2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* stream names allow more characters than file names */
80 stream_started = true;
81 start_of_name_component = false;
85 return NT_STATUS_OBJECT_NAME_INVALID;
89 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
91 * Safe to assume is not the second part of a mb char
92 * as this is handled below.
94 /* Eat multiple '/' or '\\' */
95 while (IS_PATH_SEP(*s,posix_path)) {
98 if ((d != path) && (*s != '\0')) {
99 /* We only care about non-leading or trailing '/' or '\\' */
103 start_of_name_component = True;
105 *p_last_component_contains_wcard = False;
109 if (start_of_name_component) {
110 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
111 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
114 * No mb char starts with '.' so we're safe checking the directory separator here.
117 /* If we just added a '/' - delete it */
118 if ((d > path) && (*(d-1) == '/')) {
123 /* Are we at the start ? Can't go back further if so. */
125 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
128 /* Go back one level... */
129 /* We know this is safe as '/' cannot be part of a mb sequence. */
130 /* NOTE - if this assumption is invalid we are not in good shape... */
131 /* Decrement d first as d points to the *next* char to write into. */
132 for (d--; d > path; d--) {
136 s += 2; /* Else go past the .. */
137 /* We're still at the start of a name component, just the previous one. */
140 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
152 if (*s <= 0x1f || *s == '|') {
153 return NT_STATUS_OBJECT_NAME_INVALID;
161 *p_last_component_contains_wcard = True;
170 /* Get the size of the next MB character. */
171 next_codepoint(s,&siz);
189 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
191 return NT_STATUS_INVALID_PARAMETER;
194 start_of_name_component = False;
202 /****************************************************************************
203 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
204 No wildcards allowed.
205 ****************************************************************************/
207 NTSTATUS check_path_syntax(char *path)
210 return check_path_syntax_internal(path, False, &ignore);
213 /****************************************************************************
214 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
215 Wildcards allowed - p_contains_wcard returns true if the last component contained
217 ****************************************************************************/
219 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
221 return check_path_syntax_internal(path, False, p_contains_wcard);
224 /****************************************************************************
225 Check the path for a POSIX client.
226 We're assuming here that '/' is not the second byte in any multibyte char
227 set (a safe assumption).
228 ****************************************************************************/
230 NTSTATUS check_path_syntax_posix(char *path)
233 return check_path_syntax_internal(path, True, &ignore);
236 /****************************************************************************
237 Pull a string and check the path allowing a wilcard - provide for error return.
238 ****************************************************************************/
240 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
241 const char *base_ptr,
248 bool *contains_wcard)
254 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
258 *err = NT_STATUS_INVALID_PARAMETER;
262 *contains_wcard = False;
264 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
266 * For a DFS path the function parse_dfs_path()
267 * will do the path processing, just make a copy.
273 if (lp_posix_pathnames()) {
274 *err = check_path_syntax_posix(*pp_dest);
276 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
282 /****************************************************************************
283 Pull a string and check the path - provide for error return.
284 ****************************************************************************/
286 size_t srvstr_get_path(TALLOC_CTX *ctx,
287 const char *base_ptr,
296 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
297 src_len, flags, err, &ignore);
300 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
301 char **pp_dest, const char *src, int flags,
302 NTSTATUS *err, bool *contains_wcard)
304 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
305 pp_dest, src, smbreq_bufrem(req, src),
306 flags, err, contains_wcard);
309 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
310 char **pp_dest, const char *src, int flags,
314 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
315 flags, err, &ignore);
318 /****************************************************************************
319 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
320 ****************************************************************************/
322 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
325 if (!(fsp) || !(conn)) {
326 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
329 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
330 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
336 /****************************************************************************
337 Check if we have a correct fsp pointing to a file.
338 ****************************************************************************/
340 bool check_fsp(connection_struct *conn, struct smb_request *req,
343 if (!check_fsp_open(conn, req, fsp)) {
346 if ((fsp)->is_directory) {
347 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
350 if ((fsp)->fh->fd == -1) {
351 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
354 (fsp)->num_smb_operations++;
358 /****************************************************************************
359 Check if we have a correct fsp pointing to a quota fake file. Replacement for
360 the CHECK_NTQUOTA_HANDLE_OK macro.
361 ****************************************************************************/
363 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
366 if (!check_fsp_open(conn, req, fsp)) {
370 if (fsp->is_directory) {
374 if (fsp->fake_file_handle == NULL) {
378 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
382 if (fsp->fake_file_handle->private_data == NULL) {
389 /****************************************************************************
390 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
391 ****************************************************************************/
393 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
396 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
397 && (req->vuid == (fsp)->vuid)) {
401 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
405 /****************************************************************************
406 Reply to a (netbios-level) special message.
407 ****************************************************************************/
409 void reply_special(char *inbuf)
411 int msg_type = CVAL(inbuf,0);
412 int msg_flags = CVAL(inbuf,1);
417 * We only really use 4 bytes of the outbuf, but for the smb_setlen
418 * calculation & friends (srv_send_smb uses that) we need the full smb
421 char outbuf[smb_size];
425 memset(outbuf, '\0', sizeof(outbuf));
427 smb_setlen(outbuf,0);
430 case 0x81: /* session request */
432 if (already_got_session) {
433 exit_server_cleanly("multiple session request not permitted");
436 SCVAL(outbuf,0,0x82);
438 if (name_len(inbuf+4) > 50 ||
439 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
440 DEBUG(0,("Invalid name length in session request\n"));
443 name_extract(inbuf,4,name1);
444 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
445 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
448 set_local_machine_name(name1, True);
449 set_remote_machine_name(name2, True);
451 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
452 get_local_machine_name(), get_remote_machine_name(),
455 if (name_type == 'R') {
456 /* We are being asked for a pathworks session ---
458 SCVAL(outbuf, 0,0x83);
462 /* only add the client's machine name to the list
463 of possibly valid usernames if we are operating
464 in share mode security */
465 if (lp_security() == SEC_SHARE) {
466 add_session_user(get_remote_machine_name());
469 reload_services(True);
472 already_got_session = True;
475 case 0x89: /* session keepalive request
476 (some old clients produce this?) */
477 SCVAL(outbuf,0,SMBkeepalive);
481 case 0x82: /* positive session response */
482 case 0x83: /* negative session response */
483 case 0x84: /* retarget session response */
484 DEBUG(0,("Unexpected session response\n"));
487 case SMBkeepalive: /* session keepalive */
492 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
493 msg_type, msg_flags));
495 srv_send_smb(smbd_server_fd(), outbuf, false);
499 /****************************************************************************
501 conn POINTER CAN BE NULL HERE !
502 ****************************************************************************/
504 void reply_tcon(struct smb_request *req)
506 connection_struct *conn = req->conn;
508 char *service_buf = NULL;
509 char *password = NULL;
514 DATA_BLOB password_blob;
515 TALLOC_CTX *ctx = talloc_tos();
517 START_PROFILE(SMBtcon);
519 if (req->buflen < 4) {
520 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
521 END_PROFILE(SMBtcon);
525 p = (const char *)req->buf + 1;
526 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
528 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
530 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
533 if (service_buf == NULL || password == NULL || dev == NULL) {
534 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
535 END_PROFILE(SMBtcon);
538 p = strrchr_m(service_buf,'\\');
542 service = service_buf;
545 password_blob = data_blob(password, pwlen+1);
547 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
550 data_blob_clear_free(&password_blob);
553 reply_nterror(req, nt_status);
554 END_PROFILE(SMBtcon);
558 reply_outbuf(req, 2, 0);
559 SSVAL(req->outbuf,smb_vwv0,max_recv);
560 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
561 SSVAL(req->outbuf,smb_tid,conn->cnum);
563 DEBUG(3,("tcon service=%s cnum=%d\n",
564 service, conn->cnum));
566 END_PROFILE(SMBtcon);
570 /****************************************************************************
571 Reply to a tcon and X.
572 conn POINTER CAN BE NULL HERE !
573 ****************************************************************************/
575 void reply_tcon_and_X(struct smb_request *req)
577 connection_struct *conn = req->conn;
578 const char *service = NULL;
580 TALLOC_CTX *ctx = talloc_tos();
581 /* what the cleint thinks the device is */
582 char *client_devicetype = NULL;
583 /* what the server tells the client the share represents */
584 const char *server_devicetype;
591 START_PROFILE(SMBtconX);
594 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
595 END_PROFILE(SMBtconX);
599 passlen = SVAL(req->vwv+3, 0);
600 tcon_flags = SVAL(req->vwv+2, 0);
602 /* we might have to close an old one */
603 if ((tcon_flags & 0x1) && conn) {
604 close_cnum(conn,req->vuid);
609 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
610 reply_doserror(req, ERRDOS, ERRbuftoosmall);
611 END_PROFILE(SMBtconX);
615 if (global_encrypted_passwords_negotiated) {
616 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
617 if (lp_security() == SEC_SHARE) {
619 * Security = share always has a pad byte
620 * after the password.
622 p = (const char *)req->buf + passlen + 1;
624 p = (const char *)req->buf + passlen;
627 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
628 /* Ensure correct termination */
629 password.data[passlen]=0;
630 p = (const char *)req->buf + passlen + 1;
633 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
636 data_blob_clear_free(&password);
637 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
638 END_PROFILE(SMBtconX);
643 * the service name can be either: \\server\share
644 * or share directly like on the DELL PowerVault 705
647 q = strchr_m(path+2,'\\');
649 data_blob_clear_free(&password);
650 reply_doserror(req, ERRDOS, ERRnosuchshare);
651 END_PROFILE(SMBtconX);
659 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
660 &client_devicetype, p,
661 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
663 if (client_devicetype == NULL) {
664 data_blob_clear_free(&password);
665 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
666 END_PROFILE(SMBtconX);
670 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
672 conn = make_connection(service, password, client_devicetype,
673 req->vuid, &nt_status);
676 data_blob_clear_free(&password);
679 reply_nterror(req, nt_status);
680 END_PROFILE(SMBtconX);
685 server_devicetype = "IPC";
686 else if ( IS_PRINT(conn) )
687 server_devicetype = "LPT1:";
689 server_devicetype = "A:";
691 if (Protocol < PROTOCOL_NT1) {
692 reply_outbuf(req, 2, 0);
693 if (message_push_string(&req->outbuf, server_devicetype,
694 STR_TERMINATE|STR_ASCII) == -1) {
695 reply_nterror(req, NT_STATUS_NO_MEMORY);
696 END_PROFILE(SMBtconX);
700 /* NT sets the fstype of IPC$ to the null string */
701 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
703 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
704 /* Return permissions. */
708 reply_outbuf(req, 7, 0);
711 perm1 = FILE_ALL_ACCESS;
712 perm2 = FILE_ALL_ACCESS;
714 perm1 = CAN_WRITE(conn) ?
719 SIVAL(req->outbuf, smb_vwv3, perm1);
720 SIVAL(req->outbuf, smb_vwv5, perm2);
722 reply_outbuf(req, 3, 0);
725 if ((message_push_string(&req->outbuf, server_devicetype,
726 STR_TERMINATE|STR_ASCII) == -1)
727 || (message_push_string(&req->outbuf, fstype,
728 STR_TERMINATE) == -1)) {
729 reply_nterror(req, NT_STATUS_NO_MEMORY);
730 END_PROFILE(SMBtconX);
734 /* what does setting this bit do? It is set by NT4 and
735 may affect the ability to autorun mounted cdroms */
736 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
737 (lp_csc_policy(SNUM(conn)) << 2));
739 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
740 DEBUG(2,("Serving %s as a Dfs root\n",
741 lp_servicename(SNUM(conn)) ));
742 SSVAL(req->outbuf, smb_vwv2,
743 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
748 DEBUG(3,("tconX service=%s \n",
751 /* set the incoming and outgoing tid to the just created one */
752 SSVAL(req->inbuf,smb_tid,conn->cnum);
753 SSVAL(req->outbuf,smb_tid,conn->cnum);
755 END_PROFILE(SMBtconX);
761 /****************************************************************************
762 Reply to an unknown type.
763 ****************************************************************************/
765 void reply_unknown_new(struct smb_request *req, uint8 type)
767 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
768 smb_fn_name(type), type, type));
769 reply_doserror(req, ERRSRV, ERRunknownsmb);
773 /****************************************************************************
775 conn POINTER CAN BE NULL HERE !
776 ****************************************************************************/
778 void reply_ioctl(struct smb_request *req)
780 connection_struct *conn = req->conn;
787 START_PROFILE(SMBioctl);
790 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
791 END_PROFILE(SMBioctl);
795 device = SVAL(req->vwv+1, 0);
796 function = SVAL(req->vwv+2, 0);
797 ioctl_code = (device << 16) + function;
799 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
801 switch (ioctl_code) {
802 case IOCTL_QUERY_JOB_INFO:
806 reply_doserror(req, ERRSRV, ERRnosupport);
807 END_PROFILE(SMBioctl);
811 reply_outbuf(req, 8, replysize+1);
812 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
813 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
814 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
815 p = smb_buf(req->outbuf);
816 memset(p, '\0', replysize+1); /* valgrind-safe. */
817 p += 1; /* Allow for alignment */
819 switch (ioctl_code) {
820 case IOCTL_QUERY_JOB_INFO:
822 files_struct *fsp = file_fsp(
823 req, SVAL(req->vwv+0, 0));
825 reply_doserror(req, ERRDOS, ERRbadfid);
826 END_PROFILE(SMBioctl);
829 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
830 srvstr_push((char *)req->outbuf, req->flags2, p+2,
832 STR_TERMINATE|STR_ASCII);
834 srvstr_push((char *)req->outbuf, req->flags2,
835 p+18, lp_servicename(SNUM(conn)),
836 13, STR_TERMINATE|STR_ASCII);
844 END_PROFILE(SMBioctl);
848 /****************************************************************************
849 Strange checkpath NTSTATUS mapping.
850 ****************************************************************************/
852 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
854 /* Strange DOS error code semantics only for checkpath... */
855 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
856 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
857 /* We need to map to ERRbadpath */
858 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
864 /****************************************************************************
865 Reply to a checkpath.
866 ****************************************************************************/
868 void reply_checkpath(struct smb_request *req)
870 connection_struct *conn = req->conn;
872 SMB_STRUCT_STAT sbuf;
874 TALLOC_CTX *ctx = talloc_tos();
876 START_PROFILE(SMBcheckpath);
878 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
879 STR_TERMINATE, &status);
881 if (!NT_STATUS_IS_OK(status)) {
882 status = map_checkpath_error(req->flags2, status);
883 reply_nterror(req, status);
884 END_PROFILE(SMBcheckpath);
888 status = resolve_dfspath(ctx, conn,
889 req->flags2 & FLAGS2_DFS_PATHNAMES,
892 if (!NT_STATUS_IS_OK(status)) {
893 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
894 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
896 END_PROFILE(SMBcheckpath);
902 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
904 status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
905 if (!NT_STATUS_IS_OK(status)) {
909 status = check_name(conn, name);
910 if (!NT_STATUS_IS_OK(status)) {
911 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
915 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
916 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
917 status = map_nt_error_from_unix(errno);
921 if (!S_ISDIR(sbuf.st_mode)) {
922 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
924 END_PROFILE(SMBcheckpath);
928 reply_outbuf(req, 0, 0);
930 END_PROFILE(SMBcheckpath);
935 END_PROFILE(SMBcheckpath);
937 /* We special case this - as when a Windows machine
938 is parsing a path is steps through the components
939 one at a time - if a component fails it expects
940 ERRbadpath, not ERRbadfile.
942 status = map_checkpath_error(req->flags2, status);
943 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
945 * Windows returns different error codes if
946 * the parent directory is valid but not the
947 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
948 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
949 * if the path is invalid.
951 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
956 reply_nterror(req, status);
959 /****************************************************************************
961 ****************************************************************************/
963 void reply_getatr(struct smb_request *req)
965 connection_struct *conn = req->conn;
967 SMB_STRUCT_STAT sbuf;
973 TALLOC_CTX *ctx = talloc_tos();
975 START_PROFILE(SMBgetatr);
977 p = (const char *)req->buf + 1;
978 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
979 if (!NT_STATUS_IS_OK(status)) {
980 reply_nterror(req, status);
981 END_PROFILE(SMBgetatr);
985 status = resolve_dfspath(ctx, conn,
986 req->flags2 & FLAGS2_DFS_PATHNAMES,
989 if (!NT_STATUS_IS_OK(status)) {
990 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
991 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
993 END_PROFILE(SMBgetatr);
996 reply_nterror(req, status);
997 END_PROFILE(SMBgetatr);
1001 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1002 under WfWg - weird! */
1003 if (*fname == '\0') {
1004 mode = aHIDDEN | aDIR;
1005 if (!CAN_WRITE(conn)) {
1011 status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
1012 if (!NT_STATUS_IS_OK(status)) {
1013 reply_nterror(req, status);
1014 END_PROFILE(SMBgetatr);
1017 status = check_name(conn, fname);
1018 if (!NT_STATUS_IS_OK(status)) {
1019 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1020 reply_nterror(req, status);
1021 END_PROFILE(SMBgetatr);
1024 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
1025 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1026 reply_unixerror(req, ERRDOS,ERRbadfile);
1027 END_PROFILE(SMBgetatr);
1031 mode = dos_mode(conn,fname,&sbuf);
1032 size = sbuf.st_size;
1033 mtime = sbuf.st_mtime;
1039 reply_outbuf(req, 10, 0);
1041 SSVAL(req->outbuf,smb_vwv0,mode);
1042 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1043 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1045 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1047 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1049 if (Protocol >= PROTOCOL_NT1) {
1050 SSVAL(req->outbuf, smb_flg2,
1051 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1054 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1056 END_PROFILE(SMBgetatr);
1060 /****************************************************************************
1062 ****************************************************************************/
1064 void reply_setatr(struct smb_request *req)
1066 struct timespec ts[2];
1067 connection_struct *conn = req->conn;
1071 SMB_STRUCT_STAT sbuf;
1074 TALLOC_CTX *ctx = talloc_tos();
1076 START_PROFILE(SMBsetatr);
1081 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1085 p = (const char *)req->buf + 1;
1086 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1087 if (!NT_STATUS_IS_OK(status)) {
1088 reply_nterror(req, status);
1089 END_PROFILE(SMBsetatr);
1093 status = resolve_dfspath(ctx, conn,
1094 req->flags2 & FLAGS2_DFS_PATHNAMES,
1097 if (!NT_STATUS_IS_OK(status)) {
1098 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1099 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1100 ERRSRV, ERRbadpath);
1101 END_PROFILE(SMBsetatr);
1104 reply_nterror(req, status);
1105 END_PROFILE(SMBsetatr);
1109 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
1110 if (!NT_STATUS_IS_OK(status)) {
1111 reply_nterror(req, status);
1112 END_PROFILE(SMBsetatr);
1116 status = check_name(conn, fname);
1117 if (!NT_STATUS_IS_OK(status)) {
1118 reply_nterror(req, status);
1119 END_PROFILE(SMBsetatr);
1123 if (fname[0] == '.' && fname[1] == '\0') {
1125 * Not sure here is the right place to catch this
1126 * condition. Might be moved to somewhere else later -- vl
1128 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1129 END_PROFILE(SMBsetatr);
1133 mode = SVAL(req->vwv+0, 0);
1134 mtime = srv_make_unix_date3(req->vwv+1);
1136 ts[1] = convert_time_t_to_timespec(mtime);
1137 status = smb_set_file_time(conn, NULL, fname,
1139 if (!NT_STATUS_IS_OK(status)) {
1140 reply_unixerror(req, ERRDOS, ERRnoaccess);
1141 END_PROFILE(SMBsetatr);
1145 if (mode != FILE_ATTRIBUTE_NORMAL) {
1146 if (VALID_STAT_OF_DIR(sbuf))
1151 if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) {
1152 reply_unixerror(req, ERRDOS, ERRnoaccess);
1153 END_PROFILE(SMBsetatr);
1158 reply_outbuf(req, 0, 0);
1160 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1162 END_PROFILE(SMBsetatr);
1166 /****************************************************************************
1168 ****************************************************************************/
1170 void reply_dskattr(struct smb_request *req)
1172 connection_struct *conn = req->conn;
1173 uint64_t dfree,dsize,bsize;
1174 START_PROFILE(SMBdskattr);
1176 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1177 reply_unixerror(req, ERRHRD, ERRgeneral);
1178 END_PROFILE(SMBdskattr);
1182 reply_outbuf(req, 5, 0);
1184 if (Protocol <= PROTOCOL_LANMAN2) {
1185 double total_space, free_space;
1186 /* we need to scale this to a number that DOS6 can handle. We
1187 use floating point so we can handle large drives on systems
1188 that don't have 64 bit integers
1190 we end up displaying a maximum of 2G to DOS systems
1192 total_space = dsize * (double)bsize;
1193 free_space = dfree * (double)bsize;
1195 dsize = (uint64_t)((total_space+63*512) / (64*512));
1196 dfree = (uint64_t)((free_space+63*512) / (64*512));
1198 if (dsize > 0xFFFF) dsize = 0xFFFF;
1199 if (dfree > 0xFFFF) dfree = 0xFFFF;
1201 SSVAL(req->outbuf,smb_vwv0,dsize);
1202 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1203 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1204 SSVAL(req->outbuf,smb_vwv3,dfree);
1206 SSVAL(req->outbuf,smb_vwv0,dsize);
1207 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1208 SSVAL(req->outbuf,smb_vwv2,512);
1209 SSVAL(req->outbuf,smb_vwv3,dfree);
1212 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1214 END_PROFILE(SMBdskattr);
1218 /****************************************************************************
