2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) Jeremy Allison 2010
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "../libcli/smb/smb_common.h"
27 #include "../librpc/gen_ndr/ndr_security.h"
28 #include "../lib/util/tevent_ntstatus.h"
30 int map_smb2_oplock_levels_to_samba(uint8_t in_oplock_level)
32 switch(in_oplock_level) {
33 case SMB2_OPLOCK_LEVEL_NONE:
35 case SMB2_OPLOCK_LEVEL_II:
36 return LEVEL_II_OPLOCK;
37 case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
38 return EXCLUSIVE_OPLOCK;
39 case SMB2_OPLOCK_LEVEL_BATCH:
41 case SMB2_OPLOCK_LEVEL_LEASE:
42 DEBUG(2,("map_smb2_oplock_levels_to_samba: "
43 "LEASE_OPLOCK_REQUESTED\n"));
46 DEBUG(2,("map_smb2_oplock_levels_to_samba: "
48 (unsigned int)in_oplock_level));
53 static uint8_t map_samba_oplock_levels_to_smb2(int oplock_type)
55 if (BATCH_OPLOCK_TYPE(oplock_type)) {
56 return SMB2_OPLOCK_LEVEL_BATCH;
57 } else if (EXCLUSIVE_OPLOCK_TYPE(oplock_type)) {
58 return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
59 } else if (oplock_type == LEVEL_II_OPLOCK) {
61 * Don't use LEVEL_II_OPLOCK_TYPE here as
62 * this also includes FAKE_LEVEL_II_OPLOCKs
63 * which are internal only.
65 return SMB2_OPLOCK_LEVEL_II;
67 return SMB2_OPLOCK_LEVEL_NONE;
71 static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
72 struct tevent_context *ev,
73 struct smbd_smb2_request *smb2req,
74 uint8_t in_oplock_level,
75 uint32_t in_impersonation_level,
76 uint32_t in_desired_access,
77 uint32_t in_file_attributes,
78 uint32_t in_share_access,
79 uint32_t in_create_disposition,
80 uint32_t in_create_options,
82 struct smb2_create_blobs in_context_blobs);
83 static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
85 uint8_t *out_oplock_level,
86 uint32_t *out_create_action,
87 NTTIME *out_creation_time,
88 NTTIME *out_last_access_time,
89 NTTIME *out_last_write_time,
90 NTTIME *out_change_time,
91 uint64_t *out_allocation_size,
92 uint64_t *out_end_of_file,
93 uint32_t *out_file_attributes,
94 uint64_t *out_file_id_persistent,
95 uint64_t *out_file_id_volatile,
96 struct smb2_create_blobs *out_context_blobs);
98 static void smbd_smb2_request_create_done(struct tevent_req *tsubreq);
99 NTSTATUS smbd_smb2_request_process_create(struct smbd_smb2_request *smb2req)
101 const uint8_t *inbody;
102 int i = smb2req->current_idx;
103 uint8_t in_oplock_level;
104 uint32_t in_impersonation_level;
105 uint32_t in_desired_access;
106 uint32_t in_file_attributes;
107 uint32_t in_share_access;
108 uint32_t in_create_disposition;
109 uint32_t in_create_options;
110 uint16_t in_name_offset;
111 uint16_t in_name_length;
112 DATA_BLOB in_name_buffer;
113 char *in_name_string;
114 size_t in_name_string_size;
115 uint32_t name_offset = 0;
116 uint32_t name_available_length = 0;
117 uint32_t in_context_offset;
118 uint32_t in_context_length;
119 DATA_BLOB in_context_buffer;
120 struct smb2_create_blobs in_context_blobs;
121 uint32_t context_offset = 0;
122 uint32_t context_available_length = 0;
126 struct tevent_req *tsubreq;
128 status = smbd_smb2_request_verify_sizes(smb2req, 0x39);
129 if (!NT_STATUS_IS_OK(status)) {
130 return smbd_smb2_request_error(smb2req, status);
132 inbody = (const uint8_t *)smb2req->in.vector[i+1].iov_base;
134 in_oplock_level = CVAL(inbody, 0x03);
135 in_impersonation_level = IVAL(inbody, 0x04);
136 in_desired_access = IVAL(inbody, 0x18);
137 in_file_attributes = IVAL(inbody, 0x1C);
138 in_share_access = IVAL(inbody, 0x20);
139 in_create_disposition = IVAL(inbody, 0x24);
140 in_create_options = IVAL(inbody, 0x28);
141 in_name_offset = SVAL(inbody, 0x2C);
142 in_name_length = SVAL(inbody, 0x2E);
143 in_context_offset = IVAL(inbody, 0x30);
144 in_context_length = IVAL(inbody, 0x34);
147 * First check if the dynamic name and context buffers
148 * are correctly specified.
