2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2007.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
33 unsigned int smb_echo_count = 0;
34 extern uint32 global_client_caps;
36 extern struct current_user current_user;
37 extern BOOL global_encrypted_passwords_negotiated;
39 /****************************************************************************
40 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
41 path or anything including wildcards.
42 We're assuming here that '/' is not the second byte in any multibyte char
43 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
45 ****************************************************************************/
47 NTSTATUS check_path_syntax_internal(pstring destname,
48 const pstring srcname,
50 BOOL *p_last_component_contains_wcard)
53 const char *s = srcname;
54 NTSTATUS ret = NT_STATUS_OK;
55 BOOL start_of_name_component = True;
57 *p_last_component_contains_wcard = False;
60 if (IS_DIRECTORY_SEP(*s)) {
62 * Safe to assume is not the second part of a mb char as this is handled below.
64 /* Eat multiple '/' or '\\' */
65 while (IS_DIRECTORY_SEP(*s)) {
68 if ((d != destname) && (*s != '\0')) {
69 /* We only care about non-leading or trailing '/' or '\\' */
73 start_of_name_component = True;
75 *p_last_component_contains_wcard = False;
79 if (start_of_name_component) {
80 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
81 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
84 * No mb char starts with '.' so we're safe checking the directory separator here.
87 /* If we just added a '/' - delete it */
88 if ((d > destname) && (*(d-1) == '/')) {
93 /* Are we at the start ? Can't go back further if so. */
95 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
98 /* Go back one level... */
99 /* We know this is safe as '/' cannot be part of a mb sequence. */
100 /* NOTE - if this assumption is invalid we are not in good shape... */
101 /* Decrement d first as d points to the *next* char to write into. */
102 for (d--; d > destname; d--) {
106 s += 2; /* Else go past the .. */
107 /* We're still at the start of a name component, just the previous one. */
110 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
123 return NT_STATUS_OBJECT_NAME_INVALID;
131 *p_last_component_contains_wcard = True;
140 /* Get the size of the next MB character. */
141 next_codepoint(s,&siz);
159 DEBUG(0,("check_path_syntax_internal: character length assumptions invalid !\n"));
161 return NT_STATUS_INVALID_PARAMETER;
164 start_of_name_component = False;
171 /****************************************************************************
172 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
173 No wildcards allowed.
174 ****************************************************************************/
176 NTSTATUS check_path_syntax(pstring destname, const pstring srcname)
179 return check_path_syntax_internal(destname, srcname, True, &ignore);
182 /****************************************************************************
183 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
184 Wildcards allowed - p_contains_wcard returns true if the last component contained
186 ****************************************************************************/
188 NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard)
190 return check_path_syntax_internal(destname, srcname, True, p_contains_wcard);
193 /****************************************************************************
194 Check the path for a POSIX client.
195 We're assuming here that '/' is not the second byte in any multibyte char
196 set (a safe assumption).
197 ****************************************************************************/
199 static NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname)
202 return check_path_syntax_internal(destname, srcname, False, &ignore);
205 /****************************************************************************
206 Pull a string and check the path allowing a wilcard - provide for error return.
207 ****************************************************************************/
209 size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags,
210 NTSTATUS *err, BOOL *contains_wcard)
213 char *tmppath_ptr = tmppath;
216 SMB_ASSERT(dest_len == sizeof(pstring));
220 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
222 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
225 *contains_wcard = False;
227 if (lp_posix_pathnames()) {
228 *err = check_path_syntax_posix(dest, tmppath);
230 *err = check_path_syntax_wcard(dest, tmppath, contains_wcard);
236 /****************************************************************************
237 Pull a string and check the path - provide for error return.
238 ****************************************************************************/
240 size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err)
243 char *tmppath_ptr = tmppath;
246 SMB_ASSERT(dest_len == sizeof(pstring));
250 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
252 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
254 if (lp_posix_pathnames()) {
255 *err = check_path_syntax_posix(dest, tmppath);
257 *err = check_path_syntax(dest, tmppath);
263 /****************************************************************************
264 Reply to a special message.
265 ****************************************************************************/
267 int reply_special(char *inbuf,char *outbuf)
270 int msg_type = CVAL(inbuf,0);
271 int msg_flags = CVAL(inbuf,1);
275 static BOOL already_got_session = False;
279 memset(outbuf,'\0',smb_size);
281 smb_setlen(outbuf,0);
284 case 0x81: /* session request */
286 if (already_got_session) {
287 exit_server_cleanly("multiple session request not permitted");
290 SCVAL(outbuf,0,0x82);
292 if (name_len(inbuf+4) > 50 ||
293 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
294 DEBUG(0,("Invalid name length in session request\n"));
297 name_extract(inbuf,4,name1);
298 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
299 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
302 set_local_machine_name(name1, True);
303 set_remote_machine_name(name2, True);
305 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
306 get_local_machine_name(), get_remote_machine_name(),
309 if (name_type == 'R') {
310 /* We are being asked for a pathworks session ---
312 SCVAL(outbuf, 0,0x83);
316 /* only add the client's machine name to the list
317 of possibly valid usernames if we are operating
318 in share mode security */
319 if (lp_security() == SEC_SHARE) {
320 add_session_user(get_remote_machine_name());
323 reload_services(True);
326 already_got_session = True;
329 case 0x89: /* session keepalive request
330 (some old clients produce this?) */
331 SCVAL(outbuf,0,SMBkeepalive);
335 case 0x82: /* positive session response */
336 case 0x83: /* negative session response */
337 case 0x84: /* retarget session response */
338 DEBUG(0,("Unexpected session response\n"));
341 case SMBkeepalive: /* session keepalive */
346 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
347 msg_type, msg_flags));
352 /****************************************************************************
354 conn POINTER CAN BE NULL HERE !
355 ****************************************************************************/
357 int reply_tcon(connection_struct *conn,
358 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
365 uint16 vuid = SVAL(inbuf,smb_uid);
369 DATA_BLOB password_blob;
371 START_PROFILE(SMBtcon);
373 *service_buf = *password = *dev = 0;
375 p = smb_buf(inbuf)+1;
376 p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1;
377 pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1;
379 p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1;
381 p = strrchr_m(service_buf,'\\');
385 service = service_buf;
388 password_blob = data_blob(password, pwlen+1);
390 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
392 data_blob_clear_free(&password_blob);
395 END_PROFILE(SMBtcon);
396 return ERROR_NT(nt_status);
399 outsize = set_message(outbuf,2,0,True);
400 SSVAL(outbuf,smb_vwv0,max_recv);
401 SSVAL(outbuf,smb_vwv1,conn->cnum);
402 SSVAL(outbuf,smb_tid,conn->cnum);
404 DEBUG(3,("tcon service=%s cnum=%d\n",
405 service, conn->cnum));
407 END_PROFILE(SMBtcon);
411 /****************************************************************************
412 Reply to a tcon and X.
413 conn POINTER CAN BE NULL HERE !
414 ****************************************************************************/
416 int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
421 /* what the cleint thinks the device is */
422 fstring client_devicetype;
423 /* what the server tells the client the share represents */
424 const char *server_devicetype;
426 uint16 vuid = SVAL(inbuf,smb_uid);
427 int passlen = SVAL(inbuf,smb_vwv3);
431 START_PROFILE(SMBtconX);
433 *service = *client_devicetype = 0;
435 /* we might have to close an old one */
436 if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) {
437 close_cnum(conn,vuid);
440 if (passlen > MAX_PASS_LEN) {
441 return ERROR_DOS(ERRDOS,ERRbuftoosmall);
444 if (global_encrypted_passwords_negotiated) {
445 password = data_blob(smb_buf(inbuf),passlen);
447 password = data_blob(smb_buf(inbuf),passlen+1);
448 /* Ensure correct termination */
449 password.data[passlen]=0;
452 p = smb_buf(inbuf) + passlen;
453 p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE);
456 * the service name can be either: \\server\share
457 * or share directly like on the DELL PowerVault 705
460 q = strchr_m(path+2,'\\');
462 END_PROFILE(SMBtconX);
463 return(ERROR_DOS(ERRDOS,ERRnosuchshare));
465 fstrcpy(service,q+1);
468 fstrcpy(service,path);
470 p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII);
472 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
474 conn = make_connection(service,password,client_devicetype,vuid,&nt_status);
476 data_blob_clear_free(&password);
479 END_PROFILE(SMBtconX);
480 return ERROR_NT(nt_status);
484 server_devicetype = "IPC";
485 else if ( IS_PRINT(conn) )
486 server_devicetype = "LPT1:";
488 server_devicetype = "A:";
490 if (Protocol < PROTOCOL_NT1) {
491 set_message(outbuf,2,0,True);
493 p += srvstr_push(outbuf, p, server_devicetype, -1,
494 STR_TERMINATE|STR_ASCII);
495 set_message_end(outbuf,p);
497 /* NT sets the fstype of IPC$ to the null string */
498 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
500 set_message(outbuf,3,0,True);
503 p += srvstr_push(outbuf, p, server_devicetype, -1,
504 STR_TERMINATE|STR_ASCII);
505 p += srvstr_push(outbuf, p, fstype, -1,
508 set_message_end(outbuf,p);
510 /* what does setting this bit do? It is set by NT4 and
511 may affect the ability to autorun mounted cdroms */
512 SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
513 (lp_csc_policy(SNUM(conn)) << 2));
515 init_dfsroot(conn, inbuf, outbuf);
519 DEBUG(3,("tconX service=%s \n",
522 /* set the incoming and outgoing tid to the just created one */
523 SSVAL(inbuf,smb_tid,conn->cnum);
524 SSVAL(outbuf,smb_tid,conn->cnum);
526 END_PROFILE(SMBtconX);
527 return chain_reply(inbuf,outbuf,length,bufsize);
530 /****************************************************************************
531 Reply to an unknown type.
532 ****************************************************************************/
534 int reply_unknown(char *inbuf,char *outbuf)
537 type = CVAL(inbuf,smb_com);
539 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
540 smb_fn_name(type), type, type));
542 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
545 /****************************************************************************
547 conn POINTER CAN BE NULL HERE !
548 ****************************************************************************/
550 int reply_ioctl(connection_struct *conn,
551 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
553 uint16 device = SVAL(inbuf,smb_vwv1);
554 uint16 function = SVAL(inbuf,smb_vwv2);
555 uint32 ioctl_code = (device << 16) + function;
556 int replysize, outsize;
558 START_PROFILE(SMBioctl);
560 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
562 switch (ioctl_code) {
563 case IOCTL_QUERY_JOB_INFO:
567 END_PROFILE(SMBioctl);
568 return(ERROR_DOS(ERRSRV,ERRnosupport));
571 outsize = set_message(outbuf,8,replysize+1,True);
572 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
573 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
574 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
575 p = smb_buf(outbuf) + 1; /* Allow for alignment */
577 switch (ioctl_code) {
578 case IOCTL_QUERY_JOB_INFO:
580 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
582 END_PROFILE(SMBioctl);
583 return(UNIXERROR(ERRDOS,ERRbadfid));
585 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
586 srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII);
588 srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII);
594 END_PROFILE(SMBioctl);
598 /****************************************************************************
599 Strange checkpath NTSTATUS mapping.
600 ****************************************************************************/
602 static NTSTATUS map_checkpath_error(const char *inbuf, NTSTATUS status)
604 /* Strange DOS error code semantics only for checkpath... */
605 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
606 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
607 /* We need to map to ERRbadpath */
608 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
614 /****************************************************************************
615 Reply to a checkpath.
616 ****************************************************************************/
618 int reply_checkpath(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
622 SMB_STRUCT_STAT sbuf;
625 START_PROFILE(SMBcheckpath);
627 srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status);
628 if (!NT_STATUS_IS_OK(status)) {
629 END_PROFILE(SMBcheckpath);
630 status = map_checkpath_error(inbuf, status);
631 return ERROR_NT(status);
634 RESOLVE_DFSPATH(name, conn, inbuf, outbuf);
636 DEBUG(3,("reply_checkpath %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0)));
638 status = unix_convert(conn, name, False, NULL, &sbuf);
639 if (!NT_STATUS_IS_OK(status)) {
640 END_PROFILE(SMBcheckpath);
641 status = map_checkpath_error(inbuf, status);
642 return ERROR_NT(status);
645 if (check_name(name,conn) && (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0)) {
646 if (!S_ISDIR(sbuf.st_mode)) {
647 END_PROFILE(SMBcheckpath);
648 return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath);
651 /* We special case this - as when a Windows machine
652 is parsing a path is steps through the components
653 one at a time - if a component fails it expects
654 ERRbadpath, not ERRbadfile.
656 if(errno == ENOENT) {
658 * Windows returns different error codes if
659 * the parent directory is valid but not the
660 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
661 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
662 * if the path is invalid.
664 END_PROFILE(SMBcheckpath);
665 return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath);
668 END_PROFILE(SMBcheckpath);
669 return(UNIXERROR(ERRDOS,ERRbadpath));
672 outsize = set_message(outbuf,0,0,False);
674 END_PROFILE(SMBcheckpath);
678 /****************************************************************************
680 ****************************************************************************/
682 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
686 SMB_STRUCT_STAT sbuf;
693 START_PROFILE(SMBgetatr);
695 p = smb_buf(inbuf) + 1;
696 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
697 if (!NT_STATUS_IS_OK(status)) {
698 END_PROFILE(SMBgetatr);
699 return ERROR_NT(status);
702 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
704 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
705 under WfWg - weird! */
706 if (*fname == '\0') {
707 mode = aHIDDEN | aDIR;
708 if (!CAN_WRITE(conn)) {
714 status = unix_convert(conn, fname, False, NULL,&sbuf);
715 if (!NT_STATUS_IS_OK(status)) {
716 END_PROFILE(SMBgetatr);
717 return ERROR_NT(status);
719 if (check_name(fname,conn) &&
720 (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0)) {
721 mode = dos_mode(conn,fname,&sbuf);
723 mtime = sbuf.st_mtime;
728 DEBUG(3,("reply_getatr: stat of %s failed (%s)\n",fname,strerror(errno)));
729 END_PROFILE(SMBgetatr);
730 return UNIXERROR(ERRDOS,ERRbadfile);
734 outsize = set_message(outbuf,10,0,True);
736 SSVAL(outbuf,smb_vwv0,mode);
737 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
738 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
740 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
742 SIVAL(outbuf,smb_vwv3,(uint32)size);
744 if (Protocol >= PROTOCOL_NT1) {
745 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
748 DEBUG(3,("reply_getatr: name=%s mode=%d size=%u\n", fname, mode, (unsigned int)size ) );
750 END_PROFILE(SMBgetatr);
754 /****************************************************************************
756 ****************************************************************************/
758 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
764 SMB_STRUCT_STAT sbuf;
768 START_PROFILE(SMBsetatr);
770 p = smb_buf(inbuf) + 1;
771 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
772 if (!NT_STATUS_IS_OK(status)) {
773 END_PROFILE(SMBsetatr);
774 return ERROR_NT(status);
777 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
779 status = unix_convert(conn, fname, False, NULL, &sbuf);
780 if (!NT_STATUS_IS_OK(status)) {
781 END_PROFILE(SMBsetatr);
782 return ERROR_NT(status);
785 if (fname[0] == '.' && fname[1] == '\0') {
787 * Not sure here is the right place to catch this
788 * condition. Might be moved to somewhere else later -- vl
790 END_PROFILE(SMBsetatr);
791 return ERROR_NT(NT_STATUS_ACCESS_DENIED);
794 if (!check_name(fname,conn)) {
795 END_PROFILE(SMBsetatr);
796 return UNIXERROR(ERRDOS, ERRnoaccess);
799 mode = SVAL(inbuf,smb_vwv0);
800 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
802 if (mode != FILE_ATTRIBUTE_NORMAL) {
803 if (VALID_STAT_OF_DIR(sbuf))
808 if (file_set_dosmode(conn,fname,mode,&sbuf,False) != 0) {
809 END_PROFILE(SMBsetatr);
810 return UNIXERROR(ERRDOS, ERRnoaccess);
814 if (!set_filetime(conn,fname,mtime)) {
815 END_PROFILE(SMBsetatr);
816 return UNIXERROR(ERRDOS, ERRnoaccess);
819 outsize = set_message(outbuf,0,0,False);
821 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
823 END_PROFILE(SMBsetatr);
827 /****************************************************************************
829 ****************************************************************************/
831 int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
834 SMB_BIG_UINT dfree,dsize,bsize;
835 START_PROFILE(SMBdskattr);
837 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
838 END_PROFILE(SMBdskattr);
839 return(UNIXERROR(ERRHRD,ERRgeneral));
842 outsize = set_message(outbuf,5,0,True);
844 if (Protocol <= PROTOCOL_LANMAN2) {
845 double total_space, free_space;
846 /* we need to scale this to a number that DOS6 can handle. We
847 use floating point so we can handle large drives on systems
848 that don't have 64 bit integers
850 we end up displaying a maximum of 2G to DOS systems
852 total_space = dsize * (double)bsize;
853 free_space = dfree * (double)bsize;
855 dsize = (total_space+63*512) / (64*512);
856 dfree = (free_space+63*512) / (64*512);
858 if (dsize > 0xFFFF) dsize = 0xFFFF;
859 if (dfree > 0xFFFF) dfree = 0xFFFF;
861 SSVAL(outbuf,smb_vwv0,dsize);
862 SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
863 SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */
864 SSVAL(outbuf,smb_vwv3,dfree);
866 SSVAL(outbuf,smb_vwv0,dsize);
867 SSVAL(outbuf,smb_vwv1,bsize/512);
868 SSVAL(outbuf,smb_vwv2,512);
869 SSVAL(outbuf,smb_vwv3,dfree);
872 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
874 END_PROFILE(SMBdskattr);
878 /****************************************************************************
