2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "system/filesys.h"
30 #include "smbd/smbd.h"
31 #include "smbd/globals.h"
32 #include "fake_file.h"
33 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
34 #include "rpc_client/cli_spoolss.h"
35 #include "rpc_client/init_spoolss.h"
36 #include "rpc_server/rpc_ncacn_np.h"
37 #include "libcli/security/security.h"
38 #include "libsmb/nmblib.h"
41 /****************************************************************************
42 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
43 path or anything including wildcards.
44 We're assuming here that '/' is not the second byte in any multibyte char
45 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
47 ****************************************************************************/
49 /* Custom version for processing POSIX paths. */
50 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
52 static NTSTATUS check_path_syntax_internal(char *path,
54 bool *p_last_component_contains_wcard)
58 NTSTATUS ret = NT_STATUS_OK;
59 bool start_of_name_component = True;
60 bool stream_started = false;
62 *p_last_component_contains_wcard = False;
69 return NT_STATUS_OBJECT_NAME_INVALID;
72 return NT_STATUS_OBJECT_NAME_INVALID;
74 if (strchr_m(&s[1], ':')) {
75 return NT_STATUS_OBJECT_NAME_INVALID;
81 if ((*s == ':') && !posix_path && !stream_started) {
82 if (*p_last_component_contains_wcard) {
83 return NT_STATUS_OBJECT_NAME_INVALID;
85 /* Stream names allow more characters than file names.
86 We're overloading posix_path here to allow a wider
87 range of characters. If stream_started is true this
88 is still a Windows path even if posix_path is true.
91 stream_started = true;
92 start_of_name_component = false;
96 return NT_STATUS_OBJECT_NAME_INVALID;
100 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
102 * Safe to assume is not the second part of a mb char
103 * as this is handled below.
105 /* Eat multiple '/' or '\\' */
106 while (IS_PATH_SEP(*s,posix_path)) {
109 if ((d != path) && (*s != '\0')) {
110 /* We only care about non-leading or trailing '/' or '\\' */
114 start_of_name_component = True;
116 *p_last_component_contains_wcard = False;
120 if (start_of_name_component) {
121 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
122 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
125 * No mb char starts with '.' so we're safe checking the directory separator here.
128 /* If we just added a '/' - delete it */
129 if ((d > path) && (*(d-1) == '/')) {
134 /* Are we at the start ? Can't go back further if so. */
136 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
139 /* Go back one level... */
140 /* We know this is safe as '/' cannot be part of a mb sequence. */
141 /* NOTE - if this assumption is invalid we are not in good shape... */
142 /* Decrement d first as d points to the *next* char to write into. */
143 for (d--; d > path; d--) {
147 s += 2; /* Else go past the .. */
148 /* We're still at the start of a name component, just the previous one. */
151 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
163 if (*s <= 0x1f || *s == '|') {
164 return NT_STATUS_OBJECT_NAME_INVALID;
172 *p_last_component_contains_wcard = True;
181 /* Get the size of the next MB character. */
182 next_codepoint(s,&siz);
200 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
202 return NT_STATUS_INVALID_PARAMETER;
205 start_of_name_component = False;
213 /****************************************************************************
214 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
215 No wildcards allowed.
216 ****************************************************************************/
218 NTSTATUS check_path_syntax(char *path)
221 return check_path_syntax_internal(path, False, &ignore);
224 /****************************************************************************
225 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
226 Wildcards allowed - p_contains_wcard returns true if the last component contained
228 ****************************************************************************/
230 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
232 return check_path_syntax_internal(path, False, p_contains_wcard);
235 /****************************************************************************
236 Check the path for a POSIX client.
237 We're assuming here that '/' is not the second byte in any multibyte char
238 set (a safe assumption).
239 ****************************************************************************/
241 NTSTATUS check_path_syntax_posix(char *path)
244 return check_path_syntax_internal(path, True, &ignore);
247 /****************************************************************************
248 Pull a string and check the path allowing a wilcard - provide for error return.
249 ****************************************************************************/
251 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
252 const char *base_ptr,
259 bool *contains_wcard)
265 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
269 *err = NT_STATUS_INVALID_PARAMETER;
273 *contains_wcard = False;
275 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
277 * For a DFS path the function parse_dfs_path()
278 * will do the path processing, just make a copy.
284 if (lp_posix_pathnames()) {
285 *err = check_path_syntax_posix(*pp_dest);
287 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
293 /****************************************************************************
294 Pull a string and check the path - provide for error return.
295 ****************************************************************************/
297 size_t srvstr_get_path(TALLOC_CTX *ctx,
298 const char *base_ptr,
307 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
308 src_len, flags, err, &ignore);
311 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
312 char **pp_dest, const char *src, int flags,
313 NTSTATUS *err, bool *contains_wcard)
315 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
316 pp_dest, src, smbreq_bufrem(req, src),
317 flags, err, contains_wcard);
320 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
321 char **pp_dest, const char *src, int flags,
325 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
326 flags, err, &ignore);
329 /****************************************************************************
330 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
331 ****************************************************************************/
333 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
336 if ((fsp == NULL) || (conn == NULL)) {
337 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
340 if ((conn != fsp->conn) || (req->vuid != fsp->vuid)) {
341 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
347 /****************************************************************************
348 Check if we have a correct fsp pointing to a file.
349 ****************************************************************************/
351 bool check_fsp(connection_struct *conn, struct smb_request *req,
354 if (!check_fsp_open(conn, req, fsp)) {
357 if (fsp->is_directory) {
358 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
361 if (fsp->fh->fd == -1) {
362 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
365 fsp->num_smb_operations++;
369 /****************************************************************************
370 Check if we have a correct fsp pointing to a quota fake file. Replacement for
371 the CHECK_NTQUOTA_HANDLE_OK macro.
372 ****************************************************************************/
374 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
377 if (!check_fsp_open(conn, req, fsp)) {
381 if (fsp->is_directory) {
385 if (fsp->fake_file_handle == NULL) {
389 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
393 if (fsp->fake_file_handle->private_data == NULL) {
400 static bool netbios_session_retarget(struct smbd_server_connection *sconn,
401 const char *name, int name_type)
404 char *trim_name_type;
405 const char *retarget_parm;
408 int retarget_type = 0x20;
409 int retarget_port = 139;
410 struct sockaddr_storage retarget_addr;
411 struct sockaddr_in *in_addr;
415 if (get_socket_port(sconn->sock) != 139) {
419 trim_name = talloc_strdup(talloc_tos(), name);
420 if (trim_name == NULL) {
423 trim_char(trim_name, ' ', ' ');
425 trim_name_type = talloc_asprintf(trim_name, "%s#%2.2x", trim_name,
427 if (trim_name_type == NULL) {
431 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
432 trim_name_type, NULL);
433 if (retarget_parm == NULL) {
434 retarget_parm = lp_parm_const_string(-1, "netbios retarget",
437 if (retarget_parm == NULL) {
441 retarget = talloc_strdup(trim_name, retarget_parm);
442 if (retarget == NULL) {
446 DEBUG(10, ("retargeting %s to %s\n", trim_name_type, retarget));
448 p = strchr(retarget, ':');
451 retarget_port = atoi(p);
454 p = strchr_m(retarget, '#');
457 sscanf(p, "%x", &retarget_type);
460 ret = resolve_name(retarget, &retarget_addr, retarget_type, false);
462 DEBUG(10, ("could not resolve %s\n", retarget));
466 if (retarget_addr.ss_family != AF_INET) {
467 DEBUG(10, ("Retarget target not an IPv4 addr\n"));
471 in_addr = (struct sockaddr_in *)(void *)&retarget_addr;
473 _smb_setlen(outbuf, 6);
474 SCVAL(outbuf, 0, 0x84);
475 *(uint32_t *)(outbuf+4) = in_addr->sin_addr.s_addr;
476 *(uint16_t *)(outbuf+8) = htons(retarget_port);
478 if (!srv_send_smb(sconn, (char *)outbuf, false, 0, false,
480 exit_server_cleanly("netbios_session_regarget: srv_send_smb "
486 TALLOC_FREE(trim_name);
490 /****************************************************************************
491 Reply to a (netbios-level) special message.
492 ****************************************************************************/
494 void reply_special(struct smbd_server_connection *sconn, char *inbuf, size_t inbuf_size)
496 int msg_type = CVAL(inbuf,0);
497 int msg_flags = CVAL(inbuf,1);
499 * We only really use 4 bytes of the outbuf, but for the smb_setlen
500 * calculation & friends (srv_send_smb uses that) we need the full smb
503 char outbuf[smb_size];
505 memset(outbuf, '\0', sizeof(outbuf));
507 smb_setlen(outbuf,0);
510 case 0x81: /* session request */
512 /* inbuf_size is guarenteed to be at least 4. */
514 int name_type1, name_type2;
515 int name_len1, name_len2;
519 if (sconn->nbt.got_session) {
520 exit_server_cleanly("multiple session request not permitted");
523 SCVAL(outbuf,0,0x82);
526 /* inbuf_size is guaranteed to be at least 4. */
527 name_len1 = name_len((unsigned char *)(inbuf+4),inbuf_size - 4);
528 if (name_len1 <= 0 || name_len1 > inbuf_size - 4) {
529 DEBUG(0,("Invalid name length in session request\n"));
532 name_len2 = name_len((unsigned char *)(inbuf+4+name_len1),inbuf_size - 4 - name_len1);
533 if (name_len2 <= 0 || name_len2 > inbuf_size - 4 - name_len1) {
534 DEBUG(0,("Invalid name length in session request\n"));
538 name_type1 = name_extract((unsigned char *)inbuf,
539 inbuf_size,(unsigned int)4,name1);
540 name_type2 = name_extract((unsigned char *)inbuf,
541 inbuf_size,(unsigned int)(4 + name_len1),name2);
543 if (name_type1 == -1 || name_type2 == -1) {
544 DEBUG(0,("Invalid name type in session request\n"));
548 DEBUG(2,("netbios connect: name1=%s0x%x name2=%s0x%x\n",
549 name1, name_type1, name2, name_type2));
551 if (netbios_session_retarget(sconn, name1, name_type1)) {
552 exit_server_cleanly("retargeted client");
556 * Windows NT/2k uses "*SMBSERVER" and XP uses
557 * "*SMBSERV" arrggg!!!
559 if (strequal(name1, "*SMBSERVER ")
560 || strequal(name1, "*SMBSERV ")) {
561 fstrcpy(name1, sconn->client_id.addr);
564 set_local_machine_name(name1, True);
565 set_remote_machine_name(name2, True);
567 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
568 get_local_machine_name(), get_remote_machine_name(),
571 if (name_type2 == 'R') {
572 /* We are being asked for a pathworks session ---
574 SCVAL(outbuf, 0,0x83);
578 /* only add the client's machine name to the list
579 of possibly valid usernames if we are operating
580 in share mode security */
581 if (lp_security() == SEC_SHARE) {
582 add_session_user(sconn, get_remote_machine_name());
585 reload_services(sconn->msg_ctx, sconn->sock, True);
588 sconn->nbt.got_session = true;
592 case 0x89: /* session keepalive request
593 (some old clients produce this?) */
594 SCVAL(outbuf,0,SMBkeepalive);
598 case 0x82: /* positive session response */
599 case 0x83: /* negative session response */
600 case 0x84: /* retarget session response */
601 DEBUG(0,("Unexpected session response\n"));
604 case SMBkeepalive: /* session keepalive */
609 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
610 msg_type, msg_flags));
612 srv_send_smb(sconn, outbuf, false, 0, false, NULL);
616 /****************************************************************************
618 conn POINTER CAN BE NULL HERE !
619 ****************************************************************************/
621 void reply_tcon(struct smb_request *req)
623 connection_struct *conn = req->conn;
625 char *service_buf = NULL;
626 char *password = NULL;
631 DATA_BLOB password_blob;
632 TALLOC_CTX *ctx = talloc_tos();
633 struct smbd_server_connection *sconn = req->sconn;
635 START_PROFILE(SMBtcon);
637 if (req->buflen < 4) {
638 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
639 END_PROFILE(SMBtcon);
643 p = (const char *)req->buf + 1;
644 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
646 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
648 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
651 if (service_buf == NULL || password == NULL || dev == NULL) {
652 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
653 END_PROFILE(SMBtcon);
656 p = strrchr_m(service_buf,'\\');
660 service = service_buf;
663 password_blob = data_blob(password, pwlen+1);
665 conn = make_connection(sconn,service,password_blob,dev,
666 req->vuid,&nt_status);
669 data_blob_clear_free(&password_blob);
672 reply_nterror(req, nt_status);
673 END_PROFILE(SMBtcon);
677 reply_outbuf(req, 2, 0);
678 SSVAL(req->outbuf,smb_vwv0,sconn->smb1.negprot.max_recv);
679 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
680 SSVAL(req->outbuf,smb_tid,conn->cnum);
682 DEBUG(3,("tcon service=%s cnum=%d\n",
683 service, conn->cnum));
685 END_PROFILE(SMBtcon);
689 /****************************************************************************
690 Reply to a tcon and X.
691 conn POINTER CAN BE NULL HERE !
692 ****************************************************************************/
694 void reply_tcon_and_X(struct smb_request *req)
696 connection_struct *conn = req->conn;
697 const char *service = NULL;
699 TALLOC_CTX *ctx = talloc_tos();
700 /* what the cleint thinks the device is */
701 char *client_devicetype = NULL;
702 /* what the server tells the client the share represents */
703 const char *server_devicetype;
709 struct smbd_server_connection *sconn = req->sconn;
711 START_PROFILE(SMBtconX);
714 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
715 END_PROFILE(SMBtconX);
719 passlen = SVAL(req->vwv+3, 0);
720 tcon_flags = SVAL(req->vwv+2, 0);
722 /* we might have to close an old one */
723 if ((tcon_flags & 0x1) && conn) {
724 close_cnum(conn,req->vuid);
729 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
730 reply_force_doserror(req, ERRDOS, ERRbuftoosmall);
731 END_PROFILE(SMBtconX);
735 if (sconn->smb1.negprot.encrypted_passwords) {
736 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
737 if (lp_security() == SEC_SHARE) {
739 * Security = share always has a pad byte
740 * after the password.
742 p = (const char *)req->buf + passlen + 1;
744 p = (const char *)req->buf + passlen;
747 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
748 /* Ensure correct termination */
749 password.data[passlen]=0;
750 p = (const char *)req->buf + passlen + 1;
753 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
756 data_blob_clear_free(&password);
757 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
758 END_PROFILE(SMBtconX);
763 * the service name can be either: \\server\share
764 * or share directly like on the DELL PowerVault 705
767 q = strchr_m(path+2,'\\');
769 data_blob_clear_free(&password);
770 reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME);
771 END_PROFILE(SMBtconX);
779 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
780 &client_devicetype, p,
781 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
783 if (client_devicetype == NULL) {
784 data_blob_clear_free(&password);
785 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
786 END_PROFILE(SMBtconX);
790 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
792 conn = make_connection(sconn, service, password, client_devicetype,
793 req->vuid, &nt_status);
796 data_blob_clear_free(&password);
799 reply_nterror(req, nt_status);
800 END_PROFILE(SMBtconX);
805 server_devicetype = "IPC";
806 else if ( IS_PRINT(conn) )
807 server_devicetype = "LPT1:";
809 server_devicetype = "A:";
811 if (get_Protocol() < PROTOCOL_NT1) {
812 reply_outbuf(req, 2, 0);
813 if (message_push_string(&req->outbuf, server_devicetype,
814 STR_TERMINATE|STR_ASCII) == -1) {
815 reply_nterror(req, NT_STATUS_NO_MEMORY);
816 END_PROFILE(SMBtconX);
820 /* NT sets the fstype of IPC$ to the null string */
821 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
823 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
824 /* Return permissions. */
828 reply_outbuf(req, 7, 0);
831 perm1 = FILE_ALL_ACCESS;
832 perm2 = FILE_ALL_ACCESS;
834 perm1 = CAN_WRITE(conn) ?
839 SIVAL(req->outbuf, smb_vwv3, perm1);
840 SIVAL(req->outbuf, smb_vwv5, perm2);
842 reply_outbuf(req, 3, 0);
845 if ((message_push_string(&req->outbuf, server_devicetype,
846 STR_TERMINATE|STR_ASCII) == -1)
847 || (message_push_string(&req->outbuf, fstype,
848 STR_TERMINATE) == -1)) {
849 reply_nterror(req, NT_STATUS_NO_MEMORY);
850 END_PROFILE(SMBtconX);
854 /* what does setting this bit do? It is set by NT4 and
855 may affect the ability to autorun mounted cdroms */
856 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
857 (lp_csc_policy(SNUM(conn)) << 2));
859 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
860 DEBUG(2,("Serving %s as a Dfs root\n",
861 lp_servicename(SNUM(conn)) ));
862 SSVAL(req->outbuf, smb_vwv2,
863 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
868 DEBUG(3,("tconX service=%s \n",
871 /* set the incoming and outgoing tid to the just created one */
872 SSVAL(req->inbuf,smb_tid,conn->cnum);
873 SSVAL(req->outbuf,smb_tid,conn->cnum);
875 END_PROFILE(SMBtconX);
877 req->tid = conn->cnum;
882 /****************************************************************************
883 Reply to an unknown type.
884 ****************************************************************************/
886 void reply_unknown_new(struct smb_request *req, uint8 type)
888 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
889 smb_fn_name(type), type, type));
890 reply_force_doserror(req, ERRSRV, ERRunknownsmb);
894 /****************************************************************************
896 conn POINTER CAN BE NULL HERE !
897 ****************************************************************************/
899 void reply_ioctl(struct smb_request *req)
901 connection_struct *conn = req->conn;
908 START_PROFILE(SMBioctl);
911 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
912 END_PROFILE(SMBioctl);
916 device = SVAL(req->vwv+1, 0);
917 function = SVAL(req->vwv+2, 0);
918 ioctl_code = (device << 16) + function;
920 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
922 switch (ioctl_code) {
923 case IOCTL_QUERY_JOB_INFO:
927 reply_force_doserror(req, ERRSRV, ERRnosupport);
928 END_PROFILE(SMBioctl);
932 reply_outbuf(req, 8, replysize+1);
933 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
934 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
935 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
936 p = smb_buf(req->outbuf);
937 memset(p, '\0', replysize+1); /* valgrind-safe. */
938 p += 1; /* Allow for alignment */
940 switch (ioctl_code) {
941 case IOCTL_QUERY_JOB_INFO:
943 files_struct *fsp = file_fsp(
944 req, SVAL(req->vwv+0, 0));
946 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
947 END_PROFILE(SMBioctl);
951 if (fsp->print_file) {
952 SSVAL(p, 0, fsp->print_file->rap_jobid);
956 srvstr_push((char *)req->outbuf, req->flags2, p+2,
958 STR_TERMINATE|STR_ASCII);
960 srvstr_push((char *)req->outbuf, req->flags2,
961 p+18, lp_servicename(SNUM(conn)),
962 13, STR_TERMINATE|STR_ASCII);
970 END_PROFILE(SMBioctl);
974 /****************************************************************************
975 Strange checkpath NTSTATUS mapping.
976 ****************************************************************************/
978 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
980 /* Strange DOS error code semantics only for checkpath... */
981 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
982 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
983 /* We need to map to ERRbadpath */
984 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
990 /****************************************************************************
991 Reply to a checkpath.
992 ****************************************************************************/
994 void reply_checkpath(struct smb_request *req)
996 connection_struct *conn = req->conn;
997 struct smb_filename *smb_fname = NULL;
1000 TALLOC_CTX *ctx = talloc_tos();
1002 START_PROFILE(SMBcheckpath);
1004 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
1005 STR_TERMINATE, &status);
1007 if (!NT_STATUS_IS_OK(status)) {
1008 status = map_checkpath_error(req->flags2, status);
1009 reply_nterror(req, status);
1010 END_PROFILE(SMBcheckpath);
1014 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
1016 status = filename_convert(ctx,
1018 req->flags2 & FLAGS2_DFS_PATHNAMES,
1024 if (!NT_STATUS_IS_OK(status)) {
1025 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1026 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1027 ERRSRV, ERRbadpath);
1028 END_PROFILE(SMBcheckpath);
1034 if (!VALID_STAT(smb_fname->st) &&
1035 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1036 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",
1037 smb_fname_str_dbg(smb_fname), strerror(errno)));
1038 status = map_nt_error_from_unix(errno);
1042 if (!S_ISDIR(smb_fname->st.st_ex_mode)) {
1043 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
1044 ERRDOS, ERRbadpath);
1048 reply_outbuf(req, 0, 0);
1051 /* We special case this - as when a Windows machine
1052 is parsing a path is steps through the components
1053 one at a time - if a component fails it expects
1054 ERRbadpath, not ERRbadfile.
1056 status = map_checkpath_error(req->flags2, status);
1057 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
1059 * Windows returns different error codes if
1060 * the parent directory is valid but not the
1061 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
1062 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
1063 * if the path is invalid.
