2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2004.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
33 unsigned int smb_echo_count = 0;
34 extern uint32 global_client_caps;
36 extern struct current_user current_user;
37 extern BOOL global_encrypted_passwords_negotiated;
39 /****************************************************************************
40 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 NTSTATUS check_path_syntax(pstring destname, const pstring srcname)
49 const char *s = srcname;
50 NTSTATUS ret = NT_STATUS_OK;
51 BOOL start_of_name_component = True;
52 unsigned int num_bad_components = 0;
55 if (IS_DIRECTORY_SEP(*s)) {
57 * Safe to assume is not the second part of a mb char as this is handled below.
59 /* Eat multiple '/' or '\\' */
60 while (IS_DIRECTORY_SEP(*s)) {
63 if ((d != destname) && (*s != '\0')) {
64 /* We only care about non-leading or trailing '/' or '\\' */
68 start_of_name_component = True;
72 if (start_of_name_component) {
73 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
74 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
77 * No mb char starts with '.' so we're safe checking the directory separator here.
80 /* If we just added a '/' - delete it */
81 if ((d > destname) && (*(d-1) == '/')) {
86 /* Are we at the start ? Can't go back further if so. */
88 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
91 /* Go back one level... */
92 /* We know this is safe as '/' cannot be part of a mb sequence. */
93 /* NOTE - if this assumption is invalid we are not in good shape... */
94 /* Decrement d first as d points to the *next* char to write into. */
95 for (d--; d > destname; d--) {
99 s += 2; /* Else go past the .. */
100 /* We're still at the start of a name component, just the previous one. */
102 if (num_bad_components) {
103 /* Hmmm. Should we only decrement the bad_components if
104 we're removing a bad component ? Need to check this. JRA. */
105 num_bad_components--;
110 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
111 /* Component of pathname can't be "." only. */
112 ret = NT_STATUS_OBJECT_NAME_INVALID;
113 num_bad_components++;
121 return NT_STATUS_OBJECT_NAME_INVALID;
129 return NT_STATUS_OBJECT_NAME_INVALID;
136 /* Get the size of the next MB character. */
137 next_codepoint(s,&siz);
155 DEBUG(0,("check_path_syntax: character length assumptions invalid !\n"));
157 return NT_STATUS_INVALID_PARAMETER;
160 if (start_of_name_component && num_bad_components) {
161 num_bad_components++;
163 start_of_name_component = False;
166 if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) {
167 if (num_bad_components > 1) {
168 ret = NT_STATUS_OBJECT_PATH_NOT_FOUND;
176 /****************************************************************************
177 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
178 path or anything including wildcards.
179 We're assuming here that '/' is not the second byte in any multibyte char
180 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
182 ****************************************************************************/
184 NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard)
187 const char *s = srcname;
188 NTSTATUS ret = NT_STATUS_OK;
189 BOOL start_of_name_component = True;
190 unsigned int num_bad_components = 0;
192 *p_contains_wcard = False;
195 if (IS_DIRECTORY_SEP(*s)) {
197 * Safe to assume is not the second part of a mb char as this is handled below.
199 /* Eat multiple '/' or '\\' */
200 while (IS_DIRECTORY_SEP(*s)) {
203 if ((d != destname) && (*s != '\0')) {
204 /* We only care about non-leading or trailing '/' or '\\' */
208 start_of_name_component = True;
212 if (start_of_name_component) {
213 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
214 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
217 * No mb char starts with '.' so we're safe checking the directory separator here.
220 /* If we just added a '/' - delete it */
221 if ((d > destname) && (*(d-1) == '/')) {
226 /* Are we at the start ? Can't go back further if so. */
228 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
231 /* Go back one level... */
232 /* We know this is safe as '/' cannot be part of a mb sequence. */
233 /* NOTE - if this assumption is invalid we are not in good shape... */
234 /* Decrement d first as d points to the *next* char to write into. */
235 for (d--; d > destname; d--) {
239 s += 2; /* Else go past the .. */
240 /* We're still at the start of a name component, just the previous one. */
242 if (num_bad_components) {
243 /* Hmmm. Should we only decrement the bad_components if
244 we're removing a bad component ? Need to check this. JRA. */
245 num_bad_components--;
250 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
251 /* Component of pathname can't be "." only. */
252 ret = NT_STATUS_OBJECT_NAME_INVALID;
253 num_bad_components++;
261 return NT_STATUS_OBJECT_NAME_INVALID;
263 if (!*p_contains_wcard) {
270 *p_contains_wcard = True;
279 /* Get the size of the next MB character. */
280 next_codepoint(s,&siz);
298 DEBUG(0,("check_path_syntax_wcard: character length assumptions invalid !\n"));
300 return NT_STATUS_INVALID_PARAMETER;
303 if (start_of_name_component && num_bad_components) {
304 num_bad_components++;
306 start_of_name_component = False;
309 if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) {
310 /* For some strange reason being called from findfirst changes
311 the num_components number to cause the error return to change. JRA. */
312 if (num_bad_components > 2) {
313 ret = NT_STATUS_OBJECT_PATH_NOT_FOUND;
321 /****************************************************************************
322 Check the path for a POSIX client.
323 We're assuming here that '/' is not the second byte in any multibyte char
324 set (a safe assumption).
325 ****************************************************************************/
327 NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname)
330 const char *s = srcname;
331 NTSTATUS ret = NT_STATUS_OK;
332 BOOL start_of_name_component = True;
337 * Safe to assume is not the second part of a mb char as this is handled below.
339 /* Eat multiple '/' or '\\' */
343 if ((d != destname) && (*s != '\0')) {
344 /* We only care about non-leading or trailing '/' */
348 start_of_name_component = True;
352 if (start_of_name_component) {
353 if ((s[0] == '.') && (s[1] == '.') && (s[2] == '/' || s[2] == '\0')) {
354 /* Uh oh - "/../" or "/..\0" ! */
357 * No mb char starts with '.' so we're safe checking the directory separator here.
360 /* If we just added a '/' - delete it */
361 if ((d > destname) && (*(d-1) == '/')) {
366 /* Are we at the start ? Can't go back further if so. */
368 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
371 /* Go back one level... */
372 /* We know this is safe as '/' cannot be part of a mb sequence. */
373 /* NOTE - if this assumption is invalid we are not in good shape... */
374 /* Decrement d first as d points to the *next* char to write into. */
375 for (d--; d > destname; d--) {
379 s += 2; /* Else go past the .. */
382 } else if ((s[0] == '.') && ((s[1] == '\0') || (s[1] == '/'))) {
393 /* Get the size of the next MB character. */
394 next_codepoint(s,&siz);
412 DEBUG(0,("check_path_syntax_posix: character length assumptions invalid !\n"));
414 return NT_STATUS_INVALID_PARAMETER;
417 start_of_name_component = False;
424 /****************************************************************************
425 Pull a string and check the path allowing a wilcard - provide for error return.
426 ****************************************************************************/
428 size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags,
429 NTSTATUS *err, BOOL *contains_wcard)
432 char *tmppath_ptr = tmppath;
435 SMB_ASSERT(dest_len == sizeof(pstring));
439 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
441 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
444 *contains_wcard = False;
446 if (lp_posix_pathnames()) {
447 *err = check_path_syntax_posix(dest, tmppath);
449 *err = check_path_syntax_wcard(dest, tmppath, contains_wcard);
455 /****************************************************************************
456 Pull a string and check the path - provide for error return.
457 ****************************************************************************/
459 size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err)
462 char *tmppath_ptr = tmppath;
465 SMB_ASSERT(dest_len == sizeof(pstring));
469 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
471 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
473 if (lp_posix_pathnames()) {
474 *err = check_path_syntax_posix(dest, tmppath);
476 *err = check_path_syntax(dest, tmppath);
482 /****************************************************************************
483 Reply to a special message.
484 ****************************************************************************/
486 int reply_special(char *inbuf,char *outbuf)
489 int msg_type = CVAL(inbuf,0);
490 int msg_flags = CVAL(inbuf,1);
494 static BOOL already_got_session = False;
498 memset(outbuf,'\0',smb_size);
500 smb_setlen(outbuf,0);
503 case 0x81: /* session request */
505 if (already_got_session) {
506 exit_server_cleanly("multiple session request not permitted");
509 SCVAL(outbuf,0,0x82);
511 if (name_len(inbuf+4) > 50 ||
512 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
513 DEBUG(0,("Invalid name length in session request\n"));
516 name_extract(inbuf,4,name1);
517 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
518 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
521 set_local_machine_name(name1, True);
522 set_remote_machine_name(name2, True);
524 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
525 get_local_machine_name(), get_remote_machine_name(),
528 if (name_type == 'R') {
529 /* We are being asked for a pathworks session ---
531 SCVAL(outbuf, 0,0x83);
535 /* only add the client's machine name to the list
536 of possibly valid usernames if we are operating
537 in share mode security */
538 if (lp_security() == SEC_SHARE) {
539 add_session_user(get_remote_machine_name());
542 reload_services(True);
545 already_got_session = True;
548 case 0x89: /* session keepalive request
549 (some old clients produce this?) */
550 SCVAL(outbuf,0,SMBkeepalive);
554 case 0x82: /* positive session response */
555 case 0x83: /* negative session response */
556 case 0x84: /* retarget session response */
557 DEBUG(0,("Unexpected session response\n"));
560 case SMBkeepalive: /* session keepalive */
565 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
566 msg_type, msg_flags));
571 /****************************************************************************
573 conn POINTER CAN BE NULL HERE !
574 ****************************************************************************/
576 int reply_tcon(connection_struct *conn,
577 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
584 uint16 vuid = SVAL(inbuf,smb_uid);
588 DATA_BLOB password_blob;
590 START_PROFILE(SMBtcon);
592 *service_buf = *password = *dev = 0;
594 p = smb_buf(inbuf)+1;
595 p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1;
596 pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1;
598 p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1;
600 p = strrchr_m(service_buf,'\\');
604 service = service_buf;
607 password_blob = data_blob(password, pwlen+1);
609 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
611 data_blob_clear_free(&password_blob);
614 END_PROFILE(SMBtcon);
615 return ERROR_NT(nt_status);
618 outsize = set_message(outbuf,2,0,True);
619 SSVAL(outbuf,smb_vwv0,max_recv);
620 SSVAL(outbuf,smb_vwv1,conn->cnum);
621 SSVAL(outbuf,smb_tid,conn->cnum);
623 DEBUG(3,("tcon service=%s cnum=%d\n",
624 service, conn->cnum));
626 END_PROFILE(SMBtcon);
630 /****************************************************************************
631 Reply to a tcon and X.
632 conn POINTER CAN BE NULL HERE !
633 ****************************************************************************/
635 int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
640 /* what the cleint thinks the device is */
641 fstring client_devicetype;
642 /* what the server tells the client the share represents */
643 const char *server_devicetype;
645 uint16 vuid = SVAL(inbuf,smb_uid);
646 int passlen = SVAL(inbuf,smb_vwv3);
650 START_PROFILE(SMBtconX);
652 *service = *client_devicetype = 0;
654 /* we might have to close an old one */
655 if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) {
656 close_cnum(conn,vuid);
659 if (passlen > MAX_PASS_LEN) {
660 return ERROR_DOS(ERRDOS,ERRbuftoosmall);
663 if (global_encrypted_passwords_negotiated) {
664 password = data_blob(smb_buf(inbuf),passlen);
666 password = data_blob(smb_buf(inbuf),passlen+1);
667 /* Ensure correct termination */
668 password.data[passlen]=0;
671 p = smb_buf(inbuf) + passlen;
672 p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE);
675 * the service name can be either: \\server\share
676 * or share directly like on the DELL PowerVault 705
679 q = strchr_m(path+2,'\\');
681 END_PROFILE(SMBtconX);
682 return(ERROR_DOS(ERRDOS,ERRnosuchshare));
684 fstrcpy(service,q+1);
687 fstrcpy(service,path);
689 p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII);
691 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
693 conn = make_connection(service,password,client_devicetype,vuid,&nt_status);
695 data_blob_clear_free(&password);
698 END_PROFILE(SMBtconX);
699 return ERROR_NT(nt_status);
703 server_devicetype = "IPC";
704 else if ( IS_PRINT(conn) )
705 server_devicetype = "LPT1:";
707 server_devicetype = "A:";
709 if (Protocol < PROTOCOL_NT1) {
710 set_message(outbuf,2,0,True);
712 p += srvstr_push(outbuf, p, server_devicetype, -1,
713 STR_TERMINATE|STR_ASCII);
714 set_message_end(outbuf,p);
716 /* NT sets the fstype of IPC$ to the null string */
717 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
719 set_message(outbuf,3,0,True);
722 p += srvstr_push(outbuf, p, server_devicetype, -1,
723 STR_TERMINATE|STR_ASCII);
724 p += srvstr_push(outbuf, p, fstype, -1,
727 set_message_end(outbuf,p);
729 /* what does setting this bit do? It is set by NT4 and
730 may affect the ability to autorun mounted cdroms */
731 SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
732 (lp_csc_policy(SNUM(conn)) << 2));
734 init_dfsroot(conn, inbuf, outbuf);
738 DEBUG(3,("tconX service=%s \n",
741 /* set the incoming and outgoing tid to the just created one */
742 SSVAL(inbuf,smb_tid,conn->cnum);
743 SSVAL(outbuf,smb_tid,conn->cnum);
745 END_PROFILE(SMBtconX);
746 return chain_reply(inbuf,outbuf,length,bufsize);
749 /****************************************************************************
750 Reply to an unknown type.
751 ****************************************************************************/
753 int reply_unknown(char *inbuf,char *outbuf)
756 type = CVAL(inbuf,smb_com);
758 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
759 smb_fn_name(type), type, type));
761 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
764 /****************************************************************************
766 conn POINTER CAN BE NULL HERE !
767 ****************************************************************************/
769 int reply_ioctl(connection_struct *conn,
770 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
772 uint16 device = SVAL(inbuf,smb_vwv1);
773 uint16 function = SVAL(inbuf,smb_vwv2);
774 uint32 ioctl_code = (device << 16) + function;
775 int replysize, outsize;
777 START_PROFILE(SMBioctl);
779 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
781 switch (ioctl_code) {
782 case IOCTL_QUERY_JOB_INFO:
786 END_PROFILE(SMBioctl);
787 return(ERROR_DOS(ERRSRV,ERRnosupport));
790 outsize = set_message(outbuf,8,replysize+1,True);
791 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
792 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
793 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
794 p = smb_buf(outbuf) + 1; /* Allow for alignment */
796 switch (ioctl_code) {
797 case IOCTL_QUERY_JOB_INFO:
799 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
801 END_PROFILE(SMBioctl);
802 return(UNIXERROR(ERRDOS,ERRbadfid));
804 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
805 srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII);
807 srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII);
813 END_PROFILE(SMBioctl);
817 /****************************************************************************
819 ****************************************************************************/
821 int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
826 BOOL bad_path = False;
827 SMB_STRUCT_STAT sbuf;
830 START_PROFILE(SMBchkpth);
832 srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status);
833 if (!NT_STATUS_IS_OK(status)) {
834 END_PROFILE(SMBchkpth);
836 /* Strange DOS error code semantics only for chkpth... */
837 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
838 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
839 /* We need to map to ERRbadpath */
840 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
843 return ERROR_NT(status);
846 RESOLVE_DFSPATH(name, conn, inbuf, outbuf);
848 unix_convert(name,conn,0,&bad_path,&sbuf);
850 END_PROFILE(SMBchkpth);
851 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
854 if (check_name(name,conn)) {
855 if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0)
856 if (!(ok = S_ISDIR(sbuf.st_mode))) {
857 END_PROFILE(SMBchkpth);
858 return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath);
863 /* We special case this - as when a Windows machine
864 is parsing a path is steps through the components
865 one at a time - if a component fails it expects
866 ERRbadpath, not ERRbadfile.
868 if(errno == ENOENT) {
870 * Windows returns different error codes if
871 * the parent directory is valid but not the
872 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
873 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
874 * if the path is invalid. This is different from set_bad_path_error()
875 * in the non-NT error case.