880 Can be called from SMBsearch, SMBffirst or SMBfunique.
881 ****************************************************************************/
883 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
893 unsigned int numentries = 0;
894 unsigned int maxentries = 0;
895 BOOL finished = False;
902 BOOL check_descend = False;
903 BOOL expect_close = False;
904 BOOL can_open = True;
906 BOOL mask_contains_wcard = False;
907 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
909 START_PROFILE(SMBsearch);
911 if (lp_posix_pathnames()) {
912 END_PROFILE(SMBsearch);
913 return reply_unknown(inbuf, outbuf);
916 *mask = *directory = *fname = 0;
918 /* If we were called as SMBffirst then we must expect close. */
919 if(CVAL(inbuf,smb_com) == SMBffirst)
922 outsize = set_message(outbuf,1,3,True);
923 maxentries = SVAL(inbuf,smb_vwv0);
924 dirtype = SVAL(inbuf,smb_vwv1);
925 p = smb_buf(inbuf) + 1;
926 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard);
927 if (!NT_STATUS_IS_OK(nt_status)) {
928 END_PROFILE(SMBsearch);
929 return ERROR_NT(nt_status);
932 RESOLVE_DFSPATH_WCARD(path, conn, inbuf, outbuf);
935 status_len = SVAL(p, 0);
938 /* dirtype &= ~aDIR; */
940 if (status_len == 0) {
941 SMB_STRUCT_STAT sbuf;
944 pstrcpy(directory,path);
946 nt_status = unix_convert(conn, directory, True, NULL, &sbuf);
947 if (!NT_STATUS_IS_OK(nt_status)) {
948 END_PROFILE(SMBsearch);
949 return ERROR_NT(nt_status);
953 if (!check_name(directory,conn))
956 p = strrchr_m(dir2,'/');
965 p = strrchr_m(directory,'/');
971 if (strlen(directory) == 0)
972 pstrcpy(directory,".");
973 memset((char *)status,'\0',21);
974 SCVAL(status,0,(dirtype & 0x1F));
979 status_dirtype = CVAL(status,0) & 0x1F;
980 if (status_dirtype != (dirtype & 0x1F))
981 dirtype = status_dirtype;
983 conn->dirptr = dptr_fetch(status+12,&dptr_num);
986 string_set(&conn->dirpath,dptr_path(dptr_num));
987 pstrcpy(mask, dptr_wcard(dptr_num));
991 p = smb_buf(outbuf) + 3;
994 if (status_len == 0) {
995 dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype);
998 END_PROFILE(SMBsearch);
999 return UNIXERROR(ERRDOS, ERRnofids);
1001 END_PROFILE(SMBsearch);
1002 return ERROR_DOS(ERRDOS,ERRnofids);
1005 dirtype = dptr_attr(dptr_num);
1008 DEBUG(4,("dptr_num is %d\n",dptr_num));
1011 if ((dirtype&0x1F) == aVOLID) {
1012 memcpy(p,status,21);
1013 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1014 0,aVOLID,0,!allow_long_path_components);
1015 dptr_fill(p+12,dptr_num);
1016 if (dptr_zero(p+12) && (status_len==0))
1020 p += DIR_STRUCT_SIZE;
1023 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1025 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1026 conn->dirpath,lp_dontdescend(SNUM(conn))));
1027 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True))
1028 check_descend = True;
1030 for (i=numentries;(i<maxentries) && !finished;i++) {
1031 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1033 memcpy(p,status,21);
1034 make_dir_struct(p,mask,fname,size, mode,date,
1035 !allow_long_path_components);
1036 if (!dptr_fill(p+12,dptr_num)) {
1040 p += DIR_STRUCT_SIZE;
1050 /* If we were called as SMBffirst with smb_search_id == NULL
1051 and no entries were found then return error and close dirptr
1054 if (numentries == 0 || !ok) {
1055 dptr_close(&dptr_num);
1056 } else if(ok && expect_close && status_len == 0) {
1057 /* Close the dptr - we know it's gone */
1058 dptr_close(&dptr_num);
1061 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1062 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1063 dptr_close(&dptr_num);
1066 if ((numentries == 0) && !mask_contains_wcard) {
1067 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1070 SSVAL(outbuf,smb_vwv0,numentries);
1071 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1072 SCVAL(smb_buf(outbuf),0,5);
1073 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1075 /* The replies here are never long name. */
1076 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1077 if (!allow_long_path_components) {
1078 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1081 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1082 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1084 outsize += DIR_STRUCT_SIZE*numentries;
1085 smb_setlen(outbuf,outsize - 4);
1087 if ((! *directory) && dptr_path(dptr_num))
1088 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1090 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1091 smb_fn_name(CVAL(inbuf,smb_com)),
1092 mask, directory, dirtype, numentries, maxentries ) );
1094 END_PROFILE(SMBsearch);
1098 /****************************************************************************
1099 Reply to a fclose (stop directory search).
1100 ****************************************************************************/
1102 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1111 BOOL path_contains_wcard = False;
1113 START_PROFILE(SMBfclose);
1115 if (lp_posix_pathnames()) {
1116 END_PROFILE(SMBfclose);
1117 return reply_unknown(inbuf, outbuf);
1120 outsize = set_message(outbuf,1,0,True);
1121 p = smb_buf(inbuf) + 1;
1122 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard);
1123 if (!NT_STATUS_IS_OK(err)) {
1124 END_PROFILE(SMBfclose);
1125 return ERROR_NT(err);
1128 status_len = SVAL(p,0);
1131 if (status_len == 0) {
1132 END_PROFILE(SMBfclose);
1133 return ERROR_DOS(ERRSRV,ERRsrverror);
1136 memcpy(status,p,21);
1138 if(dptr_fetch(status+12,&dptr_num)) {
1139 /* Close the dptr - we know it's gone */
1140 dptr_close(&dptr_num);
1143 SSVAL(outbuf,smb_vwv0,0);
1145 DEBUG(3,("search close\n"));
1147 END_PROFILE(SMBfclose);
1151 /****************************************************************************
1153 ****************************************************************************/
1155 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1163 SMB_STRUCT_STAT sbuf;
1165 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1167 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1170 uint32 create_disposition;
1171 uint32 create_options = 0;
1173 START_PROFILE(SMBopen);
1175 deny_mode = SVAL(inbuf,smb_vwv0);
1177 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1178 if (!NT_STATUS_IS_OK(status)) {
1179 END_PROFILE(SMBopen);
1180 return ERROR_NT(status);
1183 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1185 status = unix_convert(conn, fname, False, NULL, &sbuf);
1186 if (!NT_STATUS_IS_OK(status)) {
1187 END_PROFILE(SMBopen);
1188 return ERROR_NT(status);
1191 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1192 &access_mask, &share_mode, &create_disposition, &create_options)) {
1193 END_PROFILE(SMBopen);
1194 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1197 status = open_file_ntcreate(conn,fname,&sbuf,
1206 if (!NT_STATUS_IS_OK(status)) {
1207 END_PROFILE(SMBopen);
1208 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1209 /* We have re-scheduled this call. */
1212 return ERROR_NT(status);
1215 size = sbuf.st_size;
1216 fattr = dos_mode(conn,fname,&sbuf);
1217 mtime = sbuf.st_mtime;
1220 DEBUG(3,("attempt to open a directory %s\n",fname));
1221 close_file(fsp,ERROR_CLOSE);
1222 END_PROFILE(SMBopen);
1223 return ERROR_DOS(ERRDOS,ERRnoaccess);
1226 outsize = set_message(outbuf,7,0,True);
1227 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1228 SSVAL(outbuf,smb_vwv1,fattr);
1229 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1230 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1232 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1234 SIVAL(outbuf,smb_vwv4,(uint32)size);
1235 SSVAL(outbuf,smb_vwv6,deny_mode);
1237 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1238 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1241 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1242 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1244 END_PROFILE(SMBopen);
1248 /****************************************************************************
1249 Reply to an open and X.
1250 ****************************************************************************/
1252 int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1255 uint16 open_flags = SVAL(inbuf,smb_vwv2);
1256 int deny_mode = SVAL(inbuf,smb_vwv3);
1257 uint32 smb_attr = SVAL(inbuf,smb_vwv5);
1258 /* Breakout the oplock request bits so we can set the
1259 reply bits separately. */
1260 int ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf);
1261 int core_oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1262 int oplock_request = ex_oplock_request | core_oplock_request;
1264 int smb_sattr = SVAL(inbuf,smb_vwv4);
1265 uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
1267 int smb_ofun = SVAL(inbuf,smb_vwv8);
1270 SMB_STRUCT_STAT sbuf;
1274 SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9);
1275 ssize_t retval = -1;
1278 uint32 create_disposition;
1279 uint32 create_options = 0;
1281 START_PROFILE(SMBopenX);
1283 /* If it's an IPC, pass off the pipe handler. */
1285 if (lp_nt_pipe_support()) {
1286 END_PROFILE(SMBopenX);
1287 return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize);
1289 END_PROFILE(SMBopenX);
1290 return ERROR_DOS(ERRSRV,ERRaccess);
1294 /* XXXX we need to handle passed times, sattr and flags */
1295 srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
1296 if (!NT_STATUS_IS_OK(status)) {
1297 END_PROFILE(SMBopenX);
1298 return ERROR_NT(status);
1301 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1303 status = unix_convert(conn, fname, False, NULL, &sbuf);
1304 if (!NT_STATUS_IS_OK(status)) {
1305 END_PROFILE(SMBopenX);
1306 return ERROR_NT(status);
1309 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1312 &create_disposition,
1314 END_PROFILE(SMBopenX);
1315 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1318 status = open_file_ntcreate(conn,fname,&sbuf,
1327 if (!NT_STATUS_IS_OK(status)) {
1328 END_PROFILE(SMBopenX);
1329 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1330 /* We have re-scheduled this call. */
1333 return ERROR_NT(status);
1336 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1337 if the file is truncated or created. */
1338 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1339 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1340 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1341 close_file(fsp,ERROR_CLOSE);
1342 END_PROFILE(SMBopenX);
1343 return ERROR_NT(NT_STATUS_DISK_FULL);
1345 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1347 close_file(fsp,ERROR_CLOSE);
1348 END_PROFILE(SMBopenX);
1349 return ERROR_NT(NT_STATUS_DISK_FULL);
1351 sbuf.st_size = get_allocation_size(conn,fsp,&sbuf);
1354 fattr = dos_mode(conn,fname,&sbuf);
1355 mtime = sbuf.st_mtime;
1357 close_file(fsp,ERROR_CLOSE);
1358 END_PROFILE(SMBopenX);
1359 return ERROR_DOS(ERRDOS,ERRnoaccess);
1362 /* If the caller set the extended oplock request bit
1363 and we granted one (by whatever means) - set the
1364 correct bit for extended oplock reply.
1367 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1368 smb_action |= EXTENDED_OPLOCK_GRANTED;
1371 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1372 smb_action |= EXTENDED_OPLOCK_GRANTED;
1375 /* If the caller set the core oplock request bit
1376 and we granted one (by whatever means) - set the
1377 correct bit for core oplock reply.
1380 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1381 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1384 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1385 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1388 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1389 set_message(outbuf,19,0,True);
1391 set_message(outbuf,15,0,True);
1393 SSVAL(outbuf,smb_vwv2,fsp->fnum);
1394 SSVAL(outbuf,smb_vwv3,fattr);
1395 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1396 srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1);
1398 srv_put_dos_date3(outbuf,smb_vwv4,mtime);
1400 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
1401 SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1402 SSVAL(outbuf,smb_vwv11,smb_action);
1404 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1405 SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1408 END_PROFILE(SMBopenX);
1409 return chain_reply(inbuf,outbuf,length,bufsize);
1412 /****************************************************************************
1413 Reply to a SMBulogoffX.
1414 conn POINTER CAN BE NULL HERE !
