2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 #include "smbd/globals.h"
30 #include "fake_file.h"
31 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
32 #include "rpc_client/cli_spoolss.h"
33 #include "rpc_client/init_spoolss.h"
34 #include "rpc_server/rpc_ncacn_np.h"
35 #include "libcli/security/security.h"
37 /****************************************************************************
38 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
39 path or anything including wildcards.
40 We're assuming here that '/' is not the second byte in any multibyte char
41 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
43 ****************************************************************************/
45 /* Custom version for processing POSIX paths. */
46 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
48 static NTSTATUS check_path_syntax_internal(char *path,
50 bool *p_last_component_contains_wcard)
54 NTSTATUS ret = NT_STATUS_OK;
55 bool start_of_name_component = True;
56 bool stream_started = false;
58 *p_last_component_contains_wcard = False;
65 return NT_STATUS_OBJECT_NAME_INVALID;
68 return NT_STATUS_OBJECT_NAME_INVALID;
70 if (strchr_m(&s[1], ':')) {
71 return NT_STATUS_OBJECT_NAME_INVALID;
77 if ((*s == ':') && !posix_path && !stream_started) {
78 if (*p_last_component_contains_wcard) {
79 return NT_STATUS_OBJECT_NAME_INVALID;
81 /* Stream names allow more characters than file names.
82 We're overloading posix_path here to allow a wider
83 range of characters. If stream_started is true this
84 is still a Windows path even if posix_path is true.
87 stream_started = true;
88 start_of_name_component = false;
92 return NT_STATUS_OBJECT_NAME_INVALID;
96 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
98 * Safe to assume is not the second part of a mb char
99 * as this is handled below.
101 /* Eat multiple '/' or '\\' */
102 while (IS_PATH_SEP(*s,posix_path)) {
105 if ((d != path) && (*s != '\0')) {
106 /* We only care about non-leading or trailing '/' or '\\' */
110 start_of_name_component = True;
112 *p_last_component_contains_wcard = False;
116 if (start_of_name_component) {
117 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
118 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
121 * No mb char starts with '.' so we're safe checking the directory separator here.
124 /* If we just added a '/' - delete it */
125 if ((d > path) && (*(d-1) == '/')) {
130 /* Are we at the start ? Can't go back further if so. */
132 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
135 /* Go back one level... */
136 /* We know this is safe as '/' cannot be part of a mb sequence. */
137 /* NOTE - if this assumption is invalid we are not in good shape... */
138 /* Decrement d first as d points to the *next* char to write into. */
139 for (d--; d > path; d--) {
143 s += 2; /* Else go past the .. */
144 /* We're still at the start of a name component, just the previous one. */
147 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
159 if (*s <= 0x1f || *s == '|') {
160 return NT_STATUS_OBJECT_NAME_INVALID;
168 *p_last_component_contains_wcard = True;
177 /* Get the size of the next MB character. */
178 next_codepoint(s,&siz);
196 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
198 return NT_STATUS_INVALID_PARAMETER;
201 start_of_name_component = False;
209 /****************************************************************************
210 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
211 No wildcards allowed.
212 ****************************************************************************/
214 NTSTATUS check_path_syntax(char *path)
217 return check_path_syntax_internal(path, False, &ignore);
220 /****************************************************************************
221 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
222 Wildcards allowed - p_contains_wcard returns true if the last component contained
224 ****************************************************************************/
226 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
228 return check_path_syntax_internal(path, False, p_contains_wcard);
231 /****************************************************************************
232 Check the path for a POSIX client.
233 We're assuming here that '/' is not the second byte in any multibyte char
234 set (a safe assumption).
235 ****************************************************************************/
237 NTSTATUS check_path_syntax_posix(char *path)
240 return check_path_syntax_internal(path, True, &ignore);
243 /****************************************************************************
244 Pull a string and check the path allowing a wilcard - provide for error return.
245 ****************************************************************************/
247 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
248 const char *base_ptr,
255 bool *contains_wcard)
261 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
265 *err = NT_STATUS_INVALID_PARAMETER;
269 *contains_wcard = False;
271 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
273 * For a DFS path the function parse_dfs_path()
274 * will do the path processing, just make a copy.
280 if (lp_posix_pathnames()) {
281 *err = check_path_syntax_posix(*pp_dest);
283 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
289 /****************************************************************************
290 Pull a string and check the path - provide for error return.
291 ****************************************************************************/
293 size_t srvstr_get_path(TALLOC_CTX *ctx,
294 const char *base_ptr,
303 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
304 src_len, flags, err, &ignore);
307 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
308 char **pp_dest, const char *src, int flags,
309 NTSTATUS *err, bool *contains_wcard)
311 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
312 pp_dest, src, smbreq_bufrem(req, src),
313 flags, err, contains_wcard);
316 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
317 char **pp_dest, const char *src, int flags,
321 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
322 flags, err, &ignore);
325 /****************************************************************************
326 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
327 ****************************************************************************/
329 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
332 if ((fsp == NULL) || (conn == NULL)) {
333 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
336 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
337 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
343 /****************************************************************************
344 Check if we have a correct fsp pointing to a file.
345 ****************************************************************************/
347 bool check_fsp(connection_struct *conn, struct smb_request *req,
350 if (!check_fsp_open(conn, req, fsp)) {
353 if (fsp->is_directory) {
354 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
357 if (fsp->fh->fd == -1) {
358 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
361 fsp->num_smb_operations++;
365 /****************************************************************************
366 Check if we have a correct fsp pointing to a quota fake file. Replacement for
367 the CHECK_NTQUOTA_HANDLE_OK macro.
368 ****************************************************************************/
370 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
373 if (!check_fsp_open(conn, req, fsp)) {
377 if (fsp->is_directory) {
381 if (fsp->fake_file_handle == NULL) {
385 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
389 if (fsp->fake_file_handle->private_data == NULL) {
396 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
397 const char *name, int name_type)
400 char *trim_name_type;
401 const char *retarget_parm;
404 int retarget_type = 0x20;
405 int retarget_port = 139;
406 struct sockaddr_storage retarget_addr;
407 struct sockaddr_in *in_addr;
411 if (get_socket_port(sconn->sock) != 139) {
415 trim_name = talloc_strdup(talloc_tos(), name);
416 if (trim_name == NULL) {
419 trim_char(trim_name, ' ', ' ');
421 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
423 if (trim_name_type == NULL) {
427 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
428 trim_name_type, NULL);
429 if (retarget_parm == NULL) {
430 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
433 if (retarget_parm == NULL) {
437 retarget = talloc_strdup(trim_name, retarget_parm);
438 if (retarget == NULL) {
442 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
444 p = strchr(retarget, ':');
447 retarget_port = atoi(p);
450 p = strchr_m(retarget, '#');
453 sscanf(p, "%x", &retarget_type);
456 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
458 DEBUG(10, ("could not resolve %s\n", retarget));
462 if (retarget_addr.ss_family != AF_INET) {
463 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
467 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
469 _smb_setlen(outbuf, 6);
470 SCVAL(outbuf, 0, 0x84);
471 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
472 *(uint16_t *)(outbuf+8) = htons(retarget_port);
474 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
476 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
482 TALLOC_FREE(trim_name);
486 /****************************************************************************
487 Reply to a (netbios-level) special message.
488 ****************************************************************************/
490 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
492 int msg_type = CVAL(inbuf,0);
493 int msg_flags = CVAL(inbuf,1);
495 * We only really use 4 bytes of the outbuf, but for the smb_setlen
496 * calculation & friends (srv_send_smb uses that) we need the full smb
499 char outbuf[smb_size];
501 memset(outbuf, '\0', sizeof(outbuf));
503 smb_setlen(outbuf,0);
506 case 0x81: /* session request */
508 /* inbuf_size is guarenteed to be at least 4. */
510 int name_type1, name_type2;
511 int name_len1, name_len2;
515 if (sconn->nbt.got_session) {
516 exit_server_cleanly("multiple session request not permitted");
519 SCVAL(outbuf,0,0x82);
522 /* inbuf_size is guaranteed to be at least 4. */
523 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
524 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
525 DEBUG(0,("Invalid name length in session request\n"));
528 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
529 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
530 DEBUG(0,("Invalid name length in session request\n"));
534 name_type1 = name_extract((unsigned char *)inbuf,
535 inbuf_size,(unsigned int)4,name1);
536 name_type2 = name_extract((unsigned char *)inbuf,
537 inbuf_size,(unsigned int)(4 + name_len1),name2);
539 if (name_type1 == -1 || name_type2 == -1) {
540 DEBUG(0,("Invalid name type in session request\n"));
544 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
545 name1, name_type1, name2, name_type2));
547 if (netbios_session_retarget(sconn, name1, name_type1)) {
548 exit_server_cleanly("retargeted client");
552 * Windows NT/2k uses "*SMBSERVER" and XP uses
553 * "*SMBSERV" arrggg!!!
555 if (strequal(name1, "*SMBSERVER ")
556 || strequal(name1, "*SMBSERV ")) {
557 fstrcpy(name1, sconn->client_id.addr);
560 set_local_machine_name(name1, True);
561 set_remote_machine_name(name2, True);
563 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
564 get_local_machine_name(), get_remote_machine_name(),
567 if (name_type2 == 'R') {
568 /* We are being asked for a pathworks session ---
570 SCVAL(outbuf, 0,0x83);
574 /* only add the client's machine name to the list
575 of possibly valid usernames if we are operating
576 in share mode security */
577 if (lp_security() == SEC_SHARE) {
578 add_session_user(sconn, get_remote_machine_name());
581 reload_services(sconn->msg_ctx, sconn->sock, True);
584 sconn->nbt.got_session = true;
588 case 0x89: /* session keepalive request
589 (some old clients produce this?) */
590 SCVAL(outbuf,0,SMBkeepalive);
594 case 0x82: /* positive session response */
595 case 0x83: /* negative session response */
596 case 0x84: /* retarget session response */
597 DEBUG(0,("Unexpected session response\n"));
600 case SMBkeepalive: /* session keepalive */
605 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
606 msg_type, msg_flags));
608 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
612 /****************************************************************************
614 conn POINTER CAN BE NULL HERE !
615 ****************************************************************************/
617 void reply_tcon(struct smb_request *req)
619 connection_struct *conn = req->conn;
621 char *service_buf = NULL;
622 char *password = NULL;
627 DATA_BLOB password_blob;
628 TALLOC_CTX *ctx = talloc_tos();
629 struct smbd_server_connection *sconn = req->sconn;
631 START_PROFILE(SMBtcon);
633 if (req->buflen < 4) {
634 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
635 END_PROFILE(SMBtcon);
639 p = (const char *)req->buf + 1;
640 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
642 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
644 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
647 if (service_buf == NULL || password == NULL || dev == NULL) {
648 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
649 END_PROFILE(SMBtcon);
652 p = strrchr_m(service_buf,'\\');
656 service = service_buf;
659 password_blob = data_blob(password, pwlen+1);
661 conn = make_connection(sconn,service,password_blob,dev,
662 req->vuid,&nt_status);
665 data_blob_clear_free(&password_blob);
668 reply_nterror(req, nt_status);
669 END_PROFILE(SMBtcon);
673 reply_outbuf(req, 2, 0);
674 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
675 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
676 SSVAL(req->outbuf,smb_tid,conn->cnum);
678 DEBUG(3,("tcon service=%s cnum=%d\n",
679 service, conn->cnum));
681 END_PROFILE(SMBtcon);
685 /****************************************************************************
686 Reply to a tcon and X.
687 conn POINTER CAN BE NULL HERE !
688 ****************************************************************************/
690 void reply_tcon_and_X(struct smb_request *req)
692 connection_struct *conn = req->conn;
693 const char *service = NULL;
695 TALLOC_CTX *ctx = talloc_tos();
696 /* what the cleint thinks the device is */
697 char *client_devicetype = NULL;
698 /* what the server tells the client the share represents */
699 const char *server_devicetype;
705 struct smbd_server_connection *sconn = req->sconn;
707 START_PROFILE(SMBtconX);
710 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
711 END_PROFILE(SMBtconX);
715 passlen = SVAL(req->vwv+3, 0);
716 tcon_flags = SVAL(req->vwv+2, 0);
718 /* we might have to close an old one */
719 if ((tcon_flags & 0x1) && conn) {
720 close_cnum(conn,req->vuid);
725 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
726 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
727 END_PROFILE(SMBtconX);
731 if (sconn->smb1.negprot.encrypted_passwords) {
732 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
733 if (lp_security() == SEC_SHARE) {
735 * Security = share always has a pad byte
736 * after the password.
738 p = (const char *)req->buf + passlen + 1;
740 p = (const char *)req->buf + passlen;
743 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
744 /* Ensure correct termination */
745 password.data[passlen]=0;
746 p = (const char *)req->buf + passlen + 1;
749 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
752 data_blob_clear_free(&password);
753 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
754 END_PROFILE(SMBtconX);
759 * the service name can be either: \\server\share
760 * or share directly like on the DELL PowerVault 705
763 q = strchr_m(path+2,'\\');
765 data_blob_clear_free(&password);
766 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
767 END_PROFILE(SMBtconX);
775 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
776 &client_devicetype, p,
777 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
779 if (client_devicetype == NULL) {
780 data_blob_clear_free(&password);
781 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
782 END_PROFILE(SMBtconX);
786 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
788 conn = make_connection(sconn, service, password, client_devicetype,
789 req->vuid, &nt_status);
792 data_blob_clear_free(&password);
795 reply_nterror(req, nt_status);
796 END_PROFILE(SMBtconX);
801 server_devicetype = "IPC";
802 else if ( IS_PRINT(conn) )
803 server_devicetype = "LPT1:";
805 server_devicetype = "A:";
807 if (get_Protocol() < PROTOCOL_NT1) {
808 reply_outbuf(req, 2, 0);
809 if (message_push_string(&req->outbuf, server_devicetype,
810 STR_TERMINATE|STR_ASCII) == -1) {
811 reply_nterror(req, NT_STATUS_NO_MEMORY);
812 END_PROFILE(SMBtconX);
816 /* NT sets the fstype of IPC$ to the null string */
817 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
819 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
820 /* Return permissions. */
824 reply_outbuf(req, 7, 0);
827 perm1 = FILE_ALL_ACCESS;
828 perm2 = FILE_ALL_ACCESS;
830 perm1 = CAN_WRITE(conn) ?
835 SIVAL(req->outbuf, smb_vwv3, perm1);
836 SIVAL(req->outbuf, smb_vwv5, perm2);
838 reply_outbuf(req, 3, 0);
841 if ((message_push_string(&req->outbuf, server_devicetype,
842 STR_TERMINATE|STR_ASCII) == -1)
843 || (message_push_string(&req->outbuf, fstype,
844 STR_TERMINATE) == -1)) {
845 reply_nterror(req, NT_STATUS_NO_MEMORY);
846 END_PROFILE(SMBtconX);
850 /* what does setting this bit do? It is set by NT4 and
851 may affect the ability to autorun mounted cdroms */
852 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
853 (lp_csc_policy(SNUM(conn)) << 2));
855 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
856 DEBUG(2,("Serving %s as a Dfs root\n",
857 lp_servicename(SNUM(conn)) ));
858 SSVAL(req->outbuf, smb_vwv2,
859 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
864 DEBUG(3,("tconX service=%s \n",
867 /* set the incoming and outgoing tid to the just created one */
868 SSVAL(req->inbuf,smb_tid,conn->cnum);
869 SSVAL(req->outbuf,smb_tid,conn->cnum);
871 END_PROFILE(SMBtconX);
873 req->tid = conn->cnum;
878 /****************************************************************************
879 Reply to an unknown type.
880 ****************************************************************************/
882 void reply_unknown_new(struct smb_request *req, uint8 type)
884 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
885 smb_fn_name(type), type, type));
886 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
890 /****************************************************************************
892 conn POINTER CAN BE NULL HERE !
893 ****************************************************************************/
895 void reply_ioctl(struct smb_request *req)
897 connection_struct *conn = req->conn;
904 START_PROFILE(SMBioctl);
907 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
908 END_PROFILE(SMBioctl);
912 device = SVAL(req->vwv+1, 0);
913 function = SVAL(req->vwv+2, 0);
914 ioctl_code = (device << 16) + function;
916 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
918 switch (ioctl_code) {
919 case IOCTL_QUERY_JOB_INFO:
923 reply_force_doserror(req, ERRSRV, ERRnosupport);
924 END_PROFILE(SMBioctl);
928 reply_outbuf(req, 8, replysize+1);
929 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
930 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
931 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
932 p = smb_buf(req->outbuf);
933 memset(p, '\0', replysize+1); /* valgrind-safe. */
934 p += 1; /* Allow for alignment */
936 switch (ioctl_code) {
937 case IOCTL_QUERY_JOB_INFO:
939 files_struct *fsp = file_fsp(
940 req, SVAL(req->vwv+0, 0));
942 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
943 END_PROFILE(SMBioctl);
947 if (fsp->print_file) {
948 SSVAL(p, 0, fsp->print_file->rap_jobid);
952 srvstr_push((char *)req->outbuf, req->flags2, p+2,
954 STR_TERMINATE|STR_ASCII);
956 srvstr_push((char *)req->outbuf, req->flags2,
957 p+18, lp_servicename(SNUM(conn)),
958 13, STR_TERMINATE|STR_ASCII);
966 END_PROFILE(SMBioctl);
970 /****************************************************************************
971 Strange checkpath NTSTATUS mapping.
972 ****************************************************************************/
974 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
976 /* Strange DOS error code semantics only for checkpath... */
977 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
978 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
979 /* We need to map to ERRbadpath */
980 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
986 /****************************************************************************
987 Reply to a checkpath.
988 ****************************************************************************/
990 void reply_checkpath(struct smb_request *req)
992 connection_struct *conn = req->conn;
993 struct smb_filename *smb_fname = NULL;
996 TALLOC_CTX *ctx = talloc_tos();
998 START_PROFILE(SMBcheckpath);
1000 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1001 STR_TERMINATE, &status);
1003 if (!NT_STATUS_IS_OK(status)) {
1004 status = map_checkpath_error(req->flags2, status);
1005 reply_nterror(req, status);
1006 END_PROFILE(SMBcheckpath);
1010 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1012 status = filename_convert(ctx,
1014 req->flags2 & FLAGS2_DFS_PATHNAMES,
1020 if (!NT_STATUS_IS_OK(status)) {
1021 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1022 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1023 ERRSRV, ERRbadpath);
1024 END_PROFILE(SMBcheckpath);
1030 if (!VALID_STAT(smb_fname->st) &&
1031 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1032 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1033 smb_fname_str_dbg(smb_fname), strerror(errno)));
1034 status = map_nt_error_from_unix(errno);
1038 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1039 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1040 ERRDOS, ERRbadpath);
1044 reply_outbuf(req, 0, 0);
1047 /* We special case this - as when a Windows machine
1048 is parsing a path is steps through the components
1049 one at a time - if a component fails it expects
1050 ERRbadpath, not ERRbadfile.
1052 status = map_checkpath_error(req->flags2, status);
1053 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1055 * Windows returns different error codes if
1056 * the parent directory is valid but not the
1057 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1058 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1059 * if the path is invalid.