877 END_PROFILE(SMBchkpth);
878 return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath);
881 END_PROFILE(SMBchkpth);
882 return(UNIXERROR(ERRDOS,ERRbadpath));
885 outsize = set_message(outbuf,0,0,False);
886 DEBUG(3,("chkpth %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0)));
888 END_PROFILE(SMBchkpth);
892 /****************************************************************************
894 ****************************************************************************/
896 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
900 SMB_STRUCT_STAT sbuf;
905 BOOL bad_path = False;
909 START_PROFILE(SMBgetatr);
911 p = smb_buf(inbuf) + 1;
912 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
913 if (!NT_STATUS_IS_OK(status)) {
914 END_PROFILE(SMBgetatr);
915 return ERROR_NT(status);
918 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
920 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
921 under WfWg - weird! */
923 mode = aHIDDEN | aDIR;
924 if (!CAN_WRITE(conn))
930 unix_convert(fname,conn,0,&bad_path,&sbuf);
932 END_PROFILE(SMBgetatr);
933 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
935 if (check_name(fname,conn)) {
936 if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) {
937 mode = dos_mode(conn,fname,&sbuf);
939 mtime = sbuf.st_mtime;
944 DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno)));
950 END_PROFILE(SMBgetatr);
951 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadfile);
954 outsize = set_message(outbuf,10,0,True);
956 SSVAL(outbuf,smb_vwv0,mode);
957 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
958 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
960 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
962 SIVAL(outbuf,smb_vwv3,(uint32)size);
964 if (Protocol >= PROTOCOL_NT1) {
965 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
968 DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) );
970 END_PROFILE(SMBgetatr);
974 /****************************************************************************
976 ****************************************************************************/
978 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
985 SMB_STRUCT_STAT sbuf;
986 BOOL bad_path = False;
990 START_PROFILE(SMBsetatr);
992 p = smb_buf(inbuf) + 1;
993 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
994 if (!NT_STATUS_IS_OK(status)) {
995 END_PROFILE(SMBsetatr);
996 return ERROR_NT(status);
999 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1001 unix_convert(fname,conn,0,&bad_path,&sbuf);
1003 END_PROFILE(SMBsetatr);
1004 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1007 if (fname[0] == '.' && fname[1] == '\0') {
1009 * Not sure here is the right place to catch this
1010 * condition. Might be moved to somewhere else later -- vl
1012 END_PROFILE(SMBsetatr);
1013 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
1016 mode = SVAL(inbuf,smb_vwv0);
1017 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
1019 if (mode != FILE_ATTRIBUTE_NORMAL) {
1020 if (VALID_STAT_OF_DIR(sbuf))
1025 if (check_name(fname,conn)) {
1026 ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0);
1033 ok = set_filetime(conn,fname,mtime);
1036 END_PROFILE(SMBsetatr);
1037 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
1040 outsize = set_message(outbuf,0,0,False);
1042 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1044 END_PROFILE(SMBsetatr);
1048 /****************************************************************************
1050 ****************************************************************************/
1052 int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1055 SMB_BIG_UINT dfree,dsize,bsize;
1056 START_PROFILE(SMBdskattr);
1058 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1059 END_PROFILE(SMBdskattr);
1060 return(UNIXERROR(ERRHRD,ERRgeneral));
1063 outsize = set_message(outbuf,5,0,True);
1065 if (Protocol <= PROTOCOL_LANMAN2) {
1066 double total_space, free_space;
1067 /* we need to scale this to a number that DOS6 can handle. We
1068 use floating point so we can handle large drives on systems
1069 that don't have 64 bit integers
1071 we end up displaying a maximum of 2G to DOS systems
1073 total_space = dsize * (double)bsize;
1074 free_space = dfree * (double)bsize;
1076 dsize = (total_space+63*512) / (64*512);
1077 dfree = (free_space+63*512) / (64*512);
1079 if (dsize > 0xFFFF) dsize = 0xFFFF;
1080 if (dfree > 0xFFFF) dfree = 0xFFFF;
1082 SSVAL(outbuf,smb_vwv0,dsize);
1083 SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1084 SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */
1085 SSVAL(outbuf,smb_vwv3,dfree);
1087 SSVAL(outbuf,smb_vwv0,dsize);
1088 SSVAL(outbuf,smb_vwv1,bsize/512);
1089 SSVAL(outbuf,smb_vwv2,512);
1090 SSVAL(outbuf,smb_vwv3,dfree);
1093 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1095 END_PROFILE(SMBdskattr);
1099 /****************************************************************************
1101 Can be called from SMBsearch, SMBffirst or SMBfunique.
1102 ****************************************************************************/
1104 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1114 unsigned int numentries = 0;
1115 unsigned int maxentries = 0;
1116 BOOL finished = False;
1123 BOOL check_descend = False;
1124 BOOL expect_close = False;
1125 BOOL can_open = True;
1126 BOOL bad_path = False;
1128 BOOL mask_contains_wcard = False;
1129 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1131 START_PROFILE(SMBsearch);
1133 if (lp_posix_pathnames()) {
1134 END_PROFILE(SMBsearch);
1135 return reply_unknown(inbuf, outbuf);
1138 *mask = *directory = *fname = 0;
1140 /* If we were called as SMBffirst then we must expect close. */
1141 if(CVAL(inbuf,smb_com) == SMBffirst)
1142 expect_close = True;
1144 outsize = set_message(outbuf,1,3,True);
1145 maxentries = SVAL(inbuf,smb_vwv0);
1146 dirtype = SVAL(inbuf,smb_vwv1);
1147 p = smb_buf(inbuf) + 1;
1148 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard);
1149 if (!NT_STATUS_IS_OK(nt_status)) {
1150 END_PROFILE(SMBsearch);
1151 return ERROR_NT(nt_status);
1154 RESOLVE_DFSPATH_WCARD(path, conn, inbuf, outbuf);
1157 status_len = SVAL(p, 0);
1160 /* dirtype &= ~aDIR; */
1162 if (status_len == 0) {
1163 SMB_STRUCT_STAT sbuf;
1166 pstrcpy(directory,path);
1168 unix_convert(directory,conn,0,&bad_path,&sbuf);
1171 if (!check_name(directory,conn))
1174 p = strrchr_m(dir2,'/');
1183 p = strrchr_m(directory,'/');
1189 if (strlen(directory) == 0)
1190 pstrcpy(directory,".");
1191 memset((char *)status,'\0',21);
1192 SCVAL(status,0,(dirtype & 0x1F));
1196 memcpy(status,p,21);
1197 status_dirtype = CVAL(status,0) & 0x1F;
1198 if (status_dirtype != (dirtype & 0x1F))
1199 dirtype = status_dirtype;
1201 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1204 string_set(&conn->dirpath,dptr_path(dptr_num));
1205 pstrcpy(mask, dptr_wcard(dptr_num));
1209 p = smb_buf(outbuf) + 3;
1212 if (status_len == 0) {
1213 dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype);
1215 if(dptr_num == -2) {
1216 END_PROFILE(SMBsearch);
1217 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnofids);
1219 END_PROFILE(SMBsearch);
1220 return ERROR_DOS(ERRDOS,ERRnofids);
1223 dirtype = dptr_attr(dptr_num);
1226 DEBUG(4,("dptr_num is %d\n",dptr_num));
1229 if ((dirtype&0x1F) == aVOLID) {
1230 memcpy(p,status,21);
1231 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1232 0,aVOLID,0,!allow_long_path_components);
1233 dptr_fill(p+12,dptr_num);
1234 if (dptr_zero(p+12) && (status_len==0))
1238 p += DIR_STRUCT_SIZE;
1241 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1243 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1244 conn->dirpath,lp_dontdescend(SNUM(conn))));
1245 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True))
1246 check_descend = True;
1248 for (i=numentries;(i<maxentries) && !finished;i++) {
1249 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1251 memcpy(p,status,21);
1252 make_dir_struct(p,mask,fname,size, mode,date,
1253 !allow_long_path_components);
1254 if (!dptr_fill(p+12,dptr_num)) {
1258 p += DIR_STRUCT_SIZE;
1268 /* If we were called as SMBffirst with smb_search_id == NULL
1269 and no entries were found then return error and close dirptr
1272 if (numentries == 0 || !ok) {
1273 dptr_close(&dptr_num);
1274 } else if(ok && expect_close && status_len == 0) {
1275 /* Close the dptr - we know it's gone */
1276 dptr_close(&dptr_num);
1279 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1280 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1281 dptr_close(&dptr_num);
1284 if ((numentries == 0) && !mask_contains_wcard) {
1285 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1288 SSVAL(outbuf,smb_vwv0,numentries);
1289 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1290 SCVAL(smb_buf(outbuf),0,5);
1291 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1293 /* The replies here are never long name. */
1294 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1295 if (!allow_long_path_components) {
1296 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1299 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1300 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1302 outsize += DIR_STRUCT_SIZE*numentries;
1303 smb_setlen(outbuf,outsize - 4);
1305 if ((! *directory) && dptr_path(dptr_num))
1306 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1308 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1309 smb_fn_name(CVAL(inbuf,smb_com)),
1310 mask, directory, dirtype, numentries, maxentries ) );
1312 END_PROFILE(SMBsearch);
1316 /****************************************************************************
1317 Reply to a fclose (stop directory search).
1318 ****************************************************************************/
1320 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1329 BOOL path_contains_wcard = False;
1331 START_PROFILE(SMBfclose);
1333 if (lp_posix_pathnames()) {
1334 END_PROFILE(SMBfclose);
1335 return reply_unknown(inbuf, outbuf);
1338 outsize = set_message(outbuf,1,0,True);
1339 p = smb_buf(inbuf) + 1;
1340 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard);
1341 if (!NT_STATUS_IS_OK(err)) {
1342 END_PROFILE(SMBfclose);
1343 return ERROR_NT(err);
1346 status_len = SVAL(p,0);
1349 if (status_len == 0) {
1350 END_PROFILE(SMBfclose);
1351 return ERROR_DOS(ERRSRV,ERRsrverror);
1354 memcpy(status,p,21);
1356 if(dptr_fetch(status+12,&dptr_num)) {
1357 /* Close the dptr - we know it's gone */
1358 dptr_close(&dptr_num);
1361 SSVAL(outbuf,smb_vwv0,0);
1363 DEBUG(3,("search close\n"));
1365 END_PROFILE(SMBfclose);
1369 /****************************************************************************
1371 ****************************************************************************/
1373 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1381 SMB_STRUCT_STAT sbuf;
1382 BOOL bad_path = False;
1384 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1386 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1389 uint32 create_disposition;
1390 uint32 create_options = 0;
1392 START_PROFILE(SMBopen);
1394 deny_mode = SVAL(inbuf,smb_vwv0);
1396 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1397 if (!NT_STATUS_IS_OK(status)) {
1398 END_PROFILE(SMBopen);
1399 return ERROR_NT(status);
1402 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1404 unix_convert(fname,conn,0,&bad_path,&sbuf);
1406 END_PROFILE(SMBopen);
1407 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1410 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1411 &access_mask, &share_mode, &create_disposition, &create_options)) {
1412 END_PROFILE(SMBopen);
1413 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1416 status = open_file_ntcreate(conn,fname,&sbuf,
1425 if (!NT_STATUS_IS_OK(status)) {
1426 END_PROFILE(SMBopen);
1427 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1428 /* We have re-scheduled this call. */
1431 return ERROR_NT(status);
1434 size = sbuf.st_size;
1435 fattr = dos_mode(conn,fname,&sbuf);
1436 mtime = sbuf.st_mtime;
1439 DEBUG(3,("attempt to open a directory %s\n",fname));
1440 close_file(fsp,ERROR_CLOSE);
1441 END_PROFILE(SMBopen);
1442 return ERROR_DOS(ERRDOS,ERRnoaccess);
1445 outsize = set_message(outbuf,7,0,True);
1446 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1447 SSVAL(outbuf,smb_vwv1,fattr);
1448 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1449 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1451 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1453 SIVAL(outbuf,smb_vwv4,(uint32)size);
1454 SSVAL(outbuf,smb_vwv6,deny_mode);
1456 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1457 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1460 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1461 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1463 END_PROFILE(SMBopen);
1467 /****************************************************************************
1468 Reply to an open and X.
1469 ****************************************************************************/
1471 int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1474 uint16 open_flags = SVAL(inbuf,smb_vwv2);
1475 int deny_mode = SVAL(inbuf,smb_vwv3);
1476 uint32 smb_attr = SVAL(inbuf,smb_vwv5);
1477 /* Breakout the oplock request bits so we can set the
1478 reply bits separately. */
1479 int ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf);
1480 int core_oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1481 int oplock_request = ex_oplock_request | core_oplock_request;
1483 int smb_sattr = SVAL(inbuf,smb_vwv4);
1484 uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
1486 int smb_ofun = SVAL(inbuf,smb_vwv8);
1489 SMB_STRUCT_STAT sbuf;
1491 BOOL bad_path = False;
1494 SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9);
1495 ssize_t retval = -1;
1498 uint32 create_disposition;
1499 uint32 create_options = 0;
1501 START_PROFILE(SMBopenX);
1503 /* If it's an IPC, pass off the pipe handler. */
1505 if (lp_nt_pipe_support()) {
1506 END_PROFILE(SMBopenX);
1507 return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize);
1509 END_PROFILE(SMBopenX);
1510 return ERROR_DOS(ERRSRV,ERRaccess);
1514 /* XXXX we need to handle passed times, sattr and flags */
1515 srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
1516 if (!NT_STATUS_IS_OK(status)) {
1517 END_PROFILE(SMBopenX);
1518 return ERROR_NT(status);
1521 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1523 unix_convert(fname,conn,0,&bad_path,&sbuf);
1525 END_PROFILE(SMBopenX);
1526 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1529 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1532 &create_disposition,
1534 END_PROFILE(SMBopenX);
1535 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1538 status = open_file_ntcreate(conn,fname,&sbuf,
1547 if (!NT_STATUS_IS_OK(status)) {
1548 END_PROFILE(SMBopenX);
1549 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1550 /* We have re-scheduled this call. */
1553 return ERROR_NT(status);
1556 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1557 if the file is truncated or created. */
1558 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1559 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1560 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1561 close_file(fsp,ERROR_CLOSE);
1562 END_PROFILE(SMBopenX);
1563 return ERROR_NT(NT_STATUS_DISK_FULL);
1565 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1567 close_file(fsp,ERROR_CLOSE);
1568 END_PROFILE(SMBopenX);
1569 return ERROR_NT(NT_STATUS_DISK_FULL);
1571 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1574 fattr = dos_mode(conn,fname,&sbuf);
1575 mtime = sbuf.st_mtime;
1577 close_file(fsp,ERROR_CLOSE);
1578 END_PROFILE(SMBopenX);
1579 return ERROR_DOS(ERRDOS,ERRnoaccess);
1582 /* If the caller set the extended oplock request bit
1583 and we granted one (by whatever means) - set the
1584 correct bit for extended oplock reply.
1587 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1588 smb_action |= EXTENDED_OPLOCK_GRANTED;
1591 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1592 smb_action |= EXTENDED_OPLOCK_GRANTED;
1595 /* If the caller set the core oplock request bit
1596 and we granted one (by whatever means) - set the
1597 correct bit for core oplock reply.
