMBtdis);
3983 DEBUG(4,("Invalid connection in tdis\n"));
3984 reply_doserror(req, ERRSRV, ERRinvnid);
3985 END_PROFILE(SMBtdis);
3991 close_cnum(conn,req->vuid);
3993 reply_outbuf(req, 0, 0);
3994 END_PROFILE(SMBtdis);
3998 /****************************************************************************
4000 conn POINTER CAN BE NULL HERE !
4001 ****************************************************************************/
4003 void reply_echo(connection_struct *conn, struct smb_request *req)
4007 unsigned int data_len = smb_buflen(req->inbuf);
4009 START_PROFILE(SMBecho);
4012 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4013 END_PROFILE(SMBecho);
4017 if (data_len > BUFFER_SIZE) {
4018 DEBUG(0,("reply_echo: data_len too large.\n"));
4019 reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
4020 END_PROFILE(SMBecho);
4024 smb_reverb = SVAL(req->inbuf,smb_vwv0);
4026 reply_outbuf(req, 1, data_len);
4028 /* copy any incoming data back out */
4030 memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len);
4033 if (smb_reverb > 100) {
4034 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4038 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
4039 SSVAL(req->outbuf,smb_vwv0,seq_num);
4041 show_msg((char *)req->outbuf);
4042 if (!send_smb(smbd_server_fd(),(char *)req->outbuf))
4043 exit_server_cleanly("reply_echo: send_smb failed.");
4046 DEBUG(3,("echo %d times\n", smb_reverb));
4048 TALLOC_FREE(req->outbuf);
4052 END_PROFILE(SMBecho);
4056 /****************************************************************************
4057 Reply to a printopen.
4058 ****************************************************************************/
4060 int reply_printopen(connection_struct *conn,
4061 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4067 START_PROFILE(SMBsplopen);
4069 if (!CAN_PRINT(conn)) {
4070 END_PROFILE(SMBsplopen);
4071 return ERROR_DOS(ERRDOS,ERRnoaccess);
4074 /* Open for exclusive use, write only. */
4075 status = print_fsp_open(conn, NULL, &fsp);
4077 if (!NT_STATUS_IS_OK(status)) {
4078 END_PROFILE(SMBsplopen);
4079 return(ERROR_NT(status));
4082 outsize = set_message(inbuf,outbuf,1,0,True);
4083 SSVAL(outbuf,smb_vwv0,fsp->fnum);
4085 DEBUG(3,("openprint fd=%d fnum=%d\n",
4086 fsp->fh->fd, fsp->fnum));
4088 END_PROFILE(SMBsplopen);
4092 /****************************************************************************
4093 Reply to a printclose.
4094 ****************************************************************************/
4096 int reply_printclose(connection_struct *conn,
4097 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4099 int outsize = set_message(inbuf,outbuf,0,0,False);
4100 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
4102 START_PROFILE(SMBsplclose);
4104 CHECK_FSP(fsp,conn);
4106 if (!CAN_PRINT(conn)) {
4107 END_PROFILE(SMBsplclose);
4108 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
4111 DEBUG(3,("printclose fd=%d fnum=%d\n",
4112 fsp->fh->fd,fsp->fnum));
4114 status = close_file(fsp,NORMAL_CLOSE);
4116 if(!NT_STATUS_IS_OK(status)) {
4117 END_PROFILE(SMBsplclose);
4118 return ERROR_NT(status);
4121 END_PROFILE(SMBsplclose);
4125 /****************************************************************************
4126 Reply to a printqueue.
4127 ****************************************************************************/
4129 int reply_printqueue(connection_struct *conn,
4130 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4132 int outsize = set_message(inbuf,outbuf,2,3,True);
4133 int max_count = SVAL(inbuf,smb_vwv0);
4134 int start_index = SVAL(inbuf,smb_vwv1);
4135 START_PROFILE(SMBsplretq);
4137 /* we used to allow the client to get the cnum wrong, but that
4138 is really quite gross and only worked when there was only
4139 one printer - I think we should now only accept it if they
4140 get it right (tridge) */
4141 if (!CAN_PRINT(conn)) {
4142 END_PROFILE(SMBsplretq);
4143 return ERROR_DOS(ERRDOS,ERRnoaccess);
4146 SSVAL(outbuf,smb_vwv0,0);
4147 SSVAL(outbuf,smb_vwv1,0);
4148 SCVAL(smb_buf(outbuf),0,1);
4149 SSVAL(smb_buf(outbuf),1,0);
4151 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4152 start_index, max_count));
4155 print_queue_struct *queue = NULL;
4156 print_status_struct status;
4157 char *p = smb_buf(outbuf) + 3;
4158 int count = print_queue_status(SNUM(conn), &queue, &status);
4159 int num_to_get = ABS(max_count);
4160 int first = (max_count>0?start_index:start_index+max_count+1);
4166 num_to_get = MIN(num_to_get,count-first);
4169 for (i=first;i<first+num_to_get;i++) {
4170 srv_put_dos_date2(p,0,queue[i].time);
4171 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4172 SSVAL(p,5, queue[i].job);
4173 SIVAL(p,7,queue[i].size);
4175 srvstr_push(outbuf, SVAL(outbuf, smb_flg2), p+12,
4176 queue[i].fs_user, 16, STR_ASCII);
4181 outsize = set_message(inbuf,outbuf,2,28*count+3,False);
4182 SSVAL(outbuf,smb_vwv0,count);
4183 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
4184 SCVAL(smb_buf(outbuf),0,1);
4185 SSVAL(smb_buf(outbuf),1,28*count);
4190 DEBUG(3,("%d entries returned in queue\n",count));
4193 END_PROFILE(SMBsplretq);
4197 /****************************************************************************
4198 Reply to a printwrite.
4199 ****************************************************************************/
4201 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4204 int outsize = set_message(inbuf,outbuf,0,0,False);
4206 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
4208 START_PROFILE(SMBsplwr);
4210 if (!CAN_PRINT(conn)) {
4211 END_PROFILE(SMBsplwr);
4212 return ERROR_DOS(ERRDOS,ERRnoaccess);
4215 CHECK_FSP(fsp,conn);
4216 if (!CHECK_WRITE(fsp)) {
4217 return(ERROR_DOS(ERRDOS,ERRbadaccess));
4220 numtowrite = SVAL(smb_buf(inbuf),1);
4221 data = smb_buf(inbuf) + 3;
4223 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
4224 END_PROFILE(SMBsplwr);
4225 return(UNIXERROR(ERRHRD,ERRdiskfull));
4228 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4230 END_PROFILE(SMBsplwr);
4234 /****************************************************************************
4236 ****************************************************************************/
4238 void reply_mkdir(connection_struct *conn, struct smb_request *req)
4242 SMB_STRUCT_STAT sbuf;
4244 START_PROFILE(SMBmkdir);
4246 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4247 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4248 STR_TERMINATE, &status);
4249 if (!NT_STATUS_IS_OK(status)) {
4250 reply_nterror(req, status);
4251 END_PROFILE(SMBmkdir);
4255 status = resolve_dfspath(conn,
4256 req->flags2 & FLAGS2_DFS_PATHNAMES,
4258 if (!NT_STATUS_IS_OK(status)) {
4259 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4260 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4261 ERRSRV, ERRbadpath);
4262 END_PROFILE(SMBmkdir);
4265 reply_nterror(req, status);
4266 END_PROFILE(SMBmkdir);
4270 status = unix_convert(conn, directory, False, NULL, &sbuf);
4271 if (!NT_STATUS_IS_OK(status)) {
4272 reply_nterror(req, status);
4273 END_PROFILE(SMBmkdir);
4277 status = check_name(conn, directory);
4278 if (!NT_STATUS_IS_OK(status)) {
4279 reply_nterror(req, status);
4280 END_PROFILE(SMBmkdir);
4284 status = create_directory(conn, directory);
4286 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4288 if (!NT_STATUS_IS_OK(status)) {
4290 if (!use_nt_status()
4291 && NT_STATUS_EQUAL(status,
4292 NT_STATUS_OBJECT_NAME_COLLISION)) {
4294 * Yes, in the DOS error code case we get a
4295 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4296 * samba4 torture test.
