2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
32 unsigned int smb_echo_count = 0;
33 extern uint32 global_client_caps;
35 extern bool global_encrypted_passwords_negotiated;
37 /****************************************************************************
38 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
39 path or anything including wildcards.
40 We're assuming here that '/' is not the second byte in any multibyte char
41 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
43 ****************************************************************************/
45 /* Custom version for processing POSIX paths. */
46 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
48 static NTSTATUS check_path_syntax_internal(char *path,
50 bool *p_last_component_contains_wcard)
54 NTSTATUS ret = NT_STATUS_OK;
55 bool start_of_name_component = True;
57 *p_last_component_contains_wcard = False;
60 if (IS_PATH_SEP(*s,posix_path)) {
62 * Safe to assume is not the second part of a mb char
63 * as this is handled below.
65 /* Eat multiple '/' or '\\' */
66 while (IS_PATH_SEP(*s,posix_path)) {
69 if ((d != path) && (*s != '\0')) {
70 /* We only care about non-leading or trailing '/' or '\\' */
74 start_of_name_component = True;
76 *p_last_component_contains_wcard = False;
80 if (start_of_name_component) {
81 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
82 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
85 * No mb char starts with '.' so we're safe checking the directory separator here.
88 /* If we just added a '/' - delete it */
89 if ((d > path) && (*(d-1) == '/')) {
94 /* Are we at the start ? Can't go back further if so. */
96 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
99 /* Go back one level... */
100 /* We know this is safe as '/' cannot be part of a mb sequence. */
101 /* NOTE - if this assumption is invalid we are not in good shape... */
102 /* Decrement d first as d points to the *next* char to write into. */
103 for (d--; d > path; d--) {
107 s += 2; /* Else go past the .. */
108 /* We're still at the start of a name component, just the previous one. */
111 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
124 return NT_STATUS_OBJECT_NAME_INVALID;
132 *p_last_component_contains_wcard = True;
141 /* Get the size of the next MB character. */
142 next_codepoint(s,&siz);
160 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
162 return NT_STATUS_INVALID_PARAMETER;
165 start_of_name_component = False;
173 /****************************************************************************
174 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
175 No wildcards allowed.
176 ****************************************************************************/
178 NTSTATUS check_path_syntax(char *path)
181 return check_path_syntax_internal(path, False, &ignore);
184 /****************************************************************************
185 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
186 Wildcards allowed - p_contains_wcard returns true if the last component contained
188 ****************************************************************************/
190 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
192 return check_path_syntax_internal(path, False, p_contains_wcard);
195 /****************************************************************************
196 Check the path for a POSIX client.
197 We're assuming here that '/' is not the second byte in any multibyte char
198 set (a safe assumption).
199 ****************************************************************************/
201 NTSTATUS check_path_syntax_posix(char *path)
204 return check_path_syntax_internal(path, True, &ignore);
207 /****************************************************************************
208 Pull a string and check the path allowing a wilcard - provide for error return.
209 ****************************************************************************/
211 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
219 bool *contains_wcard)
226 ret = srvstr_pull_buf_talloc(ctx,
233 ret = srvstr_pull_talloc(ctx,
243 *err = NT_STATUS_INVALID_PARAMETER;
247 *contains_wcard = False;
249 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
251 * For a DFS path the function parse_dfs_path()
252 * will do the path processing, just make a copy.
258 if (lp_posix_pathnames()) {
259 *err = check_path_syntax_posix(*pp_dest);
261 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
267 /****************************************************************************
268 Pull a string and check the path - provide for error return.
269 ****************************************************************************/
271 size_t srvstr_get_path(TALLOC_CTX *ctx,
285 ret = srvstr_pull_buf_talloc(ctx,
292 ret = srvstr_pull_talloc(ctx,
302 *err = NT_STATUS_INVALID_PARAMETER;
306 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
308 * For a DFS path the function parse_dfs_path()
309 * will do the path processing, just make a copy.
315 if (lp_posix_pathnames()) {
316 *err = check_path_syntax_posix(*pp_dest);
318 *err = check_path_syntax(*pp_dest);
324 /****************************************************************************
325 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
326 ****************************************************************************/
328 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
331 if (!(fsp) || !(conn)) {
332 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
335 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
336 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
342 /****************************************************************************
343 Check if we have a correct fsp pointing to a file. Replacement for the
345 ****************************************************************************/
347 bool check_fsp(connection_struct *conn, struct smb_request *req,
350 if (!check_fsp_open(conn, req, fsp)) {
353 if ((fsp)->is_directory) {
354 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
357 if ((fsp)->fh->fd == -1) {
358 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
361 (fsp)->num_smb_operations++;
365 /****************************************************************************
366 Check if we have a correct fsp pointing to a quota fake file. Replacement for
367 the CHECK_NTQUOTA_HANDLE_OK macro.
368 ****************************************************************************/
370 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
373 if (!check_fsp_open(conn, req, fsp)) {
377 if (fsp->is_directory) {
381 if (fsp->fake_file_handle == NULL) {
385 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
389 if (fsp->fake_file_handle->private_data == NULL) {
396 /****************************************************************************
397 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
398 ****************************************************************************/
400 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
403 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
404 && (req->vuid == (fsp)->vuid)) {
408 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
412 /****************************************************************************
413 Reply to a (netbios-level) special message.
414 ****************************************************************************/
416 void reply_special(char *inbuf)
418 int msg_type = CVAL(inbuf,0);
419 int msg_flags = CVAL(inbuf,1);
424 * We only really use 4 bytes of the outbuf, but for the smb_setlen
425 * calculation & friends (srv_send_smb uses that) we need the full smb
428 char outbuf[smb_size];
430 static bool already_got_session = False;
434 memset(outbuf, '\0', sizeof(outbuf));
436 smb_setlen(outbuf,0);
439 case 0x81: /* session request */
441 if (already_got_session) {
442 exit_server_cleanly("multiple session request not permitted");
445 SCVAL(outbuf,0,0x82);
447 if (name_len(inbuf+4) > 50 ||
448 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
449 DEBUG(0,("Invalid name length in session request\n"));
452 name_extract(inbuf,4,name1);
453 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
454 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
457 set_local_machine_name(name1, True);
458 set_remote_machine_name(name2, True);
460 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
461 get_local_machine_name(), get_remote_machine_name(),
464 if (name_type == 'R') {
465 /* We are being asked for a pathworks session ---
467 SCVAL(outbuf, 0,0x83);
471 /* only add the client's machine name to the list
472 of possibly valid usernames if we are operating
473 in share mode security */
474 if (lp_security() == SEC_SHARE) {
475 add_session_user(get_remote_machine_name());
478 reload_services(True);
481 already_got_session = True;
484 case 0x89: /* session keepalive request
485 (some old clients produce this?) */
486 SCVAL(outbuf,0,SMBkeepalive);
490 case 0x82: /* positive session response */
491 case 0x83: /* negative session response */
492 case 0x84: /* retarget session response */
493 DEBUG(0,("Unexpected session response\n"));
496 case SMBkeepalive: /* session keepalive */
501 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
502 msg_type, msg_flags));
504 srv_send_smb(smbd_server_fd(), outbuf, false);
508 /****************************************************************************
510 conn POINTER CAN BE NULL HERE !
511 ****************************************************************************/
513 void reply_tcon(struct smb_request *req)
515 connection_struct *conn = req->conn;
517 char *service_buf = NULL;
518 char *password = NULL;
523 DATA_BLOB password_blob;
524 TALLOC_CTX *ctx = talloc_tos();
526 START_PROFILE(SMBtcon);
528 if (smb_buflen(req->inbuf) < 4) {
529 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
530 END_PROFILE(SMBtcon);
534 p = smb_buf(req->inbuf)+1;
535 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2,
536 &service_buf, p, STR_TERMINATE) + 1;
537 pwlen = srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2,
538 &password, p, STR_TERMINATE) + 1;
540 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2,
541 &dev, p, STR_TERMINATE) + 1;
543 if (service_buf == NULL || password == NULL || dev == NULL) {
544 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
545 END_PROFILE(SMBtcon);
548 p = strrchr_m(service_buf,'\\');
552 service = service_buf;
555 password_blob = data_blob(password, pwlen+1);
557 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
560 data_blob_clear_free(&password_blob);
563 reply_nterror(req, nt_status);
564 END_PROFILE(SMBtcon);
568 reply_outbuf(req, 2, 0);
569 SSVAL(req->outbuf,smb_vwv0,max_recv);
570 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
571 SSVAL(req->outbuf,smb_tid,conn->cnum);
573 DEBUG(3,("tcon service=%s cnum=%d\n",
574 service, conn->cnum));
576 END_PROFILE(SMBtcon);
580 /****************************************************************************
581 Reply to a tcon and X.
582 conn POINTER CAN BE NULL HERE !
583 ****************************************************************************/
585 void reply_tcon_and_X(struct smb_request *req)
587 connection_struct *conn = req->conn;
588 char *service = NULL;
590 TALLOC_CTX *ctx = talloc_tos();
591 /* what the cleint thinks the device is */
592 char *client_devicetype = NULL;
593 /* what the server tells the client the share represents */
594 const char *server_devicetype;
601 START_PROFILE(SMBtconX);
604 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
605 END_PROFILE(SMBtconX);
609 passlen = SVAL(req->inbuf,smb_vwv3);
610 tcon_flags = SVAL(req->inbuf,smb_vwv2);
612 /* we might have to close an old one */
613 if ((tcon_flags & 0x1) && conn) {
614 close_cnum(conn,req->vuid);
619 if ((passlen > MAX_PASS_LEN) || (passlen >= smb_buflen(req->inbuf))) {
620 reply_doserror(req, ERRDOS, ERRbuftoosmall);
621 END_PROFILE(SMBtconX);
625 if (global_encrypted_passwords_negotiated) {
626 password = data_blob_talloc(talloc_tos(), smb_buf(req->inbuf),
628 if (lp_security() == SEC_SHARE) {
630 * Security = share always has a pad byte
631 * after the password.
633 p = smb_buf(req->inbuf) + passlen + 1;
635 p = smb_buf(req->inbuf) + passlen;
638 password = data_blob_talloc(talloc_tos(), smb_buf(req->inbuf),
640 /* Ensure correct termination */
641 password.data[passlen]=0;
642 p = smb_buf(req->inbuf) + passlen + 1;
645 p += srvstr_pull_buf_talloc(ctx, req->inbuf, req->flags2, &path, p,
649 data_blob_clear_free(&password);
650 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
651 END_PROFILE(SMBtconX);
656 * the service name can be either: \\server\share
657 * or share directly like on the DELL PowerVault 705
660 q = strchr_m(path+2,'\\');
662 data_blob_clear_free(&password);
663 reply_doserror(req, ERRDOS, ERRnosuchshare);
664 END_PROFILE(SMBtconX);
672 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
673 &client_devicetype, p,
674 MIN(6,smb_bufrem(req->inbuf, p)), STR_ASCII);
676 if (client_devicetype == NULL) {
677 data_blob_clear_free(&password);
678 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
679 END_PROFILE(SMBtconX);
683 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
685 conn = make_connection(service, password, client_devicetype,
686 req->vuid, &nt_status);
689 data_blob_clear_free(&password);
692 reply_nterror(req, nt_status);
693 END_PROFILE(SMBtconX);
698 server_devicetype = "IPC";
699 else if ( IS_PRINT(conn) )
700 server_devicetype = "LPT1:";
702 server_devicetype = "A:";
704 if (Protocol < PROTOCOL_NT1) {
705 reply_outbuf(req, 2, 0);
706 if (message_push_string(&req->outbuf, server_devicetype,
707 STR_TERMINATE|STR_ASCII) == -1) {
708 reply_nterror(req, NT_STATUS_NO_MEMORY);
709 END_PROFILE(SMBtconX);
713 /* NT sets the fstype of IPC$ to the null string */
714 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
716 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
717 /* Return permissions. */
721 reply_outbuf(req, 7, 0);
724 perm1 = FILE_ALL_ACCESS;
725 perm2 = FILE_ALL_ACCESS;
727 perm1 = CAN_WRITE(conn) ?
732 SIVAL(req->outbuf, smb_vwv3, perm1);
733 SIVAL(req->outbuf, smb_vwv5, perm2);
735 reply_outbuf(req, 3, 0);
738 if ((message_push_string(&req->outbuf, server_devicetype,
739 STR_TERMINATE|STR_ASCII) == -1)
740 || (message_push_string(&req->outbuf, fstype,
741 STR_TERMINATE) == -1)) {
742 reply_nterror(req, NT_STATUS_NO_MEMORY);
743 END_PROFILE(SMBtconX);
747 /* what does setting this bit do? It is set by NT4 and
748 may affect the ability to autorun mounted cdroms */
749 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
750 (lp_csc_policy(SNUM(conn)) << 2));
752 init_dfsroot(conn, req->inbuf, req->outbuf);
756 DEBUG(3,("tconX service=%s \n",
759 /* set the incoming and outgoing tid to the just created one */
760 SSVAL(req->inbuf,smb_tid,conn->cnum);
761 SSVAL(req->outbuf,smb_tid,conn->cnum);
763 END_PROFILE(SMBtconX);
769 /****************************************************************************
770 Reply to an unknown type.
771 ****************************************************************************/
773 void reply_unknown_new(struct smb_request *req, uint8 type)
775 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
776 smb_fn_name(type), type, type));
777 reply_doserror(req, ERRSRV, ERRunknownsmb);
781 /****************************************************************************
783 conn POINTER CAN BE NULL HERE !
784 ****************************************************************************/
786 void reply_ioctl(struct smb_request *req)
788 connection_struct *conn = req->conn;
795 START_PROFILE(SMBioctl);
798 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
799 END_PROFILE(SMBioctl);
803 device = SVAL(req->inbuf,smb_vwv1);
804 function = SVAL(req->inbuf,smb_vwv2);
805 ioctl_code = (device << 16) + function;
807 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
809 switch (ioctl_code) {
810 case IOCTL_QUERY_JOB_INFO:
814 reply_doserror(req, ERRSRV, ERRnosupport);
815 END_PROFILE(SMBioctl);
819 reply_outbuf(req, 8, replysize+1);
820 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
821 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
822 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
823 p = smb_buf(req->outbuf);
824 memset(p, '\0', replysize+1); /* valgrind-safe. */
825 p += 1; /* Allow for alignment */
827 switch (ioctl_code) {
828 case IOCTL_QUERY_JOB_INFO:
830 files_struct *fsp = file_fsp(SVAL(req->inbuf,
833 reply_doserror(req, ERRDOS, ERRbadfid);
834 END_PROFILE(SMBioctl);
837 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
838 srvstr_push((char *)req->outbuf, req->flags2, p+2,
840 STR_TERMINATE|STR_ASCII);
842 srvstr_push((char *)req->outbuf, req->flags2,
843 p+18, lp_servicename(SNUM(conn)),
844 13, STR_TERMINATE|STR_ASCII);
852 END_PROFILE(SMBioctl);
856 /****************************************************************************
857 Strange checkpath NTSTATUS mapping.
858 ****************************************************************************/
860 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
862 /* Strange DOS error code semantics only for checkpath... */
863 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
864 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
865 /* We need to map to ERRbadpath */
866 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
872 /****************************************************************************
873 Reply to a checkpath.
874 ****************************************************************************/
876 void reply_checkpath(struct smb_request *req)
878 connection_struct *conn = req->conn;
880 SMB_STRUCT_STAT sbuf;
882 TALLOC_CTX *ctx = talloc_tos();
884 START_PROFILE(SMBcheckpath);
886 srvstr_get_path(ctx,(char *)req->inbuf, req->flags2, &name,
887 smb_buf(req->inbuf) + 1, 0,
888 STR_TERMINATE, &status);
889 if (!NT_STATUS_IS_OK(status)) {
890 status = map_checkpath_error((char *)req->inbuf, status);
891 reply_nterror(req, status);
892 END_PROFILE(SMBcheckpath);
896 status = resolve_dfspath(ctx, conn,
897 req->flags2 & FLAGS2_DFS_PATHNAMES,
900 if (!NT_STATUS_IS_OK(status)) {
901 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
902 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
904 END_PROFILE(SMBcheckpath);
910 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->inbuf,smb_vwv0)));
912 status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
913 if (!NT_STATUS_IS_OK(status)) {
917 status = check_name(conn, name);
918 if (!NT_STATUS_IS_OK(status)) {
919 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
923 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
924 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
925 status = map_nt_error_from_unix(errno);
929 if (!S_ISDIR(sbuf.st_mode)) {
930 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
932 END_PROFILE(SMBcheckpath);
936 reply_outbuf(req, 0, 0);
938 END_PROFILE(SMBcheckpath);
943 END_PROFILE(SMBcheckpath);
945 /* We special case this - as when a Windows machine
946 is parsing a path is steps through the components
947 one at a time - if a component fails it expects
948 ERRbadpath, not ERRbadfile.
950 status = map_checkpath_error((char *)req->inbuf, status);
951 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
953 * Windows returns different error codes if
954 * the parent directory is valid but not the
955 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
956 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
957 * if the path is invalid.
