/*
Unix SMB/CIFS implementation.
SMB NT transaction handling
- Copyright (C) Jeremy Allison 1994-1998
+ Copyright (C) Jeremy Allison 1994-2007
Copyright (C) Stefan (metze) Metzmacher 2003
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
static char *nttrans_realloc(char **ptr, size_t size)
{
if (ptr==NULL) {
- smb_panic("nttrans_realloc() called with NULL ptr\n");
+ smb_panic("nttrans_realloc() called with NULL ptr");
}
-
+
*ptr = (char *)SMB_REALLOC(*ptr, size);
if(*ptr == NULL) {
return NULL;
HACK ! Always assumes smb_setup field is zero.
****************************************************************************/
-int send_nt_replies(char *outbuf, int bufsize, NTSTATUS nt_error,
- char *params, int paramsize, char *pdata, int datasize)
+void send_nt_replies(struct smb_request *req, NTSTATUS nt_error,
+ char *params, int paramsize,
+ char *pdata, int datasize)
{
int data_to_send = datasize;
int params_to_send = paramsize;
int data_alignment_offset = 0;
/*
- * Initially set the wcnt area to be 18 - this is true for all
- * transNT replies.
- */
-
- set_message(outbuf,18,0,True);
-
- if (NT_STATUS_V(nt_error)) {
- ERROR_NT(nt_error);
- }
-
- /*
* If there genuinely are no parameters or data to send just send
* the empty packet.
*/
if(params_to_send == 0 && data_to_send == 0) {
- show_msg(outbuf);
- if (!send_smb(smbd_server_fd(),outbuf)) {
- exit_server_cleanly("send_nt_replies: send_smb failed.");
- }
- return 0;
+ reply_outbuf(req, 18, 0);
+ show_msg((char *)req->outbuf);
+ return;
}
/*
data_alignment_offset = 4 - (params_to_send % 4);
}
- /*
+ /*
* Space is bufsize minus Netbios over TCP header minus SMB header.
* The alignment_offset is to align the param bytes on a four byte
- * boundary (2 bytes for data len, one byte pad).
+ * boundary (2 bytes for data len, one byte pad).
* NT needs this to work correctly.
*/
- useable_space = bufsize - ((smb_buf(outbuf)+
- alignment_offset+data_alignment_offset) -
- outbuf);
+ useable_space = max_send - (smb_size
+ + 2 * 18 /* wct */
+ + alignment_offset
+ + data_alignment_offset);
/*
* useable_space can never be more than max_send minus the
total_sent_thistime = params_to_send + data_to_send +
alignment_offset + data_alignment_offset;
- /*
+ /*
* We can never send more than useable_space.
*/
total_sent_thistime = MIN(total_sent_thistime, useable_space);
- set_message(outbuf, 18, total_sent_thistime, True);
+ reply_outbuf(req, 18, total_sent_thistime);
/*
* Set total params and data to be sent.
*/
- SIVAL(outbuf,smb_ntr_TotalParameterCount,paramsize);
- SIVAL(outbuf,smb_ntr_TotalDataCount,datasize);
+ SIVAL(req->outbuf,smb_ntr_TotalParameterCount,paramsize);
+ SIVAL(req->outbuf,smb_ntr_TotalDataCount,datasize);
- /*
+ /*
* Calculate how many parameters and data we can fit into
* this packet. Parameters get precedence.
*/
data_sent_thistime = useable_space - params_sent_thistime;
data_sent_thistime = MIN(data_sent_thistime,data_to_send);
- SIVAL(outbuf,smb_ntr_ParameterCount,params_sent_thistime);
+ SIVAL(req->outbuf, smb_ntr_ParameterCount,
+ params_sent_thistime);
if(params_sent_thistime == 0) {
- SIVAL(outbuf,smb_ntr_ParameterOffset,0);
- SIVAL(outbuf,smb_ntr_ParameterDisplacement,0);
+ SIVAL(req->outbuf,smb_ntr_ParameterOffset,0);
+ SIVAL(req->outbuf,smb_ntr_ParameterDisplacement,0);
} else {
/*
* smb_ntr_ParameterOffset is the offset from the start of the SMB header to the
* them from the calculation.
*/
- SIVAL(outbuf,smb_ntr_ParameterOffset,
- ((smb_buf(outbuf)+alignment_offset) - smb_base(outbuf)));
- /*
+ SIVAL(req->outbuf,smb_ntr_ParameterOffset,
+ ((smb_buf(req->outbuf)+alignment_offset)
+ - smb_base(req->outbuf)));
+ /*
* Absolute displacement of param bytes sent in this packet.
*/
- SIVAL(outbuf,smb_ntr_ParameterDisplacement,pp - params);
+ SIVAL(req->outbuf, smb_ntr_ParameterDisplacement,
+ pp - params);
}
/*
* Deal with the data portion.
*/
- SIVAL(outbuf,smb_ntr_DataCount, data_sent_thistime);
+ SIVAL(req->outbuf, smb_ntr_DataCount, data_sent_thistime);
if(data_sent_thistime == 0) {
- SIVAL(outbuf,smb_ntr_DataOffset,0);
- SIVAL(outbuf,smb_ntr_DataDisplacement, 0);
+ SIVAL(req->outbuf,smb_ntr_DataOffset,0);
+ SIVAL(req->outbuf,smb_ntr_DataDisplacement, 0);
} else {
/*
* The offset of the data bytes is the offset of the
* parameter bytes plus the number of parameters being sent this time.
*/
- SIVAL(outbuf,smb_ntr_DataOffset,((smb_buf(outbuf)+alignment_offset) -
- smb_base(outbuf)) + params_sent_thistime + data_alignment_offset);
- SIVAL(outbuf,smb_ntr_DataDisplacement, pd - pdata);
+ SIVAL(req->outbuf, smb_ntr_DataOffset,
+ ((smb_buf(req->outbuf)+alignment_offset) -
+ smb_base(req->outbuf))
+ + params_sent_thistime + data_alignment_offset);
+ SIVAL(req->outbuf,smb_ntr_DataDisplacement, pd - pdata);
}
- /*
+ /*
* Copy the param bytes into the packet.
*/
if(params_sent_thistime) {
- memcpy((smb_buf(outbuf)+alignment_offset),pp,params_sent_thistime);
+ if (alignment_offset != 0) {
+ memset(smb_buf(req->outbuf), 0,
+ alignment_offset);
+ }
+ memcpy((smb_buf(req->outbuf)+alignment_offset), pp,
+ params_sent_thistime);
}
/*
*/
if(data_sent_thistime) {
- memcpy(smb_buf(outbuf)+alignment_offset+params_sent_thistime+
- data_alignment_offset,pd,data_sent_thistime);
+ if (data_alignment_offset != 0) {
+ memset((smb_buf(req->outbuf)+alignment_offset+
+ params_sent_thistime), 0,
+ data_alignment_offset);
+ }
+ memcpy(smb_buf(req->outbuf)+alignment_offset
+ +params_sent_thistime+data_alignment_offset,
+ pd,data_sent_thistime);
}
-
+
DEBUG(9,("nt_rep: params_sent_thistime = %d, data_sent_thistime = %d, useable_space = %d\n",
params_sent_thistime, data_sent_thistime, useable_space));
DEBUG(9,("nt_rep: params_to_send = %d, data_to_send = %d, paramsize = %d, datasize = %d\n",
params_to_send, data_to_send, paramsize, datasize));
-
+
+ if (NT_STATUS_V(nt_error)) {
+ error_packet_set((char *)req->outbuf,
+ 0, 0, nt_error,
+ __LINE__,__FILE__);
+ }
+
/* Send the packet */
- show_msg(outbuf);
- if (!send_smb(smbd_server_fd(),outbuf)) {
+ show_msg((char *)req->outbuf);
+ if (!send_smb(smbd_server_fd(),(char *)req->outbuf)) {
exit_server_cleanly("send_nt_replies: send_smb failed.");
}
-
+
+ TALLOC_FREE(req->outbuf);
+
pp += params_sent_thistime;
pd += data_sent_thistime;
-
+
params_to_send -= params_sent_thistime;
data_to_send -= data_sent_thistime;
if(params_to_send < 0 || data_to_send < 0) {
DEBUG(0,("send_nt_replies failed sanity check pts = %d, dts = %d\n!!!",
params_to_send, data_to_send));
- return -1;
+ return;
}
- }
-
- return 0;
+ }
}
/****************************************************************************
return (strchr_m(fname, ':') != NULL) ? True : False;
}
+struct case_semantics_state {
+ connection_struct *conn;
+ BOOL case_sensitive;
+ BOOL case_preserve;
+ BOOL short_case_preserve;
+};
+
/****************************************************************************
- Save case statics.
+ Restore case semantics.
****************************************************************************/
-
-static BOOL saved_case_sensitive;
-static BOOL saved_case_preserve;
-static BOOL saved_short_case_preserve;
+static int restore_case_semantics(struct case_semantics_state *state)
+{
+ state->conn->case_sensitive = state->case_sensitive;
+ state->conn->case_preserve = state->case_preserve;
+ state->conn->short_case_preserve = state->short_case_preserve;
+ return 0;
+}
/****************************************************************************
Save case semantics.
****************************************************************************/
-
-static void set_posix_case_semantics(connection_struct *conn, uint32 file_attributes)
+static struct case_semantics_state *set_posix_case_semantics(TALLOC_CTX *mem_ctx,
+ connection_struct *conn)
{
- if(!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
- return;
+ struct case_semantics_state *result;
+
+ if (!(result = talloc(mem_ctx, struct case_semantics_state))) {
+ DEBUG(0, ("talloc failed\n"));
+ return NULL;
}
- saved_case_sensitive = conn->case_sensitive;
- saved_case_preserve = conn->case_preserve;
- saved_short_case_preserve = conn->short_case_preserve;
+ result->conn = conn;
+ result->case_sensitive = conn->case_sensitive;
+ result->case_preserve = conn->case_preserve;
+ result->short_case_preserve = conn->short_case_preserve;
/* Set to POSIX. */
conn->case_sensitive = True;
conn->case_preserve = True;
conn->short_case_preserve = True;
-}
-
-/****************************************************************************
- Restore case semantics.
-****************************************************************************/
-static void restore_case_semantics(connection_struct *conn, uint32 file_attributes)
-{
- if(!(file_attributes & FILE_FLAG_POSIX_SEMANTICS)) {
- return;
- }
+ talloc_set_destructor(result, restore_case_semantics);
- conn->case_sensitive = saved_case_sensitive;
- conn->case_preserve = saved_case_preserve;
- conn->short_case_preserve = saved_short_case_preserve;
+ return result;
}
/****************************************************************************
- Reply to an NT create and X call on a pipe.
+ Reply to an NT create and X call on a pipe
****************************************************************************/
-static int nt_open_pipe(char *fname, connection_struct *conn,
- char *inbuf, char *outbuf, int *ppnum)
+static void nt_open_pipe(char *fname, connection_struct *conn,
+ struct smb_request *req, int *ppnum)
{
smb_np_struct *p = NULL;
- uint16 vuid = SVAL(inbuf, smb_uid);
int i;
-
+
DEBUG(4,("nt_open_pipe: Opening pipe %s.\n", fname));
-
+
/* See if it is one we want to handle. */
if (lp_disable_spoolss() && strequal(fname, "\\spoolss")) {
- return(ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpipe));
+ reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
+ ERRDOS, ERRbadpipe);
+ return;
}
for( i = 0; known_nt_pipes[i]; i++ ) {
break;
}
}
-
+
if ( known_nt_pipes[i] == NULL ) {
- return(ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpipe));
+ reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
+ ERRDOS, ERRbadpipe);
+ return;
}
-
+
/* Strip \\ off the name. */
fname++;
-
+
DEBUG(3,("nt_open_pipe: Known pipe %s opening.\n", fname));
- p = open_rpc_pipe_p(fname, conn, vuid);
+ p = open_rpc_pipe_p(fname, conn, req->vuid);
if (!p) {
- return(ERROR_DOS(ERRSRV,ERRnofids));
+ reply_doserror(req, ERRSRV, ERRnofids);
+ return;
}
/* TODO: Add pipe to db */
-
+
if ( !store_pipe_opendb( p ) ) {
DEBUG(3,("nt_open_pipe: failed to store %s pipe open.\n", fname));
}
-
+
*ppnum = p->pnum;
- return 0;
+ return;
}
/****************************************************************************
Reply to an NT create and X call for pipes.
****************************************************************************/
-static int do_ntcreate_pipe_open(connection_struct *conn,
- char *inbuf,char *outbuf,int length,int bufsize)
+static void do_ntcreate_pipe_open(connection_struct *conn,
+ struct smb_request *req)
{
- pstring fname;
- int ret;
+ char *fname = NULL;
int pnum = -1;
char *p = NULL;
+ uint32 flags = IVAL(req->inbuf,smb_ntcreate_Flags);
+ TALLOC_CTX *ctx = talloc_tos();
- srvstr_pull_buf(inbuf, fname, smb_buf(inbuf), sizeof(fname), STR_TERMINATE);
+ srvstr_pull_buf_talloc(ctx, (char *)req->inbuf, req->flags2, &fname,
+ smb_buf(req->inbuf), STR_TERMINATE);
- if ((ret = nt_open_pipe(fname, conn, inbuf, outbuf, &pnum)) != 0) {
- return ret;
+ if (!fname) {
+ reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
+ ERRDOS, ERRbadpipe);
+ return;
+ }
+ nt_open_pipe(fname, conn, req, &pnum);
+
+ if (req->outbuf) {
+ /* error reply */
+ return;
}
/*
* Deal with pipe return.
- */
+ */
- set_message(outbuf,34,0,True);
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ /* This is very strange. We
+ * return 50 words, but only set
+ * the wcnt to 42 ? It's definately
+ * what happens on the wire....
