2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2004.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
33 unsigned int smb_echo_count = 0;
34 extern uint32 global_client_caps;
36 extern struct current_user current_user;
37 extern BOOL global_encrypted_passwords_negotiated;
39 /****************************************************************************
40 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 NTSTATUS check_path_syntax(pstring destname, const pstring srcname)
49 const char *s = srcname;
50 NTSTATUS ret = NT_STATUS_OK;
51 BOOL start_of_name_component = True;
52 unsigned int num_bad_components = 0;
55 if (IS_DIRECTORY_SEP(*s)) {
57 * Safe to assume is not the second part of a mb char as this is handled below.
59 /* Eat multiple '/' or '\\' */
60 while (IS_DIRECTORY_SEP(*s)) {
63 if ((d != destname) && (*s != '\0')) {
64 /* We only care about non-leading or trailing '/' or '\\' */
68 start_of_name_component = True;
72 if (start_of_name_component) {
73 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
74 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
77 * No mb char starts with '.' so we're safe checking the directory separator here.
80 /* If we just added a '/' - delete it */
81 if ((d > destname) && (*(d-1) == '/')) {
86 /* Are we at the start ? Can't go back further if so. */
88 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
91 /* Go back one level... */
92 /* We know this is safe as '/' cannot be part of a mb sequence. */
93 /* NOTE - if this assumption is invalid we are not in good shape... */
94 /* Decrement d first as d points to the *next* char to write into. */
95 for (d--; d > destname; d--) {
99 s += 2; /* Else go past the .. */
100 /* We're still at the start of a name component, just the previous one. */
102 if (num_bad_components) {
103 /* Hmmm. Should we only decrement the bad_components if
104 we're removing a bad component ? Need to check this. JRA. */
105 num_bad_components--;
110 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
111 /* Component of pathname can't be "." only. */
112 ret = NT_STATUS_OBJECT_NAME_INVALID;
113 num_bad_components++;
121 return NT_STATUS_OBJECT_NAME_INVALID;
129 return NT_STATUS_OBJECT_NAME_INVALID;
135 switch(next_mb_char_size(s)) {
146 DEBUG(0,("check_path_syntax: character length assumptions invalid !\n"));
148 return NT_STATUS_INVALID_PARAMETER;
151 if (start_of_name_component && num_bad_components) {
152 num_bad_components++;
154 start_of_name_component = False;
157 if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) {
158 if (num_bad_components > 1) {
159 ret = NT_STATUS_OBJECT_PATH_NOT_FOUND;
167 /****************************************************************************
168 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
169 path or anything including wildcards.
170 We're assuming here that '/' is not the second byte in any multibyte char
171 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
173 ****************************************************************************/
175 NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard)
178 const char *s = srcname;
179 NTSTATUS ret = NT_STATUS_OK;
180 BOOL start_of_name_component = True;
181 unsigned int num_bad_components = 0;
183 *p_contains_wcard = False;
186 if (IS_DIRECTORY_SEP(*s)) {
188 * Safe to assume is not the second part of a mb char as this is handled below.
190 /* Eat multiple '/' or '\\' */
191 while (IS_DIRECTORY_SEP(*s)) {
194 if ((d != destname) && (*s != '\0')) {
195 /* We only care about non-leading or trailing '/' or '\\' */
199 start_of_name_component = True;
203 if (start_of_name_component) {
204 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
205 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
208 * No mb char starts with '.' so we're safe checking the directory separator here.
211 /* If we just added a '/' - delete it */
212 if ((d > destname) && (*(d-1) == '/')) {
217 /* Are we at the start ? Can't go back further if so. */
219 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
222 /* Go back one level... */
223 /* We know this is safe as '/' cannot be part of a mb sequence. */
224 /* NOTE - if this assumption is invalid we are not in good shape... */
225 /* Decrement d first as d points to the *next* char to write into. */
226 for (d--; d > destname; d--) {
230 s += 2; /* Else go past the .. */
231 /* We're still at the start of a name component, just the previous one. */
233 if (num_bad_components) {
234 /* Hmmm. Should we only decrement the bad_components if
235 we're removing a bad component ? Need to check this. JRA. */
236 num_bad_components--;
241 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
242 /* Component of pathname can't be "." only. */
243 ret = NT_STATUS_OBJECT_NAME_INVALID;
244 num_bad_components++;
252 return NT_STATUS_OBJECT_NAME_INVALID;
254 if (!*p_contains_wcard) {
261 *p_contains_wcard = True;
269 switch(next_mb_char_size(s)) {
280 DEBUG(0,("check_path_syntax_wcard: character length assumptions invalid !\n"));
282 return NT_STATUS_INVALID_PARAMETER;
285 if (start_of_name_component && num_bad_components) {
286 num_bad_components++;
288 start_of_name_component = False;
291 if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) {
292 /* For some strange reason being called from findfirst changes
293 the num_components number to cause the error return to change. JRA. */
294 if (num_bad_components > 2) {
295 ret = NT_STATUS_OBJECT_PATH_NOT_FOUND;
303 /****************************************************************************
304 Check the path for a POSIX client.
305 We're assuming here that '/' is not the second byte in any multibyte char
306 set (a safe assumption).
307 ****************************************************************************/
309 NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname)
312 const char *s = srcname;
313 NTSTATUS ret = NT_STATUS_OK;
314 BOOL start_of_name_component = True;
319 * Safe to assume is not the second part of a mb char as this is handled below.
321 /* Eat multiple '/' or '\\' */
325 if ((d != destname) && (*s != '\0')) {
326 /* We only care about non-leading or trailing '/' */
330 start_of_name_component = True;
334 if (start_of_name_component) {
335 if ((s[0] == '.') && (s[1] == '.') && (s[2] == '/' || s[2] == '\0')) {
336 /* Uh oh - "/../" or "/..\0" ! */
339 * No mb char starts with '.' so we're safe checking the directory separator here.
342 /* If we just added a '/' - delete it */
343 if ((d > destname) && (*(d-1) == '/')) {
348 /* Are we at the start ? Can't go back further if so. */
350 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
353 /* Go back one level... */
354 /* We know this is safe as '/' cannot be part of a mb sequence. */
355 /* NOTE - if this assumption is invalid we are not in good shape... */
356 /* Decrement d first as d points to the *next* char to write into. */
357 for (d--; d > destname; d--) {
361 s += 2; /* Else go past the .. */
364 } else if ((s[0] == '.') && ((s[1] == '\0') || (s[1] == '/'))) {
374 switch(next_mb_char_size(s)) {
385 DEBUG(0,("check_path_syntax_posix: character length assumptions invalid !\n"));
387 return NT_STATUS_INVALID_PARAMETER;
390 start_of_name_component = False;
397 /****************************************************************************
398 Pull a string and check the path allowing a wilcard - provide for error return.
399 ****************************************************************************/
401 size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags,
402 NTSTATUS *err, BOOL *contains_wcard)
405 char *tmppath_ptr = tmppath;
408 SMB_ASSERT(dest_len == sizeof(pstring));
412 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
414 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
417 *contains_wcard = False;
419 if (lp_posix_pathnames()) {
420 *err = check_path_syntax_posix(dest, tmppath);
422 *err = check_path_syntax_wcard(dest, tmppath, contains_wcard);
427 /****************************************************************************
428 Pull a string and check the path - provide for error return.
429 ****************************************************************************/
431 size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err)
434 char *tmppath_ptr = tmppath;
437 SMB_ASSERT(dest_len == sizeof(pstring));
441 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
443 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
445 if (lp_posix_pathnames()) {
446 *err = check_path_syntax_posix(dest, tmppath);
448 *err = check_path_syntax(dest, tmppath);
453 /****************************************************************************
454 Reply to a special message.
455 ****************************************************************************/
457 int reply_special(char *inbuf,char *outbuf)
460 int msg_type = CVAL(inbuf,0);
461 int msg_flags = CVAL(inbuf,1);
465 static BOOL already_got_session = False;
469 memset(outbuf,'\0',smb_size);
471 smb_setlen(outbuf,0);
474 case 0x81: /* session request */
476 if (already_got_session) {
477 exit_server("multiple session request not permitted");
480 SCVAL(outbuf,0,0x82);
482 if (name_len(inbuf+4) > 50 ||
483 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
484 DEBUG(0,("Invalid name length in session request\n"));
487 name_extract(inbuf,4,name1);
488 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
489 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
492 set_local_machine_name(name1, True);
493 set_remote_machine_name(name2, True);
495 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
496 get_local_machine_name(), get_remote_machine_name(),
499 if (name_type == 'R') {
500 /* We are being asked for a pathworks session ---
502 SCVAL(outbuf, 0,0x83);
506 /* only add the client's machine name to the list
507 of possibly valid usernames if we are operating
508 in share mode security */
509 if (lp_security() == SEC_SHARE) {
510 add_session_user(get_remote_machine_name());
513 reload_services(True);
516 already_got_session = True;
519 case 0x89: /* session keepalive request
520 (some old clients produce this?) */
521 SCVAL(outbuf,0,SMBkeepalive);
525 case 0x82: /* positive session response */
526 case 0x83: /* negative session response */
527 case 0x84: /* retarget session response */
528 DEBUG(0,("Unexpected session response\n"));
531 case SMBkeepalive: /* session keepalive */
536 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
537 msg_type, msg_flags));
542 /****************************************************************************
544 ****************************************************************************/
546 int reply_tcon(connection_struct *conn,
547 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
554 uint16 vuid = SVAL(inbuf,smb_uid);
558 DATA_BLOB password_blob;
560 START_PROFILE(SMBtcon);
562 *service_buf = *password = *dev = 0;
564 p = smb_buf(inbuf)+1;
565 p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1;
566 pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1;
568 p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1;
570 p = strrchr_m(service_buf,'\\');
574 service = service_buf;
577 password_blob = data_blob(password, pwlen+1);
579 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
581 data_blob_clear_free(&password_blob);
584 END_PROFILE(SMBtcon);
585 return ERROR_NT(nt_status);
588 outsize = set_message(outbuf,2,0,True);
589 SSVAL(outbuf,smb_vwv0,max_recv);
590 SSVAL(outbuf,smb_vwv1,conn->cnum);
591 SSVAL(outbuf,smb_tid,conn->cnum);
593 DEBUG(3,("tcon service=%s cnum=%d\n",
594 service, conn->cnum));
596 END_PROFILE(SMBtcon);
600 /****************************************************************************
601 Reply to a tcon and X.
602 ****************************************************************************/
604 int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
609 /* what the cleint thinks the device is */
610 fstring client_devicetype;
611 /* what the server tells the client the share represents */
612 const char *server_devicetype;
614 uint16 vuid = SVAL(inbuf,smb_uid);
615 int passlen = SVAL(inbuf,smb_vwv3);
619 START_PROFILE(SMBtconX);
621 *service = *client_devicetype = 0;
623 /* we might have to close an old one */
624 if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) {
625 close_cnum(conn,vuid);
628 if (passlen > MAX_PASS_LEN) {
629 return ERROR_DOS(ERRDOS,ERRbuftoosmall);
632 if (global_encrypted_passwords_negotiated) {
633 password = data_blob(smb_buf(inbuf),passlen);
635 password = data_blob(smb_buf(inbuf),passlen+1);
636 /* Ensure correct termination */
637 password.data[passlen]=0;
640 p = smb_buf(inbuf) + passlen;
641 p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE);
644 * the service name can be either: \\server\share
645 * or share directly like on the DELL PowerVault 705
648 q = strchr_m(path+2,'\\');
650 END_PROFILE(SMBtconX);
651 return(ERROR_DOS(ERRDOS,ERRnosuchshare));
653 fstrcpy(service,q+1);
656 fstrcpy(service,path);
658 p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII);
660 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
662 conn = make_connection(service,password,client_devicetype,vuid,&nt_status);
664 data_blob_clear_free(&password);
667 END_PROFILE(SMBtconX);
668 return ERROR_NT(nt_status);
672 server_devicetype = "IPC";
673 else if ( IS_PRINT(conn) )
674 server_devicetype = "LPT1:";
676 server_devicetype = "A:";
678 if (Protocol < PROTOCOL_NT1) {
679 set_message(outbuf,2,0,True);
681 p += srvstr_push(outbuf, p, server_devicetype, -1,
682 STR_TERMINATE|STR_ASCII);
683 set_message_end(outbuf,p);
685 /* NT sets the fstype of IPC$ to the null string */
686 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
688 set_message(outbuf,3,0,True);
691 p += srvstr_push(outbuf, p, server_devicetype, -1,
692 STR_TERMINATE|STR_ASCII);
693 p += srvstr_push(outbuf, p, fstype, -1,
696 set_message_end(outbuf,p);
698 /* what does setting this bit do? It is set by NT4 and
699 may affect the ability to autorun mounted cdroms */
700 SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
701 (lp_csc_policy(SNUM(conn)) << 2));
703 init_dfsroot(conn, inbuf, outbuf);
707 DEBUG(3,("tconX service=%s \n",
710 /* set the incoming and outgoing tid to the just created one */
711 SSVAL(inbuf,smb_tid,conn->cnum);
712 SSVAL(outbuf,smb_tid,conn->cnum);
714 END_PROFILE(SMBtconX);
715 return chain_reply(inbuf,outbuf,length,bufsize);
718 /****************************************************************************
719 Reply to an unknown type.
720 ****************************************************************************/
722 int reply_unknown(char *inbuf,char *outbuf)
725 type = CVAL(inbuf,smb_com);
727 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
728 smb_fn_name(type), type, type));
730 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
733 /****************************************************************************
735 ****************************************************************************/
737 int reply_ioctl(connection_struct *conn,
738 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
740 uint16 device = SVAL(inbuf,smb_vwv1);
741 uint16 function = SVAL(inbuf,smb_vwv2);
742 uint32 ioctl_code = (device << 16) + function;
743 int replysize, outsize;
745 START_PROFILE(SMBioctl);
747 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
749 switch (ioctl_code) {
750 case IOCTL_QUERY_JOB_INFO:
754 END_PROFILE(SMBioctl);
755 return(ERROR_DOS(ERRSRV,ERRnosupport));
758 outsize = set_message(outbuf,8,replysize+1,True);
759 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
760 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
761 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
762 p = smb_buf(outbuf) + 1; /* Allow for alignment */
764 switch (ioctl_code) {
765 case IOCTL_QUERY_JOB_INFO:
767 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
769 END_PROFILE(SMBioctl);
770 return(UNIXERROR(ERRDOS,ERRbadfid));
772 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
773 srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII);
775 srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII);
781 END_PROFILE(SMBioctl);
785 /****************************************************************************
787 ****************************************************************************/
789 int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
794 BOOL bad_path = False;
795 SMB_STRUCT_STAT sbuf;
798 START_PROFILE(SMBchkpth);
800 srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status);
801 if (!NT_STATUS_IS_OK(status)) {
802 END_PROFILE(SMBchkpth);
803 return ERROR_NT(status);
806 RESOLVE_DFSPATH(name, conn, inbuf, outbuf);
808 unix_convert(name,conn,0,&bad_path,&sbuf);
810 END_PROFILE(SMBchkpth);
811 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
814 if (check_name(name,conn)) {
815 if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0)
816 if (!(ok = S_ISDIR(sbuf.st_mode))) {
817 END_PROFILE(SMBchkpth);
818 return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath);
823 /* We special case this - as when a Windows machine
824 is parsing a path is steps through the components
825 one at a time - if a component fails it expects
826 ERRbadpath, not ERRbadfile.
828 if(errno == ENOENT) {
830 * Windows returns different error codes if
831 * the parent directory is valid but not the
832 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
833 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
834 * if the path is invalid. This is different from set_bad_path_error()
835 * in the non-NT error case.