959 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
964 reply_nterror(req, status);
967 /****************************************************************************
969 ****************************************************************************/
971 void reply_getatr(struct smb_request *req)
973 connection_struct *conn = req->conn;
975 SMB_STRUCT_STAT sbuf;
981 TALLOC_CTX *ctx = talloc_tos();
983 START_PROFILE(SMBgetatr);
985 p = smb_buf(req->inbuf) + 1;
986 p += srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, p,
987 0, STR_TERMINATE, &status);
988 if (!NT_STATUS_IS_OK(status)) {
989 reply_nterror(req, status);
990 END_PROFILE(SMBgetatr);
994 status = resolve_dfspath(ctx, conn,
995 req->flags2 & FLAGS2_DFS_PATHNAMES,
998 if (!NT_STATUS_IS_OK(status)) {
999 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1000 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1001 ERRSRV, ERRbadpath);
1002 END_PROFILE(SMBgetatr);
1005 reply_nterror(req, status);
1006 END_PROFILE(SMBgetatr);
1010 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1011 under WfWg - weird! */
1012 if (*fname == '\0') {
1013 mode = aHIDDEN | aDIR;
1014 if (!CAN_WRITE(conn)) {
1020 status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
1021 if (!NT_STATUS_IS_OK(status)) {
1022 reply_nterror(req, status);
1023 END_PROFILE(SMBgetatr);
1026 status = check_name(conn, fname);
1027 if (!NT_STATUS_IS_OK(status)) {
1028 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1029 reply_nterror(req, status);
1030 END_PROFILE(SMBgetatr);
1033 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
1034 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1035 reply_unixerror(req, ERRDOS,ERRbadfile);
1036 END_PROFILE(SMBgetatr);
1040 mode = dos_mode(conn,fname,&sbuf);
1041 size = sbuf.st_size;
1042 mtime = sbuf.st_mtime;
1048 reply_outbuf(req, 10, 0);
1050 SSVAL(req->outbuf,smb_vwv0,mode);
1051 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1052 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1054 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1056 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1058 if (Protocol >= PROTOCOL_NT1) {
1059 SSVAL(req->outbuf, smb_flg2,
1060 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1063 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1065 END_PROFILE(SMBgetatr);
1069 /****************************************************************************
1071 ****************************************************************************/
1073 void reply_setatr(struct smb_request *req)
1075 struct timespec ts[2];
1076 connection_struct *conn = req->conn;
1080 SMB_STRUCT_STAT sbuf;
1083 TALLOC_CTX *ctx = talloc_tos();
1085 START_PROFILE(SMBsetatr);
1090 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1094 p = smb_buf(req->inbuf) + 1;
1095 p += srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname, p,
1096 0, STR_TERMINATE, &status);
1097 if (!NT_STATUS_IS_OK(status)) {
1098 reply_nterror(req, status);
1099 END_PROFILE(SMBsetatr);
1103 status = resolve_dfspath(ctx, conn,
1104 req->flags2 & FLAGS2_DFS_PATHNAMES,
1107 if (!NT_STATUS_IS_OK(status)) {
1108 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1109 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1110 ERRSRV, ERRbadpath);
1111 END_PROFILE(SMBsetatr);
1114 reply_nterror(req, status);
1115 END_PROFILE(SMBsetatr);
1119 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
1120 if (!NT_STATUS_IS_OK(status)) {
1121 reply_nterror(req, status);
1122 END_PROFILE(SMBsetatr);
1126 status = check_name(conn, fname);
1127 if (!NT_STATUS_IS_OK(status)) {
1128 reply_nterror(req, status);
1129 END_PROFILE(SMBsetatr);
1133 if (fname[0] == '.' && fname[1] == '\0') {
1135 * Not sure here is the right place to catch this
1136 * condition. Might be moved to somewhere else later -- vl
1138 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1139 END_PROFILE(SMBsetatr);
1143 mode = SVAL(req->inbuf,smb_vwv0);
1144 mtime = srv_make_unix_date3(req->inbuf+smb_vwv1);
1146 ts[1] = convert_time_t_to_timespec(mtime);
1147 status = smb_set_file_time(conn, NULL, fname,
1149 if (!NT_STATUS_IS_OK(status)) {
1150 reply_unixerror(req, ERRDOS, ERRnoaccess);
1151 END_PROFILE(SMBsetatr);
1155 if (mode != FILE_ATTRIBUTE_NORMAL) {
1156 if (VALID_STAT_OF_DIR(sbuf))
1161 if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) {
1162 reply_unixerror(req, ERRDOS, ERRnoaccess);
1163 END_PROFILE(SMBsetatr);
1168 reply_outbuf(req, 0, 0);
1170 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1172 END_PROFILE(SMBsetatr);
1176 /****************************************************************************
1178 ****************************************************************************/
1180 void reply_dskattr(struct smb_request *req)
1182 connection_struct *conn = req->conn;
1183 SMB_BIG_UINT dfree,dsize,bsize;
1184 START_PROFILE(SMBdskattr);
1186 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1187 reply_unixerror(req, ERRHRD, ERRgeneral);
1188 END_PROFILE(SMBdskattr);
1192 reply_outbuf(req, 5, 0);
1194 if (Protocol <= PROTOCOL_LANMAN2) {
1195 double total_space, free_space;
1196 /* we need to scale this to a number that DOS6 can handle. We
1197 use floating point so we can handle large drives on systems
1198 that don't have 64 bit integers
1200 we end up displaying a maximum of 2G to DOS systems
1202 total_space = dsize * (double)bsize;
1203 free_space = dfree * (double)bsize;
1205 dsize = (SMB_BIG_UINT)((total_space+63*512) / (64*512));
1206 dfree = (SMB_BIG_UINT)((free_space+63*512) / (64*512));
1208 if (dsize > 0xFFFF) dsize = 0xFFFF;
1209 if (dfree > 0xFFFF) dfree = 0xFFFF;
1211 SSVAL(req->outbuf,smb_vwv0,dsize);
1212 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1213 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1214 SSVAL(req->outbuf,smb_vwv3,dfree);
1216 SSVAL(req->outbuf,smb_vwv0,dsize);
1217 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1218 SSVAL(req->outbuf,smb_vwv2,512);
1219 SSVAL(req->outbuf,smb_vwv3,dfree);
1222 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1224 END_PROFILE(SMBdskattr);
1228 /****************************************************************************
1230 Can be called from SMBsearch, SMBffirst or SMBfunique.
1231 ****************************************************************************/
1233 void reply_search(struct smb_request *req)
1235 connection_struct *conn = req->conn;
1237 char *directory = NULL;
1243 unsigned int numentries = 0;
1244 unsigned int maxentries = 0;
1245 bool finished = False;
1251 bool check_descend = False;
1252 bool expect_close = False;
1254 bool mask_contains_wcard = False;
1255 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1256 TALLOC_CTX *ctx = talloc_tos();
1257 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1259 START_PROFILE(SMBsearch);
1262 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1263 END_PROFILE(SMBsearch);
1267 if (lp_posix_pathnames()) {
1268 reply_unknown_new(req, CVAL(req->inbuf, smb_com));
1269 END_PROFILE(SMBsearch);
1273 /* If we were called as SMBffirst then we must expect close. */
1274 if(CVAL(req->inbuf,smb_com) == SMBffirst) {
1275 expect_close = True;
1278 reply_outbuf(req, 1, 3);
1279 maxentries = SVAL(req->inbuf,smb_vwv0);
1280 dirtype = SVAL(req->inbuf,smb_vwv1);
1281 p = smb_buf(req->inbuf) + 1;
1282 p += srvstr_get_path_wcard(ctx,
1290 &mask_contains_wcard);
1291 if (!NT_STATUS_IS_OK(nt_status)) {
1292 reply_nterror(req, nt_status);
1293 END_PROFILE(SMBsearch);
1297 nt_status = resolve_dfspath_wcard(ctx, conn,
1298 req->flags2 & FLAGS2_DFS_PATHNAMES,
1301 &mask_contains_wcard);
1302 if (!NT_STATUS_IS_OK(nt_status)) {
1303 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1304 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1305 ERRSRV, ERRbadpath);
1306 END_PROFILE(SMBsearch);
1309 reply_nterror(req, nt_status);
1310 END_PROFILE(SMBsearch);
1315 status_len = SVAL(p, 0);
1318 /* dirtype &= ~aDIR; */
1320 if (status_len == 0) {
1321 SMB_STRUCT_STAT sbuf;
1323 nt_status = unix_convert(ctx, conn, path, True,
1324 &directory, NULL, &sbuf);
1325 if (!NT_STATUS_IS_OK(nt_status)) {
1326 reply_nterror(req, nt_status);
1327 END_PROFILE(SMBsearch);
1331 nt_status = check_name(conn, directory);
1332 if (!NT_STATUS_IS_OK(nt_status)) {
1333 reply_nterror(req, nt_status);
1334 END_PROFILE(SMBsearch);
1338 p = strrchr_m(directory,'/');
1341 directory = talloc_strdup(ctx,".");
1343 reply_nterror(req, NT_STATUS_NO_MEMORY);
1344 END_PROFILE(SMBsearch);
1352 if (*directory == '\0') {
1353 directory = talloc_strdup(ctx,".");
1355 reply_nterror(req, NT_STATUS_NO_MEMORY);
1356 END_PROFILE(SMBsearch);
1360 memset((char *)status,'\0',21);
1361 SCVAL(status,0,(dirtype & 0x1F));
1363 nt_status = dptr_create(conn,
1369 mask_contains_wcard,
1372 if (!NT_STATUS_IS_OK(nt_status)) {
1373 reply_nterror(req, nt_status);
1374 END_PROFILE(SMBsearch);
1377 dptr_num = dptr_dnum(conn->dirptr);
1381 memcpy(status,p,21);
1382 status_dirtype = CVAL(status,0) & 0x1F;
1383 if (status_dirtype != (dirtype & 0x1F)) {
1384 dirtype = status_dirtype;
1387 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1388 if (!conn->dirptr) {
1391 string_set(&conn->dirpath,dptr_path(dptr_num));
1392 mask = dptr_wcard(dptr_num);
1397 * For a 'continue' search we have no string. So
1398 * check from the initial saved string.
1400 mask_contains_wcard = ms_has_wild(mask);
1401 dirtype = dptr_attr(dptr_num);
1404 DEBUG(4,("dptr_num is %d\n",dptr_num));
1406 if ((dirtype&0x1F) == aVOLID) {
1407 char buf[DIR_STRUCT_SIZE];
1408 memcpy(buf,status,21);
1409 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1410 0,aVOLID,0,!allow_long_path_components)) {
1411 reply_nterror(req, NT_STATUS_NO_MEMORY);
1412 END_PROFILE(SMBsearch);
1415 dptr_fill(buf+12,dptr_num);
1416 if (dptr_zero(buf+12) && (status_len==0)) {
1421 if (message_push_blob(&req->outbuf,
1422 data_blob_const(buf, sizeof(buf)))
1424 reply_nterror(req, NT_STATUS_NO_MEMORY);
1425 END_PROFILE(SMBsearch);
1433 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1436 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1437 conn->dirpath,lp_dontdescend(SNUM(conn))));
1438 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1439 check_descend = True;
1442 for (i=numentries;(i<maxentries) && !finished;i++) {
1443 finished = !get_dir_entry(ctx,
1454 char buf[DIR_STRUCT_SIZE];
1455 memcpy(buf,status,21);
1456 if (!make_dir_struct(ctx,
1463 !allow_long_path_components)) {
1464 reply_nterror(req, NT_STATUS_NO_MEMORY);
1465 END_PROFILE(SMBsearch);
1468 if (!dptr_fill(buf+12,dptr_num)) {
1471 if (message_push_blob(&req->outbuf,
1472 data_blob_const(buf, sizeof(buf)))
1474 reply_nterror(req, NT_STATUS_NO_MEMORY);
1475 END_PROFILE(SMBsearch);
1485 /* If we were called as SMBffirst with smb_search_id == NULL
1486 and no entries were found then return error and close dirptr
1489 if (numentries == 0) {
1490 dptr_close(&dptr_num);
1491 } else if(expect_close && status_len == 0) {
1492 /* Close the dptr - we know it's gone */
1493 dptr_close(&dptr_num);
1496 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1497 if(dptr_num >= 0 && CVAL(req->inbuf,smb_com) == SMBfunique) {
1498 dptr_close(&dptr_num);
1501 if ((numentries == 0) && !mask_contains_wcard) {
1502 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1503 END_PROFILE(SMBsearch);
1507 SSVAL(req->outbuf,smb_vwv0,numentries);
1508 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1509 SCVAL(smb_buf(req->outbuf),0,5);
1510 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1512 /* The replies here are never long name. */
1513 SSVAL(req->outbuf, smb_flg2,
1514 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1515 if (!allow_long_path_components) {
1516 SSVAL(req->outbuf, smb_flg2,
1517 SVAL(req->outbuf, smb_flg2)
1518 & (~FLAGS2_LONG_PATH_COMPONENTS));
1521 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1522 SSVAL(req->outbuf, smb_flg2,
1523 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1526 directory = dptr_path(dptr_num);
1529 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1530 smb_fn_name(CVAL(req->inbuf,smb_com)),
1532 directory ? directory : "./",
1537 END_PROFILE(SMBsearch);
1541 /****************************************************************************
1542 Reply to a fclose (stop directory search).
1543 ****************************************************************************/
1545 void reply_fclose(struct smb_request *req)
1553 bool path_contains_wcard = False;
1554 TALLOC_CTX *ctx = talloc_tos();
1556 START_PROFILE(SMBfclose);
1558 if (lp_posix_pathnames()) {
1559 reply_unknown_new(req, CVAL(req->inbuf, smb_com));
1560 END_PROFILE(SMBfclose);
1564 p = smb_buf(req->inbuf) + 1;
1565 p += srvstr_get_path_wcard(ctx,
1573 &path_contains_wcard);
1574 if (!NT_STATUS_IS_OK(err)) {
1575 reply_nterror(req, err);
1576 END_PROFILE(SMBfclose);
1580 status_len = SVAL(p,0);
1583 if (status_len == 0) {
1584 reply_doserror(req, ERRSRV, ERRsrverror);
1585 END_PROFILE(SMBfclose);
1589 memcpy(status,p,21);
1591 if(dptr_fetch(status+12,&dptr_num)) {
1592 /* Close the dptr - we know it's gone */
1593 dptr_close(&dptr_num);
1596 reply_outbuf(req, 1, 0);
1597 SSVAL(req->outbuf,smb_vwv0,0);
1599 DEBUG(3,("search close\n"));
1601 END_PROFILE(SMBfclose);
1605 /****************************************************************************
1607 ****************************************************************************/
1609 void reply_open(struct smb_request *req)
1611 connection_struct *conn = req->conn;
1617 SMB_STRUCT_STAT sbuf;
1624 uint32 create_disposition;
1625 uint32 create_options = 0;
1627 TALLOC_CTX *ctx = talloc_tos();
1629 START_PROFILE(SMBopen);
1632 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1633 END_PROFILE(SMBopen);
1637 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1638 deny_mode = SVAL(req->inbuf,smb_vwv0);
1639 dos_attr = SVAL(req->inbuf,smb_vwv1);
1641 srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname,
1642 smb_buf(req->inbuf)+1, 0,
1643 STR_TERMINATE, &status);
1644 if (!NT_STATUS_IS_OK(status)) {
1645 reply_nterror(req, status);
1646 END_PROFILE(SMBopen);
1650 if (!map_open_params_to_ntcreate(
1651 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1652 &share_mode, &create_disposition, &create_options)) {
1653 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1654 END_PROFILE(SMBopen);
1658 status = create_file(conn, /* conn */
1660 0, /* root_dir_fid */
1662 access_mask, /* access_mask */
1663 share_mode, /* share_access */
1664 create_disposition, /* create_disposition*/
1665 create_options, /* create_options */
1666 dos_attr, /* file_attributes */
1667 oplock_request, /* oplock_request */
1668 0, /* allocation_size */
1675 if (!NT_STATUS_IS_OK(status)) {
1676 if (open_was_deferred(req->mid)) {
1677 /* We have re-scheduled this call. */
1678 END_PROFILE(SMBopen);
1681 reply_openerror(req, status);
1682 END_PROFILE(SMBopen);
1686 size = sbuf.st_size;
1687 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1688 mtime = sbuf.st_mtime;
1691 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1692 close_file(fsp,ERROR_CLOSE);
1693 reply_doserror(req, ERRDOS,ERRnoaccess);
1694 END_PROFILE(SMBopen);
1698 reply_outbuf(req, 7, 0);
1699 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1700 SSVAL(req->outbuf,smb_vwv1,fattr);
1701 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1702 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1704 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1706 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1707 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1709 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1710 SCVAL(req->outbuf,smb_flg,
1711 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1714 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1715 SCVAL(req->outbuf,smb_flg,
1716 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1718 END_PROFILE(SMBopen);
1722 /****************************************************************************
1723 Reply to an open and X.
1724 ****************************************************************************/
1726 void reply_open_and_X(struct smb_request *req)
1728 connection_struct *conn = req->conn;
1733 /* Breakout the oplock request bits so we can set the
1734 reply bits separately. */
1735 int ex_oplock_request;
1736 int core_oplock_request;
1739 int smb_sattr = SVAL(req->inbuf,smb_vwv4);
1740 uint32 smb_time = make_unix_date3(req->inbuf+smb_vwv6);
1745 SMB_STRUCT_STAT sbuf;
1749 SMB_BIG_UINT allocation_size;
1750 ssize_t retval = -1;
1753 uint32 create_disposition;
1754 uint32 create_options = 0;
1755 TALLOC_CTX *ctx = talloc_tos();
1757 START_PROFILE(SMBopenX);
1759 if (req->wct < 15) {
1760 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1761 END_PROFILE(SMBopenX);
1765 open_flags = SVAL(req->inbuf,smb_vwv2);
1766 deny_mode = SVAL(req->inbuf,smb_vwv3);
1767 smb_attr = SVAL(req->inbuf,smb_vwv5);
1768 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1769 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1770 oplock_request = ex_oplock_request | core_oplock_request;
1771 smb_ofun = SVAL(req->inbuf,smb_vwv8);
1772 allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv9);
1774 /* If it's an IPC, pass off the pipe handler. */
1776 if (lp_nt_pipe_support()) {
1777 reply_open_pipe_and_X(conn, req);
1779 reply_doserror(req, ERRSRV, ERRaccess);
1781 END_PROFILE(SMBopenX);
1785 /* XXXX we need to handle passed times, sattr and flags */
1786 srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname,
1787 smb_buf(req->inbuf), 0, STR_TERMINATE,
1789 if (!NT_STATUS_IS_OK(status)) {
1790 reply_nterror(req, status);
1791 END_PROFILE(SMBopenX);
1795 if (!map_open_params_to_ntcreate(
1796 fname, deny_mode, smb_ofun, &access_mask,
1797 &share_mode, &create_disposition, &create_options)) {
1798 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1799 END_PROFILE(SMBopenX);
1803 status = create_file(conn, /* conn */
1805 0, /* root_dir_fid */
1807 access_mask, /* access_mask */
1808 share_mode, /* share_access */
1809 create_disposition, /* create_disposition*/
1810 create_options, /* create_options */
1811 smb_attr, /* file_attributes */
1812 oplock_request, /* oplock_request */
1813 0, /* allocation_size */
1817 &smb_action, /* pinfo */
1820 if (!NT_STATUS_IS_OK(status)) {
1821 END_PROFILE(SMBopenX);
1822 if (open_was_deferred(req->mid)) {
1823 /* We have re-scheduled this call. */
1826 reply_openerror(req, status);
1830 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1831 if the file is truncated or created. */
1832 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1833 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1834 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1835 close_file(fsp,ERROR_CLOSE);
1836 reply_nterror(req, NT_STATUS_DISK_FULL);
1837 END_PROFILE(SMBopenX);
1840 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1842 close_file(fsp,ERROR_CLOSE);
1843 reply_nterror(req, NT_STATUS_DISK_FULL);
1844 END_PROFILE(SMBopenX);
1847 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1850 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1851 mtime = sbuf.st_mtime;
1853 close_file(fsp,ERROR_CLOSE);
1854 reply_doserror(req, ERRDOS, ERRnoaccess);
1855 END_PROFILE(SMBopenX);
1859 /* If the caller set the extended oplock request bit
1860 and we granted one (by whatever means) - set the
1861 correct bit for extended oplock reply.
1864 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1865 smb_action |= EXTENDED_OPLOCK_GRANTED;
1868 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1869 smb_action |= EXTENDED_OPLOCK_GRANTED;
1872 /* If the caller set the core oplock request bit
1873 and we granted one (by whatever means) - set the
1874 correct bit for core oplock reply.