1061 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1062 ERRDOS, ERRbadpath);
1066 reply_nterror(req, status);
1069 TALLOC_FREE(smb_fname);
1070 END_PROFILE(SMBcheckpath);
1074 /****************************************************************************
1076 ****************************************************************************/
1078 void reply_getatr(struct smb_request *req)
1080 connection_struct *conn = req->conn;
1081 struct smb_filename *smb_fname = NULL;
1088 TALLOC_CTX *ctx = talloc_tos();
1089 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1091 START_PROFILE(SMBgetatr);
1093 p = (const char *)req->buf + 1;
1094 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1095 if (!NT_STATUS_IS_OK(status)) {
1096 reply_nterror(req, status);
1100 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1101 under WfWg - weird! */
1102 if (*fname == '\0') {
1103 mode = aHIDDEN | aDIR;
1104 if (!CAN_WRITE(conn)) {
1110 status = filename_convert(ctx,
1112 req->flags2 & FLAGS2_DFS_PATHNAMES,
1117 if (!NT_STATUS_IS_OK(status)) {
1118 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1119 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1120 ERRSRV, ERRbadpath);
1123 reply_nterror(req, status);
1126 if (!VALID_STAT(smb_fname->st) &&
1127 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1128 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1129 smb_fname_str_dbg(smb_fname),
1131 reply_nterror(req, map_nt_error_from_unix(errno));
1135 mode = dos_mode(conn, smb_fname);
1136 size = smb_fname->st.st_ex_size;
1138 if (ask_sharemode) {
1139 struct timespec write_time_ts;
1140 struct file_id fileid;
1142 ZERO_STRUCT(write_time_ts);
1143 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1144 get_file_infos(fileid, 0, NULL, &write_time_ts);
1145 if (!null_timespec(write_time_ts)) {
1146 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1150 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1156 reply_outbuf(req, 10, 0);
1158 SSVAL(req->outbuf,smb_vwv0,mode);
1159 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1160 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1162 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1164 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1166 if (get_Protocol() >= PROTOCOL_NT1) {
1167 SSVAL(req->outbuf, smb_flg2,
1168 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1171 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1172 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1175 TALLOC_FREE(smb_fname);
1177 END_PROFILE(SMBgetatr);
1181 /****************************************************************************
1183 ****************************************************************************/
1185 void reply_setatr(struct smb_request *req)
1187 struct smb_file_time ft;
1188 connection_struct *conn = req->conn;
1189 struct smb_filename *smb_fname = NULL;
1195 TALLOC_CTX *ctx = talloc_tos();
1197 START_PROFILE(SMBsetatr);
1202 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1206 p = (const char *)req->buf + 1;
1207 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1208 if (!NT_STATUS_IS_OK(status)) {
1209 reply_nterror(req, status);
1213 status = filename_convert(ctx,
1215 req->flags2 & FLAGS2_DFS_PATHNAMES,
1220 if (!NT_STATUS_IS_OK(status)) {
1221 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1222 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1223 ERRSRV, ERRbadpath);
1226 reply_nterror(req, status);
1230 if (smb_fname->base_name[0] == '.' &&
1231 smb_fname->base_name[1] == '\0') {
1233 * Not sure here is the right place to catch this
1234 * condition. Might be moved to somewhere else later -- vl
1236 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1240 mode = SVAL(req->vwv+0, 0);
1241 mtime = srv_make_unix_date3(req->vwv+1);
1243 ft.mtime = convert_time_t_to_timespec(mtime);
1244 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1245 if (!NT_STATUS_IS_OK(status)) {
1246 reply_nterror(req, status);
1250 if (mode != FILE_ATTRIBUTE_NORMAL) {
1251 if (VALID_STAT_OF_DIR(smb_fname->st))
1256 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1258 reply_nterror(req, map_nt_error_from_unix(errno));
1263 reply_outbuf(req, 0, 0);
1265 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1268 TALLOC_FREE(smb_fname);
1269 END_PROFILE(SMBsetatr);
1273 /****************************************************************************
1275 ****************************************************************************/
1277 void reply_dskattr(struct smb_request *req)
1279 connection_struct *conn = req->conn;
1280 uint64_t dfree,dsize,bsize;
1281 START_PROFILE(SMBdskattr);
1283 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1284 reply_nterror(req, map_nt_error_from_unix(errno));
1285 END_PROFILE(SMBdskattr);
1289 reply_outbuf(req, 5, 0);
1291 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1292 double total_space, free_space;
1293 /* we need to scale this to a number that DOS6 can handle. We
1294 use floating point so we can handle large drives on systems
1295 that don't have 64 bit integers
1297 we end up displaying a maximum of 2G to DOS systems
1299 total_space = dsize * (double)bsize;
1300 free_space = dfree * (double)bsize;
1302 dsize = (uint64_t)((total_space+63*512) / (64*512));
1303 dfree = (uint64_t)((free_space+63*512) / (64*512));
1305 if (dsize > 0xFFFF) dsize = 0xFFFF;
1306 if (dfree > 0xFFFF) dfree = 0xFFFF;
1308 SSVAL(req->outbuf,smb_vwv0,dsize);
1309 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1310 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1311 SSVAL(req->outbuf,smb_vwv3,dfree);
1313 SSVAL(req->outbuf,smb_vwv0,dsize);
1314 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1315 SSVAL(req->outbuf,smb_vwv2,512);
1316 SSVAL(req->outbuf,smb_vwv3,dfree);
1319 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1321 END_PROFILE(SMBdskattr);
1326 * Utility function to split the filename from the directory.
1328 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1329 char **fname_dir_out,
1330 char **fname_mask_out)
1332 const char *p = NULL;
1333 char *fname_dir = NULL;
1334 char *fname_mask = NULL;
1336 p = strrchr_m(fname_in, '/');
1338 fname_dir = talloc_strdup(ctx, ".");
1339 fname_mask = talloc_strdup(ctx, fname_in);
1341 fname_dir = talloc_strndup(ctx, fname_in,
1342 PTR_DIFF(p, fname_in));
1343 fname_mask = talloc_strdup(ctx, p+1);
1346 if (!fname_dir || !fname_mask) {
1347 TALLOC_FREE(fname_dir);
1348 TALLOC_FREE(fname_mask);
1349 return NT_STATUS_NO_MEMORY;
1352 *fname_dir_out = fname_dir;
1353 *fname_mask_out = fname_mask;
1354 return NT_STATUS_OK;
1357 /****************************************************************************
1359 Can be called from SMBsearch, SMBffirst or SMBfunique.
1360 ****************************************************************************/
1362 void reply_search(struct smb_request *req)
1364 connection_struct *conn = req->conn;
1366 const char *mask = NULL;
1367 char *directory = NULL;
1368 struct smb_filename *smb_fname = NULL;
1372 struct timespec date;
1374 unsigned int numentries = 0;
1375 unsigned int maxentries = 0;
1376 bool finished = False;
1381 bool check_descend = False;
1382 bool expect_close = False;
1384 bool mask_contains_wcard = False;
1385 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1386 TALLOC_CTX *ctx = talloc_tos();
1387 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1388 struct dptr_struct *dirptr = NULL;
1389 struct smbd_server_connection *sconn = req->sconn;
1391 START_PROFILE(SMBsearch);
1394 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1398 if (lp_posix_pathnames()) {
1399 reply_unknown_new(req, req->cmd);
1403 /* If we were called as SMBffirst then we must expect close. */
1404 if(req->cmd == SMBffirst) {
1405 expect_close = True;
1408 reply_outbuf(req, 1, 3);
1409 maxentries = SVAL(req->vwv+0, 0);
1410 dirtype = SVAL(req->vwv+1, 0);
1411 p = (const char *)req->buf + 1;
1412 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1413 &nt_status, &mask_contains_wcard);
1414 if (!NT_STATUS_IS_OK(nt_status)) {
1415 reply_nterror(req, nt_status);
1420 status_len = SVAL(p, 0);
1423 /* dirtype &= ~aDIR; */
1425 if (status_len == 0) {
1426 nt_status = filename_convert(ctx, conn,
1427 req->flags2 & FLAGS2_DFS_PATHNAMES,
1429 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1430 &mask_contains_wcard,
1432 if (!NT_STATUS_IS_OK(nt_status)) {
1433 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1434 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1435 ERRSRV, ERRbadpath);
1438 reply_nterror(req, nt_status);
1442 directory = smb_fname->base_name;
1444 p = strrchr_m(directory,'/');
1445 if ((p != NULL) && (*directory != '/')) {
1447 directory = talloc_strndup(ctx, directory,
1448 PTR_DIFF(p, directory));
1451 directory = talloc_strdup(ctx,".");
1455 reply_nterror(req, NT_STATUS_NO_MEMORY);
1459 memset((char *)status,'\0',21);
1460 SCVAL(status,0,(dirtype & 0x1F));
1462 nt_status = dptr_create(conn,
1469 mask_contains_wcard,
1472 if (!NT_STATUS_IS_OK(nt_status)) {
1473 reply_nterror(req, nt_status);
1476 dptr_num = dptr_dnum(dirptr);
1479 const char *dirpath;
1481 memcpy(status,p,21);
1482 status_dirtype = CVAL(status,0) & 0x1F;
1483 if (status_dirtype != (dirtype & 0x1F)) {
1484 dirtype = status_dirtype;
1487 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1491 dirpath = dptr_path(sconn, dptr_num);
1492 directory = talloc_strdup(ctx, dirpath);
1494 reply_nterror(req, NT_STATUS_NO_MEMORY);
1498 mask = dptr_wcard(sconn, dptr_num);
1503 * For a 'continue' search we have no string. So
1504 * check from the initial saved string.
1506 mask_contains_wcard = ms_has_wild(mask);
1507 dirtype = dptr_attr(sconn, dptr_num);
1510 DEBUG(4,("dptr_num is %d\n",dptr_num));
1512 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1513 dptr_init_search_op(dirptr);
1515 if ((dirtype&0x1F) == aVOLID) {
1516 char buf[DIR_STRUCT_SIZE];
1517 memcpy(buf,status,21);
1518 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1519 0,aVOLID,0,!allow_long_path_components)) {
1520 reply_nterror(req, NT_STATUS_NO_MEMORY);
1523 dptr_fill(sconn, buf+12,dptr_num);
1524 if (dptr_zero(buf+12) && (status_len==0)) {
1529 if (message_push_blob(&req->outbuf,
1530 data_blob_const(buf, sizeof(buf)))
1532 reply_nterror(req, NT_STATUS_NO_MEMORY);
1540 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1543 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1544 directory,lp_dontdescend(SNUM(conn))));
1545 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1546 check_descend = True;
1549 for (i=numentries;(i<maxentries) && !finished;i++) {
1550 finished = !get_dir_entry(ctx,
1561 char buf[DIR_STRUCT_SIZE];
1562 memcpy(buf,status,21);
1563 if (!make_dir_struct(ctx,
1569 convert_timespec_to_time_t(date),
1570 !allow_long_path_components)) {
1571 reply_nterror(req, NT_STATUS_NO_MEMORY);
1574 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1577 if (message_push_blob(&req->outbuf,
1578 data_blob_const(buf, sizeof(buf)))
1580 reply_nterror(req, NT_STATUS_NO_MEMORY);
1590 /* If we were called as SMBffirst with smb_search_id == NULL
1591 and no entries were found then return error and close dirptr
1594 if (numentries == 0) {
1595 dptr_close(sconn, &dptr_num);
1596 } else if(expect_close && status_len == 0) {
1597 /* Close the dptr - we know it's gone */
1598 dptr_close(sconn, &dptr_num);
1601 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1602 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1603 dptr_close(sconn, &dptr_num);
1606 if ((numentries == 0) && !mask_contains_wcard) {
1607 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1611 SSVAL(req->outbuf,smb_vwv0,numentries);
1612 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1613 SCVAL(smb_buf(req->outbuf),0,5);
1614 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1616 /* The replies here are never long name. */
1617 SSVAL(req->outbuf, smb_flg2,
1618 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1619 if (!allow_long_path_components) {
1620 SSVAL(req->outbuf, smb_flg2,
1621 SVAL(req->outbuf, smb_flg2)
1622 & (~FLAGS2_LONG_PATH_COMPONENTS));
1625 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1626 SSVAL(req->outbuf, smb_flg2,
1627 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1629 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1630 smb_fn_name(req->cmd),
1637 TALLOC_FREE(directory);
1638 TALLOC_FREE(smb_fname);
1639 END_PROFILE(SMBsearch);
1643 /****************************************************************************
1644 Reply to a fclose (stop directory search).
1645 ****************************************************************************/
1647 void reply_fclose(struct smb_request *req)
1655 bool path_contains_wcard = False;
1656 TALLOC_CTX *ctx = talloc_tos();
1657 struct smbd_server_connection *sconn = req->sconn;
1659 START_PROFILE(SMBfclose);
1661 if (lp_posix_pathnames()) {
1662 reply_unknown_new(req, req->cmd);
1663 END_PROFILE(SMBfclose);
1667 p = (const char *)req->buf + 1;
1668 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1669 &err, &path_contains_wcard);
1670 if (!NT_STATUS_IS_OK(err)) {
1671 reply_nterror(req, err);
1672 END_PROFILE(SMBfclose);
1676 status_len = SVAL(p,0);
1679 if (status_len == 0) {
1680 reply_force_doserror(req, ERRSRV, ERRsrverror);
1681 END_PROFILE(SMBfclose);
1685 memcpy(status,p,21);
1687 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1688 /* Close the dptr - we know it's gone */
1689 dptr_close(sconn, &dptr_num);
1692 reply_outbuf(req, 1, 0);
1693 SSVAL(req->outbuf,smb_vwv0,0);
1695 DEBUG(3,("search close\n"));
1697 END_PROFILE(SMBfclose);
1701 /****************************************************************************
1703 ****************************************************************************/
1705 void reply_open(struct smb_request *req)
1707 connection_struct *conn = req->conn;
1708 struct smb_filename *smb_fname = NULL;
1720 uint32 create_disposition;
1721 uint32 create_options = 0;
1722 uint32_t private_flags = 0;
1724 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1725 TALLOC_CTX *ctx = talloc_tos();
1727 START_PROFILE(SMBopen);
1730 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1734 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1735 deny_mode = SVAL(req->vwv+0, 0);
1736 dos_attr = SVAL(req->vwv+1, 0);
1738 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1739 STR_TERMINATE, &status);
1740 if (!NT_STATUS_IS_OK(status)) {
1741 reply_nterror(req, status);
1745 status = filename_convert(ctx,
1747 req->flags2 & FLAGS2_DFS_PATHNAMES,
1752 if (!NT_STATUS_IS_OK(status)) {
1753 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1754 reply_botherror(req,
1755 NT_STATUS_PATH_NOT_COVERED,
1756 ERRSRV, ERRbadpath);
1759 reply_nterror(req, status);
1763 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1764 OPENX_FILE_EXISTS_OPEN, &access_mask,
1765 &share_mode, &create_disposition,
1766 &create_options, &private_flags)) {
1767 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1771 status = SMB_VFS_CREATE_FILE(
1774 0, /* root_dir_fid */
1775 smb_fname, /* fname */
1776 access_mask, /* access_mask */
1777 share_mode, /* share_access */
1778 create_disposition, /* create_disposition*/
1779 create_options, /* create_options */
1780 dos_attr, /* file_attributes */
1781 oplock_request, /* oplock_request */
1782 0, /* allocation_size */
1789 if (!NT_STATUS_IS_OK(status)) {
1790 if (open_was_deferred(req->mid)) {
1791 /* We have re-scheduled this call. */
1794 reply_openerror(req, status);
1798 size = smb_fname->st.st_ex_size;
1799 fattr = dos_mode(conn, smb_fname);
1801 /* Deal with other possible opens having a modified
1803 if (ask_sharemode) {
1804 struct timespec write_time_ts;
1806 ZERO_STRUCT(write_time_ts);
1807 get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
1808 if (!null_timespec(write_time_ts)) {
1809 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1813 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1816 DEBUG(3,("attempt to open a directory %s\n",
1818 close_file(req, fsp, ERROR_CLOSE);
1819 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1820 ERRDOS, ERRnoaccess);
1824 reply_outbuf(req, 7, 0);
1825 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1826 SSVAL(req->outbuf,smb_vwv1,fattr);
1827 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1828 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1830 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1832 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1833 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1835 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1836 SCVAL(req->outbuf,smb_flg,
1837 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1840 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1841 SCVAL(req->outbuf,smb_flg,
1842 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1845 TALLOC_FREE(smb_fname);
1846 END_PROFILE(SMBopen);
1850 /****************************************************************************
1851 Reply to an open and X.
1852 ****************************************************************************/
1854 void reply_open_and_X(struct smb_request *req)
1856 connection_struct *conn = req->conn;
1857 struct smb_filename *smb_fname = NULL;
1862 /* Breakout the oplock request bits so we can set the
1863 reply bits separately. */
1864 int ex_oplock_request;
1865 int core_oplock_request;
1868 int smb_sattr = SVAL(req->vwv+4, 0);
1869 uint32 smb_time = make_unix_date3(req->vwv+6);
1877 uint64_t allocation_size;
1878 ssize_t retval = -1;
1881 uint32 create_disposition;
1882 uint32 create_options = 0;
1883 uint32_t private_flags = 0;
1884 TALLOC_CTX *ctx = talloc_tos();
1886 START_PROFILE(SMBopenX);
1888 if (req->wct < 15) {
1889 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1893 open_flags = SVAL(req->vwv+2, 0);
1894 deny_mode = SVAL(req->vwv+3, 0);
1895 smb_attr = SVAL(req->vwv+5, 0);
1896 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1897 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1898 oplock_request = ex_oplock_request | core_oplock_request;
1899 smb_ofun = SVAL(req->vwv+8, 0);
1900 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1902 /* If it's an IPC, pass off the pipe handler. */
1904 if (lp_nt_pipe_support()) {
1905 reply_open_pipe_and_X(conn, req);
1907 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1912 /* XXXX we need to handle passed times, sattr and flags */
1913 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1914 STR_TERMINATE, &status);
1915 if (!NT_STATUS_IS_OK(status)) {
1916 reply_nterror(req, status);
1920 status = filename_convert(ctx,
1922 req->flags2 & FLAGS2_DFS_PATHNAMES,
1927 if (!NT_STATUS_IS_OK(status)) {
1928 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1929 reply_botherror(req,
1930 NT_STATUS_PATH_NOT_COVERED,
1931 ERRSRV, ERRbadpath);
1934 reply_nterror(req, status);
1938 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1939 &access_mask, &share_mode,
1940 &create_disposition,
1943 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1947 status = SMB_VFS_CREATE_FILE(
1950 0, /* root_dir_fid */
1951 smb_fname, /* fname */
1952 access_mask, /* access_mask */
1953 share_mode, /* share_access */
1954 create_disposition, /* create_disposition*/
1955 create_options, /* create_options */
1956 smb_attr, /* file_attributes */
1957 oplock_request, /* oplock_request */
1958 0, /* allocation_size */
1963 &smb_action); /* pinfo */
1965 if (!NT_STATUS_IS_OK(status)) {
1966 if (open_was_deferred(req->mid)) {
1967 /* We have re-scheduled this call. */
1970 reply_openerror(req, status);
1974 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1975 if the file is truncated or created. */
1976 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1977 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1978 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1979 close_file(req, fsp, ERROR_CLOSE);
1980 reply_nterror(req, NT_STATUS_DISK_FULL);
1983 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1985 close_file(req, fsp, ERROR_CLOSE);
1986 reply_nterror(req, NT_STATUS_DISK_FULL);
1989 status = vfs_stat_fsp(fsp);
1990 if (!NT_STATUS_IS_OK(status)) {
1991 close_file(req, fsp, ERROR_CLOSE);
1992 reply_nterror(req, status);
1997 fattr = dos_mode(conn, fsp->fsp_name);
1998 mtime = convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime);
2000 close_file(req, fsp, ERROR_CLOSE);
2001 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2005 /* If the caller set the extended oplock request bit
2006 and we granted one (by whatever means) - set the
2007 correct bit for extended oplock reply.
2010 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2011 smb_action |= EXTENDED_OPLOCK_GRANTED;
2014 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2015 smb_action |= EXTENDED_OPLOCK_GRANTED;
2018 /* If the caller set the core oplock request bit
2019 and we granted one (by whatever means) - set the
2020 correct bit for core oplock reply.
