s3:smbd: return DELETE_PENDING on path based operations on streams, when the main...

[metze/samba/wip.git] / source / smbd / trans2.c
diff --git a/source/smbd/trans2.c b/source/smbd/trans2.c

index 05e8375d05b5be7742e86d3b3112228def255a82..80c3694f4beb87aa9074ba3984852f6f8ddbaf92 100644 (file)
--- a/source/smbd/trans2.c
+++ b/source/smbd/trans2.c
@@ -737,14 +737,16 @@ void send_trans2_replies(connection_struct *conn,
                                     + alignment_offset
                                     + data_alignment_offset);
  
-       /* useable_space can never be more than max_send minus the alignment offset. */
-
-       useable_space = MIN(useable_space, max_send - (alignment_offset+data_alignment_offset));
+       if (useable_space < 0) {
+               DEBUG(0, ("send_trans2_replies failed sanity useable_space "
+                         "= %d!!!", useable_space));
+               exit_server_cleanly("send_trans2_replies: Not enough space");
+       }
  
         while (params_to_send || data_to_send) {
                 /* Calculate whether we will totally or partially fill this packet */
  
-               total_sent_thistime = params_to_send + data_to_send + alignment_offset + data_alignment_offset;
+               total_sent_thistime = params_to_send + data_to_send;
  
                 /* We can never send more than useable_space */
                 /*
@@ -754,9 +756,10 @@ void send_trans2_replies(connection_struct *conn,
                  * are sent here. Fix from Marc_Jacobsen@hp.com.
                  */
  
-               total_sent_thistime = MIN(total_sent_thistime, useable_space+ alignment_offset + data_alignment_offset);
+               total_sent_thistime = MIN(total_sent_thistime, useable_space);
  
-               reply_outbuf(req, 10, total_sent_thistime);
+               reply_outbuf(req, 10, total_sent_thistime + alignment_offset
+                            + data_alignment_offset);
  
                 /* Set total params and data to be sent */
                 SSVAL(req->outbuf,smb_tprcnt,paramsize);
@@ -1195,6 +1198,32 @@ static NTSTATUS unix_perms_from_wire( connection_struct *conn,
         return NT_STATUS_OK;
  }
  
+/****************************************************************************
+ Needed to show the msdfs symlinks as directories. Modifies psbuf
+ to be a directory if it's a msdfs link.
+****************************************************************************/
+
+static bool check_msdfs_link(connection_struct *conn,
+                               const char *pathname,
+                               SMB_STRUCT_STAT *psbuf)
+{
+       int saved_errno = errno;
+       if(lp_host_msdfs() &&
+               lp_msdfs_root(SNUM(conn)) &&
+               is_msdfs_link(conn, pathname, psbuf)) {
+
+               DEBUG(5,("check_msdfs_link: Masquerading msdfs link %s "
+                       "as a directory\n",
+                       pathname));
+               psbuf->st_mode = (psbuf->st_mode & 0xFFF) | S_IFDIR;
+               errno = saved_errno;
+               return true;
+       }
+       errno = saved_errno;
+       return false;
+}
+
+
  /****************************************************************************
   Get a level dependent lanman2 dir entry.
  ****************************************************************************/
@@ -1360,16 +1389,8 @@ static bool get_lanman2_dir_entry(TALLOC_CTX *ctx,
                                 /* Needed to show the msdfs symlinks as
                                  * directories */
  
-                               if(lp_host_msdfs() &&
-                                  lp_msdfs_root(SNUM(conn)) &&
-                                  ((ms_dfs_link = is_msdfs_link(conn, pathreal, &sbuf)) == True)) {
-                                       DEBUG(5,("get_lanman2_dir_entry: Masquerading msdfs link %s "
-                                               "as a directory\n",
-                                               pathreal));
-                                       sbuf.st_mode = (sbuf.st_mode & 0xFFF) | S_IFDIR;
-
-                               } else {
-
+                               ms_dfs_link = check_msdfs_link(conn, pathreal, &sbuf);
+                               if (!ms_dfs_link) {
                                         DEBUG(5,("get_lanman2_dir_entry:Couldn't stat [%s] (%s)\n",
                                                 pathreal,strerror(errno)));
                                         TALLOC_FREE(pathreal);
@@ -1864,7 +1885,7 @@ static void call_trans2findfirst(connection_struct *conn,
         bool requires_resume_key;
         int info_level;
         char *directory = NULL;
-       const char *mask = NULL;
+       char *mask = NULL;
         char *p;
         int last_entry_off=0;
         int dptr_num = -1;
@@ -1917,6 +1938,8 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n",
                         break;
                 case SMB_FIND_FILE_UNIX:
                 case SMB_FIND_FILE_UNIX_INFO2:
+                       /* Always use filesystem for UNIX mtime query. */
+                       ask_sharemode = false;
                         if (!lp_unix_extensions()) {
                                 reply_nterror(req, NT_STATUS_INVALID_LEVEL);
                                 return;
@@ -1950,7 +1973,7 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n",
                 return;
         }
  