1600 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1601 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1604 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1605 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1608 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1609 set_message(outbuf,19,0,True);
1611 set_message(outbuf,15,0,True);
1613 SSVAL(outbuf,smb_vwv2,fsp->fnum);
1614 SSVAL(outbuf,smb_vwv3,fattr);
1615 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1616 srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1);
1618 srv_put_dos_date3(outbuf,smb_vwv4,mtime);
1620 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
1621 SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1622 SSVAL(outbuf,smb_vwv11,smb_action);
1624 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1625 SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1628 END_PROFILE(SMBopenX);
1629 return chain_reply(inbuf,outbuf,length,bufsize);
1632 /****************************************************************************
1633 Reply to a SMBulogoffX.
1634 conn POINTER CAN BE NULL HERE !
1635 ****************************************************************************/
1637 int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1639 uint16 vuid = SVAL(inbuf,smb_uid);
1640 user_struct *vuser = get_valid_user_struct(vuid);
1641 START_PROFILE(SMBulogoffX);
1644 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid));
1646 /* in user level security we are supposed to close any files
1647 open by this user */
1648 if ((vuser != 0) && (lp_security() != SEC_SHARE))
1649 file_close_user(vuid);
1651 invalidate_vuid(vuid);
1653 set_message(outbuf,2,0,True);
1655 DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) );
1657 END_PROFILE(SMBulogoffX);
1658 return chain_reply(inbuf,outbuf,length,bufsize);
1661 /****************************************************************************
1662 Reply to a mknew or a create.
1663 ****************************************************************************/
1665 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1670 uint32 fattr = SVAL(inbuf,smb_vwv0);
1671 struct utimbuf times;
1672 BOOL bad_path = False;
1674 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1675 SMB_STRUCT_STAT sbuf;
1677 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1678 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1679 uint32 create_disposition;
1680 uint32 create_options = 0;
1682 START_PROFILE(SMBcreate);
1684 com = SVAL(inbuf,smb_com);
1686 times.modtime = srv_make_unix_date3(inbuf + smb_vwv1);
1688 srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status);
1689 if (!NT_STATUS_IS_OK(status)) {
1690 END_PROFILE(SMBcreate);
1691 return ERROR_NT(status);
1694 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1696 unix_convert(fname,conn,0,&bad_path,&sbuf);
1698 END_PROFILE(SMBcreate);
1699 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1702 if (fattr & aVOLID) {
1703 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1706 if(com == SMBmknew) {
1707 /* We should fail if file exists. */
1708 create_disposition = FILE_CREATE;
1710 /* Create if file doesn't exist, truncate if it does. */
1711 create_disposition = FILE_OVERWRITE_IF;
1714 /* Open file using ntcreate. */
1715 status = open_file_ntcreate(conn,fname,&sbuf,
1724 if (!NT_STATUS_IS_OK(status)) {
1725 END_PROFILE(SMBcreate);
1726 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1727 /* We have re-scheduled this call. */
1730 return ERROR_NT(status);
1733 times.actime = sbuf.st_atime;
1734 file_utime(conn, fname, ×);
1736 outsize = set_message(outbuf,1,0,True);
1737 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1739 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1740 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1743 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1744 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1747 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1748 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1750 END_PROFILE(SMBcreate);
1754 /****************************************************************************
1755 Reply to a create temporary file.
1756 ****************************************************************************/
1758 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1762 uint32 fattr = SVAL(inbuf,smb_vwv0);
1763 BOOL bad_path = False;
1765 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1767 SMB_STRUCT_STAT sbuf;
1770 unsigned int namelen;
1772 START_PROFILE(SMBctemp);
1774 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1775 if (!NT_STATUS_IS_OK(status)) {
1776 END_PROFILE(SMBctemp);
1777 return ERROR_NT(status);
1780 pstrcat(fname,"/TMXXXXXX");
1782 pstrcat(fname,"TMXXXXXX");
1785 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1787 unix_convert(fname,conn,0,&bad_path,&sbuf);
1789 END_PROFILE(SMBctemp);
1790 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1793 tmpfd = smb_mkstemp(fname);
1795 END_PROFILE(SMBctemp);
1796 return(UNIXERROR(ERRDOS,ERRnoaccess));
1799 SMB_VFS_STAT(conn,fname,&sbuf);
1801 /* We should fail if file does not exist. */
1802 status = open_file_ntcreate(conn,fname,&sbuf,
1803 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1804 FILE_SHARE_READ|FILE_SHARE_WRITE,
1811 /* close fd from smb_mkstemp() */
1814 if (!NT_STATUS_IS_OK(status)) {
1815 END_PROFILE(SMBctemp);
1816 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1817 /* We have re-scheduled this call. */
1820 return ERROR_NT(status);
1823 outsize = set_message(outbuf,1,0,True);
1824 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1826 /* the returned filename is relative to the directory */
1827 s = strrchr_m(fname, '/');
1834 p = smb_buf(outbuf);
1836 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1837 thing in the byte section. JRA */
1838 SSVALS(p, 0, -1); /* what is this? not in spec */
1840 namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE);
1842 outsize = set_message_end(outbuf, p);
1844 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1845 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1848 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1849 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1852 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1853 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1854 (unsigned int)sbuf.st_mode ) );
1856 END_PROFILE(SMBctemp);
1860 /*******************************************************************
1861 Check if a user is allowed to rename a file.
1862 ********************************************************************/
1864 static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst)
1870 if (!CAN_WRITE(conn)) {
1871 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1874 fmode = dos_mode(conn,fname,pst);
1875 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1876 return NT_STATUS_NO_SUCH_FILE;
1879 if (S_ISDIR(pst->st_mode)) {
1880 return NT_STATUS_OK;
1883 status = open_file_ntcreate(conn, fname, pst,
1885 FILE_SHARE_READ|FILE_SHARE_WRITE,
1888 FILE_ATTRIBUTE_NORMAL,
1892 if (!NT_STATUS_IS_OK(status)) {
1895 close_file(fsp,NORMAL_CLOSE);
1896 return NT_STATUS_OK;
1899 /*******************************************************************
1900 Check if a user is allowed to delete a file.
1901 ********************************************************************/
1903 static NTSTATUS can_delete(connection_struct *conn, char *fname,
1904 uint32 dirtype, BOOL bad_path)
1906 SMB_STRUCT_STAT sbuf;
1911 DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype ));
1913 if (!CAN_WRITE(conn)) {
1914 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1917 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
1918 if(errno == ENOENT) {
1920 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
1922 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1925 return map_nt_error_from_unix(errno);
1928 fattr = dos_mode(conn,fname,&sbuf);
1930 /* Can't delete a directory. */
1932 return NT_STATUS_FILE_IS_A_DIRECTORY;
1936 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
1937 return NT_STATUS_OBJECT_NAME_INVALID;
1938 #endif /* JRATEST */
1940 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
1942 On a Windows share, a file with read-only dosmode can be opened with
1943 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
1944 fails with NT_STATUS_CANNOT_DELETE error.
1946 This semantic causes a problem that a user can not
1947 rename a file with read-only dosmode on a Samba share
1948 from a Windows command prompt (i.e. cmd.exe, but can rename
1949 from Windows Explorer).
1952 if (!lp_delete_readonly(SNUM(conn))) {
1953 if (fattr & aRONLY) {
1954 return NT_STATUS_CANNOT_DELETE;
1957 if ((fattr & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1958 return NT_STATUS_NO_SUCH_FILE;
1961 /* On open checks the open itself will check the share mode, so
1962 don't do it here as we'll get it wrong. */
1964 status = open_file_ntcreate(conn, fname, &sbuf,
1969 FILE_ATTRIBUTE_NORMAL,
1973 if (NT_STATUS_IS_OK(status)) {
1974 close_file(fsp,NORMAL_CLOSE);
1979 /****************************************************************************
1980 The guts of the unlink command, split out so it may be called by the NT SMB
1982 ****************************************************************************/
1984 NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype,
1985 char *name, BOOL has_wild)
1992 NTSTATUS error = NT_STATUS_OK;
1993 BOOL bad_path = False;
1995 SMB_STRUCT_STAT sbuf;
1997 *directory = *mask = 0;
1999 rc = unix_convert(name,conn,0,&bad_path,&sbuf);
2002 * Feel my pain, this code needs rewriting *very* badly! -- vl
2004 pstrcpy(orig_name, name);
2006 p = strrchr_m(name,'/');
2008 pstrcpy(directory,".");
2012 pstrcpy(directory,name);
2017 * We should only check the mangled cache
2018 * here if unix_convert failed. This means
2019 * that the path in 'mask' doesn't exist
2020 * on the file system and so we need to look
2021 * for a possible mangle. This patch from
2022 * Tine Smukavec <valentin.smukavec@hermes.si>.
2025 if (!rc && mangle_is_mangled(mask,conn->params))
2026 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
2029 pstrcat(directory,"/");
2030 pstrcat(directory,mask);
2031 error = can_delete(conn,directory,dirtype,bad_path);
2032 if (!NT_STATUS_IS_OK(error))
2035 if (SMB_VFS_UNLINK(conn,directory) == 0) {
2039 notify_fname(conn, orig_name, -1, NOTIFY_ACTION_REMOVED);
2042 struct smb_Dir *dir_hnd = NULL;
2045 if (strequal(mask,"????????.???"))
2048 if (check_name(directory,conn))
2049 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2051 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2052 the pattern matches against the long name, otherwise the short name
2053 We don't implement this yet XXXX
2058 error = NT_STATUS_NO_SUCH_FILE;
2060 while ((dname = ReadDirName(dir_hnd, &offset))) {
2063 BOOL sys_direntry = False;
2064 pstrcpy(fname,dname);
2066 if (!is_visible_file(conn, directory, dname, &st, True)) {
2070 /* Quick check for "." and ".." */
2071 if (fname[0] == '.') {
2072 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2073 if (dirtype & FILE_ATTRIBUTE_DIRECTORY) {
2074 sys_direntry = True;
2081 if(!mask_match(fname, mask, conn->case_sensitive))
2085 error = NT_STATUS_OBJECT_NAME_INVALID;
2086 DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n",
2091 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2092 error = can_delete(conn, fname, dirtype,
2094 if (!NT_STATUS_IS_OK(error)) {
2097 if (SMB_VFS_UNLINK(conn,fname) == 0)
2099 notify_action(conn, directory, dname,
2100 -1, NOTIFY_ACTION_REMOVED);
2101 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname));
2107 if (count == 0 && NT_STATUS_IS_OK(error)) {
2108 error = map_nt_error_from_unix(errno);
2114 /****************************************************************************
2116 ****************************************************************************/
2118 int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
2125 BOOL path_contains_wcard = False;
2127 START_PROFILE(SMBunlink);
2129 dirtype = SVAL(inbuf,smb_vwv0);
2131 srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
2132 if (!NT_STATUS_IS_OK(status)) {
2133 END_PROFILE(SMBunlink);
2134 return ERROR_NT(status);
2137 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
2139 DEBUG(3,("reply_unlink : %s\n",name));
2141 status = unlink_internals(conn, dirtype, name, path_contains_wcard);
2142 if (!NT_STATUS_IS_OK(status)) {
2143 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
2144 /* We have re-scheduled this call. */
2147 return ERROR_NT(status);
2151 * Win2k needs a changenotify request response before it will
2152 * update after a rename..
2154 process_pending_change_notify_queue((time_t)0);
2156 outsize = set_message(outbuf,0,0,False);
2158 END_PROFILE(SMBunlink);
2162 /****************************************************************************
2164 ****************************************************************************/
2166 static void fail_readraw(void)
2169 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2171 exit_server_cleanly(errstr);
2174 #if defined(WITH_SENDFILE)
2175 /****************************************************************************
2176 Fake (read/write) sendfile. Returns -1 on read or write fail.
2177 ****************************************************************************/
2179 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize)
2183 /* Paranioa check... */
2184 if (nread > bufsize) {
2189 ret = read_file(fsp,buf,startpos,nread);
2195 /* If we had a short read, fill with zeros. */
2197 memset(buf, '\0', nread - ret);
2200 if (write_data(smbd_server_fd(),buf,nread) != nread) {
2204 return (ssize_t)nread;
2208 /****************************************************************************
2209 Use sendfile in readbraw.
2210 ****************************************************************************/
2212 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2213 ssize_t mincount, char *outbuf, int out_buffsize)
2217 #if defined(WITH_SENDFILE)
2219 * We can only use sendfile on a non-chained packet
2220 * but we can use on a non-oplocked file. tridge proved this
2221 * on a train in Germany :-). JRA.
2222 * reply_readbraw has already checked the length.
2225 if ( (chain_size == 0) && (nread > 0) &&
2226 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2229 _smb_setlen(outbuf,nread);
2230 header.data = (uint8 *)outbuf;
2234 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2235 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2236 if (errno == ENOSYS) {
2237 goto normal_readbraw;
2241 * Special hack for broken Linux with no working sendfile. If we
2242 * return EINTR we sent the header but not the rest of the data.
2243 * Fake this up by doing read/write calls.
2245 if (errno == EINTR) {
2246 /* Ensure we don't do this again. */
2247 set_use_sendfile(SNUM(conn), False);
2248 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2250 if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) {
2251 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2252 fsp->fsp_name, strerror(errno) ));
2253 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2258 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2259 fsp->fsp_name, strerror(errno) ));
2260 exit_server_cleanly("send_file_readbraw sendfile failed");
2270 ret = read_file(fsp,outbuf+4,startpos,nread);
2271 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2280 _smb_setlen(outbuf,ret);
2281 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2285 /****************************************************************************
2286 Reply to a readbraw (core+ protocol).
2287 ****************************************************************************/
2289 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2291 ssize_t maxcount,mincount;
2294 char *header = outbuf;
2296 START_PROFILE(SMBreadbraw);
2298 if (srv_is_signing_active()) {
2299 exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2303 * Special check if an oplock break has been issued
2304 * and the readraw request croses on the wire, we must
2305 * return a zero length response here.
2308 fsp = file_fsp(inbuf,smb_vwv0);
2310 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2312 * fsp could be NULL here so use the value from the packet. JRA.
2314 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2315 _smb_setlen(header,0);
2316 if (write_data(smbd_server_fd(),header,4) != 4)
2318 END_PROFILE(SMBreadbraw);
2322 CHECK_FSP(fsp,conn);
2324 flush_write_cache(fsp, READRAW_FLUSH);
2326 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2327 if(CVAL(inbuf,smb_wct) == 10) {
2329 * This is a large offset (64 bit) read.
2331 #ifdef LARGE_SMB_OFF_T
2333 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2335 #else /* !LARGE_SMB_OFF_T */
2338 * Ensure we haven't been sent a >32 bit offset.
2341 if(IVAL(inbuf,smb_vwv8) != 0) {
2342 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2343 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2344 _smb_setlen(header,0);
2345 if (write_data(smbd_server_fd(),header,4) != 4)
2347 END_PROFILE(SMBreadbraw);
2351 #endif /* LARGE_SMB_OFF_T */
2354 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2355 _smb_setlen(header,0);
2356 if (write_data(smbd_server_fd(),header,4) != 4)
2358 END_PROFILE(SMBreadbraw);
2362 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2363 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2365 /* ensure we don't overrun the packet size */
2366 maxcount = MIN(65535,maxcount);
2368 if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2372 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2376 if (startpos >= size) {
2379 nread = MIN(maxcount,(size - startpos));
2383 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2384 if (nread < mincount)
2388 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2389 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2391 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2393 DEBUG(5,("readbraw finished\n"));
2394 END_PROFILE(SMBreadbraw);
2399 #define DBGC_CLASS DBGC_LOCKING
2401 /****************************************************************************
2402 Reply to a lockread (core+ protocol).
2403 ****************************************************************************/
2405 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2413 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2414 struct byte_range_lock *br_lck = NULL;
2415 START_PROFILE(SMBlockread);
2417 CHECK_FSP(fsp,conn);
2418 if (!CHECK_READ(fsp,inbuf)) {
2419 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2422 release_level_2_oplocks_on_change(fsp);
2424 numtoread = SVAL(inbuf,smb_vwv1);
2425 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2427 outsize = set_message(outbuf,5,3,True);
2428 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2429 data = smb_buf(outbuf) + 3;
2432 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2433 * protocol request that predates the read/write lock concept.