+ */
+ reply_outbuf(req, 50, 0);
+ SCVAL(req->outbuf,smb_wct,42);
+ } else {
+ reply_outbuf(req, 34, 0);
+ }
- p = outbuf + smb_vwv2;
+ p = (char *)req->outbuf + smb_vwv2;
p++;
SSVAL(p,0,pnum);
p += 2;
SSVAL(p,0,FILE_TYPE_MESSAGE_MODE_PIPE);
/* Device state. */
SSVAL(p,2, 0x5FF); /* ? */
+ p += 4;
+
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ p += 25;
+ SIVAL(p,0,FILE_GENERIC_ALL);
+ /*
+ * For pipes W2K3 seems to return
+ * 0x12019B next.
+ * This is ((FILE_GENERIC_READ|FILE_GENERIC_WRITE) & ~FILE_APPEND_DATA)
+ */
+ SIVAL(p,4,(FILE_GENERIC_READ|FILE_GENERIC_WRITE)&~FILE_APPEND_DATA);
+ }
DEBUG(5,("do_ntcreate_pipe_open: open pipe = %s\n", fname));
- return chain_reply(inbuf,outbuf,length,bufsize);
+ chain_reply(req);
}
/****************************************************************************
Reply to an NT create and X call for a quota file.
****************************************************************************/
-int reply_ntcreate_and_X_quota(connection_struct *conn,
- char *inbuf,
- char *outbuf,
- int length,
- int bufsize,
- enum FAKE_FILE_TYPE fake_file_type,
- const char *fname)
+static void reply_ntcreate_and_X_quota(connection_struct *conn,
+ struct smb_request *req,
+ enum FAKE_FILE_TYPE fake_file_type,
+ const char *fname)
{
- int result;
char *p;
- uint32 desired_access = IVAL(inbuf,smb_ntcreate_DesiredAccess);
+ uint32 desired_access = IVAL(req->inbuf,smb_ntcreate_DesiredAccess);
files_struct *fsp;
NTSTATUS status;
&fsp);
if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ return;
}
- set_message(outbuf,34,0,True);
-
- p = outbuf + smb_vwv2;
-
+ reply_outbuf(req, 34, 0);
+
+ p = (char *)req->outbuf + smb_vwv2;
+
/* SCVAL(p,0,NO_OPLOCK_RETURN); */
p++;
SSVAL(p,0,fsp->fnum);
DEBUG(5,("reply_ntcreate_and_X_quota: fnum = %d, open name = %s\n", fsp->fnum, fsp->fsp_name));
- result = chain_reply(inbuf,outbuf,length,bufsize);
- return result;
+ chain_reply(req);
}
/****************************************************************************
Reply to an NT create and X call.
****************************************************************************/
-int reply_ntcreate_and_X(connection_struct *conn,
- char *inbuf,char *outbuf,int length,int bufsize)
-{
- int result;
- pstring fname;
- uint32 flags = IVAL(inbuf,smb_ntcreate_Flags);
- uint32 access_mask = IVAL(inbuf,smb_ntcreate_DesiredAccess);
- uint32 file_attributes = IVAL(inbuf,smb_ntcreate_FileAttributes);
- uint32 share_access = IVAL(inbuf,smb_ntcreate_ShareAccess);
- uint32 create_disposition = IVAL(inbuf,smb_ntcreate_CreateDisposition);
- uint32 create_options = IVAL(inbuf,smb_ntcreate_CreateOptions);
- uint16 root_dir_fid = (uint16)IVAL(inbuf,smb_ntcreate_RootDirectoryFid);
+void reply_ntcreate_and_X(connection_struct *conn,
+ struct smb_request *req)
+{
+ char *fname = NULL;
+ uint32 flags;
+ uint32 access_mask;
+ uint32 file_attributes;
+ uint32 share_access;
+ uint32 create_disposition;
+ uint32 create_options;
+ uint16 root_dir_fid;
+ SMB_BIG_UINT allocation_size;
/* Breakout the oplock request bits so we can set the
reply bits separately. */
int oplock_request = 0;
SMB_OFF_T file_len = 0;
SMB_STRUCT_STAT sbuf;
int info = 0;
- files_struct *fsp=NULL;
+ files_struct *fsp = NULL;
char *p = NULL;
struct timespec c_timespec;
struct timespec a_timespec;
struct timespec m_timespec;
BOOL extended_oplock_granted = False;
NTSTATUS status;
+ struct case_semantics_state *case_state = NULL;
+ TALLOC_CTX *ctx = talloc_tos();
START_PROFILE(SMBntcreateX);
+ if (req->wct < 24) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
+ }
+
+ flags = IVAL(req->inbuf,smb_ntcreate_Flags);
+ access_mask = IVAL(req->inbuf,smb_ntcreate_DesiredAccess);
+ file_attributes = IVAL(req->inbuf,smb_ntcreate_FileAttributes);
+ share_access = IVAL(req->inbuf,smb_ntcreate_ShareAccess);
+ create_disposition = IVAL(req->inbuf,smb_ntcreate_CreateDisposition);
+ create_options = IVAL(req->inbuf,smb_ntcreate_CreateOptions);
+ root_dir_fid = (uint16)IVAL(req->inbuf,smb_ntcreate_RootDirectoryFid);
+
+ allocation_size = (SMB_BIG_UINT)IVAL(req->inbuf,smb_ntcreate_AllocationSize);
+#ifdef LARGE_SMB_OFF_T
+ allocation_size |= (((SMB_BIG_UINT)IVAL(req->inbuf,smb_ntcreate_AllocationSize + 4)) << 32);
+#endif
+
DEBUG(10,("reply_ntcreate_and_X: flags = 0x%x, access_mask = 0x%x "
"file_attributes = 0x%x, share_access = 0x%x, "
"create_disposition = 0x%x create_options = 0x%x "
(unsigned int)create_options,
(unsigned int)root_dir_fid ));
- /* If it's an IPC, use the pipe handler. */
+ /*
+ * If it's an IPC, use the pipe handler.
+ */
if (IS_IPC(conn)) {
if (lp_nt_pipe_support()) {
+ do_ntcreate_pipe_open(conn, req);
END_PROFILE(SMBntcreateX);
- return do_ntcreate_pipe_open(conn,inbuf,outbuf,length,bufsize);
+ return;
} else {
+ reply_doserror(req, ERRDOS, ERRnoaccess);
END_PROFILE(SMBntcreateX);
- return(ERROR_DOS(ERRDOS,ERRnoaccess));
+ return;
}
}
-
+
if (create_options & FILE_OPEN_BY_FILE_ID) {
+ reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+ return;
}
/*
/*
* This filename is relative to a directory fid.
*/
- pstring rel_fname;
- files_struct *dir_fsp = file_fsp(inbuf,smb_ntcreate_RootDirectoryFid);
+ char *rel_fname = NULL;
+ files_struct *dir_fsp = file_fsp(
+ SVAL(req->inbuf, smb_ntcreate_RootDirectoryFid));
size_t dir_name_len;
if(!dir_fsp) {
+ reply_doserror(req, ERRDOS, ERRbadfid);
END_PROFILE(SMBntcreateX);
- return(ERROR_DOS(ERRDOS,ERRbadfid));
+ return;
}
if(!dir_fsp->is_directory) {
- srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
+ srvstr_get_path(ctx, (char *)req->inbuf,
+ req->flags2, &fname,
+ smb_buf(req->inbuf), 0,
+ STR_TERMINATE, &status);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
+ return;
}
- /*
+ /*
* Check to see if this is a mac fork of some kind.
*/
if( is_ntfs_stream_name(fname)) {
+ reply_nterror(
+ req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
+ return;
}
/*
(hint from demyn plantenberg)
*/
+ reply_doserror(req, ERRDOS, ERRbadfid);
END_PROFILE(SMBntcreateX);
- return(ERROR_DOS(ERRDOS,ERRbadfid));
+ return;
}
/*
* Copy in the base directory name.
*/
- pstrcpy( fname, dir_fsp->fsp_name );
- dir_name_len = strlen(fname);
+ dir_name_len = strlen(dir_fsp->fsp_name);
+ fname = TALLOC_SIZE(ctx, dir_name_len+2);
+ if (!fname) {
+ reply_nterror(
+ req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBntcreateX);
+ return;
+ }
+ memcpy(fname, dir_fsp->fsp_name, dir_name_len+1);
/*
- * Ensure it ends in a '\'.
+ * Ensure it ends in a '/'.
+ * We used TALLOC_SIZE +2 to add space for the '/'.
*/
- if(fname[dir_name_len-1] != '\\' && fname[dir_name_len-1] != '/') {
- pstrcat(fname, "/");
+ if(dir_name_len && (fname[dir_name_len-1] != '\\') && (fname[dir_name_len-1] != '/')) {
+ fname[dir_name_len] = '/';
+ fname[dir_name_len+1] = '\0';
dir_name_len++;
}
- srvstr_get_path(inbuf, rel_fname, smb_buf(inbuf), sizeof(rel_fname), 0, STR_TERMINATE, &status);
+ srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &rel_fname,
+ smb_buf(req->inbuf), 0,
+ STR_TERMINATE, &status);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ END_PROFILE(SMBntcreateX);
+ return;
+ }
+ fname = talloc_asprintf(ctx, "%s%s",
+ fname,
+ rel_fname);
+ if (!fname) {
+ reply_nterror(
+ req, NT_STATUS_NO_MEMORY);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
+ return;
}
- pstrcat(fname, rel_fname);
} else {
- srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
+ srvstr_get_path(ctx, (char *)req->inbuf, req->flags2, &fname,
+ smb_buf(req->inbuf), 0,
+ STR_TERMINATE, &status);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
+ return;
}
- /*
+ /*
* Check to see if this is a mac fork of some kind.
*/
* w2k close this file directly after openening
* xp also tries a QUERY_FILE_INFO on the file and then close it
*/
- result = reply_ntcreate_and_X_quota(conn, inbuf, outbuf, length, bufsize,
- fake_file_type, fname);
- END_PROFILE(SMBntcreateX);
- return result;
+ reply_ntcreate_and_X_quota(conn, req,
+ fake_file_type, fname);
} else {
- END_PROFILE(SMBntcreateX);
- return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
+ reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
}
+ END_PROFILE(SMBntcreateX);
+ return;
}
}
-
+
/*
- * Now contruct the smb_open_mode value from the filename,
+ * Now contruct the smb_open_mode value from the filename,
* desired access and the share access.
*/
- RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
+ status = resolve_dfspath(ctx, conn,
+ req->flags2 & FLAGS2_DFS_PATHNAMES,
+ fname,
+ &fname);
+ if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
+ reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ ERRSRV, ERRbadpath);
+ }
+ else {
+ reply_nterror(req, status);
+ }
+ END_PROFILE(SMBntcreateX);
+ return;
+ }
oplock_request = (flags & REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK : 0;
if (oplock_request) {
/*
* Ordinary file or directory.
*/
-
+
/*
* Check if POSIX semantics are wanted.
*/
-
- set_posix_case_semantics(conn, file_attributes);
-
- status = unix_convert(conn, fname, False, NULL, &sbuf);
+
+ if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
+ case_state = set_posix_case_semantics(NULL, conn);
+ file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
+ }
+
+ status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
if (!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, status);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
+ return;
}
/* All file access must go through check_name() */
status = check_name(conn, fname);
if (!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, status);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
+ return;
}
/* This is the correct thing to do (check every time) but can_delete is
if (lp_acl_check_permissions(SNUM(conn))
&& (create_disposition != FILE_CREATE)
&& (share_access & FILE_SHARE_DELETE)
- && (access_mask & DELETE_ACCESS)
- && !can_delete_file_in_directory(conn, fname)) {
- restore_case_semantics(conn, file_attributes);
+ && (access_mask & DELETE_ACCESS)) {
+ if ((dos_mode(conn, fname, &sbuf) & FILE_ATTRIBUTE_READONLY) ||
+ !can_delete_file_in_directory(conn, fname)) {
+ TALLOC_FREE(case_state);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+ END_PROFILE(SMBntcreateX);
+ return;
+ }
+ }
+
+#if 0
+ /* We need to support SeSecurityPrivilege for this. */
+ if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) &&
+ !user_has_privileges(current_user.nt_user_token,
+ &se_security)) {
+ TALLOC_FREE(case_state);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(NT_STATUS_ACCESS_DENIED);
+ return ERROR_NT(NT_STATUS_PRIVILEGE_NOT_HELD);
}
+#endif
- /*
+ /*
* If it's a request for a directory open, deal with it separately.
*/
if(create_options & FILE_DIRECTORY_FILE) {
- oplock_request = 0;
-
+
/* Can't open a temp directory. IFS kit test. */
if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) {
+ TALLOC_FREE(case_state);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ return;
}
- status = open_directory(conn, fname, &sbuf,
+ oplock_request = 0;
+ status = open_directory(conn, req, fname, &sbuf,
access_mask,
share_access,
create_disposition,
create_options,
+ file_attributes,
&info, &fsp);
- restore_case_semantics(conn, file_attributes);
-
- if(!NT_STATUS_IS_OK(status)) {
- if (!use_nt_status() && NT_STATUS_EQUAL(
- status, NT_STATUS_OBJECT_NAME_COLLISION)) {
- status = NT_STATUS_DOS(ERRDOS, ERRfilexists);
- }
- END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
- }
} else {
+
/*
* Ordinary file case.
*/
* before issuing an oplock break request to
* our client. JRA. */
- status = open_file_ntcreate(conn,fname,&sbuf,
+ status = open_file_ntcreate(conn, req, fname, &sbuf,
access_mask,
share_access,
create_disposition,
file_attributes,
oplock_request,
&info, &fsp);
- if (!NT_STATUS_IS_OK(status)) {
- /* We cheat here. There are two cases we
- * care about. One is a directory rename,
- * where the NT client will attempt to
- * open the source directory for
- * DELETE access. Note that when the
- * NT client does this it does *not*
- * set the directory bit in the
- * request packet. This is translated
- * into a read/write open
- * request. POSIX states that any open
- * for write request on a directory
- * will generate an EISDIR error, so
- * we can catch this here and open a
- * pseudo handle that is flagged as a
- * directory. The second is an open
- * for a permissions read only, which
- * we handle in the open_file_stat case. JRA.