4298 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4301 reply_nterror(req, status);
4302 END_PROFILE(SMBmkdir);
4306 reply_outbuf(req, 0, 0);
4308 DEBUG( 3, ( "mkdir %s\n", directory ) );
4310 END_PROFILE(SMBmkdir);
4314 /****************************************************************************
4315 Static function used by reply_rmdir to delete an entire directory
4316 tree recursively. Return True on ok, False on fail.
4317 ****************************************************************************/
4319 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
4321 const char *dname = NULL;
4324 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4329 while((dname = ReadDirName(dir_hnd, &offset))) {
4333 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4336 if (!is_visible_file(conn, directory, dname, &st, False))
4339 /* Construct the full name. */
4340 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4346 pstrcpy(fullname, directory);
4347 pstrcat(fullname, "/");
4348 pstrcat(fullname, dname);
4350 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4355 if(st.st_mode & S_IFDIR) {
4356 if(!recursive_rmdir(conn, fullname)) {
4360 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
4364 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
4373 /****************************************************************************
4374 The internals of the rmdir code - called elsewhere.
4375 ****************************************************************************/
4377 NTSTATUS rmdir_internals(connection_struct *conn, const char *directory)
4382 /* Might be a symlink. */
4383 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
4384 return map_nt_error_from_unix(errno);
4387 if (S_ISLNK(st.st_mode)) {
4388 /* Is what it points to a directory ? */
4389 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
4390 return map_nt_error_from_unix(errno);
4392 if (!(S_ISDIR(st.st_mode))) {
4393 return NT_STATUS_NOT_A_DIRECTORY;
4395 ret = SMB_VFS_UNLINK(conn,directory);
4397 ret = SMB_VFS_RMDIR(conn,directory);
4400 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4401 FILE_NOTIFY_CHANGE_DIR_NAME,
4403 return NT_STATUS_OK;
4406 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
4408 * Check to see if the only thing in this directory are
4409 * vetoed files/directories. If so then delete them and
4410 * retry. If we fail to delete any of them (and we *don't*
4411 * do a recursive delete) then fail the rmdir.
4415 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
4417 if(dir_hnd == NULL) {
4422 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4423 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4425 if (!is_visible_file(conn, directory, dname, &st, False))
4427 if(!IS_VETO_PATH(conn, dname)) {
4434 /* We only have veto files/directories. Recursive delete. */
4436 RewindDir(dir_hnd,&dirpos);
4437 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
4440 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
4442 if (!is_visible_file(conn, directory, dname, &st, False))
4445 /* Construct the full name. */
4446 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
4451 pstrcpy(fullname, directory);
4452 pstrcat(fullname, "/");
4453 pstrcat(fullname, dname);
4455 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
4457 if(st.st_mode & S_IFDIR) {
4458 if(lp_recursive_veto_delete(SNUM(conn))) {
4459 if(!recursive_rmdir(conn, fullname))
4462 if(SMB_VFS_RMDIR(conn,fullname) != 0)
4464 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
4468 /* Retry the rmdir */
4469 ret = SMB_VFS_RMDIR(conn,directory);
4475 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
4476 "%s\n", directory,strerror(errno)));
4477 return map_nt_error_from_unix(errno);
4480 notify_fname(conn, NOTIFY_ACTION_REMOVED,
4481 FILE_NOTIFY_CHANGE_DIR_NAME,
4484 return NT_STATUS_OK;
4487 /****************************************************************************
4489 ****************************************************************************/
4491 void reply_rmdir(connection_struct *conn, struct smb_request *req)
4494 SMB_STRUCT_STAT sbuf;
4496 START_PROFILE(SMBrmdir);
4498 srvstr_get_path((char *)req->inbuf, req->flags2, directory,
4499 smb_buf(req->inbuf) + 1, sizeof(directory), 0,
4500 STR_TERMINATE, &status);
4501 if (!NT_STATUS_IS_OK(status)) {
4502 reply_nterror(req, status);
4503 END_PROFILE(SMBrmdir);
4507 status = resolve_dfspath(conn,
4508 req->flags2 & FLAGS2_DFS_PATHNAMES,
4510 if (!NT_STATUS_IS_OK(status)) {
4511 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4512 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4513 ERRSRV, ERRbadpath);
4514 END_PROFILE(SMBrmdir);
4517 reply_nterror(req, status);
4518 END_PROFILE(SMBrmdir);
4522 status = unix_convert(conn, directory, False, NULL, &sbuf);
4523 if (!NT_STATUS_IS_OK(status)) {
4524 reply_nterror(req, status);
4525 END_PROFILE(SMBrmdir);
4529 status = check_name(conn, directory);
4530 if (!NT_STATUS_IS_OK(status)) {
4531 reply_nterror(req, status);
4532 END_PROFILE(SMBrmdir);
4536 dptr_closepath(directory, req->smbpid);
4537 status = rmdir_internals(conn, directory);
4538 if (!NT_STATUS_IS_OK(status)) {
4539 reply_nterror(req, status);
4540 END_PROFILE(SMBrmdir);
4544 reply_outbuf(req, 0, 0);
4546 DEBUG( 3, ( "rmdir %s\n", directory ) );
4548 END_PROFILE(SMBrmdir);
4552 /*******************************************************************
4553 Resolve wildcards in a filename rename.
4554 Note that name is in UNIX charset and thus potentially can be more
4555 than fstring buffer (255 bytes) especially in default UTF-8 case.
4556 Therefore, we use pstring inside and all calls should ensure that
4557 name2 is at least pstring-long (they do already)
4558 ********************************************************************/
4560 static BOOL resolve_wildcards(const char *name1, char *name2)
4562 pstring root1,root2;
4564 char *p,*p2, *pname1, *pname2;
4565 int available_space, actual_space;
4567 pname1 = strrchr_m(name1,'/');
4568 pname2 = strrchr_m(name2,'/');
4570 if (!pname1 || !pname2)
4573 pstrcpy(root1,pname1);
4574 pstrcpy(root2,pname2);
4575 p = strrchr_m(root1,'.');
4582 p = strrchr_m(root2,'.');
4596 } else if (*p2 == '*') {
4612 } else if (*p2 == '*') {
4622 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4625 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4626 if (actual_space >= available_space - 1) {
4627 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4628 actual_space - available_space));
4631 pstrcpy_base(pname2, root2, name2);
4637 /****************************************************************************
4638 Ensure open files have their names updated. Updated to notify other smbd's
4640 ****************************************************************************/
4642 static void rename_open_files(connection_struct *conn,
4643 struct share_mode_lock *lck,
4644 const char *newname)
4647 BOOL did_rename = False;
4649 for(fsp = file_find_di_first(lck->id); fsp;
4650 fsp = file_find_di_next(fsp)) {
4651 /* fsp_name is a relative path under the fsp. To change this for other
4652 sharepaths we need to manipulate relative paths. */
4653 /* TODO - create the absolute path and manipulate the newname
4654 relative to the sharepath. */
4655 if (fsp->conn != conn) {
4658 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
4659 fsp->fnum, file_id_static_string(&fsp->file_id),
4660 fsp->fsp_name, newname ));
4661 string_set(&fsp->fsp_name, newname);
4666 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
4667 file_id_static_string(&lck->id), newname ));
4670 /* Send messages to all smbd's (not ourself) that the name has changed. */
4671 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
4675 /****************************************************************************
4676 We need to check if the source path is a parent directory of the destination
4677 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4678 refuse the rename with a sharing violation. Under UNIX the above call can
4679 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4680 probably need to check that the client is a Windows one before disallowing
4681 this as a UNIX client (one with UNIX extensions) can know the source is a
4682 symlink and make this decision intelligently. Found by an excellent bug
4683 report from <AndyLiebman@aol.com>.
