Remove some direct inbuf references by adding smbreq_bufrem
[nivanova/samba-autobuild/.git] / source3 / smbd / message.c
1 /* 
2    Unix SMB/CIFS implementation.
3    SMB messaging
4    Copyright (C) Andrew Tridgell 1992-1998
5    
6    This program is free software; you can redistribute it and/or modify
7    it under the terms of the GNU General Public License as published by
8    the Free Software Foundation; either version 3 of the License, or
9    (at your option) any later version.
10    
11    This program is distributed in the hope that it will be useful,
12    but WITHOUT ANY WARRANTY; without even the implied warranty of
13    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14    GNU General Public License for more details.
15    
16    You should have received a copy of the GNU General Public License
17    along with this program.  If not, see <http://www.gnu.org/licenses/>.
18 */
19 /*
20    This file handles the messaging system calls for winpopup style
21    messages
22 */
23
24
25 #include "includes.h"
26
27 extern userdom_struct current_user_info;
28
29 struct msg_state {
30         char *from;
31         char *to;
32         char *msg;
33 };
34
35 static struct msg_state *smbd_msg_state;
36
37 /****************************************************************************
38  Deliver the message.
39 ****************************************************************************/
40
41 static void msg_deliver(struct msg_state *state)
42 {
43         TALLOC_CTX *frame = talloc_stackframe();
44         char *name = NULL;
45         int i;
46         int fd;
47         char *msg;
48         size_t len;
49         ssize_t sz;
50         fstring alpha_buf;
51         char *s;
52
53         if (! (*lp_msg_command())) {
54                 DEBUG(1,("no messaging command specified\n"));
55                 goto done;
56         }
57
58         /* put it in a temporary file */
59         name = talloc_asprintf(talloc_tos(), "%s/msg.XXXXXX", tmpdir());
60         if (!name) {
61                 goto done;
62         }
63         fd = smb_mkstemp(name);
64
65         if (fd == -1) {
66                 DEBUG(1, ("can't open message file %s: %s\n", name,
67                           strerror(errno)));
68                 goto done;
69         }
70
71         /*
72          * Incoming message is in DOS codepage format. Convert to UNIX.
73          */
74
75         if (!convert_string_talloc(talloc_tos(), CH_DOS, CH_UNIX, state->msg,
76                                    talloc_get_size(state->msg), (void *)&msg,
77                                    &len, true)) {
78                 DEBUG(3, ("Conversion failed, delivering message in DOS "
79                           "codepage format\n"));
80                 msg = state->msg;
81         }
82
83         for (i = 0; i < len; i++) {
84                 if ((msg[i] == '\r') &&
85                     (i < (len-1)) && (msg[i+1] == '\n')) {
86                         continue;
87                 }
88                 sz = write(fd, &msg[i], 1);
89                 if ( sz != 1 ) {
90                         DEBUG(0, ("Write error to fd %d: %ld(%s)\n", fd,
91                                   (long)sz, strerror(errno)));
92                 }
93         }
94
95         close(fd);
96
97         /* run the command */
98         s = talloc_strdup(talloc_tos(), lp_msg_command());
99         if (s == NULL) {
100                 goto done;
101         }
102
103         alpha_strcpy(alpha_buf, state->from, NULL, sizeof(alpha_buf));
104
105         s = talloc_string_sub(talloc_tos(), s, "%f", alpha_buf);
106         if (s == NULL) {
107                 goto done;
108         }
109
110         alpha_strcpy(alpha_buf, state->to, NULL, sizeof(alpha_buf));
111
112         s = talloc_string_sub(talloc_tos(), s, "%t", alpha_buf);
113         if (s == NULL) {
114                 goto done;
115         }
116
117         s = talloc_sub_basic(talloc_tos(), current_user_info.smb_name,
118                              current_user_info.domain, s);
119         if (s == NULL) {
120                 goto done;
121         }
122
123         s = talloc_string_sub(talloc_tos(), s, "%s", name);
124         if (s == NULL) {
125                 goto done;
126         }
127         smbrun(s,NULL);
128
129  done:
130         TALLOC_FREE(frame);
131         return;
132 }
133
134 /****************************************************************************
135  Reply to a sends.
136  conn POINTER CAN BE NULL HERE !