150 * Note: That we don't check if the name and context buffers
154 dyn_offset = SMB2_HDR_BODY + smb2req->in.vector[i+1].iov_len;
156 if (in_name_offset == 0 && in_name_length == 0) {
159 } else if (in_name_offset < dyn_offset) {
160 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
162 name_offset = in_name_offset - dyn_offset;
165 if (name_offset > smb2req->in.vector[i+2].iov_len) {
166 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
169 name_available_length = smb2req->in.vector[i+2].iov_len - name_offset;
171 if (in_name_length > name_available_length) {
172 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
175 in_name_buffer.data = (uint8_t *)smb2req->in.vector[i+2].iov_base +
177 in_name_buffer.length = in_name_length;
179 if (in_context_offset == 0 && in_context_length == 0) {
182 } else if (in_context_offset < dyn_offset) {
183 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
185 context_offset = in_context_offset - dyn_offset;
188 if (context_offset > smb2req->in.vector[i+2].iov_len) {
189 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
192 context_available_length = smb2req->in.vector[i+2].iov_len - context_offset;
194 if (in_context_length > context_available_length) {
195 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
198 in_context_buffer.data = (uint8_t *)smb2req->in.vector[i+2].iov_base +
200 in_context_buffer.length = in_context_length;
203 * Now interpret the name and context buffers
206 ok = convert_string_talloc(smb2req, CH_UTF16, CH_UNIX,
208 in_name_buffer.length,
210 &in_name_string_size);
212 return smbd_smb2_request_error(smb2req, NT_STATUS_ILLEGAL_CHARACTER);
215 if (in_name_buffer.length == 0) {
216 in_name_string_size = 0;
219 if (strlen(in_name_string) != in_name_string_size) {
220 return smbd_smb2_request_error(smb2req, NT_STATUS_OBJECT_NAME_INVALID);
223 ZERO_STRUCT(in_context_blobs);
224 status = smb2_create_blob_parse(smb2req, in_context_buffer, &in_context_blobs);
225 if (!NT_STATUS_IS_OK(status)) {
226 return smbd_smb2_request_error(smb2req, status);
229 tsubreq = smbd_smb2_create_send(smb2req,
230 smb2req->sconn->smb2.event_ctx,
233 in_impersonation_level,
237 in_create_disposition,
241 if (tsubreq == NULL) {
242 smb2req->subreq = NULL;
243 return smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
245 tevent_req_set_callback(tsubreq, smbd_smb2_request_create_done, smb2req);
247 return smbd_smb2_request_pending_queue(smb2req, tsubreq);
250 static uint64_t get_mid_from_smb2req(struct smbd_smb2_request *smb2req)
252 uint8_t *reqhdr = (uint8_t *)smb2req->out.vector[smb2req->current_idx].iov_base;
253 return BVAL(reqhdr, SMB2_HDR_MESSAGE_ID);
256 static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
258 struct smbd_smb2_request *smb2req = tevent_req_callback_data(tsubreq,
259 struct smbd_smb2_request);
260 int i = smb2req->current_idx;
264 uint8_t out_oplock_level = 0;
265 uint32_t out_create_action = 0;
266 NTTIME out_creation_time = 0;
267 NTTIME out_last_access_time = 0;
268 NTTIME out_last_write_time = 0;
269 NTTIME out_change_time = 0;
270 uint64_t out_allocation_size = 0;
271 uint64_t out_end_of_file = 0;
272 uint32_t out_file_attributes = 0;
273 uint64_t out_file_id_persistent = 0;
274 uint64_t out_file_id_volatile = 0;
275 struct smb2_create_blobs out_context_blobs;
276 DATA_BLOB out_context_buffer;
277 uint16_t out_context_buffer_offset = 0;
279 NTSTATUS error; /* transport error */
281 if (smb2req->cancelled) {
282 uint64_t mid = get_mid_from_smb2req(smb2req);
283 DEBUG(10,("smbd_smb2_request_create_done: cancelled mid %llu\n",
284 (unsigned long long)mid ));
285 error = smbd_smb2_request_error(smb2req, NT_STATUS_CANCELLED);
286 if (!NT_STATUS_IS_OK(error)) {