1415 ****************************************************************************/
1417 int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1419 uint16 vuid = SVAL(inbuf,smb_uid);
1420 user_struct *vuser = get_valid_user_struct(vuid);
1421 START_PROFILE(SMBulogoffX);
1424 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid));
1426 /* in user level security we are supposed to close any files
1427 open by this user */
1428 if ((vuser != 0) && (lp_security() != SEC_SHARE))
1429 file_close_user(vuid);
1431 invalidate_vuid(vuid);
1433 set_message(outbuf,2,0,True);
1435 DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) );
1437 END_PROFILE(SMBulogoffX);
1438 return chain_reply(inbuf,outbuf,length,bufsize);
1441 /****************************************************************************
1442 Reply to a mknew or a create.
1443 ****************************************************************************/
1445 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1450 uint32 fattr = SVAL(inbuf,smb_vwv0);
1451 struct utimbuf times;
1453 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1454 SMB_STRUCT_STAT sbuf;
1456 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1457 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1458 uint32 create_disposition;
1459 uint32 create_options = 0;
1461 START_PROFILE(SMBcreate);
1463 com = SVAL(inbuf,smb_com);
1465 times.modtime = srv_make_unix_date3(inbuf + smb_vwv1);
1467 srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status);
1468 if (!NT_STATUS_IS_OK(status)) {
1469 END_PROFILE(SMBcreate);
1470 return ERROR_NT(status);
1473 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1475 status = unix_convert(conn, fname, False, NULL, &sbuf);
1476 if (!NT_STATUS_IS_OK(status)) {
1477 END_PROFILE(SMBcreate);
1478 return ERROR_NT(status);
1481 if (fattr & aVOLID) {
1482 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1485 if(com == SMBmknew) {
1486 /* We should fail if file exists. */
1487 create_disposition = FILE_CREATE;
1489 /* Create if file doesn't exist, truncate if it does. */
1490 create_disposition = FILE_OVERWRITE_IF;
1493 /* Open file using ntcreate. */
1494 status = open_file_ntcreate(conn,fname,&sbuf,
1503 if (!NT_STATUS_IS_OK(status)) {
1504 END_PROFILE(SMBcreate);
1505 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1506 /* We have re-scheduled this call. */
1509 return ERROR_NT(status);
1512 times.actime = sbuf.st_atime;
1513 file_utime(conn, fname, ×);
1515 outsize = set_message(outbuf,1,0,True);
1516 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1518 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1519 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1522 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1523 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1526 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1527 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1529 END_PROFILE(SMBcreate);
1533 /****************************************************************************
1534 Reply to a create temporary file.
1535 ****************************************************************************/
1537 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1541 uint32 fattr = SVAL(inbuf,smb_vwv0);
1543 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1545 SMB_STRUCT_STAT sbuf;
1548 unsigned int namelen;
1550 START_PROFILE(SMBctemp);
1552 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1553 if (!NT_STATUS_IS_OK(status)) {
1554 END_PROFILE(SMBctemp);
1555 return ERROR_NT(status);
1558 pstrcat(fname,"/TMXXXXXX");
1560 pstrcat(fname,"TMXXXXXX");
1563 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1565 status = unix_convert(conn, fname, False, NULL, &sbuf);
1566 if (!NT_STATUS_IS_OK(status)) {
1567 END_PROFILE(SMBctemp);
1568 return ERROR_NT(status);
1571 tmpfd = smb_mkstemp(fname);
1573 END_PROFILE(SMBctemp);
1574 return(UNIXERROR(ERRDOS,ERRnoaccess));
1577 SMB_VFS_STAT(conn,fname,&sbuf);
1579 /* We should fail if file does not exist. */
1580 status = open_file_ntcreate(conn,fname,&sbuf,
1581 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1582 FILE_SHARE_READ|FILE_SHARE_WRITE,
1589 /* close fd from smb_mkstemp() */
1592 if (!NT_STATUS_IS_OK(status)) {
1593 END_PROFILE(SMBctemp);
1594 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1595 /* We have re-scheduled this call. */
1598 return ERROR_NT(status);
1601 outsize = set_message(outbuf,1,0,True);
1602 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1604 /* the returned filename is relative to the directory */
1605 s = strrchr_m(fname, '/');
1612 p = smb_buf(outbuf);
1614 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1615 thing in the byte section. JRA */
1616 SSVALS(p, 0, -1); /* what is this? not in spec */
1618 namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE);
1620 outsize = set_message_end(outbuf, p);
1622 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1623 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1626 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1627 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1630 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1631 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1632 (unsigned int)sbuf.st_mode ) );
1634 END_PROFILE(SMBctemp);
1638 /*******************************************************************
1639 Check if a user is allowed to rename a file.
1640 ********************************************************************/
1642 static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst)
1648 if (!CAN_WRITE(conn)) {
1649 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1652 fmode = dos_mode(conn,fname,pst);
1653 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1654 return NT_STATUS_NO_SUCH_FILE;
1657 if (S_ISDIR(pst->st_mode)) {
1658 return NT_STATUS_OK;
1661 status = open_file_ntcreate(conn, fname, pst,
1663 FILE_SHARE_READ|FILE_SHARE_WRITE,
1666 FILE_ATTRIBUTE_NORMAL,
1670 if (!NT_STATUS_IS_OK(status)) {
1673 close_file(fsp,NORMAL_CLOSE);
1674 return NT_STATUS_OK;
1677 /*******************************************************************
1678 Check if a user is allowed to delete a file.
1679 ********************************************************************/
1681 static NTSTATUS can_delete(connection_struct *conn, char *fname,
1682 uint32 dirtype, BOOL can_defer)
1684 SMB_STRUCT_STAT sbuf;
1687 uint32 dirtype_orig = dirtype;
1690 DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype ));
1692 if (!CAN_WRITE(conn)) {
1693 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1696 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
1697 return map_nt_error_from_unix(errno);
1700 fattr = dos_mode(conn,fname,&sbuf);
1702 if (dirtype & FILE_ATTRIBUTE_NORMAL) {
1703 dirtype = aDIR|aARCH|aRONLY;
1706 dirtype &= (aDIR|aARCH|aRONLY|aHIDDEN|aSYSTEM);
1708 return NT_STATUS_NO_SUCH_FILE;
1711 if (!dir_check_ftype(conn, fattr, dirtype)) {
1713 return NT_STATUS_FILE_IS_A_DIRECTORY;
1715 return NT_STATUS_NO_SUCH_FILE;
1718 if (dirtype_orig & 0x8000) {
1719 /* These will never be set for POSIX. */
1720 return NT_STATUS_NO_SUCH_FILE;
1724 if ((fattr & dirtype) & FILE_ATTRIBUTE_DIRECTORY) {
1725 return NT_STATUS_FILE_IS_A_DIRECTORY;
1728 if ((fattr & ~dirtype) & (FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM)) {
1729 return NT_STATUS_NO_SUCH_FILE;
1732 if (dirtype & 0xFF00) {
1733 /* These will never be set for POSIX. */
1734 return NT_STATUS_NO_SUCH_FILE;
1739 return NT_STATUS_NO_SUCH_FILE;
1742 /* Can't delete a directory. */
1744 return NT_STATUS_FILE_IS_A_DIRECTORY;
1749 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
1750 return NT_STATUS_OBJECT_NAME_INVALID;
1751 #endif /* JRATEST */
1753 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
1755 On a Windows share, a file with read-only dosmode can be opened with
1756 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
1757 fails with NT_STATUS_CANNOT_DELETE error.
1759 This semantic causes a problem that a user can not
1760 rename a file with read-only dosmode on a Samba share
1761 from a Windows command prompt (i.e. cmd.exe, but can rename
1762 from Windows Explorer).
1765 if (!lp_delete_readonly(SNUM(conn))) {
1766 if (fattr & aRONLY) {
1767 return NT_STATUS_CANNOT_DELETE;
1771 /* On open checks the open itself will check the share mode, so
1772 don't do it here as we'll get it wrong. */
1774 status = open_file_ntcreate(conn, fname, &sbuf,
1779 FILE_ATTRIBUTE_NORMAL,
1780 can_defer ? 0 : INTERNAL_OPEN_ONLY,
1783 if (NT_STATUS_IS_OK(status)) {
1784 close_file(fsp,NORMAL_CLOSE);
1789 /****************************************************************************
1790 The guts of the unlink command, split out so it may be called by the NT SMB
1792 ****************************************************************************/
1794 NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype,
1795 char *name, BOOL has_wild, BOOL can_defer)
1801 NTSTATUS status = NT_STATUS_OK;
1802 SMB_STRUCT_STAT sbuf;
1804 *directory = *mask = 0;
1806 status = unix_convert(conn, name, has_wild, NULL, &sbuf);
1807 if (!NT_STATUS_IS_OK(status)) {
1811 p = strrchr_m(name,'/');
1813 pstrcpy(directory,".");
1817 pstrcpy(directory,name);
1822 * We should only check the mangled cache
1823 * here if unix_convert failed. This means
1824 * that the path in 'mask' doesn't exist
1825 * on the file system and so we need to look
1826 * for a possible mangle. This patch from
1827 * Tine Smukavec <valentin.smukavec@hermes.si>.
1830 if (!VALID_STAT(sbuf) && mangle_is_mangled(mask,conn->params))
1831 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
1834 pstrcat(directory,"/");
1835 pstrcat(directory,mask);
1837 dirtype = FILE_ATTRIBUTE_NORMAL;
1839 status = can_delete(conn,directory,dirtype,can_defer);
1840 if (!NT_STATUS_IS_OK(status))
1843 if (SMB_VFS_UNLINK(conn,directory) == 0) {
1847 struct smb_Dir *dir_hnd = NULL;
1850 if ((dirtype & SAMBA_ATTRIBUTES_MASK) == aDIR) {
1851 return NT_STATUS_OBJECT_NAME_INVALID;
1854 if (strequal(mask,"????????.???"))
1857 if (check_name(directory,conn))
1858 dir_hnd = OpenDir(conn, directory, mask, dirtype);
1860 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
1861 the pattern matches against the long name, otherwise the short name
1862 We don't implement this yet XXXX
1867 status = NT_STATUS_NO_SUCH_FILE;
1869 while ((dname = ReadDirName(dir_hnd, &offset))) {
1872 pstrcpy(fname,dname);
1874 if (!is_visible_file(conn, directory, dname, &st, True)) {
1878 /* Quick check for "." and ".." */
1879 if (fname[0] == '.') {
1880 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
1885 if(!mask_match(fname, mask, conn->case_sensitive))
1888 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
1889 status = can_delete(conn, fname, dirtype,
1891 if (!NT_STATUS_IS_OK(status)) {
1894 if (SMB_VFS_UNLINK(conn,fname) == 0)
1896 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname));
1902 if (count == 0 && NT_STATUS_IS_OK(status)) {
1903 status = map_nt_error_from_unix(errno);
1909 /****************************************************************************
1911 ****************************************************************************/
1913 int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
1920 BOOL path_contains_wcard = False;
1922 START_PROFILE(SMBunlink);
1924 dirtype = SVAL(inbuf,smb_vwv0);
1926 srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
1927 if (!NT_STATUS_IS_OK(status)) {
1928 END_PROFILE(SMBunlink);
1929 return ERROR_NT(status);
1932 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
1934 DEBUG(3,("reply_unlink : %s\n",name));
1936 status = unlink_internals(conn, dirtype, name, path_contains_wcard,
1938 if (!NT_STATUS_IS_OK(status)) {
1939 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1940 /* We have re-scheduled this call. */
1943 return ERROR_NT(status);
1947 * Win2k needs a changenotify request response before it will
1948 * update after a rename..
1950 process_pending_change_notify_queue((time_t)0);
1952 outsize = set_message(outbuf,0,0,False);
1954 END_PROFILE(SMBunlink);
1958 /****************************************************************************
1960 ****************************************************************************/
1962 static void fail_readraw(void)
1965 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
1967 exit_server_cleanly(errstr);
1970 #if defined(WITH_SENDFILE)
1971 /****************************************************************************
1972 Fake (read/write) sendfile. Returns -1 on read or write fail.
1973 ****************************************************************************/
1975 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize)
1979 /* Paranioa check... */
1980 if (nread > bufsize) {
1985 ret = read_file(fsp,buf,startpos,nread);
1991 /* If we had a short read, fill with zeros. */
1993 memset(buf, '\0', nread - ret);
1996 if (write_data(smbd_server_fd(),buf,nread) != nread) {
2000 return (ssize_t)nread;
2004 /****************************************************************************
2005 Use sendfile in readbraw.
2006 ****************************************************************************/
2008 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2009 ssize_t mincount, char *outbuf, int out_buffsize)
2013 #if defined(WITH_SENDFILE)
2015 * We can only use sendfile on a non-chained packet
2016 * but we can use on a non-oplocked file. tridge proved this
2017 * on a train in Germany :-). JRA.
2018 * reply_readbraw has already checked the length.
2021 if ( (chain_size == 0) && (nread > 0) &&
2022 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2025 _smb_setlen(outbuf,nread);
2026 header.data = (uint8 *)outbuf;
2030 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2031 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2032 if (errno == ENOSYS) {
2033 goto normal_readbraw;
2037 * Special hack for broken Linux with no working sendfile. If we
2038 * return EINTR we sent the header but not the rest of the data.
2039 * Fake this up by doing read/write calls.
2041 if (errno == EINTR) {
2042 /* Ensure we don't do this again. */
2043 set_use_sendfile(SNUM(conn), False);
2044 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2046 if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) {
2047 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2048 fsp->fsp_name, strerror(errno) ));
2049 exit_server_cleanly("send_file_readbraw fake_sendfile failed");
2054 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2055 fsp->fsp_name, strerror(errno) ));
2056 exit_server_cleanly("send_file_readbraw sendfile failed");
2066 ret = read_file(fsp,outbuf+4,startpos,nread);
2067 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2076 _smb_setlen(outbuf,ret);
2077 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2081 /****************************************************************************
2082 Reply to a readbraw (core+ protocol).
2083 ****************************************************************************/
2085 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2087 ssize_t maxcount,mincount;
2090 char *header = outbuf;
2092 START_PROFILE(SMBreadbraw);
2094 if (srv_is_signing_active()) {
2095 exit_server_cleanly("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2099 * Special check if an oplock break has been issued
2100 * and the readraw request croses on the wire, we must
2101 * return a zero length response here.
2104 fsp = file_fsp(inbuf,smb_vwv0);
2106 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2108 * fsp could be NULL here so use the value from the packet. JRA.
2110 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2111 _smb_setlen(header,0);
2112 if (write_data(smbd_server_fd(),header,4) != 4)
2114 END_PROFILE(SMBreadbraw);
2118 CHECK_FSP(fsp,conn);
2120 flush_write_cache(fsp, READRAW_FLUSH);
2122 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2123 if(CVAL(inbuf,smb_wct) == 10) {
2125 * This is a large offset (64 bit) read.
2127 #ifdef LARGE_SMB_OFF_T
2129 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2131 #else /* !LARGE_SMB_OFF_T */
2134 * Ensure we haven't been sent a >32 bit offset.
2137 if(IVAL(inbuf,smb_vwv8) != 0) {
2138 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2139 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2140 _smb_setlen(header,0);
2141 if (write_data(smbd_server_fd(),header,4) != 4)
2143 END_PROFILE(SMBreadbraw);
2147 #endif /* LARGE_SMB_OFF_T */
2150 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2151 _smb_setlen(header,0);
2152 if (write_data(smbd_server_fd(),header,4) != 4)
2154 END_PROFILE(SMBreadbraw);
2158 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2159 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2161 /* ensure we don't overrun the packet size */
2162 maxcount = MIN(65535,maxcount);
2164 if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2168 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2172 if (startpos >= size) {
2175 nread = MIN(maxcount,(size - startpos));
2179 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2180 if (nread < mincount)
2184 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2185 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2187 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2189 DEBUG(5,("readbraw finished\n"));
2190 END_PROFILE(SMBreadbraw);
2195 #define DBGC_CLASS DBGC_LOCKING
2197 /****************************************************************************
2198 Reply to a lockread (core+ protocol).
2199 ****************************************************************************/
2201 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2209 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2210 struct byte_range_lock *br_lck = NULL;
2211 START_PROFILE(SMBlockread);
2213 CHECK_FSP(fsp,conn);
2214 if (!CHECK_READ(fsp,inbuf)) {
2215 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2218 release_level_2_oplocks_on_change(fsp);
2220 numtoread = SVAL(inbuf,smb_vwv1);
2221 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2223 outsize = set_message(outbuf,5,3,True);
2224 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2225 data = smb_buf(outbuf) + 3;
2228 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2229 * protocol request that predates the read/write lock concept.