2023 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2024 reply_outbuf(req, 19, 0);
2026 reply_outbuf(req, 15, 0);
2029 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2030 SCVAL(req->outbuf, smb_flg,
2031 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2034 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2035 SCVAL(req->outbuf, smb_flg,
2036 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2039 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2040 SSVAL(req->outbuf,smb_vwv3,fattr);
2041 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2042 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2044 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2046 SIVAL(req->outbuf,smb_vwv6,(uint32)fsp->fsp_name->st.st_ex_size);
2047 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2048 SSVAL(req->outbuf,smb_vwv11,smb_action);
2050 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2051 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2056 TALLOC_FREE(smb_fname);
2057 END_PROFILE(SMBopenX);
2061 /****************************************************************************
2062 Reply to a SMBulogoffX.
2063 ****************************************************************************/
2065 void reply_ulogoffX(struct smb_request *req)
2067 struct smbd_server_connection *sconn = req->sconn;
2070 START_PROFILE(SMBulogoffX);
2072 vuser = get_valid_user_struct(sconn, req->vuid);
2075 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2079 /* in user level security we are supposed to close any files
2080 open by this user */
2081 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2082 file_close_user(sconn, req->vuid);
2085 invalidate_vuid(sconn, req->vuid);
2087 reply_outbuf(req, 2, 0);
2089 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2091 END_PROFILE(SMBulogoffX);
2092 req->vuid = UID_FIELD_INVALID;
2096 /****************************************************************************
2097 Reply to a mknew or a create.
2098 ****************************************************************************/
2100 void reply_mknew(struct smb_request *req)
2102 connection_struct *conn = req->conn;
2103 struct smb_filename *smb_fname = NULL;
2106 struct smb_file_time ft;
2108 int oplock_request = 0;
2110 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2111 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2112 uint32 create_disposition;
2113 uint32 create_options = 0;
2114 TALLOC_CTX *ctx = talloc_tos();
2116 START_PROFILE(SMBcreate);
2120 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2124 fattr = SVAL(req->vwv+0, 0);
2125 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2128 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2130 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2131 STR_TERMINATE, &status);
2132 if (!NT_STATUS_IS_OK(status)) {
2133 reply_nterror(req, status);
2137 status = filename_convert(ctx,
2139 req->flags2 & FLAGS2_DFS_PATHNAMES,
2144 if (!NT_STATUS_IS_OK(status)) {
2145 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2146 reply_botherror(req,
2147 NT_STATUS_PATH_NOT_COVERED,
2148 ERRSRV, ERRbadpath);
2151 reply_nterror(req, status);
2155 if (fattr & aVOLID) {
2156 DEBUG(0,("Attempt to create file (%s) with volid set - "
2157 "please report this\n",
2158 smb_fname_str_dbg(smb_fname)));
2161 if(req->cmd == SMBmknew) {
2162 /* We should fail if file exists. */
2163 create_disposition = FILE_CREATE;
2165 /* Create if file doesn't exist, truncate if it does. */
2166 create_disposition = FILE_OVERWRITE_IF;
2169 status = SMB_VFS_CREATE_FILE(
2172 0, /* root_dir_fid */
2173 smb_fname, /* fname */
2174 access_mask, /* access_mask */
2175 share_mode, /* share_access */
2176 create_disposition, /* create_disposition*/
2177 create_options, /* create_options */
2178 fattr, /* file_attributes */
2179 oplock_request, /* oplock_request */
2180 0, /* allocation_size */
2181 0, /* private_flags */
2187 if (!NT_STATUS_IS_OK(status)) {
2188 if (open_was_deferred(req->mid)) {
2189 /* We have re-scheduled this call. */
2192 reply_openerror(req, status);
2196 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2197 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2198 if (!NT_STATUS_IS_OK(status)) {
2199 END_PROFILE(SMBcreate);
2203 reply_outbuf(req, 1, 0);
2204 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2206 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2207 SCVAL(req->outbuf,smb_flg,
2208 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2211 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2212 SCVAL(req->outbuf,smb_flg,
2213 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2216 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2217 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2218 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2219 (unsigned int)fattr));
2222 TALLOC_FREE(smb_fname);
2223 END_PROFILE(SMBcreate);
2227 /****************************************************************************
2228 Reply to a create temporary file.
2229 ****************************************************************************/
2231 void reply_ctemp(struct smb_request *req)
2233 connection_struct *conn = req->conn;
2234 struct smb_filename *smb_fname = NULL;
2242 TALLOC_CTX *ctx = talloc_tos();
2244 START_PROFILE(SMBctemp);
2247 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2251 fattr = SVAL(req->vwv+0, 0);
2252 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2254 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2255 STR_TERMINATE, &status);
2256 if (!NT_STATUS_IS_OK(status)) {
2257 reply_nterror(req, status);
2261 fname = talloc_asprintf(ctx,
2265 fname = talloc_strdup(ctx, "TMXXXXXX");
2269 reply_nterror(req, NT_STATUS_NO_MEMORY);
2273 status = filename_convert(ctx, conn,
2274 req->flags2 & FLAGS2_DFS_PATHNAMES,
2279 if (!NT_STATUS_IS_OK(status)) {
2280 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2281 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2282 ERRSRV, ERRbadpath);
2285 reply_nterror(req, status);
2289 tmpfd = mkstemp(smb_fname->base_name);
2291 reply_nterror(req, map_nt_error_from_unix(errno));
2295 SMB_VFS_STAT(conn, smb_fname);
2297 /* We should fail if file does not exist. */
2298 status = SMB_VFS_CREATE_FILE(
2301 0, /* root_dir_fid */
2302 smb_fname, /* fname */
2303 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2304 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2305 FILE_OPEN, /* create_disposition*/
2306 0, /* create_options */
2307 fattr, /* file_attributes */
2308 oplock_request, /* oplock_request */
2309 0, /* allocation_size */
2310 0, /* private_flags */
2316 /* close fd from mkstemp() */
2319 if (!NT_STATUS_IS_OK(status)) {
2320 if (open_was_deferred(req->mid)) {
2321 /* We have re-scheduled this call. */
2324 reply_openerror(req, status);
2328 reply_outbuf(req, 1, 0);
2329 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2331 /* the returned filename is relative to the directory */
2332 s = strrchr_m(fsp->fsp_name->base_name, '/');
2334 s = fsp->fsp_name->base_name;
2340 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2341 thing in the byte section. JRA */
2342 SSVALS(p, 0, -1); /* what is this? not in spec */
2344 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2346 reply_nterror(req, NT_STATUS_NO_MEMORY);
2350 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2351 SCVAL(req->outbuf, smb_flg,
2352 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2355 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2356 SCVAL(req->outbuf, smb_flg,
2357 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2360 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2361 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2362 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2364 TALLOC_FREE(smb_fname);
2365 END_PROFILE(SMBctemp);
2369 /*******************************************************************
2370 Check if a user is allowed to rename a file.
2371 ********************************************************************/
2373 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2378 if (!CAN_WRITE(conn)) {
2379 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2382 fmode = dos_mode(conn, fsp->fsp_name);
2383 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2384 return NT_STATUS_NO_SUCH_FILE;
2387 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2388 if (fsp->posix_open) {
2389 return NT_STATUS_OK;
2392 /* If no pathnames are open below this
2393 directory, allow the rename. */
2395 if (file_find_subpath(fsp)) {
2396 return NT_STATUS_ACCESS_DENIED;
2398 return NT_STATUS_OK;
2401 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2402 return NT_STATUS_OK;
2405 return NT_STATUS_ACCESS_DENIED;
2408 /*******************************************************************
2409 * unlink a file with all relevant access checks
2410 *******************************************************************/
2412 static NTSTATUS do_unlink(connection_struct *conn,
2413 struct smb_request *req,
2414 struct smb_filename *smb_fname,
2419 uint32 dirtype_orig = dirtype;
2422 bool posix_paths = lp_posix_pathnames();
2424 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2425 smb_fname_str_dbg(smb_fname),
2428 if (!CAN_WRITE(conn)) {
2429 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2433 ret = SMB_VFS_LSTAT(conn, smb_fname);
2435 ret = SMB_VFS_STAT(conn, smb_fname);
2438 return map_nt_error_from_unix(errno);
2441 fattr = dos_mode(conn, smb_fname);
2443 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2444 dirtype = aDIR|aARCH|aRONLY;
2447 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2449 return NT_STATUS_NO_SUCH_FILE;
2452 if (!dir_check_ftype(conn, fattr, dirtype)) {
2454 return NT_STATUS_FILE_IS_A_DIRECTORY;
2456 return NT_STATUS_NO_SUCH_FILE;
2459 if (dirtype_orig & 0x8000) {
2460 /* These will never be set for POSIX. */
2461 return NT_STATUS_NO_SUCH_FILE;
2465 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2466 return NT_STATUS_FILE_IS_A_DIRECTORY;
2469 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2470 return NT_STATUS_NO_SUCH_FILE;
2473 if (dirtype & 0xFF00) {
2474 /* These will never be set for POSIX. */
2475 return NT_STATUS_NO_SUCH_FILE;
2480 return NT_STATUS_NO_SUCH_FILE;
2483 /* Can't delete a directory. */
2485 return NT_STATUS_FILE_IS_A_DIRECTORY;
2490 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2491 return NT_STATUS_OBJECT_NAME_INVALID;
2492 #endif /* JRATEST */
2494 /* On open checks the open itself will check the share mode, so
2495 don't do it here as we'll get it wrong. */
2497 status = SMB_VFS_CREATE_FILE
2500 0, /* root_dir_fid */
2501 smb_fname, /* fname */
2502 DELETE_ACCESS, /* access_mask */
2503 FILE_SHARE_NONE, /* share_access */
2504 FILE_OPEN, /* create_disposition*/
2505 FILE_NON_DIRECTORY_FILE, /* create_options */
2506 /* file_attributes */
2507 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2508 FILE_ATTRIBUTE_NORMAL,
2509 0, /* oplock_request */
2510 0, /* allocation_size */
2511 0, /* private_flags */
2517 if (!NT_STATUS_IS_OK(status)) {
2518 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2519 nt_errstr(status)));
2523 status = can_set_delete_on_close(fsp, fattr);
2524 if (!NT_STATUS_IS_OK(status)) {
2525 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2527 smb_fname_str_dbg(smb_fname),
2528 nt_errstr(status)));
2529 close_file(req, fsp, NORMAL_CLOSE);
2533 /* The set is across all open files on this dev/inode pair. */
2534 if (!set_delete_on_close(fsp, True, &conn->session_info->utok)) {
2535 close_file(req, fsp, NORMAL_CLOSE);
2536 return NT_STATUS_ACCESS_DENIED;
2539 return close_file(req, fsp, NORMAL_CLOSE);
2542 /****************************************************************************
2543 The guts of the unlink command, split out so it may be called by the NT SMB
2545 ****************************************************************************/
2547 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2548 uint32 dirtype, struct smb_filename *smb_fname,
2551 char *fname_dir = NULL;
2552 char *fname_mask = NULL;
2554 NTSTATUS status = NT_STATUS_OK;
2555 TALLOC_CTX *ctx = talloc_tos();
2557 /* Split up the directory from the filename/mask. */
2558 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2559 &fname_dir, &fname_mask);
2560 if (!NT_STATUS_IS_OK(status)) {
2565 * We should only check the mangled cache
2566 * here if unix_convert failed. This means
2567 * that the path in 'mask' doesn't exist
2568 * on the file system and so we need to look
2569 * for a possible mangle. This patch from
2570 * Tine Smukavec <valentin.smukavec@hermes.si>.
2573 if (!VALID_STAT(smb_fname->st) &&
2574 mangle_is_mangled(fname_mask, conn->params)) {
2575 char *new_mask = NULL;
2576 mangle_lookup_name_from_8_3(ctx, fname_mask,
2577 &new_mask, conn->params);
2579 TALLOC_FREE(fname_mask);
2580 fname_mask = new_mask;
2587 * Only one file needs to be unlinked. Append the mask back
2588 * onto the directory.
2590 TALLOC_FREE(smb_fname->base_name);
2591 if (ISDOT(fname_dir)) {
2592 /* Ensure we use canonical names on open. */
2593 smb_fname->base_name = talloc_asprintf(smb_fname,
2597 smb_fname->base_name = talloc_asprintf(smb_fname,
2602 if (!smb_fname->base_name) {
2603 status = NT_STATUS_NO_MEMORY;
2607 dirtype = FILE_ATTRIBUTE_NORMAL;
2610 status = check_name(conn, smb_fname->base_name);
2611 if (!NT_STATUS_IS_OK(status)) {
2615 status = do_unlink(conn, req, smb_fname, dirtype);
2616 if (!NT_STATUS_IS_OK(status)) {
2622 struct smb_Dir *dir_hnd = NULL;
2624 const char *dname = NULL;
2625 char *talloced = NULL;
2627 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2628 status = NT_STATUS_OBJECT_NAME_INVALID;
2632 if (strequal(fname_mask,"????????.???")) {
2633 TALLOC_FREE(fname_mask);
2634 fname_mask = talloc_strdup(ctx, "*");
2636 status = NT_STATUS_NO_MEMORY;
2641 status = check_name(conn, fname_dir);
2642 if (!NT_STATUS_IS_OK(status)) {
2646 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2648 if (dir_hnd == NULL) {
2649 status = map_nt_error_from_unix(errno);
2653 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2654 the pattern matches against the long name, otherwise the short name
2655 We don't implement this yet XXXX
2658 status = NT_STATUS_NO_SUCH_FILE;
2660 while ((dname = ReadDirName(dir_hnd, &offset,
2661 &smb_fname->st, &talloced))) {
2662 TALLOC_CTX *frame = talloc_stackframe();
2664 if (!is_visible_file(conn, fname_dir, dname,
2665 &smb_fname->st, true)) {
2667 TALLOC_FREE(talloced);
2671 /* Quick check for "." and ".." */
2672 if (ISDOT(dname) || ISDOTDOT(dname)) {
2674 TALLOC_FREE(talloced);
2678 if(!mask_match(dname, fname_mask,
2679 conn->case_sensitive)) {
2681 TALLOC_FREE(talloced);
2685 TALLOC_FREE(smb_fname->base_name);
2686 if (ISDOT(fname_dir)) {
2687 /* Ensure we use canonical names on open. */
2688 smb_fname->base_name =
2689 talloc_asprintf(smb_fname, "%s",
2692 smb_fname->base_name =
2693 talloc_asprintf(smb_fname, "%s/%s",
2697 if (!smb_fname->base_name) {
2698 TALLOC_FREE(dir_hnd);
2699 status = NT_STATUS_NO_MEMORY;
2701 TALLOC_FREE(talloced);
2705 status = check_name(conn, smb_fname->base_name);
2706 if (!NT_STATUS_IS_OK(status)) {
2707 TALLOC_FREE(dir_hnd);
2709 TALLOC_FREE(talloced);
2713 status = do_unlink(conn, req, smb_fname, dirtype);
2714 if (!NT_STATUS_IS_OK(status)) {
2716 TALLOC_FREE(talloced);
2721 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2722 smb_fname->base_name));
2725 TALLOC_FREE(talloced);
2727 TALLOC_FREE(dir_hnd);
2730 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2731 status = map_nt_error_from_unix(errno);
2735 TALLOC_FREE(fname_dir);
2736 TALLOC_FREE(fname_mask);
2740 /****************************************************************************
2742 ****************************************************************************/
2744 void reply_unlink(struct smb_request *req)
2746 connection_struct *conn = req->conn;
2748 struct smb_filename *smb_fname = NULL;
2751 bool path_contains_wcard = False;
2752 TALLOC_CTX *ctx = talloc_tos();
2754 START_PROFILE(SMBunlink);
2757 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2761 dirtype = SVAL(req->vwv+0, 0);
2763 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2764 STR_TERMINATE, &status,
2765 &path_contains_wcard);
2766 if (!NT_STATUS_IS_OK(status)) {
2767 reply_nterror(req, status);
2771 status = filename_convert(ctx, conn,
2772 req->flags2 & FLAGS2_DFS_PATHNAMES,
2774 UCF_COND_ALLOW_WCARD_LCOMP,
2775 &path_contains_wcard,
2777 if (!NT_STATUS_IS_OK(status)) {
2778 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2779 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2780 ERRSRV, ERRbadpath);
2783 reply_nterror(req, status);
2787 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2789 status = unlink_internals(conn, req, dirtype, smb_fname,
2790 path_contains_wcard);
2791 if (!NT_STATUS_IS_OK(status)) {
2792 if (open_was_deferred(req->mid)) {
2793 /* We have re-scheduled this call. */
2796 reply_nterror(req, status);
2800 reply_outbuf(req, 0, 0);
2802 TALLOC_FREE(smb_fname);
2803 END_PROFILE(SMBunlink);
2807 /****************************************************************************
2809 ****************************************************************************/
2811 static void fail_readraw(void)
2813 const char *errstr = talloc_asprintf(talloc_tos(),
2814 "FAIL ! reply_readbraw: socket write fail (%s)",
2819 exit_server_cleanly(errstr);
2822 /****************************************************************************
2823 Fake (read/write) sendfile. Returns -1 on read or write fail.
2824 ****************************************************************************/
2826 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
2829 size_t tosend = nread;
2836 bufsize = MIN(nread, 65536);
2838 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2842 while (tosend > 0) {
2846 if (tosend > bufsize) {
2851 ret = read_file(fsp,buf,startpos,cur_read);
2857 /* If we had a short read, fill with zeros. */
2858 if (ret < cur_read) {
2859 memset(buf + ret, '\0', cur_read - ret);
2862 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2864 char addr[INET6_ADDRSTRLEN];
2866 * Try and give an error message saying what
2869 DEBUG(0, ("write_data failed for client %s. "
2871 get_peer_addr(fsp->conn->sconn->sock, addr,
2878 startpos += cur_read;
2882 return (ssize_t)nread;
2885 /****************************************************************************
2886 Deal with the case of sendfile reading less bytes from the file than
2887 requested. Fill with zeros (all we can do).
2888 ****************************************************************************/
2890 void sendfile_short_send(files_struct *fsp,
2895 #define SHORT_SEND_BUFSIZE 1024
2896 if (nread < headersize) {
2897 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2898 "header for file %s (%s). Terminating\n",
2899 fsp_str_dbg(fsp), strerror(errno)));
2900 exit_server_cleanly("sendfile_short_send failed");
2903 nread -= headersize;
2905 if (nread < smb_maxcnt) {
2906 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2908 exit_server_cleanly("sendfile_short_send: "
2912 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2913 "with zeros !\n", fsp_str_dbg(fsp)));
2915 while (nread < smb_maxcnt) {
2917 * We asked for the real file size and told sendfile
2918 * to not go beyond the end of the file. But it can
2919 * happen that in between our fstat call and the
2920 * sendfile call the file was truncated. This is very
2921 * bad because we have already announced the larger
2922 * number of bytes to the client.
2924 * The best we can do now is to send 0-bytes, just as
2925 * a read from a hole in a sparse file would do.
2927 * This should happen rarely enough that I don't care
2928 * about efficiency here :-)
2932 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2933 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2935 char addr[INET6_ADDRSTRLEN];
2937 * Try and give an error message saying what
2940 DEBUG(0, ("write_data failed for client %s. "
2943 fsp->conn->sconn->sock, addr,
2946 exit_server_cleanly("sendfile_short_send: "
2947 "write_data failed");
2955 /****************************************************************************
2956 Return a readbraw error (4 bytes of zero).
2957 ****************************************************************************/
2959 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2965 smbd_lock_socket(sconn);
2966 if (write_data(sconn->sock,header,4) != 4) {
2967 char addr[INET6_ADDRSTRLEN];
2969 * Try and give an error message saying what
2972 DEBUG(0, ("write_data failed for client %s. "
2974 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2979 smbd_unlock_socket(sconn);
2982 /****************************************************************************
2983 Use sendfile in readbraw.
2984 ****************************************************************************/
2986 static void send_file_readbraw(connection_struct *conn,
2987 struct smb_request *req,
2993 struct smbd_server_connection *sconn = req->sconn;
2994 char *outbuf = NULL;
2998 * We can only use sendfile on a non-chained packet
2999 * but we can use on a non-oplocked file. tridge proved this
3000 * on a train in Germany :-). JRA.
3001 * reply_readbraw has already checked the length.
3004 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
3005 (fsp->wcp == NULL) &&
3006 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3007 ssize_t sendfile_read = -1;
3009 DATA_BLOB header_blob;
3011 _smb_setlen(header,nread);
3012 header_blob = data_blob_const(header, 4);
3014 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
3015 &header_blob, startpos,
3017 if (sendfile_read == -1) {
3018 /* Returning ENOSYS means no data at all was sent.
3019 * Do this as a normal read. */
3020 if (errno == ENOSYS) {
3021 goto normal_readbraw;
3025 * Special hack for broken Linux with no working sendfile. If we
3026 * return EINTR we sent the header but not the rest of the data.
3027 * Fake this up by doing read/write calls.
3029 if (errno == EINTR) {
3030 /* Ensure we don't do this again. */
3031 set_use_sendfile(SNUM(conn), False);
3032 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3034 if (fake_sendfile(fsp, startpos, nread) == -1) {
3035 DEBUG(0,("send_file_readbraw: "
3036 "fake_sendfile failed for "
3040 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3045 DEBUG(0,("send_file_readbraw: sendfile failed for "
3046 "file %s (%s). Terminating\n",
3047 fsp_str_dbg(fsp), strerror(errno)));
3048 exit_server_cleanly("send_file_readbraw sendfile failed");
3049 } else if (sendfile_read == 0) {
3051 * Some sendfile implementations return 0 to indicate
3052 * that there was a short read, but nothing was
3053 * actually written to the socket. In this case,
3054 * fallback to the normal read path so the header gets
3055 * the correct byte count.