-       ntstatus = unix_convert(ctx, conn, directory, True, &directory, NULL, &sbuf);
+       ntstatus = unix_convert(ctx, conn, directory, True, &directory, &mask, &sbuf);
         if (!NT_STATUS_IS_OK(ntstatus)) {
                 reply_nterror(req, ntstatus);
                 return;
@@ -1966,10 +1989,12 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n",
         if(p == NULL) {
                 /* Windows and OS/2 systems treat search on the root '\' as if it were '\*' */
                 if((directory[0] == '.') && (directory[1] == '\0')) {
-                       mask = "*";
+                       mask = talloc_strdup(ctx,"*");
+                       if (!mask) {
+                               reply_nterror(req, NT_STATUS_NO_MEMORY);
+                               return;
+                       }
                         mask_contains_wcard = True;
-               } else {
-                       mask = directory;
                 }
                 directory = talloc_strdup(talloc_tos(), "./");
                 if (!directory) {
@@ -1977,7 +2002,6 @@ close_if_end = %d requires_resume_key = %d level = 0x%x, max_data_bytes = %d\n",
                         return;
                 }
         } else {
-               mask = p+1;
                 *p = 0;
         }
  
@@ -2274,6 +2298,8 @@ resume_key = %d resume name = %s continue=%d level = %d\n",
                         break;
                 case SMB_FIND_FILE_UNIX:
                 case SMB_FIND_FILE_UNIX_INFO2:
+                       /* Always use filesystem for UNIX mtime query. */
+                       ask_sharemode = false;
                         if (!lp_unix_extensions()) {
                                 reply_nterror(req, NT_STATUS_INVALID_LEVEL);
                                 return;
@@ -3806,6 +3832,7 @@ static void call_trans2qfilepathinfo(connection_struct *conn,
         struct ea_list *ea_list = NULL;
         uint32 access_mask = 0x12019F; /* Default - GENERIC_EXECUTE mapping from Windows */
         char *lock_data = NULL;
+       bool ms_dfs_link = false;
         TALLOC_CTX *ctx = talloc_tos();
  
         if (!params) {
@@ -3952,6 +3979,46 @@ static void call_trans2qfilepathinfo(connection_struct *conn,
                         return;
                 }
  