837 END_PROFILE(SMBchkpth);
838 return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath);
841 END_PROFILE(SMBchkpth);
842 return(UNIXERROR(ERRDOS,ERRbadpath));
845 outsize = set_message(outbuf,0,0,True);
846 DEBUG(3,("chkpth %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0)));
848 END_PROFILE(SMBchkpth);
852 /****************************************************************************
854 ****************************************************************************/
856 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
860 SMB_STRUCT_STAT sbuf;
865 BOOL bad_path = False;
869 START_PROFILE(SMBgetatr);
871 p = smb_buf(inbuf) + 1;
872 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
873 if (!NT_STATUS_IS_OK(status)) {
874 END_PROFILE(SMBgetatr);
875 return ERROR_NT(status);
878 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
880 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
881 under WfWg - weird! */
883 mode = aHIDDEN | aDIR;
884 if (!CAN_WRITE(conn))
890 unix_convert(fname,conn,0,&bad_path,&sbuf);
892 END_PROFILE(SMBgetatr);
893 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
895 if (check_name(fname,conn)) {
896 if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) {
897 mode = dos_mode(conn,fname,&sbuf);
899 mtime = sbuf.st_mtime;
904 DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno)));
910 END_PROFILE(SMBgetatr);
911 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadfile);
914 outsize = set_message(outbuf,10,0,True);
916 SSVAL(outbuf,smb_vwv0,mode);
917 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
918 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
920 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
922 SIVAL(outbuf,smb_vwv3,(uint32)size);
924 if (Protocol >= PROTOCOL_NT1) {
925 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
928 DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) );
930 END_PROFILE(SMBgetatr);
934 /****************************************************************************
936 ****************************************************************************/
938 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
945 SMB_STRUCT_STAT sbuf;
946 BOOL bad_path = False;
950 START_PROFILE(SMBsetatr);
952 p = smb_buf(inbuf) + 1;
953 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
954 if (!NT_STATUS_IS_OK(status)) {
955 END_PROFILE(SMBsetatr);
956 return ERROR_NT(status);
959 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
961 unix_convert(fname,conn,0,&bad_path,&sbuf);
963 END_PROFILE(SMBsetatr);
964 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
967 mode = SVAL(inbuf,smb_vwv0);
968 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
970 if (mode != FILE_ATTRIBUTE_NORMAL) {
971 if (VALID_STAT_OF_DIR(sbuf))
976 if (check_name(fname,conn)) {
977 ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0);
984 ok = set_filetime(conn,fname,mtime);
987 END_PROFILE(SMBsetatr);
988 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
991 outsize = set_message(outbuf,0,0,True);
993 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
995 END_PROFILE(SMBsetatr);
999 /****************************************************************************
1001 ****************************************************************************/
1003 int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1006 SMB_BIG_UINT dfree,dsize,bsize;
1007 START_PROFILE(SMBdskattr);
1009 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1010 END_PROFILE(SMBdskattr);
1011 return(UNIXERROR(ERRHRD,ERRgeneral));
1014 outsize = set_message(outbuf,5,0,True);
1016 if (Protocol <= PROTOCOL_LANMAN2) {
1017 double total_space, free_space;
1018 /* we need to scale this to a number that DOS6 can handle. We
1019 use floating point so we can handle large drives on systems
1020 that don't have 64 bit integers
1022 we end up displaying a maximum of 2G to DOS systems
1024 total_space = dsize * (double)bsize;
1025 free_space = dfree * (double)bsize;
1027 dsize = (total_space+63*512) / (64*512);
1028 dfree = (free_space+63*512) / (64*512);
1030 if (dsize > 0xFFFF) dsize = 0xFFFF;
1031 if (dfree > 0xFFFF) dfree = 0xFFFF;
1033 SSVAL(outbuf,smb_vwv0,dsize);
1034 SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1035 SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */
1036 SSVAL(outbuf,smb_vwv3,dfree);
1038 SSVAL(outbuf,smb_vwv0,dsize);
1039 SSVAL(outbuf,smb_vwv1,bsize/512);
1040 SSVAL(outbuf,smb_vwv2,512);
1041 SSVAL(outbuf,smb_vwv3,dfree);
1044 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1046 END_PROFILE(SMBdskattr);
1050 /****************************************************************************
1052 Can be called from SMBsearch, SMBffirst or SMBfunique.
1053 ****************************************************************************/
1055 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1065 unsigned int numentries = 0;
1066 unsigned int maxentries = 0;
1067 BOOL finished = False;
1074 BOOL check_descend = False;
1075 BOOL expect_close = False;
1076 BOOL can_open = True;
1077 BOOL bad_path = False;
1079 BOOL mask_contains_wcard = False;
1080 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1082 if (lp_posix_pathnames()) {
1083 return reply_unknown(inbuf, outbuf);
1086 START_PROFILE(SMBsearch);
1088 *mask = *directory = *fname = 0;
1090 /* If we were called as SMBffirst then we must expect close. */
1091 if(CVAL(inbuf,smb_com) == SMBffirst)
1092 expect_close = True;
1094 outsize = set_message(outbuf,1,3,True);
1095 maxentries = SVAL(inbuf,smb_vwv0);
1096 dirtype = SVAL(inbuf,smb_vwv1);
1097 p = smb_buf(inbuf) + 1;
1098 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard);
1099 if (!NT_STATUS_IS_OK(nt_status)) {
1100 END_PROFILE(SMBsearch);
1101 return ERROR_NT(nt_status);
1104 RESOLVE_DFSPATH_WCARD(path, conn, inbuf, outbuf);
1107 status_len = SVAL(p, 0);
1110 /* dirtype &= ~aDIR; */
1112 if (status_len == 0) {
1113 SMB_STRUCT_STAT sbuf;
1116 pstrcpy(directory,path);
1118 unix_convert(directory,conn,0,&bad_path,&sbuf);
1121 if (!check_name(directory,conn))
1124 p = strrchr_m(dir2,'/');
1133 p = strrchr_m(directory,'/');
1139 if (strlen(directory) == 0)
1140 pstrcpy(directory,".");
1141 memset((char *)status,'\0',21);
1142 SCVAL(status,0,(dirtype & 0x1F));
1146 memcpy(status,p,21);
1147 status_dirtype = CVAL(status,0) & 0x1F;
1148 if (status_dirtype != (dirtype & 0x1F))
1149 dirtype = status_dirtype;
1151 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1154 string_set(&conn->dirpath,dptr_path(dptr_num));
1155 pstrcpy(mask, dptr_wcard(dptr_num));
1159 p = smb_buf(outbuf) + 3;
1162 if (status_len == 0) {
1163 dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype);
1165 if(dptr_num == -2) {
1166 END_PROFILE(SMBsearch);
1167 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnofids);
1169 END_PROFILE(SMBsearch);
1170 return ERROR_DOS(ERRDOS,ERRnofids);
1173 dirtype = dptr_attr(dptr_num);
1176 DEBUG(4,("dptr_num is %d\n",dptr_num));
1179 if ((dirtype&0x1F) == aVOLID) {
1180 memcpy(p,status,21);
1181 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1182 0,aVOLID,0,!allow_long_path_components);
1183 dptr_fill(p+12,dptr_num);
1184 if (dptr_zero(p+12) && (status_len==0))
1188 p += DIR_STRUCT_SIZE;
1191 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1193 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1194 conn->dirpath,lp_dontdescend(SNUM(conn))));
1195 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True))
1196 check_descend = True;
1198 for (i=numentries;(i<maxentries) && !finished;i++) {
1199 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1201 memcpy(p,status,21);
1202 make_dir_struct(p,mask,fname,size, mode,date,
1203 !allow_long_path_components);
1204 if (!dptr_fill(p+12,dptr_num)) {
1208 p += DIR_STRUCT_SIZE;
1218 /* If we were called as SMBffirst with smb_search_id == NULL
1219 and no entries were found then return error and close dirptr
1222 if (numentries == 0 || !ok) {
1223 dptr_close(&dptr_num);
1224 } else if(ok && expect_close && status_len == 0) {
1225 /* Close the dptr - we know it's gone */
1226 dptr_close(&dptr_num);
1229 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1230 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1231 dptr_close(&dptr_num);
1234 if ((numentries == 0) && !mask_contains_wcard) {
1235 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1238 SSVAL(outbuf,smb_vwv0,numentries);
1239 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1240 SCVAL(smb_buf(outbuf),0,5);
1241 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1243 /* The replies here are never long name. */
1244 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1245 if (!allow_long_path_components) {
1246 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1249 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1250 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1252 outsize += DIR_STRUCT_SIZE*numentries;
1253 smb_setlen(outbuf,outsize - 4);
1255 if ((! *directory) && dptr_path(dptr_num))
1256 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1258 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1259 smb_fn_name(CVAL(inbuf,smb_com)),
1260 mask, directory, dirtype, numentries, maxentries ) );
1262 END_PROFILE(SMBsearch);
1266 /****************************************************************************
1267 Reply to a fclose (stop directory search).
1268 ****************************************************************************/
1270 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1279 BOOL path_contains_wcard = False;
1281 if (lp_posix_pathnames()) {
1282 return reply_unknown(inbuf, outbuf);
1285 START_PROFILE(SMBfclose);
1287 outsize = set_message(outbuf,1,0,True);
1288 p = smb_buf(inbuf) + 1;
1289 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard);
1290 if (!NT_STATUS_IS_OK(err)) {
1291 END_PROFILE(SMBfclose);
1292 return ERROR_NT(err);
1295 status_len = SVAL(p,0);
1298 if (status_len == 0) {
1299 END_PROFILE(SMBfclose);
1300 return ERROR_DOS(ERRSRV,ERRsrverror);
1303 memcpy(status,p,21);
1305 if(dptr_fetch(status+12,&dptr_num)) {
1306 /* Close the dptr - we know it's gone */
1307 dptr_close(&dptr_num);
1310 SSVAL(outbuf,smb_vwv0,0);
1312 DEBUG(3,("search close\n"));
1314 END_PROFILE(SMBfclose);
1318 /****************************************************************************
1320 ****************************************************************************/
1322 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1330 SMB_STRUCT_STAT sbuf;
1331 BOOL bad_path = False;
1333 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1335 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1338 uint32 create_disposition;
1339 uint32 create_options = 0;
1341 START_PROFILE(SMBopen);
1343 deny_mode = SVAL(inbuf,smb_vwv0);
1345 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1346 if (!NT_STATUS_IS_OK(status)) {
1347 END_PROFILE(SMBopen);
1348 return ERROR_NT(status);
1351 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1353 unix_convert(fname,conn,0,&bad_path,&sbuf);
1355 END_PROFILE(SMBopen);
1356 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1359 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1360 &access_mask, &share_mode, &create_disposition, &create_options)) {
1361 END_PROFILE(SMBopen);
1362 return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess);
1365 fsp = open_file_ntcreate(conn,fname,&sbuf,
1375 END_PROFILE(SMBopen);
1376 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1377 /* We have re-scheduled this call. */
1380 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
1383 size = sbuf.st_size;
1384 fattr = dos_mode(conn,fname,&sbuf);
1385 mtime = sbuf.st_mtime;
1388 DEBUG(3,("attempt to open a directory %s\n",fname));
1389 close_file(fsp,ERROR_CLOSE);
1390 END_PROFILE(SMBopen);
1391 return ERROR_DOS(ERRDOS,ERRnoaccess);
1394 outsize = set_message(outbuf,7,0,True);
1395 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1396 SSVAL(outbuf,smb_vwv1,fattr);
1397 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1398 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1400 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1402 SIVAL(outbuf,smb_vwv4,(uint32)size);
1403 SSVAL(outbuf,smb_vwv6,deny_mode);
1405 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1406 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1409 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1410 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1412 END_PROFILE(SMBopen);
1416 /****************************************************************************
1417 Reply to an open and X.
1418 ****************************************************************************/
1420 int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1423 uint16 open_flags = SVAL(inbuf,smb_vwv2);
1424 int deny_mode = SVAL(inbuf,smb_vwv3);
1425 uint32 smb_attr = SVAL(inbuf,smb_vwv5);
1426 /* Breakout the oplock request bits so we can set the
1427 reply bits separately. */
1428 BOOL ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf);
1429 BOOL core_oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1430 BOOL oplock_request = ex_oplock_request | core_oplock_request;
1432 int smb_sattr = SVAL(inbuf,smb_vwv4);
1433 uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
1435 int smb_ofun = SVAL(inbuf,smb_vwv8);
1439 SMB_STRUCT_STAT sbuf;
1441 BOOL bad_path = False;
1444 SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9);
1445 ssize_t retval = -1;
1448 uint32 create_disposition;
1449 uint32 create_options = 0;
1451 START_PROFILE(SMBopenX);
1453 /* If it's an IPC, pass off the pipe handler. */
1455 if (lp_nt_pipe_support()) {
1456 END_PROFILE(SMBopenX);
1457 return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize);
1459 END_PROFILE(SMBopenX);
1460 return ERROR_DOS(ERRSRV,ERRaccess);
1464 /* XXXX we need to handle passed times, sattr and flags */
1465 srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
1466 if (!NT_STATUS_IS_OK(status)) {
1467 END_PROFILE(SMBopenX);
1468 return ERROR_NT(status);
1471 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1473 unix_convert(fname,conn,0,&bad_path,&sbuf);
1475 END_PROFILE(SMBopenX);
1476 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1479 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1482 &create_disposition,
1484 END_PROFILE(SMBopenX);
1485 return ERROR_FORCE_DOS(ERRDOS, ERRbadaccess);
1488 fsp = open_file_ntcreate(conn,fname,&sbuf,
1498 END_PROFILE(SMBopenX);
1499 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1500 /* We have re-scheduled this call. */
1503 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
1506 size = sbuf.st_size;
1508 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1509 if the file is truncated or created. */
1510 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1511 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1512 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1513 close_file(fsp,ERROR_CLOSE);
1514 END_PROFILE(SMBntcreateX);
1515 return ERROR_NT(NT_STATUS_DISK_FULL);
1517 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1519 close_file(fsp,ERROR_CLOSE);
1520 END_PROFILE(SMBwrite);
1521 return ERROR_NT(NT_STATUS_DISK_FULL);
1523 size = get_allocation_size(conn,fsp,&sbuf);
1526 fattr = dos_mode(conn,fname,&sbuf);
1527 mtime = sbuf.st_mtime;
1529 close_file(fsp,ERROR_CLOSE);
1530 END_PROFILE(SMBopenX);
1531 return ERROR_DOS(ERRDOS,ERRnoaccess);
1534 /* If the caller set the extended oplock request bit
1535 and we granted one (by whatever means) - set the
1536 correct bit for extended oplock reply.
1539 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1540 smb_action |= EXTENDED_OPLOCK_GRANTED;
1543 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1544 smb_action |= EXTENDED_OPLOCK_GRANTED;
1547 /* If the caller set the core oplock request bit
1548 and we granted one (by whatever means) - set the
1549 correct bit for core oplock reply.