1877 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1878 reply_outbuf(req, 19, 0);
1880 reply_outbuf(req, 15, 0);
1883 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1884 SCVAL(req->outbuf, smb_flg,
1885 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1888 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1889 SCVAL(req->outbuf, smb_flg,
1890 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1893 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1894 SSVAL(req->outbuf,smb_vwv3,fattr);
1895 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1896 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1898 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1900 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1901 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1902 SSVAL(req->outbuf,smb_vwv11,smb_action);
1904 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1905 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1908 END_PROFILE(SMBopenX);
1913 /****************************************************************************
1914 Reply to a SMBulogoffX.
1915 ****************************************************************************/
1917 void reply_ulogoffX(struct smb_request *req)
1921 START_PROFILE(SMBulogoffX);
1923 vuser = get_valid_user_struct(req->vuid);
1926 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1930 /* in user level security we are supposed to close any files
1931 open by this user */
1932 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1933 file_close_user(req->vuid);
1936 invalidate_vuid(req->vuid);
1938 reply_outbuf(req, 2, 0);
1940 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1942 END_PROFILE(SMBulogoffX);
1946 /****************************************************************************
1947 Reply to a mknew or a create.
1948 ****************************************************************************/
1950 void reply_mknew(struct smb_request *req)
1952 connection_struct *conn = req->conn;
1956 struct timespec ts[2];
1958 int oplock_request = 0;
1959 SMB_STRUCT_STAT sbuf;
1961 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1962 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1963 uint32 create_disposition;
1964 uint32 create_options = 0;
1965 TALLOC_CTX *ctx = talloc_tos();
1967 START_PROFILE(SMBcreate);
1970 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1971 END_PROFILE(SMBcreate);
1975 fattr = SVAL(req->inbuf,smb_vwv0);
1976 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1977 com = SVAL(req->inbuf,smb_com);
1979 ts[1] =convert_time_t_to_timespec(
1980 srv_make_unix_date3(req->inbuf + smb_vwv1));
1983 srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname,
1984 smb_buf(req->inbuf) + 1, 0,
1985 STR_TERMINATE, &status);
1986 if (!NT_STATUS_IS_OK(status)) {
1987 reply_nterror(req, status);
1988 END_PROFILE(SMBcreate);
1992 if (fattr & aVOLID) {
1993 DEBUG(0,("Attempt to create file (%s) with volid set - "
1994 "please report this\n", fname));
1997 if(com == SMBmknew) {
1998 /* We should fail if file exists. */
1999 create_disposition = FILE_CREATE;
2001 /* Create if file doesn't exist, truncate if it does. */
2002 create_disposition = FILE_OVERWRITE_IF;
2005 status = create_file(conn, /* conn */
2007 0, /* root_dir_fid */
2009 access_mask, /* access_mask */
2010 share_mode, /* share_access */
2011 create_disposition, /* create_disposition*/
2012 create_options, /* create_options */
2013 fattr, /* file_attributes */
2014 oplock_request, /* oplock_request */
2015 0, /* allocation_size */
2022 if (!NT_STATUS_IS_OK(status)) {
2023 END_PROFILE(SMBcreate);
2024 if (open_was_deferred(req->mid)) {
2025 /* We have re-scheduled this call. */
2028 reply_openerror(req, status);
2032 ts[0] = get_atimespec(&sbuf); /* atime. */
2033 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, ts, true);
2034 if (!NT_STATUS_IS_OK(status)) {
2035 END_PROFILE(SMBcreate);
2036 reply_openerror(req, status);
2040 reply_outbuf(req, 1, 0);
2041 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2043 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2044 SCVAL(req->outbuf,smb_flg,
2045 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2048 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2049 SCVAL(req->outbuf,smb_flg,
2050 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2053 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2054 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2055 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2057 END_PROFILE(SMBcreate);
2061 /****************************************************************************
2062 Reply to a create temporary file.
2063 ****************************************************************************/
2065 void reply_ctemp(struct smb_request *req)
2067 connection_struct *conn = req->conn;
2073 SMB_STRUCT_STAT sbuf;
2076 TALLOC_CTX *ctx = talloc_tos();
2078 START_PROFILE(SMBctemp);
2081 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2082 END_PROFILE(SMBctemp);
2086 fattr = SVAL(req->inbuf,smb_vwv0);
2087 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2089 srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname,
2090 smb_buf(req->inbuf)+1, 0, STR_TERMINATE,
2092 if (!NT_STATUS_IS_OK(status)) {
2093 reply_nterror(req, status);
2094 END_PROFILE(SMBctemp);
2098 fname = talloc_asprintf(ctx,
2102 fname = talloc_strdup(ctx, "TMXXXXXX");
2106 reply_nterror(req, NT_STATUS_NO_MEMORY);
2107 END_PROFILE(SMBctemp);
2111 status = resolve_dfspath(ctx, conn,
2112 req->flags2 & FLAGS2_DFS_PATHNAMES,
2115 if (!NT_STATUS_IS_OK(status)) {
2116 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2117 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2118 ERRSRV, ERRbadpath);
2119 END_PROFILE(SMBctemp);
2122 reply_nterror(req, status);
2123 END_PROFILE(SMBctemp);
2127 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
2128 if (!NT_STATUS_IS_OK(status)) {
2129 reply_nterror(req, status);
2130 END_PROFILE(SMBctemp);
2134 status = check_name(conn, fname);
2135 if (!NT_STATUS_IS_OK(status)) {
2136 reply_nterror(req, status);
2137 END_PROFILE(SMBctemp);
2141 tmpfd = smb_mkstemp(fname);
2143 reply_unixerror(req, ERRDOS, ERRnoaccess);
2144 END_PROFILE(SMBctemp);
2148 SMB_VFS_STAT(conn,fname,&sbuf);
2150 /* We should fail if file does not exist. */
2151 status = open_file_ntcreate(conn, req, fname, &sbuf,
2152 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
2153 FILE_SHARE_READ|FILE_SHARE_WRITE,
2160 /* close fd from smb_mkstemp() */
2163 if (!NT_STATUS_IS_OK(status)) {
2164 if (open_was_deferred(req->mid)) {
2165 /* We have re-scheduled this call. */
2166 END_PROFILE(SMBctemp);
2169 reply_openerror(req, status);
2170 END_PROFILE(SMBctemp);
2174 reply_outbuf(req, 1, 0);
2175 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2177 /* the returned filename is relative to the directory */
2178 s = strrchr_m(fsp->fsp_name, '/');
2186 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2187 thing in the byte section. JRA */
2188 SSVALS(p, 0, -1); /* what is this? not in spec */
2190 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2192 reply_nterror(req, NT_STATUS_NO_MEMORY);
2193 END_PROFILE(SMBctemp);
2197 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2198 SCVAL(req->outbuf, smb_flg,
2199 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2202 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2203 SCVAL(req->outbuf, smb_flg,
2204 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2207 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2208 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2209 fsp->fh->fd, (unsigned int)sbuf.st_mode ) );
2211 END_PROFILE(SMBctemp);
2215 /*******************************************************************
2216 Check if a user is allowed to rename a file.
2217 ********************************************************************/
2219 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2220 uint16 dirtype, SMB_STRUCT_STAT *pst)
2224 if (!CAN_WRITE(conn)) {
2225 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2228 fmode = dos_mode(conn, fsp->fsp_name, pst);
2229 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2230 return NT_STATUS_NO_SUCH_FILE;
2233 if (S_ISDIR(pst->st_mode)) {
2234 return NT_STATUS_OK;
2237 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2238 return NT_STATUS_OK;
2241 return NT_STATUS_ACCESS_DENIED;
2244 /*******************************************************************
2245 * unlink a file with all relevant access checks
2246 *******************************************************************/
2248 static NTSTATUS do_unlink(connection_struct *conn,
2249 struct smb_request *req,
2253 SMB_STRUCT_STAT sbuf;
2256 uint32 dirtype_orig = dirtype;
2259 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2261 if (!CAN_WRITE(conn)) {
2262 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2265 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2266 return map_nt_error_from_unix(errno);
2269 fattr = dos_mode(conn,fname,&sbuf);
2271 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2272 dirtype = aDIR|aARCH|aRONLY;
2275 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2277 return NT_STATUS_NO_SUCH_FILE;
2280 if (!dir_check_ftype(conn, fattr, dirtype)) {
2282 return NT_STATUS_FILE_IS_A_DIRECTORY;
2284 return NT_STATUS_NO_SUCH_FILE;
2287 if (dirtype_orig & 0x8000) {
2288 /* These will never be set for POSIX. */
2289 return NT_STATUS_NO_SUCH_FILE;
2293 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2294 return NT_STATUS_FILE_IS_A_DIRECTORY;
2297 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2298 return NT_STATUS_NO_SUCH_FILE;
2301 if (dirtype & 0xFF00) {
2302 /* These will never be set for POSIX. */
2303 return NT_STATUS_NO_SUCH_FILE;
2308 return NT_STATUS_NO_SUCH_FILE;
2311 /* Can't delete a directory. */
2313 return NT_STATUS_FILE_IS_A_DIRECTORY;
2318 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2319 return NT_STATUS_OBJECT_NAME_INVALID;
2320 #endif /* JRATEST */
2322 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2324 On a Windows share, a file with read-only dosmode can be opened with
2325 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2326 fails with NT_STATUS_CANNOT_DELETE error.
2328 This semantic causes a problem that a user can not
2329 rename a file with read-only dosmode on a Samba share
2330 from a Windows command prompt (i.e. cmd.exe, but can rename
2331 from Windows Explorer).
2334 if (!lp_delete_readonly(SNUM(conn))) {
2335 if (fattr & aRONLY) {
2336 return NT_STATUS_CANNOT_DELETE;
2340 /* On open checks the open itself will check the share mode, so
2341 don't do it here as we'll get it wrong. */
2343 status = create_file_unixpath
2347 DELETE_ACCESS, /* access_mask */
2348 FILE_SHARE_NONE, /* share_access */
2349 FILE_OPEN, /* create_disposition*/
2350 FILE_NON_DIRECTORY_FILE, /* create_options */
2351 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2352 0, /* oplock_request */
2353 0, /* allocation_size */
2360 if (!NT_STATUS_IS_OK(status)) {
2361 DEBUG(10, ("create_file_unixpath failed: %s\n",
2362 nt_errstr(status)));
2366 /* The set is across all open files on this dev/inode pair. */
2367 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2368 close_file(fsp, NORMAL_CLOSE);
2369 return NT_STATUS_ACCESS_DENIED;
2372 return close_file(fsp,NORMAL_CLOSE);
2375 /****************************************************************************
2376 The guts of the unlink command, split out so it may be called by the NT SMB
2378 ****************************************************************************/
2380 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2381 uint32 dirtype, const char *name_in, bool has_wild)
2383 const char *directory = NULL;
2388 NTSTATUS status = NT_STATUS_OK;
2389 SMB_STRUCT_STAT sbuf;
2390 TALLOC_CTX *ctx = talloc_tos();
2392 status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
2393 if (!NT_STATUS_IS_OK(status)) {
2397 p = strrchr_m(name,'/');
2399 directory = talloc_strdup(ctx, ".");
2401 return NT_STATUS_NO_MEMORY;
2411 * We should only check the mangled cache
2412 * here if unix_convert failed. This means
2413 * that the path in 'mask' doesn't exist
2414 * on the file system and so we need to look
2415 * for a possible mangle. This patch from
2416 * Tine Smukavec <valentin.smukavec@hermes.si>.
2419 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2420 char *new_mask = NULL;
2421 mangle_lookup_name_from_8_3(ctx,
2431 directory = talloc_asprintf(ctx,
2436 return NT_STATUS_NO_MEMORY;
2439 dirtype = FILE_ATTRIBUTE_NORMAL;
2442 status = check_name(conn, directory);
2443 if (!NT_STATUS_IS_OK(status)) {
2447 status = do_unlink(conn, req, directory, dirtype);
2448 if (!NT_STATUS_IS_OK(status)) {
2454 struct smb_Dir *dir_hnd = NULL;
2458 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2459 return NT_STATUS_OBJECT_NAME_INVALID;
2462 if (strequal(mask,"????????.???")) {
2467 status = check_name(conn, directory);
2468 if (!NT_STATUS_IS_OK(status)) {
2472 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2474 if (dir_hnd == NULL) {
2475 return map_nt_error_from_unix(errno);
2478 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2479 the pattern matches against the long name, otherwise the short name
2480 We don't implement this yet XXXX
2483 status = NT_STATUS_NO_SUCH_FILE;
2485 while ((dname = ReadDirName(dir_hnd, &offset))) {
2489 if (!is_visible_file(conn, directory, dname, &st, True)) {
2493 /* Quick check for "." and ".." */
2494 if (ISDOT(dname) || ISDOTDOT(dname)) {
2498 if(!mask_match(dname, mask, conn->case_sensitive)) {
2502 fname = talloc_asprintf(ctx, "%s/%s",
2506 return NT_STATUS_NO_MEMORY;
2509 status = check_name(conn, fname);
2510 if (!NT_STATUS_IS_OK(status)) {
2511 TALLOC_FREE(dir_hnd);
2515 status = do_unlink(conn, req, fname, dirtype);
2516 if (!NT_STATUS_IS_OK(status)) {
2522 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2527 TALLOC_FREE(dir_hnd);
2530 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2531 status = map_nt_error_from_unix(errno);
2537 /****************************************************************************
2539 ****************************************************************************/
2541 void reply_unlink(struct smb_request *req)
2543 connection_struct *conn = req->conn;
2547 bool path_contains_wcard = False;
2548 TALLOC_CTX *ctx = talloc_tos();
2550 START_PROFILE(SMBunlink);
2553 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2554 END_PROFILE(SMBunlink);
2558 dirtype = SVAL(req->inbuf,smb_vwv0);
2560 srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name,
2561 smb_buf(req->inbuf) + 1, 0,
2562 STR_TERMINATE, &status, &path_contains_wcard);
2563 if (!NT_STATUS_IS_OK(status)) {
2564 reply_nterror(req, status);
2565 END_PROFILE(SMBunlink);
2569 status = resolve_dfspath_wcard(ctx, conn,
2570 req->flags2 & FLAGS2_DFS_PATHNAMES,
2573 &path_contains_wcard);
2574 if (!NT_STATUS_IS_OK(status)) {
2575 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2576 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2577 ERRSRV, ERRbadpath);
2578 END_PROFILE(SMBunlink);
2581 reply_nterror(req, status);
2582 END_PROFILE(SMBunlink);
2586 DEBUG(3,("reply_unlink : %s\n",name));
2588 status = unlink_internals(conn, req, dirtype, name,
2589 path_contains_wcard);
2590 if (!NT_STATUS_IS_OK(status)) {
2591 if (open_was_deferred(req->mid)) {
2592 /* We have re-scheduled this call. */
2593 END_PROFILE(SMBunlink);
2596 reply_nterror(req, status);
2597 END_PROFILE(SMBunlink);
2601 reply_outbuf(req, 0, 0);
2602 END_PROFILE(SMBunlink);
2607 /****************************************************************************
2609 ****************************************************************************/
2611 static void fail_readraw(void)
2613 const char *errstr = talloc_asprintf(talloc_tos(),
2614 "FAIL ! reply_readbraw: socket write fail (%s)",
2619 exit_server_cleanly(errstr);
2622 /****************************************************************************
2623 Fake (read/write) sendfile. Returns -1 on read or write fail.
2624 ****************************************************************************/
2626 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2630 size_t tosend = nread;
2637 bufsize = MIN(nread, 65536);
2639 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2643 while (tosend > 0) {
2647 if (tosend > bufsize) {
2652 ret = read_file(fsp,buf,startpos,cur_read);
2658 /* If we had a short read, fill with zeros. */
2659 if (ret < cur_read) {
2660 memset(buf, '\0', cur_read - ret);
2663 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2668 startpos += cur_read;
2672 return (ssize_t)nread;
2675 /****************************************************************************
2676 Return a readbraw error (4 bytes of zero).
2677 ****************************************************************************/
2679 static void reply_readbraw_error(void)
2683 if (write_data(smbd_server_fd(),header,4) != 4) {
2688 /****************************************************************************
2689 Use sendfile in readbraw.
2690 ****************************************************************************/
2692 void send_file_readbraw(connection_struct *conn,
2698 char *outbuf = NULL;
2701 #if defined(WITH_SENDFILE)
2703 * We can only use sendfile on a non-chained packet
2704 * but we can use on a non-oplocked file. tridge proved this
2705 * on a train in Germany :-). JRA.
2706 * reply_readbraw has already checked the length.
2709 if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) &&
2710 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2712 DATA_BLOB header_blob;
2714 _smb_setlen(header,nread);
2715 header_blob = data_blob_const(header, 4);
2717 if (SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2718 &header_blob, startpos, nread) == -1) {
2719 /* Returning ENOSYS means no data at all was sent.
2720 * Do this as a normal read. */
2721 if (errno == ENOSYS) {
2722 goto normal_readbraw;
2726 * Special hack for broken Linux with no working sendfile. If we
2727 * return EINTR we sent the header but not the rest of the data.
2728 * Fake this up by doing read/write calls.
2730 if (errno == EINTR) {
2731 /* Ensure we don't do this again. */
2732 set_use_sendfile(SNUM(conn), False);
2733 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2735 if (fake_sendfile(fsp, startpos, nread) == -1) {
2736 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2737 fsp->fsp_name, strerror(errno) ));
2738 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2743 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2744 fsp->fsp_name, strerror(errno) ));
2745 exit_server_cleanly("send_file_readbraw sendfile failed");
2754 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2756 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2757 (unsigned)(nread+4)));
2758 reply_readbraw_error();
2763 ret = read_file(fsp,outbuf+4,startpos,nread);
2764 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2773 _smb_setlen(outbuf,ret);
2774 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2777 TALLOC_FREE(outbuf);
2780 /****************************************************************************
2781 Reply to a readbraw (core+ protocol).
2782 ****************************************************************************/
2784 void reply_readbraw(struct smb_request *req)
2786 connection_struct *conn = req->conn;
2787 ssize_t maxcount,mincount;
2794 START_PROFILE(SMBreadbraw);
2796 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
2797 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2798 "raw reads/writes are disallowed.");
2802 reply_readbraw_error();
2803 END_PROFILE(SMBreadbraw);
2808 * Special check if an oplock break has been issued
2809 * and the readraw request croses on the wire, we must
2810 * return a zero length response here.
2813 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2816 * We have to do a check_fsp by hand here, as
2817 * we must always return 4 zero bytes on error,
2821 if (!fsp || !conn || conn != fsp->conn ||
2822 req->vuid != fsp->vuid ||
2823 fsp->is_directory || fsp->fh->fd == -1) {
2825 * fsp could be NULL here so use the value from the packet. JRA.
2827 DEBUG(3,("reply_readbraw: fnum %d not valid "
2829 (int)SVAL(req->inbuf,smb_vwv0)));
2830 reply_readbraw_error();
2831 END_PROFILE(SMBreadbraw);
2835 /* Do a "by hand" version of CHECK_READ. */
2836 if (!(fsp->can_read ||
2837 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2838 (fsp->access_mask & FILE_EXECUTE)))) {
2839 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2840 (int)SVAL(req->inbuf,smb_vwv0)));
2841 reply_readbraw_error();
2842 END_PROFILE(SMBreadbraw);
2846 flush_write_cache(fsp, READRAW_FLUSH);
2848 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv1);
2849 if(req->wct == 10) {
2851 * This is a large offset (64 bit) read.
