2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
7 Copyright (C) Volker Lendecke 2007
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License as published by
11 the Free Software Foundation; either version 3 of the License, or
12 (at your option) any later version.
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License for more details.
19 You should have received a copy of the GNU General Public License
20 along with this program. If not, see <http://www.gnu.org/licenses/>.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
28 #include "smbd/globals.h"
30 extern enum protocol_types Protocol;
32 /****************************************************************************
33 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
34 path or anything including wildcards.
35 We're assuming here that '/' is not the second byte in any multibyte char
36 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
38 ****************************************************************************/
40 /* Custom version for processing POSIX paths. */
41 #define IS_PATH_SEP(c,posix_only) ((c) == '/' || (!(posix_only) && (c) == '\\'))
43 static NTSTATUS check_path_syntax_internal(char *path,
45 bool *p_last_component_contains_wcard)
49 NTSTATUS ret = NT_STATUS_OK;
50 bool start_of_name_component = True;
51 bool stream_started = false;
53 *p_last_component_contains_wcard = False;
60 return NT_STATUS_OBJECT_NAME_INVALID;
63 return NT_STATUS_OBJECT_NAME_INVALID;
65 if (strchr_m(&s[1], ':')) {
66 return NT_STATUS_OBJECT_NAME_INVALID;
68 if (StrCaseCmp(s, ":$DATA") != 0) {
69 return NT_STATUS_INVALID_PARAMETER;
75 if (!posix_path && !stream_started && *s == ':') {
76 if (*p_last_component_contains_wcard) {
77 return NT_STATUS_OBJECT_NAME_INVALID;
79 /* Stream names allow more characters than file names.
80 We're overloading posix_path here to allow a wider
81 range of characters. If stream_started is true this
82 is still a Windows path even if posix_path is true.
85 stream_started = true;
86 start_of_name_component = false;
90 return NT_STATUS_OBJECT_NAME_INVALID;
94 if (!stream_started && IS_PATH_SEP(*s,posix_path)) {
96 * Safe to assume is not the second part of a mb char
97 * as this is handled below.
99 /* Eat multiple '/' or '\\' */
100 while (IS_PATH_SEP(*s,posix_path)) {
103 if ((d != path) && (*s != '\0')) {
104 /* We only care about non-leading or trailing '/' or '\\' */
108 start_of_name_component = True;
110 *p_last_component_contains_wcard = False;
114 if (start_of_name_component) {
115 if ((s[0] == '.') && (s[1] == '.') && (IS_PATH_SEP(s[2],posix_path) || s[2] == '\0')) {
116 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
119 * No mb char starts with '.' so we're safe checking the directory separator here.
122 /* If we just added a '/' - delete it */
123 if ((d > path) && (*(d-1) == '/')) {
128 /* Are we at the start ? Can't go back further if so. */
130 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
133 /* Go back one level... */
134 /* We know this is safe as '/' cannot be part of a mb sequence. */
135 /* NOTE - if this assumption is invalid we are not in good shape... */
136 /* Decrement d first as d points to the *next* char to write into. */
137 for (d--; d > path; d--) {
141 s += 2; /* Else go past the .. */
142 /* We're still at the start of a name component, just the previous one. */
145 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_PATH_SEP(s[1],posix_path))) {
157 if (*s <= 0x1f || *s == '|') {
158 return NT_STATUS_OBJECT_NAME_INVALID;
166 *p_last_component_contains_wcard = True;
175 /* Get the size of the next MB character. */
176 next_codepoint(s,&siz);
194 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
196 return NT_STATUS_INVALID_PARAMETER;
199 start_of_name_component = False;
207 /****************************************************************************
208 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
209 No wildcards allowed.
210 ****************************************************************************/
212 NTSTATUS check_path_syntax(char *path)
215 return check_path_syntax_internal(path, False, &ignore);
218 /****************************************************************************
219 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
220 Wildcards allowed - p_contains_wcard returns true if the last component contained
222 ****************************************************************************/
224 NTSTATUS check_path_syntax_wcard(char *path, bool *p_contains_wcard)
226 return check_path_syntax_internal(path, False, p_contains_wcard);
229 /****************************************************************************
230 Check the path for a POSIX client.
231 We're assuming here that '/' is not the second byte in any multibyte char
232 set (a safe assumption).
233 ****************************************************************************/
235 NTSTATUS check_path_syntax_posix(char *path)
238 return check_path_syntax_internal(path, True, &ignore);
241 /****************************************************************************
242 Pull a string and check the path allowing a wilcard - provide for error return.
243 ****************************************************************************/
245 size_t srvstr_get_path_wcard(TALLOC_CTX *ctx,
246 const char *base_ptr,
253 bool *contains_wcard)
259 ret = srvstr_pull_talloc(ctx, base_ptr, smb_flags2, pp_dest, src,
263 *err = NT_STATUS_INVALID_PARAMETER;
267 *contains_wcard = False;
269 if (smb_flags2 & FLAGS2_DFS_PATHNAMES) {
271 * For a DFS path the function parse_dfs_path()
272 * will do the path processing, just make a copy.
278 if (lp_posix_pathnames()) {
279 *err = check_path_syntax_posix(*pp_dest);
281 *err = check_path_syntax_wcard(*pp_dest, contains_wcard);
287 /****************************************************************************
288 Pull a string and check the path - provide for error return.
289 ****************************************************************************/
291 size_t srvstr_get_path(TALLOC_CTX *ctx,
292 const char *base_ptr,
301 return srvstr_get_path_wcard(ctx, base_ptr, smb_flags2, pp_dest, src,
302 src_len, flags, err, &ignore);
305 size_t srvstr_get_path_req_wcard(TALLOC_CTX *mem_ctx, struct smb_request *req,
306 char **pp_dest, const char *src, int flags,
307 NTSTATUS *err, bool *contains_wcard)
309 return srvstr_get_path_wcard(mem_ctx, (char *)req->inbuf, req->flags2,
310 pp_dest, src, smbreq_bufrem(req, src),
311 flags, err, contains_wcard);
314 size_t srvstr_get_path_req(TALLOC_CTX *mem_ctx, struct smb_request *req,
315 char **pp_dest, const char *src, int flags,
319 return srvstr_get_path_req_wcard(mem_ctx, req, pp_dest, src,
320 flags, err, &ignore);
323 /****************************************************************************
324 Check if we have a correct fsp pointing to a file. Basic check for open fsp.
325 ****************************************************************************/
327 bool check_fsp_open(connection_struct *conn, struct smb_request *req,
330 if (!(fsp) || !(conn)) {
331 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
334 if (((conn) != (fsp)->conn) || req->vuid != (fsp)->vuid) {
335 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
341 /****************************************************************************
342 Check if we have a correct fsp pointing to a file.
343 ****************************************************************************/
345 bool check_fsp(connection_struct *conn, struct smb_request *req,
348 if (!check_fsp_open(conn, req, fsp)) {
351 if ((fsp)->is_directory) {
352 reply_nterror(req, NT_STATUS_INVALID_DEVICE_REQUEST);
355 if ((fsp)->fh->fd == -1) {
356 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
359 (fsp)->num_smb_operations++;
363 /****************************************************************************
364 Check if we have a correct fsp pointing to a quota fake file. Replacement for
365 the CHECK_NTQUOTA_HANDLE_OK macro.
366 ****************************************************************************/
368 bool check_fsp_ntquota_handle(connection_struct *conn, struct smb_request *req,
371 if (!check_fsp_open(conn, req, fsp)) {
375 if (fsp->is_directory) {
379 if (fsp->fake_file_handle == NULL) {
383 if (fsp->fake_file_handle->type != FAKE_FILE_TYPE_QUOTA) {
387 if (fsp->fake_file_handle->private_data == NULL) {
394 /****************************************************************************
395 Check if we have a correct fsp. Replacement for the FSP_BELONGS_CONN macro
396 ****************************************************************************/
398 bool fsp_belongs_conn(connection_struct *conn, struct smb_request *req,
401 if ((fsp) && (conn) && ((conn)==(fsp)->conn)
402 && (req->vuid == (fsp)->vuid)) {
406 reply_nterror(req, NT_STATUS_INVALID_HANDLE);
410 /****************************************************************************
411 Reply to a (netbios-level) special message.
412 ****************************************************************************/
414 void reply_special(char *inbuf)
416 int msg_type = CVAL(inbuf,0);
417 int msg_flags = CVAL(inbuf,1);
422 * We only really use 4 bytes of the outbuf, but for the smb_setlen
423 * calculation & friends (srv_send_smb uses that) we need the full smb
426 char outbuf[smb_size];
430 memset(outbuf, '\0', sizeof(outbuf));
432 smb_setlen(outbuf,0);
435 case 0x81: /* session request */
437 if (already_got_session) {
438 exit_server_cleanly("multiple session request not permitted");
441 SCVAL(outbuf,0,0x82);
443 if (name_len(inbuf+4) > 50 ||
444 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
445 DEBUG(0,("Invalid name length in session request\n"));
448 name_extract(inbuf,4,name1);
449 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
450 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
453 set_local_machine_name(name1, True);
454 set_remote_machine_name(name2, True);
456 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
457 get_local_machine_name(), get_remote_machine_name(),
460 if (name_type == 'R') {
461 /* We are being asked for a pathworks session ---
463 SCVAL(outbuf, 0,0x83);
467 /* only add the client's machine name to the list
468 of possibly valid usernames if we are operating
469 in share mode security */
470 if (lp_security() == SEC_SHARE) {
471 add_session_user(get_remote_machine_name());
474 reload_services(True);
477 already_got_session = True;
480 case 0x89: /* session keepalive request
481 (some old clients produce this?) */
482 SCVAL(outbuf,0,SMBkeepalive);
486 case 0x82: /* positive session response */
487 case 0x83: /* negative session response */
488 case 0x84: /* retarget session response */
489 DEBUG(0,("Unexpected session response\n"));
492 case SMBkeepalive: /* session keepalive */
497 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
498 msg_type, msg_flags));
500 srv_send_smb(smbd_server_fd(), outbuf, false, 0, false, NULL);
504 /****************************************************************************
506 conn POINTER CAN BE NULL HERE !
507 ****************************************************************************/
509 void reply_tcon(struct smb_request *req)
511 connection_struct *conn = req->conn;
513 char *service_buf = NULL;
514 char *password = NULL;
519 DATA_BLOB password_blob;
520 TALLOC_CTX *ctx = talloc_tos();
522 START_PROFILE(SMBtcon);
524 if (req->buflen < 4) {
525 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
526 END_PROFILE(SMBtcon);
530 p = (const char *)req->buf + 1;
531 p += srvstr_pull_req_talloc(ctx, req, &service_buf, p, STR_TERMINATE);
533 pwlen = srvstr_pull_req_talloc(ctx, req, &password, p, STR_TERMINATE);
535 p += srvstr_pull_req_talloc(ctx, req, &dev, p, STR_TERMINATE);
538 if (service_buf == NULL || password == NULL || dev == NULL) {
539 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
540 END_PROFILE(SMBtcon);
543 p = strrchr_m(service_buf,'\\');
547 service = service_buf;
550 password_blob = data_blob(password, pwlen+1);
552 conn = make_connection(service,password_blob,dev,req->vuid,&nt_status);
555 data_blob_clear_free(&password_blob);
558 reply_nterror(req, nt_status);
559 END_PROFILE(SMBtcon);
563 reply_outbuf(req, 2, 0);
564 SSVAL(req->outbuf,smb_vwv0,max_recv);
565 SSVAL(req->outbuf,smb_vwv1,conn->cnum);
566 SSVAL(req->outbuf,smb_tid,conn->cnum);
568 DEBUG(3,("tcon service=%s cnum=%d\n",
569 service, conn->cnum));
571 END_PROFILE(SMBtcon);
575 /****************************************************************************
576 Reply to a tcon and X.
577 conn POINTER CAN BE NULL HERE !
578 ****************************************************************************/
580 void reply_tcon_and_X(struct smb_request *req)
582 connection_struct *conn = req->conn;
583 const char *service = NULL;
585 TALLOC_CTX *ctx = talloc_tos();
586 /* what the cleint thinks the device is */
587 char *client_devicetype = NULL;
588 /* what the server tells the client the share represents */
589 const char *server_devicetype;
596 START_PROFILE(SMBtconX);
599 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
600 END_PROFILE(SMBtconX);
604 passlen = SVAL(req->vwv+3, 0);
605 tcon_flags = SVAL(req->vwv+2, 0);
607 /* we might have to close an old one */
608 if ((tcon_flags & 0x1) && conn) {
609 close_cnum(conn,req->vuid);
614 if ((passlen > MAX_PASS_LEN) || (passlen >= req->buflen)) {
615 reply_doserror(req, ERRDOS, ERRbuftoosmall);
616 END_PROFILE(SMBtconX);
620 if (global_encrypted_passwords_negotiated) {
621 password = data_blob_talloc(talloc_tos(), req->buf, passlen);
622 if (lp_security() == SEC_SHARE) {
624 * Security = share always has a pad byte
625 * after the password.
627 p = (const char *)req->buf + passlen + 1;
629 p = (const char *)req->buf + passlen;
632 password = data_blob_talloc(talloc_tos(), req->buf, passlen+1);
633 /* Ensure correct termination */
634 password.data[passlen]=0;
635 p = (const char *)req->buf + passlen + 1;
638 p += srvstr_pull_req_talloc(ctx, req, &path, p, STR_TERMINATE);
641 data_blob_clear_free(&password);
642 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
643 END_PROFILE(SMBtconX);
648 * the service name can be either: \\server\share
649 * or share directly like on the DELL PowerVault 705
652 q = strchr_m(path+2,'\\');
654 data_blob_clear_free(&password);
655 reply_doserror(req, ERRDOS, ERRnosuchshare);
656 END_PROFILE(SMBtconX);
664 p += srvstr_pull_talloc(ctx, req->inbuf, req->flags2,
665 &client_devicetype, p,
666 MIN(6, smbreq_bufrem(req, p)), STR_ASCII);
668 if (client_devicetype == NULL) {
669 data_blob_clear_free(&password);
670 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
671 END_PROFILE(SMBtconX);
675 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
677 conn = make_connection(service, password, client_devicetype,
678 req->vuid, &nt_status);
681 data_blob_clear_free(&password);
684 reply_nterror(req, nt_status);
685 END_PROFILE(SMBtconX);
690 server_devicetype = "IPC";
691 else if ( IS_PRINT(conn) )
692 server_devicetype = "LPT1:";
694 server_devicetype = "A:";
696 if (Protocol < PROTOCOL_NT1) {
697 reply_outbuf(req, 2, 0);
698 if (message_push_string(&req->outbuf, server_devicetype,
699 STR_TERMINATE|STR_ASCII) == -1) {
700 reply_nterror(req, NT_STATUS_NO_MEMORY);
701 END_PROFILE(SMBtconX);
705 /* NT sets the fstype of IPC$ to the null string */
706 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
708 if (tcon_flags & TCONX_FLAG_EXTENDED_RESPONSE) {
709 /* Return permissions. */
713 reply_outbuf(req, 7, 0);
716 perm1 = FILE_ALL_ACCESS;
717 perm2 = FILE_ALL_ACCESS;
719 perm1 = CAN_WRITE(conn) ?
724 SIVAL(req->outbuf, smb_vwv3, perm1);
725 SIVAL(req->outbuf, smb_vwv5, perm2);
727 reply_outbuf(req, 3, 0);
730 if ((message_push_string(&req->outbuf, server_devicetype,
731 STR_TERMINATE|STR_ASCII) == -1)
732 || (message_push_string(&req->outbuf, fstype,
733 STR_TERMINATE) == -1)) {
734 reply_nterror(req, NT_STATUS_NO_MEMORY);
735 END_PROFILE(SMBtconX);
739 /* what does setting this bit do? It is set by NT4 and
740 may affect the ability to autorun mounted cdroms */
741 SSVAL(req->outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
742 (lp_csc_policy(SNUM(conn)) << 2));
744 if (lp_msdfs_root(SNUM(conn)) && lp_host_msdfs()) {
745 DEBUG(2,("Serving %s as a Dfs root\n",
746 lp_servicename(SNUM(conn)) ));
747 SSVAL(req->outbuf, smb_vwv2,
748 SMB_SHARE_IN_DFS | SVAL(req->outbuf, smb_vwv2));
753 DEBUG(3,("tconX service=%s \n",
756 /* set the incoming and outgoing tid to the just created one */
757 SSVAL(req->inbuf,smb_tid,conn->cnum);
758 SSVAL(req->outbuf,smb_tid,conn->cnum);
760 END_PROFILE(SMBtconX);
766 /****************************************************************************
767 Reply to an unknown type.
768 ****************************************************************************/
770 void reply_unknown_new(struct smb_request *req, uint8 type)
772 DEBUG(0, ("unknown command type (%s): type=%d (0x%X)\n",
773 smb_fn_name(type), type, type));
774 reply_doserror(req, ERRSRV, ERRunknownsmb);
778 /****************************************************************************
780 conn POINTER CAN BE NULL HERE !
781 ****************************************************************************/
783 void reply_ioctl(struct smb_request *req)
785 connection_struct *conn = req->conn;
792 START_PROFILE(SMBioctl);
795 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
796 END_PROFILE(SMBioctl);
800 device = SVAL(req->vwv+1, 0);
801 function = SVAL(req->vwv+2, 0);
802 ioctl_code = (device << 16) + function;
804 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
806 switch (ioctl_code) {
807 case IOCTL_QUERY_JOB_INFO:
811 reply_doserror(req, ERRSRV, ERRnosupport);
812 END_PROFILE(SMBioctl);
816 reply_outbuf(req, 8, replysize+1);
817 SSVAL(req->outbuf,smb_vwv1,replysize); /* Total data bytes returned */
818 SSVAL(req->outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
819 SSVAL(req->outbuf,smb_vwv6,52); /* Offset to data */
820 p = smb_buf(req->outbuf);
821 memset(p, '\0', replysize+1); /* valgrind-safe. */
822 p += 1; /* Allow for alignment */
824 switch (ioctl_code) {
825 case IOCTL_QUERY_JOB_INFO:
827 files_struct *fsp = file_fsp(
828 req, SVAL(req->vwv+0, 0));
830 reply_doserror(req, ERRDOS, ERRbadfid);
831 END_PROFILE(SMBioctl);
834 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
835 srvstr_push((char *)req->outbuf, req->flags2, p+2,
837 STR_TERMINATE|STR_ASCII);
839 srvstr_push((char *)req->outbuf, req->flags2,
840 p+18, lp_servicename(SNUM(conn)),
841 13, STR_TERMINATE|STR_ASCII);
849 END_PROFILE(SMBioctl);
853 /****************************************************************************
854 Strange checkpath NTSTATUS mapping.
855 ****************************************************************************/
857 static NTSTATUS map_checkpath_error(uint16_t flags2, NTSTATUS status)
859 /* Strange DOS error code semantics only for checkpath... */
860 if (!(flags2 & FLAGS2_32_BIT_ERROR_CODES)) {
861 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
862 /* We need to map to ERRbadpath */
863 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
869 /****************************************************************************
870 Reply to a checkpath.
871 ****************************************************************************/
873 void reply_checkpath(struct smb_request *req)
875 connection_struct *conn = req->conn;
877 SMB_STRUCT_STAT sbuf;
879 TALLOC_CTX *ctx = talloc_tos();
881 START_PROFILE(SMBcheckpath);
883 srvstr_get_path_req(ctx, req, &name, (const char *)req->buf + 1,
884 STR_TERMINATE, &status);
886 if (!NT_STATUS_IS_OK(status)) {
887 status = map_checkpath_error(req->flags2, status);
888 reply_nterror(req, status);
889 END_PROFILE(SMBcheckpath);
893 status = resolve_dfspath(ctx, conn,
894 req->flags2 & FLAGS2_DFS_PATHNAMES,
897 if (!NT_STATUS_IS_OK(status)) {
898 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
899 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
901 END_PROFILE(SMBcheckpath);
907 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(req->vwv+0, 0)));
909 status = unix_convert(ctx, conn, name, False, &name, NULL, &sbuf);
910 if (!NT_STATUS_IS_OK(status)) {
914 status = check_name(conn, name);
915 if (!NT_STATUS_IS_OK(status)) {
916 DEBUG(3,("reply_checkpath: check_name of %s failed (%s)\n",name,nt_errstr(status)));
920 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,name,&sbuf) != 0)) {
921 DEBUG(3,("reply_checkpath: stat of %s failed (%s)\n",name,strerror(errno)));
922 status = map_nt_error_from_unix(errno);
926 if (!S_ISDIR(sbuf.st_mode)) {
927 reply_botherror(req, NT_STATUS_NOT_A_DIRECTORY,
929 END_PROFILE(SMBcheckpath);
933 reply_outbuf(req, 0, 0);
935 END_PROFILE(SMBcheckpath);
940 END_PROFILE(SMBcheckpath);
942 /* We special case this - as when a Windows machine
943 is parsing a path is steps through the components
944 one at a time - if a component fails it expects
945 ERRbadpath, not ERRbadfile.
947 status = map_checkpath_error(req->flags2, status);
948 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
950 * Windows returns different error codes if
951 * the parent directory is valid but not the
952 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
953 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
954 * if the path is invalid.