1552 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1553 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1556 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1557 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1560 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1561 set_message(outbuf,19,0,True);
1563 set_message(outbuf,15,0,True);
1565 SSVAL(outbuf,smb_vwv2,fsp->fnum);
1566 SSVAL(outbuf,smb_vwv3,fattr);
1567 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1568 srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1);
1570 srv_put_dos_date3(outbuf,smb_vwv4,mtime);
1572 SIVAL(outbuf,smb_vwv6,(uint32)size);
1573 SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1574 SSVAL(outbuf,smb_vwv11,smb_action);
1576 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1577 SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1580 END_PROFILE(SMBopenX);
1581 return chain_reply(inbuf,outbuf,length,bufsize);
1584 /****************************************************************************
1585 Reply to a SMBulogoffX.
1586 ****************************************************************************/
1588 int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1590 uint16 vuid = SVAL(inbuf,smb_uid);
1591 user_struct *vuser = get_valid_user_struct(vuid);
1592 START_PROFILE(SMBulogoffX);
1595 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid));
1597 /* in user level security we are supposed to close any files
1598 open by this user */
1599 if ((vuser != 0) && (lp_security() != SEC_SHARE))
1600 file_close_user(vuid);
1602 invalidate_vuid(vuid);
1604 set_message(outbuf,2,0,True);
1606 DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) );
1608 END_PROFILE(SMBulogoffX);
1609 return chain_reply(inbuf,outbuf,length,bufsize);
1612 /****************************************************************************
1613 Reply to a mknew or a create.
1614 ****************************************************************************/
1616 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1621 uint32 fattr = SVAL(inbuf,smb_vwv0);
1622 BOOL bad_path = False;
1624 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1625 SMB_STRUCT_STAT sbuf;
1627 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1628 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1629 uint32 create_disposition;
1630 uint32 create_options = 0;
1632 START_PROFILE(SMBcreate);
1634 com = SVAL(inbuf,smb_com);
1636 srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status);
1637 if (!NT_STATUS_IS_OK(status)) {
1638 END_PROFILE(SMBcreate);
1639 return ERROR_NT(status);
1642 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1644 unix_convert(fname,conn,0,&bad_path,&sbuf);
1646 END_PROFILE(SMBcreate);
1647 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1650 if (fattr & aVOLID) {
1651 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1654 if(com == SMBmknew) {
1655 /* We should fail if file exists. */
1656 create_disposition = FILE_CREATE;
1658 /* Create if file doesn't exist, truncate if it does. */
1659 create_disposition = FILE_OVERWRITE_IF;
1662 /* Open file using ntcreate. */
1663 fsp = open_file_ntcreate(conn,fname,&sbuf,
1673 END_PROFILE(SMBcreate);
1674 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1675 /* We have re-scheduled this call. */
1678 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
1681 outsize = set_message(outbuf,1,0,True);
1682 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1684 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1685 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1688 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1689 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1692 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1693 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1695 END_PROFILE(SMBcreate);
1699 /****************************************************************************
1700 Reply to a create temporary file.
1701 ****************************************************************************/
1703 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1707 uint32 fattr = SVAL(inbuf,smb_vwv0);
1708 BOOL bad_path = False;
1710 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1712 SMB_STRUCT_STAT sbuf;
1715 unsigned int namelen;
1717 START_PROFILE(SMBctemp);
1719 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1720 if (!NT_STATUS_IS_OK(status)) {
1721 END_PROFILE(SMBctemp);
1722 return ERROR_NT(status);
1725 pstrcat(fname,"/TMXXXXXX");
1727 pstrcat(fname,"TMXXXXXX");
1730 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1732 unix_convert(fname,conn,0,&bad_path,&sbuf);
1734 END_PROFILE(SMBctemp);
1735 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1738 tmpfd = smb_mkstemp(fname);
1740 END_PROFILE(SMBctemp);
1741 return(UNIXERROR(ERRDOS,ERRnoaccess));
1744 SMB_VFS_STAT(conn,fname,&sbuf);
1746 /* We should fail if file does not exist. */
1747 fsp = open_file_ntcreate(conn,fname,&sbuf,
1748 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1749 FILE_SHARE_READ|FILE_SHARE_WRITE,
1756 /* close fd from smb_mkstemp() */
1760 END_PROFILE(SMBctemp);
1761 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1762 /* We have re-scheduled this call. */
1765 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
1768 outsize = set_message(outbuf,1,0,True);
1769 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1771 /* the returned filename is relative to the directory */
1772 s = strrchr_m(fname, '/');
1779 p = smb_buf(outbuf);
1781 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1782 thing in the byte section. JRA */
1783 SSVALS(p, 0, -1); /* what is this? not in spec */
1785 namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE);
1787 outsize = set_message_end(outbuf, p);
1789 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1790 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1793 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1794 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1797 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1798 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1799 (unsigned int)sbuf.st_mode ) );
1801 END_PROFILE(SMBctemp);
1805 /*******************************************************************
1806 Check if a user is allowed to rename a file.
1807 ********************************************************************/
1809 static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst)
1814 if (!CAN_WRITE(conn)) {
1815 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1818 fmode = dos_mode(conn,fname,pst);
1819 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1820 return NT_STATUS_NO_SUCH_FILE;
1823 if (S_ISDIR(pst->st_mode)) {
1824 return NT_STATUS_OK;
1827 /* We need a better way to return NT status codes from open... */
1828 set_saved_ntstatus(NT_STATUS_OK);
1830 fsp = open_file_ntcreate(conn, fname, pst,
1832 FILE_SHARE_READ|FILE_SHARE_WRITE,
1835 FILE_ATTRIBUTE_NORMAL,
1840 NTSTATUS ret = get_saved_ntstatus();
1841 if (!NT_STATUS_IS_OK(ret)) {
1842 set_saved_ntstatus(NT_STATUS_OK);
1845 set_saved_ntstatus(NT_STATUS_OK);
1846 return NT_STATUS_ACCESS_DENIED;
1848 close_file(fsp,NORMAL_CLOSE);
1849 return NT_STATUS_OK;
1852 /*******************************************************************
1853 Check if a user is allowed to delete a file.
1854 ********************************************************************/
1856 NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL bad_path, BOOL check_is_at_open)
1858 SMB_STRUCT_STAT sbuf;
1862 DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype ));
1864 if (!CAN_WRITE(conn)) {
1865 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1868 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
1869 if(errno == ENOENT) {
1871 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
1873 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1876 return map_nt_error_from_unix(errno);
1879 fattr = dos_mode(conn,fname,&sbuf);
1881 /* Can't delete a directory. */
1883 return NT_STATUS_FILE_IS_A_DIRECTORY;
1887 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
1888 return NT_STATUS_OBJECT_NAME_INVALID;
1889 #endif /* JRATEST */
1891 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
1893 On a Windows share, a file with read-only dosmode can be opened with
1894 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
1895 fails with NT_STATUS_CANNOT_DELETE error.
1897 This semantic causes a problem that a user can not
1898 rename a file with read-only dosmode on a Samba share
1899 from a Windows command prompt (i.e. cmd.exe, but can rename
1900 from Windows Explorer).
1903 if (!check_is_at_open && !lp_delete_readonly(SNUM(conn))) {
1904 if (fattr & aRONLY) {
1905 return NT_STATUS_CANNOT_DELETE;
1908 if ((fattr & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1909 return NT_STATUS_NO_SUCH_FILE;
1912 if (check_is_at_open) {
1913 if (!can_delete_file_in_directory(conn, fname)) {
1914 return NT_STATUS_ACCESS_DENIED;
1917 /* On open checks the open itself will check the share mode, so
1918 don't do it here as we'll get it wrong. */
1920 /* We need a better way to return NT status codes from open... */
1921 set_saved_ntstatus(NT_STATUS_OK);
1923 fsp = open_file_ntcreate(conn, fname, &sbuf,
1928 FILE_ATTRIBUTE_NORMAL,
1933 NTSTATUS ret = get_saved_ntstatus();
1934 if (!NT_STATUS_IS_OK(ret)) {
1935 set_saved_ntstatus(NT_STATUS_OK);
1938 set_saved_ntstatus(NT_STATUS_OK);
1939 return NT_STATUS_ACCESS_DENIED;
1941 close_file(fsp,NORMAL_CLOSE);
1943 return NT_STATUS_OK;
1946 /****************************************************************************
1947 The guts of the unlink command, split out so it may be called by the NT SMB
1949 ****************************************************************************/
1951 NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, BOOL has_wild)
1957 NTSTATUS error = NT_STATUS_OK;
1958 BOOL bad_path = False;
1960 SMB_STRUCT_STAT sbuf;
1962 *directory = *mask = 0;
1964 rc = unix_convert(name,conn,0,&bad_path,&sbuf);
1966 p = strrchr_m(name,'/');
1968 pstrcpy(directory,".");
1972 pstrcpy(directory,name);
1977 * We should only check the mangled cache
1978 * here if unix_convert failed. This means
1979 * that the path in 'mask' doesn't exist
1980 * on the file system and so we need to look
1981 * for a possible mangle. This patch from
1982 * Tine Smukavec <valentin.smukavec@hermes.si>.
1985 if (!rc && mangle_is_mangled(mask,SNUM(conn)))
1986 mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn));
1989 pstrcat(directory,"/");
1990 pstrcat(directory,mask);
1991 error = can_delete(conn,directory,dirtype,bad_path,False);
1992 if (!NT_STATUS_IS_OK(error))
1995 if (SMB_VFS_UNLINK(conn,directory) == 0) {
1999 struct smb_Dir *dir_hnd = NULL;
2002 if (strequal(mask,"????????.???"))
2005 if (check_name(directory,conn))
2006 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2008 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2009 the pattern matches against the long name, otherwise the short name
2010 We don't implement this yet XXXX
2015 error = NT_STATUS_NO_SUCH_FILE;
2017 while ((dname = ReadDirName(dir_hnd, &offset))) {
2020 BOOL sys_direntry = False;
2021 pstrcpy(fname,dname);
2023 if (!is_visible_file(conn, directory, dname, &st, True)) {
2027 /* Quick check for "." and ".." */
2028 if (fname[0] == '.') {
2029 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2030 if ((dirtype & FILE_ATTRIBUTE_DIRECTORY) && (dirtype & FILE_ATTRIBUTE_SYSTEM)) {
2031 sys_direntry = True;
2038 if(!mask_match(fname, mask, conn->case_sensitive))
2042 error = NT_STATUS_OBJECT_NAME_INVALID;
2043 DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n",
2048 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2049 error = can_delete(conn,fname,dirtype,bad_path,False);
2050 if (!NT_STATUS_IS_OK(error)) {
2053 if (SMB_VFS_UNLINK(conn,fname) == 0)
2055 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname));
2061 if (count == 0 && NT_STATUS_IS_OK(error)) {
2062 error = map_nt_error_from_unix(errno);
2068 /****************************************************************************
2070 ****************************************************************************/
2072 int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
2079 BOOL path_contains_wcard = False;
2081 START_PROFILE(SMBunlink);
2083 dirtype = SVAL(inbuf,smb_vwv0);
2085 srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
2086 if (!NT_STATUS_IS_OK(status)) {
2087 END_PROFILE(SMBunlink);
2088 return ERROR_NT(status);
2091 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
2093 DEBUG(3,("reply_unlink : %s\n",name));
2095 status = unlink_internals(conn, dirtype, name, path_contains_wcard);
2096 if (!NT_STATUS_IS_OK(status)) {
2097 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
2098 /* We have re-scheduled this call. */
2101 return ERROR_NT(status);
2105 * Win2k needs a changenotify request response before it will
2106 * update after a rename..
2108 process_pending_change_notify_queue((time_t)0);
2110 outsize = set_message(outbuf,0,0,True);
2112 END_PROFILE(SMBunlink);
2116 /****************************************************************************
2118 ****************************************************************************/
2120 static void fail_readraw(void)
2123 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2125 exit_server(errstr);
2128 #if defined(WITH_SENDFILE)
2129 /****************************************************************************
2130 Fake (read/write) sendfile. Returns -1 on read or write fail.
2131 ****************************************************************************/
2133 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize)
2137 /* Paranioa check... */
2138 if (nread > bufsize) {
2143 ret = read_file(fsp,buf,startpos,nread);
2149 /* If we had a short read, fill with zeros. */
2151 memset(buf, '\0', nread - ret);
2154 if (write_data(smbd_server_fd(),buf,nread) != nread) {
2158 return (ssize_t)nread;
2162 /****************************************************************************
2163 Use sendfile in readbraw.
2164 ****************************************************************************/
2166 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2167 ssize_t mincount, char *outbuf, int out_buffsize)
2171 #if defined(WITH_SENDFILE)
2173 * We can only use sendfile on a non-chained packet
2174 * but we can use on a non-oplocked file. tridge proved this
2175 * on a train in Germany :-). JRA.
2176 * reply_readbraw has already checked the length.
2179 if ( (chain_size == 0) && (nread > 0) &&
2180 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2183 _smb_setlen(outbuf,nread);
2184 header.data = (uint8 *)outbuf;
2188 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2189 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2190 if (errno == ENOSYS) {
2191 goto normal_readbraw;
2195 * Special hack for broken Linux with no working sendfile. If we
2196 * return EINTR we sent the header but not the rest of the data.
2197 * Fake this up by doing read/write calls.
2199 if (errno == EINTR) {
2200 /* Ensure we don't do this again. */
2201 set_use_sendfile(SNUM(conn), False);
2202 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2204 if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) {
2205 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2206 fsp->fsp_name, strerror(errno) ));
2207 exit_server("send_file_readbraw fake_sendfile failed");
2212 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2213 fsp->fsp_name, strerror(errno) ));
2214 exit_server("send_file_readbraw sendfile failed");
2224 ret = read_file(fsp,outbuf+4,startpos,nread);
2225 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2234 _smb_setlen(outbuf,ret);
2235 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2239 /****************************************************************************
2240 Reply to a readbraw (core+ protocol).
2241 ****************************************************************************/
2243 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2245 ssize_t maxcount,mincount;
2248 char *header = outbuf;
2250 START_PROFILE(SMBreadbraw);
2252 if (srv_is_signing_active()) {
2253 exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2257 * Special check if an oplock break has been issued
2258 * and the readraw request croses on the wire, we must
2259 * return a zero length response here.
2262 fsp = file_fsp(inbuf,smb_vwv0);
2264 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2266 * fsp could be NULL here so use the value from the packet. JRA.
2268 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2269 _smb_setlen(header,0);
2270 if (write_data(smbd_server_fd(),header,4) != 4)
2272 END_PROFILE(SMBreadbraw);
2276 CHECK_FSP(fsp,conn);
2278 flush_write_cache(fsp, READRAW_FLUSH);
2280 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2281 if(CVAL(inbuf,smb_wct) == 10) {
2283 * This is a large offset (64 bit) read.
2285 #ifdef LARGE_SMB_OFF_T
2287 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2289 #else /* !LARGE_SMB_OFF_T */
2292 * Ensure we haven't been sent a >32 bit offset.
2295 if(IVAL(inbuf,smb_vwv8) != 0) {
2296 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2297 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2298 _smb_setlen(header,0);
2299 if (write_data(smbd_server_fd(),header,4) != 4)
2301 END_PROFILE(SMBreadbraw);
2305 #endif /* LARGE_SMB_OFF_T */
2308 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2309 _smb_setlen(header,0);
2310 if (write_data(smbd_server_fd(),header,4) != 4)
2312 END_PROFILE(SMBreadbraw);
2316 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2317 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2319 /* ensure we don't overrun the packet size */
2320 maxcount = MIN(65535,maxcount);
2322 if (!is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2326 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2330 if (startpos >= size) {
2333 nread = MIN(maxcount,(size - startpos));
2337 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2338 if (nread < mincount)
2342 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2343 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2345 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2347 DEBUG(5,("readbraw finished\n"));
2348 END_PROFILE(SMBreadbraw);
2353 #define DBGC_CLASS DBGC_LOCKING
2355 /****************************************************************************
2356 Reply to a lockread (core+ protocol).
2357 ****************************************************************************/
2359 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2367 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2368 BOOL my_lock_ctx = False;
2369 START_PROFILE(SMBlockread);
2371 CHECK_FSP(fsp,conn);
2372 if (!CHECK_READ(fsp,inbuf)) {
2373 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2376 release_level_2_oplocks_on_change(fsp);
2378 numtoread = SVAL(inbuf,smb_vwv1);
2379 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2381 outsize = set_message(outbuf,5,3,True);
2382 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2383 data = smb_buf(outbuf) + 3;
2386 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2387 * protocol request that predates the read/write lock concept.