- */
- if (NT_STATUS_EQUAL(status,
- NT_STATUS_FILE_IS_A_DIRECTORY)) {
+ /* We cheat here. There are two cases we
+ * care about. One is a directory rename,
+ * where the NT client will attempt to
+ * open the source directory for
+ * DELETE access. Note that when the
+ * NT client does this it does *not*
+ * set the directory bit in the
+ * request packet. This is translated
+ * into a read/write open
+ * request. POSIX states that any open
+ * for write request on a directory
+ * will generate an EISDIR error, so
+ * we can catch this here and open a
+ * pseudo handle that is flagged as a
+ * directory. The second is an open
+ * for a permissions read only, which
+ * we handle in the open_file_stat case. JRA.
+ */
- /*
- * Fail the open if it was explicitly a non-directory file.
- */
+ if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
- if (create_options & FILE_NON_DIRECTORY_FILE) {
- restore_case_semantics(conn, file_attributes);
- END_PROFILE(SMBntcreateX);
- return ERROR_FORCE_NT(NT_STATUS_FILE_IS_A_DIRECTORY);
- }
-
- oplock_request = 0;
- status = open_directory(conn, fname, &sbuf,
- access_mask,
- share_access,
- create_disposition,
- create_options,
- &info, &fsp);
-
- if(!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
- if (!use_nt_status() && NT_STATUS_EQUAL(
- status, NT_STATUS_OBJECT_NAME_COLLISION)) {
- status = NT_STATUS_DOS(ERRDOS, ERRfilexists);
- }
- END_PROFILE(SMBntcreateX);
- return ERROR_NT(status);
- }
- } else {
+ /*
+ * Fail the open if it was explicitly a non-directory
+ * file.
+ */
- restore_case_semantics(conn, file_attributes);
+ if (create_options & FILE_NON_DIRECTORY_FILE) {
+ TALLOC_FREE(case_state);
+ reply_force_nterror(req,
+ NT_STATUS_FILE_IS_A_DIRECTORY);
END_PROFILE(SMBntcreateX);
- if (open_was_deferred(SVAL(inbuf,smb_mid))) {
- /* We have re-scheduled this call. */
- return -1;
- }
- return ERROR_NT(status);
+ return;
}
- }
+
+ oplock_request = 0;
+ status = open_directory(conn, req, fname,
+ &sbuf,
+ access_mask,
+ share_access,
+ create_disposition,
+ create_options,
+ file_attributes,
+ &info, &fsp);
+ }
+ }
+
+ TALLOC_FREE(case_state);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ if (open_was_deferred(req->mid)) {
+ /* We have re-scheduled this call. */
+ END_PROFILE(SMBntcreateX);
+ return;
+ }
+ reply_openerror(req, status);
+ END_PROFILE(SMBntcreateX);
+ return;
}
-
- restore_case_semantics(conn, file_attributes);
-
+
file_len = sbuf.st_size;
fattr = dos_mode(conn,fname,&sbuf);
if(fattr == 0) {
}
if (!fsp->is_directory && (fattr & aDIR)) {
close_file(fsp,ERROR_CLOSE);
+ reply_doserror(req, ERRDOS, ERRnoaccess);
END_PROFILE(SMBntcreateX);
- return ERROR_DOS(ERRDOS,ERRnoaccess);
- }
-
+ return;
+ }
+
/* Save the requested allocation size. */
if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
- SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_ntcreate_AllocationSize);
-#ifdef LARGE_SMB_OFF_T
- allocation_size |= (((SMB_BIG_UINT)IVAL(inbuf,smb_ntcreate_AllocationSize + 4)) << 32);
-#endif
if (allocation_size && (allocation_size > (SMB_BIG_UINT)file_len)) {
fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
if (fsp->is_directory) {
close_file(fsp,ERROR_CLOSE);
- END_PROFILE(SMBntcreateX);
/* Can't set allocation size on a directory. */
- return ERROR_NT(NT_STATUS_ACCESS_DENIED);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+ END_PROFILE(SMBntcreateX);
+ return;
}
if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
close_file(fsp,ERROR_CLOSE);
+ reply_nterror(req, NT_STATUS_DISK_FULL);
END_PROFILE(SMBntcreateX);
- return ERROR_NT(NT_STATUS_DISK_FULL);
+ return;
}
} else {
fsp->initial_allocation_size = smb_roundup(fsp->conn,(SMB_BIG_UINT)file_len);
}
}
- /*
+ /*
* If the caller set the extended oplock request bit
* and we granted one (by whatever means) - set the
* correct bit for extended oplock reply.
*/
-
+
if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
extended_oplock_granted = True;
}
-
+
if(oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
extended_oplock_granted = True;
}
-#if 0
- /* W2K sends back 42 words here ! If we do the same it breaks offline sync. Go figure... ? JRA. */
- set_message(outbuf,42,0,True);
-#else
- set_message(outbuf,34,0,True);
-#endif
-
- p = outbuf + smb_vwv2;
-
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ /* This is very strange. We
+ * return 50 words, but only set
+ * the wcnt to 42 ? It's definately
+ * what happens on the wire....
+ */
+ reply_outbuf(req, 50, 0);
+ SCVAL(req->outbuf,smb_wct,42);
+ } else {
+ reply_outbuf(req, 34, 0);
+ }
+
+ p = (char *)req->outbuf + smb_vwv2;
+
/*
* Currently as we don't support level II oplocks we just report
* exclusive & batch here.
} else {
SCVAL(p,0,NO_OPLOCK_RETURN);
}
-
+
p++;
SSVAL(p,0,fsp->fnum);
p += 2;
SIVAL(p,0,info);
}
p += 4;
-
- /* Create time. */
+
+ /* Create time. */
c_timespec = get_create_timespec(&sbuf,lp_fake_dir_create_times(SNUM(conn)));
a_timespec = get_atimespec(&sbuf);
m_timespec = get_mtimespec(&sbuf);
dos_filetime_timespec(&m_timespec);
}
- put_long_date_timespec(p, c_timespec);
+ put_long_date_timespec(p, c_timespec); /* create time. */
p += 8;
put_long_date_timespec(p, a_timespec); /* access time */
p += 8;
p += 4;
SCVAL(p,0,fsp->is_directory ? 1 : 0);
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ uint32 perms = 0;
+ p += 25;
+ if (fsp->is_directory || can_write_to_file(conn, fname, &sbuf)) {
+ perms = FILE_GENERIC_ALL;
+ } else {
+ perms = FILE_GENERIC_READ|FILE_EXECUTE;
+ }
+ SIVAL(p,0,perms);
+ }
+
DEBUG(5,("reply_ntcreate_and_X: fnum = %d, open name = %s\n", fsp->fnum, fsp->fsp_name));
- result = chain_reply(inbuf,outbuf,length,bufsize);
+ chain_reply(req);
END_PROFILE(SMBntcreateX);
- return result;
+ return;
}
/****************************************************************************
Reply to a NT_TRANSACT_CREATE call to open a pipe.
****************************************************************************/
-static int do_nt_transact_create_pipe( connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count)
+static void do_nt_transact_create_pipe(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup, uint32 setup_count,
+ char **ppparams, uint32 parameter_count,
+ char **ppdata, uint32 data_count)
{
- pstring fname;
+ char *fname = NULL;
char *params = *ppparams;
- int ret;
int pnum = -1;
char *p = NULL;
NTSTATUS status;
+ size_t param_len;
+ uint32 flags;
+ TALLOC_CTX *ctx = talloc_tos();
/*
* Ensure minimum number of parameters sent.
if(parameter_count < 54) {
DEBUG(0,("do_nt_transact_create_pipe - insufficient parameters (%u)\n", (unsigned int)parameter_count));
- return ERROR_DOS(ERRDOS,ERRnoaccess);
+ reply_doserror(req, ERRDOS, ERRnoaccess);
+ return;
}
- srvstr_get_path(inbuf, fname, params+53, sizeof(fname), parameter_count-53, STR_TERMINATE, &status);
+ flags = IVAL(params,0);
+
+ srvstr_get_path(ctx, params, req->flags2, &fname, params+53,
+ parameter_count-53, STR_TERMINATE,
+ &status);
if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ return;
}
- if ((ret = nt_open_pipe(fname, conn, inbuf, outbuf, &pnum)) != 0) {
- return ret;
+ nt_open_pipe(fname, conn, req, &pnum);
+
+ if (req->outbuf) {
+ /* Error return */
+ return;
}
-
+
/* Realloc the size of parameters and data we will return */
- params = nttrans_realloc(ppparams, 69);
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ /* Extended response is 32 more byyes. */
+ param_len = 101;
+ } else {
+ param_len = 69;
+ }
+ params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
-
+
p = params;
SCVAL(p,0,NO_OPLOCK_RETURN);
-
+
p += 2;
SSVAL(p,0,pnum);
p += 2;
SIVAL(p,0,FILE_WAS_OPENED);
p += 8;
-
+
p += 32;
SIVAL(p,0,FILE_ATTRIBUTE_NORMAL); /* File Attributes. */
p += 20;
SSVAL(p,0,FILE_TYPE_MESSAGE_MODE_PIPE);
/* Device state. */
SSVAL(p,2, 0x5FF); /* ? */
-
+ p += 4;
+
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ p += 25;
+ SIVAL(p,0,FILE_GENERIC_ALL);
+ /*
+ * For pipes W2K3 seems to return
+ * 0x12019B next.
+ * This is ((FILE_GENERIC_READ|FILE_GENERIC_WRITE) & ~FILE_APPEND_DATA)
+ */
+ SIVAL(p,4,(FILE_GENERIC_READ|FILE_GENERIC_WRITE)&~FILE_APPEND_DATA);
+ }
+
DEBUG(5,("do_nt_transact_create_pipe: open name = %s\n", fname));
-
+
/* Send the required number of replies */
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 69, *ppdata, 0);
-
- return -1;
+ send_nt_replies(req, NT_STATUS_OK, params, param_len, *ppdata, 0);
+
+ return;
}
/****************************************************************************
prs_struct pd;
SEC_DESC *psd = NULL;
TALLOC_CTX *mem_ctx;
- BOOL ret;
-
+ NTSTATUS status;
+
if (sd_len == 0 || !lp_nt_acl_support(SNUM(fsp->conn))) {
return NT_STATUS_OK;
}
* Setup the prs_struct to point at the memory we just
* allocated.
*/
-
+
prs_give_memory( &pd, data, sd_len, False);
/*
DEBUG(0,("set_sd: Error in unmarshalling security descriptor.\n"));
/*
* Return access denied for want of a better error message..
- */
+ */
talloc_destroy(mem_ctx);
return NT_STATUS_NO_MEMORY;
}
-
+
if (psd->owner_sid==0) {
security_info_sent &= ~OWNER_SECURITY_INFORMATION;
}
if (psd->dacl==0) {
security_info_sent &= ~DACL_SECURITY_INFORMATION;
}
-
- ret = SMB_VFS_FSET_NT_ACL( fsp, fsp->fh->fd, security_info_sent, psd);
-
- if (!ret) {
- talloc_destroy(mem_ctx);
- return NT_STATUS_ACCESS_DENIED;
- }
-
+
+ status = SMB_VFS_FSET_NT_ACL( fsp, fsp->fh->fd, security_info_sent, psd);
+
talloc_destroy(mem_ctx);
-
- return NT_STATUS_OK;
+ return status;
}
/****************************************************************************
Read a list of EA names and data from an incoming data buffer. Create an ea_list with them.
****************************************************************************/
-
+
static struct ea_list *read_nttrans_ea_list(TALLOC_CTX *ctx, const char *pdata, size_t data_size)
{
struct ea_list *ea_list_head = NULL;
}
offset += next_offset;
}
-
+
return ea_list_head;
}
Reply to a NT_TRANSACT_CREATE call (needs to process SD's).
****************************************************************************/
-static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_create(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup, uint32 setup_count,
+ char **ppparams, uint32 parameter_count,
+ char **ppdata, uint32 data_count,
+ uint32 max_data_count)
{
- pstring fname;
+ char *fname = NULL;
char *params = *ppparams;
char *data = *ppdata;
/* Breakout the oplock request bits so we can set the reply bits separately. */
struct timespec a_timespec;
struct timespec m_timespec;
struct ea_list *ea_list = NULL;
- TALLOC_CTX *ctx = NULL;
char *pdata = NULL;
NTSTATUS status;
+ size_t param_len;
+ struct case_semantics_state *case_state = NULL;
+ TALLOC_CTX *ctx = talloc_tos();
DEBUG(5,("call_nt_transact_create\n"));
if (IS_IPC(conn)) {
if (lp_nt_pipe_support()) {
- return do_nt_transact_create_pipe(conn, inbuf, outbuf, length,
- bufsize,
- ppsetup, setup_count,
- ppparams, parameter_count,
- ppdata, data_count);
+ do_nt_transact_create_pipe(
+ conn, req,
+ ppsetup, setup_count,
+ ppparams, parameter_count,
+ ppdata, data_count);
+ return;
} else {
- return ERROR_DOS(ERRDOS,ERRnoaccess);
+ reply_doserror(req, ERRDOS, ERRnoaccess);
+ return;
}
}
if(parameter_count < 54) {
DEBUG(0,("call_nt_transact_create - insufficient parameters (%u)\n", (unsigned int)parameter_count));
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
flags = IVAL(params,0);
(ea_len + sd_len < ea_len) || (ea_len + sd_len < sd_len)) {
DEBUG(10,("call_nt_transact_create - ea_len = %u, sd_len = %u, data_count = %u\n",
(unsigned int)ea_len, (unsigned int)sd_len, (unsigned int)data_count ));
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
if (ea_len) {
if (!lp_ea_support(SNUM(conn))) {
DEBUG(10,("call_nt_transact_create - ea_len = %u but EA's not supported.\n",
(unsigned int)ea_len ));
- return ERROR_NT(NT_STATUS_EAS_NOT_SUPPORTED);
+ reply_nterror(req, NT_STATUS_EAS_NOT_SUPPORTED);
+ return;
}
if (ea_len < 10) {
DEBUG(10,("call_nt_transact_create - ea_len = %u - too small (should be more than 10)\n",
(unsigned int)ea_len ));
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
}
if (create_options & FILE_OPEN_BY_FILE_ID) {
- return ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+ reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
+ return;
}
/*
/*
* This filename is relative to a directory fid.