1065 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
1066 ERRDOS, ERRbadpath);
1070 reply_nterror(req, status);
1073 TALLOC_FREE(smb_fname);
1074 END_PROFILE(SMBcheckpath);
1078 /****************************************************************************
1080 ****************************************************************************/
1082 void reply_getatr(struct smb_request *req)
1084 connection_struct *conn = req->conn;
1085 struct smb_filename *smb_fname = NULL;
1092 TALLOC_CTX *ctx = talloc_tos();
1093 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1095 START_PROFILE(SMBgetatr);
1097 p = (const char *)req->buf + 1;
1098 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1099 if (!NT_STATUS_IS_OK(status)) {
1100 reply_nterror(req, status);
1104 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1105 under WfWg - weird! */
1106 if (*fname == '\0') {
1107 mode = aHIDDEN | aDIR;
1108 if (!CAN_WRITE(conn)) {
1114 status = filename_convert(ctx,
1116 req->flags2 & FLAGS2_DFS_PATHNAMES,
1121 if (!NT_STATUS_IS_OK(status)) {
1122 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1123 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1124 ERRSRV, ERRbadpath);
1127 reply_nterror(req, status);
1130 if (!VALID_STAT(smb_fname->st) &&
1131 (SMB_VFS_STAT(conn, smb_fname) != 0)) {
1132 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",
1133 smb_fname_str_dbg(smb_fname),
1135 reply_nterror(req, map_nt_error_from_unix(errno));
1139 mode = dos_mode(conn, smb_fname);
1140 size = smb_fname->st.st_ex_size;
1142 if (ask_sharemode) {
1143 struct timespec write_time_ts;
1144 struct file_id fileid;
1146 ZERO_STRUCT(write_time_ts);
1147 fileid = vfs_file_id_from_sbuf(conn, &smb_fname->st);
1148 get_file_infos(fileid, 0, NULL, &write_time_ts);
1149 if (!null_timespec(write_time_ts)) {
1150 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1154 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1160 reply_outbuf(req, 10, 0);
1162 SSVAL(req->outbuf,smb_vwv0,mode);
1163 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1164 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1166 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1168 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1170 if (get_Protocol() >= PROTOCOL_NT1) {
1171 SSVAL(req->outbuf, smb_flg2,
1172 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1175 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n",
1176 smb_fname_str_dbg(smb_fname), mode, (unsigned int)size));
1179 TALLOC_FREE(smb_fname);
1181 END_PROFILE(SMBgetatr);
1185 /****************************************************************************
1187 ****************************************************************************/
1189 void reply_setatr(struct smb_request *req)
1191 struct smb_file_time ft;
1192 connection_struct *conn = req->conn;
1193 struct smb_filename *smb_fname = NULL;
1199 TALLOC_CTX *ctx = talloc_tos();
1201 START_PROFILE(SMBsetatr);
1206 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1210 p = (const char *)req->buf + 1;
1211 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1212 if (!NT_STATUS_IS_OK(status)) {
1213 reply_nterror(req, status);
1217 status = filename_convert(ctx,
1219 req->flags2 & FLAGS2_DFS_PATHNAMES,
1224 if (!NT_STATUS_IS_OK(status)) {
1225 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1226 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1227 ERRSRV, ERRbadpath);
1230 reply_nterror(req, status);
1234 if (smb_fname->base_name[0] == '.' &&
1235 smb_fname->base_name[1] == '\0') {
1237 * Not sure here is the right place to catch this
1238 * condition. Might be moved to somewhere else later -- vl
1240 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1244 mode = SVAL(req->vwv+0, 0);
1245 mtime = srv_make_unix_date3(req->vwv+1);
1247 ft.mtime = convert_time_t_to_timespec(mtime);
1248 status = smb_set_file_time(conn, NULL, smb_fname, &ft, true);
1249 if (!NT_STATUS_IS_OK(status)) {
1250 reply_nterror(req, status);
1254 if (mode != FILE_ATTRIBUTE_NORMAL) {
1255 if (VALID_STAT_OF_DIR(smb_fname->st))
1260 if (file_set_dosmode(conn, smb_fname, mode, NULL,
1262 reply_nterror(req, map_nt_error_from_unix(errno));
1267 reply_outbuf(req, 0, 0);
1269 DEBUG(3, ("setatr name=%s mode=%d\n", smb_fname_str_dbg(smb_fname),
1272 TALLOC_FREE(smb_fname);
1273 END_PROFILE(SMBsetatr);
1277 /****************************************************************************
1279 ****************************************************************************/
1281 void reply_dskattr(struct smb_request *req)
1283 connection_struct *conn = req->conn;
1284 uint64_t dfree,dsize,bsize;
1285 START_PROFILE(SMBdskattr);
1287 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1288 reply_nterror(req, map_nt_error_from_unix(errno));
1289 END_PROFILE(SMBdskattr);
1293 reply_outbuf(req, 5, 0);
1295 if (get_Protocol() <= PROTOCOL_LANMAN2) {
1296 double total_space, free_space;
1297 /* we need to scale this to a number that DOS6 can handle. We
1298 use floating point so we can handle large drives on systems
1299 that don't have 64 bit integers
1301 we end up displaying a maximum of 2G to DOS systems
1303 total_space = dsize * (double)bsize;
1304 free_space = dfree * (double)bsize;
1306 dsize = (uint64_t)((total_space+63*512) / (64*512));
1307 dfree = (uint64_t)((free_space+63*512) / (64*512));
1309 if (dsize > 0xFFFF) dsize = 0xFFFF;
1310 if (dfree > 0xFFFF) dfree = 0xFFFF;
1312 SSVAL(req->outbuf,smb_vwv0,dsize);
1313 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1314 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1315 SSVAL(req->outbuf,smb_vwv3,dfree);
1317 SSVAL(req->outbuf,smb_vwv0,dsize);
1318 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1319 SSVAL(req->outbuf,smb_vwv2,512);
1320 SSVAL(req->outbuf,smb_vwv3,dfree);
1323 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1325 END_PROFILE(SMBdskattr);
1330 * Utility function to split the filename from the directory.
1332 static NTSTATUS split_fname_dir_mask(TALLOC_CTX *ctx, const char *fname_in,
1333 char **fname_dir_out,
1334 char **fname_mask_out)
1336 const char *p = NULL;
1337 char *fname_dir = NULL;
1338 char *fname_mask = NULL;
1340 p = strrchr_m(fname_in, '/');
1342 fname_dir = talloc_strdup(ctx, ".");
1343 fname_mask = talloc_strdup(ctx, fname_in);
1345 fname_dir = talloc_strndup(ctx, fname_in,
1346 PTR_DIFF(p, fname_in));
1347 fname_mask = talloc_strdup(ctx, p+1);
1350 if (!fname_dir || !fname_mask) {
1351 TALLOC_FREE(fname_dir);
1352 TALLOC_FREE(fname_mask);
1353 return NT_STATUS_NO_MEMORY;
1356 *fname_dir_out = fname_dir;
1357 *fname_mask_out = fname_mask;
1358 return NT_STATUS_OK;
1361 /****************************************************************************
1363 Can be called from SMBsearch, SMBffirst or SMBfunique.
1364 ****************************************************************************/
1366 void reply_search(struct smb_request *req)
1368 connection_struct *conn = req->conn;
1370 const char *mask = NULL;
1371 char *directory = NULL;
1372 struct smb_filename *smb_fname = NULL;
1376 struct timespec date;
1378 unsigned int numentries = 0;
1379 unsigned int maxentries = 0;
1380 bool finished = False;
1385 bool check_descend = False;
1386 bool expect_close = False;
1388 bool mask_contains_wcard = False;
1389 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1390 TALLOC_CTX *ctx = talloc_tos();
1391 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1392 struct dptr_struct *dirptr = NULL;
1393 struct smbd_server_connection *sconn = req->sconn;
1395 START_PROFILE(SMBsearch);
1398 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1402 if (lp_posix_pathnames()) {
1403 reply_unknown_new(req, req->cmd);
1407 /* If we were called as SMBffirst then we must expect close. */
1408 if(req->cmd == SMBffirst) {
1409 expect_close = True;
1412 reply_outbuf(req, 1, 3);
1413 maxentries = SVAL(req->vwv+0, 0);
1414 dirtype = SVAL(req->vwv+1, 0);
1415 p = (const char *)req->buf + 1;
1416 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1417 &nt_status, &mask_contains_wcard);
1418 if (!NT_STATUS_IS_OK(nt_status)) {
1419 reply_nterror(req, nt_status);
1424 status_len = SVAL(p, 0);
1427 /* dirtype &= ~aDIR; */
1429 if (status_len == 0) {
1430 nt_status = filename_convert(ctx, conn,
1431 req->flags2 & FLAGS2_DFS_PATHNAMES,
1433 UCF_ALWAYS_ALLOW_WCARD_LCOMP,
1434 &mask_contains_wcard,
1436 if (!NT_STATUS_IS_OK(nt_status)) {
1437 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1438 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1439 ERRSRV, ERRbadpath);
1442 reply_nterror(req, nt_status);
1446 directory = smb_fname->base_name;
1448 p = strrchr_m(directory,'/');
1449 if ((p != NULL) && (*directory != '/')) {
1451 directory = talloc_strndup(ctx, directory,
1452 PTR_DIFF(p, directory));
1455 directory = talloc_strdup(ctx,".");
1459 reply_nterror(req, NT_STATUS_NO_MEMORY);
1463 memset((char *)status,'\0',21);
1464 SCVAL(status,0,(dirtype & 0x1F));
1466 nt_status = dptr_create(conn,
1473 mask_contains_wcard,
1476 if (!NT_STATUS_IS_OK(nt_status)) {
1477 reply_nterror(req, nt_status);
1480 dptr_num = dptr_dnum(dirptr);
1483 const char *dirpath;
1485 memcpy(status,p,21);
1486 status_dirtype = CVAL(status,0) & 0x1F;
1487 if (status_dirtype != (dirtype & 0x1F)) {
1488 dirtype = status_dirtype;
1491 dirptr = dptr_fetch(sconn, status+12,&dptr_num);
1495 dirpath = dptr_path(sconn, dptr_num);
1496 directory = talloc_strdup(ctx, dirpath);
1498 reply_nterror(req, NT_STATUS_NO_MEMORY);
1502 mask = dptr_wcard(sconn, dptr_num);
1507 * For a 'continue' search we have no string. So
1508 * check from the initial saved string.
1510 mask_contains_wcard = ms_has_wild(mask);
1511 dirtype = dptr_attr(sconn, dptr_num);
1514 DEBUG(4,("dptr_num is %d\n",dptr_num));
1516 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1517 dptr_init_search_op(dirptr);
1519 if ((dirtype&0x1F) == aVOLID) {
1520 char buf[DIR_STRUCT_SIZE];
1521 memcpy(buf,status,21);
1522 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1523 0,aVOLID,0,!allow_long_path_components)) {
1524 reply_nterror(req, NT_STATUS_NO_MEMORY);
1527 dptr_fill(sconn, buf+12,dptr_num);
1528 if (dptr_zero(buf+12) && (status_len==0)) {
1533 if (message_push_blob(&req->outbuf,
1534 data_blob_const(buf, sizeof(buf)))
1536 reply_nterror(req, NT_STATUS_NO_MEMORY);
1544 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1547 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1548 directory,lp_dontdescend(SNUM(conn))));
1549 if (in_list(directory, lp_dontdescend(SNUM(conn)),True)) {
1550 check_descend = True;
1553 for (i=numentries;(i<maxentries) && !finished;i++) {
1554 finished = !get_dir_entry(ctx,
1565 char buf[DIR_STRUCT_SIZE];
1566 memcpy(buf,status,21);
1567 if (!make_dir_struct(ctx,
1573 convert_timespec_to_time_t(date),
1574 !allow_long_path_components)) {
1575 reply_nterror(req, NT_STATUS_NO_MEMORY);
1578 if (!dptr_fill(sconn, buf+12,dptr_num)) {
1581 if (message_push_blob(&req->outbuf,
1582 data_blob_const(buf, sizeof(buf)))
1584 reply_nterror(req, NT_STATUS_NO_MEMORY);
1594 /* If we were called as SMBffirst with smb_search_id == NULL
1595 and no entries were found then return error and close dirptr
1598 if (numentries == 0) {
1599 dptr_close(sconn, &dptr_num);
1600 } else if(expect_close && status_len == 0) {
1601 /* Close the dptr - we know it's gone */
1602 dptr_close(sconn, &dptr_num);
1605 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1606 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1607 dptr_close(sconn, &dptr_num);
1610 if ((numentries == 0) && !mask_contains_wcard) {
1611 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1615 SSVAL(req->outbuf,smb_vwv0,numentries);
1616 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1617 SCVAL(smb_buf(req->outbuf),0,5);
1618 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1620 /* The replies here are never long name. */
1621 SSVAL(req->outbuf, smb_flg2,
1622 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1623 if (!allow_long_path_components) {
1624 SSVAL(req->outbuf, smb_flg2,
1625 SVAL(req->outbuf, smb_flg2)
1626 & (~FLAGS2_LONG_PATH_COMPONENTS));
1629 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1630 SSVAL(req->outbuf, smb_flg2,
1631 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1633 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1634 smb_fn_name(req->cmd),
1641 TALLOC_FREE(directory);
1642 TALLOC_FREE(smb_fname);
1643 END_PROFILE(SMBsearch);
1647 /****************************************************************************
1648 Reply to a fclose (stop directory search).
1649 ****************************************************************************/
1651 void reply_fclose(struct smb_request *req)
1659 bool path_contains_wcard = False;
1660 TALLOC_CTX *ctx = talloc_tos();
1661 struct smbd_server_connection *sconn = req->sconn;
1663 START_PROFILE(SMBfclose);
1665 if (lp_posix_pathnames()) {
1666 reply_unknown_new(req, req->cmd);
1667 END_PROFILE(SMBfclose);
1671 p = (const char *)req->buf + 1;
1672 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1673 &err, &path_contains_wcard);
1674 if (!NT_STATUS_IS_OK(err)) {
1675 reply_nterror(req, err);
1676 END_PROFILE(SMBfclose);
1680 status_len = SVAL(p,0);
1683 if (status_len == 0) {
1684 reply_force_doserror(req, ERRSRV, ERRsrverror);
1685 END_PROFILE(SMBfclose);
1689 memcpy(status,p,21);
1691 if(dptr_fetch(sconn, status+12,&dptr_num)) {
1692 /* Close the dptr - we know it's gone */
1693 dptr_close(sconn, &dptr_num);
1696 reply_outbuf(req, 1, 0);
1697 SSVAL(req->outbuf,smb_vwv0,0);
1699 DEBUG(3,("search close\n"));
1701 END_PROFILE(SMBfclose);
1705 /****************************************************************************
1707 ****************************************************************************/
1709 void reply_open(struct smb_request *req)
1711 connection_struct *conn = req->conn;
1712 struct smb_filename *smb_fname = NULL;
1724 uint32 create_disposition;
1725 uint32 create_options = 0;
1726 uint32_t private_flags = 0;
1728 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1729 TALLOC_CTX *ctx = talloc_tos();
1731 START_PROFILE(SMBopen);
1734 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1738 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1739 deny_mode = SVAL(req->vwv+0, 0);
1740 dos_attr = SVAL(req->vwv+1, 0);
1742 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1743 STR_TERMINATE, &status);
1744 if (!NT_STATUS_IS_OK(status)) {
1745 reply_nterror(req, status);
1749 status = filename_convert(ctx,
1751 req->flags2 & FLAGS2_DFS_PATHNAMES,
1756 if (!NT_STATUS_IS_OK(status)) {
1757 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1758 reply_botherror(req,
1759 NT_STATUS_PATH_NOT_COVERED,
1760 ERRSRV, ERRbadpath);
1763 reply_nterror(req, status);
1767 if (!map_open_params_to_ntcreate(smb_fname, deny_mode,
1768 OPENX_FILE_EXISTS_OPEN, &access_mask,
1769 &share_mode, &create_disposition,
1770 &create_options, &private_flags)) {
1771 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1775 status = SMB_VFS_CREATE_FILE(
1778 0, /* root_dir_fid */
1779 smb_fname, /* fname */
1780 access_mask, /* access_mask */
1781 share_mode, /* share_access */
1782 create_disposition, /* create_disposition*/
1783 create_options, /* create_options */
1784 dos_attr, /* file_attributes */
1785 oplock_request, /* oplock_request */
1786 0, /* allocation_size */
1793 if (!NT_STATUS_IS_OK(status)) {
1794 if (open_was_deferred(req->mid)) {
1795 /* We have re-scheduled this call. */
1798 reply_openerror(req, status);
1802 size = smb_fname->st.st_ex_size;
1803 fattr = dos_mode(conn, smb_fname);
1805 /* Deal with other possible opens having a modified
1807 if (ask_sharemode) {
1808 struct timespec write_time_ts;
1810 ZERO_STRUCT(write_time_ts);
1811 get_file_infos(fsp->file_id, 0, NULL, &write_time_ts);
1812 if (!null_timespec(write_time_ts)) {
1813 update_stat_ex_mtime(&smb_fname->st, write_time_ts);
1817 mtime = convert_timespec_to_time_t(smb_fname->st.st_ex_mtime);
1820 DEBUG(3,("attempt to open a directory %s\n",
1822 close_file(req, fsp, ERROR_CLOSE);
1823 reply_botherror(req, NT_STATUS_ACCESS_DENIED,
1824 ERRDOS, ERRnoaccess);
1828 reply_outbuf(req, 7, 0);
1829 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1830 SSVAL(req->outbuf,smb_vwv1,fattr);
1831 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1832 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1834 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1836 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1837 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1839 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1840 SCVAL(req->outbuf,smb_flg,
1841 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1844 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1845 SCVAL(req->outbuf,smb_flg,
1846 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1849 TALLOC_FREE(smb_fname);
1850 END_PROFILE(SMBopen);
1854 /****************************************************************************
1855 Reply to an open and X.
1856 ****************************************************************************/
1858 void reply_open_and_X(struct smb_request *req)
1860 connection_struct *conn = req->conn;
1861 struct smb_filename *smb_fname = NULL;
1866 /* Breakout the oplock request bits so we can set the
1867 reply bits separately. */
1868 int ex_oplock_request;
1869 int core_oplock_request;
1872 int smb_sattr = SVAL(req->vwv+4, 0);
1873 uint32 smb_time = make_unix_date3(req->vwv+6);
1881 uint64_t allocation_size;
1882 ssize_t retval = -1;
1885 uint32 create_disposition;
1886 uint32 create_options = 0;
1887 uint32_t private_flags = 0;
1888 TALLOC_CTX *ctx = talloc_tos();
1890 START_PROFILE(SMBopenX);
1892 if (req->wct < 15) {
1893 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1897 open_flags = SVAL(req->vwv+2, 0);
1898 deny_mode = SVAL(req->vwv+3, 0);
1899 smb_attr = SVAL(req->vwv+5, 0);
1900 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1901 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1902 oplock_request = ex_oplock_request | core_oplock_request;
1903 smb_ofun = SVAL(req->vwv+8, 0);
1904 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1906 /* If it's an IPC, pass off the pipe handler. */
1908 if (lp_nt_pipe_support()) {
1909 reply_open_pipe_and_X(conn, req);
1911 reply_nterror(req, NT_STATUS_NETWORK_ACCESS_DENIED);
1916 /* XXXX we need to handle passed times, sattr and flags */
1917 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1918 STR_TERMINATE, &status);
1919 if (!NT_STATUS_IS_OK(status)) {
1920 reply_nterror(req, status);
1924 status = filename_convert(ctx,
1926 req->flags2 & FLAGS2_DFS_PATHNAMES,
1931 if (!NT_STATUS_IS_OK(status)) {
1932 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1933 reply_botherror(req,
1934 NT_STATUS_PATH_NOT_COVERED,
1935 ERRSRV, ERRbadpath);
1938 reply_nterror(req, status);
1942 if (!map_open_params_to_ntcreate(smb_fname, deny_mode, smb_ofun,
1943 &access_mask, &share_mode,
1944 &create_disposition,
1947 reply_force_doserror(req, ERRDOS, ERRbadaccess);
1951 status = SMB_VFS_CREATE_FILE(
1954 0, /* root_dir_fid */
1955 smb_fname, /* fname */
1956 access_mask, /* access_mask */
1957 share_mode, /* share_access */
1958 create_disposition, /* create_disposition*/
1959 create_options, /* create_options */
1960 smb_attr, /* file_attributes */
1961 oplock_request, /* oplock_request */
1962 0, /* allocation_size */
1967 &smb_action); /* pinfo */
1969 if (!NT_STATUS_IS_OK(status)) {
1970 if (open_was_deferred(req->mid)) {
1971 /* We have re-scheduled this call. */
1974 reply_openerror(req, status);
1978 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1979 if the file is truncated or created. */
1980 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1981 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1982 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1983 close_file(req, fsp, ERROR_CLOSE);
1984 reply_nterror(req, NT_STATUS_DISK_FULL);
1987 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1989 close_file(req, fsp, ERROR_CLOSE);
1990 reply_nterror(req, NT_STATUS_DISK_FULL);
1993 status = vfs_stat_fsp(fsp);
1994 if (!NT_STATUS_IS_OK(status)) {
1995 close_file(req, fsp, ERROR_CLOSE);
1996 reply_nterror(req, status);
2001 fattr = dos_mode(conn, fsp->fsp_name);
2002 mtime = convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime);
2004 close_file(req, fsp, ERROR_CLOSE);
2005 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
2009 /* If the caller set the extended oplock request bit
2010 and we granted one (by whatever means) - set the
2011 correct bit for extended oplock reply.
2014 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2015 smb_action |= EXTENDED_OPLOCK_GRANTED;
2018 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2019 smb_action |= EXTENDED_OPLOCK_GRANTED;
2022 /* If the caller set the core oplock request bit
2023 and we granted one (by whatever means) - set the
2024 correct bit for core oplock reply.