2388 * Thus instead of asking for a read lock here we need to ask
2389 * for a write lock. JRA.
2390 * Note that the requested lock size is unaffected by max_recv.
2393 status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid),
2394 (SMB_BIG_UINT)numtoread, (SMB_BIG_UINT)startpos, WRITE_LOCK, &my_lock_ctx);
2396 if (NT_STATUS_V(status)) {
2399 * We used to make lockread a blocking lock. It turns out
2400 * that this isn't on W2k. Found by the Samba 4 RAW-READ torture
2404 if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) {
2406 * A blocking lock was requested. Package up
2407 * this smb into a queued request and push it
2408 * onto the blocking lock queue.
2410 if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)startpos,
2411 (SMB_BIG_UINT)numtoread)) {
2412 END_PROFILE(SMBlockread);
2417 END_PROFILE(SMBlockread);
2418 return ERROR_NT(status);
2422 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2425 if (numtoread > max_recv) {
2426 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2427 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2428 (unsigned int)numtoread, (unsigned int)max_recv ));
2429 numtoread = MIN(numtoread,max_recv);
2431 nread = read_file(fsp,data,startpos,numtoread);
2434 END_PROFILE(SMBlockread);
2435 return(UNIXERROR(ERRDOS,ERRnoaccess));
2439 SSVAL(outbuf,smb_vwv0,nread);
2440 SSVAL(outbuf,smb_vwv5,nread+3);
2441 SSVAL(smb_buf(outbuf),1,nread);
2443 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2444 fsp->fnum, (int)numtoread, (int)nread));
2446 END_PROFILE(SMBlockread);
2451 #define DBGC_CLASS DBGC_ALL
2453 /****************************************************************************
2455 ****************************************************************************/
2457 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2464 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2465 START_PROFILE(SMBread);
2467 CHECK_FSP(fsp,conn);
2468 if (!CHECK_READ(fsp,inbuf)) {
2469 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2472 numtoread = SVAL(inbuf,smb_vwv1);
2473 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2475 outsize = set_message(outbuf,5,3,True);
2476 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2478 * The requested read size cannot be greater than max_recv. JRA.
2480 if (numtoread > max_recv) {
2481 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2482 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2483 (unsigned int)numtoread, (unsigned int)max_recv ));
2484 numtoread = MIN(numtoread,max_recv);
2487 data = smb_buf(outbuf) + 3;
2489 if (is_locked(fsp,conn,(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2490 END_PROFILE(SMBread);
2491 return ERROR_DOS(ERRDOS,ERRlock);
2495 nread = read_file(fsp,data,startpos,numtoread);
2498 END_PROFILE(SMBread);
2499 return(UNIXERROR(ERRDOS,ERRnoaccess));
2503 SSVAL(outbuf,smb_vwv0,nread);
2504 SSVAL(outbuf,smb_vwv5,nread+3);
2505 SCVAL(smb_buf(outbuf),0,1);
2506 SSVAL(smb_buf(outbuf),1,nread);
2508 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2509 fsp->fnum, (int)numtoread, (int)nread ) );
2511 END_PROFILE(SMBread);
2515 /****************************************************************************
2516 Reply to a read and X - possibly using sendfile.
2517 ****************************************************************************/
2519 int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf,
2520 files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt)
2524 char *data = smb_buf(outbuf);
2526 #if defined(WITH_SENDFILE)
2528 * We can only use sendfile on a non-chained packet
2529 * but we can use on a non-oplocked file. tridge proved this
2530 * on a train in Germany :-). JRA.
2533 if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) &&
2534 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2535 SMB_STRUCT_STAT sbuf;
2538 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1)
2539 return(UNIXERROR(ERRDOS,ERRnoaccess));
2541 if (startpos > sbuf.st_size)
2544 if (smb_maxcnt > (sbuf.st_size - startpos))
2545 smb_maxcnt = (sbuf.st_size - startpos);
2547 if (smb_maxcnt == 0)
2551 * Set up the packet header before send. We
2552 * assume here the sendfile will work (get the
2553 * correct amount of data).
2556 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2557 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2558 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2559 SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1));
2560 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2561 SCVAL(outbuf,smb_vwv0,0xFF);
2562 set_message(outbuf,12,smb_maxcnt,False);
2563 header.data = (uint8 *)outbuf;
2564 header.length = data - outbuf;
2567 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2568 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2569 if (errno == ENOSYS) {
2574 * Special hack for broken Linux with no working sendfile. If we
2575 * return EINTR we sent the header but not the rest of the data.
2576 * Fake this up by doing read/write calls.
2579 if (errno == EINTR) {
2580 /* Ensure we don't do this again. */
2581 set_use_sendfile(SNUM(conn), False);
2582 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2584 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2585 len_outbuf - (data-outbuf))) == -1) {
2586 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2587 fsp->fsp_name, strerror(errno) ));
2588 exit_server("send_file_readX: fake_sendfile failed");
2590 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2591 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2592 /* Returning -1 here means successful sendfile. */
2596 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2597 fsp->fsp_name, strerror(errno) ));
2598 exit_server("send_file_readX sendfile failed");
2601 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2602 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2603 /* Returning -1 here means successful sendfile. */
2611 nread = read_file(fsp,data,startpos,smb_maxcnt);
2614 END_PROFILE(SMBreadX);
2615 return(UNIXERROR(ERRDOS,ERRnoaccess));
2618 outsize = set_message(outbuf,12,nread,False);
2619 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2620 SSVAL(outbuf,smb_vwv5,nread);
2621 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2622 SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1));
2623 SSVAL(smb_buf(outbuf),-2,nread);
2625 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2626 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2628 /* Returning the number of bytes we want to send back - including header. */
2632 /****************************************************************************
2633 Reply to a read and X.
2634 ****************************************************************************/
2636 int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2638 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2639 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2641 size_t smb_maxcnt = SVAL(inbuf,smb_vwv5);
2643 size_t smb_mincnt = SVAL(inbuf,smb_vwv6);
2646 START_PROFILE(SMBreadX);
2648 /* If it's an IPC, pass off the pipe handler. */
2650 END_PROFILE(SMBreadX);
2651 return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize);
2654 CHECK_FSP(fsp,conn);
2655 if (!CHECK_READ(fsp,inbuf)) {
2656 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2659 set_message(outbuf,12,0,True);
2661 if (global_client_caps & CAP_LARGE_READX) {
2662 if (SVAL(inbuf,smb_vwv7) == 1) {
2663 smb_maxcnt |= (1<<16);
2665 if (smb_maxcnt > BUFFER_SIZE) {
2666 DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n",
2667 (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE));
2668 END_PROFILE(SMBreadX);
2669 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
2673 if(CVAL(inbuf,smb_wct) == 12) {
2674 #ifdef LARGE_SMB_OFF_T
2676 * This is a large offset (64 bit) read.
2678 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32);
2680 #else /* !LARGE_SMB_OFF_T */
2683 * Ensure we haven't been sent a >32 bit offset.
2686 if(IVAL(inbuf,smb_vwv10) != 0) {
2687 DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \
2688 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) ));
2689 END_PROFILE(SMBreadX);
2690 return ERROR_DOS(ERRDOS,ERRbadaccess);
2693 #endif /* LARGE_SMB_OFF_T */
2697 if (is_locked(fsp,conn,(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2698 END_PROFILE(SMBreadX);
2699 return ERROR_DOS(ERRDOS,ERRlock);
2702 if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) {
2703 END_PROFILE(SMBreadX);
2707 nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt);
2709 nread = chain_reply(inbuf,outbuf,length,bufsize);
2711 END_PROFILE(SMBreadX);
2715 /****************************************************************************
2716 Reply to a writebraw (core+ or LANMAN1.0 protocol).
2717 ****************************************************************************/
2719 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2722 ssize_t total_written=0;
2723 size_t numtowrite=0;
2728 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2730 START_PROFILE(SMBwritebraw);
2732 if (srv_is_signing_active()) {
2733 exit_server("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
2736 CHECK_FSP(fsp,conn);
2737 if (!CHECK_WRITE(fsp)) {
2738 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2741 tcount = IVAL(inbuf,smb_vwv1);
2742 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2743 write_through = BITSETW(inbuf+smb_vwv7,0);
2745 /* We have to deal with slightly different formats depending
2746 on whether we are using the core+ or lanman1.0 protocol */
2748 if(Protocol <= PROTOCOL_COREPLUS) {
2749 numtowrite = SVAL(smb_buf(inbuf),-2);
2750 data = smb_buf(inbuf);
2752 numtowrite = SVAL(inbuf,smb_vwv10);
2753 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
2756 /* force the error type */
2757 SCVAL(inbuf,smb_com,SMBwritec);
2758 SCVAL(outbuf,smb_com,SMBwritec);
2760 if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2761 END_PROFILE(SMBwritebraw);
2762 return(ERROR_DOS(ERRDOS,ERRlock));
2766 nwritten = write_file(fsp,data,startpos,numtowrite);
2768 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
2769 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
2771 if (nwritten < (ssize_t)numtowrite) {
2772 END_PROFILE(SMBwritebraw);
2773 return(UNIXERROR(ERRHRD,ERRdiskfull));
2776 total_written = nwritten;
2778 /* Return a message to the redirector to tell it to send more bytes */
2779 SCVAL(outbuf,smb_com,SMBwritebraw);
2780 SSVALS(outbuf,smb_vwv0,-1);
2781 outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
2783 if (!send_smb(smbd_server_fd(),outbuf))
2784 exit_server("reply_writebraw: send_smb failed.");
2786 /* Now read the raw data into the buffer and write it */
2787 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
2788 exit_server("secondary writebraw failed");
2791 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
2792 numtowrite = smb_len(inbuf);
2794 /* Set up outbuf to return the correct return */
2795 outsize = set_message(outbuf,1,0,True);
2796 SCVAL(outbuf,smb_com,SMBwritec);
2798 if (numtowrite != 0) {
2800 if (numtowrite > BUFFER_SIZE) {
2801 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
2802 (unsigned int)numtowrite ));
2803 exit_server("secondary writebraw failed");
2806 if (tcount > nwritten+numtowrite) {
2807 DEBUG(3,("Client overestimated the write %d %d %d\n",
2808 (int)tcount,(int)nwritten,(int)numtowrite));
2811 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
2812 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
2814 exit_server("secondary writebraw failed");
2817 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
2819 if (nwritten < (ssize_t)numtowrite) {
2820 SCVAL(outbuf,smb_rcls,ERRHRD);
2821 SSVAL(outbuf,smb_err,ERRdiskfull);
2825 total_written += nwritten;
2828 SSVAL(outbuf,smb_vwv0,total_written);
2830 sync_file(conn, fsp, write_through);
2832 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
2833 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
2835 /* we won't return a status if write through is not selected - this follows what WfWg does */
2836 END_PROFILE(SMBwritebraw);
2837 if (!write_through && total_written==tcount) {
2839 #if RABBIT_PELLET_FIX
2841 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
2842 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
2844 if (!send_keepalive(smbd_server_fd()))
2845 exit_server("reply_writebraw: send of keepalive failed");
2854 #define DBGC_CLASS DBGC_LOCKING
2856 /****************************************************************************
2857 Reply to a writeunlock (core+).
2858 ****************************************************************************/
2860 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
2861 int size, int dum_buffsize)
2863 ssize_t nwritten = -1;
2867 NTSTATUS status = NT_STATUS_OK;
2868 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2870 START_PROFILE(SMBwriteunlock);
2872 CHECK_FSP(fsp,conn);
2873 if (!CHECK_WRITE(fsp)) {
2874 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2877 numtowrite = SVAL(inbuf,smb_vwv1);
2878 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2879 data = smb_buf(inbuf) + 3;
2881 if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2882 END_PROFILE(SMBwriteunlock);
2883 return ERROR_DOS(ERRDOS,ERRlock);
2886 /* The special X/Open SMB protocol handling of
2887 zero length writes is *NOT* done for
2889 if(numtowrite == 0) {
2892 nwritten = write_file(fsp,data,startpos,numtowrite);
2895 sync_file(conn, fsp, False /* write through */);
2897 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2898 END_PROFILE(SMBwriteunlock);
2899 return(UNIXERROR(ERRHRD,ERRdiskfull));
2903 status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), (SMB_BIG_UINT)numtowrite,
2904 (SMB_BIG_UINT)startpos);
2905 if (NT_STATUS_V(status)) {
2906 END_PROFILE(SMBwriteunlock);
2907 return ERROR_NT(status);
2911 outsize = set_message(outbuf,1,0,True);
2913 SSVAL(outbuf,smb_vwv0,nwritten);
2915 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
2916 fsp->fnum, (int)numtowrite, (int)nwritten));
2918 END_PROFILE(SMBwriteunlock);
2923 #define DBGC_CLASS DBGC_ALL
2925 /****************************************************************************
2927 ****************************************************************************/
2929 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
2932 ssize_t nwritten = -1;
2935 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2937 START_PROFILE(SMBwrite);
2939 /* If it's an IPC, pass off the pipe handler. */
2941 END_PROFILE(SMBwrite);
2942 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
2945 CHECK_FSP(fsp,conn);
2946 if (!CHECK_WRITE(fsp)) {
2947 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2950 numtowrite = SVAL(inbuf,smb_vwv1);
2951 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2952 data = smb_buf(inbuf) + 3;
2954 if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2955 END_PROFILE(SMBwrite);
2956 return ERROR_DOS(ERRDOS,ERRlock);
2960 * X/Open SMB protocol says that if smb_vwv1 is
2961 * zero then the file size should be extended or
2962 * truncated to the size given in smb_vwv[2-3].
2965 if(numtowrite == 0) {
2967 * This is actually an allocate call, and set EOF. JRA.
2969 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
2971 END_PROFILE(SMBwrite);
2972 return ERROR_NT(NT_STATUS_DISK_FULL);
2974 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
2976 END_PROFILE(SMBwrite);
2977 return ERROR_NT(NT_STATUS_DISK_FULL);
2980 nwritten = write_file(fsp,data,startpos,numtowrite);
2982 sync_file(conn, fsp, False);
2984 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2985 END_PROFILE(SMBwrite);
2986 return(UNIXERROR(ERRHRD,ERRdiskfull));
2989 outsize = set_message(outbuf,1,0,True);
2991 SSVAL(outbuf,smb_vwv0,nwritten);
2993 if (nwritten < (ssize_t)numtowrite) {
2994 SCVAL(outbuf,smb_rcls,ERRHRD);
2995 SSVAL(outbuf,smb_err,ERRdiskfull);
2998 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3000 END_PROFILE(SMBwrite);
3004 /****************************************************************************
3005 Reply to a write and X.
3006 ****************************************************************************/
3008 int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
3010 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
3011 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3012 size_t numtowrite = SVAL(inbuf,smb_vwv10);
3013 BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
3014 ssize_t nwritten = -1;
3015 unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
3016 unsigned int smblen = smb_len(inbuf);
3018 BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
3019 START_PROFILE(SMBwriteX);
3021 /* If it's an IPC, pass off the pipe handler. */
3023 END_PROFILE(SMBwriteX);
3024 return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
3027 CHECK_FSP(fsp,conn);
3028 if (!CHECK_WRITE(fsp)) {
3029 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3032 set_message(outbuf,6,0,True);
3034 /* Deal with possible LARGE_WRITEX */
3036 numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
3039 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3040 END_PROFILE(SMBwriteX);
3041 return ERROR_DOS(ERRDOS,ERRbadmem);
3044 data = smb_base(inbuf) + smb_doff;
3046 if(CVAL(inbuf,smb_wct) == 14) {
3047 #ifdef LARGE_SMB_OFF_T
3049 * This is a large offset (64 bit) write.