*/
- files_struct *dir_fsp = file_fsp(params,4);
+ char *tmpname = NULL;
+ files_struct *dir_fsp = file_fsp(SVAL(params,4));
size_t dir_name_len;
if(!dir_fsp) {
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ reply_doserror(req, ERRDOS, ERRbadfid);
+ return;
}
if(!dir_fsp->is_directory) {
- srvstr_get_path(inbuf, fname, params+53, sizeof(fname), parameter_count-53, STR_TERMINATE, &status);
+ srvstr_get_path(ctx, params, req->flags2, &fname,
+ params+53,
+ parameter_count-53, STR_TERMINATE,
+ &status);
if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ return;
}
/*
*/
if( is_ntfs_stream_name(fname)) {
- return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
+ reply_nterror(req,
+ NT_STATUS_OBJECT_PATH_NOT_FOUND);
+ return;
}
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ reply_doserror(req, ERRDOS, ERRbadfid);
+ return;
}
/*
* Copy in the base directory name.
*/
- pstrcpy( fname, dir_fsp->fsp_name );
- dir_name_len = strlen(fname);
+ dir_name_len = strlen(dir_fsp->fsp_name);
+ fname = TALLOC_SIZE(ctx, dir_name_len+2);
+ if (!fname) {
+ reply_nterror(
+ req, NT_STATUS_NO_MEMORY);
+ END_PROFILE(SMBntcreateX);
+ return;
+ }
+ memcpy(fname, dir_fsp->fsp_name, dir_name_len+1);
/*
- * Ensure it ends in a '\'.
+ * Ensure it ends in a '/'.
+ * We used TALLOC_SIZE +2 to add space for the '/'.
*/
- if((fname[dir_name_len-1] != '\\') && (fname[dir_name_len-1] != '/')) {
- pstrcat(fname, "/");
+ if(dir_name_len && (fname[dir_name_len-1] != '\\') && (fname[dir_name_len-1] != '/')) {
+ fname[dir_name_len] = '/';
+ fname[dir_name_len+1] = '\0';
dir_name_len++;
}
- {
- pstring tmpname;
- srvstr_get_path(inbuf, tmpname, params+53, sizeof(tmpname), parameter_count-53, STR_TERMINATE, &status);
- if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
- }
- pstrcat(fname, tmpname);
+ srvstr_get_path(ctx, params, req->flags2, &tmpname,
+ params+53,
+ parameter_count-53, STR_TERMINATE,
+ &status);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ return;
+ }
+ fname = talloc_asprintf(ctx, "%s%s",
+ fname,
+ tmpname);
+ if (!fname) {
+ reply_nterror(
+ req, NT_STATUS_NO_MEMORY);
+ return;
}
} else {
- srvstr_get_path(inbuf, fname, params+53, sizeof(fname), parameter_count-53, STR_TERMINATE, &status);
+ srvstr_get_path(ctx, params, req->flags2, &fname, params+53,
+ parameter_count-53,
+ STR_TERMINATE, &status);
if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ return;
}
/*
*/
if( is_ntfs_stream_name(fname)) {
- return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
+ reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
+ return;
}
}
oplock_request = (flags & REQUEST_OPLOCK) ? EXCLUSIVE_OPLOCK : 0;
- oplock_request |= (flags & REQUEST_BATCH_OPLOCK) ? BATCH_OPLOCK : 0;
+ if (oplock_request) {
+ oplock_request |= (flags & REQUEST_BATCH_OPLOCK) ? BATCH_OPLOCK : 0;
+ }
+
+ /*
+ * Ordinary file or directory.
+ */
/*
* Check if POSIX semantics are wanted.
*/
- set_posix_case_semantics(conn, file_attributes);
-
- RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
+ if (file_attributes & FILE_FLAG_POSIX_SEMANTICS) {
+ case_state = set_posix_case_semantics(NULL, conn);
+ file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
+ }
- status = unix_convert(conn, fname, False, NULL, &sbuf);
+ status = resolve_dfspath(ctx, conn,
+ req->flags2 & FLAGS2_DFS_PATHNAMES,
+ fname,
+ &fname);
if (!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(status);
+ TALLOC_FREE(case_state);
+ if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
+ reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ ERRSRV, ERRbadpath);
+ return;
+ }
+ reply_nterror(req, status);
+ return;
+ }
+
+ status = unix_convert(conn, fname, False, &fname, NULL, &sbuf);
+ if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(case_state);
+ reply_nterror(req, status);
+ return;
}
/* All file access must go through check_name() */
status = check_name(conn, fname);
if (!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(status);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, status);
+ return;
}
-
+
/* This is the correct thing to do (check every time) but can_delete is
expensive (it may have to read the parent directory permissions). So
for now we're not doing it unless we have a strong hint the client
if (lp_acl_check_permissions(SNUM(conn))
&& (create_disposition != FILE_CREATE)
&& (share_access & FILE_SHARE_DELETE)
- && (access_mask & DELETE_ACCESS)
- && !can_delete_file_in_directory(conn, fname)) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(NT_STATUS_ACCESS_DENIED);
+ && (access_mask & DELETE_ACCESS)) {
+ if ((dos_mode(conn, fname, &sbuf) & FILE_ATTRIBUTE_READONLY) ||
+ !can_delete_file_in_directory(conn, fname)) {
+ TALLOC_FREE(case_state);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+ return;
+ }
+ }
+
+#if 0
+ /* We need to support SeSecurityPrivilege for this. */
+ if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY) &&
+ !user_has_privileges(current_user.nt_user_token,
+ &se_security)) {
+ TALLOC_FREE(case_state);
+ reply_nterror(req, NT_STATUS_PRIVILEGE_NOT_HELD);
+ return;
}
+#endif
if (ea_len) {
pdata = data + sd_len;
/* We have already checked that ea_len <= data_count here. */
- ea_list = read_nttrans_ea_list(tmp_talloc_ctx(), pdata,
+ ea_list = read_nttrans_ea_list(talloc_tos(), pdata,
ea_len);
if (!ea_list ) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
}
/* Can't open a temp directory. IFS kit test. */
if (file_attributes & FILE_ATTRIBUTE_TEMPORARY) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
- oplock_request = 0;
-
/*
* We will get a create directory here if the Win32
* app specified a security descriptor in the
* CreateDirectory() call.
*/
- status = open_directory(conn, fname, &sbuf,
+ oplock_request = 0;
+ status = open_directory(conn, req, fname, &sbuf,
access_mask,
share_access,
create_disposition,
create_options,
+ file_attributes,
&info, &fsp);
- if(!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(status);
- }
-
} else {
/*
* Ordinary file case.
*/
- status = open_file_ntcreate(conn,fname,&sbuf,
+ status = open_file_ntcreate(conn,req,fname,&sbuf,
access_mask,
share_access,
create_disposition,
oplock_request,
&info, &fsp);
- if (!NT_STATUS_IS_OK(status)) {
- if (NT_STATUS_EQUAL(status,
- NT_STATUS_FILE_IS_A_DIRECTORY)) {
+ if (NT_STATUS_EQUAL(status, NT_STATUS_FILE_IS_A_DIRECTORY)) {
- /*
- * Fail the open if it was explicitly a non-directory file.
- */
+ /*
+ * Fail the open if it was explicitly a non-directory file.
+ */
- if (create_options & FILE_NON_DIRECTORY_FILE) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_FORCE_NT(NT_STATUS_FILE_IS_A_DIRECTORY);
- }
-
- oplock_request = 0;
- status = open_directory(conn, fname, &sbuf,
- access_mask,
- share_access,
- create_disposition,
- create_options,
- &info, &fsp);
- if(!NT_STATUS_IS_OK(status)) {
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(status);
- }
- } else {
- restore_case_semantics(conn, file_attributes);
- if (open_was_deferred(SVAL(inbuf,smb_mid))) {
- /* We have re-scheduled this call. */
- return -1;
- }
- return ERROR_NT(status);
+ if (create_options & FILE_NON_DIRECTORY_FILE) {
+ TALLOC_FREE(case_state);
+ reply_force_nterror(
+ req,
+ NT_STATUS_FILE_IS_A_DIRECTORY);
+ return;
}
- }
+
+ oplock_request = 0;
+ status = open_directory(conn, req, fname,
+ &sbuf,
+ access_mask,
+ share_access,
+ create_disposition,
+ create_options,
+ file_attributes,
+ &info, &fsp);
+ }
+ }
+
+ TALLOC_FREE(case_state);
+
+ if(!NT_STATUS_IS_OK(status)) {
+ if (open_was_deferred(req->mid)) {
+ /* We have re-scheduled this call. */
+ return;
+ }
+ reply_openerror(req, status);
+ return;
}
/*
* According to the MS documentation, the only time the security
* descriptor is applied to the opened file is iff we *created* the
* file; an existing file stays the same.
- *
+ *
* Also, it seems (from observation) that you can open the file with
* any access mask but you can still write the sd. We need to override
* the granted access before we call set_sd
status = set_sd( fsp, data, sd_len, ALL_SECURITY_INFORMATION);
if (!NT_STATUS_IS_OK(status)) {
- talloc_destroy(ctx);
close_file(fsp,ERROR_CLOSE);
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(status);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, status);
+ return;
}
fsp->access_mask = saved_access_mask;
}
-
+
if (ea_len && (info == FILE_WAS_CREATED)) {
status = set_ea(conn, fsp, fname, ea_list);
if (!NT_STATUS_IS_OK(status)) {
close_file(fsp,ERROR_CLOSE);
- restore_case_semantics(conn, file_attributes);
- return ERROR_NT(status);
+ TALLOC_FREE(case_state);
+ reply_nterror(req, status);
+ return;
}
}
- restore_case_semantics(conn, file_attributes);
+ TALLOC_FREE(case_state);
file_len = sbuf.st_size;
fattr = dos_mode(conn,fname,&sbuf);
}
if (!fsp->is_directory && (fattr & aDIR)) {
close_file(fsp,ERROR_CLOSE);
- return ERROR_DOS(ERRDOS,ERRnoaccess);
- }
-
+ reply_doserror(req, ERRDOS, ERRnoaccess);
+ return;
+ }
+
/* Save the requested allocation size. */
if ((info == FILE_WAS_CREATED) || (info == FILE_WAS_OVERWRITTEN)) {
SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(params,12);
if (fsp->is_directory) {
close_file(fsp,ERROR_CLOSE);
/* Can't set allocation size on a directory. */
- return ERROR_NT(NT_STATUS_ACCESS_DENIED);
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
+ return;
}
if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
close_file(fsp,ERROR_CLOSE);
- return ERROR_NT(NT_STATUS_DISK_FULL);
+ reply_nterror(req, NT_STATUS_DISK_FULL);
+ return;
}
} else {
fsp->initial_allocation_size = smb_roundup(fsp->conn, (SMB_BIG_UINT)file_len);
}
}
- /*
+ /*
* If the caller set the extended oplock request bit
* and we granted one (by whatever means) - set the
* correct bit for extended oplock reply.
*/
-
+
if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
extended_oplock_granted = True;
}
-
+
if(oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
extended_oplock_granted = True;
}
/* Realloc the size of parameters and data we will return */
- params = nttrans_realloc(ppparams, 69);
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ /* Extended response is 32 more byyes. */
+ param_len = 101;
+ } else {
+ param_len = 69;
+ }
+ params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
p = params;
} else {
SCVAL(p,0,NO_OPLOCK_RETURN);
}
-
+
p += 2;
SSVAL(p,0,fsp->fnum);
p += 2;
p += 4;
SCVAL(p,0,fsp->is_directory ? 1 : 0);
+ if (flags & EXTENDED_RESPONSE_REQUIRED) {
+ uint32 perms = 0;
+ p += 25;
+ if (fsp->is_directory || can_write_to_file(conn, fname, &sbuf)) {
+ perms = FILE_GENERIC_ALL;
+ } else {
+ perms = FILE_GENERIC_READ|FILE_EXECUTE;
+ }
+ SIVAL(p,0,perms);
+ }
+
DEBUG(5,("call_nt_transact_create: open name = %s\n", fname));
/* Send the required number of replies */
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 69, *ppdata, 0);
+ send_nt_replies(req, NT_STATUS_OK, params, param_len, *ppdata, 0);
- return -1;
+ return;
}
/****************************************************************************
conn POINTER CAN BE NULL HERE !
****************************************************************************/
-int reply_ntcancel(connection_struct *conn,
- char *inbuf,char *outbuf,int length,int bufsize)
+void reply_ntcancel(connection_struct *conn, struct smb_request *req)
{
/*
* Go through and cancel any pending change notifies.
*/
-
- int mid = SVAL(inbuf,smb_mid);
+
START_PROFILE(SMBntcancel);
- remove_pending_change_notify_requests_by_mid(mid);
- remove_pending_lock_requests_by_mid(mid);
- srv_cancel_sign_response(mid);
-
- DEBUG(3,("reply_ntcancel: cancel called on mid = %d.\n", mid));
+ remove_pending_change_notify_requests_by_mid(req->mid);
+ remove_pending_lock_requests_by_mid(req->mid);
+ srv_cancel_sign_response(req->mid);
+
+ DEBUG(3,("reply_ntcancel: cancel called on mid = %d.\n", req->mid));
END_PROFILE(SMBntcancel);
- return(-1);
+ return;
}
/****************************************************************************
Copy a file.