3057 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3058 "bytes falling back to the normal read: "
3059 "%s\n", fsp_str_dbg(fsp)));
3060 goto normal_readbraw;
3063 /* Deal with possible short send. */
3064 if (sendfile_read != 4+nread) {
3065 sendfile_short_send(fsp, sendfile_read, 4, nread);
3072 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3074 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3075 (unsigned)(nread+4)));
3076 reply_readbraw_error(sconn);
3081 ret = read_file(fsp,outbuf+4,startpos,nread);
3082 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3091 _smb_setlen(outbuf,ret);
3092 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3093 char addr[INET6_ADDRSTRLEN];
3095 * Try and give an error message saying what
3098 DEBUG(0, ("write_data failed for client %s. "
3100 get_peer_addr(fsp->conn->sconn->sock, addr,
3107 TALLOC_FREE(outbuf);
3110 /****************************************************************************
3111 Reply to a readbraw (core+ protocol).
3112 ****************************************************************************/
3114 void reply_readbraw(struct smb_request *req)
3116 connection_struct *conn = req->conn;
3117 struct smbd_server_connection *sconn = req->sconn;
3118 ssize_t maxcount,mincount;
3122 struct lock_struct lock;
3125 START_PROFILE(SMBreadbraw);
3127 if (srv_is_signing_active(sconn) ||
3128 is_encrypted_packet(req->inbuf)) {
3129 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3130 "raw reads/writes are disallowed.");
3134 reply_readbraw_error(sconn);
3135 END_PROFILE(SMBreadbraw);
3139 if (sconn->smb1.echo_handler.trusted_fde) {
3140 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3141 "'async smb echo handler = yes'\n"));
3142 reply_readbraw_error(sconn);
3143 END_PROFILE(SMBreadbraw);
3148 * Special check if an oplock break has been issued
3149 * and the readraw request croses on the wire, we must
3150 * return a zero length response here.
3153 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3156 * We have to do a check_fsp by hand here, as
3157 * we must always return 4 zero bytes on error,
3161 if (!fsp || !conn || conn != fsp->conn ||
3162 req->vuid != fsp->vuid ||
3163 fsp->is_directory || fsp->fh->fd == -1) {
3165 * fsp could be NULL here so use the value from the packet. JRA.
3167 DEBUG(3,("reply_readbraw: fnum %d not valid "
3169 (int)SVAL(req->vwv+0, 0)));
3170 reply_readbraw_error(sconn);
3171 END_PROFILE(SMBreadbraw);
3175 /* Do a "by hand" version of CHECK_READ. */
3176 if (!(fsp->can_read ||
3177 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3178 (fsp->access_mask & FILE_EXECUTE)))) {
3179 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3180 (int)SVAL(req->vwv+0, 0)));
3181 reply_readbraw_error(sconn);
3182 END_PROFILE(SMBreadbraw);
3186 flush_write_cache(fsp, READRAW_FLUSH);
3188 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3189 if(req->wct == 10) {
3191 * This is a large offset (64 bit) read.
3193 #ifdef LARGE_SMB_OFF_T
3195 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3197 #else /* !LARGE_SMB_OFF_T */
3200 * Ensure we haven't been sent a >32 bit offset.
3203 if(IVAL(req->vwv+8, 0) != 0) {
3204 DEBUG(0,("reply_readbraw: large offset "
3205 "(%x << 32) used and we don't support "
3206 "64 bit offsets.\n",
3207 (unsigned int)IVAL(req->vwv+8, 0) ));
3208 reply_readbraw_error();
3209 END_PROFILE(SMBreadbraw);
3213 #endif /* LARGE_SMB_OFF_T */
3216 DEBUG(0,("reply_readbraw: negative 64 bit "
3217 "readraw offset (%.0f) !\n",
3218 (double)startpos ));
3219 reply_readbraw_error(sconn);
3220 END_PROFILE(SMBreadbraw);
3225 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3226 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3228 /* ensure we don't overrun the packet size */
3229 maxcount = MIN(65535,maxcount);
3231 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3232 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3235 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3236 reply_readbraw_error(sconn);
3237 END_PROFILE(SMBreadbraw);
3241 if (fsp_stat(fsp) == 0) {
3242 size = fsp->fsp_name->st.st_ex_size;
3245 if (startpos >= size) {
3248 nread = MIN(maxcount,(size - startpos));
3251 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3252 if (nread < mincount)
3256 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3257 "min=%lu nread=%lu\n",
3258 fsp->fnum, (double)startpos,
3259 (unsigned long)maxcount,
3260 (unsigned long)mincount,
3261 (unsigned long)nread ) );
3263 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3265 DEBUG(5,("reply_readbraw finished\n"));
3267 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3269 END_PROFILE(SMBreadbraw);
3274 #define DBGC_CLASS DBGC_LOCKING
3276 /****************************************************************************
3277 Reply to a lockread (core+ protocol).
3278 ****************************************************************************/
3280 void reply_lockread(struct smb_request *req)
3282 connection_struct *conn = req->conn;
3289 struct byte_range_lock *br_lck = NULL;
3291 struct smbd_server_connection *sconn = req->sconn;
3293 START_PROFILE(SMBlockread);
3296 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3297 END_PROFILE(SMBlockread);
3301 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3303 if (!check_fsp(conn, req, fsp)) {
3304 END_PROFILE(SMBlockread);
3308 if (!CHECK_READ(fsp,req)) {
3309 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3310 END_PROFILE(SMBlockread);
3314 numtoread = SVAL(req->vwv+1, 0);
3315 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3317 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3319 reply_outbuf(req, 5, numtoread + 3);
3321 data = smb_buf(req->outbuf) + 3;
3324 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3325 * protocol request that predates the read/write lock concept.
3326 * Thus instead of asking for a read lock here we need to ask
3327 * for a write lock. JRA.
3328 * Note that the requested lock size is unaffected by max_recv.
3331 br_lck = do_lock(req->sconn->msg_ctx,
3333 (uint64_t)req->smbpid,
3334 (uint64_t)numtoread,
3338 False, /* Non-blocking lock. */
3342 TALLOC_FREE(br_lck);
3344 if (NT_STATUS_V(status)) {
3345 reply_nterror(req, status);
3346 END_PROFILE(SMBlockread);
3351 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3354 if (numtoread > sconn->smb1.negprot.max_recv) {
3355 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3356 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3357 (unsigned int)numtoread,
3358 (unsigned int)sconn->smb1.negprot.max_recv));
3359 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3361 nread = read_file(fsp,data,startpos,numtoread);
3364 reply_nterror(req, map_nt_error_from_unix(errno));
3365 END_PROFILE(SMBlockread);
3369 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3371 SSVAL(req->outbuf,smb_vwv0,nread);
3372 SSVAL(req->outbuf,smb_vwv5,nread+3);
3373 p = smb_buf(req->outbuf);
3374 SCVAL(p,0,0); /* pad byte. */
3377 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3378 fsp->fnum, (int)numtoread, (int)nread));
3380 END_PROFILE(SMBlockread);
3385 #define DBGC_CLASS DBGC_ALL
3387 /****************************************************************************
3389 ****************************************************************************/
3391 void reply_read(struct smb_request *req)
3393 connection_struct *conn = req->conn;
3400 struct lock_struct lock;
3401 struct smbd_server_connection *sconn = req->sconn;
3403 START_PROFILE(SMBread);
3406 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3407 END_PROFILE(SMBread);
3411 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3413 if (!check_fsp(conn, req, fsp)) {
3414 END_PROFILE(SMBread);
3418 if (!CHECK_READ(fsp,req)) {
3419 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3420 END_PROFILE(SMBread);
3424 numtoread = SVAL(req->vwv+1, 0);
3425 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3427 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3430 * The requested read size cannot be greater than max_recv. JRA.
3432 if (numtoread > sconn->smb1.negprot.max_recv) {
3433 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3434 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3435 (unsigned int)numtoread,
3436 (unsigned int)sconn->smb1.negprot.max_recv));
3437 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3440 reply_outbuf(req, 5, numtoread+3);
3442 data = smb_buf(req->outbuf) + 3;
3444 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3445 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3448 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3449 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3450 END_PROFILE(SMBread);
3455 nread = read_file(fsp,data,startpos,numtoread);
3458 reply_nterror(req, map_nt_error_from_unix(errno));
3462 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3464 SSVAL(req->outbuf,smb_vwv0,nread);
3465 SSVAL(req->outbuf,smb_vwv5,nread+3);
3466 SCVAL(smb_buf(req->outbuf),0,1);
3467 SSVAL(smb_buf(req->outbuf),1,nread);
3469 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3470 fsp->fnum, (int)numtoread, (int)nread ) );
3473 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3475 END_PROFILE(SMBread);
3479 /****************************************************************************
3481 ****************************************************************************/
3483 static int setup_readX_header(struct smb_request *req, char *outbuf,
3489 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3490 data = smb_buf(outbuf);
3492 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3494 SCVAL(outbuf,smb_vwv0,0xFF);
3495 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3496 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3497 SSVAL(outbuf,smb_vwv6,
3499 + 1 /* the wct field */
3500 + 12 * sizeof(uint16_t) /* vwv */
3501 + 2); /* the buflen field */
3502 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3503 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3504 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3505 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3509 /****************************************************************************
3510 Reply to a read and X - possibly using sendfile.
3511 ****************************************************************************/
3513 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3514 files_struct *fsp, SMB_OFF_T startpos,
3518 struct lock_struct lock;
3519 int saved_errno = 0;
3521 if(fsp_stat(fsp) == -1) {
3522 reply_nterror(req, map_nt_error_from_unix(errno));
3526 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3527 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3530 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3531 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3535 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3536 (startpos > fsp->fsp_name->st.st_ex_size)
3537 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3539 * We already know that we would do a short read, so don't
3540 * try the sendfile() path.
3542 goto nosendfile_read;
3546 * We can only use sendfile on a non-chained packet
3547 * but we can use on a non-oplocked file. tridge proved this
3548 * on a train in Germany :-). JRA.
3551 if (!req_is_in_chain(req) &&
3552 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3553 (fsp->wcp == NULL) &&
3554 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3555 uint8 headerbuf[smb_size + 12 * 2];
3559 * Set up the packet header before send. We
3560 * assume here the sendfile will work (get the
3561 * correct amount of data).
3564 header = data_blob_const(headerbuf, sizeof(headerbuf));
3566 construct_reply_common_req(req, (char *)headerbuf);
3567 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3569 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3570 startpos, smb_maxcnt);
3572 /* Returning ENOSYS means no data at all was sent.
3573 Do this as a normal read. */
3574 if (errno == ENOSYS) {
3579 * Special hack for broken Linux with no working sendfile. If we
3580 * return EINTR we sent the header but not the rest of the data.
3581 * Fake this up by doing read/write calls.
3584 if (errno == EINTR) {
3585 /* Ensure we don't do this again. */
3586 set_use_sendfile(SNUM(conn), False);
3587 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3588 nread = fake_sendfile(fsp, startpos,
3591 DEBUG(0,("send_file_readX: "
3592 "fake_sendfile failed for "
3596 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3598 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3599 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3600 /* No outbuf here means successful sendfile. */
3604 DEBUG(0,("send_file_readX: sendfile failed for file "
3605 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3607 exit_server_cleanly("send_file_readX sendfile failed");
3608 } else if (nread == 0) {
3610 * Some sendfile implementations return 0 to indicate
3611 * that there was a short read, but nothing was
3612 * actually written to the socket. In this case,
3613 * fallback to the normal read path so the header gets
3614 * the correct byte count.
3616 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3617 "falling back to the normal read: %s\n",
3622 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3623 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3625 /* Deal with possible short send. */
3626 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3627 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3629 /* No outbuf here means successful sendfile. */
3630 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3631 SMB_PERFCOUNT_END(&req->pcd);
3637 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3638 uint8 headerbuf[smb_size + 2*12];
3640 construct_reply_common_req(req, (char *)headerbuf);
3641 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3643 /* Send out the header. */
3644 if (write_data(req->sconn->sock, (char *)headerbuf,
3645 sizeof(headerbuf)) != sizeof(headerbuf)) {
3647 char addr[INET6_ADDRSTRLEN];
3649 * Try and give an error message saying what
3652 DEBUG(0, ("write_data failed for client %s. "
3654 get_peer_addr(req->sconn->sock, addr,
3658 DEBUG(0,("send_file_readX: write_data failed for file "
3659 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3661 exit_server_cleanly("send_file_readX sendfile failed");
3663 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3665 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3666 "file %s (%s).\n", fsp_str_dbg(fsp),
3668 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3675 reply_outbuf(req, 12, smb_maxcnt);
3677 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3678 saved_errno = errno;
3680 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3683 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3687 setup_readX_header(req, (char *)req->outbuf, nread);
3689 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3690 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3696 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3697 TALLOC_FREE(req->outbuf);
3701 /****************************************************************************
3702 Reply to a read and X.
3703 ****************************************************************************/
3705 void reply_read_and_X(struct smb_request *req)
3707 connection_struct *conn = req->conn;
3711 bool big_readX = False;
3713 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3716 START_PROFILE(SMBreadX);
3718 if ((req->wct != 10) && (req->wct != 12)) {
3719 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3723 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3724 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3725 smb_maxcnt = SVAL(req->vwv+5, 0);
3727 /* If it's an IPC, pass off the pipe handler. */
3729 reply_pipe_read_and_X(req);
3730 END_PROFILE(SMBreadX);
3734 if (!check_fsp(conn, req, fsp)) {
3735 END_PROFILE(SMBreadX);
3739 if (!CHECK_READ(fsp,req)) {
3740 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3741 END_PROFILE(SMBreadX);
3745 if (global_client_caps & CAP_LARGE_READX) {
3746 size_t upper_size = SVAL(req->vwv+7, 0);
3747 smb_maxcnt |= (upper_size<<16);
3748 if (upper_size > 1) {
3749 /* Can't do this on a chained packet. */
3750 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3751 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3752 END_PROFILE(SMBreadX);
3755 /* We currently don't do this on signed or sealed data. */
3756 if (srv_is_signing_active(req->sconn) ||
3757 is_encrypted_packet(req->inbuf)) {
3758 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3759 END_PROFILE(SMBreadX);
3762 /* Is there room in the reply for this data ? */
3763 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3765 NT_STATUS_INVALID_PARAMETER);
3766 END_PROFILE(SMBreadX);
3773 if (req->wct == 12) {
3774 #ifdef LARGE_SMB_OFF_T
3776 * This is a large offset (64 bit) read.
3778 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3780 #else /* !LARGE_SMB_OFF_T */
3783 * Ensure we haven't been sent a >32 bit offset.
3786 if(IVAL(req->vwv+10, 0) != 0) {
3787 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3788 "used and we don't support 64 bit offsets.\n",
3789 (unsigned int)IVAL(req->vwv+10, 0) ));
3790 END_PROFILE(SMBreadX);
3791 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3795 #endif /* LARGE_SMB_OFF_T */
3800 NTSTATUS status = schedule_aio_read_and_X(conn,
3805 if (NT_STATUS_IS_OK(status)) {
3806 /* Read scheduled - we're done. */
3809 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3810 /* Real error - report to client. */
3811 END_PROFILE(SMBreadX);
3812 reply_nterror(req, status);
3815 /* NT_STATUS_RETRY - fall back to sync read. */
3818 smbd_lock_socket(req->sconn);
3819 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3820 smbd_unlock_socket(req->sconn);
3823 END_PROFILE(SMBreadX);
3827 /****************************************************************************
3828 Error replies to writebraw must have smb_wct == 1. Fix this up.
3829 ****************************************************************************/
3831 void error_to_writebrawerr(struct smb_request *req)
3833 uint8 *old_outbuf = req->outbuf;
3835 reply_outbuf(req, 1, 0);
3837 memcpy(req->outbuf, old_outbuf, smb_size);
3838 TALLOC_FREE(old_outbuf);
3841 /****************************************************************************
3842 Read 4 bytes of a smb packet and return the smb length of the packet.
3843 Store the result in the buffer. This version of the function will
3844 never return a session keepalive (length of zero).
3845 Timeout is in milliseconds.
3846 ****************************************************************************/
3848 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3851 uint8_t msgtype = SMBkeepalive;
3853 while (msgtype == SMBkeepalive) {
3856 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3858 if (!NT_STATUS_IS_OK(status)) {
3859 char addr[INET6_ADDRSTRLEN];
3860 /* Try and give an error message
3861 * saying what client failed. */
3862 DEBUG(0, ("read_fd_with_timeout failed for "
3863 "client %s read error = %s.\n",
3864 get_peer_addr(fd,addr,sizeof(addr)),
3865 nt_errstr(status)));
3869 msgtype = CVAL(inbuf, 0);
3872 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3873 (unsigned long)len));
3875 return NT_STATUS_OK;
3878 /****************************************************************************
3879 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3880 ****************************************************************************/
3882 void reply_writebraw(struct smb_request *req)
3884 connection_struct *conn = req->conn;
3887 ssize_t total_written=0;
3888 size_t numtowrite=0;
3894 struct lock_struct lock;
3897 START_PROFILE(SMBwritebraw);
3900 * If we ever reply with an error, it must have the SMB command
3901 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3904 SCVAL(req->inbuf,smb_com,SMBwritec);
3906 if (srv_is_signing_active(req->sconn)) {
3907 END_PROFILE(SMBwritebraw);
3908 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3909 "raw reads/writes are disallowed.");
3912 if (req->wct < 12) {
3913 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3914 error_to_writebrawerr(req);
3915 END_PROFILE(SMBwritebraw);
3919 if (req->sconn->smb1.echo_handler.trusted_fde) {
3920 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3921 "'async smb echo handler = yes'\n"));
3922 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3923 error_to_writebrawerr(req);
3924 END_PROFILE(SMBwritebraw);
3928 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3929 if (!check_fsp(conn, req, fsp)) {
3930 error_to_writebrawerr(req);
3931 END_PROFILE(SMBwritebraw);
3935 if (!CHECK_WRITE(fsp)) {
3936 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3937 error_to_writebrawerr(req);
3938 END_PROFILE(SMBwritebraw);
3942 tcount = IVAL(req->vwv+1, 0);
3943 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3944 write_through = BITSETW(req->vwv+7,0);
3946 /* We have to deal with slightly different formats depending
3947 on whether we are using the core+ or lanman1.0 protocol */
3949 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3950 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3951 data = smb_buf(req->inbuf);
3953 numtowrite = SVAL(req->vwv+10, 0);
3954 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3957 /* Ensure we don't write bytes past the end of this packet. */
3958 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3959 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3960 error_to_writebrawerr(req);
3961 END_PROFILE(SMBwritebraw);
3965 if (!fsp->print_file) {
3966 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3967 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3970 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3971 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3972 error_to_writebrawerr(req);
3973 END_PROFILE(SMBwritebraw);
3979 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3982 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3983 "wrote=%d sync=%d\n",
3984 fsp->fnum, (double)startpos, (int)numtowrite,
3985 (int)nwritten, (int)write_through));
3987 if (nwritten < (ssize_t)numtowrite) {
3988 reply_nterror(req, NT_STATUS_DISK_FULL);
3989 error_to_writebrawerr(req);
3993 total_written = nwritten;
3995 /* Allocate a buffer of 64k + length. */
3996 buf = TALLOC_ARRAY(NULL, char, 65540);
3998 reply_nterror(req, NT_STATUS_NO_MEMORY);
3999 error_to_writebrawerr(req);
4003 /* Return a SMBwritebraw message to the redirector to tell
4004 * it to send more bytes */
4006 memcpy(buf, req->inbuf, smb_size);
4007 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
4008 SCVAL(buf,smb_com,SMBwritebraw);
4009 SSVALS(buf,smb_vwv0,0xFFFF);
4011 if (!srv_send_smb(req->sconn,
4013 false, 0, /* no signing */
4014 IS_CONN_ENCRYPTED(conn),
4016 exit_server_cleanly("reply_writebraw: srv_send_smb "
4020 /* Now read the raw data into the buffer and write it */
4021 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4023 if (!NT_STATUS_IS_OK(status)) {
4024 exit_server_cleanly("secondary writebraw failed");
4027 /* Set up outbuf to return the correct size */
4028 reply_outbuf(req, 1, 0);
4030 if (numtowrite != 0) {
4032 if (numtowrite > 0xFFFF) {
4033 DEBUG(0,("reply_writebraw: Oversize secondary write "
4034 "raw requested (%u). Terminating\n",
4035 (unsigned int)numtowrite ));
4036 exit_server_cleanly("secondary writebraw failed");
4039 if (tcount > nwritten+numtowrite) {
4040 DEBUG(3,("reply_writebraw: Client overestimated the "
4042 (int)tcount,(int)nwritten,(int)numtowrite));
4045 status = read_data(req->sconn->sock, buf+4, numtowrite);
4047 if (!NT_STATUS_IS_OK(status)) {
4048 char addr[INET6_ADDRSTRLEN];
4049 /* Try and give an error message
4050 * saying what client failed. */
4051 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4052 "raw read failed (%s) for client %s. "
4053 "Terminating\n", nt_errstr(status),
4054 get_peer_addr(req->sconn->sock, addr,
4056 exit_server_cleanly("secondary writebraw failed");
4059 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4060 if (nwritten == -1) {
4062 reply_nterror(req, map_nt_error_from_unix(errno));
4063 error_to_writebrawerr(req);
4067 if (nwritten < (ssize_t)numtowrite) {
4068 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4069 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4073 total_written += nwritten;
4078 SSVAL(req->outbuf,smb_vwv0,total_written);
4080 status = sync_file(conn, fsp, write_through);
4081 if (!NT_STATUS_IS_OK(status)) {
4082 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4083 fsp_str_dbg(fsp), nt_errstr(status)));
4084 reply_nterror(req, status);
4085 error_to_writebrawerr(req);
4089 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4091 fsp->fnum, (double)startpos, (int)numtowrite,
4092 (int)total_written));
4094 if (!fsp->print_file) {
4095 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4098 /* We won't return a status if write through is not selected - this
4099 * follows what WfWg does */
4100 END_PROFILE(SMBwritebraw);
4102 if (!write_through && total_written==tcount) {
4104 #if RABBIT_PELLET_FIX
4106 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4107 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4110 if (!send_keepalive(req->sconn->sock)) {
4111 exit_server_cleanly("reply_writebraw: send of "
4112 "keepalive failed");
4115 TALLOC_FREE(req->outbuf);
4120 if (!fsp->print_file) {
4121 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4124 END_PROFILE(SMBwritebraw);
4129 #define DBGC_CLASS DBGC_LOCKING
4131 /****************************************************************************