2230 * Thus instead of asking for a read lock here we need to ask
2231 * for a write lock. JRA.
2232 * Note that the requested lock size is unaffected by max_recv.
2235 br_lck = do_lock(fsp,
2236 (uint32)SVAL(inbuf,smb_pid),
2237 (SMB_BIG_UINT)numtoread,
2238 (SMB_BIG_UINT)startpos,
2241 False, /* Non-blocking lock. */
2243 TALLOC_FREE(br_lck);
2245 if (NT_STATUS_V(status)) {
2246 END_PROFILE(SMBlockread);
2247 return ERROR_NT(status);
2251 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2254 if (numtoread > max_recv) {
2255 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2256 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2257 (unsigned int)numtoread, (unsigned int)max_recv ));
2258 numtoread = MIN(numtoread,max_recv);
2260 nread = read_file(fsp,data,startpos,numtoread);
2263 END_PROFILE(SMBlockread);
2264 return(UNIXERROR(ERRDOS,ERRnoaccess));
2268 SSVAL(outbuf,smb_vwv0,nread);
2269 SSVAL(outbuf,smb_vwv5,nread+3);
2270 SSVAL(smb_buf(outbuf),1,nread);
2272 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2273 fsp->fnum, (int)numtoread, (int)nread));
2275 END_PROFILE(SMBlockread);
2280 #define DBGC_CLASS DBGC_ALL
2282 /****************************************************************************
2284 ****************************************************************************/
2286 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2293 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2294 START_PROFILE(SMBread);
2296 CHECK_FSP(fsp,conn);
2297 if (!CHECK_READ(fsp,inbuf)) {
2298 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2301 numtoread = SVAL(inbuf,smb_vwv1);
2302 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2304 outsize = set_message(outbuf,5,3,True);
2305 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2307 * The requested read size cannot be greater than max_recv. JRA.
2309 if (numtoread > max_recv) {
2310 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2311 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2312 (unsigned int)numtoread, (unsigned int)max_recv ));
2313 numtoread = MIN(numtoread,max_recv);
2316 data = smb_buf(outbuf) + 3;
2318 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2319 END_PROFILE(SMBread);
2320 return ERROR_DOS(ERRDOS,ERRlock);
2324 nread = read_file(fsp,data,startpos,numtoread);
2327 END_PROFILE(SMBread);
2328 return(UNIXERROR(ERRDOS,ERRnoaccess));
2332 SSVAL(outbuf,smb_vwv0,nread);
2333 SSVAL(outbuf,smb_vwv5,nread+3);
2334 SCVAL(smb_buf(outbuf),0,1);
2335 SSVAL(smb_buf(outbuf),1,nread);
2337 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2338 fsp->fnum, (int)numtoread, (int)nread ) );
2340 END_PROFILE(SMBread);
2344 /****************************************************************************
2345 Reply to a read and X - possibly using sendfile.
2346 ****************************************************************************/
2348 int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf,
2349 files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt)
2353 char *data = smb_buf(outbuf);
2355 #if defined(WITH_SENDFILE)
2357 * We can only use sendfile on a non-chained packet
2358 * but we can use on a non-oplocked file. tridge proved this
2359 * on a train in Germany :-). JRA.
2362 if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) &&
2363 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2364 SMB_STRUCT_STAT sbuf;
2367 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1)
2368 return(UNIXERROR(ERRDOS,ERRnoaccess));
2370 if (startpos > sbuf.st_size)
2373 if (smb_maxcnt > (sbuf.st_size - startpos))
2374 smb_maxcnt = (sbuf.st_size - startpos);
2376 if (smb_maxcnt == 0)
2380 * Set up the packet header before send. We
2381 * assume here the sendfile will work (get the
2382 * correct amount of data).
2385 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2386 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2387 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2388 SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1));
2389 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2390 SCVAL(outbuf,smb_vwv0,0xFF);
2391 set_message(outbuf,12,smb_maxcnt,False);
2392 header.data = (uint8 *)outbuf;
2393 header.length = data - outbuf;
2396 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2397 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2398 if (errno == ENOSYS) {
2403 * Special hack for broken Linux with no working sendfile. If we
2404 * return EINTR we sent the header but not the rest of the data.
2405 * Fake this up by doing read/write calls.
2408 if (errno == EINTR) {
2409 /* Ensure we don't do this again. */
2410 set_use_sendfile(SNUM(conn), False);
2411 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2413 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2414 len_outbuf - (data-outbuf))) == -1) {
2415 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2416 fsp->fsp_name, strerror(errno) ));
2417 exit_server_cleanly("send_file_readX: fake_sendfile failed");
2419 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2420 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2421 /* Returning -1 here means successful sendfile. */
2425 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2426 fsp->fsp_name, strerror(errno) ));
2427 exit_server_cleanly("send_file_readX sendfile failed");
2430 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2431 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2432 /* Returning -1 here means successful sendfile. */
2440 nread = read_file(fsp,data,startpos,smb_maxcnt);
2443 return(UNIXERROR(ERRDOS,ERRnoaccess));
2446 outsize = set_message(outbuf,12,nread,False);
2447 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2448 SSVAL(outbuf,smb_vwv5,nread);
2449 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2450 SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1));
2451 SSVAL(smb_buf(outbuf),-2,nread);
2453 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2454 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2456 /* Returning the number of bytes we want to send back - including header. */
2460 /****************************************************************************
2461 Reply to a read and X.
2462 ****************************************************************************/
2464 int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2466 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2467 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2469 size_t smb_maxcnt = SVAL(inbuf,smb_vwv5);
2471 size_t smb_mincnt = SVAL(inbuf,smb_vwv6);
2474 START_PROFILE(SMBreadX);
2476 /* If it's an IPC, pass off the pipe handler. */
2478 END_PROFILE(SMBreadX);
2479 return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize);
2482 CHECK_FSP(fsp,conn);
2483 if (!CHECK_READ(fsp,inbuf)) {
2484 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2487 set_message(outbuf,12,0,True);
2489 if (global_client_caps & CAP_LARGE_READX) {
2490 if (SVAL(inbuf,smb_vwv7) == 1) {
2491 smb_maxcnt |= (1<<16);
2493 if (smb_maxcnt > BUFFER_SIZE) {
2494 DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n",
2495 (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE));
2496 END_PROFILE(SMBreadX);
2497 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
2501 if(CVAL(inbuf,smb_wct) == 12) {
2502 #ifdef LARGE_SMB_OFF_T
2504 * This is a large offset (64 bit) read.
2506 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32);
2508 #else /* !LARGE_SMB_OFF_T */
2511 * Ensure we haven't been sent a >32 bit offset.
2514 if(IVAL(inbuf,smb_vwv10) != 0) {
2515 DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \
2516 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) ));
2517 END_PROFILE(SMBreadX);
2518 return ERROR_DOS(ERRDOS,ERRbadaccess);
2521 #endif /* LARGE_SMB_OFF_T */
2525 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2526 END_PROFILE(SMBreadX);
2527 return ERROR_DOS(ERRDOS,ERRlock);
2530 if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) {
2531 END_PROFILE(SMBreadX);
2535 nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt);
2537 nread = chain_reply(inbuf,outbuf,length,bufsize);
2539 END_PROFILE(SMBreadX);
2543 /****************************************************************************
2544 Reply to a writebraw (core+ or LANMAN1.0 protocol).
2545 ****************************************************************************/
2547 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2550 ssize_t total_written=0;
2551 size_t numtowrite=0;
2556 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2558 START_PROFILE(SMBwritebraw);
2560 if (srv_is_signing_active()) {
2561 exit_server_cleanly("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
2564 CHECK_FSP(fsp,conn);
2565 if (!CHECK_WRITE(fsp)) {
2566 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2569 tcount = IVAL(inbuf,smb_vwv1);
2570 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2571 write_through = BITSETW(inbuf+smb_vwv7,0);
2573 /* We have to deal with slightly different formats depending
2574 on whether we are using the core+ or lanman1.0 protocol */
2576 if(Protocol <= PROTOCOL_COREPLUS) {
2577 numtowrite = SVAL(smb_buf(inbuf),-2);
2578 data = smb_buf(inbuf);
2580 numtowrite = SVAL(inbuf,smb_vwv10);
2581 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
2584 /* force the error type */
2585 SCVAL(inbuf,smb_com,SMBwritec);
2586 SCVAL(outbuf,smb_com,SMBwritec);
2588 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2589 END_PROFILE(SMBwritebraw);
2590 return(ERROR_DOS(ERRDOS,ERRlock));
2594 nwritten = write_file(fsp,data,startpos,numtowrite);
2596 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
2597 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
2599 if (nwritten < (ssize_t)numtowrite) {
2600 END_PROFILE(SMBwritebraw);
2601 return(UNIXERROR(ERRHRD,ERRdiskfull));
2604 total_written = nwritten;
2606 /* Return a message to the redirector to tell it to send more bytes */
2607 SCVAL(outbuf,smb_com,SMBwritebraw);
2608 SSVALS(outbuf,smb_vwv0,-1);
2609 outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
2611 if (!send_smb(smbd_server_fd(),outbuf))
2612 exit_server_cleanly("reply_writebraw: send_smb failed.");
2614 /* Now read the raw data into the buffer and write it */
2615 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
2616 exit_server_cleanly("secondary writebraw failed");
2619 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
2620 numtowrite = smb_len(inbuf);
2622 /* Set up outbuf to return the correct return */
2623 outsize = set_message(outbuf,1,0,True);
2624 SCVAL(outbuf,smb_com,SMBwritec);
2626 if (numtowrite != 0) {
2628 if (numtowrite > BUFFER_SIZE) {
2629 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
2630 (unsigned int)numtowrite ));
2631 exit_server_cleanly("secondary writebraw failed");
2634 if (tcount > nwritten+numtowrite) {
2635 DEBUG(3,("Client overestimated the write %d %d %d\n",
2636 (int)tcount,(int)nwritten,(int)numtowrite));
2639 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
2640 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
2642 exit_server_cleanly("secondary writebraw failed");
2645 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
2646 if (nwritten == -1) {
2647 END_PROFILE(SMBwritebraw);
2648 return(UNIXERROR(ERRHRD,ERRdiskfull));
2651 if (nwritten < (ssize_t)numtowrite) {
2652 SCVAL(outbuf,smb_rcls,ERRHRD);
2653 SSVAL(outbuf,smb_err,ERRdiskfull);
2657 total_written += nwritten;
2660 SSVAL(outbuf,smb_vwv0,total_written);
2662 sync_file(conn, fsp, write_through);
2664 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
2665 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
2667 /* we won't return a status if write through is not selected - this follows what WfWg does */
2668 END_PROFILE(SMBwritebraw);
2669 if (!write_through && total_written==tcount) {
2671 #if RABBIT_PELLET_FIX
2673 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
2674 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
2676 if (!send_keepalive(smbd_server_fd()))
2677 exit_server_cleanly("reply_writebraw: send of keepalive failed");
2686 #define DBGC_CLASS DBGC_LOCKING
2688 /****************************************************************************
2689 Reply to a writeunlock (core+).
2690 ****************************************************************************/
2692 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
2693 int size, int dum_buffsize)
2695 ssize_t nwritten = -1;
2699 NTSTATUS status = NT_STATUS_OK;
2700 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2702 START_PROFILE(SMBwriteunlock);
2704 CHECK_FSP(fsp,conn);
2705 if (!CHECK_WRITE(fsp)) {
2706 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2709 numtowrite = SVAL(inbuf,smb_vwv1);
2710 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2711 data = smb_buf(inbuf) + 3;
2713 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2714 END_PROFILE(SMBwriteunlock);
2715 return ERROR_DOS(ERRDOS,ERRlock);
2718 /* The special X/Open SMB protocol handling of
2719 zero length writes is *NOT* done for
2721 if(numtowrite == 0) {
2724 nwritten = write_file(fsp,data,startpos,numtowrite);
2727 sync_file(conn, fsp, False /* write through */);
2729 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2730 END_PROFILE(SMBwriteunlock);
2731 return(UNIXERROR(ERRHRD,ERRdiskfull));
2735 status = do_unlock(fsp,
2736 (uint32)SVAL(inbuf,smb_pid),
2737 (SMB_BIG_UINT)numtowrite,
2738 (SMB_BIG_UINT)startpos,
2741 if (NT_STATUS_V(status)) {
2742 END_PROFILE(SMBwriteunlock);
2743 return ERROR_NT(status);
2747 outsize = set_message(outbuf,1,0,True);
2749 SSVAL(outbuf,smb_vwv0,nwritten);
2751 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
2752 fsp->fnum, (int)numtowrite, (int)nwritten));
2754 END_PROFILE(SMBwriteunlock);
2759 #define DBGC_CLASS DBGC_ALL
2761 /****************************************************************************
2763 ****************************************************************************/
2765 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
2768 ssize_t nwritten = -1;
2771 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2773 START_PROFILE(SMBwrite);
2775 /* If it's an IPC, pass off the pipe handler. */
2777 END_PROFILE(SMBwrite);
2778 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
2781 CHECK_FSP(fsp,conn);
2782 if (!CHECK_WRITE(fsp)) {
2783 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2786 numtowrite = SVAL(inbuf,smb_vwv1);
2787 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2788 data = smb_buf(inbuf) + 3;
2790 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2791 END_PROFILE(SMBwrite);
2792 return ERROR_DOS(ERRDOS,ERRlock);
2796 * X/Open SMB protocol says that if smb_vwv1 is
2797 * zero then the file size should be extended or
2798 * truncated to the size given in smb_vwv[2-3].
2801 if(numtowrite == 0) {
2803 * This is actually an allocate call, and set EOF. JRA.
2805 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
2807 END_PROFILE(SMBwrite);
2808 return ERROR_NT(NT_STATUS_DISK_FULL);
2810 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
2812 END_PROFILE(SMBwrite);
2813 return ERROR_NT(NT_STATUS_DISK_FULL);
2816 nwritten = write_file(fsp,data,startpos,numtowrite);
2818 sync_file(conn, fsp, False);
2820 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2821 END_PROFILE(SMBwrite);
2822 return(UNIXERROR(ERRHRD,ERRdiskfull));
2825 outsize = set_message(outbuf,1,0,True);
2827 SSVAL(outbuf,smb_vwv0,nwritten);
2829 if (nwritten < (ssize_t)numtowrite) {
2830 SCVAL(outbuf,smb_rcls,ERRHRD);
2831 SSVAL(outbuf,smb_err,ERRdiskfull);
2834 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
2836 END_PROFILE(SMBwrite);
2840 /****************************************************************************
2841 Reply to a write and X.
2842 ****************************************************************************/
2844 int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2846 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2847 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2848 size_t numtowrite = SVAL(inbuf,smb_vwv10);
2849 BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
2850 ssize_t nwritten = -1;
2851 unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
2852 unsigned int smblen = smb_len(inbuf);
2854 BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
2855 START_PROFILE(SMBwriteX);
2857 /* If it's an IPC, pass off the pipe handler. */
2859 END_PROFILE(SMBwriteX);
2860 return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
2863 CHECK_FSP(fsp,conn);
2864 if (!CHECK_WRITE(fsp)) {
2865 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2868 set_message(outbuf,6,0,True);
2870 /* Deal with possible LARGE_WRITEX */
2872 numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
2875 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
2876 END_PROFILE(SMBwriteX);
2877 return ERROR_DOS(ERRDOS,ERRbadmem);
2880 data = smb_base(inbuf) + smb_doff;
2882 if(CVAL(inbuf,smb_wct) == 14) {
2883 #ifdef LARGE_SMB_OFF_T
2885 * This is a large offset (64 bit) write.
