2 Unix SMB/CIFS implementation.
3 Main SMB reply routines
4 Copyright (C) Andrew Tridgell 1992-1998
5 Copyright (C) Andrew Bartlett 2001
6 Copyright (C) Jeremy Allison 1992-2004.
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
23 This file handles most of the reply_ calls that the server
24 makes to handle specific protocols
29 /* look in server.c for some explanation of these variables */
30 extern enum protocol_types Protocol;
33 unsigned int smb_echo_count = 0;
34 extern uint32 global_client_caps;
36 extern struct current_user current_user;
37 extern BOOL global_encrypted_passwords_negotiated;
39 /****************************************************************************
40 Ensure we check the path in *exactly* the same way as W2K for regular pathnames.
41 We're assuming here that '/' is not the second byte in any multibyte char
42 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
44 ****************************************************************************/
46 NTSTATUS check_path_syntax(pstring destname, const pstring srcname)
49 const char *s = srcname;
50 NTSTATUS ret = NT_STATUS_OK;
51 BOOL start_of_name_component = True;
52 unsigned int num_bad_components = 0;
55 if (IS_DIRECTORY_SEP(*s)) {
57 * Safe to assume is not the second part of a mb char as this is handled below.
59 /* Eat multiple '/' or '\\' */
60 while (IS_DIRECTORY_SEP(*s)) {
63 if ((d != destname) && (*s != '\0')) {
64 /* We only care about non-leading or trailing '/' or '\\' */
68 start_of_name_component = True;
72 if (start_of_name_component) {
73 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
74 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
77 * No mb char starts with '.' so we're safe checking the directory separator here.
80 /* If we just added a '/' - delete it */
81 if ((d > destname) && (*(d-1) == '/')) {
86 /* Are we at the start ? Can't go back further if so. */
88 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
91 /* Go back one level... */
92 /* We know this is safe as '/' cannot be part of a mb sequence. */
93 /* NOTE - if this assumption is invalid we are not in good shape... */
94 /* Decrement d first as d points to the *next* char to write into. */
95 for (d--; d > destname; d--) {
99 s += 2; /* Else go past the .. */
100 /* We're still at the start of a name component, just the previous one. */
102 if (num_bad_components) {
103 /* Hmmm. Should we only decrement the bad_components if
104 we're removing a bad component ? Need to check this. JRA. */
105 num_bad_components--;
110 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
111 /* Component of pathname can't be "." only. */
112 ret = NT_STATUS_OBJECT_NAME_INVALID;
113 num_bad_components++;
121 return NT_STATUS_OBJECT_NAME_INVALID;
129 return NT_STATUS_OBJECT_NAME_INVALID;
136 /* Get the size of the next MB character. */
137 next_codepoint(s,&siz);
155 DEBUG(0,("check_path_syntax: character length assumptions invalid !\n"));
157 return NT_STATUS_INVALID_PARAMETER;
160 if (start_of_name_component && num_bad_components) {
161 num_bad_components++;
163 start_of_name_component = False;
166 if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) {
167 if (num_bad_components > 1) {
168 ret = NT_STATUS_OBJECT_PATH_NOT_FOUND;
176 /****************************************************************************
177 Ensure we check the path in *exactly* the same way as W2K for a findfirst/findnext
178 path or anything including wildcards.
179 We're assuming here that '/' is not the second byte in any multibyte char
180 set (a safe assumption). '\\' *may* be the second byte in a multibyte char
182 ****************************************************************************/
184 NTSTATUS check_path_syntax_wcard(pstring destname, const pstring srcname, BOOL *p_contains_wcard)
187 const char *s = srcname;
188 NTSTATUS ret = NT_STATUS_OK;
189 BOOL start_of_name_component = True;
190 unsigned int num_bad_components = 0;
192 *p_contains_wcard = False;
195 if (IS_DIRECTORY_SEP(*s)) {
197 * Safe to assume is not the second part of a mb char as this is handled below.
199 /* Eat multiple '/' or '\\' */
200 while (IS_DIRECTORY_SEP(*s)) {
203 if ((d != destname) && (*s != '\0')) {
204 /* We only care about non-leading or trailing '/' or '\\' */
208 start_of_name_component = True;
212 if (start_of_name_component) {
213 if ((s[0] == '.') && (s[1] == '.') && (IS_DIRECTORY_SEP(s[2]) || s[2] == '\0')) {
214 /* Uh oh - "/../" or "\\..\\" or "/..\0" or "\\..\0" ! */
217 * No mb char starts with '.' so we're safe checking the directory separator here.
220 /* If we just added a '/' - delete it */
221 if ((d > destname) && (*(d-1) == '/')) {
226 /* Are we at the start ? Can't go back further if so. */
228 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
231 /* Go back one level... */
232 /* We know this is safe as '/' cannot be part of a mb sequence. */
233 /* NOTE - if this assumption is invalid we are not in good shape... */
234 /* Decrement d first as d points to the *next* char to write into. */
235 for (d--; d > destname; d--) {
239 s += 2; /* Else go past the .. */
240 /* We're still at the start of a name component, just the previous one. */
242 if (num_bad_components) {
243 /* Hmmm. Should we only decrement the bad_components if
244 we're removing a bad component ? Need to check this. JRA. */
245 num_bad_components--;
250 } else if ((s[0] == '.') && ((s[1] == '\0') || IS_DIRECTORY_SEP(s[1]))) {
251 /* Component of pathname can't be "." only. */
252 ret = NT_STATUS_OBJECT_NAME_INVALID;
253 num_bad_components++;
261 return NT_STATUS_OBJECT_NAME_INVALID;
263 if (!*p_contains_wcard) {
270 *p_contains_wcard = True;
279 /* Get the size of the next MB character. */
280 next_codepoint(s,&siz);
298 DEBUG(0,("check_path_syntax_wcard: character length assumptions invalid !\n"));
300 return NT_STATUS_INVALID_PARAMETER;
303 if (start_of_name_component && num_bad_components) {
304 num_bad_components++;
306 start_of_name_component = False;
309 if (NT_STATUS_EQUAL(ret, NT_STATUS_OBJECT_NAME_INVALID)) {
310 /* For some strange reason being called from findfirst changes
311 the num_components number to cause the error return to change. JRA. */
312 if (num_bad_components > 2) {
313 ret = NT_STATUS_OBJECT_PATH_NOT_FOUND;
321 /****************************************************************************
322 Check the path for a POSIX client.
323 We're assuming here that '/' is not the second byte in any multibyte char
324 set (a safe assumption).
325 ****************************************************************************/
327 NTSTATUS check_path_syntax_posix(pstring destname, const pstring srcname)
330 const char *s = srcname;
331 NTSTATUS ret = NT_STATUS_OK;
332 BOOL start_of_name_component = True;
337 * Safe to assume is not the second part of a mb char as this is handled below.