287 smbd_server_connection_terminate(smb2req->sconn,
294 status = smbd_smb2_create_recv(tsubreq,
299 &out_last_access_time,
300 &out_last_write_time,
302 &out_allocation_size,
304 &out_file_attributes,
305 &out_file_id_persistent,
306 &out_file_id_volatile,
308 if (!NT_STATUS_IS_OK(status)) {
309 error = smbd_smb2_request_error(smb2req, status);
310 if (!NT_STATUS_IS_OK(error)) {
311 smbd_server_connection_terminate(smb2req->sconn,
318 status = smb2_create_blob_push(smb2req, &out_context_buffer, out_context_blobs);
319 if (!NT_STATUS_IS_OK(status)) {
320 error = smbd_smb2_request_error(smb2req, status);
321 if (!NT_STATUS_IS_OK(error)) {
322 smbd_server_connection_terminate(smb2req->sconn,
329 if (out_context_buffer.length > 0) {
330 out_context_buffer_offset = SMB2_HDR_BODY + 0x58;
333 outhdr = (uint8_t *)smb2req->out.vector[i].iov_base;
335 outbody = data_blob_talloc(smb2req->out.vector, NULL, 0x58);
336 if (outbody.data == NULL) {
337 error = smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
338 if (!NT_STATUS_IS_OK(error)) {
339 smbd_server_connection_terminate(smb2req->sconn,
346 SSVAL(outbody.data, 0x00, 0x58 + 1); /* struct size */
347 SCVAL(outbody.data, 0x02,
348 out_oplock_level); /* oplock level */
349 SCVAL(outbody.data, 0x03, 0); /* reserved */
350 SIVAL(outbody.data, 0x04,
351 out_create_action); /* create action */
352 SBVAL(outbody.data, 0x08,
353 out_creation_time); /* creation time */
354 SBVAL(outbody.data, 0x10,
355 out_last_access_time); /* last access time */
356 SBVAL(outbody.data, 0x18,
357 out_last_write_time); /* last write time */
358 SBVAL(outbody.data, 0x20,
359 out_change_time); /* change time */
360 SBVAL(outbody.data, 0x28,
361 out_allocation_size); /* allocation size */
362 SBVAL(outbody.data, 0x30,
363 out_end_of_file); /* end of file */
364 SIVAL(outbody.data, 0x38,
365 out_file_attributes); /* file attributes */
366 SIVAL(outbody.data, 0x3C, 0); /* reserved */
367 SBVAL(outbody.data, 0x40,
368 out_file_id_persistent); /* file id (persistent) */
369 SBVAL(outbody.data, 0x48,
370 out_file_id_volatile); /* file id (volatile) */
371 SIVAL(outbody.data, 0x50,
372 out_context_buffer_offset); /* create contexts offset */
373 SIVAL(outbody.data, 0x54,
374 out_context_buffer.length); /* create contexts length */
376 outdyn = out_context_buffer;
378 error = smbd_smb2_request_done(smb2req, outbody, &outdyn);
379 if (!NT_STATUS_IS_OK(error)) {
380 smbd_server_connection_terminate(smb2req->sconn,
386 struct smbd_smb2_create_state {
387 struct smbd_smb2_request *smb2req;
388 struct smb_request *smb1req;
389 struct timed_event *te;
390 struct tevent_immediate *im;
391 struct timeval request_time;
393 DATA_BLOB private_data;
394 uint8_t out_oplock_level;
395 uint32_t out_create_action;
396 NTTIME out_creation_time;
397 NTTIME out_last_access_time;
398 NTTIME out_last_write_time;
399 NTTIME out_change_time;
400 uint64_t out_allocation_size;
401 uint64_t out_end_of_file;
402 uint32_t out_file_attributes;
403 uint64_t out_file_id_persistent;
404 uint64_t out_file_id_volatile;
405 struct smb2_create_blobs out_context_blobs;
408 static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
409 struct tevent_context *ev,
410 struct smbd_smb2_request *smb2req,
411 uint8_t in_oplock_level,
412 uint32_t in_impersonation_level,
413 uint32_t in_desired_access,
414 uint32_t in_file_attributes,
415 uint32_t in_share_access,
416 uint32_t in_create_disposition,
417 uint32_t in_create_options,
419 struct smb2_create_blobs in_context_blobs)
421 struct tevent_req *req = NULL;
422 struct smbd_smb2_create_state *state = NULL;
424 struct smb_request *smb1req = NULL;
425 files_struct *result = NULL;
427 struct timespec write_time_ts;
428 struct smb2_create_blobs out_context_blobs;