2887 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32);
2889 #else /* !LARGE_SMB_OFF_T */
2892 * Ensure we haven't been sent a >32 bit offset.
2895 if(IVAL(inbuf,smb_vwv12) != 0) {
2896 DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \
2897 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) ));
2898 END_PROFILE(SMBwriteX);
2899 return ERROR_DOS(ERRDOS,ERRbadaccess);
2902 #endif /* LARGE_SMB_OFF_T */
2905 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2906 END_PROFILE(SMBwriteX);
2907 return ERROR_DOS(ERRDOS,ERRlock);
2910 /* X/Open SMB protocol says that, unlike SMBwrite
2911 if the length is zero then NO truncation is
2912 done, just a write of zero. To truncate a file,
2915 if(numtowrite == 0) {
2919 if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize,
2920 fsp,data,startpos,numtowrite)) {
2921 END_PROFILE(SMBwriteX);
2925 nwritten = write_file(fsp,data,startpos,numtowrite);
2928 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2929 END_PROFILE(SMBwriteX);
2930 return(UNIXERROR(ERRHRD,ERRdiskfull));
2933 SSVAL(outbuf,smb_vwv2,nwritten);
2935 SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
2937 if (nwritten < (ssize_t)numtowrite) {
2938 SCVAL(outbuf,smb_rcls,ERRHRD);
2939 SSVAL(outbuf,smb_err,ERRdiskfull);
2942 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
2943 fsp->fnum, (int)numtowrite, (int)nwritten));
2945 sync_file(conn, fsp, write_through);
2947 END_PROFILE(SMBwriteX);
2948 return chain_reply(inbuf,outbuf,length,bufsize);
2951 /****************************************************************************
2953 ****************************************************************************/
2955 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2961 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2962 START_PROFILE(SMBlseek);
2964 CHECK_FSP(fsp,conn);
2966 flush_write_cache(fsp, SEEK_FLUSH);
2968 mode = SVAL(inbuf,smb_vwv1) & 3;
2969 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
2970 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
2979 res = fsp->fh->pos + startpos;
2990 if (umode == SEEK_END) {
2991 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
2992 if(errno == EINVAL) {
2993 SMB_OFF_T current_pos = startpos;
2994 SMB_STRUCT_STAT sbuf;
2996 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
2997 END_PROFILE(SMBlseek);
2998 return(UNIXERROR(ERRDOS,ERRnoaccess));
3001 current_pos += sbuf.st_size;
3003 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3008 END_PROFILE(SMBlseek);
3009 return(UNIXERROR(ERRDOS,ERRnoaccess));
3015 outsize = set_message(outbuf,2,0,True);
3016 SIVAL(outbuf,smb_vwv0,res);
3018 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3019 fsp->fnum, (double)startpos, (double)res, mode));
3021 END_PROFILE(SMBlseek);
3025 /****************************************************************************
3027 ****************************************************************************/
3029 int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3031 int outsize = set_message(outbuf,0,0,False);
3032 uint16 fnum = SVAL(inbuf,smb_vwv0);
3033 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3034 START_PROFILE(SMBflush);
3037 CHECK_FSP(fsp,conn);
3040 file_sync_all(conn);
3042 sync_file(conn,fsp, True);
3045 DEBUG(3,("flush\n"));
3046 END_PROFILE(SMBflush);
3050 /****************************************************************************
3052 conn POINTER CAN BE NULL HERE !
3053 ****************************************************************************/
3055 int reply_exit(connection_struct *conn,
3056 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3059 START_PROFILE(SMBexit);
3061 file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid));
3063 outsize = set_message(outbuf,0,0,False);
3065 DEBUG(3,("exit\n"));
3067 END_PROFILE(SMBexit);
3071 /****************************************************************************
3072 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3073 ****************************************************************************/
3075 int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
3080 int32 eclass = 0, err = 0;
3081 files_struct *fsp = NULL;
3082 START_PROFILE(SMBclose);
3084 outsize = set_message(outbuf,0,0,False);
3086 /* If it's an IPC, pass off to the pipe handler. */
3088 END_PROFILE(SMBclose);
3089 return reply_pipe_close(conn, inbuf,outbuf);
3092 fsp = file_fsp(inbuf,smb_vwv0);
3095 * We can only use CHECK_FSP if we know it's not a directory.
3098 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3099 END_PROFILE(SMBclose);
3100 return ERROR_DOS(ERRDOS,ERRbadfid);
3103 if(fsp->is_directory) {
3105 * Special case - close NT SMB directory handle.
3107 DEBUG(3,("close directory fnum=%d\n", fsp->fnum));
3108 close_file(fsp,NORMAL_CLOSE);
3111 * Close ordinary file.
3115 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3116 fsp->fh->fd, fsp->fnum,
3117 conn->num_files_open));
3120 * Take care of any time sent in the close.
3123 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
3124 fsp_set_pending_modtime(fsp, mtime);
3127 * close_file() returns the unix errno if an error
3128 * was detected on close - normally this is due to
3129 * a disk full error. If not then it was probably an I/O error.
3132 if((close_err = close_file(fsp,NORMAL_CLOSE)) != 0) {
3134 END_PROFILE(SMBclose);
3135 return (UNIXERROR(ERRHRD,ERRgeneral));
3139 /* We have a cached error */
3141 END_PROFILE(SMBclose);
3142 return ERROR_DOS(eclass,err);
3145 END_PROFILE(SMBclose);
3149 /****************************************************************************
3150 Reply to a writeclose (Core+ protocol).
3151 ****************************************************************************/
3153 int reply_writeclose(connection_struct *conn,
3154 char *inbuf,char *outbuf, int size, int dum_buffsize)
3157 ssize_t nwritten = -1;
3163 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3164 START_PROFILE(SMBwriteclose);
3166 CHECK_FSP(fsp,conn);
3167 if (!CHECK_WRITE(fsp)) {
3168 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3171 numtowrite = SVAL(inbuf,smb_vwv1);
3172 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3173 mtime = srv_make_unix_date3(inbuf+smb_vwv4);
3174 data = smb_buf(inbuf) + 1;
3176 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3177 END_PROFILE(SMBwriteclose);
3178 return ERROR_DOS(ERRDOS,ERRlock);
3181 nwritten = write_file(fsp,data,startpos,numtowrite);
3183 set_filetime(conn, fsp->fsp_name,mtime);
3186 * More insanity. W2K only closes the file if writelen > 0.
3191 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3193 close_err = close_file(fsp,NORMAL_CLOSE);
3196 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3197 fsp->fnum, (int)numtowrite, (int)nwritten,
3198 conn->num_files_open));
3200 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3201 END_PROFILE(SMBwriteclose);
3202 return(UNIXERROR(ERRHRD,ERRdiskfull));
3205 if(close_err != 0) {
3207 END_PROFILE(SMBwriteclose);
3208 return(UNIXERROR(ERRHRD,ERRgeneral));
3211 outsize = set_message(outbuf,1,0,True);
3213 SSVAL(outbuf,smb_vwv0,nwritten);
3214 END_PROFILE(SMBwriteclose);
3219 #define DBGC_CLASS DBGC_LOCKING
3221 /****************************************************************************
3223 ****************************************************************************/
3225 int reply_lock(connection_struct *conn,
3226 char *inbuf,char *outbuf, int length, int dum_buffsize)
3228 int outsize = set_message(outbuf,0,0,False);
3229 SMB_BIG_UINT count,offset;
3231 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3232 struct byte_range_lock *br_lck = NULL;
3234 START_PROFILE(SMBlock);
3236 CHECK_FSP(fsp,conn);
3238 release_level_2_oplocks_on_change(fsp);
3240 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3241 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3243 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3244 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3246 br_lck = do_lock(fsp,
3247 (uint32)SVAL(inbuf,smb_pid),
3252 False, /* Non-blocking lock. */
3255 TALLOC_FREE(br_lck);
3257 if (NT_STATUS_V(status)) {
3258 END_PROFILE(SMBlock);
3259 return ERROR_NT(status);
3262 END_PROFILE(SMBlock);
3266 /****************************************************************************
3268 ****************************************************************************/
3270 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3273 int outsize = set_message(outbuf,0,0,False);
3274 SMB_BIG_UINT count,offset;
3276 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3277 START_PROFILE(SMBunlock);
3279 CHECK_FSP(fsp,conn);
3281 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3282 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3284 status = do_unlock(fsp,
3285 (uint32)SVAL(inbuf,smb_pid),
3290 if (NT_STATUS_V(status)) {
3291 END_PROFILE(SMBunlock);
3292 return ERROR_NT(status);
3295 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3296 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3298 END_PROFILE(SMBunlock);
3303 #define DBGC_CLASS DBGC_ALL
3305 /****************************************************************************
3307 conn POINTER CAN BE NULL HERE !
3308 ****************************************************************************/
3310 int reply_tdis(connection_struct *conn,
3311 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3313 int outsize = set_message(outbuf,0,0,False);
3315 START_PROFILE(SMBtdis);
3317 vuid = SVAL(inbuf,smb_uid);
3320 DEBUG(4,("Invalid connection in tdis\n"));
3321 END_PROFILE(SMBtdis);
3322 return ERROR_DOS(ERRSRV,ERRinvnid);
3327 close_cnum(conn,vuid);
3329 END_PROFILE(SMBtdis);
3333 /****************************************************************************
3335 conn POINTER CAN BE NULL HERE !
3336 ****************************************************************************/
3338 int reply_echo(connection_struct *conn,
3339 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3341 int smb_reverb = SVAL(inbuf,smb_vwv0);
3343 unsigned int data_len = smb_buflen(inbuf);
3344 int outsize = set_message(outbuf,1,data_len,True);
3345 START_PROFILE(SMBecho);
3347 if (data_len > BUFFER_SIZE) {
3348 DEBUG(0,("reply_echo: data_len too large.\n"));
3349 END_PROFILE(SMBecho);
3353 /* copy any incoming data back out */
3355 memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len);
3357 if (smb_reverb > 100) {
3358 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3362 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3363 SSVAL(outbuf,smb_vwv0,seq_num);
3365 smb_setlen(outbuf,outsize - 4);
3368 if (!send_smb(smbd_server_fd(),outbuf))
3369 exit_server_cleanly("reply_echo: send_smb failed.");
3372 DEBUG(3,("echo %d times\n", smb_reverb));
3376 END_PROFILE(SMBecho);
3380 /****************************************************************************
3381 Reply to a printopen.
3382 ****************************************************************************/
3384 int reply_printopen(connection_struct *conn,
3385 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3391 START_PROFILE(SMBsplopen);
3393 if (!CAN_PRINT(conn)) {
3394 END_PROFILE(SMBsplopen);
3395 return ERROR_DOS(ERRDOS,ERRnoaccess);
3398 /* Open for exclusive use, write only. */
3399 status = print_fsp_open(conn, NULL, &fsp);
3401 if (!NT_STATUS_IS_OK(status)) {
3402 END_PROFILE(SMBsplopen);
3403 return(ERROR_NT(status));
3406 outsize = set_message(outbuf,1,0,True);
3407 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3409 DEBUG(3,("openprint fd=%d fnum=%d\n",
3410 fsp->fh->fd, fsp->fnum));
3412 END_PROFILE(SMBsplopen);
3416 /****************************************************************************
3417 Reply to a printclose.
3418 ****************************************************************************/
3420 int reply_printclose(connection_struct *conn,
3421 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3423 int outsize = set_message(outbuf,0,0,False);
3424 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3426 START_PROFILE(SMBsplclose);
3428 CHECK_FSP(fsp,conn);
3430 if (!CAN_PRINT(conn)) {
3431 END_PROFILE(SMBsplclose);
3432 return ERROR_NT(NT_STATUS_DOS(ERRSRV, ERRerror));
3435 DEBUG(3,("printclose fd=%d fnum=%d\n",
3436 fsp->fh->fd,fsp->fnum));
3438 close_err = close_file(fsp,NORMAL_CLOSE);
3440 if(close_err != 0) {
3442 END_PROFILE(SMBsplclose);
3443 return(UNIXERROR(ERRHRD,ERRgeneral));
3446 END_PROFILE(SMBsplclose);
3450 /****************************************************************************
3451 Reply to a printqueue.
3452 ****************************************************************************/
3454 int reply_printqueue(connection_struct *conn,
3455 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3457 int outsize = set_message(outbuf,2,3,True);
3458 int max_count = SVAL(inbuf,smb_vwv0);
3459 int start_index = SVAL(inbuf,smb_vwv1);
3460 START_PROFILE(SMBsplretq);
3462 /* we used to allow the client to get the cnum wrong, but that
3463 is really quite gross and only worked when there was only
3464 one printer - I think we should now only accept it if they
3465 get it right (tridge) */
3466 if (!CAN_PRINT(conn)) {
3467 END_PROFILE(SMBsplretq);
3468 return ERROR_DOS(ERRDOS,ERRnoaccess);
3471 SSVAL(outbuf,smb_vwv0,0);
3472 SSVAL(outbuf,smb_vwv1,0);
3473 SCVAL(smb_buf(outbuf),0,1);
3474 SSVAL(smb_buf(outbuf),1,0);
3476 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
3477 start_index, max_count));
3480 print_queue_struct *queue = NULL;
3481 print_status_struct status;
3482 char *p = smb_buf(outbuf) + 3;
3483 int count = print_queue_status(SNUM(conn), &queue, &status);
3484 int num_to_get = ABS(max_count);
3485 int first = (max_count>0?start_index:start_index+max_count+1);
3491 num_to_get = MIN(num_to_get,count-first);
3494 for (i=first;i<first+num_to_get;i++) {
3495 srv_put_dos_date2(p,0,queue[i].time);
3496 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
3497 SSVAL(p,5, queue[i].job);
3498 SIVAL(p,7,queue[i].size);
3500 srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII);
3505 outsize = set_message(outbuf,2,28*count+3,False);
3506 SSVAL(outbuf,smb_vwv0,count);
3507 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
3508 SCVAL(smb_buf(outbuf),0,1);
3509 SSVAL(smb_buf(outbuf),1,28*count);
3514 DEBUG(3,("%d entries returned in queue\n",count));
3517 END_PROFILE(SMBsplretq);
3521 /****************************************************************************
3522 Reply to a printwrite.
3523 ****************************************************************************/
3525 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3528 int outsize = set_message(outbuf,0,0,False);
3530 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3532 START_PROFILE(SMBsplwr);
3534 if (!CAN_PRINT(conn)) {
3535 END_PROFILE(SMBsplwr);
3536 return ERROR_DOS(ERRDOS,ERRnoaccess);
3539 CHECK_FSP(fsp,conn);
3540 if (!CHECK_WRITE(fsp)) {
3541 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3544 numtowrite = SVAL(smb_buf(inbuf),1);
3545 data = smb_buf(inbuf) + 3;
3547 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
3548 END_PROFILE(SMBsplwr);
3549 return(UNIXERROR(ERRHRD,ERRdiskfull));
3552 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
3554 END_PROFILE(SMBsplwr);
3558 /****************************************************************************
3560 ****************************************************************************/
3562 int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3567 SMB_STRUCT_STAT sbuf;
3569 START_PROFILE(SMBmkdir);
3571 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3572 if (!NT_STATUS_IS_OK(status)) {
3573 END_PROFILE(SMBmkdir);
3574 return ERROR_NT(status);
3577 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf);
3579 status = unix_convert(conn, directory, False, NULL, &sbuf);
3580 if (!NT_STATUS_IS_OK(status)) {
3581 END_PROFILE(SMBmkdir);
3582 return ERROR_NT(status);
3585 status = create_directory(conn, directory);
3587 DEBUG(5, ("create_directory returned %s\n", nt_errstr(status)));
3589 if (!NT_STATUS_IS_OK(status)) {
3591 if (!use_nt_status()
3592 && NT_STATUS_EQUAL(status,
3593 NT_STATUS_OBJECT_NAME_COLLISION)) {
3595 * Yes, in the DOS error code case we get a
3596 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
3597 * samba4 torture test.