1220 Can be called from SMBsearch, SMBffirst or SMBfunique.
1221 ****************************************************************************/
1223 void reply_search(struct smb_request *req)
1225 connection_struct *conn = req->conn;
1226 const char *mask = NULL;
1227 char *directory = NULL;
1233 unsigned int numentries = 0;
1234 unsigned int maxentries = 0;
1235 bool finished = False;
1241 bool check_descend = False;
1242 bool expect_close = False;
1244 bool mask_contains_wcard = False;
1245 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1246 TALLOC_CTX *ctx = talloc_tos();
1247 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1249 START_PROFILE(SMBsearch);
1252 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1253 END_PROFILE(SMBsearch);
1257 if (lp_posix_pathnames()) {
1258 reply_unknown_new(req, req->cmd);
1259 END_PROFILE(SMBsearch);
1263 /* If we were called as SMBffirst then we must expect close. */
1264 if(req->cmd == SMBffirst) {
1265 expect_close = True;
1268 reply_outbuf(req, 1, 3);
1269 maxentries = SVAL(req->vwv+0, 0);
1270 dirtype = SVAL(req->vwv+1, 0);
1271 p = (const char *)req->buf + 1;
1272 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1273 &nt_status, &mask_contains_wcard);
1274 if (!NT_STATUS_IS_OK(nt_status)) {
1275 reply_nterror(req, nt_status);
1276 END_PROFILE(SMBsearch);
1280 nt_status = resolve_dfspath_wcard(ctx, conn,
1281 req->flags2 & FLAGS2_DFS_PATHNAMES,
1284 &mask_contains_wcard);
1285 if (!NT_STATUS_IS_OK(nt_status)) {
1286 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1287 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1288 ERRSRV, ERRbadpath);
1289 END_PROFILE(SMBsearch);
1292 reply_nterror(req, nt_status);
1293 END_PROFILE(SMBsearch);
1298 status_len = SVAL(p, 0);
1301 /* dirtype &= ~aDIR; */
1303 if (status_len == 0) {
1304 SMB_STRUCT_STAT sbuf;
1306 nt_status = unix_convert(ctx, conn, path, True,
1307 &directory, NULL, &sbuf);
1308 if (!NT_STATUS_IS_OK(nt_status)) {
1309 reply_nterror(req, nt_status);
1310 END_PROFILE(SMBsearch);
1314 nt_status = check_name(conn, directory);
1315 if (!NT_STATUS_IS_OK(nt_status)) {
1316 reply_nterror(req, nt_status);
1317 END_PROFILE(SMBsearch);
1321 p = strrchr_m(directory,'/');
1322 if ((p != NULL) && (*directory != '/')) {
1324 directory = talloc_strndup(ctx, directory,
1325 PTR_DIFF(p, directory));
1328 directory = talloc_strdup(ctx,".");
1332 reply_nterror(req, NT_STATUS_NO_MEMORY);
1333 END_PROFILE(SMBsearch);
1337 memset((char *)status,'\0',21);
1338 SCVAL(status,0,(dirtype & 0x1F));
1340 nt_status = dptr_create(conn,
1346 mask_contains_wcard,
1349 if (!NT_STATUS_IS_OK(nt_status)) {
1350 reply_nterror(req, nt_status);
1351 END_PROFILE(SMBsearch);
1354 dptr_num = dptr_dnum(conn->dirptr);
1358 memcpy(status,p,21);
1359 status_dirtype = CVAL(status,0) & 0x1F;
1360 if (status_dirtype != (dirtype & 0x1F)) {
1361 dirtype = status_dirtype;
1364 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1365 if (!conn->dirptr) {
1368 string_set(&conn->dirpath,dptr_path(dptr_num));
1369 mask = dptr_wcard(dptr_num);
1374 * For a 'continue' search we have no string. So
1375 * check from the initial saved string.
1377 mask_contains_wcard = ms_has_wild(mask);
1378 dirtype = dptr_attr(dptr_num);
1381 DEBUG(4,("dptr_num is %d\n",dptr_num));
1383 if ((dirtype&0x1F) == aVOLID) {
1384 char buf[DIR_STRUCT_SIZE];
1385 memcpy(buf,status,21);
1386 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1387 0,aVOLID,0,!allow_long_path_components)) {
1388 reply_nterror(req, NT_STATUS_NO_MEMORY);
1389 END_PROFILE(SMBsearch);
1392 dptr_fill(buf+12,dptr_num);
1393 if (dptr_zero(buf+12) && (status_len==0)) {
1398 if (message_push_blob(&req->outbuf,
1399 data_blob_const(buf, sizeof(buf)))
1401 reply_nterror(req, NT_STATUS_NO_MEMORY);
1402 END_PROFILE(SMBsearch);
1410 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1413 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1414 conn->dirpath,lp_dontdescend(SNUM(conn))));
1415 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1416 check_descend = True;
1419 for (i=numentries;(i<maxentries) && !finished;i++) {
1420 finished = !get_dir_entry(ctx,
1431 char buf[DIR_STRUCT_SIZE];
1432 memcpy(buf,status,21);
1433 if (!make_dir_struct(ctx,
1440 !allow_long_path_components)) {
1441 reply_nterror(req, NT_STATUS_NO_MEMORY);
1442 END_PROFILE(SMBsearch);
1445 if (!dptr_fill(buf+12,dptr_num)) {
1448 if (message_push_blob(&req->outbuf,
1449 data_blob_const(buf, sizeof(buf)))
1451 reply_nterror(req, NT_STATUS_NO_MEMORY);
1452 END_PROFILE(SMBsearch);
1462 /* If we were called as SMBffirst with smb_search_id == NULL
1463 and no entries were found then return error and close dirptr
1466 if (numentries == 0) {
1467 dptr_close(&dptr_num);
1468 } else if(expect_close && status_len == 0) {
1469 /* Close the dptr - we know it's gone */
1470 dptr_close(&dptr_num);
1473 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1474 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1475 dptr_close(&dptr_num);
1478 if ((numentries == 0) && !mask_contains_wcard) {
1479 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1480 END_PROFILE(SMBsearch);
1484 SSVAL(req->outbuf,smb_vwv0,numentries);
1485 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1486 SCVAL(smb_buf(req->outbuf),0,5);
1487 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1489 /* The replies here are never long name. */
1490 SSVAL(req->outbuf, smb_flg2,
1491 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1492 if (!allow_long_path_components) {
1493 SSVAL(req->outbuf, smb_flg2,
1494 SVAL(req->outbuf, smb_flg2)
1495 & (~FLAGS2_LONG_PATH_COMPONENTS));
1498 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1499 SSVAL(req->outbuf, smb_flg2,
1500 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1503 directory = dptr_path(dptr_num);
1506 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1507 smb_fn_name(req->cmd),
1509 directory ? directory : "./",
1514 END_PROFILE(SMBsearch);
1518 /****************************************************************************
1519 Reply to a fclose (stop directory search).
1520 ****************************************************************************/
1522 void reply_fclose(struct smb_request *req)
1530 bool path_contains_wcard = False;
1531 TALLOC_CTX *ctx = talloc_tos();
1533 START_PROFILE(SMBfclose);
1535 if (lp_posix_pathnames()) {
1536 reply_unknown_new(req, req->cmd);
1537 END_PROFILE(SMBfclose);
1541 p = (const char *)req->buf + 1;
1542 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1543 &err, &path_contains_wcard);
1544 if (!NT_STATUS_IS_OK(err)) {
1545 reply_nterror(req, err);
1546 END_PROFILE(SMBfclose);
1550 status_len = SVAL(p,0);
1553 if (status_len == 0) {
1554 reply_doserror(req, ERRSRV, ERRsrverror);
1555 END_PROFILE(SMBfclose);
1559 memcpy(status,p,21);
1561 if(dptr_fetch(status+12,&dptr_num)) {
1562 /* Close the dptr - we know it's gone */
1563 dptr_close(&dptr_num);
1566 reply_outbuf(req, 1, 0);
1567 SSVAL(req->outbuf,smb_vwv0,0);
1569 DEBUG(3,("search close\n"));
1571 END_PROFILE(SMBfclose);
1575 /****************************************************************************
1577 ****************************************************************************/
1579 void reply_open(struct smb_request *req)
1581 connection_struct *conn = req->conn;
1587 SMB_STRUCT_STAT sbuf;
1594 uint32 create_disposition;
1595 uint32 create_options = 0;
1597 TALLOC_CTX *ctx = talloc_tos();
1599 START_PROFILE(SMBopen);
1602 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1603 END_PROFILE(SMBopen);
1607 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1608 deny_mode = SVAL(req->vwv+0, 0);
1609 dos_attr = SVAL(req->vwv+1, 0);
1611 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1612 STR_TERMINATE, &status);
1613 if (!NT_STATUS_IS_OK(status)) {
1614 reply_nterror(req, status);
1615 END_PROFILE(SMBopen);
1619 if (!map_open_params_to_ntcreate(
1620 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1621 &share_mode, &create_disposition, &create_options)) {
1622 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1623 END_PROFILE(SMBopen);
1627 status = SMB_VFS_CREATE_FILE(
1630 0, /* root_dir_fid */
1632 CFF_DOS_PATH, /* create_file_flags */
1633 access_mask, /* access_mask */
1634 share_mode, /* share_access */
1635 create_disposition, /* create_disposition*/
1636 create_options, /* create_options */
1637 dos_attr, /* file_attributes */
1638 oplock_request, /* oplock_request */
1639 0, /* allocation_size */
1646 if (!NT_STATUS_IS_OK(status)) {
1647 if (open_was_deferred(req->mid)) {
1648 /* We have re-scheduled this call. */
1649 END_PROFILE(SMBopen);
1652 reply_openerror(req, status);
1653 END_PROFILE(SMBopen);
1657 size = sbuf.st_size;
1658 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1659 mtime = sbuf.st_mtime;
1662 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1663 close_file(req, fsp, ERROR_CLOSE);
1664 reply_doserror(req, ERRDOS,ERRnoaccess);
1665 END_PROFILE(SMBopen);
1669 reply_outbuf(req, 7, 0);
1670 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1671 SSVAL(req->outbuf,smb_vwv1,fattr);
1672 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1673 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1675 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1677 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1678 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1680 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1681 SCVAL(req->outbuf,smb_flg,
1682 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1685 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1686 SCVAL(req->outbuf,smb_flg,
1687 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1689 END_PROFILE(SMBopen);
1693 /****************************************************************************
1694 Reply to an open and X.
1695 ****************************************************************************/
1697 void reply_open_and_X(struct smb_request *req)
1699 connection_struct *conn = req->conn;
1704 /* Breakout the oplock request bits so we can set the
1705 reply bits separately. */
1706 int ex_oplock_request;
1707 int core_oplock_request;
1710 int smb_sattr = SVAL(req->vwv+4, 0);
1711 uint32 smb_time = make_unix_date3(req->vwv+6);
1716 SMB_STRUCT_STAT sbuf;
1720 uint64_t allocation_size;
1721 ssize_t retval = -1;
1724 uint32 create_disposition;
1725 uint32 create_options = 0;
1726 TALLOC_CTX *ctx = talloc_tos();
1728 START_PROFILE(SMBopenX);
1730 if (req->wct < 15) {
1731 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1732 END_PROFILE(SMBopenX);
1736 open_flags = SVAL(req->vwv+2, 0);
1737 deny_mode = SVAL(req->vwv+3, 0);
1738 smb_attr = SVAL(req->vwv+5, 0);
1739 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1740 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1741 oplock_request = ex_oplock_request | core_oplock_request;
1742 smb_ofun = SVAL(req->vwv+8, 0);
1743 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1745 /* If it's an IPC, pass off the pipe handler. */
1747 if (lp_nt_pipe_support()) {
1748 reply_open_pipe_and_X(conn, req);
1750 reply_doserror(req, ERRSRV, ERRaccess);
1752 END_PROFILE(SMBopenX);
1756 /* XXXX we need to handle passed times, sattr and flags */
1757 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1758 STR_TERMINATE, &status);
1759 if (!NT_STATUS_IS_OK(status)) {
1760 reply_nterror(req, status);
1761 END_PROFILE(SMBopenX);
1765 if (!map_open_params_to_ntcreate(
1766 fname, deny_mode, smb_ofun, &access_mask,
1767 &share_mode, &create_disposition, &create_options)) {
1768 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1769 END_PROFILE(SMBopenX);
1773 status = SMB_VFS_CREATE_FILE(
1776 0, /* root_dir_fid */
1778 CFF_DOS_PATH, /* create_file_flags */
1779 access_mask, /* access_mask */
1780 share_mode, /* share_access */
1781 create_disposition, /* create_disposition*/
1782 create_options, /* create_options */
1783 smb_attr, /* file_attributes */
1784 oplock_request, /* oplock_request */
1785 0, /* allocation_size */
1789 &smb_action, /* pinfo */
1792 if (!NT_STATUS_IS_OK(status)) {
1793 END_PROFILE(SMBopenX);
1794 if (open_was_deferred(req->mid)) {
1795 /* We have re-scheduled this call. */
1798 reply_openerror(req, status);
1802 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1803 if the file is truncated or created. */
1804 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1805 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1806 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1807 close_file(req, fsp, ERROR_CLOSE);
1808 reply_nterror(req, NT_STATUS_DISK_FULL);
1809 END_PROFILE(SMBopenX);
1812 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1814 close_file(req, fsp, ERROR_CLOSE);
1815 reply_nterror(req, NT_STATUS_DISK_FULL);
1816 END_PROFILE(SMBopenX);
1819 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1822 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1823 mtime = sbuf.st_mtime;
1825 close_file(req, fsp, ERROR_CLOSE);
1826 reply_doserror(req, ERRDOS, ERRnoaccess);
1827 END_PROFILE(SMBopenX);
1831 /* If the caller set the extended oplock request bit
1832 and we granted one (by whatever means) - set the
1833 correct bit for extended oplock reply.
1836 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1837 smb_action |= EXTENDED_OPLOCK_GRANTED;
1840 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1841 smb_action |= EXTENDED_OPLOCK_GRANTED;
1844 /* If the caller set the core oplock request bit
1845 and we granted one (by whatever means) - set the
1846 correct bit for core oplock reply.