956 reply_botherror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND,
961 reply_nterror(req, status);
964 /****************************************************************************
966 ****************************************************************************/
968 void reply_getatr(struct smb_request *req)
970 connection_struct *conn = req->conn;
972 SMB_STRUCT_STAT sbuf;
978 TALLOC_CTX *ctx = talloc_tos();
980 START_PROFILE(SMBgetatr);
982 p = (const char *)req->buf + 1;
983 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
984 if (!NT_STATUS_IS_OK(status)) {
985 reply_nterror(req, status);
986 END_PROFILE(SMBgetatr);
990 status = resolve_dfspath(ctx, conn,
991 req->flags2 & FLAGS2_DFS_PATHNAMES,
994 if (!NT_STATUS_IS_OK(status)) {
995 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
996 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
998 END_PROFILE(SMBgetatr);
1001 reply_nterror(req, status);
1002 END_PROFILE(SMBgetatr);
1006 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
1007 under WfWg - weird! */
1008 if (*fname == '\0') {
1009 mode = aHIDDEN | aDIR;
1010 if (!CAN_WRITE(conn)) {
1016 status = unix_convert(ctx, conn, fname, False, &fname, NULL,&sbuf);
1017 if (!NT_STATUS_IS_OK(status)) {
1018 reply_nterror(req, status);
1019 END_PROFILE(SMBgetatr);
1022 status = check_name(conn, fname);
1023 if (!NT_STATUS_IS_OK(status)) {
1024 DEBUG(3,("reply_getatr: check_name of %s failed (%s)\n",fname,nt_errstr(status)));
1025 reply_nterror(req, status);
1026 END_PROFILE(SMBgetatr);
1029 if (!VALID_STAT(sbuf) && (SMB_VFS_STAT(conn,fname,&sbuf) != 0)) {
1030 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
1031 reply_unixerror(req, ERRDOS,ERRbadfile);
1032 END_PROFILE(SMBgetatr);
1036 mode = dos_mode(conn,fname,&sbuf);
1037 size = sbuf.st_size;
1038 mtime = sbuf.st_mtime;
1044 reply_outbuf(req, 10, 0);
1046 SSVAL(req->outbuf,smb_vwv0,mode);
1047 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1048 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime & ~1);
1050 srv_put_dos_date3((char *)req->outbuf,smb_vwv1,mtime);
1052 SIVAL(req->outbuf,smb_vwv3,(uint32)size);
1054 if (Protocol >= PROTOCOL_NT1) {
1055 SSVAL(req->outbuf, smb_flg2,
1056 SVAL(req->outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
1059 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
1061 END_PROFILE(SMBgetatr);
1065 /****************************************************************************
1067 ****************************************************************************/
1069 void reply_setatr(struct smb_request *req)
1071 struct smb_file_time ft;
1072 connection_struct *conn = req->conn;
1076 SMB_STRUCT_STAT sbuf;
1079 TALLOC_CTX *ctx = talloc_tos();
1081 START_PROFILE(SMBsetatr);
1086 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1090 p = (const char *)req->buf + 1;
1091 p += srvstr_get_path_req(ctx, req, &fname, p, STR_TERMINATE, &status);
1092 if (!NT_STATUS_IS_OK(status)) {
1093 reply_nterror(req, status);
1094 END_PROFILE(SMBsetatr);
1098 status = resolve_dfspath(ctx, conn,
1099 req->flags2 & FLAGS2_DFS_PATHNAMES,
1102 if (!NT_STATUS_IS_OK(status)) {
1103 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
1104 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1105 ERRSRV, ERRbadpath);
1106 END_PROFILE(SMBsetatr);
1109 reply_nterror(req, status);
1110 END_PROFILE(SMBsetatr);
1114 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
1115 if (!NT_STATUS_IS_OK(status)) {
1116 reply_nterror(req, status);
1117 END_PROFILE(SMBsetatr);
1121 status = check_name(conn, fname);
1122 if (!NT_STATUS_IS_OK(status)) {
1123 reply_nterror(req, status);
1124 END_PROFILE(SMBsetatr);
1128 if (fname[0] == '.' && fname[1] == '\0') {
1130 * Not sure here is the right place to catch this
1131 * condition. Might be moved to somewhere else later -- vl
1133 reply_nterror(req, NT_STATUS_ACCESS_DENIED);
1134 END_PROFILE(SMBsetatr);
1138 mode = SVAL(req->vwv+0, 0);
1139 mtime = srv_make_unix_date3(req->vwv+1);
1141 ft.mtime = convert_time_t_to_timespec(mtime);
1142 status = smb_set_file_time(conn, NULL, fname,
1144 if (!NT_STATUS_IS_OK(status)) {
1145 reply_unixerror(req, ERRDOS, ERRnoaccess);
1146 END_PROFILE(SMBsetatr);
1150 if (mode != FILE_ATTRIBUTE_NORMAL) {
1151 if (VALID_STAT_OF_DIR(sbuf))
1156 if (file_set_dosmode(conn,fname,mode,&sbuf,NULL,false) != 0) {
1157 reply_unixerror(req, ERRDOS, ERRnoaccess);
1158 END_PROFILE(SMBsetatr);
1163 reply_outbuf(req, 0, 0);
1165 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1167 END_PROFILE(SMBsetatr);
1171 /****************************************************************************
1173 ****************************************************************************/
1175 void reply_dskattr(struct smb_request *req)
1177 connection_struct *conn = req->conn;
1178 uint64_t dfree,dsize,bsize;
1179 START_PROFILE(SMBdskattr);
1181 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (uint64_t)-1) {
1182 reply_unixerror(req, ERRHRD, ERRgeneral);
1183 END_PROFILE(SMBdskattr);
1187 reply_outbuf(req, 5, 0);
1189 if (Protocol <= PROTOCOL_LANMAN2) {
1190 double total_space, free_space;
1191 /* we need to scale this to a number that DOS6 can handle. We
1192 use floating point so we can handle large drives on systems
1193 that don't have 64 bit integers
1195 we end up displaying a maximum of 2G to DOS systems
1197 total_space = dsize * (double)bsize;
1198 free_space = dfree * (double)bsize;
1200 dsize = (uint64_t)((total_space+63*512) / (64*512));
1201 dfree = (uint64_t)((free_space+63*512) / (64*512));
1203 if (dsize > 0xFFFF) dsize = 0xFFFF;
1204 if (dfree > 0xFFFF) dfree = 0xFFFF;
1206 SSVAL(req->outbuf,smb_vwv0,dsize);
1207 SSVAL(req->outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1208 SSVAL(req->outbuf,smb_vwv2,512); /* and this must be 512 */
1209 SSVAL(req->outbuf,smb_vwv3,dfree);
1211 SSVAL(req->outbuf,smb_vwv0,dsize);
1212 SSVAL(req->outbuf,smb_vwv1,bsize/512);
1213 SSVAL(req->outbuf,smb_vwv2,512);
1214 SSVAL(req->outbuf,smb_vwv3,dfree);
1217 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1219 END_PROFILE(SMBdskattr);
1223 /****************************************************************************
1225 Can be called from SMBsearch, SMBffirst or SMBfunique.
1226 ****************************************************************************/
1228 void reply_search(struct smb_request *req)
1230 connection_struct *conn = req->conn;
1231 const char *mask = NULL;
1232 char *directory = NULL;
1238 unsigned int numentries = 0;
1239 unsigned int maxentries = 0;
1240 bool finished = False;
1246 bool check_descend = False;
1247 bool expect_close = False;
1249 bool mask_contains_wcard = False;
1250 bool allow_long_path_components = (req->flags2 & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1251 TALLOC_CTX *ctx = talloc_tos();
1252 bool ask_sharemode = lp_parm_bool(SNUM(conn), "smbd", "search ask sharemode", true);
1254 START_PROFILE(SMBsearch);
1257 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1258 END_PROFILE(SMBsearch);
1262 if (lp_posix_pathnames()) {
1263 reply_unknown_new(req, req->cmd);
1264 END_PROFILE(SMBsearch);
1268 /* If we were called as SMBffirst then we must expect close. */
1269 if(req->cmd == SMBffirst) {
1270 expect_close = True;
1273 reply_outbuf(req, 1, 3);
1274 maxentries = SVAL(req->vwv+0, 0);
1275 dirtype = SVAL(req->vwv+1, 0);
1276 p = (const char *)req->buf + 1;
1277 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1278 &nt_status, &mask_contains_wcard);
1279 if (!NT_STATUS_IS_OK(nt_status)) {
1280 reply_nterror(req, nt_status);
1281 END_PROFILE(SMBsearch);
1285 nt_status = resolve_dfspath_wcard(ctx, conn,
1286 req->flags2 & FLAGS2_DFS_PATHNAMES,
1289 &mask_contains_wcard);
1290 if (!NT_STATUS_IS_OK(nt_status)) {
1291 if (NT_STATUS_EQUAL(nt_status,NT_STATUS_PATH_NOT_COVERED)) {
1292 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
1293 ERRSRV, ERRbadpath);
1294 END_PROFILE(SMBsearch);
1297 reply_nterror(req, nt_status);
1298 END_PROFILE(SMBsearch);
1303 status_len = SVAL(p, 0);
1306 /* dirtype &= ~aDIR; */
1308 if (status_len == 0) {
1309 SMB_STRUCT_STAT sbuf;
1311 nt_status = unix_convert(ctx, conn, path, True,
1312 &directory, NULL, &sbuf);
1313 if (!NT_STATUS_IS_OK(nt_status)) {
1314 reply_nterror(req, nt_status);
1315 END_PROFILE(SMBsearch);
1319 nt_status = check_name(conn, directory);
1320 if (!NT_STATUS_IS_OK(nt_status)) {
1321 reply_nterror(req, nt_status);
1322 END_PROFILE(SMBsearch);
1326 p = strrchr_m(directory,'/');
1327 if ((p != NULL) && (*directory != '/')) {
1329 directory = talloc_strndup(ctx, directory,
1330 PTR_DIFF(p, directory));
1333 directory = talloc_strdup(ctx,".");
1337 reply_nterror(req, NT_STATUS_NO_MEMORY);
1338 END_PROFILE(SMBsearch);
1342 memset((char *)status,'\0',21);
1343 SCVAL(status,0,(dirtype & 0x1F));
1345 nt_status = dptr_create(conn,
1351 mask_contains_wcard,
1354 if (!NT_STATUS_IS_OK(nt_status)) {
1355 reply_nterror(req, nt_status);
1356 END_PROFILE(SMBsearch);
1359 dptr_num = dptr_dnum(conn->dirptr);
1363 memcpy(status,p,21);
1364 status_dirtype = CVAL(status,0) & 0x1F;
1365 if (status_dirtype != (dirtype & 0x1F)) {
1366 dirtype = status_dirtype;
1369 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1370 if (!conn->dirptr) {
1373 string_set(&conn->dirpath,dptr_path(dptr_num));
1374 mask = dptr_wcard(dptr_num);
1379 * For a 'continue' search we have no string. So
1380 * check from the initial saved string.
1382 mask_contains_wcard = ms_has_wild(mask);
1383 dirtype = dptr_attr(dptr_num);
1386 DEBUG(4,("dptr_num is %d\n",dptr_num));
1388 /* Initialize per SMBsearch/SMBffirst/SMBfunique operation data */
1389 dptr_init_search_op(conn->dirptr);
1391 if ((dirtype&0x1F) == aVOLID) {
1392 char buf[DIR_STRUCT_SIZE];
1393 memcpy(buf,status,21);
1394 if (!make_dir_struct(ctx,buf,"???????????",volume_label(SNUM(conn)),
1395 0,aVOLID,0,!allow_long_path_components)) {
1396 reply_nterror(req, NT_STATUS_NO_MEMORY);
1397 END_PROFILE(SMBsearch);
1400 dptr_fill(buf+12,dptr_num);
1401 if (dptr_zero(buf+12) && (status_len==0)) {
1406 if (message_push_blob(&req->outbuf,
1407 data_blob_const(buf, sizeof(buf)))
1409 reply_nterror(req, NT_STATUS_NO_MEMORY);
1410 END_PROFILE(SMBsearch);
1418 ((uint8 *)smb_buf(req->outbuf) + 3 - req->outbuf))
1421 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1422 conn->dirpath,lp_dontdescend(SNUM(conn))));
1423 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True)) {
1424 check_descend = True;
1427 for (i=numentries;(i<maxentries) && !finished;i++) {
1428 finished = !get_dir_entry(ctx,
1439 char buf[DIR_STRUCT_SIZE];
1440 memcpy(buf,status,21);
1441 if (!make_dir_struct(ctx,
1448 !allow_long_path_components)) {
1449 reply_nterror(req, NT_STATUS_NO_MEMORY);
1450 END_PROFILE(SMBsearch);
1453 if (!dptr_fill(buf+12,dptr_num)) {
1456 if (message_push_blob(&req->outbuf,
1457 data_blob_const(buf, sizeof(buf)))
1459 reply_nterror(req, NT_STATUS_NO_MEMORY);
1460 END_PROFILE(SMBsearch);
1470 /* If we were called as SMBffirst with smb_search_id == NULL
1471 and no entries were found then return error and close dirptr
1474 if (numentries == 0) {
1475 dptr_close(&dptr_num);
1476 } else if(expect_close && status_len == 0) {
1477 /* Close the dptr - we know it's gone */
1478 dptr_close(&dptr_num);
1481 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1482 if(dptr_num >= 0 && req->cmd == SMBfunique) {
1483 dptr_close(&dptr_num);
1486 if ((numentries == 0) && !mask_contains_wcard) {
1487 reply_botherror(req, STATUS_NO_MORE_FILES, ERRDOS, ERRnofiles);
1488 END_PROFILE(SMBsearch);
1492 SSVAL(req->outbuf,smb_vwv0,numentries);
1493 SSVAL(req->outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1494 SCVAL(smb_buf(req->outbuf),0,5);
1495 SSVAL(smb_buf(req->outbuf),1,numentries*DIR_STRUCT_SIZE);
1497 /* The replies here are never long name. */
1498 SSVAL(req->outbuf, smb_flg2,
1499 SVAL(req->outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1500 if (!allow_long_path_components) {
1501 SSVAL(req->outbuf, smb_flg2,
1502 SVAL(req->outbuf, smb_flg2)
1503 & (~FLAGS2_LONG_PATH_COMPONENTS));
1506 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1507 SSVAL(req->outbuf, smb_flg2,
1508 (SVAL(req->outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1511 directory = dptr_path(dptr_num);
1514 DEBUG(4,("%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1515 smb_fn_name(req->cmd),
1517 directory ? directory : "./",
1522 END_PROFILE(SMBsearch);
1526 /****************************************************************************
1527 Reply to a fclose (stop directory search).
1528 ****************************************************************************/
1530 void reply_fclose(struct smb_request *req)
1538 bool path_contains_wcard = False;
1539 TALLOC_CTX *ctx = talloc_tos();
1541 START_PROFILE(SMBfclose);
1543 if (lp_posix_pathnames()) {
1544 reply_unknown_new(req, req->cmd);
1545 END_PROFILE(SMBfclose);
1549 p = (const char *)req->buf + 1;
1550 p += srvstr_get_path_req_wcard(ctx, req, &path, p, STR_TERMINATE,
1551 &err, &path_contains_wcard);
1552 if (!NT_STATUS_IS_OK(err)) {
1553 reply_nterror(req, err);
1554 END_PROFILE(SMBfclose);
1558 status_len = SVAL(p,0);
1561 if (status_len == 0) {
1562 reply_doserror(req, ERRSRV, ERRsrverror);
1563 END_PROFILE(SMBfclose);
1567 memcpy(status,p,21);
1569 if(dptr_fetch(status+12,&dptr_num)) {
1570 /* Close the dptr - we know it's gone */
1571 dptr_close(&dptr_num);
1574 reply_outbuf(req, 1, 0);
1575 SSVAL(req->outbuf,smb_vwv0,0);
1577 DEBUG(3,("search close\n"));
1579 END_PROFILE(SMBfclose);
1583 /****************************************************************************
1585 ****************************************************************************/
1587 void reply_open(struct smb_request *req)
1589 connection_struct *conn = req->conn;
1595 SMB_STRUCT_STAT sbuf;
1602 uint32 create_disposition;
1603 uint32 create_options = 0;
1605 TALLOC_CTX *ctx = talloc_tos();
1607 START_PROFILE(SMBopen);
1609 SET_STAT_INVALID(sbuf);
1612 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1613 END_PROFILE(SMBopen);
1617 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1618 deny_mode = SVAL(req->vwv+0, 0);
1619 dos_attr = SVAL(req->vwv+1, 0);
1621 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
1622 STR_TERMINATE, &status);
1623 if (!NT_STATUS_IS_OK(status)) {
1624 reply_nterror(req, status);
1625 END_PROFILE(SMBopen);
1629 if (!map_open_params_to_ntcreate(
1630 fname, deny_mode, OPENX_FILE_EXISTS_OPEN, &access_mask,
1631 &share_mode, &create_disposition, &create_options)) {
1632 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1633 END_PROFILE(SMBopen);
1637 status = SMB_VFS_CREATE_FILE(
1640 0, /* root_dir_fid */
1642 CFF_DOS_PATH, /* create_file_flags */
1643 access_mask, /* access_mask */
1644 share_mode, /* share_access */
1645 create_disposition, /* create_disposition*/
1646 create_options, /* create_options */
1647 dos_attr, /* file_attributes */
1648 oplock_request, /* oplock_request */
1649 0, /* allocation_size */
1656 if (!NT_STATUS_IS_OK(status)) {
1657 if (open_was_deferred(req->mid)) {
1658 /* We have re-scheduled this call. */
1659 END_PROFILE(SMBopen);
1662 reply_openerror(req, status);
1663 END_PROFILE(SMBopen);
1667 size = sbuf.st_size;
1668 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1669 mtime = sbuf.st_mtime;
1672 DEBUG(3,("attempt to open a directory %s\n",fsp->fsp_name));
1673 close_file(req, fsp, ERROR_CLOSE);
1674 reply_doserror(req, ERRDOS,ERRnoaccess);
1675 END_PROFILE(SMBopen);
1679 reply_outbuf(req, 7, 0);
1680 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
1681 SSVAL(req->outbuf,smb_vwv1,fattr);
1682 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1683 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime & ~1);
1685 srv_put_dos_date3((char *)req->outbuf,smb_vwv2,mtime);
1687 SIVAL(req->outbuf,smb_vwv4,(uint32)size);
1688 SSVAL(req->outbuf,smb_vwv6,deny_mode);
1690 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1691 SCVAL(req->outbuf,smb_flg,
1692 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1695 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1696 SCVAL(req->outbuf,smb_flg,
1697 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1699 END_PROFILE(SMBopen);
1703 /****************************************************************************
1704 Reply to an open and X.
1705 ****************************************************************************/
1707 void reply_open_and_X(struct smb_request *req)
1709 connection_struct *conn = req->conn;
1714 /* Breakout the oplock request bits so we can set the
1715 reply bits separately. */
1716 int ex_oplock_request;
1717 int core_oplock_request;
1720 int smb_sattr = SVAL(req->vwv+4, 0);
1721 uint32 smb_time = make_unix_date3(req->vwv+6);
1726 SMB_STRUCT_STAT sbuf;
1730 uint64_t allocation_size;
1731 ssize_t retval = -1;
1734 uint32 create_disposition;
1735 uint32 create_options = 0;
1736 TALLOC_CTX *ctx = talloc_tos();
1738 START_PROFILE(SMBopenX);
1740 if (req->wct < 15) {
1741 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1742 END_PROFILE(SMBopenX);
1746 SET_STAT_INVALID(sbuf);
1748 open_flags = SVAL(req->vwv+2, 0);
1749 deny_mode = SVAL(req->vwv+3, 0);
1750 smb_attr = SVAL(req->vwv+5, 0);
1751 ex_oplock_request = EXTENDED_OPLOCK_REQUEST(req->inbuf);
1752 core_oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1753 oplock_request = ex_oplock_request | core_oplock_request;
1754 smb_ofun = SVAL(req->vwv+8, 0);
1755 allocation_size = (uint64_t)IVAL(req->vwv+9, 0);
1757 /* If it's an IPC, pass off the pipe handler. */
1759 if (lp_nt_pipe_support()) {
1760 reply_open_pipe_and_X(conn, req);
1762 reply_doserror(req, ERRSRV, ERRaccess);
1764 END_PROFILE(SMBopenX);
1768 /* XXXX we need to handle passed times, sattr and flags */
1769 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf,
1770 STR_TERMINATE, &status);
1771 if (!NT_STATUS_IS_OK(status)) {
1772 reply_nterror(req, status);
1773 END_PROFILE(SMBopenX);
1777 if (!map_open_params_to_ntcreate(
1778 fname, deny_mode, smb_ofun, &access_mask,
1779 &share_mode, &create_disposition, &create_options)) {
1780 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1781 END_PROFILE(SMBopenX);
1785 status = SMB_VFS_CREATE_FILE(
1788 0, /* root_dir_fid */
1790 CFF_DOS_PATH, /* create_file_flags */
1791 access_mask, /* access_mask */
1792 share_mode, /* share_access */
1793 create_disposition, /* create_disposition*/
1794 create_options, /* create_options */
1795 smb_attr, /* file_attributes */
1796 oplock_request, /* oplock_request */
1797 0, /* allocation_size */
1801 &smb_action, /* pinfo */
1804 if (!NT_STATUS_IS_OK(status)) {
1805 END_PROFILE(SMBopenX);
1806 if (open_was_deferred(req->mid)) {
1807 /* We have re-scheduled this call. */
1810 reply_openerror(req, status);
1814 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1815 if the file is truncated or created. */
1816 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1817 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1818 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1819 close_file(req, fsp, ERROR_CLOSE);
1820 reply_nterror(req, NT_STATUS_DISK_FULL);
1821 END_PROFILE(SMBopenX);
1824 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1826 close_file(req, fsp, ERROR_CLOSE);
1827 reply_nterror(req, NT_STATUS_DISK_FULL);
1828 END_PROFILE(SMBopenX);
1831 sbuf.st_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp,&sbuf);
1834 fattr = dos_mode(conn,fsp->fsp_name,&sbuf);
1835 mtime = sbuf.st_mtime;
1837 close_file(req, fsp, ERROR_CLOSE);
1838 reply_doserror(req, ERRDOS, ERRnoaccess);
1839 END_PROFILE(SMBopenX);
1843 /* If the caller set the extended oplock request bit
1844 and we granted one (by whatever means) - set the
1845 correct bit for extended oplock reply.
1848 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1849 smb_action |= EXTENDED_OPLOCK_GRANTED;
1852 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1853 smb_action |= EXTENDED_OPLOCK_GRANTED;
1856 /* If the caller set the core oplock request bit
1857 and we granted one (by whatever means) - set the
1858 correct bit for core oplock reply.