4132 Reply to a writeunlock (core+).
4133 ****************************************************************************/
4135 void reply_writeunlock(struct smb_request *req)
4137 connection_struct *conn = req->conn;
4138 ssize_t nwritten = -1;
4142 NTSTATUS status = NT_STATUS_OK;
4144 struct lock_struct lock;
4145 int saved_errno = 0;
4147 START_PROFILE(SMBwriteunlock);
4150 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4151 END_PROFILE(SMBwriteunlock);
4155 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4157 if (!check_fsp(conn, req, fsp)) {
4158 END_PROFILE(SMBwriteunlock);
4162 if (!CHECK_WRITE(fsp)) {
4163 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4164 END_PROFILE(SMBwriteunlock);
4168 numtowrite = SVAL(req->vwv+1, 0);
4169 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4170 data = (const char *)req->buf + 3;
4172 if (!fsp->print_file && numtowrite > 0) {
4173 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4174 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4177 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4178 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4179 END_PROFILE(SMBwriteunlock);
4184 /* The special X/Open SMB protocol handling of
4185 zero length writes is *NOT* done for
4187 if(numtowrite == 0) {
4190 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4191 saved_errno = errno;
4194 status = sync_file(conn, fsp, False /* write through */);
4195 if (!NT_STATUS_IS_OK(status)) {
4196 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4197 fsp_str_dbg(fsp), nt_errstr(status)));
4198 reply_nterror(req, status);
4203 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4207 if((nwritten < numtowrite) && (numtowrite != 0)) {
4208 reply_nterror(req, NT_STATUS_DISK_FULL);
4212 if (numtowrite && !fsp->print_file) {
4213 status = do_unlock(req->sconn->msg_ctx,
4215 (uint64_t)req->smbpid,
4216 (uint64_t)numtowrite,
4220 if (NT_STATUS_V(status)) {
4221 reply_nterror(req, status);
4226 reply_outbuf(req, 1, 0);
4228 SSVAL(req->outbuf,smb_vwv0,nwritten);
4230 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4231 fsp->fnum, (int)numtowrite, (int)nwritten));
4234 if (numtowrite && !fsp->print_file) {
4235 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4238 END_PROFILE(SMBwriteunlock);
4243 #define DBGC_CLASS DBGC_ALL
4245 /****************************************************************************
4247 ****************************************************************************/
4249 void reply_write(struct smb_request *req)
4251 connection_struct *conn = req->conn;
4253 ssize_t nwritten = -1;
4257 struct lock_struct lock;
4259 int saved_errno = 0;
4261 START_PROFILE(SMBwrite);
4264 END_PROFILE(SMBwrite);
4265 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4269 /* If it's an IPC, pass off the pipe handler. */
4271 reply_pipe_write(req);
4272 END_PROFILE(SMBwrite);
4276 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4278 if (!check_fsp(conn, req, fsp)) {
4279 END_PROFILE(SMBwrite);
4283 if (!CHECK_WRITE(fsp)) {
4284 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4285 END_PROFILE(SMBwrite);
4289 numtowrite = SVAL(req->vwv+1, 0);
4290 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4291 data = (const char *)req->buf + 3;
4293 if (!fsp->print_file) {
4294 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4295 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4298 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4299 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4300 END_PROFILE(SMBwrite);
4306 * X/Open SMB protocol says that if smb_vwv1 is
4307 * zero then the file size should be extended or
4308 * truncated to the size given in smb_vwv[2-3].
4311 if(numtowrite == 0) {
4313 * This is actually an allocate call, and set EOF. JRA.
4315 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4317 reply_nterror(req, NT_STATUS_DISK_FULL);
4320 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4322 reply_nterror(req, NT_STATUS_DISK_FULL);
4325 trigger_write_time_update_immediate(fsp);
4327 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4330 status = sync_file(conn, fsp, False);
4331 if (!NT_STATUS_IS_OK(status)) {
4332 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4333 fsp_str_dbg(fsp), nt_errstr(status)));
4334 reply_nterror(req, status);
4339 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4343 if((nwritten == 0) && (numtowrite != 0)) {
4344 reply_nterror(req, NT_STATUS_DISK_FULL);
4348 reply_outbuf(req, 1, 0);
4350 SSVAL(req->outbuf,smb_vwv0,nwritten);
4352 if (nwritten < (ssize_t)numtowrite) {
4353 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4354 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4357 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4360 if (!fsp->print_file) {
4361 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4364 END_PROFILE(SMBwrite);
4368 /****************************************************************************
4369 Ensure a buffer is a valid writeX for recvfile purposes.
4370 ****************************************************************************/
4372 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4373 (2*14) + /* word count (including bcc) */ \
4376 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4377 const uint8_t *inbuf)
4380 connection_struct *conn = NULL;
4381 unsigned int doff = 0;
4382 size_t len = smb_len_large(inbuf);
4384 if (is_encrypted_packet(inbuf)) {
4385 /* Can't do this on encrypted
4390 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4394 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4395 CVAL(inbuf,smb_wct) != 14) {
4396 DEBUG(10,("is_valid_writeX_buffer: chained or "
4397 "invalid word length.\n"));
4401 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4403 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4407 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4410 if (IS_PRINT(conn)) {
4411 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4414 doff = SVAL(inbuf,smb_vwv11);
4416 numtowrite = SVAL(inbuf,smb_vwv10);
4418 if (len > doff && len - doff > 0xFFFF) {
4419 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4422 if (numtowrite == 0) {
4423 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4427 /* Ensure the sizes match up. */
4428 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4429 /* no pad byte...old smbclient :-( */
4430 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4432 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4436 if (len - doff != numtowrite) {
4437 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4438 "len = %u, doff = %u, numtowrite = %u\n",
4441 (unsigned int)numtowrite ));
4445 DEBUG(10,("is_valid_writeX_buffer: true "
4446 "len = %u, doff = %u, numtowrite = %u\n",
4449 (unsigned int)numtowrite ));
4454 /****************************************************************************
4455 Reply to a write and X.
4456 ****************************************************************************/
4458 void reply_write_and_X(struct smb_request *req)
4460 connection_struct *conn = req->conn;
4462 struct lock_struct lock;
4467 unsigned int smb_doff;
4468 unsigned int smblen;
4471 int saved_errno = 0;
4473 START_PROFILE(SMBwriteX);
4475 if ((req->wct != 12) && (req->wct != 14)) {
4476 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4477 END_PROFILE(SMBwriteX);
4481 numtowrite = SVAL(req->vwv+10, 0);
4482 smb_doff = SVAL(req->vwv+11, 0);
4483 smblen = smb_len(req->inbuf);
4485 if (req->unread_bytes > 0xFFFF ||
4486 (smblen > smb_doff &&
4487 smblen - smb_doff > 0xFFFF)) {
4488 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4491 if (req->unread_bytes) {
4492 /* Can't do a recvfile write on IPC$ */
4494 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4495 END_PROFILE(SMBwriteX);
4498 if (numtowrite != req->unread_bytes) {
4499 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4500 END_PROFILE(SMBwriteX);
4504 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4505 smb_doff + numtowrite > smblen) {
4506 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4507 END_PROFILE(SMBwriteX);
4512 /* If it's an IPC, pass off the pipe handler. */
4514 if (req->unread_bytes) {
4515 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4516 END_PROFILE(SMBwriteX);
4519 reply_pipe_write_and_X(req);
4520 END_PROFILE(SMBwriteX);
4524 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4525 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4526 write_through = BITSETW(req->vwv+7,0);
4528 if (!check_fsp(conn, req, fsp)) {
4529 END_PROFILE(SMBwriteX);
4533 if (!CHECK_WRITE(fsp)) {
4534 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4535 END_PROFILE(SMBwriteX);
4539 data = smb_base(req->inbuf) + smb_doff;
4541 if(req->wct == 14) {
4542 #ifdef LARGE_SMB_OFF_T
4544 * This is a large offset (64 bit) write.
4546 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4548 #else /* !LARGE_SMB_OFF_T */
4551 * Ensure we haven't been sent a >32 bit offset.
4554 if(IVAL(req->vwv+12, 0) != 0) {
4555 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4556 "used and we don't support 64 bit offsets.\n",
4557 (unsigned int)IVAL(req->vwv+12, 0) ));
4558 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4559 END_PROFILE(SMBwriteX);
4563 #endif /* LARGE_SMB_OFF_T */
4566 /* X/Open SMB protocol says that, unlike SMBwrite
4567 if the length is zero then NO truncation is
4568 done, just a write of zero. To truncate a file,
4571 if(numtowrite == 0) {
4574 if (req->unread_bytes == 0) {
4575 status = schedule_aio_write_and_X(conn,
4582 if (NT_STATUS_IS_OK(status)) {
4583 /* write scheduled - we're done. */
4586 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4587 /* Real error - report to client. */
4588 reply_nterror(req, status);
4591 /* NT_STATUS_RETRY - fall through to sync write. */
4594 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4595 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4598 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4599 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4603 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4604 saved_errno = errno;
4606 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4610 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4614 if((nwritten == 0) && (numtowrite != 0)) {
4615 reply_nterror(req, NT_STATUS_DISK_FULL);
4619 reply_outbuf(req, 6, 0);
4620 SSVAL(req->outbuf,smb_vwv2,nwritten);
4621 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4623 if (nwritten < (ssize_t)numtowrite) {
4624 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4625 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4628 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4629 fsp->fnum, (int)numtowrite, (int)nwritten));
4631 status = sync_file(conn, fsp, write_through);
4632 if (!NT_STATUS_IS_OK(status)) {
4633 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4634 fsp_str_dbg(fsp), nt_errstr(status)));
4635 reply_nterror(req, status);
4639 END_PROFILE(SMBwriteX);
4644 END_PROFILE(SMBwriteX);
4648 /****************************************************************************
4650 ****************************************************************************/
4652 void reply_lseek(struct smb_request *req)
4654 connection_struct *conn = req->conn;
4660 START_PROFILE(SMBlseek);
4663 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4664 END_PROFILE(SMBlseek);
4668 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4670 if (!check_fsp(conn, req, fsp)) {
4674 flush_write_cache(fsp, SEEK_FLUSH);
4676 mode = SVAL(req->vwv+1, 0) & 3;
4677 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4678 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4687 res = fsp->fh->pos + startpos;
4698 if (umode == SEEK_END) {
4699 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4700 if(errno == EINVAL) {
4701 SMB_OFF_T current_pos = startpos;
4703 if(fsp_stat(fsp) == -1) {
4705 map_nt_error_from_unix(errno));
4706 END_PROFILE(SMBlseek);
4710 current_pos += fsp->fsp_name->st.st_ex_size;
4712 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4717 reply_nterror(req, map_nt_error_from_unix(errno));
4718 END_PROFILE(SMBlseek);
4725 reply_outbuf(req, 2, 0);
4726 SIVAL(req->outbuf,smb_vwv0,res);
4728 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4729 fsp->fnum, (double)startpos, (double)res, mode));
4731 END_PROFILE(SMBlseek);
4735 /****************************************************************************
4737 ****************************************************************************/
4739 void reply_flush(struct smb_request *req)
4741 connection_struct *conn = req->conn;
4745 START_PROFILE(SMBflush);
4748 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4752 fnum = SVAL(req->vwv+0, 0);
4753 fsp = file_fsp(req, fnum);
4755 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4760 file_sync_all(conn);
4762 NTSTATUS status = sync_file(conn, fsp, True);
4763 if (!NT_STATUS_IS_OK(status)) {
4764 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4765 fsp_str_dbg(fsp), nt_errstr(status)));
4766 reply_nterror(req, status);
4767 END_PROFILE(SMBflush);
4772 reply_outbuf(req, 0, 0);
4774 DEBUG(3,("flush\n"));
4775 END_PROFILE(SMBflush);
4779 /****************************************************************************
4781 conn POINTER CAN BE NULL HERE !
4782 ****************************************************************************/
4784 void reply_exit(struct smb_request *req)
4786 START_PROFILE(SMBexit);
4788 file_close_pid(req->sconn, req->smbpid, req->vuid);
4790 reply_outbuf(req, 0, 0);
4792 DEBUG(3,("exit\n"));
4794 END_PROFILE(SMBexit);
4798 /****************************************************************************
4799 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4800 ****************************************************************************/
4802 void reply_close(struct smb_request *req)
4804 connection_struct *conn = req->conn;
4805 NTSTATUS status = NT_STATUS_OK;
4806 files_struct *fsp = NULL;
4807 START_PROFILE(SMBclose);
4810 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4811 END_PROFILE(SMBclose);
4815 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4818 * We can only use check_fsp if we know it's not a directory.
4821 if (!check_fsp_open(conn, req, fsp)) {
4822 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4823 END_PROFILE(SMBclose);
4827 if(fsp->is_directory) {
4829 * Special case - close NT SMB directory handle.
4831 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4832 status = close_file(req, fsp, NORMAL_CLOSE);
4836 * Close ordinary file.
4839 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4840 fsp->fh->fd, fsp->fnum,
4841 conn->num_files_open));
4844 * Take care of any time sent in the close.
4847 t = srv_make_unix_date3(req->vwv+1);
4848 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4851 * close_file() returns the unix errno if an error
4852 * was detected on close - normally this is due to
4853 * a disk full error. If not then it was probably an I/O error.
4856 status = close_file(req, fsp, NORMAL_CLOSE);
4859 if (!NT_STATUS_IS_OK(status)) {
4860 reply_nterror(req, status);
4861 END_PROFILE(SMBclose);
4865 reply_outbuf(req, 0, 0);
4866 END_PROFILE(SMBclose);
4870 /****************************************************************************
4871 Reply to a writeclose (Core+ protocol).
4872 ****************************************************************************/
4874 void reply_writeclose(struct smb_request *req)
4876 connection_struct *conn = req->conn;
4878 ssize_t nwritten = -1;
4879 NTSTATUS close_status = NT_STATUS_OK;
4882 struct timespec mtime;
4884 struct lock_struct lock;
4886 START_PROFILE(SMBwriteclose);
4889 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4890 END_PROFILE(SMBwriteclose);
4894 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4896 if (!check_fsp(conn, req, fsp)) {
4897 END_PROFILE(SMBwriteclose);
4900 if (!CHECK_WRITE(fsp)) {
4901 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4902 END_PROFILE(SMBwriteclose);
4906 numtowrite = SVAL(req->vwv+1, 0);
4907 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4908 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4909 data = (const char *)req->buf + 1;
4911 if (!fsp->print_file) {
4912 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4913 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4916 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4917 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4918 END_PROFILE(SMBwriteclose);
4923 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4925 set_close_write_time(fsp, mtime);
4928 * More insanity. W2K only closes the file if writelen > 0.
4933 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4934 "file %s\n", fsp_str_dbg(fsp)));
4935 close_status = close_file(req, fsp, NORMAL_CLOSE);
4938 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4939 fsp->fnum, (int)numtowrite, (int)nwritten,
4940 conn->num_files_open));
4942 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4943 reply_nterror(req, NT_STATUS_DISK_FULL);
4947 if(!NT_STATUS_IS_OK(close_status)) {
4948 reply_nterror(req, close_status);
4952 reply_outbuf(req, 1, 0);
4954 SSVAL(req->outbuf,smb_vwv0,nwritten);
4957 if (numtowrite && !fsp->print_file) {
4958 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4961 END_PROFILE(SMBwriteclose);
4966 #define DBGC_CLASS DBGC_LOCKING
4968 /****************************************************************************
4970 ****************************************************************************/
4972 void reply_lock(struct smb_request *req)
4974 connection_struct *conn = req->conn;
4975 uint64_t count,offset;
4978 struct byte_range_lock *br_lck = NULL;
4980 START_PROFILE(SMBlock);
4983 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4984 END_PROFILE(SMBlock);
4988 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4990 if (!check_fsp(conn, req, fsp)) {
4991 END_PROFILE(SMBlock);
4995 count = (uint64_t)IVAL(req->vwv+1, 0);
4996 offset = (uint64_t)IVAL(req->vwv+3, 0);
4998 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4999 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
5001 br_lck = do_lock(req->sconn->msg_ctx,
5003 (uint64_t)req->smbpid,
5008 False, /* Non-blocking lock. */
5013 TALLOC_FREE(br_lck);
5015 if (NT_STATUS_V(status)) {
5016 reply_nterror(req, status);
5017 END_PROFILE(SMBlock);
5021 reply_outbuf(req, 0, 0);
5023 END_PROFILE(SMBlock);
5027 /****************************************************************************
5029 ****************************************************************************/
5031 void reply_unlock(struct smb_request *req)
5033 connection_struct *conn = req->conn;
5034 uint64_t count,offset;
5038 START_PROFILE(SMBunlock);
5041 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5042 END_PROFILE(SMBunlock);
5046 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5048 if (!check_fsp(conn, req, fsp)) {
5049 END_PROFILE(SMBunlock);
5053 count = (uint64_t)IVAL(req->vwv+1, 0);
5054 offset = (uint64_t)IVAL(req->vwv+3, 0);
5056 status = do_unlock(req->sconn->msg_ctx,
5058 (uint64_t)req->smbpid,
5063 if (NT_STATUS_V(status)) {
5064 reply_nterror(req, status);
5065 END_PROFILE(SMBunlock);
5069 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5070 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5072 reply_outbuf(req, 0, 0);
5074 END_PROFILE(SMBunlock);
5079 #define DBGC_CLASS DBGC_ALL
5081 /****************************************************************************
5083 conn POINTER CAN BE NULL HERE !
5084 ****************************************************************************/
5086 void reply_tdis(struct smb_request *req)
5088 connection_struct *conn = req->conn;
5089 START_PROFILE(SMBtdis);
5092 DEBUG(4,("Invalid connection in tdis\n"));
5093 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5094 END_PROFILE(SMBtdis);
5100 close_cnum(conn,req->vuid);
5103 reply_outbuf(req, 0, 0);
5104 END_PROFILE(SMBtdis);
5108 /****************************************************************************
5110 conn POINTER CAN BE NULL HERE !