****************************************************************************/
-static NTSTATUS copy_internals(connection_struct *conn, char *oldname, char *newname, uint32 attrs)
+static NTSTATUS copy_internals(connection_struct *conn,
+ struct smb_request *req,
+ const char *oldname_in,
+ const char *newname_in,
+ uint32 attrs)
{
SMB_STRUCT_STAT sbuf1, sbuf2;
- pstring last_component_oldname;
- pstring last_component_newname;
+ char *oldname = NULL;
+ char *newname = NULL;
+ char *last_component_oldname = NULL;
+ char *last_component_newname = NULL;
files_struct *fsp1,*fsp2;
uint32 fattr;
int info;
SMB_OFF_T ret=-1;
- int close_ret;
NTSTATUS status = NT_STATUS_OK;
ZERO_STRUCT(sbuf1);
return NT_STATUS_MEDIA_WRITE_PROTECTED;
}
- status = unix_convert(conn, oldname, False, last_component_oldname, &sbuf1);
+ status = unix_convert(conn, oldname_in, False, &oldname,
+ &last_component_oldname, &sbuf1);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- /* Source must already exist. */
- if (!VALID_STAT(sbuf1)) {
- return NT_STATUS_OBJECT_NAME_NOT_FOUND;
- }
status = check_name(conn, oldname);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
+ /* Source must already exist. */
+ if (!VALID_STAT(sbuf1)) {
+ return NT_STATUS_OBJECT_NAME_NOT_FOUND;
+ }
/* Ensure attributes match. */
fattr = dos_mode(conn,oldname,&sbuf1);
if ((fattr & ~attrs) & (aHIDDEN | aSYSTEM)) {
return NT_STATUS_NO_SUCH_FILE;
}
- status = unix_convert(conn, newname, False, last_component_newname, &sbuf2);
+ status = unix_convert(conn, newname_in, False, &newname,
+ &last_component_newname, &sbuf2);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- /* Disallow if newname already exists. */
- if (VALID_STAT(sbuf2)) {
- return NT_STATUS_OBJECT_NAME_COLLISION;
- }
-
status = check_name(conn, newname);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
+ /* Disallow if newname already exists. */
+ if (VALID_STAT(sbuf2)) {
+ return NT_STATUS_OBJECT_NAME_COLLISION;
+ }
+
/* No links from a directory. */
if (S_ISDIR(sbuf1.st_mode)) {
return NT_STATUS_FILE_IS_A_DIRECTORY;
}
/* Ensure this is within the share. */
- status = reduce_name(conn, oldname);
+ status = check_reduced_name(conn, oldname);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
- DEBUG(10,("copy_internals: doing file copy %s to %s\n", oldname, newname));
+ DEBUG(10,("copy_internals: doing file copy %s to %s\n",
+ oldname, newname));
- status = open_file_ntcreate(conn,oldname,&sbuf1,
+ status = open_file_ntcreate(conn, req, oldname, &sbuf1,
FILE_READ_DATA, /* Read-only. */
FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_OPEN,
return status;
}
- status = open_file_ntcreate(conn,newname,&sbuf2,
+ status = open_file_ntcreate(conn, req, newname, &sbuf2,
FILE_WRITE_DATA, /* Read-only. */
FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE,
FILE_CREATE,
close_file(fsp1,NORMAL_CLOSE);
/* Ensure the modtime is set correctly on the destination file. */
- fsp_set_pending_modtime(fsp2, sbuf1.st_mtime);
+ fsp_set_pending_modtime(fsp2, get_mtimespec(&sbuf1));
- close_ret = close_file(fsp2,NORMAL_CLOSE);
+ status = close_file(fsp2,NORMAL_CLOSE);
/* Grrr. We have to do this as open_file_ntcreate adds aARCH when it
creates the file. This isn't the correct thing to do in the copy
return NT_STATUS_DISK_FULL;
}
- if (close_ret != 0) {
- status = map_nt_error_from_unix(close_ret);
+ if (!NT_STATUS_IS_OK(status)) {
DEBUG(3,("copy_internals: Error %s copy file %s to %s\n",
nt_errstr(status), oldname, newname));
}
Reply to a NT rename request.
****************************************************************************/
-int reply_ntrename(connection_struct *conn,
- char *inbuf,char *outbuf,int length,int bufsize)
+void reply_ntrename(connection_struct *conn, struct smb_request *req)
{
- int outsize = 0;
- pstring oldname;
- pstring newname;
+ char *oldname = NULL;
+ char *newname = NULL;
char *p;
NTSTATUS status;
- BOOL path1_contains_wcard = False;
- BOOL path2_contains_wcard = False;
- uint32 attrs = SVAL(inbuf,smb_vwv0);
- uint16 rename_type = SVAL(inbuf,smb_vwv1);
+ BOOL src_has_wcard = False;
+ BOOL dest_has_wcard = False;
+ uint32 attrs;
+ uint16 rename_type;
+ TALLOC_CTX *ctx = talloc_tos();
START_PROFILE(SMBntrename);
- p = smb_buf(inbuf) + 1;
- p += srvstr_get_path_wcard(inbuf, oldname, p, sizeof(oldname), 0, STR_TERMINATE, &status, &path1_contains_wcard);
+ if (req->wct < 4) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ END_PROFILE(SMBntrename);
+ return;
+ }
+
+ attrs = SVAL(req->inbuf,smb_vwv0);
+ rename_type = SVAL(req->inbuf,smb_vwv1);
+
+ p = smb_buf(req->inbuf) + 1;
+ p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &oldname, p,
+ 0, STR_TERMINATE, &status,
+ &src_has_wcard);
if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
END_PROFILE(SMBntrename);
- return ERROR_NT(status);
+ return;
}
if( is_ntfs_stream_name(oldname)) {
/* Can't rename a stream. */
+ reply_nterror(req, NT_STATUS_ACCESS_DENIED);
END_PROFILE(SMBntrename);
- return ERROR_NT(NT_STATUS_ACCESS_DENIED);
+ return;
}
if (ms_has_wild(oldname)) {
+ reply_nterror(req, NT_STATUS_OBJECT_PATH_SYNTAX_BAD);
END_PROFILE(SMBntrename);
- return ERROR_NT(NT_STATUS_OBJECT_PATH_SYNTAX_BAD);
+ return;
}
p++;
- p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path2_contains_wcard);
+ p += srvstr_get_path_wcard(ctx, (char *)req->inbuf, req->flags2, &newname, p,
+ 0, STR_TERMINATE, &status,
+ &dest_has_wcard);
+ if (!NT_STATUS_IS_OK(status)) {
+ reply_nterror(req, status);
+ END_PROFILE(SMBntrename);
+ return;
+ }
+
+ status = resolve_dfspath(ctx, conn,
+ req->flags2 & FLAGS2_DFS_PATHNAMES,
+ oldname,
+ &oldname);
if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
+ reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ ERRSRV, ERRbadpath);
+ END_PROFILE(SMBntrename);
+ return;
+ }
+ reply_nterror(req, status);
END_PROFILE(SMBntrename);
- return ERROR_NT(status);
+ return;
}
-
- RESOLVE_DFSPATH(oldname, conn, inbuf, outbuf);
- RESOLVE_DFSPATH(newname, conn, inbuf, outbuf);
-
+
+ status = resolve_dfspath(ctx, conn,
+ req->flags2 & FLAGS2_DFS_PATHNAMES,
+ newname,
+ &newname);
+ if (!NT_STATUS_IS_OK(status)) {
+ if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
+ reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
+ ERRSRV, ERRbadpath);
+ END_PROFILE(SMBntrename);
+ return;
+ }
+ reply_nterror(req, status);
+ END_PROFILE(SMBntrename);
+ return;
+ }
+
DEBUG(3,("reply_ntrename : %s -> %s\n",oldname,newname));
-
+
switch(rename_type) {
case RENAME_FLAG_RENAME:
- status = rename_internals(conn, oldname, newname, attrs, False, path1_contains_wcard);
+ status = rename_internals(ctx, conn, req, oldname,
+ newname, attrs, False, src_has_wcard,
+ dest_has_wcard);
break;
case RENAME_FLAG_HARD_LINK:
- if (path1_contains_wcard || path2_contains_wcard) {
+ if (src_has_wcard || dest_has_wcard) {
/* No wildcards. */
status = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
} else {
- status = hardlink_internals(conn, oldname, newname);
+ status = hardlink_internals(conn,
+ oldname,
+ newname);
}
break;
case RENAME_FLAG_COPY:
- if (path1_contains_wcard || path2_contains_wcard) {
+ if (src_has_wcard || dest_has_wcard) {
/* No wildcards. */
status = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
} else {
- status = copy_internals(conn, oldname, newname, attrs);
+ status = copy_internals(conn, req, oldname,
+ newname, attrs);
}
break;
case RENAME_FLAG_MOVE_CLUSTER_INFORMATION:
}
if (!NT_STATUS_IS_OK(status)) {
- END_PROFILE(SMBntrename);
- if (open_was_deferred(SVAL(inbuf,smb_mid))) {
+ if (open_was_deferred(req->mid)) {
/* We have re-scheduled this call. */
- return -1;
+ END_PROFILE(SMBntrename);
+ return;
}
- return ERROR_NT(status);
+
+ reply_nterror(req, status);
+ END_PROFILE(SMBntrename);
+ return;
}
- /*
- * Win2k needs a changenotify request response before it will
- * update after a rename..
- */
- process_pending_change_notify_queue((time_t)0);
- outsize = set_message(outbuf,0,0,False);
-
+ reply_outbuf(req, 0, 0);
+
END_PROFILE(SMBntrename);
- return(outsize);
+ return;
}
/****************************************************************************
- Reply to a notify change - queue the request and
+ Reply to a notify change - queue the request and
don't allow a directory to be opened.
****************************************************************************/
-static int call_nt_transact_notify_change(connection_struct *conn, char *inbuf,
- char *outbuf, int length,
- int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams,
- uint32 parameter_count,
- char **ppdata, uint32 data_count,
- uint32 max_data_count,
- uint32 max_param_count)
+static void call_nt_transact_notify_change(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup,
+ uint32 setup_count,
+ char **ppparams,
+ uint32 parameter_count,
+ char **ppdata, uint32 data_count,
+ uint32 max_data_count,
+ uint32 max_param_count)
{
uint16 *setup = *ppsetup;
files_struct *fsp;
uint32 filter;
NTSTATUS status;
+ BOOL recursive;
if(setup_count < 6) {
- return ERROR_DOS(ERRDOS,ERRbadfunc);
+ reply_doserror(req, ERRDOS, ERRbadfunc);
+ return;
}
- fsp = file_fsp((char *)setup,4);
+ fsp = file_fsp(SVAL(setup,4));
filter = IVAL(setup, 0);
+ recursive = (SVAL(setup, 6) != 0) ? True : False;
DEBUG(3,("call_nt_transact_notify_change\n"));
if(!fsp) {
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ reply_doserror(req, ERRDOS, ERRbadfid);
+ return;
}
- DEBUG(3,("call_nt_transact_notify_change: notify change called on "
- "directory name = %s\n", fsp->fsp_name ));
+ {
+ char *filter_string;
+
+ if (!(filter_string = notify_filter_string(NULL, filter))) {
+ reply_nterror(req,NT_STATUS_NO_MEMORY);
+ return;
+ }
+
+ DEBUG(3,("call_nt_transact_notify_change: notify change "
+ "called on %s, filter = %s, recursive = %d\n",
+ fsp->fsp_name, filter_string, recursive));
+
+ TALLOC_FREE(filter_string);
+ }
if((!fsp->is_directory) || (conn != fsp->conn)) {
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
if (fsp->notify == NULL) {
- if (!(fsp->notify = TALLOC_ZERO_P(
- NULL, struct notify_change_buf))) {
- return ERROR_NT(NT_STATUS_NO_MEMORY);
+
+ status = change_notify_create(fsp, filter, recursive);
+
+ if (!NT_STATUS_IS_OK(status)) {
+ DEBUG(10, ("change_notify_create returned %s\n",
+ nt_errstr(status)));
+ reply_nterror(req, status);
+ return;
}
}
- if (fsp->notify->num_changes > 0) {
+ if (fsp->notify->num_changes != 0) {
/*
* We've got changes pending, respond immediately
* here.
*/
- SMB_ASSERT(fsp->notify->requests == NULL);
-
- change_notify_reply(inbuf, max_param_count,
- fsp->notify->num_changes,
- fsp->notify->changes);
-
- TALLOC_FREE(fsp->notify->changes);
- fsp->notify->num_changes = 0;
+ change_notify_reply(req->inbuf, max_param_count, fsp->notify);
/*
* change_notify_reply() above has independently sent its
* results
*/
- return -1;
+ return;
}
/*
* No changes pending, queue the request
*/
- status = change_notify_add_request(inbuf, max_param_count, filter,
- fsp);
+ status = change_notify_add_request(req->inbuf, max_param_count, filter,
+ recursive, fsp);
if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
+ reply_nterror(req, status);
}
-
- return -1;
+ return;
}
/****************************************************************************
Reply to an NT transact rename command.
****************************************************************************/
-static int call_nt_transact_rename(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_rename(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup, uint32 setup_count,
+ char **ppparams, uint32 parameter_count,
+ char **ppdata, uint32 data_count,
+ uint32 max_data_count)
{
char *params = *ppparams;
- pstring new_name;
+ char *new_name = NULL;
files_struct *fsp = NULL;
BOOL replace_if_exists = False;
- BOOL path_contains_wcard = False;
+ BOOL dest_has_wcard = False;
NTSTATUS status;
+ TALLOC_CTX *ctx = talloc_tos();
if(parameter_count < 5) {
- return ERROR_DOS(ERRDOS,ERRbadfunc);
+ reply_doserror(req, ERRDOS, ERRbadfunc);
+ return;
}
- fsp = file_fsp(params, 0);
+ fsp = file_fsp(SVAL(params, 0));
replace_if_exists = (SVAL(params,2) & RENAME_REPLACE_IF_EXISTS) ? True : False;
- CHECK_FSP(fsp, conn);
- srvstr_get_path_wcard(inbuf, new_name, params+4, sizeof(new_name), parameter_count - 4, STR_TERMINATE, &status, &path_contains_wcard);
+ if (!check_fsp(conn, req, fsp, ¤t_user)) {
+ return;
+ }
+ srvstr_get_path_wcard(ctx, params, req->flags2, &new_name, params+4,
+ parameter_count - 4,
+ STR_TERMINATE, &status, &dest_has_wcard);
if (!NT_STATUS_IS_OK(status)) {
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ return;
}
- status = rename_internals(conn, fsp->fsp_name,
- new_name, 0, replace_if_exists, path_contains_wcard);
+ status = rename_internals(ctx,
+ conn,
+ req,
+ fsp->fsp_name,
+ new_name,
+ 0,
+ replace_if_exists,
+ False,
+ dest_has_wcard);
if (!NT_STATUS_IS_OK(status)) {
- if (open_was_deferred(SVAL(inbuf,smb_mid))) {
+ if (open_was_deferred(req->mid)) {
/* We have re-scheduled this call. */
- return -1;
+ return;
}
- return ERROR_NT(status);
+ reply_nterror(req, status);
+ return;
}
/*
* Rename was successful.
