Ensure we don't use delayed writes on POSIX opened files.
[ira/wip.git] / source3 / smbd / trans2.c
1 /*
2    Unix SMB/CIFS implementation.
3    SMB transaction2 handling
4    Copyright (C) Jeremy Allison                 1994-2007
5    Copyright (C) Stefan (metze) Metzmacher      2003
6    Copyright (C) Volker Lendecke                2005-2007
7    Copyright (C) Steve French                   2005
8    Copyright (C) James Peach                    2006-2007
9
10    Extensively modified by Andrew Tridgell, 1995
11
12    This program is free software; you can redistribute it and/or modify
13    it under the terms of the GNU General Public License as published by
14    the Free Software Foundation; either version 3 of the License, or
15    (at your option) any later version.
16
17    This program is distributed in the hope that it will be useful,
18    but WITHOUT ANY WARRANTY; without even the implied warranty of
19    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
20    GNU General Public License for more details.
21
22    You should have received a copy of the GNU General Public License
23    along with this program.  If not, see <http://www.gnu.org/licenses/>.
24 */
25
26 #include "includes.h"
27 #include "version.h"
28 #include "smbd/globals.h"
29 #include "../libcli/auth/libcli_auth.h"
30
31 extern enum protocol_types Protocol;
32
33 #define DIR_ENTRY_SAFETY_MARGIN 4096
34
35 static char *store_file_unix_basic(connection_struct *conn,
36                                 char *pdata,
37                                 files_struct *fsp,
38                                 const SMB_STRUCT_STAT *psbuf);
39
40 static char *store_file_unix_basic_info2(connection_struct *conn,
41                                 char *pdata,
42                                 files_struct *fsp,
43                                 const SMB_STRUCT_STAT *psbuf);
44
45 /********************************************************************
46  Roundup a value to the nearest allocation roundup size boundary.
47  Only do this for Windows clients.
48 ********************************************************************/
49
50 uint64_t smb_roundup(connection_struct *conn, uint64_t val)
51 {
52         uint64_t rval = lp_allocation_roundup_size(SNUM(conn));
53
54         /* Only roundup for Windows clients. */
55         enum remote_arch_types ra_type = get_remote_arch();
56         if (rval && (ra_type != RA_SAMBA) && (ra_type != RA_CIFSFS)) {
57                 val = SMB_ROUNDUP(val,rval);
58         }
59         return val;
60 }
61
62 /****************************************************************************
63  Utility functions for dealing with extended attributes.
64 ****************************************************************************/
65
66 /****************************************************************************
67  Refuse to allow clients to overwrite our private xattrs.
68 ****************************************************************************/
69
70 static bool samba_private_attr_name(const char *unix_ea_name)
71 {
72         static const char * const prohibited_ea_names[] = {
73                 SAMBA_POSIX_INHERITANCE_EA_NAME,
74                 SAMBA_XATTR_DOS_ATTRIB,
75                 NULL
76         };
77
78         int i;
79
80         for (i = 0; prohibited_ea_names[i]; i++) {
81                 if (strequal( prohibited_ea_names[i], unix_ea_name))
82                         return true;
83         }
84         if (StrnCaseCmp(unix_ea_name, SAMBA_XATTR_DOSSTREAM_PREFIX,
85                         strlen(SAMBA_XATTR_DOSSTREAM_PREFIX)) == 0) {
86                 return true;
87         }
88         return false;
89 }
90
91 /****************************************************************************
92  Get one EA value. Fill in a struct ea_struct.
93 ****************************************************************************/
94
95 NTSTATUS get_ea_value(TALLOC_CTX *mem_ctx, connection_struct *conn,
96                       files_struct *fsp, const char *fname,
97                       const char *ea_name, struct ea_struct *pea)
98 {
99         /* Get the value of this xattr. Max size is 64k. */
100         size_t attr_size = 256;
101         char *val = NULL;
102         ssize_t sizeret;
103
104  again:
105
106         val = TALLOC_REALLOC_ARRAY(mem_ctx, val, char, attr_size);
107         if (!val) {
108                 return NT_STATUS_NO_MEMORY;
109         }
110
111         if (fsp && fsp->fh->fd != -1) {
112                 sizeret = SMB_VFS_FGETXATTR(fsp, ea_name, val, attr_size);
113         } else {
114                 sizeret = SMB_VFS_GETXATTR(conn, fname, ea_name, val, attr_size);
115         }
116
117         if (sizeret == -1 && errno == ERANGE && attr_size != 65536) {
118                 attr_size = 65536;
119                 goto again;
120         }
121
122         if (sizeret == -1) {
123                 return map_nt_error_from_unix(errno);
124         }
125
126         DEBUG(10,("get_ea_value: EA %s is of length %u\n", ea_name, (unsigned int)sizeret));
127         dump_data(10, (uint8 *)val, sizeret);
128
129         pea->flags = 0;
130         if (strnequal(ea_name, "user.", 5)) {
131                 pea->name = talloc_strdup(mem_ctx, &ea_name[5]);
132         } else {
133                 pea->name = talloc_strdup(mem_ctx, ea_name);
134         }
135         if (pea->name == NULL) {
136                 TALLOC_FREE(val);
137                 return NT_STATUS_NO_MEMORY;
138         }
139         pea->value.data = (unsigned char *)val;
140         pea->value.length = (size_t)sizeret;
141         return NT_STATUS_OK;
142 }
143
144 NTSTATUS get_ea_names_from_file(TALLOC_CTX *mem_ctx, connection_struct *conn,
145                                 files_struct *fsp, const char *fname,
146                                 char ***pnames, size_t *pnum_names)
147 {
148         /* Get a list of all xattrs. Max namesize is 64k. */
149         size_t ea_namelist_size = 1024;
150         char *ea_namelist = NULL;
151
152         char *p;
153         char **names, **tmp;
154         size_t num_names;
155         ssize_t sizeret = -1;
156
157         if (!lp_ea_support(SNUM(conn))) {
158                 *pnames = NULL;
159                 *pnum_names = 0;
160                 return NT_STATUS_OK;
161         }
162
163         /*
164          * TALLOC the result early to get the talloc hierarchy right.
165          */
166
167         names = TALLOC_ARRAY(mem_ctx, char *, 1);
168         if (names == NULL) {
169                 DEBUG(0, ("talloc failed\n"));
170                 return NT_STATUS_NO_MEMORY;
171         }
172
173         while (ea_namelist_size <= 65536) {
174
175                 ea_namelist = TALLOC_REALLOC_ARRAY(
176                         names, ea_namelist, char, ea_namelist_size);
177                 if (ea_namelist == NULL) {
178                         DEBUG(0, ("talloc failed\n"));
179                         TALLOC_FREE(names);
180                         return NT_STATUS_NO_MEMORY;
181                 }
182
183                 if (fsp && fsp->fh->fd != -1) {
184                         sizeret = SMB_VFS_FLISTXATTR(fsp, ea_namelist,
185                                                      ea_namelist_size);
186                 } else {
187                         sizeret = SMB_VFS_LISTXATTR(conn, fname, ea_namelist,
188                                                     ea_namelist_size);
189                 }
190
191                 if ((sizeret == -1) && (errno == ERANGE)) {
192                         ea_namelist_size *= 2;
193                 }
194                 else {
195                         break;
196                 }
197         }
198
199         if (sizeret == -1) {
200                 TALLOC_FREE(names);
201                 return map_nt_error_from_unix(errno);
202         }
203
204         DEBUG(10, ("get_ea_list_from_file: ea_namelist size = %u\n",
205                    (unsigned int)sizeret));
206
207         if (sizeret == 0) {
208                 TALLOC_FREE(names);
209                 *pnames = NULL;
210                 *pnum_names = 0;
211                 return NT_STATUS_OK;
212         }
213
214         /*
215          * Ensure the result is 0-terminated
216          */
217
218         if (ea_namelist[sizeret-1] != '\0') {
219                 TALLOC_FREE(names);
220                 return NT_STATUS_INTERNAL_ERROR;
221         }
222
223         /*
224          * count the names
225          */
226         num_names = 0;
227
228         for (p = ea_namelist; p - ea_namelist < sizeret; p += strlen(p)+1) {
229                 num_names += 1;
230         }
231
232         tmp = TALLOC_REALLOC_ARRAY(mem_ctx, names, char *, num_names);
233         if (tmp == NULL) {
234                 DEBUG(0, ("talloc failed\n"));
235                 TALLOC_FREE(names);
236                 return NT_STATUS_NO_MEMORY;
237         }
238
239         names = tmp;
240         num_names = 0;
241
242         for (p = ea_namelist; p - ea_namelist < sizeret; p += strlen(p)+1) {
243                 names[num_names++] = p;
244         }
245
246         *pnames = names;
247         *pnum_names = num_names;
248         return NT_STATUS_OK;
249 }
250
251 /****************************************************************************
252  Return a linked list of the total EA's. Plus the total size
253 ****************************************************************************/
254
255 static struct ea_list *get_ea_list_from_file(TALLOC_CTX *mem_ctx, connection_struct *conn, files_struct *fsp,
256                                         const char *fname, size_t *pea_total_len)
257 {
258         /* Get a list of all xattrs. Max namesize is 64k. */
259         size_t i, num_names;
260         char **names;
261         struct ea_list *ea_list_head = NULL;
262         NTSTATUS status;
263
264         *pea_total_len = 0;
265
266         if (!lp_ea_support(SNUM(conn))) {
267                 return NULL;
268         }
269
270         status = get_ea_names_from_file(talloc_tos(), conn, fsp, fname,
271                                         &names, &num_names);
272
273         if (!NT_STATUS_IS_OK(status) || (num_names == 0)) {
274                 return NULL;
275         }
276
277         for (i=0; i<num_names; i++) {
278                 struct ea_list *listp;
279                 fstring dos_ea_name;
280
281                 if (strnequal(names[i], "system.", 7)
282                     || samba_private_attr_name(names[i]))
283                         continue;
284
285                 listp = TALLOC_P(mem_ctx, struct ea_list);
286                 if (listp == NULL) {
287                         return NULL;
288                 }
289
290                 if (!NT_STATUS_IS_OK(get_ea_value(mem_ctx, conn, fsp,
291                                                   fname, names[i],
292                                                   &listp->ea))) {
293                         return NULL;
294                 }
295
296                 push_ascii_fstring(dos_ea_name, listp->ea.name);
297
298                 *pea_total_len +=
299                         4 + strlen(dos_ea_name) + 1 + listp->ea.value.length;
300
301                 DEBUG(10,("get_ea_list_from_file: total_len = %u, %s, val len "
302                           "= %u\n", (unsigned int)*pea_total_len, dos_ea_name,
303                           (unsigned int)listp->ea.value.length));
304
305                 DLIST_ADD_END(ea_list_head, listp, struct ea_list *);
306
307         }
308
309         /* Add on 4 for total length. */
310         if (*pea_total_len) {
311                 *pea_total_len += 4;
312         }
313
314         DEBUG(10, ("get_ea_list_from_file: total_len = %u\n",
315                    (unsigned int)*pea_total_len));
316
317         return ea_list_head;
318 }
319
320 /****************************************************************************
321  Fill a qfilepathinfo buffer with EA's. Returns the length of the buffer
322  that was filled.
323 ****************************************************************************/
324
325 static unsigned int fill_ea_buffer(TALLOC_CTX *mem_ctx, char *pdata, unsigned int total_data_size,
326         connection_struct *conn, struct ea_list *ea_list)
327 {
328         unsigned int ret_data_size = 4;
329         char *p = pdata;
330
331         SMB_ASSERT(total_data_size >= 4);
332
333         if (!lp_ea_support(SNUM(conn))) {
334                 SIVAL(pdata,4,0);
335                 return 4;
336         }
337
338         for (p = pdata + 4; ea_list; ea_list = ea_list->next) {
339                 size_t dos_namelen;
340                 fstring dos_ea_name;
341                 push_ascii_fstring(dos_ea_name, ea_list->ea.name);
342                 dos_namelen = strlen(dos_ea_name);
343                 if (dos_namelen > 255 || dos_namelen == 0) {
344                         break;
345                 }
346                 if (ea_list->ea.value.length > 65535) {
347                         break;
348                 }
349                 if (4 + dos_namelen + 1 + ea_list->ea.value.length > total_data_size) {
350                         break;
351                 }
352
353                 /* We know we have room. */
354                 SCVAL(p,0,ea_list->ea.flags);
355                 SCVAL(p,1,dos_namelen);
356                 SSVAL(p,2,ea_list->ea.value.length);
357                 fstrcpy(p+4, dos_ea_name);
358                 memcpy( p + 4 + dos_namelen + 1, ea_list->ea.value.data, ea_list->ea.value.length);
359
360                 total_data_size -= 4 + dos_namelen + 1 + ea_list->ea.value.length;
361                 p += 4 + dos_namelen + 1 + ea_list->ea.value.length;
362         }
363
364         ret_data_size = PTR_DIFF(p, pdata);
365         DEBUG(10,("fill_ea_buffer: data_size = %u\n", ret_data_size ));
366         SIVAL(pdata,0,ret_data_size);
367         return ret_data_size;
368 }
369
370 static unsigned int estimate_ea_size(connection_struct *conn, files_struct *fsp, const char *fname)
371 {
372         size_t total_ea_len = 0;
373         TALLOC_CTX *mem_ctx = NULL;
374
375         if (!lp_ea_support(SNUM(conn))) {
376                 return 0;
377         }
378         mem_ctx = talloc_tos();
379         (void)get_ea_list_from_file(mem_ctx, conn, fsp, fname, &total_ea_len);
380         return total_ea_len;
381 }
382
383 /****************************************************************************
384  Ensure the EA name is case insensitive by matching any existing EA name.
385 ****************************************************************************/
386
387 static void canonicalize_ea_name(connection_struct *conn, files_struct *fsp, const char *fname, fstring unix_ea_name)
388 {
389         size_t total_ea_len;
390         TALLOC_CTX *mem_ctx = talloc_tos();
391         struct ea_list *ea_list = get_ea_list_from_file(mem_ctx, conn, fsp, fname, &total_ea_len);
392
393         for (; ea_list; ea_list = ea_list->next) {
394                 if (strequal(&unix_ea_name[5], ea_list->ea.name)) {
395                         DEBUG(10,("canonicalize_ea_name: %s -> %s\n",
396                                 &unix_ea_name[5], ea_list->ea.name));
397                         safe_strcpy(&unix_ea_name[5], ea_list->ea.name, sizeof(fstring)-6);
398                         break;
399                 }
400         }
401 }
402
403 /****************************************************************************