1861 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1862 reply_outbuf(req, 19, 0);
1864 reply_outbuf(req, 15, 0);
1867 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1868 SCVAL(req->outbuf, smb_flg,
1869 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1872 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1873 SCVAL(req->outbuf, smb_flg,
1874 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1877 SSVAL(req->outbuf,smb_vwv2,fsp->fnum);
1878 SSVAL(req->outbuf,smb_vwv3,fattr);
1879 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1880 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime & ~1);
1882 srv_put_dos_date3((char *)req->outbuf,smb_vwv4,mtime);
1884 SIVAL(req->outbuf,smb_vwv6,(uint32)sbuf.st_size);
1885 SSVAL(req->outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1886 SSVAL(req->outbuf,smb_vwv11,smb_action);
1888 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1889 SIVAL(req->outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1892 END_PROFILE(SMBopenX);
1897 /****************************************************************************
1898 Reply to a SMBulogoffX.
1899 ****************************************************************************/
1901 void reply_ulogoffX(struct smb_request *req)
1905 START_PROFILE(SMBulogoffX);
1907 vuser = get_valid_user_struct(req->vuid);
1910 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n",
1914 /* in user level security we are supposed to close any files
1915 open by this user */
1916 if ((vuser != NULL) && (lp_security() != SEC_SHARE)) {
1917 file_close_user(req->vuid);
1920 invalidate_vuid(req->vuid);
1922 reply_outbuf(req, 2, 0);
1924 DEBUG( 3, ( "ulogoffX vuid=%d\n", req->vuid ) );
1926 END_PROFILE(SMBulogoffX);
1930 /****************************************************************************
1931 Reply to a mknew or a create.
1932 ****************************************************************************/
1934 void reply_mknew(struct smb_request *req)
1936 connection_struct *conn = req->conn;
1939 struct smb_file_time ft;
1941 int oplock_request = 0;
1942 SMB_STRUCT_STAT sbuf;
1944 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1945 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1946 uint32 create_disposition;
1947 uint32 create_options = 0;
1948 TALLOC_CTX *ctx = talloc_tos();
1950 START_PROFILE(SMBcreate);
1952 SET_STAT_INVALID(sbuf);
1955 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
1956 END_PROFILE(SMBcreate);
1960 fattr = SVAL(req->vwv+0, 0);
1961 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
1964 ft.mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+1));
1966 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf + 1,
1967 STR_TERMINATE, &status);
1968 if (!NT_STATUS_IS_OK(status)) {
1969 reply_nterror(req, status);
1970 END_PROFILE(SMBcreate);
1974 if (fattr & aVOLID) {
1975 DEBUG(0,("Attempt to create file (%s) with volid set - "
1976 "please report this\n", fname));
1979 if(req->cmd == SMBmknew) {
1980 /* We should fail if file exists. */
1981 create_disposition = FILE_CREATE;
1983 /* Create if file doesn't exist, truncate if it does. */
1984 create_disposition = FILE_OVERWRITE_IF;
1987 status = SMB_VFS_CREATE_FILE(
1990 0, /* root_dir_fid */
1992 CFF_DOS_PATH, /* create_file_flags */
1993 access_mask, /* access_mask */
1994 share_mode, /* share_access */
1995 create_disposition, /* create_disposition*/
1996 create_options, /* create_options */
1997 fattr, /* file_attributes */
1998 oplock_request, /* oplock_request */
1999 0, /* allocation_size */
2006 if (!NT_STATUS_IS_OK(status)) {
2007 END_PROFILE(SMBcreate);
2008 if (open_was_deferred(req->mid)) {
2009 /* We have re-scheduled this call. */
2012 reply_openerror(req, status);
2016 ft.atime = get_atimespec(&sbuf); /* atime. */
2017 status = smb_set_file_time(conn, fsp, fsp->fsp_name, &sbuf, &ft, true);
2018 if (!NT_STATUS_IS_OK(status)) {
2019 END_PROFILE(SMBcreate);
2020 reply_openerror(req, status);
2024 reply_outbuf(req, 1, 0);
2025 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2027 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2028 SCVAL(req->outbuf,smb_flg,
2029 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2032 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2033 SCVAL(req->outbuf,smb_flg,
2034 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2037 DEBUG( 2, ( "reply_mknew: file %s\n", fsp->fsp_name ) );
2038 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n",
2039 fsp->fsp_name, fsp->fh->fd, (unsigned int)fattr ) );
2041 END_PROFILE(SMBcreate);
2045 /****************************************************************************
2046 Reply to a create temporary file.
2047 ****************************************************************************/
2049 void reply_ctemp(struct smb_request *req)
2051 connection_struct *conn = req->conn;
2057 SMB_STRUCT_STAT sbuf;
2060 TALLOC_CTX *ctx = talloc_tos();
2062 START_PROFILE(SMBctemp);
2065 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2066 END_PROFILE(SMBctemp);
2070 fattr = SVAL(req->vwv+0, 0);
2071 oplock_request = CORE_OPLOCK_REQUEST(req->inbuf);
2073 srvstr_get_path_req(ctx, req, &fname, (const char *)req->buf+1,
2074 STR_TERMINATE, &status);
2075 if (!NT_STATUS_IS_OK(status)) {
2076 reply_nterror(req, status);
2077 END_PROFILE(SMBctemp);
2081 fname = talloc_asprintf(ctx,
2085 fname = talloc_strdup(ctx, "TMXXXXXX");
2089 reply_nterror(req, NT_STATUS_NO_MEMORY);
2090 END_PROFILE(SMBctemp);
2094 status = resolve_dfspath(ctx, conn,
2095 req->flags2 & FLAGS2_DFS_PATHNAMES,
2098 if (!NT_STATUS_IS_OK(status)) {
2099 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2100 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2101 ERRSRV, ERRbadpath);
2102 END_PROFILE(SMBctemp);
2105 reply_nterror(req, status);
2106 END_PROFILE(SMBctemp);
2110 status = unix_convert(ctx, conn, fname, False, &fname, NULL, &sbuf);
2111 if (!NT_STATUS_IS_OK(status)) {
2112 reply_nterror(req, status);
2113 END_PROFILE(SMBctemp);
2117 status = check_name(conn, fname);
2118 if (!NT_STATUS_IS_OK(status)) {
2119 reply_nterror(req, status);
2120 END_PROFILE(SMBctemp);
2124 tmpfd = smb_mkstemp(fname);
2126 reply_unixerror(req, ERRDOS, ERRnoaccess);
2127 END_PROFILE(SMBctemp);
2131 SET_STAT_INVALID(sbuf);
2132 SMB_VFS_STAT(conn,fname,&sbuf);
2134 /* We should fail if file does not exist. */
2135 status = SMB_VFS_CREATE_FILE(
2138 0, /* root_dir_fid */
2140 0, /* create_file_flags */
2141 FILE_GENERIC_READ | FILE_GENERIC_WRITE, /* access_mask */
2142 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
2143 FILE_OPEN, /* create_disposition*/
2144 0, /* create_options */
2145 fattr, /* file_attributes */
2146 oplock_request, /* oplock_request */
2147 0, /* allocation_size */
2154 /* close fd from smb_mkstemp() */
2157 if (!NT_STATUS_IS_OK(status)) {
2158 if (open_was_deferred(req->mid)) {
2159 /* We have re-scheduled this call. */
2160 END_PROFILE(SMBctemp);
2163 reply_openerror(req, status);
2164 END_PROFILE(SMBctemp);
2168 reply_outbuf(req, 1, 0);
2169 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
2171 /* the returned filename is relative to the directory */
2172 s = strrchr_m(fsp->fsp_name, '/');
2180 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
2181 thing in the byte section. JRA */
2182 SSVALS(p, 0, -1); /* what is this? not in spec */
2184 if (message_push_string(&req->outbuf, s, STR_ASCII|STR_TERMINATE)
2186 reply_nterror(req, NT_STATUS_NO_MEMORY);
2187 END_PROFILE(SMBctemp);
2191 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
2192 SCVAL(req->outbuf, smb_flg,
2193 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2196 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
2197 SCVAL(req->outbuf, smb_flg,
2198 CVAL(req->outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
2201 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fsp->fsp_name ) );
2202 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fsp->fsp_name,
2203 fsp->fh->fd, (unsigned int)sbuf.st_mode ) );
2205 END_PROFILE(SMBctemp);
2209 /*******************************************************************
2210 Check if a user is allowed to rename a file.
2211 ********************************************************************/
2213 static NTSTATUS can_rename(connection_struct *conn, files_struct *fsp,
2214 uint16 dirtype, SMB_STRUCT_STAT *pst)
2218 if (!CAN_WRITE(conn)) {
2219 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2222 fmode = dos_mode(conn, fsp->fsp_name, pst);
2223 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
2224 return NT_STATUS_NO_SUCH_FILE;
2227 if (S_ISDIR(pst->st_mode)) {
2228 if (fsp->posix_open) {
2229 return NT_STATUS_OK;
2232 /* If no pathnames are open below this
2233 directory, allow the rename. */
2235 if (file_find_subpath(fsp)) {
2236 return NT_STATUS_ACCESS_DENIED;
2238 return NT_STATUS_OK;
2241 if (fsp->access_mask & (DELETE_ACCESS|FILE_WRITE_ATTRIBUTES)) {
2242 return NT_STATUS_OK;
2245 return NT_STATUS_ACCESS_DENIED;
2248 /*******************************************************************
2249 * unlink a file with all relevant access checks
2250 *******************************************************************/
2252 static NTSTATUS do_unlink(connection_struct *conn,
2253 struct smb_request *req,
2257 SMB_STRUCT_STAT sbuf;
2260 uint32 dirtype_orig = dirtype;
2263 DEBUG(10,("do_unlink: %s, dirtype = %d\n", fname, dirtype ));
2265 if (!CAN_WRITE(conn)) {
2266 return NT_STATUS_MEDIA_WRITE_PROTECTED;
2269 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
2270 return map_nt_error_from_unix(errno);
2273 fattr = dos_mode(conn,fname,&sbuf);
2275 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
2276 dirtype = aDIR|aARCH|aRONLY;
2279 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
2281 return NT_STATUS_NO_SUCH_FILE;
2284 if (!dir_check_ftype(conn, fattr, dirtype)) {
2286 return NT_STATUS_FILE_IS_A_DIRECTORY;
2288 return NT_STATUS_NO_SUCH_FILE;
2291 if (dirtype_orig & 0x8000) {
2292 /* These will never be set for POSIX. */
2293 return NT_STATUS_NO_SUCH_FILE;
2297 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
2298 return NT_STATUS_FILE_IS_A_DIRECTORY;
2301 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
2302 return NT_STATUS_NO_SUCH_FILE;
2305 if (dirtype & 0xFF00) {
2306 /* These will never be set for POSIX. */
2307 return NT_STATUS_NO_SUCH_FILE;
2312 return NT_STATUS_NO_SUCH_FILE;
2315 /* Can't delete a directory. */
2317 return NT_STATUS_FILE_IS_A_DIRECTORY;
2322 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
2323 return NT_STATUS_OBJECT_NAME_INVALID;
2324 #endif /* JRATEST */
2326 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
2328 On a Windows share, a file with read-only dosmode can be opened with
2329 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
2330 fails with NT_STATUS_CANNOT_DELETE error.
2332 This semantic causes a problem that a user can not
2333 rename a file with read-only dosmode on a Samba share
2334 from a Windows command prompt (i.e. cmd.exe, but can rename
2335 from Windows Explorer).
2338 if (!lp_delete_readonly(SNUM(conn))) {
2339 if (fattr & aRONLY) {
2340 return NT_STATUS_CANNOT_DELETE;
2344 /* On open checks the open itself will check the share mode, so
2345 don't do it here as we'll get it wrong. */
2347 status = SMB_VFS_CREATE_FILE
2350 0, /* root_dir_fid */
2352 0, /* create_file_flags */
2353 DELETE_ACCESS, /* access_mask */
2354 FILE_SHARE_NONE, /* share_access */
2355 FILE_OPEN, /* create_disposition*/
2356 FILE_NON_DIRECTORY_FILE, /* create_options */
2357 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
2358 0, /* oplock_request */
2359 0, /* allocation_size */
2366 if (!NT_STATUS_IS_OK(status)) {
2367 DEBUG(10, ("SMB_VFS_CREATEFILE failed: %s\n",
2368 nt_errstr(status)));
2372 /* The set is across all open files on this dev/inode pair. */
2373 if (!set_delete_on_close(fsp, True, &conn->server_info->utok)) {
2374 close_file(req, fsp, NORMAL_CLOSE);
2375 return NT_STATUS_ACCESS_DENIED;
2378 return close_file(req, fsp, NORMAL_CLOSE);
2381 /****************************************************************************
2382 The guts of the unlink command, split out so it may be called by the NT SMB
2384 ****************************************************************************/
2386 NTSTATUS unlink_internals(connection_struct *conn, struct smb_request *req,
2387 uint32 dirtype, const char *name_in, bool has_wild)
2389 const char *directory = NULL;
2394 NTSTATUS status = NT_STATUS_OK;
2395 SMB_STRUCT_STAT sbuf, st;
2396 TALLOC_CTX *ctx = talloc_tos();
2398 status = unix_convert(ctx, conn, name_in, has_wild, &name, NULL, &sbuf);
2399 if (!NT_STATUS_IS_OK(status)) {
2403 p = strrchr_m(name,'/');
2405 directory = talloc_strdup(ctx, ".");
2407 return NT_STATUS_NO_MEMORY;
2417 * We should only check the mangled cache
2418 * here if unix_convert failed. This means
2419 * that the path in 'mask' doesn't exist
2420 * on the file system and so we need to look
2421 * for a possible mangle. This patch from
2422 * Tine Smukavec <valentin.smukavec@hermes.si>.
2425 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params)) {
2426 char *new_mask = NULL;
2427 mangle_lookup_name_from_8_3(ctx,
2437 directory = talloc_asprintf(ctx,
2442 return NT_STATUS_NO_MEMORY;
2445 dirtype = FILE_ATTRIBUTE_NORMAL;
2448 status = check_name(conn, directory);
2449 if (!NT_STATUS_IS_OK(status)) {
2453 status = do_unlink(conn, req, directory, dirtype);
2454 if (!NT_STATUS_IS_OK(status)) {
2460 struct smb_Dir *dir_hnd = NULL;
2464 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
2465 return NT_STATUS_OBJECT_NAME_INVALID;
2468 if (strequal(mask,"????????.???")) {
2473 status = check_name(conn, directory);
2474 if (!NT_STATUS_IS_OK(status)) {
2478 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask,
2480 if (dir_hnd == NULL) {
2481 return map_nt_error_from_unix(errno);
2484 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2485 the pattern matches against the long name, otherwise the short name
2486 We don't implement this yet XXXX
2489 status = NT_STATUS_NO_SUCH_FILE;
2491 while ((dname = ReadDirName(dir_hnd, &offset, &st))) {
2494 if (!is_visible_file(conn, directory, dname, &st,
2500 /* Quick check for "." and ".." */
2501 if (ISDOT(dname) || ISDOTDOT(dname)) {
2505 if(!mask_match(dname, mask, conn->case_sensitive)) {
2509 fname = talloc_asprintf(ctx, "%s/%s",
2513 return NT_STATUS_NO_MEMORY;
2516 status = check_name(conn, fname);
2517 if (!NT_STATUS_IS_OK(status)) {
2518 TALLOC_FREE(dir_hnd);
2522 status = do_unlink(conn, req, fname, dirtype);
2523 if (!NT_STATUS_IS_OK(status)) {
2529 DEBUG(3,("unlink_internals: successful unlink [%s]\n",
2534 TALLOC_FREE(dir_hnd);
2537 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
2538 status = map_nt_error_from_unix(errno);
2544 /****************************************************************************
2546 ****************************************************************************/
2548 void reply_unlink(struct smb_request *req)
2550 connection_struct *conn = req->conn;
2554 bool path_contains_wcard = False;
2555 TALLOC_CTX *ctx = talloc_tos();
2557 START_PROFILE(SMBunlink);
2560 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
2561 END_PROFILE(SMBunlink);
2565 dirtype = SVAL(req->vwv+0, 0);
2567 srvstr_get_path_req_wcard(ctx, req, &name, (const char *)req->buf + 1,
2568 STR_TERMINATE, &status,
2569 &path_contains_wcard);
2570 if (!NT_STATUS_IS_OK(status)) {
2571 reply_nterror(req, status);
2572 END_PROFILE(SMBunlink);
2576 status = resolve_dfspath_wcard(ctx, conn,
2577 req->flags2 & FLAGS2_DFS_PATHNAMES,
2580 &path_contains_wcard);
2581 if (!NT_STATUS_IS_OK(status)) {
2582 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
2583 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
2584 ERRSRV, ERRbadpath);
2585 END_PROFILE(SMBunlink);
2588 reply_nterror(req, status);
2589 END_PROFILE(SMBunlink);
2593 DEBUG(3,("reply_unlink : %s\n",name));
2595 status = unlink_internals(conn, req, dirtype, name,
2596 path_contains_wcard);
2597 if (!NT_STATUS_IS_OK(status)) {
2598 if (open_was_deferred(req->mid)) {
2599 /* We have re-scheduled this call. */
2600 END_PROFILE(SMBunlink);
2603 reply_nterror(req, status);
2604 END_PROFILE(SMBunlink);
2608 reply_outbuf(req, 0, 0);
2609 END_PROFILE(SMBunlink);
2614 /****************************************************************************
2616 ****************************************************************************/
2618 static void fail_readraw(void)
2620 const char *errstr = talloc_asprintf(talloc_tos(),
2621 "FAIL ! reply_readbraw: socket write fail (%s)",
2626 exit_server_cleanly(errstr);
2629 /****************************************************************************
2630 Fake (read/write) sendfile. Returns -1 on read or write fail.
2631 ****************************************************************************/
2633 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos,
2637 size_t tosend = nread;
2644 bufsize = MIN(nread, 65536);
2646 if (!(buf = SMB_MALLOC_ARRAY(char, bufsize))) {
2650 while (tosend > 0) {
2654 if (tosend > bufsize) {
2659 ret = read_file(fsp,buf,startpos,cur_read);
2665 /* If we had a short read, fill with zeros. */
2666 if (ret < cur_read) {
2667 memset(buf, '\0', cur_read - ret);
2670 if (write_data(smbd_server_fd(),buf,cur_read) != cur_read) {
2675 startpos += cur_read;
2679 return (ssize_t)nread;
2682 /****************************************************************************
2683 Deal with the case of sendfile reading less bytes from the file than
2684 requested. Fill with zeros (all we can do).
2685 ****************************************************************************/
2687 static void sendfile_short_send(files_struct *fsp,
2692 if (nread < headersize) {
2693 DEBUG(0,("sendfile_short_send: sendfile failed to send "
2694 "header for file %s (%s). Terminating\n",
2695 fsp->fsp_name, strerror(errno) ));
2696 exit_server_cleanly("sendfile_short_send failed");
2699 nread -= headersize;
2701 if (nread < smb_maxcnt) {
2702 char *buf = SMB_CALLOC_ARRAY(char, 1024);
2704 exit_server_cleanly("sendfile_short_send: "
2708 DEBUG(0,("sendfile_short_send: filling truncated file %s "
2709 "with zeros !\n", fsp->fsp_name));
2711 while (nread < smb_maxcnt) {
2713 * We asked for the real file size and told sendfile
2714 * to not go beyond the end of the file. But it can
2715 * happen that in between our fstat call and the
2716 * sendfile call the file was truncated. This is very
2717 * bad because we have already announced the larger
2718 * number of bytes to the client.
2720 * The best we can do now is to send 0-bytes, just as
2721 * a read from a hole in a sparse file would do.
2723 * This should happen rarely enough that I don't care
2724 * about efficiency here :-)
2728 to_write = MIN(sizeof(buf), smb_maxcnt - nread);
2729 if (write_data(smbd_server_fd(), buf, to_write) != to_write) {
2730 exit_server_cleanly("sendfile_short_send: "
2731 "write_data failed");
2739 /****************************************************************************
2740 Return a readbraw error (4 bytes of zero).
2741 ****************************************************************************/
2743 static void reply_readbraw_error(void)
2747 if (write_data(smbd_server_fd(),header,4) != 4) {
2752 /****************************************************************************
2753 Use sendfile in readbraw.
2754 ****************************************************************************/
2756 static void send_file_readbraw(connection_struct *conn,
2757 struct smb_request *req,
2763 char *outbuf = NULL;
2766 #if defined(WITH_SENDFILE)
2768 * We can only use sendfile on a non-chained packet
2769 * but we can use on a non-oplocked file. tridge proved this
2770 * on a train in Germany :-). JRA.
2771 * reply_readbraw has already checked the length.
2774 if ( !req_is_in_chain(req) && (nread > 0) && (fsp->base_fsp == NULL) &&
2775 (fsp->wcp == NULL) &&
2776 lp_use_sendfile(SNUM(conn), smbd_server_conn->signing_state) ) {
2777 ssize_t sendfile_read = -1;
2779 DATA_BLOB header_blob;
2781 _smb_setlen(header,nread);
2782 header_blob = data_blob_const(header, 4);
2784 if ((sendfile_read = SMB_VFS_SENDFILE(smbd_server_fd(), fsp,
2785 &header_blob, startpos, nread)) == -1) {
2786 /* Returning ENOSYS means no data at all was sent.
2787 * Do this as a normal read. */
2788 if (errno == ENOSYS) {
2789 goto normal_readbraw;
2793 * Special hack for broken Linux with no working sendfile. If we
2794 * return EINTR we sent the header but not the rest of the data.
2795 * Fake this up by doing read/write calls.
2797 if (errno == EINTR) {
2798 /* Ensure we don't do this again. */
2799 set_use_sendfile(SNUM(conn), False);
2800 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2802 if (fake_sendfile(fsp, startpos, nread) == -1) {
2803 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2804 fsp->fsp_name, strerror(errno) ));
2805 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2810 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2811 fsp->fsp_name, strerror(errno) ));
2812 exit_server_cleanly("send_file_readbraw sendfile failed");
2813 } else if (sendfile_read == 0) {
2815 * Some sendfile implementations return 0 to indicate
2816 * that there was a short read, but nothing was
2817 * actually written to the socket. In this case,
2818 * fallback to the normal read path so the header gets
2819 * the correct byte count.