4684 ****************************************************************************/
4686 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4688 const char *psrc = src;
4689 const char *pdst = dest;
4692 if (psrc[0] == '.' && psrc[1] == '/') {
4695 if (pdst[0] == '.' && pdst[1] == '/') {
4698 if ((slen = strlen(psrc)) > strlen(pdst)) {
4701 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4705 * Do the notify calls from a rename
4708 static void notify_rename(connection_struct *conn, BOOL is_dir,
4709 const char *oldpath, const char *newpath)
4711 char *olddir, *newdir;
4712 const char *oldname, *newname;
4715 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
4716 : FILE_NOTIFY_CHANGE_FILE_NAME;
4718 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
4719 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
4720 TALLOC_FREE(olddir);
4724 if (strcmp(olddir, newdir) == 0) {
4725 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
4726 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
4729 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
4730 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
4732 TALLOC_FREE(olddir);
4733 TALLOC_FREE(newdir);
4735 /* this is a strange one. w2k3 gives an additional event for
4736 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
4737 files, but not directories */
4739 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
4740 FILE_NOTIFY_CHANGE_ATTRIBUTES
4741 |FILE_NOTIFY_CHANGE_CREATION,
4746 /****************************************************************************
4747 Rename an open file - given an fsp.
4748 ****************************************************************************/
4750 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, pstring newname, uint32 attrs, BOOL replace_if_exists)
4752 SMB_STRUCT_STAT sbuf, sbuf1;
4753 pstring newname_last_component;
4754 NTSTATUS status = NT_STATUS_OK;
4755 struct share_mode_lock *lck = NULL;
4760 status = unix_convert(conn, newname, False, newname_last_component, &sbuf);
4762 /* If an error we expect this to be NT_STATUS_OBJECT_PATH_NOT_FOUND */
4764 if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(NT_STATUS_OBJECT_PATH_NOT_FOUND, status)) {
4768 status = check_name(conn, newname);
4769 if (!NT_STATUS_IS_OK(status)) {
4773 /* Ensure newname contains a '/' */
4774 if(strrchr_m(newname,'/') == 0) {
4777 pstrcpy(tmpstr, "./");
4778 pstrcat(tmpstr, newname);
4779 pstrcpy(newname, tmpstr);
4783 * Check for special case with case preserving and not
4784 * case sensitive. If the old last component differs from the original
4785 * last component only by case, then we should allow
4786 * the rename (user is trying to change the case of the
4790 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4791 strequal(newname, fsp->fsp_name)) {
4793 pstring newname_modified_last_component;
4796 * Get the last component of the modified name.
4797 * Note that we guarantee that newname contains a '/'
4800 p = strrchr_m(newname,'/');
4801 pstrcpy(newname_modified_last_component,p+1);
4803 if(strcsequal(newname_modified_last_component,
4804 newname_last_component) == False) {
4806 * Replace the modified last component with
4809 pstrcpy(p+1, newname_last_component);
4814 * If the src and dest names are identical - including case,
4815 * don't do the rename, just return success.
4818 if (strcsequal(fsp->fsp_name, newname)) {
4819 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4821 return NT_STATUS_OK;
4825 * Have vfs_object_exist also fill sbuf1
4827 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
4829 if(!replace_if_exists && dst_exists) {
4830 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4831 fsp->fsp_name,newname));
4832 return NT_STATUS_OBJECT_NAME_COLLISION;
4836 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
4837 files_struct *dst_fsp = file_find_di_first(fileid);
4839 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
4840 return NT_STATUS_ACCESS_DENIED;
4844 /* Ensure we have a valid stat struct for the source. */
4845 if (fsp->fh->fd != -1) {
4846 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&sbuf) == -1) {
4847 return map_nt_error_from_unix(errno);
4850 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
4851 return map_nt_error_from_unix(errno);
4855 status = can_rename(conn, fsp, attrs, &sbuf);
4857 if (!NT_STATUS_IS_OK(status)) {
4858 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4859 nt_errstr(status), fsp->fsp_name,newname));
4860 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
4861 status = NT_STATUS_ACCESS_DENIED;
4865 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4866 return NT_STATUS_ACCESS_DENIED;
4869 lck = get_share_mode_lock(NULL, fsp->file_id, NULL, NULL);
4872 * We have the file open ourselves, so not being able to get the
4873 * corresponding share mode lock is a fatal error.
4876 SMB_ASSERT(lck != NULL);
4878 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4879 uint32 create_options = fsp->fh->private_options;
4881 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4882 fsp->fsp_name,newname));
4884 rename_open_files(conn, lck, newname);
4886 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
4889 * A rename acts as a new file create w.r.t. allowing an initial delete
4890 * on close, probably because in Windows there is a new handle to the
4891 * new file. If initial delete on close was requested but not
4892 * originally set, we need to set it here. This is probably not 100% correct,
4893 * but will work for the CIFSFS client which in non-posix mode
4894 * depends on these semantics. JRA.
4897 set_allow_initial_delete_on_close(lck, fsp, True);
4899 if (create_options & FILE_DELETE_ON_CLOSE) {
4900 status = can_set_delete_on_close(fsp, True, 0);
4902 if (NT_STATUS_IS_OK(status)) {
4903 /* Note that here we set the *inital* delete on close flag,
4904 * not the regular one. The magic gets handled in close. */
4905 fsp->initial_delete_on_close = True;
4909 return NT_STATUS_OK;
4914 if (errno == ENOTDIR || errno == EISDIR) {
4915 status = NT_STATUS_OBJECT_NAME_COLLISION;
4917 status = map_nt_error_from_unix(errno);
4920 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4921 nt_errstr(status), fsp->fsp_name,newname));
4926 /****************************************************************************
4927 The guts of the rename command, split out so it may be called by the NT SMB
4929 ****************************************************************************/
4931 NTSTATUS rename_internals(connection_struct *conn, struct smb_request *req,
4935 BOOL replace_if_exists,
4941 pstring last_component_src;
4942 pstring last_component_dest;
4945 NTSTATUS status = NT_STATUS_OK;
4946 SMB_STRUCT_STAT sbuf1, sbuf2;
4947 struct smb_Dir *dir_hnd = NULL;
4952 *directory = *mask = 0;
4957 status = unix_convert(conn, name, src_has_wild, last_component_src, &sbuf1);
4958 if (!NT_STATUS_IS_OK(status)) {
4962 status = unix_convert(conn, newname, dest_has_wild, last_component_dest, &sbuf2);
4963 if (!NT_STATUS_IS_OK(status)) {
4968 * Split the old name into directory and last component
4969 * strings. Note that unix_convert may have stripped off a
4970 * leading ./ from both name and newname if the rename is
4971 * at the root of the share. We need to make sure either both
4972 * name and newname contain a / character or neither of them do
4973 * as this is checked in resolve_wildcards().
4976 p = strrchr_m(name,'/');
4978 pstrcpy(directory,".");
4982 pstrcpy(directory,name);
4984 *p = '/'; /* Replace needed for exceptional test below. */
4988 * We should only check the mangled cache
4989 * here if unix_convert failed. This means
4990 * that the path in 'mask' doesn't exist
4991 * on the file system and so we need to look
4992 * for a possible mangle. This patch from
4993 * Tine Smukavec <valentin.smukavec@hermes.si>.