2434 * Thus instead of asking for a read lock here we need to ask
2435 * for a write lock. JRA.
2436 * Note that the requested lock size is unaffected by max_recv.
2439 br_lck = do_lock(fsp,
2440 (uint32)SVAL(inbuf,smb_pid),
2441 (SMB_BIG_UINT)numtoread,
2442 (SMB_BIG_UINT)startpos,
2445 False, /* Non-blocking lock. */
2447 TALLOC_FREE(br_lck);
2449 if (NT_STATUS_V(status)) {
2450 END_PROFILE(SMBlockread);
2451 return ERROR_NT(status);
2455 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2458 if (numtoread > max_recv) {
2459 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2460 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2461 (unsigned int)numtoread, (unsigned int)max_recv ));
2462 numtoread = MIN(numtoread,max_recv);
2464 nread = read_file(fsp,data,startpos,numtoread);
2467 END_PROFILE(SMBlockread);
2468 return(UNIXERROR(ERRDOS,ERRnoaccess));
2472 SSVAL(outbuf,smb_vwv0,nread);
2473 SSVAL(outbuf,smb_vwv5,nread+3);
2474 SSVAL(smb_buf(outbuf),1,nread);
2476 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2477 fsp->fnum, (int)numtoread, (int)nread));
2479 END_PROFILE(SMBlockread);
2484 #define DBGC_CLASS DBGC_ALL
2486 /****************************************************************************
2488 ****************************************************************************/
2490 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2497 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2498 START_PROFILE(SMBread);
2500 CHECK_FSP(fsp,conn);
2501 if (!CHECK_READ(fsp,inbuf)) {
2502 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2505 numtoread = SVAL(inbuf,smb_vwv1);
2506 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2508 outsize = set_message(outbuf,5,3,True);
2509 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2511 * The requested read size cannot be greater than max_recv. JRA.
2513 if (numtoread > max_recv) {
2514 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2515 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2516 (unsigned int)numtoread, (unsigned int)max_recv ));
2517 numtoread = MIN(numtoread,max_recv);
2520 data = smb_buf(outbuf) + 3;
2522 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2523 END_PROFILE(SMBread);
2524 return ERROR_DOS(ERRDOS,ERRlock);
2528 nread = read_file(fsp,data,startpos,numtoread);
2531 END_PROFILE(SMBread);
2532 return(UNIXERROR(ERRDOS,ERRnoaccess));
2536 SSVAL(outbuf,smb_vwv0,nread);
2537 SSVAL(outbuf,smb_vwv5,nread+3);
2538 SCVAL(smb_buf(outbuf),0,1);
2539 SSVAL(smb_buf(outbuf),1,nread);
2541 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2542 fsp->fnum, (int)numtoread, (int)nread ) );
2544 END_PROFILE(SMBread);
2548 /****************************************************************************
2549 Reply to a read and X - possibly using sendfile.
2550 ****************************************************************************/
2552 int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf,
2553 files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt)
2557 char *data = smb_buf(outbuf);
2559 #if defined(WITH_SENDFILE)
2561 * We can only use sendfile on a non-chained packet
2562 * but we can use on a non-oplocked file. tridge proved this
2563 * on a train in Germany :-). JRA.
2566 if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) &&
2567 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2568 SMB_STRUCT_STAT sbuf;
2571 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1)
2572 return(UNIXERROR(ERRDOS,ERRnoaccess));
2574 if (startpos > sbuf.st_size)
2577 if (smb_maxcnt > (sbuf.st_size - startpos))
2578 smb_maxcnt = (sbuf.st_size - startpos);
2580 if (smb_maxcnt == 0)
2584 * Set up the packet header before send. We
2585 * assume here the sendfile will work (get the
2586 * correct amount of data).
2589 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2590 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2591 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2592 SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1));
2593 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2594 SCVAL(outbuf,smb_vwv0,0xFF);
2595 set_message(outbuf,12,smb_maxcnt,False);
2596 header.data = (uint8 *)outbuf;
2597 header.length = data - outbuf;
2600 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2601 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2602 if (errno == ENOSYS) {
2607 * Special hack for broken Linux with no working sendfile. If we
2608 * return EINTR we sent the header but not the rest of the data.
2609 * Fake this up by doing read/write calls.
2612 if (errno == EINTR) {
2613 /* Ensure we don't do this again. */
2614 set_use_sendfile(SNUM(conn), False);
2615 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2617 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2618 len_outbuf - (data-outbuf))) == -1) {
2619 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2620 fsp->fsp_name, strerror(errno) ));
2621 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2623 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2624 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2625 /* Returning -1 here means successful sendfile. */
2629 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2630 fsp->fsp_name, strerror(errno) ));
2631 exit_server_cleanly("send_file_readX sendfile failed");
2634 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2635 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2636 /* Returning -1 here means successful sendfile. */
2644 nread = read_file(fsp,data,startpos,smb_maxcnt);
2647 return(UNIXERROR(ERRDOS,ERRnoaccess));
2650 outsize = set_message(outbuf,12,nread,False);
2651 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2652 SSVAL(outbuf,smb_vwv5,nread);
2653 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2654 SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1));
2655 SSVAL(smb_buf(outbuf),-2,nread);
2657 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2658 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2660 /* Returning the number of bytes we want to send back - including header. */
2664 /****************************************************************************
2665 Reply to a read and X.
2666 ****************************************************************************/
2668 int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2670 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2671 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2673 size_t smb_maxcnt = SVAL(inbuf,smb_vwv5);
2675 size_t smb_mincnt = SVAL(inbuf,smb_vwv6);
2678 START_PROFILE(SMBreadX);
2680 /* If it's an IPC, pass off the pipe handler. */
2682 END_PROFILE(SMBreadX);
2683 return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize);
2686 CHECK_FSP(fsp,conn);
2687 if (!CHECK_READ(fsp,inbuf)) {
2688 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2691 set_message(outbuf,12,0,True);
2693 if (global_client_caps & CAP_LARGE_READX) {
2694 if (SVAL(inbuf,smb_vwv7) == 1) {
2695 smb_maxcnt |= (1<<16);
2697 if (smb_maxcnt > BUFFER_SIZE) {
2698 DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n",
2699 (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE));
2700 END_PROFILE(SMBreadX);
2701 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
2705 if(CVAL(inbuf,smb_wct) == 12) {
2706 #ifdef LARGE_SMB_OFF_T
2708 * This is a large offset (64 bit) read.
2710 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32);
2712 #else /* !LARGE_SMB_OFF_T */
2715 * Ensure we haven't been sent a >32 bit offset.
2718 if(IVAL(inbuf,smb_vwv10) != 0) {
2719 DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \
2720 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) ));
2721 END_PROFILE(SMBreadX);
2722 return ERROR_DOS(ERRDOS,ERRbadaccess);
2725 #endif /* LARGE_SMB_OFF_T */
2729 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2730 END_PROFILE(SMBreadX);
2731 return ERROR_DOS(ERRDOS,ERRlock);
2734 if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) {
2735 END_PROFILE(SMBreadX);
2739 nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt);
2741 nread = chain_reply(inbuf,outbuf,length,bufsize);
2743 END_PROFILE(SMBreadX);
2747 /****************************************************************************
2748 Reply to a writebraw (core+ or LANMAN1.0 protocol).
2749 ****************************************************************************/
2751 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2754 ssize_t total_written=0;
2755 size_t numtowrite=0;
2760 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2762 START_PROFILE(SMBwritebraw);
2764 if (srv_is_signing_active()) {
2765 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
2768 CHECK_FSP(fsp,conn);
2769 if (!CHECK_WRITE(fsp)) {
2770 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2773 tcount = IVAL(inbuf,smb_vwv1);
2774 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2775 write_through = BITSETW(inbuf+smb_vwv7,0);
2777 /* We have to deal with slightly different formats depending
2778 on whether we are using the core+ or lanman1.0 protocol */
2780 if(Protocol <= PROTOCOL_COREPLUS) {
2781 numtowrite = SVAL(smb_buf(inbuf),-2);
2782 data = smb_buf(inbuf);
2784 numtowrite = SVAL(inbuf,smb_vwv10);
2785 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
2788 /* force the error type */
2789 SCVAL(inbuf,smb_com,SMBwritec);
2790 SCVAL(outbuf,smb_com,SMBwritec);
2792 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2793 END_PROFILE(SMBwritebraw);
2794 return(ERROR_DOS(ERRDOS,ERRlock));
2798 nwritten = write_file(fsp,data,startpos,numtowrite);
2800 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
2801 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
2803 if (nwritten < (ssize_t)numtowrite) {
2804 END_PROFILE(SMBwritebraw);
2805 return(UNIXERROR(ERRHRD,ERRdiskfull));
2808 total_written = nwritten;
2810 /* Return a message to the redirector to tell it to send more bytes */
2811 SCVAL(outbuf,smb_com,SMBwritebraw);
2812 SSVALS(outbuf,smb_vwv0,-1);
2813 outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
2815 if (!send_smb(smbd_server_fd(),outbuf))
2816 exit_server_cleanly("reply_writebraw: send_smb failed.");
2818 /* Now read the raw data into the buffer and write it */
2819 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
2820 exit_server_cleanly("secondary writebraw failed");
2823 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
2824 numtowrite = smb_len(inbuf);
2826 /* Set up outbuf to return the correct return */
2827 outsize = set_message(outbuf,1,0,True);
2828 SCVAL(outbuf,smb_com,SMBwritec);
2830 if (numtowrite != 0) {
2832 if (numtowrite > BUFFER_SIZE) {
2833 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
2834 (unsigned int)numtowrite ));
2835 exit_server_cleanly("secondary writebraw failed");
2838 if (tcount > nwritten+numtowrite) {
2839 DEBUG(3,("Client overestimated the write %d %d %d\n",
2840 (int)tcount,(int)nwritten,(int)numtowrite));
2843 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
2844 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
2846 exit_server_cleanly("secondary writebraw failed");
2849 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
2850 if (nwritten == -1) {
2851 END_PROFILE(SMBwritebraw);
2852 return(UNIXERROR(ERRHRD,ERRdiskfull));
2855 if (nwritten < (ssize_t)numtowrite) {
2856 SCVAL(outbuf,smb_rcls,ERRHRD);
2857 SSVAL(outbuf,smb_err,ERRdiskfull);
2861 total_written += nwritten;
2864 SSVAL(outbuf,smb_vwv0,total_written);
2866 sync_file(conn, fsp, write_through);
2868 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
2869 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
2871 /* we won't return a status if write through is not selected - this follows what WfWg does */
2872 END_PROFILE(SMBwritebraw);
2873 if (!write_through && total_written==tcount) {
2875 #if RABBIT_PELLET_FIX
2877 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
2878 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
2880 if (!send_keepalive(smbd_server_fd()))
2881 exit_server_cleanly("reply_writebraw: send of keepalive failed");
2890 #define DBGC_CLASS DBGC_LOCKING
2892 /****************************************************************************
2893 Reply to a writeunlock (core+).
2894 ****************************************************************************/
2896 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
2897 int size, int dum_buffsize)
2899 ssize_t nwritten = -1;
2903 NTSTATUS status = NT_STATUS_OK;
2904 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2906 START_PROFILE(SMBwriteunlock);
2908 CHECK_FSP(fsp,conn);
2909 if (!CHECK_WRITE(fsp)) {
2910 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2913 numtowrite = SVAL(inbuf,smb_vwv1);
2914 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2915 data = smb_buf(inbuf) + 3;
2917 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2918 END_PROFILE(SMBwriteunlock);
2919 return ERROR_DOS(ERRDOS,ERRlock);
2922 /* The special X/Open SMB protocol handling of
2923 zero length writes is *NOT* done for
2925 if(numtowrite == 0) {
2928 nwritten = write_file(fsp,data,startpos,numtowrite);
2931 sync_file(conn, fsp, False /* write through */);
2933 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2934 END_PROFILE(SMBwriteunlock);
2935 return(UNIXERROR(ERRHRD,ERRdiskfull));
2939 status = do_unlock(fsp,
2940 (uint32)SVAL(inbuf,smb_pid),
2941 (SMB_BIG_UINT)numtowrite,
2942 (SMB_BIG_UINT)startpos,
2945 if (NT_STATUS_V(status)) {
2946 END_PROFILE(SMBwriteunlock);
2947 return ERROR_NT(status);
2951 outsize = set_message(outbuf,1,0,True);
2953 SSVAL(outbuf,smb_vwv0,nwritten);
2955 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
2956 fsp->fnum, (int)numtowrite, (int)nwritten));
2958 END_PROFILE(SMBwriteunlock);
2963 #define DBGC_CLASS DBGC_ALL
2965 /****************************************************************************
2967 ****************************************************************************/
2969 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
2972 ssize_t nwritten = -1;
2975 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2977 START_PROFILE(SMBwrite);
2979 /* If it's an IPC, pass off the pipe handler. */
2981 END_PROFILE(SMBwrite);
2982 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
2985 CHECK_FSP(fsp,conn);
2986 if (!CHECK_WRITE(fsp)) {
2987 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2990 numtowrite = SVAL(inbuf,smb_vwv1);
2991 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2992 data = smb_buf(inbuf) + 3;
2994 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2995 END_PROFILE(SMBwrite);
2996 return ERROR_DOS(ERRDOS,ERRlock);
3000 * X/Open SMB protocol says that if smb_vwv1 is
3001 * zero then the file size should be extended or
3002 * truncated to the size given in smb_vwv[2-3].
3005 if(numtowrite == 0) {
3007 * This is actually an allocate call, and set EOF. JRA.
3009 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3011 END_PROFILE(SMBwrite);
3012 return ERROR_NT(NT_STATUS_DISK_FULL);
3014 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3016 END_PROFILE(SMBwrite);
3017 return ERROR_NT(NT_STATUS_DISK_FULL);
3020 nwritten = write_file(fsp,data,startpos,numtowrite);
3022 sync_file(conn, fsp, False);
3024 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3025 END_PROFILE(SMBwrite);
3026 return(UNIXERROR(ERRHRD,ERRdiskfull));
3029 outsize = set_message(outbuf,1,0,True);
3031 SSVAL(outbuf,smb_vwv0,nwritten);
3033 if (nwritten < (ssize_t)numtowrite) {
3034 SCVAL(outbuf,smb_rcls,ERRHRD);
3035 SSVAL(outbuf,smb_err,ERRdiskfull);
3038 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3040 END_PROFILE(SMBwrite);
3044 /****************************************************************************
3045 Reply to a write and X.
3046 ****************************************************************************/
3048 int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
3050 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
3051 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3052 size_t numtowrite = SVAL(inbuf,smb_vwv10);
3053 BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
3054 ssize_t nwritten = -1;
3055 unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
3056 unsigned int smblen = smb_len(inbuf);
3058 BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
3059 START_PROFILE(SMBwriteX);
3061 /* If it's an IPC, pass off the pipe handler. */
3063 END_PROFILE(SMBwriteX);
3064 return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
3067 CHECK_FSP(fsp,conn);
3068 if (!CHECK_WRITE(fsp)) {
3069 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3072 set_message(outbuf,6,0,True);
3074 /* Deal with possible LARGE_WRITEX */
3076 numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
3079 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3080 END_PROFILE(SMBwriteX);
3081 return ERROR_DOS(ERRDOS,ERRbadmem);
3084 data = smb_base(inbuf) + smb_doff;
3086 if(CVAL(inbuf,smb_wct) == 14) {
3087 #ifdef LARGE_SMB_OFF_T
3089 * This is a large offset (64 bit) write.