2821 DEBUG(3, ("send_file_readbraw: sendfile sent zero "
2822 "bytes falling back to the normal read: "
2823 "%s\n", fsp->fsp_name));
2824 goto normal_readbraw;
2827 /* Deal with possible short send. */
2828 if (sendfile_read != 4+nread) {
2829 sendfile_short_send(fsp, sendfile_read, 4, nread);
2837 outbuf = TALLOC_ARRAY(NULL, char, nread+4);
2839 DEBUG(0,("send_file_readbraw: TALLOC_ARRAY failed for size %u.\n",
2840 (unsigned)(nread+4)));
2841 reply_readbraw_error();
2846 ret = read_file(fsp,outbuf+4,startpos,nread);
2847 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2856 _smb_setlen(outbuf,ret);
2857 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2860 TALLOC_FREE(outbuf);
2863 /****************************************************************************
2864 Reply to a readbraw (core+ protocol).
2865 ****************************************************************************/
2867 void reply_readbraw(struct smb_request *req)
2869 connection_struct *conn = req->conn;
2870 ssize_t maxcount,mincount;
2874 struct lock_struct lock;
2878 START_PROFILE(SMBreadbraw);
2880 if (srv_is_signing_active(smbd_server_conn) ||
2881 is_encrypted_packet(req->inbuf)) {
2882 exit_server_cleanly("reply_readbraw: SMB signing/sealing is active - "
2883 "raw reads/writes are disallowed.");
2887 reply_readbraw_error();
2888 END_PROFILE(SMBreadbraw);
2893 * Special check if an oplock break has been issued
2894 * and the readraw request croses on the wire, we must
2895 * return a zero length response here.
2898 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
2901 * We have to do a check_fsp by hand here, as
2902 * we must always return 4 zero bytes on error,
2906 if (!fsp || !conn || conn != fsp->conn ||
2907 req->vuid != fsp->vuid ||
2908 fsp->is_directory || fsp->fh->fd == -1) {
2910 * fsp could be NULL here so use the value from the packet. JRA.
2912 DEBUG(3,("reply_readbraw: fnum %d not valid "
2914 (int)SVAL(req->vwv+0, 0)));
2915 reply_readbraw_error();
2916 END_PROFILE(SMBreadbraw);
2920 /* Do a "by hand" version of CHECK_READ. */
2921 if (!(fsp->can_read ||
2922 ((req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) &&
2923 (fsp->access_mask & FILE_EXECUTE)))) {
2924 DEBUG(3,("reply_readbraw: fnum %d not readable.\n",
2925 (int)SVAL(req->vwv+0, 0)));
2926 reply_readbraw_error();
2927 END_PROFILE(SMBreadbraw);
2931 flush_write_cache(fsp, READRAW_FLUSH);
2933 startpos = IVAL_TO_SMB_OFF_T(req->vwv+1, 0);
2934 if(req->wct == 10) {
2936 * This is a large offset (64 bit) read.
2938 #ifdef LARGE_SMB_OFF_T
2940 startpos |= (((SMB_OFF_T)IVAL(req->vwv+8, 0)) << 32);
2942 #else /* !LARGE_SMB_OFF_T */
2945 * Ensure we haven't been sent a >32 bit offset.
2948 if(IVAL(req->vwv+8, 0) != 0) {
2949 DEBUG(0,("reply_readbraw: large offset "
2950 "(%x << 32) used and we don't support "
2951 "64 bit offsets.\n",
2952 (unsigned int)IVAL(req->vwv+8, 0) ));
2953 reply_readbraw_error();
2954 END_PROFILE(SMBreadbraw);
2958 #endif /* LARGE_SMB_OFF_T */
2961 DEBUG(0,("reply_readbraw: negative 64 bit "
2962 "readraw offset (%.0f) !\n",
2963 (double)startpos ));
2964 reply_readbraw_error();
2965 END_PROFILE(SMBreadbraw);
2970 maxcount = (SVAL(req->vwv+3, 0) & 0xFFFF);
2971 mincount = (SVAL(req->vwv+4, 0) & 0xFFFF);
2973 /* ensure we don't overrun the packet size */
2974 maxcount = MIN(65535,maxcount);
2976 init_strict_lock_struct(fsp, (uint32)req->smbpid,
2977 (uint64_t)startpos, (uint64_t)maxcount, READ_LOCK,
2980 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
2981 reply_readbraw_error();
2982 END_PROFILE(SMBreadbraw);
2986 if (SMB_VFS_FSTAT(fsp, &st) == 0) {
2990 if (startpos >= size) {
2993 nread = MIN(maxcount,(size - startpos));
2996 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2997 if (nread < mincount)
3001 DEBUG( 3, ( "reply_readbraw: fnum=%d start=%.0f max=%lu "
3002 "min=%lu nread=%lu\n",
3003 fsp->fnum, (double)startpos,
3004 (unsigned long)maxcount,
3005 (unsigned long)mincount,
3006 (unsigned long)nread ) );
3008 send_file_readbraw(conn, req, fsp, startpos, nread, mincount);
3010 DEBUG(5,("reply_readbraw finished\n"));
3012 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3014 END_PROFILE(SMBreadbraw);
3019 #define DBGC_CLASS DBGC_LOCKING
3021 /****************************************************************************
3022 Reply to a lockread (core+ protocol).
3023 ****************************************************************************/
3025 void reply_lockread(struct smb_request *req)
3027 connection_struct *conn = req->conn;
3034 struct byte_range_lock *br_lck = NULL;
3037 START_PROFILE(SMBlockread);
3040 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3041 END_PROFILE(SMBlockread);
3045 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3047 if (!check_fsp(conn, req, fsp)) {
3048 END_PROFILE(SMBlockread);
3052 if (!CHECK_READ(fsp,req)) {
3053 reply_doserror(req, ERRDOS, ERRbadaccess);
3054 END_PROFILE(SMBlockread);
3058 numtoread = SVAL(req->vwv+1, 0);
3059 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3061 numtoread = MIN(BUFFER_SIZE - (smb_size + 3*2 + 3), numtoread);
3063 reply_outbuf(req, 5, numtoread + 3);
3065 data = smb_buf(req->outbuf) + 3;
3068 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
3069 * protocol request that predates the read/write lock concept.
3070 * Thus instead of asking for a read lock here we need to ask
3071 * for a write lock. JRA.
3072 * Note that the requested lock size is unaffected by max_recv.
3075 br_lck = do_lock(smbd_messaging_context(),
3078 (uint64_t)numtoread,
3082 False, /* Non-blocking lock. */
3086 TALLOC_FREE(br_lck);
3088 if (NT_STATUS_V(status)) {
3089 reply_nterror(req, status);
3090 END_PROFILE(SMBlockread);
3095 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
3098 if (numtoread > max_recv) {
3099 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
3100 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3101 (unsigned int)numtoread, (unsigned int)max_recv ));
3102 numtoread = MIN(numtoread,max_recv);
3104 nread = read_file(fsp,data,startpos,numtoread);
3107 reply_unixerror(req, ERRDOS, ERRnoaccess);
3108 END_PROFILE(SMBlockread);
3112 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3114 SSVAL(req->outbuf,smb_vwv0,nread);
3115 SSVAL(req->outbuf,smb_vwv5,nread+3);
3116 p = smb_buf(req->outbuf);
3117 SCVAL(p,0,0); /* pad byte. */
3120 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
3121 fsp->fnum, (int)numtoread, (int)nread));
3123 END_PROFILE(SMBlockread);
3128 #define DBGC_CLASS DBGC_ALL
3130 /****************************************************************************
3132 ****************************************************************************/
3134 void reply_read(struct smb_request *req)
3136 connection_struct *conn = req->conn;
3143 struct lock_struct lock;
3145 START_PROFILE(SMBread);
3148 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3149 END_PROFILE(SMBread);
3153 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3155 if (!check_fsp(conn, req, fsp)) {
3156 END_PROFILE(SMBread);
3160 if (!CHECK_READ(fsp,req)) {
3161 reply_doserror(req, ERRDOS, ERRbadaccess);
3162 END_PROFILE(SMBread);
3166 numtoread = SVAL(req->vwv+1, 0);
3167 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3169 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
3172 * The requested read size cannot be greater than max_recv. JRA.
3174 if (numtoread > max_recv) {
3175 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
3176 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
3177 (unsigned int)numtoread, (unsigned int)max_recv ));
3178 numtoread = MIN(numtoread,max_recv);
3181 reply_outbuf(req, 5, numtoread+3);
3183 data = smb_buf(req->outbuf) + 3;
3185 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3186 (uint64_t)startpos, (uint64_t)numtoread, READ_LOCK,
3189 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3190 reply_doserror(req, ERRDOS,ERRlock);
3191 END_PROFILE(SMBread);
3196 nread = read_file(fsp,data,startpos,numtoread);
3199 reply_unixerror(req, ERRDOS,ERRnoaccess);
3203 srv_set_message((char *)req->outbuf, 5, nread+3, False);
3205 SSVAL(req->outbuf,smb_vwv0,nread);
3206 SSVAL(req->outbuf,smb_vwv5,nread+3);
3207 SCVAL(smb_buf(req->outbuf),0,1);
3208 SSVAL(smb_buf(req->outbuf),1,nread);
3210 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
3211 fsp->fnum, (int)numtoread, (int)nread ) );
3214 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3216 END_PROFILE(SMBread);
3220 /****************************************************************************
3222 ****************************************************************************/
3224 static int setup_readX_header(struct smb_request *req, char *outbuf,
3230 outsize = srv_set_message(outbuf,12,smb_maxcnt,False);
3231 data = smb_buf(outbuf);
3233 memset(outbuf+smb_vwv0,'\0',24); /* valgrind init. */
3235 SCVAL(outbuf,smb_vwv0,0xFF);
3236 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
3237 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
3238 SSVAL(outbuf,smb_vwv6,
3240 + 1 /* the wct field */
3241 + 12 * sizeof(uint16_t) /* vwv */
3242 + 2); /* the buflen field */
3243 SSVAL(outbuf,smb_vwv7,(smb_maxcnt >> 16));
3244 SSVAL(outbuf,smb_vwv11,smb_maxcnt);
3245 /* Reset the outgoing length, set_message truncates at 0x1FFFF. */
3246 _smb_setlen_large(outbuf,(smb_size + 12*2 + smb_maxcnt - 4));
3250 /****************************************************************************
3251 Reply to a read and X - possibly using sendfile.
3252 ****************************************************************************/
3254 static void send_file_readX(connection_struct *conn, struct smb_request *req,
3255 files_struct *fsp, SMB_OFF_T startpos,
3258 SMB_STRUCT_STAT sbuf;
3261 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
3262 reply_unixerror(req, ERRDOS, ERRnoaccess);
3266 if (startpos > sbuf.st_size) {
3268 } else if (smb_maxcnt > (sbuf.st_size - startpos)) {
3269 smb_maxcnt = (sbuf.st_size - startpos);
3272 if (smb_maxcnt == 0) {
3276 #if defined(WITH_SENDFILE)
3278 * We can only use sendfile on a non-chained packet
3279 * but we can use on a non-oplocked file. tridge proved this
3280 * on a train in Germany :-). JRA.
3283 if (!req_is_in_chain(req) &&
3284 !is_encrypted_packet(req->inbuf) && (fsp->base_fsp == NULL) &&
3285 (fsp->wcp == NULL) &&
3286 lp_use_sendfile(SNUM(conn), smbd_server_conn->signing_state) ) {
3287 uint8 headerbuf[smb_size + 12 * 2];
3291 * Set up the packet header before send. We
3292 * assume here the sendfile will work (get the
3293 * correct amount of data).
3296 header = data_blob_const(headerbuf, sizeof(headerbuf));
3298 construct_reply_common_req(req, (char *)headerbuf);
3299 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3301 if ((nread = SMB_VFS_SENDFILE(smbd_server_fd(), fsp, &header, startpos, smb_maxcnt)) == -1) {
3302 /* Returning ENOSYS means no data at all was sent.
3303 Do this as a normal read. */
3304 if (errno == ENOSYS) {
3309 * Special hack for broken Linux with no working sendfile. If we
3310 * return EINTR we sent the header but not the rest of the data.
3311 * Fake this up by doing read/write calls.
3314 if (errno == EINTR) {
3315 /* Ensure we don't do this again. */
3316 set_use_sendfile(SNUM(conn), False);
3317 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
3318 nread = fake_sendfile(fsp, startpos,
3321 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3322 fsp->fsp_name, strerror(errno) ));
3323 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3325 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
3326 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3327 /* No outbuf here means successful sendfile. */
3328 TALLOC_FREE(req->outbuf);
3332 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
3333 fsp->fsp_name, strerror(errno) ));
3334 exit_server_cleanly("send_file_readX sendfile failed");
3335 } else if (nread == 0) {
3337 * Some sendfile implementations return 0 to indicate
3338 * that there was a short read, but nothing was
3339 * actually written to the socket. In this case,
3340 * fallback to the normal read path so the header gets
3341 * the correct byte count.
3343 DEBUG(3, ("send_file_readX: sendfile sent zero bytes "
3344 "falling back to the normal read: %s\n",
3349 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
3350 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3352 /* Deal with possible short send. */
3353 if (nread != smb_maxcnt + sizeof(headerbuf)) {
3354 sendfile_short_send(fsp, nread, sizeof(headerbuf), smb_maxcnt);
3357 /* No outbuf here means successful sendfile. */
3358 TALLOC_FREE(req->outbuf);
3359 SMB_PERFCOUNT_SET_MSGLEN_OUT(&req->pcd, nread);
3360 SMB_PERFCOUNT_END(&req->pcd);
3367 if ((smb_maxcnt & 0xFF0000) > 0x10000) {
3368 uint8 headerbuf[smb_size + 2*12];
3370 construct_reply_common_req(req, (char *)headerbuf);
3371 setup_readX_header(req, (char *)headerbuf, smb_maxcnt);
3373 /* Send out the header. */
3374 if (write_data(smbd_server_fd(), (char *)headerbuf,
3375 sizeof(headerbuf)) != sizeof(headerbuf)) {
3376 DEBUG(0,("send_file_readX: write_data failed for file %s (%s). Terminating\n",
3377 fsp->fsp_name, strerror(errno) ));
3378 exit_server_cleanly("send_file_readX sendfile failed");
3380 nread = fake_sendfile(fsp, startpos, smb_maxcnt);
3382 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
3383 fsp->fsp_name, strerror(errno) ));
3384 exit_server_cleanly("send_file_readX: fake_sendfile failed");
3386 TALLOC_FREE(req->outbuf);
3390 reply_outbuf(req, 12, smb_maxcnt);
3392 nread = read_file(fsp, smb_buf(req->outbuf), startpos, smb_maxcnt);
3394 reply_unixerror(req, ERRDOS, ERRnoaccess);
3398 setup_readX_header(req, (char *)req->outbuf, nread);
3400 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
3401 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
3406 /****************************************************************************
3407 Reply to a read and X.
3408 ****************************************************************************/
3410 void reply_read_and_X(struct smb_request *req)
3412 connection_struct *conn = req->conn;
3416 struct lock_struct lock;
3417 bool big_readX = False;
3419 size_t smb_mincnt = SVAL(req->vwv+6, 0);
3422 START_PROFILE(SMBreadX);
3424 if ((req->wct != 10) && (req->wct != 12)) {
3425 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3429 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
3430 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3431 smb_maxcnt = SVAL(req->vwv+5, 0);
3433 /* If it's an IPC, pass off the pipe handler. */
3435 reply_pipe_read_and_X(req);
3436 END_PROFILE(SMBreadX);
3440 if (!check_fsp(conn, req, fsp)) {
3441 END_PROFILE(SMBreadX);
3445 if (!CHECK_READ(fsp,req)) {
3446 reply_doserror(req, ERRDOS,ERRbadaccess);
3447 END_PROFILE(SMBreadX);
3451 if (global_client_caps & CAP_LARGE_READX) {
3452 size_t upper_size = SVAL(req->vwv+7, 0);
3453 smb_maxcnt |= (upper_size<<16);
3454 if (upper_size > 1) {
3455 /* Can't do this on a chained packet. */
3456 if ((CVAL(req->vwv+0, 0) != 0xFF)) {
3457 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3458 END_PROFILE(SMBreadX);
3461 /* We currently don't do this on signed or sealed data. */
3462 if (srv_is_signing_active(smbd_server_conn) ||
3463 is_encrypted_packet(req->inbuf)) {
3464 reply_nterror(req, NT_STATUS_NOT_SUPPORTED);
3465 END_PROFILE(SMBreadX);
3468 /* Is there room in the reply for this data ? */
3469 if (smb_maxcnt > (0xFFFFFF - (smb_size -4 + 12*2))) {
3471 NT_STATUS_INVALID_PARAMETER);
3472 END_PROFILE(SMBreadX);
3479 if (req->wct == 12) {
3480 #ifdef LARGE_SMB_OFF_T
3482 * This is a large offset (64 bit) read.
3484 startpos |= (((SMB_OFF_T)IVAL(req->vwv+10, 0)) << 32);
3486 #else /* !LARGE_SMB_OFF_T */
3489 * Ensure we haven't been sent a >32 bit offset.
3492 if(IVAL(req->vwv+10, 0) != 0) {
3493 DEBUG(0,("reply_read_and_X - large offset (%x << 32) "
3494 "used and we don't support 64 bit offsets.\n",
3495 (unsigned int)IVAL(req->vwv+10, 0) ));
3496 END_PROFILE(SMBreadX);
3497 reply_doserror(req, ERRDOS, ERRbadaccess);
3501 #endif /* LARGE_SMB_OFF_T */
3505 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3506 (uint64_t)startpos, (uint64_t)smb_maxcnt, READ_LOCK,
3509 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3510 END_PROFILE(SMBreadX);
3511 reply_doserror(req, ERRDOS, ERRlock);
3516 schedule_aio_read_and_X(conn, req, fsp, startpos, smb_maxcnt)) {
3520 send_file_readX(conn, req, fsp, startpos, smb_maxcnt);
3523 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3525 END_PROFILE(SMBreadX);
3529 /****************************************************************************
3530 Error replies to writebraw must have smb_wct == 1. Fix this up.
3531 ****************************************************************************/
3533 void error_to_writebrawerr(struct smb_request *req)
3535 uint8 *old_outbuf = req->outbuf;
3537 reply_outbuf(req, 1, 0);
3539 memcpy(req->outbuf, old_outbuf, smb_size);
3540 TALLOC_FREE(old_outbuf);
3543 /****************************************************************************
3544 Reply to a writebraw (core+ or LANMAN1.0 protocol).
3545 ****************************************************************************/
3547 void reply_writebraw(struct smb_request *req)
3549 connection_struct *conn = req->conn;
3552 ssize_t total_written=0;
3553 size_t numtowrite=0;
3559 struct lock_struct lock;
3562 START_PROFILE(SMBwritebraw);
3565 * If we ever reply with an error, it must have the SMB command
3566 * type of SMBwritec, not SMBwriteBraw, as this tells the client
3569 SCVAL(req->inbuf,smb_com,SMBwritec);
3571 if (srv_is_signing_active(smbd_server_conn)) {
3572 END_PROFILE(SMBwritebraw);
3573 exit_server_cleanly("reply_writebraw: SMB signing is active - "
3574 "raw reads/writes are disallowed.");
3577 if (req->wct < 12) {
3578 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3579 error_to_writebrawerr(req);
3580 END_PROFILE(SMBwritebraw);
3584 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3585 if (!check_fsp(conn, req, fsp)) {
3586 error_to_writebrawerr(req);
3587 END_PROFILE(SMBwritebraw);
3591 if (!CHECK_WRITE(fsp)) {
3592 reply_doserror(req, ERRDOS, ERRbadaccess);
3593 error_to_writebrawerr(req);
3594 END_PROFILE(SMBwritebraw);
3598 tcount = IVAL(req->vwv+1, 0);
3599 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
3600 write_through = BITSETW(req->vwv+7,0);
3602 /* We have to deal with slightly different formats depending
3603 on whether we are using the core+ or lanman1.0 protocol */
3605 if(Protocol <= PROTOCOL_COREPLUS) {
3606 numtowrite = SVAL(smb_buf(req->inbuf),-2);
3607 data = smb_buf(req->inbuf);
3609 numtowrite = SVAL(req->vwv+10, 0);
3610 data = smb_base(req->inbuf) + SVAL(req->vwv+11, 0);
3613 /* Ensure we don't write bytes past the end of this packet. */
3614 if (data + numtowrite > smb_base(req->inbuf) + smb_len(req->inbuf)) {
3615 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3616 error_to_writebrawerr(req);
3617 END_PROFILE(SMBwritebraw);
3621 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3622 (uint64_t)startpos, (uint64_t)tcount, WRITE_LOCK,
3625 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3626 reply_doserror(req, ERRDOS, ERRlock);
3627 error_to_writebrawerr(req);
3628 END_PROFILE(SMBwritebraw);
3633 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3636 DEBUG(3,("reply_writebraw: initial write fnum=%d start=%.0f num=%d "
3637 "wrote=%d sync=%d\n",
3638 fsp->fnum, (double)startpos, (int)numtowrite,
3639 (int)nwritten, (int)write_through));
3641 if (nwritten < (ssize_t)numtowrite) {
3642 reply_unixerror(req, ERRHRD, ERRdiskfull);
3643 error_to_writebrawerr(req);
3647 total_written = nwritten;
3649 /* Allocate a buffer of 64k + length. */
3650 buf = TALLOC_ARRAY(NULL, char, 65540);
3652 reply_doserror(req, ERRDOS, ERRnomem);
3653 error_to_writebrawerr(req);
3657 /* Return a SMBwritebraw message to the redirector to tell
3658 * it to send more bytes */
3660 memcpy(buf, req->inbuf, smb_size);
3661 srv_set_message(buf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
3662 SCVAL(buf,smb_com,SMBwritebraw);
3663 SSVALS(buf,smb_vwv0,0xFFFF);
3665 if (!srv_send_smb(smbd_server_fd(),
3667 false, 0, /* no signing */
3668 IS_CONN_ENCRYPTED(conn),
3670 exit_server_cleanly("reply_writebraw: srv_send_smb "
3674 /* Now read the raw data into the buffer and write it */
3675 status = read_smb_length(smbd_server_fd(), buf, SMB_SECONDARY_WAIT,
3677 if (!NT_STATUS_IS_OK(status)) {
3678 exit_server_cleanly("secondary writebraw failed");
3681 /* Set up outbuf to return the correct size */
3682 reply_outbuf(req, 1, 0);
3684 if (numtowrite != 0) {
3686 if (numtowrite > 0xFFFF) {
3687 DEBUG(0,("reply_writebraw: Oversize secondary write "
3688 "raw requested (%u). Terminating\n",
3689 (unsigned int)numtowrite ));
3690 exit_server_cleanly("secondary writebraw failed");
3693 if (tcount > nwritten+numtowrite) {
3694 DEBUG(3,("reply_writebraw: Client overestimated the "
3696 (int)tcount,(int)nwritten,(int)numtowrite));
3699 status = read_data(smbd_server_fd(), buf+4, numtowrite);
3701 if (!NT_STATUS_IS_OK(status)) {
3702 DEBUG(0,("reply_writebraw: Oversize secondary write "
3703 "raw read failed (%s). Terminating\n",
3704 nt_errstr(status)));
3705 exit_server_cleanly("secondary writebraw failed");
3708 nwritten = write_file(req,fsp,buf+4,startpos+nwritten,numtowrite);
3709 if (nwritten == -1) {
3711 reply_unixerror(req, ERRHRD, ERRdiskfull);
3712 error_to_writebrawerr(req);
3716 if (nwritten < (ssize_t)numtowrite) {
3717 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3718 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3722 total_written += nwritten;
3727 SSVAL(req->outbuf,smb_vwv0,total_written);
3729 status = sync_file(conn, fsp, write_through);
3730 if (!NT_STATUS_IS_OK(status)) {
3731 DEBUG(5,("reply_writebraw: sync_file for %s returned %s\n",
3732 fsp->fsp_name, nt_errstr(status) ));
3733 reply_nterror(req, status);
3734 error_to_writebrawerr(req);
3738 DEBUG(3,("reply_writebraw: secondart write fnum=%d start=%.0f num=%d "
3740 fsp->fnum, (double)startpos, (int)numtowrite,
3741 (int)total_written));
3743 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3745 /* We won't return a status if write through is not selected - this
3746 * follows what WfWg does */
3747 END_PROFILE(SMBwritebraw);
3749 if (!write_through && total_written==tcount) {
3751 #if RABBIT_PELLET_FIX
3753 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
3754 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this.