4996 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
4997 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
5000 if (!src_has_wild) {
5004 * No wildcards - just process the one file.
5006 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
5008 /* Add a terminating '/' to the directory name. */
5009 pstrcat(directory,"/");
5010 pstrcat(directory,mask);
5012 /* Ensure newname contains a '/' also */
5013 if(strrchr_m(newname,'/') == 0) {
5016 pstrcpy(tmpstr, "./");
5017 pstrcat(tmpstr, newname);
5018 pstrcpy(newname, tmpstr);
5021 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5022 "case_preserve = %d, short case preserve = %d, "
5023 "directory = %s, newname = %s, "
5024 "last_component_dest = %s, is_8_3 = %d\n",
5025 conn->case_sensitive, conn->case_preserve,
5026 conn->short_case_preserve, directory,
5027 newname, last_component_dest, is_short_name));
5029 /* The dest name still may have wildcards. */
5030 if (dest_has_wild) {
5031 if (!resolve_wildcards(directory,newname)) {
5032 DEBUG(6, ("rename_internals: resolve_wildcards %s %s failed\n",
5033 directory,newname));
5034 return NT_STATUS_NO_MEMORY;
5039 SMB_VFS_STAT(conn, directory, &sbuf1);
5041 status = S_ISDIR(sbuf1.st_mode) ?
5042 open_directory(conn, req, directory, &sbuf1,
5044 FILE_SHARE_READ|FILE_SHARE_WRITE,
5045 FILE_OPEN, 0, 0, NULL,
5047 : open_file_ntcreate(conn, req, directory, &sbuf1,
5049 FILE_SHARE_READ|FILE_SHARE_WRITE,
5050 FILE_OPEN, 0, 0, 0, NULL,
5053 if (!NT_STATUS_IS_OK(status)) {
5054 DEBUG(3, ("Could not open rename source %s: %s\n",
5055 directory, nt_errstr(status)));
5059 status = rename_internals_fsp(conn, fsp, newname, attrs,
5062 close_file(fsp, NORMAL_CLOSE);
5064 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5065 nt_errstr(status), directory,newname));
5071 * Wildcards - process each file that matches.
5073 if (strequal(mask,"????????.???")) {
5077 status = check_name(conn, directory);
5078 if (!NT_STATUS_IS_OK(status)) {
5082 dir_hnd = OpenDir(conn, directory, mask, attrs);
5083 if (dir_hnd == NULL) {
5084 return map_nt_error_from_unix(errno);
5087 status = NT_STATUS_NO_SUCH_FILE;
5089 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5090 * - gentest fix. JRA
5093 while ((dname = ReadDirName(dir_hnd, &offset))) {
5096 BOOL sysdir_entry = False;
5098 pstrcpy(fname,dname);
5100 /* Quick check for "." and ".." */
5101 if (fname[0] == '.') {
5102 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
5104 sysdir_entry = True;
5111 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5115 if(!mask_match(fname, mask, conn->case_sensitive)) {
5120 status = NT_STATUS_OBJECT_NAME_INVALID;
5124 slprintf(fname, sizeof(fname)-1, "%s/%s", directory, dname);
5126 pstrcpy(destname,newname);
5128 if (!resolve_wildcards(fname,destname)) {
5129 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5135 SMB_VFS_STAT(conn, fname, &sbuf1);
5137 status = S_ISDIR(sbuf1.st_mode) ?
5138 open_directory(conn, req, fname, &sbuf1,
5140 FILE_SHARE_READ|FILE_SHARE_WRITE,
5141 FILE_OPEN, 0, 0, NULL,
5143 : open_file_ntcreate(conn, req, fname, &sbuf1,
5145 FILE_SHARE_READ|FILE_SHARE_WRITE,
5146 FILE_OPEN, 0, 0, 0, NULL,
5149 if (!NT_STATUS_IS_OK(status)) {
5150 DEBUG(3,("rename_internals: open_file_ntcreate "
5151 "returned %s rename %s -> %s\n",
5152 nt_errstr(status), directory, newname));
5156 status = rename_internals_fsp(conn, fsp, destname, attrs,
5159 close_file(fsp, NORMAL_CLOSE);
5161 if (!NT_STATUS_IS_OK(status)) {
5162 DEBUG(3, ("rename_internals_fsp returned %s for "
5163 "rename %s -> %s\n", nt_errstr(status),
5164 directory, newname));
5170 DEBUG(3,("rename_internals: doing rename on %s -> "
5171 "%s\n",fname,destname));
5175 if (count == 0 && NT_STATUS_IS_OK(status)) {
5176 status = map_nt_error_from_unix(errno);
5182 /****************************************************************************
5184 ****************************************************************************/
5186 void reply_mv(connection_struct *conn, struct smb_request *req)
5193 BOOL src_has_wcard = False;
5194 BOOL dest_has_wcard = False;
5196 START_PROFILE(SMBmv);
5199 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5204 attrs = SVAL(req->inbuf,smb_vwv0);
5206 p = smb_buf(req->inbuf) + 1;
5207 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, name, p,
5208 sizeof(name), 0, STR_TERMINATE, &status,
5210 if (!NT_STATUS_IS_OK(status)) {
5211 reply_nterror(req, status);
5216 p += srvstr_get_path_wcard((char *)req->inbuf, req->flags2, newname, p,
5217 sizeof(newname), 0, STR_TERMINATE, &status,
5219 if (!NT_STATUS_IS_OK(status)) {
5220 reply_nterror(req, status);
5225 status = resolve_dfspath_wcard(conn,
5226 req->flags2 & FLAGS2_DFS_PATHNAMES,
5227 name, &src_has_wcard);
5228 if (!NT_STATUS_IS_OK(status)) {
5229 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5230 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5231 ERRSRV, ERRbadpath);
5235 reply_nterror(req, status);
5240 status = resolve_dfspath_wcard(conn,
5241 req->flags2 & FLAGS2_DFS_PATHNAMES,
5242 newname, &dest_has_wcard);
5243 if (!NT_STATUS_IS_OK(status)) {
5244 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5245 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5246 ERRSRV, ERRbadpath);
5250 reply_nterror(req, status);
5255 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
5257 status = rename_internals(conn, req, name, newname, attrs, False,
5258 src_has_wcard, dest_has_wcard);
5259 if (!NT_STATUS_IS_OK(status)) {
5260 if (open_was_deferred(req->mid)) {
5261 /* We have re-scheduled this call. */
5265 reply_nterror(req, status);
5270 reply_outbuf(req, 0, 0);
5276 /*******************************************************************
5277 Copy a file as part of a reply_copy.
5278 ******************************************************************/
5281 * TODO: check error codes on all callers
5284 NTSTATUS copy_file(connection_struct *conn,
5289 BOOL target_is_directory)
5291 SMB_STRUCT_STAT src_sbuf, sbuf2;
5293 files_struct *fsp1,*fsp2;
5296 uint32 new_create_disposition;
5299 pstrcpy(dest,dest1);
5300 if (target_is_directory) {
5301 char *p = strrchr_m(src,'/');
5311 if (!vfs_file_exist(conn,src,&src_sbuf)) {
5312 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
5315 if (!target_is_directory && count) {
5316 new_create_disposition = FILE_OPEN;
5318 if (!map_open_params_to_ntcreate(dest1,0,ofun,
5319 NULL, NULL, &new_create_disposition, NULL)) {
5320 return NT_STATUS_INVALID_PARAMETER;
5324 status = open_file_ntcreate(conn, NULL, src, &src_sbuf,
5326 FILE_SHARE_READ|FILE_SHARE_WRITE,
5329 FILE_ATTRIBUTE_NORMAL,
5333 if (!NT_STATUS_IS_OK(status)) {
5337 dosattrs = dos_mode(conn, src, &src_sbuf);
5338 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
5339 ZERO_STRUCTP(&sbuf2);
5342 status = open_file_ntcreate(conn, NULL, dest, &sbuf2,
5344 FILE_SHARE_READ|FILE_SHARE_WRITE,
5345 new_create_disposition,
5351 if (!NT_STATUS_IS_OK(status)) {
5352 close_file(fsp1,ERROR_CLOSE);
5356 if ((ofun&3) == 1) {
5357 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
5358 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
5360 * Stop the copy from occurring.