5111 ****************************************************************************/
5113 void reply_echo(struct smb_request *req)
5115 connection_struct *conn = req->conn;
5116 struct smb_perfcount_data local_pcd;
5117 struct smb_perfcount_data *cur_pcd;
5121 START_PROFILE(SMBecho);
5123 smb_init_perfcount_data(&local_pcd);
5126 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5127 END_PROFILE(SMBecho);
5131 smb_reverb = SVAL(req->vwv+0, 0);
5133 reply_outbuf(req, 1, req->buflen);
5135 /* copy any incoming data back out */
5136 if (req->buflen > 0) {
5137 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5140 if (smb_reverb > 100) {
5141 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5145 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5147 /* this makes sure we catch the request pcd */
5148 if (seq_num == smb_reverb) {
5149 cur_pcd = &req->pcd;
5151 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5152 cur_pcd = &local_pcd;
5155 SSVAL(req->outbuf,smb_vwv0,seq_num);
5157 show_msg((char *)req->outbuf);
5158 if (!srv_send_smb(req->sconn,
5159 (char *)req->outbuf,
5160 true, req->seqnum+1,
5161 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5163 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5166 DEBUG(3,("echo %d times\n", smb_reverb));
5168 TALLOC_FREE(req->outbuf);
5170 END_PROFILE(SMBecho);
5174 /****************************************************************************
5175 Reply to a printopen.
5176 ****************************************************************************/
5178 void reply_printopen(struct smb_request *req)
5180 connection_struct *conn = req->conn;
5184 START_PROFILE(SMBsplopen);
5187 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5188 END_PROFILE(SMBsplopen);
5192 if (!CAN_PRINT(conn)) {
5193 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5194 END_PROFILE(SMBsplopen);
5198 status = file_new(req, conn, &fsp);
5199 if(!NT_STATUS_IS_OK(status)) {
5200 reply_nterror(req, status);
5201 END_PROFILE(SMBsplopen);
5205 /* Open for exclusive use, write only. */
5206 status = print_spool_open(fsp, NULL, req->vuid);
5208 if (!NT_STATUS_IS_OK(status)) {
5209 file_free(req, fsp);
5210 reply_nterror(req, status);
5211 END_PROFILE(SMBsplopen);
5215 reply_outbuf(req, 1, 0);
5216 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5218 DEBUG(3,("openprint fd=%d fnum=%d\n",
5219 fsp->fh->fd, fsp->fnum));
5221 END_PROFILE(SMBsplopen);
5225 /****************************************************************************
5226 Reply to a printclose.
5227 ****************************************************************************/
5229 void reply_printclose(struct smb_request *req)
5231 connection_struct *conn = req->conn;
5235 START_PROFILE(SMBsplclose);
5238 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5239 END_PROFILE(SMBsplclose);
5243 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5245 if (!check_fsp(conn, req, fsp)) {
5246 END_PROFILE(SMBsplclose);
5250 if (!CAN_PRINT(conn)) {
5251 reply_force_doserror(req, ERRSRV, ERRerror);
5252 END_PROFILE(SMBsplclose);
5256 DEBUG(3,("printclose fd=%d fnum=%d\n",
5257 fsp->fh->fd,fsp->fnum));
5259 status = close_file(req, fsp, NORMAL_CLOSE);
5261 if(!NT_STATUS_IS_OK(status)) {
5262 reply_nterror(req, status);
5263 END_PROFILE(SMBsplclose);
5267 reply_outbuf(req, 0, 0);
5269 END_PROFILE(SMBsplclose);
5273 /****************************************************************************
5274 Reply to a printqueue.
5275 ****************************************************************************/
5277 void reply_printqueue(struct smb_request *req)
5279 connection_struct *conn = req->conn;
5283 START_PROFILE(SMBsplretq);
5286 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5287 END_PROFILE(SMBsplretq);
5291 max_count = SVAL(req->vwv+0, 0);
5292 start_index = SVAL(req->vwv+1, 0);
5294 /* we used to allow the client to get the cnum wrong, but that
5295 is really quite gross and only worked when there was only
5296 one printer - I think we should now only accept it if they
5297 get it right (tridge) */
5298 if (!CAN_PRINT(conn)) {
5299 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5300 END_PROFILE(SMBsplretq);
5304 reply_outbuf(req, 2, 3);
5305 SSVAL(req->outbuf,smb_vwv0,0);
5306 SSVAL(req->outbuf,smb_vwv1,0);
5307 SCVAL(smb_buf(req->outbuf),0,1);
5308 SSVAL(smb_buf(req->outbuf),1,0);
5310 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5311 start_index, max_count));
5314 TALLOC_CTX *mem_ctx = talloc_tos();
5317 const char *sharename = lp_servicename(SNUM(conn));
5318 struct rpc_pipe_client *cli = NULL;
5319 struct dcerpc_binding_handle *b = NULL;
5320 struct policy_handle handle;
5321 struct spoolss_DevmodeContainer devmode_ctr;
5322 union spoolss_JobInfo *info;
5324 uint32_t num_to_get;
5328 ZERO_STRUCT(handle);
5330 status = rpc_pipe_open_interface(conn,
5331 &ndr_table_spoolss.syntax_id,
5333 &conn->sconn->client_id,
5334 conn->sconn->msg_ctx,
5336 if (!NT_STATUS_IS_OK(status)) {
5337 DEBUG(0, ("reply_printqueue: "
5338 "could not connect to spoolss: %s\n",
5339 nt_errstr(status)));
5340 reply_nterror(req, status);
5343 b = cli->binding_handle;
5345 ZERO_STRUCT(devmode_ctr);
5347 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx,
5350 SEC_FLAG_MAXIMUM_ALLOWED,
5353 if (!NT_STATUS_IS_OK(status)) {
5354 reply_nterror(req, status);
5357 if (!W_ERROR_IS_OK(werr)) {
5358 reply_nterror(req, werror_to_ntstatus(werr));
5362 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5370 if (!W_ERROR_IS_OK(werr)) {
5371 reply_nterror(req, werror_to_ntstatus(werr));
5375 if (max_count > 0) {
5376 first = start_index;
5378 first = start_index + max_count + 1;
5381 if (first >= count) {
5384 num_to_get = first + MIN(ABS(max_count), count - first);
5387 for (i = first; i < num_to_get; i++) {
5390 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5392 uint16_t qrapjobid = pjobid_to_rap(sharename,
5393 info[i].info2.job_id);
5395 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5401 srv_put_dos_date2(p, 0, qtime);
5402 SCVAL(p, 4, qstatus);
5403 SSVAL(p, 5, qrapjobid);
5404 SIVAL(p, 7, info[i].info2.size);
5406 srvstr_push(blob, req->flags2, p+12,
5407 info[i].info2.notify_name, 16, STR_ASCII);
5409 if (message_push_blob(
5412 blob, sizeof(blob))) == -1) {
5413 reply_nterror(req, NT_STATUS_NO_MEMORY);
5419 SSVAL(req->outbuf,smb_vwv0,count);
5420 SSVAL(req->outbuf,smb_vwv1,
5421 (max_count>0?first+count:first-1));
5422 SCVAL(smb_buf(req->outbuf),0,1);
5423 SSVAL(smb_buf(req->outbuf),1,28*count);
5427 DEBUG(3, ("%u entries returned in queue\n",
5431 if (b && is_valid_policy_hnd(&handle)) {
5432 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr);
5437 END_PROFILE(SMBsplretq);
5441 /****************************************************************************
5442 Reply to a printwrite.
5443 ****************************************************************************/
5445 void reply_printwrite(struct smb_request *req)
5447 connection_struct *conn = req->conn;
5452 START_PROFILE(SMBsplwr);
5455 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5456 END_PROFILE(SMBsplwr);
5460 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5462 if (!check_fsp(conn, req, fsp)) {
5463 END_PROFILE(SMBsplwr);
5467 if (!fsp->print_file) {
5468 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5469 END_PROFILE(SMBsplwr);
5473 if (!CHECK_WRITE(fsp)) {
5474 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5475 END_PROFILE(SMBsplwr);
5479 numtowrite = SVAL(req->buf, 1);
5481 if (req->buflen < numtowrite + 3) {
5482 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5483 END_PROFILE(SMBsplwr);
5487 data = (const char *)req->buf + 3;
5489 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5490 reply_nterror(req, map_nt_error_from_unix(errno));
5491 END_PROFILE(SMBsplwr);
5495 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5497 END_PROFILE(SMBsplwr);
5501 /****************************************************************************
5503 ****************************************************************************/
5505 void reply_mkdir(struct smb_request *req)
5507 connection_struct *conn = req->conn;
5508 struct smb_filename *smb_dname = NULL;
5509 char *directory = NULL;
5511 TALLOC_CTX *ctx = talloc_tos();
5513 START_PROFILE(SMBmkdir);
5515 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5516 STR_TERMINATE, &status);
5517 if (!NT_STATUS_IS_OK(status)) {
5518 reply_nterror(req, status);
5522 status = filename_convert(ctx, conn,
5523 req->flags2 & FLAGS2_DFS_PATHNAMES,
5528 if (!NT_STATUS_IS_OK(status)) {
5529 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5530 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5531 ERRSRV, ERRbadpath);
5534 reply_nterror(req, status);
5538 status = create_directory(conn, req, smb_dname);
5540 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5542 if (!NT_STATUS_IS_OK(status)) {
5544 if (!use_nt_status()
5545 && NT_STATUS_EQUAL(status,
5546 NT_STATUS_OBJECT_NAME_COLLISION)) {
5548 * Yes, in the DOS error code case we get a
5549 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5550 * samba4 torture test.
5552 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5555 reply_nterror(req, status);
5559 reply_outbuf(req, 0, 0);
5561 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5563 TALLOC_FREE(smb_dname);
5564 END_PROFILE(SMBmkdir);
5568 /****************************************************************************
5570 ****************************************************************************/
5572 void reply_rmdir(struct smb_request *req)
5574 connection_struct *conn = req->conn;
5575 struct smb_filename *smb_dname = NULL;
5576 char *directory = NULL;
5578 TALLOC_CTX *ctx = talloc_tos();
5579 files_struct *fsp = NULL;
5581 struct smbd_server_connection *sconn = req->sconn;
5583 START_PROFILE(SMBrmdir);
5585 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5586 STR_TERMINATE, &status);
5587 if (!NT_STATUS_IS_OK(status)) {
5588 reply_nterror(req, status);
5592 status = filename_convert(ctx, conn,
5593 req->flags2 & FLAGS2_DFS_PATHNAMES,
5598 if (!NT_STATUS_IS_OK(status)) {
5599 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5600 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5601 ERRSRV, ERRbadpath);
5604 reply_nterror(req, status);
5608 if (is_ntfs_stream_smb_fname(smb_dname)) {
5609 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5613 status = SMB_VFS_CREATE_FILE(
5616 0, /* root_dir_fid */
5617 smb_dname, /* fname */
5618 DELETE_ACCESS, /* access_mask */
5619 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5621 FILE_OPEN, /* create_disposition*/
5622 FILE_DIRECTORY_FILE, /* create_options */
5623 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5624 0, /* oplock_request */
5625 0, /* allocation_size */
5626 0, /* private_flags */
5632 if (!NT_STATUS_IS_OK(status)) {
5633 if (open_was_deferred(req->mid)) {
5634 /* We have re-scheduled this call. */
5637 reply_nterror(req, status);
5641 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5642 if (!NT_STATUS_IS_OK(status)) {
5643 close_file(req, fsp, ERROR_CLOSE);
5644 reply_nterror(req, status);
5648 if (!set_delete_on_close(fsp, true, &conn->session_info->utok)) {
5649 close_file(req, fsp, ERROR_CLOSE);
5650 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5654 status = close_file(req, fsp, NORMAL_CLOSE);
5655 if (!NT_STATUS_IS_OK(status)) {
5656 reply_nterror(req, status);
5658 reply_outbuf(req, 0, 0);
5661 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5663 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5665 TALLOC_FREE(smb_dname);
5666 END_PROFILE(SMBrmdir);
5670 /*******************************************************************
5671 Resolve wildcards in a filename rename.
5672 ********************************************************************/
5674 static bool resolve_wildcards(TALLOC_CTX *ctx,
5679 char *name2_copy = NULL;
5684 char *p,*p2, *pname1, *pname2;
5686 name2_copy = talloc_strdup(ctx, name2);
5691 pname1 = strrchr_m(name1,'/');
5692 pname2 = strrchr_m(name2_copy,'/');
5694 if (!pname1 || !pname2) {
5698 /* Truncate the copy of name2 at the last '/' */
5701 /* Now go past the '/' */
5705 root1 = talloc_strdup(ctx, pname1);
5706 root2 = talloc_strdup(ctx, pname2);
5708 if (!root1 || !root2) {
5712 p = strrchr_m(root1,'.');
5715 ext1 = talloc_strdup(ctx, p+1);
5717 ext1 = talloc_strdup(ctx, "");
5719 p = strrchr_m(root2,'.');
5722 ext2 = talloc_strdup(ctx, p+1);
5724 ext2 = talloc_strdup(ctx, "");
5727 if (!ext1 || !ext2) {
5735 /* Hmmm. Should this be mb-aware ? */
5738 } else if (*p2 == '*') {
5740 root2 = talloc_asprintf(ctx, "%s%s",
5759 /* Hmmm. Should this be mb-aware ? */
5762 } else if (*p2 == '*') {
5764 ext2 = talloc_asprintf(ctx, "%s%s",
5780 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5785 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5797 /****************************************************************************
5798 Ensure open files have their names updated. Updated to notify other smbd's
5800 ****************************************************************************/
5802 static void rename_open_files(connection_struct *conn,
5803 struct share_mode_lock *lck,
5804 uint32_t orig_name_hash,
5805 const struct smb_filename *smb_fname_dst)
5808 bool did_rename = False;
5810 uint32_t new_name_hash;
5812 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5813 fsp = file_find_di_next(fsp)) {
5814 /* fsp_name is a relative path under the fsp. To change this for other
5815 sharepaths we need to manipulate relative paths. */
5816 /* TODO - create the absolute path and manipulate the newname
5817 relative to the sharepath. */
5818 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5821 if (fsp->name_hash != orig_name_hash) {
5824 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5825 "(file_id %s) from %s -> %s\n", fsp->fnum,
5826 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5827 smb_fname_str_dbg(smb_fname_dst)));
5829 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5830 if (NT_STATUS_IS_OK(status)) {
5832 new_name_hash = fsp->name_hash;
5837 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5838 "for %s\n", file_id_string_tos(&lck->id),
5839 smb_fname_str_dbg(smb_fname_dst)));
5842 /* Send messages to all smbd's (not ourself) that the name has changed. */
5843 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5844 orig_name_hash, new_name_hash,
5849 /****************************************************************************
5850 We need to check if the source path is a parent directory of the destination
5851 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5852 refuse the rename with a sharing violation. Under UNIX the above call can
5853 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5854 probably need to check that the client is a Windows one before disallowing
5855 this as a UNIX client (one with UNIX extensions) can know the source is a
5856 symlink and make this decision intelligently. Found by an excellent bug
5857 report from <AndyLiebman@aol.com>.
5858 ****************************************************************************/
5860 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5861 const struct smb_filename *smb_fname_dst)
5863 const char *psrc = smb_fname_src->base_name;
5864 const char *pdst = smb_fname_dst->base_name;
5867 if (psrc[0] == '.' && psrc[1] == '/') {
5870 if (pdst[0] == '.' && pdst[1] == '/') {
5873 if ((slen = strlen(psrc)) > strlen(pdst)) {
5876 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5880 * Do the notify calls from a rename
5883 static void notify_rename(connection_struct *conn, bool is_dir,
5884 const struct smb_filename *smb_fname_src,
5885 const struct smb_filename *smb_fname_dst)
5887 char *parent_dir_src = NULL;
5888 char *parent_dir_dst = NULL;
5891 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5892 : FILE_NOTIFY_CHANGE_FILE_NAME;
5894 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5895 &parent_dir_src, NULL) ||
5896 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5897 &parent_dir_dst, NULL)) {
5901 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5902 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5903 smb_fname_src->base_name);
5904 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5905 smb_fname_dst->base_name);
5908 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5909 smb_fname_src->base_name);
5910 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5911 smb_fname_dst->base_name);
5914 /* this is a strange one. w2k3 gives an additional event for
5915 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5916 files, but not directories */
5918 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5919 FILE_NOTIFY_CHANGE_ATTRIBUTES
5920 |FILE_NOTIFY_CHANGE_CREATION,
5921 smb_fname_dst->base_name);
5924 TALLOC_FREE(parent_dir_src);
5925 TALLOC_FREE(parent_dir_dst);
5928 /****************************************************************************
5929 Rename an open file - given an fsp.
5930 ****************************************************************************/
5932 NTSTATUS rename_internals_fsp(connection_struct *conn,
5934 const struct smb_filename *smb_fname_dst_in,
5936 bool replace_if_exists)
5938 TALLOC_CTX *ctx = talloc_tos();
5939 struct smb_filename *smb_fname_dst = NULL;
5940 NTSTATUS status = NT_STATUS_OK;
5941 struct share_mode_lock *lck = NULL;
5942 bool dst_exists, old_is_stream, new_is_stream;
5944 status = check_name(conn, smb_fname_dst_in->base_name);
5945 if (!NT_STATUS_IS_OK(status)) {
5949 /* Make a copy of the dst smb_fname structs */
5951 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5952 if (!NT_STATUS_IS_OK(status)) {
5957 * Check for special case with case preserving and not
5958 * case sensitive. If the old last component differs from the original
5959 * last component only by case, then we should allow
5960 * the rename (user is trying to change the case of the
5963 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5964 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5965 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5967 char *fname_dst_lcomp_base_mod = NULL;
5968 struct smb_filename *smb_fname_orig_lcomp = NULL;
5971 * Get the last component of the destination name.
5973 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5975 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5977 fname_dst_lcomp_base_mod = talloc_strdup(ctx, smb_fname_dst->base_name);
5979 if (!fname_dst_lcomp_base_mod) {
5980 status = NT_STATUS_NO_MEMORY;
5985 * Create an smb_filename struct using the original last
5986 * component of the destination.
5988 status = create_synthetic_smb_fname_split(ctx,
5989 smb_fname_dst->original_lcomp, NULL,
5990 &smb_fname_orig_lcomp);
5991 if (!NT_STATUS_IS_OK(status)) {
5992 TALLOC_FREE(fname_dst_lcomp_base_mod);
5996 /* If the base names only differ by case, use original. */
5997 if(!strcsequal(fname_dst_lcomp_base_mod,
5998 smb_fname_orig_lcomp->base_name)) {
6001 * Replace the modified last component with the
6005 *last_slash = '\0'; /* Truncate at the '/' */
6006 tmp = talloc_asprintf(smb_fname_dst,
6008 smb_fname_dst->base_name,
6009 smb_fname_orig_lcomp->base_name);
6011 tmp = talloc_asprintf(smb_fname_dst,
6013 smb_fname_orig_lcomp->base_name);
6016 status = NT_STATUS_NO_MEMORY;
6017 TALLOC_FREE(fname_dst_lcomp_base_mod);
6018 TALLOC_FREE(smb_fname_orig_lcomp);
6021 TALLOC_FREE(smb_fname_dst->base_name);
6022 smb_fname_dst->base_name = tmp;
6025 /* If the stream_names only differ by case, use original. */
6026 if(!strcsequal(smb_fname_dst->stream_name,
6027 smb_fname_orig_lcomp->stream_name)) {
6029 /* Use the original stream. */
6030 tmp = talloc_strdup(smb_fname_dst,
6031 smb_fname_orig_lcomp->stream_name);
6033 status = NT_STATUS_NO_MEMORY;
6034 TALLOC_FREE(fname_dst_lcomp_base_mod);
6035 TALLOC_FREE(smb_fname_orig_lcomp);
6038 TALLOC_FREE(smb_fname_dst->stream_name);
6039 smb_fname_dst->stream_name = tmp;
6041 TALLOC_FREE(fname_dst_lcomp_base_mod);
6042 TALLOC_FREE(smb_fname_orig_lcomp);
6046 * If the src and dest names are identical - including case,
6047 * don't do the rename, just return success.
6050 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6051 strcsequal(fsp->fsp_name->stream_name,
6052 smb_fname_dst->stream_name)) {
6053 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6054 "- returning success\n",
6055 smb_fname_str_dbg(smb_fname_dst)));
6056 status = NT_STATUS_OK;
6060 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6061 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6063 /* Return the correct error code if both names aren't streams. */
6064 if (!old_is_stream && new_is_stream) {
6065 status = NT_STATUS_OBJECT_NAME_INVALID;
6069 if (old_is_stream && !new_is_stream) {
6070 status = NT_STATUS_INVALID_PARAMETER;
6074 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6076 if(!replace_if_exists && dst_exists) {
6077 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6078 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6079 smb_fname_str_dbg(smb_fname_dst)));
6080 status = NT_STATUS_OBJECT_NAME_COLLISION;
6085 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6086 &smb_fname_dst->st);
6087 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6089 /* The file can be open when renaming a stream */
6090 if (dst_fsp && !new_is_stream) {
6091 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6092 status = NT_STATUS_ACCESS_DENIED;
6097 /* Ensure we have a valid stat struct for the source. */
6098 status = vfs_stat_fsp(fsp);
6099 if (!NT_STATUS_IS_OK(status)) {
6103 status = can_rename(conn, fsp, attrs);
6105 if (!NT_STATUS_IS_OK(status)) {
6106 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6107 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6108 smb_fname_str_dbg(smb_fname_dst)));
6109 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6110 status = NT_STATUS_ACCESS_DENIED;
6114 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6115 status = NT_STATUS_ACCESS_DENIED;
6118 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6122 * We have the file open ourselves, so not being able to get the
6123 * corresponding share mode lock is a fatal error.