429 int requested_oplock_level;
431 ZERO_STRUCT(out_context_blobs);
433 if(lp_fake_oplocks(SNUM(smb2req->tcon->compat_conn))) {
434 requested_oplock_level = SMB2_OPLOCK_LEVEL_NONE;
436 requested_oplock_level = in_oplock_level;
440 if (!smb2req->async) {
441 /* New create call. */
442 req = tevent_req_create(mem_ctx, &state,
443 struct smbd_smb2_create_state);
447 state->smb2req = smb2req;
448 smb2req->subreq = req; /* So we can find this when going async. */
450 smb1req = smbd_smb2_fake_smb_request(smb2req);
451 if (tevent_req_nomem(smb1req, req)) {
452 return tevent_req_post(req, ev);
454 state->smb1req = smb1req;
455 DEBUG(10,("smbd_smb2_create: name[%s]\n",
458 /* Re-entrant create call. */
459 req = smb2req->subreq;
460 state = tevent_req_data(req,
461 struct smbd_smb2_create_state);
462 smb1req = state->smb1req;
463 DEBUG(10,("smbd_smb2_create_send: reentrant for file %s\n",
467 if (IS_IPC(smb1req->conn)) {
468 const char *pipe_name = in_name;
470 if (!lp_nt_pipe_support()) {
471 tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
472 return tevent_req_post(req, ev);
475 /* Strip \\ off the name. */
476 if (pipe_name[0] == '\\') {
480 status = open_np_file(smb1req, pipe_name, &result);
481 if (!NT_STATUS_IS_OK(status)) {
482 tevent_req_nterror(req, status);
483 return tevent_req_post(req, ev);
485 info = FILE_WAS_OPENED;
486 } else if (CAN_PRINT(smb1req->conn)) {
487 status = file_new(smb1req, smb1req->conn, &result);
488 if(!NT_STATUS_IS_OK(status)) {
489 tevent_req_nterror(req, status);
490 return tevent_req_post(req, ev);
493 status = print_spool_open(result, in_name,
495 if (!NT_STATUS_IS_OK(status)) {
496 file_free(smb1req, result);
497 tevent_req_nterror(req, status);
498 return tevent_req_post(req, ev);
500 info = FILE_WAS_CREATED;
503 struct smb_filename *smb_fname = NULL;
504 struct smb2_create_blob *exta = NULL;
505 struct ea_list *ea_list = NULL;
506 struct smb2_create_blob *mxac = NULL;
507 NTTIME max_access_time = 0;
508 struct smb2_create_blob *secd = NULL;
509 struct security_descriptor *sec_desc = NULL;
510 struct smb2_create_blob *dhnq = NULL;
511 struct smb2_create_blob *dhnc = NULL;
512 struct smb2_create_blob *alsi = NULL;
513 uint64_t allocation_size = 0;
514 struct smb2_create_blob *twrp = NULL;
515 struct smb2_create_blob *qfid = NULL;
517 exta = smb2_create_blob_find(&in_context_blobs,
518 SMB2_CREATE_TAG_EXTA);
519 mxac = smb2_create_blob_find(&in_context_blobs,
520 SMB2_CREATE_TAG_MXAC);
521 secd = smb2_create_blob_find(&in_context_blobs,
522 SMB2_CREATE_TAG_SECD);
523 dhnq = smb2_create_blob_find(&in_context_blobs,
524 SMB2_CREATE_TAG_DHNQ);
525 dhnc = smb2_create_blob_find(&in_context_blobs,
526 SMB2_CREATE_TAG_DHNC);
527 alsi = smb2_create_blob_find(&in_context_blobs,
528 SMB2_CREATE_TAG_ALSI);
529 twrp = smb2_create_blob_find(&in_context_blobs,
530 SMB2_CREATE_TAG_TWRP);
531 qfid = smb2_create_blob_find(&in_context_blobs,
532 SMB2_CREATE_TAG_QFID);
534 fname = talloc_strdup(state, in_name);
535 if (tevent_req_nomem(fname, req)) {
536 return tevent_req_post(req, ev);
541 tevent_req_nterror(req,NT_STATUS_OBJECT_NAME_NOT_FOUND);
542 return tevent_req_post(req, ev);
545 ea_list = read_nttrans_ea_list(mem_ctx,
546 (const char *)exta->data.data, exta->data.length);
548 DEBUG(10,("smbd_smb2_create_send: read_ea_name_list failed.\n"));
549 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
550 return tevent_req_post(req, ev);
556 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
557 return tevent_req_post(req, ev);
560 if (mxac->data.length == 0) {
562 } else if (mxac->data.length == 8) {
563 max_access_time = BVAL(mxac->data.data, 0);
565 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