404  Set or delete an extended attribute.
405 ****************************************************************************/
406
407 NTSTATUS set_ea(connection_struct *conn, files_struct *fsp,
408                 const struct smb_filename *smb_fname, struct ea_list *ea_list)
409 {
410         char *fname = NULL;
411         NTSTATUS status;
412
413         if (!lp_ea_support(SNUM(conn))) {
414                 return NT_STATUS_EAS_NOT_SUPPORTED;
415         }
416
417         status = get_full_smb_filename(talloc_tos(), smb_fname,
418                                        &fname);
419         if (!NT_STATUS_IS_OK(status)) {
420                 return status;
421         }
422
423         for (;ea_list; ea_list = ea_list->next) {
424                 int ret;
425                 fstring unix_ea_name;
426
427                 fstrcpy(unix_ea_name, "user."); /* All EA's must start with user. */
428                 fstrcat(unix_ea_name, ea_list->ea.name);
429
430                 canonicalize_ea_name(conn, fsp, fname, unix_ea_name);
431
432                 DEBUG(10,("set_ea: ea_name %s ealen = %u\n", unix_ea_name, (unsigned int)ea_list->ea.value.length));
433
434                 if (samba_private_attr_name(unix_ea_name)) {
435                         DEBUG(10,("set_ea: ea name %s is a private Samba name.\n", unix_ea_name));
436                         return NT_STATUS_ACCESS_DENIED;
437                 }
438
439                 if (ea_list->ea.value.length == 0) {
440                         /* Remove the attribute. */
441                         if (fsp && (fsp->fh->fd != -1)) {
442                                 DEBUG(10,("set_ea: deleting ea name %s on file %s by file descriptor.\n",
443                                         unix_ea_name, fsp->fsp_name));
444                                 ret = SMB_VFS_FREMOVEXATTR(fsp, unix_ea_name);
445                         } else {
446                                 DEBUG(10,("set_ea: deleting ea name %s on file %s.\n",
447                                         unix_ea_name, fname));
448                                 ret = SMB_VFS_REMOVEXATTR(conn, fname, unix_ea_name);
449                         }
450 #ifdef ENOATTR
451                         /* Removing a non existent attribute always succeeds. */
452                         if (ret == -1 && errno == ENOATTR) {
453                                 DEBUG(10,("set_ea: deleting ea name %s didn't exist - succeeding by default.\n",
454                                                 unix_ea_name));
455                                 ret = 0;
456                         }
457 #endif
458                 } else {
459                         if (fsp && (fsp->fh->fd != -1)) {
460                                 DEBUG(10,("set_ea: setting ea name %s on file %s by file descriptor.\n",
461                                         unix_ea_name, fsp->fsp_name));
462                                 ret = SMB_VFS_FSETXATTR(fsp, unix_ea_name,
463                                                         ea_list->ea.value.data, ea_list->ea.value.length, 0);
464                         } else {
465                                 DEBUG(10,("set_ea: setting ea name %s on file %s.\n",
466                                         unix_ea_name, fname));
467                                 ret = SMB_VFS_SETXATTR(conn, fname, unix_ea_name,
468                                                         ea_list->ea.value.data, ea_list->ea.value.length, 0);
469                         }
470                 }
471
472                 if (ret == -1) {
473 #ifdef ENOTSUP
474                         if (errno == ENOTSUP) {
475                                 return NT_STATUS_EAS_NOT_SUPPORTED;
476                         }
477 #endif
478                         return map_nt_error_from_unix(errno);
479                 }
480
481         }
482         return NT_STATUS_OK;
483 }
484 /****************************************************************************
485  Read a list of EA names from an incoming data buffer. Create an ea_list with them.
486 ****************************************************************************/
487
488 static struct ea_list *read_ea_name_list(TALLOC_CTX *ctx, const char *pdata, size_t data_size)
489 {
490         struct ea_list *ea_list_head = NULL;
491         size_t converted_size, offset = 0;
492
493         while (offset + 2 < data_size) {
494                 struct ea_list *eal = TALLOC_ZERO_P(ctx, struct ea_list);
495                 unsigned int namelen = CVAL(pdata,offset);
496
497                 offset++; /* Go past the namelen byte. */
498
499                 /* integer wrap paranioa. */
500                 if ((offset + namelen < offset) || (offset + namelen < namelen) ||
501                                 (offset > data_size) || (namelen > data_size) ||
502                                 (offset + namelen >= data_size)) {
503                         break;
504                 }
505                 /* Ensure the name is null terminated. */
506                 if (pdata[offset + namelen] != '\0') {
507                         return NULL;
508                 }
509                 if (!pull_ascii_talloc(ctx, &eal->ea.name, &pdata[offset],
510                                        &converted_size)) {
511                         DEBUG(0,("read_ea_name_list: pull_ascii_talloc "
512                                  "failed: %s", strerror(errno)));
513                 }
514                 if (!eal->ea.name) {
515                         return NULL;
516                 }
517
518                 offset += (namelen + 1); /* Go past the name + terminating zero. */
519                 DLIST_ADD_END(ea_list_head, eal, struct ea_list *);
520                 DEBUG(10,("read_ea_name_list: read ea name %s\n", eal->ea.name));
521         }
522
523         return ea_list_head;
524 }
525
526 /****************************************************************************
527  Read one EA list entry from the buffer.
528 ****************************************************************************/
529
530 struct ea_list *read_ea_list_entry(TALLOC_CTX *ctx, const char *pdata, size_t data_size, size_t *pbytes_used)
531 {
532         struct ea_list *eal = TALLOC_ZERO_P(ctx, struct ea_list);
533         uint16 val_len;
534         unsigned int namelen;
535         size_t converted_size;
536
537         if (!eal) {
538                 return NULL;
539         }
540
541         if (data_size < 6) {
542                 return NULL;
543         }
544
545         eal->ea.flags = CVAL(pdata,0);
546         namelen = CVAL(pdata,1);
547         val_len = SVAL(pdata,2);
548
549         if (4 + namelen + 1 + val_len > data_size) {
550                 return NULL;
551         }
552
553         /* Ensure the name is null terminated. */
554         if (pdata[namelen + 4] != '\0') {
555                 return NULL;
556         }
557         if (!pull_ascii_talloc(ctx, &eal->ea.name, pdata + 4, &converted_size)) {
558                 DEBUG(0,("read_ea_list_entry: pull_ascii_talloc failed: %s",
559                          strerror(errno)));
560         }
561         if (!eal->ea.name) {
562                 return NULL;
563         }
564
565         eal->ea.value = data_blob_talloc(eal, NULL, (size_t)val_len + 1);
566         if (!eal->ea.value.data) {
567                 return NULL;
568         }
569
570         memcpy(eal->ea.value.data, pdata + 4 + namelen + 1, val_len);
571
572         /* Ensure we're null terminated just in case we print the value. */
573         eal->ea.value.data[val_len] = '\0';
574         /* But don't count the null. */
575         eal->ea.value.length--;
576
577         if (pbytes_used) {
578                 *pbytes_used = 4 + namelen + 1 + val_len;
579         }
580
581         DEBUG(10,("read_ea_list_entry: read ea name %s\n", eal->ea.name));
582         dump_data(10, eal->ea.value.data, eal->ea.value.length);
583
584         return eal;
585 }
586
587 /****************************************************************************
588  Read a list of EA names and data from an incoming data buffer. Create an ea_list with them.
589 ****************************************************************************/
590
591 static struct ea_list *read_ea_list(TALLOC_CTX *ctx, const char *pdata, size_t data_size)
592 {
593         struct ea_list *ea_list_head = NULL;
594         size_t offset = 0;
595         size_t bytes_used = 0;
596
597         while (offset < data_size) {
598                 struct ea_list *eal = read_ea_list_entry(ctx, pdata + offset, data_size - offset, &bytes_used);
599
600                 if (!eal) {
601                         return NULL;
602                 }
603
604                 DLIST_ADD_END(ea_list_head, eal, struct ea_list *);
605                 offset += bytes_used;
606         }
607
608         return ea_list_head;
609 }
610
611 /****************************************************************************
612  Count the total EA size needed.
613 ****************************************************************************/
614
615 static size_t ea_list_size(struct ea_list *ealist)
616 {
617         fstring dos_ea_name;
618         struct ea_list *listp;
619         size_t ret = 0;
620
621         for (listp = ealist; listp; listp = listp->next) {
622                 push_ascii_fstring(dos_ea_name, listp->ea.name);
623                 ret += 4 + strlen(dos_ea_name) + 1 + listp->ea.value.length;
624         }
625         /* Add on 4 for total length. */
626         if (ret) {
627                 ret += 4;
628         }
629
630         return ret;
631 }
632
633 /****************************************************************************
634  Return a union of EA's from a file list and a list of names.
635  The TALLOC context for the two lists *MUST* be identical as we steal
636  memory from one list to add to another. JRA.
637 ****************************************************************************/
638
639 static struct ea_list *ea_list_union(struct ea_list *name_list, struct ea_list *file_list, size_t *total_ea_len)
640 {
641         struct ea_list *nlistp, *flistp;
642
643         for (nlistp = name_list; nlistp; nlistp = nlistp->next) {
644                 for (flistp = file_list; flistp; flistp = flistp->next) {
645                         if (strequal(nlistp->ea.name, flistp->ea.name)) {
646                                 break;
647                         }
648                 }
649
650                 if (flistp) {
651                         /* Copy the data from this entry. */
652                         nlistp->ea.flags = flistp->ea.flags;
653                         nlistp->ea.value = flistp->ea.value;
654                 } else {
655                         /* Null entry. */
656                         nlistp->ea.flags = 0;
657                         ZERO_STRUCT(nlistp->ea.value);
658                 }
659         }
660
661         *total_ea_len = ea_list_size(name_list);
662         return name_list;
663 }
664
665 /****************************************************************************
666   Send the required number of replies back.
667   We assume all fields other than the data fields are
668   set correctly for the type of call.
669   HACK ! Always assumes smb_setup field is zero.
670 ****************************************************************************/
671
672 void send_trans2_replies(connection_struct *conn,
673                         struct smb_request *req,
674                          const char *params,
675                          int paramsize,
676                          const char *pdata,
677                          int datasize,
678                          int max_data_bytes)
679 {
680         /* As we are using a protocol > LANMAN1 then the max_send
681          variable must have been set in the sessetupX call.
682          This takes precedence over the max_xmit field in the
683          global struct. These different max_xmit variables should
684          be merged as this is now too confusing */
685
686         int data_to_send = datasize;
687         int params_to_send = paramsize;
688         int useable_space;
689         const char *pp = params;
690         const char *pd = pdata;
691         int params_sent_thistime, data_sent_thistime, total_sent_thistime;
692         int alignment_offset = 1; /* JRA. This used to be 3. Set to 1 to make netmon parse ok. */
693         int data_alignment_offset = 0;
694         bool overflow = False;
695         struct smbd_server_connection *sconn = smbd_server_conn;
696         int max_send = sconn->smb1.sessions.max_send;
697
698         /* Modify the data_to_send and datasize and set the error if
699            we're trying to send more than max_data_bytes. We still send
700            the part of the packet(s) that fit. Strange, but needed
701            for OS/2. */
702
703         if (max_data_bytes > 0 && datasize > max_data_bytes) {
704                 DEBUG(5,("send_trans2_replies: max_data_bytes %d exceeded by data %d\n",
705                         max_data_bytes, datasize ));
706                 datasize = data_to_send = max_data_bytes;
707                 overflow = True;
708         }
709
710         /* If there genuinely are no parameters or data to send just send the empty packet */
711
712         if(params_to_send == 0 && data_to_send == 0) {
713                 reply_outbuf(req, 10, 0);
714                 show_msg((char *)req->outbuf);
715                 return;
716         }
717
718         /* When sending params and data ensure that both are nicely aligned */
719         /* Only do this alignment when there is also data to send - else
720                 can cause NT redirector problems. */
721
722         if (((params_to_send % 4) != 0) && (data_to_send != 0))
723                 data_alignment_offset = 4 - (params_to_send % 4);
724
725         /* Space is bufsize minus Netbios over TCP header minus SMB header */
726         /* The alignment_offset is to align the param bytes on an even byte
727                 boundary. NT 4.0 Beta needs this to work correctly. */
728
729         useable_space = max_send - (smb_size
730                                     + 2 * 10 /* wct */
731                                     + alignment_offset
732                                     + data_alignment_offset);
733
734         if (useable_space < 0) {
735                 DEBUG(0, ("send_trans2_replies failed sanity useable_space "
736                           "= %d!!!", useable_space));
737                 exit_server_cleanly("send_trans2_replies: Not enough space");
738         }
739
740         while (params_to_send || data_to_send) {
741                 /* Calculate whether we will totally or partially fill this packet */
742
743                 total_sent_thistime = params_to_send + data_to_send;
744
745                 /* We can never send more than useable_space */
746                 /*
747                  * Note that 'useable_space' does not include the alignment offsets,
748                  * but we must include the alignment offsets in the calculation of
749                  * the length of the data we send over the wire, as the alignment offsets
750                  * are sent here. Fix from Marc_Jacobsen@hp.com.
751                  */
752
753                 total_sent_thistime = MIN(total_sent_thistime, useable_space);
754
755                 reply_outbuf(req, 10, total_sent_thistime + alignment_offset
756                              + data_alignment_offset);
757
758                 /*
759                  * We might have SMBtrans2s in req which was transferred to
760                  * the outbuf, fix that.
761                  */
762                 SCVAL(req->outbuf, smb_com, SMBtrans2);
763
764                 /* Set total params and data to be sent */
765                 SSVAL(req->outbuf,smb_tprcnt,paramsize);
766                 SSVAL(req->outbuf,smb_tdrcnt,datasize);
767
768                 /* Calculate how many parameters and data we can fit into
769                  * this packet. Parameters get precedence
770                  */
771
772                 params_sent_thistime = MIN(params_to_send,useable_space);
773                 data_sent_thistime = useable_space - params_sent_thistime;
774                 data_sent_thistime = MIN(data_sent_thistime,data_to_send);
775
776                 SSVAL(req->outbuf,smb_prcnt, params_sent_thistime);
777
778                 /* smb_proff is the offset from the start of the SMB header to the
779                         parameter bytes, however the first 4 bytes of outbuf are
780                         the Netbios over TCP header. Thus use smb_base() to subtract
781                         them from the calculation */
782
783                 SSVAL(req->outbuf,smb_proff,
784                       ((smb_buf(req->outbuf)+alignment_offset)
785                        - smb_base(req->outbuf)));
786
787                 if(params_sent_thistime == 0)
788                         SSVAL(req->outbuf,smb_prdisp,0);
789                 else
790                         /* Absolute displacement of param bytes sent in this packet */
791                         SSVAL(req->outbuf,smb_prdisp,pp - params);
792
793                 SSVAL(req->outbuf,smb_drcnt, data_sent_thistime);
794                 if(data_sent_thistime == 0) {
795                         SSVAL(req->outbuf,smb_droff,0);
796                         SSVAL(req->outbuf,smb_drdisp, 0);
797                 } else {
798                         /* The offset of the data bytes is the offset of the
799                                 parameter bytes plus the number of parameters being sent this time */
800                         SSVAL(req->outbuf, smb_droff,
801                               ((smb_buf(req->outbuf)+alignment_offset)
802                                - smb_base(req->outbuf))
803                               + params_sent_thistime + data_alignment_offset);
804                         SSVAL(req->outbuf,smb_drdisp, pd - pdata);
805                 }
806
807                 /* Initialize the padding for alignment */
808
809                 if (alignment_offset != 0) {
810                         memset(smb_buf(req->outbuf), 0, alignment_offset);
811                 }
812
813                 /* Copy the param bytes into the packet */
814
815                 if(params_sent_thistime) {
816                         memcpy((smb_buf(req->outbuf)+alignment_offset), pp,
817                                params_sent_thistime);
818                 }
819
820                 /* Copy in the data bytes */
821                 if(data_sent_thistime) {
822                         if (data_alignment_offset != 0) {
823                                 memset((smb_buf(req->outbuf)+alignment_offset+
824                                         params_sent_thistime), 0,
825                                        data_alignment_offset);
826                         }
827                         memcpy(smb_buf(req->outbuf)+alignment_offset
828                                +params_sent_thistime+data_alignment_offset,
829                                pd,data_sent_thistime);
830                 }
831
832                 DEBUG(9,("t2_rep: params_sent_thistime = %d, data_sent_thistime = %d, useable_space = %d\n",
833                         params_sent_thistime, data_sent_thistime, useable_space));
834                 DEBUG(9,("t2_rep: params_to_send = %d, data_to_send = %d, paramsize = %d, datasize = %d\n",
835                         params_to_send, data_to_send, paramsize, datasize));
836
837                 if (overflow) {
838                         error_packet_set((char *)req->outbuf,
839                                          ERRDOS,ERRbufferoverflow,
840                                          STATUS_BUFFER_OVERFLOW,
841                                          __LINE__,__FILE__);
842                 }
843
844                 /* Send the packet */
845                 show_msg((char *)req->outbuf);
846                 if (!srv_send_smb(smbd_server_fd(),
847                                 (char *)req->outbuf,
848                                 true, req->seqnum+1,
849                                 IS_CONN_ENCRYPTED(conn),
850                                 &req->pcd))
851                         exit_server_cleanly("send_trans2_replies: srv_send_smb failed.");
852
853                 TALLOC_FREE(req->outbuf);
854
855                 pp += params_sent_thistime;
856                 pd += data_sent_thistime;
857
858                 params_to_send -= params_sent_thistime;
859                 data_to_send -= data_sent_thistime;
860
861                 /* Sanity check */
862                 if(params_to_send < 0 || data_to_send < 0) {
863                         DEBUG(0,("send_trans2_replies failed sanity check pts = %d, dts = %d\n!!!",
864                                 params_to_send, data_to_send));
865                         return;
866                 }
867         }
868
869         return;
870 }
871
872 /****************************************************************************