5363 src_sbuf.st_size = 0;
5367 if (src_sbuf.st_size) {
5368 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
5371 close_file(fsp1,NORMAL_CLOSE);
5373 /* Ensure the modtime is set correctly on the destination file. */
5374 fsp_set_pending_modtime( fsp2, get_mtimespec(&src_sbuf));
5377 * As we are opening fsp1 read-only we only expect
5378 * an error on close on fsp2 if we are out of space.
5379 * Thus we don't look at the error return from the
5382 status = close_file(fsp2,NORMAL_CLOSE);
5384 if (!NT_STATUS_IS_OK(status)) {
5388 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
5389 return NT_STATUS_DISK_FULL;
5392 return NT_STATUS_OK;
5395 /****************************************************************************
5396 Reply to a file copy.
5397 ****************************************************************************/
5399 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5404 pstring mask,newname;
5407 int error = ERRnoaccess;
5409 int tid2 = SVAL(inbuf,smb_vwv0);
5410 int ofun = SVAL(inbuf,smb_vwv1);
5411 int flags = SVAL(inbuf,smb_vwv2);
5412 BOOL target_is_directory=False;
5413 BOOL source_has_wild = False;
5414 BOOL dest_has_wild = False;
5415 SMB_STRUCT_STAT sbuf1, sbuf2;
5417 START_PROFILE(SMBcopy);
5419 *directory = *mask = 0;
5422 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), name, p,
5423 sizeof(name), 0, STR_TERMINATE, &status,
5425 if (!NT_STATUS_IS_OK(status)) {
5426 END_PROFILE(SMBcopy);
5427 return ERROR_NT(status);
5429 p += srvstr_get_path_wcard(inbuf, SVAL(inbuf,smb_flg2), newname, p,
5430 sizeof(newname), 0, STR_TERMINATE, &status,
5432 if (!NT_STATUS_IS_OK(status)) {
5433 END_PROFILE(SMBcopy);
5434 return ERROR_NT(status);
5437 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
5439 if (tid2 != conn->cnum) {
5440 /* can't currently handle inter share copies XXXX */
5441 DEBUG(3,("Rejecting inter-share copy\n"));
5442 END_PROFILE(SMBcopy);
5443 return ERROR_DOS(ERRSRV,ERRinvdevice);
5446 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, name, &source_has_wild);
5447 if (!NT_STATUS_IS_OK(status)) {
5448 END_PROFILE(SMBcopy);
5449 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5450 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5452 return ERROR_NT(status);
5455 status = resolve_dfspath_wcard(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newname, &dest_has_wild);
5456 if (!NT_STATUS_IS_OK(status)) {
5457 END_PROFILE(SMBcopy);
5458 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5459 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5461 return ERROR_NT(status);
5464 status = unix_convert(conn, name, source_has_wild, NULL, &sbuf1);
5465 if (!NT_STATUS_IS_OK(status)) {
5466 END_PROFILE(SMBcopy);
5467 return ERROR_NT(status);
5470 status = unix_convert(conn, newname, dest_has_wild, NULL, &sbuf2);
5471 if (!NT_STATUS_IS_OK(status)) {
5472 END_PROFILE(SMBcopy);
5473 return ERROR_NT(status);
5476 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
5478 if ((flags&1) && target_is_directory) {
5479 END_PROFILE(SMBcopy);
5480 return ERROR_DOS(ERRDOS,ERRbadfile);
5483 if ((flags&2) && !target_is_directory) {
5484 END_PROFILE(SMBcopy);
5485 return ERROR_DOS(ERRDOS,ERRbadpath);
5488 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
5489 /* wants a tree copy! XXXX */
5490 DEBUG(3,("Rejecting tree copy\n"));
5491 END_PROFILE(SMBcopy);
5492 return ERROR_DOS(ERRSRV,ERRerror);
5495 p = strrchr_m(name,'/');
5497 pstrcpy(directory,"./");
5501 pstrcpy(directory,name);
5506 * We should only check the mangled cache
5507 * here if unix_convert failed. This means
5508 * that the path in 'mask' doesn't exist
5509 * on the file system and so we need to look
5510 * for a possible mangle. This patch from
5511 * Tine Smukavec <valentin.smukavec@hermes.si>.
5514 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5515 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
5518 if (!source_has_wild) {
5519 pstrcat(directory,"/");
5520 pstrcat(directory,mask);
5521 if (dest_has_wild) {
5522 if (!resolve_wildcards(directory,newname)) {
5523 END_PROFILE(SMBcopy);
5524 return ERROR_NT(NT_STATUS_NO_MEMORY);
5528 status = check_name(conn, directory);
5529 if (!NT_STATUS_IS_OK(status)) {
5530 return ERROR_NT(status);
5533 status = check_name(conn, newname);
5534 if (!NT_STATUS_IS_OK(status)) {
5535 return ERROR_NT(status);
5538 status = copy_file(conn,directory,newname,ofun,
5539 count,target_is_directory);
5541 if(!NT_STATUS_IS_OK(status)) {
5542 END_PROFILE(SMBcopy);
5543 return ERROR_NT(status);
5548 struct smb_Dir *dir_hnd = NULL;
5553 if (strequal(mask,"????????.???"))
5556 status = check_name(conn, directory);
5557 if (!NT_STATUS_IS_OK(status)) {
5558 return ERROR_NT(status);
5561 dir_hnd = OpenDir(conn, directory, mask, 0);
5562 if (dir_hnd == NULL) {
5563 status = map_nt_error_from_unix(errno);
5564 return ERROR_NT(status);
5569 while ((dname = ReadDirName(dir_hnd, &offset))) {
5571 pstrcpy(fname,dname);
5573 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5577 if(!mask_match(fname, mask, conn->case_sensitive)) {
5581 error = ERRnoaccess;
5582 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
5583 pstrcpy(destname,newname);
5584 if (!resolve_wildcards(fname,destname)) {
5588 status = check_name(conn, fname);
5589 if (!NT_STATUS_IS_OK(status)) {
5590 return ERROR_NT(status);
5593 status = check_name(conn, destname);
5594 if (!NT_STATUS_IS_OK(status)) {
5595 return ERROR_NT(status);
5598 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
5600 status = copy_file(conn,fname,destname,ofun,
5601 count,target_is_directory);
5602 if (NT_STATUS_IS_OK(status)) {
5611 /* Error on close... */
5613 END_PROFILE(SMBcopy);
5614 return(UNIXERROR(ERRHRD,ERRgeneral));
5617 END_PROFILE(SMBcopy);
5618 return ERROR_DOS(ERRDOS,error);
5621 outsize = set_message(inbuf,outbuf,1,0,True);
5622 SSVAL(outbuf,smb_vwv0,count);
5624 END_PROFILE(SMBcopy);
5628 /****************************************************************************
5630 ****************************************************************************/
5632 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5639 START_PROFILE(pathworks_setdir);
5642 if (!CAN_SETDIR(snum)) {
5643 END_PROFILE(pathworks_setdir);
5644 return ERROR_DOS(ERRDOS,ERRnoaccess);
5647 srvstr_get_path(inbuf, SVAL(inbuf,smb_flg2), newdir,
5648 smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE,
5650 if (!NT_STATUS_IS_OK(status)) {
5651 END_PROFILE(pathworks_setdir);
5652 return ERROR_NT(status);
5655 status = resolve_dfspath(conn, SVAL(inbuf,smb_flg2) & FLAGS2_DFS_PATHNAMES, newdir);
5656 if (!NT_STATUS_IS_OK(status)) {
5657 END_PROFILE(pathworks_setdir);
5658 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5659 return ERROR_BOTH(NT_STATUS_PATH_NOT_COVERED, ERRSRV, ERRbadpath);
5661 return ERROR_NT(status);
5664 if (strlen(newdir) != 0) {
5665 if (!vfs_directory_exist(conn,newdir,NULL)) {
5666 END_PROFILE(pathworks_setdir);
5667 return ERROR_DOS(ERRDOS,ERRbadpath);
5669 set_conn_connectpath(conn,newdir);
5672 outsize = set_message(inbuf,outbuf,0,0,False);
5673 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5675 DEBUG(3,("setdir %s\n", newdir));
5677 END_PROFILE(pathworks_setdir);
5682 #define DBGC_CLASS DBGC_LOCKING
5684 /****************************************************************************