339 /* Eat multiple '/' or '\\' */
343 if ((d != destname) && (*s != '\0')) {
344 /* We only care about non-leading or trailing '/' */
348 start_of_name_component = True;
352 if (start_of_name_component) {
353 if ((s[0] == '.') && (s[1] == '.') && (s[2] == '/' || s[2] == '\0')) {
354 /* Uh oh - "/../" or "/..\0" ! */
357 * No mb char starts with '.' so we're safe checking the directory separator here.
360 /* If we just added a '/' - delete it */
361 if ((d > destname) && (*(d-1) == '/')) {
366 /* Are we at the start ? Can't go back further if so. */
368 ret = NT_STATUS_OBJECT_PATH_SYNTAX_BAD;
371 /* Go back one level... */
372 /* We know this is safe as '/' cannot be part of a mb sequence. */
373 /* NOTE - if this assumption is invalid we are not in good shape... */
374 /* Decrement d first as d points to the *next* char to write into. */
375 for (d--; d > destname; d--) {
379 s += 2; /* Else go past the .. */
382 } else if ((s[0] == '.') && ((s[1] == '\0') || (s[1] == '/'))) {
393 /* Get the size of the next MB character. */
394 next_codepoint(s,&siz);
412 DEBUG(0,("check_path_syntax_posix: character length assumptions invalid !\n"));
414 return NT_STATUS_INVALID_PARAMETER;
417 start_of_name_component = False;
424 /****************************************************************************
425 Pull a string and check the path allowing a wilcard - provide for error return.
426 ****************************************************************************/
428 size_t srvstr_get_path_wcard(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags,
429 NTSTATUS *err, BOOL *contains_wcard)
432 char *tmppath_ptr = tmppath;
435 SMB_ASSERT(dest_len == sizeof(pstring));
439 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
441 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
444 *contains_wcard = False;
446 if (lp_posix_pathnames()) {
447 *err = check_path_syntax_posix(dest, tmppath);
449 *err = check_path_syntax_wcard(dest, tmppath, contains_wcard);
455 /****************************************************************************
456 Pull a string and check the path - provide for error return.
457 ****************************************************************************/
459 size_t srvstr_get_path(char *inbuf, char *dest, const char *src, size_t dest_len, size_t src_len, int flags, NTSTATUS *err)
462 char *tmppath_ptr = tmppath;
465 SMB_ASSERT(dest_len == sizeof(pstring));
469 ret = srvstr_pull_buf( inbuf, tmppath_ptr, src, dest_len, flags);
471 ret = srvstr_pull( inbuf, tmppath_ptr, src, dest_len, src_len, flags);
473 if (lp_posix_pathnames()) {
474 *err = check_path_syntax_posix(dest, tmppath);
476 *err = check_path_syntax(dest, tmppath);
482 /****************************************************************************
483 Reply to a special message.
484 ****************************************************************************/
486 int reply_special(char *inbuf,char *outbuf)
489 int msg_type = CVAL(inbuf,0);
490 int msg_flags = CVAL(inbuf,1);
494 static BOOL already_got_session = False;
498 memset(outbuf,'\0',smb_size);
500 smb_setlen(outbuf,0);
503 case 0x81: /* session request */
505 if (already_got_session) {
506 exit_server("multiple session request not permitted");
509 SCVAL(outbuf,0,0x82);
511 if (name_len(inbuf+4) > 50 ||
512 name_len(inbuf+4 + name_len(inbuf + 4)) > 50) {
513 DEBUG(0,("Invalid name length in session request\n"));
516 name_extract(inbuf,4,name1);
517 name_type = name_extract(inbuf,4 + name_len(inbuf + 4),name2);
518 DEBUG(2,("netbios connect: name1=%s name2=%s\n",
521 set_local_machine_name(name1, True);
522 set_remote_machine_name(name2, True);
524 DEBUG(2,("netbios connect: local=%s remote=%s, name type = %x\n",
525 get_local_machine_name(), get_remote_machine_name(),
528 if (name_type == 'R') {
529 /* We are being asked for a pathworks session ---
531 SCVAL(outbuf, 0,0x83);
535 /* only add the client's machine name to the list
536 of possibly valid usernames if we are operating
537 in share mode security */
538 if (lp_security() == SEC_SHARE) {
539 add_session_user(get_remote_machine_name());
542 reload_services(True);
545 already_got_session = True;
548 case 0x89: /* session keepalive request
549 (some old clients produce this?) */
550 SCVAL(outbuf,0,SMBkeepalive);
554 case 0x82: /* positive session response */
555 case 0x83: /* negative session response */
556 case 0x84: /* retarget session response */
557 DEBUG(0,("Unexpected session response\n"));
560 case SMBkeepalive: /* session keepalive */
565 DEBUG(5,("init msg_type=0x%x msg_flags=0x%x\n",
566 msg_type, msg_flags));
571 /****************************************************************************
573 conn POINTER CAN BE NULL HERE !
574 ****************************************************************************/
576 int reply_tcon(connection_struct *conn,
577 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
584 uint16 vuid = SVAL(inbuf,smb_uid);
588 DATA_BLOB password_blob;
590 START_PROFILE(SMBtcon);
592 *service_buf = *password = *dev = 0;
594 p = smb_buf(inbuf)+1;
595 p += srvstr_pull_buf(inbuf, service_buf, p, sizeof(service_buf), STR_TERMINATE) + 1;
596 pwlen = srvstr_pull_buf(inbuf, password, p, sizeof(password), STR_TERMINATE) + 1;
598 p += srvstr_pull_buf(inbuf, dev, p, sizeof(dev), STR_TERMINATE) + 1;
600 p = strrchr_m(service_buf,'\\');
604 service = service_buf;
607 password_blob = data_blob(password, pwlen+1);
609 conn = make_connection(service,password_blob,dev,vuid,&nt_status);
611 data_blob_clear_free(&password_blob);
614 END_PROFILE(SMBtcon);
615 return ERROR_NT(nt_status);
618 outsize = set_message(outbuf,2,0,True);
619 SSVAL(outbuf,smb_vwv0,max_recv);
620 SSVAL(outbuf,smb_vwv1,conn->cnum);
621 SSVAL(outbuf,smb_tid,conn->cnum);
623 DEBUG(3,("tcon service=%s cnum=%d\n",
624 service, conn->cnum));
626 END_PROFILE(SMBtcon);
630 /****************************************************************************
631 Reply to a tcon and X.
632 conn POINTER CAN BE NULL HERE !