873  Reply to a TRANSACT2_OPEN.
874 ****************************************************************************/
875
876 static void call_trans2open(connection_struct *conn,
877                             struct smb_request *req,
878                             char **pparams, int total_params,
879                             char **ppdata, int total_data,
880                             unsigned int max_data_bytes)
881 {
882         struct smb_filename *smb_fname = NULL;
883         char *params = *pparams;
884         char *pdata = *ppdata;
885         int deny_mode;
886         int32 open_attr;
887         bool oplock_request;
888 #if 0
889         bool return_additional_info;
890         int16 open_sattr;
891         time_t open_time;
892 #endif
893         int open_ofun;
894         uint32 open_size;
895         char *pname;
896         char *fname = NULL;
897         SMB_OFF_T size=0;
898         int fattr=0,mtime=0;
899         SMB_INO_T inode = 0;
900         int smb_action = 0;
901         files_struct *fsp;
902         struct ea_list *ea_list = NULL;
903         uint16 flags = 0;
904         NTSTATUS status;
905         uint32 access_mask;
906         uint32 share_mode;
907         uint32 create_disposition;
908         uint32 create_options = 0;
909         TALLOC_CTX *ctx = talloc_tos();
910
911         /*
912          * Ensure we have enough parameters to perform the operation.
913          */
914
915         if (total_params < 29) {
916                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
917                 goto out;
918         }
919
920         flags = SVAL(params, 0);
921         deny_mode = SVAL(params, 2);
922         open_attr = SVAL(params,6);
923         oplock_request = (flags & REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK : 0;
924         if (oplock_request) {
925                 oplock_request |= (flags & REQUEST_BATCH_OPLOCK) ? BATCH_OPLOCK : 0;
926         }
927
928 #if 0
929         return_additional_info = BITSETW(params,0);
930         open_sattr = SVAL(params, 4);
931         open_time = make_unix_date3(params+8);
932 #endif
933         open_ofun = SVAL(params,12);
934         open_size = IVAL(params,14);
935         pname = &params[28];
936
937         if (IS_IPC(conn)) {
938                 reply_doserror(req, ERRSRV, ERRaccess);
939                 goto out;
940         }
941
942         srvstr_get_path(ctx, params, req->flags2, &fname, pname,
943                         total_params - 28, STR_TERMINATE,
944                         &status);
945         if (!NT_STATUS_IS_OK(status)) {
946                 reply_nterror(req, status);
947                 goto out;
948         }
949
950         DEBUG(3,("call_trans2open %s deny_mode=0x%x attr=%d ofun=0x%x size=%d\n",
951                 fname, (unsigned int)deny_mode, (unsigned int)open_attr,
952                 (unsigned int)open_ofun, open_size));
953
954         status = filename_convert(ctx,
955                                 conn,
956                                 req->flags2 & FLAGS2_DFS_PATHNAMES,
957                                 fname,
958                                 &smb_fname,
959                                 &fname);
960         if (!NT_STATUS_IS_OK(status)) {
961                 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
962                         reply_botherror(req,
963                                 NT_STATUS_PATH_NOT_COVERED,
964                                 ERRSRV, ERRbadpath);
965                         goto out;
966                 }
967                 reply_nterror(req, status);
968                 goto out;
969         }
970
971         if (open_ofun == 0) {
972                 reply_nterror(req, NT_STATUS_OBJECT_NAME_COLLISION);
973                 goto out;
974         }
975
976         if (!map_open_params_to_ntcreate(fname, deny_mode, open_ofun,
977                                 &access_mask,
978                                 &share_mode,
979                                 &create_disposition,
980                                 &create_options)) {
981                 reply_doserror(req, ERRDOS, ERRbadaccess);
982                 goto out;
983         }
984
985         /* Any data in this call is an EA list. */
986         if (total_data && (total_data != 4) && !lp_ea_support(SNUM(conn))) {
987                 reply_nterror(req, NT_STATUS_EAS_NOT_SUPPORTED);
988                 goto out;
989         }
990
991         if (total_data != 4) {
992                 if (total_data < 10) {
993                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
994                         goto out;
995                 }
996
997                 if (IVAL(pdata,0) > total_data) {
998                         DEBUG(10,("call_trans2open: bad total data size (%u) > %u\n",
999                                 IVAL(pdata,0), (unsigned int)total_data));
1000                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1001                         goto out;
1002                 }
1003
1004                 ea_list = read_ea_list(talloc_tos(), pdata + 4,
1005                                        total_data - 4);
1006                 if (!ea_list) {
1007                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1008                         goto out;
1009                 }
1010         } else if (IVAL(pdata,0) != 4) {
1011                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1012                 goto out;
1013         }
1014
1015         status = SMB_VFS_CREATE_FILE(
1016                 conn,                                   /* conn */
1017                 req,                                    /* req */
1018                 0,                                      /* root_dir_fid */
1019                 smb_fname,                              /* fname */
1020                 access_mask,                            /* access_mask */
1021                 share_mode,                             /* share_access */
1022                 create_disposition,                     /* create_disposition*/
1023                 create_options,                         /* create_options */
1024                 open_attr,                              /* file_attributes */
1025                 oplock_request,                         /* oplock_request */
1026                 open_size,                              /* allocation_size */
1027                 NULL,                                   /* sd */
1028                 ea_list,                                /* ea_list */
1029                 &fsp,                                   /* result */
1030                 &smb_action);                           /* psbuf */
1031
1032         if (!NT_STATUS_IS_OK(status)) {
1033                 if (open_was_deferred(req->mid)) {
1034                         /* We have re-scheduled this call. */
1035                         goto out;
1036                 }
1037                 reply_openerror(req, status);
1038                 goto out;
1039         }
1040
1041         size = get_file_size_stat(&smb_fname->st);
1042         fattr = dos_mode(conn, fsp->fsp_name, &smb_fname->st);
1043         mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1044         inode = smb_fname->st.st_ex_ino;
1045         if (fattr & aDIR) {
1046                 close_file(req, fsp, ERROR_CLOSE);
1047                 reply_doserror(req, ERRDOS,ERRnoaccess);
1048                 goto out;
1049         }
1050
1051         /* Realloc the size of parameters and data we will return */
1052         *pparams = (char *)SMB_REALLOC(*pparams, 30);
1053         if(*pparams == NULL ) {
1054                 reply_nterror(req, NT_STATUS_NO_MEMORY);
1055                 goto out;
1056         }
1057         params = *pparams;
1058
1059         SSVAL(params,0,fsp->fnum);
1060         SSVAL(params,2,fattr);
1061         srv_put_dos_date2(params,4, mtime);
1062         SIVAL(params,8, (uint32)size);
1063         SSVAL(params,12,deny_mode);
1064         SSVAL(params,14,0); /* open_type - file or directory. */
1065         SSVAL(params,16,0); /* open_state - only valid for IPC device. */
1066
1067         if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1068                 smb_action |= EXTENDED_OPLOCK_GRANTED;
1069         }
1070
1071         SSVAL(params,18,smb_action);
1072
1073         /*
1074          * WARNING - this may need to be changed if SMB_INO_T <> 4 bytes.
1075          */
1076         SIVAL(params,20,inode);
1077         SSVAL(params,24,0); /* Padding. */
1078         if (flags & 8) {
1079                 uint32 ea_size = estimate_ea_size(conn, fsp, fsp->fsp_name);
1080                 SIVAL(params, 26, ea_size);
1081         } else {
1082                 SIVAL(params, 26, 0);
1083         }
1084
1085         /* Send the required number of replies */
1086         send_trans2_replies(conn, req, params, 30, *ppdata, 0, max_data_bytes);
1087  out:
1088         TALLOC_FREE(smb_fname);
1089 }
1090
1091 /*********************************************************
1092  Routine to check if a given string matches exactly.
1093  as a special case a mask of "." does NOT match. That
1094  is required for correct wildcard semantics
1095  Case can be significant or not.
1096 **********************************************************/
1097
1098 static bool exact_match(connection_struct *conn,
1099                 const char *str,
1100                 const char *mask)
1101 {
1102         if (mask[0] == '.' && mask[1] == 0)
1103                 return False;
1104         if (dptr_has_wild(conn->dirptr)) {
1105                 return False;
1106         }
1107         if (conn->case_sensitive)
1108                 return strcmp(str,mask)==0;
1109         else
1110                 return StrCaseCmp(str,mask) == 0;
1111 }
1112
1113 /****************************************************************************
1114  Return the filetype for UNIX extensions.
1115 ****************************************************************************/
1116
1117 static uint32 unix_filetype(mode_t mode)
1118 {
1119         if(S_ISREG(mode))
1120                 return UNIX_TYPE_FILE;
1121         else if(S_ISDIR(mode))
1122                 return UNIX_TYPE_DIR;
1123 #ifdef S_ISLNK
1124         else if(S_ISLNK(mode))
1125                 return UNIX_TYPE_SYMLINK;
1126 #endif
1127 #ifdef S_ISCHR
1128         else if(S_ISCHR(mode))
1129                 return UNIX_TYPE_CHARDEV;
1130 #endif
1131 #ifdef S_ISBLK
1132         else if(S_ISBLK(mode))
1133                 return UNIX_TYPE_BLKDEV;
1134 #endif
1135 #ifdef S_ISFIFO
1136         else if(S_ISFIFO(mode))
1137                 return UNIX_TYPE_FIFO;
1138 #endif
1139 #ifdef S_ISSOCK
1140         else if(S_ISSOCK(mode))
1141                 return UNIX_TYPE_SOCKET;
1142 #endif
1143
1144         DEBUG(0,("unix_filetype: unknown filetype %u\n", (unsigned)mode));
1145         return UNIX_TYPE_UNKNOWN;
1146 }
1147
1148 /****************************************************************************
1149  Map wire perms onto standard UNIX permissions. Obey share restrictions.
1150 ****************************************************************************/
1151
1152 enum perm_type { PERM_NEW_FILE, PERM_NEW_DIR, PERM_EXISTING_FILE, PERM_EXISTING_DIR};
1153
1154 static NTSTATUS unix_perms_from_wire( connection_struct *conn,
1155                                 SMB_STRUCT_STAT *psbuf,
1156                                 uint32 perms,
1157                                 enum perm_type ptype,
1158                                 mode_t *ret_perms)
1159 {
1160         mode_t ret = 0;
1161
1162         if (perms == SMB_MODE_NO_CHANGE) {
1163                 if (!VALID_STAT(*psbuf)) {
1164                         return NT_STATUS_INVALID_PARAMETER;
1165                 } else {
1166                         *ret_perms = psbuf->st_ex_mode;
1167                         return NT_STATUS_OK;
1168                 }
1169         }
1170
1171         ret |= ((perms & UNIX_X_OTH ) ? S_IXOTH : 0);
1172         ret |= ((perms & UNIX_W_OTH ) ? S_IWOTH : 0);
1173         ret |= ((perms & UNIX_R_OTH ) ? S_IROTH : 0);
1174         ret |= ((perms & UNIX_X_GRP ) ? S_IXGRP : 0);
1175         ret |= ((perms & UNIX_W_GRP ) ? S_IWGRP : 0);
1176         ret |= ((perms & UNIX_R_GRP ) ? S_IRGRP : 0);
1177         ret |= ((perms & UNIX_X_USR ) ? S_IXUSR : 0);
1178         ret |= ((perms & UNIX_W_USR ) ? S_IWUSR : 0);
1179         ret |= ((perms & UNIX_R_USR ) ? S_IRUSR : 0);
1180 #ifdef S_ISVTX
1181         ret |= ((perms & UNIX_STICKY ) ? S_ISVTX : 0);
1182 #endif
1183 #ifdef S_ISGID
1184         ret |= ((perms & UNIX_SET_GID ) ? S_ISGID : 0);
1185 #endif
1186 #ifdef S_ISUID
1187         ret |= ((perms & UNIX_SET_UID ) ? S_ISUID : 0);
1188 #endif
1189
1190         switch (ptype) {
1191         case PERM_NEW_FILE:
1192                 /* Apply mode mask */
1193                 ret &= lp_create_mask(SNUM(conn));
1194                 /* Add in force bits */
1195                 ret |= lp_force_create_mode(SNUM(conn));
1196                 break;
1197         case PERM_NEW_DIR:
1198                 ret &= lp_dir_mask(SNUM(conn));
1199                 /* Add in force bits */
1200                 ret |= lp_force_dir_mode(SNUM(conn));
1201                 break;
1202         case PERM_EXISTING_FILE:
1203                 /* Apply mode mask */
1204                 ret &= lp_security_mask(SNUM(conn));
1205                 /* Add in force bits */
1206                 ret |= lp_force_security_mode(SNUM(conn));
1207                 break;
1208         case PERM_EXISTING_DIR:
1209                 /* Apply mode mask */
1210                 ret &= lp_dir_security_mask(SNUM(conn));
1211                 /* Add in force bits */
1212                 ret |= lp_force_dir_security_mode(SNUM(conn));
1213                 break;
1214         }
1215
1216         *ret_perms = ret;
1217         return NT_STATUS_OK;
1218 }
1219
1220 /****************************************************************************
1221  Needed to show the msdfs symlinks as directories. Modifies psbuf
1222  to be a directory if it's a msdfs link.