2853 #ifdef LARGE_SMB_OFF_T
2855 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv8)) << 32);
2857 #else /* !LARGE_SMB_OFF_T */
2860 * Ensure we haven't been sent a >32 bit offset.
2863 if(IVAL(req->inbuf,smb_vwv8) != 0) {
2864 DEBUG(0,("reply_readbraw: large offset "
2865 "(%x << 32) used and we don't support "
2866 "64 bit offsets.\n",
2867 (unsigned int)IVAL(req->inbuf,smb_vwv8) ));
2868 reply_readbraw_error();
2869 END_PROFILE(SMBreadbraw);
2873 #endif /* LARGE_SMB_OFF_T */
2876 DEBUG(0,("reply_readbraw: negative 64 bit "
2877 "readraw offset (%.0f) !\n",
2878 (double)startpos ));
2879 reply_readbraw_error();
2880 END_PROFILE(SMBreadbraw);
2885 maxcount = (SVAL(req->inbuf,smb_vwv3) & 0xFFFF);
2886 mincount = (SVAL(req->inbuf,smb_vwv4) & 0xFFFF);
2888 /* ensure we don't overrun the packet size */
2889 maxcount = MIN(65535,maxcount);
2891 if (is_locked(fsp,(uint32)req->smbpid,
2892 (SMB_BIG_UINT)maxcount,
2893 (SMB_BIG_UINT)startpos,
2895 reply_readbraw_error();
2896 END_PROFILE(SMBreadbraw);
2900 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
2904 if (startpos >= size) {
2907 nread = MIN(maxcount,(size - startpos));
2910 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2911 if (nread < mincount)
2915 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2916 "min=%lu nread=%lu\n",
2917 fsp->fnum, (double)startpos,
2918 (unsigned long)maxcount,
2919 (unsigned long)mincount,
2920 (unsigned long)nread ) );
2922 send_file_readbraw(conn, fsp, startpos, nread, mincount);
2924 DEBUG(5,("reply_readbraw finished\n"));
2925 END_PROFILE(SMBreadbraw);
2929 #define DBGC_CLASS DBGC_LOCKING
2931 /****************************************************************************
2932 Reply to a lockread (core+ protocol).
2933 ****************************************************************************/
2935 void reply_lockread(struct smb_request *req)
2937 connection_struct *conn = req->conn;
2944 struct byte_range_lock *br_lck = NULL;
2947 START_PROFILE(SMBlockread);
2950 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2951 END_PROFILE(SMBlockread);
2955 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
2957 if (!check_fsp(conn, req, fsp)) {
2958 END_PROFILE(SMBlockread);
2962 if (!CHECK_READ(fsp,req->inbuf)) {
2963 reply_doserror(req, ERRDOS, ERRbadaccess);
2964 END_PROFILE(SMBlockread);
2968 release_level_2_oplocks_on_change(fsp);
2970 numtoread = SVAL(req->inbuf,smb_vwv1);
2971 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
2973 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
2975 reply_outbuf(req, 5, numtoread + 3);
2977 data = smb_buf(req->outbuf) + 3;
2980 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2981 * protocol request that predates the read/write lock concept.
2982 * Thus instead of asking for a read lock here we need to ask
2983 * for a write lock. JRA.
2984 * Note that the requested lock size is unaffected by max_recv.
2987 br_lck = do_lock(smbd_messaging_context(),
2990 (SMB_BIG_UINT)numtoread,
2991 (SMB_BIG_UINT)startpos,
2994 False, /* Non-blocking lock. */
2997 TALLOC_FREE(br_lck);
2999 if (NT_STATUS_V(status)) {
3000 reply_nterror(req, status);
3001 END_PROFILE(SMBlockread);
3006 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3009 if (numtoread > max_recv) {
3010 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3011 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3012 (unsigned int)numtoread, (unsigned int)max_recv ));
3013 numtoread = MIN(numtoread,max_recv);
3015 nread = read_file(fsp,data,startpos,numtoread);
3018 reply_unixerror(req, ERRDOS, ERRnoaccess);
3019 END_PROFILE(SMBlockread);
3023 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3025 SSVAL(req->outbuf,smb_vwv0,nread);
3026 SSVAL(req->outbuf,smb_vwv5,nread+3);
3027 p = smb_buf(req->outbuf);
3028 SCVAL(p,0,0); /* pad byte. */
3031 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3032 fsp->fnum, (int)numtoread, (int)nread));
3034 END_PROFILE(SMBlockread);
3039 #define DBGC_CLASS DBGC_ALL
3041 /****************************************************************************
3043 ****************************************************************************/
3045 void reply_read(struct smb_request *req)
3047 connection_struct *conn = req->conn;
3055 START_PROFILE(SMBread);
3058 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3059 END_PROFILE(SMBread);
3063 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3065 if (!check_fsp(conn, req, fsp)) {
3066 END_PROFILE(SMBread);
3070 if (!CHECK_READ(fsp,req->inbuf)) {
3071 reply_doserror(req, ERRDOS, ERRbadaccess);
3072 END_PROFILE(SMBread);
3076 numtoread = SVAL(req->inbuf,smb_vwv1);
3077 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
3079 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3082 * The requested read size cannot be greater than max_recv. JRA.
3084 if (numtoread > max_recv) {
3085 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3086 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3087 (unsigned int)numtoread, (unsigned int)max_recv ));
3088 numtoread = MIN(numtoread,max_recv);
3091 reply_outbuf(req, 5, numtoread+3);
3093 data = smb_buf(req->outbuf) + 3;
3095 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtoread,
3096 (SMB_BIG_UINT)startpos, READ_LOCK)) {
3097 reply_doserror(req, ERRDOS,ERRlock);
3098 END_PROFILE(SMBread);
3103 nread = read_file(fsp,data,startpos,numtoread);
3106 reply_unixerror(req, ERRDOS,ERRnoaccess);
3107 END_PROFILE(SMBread);
3111 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3113 SSVAL(req->outbuf,smb_vwv0,nread);
3114 SSVAL(req->outbuf,smb_vwv5,nread+3);
3115 SCVAL(smb_buf(req->outbuf),0,1);
3116 SSVAL(smb_buf(req->outbuf),1,nread);
3118 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3119 fsp->fnum, (int)numtoread, (int)nread ) );
3121 END_PROFILE(SMBread);
3125 /****************************************************************************
3127 ****************************************************************************/
3129 static int setup_readX_header(char *outbuf, size_t smb_maxcnt)
3134 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3135 data = smb_buf(outbuf);
3137 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3139 SCVAL(outbuf,smb_vwv0,0xFF);
3140 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3141 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3142 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
3143 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3144 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
3145 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3146 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3150 /****************************************************************************
3151 Reply to a read and X - possibly using sendfile.
3152 ****************************************************************************/
3154 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3155 files_struct *fsp, SMB_OFF_T startpos,
3158 SMB_STRUCT_STAT sbuf;
3161 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3162 reply_unixerror(req, ERRDOS, ERRnoaccess);
3166 if (startpos > sbuf.st_size) {
3168 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
3169 smb_maxcnt = (sbuf.st_size - startpos);
3172 if (smb_maxcnt == 0) {
3176 #if defined(WITH_SENDFILE)
3178 * We can only use sendfile on a non-chained packet
3179 * but we can use on a non-oplocked file. tridge proved this
3180 * on a train in Germany :-). JRA.
3183 if ((chain_size == 0) && (CVAL(req->inbuf,smb_vwv0) == 0xFF) &&
3184 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3185 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
3186 uint8 headerbuf[smb_size + 12 * 2];
3190 * Set up the packet header before send. We
3191 * assume here the sendfile will work (get the
3192 * correct amount of data).
3195 header = data_blob_const(headerbuf, sizeof(headerbuf));
3197 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
3198 setup_readX_header((char *)headerbuf, smb_maxcnt);
3200 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3201 /* Returning ENOSYS or EINVAL means no data at all was sent.
3202 Do this as a normal read. */
3203 if (errno == ENOSYS || errno == EINVAL) {
3208 * Special hack for broken Linux with no working sendfile. If we
3209 * return EINTR we sent the header but not the rest of the data.
3210 * Fake this up by doing read/write calls.
3213 if (errno == EINTR) {
3214 /* Ensure we don't do this again. */
3215 set_use_sendfile(SNUM(conn), False);
3216 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3217 nread = fake_sendfile(fsp, startpos,
3220 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3221 fsp->fsp_name, strerror(errno) ));
3222 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3224 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3225 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3226 /* No outbuf here means successful sendfile. */
3227 TALLOC_FREE(req->outbuf);
3231 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3232 fsp->fsp_name, strerror(errno) ));
3233 exit_server_cleanly("send_file_readX sendfile failed");
3236 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3237 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3238 /* No outbuf here means successful sendfile. */
3239 TALLOC_FREE(req->outbuf);
3246 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3247 uint8 headerbuf[smb_size + 2*12];
3249 construct_reply_common((char *)req->inbuf, (char *)headerbuf);
3250 setup_readX_header((char *)headerbuf, smb_maxcnt);
3252 /* Send out the header. */
3253 if (write_data(smbd_server_fd(), (char *)headerbuf,
3254 sizeof(headerbuf)) != sizeof(headerbuf)) {
3255 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3256 fsp->fsp_name, strerror(errno) ));
3257 exit_server_cleanly("send_file_readX sendfile failed");
3259 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3261 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3262 fsp->fsp_name, strerror(errno) ));
3263 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3265 TALLOC_FREE(req->outbuf);
3269 reply_outbuf(req, 12, smb_maxcnt);
3271 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3273 reply_unixerror(req, ERRDOS, ERRnoaccess);
3277 setup_readX_header((char *)req->outbuf, nread);
3279 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3280 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3285 /****************************************************************************
3286 Reply to a read and X.
3287 ****************************************************************************/
3289 void reply_read_and_X(struct smb_request *req)
3291 connection_struct *conn = req->conn;
3295 bool big_readX = False;
3297 size_t smb_mincnt = SVAL(req->inbuf,smb_vwv6);
3300 START_PROFILE(SMBreadX);
3302 if ((req->wct != 10) && (req->wct != 12)) {
3303 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3307 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3308 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3309 smb_maxcnt = SVAL(req->inbuf,smb_vwv5);
3311 /* If it's an IPC, pass off the pipe handler. */
3313 reply_pipe_read_and_X(req);
3314 END_PROFILE(SMBreadX);
3318 if (!check_fsp(conn, req, fsp)) {
3319 END_PROFILE(SMBreadX);
3323 if (!CHECK_READ(fsp,req->inbuf)) {
3324 reply_doserror(req, ERRDOS,ERRbadaccess);
3325 END_PROFILE(SMBreadX);
3329 if (global_client_caps & CAP_LARGE_READX) {
3330 size_t upper_size = SVAL(req->inbuf,smb_vwv7);
3331 smb_maxcnt |= (upper_size<<16);
3332 if (upper_size > 1) {
3333 /* Can't do this on a chained packet. */
3334 if ((CVAL(req->inbuf,smb_vwv0) != 0xFF)) {
3335 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3336 END_PROFILE(SMBreadX);
3339 /* We currently don't do this on signed or sealed data. */
3340 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
3341 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3342 END_PROFILE(SMBreadX);
3345 /* Is there room in the reply for this data ? */
3346 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3348 NT_STATUS_INVALID_PARAMETER);
3349 END_PROFILE(SMBreadX);
3356 if (req->wct == 12) {
3357 #ifdef LARGE_SMB_OFF_T
3359 * This is a large offset (64 bit) read.
3361 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv10)) << 32);
3363 #else /* !LARGE_SMB_OFF_T */
3366 * Ensure we haven't been sent a >32 bit offset.
3369 if(IVAL(req->inbuf,smb_vwv10) != 0) {
3370 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3371 "used and we don't support 64 bit offsets.\n",
3372 (unsigned int)IVAL(req->inbuf,smb_vwv10) ));
3373 END_PROFILE(SMBreadX);
3374 reply_doserror(req, ERRDOS, ERRbadaccess);
3378 #endif /* LARGE_SMB_OFF_T */
3382 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)smb_maxcnt,
3383 (SMB_BIG_UINT)startpos, READ_LOCK)) {
3384 END_PROFILE(SMBreadX);
3385 reply_doserror(req, ERRDOS, ERRlock);
3390 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3391 END_PROFILE(SMBreadX);
3395 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3397 END_PROFILE(SMBreadX);
3401 /****************************************************************************
3402 Error replies to writebraw must have smb_wct == 1. Fix this up.
3403 ****************************************************************************/
3405 void error_to_writebrawerr(struct smb_request *req)
3407 uint8 *old_outbuf = req->outbuf;
3409 reply_outbuf(req, 1, 0);
3411 memcpy(req->outbuf, old_outbuf, smb_size);
3412 TALLOC_FREE(old_outbuf);
3415 /****************************************************************************
3416 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3417 ****************************************************************************/
3419 void reply_writebraw(struct smb_request *req)
3421 connection_struct *conn = req->conn;
3424 ssize_t total_written=0;
3425 size_t numtowrite=0;
3433 START_PROFILE(SMBwritebraw);
3436 * If we ever reply with an error, it must have the SMB command
3437 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3440 SCVAL(req->inbuf,smb_com,SMBwritec);
3442 if (srv_is_signing_active()) {
3443 END_PROFILE(SMBwritebraw);
3444 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3445 "raw reads/writes are disallowed.");
3448 if (req->wct < 12) {
3449 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3450 error_to_writebrawerr(req);
3451 END_PROFILE(SMBwritebraw);
3455 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3456 if (!check_fsp(conn, req, fsp)) {
3457 error_to_writebrawerr(req);
3458 END_PROFILE(SMBwritebraw);
3462 if (!CHECK_WRITE(fsp)) {
3463 reply_doserror(req, ERRDOS, ERRbadaccess);
3464 error_to_writebrawerr(req);
3465 END_PROFILE(SMBwritebraw);
3469 tcount = IVAL(req->inbuf,smb_vwv1);
3470 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3471 write_through = BITSETW(req->inbuf+smb_vwv7,0);
3473 /* We have to deal with slightly different formats depending
3474 on whether we are using the core+ or lanman1.0 protocol */
3476 if(Protocol <= PROTOCOL_COREPLUS) {
3477 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3478 data = smb_buf(req->inbuf);
3480 numtowrite = SVAL(req->inbuf,smb_vwv10);
3481 data = smb_base(req->inbuf) + SVAL(req->inbuf, smb_vwv11);
3484 /* Ensure we don't write bytes past the end of this packet. */
3485 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3486 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3487 error_to_writebrawerr(req);
3488 END_PROFILE(SMBwritebraw);
3492 if (is_locked(fsp,(uint32)req->smbpid,(SMB_BIG_UINT)tcount,
3493 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3494 reply_doserror(req, ERRDOS, ERRlock);
3495 error_to_writebrawerr(req);
3496 END_PROFILE(SMBwritebraw);
3501 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3504 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3505 "wrote=%d sync=%d\n",
3506 fsp->fnum, (double)startpos, (int)numtowrite,
3507 (int)nwritten, (int)write_through));
3509 if (nwritten < (ssize_t)numtowrite) {
3510 reply_unixerror(req, ERRHRD, ERRdiskfull);
3511 error_to_writebrawerr(req);
3512 END_PROFILE(SMBwritebraw);
3516 total_written = nwritten;
3518 /* Allocate a buffer of 64k + length. */
3519 buf = TALLOC_ARRAY(NULL, char, 65540);
3521 reply_doserror(req, ERRDOS, ERRnomem);
3522 error_to_writebrawerr(req);
3523 END_PROFILE(SMBwritebraw);
3527 /* Return a SMBwritebraw message to the redirector to tell
3528 * it to send more bytes */
3530 memcpy(buf, req->inbuf, smb_size);
3531 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3532 SCVAL(buf,smb_com,SMBwritebraw);
3533 SSVALS(buf,smb_vwv0,0xFFFF);
3535 if (!srv_send_smb(smbd_server_fd(),
3537 IS_CONN_ENCRYPTED(conn))) {
3538 exit_server_cleanly("reply_writebraw: srv_send_smb "
3542 /* Now read the raw data into the buffer and write it */
3543 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3545 if (!NT_STATUS_IS_OK(status)) {
3546 exit_server_cleanly("secondary writebraw failed");
3549 /* Set up outbuf to return the correct size */
3550 reply_outbuf(req, 1, 0);
3552 if (numtowrite != 0) {
3554 if (numtowrite > 0xFFFF) {
3555 DEBUG(0,("reply_writebraw: Oversize secondary write "
3556 "raw requested (%u). Terminating\n",
3557 (unsigned int)numtowrite ));
3558 exit_server_cleanly("secondary writebraw failed");
3561 if (tcount > nwritten+numtowrite) {
3562 DEBUG(3,("reply_writebraw: Client overestimated the "
3564 (int)tcount,(int)nwritten,(int)numtowrite));
3567 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3569 if (!NT_STATUS_IS_OK(status)) {
3570 DEBUG(0,("reply_writebraw: Oversize secondary write "
3571 "raw read failed (%s). Terminating\n",
3572 nt_errstr(status)));
3573 exit_server_cleanly("secondary writebraw failed");
3576 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3577 if (nwritten == -1) {
3579 reply_unixerror(req, ERRHRD, ERRdiskfull);
3580 error_to_writebrawerr(req);
3581 END_PROFILE(SMBwritebraw);
3585 if (nwritten < (ssize_t)numtowrite) {
3586 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3587 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3591 total_written += nwritten;
3596 SSVAL(req->outbuf,smb_vwv0,total_written);
3598 status = sync_file(conn, fsp, write_through);
3599 if (!NT_STATUS_IS_OK(status)) {
3600 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3601 fsp->fsp_name, nt_errstr(status) ));
3602 reply_nterror(req, status);
3603 error_to_writebrawerr(req);
3604 END_PROFILE(SMBwritebraw);
3608 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3610 fsp->fnum, (double)startpos, (int)numtowrite,
3611 (int)total_written));
3613 /* We won't return a status if write through is not selected - this
3614 * follows what WfWg does */
3615 END_PROFILE(SMBwritebraw);
3617 if (!write_through && total_written==tcount) {
3619 #if RABBIT_PELLET_FIX
3621 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3622 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3625 if (!send_keepalive(smbd_server_fd())) {
3626 exit_server_cleanly("reply_writebraw: send of "
3627 "keepalive failed");
3630 TALLOC_FREE(req->outbuf);
3636 #define DBGC_CLASS DBGC_LOCKING
3638 /****************************************************************************