6126 SMB_ASSERT(lck != NULL);
6128 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6129 uint32 create_options = fsp->fh->private_options;
6131 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6132 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6133 smb_fname_str_dbg(smb_fname_dst)));
6135 if (!lp_posix_pathnames() &&
6136 (lp_map_archive(SNUM(conn)) ||
6137 lp_store_dos_attributes(SNUM(conn)))) {
6138 /* We must set the archive bit on the newly
6140 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6141 uint32_t old_dosmode = dos_mode(conn,
6143 file_set_dosmode(conn,
6145 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6151 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6154 rename_open_files(conn, lck, fsp->name_hash, smb_fname_dst);
6157 * A rename acts as a new file create w.r.t. allowing an initial delete
6158 * on close, probably because in Windows there is a new handle to the
6159 * new file. If initial delete on close was requested but not
6160 * originally set, we need to set it here. This is probably not 100% correct,
6161 * but will work for the CIFSFS client which in non-posix mode
6162 * depends on these semantics. JRA.
6165 if (create_options & FILE_DELETE_ON_CLOSE) {
6166 status = can_set_delete_on_close(fsp, 0);
6168 if (NT_STATUS_IS_OK(status)) {
6169 /* Note that here we set the *inital* delete on close flag,
6170 * not the regular one. The magic gets handled in close. */
6171 fsp->initial_delete_on_close = True;
6175 status = NT_STATUS_OK;
6181 if (errno == ENOTDIR || errno == EISDIR) {
6182 status = NT_STATUS_OBJECT_NAME_COLLISION;
6184 status = map_nt_error_from_unix(errno);
6187 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6188 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6189 smb_fname_str_dbg(smb_fname_dst)));
6192 TALLOC_FREE(smb_fname_dst);
6197 /****************************************************************************
6198 The guts of the rename command, split out so it may be called by the NT SMB
6200 ****************************************************************************/
6202 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6203 connection_struct *conn,
6204 struct smb_request *req,
6205 struct smb_filename *smb_fname_src,
6206 struct smb_filename *smb_fname_dst,
6208 bool replace_if_exists,
6211 uint32_t access_mask)
6213 char *fname_src_dir = NULL;
6214 char *fname_src_mask = NULL;
6216 NTSTATUS status = NT_STATUS_OK;
6217 struct smb_Dir *dir_hnd = NULL;
6218 const char *dname = NULL;
6219 char *talloced = NULL;
6221 int create_options = 0;
6222 bool posix_pathnames = lp_posix_pathnames();
6225 * Split the old name into directory and last component
6226 * strings. Note that unix_convert may have stripped off a
6227 * leading ./ from both name and newname if the rename is
6228 * at the root of the share. We need to make sure either both
6229 * name and newname contain a / character or neither of them do
6230 * as this is checked in resolve_wildcards().
6233 /* Split up the directory from the filename/mask. */
6234 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6235 &fname_src_dir, &fname_src_mask);
6236 if (!NT_STATUS_IS_OK(status)) {
6237 status = NT_STATUS_NO_MEMORY;
6242 * We should only check the mangled cache
6243 * here if unix_convert failed. This means
6244 * that the path in 'mask' doesn't exist
6245 * on the file system and so we need to look
6246 * for a possible mangle. This patch from
6247 * Tine Smukavec <valentin.smukavec@hermes.si>.
6250 if (!VALID_STAT(smb_fname_src->st) &&
6251 mangle_is_mangled(fname_src_mask, conn->params)) {
6252 char *new_mask = NULL;
6253 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6256 TALLOC_FREE(fname_src_mask);
6257 fname_src_mask = new_mask;
6261 if (!src_has_wild) {
6265 * Only one file needs to be renamed. Append the mask back
6266 * onto the directory.
6268 TALLOC_FREE(smb_fname_src->base_name);
6269 if (ISDOT(fname_src_dir)) {
6270 /* Ensure we use canonical names on open. */
6271 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6275 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6280 if (!smb_fname_src->base_name) {
6281 status = NT_STATUS_NO_MEMORY;
6285 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6286 "case_preserve = %d, short case preserve = %d, "
6287 "directory = %s, newname = %s, "
6288 "last_component_dest = %s\n",
6289 conn->case_sensitive, conn->case_preserve,
6290 conn->short_case_preserve,
6291 smb_fname_str_dbg(smb_fname_src),
6292 smb_fname_str_dbg(smb_fname_dst),
6293 smb_fname_dst->original_lcomp));
6295 /* The dest name still may have wildcards. */
6296 if (dest_has_wild) {
6297 char *fname_dst_mod = NULL;
6298 if (!resolve_wildcards(smb_fname_dst,
6299 smb_fname_src->base_name,
6300 smb_fname_dst->base_name,
6302 DEBUG(6, ("rename_internals: resolve_wildcards "
6304 smb_fname_src->base_name,
6305 smb_fname_dst->base_name));
6306 status = NT_STATUS_NO_MEMORY;
6309 TALLOC_FREE(smb_fname_dst->base_name);
6310 smb_fname_dst->base_name = fname_dst_mod;
6313 ZERO_STRUCT(smb_fname_src->st);
6314 if (posix_pathnames) {
6315 SMB_VFS_LSTAT(conn, smb_fname_src);
6317 SMB_VFS_STAT(conn, smb_fname_src);
6320 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6321 create_options |= FILE_DIRECTORY_FILE;
6324 status = SMB_VFS_CREATE_FILE(
6327 0, /* root_dir_fid */
6328 smb_fname_src, /* fname */
6329 access_mask, /* access_mask */
6330 (FILE_SHARE_READ | /* share_access */
6332 FILE_OPEN, /* create_disposition*/
6333 create_options, /* create_options */
6334 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6335 0, /* oplock_request */
6336 0, /* allocation_size */
6337 0, /* private_flags */
6343 if (!NT_STATUS_IS_OK(status)) {
6344 DEBUG(3, ("Could not open rename source %s: %s\n",
6345 smb_fname_str_dbg(smb_fname_src),
6346 nt_errstr(status)));
6350 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6351 attrs, replace_if_exists);
6353 close_file(req, fsp, NORMAL_CLOSE);
6355 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6356 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6357 smb_fname_str_dbg(smb_fname_dst)));
6363 * Wildcards - process each file that matches.
6365 if (strequal(fname_src_mask, "????????.???")) {
6366 TALLOC_FREE(fname_src_mask);
6367 fname_src_mask = talloc_strdup(ctx, "*");
6368 if (!fname_src_mask) {
6369 status = NT_STATUS_NO_MEMORY;
6374 status = check_name(conn, fname_src_dir);
6375 if (!NT_STATUS_IS_OK(status)) {
6379 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6381 if (dir_hnd == NULL) {
6382 status = map_nt_error_from_unix(errno);
6386 status = NT_STATUS_NO_SUCH_FILE;
6388 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6389 * - gentest fix. JRA
6392 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6394 files_struct *fsp = NULL;
6395 char *destname = NULL;
6396 bool sysdir_entry = False;
6398 /* Quick check for "." and ".." */
6399 if (ISDOT(dname) || ISDOTDOT(dname)) {
6401 sysdir_entry = True;
6403 TALLOC_FREE(talloced);
6408 if (!is_visible_file(conn, fname_src_dir, dname,
6409 &smb_fname_src->st, false)) {
6410 TALLOC_FREE(talloced);
6414 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6415 TALLOC_FREE(talloced);
6420 status = NT_STATUS_OBJECT_NAME_INVALID;
6424 TALLOC_FREE(smb_fname_src->base_name);
6425 if (ISDOT(fname_src_dir)) {
6426 /* Ensure we use canonical names on open. */
6427 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6431 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6436 if (!smb_fname_src->base_name) {
6437 status = NT_STATUS_NO_MEMORY;
6441 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6442 smb_fname_dst->base_name,
6444 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6445 smb_fname_src->base_name, destname));
6446 TALLOC_FREE(talloced);
6450 status = NT_STATUS_NO_MEMORY;
6454 TALLOC_FREE(smb_fname_dst->base_name);
6455 smb_fname_dst->base_name = destname;
6457 ZERO_STRUCT(smb_fname_src->st);
6458 if (posix_pathnames) {
6459 SMB_VFS_LSTAT(conn, smb_fname_src);
6461 SMB_VFS_STAT(conn, smb_fname_src);
6466 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6467 create_options |= FILE_DIRECTORY_FILE;
6470 status = SMB_VFS_CREATE_FILE(
6473 0, /* root_dir_fid */
6474 smb_fname_src, /* fname */
6475 access_mask, /* access_mask */
6476 (FILE_SHARE_READ | /* share_access */
6478 FILE_OPEN, /* create_disposition*/
6479 create_options, /* create_options */
6480 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6481 0, /* oplock_request */
6482 0, /* allocation_size */
6483 0, /* private_flags */
6489 if (!NT_STATUS_IS_OK(status)) {
6490 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6491 "returned %s rename %s -> %s\n",
6493 smb_fname_str_dbg(smb_fname_src),
6494 smb_fname_str_dbg(smb_fname_dst)));
6498 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6500 if (!smb_fname_dst->original_lcomp) {
6501 status = NT_STATUS_NO_MEMORY;
6505 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6506 attrs, replace_if_exists);
6508 close_file(req, fsp, NORMAL_CLOSE);
6510 if (!NT_STATUS_IS_OK(status)) {
6511 DEBUG(3, ("rename_internals_fsp returned %s for "
6512 "rename %s -> %s\n", nt_errstr(status),
6513 smb_fname_str_dbg(smb_fname_src),
6514 smb_fname_str_dbg(smb_fname_dst)));
6520 DEBUG(3,("rename_internals: doing rename on %s -> "
6521 "%s\n", smb_fname_str_dbg(smb_fname_src),
6522 smb_fname_str_dbg(smb_fname_src)));
6523 TALLOC_FREE(talloced);
6525 TALLOC_FREE(dir_hnd);
6527 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6528 status = map_nt_error_from_unix(errno);
6532 TALLOC_FREE(talloced);
6533 TALLOC_FREE(fname_src_dir);
6534 TALLOC_FREE(fname_src_mask);
6538 /****************************************************************************
6540 ****************************************************************************/
6542 void reply_mv(struct smb_request *req)
6544 connection_struct *conn = req->conn;
6546 char *newname = NULL;
6550 bool src_has_wcard = False;
6551 bool dest_has_wcard = False;
6552 TALLOC_CTX *ctx = talloc_tos();
6553 struct smb_filename *smb_fname_src = NULL;
6554 struct smb_filename *smb_fname_dst = NULL;
6555 bool stream_rename = false;
6557 START_PROFILE(SMBmv);
6560 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6564 attrs = SVAL(req->vwv+0, 0);
6566 p = (const char *)req->buf + 1;
6567 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6568 &status, &src_has_wcard);
6569 if (!NT_STATUS_IS_OK(status)) {
6570 reply_nterror(req, status);
6574 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6575 &status, &dest_has_wcard);
6576 if (!NT_STATUS_IS_OK(status)) {
6577 reply_nterror(req, status);
6581 if (!lp_posix_pathnames()) {
6582 /* The newname must begin with a ':' if the
6583 name contains a ':'. */
6584 if (strchr_m(name, ':')) {
6585 if (newname[0] != ':') {
6586 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6589 stream_rename = true;
6593 status = filename_convert(ctx,
6595 req->flags2 & FLAGS2_DFS_PATHNAMES,
6597 UCF_COND_ALLOW_WCARD_LCOMP,
6601 if (!NT_STATUS_IS_OK(status)) {
6602 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6603 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6604 ERRSRV, ERRbadpath);
6607 reply_nterror(req, status);
6611 status = filename_convert(ctx,
6613 req->flags2 & FLAGS2_DFS_PATHNAMES,
6615 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6619 if (!NT_STATUS_IS_OK(status)) {
6620 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6621 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6622 ERRSRV, ERRbadpath);
6625 reply_nterror(req, status);
6629 if (stream_rename) {
6630 /* smb_fname_dst->base_name must be the same as
6631 smb_fname_src->base_name. */
6632 TALLOC_FREE(smb_fname_dst->base_name);
6633 smb_fname_dst->base_name = talloc_strdup(smb_fname_dst,
6634 smb_fname_src->base_name);
6635 if (!smb_fname_dst->base_name) {
6636 reply_nterror(req, NT_STATUS_NO_MEMORY);
6641 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6642 smb_fname_str_dbg(smb_fname_dst)));
6644 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6645 attrs, False, src_has_wcard, dest_has_wcard,
6647 if (!NT_STATUS_IS_OK(status)) {
6648 if (open_was_deferred(req->mid)) {
6649 /* We have re-scheduled this call. */
6652 reply_nterror(req, status);
6656 reply_outbuf(req, 0, 0);
6658 TALLOC_FREE(smb_fname_src);
6659 TALLOC_FREE(smb_fname_dst);
6664 /*******************************************************************
6665 Copy a file as part of a reply_copy.
6666 ******************************************************************/
6669 * TODO: check error codes on all callers
6672 NTSTATUS copy_file(TALLOC_CTX *ctx,
6673 connection_struct *conn,
6674 struct smb_filename *smb_fname_src,
6675 struct smb_filename *smb_fname_dst,
6678 bool target_is_directory)
6680 struct smb_filename *smb_fname_dst_tmp = NULL;
6682 files_struct *fsp1,*fsp2;
6684 uint32 new_create_disposition;
6688 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6689 if (!NT_STATUS_IS_OK(status)) {
6694 * If the target is a directory, extract the last component from the
6695 * src filename and append it to the dst filename
6697 if (target_is_directory) {
6700 /* dest/target can't be a stream if it's a directory. */
6701 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6703 p = strrchr_m(smb_fname_src->base_name,'/');
6707 p = smb_fname_src->base_name;
6709 smb_fname_dst_tmp->base_name =
6710 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6712 if (!smb_fname_dst_tmp->base_name) {
6713 status = NT_STATUS_NO_MEMORY;
6718 status = vfs_file_exist(conn, smb_fname_src);
6719 if (!NT_STATUS_IS_OK(status)) {
6723 if (!target_is_directory && count) {
6724 new_create_disposition = FILE_OPEN;
6726 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6728 &new_create_disposition,
6731 status = NT_STATUS_INVALID_PARAMETER;
6736 /* Open the src file for reading. */
6737 status = SMB_VFS_CREATE_FILE(
6740 0, /* root_dir_fid */
6741 smb_fname_src, /* fname */
6742 FILE_GENERIC_READ, /* access_mask */
6743 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6744 FILE_OPEN, /* create_disposition*/
6745 0, /* create_options */
6746 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6747 INTERNAL_OPEN_ONLY, /* oplock_request */
6748 0, /* allocation_size */
6749 0, /* private_flags */
6755 if (!NT_STATUS_IS_OK(status)) {
6759 dosattrs = dos_mode(conn, smb_fname_src);
6761 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6762 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6765 /* Open the dst file for writing. */
6766 status = SMB_VFS_CREATE_FILE(
6769 0, /* root_dir_fid */
6770 smb_fname_dst, /* fname */
6771 FILE_GENERIC_WRITE, /* access_mask */
6772 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6773 new_create_disposition, /* create_disposition*/
6774 0, /* create_options */
6775 dosattrs, /* file_attributes */
6776 INTERNAL_OPEN_ONLY, /* oplock_request */
6777 0, /* allocation_size */
6778 0, /* private_flags */
6784 if (!NT_STATUS_IS_OK(status)) {
6785 close_file(NULL, fsp1, ERROR_CLOSE);
6789 if (ofun & OPENX_FILE_EXISTS_OPEN) {
6790 ret = SMB_VFS_LSEEK(fsp2, 0, SEEK_END);
6792 DEBUG(0, ("error - vfs lseek returned error %s\n",
6794 status = map_nt_error_from_unix(errno);
6795 close_file(NULL, fsp1, ERROR_CLOSE);
6796 close_file(NULL, fsp2, ERROR_CLOSE);
6801 /* Do the actual copy. */
6802 if (smb_fname_src->st.st_ex_size) {
6803 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6808 close_file(NULL, fsp1, NORMAL_CLOSE);
6810 /* Ensure the modtime is set correctly on the destination file. */
6811 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6814 * As we are opening fsp1 read-only we only expect
6815 * an error on close on fsp2 if we are out of space.
6816 * Thus we don't look at the error return from the
6819 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6821 if (!NT_STATUS_IS_OK(status)) {
6825 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6826 status = NT_STATUS_DISK_FULL;
6830 status = NT_STATUS_OK;
6833 TALLOC_FREE(smb_fname_dst_tmp);
6837 /****************************************************************************
6838 Reply to a file copy.
6839 ****************************************************************************/
6841 void reply_copy(struct smb_request *req)
6843 connection_struct *conn = req->conn;
6844 struct smb_filename *smb_fname_src = NULL;
6845 struct smb_filename *smb_fname_dst = NULL;
6846 char *fname_src = NULL;
6847 char *fname_dst = NULL;
6848 char *fname_src_mask = NULL;
6849 char *fname_src_dir = NULL;
6852 int error = ERRnoaccess;
6856 bool target_is_directory=False;
6857 bool source_has_wild = False;
6858 bool dest_has_wild = False;
6860 TALLOC_CTX *ctx = talloc_tos();
6862 START_PROFILE(SMBcopy);
6865 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6869 tid2 = SVAL(req->vwv+0, 0);
6870 ofun = SVAL(req->vwv+1, 0);
6871 flags = SVAL(req->vwv+2, 0);
6873 p = (const char *)req->buf;
6874 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6875 &status, &source_has_wild);
6876 if (!NT_STATUS_IS_OK(status)) {
6877 reply_nterror(req, status);
6880 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6881 &status, &dest_has_wild);
6882 if (!NT_STATUS_IS_OK(status)) {
6883 reply_nterror(req, status);
6887 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6889 if (tid2 != conn->cnum) {
6890 /* can't currently handle inter share copies XXXX */
6891 DEBUG(3,("Rejecting inter-share copy\n"));
6892 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6896 status = filename_convert(ctx, conn,
6897 req->flags2 & FLAGS2_DFS_PATHNAMES,
6899 UCF_COND_ALLOW_WCARD_LCOMP,
6902 if (!NT_STATUS_IS_OK(status)) {
6903 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6904 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6905 ERRSRV, ERRbadpath);
6908 reply_nterror(req, status);
6912 status = filename_convert(ctx, conn,
6913 req->flags2 & FLAGS2_DFS_PATHNAMES,
6915 UCF_COND_ALLOW_WCARD_LCOMP,
6918 if (!NT_STATUS_IS_OK(status)) {
6919 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6920 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6921 ERRSRV, ERRbadpath);
6924 reply_nterror(req, status);
6928 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6930 if ((flags&1) && target_is_directory) {
6931 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6935 if ((flags&2) && !target_is_directory) {
6936 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6940 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6941 /* wants a tree copy! XXXX */
6942 DEBUG(3,("Rejecting tree copy\n"));
6943 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6947 /* Split up the directory from the filename/mask. */
6948 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6949 &fname_src_dir, &fname_src_mask);
6950 if (!NT_STATUS_IS_OK(status)) {
6951 reply_nterror(req, NT_STATUS_NO_MEMORY);
6956 * We should only check the mangled cache
6957 * here if unix_convert failed. This means
6958 * that the path in 'mask' doesn't exist
6959 * on the file system and so we need to look
6960 * for a possible mangle. This patch from
6961 * Tine Smukavec <valentin.smukavec@hermes.si>.
6963 if (!VALID_STAT(smb_fname_src->st) &&
6964 mangle_is_mangled(fname_src_mask, conn->params)) {
6965 char *new_mask = NULL;
6966 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6967 &new_mask, conn->params);
6969 /* Use demangled name if one was successfully found. */
6971 TALLOC_FREE(fname_src_mask);
6972 fname_src_mask = new_mask;
6976 if (!source_has_wild) {
6979 * Only one file needs to be copied. Append the mask back onto
6982 TALLOC_FREE(smb_fname_src->base_name);
6983 if (ISDOT(fname_src_dir)) {
6984 /* Ensure we use canonical names on open. */
6985 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6989 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6994 if (!smb_fname_src->base_name) {
6995 reply_nterror(req, NT_STATUS_NO_MEMORY);
6999 if (dest_has_wild) {
7000 char *fname_dst_mod = NULL;
7001 if (!resolve_wildcards(smb_fname_dst,
7002 smb_fname_src->base_name,
7003 smb_fname_dst->base_name,
7005 reply_nterror(req, NT_STATUS_NO_MEMORY);
7008 TALLOC_FREE(smb_fname_dst->base_name);
7009 smb_fname_dst->base_name = fname_dst_mod;
7012 status = check_name(conn, smb_fname_src->base_name);
7013 if (!NT_STATUS_IS_OK(status)) {
7014 reply_nterror(req, status);
7018 status = check_name(conn, smb_fname_dst->base_name);
7019 if (!NT_STATUS_IS_OK(status)) {
7020 reply_nterror(req, status);
7024 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
7025 ofun, count, target_is_directory);
7027 if(!NT_STATUS_IS_OK(status)) {
7028 reply_nterror(req, status);
7034 struct smb_Dir *dir_hnd = NULL;
7035 const char *dname = NULL;
7036 char *talloced = NULL;
7040 * There is a wildcard that requires us to actually read the
7041 * src dir and copy each file matching the mask to the dst.