5685 Get a lock pid, dealing with large count requests.
5686 ****************************************************************************/
5688 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5690 if(!large_file_format)
5691 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5693 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5696 /****************************************************************************
5697 Get a lock count, dealing with large count requests.
5698 ****************************************************************************/
5700 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5702 SMB_BIG_UINT count = 0;
5704 if(!large_file_format) {
5705 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5708 #if defined(HAVE_LONGLONG)
5709 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5710 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5711 #else /* HAVE_LONGLONG */
5714 * NT4.x seems to be broken in that it sends large file (64 bit)
5715 * lockingX calls even if the CAP_LARGE_FILES was *not*
5716 * negotiated. For boxes without large unsigned ints truncate the
5717 * lock count by dropping the top 32 bits.
5720 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5721 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5722 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5723 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5724 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5727 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5728 #endif /* HAVE_LONGLONG */
5734 #if !defined(HAVE_LONGLONG)
5735 /****************************************************************************
5736 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5737 ****************************************************************************/
5739 static uint32 map_lock_offset(uint32 high, uint32 low)
5743 uint32 highcopy = high;
5746 * Try and find out how many significant bits there are in high.
5749 for(i = 0; highcopy; i++)
5753 * We use 31 bits not 32 here as POSIX
5754 * lock offsets may not be negative.
5757 mask = (~0) << (31 - i);
5760 return 0; /* Fail. */
5766 #endif /* !defined(HAVE_LONGLONG) */
5768 /****************************************************************************
5769 Get a lock offset, dealing with large offset requests.
5770 ****************************************************************************/
5772 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5774 SMB_BIG_UINT offset = 0;
5778 if(!large_file_format) {
5779 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5782 #if defined(HAVE_LONGLONG)
5783 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5784 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5785 #else /* HAVE_LONGLONG */
5788 * NT4.x seems to be broken in that it sends large file (64 bit)
5789 * lockingX calls even if the CAP_LARGE_FILES was *not*
5790 * negotiated. For boxes without large unsigned ints mangle the
5791 * lock offset by mapping the top 32 bits onto the lower 32.
5794 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5795 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5796 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5799 if((new_low = map_lock_offset(high, low)) == 0) {
5801 return (SMB_BIG_UINT)-1;
5804 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5805 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5806 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5807 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5810 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5811 #endif /* HAVE_LONGLONG */
5817 /****************************************************************************
5818 Reply to a lockingX request.
5819 ****************************************************************************/
5821 void reply_lockingX(connection_struct *conn, struct smb_request *req)
5824 unsigned char locktype;
5825 unsigned char oplocklevel;
5828 SMB_BIG_UINT count = 0, offset = 0;
5833 BOOL large_file_format;
5835 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5837 START_PROFILE(SMBlockingX);
5840 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5841 END_PROFILE(SMBlockingX);
5845 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
5846 locktype = CVAL(req->inbuf,smb_vwv3);
5847 oplocklevel = CVAL(req->inbuf,smb_vwv3+1);
5848 num_ulocks = SVAL(req->inbuf,smb_vwv6);
5849 num_locks = SVAL(req->inbuf,smb_vwv7);
5850 lock_timeout = IVAL(req->inbuf,smb_vwv4);
5851 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5853 if (!check_fsp(conn, req, fsp, ¤t_user)) {
5854 END_PROFILE(SMBlockingX);
5858 data = smb_buf(req->inbuf);
5860 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5861 /* we don't support these - and CANCEL_LOCK makes w2k
5862 and XP reboot so I don't really want to be
5863 compatible! (tridge) */
5864 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5865 END_PROFILE(SMBlockingX);
5869 /* Check if this is an oplock break on a file
5870 we have granted an oplock on.
5872 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5873 /* Client can insist on breaking to none. */
5874 BOOL break_to_none = (oplocklevel == 0);
5877 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5878 "for fnum = %d\n", (unsigned int)oplocklevel,
5882 * Make sure we have granted an exclusive or batch oplock on
5886 if (fsp->oplock_type == 0) {
5888 /* The Samba4 nbench simulator doesn't understand
5889 the difference between break to level2 and break
5890 to none from level2 - it sends oplock break
5891 replies in both cases. Don't keep logging an error
5892 message here - just ignore it. JRA. */
5894 DEBUG(5,("reply_lockingX: Error : oplock break from "
5895 "client for fnum = %d (oplock=%d) and no "
5896 "oplock granted on this file (%s).\n",
5897 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5899 /* if this is a pure oplock break request then don't
5901 if (num_locks == 0 && num_ulocks == 0) {
5902 END_PROFILE(SMBlockingX);
5903 reply_post_legacy(req, -1);
5906 END_PROFILE(SMBlockingX);
5907 reply_doserror(req, ERRDOS, ERRlock);
5912 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5914 result = remove_oplock(fsp);
5916 result = downgrade_oplock(fsp);
5920 DEBUG(0, ("reply_lockingX: error in removing "
5921 "oplock on file %s\n", fsp->fsp_name));
5922 /* Hmmm. Is this panic justified? */
5923 smb_panic("internal tdb error");
5926 reply_to_oplock_break_requests(fsp);
5928 /* if this is a pure oplock break request then don't send a
5930 if (num_locks == 0 && num_ulocks == 0) {
5931 /* Sanity check - ensure a pure oplock break is not a
5933 if(CVAL(req->inbuf,smb_vwv0) != 0xff)
5934 DEBUG(0,("reply_lockingX: Error : pure oplock "
5935 "break is a chained %d request !\n",
5936 (unsigned int)CVAL(req->inbuf,
5938 END_PROFILE(SMBlockingX);
5944 * We do this check *after* we have checked this is not a oplock break
5945 * response message. JRA.
5948 release_level_2_oplocks_on_change(fsp);
5950 if (smb_buflen(req->inbuf) <
5951 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
5952 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5953 END_PROFILE(SMBlockingX);
5957 /* Data now points at the beginning of the list
5958 of smb_unlkrng structs */
5959 for(i = 0; i < (int)num_ulocks; i++) {
5960 lock_pid = get_lock_pid( data, i, large_file_format);
5961 count = get_lock_count( data, i, large_file_format);
5962 offset = get_lock_offset( data, i, large_file_format, &err);
5965 * There is no error code marked "stupid client bug".... :-).