566 return tevent_req_post(req, ev);
571 enum ndr_err_code ndr_err;
574 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
575 return tevent_req_post(req, ev);
578 sec_desc = talloc_zero(state, struct security_descriptor);
579 if (tevent_req_nomem(sec_desc, req)) {
580 return tevent_req_post(req, ev);
583 ndr_err = ndr_pull_struct_blob(&secd->data,
585 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
586 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
587 DEBUG(2,("ndr_pull_security_descriptor failed: %s\n",
588 ndr_errstr(ndr_err)));
589 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
590 return tevent_req_post(req, ev);
596 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
597 return tevent_req_post(req, ev);
600 if (dhnq->data.length != 16) {
601 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
602 return tevent_req_post(req, ev);
605 * we don't support durable handles yet
606 * and have to ignore this
611 if (dhnc->data.length != 16) {
612 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
613 return tevent_req_post(req, ev);
615 /* we don't support durable handles yet */
616 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
617 return tevent_req_post(req, ev);
622 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
623 return tevent_req_post(req, ev);
626 if (alsi->data.length != 8) {
627 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
628 return tevent_req_post(req, ev);
630 allocation_size = BVAL(alsi->data.data, 0);
639 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
640 return tevent_req_post(req, ev);
643 if (twrp->data.length != 8) {
644 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
645 return tevent_req_post(req, ev);
648 nttime = BVAL(twrp->data.data, 0);
649 t = nt_time_to_unix(nttime);
653 fname = talloc_asprintf(state,
654 "@GMT-%04u.%02u.%02u-%02u.%02u.%02u\\%s",
662 if (tevent_req_nomem(fname, req)) {
663 return tevent_req_post(req, ev);
668 if (qfid->data.length != 0) {
669 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
670 return tevent_req_post(req, ev);
674 /* these are ignored for SMB2 */
675 in_create_options &= ~(0x10);/* NTCREATEX_OPTIONS_SYNC_ALERT */
676 in_create_options &= ~(0x20);/* NTCREATEX_OPTIONS_ASYNC_ALERT */
679 * For a DFS path the function parse_dfs_path()
680 * will do the path processing.
683 if (!(smb1req->flags2 & FLAGS2_DFS_PATHNAMES)) {
684 /* convert '\\' into '/' */
685 status = check_path_syntax(fname);
686 if (!NT_STATUS_IS_OK(status)) {
687 tevent_req_nterror(req, status);
688 return tevent_req_post(req, ev);
692 status = filename_convert(req,
694 smb1req->flags2 & FLAGS2_DFS_PATHNAMES,
699 if (!NT_STATUS_IS_OK(status)) {
700 tevent_req_nterror(req, status);
701 return tevent_req_post(req, ev);
704 in_file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
706 status = SMB_VFS_CREATE_FILE(smb1req->conn,
708 0, /* root_dir_fid */
712 in_create_disposition,
715 map_smb2_oplock_levels_to_samba(requested_oplock_level),
717 0, /* private_flags */
722 if (!NT_STATUS_IS_OK(status)) {
723 if (open_was_deferred(smb1req->sconn, smb1req->mid)) {
726 tevent_req_nterror(req, status);
727 return tevent_req_post(req, ev);
731 NTTIME last_write_time;
733 unix_timespec_to_nt_time(&last_write_time,
734 result->fsp_name->st.st_ex_mtime);
735 if (last_write_time != max_access_time) {
737 uint32_t max_access_granted;
738 DATA_BLOB blob = data_blob_const(p, sizeof(p));
740 status = smbd_calculate_access_mask(smb1req->conn,
747 SEC_FLAG_MAXIMUM_ALLOWED,
748 &max_access_granted);
750 SIVAL(p, 0, NT_STATUS_V(status));
751 SIVAL(p, 4, max_access_granted);
753 status = smb2_create_blob_add(state,
755 SMB2_CREATE_TAG_MXAC,
757 if (!NT_STATUS_IS_OK(status)) {