2027 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2028 reply_outbuf(req, 19, 0);
2030 reply_outbuf(req, 15, 0);
2033 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
2034 SCVAL(req->outbuf, smb_flg,
2035 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2038 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2039 SCVAL(req->outbuf, smb_flg,
2040 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2043 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
2044 SSVAL(req->outbuf,smb_vwv3,fattr);
2045 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
2046 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
2048 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
2050 SIVAL(req->outbuf,smb_vwv6,(uint32)fsp->fsp_name->st.st_ex_size);
2051 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
2052 SSVAL(req->outbuf,smb_vwv11,smb_action);
2054 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
2055 SIVAL(req->outbuf, smb_vwv15, SEC_STD_ALL);
2060 TALLOC_FREE(smb_fname);
2061 END_PROFILE(SMBopenX);
2065 /****************************************************************************
2066 Reply to a SMBulogoffX.
2067 ****************************************************************************/
2069 void reply_ulogoffX(struct smb_request *req)
2071 struct smbd_server_connection *sconn = req->sconn;
2074 START_PROFILE(SMBulogoffX);
2076 vuser = get_valid_user_struct(sconn, req->vuid);
2079 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
2083 /* in user level security we are supposed to close any files
2084 open by this user */
2085 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
2086 file_close_user(sconn, req->vuid);
2089 invalidate_vuid(sconn, req->vuid);
2091 reply_outbuf(req, 2, 0);
2093 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
2095 END_PROFILE(SMBulogoffX);
2096 req->vuid = UID_FIELD_INVALID;
2100 /****************************************************************************
2101 Reply to a mknew or a create.
2102 ****************************************************************************/
2104 void reply_mknew(struct smb_request *req)
2106 connection_struct *conn = req->conn;
2107 struct smb_filename *smb_fname = NULL;
2110 struct smb_file_time ft;
2112 int oplock_request = 0;
2114 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
2115 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
2116 uint32 create_disposition;
2117 uint32 create_options = 0;
2118 TALLOC_CTX *ctx = talloc_tos();
2120 START_PROFILE(SMBcreate);
2124 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2128 fattr = SVAL(req->vwv+0, 0);
2129 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2132 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
2134 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
2135 STR_TERMINATE, &status);
2136 if (!NT_STATUS_IS_OK(status)) {
2137 reply_nterror(req, status);
2141 status = filename_convert(ctx,
2143 req->flags2 & FLAGS2_DFS_PATHNAMES,
2148 if (!NT_STATUS_IS_OK(status)) {
2149 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2150 reply_botherror(req,
2151 NT_STATUS_PATH_NOT_COVERED,
2152 ERRSRV, ERRbadpath);
2155 reply_nterror(req, status);
2159 if (fattr & aVOLID) {
2160 DEBUG(0,("Attempt to create file (%s) with volid set - "
2161 "please report this\n",
2162 smb_fname_str_dbg(smb_fname)));
2165 if(req->cmd == SMBmknew) {
2166 /* We should fail if file exists. */
2167 create_disposition = FILE_CREATE;
2169 /* Create if file doesn't exist, truncate if it does. */
2170 create_disposition = FILE_OVERWRITE_IF;
2173 status = SMB_VFS_CREATE_FILE(
2176 0, /* root_dir_fid */
2177 smb_fname, /* fname */
2178 access_mask, /* access_mask */
2179 share_mode, /* share_access */
2180 create_disposition, /* create_disposition*/
2181 create_options, /* create_options */
2182 fattr, /* file_attributes */
2183 oplock_request, /* oplock_request */
2184 0, /* allocation_size */
2185 0, /* private_flags */
2191 if (!NT_STATUS_IS_OK(status)) {
2192 if (open_was_deferred(req->mid)) {
2193 /* We have re-scheduled this call. */
2196 reply_openerror(req, status);
2200 ft.atime = smb_fname->st.st_ex_atime; /* atime. */
2201 status = smb_set_file_time(conn, fsp, smb_fname, &ft, true);
2202 if (!NT_STATUS_IS_OK(status)) {
2203 END_PROFILE(SMBcreate);
2207 reply_outbuf(req, 1, 0);
2208 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2210 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2211 SCVAL(req->outbuf,smb_flg,
2212 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2215 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2216 SCVAL(req->outbuf,smb_flg,
2217 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2220 DEBUG(2, ("reply_mknew: file %s\n", smb_fname_str_dbg(smb_fname)));
2221 DEBUG(3, ("reply_mknew %s fd=%d dmode=0x%x\n",
2222 smb_fname_str_dbg(smb_fname), fsp->fh->fd,
2223 (unsigned int)fattr));
2226 TALLOC_FREE(smb_fname);
2227 END_PROFILE(SMBcreate);
2231 /****************************************************************************
2232 Reply to a create temporary file.
2233 ****************************************************************************/
2235 void reply_ctemp(struct smb_request *req)
2237 connection_struct *conn = req->conn;
2238 struct smb_filename *smb_fname = NULL;
2246 TALLOC_CTX *ctx = talloc_tos();
2248 START_PROFILE(SMBctemp);
2251 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2255 fattr = SVAL(req->vwv+0, 0);
2256 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2258 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2259 STR_TERMINATE, &status);
2260 if (!NT_STATUS_IS_OK(status)) {
2261 reply_nterror(req, status);
2265 fname = talloc_asprintf(ctx,
2269 fname = talloc_strdup(ctx, "TMXXXXXX");
2273 reply_nterror(req, NT_STATUS_NO_MEMORY);
2277 status = filename_convert(ctx, conn,
2278 req->flags2 & FLAGS2_DFS_PATHNAMES,
2283 if (!NT_STATUS_IS_OK(status)) {
2284 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2285 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2286 ERRSRV, ERRbadpath);
2289 reply_nterror(req, status);
2293 tmpfd = mkstemp(smb_fname->base_name);
2295 reply_nterror(req, map_nt_error_from_unix(errno));
2299 SMB_VFS_STAT(conn, smb_fname);
2301 /* We should fail if file does not exist. */
2302 status = SMB_VFS_CREATE_FILE(
2305 0, /* root_dir_fid */
2306 smb_fname, /* fname */
2307 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2308 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2309 FILE_OPEN, /* create_disposition*/
2310 0, /* create_options */
2311 fattr, /* file_attributes */
2312 oplock_request, /* oplock_request */
2313 0, /* allocation_size */
2314 0, /* private_flags */
2320 /* close fd from mkstemp() */
2323 if (!NT_STATUS_IS_OK(status)) {
2324 if (open_was_deferred(req->mid)) {
2325 /* We have re-scheduled this call. */
2328 reply_openerror(req, status);
2332 reply_outbuf(req, 1, 0);
2333 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2335 /* the returned filename is relative to the directory */
2336 s = strrchr_m(fsp->fsp_name->base_name, '/');
2338 s = fsp->fsp_name->base_name;
2344 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2345 thing in the byte section. JRA */
2346 SSVALS(p, 0, -1); /* what is this? not in spec */
2348 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2350 reply_nterror(req, NT_STATUS_NO_MEMORY);
2354 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2355 SCVAL(req->outbuf, smb_flg,
2356 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2359 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2360 SCVAL(req->outbuf, smb_flg,
2361 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2364 DEBUG(2, ("reply_ctemp: created temp file %s\n", fsp_str_dbg(fsp)));
2365 DEBUG(3, ("reply_ctemp %s fd=%d umode=0%o\n", fsp_str_dbg(fsp),
2366 fsp->fh->fd, (unsigned int)smb_fname->st.st_ex_mode));
2368 TALLOC_FREE(smb_fname);
2369 END_PROFILE(SMBctemp);
2373 /*******************************************************************
2374 Check if a user is allowed to rename a file.
2375 ********************************************************************/
2377 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2382 if (!CAN_WRITE(conn)) {
2383 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2386 fmode = dos_mode(conn, fsp->fsp_name);
2387 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2388 return NT_STATUS_NO_SUCH_FILE;
2391 if (S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
2392 if (fsp->posix_open) {
2393 return NT_STATUS_OK;
2396 /* If no pathnames are open below this
2397 directory, allow the rename. */
2399 if (file_find_subpath(fsp)) {
2400 return NT_STATUS_ACCESS_DENIED;
2402 return NT_STATUS_OK;
2405 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2406 return NT_STATUS_OK;
2409 return NT_STATUS_ACCESS_DENIED;
2412 /*******************************************************************
2413 * unlink a file with all relevant access checks
2414 *******************************************************************/
2416 static NTSTATUS do_unlink(connection_struct *conn,
2417 struct smb_request *req,
2418 struct smb_filename *smb_fname,
2423 uint32 dirtype_orig = dirtype;
2426 bool posix_paths = lp_posix_pathnames();
2428 DEBUG(10,("do_unlink: %s, dirtype = %d\n",
2429 smb_fname_str_dbg(smb_fname),
2432 if (!CAN_WRITE(conn)) {
2433 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2437 ret = SMB_VFS_LSTAT(conn, smb_fname);
2439 ret = SMB_VFS_STAT(conn, smb_fname);
2442 return map_nt_error_from_unix(errno);
2445 fattr = dos_mode(conn, smb_fname);
2447 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2448 dirtype = aDIR|aARCH|aRONLY;
2451 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2453 return NT_STATUS_NO_SUCH_FILE;
2456 if (!dir_check_ftype(conn, fattr, dirtype)) {
2458 return NT_STATUS_FILE_IS_A_DIRECTORY;
2460 return NT_STATUS_NO_SUCH_FILE;
2463 if (dirtype_orig & 0x8000) {
2464 /* These will never be set for POSIX. */
2465 return NT_STATUS_NO_SUCH_FILE;
2469 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2470 return NT_STATUS_FILE_IS_A_DIRECTORY;
2473 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2474 return NT_STATUS_NO_SUCH_FILE;
2477 if (dirtype & 0xFF00) {
2478 /* These will never be set for POSIX. */
2479 return NT_STATUS_NO_SUCH_FILE;
2484 return NT_STATUS_NO_SUCH_FILE;
2487 /* Can't delete a directory. */
2489 return NT_STATUS_FILE_IS_A_DIRECTORY;
2494 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2495 return NT_STATUS_OBJECT_NAME_INVALID;
2496 #endif /* JRATEST */
2498 /* On open checks the open itself will check the share mode, so
2499 don't do it here as we'll get it wrong. */
2501 status = SMB_VFS_CREATE_FILE
2504 0, /* root_dir_fid */
2505 smb_fname, /* fname */
2506 DELETE_ACCESS, /* access_mask */
2507 FILE_SHARE_NONE, /* share_access */
2508 FILE_OPEN, /* create_disposition*/
2509 FILE_NON_DIRECTORY_FILE, /* create_options */
2510 /* file_attributes */
2511 posix_paths ? FILE_FLAG_POSIX_SEMANTICS|0777 :
2512 FILE_ATTRIBUTE_NORMAL,
2513 0, /* oplock_request */
2514 0, /* allocation_size */
2515 0, /* private_flags */
2521 if (!NT_STATUS_IS_OK(status)) {
2522 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2523 nt_errstr(status)));
2527 status = can_set_delete_on_close(fsp, fattr);
2528 if (!NT_STATUS_IS_OK(status)) {
2529 DEBUG(10, ("do_unlink can_set_delete_on_close for file %s - "
2531 smb_fname_str_dbg(smb_fname),
2532 nt_errstr(status)));
2533 close_file(req, fsp, NORMAL_CLOSE);
2537 /* The set is across all open files on this dev/inode pair. */
2538 if (!set_delete_on_close(fsp, True, &conn->session_info->utok)) {
2539 close_file(req, fsp, NORMAL_CLOSE);
2540 return NT_STATUS_ACCESS_DENIED;
2543 return close_file(req, fsp, NORMAL_CLOSE);
2546 /****************************************************************************
2547 The guts of the unlink command, split out so it may be called by the NT SMB
2549 ****************************************************************************/
2551 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2552 uint32 dirtype, struct smb_filename *smb_fname,
2555 char *fname_dir = NULL;
2556 char *fname_mask = NULL;
2558 NTSTATUS status = NT_STATUS_OK;
2559 TALLOC_CTX *ctx = talloc_tos();
2561 /* Split up the directory from the filename/mask. */
2562 status = split_fname_dir_mask(ctx, smb_fname->base_name,
2563 &fname_dir, &fname_mask);
2564 if (!NT_STATUS_IS_OK(status)) {
2569 * We should only check the mangled cache
2570 * here if unix_convert failed. This means
2571 * that the path in 'mask' doesn't exist
2572 * on the file system and so we need to look
2573 * for a possible mangle. This patch from
2574 * Tine Smukavec <valentin.smukavec@hermes.si>.
2577 if (!VALID_STAT(smb_fname->st) &&
2578 mangle_is_mangled(fname_mask, conn->params)) {
2579 char *new_mask = NULL;
2580 mangle_lookup_name_from_8_3(ctx, fname_mask,
2581 &new_mask, conn->params);
2583 TALLOC_FREE(fname_mask);
2584 fname_mask = new_mask;
2591 * Only one file needs to be unlinked. Append the mask back
2592 * onto the directory.
2594 TALLOC_FREE(smb_fname->base_name);
2595 if (ISDOT(fname_dir)) {
2596 /* Ensure we use canonical names on open. */
2597 smb_fname->base_name = talloc_asprintf(smb_fname,
2601 smb_fname->base_name = talloc_asprintf(smb_fname,
2606 if (!smb_fname->base_name) {
2607 status = NT_STATUS_NO_MEMORY;
2611 dirtype = FILE_ATTRIBUTE_NORMAL;
2614 status = check_name(conn, smb_fname->base_name);
2615 if (!NT_STATUS_IS_OK(status)) {
2619 status = do_unlink(conn, req, smb_fname, dirtype);
2620 if (!NT_STATUS_IS_OK(status)) {
2626 struct smb_Dir *dir_hnd = NULL;
2628 const char *dname = NULL;
2629 char *talloced = NULL;
2631 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2632 status = NT_STATUS_OBJECT_NAME_INVALID;
2636 if (strequal(fname_mask,"????????.???")) {
2637 TALLOC_FREE(fname_mask);
2638 fname_mask = talloc_strdup(ctx, "*");
2640 status = NT_STATUS_NO_MEMORY;
2645 status = check_name(conn, fname_dir);
2646 if (!NT_STATUS_IS_OK(status)) {
2650 dir_hnd = OpenDir(talloc_tos(), conn, fname_dir, fname_mask,
2652 if (dir_hnd == NULL) {
2653 status = map_nt_error_from_unix(errno);
2657 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2658 the pattern matches against the long name, otherwise the short name
2659 We don't implement this yet XXXX
2662 status = NT_STATUS_NO_SUCH_FILE;
2664 while ((dname = ReadDirName(dir_hnd, &offset,
2665 &smb_fname->st, &talloced))) {
2666 TALLOC_CTX *frame = talloc_stackframe();
2668 if (!is_visible_file(conn, fname_dir, dname,
2669 &smb_fname->st, true)) {
2671 TALLOC_FREE(talloced);
2675 /* Quick check for "." and ".." */
2676 if (ISDOT(dname) || ISDOTDOT(dname)) {
2678 TALLOC_FREE(talloced);
2682 if(!mask_match(dname, fname_mask,
2683 conn->case_sensitive)) {
2685 TALLOC_FREE(talloced);
2689 TALLOC_FREE(smb_fname->base_name);
2690 if (ISDOT(fname_dir)) {
2691 /* Ensure we use canonical names on open. */
2692 smb_fname->base_name =
2693 talloc_asprintf(smb_fname, "%s",
2696 smb_fname->base_name =
2697 talloc_asprintf(smb_fname, "%s/%s",
2701 if (!smb_fname->base_name) {
2702 TALLOC_FREE(dir_hnd);
2703 status = NT_STATUS_NO_MEMORY;
2705 TALLOC_FREE(talloced);
2709 status = check_name(conn, smb_fname->base_name);
2710 if (!NT_STATUS_IS_OK(status)) {
2711 TALLOC_FREE(dir_hnd);
2713 TALLOC_FREE(talloced);
2717 status = do_unlink(conn, req, smb_fname, dirtype);
2718 if (!NT_STATUS_IS_OK(status)) {
2720 TALLOC_FREE(talloced);
2725 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2726 smb_fname->base_name));
2729 TALLOC_FREE(talloced);
2731 TALLOC_FREE(dir_hnd);
2734 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2735 status = map_nt_error_from_unix(errno);
2739 TALLOC_FREE(fname_dir);
2740 TALLOC_FREE(fname_mask);
2744 /****************************************************************************
2746 ****************************************************************************/
2748 void reply_unlink(struct smb_request *req)
2750 connection_struct *conn = req->conn;
2752 struct smb_filename *smb_fname = NULL;
2755 bool path_contains_wcard = False;
2756 TALLOC_CTX *ctx = talloc_tos();
2758 START_PROFILE(SMBunlink);
2761 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2765 dirtype = SVAL(req->vwv+0, 0);
2767 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2768 STR_TERMINATE, &status,
2769 &path_contains_wcard);
2770 if (!NT_STATUS_IS_OK(status)) {
2771 reply_nterror(req, status);
2775 status = filename_convert(ctx, conn,
2776 req->flags2 & FLAGS2_DFS_PATHNAMES,
2778 UCF_COND_ALLOW_WCARD_LCOMP,
2779 &path_contains_wcard,
2781 if (!NT_STATUS_IS_OK(status)) {
2782 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2783 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2784 ERRSRV, ERRbadpath);
2787 reply_nterror(req, status);
2791 DEBUG(3,("reply_unlink : %s\n", smb_fname_str_dbg(smb_fname)));
2793 status = unlink_internals(conn, req, dirtype, smb_fname,
2794 path_contains_wcard);
2795 if (!NT_STATUS_IS_OK(status)) {
2796 if (open_was_deferred(req->mid)) {
2797 /* We have re-scheduled this call. */
2800 reply_nterror(req, status);
2804 reply_outbuf(req, 0, 0);
2806 TALLOC_FREE(smb_fname);
2807 END_PROFILE(SMBunlink);
2811 /****************************************************************************
2813 ****************************************************************************/
2815 static void fail_readraw(void)
2817 const char *errstr = talloc_asprintf(talloc_tos(),
2818 "FAIL ! reply_readbraw: socket write fail (%s)",
2823 exit_server_cleanly(errstr);
2826 /****************************************************************************
2827 Fake (read/write) sendfile. Returns -1 on read or write fail.
2828 ****************************************************************************/
2830 ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread)
2833 size_t tosend = nread;
2840 bufsize = MIN(nread, 65536);
2842 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2846 while (tosend > 0) {
2850 if (tosend > bufsize) {
2855 ret = read_file(fsp,buf,startpos,cur_read);
2861 /* If we had a short read, fill with zeros. */
2862 if (ret < cur_read) {
2863 memset(buf + ret, '\0', cur_read - ret);
2866 if (write_data(fsp->conn->sconn->sock, buf, cur_read)
2868 char addr[INET6_ADDRSTRLEN];
2870 * Try and give an error message saying what
2873 DEBUG(0, ("write_data failed for client %s. "
2875 get_peer_addr(fsp->conn->sconn->sock, addr,
2882 startpos += cur_read;
2886 return (ssize_t)nread;
2889 /****************************************************************************
2890 Deal with the case of sendfile reading less bytes from the file than
2891 requested. Fill with zeros (all we can do).
2892 ****************************************************************************/
2894 void sendfile_short_send(files_struct *fsp,
2899 #define SHORT_SEND_BUFSIZE 1024
2900 if (nread < headersize) {
2901 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2902 "header for file %s (%s). Terminating\n",
2903 fsp_str_dbg(fsp), strerror(errno)));
2904 exit_server_cleanly("sendfile_short_send failed");
2907 nread -= headersize;
2909 if (nread < smb_maxcnt) {
2910 char *buf = SMB_CALLOC_ARRAY(char, SHORT_SEND_BUFSIZE);
2912 exit_server_cleanly("sendfile_short_send: "
2916 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2917 "with zeros !\n", fsp_str_dbg(fsp)));
2919 while (nread < smb_maxcnt) {
2921 * We asked for the real file size and told sendfile
2922 * to not go beyond the end of the file. But it can
2923 * happen that in between our fstat call and the
2924 * sendfile call the file was truncated. This is very
2925 * bad because we have already announced the larger
2926 * number of bytes to the client.
2928 * The best we can do now is to send 0-bytes, just as
2929 * a read from a hole in a sparse file would do.
2931 * This should happen rarely enough that I don't care
2932 * about efficiency here :-)
2936 to_write = MIN(SHORT_SEND_BUFSIZE, smb_maxcnt - nread);
2937 if (write_data(fsp->conn->sconn->sock, buf, to_write)
2939 char addr[INET6_ADDRSTRLEN];
2941 * Try and give an error message saying what
2944 DEBUG(0, ("write_data failed for client %s. "
2947 fsp->conn->sconn->sock, addr,
2950 exit_server_cleanly("sendfile_short_send: "
2951 "write_data failed");
2959 /****************************************************************************
2960 Return a readbraw error (4 bytes of zero).
2961 ****************************************************************************/
2963 static void reply_readbraw_error(struct smbd_server_connection *sconn)
2969 smbd_lock_socket(sconn);
2970 if (write_data(sconn->sock,header,4) != 4) {
2971 char addr[INET6_ADDRSTRLEN];
2973 * Try and give an error message saying what
2976 DEBUG(0, ("write_data failed for client %s. "
2978 get_peer_addr(sconn->sock, addr, sizeof(addr)),
2983 smbd_unlock_socket(sconn);
2986 /****************************************************************************
2987 Use sendfile in readbraw.
2988 ****************************************************************************/
2990 static void send_file_readbraw(connection_struct *conn,
2991 struct smb_request *req,
2997 struct smbd_server_connection *sconn = req->sconn;
2998 char *outbuf = NULL;
3002 * We can only use sendfile on a non-chained packet
3003 * but we can use on a non-oplocked file. tridge proved this
3004 * on a train in Germany :-). JRA.
3005 * reply_readbraw has already checked the length.
3008 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
3009 (fsp->wcp == NULL) &&
3010 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3011 ssize_t sendfile_read = -1;
3013 DATA_BLOB header_blob;
3015 _smb_setlen(header,nread);
3016 header_blob = data_blob_const(header, 4);
3018 sendfile_read = SMB_VFS_SENDFILE(sconn->sock, fsp,
3019 &header_blob, startpos,
3021 if (sendfile_read == -1) {
3022 /* Returning ENOSYS means no data at all was sent.
3023 * Do this as a normal read. */
3024 if (errno == ENOSYS) {
3025 goto normal_readbraw;
3029 * Special hack for broken Linux with no working sendfile. If we
3030 * return EINTR we sent the header but not the rest of the data.
3031 * Fake this up by doing read/write calls.
3033 if (errno == EINTR) {
3034 /* Ensure we don't do this again. */
3035 set_use_sendfile(SNUM(conn), False);
3036 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
3038 if (fake_sendfile(fsp, startpos, nread) == -1) {
3039 DEBUG(0,("send_file_readbraw: "
3040 "fake_sendfile failed for "
3044 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
3049 DEBUG(0,("send_file_readbraw: sendfile failed for "
3050 "file %s (%s). Terminating\n",
3051 fsp_str_dbg(fsp), strerror(errno)));
3052 exit_server_cleanly("send_file_readbraw sendfile failed");
3053 } else if (sendfile_read == 0) {
3055 * Some sendfile implementations return 0 to indicate
3056 * that there was a short read, but nothing was
3057 * actually written to the socket. In this case,
3058 * fallback to the normal read path so the header gets
3059 * the correct byte count.
3061 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
3062 "bytes falling back to the normal read: "
3063 "%s\n", fsp_str_dbg(fsp)));
3064 goto normal_readbraw;
3067 /* Deal with possible short send. */
3068 if (sendfile_read != 4+nread) {
3069 sendfile_short_send(fsp, sendfile_read, 4, nread);
3076 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
3078 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
3079 (unsigned)(nread+4)));
3080 reply_readbraw_error(sconn);
3085 ret = read_file(fsp,outbuf+4,startpos,nread);
3086 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3095 _smb_setlen(outbuf,ret);
3096 if (write_data(sconn->sock, outbuf, 4+ret) != 4+ret) {
3097 char addr[INET6_ADDRSTRLEN];
3099 * Try and give an error message saying what
3102 DEBUG(0, ("write_data failed for client %s. "
3104 get_peer_addr(fsp->conn->sconn->sock, addr,
3111 TALLOC_FREE(outbuf);
3114 /****************************************************************************
3115 Reply to a readbraw (core+ protocol).
3116 ****************************************************************************/
3118 void reply_readbraw(struct smb_request *req)
3120 connection_struct *conn = req->conn;
3121 struct smbd_server_connection *sconn = req->sconn;
3122 ssize_t maxcount,mincount;
3126 struct lock_struct lock;
3129 START_PROFILE(SMBreadbraw);
3131 if (srv_is_signing_active(sconn) ||
3132 is_encrypted_packet(req->inbuf)) {
3133 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
3134 "raw reads/writes are disallowed.");
3138 reply_readbraw_error(sconn);
3139 END_PROFILE(SMBreadbraw);
3143 if (sconn->smb1.echo_handler.trusted_fde) {
3144 DEBUG(2,("SMBreadbraw rejected with NOT_SUPPORTED because of "
3145 "'async smb echo handler = yes'\n"));
3146 reply_readbraw_error(sconn);
3147 END_PROFILE(SMBreadbraw);
3152 * Special check if an oplock break has been issued
3153 * and the readraw request croses on the wire, we must
3154 * return a zero length response here.