5968 END_PROFILE(SMBlockingX);
5969 reply_doserror(req, ERRDOS, ERRnoaccess);
5973 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5974 "pid %u, file %s\n", (double)offset, (double)count,
5975 (unsigned int)lock_pid, fsp->fsp_name ));
5977 status = do_unlock(smbd_messaging_context(),
5984 if (NT_STATUS_V(status)) {
5985 END_PROFILE(SMBlockingX);
5986 reply_nterror(req, status);
5991 /* Setup the timeout in seconds. */
5993 if (!lp_blocking_locks(SNUM(conn))) {
5997 /* Now do any requested locks */
5998 data += ((large_file_format ? 20 : 10)*num_ulocks);
6000 /* Data now points at the beginning of the list
6001 of smb_lkrng structs */
6003 for(i = 0; i < (int)num_locks; i++) {
6004 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
6005 READ_LOCK:WRITE_LOCK);
6006 lock_pid = get_lock_pid( data, i, large_file_format);
6007 count = get_lock_count( data, i, large_file_format);
6008 offset = get_lock_offset( data, i, large_file_format, &err);
6011 * There is no error code marked "stupid client bug".... :-).
6014 END_PROFILE(SMBlockingX);
6015 reply_doserror(req, ERRDOS, ERRnoaccess);
6019 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6020 "%u, file %s timeout = %d\n", (double)offset,
6021 (double)count, (unsigned int)lock_pid,
6022 fsp->fsp_name, (int)lock_timeout ));
6024 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
6025 if (lp_blocking_locks(SNUM(conn))) {
6027 /* Schedule a message to ourselves to
6028 remove the blocking lock record and
6029 return the right error. */
6031 if (!blocking_lock_cancel(fsp,
6037 NT_STATUS_FILE_LOCK_CONFLICT)) {
6038 END_PROFILE(SMBlockingX);
6043 ERRcancelviolation));
6047 /* Remove a matching pending lock. */
6048 status = do_lock_cancel(fsp,
6054 BOOL blocking_lock = lock_timeout ? True : False;
6055 BOOL defer_lock = False;
6056 struct byte_range_lock *br_lck;
6057 uint32 block_smbpid;
6059 br_lck = do_lock(smbd_messaging_context(),
6070 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
6071 /* Windows internal resolution for blocking locks seems
6072 to be about 200ms... Don't wait for less than that. JRA. */
6073 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
6074 lock_timeout = lp_lock_spin_time();
6079 /* This heuristic seems to match W2K3 very well. If a
6080 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6081 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6082 far as I can tell. Replacement for do_lock_spin(). JRA. */
6084 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
6085 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
6087 lock_timeout = lp_lock_spin_time();
6090 if (br_lck && defer_lock) {
6092 * A blocking lock was requested. Package up
6093 * this smb into a queued request and push it
6094 * onto the blocking lock queue.
6096 if(push_blocking_lock_request(br_lck,
6098 smb_len(req->inbuf)+4,
6108 TALLOC_FREE(br_lck);
6109 END_PROFILE(SMBlockingX);
6110 reply_post_legacy(req, -1);
6115 TALLOC_FREE(br_lck);
6118 if (NT_STATUS_V(status)) {
6119 END_PROFILE(SMBlockingX);
6120 reply_nterror(req, status);
6125 /* If any of the above locks failed, then we must unlock
6126 all of the previous locks (X/Open spec). */
6128 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
6132 * Ensure we don't do a remove on the lock that just failed,
6133 * as under POSIX rules, if we have a lock already there, we
6134 * will delete it (and we shouldn't) .....
6136 for(i--; i >= 0; i--) {
6137 lock_pid = get_lock_pid( data, i, large_file_format);
6138 count = get_lock_count( data, i, large_file_format);
6139 offset = get_lock_offset( data, i, large_file_format,
6143 * There is no error code marked "stupid client
6147 END_PROFILE(SMBlockingX);
6148 reply_doserror(req, ERRDOS, ERRnoaccess);
6152 do_unlock(smbd_messaging_context(),
6159 END_PROFILE(SMBlockingX);
6160 reply_nterror(req, status);
6164 reply_outbuf(req, 2, 0);
6166 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
6167 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
6169 END_PROFILE(SMBlockingX);
6170 chain_reply_new(req);
6174 #define DBGC_CLASS DBGC_ALL
6176 /****************************************************************************
6177 Reply to a SMBreadbmpx (read block multiplex) request.
6178 ****************************************************************************/
6180 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
6191 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6192 START_PROFILE(SMBreadBmpx);
6194 /* this function doesn't seem to work - disable by default */
6195 if (!lp_readbmpx()) {
6196 END_PROFILE(SMBreadBmpx);
6197 return ERROR_DOS(ERRSRV,ERRuseSTD);
6200 outsize = set_message(inbuf,outbuf,8,0,True);
6202 CHECK_FSP(fsp,conn);
6203 if (!CHECK_READ(fsp,inbuf)) {
6204 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6207 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
6208 maxcount = SVAL(inbuf,smb_vwv3);
6210 data = smb_buf(outbuf);
6211 pad = ((long)data)%4;
6216 max_per_packet = bufsize-(outsize+pad);
6220 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
6221 END_PROFILE(SMBreadBmpx);
6222 return ERROR_DOS(ERRDOS,ERRlock);
6226 size_t N = MIN(max_per_packet,tcount-total_read);
6228 nread = read_file(fsp,data,startpos,N);
6233 if (nread < (ssize_t)N)
6234 tcount = total_read + nread;
6236 set_message(inbuf,outbuf,8,nread+pad,False);
6237 SIVAL(outbuf,smb_vwv0,startpos);
6238 SSVAL(outbuf,smb_vwv2,tcount);
6239 SSVAL(outbuf,smb_vwv6,nread);
6240 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
6243 if (!send_smb(smbd_server_fd(),outbuf))
6244 exit_server_cleanly("reply_readbmpx: send_smb failed.");
6246 total_read += nread;
6248 } while (total_read < (ssize_t)tcount);
6250 END_PROFILE(SMBreadBmpx);
6254 /****************************************************************************
6255 Reply to a SMBsetattrE.
6256 ****************************************************************************/
6258 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6260 struct timespec ts[2];
6262 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6263 START_PROFILE(SMBsetattrE);
6265 outsize = set_message(inbuf,outbuf,0,0,False);
6267 if(!fsp || (fsp->conn != conn)) {
6268 END_PROFILE(SMBsetattrE);
6269 return ERROR_DOS(ERRDOS,ERRbadfid);
6273 * Convert the DOS times into unix times. Ignore create
6274 * time as UNIX can't set this.
6277 ts[0] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv3)); /* atime. */
6278 ts[1] = convert_time_t_to_timespec(srv_make_unix_date2(inbuf+smb_vwv5)); /* mtime. */
6281 * Patch from Ray Frush <frush@engr.colostate.edu>
6282 * Sometimes times are sent as zero - ignore them.