1223 ****************************************************************************/
1224
1225 static bool check_msdfs_link(connection_struct *conn,
1226                                 const char *pathname,
1227                                 SMB_STRUCT_STAT *psbuf)
1228 {
1229         int saved_errno = errno;
1230         if(lp_host_msdfs() &&
1231                 lp_msdfs_root(SNUM(conn)) &&
1232                 is_msdfs_link(conn, pathname, psbuf)) {
1233
1234                 DEBUG(5,("check_msdfs_link: Masquerading msdfs link %s "
1235                         "as a directory\n",
1236                         pathname));
1237                 psbuf->st_ex_mode = (psbuf->st_ex_mode & 0xFFF) | S_IFDIR;
1238                 errno = saved_errno;
1239                 return true;
1240         }
1241         errno = saved_errno;
1242         return false;
1243 }
1244
1245
1246 /****************************************************************************
1247  Get a level dependent lanman2 dir entry.
1248 ****************************************************************************/
1249
1250 static bool get_lanman2_dir_entry(TALLOC_CTX *ctx,
1251                                 connection_struct *conn,
1252                                 uint16 flags2,
1253                                 const char *path_mask,
1254                                 uint32 dirtype,
1255                                 int info_level,
1256                                 int requires_resume_key,
1257                                 bool dont_descend,
1258                                 bool ask_sharemode,
1259                                 char **ppdata,
1260                                 char *base_data,
1261                                 char *end_data,
1262                                 int space_remaining,
1263                                 bool *out_of_space,
1264                                 bool *got_exact_match,
1265                                 int *last_entry_off,
1266                                 struct ea_list *name_list)
1267 {
1268         char *dname;
1269         bool found = False;
1270         SMB_STRUCT_STAT sbuf;
1271         const char *mask = NULL;
1272         char *pathreal = NULL;
1273         char *fname = NULL;
1274         char *p, *q, *pdata = *ppdata;
1275         uint32 reskey=0;
1276         long prev_dirpos=0;
1277         uint32 mode=0;
1278         SMB_OFF_T file_size = 0;
1279         uint64_t allocation_size = 0;
1280         uint32 len;
1281         struct timespec mdate_ts, adate_ts, create_date_ts;
1282         time_t mdate = (time_t)0, adate = (time_t)0, create_date = (time_t)0;
1283         char *nameptr;
1284         char *last_entry_ptr;
1285         bool was_8_3;
1286         uint32 nt_extmode; /* Used for NT connections instead of mode */
1287         bool needslash = ( conn->dirpath[strlen(conn->dirpath) -1] != '/');
1288         bool check_mangled_names = lp_manglednames(conn->params);
1289         char mangled_name[13]; /* mangled 8.3 name. */
1290
1291         *out_of_space = False;
1292         *got_exact_match = False;
1293
1294         ZERO_STRUCT(mdate_ts);
1295         ZERO_STRUCT(adate_ts);
1296         ZERO_STRUCT(create_date_ts);
1297
1298         if (!conn->dirptr) {
1299                 return(False);
1300         }
1301
1302         p = strrchr_m(path_mask,'/');
1303         if(p != NULL) {
1304                 if(p[1] == '\0') {
1305                         mask = talloc_strdup(ctx,"*.*");
1306                 } else {
1307                         mask = p+1;
1308                 }
1309         } else {
1310                 mask = path_mask;
1311         }
1312
1313         while (!found) {
1314                 bool got_match;
1315                 bool ms_dfs_link = False;
1316
1317                 /* Needed if we run out of space */
1318                 long curr_dirpos = prev_dirpos = dptr_TellDir(conn->dirptr);
1319                 dname = dptr_ReadDirName(ctx,conn->dirptr,&curr_dirpos,&sbuf);
1320
1321                 /*
1322                  * Due to bugs in NT client redirectors we are not using
1323                  * resume keys any more - set them to zero.
1324                  * Check out the related comments in findfirst/findnext.
1325                  * JRA.
1326                  */
1327
1328                 reskey = 0;
1329
1330                 DEBUG(8,("get_lanman2_dir_entry:readdir on dirptr 0x%lx now at offset %ld\n",
1331                         (long)conn->dirptr,curr_dirpos));
1332
1333                 if (!dname) {
1334                         return(False);
1335                 }
1336
1337                 /*
1338                  * fname may get mangled, dname is never mangled.
1339                  * Whenever we're accessing the filesystem we use
1340                  * pathreal which is composed from dname.
1341                  */
1342
1343                 pathreal = NULL;
1344                 fname = dname;
1345
1346                 /* Mangle fname if it's an illegal name. */
1347                 if (mangle_must_mangle(dname,conn->params)) {
1348                         if (!name_to_8_3(dname,mangled_name,True,conn->params)) {
1349                                 TALLOC_FREE(fname);
1350                                 continue; /* Error - couldn't mangle. */
1351                         }
1352                         fname = talloc_strdup(ctx, mangled_name);
1353                         if (!fname) {
1354                                 return False;
1355                         }
1356                 }
1357
1358                 if(!(got_match = *got_exact_match = exact_match(conn, fname, mask))) {
1359                         got_match = mask_match(fname, mask, conn->case_sensitive);
1360                 }
1361
1362                 if(!got_match && check_mangled_names &&
1363                    !mangle_is_8_3(fname, False, conn->params)) {
1364                         /*
1365                          * It turns out that NT matches wildcards against
1366                          * both long *and* short names. This may explain some
1367                          * of the wildcard wierdness from old DOS clients
1368                          * that some people have been seeing.... JRA.
1369                          */
1370                         /* Force the mangling into 8.3. */
1371                         if (!name_to_8_3( fname, mangled_name, False, conn->params)) {
1372                                 TALLOC_FREE(fname);
1373                                 continue; /* Error - couldn't mangle. */
1374                         }
1375
1376                         if(!(got_match = *got_exact_match = exact_match(conn, mangled_name, mask))) {
1377                                 got_match = mask_match(mangled_name, mask, conn->case_sensitive);
1378                         }
1379                 }
1380
1381                 if (got_match) {
1382                         bool isdots = (ISDOT(dname) || ISDOTDOT(dname));
1383
1384                         if (dont_descend && !isdots) {
1385                                 TALLOC_FREE(fname);
1386                                 continue;
1387                         }
1388
1389                         if (needslash) {
1390                                 pathreal = NULL;
1391                                 pathreal = talloc_asprintf(ctx,
1392                                         "%s/%s",
1393                                         conn->dirpath,
1394                                         dname);
1395                         } else {
1396                                 pathreal = talloc_asprintf(ctx,
1397                                         "%s%s",
1398                                         conn->dirpath,
1399                                         dname);
1400                         }
1401
1402                         if (!pathreal) {
1403                                 TALLOC_FREE(fname);
1404                                 return False;
1405                         }
1406
1407                         if (INFO_LEVEL_IS_UNIX(info_level)) {
1408                                 if (vfs_lstat_smb_fname(conn, pathreal,
1409                                                         &sbuf) != 0) {
1410                                         DEBUG(5,("get_lanman2_dir_entry:Couldn't lstat [%s] (%s)\n",
1411                                                 pathreal,strerror(errno)));
1412                                         TALLOC_FREE(pathreal);
1413                                         TALLOC_FREE(fname);
1414                                         continue;
1415                                 }
1416                         } else if (!VALID_STAT(sbuf) &&
1417                                    vfs_stat_smb_fname(conn, pathreal,
1418                                                       &sbuf) != 0) {
1419                                 /* Needed to show the msdfs symlinks as
1420                                  * directories */
1421
1422                                 ms_dfs_link = check_msdfs_link(conn, pathreal, &sbuf);
1423                                 if (!ms_dfs_link) {
1424                                         DEBUG(5,("get_lanman2_dir_entry:Couldn't stat [%s] (%s)\n",
1425                                                 pathreal,strerror(errno)));
1426                                         TALLOC_FREE(pathreal);
1427                                         TALLOC_FREE(fname);
1428                                         continue;
1429                                 }
1430                         }
1431
1432                         if (ms_dfs_link) {
1433                                 mode = dos_mode_msdfs(conn,pathreal,&sbuf);
1434                         } else {
1435                                 mode = dos_mode(conn,pathreal,&sbuf);
1436                         }
1437
1438                         if (!dir_check_ftype(conn,mode,dirtype)) {
1439                                 DEBUG(5,("get_lanman2_dir_entry: [%s] attribs didn't match %x\n",fname,dirtype));
1440                                 TALLOC_FREE(pathreal);
1441                                 TALLOC_FREE(fname);
1442                                 continue;
1443                         }
1444
1445                         if (!(mode & aDIR)) {
1446                                 file_size = get_file_size_stat(&sbuf);
1447                         }
1448                         allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,NULL,&sbuf);
1449
1450                         mdate_ts = sbuf.st_ex_mtime;
1451                         adate_ts = sbuf.st_ex_atime;
1452                         create_date_ts = sbuf.st_ex_btime;
1453
1454                         if (ask_sharemode) {
1455                                 struct timespec write_time_ts;
1456                                 struct file_id fileid;
1457
1458                                 fileid = vfs_file_id_from_sbuf(conn, &sbuf);
1459                                 get_file_infos(fileid, NULL, &write_time_ts);
1460                                 if (!null_timespec(write_time_ts)) {
1461                                         mdate_ts = write_time_ts;
1462                                 }
1463                         }
1464
1465                         if (lp_dos_filetime_resolution(SNUM(conn))) {
1466                                 dos_filetime_timespec(&create_date_ts);
1467                                 dos_filetime_timespec(&mdate_ts);
1468                                 dos_filetime_timespec(&adate_ts);
1469                         }
1470
1471                         create_date = convert_timespec_to_time_t(create_date_ts);
1472                         mdate = convert_timespec_to_time_t(mdate_ts);
1473                         adate = convert_timespec_to_time_t(adate_ts);
1474
1475                         DEBUG(5,("get_lanman2_dir_entry: found %s fname=%s\n",
1476                                 pathreal,fname));
1477
1478                         found = True;
1479
1480                         dptr_DirCacheAdd(conn->dirptr, dname, curr_dirpos);
1481                 }
1482
1483                 if (!found)
1484                         TALLOC_FREE(fname);
1485         }
1486
1487         p = pdata;
1488         last_entry_ptr = p;
1489
1490         nt_extmode = mode ? mode : FILE_ATTRIBUTE_NORMAL;
1491
1492         switch (info_level) {
1493                 case SMB_FIND_INFO_STANDARD:
1494                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_INFO_STANDARD\n"));
1495                         if(requires_resume_key) {
1496                                 SIVAL(p,0,reskey);
1497                                 p += 4;
1498                         }
1499                         srv_put_dos_date2(p,0,create_date);
1500                         srv_put_dos_date2(p,4,adate);
1501                         srv_put_dos_date2(p,8,mdate);
1502                         SIVAL(p,12,(uint32)file_size);
1503                         SIVAL(p,16,(uint32)allocation_size);
1504                         SSVAL(p,20,mode);
1505                         p += 23;
1506                         nameptr = p;
1507                         if (flags2 & FLAGS2_UNICODE_STRINGS) {
1508                                 p += ucs2_align(base_data, p, 0);
1509                         }
1510                         len = srvstr_push(base_data, flags2, p,
1511                                           fname, PTR_DIFF(end_data, p),
1512                                           STR_TERMINATE);
1513                         if (flags2 & FLAGS2_UNICODE_STRINGS) {
1514                                 if (len > 2) {
1515                                         SCVAL(nameptr, -1, len - 2);
1516                                 } else {
1517                                         SCVAL(nameptr, -1, 0);
1518                                 }
1519                         } else {
1520                                 if (len > 1) {
1521                                         SCVAL(nameptr, -1, len - 1);
1522                                 } else {
1523                                         SCVAL(nameptr, -1, 0);
1524                                 }
1525                         }
1526                         p += len;
1527                         break;
1528
1529                 case SMB_FIND_EA_SIZE:
1530                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_EA_SIZE\n"));
1531                         if(requires_resume_key) {
1532                                 SIVAL(p,0,reskey);
1533                                 p += 4;
1534                         }
1535                         srv_put_dos_date2(p,0,create_date);
1536                         srv_put_dos_date2(p,4,adate);
1537                         srv_put_dos_date2(p,8,mdate);
1538                         SIVAL(p,12,(uint32)file_size);
1539                         SIVAL(p,16,(uint32)allocation_size);
1540                         SSVAL(p,20,mode);
1541                         {
1542                                 unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal);
1543                                 SIVAL(p,22,ea_size); /* Extended attributes */
1544                         }
1545                         p += 27;
1546                         nameptr = p - 1;
1547                         len = srvstr_push(base_data, flags2,
1548                                           p, fname, PTR_DIFF(end_data, p),
1549                                           STR_TERMINATE | STR_NOALIGN);
1550                         if (flags2 & FLAGS2_UNICODE_STRINGS) {
1551                                 if (len > 2) {
1552                                         len -= 2;
1553                                 } else {
1554                                         len = 0;
1555                                 }
1556                         } else {
1557                                 if (len > 1) {
1558                                         len -= 1;
1559                                 } else {
1560                                         len = 0;
1561                                 }
1562                         }
1563                         SCVAL(nameptr,0,len);
1564                         p += len;
1565                         SCVAL(p,0,0); p += 1; /* Extra zero byte ? - why.. */
1566                         break;
1567
1568                 case SMB_FIND_EA_LIST:
1569                 {
1570                         struct ea_list *file_list = NULL;
1571                         size_t ea_len = 0;
1572
1573                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_EA_LIST\n"));
1574                         if (!name_list) {
1575                                 return False;
1576                         }
1577                         if(requires_resume_key) {
1578                                 SIVAL(p,0,reskey);
1579                                 p += 4;
1580                         }
1581                         srv_put_dos_date2(p,0,create_date);
1582                         srv_put_dos_date2(p,4,adate);
1583                         srv_put_dos_date2(p,8,mdate);
1584                         SIVAL(p,12,(uint32)file_size);
1585                         SIVAL(p,16,(uint32)allocation_size);
1586                         SSVAL(p,20,mode);
1587                         p += 22; /* p now points to the EA area. */
1588
1589                         file_list = get_ea_list_from_file(ctx, conn, NULL, pathreal, &ea_len);
1590                         name_list = ea_list_union(name_list, file_list, &ea_len);
1591
1592                         /* We need to determine if this entry will fit in the space available. */
1593                         /* Max string size is 255 bytes. */
1594                         if (PTR_DIFF(p + 255 + ea_len,pdata) > space_remaining) {
1595                                 /* Move the dirptr back to prev_dirpos */
1596                                 dptr_SeekDir(conn->dirptr, prev_dirpos);
1597                                 *out_of_space = True;
1598                                 DEBUG(9,("get_lanman2_dir_entry: out of space\n"));
1599                                 return False; /* Not finished - just out of space */
1600                         }
1601
1602                         /* Push the ea_data followed by the name. */
1603                         p += fill_ea_buffer(ctx, p, space_remaining, conn, name_list);
1604                         nameptr = p;
1605                         len = srvstr_push(base_data, flags2,
1606                                           p + 1, fname, PTR_DIFF(end_data, p+1),
1607                                           STR_TERMINATE | STR_NOALIGN);
1608                         if (flags2 & FLAGS2_UNICODE_STRINGS) {
1609                                 if (len > 2) {
1610                                         len -= 2;
1611                                 } else {
1612                                         len = 0;
1613                                 }
1614                         } else {
1615                                 if (len > 1) {
1616                                         len -= 1;
1617                                 } else {
1618                                         len = 0;
1619                                 }
1620                         }
1621                         SCVAL(nameptr,0,len);
1622                         p += len + 1;
1623                         SCVAL(p,0,0); p += 1; /* Extra zero byte ? - why.. */
1624                         break;
1625                 }
1626
1627                 case SMB_FIND_FILE_BOTH_DIRECTORY_INFO:
1628                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_BOTH_DIRECTORY_INFO\n"));
1629                         was_8_3 = mangle_is_8_3(fname, True, conn->params);
1630                         p += 4;
1631                         SIVAL(p,0,reskey); p += 4;
1632                         put_long_date_timespec(p,create_date_ts); p += 8;
1633                         put_long_date_timespec(p,adate_ts); p += 8;
1634                         put_long_date_timespec(p,mdate_ts); p += 8;
1635                         put_long_date_timespec(p,mdate_ts); p += 8;
1636                         SOFF_T(p,0,file_size); p += 8;
1637                         SOFF_T(p,0,allocation_size); p += 8;
1638                         SIVAL(p,0,nt_extmode); p += 4;
1639                         q = p; p += 4; /* q is placeholder for name length. */
1640                         {
1641                                 unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal);
1642                                 SIVAL(p,0,ea_size); /* Extended attributes */
1643                                 p += 4;
1644                         }
1645                         /* Clear the short name buffer. This is
1646                          * IMPORTANT as not doing so will trigger
1647                          * a Win2k client bug. JRA.