3157 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3160 * We have to do a check_fsp by hand here, as
3161 * we must always return 4 zero bytes on error,
3165 if (!fsp || !conn || conn != fsp->conn ||
3166 req->vuid != fsp->vuid ||
3167 fsp->is_directory || fsp->fh->fd == -1) {
3169 * fsp could be NULL here so use the value from the packet. JRA.
3171 DEBUG(3,("reply_readbraw: fnum %d not valid "
3173 (int)SVAL(req->vwv+0, 0)));
3174 reply_readbraw_error(sconn);
3175 END_PROFILE(SMBreadbraw);
3179 /* Do a "by hand" version of CHECK_READ. */
3180 if (!(fsp->can_read ||
3181 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
3182 (fsp->access_mask & FILE_EXECUTE)))) {
3183 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
3184 (int)SVAL(req->vwv+0, 0)));
3185 reply_readbraw_error(sconn);
3186 END_PROFILE(SMBreadbraw);
3190 flush_write_cache(fsp, READRAW_FLUSH);
3192 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
3193 if(req->wct == 10) {
3195 * This is a large offset (64 bit) read.
3197 #ifdef LARGE_SMB_OFF_T
3199 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
3201 #else /* !LARGE_SMB_OFF_T */
3204 * Ensure we haven't been sent a >32 bit offset.
3207 if(IVAL(req->vwv+8, 0) != 0) {
3208 DEBUG(0,("reply_readbraw: large offset "
3209 "(%x << 32) used and we don't support "
3210 "64 bit offsets.\n",
3211 (unsigned int)IVAL(req->vwv+8, 0) ));
3212 reply_readbraw_error();
3213 END_PROFILE(SMBreadbraw);
3217 #endif /* LARGE_SMB_OFF_T */
3220 DEBUG(0,("reply_readbraw: negative 64 bit "
3221 "readraw offset (%.0f) !\n",
3222 (double)startpos ));
3223 reply_readbraw_error(sconn);
3224 END_PROFILE(SMBreadbraw);
3229 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
3230 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
3232 /* ensure we don't overrun the packet size */
3233 maxcount = MIN(65535,maxcount);
3235 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3236 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
3239 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3240 reply_readbraw_error(sconn);
3241 END_PROFILE(SMBreadbraw);
3245 if (fsp_stat(fsp) == 0) {
3246 size = fsp->fsp_name->st.st_ex_size;
3249 if (startpos >= size) {
3252 nread = MIN(maxcount,(size - startpos));
3255 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
3256 if (nread < mincount)
3260 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3261 "min=%lu nread=%lu\n",
3262 fsp->fnum, (double)startpos,
3263 (unsigned long)maxcount,
3264 (unsigned long)mincount,
3265 (unsigned long)nread ) );
3267 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3269 DEBUG(5,("reply_readbraw finished\n"));
3271 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3273 END_PROFILE(SMBreadbraw);
3278 #define DBGC_CLASS DBGC_LOCKING
3280 /****************************************************************************
3281 Reply to a lockread (core+ protocol).
3282 ****************************************************************************/
3284 void reply_lockread(struct smb_request *req)
3286 connection_struct *conn = req->conn;
3293 struct byte_range_lock *br_lck = NULL;
3295 struct smbd_server_connection *sconn = req->sconn;
3297 START_PROFILE(SMBlockread);
3300 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3301 END_PROFILE(SMBlockread);
3305 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3307 if (!check_fsp(conn, req, fsp)) {
3308 END_PROFILE(SMBlockread);
3312 if (!CHECK_READ(fsp,req)) {
3313 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3314 END_PROFILE(SMBlockread);
3318 numtoread = SVAL(req->vwv+1, 0);
3319 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3321 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3323 reply_outbuf(req, 5, numtoread + 3);
3325 data = smb_buf(req->outbuf) + 3;
3328 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3329 * protocol request that predates the read/write lock concept.
3330 * Thus instead of asking for a read lock here we need to ask
3331 * for a write lock. JRA.
3332 * Note that the requested lock size is unaffected by max_recv.
3335 br_lck = do_lock(req->sconn->msg_ctx,
3337 (uint64_t)req->smbpid,
3338 (uint64_t)numtoread,
3342 False, /* Non-blocking lock. */
3346 TALLOC_FREE(br_lck);
3348 if (NT_STATUS_V(status)) {
3349 reply_nterror(req, status);
3350 END_PROFILE(SMBlockread);
3355 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3358 if (numtoread > sconn->smb1.negprot.max_recv) {
3359 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3360 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3361 (unsigned int)numtoread,
3362 (unsigned int)sconn->smb1.negprot.max_recv));
3363 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3365 nread = read_file(fsp,data,startpos,numtoread);
3368 reply_nterror(req, map_nt_error_from_unix(errno));
3369 END_PROFILE(SMBlockread);
3373 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3375 SSVAL(req->outbuf,smb_vwv0,nread);
3376 SSVAL(req->outbuf,smb_vwv5,nread+3);
3377 p = smb_buf(req->outbuf);
3378 SCVAL(p,0,0); /* pad byte. */
3381 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3382 fsp->fnum, (int)numtoread, (int)nread));
3384 END_PROFILE(SMBlockread);
3389 #define DBGC_CLASS DBGC_ALL
3391 /****************************************************************************
3393 ****************************************************************************/
3395 void reply_read(struct smb_request *req)
3397 connection_struct *conn = req->conn;
3404 struct lock_struct lock;
3405 struct smbd_server_connection *sconn = req->sconn;
3407 START_PROFILE(SMBread);
3410 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3411 END_PROFILE(SMBread);
3415 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3417 if (!check_fsp(conn, req, fsp)) {
3418 END_PROFILE(SMBread);
3422 if (!CHECK_READ(fsp,req)) {
3423 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3424 END_PROFILE(SMBread);
3428 numtoread = SVAL(req->vwv+1, 0);
3429 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3431 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3434 * The requested read size cannot be greater than max_recv. JRA.
3436 if (numtoread > sconn->smb1.negprot.max_recv) {
3437 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3438 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3439 (unsigned int)numtoread,
3440 (unsigned int)sconn->smb1.negprot.max_recv));
3441 numtoread = MIN(numtoread, sconn->smb1.negprot.max_recv);
3444 reply_outbuf(req, 5, numtoread+3);
3446 data = smb_buf(req->outbuf) + 3;
3448 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3449 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3452 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3453 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3454 END_PROFILE(SMBread);
3459 nread = read_file(fsp,data,startpos,numtoread);
3462 reply_nterror(req, map_nt_error_from_unix(errno));
3466 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3468 SSVAL(req->outbuf,smb_vwv0,nread);
3469 SSVAL(req->outbuf,smb_vwv5,nread+3);
3470 SCVAL(smb_buf(req->outbuf),0,1);
3471 SSVAL(smb_buf(req->outbuf),1,nread);
3473 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3474 fsp->fnum, (int)numtoread, (int)nread ) );
3477 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3479 END_PROFILE(SMBread);
3483 /****************************************************************************
3485 ****************************************************************************/
3487 static int setup_readX_header(struct smb_request *req, char *outbuf,
3493 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3494 data = smb_buf(outbuf);
3496 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3498 SCVAL(outbuf,smb_vwv0,0xFF);
3499 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3500 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3501 SSVAL(outbuf,smb_vwv6,
3503 + 1 /* the wct field */
3504 + 12 * sizeof(uint16_t) /* vwv */
3505 + 2); /* the buflen field */
3506 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3507 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3508 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3509 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3513 /****************************************************************************
3514 Reply to a read and X - possibly using sendfile.
3515 ****************************************************************************/
3517 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3518 files_struct *fsp, SMB_OFF_T startpos,
3522 struct lock_struct lock;
3523 int saved_errno = 0;
3525 if(fsp_stat(fsp) == -1) {
3526 reply_nterror(req, map_nt_error_from_unix(errno));
3530 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3531 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3534 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3535 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3539 if (!S_ISREG(fsp->fsp_name->st.st_ex_mode) ||
3540 (startpos > fsp->fsp_name->st.st_ex_size)
3541 || (smb_maxcnt > (fsp->fsp_name->st.st_ex_size - startpos))) {
3543 * We already know that we would do a short read, so don't
3544 * try the sendfile() path.
3546 goto nosendfile_read;
3550 * We can only use sendfile on a non-chained packet
3551 * but we can use on a non-oplocked file. tridge proved this
3552 * on a train in Germany :-). JRA.
3555 if (!req_is_in_chain(req) &&
3556 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3557 (fsp->wcp == NULL) &&
3558 lp_use_sendfile(SNUM(conn), req->sconn->smb1.signing_state) ) {
3559 uint8 headerbuf[smb_size + 12 * 2];
3563 * Set up the packet header before send. We
3564 * assume here the sendfile will work (get the
3565 * correct amount of data).
3568 header = data_blob_const(headerbuf, sizeof(headerbuf));
3570 construct_reply_common_req(req, (char *)headerbuf);
3571 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3573 nread = SMB_VFS_SENDFILE(req->sconn->sock, fsp, &header,
3574 startpos, smb_maxcnt);
3576 /* Returning ENOSYS means no data at all was sent.
3577 Do this as a normal read. */
3578 if (errno == ENOSYS) {
3583 * Special hack for broken Linux with no working sendfile. If we
3584 * return EINTR we sent the header but not the rest of the data.
3585 * Fake this up by doing read/write calls.
3588 if (errno == EINTR) {
3589 /* Ensure we don't do this again. */
3590 set_use_sendfile(SNUM(conn), False);
3591 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3592 nread = fake_sendfile(fsp, startpos,
3595 DEBUG(0,("send_file_readX: "
3596 "fake_sendfile failed for "
3600 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3602 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3603 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3604 /* No outbuf here means successful sendfile. */
3608 DEBUG(0,("send_file_readX: sendfile failed for file "
3609 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3611 exit_server_cleanly("send_file_readX sendfile failed");
3612 } else if (nread == 0) {
3614 * Some sendfile implementations return 0 to indicate
3615 * that there was a short read, but nothing was
3616 * actually written to the socket. In this case,
3617 * fallback to the normal read path so the header gets
3618 * the correct byte count.
3620 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3621 "falling back to the normal read: %s\n",
3626 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3627 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3629 /* Deal with possible short send. */
3630 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3631 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3633 /* No outbuf here means successful sendfile. */
3634 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3635 SMB_PERFCOUNT_END(&req->pcd);
3641 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3642 uint8 headerbuf[smb_size + 2*12];
3644 construct_reply_common_req(req, (char *)headerbuf);
3645 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3647 /* Send out the header. */
3648 if (write_data(req->sconn->sock, (char *)headerbuf,
3649 sizeof(headerbuf)) != sizeof(headerbuf)) {
3651 char addr[INET6_ADDRSTRLEN];
3653 * Try and give an error message saying what
3656 DEBUG(0, ("write_data failed for client %s. "
3658 get_peer_addr(req->sconn->sock, addr,
3662 DEBUG(0,("send_file_readX: write_data failed for file "
3663 "%s (%s). Terminating\n", fsp_str_dbg(fsp),
3665 exit_server_cleanly("send_file_readX sendfile failed");
3667 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3669 DEBUG(0,("send_file_readX: fake_sendfile failed for "
3670 "file %s (%s).\n", fsp_str_dbg(fsp),
3672 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3679 reply_outbuf(req, 12, smb_maxcnt);
3681 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3682 saved_errno = errno;
3684 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3687 reply_nterror(req, map_nt_error_from_unix(saved_errno));
3691 setup_readX_header(req, (char *)req->outbuf, nread);
3693 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3694 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3700 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3701 TALLOC_FREE(req->outbuf);
3705 /****************************************************************************
3706 Reply to a read and X.
3707 ****************************************************************************/
3709 void reply_read_and_X(struct smb_request *req)
3711 connection_struct *conn = req->conn;
3715 bool big_readX = False;
3717 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3720 START_PROFILE(SMBreadX);
3722 if ((req->wct != 10) && (req->wct != 12)) {
3723 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3727 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3728 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3729 smb_maxcnt = SVAL(req->vwv+5, 0);
3731 /* If it's an IPC, pass off the pipe handler. */
3733 reply_pipe_read_and_X(req);
3734 END_PROFILE(SMBreadX);
3738 if (!check_fsp(conn, req, fsp)) {
3739 END_PROFILE(SMBreadX);
3743 if (!CHECK_READ(fsp,req)) {
3744 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3745 END_PROFILE(SMBreadX);
3749 if (global_client_caps & CAP_LARGE_READX) {
3750 size_t upper_size = SVAL(req->vwv+7, 0);
3751 smb_maxcnt |= (upper_size<<16);
3752 if (upper_size > 1) {
3753 /* Can't do this on a chained packet. */
3754 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3755 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3756 END_PROFILE(SMBreadX);
3759 /* We currently don't do this on signed or sealed data. */
3760 if (srv_is_signing_active(req->sconn) ||
3761 is_encrypted_packet(req->inbuf)) {
3762 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3763 END_PROFILE(SMBreadX);
3766 /* Is there room in the reply for this data ? */
3767 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3769 NT_STATUS_INVALID_PARAMETER);
3770 END_PROFILE(SMBreadX);
3777 if (req->wct == 12) {
3778 #ifdef LARGE_SMB_OFF_T
3780 * This is a large offset (64 bit) read.
3782 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3784 #else /* !LARGE_SMB_OFF_T */
3787 * Ensure we haven't been sent a >32 bit offset.
3790 if(IVAL(req->vwv+10, 0) != 0) {
3791 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3792 "used and we don't support 64 bit offsets.\n",
3793 (unsigned int)IVAL(req->vwv+10, 0) ));
3794 END_PROFILE(SMBreadX);
3795 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3799 #endif /* LARGE_SMB_OFF_T */
3804 NTSTATUS status = schedule_aio_read_and_X(conn,
3809 if (NT_STATUS_IS_OK(status)) {
3810 /* Read scheduled - we're done. */
3813 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
3814 /* Real error - report to client. */
3815 END_PROFILE(SMBreadX);
3816 reply_nterror(req, status);
3819 /* NT_STATUS_RETRY - fall back to sync read. */
3822 smbd_lock_socket(req->sconn);
3823 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3824 smbd_unlock_socket(req->sconn);
3827 END_PROFILE(SMBreadX);
3831 /****************************************************************************
3832 Error replies to writebraw must have smb_wct == 1. Fix this up.
3833 ****************************************************************************/
3835 void error_to_writebrawerr(struct smb_request *req)
3837 uint8 *old_outbuf = req->outbuf;
3839 reply_outbuf(req, 1, 0);
3841 memcpy(req->outbuf, old_outbuf, smb_size);
3842 TALLOC_FREE(old_outbuf);
3845 /****************************************************************************
3846 Read 4 bytes of a smb packet and return the smb length of the packet.
3847 Store the result in the buffer. This version of the function will
3848 never return a session keepalive (length of zero).
3849 Timeout is in milliseconds.
3850 ****************************************************************************/
3852 static NTSTATUS read_smb_length(int fd, char *inbuf, unsigned int timeout,
3855 uint8_t msgtype = SMBkeepalive;
3857 while (msgtype == SMBkeepalive) {
3860 status = read_smb_length_return_keepalive(fd, inbuf, timeout,
3862 if (!NT_STATUS_IS_OK(status)) {
3863 char addr[INET6_ADDRSTRLEN];
3864 /* Try and give an error message
3865 * saying what client failed. */
3866 DEBUG(0, ("read_fd_with_timeout failed for "
3867 "client %s read error = %s.\n",
3868 get_peer_addr(fd,addr,sizeof(addr)),
3869 nt_errstr(status)));
3873 msgtype = CVAL(inbuf, 0);
3876 DEBUG(10,("read_smb_length: got smb length of %lu\n",
3877 (unsigned long)len));
3879 return NT_STATUS_OK;
3882 /****************************************************************************
3883 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3884 ****************************************************************************/
3886 void reply_writebraw(struct smb_request *req)
3888 connection_struct *conn = req->conn;
3891 ssize_t total_written=0;
3892 size_t numtowrite=0;
3898 struct lock_struct lock;
3901 START_PROFILE(SMBwritebraw);
3904 * If we ever reply with an error, it must have the SMB command
3905 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3908 SCVAL(req->inbuf,smb_com,SMBwritec);
3910 if (srv_is_signing_active(req->sconn)) {
3911 END_PROFILE(SMBwritebraw);
3912 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3913 "raw reads/writes are disallowed.");
3916 if (req->wct < 12) {
3917 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3918 error_to_writebrawerr(req);
3919 END_PROFILE(SMBwritebraw);
3923 if (req->sconn->smb1.echo_handler.trusted_fde) {
3924 DEBUG(2,("SMBwritebraw rejected with NOT_SUPPORTED because of "
3925 "'async smb echo handler = yes'\n"));
3926 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3927 error_to_writebrawerr(req);
3928 END_PROFILE(SMBwritebraw);
3932 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3933 if (!check_fsp(conn, req, fsp)) {
3934 error_to_writebrawerr(req);
3935 END_PROFILE(SMBwritebraw);
3939 if (!CHECK_WRITE(fsp)) {
3940 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
3941 error_to_writebrawerr(req);
3942 END_PROFILE(SMBwritebraw);
3946 tcount = IVAL(req->vwv+1, 0);
3947 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3948 write_through = BITSETW(req->vwv+7,0);
3950 /* We have to deal with slightly different formats depending
3951 on whether we are using the core+ or lanman1.0 protocol */
3953 if(get_Protocol() <= PROTOCOL_COREPLUS) {
3954 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3955 data = smb_buf(req->inbuf);
3957 numtowrite = SVAL(req->vwv+10, 0);
3958 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3961 /* Ensure we don't write bytes past the end of this packet. */
3962 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3963 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3964 error_to_writebrawerr(req);
3965 END_PROFILE(SMBwritebraw);
3969 if (!fsp->print_file) {
3970 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
3971 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3974 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3975 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
3976 error_to_writebrawerr(req);
3977 END_PROFILE(SMBwritebraw);
3983 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3986 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3987 "wrote=%d sync=%d\n",
3988 fsp->fnum, (double)startpos, (int)numtowrite,
3989 (int)nwritten, (int)write_through));
3991 if (nwritten < (ssize_t)numtowrite) {
3992 reply_nterror(req, NT_STATUS_DISK_FULL);
3993 error_to_writebrawerr(req);
3997 total_written = nwritten;
3999 /* Allocate a buffer of 64k + length. */
4000 buf = TALLOC_ARRAY(NULL, char, 65540);
4002 reply_nterror(req, NT_STATUS_NO_MEMORY);
4003 error_to_writebrawerr(req);
4007 /* Return a SMBwritebraw message to the redirector to tell
4008 * it to send more bytes */
4010 memcpy(buf, req->inbuf, smb_size);
4011 srv_set_message(buf,get_Protocol()>PROTOCOL_COREPLUS?1:0,0,True);
4012 SCVAL(buf,smb_com,SMBwritebraw);
4013 SSVALS(buf,smb_vwv0,0xFFFF);
4015 if (!srv_send_smb(req->sconn,
4017 false, 0, /* no signing */
4018 IS_CONN_ENCRYPTED(conn),
4020 exit_server_cleanly("reply_writebraw: srv_send_smb "
4024 /* Now read the raw data into the buffer and write it */
4025 status = read_smb_length(req->sconn->sock, buf, SMB_SECONDARY_WAIT,
4027 if (!NT_STATUS_IS_OK(status)) {
4028 exit_server_cleanly("secondary writebraw failed");
4031 /* Set up outbuf to return the correct size */
4032 reply_outbuf(req, 1, 0);
4034 if (numtowrite != 0) {
4036 if (numtowrite > 0xFFFF) {
4037 DEBUG(0,("reply_writebraw: Oversize secondary write "
4038 "raw requested (%u). Terminating\n",
4039 (unsigned int)numtowrite ));
4040 exit_server_cleanly("secondary writebraw failed");
4043 if (tcount > nwritten+numtowrite) {
4044 DEBUG(3,("reply_writebraw: Client overestimated the "
4046 (int)tcount,(int)nwritten,(int)numtowrite));
4049 status = read_data(req->sconn->sock, buf+4, numtowrite);
4051 if (!NT_STATUS_IS_OK(status)) {
4052 char addr[INET6_ADDRSTRLEN];
4053 /* Try and give an error message
4054 * saying what client failed. */
4055 DEBUG(0, ("reply_writebraw: Oversize secondary write "
4056 "raw read failed (%s) for client %s. "
4057 "Terminating\n", nt_errstr(status),
4058 get_peer_addr(req->sconn->sock, addr,
4060 exit_server_cleanly("secondary writebraw failed");
4063 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
4064 if (nwritten == -1) {
4066 reply_nterror(req, map_nt_error_from_unix(errno));
4067 error_to_writebrawerr(req);
4071 if (nwritten < (ssize_t)numtowrite) {
4072 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4073 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4077 total_written += nwritten;
4082 SSVAL(req->outbuf,smb_vwv0,total_written);
4084 status = sync_file(conn, fsp, write_through);
4085 if (!NT_STATUS_IS_OK(status)) {
4086 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
4087 fsp_str_dbg(fsp), nt_errstr(status)));
4088 reply_nterror(req, status);
4089 error_to_writebrawerr(req);
4093 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
4095 fsp->fnum, (double)startpos, (int)numtowrite,
4096 (int)total_written));
4098 if (!fsp->print_file) {
4099 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4102 /* We won't return a status if write through is not selected - this
4103 * follows what WfWg does */
4104 END_PROFILE(SMBwritebraw);
4106 if (!write_through && total_written==tcount) {
4108 #if RABBIT_PELLET_FIX
4110 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
4111 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
4114 if (!send_keepalive(req->sconn->sock)) {
4115 exit_server_cleanly("reply_writebraw: send of "
4116 "keepalive failed");
4119 TALLOC_FREE(req->outbuf);
4124 if (!fsp->print_file) {
4125 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4128 END_PROFILE(SMBwritebraw);
4133 #define DBGC_CLASS DBGC_LOCKING
4135 /****************************************************************************
4136 Reply to a writeunlock (core+).
4137 ****************************************************************************/
4139 void reply_writeunlock(struct smb_request *req)
4141 connection_struct *conn = req->conn;
4142 ssize_t nwritten = -1;
4146 NTSTATUS status = NT_STATUS_OK;
4148 struct lock_struct lock;
4149 int saved_errno = 0;
4151 START_PROFILE(SMBwriteunlock);
4154 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4155 END_PROFILE(SMBwriteunlock);
4159 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4161 if (!check_fsp(conn, req, fsp)) {
4162 END_PROFILE(SMBwriteunlock);
4166 if (!CHECK_WRITE(fsp)) {
4167 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4168 END_PROFILE(SMBwriteunlock);
4172 numtowrite = SVAL(req->vwv+1, 0);
4173 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4174 data = (const char *)req->buf + 3;
4176 if (!fsp->print_file && numtowrite > 0) {
4177 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4178 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4181 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4182 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4183 END_PROFILE(SMBwriteunlock);
4188 /* The special X/Open SMB protocol handling of
4189 zero length writes is *NOT* done for
4191 if(numtowrite == 0) {
4194 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4195 saved_errno = errno;
4198 status = sync_file(conn, fsp, False /* write through */);
4199 if (!NT_STATUS_IS_OK(status)) {
4200 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
4201 fsp_str_dbg(fsp), nt_errstr(status)));
4202 reply_nterror(req, status);
4207 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4211 if((nwritten < numtowrite) && (numtowrite != 0)) {
4212 reply_nterror(req, NT_STATUS_DISK_FULL);
4216 if (numtowrite && !fsp->print_file) {
4217 status = do_unlock(req->sconn->msg_ctx,
4219 (uint64_t)req->smbpid,
4220 (uint64_t)numtowrite,
4224 if (NT_STATUS_V(status)) {
4225 reply_nterror(req, status);
4230 reply_outbuf(req, 1, 0);
4232 SSVAL(req->outbuf,smb_vwv0,nwritten);
4234 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
4235 fsp->fnum, (int)numtowrite, (int)nwritten));
4238 if (numtowrite && !fsp->print_file) {
4239 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4242 END_PROFILE(SMBwriteunlock);
4247 #define DBGC_CLASS DBGC_ALL
4249 /****************************************************************************
4251 ****************************************************************************/
4253 void reply_write(struct smb_request *req)
4255 connection_struct *conn = req->conn;
4257 ssize_t nwritten = -1;
4261 struct lock_struct lock;
4263 int saved_errno = 0;
4265 START_PROFILE(SMBwrite);
4268 END_PROFILE(SMBwrite);
4269 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4273 /* If it's an IPC, pass off the pipe handler. */
4275 reply_pipe_write(req);
4276 END_PROFILE(SMBwrite);
4280 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4282 if (!check_fsp(conn, req, fsp)) {
4283 END_PROFILE(SMBwrite);
4287 if (!CHECK_WRITE(fsp)) {
4288 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4289 END_PROFILE(SMBwrite);
4293 numtowrite = SVAL(req->vwv+1, 0);
4294 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4295 data = (const char *)req->buf + 3;
4297 if (!fsp->print_file) {
4298 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4299 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4302 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4303 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4304 END_PROFILE(SMBwrite);
4310 * X/Open SMB protocol says that if smb_vwv1 is
4311 * zero then the file size should be extended or
4312 * truncated to the size given in smb_vwv[2-3].