633 ****************************************************************************/
635 int reply_tcon_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
640 /* what the cleint thinks the device is */
641 fstring client_devicetype;
642 /* what the server tells the client the share represents */
643 const char *server_devicetype;
645 uint16 vuid = SVAL(inbuf,smb_uid);
646 int passlen = SVAL(inbuf,smb_vwv3);
650 START_PROFILE(SMBtconX);
652 *service = *client_devicetype = 0;
654 /* we might have to close an old one */
655 if ((SVAL(inbuf,smb_vwv2) & 0x1) && conn) {
656 close_cnum(conn,vuid);
659 if (passlen > MAX_PASS_LEN) {
660 return ERROR_DOS(ERRDOS,ERRbuftoosmall);
663 if (global_encrypted_passwords_negotiated) {
664 password = data_blob(smb_buf(inbuf),passlen);
666 password = data_blob(smb_buf(inbuf),passlen+1);
667 /* Ensure correct termination */
668 password.data[passlen]=0;
671 p = smb_buf(inbuf) + passlen;
672 p += srvstr_pull_buf(inbuf, path, p, sizeof(path), STR_TERMINATE);
675 * the service name can be either: \\server\share
676 * or share directly like on the DELL PowerVault 705
679 q = strchr_m(path+2,'\\');
681 END_PROFILE(SMBtconX);
682 return(ERROR_DOS(ERRDOS,ERRnosuchshare));
684 fstrcpy(service,q+1);
687 fstrcpy(service,path);
689 p += srvstr_pull(inbuf, client_devicetype, p, sizeof(client_devicetype), 6, STR_ASCII);
691 DEBUG(4,("Client requested device type [%s] for share [%s]\n", client_devicetype, service));
693 conn = make_connection(service,password,client_devicetype,vuid,&nt_status);
695 data_blob_clear_free(&password);
698 END_PROFILE(SMBtconX);
699 return ERROR_NT(nt_status);
703 server_devicetype = "IPC";
704 else if ( IS_PRINT(conn) )
705 server_devicetype = "LPT1:";
707 server_devicetype = "A:";
709 if (Protocol < PROTOCOL_NT1) {
710 set_message(outbuf,2,0,True);
712 p += srvstr_push(outbuf, p, server_devicetype, -1,
713 STR_TERMINATE|STR_ASCII);
714 set_message_end(outbuf,p);
716 /* NT sets the fstype of IPC$ to the null string */
717 const char *fstype = IS_IPC(conn) ? "" : lp_fstype(SNUM(conn));
719 set_message(outbuf,3,0,True);
722 p += srvstr_push(outbuf, p, server_devicetype, -1,
723 STR_TERMINATE|STR_ASCII);
724 p += srvstr_push(outbuf, p, fstype, -1,
727 set_message_end(outbuf,p);
729 /* what does setting this bit do? It is set by NT4 and
730 may affect the ability to autorun mounted cdroms */
731 SSVAL(outbuf, smb_vwv2, SMB_SUPPORT_SEARCH_BITS|
732 (lp_csc_policy(SNUM(conn)) << 2));
734 init_dfsroot(conn, inbuf, outbuf);
738 DEBUG(3,("tconX service=%s \n",
741 /* set the incoming and outgoing tid to the just created one */
742 SSVAL(inbuf,smb_tid,conn->cnum);
743 SSVAL(outbuf,smb_tid,conn->cnum);
745 END_PROFILE(SMBtconX);
746 return chain_reply(inbuf,outbuf,length,bufsize);
749 /****************************************************************************
750 Reply to an unknown type.
751 ****************************************************************************/
753 int reply_unknown(char *inbuf,char *outbuf)
756 type = CVAL(inbuf,smb_com);
758 DEBUG(0,("unknown command type (%s): type=%d (0x%X)\n",
759 smb_fn_name(type), type, type));
761 return(ERROR_DOS(ERRSRV,ERRunknownsmb));
764 /****************************************************************************
766 conn POINTER CAN BE NULL HERE !
767 ****************************************************************************/
769 int reply_ioctl(connection_struct *conn,
770 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
772 uint16 device = SVAL(inbuf,smb_vwv1);
773 uint16 function = SVAL(inbuf,smb_vwv2);
774 uint32 ioctl_code = (device << 16) + function;
775 int replysize, outsize;
777 START_PROFILE(SMBioctl);
779 DEBUG(4, ("Received IOCTL (code 0x%x)\n", ioctl_code));
781 switch (ioctl_code) {
782 case IOCTL_QUERY_JOB_INFO:
786 END_PROFILE(SMBioctl);
787 return(ERROR_DOS(ERRSRV,ERRnosupport));
790 outsize = set_message(outbuf,8,replysize+1,True);
791 SSVAL(outbuf,smb_vwv1,replysize); /* Total data bytes returned */
792 SSVAL(outbuf,smb_vwv5,replysize); /* Data bytes this buffer */
793 SSVAL(outbuf,smb_vwv6,52); /* Offset to data */
794 p = smb_buf(outbuf) + 1; /* Allow for alignment */
796 switch (ioctl_code) {
797 case IOCTL_QUERY_JOB_INFO:
799 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
801 END_PROFILE(SMBioctl);
802 return(UNIXERROR(ERRDOS,ERRbadfid));
804 SSVAL(p,0,fsp->rap_print_jobid); /* Job number */
805 srvstr_push(outbuf, p+2, global_myname(), 15, STR_TERMINATE|STR_ASCII);
807 srvstr_push(outbuf, p+18, lp_servicename(SNUM(conn)), 13, STR_TERMINATE|STR_ASCII);
813 END_PROFILE(SMBioctl);
817 /****************************************************************************
819 ****************************************************************************/
821 int reply_chkpth(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
826 BOOL bad_path = False;
827 SMB_STRUCT_STAT sbuf;
830 START_PROFILE(SMBchkpth);
832 srvstr_get_path(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status);
833 if (!NT_STATUS_IS_OK(status)) {
834 END_PROFILE(SMBchkpth);
836 /* Strange DOS error code semantics only for chkpth... */
837 if (!(SVAL(inbuf,smb_flg2) & FLAGS2_32_BIT_ERROR_CODES)) {
838 if (NT_STATUS_EQUAL(NT_STATUS_OBJECT_NAME_INVALID,status)) {
839 /* We need to map to ERRbadpath */
840 status = NT_STATUS_OBJECT_PATH_NOT_FOUND;
843 return ERROR_NT(status);
846 RESOLVE_DFSPATH(name, conn, inbuf, outbuf);
848 unix_convert(name,conn,0,&bad_path,&sbuf);
850 END_PROFILE(SMBchkpth);
851 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
854 if (check_name(name,conn)) {
855 if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,name,&sbuf) == 0)
856 if (!(ok = S_ISDIR(sbuf.st_mode))) {
857 END_PROFILE(SMBchkpth);
858 return ERROR_BOTH(NT_STATUS_NOT_A_DIRECTORY,ERRDOS,ERRbadpath);
863 /* We special case this - as when a Windows machine
864 is parsing a path is steps through the components
865 one at a time - if a component fails it expects
866 ERRbadpath, not ERRbadfile.
868 if(errno == ENOENT) {
870 * Windows returns different error codes if
871 * the parent directory is valid but not the
872 * last component - it returns NT_STATUS_OBJECT_NAME_NOT_FOUND
873 * for that case and NT_STATUS_OBJECT_PATH_NOT_FOUND
874 * if the path is invalid. This is different from set_bad_path_error()
875 * in the non-NT error case.