3639 Reply to a writeunlock (core+).
3640 ****************************************************************************/
3642 void reply_writeunlock(struct smb_request *req)
3644 connection_struct *conn = req->conn;
3645 ssize_t nwritten = -1;
3649 NTSTATUS status = NT_STATUS_OK;
3652 START_PROFILE(SMBwriteunlock);
3655 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3656 END_PROFILE(SMBwriteunlock);
3660 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3662 if (!check_fsp(conn, req, fsp)) {
3663 END_PROFILE(SMBwriteunlock);
3667 if (!CHECK_WRITE(fsp)) {
3668 reply_doserror(req, ERRDOS,ERRbadaccess);
3669 END_PROFILE(SMBwriteunlock);
3673 numtowrite = SVAL(req->inbuf,smb_vwv1);
3674 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
3675 data = smb_buf(req->inbuf) + 3;
3678 && is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite,
3679 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3680 reply_doserror(req, ERRDOS, ERRlock);
3681 END_PROFILE(SMBwriteunlock);
3685 /* The special X/Open SMB protocol handling of
3686 zero length writes is *NOT* done for
3688 if(numtowrite == 0) {
3691 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3694 status = sync_file(conn, fsp, False /* write through */);
3695 if (!NT_STATUS_IS_OK(status)) {
3696 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3697 fsp->fsp_name, nt_errstr(status) ));
3698 reply_nterror(req, status);
3699 END_PROFILE(SMBwriteunlock);
3703 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
3704 reply_unixerror(req, ERRHRD, ERRdiskfull);
3705 END_PROFILE(SMBwriteunlock);
3710 status = do_unlock(smbd_messaging_context(),
3713 (SMB_BIG_UINT)numtowrite,
3714 (SMB_BIG_UINT)startpos,
3717 if (NT_STATUS_V(status)) {
3718 reply_nterror(req, status);
3719 END_PROFILE(SMBwriteunlock);
3724 reply_outbuf(req, 1, 0);
3726 SSVAL(req->outbuf,smb_vwv0,nwritten);
3728 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3729 fsp->fnum, (int)numtowrite, (int)nwritten));
3731 END_PROFILE(SMBwriteunlock);
3736 #define DBGC_CLASS DBGC_ALL
3738 /****************************************************************************
3740 ****************************************************************************/
3742 void reply_write(struct smb_request *req)
3744 connection_struct *conn = req->conn;
3746 ssize_t nwritten = -1;
3752 START_PROFILE(SMBwrite);
3755 END_PROFILE(SMBwrite);
3756 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3760 /* If it's an IPC, pass off the pipe handler. */
3762 reply_pipe_write(req);
3763 END_PROFILE(SMBwrite);
3767 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
3769 if (!check_fsp(conn, req, fsp)) {
3770 END_PROFILE(SMBwrite);
3774 if (!CHECK_WRITE(fsp)) {
3775 reply_doserror(req, ERRDOS, ERRbadaccess);
3776 END_PROFILE(SMBwrite);
3780 numtowrite = SVAL(req->inbuf,smb_vwv1);
3781 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
3782 data = smb_buf(req->inbuf) + 3;
3784 if (is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite,
3785 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3786 reply_doserror(req, ERRDOS, ERRlock);
3787 END_PROFILE(SMBwrite);
3792 * X/Open SMB protocol says that if smb_vwv1 is
3793 * zero then the file size should be extended or
3794 * truncated to the size given in smb_vwv[2-3].
3797 if(numtowrite == 0) {
3799 * This is actually an allocate call, and set EOF. JRA.
3801 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3803 reply_nterror(req, NT_STATUS_DISK_FULL);
3804 END_PROFILE(SMBwrite);
3807 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3809 reply_nterror(req, NT_STATUS_DISK_FULL);
3810 END_PROFILE(SMBwrite);
3813 trigger_write_time_update_immediate(fsp);
3815 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3818 status = sync_file(conn, fsp, False);
3819 if (!NT_STATUS_IS_OK(status)) {
3820 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3821 fsp->fsp_name, nt_errstr(status) ));
3822 reply_nterror(req, status);
3823 END_PROFILE(SMBwrite);
3827 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3828 reply_unixerror(req, ERRHRD, ERRdiskfull);
3829 END_PROFILE(SMBwrite);
3833 reply_outbuf(req, 1, 0);
3835 SSVAL(req->outbuf,smb_vwv0,nwritten);
3837 if (nwritten < (ssize_t)numtowrite) {
3838 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3839 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3842 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3844 END_PROFILE(SMBwrite);
3848 /****************************************************************************
3849 Ensure a buffer is a valid writeX for recvfile purposes.
3850 ****************************************************************************/
3852 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3853 (2*14) + /* word count (including bcc) */ \
3856 bool is_valid_writeX_buffer(const uint8_t *inbuf)
3859 connection_struct *conn = NULL;
3860 unsigned int doff = 0;
3861 size_t len = smb_len_large(inbuf);
3863 if (is_encrypted_packet(inbuf)) {
3864 /* Can't do this on encrypted
3869 if (CVAL(inbuf,smb_com) != SMBwriteX) {
3873 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
3874 CVAL(inbuf,smb_wct) != 14) {
3875 DEBUG(10,("is_valid_writeX_buffer: chained or "
3876 "invalid word length.\n"));
3880 conn = conn_find(SVAL(inbuf, smb_tid));
3882 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
3886 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
3889 doff = SVAL(inbuf,smb_vwv11);
3891 numtowrite = SVAL(inbuf,smb_vwv10);
3893 if (len > doff && len - doff > 0xFFFF) {
3894 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
3897 if (numtowrite == 0) {
3898 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
3902 /* Ensure the sizes match up. */
3903 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
3904 /* no pad byte...old smbclient :-( */
3905 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
3907 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
3911 if (len - doff != numtowrite) {
3912 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
3913 "len = %u, doff = %u, numtowrite = %u\n",
3916 (unsigned int)numtowrite ));
3920 DEBUG(10,("is_valid_writeX_buffer: true "
3921 "len = %u, doff = %u, numtowrite = %u\n",
3924 (unsigned int)numtowrite ));
3929 /****************************************************************************
3930 Reply to a write and X.
3931 ****************************************************************************/
3933 void reply_write_and_X(struct smb_request *req)
3935 connection_struct *conn = req->conn;
3941 unsigned int smb_doff;
3942 unsigned int smblen;
3946 START_PROFILE(SMBwriteX);
3948 if ((req->wct != 12) && (req->wct != 14)) {
3949 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3950 END_PROFILE(SMBwriteX);
3954 numtowrite = SVAL(req->inbuf,smb_vwv10);
3955 smb_doff = SVAL(req->inbuf,smb_vwv11);
3956 smblen = smb_len(req->inbuf);
3958 if (req->unread_bytes > 0xFFFF ||
3959 (smblen > smb_doff &&
3960 smblen - smb_doff > 0xFFFF)) {
3961 numtowrite |= (((size_t)SVAL(req->inbuf,smb_vwv9))<<16);
3964 if (req->unread_bytes) {
3965 /* Can't do a recvfile write on IPC$ */
3967 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3968 END_PROFILE(SMBwriteX);
3971 if (numtowrite != req->unread_bytes) {
3972 reply_doserror(req, ERRDOS, ERRbadmem);
3973 END_PROFILE(SMBwriteX);
3977 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
3978 smb_doff + numtowrite > smblen) {
3979 reply_doserror(req, ERRDOS, ERRbadmem);
3980 END_PROFILE(SMBwriteX);
3985 /* If it's an IPC, pass off the pipe handler. */
3987 if (req->unread_bytes) {
3988 reply_doserror(req, ERRDOS, ERRbadmem);
3989 END_PROFILE(SMBwriteX);
3992 reply_pipe_write_and_X(req);
3993 END_PROFILE(SMBwriteX);
3997 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
3998 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv3);
3999 write_through = BITSETW(req->inbuf+smb_vwv7,0);
4001 if (!check_fsp(conn, req, fsp)) {
4002 END_PROFILE(SMBwriteX);
4006 if (!CHECK_WRITE(fsp)) {
4007 reply_doserror(req, ERRDOS, ERRbadaccess);
4008 END_PROFILE(SMBwriteX);
4012 data = smb_base(req->inbuf) + smb_doff;
4014 if(req->wct == 14) {
4015 #ifdef LARGE_SMB_OFF_T
4017 * This is a large offset (64 bit) write.
4019 startpos |= (((SMB_OFF_T)IVAL(req->inbuf,smb_vwv12)) << 32);
4021 #else /* !LARGE_SMB_OFF_T */
4024 * Ensure we haven't been sent a >32 bit offset.
4027 if(IVAL(req->inbuf,smb_vwv12) != 0) {
4028 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4029 "used and we don't support 64 bit offsets.\n",
4030 (unsigned int)IVAL(req->inbuf,smb_vwv12) ));
4031 reply_doserror(req, ERRDOS, ERRbadaccess);
4032 END_PROFILE(SMBwriteX);
4036 #endif /* LARGE_SMB_OFF_T */
4039 if (is_locked(fsp,(uint32)req->smbpid,
4040 (SMB_BIG_UINT)numtowrite,
4041 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
4042 reply_doserror(req, ERRDOS, ERRlock);
4043 END_PROFILE(SMBwriteX);
4047 /* X/Open SMB protocol says that, unlike SMBwrite
4048 if the length is zero then NO truncation is
4049 done, just a write of zero. To truncate a file,
4052 if(numtowrite == 0) {
4056 if ((req->unread_bytes == 0) &&
4057 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4059 END_PROFILE(SMBwriteX);
4063 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4066 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4067 reply_unixerror(req, ERRHRD, ERRdiskfull);
4068 END_PROFILE(SMBwriteX);
4072 reply_outbuf(req, 6, 0);
4073 SSVAL(req->outbuf,smb_vwv2,nwritten);
4074 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4076 if (nwritten < (ssize_t)numtowrite) {
4077 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4078 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4081 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4082 fsp->fnum, (int)numtowrite, (int)nwritten));
4084 status = sync_file(conn, fsp, write_through);
4085 if (!NT_STATUS_IS_OK(status)) {
4086 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4087 fsp->fsp_name, nt_errstr(status) ));
4088 reply_nterror(req, status);
4089 END_PROFILE(SMBwriteX);
4093 END_PROFILE(SMBwriteX);
4098 /****************************************************************************
4100 ****************************************************************************/
4102 void reply_lseek(struct smb_request *req)
4104 connection_struct *conn = req->conn;
4110 START_PROFILE(SMBlseek);
4113 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4114 END_PROFILE(SMBlseek);
4118 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4120 if (!check_fsp(conn, req, fsp)) {
4124 flush_write_cache(fsp, SEEK_FLUSH);
4126 mode = SVAL(req->inbuf,smb_vwv1) & 3;
4127 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4128 startpos = (SMB_OFF_T)IVALS(req->inbuf,smb_vwv2);
4137 res = fsp->fh->pos + startpos;
4148 if (umode == SEEK_END) {
4149 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4150 if(errno == EINVAL) {
4151 SMB_OFF_T current_pos = startpos;
4152 SMB_STRUCT_STAT sbuf;
4154 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4155 reply_unixerror(req, ERRDOS,
4157 END_PROFILE(SMBlseek);
4161 current_pos += sbuf.st_size;
4163 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4168 reply_unixerror(req, ERRDOS, ERRnoaccess);
4169 END_PROFILE(SMBlseek);
4176 reply_outbuf(req, 2, 0);
4177 SIVAL(req->outbuf,smb_vwv0,res);
4179 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4180 fsp->fnum, (double)startpos, (double)res, mode));
4182 END_PROFILE(SMBlseek);
4186 /****************************************************************************
4188 ****************************************************************************/
4190 void reply_flush(struct smb_request *req)
4192 connection_struct *conn = req->conn;
4196 START_PROFILE(SMBflush);
4199 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4203 fnum = SVAL(req->inbuf,smb_vwv0);
4204 fsp = file_fsp(fnum);
4206 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4211 file_sync_all(conn);
4213 NTSTATUS status = sync_file(conn, fsp, True);
4214 if (!NT_STATUS_IS_OK(status)) {
4215 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4216 fsp->fsp_name, nt_errstr(status) ));
4217 reply_nterror(req, status);
4218 END_PROFILE(SMBflush);
4223 reply_outbuf(req, 0, 0);
4225 DEBUG(3,("flush\n"));
4226 END_PROFILE(SMBflush);
4230 /****************************************************************************
4232 conn POINTER CAN BE NULL HERE !
4233 ****************************************************************************/
4235 void reply_exit(struct smb_request *req)
4237 START_PROFILE(SMBexit);
4239 file_close_pid(req->smbpid, req->vuid);
4241 reply_outbuf(req, 0, 0);
4243 DEBUG(3,("exit\n"));
4245 END_PROFILE(SMBexit);
4249 /****************************************************************************
4250 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4251 ****************************************************************************/
4253 void reply_close(struct smb_request *req)
4255 connection_struct *conn = req->conn;
4256 NTSTATUS status = NT_STATUS_OK;
4257 files_struct *fsp = NULL;
4258 START_PROFILE(SMBclose);
4261 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4262 END_PROFILE(SMBclose);
4266 /* If it's an IPC, pass off to the pipe handler. */
4268 reply_pipe_close(conn, req);
4269 END_PROFILE(SMBclose);
4273 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4276 * We can only use CHECK_FSP if we know it's not a directory.
4279 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4280 reply_doserror(req, ERRDOS, ERRbadfid);
4281 END_PROFILE(SMBclose);
4285 if(fsp->is_directory) {
4287 * Special case - close NT SMB directory handle.
4289 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4290 status = close_file(fsp,NORMAL_CLOSE);
4294 * Close ordinary file.
4297 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4298 fsp->fh->fd, fsp->fnum,
4299 conn->num_files_open));
4302 * Take care of any time sent in the close.
4305 t = srv_make_unix_date3(req->inbuf+smb_vwv1);
4306 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4309 * close_file() returns the unix errno if an error
4310 * was detected on close - normally this is due to
4311 * a disk full error. If not then it was probably an I/O error.
4314 status = close_file(fsp,NORMAL_CLOSE);
4317 if (!NT_STATUS_IS_OK(status)) {
4318 reply_nterror(req, status);
4319 END_PROFILE(SMBclose);
4323 reply_outbuf(req, 0, 0);
4324 END_PROFILE(SMBclose);
4328 /****************************************************************************
4329 Reply to a writeclose (Core+ protocol).
4330 ****************************************************************************/
4332 void reply_writeclose(struct smb_request *req)
4334 connection_struct *conn = req->conn;
4336 ssize_t nwritten = -1;
4337 NTSTATUS close_status = NT_STATUS_OK;
4340 struct timespec mtime;
4343 START_PROFILE(SMBwriteclose);
4346 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4347 END_PROFILE(SMBwriteclose);
4351 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4353 if (!check_fsp(conn, req, fsp)) {
4354 END_PROFILE(SMBwriteclose);
4357 if (!CHECK_WRITE(fsp)) {
4358 reply_doserror(req, ERRDOS,ERRbadaccess);
4359 END_PROFILE(SMBwriteclose);
4363 numtowrite = SVAL(req->inbuf,smb_vwv1);
4364 startpos = IVAL_TO_SMB_OFF_T(req->inbuf,smb_vwv2);
4365 mtime = convert_time_t_to_timespec(srv_make_unix_date3(
4366 req->inbuf+smb_vwv4));
4367 data = smb_buf(req->inbuf) + 1;
4370 && is_locked(fsp, (uint32)req->smbpid, (SMB_BIG_UINT)numtowrite,
4371 (SMB_BIG_UINT)startpos, WRITE_LOCK)) {
4372 reply_doserror(req, ERRDOS,ERRlock);
4373 END_PROFILE(SMBwriteclose);
4377 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4379 set_close_write_time(fsp, mtime);
4382 * More insanity. W2K only closes the file if writelen > 0.
4387 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4389 close_status = close_file(fsp,NORMAL_CLOSE);
4392 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4393 fsp->fnum, (int)numtowrite, (int)nwritten,
4394 conn->num_files_open));
4396 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4397 reply_doserror(req, ERRHRD, ERRdiskfull);
4398 END_PROFILE(SMBwriteclose);
4402 if(!NT_STATUS_IS_OK(close_status)) {
4403 reply_nterror(req, close_status);
4404 END_PROFILE(SMBwriteclose);
4408 reply_outbuf(req, 1, 0);
4410 SSVAL(req->outbuf,smb_vwv0,nwritten);
4411 END_PROFILE(SMBwriteclose);
4416 #define DBGC_CLASS DBGC_LOCKING
4418 /****************************************************************************
4420 ****************************************************************************/
4422 void reply_lock(struct smb_request *req)
4424 connection_struct *conn = req->conn;
4425 SMB_BIG_UINT count,offset;
4428 struct byte_range_lock *br_lck = NULL;
4430 START_PROFILE(SMBlock);
4433 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4434 END_PROFILE(SMBlock);
4438 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4440 if (!check_fsp(conn, req, fsp)) {
4441 END_PROFILE(SMBlock);
4445 release_level_2_oplocks_on_change(fsp);
4447 count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1);
4448 offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3);
4450 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4451 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4453 br_lck = do_lock(smbd_messaging_context(),
4460 False, /* Non-blocking lock. */
4464 TALLOC_FREE(br_lck);
4466 if (NT_STATUS_V(status)) {
4467 reply_nterror(req, status);
4468 END_PROFILE(SMBlock);
4472 reply_outbuf(req, 0, 0);
4474 END_PROFILE(SMBlock);
4478 /****************************************************************************
4480 ****************************************************************************/
4482 void reply_unlock(struct smb_request *req)
4484 connection_struct *conn = req->conn;
4485 SMB_BIG_UINT count,offset;
4489 START_PROFILE(SMBunlock);
4492 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4493 END_PROFILE(SMBunlock);
4497 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4499 if (!check_fsp(conn, req, fsp)) {
4500 END_PROFILE(SMBunlock);
4504 count = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv1);
4505 offset = (SMB_BIG_UINT)IVAL(req->inbuf,smb_vwv3);
4507 status = do_unlock(smbd_messaging_context(),
4514 if (NT_STATUS_V(status)) {
4515 reply_nterror(req, status);
4516 END_PROFILE(SMBunlock);
4520 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4521 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4523 reply_outbuf(req, 0, 0);
4525 END_PROFILE(SMBunlock);
4530 #define DBGC_CLASS DBGC_ALL
4532 /****************************************************************************
4534 conn POINTER CAN BE NULL HERE !
4535 ****************************************************************************/
4537 void reply_tdis(struct smb_request *req)
4539 connection_struct *conn = req->conn;
4540 START_PROFILE(SMBtdis);
4543 DEBUG(4,("Invalid connection in tdis\n"));
4544 reply_doserror(req, ERRSRV, ERRinvnid);
4545 END_PROFILE(SMBtdis);
4551 close_cnum(conn,req->vuid);
4554 reply_outbuf(req, 0, 0);
4555 END_PROFILE(SMBtdis);
4559 /****************************************************************************
4561 conn POINTER CAN BE NULL HERE !