1648                          */
1649                         if (!was_8_3 && check_mangled_names) {
1650                                 if (!name_to_8_3(fname,mangled_name,True,
1651                                                    conn->params)) {
1652                                         /* Error - mangle failed ! */
1653                                         memset(mangled_name,'\0',12);
1654                                 }
1655                                 mangled_name[12] = 0;
1656                                 len = srvstr_push(base_data, flags2,
1657                                                   p+2, mangled_name, 24,
1658                                                   STR_UPPER|STR_UNICODE);
1659                                 if (len < 24) {
1660                                         memset(p + 2 + len,'\0',24 - len);
1661                                 }
1662                                 SSVAL(p, 0, len);
1663                         } else {
1664                                 memset(p,'\0',26);
1665                         }
1666                         p += 2 + 24;
1667                         len = srvstr_push(base_data, flags2, p,
1668                                           fname, PTR_DIFF(end_data, p),
1669                                           STR_TERMINATE_ASCII);
1670                         SIVAL(q,0,len);
1671                         p += len;
1672                         SIVAL(p,0,0); /* Ensure any padding is null. */
1673                         len = PTR_DIFF(p, pdata);
1674                         len = (len + 3) & ~3;
1675                         SIVAL(pdata,0,len);
1676                         p = pdata + len;
1677                         break;
1678
1679                 case SMB_FIND_FILE_DIRECTORY_INFO:
1680                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_DIRECTORY_INFO\n"));
1681                         p += 4;
1682                         SIVAL(p,0,reskey); p += 4;
1683                         put_long_date_timespec(p,create_date_ts); p += 8;
1684                         put_long_date_timespec(p,adate_ts); p += 8;
1685                         put_long_date_timespec(p,mdate_ts); p += 8;
1686                         put_long_date_timespec(p,mdate_ts); p += 8;
1687                         SOFF_T(p,0,file_size); p += 8;
1688                         SOFF_T(p,0,allocation_size); p += 8;
1689                         SIVAL(p,0,nt_extmode); p += 4;
1690                         len = srvstr_push(base_data, flags2,
1691                                           p + 4, fname, PTR_DIFF(end_data, p+4),
1692                                           STR_TERMINATE_ASCII);
1693                         SIVAL(p,0,len);
1694                         p += 4 + len;
1695                         SIVAL(p,0,0); /* Ensure any padding is null. */
1696                         len = PTR_DIFF(p, pdata);
1697                         len = (len + 3) & ~3;
1698                         SIVAL(pdata,0,len);
1699                         p = pdata + len;
1700                         break;
1701
1702                 case SMB_FIND_FILE_FULL_DIRECTORY_INFO:
1703                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_FULL_DIRECTORY_INFO\n"));
1704                         p += 4;
1705                         SIVAL(p,0,reskey); p += 4;
1706                         put_long_date_timespec(p,create_date_ts); p += 8;
1707                         put_long_date_timespec(p,adate_ts); p += 8;
1708                         put_long_date_timespec(p,mdate_ts); p += 8;
1709                         put_long_date_timespec(p,mdate_ts); p += 8;
1710                         SOFF_T(p,0,file_size); p += 8;
1711                         SOFF_T(p,0,allocation_size); p += 8;
1712                         SIVAL(p,0,nt_extmode); p += 4;
1713                         q = p; p += 4; /* q is placeholder for name length. */
1714                         {
1715                                 unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal);
1716                                 SIVAL(p,0,ea_size); /* Extended attributes */
1717                                 p +=4;
1718                         }
1719                         len = srvstr_push(base_data, flags2, p,
1720                                           fname, PTR_DIFF(end_data, p),
1721                                           STR_TERMINATE_ASCII);
1722                         SIVAL(q, 0, len);
1723                         p += len;
1724
1725                         SIVAL(p,0,0); /* Ensure any padding is null. */
1726                         len = PTR_DIFF(p, pdata);
1727                         len = (len + 3) & ~3;
1728                         SIVAL(pdata,0,len);
1729                         p = pdata + len;
1730                         break;
1731
1732                 case SMB_FIND_FILE_NAMES_INFO:
1733                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_NAMES_INFO\n"));
1734                         p += 4;
1735                         SIVAL(p,0,reskey); p += 4;
1736                         p += 4;
1737                         /* this must *not* be null terminated or w2k gets in a loop trying to set an
1738                            acl on a dir (tridge) */
1739                         len = srvstr_push(base_data, flags2, p,
1740                                           fname, PTR_DIFF(end_data, p),
1741                                           STR_TERMINATE_ASCII);
1742                         SIVAL(p, -4, len);
1743                         p += len;
1744                         SIVAL(p,0,0); /* Ensure any padding is null. */
1745                         len = PTR_DIFF(p, pdata);
1746                         len = (len + 3) & ~3;
1747                         SIVAL(pdata,0,len);
1748                         p = pdata + len;
1749                         break;
1750
1751                 case SMB_FIND_ID_FULL_DIRECTORY_INFO:
1752                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_ID_FULL_DIRECTORY_INFO\n"));
1753                         p += 4;
1754                         SIVAL(p,0,reskey); p += 4;
1755                         put_long_date_timespec(p,create_date_ts); p += 8;
1756                         put_long_date_timespec(p,adate_ts); p += 8;
1757                         put_long_date_timespec(p,mdate_ts); p += 8;
1758                         put_long_date_timespec(p,mdate_ts); p += 8;
1759                         SOFF_T(p,0,file_size); p += 8;
1760                         SOFF_T(p,0,allocation_size); p += 8;
1761                         SIVAL(p,0,nt_extmode); p += 4;
1762                         q = p; p += 4; /* q is placeholder for name length. */
1763                         {
1764                                 unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal);
1765                                 SIVAL(p,0,ea_size); /* Extended attributes */
1766                                 p +=4;
1767                         }
1768                         SIVAL(p,0,0); p += 4; /* Unknown - reserved ? */
1769                         SIVAL(p,0,sbuf.st_ex_ino); p += 4; /* FileIndexLow */
1770                         SIVAL(p,0,sbuf.st_ex_dev); p += 4; /* FileIndexHigh */
1771                         len = srvstr_push(base_data, flags2, p,
1772                                           fname, PTR_DIFF(end_data, p),
1773                                           STR_TERMINATE_ASCII);
1774                         SIVAL(q, 0, len);
1775                         p += len; 
1776                         SIVAL(p,0,0); /* Ensure any padding is null. */
1777                         len = PTR_DIFF(p, pdata);
1778                         len = (len + 3) & ~3;
1779                         SIVAL(pdata,0,len);
1780                         p = pdata + len;
1781                         break;
1782
1783                 case SMB_FIND_ID_BOTH_DIRECTORY_INFO:
1784                         DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_ID_BOTH_DIRECTORY_INFO\n"));
1785                         was_8_3 = mangle_is_8_3(fname, True, conn->params);
1786                         p += 4;
1787                         SIVAL(p,0,reskey); p += 4;
1788                         put_long_date_timespec(p,create_date_ts); p += 8;
1789                         put_long_date_timespec(p,adate_ts); p += 8;
1790                         put_long_date_timespec(p,mdate_ts); p += 8;
1791                         put_long_date_timespec(p,mdate_ts); p += 8;
1792                         SOFF_T(p,0,file_size); p += 8;
1793                         SOFF_T(p,0,allocation_size); p += 8;
1794                         SIVAL(p,0,nt_extmode); p += 4;
1795                         q = p; p += 4; /* q is placeholder for name length */
1796                         {
1797                                 unsigned int ea_size = estimate_ea_size(conn, NULL, pathreal);
1798                                 SIVAL(p,0,ea_size); /* Extended attributes */
1799                                 p +=4;
1800                         }
1801                         /* Clear the short name buffer. This is
1802                          * IMPORTANT as not doing so will trigger
1803                          * a Win2k client bug. JRA.
1804                          */
1805                         if (!was_8_3 && check_mangled_names) {
1806                                 if (!name_to_8_3(fname,mangled_name,True,
1807                                                 conn->params)) {
1808                                         /* Error - mangle failed ! */
1809                                         memset(mangled_name,'\0',12);
1810                                 }
1811                                 mangled_name[12] = 0;
1812                                 len = srvstr_push(base_data, flags2,
1813                                                   p+2, mangled_name, 24,
1814                                                   STR_UPPER|STR_UNICODE);
1815                                 SSVAL(p, 0, len);
1816                                 if (len < 24) {
1817                                         memset(p + 2 + len,'\0',24 - len);
1818                                 }
1819                                 SSVAL(p, 0, len);
1820                         } else {
1821                                 memset(p,'\0',26);
1822                         }
1823                         p += 26;
1824                         SSVAL(p,0,0); p += 2; /* Reserved ? */
1825                         SIVAL(p,0,sbuf.st_ex_ino); p += 4; /* FileIndexLow */
1826                         SIVAL(p,0,sbuf.st_ex_dev); p += 4; /* FileIndexHigh */
1827                         len = srvstr_push(base_data, flags2, p,
1828                                           fname, PTR_DIFF(end_data, p),
1829                                           STR_TERMINATE_ASCII);
1830                         SIVAL(q,0,len);
1831                         p += len;
1832                         SIVAL(p,0,0); /* Ensure any padding is null. */
1833                         len = PTR_DIFF(p, pdata);
1834                         len = (len + 3) & ~3;
1835                         SIVAL(pdata,0,len);
1836                         p = pdata + len;
1837                         break;
1838
1839                 /* CIFS UNIX Extension. */
1840
1841                 case SMB_FIND_FILE_UNIX:
1842                 case SMB_FIND_FILE_UNIX_INFO2:
1843                         p+= 4;
1844                         SIVAL(p,0,reskey); p+= 4;    /* Used for continuing search. */
1845
1846                         /* Begin of SMB_QUERY_FILE_UNIX_BASIC */
1847
1848                         if (info_level == SMB_FIND_FILE_UNIX) {
1849                                 DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_UNIX\n"));
1850                                 p = store_file_unix_basic(conn, p,
1851                                                         NULL, &sbuf);
1852                                 len = srvstr_push(base_data, flags2, p,
1853                                                   fname, PTR_DIFF(end_data, p),
1854                                                   STR_TERMINATE);
1855                         } else {
1856                                 DEBUG(10,("get_lanman2_dir_entry: SMB_FIND_FILE_UNIX_INFO2\n"));
1857                                 p = store_file_unix_basic_info2(conn, p,
1858                                                         NULL, &sbuf);
1859                                 nameptr = p;
1860                                 p += 4;
1861                                 len = srvstr_push(base_data, flags2, p, fname,
1862                                                   PTR_DIFF(end_data, p), 0);
1863                                 SIVAL(nameptr, 0, len);
1864                         }
1865
1866                         p += len;
1867                         SIVAL(p,0,0); /* Ensure any padding is null. */
1868
1869                         len = PTR_DIFF(p, pdata);
1870                         len = (len + 3) & ~3;
1871                         SIVAL(pdata,0,len);     /* Offset from this structure to the beginning of the next one */
1872                         p = pdata + len;
1873                         /* End of SMB_QUERY_FILE_UNIX_BASIC */
1874
1875                         break;
1876
1877                 default:
1878                         TALLOC_FREE(fname);
1879                         return(False);
1880         }
1881
1882         TALLOC_FREE(fname);
1883         if (PTR_DIFF(p,pdata) > space_remaining) {
1884                 /* Move the dirptr back to prev_dirpos */
1885                 dptr_SeekDir(conn->dirptr, prev_dirpos);
1886                 *out_of_space = True;
1887                 DEBUG(9,("get_lanman2_dir_entry: out of space\n"));
1888                 return False; /* Not finished - just out of space */
1889         }
1890
1891         /* Setup the last entry pointer, as an offset from base_data */
1892         *last_entry_off = PTR_DIFF(last_entry_ptr,base_data);
1893         /* Advance the data pointer to the next slot */
1894         *ppdata = p;
1895
1896         return(found);
1897 }
1898
1899 /****************************************************************************