4315 if(numtowrite == 0) {
4317 * This is actually an allocate call, and set EOF. JRA.
4319 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
4321 reply_nterror(req, NT_STATUS_DISK_FULL);
4324 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
4326 reply_nterror(req, NT_STATUS_DISK_FULL);
4329 trigger_write_time_update_immediate(fsp);
4331 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4334 status = sync_file(conn, fsp, False);
4335 if (!NT_STATUS_IS_OK(status)) {
4336 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
4337 fsp_str_dbg(fsp), nt_errstr(status)));
4338 reply_nterror(req, status);
4343 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4347 if((nwritten == 0) && (numtowrite != 0)) {
4348 reply_nterror(req, NT_STATUS_DISK_FULL);
4352 reply_outbuf(req, 1, 0);
4354 SSVAL(req->outbuf,smb_vwv0,nwritten);
4356 if (nwritten < (ssize_t)numtowrite) {
4357 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4358 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4361 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
4364 if (!fsp->print_file) {
4365 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4368 END_PROFILE(SMBwrite);
4372 /****************************************************************************
4373 Ensure a buffer is a valid writeX for recvfile purposes.
4374 ****************************************************************************/
4376 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4377 (2*14) + /* word count (including bcc) */ \
4380 bool is_valid_writeX_buffer(struct smbd_server_connection *sconn,
4381 const uint8_t *inbuf)
4384 connection_struct *conn = NULL;
4385 unsigned int doff = 0;
4386 size_t len = smb_len_large(inbuf);
4388 if (is_encrypted_packet(inbuf)) {
4389 /* Can't do this on encrypted
4394 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4398 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4399 CVAL(inbuf,smb_wct) != 14) {
4400 DEBUG(10,("is_valid_writeX_buffer: chained or "
4401 "invalid word length.\n"));
4405 conn = conn_find(sconn, SVAL(inbuf, smb_tid));
4407 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4411 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4414 if (IS_PRINT(conn)) {
4415 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4418 doff = SVAL(inbuf,smb_vwv11);
4420 numtowrite = SVAL(inbuf,smb_vwv10);
4422 if (len > doff && len - doff > 0xFFFF) {
4423 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4426 if (numtowrite == 0) {
4427 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4431 /* Ensure the sizes match up. */
4432 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4433 /* no pad byte...old smbclient :-( */
4434 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4436 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4440 if (len - doff != numtowrite) {
4441 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4442 "len = %u, doff = %u, numtowrite = %u\n",
4445 (unsigned int)numtowrite ));
4449 DEBUG(10,("is_valid_writeX_buffer: true "
4450 "len = %u, doff = %u, numtowrite = %u\n",
4453 (unsigned int)numtowrite ));
4458 /****************************************************************************
4459 Reply to a write and X.
4460 ****************************************************************************/
4462 void reply_write_and_X(struct smb_request *req)
4464 connection_struct *conn = req->conn;
4466 struct lock_struct lock;
4471 unsigned int smb_doff;
4472 unsigned int smblen;
4475 int saved_errno = 0;
4477 START_PROFILE(SMBwriteX);
4479 if ((req->wct != 12) && (req->wct != 14)) {
4480 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4481 END_PROFILE(SMBwriteX);
4485 numtowrite = SVAL(req->vwv+10, 0);
4486 smb_doff = SVAL(req->vwv+11, 0);
4487 smblen = smb_len(req->inbuf);
4489 if (req->unread_bytes > 0xFFFF ||
4490 (smblen > smb_doff &&
4491 smblen - smb_doff > 0xFFFF)) {
4492 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4495 if (req->unread_bytes) {
4496 /* Can't do a recvfile write on IPC$ */
4498 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4499 END_PROFILE(SMBwriteX);
4502 if (numtowrite != req->unread_bytes) {
4503 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4504 END_PROFILE(SMBwriteX);
4508 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4509 smb_doff + numtowrite > smblen) {
4510 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4511 END_PROFILE(SMBwriteX);
4516 /* If it's an IPC, pass off the pipe handler. */
4518 if (req->unread_bytes) {
4519 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4520 END_PROFILE(SMBwriteX);
4523 reply_pipe_write_and_X(req);
4524 END_PROFILE(SMBwriteX);
4528 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4529 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4530 write_through = BITSETW(req->vwv+7,0);
4532 if (!check_fsp(conn, req, fsp)) {
4533 END_PROFILE(SMBwriteX);
4537 if (!CHECK_WRITE(fsp)) {
4538 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4539 END_PROFILE(SMBwriteX);
4543 data = smb_base(req->inbuf) + smb_doff;
4545 if(req->wct == 14) {
4546 #ifdef LARGE_SMB_OFF_T
4548 * This is a large offset (64 bit) write.
4550 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4552 #else /* !LARGE_SMB_OFF_T */
4555 * Ensure we haven't been sent a >32 bit offset.
4558 if(IVAL(req->vwv+12, 0) != 0) {
4559 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4560 "used and we don't support 64 bit offsets.\n",
4561 (unsigned int)IVAL(req->vwv+12, 0) ));
4562 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4563 END_PROFILE(SMBwriteX);
4567 #endif /* LARGE_SMB_OFF_T */
4570 /* X/Open SMB protocol says that, unlike SMBwrite
4571 if the length is zero then NO truncation is
4572 done, just a write of zero. To truncate a file,
4575 if(numtowrite == 0) {
4578 if (req->unread_bytes == 0) {
4579 status = schedule_aio_write_and_X(conn,
4586 if (NT_STATUS_IS_OK(status)) {
4587 /* write scheduled - we're done. */
4590 if (!NT_STATUS_EQUAL(status, NT_STATUS_RETRY)) {
4591 /* Real error - report to client. */
4592 reply_nterror(req, status);
4595 /* NT_STATUS_RETRY - fall through to sync write. */
4598 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4599 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4602 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4603 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4607 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4608 saved_errno = errno;
4610 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4614 reply_nterror(req, map_nt_error_from_unix(saved_errno));
4618 if((nwritten == 0) && (numtowrite != 0)) {
4619 reply_nterror(req, NT_STATUS_DISK_FULL);
4623 reply_outbuf(req, 6, 0);
4624 SSVAL(req->outbuf,smb_vwv2,nwritten);
4625 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4627 if (nwritten < (ssize_t)numtowrite) {
4628 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4629 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4632 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4633 fsp->fnum, (int)numtowrite, (int)nwritten));
4635 status = sync_file(conn, fsp, write_through);
4636 if (!NT_STATUS_IS_OK(status)) {
4637 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4638 fsp_str_dbg(fsp), nt_errstr(status)));
4639 reply_nterror(req, status);
4643 END_PROFILE(SMBwriteX);
4648 END_PROFILE(SMBwriteX);
4652 /****************************************************************************
4654 ****************************************************************************/
4656 void reply_lseek(struct smb_request *req)
4658 connection_struct *conn = req->conn;
4664 START_PROFILE(SMBlseek);
4667 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4668 END_PROFILE(SMBlseek);
4672 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4674 if (!check_fsp(conn, req, fsp)) {
4678 flush_write_cache(fsp, SEEK_FLUSH);
4680 mode = SVAL(req->vwv+1, 0) & 3;
4681 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4682 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4691 res = fsp->fh->pos + startpos;
4702 if (umode == SEEK_END) {
4703 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4704 if(errno == EINVAL) {
4705 SMB_OFF_T current_pos = startpos;
4707 if(fsp_stat(fsp) == -1) {
4709 map_nt_error_from_unix(errno));
4710 END_PROFILE(SMBlseek);
4714 current_pos += fsp->fsp_name->st.st_ex_size;
4716 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4721 reply_nterror(req, map_nt_error_from_unix(errno));
4722 END_PROFILE(SMBlseek);
4729 reply_outbuf(req, 2, 0);
4730 SIVAL(req->outbuf,smb_vwv0,res);
4732 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4733 fsp->fnum, (double)startpos, (double)res, mode));
4735 END_PROFILE(SMBlseek);
4739 /****************************************************************************
4741 ****************************************************************************/
4743 void reply_flush(struct smb_request *req)
4745 connection_struct *conn = req->conn;
4749 START_PROFILE(SMBflush);
4752 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4756 fnum = SVAL(req->vwv+0, 0);
4757 fsp = file_fsp(req, fnum);
4759 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4764 file_sync_all(conn);
4766 NTSTATUS status = sync_file(conn, fsp, True);
4767 if (!NT_STATUS_IS_OK(status)) {
4768 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4769 fsp_str_dbg(fsp), nt_errstr(status)));
4770 reply_nterror(req, status);
4771 END_PROFILE(SMBflush);
4776 reply_outbuf(req, 0, 0);
4778 DEBUG(3,("flush\n"));
4779 END_PROFILE(SMBflush);
4783 /****************************************************************************
4785 conn POINTER CAN BE NULL HERE !
4786 ****************************************************************************/
4788 void reply_exit(struct smb_request *req)
4790 START_PROFILE(SMBexit);
4792 file_close_pid(req->sconn, req->smbpid, req->vuid);
4794 reply_outbuf(req, 0, 0);
4796 DEBUG(3,("exit\n"));
4798 END_PROFILE(SMBexit);
4802 /****************************************************************************
4803 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4804 ****************************************************************************/
4806 void reply_close(struct smb_request *req)
4808 connection_struct *conn = req->conn;
4809 NTSTATUS status = NT_STATUS_OK;
4810 files_struct *fsp = NULL;
4811 START_PROFILE(SMBclose);
4814 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4815 END_PROFILE(SMBclose);
4819 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4822 * We can only use check_fsp if we know it's not a directory.
4825 if (!check_fsp_open(conn, req, fsp)) {
4826 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
4827 END_PROFILE(SMBclose);
4831 if(fsp->is_directory) {
4833 * Special case - close NT SMB directory handle.
4835 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4836 status = close_file(req, fsp, NORMAL_CLOSE);
4840 * Close ordinary file.
4843 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4844 fsp->fh->fd, fsp->fnum,
4845 conn->num_files_open));
4848 * Take care of any time sent in the close.
4851 t = srv_make_unix_date3(req->vwv+1);
4852 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4855 * close_file() returns the unix errno if an error
4856 * was detected on close - normally this is due to
4857 * a disk full error. If not then it was probably an I/O error.
4860 status = close_file(req, fsp, NORMAL_CLOSE);
4863 if (!NT_STATUS_IS_OK(status)) {
4864 reply_nterror(req, status);
4865 END_PROFILE(SMBclose);
4869 reply_outbuf(req, 0, 0);
4870 END_PROFILE(SMBclose);
4874 /****************************************************************************
4875 Reply to a writeclose (Core+ protocol).
4876 ****************************************************************************/
4878 void reply_writeclose(struct smb_request *req)
4880 connection_struct *conn = req->conn;
4882 ssize_t nwritten = -1;
4883 NTSTATUS close_status = NT_STATUS_OK;
4886 struct timespec mtime;
4888 struct lock_struct lock;
4890 START_PROFILE(SMBwriteclose);
4893 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4894 END_PROFILE(SMBwriteclose);
4898 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4900 if (!check_fsp(conn, req, fsp)) {
4901 END_PROFILE(SMBwriteclose);
4904 if (!CHECK_WRITE(fsp)) {
4905 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
4906 END_PROFILE(SMBwriteclose);
4910 numtowrite = SVAL(req->vwv+1, 0);
4911 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4912 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4913 data = (const char *)req->buf + 1;
4915 if (!fsp->print_file) {
4916 init_strict_lock_struct(fsp, (uint64_t)req->smbpid,
4917 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4920 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4921 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
4922 END_PROFILE(SMBwriteclose);
4927 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4929 set_close_write_time(fsp, mtime);
4932 * More insanity. W2K only closes the file if writelen > 0.
4937 DEBUG(3,("reply_writeclose: zero length write doesn't close "
4938 "file %s\n", fsp_str_dbg(fsp)));
4939 close_status = close_file(req, fsp, NORMAL_CLOSE);
4942 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4943 fsp->fnum, (int)numtowrite, (int)nwritten,
4944 conn->num_files_open));
4946 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4947 reply_nterror(req, NT_STATUS_DISK_FULL);
4951 if(!NT_STATUS_IS_OK(close_status)) {
4952 reply_nterror(req, close_status);
4956 reply_outbuf(req, 1, 0);
4958 SSVAL(req->outbuf,smb_vwv0,nwritten);
4961 if (numtowrite && !fsp->print_file) {
4962 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4965 END_PROFILE(SMBwriteclose);
4970 #define DBGC_CLASS DBGC_LOCKING
4972 /****************************************************************************
4974 ****************************************************************************/
4976 void reply_lock(struct smb_request *req)
4978 connection_struct *conn = req->conn;
4979 uint64_t count,offset;
4982 struct byte_range_lock *br_lck = NULL;
4984 START_PROFILE(SMBlock);
4987 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4988 END_PROFILE(SMBlock);
4992 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4994 if (!check_fsp(conn, req, fsp)) {
4995 END_PROFILE(SMBlock);
4999 count = (uint64_t)IVAL(req->vwv+1, 0);
5000 offset = (uint64_t)IVAL(req->vwv+3, 0);
5002 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5003 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
5005 br_lck = do_lock(req->sconn->msg_ctx,
5007 (uint64_t)req->smbpid,
5012 False, /* Non-blocking lock. */
5017 TALLOC_FREE(br_lck);
5019 if (NT_STATUS_V(status)) {
5020 reply_nterror(req, status);
5021 END_PROFILE(SMBlock);
5025 reply_outbuf(req, 0, 0);
5027 END_PROFILE(SMBlock);
5031 /****************************************************************************
5033 ****************************************************************************/
5035 void reply_unlock(struct smb_request *req)
5037 connection_struct *conn = req->conn;
5038 uint64_t count,offset;
5042 START_PROFILE(SMBunlock);
5045 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5046 END_PROFILE(SMBunlock);
5050 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5052 if (!check_fsp(conn, req, fsp)) {
5053 END_PROFILE(SMBunlock);
5057 count = (uint64_t)IVAL(req->vwv+1, 0);
5058 offset = (uint64_t)IVAL(req->vwv+3, 0);
5060 status = do_unlock(req->sconn->msg_ctx,
5062 (uint64_t)req->smbpid,
5067 if (NT_STATUS_V(status)) {
5068 reply_nterror(req, status);
5069 END_PROFILE(SMBunlock);
5073 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
5074 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
5076 reply_outbuf(req, 0, 0);
5078 END_PROFILE(SMBunlock);
5083 #define DBGC_CLASS DBGC_ALL
5085 /****************************************************************************
5087 conn POINTER CAN BE NULL HERE !
5088 ****************************************************************************/
5090 void reply_tdis(struct smb_request *req)
5092 connection_struct *conn = req->conn;
5093 START_PROFILE(SMBtdis);
5096 DEBUG(4,("Invalid connection in tdis\n"));
5097 reply_nterror(req, NT_STATUS_NETWORK_NAME_DELETED);
5098 END_PROFILE(SMBtdis);
5104 close_cnum(conn,req->vuid);
5107 reply_outbuf(req, 0, 0);
5108 END_PROFILE(SMBtdis);
5112 /****************************************************************************
5114 conn POINTER CAN BE NULL HERE !
5115 ****************************************************************************/
5117 void reply_echo(struct smb_request *req)
5119 connection_struct *conn = req->conn;
5120 struct smb_perfcount_data local_pcd;
5121 struct smb_perfcount_data *cur_pcd;
5125 START_PROFILE(SMBecho);
5127 smb_init_perfcount_data(&local_pcd);
5130 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5131 END_PROFILE(SMBecho);
5135 smb_reverb = SVAL(req->vwv+0, 0);
5137 reply_outbuf(req, 1, req->buflen);
5139 /* copy any incoming data back out */
5140 if (req->buflen > 0) {
5141 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
5144 if (smb_reverb > 100) {
5145 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
5149 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
5151 /* this makes sure we catch the request pcd */
5152 if (seq_num == smb_reverb) {
5153 cur_pcd = &req->pcd;
5155 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
5156 cur_pcd = &local_pcd;
5159 SSVAL(req->outbuf,smb_vwv0,seq_num);
5161 show_msg((char *)req->outbuf);
5162 if (!srv_send_smb(req->sconn,
5163 (char *)req->outbuf,
5164 true, req->seqnum+1,
5165 IS_CONN_ENCRYPTED(conn)||req->encrypted,
5167 exit_server_cleanly("reply_echo: srv_send_smb failed.");
5170 DEBUG(3,("echo %d times\n", smb_reverb));
5172 TALLOC_FREE(req->outbuf);
5174 END_PROFILE(SMBecho);
5178 /****************************************************************************
5179 Reply to a printopen.
5180 ****************************************************************************/
5182 void reply_printopen(struct smb_request *req)
5184 connection_struct *conn = req->conn;
5188 START_PROFILE(SMBsplopen);
5191 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5192 END_PROFILE(SMBsplopen);
5196 if (!CAN_PRINT(conn)) {
5197 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5198 END_PROFILE(SMBsplopen);
5202 status = file_new(req, conn, &fsp);
5203 if(!NT_STATUS_IS_OK(status)) {
5204 reply_nterror(req, status);
5205 END_PROFILE(SMBsplopen);
5209 /* Open for exclusive use, write only. */
5210 status = print_spool_open(fsp, NULL, req->vuid);
5212 if (!NT_STATUS_IS_OK(status)) {
5213 file_free(req, fsp);
5214 reply_nterror(req, status);
5215 END_PROFILE(SMBsplopen);
5219 reply_outbuf(req, 1, 0);
5220 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
5222 DEBUG(3,("openprint fd=%d fnum=%d\n",
5223 fsp->fh->fd, fsp->fnum));
5225 END_PROFILE(SMBsplopen);
5229 /****************************************************************************
5230 Reply to a printclose.
5231 ****************************************************************************/
5233 void reply_printclose(struct smb_request *req)
5235 connection_struct *conn = req->conn;
5239 START_PROFILE(SMBsplclose);
5242 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5243 END_PROFILE(SMBsplclose);
5247 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5249 if (!check_fsp(conn, req, fsp)) {
5250 END_PROFILE(SMBsplclose);
5254 if (!CAN_PRINT(conn)) {
5255 reply_force_doserror(req, ERRSRV, ERRerror);
5256 END_PROFILE(SMBsplclose);
5260 DEBUG(3,("printclose fd=%d fnum=%d\n",
5261 fsp->fh->fd,fsp->fnum));
5263 status = close_file(req, fsp, NORMAL_CLOSE);
5265 if(!NT_STATUS_IS_OK(status)) {
5266 reply_nterror(req, status);
5267 END_PROFILE(SMBsplclose);
5271 reply_outbuf(req, 0, 0);
5273 END_PROFILE(SMBsplclose);
5277 /****************************************************************************