3757 if (!send_keepalive(smbd_server_fd())) {
3758 exit_server_cleanly("reply_writebraw: send of "
3759 "keepalive failed");
3762 TALLOC_FREE(req->outbuf);
3767 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3769 END_PROFILE(SMBwritebraw);
3774 #define DBGC_CLASS DBGC_LOCKING
3776 /****************************************************************************
3777 Reply to a writeunlock (core+).
3778 ****************************************************************************/
3780 void reply_writeunlock(struct smb_request *req)
3782 connection_struct *conn = req->conn;
3783 ssize_t nwritten = -1;
3787 NTSTATUS status = NT_STATUS_OK;
3789 struct lock_struct lock;
3791 START_PROFILE(SMBwriteunlock);
3794 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3795 END_PROFILE(SMBwriteunlock);
3799 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3801 if (!check_fsp(conn, req, fsp)) {
3802 END_PROFILE(SMBwriteunlock);
3806 if (!CHECK_WRITE(fsp)) {
3807 reply_doserror(req, ERRDOS,ERRbadaccess);
3808 END_PROFILE(SMBwriteunlock);
3812 numtowrite = SVAL(req->vwv+1, 0);
3813 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3814 data = (const char *)req->buf + 3;
3817 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3818 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
3821 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3822 reply_doserror(req, ERRDOS, ERRlock);
3823 END_PROFILE(SMBwriteunlock);
3828 /* The special X/Open SMB protocol handling of
3829 zero length writes is *NOT* done for
3831 if(numtowrite == 0) {
3834 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3837 status = sync_file(conn, fsp, False /* write through */);
3838 if (!NT_STATUS_IS_OK(status)) {
3839 DEBUG(5,("reply_writeunlock: sync_file for %s returned %s\n",
3840 fsp->fsp_name, nt_errstr(status) ));
3841 reply_nterror(req, status);
3845 if(((nwritten < numtowrite) && (numtowrite != 0))||(nwritten < 0)) {
3846 reply_unixerror(req, ERRHRD, ERRdiskfull);
3851 status = do_unlock(smbd_messaging_context(),
3854 (uint64_t)numtowrite,
3858 if (NT_STATUS_V(status)) {
3859 reply_nterror(req, status);
3864 reply_outbuf(req, 1, 0);
3866 SSVAL(req->outbuf,smb_vwv0,nwritten);
3868 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
3869 fsp->fnum, (int)numtowrite, (int)nwritten));
3873 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3876 END_PROFILE(SMBwriteunlock);
3881 #define DBGC_CLASS DBGC_ALL
3883 /****************************************************************************
3885 ****************************************************************************/
3887 void reply_write(struct smb_request *req)
3889 connection_struct *conn = req->conn;
3891 ssize_t nwritten = -1;
3895 struct lock_struct lock;
3898 START_PROFILE(SMBwrite);
3901 END_PROFILE(SMBwrite);
3902 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
3906 /* If it's an IPC, pass off the pipe handler. */
3908 reply_pipe_write(req);
3909 END_PROFILE(SMBwrite);
3913 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
3915 if (!check_fsp(conn, req, fsp)) {
3916 END_PROFILE(SMBwrite);
3920 if (!CHECK_WRITE(fsp)) {
3921 reply_doserror(req, ERRDOS, ERRbadaccess);
3922 END_PROFILE(SMBwrite);
3926 numtowrite = SVAL(req->vwv+1, 0);
3927 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
3928 data = (const char *)req->buf + 3;
3930 init_strict_lock_struct(fsp, (uint32)req->smbpid,
3931 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
3934 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
3935 reply_doserror(req, ERRDOS, ERRlock);
3936 END_PROFILE(SMBwrite);
3941 * X/Open SMB protocol says that if smb_vwv1 is
3942 * zero then the file size should be extended or
3943 * truncated to the size given in smb_vwv[2-3].
3946 if(numtowrite == 0) {
3948 * This is actually an allocate call, and set EOF. JRA.
3950 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
3952 reply_nterror(req, NT_STATUS_DISK_FULL);
3955 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
3957 reply_nterror(req, NT_STATUS_DISK_FULL);
3960 trigger_write_time_update_immediate(fsp);
3962 nwritten = write_file(req,fsp,data,startpos,numtowrite);
3965 status = sync_file(conn, fsp, False);
3966 if (!NT_STATUS_IS_OK(status)) {
3967 DEBUG(5,("reply_write: sync_file for %s returned %s\n",
3968 fsp->fsp_name, nt_errstr(status) ));
3969 reply_nterror(req, status);
3973 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3974 reply_unixerror(req, ERRHRD, ERRdiskfull);
3978 reply_outbuf(req, 1, 0);
3980 SSVAL(req->outbuf,smb_vwv0,nwritten);
3982 if (nwritten < (ssize_t)numtowrite) {
3983 SCVAL(req->outbuf,smb_rcls,ERRHRD);
3984 SSVAL(req->outbuf,smb_err,ERRdiskfull);
3987 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3990 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
3992 END_PROFILE(SMBwrite);
3996 /****************************************************************************
3997 Ensure a buffer is a valid writeX for recvfile purposes.
3998 ****************************************************************************/
4000 #define STANDARD_WRITE_AND_X_HEADER_SIZE (smb_size - 4 + /* basic header */ \
4001 (2*14) + /* word count (including bcc) */ \
4004 bool is_valid_writeX_buffer(const uint8_t *inbuf)
4007 connection_struct *conn = NULL;
4008 unsigned int doff = 0;
4009 size_t len = smb_len_large(inbuf);
4011 if (is_encrypted_packet(inbuf)) {
4012 /* Can't do this on encrypted
4017 if (CVAL(inbuf,smb_com) != SMBwriteX) {
4021 if (CVAL(inbuf,smb_vwv0) != 0xFF ||
4022 CVAL(inbuf,smb_wct) != 14) {
4023 DEBUG(10,("is_valid_writeX_buffer: chained or "
4024 "invalid word length.\n"));
4028 conn = conn_find(SVAL(inbuf, smb_tid));
4030 DEBUG(10,("is_valid_writeX_buffer: bad tid\n"));
4034 DEBUG(10,("is_valid_writeX_buffer: IPC$ tid\n"));
4037 if (IS_PRINT(conn)) {
4038 DEBUG(10,("is_valid_writeX_buffer: printing tid\n"));
4041 doff = SVAL(inbuf,smb_vwv11);
4043 numtowrite = SVAL(inbuf,smb_vwv10);
4045 if (len > doff && len - doff > 0xFFFF) {
4046 numtowrite |= (((size_t)SVAL(inbuf,smb_vwv9))<<16);
4049 if (numtowrite == 0) {
4050 DEBUG(10,("is_valid_writeX_buffer: zero write\n"));
4054 /* Ensure the sizes match up. */
4055 if (doff < STANDARD_WRITE_AND_X_HEADER_SIZE) {
4056 /* no pad byte...old smbclient :-( */
4057 DEBUG(10,("is_valid_writeX_buffer: small doff %u (min %u)\n",
4059 (unsigned int)STANDARD_WRITE_AND_X_HEADER_SIZE));
4063 if (len - doff != numtowrite) {
4064 DEBUG(10,("is_valid_writeX_buffer: doff mismatch "
4065 "len = %u, doff = %u, numtowrite = %u\n",
4068 (unsigned int)numtowrite ));
4072 DEBUG(10,("is_valid_writeX_buffer: true "
4073 "len = %u, doff = %u, numtowrite = %u\n",
4076 (unsigned int)numtowrite ));
4081 /****************************************************************************
4082 Reply to a write and X.
4083 ****************************************************************************/
4085 void reply_write_and_X(struct smb_request *req)
4087 connection_struct *conn = req->conn;
4089 struct lock_struct lock;
4094 unsigned int smb_doff;
4095 unsigned int smblen;
4099 START_PROFILE(SMBwriteX);
4101 if ((req->wct != 12) && (req->wct != 14)) {
4102 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4103 END_PROFILE(SMBwriteX);
4107 numtowrite = SVAL(req->vwv+10, 0);
4108 smb_doff = SVAL(req->vwv+11, 0);
4109 smblen = smb_len(req->inbuf);
4111 if (req->unread_bytes > 0xFFFF ||
4112 (smblen > smb_doff &&
4113 smblen - smb_doff > 0xFFFF)) {
4114 numtowrite |= (((size_t)SVAL(req->vwv+9, 0))<<16);
4117 if (req->unread_bytes) {
4118 /* Can't do a recvfile write on IPC$ */
4120 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4121 END_PROFILE(SMBwriteX);
4124 if (numtowrite != req->unread_bytes) {
4125 reply_doserror(req, ERRDOS, ERRbadmem);
4126 END_PROFILE(SMBwriteX);
4130 if (smb_doff > smblen || smb_doff + numtowrite < numtowrite ||
4131 smb_doff + numtowrite > smblen) {
4132 reply_doserror(req, ERRDOS, ERRbadmem);
4133 END_PROFILE(SMBwriteX);
4138 /* If it's an IPC, pass off the pipe handler. */
4140 if (req->unread_bytes) {
4141 reply_doserror(req, ERRDOS, ERRbadmem);
4142 END_PROFILE(SMBwriteX);
4145 reply_pipe_write_and_X(req);
4146 END_PROFILE(SMBwriteX);
4150 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
4151 startpos = IVAL_TO_SMB_OFF_T(req->vwv+3, 0);
4152 write_through = BITSETW(req->vwv+7,0);
4154 if (!check_fsp(conn, req, fsp)) {
4155 END_PROFILE(SMBwriteX);
4159 if (!CHECK_WRITE(fsp)) {
4160 reply_doserror(req, ERRDOS, ERRbadaccess);
4161 END_PROFILE(SMBwriteX);
4165 data = smb_base(req->inbuf) + smb_doff;
4167 if(req->wct == 14) {
4168 #ifdef LARGE_SMB_OFF_T
4170 * This is a large offset (64 bit) write.
4172 startpos |= (((SMB_OFF_T)IVAL(req->vwv+12, 0)) << 32);
4174 #else /* !LARGE_SMB_OFF_T */
4177 * Ensure we haven't been sent a >32 bit offset.
4180 if(IVAL(req->vwv+12, 0) != 0) {
4181 DEBUG(0,("reply_write_and_X - large offset (%x << 32) "
4182 "used and we don't support 64 bit offsets.\n",
4183 (unsigned int)IVAL(req->vwv+12, 0) ));
4184 reply_doserror(req, ERRDOS, ERRbadaccess);
4185 END_PROFILE(SMBwriteX);
4189 #endif /* LARGE_SMB_OFF_T */
4192 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4193 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4196 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4197 reply_doserror(req, ERRDOS, ERRlock);
4198 END_PROFILE(SMBwriteX);
4202 /* X/Open SMB protocol says that, unlike SMBwrite
4203 if the length is zero then NO truncation is
4204 done, just a write of zero. To truncate a file,
4207 if(numtowrite == 0) {
4211 if ((req->unread_bytes == 0) &&
4212 schedule_aio_write_and_X(conn, req, fsp, data, startpos,
4217 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4220 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4221 reply_unixerror(req, ERRHRD, ERRdiskfull);
4225 reply_outbuf(req, 6, 0);
4226 SSVAL(req->outbuf,smb_vwv2,nwritten);
4227 SSVAL(req->outbuf,smb_vwv4,nwritten>>16);
4229 if (nwritten < (ssize_t)numtowrite) {
4230 SCVAL(req->outbuf,smb_rcls,ERRHRD);
4231 SSVAL(req->outbuf,smb_err,ERRdiskfull);
4234 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
4235 fsp->fnum, (int)numtowrite, (int)nwritten));
4237 status = sync_file(conn, fsp, write_through);
4238 if (!NT_STATUS_IS_OK(status)) {
4239 DEBUG(5,("reply_write_and_X: sync_file for %s returned %s\n",
4240 fsp->fsp_name, nt_errstr(status) ));
4241 reply_nterror(req, status);
4245 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4247 END_PROFILE(SMBwriteX);
4252 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4254 END_PROFILE(SMBwriteX);
4258 /****************************************************************************
4260 ****************************************************************************/
4262 void reply_lseek(struct smb_request *req)
4264 connection_struct *conn = req->conn;
4270 START_PROFILE(SMBlseek);
4273 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4274 END_PROFILE(SMBlseek);
4278 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4280 if (!check_fsp(conn, req, fsp)) {
4284 flush_write_cache(fsp, SEEK_FLUSH);
4286 mode = SVAL(req->vwv+1, 0) & 3;
4287 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
4288 startpos = (SMB_OFF_T)IVALS(req->vwv+2, 0);
4297 res = fsp->fh->pos + startpos;
4308 if (umode == SEEK_END) {
4309 if((res = SMB_VFS_LSEEK(fsp,startpos,umode)) == -1) {
4310 if(errno == EINVAL) {
4311 SMB_OFF_T current_pos = startpos;
4312 SMB_STRUCT_STAT sbuf;
4314 if(SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
4315 reply_unixerror(req, ERRDOS,
4317 END_PROFILE(SMBlseek);
4321 current_pos += sbuf.st_size;
4323 res = SMB_VFS_LSEEK(fsp,0,SEEK_SET);
4328 reply_unixerror(req, ERRDOS, ERRnoaccess);
4329 END_PROFILE(SMBlseek);
4336 reply_outbuf(req, 2, 0);
4337 SIVAL(req->outbuf,smb_vwv0,res);
4339 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
4340 fsp->fnum, (double)startpos, (double)res, mode));
4342 END_PROFILE(SMBlseek);
4346 /****************************************************************************
4348 ****************************************************************************/
4350 void reply_flush(struct smb_request *req)
4352 connection_struct *conn = req->conn;
4356 START_PROFILE(SMBflush);
4359 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4363 fnum = SVAL(req->vwv+0, 0);
4364 fsp = file_fsp(req, fnum);
4366 if ((fnum != 0xFFFF) && !check_fsp(conn, req, fsp)) {
4371 file_sync_all(conn);
4373 NTSTATUS status = sync_file(conn, fsp, True);
4374 if (!NT_STATUS_IS_OK(status)) {
4375 DEBUG(5,("reply_flush: sync_file for %s returned %s\n",
4376 fsp->fsp_name, nt_errstr(status) ));
4377 reply_nterror(req, status);
4378 END_PROFILE(SMBflush);
4383 reply_outbuf(req, 0, 0);
4385 DEBUG(3,("flush\n"));
4386 END_PROFILE(SMBflush);
4390 /****************************************************************************
4392 conn POINTER CAN BE NULL HERE !
4393 ****************************************************************************/
4395 void reply_exit(struct smb_request *req)
4397 START_PROFILE(SMBexit);
4399 file_close_pid(req->smbpid, req->vuid);
4401 reply_outbuf(req, 0, 0);
4403 DEBUG(3,("exit\n"));
4405 END_PROFILE(SMBexit);
4409 /****************************************************************************
4410 Reply to a close - has to deal with closing a directory opened by NT SMB's.
4411 ****************************************************************************/
4413 void reply_close(struct smb_request *req)
4415 connection_struct *conn = req->conn;
4416 NTSTATUS status = NT_STATUS_OK;
4417 files_struct *fsp = NULL;
4418 START_PROFILE(SMBclose);
4421 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4422 END_PROFILE(SMBclose);
4426 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4429 * We can only use check_fsp if we know it's not a directory.
4432 if(!fsp || (fsp->conn != conn) || (fsp->vuid != req->vuid)) {
4433 reply_doserror(req, ERRDOS, ERRbadfid);
4434 END_PROFILE(SMBclose);
4438 if(fsp->is_directory) {
4440 * Special case - close NT SMB directory handle.
4442 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
4443 status = close_file(req, fsp, NORMAL_CLOSE);
4447 * Close ordinary file.
4450 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
4451 fsp->fh->fd, fsp->fnum,
4452 conn->num_files_open));
4455 * Take care of any time sent in the close.
4458 t = srv_make_unix_date3(req->vwv+1);
4459 set_close_write_time(fsp, convert_time_t_to_timespec(t));
4462 * close_file() returns the unix errno if an error
4463 * was detected on close - normally this is due to
4464 * a disk full error. If not then it was probably an I/O error.
4467 status = close_file(req, fsp, NORMAL_CLOSE);
4470 if (!NT_STATUS_IS_OK(status)) {
4471 reply_nterror(req, status);
4472 END_PROFILE(SMBclose);
4476 reply_outbuf(req, 0, 0);
4477 END_PROFILE(SMBclose);
4481 /****************************************************************************
4482 Reply to a writeclose (Core+ protocol).
4483 ****************************************************************************/
4485 void reply_writeclose(struct smb_request *req)
4487 connection_struct *conn = req->conn;
4489 ssize_t nwritten = -1;
4490 NTSTATUS close_status = NT_STATUS_OK;
4493 struct timespec mtime;
4495 struct lock_struct lock;
4497 START_PROFILE(SMBwriteclose);
4500 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4501 END_PROFILE(SMBwriteclose);
4505 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4507 if (!check_fsp(conn, req, fsp)) {
4508 END_PROFILE(SMBwriteclose);
4511 if (!CHECK_WRITE(fsp)) {
4512 reply_doserror(req, ERRDOS,ERRbadaccess);
4513 END_PROFILE(SMBwriteclose);
4517 numtowrite = SVAL(req->vwv+1, 0);
4518 startpos = IVAL_TO_SMB_OFF_T(req->vwv+2, 0);
4519 mtime = convert_time_t_to_timespec(srv_make_unix_date3(req->vwv+4));
4520 data = (const char *)req->buf + 1;
4523 init_strict_lock_struct(fsp, (uint32)req->smbpid,
4524 (uint64_t)startpos, (uint64_t)numtowrite, WRITE_LOCK,
4527 if (!SMB_VFS_STRICT_LOCK(conn, fsp, &lock)) {
4528 reply_doserror(req, ERRDOS,ERRlock);
4529 END_PROFILE(SMBwriteclose);
4534 nwritten = write_file(req,fsp,data,startpos,numtowrite);
4536 set_close_write_time(fsp, mtime);
4539 * More insanity. W2K only closes the file if writelen > 0.