758 tevent_req_nterror(req, status);
759 return tevent_req_post(req, ev);
766 uint64_t file_index = get_FileIndex(result->conn,
767 &result->fsp_name->st);
768 DATA_BLOB blob = data_blob_const(p, sizeof(p));
772 /* From conversations with Microsoft engineers at
773 the MS plugfest. The first 8 bytes are the "volume index"
774 == inode, the second 8 bytes are the "volume id",
775 == dev. This will be updated in the SMB2 doc. */
776 SBVAL(p, 0, file_index);
777 SIVAL(p, 8, result->fsp_name->st.st_ex_dev);/* FileIndexHigh */
779 status = smb2_create_blob_add(state, &out_context_blobs,
780 SMB2_CREATE_TAG_QFID,
782 if (!NT_STATUS_IS_OK(status)) {
783 tevent_req_nterror(req, status);
784 return tevent_req_post(req, ev);
789 smb2req->compat_chain_fsp = smb1req->chain_fsp;
791 if(lp_fake_oplocks(SNUM(smb2req->tcon->compat_conn))) {
792 state->out_oplock_level = in_oplock_level;
794 state->out_oplock_level = map_samba_oplock_levels_to_smb2(result->oplock_type);
797 if ((in_create_disposition == FILE_SUPERSEDE)
798 && (info == FILE_WAS_OVERWRITTEN)) {
799 state->out_create_action = FILE_WAS_SUPERSEDED;
801 state->out_create_action = info;
803 state->out_file_attributes = dos_mode(result->conn,
805 /* Deal with other possible opens having a modified
807 ZERO_STRUCT(write_time_ts);
808 get_file_infos(result->file_id, 0, NULL, &write_time_ts);
809 if (!null_timespec(write_time_ts)) {
810 update_stat_ex_mtime(&result->fsp_name->st, write_time_ts);
813 unix_timespec_to_nt_time(&state->out_creation_time,
814 get_create_timespec(smb1req->conn, result,
816 unix_timespec_to_nt_time(&state->out_last_access_time,
817 result->fsp_name->st.st_ex_atime);
818 unix_timespec_to_nt_time(&state->out_last_write_time,
819 result->fsp_name->st.st_ex_mtime);
820 unix_timespec_to_nt_time(&state->out_change_time,
821 get_change_timespec(smb1req->conn, result,
823 state->out_allocation_size =
824 SMB_VFS_GET_ALLOC_SIZE(smb1req->conn, result,
825 &(result->fsp_name->st));
826 state->out_end_of_file = result->fsp_name->st.st_ex_size;
827 if (state->out_file_attributes == 0) {
828 state->out_file_attributes = FILE_ATTRIBUTE_NORMAL;
830 state->out_file_id_persistent = result->fnum;
831 state->out_file_id_volatile = result->fnum;
832 state->out_context_blobs = out_context_blobs;
834 tevent_req_done(req);
835 return tevent_req_post(req, ev);
838 static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
840 uint8_t *out_oplock_level,
841 uint32_t *out_create_action,
842 NTTIME *out_creation_time,
843 NTTIME *out_last_access_time,
844 NTTIME *out_last_write_time,
845 NTTIME *out_change_time,
846 uint64_t *out_allocation_size,
847 uint64_t *out_end_of_file,
848 uint32_t *out_file_attributes,
849 uint64_t *out_file_id_persistent,
850 uint64_t *out_file_id_volatile,
851 struct smb2_create_blobs *out_context_blobs)
854 struct smbd_smb2_create_state *state = tevent_req_data(req,
855 struct smbd_smb2_create_state);
857 if (tevent_req_is_nterror(req, &status)) {
858 tevent_req_received(req);
862 *out_oplock_level = state->out_oplock_level;
863 *out_create_action = state->out_create_action;
864 *out_creation_time = state->out_creation_time;
865 *out_last_access_time = state->out_last_access_time;
866 *out_last_write_time = state->out_last_write_time;
867 *out_change_time = state->out_change_time;
868 *out_allocation_size = state->out_allocation_size;
869 *out_end_of_file = state->out_end_of_file;
870 *out_file_attributes = state->out_file_attributes;
871 *out_file_id_persistent = state->out_file_id_persistent;
872 *out_file_id_volatile = state->out_file_id_volatile;
873 *out_context_blobs = state->out_context_blobs;
875 talloc_steal(mem_ctx, state->out_context_blobs.blobs);
877 tevent_req_received(req);