7042 * Right now streams won't be copied, but this could
7043 * presumably be added with a nested loop for reach dir entry.
7045 SMB_ASSERT(!smb_fname_src->stream_name);
7046 SMB_ASSERT(!smb_fname_dst->stream_name);
7048 smb_fname_src->stream_name = NULL;
7049 smb_fname_dst->stream_name = NULL;
7051 if (strequal(fname_src_mask,"????????.???")) {
7052 TALLOC_FREE(fname_src_mask);
7053 fname_src_mask = talloc_strdup(ctx, "*");
7054 if (!fname_src_mask) {
7055 reply_nterror(req, NT_STATUS_NO_MEMORY);
7060 status = check_name(conn, fname_src_dir);
7061 if (!NT_STATUS_IS_OK(status)) {
7062 reply_nterror(req, status);
7066 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7067 if (dir_hnd == NULL) {
7068 status = map_nt_error_from_unix(errno);
7069 reply_nterror(req, status);
7075 /* Iterate over the src dir copying each entry to the dst. */
7076 while ((dname = ReadDirName(dir_hnd, &offset,
7077 &smb_fname_src->st, &talloced))) {
7078 char *destname = NULL;
7080 if (ISDOT(dname) || ISDOTDOT(dname)) {
7081 TALLOC_FREE(talloced);
7085 if (!is_visible_file(conn, fname_src_dir, dname,
7086 &smb_fname_src->st, false)) {
7087 TALLOC_FREE(talloced);
7091 if(!mask_match(dname, fname_src_mask,
7092 conn->case_sensitive)) {
7093 TALLOC_FREE(talloced);
7097 error = ERRnoaccess;
7099 /* Get the src smb_fname struct setup. */
7100 TALLOC_FREE(smb_fname_src->base_name);
7101 if (ISDOT(fname_src_dir)) {
7102 /* Ensure we use canonical names on open. */
7103 smb_fname_src->base_name =
7104 talloc_asprintf(smb_fname_src, "%s",
7107 smb_fname_src->base_name =
7108 talloc_asprintf(smb_fname_src, "%s/%s",
7109 fname_src_dir, dname);
7112 if (!smb_fname_src->base_name) {
7113 TALLOC_FREE(dir_hnd);
7114 TALLOC_FREE(talloced);
7115 reply_nterror(req, NT_STATUS_NO_MEMORY);
7119 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7120 smb_fname_dst->base_name,
7122 TALLOC_FREE(talloced);
7126 TALLOC_FREE(dir_hnd);
7127 TALLOC_FREE(talloced);
7128 reply_nterror(req, NT_STATUS_NO_MEMORY);
7132 TALLOC_FREE(smb_fname_dst->base_name);
7133 smb_fname_dst->base_name = destname;
7135 status = check_name(conn, smb_fname_src->base_name);
7136 if (!NT_STATUS_IS_OK(status)) {
7137 TALLOC_FREE(dir_hnd);
7138 TALLOC_FREE(talloced);
7139 reply_nterror(req, status);
7143 status = check_name(conn, smb_fname_dst->base_name);
7144 if (!NT_STATUS_IS_OK(status)) {
7145 TALLOC_FREE(dir_hnd);
7146 TALLOC_FREE(talloced);
7147 reply_nterror(req, status);
7151 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7152 smb_fname_src->base_name,
7153 smb_fname_dst->base_name));
7155 status = copy_file(ctx, conn, smb_fname_src,
7156 smb_fname_dst, ofun, count,
7157 target_is_directory);
7158 if (NT_STATUS_IS_OK(status)) {
7162 TALLOC_FREE(talloced);
7164 TALLOC_FREE(dir_hnd);
7168 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7172 reply_outbuf(req, 1, 0);
7173 SSVAL(req->outbuf,smb_vwv0,count);
7175 TALLOC_FREE(smb_fname_src);
7176 TALLOC_FREE(smb_fname_dst);
7177 TALLOC_FREE(fname_src);
7178 TALLOC_FREE(fname_dst);
7179 TALLOC_FREE(fname_src_mask);
7180 TALLOC_FREE(fname_src_dir);
7182 END_PROFILE(SMBcopy);
7187 #define DBGC_CLASS DBGC_LOCKING
7189 /****************************************************************************
7190 Get a lock pid, dealing with large count requests.
7191 ****************************************************************************/
7193 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7194 bool large_file_format)
7196 if(!large_file_format)
7197 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7199 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7202 /****************************************************************************
7203 Get a lock count, dealing with large count requests.
7204 ****************************************************************************/
7206 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7207 bool large_file_format)
7211 if(!large_file_format) {
7212 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7215 #if defined(HAVE_LONGLONG)
7216 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7217 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7218 #else /* HAVE_LONGLONG */
7221 * NT4.x seems to be broken in that it sends large file (64 bit)
7222 * lockingX calls even if the CAP_LARGE_FILES was *not*
7223 * negotiated. For boxes without large unsigned ints truncate the
7224 * lock count by dropping the top 32 bits.
7227 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7228 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7229 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7230 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7231 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7234 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7235 #endif /* HAVE_LONGLONG */
7241 #if !defined(HAVE_LONGLONG)
7242 /****************************************************************************
7243 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7244 ****************************************************************************/
7246 static uint32 map_lock_offset(uint32 high, uint32 low)
7250 uint32 highcopy = high;
7253 * Try and find out how many significant bits there are in high.
7256 for(i = 0; highcopy; i++)
7260 * We use 31 bits not 32 here as POSIX
7261 * lock offsets may not be negative.
7264 mask = (~0) << (31 - i);
7267 return 0; /* Fail. */
7273 #endif /* !defined(HAVE_LONGLONG) */
7275 /****************************************************************************
7276 Get a lock offset, dealing with large offset requests.
7277 ****************************************************************************/
7279 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7280 bool large_file_format, bool *err)
7282 uint64_t offset = 0;
7286 if(!large_file_format) {
7287 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7290 #if defined(HAVE_LONGLONG)
7291 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7292 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7293 #else /* HAVE_LONGLONG */
7296 * NT4.x seems to be broken in that it sends large file (64 bit)
7297 * lockingX calls even if the CAP_LARGE_FILES was *not*
7298 * negotiated. For boxes without large unsigned ints mangle the
7299 * lock offset by mapping the top 32 bits onto the lower 32.
7302 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7303 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7304 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7307 if((new_low = map_lock_offset(high, low)) == 0) {
7309 return (uint64_t)-1;
7312 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7313 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7314 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7315 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7318 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7319 #endif /* HAVE_LONGLONG */
7325 NTSTATUS smbd_do_locking(struct smb_request *req,
7329 uint16_t num_ulocks,
7330 struct smbd_lock_element *ulocks,
7332 struct smbd_lock_element *locks,
7335 connection_struct *conn = req->conn;
7337 NTSTATUS status = NT_STATUS_OK;
7341 /* Data now points at the beginning of the list
7342 of smb_unlkrng structs */
7343 for(i = 0; i < (int)num_ulocks; i++) {
7344 struct smbd_lock_element *e = &ulocks[i];
7346 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7347 "pid %u, file %s\n",
7350 (unsigned int)e->smblctx,
7353 if (e->brltype != UNLOCK_LOCK) {
7354 /* this can only happen with SMB2 */
7355 return NT_STATUS_INVALID_PARAMETER;
7358 status = do_unlock(req->sconn->msg_ctx,
7365 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7366 nt_errstr(status)));
7368 if (!NT_STATUS_IS_OK(status)) {
7373 /* Setup the timeout in seconds. */
7375 if (!lp_blocking_locks(SNUM(conn))) {
7379 /* Data now points at the beginning of the list
7380 of smb_lkrng structs */
7382 for(i = 0; i < (int)num_locks; i++) {
7383 struct smbd_lock_element *e = &locks[i];
7385 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7386 "%llu, file %s timeout = %d\n",
7389 (unsigned long long)e->smblctx,
7393 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7394 struct blocking_lock_record *blr = NULL;
7396 if (num_locks > 1) {
7398 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7399 * if the lock vector contains one entry. When given mutliple cancel
7400 * requests in a single PDU we expect the server to return an
7401 * error. Windows servers seem to accept the request but only
7402 * cancel the first lock.
7403 * JRA - Do what Windows does (tm) :-).
7407 /* MS-CIFS (2.2.4.32.1) behavior. */
7408 return NT_STATUS_DOS(ERRDOS,
7409 ERRcancelviolation);
7411 /* Windows behavior. */
7413 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7414 "cancel request\n"));
7420 if (lp_blocking_locks(SNUM(conn))) {
7422 /* Schedule a message to ourselves to
7423 remove the blocking lock record and
7424 return the right error. */
7426 blr = blocking_lock_cancel_smb1(fsp,
7432 NT_STATUS_FILE_LOCK_CONFLICT);
7434 return NT_STATUS_DOS(
7436 ERRcancelviolation);
7439 /* Remove a matching pending lock. */
7440 status = do_lock_cancel(fsp,
7447 bool blocking_lock = timeout ? true : false;
7448 bool defer_lock = false;
7449 struct byte_range_lock *br_lck;
7450 uint64_t block_smblctx;
7452 br_lck = do_lock(req->sconn->msg_ctx,
7464 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7465 /* Windows internal resolution for blocking locks seems
7466 to be about 200ms... Don't wait for less than that. JRA. */
7467 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7468 timeout = lp_lock_spin_time();
7473 /* If a lock sent with timeout of zero would fail, and
7474 * this lock has been requested multiple times,
7475 * according to brl_lock_failed() we convert this
7476 * request to a blocking lock with a timeout of between
7477 * 150 - 300 milliseconds.
7479 * If lp_lock_spin_time() has been set to 0, we skip
7480 * this blocking retry and fail immediately.
7482 * Replacement for do_lock_spin(). JRA. */
7484 if (!req->sconn->using_smb2 &&
7485 br_lck && lp_blocking_locks(SNUM(conn)) &&
7486 lp_lock_spin_time() && !blocking_lock &&
7487 NT_STATUS_EQUAL((status),
7488 NT_STATUS_FILE_LOCK_CONFLICT))
7491 timeout = lp_lock_spin_time();
7494 if (br_lck && defer_lock) {
7496 * A blocking lock was requested. Package up
7497 * this smb into a queued request and push it
7498 * onto the blocking lock queue.
7500 if(push_blocking_lock_request(br_lck,
7511 TALLOC_FREE(br_lck);
7513 return NT_STATUS_OK;
7517 TALLOC_FREE(br_lck);
7520 if (!NT_STATUS_IS_OK(status)) {
7525 /* If any of the above locks failed, then we must unlock
7526 all of the previous locks (X/Open spec). */
7528 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7530 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7531 i = -1; /* we want to skip the for loop */
7535 * Ensure we don't do a remove on the lock that just failed,
7536 * as under POSIX rules, if we have a lock already there, we
7537 * will delete it (and we shouldn't) .....
7539 for(i--; i >= 0; i--) {
7540 struct smbd_lock_element *e = &locks[i];
7542 do_unlock(req->sconn->msg_ctx,
7552 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7553 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7555 return NT_STATUS_OK;
7558 /****************************************************************************
7559 Reply to a lockingX request.
7560 ****************************************************************************/
7562 void reply_lockingX(struct smb_request *req)
7564 connection_struct *conn = req->conn;
7566 unsigned char locktype;
7567 unsigned char oplocklevel;
7572 const uint8_t *data;
7573 bool large_file_format;
7575 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7576 struct smbd_lock_element *ulocks;
7577 struct smbd_lock_element *locks;
7580 START_PROFILE(SMBlockingX);
7583 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7584 END_PROFILE(SMBlockingX);
7588 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7589 locktype = CVAL(req->vwv+3, 0);
7590 oplocklevel = CVAL(req->vwv+3, 1);
7591 num_ulocks = SVAL(req->vwv+6, 0);
7592 num_locks = SVAL(req->vwv+7, 0);
7593 lock_timeout = IVAL(req->vwv+4, 0);
7594 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7596 if (!check_fsp(conn, req, fsp)) {
7597 END_PROFILE(SMBlockingX);
7603 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7604 /* we don't support these - and CANCEL_LOCK makes w2k
7605 and XP reboot so I don't really want to be
7606 compatible! (tridge) */
7607 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7608 END_PROFILE(SMBlockingX);
7612 /* Check if this is an oplock break on a file
7613 we have granted an oplock on.
7615 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7616 /* Client can insist on breaking to none. */
7617 bool break_to_none = (oplocklevel == 0);
7620 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7621 "for fnum = %d\n", (unsigned int)oplocklevel,
7625 * Make sure we have granted an exclusive or batch oplock on
7629 if (fsp->oplock_type == 0) {
7631 /* The Samba4 nbench simulator doesn't understand
7632 the difference between break to level2 and break
7633 to none from level2 - it sends oplock break
7634 replies in both cases. Don't keep logging an error
7635 message here - just ignore it. JRA. */
7637 DEBUG(5,("reply_lockingX: Error : oplock break from "
7638 "client for fnum = %d (oplock=%d) and no "
7639 "oplock granted on this file (%s).\n",
7640 fsp->fnum, fsp->oplock_type,
7643 /* if this is a pure oplock break request then don't
7645 if (num_locks == 0 && num_ulocks == 0) {
7646 END_PROFILE(SMBlockingX);
7649 END_PROFILE(SMBlockingX);
7650 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7655 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7657 result = remove_oplock(fsp);
7659 result = downgrade_oplock(fsp);
7663 DEBUG(0, ("reply_lockingX: error in removing "
7664 "oplock on file %s\n", fsp_str_dbg(fsp)));
7665 /* Hmmm. Is this panic justified? */
7666 smb_panic("internal tdb error");
7669 reply_to_oplock_break_requests(fsp);
7671 /* if this is a pure oplock break request then don't send a
7673 if (num_locks == 0 && num_ulocks == 0) {
7674 /* Sanity check - ensure a pure oplock break is not a
7676 if(CVAL(req->vwv+0, 0) != 0xff)
7677 DEBUG(0,("reply_lockingX: Error : pure oplock "
7678 "break is a chained %d request !\n",
7679 (unsigned int)CVAL(req->vwv+0, 0)));
7680 END_PROFILE(SMBlockingX);
7686 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7687 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7688 END_PROFILE(SMBlockingX);
7692 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7693 if (ulocks == NULL) {
7694 reply_nterror(req, NT_STATUS_NO_MEMORY);
7695 END_PROFILE(SMBlockingX);
7699 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7700 if (locks == NULL) {
7701 reply_nterror(req, NT_STATUS_NO_MEMORY);
7702 END_PROFILE(SMBlockingX);
7706 /* Data now points at the beginning of the list
7707 of smb_unlkrng structs */
7708 for(i = 0; i < (int)num_ulocks; i++) {
7709 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7710 ulocks[i].count = get_lock_count(data, i, large_file_format);
7711 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7712 ulocks[i].brltype = UNLOCK_LOCK;
7715 * There is no error code marked "stupid client bug".... :-).
7718 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7719 END_PROFILE(SMBlockingX);
7724 /* Now do any requested locks */
7725 data += ((large_file_format ? 20 : 10)*num_ulocks);
7727 /* Data now points at the beginning of the list
7728 of smb_lkrng structs */
7730 for(i = 0; i < (int)num_locks; i++) {
7731 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7732 locks[i].count = get_lock_count(data, i, large_file_format);
7733 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7735 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7736 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7737 locks[i].brltype = PENDING_READ_LOCK;
7739 locks[i].brltype = READ_LOCK;
7742 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7743 locks[i].brltype = PENDING_WRITE_LOCK;
7745 locks[i].brltype = WRITE_LOCK;
7750 * There is no error code marked "stupid client bug".... :-).
7753 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7754 END_PROFILE(SMBlockingX);
7759 status = smbd_do_locking(req, fsp,
7760 locktype, lock_timeout,
7764 if (!NT_STATUS_IS_OK(status)) {
7765 END_PROFILE(SMBlockingX);
7766 reply_nterror(req, status);
7770 END_PROFILE(SMBlockingX);
7774 reply_outbuf(req, 2, 0);
7776 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7777 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7779 END_PROFILE(SMBlockingX);
7784 #define DBGC_CLASS DBGC_ALL
7786 /****************************************************************************
7787 Reply to a SMBreadbmpx (read block multiplex) request.
7788 Always reply with an error, if someone has a platform really needs this,
7789 please contact vl@samba.org
7790 ****************************************************************************/
7792 void reply_readbmpx(struct smb_request *req)
7794 START_PROFILE(SMBreadBmpx);
7795 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7796 END_PROFILE(SMBreadBmpx);
7800 /****************************************************************************
7801 Reply to a SMBreadbs (read block multiplex secondary) request.
7802 Always reply with an error, if someone has a platform really needs this,
7803 please contact vl@samba.org
7804 ****************************************************************************/
7806 void reply_readbs(struct smb_request *req)
7808 START_PROFILE(SMBreadBs);
7809 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7810 END_PROFILE(SMBreadBs);
7814 /****************************************************************************
7815 Reply to a SMBsetattrE.
7816 ****************************************************************************/
7818 void reply_setattrE(struct smb_request *req)
7820 connection_struct *conn = req->conn;
7821 struct smb_file_time ft;
7825 START_PROFILE(SMBsetattrE);
7829 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7833 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7835 if(!fsp || (fsp->conn != conn)) {
7836 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7841 * Convert the DOS times into unix times.
7844 ft.atime = convert_time_t_to_timespec(
7845 srv_make_unix_date2(req->vwv+3));
7846 ft.mtime = convert_time_t_to_timespec(
7847 srv_make_unix_date2(req->vwv+5));
7848 ft.create_time = convert_time_t_to_timespec(
7849 srv_make_unix_date2(req->vwv+1));
7851 reply_outbuf(req, 0, 0);
7854 * Patch from Ray Frush <frush@engr.colostate.edu>
7855 * Sometimes times are sent as zero - ignore them.
7858 /* Ensure we have a valid stat struct for the source. */
7859 status = vfs_stat_fsp(fsp);
7860 if (!NT_STATUS_IS_OK(status)) {
7861 reply_nterror(req, status);
7865 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7866 if (!NT_STATUS_IS_OK(status)) {
7867 reply_nterror(req, status);
7871 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7874 (unsigned int)ft.atime.tv_sec,
7875 (unsigned int)ft.mtime.tv_sec,
7876 (unsigned int)ft.create_time.tv_sec
7879 END_PROFILE(SMBsetattrE);
7884 /* Back from the dead for OS/2..... JRA. */
7886 /****************************************************************************
7887 Reply to a SMBwritebmpx (write block multiplex primary) request.
7888 Always reply with an error, if someone has a platform really needs this,
7889 please contact vl@samba.org
7890 ****************************************************************************/
7892 void reply_writebmpx(struct smb_request *req)
7894 START_PROFILE(SMBwriteBmpx);
7895 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7896 END_PROFILE(SMBwriteBmpx);
7900 /****************************************************************************
7901 Reply to a SMBwritebs (write block multiplex secondary) request.
7902 Always reply with an error, if someone has a platform really needs this,
7903 please contact vl@samba.org
7904 ****************************************************************************/
7906 void reply_writebs(struct smb_request *req)
7908 START_PROFILE(SMBwriteBs);
7909 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7910 END_PROFILE(SMBwriteBs);
7914 /****************************************************************************
7915 Reply to a SMBgetattrE.
7916 ****************************************************************************/
7918 void reply_getattrE(struct smb_request *req)
7920 connection_struct *conn = req->conn;
7923 struct timespec create_ts;
7925 START_PROFILE(SMBgetattrE);
7928 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7929 END_PROFILE(SMBgetattrE);
7933 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7935 if(!fsp || (fsp->conn != conn)) {
7936 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7937 END_PROFILE(SMBgetattrE);
7941 /* Do an fstat on this file */
7943 reply_nterror(req, map_nt_error_from_unix(errno));
7944 END_PROFILE(SMBgetattrE);
7948 mode = dos_mode(conn, fsp->fsp_name);
7951 * Convert the times into dos times. Set create
7952 * date to be last modify date as UNIX doesn't save
7956 reply_outbuf(req, 11, 0);
7958 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7959 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7960 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7961 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7962 /* Should we check pending modtime here ? JRA */
7963 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7964 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7967 SIVAL(req->outbuf, smb_vwv6, 0);
7968 SIVAL(req->outbuf, smb_vwv8, 0);
7970 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7971 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7972 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7974 SSVAL(req->outbuf,smb_vwv10, mode);
7976 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7978 END_PROFILE(SMBgetattrE);
git.samba.org / nivanova / samba-autobuild / .git / blob