4544 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
4546 close_status = close_file(req, fsp, NORMAL_CLOSE);
4549 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
4550 fsp->fnum, (int)numtowrite, (int)nwritten,
4551 conn->num_files_open));
4553 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
4554 reply_doserror(req, ERRHRD, ERRdiskfull);
4558 if(!NT_STATUS_IS_OK(close_status)) {
4559 reply_nterror(req, close_status);
4563 reply_outbuf(req, 1, 0);
4565 SSVAL(req->outbuf,smb_vwv0,nwritten);
4569 SMB_VFS_STRICT_UNLOCK(conn, fsp, &lock);
4572 END_PROFILE(SMBwriteclose);
4577 #define DBGC_CLASS DBGC_LOCKING
4579 /****************************************************************************
4581 ****************************************************************************/
4583 void reply_lock(struct smb_request *req)
4585 connection_struct *conn = req->conn;
4586 uint64_t count,offset;
4589 struct byte_range_lock *br_lck = NULL;
4591 START_PROFILE(SMBlock);
4594 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4595 END_PROFILE(SMBlock);
4599 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4601 if (!check_fsp(conn, req, fsp)) {
4602 END_PROFILE(SMBlock);
4606 count = (uint64_t)IVAL(req->vwv+1, 0);
4607 offset = (uint64_t)IVAL(req->vwv+3, 0);
4609 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4610 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
4612 br_lck = do_lock(smbd_messaging_context(),
4619 False, /* Non-blocking lock. */
4624 TALLOC_FREE(br_lck);
4626 if (NT_STATUS_V(status)) {
4627 reply_nterror(req, status);
4628 END_PROFILE(SMBlock);
4632 reply_outbuf(req, 0, 0);
4634 END_PROFILE(SMBlock);
4638 /****************************************************************************
4640 ****************************************************************************/
4642 void reply_unlock(struct smb_request *req)
4644 connection_struct *conn = req->conn;
4645 uint64_t count,offset;
4649 START_PROFILE(SMBunlock);
4652 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4653 END_PROFILE(SMBunlock);
4657 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4659 if (!check_fsp(conn, req, fsp)) {
4660 END_PROFILE(SMBunlock);
4664 count = (uint64_t)IVAL(req->vwv+1, 0);
4665 offset = (uint64_t)IVAL(req->vwv+3, 0);
4667 status = do_unlock(smbd_messaging_context(),
4674 if (NT_STATUS_V(status)) {
4675 reply_nterror(req, status);
4676 END_PROFILE(SMBunlock);
4680 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
4681 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
4683 reply_outbuf(req, 0, 0);
4685 END_PROFILE(SMBunlock);
4690 #define DBGC_CLASS DBGC_ALL
4692 /****************************************************************************
4694 conn POINTER CAN BE NULL HERE !
4695 ****************************************************************************/
4697 void reply_tdis(struct smb_request *req)
4699 connection_struct *conn = req->conn;
4700 START_PROFILE(SMBtdis);
4703 DEBUG(4,("Invalid connection in tdis\n"));
4704 reply_doserror(req, ERRSRV, ERRinvnid);
4705 END_PROFILE(SMBtdis);
4711 close_cnum(conn,req->vuid);
4714 reply_outbuf(req, 0, 0);
4715 END_PROFILE(SMBtdis);
4719 /****************************************************************************
4721 conn POINTER CAN BE NULL HERE !
4722 ****************************************************************************/
4724 void reply_echo(struct smb_request *req)
4726 connection_struct *conn = req->conn;
4727 struct smb_perfcount_data local_pcd;
4728 struct smb_perfcount_data *cur_pcd;
4732 START_PROFILE(SMBecho);
4734 smb_init_perfcount_data(&local_pcd);
4737 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4738 END_PROFILE(SMBecho);
4742 smb_reverb = SVAL(req->vwv+0, 0);
4744 reply_outbuf(req, 1, req->buflen);
4746 /* copy any incoming data back out */
4747 if (req->buflen > 0) {
4748 memcpy(smb_buf(req->outbuf), req->buf, req->buflen);
4751 if (smb_reverb > 100) {
4752 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
4756 for (seq_num = 1 ; seq_num <= smb_reverb ; seq_num++) {
4758 /* this makes sure we catch the request pcd */
4759 if (seq_num == smb_reverb) {
4760 cur_pcd = &req->pcd;
4762 SMB_PERFCOUNT_COPY_CONTEXT(&req->pcd, &local_pcd);
4763 cur_pcd = &local_pcd;
4766 SSVAL(req->outbuf,smb_vwv0,seq_num);
4768 show_msg((char *)req->outbuf);
4769 if (!srv_send_smb(smbd_server_fd(),
4770 (char *)req->outbuf,
4771 true, req->seqnum+1,
4772 IS_CONN_ENCRYPTED(conn)||req->encrypted,
4774 exit_server_cleanly("reply_echo: srv_send_smb failed.");
4777 DEBUG(3,("echo %d times\n", smb_reverb));
4779 TALLOC_FREE(req->outbuf);
4781 END_PROFILE(SMBecho);
4785 /****************************************************************************
4786 Reply to a printopen.
4787 ****************************************************************************/
4789 void reply_printopen(struct smb_request *req)
4791 connection_struct *conn = req->conn;
4793 SMB_STRUCT_STAT sbuf;
4796 START_PROFILE(SMBsplopen);
4799 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4800 END_PROFILE(SMBsplopen);
4804 if (!CAN_PRINT(conn)) {
4805 reply_doserror(req, ERRDOS, ERRnoaccess);
4806 END_PROFILE(SMBsplopen);
4810 status = file_new(req, conn, &fsp);
4811 if(!NT_STATUS_IS_OK(status)) {
4812 reply_nterror(req, status);
4813 END_PROFILE(SMBsplopen);
4817 /* Open for exclusive use, write only. */
4818 status = print_fsp_open(req, conn, NULL, req->vuid, fsp, &sbuf);
4820 if (!NT_STATUS_IS_OK(status)) {
4821 reply_nterror(req, status);
4822 END_PROFILE(SMBsplopen);
4826 reply_outbuf(req, 1, 0);
4827 SSVAL(req->outbuf,smb_vwv0,fsp->fnum);
4829 DEBUG(3,("openprint fd=%d fnum=%d\n",
4830 fsp->fh->fd, fsp->fnum));
4832 END_PROFILE(SMBsplopen);
4836 /****************************************************************************
4837 Reply to a printclose.
4838 ****************************************************************************/
4840 void reply_printclose(struct smb_request *req)
4842 connection_struct *conn = req->conn;
4846 START_PROFILE(SMBsplclose);
4849 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4850 END_PROFILE(SMBsplclose);
4854 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4856 if (!check_fsp(conn, req, fsp)) {
4857 END_PROFILE(SMBsplclose);
4861 if (!CAN_PRINT(conn)) {
4862 reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRerror));
4863 END_PROFILE(SMBsplclose);
4867 DEBUG(3,("printclose fd=%d fnum=%d\n",
4868 fsp->fh->fd,fsp->fnum));
4870 status = close_file(req, fsp, NORMAL_CLOSE);
4872 if(!NT_STATUS_IS_OK(status)) {
4873 reply_nterror(req, status);
4874 END_PROFILE(SMBsplclose);
4878 reply_outbuf(req, 0, 0);
4880 END_PROFILE(SMBsplclose);
4884 /****************************************************************************
4885 Reply to a printqueue.
4886 ****************************************************************************/
4888 void reply_printqueue(struct smb_request *req)
4890 connection_struct *conn = req->conn;
4894 START_PROFILE(SMBsplretq);
4897 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4898 END_PROFILE(SMBsplretq);
4902 max_count = SVAL(req->vwv+0, 0);
4903 start_index = SVAL(req->vwv+1, 0);
4905 /* we used to allow the client to get the cnum wrong, but that
4906 is really quite gross and only worked when there was only
4907 one printer - I think we should now only accept it if they
4908 get it right (tridge) */
4909 if (!CAN_PRINT(conn)) {
4910 reply_doserror(req, ERRDOS, ERRnoaccess);
4911 END_PROFILE(SMBsplretq);
4915 reply_outbuf(req, 2, 3);
4916 SSVAL(req->outbuf,smb_vwv0,0);
4917 SSVAL(req->outbuf,smb_vwv1,0);
4918 SCVAL(smb_buf(req->outbuf),0,1);
4919 SSVAL(smb_buf(req->outbuf),1,0);
4921 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
4922 start_index, max_count));
4925 print_queue_struct *queue = NULL;
4926 print_status_struct status;
4927 int count = print_queue_status(SNUM(conn), &queue, &status);
4928 int num_to_get = ABS(max_count);
4929 int first = (max_count>0?start_index:start_index+max_count+1);
4935 num_to_get = MIN(num_to_get,count-first);
4938 for (i=first;i<first+num_to_get;i++) {
4942 srv_put_dos_date2(p,0,queue[i].time);
4943 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
4944 SSVAL(p,5, queue[i].job);
4945 SIVAL(p,7,queue[i].size);
4947 srvstr_push(blob, req->flags2, p+12,
4948 queue[i].fs_user, 16, STR_ASCII);
4950 if (message_push_blob(
4953 blob, sizeof(blob))) == -1) {
4954 reply_nterror(req, NT_STATUS_NO_MEMORY);
4955 END_PROFILE(SMBsplretq);
4961 SSVAL(req->outbuf,smb_vwv0,count);
4962 SSVAL(req->outbuf,smb_vwv1,
4963 (max_count>0?first+count:first-1));
4964 SCVAL(smb_buf(req->outbuf),0,1);
4965 SSVAL(smb_buf(req->outbuf),1,28*count);
4970 DEBUG(3,("%d entries returned in queue\n",count));
4973 END_PROFILE(SMBsplretq);
4977 /****************************************************************************
4978 Reply to a printwrite.
4979 ****************************************************************************/
4981 void reply_printwrite(struct smb_request *req)
4983 connection_struct *conn = req->conn;
4988 START_PROFILE(SMBsplwr);
4991 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
4992 END_PROFILE(SMBsplwr);
4996 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
4998 if (!check_fsp(conn, req, fsp)) {
4999 END_PROFILE(SMBsplwr);
5003 if (!CAN_PRINT(conn)) {
5004 reply_doserror(req, ERRDOS, ERRnoaccess);
5005 END_PROFILE(SMBsplwr);
5009 if (!CHECK_WRITE(fsp)) {
5010 reply_doserror(req, ERRDOS, ERRbadaccess);
5011 END_PROFILE(SMBsplwr);
5015 numtowrite = SVAL(req->buf, 1);
5017 if (req->buflen < numtowrite + 3) {
5018 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
5019 END_PROFILE(SMBsplwr);
5023 data = (const char *)req->buf + 3;
5025 if (write_file(req,fsp,data,-1,numtowrite) != numtowrite) {
5026 reply_unixerror(req, ERRHRD, ERRdiskfull);
5027 END_PROFILE(SMBsplwr);
5031 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
5033 END_PROFILE(SMBsplwr);
5037 /****************************************************************************
5039 ****************************************************************************/
5041 void reply_mkdir(struct smb_request *req)
5043 connection_struct *conn = req->conn;
5044 char *directory = NULL;
5046 SMB_STRUCT_STAT sbuf;
5047 TALLOC_CTX *ctx = talloc_tos();
5049 START_PROFILE(SMBmkdir);
5051 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5052 STR_TERMINATE, &status);
5053 if (!NT_STATUS_IS_OK(status)) {
5054 reply_nterror(req, status);
5055 END_PROFILE(SMBmkdir);
5059 status = resolve_dfspath(ctx, conn,
5060 req->flags2 & FLAGS2_DFS_PATHNAMES,
5063 if (!NT_STATUS_IS_OK(status)) {
5064 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5065 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5066 ERRSRV, ERRbadpath);
5067 END_PROFILE(SMBmkdir);
5070 reply_nterror(req, status);
5071 END_PROFILE(SMBmkdir);
5075 status = unix_convert(ctx, conn, directory, False, &directory, NULL, &sbuf);
5076 if (!NT_STATUS_IS_OK(status)) {
5077 reply_nterror(req, status);
5078 END_PROFILE(SMBmkdir);
5082 status = check_name(conn, directory);
5083 if (!NT_STATUS_IS_OK(status)) {
5084 reply_nterror(req, status);
5085 END_PROFILE(SMBmkdir);
5089 status = create_directory(conn, req, directory);
5091 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
5093 if (!NT_STATUS_IS_OK(status)) {
5095 if (!use_nt_status()
5096 && NT_STATUS_EQUAL(status,
5097 NT_STATUS_OBJECT_NAME_COLLISION)) {
5099 * Yes, in the DOS error code case we get a
5100 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
5101 * samba4 torture test.
5103 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
5106 reply_nterror(req, status);
5107 END_PROFILE(SMBmkdir);
5111 reply_outbuf(req, 0, 0);
5113 DEBUG( 3, ( "mkdir %s\n", directory ) );
5115 END_PROFILE(SMBmkdir);
5119 /****************************************************************************
5120 Static function used by reply_rmdir to delete an entire directory
5121 tree recursively. Return True on ok, False on fail.
5122 ****************************************************************************/
5124 static bool recursive_rmdir(TALLOC_CTX *ctx,
5125 connection_struct *conn,
5128 const char *dname = NULL;
5132 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn, directory,
5138 while((dname = ReadDirName(dir_hnd, &offset, &st))) {
5139 char *fullname = NULL;
5141 if (ISDOT(dname) || ISDOTDOT(dname)) {
5145 if (!is_visible_file(conn, directory, dname, &st, False)) {
5149 /* Construct the full name. */
5150 fullname = talloc_asprintf(ctx,
5160 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5165 if(st.st_mode & S_IFDIR) {
5166 if(!recursive_rmdir(ctx, conn, fullname)) {
5170 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5174 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5178 TALLOC_FREE(fullname);
5180 TALLOC_FREE(dir_hnd);
5184 /****************************************************************************
5185 The internals of the rmdir code - called elsewhere.
5186 ****************************************************************************/
5188 NTSTATUS rmdir_internals(TALLOC_CTX *ctx,
5189 connection_struct *conn,
5190 const char *directory)
5195 /* Might be a symlink. */
5196 if(SMB_VFS_LSTAT(conn, directory, &st) != 0) {
5197 return map_nt_error_from_unix(errno);
5200 if (S_ISLNK(st.st_mode)) {
5201 /* Is what it points to a directory ? */
5202 if(SMB_VFS_STAT(conn, directory, &st) != 0) {
5203 return map_nt_error_from_unix(errno);
5205 if (!(S_ISDIR(st.st_mode))) {
5206 return NT_STATUS_NOT_A_DIRECTORY;
5208 ret = SMB_VFS_UNLINK(conn,directory);
5210 ret = SMB_VFS_RMDIR(conn,directory);
5213 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5214 FILE_NOTIFY_CHANGE_DIR_NAME,
5216 return NT_STATUS_OK;
5219 if(((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
5221 * Check to see if the only thing in this directory are
5222 * vetoed files/directories. If so then delete them and
5223 * retry. If we fail to delete any of them (and we *don't*
5224 * do a recursive delete) then fail the rmdir.
5228 struct smb_Dir *dir_hnd = OpenDir(talloc_tos(), conn,
5229 directory, NULL, 0);
5231 if(dir_hnd == NULL) {
5236 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5237 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
5239 if (!is_visible_file(conn, directory, dname, &st, False))
5241 if(!IS_VETO_PATH(conn, dname)) {
5242 TALLOC_FREE(dir_hnd);
5248 /* We only have veto files/directories.
5249 * Are we allowed to delete them ? */
5251 if(!lp_recursive_veto_delete(SNUM(conn))) {
5252 TALLOC_FREE(dir_hnd);
5257 /* Do a recursive delete. */
5258 RewindDir(dir_hnd,&dirpos);
5259 while ((dname = ReadDirName(dir_hnd, &dirpos, &st))) {
5260 char *fullname = NULL;
5262 if (ISDOT(dname) || ISDOTDOT(dname)) {
5265 if (!is_visible_file(conn, directory, dname, &st, False)) {
5269 fullname = talloc_asprintf(ctx,
5279 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
5282 if(st.st_mode & S_IFDIR) {
5283 if(!recursive_rmdir(ctx, conn, fullname)) {
5286 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
5289 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
5292 TALLOC_FREE(fullname);
5294 TALLOC_FREE(dir_hnd);
5295 /* Retry the rmdir */
5296 ret = SMB_VFS_RMDIR(conn,directory);
5302 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
5303 "%s\n", directory,strerror(errno)));
5304 return map_nt_error_from_unix(errno);
5307 notify_fname(conn, NOTIFY_ACTION_REMOVED,
5308 FILE_NOTIFY_CHANGE_DIR_NAME,
5311 return NT_STATUS_OK;
5314 /****************************************************************************
5316 ****************************************************************************/
5318 void reply_rmdir(struct smb_request *req)
5320 connection_struct *conn = req->conn;
5321 char *directory = NULL;
5322 SMB_STRUCT_STAT sbuf;
5324 TALLOC_CTX *ctx = talloc_tos();
5326 START_PROFILE(SMBrmdir);
5328 srvstr_get_path_req(ctx, req, &directory, (const char *)req->buf + 1,
5329 STR_TERMINATE, &status);
5330 if (!NT_STATUS_IS_OK(status)) {
5331 reply_nterror(req, status);
5332 END_PROFILE(SMBrmdir);
5336 status = resolve_dfspath(ctx, conn,
5337 req->flags2 & FLAGS2_DFS_PATHNAMES,
5340 if (!NT_STATUS_IS_OK(status)) {
5341 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
5342 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
5343 ERRSRV, ERRbadpath);
5344 END_PROFILE(SMBrmdir);
5347 reply_nterror(req, status);
5348 END_PROFILE(SMBrmdir);
5352 status = unix_convert(ctx, conn, directory, False, &directory,
5354 if (!NT_STATUS_IS_OK(status)) {
5355 reply_nterror(req, status);
5356 END_PROFILE(SMBrmdir);
5360 status = check_name(conn, directory);
5361 if (!NT_STATUS_IS_OK(status)) {
5362 reply_nterror(req, status);
5363 END_PROFILE(SMBrmdir);
5367 dptr_closepath(directory, req->smbpid);
5368 status = rmdir_internals(ctx, conn, directory);
5369 if (!NT_STATUS_IS_OK(status)) {
5370 reply_nterror(req, status);
5371 END_PROFILE(SMBrmdir);
5375 reply_outbuf(req, 0, 0);
5377 DEBUG( 3, ( "rmdir %s\n", directory ) );
5379 END_PROFILE(SMBrmdir);
5383 /*******************************************************************
5384 Resolve wildcards in a filename rename.
5385 ********************************************************************/
5387 static bool resolve_wildcards(TALLOC_CTX *ctx,
5392 char *name2_copy = NULL;
5397 char *p,*p2, *pname1, *pname2;
5399 name2_copy = talloc_strdup(ctx, name2);
5404 pname1 = strrchr_m(name1,'/');
5405 pname2 = strrchr_m(name2_copy,'/');
5407 if (!pname1 || !pname2) {
5411 /* Truncate the copy of name2 at the last '/' */
5414 /* Now go past the '/' */
5418 root1 = talloc_strdup(ctx, pname1);
5419 root2 = talloc_strdup(ctx, pname2);
5421 if (!root1 || !root2) {
5425 p = strrchr_m(root1,'.');
5428 ext1 = talloc_strdup(ctx, p+1);
5430 ext1 = talloc_strdup(ctx, "");
5432 p = strrchr_m(root2,'.');
5435 ext2 = talloc_strdup(ctx, p+1);
5437 ext2 = talloc_strdup(ctx, "");
5440 if (!ext1 || !ext2) {
5448 /* Hmmm. Should this be mb-aware ? */
5451 } else if (*p2 == '*') {
5453 root2 = talloc_asprintf(ctx, "%s%s",
5472 /* Hmmm. Should this be mb-aware ? */
5475 } else if (*p2 == '*') {
5477 ext2 = talloc_asprintf(ctx, "%s%s",
5493 *pp_newname = talloc_asprintf(ctx, "%s/%s.%s",
5498 *pp_newname = talloc_asprintf(ctx, "%s/%s",
5510 /****************************************************************************
5511 Ensure open files have their names updated. Updated to notify other smbd's
5513 ****************************************************************************/
5515 static void rename_open_files(connection_struct *conn,
5516 struct share_mode_lock *lck,
5517 const char *newname)
5520 bool did_rename = False;
5522 for(fsp = file_find_di_first(lck->id); fsp;
5523 fsp = file_find_di_next(fsp)) {
5524 /* fsp_name is a relative path under the fsp. To change this for other
5525 sharepaths we need to manipulate relative paths. */
5526 /* TODO - create the absolute path and manipulate the newname
5527 relative to the sharepath. */
5528 if (!strequal(fsp->conn->connectpath, conn->connectpath)) {
5531 DEBUG(10,("rename_open_files: renaming file fnum %d (file_id %s) from %s -> %s\n",
5532 fsp->fnum, file_id_string_tos(&fsp->file_id),
5533 fsp->fsp_name, newname ));
5534 string_set(&fsp->fsp_name, newname);
5539 DEBUG(10,("rename_open_files: no open files on file_id %s for %s\n",
5540 file_id_string_tos(&lck->id), newname ));
5543 /* Send messages to all smbd's (not ourself) that the name has changed. */
5544 rename_share_filename(smbd_messaging_context(), lck, conn->connectpath,
5548 /****************************************************************************
5549 We need to check if the source path is a parent directory of the destination
5550 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
5551 refuse the rename with a sharing violation. Under UNIX the above call can
5552 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
5553 probably need to check that the client is a Windows one before disallowing
5554 this as a UNIX client (one with UNIX extensions) can know the source is a
5555 symlink and make this decision intelligently. Found by an excellent bug
5556 report from <AndyLiebman@aol.com>.