1849 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1850 reply_outbuf(req, 19, 0);
1852 reply_outbuf(req, 15, 0);
1855 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1856 SCVAL(req->outbuf, smb_flg,
1857 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1860 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1861 SCVAL(req->outbuf, smb_flg,
1862 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1865 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1866 SSVAL(req->outbuf,smb_vwv3,fattr);
1867 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1868 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1870 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1872 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1873 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1874 SSVAL(req->outbuf,smb_vwv11,smb_action);
1876 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1877 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1880 END_PROFILE(SMBopenX);
1885 /****************************************************************************
1886 Reply to a SMBulogoffX.
1887 ****************************************************************************/
1889 void reply_ulogoffX(struct smb_request *req)
1893 START_PROFILE(SMBulogoffX);
1895 vuser = get_valid_user_struct(req->vuid);
1898 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1902 /* in user level security we are supposed to close any files
1903 open by this user */
1904 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1905 file_close_user(req->vuid);
1908 invalidate_vuid(req->vuid);
1910 reply_outbuf(req, 2, 0);
1912 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1914 END_PROFILE(SMBulogoffX);
1918 /****************************************************************************
1919 Reply to a mknew or a create.
1920 ****************************************************************************/
1922 void reply_mknew(struct smb_request *req)
1924 connection_struct *conn = req->conn;
1927 struct timespec ts[2];
1929 int oplock_request = 0;
1930 SMB_STRUCT_STAT sbuf;
1932 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1933 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1934 uint32 create_disposition;
1935 uint32 create_options = 0;
1936 TALLOC_CTX *ctx = talloc_tos();
1938 START_PROFILE(SMBcreate);
1941 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1942 END_PROFILE(SMBcreate);
1946 fattr = SVAL(req->vwv+0, 0);
1947 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1949 ts[1] = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
1952 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
1953 STR_TERMINATE, &status);
1954 if (!NT_STATUS_IS_OK(status)) {
1955 reply_nterror(req, status);
1956 END_PROFILE(SMBcreate);
1960 if (fattr & aVOLID) {
1961 DEBUG(0,("Attempt to create file (%s) with volid set - "
1962 "please report this\n", fname));
1965 if(req->cmd == SMBmknew) {
1966 /* We should fail if file exists. */
1967 create_disposition = FILE_CREATE;
1969 /* Create if file doesn't exist, truncate if it does. */
1970 create_disposition = FILE_OVERWRITE_IF;
1973 status = SMB_VFS_CREATE_FILE(
1976 0, /* root_dir_fid */
1978 CFF_DOS_PATH, /* create_file_flags */
1979 access_mask, /* access_mask */
1980 share_mode, /* share_access */
1981 create_disposition, /* create_disposition*/
1982 create_options, /* create_options */
1983 fattr, /* file_attributes */
1984 oplock_request, /* oplock_request */
1985 0, /* allocation_size */
1992 if (!NT_STATUS_IS_OK(status)) {
1993 END_PROFILE(SMBcreate);
1994 if (open_was_deferred(req->mid)) {
1995 /* We have re-scheduled this call. */
1998 reply_openerror(req, status);
2002 ts[0] = get_atimespec(&sbuf); /* atime. */
2003 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, ts, true);
2004 if (!NT_STATUS_IS_OK(status)) {
2005 END_PROFILE(SMBcreate);
2006 reply_openerror(req, status);
2010 reply_outbuf(req, 1, 0);
2011 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2013 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2014 SCVAL(req->outbuf,smb_flg,
2015 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2018 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2019 SCVAL(req->outbuf,smb_flg,
2020 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2023 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2024 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2025 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2027 END_PROFILE(SMBcreate);
2031 /****************************************************************************
2032 Reply to a create temporary file.
2033 ****************************************************************************/
2035 void reply_ctemp(struct smb_request *req)
2037 connection_struct *conn = req->conn;
2043 SMB_STRUCT_STAT sbuf;
2046 TALLOC_CTX *ctx = talloc_tos();
2048 START_PROFILE(SMBctemp);
2051 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2052 END_PROFILE(SMBctemp);
2056 fattr = SVAL(req->vwv+0, 0);
2057 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2059 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2060 STR_TERMINATE, &status);
2061 if (!NT_STATUS_IS_OK(status)) {
2062 reply_nterror(req, status);
2063 END_PROFILE(SMBctemp);
2067 fname = talloc_asprintf(ctx,
2071 fname = talloc_strdup(ctx, "TMXXXXXX");
2075 reply_nterror(req, NT_STATUS_NO_MEMORY);
2076 END_PROFILE(SMBctemp);
2080 status = resolve_dfspath(ctx, conn,
2081 req->flags2 & FLAGS2_DFS_PATHNAMES,
2084 if (!NT_STATUS_IS_OK(status)) {
2085 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2086 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2087 ERRSRV, ERRbadpath);
2088 END_PROFILE(SMBctemp);
2091 reply_nterror(req, status);
2092 END_PROFILE(SMBctemp);
2096 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
2097 if (!NT_STATUS_IS_OK(status)) {
2098 reply_nterror(req, status);
2099 END_PROFILE(SMBctemp);
2103 status = check_name(conn, fname);
2104 if (!NT_STATUS_IS_OK(status)) {
2105 reply_nterror(req, status);
2106 END_PROFILE(SMBctemp);
2110 tmpfd = smb_mkstemp(fname);
2112 reply_unixerror(req, ERRDOS, ERRnoaccess);
2113 END_PROFILE(SMBctemp);
2117 SMB_VFS_STAT(conn,fname,&sbuf);
2119 /* We should fail if file does not exist. */
2120 status = SMB_VFS_CREATE_FILE(
2123 0, /* root_dir_fid */
2125 0, /* create_file_flags */
2126 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2127 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2128 FILE_OPEN, /* create_disposition*/
2129 0, /* create_options */
2130 fattr, /* file_attributes */
2131 oplock_request, /* oplock_request */
2132 0, /* allocation_size */
2139 /* close fd from smb_mkstemp() */
2142 if (!NT_STATUS_IS_OK(status)) {
2143 if (open_was_deferred(req->mid)) {
2144 /* We have re-scheduled this call. */
2145 END_PROFILE(SMBctemp);
2148 reply_openerror(req, status);
2149 END_PROFILE(SMBctemp);
2153 reply_outbuf(req, 1, 0);
2154 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2156 /* the returned filename is relative to the directory */
2157 s = strrchr_m(fsp->fsp_name, '/');
2165 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2166 thing in the byte section. JRA */
2167 SSVALS(p, 0, -1); /* what is this? not in spec */
2169 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2171 reply_nterror(req, NT_STATUS_NO_MEMORY);
2172 END_PROFILE(SMBctemp);
2176 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2177 SCVAL(req->outbuf, smb_flg,
2178 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2181 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2182 SCVAL(req->outbuf, smb_flg,
2183 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2186 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2187 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2188 fsp->fh->fd, (unsigned int)sbuf.st_mode ) );
2190 END_PROFILE(SMBctemp);
2194 /*******************************************************************
2195 Check if a user is allowed to rename a file.
2196 ********************************************************************/
2198 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2199 uint16 dirtype, SMB_STRUCT_STAT *pst)
2203 if (!CAN_WRITE(conn)) {
2204 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2207 fmode = dos_mode(conn, fsp->fsp_name, pst);
2208 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2209 return NT_STATUS_NO_SUCH_FILE;
2212 if (S_ISDIR(pst->st_mode)) {
2213 return NT_STATUS_OK;
2216 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2217 return NT_STATUS_OK;
2220 return NT_STATUS_ACCESS_DENIED;
2223 /*******************************************************************
2224 * unlink a file with all relevant access checks
2225 *******************************************************************/
2227 static NTSTATUS do_unlink(connection_struct *conn,
2228 struct smb_request *req,
2232 SMB_STRUCT_STAT sbuf;
2235 uint32 dirtype_orig = dirtype;
2238 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2240 if (!CAN_WRITE(conn)) {
2241 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2244 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2245 return map_nt_error_from_unix(errno);
2248 fattr = dos_mode(conn,fname,&sbuf);
2250 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2251 dirtype = aDIR|aARCH|aRONLY;
2254 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2256 return NT_STATUS_NO_SUCH_FILE;
2259 if (!dir_check_ftype(conn, fattr, dirtype)) {
2261 return NT_STATUS_FILE_IS_A_DIRECTORY;
2263 return NT_STATUS_NO_SUCH_FILE;
2266 if (dirtype_orig & 0x8000) {
2267 /* These will never be set for POSIX. */
2268 return NT_STATUS_NO_SUCH_FILE;
2272 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2273 return NT_STATUS_FILE_IS_A_DIRECTORY;
2276 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2277 return NT_STATUS_NO_SUCH_FILE;
2280 if (dirtype & 0xFF00) {
2281 /* These will never be set for POSIX. */
2282 return NT_STATUS_NO_SUCH_FILE;
2287 return NT_STATUS_NO_SUCH_FILE;
2290 /* Can't delete a directory. */
2292 return NT_STATUS_FILE_IS_A_DIRECTORY;
2297 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2298 return NT_STATUS_OBJECT_NAME_INVALID;
2299 #endif /* JRATEST */
2301 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2303 On a Windows share, a file with read-only dosmode can be opened with
2304 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2305 fails with NT_STATUS_CANNOT_DELETE error.
2307 This semantic causes a problem that a user can not
2308 rename a file with read-only dosmode on a Samba share
2309 from a Windows command prompt (i.e. cmd.exe, but can rename
2310 from Windows Explorer).
2313 if (!lp_delete_readonly(SNUM(conn))) {
2314 if (fattr & aRONLY) {
2315 return NT_STATUS_CANNOT_DELETE;
2319 /* On open checks the open itself will check the share mode, so
2320 don't do it here as we'll get it wrong. */
2322 status = SMB_VFS_CREATE_FILE
2325 0, /* root_dir_fid */
2327 0, /* create_file_flags */
2328 DELETE_ACCESS, /* access_mask */
2329 FILE_SHARE_NONE, /* share_access */
2330 FILE_OPEN, /* create_disposition*/
2331 FILE_NON_DIRECTORY_FILE, /* create_options */
2332 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2333 0, /* oplock_request */
2334 0, /* allocation_size */
2341 if (!NT_STATUS_IS_OK(status)) {
2342 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2343 nt_errstr(status)));
2347 /* The set is across all open files on this dev/inode pair. */
2348 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2349 close_file(req, fsp, NORMAL_CLOSE);
2350 return NT_STATUS_ACCESS_DENIED;
2353 return close_file(req, fsp, NORMAL_CLOSE);
2356 /****************************************************************************
2357 The guts of the unlink command, split out so it may be called by the NT SMB
2359 ****************************************************************************/
2361 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2362 uint32 dirtype, const char *name_in, bool has_wild)
2364 const char *directory = NULL;
2369 NTSTATUS status = NT_STATUS_OK;
2370 SMB_STRUCT_STAT sbuf;
2371 TALLOC_CTX *ctx = talloc_tos();
2373 status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
2374 if (!NT_STATUS_IS_OK(status)) {
2378 p = strrchr_m(name,'/');
2380 directory = talloc_strdup(ctx, ".");
2382 return NT_STATUS_NO_MEMORY;
2392 * We should only check the mangled cache
2393 * here if unix_convert failed. This means
2394 * that the path in 'mask' doesn't exist
2395 * on the file system and so we need to look
2396 * for a possible mangle. This patch from
2397 * Tine Smukavec <valentin.smukavec@hermes.si>.
2400 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2401 char *new_mask = NULL;
2402 mangle_lookup_name_from_8_3(ctx,
2412 directory = talloc_asprintf(ctx,
2417 return NT_STATUS_NO_MEMORY;
2420 dirtype = FILE_ATTRIBUTE_NORMAL;
2423 status = check_name(conn, directory);
2424 if (!NT_STATUS_IS_OK(status)) {
2428 status = do_unlink(conn, req, directory, dirtype);
2429 if (!NT_STATUS_IS_OK(status)) {
2435 struct smb_Dir *dir_hnd = NULL;
2439 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2440 return NT_STATUS_OBJECT_NAME_INVALID;
2443 if (strequal(mask,"????????.???")) {
2448 status = check_name(conn, directory);
2449 if (!NT_STATUS_IS_OK(status)) {
2453 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2455 if (dir_hnd == NULL) {
2456 return map_nt_error_from_unix(errno);
2459 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2460 the pattern matches against the long name, otherwise the short name
2461 We don't implement this yet XXXX
2464 status = NT_STATUS_NO_SUCH_FILE;
2466 while ((dname = ReadDirName(dir_hnd, &offset))) {
2470 if (!is_visible_file(conn, directory, dname, &st, True)) {
2474 /* Quick check for "." and ".." */
2475 if (ISDOT(dname) || ISDOTDOT(dname)) {
2479 if(!mask_match(dname, mask, conn->case_sensitive)) {
2483 fname = talloc_asprintf(ctx, "%s/%s",
2487 return NT_STATUS_NO_MEMORY;
2490 status = check_name(conn, fname);
2491 if (!NT_STATUS_IS_OK(status)) {
2492 TALLOC_FREE(dir_hnd);
2496 status = do_unlink(conn, req, fname, dirtype);
2497 if (!NT_STATUS_IS_OK(status)) {
2503 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2508 TALLOC_FREE(dir_hnd);
2511 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2512 status = map_nt_error_from_unix(errno);
2518 /****************************************************************************
2520 ****************************************************************************/
2522 void reply_unlink(struct smb_request *req)
2524 connection_struct *conn = req->conn;
2528 bool path_contains_wcard = False;
2529 TALLOC_CTX *ctx = talloc_tos();
2531 START_PROFILE(SMBunlink);
2534 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2535 END_PROFILE(SMBunlink);
2539 dirtype = SVAL(req->vwv+0, 0);
2541 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2542 STR_TERMINATE, &status,
2543 &path_contains_wcard);
2544 if (!NT_STATUS_IS_OK(status)) {
2545 reply_nterror(req, status);
2546 END_PROFILE(SMBunlink);
2550 status = resolve_dfspath_wcard(ctx, conn,
2551 req->flags2 & FLAGS2_DFS_PATHNAMES,
2554 &path_contains_wcard);
2555 if (!NT_STATUS_IS_OK(status)) {
2556 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2557 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2558 ERRSRV, ERRbadpath);
2559 END_PROFILE(SMBunlink);
2562 reply_nterror(req, status);
2563 END_PROFILE(SMBunlink);
2567 DEBUG(3,("reply_unlink : %s\n",name));
2569 status = unlink_internals(conn, req, dirtype, name,
2570 path_contains_wcard);
2571 if (!NT_STATUS_IS_OK(status)) {
2572 if (open_was_deferred(req->mid)) {
2573 /* We have re-scheduled this call. */
2574 END_PROFILE(SMBunlink);
2577 reply_nterror(req, status);
2578 END_PROFILE(SMBunlink);
2582 reply_outbuf(req, 0, 0);
2583 END_PROFILE(SMBunlink);
2588 /****************************************************************************
2590 ****************************************************************************/
2592 static void fail_readraw(void)
2594 const char *errstr = talloc_asprintf(talloc_tos(),
2595 "FAIL ! reply_readbraw: socket write fail (%s)",
2600 exit_server_cleanly(errstr);
2603 /****************************************************************************
2604 Fake (read/write) sendfile. Returns -1 on read or write fail.
2605 ****************************************************************************/
2607 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2611 size_t tosend = nread;
2618 bufsize = MIN(nread, 65536);
2620 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2624 while (tosend > 0) {
2628 if (tosend > bufsize) {
2633 ret = read_file(fsp,buf,startpos,cur_read);
2639 /* If we had a short read, fill with zeros. */
2640 if (ret < cur_read) {
2641 memset(buf, '\0', cur_read - ret);
2644 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2649 startpos += cur_read;
2653 return (ssize_t)nread;
2656 /****************************************************************************
2657 Return a readbraw error (4 bytes of zero).
2658 ****************************************************************************/
2660 static void reply_readbraw_error(void)
2664 if (write_data(smbd_server_fd(),header,4) != 4) {
2669 /****************************************************************************
2670 Use sendfile in readbraw.
2671 ****************************************************************************/
2673 void send_file_readbraw(connection_struct *conn,
2679 char *outbuf = NULL;
2682 #if defined(WITH_SENDFILE)
2684 * We can only use sendfile on a non-chained packet
2685 * but we can use on a non-oplocked file. tridge proved this
2686 * on a train in Germany :-). JRA.
2687 * reply_readbraw has already checked the length.
2690 if ( (chain_size == 0) && (nread > 0) && (fsp->base_fsp == NULL) &&
2691 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2693 DATA_BLOB header_blob;
2695 _smb_setlen(header,nread);
2696 header_blob = data_blob_const(header, 4);
2698 if (SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2699 &header_blob, startpos, nread) == -1) {
2700 /* Returning ENOSYS means no data at all was sent.
2701 * Do this as a normal read. */
2702 if (errno == ENOSYS) {
2703 goto normal_readbraw;
2707 * Special hack for broken Linux with no working sendfile. If we
2708 * return EINTR we sent the header but not the rest of the data.
2709 * Fake this up by doing read/write calls.
2711 if (errno == EINTR) {
2712 /* Ensure we don't do this again. */
2713 set_use_sendfile(SNUM(conn), False);
2714 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2716 if (fake_sendfile(fsp, startpos, nread) == -1) {
2717 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2718 fsp->fsp_name, strerror(errno) ));
2719 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2724 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2725 fsp->fsp_name, strerror(errno) ));
2726 exit_server_cleanly("send_file_readbraw sendfile failed");
2735 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2737 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2738 (unsigned)(nread+4)));
2739 reply_readbraw_error();
2744 ret = read_file(fsp,outbuf+4,startpos,nread);
2745 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2754 _smb_setlen(outbuf,ret);
2755 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2758 TALLOC_FREE(outbuf);
2761 /****************************************************************************
2762 Reply to a readbraw (core+ protocol).
2763 ****************************************************************************/
2765 void reply_readbraw(struct smb_request *req)
2767 connection_struct *conn = req->conn;
2768 ssize_t maxcount,mincount;
2775 START_PROFILE(SMBreadbraw);
2777 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
2778 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2779 "raw reads/writes are disallowed.");
2783 reply_readbraw_error();
2784 END_PROFILE(SMBreadbraw);
2789 * Special check if an oplock break has been issued
2790 * and the readraw request croses on the wire, we must
2791 * return a zero length response here.
2794 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
2797 * We have to do a check_fsp by hand here, as
2798 * we must always return 4 zero bytes on error,
2802 if (!fsp || !conn || conn != fsp->conn ||
2803 req->vuid != fsp->vuid ||
2804 fsp->is_directory || fsp->fh->fd == -1) {
2806 * fsp could be NULL here so use the value from the packet. JRA.
2808 DEBUG(3,("reply_readbraw: fnum %d not valid "
2810 (int)SVAL(req->vwv+0, 0)));
2811 reply_readbraw_error();
2812 END_PROFILE(SMBreadbraw);
2816 /* Do a "by hand" version of CHECK_READ. */
2817 if (!(fsp->can_read ||
2818 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2819 (fsp->access_mask & FILE_EXECUTE)))) {
2820 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2821 (int)SVAL(req->vwv+0, 0)));
2822 reply_readbraw_error();
2823 END_PROFILE(SMBreadbraw);
2827 flush_write_cache(fsp, READRAW_FLUSH);
2829 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
2830 if(req->wct == 10) {
2832 * This is a large offset (64 bit) read.
2834 #ifdef LARGE_SMB_OFF_T
2836 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
2838 #else /* !LARGE_SMB_OFF_T */
2841 * Ensure we haven't been sent a >32 bit offset.