3051 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32);
3053 #else /* !LARGE_SMB_OFF_T */
3056 * Ensure we haven't been sent a >32 bit offset.
3059 if(IVAL(inbuf,smb_vwv12) != 0) {
3060 DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \
3061 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) ));
3062 END_PROFILE(SMBwriteX);
3063 return ERROR_DOS(ERRDOS,ERRbadaccess);
3066 #endif /* LARGE_SMB_OFF_T */
3069 if (is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3070 END_PROFILE(SMBwriteX);
3071 return ERROR_DOS(ERRDOS,ERRlock);
3074 /* X/Open SMB protocol says that, unlike SMBwrite
3075 if the length is zero then NO truncation is
3076 done, just a write of zero. To truncate a file,
3079 if(numtowrite == 0) {
3083 if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize,
3084 fsp,data,startpos,numtowrite)) {
3085 END_PROFILE(SMBwriteX);
3089 nwritten = write_file(fsp,data,startpos,numtowrite);
3092 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3093 END_PROFILE(SMBwriteX);
3094 return(UNIXERROR(ERRHRD,ERRdiskfull));
3097 SSVAL(outbuf,smb_vwv2,nwritten);
3099 SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
3101 if (nwritten < (ssize_t)numtowrite) {
3102 SCVAL(outbuf,smb_rcls,ERRHRD);
3103 SSVAL(outbuf,smb_err,ERRdiskfull);
3106 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3107 fsp->fnum, (int)numtowrite, (int)nwritten));
3109 sync_file(conn, fsp, write_through);
3111 END_PROFILE(SMBwriteX);
3112 return chain_reply(inbuf,outbuf,length,bufsize);
3115 /****************************************************************************
3117 ****************************************************************************/
3119 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3125 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3126 START_PROFILE(SMBlseek);
3128 CHECK_FSP(fsp,conn);
3130 flush_write_cache(fsp, SEEK_FLUSH);
3132 mode = SVAL(inbuf,smb_vwv1) & 3;
3133 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3134 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3143 res = fsp->fh->pos + startpos;
3154 if (umode == SEEK_END) {
3155 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3156 if(errno == EINVAL) {
3157 SMB_OFF_T current_pos = startpos;
3158 SMB_STRUCT_STAT sbuf;
3160 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3161 END_PROFILE(SMBlseek);
3162 return(UNIXERROR(ERRDOS,ERRnoaccess));
3165 current_pos += sbuf.st_size;
3167 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3172 END_PROFILE(SMBlseek);
3173 return(UNIXERROR(ERRDOS,ERRnoaccess));
3179 outsize = set_message(outbuf,2,0,True);
3180 SIVAL(outbuf,smb_vwv0,res);
3182 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3183 fsp->fnum, (double)startpos, (double)res, mode));
3185 END_PROFILE(SMBlseek);
3189 /****************************************************************************
3191 ****************************************************************************/
3193 int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3195 int outsize = set_message(outbuf,0,0,True);
3196 uint16 fnum = SVAL(inbuf,smb_vwv0);
3197 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3198 START_PROFILE(SMBflush);
3201 CHECK_FSP(fsp,conn);
3204 file_sync_all(conn);
3206 sync_file(conn,fsp, True);
3209 DEBUG(3,("flush\n"));
3210 END_PROFILE(SMBflush);
3214 /****************************************************************************
3216 ****************************************************************************/
3218 int reply_exit(connection_struct *conn,
3219 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3222 START_PROFILE(SMBexit);
3224 file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid));
3226 outsize = set_message(outbuf,0,0,True);
3228 DEBUG(3,("exit\n"));
3230 END_PROFILE(SMBexit);
3234 /****************************************************************************
3235 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3236 ****************************************************************************/
3238 int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
3243 int32 eclass = 0, err = 0;
3244 files_struct *fsp = NULL;
3245 START_PROFILE(SMBclose);
3247 outsize = set_message(outbuf,0,0,True);
3249 /* If it's an IPC, pass off to the pipe handler. */
3251 END_PROFILE(SMBclose);
3252 return reply_pipe_close(conn, inbuf,outbuf);
3255 fsp = file_fsp(inbuf,smb_vwv0);
3258 * We can only use CHECK_FSP if we know it's not a directory.
3261 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3262 END_PROFILE(SMBclose);
3263 return ERROR_DOS(ERRDOS,ERRbadfid);
3266 if(fsp->is_directory) {
3268 * Special case - close NT SMB directory handle.
3270 DEBUG(3,("close %s fnum=%d\n", fsp->is_directory ? "directory" : "stat file open", fsp->fnum));
3271 close_file(fsp,NORMAL_CLOSE);
3274 * Close ordinary file.
3279 /* Save the name for time set in close. */
3280 pstrcpy( file_name, fsp->fsp_name);
3282 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3283 fsp->fh->fd, fsp->fnum,
3284 conn->num_files_open));
3287 * Take care of any time sent in the close.
3290 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
3291 fsp_set_pending_modtime(fsp, mtime);
3294 * close_file() returns the unix errno if an error
3295 * was detected on close - normally this is due to
3296 * a disk full error. If not then it was probably an I/O error.
3299 if((close_err = close_file(fsp,NORMAL_CLOSE)) != 0) {
3301 END_PROFILE(SMBclose);
3302 return (UNIXERROR(ERRHRD,ERRgeneral));
3306 /* We have a cached error */
3308 END_PROFILE(SMBclose);
3309 return ERROR_DOS(eclass,err);
3312 END_PROFILE(SMBclose);
3316 /****************************************************************************
3317 Reply to a writeclose (Core+ protocol).
3318 ****************************************************************************/
3320 int reply_writeclose(connection_struct *conn,
3321 char *inbuf,char *outbuf, int size, int dum_buffsize)
3324 ssize_t nwritten = -1;
3330 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3331 START_PROFILE(SMBwriteclose);
3333 CHECK_FSP(fsp,conn);
3334 if (!CHECK_WRITE(fsp)) {
3335 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3338 numtowrite = SVAL(inbuf,smb_vwv1);
3339 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3340 mtime = srv_make_unix_date3(inbuf+smb_vwv4);
3341 data = smb_buf(inbuf) + 1;
3343 if (numtowrite && is_locked(fsp,conn,(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3344 END_PROFILE(SMBwriteclose);
3345 return ERROR_DOS(ERRDOS,ERRlock);
3348 nwritten = write_file(fsp,data,startpos,numtowrite);
3350 set_filetime(conn, fsp->fsp_name,mtime);
3353 * More insanity. W2K only closes the file if writelen > 0.
3358 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3360 close_err = close_file(fsp,NORMAL_CLOSE);
3363 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3364 fsp->fnum, (int)numtowrite, (int)nwritten,
3365 conn->num_files_open));
3367 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3368 END_PROFILE(SMBwriteclose);
3369 return(UNIXERROR(ERRHRD,ERRdiskfull));
3372 if(close_err != 0) {
3374 END_PROFILE(SMBwriteclose);
3375 return(UNIXERROR(ERRHRD,ERRgeneral));
3378 outsize = set_message(outbuf,1,0,True);
3380 SSVAL(outbuf,smb_vwv0,nwritten);
3381 END_PROFILE(SMBwriteclose);
3386 #define DBGC_CLASS DBGC_LOCKING
3388 /****************************************************************************
3390 ****************************************************************************/
3392 int reply_lock(connection_struct *conn,
3393 char *inbuf,char *outbuf, int length, int dum_buffsize)
3395 int outsize = set_message(outbuf,0,0,True);
3396 SMB_BIG_UINT count,offset;
3398 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3399 BOOL my_lock_ctx = False;
3401 START_PROFILE(SMBlock);
3403 CHECK_FSP(fsp,conn);
3405 release_level_2_oplocks_on_change(fsp);
3407 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3408 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3410 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3411 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3413 status = do_lock_spin(fsp, conn, SVAL(inbuf,smb_pid), count, offset, WRITE_LOCK, &my_lock_ctx);
3414 if (NT_STATUS_V(status)) {
3416 /* Tests using Samba4 against W2K show this call never creates a blocking lock. */
3417 if (lp_blocking_locks(SNUM(conn)) && !my_lock_ctx && ERROR_WAS_LOCK_DENIED(status)) {
3419 * A blocking lock was requested. Package up
3420 * this smb into a queued request and push it
3421 * onto the blocking lock queue.
3423 if(push_blocking_lock_request(inbuf, length, -1, 0, SVAL(inbuf,smb_pid), offset, count)) {
3424 END_PROFILE(SMBlock);
3429 END_PROFILE(SMBlock);
3430 return ERROR_NT(status);
3433 END_PROFILE(SMBlock);
3437 /****************************************************************************
3439 ****************************************************************************/
3441 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3444 int outsize = set_message(outbuf,0,0,True);
3445 SMB_BIG_UINT count,offset;
3447 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3448 START_PROFILE(SMBunlock);
3450 CHECK_FSP(fsp,conn);
3452 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3453 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3455 status = do_unlock(fsp, conn, SVAL(inbuf,smb_pid), count, offset);
3456 if (NT_STATUS_V(status)) {
3457 END_PROFILE(SMBunlock);
3458 return ERROR_NT(status);
3461 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3462 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3464 END_PROFILE(SMBunlock);
3469 #define DBGC_CLASS DBGC_ALL
3471 /****************************************************************************
3473 ****************************************************************************/
3475 int reply_tdis(connection_struct *conn,
3476 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3478 int outsize = set_message(outbuf,0,0,True);
3480 START_PROFILE(SMBtdis);
3482 vuid = SVAL(inbuf,smb_uid);
3485 DEBUG(4,("Invalid connection in tdis\n"));
3486 END_PROFILE(SMBtdis);
3487 return ERROR_DOS(ERRSRV,ERRinvnid);
3492 close_cnum(conn,vuid);
3494 END_PROFILE(SMBtdis);
3498 /****************************************************************************
3500 ****************************************************************************/
3502 int reply_echo(connection_struct *conn,
3503 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3505 int smb_reverb = SVAL(inbuf,smb_vwv0);
3507 unsigned int data_len = smb_buflen(inbuf);
3508 int outsize = set_message(outbuf,1,data_len,True);
3509 START_PROFILE(SMBecho);
3511 if (data_len > BUFFER_SIZE) {
3512 DEBUG(0,("reply_echo: data_len too large.\n"));
3513 END_PROFILE(SMBecho);
3517 /* copy any incoming data back out */
3519 memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len);
3521 if (smb_reverb > 100) {
3522 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3526 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3527 SSVAL(outbuf,smb_vwv0,seq_num);
3529 smb_setlen(outbuf,outsize - 4);
3532 if (!send_smb(smbd_server_fd(),outbuf))
3533 exit_server("reply_echo: send_smb failed.");
3536 DEBUG(3,("echo %d times\n", smb_reverb));
3540 END_PROFILE(SMBecho);
3544 /****************************************************************************
3545 Reply to a printopen.
3546 ****************************************************************************/
3548 int reply_printopen(connection_struct *conn,
3549 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3553 START_PROFILE(SMBsplopen);
3555 if (!CAN_PRINT(conn)) {
3556 END_PROFILE(SMBsplopen);
3557 return ERROR_DOS(ERRDOS,ERRnoaccess);
3560 /* Open for exclusive use, write only. */
3561 fsp = print_fsp_open(conn, NULL);
3564 END_PROFILE(SMBsplopen);
3565 return(UNIXERROR(ERRDOS,ERRnoaccess));
3568 outsize = set_message(outbuf,1,0,True);
3569 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3571 DEBUG(3,("openprint fd=%d fnum=%d\n",
3572 fsp->fh->fd, fsp->fnum));
3574 END_PROFILE(SMBsplopen);
3578 /****************************************************************************
3579 Reply to a printclose.
3580 ****************************************************************************/
3582 int reply_printclose(connection_struct *conn,
3583 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3585 int outsize = set_message(outbuf,0,0,True);
3586 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3588 START_PROFILE(SMBsplclose);
3590 CHECK_FSP(fsp,conn);
3592 if (!CAN_PRINT(conn)) {
3593 END_PROFILE(SMBsplclose);
3594 return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
3597 DEBUG(3,("printclose fd=%d fnum=%d\n",
3598 fsp->fh->fd,fsp->fnum));
3600 close_err = close_file(fsp,NORMAL_CLOSE);
3602 if(close_err != 0) {
3604 END_PROFILE(SMBsplclose);
3605 return(UNIXERROR(ERRHRD,ERRgeneral));
3608 END_PROFILE(SMBsplclose);
3612 /****************************************************************************
3613 Reply to a printqueue.
3614 ****************************************************************************/
3616 int reply_printqueue(connection_struct *conn,
3617 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3619 int outsize = set_message(outbuf,2,3,True);
3620 int max_count = SVAL(inbuf,smb_vwv0);
3621 int start_index = SVAL(inbuf,smb_vwv1);
3622 START_PROFILE(SMBsplretq);
3624 /* we used to allow the client to get the cnum wrong, but that
3625 is really quite gross and only worked when there was only
3626 one printer - I think we should now only accept it if they
3627 get it right (tridge) */
3628 if (!CAN_PRINT(conn)) {
3629 END_PROFILE(SMBsplretq);
3630 return ERROR_DOS(ERRDOS,ERRnoaccess);
3633 SSVAL(outbuf,smb_vwv0,0);
3634 SSVAL(outbuf,smb_vwv1,0);
3635 SCVAL(smb_buf(outbuf),0,1);
3636 SSVAL(smb_buf(outbuf),1,0);
3638 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
3639 start_index, max_count));
3642 print_queue_struct *queue = NULL;
3643 print_status_struct status;
3644 char *p = smb_buf(outbuf) + 3;
3645 int count = print_queue_status(SNUM(conn), &queue, &status);
3646 int num_to_get = ABS(max_count);
3647 int first = (max_count>0?start_index:start_index+max_count+1);
3653 num_to_get = MIN(num_to_get,count-first);
3656 for (i=first;i<first+num_to_get;i++) {
3657 srv_put_dos_date2(p,0,queue[i].time);
3658 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
3659 SSVAL(p,5, queue[i].job);
3660 SIVAL(p,7,queue[i].size);
3662 srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII);
3667 outsize = set_message(outbuf,2,28*count+3,False);
3668 SSVAL(outbuf,smb_vwv0,count);
3669 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
3670 SCVAL(smb_buf(outbuf),0,1);
3671 SSVAL(smb_buf(outbuf),1,28*count);
3676 DEBUG(3,("%d entries returned in queue\n",count));
3679 END_PROFILE(SMBsplretq);
3683 /****************************************************************************