5278 Reply to a printqueue.
5279 ****************************************************************************/
5281 void reply_printqueue(struct smb_request *req)
5283 connection_struct *conn = req->conn;
5287 START_PROFILE(SMBsplretq);
5290 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5291 END_PROFILE(SMBsplretq);
5295 max_count = SVAL(req->vwv+0, 0);
5296 start_index = SVAL(req->vwv+1, 0);
5298 /* we used to allow the client to get the cnum wrong, but that
5299 is really quite gross and only worked when there was only
5300 one printer - I think we should now only accept it if they
5301 get it right (tridge) */
5302 if (!CAN_PRINT(conn)) {
5303 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5304 END_PROFILE(SMBsplretq);
5308 reply_outbuf(req, 2, 3);
5309 SSVAL(req->outbuf,smb_vwv0,0);
5310 SSVAL(req->outbuf,smb_vwv1,0);
5311 SCVAL(smb_buf(req->outbuf),0,1);
5312 SSVAL(smb_buf(req->outbuf),1,0);
5314 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
5315 start_index, max_count));
5318 TALLOC_CTX *mem_ctx = talloc_tos();
5321 const char *sharename = lp_servicename(SNUM(conn));
5322 struct rpc_pipe_client *cli = NULL;
5323 struct dcerpc_binding_handle *b = NULL;
5324 struct policy_handle handle;
5325 struct spoolss_DevmodeContainer devmode_ctr;
5326 union spoolss_JobInfo *info;
5328 uint32_t num_to_get;
5332 ZERO_STRUCT(handle);
5334 status = rpc_pipe_open_interface(conn,
5335 &ndr_table_spoolss.syntax_id,
5337 &conn->sconn->client_id,
5338 conn->sconn->msg_ctx,
5340 if (!NT_STATUS_IS_OK(status)) {
5341 DEBUG(0, ("reply_printqueue: "
5342 "could not connect to spoolss: %s\n",
5343 nt_errstr(status)));
5344 reply_nterror(req, status);
5347 b = cli->binding_handle;
5349 ZERO_STRUCT(devmode_ctr);
5351 status = dcerpc_spoolss_OpenPrinter(b, mem_ctx,
5354 SEC_FLAG_MAXIMUM_ALLOWED,
5357 if (!NT_STATUS_IS_OK(status)) {
5358 reply_nterror(req, status);
5361 if (!W_ERROR_IS_OK(werr)) {
5362 reply_nterror(req, werror_to_ntstatus(werr));
5366 werr = rpccli_spoolss_enumjobs(cli, mem_ctx,
5374 if (!W_ERROR_IS_OK(werr)) {
5375 reply_nterror(req, werror_to_ntstatus(werr));
5379 if (max_count > 0) {
5380 first = start_index;
5382 first = start_index + max_count + 1;
5385 if (first >= count) {
5388 num_to_get = first + MIN(ABS(max_count), count - first);
5391 for (i = first; i < num_to_get; i++) {
5394 time_t qtime = spoolss_Time_to_time_t(&info[i].info2.submitted);
5396 uint16_t qrapjobid = pjobid_to_rap(sharename,
5397 info[i].info2.job_id);
5399 if (info[i].info2.status == JOB_STATUS_PRINTING) {
5405 srv_put_dos_date2(p, 0, qtime);
5406 SCVAL(p, 4, qstatus);
5407 SSVAL(p, 5, qrapjobid);
5408 SIVAL(p, 7, info[i].info2.size);
5410 srvstr_push(blob, req->flags2, p+12,
5411 info[i].info2.notify_name, 16, STR_ASCII);
5413 if (message_push_blob(
5416 blob, sizeof(blob))) == -1) {
5417 reply_nterror(req, NT_STATUS_NO_MEMORY);
5423 SSVAL(req->outbuf,smb_vwv0,count);
5424 SSVAL(req->outbuf,smb_vwv1,
5425 (max_count>0?first+count:first-1));
5426 SCVAL(smb_buf(req->outbuf),0,1);
5427 SSVAL(smb_buf(req->outbuf),1,28*count);
5431 DEBUG(3, ("%u entries returned in queue\n",
5435 if (b && is_valid_policy_hnd(&handle)) {
5436 dcerpc_spoolss_ClosePrinter(b, mem_ctx, &handle, &werr);
5441 END_PROFILE(SMBsplretq);
5445 /****************************************************************************
5446 Reply to a printwrite.
5447 ****************************************************************************/
5449 void reply_printwrite(struct smb_request *req)
5451 connection_struct *conn = req->conn;
5456 START_PROFILE(SMBsplwr);
5459 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5460 END_PROFILE(SMBsplwr);
5464 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
5466 if (!check_fsp(conn, req, fsp)) {
5467 END_PROFILE(SMBsplwr);
5471 if (!fsp->print_file) {
5472 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5473 END_PROFILE(SMBsplwr);
5477 if (!CHECK_WRITE(fsp)) {
5478 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5479 END_PROFILE(SMBsplwr);
5483 numtowrite = SVAL(req->buf, 1);
5485 if (req->buflen < numtowrite + 3) {
5486 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5487 END_PROFILE(SMBsplwr);
5491 data = (const char *)req->buf + 3;
5493 if (write_file(req,fsp,data,(SMB_OFF_T)-1,numtowrite) != numtowrite) {
5494 reply_nterror(req, map_nt_error_from_unix(errno));
5495 END_PROFILE(SMBsplwr);
5499 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5501 END_PROFILE(SMBsplwr);
5505 /****************************************************************************
5507 ****************************************************************************/
5509 void reply_mkdir(struct smb_request *req)
5511 connection_struct *conn = req->conn;
5512 struct smb_filename *smb_dname = NULL;
5513 char *directory = NULL;
5515 TALLOC_CTX *ctx = talloc_tos();
5517 START_PROFILE(SMBmkdir);
5519 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5520 STR_TERMINATE, &status);
5521 if (!NT_STATUS_IS_OK(status)) {
5522 reply_nterror(req, status);
5526 status = filename_convert(ctx, conn,
5527 req->flags2 & FLAGS2_DFS_PATHNAMES,
5532 if (!NT_STATUS_IS_OK(status)) {
5533 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5534 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5535 ERRSRV, ERRbadpath);
5538 reply_nterror(req, status);
5542 status = create_directory(conn, req, smb_dname);
5544 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5546 if (!NT_STATUS_IS_OK(status)) {
5548 if (!use_nt_status()
5549 && NT_STATUS_EQUAL(status,
5550 NT_STATUS_OBJECT_NAME_COLLISION)) {
5552 * Yes, in the DOS error code case we get a
5553 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5554 * samba4 torture test.
5556 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5559 reply_nterror(req, status);
5563 reply_outbuf(req, 0, 0);
5565 DEBUG(3, ("mkdir %s\n", smb_dname->base_name));
5567 TALLOC_FREE(smb_dname);
5568 END_PROFILE(SMBmkdir);
5572 /****************************************************************************
5574 ****************************************************************************/
5576 void reply_rmdir(struct smb_request *req)
5578 connection_struct *conn = req->conn;
5579 struct smb_filename *smb_dname = NULL;
5580 char *directory = NULL;
5582 TALLOC_CTX *ctx = talloc_tos();
5583 files_struct *fsp = NULL;
5585 struct smbd_server_connection *sconn = req->sconn;
5587 START_PROFILE(SMBrmdir);
5589 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5590 STR_TERMINATE, &status);
5591 if (!NT_STATUS_IS_OK(status)) {
5592 reply_nterror(req, status);
5596 status = filename_convert(ctx, conn,
5597 req->flags2 & FLAGS2_DFS_PATHNAMES,
5602 if (!NT_STATUS_IS_OK(status)) {
5603 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5604 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5605 ERRSRV, ERRbadpath);
5608 reply_nterror(req, status);
5612 if (is_ntfs_stream_smb_fname(smb_dname)) {
5613 reply_nterror(req, NT_STATUS_NOT_A_DIRECTORY);
5617 status = SMB_VFS_CREATE_FILE(
5620 0, /* root_dir_fid */
5621 smb_dname, /* fname */
5622 DELETE_ACCESS, /* access_mask */
5623 (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */
5625 FILE_OPEN, /* create_disposition*/
5626 FILE_DIRECTORY_FILE, /* create_options */
5627 FILE_ATTRIBUTE_DIRECTORY, /* file_attributes */
5628 0, /* oplock_request */
5629 0, /* allocation_size */
5630 0, /* private_flags */
5636 if (!NT_STATUS_IS_OK(status)) {
5637 if (open_was_deferred(req->mid)) {
5638 /* We have re-scheduled this call. */
5641 reply_nterror(req, status);
5645 status = can_set_delete_on_close(fsp, FILE_ATTRIBUTE_DIRECTORY);
5646 if (!NT_STATUS_IS_OK(status)) {
5647 close_file(req, fsp, ERROR_CLOSE);
5648 reply_nterror(req, status);
5652 if (!set_delete_on_close(fsp, true, &conn->session_info->utok)) {
5653 close_file(req, fsp, ERROR_CLOSE);
5654 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
5658 status = close_file(req, fsp, NORMAL_CLOSE);
5659 if (!NT_STATUS_IS_OK(status)) {
5660 reply_nterror(req, status);
5662 reply_outbuf(req, 0, 0);
5665 dptr_closepath(sconn, smb_dname->base_name, req->smbpid);
5667 DEBUG(3, ("rmdir %s\n", smb_fname_str_dbg(smb_dname)));
5669 TALLOC_FREE(smb_dname);
5670 END_PROFILE(SMBrmdir);
5674 /*******************************************************************
5675 Resolve wildcards in a filename rename.
5676 ********************************************************************/
5678 static bool resolve_wildcards(TALLOC_CTX *ctx,
5683 char *name2_copy = NULL;
5688 char *p,*p2, *pname1, *pname2;
5690 name2_copy = talloc_strdup(ctx, name2);
5695 pname1 = strrchr_m(name1,'/');
5696 pname2 = strrchr_m(name2_copy,'/');
5698 if (!pname1 || !pname2) {
5702 /* Truncate the copy of name2 at the last '/' */
5705 /* Now go past the '/' */
5709 root1 = talloc_strdup(ctx, pname1);
5710 root2 = talloc_strdup(ctx, pname2);
5712 if (!root1 || !root2) {
5716 p = strrchr_m(root1,'.');
5719 ext1 = talloc_strdup(ctx, p+1);
5721 ext1 = talloc_strdup(ctx, "");
5723 p = strrchr_m(root2,'.');
5726 ext2 = talloc_strdup(ctx, p+1);
5728 ext2 = talloc_strdup(ctx, "");
5731 if (!ext1 || !ext2) {
5739 /* Hmmm. Should this be mb-aware ? */
5742 } else if (*p2 == '*') {
5744 root2 = talloc_asprintf(ctx, "%s%s",
5763 /* Hmmm. Should this be mb-aware ? */
5766 } else if (*p2 == '*') {
5768 ext2 = talloc_asprintf(ctx, "%s%s",
5784 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5789 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5801 /****************************************************************************
5802 Ensure open files have their names updated. Updated to notify other smbd's
5804 ****************************************************************************/
5806 static void rename_open_files(connection_struct *conn,
5807 struct share_mode_lock *lck,
5808 uint32_t orig_name_hash,
5809 const struct smb_filename *smb_fname_dst)
5812 bool did_rename = False;
5814 uint32_t new_name_hash;
5816 for(fsp = file_find_di_first(conn->sconn, lck->id); fsp;
5817 fsp = file_find_di_next(fsp)) {
5818 /* fsp_name is a relative path under the fsp. To change this for other
5819 sharepaths we need to manipulate relative paths. */
5820 /* TODO - create the absolute path and manipulate the newname
5821 relative to the sharepath. */
5822 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5825 if (fsp->name_hash != orig_name_hash) {
5828 DEBUG(10, ("rename_open_files: renaming file fnum %d "
5829 "(file_id %s) from %s -> %s\n", fsp->fnum,
5830 file_id_string_tos(&fsp->file_id), fsp_str_dbg(fsp),
5831 smb_fname_str_dbg(smb_fname_dst)));
5833 status = fsp_set_smb_fname(fsp, smb_fname_dst);
5834 if (NT_STATUS_IS_OK(status)) {
5836 new_name_hash = fsp->name_hash;
5841 DEBUG(10, ("rename_open_files: no open files on file_id %s "
5842 "for %s\n", file_id_string_tos(&lck->id),
5843 smb_fname_str_dbg(smb_fname_dst)));
5846 /* Send messages to all smbd's (not ourself) that the name has changed. */
5847 rename_share_filename(conn->sconn->msg_ctx, lck, conn->connectpath,
5848 orig_name_hash, new_name_hash,
5853 /****************************************************************************
5854 We need to check if the source path is a parent directory of the destination
5855 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5856 refuse the rename with a sharing violation. Under UNIX the above call can
5857 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5858 probably need to check that the client is a Windows one before disallowing
5859 this as a UNIX client (one with UNIX extensions) can know the source is a
5860 symlink and make this decision intelligently. Found by an excellent bug
5861 report from <AndyLiebman@aol.com>.
5862 ****************************************************************************/
5864 static bool rename_path_prefix_equal(const struct smb_filename *smb_fname_src,
5865 const struct smb_filename *smb_fname_dst)
5867 const char *psrc = smb_fname_src->base_name;
5868 const char *pdst = smb_fname_dst->base_name;
5871 if (psrc[0] == '.' && psrc[1] == '/') {
5874 if (pdst[0] == '.' && pdst[1] == '/') {
5877 if ((slen = strlen(psrc)) > strlen(pdst)) {
5880 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5884 * Do the notify calls from a rename
5887 static void notify_rename(connection_struct *conn, bool is_dir,
5888 const struct smb_filename *smb_fname_src,
5889 const struct smb_filename *smb_fname_dst)
5891 char *parent_dir_src = NULL;
5892 char *parent_dir_dst = NULL;
5895 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5896 : FILE_NOTIFY_CHANGE_FILE_NAME;
5898 if (!parent_dirname(talloc_tos(), smb_fname_src->base_name,
5899 &parent_dir_src, NULL) ||
5900 !parent_dirname(talloc_tos(), smb_fname_dst->base_name,
5901 &parent_dir_dst, NULL)) {
5905 if (strcmp(parent_dir_src, parent_dir_dst) == 0) {
5906 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask,
5907 smb_fname_src->base_name);
5908 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask,
5909 smb_fname_dst->base_name);
5912 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask,
5913 smb_fname_src->base_name);
5914 notify_fname(conn, NOTIFY_ACTION_ADDED, mask,
5915 smb_fname_dst->base_name);
5918 /* this is a strange one. w2k3 gives an additional event for
5919 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5920 files, but not directories */
5922 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5923 FILE_NOTIFY_CHANGE_ATTRIBUTES
5924 |FILE_NOTIFY_CHANGE_CREATION,
5925 smb_fname_dst->base_name);
5928 TALLOC_FREE(parent_dir_src);
5929 TALLOC_FREE(parent_dir_dst);
5932 /****************************************************************************
5933 Rename an open file - given an fsp.
5934 ****************************************************************************/
5936 NTSTATUS rename_internals_fsp(connection_struct *conn,
5938 const struct smb_filename *smb_fname_dst_in,
5940 bool replace_if_exists)
5942 TALLOC_CTX *ctx = talloc_tos();
5943 struct smb_filename *smb_fname_dst = NULL;
5944 NTSTATUS status = NT_STATUS_OK;
5945 struct share_mode_lock *lck = NULL;
5946 bool dst_exists, old_is_stream, new_is_stream;
5948 status = check_name(conn, smb_fname_dst_in->base_name);
5949 if (!NT_STATUS_IS_OK(status)) {
5953 /* Make a copy of the dst smb_fname structs */
5955 status = copy_smb_filename(ctx, smb_fname_dst_in, &smb_fname_dst);
5956 if (!NT_STATUS_IS_OK(status)) {
5961 * Check for special case with case preserving and not
5962 * case sensitive. If the old last component differs from the original
5963 * last component only by case, then we should allow
5964 * the rename (user is trying to change the case of the
5967 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5968 strequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
5969 strequal(fsp->fsp_name->stream_name, smb_fname_dst->stream_name)) {
5971 char *fname_dst_lcomp_base_mod = NULL;
5972 struct smb_filename *smb_fname_orig_lcomp = NULL;
5975 * Get the last component of the destination name.
5977 last_slash = strrchr_m(smb_fname_dst->base_name, '/');
5979 fname_dst_lcomp_base_mod = talloc_strdup(ctx, last_slash + 1);
5981 fname_dst_lcomp_base_mod = talloc_strdup(ctx, smb_fname_dst->base_name);
5983 if (!fname_dst_lcomp_base_mod) {
5984 status = NT_STATUS_NO_MEMORY;
5989 * Create an smb_filename struct using the original last
5990 * component of the destination.
5992 status = create_synthetic_smb_fname_split(ctx,
5993 smb_fname_dst->original_lcomp, NULL,
5994 &smb_fname_orig_lcomp);
5995 if (!NT_STATUS_IS_OK(status)) {
5996 TALLOC_FREE(fname_dst_lcomp_base_mod);
6000 /* If the base names only differ by case, use original. */
6001 if(!strcsequal(fname_dst_lcomp_base_mod,
6002 smb_fname_orig_lcomp->base_name)) {
6005 * Replace the modified last component with the
6009 *last_slash = '\0'; /* Truncate at the '/' */
6010 tmp = talloc_asprintf(smb_fname_dst,
6012 smb_fname_dst->base_name,
6013 smb_fname_orig_lcomp->base_name);
6015 tmp = talloc_asprintf(smb_fname_dst,
6017 smb_fname_orig_lcomp->base_name);
6020 status = NT_STATUS_NO_MEMORY;
6021 TALLOC_FREE(fname_dst_lcomp_base_mod);
6022 TALLOC_FREE(smb_fname_orig_lcomp);
6025 TALLOC_FREE(smb_fname_dst->base_name);
6026 smb_fname_dst->base_name = tmp;
6029 /* If the stream_names only differ by case, use original. */
6030 if(!strcsequal(smb_fname_dst->stream_name,
6031 smb_fname_orig_lcomp->stream_name)) {
6033 /* Use the original stream. */
6034 tmp = talloc_strdup(smb_fname_dst,
6035 smb_fname_orig_lcomp->stream_name);
6037 status = NT_STATUS_NO_MEMORY;
6038 TALLOC_FREE(fname_dst_lcomp_base_mod);
6039 TALLOC_FREE(smb_fname_orig_lcomp);
6042 TALLOC_FREE(smb_fname_dst->stream_name);
6043 smb_fname_dst->stream_name = tmp;
6045 TALLOC_FREE(fname_dst_lcomp_base_mod);
6046 TALLOC_FREE(smb_fname_orig_lcomp);
6050 * If the src and dest names are identical - including case,
6051 * don't do the rename, just return success.
6054 if (strcsequal(fsp->fsp_name->base_name, smb_fname_dst->base_name) &&
6055 strcsequal(fsp->fsp_name->stream_name,
6056 smb_fname_dst->stream_name)) {
6057 DEBUG(3, ("rename_internals_fsp: identical names in rename %s "
6058 "- returning success\n",
6059 smb_fname_str_dbg(smb_fname_dst)));
6060 status = NT_STATUS_OK;
6064 old_is_stream = is_ntfs_stream_smb_fname(fsp->fsp_name);
6065 new_is_stream = is_ntfs_stream_smb_fname(smb_fname_dst);
6067 /* Return the correct error code if both names aren't streams. */
6068 if (!old_is_stream && new_is_stream) {
6069 status = NT_STATUS_OBJECT_NAME_INVALID;
6073 if (old_is_stream && !new_is_stream) {
6074 status = NT_STATUS_INVALID_PARAMETER;
6078 dst_exists = SMB_VFS_STAT(conn, smb_fname_dst) == 0;
6080 if(!replace_if_exists && dst_exists) {
6081 DEBUG(3, ("rename_internals_fsp: dest exists doing rename "
6082 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6083 smb_fname_str_dbg(smb_fname_dst)));
6084 status = NT_STATUS_OBJECT_NAME_COLLISION;
6089 struct file_id fileid = vfs_file_id_from_sbuf(conn,
6090 &smb_fname_dst->st);
6091 files_struct *dst_fsp = file_find_di_first(conn->sconn,
6093 /* The file can be open when renaming a stream */
6094 if (dst_fsp && !new_is_stream) {
6095 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
6096 status = NT_STATUS_ACCESS_DENIED;
6101 /* Ensure we have a valid stat struct for the source. */
6102 status = vfs_stat_fsp(fsp);
6103 if (!NT_STATUS_IS_OK(status)) {
6107 status = can_rename(conn, fsp, attrs);
6109 if (!NT_STATUS_IS_OK(status)) {
6110 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6111 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6112 smb_fname_str_dbg(smb_fname_dst)));
6113 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
6114 status = NT_STATUS_ACCESS_DENIED;
6118 if (rename_path_prefix_equal(fsp->fsp_name, smb_fname_dst)) {
6119 status = NT_STATUS_ACCESS_DENIED;
6122 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
6126 * We have the file open ourselves, so not being able to get the
6127 * corresponding share mode lock is a fatal error.
6130 SMB_ASSERT(lck != NULL);
6132 if(SMB_VFS_RENAME(conn, fsp->fsp_name, smb_fname_dst) == 0) {
6133 uint32 create_options = fsp->fh->private_options;
6135 DEBUG(3, ("rename_internals_fsp: succeeded doing rename on "
6136 "%s -> %s\n", smb_fname_str_dbg(fsp->fsp_name),
6137 smb_fname_str_dbg(smb_fname_dst)));
6139 if (!lp_posix_pathnames() &&
6140 (lp_map_archive(SNUM(conn)) ||
6141 lp_store_dos_attributes(SNUM(conn)))) {
6142 /* We must set the archive bit on the newly
6144 if (SMB_VFS_STAT(conn, smb_fname_dst) == 0) {
6145 uint32_t old_dosmode = dos_mode(conn,
6147 file_set_dosmode(conn,
6149 old_dosmode | FILE_ATTRIBUTE_ARCHIVE,
6155 notify_rename(conn, fsp->is_directory, fsp->fsp_name,
6158 rename_open_files(conn, lck, fsp->name_hash, smb_fname_dst);
6161 * A rename acts as a new file create w.r.t. allowing an initial delete
6162 * on close, probably because in Windows there is a new handle to the
6163 * new file. If initial delete on close was requested but not
6164 * originally set, we need to set it here. This is probably not 100% correct,
6165 * but will work for the CIFSFS client which in non-posix mode
6166 * depends on these semantics. JRA.