2844 if(IVAL(req->vwv+8, 0) != 0) {
2845 DEBUG(0,("reply_readbraw: large offset "
2846 "(%x << 32) used and we don't support "
2847 "64 bit offsets.\n",
2848 (unsigned int)IVAL(req->vwv+8, 0) ));
2849 reply_readbraw_error();
2850 END_PROFILE(SMBreadbraw);
2854 #endif /* LARGE_SMB_OFF_T */
2857 DEBUG(0,("reply_readbraw: negative 64 bit "
2858 "readraw offset (%.0f) !\n",
2859 (double)startpos ));
2860 reply_readbraw_error();
2861 END_PROFILE(SMBreadbraw);
2866 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
2867 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
2869 /* ensure we don't overrun the packet size */
2870 maxcount = MIN(65535,maxcount);
2872 if (is_locked(fsp,(uint32)req->smbpid,
2876 reply_readbraw_error();
2877 END_PROFILE(SMBreadbraw);
2881 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
2885 if (startpos >= size) {
2888 nread = MIN(maxcount,(size - startpos));
2891 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2892 if (nread < mincount)
2896 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
2897 "min=%lu nread=%lu\n",
2898 fsp->fnum, (double)startpos,
2899 (unsigned long)maxcount,
2900 (unsigned long)mincount,
2901 (unsigned long)nread ) );
2903 send_file_readbraw(conn, fsp, startpos, nread, mincount);
2905 DEBUG(5,("reply_readbraw finished\n"));
2906 END_PROFILE(SMBreadbraw);
2910 #define DBGC_CLASS DBGC_LOCKING
2912 /****************************************************************************
2913 Reply to a lockread (core+ protocol).
2914 ****************************************************************************/
2916 void reply_lockread(struct smb_request *req)
2918 connection_struct *conn = req->conn;
2925 struct byte_range_lock *br_lck = NULL;
2928 START_PROFILE(SMBlockread);
2931 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2932 END_PROFILE(SMBlockread);
2936 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
2938 if (!check_fsp(conn, req, fsp)) {
2939 END_PROFILE(SMBlockread);
2943 if (!CHECK_READ(fsp,req)) {
2944 reply_doserror(req, ERRDOS, ERRbadaccess);
2945 END_PROFILE(SMBlockread);
2949 release_level_2_oplocks_on_change(fsp);
2951 numtoread = SVAL(req->vwv+1, 0);
2952 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
2954 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
2956 reply_outbuf(req, 5, numtoread + 3);
2958 data = smb_buf(req->outbuf) + 3;
2961 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2962 * protocol request that predates the read/write lock concept.
2963 * Thus instead of asking for a read lock here we need to ask
2964 * for a write lock. JRA.
2965 * Note that the requested lock size is unaffected by max_recv.
2968 br_lck = do_lock(smbd_messaging_context(),
2971 (uint64_t)numtoread,
2975 False, /* Non-blocking lock. */
2978 TALLOC_FREE(br_lck);
2980 if (NT_STATUS_V(status)) {
2981 reply_nterror(req, status);
2982 END_PROFILE(SMBlockread);
2987 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2990 if (numtoread > max_recv) {
2991 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2992 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2993 (unsigned int)numtoread, (unsigned int)max_recv ));
2994 numtoread = MIN(numtoread,max_recv);
2996 nread = read_file(fsp,data,startpos,numtoread);
2999 reply_unixerror(req, ERRDOS, ERRnoaccess);
3000 END_PROFILE(SMBlockread);
3004 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3006 SSVAL(req->outbuf,smb_vwv0,nread);
3007 SSVAL(req->outbuf,smb_vwv5,nread+3);
3008 p = smb_buf(req->outbuf);
3009 SCVAL(p,0,0); /* pad byte. */
3012 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3013 fsp->fnum, (int)numtoread, (int)nread));
3015 END_PROFILE(SMBlockread);
3020 #define DBGC_CLASS DBGC_ALL
3022 /****************************************************************************
3024 ****************************************************************************/
3026 void reply_read(struct smb_request *req)
3028 connection_struct *conn = req->conn;
3036 START_PROFILE(SMBread);
3039 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3040 END_PROFILE(SMBread);
3044 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3046 if (!check_fsp(conn, req, fsp)) {
3047 END_PROFILE(SMBread);
3051 if (!CHECK_READ(fsp,req)) {
3052 reply_doserror(req, ERRDOS, ERRbadaccess);
3053 END_PROFILE(SMBread);
3057 numtoread = SVAL(req->vwv+1, 0);
3058 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3060 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3063 * The requested read size cannot be greater than max_recv. JRA.
3065 if (numtoread > max_recv) {
3066 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3067 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3068 (unsigned int)numtoread, (unsigned int)max_recv ));
3069 numtoread = MIN(numtoread,max_recv);
3072 reply_outbuf(req, 5, numtoread+3);
3074 data = smb_buf(req->outbuf) + 3;
3076 if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtoread,
3077 (uint64_t)startpos, READ_LOCK)) {
3078 reply_doserror(req, ERRDOS,ERRlock);
3079 END_PROFILE(SMBread);
3084 nread = read_file(fsp,data,startpos,numtoread);
3087 reply_unixerror(req, ERRDOS,ERRnoaccess);
3088 END_PROFILE(SMBread);
3092 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3094 SSVAL(req->outbuf,smb_vwv0,nread);
3095 SSVAL(req->outbuf,smb_vwv5,nread+3);
3096 SCVAL(smb_buf(req->outbuf),0,1);
3097 SSVAL(smb_buf(req->outbuf),1,nread);
3099 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3100 fsp->fnum, (int)numtoread, (int)nread ) );
3102 END_PROFILE(SMBread);
3106 /****************************************************************************
3108 ****************************************************************************/
3110 static int setup_readX_header(char *outbuf, size_t smb_maxcnt)
3115 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3116 data = smb_buf(outbuf);
3118 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3120 SCVAL(outbuf,smb_vwv0,0xFF);
3121 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3122 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3123 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
3124 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3125 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
3126 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3127 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3131 /****************************************************************************
3132 Reply to a read and X - possibly using sendfile.
3133 ****************************************************************************/
3135 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3136 files_struct *fsp, SMB_OFF_T startpos,
3139 SMB_STRUCT_STAT sbuf;
3142 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3143 reply_unixerror(req, ERRDOS, ERRnoaccess);
3147 if (startpos > sbuf.st_size) {
3149 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
3150 smb_maxcnt = (sbuf.st_size - startpos);
3153 if (smb_maxcnt == 0) {
3157 #if defined(WITH_SENDFILE)
3159 * We can only use sendfile on a non-chained packet
3160 * but we can use on a non-oplocked file. tridge proved this
3161 * on a train in Germany :-). JRA.
3164 if ((chain_size == 0) && (CVAL(req->vwv+0, 0) == 0xFF) &&
3165 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3166 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
3167 uint8 headerbuf[smb_size + 12 * 2];
3171 * Set up the packet header before send. We
3172 * assume here the sendfile will work (get the
3173 * correct amount of data).
3176 header = data_blob_const(headerbuf, sizeof(headerbuf));
3178 construct_reply_common_req(req, (char *)headerbuf);
3179 setup_readX_header((char *)headerbuf, smb_maxcnt);
3181 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3182 /* Returning ENOSYS or EINVAL means no data at all was sent.
3183 Do this as a normal read. */
3184 if (errno == ENOSYS || errno == EINVAL) {
3189 * Special hack for broken Linux with no working sendfile. If we
3190 * return EINTR we sent the header but not the rest of the data.
3191 * Fake this up by doing read/write calls.
3194 if (errno == EINTR) {
3195 /* Ensure we don't do this again. */
3196 set_use_sendfile(SNUM(conn), False);
3197 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3198 nread = fake_sendfile(fsp, startpos,
3201 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3202 fsp->fsp_name, strerror(errno) ));
3203 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3205 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3206 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3207 /* No outbuf here means successful sendfile. */
3208 TALLOC_FREE(req->outbuf);
3212 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3213 fsp->fsp_name, strerror(errno) ));
3214 exit_server_cleanly("send_file_readX sendfile failed");
3217 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3218 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3219 /* No outbuf here means successful sendfile. */
3220 TALLOC_FREE(req->outbuf);
3227 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3228 uint8 headerbuf[smb_size + 2*12];
3230 construct_reply_common_req(req, (char *)headerbuf);
3231 setup_readX_header((char *)headerbuf, smb_maxcnt);
3233 /* Send out the header. */
3234 if (write_data(smbd_server_fd(), (char *)headerbuf,
3235 sizeof(headerbuf)) != sizeof(headerbuf)) {
3236 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3237 fsp->fsp_name, strerror(errno) ));
3238 exit_server_cleanly("send_file_readX sendfile failed");
3240 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3242 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3243 fsp->fsp_name, strerror(errno) ));
3244 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3246 TALLOC_FREE(req->outbuf);
3250 reply_outbuf(req, 12, smb_maxcnt);
3252 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3254 reply_unixerror(req, ERRDOS, ERRnoaccess);
3258 setup_readX_header((char *)req->outbuf, nread);
3260 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3261 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3266 /****************************************************************************
3267 Reply to a read and X.
3268 ****************************************************************************/
3270 void reply_read_and_X(struct smb_request *req)
3272 connection_struct *conn = req->conn;
3276 bool big_readX = False;
3278 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3281 START_PROFILE(SMBreadX);
3283 if ((req->wct != 10) && (req->wct != 12)) {
3284 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3288 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3289 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3290 smb_maxcnt = SVAL(req->vwv+5, 0);
3292 /* If it's an IPC, pass off the pipe handler. */
3294 reply_pipe_read_and_X(req);
3295 END_PROFILE(SMBreadX);
3299 if (!check_fsp(conn, req, fsp)) {
3300 END_PROFILE(SMBreadX);
3304 if (!CHECK_READ(fsp,req)) {
3305 reply_doserror(req, ERRDOS,ERRbadaccess);
3306 END_PROFILE(SMBreadX);
3310 if (global_client_caps & CAP_LARGE_READX) {
3311 size_t upper_size = SVAL(req->vwv+7, 0);
3312 smb_maxcnt |= (upper_size<<16);
3313 if (upper_size > 1) {
3314 /* Can't do this on a chained packet. */
3315 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3316 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3317 END_PROFILE(SMBreadX);
3320 /* We currently don't do this on signed or sealed data. */
3321 if (srv_is_signing_active() || is_encrypted_packet(req->inbuf)) {
3322 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3323 END_PROFILE(SMBreadX);
3326 /* Is there room in the reply for this data ? */
3327 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3329 NT_STATUS_INVALID_PARAMETER);
3330 END_PROFILE(SMBreadX);
3337 if (req->wct == 12) {
3338 #ifdef LARGE_SMB_OFF_T
3340 * This is a large offset (64 bit) read.
3342 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3344 #else /* !LARGE_SMB_OFF_T */
3347 * Ensure we haven't been sent a >32 bit offset.
3350 if(IVAL(req->vwv+10, 0) != 0) {
3351 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3352 "used and we don't support 64 bit offsets.\n",
3353 (unsigned int)IVAL(req->vwv+10, 0) ));
3354 END_PROFILE(SMBreadX);
3355 reply_doserror(req, ERRDOS, ERRbadaccess);
3359 #endif /* LARGE_SMB_OFF_T */
3363 if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)smb_maxcnt,
3364 (uint64_t)startpos, READ_LOCK)) {
3365 END_PROFILE(SMBreadX);
3366 reply_doserror(req, ERRDOS, ERRlock);
3371 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3372 END_PROFILE(SMBreadX);
3376 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3378 END_PROFILE(SMBreadX);
3382 /****************************************************************************
3383 Error replies to writebraw must have smb_wct == 1. Fix this up.
3384 ****************************************************************************/
3386 void error_to_writebrawerr(struct smb_request *req)
3388 uint8 *old_outbuf = req->outbuf;
3390 reply_outbuf(req, 1, 0);
3392 memcpy(req->outbuf, old_outbuf, smb_size);
3393 TALLOC_FREE(old_outbuf);
3396 /****************************************************************************
3397 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3398 ****************************************************************************/
3400 void reply_writebraw(struct smb_request *req)
3402 connection_struct *conn = req->conn;
3405 ssize_t total_written=0;
3406 size_t numtowrite=0;
3414 START_PROFILE(SMBwritebraw);
3417 * If we ever reply with an error, it must have the SMB command
3418 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3421 SCVAL(req->inbuf,smb_com,SMBwritec);
3423 if (srv_is_signing_active()) {
3424 END_PROFILE(SMBwritebraw);
3425 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3426 "raw reads/writes are disallowed.");
3429 if (req->wct < 12) {
3430 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3431 error_to_writebrawerr(req);
3432 END_PROFILE(SMBwritebraw);
3436 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3437 if (!check_fsp(conn, req, fsp)) {
3438 error_to_writebrawerr(req);
3439 END_PROFILE(SMBwritebraw);
3443 if (!CHECK_WRITE(fsp)) {
3444 reply_doserror(req, ERRDOS, ERRbadaccess);
3445 error_to_writebrawerr(req);
3446 END_PROFILE(SMBwritebraw);
3450 tcount = IVAL(req->vwv+1, 0);
3451 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3452 write_through = BITSETW(req->vwv+7,0);
3454 /* We have to deal with slightly different formats depending
3455 on whether we are using the core+ or lanman1.0 protocol */
3457 if(Protocol <= PROTOCOL_COREPLUS) {
3458 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3459 data = smb_buf(req->inbuf);
3461 numtowrite = SVAL(req->vwv+10, 0);
3462 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3465 /* Ensure we don't write bytes past the end of this packet. */
3466 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3467 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3468 error_to_writebrawerr(req);
3469 END_PROFILE(SMBwritebraw);
3473 if (is_locked(fsp,(uint32)req->smbpid,(uint64_t)tcount,
3474 (uint64_t)startpos, WRITE_LOCK)) {
3475 reply_doserror(req, ERRDOS, ERRlock);
3476 error_to_writebrawerr(req);
3477 END_PROFILE(SMBwritebraw);
3482 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3485 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3486 "wrote=%d sync=%d\n",
3487 fsp->fnum, (double)startpos, (int)numtowrite,
3488 (int)nwritten, (int)write_through));
3490 if (nwritten < (ssize_t)numtowrite) {
3491 reply_unixerror(req, ERRHRD, ERRdiskfull);
3492 error_to_writebrawerr(req);
3493 END_PROFILE(SMBwritebraw);
3497 total_written = nwritten;
3499 /* Allocate a buffer of 64k + length. */
3500 buf = TALLOC_ARRAY(NULL, char, 65540);
3502 reply_doserror(req, ERRDOS, ERRnomem);
3503 error_to_writebrawerr(req);
3504 END_PROFILE(SMBwritebraw);
3508 /* Return a SMBwritebraw message to the redirector to tell
3509 * it to send more bytes */
3511 memcpy(buf, req->inbuf, smb_size);
3512 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3513 SCVAL(buf,smb_com,SMBwritebraw);
3514 SSVALS(buf,smb_vwv0,0xFFFF);
3516 if (!srv_send_smb(smbd_server_fd(),
3518 IS_CONN_ENCRYPTED(conn))) {
3519 exit_server_cleanly("reply_writebraw: srv_send_smb "
3523 /* Now read the raw data into the buffer and write it */
3524 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3526 if (!NT_STATUS_IS_OK(status)) {
3527 exit_server_cleanly("secondary writebraw failed");
3530 /* Set up outbuf to return the correct size */
3531 reply_outbuf(req, 1, 0);
3533 if (numtowrite != 0) {
3535 if (numtowrite > 0xFFFF) {
3536 DEBUG(0,("reply_writebraw: Oversize secondary write "
3537 "raw requested (%u). Terminating\n",
3538 (unsigned int)numtowrite ));
3539 exit_server_cleanly("secondary writebraw failed");
3542 if (tcount > nwritten+numtowrite) {
3543 DEBUG(3,("reply_writebraw: Client overestimated the "
3545 (int)tcount,(int)nwritten,(int)numtowrite));
3548 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3550 if (!NT_STATUS_IS_OK(status)) {
3551 DEBUG(0,("reply_writebraw: Oversize secondary write "
3552 "raw read failed (%s). Terminating\n",
3553 nt_errstr(status)));
3554 exit_server_cleanly("secondary writebraw failed");
3557 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3558 if (nwritten == -1) {
3560 reply_unixerror(req, ERRHRD, ERRdiskfull);
3561 error_to_writebrawerr(req);
3562 END_PROFILE(SMBwritebraw);
3566 if (nwritten < (ssize_t)numtowrite) {
3567 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3568 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3572 total_written += nwritten;
3577 SSVAL(req->outbuf,smb_vwv0,total_written);
3579 status = sync_file(conn, fsp, write_through);
3580 if (!NT_STATUS_IS_OK(status)) {
3581 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3582 fsp->fsp_name, nt_errstr(status) ));
3583 reply_nterror(req, status);
3584 error_to_writebrawerr(req);
3585 END_PROFILE(SMBwritebraw);
3589 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3591 fsp->fnum, (double)startpos, (int)numtowrite,
3592 (int)total_written));
3594 /* We won't return a status if write through is not selected - this
3595 * follows what WfWg does */
3596 END_PROFILE(SMBwritebraw);
3598 if (!write_through && total_written==tcount) {
3600 #if RABBIT_PELLET_FIX
3602 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3603 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3606 if (!send_keepalive(smbd_server_fd())) {
3607 exit_server_cleanly("reply_writebraw: send of "
3608 "keepalive failed");
3611 TALLOC_FREE(req->outbuf);
3617 #define DBGC_CLASS DBGC_LOCKING
3619 /****************************************************************************
3620 Reply to a writeunlock (core+).
3621 ****************************************************************************/
3623 void reply_writeunlock(struct smb_request *req)
3625 connection_struct *conn = req->conn;
3626 ssize_t nwritten = -1;
3630 NTSTATUS status = NT_STATUS_OK;
3633 START_PROFILE(SMBwriteunlock);
3636 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3637 END_PROFILE(SMBwriteunlock);
3641 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3643 if (!check_fsp(conn, req, fsp)) {
3644 END_PROFILE(SMBwriteunlock);
3648 if (!CHECK_WRITE(fsp)) {
3649 reply_doserror(req, ERRDOS,ERRbadaccess);
3650 END_PROFILE(SMBwriteunlock);
3654 numtowrite = SVAL(req->vwv+1, 0);
3655 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3656 data = (const char *)req->buf + 3;
3659 && is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
3660 (uint64_t)startpos, WRITE_LOCK)) {
3661 reply_doserror(req, ERRDOS, ERRlock);
3662 END_PROFILE(SMBwriteunlock);
3666 /* The special X/Open SMB protocol handling of
3667 zero length writes is *NOT* done for
3669 if(numtowrite == 0) {
3672 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3675 status = sync_file(conn, fsp, False /* write through */);
3676 if (!NT_STATUS_IS_OK(status)) {
3677 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3678 fsp->fsp_name, nt_errstr(status) ));
3679 reply_nterror(req, status);
3680 END_PROFILE(SMBwriteunlock);
3684 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
3685 reply_unixerror(req, ERRHRD, ERRdiskfull);
3686 END_PROFILE(SMBwriteunlock);
3691 status = do_unlock(smbd_messaging_context(),
3694 (uint64_t)numtowrite,
3698 if (NT_STATUS_V(status)) {
3699 reply_nterror(req, status);
3700 END_PROFILE(SMBwriteunlock);
3705 reply_outbuf(req, 1, 0);
3707 SSVAL(req->outbuf,smb_vwv0,nwritten);
3709 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3710 fsp->fnum, (int)numtowrite, (int)nwritten));
3712 END_PROFILE(SMBwriteunlock);
3717 #define DBGC_CLASS DBGC_ALL
3719 /****************************************************************************
3721 ****************************************************************************/
3723 void reply_write(struct smb_request *req)
3725 connection_struct *conn = req->conn;
3727 ssize_t nwritten = -1;
3733 START_PROFILE(SMBwrite);
3736 END_PROFILE(SMBwrite);
3737 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3741 /* If it's an IPC, pass off the pipe handler. */
3743 reply_pipe_write(req);
3744 END_PROFILE(SMBwrite);
3748 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3750 if (!check_fsp(conn, req, fsp)) {
3751 END_PROFILE(SMBwrite);
3755 if (!CHECK_WRITE(fsp)) {
3756 reply_doserror(req, ERRDOS, ERRbadaccess);
3757 END_PROFILE(SMBwrite);
3761 numtowrite = SVAL(req->vwv+1, 0);
3762 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3763 data = (const char *)req->buf + 3;
3765 if (is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
3766 (uint64_t)startpos, WRITE_LOCK)) {
3767 reply_doserror(req, ERRDOS, ERRlock);
3768 END_PROFILE(SMBwrite);
3773 * X/Open SMB protocol says that if smb_vwv1 is
3774 * zero then the file size should be extended or
3775 * truncated to the size given in smb_vwv[2-3].