3599 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
3602 END_PROFILE(SMBmkdir);
3603 return ERROR_NT(status);
3606 outsize = set_message(outbuf,0,0,False);
3608 DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) );
3610 END_PROFILE(SMBmkdir);
3614 /****************************************************************************
3615 Static function used by reply_rmdir to delete an entire directory
3616 tree recursively. Return True on ok, False on fail.
3617 ****************************************************************************/
3619 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
3621 const char *dname = NULL;
3624 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3629 while((dname = ReadDirName(dir_hnd, &offset))) {
3633 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3636 if (!is_visible_file(conn, directory, dname, &st, False))
3639 /* Construct the full name. */
3640 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3646 pstrcpy(fullname, directory);
3647 pstrcat(fullname, "/");
3648 pstrcat(fullname, dname);
3650 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
3655 if(st.st_mode & S_IFDIR) {
3656 if(!recursive_rmdir(conn, fullname)) {
3660 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
3664 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
3673 /****************************************************************************
3674 The internals of the rmdir code - called elsewhere.
3675 ****************************************************************************/
3677 BOOL rmdir_internals(connection_struct *conn, const char *directory)
3682 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3683 if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
3685 * Check to see if the only thing in this directory are
3686 * vetoed files/directories. If so then delete them and
3687 * retry. If we fail to delete any of them (and we *don't*
3688 * do a recursive delete) then fail the rmdir.
3692 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3694 if(dir_hnd == NULL) {
3699 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3700 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3702 if (!is_visible_file(conn, directory, dname, &st, False))
3704 if(!IS_VETO_PATH(conn, dname)) {
3711 /* We only have veto files/directories. Recursive delete. */
3713 RewindDir(dir_hnd,&dirpos);
3714 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3717 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3719 if (!is_visible_file(conn, directory, dname, &st, False))
3722 /* Construct the full name. */
3723 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3728 pstrcpy(fullname, directory);
3729 pstrcat(fullname, "/");
3730 pstrcat(fullname, dname);
3732 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
3734 if(st.st_mode & S_IFDIR) {
3735 if(lp_recursive_veto_delete(SNUM(conn))) {
3736 if(!recursive_rmdir(conn, fullname))
3739 if(SMB_VFS_RMDIR(conn,fullname) != 0)
3741 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
3745 /* Retry the rmdir */
3746 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3752 DEBUG(3,("rmdir_internals: couldn't remove directory %s : "
3753 "%s\n", directory,strerror(errno)));
3760 /****************************************************************************
3762 ****************************************************************************/
3764 int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3769 SMB_STRUCT_STAT sbuf;
3771 START_PROFILE(SMBrmdir);
3773 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3774 if (!NT_STATUS_IS_OK(status)) {
3775 END_PROFILE(SMBrmdir);
3776 return ERROR_NT(status);
3779 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf)
3781 status = unix_convert(conn, directory, False, NULL, &sbuf);
3782 if (!NT_STATUS_IS_OK(status)) {
3783 END_PROFILE(SMBrmdir);
3784 return ERROR_NT(status);
3787 if (check_name(directory,conn)) {
3788 dptr_closepath(directory,SVAL(inbuf,smb_pid));
3789 ok = rmdir_internals(conn, directory);
3793 END_PROFILE(SMBrmdir);
3794 return UNIXERROR(ERRDOS, ERRbadpath);
3797 outsize = set_message(outbuf,0,0,False);
3799 DEBUG( 3, ( "rmdir %s\n", directory ) );
3801 END_PROFILE(SMBrmdir);
3805 /*******************************************************************
3806 Resolve wildcards in a filename rename.
3807 Note that name is in UNIX charset and thus potentially can be more
3808 than fstring buffer (255 bytes) especially in default UTF-8 case.
3809 Therefore, we use pstring inside and all calls should ensure that
3810 name2 is at least pstring-long (they do already)
3811 ********************************************************************/
3813 static BOOL resolve_wildcards(const char *name1, char *name2)
3815 pstring root1,root2;
3817 char *p,*p2, *pname1, *pname2;
3818 int available_space, actual_space;
3821 pname1 = strrchr_m(name1,'/');
3822 pname2 = strrchr_m(name2,'/');
3824 if (!pname1 || !pname2)
3827 pstrcpy(root1,pname1);
3828 pstrcpy(root2,pname2);
3829 p = strrchr_m(root1,'.');
3836 p = strrchr_m(root2,'.');
3850 } else if (*p2 == '*') {
3866 } else if (*p2 == '*') {
3876 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
3879 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
3880 if (actual_space >= available_space - 1) {
3881 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
3882 actual_space - available_space));
3885 pstrcpy_base(pname2, root2, name2);
3891 /****************************************************************************
3892 Ensure open files have their names updated. Updated to notify other smbd's
3894 ****************************************************************************/
3896 static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck,
3897 SMB_DEV_T dev, SMB_INO_T inode, const char *newname)
3900 BOOL did_rename = False;
3902 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
3903 /* fsp_name is a relative path under the fsp. To change this for other
3904 sharepaths we need to manipulate relative paths. */
3905 /* TODO - create the absolute path and manipulate the newname
3906 relative to the sharepath. */
3907 if (fsp->conn != conn) {
3910 DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n",
3911 fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode,
3912 fsp->fsp_name, newname ));
3913 string_set(&fsp->fsp_name, newname);
3918 DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n",
3919 (unsigned int)dev, (double)inode, newname ));
3922 /* Send messages to all smbd's (not ourself) that the name has changed. */
3923 rename_share_filename(lck, conn->connectpath, newname);
3926 /****************************************************************************
3927 We need to check if the source path is a parent directory of the destination
3928 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
3929 refuse the rename with a sharing violation. Under UNIX the above call can
3930 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
3931 probably need to check that the client is a Windows one before disallowing
3932 this as a UNIX client (one with UNIX extensions) can know the source is a
3933 symlink and make this decision intelligently. Found by an excellent bug
3934 report from <AndyLiebman@aol.com>.
3935 ****************************************************************************/
3937 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
3939 const char *psrc = src;
3940 const char *pdst = dest;
3943 if (psrc[0] == '.' && psrc[1] == '/') {
3946 if (pdst[0] == '.' && pdst[1] == '/') {
3949 if ((slen = strlen(psrc)) > strlen(pdst)) {
3952 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
3955 /****************************************************************************
3956 Rename an open file - given an fsp.
3957 ****************************************************************************/
3959 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists)
3961 SMB_STRUCT_STAT sbuf;
3962 pstring newname_last_component;
3963 NTSTATUS status = NT_STATUS_OK;
3965 struct share_mode_lock *lck = NULL;
3969 status = unix_convert(conn, newname, False, newname_last_component, &sbuf);
3970 if (!NT_STATUS_IS_OK(status)) {
3974 /* Ensure newname contains a '/' */
3975 if(strrchr_m(newname,'/') == 0) {
3978 pstrcpy(tmpstr, "./");
3979 pstrcat(tmpstr, newname);
3980 pstrcpy(newname, tmpstr);
3984 * Check for special case with case preserving and not
3985 * case sensitive. If the old last component differs from the original
3986 * last component only by case, then we should allow
3987 * the rename (user is trying to change the case of the
3991 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
3992 strequal(newname, fsp->fsp_name)) {
3994 pstring newname_modified_last_component;
3997 * Get the last component of the modified name.
3998 * Note that we guarantee that newname contains a '/'
4001 p = strrchr_m(newname,'/');
4002 pstrcpy(newname_modified_last_component,p+1);
4004 if(strcsequal(newname_modified_last_component,
4005 newname_last_component) == False) {
4007 * Replace the modified last component with
4010 pstrcpy(p+1, newname_last_component);
4015 * If the src and dest names are identical - including case,
4016 * don't do the rename, just return success.
4019 if (strcsequal(fsp->fsp_name, newname)) {
4020 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4022 return NT_STATUS_OK;
4025 dest_exists = vfs_object_exist(conn,newname,NULL);
4027 if(!replace_if_exists && dest_exists) {
4028 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4029 fsp->fsp_name,newname));
4030 return NT_STATUS_OBJECT_NAME_COLLISION;
4033 status = can_rename(conn,newname,attrs,&sbuf);
4035 if (dest_exists && !NT_STATUS_IS_OK(status)) {
4036 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4037 nt_errstr(status), fsp->fsp_name,newname));
4038 if (NT_STATUS_EQUAL(status,NT_STATUS_SHARING_VIOLATION))
4039 status = NT_STATUS_ACCESS_DENIED;
4043 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4044 return NT_STATUS_ACCESS_DENIED;
4047 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL);
4049 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4050 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4051 fsp->fsp_name,newname));
4052 rename_open_files(conn, lck, fsp->dev, fsp->inode, newname);
4054 return NT_STATUS_OK;
4059 if (errno == ENOTDIR || errno == EISDIR) {
4060 status = NT_STATUS_OBJECT_NAME_COLLISION;
4062 status = map_nt_error_from_unix(errno);
4065 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4066 nt_errstr(status), fsp->fsp_name,newname));
4071 /****************************************************************************
4072 The guts of the rename command, split out so it may be called by the NT SMB
4074 ****************************************************************************/
4076 NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild)
4080 pstring last_component_src;
4081 pstring last_component_dest;
4084 NTSTATUS status = NT_STATUS_OK;
4085 SMB_STRUCT_STAT sbuf1, sbuf2;
4086 struct share_mode_lock *lck = NULL;
4088 *directory = *mask = 0;
4093 status = unix_convert(conn, name, has_wild, last_component_src, &sbuf1);
4094 if (!NT_STATUS_IS_OK(status)) {
4098 status = unix_convert(conn, newname, True, last_component_dest, &sbuf2);
4099 if (!NT_STATUS_IS_OK(status)) {
4104 * Split the old name into directory and last component
4105 * strings. Note that unix_convert may have stripped off a
4106 * leading ./ from both name and newname if the rename is
4107 * at the root of the share. We need to make sure either both
4108 * name and newname contain a / character or neither of them do
4109 * as this is checked in resolve_wildcards().
4112 p = strrchr_m(name,'/');
4114 pstrcpy(directory,".");
4118 pstrcpy(directory,name);
4120 *p = '/'; /* Replace needed for exceptional test below. */
4124 * We should only check the mangled cache
4125 * here if unix_convert failed. This means
4126 * that the path in 'mask' doesn't exist
4127 * on the file system and so we need to look
4128 * for a possible mangle. This patch from
4129 * Tine Smukavec <valentin.smukavec@hermes.si>.
4132 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params))
4133 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4137 * No wildcards - just process the one file.
4139 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4141 /* Add a terminating '/' to the directory name. */
4142 pstrcat(directory,"/");
4143 pstrcat(directory,mask);
4145 /* Ensure newname contains a '/' also */
4146 if(strrchr_m(newname,'/') == 0) {
4149 pstrcpy(tmpstr, "./");
4150 pstrcat(tmpstr, newname);
4151 pstrcpy(newname, tmpstr);
4154 DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \
4155 directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n",
4156 conn->case_sensitive, conn->case_preserve, conn->short_case_preserve, directory,
4157 newname, last_component_dest, is_short_name));
4160 * Check for special case with case preserving and not
4161 * case sensitive, if directory and newname are identical,
4162 * and the old last component differs from the original
4163 * last component only by case, then we should allow
4164 * the rename (user is trying to change the case of the
4167 if((conn->case_sensitive == False) &&
4168 (((conn->case_preserve == True) &&
4169 (is_short_name == False)) ||
4170 ((conn->short_case_preserve == True) &&
4171 (is_short_name == True))) &&
4172 strcsequal(directory, newname)) {
4173 pstring modified_last_component;
4176 * Get the last component of the modified name.
4177 * Note that we guarantee that newname contains a '/'
4180 p = strrchr_m(newname,'/');
4181 pstrcpy(modified_last_component,p+1);
4183 if(strcsequal(modified_last_component,
4184 last_component_dest) == False) {
4186 * Replace the modified last component with
4189 pstrcpy(p+1, last_component_dest);
4193 resolve_wildcards(directory,newname);
4196 * The source object must exist.
4199 if (!vfs_object_exist(conn, directory, &sbuf1)) {
4200 DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n",
4201 directory,newname));
4203 if (errno == ENOTDIR || errno == EISDIR || errno == ENOENT) {
4205 * Must return different errors depending on whether the parent
4206 * directory existed or not.
4209 p = strrchr_m(directory, '/');
4211 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4213 if (vfs_object_exist(conn, directory, NULL))
4214 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4215 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4217 status = map_nt_error_from_unix(errno);
4218 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4219 nt_errstr(status), directory,newname));
4224 status = can_rename(conn,directory,attrs,&sbuf1);
4226 if (!NT_STATUS_IS_OK(status)) {
4227 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4228 nt_errstr(status), directory,newname));
4233 * If the src and dest names are identical - including case,
4234 * don't do the rename, just return success.
4237 if (strcsequal(directory, newname)) {
4238 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4239 DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory));
4240 return NT_STATUS_OK;
4243 if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) {
4244 DEBUG(3,("rename_internals: dest exists doing rename %s -> %s\n",
4245 directory,newname));
4246 return NT_STATUS_OBJECT_NAME_COLLISION;
4249 if (rename_path_prefix_equal(directory, newname)) {
4250 return NT_STATUS_SHARING_VIOLATION;
4253 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4255 if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
4256 DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n",
4257 directory,newname));
4258 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4260 return NT_STATUS_OK;
4264 if (errno == ENOTDIR || errno == EISDIR)
4265 status = NT_STATUS_OBJECT_NAME_COLLISION;
4267 status = map_nt_error_from_unix(errno);
4269 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4270 nt_errstr(status), directory,newname));
4275 * Wildcards - process each file that matches.
4277 struct smb_Dir *dir_hnd = NULL;
4281 if (strequal(mask,"????????.???"))