877 END_PROFILE(SMBchkpth);
878 return ERROR_BOTH(NT_STATUS_OBJECT_NAME_NOT_FOUND,ERRDOS,ERRbadpath);
881 END_PROFILE(SMBchkpth);
882 return(UNIXERROR(ERRDOS,ERRbadpath));
885 outsize = set_message(outbuf,0,0,False);
886 DEBUG(3,("chkpth %s mode=%d\n", name, (int)SVAL(inbuf,smb_vwv0)));
888 END_PROFILE(SMBchkpth);
892 /****************************************************************************
894 ****************************************************************************/
896 int reply_getatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
900 SMB_STRUCT_STAT sbuf;
905 BOOL bad_path = False;
909 START_PROFILE(SMBgetatr);
911 p = smb_buf(inbuf) + 1;
912 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
913 if (!NT_STATUS_IS_OK(status)) {
914 END_PROFILE(SMBgetatr);
915 return ERROR_NT(status);
918 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
920 /* dos smetimes asks for a stat of "" - it returns a "hidden directory"
921 under WfWg - weird! */
923 mode = aHIDDEN | aDIR;
924 if (!CAN_WRITE(conn))
930 unix_convert(fname,conn,0,&bad_path,&sbuf);
932 END_PROFILE(SMBgetatr);
933 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
935 if (check_name(fname,conn)) {
936 if (VALID_STAT(sbuf) || SMB_VFS_STAT(conn,fname,&sbuf) == 0) {
937 mode = dos_mode(conn,fname,&sbuf);
939 mtime = sbuf.st_mtime;
944 DEBUG(3,("stat of %s failed (%s)\n",fname,strerror(errno)));
950 END_PROFILE(SMBgetatr);
951 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadfile);
954 outsize = set_message(outbuf,10,0,True);
956 SSVAL(outbuf,smb_vwv0,mode);
957 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
958 srv_put_dos_date3(outbuf,smb_vwv1,mtime & ~1);
960 srv_put_dos_date3(outbuf,smb_vwv1,mtime);
962 SIVAL(outbuf,smb_vwv3,(uint32)size);
964 if (Protocol >= PROTOCOL_NT1) {
965 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) | FLAGS2_IS_LONG_NAME);
968 DEBUG( 3, ( "getatr name=%s mode=%d size=%d\n", fname, mode, (uint32)size ) );
970 END_PROFILE(SMBgetatr);
974 /****************************************************************************
976 ****************************************************************************/
978 int reply_setatr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
985 SMB_STRUCT_STAT sbuf;
986 BOOL bad_path = False;
990 START_PROFILE(SMBsetatr);
992 p = smb_buf(inbuf) + 1;
993 p += srvstr_get_path(inbuf, fname, p, sizeof(fname), 0, STR_TERMINATE, &status);
994 if (!NT_STATUS_IS_OK(status)) {
995 END_PROFILE(SMBsetatr);
996 return ERROR_NT(status);
999 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1001 unix_convert(fname,conn,0,&bad_path,&sbuf);
1003 END_PROFILE(SMBsetatr);
1004 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1007 mode = SVAL(inbuf,smb_vwv0);
1008 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
1010 if (mode != FILE_ATTRIBUTE_NORMAL) {
1011 if (VALID_STAT_OF_DIR(sbuf))
1016 if (check_name(fname,conn)) {
1017 ok = (file_set_dosmode(conn,fname,mode,&sbuf,False) == 0);
1024 ok = set_filetime(conn,fname,mtime);
1027 END_PROFILE(SMBsetatr);
1028 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnoaccess);
1031 outsize = set_message(outbuf,0,0,False);
1033 DEBUG( 3, ( "setatr name=%s mode=%d\n", fname, mode ) );
1035 END_PROFILE(SMBsetatr);
1039 /****************************************************************************
1041 ****************************************************************************/
1043 int reply_dskattr(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1046 SMB_BIG_UINT dfree,dsize,bsize;
1047 START_PROFILE(SMBdskattr);
1049 if (get_dfree_info(conn,".",True,&bsize,&dfree,&dsize) == (SMB_BIG_UINT)-1) {
1050 END_PROFILE(SMBdskattr);
1051 return(UNIXERROR(ERRHRD,ERRgeneral));
1054 outsize = set_message(outbuf,5,0,True);
1056 if (Protocol <= PROTOCOL_LANMAN2) {
1057 double total_space, free_space;
1058 /* we need to scale this to a number that DOS6 can handle. We
1059 use floating point so we can handle large drives on systems
1060 that don't have 64 bit integers
1062 we end up displaying a maximum of 2G to DOS systems
1064 total_space = dsize * (double)bsize;
1065 free_space = dfree * (double)bsize;
1067 dsize = (total_space+63*512) / (64*512);
1068 dfree = (free_space+63*512) / (64*512);
1070 if (dsize > 0xFFFF) dsize = 0xFFFF;
1071 if (dfree > 0xFFFF) dfree = 0xFFFF;
1073 SSVAL(outbuf,smb_vwv0,dsize);
1074 SSVAL(outbuf,smb_vwv1,64); /* this must be 64 for dos systems */
1075 SSVAL(outbuf,smb_vwv2,512); /* and this must be 512 */
1076 SSVAL(outbuf,smb_vwv3,dfree);
1078 SSVAL(outbuf,smb_vwv0,dsize);
1079 SSVAL(outbuf,smb_vwv1,bsize/512);
1080 SSVAL(outbuf,smb_vwv2,512);
1081 SSVAL(outbuf,smb_vwv3,dfree);
1084 DEBUG(3,("dskattr dfree=%d\n", (unsigned int)dfree));
1086 END_PROFILE(SMBdskattr);
1090 /****************************************************************************