*/
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
-
- DEBUG(3,("nt transact rename from = %s, to = %s succeeded.\n",
+ send_nt_replies(req, NT_STATUS_OK, NULL, 0, NULL, 0);
+
+ DEBUG(3,("nt transact rename from = %s, to = %s succeeded.\n",
fsp->fsp_name, new_name));
-
- /*
- * Win2k needs a changenotify request response before it will
- * update after a rename..
- */
-
- process_pending_change_notify_queue((time_t)0);
- return -1;
+ return;
}
/******************************************************************************
Reply to query a security descriptor.
****************************************************************************/
-static int call_nt_transact_query_security_desc(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_query_security_desc(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup,
+ uint32 setup_count,
+ char **ppparams,
+ uint32 parameter_count,
+ char **ppdata,
+ uint32 data_count,
+ uint32 max_data_count)
{
char *params = *ppparams;
char *data = *ppdata;
files_struct *fsp = NULL;
if(parameter_count < 8) {
- return ERROR_DOS(ERRDOS,ERRbadfunc);
+ reply_doserror(req, ERRDOS, ERRbadfunc);
+ return;
}
- fsp = file_fsp(params,0);
+ fsp = file_fsp(SVAL(params,0));
if(!fsp) {
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ reply_doserror(req, ERRDOS, ERRbadfid);
+ return;
}
security_info_wanted = IVAL(params,4);
params = nttrans_realloc(ppparams, 4);
if(params == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
if ((mem_ctx = talloc_init("call_nt_transact_query_security_desc")) == NULL) {
DEBUG(0,("call_nt_transact_query_security_desc: talloc_init failed.\n"));
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
/*
if (sd_size == 0) {
talloc_destroy(mem_ctx);
- return(UNIXERROR(ERRDOS,ERRnoaccess));
+ reply_unixerror(req, ERRDOS, ERRnoaccess);
+ return;
}
DEBUG(3,("call_nt_transact_query_security_desc: sd_size = %lu.\n",(unsigned long)sd_size));
if(max_data_count < sd_size) {
- send_nt_replies(outbuf, bufsize, NT_STATUS_BUFFER_TOO_SMALL,
+ send_nt_replies(req, NT_STATUS_BUFFER_TOO_SMALL,
params, 4, *ppdata, 0);
talloc_destroy(mem_ctx);
- return -1;
+ return;
}
/*
data = nttrans_realloc(ppdata, sd_size);
if(data == NULL) {
talloc_destroy(mem_ctx);
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
/*
security descriptor.\n"));
/*
* Return access denied for want of a better error message..
- */
+ */
talloc_destroy(mem_ctx);
- return(UNIXERROR(ERRDOS,ERRnoaccess));
+ reply_unixerror(req, ERRDOS, ERRnoaccess);
+ return;
}
/*
talloc_destroy(mem_ctx);
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, 4, data,
- (int)sd_size);
- return -1;
+ send_nt_replies(req, NT_STATUS_OK, params, 4, data, (int)sd_size);
+ return;
}
/****************************************************************************
Reply to set a security descriptor. Map to UNIX perms or POSIX ACLs.
****************************************************************************/
-static int call_nt_transact_set_security_desc(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_set_security_desc(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup,
+ uint32 setup_count,
+ char **ppparams,
+ uint32 parameter_count,
+ char **ppdata,
+ uint32 data_count,
+ uint32 max_data_count)
{
char *params= *ppparams;
char *data = *ppdata;
NTSTATUS nt_status;
if(parameter_count < 8) {
- return ERROR_DOS(ERRDOS,ERRbadfunc);
+ reply_doserror(req, ERRDOS, ERRbadfunc);
+ return;
}
- if((fsp = file_fsp(params,0)) == NULL) {
- return ERROR_DOS(ERRDOS,ERRbadfid);
+ if((fsp = file_fsp(SVAL(params,0))) == NULL) {
+ reply_doserror(req, ERRDOS, ERRbadfid);
+ return;
}
if(!lp_nt_acl_support(SNUM(conn))) {
(unsigned int)security_info_sent ));
if (data_count == 0) {
- return ERROR_DOS(ERRDOS, ERRnoaccess);
+ reply_doserror(req, ERRDOS, ERRnoaccess);
+ return;
}
if (!NT_STATUS_IS_OK(nt_status = set_sd( fsp, data, data_count, security_info_sent))) {
- return ERROR_NT(nt_status);
+ reply_nterror(req, nt_status);
+ return;
}
done:
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL, 0);
- return -1;
+ send_nt_replies(req, NT_STATUS_OK, NULL, 0, NULL, 0);
+ return;
}
-
+
/****************************************************************************
Reply to NT IOCTL
****************************************************************************/
-static int call_nt_transact_ioctl(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_ioctl(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup, uint32 setup_count,
+ char **ppparams, uint32 parameter_count,
+ char **ppdata, uint32 data_count,
+ uint32 max_data_count)
{
uint32 function;
uint16 fidnum;
if (setup_count != 8) {
DEBUG(3,("call_nt_transact_ioctl: invalid setup count %d\n", setup_count));
- return ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+ reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
+ return;
}
function = IVAL(*ppsetup, 0);
DEBUG(10,("call_nt_transact_ioctl: function[0x%08X] FID[0x%04X] isFSctl[0x%02X] compfilter[0x%02X]\n",
function, fidnum, isFSctl, compfilter));
- fsp=file_fsp((char *)*ppsetup, 4);
+ fsp=file_fsp(fidnum);
/* this check is done in each implemented function case for now
because I don't want to break anything... --metze
FSP_BELONGS_CONN(fsp,conn);*/
so we can know if we need to pre-allocate or not */
DEBUG(10,("FSCTL_SET_SPARSE: called on FID[0x%04X](but not implemented)\n", fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL,
- 0);
- return -1;
-
- case FSCTL_0x000900C0:
- /* pretend this succeeded - don't know what this really is
- but works ok like this --metze
+ send_nt_replies(req, NT_STATUS_OK, NULL, 0, NULL, 0);
+ return;
+
+ case FSCTL_CREATE_OR_GET_OBJECT_ID:
+ {
+ unsigned char objid[16];
+
+ /* This should return the object-id on this file.
+ * I think I'll make this be the inode+dev. JRA.
*/
- DEBUG(10,("FSCTL_0x000900C0: called on FID[0x%04X](but not implemented)\n",fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0, NULL,
- 0);
- return -1;
+ DEBUG(10,("FSCTL_CREATE_OR_GET_OBJECT_ID: called on FID[0x%04X]\n",fidnum));
+
+ if (!fsp_belongs_conn(conn, req, fsp, ¤t_user)) {
+ return;
+ }
+
+ data_count = 64;
+ pdata = nttrans_realloc(ppdata, data_count);
+ if (pdata == NULL) {
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
+ push_file_id_16(pdata, &fsp->file_id);
+ memcpy(pdata+16,create_volume_objectid(conn,objid),16);
+ push_file_id_16(pdata+32, &fsp->file_id);
+ send_nt_replies(req, NT_STATUS_OK, NULL, 0,
+ pdata, data_count);
+ return;
+ }
case FSCTL_GET_REPARSE_POINT:
/* pretend this fail - my winXP does it like this
*/
DEBUG(10,("FSCTL_GET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n",fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT,
- NULL, 0, NULL, 0);
- return -1;
+ reply_nterror(req, NT_STATUS_NOT_A_REPARSE_POINT);
+ return;
case FSCTL_SET_REPARSE_POINT:
/* pretend this fail - I'm assuming this because of the FSCTL_GET_REPARSE_POINT case.
*/
DEBUG(10,("FSCTL_SET_REPARSE_POINT: called on FID[0x%04X](but not implemented)\n",fidnum));
- send_nt_replies(outbuf, bufsize, NT_STATUS_NOT_A_REPARSE_POINT,
- NULL, 0, NULL, 0);
- return -1;
-
+ reply_nterror(req, NT_STATUS_NOT_A_REPARSE_POINT);
+ return;
+
case FSCTL_GET_SHADOW_COPY_DATA: /* don't know if this name is right...*/
{
/*
uint32 i;
char *cur_pdata;
- FSP_BELONGS_CONN(fsp,conn);
+ if (!fsp_belongs_conn(conn, req, fsp, ¤t_user)) {
+ return;
+ }
if (max_data_count < 16) {
DEBUG(0,("FSCTL_GET_SHADOW_COPY_DATA: max_data_count(%u) < 16 is invalid!\n",
max_data_count));
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ return;
}
if (max_data_count > 16) {
shadow_mem_ctx = talloc_init("SHADOW_COPY_DATA");
if (shadow_mem_ctx == NULL) {
DEBUG(0,("talloc_init(SHADOW_COPY_DATA) failed!\n"));
- return ERROR_NT(NT_STATUS_NO_MEMORY);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
}
shadow_data = TALLOC_ZERO_P(shadow_mem_ctx,SHADOW_COPY_DATA);
if (shadow_data == NULL) {
- DEBUG(0,("talloc_zero() failed!\n"));
+ DEBUG(0,("TALLOC_ZERO() failed!\n"));
talloc_destroy(shadow_mem_ctx);
- return ERROR_NT(NT_STATUS_NO_MEMORY);
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
}
-
+
shadow_data->mem_ctx = shadow_mem_ctx;
-
+
/*
* Call the VFS routine to actually do the work.
*/
if (errno == ENOSYS) {
DEBUG(5,("FSCTL_GET_SHADOW_COPY_DATA: connectpath %s, not supported.\n",
conn->connectpath));
- return ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+ reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
+ return;
} else {
DEBUG(0,("FSCTL_GET_SHADOW_COPY_DATA: connectpath %s, failed.\n",
conn->connectpath));
- return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
+ reply_nterror(req, NT_STATUS_UNSUCCESSFUL);
+ return;
}
}
DEBUG(0,("FSCTL_GET_SHADOW_COPY_DATA: max_data_count(%u) too small (%u) bytes needed!\n",
max_data_count,data_count));
talloc_destroy(shadow_data->mem_ctx);
- return ERROR_NT(NT_STATUS_BUFFER_TOO_SMALL);
+ reply_nterror(req, NT_STATUS_BUFFER_TOO_SMALL);
+ return;
}
pdata = nttrans_realloc(ppdata, data_count);
if (pdata == NULL) {
talloc_destroy(shadow_data->mem_ctx);
- return ERROR_NT(NT_STATUS_NO_MEMORY);
- }
+ reply_nterror(req, NT_STATUS_NO_MEMORY);
+ return;
+ }
cur_pdata = pdata;
shadow_data->num_volumes,fsp->fsp_name));
if (labels && shadow_data->labels) {
for (i=0;i<shadow_data->num_volumes;i++) {
- srvstr_push(outbuf, cur_pdata, shadow_data->labels[i], 2*sizeof(SHADOW_COPY_LABEL), STR_UNICODE|STR_TERMINATE);
+ srvstr_push(pdata, req->flags2,
+ cur_pdata, shadow_data->labels[i],
+ 2*sizeof(SHADOW_COPY_LABEL),
+ STR_UNICODE|STR_TERMINATE);
cur_pdata+=2*sizeof(SHADOW_COPY_LABEL);
DEBUGADD(10,("Label[%u]: '%s'\n",i,shadow_data->labels[i]));
}
talloc_destroy(shadow_data->mem_ctx);
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0,
+ send_nt_replies(req, NT_STATUS_OK, NULL, 0,
pdata, data_count);
- return -1;
+ return;
}
-
+
case FSCTL_FIND_FILES_BY_SID: /* I hope this name is right */
{
- /* pretend this succeeded -
- *
+ /* pretend this succeeded -
+ *
* we have to send back a list with all files owned by this SID
*
* but I have to check that --metze
DOM_SID sid;
uid_t uid;
size_t sid_len = MIN(data_count-4,SID_MAX_SIZE);
-
+
DEBUG(10,("FSCTL_FIND_FILES_BY_SID: called on FID[0x%04X]\n",fidnum));
- FSP_BELONGS_CONN(fsp,conn);
+ if (!fsp_belongs_conn(conn, req, fsp, ¤t_user)) {
+ return;
+ }
/* unknown 4 bytes: this is not the length of the sid :-( */
/*unknown = IVAL(pdata,0);*/
-
+
sid_parse(pdata+4,sid_len,&sid);
DEBUGADD(10,("for SID: %s\n",sid_string_static(&sid)));
sid_string_static(&sid),(unsigned long)sid_len));
uid = (-1);
}
-
+
/* we can take a look at the find source :-)
*
* find ./ -uid $uid -name '*' is what we need here
* (maybe we can hang the result anywhere in the fsp struct)
*
* we don't send all files at once
- * and at the next we should *not* start from the beginning,
- * so we have to cache the result
+ * and at the next we should *not* start from the beginning,
+ * so we have to cache the result
*
* --metze
*/
-
+
/* this works for now... */
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, NULL, 0,
- NULL, 0);
- return -1;
- }
+ send_nt_replies(req, NT_STATUS_OK, NULL, 0, NULL, 0);
+ return;
+ }
default:
if (!logged_message) {
logged_message = True; /* Only print this once... */
}
}
- return ERROR_NT(NT_STATUS_NOT_SUPPORTED);
+ reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
}
#ifdef HAVE_SYS_QUOTAS
/****************************************************************************
- Reply to get user quota
+ Reply to get user quota
****************************************************************************/
-static int call_nt_transact_get_user_quota(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_get_user_quota(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup,
+ uint32 setup_count,
+ char **ppparams,
+ uint32 parameter_count,
+ char **ppdata,
+ uint32 data_count,
+ uint32 max_data_count)
{
NTSTATUS nt_status = NT_STATUS_OK;
char *params = *ppparams;
if (current_user.ut.uid != 0) {
DEBUG(1,("get_user_quota: access_denied service [%s] user [%s]\n",
lp_servicename(SNUM(conn)),conn->user));
- return ERROR_DOS(ERRDOS,ERRnoaccess);
+ reply_doserror(req, ERRDOS, ERRnoaccess);
+ return;
}
/*
if (parameter_count < 4) {
DEBUG(0,("TRANSACT_GET_USER_QUOTA: requires %d >= 4 bytes parameters\n",parameter_count));
- return ERROR_DOS(ERRDOS,ERRinvalidparam);
+ reply_doserror(req, ERRDOS, ERRinvalidparam);
+ return;
}
-
+
/* maybe we can check the quota_fnum */