4284 if (check_name(directory,conn))
4285 dir_hnd = OpenDir(conn, directory, mask, attrs);
4289 status = NT_STATUS_NO_SUCH_FILE;
4290 /* Was status = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */
4292 while ((dname = ReadDirName(dir_hnd, &offset))) {
4294 BOOL sysdir_entry = False;
4296 pstrcpy(fname,dname);
4298 /* Quick check for "." and ".." */
4299 if (fname[0] == '.') {
4300 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4302 sysdir_entry = True;
4309 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4312 if(!mask_match(fname, mask, conn->case_sensitive))
4316 status = NT_STATUS_OBJECT_NAME_INVALID;
4320 status = NT_STATUS_ACCESS_DENIED;
4321 slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname);
4322 if (!vfs_object_exist(conn, fname, &sbuf1)) {
4323 status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4324 DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(status)));
4327 status = can_rename(conn,fname,attrs,&sbuf1);
4328 if (!NT_STATUS_IS_OK(status)) {
4329 DEBUG(6,("rename %s refused\n", fname));
4332 pstrcpy(destname,newname);
4334 if (!resolve_wildcards(fname,destname)) {
4335 DEBUG(6,("resolve_wildcards %s %s failed\n",
4340 if (strcsequal(fname,destname)) {
4341 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4342 DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname));
4344 status = NT_STATUS_OK;
4348 if (!replace_if_exists &&
4349 vfs_file_exist(conn,destname, NULL)) {
4350 DEBUG(6,("file_exist %s\n", destname));
4351 status = NT_STATUS_OBJECT_NAME_COLLISION;
4355 if (rename_path_prefix_equal(fname, destname)) {
4356 return NT_STATUS_SHARING_VIOLATION;
4359 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4361 if (!SMB_VFS_RENAME(conn,fname,destname)) {
4362 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4364 status = NT_STATUS_OK;
4367 DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname));
4373 /* Don't think needed any more - JRA. */
4374 if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) {
4375 if (!rcdest && bad_path_dest) {
4376 if (ms_has_wild(last_component_dest))
4377 return NT_STATUS_OBJECT_NAME_INVALID;
4378 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4385 if (count == 0 && NT_STATUS_IS_OK(status)) {
4386 status = map_nt_error_from_unix(errno);
4392 /****************************************************************************
4394 ****************************************************************************/
4396 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
4403 uint32 attrs = SVAL(inbuf,smb_vwv0);
4405 BOOL path1_contains_wcard = False;
4406 BOOL path2_contains_wcard = False;
4408 START_PROFILE(SMBmv);
4410 p = smb_buf(inbuf) + 1;
4411 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path1_contains_wcard);
4412 if (!NT_STATUS_IS_OK(status)) {
4414 return ERROR_NT(status);
4417 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path2_contains_wcard);
4418 if (!NT_STATUS_IS_OK(status)) {
4420 return ERROR_NT(status);
4423 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4424 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4426 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
4428 status = rename_internals(conn, name, newname, attrs, False, path1_contains_wcard);
4429 if (!NT_STATUS_IS_OK(status)) {
4431 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
4432 /* We have re-scheduled this call. */
4435 return ERROR_NT(status);
4439 * Win2k needs a changenotify request response before it will
4440 * update after a rename..
4442 process_pending_change_notify_queue((time_t)0);
4443 outsize = set_message(outbuf,0,0,False);
4449 /*******************************************************************
4450 Copy a file as part of a reply_copy.
4451 ******************************************************************/
4454 * TODO: check error codes on all callers
4457 NTSTATUS copy_file(char *src, char *dest1,connection_struct *conn, int ofun,
4458 int count, BOOL target_is_directory)
4460 SMB_STRUCT_STAT src_sbuf, sbuf2;
4462 files_struct *fsp1,*fsp2;
4465 uint32 new_create_disposition;
4469 pstrcpy(dest,dest1);
4470 if (target_is_directory) {
4471 char *p = strrchr_m(src,'/');
4481 if (!vfs_file_exist(conn,src,&src_sbuf)) {
4482 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4485 if (!target_is_directory && count) {
4486 new_create_disposition = FILE_OPEN;
4488 if (!map_open_params_to_ntcreate(dest1,0,ofun,
4489 NULL, NULL, &new_create_disposition, NULL)) {
4490 return NT_STATUS_INVALID_PARAMETER;
4494 status = open_file_ntcreate(conn,src,&src_sbuf,
4496 FILE_SHARE_READ|FILE_SHARE_WRITE,
4499 FILE_ATTRIBUTE_NORMAL,
4503 if (!NT_STATUS_IS_OK(status)) {
4507 dosattrs = dos_mode(conn, src, &src_sbuf);
4508 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
4509 ZERO_STRUCTP(&sbuf2);
4512 status = open_file_ntcreate(conn,dest,&sbuf2,
4514 FILE_SHARE_READ|FILE_SHARE_WRITE,
4515 new_create_disposition,
4521 if (!NT_STATUS_IS_OK(status)) {
4522 close_file(fsp1,ERROR_CLOSE);
4526 if ((ofun&3) == 1) {
4527 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
4528 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
4530 * Stop the copy from occurring.
4533 src_sbuf.st_size = 0;
4537 if (src_sbuf.st_size) {
4538 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
4541 close_file(fsp1,NORMAL_CLOSE);
4543 /* Ensure the modtime is set correctly on the destination file. */
4544 fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime);
4547 * As we are opening fsp1 read-only we only expect
4548 * an error on close on fsp2 if we are out of space.
4549 * Thus we don't look at the error return from the
4552 close_err = close_file(fsp2,NORMAL_CLOSE);
4554 if (close_err != 0) {
4555 return map_nt_error_from_unix(close_err);
4558 if (ret != (SMB_OFF_T)src_sbuf.st_size) {
4559 return NT_STATUS_DISK_FULL;
4562 return NT_STATUS_OK;
4565 /****************************************************************************
4566 Reply to a file copy.
4567 ****************************************************************************/
4569 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4574 pstring mask,newname;
4577 int error = ERRnoaccess;
4581 int tid2 = SVAL(inbuf,smb_vwv0);
4582 int ofun = SVAL(inbuf,smb_vwv1);
4583 int flags = SVAL(inbuf,smb_vwv2);
4584 BOOL target_is_directory=False;
4585 BOOL path_contains_wcard1 = False;
4586 BOOL path_contains_wcard2 = False;
4587 SMB_STRUCT_STAT sbuf1, sbuf2;
4589 START_PROFILE(SMBcopy);
4591 *directory = *mask = 0;
4594 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard1);
4595 if (!NT_STATUS_IS_OK(status)) {
4596 END_PROFILE(SMBcopy);
4597 return ERROR_NT(status);
4599 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path_contains_wcard2);
4600 if (!NT_STATUS_IS_OK(status)) {
4601 END_PROFILE(SMBcopy);
4602 return ERROR_NT(status);
4605 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
4607 if (tid2 != conn->cnum) {
4608 /* can't currently handle inter share copies XXXX */
4609 DEBUG(3,("Rejecting inter-share copy\n"));
4610 END_PROFILE(SMBcopy);
4611 return ERROR_DOS(ERRSRV,ERRinvdevice);
4614 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4615 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4617 status = unix_convert(conn, name, path_contains_wcard1, NULL, &sbuf1);
4618 if (!NT_STATUS_IS_OK(status)) {
4619 END_PROFILE(SMBcopy);
4620 return ERROR_NT(status);
4623 status = unix_convert(conn, newname, path_contains_wcard2, NULL, &sbuf2);
4624 if (!NT_STATUS_IS_OK(status)) {
4625 END_PROFILE(SMBcopy);
4626 return ERROR_NT(status);
4629 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
4631 if ((flags&1) && target_is_directory) {
4632 END_PROFILE(SMBcopy);
4633 return ERROR_DOS(ERRDOS,ERRbadfile);
4636 if ((flags&2) && !target_is_directory) {
4637 END_PROFILE(SMBcopy);
4638 return ERROR_DOS(ERRDOS,ERRbadpath);
4641 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
4642 /* wants a tree copy! XXXX */
4643 DEBUG(3,("Rejecting tree copy\n"));
4644 END_PROFILE(SMBcopy);
4645 return ERROR_DOS(ERRSRV,ERRerror);
4648 p = strrchr_m(name,'/');
4650 pstrcpy(directory,"./");
4654 pstrcpy(directory,name);
4659 * We should only check the mangled cache
4660 * here if unix_convert failed. This means
4661 * that the path in 'mask' doesn't exist
4662 * on the file system and so we need to look
4663 * for a possible mangle. This patch from
4664 * Tine Smukavec <valentin.smukavec@hermes.si>.
4667 if (!VALID_STAT(sbuf1) && mangle_is_mangled(mask, conn->params))
4668 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4670 has_wild = path_contains_wcard1;
4673 pstrcat(directory,"/");
4674 pstrcat(directory,mask);
4675 if (resolve_wildcards(directory,newname)
4676 && NT_STATUS_IS_OK(status = copy_file(
4677 directory,newname,conn,ofun,
4678 count,target_is_directory)))
4680 if(!count && !NT_STATUS_IS_OK(status)) {
4681 END_PROFILE(SMBcopy);
4682 return ERROR_NT(status);
4685 exists = vfs_file_exist(conn,directory,NULL);
4688 struct smb_Dir *dir_hnd = NULL;
4692 if (strequal(mask,"????????.???"))
4695 if (check_name(directory,conn))
4696 dir_hnd = OpenDir(conn, directory, mask, 0);
4702 while ((dname = ReadDirName(dir_hnd, &offset))) {
4704 pstrcpy(fname,dname);
4706 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4709 if(!mask_match(fname, mask, conn->case_sensitive))
4712 error = ERRnoaccess;
4713 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
4714 pstrcpy(destname,newname);
4715 if (resolve_wildcards(fname,destname)
4716 && NT_STATUS_IS_OK(status = copy_file(
4717 fname,destname,conn,ofun,
4718 count,target_is_directory)))
4720 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname));
4728 /* Error on close... */
4730 END_PROFILE(SMBcopy);
4731 return(UNIXERROR(ERRHRD,ERRgeneral));
4734 END_PROFILE(SMBcopy);
4735 return ERROR_DOS(ERRDOS,error);
4738 outsize = set_message(outbuf,1,0,True);
4739 SSVAL(outbuf,smb_vwv0,count);
4741 END_PROFILE(SMBcopy);
4745 /****************************************************************************
4747 ****************************************************************************/
4749 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4757 START_PROFILE(pathworks_setdir);
4760 if (!CAN_SETDIR(snum)) {
4761 END_PROFILE(pathworks_setdir);
4762 return ERROR_DOS(ERRDOS,ERRnoaccess);
4765 srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status);
4766 if (!NT_STATUS_IS_OK(status)) {
4767 END_PROFILE(pathworks_setdir);
4768 return ERROR_NT(status);
4771 RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf);
4773 if (strlen(newdir) == 0) {
4776 ok = vfs_directory_exist(conn,newdir,NULL);
4778 set_conn_connectpath(conn,newdir);
4782 END_PROFILE(pathworks_setdir);
4783 return ERROR_DOS(ERRDOS,ERRbadpath);
4786 outsize = set_message(outbuf,0,0,False);
4787 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
4789 DEBUG(3,("setdir %s\n", newdir));
4791 END_PROFILE(pathworks_setdir);
4796 #define DBGC_CLASS DBGC_LOCKING
4798 /****************************************************************************
4799 Get a lock pid, dealing with large count requests.
4800 ****************************************************************************/
4802 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
4804 if(!large_file_format)
4805 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
4807 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
4810 /****************************************************************************
4811 Get a lock count, dealing with large count requests.
4812 ****************************************************************************/
4814 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
4816 SMB_BIG_UINT count = 0;
4818 if(!large_file_format) {
4819 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
4822 #if defined(HAVE_LONGLONG)
4823 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
4824 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
4825 #else /* HAVE_LONGLONG */
4828 * NT4.x seems to be broken in that it sends large file (64 bit)
4829 * lockingX calls even if the CAP_LARGE_FILES was *not*
4830 * negotiated. For boxes without large unsigned ints truncate the
4831 * lock count by dropping the top 32 bits.
4834 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
4835 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
4836 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
4837 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
4838 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
4841 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
4842 #endif /* HAVE_LONGLONG */
4848 #if !defined(HAVE_LONGLONG)
4849 /****************************************************************************
4850 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
4851 ****************************************************************************/
4853 static uint32 map_lock_offset(uint32 high, uint32 low)
4857 uint32 highcopy = high;
4860 * Try and find out how many significant bits there are in high.
4863 for(i = 0; highcopy; i++)
4867 * We use 31 bits not 32 here as POSIX
4868 * lock offsets may not be negative.
4871 mask = (~0) << (31 - i);
4874 return 0; /* Fail. */
4880 #endif /* !defined(HAVE_LONGLONG) */
4882 /****************************************************************************
4883 Get a lock offset, dealing with large offset requests.
4884 ****************************************************************************/
4886 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
4888 SMB_BIG_UINT offset = 0;
4892 if(!large_file_format) {
4893 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
4896 #if defined(HAVE_LONGLONG)
4897 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
4898 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
4899 #else /* HAVE_LONGLONG */
4902 * NT4.x seems to be broken in that it sends large file (64 bit)
4903 * lockingX calls even if the CAP_LARGE_FILES was *not*
4904 * negotiated. For boxes without large unsigned ints mangle the
4905 * lock offset by mapping the top 32 bits onto the lower 32.
4908 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
4909 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
4910 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
4913 if((new_low = map_lock_offset(high, low)) == 0) {
4915 return (SMB_BIG_UINT)-1;
4918 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
4919 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
4920 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
4921 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
4924 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
4925 #endif /* HAVE_LONGLONG */
4931 /****************************************************************************
4932 Reply to a lockingX request.
4933 ****************************************************************************/
4935 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
4936 int length, int bufsize)
4938 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
4939 unsigned char locktype = CVAL(inbuf,smb_vwv3);
4940 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
4941 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
4942 uint16 num_locks = SVAL(inbuf,smb_vwv7);
4943 SMB_BIG_UINT count = 0, offset = 0;
4945 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
4948 BOOL large_file_format =
4949 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
4951 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
4953 START_PROFILE(SMBlockingX);
4955 CHECK_FSP(fsp,conn);
4957 data = smb_buf(inbuf);
4959 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
4960 /* we don't support these - and CANCEL_LOCK makes w2k
4961 and XP reboot so I don't really want to be
4962 compatible! (tridge) */
4963 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
4966 /* Check if this is an oplock break on a file
4967 we have granted an oplock on.
4969 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
4970 /* Client can insist on breaking to none. */
4971 BOOL break_to_none = (oplocklevel == 0);
4974 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
4975 "for fnum = %d\n", (unsigned int)oplocklevel,
4979 * Make sure we have granted an exclusive or batch oplock on
4983 if (fsp->oplock_type == 0) {
4985 /* The Samba4 nbench simulator doesn't understand
4986 the difference between break to level2 and break
4987 to none from level2 - it sends oplock break
4988 replies in both cases. Don't keep logging an error
4989 message here - just ignore it. JRA. */
4991 DEBUG(5,("reply_lockingX: Error : oplock break from "
4992 "client for fnum = %d (oplock=%d) and no "
4993 "oplock granted on this file (%s).\n",
4994 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
4996 /* if this is a pure oplock break request then don't
4998 if (num_locks == 0 && num_ulocks == 0) {
4999 END_PROFILE(SMBlockingX);
5002 END_PROFILE(SMBlockingX);
5003 return ERROR_DOS(ERRDOS,ERRlock);
5007 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5009 result = remove_oplock(fsp);
5011 result = downgrade_oplock(fsp);
5015 DEBUG(0, ("reply_lockingX: error in removing "
5016 "oplock on file %s\n", fsp->fsp_name));
5017 /* Hmmm. Is this panic justified? */
5018 smb_panic("internal tdb error");
5021 reply_to_oplock_break_requests(fsp);
5023 /* if this is a pure oplock break request then don't send a
5025 if (num_locks == 0 && num_ulocks == 0) {
5026 /* Sanity check - ensure a pure oplock break is not a
5028 if(CVAL(inbuf,smb_vwv0) != 0xff)
5029 DEBUG(0,("reply_lockingX: Error : pure oplock "
5030 "break is a chained %d request !\n",
5031 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5032 END_PROFILE(SMBlockingX);
5038 * We do this check *after* we have checked this is not a oplock break
5039 * response message. JRA.