1900  Reply to a TRANS2_FINDFIRST.
1901 ****************************************************************************/
1902
1903 static void call_trans2findfirst(connection_struct *conn,
1904                                  struct smb_request *req,
1905                                  char **pparams, int total_params,
1906                                  char **ppdata, int total_data,
1907                                  unsigned int max_data_bytes)
1908 {
1909         /* We must be careful here that we don't return more than the
1910                 allowed number of data bytes. If this means returning fewer than
1911                 maxentries then so be it. We assume that the redirector has
1912                 enough room for the fixed number of parameter bytes it has
1913                 requested. */
1914         struct smb_filename *smb_dname = NULL;
1915         char *params = *pparams;
1916         char *pdata = *ppdata;
1917         char *data_end;
1918         uint32 dirtype;
1919         int maxentries;
1920         uint16 findfirst_flags;
1921         bool close_after_first;
1922         bool close_if_end;
1923         bool requires_resume_key;
1924         int info_level;
1925         char *directory = NULL;
1926         char *mask = NULL;
1927         char *p;
1928         int last_entry_off=0;
1929         int dptr_num = -1;
1930         int numentries = 0;
1931         int i;
1932         bool finished = False;
1933         bool dont_descend = False;
1934         bool out_of_space = False;
1935         int space_remaining;
1936         bool mask_contains_wcard = False;
1937         struct ea_list *ea_list = NULL;
1938         NTSTATUS ntstatus = NT_STATUS_OK;
1939         bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1940         TALLOC_CTX *ctx = talloc_tos();
1941
1942         if (total_params < 13) {
1943                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1944                 return;
1945         }
1946
1947         dirtype = SVAL(params,0);
1948         maxentries = SVAL(params,2);
1949         findfirst_flags = SVAL(params,4);
1950         close_after_first = (findfirst_flags & FLAG_TRANS2_FIND_CLOSE);
1951         close_if_end = (findfirst_flags & FLAG_TRANS2_FIND_CLOSE_IF_END);
1952         requires_resume_key = (findfirst_flags & FLAG_TRANS2_FIND_REQUIRE_RESUME);
1953         info_level = SVAL(params,6);
1954
1955         DEBUG(3,("call_trans2findfirst: dirtype = %x, maxentries = %d, close_after_first=%d, \
1956 close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n",
1957                 (unsigned int)dirtype, maxentries, close_after_first, close_if_end, requires_resume_key,
1958                 info_level, max_data_bytes));
1959
1960         if (!maxentries) {
1961                 /* W2K3 seems to treat zero as 1. */
1962                 maxentries = 1;
1963         }
1964
1965         switch (info_level) {
1966                 case SMB_FIND_INFO_STANDARD:
1967                 case SMB_FIND_EA_SIZE:
1968                 case SMB_FIND_EA_LIST:
1969                 case SMB_FIND_FILE_DIRECTORY_INFO:
1970                 case SMB_FIND_FILE_FULL_DIRECTORY_INFO:
1971                 case SMB_FIND_FILE_NAMES_INFO:
1972                 case SMB_FIND_FILE_BOTH_DIRECTORY_INFO:
1973                 case SMB_FIND_ID_FULL_DIRECTORY_INFO:
1974                 case SMB_FIND_ID_BOTH_DIRECTORY_INFO:
1975                         break;
1976                 case SMB_FIND_FILE_UNIX:
1977                 case SMB_FIND_FILE_UNIX_INFO2:
1978                         /* Always use filesystem for UNIX mtime query. */
1979                         ask_sharemode = false;
1980                         if (!lp_unix_extensions()) {
1981                                 reply_nterror(req, NT_STATUS_INVALID_LEVEL);
1982                                 return;
1983                         }
1984                         break;
1985                 default:
1986                         reply_nterror(req, NT_STATUS_INVALID_LEVEL);
1987                         return;
1988         }
1989
1990         srvstr_get_path_wcard(ctx, params, req->flags2, &directory,
1991                               params+12, total_params - 12,
1992                               STR_TERMINATE, &ntstatus, &mask_contains_wcard);
1993         if (!NT_STATUS_IS_OK(ntstatus)) {
1994                 reply_nterror(req, ntstatus);
1995                 return;
1996         }
1997
1998         ntstatus = resolve_dfspath_wcard(ctx, conn,
1999                         req->flags2 & FLAGS2_DFS_PATHNAMES,
2000                         directory,
2001                         &directory,
2002                         &mask_contains_wcard);
2003         if (!NT_STATUS_IS_OK(ntstatus)) {
2004                 if (NT_STATUS_EQUAL(ntstatus,NT_STATUS_PATH_NOT_COVERED)) {
2005                         reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2006                                         ERRSRV, ERRbadpath);
2007                         return;
2008                 }
2009                 reply_nterror(req, ntstatus);
2010                 return;
2011         }
2012
2013         ntstatus = unix_convert(ctx, conn, directory, &smb_dname,
2014                                 (UCF_SAVE_LCOMP | UCF_ALLOW_WCARD_LCOMP));
2015         if (!NT_STATUS_IS_OK(ntstatus)) {
2016                 reply_nterror(req, ntstatus);
2017                 return;
2018         }
2019
2020         mask = smb_dname->original_lcomp;
2021
2022         ntstatus = get_full_smb_filename(ctx, smb_dname, &directory);
2023         TALLOC_FREE(smb_dname);
2024         if (!NT_STATUS_IS_OK(ntstatus)) {
2025                 reply_nterror(req, ntstatus);
2026                 return;
2027         }
2028
2029         ntstatus = check_name(conn, directory);
2030         if (!NT_STATUS_IS_OK(ntstatus)) {
2031                 reply_nterror(req, ntstatus);
2032                 return;
2033         }
2034
2035         p = strrchr_m(directory,'/');
2036         if(p == NULL) {
2037                 /* Windows and OS/2 systems treat search on the root '\' as if it were '\*' */
2038                 if((directory[0] == '.') && (directory[1] == '\0')) {
2039                         mask = talloc_strdup(ctx,"*");
2040                         if (!mask) {
2041                                 reply_nterror(req, NT_STATUS_NO_MEMORY);
2042                                 return;
2043                         }
2044                         mask_contains_wcard = True;
2045                 }
2046                 directory = talloc_strdup(talloc_tos(), "./");
2047                 if (!directory) {
2048                         reply_nterror(req, NT_STATUS_NO_MEMORY);
2049                         return;
2050                 }
2051         } else {
2052                 *p = 0;
2053         }
2054
2055         DEBUG(5,("dir=%s, mask = %s\n",directory, mask));
2056
2057         if (info_level == SMB_FIND_EA_LIST) {
2058                 uint32 ea_size;
2059
2060                 if (total_data < 4) {
2061                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2062                         return;
2063                 }
2064
2065                 ea_size = IVAL(pdata,0);
2066                 if (ea_size != total_data) {
2067                         DEBUG(4,("call_trans2findfirst: Rejecting EA request with incorrect \
2068 total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pdata,0) ));
2069                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2070                         return;
2071                 }
2072
2073                 if (!lp_ea_support(SNUM(conn))) {
2074                         reply_doserror(req, ERRDOS, ERReasnotsupported);
2075                         return;
2076                 }
2077
2078                 /* Pull out the list of names. */
2079                 ea_list = read_ea_name_list(ctx, pdata + 4, ea_size - 4);
2080                 if (!ea_list) {
2081                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2082                         return;
2083                 }
2084         }
2085
2086         *ppdata = (char *)SMB_REALLOC(
2087                 *ppdata, max_data_bytes + DIR_ENTRY_SAFETY_MARGIN);
2088         if(*ppdata == NULL ) {
2089                 reply_nterror(req, NT_STATUS_NO_MEMORY);
2090                 return;
2091         }
2092         pdata = *ppdata;
2093         data_end = pdata + max_data_bytes + DIR_ENTRY_SAFETY_MARGIN - 1;
2094
2095         /* Realloc the params space */
2096         *pparams = (char *)SMB_REALLOC(*pparams, 10);
2097         if (*pparams == NULL) {
2098                 reply_nterror(req, NT_STATUS_NO_MEMORY);
2099                 return;
2100         }
2101         params = *pparams;
2102
2103         /* Save the wildcard match and attribs we are using on this directory -
2104                 needed as lanman2 assumes these are being saved between calls */
2105
2106         ntstatus = dptr_create(conn,
2107                                 directory,
2108                                 False,
2109                                 True,
2110                                 req->smbpid,
2111                                 mask,
2112                                 mask_contains_wcard,
2113                                 dirtype,
2114                                 &conn->dirptr);
2115
2116         if (!NT_STATUS_IS_OK(ntstatus)) {
2117                 reply_nterror(req, ntstatus);
2118                 return;
2119         }
2120
2121         dptr_num = dptr_dnum(conn->dirptr);
2122         DEBUG(4,("dptr_num is %d, wcard = %s, attr = %d\n", dptr_num, mask, dirtype));
2123
2124         /* Initialize per TRANS2_FIND_FIRST operation data */
2125         dptr_init_search_op(conn->dirptr);
2126
2127         /* We don't need to check for VOL here as this is returned by
2128                 a different TRANS2 call. */
2129
2130         DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n", conn->dirpath,lp_dontdescend(SNUM(conn))));
2131         if (in_list(conn->dirpath,lp_dontdescend(SNUM(conn)),conn->case_sensitive))
2132                 dont_descend = True;
2133
2134         p = pdata;
2135         space_remaining = max_data_bytes;
2136         out_of_space = False;
2137
2138         for (i=0;(i<maxentries) && !finished && !out_of_space;i++) {
2139                 bool got_exact_match = False;
2140
2141                 /* this is a heuristic to avoid seeking the dirptr except when
2142                         absolutely necessary. It allows for a filename of about 40 chars */
2143                 if (space_remaining < DIRLEN_GUESS && numentries > 0) {
2144                         out_of_space = True;
2145                         finished = False;
2146                 } else {
2147                         finished = !get_lanman2_dir_entry(ctx,
2148                                         conn,
2149                                         req->flags2,
2150                                         mask,dirtype,info_level,
2151                                         requires_resume_key,dont_descend,
2152                                         ask_sharemode,
2153                                         &p,pdata,data_end,
2154                                         space_remaining, &out_of_space,
2155                                         &got_exact_match,
2156                                         &last_entry_off, ea_list);
2157                 }
2158
2159                 if (finished && out_of_space)
2160                         finished = False;
2161
2162                 if (!finished && !out_of_space)
2163                         numentries++;
2164
2165                 /*
2166                  * As an optimisation if we know we aren't looking
2167                  * for a wildcard name (ie. the name matches the wildcard exactly)
2168                  * then we can finish on any (first) match.
2169                  * This speeds up large directory searches. JRA.
2170                  */
2171
2172                 if(got_exact_match)
2173                         finished = True;
2174
2175                 /* Ensure space_remaining never goes -ve. */
2176                 if (PTR_DIFF(p,pdata) > max_data_bytes) {
2177                         space_remaining = 0;
2178                         out_of_space = true;
2179                 } else {
2180                         space_remaining = max_data_bytes - PTR_DIFF(p,pdata);
2181                 }
2182         }
2183
2184         /* Check if we can close the dirptr */
2185         if(close_after_first || (finished && close_if_end)) {
2186                 DEBUG(5,("call_trans2findfirst - (2) closing dptr_num %d\n", dptr_num));
2187                 dptr_close(&dptr_num);
2188         }
2189
2190         /*
2191          * If there are no matching entries we must return ERRDOS/ERRbadfile -
2192          * from observation of NT. NB. This changes to ERRDOS,ERRnofiles if
2193          * the protocol level is less than NT1. Tested with smbclient. JRA.
2194          * This should fix the OS/2 client bug #2335.
2195          */
2196
2197         if(numentries == 0) {
2198                 dptr_close(&dptr_num);
2199                 if (Protocol < PROTOCOL_NT1) {
2200                         reply_doserror(req, ERRDOS, ERRnofiles);
2201                         return;
2202                 } else {
2203                         reply_botherror(req, NT_STATUS_NO_SUCH_FILE,
2204                                         ERRDOS, ERRbadfile);
2205                         return;
2206                 }
2207         }
2208
2209         /* At this point pdata points to numentries directory entries. */
2210
2211         /* Set up the return parameter block */
2212         SSVAL(params,0,dptr_num);
2213         SSVAL(params,2,numentries);
2214         SSVAL(params,4,finished);
2215         SSVAL(params,6,0); /* Never an EA error */
2216         SSVAL(params,8,last_entry_off);
2217
2218         send_trans2_replies(conn, req, params, 10, pdata, PTR_DIFF(p,pdata),
2219                             max_data_bytes);
2220
2221         if ((! *directory) && dptr_path(dptr_num)) {
2222                 directory = talloc_strdup(talloc_tos(),dptr_path(dptr_num));
2223                 if (!directory) {
2224                         reply_nterror(req, NT_STATUS_NO_MEMORY);
2225                 }
2226         }
2227
2228         DEBUG( 4, ( "%s mask=%s directory=%s dirtype=%d numentries=%d\n",
2229                 smb_fn_name(req->cmd),
2230                 mask, directory, dirtype, numentries ) );
2231
2232         /*
2233          * Force a name mangle here to ensure that the
2234          * mask as an 8.3 name is top of the mangled cache.
2235          * The reasons for this are subtle. Don't remove
2236          * this code unless you know what you are doing
2237          * (see PR#13758). JRA.
2238          */
2239
2240         if(!mangle_is_8_3_wildcards( mask, False, conn->params)) {
2241                 char mangled_name[13];
2242                 name_to_8_3(mask, mangled_name, True, conn->params);
2243         }
2244
2245         return;
2246 }
2247
2248 /****************************************************************************