5557 ****************************************************************************/
5559 static bool rename_path_prefix_equal(const char *src, const char *dest)
5561 const char *psrc = src;
5562 const char *pdst = dest;
5565 if (psrc[0] == '.' && psrc[1] == '/') {
5568 if (pdst[0] == '.' && pdst[1] == '/') {
5571 if ((slen = strlen(psrc)) > strlen(pdst)) {
5574 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
5578 * Do the notify calls from a rename
5581 static void notify_rename(connection_struct *conn, bool is_dir,
5582 const char *oldpath, const char *newpath)
5584 char *olddir, *newdir;
5585 const char *oldname, *newname;
5588 mask = is_dir ? FILE_NOTIFY_CHANGE_DIR_NAME
5589 : FILE_NOTIFY_CHANGE_FILE_NAME;
5591 if (!parent_dirname(talloc_tos(), oldpath, &olddir, &oldname)
5592 || !parent_dirname(talloc_tos(), newpath, &newdir, &newname)) {
5593 TALLOC_FREE(olddir);
5597 if (strcmp(olddir, newdir) == 0) {
5598 notify_fname(conn, NOTIFY_ACTION_OLD_NAME, mask, oldpath);
5599 notify_fname(conn, NOTIFY_ACTION_NEW_NAME, mask, newpath);
5602 notify_fname(conn, NOTIFY_ACTION_REMOVED, mask, oldpath);
5603 notify_fname(conn, NOTIFY_ACTION_ADDED, mask, newpath);
5605 TALLOC_FREE(olddir);
5606 TALLOC_FREE(newdir);
5608 /* this is a strange one. w2k3 gives an additional event for
5609 CHANGE_ATTRIBUTES and CHANGE_CREATION on the new file when renaming
5610 files, but not directories */
5612 notify_fname(conn, NOTIFY_ACTION_MODIFIED,
5613 FILE_NOTIFY_CHANGE_ATTRIBUTES
5614 |FILE_NOTIFY_CHANGE_CREATION,
5619 /****************************************************************************
5620 Rename an open file - given an fsp.
5621 ****************************************************************************/
5623 NTSTATUS rename_internals_fsp(connection_struct *conn,
5626 const char *newname_last_component,
5628 bool replace_if_exists)
5630 TALLOC_CTX *ctx = talloc_tos();
5631 SMB_STRUCT_STAT sbuf, sbuf1;
5632 NTSTATUS status = NT_STATUS_OK;
5633 struct share_mode_lock *lck = NULL;
5634 bool dst_exists, old_is_stream, new_is_stream;
5638 status = check_name(conn, newname);
5639 if (!NT_STATUS_IS_OK(status)) {
5643 /* Ensure newname contains a '/' */
5644 if(strrchr_m(newname,'/') == 0) {
5645 newname = talloc_asprintf(ctx,
5649 return NT_STATUS_NO_MEMORY;
5654 * Check for special case with case preserving and not
5655 * case sensitive. If the old last component differs from the original
5656 * last component only by case, then we should allow
5657 * the rename (user is trying to change the case of the
5661 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
5662 strequal(newname, fsp->fsp_name)) {
5664 char *newname_modified_last_component = NULL;
5667 * Get the last component of the modified name.
5668 * Note that we guarantee that newname contains a '/'
5671 p = strrchr_m(newname,'/');
5672 newname_modified_last_component = talloc_strdup(ctx,
5674 if (!newname_modified_last_component) {
5675 return NT_STATUS_NO_MEMORY;
5678 if(strcsequal(newname_modified_last_component,
5679 newname_last_component) == False) {
5681 * Replace the modified last component with
5684 *p = '\0'; /* Truncate at the '/' */
5685 newname = talloc_asprintf(ctx,
5688 newname_last_component);
5693 * If the src and dest names are identical - including case,
5694 * don't do the rename, just return success.
5697 if (strcsequal(fsp->fsp_name, newname)) {
5698 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
5700 return NT_STATUS_OK;
5703 old_is_stream = is_ntfs_stream_name(fsp->fsp_name);
5704 new_is_stream = is_ntfs_stream_name(newname);
5706 /* Return the correct error code if both names aren't streams. */
5707 if (!old_is_stream && new_is_stream) {
5708 return NT_STATUS_OBJECT_NAME_INVALID;
5711 if (old_is_stream && !new_is_stream) {
5712 return NT_STATUS_INVALID_PARAMETER;
5716 * Have vfs_object_exist also fill sbuf1
5718 dst_exists = vfs_object_exist(conn, newname, &sbuf1);
5720 if(!replace_if_exists && dst_exists) {
5721 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
5722 fsp->fsp_name,newname));
5723 return NT_STATUS_OBJECT_NAME_COLLISION;
5727 struct file_id fileid = vfs_file_id_from_sbuf(conn, &sbuf1);
5728 files_struct *dst_fsp = file_find_di_first(fileid);
5729 /* The file can be open when renaming a stream */
5730 if (dst_fsp && !new_is_stream) {
5731 DEBUG(3, ("rename_internals_fsp: Target file open\n"));
5732 return NT_STATUS_ACCESS_DENIED;
5736 /* Ensure we have a valid stat struct for the source. */
5737 if (fsp->fh->fd != -1) {
5738 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
5739 return map_nt_error_from_unix(errno);
5743 if (fsp->posix_open) {
5744 ret = SMB_VFS_LSTAT(conn,fsp->fsp_name,&sbuf);
5746 ret = SMB_VFS_STAT(conn,fsp->fsp_name,&sbuf);
5749 return map_nt_error_from_unix(errno);
5753 status = can_rename(conn, fsp, attrs, &sbuf);
5755 if (!NT_STATUS_IS_OK(status)) {
5756 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5757 nt_errstr(status), fsp->fsp_name,newname));
5758 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
5759 status = NT_STATUS_ACCESS_DENIED;
5763 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
5764 return NT_STATUS_ACCESS_DENIED;
5767 lck = get_share_mode_lock(talloc_tos(), fsp->file_id, NULL, NULL,
5771 * We have the file open ourselves, so not being able to get the
5772 * corresponding share mode lock is a fatal error.
5775 SMB_ASSERT(lck != NULL);
5777 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
5778 uint32 create_options = fsp->fh->private_options;
5780 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
5781 fsp->fsp_name,newname));
5783 notify_rename(conn, fsp->is_directory, fsp->fsp_name, newname);
5785 rename_open_files(conn, lck, newname);
5788 * A rename acts as a new file create w.r.t. allowing an initial delete
5789 * on close, probably because in Windows there is a new handle to the
5790 * new file. If initial delete on close was requested but not
5791 * originally set, we need to set it here. This is probably not 100% correct,
5792 * but will work for the CIFSFS client which in non-posix mode
5793 * depends on these semantics. JRA.
5796 if (create_options & FILE_DELETE_ON_CLOSE) {
5797 status = can_set_delete_on_close(fsp, True, 0);
5799 if (NT_STATUS_IS_OK(status)) {
5800 /* Note that here we set the *inital* delete on close flag,
5801 * not the regular one. The magic gets handled in close. */
5802 fsp->initial_delete_on_close = True;
5806 return NT_STATUS_OK;
5811 if (errno == ENOTDIR || errno == EISDIR) {
5812 status = NT_STATUS_OBJECT_NAME_COLLISION;
5814 status = map_nt_error_from_unix(errno);
5817 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
5818 nt_errstr(status), fsp->fsp_name,newname));
5823 /****************************************************************************
5824 The guts of the rename command, split out so it may be called by the NT SMB
5826 ****************************************************************************/
5828 NTSTATUS rename_internals(TALLOC_CTX *ctx,
5829 connection_struct *conn,
5830 struct smb_request *req,
5831 const char *name_in,
5832 const char *newname_in,
5834 bool replace_if_exists,
5837 uint32_t access_mask)
5839 char *directory = NULL;
5841 char *last_component_src = NULL;
5842 char *last_component_dest = NULL;
5844 char *newname = NULL;
5847 NTSTATUS status = NT_STATUS_OK;
5848 SMB_STRUCT_STAT sbuf1, sbuf2;
5849 struct smb_Dir *dir_hnd = NULL;
5852 int create_options = 0;
5853 bool posix_pathnames = lp_posix_pathnames();
5858 status = unix_convert(ctx, conn, name_in, src_has_wild, &name,
5859 &last_component_src, &sbuf1);
5860 if (!NT_STATUS_IS_OK(status)) {
5864 status = unix_convert(ctx, conn, newname_in, dest_has_wild, &newname,
5865 &last_component_dest, &sbuf2);
5866 if (!NT_STATUS_IS_OK(status)) {
5871 * Split the old name into directory and last component
5872 * strings. Note that unix_convert may have stripped off a
5873 * leading ./ from both name and newname if the rename is
5874 * at the root of the share. We need to make sure either both
5875 * name and newname contain a / character or neither of them do
5876 * as this is checked in resolve_wildcards().
5879 p = strrchr_m(name,'/');
5881 directory = talloc_strdup(ctx, ".");
5883 return NT_STATUS_NO_MEMORY;
5888 directory = talloc_strdup(ctx, name);
5890 return NT_STATUS_NO_MEMORY;
5893 *p = '/'; /* Replace needed for exceptional test below. */
5897 * We should only check the mangled cache
5898 * here if unix_convert failed. This means
5899 * that the path in 'mask' doesn't exist
5900 * on the file system and so we need to look
5901 * for a possible mangle. This patch from
5902 * Tine Smukavec <valentin.smukavec@hermes.si>.
5905 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
5906 char *new_mask = NULL;
5907 mangle_lookup_name_from_8_3(ctx,
5916 if (!src_has_wild) {
5920 * No wildcards - just process the one file.
5922 bool is_short_name = mangle_is_8_3(name, True, conn->params);
5924 /* Add a terminating '/' to the directory name. */
5925 directory = talloc_asprintf_append(directory,
5929 return NT_STATUS_NO_MEMORY;
5932 /* Ensure newname contains a '/' also */
5933 if(strrchr_m(newname,'/') == 0) {
5934 newname = talloc_asprintf(ctx,
5938 return NT_STATUS_NO_MEMORY;
5942 DEBUG(3, ("rename_internals: case_sensitive = %d, "
5943 "case_preserve = %d, short case preserve = %d, "
5944 "directory = %s, newname = %s, "
5945 "last_component_dest = %s, is_8_3 = %d\n",
5946 conn->case_sensitive, conn->case_preserve,
5947 conn->short_case_preserve, directory,
5948 newname, last_component_dest, is_short_name));
5950 /* The dest name still may have wildcards. */
5951 if (dest_has_wild) {
5952 char *mod_newname = NULL;
5953 if (!resolve_wildcards(ctx,
5954 directory,newname,&mod_newname)) {
5955 DEBUG(6, ("rename_internals: resolve_wildcards "
5959 return NT_STATUS_NO_MEMORY;
5961 newname = mod_newname;
5965 if (posix_pathnames) {
5966 SMB_VFS_LSTAT(conn, directory, &sbuf1);
5968 SMB_VFS_STAT(conn, directory, &sbuf1);
5971 if (S_ISDIR(sbuf1.st_mode)) {
5972 create_options |= FILE_DIRECTORY_FILE;
5975 status = SMB_VFS_CREATE_FILE(
5978 0, /* root_dir_fid */
5979 directory, /* fname */
5980 0, /* create_file_flags */
5981 access_mask, /* access_mask */
5982 (FILE_SHARE_READ | /* share_access */
5984 FILE_OPEN, /* create_disposition*/
5985 create_options, /* create_options */
5986 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
5987 0, /* oplock_request */
5988 0, /* allocation_size */
5993 &sbuf1); /* psbuf */
5995 if (!NT_STATUS_IS_OK(status)) {
5996 DEBUG(3, ("Could not open rename source %s: %s\n",
5997 directory, nt_errstr(status)));
6001 status = rename_internals_fsp(conn, fsp, newname,
6002 last_component_dest,
6003 attrs, replace_if_exists);
6005 close_file(req, fsp, NORMAL_CLOSE);
6007 DEBUG(3, ("rename_internals: Error %s rename %s -> %s\n",
6008 nt_errstr(status), directory,newname));
6014 * Wildcards - process each file that matches.
6016 if (strequal(mask,"????????.???")) {
6021 status = check_name(conn, directory);
6022 if (!NT_STATUS_IS_OK(status)) {
6026 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, attrs);
6027 if (dir_hnd == NULL) {
6028 return map_nt_error_from_unix(errno);
6031 status = NT_STATUS_NO_SUCH_FILE;
6033 * Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
6034 * - gentest fix. JRA
6037 while ((dname = ReadDirName(dir_hnd, &offset, &sbuf1))) {
6038 files_struct *fsp = NULL;
6040 char *destname = NULL;
6041 bool sysdir_entry = False;
6043 /* Quick check for "." and ".." */
6044 if (ISDOT(dname) || ISDOTDOT(dname)) {
6046 sysdir_entry = True;
6052 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6056 if(!mask_match(dname, mask, conn->case_sensitive)) {
6061 status = NT_STATUS_OBJECT_NAME_INVALID;
6065 fname = talloc_asprintf(ctx,
6070 return NT_STATUS_NO_MEMORY;
6073 if (!resolve_wildcards(ctx,
6074 fname,newname,&destname)) {
6075 DEBUG(6, ("resolve_wildcards %s %s failed\n",
6081 return NT_STATUS_NO_MEMORY;
6085 if (posix_pathnames) {
6086 SMB_VFS_LSTAT(conn, fname, &sbuf1);
6088 SMB_VFS_STAT(conn, fname, &sbuf1);
6093 if (S_ISDIR(sbuf1.st_mode)) {
6094 create_options |= FILE_DIRECTORY_FILE;
6097 status = SMB_VFS_CREATE_FILE(
6100 0, /* root_dir_fid */
6102 0, /* create_file_flags */
6103 access_mask, /* access_mask */
6104 (FILE_SHARE_READ | /* share_access */
6106 FILE_OPEN, /* create_disposition*/
6107 create_options, /* create_options */
6108 posix_pathnames ? FILE_FLAG_POSIX_SEMANTICS|0777 : 0, /* file_attributes */
6109 0, /* oplock_request */
6110 0, /* allocation_size */
6115 &sbuf1); /* psbuf */
6117 if (!NT_STATUS_IS_OK(status)) {
6118 DEBUG(3,("rename_internals: SMB_VFS_CREATE_FILE "
6119 "returned %s rename %s -> %s\n",
6120 nt_errstr(status), directory, newname));
6124 status = rename_internals_fsp(conn, fsp, destname, dname,
6125 attrs, replace_if_exists);
6127 close_file(req, fsp, NORMAL_CLOSE);
6129 if (!NT_STATUS_IS_OK(status)) {
6130 DEBUG(3, ("rename_internals_fsp returned %s for "
6131 "rename %s -> %s\n", nt_errstr(status),
6132 directory, newname));
6138 DEBUG(3,("rename_internals: doing rename on %s -> "
6139 "%s\n",fname,destname));
6142 TALLOC_FREE(destname);
6144 TALLOC_FREE(dir_hnd);
6146 if (count == 0 && NT_STATUS_IS_OK(status) && errno != 0) {
6147 status = map_nt_error_from_unix(errno);
6153 /****************************************************************************
6155 ****************************************************************************/
6157 void reply_mv(struct smb_request *req)
6159 connection_struct *conn = req->conn;
6161 char *newname = NULL;
6165 bool src_has_wcard = False;
6166 bool dest_has_wcard = False;
6167 TALLOC_CTX *ctx = talloc_tos();
6169 START_PROFILE(SMBmv);
6172 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6177 attrs = SVAL(req->vwv+0, 0);
6179 p = (const char *)req->buf + 1;
6180 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6181 &status, &src_has_wcard);
6182 if (!NT_STATUS_IS_OK(status)) {
6183 reply_nterror(req, status);
6188 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6189 &status, &dest_has_wcard);
6190 if (!NT_STATUS_IS_OK(status)) {
6191 reply_nterror(req, status);
6196 status = resolve_dfspath_wcard(ctx, conn,
6197 req->flags2 & FLAGS2_DFS_PATHNAMES,
6201 if (!NT_STATUS_IS_OK(status)) {
6202 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6203 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6204 ERRSRV, ERRbadpath);
6208 reply_nterror(req, status);
6213 status = resolve_dfspath_wcard(ctx, conn,
6214 req->flags2 & FLAGS2_DFS_PATHNAMES,
6218 if (!NT_STATUS_IS_OK(status)) {
6219 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6220 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6221 ERRSRV, ERRbadpath);
6225 reply_nterror(req, status);
6230 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
6232 status = rename_internals(ctx, conn, req, name, newname, attrs, False,
6233 src_has_wcard, dest_has_wcard, DELETE_ACCESS);
6234 if (!NT_STATUS_IS_OK(status)) {
6235 if (open_was_deferred(req->mid)) {
6236 /* We have re-scheduled this call. */
6240 reply_nterror(req, status);
6245 reply_outbuf(req, 0, 0);
6251 /*******************************************************************
6252 Copy a file as part of a reply_copy.
6253 ******************************************************************/
6256 * TODO: check error codes on all callers
6259 NTSTATUS copy_file(TALLOC_CTX *ctx,
6260 connection_struct *conn,
6265 bool target_is_directory)
6267 SMB_STRUCT_STAT src_sbuf, sbuf2;
6269 files_struct *fsp1,*fsp2;
6272 uint32 new_create_disposition;
6275 dest = talloc_strdup(ctx, dest1);
6277 return NT_STATUS_NO_MEMORY;
6279 if (target_is_directory) {
6280 const char *p = strrchr_m(src,'/');
6286 dest = talloc_asprintf_append(dest,
6290 return NT_STATUS_NO_MEMORY;
6294 if (!vfs_file_exist(conn,src,&src_sbuf)) {
6296 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
6299 if (!target_is_directory && count) {
6300 new_create_disposition = FILE_OPEN;
6302 if (!map_open_params_to_ntcreate(dest1,0,ofun,
6303 NULL, NULL, &new_create_disposition, NULL)) {
6305 return NT_STATUS_INVALID_PARAMETER;
6309 status = SMB_VFS_CREATE_FILE(
6312 0, /* root_dir_fid */
6314 0, /* create_file_flags */
6315 FILE_GENERIC_READ, /* access_mask */
6316 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6317 FILE_OPEN, /* create_disposition*/
6318 0, /* create_options */
6319 FILE_ATTRIBUTE_NORMAL, /* file_attributes */
6320 INTERNAL_OPEN_ONLY, /* oplock_request */
6321 0, /* allocation_size */
6326 &src_sbuf); /* psbuf */
6328 if (!NT_STATUS_IS_OK(status)) {
6333 dosattrs = dos_mode(conn, src, &src_sbuf);
6334 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
6335 ZERO_STRUCTP(&sbuf2);
6338 status = SMB_VFS_CREATE_FILE(
6341 0, /* root_dir_fid */
6343 0, /* create_file_flags */
6344 FILE_GENERIC_WRITE, /* access_mask */
6345 FILE_SHARE_READ | FILE_SHARE_WRITE, /* share_access */
6346 new_create_disposition, /* create_disposition*/
6347 0, /* create_options */
6348 dosattrs, /* file_attributes */
6349 INTERNAL_OPEN_ONLY, /* oplock_request */
6350 0, /* allocation_size */
6355 &sbuf2); /* psbuf */
6359 if (!NT_STATUS_IS_OK(status)) {
6360 close_file(NULL, fsp1, ERROR_CLOSE);
6364 if ((ofun&3) == 1) {
6365 if(SMB_VFS_LSEEK(fsp2,0,SEEK_END) == -1) {
6366 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
6368 * Stop the copy from occurring.
6371 src_sbuf.st_size = 0;
6375 if (src_sbuf.st_size) {
6376 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
6379 close_file(NULL, fsp1, NORMAL_CLOSE);
6381 /* Ensure the modtime is set correctly on the destination file. */
6382 set_close_write_time(fsp2, get_mtimespec(&src_sbuf));
6385 * As we are opening fsp1 read-only we only expect
6386 * an error on close on fsp2 if we are out of space.
6387 * Thus we don't look at the error return from the
6390 status = close_file(NULL, fsp2, NORMAL_CLOSE);
6392 if (!NT_STATUS_IS_OK(status)) {
6396 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
6397 return NT_STATUS_DISK_FULL;
6400 return NT_STATUS_OK;
6403 /****************************************************************************
6404 Reply to a file copy.
6405 ****************************************************************************/
6407 void reply_copy(struct smb_request *req)
6409 connection_struct *conn = req->conn;
6411 char *newname = NULL;
6412 char *directory = NULL;
6413 const char *mask = NULL;
6414 const char mask_star[] = "*";
6417 int error = ERRnoaccess;
6422 bool target_is_directory=False;
6423 bool source_has_wild = False;
6424 bool dest_has_wild = False;
6425 SMB_STRUCT_STAT sbuf1, sbuf2;
6427 TALLOC_CTX *ctx = talloc_tos();
6429 START_PROFILE(SMBcopy);
6432 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6433 END_PROFILE(SMBcopy);
6437 tid2 = SVAL(req->vwv+0, 0);
6438 ofun = SVAL(req->vwv+1, 0);
6439 flags = SVAL(req->vwv+2, 0);
6441 p = (const char *)req->buf;
6442 p += srvstr_get_path_req_wcard(ctx, req, &name, p, STR_TERMINATE,
6443 &status, &source_has_wild);
6444 if (!NT_STATUS_IS_OK(status)) {
6445 reply_nterror(req, status);
6446 END_PROFILE(SMBcopy);
6449 p += srvstr_get_path_req_wcard(ctx, req, &newname, p, STR_TERMINATE,
6450 &status, &dest_has_wild);
6451 if (!NT_STATUS_IS_OK(status)) {
6452 reply_nterror(req, status);
6453 END_PROFILE(SMBcopy);
6457 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
6459 if (tid2 != conn->cnum) {
6460 /* can't currently handle inter share copies XXXX */
6461 DEBUG(3,("Rejecting inter-share copy\n"));
6462 reply_doserror(req, ERRSRV, ERRinvdevice);
6463 END_PROFILE(SMBcopy);
6467 status = resolve_dfspath_wcard(ctx, conn,
6468 req->flags2 & FLAGS2_DFS_PATHNAMES,
6472 if (!NT_STATUS_IS_OK(status)) {
6473 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6474 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6475 ERRSRV, ERRbadpath);
6476 END_PROFILE(SMBcopy);
6479 reply_nterror(req, status);
6480 END_PROFILE(SMBcopy);
6484 status = resolve_dfspath_wcard(ctx, conn,
6485 req->flags2 & FLAGS2_DFS_PATHNAMES,
6489 if (!NT_STATUS_IS_OK(status)) {
6490 if (NT_STATUS_EQUAL(status,NT_STATUS_PATH_NOT_COVERED)) {
6491 reply_botherror(req, NT_STATUS_PATH_NOT_COVERED,
6492 ERRSRV, ERRbadpath);
6493 END_PROFILE(SMBcopy);
6496 reply_nterror(req, status);
6497 END_PROFILE(SMBcopy);
6501 status = unix_convert(ctx, conn, name, source_has_wild,
6502 &name, NULL, &sbuf1);
6503 if (!NT_STATUS_IS_OK(status)) {
6504 reply_nterror(req, status);
6505 END_PROFILE(SMBcopy);
6509 status = unix_convert(ctx, conn, newname, dest_has_wild,
6510 &newname, NULL, &sbuf2);
6511 if (!NT_STATUS_IS_OK(status)) {
6512 reply_nterror(req, status);
6513 END_PROFILE(SMBcopy);
6517 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
6519 if ((flags&1) && target_is_directory) {
6520 reply_doserror(req, ERRDOS, ERRbadfile);
6521 END_PROFILE(SMBcopy);
6525 if ((flags&2) && !target_is_directory) {
6526 reply_doserror(req, ERRDOS, ERRbadpath);
6527 END_PROFILE(SMBcopy);
6531 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
6532 /* wants a tree copy! XXXX */
6533 DEBUG(3,("Rejecting tree copy\n"));
6534 reply_doserror(req, ERRSRV, ERRerror);
6535 END_PROFILE(SMBcopy);
6539 p = strrchr_m(name,'/');
6541 directory = talloc_strndup(ctx, name, PTR_DIFF(p, name));
6544 directory = talloc_strdup(ctx, "./");
6549 reply_nterror(req, NT_STATUS_NO_MEMORY);
6550 END_PROFILE(SMBcopy);
6555 * We should only check the mangled cache
6556 * here if unix_convert failed. This means
6557 * that the path in 'mask' doesn't exist
6558 * on the file system and so we need to look
6559 * for a possible mangle. This patch from
6560 * Tine Smukavec <valentin.smukavec@hermes.si>.