+               if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
+                   && is_ntfs_stream_name(fname)) {
+                       char *base;
+                       SMB_STRUCT_STAT bsbuf;
+
+                       status = split_ntfs_stream_name(talloc_tos(), fname,
+                                                       &base, NULL);
+                       if (!NT_STATUS_IS_OK(status)) {
+                               DEBUG(10, ("create_file_unixpath: "
+                                       "split_ntfs_stream_name failed: %s\n",
+                                       nt_errstr(status)));
+                               reply_nterror(req, status);
+                               return;
+                       }
+
+                       SMB_ASSERT(!is_ntfs_stream_name(base)); /* paranoia.. */
+
+                       if (INFO_LEVEL_IS_UNIX(info_level)) {
+                               /* Always do lstat for UNIX calls. */
+                               if (SMB_VFS_LSTAT(conn,base,&bsbuf)) {
+                                       DEBUG(3,("call_trans2qfilepathinfo: SMB_VFS_LSTAT of %s failed (%s)\n",base,strerror(errno)));
+                                       reply_unixerror(req,ERRDOS,ERRbadpath);
+                                       return;
+                               }
+                       } else {
+                               if (SMB_VFS_STAT(conn,base,&bsbuf) != 0) {
+                                       DEBUG(3,("call_trans2qfilepathinfo: fileinfo of %s failed (%s)\n",base,strerror(errno)));
+                                       reply_unixerror(req,ERRDOS,ERRbadpath);
+                                       return;
+                               }
+                       }
+
+                       fileid = vfs_file_id_from_sbuf(conn, &bsbuf);
+                       get_file_infos(fileid, &delete_pending, NULL);
+                       if (delete_pending) {
+                               reply_nterror(req, NT_STATUS_DELETE_PENDING);
+                               return;
+                       }
+               }
+
                 if (INFO_LEVEL_IS_UNIX(info_level)) {
                         /* Always do lstat for UNIX calls. */
                         if (SMB_VFS_LSTAT(conn,fname,&sbuf)) {
@@ -3959,10 +4026,15 @@ static void call_trans2qfilepathinfo(connection_struct *conn,
                                 reply_unixerror(req, ERRDOS, ERRbadpath);
                                 return;
                         }
+
                 } else if (!VALID_STAT(sbuf) && SMB_VFS_STAT(conn,fname,&sbuf) && (info_level != SMB_INFO_IS_NAME_VALID)) {
-                       DEBUG(3,("call_trans2qfilepathinfo: SMB_VFS_STAT of %s failed (%s)\n",fname,strerror(errno)));
-                       reply_unixerror(req, ERRDOS, ERRbadpath);
-                       return;
+                       ms_dfs_link = check_msdfs_link(conn,fname,&sbuf);
+
+                       if (!ms_dfs_link) {
+                               DEBUG(3,("call_trans2qfilepathinfo: SMB_VFS_STAT of %s failed (%s)\n",fname,strerror(errno)));
+                               reply_unixerror(req, ERRDOS, ERRbadpath);
+                               return;
+                       }
                 }
  
                 fileid = vfs_file_id_from_sbuf(conn, &sbuf);
@@ -3987,7 +4059,11 @@ static void call_trans2qfilepathinfo(connection_struct *conn,
         else
                 base_name = p+1;
  
-       mode = dos_mode(conn,fname,&sbuf);
+       if (ms_dfs_link) {
+               mode = dos_mode_msdfs(conn,fname,&sbuf);
+       } else {
+               mode = dos_mode(conn,fname,&sbuf);
+       }
         if (!mode)
                 mode = FILE_ATTRIBUTE_NORMAL;
  
@@ -4101,7 +4177,7 @@ total_data=%u (should be %u)\n", (unsigned int)total_data, (unsigned int)IVAL(pd
                 }
         }
  
-       if (!null_timespec(write_time_ts)) {
+       if (!null_timespec(write_time_ts) && !INFO_LEVEL_IS_UNIX(info_level)) {
                 mtime_ts = write_time_ts;
         }
  
@@ -4856,11 +4932,11 @@ NTSTATUS smb_set_file_time(connection_struct *conn,
                           time_to_asc(convert_timespec_to_time_t(ts[1])) ));
  
                 if (fsp != NULL) {
-                       set_write_time_fsp(fsp, ts[1], true);
+                       set_sticky_write_time_fsp(fsp, ts[1]);
                 } else {
-                       set_write_time_path(conn, fname,
+                       set_sticky_write_time_path(conn, fname,
                                             vfs_file_id_from_sbuf(conn, psbuf),
-                                           ts[1], true);
+                                           ts[1]);
                 }
         }
  
@@ -4944,6 +5020,7 @@ static NTSTATUS smb_set_file_size(connection_struct *conn,
                 if (vfs_set_filelen(fsp, size) == -1) {
                         return map_nt_error_from_unix(errno);
                 }
+               trigger_write_time_update_immediate(fsp);
                 return NT_STATUS_OK;
         }
  
@@ -4967,6 +5044,7 @@ static NTSTATUS smb_set_file_size(connection_struct *conn,
                 return status;
         }
  
+       trigger_write_time_update_immediate(new_fsp);
         close_file(new_fsp,NORMAL_CLOSE);
         return NT_STATUS_OK;
  }
@@ -5289,26 +5367,42 @@ static NTSTATUS smb_file_rename_information(connection_struct *conn,
                 return NT_STATUS_NOT_SUPPORTED;
         }
  