1092 Can be called from SMBsearch, SMBffirst or SMBfunique.
1093 ****************************************************************************/
1095 int reply_search(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1105 unsigned int numentries = 0;
1106 unsigned int maxentries = 0;
1107 BOOL finished = False;
1114 BOOL check_descend = False;
1115 BOOL expect_close = False;
1116 BOOL can_open = True;
1117 BOOL bad_path = False;
1119 BOOL mask_contains_wcard = False;
1120 BOOL allow_long_path_components = (SVAL(inbuf,smb_flg2) & FLAGS2_LONG_PATH_COMPONENTS) ? True : False;
1122 START_PROFILE(SMBsearch);
1124 if (lp_posix_pathnames()) {
1125 END_PROFILE(SMBsearch);
1126 return reply_unknown(inbuf, outbuf);
1129 *mask = *directory = *fname = 0;
1131 /* If we were called as SMBffirst then we must expect close. */
1132 if(CVAL(inbuf,smb_com) == SMBffirst)
1133 expect_close = True;
1135 outsize = set_message(outbuf,1,3,True);
1136 maxentries = SVAL(inbuf,smb_vwv0);
1137 dirtype = SVAL(inbuf,smb_vwv1);
1138 p = smb_buf(inbuf) + 1;
1139 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &nt_status, &mask_contains_wcard);
1140 if (!NT_STATUS_IS_OK(nt_status)) {
1141 END_PROFILE(SMBsearch);
1142 return ERROR_NT(nt_status);
1145 RESOLVE_DFSPATH_WCARD(path, conn, inbuf, outbuf);
1148 status_len = SVAL(p, 0);
1151 /* dirtype &= ~aDIR; */
1153 if (status_len == 0) {
1154 SMB_STRUCT_STAT sbuf;
1157 pstrcpy(directory,path);
1159 unix_convert(directory,conn,0,&bad_path,&sbuf);
1162 if (!check_name(directory,conn))
1165 p = strrchr_m(dir2,'/');
1174 p = strrchr_m(directory,'/');
1180 if (strlen(directory) == 0)
1181 pstrcpy(directory,".");
1182 memset((char *)status,'\0',21);
1183 SCVAL(status,0,(dirtype & 0x1F));
1187 memcpy(status,p,21);
1188 status_dirtype = CVAL(status,0) & 0x1F;
1189 if (status_dirtype != (dirtype & 0x1F))
1190 dirtype = status_dirtype;
1192 conn->dirptr = dptr_fetch(status+12,&dptr_num);
1195 string_set(&conn->dirpath,dptr_path(dptr_num));
1196 pstrcpy(mask, dptr_wcard(dptr_num));
1200 p = smb_buf(outbuf) + 3;
1203 if (status_len == 0) {
1204 dptr_num = dptr_create(conn,directory,True,expect_close,SVAL(inbuf,smb_pid), mask, mask_contains_wcard, dirtype);
1206 if(dptr_num == -2) {
1207 END_PROFILE(SMBsearch);
1208 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRnofids);
1210 END_PROFILE(SMBsearch);
1211 return ERROR_DOS(ERRDOS,ERRnofids);
1214 dirtype = dptr_attr(dptr_num);
1217 DEBUG(4,("dptr_num is %d\n",dptr_num));
1220 if ((dirtype&0x1F) == aVOLID) {
1221 memcpy(p,status,21);
1222 make_dir_struct(p,"???????????",volume_label(SNUM(conn)),
1223 0,aVOLID,0,!allow_long_path_components);
1224 dptr_fill(p+12,dptr_num);
1225 if (dptr_zero(p+12) && (status_len==0))
1229 p += DIR_STRUCT_SIZE;
1232 maxentries = MIN(maxentries, ((BUFFER_SIZE - (p - outbuf))/DIR_STRUCT_SIZE));
1234 DEBUG(8,("dirpath=<%s> dontdescend=<%s>\n",
1235 conn->dirpath,lp_dontdescend(SNUM(conn))));
1236 if (in_list(conn->dirpath, lp_dontdescend(SNUM(conn)),True))
1237 check_descend = True;
1239 for (i=numentries;(i<maxentries) && !finished;i++) {
1240 finished = !get_dir_entry(conn,mask,dirtype,fname,&size,&mode,&date,check_descend);
1242 memcpy(p,status,21);
1243 make_dir_struct(p,mask,fname,size, mode,date,
1244 !allow_long_path_components);
1245 if (!dptr_fill(p+12,dptr_num)) {
1249 p += DIR_STRUCT_SIZE;
1259 /* If we were called as SMBffirst with smb_search_id == NULL
1260 and no entries were found then return error and close dirptr
1263 if (numentries == 0 || !ok) {
1264 dptr_close(&dptr_num);
1265 } else if(ok && expect_close && status_len == 0) {
1266 /* Close the dptr - we know it's gone */
1267 dptr_close(&dptr_num);
1270 /* If we were called as SMBfunique, then we can close the dirptr now ! */
1271 if(dptr_num >= 0 && CVAL(inbuf,smb_com) == SMBfunique) {
1272 dptr_close(&dptr_num);
1275 if ((numentries == 0) && !mask_contains_wcard) {
1276 return ERROR_BOTH(STATUS_NO_MORE_FILES,ERRDOS,ERRnofiles);
1279 SSVAL(outbuf,smb_vwv0,numentries);
1280 SSVAL(outbuf,smb_vwv1,3 + numentries * DIR_STRUCT_SIZE);
1281 SCVAL(smb_buf(outbuf),0,5);
1282 SSVAL(smb_buf(outbuf),1,numentries*DIR_STRUCT_SIZE);
1284 /* The replies here are never long name. */
1285 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_IS_LONG_NAME));
1286 if (!allow_long_path_components) {
1287 SSVAL(outbuf,smb_flg2,SVAL(outbuf, smb_flg2) & (~FLAGS2_LONG_PATH_COMPONENTS));
1290 /* This SMB *always* returns ASCII names. Remove the unicode bit in flags2. */
1291 SSVAL(outbuf,smb_flg2, (SVAL(outbuf, smb_flg2) & (~FLAGS2_UNICODE_STRINGS)));
1293 outsize += DIR_STRUCT_SIZE*numentries;
1294 smb_setlen(outbuf,outsize - 4);
1296 if ((! *directory) && dptr_path(dptr_num))
1297 slprintf(directory, sizeof(directory)-1, "(%s)",dptr_path(dptr_num));
1299 DEBUG( 4, ( "%s mask=%s path=%s dtype=%d nument=%u of %u\n",
1300 smb_fn_name(CVAL(inbuf,smb_com)),
1301 mask, directory, dirtype, numentries, maxentries ) );
1303 END_PROFILE(SMBsearch);
1307 /****************************************************************************