3684 Reply to a printwrite.
3685 ****************************************************************************/
3687 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3690 int outsize = set_message(outbuf,0,0,True);
3692 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3694 START_PROFILE(SMBsplwr);
3696 if (!CAN_PRINT(conn)) {
3697 END_PROFILE(SMBsplwr);
3698 return ERROR_DOS(ERRDOS,ERRnoaccess);
3701 CHECK_FSP(fsp,conn);
3702 if (!CHECK_WRITE(fsp)) {
3703 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3706 numtowrite = SVAL(smb_buf(inbuf),1);
3707 data = smb_buf(inbuf) + 3;
3709 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
3710 END_PROFILE(SMBsplwr);
3711 return(UNIXERROR(ERRHRD,ERRdiskfull));
3714 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
3716 END_PROFILE(SMBsplwr);
3720 /****************************************************************************
3721 The guts of the mkdir command, split out so it may be called by the NT SMB
3723 ****************************************************************************/
3725 NTSTATUS mkdir_internal(connection_struct *conn, const pstring directory, BOOL bad_path)
3729 if(!CAN_WRITE(conn)) {
3730 DEBUG(5,("mkdir_internal: failing create on read-only share %s\n", lp_servicename(SNUM(conn))));
3732 return map_nt_error_from_unix(errno);
3736 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3739 if (!check_name(directory, conn)) {
3740 if(errno == ENOENT) {
3742 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3744 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
3747 return map_nt_error_from_unix(errno);
3750 ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory,True));
3752 if(errno == ENOENT) {
3753 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
3755 return map_nt_error_from_unix(errno);
3758 return NT_STATUS_OK;
3761 /****************************************************************************
3763 ****************************************************************************/
3765 int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3770 BOOL bad_path = False;
3771 SMB_STRUCT_STAT sbuf;
3773 START_PROFILE(SMBmkdir);
3775 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3776 if (!NT_STATUS_IS_OK(status)) {
3777 END_PROFILE(SMBmkdir);
3778 return ERROR_NT(status);
3781 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf);
3783 unix_convert(directory,conn,0,&bad_path,&sbuf);
3785 if( is_ntfs_stream_name(directory)) {
3786 DEBUG(5,("reply_mkdir: failing create on filename %s with colon in name\n", directory));
3787 END_PROFILE(SMBmkdir);
3788 return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY);
3791 status = mkdir_internal(conn, directory,bad_path);
3792 if (!NT_STATUS_IS_OK(status)) {
3793 END_PROFILE(SMBmkdir);
3794 return ERROR_NT(status);
3797 if (lp_inherit_owner(SNUM(conn))) {
3798 /* Ensure we're checking for a symlink here.... */
3799 /* We don't want to get caught by a symlink racer. */
3801 if(SMB_VFS_LSTAT(conn,directory, &sbuf) != 0) {
3802 END_PROFILE(SMBmkdir);
3803 return(UNIXERROR(ERRDOS,ERRnoaccess));
3806 if(!S_ISDIR(sbuf.st_mode)) {
3807 DEBUG(0,("reply_mkdir: %s is not a directory !\n", directory ));
3808 END_PROFILE(SMBmkdir);
3809 return(UNIXERROR(ERRDOS,ERRnoaccess));
3812 change_owner_to_parent(conn, NULL, directory, &sbuf);
3815 outsize = set_message(outbuf,0,0,True);
3817 DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) );
3819 END_PROFILE(SMBmkdir);
3823 /****************************************************************************
3824 Static function used by reply_rmdir to delete an entire directory
3825 tree recursively. Return False on ok, True on fail.
3826 ****************************************************************************/
3828 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
3830 const char *dname = NULL;
3833 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3838 while((dname = ReadDirName(dir_hnd, &offset))) {
3842 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3845 if (!is_visible_file(conn, directory, dname, &st, False))
3848 /* Construct the full name. */
3849 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3855 pstrcpy(fullname, directory);
3856 pstrcat(fullname, "/");
3857 pstrcat(fullname, dname);
3859 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
3864 if(st.st_mode & S_IFDIR) {
3865 if(recursive_rmdir(conn, fullname)!=0) {
3869 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
3873 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
3882 /****************************************************************************
3883 The internals of the rmdir code - called elsewhere.
3884 ****************************************************************************/
3886 BOOL rmdir_internals(connection_struct *conn, char *directory)
3891 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3892 if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
3894 * Check to see if the only thing in this directory are
3895 * vetoed files/directories. If so then delete them and
3896 * retry. If we fail to delete any of them (and we *don't*
3897 * do a recursive delete) then fail the rmdir.
3899 BOOL all_veto_files = True;
3901 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3903 if(dir_hnd != NULL) {
3905 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3906 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3908 if (!is_visible_file(conn, directory, dname, &st, False))
3910 if(!IS_VETO_PATH(conn, dname)) {
3911 all_veto_files = False;
3916 if(all_veto_files) {
3917 RewindDir(dir_hnd,&dirpos);
3918 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3921 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3923 if (!is_visible_file(conn, directory, dname, &st, False))
3926 /* Construct the full name. */
3927 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3932 pstrcpy(fullname, directory);
3933 pstrcat(fullname, "/");
3934 pstrcat(fullname, dname);
3936 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
3938 if(st.st_mode & S_IFDIR) {
3939 if(lp_recursive_veto_delete(SNUM(conn))) {
3940 if(recursive_rmdir(conn, fullname) != 0)
3943 if(SMB_VFS_RMDIR(conn,fullname) != 0)
3945 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
3949 /* Retry the rmdir */
3950 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3960 DEBUG(3,("rmdir_internals: couldn't remove directory %s : %s\n", directory,strerror(errno)));
3965 /****************************************************************************
3967 ****************************************************************************/
3969 int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3974 BOOL bad_path = False;
3975 SMB_STRUCT_STAT sbuf;
3977 START_PROFILE(SMBrmdir);
3979 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3980 if (!NT_STATUS_IS_OK(status)) {
3981 END_PROFILE(SMBrmdir);
3982 return ERROR_NT(status);
3985 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf)
3987 unix_convert(directory,conn, NULL,&bad_path,&sbuf);
3989 END_PROFILE(SMBrmdir);
3990 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
3993 if (check_name(directory,conn)) {
3994 dptr_closepath(directory,SVAL(inbuf,smb_pid));
3995 ok = rmdir_internals(conn, directory);
3999 END_PROFILE(SMBrmdir);
4000 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRbadpath);
4003 outsize = set_message(outbuf,0,0,True);
4005 DEBUG( 3, ( "rmdir %s\n", directory ) );
4007 END_PROFILE(SMBrmdir);
4011 /*******************************************************************
4012 Resolve wildcards in a filename rename.
4013 Note that name is in UNIX charset and thus potentially can be more
4014 than fstring buffer (255 bytes) especially in default UTF-8 case.
4015 Therefore, we use pstring inside and all calls should ensure that
4016 name2 is at least pstring-long (they do already)
4017 ********************************************************************/
4019 static BOOL resolve_wildcards(const char *name1, char *name2)
4021 pstring root1,root2;
4023 char *p,*p2, *pname1, *pname2;
4024 int available_space, actual_space;
4027 pname1 = strrchr_m(name1,'/');
4028 pname2 = strrchr_m(name2,'/');
4030 if (!pname1 || !pname2)
4033 pstrcpy(root1,pname1);
4034 pstrcpy(root2,pname2);
4035 p = strrchr_m(root1,'.');
4042 p = strrchr_m(root2,'.');
4056 } else if (*p2 == '*') {
4072 } else if (*p2 == '*') {
4082 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4085 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4086 if (actual_space >= available_space - 1) {
4087 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4088 actual_space - available_space));
4091 pstrcpy_base(pname2, root2, name2);
4097 /****************************************************************************
4098 Ensure open files have their names updated. Updated to notify other smbd's
4100 ****************************************************************************/
4102 static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck,
4103 SMB_DEV_T dev, SMB_INO_T inode, const char *newname)
4106 BOOL did_rename = False;
4108 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
4109 /* fsp_name is a relative path under the fsp. To change this for other
4110 sharepaths we need to manipulate relative paths. */
4111 /* TODO - create the absolute path and manipulate the newname
4112 relative to the sharepath. */
4113 if (fsp->conn != conn) {
4116 DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n",
4117 fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode,
4118 fsp->fsp_name, newname ));
4119 string_set(&fsp->fsp_name, newname);
4124 DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n",
4125 (unsigned int)dev, (double)inode, newname ));
4128 /* Send messages to all smbd's (not ourself) that the name has changed. */
4129 rename_share_filename(lck, conn->connectpath, newname);
4132 /****************************************************************************
4133 We need to check if the source path is a parent directory of the destination
4134 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4135 refuse the rename with a sharing violation. Under UNIX the above call can
4136 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4137 probably need to check that the client is a Windows one before disallowing
4138 this as a UNIX client (one with UNIX extensions) can know the source is a
4139 symlink and make this decision intelligently. Found by an excellent bug
4140 report from <AndyLiebman@aol.com>.
4141 ****************************************************************************/
4143 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4145 const char *psrc = src;
4146 const char *pdst = dest;
4149 if (psrc[0] == '.' && psrc[1] == '/') {
4152 if (pdst[0] == '.' && pdst[1] == '/') {
4155 if ((slen = strlen(psrc)) > strlen(pdst)) {
4158 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4161 /****************************************************************************
4162 Rename an open file - given an fsp.
4163 ****************************************************************************/
4165 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists)
4167 SMB_STRUCT_STAT sbuf;
4168 BOOL bad_path = False;
4169 pstring newname_last_component;
4170 NTSTATUS error = NT_STATUS_OK;
4173 struct share_mode_lock *lck = NULL;
4176 rcdest = unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf);
4178 /* Quick check for "." and ".." */
4179 if (!bad_path && newname_last_component[0] == '.') {
4180 if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) {
4181 return NT_STATUS_ACCESS_DENIED;
4184 if (!rcdest && bad_path) {
4185 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4188 /* Ensure newname contains a '/' */
4189 if(strrchr_m(newname,'/') == 0) {
4192 pstrcpy(tmpstr, "./");
4193 pstrcat(tmpstr, newname);
4194 pstrcpy(newname, tmpstr);
4198 * Check for special case with case preserving and not
4199 * case sensitive. If the old last component differs from the original
4200 * last component only by case, then we should allow
4201 * the rename (user is trying to change the case of the
4205 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4206 strequal(newname, fsp->fsp_name)) {
4208 pstring newname_modified_last_component;
4211 * Get the last component of the modified name.
4212 * Note that we guarantee that newname contains a '/'
4215 p = strrchr_m(newname,'/');
4216 pstrcpy(newname_modified_last_component,p+1);
4218 if(strcsequal(newname_modified_last_component,
4219 newname_last_component) == False) {
4221 * Replace the modified last component with
4224 pstrcpy(p+1, newname_last_component);
4229 * If the src and dest names are identical - including case,
4230 * don't do the rename, just return success.
4233 if (strcsequal(fsp->fsp_name, newname)) {
4234 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4236 return NT_STATUS_OK;
4239 dest_exists = vfs_object_exist(conn,newname,NULL);
4241 if(!replace_if_exists && dest_exists) {
4242 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4243 fsp->fsp_name,newname));
4244 return NT_STATUS_OBJECT_NAME_COLLISION;
4247 error = can_rename(conn,newname,attrs,&sbuf);
4249 if (dest_exists && !NT_STATUS_IS_OK(error)) {
4250 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4251 nt_errstr(error), fsp->fsp_name,newname));
4252 if (NT_STATUS_EQUAL(error,NT_STATUS_SHARING_VIOLATION))
4253 error = NT_STATUS_ACCESS_DENIED;
4257 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4258 return NT_STATUS_ACCESS_DENIED;
4261 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL);
4263 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4264 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4265 fsp->fsp_name,newname));
4266 rename_open_files(conn, lck, fsp->dev, fsp->inode, newname);
4268 return NT_STATUS_OK;
4273 if (errno == ENOTDIR || errno == EISDIR) {
4274 error = NT_STATUS_OBJECT_NAME_COLLISION;
4276 error = map_nt_error_from_unix(errno);
4279 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4280 nt_errstr(error), fsp->fsp_name,newname));
4285 /****************************************************************************
4286 The guts of the rename command, split out so it may be called by the NT SMB
4288 ****************************************************************************/
4290 NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild)
4294 pstring last_component_src;
4295 pstring last_component_dest;
4297 BOOL bad_path_src = False;
4298 BOOL bad_path_dest = False;
4300 NTSTATUS error = NT_STATUS_OK;
4303 SMB_STRUCT_STAT sbuf1, sbuf2;
4304 struct share_mode_lock *lck = NULL;
4306 *directory = *mask = 0;
4311 rc = unix_convert(name,conn,last_component_src,&bad_path_src,&sbuf1);
4312 if (!rc && bad_path_src) {
4313 if (ms_has_wild(last_component_src))
4314 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4315 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4318 /* Quick check for "." and ".." */
4319 if (last_component_src[0] == '.') {
4320 if (!last_component_src[1] || (last_component_src[1] == '.' && !last_component_src[2])) {
4321 return NT_STATUS_OBJECT_NAME_INVALID;
4325 rcdest = unix_convert(newname,conn,last_component_dest,&bad_path_dest,&sbuf2);
4327 /* Quick check for "." and ".." */
4328 if (last_component_dest[0] == '.') {
4329 if (!last_component_dest[1] || (last_component_dest[1] == '.' && !last_component_dest[2])) {
4330 return NT_STATUS_OBJECT_NAME_INVALID;
4335 * Split the old name into directory and last component
4336 * strings. Note that unix_convert may have stripped off a
4337 * leading ./ from both name and newname if the rename is
4338 * at the root of the share. We need to make sure either both
4339 * name and newname contain a / character or neither of them do
4340 * as this is checked in resolve_wildcards().
4343 p = strrchr_m(name,'/');
4345 pstrcpy(directory,".");
4349 pstrcpy(directory,name);
4351 *p = '/'; /* Replace needed for exceptional test below. */
4355 * We should only check the mangled cache
4356 * here if unix_convert failed. This means
4357 * that the path in 'mask' doesn't exist
4358 * on the file system and so we need to look
4359 * for a possible mangle. This patch from
4360 * Tine Smukavec <valentin.smukavec@hermes.si>.
4363 if (!rc && mangle_is_mangled(mask,SNUM(conn)))
4364 mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn));
4368 * No wildcards - just process the one file.
4370 BOOL is_short_name = mangle_is_8_3(name, True, SNUM(conn));
4372 /* Add a terminating '/' to the directory name. */
4373 pstrcat(directory,"/");
4374 pstrcat(directory,mask);
4376 /* Ensure newname contains a '/' also */
4377 if(strrchr_m(newname,'/') == 0) {
4380 pstrcpy(tmpstr, "./");
4381 pstrcat(tmpstr, newname);
4382 pstrcpy(newname, tmpstr);
4385 DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \
4386 directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n",
4387 conn->case_sensitive, conn->case_preserve, conn->short_case_preserve, directory,
4388 newname, last_component_dest, is_short_name));
4391 * Check for special case with case preserving and not
4392 * case sensitive, if directory and newname are identical,
4393 * and the old last component differs from the original
4394 * last component only by case, then we should allow
4395 * the rename (user is trying to change the case of the
4398 if((conn->case_sensitive == False) &&
4399 (((conn->case_preserve == True) &&
4400 (is_short_name == False)) ||
4401 ((conn->short_case_preserve == True) &&
4402 (is_short_name == True))) &&
4403 strcsequal(directory, newname)) {
4404 pstring modified_last_component;
4407 * Get the last component of the modified name.
4408 * Note that we guarantee that newname contains a '/'
4411 p = strrchr_m(newname,'/');
4412 pstrcpy(modified_last_component,p+1);
4414 if(strcsequal(modified_last_component,
4415 last_component_dest) == False) {
4417 * Replace the modified last component with
4420 pstrcpy(p+1, last_component_dest);
4424 resolve_wildcards(directory,newname);
4427 * The source object must exist.
4430 if (!vfs_object_exist(conn, directory, &sbuf1)) {
4431 DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n",
4432 directory,newname));
4434 if (errno == ENOTDIR || errno == EISDIR || errno == ENOENT) {
4436 * Must return different errors depending on whether the parent
4437 * directory existed or not.