2249  Reply to a TRANS2_FINDNEXT.
2250 ****************************************************************************/
2251
2252 static void call_trans2findnext(connection_struct *conn,
2253                                 struct smb_request *req,
2254                                 char **pparams, int total_params,
2255                                 char **ppdata, int total_data,
2256                                 unsigned int max_data_bytes)
2257 {
2258         /* We must be careful here that we don't return more than the
2259                 allowed number of data bytes. If this means returning fewer than
2260                 maxentries then so be it. We assume that the redirector has
2261                 enough room for the fixed number of parameter bytes it has
2262                 requested. */
2263         char *params = *pparams;
2264         char *pdata = *ppdata;
2265         char *data_end;
2266         int dptr_num;
2267         int maxentries;
2268         uint16 info_level;
2269         uint32 resume_key;
2270         uint16 findnext_flags;
2271         bool close_after_request;
2272         bool close_if_end;
2273         bool requires_resume_key;
2274         bool continue_bit;
2275         bool mask_contains_wcard = False;
2276         char *resume_name = NULL;
2277         const char *mask = NULL;
2278         const char *directory = NULL;
2279         char *p = NULL;
2280         uint16 dirtype;
2281         int numentries = 0;
2282         int i, last_entry_off=0;
2283         bool finished = False;
2284         bool dont_descend = False;
2285         bool out_of_space = False;
2286         int space_remaining;
2287         struct ea_list *ea_list = NULL;
2288         NTSTATUS ntstatus = NT_STATUS_OK;
2289         bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
2290         TALLOC_CTX *ctx = talloc_tos();
2291
2292         if (total_params < 13) {
2293                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2294                 return;
2295         }
2296
2297         dptr_num = SVAL(params,0);
2298         maxentries = SVAL(params,2);
2299         info_level = SVAL(params,4);
2300         resume_key = IVAL(params,6);
2301         findnext_flags = SVAL(params,10);
2302         close_after_request = (findnext_flags & FLAG_TRANS2_FIND_CLOSE);
2303         close_if_end = (findnext_flags & FLAG_TRANS2_FIND_CLOSE_IF_END);
2304         requires_resume_key = (findnext_flags & FLAG_TRANS2_FIND_REQUIRE_RESUME);
2305         continue_bit = (findnext_flags & FLAG_TRANS2_FIND_CONTINUE);
2306
2307         srvstr_get_path_wcard(ctx, params, req->flags2, &resume_name,
2308                               params+12,
2309                               total_params - 12, STR_TERMINATE, &ntstatus,
2310                               &mask_contains_wcard);
2311         if (!NT_STATUS_IS_OK(ntstatus)) {
2312                 /* Win9x or OS/2 can send a resume name of ".." or ".". This will cause the parser to
2313                    complain (it thinks we're asking for the directory above the shared
2314                    path or an invalid name). Catch this as the resume name is only compared, never used in
2315                    a file access. JRA. */
2316                 srvstr_pull_talloc(ctx, params, req->flags2,
2317                                 &resume_name, params+12,
2318                                 total_params - 12,
2319                                 STR_TERMINATE);
2320
2321                 if (!resume_name || !(ISDOT(resume_name) || ISDOTDOT(resume_name))) {
2322                         reply_nterror(req, ntstatus);
2323                         return;
2324                 }
2325         }
2326
2327         DEBUG(3,("call_trans2findnext: dirhandle = %d, max_data_bytes = %d, maxentries = %d, \
2328 close_after_request=%d, close_if_end = %d requires_resume_key = %d \
2329 resume_key = %d resume name = %s continue=%d level = %d\n",
2330                 dptr_num, max_data_bytes, maxentries, close_after_request, close_if_end, 
2331                 requires_resume_key, resume_key, resume_name, continue_bit, info_level));
2332
2333         if (!maxentries) {
2334                 /* W2K3 seems to treat zero as 1. */
2335                 maxentries = 1;
2336         }
2337
2338         switch (info_level) {
2339                 case SMB_FIND_INFO_STANDARD:
2340                 case SMB_FIND_EA_SIZE:
2341                 case SMB_FIND_EA_LIST:
2342                 case SMB_FIND_FILE_DIRECTORY_INFO:
2343                 case SMB_FIND_FILE_FULL_DIRECTORY_INFO:
2344                 case SMB_FIND_FILE_NAMES_INFO:
2345                 case SMB_FIND_FILE_BOTH_DIRECTORY_INFO:
2346                 case SMB_FIND_ID_FULL_DIRECTORY_INFO:
2347                 case SMB_FIND_ID_BOTH_DIRECTORY_INFO:
2348                         break;
2349                 case SMB_FIND_FILE_UNIX:
2350                 case SMB_FIND_FILE_UNIX_INFO2:
2351                         /* Always use filesystem for UNIX mtime query. */
2352                         ask_sharemode = false;
2353                         if (!lp_unix_extensions()) {
2354                                 reply_nterror(req, NT_STATUS_INVALID_LEVEL);
2355                                 return;
2356                         }
2357                         break;
2358                 default:
2359                         reply_nterror(req, NT_STATUS_INVALID_LEVEL);
2360                         return;
2361         }
2362
2363         if (info_level == SMB_FIND_EA_LIST) {
2364                 uint32 ea_size;
2365
2366                 if (total_data < 4) {
2367                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2368                         return;
2369                 }
2370
2371                 ea_size = IVAL(pdata,0);
2372                 if (ea_size != total_data) {
2373                         DEBUG(4,("call_trans2findnext: Rejecting EA request with incorrect \
2374 total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pdata,0) ));
2375                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2376                         return;
2377                 }
2378
2379                 if (!lp_ea_support(SNUM(conn))) {
2380                         reply_doserror(req, ERRDOS, ERReasnotsupported);
2381                         return;
2382                 }
2383
2384                 /* Pull out the list of names. */
2385                 ea_list = read_ea_name_list(ctx, pdata + 4, ea_size - 4);
2386                 if (!ea_list) {
2387                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2388                         return;
2389                 }
2390         }
2391
2392         *ppdata = (char *)SMB_REALLOC(
2393                 *ppdata, max_data_bytes + DIR_ENTRY_SAFETY_MARGIN);
2394         if(*ppdata == NULL) {
2395                 reply_nterror(req, NT_STATUS_NO_MEMORY);
2396                 return;
2397         }
2398
2399         pdata = *ppdata;
2400         data_end = pdata + max_data_bytes + DIR_ENTRY_SAFETY_MARGIN - 1;
2401
2402         /* Realloc the params space */
2403         *pparams = (char *)SMB_REALLOC(*pparams, 6*SIZEOFWORD);
2404         if(*pparams == NULL ) {
2405                 reply_nterror(req, NT_STATUS_NO_MEMORY);
2406                 return;
2407         }
2408
2409         params = *pparams;
2410
2411         /* Check that the dptr is valid */
2412         if(!(conn->dirptr = dptr_fetch_lanman2(dptr_num))) {
2413                 reply_doserror(req, ERRDOS, ERRnofiles);
2414                 return;
2415         }
2416
2417         string_set(&conn->dirpath,dptr_path(dptr_num));
2418
2419         /* Get the wildcard mask from the dptr */
2420         if((p = dptr_wcard(dptr_num))== NULL) {
2421                 DEBUG(2,("dptr_num %d has no wildcard\n", dptr_num));
2422                 reply_doserror(req, ERRDOS, ERRnofiles);
2423                 return;
2424         }
2425
2426         mask = p;
2427         directory = conn->dirpath;
2428
2429         /* Get the attr mask from the dptr */
2430         dirtype = dptr_attr(dptr_num);
2431
2432         DEBUG(3,("dptr_num is %d, mask = %s, attr = %x, dirptr=(0x%lX,%ld)\n",
2433                 dptr_num, mask, dirtype,
2434                 (long)conn->dirptr,
2435                 dptr_TellDir(conn->dirptr)));
2436
2437         /* Initialize per TRANS2_FIND_NEXT operation data */
2438         dptr_init_search_op(conn->dirptr);
2439
2440         /* We don't need to check for VOL here as this is returned by
2441                 a different TRANS2 call. */
2442
2443         DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",conn->dirpath,lp_dontdescend(SNUM(conn))));
2444         if (in_list(conn->dirpath,lp_dontdescend(SNUM(conn)),conn->case_sensitive))
2445                 dont_descend = True;
2446
2447         p = pdata;
2448         space_remaining = max_data_bytes;
2449         out_of_space = False;
2450
2451         /*
2452          * Seek to the correct position. We no longer use the resume key but
2453          * depend on the last file name instead.
2454          */
2455
2456         if(*resume_name && !continue_bit) {
2457                 SMB_STRUCT_STAT st;
2458
2459                 long current_pos = 0;
2460                 /*
2461                  * Remember, name_to_8_3 is called by
2462                  * get_lanman2_dir_entry(), so the resume name
2463                  * could be mangled. Ensure we check the unmangled name.
2464                  */
2465
2466                 if (mangle_is_mangled(resume_name, conn->params)) {
2467                         char *new_resume_name = NULL;
2468                         mangle_lookup_name_from_8_3(ctx,
2469                                                 resume_name,
2470                                                 &new_resume_name,
2471                                                 conn->params);
2472                         if (new_resume_name) {
2473                                 resume_name = new_resume_name;
2474                         }
2475                 }
2476
2477                 /*
2478                  * Fix for NT redirector problem triggered by resume key indexes
2479                  * changing between directory scans. We now return a resume key of 0
2480                  * and instead look for the filename to continue from (also given
2481                  * to us by NT/95/smbfs/smbclient). If no other scans have been done between the
2482                  * findfirst/findnext (as is usual) then the directory pointer
2483                  * should already be at the correct place.
2484                  */
2485
2486                 finished = !dptr_SearchDir(conn->dirptr, resume_name, &current_pos, &st);
2487         } /* end if resume_name && !continue_bit */
2488
2489         for (i=0;(i<(int)maxentries) && !finished && !out_of_space ;i++) {
2490                 bool got_exact_match = False;
2491
2492                 /* this is a heuristic to avoid seeking the dirptr except when 
2493                         absolutely necessary. It allows for a filename of about 40 chars */
2494                 if (space_remaining < DIRLEN_GUESS && numentries > 0) {
2495                         out_of_space = True;
2496                         finished = False;
2497                 } else {
2498                         finished = !get_lanman2_dir_entry(ctx,
2499                                                 conn,
2500                                                 req->flags2,
2501                                                 mask,dirtype,info_level,
2502                                                 requires_resume_key,dont_descend,
2503                                                 ask_sharemode,
2504                                                 &p,pdata,data_end,
2505                                                 space_remaining, &out_of_space,
2506                                                 &got_exact_match,
2507                                                 &last_entry_off, ea_list);
2508                 }
2509
2510                 if (finished && out_of_space)
2511                         finished = False;
2512
2513                 if (!finished && !out_of_space)
2514                         numentries++;
2515
2516                 /*
2517                  * As an optimisation if we know we aren't looking
2518                  * for a wildcard name (ie. the name matches the wildcard exactly)
2519                  * then we can finish on any (first) match.
2520                  * This speeds up large directory searches. JRA.
2521                  */
2522
2523                 if(got_exact_match)
2524                         finished = True;
2525
2526                 space_remaining = max_data_bytes - PTR_DIFF(p,pdata);
2527         }
2528
2529         DEBUG( 3, ( "%s mask=%s directory=%s dirtype=%d numentries=%d\n",
2530                 smb_fn_name(req->cmd),
2531                 mask, directory, dirtype, numentries ) );
2532
2533         /* Check if we can close the dirptr */
2534         if(close_after_request || (finished && close_if_end)) {
2535                 DEBUG(5,("call_trans2findnext: closing dptr_num = %d\n", dptr_num));
2536                 dptr_close(&dptr_num); /* This frees up the saved mask */
2537         }
2538
2539         /* Set up the return parameter block */
2540         SSVAL(params,0,numentries);
2541         SSVAL(params,2,finished);
2542         SSVAL(params,4,0); /* Never an EA error */
2543         SSVAL(params,6,last_entry_off);
2544
2545         send_trans2_replies(conn, req, params, 8, pdata, PTR_DIFF(p,pdata),
2546                             max_data_bytes);
2547
2548         return;
2549 }
2550
2551 unsigned char *create_volume_objectid(connection_struct *conn, unsigned char objid[16])
2552 {
2553         E_md4hash(lp_servicename(SNUM(conn)),objid);
2554         return objid;
2555 }
2556
2557 static void samba_extended_info_version(struct smb_extended_info *extended_info)
2558 {
2559         SMB_ASSERT(extended_info != NULL);
2560
2561         extended_info->samba_magic = SAMBA_EXTENDED_INFO_MAGIC;
2562         extended_info->samba_version = ((SAMBA_VERSION_MAJOR & 0xff) << 24)
2563                                        | ((SAMBA_VERSION_MINOR & 0xff) << 16)
2564                                        | ((SAMBA_VERSION_RELEASE & 0xff) << 8);
2565 #ifdef SAMBA_VERSION_REVISION
2566         extended_info->samba_version |= (tolower(*SAMBA_VERSION_REVISION) - 'a' + 1) & 0xff;
2567 #endif
2568         extended_info->samba_subversion = 0;
2569 #ifdef SAMBA_VERSION_RC_RELEASE
2570         extended_info->samba_subversion |= (SAMBA_VERSION_RC_RELEASE & 0xff) << 24;
2571 #else
2572 #ifdef SAMBA_VERSION_PRE_RELEASE
2573         extended_info->samba_subversion |= (SAMBA_VERSION_PRE_RELEASE & 0xff) << 16;
2574 #endif
2575 #endif
2576 #ifdef SAMBA_VERSION_VENDOR_PATCH
2577         extended_info->samba_subversion |= (SAMBA_VERSION_VENDOR_PATCH & 0xffff);
2578 #endif
2579         extended_info->samba_gitcommitdate = 0;
2580 #ifdef SAMBA_VERSION_GIT_COMMIT_TIME
2581         unix_to_nt_time(&extended_info->samba_gitcommitdate, SAMBA_VERSION_GIT_COMMIT_TIME);
2582 #endif
2583
2584         memset(extended_info->samba_version_string, 0,
2585                sizeof(extended_info->samba_version_string));
2586
2587         snprintf (extended_info->samba_version_string,
2588                   sizeof(extended_info->samba_version_string),
2589                   "%s", samba_version_string());
2590 }
2591
2592 /****************************************************************************
2593  Reply to a TRANS2_QFSINFO (query filesystem info).
2594 ****************************************************************************/
2595
2596 static void call_trans2qfsinfo(connection_struct *conn,
2597                                struct smb_request *req,
2598                                char **pparams, int total_params,
2599                                char **ppdata, int total_data,
2600                                unsigned int max_data_bytes)
2601 {
2602         char *pdata, *end_data;
2603         char *params = *pparams;
2604         uint16 info_level;
2605         int data_len, len;
2606         SMB_STRUCT_STAT st;
2607         const char *vname = volume_label(SNUM(conn));
2608         int snum = SNUM(conn);
2609         char *fstype = lp_fstype(SNUM(conn));
2610         uint32 additional_flags = 0;
2611
2612         if (total_params < 2) {
2613                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2614                 return;
2615         }
2616
2617         info_level = SVAL(params,0);
2618
2619         if (IS_IPC(conn)) {
2620                 if (info_level != SMB_QUERY_CIFS_UNIX_INFO) {
2621                         DEBUG(0,("call_trans2qfsinfo: not an allowed "
2622                                 "info level (0x%x) on IPC$.\n",
2623                                 (unsigned int)info_level));
2624                         reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2625                         return;
2626                 }
2627         }
2628
2629         if (ENCRYPTION_REQUIRED(conn) && !req->encrypted) {
2630                 if (info_level != SMB_QUERY_CIFS_UNIX_INFO) {
2631                         DEBUG(0,("call_trans2qfsinfo: encryption required "
2632                                 "and info level 0x%x sent.\n",
2633                                 (unsigned int)info_level));
2634                         exit_server_cleanly("encryption required "
2635                                 "on connection");
2636                         return;
2637                 }
2638         }
2639
2640         DEBUG(3,("call_trans2qfsinfo: level = %d\n", info_level));
2641
2642         if(vfs_stat_smb_fname(conn,".",&st)!=0) {
2643                 DEBUG(2,("call_trans2qfsinfo: stat of . failed (%s)\n", strerror(errno)));
2644                 reply_doserror(req, ERRSRV, ERRinvdevice);
2645                 return;
2646         }
2647
2648         *ppdata = (char *)SMB_REALLOC(
2649                 *ppdata, max_data_bytes + DIR_ENTRY_SAFETY_MARGIN);
2650         if (*ppdata == NULL ) {
2651                 reply_nterror(req, NT_STATUS_NO_MEMORY);
2652                 return;
2653         }
2654
2655         pdata = *ppdata;
2656         memset((char *)pdata,'\0',max_data_bytes + DIR_ENTRY_SAFETY_MARGIN);
2657         end_data = pdata + max_data_bytes + DIR_ENTRY_SAFETY_MARGIN - 1;
2658
2659         switch (info_level) {
2660                 case SMB_INFO_ALLOCATION:
2661                 {
2662                         uint64_t dfree,dsize,bsize,block_size,sectors_per_unit,bytes_per_sector;
2663                         data_len = 18;
2664                         if (get_dfree_info(conn,".",False,&bsize,&dfree,&dsize) == (uint64_t)-1) {
2665                                 reply_unixerror(req, ERRHRD, ERRgeneral);
2666                                 return;
2667                         }
2668
2669                         block_size = lp_block_size(snum);
2670                         if (bsize < block_size) {
2671                                 uint64_t factor = block_size/bsize;
2672                                 bsize = block_size;
2673                                 dsize /= factor;
2674                                 dfree /= factor;
2675                         }
2676                         if (bsize > block_size) {
2677                                 uint64_t factor = bsize/block_size;
2678                                 bsize = block_size;
2679                                 dsize *= factor;
2680                                 dfree *= factor;
2681                         }
2682                         bytes_per_sector = 512;
2683                         sectors_per_unit = bsize/bytes_per_sector;
2684
2685                         DEBUG(5,("call_trans2qfsinfo : SMB_INFO_ALLOCATION id=%x, bsize=%u, cSectorUnit=%u, \
2686 cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)st.st_ex_dev, (unsigned int)bsize, (unsigned int)sectors_per_unit,
2687                                 (unsigned int)bytes_per_sector, (unsigned int)dsize, (unsigned int)dfree));
2688
2689                         SIVAL(pdata,l1_idFileSystem,st.st_ex_dev);
2690                         SIVAL(pdata,l1_cSectorUnit,sectors_per_unit);
2691                         SIVAL(pdata,l1_cUnit,dsize);
2692                         SIVAL(pdata,l1_cUnitAvail,dfree);
2693                         SSVAL(pdata,l1_cbSector,bytes_per_sector);
2694                         break;
2695                 }
2696
2697                 case SMB_INFO_VOLUME:
2698                         /* Return volume name */
2699                         /* 
2700                          * Add volume serial number - hash of a combination of
2701                          * the called hostname and the service name.