881 /*********************************************************
882 Code for dealing with deferred opens.
883 *********************************************************/
885 bool get_deferred_open_message_state_smb2(struct smbd_smb2_request *smb2req,
886 struct timeval *p_request_time,
889 struct smbd_smb2_create_state *state = NULL;
890 struct tevent_req *req = NULL;
895 if (!smb2req->async) {
898 req = smb2req->subreq;
902 state = tevent_req_data(req, struct smbd_smb2_create_state);
906 if (p_request_time) {
907 *p_request_time = state->request_time;
910 *pp_state = (void *)state->private_data.data;
915 /*********************************************************
916 Re-process this call early - requested by message or
918 *********************************************************/
920 static struct smbd_smb2_request *find_open_smb2req(
921 struct smbd_server_connection *sconn, uint64_t mid)
923 struct smbd_smb2_request *smb2req;
925 for (smb2req = sconn->smb2.requests; smb2req; smb2req = smb2req->next) {
927 if (smb2req->subreq == NULL) {
928 /* This message has been processed. */
931 if (!tevent_req_is_in_progress(smb2req->subreq)) {
932 /* This message has been processed. */
935 message_id = get_mid_from_smb2req(smb2req);
936 if (message_id == mid) {
943 bool open_was_deferred_smb2(struct smbd_server_connection *sconn, uint64_t mid)
945 struct smbd_smb2_create_state *state = NULL;
946 struct smbd_smb2_request *smb2req;
948 smb2req = find_open_smb2req(sconn, mid);
951 DEBUG(10,("open_was_deferred_smb2: mid %llu smb2req == NULL\n",
952 (unsigned long long)mid));
955 if (!smb2req->subreq) {
958 if (!tevent_req_is_in_progress(smb2req->subreq)) {
961 state = tevent_req_data(smb2req->subreq,
962 struct smbd_smb2_create_state);
966 /* It's not in progress if there's no timeout event. */
971 DEBUG(10,("open_was_deferred_smb2: mid = %llu\n",
972 (unsigned long long)mid));
977 static void remove_deferred_open_message_smb2_internal(struct smbd_smb2_request *smb2req,
980 struct smbd_smb2_create_state *state = NULL;
982 if (!smb2req->subreq) {
985 if (!tevent_req_is_in_progress(smb2req->subreq)) {
988 state = tevent_req_data(smb2req->subreq,
989 struct smbd_smb2_create_state);
994 DEBUG(10,("remove_deferred_open_message_smb2_internal: "
996 (unsigned long long)mid ));
998 /* Ensure we don't have any outstanding timer event. */
999 TALLOC_FREE(state->te);
1000 /* Ensure we don't have any outstanding immediate event. */
1001 TALLOC_FREE(state->im);
1004 void remove_deferred_open_message_smb2(
1005 struct smbd_server_connection *sconn, uint64_t mid)
1007 struct smbd_smb2_request *smb2req;
1009 smb2req = find_open_smb2req(sconn, mid);
1012 DEBUG(10,("remove_deferred_open_message_smb2: "
1013 "can't find mid %llu\n",
1014 (unsigned long long)mid ));
1017 remove_deferred_open_message_smb2_internal(smb2req, mid);
1020 static void smbd_smb2_create_request_dispatch_immediate(struct tevent_context *ctx,
1021 struct tevent_immediate *im,
1024 struct smbd_smb2_request *smb2req = talloc_get_type_abort(private_data,
1025 struct smbd_smb2_request);
1026 struct smbd_server_connection *sconn = smb2req->sconn;
1027 uint64_t mid = get_mid_from_smb2req(smb2req);
1030 DEBUG(10,("smbd_smb2_create_request_dispatch_immediate: "
1031 "re-dispatching mid %llu\n",
1032 (unsigned long long)mid ));
1034 status = smbd_smb2_request_dispatch(smb2req);
1035 if (!NT_STATUS_IS_OK(status)) {
1036 smbd_server_connection_terminate(sconn, nt_errstr(status));
1041 void schedule_deferred_open_message_smb2(
1042 struct smbd_server_connection *sconn, uint64_t mid)
1044 struct smbd_smb2_create_state *state = NULL;
1045 struct smbd_smb2_request *smb2req;
1047 smb2req = find_open_smb2req(sconn, mid);
1050 DEBUG(10,("schedule_deferred_open_message_smb2: "
1051 "can't find mid %llu\n",
1052 (unsigned long long)mid ));
1055 if (!smb2req->subreq) {
1058 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1061 state = tevent_req_data(smb2req->subreq,
1062 struct smbd_smb2_create_state);
1067 /* Ensure we don't have any outstanding timer event. */
1068 TALLOC_FREE(state->te);
1069 /* Ensure we don't have any outstanding immediate event. */
1070 TALLOC_FREE(state->im);
1073 * This is subtle. We must null out the callback
1074 * before resheduling, else the first call to
1075 * tevent_req_nterror() causes the _receive()
1076 * function to be called, this causing tevent_req_post()
1079 tevent_req_set_callback(smb2req->subreq, NULL, NULL);
1081 state->im = tevent_create_immediate(smb2req);
1083 smbd_server_connection_terminate(smb2req->sconn,
1084 nt_errstr(NT_STATUS_NO_MEMORY));
1088 DEBUG(10,("schedule_deferred_open_message_smb2: "
1089 "re-processing mid %llu\n",
1090 (unsigned long long)mid ));