3091 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32);
3093 #else /* !LARGE_SMB_OFF_T */
3096 * Ensure we haven't been sent a >32 bit offset.
3099 if(IVAL(inbuf,smb_vwv12) != 0) {
3100 DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \
3101 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) ));
3102 END_PROFILE(SMBwriteX);
3103 return ERROR_DOS(ERRDOS,ERRbadaccess);
3106 #endif /* LARGE_SMB_OFF_T */
3109 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3110 END_PROFILE(SMBwriteX);
3111 return ERROR_DOS(ERRDOS,ERRlock);
3114 /* X/Open SMB protocol says that, unlike SMBwrite
3115 if the length is zero then NO truncation is
3116 done, just a write of zero. To truncate a file,
3119 if(numtowrite == 0) {
3123 if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize,
3124 fsp,data,startpos,numtowrite)) {
3125 END_PROFILE(SMBwriteX);
3129 nwritten = write_file(fsp,data,startpos,numtowrite);
3132 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3133 END_PROFILE(SMBwriteX);
3134 return(UNIXERROR(ERRHRD,ERRdiskfull));
3137 SSVAL(outbuf,smb_vwv2,nwritten);
3139 SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
3141 if (nwritten < (ssize_t)numtowrite) {
3142 SCVAL(outbuf,smb_rcls,ERRHRD);
3143 SSVAL(outbuf,smb_err,ERRdiskfull);
3146 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3147 fsp->fnum, (int)numtowrite, (int)nwritten));
3149 sync_file(conn, fsp, write_through);
3151 END_PROFILE(SMBwriteX);
3152 return chain_reply(inbuf,outbuf,length,bufsize);
3155 /****************************************************************************
3157 ****************************************************************************/
3159 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3165 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3166 START_PROFILE(SMBlseek);
3168 CHECK_FSP(fsp,conn);
3170 flush_write_cache(fsp, SEEK_FLUSH);
3172 mode = SVAL(inbuf,smb_vwv1) & 3;
3173 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3174 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3183 res = fsp->fh->pos + startpos;
3194 if (umode == SEEK_END) {
3195 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3196 if(errno == EINVAL) {
3197 SMB_OFF_T current_pos = startpos;
3198 SMB_STRUCT_STAT sbuf;
3200 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3201 END_PROFILE(SMBlseek);
3202 return(UNIXERROR(ERRDOS,ERRnoaccess));
3205 current_pos += sbuf.st_size;
3207 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3212 END_PROFILE(SMBlseek);
3213 return(UNIXERROR(ERRDOS,ERRnoaccess));
3219 outsize = set_message(outbuf,2,0,True);
3220 SIVAL(outbuf,smb_vwv0,res);
3222 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3223 fsp->fnum, (double)startpos, (double)res, mode));
3225 END_PROFILE(SMBlseek);
3229 /****************************************************************************
3231 ****************************************************************************/
3233 int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3235 int outsize = set_message(outbuf,0,0,False);
3236 uint16 fnum = SVAL(inbuf,smb_vwv0);
3237 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3238 START_PROFILE(SMBflush);
3241 CHECK_FSP(fsp,conn);
3244 file_sync_all(conn);
3246 sync_file(conn,fsp, True);
3249 DEBUG(3,("flush\n"));
3250 END_PROFILE(SMBflush);
3254 /****************************************************************************
3256 conn POINTER CAN BE NULL HERE !
3257 ****************************************************************************/
3259 int reply_exit(connection_struct *conn,
3260 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3263 START_PROFILE(SMBexit);
3265 file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid));
3267 outsize = set_message(outbuf,0,0,False);
3269 DEBUG(3,("exit\n"));
3271 END_PROFILE(SMBexit);
3275 /****************************************************************************
3276 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3277 ****************************************************************************/
3279 int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
3284 int32 eclass = 0, err = 0;
3285 files_struct *fsp = NULL;
3286 START_PROFILE(SMBclose);
3288 outsize = set_message(outbuf,0,0,False);
3290 /* If it's an IPC, pass off to the pipe handler. */
3292 END_PROFILE(SMBclose);
3293 return reply_pipe_close(conn, inbuf,outbuf);
3296 fsp = file_fsp(inbuf,smb_vwv0);
3299 * We can only use CHECK_FSP if we know it's not a directory.
3302 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3303 END_PROFILE(SMBclose);
3304 return ERROR_DOS(ERRDOS,ERRbadfid);
3307 if(fsp->is_directory) {
3309 * Special case - close NT SMB directory handle.
3311 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3312 close_file(fsp,NORMAL_CLOSE);
3315 * Close ordinary file.
3319 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3320 fsp->fh->fd, fsp->fnum,
3321 conn->num_files_open));
3324 * Take care of any time sent in the close.
3327 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
3328 fsp_set_pending_modtime(fsp, mtime);
3331 * close_file() returns the unix errno if an error
3332 * was detected on close - normally this is due to
3333 * a disk full error. If not then it was probably an I/O error.
3336 if((close_err = close_file(fsp,NORMAL_CLOSE)) != 0) {
3338 END_PROFILE(SMBclose);
3339 return (UNIXERROR(ERRHRD,ERRgeneral));
3343 /* We have a cached error */
3345 END_PROFILE(SMBclose);
3346 return ERROR_DOS(eclass,err);
3349 END_PROFILE(SMBclose);
3353 /****************************************************************************
3354 Reply to a writeclose (Core+ protocol).
3355 ****************************************************************************/
3357 int reply_writeclose(connection_struct *conn,
3358 char *inbuf,char *outbuf, int size, int dum_buffsize)
3361 ssize_t nwritten = -1;
3367 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3368 START_PROFILE(SMBwriteclose);
3370 CHECK_FSP(fsp,conn);
3371 if (!CHECK_WRITE(fsp)) {
3372 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3375 numtowrite = SVAL(inbuf,smb_vwv1);
3376 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3377 mtime = srv_make_unix_date3(inbuf+smb_vwv4);
3378 data = smb_buf(inbuf) + 1;
3380 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3381 END_PROFILE(SMBwriteclose);
3382 return ERROR_DOS(ERRDOS,ERRlock);
3385 nwritten = write_file(fsp,data,startpos,numtowrite);
3387 set_filetime(conn, fsp->fsp_name,mtime);
3390 * More insanity. W2K only closes the file if writelen > 0.
3395 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3397 close_err = close_file(fsp,NORMAL_CLOSE);
3400 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3401 fsp->fnum, (int)numtowrite, (int)nwritten,
3402 conn->num_files_open));
3404 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3405 END_PROFILE(SMBwriteclose);
3406 return(UNIXERROR(ERRHRD,ERRdiskfull));
3409 if(close_err != 0) {
3411 END_PROFILE(SMBwriteclose);
3412 return(UNIXERROR(ERRHRD,ERRgeneral));
3415 outsize = set_message(outbuf,1,0,True);
3417 SSVAL(outbuf,smb_vwv0,nwritten);
3418 END_PROFILE(SMBwriteclose);
3423 #define DBGC_CLASS DBGC_LOCKING
3425 /****************************************************************************
3427 ****************************************************************************/
3429 int reply_lock(connection_struct *conn,
3430 char *inbuf,char *outbuf, int length, int dum_buffsize)
3432 int outsize = set_message(outbuf,0,0,False);
3433 SMB_BIG_UINT count,offset;
3435 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3436 struct byte_range_lock *br_lck = NULL;
3438 START_PROFILE(SMBlock);
3440 CHECK_FSP(fsp,conn);
3442 release_level_2_oplocks_on_change(fsp);
3444 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3445 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3447 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3448 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3450 br_lck = do_lock(fsp,
3451 (uint32)SVAL(inbuf,smb_pid),
3456 False, /* Non-blocking lock. */
3459 TALLOC_FREE(br_lck);
3461 if (NT_STATUS_V(status)) {
3462 END_PROFILE(SMBlock);
3463 return ERROR_NT(status);
3466 END_PROFILE(SMBlock);
3470 /****************************************************************************
3472 ****************************************************************************/
3474 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3477 int outsize = set_message(outbuf,0,0,False);
3478 SMB_BIG_UINT count,offset;
3480 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3481 START_PROFILE(SMBunlock);
3483 CHECK_FSP(fsp,conn);
3485 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3486 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3488 status = do_unlock(fsp,
3489 (uint32)SVAL(inbuf,smb_pid),
3494 if (NT_STATUS_V(status)) {
3495 END_PROFILE(SMBunlock);
3496 return ERROR_NT(status);
3499 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3500 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3502 END_PROFILE(SMBunlock);
3507 #define DBGC_CLASS DBGC_ALL
3509 /****************************************************************************
3511 conn POINTER CAN BE NULL HERE !
3512 ****************************************************************************/
3514 int reply_tdis(connection_struct *conn,
3515 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3517 int outsize = set_message(outbuf,0,0,False);
3519 START_PROFILE(SMBtdis);
3521 vuid = SVAL(inbuf,smb_uid);
3524 DEBUG(4,("Invalid connection in tdis\n"));
3525 END_PROFILE(SMBtdis);
3526 return ERROR_DOS(ERRSRV,ERRinvnid);
3531 close_cnum(conn,vuid);
3533 END_PROFILE(SMBtdis);
3537 /****************************************************************************
3539 conn POINTER CAN BE NULL HERE !
3540 ****************************************************************************/
3542 int reply_echo(connection_struct *conn,
3543 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3545 int smb_reverb = SVAL(inbuf,smb_vwv0);
3547 unsigned int data_len = smb_buflen(inbuf);
3548 int outsize = set_message(outbuf,1,data_len,True);
3549 START_PROFILE(SMBecho);
3551 if (data_len > BUFFER_SIZE) {
3552 DEBUG(0,("reply_echo: data_len too large.\n"));
3553 END_PROFILE(SMBecho);
3557 /* copy any incoming data back out */
3559 memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len);
3561 if (smb_reverb > 100) {
3562 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3566 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3567 SSVAL(outbuf,smb_vwv0,seq_num);
3569 smb_setlen(outbuf,outsize - 4);
3572 if (!send_smb(smbd_server_fd(),outbuf))
3573 exit_server_cleanly("reply_echo: send_smb failed.");
3576 DEBUG(3,("echo %d times\n", smb_reverb));
3580 END_PROFILE(SMBecho);
3584 /****************************************************************************
3585 Reply to a printopen.
3586 ****************************************************************************/
3588 int reply_printopen(connection_struct *conn,
3589 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3595 START_PROFILE(SMBsplopen);
3597 if (!CAN_PRINT(conn)) {
3598 END_PROFILE(SMBsplopen);
3599 return ERROR_DOS(ERRDOS,ERRnoaccess);
3602 /* Open for exclusive use, write only. */
3603 status = print_fsp_open(conn, NULL, &fsp);
3605 if (!NT_STATUS_IS_OK(status)) {
3606 END_PROFILE(SMBsplopen);
3607 return(ERROR_NT(status));
3610 outsize = set_message(outbuf,1,0,True);
3611 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3613 DEBUG(3,("openprint fd=%d fnum=%d\n",
3614 fsp->fh->fd, fsp->fnum));
3616 END_PROFILE(SMBsplopen);
3620 /****************************************************************************
3621 Reply to a printclose.
3622 ****************************************************************************/
3624 int reply_printclose(connection_struct *conn,
3625 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3627 int outsize = set_message(outbuf,0,0,False);
3628 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3630 START_PROFILE(SMBsplclose);
3632 CHECK_FSP(fsp,conn);
3634 if (!CAN_PRINT(conn)) {
3635 END_PROFILE(SMBsplclose);
3636 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
3639 DEBUG(3,("printclose fd=%d fnum=%d\n",
3640 fsp->fh->fd,fsp->fnum));
3642 close_err = close_file(fsp,NORMAL_CLOSE);
3644 if(close_err != 0) {
3646 END_PROFILE(SMBsplclose);
3647 return(UNIXERROR(ERRHRD,ERRgeneral));
3650 END_PROFILE(SMBsplclose);
3654 /****************************************************************************
3655 Reply to a printqueue.
3656 ****************************************************************************/
3658 int reply_printqueue(connection_struct *conn,
3659 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3661 int outsize = set_message(outbuf,2,3,True);
3662 int max_count = SVAL(inbuf,smb_vwv0);
3663 int start_index = SVAL(inbuf,smb_vwv1);
3664 START_PROFILE(SMBsplretq);
3666 /* we used to allow the client to get the cnum wrong, but that
3667 is really quite gross and only worked when there was only
3668 one printer - I think we should now only accept it if they
3669 get it right (tridge) */
3670 if (!CAN_PRINT(conn)) {
3671 END_PROFILE(SMBsplretq);
3672 return ERROR_DOS(ERRDOS,ERRnoaccess);
3675 SSVAL(outbuf,smb_vwv0,0);
3676 SSVAL(outbuf,smb_vwv1,0);
3677 SCVAL(smb_buf(outbuf),0,1);
3678 SSVAL(smb_buf(outbuf),1,0);
3680 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
3681 start_index, max_count));
3684 print_queue_struct *queue = NULL;
3685 print_status_struct status;
3686 char *p = smb_buf(outbuf) + 3;
3687 int count = print_queue_status(SNUM(conn), &queue, &status);
3688 int num_to_get = ABS(max_count);
3689 int first = (max_count>0?start_index:start_index+max_count+1);
3695 num_to_get = MIN(num_to_get,count-first);
3698 for (i=first;i<first+num_to_get;i++) {
3699 srv_put_dos_date2(p,0,queue[i].time);
3700 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
3701 SSVAL(p,5, queue[i].job);
3702 SIVAL(p,7,queue[i].size);
3704 srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII);
3709 outsize = set_message(outbuf,2,28*count+3,False);
3710 SSVAL(outbuf,smb_vwv0,count);
3711 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
3712 SCVAL(smb_buf(outbuf),0,1);
3713 SSVAL(smb_buf(outbuf),1,28*count);
3718 DEBUG(3,("%d entries returned in queue\n",count));
3721 END_PROFILE(SMBsplretq);
3725 /****************************************************************************
3726 Reply to a printwrite.
3727 ****************************************************************************/
3729 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3732 int outsize = set_message(outbuf,0,0,False);
3734 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3736 START_PROFILE(SMBsplwr);
3738 if (!CAN_PRINT(conn)) {
3739 END_PROFILE(SMBsplwr);
3740 return ERROR_DOS(ERRDOS,ERRnoaccess);
3743 CHECK_FSP(fsp,conn);
3744 if (!CHECK_WRITE(fsp)) {
3745 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3748 numtowrite = SVAL(smb_buf(inbuf),1);
3749 data = smb_buf(inbuf) + 3;
3751 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
3752 END_PROFILE(SMBsplwr);
3753 return(UNIXERROR(ERRHRD,ERRdiskfull));
3756 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
3758 END_PROFILE(SMBsplwr);
3762 /****************************************************************************
3764 ****************************************************************************/
3766 int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3771 BOOL bad_path = False;
3772 SMB_STRUCT_STAT sbuf;
3774 START_PROFILE(SMBmkdir);
3776 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3777 if (!NT_STATUS_IS_OK(status)) {
3778 END_PROFILE(SMBmkdir);
3779 return ERROR_NT(status);
3782 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf);
3784 unix_convert(directory,conn,0,&bad_path,&sbuf);
3786 END_PROFILE(SMBmkdir);
3787 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
3790 status = create_directory(conn, directory);
3792 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
3794 if (!NT_STATUS_IS_OK(status)) {
3796 if (!use_nt_status()
3797 && NT_STATUS_EQUAL(status,
3798 NT_STATUS_OBJECT_NAME_COLLISION)) {
3800 * Yes, in the DOS error code case we get a
3801 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
3802 * samba4 torture test.