137 ****************************************************************************/
138
139 void reply_sends(struct smb_request *req)
140 {
141         struct msg_state *state;
142         int len;
143         const char *msg;
144         const char *p;
145
146         START_PROFILE(SMBsends);
147
148         if (!(*lp_msg_command())) {
149                 reply_doserror(req, ERRSRV, ERRmsgoff);
150                 END_PROFILE(SMBsends);
151                 return;
152         }
153
154         state = talloc(talloc_tos(), struct msg_state);
155
156         p = (const char *)req->buf + 1;
157         p += srvstr_pull_req_talloc(
158                 state, req, &state->from, p, STR_ASCII|STR_TERMINATE) + 1;
159         p += srvstr_pull_req_talloc(
160                 state, req, &state->to, p, STR_ASCII|STR_TERMINATE) + 1;
161
162         msg = p;
163
164         len = SVAL(msg,0);
165         len = MIN(len, smbreq_bufrem(req, msg+2));
166
167         state->msg = talloc_array(state, char, len);
168
169         if (state->msg == NULL) {
170                 reply_nterror(req, NT_STATUS_NO_MEMORY);
171                 END_PROFILE(SMBsends);
172                 return;
173         }
174
175         memcpy(state->msg, msg+2, len);
176
177         msg_deliver(state);
178
179         reply_outbuf(req, 0, 0);
180
181         END_PROFILE(SMBsends);
182         return;
183 }
184
185 /****************************************************************************
186  Reply to a sendstrt.
187  conn POINTER CAN BE NULL HERE !
188 ****************************************************************************/
189
190 void reply_sendstrt(struct smb_request *req)
191 {
192         const char *p;
193
194         START_PROFILE(SMBsendstrt);
195
196         if (!(*lp_msg_command())) {
197                 reply_doserror(req, ERRSRV, ERRmsgoff);
198                 END_PROFILE(SMBsendstrt);
199                 return;
200         }
201
202         TALLOC_FREE(smbd_msg_state);
203
204         smbd_msg_state = TALLOC_ZERO_P(NULL, struct msg_state);
205
206         if (smbd_msg_state == NULL) {
207                 reply_nterror(req, NT_STATUS_NO_MEMORY);
208                 END_PROFILE(SMBsendstrt);
209                 return;
210         }
211
212         p = (const char *)req->buf+1;
213         p += srvstr_pull_req_talloc(
214                 smbd_msg_state, req, &smbd_msg_state->from, p,
215                 STR_ASCII|STR_TERMINATE) + 1;
216         p += srvstr_pull_req_talloc(
217                 smbd_msg_state, req, &smbd_msg_state->to, p,
218                 STR_ASCII|STR_TERMINATE) + 1;
219
220         DEBUG( 3, ( "SMBsendstrt (from %s to %s)\n", smbd_msg_state->from,
221                     smbd_msg_state->to ) );
222
223         reply_outbuf(req, 0, 0);
224
225         END_PROFILE(SMBsendstrt);
226         return;
227 }
228
229 /****************************************************************************
230  Reply to a sendtxt.
231  conn POINTER CAN BE NULL HERE !
232 ****************************************************************************/
233
234 void reply_sendtxt(struct smb_request *req)
235 {
236         int len;
237         const char *msg;
238         char *tmp;
239         size_t old_len;
240
241         START_PROFILE(SMBsendtxt);
242
243         if (! (*lp_msg_command())) {
244                 reply_doserror(req, ERRSRV, ERRmsgoff);
245                 END_PROFILE(SMBsendtxt);
246                 return;
247         }
248
249         if (smbd_msg_state == NULL) {
250                 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
251                 END_PROFILE(SMBsendtxt);
252                 return;
253         }
254
255         msg = (const char *)req->buf + 1;
256
257         old_len = talloc_get_size(smbd_msg_state->msg);
258
259         len = MIN(SVAL(msg, 0), smbreq_bufrem(req, msg+2));
260
261         tmp = TALLOC_REALLOC_ARRAY(smbd_msg_state, smbd_msg_state->msg,
262                                    char, old_len + len);
263
264         if (tmp == NULL) {
265                 reply_nterror(req, NT_STATUS_NO_MEMORY);
266                 END_PROFILE(SMBsendtxt);
267                 return;
268         }
269
270         smbd_msg_state->msg = tmp;
271
272         memcpy(&smbd_msg_state->msg[old_len], msg+2, len);
273
274         DEBUG( 3, ( "SMBsendtxt\n" ) );
275
276         reply_outbuf(req, 0, 0);
277
278         END_PROFILE(SMBsendtxt);
279         return;
280 }
281
282 /****************************************************************************
283  Reply to a sendend.
284  conn POINTER CAN BE NULL HERE !
285 ****************************************************************************/
286
287 void reply_sendend(struct smb_request *req)
288 {
289         START_PROFILE(SMBsendend);
290
291         if (! (*lp_msg_command())) {
292                 reply_doserror(req, ERRSRV, ERRmsgoff);
293                 END_PROFILE(SMBsendend);
294                 return;
295         }
296
297         DEBUG(3,("SMBsendend\n"));
298
299         msg_deliver(smbd_msg_state);
300
301         TALLOC_FREE(smbd_msg_state);
302
303         reply_outbuf(req, 0, 0);
304
305         END_PROFILE(SMBsendend);
306         return;
307 }