4440 p = strrchr_m(directory, '/');
4442 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4444 if (vfs_object_exist(conn, directory, NULL))
4445 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4446 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4448 error = map_nt_error_from_unix(errno);
4449 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4450 nt_errstr(error), directory,newname));
4455 if (!rcdest && bad_path_dest) {
4456 if (ms_has_wild(last_component_dest))
4457 return NT_STATUS_OBJECT_NAME_INVALID;
4458 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4461 error = can_rename(conn,directory,attrs,&sbuf1);
4463 if (!NT_STATUS_IS_OK(error)) {
4464 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4465 nt_errstr(error), directory,newname));
4470 * If the src and dest names are identical - including case,
4471 * don't do the rename, just return success.
4474 if (strcsequal(directory, newname)) {
4475 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4476 DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory));
4477 return NT_STATUS_OK;
4480 if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) {
4481 DEBUG(3,("rename_internals: dest exists doing rename %s -> %s\n",
4482 directory,newname));
4483 return NT_STATUS_OBJECT_NAME_COLLISION;
4486 if (rename_path_prefix_equal(directory, newname)) {
4487 return NT_STATUS_SHARING_VIOLATION;
4490 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4492 if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
4493 DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n",
4494 directory,newname));
4495 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4497 return NT_STATUS_OK;
4501 if (errno == ENOTDIR || errno == EISDIR)
4502 error = NT_STATUS_OBJECT_NAME_COLLISION;
4504 error = map_nt_error_from_unix(errno);
4506 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4507 nt_errstr(error), directory,newname));
4512 * Wildcards - process each file that matches.
4514 struct smb_Dir *dir_hnd = NULL;
4518 if (strequal(mask,"????????.???"))
4521 if (check_name(directory,conn))
4522 dir_hnd = OpenDir(conn, directory, mask, attrs);
4526 error = NT_STATUS_NO_SUCH_FILE;
4527 /* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */
4529 while ((dname = ReadDirName(dir_hnd, &offset))) {
4531 BOOL sysdir_entry = False;
4533 pstrcpy(fname,dname);
4535 /* Quick check for "." and ".." */
4536 if (fname[0] == '.') {
4537 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4539 sysdir_entry = True;
4546 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4549 if(!mask_match(fname, mask, conn->case_sensitive))
4553 error = NT_STATUS_OBJECT_NAME_INVALID;
4557 error = NT_STATUS_ACCESS_DENIED;
4558 slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname);
4559 if (!vfs_object_exist(conn, fname, &sbuf1)) {
4560 error = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4561 DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error)));
4564 error = can_rename(conn,fname,attrs,&sbuf1);
4565 if (!NT_STATUS_IS_OK(error)) {
4566 DEBUG(6,("rename %s refused\n", fname));
4569 pstrcpy(destname,newname);
4571 if (!resolve_wildcards(fname,destname)) {
4572 DEBUG(6,("resolve_wildcards %s %s failed\n",
4577 if (strcsequal(fname,destname)) {
4578 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4579 DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname));
4581 error = NT_STATUS_OK;
4585 if (!replace_if_exists &&
4586 vfs_file_exist(conn,destname, NULL)) {
4587 DEBUG(6,("file_exist %s\n", destname));
4588 error = NT_STATUS_OBJECT_NAME_COLLISION;
4592 if (rename_path_prefix_equal(fname, destname)) {
4593 return NT_STATUS_SHARING_VIOLATION;
4596 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4598 if (!SMB_VFS_RENAME(conn,fname,destname)) {
4599 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4601 error = NT_STATUS_OK;
4604 DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname));
4609 if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) {
4610 if (!rcdest && bad_path_dest) {
4611 if (ms_has_wild(last_component_dest))
4612 return NT_STATUS_OBJECT_NAME_INVALID;
4613 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4618 if (count == 0 && NT_STATUS_IS_OK(error)) {
4619 error = map_nt_error_from_unix(errno);
4625 /****************************************************************************
4627 ****************************************************************************/
4629 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
4636 uint32 attrs = SVAL(inbuf,smb_vwv0);
4638 BOOL path_contains_wcard = False;
4640 START_PROFILE(SMBmv);
4642 p = smb_buf(inbuf) + 1;
4643 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
4644 if (!NT_STATUS_IS_OK(status)) {
4646 return ERROR_NT(status);
4649 p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status);
4650 if (!NT_STATUS_IS_OK(status)) {
4652 return ERROR_NT(status);
4655 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4656 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4658 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
4660 status = rename_internals(conn, name, newname, attrs, False, path_contains_wcard);
4661 if (!NT_STATUS_IS_OK(status)) {
4663 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
4664 /* We have re-scheduled this call. */
4667 return ERROR_NT(status);
4671 * Win2k needs a changenotify request response before it will
4672 * update after a rename..
4674 process_pending_change_notify_queue((time_t)0);
4675 outsize = set_message(outbuf,0,0,True);
4681 /*******************************************************************
4682 Copy a file as part of a reply_copy.
4683 ******************************************************************/
4685 BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun,
4686 int count,BOOL target_is_directory, int *err_ret)
4688 SMB_STRUCT_STAT src_sbuf, sbuf2;
4690 files_struct *fsp1,*fsp2;
4693 uint32 new_create_disposition;
4697 pstrcpy(dest,dest1);
4698 if (target_is_directory) {
4699 char *p = strrchr_m(src,'/');
4709 if (!vfs_file_exist(conn,src,&src_sbuf)) {
4713 if (!target_is_directory && count) {
4714 new_create_disposition = FILE_OPEN;
4716 if (!map_open_params_to_ntcreate(dest1,0,ofun,
4717 NULL, NULL, &new_create_disposition, NULL)) {
4722 fsp1 = open_file_ntcreate(conn,src,&src_sbuf,
4724 FILE_SHARE_READ|FILE_SHARE_WRITE,
4727 FILE_ATTRIBUTE_NORMAL,
4735 dosattrs = dos_mode(conn, src, &src_sbuf);
4736 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
4737 ZERO_STRUCTP(&sbuf2);
4740 fsp2 = open_file_ntcreate(conn,dest,&sbuf2,
4742 FILE_SHARE_READ|FILE_SHARE_WRITE,
4743 new_create_disposition,
4750 close_file(fsp1,ERROR_CLOSE);
4754 if ((ofun&3) == 1) {
4755 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
4756 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
4758 * Stop the copy from occurring.
4761 src_sbuf.st_size = 0;
4765 if (src_sbuf.st_size) {
4766 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
4769 close_file(fsp1,NORMAL_CLOSE);
4771 /* Ensure the modtime is set correctly on the destination file. */
4772 fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime);
4775 * As we are opening fsp1 read-only we only expect
4776 * an error on close on fsp2 if we are out of space.
4777 * Thus we don't look at the error return from the
4780 *err_ret = close_file(fsp2,NORMAL_CLOSE);
4782 return(ret == (SMB_OFF_T)src_sbuf.st_size);
4785 /****************************************************************************
4786 Reply to a file copy.
4787 ****************************************************************************/
4789 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4794 pstring mask,newname;
4797 int error = ERRnoaccess;
4801 int tid2 = SVAL(inbuf,smb_vwv0);
4802 int ofun = SVAL(inbuf,smb_vwv1);
4803 int flags = SVAL(inbuf,smb_vwv2);
4804 BOOL target_is_directory=False;
4805 BOOL bad_path1 = False;
4806 BOOL bad_path2 = False;
4807 BOOL path_contains_wcard1 = False;
4808 BOOL path_contains_wcard2 = False;
4810 SMB_STRUCT_STAT sbuf1, sbuf2;
4812 START_PROFILE(SMBcopy);
4814 *directory = *mask = 0;
4817 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard1);
4818 if (!NT_STATUS_IS_OK(status)) {
4819 END_PROFILE(SMBcopy);
4820 return ERROR_NT(status);
4822 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path_contains_wcard2);
4823 if (!NT_STATUS_IS_OK(status)) {
4824 END_PROFILE(SMBcopy);
4825 return ERROR_NT(status);
4828 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
4830 if (tid2 != conn->cnum) {
4831 /* can't currently handle inter share copies XXXX */
4832 DEBUG(3,("Rejecting inter-share copy\n"));
4833 END_PROFILE(SMBcopy);
4834 return ERROR_DOS(ERRSRV,ERRinvdevice);
4837 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4838 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4840 rc = unix_convert(name,conn,0,&bad_path1,&sbuf1);
4841 unix_convert(newname,conn,0,&bad_path2,&sbuf2);
4843 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
4845 if ((flags&1) && target_is_directory) {
4846 END_PROFILE(SMBcopy);
4847 return ERROR_DOS(ERRDOS,ERRbadfile);
4850 if ((flags&2) && !target_is_directory) {
4851 END_PROFILE(SMBcopy);
4852 return ERROR_DOS(ERRDOS,ERRbadpath);
4855 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
4856 /* wants a tree copy! XXXX */
4857 DEBUG(3,("Rejecting tree copy\n"));
4858 END_PROFILE(SMBcopy);
4859 return ERROR_DOS(ERRSRV,ERRerror);
4862 p = strrchr_m(name,'/');
4864 pstrcpy(directory,"./");
4868 pstrcpy(directory,name);
4873 * We should only check the mangled cache
4874 * here if unix_convert failed. This means
4875 * that the path in 'mask' doesn't exist
4876 * on the file system and so we need to look
4877 * for a possible mangle. This patch from
4878 * Tine Smukavec <valentin.smukavec@hermes.si>.
4881 if (!rc && mangle_is_mangled(mask, SNUM(conn)))
4882 mangle_check_cache( mask, sizeof(pstring)-1, SNUM(conn));
4884 has_wild = path_contains_wcard1;
4887 pstrcat(directory,"/");
4888 pstrcat(directory,mask);
4889 if (resolve_wildcards(directory,newname) &&
4890 copy_file(directory,newname,conn,ofun, count,target_is_directory,&err))
4894 END_PROFILE(SMBcopy);
4895 return(UNIXERROR(ERRHRD,ERRgeneral));
4898 exists = vfs_file_exist(conn,directory,NULL);
4901 struct smb_Dir *dir_hnd = NULL;
4905 if (strequal(mask,"????????.???"))
4908 if (check_name(directory,conn))
4909 dir_hnd = OpenDir(conn, directory, mask, 0);
4915 while ((dname = ReadDirName(dir_hnd, &offset))) {
4917 pstrcpy(fname,dname);
4919 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4922 if(!mask_match(fname, mask, conn->case_sensitive))
4925 error = ERRnoaccess;
4926 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
4927 pstrcpy(destname,newname);
4928 if (resolve_wildcards(fname,destname) &&
4929 copy_file(fname,destname,conn,ofun,
4930 count,target_is_directory,&err))
4932 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname));
4940 /* Error on close... */
4942 END_PROFILE(SMBcopy);
4943 return(UNIXERROR(ERRHRD,ERRgeneral));
4947 END_PROFILE(SMBcopy);
4948 return ERROR_DOS(ERRDOS,error);
4950 if((errno == ENOENT) && (bad_path1 || bad_path2)) {
4951 set_saved_error_triple(ERRDOS, ERRbadpath, NT_STATUS_OK);
4953 END_PROFILE(SMBcopy);
4954 return(UNIXERROR(ERRDOS,error));
4958 outsize = set_message(outbuf,1,0,True);
4959 SSVAL(outbuf,smb_vwv0,count);
4961 END_PROFILE(SMBcopy);
4965 /****************************************************************************
4967 ****************************************************************************/
4969 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4977 START_PROFILE(pathworks_setdir);
4980 if (!CAN_SETDIR(snum)) {
4981 END_PROFILE(pathworks_setdir);
4982 return ERROR_DOS(ERRDOS,ERRnoaccess);
4985 srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status);
4986 if (!NT_STATUS_IS_OK(status)) {
4987 END_PROFILE(pathworks_setdir);
4988 return ERROR_NT(status);
4991 RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf);
4993 if (strlen(newdir) == 0) {
4996 ok = vfs_directory_exist(conn,newdir,NULL);
4998 set_conn_connectpath(conn,newdir);
5002 END_PROFILE(pathworks_setdir);
5003 return ERROR_DOS(ERRDOS,ERRbadpath);
5006 outsize = set_message(outbuf,0,0,True);
5007 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5009 DEBUG(3,("setdir %s\n", newdir));
5011 END_PROFILE(pathworks_setdir);
5016 #define DBGC_CLASS DBGC_LOCKING
5018 /****************************************************************************
5019 Get a lock pid, dealing with large count requests.
5020 ****************************************************************************/
5022 uint16 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5024 if(!large_file_format)
5025 return SVAL(data,SMB_LPID_OFFSET(data_offset));
5027 return SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5030 /****************************************************************************
5031 Get a lock count, dealing with large count requests.
5032 ****************************************************************************/
5034 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5036 SMB_BIG_UINT count = 0;
5038 if(!large_file_format) {
5039 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5042 #if defined(HAVE_LONGLONG)
5043 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5044 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5045 #else /* HAVE_LONGLONG */
5048 * NT4.x seems to be broken in that it sends large file (64 bit)
5049 * lockingX calls even if the CAP_LARGE_FILES was *not*
5050 * negotiated. For boxes without large unsigned ints truncate the
5051 * lock count by dropping the top 32 bits.
5054 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5055 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5056 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5057 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5058 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5061 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5062 #endif /* HAVE_LONGLONG */
5068 #if !defined(HAVE_LONGLONG)
5069 /****************************************************************************
5070 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5071 ****************************************************************************/
5073 static uint32 map_lock_offset(uint32 high, uint32 low)
5077 uint32 highcopy = high;
5080 * Try and find out how many significant bits there are in high.
5083 for(i = 0; highcopy; i++)
5087 * We use 31 bits not 32 here as POSIX
5088 * lock offsets may not be negative.
5091 mask = (~0) << (31 - i);
5094 return 0; /* Fail. */
5100 #endif /* !defined(HAVE_LONGLONG) */
5102 /****************************************************************************
5103 Get a lock offset, dealing with large offset requests.
5104 ****************************************************************************/
5106 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5108 SMB_BIG_UINT offset = 0;
5112 if(!large_file_format) {
5113 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5116 #if defined(HAVE_LONGLONG)
5117 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5118 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5119 #else /* HAVE_LONGLONG */
5122 * NT4.x seems to be broken in that it sends large file (64 bit)
5123 * lockingX calls even if the CAP_LARGE_FILES was *not*
5124 * negotiated. For boxes without large unsigned ints mangle the
5125 * lock offset by mapping the top 32 bits onto the lower 32.
5128 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5129 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5130 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5133 if((new_low = map_lock_offset(high, low)) == 0) {
5135 return (SMB_BIG_UINT)-1;
5138 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5139 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5140 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5141 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5144 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5145 #endif /* HAVE_LONGLONG */
5151 /****************************************************************************
5152 Reply to a lockingX request.
5153 ****************************************************************************/
5155 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
5156 int length, int bufsize)
5158 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
5159 unsigned char locktype = CVAL(inbuf,smb_vwv3);
5160 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
5161 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
5162 uint16 num_locks = SVAL(inbuf,smb_vwv7);
5163 SMB_BIG_UINT count = 0, offset = 0;
5165 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
5168 BOOL large_file_format =
5169 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5171 BOOL my_lock_ctx = False;
5172 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5174 START_PROFILE(SMBlockingX);
5176 CHECK_FSP(fsp,conn);
5178 data = smb_buf(inbuf);
5180 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5181 /* we don't support these - and CANCEL_LOCK makes w2k
5182 and XP reboot so I don't really want to be
5183 compatible! (tridge) */
5184 return ERROR_DOS(ERRDOS, ERRnoatomiclocks);
5187 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5188 /* Need to make this like a cancel.... JRA. */
5189 return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
5192 /* Check if this is an oplock break on a file
5193 we have granted an oplock on.