-       /* Create the base directory. */
-       base_name = talloc_strdup(ctx, fname);
-       if (!base_name) {
-               return NT_STATUS_NO_MEMORY;
-       }
-       p = strrchr_m(base_name, '/');
-       if (p) {
-               p[1] = '\0';
+       if (fsp && fsp->base_fsp) {
+               if (newname[0] != ':') {
+                       return NT_STATUS_NOT_SUPPORTED;
+               }
+               base_name = talloc_asprintf(ctx, "%s%s",
+                                          fsp->base_fsp->fsp_name,
+                                          newname);
+               if (!base_name) {
+                       return NT_STATUS_NO_MEMORY;
+               }
         } else {
-               base_name = talloc_strdup(ctx, "./");
+               if (is_ntfs_stream_name(newname)) {
+                       return NT_STATUS_NOT_SUPPORTED;
+               }
+
+               /* Create the base directory. */
+               base_name = talloc_strdup(ctx, fname);
+               if (!base_name) {
+                       return NT_STATUS_NO_MEMORY;
+               }
+               p = strrchr_m(base_name, '/');
+               if (p) {
+                       p[1] = '\0';
+               } else {
+                       base_name = talloc_strdup(ctx, "./");
+                       if (!base_name) {
+                               return NT_STATUS_NO_MEMORY;
+                       }
+               }
+               /* Append the new name. */
+               base_name = talloc_asprintf_append(base_name,
+                               "%s",
+                               newname);
                 if (!base_name) {
                         return NT_STATUS_NO_MEMORY;
                 }
-       }
-       /* Append the new name. */
-       base_name = talloc_asprintf_append(base_name,
-                       "%s",
-                       newname);
-       if (!base_name) {
-               return NT_STATUS_NO_MEMORY;
         }
  
         if (fsp) {
@@ -5692,7 +5786,7 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn,
                  * This is equivalent to a write. Ensure it's seen immediately
                  * if there are no pending writes.
                  */
-               trigger_write_time_update(fsp);
+               trigger_write_time_update_immediate(fsp);
                 return NT_STATUS_OK;
         }
  
@@ -5726,7 +5820,7 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn,
          * This is equivalent to a write. Ensure it's seen immediately
          * if there are no pending writes.
          */
-       trigger_write_time_update(new_fsp);
+       trigger_write_time_update_immediate(new_fsp);
  
         close_file(new_fsp,NORMAL_CLOSE);
         return NT_STATUS_OK;
@@ -7010,10 +7104,11 @@ static void call_trans2mkdir(connection_struct *conn, struct smb_request *req,
                         reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
                         return;
                 }
-       } else if (IVAL(pdata,0) != 4) {
-               reply_nterror(req, NT_STATUS_INVALID_PARAMETER);
-               return;
         }
+       /* If total_data == 4 Windows doesn't care what values
+        * are placed in that field, it just ignores them.
+        * The System i QNTC IBM SMB client puts bad values here,
+        * so ignore them. */
  
         status = create_directory(conn, req, directory);
  
@@ -7468,7 +7563,8 @@ void reply_trans2(struct smb_request *req)
         unsigned int psoff;
         unsigned int pscnt;
         unsigned int tran_call;
-       int size;
+       unsigned int size;
+       unsigned int av_size;
         struct trans_state *state;
         NTSTATUS result;
  
@@ -7486,6 +7582,7 @@ void reply_trans2(struct smb_request *req)
         pscnt = SVAL(req->inbuf, smb_pscnt);
         tran_call = SVAL(req->inbuf, smb_setup0);
         size = smb_len(req->inbuf) + 4;
+       av_size = smb_len(req->inbuf);
  
         result = allow_new_trans(conn->pending_trans, req->mid);
         if (!NT_STATUS_IS_OK(result)) {
@@ -7578,12 +7675,17 @@ void reply_trans2(struct smb_request *req)
                         END_PROFILE(SMBtrans2);
                         return;
                 }
-               if ((dsoff+dscnt < dsoff) || (dsoff+dscnt < dscnt))
+
+               if (dscnt > state->total_data ||
+                               dsoff+dscnt < dsoff) {
                         goto bad_param;
-               if ((smb_base(req->inbuf)+dsoff+dscnt
-                    > (char *)req->inbuf + size) ||
-                   (smb_base(req->inbuf)+dsoff+dscnt < smb_base(req->inbuf)))
+               }
+
+               if (dsoff > av_size ||
+                               dscnt > av_size ||
+                               dsoff+dscnt > av_size) {
                         goto bad_param;
+               }
  