3778 if(numtowrite == 0) {
3780 * This is actually an allocate call, and set EOF. JRA.
3782 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3784 reply_nterror(req, NT_STATUS_DISK_FULL);
3785 END_PROFILE(SMBwrite);
3788 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3790 reply_nterror(req, NT_STATUS_DISK_FULL);
3791 END_PROFILE(SMBwrite);
3794 trigger_write_time_update_immediate(fsp);
3796 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3799 status = sync_file(conn, fsp, False);
3800 if (!NT_STATUS_IS_OK(status)) {
3801 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3802 fsp->fsp_name, nt_errstr(status) ));
3803 reply_nterror(req, status);
3804 END_PROFILE(SMBwrite);
3808 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3809 reply_unixerror(req, ERRHRD, ERRdiskfull);
3810 END_PROFILE(SMBwrite);
3814 reply_outbuf(req, 1, 0);
3816 SSVAL(req->outbuf,smb_vwv0,nwritten);
3818 if (nwritten < (ssize_t)numtowrite) {
3819 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3820 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3823 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3825 END_PROFILE(SMBwrite);
3829 /****************************************************************************
3830 Ensure a buffer is a valid writeX for recvfile purposes.
3831 ****************************************************************************/
3833 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
3834 (2*14) + /* word count (including bcc) */ \
3837 bool is_valid_writeX_buffer(const uint8_t *inbuf)
3840 connection_struct *conn = NULL;
3841 unsigned int doff = 0;
3842 size_t len = smb_len_large(inbuf);
3844 if (is_encrypted_packet(inbuf)) {
3845 /* Can't do this on encrypted
3850 if (CVAL(inbuf,smb_com) != SMBwriteX) {
3854 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
3855 CVAL(inbuf,smb_wct) != 14) {
3856 DEBUG(10,("is_valid_writeX_buffer: chained or "
3857 "invalid word length.\n"));
3861 conn = conn_find(SVAL(inbuf, smb_tid));
3863 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
3867 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
3870 if (IS_PRINT(conn)) {
3871 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
3874 doff = SVAL(inbuf,smb_vwv11);
3876 numtowrite = SVAL(inbuf,smb_vwv10);
3878 if (len > doff && len - doff > 0xFFFF) {
3879 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
3882 if (numtowrite == 0) {
3883 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
3887 /* Ensure the sizes match up. */
3888 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
3889 /* no pad byte...old smbclient :-( */
3890 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
3892 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
3896 if (len - doff != numtowrite) {
3897 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
3898 "len = %u, doff = %u, numtowrite = %u\n",
3901 (unsigned int)numtowrite ));
3905 DEBUG(10,("is_valid_writeX_buffer: true "
3906 "len = %u, doff = %u, numtowrite = %u\n",
3909 (unsigned int)numtowrite ));
3914 /****************************************************************************
3915 Reply to a write and X.
3916 ****************************************************************************/
3918 void reply_write_and_X(struct smb_request *req)
3920 connection_struct *conn = req->conn;
3926 unsigned int smb_doff;
3927 unsigned int smblen;
3931 START_PROFILE(SMBwriteX);
3933 if ((req->wct != 12) && (req->wct != 14)) {
3934 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3935 END_PROFILE(SMBwriteX);
3939 numtowrite = SVAL(req->vwv+10, 0);
3940 smb_doff = SVAL(req->vwv+11, 0);
3941 smblen = smb_len(req->inbuf);
3943 if (req->unread_bytes > 0xFFFF ||
3944 (smblen > smb_doff &&
3945 smblen - smb_doff > 0xFFFF)) {
3946 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
3949 if (req->unread_bytes) {
3950 /* Can't do a recvfile write on IPC$ */
3952 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3953 END_PROFILE(SMBwriteX);
3956 if (numtowrite != req->unread_bytes) {
3957 reply_doserror(req, ERRDOS, ERRbadmem);
3958 END_PROFILE(SMBwriteX);
3962 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
3963 smb_doff + numtowrite > smblen) {
3964 reply_doserror(req, ERRDOS, ERRbadmem);
3965 END_PROFILE(SMBwriteX);
3970 /* If it's an IPC, pass off the pipe handler. */
3972 if (req->unread_bytes) {
3973 reply_doserror(req, ERRDOS, ERRbadmem);
3974 END_PROFILE(SMBwriteX);
3977 reply_pipe_write_and_X(req);
3978 END_PROFILE(SMBwriteX);
3982 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3983 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3984 write_through = BITSETW(req->vwv+7,0);
3986 if (!check_fsp(conn, req, fsp)) {
3987 END_PROFILE(SMBwriteX);
3991 if (!CHECK_WRITE(fsp)) {
3992 reply_doserror(req, ERRDOS, ERRbadaccess);
3993 END_PROFILE(SMBwriteX);
3997 data = smb_base(req->inbuf) + smb_doff;
3999 if(req->wct == 14) {
4000 #ifdef LARGE_SMB_OFF_T
4002 * This is a large offset (64 bit) write.
4004 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4006 #else /* !LARGE_SMB_OFF_T */
4009 * Ensure we haven't been sent a >32 bit offset.
4012 if(IVAL(req->vwv+12, 0) != 0) {
4013 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4014 "used and we don't support 64 bit offsets.\n",
4015 (unsigned int)IVAL(req->vwv+12, 0) ));
4016 reply_doserror(req, ERRDOS, ERRbadaccess);
4017 END_PROFILE(SMBwriteX);
4021 #endif /* LARGE_SMB_OFF_T */
4024 if (is_locked(fsp,(uint32)req->smbpid,
4025 (uint64_t)numtowrite,
4026 (uint64_t)startpos, WRITE_LOCK)) {
4027 reply_doserror(req, ERRDOS, ERRlock);
4028 END_PROFILE(SMBwriteX);
4032 /* X/Open SMB protocol says that, unlike SMBwrite
4033 if the length is zero then NO truncation is
4034 done, just a write of zero. To truncate a file,
4037 if(numtowrite == 0) {
4041 if ((req->unread_bytes == 0) &&
4042 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4044 END_PROFILE(SMBwriteX);
4048 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4051 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4052 reply_unixerror(req, ERRHRD, ERRdiskfull);
4053 END_PROFILE(SMBwriteX);
4057 reply_outbuf(req, 6, 0);
4058 SSVAL(req->outbuf,smb_vwv2,nwritten);
4059 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4061 if (nwritten < (ssize_t)numtowrite) {
4062 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4063 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4066 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4067 fsp->fnum, (int)numtowrite, (int)nwritten));
4069 status = sync_file(conn, fsp, write_through);
4070 if (!NT_STATUS_IS_OK(status)) {
4071 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4072 fsp->fsp_name, nt_errstr(status) ));
4073 reply_nterror(req, status);
4074 END_PROFILE(SMBwriteX);
4078 END_PROFILE(SMBwriteX);
4083 /****************************************************************************
4085 ****************************************************************************/
4087 void reply_lseek(struct smb_request *req)
4089 connection_struct *conn = req->conn;
4095 START_PROFILE(SMBlseek);
4098 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4099 END_PROFILE(SMBlseek);
4103 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4105 if (!check_fsp(conn, req, fsp)) {
4109 flush_write_cache(fsp, SEEK_FLUSH);
4111 mode = SVAL(req->vwv+1, 0) & 3;
4112 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4113 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4122 res = fsp->fh->pos + startpos;
4133 if (umode == SEEK_END) {
4134 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4135 if(errno == EINVAL) {
4136 SMB_OFF_T current_pos = startpos;
4137 SMB_STRUCT_STAT sbuf;
4139 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4140 reply_unixerror(req, ERRDOS,
4142 END_PROFILE(SMBlseek);
4146 current_pos += sbuf.st_size;
4148 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4153 reply_unixerror(req, ERRDOS, ERRnoaccess);
4154 END_PROFILE(SMBlseek);
4161 reply_outbuf(req, 2, 0);
4162 SIVAL(req->outbuf,smb_vwv0,res);
4164 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4165 fsp->fnum, (double)startpos, (double)res, mode));
4167 END_PROFILE(SMBlseek);
4171 /****************************************************************************
4173 ****************************************************************************/
4175 void reply_flush(struct smb_request *req)
4177 connection_struct *conn = req->conn;
4181 START_PROFILE(SMBflush);
4184 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4188 fnum = SVAL(req->vwv+0, 0);
4189 fsp = file_fsp(req, fnum);
4191 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4196 file_sync_all(conn);
4198 NTSTATUS status = sync_file(conn, fsp, True);
4199 if (!NT_STATUS_IS_OK(status)) {
4200 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4201 fsp->fsp_name, nt_errstr(status) ));
4202 reply_nterror(req, status);
4203 END_PROFILE(SMBflush);
4208 reply_outbuf(req, 0, 0);
4210 DEBUG(3,("flush\n"));
4211 END_PROFILE(SMBflush);
4215 /****************************************************************************
4217 conn POINTER CAN BE NULL HERE !
4218 ****************************************************************************/
4220 void reply_exit(struct smb_request *req)
4222 START_PROFILE(SMBexit);
4224 file_close_pid(req->smbpid, req->vuid);
4226 reply_outbuf(req, 0, 0);
4228 DEBUG(3,("exit\n"));
4230 END_PROFILE(SMBexit);
4234 /****************************************************************************
4235 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4236 ****************************************************************************/
4238 void reply_close(struct smb_request *req)
4240 connection_struct *conn = req->conn;
4241 NTSTATUS status = NT_STATUS_OK;
4242 files_struct *fsp = NULL;
4243 START_PROFILE(SMBclose);
4246 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4247 END_PROFILE(SMBclose);
4251 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4254 * We can only use check_fsp if we know it's not a directory.
4257 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4258 reply_doserror(req, ERRDOS, ERRbadfid);
4259 END_PROFILE(SMBclose);
4263 if(fsp->is_directory) {
4265 * Special case - close NT SMB directory handle.
4267 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4268 status = close_file(req, fsp, NORMAL_CLOSE);
4272 * Close ordinary file.
4275 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4276 fsp->fh->fd, fsp->fnum,
4277 conn->num_files_open));
4280 * Take care of any time sent in the close.
4283 t = srv_make_unix_date3(req->vwv+1);
4284 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4287 * close_file() returns the unix errno if an error
4288 * was detected on close - normally this is due to
4289 * a disk full error. If not then it was probably an I/O error.
4292 status = close_file(req, fsp, NORMAL_CLOSE);
4295 if (!NT_STATUS_IS_OK(status)) {
4296 reply_nterror(req, status);
4297 END_PROFILE(SMBclose);
4301 reply_outbuf(req, 0, 0);
4302 END_PROFILE(SMBclose);
4306 /****************************************************************************
4307 Reply to a writeclose (Core+ protocol).
4308 ****************************************************************************/
4310 void reply_writeclose(struct smb_request *req)
4312 connection_struct *conn = req->conn;
4314 ssize_t nwritten = -1;
4315 NTSTATUS close_status = NT_STATUS_OK;
4318 struct timespec mtime;
4321 START_PROFILE(SMBwriteclose);
4324 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4325 END_PROFILE(SMBwriteclose);
4329 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4331 if (!check_fsp(conn, req, fsp)) {
4332 END_PROFILE(SMBwriteclose);
4335 if (!CHECK_WRITE(fsp)) {
4336 reply_doserror(req, ERRDOS,ERRbadaccess);
4337 END_PROFILE(SMBwriteclose);
4341 numtowrite = SVAL(req->vwv+1, 0);
4342 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4343 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4344 data = (const char *)req->buf + 1;
4347 && is_locked(fsp, (uint32)req->smbpid, (uint64_t)numtowrite,
4348 (uint64_t)startpos, WRITE_LOCK)) {
4349 reply_doserror(req, ERRDOS,ERRlock);
4350 END_PROFILE(SMBwriteclose);
4354 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4356 set_close_write_time(fsp, mtime);
4359 * More insanity. W2K only closes the file if writelen > 0.
4364 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4366 close_status = close_file(req, fsp, NORMAL_CLOSE);
4369 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4370 fsp->fnum, (int)numtowrite, (int)nwritten,
4371 conn->num_files_open));
4373 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4374 reply_doserror(req, ERRHRD, ERRdiskfull);
4375 END_PROFILE(SMBwriteclose);
4379 if(!NT_STATUS_IS_OK(close_status)) {
4380 reply_nterror(req, close_status);
4381 END_PROFILE(SMBwriteclose);
4385 reply_outbuf(req, 1, 0);
4387 SSVAL(req->outbuf,smb_vwv0,nwritten);
4388 END_PROFILE(SMBwriteclose);
4393 #define DBGC_CLASS DBGC_LOCKING
4395 /****************************************************************************
4397 ****************************************************************************/
4399 void reply_lock(struct smb_request *req)
4401 connection_struct *conn = req->conn;
4402 uint64_t count,offset;
4405 struct byte_range_lock *br_lck = NULL;
4407 START_PROFILE(SMBlock);
4410 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4411 END_PROFILE(SMBlock);
4415 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4417 if (!check_fsp(conn, req, fsp)) {
4418 END_PROFILE(SMBlock);
4422 release_level_2_oplocks_on_change(fsp);
4424 count = (uint64_t)IVAL(req->vwv+1, 0);
4425 offset = (uint64_t)IVAL(req->vwv+3, 0);
4427 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4428 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4430 br_lck = do_lock(smbd_messaging_context(),
4437 False, /* Non-blocking lock. */
4441 TALLOC_FREE(br_lck);
4443 if (NT_STATUS_V(status)) {
4444 reply_nterror(req, status);
4445 END_PROFILE(SMBlock);
4449 reply_outbuf(req, 0, 0);
4451 END_PROFILE(SMBlock);
4455 /****************************************************************************
4457 ****************************************************************************/
4459 void reply_unlock(struct smb_request *req)
4461 connection_struct *conn = req->conn;
4462 uint64_t count,offset;
4466 START_PROFILE(SMBunlock);
4469 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4470 END_PROFILE(SMBunlock);
4474 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4476 if (!check_fsp(conn, req, fsp)) {
4477 END_PROFILE(SMBunlock);
4481 count = (uint64_t)IVAL(req->vwv+1, 0);
4482 offset = (uint64_t)IVAL(req->vwv+3, 0);
4484 status = do_unlock(smbd_messaging_context(),
4491 if (NT_STATUS_V(status)) {
4492 reply_nterror(req, status);
4493 END_PROFILE(SMBunlock);
4497 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4498 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4500 reply_outbuf(req, 0, 0);
4502 END_PROFILE(SMBunlock);
4507 #define DBGC_CLASS DBGC_ALL
4509 /****************************************************************************
4511 conn POINTER CAN BE NULL HERE !
4512 ****************************************************************************/
4514 void reply_tdis(struct smb_request *req)
4516 connection_struct *conn = req->conn;
4517 START_PROFILE(SMBtdis);
4520 DEBUG(4,("Invalid connection in tdis\n"));
4521 reply_doserror(req, ERRSRV, ERRinvnid);
4522 END_PROFILE(SMBtdis);
4528 close_cnum(conn,req->vuid);
4531 reply_outbuf(req, 0, 0);
4532 END_PROFILE(SMBtdis);
4536 /****************************************************************************
4538 conn POINTER CAN BE NULL HERE !