6169 if (create_options & FILE_DELETE_ON_CLOSE) {
6170 status = can_set_delete_on_close(fsp, 0);
6172 if (NT_STATUS_IS_OK(status)) {
6173 /* Note that here we set the *inital* delete on close flag,
6174 * not the regular one. The magic gets handled in close. */
6175 fsp->initial_delete_on_close = True;
6179 status = NT_STATUS_OK;
6185 if (errno == ENOTDIR || errno == EISDIR) {
6186 status = NT_STATUS_OBJECT_NAME_COLLISION;
6188 status = map_nt_error_from_unix(errno);
6191 DEBUG(3, ("rename_internals_fsp: Error %s rename %s -> %s\n",
6192 nt_errstr(status), smb_fname_str_dbg(fsp->fsp_name),
6193 smb_fname_str_dbg(smb_fname_dst)));
6196 TALLOC_FREE(smb_fname_dst);
6201 /****************************************************************************
6202 The guts of the rename command, split out so it may be called by the NT SMB
6204 ****************************************************************************/
6206 NTSTATUS rename_internals(TALLOC_CTX *ctx,
6207 connection_struct *conn,
6208 struct smb_request *req,
6209 struct smb_filename *smb_fname_src,
6210 struct smb_filename *smb_fname_dst,
6212 bool replace_if_exists,
6215 uint32_t access_mask)
6217 char *fname_src_dir = NULL;
6218 char *fname_src_mask = NULL;
6220 NTSTATUS status = NT_STATUS_OK;
6221 struct smb_Dir *dir_hnd = NULL;
6222 const char *dname = NULL;
6223 char *talloced = NULL;
6225 int create_options = 0;
6226 bool posix_pathnames = lp_posix_pathnames();
6229 * Split the old name into directory and last component
6230 * strings. Note that unix_convert may have stripped off a
6231 * leading ./ from both name and newname if the rename is
6232 * at the root of the share. We need to make sure either both
6233 * name and newname contain a / character or neither of them do
6234 * as this is checked in resolve_wildcards().
6237 /* Split up the directory from the filename/mask. */
6238 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6239 &fname_src_dir, &fname_src_mask);
6240 if (!NT_STATUS_IS_OK(status)) {
6241 status = NT_STATUS_NO_MEMORY;
6246 * We should only check the mangled cache
6247 * here if unix_convert failed. This means
6248 * that the path in 'mask' doesn't exist
6249 * on the file system and so we need to look
6250 * for a possible mangle. This patch from
6251 * Tine Smukavec <valentin.smukavec@hermes.si>.
6254 if (!VALID_STAT(smb_fname_src->st) &&
6255 mangle_is_mangled(fname_src_mask, conn->params)) {
6256 char *new_mask = NULL;
6257 mangle_lookup_name_from_8_3(ctx, fname_src_mask, &new_mask,
6260 TALLOC_FREE(fname_src_mask);
6261 fname_src_mask = new_mask;
6265 if (!src_has_wild) {
6269 * Only one file needs to be renamed. Append the mask back
6270 * onto the directory.
6272 TALLOC_FREE(smb_fname_src->base_name);
6273 if (ISDOT(fname_src_dir)) {
6274 /* Ensure we use canonical names on open. */
6275 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6279 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6284 if (!smb_fname_src->base_name) {
6285 status = NT_STATUS_NO_MEMORY;
6289 DEBUG(3, ("rename_internals: case_sensitive = %d, "
6290 "case_preserve = %d, short case preserve = %d, "
6291 "directory = %s, newname = %s, "
6292 "last_component_dest = %s\n",
6293 conn->case_sensitive, conn->case_preserve,
6294 conn->short_case_preserve,
6295 smb_fname_str_dbg(smb_fname_src),
6296 smb_fname_str_dbg(smb_fname_dst),
6297 smb_fname_dst->original_lcomp));
6299 /* The dest name still may have wildcards. */
6300 if (dest_has_wild) {
6301 char *fname_dst_mod = NULL;
6302 if (!resolve_wildcards(smb_fname_dst,
6303 smb_fname_src->base_name,
6304 smb_fname_dst->base_name,
6306 DEBUG(6, ("rename_internals: resolve_wildcards "
6308 smb_fname_src->base_name,
6309 smb_fname_dst->base_name));
6310 status = NT_STATUS_NO_MEMORY;
6313 TALLOC_FREE(smb_fname_dst->base_name);
6314 smb_fname_dst->base_name = fname_dst_mod;
6317 ZERO_STRUCT(smb_fname_src->st);
6318 if (posix_pathnames) {
6319 SMB_VFS_LSTAT(conn, smb_fname_src);
6321 SMB_VFS_STAT(conn, smb_fname_src);
6324 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6325 create_options |= FILE_DIRECTORY_FILE;
6328 status = SMB_VFS_CREATE_FILE(
6331 0, /* root_dir_fid */
6332 smb_fname_src, /* fname */
6333 access_mask, /* access_mask */
6334 (FILE_SHARE_READ | /* share_access */
6336 FILE_OPEN, /* create_disposition*/
6337 create_options, /* create_options */
6338 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6339 0, /* oplock_request */
6340 0, /* allocation_size */
6341 0, /* private_flags */
6347 if (!NT_STATUS_IS_OK(status)) {
6348 DEBUG(3, ("Could not open rename source %s: %s\n",
6349 smb_fname_str_dbg(smb_fname_src),
6350 nt_errstr(status)));
6354 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6355 attrs, replace_if_exists);
6357 close_file(req, fsp, NORMAL_CLOSE);
6359 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6360 nt_errstr(status), smb_fname_str_dbg(smb_fname_src),
6361 smb_fname_str_dbg(smb_fname_dst)));
6367 * Wildcards - process each file that matches.
6369 if (strequal(fname_src_mask, "????????.???")) {
6370 TALLOC_FREE(fname_src_mask);
6371 fname_src_mask = talloc_strdup(ctx, "*");
6372 if (!fname_src_mask) {
6373 status = NT_STATUS_NO_MEMORY;
6378 status = check_name(conn, fname_src_dir);
6379 if (!NT_STATUS_IS_OK(status)) {
6383 dir_hnd = OpenDir(talloc_tos(), conn, fname_src_dir, fname_src_mask,
6385 if (dir_hnd == NULL) {
6386 status = map_nt_error_from_unix(errno);
6390 status = NT_STATUS_NO_SUCH_FILE;
6392 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6393 * - gentest fix. JRA
6396 while ((dname = ReadDirName(dir_hnd, &offset, &smb_fname_src->st,
6398 files_struct *fsp = NULL;
6399 char *destname = NULL;
6400 bool sysdir_entry = False;
6402 /* Quick check for "." and ".." */
6403 if (ISDOT(dname) || ISDOTDOT(dname)) {
6405 sysdir_entry = True;
6407 TALLOC_FREE(talloced);
6412 if (!is_visible_file(conn, fname_src_dir, dname,
6413 &smb_fname_src->st, false)) {
6414 TALLOC_FREE(talloced);
6418 if(!mask_match(dname, fname_src_mask, conn->case_sensitive)) {
6419 TALLOC_FREE(talloced);
6424 status = NT_STATUS_OBJECT_NAME_INVALID;
6428 TALLOC_FREE(smb_fname_src->base_name);
6429 if (ISDOT(fname_src_dir)) {
6430 /* Ensure we use canonical names on open. */
6431 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6435 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6440 if (!smb_fname_src->base_name) {
6441 status = NT_STATUS_NO_MEMORY;
6445 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
6446 smb_fname_dst->base_name,
6448 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6449 smb_fname_src->base_name, destname));
6450 TALLOC_FREE(talloced);
6454 status = NT_STATUS_NO_MEMORY;
6458 TALLOC_FREE(smb_fname_dst->base_name);
6459 smb_fname_dst->base_name = destname;
6461 ZERO_STRUCT(smb_fname_src->st);
6462 if (posix_pathnames) {
6463 SMB_VFS_LSTAT(conn, smb_fname_src);
6465 SMB_VFS_STAT(conn, smb_fname_src);
6470 if (S_ISDIR(smb_fname_src->st.st_ex_mode)) {
6471 create_options |= FILE_DIRECTORY_FILE;
6474 status = SMB_VFS_CREATE_FILE(
6477 0, /* root_dir_fid */
6478 smb_fname_src, /* fname */
6479 access_mask, /* access_mask */
6480 (FILE_SHARE_READ | /* share_access */
6482 FILE_OPEN, /* create_disposition*/
6483 create_options, /* create_options */
6484 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6485 0, /* oplock_request */
6486 0, /* allocation_size */
6487 0, /* private_flags */
6493 if (!NT_STATUS_IS_OK(status)) {
6494 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6495 "returned %s rename %s -> %s\n",
6497 smb_fname_str_dbg(smb_fname_src),
6498 smb_fname_str_dbg(smb_fname_dst)));
6502 smb_fname_dst->original_lcomp = talloc_strdup(smb_fname_dst,
6504 if (!smb_fname_dst->original_lcomp) {
6505 status = NT_STATUS_NO_MEMORY;
6509 status = rename_internals_fsp(conn, fsp, smb_fname_dst,
6510 attrs, replace_if_exists);
6512 close_file(req, fsp, NORMAL_CLOSE);
6514 if (!NT_STATUS_IS_OK(status)) {
6515 DEBUG(3, ("rename_internals_fsp returned %s for "
6516 "rename %s -> %s\n", nt_errstr(status),
6517 smb_fname_str_dbg(smb_fname_src),
6518 smb_fname_str_dbg(smb_fname_dst)));
6524 DEBUG(3,("rename_internals: doing rename on %s -> "
6525 "%s\n", smb_fname_str_dbg(smb_fname_src),
6526 smb_fname_str_dbg(smb_fname_src)));
6527 TALLOC_FREE(talloced);
6529 TALLOC_FREE(dir_hnd);
6531 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6532 status = map_nt_error_from_unix(errno);
6536 TALLOC_FREE(talloced);
6537 TALLOC_FREE(fname_src_dir);
6538 TALLOC_FREE(fname_src_mask);
6542 /****************************************************************************
6544 ****************************************************************************/
6546 void reply_mv(struct smb_request *req)
6548 connection_struct *conn = req->conn;
6550 char *newname = NULL;
6554 bool src_has_wcard = False;
6555 bool dest_has_wcard = False;
6556 TALLOC_CTX *ctx = talloc_tos();
6557 struct smb_filename *smb_fname_src = NULL;
6558 struct smb_filename *smb_fname_dst = NULL;
6559 bool stream_rename = false;
6561 START_PROFILE(SMBmv);
6564 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6568 attrs = SVAL(req->vwv+0, 0);
6570 p = (const char *)req->buf + 1;
6571 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6572 &status, &src_has_wcard);
6573 if (!NT_STATUS_IS_OK(status)) {
6574 reply_nterror(req, status);
6578 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6579 &status, &dest_has_wcard);
6580 if (!NT_STATUS_IS_OK(status)) {
6581 reply_nterror(req, status);
6585 if (!lp_posix_pathnames()) {
6586 /* The newname must begin with a ':' if the
6587 name contains a ':'. */
6588 if (strchr_m(name, ':')) {
6589 if (newname[0] != ':') {
6590 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6593 stream_rename = true;
6597 status = filename_convert(ctx,
6599 req->flags2 & FLAGS2_DFS_PATHNAMES,
6601 UCF_COND_ALLOW_WCARD_LCOMP,
6605 if (!NT_STATUS_IS_OK(status)) {
6606 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6607 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6608 ERRSRV, ERRbadpath);
6611 reply_nterror(req, status);
6615 status = filename_convert(ctx,
6617 req->flags2 & FLAGS2_DFS_PATHNAMES,
6619 UCF_COND_ALLOW_WCARD_LCOMP | UCF_SAVE_LCOMP,
6623 if (!NT_STATUS_IS_OK(status)) {
6624 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6625 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6626 ERRSRV, ERRbadpath);
6629 reply_nterror(req, status);
6633 if (stream_rename) {
6634 /* smb_fname_dst->base_name must be the same as
6635 smb_fname_src->base_name. */
6636 TALLOC_FREE(smb_fname_dst->base_name);
6637 smb_fname_dst->base_name = talloc_strdup(smb_fname_dst,
6638 smb_fname_src->base_name);
6639 if (!smb_fname_dst->base_name) {
6640 reply_nterror(req, NT_STATUS_NO_MEMORY);
6645 DEBUG(3,("reply_mv : %s -> %s\n", smb_fname_str_dbg(smb_fname_src),
6646 smb_fname_str_dbg(smb_fname_dst)));
6648 status = rename_internals(ctx, conn, req, smb_fname_src, smb_fname_dst,
6649 attrs, False, src_has_wcard, dest_has_wcard,
6651 if (!NT_STATUS_IS_OK(status)) {
6652 if (open_was_deferred(req->mid)) {
6653 /* We have re-scheduled this call. */
6656 reply_nterror(req, status);
6660 reply_outbuf(req, 0, 0);
6662 TALLOC_FREE(smb_fname_src);
6663 TALLOC_FREE(smb_fname_dst);
6668 /*******************************************************************
6669 Copy a file as part of a reply_copy.
6670 ******************************************************************/
6673 * TODO: check error codes on all callers
6676 NTSTATUS copy_file(TALLOC_CTX *ctx,
6677 connection_struct *conn,
6678 struct smb_filename *smb_fname_src,
6679 struct smb_filename *smb_fname_dst,
6682 bool target_is_directory)
6684 struct smb_filename *smb_fname_dst_tmp = NULL;
6686 files_struct *fsp1,*fsp2;
6688 uint32 new_create_disposition;
6692 status = copy_smb_filename(ctx, smb_fname_dst, &smb_fname_dst_tmp);
6693 if (!NT_STATUS_IS_OK(status)) {
6698 * If the target is a directory, extract the last component from the
6699 * src filename and append it to the dst filename
6701 if (target_is_directory) {
6704 /* dest/target can't be a stream if it's a directory. */
6705 SMB_ASSERT(smb_fname_dst->stream_name == NULL);
6707 p = strrchr_m(smb_fname_src->base_name,'/');
6711 p = smb_fname_src->base_name;
6713 smb_fname_dst_tmp->base_name =
6714 talloc_asprintf_append(smb_fname_dst_tmp->base_name, "/%s",
6716 if (!smb_fname_dst_tmp->base_name) {
6717 status = NT_STATUS_NO_MEMORY;
6722 status = vfs_file_exist(conn, smb_fname_src);
6723 if (!NT_STATUS_IS_OK(status)) {
6727 if (!target_is_directory && count) {
6728 new_create_disposition = FILE_OPEN;
6730 if (!map_open_params_to_ntcreate(smb_fname_dst_tmp, 0, ofun,
6732 &new_create_disposition,
6735 status = NT_STATUS_INVALID_PARAMETER;
6740 /* Open the src file for reading. */
6741 status = SMB_VFS_CREATE_FILE(
6744 0, /* root_dir_fid */
6745 smb_fname_src, /* fname */
6746 FILE_GENERIC_READ, /* access_mask */
6747 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6748 FILE_OPEN, /* create_disposition*/
6749 0, /* create_options */
6750 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6751 INTERNAL_OPEN_ONLY, /* oplock_request */
6752 0, /* allocation_size */
6753 0, /* private_flags */
6759 if (!NT_STATUS_IS_OK(status)) {
6763 dosattrs = dos_mode(conn, smb_fname_src);
6765 if (SMB_VFS_STAT(conn, smb_fname_dst_tmp) == -1) {
6766 ZERO_STRUCTP(&smb_fname_dst_tmp->st);
6769 /* Open the dst file for writing. */
6770 status = SMB_VFS_CREATE_FILE(
6773 0, /* root_dir_fid */
6774 smb_fname_dst, /* fname */
6775 FILE_GENERIC_WRITE, /* access_mask */
6776 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6777 new_create_disposition, /* create_disposition*/
6778 0, /* create_options */
6779 dosattrs, /* file_attributes */
6780 INTERNAL_OPEN_ONLY, /* oplock_request */
6781 0, /* allocation_size */
6782 0, /* private_flags */
6788 if (!NT_STATUS_IS_OK(status)) {
6789 close_file(NULL, fsp1, ERROR_CLOSE);
6793 if (ofun & OPENX_FILE_EXISTS_OPEN) {
6794 ret = SMB_VFS_LSEEK(fsp2, 0, SEEK_END);
6796 DEBUG(0, ("error - vfs lseek returned error %s\n",
6798 status = map_nt_error_from_unix(errno);
6799 close_file(NULL, fsp1, ERROR_CLOSE);
6800 close_file(NULL, fsp2, ERROR_CLOSE);
6805 /* Do the actual copy. */
6806 if (smb_fname_src->st.st_ex_size) {
6807 ret = vfs_transfer_file(fsp1, fsp2, smb_fname_src->st.st_ex_size);
6812 close_file(NULL, fsp1, NORMAL_CLOSE);
6814 /* Ensure the modtime is set correctly on the destination file. */
6815 set_close_write_time(fsp2, smb_fname_src->st.st_ex_mtime);
6818 * As we are opening fsp1 read-only we only expect
6819 * an error on close on fsp2 if we are out of space.
6820 * Thus we don't look at the error return from the
6823 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6825 if (!NT_STATUS_IS_OK(status)) {
6829 if (ret != (SMB_OFF_T)smb_fname_src->st.st_ex_size) {
6830 status = NT_STATUS_DISK_FULL;
6834 status = NT_STATUS_OK;
6837 TALLOC_FREE(smb_fname_dst_tmp);
6841 /****************************************************************************
6842 Reply to a file copy.
6843 ****************************************************************************/
6845 void reply_copy(struct smb_request *req)
6847 connection_struct *conn = req->conn;
6848 struct smb_filename *smb_fname_src = NULL;
6849 struct smb_filename *smb_fname_dst = NULL;
6850 char *fname_src = NULL;
6851 char *fname_dst = NULL;
6852 char *fname_src_mask = NULL;
6853 char *fname_src_dir = NULL;
6856 int error = ERRnoaccess;
6860 bool target_is_directory=False;
6861 bool source_has_wild = False;
6862 bool dest_has_wild = False;
6864 TALLOC_CTX *ctx = talloc_tos();
6866 START_PROFILE(SMBcopy);
6869 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6873 tid2 = SVAL(req->vwv+0, 0);
6874 ofun = SVAL(req->vwv+1, 0);
6875 flags = SVAL(req->vwv+2, 0);
6877 p = (const char *)req->buf;
6878 p += srvstr_get_path_req_wcard(ctx, req, &fname_src, p, STR_TERMINATE,
6879 &status, &source_has_wild);
6880 if (!NT_STATUS_IS_OK(status)) {
6881 reply_nterror(req, status);
6884 p += srvstr_get_path_req_wcard(ctx, req, &fname_dst, p, STR_TERMINATE,
6885 &status, &dest_has_wild);
6886 if (!NT_STATUS_IS_OK(status)) {
6887 reply_nterror(req, status);
6891 DEBUG(3,("reply_copy : %s -> %s\n", fname_src, fname_dst));
6893 if (tid2 != conn->cnum) {
6894 /* can't currently handle inter share copies XXXX */
6895 DEBUG(3,("Rejecting inter-share copy\n"));
6896 reply_nterror(req, NT_STATUS_BAD_DEVICE_TYPE);
6900 status = filename_convert(ctx, conn,
6901 req->flags2 & FLAGS2_DFS_PATHNAMES,
6903 UCF_COND_ALLOW_WCARD_LCOMP,
6906 if (!NT_STATUS_IS_OK(status)) {
6907 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6908 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6909 ERRSRV, ERRbadpath);
6912 reply_nterror(req, status);
6916 status = filename_convert(ctx, conn,
6917 req->flags2 & FLAGS2_DFS_PATHNAMES,
6919 UCF_COND_ALLOW_WCARD_LCOMP,
6922 if (!NT_STATUS_IS_OK(status)) {
6923 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6924 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6925 ERRSRV, ERRbadpath);
6928 reply_nterror(req, status);
6932 target_is_directory = VALID_STAT_OF_DIR(smb_fname_dst->st);
6934 if ((flags&1) && target_is_directory) {
6935 reply_nterror(req, NT_STATUS_NO_SUCH_FILE);
6939 if ((flags&2) && !target_is_directory) {
6940 reply_nterror(req, NT_STATUS_OBJECT_PATH_NOT_FOUND);
6944 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(smb_fname_src->st)) {
6945 /* wants a tree copy! XXXX */
6946 DEBUG(3,("Rejecting tree copy\n"));
6947 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6951 /* Split up the directory from the filename/mask. */
6952 status = split_fname_dir_mask(ctx, smb_fname_src->base_name,
6953 &fname_src_dir, &fname_src_mask);
6954 if (!NT_STATUS_IS_OK(status)) {
6955 reply_nterror(req, NT_STATUS_NO_MEMORY);
6960 * We should only check the mangled cache
6961 * here if unix_convert failed. This means
6962 * that the path in 'mask' doesn't exist
6963 * on the file system and so we need to look
6964 * for a possible mangle. This patch from
6965 * Tine Smukavec <valentin.smukavec@hermes.si>.
6967 if (!VALID_STAT(smb_fname_src->st) &&
6968 mangle_is_mangled(fname_src_mask, conn->params)) {
6969 char *new_mask = NULL;
6970 mangle_lookup_name_from_8_3(ctx, fname_src_mask,
6971 &new_mask, conn->params);
6973 /* Use demangled name if one was successfully found. */
6975 TALLOC_FREE(fname_src_mask);
6976 fname_src_mask = new_mask;
6980 if (!source_has_wild) {
6983 * Only one file needs to be copied. Append the mask back onto
6986 TALLOC_FREE(smb_fname_src->base_name);
6987 if (ISDOT(fname_src_dir)) {
6988 /* Ensure we use canonical names on open. */
6989 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6993 smb_fname_src->base_name = talloc_asprintf(smb_fname_src,
6998 if (!smb_fname_src->base_name) {
6999 reply_nterror(req, NT_STATUS_NO_MEMORY);
7003 if (dest_has_wild) {
7004 char *fname_dst_mod = NULL;
7005 if (!resolve_wildcards(smb_fname_dst,
7006 smb_fname_src->base_name,
7007 smb_fname_dst->base_name,
7009 reply_nterror(req, NT_STATUS_NO_MEMORY);
7012 TALLOC_FREE(smb_fname_dst->base_name);
7013 smb_fname_dst->base_name = fname_dst_mod;
7016 status = check_name(conn, smb_fname_src->base_name);
7017 if (!NT_STATUS_IS_OK(status)) {
7018 reply_nterror(req, status);
7022 status = check_name(conn, smb_fname_dst->base_name);
7023 if (!NT_STATUS_IS_OK(status)) {
7024 reply_nterror(req, status);
7028 status = copy_file(ctx, conn, smb_fname_src, smb_fname_dst,
7029 ofun, count, target_is_directory);
7031 if(!NT_STATUS_IS_OK(status)) {
7032 reply_nterror(req, status);
7038 struct smb_Dir *dir_hnd = NULL;
7039 const char *dname = NULL;
7040 char *talloced = NULL;
7044 * There is a wildcard that requires us to actually read the
7045 * src dir and copy each file matching the mask to the dst.
7046 * Right now streams won't be copied, but this could
7047 * presumably be added with a nested loop for reach dir entry.