3804 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
3807 END_PROFILE(SMBmkdir);
3808 return ERROR_NT(status);
3811 outsize = set_message(outbuf,0,0,False);
3813 DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) );
3815 END_PROFILE(SMBmkdir);
3819 /****************************************************************************
3820 Static function used by reply_rmdir to delete an entire directory
3821 tree recursively. Return True on ok, False on fail.
3822 ****************************************************************************/
3824 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
3826 const char *dname = NULL;
3829 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3834 while((dname = ReadDirName(dir_hnd, &offset))) {
3838 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3841 if (!is_visible_file(conn, directory, dname, &st, False))
3844 /* Construct the full name. */
3845 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3851 pstrcpy(fullname, directory);
3852 pstrcat(fullname, "/");
3853 pstrcat(fullname, dname);
3855 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
3860 if(st.st_mode & S_IFDIR) {
3861 if(!recursive_rmdir(conn, fullname)) {
3865 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
3869 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
3878 /****************************************************************************
3879 The internals of the rmdir code - called elsewhere.
3880 ****************************************************************************/
3882 BOOL rmdir_internals(connection_struct *conn, const char *directory)
3887 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3888 if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
3890 * Check to see if the only thing in this directory are
3891 * vetoed files/directories. If so then delete them and
3892 * retry. If we fail to delete any of them (and we *don't*
3893 * do a recursive delete) then fail the rmdir.
3897 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3899 if(dir_hnd == NULL) {
3904 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3905 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3907 if (!is_visible_file(conn, directory, dname, &st, False))
3909 if(!IS_VETO_PATH(conn, dname)) {
3916 /* We only have veto files/directories. Recursive delete. */
3918 RewindDir(dir_hnd,&dirpos);
3919 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3922 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3924 if (!is_visible_file(conn, directory, dname, &st, False))
3927 /* Construct the full name. */
3928 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3933 pstrcpy(fullname, directory);
3934 pstrcat(fullname, "/");
3935 pstrcat(fullname, dname);
3937 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
3939 if(st.st_mode & S_IFDIR) {
3940 if(lp_recursive_veto_delete(SNUM(conn))) {
3941 if(!recursive_rmdir(conn, fullname))
3944 if(SMB_VFS_RMDIR(conn,fullname) != 0)
3946 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
3950 /* Retry the rmdir */
3951 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3957 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
3958 "%s\n", directory,strerror(errno)));
3964 const char *dirname;
3966 if (parent_dirname_talloc(tmp_talloc_ctx(), directory,
3967 &parent_dir, &dirname)) {
3968 notify_action(conn, parent_dir, dirname, -1,
3969 NOTIFY_ACTION_REMOVED);
3970 TALLOC_FREE(parent_dir); /* Not strictly necessary */
3977 /****************************************************************************
3979 ****************************************************************************/
3981 int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3986 BOOL bad_path = False;
3987 SMB_STRUCT_STAT sbuf;
3989 START_PROFILE(SMBrmdir);
3991 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3992 if (!NT_STATUS_IS_OK(status)) {
3993 END_PROFILE(SMBrmdir);
3994 return ERROR_NT(status);
3997 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf)
3999 unix_convert(directory,conn, NULL,&bad_path,&sbuf);
4001 END_PROFILE(SMBrmdir);
4002 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
4005 if (check_name(directory,conn)) {
4006 dptr_closepath(directory,SVAL(inbuf,smb_pid));
4007 ok = rmdir_internals(conn, directory);
4011 END_PROFILE(SMBrmdir);
4012 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRbadpath);
4015 outsize = set_message(outbuf,0,0,False);
4017 DEBUG( 3, ( "rmdir %s\n", directory ) );
4019 END_PROFILE(SMBrmdir);
4023 /*******************************************************************
4024 Resolve wildcards in a filename rename.
4025 Note that name is in UNIX charset and thus potentially can be more
4026 than fstring buffer (255 bytes) especially in default UTF-8 case.
4027 Therefore, we use pstring inside and all calls should ensure that
4028 name2 is at least pstring-long (they do already)
4029 ********************************************************************/
4031 static BOOL resolve_wildcards(const char *name1, char *name2)
4033 pstring root1,root2;
4035 char *p,*p2, *pname1, *pname2;
4036 int available_space, actual_space;
4039 pname1 = strrchr_m(name1,'/');
4040 pname2 = strrchr_m(name2,'/');
4042 if (!pname1 || !pname2)
4045 pstrcpy(root1,pname1);
4046 pstrcpy(root2,pname2);
4047 p = strrchr_m(root1,'.');
4054 p = strrchr_m(root2,'.');
4068 } else if (*p2 == '*') {
4084 } else if (*p2 == '*') {
4094 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4097 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4098 if (actual_space >= available_space - 1) {
4099 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4100 actual_space - available_space));
4103 pstrcpy_base(pname2, root2, name2);
4109 /****************************************************************************
4110 Ensure open files have their names updated. Updated to notify other smbd's
4112 ****************************************************************************/
4114 static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck,
4115 SMB_DEV_T dev, SMB_INO_T inode, const char *newname)
4118 BOOL did_rename = False;
4120 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
4121 /* fsp_name is a relative path under the fsp. To change this for other
4122 sharepaths we need to manipulate relative paths. */
4123 /* TODO - create the absolute path and manipulate the newname
4124 relative to the sharepath. */
4125 if (fsp->conn != conn) {
4128 DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n",
4129 fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode,
4130 fsp->fsp_name, newname ));
4131 string_set(&fsp->fsp_name, newname);
4136 DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n",
4137 (unsigned int)dev, (double)inode, newname ));
4140 /* Send messages to all smbd's (not ourself) that the name has changed. */
4141 rename_share_filename(lck, conn->connectpath, newname);
4144 /****************************************************************************
4145 We need to check if the source path is a parent directory of the destination
4146 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4147 refuse the rename with a sharing violation. Under UNIX the above call can
4148 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4149 probably need to check that the client is a Windows one before disallowing
4150 this as a UNIX client (one with UNIX extensions) can know the source is a
4151 symlink and make this decision intelligently. Found by an excellent bug
4152 report from <AndyLiebman@aol.com>.
4153 ****************************************************************************/
4155 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4157 const char *psrc = src;
4158 const char *pdst = dest;
4161 if (psrc[0] == '.' && psrc[1] == '/') {
4164 if (pdst[0] == '.' && pdst[1] == '/') {
4167 if ((slen = strlen(psrc)) > strlen(pdst)) {
4170 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4173 /****************************************************************************
4174 Rename an open file - given an fsp.
4175 ****************************************************************************/
4177 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists)
4179 SMB_STRUCT_STAT sbuf;
4180 BOOL bad_path = False;
4181 pstring newname_last_component;
4182 NTSTATUS error = NT_STATUS_OK;
4185 struct share_mode_lock *lck = NULL;
4188 rcdest = unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf);
4190 /* Quick check for "." and ".." */
4191 if (!bad_path && newname_last_component[0] == '.') {
4192 if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) {
4193 return NT_STATUS_ACCESS_DENIED;
4196 if (!rcdest && bad_path) {
4197 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4200 /* Ensure newname contains a '/' */
4201 if(strrchr_m(newname,'/') == 0) {
4204 pstrcpy(tmpstr, "./");
4205 pstrcat(tmpstr, newname);
4206 pstrcpy(newname, tmpstr);
4210 * Check for special case with case preserving and not
4211 * case sensitive. If the old last component differs from the original
4212 * last component only by case, then we should allow
4213 * the rename (user is trying to change the case of the
4217 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4218 strequal(newname, fsp->fsp_name)) {
4220 pstring newname_modified_last_component;
4223 * Get the last component of the modified name.
4224 * Note that we guarantee that newname contains a '/'
4227 p = strrchr_m(newname,'/');
4228 pstrcpy(newname_modified_last_component,p+1);
4230 if(strcsequal(newname_modified_last_component,
4231 newname_last_component) == False) {
4233 * Replace the modified last component with
4236 pstrcpy(p+1, newname_last_component);
4241 * If the src and dest names are identical - including case,
4242 * don't do the rename, just return success.
4245 if (strcsequal(fsp->fsp_name, newname)) {
4246 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4248 return NT_STATUS_OK;
4251 dest_exists = vfs_object_exist(conn,newname,NULL);
4253 if(!replace_if_exists && dest_exists) {
4254 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4255 fsp->fsp_name,newname));
4256 return NT_STATUS_OBJECT_NAME_COLLISION;
4259 error = can_rename(conn,newname,attrs,&sbuf);
4261 if (dest_exists && !NT_STATUS_IS_OK(error)) {
4262 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4263 nt_errstr(error), fsp->fsp_name,newname));
4264 if (NT_STATUS_EQUAL(error,NT_STATUS_SHARING_VIOLATION))
4265 error = NT_STATUS_ACCESS_DENIED;
4269 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4270 return NT_STATUS_ACCESS_DENIED;
4273 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL);
4275 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4276 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4277 fsp->fsp_name,newname));
4278 rename_open_files(conn, lck, fsp->dev, fsp->inode, newname);
4280 return NT_STATUS_OK;
4285 if (errno == ENOTDIR || errno == EISDIR) {
4286 error = NT_STATUS_OBJECT_NAME_COLLISION;
4288 error = map_nt_error_from_unix(errno);
4291 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4292 nt_errstr(error), fsp->fsp_name,newname));
4297 /****************************************************************************
4298 The guts of the rename command, split out so it may be called by the NT SMB
4300 ****************************************************************************/
4302 NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild)
4306 pstring last_component_src;
4307 pstring last_component_dest;
4309 BOOL bad_path_src = False;
4310 BOOL bad_path_dest = False;
4312 NTSTATUS error = NT_STATUS_OK;
4315 SMB_STRUCT_STAT sbuf1, sbuf2;
4316 struct share_mode_lock *lck = NULL;
4318 *directory = *mask = 0;
4323 rc = unix_convert(name,conn,last_component_src,&bad_path_src,&sbuf1);
4324 if (!rc && bad_path_src) {
4325 if (ms_has_wild(last_component_src))
4326 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4327 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4330 /* Quick check for "." and ".." */
4331 if (last_component_src[0] == '.') {
4332 if (!last_component_src[1] || (last_component_src[1] == '.' && !last_component_src[2])) {
4333 return NT_STATUS_OBJECT_NAME_INVALID;
4337 rcdest = unix_convert(newname,conn,last_component_dest,&bad_path_dest,&sbuf2);
4339 /* Quick check for "." and ".." */
4340 if (last_component_dest[0] == '.') {
4341 if (!last_component_dest[1] || (last_component_dest[1] == '.' && !last_component_dest[2])) {
4342 return NT_STATUS_OBJECT_NAME_INVALID;
4347 * Split the old name into directory and last component
4348 * strings. Note that unix_convert may have stripped off a
4349 * leading ./ from both name and newname if the rename is
4350 * at the root of the share. We need to make sure either both
4351 * name and newname contain a / character or neither of them do
4352 * as this is checked in resolve_wildcards().
4355 p = strrchr_m(name,'/');
4357 pstrcpy(directory,".");
4361 pstrcpy(directory,name);
4363 *p = '/'; /* Replace needed for exceptional test below. */
4367 * We should only check the mangled cache
4368 * here if unix_convert failed. This means
4369 * that the path in 'mask' doesn't exist
4370 * on the file system and so we need to look
4371 * for a possible mangle. This patch from
4372 * Tine Smukavec <valentin.smukavec@hermes.si>.
4375 if (!rc && mangle_is_mangled(mask, conn->params))
4376 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4380 * No wildcards - just process the one file.
4382 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4384 /* Add a terminating '/' to the directory name. */
4385 pstrcat(directory,"/");
4386 pstrcat(directory,mask);
4388 /* Ensure newname contains a '/' also */
4389 if(strrchr_m(newname,'/') == 0) {
4392 pstrcpy(tmpstr, "./");
4393 pstrcat(tmpstr, newname);
4394 pstrcpy(newname, tmpstr);
4397 DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \
4398 directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n",
4399 conn->case_sensitive, conn->case_preserve, conn->short_case_preserve, directory,
4400 newname, last_component_dest, is_short_name));
4403 * Check for special case with case preserving and not
4404 * case sensitive, if directory and newname are identical,
4405 * and the old last component differs from the original
4406 * last component only by case, then we should allow
4407 * the rename (user is trying to change the case of the
4410 if((conn->case_sensitive == False) &&
4411 (((conn->case_preserve == True) &&
4412 (is_short_name == False)) ||
4413 ((conn->short_case_preserve == True) &&
4414 (is_short_name == True))) &&
4415 strcsequal(directory, newname)) {
4416 pstring modified_last_component;
4419 * Get the last component of the modified name.
4420 * Note that we guarantee that newname contains a '/'
4423 p = strrchr_m(newname,'/');
4424 pstrcpy(modified_last_component,p+1);
4426 if(strcsequal(modified_last_component,
4427 last_component_dest) == False) {
4429 * Replace the modified last component with
4432 pstrcpy(p+1, last_component_dest);
4436 resolve_wildcards(directory,newname);
4439 * The source object must exist.
4442 if (!vfs_object_exist(conn, directory, &sbuf1)) {
4443 DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n",
4444 directory,newname));
4446 if (errno == ENOTDIR || errno == EISDIR || errno == ENOENT) {
4448 * Must return different errors depending on whether the parent
4449 * directory existed or not.
4452 p = strrchr_m(directory, '/');
4454 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4456 if (vfs_object_exist(conn, directory, NULL))
4457 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4458 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4460 error = map_nt_error_from_unix(errno);
4461 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4462 nt_errstr(error), directory,newname));
4467 if (!rcdest && bad_path_dest) {
4468 if (ms_has_wild(last_component_dest))
4469 return NT_STATUS_OBJECT_NAME_INVALID;
4470 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4473 error = can_rename(conn,directory,attrs,&sbuf1);
4475 if (!NT_STATUS_IS_OK(error)) {
4476 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4477 nt_errstr(error), directory,newname));
4482 * If the src and dest names are identical - including case,
4483 * don't do the rename, just return success.
4486 if (strcsequal(directory, newname)) {
4487 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4488 DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory));
4489 return NT_STATUS_OK;
4492 if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) {
4493 DEBUG(3,("rename_internals: dest exists doing rename %s -> %s\n",
4494 directory,newname));
4495 return NT_STATUS_OBJECT_NAME_COLLISION;
4498 if (rename_path_prefix_equal(directory, newname)) {
4499 return NT_STATUS_SHARING_VIOLATION;
4502 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4504 if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
4505 DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n",
4506 directory,newname));
4507 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4509 return NT_STATUS_OK;
4513 if (errno == ENOTDIR || errno == EISDIR)
4514 error = NT_STATUS_OBJECT_NAME_COLLISION;
4516 error = map_nt_error_from_unix(errno);
4518 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4519 nt_errstr(error), directory,newname));
4524 * Wildcards - process each file that matches.