4539 ****************************************************************************/
4541 void reply_echo(struct smb_request *req)
4543 connection_struct *conn = req->conn;
4547 START_PROFILE(SMBecho);
4550 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4551 END_PROFILE(SMBecho);
4555 smb_reverb = SVAL(req->vwv+0, 0);
4557 reply_outbuf(req, 1, req->buflen);
4559 /* copy any incoming data back out */
4560 if (req->buflen > 0) {
4561 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4564 if (smb_reverb > 100) {
4565 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4569 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
4570 SSVAL(req->outbuf,smb_vwv0,seq_num);
4572 show_msg((char *)req->outbuf);
4573 if (!srv_send_smb(smbd_server_fd(),
4574 (char *)req->outbuf,
4575 IS_CONN_ENCRYPTED(conn)||req->encrypted))
4576 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4579 DEBUG(3,("echo %d times\n", smb_reverb));
4581 TALLOC_FREE(req->outbuf);
4583 END_PROFILE(SMBecho);
4587 /****************************************************************************
4588 Reply to a printopen.
4589 ****************************************************************************/
4591 void reply_printopen(struct smb_request *req)
4593 connection_struct *conn = req->conn;
4595 SMB_STRUCT_STAT sbuf;
4598 START_PROFILE(SMBsplopen);
4601 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4602 END_PROFILE(SMBsplopen);
4606 if (!CAN_PRINT(conn)) {
4607 reply_doserror(req, ERRDOS, ERRnoaccess);
4608 END_PROFILE(SMBsplopen);
4612 status = file_new(req, conn, &fsp);
4613 if(!NT_STATUS_IS_OK(status)) {
4614 reply_nterror(req, status);
4615 END_PROFILE(SMBsplopen);
4619 /* Open for exclusive use, write only. */
4620 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
4622 if (!NT_STATUS_IS_OK(status)) {
4623 reply_nterror(req, status);
4624 END_PROFILE(SMBsplopen);
4628 reply_outbuf(req, 1, 0);
4629 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4631 DEBUG(3,("openprint fd=%d fnum=%d\n",
4632 fsp->fh->fd, fsp->fnum));
4634 END_PROFILE(SMBsplopen);
4638 /****************************************************************************
4639 Reply to a printclose.
4640 ****************************************************************************/
4642 void reply_printclose(struct smb_request *req)
4644 connection_struct *conn = req->conn;
4648 START_PROFILE(SMBsplclose);
4651 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4652 END_PROFILE(SMBsplclose);
4656 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4658 if (!check_fsp(conn, req, fsp)) {
4659 END_PROFILE(SMBsplclose);
4663 if (!CAN_PRINT(conn)) {
4664 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
4665 END_PROFILE(SMBsplclose);
4669 DEBUG(3,("printclose fd=%d fnum=%d\n",
4670 fsp->fh->fd,fsp->fnum));
4672 status = close_file(req, fsp, NORMAL_CLOSE);
4674 if(!NT_STATUS_IS_OK(status)) {
4675 reply_nterror(req, status);
4676 END_PROFILE(SMBsplclose);
4680 reply_outbuf(req, 0, 0);
4682 END_PROFILE(SMBsplclose);
4686 /****************************************************************************
4687 Reply to a printqueue.
4688 ****************************************************************************/
4690 void reply_printqueue(struct smb_request *req)
4692 connection_struct *conn = req->conn;
4696 START_PROFILE(SMBsplretq);
4699 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4700 END_PROFILE(SMBsplretq);
4704 max_count = SVAL(req->vwv+0, 0);
4705 start_index = SVAL(req->vwv+1, 0);
4707 /* we used to allow the client to get the cnum wrong, but that
4708 is really quite gross and only worked when there was only
4709 one printer - I think we should now only accept it if they
4710 get it right (tridge) */
4711 if (!CAN_PRINT(conn)) {
4712 reply_doserror(req, ERRDOS, ERRnoaccess);
4713 END_PROFILE(SMBsplretq);
4717 reply_outbuf(req, 2, 3);
4718 SSVAL(req->outbuf,smb_vwv0,0);
4719 SSVAL(req->outbuf,smb_vwv1,0);
4720 SCVAL(smb_buf(req->outbuf),0,1);
4721 SSVAL(smb_buf(req->outbuf),1,0);
4723 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4724 start_index, max_count));
4727 print_queue_struct *queue = NULL;
4728 print_status_struct status;
4729 int count = print_queue_status(SNUM(conn), &queue, &status);
4730 int num_to_get = ABS(max_count);
4731 int first = (max_count>0?start_index:start_index+max_count+1);
4737 num_to_get = MIN(num_to_get,count-first);
4740 for (i=first;i<first+num_to_get;i++) {
4744 srv_put_dos_date2(p,0,queue[i].time);
4745 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4746 SSVAL(p,5, queue[i].job);
4747 SIVAL(p,7,queue[i].size);
4749 srvstr_push(blob, req->flags2, p+12,
4750 queue[i].fs_user, 16, STR_ASCII);
4752 if (message_push_blob(
4755 blob, sizeof(blob))) == -1) {
4756 reply_nterror(req, NT_STATUS_NO_MEMORY);
4757 END_PROFILE(SMBsplretq);
4763 SSVAL(req->outbuf,smb_vwv0,count);
4764 SSVAL(req->outbuf,smb_vwv1,
4765 (max_count>0?first+count:first-1));
4766 SCVAL(smb_buf(req->outbuf),0,1);
4767 SSVAL(smb_buf(req->outbuf),1,28*count);
4772 DEBUG(3,("%d entries returned in queue\n",count));
4775 END_PROFILE(SMBsplretq);
4779 /****************************************************************************
4780 Reply to a printwrite.
4781 ****************************************************************************/
4783 void reply_printwrite(struct smb_request *req)
4785 connection_struct *conn = req->conn;
4790 START_PROFILE(SMBsplwr);
4793 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4794 END_PROFILE(SMBsplwr);
4798 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4800 if (!check_fsp(conn, req, fsp)) {
4801 END_PROFILE(SMBsplwr);
4805 if (!CAN_PRINT(conn)) {
4806 reply_doserror(req, ERRDOS, ERRnoaccess);
4807 END_PROFILE(SMBsplwr);
4811 if (!CHECK_WRITE(fsp)) {
4812 reply_doserror(req, ERRDOS, ERRbadaccess);
4813 END_PROFILE(SMBsplwr);
4817 numtowrite = SVAL(req->buf, 1);
4819 if (req->buflen < numtowrite + 3) {
4820 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4821 END_PROFILE(SMBsplwr);
4825 data = (const char *)req->buf + 3;
4827 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
4828 reply_unixerror(req, ERRHRD, ERRdiskfull);
4829 END_PROFILE(SMBsplwr);
4833 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
4835 END_PROFILE(SMBsplwr);
4839 /****************************************************************************
4841 ****************************************************************************/
4843 void reply_mkdir(struct smb_request *req)
4845 connection_struct *conn = req->conn;
4846 char *directory = NULL;
4848 SMB_STRUCT_STAT sbuf;
4849 TALLOC_CTX *ctx = talloc_tos();
4851 START_PROFILE(SMBmkdir);
4853 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
4854 STR_TERMINATE, &status);
4855 if (!NT_STATUS_IS_OK(status)) {
4856 reply_nterror(req, status);
4857 END_PROFILE(SMBmkdir);
4861 status = resolve_dfspath(ctx, conn,
4862 req->flags2 & FLAGS2_DFS_PATHNAMES,
4865 if (!NT_STATUS_IS_OK(status)) {
4866 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
4867 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
4868 ERRSRV, ERRbadpath);
4869 END_PROFILE(SMBmkdir);
4872 reply_nterror(req, status);
4873 END_PROFILE(SMBmkdir);
4877 status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
4878 if (!NT_STATUS_IS_OK(status)) {
4879 reply_nterror(req, status);
4880 END_PROFILE(SMBmkdir);
4884 status = check_name(conn, directory);
4885 if (!NT_STATUS_IS_OK(status)) {
4886 reply_nterror(req, status);
4887 END_PROFILE(SMBmkdir);
4891 status = create_directory(conn, req, directory);
4893 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
4895 if (!NT_STATUS_IS_OK(status)) {
4897 if (!use_nt_status()
4898 && NT_STATUS_EQUAL(status,
4899 NT_STATUS_OBJECT_NAME_COLLISION)) {
4901 * Yes, in the DOS error code case we get a
4902 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
4903 * samba4 torture test.
4905 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
4908 reply_nterror(req, status);
4909 END_PROFILE(SMBmkdir);
4913 reply_outbuf(req, 0, 0);
4915 DEBUG( 3, ( "mkdir %s\n", directory ) );
4917 END_PROFILE(SMBmkdir);
4921 /****************************************************************************
4922 Static function used by reply_rmdir to delete an entire directory
4923 tree recursively. Return True on ok, False on fail.
4924 ****************************************************************************/
4926 static bool recursive_rmdir(TALLOC_CTX *ctx,
4927 connection_struct *conn,
4930 const char *dname = NULL;
4933 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
4939 while((dname = ReadDirName(dir_hnd, &offset))) {
4940 char *fullname = NULL;
4943 if (ISDOT(dname) || ISDOTDOT(dname)) {
4947 if (!is_visible_file(conn, directory, dname, &st, False)) {
4951 /* Construct the full name. */
4952 fullname = talloc_asprintf(ctx,
4962 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
4967 if(st.st_mode & S_IFDIR) {
4968 if(!recursive_rmdir(ctx, conn, fullname)) {
4972 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
4976 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
4980 TALLOC_FREE(fullname);
4982 TALLOC_FREE(dir_hnd);
4986 /****************************************************************************
4987 The internals of the rmdir code - called elsewhere.
4988 ****************************************************************************/
4990 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
4991 connection_struct *conn,
4992 const char *directory)
4997 /* Might be a symlink. */
4998 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
4999 return map_nt_error_from_unix(errno);
5002 if (S_ISLNK(st.st_mode)) {
5003 /* Is what it points to a directory ? */
5004 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5005 return map_nt_error_from_unix(errno);
5007 if (!(S_ISDIR(st.st_mode))) {
5008 return NT_STATUS_NOT_A_DIRECTORY;
5010 ret = SMB_VFS_UNLINK(conn,directory);
5012 ret = SMB_VFS_RMDIR(conn,directory);
5015 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5016 FILE_NOTIFY_CHANGE_DIR_NAME,
5018 return NT_STATUS_OK;
5021 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5023 * Check to see if the only thing in this directory are
5024 * vetoed files/directories. If so then delete them and
5025 * retry. If we fail to delete any of them (and we *don't*
5026 * do a recursive delete) then fail the rmdir.
5030 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5031 directory, NULL, 0);
5033 if(dir_hnd == NULL) {
5038 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
5039 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5041 if (!is_visible_file(conn, directory, dname, &st, False))
5043 if(!IS_VETO_PATH(conn, dname)) {
5044 TALLOC_FREE(dir_hnd);
5050 /* We only have veto files/directories.
5051 * Are we allowed to delete them ? */
5053 if(!lp_recursive_veto_delete(SNUM(conn))) {
5054 TALLOC_FREE(dir_hnd);
5059 /* Do a recursive delete. */
5060 RewindDir(dir_hnd,&dirpos);
5061 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
5062 char *fullname = NULL;
5064 if (ISDOT(dname) || ISDOTDOT(dname)) {
5067 if (!is_visible_file(conn, directory, dname, &st, False)) {
5071 fullname = talloc_asprintf(ctx,
5081 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5084 if(st.st_mode & S_IFDIR) {
5085 if(!recursive_rmdir(ctx, conn, fullname)) {
5088 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5091 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5094 TALLOC_FREE(fullname);
5096 TALLOC_FREE(dir_hnd);
5097 /* Retry the rmdir */
5098 ret = SMB_VFS_RMDIR(conn,directory);
5104 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5105 "%s\n", directory,strerror(errno)));
5106 return map_nt_error_from_unix(errno);
5109 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5110 FILE_NOTIFY_CHANGE_DIR_NAME,
5113 return NT_STATUS_OK;
5116 /****************************************************************************
5118 ****************************************************************************/
5120 void reply_rmdir(struct smb_request *req)
5122 connection_struct *conn = req->conn;
5123 char *directory = NULL;
5124 SMB_STRUCT_STAT sbuf;
5126 TALLOC_CTX *ctx = talloc_tos();
5128 START_PROFILE(SMBrmdir);
5130 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5131 STR_TERMINATE, &status);
5132 if (!NT_STATUS_IS_OK(status)) {
5133 reply_nterror(req, status);
5134 END_PROFILE(SMBrmdir);
5138 status = resolve_dfspath(ctx, conn,
5139 req->flags2 & FLAGS2_DFS_PATHNAMES,
5142 if (!NT_STATUS_IS_OK(status)) {
5143 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5144 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5145 ERRSRV, ERRbadpath);
5146 END_PROFILE(SMBrmdir);
5149 reply_nterror(req, status);
5150 END_PROFILE(SMBrmdir);
5154 status = unix_convert(ctx, conn, directory, False, &directory,
5156 if (!NT_STATUS_IS_OK(status)) {
5157 reply_nterror(req, status);
5158 END_PROFILE(SMBrmdir);
5162 status = check_name(conn, directory);
5163 if (!NT_STATUS_IS_OK(status)) {
5164 reply_nterror(req, status);
5165 END_PROFILE(SMBrmdir);
5169 dptr_closepath(directory, req->smbpid);
5170 status = rmdir_internals(ctx, conn, directory);
5171 if (!NT_STATUS_IS_OK(status)) {
5172 reply_nterror(req, status);
5173 END_PROFILE(SMBrmdir);
5177 reply_outbuf(req, 0, 0);
5179 DEBUG( 3, ( "rmdir %s\n", directory ) );
5181 END_PROFILE(SMBrmdir);
5185 /*******************************************************************
5186 Resolve wildcards in a filename rename.
5187 ********************************************************************/
5189 static bool resolve_wildcards(TALLOC_CTX *ctx,
5194 char *name2_copy = NULL;
5199 char *p,*p2, *pname1, *pname2;
5201 name2_copy = talloc_strdup(ctx, name2);
5206 pname1 = strrchr_m(name1,'/');
5207 pname2 = strrchr_m(name2_copy,'/');
5209 if (!pname1 || !pname2) {
5213 /* Truncate the copy of name2 at the last '/' */
5216 /* Now go past the '/' */
5220 root1 = talloc_strdup(ctx, pname1);
5221 root2 = talloc_strdup(ctx, pname2);
5223 if (!root1 || !root2) {
5227 p = strrchr_m(root1,'.');
5230 ext1 = talloc_strdup(ctx, p+1);
5232 ext1 = talloc_strdup(ctx, "");
5234 p = strrchr_m(root2,'.');
5237 ext2 = talloc_strdup(ctx, p+1);
5239 ext2 = talloc_strdup(ctx, "");
5242 if (!ext1 || !ext2) {
5250 /* Hmmm. Should this be mb-aware ? */
5253 } else if (*p2 == '*') {
5255 root2 = talloc_asprintf(ctx, "%s%s",
5274 /* Hmmm. Should this be mb-aware ? */
5277 } else if (*p2 == '*') {
5279 ext2 = talloc_asprintf(ctx, "%s%s",
5295 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5300 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5312 /****************************************************************************
5313 Ensure open files have their names updated. Updated to notify other smbd's
5315 ****************************************************************************/
5317 static void rename_open_files(connection_struct *conn,
5318 struct share_mode_lock *lck,
5319 const char *newname)
5322 bool did_rename = False;
5324 for(fsp = file_find_di_first(lck->id); fsp;
5325 fsp = file_find_di_next(fsp)) {
5326 /* fsp_name is a relative path under the fsp. To change this for other
5327 sharepaths we need to manipulate relative paths. */
5328 /* TODO - create the absolute path and manipulate the newname
5329 relative to the sharepath. */
5330 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5333 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5334 fsp->fnum, file_id_string_tos(&fsp->file_id),
5335 fsp->fsp_name, newname ));
5336 string_set(&fsp->fsp_name, newname);
5341 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5342 file_id_string_tos(&lck->id), newname ));
5345 /* Send messages to all smbd's (not ourself) that the name has changed. */
5346 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5350 /****************************************************************************
5351 We need to check if the source path is a parent directory of the destination
5352 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5353 refuse the rename with a sharing violation. Under UNIX the above call can
5354 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5355 probably need to check that the client is a Windows one before disallowing
5356 this as a UNIX client (one with UNIX extensions) can know the source is a
5357 symlink and make this decision intelligently. Found by an excellent bug
5358 report from <AndyLiebman@aol.com>.
5359 ****************************************************************************/
5361 static bool rename_path_prefix_equal(const char *src, const char *dest)
5363 const char *psrc = src;
5364 const char *pdst = dest;
5367 if (psrc[0] == '.' && psrc[1] == '/') {
5370 if (pdst[0] == '.' && pdst[1] == '/') {
5373 if ((slen = strlen(psrc)) > strlen(pdst)) {
5376 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5380 * Do the notify calls from a rename
5383 static void notify_rename(connection_struct *conn, bool is_dir,
5384 const char *oldpath, const char *newpath)
5386 char *olddir, *newdir;
5387 const char *oldname, *newname;
5390 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5391 : FILE_NOTIFY_CHANGE_FILE_NAME;
5393 if (!parent_dirname(talloc_tos(), oldpath, &olddir, &oldname)
5394 || !parent_dirname(talloc_tos(), newpath, &newdir, &newname)) {
5395 TALLOC_FREE(olddir);
5399 if (strcmp(olddir, newdir) == 0) {
5400 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5401 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5404 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5405 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5407 TALLOC_FREE(olddir);
5408 TALLOC_FREE(newdir);
5410 /* this is a strange one. w2k3 gives an additional event for
5411 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5412 files, but not directories */
5414 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5415 FILE_NOTIFY_CHANGE_ATTRIBUTES
5416 |FILE_NOTIFY_CHANGE_CREATION,
5421 /****************************************************************************
5422 Rename an open file - given an fsp.
5423 ****************************************************************************/
5425 NTSTATUS rename_internals_fsp(connection_struct *conn,
5428 const char *newname_last_component,
5430 bool replace_if_exists)
5432 TALLOC_CTX *ctx = talloc_tos();
5433 SMB_STRUCT_STAT sbuf, sbuf1;
5434 NTSTATUS status = NT_STATUS_OK;
5435 struct share_mode_lock *lck = NULL;
5436 bool dst_exists, old_is_stream, new_is_stream;
5440 status = check_name(conn, newname);
5441 if (!NT_STATUS_IS_OK(status)) {
5445 /* Ensure newname contains a '/' */
5446 if(strrchr_m(newname,'/') == 0) {
5447 newname = talloc_asprintf(ctx,
5451 return NT_STATUS_NO_MEMORY;
5456 * Check for special case with case preserving and not
5457 * case sensitive. If the old last component differs from the original
5458 * last component only by case, then we should allow
5459 * the rename (user is trying to change the case of the
5463 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5464 strequal(newname, fsp->fsp_name)) {
5466 char *newname_modified_last_component = NULL;
5469 * Get the last component of the modified name.
5470 * Note that we guarantee that newname contains a '/'
5473 p = strrchr_m(newname,'/');
5474 newname_modified_last_component = talloc_strdup(ctx,
5476 if (!newname_modified_last_component) {
5477 return NT_STATUS_NO_MEMORY;
5480 if(strcsequal(newname_modified_last_component,
5481 newname_last_component) == False) {
5483 * Replace the modified last component with
5486 *p = '\0'; /* Truncate at the '/' */
5487 newname = talloc_asprintf(ctx,
5490 newname_last_component);
5495 * If the src and dest names are identical - including case,
5496 * don't do the rename, just return success.