1308 Reply to a fclose (stop directory search).
1309 ****************************************************************************/
1311 int reply_fclose(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1320 BOOL path_contains_wcard = False;
1322 START_PROFILE(SMBfclose);
1324 if (lp_posix_pathnames()) {
1325 END_PROFILE(SMBfclose);
1326 return reply_unknown(inbuf, outbuf);
1329 outsize = set_message(outbuf,1,0,True);
1330 p = smb_buf(inbuf) + 1;
1331 p += srvstr_get_path_wcard(inbuf, path, p, sizeof(path), 0, STR_TERMINATE, &err, &path_contains_wcard);
1332 if (!NT_STATUS_IS_OK(err)) {
1333 END_PROFILE(SMBfclose);
1334 return ERROR_NT(err);
1337 status_len = SVAL(p,0);
1340 if (status_len == 0) {
1341 END_PROFILE(SMBfclose);
1342 return ERROR_DOS(ERRSRV,ERRsrverror);
1345 memcpy(status,p,21);
1347 if(dptr_fetch(status+12,&dptr_num)) {
1348 /* Close the dptr - we know it's gone */
1349 dptr_close(&dptr_num);
1352 SSVAL(outbuf,smb_vwv0,0);
1354 DEBUG(3,("search close\n"));
1356 END_PROFILE(SMBfclose);
1360 /****************************************************************************
1362 ****************************************************************************/
1364 int reply_open(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1372 SMB_STRUCT_STAT sbuf;
1373 BOOL bad_path = False;
1375 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1377 uint32 dos_attr = SVAL(inbuf,smb_vwv1);
1380 uint32 create_disposition;
1381 uint32 create_options = 0;
1383 START_PROFILE(SMBopen);
1385 deny_mode = SVAL(inbuf,smb_vwv0);
1387 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1388 if (!NT_STATUS_IS_OK(status)) {
1389 END_PROFILE(SMBopen);
1390 return ERROR_NT(status);
1393 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1395 unix_convert(fname,conn,0,&bad_path,&sbuf);
1397 END_PROFILE(SMBopen);
1398 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1401 if (!map_open_params_to_ntcreate(fname, deny_mode, OPENX_FILE_EXISTS_OPEN,
1402 &access_mask, &share_mode, &create_disposition, &create_options)) {
1403 END_PROFILE(SMBopen);
1404 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1407 status = open_file_ntcreate(conn,fname,&sbuf,
1416 if (!NT_STATUS_IS_OK(status)) {
1417 END_PROFILE(SMBopen);
1418 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1419 /* We have re-scheduled this call. */
1422 return ERROR_NT(status);
1425 size = sbuf.st_size;
1426 fattr = dos_mode(conn,fname,&sbuf);
1427 mtime = sbuf.st_mtime;
1430 DEBUG(3,("attempt to open a directory %s\n",fname));
1431 close_file(fsp,ERROR_CLOSE);
1432 END_PROFILE(SMBopen);
1433 return ERROR_DOS(ERRDOS,ERRnoaccess);
1436 outsize = set_message(outbuf,7,0,True);
1437 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1438 SSVAL(outbuf,smb_vwv1,fattr);
1439 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1440 srv_put_dos_date3(outbuf,smb_vwv2,mtime & ~1);
1442 srv_put_dos_date3(outbuf,smb_vwv2,mtime);
1444 SIVAL(outbuf,smb_vwv4,(uint32)size);
1445 SSVAL(outbuf,smb_vwv6,deny_mode);
1447 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1448 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1451 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1452 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1454 END_PROFILE(SMBopen);
1458 /****************************************************************************
1459 Reply to an open and X.
1460 ****************************************************************************/
1462 int reply_open_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1465 uint16 open_flags = SVAL(inbuf,smb_vwv2);
1466 int deny_mode = SVAL(inbuf,smb_vwv3);
1467 uint32 smb_attr = SVAL(inbuf,smb_vwv5);
1468 /* Breakout the oplock request bits so we can set the
1469 reply bits separately. */
1470 int ex_oplock_request = EXTENDED_OPLOCK_REQUEST(inbuf);
1471 int core_oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1472 int oplock_request = ex_oplock_request | core_oplock_request;
1474 int smb_sattr = SVAL(inbuf,smb_vwv4);
1475 uint32 smb_time = make_unix_date3(inbuf+smb_vwv6);
1477 int smb_ofun = SVAL(inbuf,smb_vwv8);
1481 SMB_STRUCT_STAT sbuf;
1483 BOOL bad_path = False;
1486 SMB_BIG_UINT allocation_size = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv9);
1487 ssize_t retval = -1;
1490 uint32 create_disposition;
1491 uint32 create_options = 0;
1493 START_PROFILE(SMBopenX);
1495 /* If it's an IPC, pass off the pipe handler. */
1497 if (lp_nt_pipe_support()) {
1498 END_PROFILE(SMBopenX);
1499 return reply_open_pipe_and_X(conn, inbuf,outbuf,length,bufsize);
1501 END_PROFILE(SMBopenX);
1502 return ERROR_DOS(ERRSRV,ERRaccess);
1506 /* XXXX we need to handle passed times, sattr and flags */
1507 srvstr_get_path(inbuf, fname, smb_buf(inbuf), sizeof(fname), 0, STR_TERMINATE, &status);
1508 if (!NT_STATUS_IS_OK(status)) {
1509 END_PROFILE(SMBopenX);
1510 return ERROR_NT(status);
1513 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1515 unix_convert(fname,conn,0,&bad_path,&sbuf);
1517 END_PROFILE(SMBopenX);
1518 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1521 if (!map_open_params_to_ntcreate(fname, deny_mode, smb_ofun,
1524 &create_disposition,
1526 END_PROFILE(SMBopenX);
1527 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRbadaccess));
1530 status = open_file_ntcreate(conn,fname,&sbuf,
1539 if (!NT_STATUS_IS_OK(status)) {
1540 END_PROFILE(SMBopenX);
1541 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1542 /* We have re-scheduled this call. */
1545 return ERROR_NT(status);
1548 size = sbuf.st_size;
1550 /* Setting the "size" field in vwv9 and vwv10 causes the file to be set to this size,
1551 if the file is truncated or created. */
1552 if (((smb_action == FILE_WAS_CREATED) || (smb_action == FILE_WAS_OVERWRITTEN)) && allocation_size) {
1553 fsp->initial_allocation_size = smb_roundup(fsp->conn, allocation_size);
1554 if (vfs_allocate_file_space(fsp, fsp->initial_allocation_size) == -1) {
1555 close_file(fsp,ERROR_CLOSE);
1556 END_PROFILE(SMBopenX);
1557 return ERROR_NT(NT_STATUS_DISK_FULL);
1559 retval = vfs_set_filelen(fsp, (SMB_OFF_T)allocation_size);
1561 close_file(fsp,ERROR_CLOSE);
1562 END_PROFILE(SMBopenX);
1563 return ERROR_NT(NT_STATUS_DISK_FULL);
1565 size = get_allocation_size(conn,fsp,&sbuf);
1568 fattr = dos_mode(conn,fname,&sbuf);
1569 mtime = sbuf.st_mtime;
1571 close_file(fsp,ERROR_CLOSE);
1572 END_PROFILE(SMBopenX);
1573 return ERROR_DOS(ERRDOS,ERRnoaccess);
1576 /* If the caller set the extended oplock request bit
1577 and we granted one (by whatever means) - set the
1578 correct bit for extended oplock reply.
1581 if (ex_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1582 smb_action |= EXTENDED_OPLOCK_GRANTED;
1585 if(ex_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1586 smb_action |= EXTENDED_OPLOCK_GRANTED;
1589 /* If the caller set the core oplock request bit
1590 and we granted one (by whatever means) - set the
1591 correct bit for core oplock reply.