1092 tevent_schedule_immediate(state->im,
1093 smb2req->sconn->smb2.event_ctx,
1094 smbd_smb2_create_request_dispatch_immediate,
1098 /*********************************************************
1099 Re-process this call.
1100 *********************************************************/
1102 static void smb2_deferred_open_timer(struct event_context *ev,
1103 struct timed_event *te,
1104 struct timeval _tval,
1108 struct smbd_smb2_create_state *state = NULL;
1109 struct smbd_smb2_request *smb2req = talloc_get_type(private_data,
1110 struct smbd_smb2_request);
1112 DEBUG(10,("smb2_deferred_open_timer: [idx=%d], %s\n",
1113 smb2req->current_idx,
1114 tevent_req_default_print(smb2req->subreq, talloc_tos()) ));
1116 state = tevent_req_data(smb2req->subreq,
1117 struct smbd_smb2_create_state);
1122 * Null this out, don't talloc_free. It will
1123 * be talloc_free'd by the tevent library when
1127 /* Ensure we don't have any outstanding immediate event. */
1128 TALLOC_FREE(state->im);
1131 * This is subtle. We must null out the callback
1132 * before resheduling, else the first call to
1133 * tevent_req_nterror() causes the _receive()
1134 * function to be called, this causing tevent_req_post()
1137 tevent_req_set_callback(smb2req->subreq, NULL, NULL);
1139 status = smbd_smb2_request_dispatch(smb2req);
1141 if (!NT_STATUS_IS_OK(status)) {
1142 smbd_server_connection_terminate(smb2req->sconn,
1147 static bool smbd_smb2_create_cancel(struct tevent_req *req)
1149 struct smbd_smb2_request *smb2req = NULL;
1150 struct smbd_smb2_create_state *state = tevent_req_data(req,
1151 struct smbd_smb2_create_state);
1158 if (!state->smb2req) {
1162 smb2req = state->smb2req;
1163 mid = get_mid_from_smb2req(smb2req);
1165 remove_deferred_open_entry(state->id, mid,
1166 sconn_server_id(smb2req->sconn));
1167 remove_deferred_open_message_smb2_internal(smb2req, mid);
1168 smb2req->cancelled = true;
1170 tevent_req_done(req);
1174 bool push_deferred_open_message_smb2(struct smbd_smb2_request *smb2req,
1175 struct timeval request_time,
1176 struct timeval timeout,
1181 struct tevent_req *req = NULL;
1182 struct smbd_smb2_create_state *state = NULL;
1183 struct timeval end_time;
1188 req = smb2req->subreq;
1192 state = tevent_req_data(req, struct smbd_smb2_create_state);
1197 state->request_time = request_time;
1198 state->private_data = data_blob_talloc(state, private_data,
1200 if (!state->private_data.data) {
1205 /* Boo - turns out this isn't what W2K8R2
1206 does. It actually sends the STATUS_PENDING
1207 message followed by the STATUS_SHARING_VIOLATION
1208 message. Surely this means that all open
1209 calls (even on directories) will potentially
1210 fail in a chain.... ? And I've seen directory
1211 opens as the start of a chain. JRA.
1213 Update: 19th May 2010. Talking with Microsoft
1214 engineers at the plugfest this is a bug in
1215 Windows. Re-enable this code.
1218 * More subtlety. To match W2K8R2 don't
1219 * send a "gone async" message if it's simply
1220 * a STATUS_SHARING_VIOLATION (short) wait, not
1221 * an oplock break wait. We do this by prematurely
1222 * setting smb2req->async flag.
1224 if (timeout.tv_sec < 2) {
1225 DEBUG(10,("push_deferred_open_message_smb2: "
1226 "short timer wait (usec = %u). "
1227 "Don't send async message.\n",
1228 (unsigned int)timeout.tv_usec ));
1229 smb2req->async = true;
1233 /* Re-schedule us to retry on timer expiry. */
1234 end_time = timeval_sum(&request_time, &timeout);
1236 DEBUG(10,("push_deferred_open_message_smb2: "
1238 timeval_string(talloc_tos(),
1242 state->te = event_add_timed(smb2req->sconn->smb2.event_ctx,
1245 smb2_deferred_open_timer,
1251 /* allow this request to be canceled */
1252 tevent_req_set_cancel_fn(req, smbd_smb2_create_cancel);
git.samba.org / kai / samba.git / blob