5499 if (strcsequal(fsp->fsp_name, newname)) {
5500 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5502 return NT_STATUS_OK;
5505 old_is_stream = is_ntfs_stream_name(fsp->fsp_name);
5506 new_is_stream = is_ntfs_stream_name(newname);
5508 /* Return the correct error code if both names aren't streams. */
5509 if (!old_is_stream && new_is_stream) {
5510 return NT_STATUS_OBJECT_NAME_INVALID;
5513 if (old_is_stream && !new_is_stream) {
5514 return NT_STATUS_INVALID_PARAMETER;
5518 * Have vfs_object_exist also fill sbuf1
5520 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5522 if(!replace_if_exists && dst_exists) {
5523 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5524 fsp->fsp_name,newname));
5525 return NT_STATUS_OBJECT_NAME_COLLISION;
5529 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5530 files_struct *dst_fsp = file_find_di_first(fileid);
5531 /* The file can be open when renaming a stream */
5532 if (dst_fsp && !new_is_stream) {
5533 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5534 return NT_STATUS_ACCESS_DENIED;
5538 /* Ensure we have a valid stat struct for the source. */
5539 if (fsp->fh->fd != -1) {
5540 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5541 return map_nt_error_from_unix(errno);
5544 if (SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf) == -1) {
5545 return map_nt_error_from_unix(errno);
5549 status = can_rename(conn, fsp, attrs, &sbuf);
5551 if (!NT_STATUS_IS_OK(status)) {
5552 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5553 nt_errstr(status), fsp->fsp_name,newname));
5554 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5555 status = NT_STATUS_ACCESS_DENIED;
5559 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5560 return NT_STATUS_ACCESS_DENIED;
5563 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5567 * We have the file open ourselves, so not being able to get the
5568 * corresponding share mode lock is a fatal error.
5571 SMB_ASSERT(lck != NULL);
5573 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5574 uint32 create_options = fsp->fh->private_options;
5576 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5577 fsp->fsp_name,newname));
5579 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5581 rename_open_files(conn, lck, newname);
5584 * A rename acts as a new file create w.r.t. allowing an initial delete
5585 * on close, probably because in Windows there is a new handle to the
5586 * new file. If initial delete on close was requested but not
5587 * originally set, we need to set it here. This is probably not 100% correct,
5588 * but will work for the CIFSFS client which in non-posix mode
5589 * depends on these semantics. JRA.
5592 if (create_options & FILE_DELETE_ON_CLOSE) {
5593 status = can_set_delete_on_close(fsp, True, 0);
5595 if (NT_STATUS_IS_OK(status)) {
5596 /* Note that here we set the *inital* delete on close flag,
5597 * not the regular one. The magic gets handled in close. */
5598 fsp->initial_delete_on_close = True;
5602 return NT_STATUS_OK;
5607 if (errno == ENOTDIR || errno == EISDIR) {
5608 status = NT_STATUS_OBJECT_NAME_COLLISION;
5610 status = map_nt_error_from_unix(errno);
5613 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5614 nt_errstr(status), fsp->fsp_name,newname));
5619 /****************************************************************************
5620 The guts of the rename command, split out so it may be called by the NT SMB
5622 ****************************************************************************/
5624 NTSTATUS rename_internals(TALLOC_CTX *ctx,
5625 connection_struct *conn,
5626 struct smb_request *req,
5627 const char *name_in,
5628 const char *newname_in,
5630 bool replace_if_exists,
5633 uint32_t access_mask)
5635 char *directory = NULL;
5637 char *last_component_src = NULL;
5638 char *last_component_dest = NULL;
5640 char *newname = NULL;
5643 NTSTATUS status = NT_STATUS_OK;
5644 SMB_STRUCT_STAT sbuf1, sbuf2;
5645 struct smb_Dir *dir_hnd = NULL;
5648 int create_options = 0;
5653 status = unix_convert(ctx, conn, name_in, src_has_wild, &name,
5654 &last_component_src, &sbuf1);
5655 if (!NT_STATUS_IS_OK(status)) {
5659 status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname,
5660 &last_component_dest, &sbuf2);
5661 if (!NT_STATUS_IS_OK(status)) {
5666 * Split the old name into directory and last component
5667 * strings. Note that unix_convert may have stripped off a
5668 * leading ./ from both name and newname if the rename is
5669 * at the root of the share. We need to make sure either both
5670 * name and newname contain a / character or neither of them do
5671 * as this is checked in resolve_wildcards().
5674 p = strrchr_m(name,'/');
5676 directory = talloc_strdup(ctx, ".");
5678 return NT_STATUS_NO_MEMORY;
5683 directory = talloc_strdup(ctx, name);
5685 return NT_STATUS_NO_MEMORY;
5688 *p = '/'; /* Replace needed for exceptional test below. */
5692 * We should only check the mangled cache
5693 * here if unix_convert failed. This means
5694 * that the path in 'mask' doesn't exist
5695 * on the file system and so we need to look
5696 * for a possible mangle. This patch from
5697 * Tine Smukavec <valentin.smukavec@hermes.si>.
5700 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5701 char *new_mask = NULL;
5702 mangle_lookup_name_from_8_3(ctx,
5711 if (!src_has_wild) {
5715 * No wildcards - just process the one file.
5717 bool is_short_name = mangle_is_8_3(name, True, conn->params);
5719 /* Add a terminating '/' to the directory name. */
5720 directory = talloc_asprintf_append(directory,
5724 return NT_STATUS_NO_MEMORY;
5727 /* Ensure newname contains a '/' also */
5728 if(strrchr_m(newname,'/') == 0) {
5729 newname = talloc_asprintf(ctx,
5733 return NT_STATUS_NO_MEMORY;
5737 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5738 "case_preserve = %d, short case preserve = %d, "
5739 "directory = %s, newname = %s, "
5740 "last_component_dest = %s, is_8_3 = %d\n",
5741 conn->case_sensitive, conn->case_preserve,
5742 conn->short_case_preserve, directory,
5743 newname, last_component_dest, is_short_name));
5745 /* The dest name still may have wildcards. */
5746 if (dest_has_wild) {
5747 char *mod_newname = NULL;
5748 if (!resolve_wildcards(ctx,
5749 directory,newname,&mod_newname)) {
5750 DEBUG(6, ("rename_internals: resolve_wildcards "
5754 return NT_STATUS_NO_MEMORY;
5756 newname = mod_newname;
5760 SMB_VFS_STAT(conn, directory, &sbuf1);
5762 if (S_ISDIR(sbuf1.st_mode)) {
5763 create_options |= FILE_DIRECTORY_FILE;
5766 status = SMB_VFS_CREATE_FILE(
5769 0, /* root_dir_fid */
5770 directory, /* fname */
5771 0, /* create_file_flags */
5772 access_mask, /* access_mask */
5773 (FILE_SHARE_READ | /* share_access */
5775 FILE_OPEN, /* create_disposition*/
5776 create_options, /* create_options */
5777 0, /* file_attributes */
5778 0, /* oplock_request */
5779 0, /* allocation_size */
5784 &sbuf1); /* psbuf */
5786 if (!NT_STATUS_IS_OK(status)) {
5787 DEBUG(3, ("Could not open rename source %s: %s\n",
5788 directory, nt_errstr(status)));
5792 status = rename_internals_fsp(conn, fsp, newname,
5793 last_component_dest,
5794 attrs, replace_if_exists);
5796 close_file(req, fsp, NORMAL_CLOSE);
5798 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
5799 nt_errstr(status), directory,newname));
5805 * Wildcards - process each file that matches.
5807 if (strequal(mask,"????????.???")) {
5812 status = check_name(conn, directory);
5813 if (!NT_STATUS_IS_OK(status)) {
5817 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs);
5818 if (dir_hnd == NULL) {
5819 return map_nt_error_from_unix(errno);
5822 status = NT_STATUS_NO_SUCH_FILE;
5824 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
5825 * - gentest fix. JRA
5828 while ((dname = ReadDirName(dir_hnd, &offset))) {
5829 files_struct *fsp = NULL;
5831 char *destname = NULL;
5832 bool sysdir_entry = False;
5834 /* Quick check for "." and ".." */
5835 if (ISDOT(dname) || ISDOTDOT(dname)) {
5837 sysdir_entry = True;
5843 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
5847 if(!mask_match(dname, mask, conn->case_sensitive)) {
5852 status = NT_STATUS_OBJECT_NAME_INVALID;
5856 fname = talloc_asprintf(ctx,
5861 return NT_STATUS_NO_MEMORY;
5864 if (!resolve_wildcards(ctx,
5865 fname,newname,&destname)) {
5866 DEBUG(6, ("resolve_wildcards %s %s failed\n",
5872 return NT_STATUS_NO_MEMORY;
5876 SMB_VFS_STAT(conn, fname, &sbuf1);
5880 if (S_ISDIR(sbuf1.st_mode)) {
5881 create_options |= FILE_DIRECTORY_FILE;
5884 status = SMB_VFS_CREATE_FILE(
5887 0, /* root_dir_fid */
5889 0, /* create_file_flags */
5890 access_mask, /* access_mask */
5891 (FILE_SHARE_READ | /* share_access */
5893 FILE_OPEN, /* create_disposition*/
5894 create_options, /* create_options */
5895 0, /* file_attributes */
5896 0, /* oplock_request */
5897 0, /* allocation_size */
5902 &sbuf1); /* psbuf */
5904 if (!NT_STATUS_IS_OK(status)) {
5905 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
5906 "returned %s rename %s -> %s\n",
5907 nt_errstr(status), directory, newname));
5911 status = rename_internals_fsp(conn, fsp, destname, dname,
5912 attrs, replace_if_exists);
5914 close_file(req, fsp, NORMAL_CLOSE);
5916 if (!NT_STATUS_IS_OK(status)) {
5917 DEBUG(3, ("rename_internals_fsp returned %s for "
5918 "rename %s -> %s\n", nt_errstr(status),
5919 directory, newname));
5925 DEBUG(3,("rename_internals: doing rename on %s -> "
5926 "%s\n",fname,destname));
5929 TALLOC_FREE(destname);
5931 TALLOC_FREE(dir_hnd);
5933 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
5934 status = map_nt_error_from_unix(errno);
5940 /****************************************************************************
5942 ****************************************************************************/
5944 void reply_mv(struct smb_request *req)
5946 connection_struct *conn = req->conn;
5948 char *newname = NULL;
5952 bool src_has_wcard = False;
5953 bool dest_has_wcard = False;
5954 TALLOC_CTX *ctx = talloc_tos();
5956 START_PROFILE(SMBmv);
5959 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5964 attrs = SVAL(req->vwv+0, 0);
5966 p = (const char *)req->buf + 1;
5967 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
5968 &status, &src_has_wcard);
5969 if (!NT_STATUS_IS_OK(status)) {
5970 reply_nterror(req, status);
5975 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
5976 &status, &dest_has_wcard);
5977 if (!NT_STATUS_IS_OK(status)) {
5978 reply_nterror(req, status);
5983 status = resolve_dfspath_wcard(ctx, conn,
5984 req->flags2 & FLAGS2_DFS_PATHNAMES,
5988 if (!NT_STATUS_IS_OK(status)) {
5989 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5990 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5991 ERRSRV, ERRbadpath);
5995 reply_nterror(req, status);
6000 status = resolve_dfspath_wcard(ctx, conn,
6001 req->flags2 & FLAGS2_DFS_PATHNAMES,
6005 if (!NT_STATUS_IS_OK(status)) {
6006 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6007 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6008 ERRSRV, ERRbadpath);
6012 reply_nterror(req, status);
6017 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6019 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6020 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6021 if (!NT_STATUS_IS_OK(status)) {
6022 if (open_was_deferred(req->mid)) {
6023 /* We have re-scheduled this call. */
6027 reply_nterror(req, status);
6032 reply_outbuf(req, 0, 0);
6038 /*******************************************************************
6039 Copy a file as part of a reply_copy.
6040 ******************************************************************/
6043 * TODO: check error codes on all callers
6046 NTSTATUS copy_file(TALLOC_CTX *ctx,
6047 connection_struct *conn,
6052 bool target_is_directory)
6054 SMB_STRUCT_STAT src_sbuf, sbuf2;
6056 files_struct *fsp1,*fsp2;
6059 uint32 new_create_disposition;
6062 dest = talloc_strdup(ctx, dest1);
6064 return NT_STATUS_NO_MEMORY;
6066 if (target_is_directory) {
6067 const char *p = strrchr_m(src,'/');
6073 dest = talloc_asprintf_append(dest,
6077 return NT_STATUS_NO_MEMORY;
6081 if (!vfs_file_exist(conn,src,&src_sbuf)) {
6083 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
6086 if (!target_is_directory && count) {
6087 new_create_disposition = FILE_OPEN;
6089 if (!map_open_params_to_ntcreate(dest1,0,ofun,
6090 NULL, NULL, &new_create_disposition, NULL)) {
6092 return NT_STATUS_INVALID_PARAMETER;
6096 status = SMB_VFS_CREATE_FILE(
6099 0, /* root_dir_fid */
6101 0, /* create_file_flags */
6102 FILE_GENERIC_READ, /* access_mask */
6103 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6104 FILE_OPEN, /* create_disposition*/
6105 0, /* create_options */
6106 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6107 INTERNAL_OPEN_ONLY, /* oplock_request */
6108 0, /* allocation_size */
6113 &src_sbuf); /* psbuf */
6115 if (!NT_STATUS_IS_OK(status)) {
6120 dosattrs = dos_mode(conn, src, &src_sbuf);
6121 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
6122 ZERO_STRUCTP(&sbuf2);
6125 status = SMB_VFS_CREATE_FILE(
6128 0, /* root_dir_fid */
6130 0, /* create_file_flags */
6131 FILE_GENERIC_WRITE, /* access_mask */
6132 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6133 new_create_disposition, /* create_disposition*/
6134 0, /* create_options */
6135 dosattrs, /* file_attributes */
6136 INTERNAL_OPEN_ONLY, /* oplock_request */
6137 0, /* allocation_size */
6142 &sbuf2); /* psbuf */
6146 if (!NT_STATUS_IS_OK(status)) {
6147 close_file(NULL, fsp1, ERROR_CLOSE);
6151 if ((ofun&3) == 1) {
6152 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6153 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6155 * Stop the copy from occurring.
6158 src_sbuf.st_size = 0;
6162 if (src_sbuf.st_size) {
6163 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
6166 close_file(NULL, fsp1, NORMAL_CLOSE);
6168 /* Ensure the modtime is set correctly on the destination file. */
6169 set_close_write_time(fsp2, get_mtimespec(&src_sbuf));
6172 * As we are opening fsp1 read-only we only expect
6173 * an error on close on fsp2 if we are out of space.
6174 * Thus we don't look at the error return from the
6177 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6179 if (!NT_STATUS_IS_OK(status)) {
6183 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
6184 return NT_STATUS_DISK_FULL;
6187 return NT_STATUS_OK;
6190 /****************************************************************************
6191 Reply to a file copy.
6192 ****************************************************************************/
6194 void reply_copy(struct smb_request *req)
6196 connection_struct *conn = req->conn;
6198 char *newname = NULL;
6199 char *directory = NULL;
6200 const char *mask = NULL;
6201 const char mask_star[] = "*";
6204 int error = ERRnoaccess;
6209 bool target_is_directory=False;
6210 bool source_has_wild = False;
6211 bool dest_has_wild = False;
6212 SMB_STRUCT_STAT sbuf1, sbuf2;
6214 TALLOC_CTX *ctx = talloc_tos();
6216 START_PROFILE(SMBcopy);
6219 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6220 END_PROFILE(SMBcopy);
6224 tid2 = SVAL(req->vwv+0, 0);
6225 ofun = SVAL(req->vwv+1, 0);
6226 flags = SVAL(req->vwv+2, 0);
6228 p = (const char *)req->buf;
6229 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6230 &status, &source_has_wild);
6231 if (!NT_STATUS_IS_OK(status)) {
6232 reply_nterror(req, status);
6233 END_PROFILE(SMBcopy);
6236 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6237 &status, &dest_has_wild);
6238 if (!NT_STATUS_IS_OK(status)) {
6239 reply_nterror(req, status);
6240 END_PROFILE(SMBcopy);
6244 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
6246 if (tid2 != conn->cnum) {
6247 /* can't currently handle inter share copies XXXX */
6248 DEBUG(3,("Rejecting inter-share copy\n"));
6249 reply_doserror(req, ERRSRV, ERRinvdevice);
6250 END_PROFILE(SMBcopy);
6254 status = resolve_dfspath_wcard(ctx, conn,
6255 req->flags2 & FLAGS2_DFS_PATHNAMES,
6259 if (!NT_STATUS_IS_OK(status)) {
6260 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6261 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6262 ERRSRV, ERRbadpath);
6263 END_PROFILE(SMBcopy);
6266 reply_nterror(req, status);
6267 END_PROFILE(SMBcopy);
6271 status = resolve_dfspath_wcard(ctx, conn,
6272 req->flags2 & FLAGS2_DFS_PATHNAMES,
6276 if (!NT_STATUS_IS_OK(status)) {
6277 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6278 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6279 ERRSRV, ERRbadpath);
6280 END_PROFILE(SMBcopy);
6283 reply_nterror(req, status);
6284 END_PROFILE(SMBcopy);
6288 status = unix_convert(ctx, conn, name, source_has_wild,
6289 &name, NULL, &sbuf1);
6290 if (!NT_STATUS_IS_OK(status)) {
6291 reply_nterror(req, status);
6292 END_PROFILE(SMBcopy);
6296 status = unix_convert(ctx, conn, newname, dest_has_wild,
6297 &newname, NULL, &sbuf2);
6298 if (!NT_STATUS_IS_OK(status)) {
6299 reply_nterror(req, status);
6300 END_PROFILE(SMBcopy);
6304 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
6306 if ((flags&1) && target_is_directory) {
6307 reply_doserror(req, ERRDOS, ERRbadfile);
6308 END_PROFILE(SMBcopy);
6312 if ((flags&2) && !target_is_directory) {
6313 reply_doserror(req, ERRDOS, ERRbadpath);
6314 END_PROFILE(SMBcopy);
6318 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
6319 /* wants a tree copy! XXXX */
6320 DEBUG(3,("Rejecting tree copy\n"));
6321 reply_doserror(req, ERRSRV, ERRerror);
6322 END_PROFILE(SMBcopy);
6326 p = strrchr_m(name,'/');
6328 directory = talloc_strndup(ctx, name, PTR_DIFF(p, name));
6331 directory = talloc_strdup(ctx, "./");
6336 reply_nterror(req, NT_STATUS_NO_MEMORY);
6337 END_PROFILE(SMBcopy);
6342 * We should only check the mangled cache
6343 * here if unix_convert failed. This means
6344 * that the path in 'mask' doesn't exist
6345 * on the file system and so we need to look
6346 * for a possible mangle. This patch from
6347 * Tine Smukavec <valentin.smukavec@hermes.si>.