6285 if (null_timespec(ts[0]) && null_timespec(ts[1])) {
6286 /* Ignore request */
6287 if( DEBUGLVL( 3 ) ) {
6288 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
6289 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
6291 END_PROFILE(SMBsetattrE);
6293 } else if (!null_timespec(ts[0]) && null_timespec(ts[1])) {
6294 /* set modify time = to access time if modify time was unset */
6298 /* Set the date on this file */
6299 /* Should we set pending modtime here ? JRA */
6300 if(file_ntimes(conn, fsp->fsp_name, ts)) {
6301 END_PROFILE(SMBsetattrE);
6302 return ERROR_DOS(ERRDOS,ERRnoaccess);
6305 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
6307 (unsigned int)ts[0].tv_sec,
6308 (unsigned int)ts[1].tv_sec));
6310 END_PROFILE(SMBsetattrE);
6315 /* Back from the dead for OS/2..... JRA. */
6317 /****************************************************************************
6318 Reply to a SMBwritebmpx (write block multiplex primary) request.
6319 ****************************************************************************/
6321 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6324 ssize_t nwritten = -1;
6331 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6333 START_PROFILE(SMBwriteBmpx);
6335 CHECK_FSP(fsp,conn);
6336 if (!CHECK_WRITE(fsp)) {
6337 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6339 if (HAS_CACHED_ERROR(fsp)) {
6340 return(CACHED_ERROR(fsp));
6343 tcount = SVAL(inbuf,smb_vwv1);
6344 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
6345 write_through = BITSETW(inbuf+smb_vwv7,0);
6346 numtowrite = SVAL(inbuf,smb_vwv10);
6347 smb_doff = SVAL(inbuf,smb_vwv11);
6349 data = smb_base(inbuf) + smb_doff;
6351 /* If this fails we need to send an SMBwriteC response,
6352 not an SMBwritebmpx - set this up now so we don't forget */
6353 SCVAL(outbuf,smb_com,SMBwritec);
6355 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
6356 END_PROFILE(SMBwriteBmpx);
6357 return(ERROR_DOS(ERRDOS,ERRlock));
6360 nwritten = write_file(fsp,data,startpos,numtowrite);
6362 status = sync_file(conn, fsp, write_through);
6363 if (!NT_STATUS_IS_OK(status)) {
6364 END_PROFILE(SMBwriteBmpx);
6365 DEBUG(5,("reply_writebmpx: sync_file for %s returned %s\n",
6366 fsp->fsp_name, nt_errstr(status) ));
6367 return ERROR_NT(status);
6370 if(nwritten < (ssize_t)numtowrite) {
6371 END_PROFILE(SMBwriteBmpx);
6372 return(UNIXERROR(ERRHRD,ERRdiskfull));
6375 /* If the maximum to be written to this file
6376 is greater than what we just wrote then set
6377 up a secondary struct to be attached to this
6378 fd, we will use this to cache error messages etc. */
6380 if((ssize_t)tcount > nwritten) {
6381 write_bmpx_struct *wbms;
6382 if(fsp->wbmpx_ptr != NULL)
6383 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
6385 wbms = SMB_MALLOC_P(write_bmpx_struct);
6387 DEBUG(0,("Out of memory in reply_readmpx\n"));
6388 END_PROFILE(SMBwriteBmpx);
6389 return(ERROR_DOS(ERRSRV,ERRnoresource));
6391 wbms->wr_mode = write_through;
6392 wbms->wr_discard = False; /* No errors yet */
6393 wbms->wr_total_written = nwritten;
6394 wbms->wr_errclass = 0;
6396 fsp->wbmpx_ptr = wbms;
6399 /* We are returning successfully, set the message type back to
6401 SCVAL(outbuf,smb_com,SMBwriteBmpx);
6403 outsize = set_message(inbuf,outbuf,1,0,True);
6405 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
6407 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
6408 fsp->fnum, (int)numtowrite, (int)nwritten ) );
6410 if (write_through && tcount==nwritten) {
6411 /* We need to send both a primary and a secondary response */
6412 smb_setlen(inbuf,outbuf,outsize - 4);
6414 if (!send_smb(smbd_server_fd(),outbuf))
6415 exit_server_cleanly("reply_writebmpx: send_smb failed.");
6417 /* Now the secondary */
6418 outsize = set_message(inbuf,outbuf,1,0,True);
6419 SCVAL(outbuf,smb_com,SMBwritec);
6420 SSVAL(outbuf,smb_vwv0,nwritten);
6423 END_PROFILE(SMBwriteBmpx);
6427 /****************************************************************************
6428 Reply to a SMBwritebs (write block multiplex secondary) request.
6429 ****************************************************************************/
6431 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
6434 ssize_t nwritten = -1;
6441 write_bmpx_struct *wbms;
6442 BOOL send_response = False;
6443 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6445 START_PROFILE(SMBwriteBs);
6447 CHECK_FSP(fsp,conn);
6448 if (!CHECK_WRITE(fsp)) {
6449 return(ERROR_DOS(ERRDOS,ERRbadaccess));
6452 tcount = SVAL(inbuf,smb_vwv1);
6453 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
6454 numtowrite = SVAL(inbuf,smb_vwv6);
6455 smb_doff = SVAL(inbuf,smb_vwv7);
6457 data = smb_base(inbuf) + smb_doff;
6459 /* We need to send an SMBwriteC response, not an SMBwritebs */
6460 SCVAL(outbuf,smb_com,SMBwritec);
6462 /* This fd should have an auxiliary struct attached,
6463 check that it does */
6464 wbms = fsp->wbmpx_ptr;
6466 END_PROFILE(SMBwriteBs);
6470 /* If write through is set we can return errors, else we must cache them */
6471 write_through = wbms->wr_mode;
6473 /* Check for an earlier error */
6474 if(wbms->wr_discard) {
6475 END_PROFILE(SMBwriteBs);
6476 return -1; /* Just discard the packet */
6479 nwritten = write_file(fsp,data,startpos,numtowrite);
6481 status = sync_file(conn, fsp, write_through);
6483 if (nwritten < (ssize_t)numtowrite || !NT_STATUS_IS_OK(status)) {
6485 /* We are returning an error - we can delete the aux struct */
6488 fsp->wbmpx_ptr = NULL;
6489 END_PROFILE(SMBwriteBs);
6490 return(ERROR_DOS(ERRHRD,ERRdiskfull));
6492 wbms->wr_errclass = ERRHRD;
6493 wbms->wr_error = ERRdiskfull;
6494 wbms->wr_status = NT_STATUS_DISK_FULL;
6495 wbms->wr_discard = True;
6496 END_PROFILE(SMBwriteBs);
6500 /* Increment the total written, if this matches tcount
6501 we can discard the auxiliary struct (hurrah !) and return a writeC */
6502 wbms->wr_total_written += nwritten;
6503 if(wbms->wr_total_written >= tcount) {
6504 if (write_through) {
6505 outsize = set_message(inbuf,outbuf,1,0,True);
6506 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
6507 send_response = True;
6511 fsp->wbmpx_ptr = NULL;
6515 END_PROFILE(SMBwriteBs);
6519 END_PROFILE(SMBwriteBs);
6523 /****************************************************************************
6524 Reply to a SMBgetattrE.
6525 ****************************************************************************/
6527 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
6529 SMB_STRUCT_STAT sbuf;
6532 files_struct *fsp = file_fsp(SVAL(inbuf,smb_vwv0));
6533 START_PROFILE(SMBgetattrE);
6535 outsize = set_message(inbuf,outbuf,11,0,True);
6537 if(!fsp || (fsp->conn != conn)) {
6538 END_PROFILE(SMBgetattrE);
6539 return ERROR_DOS(ERRDOS,ERRbadfid);
6542 /* Do an fstat on this file */
6543 if(fsp_stat(fsp, &sbuf)) {
6544 END_PROFILE(SMBgetattrE);
6545 return(UNIXERROR(ERRDOS,ERRnoaccess));
6548 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
6551 * Convert the times into dos times. Set create
6552 * date to be last modify date as UNIX doesn't save
6556 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
6557 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
6558 /* Should we check pending modtime here ? JRA */
6559 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
6562 SIVAL(outbuf,smb_vwv6,0);
6563 SIVAL(outbuf,smb_vwv8,0);
6565 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
6566 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
6567 SIVAL(outbuf,smb_vwv8,allocation_size);
6569 SSVAL(outbuf,smb_vwv10, mode);
6571 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
6573 END_PROFILE(SMBgetattrE);