4526 struct smb_Dir *dir_hnd = NULL;
4530 if (strequal(mask,"????????.???"))
4533 if (check_name(directory,conn))
4534 dir_hnd = OpenDir(conn, directory, mask, attrs);
4538 error = NT_STATUS_NO_SUCH_FILE;
4539 /* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */
4541 while ((dname = ReadDirName(dir_hnd, &offset))) {
4543 BOOL sysdir_entry = False;
4545 pstrcpy(fname,dname);
4547 /* Quick check for "." and ".." */
4548 if (fname[0] == '.') {
4549 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4551 sysdir_entry = True;
4558 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4561 if(!mask_match(fname, mask, conn->case_sensitive))
4565 error = NT_STATUS_OBJECT_NAME_INVALID;
4569 error = NT_STATUS_ACCESS_DENIED;
4570 slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname);
4571 if (!vfs_object_exist(conn, fname, &sbuf1)) {
4572 error = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4573 DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error)));
4576 error = can_rename(conn,fname,attrs,&sbuf1);
4577 if (!NT_STATUS_IS_OK(error)) {
4578 DEBUG(6,("rename %s refused\n", fname));
4581 pstrcpy(destname,newname);
4583 if (!resolve_wildcards(fname,destname)) {
4584 DEBUG(6,("resolve_wildcards %s %s failed\n",
4589 if (strcsequal(fname,destname)) {
4590 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4591 DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname));
4593 error = NT_STATUS_OK;
4597 if (!replace_if_exists &&
4598 vfs_file_exist(conn,destname, NULL)) {
4599 DEBUG(6,("file_exist %s\n", destname));
4600 error = NT_STATUS_OBJECT_NAME_COLLISION;
4604 if (rename_path_prefix_equal(fname, destname)) {
4605 return NT_STATUS_SHARING_VIOLATION;
4608 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4610 if (!SMB_VFS_RENAME(conn,fname,destname)) {
4611 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4613 error = NT_STATUS_OK;
4616 DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname));
4621 if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) {
4622 if (!rcdest && bad_path_dest) {
4623 if (ms_has_wild(last_component_dest))
4624 return NT_STATUS_OBJECT_NAME_INVALID;
4625 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4630 if (count == 0 && NT_STATUS_IS_OK(error)) {
4631 error = map_nt_error_from_unix(errno);
4637 /****************************************************************************
4639 ****************************************************************************/
4641 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
4648 uint32 attrs = SVAL(inbuf,smb_vwv0);
4650 BOOL path1_contains_wcard = False;
4651 BOOL path2_contains_wcard = False;
4653 START_PROFILE(SMBmv);
4655 p = smb_buf(inbuf) + 1;
4656 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path1_contains_wcard);
4657 if (!NT_STATUS_IS_OK(status)) {
4659 return ERROR_NT(status);
4662 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path2_contains_wcard);
4663 if (!NT_STATUS_IS_OK(status)) {
4665 return ERROR_NT(status);
4668 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4669 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4671 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
4673 status = rename_internals(conn, name, newname, attrs, False, path1_contains_wcard);
4674 if (!NT_STATUS_IS_OK(status)) {
4676 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
4677 /* We have re-scheduled this call. */
4680 return ERROR_NT(status);
4684 * Win2k needs a changenotify request response before it will
4685 * update after a rename..
4687 process_pending_change_notify_queue((time_t)0);
4688 outsize = set_message(outbuf,0,0,False);
4694 /*******************************************************************
4695 Copy a file as part of a reply_copy.
4696 ******************************************************************/
4699 * TODO: check error codes on all callers
4702 NTSTATUS copy_file(char *src, char *dest1,connection_struct *conn, int ofun,
4703 int count, BOOL target_is_directory)
4705 SMB_STRUCT_STAT src_sbuf, sbuf2;
4707 files_struct *fsp1,*fsp2;
4710 uint32 new_create_disposition;
4714 pstrcpy(dest,dest1);
4715 if (target_is_directory) {
4716 char *p = strrchr_m(src,'/');
4726 if (!vfs_file_exist(conn,src,&src_sbuf)) {
4727 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4730 if (!target_is_directory && count) {
4731 new_create_disposition = FILE_OPEN;
4733 if (!map_open_params_to_ntcreate(dest1,0,ofun,
4734 NULL, NULL, &new_create_disposition, NULL)) {
4735 return NT_STATUS_INVALID_PARAMETER;
4739 status = open_file_ntcreate(conn,src,&src_sbuf,
4741 FILE_SHARE_READ|FILE_SHARE_WRITE,
4744 FILE_ATTRIBUTE_NORMAL,
4748 if (!NT_STATUS_IS_OK(status)) {
4752 dosattrs = dos_mode(conn, src, &src_sbuf);
4753 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
4754 ZERO_STRUCTP(&sbuf2);
4757 status = open_file_ntcreate(conn,dest,&sbuf2,
4759 FILE_SHARE_READ|FILE_SHARE_WRITE,
4760 new_create_disposition,
4766 if (!NT_STATUS_IS_OK(status)) {
4767 close_file(fsp1,ERROR_CLOSE);
4771 if ((ofun&3) == 1) {
4772 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
4773 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
4775 * Stop the copy from occurring.
4778 src_sbuf.st_size = 0;
4782 if (src_sbuf.st_size) {
4783 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
4786 close_file(fsp1,NORMAL_CLOSE);
4788 /* Ensure the modtime is set correctly on the destination file. */
4789 fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime);
4792 * As we are opening fsp1 read-only we only expect
4793 * an error on close on fsp2 if we are out of space.
4794 * Thus we don't look at the error return from the
4797 close_err = close_file(fsp2,NORMAL_CLOSE);
4799 if (close_err != 0) {
4800 return map_nt_error_from_unix(close_err);
4803 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
4804 return NT_STATUS_DISK_FULL;
4807 return NT_STATUS_OK;
4810 /****************************************************************************
4811 Reply to a file copy.
4812 ****************************************************************************/
4814 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4819 pstring mask,newname;
4822 int error = ERRnoaccess;
4826 int tid2 = SVAL(inbuf,smb_vwv0);
4827 int ofun = SVAL(inbuf,smb_vwv1);
4828 int flags = SVAL(inbuf,smb_vwv2);
4829 BOOL target_is_directory=False;
4830 BOOL bad_path1 = False;
4831 BOOL bad_path2 = False;
4832 BOOL path_contains_wcard1 = False;
4833 BOOL path_contains_wcard2 = False;
4835 SMB_STRUCT_STAT sbuf1, sbuf2;
4837 START_PROFILE(SMBcopy);
4839 *directory = *mask = 0;
4842 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard1);
4843 if (!NT_STATUS_IS_OK(status)) {
4844 END_PROFILE(SMBcopy);
4845 return ERROR_NT(status);
4847 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path_contains_wcard2);
4848 if (!NT_STATUS_IS_OK(status)) {
4849 END_PROFILE(SMBcopy);
4850 return ERROR_NT(status);
4853 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
4855 if (tid2 != conn->cnum) {
4856 /* can't currently handle inter share copies XXXX */
4857 DEBUG(3,("Rejecting inter-share copy\n"));
4858 END_PROFILE(SMBcopy);
4859 return ERROR_DOS(ERRSRV,ERRinvdevice);
4862 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4863 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4865 rc = unix_convert(name,conn,0,&bad_path1,&sbuf1);
4866 unix_convert(newname,conn,0,&bad_path2,&sbuf2);
4868 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
4870 if ((flags&1) && target_is_directory) {
4871 END_PROFILE(SMBcopy);
4872 return ERROR_DOS(ERRDOS,ERRbadfile);
4875 if ((flags&2) && !target_is_directory) {
4876 END_PROFILE(SMBcopy);
4877 return ERROR_DOS(ERRDOS,ERRbadpath);
4880 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
4881 /* wants a tree copy! XXXX */
4882 DEBUG(3,("Rejecting tree copy\n"));
4883 END_PROFILE(SMBcopy);
4884 return ERROR_DOS(ERRSRV,ERRerror);
4887 p = strrchr_m(name,'/');
4889 pstrcpy(directory,"./");
4893 pstrcpy(directory,name);
4898 * We should only check the mangled cache
4899 * here if unix_convert failed. This means
4900 * that the path in 'mask' doesn't exist
4901 * on the file system and so we need to look
4902 * for a possible mangle. This patch from
4903 * Tine Smukavec <valentin.smukavec@hermes.si>.
4906 if (!rc && mangle_is_mangled(mask, conn->params))
4907 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4909 has_wild = path_contains_wcard1;
4912 pstrcat(directory,"/");
4913 pstrcat(directory,mask);
4914 if (resolve_wildcards(directory,newname)
4915 && NT_STATUS_IS_OK(status = copy_file(
4916 directory,newname,conn,ofun,
4917 count,target_is_directory)))
4919 if(!count && !NT_STATUS_IS_OK(status)) {
4920 END_PROFILE(SMBcopy);
4921 return ERROR_NT(status);
4924 exists = vfs_file_exist(conn,directory,NULL);
4927 struct smb_Dir *dir_hnd = NULL;
4931 if (strequal(mask,"????????.???"))
4934 if (check_name(directory,conn))
4935 dir_hnd = OpenDir(conn, directory, mask, 0);
4941 while ((dname = ReadDirName(dir_hnd, &offset))) {
4943 pstrcpy(fname,dname);
4945 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4948 if(!mask_match(fname, mask, conn->case_sensitive))
4951 error = ERRnoaccess;
4952 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
4953 pstrcpy(destname,newname);
4954 if (resolve_wildcards(fname,destname)
4955 && NT_STATUS_IS_OK(status = copy_file(
4956 fname,destname,conn,ofun,
4957 count,target_is_directory)))
4959 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname));
4967 /* Error on close... */
4969 END_PROFILE(SMBcopy);
4970 return(UNIXERROR(ERRHRD,ERRgeneral));
4974 END_PROFILE(SMBcopy);
4975 return ERROR_DOS(ERRDOS,error);
4977 if((errno == ENOENT) && (bad_path1 || bad_path2) &&
4979 /* Samba 3.0.22 has ERRDOS/ERRbadpath in the
4980 * DOS error code case
4982 return ERROR_DOS(ERRDOS, ERRbadpath);
4984 END_PROFILE(SMBcopy);
4985 return(UNIXERROR(ERRDOS,error));
4989 outsize = set_message(outbuf,1,0,True);
4990 SSVAL(outbuf,smb_vwv0,count);
4992 END_PROFILE(SMBcopy);
4996 /****************************************************************************
4998 ****************************************************************************/
5000 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5008 START_PROFILE(pathworks_setdir);
5011 if (!CAN_SETDIR(snum)) {
5012 END_PROFILE(pathworks_setdir);
5013 return ERROR_DOS(ERRDOS,ERRnoaccess);
5016 srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status);
5017 if (!NT_STATUS_IS_OK(status)) {
5018 END_PROFILE(pathworks_setdir);
5019 return ERROR_NT(status);
5022 RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf);
5024 if (strlen(newdir) == 0) {
5027 ok = vfs_directory_exist(conn,newdir,NULL);
5029 set_conn_connectpath(conn,newdir);
5033 END_PROFILE(pathworks_setdir);
5034 return ERROR_DOS(ERRDOS,ERRbadpath);
5037 outsize = set_message(outbuf,0,0,False);
5038 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5040 DEBUG(3,("setdir %s\n", newdir));
5042 END_PROFILE(pathworks_setdir);
5047 #define DBGC_CLASS DBGC_LOCKING
5049 /****************************************************************************
5050 Get a lock pid, dealing with large count requests.
5051 ****************************************************************************/
5053 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5055 if(!large_file_format)
5056 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5058 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5061 /****************************************************************************
5062 Get a lock count, dealing with large count requests.
5063 ****************************************************************************/
5065 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5067 SMB_BIG_UINT count = 0;
5069 if(!large_file_format) {
5070 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5073 #if defined(HAVE_LONGLONG)
5074 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5075 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5076 #else /* HAVE_LONGLONG */
5079 * NT4.x seems to be broken in that it sends large file (64 bit)
5080 * lockingX calls even if the CAP_LARGE_FILES was *not*
5081 * negotiated. For boxes without large unsigned ints truncate the
5082 * lock count by dropping the top 32 bits.
5085 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5086 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5087 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5088 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5089 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5092 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5093 #endif /* HAVE_LONGLONG */
5099 #if !defined(HAVE_LONGLONG)
5100 /****************************************************************************
5101 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5102 ****************************************************************************/
5104 static uint32 map_lock_offset(uint32 high, uint32 low)
5108 uint32 highcopy = high;
5111 * Try and find out how many significant bits there are in high.
5114 for(i = 0; highcopy; i++)
5118 * We use 31 bits not 32 here as POSIX
5119 * lock offsets may not be negative.
5122 mask = (~0) << (31 - i);
5125 return 0; /* Fail. */
5131 #endif /* !defined(HAVE_LONGLONG) */
5133 /****************************************************************************
5134 Get a lock offset, dealing with large offset requests.
5135 ****************************************************************************/
5137 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5139 SMB_BIG_UINT offset = 0;
5143 if(!large_file_format) {
5144 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5147 #if defined(HAVE_LONGLONG)
5148 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5149 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5150 #else /* HAVE_LONGLONG */
5153 * NT4.x seems to be broken in that it sends large file (64 bit)
5154 * lockingX calls even if the CAP_LARGE_FILES was *not*
5155 * negotiated. For boxes without large unsigned ints mangle the
5156 * lock offset by mapping the top 32 bits onto the lower 32.
5159 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5160 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5161 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5164 if((new_low = map_lock_offset(high, low)) == 0) {
5166 return (SMB_BIG_UINT)-1;
5169 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5170 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5171 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5172 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5175 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5176 #endif /* HAVE_LONGLONG */
5182 /****************************************************************************
5183 Reply to a lockingX request.
5184 ****************************************************************************/
5186 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
5187 int length, int bufsize)
5189 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
5190 unsigned char locktype = CVAL(inbuf,smb_vwv3);
5191 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
5192 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
5193 uint16 num_locks = SVAL(inbuf,smb_vwv7);
5194 SMB_BIG_UINT count = 0, offset = 0;
5196 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
5199 BOOL large_file_format =
5200 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5202 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5204 START_PROFILE(SMBlockingX);
5206 CHECK_FSP(fsp,conn);
5208 data = smb_buf(inbuf);
5210 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5211 /* we don't support these - and CANCEL_LOCK makes w2k
5212 and XP reboot so I don't really want to be
5213 compatible! (tridge) */
5214 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5217 /* Check if this is an oplock break on a file
5218 we have granted an oplock on.
5220 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5221 /* Client can insist on breaking to none. */
5222 BOOL break_to_none = (oplocklevel == 0);
5225 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5226 "for fnum = %d\n", (unsigned int)oplocklevel,
5230 * Make sure we have granted an exclusive or batch oplock on
5234 if (fsp->oplock_type == 0) {
5236 /* The Samba4 nbench simulator doesn't understand
5237 the difference between break to level2 and break
5238 to none from level2 - it sends oplock break
5239 replies in both cases. Don't keep logging an error
5240 message here - just ignore it. JRA. */
5242 DEBUG(5,("reply_lockingX: Error : oplock break from "
5243 "client for fnum = %d (oplock=%d) and no "
5244 "oplock granted on this file (%s).\n",
5245 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5247 /* if this is a pure oplock break request then don't
5249 if (num_locks == 0 && num_ulocks == 0) {
5250 END_PROFILE(SMBlockingX);
5253 END_PROFILE(SMBlockingX);
5254 return ERROR_DOS(ERRDOS,ERRlock);
5258 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5260 result = remove_oplock(fsp);
5262 result = downgrade_oplock(fsp);
5266 DEBUG(0, ("reply_lockingX: error in removing "
5267 "oplock on file %s\n", fsp->fsp_name));
5268 /* Hmmm. Is this panic justified? */
5269 smb_panic("internal tdb error");
5272 reply_to_oplock_break_requests(fsp);
5274 /* if this is a pure oplock break request then don't send a
5276 if (num_locks == 0 && num_ulocks == 0) {
5277 /* Sanity check - ensure a pure oplock break is not a
5279 if(CVAL(inbuf,smb_vwv0) != 0xff)
5280 DEBUG(0,("reply_lockingX: Error : pure oplock "
5281 "break is a chained %d request !\n",
5282 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5283 END_PROFILE(SMBlockingX);
5289 * We do this check *after* we have checked this is not a oplock break
5290 * response message. JRA.