7049 SMB_ASSERT(!smb_fname_src->stream_name);
7050 SMB_ASSERT(!smb_fname_dst->stream_name);
7052 smb_fname_src->stream_name = NULL;
7053 smb_fname_dst->stream_name = NULL;
7055 if (strequal(fname_src_mask,"????????.???")) {
7056 TALLOC_FREE(fname_src_mask);
7057 fname_src_mask = talloc_strdup(ctx, "*");
7058 if (!fname_src_mask) {
7059 reply_nterror(req, NT_STATUS_NO_MEMORY);
7064 status = check_name(conn, fname_src_dir);
7065 if (!NT_STATUS_IS_OK(status)) {
7066 reply_nterror(req, status);
7070 dir_hnd = OpenDir(ctx, conn, fname_src_dir, fname_src_mask, 0);
7071 if (dir_hnd == NULL) {
7072 status = map_nt_error_from_unix(errno);
7073 reply_nterror(req, status);
7079 /* Iterate over the src dir copying each entry to the dst. */
7080 while ((dname = ReadDirName(dir_hnd, &offset,
7081 &smb_fname_src->st, &talloced))) {
7082 char *destname = NULL;
7084 if (ISDOT(dname) || ISDOTDOT(dname)) {
7085 TALLOC_FREE(talloced);
7089 if (!is_visible_file(conn, fname_src_dir, dname,
7090 &smb_fname_src->st, false)) {
7091 TALLOC_FREE(talloced);
7095 if(!mask_match(dname, fname_src_mask,
7096 conn->case_sensitive)) {
7097 TALLOC_FREE(talloced);
7101 error = ERRnoaccess;
7103 /* Get the src smb_fname struct setup. */
7104 TALLOC_FREE(smb_fname_src->base_name);
7105 if (ISDOT(fname_src_dir)) {
7106 /* Ensure we use canonical names on open. */
7107 smb_fname_src->base_name =
7108 talloc_asprintf(smb_fname_src, "%s",
7111 smb_fname_src->base_name =
7112 talloc_asprintf(smb_fname_src, "%s/%s",
7113 fname_src_dir, dname);
7116 if (!smb_fname_src->base_name) {
7117 TALLOC_FREE(dir_hnd);
7118 TALLOC_FREE(talloced);
7119 reply_nterror(req, NT_STATUS_NO_MEMORY);
7123 if (!resolve_wildcards(ctx, smb_fname_src->base_name,
7124 smb_fname_dst->base_name,
7126 TALLOC_FREE(talloced);
7130 TALLOC_FREE(dir_hnd);
7131 TALLOC_FREE(talloced);
7132 reply_nterror(req, NT_STATUS_NO_MEMORY);
7136 TALLOC_FREE(smb_fname_dst->base_name);
7137 smb_fname_dst->base_name = destname;
7139 status = check_name(conn, smb_fname_src->base_name);
7140 if (!NT_STATUS_IS_OK(status)) {
7141 TALLOC_FREE(dir_hnd);
7142 TALLOC_FREE(talloced);
7143 reply_nterror(req, status);
7147 status = check_name(conn, smb_fname_dst->base_name);
7148 if (!NT_STATUS_IS_OK(status)) {
7149 TALLOC_FREE(dir_hnd);
7150 TALLOC_FREE(talloced);
7151 reply_nterror(req, status);
7155 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",
7156 smb_fname_src->base_name,
7157 smb_fname_dst->base_name));
7159 status = copy_file(ctx, conn, smb_fname_src,
7160 smb_fname_dst, ofun, count,
7161 target_is_directory);
7162 if (NT_STATUS_IS_OK(status)) {
7166 TALLOC_FREE(talloced);
7168 TALLOC_FREE(dir_hnd);
7172 reply_nterror(req, dos_to_ntstatus(ERRDOS, error));
7176 reply_outbuf(req, 1, 0);
7177 SSVAL(req->outbuf,smb_vwv0,count);
7179 TALLOC_FREE(smb_fname_src);
7180 TALLOC_FREE(smb_fname_dst);
7181 TALLOC_FREE(fname_src);
7182 TALLOC_FREE(fname_dst);
7183 TALLOC_FREE(fname_src_mask);
7184 TALLOC_FREE(fname_src_dir);
7186 END_PROFILE(SMBcopy);
7191 #define DBGC_CLASS DBGC_LOCKING
7193 /****************************************************************************
7194 Get a lock pid, dealing with large count requests.
7195 ****************************************************************************/
7197 uint64_t get_lock_pid(const uint8_t *data, int data_offset,
7198 bool large_file_format)
7200 if(!large_file_format)
7201 return (uint64_t)SVAL(data,SMB_LPID_OFFSET(data_offset));
7203 return (uint64_t)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
7206 /****************************************************************************
7207 Get a lock count, dealing with large count requests.
7208 ****************************************************************************/
7210 uint64_t get_lock_count(const uint8_t *data, int data_offset,
7211 bool large_file_format)
7215 if(!large_file_format) {
7216 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
7219 #if defined(HAVE_LONGLONG)
7220 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
7221 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
7222 #else /* HAVE_LONGLONG */
7225 * NT4.x seems to be broken in that it sends large file (64 bit)
7226 * lockingX calls even if the CAP_LARGE_FILES was *not*
7227 * negotiated. For boxes without large unsigned ints truncate the
7228 * lock count by dropping the top 32 bits.
7231 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
7232 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
7233 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
7234 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
7235 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
7238 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
7239 #endif /* HAVE_LONGLONG */
7245 #if !defined(HAVE_LONGLONG)
7246 /****************************************************************************
7247 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
7248 ****************************************************************************/
7250 static uint32 map_lock_offset(uint32 high, uint32 low)
7254 uint32 highcopy = high;
7257 * Try and find out how many significant bits there are in high.
7260 for(i = 0; highcopy; i++)
7264 * We use 31 bits not 32 here as POSIX
7265 * lock offsets may not be negative.
7268 mask = (~0) << (31 - i);
7271 return 0; /* Fail. */
7277 #endif /* !defined(HAVE_LONGLONG) */
7279 /****************************************************************************
7280 Get a lock offset, dealing with large offset requests.
7281 ****************************************************************************/
7283 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
7284 bool large_file_format, bool *err)
7286 uint64_t offset = 0;
7290 if(!large_file_format) {
7291 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
7294 #if defined(HAVE_LONGLONG)
7295 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
7296 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
7297 #else /* HAVE_LONGLONG */
7300 * NT4.x seems to be broken in that it sends large file (64 bit)
7301 * lockingX calls even if the CAP_LARGE_FILES was *not*
7302 * negotiated. For boxes without large unsigned ints mangle the
7303 * lock offset by mapping the top 32 bits onto the lower 32.
7306 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
7307 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7308 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
7311 if((new_low = map_lock_offset(high, low)) == 0) {
7313 return (uint64_t)-1;
7316 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
7317 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
7318 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
7319 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
7322 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
7323 #endif /* HAVE_LONGLONG */
7329 NTSTATUS smbd_do_locking(struct smb_request *req,
7333 uint16_t num_ulocks,
7334 struct smbd_lock_element *ulocks,
7336 struct smbd_lock_element *locks,
7339 connection_struct *conn = req->conn;
7341 NTSTATUS status = NT_STATUS_OK;
7345 /* Data now points at the beginning of the list
7346 of smb_unlkrng structs */
7347 for(i = 0; i < (int)num_ulocks; i++) {
7348 struct smbd_lock_element *e = &ulocks[i];
7350 DEBUG(10,("smbd_do_locking: unlock start=%.0f, len=%.0f for "
7351 "pid %u, file %s\n",
7354 (unsigned int)e->smblctx,
7357 if (e->brltype != UNLOCK_LOCK) {
7358 /* this can only happen with SMB2 */
7359 return NT_STATUS_INVALID_PARAMETER;
7362 status = do_unlock(req->sconn->msg_ctx,
7369 DEBUG(10, ("smbd_do_locking: unlock returned %s\n",
7370 nt_errstr(status)));
7372 if (!NT_STATUS_IS_OK(status)) {
7377 /* Setup the timeout in seconds. */
7379 if (!lp_blocking_locks(SNUM(conn))) {
7383 /* Data now points at the beginning of the list
7384 of smb_lkrng structs */
7386 for(i = 0; i < (int)num_locks; i++) {
7387 struct smbd_lock_element *e = &locks[i];
7389 DEBUG(10,("smbd_do_locking: lock start=%.0f, len=%.0f for smblctx "
7390 "%llu, file %s timeout = %d\n",
7393 (unsigned long long)e->smblctx,
7397 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7398 struct blocking_lock_record *blr = NULL;
7400 if (num_locks > 1) {
7402 * MS-CIFS (2.2.4.32.1) states that a cancel is honored if and only
7403 * if the lock vector contains one entry. When given mutliple cancel
7404 * requests in a single PDU we expect the server to return an
7405 * error. Windows servers seem to accept the request but only
7406 * cancel the first lock.
7407 * JRA - Do what Windows does (tm) :-).
7411 /* MS-CIFS (2.2.4.32.1) behavior. */
7412 return NT_STATUS_DOS(ERRDOS,
7413 ERRcancelviolation);
7415 /* Windows behavior. */
7417 DEBUG(10,("smbd_do_locking: ignoring subsequent "
7418 "cancel request\n"));
7424 if (lp_blocking_locks(SNUM(conn))) {
7426 /* Schedule a message to ourselves to
7427 remove the blocking lock record and
7428 return the right error. */
7430 blr = blocking_lock_cancel_smb1(fsp,
7436 NT_STATUS_FILE_LOCK_CONFLICT);
7438 return NT_STATUS_DOS(
7440 ERRcancelviolation);
7443 /* Remove a matching pending lock. */
7444 status = do_lock_cancel(fsp,
7451 bool blocking_lock = timeout ? true : false;
7452 bool defer_lock = false;
7453 struct byte_range_lock *br_lck;
7454 uint64_t block_smblctx;
7456 br_lck = do_lock(req->sconn->msg_ctx,
7468 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7469 /* Windows internal resolution for blocking locks seems
7470 to be about 200ms... Don't wait for less than that. JRA. */
7471 if (timeout != -1 && timeout < lp_lock_spin_time()) {
7472 timeout = lp_lock_spin_time();
7477 /* If a lock sent with timeout of zero would fail, and
7478 * this lock has been requested multiple times,
7479 * according to brl_lock_failed() we convert this
7480 * request to a blocking lock with a timeout of between
7481 * 150 - 300 milliseconds.
7483 * If lp_lock_spin_time() has been set to 0, we skip
7484 * this blocking retry and fail immediately.
7486 * Replacement for do_lock_spin(). JRA. */
7488 if (!req->sconn->using_smb2 &&
7489 br_lck && lp_blocking_locks(SNUM(conn)) &&
7490 lp_lock_spin_time() && !blocking_lock &&
7491 NT_STATUS_EQUAL((status),
7492 NT_STATUS_FILE_LOCK_CONFLICT))
7495 timeout = lp_lock_spin_time();
7498 if (br_lck && defer_lock) {
7500 * A blocking lock was requested. Package up
7501 * this smb into a queued request and push it
7502 * onto the blocking lock queue.
7504 if(push_blocking_lock_request(br_lck,
7515 TALLOC_FREE(br_lck);
7517 return NT_STATUS_OK;
7521 TALLOC_FREE(br_lck);
7524 if (!NT_STATUS_IS_OK(status)) {
7529 /* If any of the above locks failed, then we must unlock
7530 all of the previous locks (X/Open spec). */
7532 if (num_locks != 0 && !NT_STATUS_IS_OK(status)) {
7534 if (type & LOCKING_ANDX_CANCEL_LOCK) {
7535 i = -1; /* we want to skip the for loop */
7539 * Ensure we don't do a remove on the lock that just failed,
7540 * as under POSIX rules, if we have a lock already there, we
7541 * will delete it (and we shouldn't) .....
7543 for(i--; i >= 0; i--) {
7544 struct smbd_lock_element *e = &locks[i];
7546 do_unlock(req->sconn->msg_ctx,
7556 DEBUG(3, ("smbd_do_locking: fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7557 fsp->fnum, (unsigned int)type, num_locks, num_ulocks));
7559 return NT_STATUS_OK;
7562 /****************************************************************************
7563 Reply to a lockingX request.
7564 ****************************************************************************/
7566 void reply_lockingX(struct smb_request *req)
7568 connection_struct *conn = req->conn;
7570 unsigned char locktype;
7571 unsigned char oplocklevel;
7576 const uint8_t *data;
7577 bool large_file_format;
7579 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
7580 struct smbd_lock_element *ulocks;
7581 struct smbd_lock_element *locks;
7584 START_PROFILE(SMBlockingX);
7587 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7588 END_PROFILE(SMBlockingX);
7592 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
7593 locktype = CVAL(req->vwv+3, 0);
7594 oplocklevel = CVAL(req->vwv+3, 1);
7595 num_ulocks = SVAL(req->vwv+6, 0);
7596 num_locks = SVAL(req->vwv+7, 0);
7597 lock_timeout = IVAL(req->vwv+4, 0);
7598 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
7600 if (!check_fsp(conn, req, fsp)) {
7601 END_PROFILE(SMBlockingX);
7607 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
7608 /* we don't support these - and CANCEL_LOCK makes w2k
7609 and XP reboot so I don't really want to be
7610 compatible! (tridge) */
7611 reply_force_doserror(req, ERRDOS, ERRnoatomiclocks);
7612 END_PROFILE(SMBlockingX);
7616 /* Check if this is an oplock break on a file
7617 we have granted an oplock on.
7619 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
7620 /* Client can insist on breaking to none. */
7621 bool break_to_none = (oplocklevel == 0);
7624 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
7625 "for fnum = %d\n", (unsigned int)oplocklevel,
7629 * Make sure we have granted an exclusive or batch oplock on
7633 if (fsp->oplock_type == 0) {
7635 /* The Samba4 nbench simulator doesn't understand
7636 the difference between break to level2 and break
7637 to none from level2 - it sends oplock break
7638 replies in both cases. Don't keep logging an error
7639 message here - just ignore it. JRA. */
7641 DEBUG(5,("reply_lockingX: Error : oplock break from "
7642 "client for fnum = %d (oplock=%d) and no "
7643 "oplock granted on this file (%s).\n",
7644 fsp->fnum, fsp->oplock_type,
7647 /* if this is a pure oplock break request then don't
7649 if (num_locks == 0 && num_ulocks == 0) {
7650 END_PROFILE(SMBlockingX);
7653 END_PROFILE(SMBlockingX);
7654 reply_nterror(req, NT_STATUS_FILE_LOCK_CONFLICT);
7659 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
7661 result = remove_oplock(fsp);
7663 result = downgrade_oplock(fsp);
7667 DEBUG(0, ("reply_lockingX: error in removing "
7668 "oplock on file %s\n", fsp_str_dbg(fsp)));
7669 /* Hmmm. Is this panic justified? */
7670 smb_panic("internal tdb error");
7673 reply_to_oplock_break_requests(fsp);
7675 /* if this is a pure oplock break request then don't send a
7677 if (num_locks == 0 && num_ulocks == 0) {
7678 /* Sanity check - ensure a pure oplock break is not a
7680 if(CVAL(req->vwv+0, 0) != 0xff)
7681 DEBUG(0,("reply_lockingX: Error : pure oplock "
7682 "break is a chained %d request !\n",
7683 (unsigned int)CVAL(req->vwv+0, 0)));
7684 END_PROFILE(SMBlockingX);
7690 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
7691 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7692 END_PROFILE(SMBlockingX);
7696 ulocks = talloc_array(req, struct smbd_lock_element, num_ulocks);
7697 if (ulocks == NULL) {
7698 reply_nterror(req, NT_STATUS_NO_MEMORY);
7699 END_PROFILE(SMBlockingX);
7703 locks = talloc_array(req, struct smbd_lock_element, num_locks);
7704 if (locks == NULL) {
7705 reply_nterror(req, NT_STATUS_NO_MEMORY);
7706 END_PROFILE(SMBlockingX);
7710 /* Data now points at the beginning of the list
7711 of smb_unlkrng structs */
7712 for(i = 0; i < (int)num_ulocks; i++) {
7713 ulocks[i].smblctx = get_lock_pid(data, i, large_file_format);
7714 ulocks[i].count = get_lock_count(data, i, large_file_format);
7715 ulocks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7716 ulocks[i].brltype = UNLOCK_LOCK;
7719 * There is no error code marked "stupid client bug".... :-).
7722 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7723 END_PROFILE(SMBlockingX);
7728 /* Now do any requested locks */
7729 data += ((large_file_format ? 20 : 10)*num_ulocks);
7731 /* Data now points at the beginning of the list
7732 of smb_lkrng structs */
7734 for(i = 0; i < (int)num_locks; i++) {
7735 locks[i].smblctx = get_lock_pid(data, i, large_file_format);
7736 locks[i].count = get_lock_count(data, i, large_file_format);
7737 locks[i].offset = get_lock_offset(data, i, large_file_format, &err);
7739 if (locktype & LOCKING_ANDX_SHARED_LOCK) {
7740 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7741 locks[i].brltype = PENDING_READ_LOCK;
7743 locks[i].brltype = READ_LOCK;
7746 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7747 locks[i].brltype = PENDING_WRITE_LOCK;
7749 locks[i].brltype = WRITE_LOCK;
7754 * There is no error code marked "stupid client bug".... :-).
7757 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
7758 END_PROFILE(SMBlockingX);
7763 status = smbd_do_locking(req, fsp,
7764 locktype, lock_timeout,
7768 if (!NT_STATUS_IS_OK(status)) {
7769 END_PROFILE(SMBlockingX);
7770 reply_nterror(req, status);
7774 END_PROFILE(SMBlockingX);
7778 reply_outbuf(req, 2, 0);
7780 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7781 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7783 END_PROFILE(SMBlockingX);
7788 #define DBGC_CLASS DBGC_ALL
7790 /****************************************************************************
7791 Reply to a SMBreadbmpx (read block multiplex) request.
7792 Always reply with an error, if someone has a platform really needs this,
7793 please contact vl@samba.org
7794 ****************************************************************************/
7796 void reply_readbmpx(struct smb_request *req)
7798 START_PROFILE(SMBreadBmpx);
7799 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7800 END_PROFILE(SMBreadBmpx);
7804 /****************************************************************************
7805 Reply to a SMBreadbs (read block multiplex secondary) request.
7806 Always reply with an error, if someone has a platform really needs this,
7807 please contact vl@samba.org
7808 ****************************************************************************/
7810 void reply_readbs(struct smb_request *req)
7812 START_PROFILE(SMBreadBs);
7813 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7814 END_PROFILE(SMBreadBs);
7818 /****************************************************************************
7819 Reply to a SMBsetattrE.
7820 ****************************************************************************/
7822 void reply_setattrE(struct smb_request *req)
7824 connection_struct *conn = req->conn;
7825 struct smb_file_time ft;
7829 START_PROFILE(SMBsetattrE);
7833 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7837 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7839 if(!fsp || (fsp->conn != conn)) {
7840 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7845 * Convert the DOS times into unix times.
7848 ft.atime = convert_time_t_to_timespec(
7849 srv_make_unix_date2(req->vwv+3));
7850 ft.mtime = convert_time_t_to_timespec(
7851 srv_make_unix_date2(req->vwv+5));
7852 ft.create_time = convert_time_t_to_timespec(
7853 srv_make_unix_date2(req->vwv+1));
7855 reply_outbuf(req, 0, 0);
7858 * Patch from Ray Frush <frush@engr.colostate.edu>
7859 * Sometimes times are sent as zero - ignore them.
7862 /* Ensure we have a valid stat struct for the source. */
7863 status = vfs_stat_fsp(fsp);
7864 if (!NT_STATUS_IS_OK(status)) {
7865 reply_nterror(req, status);
7869 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &ft, true);
7870 if (!NT_STATUS_IS_OK(status)) {
7871 reply_nterror(req, status);
7875 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7878 (unsigned int)ft.atime.tv_sec,
7879 (unsigned int)ft.mtime.tv_sec,
7880 (unsigned int)ft.create_time.tv_sec
7883 END_PROFILE(SMBsetattrE);
7888 /* Back from the dead for OS/2..... JRA. */
7890 /****************************************************************************
7891 Reply to a SMBwritebmpx (write block multiplex primary) request.
7892 Always reply with an error, if someone has a platform really needs this,
7893 please contact vl@samba.org
7894 ****************************************************************************/
7896 void reply_writebmpx(struct smb_request *req)
7898 START_PROFILE(SMBwriteBmpx);
7899 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7900 END_PROFILE(SMBwriteBmpx);
7904 /****************************************************************************
7905 Reply to a SMBwritebs (write block multiplex secondary) request.
7906 Always reply with an error, if someone has a platform really needs this,
7907 please contact vl@samba.org
7908 ****************************************************************************/
7910 void reply_writebs(struct smb_request *req)
7912 START_PROFILE(SMBwriteBs);
7913 reply_force_doserror(req, ERRSRV, ERRuseSTD);
7914 END_PROFILE(SMBwriteBs);
7918 /****************************************************************************
7919 Reply to a SMBgetattrE.
7920 ****************************************************************************/
7922 void reply_getattrE(struct smb_request *req)
7924 connection_struct *conn = req->conn;
7927 struct timespec create_ts;
7929 START_PROFILE(SMBgetattrE);
7932 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7933 END_PROFILE(SMBgetattrE);
7937 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7939 if(!fsp || (fsp->conn != conn)) {
7940 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
7941 END_PROFILE(SMBgetattrE);
7945 /* Do an fstat on this file */
7947 reply_nterror(req, map_nt_error_from_unix(errno));
7948 END_PROFILE(SMBgetattrE);
7952 mode = dos_mode(conn, fsp->fsp_name);
7955 * Convert the times into dos times. Set create
7956 * date to be last modify date as UNIX doesn't save
7960 reply_outbuf(req, 11, 0);
7962 create_ts = get_create_timespec(conn, fsp, fsp->fsp_name);
7963 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7964 srv_put_dos_date2((char *)req->outbuf, smb_vwv2,
7965 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_atime));
7966 /* Should we check pending modtime here ? JRA */
7967 srv_put_dos_date2((char *)req->outbuf, smb_vwv4,
7968 convert_timespec_to_time_t(fsp->fsp_name->st.st_ex_mtime));
7971 SIVAL(req->outbuf, smb_vwv6, 0);
7972 SIVAL(req->outbuf, smb_vwv8, 0);
7974 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &fsp->fsp_name->st);
7975 SIVAL(req->outbuf, smb_vwv6, (uint32)fsp->fsp_name->st.st_ex_size);
7976 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7978 SSVAL(req->outbuf,smb_vwv10, mode);
7980 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7982 END_PROFILE(SMBgetattrE);
git.samba.org / samba.git / blob