- fsp = file_fsp(params,0);
+ fsp = file_fsp(SVAL(params,0));
if (!CHECK_NTQUOTA_HANDLE_OK(fsp,conn)) {
DEBUG(3,("TRANSACT_GET_USER_QUOTA: no valid QUOTA HANDLE\n"));
- return ERROR_NT(NT_STATUS_INVALID_HANDLE);
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ return;
}
/* the NULL pointer checking for fsp->fake_file_handle->pd
qt_handle = (SMB_NTQUOTA_HANDLE *)fsp->fake_file_handle->pd;
level = SVAL(params,2);
-
- /* unknown 12 bytes leading in params */
-
+
+ /* unknown 12 bytes leading in params */
+
switch (level) {
case TRANSACT_GET_USER_QUOTA_LIST_CONTINUE:
/* seems that we should continue with the enum here --metze */
- if (qt_handle->quota_list!=NULL &&
+ if (qt_handle->quota_list!=NULL &&
qt_handle->tmp_list==NULL) {
-
+
/* free the list */
free_ntquota_list(&(qt_handle->quota_list));
param_len = 4;
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
data_len = 0;
start_enum = True;
}
- if (start_enum && vfs_get_user_ntquota_list(fsp,&(qt_handle->quota_list))!=0)
- return ERROR_DOS(ERRSRV,ERRerror);
+ if (start_enum && vfs_get_user_ntquota_list(fsp,&(qt_handle->quota_list))!=0) {
+ reply_doserror(req, ERRSRV, ERRerror);
+ return;
+ }
/* Realloc the size of parameters and data we will return */
param_len = 4;
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
/* we should not trust the value in max_data_count*/
max_data_count = MIN(max_data_count,2048);
-
+
pdata = nttrans_realloc(ppdata, max_data_count);/* should be max data count from client*/
if(pdata == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
entry = pdata;
/* set params Size of returned Quota Data 4 bytes*/
/* but set it later when we know it */
-
+
/* for each entry push the data */
if (start_enum) {
/* nextoffset entry 4 bytes */
SIVAL(entry,0,entry_len);
-
+
/* then the len of the SID 4 bytes */
SIVAL(entry,4,sid_len);
-
+
/* unknown data 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,8,(SMB_BIG_UINT)0); /* this is not 0 in windows...-metze*/
-
+
/* the used disk space 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,16,tmp_list->quotas->usedspace);
-
+
/* the soft quotas 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,24,tmp_list->quotas->softlim);
-
+
/* the hard quotas 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,32,tmp_list->quotas->hardlim);
-
+
/* and now the SID */
sid_linearize(entry+40, sid_len, &tmp_list->quotas->sid);
}
-
+
qt_handle->tmp_list = tmp_list;
-
+
/* overwrite the offset of the last entry */
SIVAL(entry-entry_len,0,0);
break;
case TRANSACT_GET_USER_QUOTA_FOR_SID:
-
- /* unknown 4 bytes IVAL(pdata,0) */
-
+
+ /* unknown 4 bytes IVAL(pdata,0) */
+
if (data_count < 8) {
DEBUG(0,("TRANSACT_GET_USER_QUOTA_FOR_SID: requires %d >= %d bytes data\n",data_count,8));
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
sid_len = IVAL(pdata,4);
/* Ensure this is less than 1mb. */
if (sid_len > (1024*1024)) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
if (data_count < 8+sid_len) {
DEBUG(0,("TRANSACT_GET_USER_QUOTA_FOR_SID: requires %d >= %lu bytes data\n",data_count,(unsigned long)(8+sid_len)));
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
data_len = 4+40+sid_len;
}
sid_parse(pdata+8,sid_len,&sid);
-
+
if (vfs_get_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &qt)!=0) {
ZERO_STRUCT(qt);
- /*
- * we have to return zero's in all fields
+ /*
+ * we have to return zero's in all fields
* instead of returning an error here
* --metze
*/
param_len = 4;
params = nttrans_realloc(ppparams, param_len);
if(params == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
pdata = nttrans_realloc(ppdata, data_len);
if(pdata == NULL) {
- return ERROR_DOS(ERRDOS,ERRnomem);
+ reply_doserror(req, ERRDOS, ERRnomem);
+ return;
}
entry = pdata;
/* set params Size of returned Quota Data 4 bytes*/
SIVAL(params,0,data_len);
-
+
/* nextoffset entry 4 bytes */
SIVAL(entry,0,0);
-
+
/* then the len of the SID 4 bytes */
SIVAL(entry,4,sid_len);
-
+
/* unknown data 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,8,(SMB_BIG_UINT)0); /* this is not 0 in windows...-mezte*/
-
+
/* the used disk space 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,16,qt.usedspace);
-
+
/* the soft quotas 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,24,qt.softlim);
-
+
/* the hard quotas 8 bytes SMB_BIG_UINT */
SBIG_UINT(entry,32,qt.hardlim);
-
+
/* and now the SID */
sid_linearize(entry+40, sid_len, &sid);
default:
DEBUG(0,("do_nt_transact_get_user_quota: fnum %d unknown level 0x%04hX\n",fsp->fnum,level));
- return ERROR_DOS(ERRSRV,ERRerror);
+ reply_doserror(req, ERRSRV, ERRerror);
+ return;
break;
}
- send_nt_replies(outbuf, bufsize, nt_status, params, param_len,
+ send_nt_replies(req, nt_status, params, param_len,
pdata, data_len);
-
- return -1;
}
/****************************************************************************
Reply to set user quota
****************************************************************************/
-static int call_nt_transact_set_user_quota(connection_struct *conn, char *inbuf, char *outbuf, int length, int bufsize,
- uint16 **ppsetup, uint32 setup_count,
- char **ppparams, uint32 parameter_count,
- char **ppdata, uint32 data_count, uint32 max_data_count)
+static void call_nt_transact_set_user_quota(connection_struct *conn,
+ struct smb_request *req,
+ uint16 **ppsetup,
+ uint32 setup_count,
+ char **ppparams,
+ uint32 parameter_count,
+ char **ppdata,
+ uint32 data_count,
+ uint32 max_data_count)
{
char *params = *ppparams;
char *pdata = *ppdata;
if (current_user.ut.uid != 0) {
DEBUG(1,("set_user_quota: access_denied service [%s] user [%s]\n",
lp_servicename(SNUM(conn)),conn->user));
- return ERROR_DOS(ERRDOS,ERRnoaccess);
+ reply_doserror(req, ERRDOS, ERRnoaccess);
+ return;
}
/*
if (parameter_count < 2) {
DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= 2 bytes parameters\n",parameter_count));
- return ERROR_DOS(ERRDOS,ERRinvalidparam);
+ reply_doserror(req, ERRDOS, ERRinvalidparam);
+ return;
}
-
+
/* maybe we can check the quota_fnum */
- fsp = file_fsp(params,0);
+ fsp = file_fsp(SVAL(params,0));
if (!CHECK_NTQUOTA_HANDLE_OK(fsp,conn)) {
DEBUG(3,("TRANSACT_GET_USER_QUOTA: no valid QUOTA HANDLE\n"));
- return ERROR_NT(NT_STATUS_INVALID_HANDLE);
+ reply_nterror(req, NT_STATUS_INVALID_HANDLE);
+ return;
}
if (data_count < 40) {
DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= %d bytes data\n",data_count,40));
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
/* offset to next quota record.
if (data_count < 40+sid_len) {
DEBUG(0,("TRANSACT_SET_USER_QUOTA: requires %d >= %lu bytes data\n",data_count,(unsigned long)40+sid_len));
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
- /* unknown 8 bytes in pdata
+ /* unknown 8 bytes in pdata
* maybe its the change time in NTTIME
*/
((qt.usedspace != 0xFFFFFFFF)||
(IVAL(pdata,20)!=0xFFFFFFFF))) {
/* more than 32 bits? */
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
#endif /* LARGE_SMB_OFF_T */
((qt.softlim != 0xFFFFFFFF)||
(IVAL(pdata,28)!=0xFFFFFFFF))) {
/* more than 32 bits? */
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
#endif /* LARGE_SMB_OFF_T */
((qt.hardlim != 0xFFFFFFFF)||
(IVAL(pdata,36)!=0xFFFFFFFF))) {
/* more than 32 bits? */
- return ERROR_DOS(ERRDOS,ERRunknownlevel);
+ reply_doserror(req, ERRDOS, ERRunknownlevel);
+ return;
}
#endif /* LARGE_SMB_OFF_T */
-
+
sid_parse(pdata+40,sid_len,&sid);
DEBUGADD(8,("SID: %s\n",sid_string_static(&sid)));
/* 44 unknown bytes left... */
if (vfs_set_ntquota(fsp, SMB_USER_QUOTA_TYPE, &sid, &qt)!=0) {
- return ERROR_DOS(ERRSRV,ERRerror);
+ reply_doserror(req, ERRSRV, ERRerror);
+ return;
}
- send_nt_replies(outbuf, bufsize, NT_STATUS_OK, params, param_len,
+ send_nt_replies(req, NT_STATUS_OK, params, param_len,
pdata, data_len);
-
- return -1;
}
#endif /* HAVE_SYS_QUOTAS */
-static int handle_nttrans(connection_struct *conn,
- struct trans_state *state,
- char *inbuf, char *outbuf, int size, int bufsize)
+static void handle_nttrans(connection_struct *conn,
+ struct trans_state *state,
+ struct smb_request *req)
{
- int outsize;
-
if (Protocol >= PROTOCOL_NT1) {
- SSVAL(outbuf,smb_flg2,SVAL(outbuf,smb_flg2) | 0x40); /* IS_LONG_NAME */
+ req->flags2 |= 0x40; /* IS_LONG_NAME */
+ SSVAL(req->inbuf,smb_flg2,req->flags2);
}
/* Now we must call the relevant NT_TRANS function */
switch(state->call) {
case NT_TRANSACT_CREATE:
{
- START_PROFILE_NESTED(NT_transact_create);
- outsize = call_nt_transact_create(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data,
- state->max_data_return);
- END_PROFILE_NESTED(NT_transact_create);
+ START_PROFILE(NT_transact_create);
+ call_nt_transact_create(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_create);
break;
}
case NT_TRANSACT_IOCTL:
{
- START_PROFILE_NESTED(NT_transact_ioctl);
- outsize = call_nt_transact_ioctl(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data, state->max_data_return);
- END_PROFILE_NESTED(NT_transact_ioctl);
+ START_PROFILE(NT_transact_ioctl);
+ call_nt_transact_ioctl(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_ioctl);
break;
}
case NT_TRANSACT_SET_SECURITY_DESC:
{
- START_PROFILE_NESTED(NT_transact_set_security_desc);
- outsize = call_nt_transact_set_security_desc(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data, state->max_data_return);
- END_PROFILE_NESTED(NT_transact_set_security_desc);
+ START_PROFILE(NT_transact_set_security_desc);
+ call_nt_transact_set_security_desc(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_set_security_desc);
break;
}
case NT_TRANSACT_NOTIFY_CHANGE:
{
- START_PROFILE_NESTED(NT_transact_notify_change);
- outsize = call_nt_transact_notify_change(
- conn, inbuf, outbuf, size, bufsize,
+ START_PROFILE(NT_transact_notify_change);
+ call_nt_transact_notify_change(
+ conn, req,
&state->setup, state->setup_count,
- &state->param, state->total_param,
+ &state->param, state->total_param,
&state->data, state->total_data,
state->max_data_return,
state->max_param_return);
- END_PROFILE_NESTED(NT_transact_notify_change);
+ END_PROFILE(NT_transact_notify_change);
break;
}
case NT_TRANSACT_RENAME:
{
- START_PROFILE_NESTED(NT_transact_rename);
- outsize = call_nt_transact_rename(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data, state->max_data_return);
- END_PROFILE_NESTED(NT_transact_rename);
+ START_PROFILE(NT_transact_rename);
+ call_nt_transact_rename(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_rename);
break;
}
case NT_TRANSACT_QUERY_SECURITY_DESC:
{
- START_PROFILE_NESTED(NT_transact_query_security_desc);
- outsize = call_nt_transact_query_security_desc(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data, state->max_data_return);
- END_PROFILE_NESTED(NT_transact_query_security_desc);
+ START_PROFILE(NT_transact_query_security_desc);
+ call_nt_transact_query_security_desc(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_query_security_desc);
break;
}
#ifdef HAVE_SYS_QUOTAS
case NT_TRANSACT_GET_USER_QUOTA:
{
- START_PROFILE_NESTED(NT_transact_get_user_quota);
- outsize = call_nt_transact_get_user_quota(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data, state->max_data_return);
- END_PROFILE_NESTED(NT_transact_get_user_quota);
+ START_PROFILE(NT_transact_get_user_quota);
+ call_nt_transact_get_user_quota(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_get_user_quota);
break;
}
case NT_TRANSACT_SET_USER_QUOTA:
{
- START_PROFILE_NESTED(NT_transact_set_user_quota);
- outsize = call_nt_transact_set_user_quota(conn, inbuf, outbuf,
- size, bufsize,
- &state->setup, state->setup_count,
- &state->param, state->total_param,
- &state->data, state->total_data, state->max_data_return);
- END_PROFILE_NESTED(NT_transact_set_user_quota);
- break;
+ START_PROFILE(NT_transact_set_user_quota);
+ call_nt_transact_set_user_quota(
+ conn, req,
+ &state->setup, state->setup_count,
+ &state->param, state->total_param,
+ &state->data, state->total_data,
+ state->max_data_return);
+ END_PROFILE(NT_transact_set_user_quota);
+ break;
}
#endif /* HAVE_SYS_QUOTAS */
default:
/* Error in request */
- DEBUG(0,("reply_nttrans: Unknown request %d in nttrans call\n",
- state->call));
- return ERROR_DOS(ERRSRV,ERRerror);
+ DEBUG(0,("handle_nttrans: Unknown request %d in "
+ "nttrans call\n", state->call));
+ reply_doserror(req, ERRSRV, ERRerror);
+ return;
}
- return outsize;
+ return;
}
/****************************************************************************
Reply to a SMBNTtrans.