5293 release_level_2_oplocks_on_change(fsp);
5295 /* Data now points at the beginning of the list
5296 of smb_unlkrng structs */
5297 for(i = 0; i < (int)num_ulocks; i++) {
5298 lock_pid = get_lock_pid( data, i, large_file_format);
5299 count = get_lock_count( data, i, large_file_format);
5300 offset = get_lock_offset( data, i, large_file_format, &err);
5303 * There is no error code marked "stupid client bug".... :-).
5306 END_PROFILE(SMBlockingX);
5307 return ERROR_DOS(ERRDOS,ERRnoaccess);
5310 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5311 "pid %u, file %s\n", (double)offset, (double)count,
5312 (unsigned int)lock_pid, fsp->fsp_name ));
5314 status = do_unlock(fsp,
5320 if (NT_STATUS_V(status)) {
5321 END_PROFILE(SMBlockingX);
5322 return ERROR_NT(status);
5326 /* Setup the timeout in seconds. */
5328 if (!lp_blocking_locks(SNUM(conn))) {
5332 /* Now do any requested locks */
5333 data += ((large_file_format ? 20 : 10)*num_ulocks);
5335 /* Data now points at the beginning of the list
5336 of smb_lkrng structs */
5338 for(i = 0; i < (int)num_locks; i++) {
5339 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5340 READ_LOCK:WRITE_LOCK);
5341 lock_pid = get_lock_pid( data, i, large_file_format);
5342 count = get_lock_count( data, i, large_file_format);
5343 offset = get_lock_offset( data, i, large_file_format, &err);
5346 * There is no error code marked "stupid client bug".... :-).
5349 END_PROFILE(SMBlockingX);
5350 return ERROR_DOS(ERRDOS,ERRnoaccess);
5353 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5354 "%u, file %s timeout = %d\n", (double)offset,
5355 (double)count, (unsigned int)lock_pid,
5356 fsp->fsp_name, (int)lock_timeout ));
5358 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5359 if (lp_blocking_locks(SNUM(conn))) {
5361 /* Schedule a message to ourselves to
5362 remove the blocking lock record and
5363 return the right error. */
5365 if (!blocking_lock_cancel(fsp,
5371 NT_STATUS_FILE_LOCK_CONFLICT)) {
5372 END_PROFILE(SMBlockingX);
5373 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation));
5376 /* Remove a matching pending lock. */
5377 status = do_lock_cancel(fsp,
5383 BOOL blocking_lock = lock_timeout ? True : False;
5384 BOOL defer_lock = False;
5385 struct byte_range_lock *br_lck;
5387 br_lck = do_lock(fsp,
5396 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
5397 /* Windows internal resolution for blocking locks seems
5398 to be about 200ms... Don't wait for less than that. JRA. */
5399 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
5400 lock_timeout = lp_lock_spin_time();
5405 /* This heuristic seems to match W2K3 very well. If a
5406 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
5407 it pretends we asked for a timeout of between 150 - 300 milliseconds as
5408 far as I can tell. Replacement for do_lock_spin(). JRA. */
5410 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
5411 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
5413 lock_timeout = lp_lock_spin_time();
5416 if (br_lck && defer_lock) {
5418 * A blocking lock was requested. Package up
5419 * this smb into a queued request and push it
5420 * onto the blocking lock queue.
5422 if(push_blocking_lock_request(br_lck,
5432 TALLOC_FREE(br_lck);
5433 END_PROFILE(SMBlockingX);
5438 TALLOC_FREE(br_lck);
5441 if (NT_STATUS_V(status)) {
5442 END_PROFILE(SMBlockingX);
5443 return ERROR_NT(status);
5447 /* If any of the above locks failed, then we must unlock
5448 all of the previous locks (X/Open spec). */
5450 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
5454 * Ensure we don't do a remove on the lock that just failed,
5455 * as under POSIX rules, if we have a lock already there, we
5456 * will delete it (and we shouldn't) .....
5458 for(i--; i >= 0; i--) {
5459 lock_pid = get_lock_pid( data, i, large_file_format);
5460 count = get_lock_count( data, i, large_file_format);
5461 offset = get_lock_offset( data, i, large_file_format,
5465 * There is no error code marked "stupid client
5469 END_PROFILE(SMBlockingX);
5470 return ERROR_DOS(ERRDOS,ERRnoaccess);
5479 END_PROFILE(SMBlockingX);
5480 return ERROR_NT(status);
5483 set_message(outbuf,2,0,True);
5485 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5486 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5488 END_PROFILE(SMBlockingX);
5489 return chain_reply(inbuf,outbuf,length,bufsize);
5493 #define DBGC_CLASS DBGC_ALL
5495 /****************************************************************************
5496 Reply to a SMBreadbmpx (read block multiplex) request.
5497 ****************************************************************************/
5499 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
5510 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5511 START_PROFILE(SMBreadBmpx);
5513 /* this function doesn't seem to work - disable by default */
5514 if (!lp_readbmpx()) {
5515 END_PROFILE(SMBreadBmpx);
5516 return ERROR_DOS(ERRSRV,ERRuseSTD);
5519 outsize = set_message(outbuf,8,0,True);
5521 CHECK_FSP(fsp,conn);
5522 if (!CHECK_READ(fsp,inbuf)) {
5523 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5526 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
5527 maxcount = SVAL(inbuf,smb_vwv3);
5529 data = smb_buf(outbuf);
5530 pad = ((long)data)%4;
5535 max_per_packet = bufsize-(outsize+pad);
5539 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
5540 END_PROFILE(SMBreadBmpx);
5541 return ERROR_DOS(ERRDOS,ERRlock);
5545 size_t N = MIN(max_per_packet,tcount-total_read);
5547 nread = read_file(fsp,data,startpos,N);
5552 if (nread < (ssize_t)N)
5553 tcount = total_read + nread;
5555 set_message(outbuf,8,nread+pad,False);
5556 SIVAL(outbuf,smb_vwv0,startpos);
5557 SSVAL(outbuf,smb_vwv2,tcount);
5558 SSVAL(outbuf,smb_vwv6,nread);
5559 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
5562 if (!send_smb(smbd_server_fd(),outbuf))
5563 exit_server_cleanly("reply_readbmpx: send_smb failed.");
5565 total_read += nread;
5567 } while (total_read < (ssize_t)tcount);
5569 END_PROFILE(SMBreadBmpx);
5573 /****************************************************************************
5574 Reply to a SMBsetattrE.
5575 ****************************************************************************/
5577 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5579 struct utimbuf unix_times;
5581 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5582 START_PROFILE(SMBsetattrE);
5584 outsize = set_message(outbuf,0,0,False);
5586 if(!fsp || (fsp->conn != conn)) {
5587 END_PROFILE(SMBsetattrE);
5588 return ERROR_DOS(ERRDOS,ERRbadfid);
5592 * Convert the DOS times into unix times. Ignore create
5593 * time as UNIX can't set this.
5596 unix_times.actime = srv_make_unix_date2(inbuf+smb_vwv3);
5597 unix_times.modtime = srv_make_unix_date2(inbuf+smb_vwv5);
5600 * Patch from Ray Frush <frush@engr.colostate.edu>
5601 * Sometimes times are sent as zero - ignore them.
5604 if (null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5605 /* Ignore request */
5606 if( DEBUGLVL( 3 ) ) {
5607 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
5608 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
5610 END_PROFILE(SMBsetattrE);
5612 } else if (!null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5613 /* set modify time = to access time if modify time was unset */
5614 unix_times.modtime = unix_times.actime;
5617 /* Set the date on this file */
5618 /* Should we set pending modtime here ? JRA */
5619 if(file_utime(conn, fsp->fsp_name, &unix_times)) {
5620 END_PROFILE(SMBsetattrE);
5621 return ERROR_DOS(ERRDOS,ERRnoaccess);
5624 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n",
5625 fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) );
5627 END_PROFILE(SMBsetattrE);
5632 /* Back from the dead for OS/2..... JRA. */
5634 /****************************************************************************
5635 Reply to a SMBwritebmpx (write block multiplex primary) request.
5636 ****************************************************************************/
5638 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5641 ssize_t nwritten = -1;
5648 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5649 START_PROFILE(SMBwriteBmpx);
5651 CHECK_FSP(fsp,conn);
5652 if (!CHECK_WRITE(fsp)) {
5653 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5655 if (HAS_CACHED_ERROR(fsp)) {
5656 return(CACHED_ERROR(fsp));
5659 tcount = SVAL(inbuf,smb_vwv1);
5660 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
5661 write_through = BITSETW(inbuf+smb_vwv7,0);
5662 numtowrite = SVAL(inbuf,smb_vwv10);
5663 smb_doff = SVAL(inbuf,smb_vwv11);
5665 data = smb_base(inbuf) + smb_doff;
5667 /* If this fails we need to send an SMBwriteC response,
5668 not an SMBwritebmpx - set this up now so we don't forget */
5669 SCVAL(outbuf,smb_com,SMBwritec);
5671 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
5672 END_PROFILE(SMBwriteBmpx);
5673 return(ERROR_DOS(ERRDOS,ERRlock));
5676 nwritten = write_file(fsp,data,startpos,numtowrite);
5678 sync_file(conn, fsp, write_through);
5680 if(nwritten < (ssize_t)numtowrite) {
5681 END_PROFILE(SMBwriteBmpx);
5682 return(UNIXERROR(ERRHRD,ERRdiskfull));
5685 /* If the maximum to be written to this file
5686 is greater than what we just wrote then set
5687 up a secondary struct to be attached to this
5688 fd, we will use this to cache error messages etc. */
5690 if((ssize_t)tcount > nwritten) {
5691 write_bmpx_struct *wbms;
5692 if(fsp->wbmpx_ptr != NULL)
5693 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
5695 wbms = SMB_MALLOC_P(write_bmpx_struct);
5697 DEBUG(0,("Out of memory in reply_readmpx\n"));
5698 END_PROFILE(SMBwriteBmpx);
5699 return(ERROR_DOS(ERRSRV,ERRnoresource));
5701 wbms->wr_mode = write_through;
5702 wbms->wr_discard = False; /* No errors yet */
5703 wbms->wr_total_written = nwritten;
5704 wbms->wr_errclass = 0;
5706 fsp->wbmpx_ptr = wbms;
5709 /* We are returning successfully, set the message type back to
5711 SCVAL(outbuf,smb_com,SMBwriteBmpx);
5713 outsize = set_message(outbuf,1,0,True);
5715 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
5717 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
5718 fsp->fnum, (int)numtowrite, (int)nwritten ) );
5720 if (write_through && tcount==nwritten) {
5721 /* We need to send both a primary and a secondary response */
5722 smb_setlen(outbuf,outsize - 4);
5724 if (!send_smb(smbd_server_fd(),outbuf))
5725 exit_server_cleanly("reply_writebmpx: send_smb failed.");
5727 /* Now the secondary */
5728 outsize = set_message(outbuf,1,0,True);
5729 SCVAL(outbuf,smb_com,SMBwritec);
5730 SSVAL(outbuf,smb_vwv0,nwritten);
5733 END_PROFILE(SMBwriteBmpx);
5737 /****************************************************************************
5738 Reply to a SMBwritebs (write block multiplex secondary) request.
5739 ****************************************************************************/
5741 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5744 ssize_t nwritten = -1;
5751 write_bmpx_struct *wbms;
5752 BOOL send_response = False;
5753 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5754 START_PROFILE(SMBwriteBs);
5756 CHECK_FSP(fsp,conn);
5757 if (!CHECK_WRITE(fsp)) {
5758 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5761 tcount = SVAL(inbuf,smb_vwv1);
5762 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
5763 numtowrite = SVAL(inbuf,smb_vwv6);
5764 smb_doff = SVAL(inbuf,smb_vwv7);
5766 data = smb_base(inbuf) + smb_doff;
5768 /* We need to send an SMBwriteC response, not an SMBwritebs */
5769 SCVAL(outbuf,smb_com,SMBwritec);
5771 /* This fd should have an auxiliary struct attached,
5772 check that it does */
5773 wbms = fsp->wbmpx_ptr;
5775 END_PROFILE(SMBwriteBs);
5779 /* If write through is set we can return errors, else we must cache them */
5780 write_through = wbms->wr_mode;
5782 /* Check for an earlier error */
5783 if(wbms->wr_discard) {
5784 END_PROFILE(SMBwriteBs);
5785 return -1; /* Just discard the packet */
5788 nwritten = write_file(fsp,data,startpos,numtowrite);
5790 sync_file(conn, fsp, write_through);
5792 if (nwritten < (ssize_t)numtowrite) {
5794 /* We are returning an error - we can delete the aux struct */
5797 fsp->wbmpx_ptr = NULL;
5798 END_PROFILE(SMBwriteBs);
5799 return(ERROR_DOS(ERRHRD,ERRdiskfull));
5801 wbms->wr_errclass = ERRHRD;
5802 wbms->wr_error = ERRdiskfull;
5803 wbms->wr_status = NT_STATUS_DISK_FULL;
5804 wbms->wr_discard = True;
5805 END_PROFILE(SMBwriteBs);
5809 /* Increment the total written, if this matches tcount
5810 we can discard the auxiliary struct (hurrah !) and return a writeC */
5811 wbms->wr_total_written += nwritten;
5812 if(wbms->wr_total_written >= tcount) {
5813 if (write_through) {
5814 outsize = set_message(outbuf,1,0,True);
5815 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
5816 send_response = True;
5820 fsp->wbmpx_ptr = NULL;
5824 END_PROFILE(SMBwriteBs);
5828 END_PROFILE(SMBwriteBs);
5832 /****************************************************************************
5833 Reply to a SMBgetattrE.
5834 ****************************************************************************/
5836 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5838 SMB_STRUCT_STAT sbuf;
5841 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5842 START_PROFILE(SMBgetattrE);
5844 outsize = set_message(outbuf,11,0,True);
5846 if(!fsp || (fsp->conn != conn)) {
5847 END_PROFILE(SMBgetattrE);
5848 return ERROR_DOS(ERRDOS,ERRbadfid);
5851 /* Do an fstat on this file */
5852 if(fsp_stat(fsp, &sbuf)) {
5853 END_PROFILE(SMBgetattrE);
5854 return(UNIXERROR(ERRDOS,ERRnoaccess));
5857 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
5860 * Convert the times into dos times. Set create
5861 * date to be last modify date as UNIX doesn't save
5865 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
5866 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
5867 /* Should we check pending modtime here ? JRA */
5868 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
5871 SIVAL(outbuf,smb_vwv6,0);
5872 SIVAL(outbuf,smb_vwv8,0);
5874 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
5875 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
5876 SIVAL(outbuf,smb_vwv8,allocation_size);
5878 SSVAL(outbuf,smb_vwv10, mode);
5880 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
5882 END_PROFILE(SMBgetattrE);