5195 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5196 /* Client can insist on breaking to none. */
5197 BOOL break_to_none = (oplocklevel == 0);
5200 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5201 "for fnum = %d\n", (unsigned int)oplocklevel,
5205 * Make sure we have granted an exclusive or batch oplock on
5209 if (fsp->oplock_type == 0) {
5210 DEBUG(0,("reply_lockingX: Error : oplock break from "
5211 "client for fnum = %d (oplock=%d) and no "
5212 "oplock granted on this file (%s).\n",
5213 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5215 /* if this is a pure oplock break request then don't
5217 if (num_locks == 0 && num_ulocks == 0) {
5218 END_PROFILE(SMBlockingX);
5221 END_PROFILE(SMBlockingX);
5222 return ERROR_DOS(ERRDOS,ERRlock);
5226 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5228 result = remove_oplock(fsp);
5230 result = downgrade_oplock(fsp);
5234 DEBUG(0, ("reply_lockingX: error in removing "
5235 "oplock on file %s\n", fsp->fsp_name));
5236 /* Hmmm. Is this panic justified? */
5237 smb_panic("internal tdb error");
5240 reply_to_oplock_break_requests(fsp);
5242 /* if this is a pure oplock break request then don't send a
5244 if (num_locks == 0 && num_ulocks == 0) {
5245 /* Sanity check - ensure a pure oplock break is not a
5247 if(CVAL(inbuf,smb_vwv0) != 0xff)
5248 DEBUG(0,("reply_lockingX: Error : pure oplock "
5249 "break is a chained %d request !\n",
5250 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5251 END_PROFILE(SMBlockingX);
5257 * We do this check *after* we have checked this is not a oplock break
5258 * response message. JRA.
5261 release_level_2_oplocks_on_change(fsp);
5263 /* Data now points at the beginning of the list
5264 of smb_unlkrng structs */
5265 for(i = 0; i < (int)num_ulocks; i++) {
5266 lock_pid = get_lock_pid( data, i, large_file_format);
5267 count = get_lock_count( data, i, large_file_format);
5268 offset = get_lock_offset( data, i, large_file_format, &err);
5271 * There is no error code marked "stupid client bug".... :-).
5274 END_PROFILE(SMBlockingX);
5275 return ERROR_DOS(ERRDOS,ERRnoaccess);
5278 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5279 "pid %u, file %s\n", (double)offset, (double)count,
5280 (unsigned int)lock_pid, fsp->fsp_name ));
5282 status = do_unlock(fsp,conn,lock_pid,count,offset);
5283 if (NT_STATUS_V(status)) {
5284 END_PROFILE(SMBlockingX);
5285 return ERROR_NT(status);
5289 /* Setup the timeout in seconds. */
5291 lock_timeout = ((lock_timeout == -1) ? -1 : (lock_timeout+999)/1000);
5293 /* Now do any requested locks */
5294 data += ((large_file_format ? 20 : 10)*num_ulocks);
5296 /* Data now points at the beginning of the list
5297 of smb_lkrng structs */
5299 for(i = 0; i < (int)num_locks; i++) {
5300 lock_pid = get_lock_pid( data, i, large_file_format);
5301 count = get_lock_count( data, i, large_file_format);
5302 offset = get_lock_offset( data, i, large_file_format, &err);
5305 * There is no error code marked "stupid client bug".... :-).
5308 END_PROFILE(SMBlockingX);
5309 return ERROR_DOS(ERRDOS,ERRnoaccess);
5312 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5313 "%u, file %s timeout = %d\n", (double)offset,
5314 (double)count, (unsigned int)lock_pid,
5315 fsp->fsp_name, (int)lock_timeout ));
5317 status = do_lock_spin(fsp,conn,lock_pid, count,offset,
5318 ((locktype & 1) ? READ_LOCK:WRITE_LOCK),
5320 if (NT_STATUS_V(status)) {
5322 * Interesting fact found by IFSTEST /t
5323 * LockOverlappedTest... Even if it's our own lock
5324 * context, we need to wait here as there may be an
5325 * unlock on the way. So I removed a "&&
5326 * !my_lock_ctx" from the following if statement. JRA.
5328 if ((lock_timeout != 0) &&
5329 lp_blocking_locks(SNUM(conn)) &&
5330 ERROR_WAS_LOCK_DENIED(status)) {
5332 * A blocking lock was requested. Package up
5333 * this smb into a queued request and push it
5334 * onto the blocking lock queue.
5336 if(push_blocking_lock_request(inbuf, length,
5340 END_PROFILE(SMBlockingX);
5348 /* If any of the above locks failed, then we must unlock
5349 all of the previous locks (X/Open spec). */
5350 if (i != num_locks && num_locks != 0) {
5352 * Ensure we don't do a remove on the lock that just failed,
5353 * as under POSIX rules, if we have a lock already there, we
5354 * will delete it (and we shouldn't) .....
5356 for(i--; i >= 0; i--) {
5357 lock_pid = get_lock_pid( data, i, large_file_format);
5358 count = get_lock_count( data, i, large_file_format);
5359 offset = get_lock_offset( data, i, large_file_format,
5363 * There is no error code marked "stupid client
5367 END_PROFILE(SMBlockingX);
5368 return ERROR_DOS(ERRDOS,ERRnoaccess);
5371 do_unlock(fsp,conn,lock_pid,count,offset);
5373 END_PROFILE(SMBlockingX);
5374 return ERROR_NT(status);
5377 set_message(outbuf,2,0,True);
5379 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5380 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5382 END_PROFILE(SMBlockingX);
5383 return chain_reply(inbuf,outbuf,length,bufsize);
5387 #define DBGC_CLASS DBGC_ALL
5389 /****************************************************************************
5390 Reply to a SMBreadbmpx (read block multiplex) request.
5391 ****************************************************************************/
5393 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
5404 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5405 START_PROFILE(SMBreadBmpx);
5407 /* this function doesn't seem to work - disable by default */
5408 if (!lp_readbmpx()) {
5409 END_PROFILE(SMBreadBmpx);
5410 return ERROR_DOS(ERRSRV,ERRuseSTD);
5413 outsize = set_message(outbuf,8,0,True);
5415 CHECK_FSP(fsp,conn);
5416 if (!CHECK_READ(fsp,inbuf)) {
5417 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5420 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
5421 maxcount = SVAL(inbuf,smb_vwv3);
5423 data = smb_buf(outbuf);
5424 pad = ((long)data)%4;
5429 max_per_packet = bufsize-(outsize+pad);
5433 if (is_locked(fsp,conn,(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
5434 END_PROFILE(SMBreadBmpx);
5435 return ERROR_DOS(ERRDOS,ERRlock);
5439 size_t N = MIN(max_per_packet,tcount-total_read);
5441 nread = read_file(fsp,data,startpos,N);
5446 if (nread < (ssize_t)N)
5447 tcount = total_read + nread;
5449 set_message(outbuf,8,nread+pad,False);
5450 SIVAL(outbuf,smb_vwv0,startpos);
5451 SSVAL(outbuf,smb_vwv2,tcount);
5452 SSVAL(outbuf,smb_vwv6,nread);
5453 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
5456 if (!send_smb(smbd_server_fd(),outbuf))
5457 exit_server("reply_readbmpx: send_smb failed.");
5459 total_read += nread;
5461 } while (total_read < (ssize_t)tcount);
5463 END_PROFILE(SMBreadBmpx);
5467 /****************************************************************************
5468 Reply to a SMBsetattrE.
5469 ****************************************************************************/
5471 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5473 struct utimbuf unix_times;
5475 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5476 START_PROFILE(SMBsetattrE);
5478 outsize = set_message(outbuf,0,0,True);
5480 if(!fsp || (fsp->conn != conn)) {
5481 END_PROFILE(SMBsetattrE);
5482 return ERROR_DOS(ERRDOS,ERRbadfid);
5486 * Convert the DOS times into unix times. Ignore create
5487 * time as UNIX can't set this.
5490 unix_times.actime = srv_make_unix_date2(inbuf+smb_vwv3);
5491 unix_times.modtime = srv_make_unix_date2(inbuf+smb_vwv5);
5494 * Patch from Ray Frush <frush@engr.colostate.edu>
5495 * Sometimes times are sent as zero - ignore them.
5498 if (null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5499 /* Ignore request */
5500 if( DEBUGLVL( 3 ) ) {
5501 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
5502 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
5504 END_PROFILE(SMBsetattrE);
5506 } else if (!null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5507 /* set modify time = to access time if modify time was unset */
5508 unix_times.modtime = unix_times.actime;
5511 /* Set the date on this file */
5512 /* Should we set pending modtime here ? JRA */
5513 if(file_utime(conn, fsp->fsp_name, &unix_times)) {
5514 END_PROFILE(SMBsetattrE);
5515 return ERROR_DOS(ERRDOS,ERRnoaccess);
5518 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n",
5519 fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) );
5521 END_PROFILE(SMBsetattrE);
5526 /* Back from the dead for OS/2..... JRA. */
5528 /****************************************************************************
5529 Reply to a SMBwritebmpx (write block multiplex primary) request.
5530 ****************************************************************************/
5532 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5535 ssize_t nwritten = -1;
5542 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5543 START_PROFILE(SMBwriteBmpx);
5545 CHECK_FSP(fsp,conn);
5546 if (!CHECK_WRITE(fsp)) {
5547 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5549 if (HAS_CACHED_ERROR(fsp)) {
5550 return(CACHED_ERROR(fsp));
5553 tcount = SVAL(inbuf,smb_vwv1);
5554 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
5555 write_through = BITSETW(inbuf+smb_vwv7,0);
5556 numtowrite = SVAL(inbuf,smb_vwv10);
5557 smb_doff = SVAL(inbuf,smb_vwv11);
5559 data = smb_base(inbuf) + smb_doff;
5561 /* If this fails we need to send an SMBwriteC response,
5562 not an SMBwritebmpx - set this up now so we don't forget */
5563 SCVAL(outbuf,smb_com,SMBwritec);
5565 if (is_locked(fsp,conn,(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
5566 END_PROFILE(SMBwriteBmpx);
5567 return(ERROR_DOS(ERRDOS,ERRlock));
5570 nwritten = write_file(fsp,data,startpos,numtowrite);
5572 sync_file(conn, fsp, write_through);
5574 if(nwritten < (ssize_t)numtowrite) {
5575 END_PROFILE(SMBwriteBmpx);
5576 return(UNIXERROR(ERRHRD,ERRdiskfull));
5579 /* If the maximum to be written to this file
5580 is greater than what we just wrote then set
5581 up a secondary struct to be attached to this
5582 fd, we will use this to cache error messages etc. */
5584 if((ssize_t)tcount > nwritten) {
5585 write_bmpx_struct *wbms;
5586 if(fsp->wbmpx_ptr != NULL)
5587 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
5589 wbms = SMB_MALLOC_P(write_bmpx_struct);
5591 DEBUG(0,("Out of memory in reply_readmpx\n"));
5592 END_PROFILE(SMBwriteBmpx);
5593 return(ERROR_DOS(ERRSRV,ERRnoresource));
5595 wbms->wr_mode = write_through;
5596 wbms->wr_discard = False; /* No errors yet */
5597 wbms->wr_total_written = nwritten;
5598 wbms->wr_errclass = 0;
5600 fsp->wbmpx_ptr = wbms;
5603 /* We are returning successfully, set the message type back to
5605 SCVAL(outbuf,smb_com,SMBwriteBmpx);
5607 outsize = set_message(outbuf,1,0,True);
5609 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
5611 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
5612 fsp->fnum, (int)numtowrite, (int)nwritten ) );
5614 if (write_through && tcount==nwritten) {
5615 /* We need to send both a primary and a secondary response */
5616 smb_setlen(outbuf,outsize - 4);
5618 if (!send_smb(smbd_server_fd(),outbuf))
5619 exit_server("reply_writebmpx: send_smb failed.");
5621 /* Now the secondary */
5622 outsize = set_message(outbuf,1,0,True);
5623 SCVAL(outbuf,smb_com,SMBwritec);
5624 SSVAL(outbuf,smb_vwv0,nwritten);
5627 END_PROFILE(SMBwriteBmpx);
5631 /****************************************************************************
5632 Reply to a SMBwritebs (write block multiplex secondary) request.
5633 ****************************************************************************/
5635 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5638 ssize_t nwritten = -1;
5645 write_bmpx_struct *wbms;
5646 BOOL send_response = False;
5647 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5648 START_PROFILE(SMBwriteBs);
5650 CHECK_FSP(fsp,conn);
5651 if (!CHECK_WRITE(fsp)) {
5652 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5655 tcount = SVAL(inbuf,smb_vwv1);
5656 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
5657 numtowrite = SVAL(inbuf,smb_vwv6);
5658 smb_doff = SVAL(inbuf,smb_vwv7);
5660 data = smb_base(inbuf) + smb_doff;
5662 /* We need to send an SMBwriteC response, not an SMBwritebs */
5663 SCVAL(outbuf,smb_com,SMBwritec);
5665 /* This fd should have an auxiliary struct attached,
5666 check that it does */
5667 wbms = fsp->wbmpx_ptr;
5669 END_PROFILE(SMBwriteBs);
5673 /* If write through is set we can return errors, else we must cache them */
5674 write_through = wbms->wr_mode;
5676 /* Check for an earlier error */
5677 if(wbms->wr_discard) {
5678 END_PROFILE(SMBwriteBs);
5679 return -1; /* Just discard the packet */
5682 nwritten = write_file(fsp,data,startpos,numtowrite);
5684 sync_file(conn, fsp, write_through);
5686 if (nwritten < (ssize_t)numtowrite) {
5688 /* We are returning an error - we can delete the aux struct */
5691 fsp->wbmpx_ptr = NULL;
5692 END_PROFILE(SMBwriteBs);
5693 return(ERROR_DOS(ERRHRD,ERRdiskfull));
5695 wbms->wr_errclass = ERRHRD;
5696 wbms->wr_error = ERRdiskfull;
5697 wbms->wr_status = NT_STATUS_DISK_FULL;
5698 wbms->wr_discard = True;
5699 END_PROFILE(SMBwriteBs);
5703 /* Increment the total written, if this matches tcount
5704 we can discard the auxiliary struct (hurrah !) and return a writeC */
5705 wbms->wr_total_written += nwritten;
5706 if(wbms->wr_total_written >= tcount) {
5707 if (write_through) {
5708 outsize = set_message(outbuf,1,0,True);
5709 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
5710 send_response = True;
5714 fsp->wbmpx_ptr = NULL;
5718 END_PROFILE(SMBwriteBs);
5722 END_PROFILE(SMBwriteBs);
5726 /****************************************************************************
5727 Reply to a SMBgetattrE.
5728 ****************************************************************************/
5730 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5732 SMB_STRUCT_STAT sbuf;
5735 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5736 START_PROFILE(SMBgetattrE);
5738 outsize = set_message(outbuf,11,0,True);
5740 if(!fsp || (fsp->conn != conn)) {
5741 END_PROFILE(SMBgetattrE);
5742 return ERROR_DOS(ERRDOS,ERRbadfid);
5745 /* Do an fstat on this file */
5746 if(fsp_stat(fsp, &sbuf)) {
5747 END_PROFILE(SMBgetattrE);
5748 return(UNIXERROR(ERRDOS,ERRnoaccess));
5751 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
5754 * Convert the times into dos times. Set create
5755 * date to be last modify date as UNIX doesn't save
5759 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
5760 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
5761 /* Should we check pending modtime here ? JRA */
5762 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
5765 SIVAL(outbuf,smb_vwv6,0);
5766 SIVAL(outbuf,smb_vwv8,0);
5768 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
5769 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
5770 SIVAL(outbuf,smb_vwv8,allocation_size);
5772 SSVAL(outbuf,smb_vwv10, mode);
5774 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
5776 END_PROFILE(SMBgetattrE);
git.samba.org / sfrench / samba-autobuild / .git / blob