2702                          */
2703                         SIVAL(pdata,0,str_checksum(lp_servicename(snum)) ^ (str_checksum(get_local_machine_name())<<16) );
2704                         /*
2705                          * Win2k3 and previous mess this up by sending a name length
2706                          * one byte short. I believe only older clients (OS/2 Win9x) use
2707                          * this call so try fixing this by adding a terminating null to
2708                          * the pushed string. The change here was adding the STR_TERMINATE. JRA.
2709                          */
2710                         len = srvstr_push(
2711                                 pdata, req->flags2,
2712                                 pdata+l2_vol_szVolLabel, vname,
2713                                 PTR_DIFF(end_data, pdata+l2_vol_szVolLabel),
2714                                 STR_NOALIGN|STR_TERMINATE);
2715                         SCVAL(pdata,l2_vol_cch,len);
2716                         data_len = l2_vol_szVolLabel + len;
2717                         DEBUG(5,("call_trans2qfsinfo : time = %x, namelen = %d, name = %s\n",
2718                                  (unsigned)convert_timespec_to_time_t(st.st_ex_ctime),
2719                                  len, vname));
2720                         break;
2721
2722                 case SMB_QUERY_FS_ATTRIBUTE_INFO:
2723                 case SMB_FS_ATTRIBUTE_INFORMATION:
2724
2725                         additional_flags = 0;
2726 #if defined(HAVE_SYS_QUOTAS)
2727                         additional_flags |= FILE_VOLUME_QUOTAS;
2728 #endif
2729
2730                         if(lp_nt_acl_support(SNUM(conn))) {
2731                                 additional_flags |= FILE_PERSISTENT_ACLS;
2732                         }
2733
2734                         /* Capabilities are filled in at connection time through STATVFS call */
2735                         additional_flags |= conn->fs_capabilities;
2736
2737                         SIVAL(pdata,0,FILE_CASE_PRESERVED_NAMES|FILE_CASE_SENSITIVE_SEARCH|
2738                                 FILE_SUPPORTS_OBJECT_IDS|FILE_UNICODE_ON_DISK|
2739                                 additional_flags); /* FS ATTRIBUTES */
2740
2741                         SIVAL(pdata,4,255); /* Max filename component length */
2742                         /* NOTE! the fstype must *not* be null terminated or win98 won't recognise it
2743                                 and will think we can't do long filenames */
2744                         len = srvstr_push(pdata, req->flags2, pdata+12, fstype,
2745                                           PTR_DIFF(end_data, pdata+12),
2746                                           STR_UNICODE);
2747                         SIVAL(pdata,8,len);
2748                         data_len = 12 + len;
2749                         break;
2750
2751                 case SMB_QUERY_FS_LABEL_INFO:
2752                 case SMB_FS_LABEL_INFORMATION:
2753                         len = srvstr_push(pdata, req->flags2, pdata+4, vname,
2754                                           PTR_DIFF(end_data, pdata+4), 0);
2755                         data_len = 4 + len;
2756                         SIVAL(pdata,0,len);
2757                         break;
2758
2759                 case SMB_QUERY_FS_VOLUME_INFO:      
2760                 case SMB_FS_VOLUME_INFORMATION:
2761
2762                         /* 
2763                          * Add volume serial number - hash of a combination of
2764                          * the called hostname and the service name.
2765                          */
2766                         SIVAL(pdata,8,str_checksum(lp_servicename(snum)) ^ 
2767                                 (str_checksum(get_local_machine_name())<<16));
2768
2769                         /* Max label len is 32 characters. */
2770                         len = srvstr_push(pdata, req->flags2, pdata+18, vname,
2771                                           PTR_DIFF(end_data, pdata+18),
2772                                           STR_UNICODE);
2773                         SIVAL(pdata,12,len);
2774                         data_len = 18+len;
2775
2776                         DEBUG(5,("call_trans2qfsinfo : SMB_QUERY_FS_VOLUME_INFO namelen = %d, vol=%s serv=%s\n", 
2777                                 (int)strlen(vname),vname, lp_servicename(snum)));
2778                         break;
2779
2780                 case SMB_QUERY_FS_SIZE_INFO:
2781                 case SMB_FS_SIZE_INFORMATION:
2782                 {
2783                         uint64_t dfree,dsize,bsize,block_size,sectors_per_unit,bytes_per_sector;
2784                         data_len = 24;
2785                         if (get_dfree_info(conn,".",False,&bsize,&dfree,&dsize) == (uint64_t)-1) {
2786                                 reply_unixerror(req, ERRHRD, ERRgeneral);
2787                                 return;
2788                         }
2789                         block_size = lp_block_size(snum);
2790                         if (bsize < block_size) {
2791                                 uint64_t factor = block_size/bsize;
2792                                 bsize = block_size;
2793                                 dsize /= factor;
2794                                 dfree /= factor;
2795                         }
2796                         if (bsize > block_size) {
2797                                 uint64_t factor = bsize/block_size;
2798                                 bsize = block_size;
2799                                 dsize *= factor;
2800                                 dfree *= factor;
2801                         }
2802                         bytes_per_sector = 512;
2803                         sectors_per_unit = bsize/bytes_per_sector;
2804                         DEBUG(5,("call_trans2qfsinfo : SMB_QUERY_FS_SIZE_INFO bsize=%u, cSectorUnit=%u, \
2805 cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned int)sectors_per_unit,
2806                                 (unsigned int)bytes_per_sector, (unsigned int)dsize, (unsigned int)dfree));
2807                         SBIG_UINT(pdata,0,dsize);
2808                         SBIG_UINT(pdata,8,dfree);
2809                         SIVAL(pdata,16,sectors_per_unit);
2810                         SIVAL(pdata,20,bytes_per_sector);
2811                         break;
2812                 }
2813
2814                 case SMB_FS_FULL_SIZE_INFORMATION:
2815                 {
2816                         uint64_t dfree,dsize,bsize,block_size,sectors_per_unit,bytes_per_sector;
2817                         data_len = 32;
2818                         if (get_dfree_info(conn,".",False,&bsize,&dfree,&dsize) == (uint64_t)-1) {
2819                                 reply_unixerror(req, ERRHRD, ERRgeneral);
2820                                 return;
2821                         }
2822                         block_size = lp_block_size(snum);
2823                         if (bsize < block_size) {
2824                                 uint64_t factor = block_size/bsize;
2825                                 bsize = block_size;
2826                                 dsize /= factor;
2827                                 dfree /= factor;
2828                         }
2829                         if (bsize > block_size) {
2830                                 uint64_t factor = bsize/block_size;
2831                                 bsize = block_size;
2832                                 dsize *= factor;
2833                                 dfree *= factor;
2834                         }
2835                         bytes_per_sector = 512;
2836                         sectors_per_unit = bsize/bytes_per_sector;
2837                         DEBUG(5,("call_trans2qfsinfo : SMB_QUERY_FS_FULL_SIZE_INFO bsize=%u, cSectorUnit=%u, \
2838 cBytesSector=%u, cUnitTotal=%u, cUnitAvail=%d\n", (unsigned int)bsize, (unsigned int)sectors_per_unit,
2839                                 (unsigned int)bytes_per_sector, (unsigned int)dsize, (unsigned int)dfree));
2840                         SBIG_UINT(pdata,0,dsize); /* Total Allocation units. */
2841                         SBIG_UINT(pdata,8,dfree); /* Caller available allocation units. */
2842                         SBIG_UINT(pdata,16,dfree); /* Actual available allocation units. */
2843                         SIVAL(pdata,24,sectors_per_unit); /* Sectors per allocation unit. */
2844                         SIVAL(pdata,28,bytes_per_sector); /* Bytes per sector. */
2845                         break;
2846                 }
2847
2848                 case SMB_QUERY_FS_DEVICE_INFO:
2849                 case SMB_FS_DEVICE_INFORMATION:
2850                         data_len = 8;
2851                         SIVAL(pdata,0,0); /* dev type */
2852                         SIVAL(pdata,4,0); /* characteristics */
2853                         break;
2854
2855 #ifdef HAVE_SYS_QUOTAS
2856                 case SMB_FS_QUOTA_INFORMATION:
2857                 /* 
2858                  * what we have to send --metze:
2859                  *
2860                  * Unknown1:            24 NULL bytes
2861                  * Soft Quota Treshold: 8 bytes seems like uint64_t or so
2862                  * Hard Quota Limit:    8 bytes seems like uint64_t or so
2863                  * Quota Flags:         2 byte :
2864                  * Unknown3:            6 NULL bytes
2865                  *
2866                  * 48 bytes total
2867                  * 
2868                  * details for Quota Flags:
2869                  * 
2870                  * 0x0020 Log Limit: log if the user exceeds his Hard Quota
2871                  * 0x0010 Log Warn:  log if the user exceeds his Soft Quota
2872                  * 0x0002 Deny Disk: deny disk access when the user exceeds his Hard Quota
2873                  * 0x0001 Enable Quotas: enable quota for this fs
2874                  *
2875                  */
2876                 {
2877                         /* we need to fake up a fsp here,
2878                          * because its not send in this call
2879                          */
2880                         files_struct fsp;
2881                         SMB_NTQUOTA_STRUCT quotas;
2882
2883                         ZERO_STRUCT(fsp);
2884                         ZERO_STRUCT(quotas);
2885
2886                         fsp.conn = conn;
2887                         fsp.fnum = -1;
2888
2889                         /* access check */
2890                         if (conn->server_info->utok.uid != 0) {
2891                                 DEBUG(0,("set_user_quota: access_denied "
2892                                          "service [%s] user [%s]\n",
2893                                          lp_servicename(SNUM(conn)),
2894                                          conn->server_info->unix_name));
2895                                 reply_doserror(req, ERRDOS, ERRnoaccess);
2896                                 return;
2897                         }
2898
2899                         if (vfs_get_ntquota(&fsp, SMB_USER_FS_QUOTA_TYPE, NULL, &quotas)!=0) {
2900                                 DEBUG(0,("vfs_get_ntquota() failed for service [%s]\n",lp_servicename(SNUM(conn))));
2901                                 reply_doserror(req, ERRSRV, ERRerror);
2902                                 return;
2903                         }
2904
2905                         data_len = 48;
2906
2907                         DEBUG(10,("SMB_FS_QUOTA_INFORMATION: for service [%s]\n",lp_servicename(SNUM(conn))));          
2908
2909                         /* Unknown1 24 NULL bytes*/
2910                         SBIG_UINT(pdata,0,(uint64_t)0);
2911                         SBIG_UINT(pdata,8,(uint64_t)0);
2912                         SBIG_UINT(pdata,16,(uint64_t)0);
2913
2914                         /* Default Soft Quota 8 bytes */
2915                         SBIG_UINT(pdata,24,quotas.softlim);
2916
2917                         /* Default Hard Quota 8 bytes */
2918                         SBIG_UINT(pdata,32,quotas.hardlim);
2919
2920                         /* Quota flag 2 bytes */
2921                         SSVAL(pdata,40,quotas.qflags);
2922
2923                         /* Unknown3 6 NULL bytes */
2924                         SSVAL(pdata,42,0);
2925                         SIVAL(pdata,44,0);
2926
2927                         break;
2928                 }
2929 #endif /* HAVE_SYS_QUOTAS */
2930                 case SMB_FS_OBJECTID_INFORMATION:
2931                 {
2932                         unsigned char objid[16];
2933                         struct smb_extended_info extended_info;
2934                         memcpy(pdata,create_volume_objectid(conn, objid),16);
2935                         samba_extended_info_version (&extended_info);
2936                         SIVAL(pdata,16,extended_info.samba_magic);
2937                         SIVAL(pdata,20,extended_info.samba_version);
2938                         SIVAL(pdata,24,extended_info.samba_subversion);
2939                         SBIG_UINT(pdata,28,extended_info.samba_gitcommitdate);
2940                         memcpy(pdata+36,extended_info.samba_version_string,28);
2941                         data_len = 64;
2942                         break;
2943                 }
2944
2945                 /*
2946                  * Query the version and capabilities of the CIFS UNIX extensions
2947                  * in use.
2948                  */
2949
2950                 case SMB_QUERY_CIFS_UNIX_INFO:
2951                 {
2952                         bool large_write = lp_min_receive_file_size() &&
2953                                         !srv_is_signing_active(smbd_server_conn);
2954                         bool large_read = !srv_is_signing_active(smbd_server_conn);
2955                         int encrypt_caps = 0;
2956
2957                         if (!lp_unix_extensions()) {
2958                                 reply_nterror(req, NT_STATUS_INVALID_LEVEL);
2959                                 return;
2960                         }
2961
2962                         switch (conn->encrypt_level) {
2963                         case 0:
2964                                 encrypt_caps = 0;
2965                                 break;
2966                         case 1:
2967                         case Auto:
2968                                 encrypt_caps = CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP;
2969                                 break;
2970                         case Required:
2971                                 encrypt_caps = CIFS_UNIX_TRANSPORT_ENCRYPTION_CAP|
2972                                                 CIFS_UNIX_TRANSPORT_ENCRYPTION_MANDATORY_CAP;
2973                                 large_write = false;
2974                                 large_read = false;
2975                                 break;
2976                         }
2977
2978                         data_len = 12;
2979                         SSVAL(pdata,0,CIFS_UNIX_MAJOR_VERSION);
2980                         SSVAL(pdata,2,CIFS_UNIX_MINOR_VERSION);
2981
2982                         /* We have POSIX ACLs, pathname, encryption, 
2983                          * large read/write, and locking capability. */
2984
2985                         SBIG_UINT(pdata,4,((uint64_t)(
2986                                         CIFS_UNIX_POSIX_ACLS_CAP|
2987                                         CIFS_UNIX_POSIX_PATHNAMES_CAP|
2988                                         CIFS_UNIX_FCNTL_LOCKS_CAP|
2989                                         CIFS_UNIX_EXTATTR_CAP|
2990                                         CIFS_UNIX_POSIX_PATH_OPERATIONS_CAP|
2991                                         encrypt_caps|
2992                                         (large_read ? CIFS_UNIX_LARGE_READ_CAP : 0) |
2993                                         (large_write ?
2994                                         CIFS_UNIX_LARGE_WRITE_CAP : 0))));
2995                         break;
2996                 }
2997