6350 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
6351 char *new_mask = NULL;
6352 mangle_lookup_name_from_8_3(ctx,
6361 if (!source_has_wild) {
6362 directory = talloc_asprintf_append(directory,
6365 if (dest_has_wild) {
6366 char *mod_newname = NULL;
6367 if (!resolve_wildcards(ctx,
6368 directory,newname,&mod_newname)) {
6369 reply_nterror(req, NT_STATUS_NO_MEMORY);
6370 END_PROFILE(SMBcopy);
6373 newname = mod_newname;
6376 status = check_name(conn, directory);
6377 if (!NT_STATUS_IS_OK(status)) {
6378 reply_nterror(req, status);
6379 END_PROFILE(SMBcopy);
6383 status = check_name(conn, newname);
6384 if (!NT_STATUS_IS_OK(status)) {
6385 reply_nterror(req, status);
6386 END_PROFILE(SMBcopy);
6390 status = copy_file(ctx,conn,directory,newname,ofun,
6391 count,target_is_directory);
6393 if(!NT_STATUS_IS_OK(status)) {
6394 reply_nterror(req, status);
6395 END_PROFILE(SMBcopy);
6401 struct smb_Dir *dir_hnd = NULL;
6402 const char *dname = NULL;
6405 if (strequal(mask,"????????.???")) {
6409 status = check_name(conn, directory);
6410 if (!NT_STATUS_IS_OK(status)) {
6411 reply_nterror(req, status);
6412 END_PROFILE(SMBcopy);
6416 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, 0);
6417 if (dir_hnd == NULL) {
6418 status = map_nt_error_from_unix(errno);
6419 reply_nterror(req, status);
6420 END_PROFILE(SMBcopy);
6426 while ((dname = ReadDirName(dir_hnd, &offset))) {
6427 char *destname = NULL;
6430 if (ISDOT(dname) || ISDOTDOT(dname)) {
6434 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6438 if(!mask_match(dname, mask, conn->case_sensitive)) {
6442 error = ERRnoaccess;
6443 fname = talloc_asprintf(ctx,
6448 TALLOC_FREE(dir_hnd);
6449 reply_nterror(req, NT_STATUS_NO_MEMORY);
6450 END_PROFILE(SMBcopy);
6454 if (!resolve_wildcards(ctx,
6455 fname,newname,&destname)) {
6459 TALLOC_FREE(dir_hnd);
6460 reply_nterror(req, NT_STATUS_NO_MEMORY);
6461 END_PROFILE(SMBcopy);
6465 status = check_name(conn, fname);
6466 if (!NT_STATUS_IS_OK(status)) {
6467 TALLOC_FREE(dir_hnd);
6468 reply_nterror(req, status);
6469 END_PROFILE(SMBcopy);
6473 status = check_name(conn, destname);
6474 if (!NT_STATUS_IS_OK(status)) {
6475 TALLOC_FREE(dir_hnd);
6476 reply_nterror(req, status);
6477 END_PROFILE(SMBcopy);
6481 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
6483 status = copy_file(ctx,conn,fname,destname,ofun,
6484 count,target_is_directory);
6485 if (NT_STATUS_IS_OK(status)) {
6489 TALLOC_FREE(destname);
6491 TALLOC_FREE(dir_hnd);
6496 /* Error on close... */
6498 reply_unixerror(req, ERRHRD, ERRgeneral);
6499 END_PROFILE(SMBcopy);
6503 reply_doserror(req, ERRDOS, error);
6504 END_PROFILE(SMBcopy);
6508 reply_outbuf(req, 1, 0);
6509 SSVAL(req->outbuf,smb_vwv0,count);
6511 END_PROFILE(SMBcopy);
6516 #define DBGC_CLASS DBGC_LOCKING
6518 /****************************************************************************
6519 Get a lock pid, dealing with large count requests.
6520 ****************************************************************************/
6522 uint32 get_lock_pid(const uint8_t *data, int data_offset,
6523 bool large_file_format)
6525 if(!large_file_format)
6526 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6528 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6531 /****************************************************************************
6532 Get a lock count, dealing with large count requests.
6533 ****************************************************************************/
6535 uint64_t get_lock_count(const uint8_t *data, int data_offset,
6536 bool large_file_format)
6540 if(!large_file_format) {
6541 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6544 #if defined(HAVE_LONGLONG)
6545 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6546 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6547 #else /* HAVE_LONGLONG */
6550 * NT4.x seems to be broken in that it sends large file (64 bit)
6551 * lockingX calls even if the CAP_LARGE_FILES was *not*
6552 * negotiated. For boxes without large unsigned ints truncate the
6553 * lock count by dropping the top 32 bits.
6556 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
6557 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6558 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
6559 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
6560 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
6563 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
6564 #endif /* HAVE_LONGLONG */
6570 #if !defined(HAVE_LONGLONG)
6571 /****************************************************************************
6572 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6573 ****************************************************************************/
6575 static uint32 map_lock_offset(uint32 high, uint32 low)
6579 uint32 highcopy = high;
6582 * Try and find out how many significant bits there are in high.
6585 for(i = 0; highcopy; i++)
6589 * We use 31 bits not 32 here as POSIX
6590 * lock offsets may not be negative.
6593 mask = (~0) << (31 - i);
6596 return 0; /* Fail. */
6602 #endif /* !defined(HAVE_LONGLONG) */
6604 /****************************************************************************
6605 Get a lock offset, dealing with large offset requests.
6606 ****************************************************************************/
6608 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
6609 bool large_file_format, bool *err)
6611 uint64_t offset = 0;
6615 if(!large_file_format) {
6616 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
6619 #if defined(HAVE_LONGLONG)
6620 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
6621 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
6622 #else /* HAVE_LONGLONG */
6625 * NT4.x seems to be broken in that it sends large file (64 bit)
6626 * lockingX calls even if the CAP_LARGE_FILES was *not*
6627 * negotiated. For boxes without large unsigned ints mangle the
6628 * lock offset by mapping the top 32 bits onto the lower 32.
6631 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
6632 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6633 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
6636 if((new_low = map_lock_offset(high, low)) == 0) {
6638 return (uint64_t)-1;
6641 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6642 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
6643 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
6644 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
6647 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6648 #endif /* HAVE_LONGLONG */
6654 /****************************************************************************
6655 Reply to a lockingX request.
6656 ****************************************************************************/
6658 void reply_lockingX(struct smb_request *req)
6660 connection_struct *conn = req->conn;
6662 unsigned char locktype;
6663 unsigned char oplocklevel;
6666 uint64_t count = 0, offset = 0;
6670 const uint8_t *data;
6671 bool large_file_format;
6673 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
6675 START_PROFILE(SMBlockingX);
6678 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6679 END_PROFILE(SMBlockingX);
6683 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
6684 locktype = CVAL(req->vwv+3, 0);
6685 oplocklevel = CVAL(req->vwv+3, 1);
6686 num_ulocks = SVAL(req->vwv+6, 0);
6687 num_locks = SVAL(req->vwv+7, 0);
6688 lock_timeout = IVAL(req->vwv+4, 0);
6689 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
6691 if (!check_fsp(conn, req, fsp)) {
6692 END_PROFILE(SMBlockingX);
6698 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
6699 /* we don't support these - and CANCEL_LOCK makes w2k
6700 and XP reboot so I don't really want to be
6701 compatible! (tridge) */
6702 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
6703 END_PROFILE(SMBlockingX);
6707 /* Check if this is an oplock break on a file
6708 we have granted an oplock on.
6710 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
6711 /* Client can insist on breaking to none. */
6712 bool break_to_none = (oplocklevel == 0);
6715 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6716 "for fnum = %d\n", (unsigned int)oplocklevel,
6720 * Make sure we have granted an exclusive or batch oplock on
6724 if (fsp->oplock_type == 0) {
6726 /* The Samba4 nbench simulator doesn't understand
6727 the difference between break to level2 and break
6728 to none from level2 - it sends oplock break
6729 replies in both cases. Don't keep logging an error
6730 message here - just ignore it. JRA. */
6732 DEBUG(5,("reply_lockingX: Error : oplock break from "
6733 "client for fnum = %d (oplock=%d) and no "
6734 "oplock granted on this file (%s).\n",
6735 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
6737 /* if this is a pure oplock break request then don't
6739 if (num_locks == 0 && num_ulocks == 0) {
6740 END_PROFILE(SMBlockingX);
6743 END_PROFILE(SMBlockingX);
6744 reply_doserror(req, ERRDOS, ERRlock);
6749 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
6751 result = remove_oplock(fsp);
6753 result = downgrade_oplock(fsp);
6757 DEBUG(0, ("reply_lockingX: error in removing "
6758 "oplock on file %s\n", fsp->fsp_name));
6759 /* Hmmm. Is this panic justified? */
6760 smb_panic("internal tdb error");
6763 reply_to_oplock_break_requests(fsp);
6765 /* if this is a pure oplock break request then don't send a
6767 if (num_locks == 0 && num_ulocks == 0) {
6768 /* Sanity check - ensure a pure oplock break is not a
6770 if(CVAL(req->vwv+0, 0) != 0xff)
6771 DEBUG(0,("reply_lockingX: Error : pure oplock "
6772 "break is a chained %d request !\n",
6773 (unsigned int)CVAL(req->vwv+0, 0)));
6774 END_PROFILE(SMBlockingX);
6780 * We do this check *after* we have checked this is not a oplock break
6781 * response message. JRA.
6784 release_level_2_oplocks_on_change(fsp);
6787 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
6788 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6789 END_PROFILE(SMBlockingX);
6793 /* Data now points at the beginning of the list
6794 of smb_unlkrng structs */
6795 for(i = 0; i < (int)num_ulocks; i++) {
6796 lock_pid = get_lock_pid( data, i, large_file_format);
6797 count = get_lock_count( data, i, large_file_format);
6798 offset = get_lock_offset( data, i, large_file_format, &err);
6801 * There is no error code marked "stupid client bug".... :-).
6804 END_PROFILE(SMBlockingX);
6805 reply_doserror(req, ERRDOS, ERRnoaccess);
6809 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
6810 "pid %u, file %s\n", (double)offset, (double)count,
6811 (unsigned int)lock_pid, fsp->fsp_name ));
6813 status = do_unlock(smbd_messaging_context(),
6820 if (NT_STATUS_V(status)) {
6821 END_PROFILE(SMBlockingX);
6822 reply_nterror(req, status);
6827 /* Setup the timeout in seconds. */
6829 if (!lp_blocking_locks(SNUM(conn))) {
6833 /* Now do any requested locks */
6834 data += ((large_file_format ? 20 : 10)*num_ulocks);
6836 /* Data now points at the beginning of the list
6837 of smb_lkrng structs */
6839 for(i = 0; i < (int)num_locks; i++) {
6840 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
6841 READ_LOCK:WRITE_LOCK);
6842 lock_pid = get_lock_pid( data, i, large_file_format);
6843 count = get_lock_count( data, i, large_file_format);
6844 offset = get_lock_offset( data, i, large_file_format, &err);
6847 * There is no error code marked "stupid client bug".... :-).
6850 END_PROFILE(SMBlockingX);
6851 reply_doserror(req, ERRDOS, ERRnoaccess);
6855 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
6856 "%u, file %s timeout = %d\n", (double)offset,
6857 (double)count, (unsigned int)lock_pid,
6858 fsp->fsp_name, (int)lock_timeout ));
6860 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
6861 if (lp_blocking_locks(SNUM(conn))) {
6863 /* Schedule a message to ourselves to
6864 remove the blocking lock record and
6865 return the right error. */
6867 if (!blocking_lock_cancel(fsp,
6873 NT_STATUS_FILE_LOCK_CONFLICT)) {
6874 END_PROFILE(SMBlockingX);
6879 ERRcancelviolation));
6883 /* Remove a matching pending lock. */
6884 status = do_lock_cancel(fsp,
6890 bool blocking_lock = lock_timeout ? True : False;
6891 bool defer_lock = False;
6892 struct byte_range_lock *br_lck;
6893 uint32 block_smbpid;
6895 br_lck = do_lock(smbd_messaging_context(),
6906 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
6907 /* Windows internal resolution for blocking locks seems
6908 to be about 200ms... Don't wait for less than that. JRA. */
6909 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
6910 lock_timeout = lp_lock_spin_time();
6915 /* This heuristic seems to match W2K3 very well. If a
6916 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
6917 it pretends we asked for a timeout of between 150 - 300 milliseconds as
6918 far as I can tell. Replacement for do_lock_spin(). JRA. */
6920 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
6921 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
6923 lock_timeout = lp_lock_spin_time();
6926 if (br_lck && defer_lock) {
6928 * A blocking lock was requested. Package up
6929 * this smb into a queued request and push it
6930 * onto the blocking lock queue.
6932 if(push_blocking_lock_request(br_lck,
6943 TALLOC_FREE(br_lck);
6944 END_PROFILE(SMBlockingX);
6949 TALLOC_FREE(br_lck);
6952 if (NT_STATUS_V(status)) {
6953 END_PROFILE(SMBlockingX);
6954 reply_nterror(req, status);
6959 /* If any of the above locks failed, then we must unlock
6960 all of the previous locks (X/Open spec). */
6962 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
6966 * Ensure we don't do a remove on the lock that just failed,
6967 * as under POSIX rules, if we have a lock already there, we
6968 * will delete it (and we shouldn't) .....
6970 for(i--; i >= 0; i--) {
6971 lock_pid = get_lock_pid( data, i, large_file_format);
6972 count = get_lock_count( data, i, large_file_format);
6973 offset = get_lock_offset( data, i, large_file_format,
6977 * There is no error code marked "stupid client
6981 END_PROFILE(SMBlockingX);
6982 reply_doserror(req, ERRDOS, ERRnoaccess);
6986 do_unlock(smbd_messaging_context(),
6993 END_PROFILE(SMBlockingX);
6994 reply_nterror(req, status);
6998 reply_outbuf(req, 2, 0);
7000 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7001 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7003 END_PROFILE(SMBlockingX);
7008 #define DBGC_CLASS DBGC_ALL
7010 /****************************************************************************
7011 Reply to a SMBreadbmpx (read block multiplex) request.
7012 Always reply with an error, if someone has a platform really needs this,
7013 please contact vl@samba.org
7014 ****************************************************************************/
7016 void reply_readbmpx(struct smb_request *req)
7018 START_PROFILE(SMBreadBmpx);
7019 reply_doserror(req, ERRSRV, ERRuseSTD);
7020 END_PROFILE(SMBreadBmpx);
7024 /****************************************************************************
7025 Reply to a SMBreadbs (read block multiplex secondary) request.
7026 Always reply with an error, if someone has a platform really needs this,
7027 please contact vl@samba.org
7028 ****************************************************************************/
7030 void reply_readbs(struct smb_request *req)
7032 START_PROFILE(SMBreadBs);
7033 reply_doserror(req, ERRSRV, ERRuseSTD);
7034 END_PROFILE(SMBreadBs);
7038 /****************************************************************************
7039 Reply to a SMBsetattrE.
7040 ****************************************************************************/
7042 void reply_setattrE(struct smb_request *req)
7044 connection_struct *conn = req->conn;
7045 struct timespec ts[2];
7047 SMB_STRUCT_STAT sbuf;
7050 START_PROFILE(SMBsetattrE);
7053 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7054 END_PROFILE(SMBsetattrE);
7058 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7060 if(!fsp || (fsp->conn != conn)) {
7061 reply_doserror(req, ERRDOS, ERRbadfid);
7062 END_PROFILE(SMBsetattrE);
7068 * Convert the DOS times into unix times. Ignore create
7069 * time as UNIX can't set this.
7072 ts[0] = convert_time_t_to_timespec(
7073 srv_make_unix_date2(req->vwv+3)); /* atime. */
7074 ts[1] = convert_time_t_to_timespec(
7075 srv_make_unix_date2(req->vwv+5)); /* mtime. */
7077 reply_outbuf(req, 0, 0);
7080 * Patch from Ray Frush <frush@engr.colostate.edu>
7081 * Sometimes times are sent as zero - ignore them.
7084 /* Ensure we have a valid stat struct for the source. */
7085 if (fsp->fh->fd != -1) {
7086 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7087 status = map_nt_error_from_unix(errno);
7088 reply_nterror(req, status);
7089 END_PROFILE(SMBsetattrE);
7093 if (SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf) == -1) {
7094 status = map_nt_error_from_unix(errno);
7095 reply_nterror(req, status);
7096 END_PROFILE(SMBsetattrE);
7101 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7103 if (!NT_STATUS_IS_OK(status)) {
7104 reply_doserror(req, ERRDOS, ERRnoaccess);
7105 END_PROFILE(SMBsetattrE);
7109 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u\n",
7111 (unsigned int)ts[0].tv_sec,
7112 (unsigned int)ts[1].tv_sec));
7114 END_PROFILE(SMBsetattrE);
7119 /* Back from the dead for OS/2..... JRA. */
7121 /****************************************************************************
7122 Reply to a SMBwritebmpx (write block multiplex primary) request.
7123 Always reply with an error, if someone has a platform really needs this,
7124 please contact vl@samba.org
7125 ****************************************************************************/
7127 void reply_writebmpx(struct smb_request *req)
7129 START_PROFILE(SMBwriteBmpx);
7130 reply_doserror(req, ERRSRV, ERRuseSTD);
7131 END_PROFILE(SMBwriteBmpx);
7135 /****************************************************************************
7136 Reply to a SMBwritebs (write block multiplex secondary) request.
7137 Always reply with an error, if someone has a platform really needs this,
7138 please contact vl@samba.org
7139 ****************************************************************************/
7141 void reply_writebs(struct smb_request *req)
7143 START_PROFILE(SMBwriteBs);
7144 reply_doserror(req, ERRSRV, ERRuseSTD);
7145 END_PROFILE(SMBwriteBs);
7149 /****************************************************************************
7150 Reply to a SMBgetattrE.
7151 ****************************************************************************/
7153 void reply_getattrE(struct smb_request *req)
7155 connection_struct *conn = req->conn;
7156 SMB_STRUCT_STAT sbuf;
7159 struct timespec create_ts;
7161 START_PROFILE(SMBgetattrE);
7164 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7165 END_PROFILE(SMBgetattrE);
7169 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7171 if(!fsp || (fsp->conn != conn)) {
7172 reply_doserror(req, ERRDOS, ERRbadfid);
7173 END_PROFILE(SMBgetattrE);
7177 /* Do an fstat on this file */
7178 if(fsp_stat(fsp, &sbuf)) {
7179 reply_unixerror(req, ERRDOS, ERRnoaccess);
7180 END_PROFILE(SMBgetattrE);
7184 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7187 * Convert the times into dos times. Set create
7188 * date to be last modify date as UNIX doesn't save
7192 reply_outbuf(req, 11, 0);
7194 create_ts = get_create_timespec(&sbuf,
7195 lp_fake_dir_create_times(SNUM(conn)));
7196 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7197 srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime);
7198 /* Should we check pending modtime here ? JRA */
7199 srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime);
7202 SIVAL(req->outbuf, smb_vwv6, 0);
7203 SIVAL(req->outbuf, smb_vwv8, 0);
7205 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
7206 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size);
7207 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7209 SSVAL(req->outbuf,smb_vwv10, mode);
7211 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7213 END_PROFILE(SMBgetattrE);