4562 ****************************************************************************/
4564 void reply_echo(struct smb_request *req)
4566 connection_struct *conn = req->conn;
4569 unsigned int data_len = smb_buflen(req->inbuf);
4571 START_PROFILE(SMBecho);
4574 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4575 END_PROFILE(SMBecho);
4579 if (data_len > BUFFER_SIZE) {
4580 DEBUG(0,("reply_echo: data_len too large.\n"));
4581 reply_nterror(req, NT_STATUS_INSUFFICIENT_RESOURCES);
4582 END_PROFILE(SMBecho);
4586 smb_reverb = SVAL(req->inbuf,smb_vwv0);
4588 reply_outbuf(req, 1, data_len);
4590 /* copy any incoming data back out */
4592 memcpy(smb_buf(req->outbuf),smb_buf(req->inbuf),data_len);
4595 if (smb_reverb > 100) {
4596 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4600 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
4601 SSVAL(req->outbuf,smb_vwv0,seq_num);
4603 show_msg((char *)req->outbuf);
4604 if (!srv_send_smb(smbd_server_fd(),
4605 (char *)req->outbuf,
4606 IS_CONN_ENCRYPTED(conn)||req->encrypted))
4607 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4610 DEBUG(3,("echo %d times\n", smb_reverb));
4612 TALLOC_FREE(req->outbuf);
4616 END_PROFILE(SMBecho);
4620 /****************************************************************************
4621 Reply to a printopen.
4622 ****************************************************************************/
4624 void reply_printopen(struct smb_request *req)
4626 connection_struct *conn = req->conn;
4630 START_PROFILE(SMBsplopen);
4633 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4634 END_PROFILE(SMBsplopen);
4638 if (!CAN_PRINT(conn)) {
4639 reply_doserror(req, ERRDOS, ERRnoaccess);
4640 END_PROFILE(SMBsplopen);
4644 /* Open for exclusive use, write only. */
4645 status = print_fsp_open(conn, NULL, req->vuid, &fsp);
4647 if (!NT_STATUS_IS_OK(status)) {
4648 reply_nterror(req, status);
4649 END_PROFILE(SMBsplopen);
4653 reply_outbuf(req, 1, 0);
4654 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4656 DEBUG(3,("openprint fd=%d fnum=%d\n",
4657 fsp->fh->fd, fsp->fnum));
4659 END_PROFILE(SMBsplopen);
4663 /****************************************************************************
4664 Reply to a printclose.
4665 ****************************************************************************/
4667 void reply_printclose(struct smb_request *req)
4669 connection_struct *conn = req->conn;
4673 START_PROFILE(SMBsplclose);
4676 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4677 END_PROFILE(SMBsplclose);
4681 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4683 if (!check_fsp(conn, req, fsp)) {
4684 END_PROFILE(SMBsplclose);
4688 if (!CAN_PRINT(conn)) {
4689 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
4690 END_PROFILE(SMBsplclose);
4694 DEBUG(3,("printclose fd=%d fnum=%d\n",
4695 fsp->fh->fd,fsp->fnum));
4697 status = close_file(fsp,NORMAL_CLOSE);
4699 if(!NT_STATUS_IS_OK(status)) {
4700 reply_nterror(req, status);
4701 END_PROFILE(SMBsplclose);
4705 reply_outbuf(req, 0, 0);
4707 END_PROFILE(SMBsplclose);
4711 /****************************************************************************
4712 Reply to a printqueue.
4713 ****************************************************************************/
4715 void reply_printqueue(struct smb_request *req)
4717 connection_struct *conn = req->conn;
4721 START_PROFILE(SMBsplretq);
4724 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4725 END_PROFILE(SMBsplretq);
4729 max_count = SVAL(req->inbuf,smb_vwv0);
4730 start_index = SVAL(req->inbuf,smb_vwv1);
4732 /* we used to allow the client to get the cnum wrong, but that
4733 is really quite gross and only worked when there was only
4734 one printer - I think we should now only accept it if they
4735 get it right (tridge) */
4736 if (!CAN_PRINT(conn)) {
4737 reply_doserror(req, ERRDOS, ERRnoaccess);
4738 END_PROFILE(SMBsplretq);
4742 reply_outbuf(req, 2, 3);
4743 SSVAL(req->outbuf,smb_vwv0,0);
4744 SSVAL(req->outbuf,smb_vwv1,0);
4745 SCVAL(smb_buf(req->outbuf),0,1);
4746 SSVAL(smb_buf(req->outbuf),1,0);
4748 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4749 start_index, max_count));
4752 print_queue_struct *queue = NULL;
4753 print_status_struct status;
4754 int count = print_queue_status(SNUM(conn), &queue, &status);
4755 int num_to_get = ABS(max_count);
4756 int first = (max_count>0?start_index:start_index+max_count+1);
4762 num_to_get = MIN(num_to_get,count-first);
4765 for (i=first;i<first+num_to_get;i++) {
4769 srv_put_dos_date2(p,0,queue[i].time);
4770 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4771 SSVAL(p,5, queue[i].job);
4772 SIVAL(p,7,queue[i].size);
4774 srvstr_push(blob, req->flags2, p+12,
4775 queue[i].fs_user, 16, STR_ASCII);
4777 if (message_push_blob(
4780 blob, sizeof(blob))) == -1) {
4781 reply_nterror(req, NT_STATUS_NO_MEMORY);
4782 END_PROFILE(SMBsplretq);
4788 SSVAL(req->outbuf,smb_vwv0,count);
4789 SSVAL(req->outbuf,smb_vwv1,
4790 (max_count>0?first+count:first-1));
4791 SCVAL(smb_buf(req->outbuf),0,1);
4792 SSVAL(smb_buf(req->outbuf),1,28*count);
4797 DEBUG(3,("%d entries returned in queue\n",count));
4800 END_PROFILE(SMBsplretq);
4804 /****************************************************************************
4805 Reply to a printwrite.
4806 ****************************************************************************/
4808 void reply_printwrite(struct smb_request *req)
4810 connection_struct *conn = req->conn;
4815 START_PROFILE(SMBsplwr);
4818 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4819 END_PROFILE(SMBsplwr);
4823 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
4825 if (!check_fsp(conn, req, fsp)) {
4826 END_PROFILE(SMBsplwr);
4830 if (!CAN_PRINT(conn)) {
4831 reply_doserror(req, ERRDOS, ERRnoaccess);
4832 END_PROFILE(SMBsplwr);
4836 if (!CHECK_WRITE(fsp)) {
4837 reply_doserror(req, ERRDOS, ERRbadaccess);
4838 END_PROFILE(SMBsplwr);
4842 numtowrite = SVAL(smb_buf(req->inbuf),1);
4844 if (smb_buflen(req->inbuf) < numtowrite + 3) {
4845 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4846 END_PROFILE(SMBsplwr);
4850 data = smb_buf(req->inbuf) + 3;
4852 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
4853 reply_unixerror(req, ERRHRD, ERRdiskfull);
4854 END_PROFILE(SMBsplwr);
4858 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4860 END_PROFILE(SMBsplwr);
4864 /****************************************************************************
4866 ****************************************************************************/
4868 void reply_mkdir(struct smb_request *req)
4870 connection_struct *conn = req->conn;
4871 char *directory = NULL;
4873 SMB_STRUCT_STAT sbuf;
4874 TALLOC_CTX *ctx = talloc_tos();
4876 START_PROFILE(SMBmkdir);
4878 srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &directory,
4879 smb_buf(req->inbuf) + 1, 0,
4880 STR_TERMINATE, &status);
4881 if (!NT_STATUS_IS_OK(status)) {
4882 reply_nterror(req, status);
4883 END_PROFILE(SMBmkdir);
4887 status = resolve_dfspath(ctx, conn,
4888 req->flags2 & FLAGS2_DFS_PATHNAMES,
4891 if (!NT_STATUS_IS_OK(status)) {
4892 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4893 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4894 ERRSRV, ERRbadpath);
4895 END_PROFILE(SMBmkdir);
4898 reply_nterror(req, status);
4899 END_PROFILE(SMBmkdir);
4903 status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
4904 if (!NT_STATUS_IS_OK(status)) {
4905 reply_nterror(req, status);
4906 END_PROFILE(SMBmkdir);
4910 status = check_name(conn, directory);
4911 if (!NT_STATUS_IS_OK(status)) {
4912 reply_nterror(req, status);
4913 END_PROFILE(SMBmkdir);
4917 status = create_directory(conn, req, directory);
4919 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4921 if (!NT_STATUS_IS_OK(status)) {
4923 if (!use_nt_status()
4924 && NT_STATUS_EQUAL(status,
4925 NT_STATUS_OBJECT_NAME_COLLISION)) {
4927 * Yes, in the DOS error code case we get a
4928 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4929 * samba4 torture test.
4931 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4934 reply_nterror(req, status);
4935 END_PROFILE(SMBmkdir);
4939 reply_outbuf(req, 0, 0);
4941 DEBUG( 3, ( "mkdir %s\n", directory ) );
4943 END_PROFILE(SMBmkdir);
4947 /****************************************************************************
4948 Static function used by reply_rmdir to delete an entire directory
4949 tree recursively. Return True on ok, False on fail.
4950 ****************************************************************************/
4952 static bool recursive_rmdir(TALLOC_CTX *ctx,
4953 connection_struct *conn,
4956 const char *dname = NULL;
4959 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
4965 while((dname = ReadDirName(dir_hnd, &offset))) {
4966 char *fullname = NULL;
4969 if (ISDOT(dname) || ISDOTDOT(dname)) {
4973 if (!is_visible_file(conn, directory, dname, &st, False)) {
4977 /* Construct the full name. */
4978 fullname = talloc_asprintf(ctx,
4988 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4993 if(st.st_mode & S_IFDIR) {
4994 if(!recursive_rmdir(ctx, conn, fullname)) {
4998 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5002 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5006 TALLOC_FREE(fullname);
5008 TALLOC_FREE(dir_hnd);
5012 /****************************************************************************
5013 The internals of the rmdir code - called elsewhere.
5014 ****************************************************************************/
5016 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5017 connection_struct *conn,
5018 const char *directory)
5023 /* Might be a symlink. */
5024 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
5025 return map_nt_error_from_unix(errno);
5028 if (S_ISLNK(st.st_mode)) {
5029 /* Is what it points to a directory ? */
5030 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5031 return map_nt_error_from_unix(errno);
5033 if (!(S_ISDIR(st.st_mode))) {
5034 return NT_STATUS_NOT_A_DIRECTORY;
5036 ret = SMB_VFS_UNLINK(conn,directory);
5038 ret = SMB_VFS_RMDIR(conn,directory);
5041 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5042 FILE_NOTIFY_CHANGE_DIR_NAME,
5044 return NT_STATUS_OK;
5047 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5049 * Check to see if the only thing in this directory are
5050 * vetoed files/directories. If so then delete them and
5051 * retry. If we fail to delete any of them (and we *don't*
5052 * do a recursive delete) then fail the rmdir.
5056 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5057 directory, NULL, 0);
5059 if(dir_hnd == NULL) {
5064 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
5065 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5067 if (!is_visible_file(conn, directory, dname, &st, False))
5069 if(!IS_VETO_PATH(conn, dname)) {
5070 TALLOC_FREE(dir_hnd);
5076 /* We only have veto files/directories. Recursive delete. */
5078 RewindDir(dir_hnd,&dirpos);
5079 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
5080 char *fullname = NULL;
5082 if (ISDOT(dname) || ISDOTDOT(dname)) {
5085 if (!is_visible_file(conn, directory, dname, &st, False)) {
5089 fullname = talloc_asprintf(ctx,
5099 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5102 if(st.st_mode & S_IFDIR) {
5103 if(lp_recursive_veto_delete(SNUM(conn))) {
5104 if(!recursive_rmdir(ctx, conn, fullname))
5107 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5110 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5113 TALLOC_FREE(fullname);
5115 TALLOC_FREE(dir_hnd);
5116 /* Retry the rmdir */
5117 ret = SMB_VFS_RMDIR(conn,directory);
5123 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5124 "%s\n", directory,strerror(errno)));
5125 return map_nt_error_from_unix(errno);
5128 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5129 FILE_NOTIFY_CHANGE_DIR_NAME,
5132 return NT_STATUS_OK;
5135 /****************************************************************************
5137 ****************************************************************************/
5139 void reply_rmdir(struct smb_request *req)
5141 connection_struct *conn = req->conn;
5142 char *directory = NULL;
5143 SMB_STRUCT_STAT sbuf;
5145 TALLOC_CTX *ctx = talloc_tos();
5147 START_PROFILE(SMBrmdir);
5149 srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &directory,
5150 smb_buf(req->inbuf) + 1, 0,
5151 STR_TERMINATE, &status);
5152 if (!NT_STATUS_IS_OK(status)) {
5153 reply_nterror(req, status);
5154 END_PROFILE(SMBrmdir);
5158 status = resolve_dfspath(ctx, conn,
5159 req->flags2 & FLAGS2_DFS_PATHNAMES,
5162 if (!NT_STATUS_IS_OK(status)) {
5163 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5164 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5165 ERRSRV, ERRbadpath);
5166 END_PROFILE(SMBrmdir);
5169 reply_nterror(req, status);
5170 END_PROFILE(SMBrmdir);
5174 status = unix_convert(ctx, conn, directory, False, &directory,
5176 if (!NT_STATUS_IS_OK(status)) {
5177 reply_nterror(req, status);
5178 END_PROFILE(SMBrmdir);
5182 status = check_name(conn, directory);
5183 if (!NT_STATUS_IS_OK(status)) {
5184 reply_nterror(req, status);
5185 END_PROFILE(SMBrmdir);
5189 dptr_closepath(directory, req->smbpid);
5190 status = rmdir_internals(ctx, conn, directory);
5191 if (!NT_STATUS_IS_OK(status)) {
5192 reply_nterror(req, status);
5193 END_PROFILE(SMBrmdir);
5197 reply_outbuf(req, 0, 0);
5199 DEBUG( 3, ( "rmdir %s\n", directory ) );
5201 END_PROFILE(SMBrmdir);
5205 /*******************************************************************
5206 Resolve wildcards in a filename rename.
5207 ********************************************************************/
5209 static bool resolve_wildcards(TALLOC_CTX *ctx,
5214 char *name2_copy = NULL;
5219 char *p,*p2, *pname1, *pname2;
5221 name2_copy = talloc_strdup(ctx, name2);
5226 pname1 = strrchr_m(name1,'/');
5227 pname2 = strrchr_m(name2_copy,'/');
5229 if (!pname1 || !pname2) {
5233 /* Truncate the copy of name2 at the last '/' */
5236 /* Now go past the '/' */
5240 root1 = talloc_strdup(ctx, pname1);
5241 root2 = talloc_strdup(ctx, pname2);
5243 if (!root1 || !root2) {
5247 p = strrchr_m(root1,'.');
5250 ext1 = talloc_strdup(ctx, p+1);
5252 ext1 = talloc_strdup(ctx, "");
5254 p = strrchr_m(root2,'.');
5257 ext2 = talloc_strdup(ctx, p+1);
5259 ext2 = talloc_strdup(ctx, "");
5262 if (!ext1 || !ext2) {
5270 /* Hmmm. Should this be mb-aware ? */
5273 } else if (*p2 == '*') {
5275 root2 = talloc_asprintf(ctx, "%s%s",
5294 /* Hmmm. Should this be mb-aware ? */
5297 } else if (*p2 == '*') {
5299 ext2 = talloc_asprintf(ctx, "%s%s",
5315 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5320 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5332 /****************************************************************************
5333 Ensure open files have their names updated. Updated to notify other smbd's
5335 ****************************************************************************/
5337 static void rename_open_files(connection_struct *conn,
5338 struct share_mode_lock *lck,
5339 const char *newname)
5342 bool did_rename = False;
5344 for(fsp = file_find_di_first(lck->id); fsp;
5345 fsp = file_find_di_next(fsp)) {
5346 /* fsp_name is a relative path under the fsp. To change this for other
5347 sharepaths we need to manipulate relative paths. */
5348 /* TODO - create the absolute path and manipulate the newname
5349 relative to the sharepath. */
5350 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5353 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5354 fsp->fnum, file_id_string_tos(&fsp->file_id),
5355 fsp->fsp_name, newname ));
5356 string_set(&fsp->fsp_name, newname);
5361 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5362 file_id_string_tos(&lck->id), newname ));
5365 /* Send messages to all smbd's (not ourself) that the name has changed. */
5366 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5370 /****************************************************************************
5371 We need to check if the source path is a parent directory of the destination
5372 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5373 refuse the rename with a sharing violation. Under UNIX the above call can
5374 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5375 probably need to check that the client is a Windows one before disallowing
5376 this as a UNIX client (one with UNIX extensions) can know the source is a
5377 symlink and make this decision intelligently. Found by an excellent bug
5378 report from <AndyLiebman@aol.com>.
5379 ****************************************************************************/
5381 static bool rename_path_prefix_equal(const char *src, const char *dest)
5383 const char *psrc = src;
5384 const char *pdst = dest;
5387 if (psrc[0] == '.' && psrc[1] == '/') {
5390 if (pdst[0] == '.' && pdst[1] == '/') {
5393 if ((slen = strlen(psrc)) > strlen(pdst)) {
5396 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5400 * Do the notify calls from a rename
5403 static void notify_rename(connection_struct *conn, bool is_dir,
5404 const char *oldpath, const char *newpath)
5406 char *olddir, *newdir;
5407 const char *oldname, *newname;
5410 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5411 : FILE_NOTIFY_CHANGE_FILE_NAME;
5413 if (!parent_dirname_talloc(NULL, oldpath, &olddir, &oldname)
5414 || !parent_dirname_talloc(NULL, newpath, &newdir, &newname)) {
5415 TALLOC_FREE(olddir);
5419 if (strcmp(olddir, newdir) == 0) {
5420 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5421 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5424 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5425 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5427 TALLOC_FREE(olddir);
5428 TALLOC_FREE(newdir);
5430 /* this is a strange one. w2k3 gives an additional event for
5431 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5432 files, but not directories */
5434 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5435 FILE_NOTIFY_CHANGE_ATTRIBUTES
5436 |FILE_NOTIFY_CHANGE_CREATION,
5441 /****************************************************************************
5442 Rename an open file - given an fsp.
5443 ****************************************************************************/
5445 NTSTATUS rename_internals_fsp(connection_struct *conn,
5448 const char *newname_last_component,
5450 bool replace_if_exists)
5452 TALLOC_CTX *ctx = talloc_tos();
5453 SMB_STRUCT_STAT sbuf, sbuf1;
5454 NTSTATUS status = NT_STATUS_OK;
5455 struct share_mode_lock *lck = NULL;
5460 status = check_name(conn, newname);
5461 if (!NT_STATUS_IS_OK(status)) {
5465 /* Ensure newname contains a '/' */
5466 if(strrchr_m(newname,'/') == 0) {
5467 newname = talloc_asprintf(ctx,
5471 return NT_STATUS_NO_MEMORY;
5476 * Check for special case with case preserving and not
5477 * case sensitive. If the old last component differs from the original
5478 * last component only by case, then we should allow
5479 * the rename (user is trying to change the case of the
5483 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5484 strequal(newname, fsp->fsp_name)) {
5486 char *newname_modified_last_component = NULL;
5489 * Get the last component of the modified name.