1594 if (core_oplock_request && lp_fake_oplocks(SNUM(conn))) {
1595 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1598 if(core_oplock_request && EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1599 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1602 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1603 set_message(outbuf,19,0,True);
1605 set_message(outbuf,15,0,True);
1607 SSVAL(outbuf,smb_vwv2,fsp->fnum);
1608 SSVAL(outbuf,smb_vwv3,fattr);
1609 if(lp_dos_filetime_resolution(SNUM(conn)) ) {
1610 srv_put_dos_date3(outbuf,smb_vwv4,mtime & ~1);
1612 srv_put_dos_date3(outbuf,smb_vwv4,mtime);
1614 SIVAL(outbuf,smb_vwv6,(uint32)size);
1615 SSVAL(outbuf,smb_vwv8,GET_OPENX_MODE(deny_mode));
1616 SSVAL(outbuf,smb_vwv11,smb_action);
1618 if (open_flags & EXTENDED_RESPONSE_REQUIRED) {
1619 SIVAL(outbuf, smb_vwv15, STD_RIGHT_ALL_ACCESS);
1622 END_PROFILE(SMBopenX);
1623 return chain_reply(inbuf,outbuf,length,bufsize);
1626 /****************************************************************************
1627 Reply to a SMBulogoffX.
1628 conn POINTER CAN BE NULL HERE !
1629 ****************************************************************************/
1631 int reply_ulogoffX(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
1633 uint16 vuid = SVAL(inbuf,smb_uid);
1634 user_struct *vuser = get_valid_user_struct(vuid);
1635 START_PROFILE(SMBulogoffX);
1638 DEBUG(3,("ulogoff, vuser id %d does not map to user.\n", vuid));
1640 /* in user level security we are supposed to close any files
1641 open by this user */
1642 if ((vuser != 0) && (lp_security() != SEC_SHARE))
1643 file_close_user(vuid);
1645 invalidate_vuid(vuid);
1647 set_message(outbuf,2,0,True);
1649 DEBUG( 3, ( "ulogoffX vuid=%d\n", vuid ) );
1651 END_PROFILE(SMBulogoffX);
1652 return chain_reply(inbuf,outbuf,length,bufsize);
1655 /****************************************************************************
1656 Reply to a mknew or a create.
1657 ****************************************************************************/
1659 int reply_mknew(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1664 uint32 fattr = SVAL(inbuf,smb_vwv0);
1665 BOOL bad_path = False;
1667 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1668 SMB_STRUCT_STAT sbuf;
1670 uint32 access_mask = FILE_GENERIC_READ | FILE_GENERIC_WRITE;
1671 uint32 share_mode = FILE_SHARE_READ|FILE_SHARE_WRITE;
1672 uint32 create_disposition;
1673 uint32 create_options = 0;
1675 START_PROFILE(SMBcreate);
1677 com = SVAL(inbuf,smb_com);
1679 srvstr_get_path(inbuf, fname, smb_buf(inbuf) + 1, sizeof(fname), 0, STR_TERMINATE, &status);
1680 if (!NT_STATUS_IS_OK(status)) {
1681 END_PROFILE(SMBcreate);
1682 return ERROR_NT(status);
1685 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1687 unix_convert(fname,conn,0,&bad_path,&sbuf);
1689 END_PROFILE(SMBcreate);
1690 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1693 if (fattr & aVOLID) {
1694 DEBUG(0,("Attempt to create file (%s) with volid set - please report this\n",fname));
1697 if(com == SMBmknew) {
1698 /* We should fail if file exists. */
1699 create_disposition = FILE_CREATE;
1701 /* Create if file doesn't exist, truncate if it does. */
1702 create_disposition = FILE_OVERWRITE_IF;
1705 /* Open file using ntcreate. */
1706 status = open_file_ntcreate(conn,fname,&sbuf,
1715 if (!NT_STATUS_IS_OK(status)) {
1716 END_PROFILE(SMBcreate);
1717 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1718 /* We have re-scheduled this call. */
1721 return ERROR_NT(status);
1724 outsize = set_message(outbuf,1,0,True);
1725 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1727 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1728 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1731 if(EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1732 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1735 DEBUG( 2, ( "reply_mknew: file %s\n", fname ) );
1736 DEBUG( 3, ( "reply_mknew %s fd=%d dmode=0x%x\n", fname, fsp->fh->fd, (unsigned int)fattr ) );
1738 END_PROFILE(SMBcreate);
1742 /****************************************************************************
1743 Reply to a create temporary file.
1744 ****************************************************************************/
1746 int reply_ctemp(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
1750 uint32 fattr = SVAL(inbuf,smb_vwv0);
1751 BOOL bad_path = False;
1753 int oplock_request = CORE_OPLOCK_REQUEST(inbuf);
1755 SMB_STRUCT_STAT sbuf;
1758 unsigned int namelen;
1760 START_PROFILE(SMBctemp);
1762 srvstr_get_path(inbuf, fname, smb_buf(inbuf)+1, sizeof(fname), 0, STR_TERMINATE, &status);
1763 if (!NT_STATUS_IS_OK(status)) {
1764 END_PROFILE(SMBctemp);
1765 return ERROR_NT(status);
1768 pstrcat(fname,"/TMXXXXXX");
1770 pstrcat(fname,"TMXXXXXX");
1773 RESOLVE_DFSPATH(fname, conn, inbuf, outbuf);
1775 unix_convert(fname,conn,0,&bad_path,&sbuf);
1777 END_PROFILE(SMBctemp);
1778 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
1781 tmpfd = smb_mkstemp(fname);
1783 END_PROFILE(SMBctemp);
1784 return(UNIXERROR(ERRDOS,ERRnoaccess));
1787 SMB_VFS_STAT(conn,fname,&sbuf);
1789 /* We should fail if file does not exist. */
1790 status = open_file_ntcreate(conn,fname,&sbuf,
1791 FILE_GENERIC_READ | FILE_GENERIC_WRITE,
1792 FILE_SHARE_READ|FILE_SHARE_WRITE,
1799 /* close fd from smb_mkstemp() */
1802 if (!NT_STATUS_IS_OK(status)) {
1803 END_PROFILE(SMBctemp);
1804 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
1805 /* We have re-scheduled this call. */
1808 return ERROR_NT(status);
1811 outsize = set_message(outbuf,1,0,True);
1812 SSVAL(outbuf,smb_vwv0,fsp->fnum);
1814 /* the returned filename is relative to the directory */
1815 s = strrchr_m(fname, '/');
1822 p = smb_buf(outbuf);
1824 /* Tested vs W2K3 - this doesn't seem to be here - null terminated filename is the only
1825 thing in the byte section. JRA */
1826 SSVALS(p, 0, -1); /* what is this? not in spec */
1828 namelen = srvstr_push(outbuf, p, s, -1, STR_ASCII|STR_TERMINATE);
1830 outsize = set_message_end(outbuf, p);
1832 if (oplock_request && lp_fake_oplocks(SNUM(conn))) {
1833 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1836 if (EXCLUSIVE_OPLOCK_TYPE(fsp->oplock_type)) {
1837 SCVAL(outbuf,smb_flg,CVAL(outbuf,smb_flg)|CORE_OPLOCK_GRANTED);
1840 DEBUG( 2, ( "reply_ctemp: created temp file %s\n", fname ) );
1841 DEBUG( 3, ( "reply_ctemp %s fd=%d umode=0%o\n", fname, fsp->fh->fd,
1842 (unsigned int)sbuf.st_mode ) );