                 memcpy(state->data,smb_base(req->inbuf)+dsoff,dscnt);
         }
@@ -7601,12 +7703,17 @@ void reply_trans2(struct smb_request *req)
                         END_PROFILE(SMBtrans2);
                         return;
                 } 
-               if ((psoff+pscnt < psoff) || (psoff+pscnt < pscnt))
+
+               if (pscnt > state->total_param ||
+                               psoff+pscnt < psoff) {
                         goto bad_param;
-               if ((smb_base(req->inbuf)+psoff+pscnt
-                    > (char *)req->inbuf + size) ||
-                   (smb_base(req->inbuf)+psoff+pscnt < smb_base(req->inbuf)))
+               }
+
+               if (psoff > av_size ||
+                               pscnt > av_size ||
+                               psoff+pscnt > av_size) {
                         goto bad_param;
+               }
  
                 memcpy(state->param,smb_base(req->inbuf)+psoff,pscnt);
         }
@@ -7655,7 +7762,8 @@ void reply_transs2(struct smb_request *req)
         connection_struct *conn = req->conn;
         unsigned int pcnt,poff,dcnt,doff,pdisp,ddisp;
         struct trans_state *state;
-       int size;
+       unsigned int size;
+       unsigned int av_size;
  
         START_PROFILE(SMBtranss2);
  
@@ -7668,6 +7776,7 @@ void reply_transs2(struct smb_request *req)
         }
  
         size = smb_len(req->inbuf)+4;
+       av_size = smb_len(req->inbuf);
  
         for (state = conn->pending_trans; state != NULL;
              state = state->next) {
@@ -7706,36 +7815,38 @@ void reply_transs2(struct smb_request *req)
                 goto bad_param;
  
         if (pcnt) {
-               if (pdisp+pcnt > state->total_param)
+               if (pdisp > state->total_param ||
+                               pcnt > state->total_param ||
+                               pdisp+pcnt > state->total_param ||
+                               pdisp+pcnt < pdisp) {
                         goto bad_param;
-               if ((pdisp+pcnt < pdisp) || (pdisp+pcnt < pcnt))
-                       goto bad_param;
-               if (pdisp > state->total_param)
-                       goto bad_param;
-               if ((smb_base(req->inbuf) + poff + pcnt
-                    > (char *)req->inbuf + size) ||
-                   (smb_base(req->inbuf) + poff + pcnt < smb_base(req->inbuf)))
-                       goto bad_param;
-               if (state->param + pdisp < state->param)
+               }
+
+               if (poff > av_size ||
+                               pcnt > av_size ||
+                               poff+pcnt > av_size ||
+                               poff+pcnt < poff) {
                         goto bad_param;
+               }
  
                 memcpy(state->param+pdisp,smb_base(req->inbuf)+poff,
                        pcnt);
         }
  
         if (dcnt) {
-               if (ddisp+dcnt > state->total_data)
+               if (ddisp > state->total_data ||
+                               dcnt > state->total_data ||
+                               ddisp+dcnt > state->total_data ||
+                               ddisp+dcnt < ddisp) {
                         goto bad_param;
-               if ((ddisp+dcnt < ddisp) || (ddisp+dcnt < dcnt))
-                       goto bad_param;
-               if (ddisp > state->total_data)
-                       goto bad_param;
-               if ((smb_base(req->inbuf) + doff + dcnt
-                    > (char *)req->inbuf + size) ||
-                   (smb_base(req->inbuf) + doff + dcnt < smb_base(req->inbuf)))
-                       goto bad_param;
-               if (state->data + ddisp < state->data)
+               }
+
+               if (ddisp > av_size ||
+                               dcnt > av_size ||
+                               ddisp+dcnt > av_size ||
+                               ddisp+dcnt < ddisp) {
                         goto bad_param;
+               }
  
                 memcpy(state->data+ddisp, smb_base(req->inbuf)+doff,
                        dcnt);