5490 * Note that we guarantee that newname contains a '/'
5493 p = strrchr_m(newname,'/');
5494 newname_modified_last_component = talloc_strdup(ctx,
5496 if (!newname_modified_last_component) {
5497 return NT_STATUS_NO_MEMORY;
5500 if(strcsequal(newname_modified_last_component,
5501 newname_last_component) == False) {
5503 * Replace the modified last component with
5506 *p = '\0'; /* Truncate at the '/' */
5507 newname = talloc_asprintf(ctx,
5510 newname_last_component);
5515 * If the src and dest names are identical - including case,
5516 * don't do the rename, just return success.
5519 if (strcsequal(fsp->fsp_name, newname)) {
5520 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5522 return NT_STATUS_OK;
5526 * Have vfs_object_exist also fill sbuf1
5528 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5530 if(!replace_if_exists && dst_exists) {
5531 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5532 fsp->fsp_name,newname));
5533 return NT_STATUS_OBJECT_NAME_COLLISION;
5537 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5538 files_struct *dst_fsp = file_find_di_first(fileid);
5540 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5541 return NT_STATUS_ACCESS_DENIED;
5545 /* Ensure we have a valid stat struct for the source. */
5546 if (fsp->fh->fd != -1) {
5547 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5548 return map_nt_error_from_unix(errno);
5551 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
5552 return map_nt_error_from_unix(errno);
5556 status = can_rename(conn, fsp, attrs, &sbuf);
5558 if (!NT_STATUS_IS_OK(status)) {
5559 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5560 nt_errstr(status), fsp->fsp_name,newname));
5561 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5562 status = NT_STATUS_ACCESS_DENIED;
5566 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5567 return NT_STATUS_ACCESS_DENIED;
5570 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5574 * We have the file open ourselves, so not being able to get the
5575 * corresponding share mode lock is a fatal error.
5578 SMB_ASSERT(lck != NULL);
5580 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5581 uint32 create_options = fsp->fh->private_options;
5583 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5584 fsp->fsp_name,newname));
5586 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5588 rename_open_files(conn, lck, newname);
5591 * A rename acts as a new file create w.r.t. allowing an initial delete
5592 * on close, probably because in Windows there is a new handle to the
5593 * new file. If initial delete on close was requested but not
5594 * originally set, we need to set it here. This is probably not 100% correct,
5595 * but will work for the CIFSFS client which in non-posix mode
5596 * depends on these semantics. JRA.
5599 set_allow_initial_delete_on_close(lck, fsp, True);
5601 if (create_options & FILE_DELETE_ON_CLOSE) {
5602 status = can_set_delete_on_close(fsp, True, 0);
5604 if (NT_STATUS_IS_OK(status)) {
5605 /* Note that here we set the *inital* delete on close flag,
5606 * not the regular one. The magic gets handled in close. */
5607 fsp->initial_delete_on_close = True;
5611 return NT_STATUS_OK;
5616 if (errno == ENOTDIR || errno == EISDIR) {
5617 status = NT_STATUS_OBJECT_NAME_COLLISION;
5619 status = map_nt_error_from_unix(errno);
5622 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5623 nt_errstr(status), fsp->fsp_name,newname));
5628 /****************************************************************************
5629 The guts of the rename command, split out so it may be called by the NT SMB
5631 ****************************************************************************/
5633 NTSTATUS rename_internals(TALLOC_CTX *ctx,
5634 connection_struct *conn,
5635 struct smb_request *req,
5636 const char *name_in,
5637 const char *newname_in,
5639 bool replace_if_exists,
5642 uint32_t access_mask)
5644 char *directory = NULL;
5646 char *last_component_src = NULL;
5647 char *last_component_dest = NULL;
5649 char *newname = NULL;
5652 NTSTATUS status = NT_STATUS_OK;
5653 SMB_STRUCT_STAT sbuf1, sbuf2;
5654 struct smb_Dir *dir_hnd = NULL;
5661 status = unix_convert(ctx, conn, name_in, src_has_wild, &name,
5662 &last_component_src, &sbuf1);
5663 if (!NT_STATUS_IS_OK(status)) {
5667 status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname,
5668 &last_component_dest, &sbuf2);
5669 if (!NT_STATUS_IS_OK(status)) {
5674 * Split the old name into directory and last component
5675 * strings. Note that unix_convert may have stripped off a
5676 * leading ./ from both name and newname if the rename is
5677 * at the root of the share. We need to make sure either both
5678 * name and newname contain a / character or neither of them do
5679 * as this is checked in resolve_wildcards().
5682 p = strrchr_m(name,'/');
5684 directory = talloc_strdup(ctx, ".");
5686 return NT_STATUS_NO_MEMORY;
5691 directory = talloc_strdup(ctx, name);
5693 return NT_STATUS_NO_MEMORY;
5696 *p = '/'; /* Replace needed for exceptional test below. */
5700 * We should only check the mangled cache
5701 * here if unix_convert failed. This means
5702 * that the path in 'mask' doesn't exist
5703 * on the file system and so we need to look
5704 * for a possible mangle. This patch from
5705 * Tine Smukavec <valentin.smukavec@hermes.si>.
5708 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5709 char *new_mask = NULL;
5710 mangle_lookup_name_from_8_3(ctx,
5719 if (!src_has_wild) {
5723 * No wildcards - just process the one file.
5725 bool is_short_name = mangle_is_8_3(name, True, conn->params);
5727 /* Add a terminating '/' to the directory name. */
5728 directory = talloc_asprintf_append(directory,
5732 return NT_STATUS_NO_MEMORY;
5735 /* Ensure newname contains a '/' also */
5736 if(strrchr_m(newname,'/') == 0) {
5737 newname = talloc_asprintf(ctx,
5741 return NT_STATUS_NO_MEMORY;
5745 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5746 "case_preserve = %d, short case preserve = %d, "
5747 "directory = %s, newname = %s, "
5748 "last_component_dest = %s, is_8_3 = %d\n",
5749 conn->case_sensitive, conn->case_preserve,
5750 conn->short_case_preserve, directory,
5751 newname, last_component_dest, is_short_name));
5753 /* The dest name still may have wildcards. */
5754 if (dest_has_wild) {
5755 char *mod_newname = NULL;
5756 if (!resolve_wildcards(ctx,
5757 directory,newname,&mod_newname)) {
5758 DEBUG(6, ("rename_internals: resolve_wildcards "
5762 return NT_STATUS_NO_MEMORY;
5764 newname = mod_newname;
5768 SMB_VFS_STAT(conn, directory, &sbuf1);
5770 status = S_ISDIR(sbuf1.st_mode) ?
5771 open_directory(conn, req, directory, &sbuf1,
5773 FILE_SHARE_READ|FILE_SHARE_WRITE,
5774 FILE_OPEN, 0, 0, NULL,
5776 : open_file_ntcreate(conn, req, directory, &sbuf1,
5778 FILE_SHARE_READ|FILE_SHARE_WRITE,
5779 FILE_OPEN, 0, 0, 0, NULL,
5782 if (!NT_STATUS_IS_OK(status)) {
5783 DEBUG(3, ("Could not open rename source %s: %s\n",
5784 directory, nt_errstr(status)));
5788 status = rename_internals_fsp(conn, fsp, newname,
5789 last_component_dest,
5790 attrs, replace_if_exists);
5792 close_file(fsp, NORMAL_CLOSE);
5794 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5795 nt_errstr(status), directory,newname));
5801 * Wildcards - process each file that matches.
5803 if (strequal(mask,"????????.???")) {
5808 status = check_name(conn, directory);
5809 if (!NT_STATUS_IS_OK(status)) {
5813 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs);
5814 if (dir_hnd == NULL) {
5815 return map_nt_error_from_unix(errno);
5818 status = NT_STATUS_NO_SUCH_FILE;
5820 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5821 * - gentest fix. JRA
5824 while ((dname = ReadDirName(dir_hnd, &offset))) {
5825 files_struct *fsp = NULL;
5827 char *destname = NULL;
5828 bool sysdir_entry = False;
5830 /* Quick check for "." and ".." */
5831 if (ISDOT(dname) || ISDOTDOT(dname)) {
5833 sysdir_entry = True;
5839 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5843 if(!mask_match(dname, mask, conn->case_sensitive)) {
5848 status = NT_STATUS_OBJECT_NAME_INVALID;
5852 fname = talloc_asprintf(ctx,
5857 return NT_STATUS_NO_MEMORY;
5860 if (!resolve_wildcards(ctx,
5861 fname,newname,&destname)) {
5862 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5868 return NT_STATUS_NO_MEMORY;
5872 SMB_VFS_STAT(conn, fname, &sbuf1);
5874 status = S_ISDIR(sbuf1.st_mode) ?
5875 open_directory(conn, req, fname, &sbuf1,
5877 FILE_SHARE_READ|FILE_SHARE_WRITE,
5878 FILE_OPEN, 0, 0, NULL,
5880 : open_file_ntcreate(conn, req, fname, &sbuf1,
5882 FILE_SHARE_READ|FILE_SHARE_WRITE,
5883 FILE_OPEN, 0, 0, 0, NULL,
5886 if (!NT_STATUS_IS_OK(status)) {
5887 DEBUG(3,("rename_internals: open_file_ntcreate "
5888 "returned %s rename %s -> %s\n",
5889 nt_errstr(status), directory, newname));
5893 status = rename_internals_fsp(conn, fsp, destname, dname,
5894 attrs, replace_if_exists);
5896 close_file(fsp, NORMAL_CLOSE);
5898 if (!NT_STATUS_IS_OK(status)) {
5899 DEBUG(3, ("rename_internals_fsp returned %s for "
5900 "rename %s -> %s\n", nt_errstr(status),
5901 directory, newname));
5907 DEBUG(3,("rename_internals: doing rename on %s -> "
5908 "%s\n",fname,destname));
5911 TALLOC_FREE(destname);
5913 TALLOC_FREE(dir_hnd);
5915 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
5916 status = map_nt_error_from_unix(errno);
5922 /****************************************************************************
5924 ****************************************************************************/
5926 void reply_mv(struct smb_request *req)
5928 connection_struct *conn = req->conn;
5930 char *newname = NULL;
5934 bool src_has_wcard = False;
5935 bool dest_has_wcard = False;
5936 TALLOC_CTX *ctx = talloc_tos();
5938 START_PROFILE(SMBmv);
5941 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5946 attrs = SVAL(req->inbuf,smb_vwv0);
5948 p = smb_buf(req->inbuf) + 1;
5949 p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name, p,
5950 0, STR_TERMINATE, &status,
5952 if (!NT_STATUS_IS_OK(status)) {
5953 reply_nterror(req, status);
5958 p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &newname, p,
5959 0, STR_TERMINATE, &status,
5961 if (!NT_STATUS_IS_OK(status)) {
5962 reply_nterror(req, status);
5967 status = resolve_dfspath_wcard(ctx, conn,
5968 req->flags2 & FLAGS2_DFS_PATHNAMES,
5972 if (!NT_STATUS_IS_OK(status)) {
5973 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5974 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5975 ERRSRV, ERRbadpath);
5979 reply_nterror(req, status);
5984 status = resolve_dfspath_wcard(ctx, conn,
5985 req->flags2 & FLAGS2_DFS_PATHNAMES,
5989 if (!NT_STATUS_IS_OK(status)) {
5990 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5991 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5992 ERRSRV, ERRbadpath);
5996 reply_nterror(req, status);
6001 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6003 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6004 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6005 if (!NT_STATUS_IS_OK(status)) {
6006 if (open_was_deferred(req->mid)) {
6007 /* We have re-scheduled this call. */
6011 reply_nterror(req, status);
6016 reply_outbuf(req, 0, 0);
6022 /*******************************************************************
6023 Copy a file as part of a reply_copy.
6024 ******************************************************************/
6027 * TODO: check error codes on all callers
6030 NTSTATUS copy_file(TALLOC_CTX *ctx,
6031 connection_struct *conn,
6036 bool target_is_directory)
6038 SMB_STRUCT_STAT src_sbuf, sbuf2;
6040 files_struct *fsp1,*fsp2;
6043 uint32 new_create_disposition;
6046 dest = talloc_strdup(ctx, dest1);
6048 return NT_STATUS_NO_MEMORY;
6050 if (target_is_directory) {
6051 const char *p = strrchr_m(src,'/');
6057 dest = talloc_asprintf_append(dest,
6061 return NT_STATUS_NO_MEMORY;
6065 if (!vfs_file_exist(conn,src,&src_sbuf)) {
6067 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
6070 if (!target_is_directory && count) {
6071 new_create_disposition = FILE_OPEN;
6073 if (!map_open_params_to_ntcreate(dest1,0,ofun,
6074 NULL, NULL, &new_create_disposition, NULL)) {
6076 return NT_STATUS_INVALID_PARAMETER;
6080 status = open_file_ntcreate(conn, NULL, src, &src_sbuf,
6082 FILE_SHARE_READ|FILE_SHARE_WRITE,
6085 FILE_ATTRIBUTE_NORMAL,
6089 if (!NT_STATUS_IS_OK(status)) {
6094 dosattrs = dos_mode(conn, src, &src_sbuf);
6095 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
6096 ZERO_STRUCTP(&sbuf2);
6099 status = open_file_ntcreate(conn, NULL, dest, &sbuf2,
6101 FILE_SHARE_READ|FILE_SHARE_WRITE,
6102 new_create_disposition,
6110 if (!NT_STATUS_IS_OK(status)) {
6111 close_file(fsp1,ERROR_CLOSE);
6115 if ((ofun&3) == 1) {
6116 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6117 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6119 * Stop the copy from occurring.
6122 src_sbuf.st_size = 0;
6126 if (src_sbuf.st_size) {
6127 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
6130 close_file(fsp1,NORMAL_CLOSE);
6132 /* Ensure the modtime is set correctly on the destination file. */
6133 set_close_write_time(fsp2, get_mtimespec(&src_sbuf));
6136 * As we are opening fsp1 read-only we only expect
6137 * an error on close on fsp2 if we are out of space.
6138 * Thus we don't look at the error return from the
6141 status = close_file(fsp2,NORMAL_CLOSE);
6143 if (!NT_STATUS_IS_OK(status)) {
6147 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
6148 return NT_STATUS_DISK_FULL;
6151 return NT_STATUS_OK;
6154 /****************************************************************************
6155 Reply to a file copy.
6156 ****************************************************************************/
6158 void reply_copy(struct smb_request *req)
6160 connection_struct *conn = req->conn;
6162 char *newname = NULL;
6163 char *directory = NULL;
6167 int error = ERRnoaccess;
6172 bool target_is_directory=False;
6173 bool source_has_wild = False;
6174 bool dest_has_wild = False;
6175 SMB_STRUCT_STAT sbuf1, sbuf2;
6177 TALLOC_CTX *ctx = talloc_tos();
6179 START_PROFILE(SMBcopy);
6182 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6183 END_PROFILE(SMBcopy);
6187 tid2 = SVAL(req->inbuf,smb_vwv0);
6188 ofun = SVAL(req->inbuf,smb_vwv1);
6189 flags = SVAL(req->inbuf,smb_vwv2);
6191 p = smb_buf(req->inbuf);
6192 p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &name, p,
6193 0, STR_TERMINATE, &status,
6195 if (!NT_STATUS_IS_OK(status)) {
6196 reply_nterror(req, status);
6197 END_PROFILE(SMBcopy);
6200 p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &newname, p,
6201 0, STR_TERMINATE, &status,
6203 if (!NT_STATUS_IS_OK(status)) {
6204 reply_nterror(req, status);
6205 END_PROFILE(SMBcopy);
6209 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
6211 if (tid2 != conn->cnum) {
6212 /* can't currently handle inter share copies XXXX */
6213 DEBUG(3,("Rejecting inter-share copy\n"));
6214 reply_doserror(req, ERRSRV, ERRinvdevice);
6215 END_PROFILE(SMBcopy);
6219 status = resolve_dfspath_wcard(ctx, conn,
6220 req->flags2 & FLAGS2_DFS_PATHNAMES,
6224 if (!NT_STATUS_IS_OK(status)) {
6225 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6226 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6227 ERRSRV, ERRbadpath);
6228 END_PROFILE(SMBcopy);
6231 reply_nterror(req, status);
6232 END_PROFILE(SMBcopy);
6236 status = resolve_dfspath_wcard(ctx, conn,
6237 req->flags2 & FLAGS2_DFS_PATHNAMES,
6241 if (!NT_STATUS_IS_OK(status)) {
6242 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6243 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6244 ERRSRV, ERRbadpath);
6245 END_PROFILE(SMBcopy);
6248 reply_nterror(req, status);
6249 END_PROFILE(SMBcopy);
6253 status = unix_convert(ctx, conn, name, source_has_wild,
6254 &name, NULL, &sbuf1);
6255 if (!NT_STATUS_IS_OK(status)) {
6256 reply_nterror(req, status);
6257 END_PROFILE(SMBcopy);
6261 status = unix_convert(ctx, conn, newname, dest_has_wild,
6262 &newname, NULL, &sbuf2);
6263 if (!NT_STATUS_IS_OK(status)) {
6264 reply_nterror(req, status);
6265 END_PROFILE(SMBcopy);
6269 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
6271 if ((flags&1) && target_is_directory) {
6272 reply_doserror(req, ERRDOS, ERRbadfile);
6273 END_PROFILE(SMBcopy);
6277 if ((flags&2) && !target_is_directory) {
6278 reply_doserror(req, ERRDOS, ERRbadpath);
6279 END_PROFILE(SMBcopy);
6283 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
6284 /* wants a tree copy! XXXX */
6285 DEBUG(3,("Rejecting tree copy\n"));
6286 reply_doserror(req, ERRSRV, ERRerror);
6287 END_PROFILE(SMBcopy);
6291 p = strrchr_m(name,'/');
6293 directory = talloc_strdup(ctx, "./");
6295 reply_nterror(req, NT_STATUS_NO_MEMORY);
6296 END_PROFILE(SMBcopy);
6302 directory = talloc_strdup(ctx, name);
6304 reply_nterror(req, NT_STATUS_NO_MEMORY);
6305 END_PROFILE(SMBcopy);
6312 * We should only check the mangled cache
6313 * here if unix_convert failed. This means
6314 * that the path in 'mask' doesn't exist
6315 * on the file system and so we need to look
6316 * for a possible mangle. This patch from
6317 * Tine Smukavec <valentin.smukavec@hermes.si>.