5042 release_level_2_oplocks_on_change(fsp);
5044 /* Data now points at the beginning of the list
5045 of smb_unlkrng structs */
5046 for(i = 0; i < (int)num_ulocks; i++) {
5047 lock_pid = get_lock_pid( data, i, large_file_format);
5048 count = get_lock_count( data, i, large_file_format);
5049 offset = get_lock_offset( data, i, large_file_format, &err);
5052 * There is no error code marked "stupid client bug".... :-).
5055 END_PROFILE(SMBlockingX);
5056 return ERROR_DOS(ERRDOS,ERRnoaccess);
5059 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5060 "pid %u, file %s\n", (double)offset, (double)count,
5061 (unsigned int)lock_pid, fsp->fsp_name ));
5063 status = do_unlock(fsp,
5069 if (NT_STATUS_V(status)) {
5070 END_PROFILE(SMBlockingX);
5071 return ERROR_NT(status);
5075 /* Setup the timeout in seconds. */
5077 if (!lp_blocking_locks(SNUM(conn))) {
5081 /* Now do any requested locks */
5082 data += ((large_file_format ? 20 : 10)*num_ulocks);
5084 /* Data now points at the beginning of the list
5085 of smb_lkrng structs */
5087 for(i = 0; i < (int)num_locks; i++) {
5088 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5089 READ_LOCK:WRITE_LOCK);
5090 lock_pid = get_lock_pid( data, i, large_file_format);
5091 count = get_lock_count( data, i, large_file_format);
5092 offset = get_lock_offset( data, i, large_file_format, &err);
5095 * There is no error code marked "stupid client bug".... :-).
5098 END_PROFILE(SMBlockingX);
5099 return ERROR_DOS(ERRDOS,ERRnoaccess);
5102 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5103 "%u, file %s timeout = %d\n", (double)offset,
5104 (double)count, (unsigned int)lock_pid,
5105 fsp->fsp_name, (int)lock_timeout ));
5107 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5108 if (lp_blocking_locks(SNUM(conn))) {
5110 /* Schedule a message to ourselves to
5111 remove the blocking lock record and
5112 return the right error. */
5114 if (!blocking_lock_cancel(fsp,
5120 NT_STATUS_FILE_LOCK_CONFLICT)) {
5121 END_PROFILE(SMBlockingX);
5122 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation));
5125 /* Remove a matching pending lock. */
5126 status = do_lock_cancel(fsp,
5132 BOOL blocking_lock = lock_timeout ? True : False;
5133 BOOL defer_lock = False;
5134 struct byte_range_lock *br_lck;
5136 br_lck = do_lock(fsp,
5145 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
5146 /* Windows internal resolution for blocking locks seems
5147 to be about 200ms... Don't wait for less than that. JRA. */
5148 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
5149 lock_timeout = lp_lock_spin_time();
5154 /* This heuristic seems to match W2K3 very well. If a
5155 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
5156 it pretends we asked for a timeout of between 150 - 300 milliseconds as
5157 far as I can tell. Replacement for do_lock_spin(). JRA. */
5159 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
5160 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
5162 lock_timeout = lp_lock_spin_time();
5165 if (br_lck && defer_lock) {
5167 * A blocking lock was requested. Package up
5168 * this smb into a queued request and push it
5169 * onto the blocking lock queue.
5171 if(push_blocking_lock_request(br_lck,
5181 TALLOC_FREE(br_lck);
5182 END_PROFILE(SMBlockingX);
5187 TALLOC_FREE(br_lck);
5190 if (NT_STATUS_V(status)) {
5191 END_PROFILE(SMBlockingX);
5192 return ERROR_NT(status);
5196 /* If any of the above locks failed, then we must unlock
5197 all of the previous locks (X/Open spec). */
5199 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
5203 * Ensure we don't do a remove on the lock that just failed,
5204 * as under POSIX rules, if we have a lock already there, we
5205 * will delete it (and we shouldn't) .....
5207 for(i--; i >= 0; i--) {
5208 lock_pid = get_lock_pid( data, i, large_file_format);
5209 count = get_lock_count( data, i, large_file_format);
5210 offset = get_lock_offset( data, i, large_file_format,
5214 * There is no error code marked "stupid client
5218 END_PROFILE(SMBlockingX);
5219 return ERROR_DOS(ERRDOS,ERRnoaccess);
5228 END_PROFILE(SMBlockingX);
5229 return ERROR_NT(status);
5232 set_message(outbuf,2,0,True);
5234 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5235 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5237 END_PROFILE(SMBlockingX);
5238 return chain_reply(inbuf,outbuf,length,bufsize);
5242 #define DBGC_CLASS DBGC_ALL
5244 /****************************************************************************
5245 Reply to a SMBreadbmpx (read block multiplex) request.
5246 ****************************************************************************/
5248 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
5259 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5260 START_PROFILE(SMBreadBmpx);
5262 /* this function doesn't seem to work - disable by default */
5263 if (!lp_readbmpx()) {
5264 END_PROFILE(SMBreadBmpx);
5265 return ERROR_DOS(ERRSRV,ERRuseSTD);
5268 outsize = set_message(outbuf,8,0,True);
5270 CHECK_FSP(fsp,conn);
5271 if (!CHECK_READ(fsp,inbuf)) {
5272 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5275 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
5276 maxcount = SVAL(inbuf,smb_vwv3);
5278 data = smb_buf(outbuf);
5279 pad = ((long)data)%4;
5284 max_per_packet = bufsize-(outsize+pad);
5288 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
5289 END_PROFILE(SMBreadBmpx);
5290 return ERROR_DOS(ERRDOS,ERRlock);
5294 size_t N = MIN(max_per_packet,tcount-total_read);
5296 nread = read_file(fsp,data,startpos,N);
5301 if (nread < (ssize_t)N)
5302 tcount = total_read + nread;
5304 set_message(outbuf,8,nread+pad,False);
5305 SIVAL(outbuf,smb_vwv0,startpos);
5306 SSVAL(outbuf,smb_vwv2,tcount);
5307 SSVAL(outbuf,smb_vwv6,nread);
5308 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
5311 if (!send_smb(smbd_server_fd(),outbuf))
5312 exit_server_cleanly("reply_readbmpx: send_smb failed.");
5314 total_read += nread;
5316 } while (total_read < (ssize_t)tcount);
5318 END_PROFILE(SMBreadBmpx);
5322 /****************************************************************************
5323 Reply to a SMBsetattrE.
5324 ****************************************************************************/
5326 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5328 struct utimbuf unix_times;
5330 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5331 START_PROFILE(SMBsetattrE);
5333 outsize = set_message(outbuf,0,0,False);
5335 if(!fsp || (fsp->conn != conn)) {
5336 END_PROFILE(SMBsetattrE);
5337 return ERROR_DOS(ERRDOS,ERRbadfid);
5341 * Convert the DOS times into unix times. Ignore create
5342 * time as UNIX can't set this.
5345 unix_times.actime = srv_make_unix_date2(inbuf+smb_vwv3);
5346 unix_times.modtime = srv_make_unix_date2(inbuf+smb_vwv5);
5349 * Patch from Ray Frush <frush@engr.colostate.edu>
5350 * Sometimes times are sent as zero - ignore them.
5353 if (null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5354 /* Ignore request */
5355 if( DEBUGLVL( 3 ) ) {
5356 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
5357 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
5359 END_PROFILE(SMBsetattrE);
5361 } else if (!null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5362 /* set modify time = to access time if modify time was unset */
5363 unix_times.modtime = unix_times.actime;
5366 /* Set the date on this file */
5367 /* Should we set pending modtime here ? JRA */
5368 if(file_utime(conn, fsp->fsp_name, &unix_times)) {
5369 END_PROFILE(SMBsetattrE);
5370 return ERROR_DOS(ERRDOS,ERRnoaccess);
5373 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n",
5374 fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) );
5376 END_PROFILE(SMBsetattrE);
5381 /* Back from the dead for OS/2..... JRA. */
5383 /****************************************************************************
5384 Reply to a SMBwritebmpx (write block multiplex primary) request.
5385 ****************************************************************************/
5387 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5390 ssize_t nwritten = -1;
5397 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5398 START_PROFILE(SMBwriteBmpx);
5400 CHECK_FSP(fsp,conn);
5401 if (!CHECK_WRITE(fsp)) {
5402 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5404 if (HAS_CACHED_ERROR(fsp)) {
5405 return(CACHED_ERROR(fsp));
5408 tcount = SVAL(inbuf,smb_vwv1);
5409 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
5410 write_through = BITSETW(inbuf+smb_vwv7,0);
5411 numtowrite = SVAL(inbuf,smb_vwv10);
5412 smb_doff = SVAL(inbuf,smb_vwv11);
5414 data = smb_base(inbuf) + smb_doff;
5416 /* If this fails we need to send an SMBwriteC response,
5417 not an SMBwritebmpx - set this up now so we don't forget */
5418 SCVAL(outbuf,smb_com,SMBwritec);
5420 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
5421 END_PROFILE(SMBwriteBmpx);
5422 return(ERROR_DOS(ERRDOS,ERRlock));
5425 nwritten = write_file(fsp,data,startpos,numtowrite);
5427 sync_file(conn, fsp, write_through);
5429 if(nwritten < (ssize_t)numtowrite) {
5430 END_PROFILE(SMBwriteBmpx);
5431 return(UNIXERROR(ERRHRD,ERRdiskfull));
5434 /* If the maximum to be written to this file
5435 is greater than what we just wrote then set
5436 up a secondary struct to be attached to this
5437 fd, we will use this to cache error messages etc. */
5439 if((ssize_t)tcount > nwritten) {
5440 write_bmpx_struct *wbms;
5441 if(fsp->wbmpx_ptr != NULL)
5442 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
5444 wbms = SMB_MALLOC_P(write_bmpx_struct);
5446 DEBUG(0,("Out of memory in reply_readmpx\n"));
5447 END_PROFILE(SMBwriteBmpx);
5448 return(ERROR_DOS(ERRSRV,ERRnoresource));
5450 wbms->wr_mode = write_through;
5451 wbms->wr_discard = False; /* No errors yet */
5452 wbms->wr_total_written = nwritten;
5453 wbms->wr_errclass = 0;
5455 fsp->wbmpx_ptr = wbms;
5458 /* We are returning successfully, set the message type back to
5460 SCVAL(outbuf,smb_com,SMBwriteBmpx);
5462 outsize = set_message(outbuf,1,0,True);
5464 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
5466 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
5467 fsp->fnum, (int)numtowrite, (int)nwritten ) );
5469 if (write_through && tcount==nwritten) {
5470 /* We need to send both a primary and a secondary response */
5471 smb_setlen(outbuf,outsize - 4);
5473 if (!send_smb(smbd_server_fd(),outbuf))
5474 exit_server_cleanly("reply_writebmpx: send_smb failed.");
5476 /* Now the secondary */
5477 outsize = set_message(outbuf,1,0,True);
5478 SCVAL(outbuf,smb_com,SMBwritec);
5479 SSVAL(outbuf,smb_vwv0,nwritten);
5482 END_PROFILE(SMBwriteBmpx);
5486 /****************************************************************************
5487 Reply to a SMBwritebs (write block multiplex secondary) request.
5488 ****************************************************************************/
5490 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5493 ssize_t nwritten = -1;
5500 write_bmpx_struct *wbms;
5501 BOOL send_response = False;
5502 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5503 START_PROFILE(SMBwriteBs);
5505 CHECK_FSP(fsp,conn);
5506 if (!CHECK_WRITE(fsp)) {
5507 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5510 tcount = SVAL(inbuf,smb_vwv1);
5511 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
5512 numtowrite = SVAL(inbuf,smb_vwv6);
5513 smb_doff = SVAL(inbuf,smb_vwv7);
5515 data = smb_base(inbuf) + smb_doff;
5517 /* We need to send an SMBwriteC response, not an SMBwritebs */
5518 SCVAL(outbuf,smb_com,SMBwritec);
5520 /* This fd should have an auxiliary struct attached,
5521 check that it does */
5522 wbms = fsp->wbmpx_ptr;
5524 END_PROFILE(SMBwriteBs);
5528 /* If write through is set we can return errors, else we must cache them */
5529 write_through = wbms->wr_mode;
5531 /* Check for an earlier error */
5532 if(wbms->wr_discard) {
5533 END_PROFILE(SMBwriteBs);
5534 return -1; /* Just discard the packet */
5537 nwritten = write_file(fsp,data,startpos,numtowrite);
5539 sync_file(conn, fsp, write_through);
5541 if (nwritten < (ssize_t)numtowrite) {
5543 /* We are returning an error - we can delete the aux struct */
5546 fsp->wbmpx_ptr = NULL;
5547 END_PROFILE(SMBwriteBs);
5548 return(ERROR_DOS(ERRHRD,ERRdiskfull));
5550 wbms->wr_errclass = ERRHRD;
5551 wbms->wr_error = ERRdiskfull;
5552 wbms->wr_status = NT_STATUS_DISK_FULL;
5553 wbms->wr_discard = True;
5554 END_PROFILE(SMBwriteBs);
5558 /* Increment the total written, if this matches tcount
5559 we can discard the auxiliary struct (hurrah !) and return a writeC */
5560 wbms->wr_total_written += nwritten;
5561 if(wbms->wr_total_written >= tcount) {
5562 if (write_through) {
5563 outsize = set_message(outbuf,1,0,True);
5564 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
5565 send_response = True;
5569 fsp->wbmpx_ptr = NULL;
5573 END_PROFILE(SMBwriteBs);
5577 END_PROFILE(SMBwriteBs);
5581 /****************************************************************************
5582 Reply to a SMBgetattrE.
5583 ****************************************************************************/
5585 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5587 SMB_STRUCT_STAT sbuf;
5590 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5591 START_PROFILE(SMBgetattrE);
5593 outsize = set_message(outbuf,11,0,True);
5595 if(!fsp || (fsp->conn != conn)) {
5596 END_PROFILE(SMBgetattrE);
5597 return ERROR_DOS(ERRDOS,ERRbadfid);
5600 /* Do an fstat on this file */
5601 if(fsp_stat(fsp, &sbuf)) {
5602 END_PROFILE(SMBgetattrE);
5603 return(UNIXERROR(ERRDOS,ERRnoaccess));
5606 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
5609 * Convert the times into dos times. Set create
5610 * date to be last modify date as UNIX doesn't save
5614 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
5615 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
5616 /* Should we check pending modtime here ? JRA */
5617 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
5620 SIVAL(outbuf,smb_vwv6,0);
5621 SIVAL(outbuf,smb_vwv8,0);
5623 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
5624 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
5625 SIVAL(outbuf,smb_vwv8,allocation_size);
5627 SSVAL(outbuf,smb_vwv10, mode);
5629 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
5631 END_PROFILE(SMBgetattrE);