****************************************************************************/
-int reply_nttrans(connection_struct *conn,
- char *inbuf,char *outbuf,int size,int bufsize)
+void reply_nttrans(connection_struct *conn, struct smb_request *req)
{
- int outsize = 0;
- uint32 pscnt = IVAL(inbuf,smb_nt_ParameterCount);
- uint32 psoff = IVAL(inbuf,smb_nt_ParameterOffset);
- uint32 dscnt = IVAL(inbuf,smb_nt_DataCount);
- uint32 dsoff = IVAL(inbuf,smb_nt_DataOffset);
-
- uint16 function_code = SVAL( inbuf, smb_nt_Function);
+ uint32 pscnt;
+ uint32 psoff;
+ uint32 dscnt;
+ uint32 dsoff;
+ uint16 function_code;
NTSTATUS result;
struct trans_state *state;
+ int size;
START_PROFILE(SMBnttrans);
+ if (req->wct < 19) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ END_PROFILE(SMBnttrans);
+ return;
+ }
+
+ size = smb_len(req->inbuf) + 4;
+ pscnt = IVAL(req->inbuf,smb_nt_ParameterCount);
+ psoff = IVAL(req->inbuf,smb_nt_ParameterOffset);
+ dscnt = IVAL(req->inbuf,smb_nt_DataCount);
+ dsoff = IVAL(req->inbuf,smb_nt_DataOffset);
+ function_code = SVAL(req->inbuf, smb_nt_Function);
+
if (IS_IPC(conn) && (function_code != NT_TRANSACT_CREATE)) {
+ reply_doserror(req, ERRSRV, ERRaccess);
END_PROFILE(SMBnttrans);
- return ERROR_DOS(ERRSRV,ERRaccess);
+ return;
}
- result = allow_new_trans(conn->pending_trans, SVAL(inbuf, smb_mid));
+ result = allow_new_trans(conn->pending_trans, req->mid);
if (!NT_STATUS_IS_OK(result)) {
DEBUG(2, ("Got invalid nttrans request: %s\n", nt_errstr(result)));
+ reply_nterror(req, result);
END_PROFILE(SMBnttrans);
- return ERROR_NT(result);
+ return;
}
if ((state = TALLOC_P(conn->mem_ctx, struct trans_state)) == NULL) {
+ reply_doserror(req, ERRSRV, ERRaccess);
END_PROFILE(SMBnttrans);
- return ERROR_DOS(ERRSRV,ERRaccess);
+ return;
}
state->cmd = SMBnttrans;
- state->mid = SVAL(inbuf,smb_mid);
- state->vuid = SVAL(inbuf,smb_uid);
- state->total_data = IVAL(inbuf, smb_nt_TotalDataCount);
+ state->mid = req->mid;
+ state->vuid = req->vuid;
+ state->total_data = IVAL(req->inbuf, smb_nt_TotalDataCount);
state->data = NULL;
- state->total_param = IVAL(inbuf, smb_nt_TotalParameterCount);
+ state->total_param = IVAL(req->inbuf, smb_nt_TotalParameterCount);
state->param = NULL;
- state->max_data_return = IVAL(inbuf,smb_nt_MaxDataCount);
- state->max_param_return = IVAL(inbuf,smb_nt_MaxParameterCount);
+ state->max_data_return = IVAL(req->inbuf,smb_nt_MaxDataCount);
+ state->max_param_return = IVAL(req->inbuf,smb_nt_MaxParameterCount);
/* setup count is in *words* */
- state->setup_count = 2*CVAL(inbuf,smb_nt_SetupCount);
+ state->setup_count = 2*CVAL(req->inbuf,smb_nt_SetupCount);
state->setup = NULL;
state->call = function_code;
- /*
+ /*
* All nttrans messages we handle have smb_wct == 19 +
* state->setup_count. Ensure this is so as a sanity check.
*/
- if(CVAL(inbuf, smb_wct) != 19 + (state->setup_count/2)) {
+ if(req->wct != 19 + (state->setup_count/2)) {
DEBUG(2,("Invalid smb_wct %d in nttrans call (should be %d)\n",
- CVAL(inbuf, smb_wct), 19 + (state->setup_count/2)));
+ req->wct, 19 + (state->setup_count/2)));
goto bad_param;
}
/* Don't allow more than 128mb for each value. */
if ((state->total_data > (1024*1024*128)) ||
(state->total_param > (1024*1024*128))) {
+ reply_doserror(req, ERRDOS, ERRnomem);
END_PROFILE(SMBnttrans);
- return ERROR_DOS(ERRDOS,ERRnomem);
+ return;
}
if ((dscnt > state->total_data) || (pscnt > state->total_param))
DEBUG(0,("reply_nttrans: data malloc fail for %u "
"bytes !\n", (unsigned int)state->total_data));
TALLOC_FREE(state);
+ reply_doserror(req, ERRDOS, ERRnomem);
END_PROFILE(SMBnttrans);
- return(ERROR_DOS(ERRDOS,ERRnomem));
- }
+ return;
+ }
if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt))
goto bad_param;
- if ((smb_base(inbuf)+dsoff+dscnt > inbuf + size) ||
- (smb_base(inbuf)+dsoff+dscnt < smb_base(inbuf)))
+ if ((smb_base(req->inbuf)+dsoff+dscnt
+ > (char *)req->inbuf + size) ||
+ (smb_base(req->inbuf)+dsoff+dscnt < smb_base(req->inbuf)))
goto bad_param;
- memcpy(state->data,smb_base(inbuf)+dsoff,dscnt);
+ memcpy(state->data,smb_base(req->inbuf)+dsoff,dscnt);
}
if (state->total_param) {
"bytes !\n", (unsigned int)state->total_param));
SAFE_FREE(state->data);
TALLOC_FREE(state);
+ reply_doserror(req, ERRDOS, ERRnomem);
END_PROFILE(SMBnttrans);
- return(ERROR_DOS(ERRDOS,ERRnomem));
- }
+ return;
+ }
if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt))
goto bad_param;
- if ((smb_base(inbuf)+psoff+pscnt > inbuf + size) ||
- (smb_base(inbuf)+psoff+pscnt < smb_base(inbuf)))
+ if ((smb_base(req->inbuf)+psoff+pscnt
+ > (char *)req->inbuf + size) ||
+ (smb_base(req->inbuf)+psoff+pscnt < smb_base(req->inbuf)))
goto bad_param;
- memcpy(state->param,smb_base(inbuf)+psoff,pscnt);
+ memcpy(state->param,smb_base(req->inbuf)+psoff,pscnt);
}
state->received_data = dscnt;
SAFE_FREE(state->data);
SAFE_FREE(state->param);
TALLOC_FREE(state);
+ reply_doserror(req, ERRDOS, ERRnomem);
END_PROFILE(SMBnttrans);
- return ERROR_DOS(ERRDOS,ERRnomem);
+ return;
}
if ((smb_nt_SetupStart + state->setup_count < smb_nt_SetupStart) ||
goto bad_param;
}
- memcpy( state->setup, &inbuf[smb_nt_SetupStart], state->setup_count);
- dump_data(10, (char *)state->setup, state->setup_count);
+ memcpy( state->setup, &req->inbuf[smb_nt_SetupStart],
+ state->setup_count);
+ dump_data(10, (uint8 *)state->setup, state->setup_count);
}
if ((state->received_data == state->total_data) &&
(state->received_param == state->total_param)) {
- outsize = handle_nttrans(conn, state, inbuf, outbuf,
- size, bufsize);
+ handle_nttrans(conn, state, req);
SAFE_FREE(state->param);
SAFE_FREE(state->data);
TALLOC_FREE(state);
END_PROFILE(SMBnttrans);
- return outsize;
+ return;
}
DLIST_ADD(conn->pending_trans, state);
/* We need to send an interim response then receive the rest
of the parameter/data bytes */
- outsize = set_message(outbuf,0,0,False);
- show_msg(outbuf);
+ reply_outbuf(req, 0, 0);
+ show_msg((char *)req->outbuf);
END_PROFILE(SMBnttrans);
- return outsize;
+ return;
bad_param:
SAFE_FREE(state->data);
SAFE_FREE(state->param);
TALLOC_FREE(state);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBnttrans);
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ return;
}
-
+
/****************************************************************************
Reply to a SMBnttranss
****************************************************************************/
-int reply_nttranss(connection_struct *conn, char *inbuf,char *outbuf,
- int size,int bufsize)
+void reply_nttranss(connection_struct *conn, struct smb_request *req)
{
- int outsize = 0;
unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp;
struct trans_state *state;
+ int size;
+
START_PROFILE(SMBnttranss);
- show_msg(inbuf);
+ show_msg((char *)req->inbuf);
+
+ if (req->wct < 18) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
+ END_PROFILE(SMBnttranss);
+ return;
+ }
for (state = conn->pending_trans; state != NULL;
state = state->next) {
- if (state->mid == SVAL(inbuf,smb_mid)) {
+ if (state->mid == req->mid) {
break;
}
}
if ((state == NULL) || (state->cmd != SMBnttrans)) {
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBnttranss);
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ return;
}
/* Revise state->total_param and state->total_data in case they have
changed downwards */
- if (IVAL(inbuf, smb_nts_TotalParameterCount) < state->total_param) {
- state->total_param = IVAL(inbuf, smb_nts_TotalParameterCount);
+ if (IVAL(req->inbuf, smb_nts_TotalParameterCount)
+ < state->total_param) {
+ state->total_param = IVAL(req->inbuf,
+ smb_nts_TotalParameterCount);
}
- if (IVAL(inbuf, smb_nts_TotalDataCount) < state->total_data) {
- state->total_data = IVAL(inbuf, smb_nts_TotalDataCount);
+ if (IVAL(req->inbuf, smb_nts_TotalDataCount) < state->total_data) {
+ state->total_data = IVAL(req->inbuf, smb_nts_TotalDataCount);
}
- pcnt = IVAL(inbuf,smb_nts_ParameterCount);
- poff = IVAL(inbuf, smb_nts_ParameterOffset);
- pdisp = IVAL(inbuf, smb_nts_ParameterDisplacement);
+ size = smb_len(req->inbuf) + 4;
- dcnt = IVAL(inbuf, smb_nts_DataCount);
- ddisp = IVAL(inbuf, smb_nts_DataDisplacement);
- doff = IVAL(inbuf, smb_nts_DataOffset);
+ pcnt = IVAL(req->inbuf,smb_nts_ParameterCount);
+ poff = IVAL(req->inbuf, smb_nts_ParameterOffset);
+ pdisp = IVAL(req->inbuf, smb_nts_ParameterDisplacement);
+
+ dcnt = IVAL(req->inbuf, smb_nts_DataCount);
+ ddisp = IVAL(req->inbuf, smb_nts_DataDisplacement);
+ doff = IVAL(req->inbuf, smb_nts_DataOffset);
state->received_param += pcnt;
state->received_data += dcnt;
-
+
if ((state->received_data > state->total_data) ||
(state->received_param > state->total_param))
goto bad_param;
goto bad_param;
if (pdisp > state->total_param)
goto bad_param;
- if ((smb_base(inbuf) + poff + pcnt > inbuf + size) ||
- (smb_base(inbuf) + poff + pcnt < smb_base(inbuf)))
+ if ((smb_base(req->inbuf) + poff + pcnt
+ > (char *)req->inbuf + size) ||
+ (smb_base(req->inbuf) + poff + pcnt
+ < smb_base(req->inbuf)))
goto bad_param;
if (state->param + pdisp < state->param)
goto bad_param;
- memcpy(state->param+pdisp,smb_base(inbuf)+poff,
+ memcpy(state->param+pdisp, smb_base(req->inbuf)+poff,
pcnt);
}
goto bad_param;
if (ddisp > state->total_data)
goto bad_param;
- if ((smb_base(inbuf) + doff + dcnt > inbuf + size) ||
- (smb_base(inbuf) + doff + dcnt < smb_base(inbuf)))
+ if ((smb_base(req->inbuf) + doff + dcnt
+ > (char *)req->inbuf + size) ||
+ (smb_base(req->inbuf) + doff + dcnt
+ < smb_base(req->inbuf)))
goto bad_param;
if (state->data + ddisp < state->data)
goto bad_param;
- memcpy(state->data+ddisp, smb_base(inbuf)+doff,
- dcnt);
+ memcpy(state->data+ddisp, smb_base(req->inbuf)+doff,
+ dcnt);
}
if ((state->received_param < state->total_param) ||
(state->received_data < state->total_data)) {
END_PROFILE(SMBnttranss);
- return -1;
+ return;
}
- /* construct_reply_common has done us the favor to pre-fill the
- * command field with SMBnttranss which is wrong :-)
+ /*
+ * construct_reply_common will copy smb_com from inbuf to
+ * outbuf. SMBnttranss is wrong here.
*/
- SCVAL(outbuf,smb_com,SMBnttrans);
+ SCVAL(req->inbuf,smb_com,SMBnttrans);
- outsize = handle_nttrans(conn, state, inbuf, outbuf,
- size, bufsize);
+ handle_nttrans(conn, state, req);
DLIST_REMOVE(conn->pending_trans, state);
SAFE_FREE(state->data);
SAFE_FREE(state->param);
TALLOC_FREE(state);
-
- if (outsize == 0) {
- END_PROFILE(SMBnttranss);
- return(ERROR_DOS(ERRSRV,ERRnosupport));
- }
-
END_PROFILE(SMBnttranss);
- return(outsize);
+ return;
bad_param:
SAFE_FREE(state->data);
SAFE_FREE(state->param);
TALLOC_FREE(state);
+ reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
END_PROFILE(SMBnttranss);
- return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
+ return;
}