6320 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
6321 char *new_mask = NULL;
6322 mangle_lookup_name_from_8_3(ctx,
6331 if (!source_has_wild) {
6332 directory = talloc_asprintf_append(directory,
6335 if (dest_has_wild) {
6336 char *mod_newname = NULL;
6337 if (!resolve_wildcards(ctx,
6338 directory,newname,&mod_newname)) {
6339 reply_nterror(req, NT_STATUS_NO_MEMORY);
6340 END_PROFILE(SMBcopy);
6343 newname = mod_newname;
6346 status = check_name(conn, directory);
6347 if (!NT_STATUS_IS_OK(status)) {
6348 reply_nterror(req, status);
6349 END_PROFILE(SMBcopy);
6353 status = check_name(conn, newname);
6354 if (!NT_STATUS_IS_OK(status)) {
6355 reply_nterror(req, status);
6356 END_PROFILE(SMBcopy);
6360 status = copy_file(ctx,conn,directory,newname,ofun,
6361 count,target_is_directory);
6363 if(!NT_STATUS_IS_OK(status)) {
6364 reply_nterror(req, status);
6365 END_PROFILE(SMBcopy);
6371 struct smb_Dir *dir_hnd = NULL;
6372 const char *dname = NULL;
6375 if (strequal(mask,"????????.???")) {
6380 status = check_name(conn, directory);
6381 if (!NT_STATUS_IS_OK(status)) {
6382 reply_nterror(req, status);
6383 END_PROFILE(SMBcopy);
6387 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, 0);
6388 if (dir_hnd == NULL) {
6389 status = map_nt_error_from_unix(errno);
6390 reply_nterror(req, status);
6391 END_PROFILE(SMBcopy);
6397 while ((dname = ReadDirName(dir_hnd, &offset))) {
6398 char *destname = NULL;
6401 if (ISDOT(dname) || ISDOTDOT(dname)) {
6405 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6409 if(!mask_match(dname, mask, conn->case_sensitive)) {
6413 error = ERRnoaccess;
6414 fname = talloc_asprintf(ctx,
6419 TALLOC_FREE(dir_hnd);
6420 reply_nterror(req, NT_STATUS_NO_MEMORY);
6421 END_PROFILE(SMBcopy);
6425 if (!resolve_wildcards(ctx,
6426 fname,newname,&destname)) {
6430 TALLOC_FREE(dir_hnd);
6431 reply_nterror(req, NT_STATUS_NO_MEMORY);
6432 END_PROFILE(SMBcopy);
6436 status = check_name(conn, fname);
6437 if (!NT_STATUS_IS_OK(status)) {
6438 TALLOC_FREE(dir_hnd);
6439 reply_nterror(req, status);
6440 END_PROFILE(SMBcopy);
6444 status = check_name(conn, destname);
6445 if (!NT_STATUS_IS_OK(status)) {
6446 TALLOC_FREE(dir_hnd);
6447 reply_nterror(req, status);
6448 END_PROFILE(SMBcopy);
6452 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
6454 status = copy_file(ctx,conn,fname,destname,ofun,
6455 count,target_is_directory);
6456 if (NT_STATUS_IS_OK(status)) {
6460 TALLOC_FREE(destname);
6462 TALLOC_FREE(dir_hnd);
6467 /* Error on close... */
6469 reply_unixerror(req, ERRHRD, ERRgeneral);
6470 END_PROFILE(SMBcopy);
6474 reply_doserror(req, ERRDOS, error);
6475 END_PROFILE(SMBcopy);
6479 reply_outbuf(req, 1, 0);
6480 SSVAL(req->outbuf,smb_vwv0,count);
6482 END_PROFILE(SMBcopy);
6487 #define DBGC_CLASS DBGC_LOCKING
6489 /****************************************************************************
6490 Get a lock pid, dealing with large count requests.
6491 ****************************************************************************/
6493 uint32 get_lock_pid( char *data, int data_offset, bool large_file_format)
6495 if(!large_file_format)
6496 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6498 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6501 /****************************************************************************
6502 Get a lock count, dealing with large count requests.
6503 ****************************************************************************/
6505 SMB_BIG_UINT get_lock_count( char *data, int data_offset, bool large_file_format)
6507 SMB_BIG_UINT count = 0;
6509 if(!large_file_format) {
6510 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6513 #if defined(HAVE_LONGLONG)
6514 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6515 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6516 #else /* HAVE_LONGLONG */
6519 * NT4.x seems to be broken in that it sends large file (64 bit)
6520 * lockingX calls even if the CAP_LARGE_FILES was *not*
6521 * negotiated. For boxes without large unsigned ints truncate the
6522 * lock count by dropping the top 32 bits.
6525 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
6526 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6527 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
6528 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
6529 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
6532 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
6533 #endif /* HAVE_LONGLONG */
6539 #if !defined(HAVE_LONGLONG)
6540 /****************************************************************************
6541 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6542 ****************************************************************************/
6544 static uint32 map_lock_offset(uint32 high, uint32 low)
6548 uint32 highcopy = high;
6551 * Try and find out how many significant bits there are in high.
6554 for(i = 0; highcopy; i++)
6558 * We use 31 bits not 32 here as POSIX
6559 * lock offsets may not be negative.
6562 mask = (~0) << (31 - i);
6565 return 0; /* Fail. */
6571 #endif /* !defined(HAVE_LONGLONG) */
6573 /****************************************************************************
6574 Get a lock offset, dealing with large offset requests.
6575 ****************************************************************************/
6577 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, bool large_file_format, bool *err)
6579 SMB_BIG_UINT offset = 0;
6583 if(!large_file_format) {
6584 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
6587 #if defined(HAVE_LONGLONG)
6588 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
6589 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
6590 #else /* HAVE_LONGLONG */
6593 * NT4.x seems to be broken in that it sends large file (64 bit)
6594 * lockingX calls even if the CAP_LARGE_FILES was *not*
6595 * negotiated. For boxes without large unsigned ints mangle the
6596 * lock offset by mapping the top 32 bits onto the lower 32.
6599 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
6600 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6601 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
6604 if((new_low = map_lock_offset(high, low)) == 0) {
6606 return (SMB_BIG_UINT)-1;
6609 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6610 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
6611 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
6612 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
6615 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6616 #endif /* HAVE_LONGLONG */
6622 /****************************************************************************
6623 Reply to a lockingX request.
6624 ****************************************************************************/
6626 void reply_lockingX(struct smb_request *req)
6628 connection_struct *conn = req->conn;
6630 unsigned char locktype;
6631 unsigned char oplocklevel;
6634 SMB_BIG_UINT count = 0, offset = 0;
6639 bool large_file_format;
6641 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
6643 START_PROFILE(SMBlockingX);
6646 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6647 END_PROFILE(SMBlockingX);
6651 fsp = file_fsp(SVAL(req->inbuf,smb_vwv2));
6652 locktype = CVAL(req->inbuf,smb_vwv3);
6653 oplocklevel = CVAL(req->inbuf,smb_vwv3+1);
6654 num_ulocks = SVAL(req->inbuf,smb_vwv6);
6655 num_locks = SVAL(req->inbuf,smb_vwv7);
6656 lock_timeout = IVAL(req->inbuf,smb_vwv4);
6657 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
6659 if (!check_fsp(conn, req, fsp)) {
6660 END_PROFILE(SMBlockingX);
6664 data = smb_buf(req->inbuf);
6666 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
6667 /* we don't support these - and CANCEL_LOCK makes w2k
6668 and XP reboot so I don't really want to be
6669 compatible! (tridge) */
6670 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
6671 END_PROFILE(SMBlockingX);
6675 /* Check if this is an oplock break on a file
6676 we have granted an oplock on.
6678 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
6679 /* Client can insist on breaking to none. */
6680 bool break_to_none = (oplocklevel == 0);
6683 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6684 "for fnum = %d\n", (unsigned int)oplocklevel,
6688 * Make sure we have granted an exclusive or batch oplock on
6692 if (fsp->oplock_type == 0) {
6694 /* The Samba4 nbench simulator doesn't understand
6695 the difference between break to level2 and break
6696 to none from level2 - it sends oplock break
6697 replies in both cases. Don't keep logging an error
6698 message here - just ignore it. JRA. */
6700 DEBUG(5,("reply_lockingX: Error : oplock break from "
6701 "client for fnum = %d (oplock=%d) and no "
6702 "oplock granted on this file (%s).\n",
6703 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
6705 /* if this is a pure oplock break request then don't
6707 if (num_locks == 0 && num_ulocks == 0) {
6708 END_PROFILE(SMBlockingX);
6711 END_PROFILE(SMBlockingX);
6712 reply_doserror(req, ERRDOS, ERRlock);
6717 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
6719 result = remove_oplock(fsp);
6721 result = downgrade_oplock(fsp);
6725 DEBUG(0, ("reply_lockingX: error in removing "
6726 "oplock on file %s\n", fsp->fsp_name));
6727 /* Hmmm. Is this panic justified? */
6728 smb_panic("internal tdb error");
6731 reply_to_oplock_break_requests(fsp);
6733 /* if this is a pure oplock break request then don't send a
6735 if (num_locks == 0 && num_ulocks == 0) {
6736 /* Sanity check - ensure a pure oplock break is not a
6738 if(CVAL(req->inbuf,smb_vwv0) != 0xff)
6739 DEBUG(0,("reply_lockingX: Error : pure oplock "
6740 "break is a chained %d request !\n",
6741 (unsigned int)CVAL(req->inbuf,
6743 END_PROFILE(SMBlockingX);
6749 * We do this check *after* we have checked this is not a oplock break
6750 * response message. JRA.
6753 release_level_2_oplocks_on_change(fsp);
6755 if (smb_buflen(req->inbuf) <
6756 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
6757 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6758 END_PROFILE(SMBlockingX);
6762 /* Data now points at the beginning of the list
6763 of smb_unlkrng structs */
6764 for(i = 0; i < (int)num_ulocks; i++) {
6765 lock_pid = get_lock_pid( data, i, large_file_format);
6766 count = get_lock_count( data, i, large_file_format);
6767 offset = get_lock_offset( data, i, large_file_format, &err);
6770 * There is no error code marked "stupid client bug".... :-).
6773 END_PROFILE(SMBlockingX);
6774 reply_doserror(req, ERRDOS, ERRnoaccess);
6778 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
6779 "pid %u, file %s\n", (double)offset, (double)count,
6780 (unsigned int)lock_pid, fsp->fsp_name ));
6782 status = do_unlock(smbd_messaging_context(),
6789 if (NT_STATUS_V(status)) {
6790 END_PROFILE(SMBlockingX);
6791 reply_nterror(req, status);
6796 /* Setup the timeout in seconds. */
6798 if (!lp_blocking_locks(SNUM(conn))) {
6802 /* Now do any requested locks */
6803 data += ((large_file_format ? 20 : 10)*num_ulocks);
6805 /* Data now points at the beginning of the list
6806 of smb_lkrng structs */
6808 for(i = 0; i < (int)num_locks; i++) {
6809 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
6810 READ_LOCK:WRITE_LOCK);
6811 lock_pid = get_lock_pid( data, i, large_file_format);
6812 count = get_lock_count( data, i, large_file_format);
6813 offset = get_lock_offset( data, i, large_file_format, &err);
6816 * There is no error code marked "stupid client bug".... :-).
6819 END_PROFILE(SMBlockingX);
6820 reply_doserror(req, ERRDOS, ERRnoaccess);
6824 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6825 "%u, file %s timeout = %d\n", (double)offset,
6826 (double)count, (unsigned int)lock_pid,
6827 fsp->fsp_name, (int)lock_timeout ));
6829 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
6830 if (lp_blocking_locks(SNUM(conn))) {
6832 /* Schedule a message to ourselves to
6833 remove the blocking lock record and
6834 return the right error. */
6836 if (!blocking_lock_cancel(fsp,
6842 NT_STATUS_FILE_LOCK_CONFLICT)) {
6843 END_PROFILE(SMBlockingX);
6848 ERRcancelviolation));
6852 /* Remove a matching pending lock. */
6853 status = do_lock_cancel(fsp,
6859 bool blocking_lock = lock_timeout ? True : False;
6860 bool defer_lock = False;
6861 struct byte_range_lock *br_lck;
6862 uint32 block_smbpid;
6864 br_lck = do_lock(smbd_messaging_context(),
6875 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
6876 /* Windows internal resolution for blocking locks seems
6877 to be about 200ms... Don't wait for less than that. JRA. */
6878 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
6879 lock_timeout = lp_lock_spin_time();
6884 /* This heuristic seems to match W2K3 very well. If a
6885 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6886 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6887 far as I can tell. Replacement for do_lock_spin(). JRA. */
6889 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
6890 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
6892 lock_timeout = lp_lock_spin_time();
6895 if (br_lck && defer_lock) {
6897 * A blocking lock was requested. Package up
6898 * this smb into a queued request and push it
6899 * onto the blocking lock queue.
6901 if(push_blocking_lock_request(br_lck,
6912 TALLOC_FREE(br_lck);
6913 END_PROFILE(SMBlockingX);
6918 TALLOC_FREE(br_lck);
6921 if (NT_STATUS_V(status)) {
6922 END_PROFILE(SMBlockingX);
6923 reply_nterror(req, status);
6928 /* If any of the above locks failed, then we must unlock
6929 all of the previous locks (X/Open spec). */
6931 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
6935 * Ensure we don't do a remove on the lock that just failed,
6936 * as under POSIX rules, if we have a lock already there, we
6937 * will delete it (and we shouldn't) .....
6939 for(i--; i >= 0; i--) {
6940 lock_pid = get_lock_pid( data, i, large_file_format);
6941 count = get_lock_count( data, i, large_file_format);
6942 offset = get_lock_offset( data, i, large_file_format,
6946 * There is no error code marked "stupid client
6950 END_PROFILE(SMBlockingX);
6951 reply_doserror(req, ERRDOS, ERRnoaccess);
6955 do_unlock(smbd_messaging_context(),
6962 END_PROFILE(SMBlockingX);
6963 reply_nterror(req, status);
6967 reply_outbuf(req, 2, 0);
6969 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
6970 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
6972 END_PROFILE(SMBlockingX);
6977 #define DBGC_CLASS DBGC_ALL
6979 /****************************************************************************
6980 Reply to a SMBreadbmpx (read block multiplex) request.
6981 Always reply with an error, if someone has a platform really needs this,
6982 please contact vl@samba.org
6983 ****************************************************************************/
6985 void reply_readbmpx(struct smb_request *req)
6987 START_PROFILE(SMBreadBmpx);
6988 reply_doserror(req, ERRSRV, ERRuseSTD);
6989 END_PROFILE(SMBreadBmpx);
6993 /****************************************************************************
6994 Reply to a SMBreadbs (read block multiplex secondary) request.
6995 Always reply with an error, if someone has a platform really needs this,
6996 please contact vl@samba.org
6997 ****************************************************************************/
6999 void reply_readbs(struct smb_request *req)
7001 START_PROFILE(SMBreadBs);
7002 reply_doserror(req, ERRSRV, ERRuseSTD);
7003 END_PROFILE(SMBreadBs);
7007 /****************************************************************************
7008 Reply to a SMBsetattrE.
7009 ****************************************************************************/
7011 void reply_setattrE(struct smb_request *req)
7013 connection_struct *conn = req->conn;
7014 struct timespec ts[2];
7016 SMB_STRUCT_STAT sbuf;
7019 START_PROFILE(SMBsetattrE);
7022 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7023 END_PROFILE(SMBsetattrE);
7027 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
7029 if(!fsp || (fsp->conn != conn)) {
7030 reply_doserror(req, ERRDOS, ERRbadfid);
7031 END_PROFILE(SMBsetattrE);
7037 * Convert the DOS times into unix times. Ignore create
7038 * time as UNIX can't set this.
7041 ts[0] = convert_time_t_to_timespec(
7042 srv_make_unix_date2(req->inbuf+smb_vwv3)); /* atime. */
7043 ts[1] = convert_time_t_to_timespec(
7044 srv_make_unix_date2(req->inbuf+smb_vwv5)); /* mtime. */
7046 reply_outbuf(req, 0, 0);
7049 * Patch from Ray Frush <frush@engr.colostate.edu>
7050 * Sometimes times are sent as zero - ignore them.
7053 /* Ensure we have a valid stat struct for the source. */
7054 if (fsp->fh->fd != -1) {
7055 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7056 status = map_nt_error_from_unix(errno);
7057 reply_nterror(req, status);
7058 END_PROFILE(SMBsetattrE);
7062 if (SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf) == -1) {
7063 status = map_nt_error_from_unix(errno);
7064 reply_nterror(req, status);
7065 END_PROFILE(SMBsetattrE);
7070 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7072 if (!NT_STATUS_IS_OK(status)) {
7073 reply_doserror(req, ERRDOS, ERRnoaccess);
7074 END_PROFILE(SMBsetattrE);
7078 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
7080 (unsigned int)ts[0].tv_sec,
7081 (unsigned int)ts[1].tv_sec));
7083 END_PROFILE(SMBsetattrE);
7088 /* Back from the dead for OS/2..... JRA. */
7090 /****************************************************************************
7091 Reply to a SMBwritebmpx (write block multiplex primary) request.
7092 Always reply with an error, if someone has a platform really needs this,
7093 please contact vl@samba.org
7094 ****************************************************************************/
7096 void reply_writebmpx(struct smb_request *req)
7098 START_PROFILE(SMBwriteBmpx);
7099 reply_doserror(req, ERRSRV, ERRuseSTD);
7100 END_PROFILE(SMBwriteBmpx);
7104 /****************************************************************************
7105 Reply to a SMBwritebs (write block multiplex secondary) request.
7106 Always reply with an error, if someone has a platform really needs this,
7107 please contact vl@samba.org
7108 ****************************************************************************/
7110 void reply_writebs(struct smb_request *req)
7112 START_PROFILE(SMBwriteBs);
7113 reply_doserror(req, ERRSRV, ERRuseSTD);
7114 END_PROFILE(SMBwriteBs);
7118 /****************************************************************************
7119 Reply to a SMBgetattrE.
7120 ****************************************************************************/
7122 void reply_getattrE(struct smb_request *req)
7124 connection_struct *conn = req->conn;
7125 SMB_STRUCT_STAT sbuf;
7128 struct timespec create_ts;
7130 START_PROFILE(SMBgetattrE);
7133 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7134 END_PROFILE(SMBgetattrE);
7138 fsp = file_fsp(SVAL(req->inbuf,smb_vwv0));
7140 if(!fsp || (fsp->conn != conn)) {
7141 reply_doserror(req, ERRDOS, ERRbadfid);
7142 END_PROFILE(SMBgetattrE);
7146 /* Do an fstat on this file */
7147 if(fsp_stat(fsp, &sbuf)) {
7148 reply_unixerror(req, ERRDOS, ERRnoaccess);
7149 END_PROFILE(SMBgetattrE);
7153 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7156 * Convert the times into dos times. Set create
7157 * date to be last modify date as UNIX doesn't save
7161 reply_outbuf(req, 11, 0);
7163 create_ts = get_create_timespec(&sbuf,
7164 lp_fake_dir_create_times(SNUM(conn)));
7165 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7166 srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime);
7167 /* Should we check pending modtime here ? JRA */
7168 srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime);
7171 SIVAL(req->outbuf, smb_vwv6, 0);
7172 SIVAL(req->outbuf, smb_vwv8, 0);
7174 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
7175 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size);
7176 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7178 SSVAL(req->outbuf,smb_vwv10, mode);
7180 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7182 END_PROFILE(SMBgetattrE);
git.samba.org / kai / samba.git / blob