6563 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params)) {
6564 char *new_mask = NULL;
6565 mangle_lookup_name_from_8_3(ctx,
6574 if (!source_has_wild) {
6575 directory = talloc_asprintf_append(directory,
6578 if (dest_has_wild) {
6579 char *mod_newname = NULL;
6580 if (!resolve_wildcards(ctx,
6581 directory,newname,&mod_newname)) {
6582 reply_nterror(req, NT_STATUS_NO_MEMORY);
6583 END_PROFILE(SMBcopy);
6586 newname = mod_newname;
6589 status = check_name(conn, directory);
6590 if (!NT_STATUS_IS_OK(status)) {
6591 reply_nterror(req, status);
6592 END_PROFILE(SMBcopy);
6596 status = check_name(conn, newname);
6597 if (!NT_STATUS_IS_OK(status)) {
6598 reply_nterror(req, status);
6599 END_PROFILE(SMBcopy);
6603 status = copy_file(ctx,conn,directory,newname,ofun,
6604 count,target_is_directory);
6606 if(!NT_STATUS_IS_OK(status)) {
6607 reply_nterror(req, status);
6608 END_PROFILE(SMBcopy);
6614 struct smb_Dir *dir_hnd = NULL;
6615 const char *dname = NULL;
6618 if (strequal(mask,"????????.???")) {
6622 status = check_name(conn, directory);
6623 if (!NT_STATUS_IS_OK(status)) {
6624 reply_nterror(req, status);
6625 END_PROFILE(SMBcopy);
6629 dir_hnd = OpenDir(talloc_tos(), conn, directory, mask, 0);
6630 if (dir_hnd == NULL) {
6631 status = map_nt_error_from_unix(errno);
6632 reply_nterror(req, status);
6633 END_PROFILE(SMBcopy);
6639 while ((dname = ReadDirName(dir_hnd, &offset, &sbuf1))) {
6640 char *destname = NULL;
6643 if (ISDOT(dname) || ISDOTDOT(dname)) {
6647 if (!is_visible_file(conn, directory, dname, &sbuf1, False)) {
6651 if(!mask_match(dname, mask, conn->case_sensitive)) {
6655 error = ERRnoaccess;
6656 fname = talloc_asprintf(ctx,
6661 TALLOC_FREE(dir_hnd);
6662 reply_nterror(req, NT_STATUS_NO_MEMORY);
6663 END_PROFILE(SMBcopy);
6667 if (!resolve_wildcards(ctx,
6668 fname,newname,&destname)) {
6672 TALLOC_FREE(dir_hnd);
6673 reply_nterror(req, NT_STATUS_NO_MEMORY);
6674 END_PROFILE(SMBcopy);
6678 status = check_name(conn, fname);
6679 if (!NT_STATUS_IS_OK(status)) {
6680 TALLOC_FREE(dir_hnd);
6681 reply_nterror(req, status);
6682 END_PROFILE(SMBcopy);
6686 status = check_name(conn, destname);
6687 if (!NT_STATUS_IS_OK(status)) {
6688 TALLOC_FREE(dir_hnd);
6689 reply_nterror(req, status);
6690 END_PROFILE(SMBcopy);
6694 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname, destname));
6696 status = copy_file(ctx,conn,fname,destname,ofun,
6697 count,target_is_directory);
6698 if (NT_STATUS_IS_OK(status)) {
6702 TALLOC_FREE(destname);
6704 TALLOC_FREE(dir_hnd);
6709 /* Error on close... */
6711 reply_unixerror(req, ERRHRD, ERRgeneral);
6712 END_PROFILE(SMBcopy);
6716 reply_doserror(req, ERRDOS, error);
6717 END_PROFILE(SMBcopy);
6721 reply_outbuf(req, 1, 0);
6722 SSVAL(req->outbuf,smb_vwv0,count);
6724 END_PROFILE(SMBcopy);
6729 #define DBGC_CLASS DBGC_LOCKING
6731 /****************************************************************************
6732 Get a lock pid, dealing with large count requests.
6733 ****************************************************************************/
6735 uint32 get_lock_pid(const uint8_t *data, int data_offset,
6736 bool large_file_format)
6738 if(!large_file_format)
6739 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
6741 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
6744 /****************************************************************************
6745 Get a lock count, dealing with large count requests.
6746 ****************************************************************************/
6748 uint64_t get_lock_count(const uint8_t *data, int data_offset,
6749 bool large_file_format)
6753 if(!large_file_format) {
6754 count = (uint64_t)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
6757 #if defined(HAVE_LONGLONG)
6758 count = (((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
6759 ((uint64_t) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
6760 #else /* HAVE_LONGLONG */
6763 * NT4.x seems to be broken in that it sends large file (64 bit)
6764 * lockingX calls even if the CAP_LARGE_FILES was *not*
6765 * negotiated. For boxes without large unsigned ints truncate the
6766 * lock count by dropping the top 32 bits.
6769 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
6770 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
6771 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
6772 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
6773 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
6776 count = (uint64_t)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
6777 #endif /* HAVE_LONGLONG */
6783 #if !defined(HAVE_LONGLONG)
6784 /****************************************************************************
6785 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
6786 ****************************************************************************/
6788 static uint32 map_lock_offset(uint32 high, uint32 low)
6792 uint32 highcopy = high;
6795 * Try and find out how many significant bits there are in high.
6798 for(i = 0; highcopy; i++)
6802 * We use 31 bits not 32 here as POSIX
6803 * lock offsets may not be negative.
6806 mask = (~0) << (31 - i);
6809 return 0; /* Fail. */
6815 #endif /* !defined(HAVE_LONGLONG) */
6817 /****************************************************************************
6818 Get a lock offset, dealing with large offset requests.
6819 ****************************************************************************/
6821 uint64_t get_lock_offset(const uint8_t *data, int data_offset,
6822 bool large_file_format, bool *err)
6824 uint64_t offset = 0;
6828 if(!large_file_format) {
6829 offset = (uint64_t)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
6832 #if defined(HAVE_LONGLONG)
6833 offset = (((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
6834 ((uint64_t) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
6835 #else /* HAVE_LONGLONG */
6838 * NT4.x seems to be broken in that it sends large file (64 bit)
6839 * lockingX calls even if the CAP_LARGE_FILES was *not*
6840 * negotiated. For boxes without large unsigned ints mangle the
6841 * lock offset by mapping the top 32 bits onto the lower 32.
6844 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
6845 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6846 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
6849 if((new_low = map_lock_offset(high, low)) == 0) {
6851 return (uint64_t)-1;
6854 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
6855 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
6856 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
6857 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
6860 offset = (uint64_t)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
6861 #endif /* HAVE_LONGLONG */
6867 /****************************************************************************
6868 Reply to a lockingX request.
6869 ****************************************************************************/
6871 void reply_lockingX(struct smb_request *req)
6873 connection_struct *conn = req->conn;
6875 unsigned char locktype;
6876 unsigned char oplocklevel;
6879 uint64_t count = 0, offset = 0;
6883 const uint8_t *data;
6884 bool large_file_format;
6886 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
6888 START_PROFILE(SMBlockingX);
6891 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6892 END_PROFILE(SMBlockingX);
6896 fsp = file_fsp(req, SVAL(req->vwv+2, 0));
6897 locktype = CVAL(req->vwv+3, 0);
6898 oplocklevel = CVAL(req->vwv+3, 1);
6899 num_ulocks = SVAL(req->vwv+6, 0);
6900 num_locks = SVAL(req->vwv+7, 0);
6901 lock_timeout = IVAL(req->vwv+4, 0);
6902 large_file_format = (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
6904 if (!check_fsp(conn, req, fsp)) {
6905 END_PROFILE(SMBlockingX);
6911 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
6912 /* we don't support these - and CANCEL_LOCK makes w2k
6913 and XP reboot so I don't really want to be
6914 compatible! (tridge) */
6915 reply_nterror(req, NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
6916 END_PROFILE(SMBlockingX);
6920 /* Check if this is an oplock break on a file
6921 we have granted an oplock on.
6923 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
6924 /* Client can insist on breaking to none. */
6925 bool break_to_none = (oplocklevel == 0);
6928 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
6929 "for fnum = %d\n", (unsigned int)oplocklevel,
6933 * Make sure we have granted an exclusive or batch oplock on
6937 if (fsp->oplock_type == 0) {
6939 /* The Samba4 nbench simulator doesn't understand
6940 the difference between break to level2 and break
6941 to none from level2 - it sends oplock break
6942 replies in both cases. Don't keep logging an error
6943 message here - just ignore it. JRA. */
6945 DEBUG(5,("reply_lockingX: Error : oplock break from "
6946 "client for fnum = %d (oplock=%d) and no "
6947 "oplock granted on this file (%s).\n",
6948 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
6950 /* if this is a pure oplock break request then don't
6952 if (num_locks == 0 && num_ulocks == 0) {
6953 END_PROFILE(SMBlockingX);
6956 END_PROFILE(SMBlockingX);
6957 reply_doserror(req, ERRDOS, ERRlock);
6962 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
6964 result = remove_oplock(fsp);
6966 result = downgrade_oplock(fsp);
6970 DEBUG(0, ("reply_lockingX: error in removing "
6971 "oplock on file %s\n", fsp->fsp_name));
6972 /* Hmmm. Is this panic justified? */
6973 smb_panic("internal tdb error");
6976 reply_to_oplock_break_requests(fsp);
6978 /* if this is a pure oplock break request then don't send a
6980 if (num_locks == 0 && num_ulocks == 0) {
6981 /* Sanity check - ensure a pure oplock break is not a
6983 if(CVAL(req->vwv+0, 0) != 0xff)
6984 DEBUG(0,("reply_lockingX: Error : pure oplock "
6985 "break is a chained %d request !\n",
6986 (unsigned int)CVAL(req->vwv+0, 0)));
6987 END_PROFILE(SMBlockingX);
6993 (num_ulocks + num_locks) * (large_file_format ? 20 : 10)) {
6994 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
6995 END_PROFILE(SMBlockingX);
6999 /* Data now points at the beginning of the list
7000 of smb_unlkrng structs */
7001 for(i = 0; i < (int)num_ulocks; i++) {
7002 lock_pid = get_lock_pid( data, i, large_file_format);
7003 count = get_lock_count( data, i, large_file_format);
7004 offset = get_lock_offset( data, i, large_file_format, &err);
7007 * There is no error code marked "stupid client bug".... :-).
7010 END_PROFILE(SMBlockingX);
7011 reply_doserror(req, ERRDOS, ERRnoaccess);
7015 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
7016 "pid %u, file %s\n", (double)offset, (double)count,
7017 (unsigned int)lock_pid, fsp->fsp_name ));
7019 status = do_unlock(smbd_messaging_context(),
7026 DEBUG(10, ("reply_lockingX: unlock returned %s\n",
7027 nt_errstr(status)));
7029 if (NT_STATUS_V(status)) {
7030 END_PROFILE(SMBlockingX);
7031 reply_nterror(req, status);
7036 /* Setup the timeout in seconds. */
7038 if (!lp_blocking_locks(SNUM(conn))) {
7042 /* Now do any requested locks */
7043 data += ((large_file_format ? 20 : 10)*num_ulocks);
7045 /* Data now points at the beginning of the list
7046 of smb_lkrng structs */
7048 for(i = 0; i < (int)num_locks; i++) {
7049 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
7050 READ_LOCK:WRITE_LOCK);
7051 lock_pid = get_lock_pid( data, i, large_file_format);
7052 count = get_lock_count( data, i, large_file_format);
7053 offset = get_lock_offset( data, i, large_file_format, &err);
7056 * There is no error code marked "stupid client bug".... :-).
7059 END_PROFILE(SMBlockingX);
7060 reply_doserror(req, ERRDOS, ERRnoaccess);
7064 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
7065 "%u, file %s timeout = %d\n", (double)offset,
7066 (double)count, (unsigned int)lock_pid,
7067 fsp->fsp_name, (int)lock_timeout ));
7069 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
7070 struct blocking_lock_record *blr = NULL;
7072 if (lp_blocking_locks(SNUM(conn))) {
7074 /* Schedule a message to ourselves to
7075 remove the blocking lock record and
7076 return the right error. */
7078 blr = blocking_lock_cancel(fsp,
7084 NT_STATUS_FILE_LOCK_CONFLICT);
7086 END_PROFILE(SMBlockingX);
7091 ERRcancelviolation));
7095 /* Remove a matching pending lock. */
7096 status = do_lock_cancel(fsp,
7103 bool blocking_lock = lock_timeout ? True : False;
7104 bool defer_lock = False;
7105 struct byte_range_lock *br_lck;
7106 uint32 block_smbpid;
7108 br_lck = do_lock(smbd_messaging_context(),
7120 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
7121 /* Windows internal resolution for blocking locks seems
7122 to be about 200ms... Don't wait for less than that. JRA. */
7123 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
7124 lock_timeout = lp_lock_spin_time();
7129 /* This heuristic seems to match W2K3 very well. If a
7130 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
7131 it pretends we asked for a timeout of between 150 - 300 milliseconds as
7132 far as I can tell. Replacement for do_lock_spin(). JRA. */
7134 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
7135 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
7137 lock_timeout = lp_lock_spin_time();
7140 if (br_lck && defer_lock) {
7142 * A blocking lock was requested. Package up
7143 * this smb into a queued request and push it
7144 * onto the blocking lock queue.
7146 if(push_blocking_lock_request(br_lck,
7157 TALLOC_FREE(br_lck);
7158 END_PROFILE(SMBlockingX);
7163 TALLOC_FREE(br_lck);
7166 if (NT_STATUS_V(status)) {
7167 END_PROFILE(SMBlockingX);
7168 reply_nterror(req, status);
7173 /* If any of the above locks failed, then we must unlock
7174 all of the previous locks (X/Open spec). */
7176 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
7180 * Ensure we don't do a remove on the lock that just failed,
7181 * as under POSIX rules, if we have a lock already there, we
7182 * will delete it (and we shouldn't) .....
7184 for(i--; i >= 0; i--) {
7185 lock_pid = get_lock_pid( data, i, large_file_format);
7186 count = get_lock_count( data, i, large_file_format);
7187 offset = get_lock_offset( data, i, large_file_format,
7191 * There is no error code marked "stupid client
7195 END_PROFILE(SMBlockingX);
7196 reply_doserror(req, ERRDOS, ERRnoaccess);
7200 do_unlock(smbd_messaging_context(),
7207 END_PROFILE(SMBlockingX);
7208 reply_nterror(req, status);
7212 reply_outbuf(req, 2, 0);
7214 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
7215 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
7217 END_PROFILE(SMBlockingX);
7222 #define DBGC_CLASS DBGC_ALL
7224 /****************************************************************************
7225 Reply to a SMBreadbmpx (read block multiplex) request.
7226 Always reply with an error, if someone has a platform really needs this,
7227 please contact vl@samba.org
7228 ****************************************************************************/
7230 void reply_readbmpx(struct smb_request *req)
7232 START_PROFILE(SMBreadBmpx);
7233 reply_doserror(req, ERRSRV, ERRuseSTD);
7234 END_PROFILE(SMBreadBmpx);
7238 /****************************************************************************
7239 Reply to a SMBreadbs (read block multiplex secondary) request.
7240 Always reply with an error, if someone has a platform really needs this,
7241 please contact vl@samba.org
7242 ****************************************************************************/
7244 void reply_readbs(struct smb_request *req)
7246 START_PROFILE(SMBreadBs);
7247 reply_doserror(req, ERRSRV, ERRuseSTD);
7248 END_PROFILE(SMBreadBs);
7252 /****************************************************************************
7253 Reply to a SMBsetattrE.
7254 ****************************************************************************/
7256 void reply_setattrE(struct smb_request *req)
7258 connection_struct *conn = req->conn;
7259 struct smb_file_time ft;
7261 SMB_STRUCT_STAT sbuf;
7264 START_PROFILE(SMBsetattrE);
7268 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7269 END_PROFILE(SMBsetattrE);
7273 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7275 if(!fsp || (fsp->conn != conn)) {
7276 reply_doserror(req, ERRDOS, ERRbadfid);
7277 END_PROFILE(SMBsetattrE);
7283 * Convert the DOS times into unix times.
7286 ft.atime = convert_time_t_to_timespec(
7287 srv_make_unix_date2(req->vwv+3));
7288 ft.mtime = convert_time_t_to_timespec(
7289 srv_make_unix_date2(req->vwv+5));
7290 ft.create_time = convert_time_t_to_timespec(
7291 srv_make_unix_date2(req->vwv+1));
7293 reply_outbuf(req, 0, 0);
7296 * Patch from Ray Frush <frush@engr.colostate.edu>
7297 * Sometimes times are sent as zero - ignore them.
7300 /* Ensure we have a valid stat struct for the source. */
7301 if (fsp->fh->fd != -1) {
7302 if (SMB_VFS_FSTAT(fsp, &sbuf) == -1) {
7303 status = map_nt_error_from_unix(errno);
7304 reply_nterror(req, status);
7305 END_PROFILE(SMBsetattrE);
7311 if (fsp->posix_open) {
7312 ret = SMB_VFS_LSTAT(conn, fsp->fsp_name, &sbuf);
7314 ret = SMB_VFS_STAT(conn, fsp->fsp_name, &sbuf);
7317 status = map_nt_error_from_unix(errno);
7318 reply_nterror(req, status);
7319 END_PROFILE(SMBsetattrE);
7324 status = smb_set_file_time(conn, fsp, fsp->fsp_name,
7326 if (!NT_STATUS_IS_OK(status)) {
7327 reply_doserror(req, ERRDOS, ERRnoaccess);
7328 END_PROFILE(SMBsetattrE);
7332 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%u modtime=%u "
7335 (unsigned int)ft.atime.tv_sec,
7336 (unsigned int)ft.mtime.tv_sec,
7337 (unsigned int)ft.create_time.tv_sec
7340 END_PROFILE(SMBsetattrE);
7345 /* Back from the dead for OS/2..... JRA. */
7347 /****************************************************************************
7348 Reply to a SMBwritebmpx (write block multiplex primary) request.
7349 Always reply with an error, if someone has a platform really needs this,
7350 please contact vl@samba.org
7351 ****************************************************************************/
7353 void reply_writebmpx(struct smb_request *req)
7355 START_PROFILE(SMBwriteBmpx);
7356 reply_doserror(req, ERRSRV, ERRuseSTD);
7357 END_PROFILE(SMBwriteBmpx);
7361 /****************************************************************************
7362 Reply to a SMBwritebs (write block multiplex secondary) request.
7363 Always reply with an error, if someone has a platform really needs this,
7364 please contact vl@samba.org
7365 ****************************************************************************/
7367 void reply_writebs(struct smb_request *req)
7369 START_PROFILE(SMBwriteBs);
7370 reply_doserror(req, ERRSRV, ERRuseSTD);
7371 END_PROFILE(SMBwriteBs);
7375 /****************************************************************************
7376 Reply to a SMBgetattrE.
7377 ****************************************************************************/
7379 void reply_getattrE(struct smb_request *req)
7381 connection_struct *conn = req->conn;
7382 SMB_STRUCT_STAT sbuf;
7385 struct timespec create_ts;
7387 START_PROFILE(SMBgetattrE);
7390 reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
7391 END_PROFILE(SMBgetattrE);
7395 fsp = file_fsp(req, SVAL(req->vwv+0, 0));
7397 if(!fsp || (fsp->conn != conn)) {
7398 reply_doserror(req, ERRDOS, ERRbadfid);
7399 END_PROFILE(SMBgetattrE);
7403 /* Do an fstat on this file */
7404 if(fsp_stat(fsp, &sbuf)) {
7405 reply_unixerror(req, ERRDOS, ERRnoaccess);
7406 END_PROFILE(SMBgetattrE);
7410 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
7413 * Convert the times into dos times. Set create
7414 * date to be last modify date as UNIX doesn't save
7418 reply_outbuf(req, 11, 0);
7420 create_ts = get_create_timespec(&sbuf,
7421 lp_fake_dir_create_times(SNUM(conn)));
7422 srv_put_dos_date2((char *)req->outbuf, smb_vwv0, create_ts.tv_sec);
7423 srv_put_dos_date2((char *)req->outbuf, smb_vwv2, sbuf.st_atime);
7424 /* Should we check pending modtime here ? JRA */
7425 srv_put_dos_date2((char *)req->outbuf, smb_vwv4, sbuf.st_mtime);
7428 SIVAL(req->outbuf, smb_vwv6, 0);
7429 SIVAL(req->outbuf, smb_vwv8, 0);
7431 uint32 allocation_size = SMB_VFS_GET_ALLOC_SIZE(conn,fsp, &sbuf);
7432 SIVAL(req->outbuf, smb_vwv6, (uint32)sbuf.st_size);
7433 SIVAL(req->outbuf, smb_vwv8, allocation_size);
7435 SSVAL(req->outbuf,smb_vwv10, mode);
7437 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
7439 END_PROFILE(SMBgetattrE);