1844 END_PROFILE(SMBctemp);
1848 /*******************************************************************
1849 Check if a user is allowed to rename a file.
1850 ********************************************************************/
1852 static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst)
1858 if (!CAN_WRITE(conn)) {
1859 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1862 fmode = dos_mode(conn,fname,pst);
1863 if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1864 return NT_STATUS_NO_SUCH_FILE;
1867 if (S_ISDIR(pst->st_mode)) {
1868 return NT_STATUS_OK;
1871 status = open_file_ntcreate(conn, fname, pst,
1873 FILE_SHARE_READ|FILE_SHARE_WRITE,
1876 FILE_ATTRIBUTE_NORMAL,
1880 if (!NT_STATUS_IS_OK(status)) {
1881 return NT_STATUS_ACCESS_DENIED;
1883 close_file(fsp,NORMAL_CLOSE);
1884 return NT_STATUS_OK;
1887 /*******************************************************************
1888 Check if a user is allowed to delete a file.
1889 ********************************************************************/
1891 NTSTATUS can_delete(connection_struct *conn, char *fname, uint32 dirtype, BOOL bad_path, BOOL check_is_at_open)
1893 SMB_STRUCT_STAT sbuf;
1898 DEBUG(10,("can_delete: %s, dirtype = %d\n", fname, dirtype ));
1900 if (!CAN_WRITE(conn)) {
1901 return NT_STATUS_MEDIA_WRITE_PROTECTED;
1904 if (SMB_VFS_LSTAT(conn,fname,&sbuf) != 0) {
1905 if(errno == ENOENT) {
1907 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
1909 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
1912 return map_nt_error_from_unix(errno);
1915 fattr = dos_mode(conn,fname,&sbuf);
1917 /* Can't delete a directory. */
1919 return NT_STATUS_FILE_IS_A_DIRECTORY;
1923 else if (dirtype & aDIR) /* Asked for a directory and it isn't. */
1924 return NT_STATUS_OBJECT_NAME_INVALID;
1925 #endif /* JRATEST */
1927 /* Fix for bug #3035 from SATOH Fumiyasu <fumiyas@miraclelinux.com>
1929 On a Windows share, a file with read-only dosmode can be opened with
1930 DELETE_ACCESS. But on a Samba share (delete readonly = no), it
1931 fails with NT_STATUS_CANNOT_DELETE error.
1933 This semantic causes a problem that a user can not
1934 rename a file with read-only dosmode on a Samba share
1935 from a Windows command prompt (i.e. cmd.exe, but can rename
1936 from Windows Explorer).
1939 if (!check_is_at_open && !lp_delete_readonly(SNUM(conn))) {
1940 if (fattr & aRONLY) {
1941 return NT_STATUS_CANNOT_DELETE;
1944 if ((fattr & ~dirtype) & (aHIDDEN | aSYSTEM)) {
1945 return NT_STATUS_NO_SUCH_FILE;
1948 if (check_is_at_open) {
1949 if (!can_delete_file_in_directory(conn, fname)) {
1950 return NT_STATUS_ACCESS_DENIED;
1953 /* On open checks the open itself will check the share mode, so
1954 don't do it here as we'll get it wrong. */
1956 status = open_file_ntcreate(conn, fname, &sbuf,
1961 FILE_ATTRIBUTE_NORMAL,
1965 if (!NT_STATUS_IS_OK(status)) {
1968 close_file(fsp,NORMAL_CLOSE);
1970 return NT_STATUS_OK;
1973 /****************************************************************************
1974 The guts of the unlink command, split out so it may be called by the NT SMB
1976 ****************************************************************************/
1978 NTSTATUS unlink_internals(connection_struct *conn, uint32 dirtype, char *name, BOOL has_wild)
1984 NTSTATUS error = NT_STATUS_OK;
1985 BOOL bad_path = False;
1987 SMB_STRUCT_STAT sbuf;
1989 *directory = *mask = 0;
1991 rc = unix_convert(name,conn,0,&bad_path,&sbuf);
1993 p = strrchr_m(name,'/');
1995 pstrcpy(directory,".");
1999 pstrcpy(directory,name);
2004 * We should only check the mangled cache
2005 * here if unix_convert failed. This means
2006 * that the path in 'mask' doesn't exist
2007 * on the file system and so we need to look
2008 * for a possible mangle. This patch from
2009 * Tine Smukavec <valentin.smukavec@hermes.si>.
2012 if (!rc && mangle_is_mangled(mask,conn->params))
2013 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
2016 pstrcat(directory,"/");
2017 pstrcat(directory,mask);
2018 error = can_delete(conn,directory,dirtype,bad_path,False);
2019 if (!NT_STATUS_IS_OK(error))
2022 if (SMB_VFS_UNLINK(conn,directory) == 0) {
2026 struct smb_Dir *dir_hnd = NULL;
2029 if (strequal(mask,"????????.???"))
2032 if (check_name(directory,conn))
2033 dir_hnd = OpenDir(conn, directory, mask, dirtype);
2035 /* XXXX the CIFS spec says that if bit0 of the flags2 field is set then
2036 the pattern matches against the long name, otherwise the short name
2037 We don't implement this yet XXXX
2042 error = NT_STATUS_NO_SUCH_FILE;
2044 while ((dname = ReadDirName(dir_hnd, &offset))) {
2047 BOOL sys_direntry = False;
2048 pstrcpy(fname,dname);
2050 if (!is_visible_file(conn, directory, dname, &st, True)) {
2054 /* Quick check for "." and ".." */
2055 if (fname[0] == '.') {
2056 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
2057 if ((dirtype & FILE_ATTRIBUTE_DIRECTORY) && (dirtype & FILE_ATTRIBUTE_SYSTEM)) {
2058 sys_direntry = True;
2065 if(!mask_match(fname, mask, conn->case_sensitive))
2069 error = NT_STATUS_OBJECT_NAME_INVALID;
2070 DEBUG(3,("unlink_internals: system directory delete denied [%s] mask [%s]\n",
2075 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
2076 error = can_delete(conn,fname,dirtype,bad_path,False);
2077 if (!NT_STATUS_IS_OK(error)) {
2080 if (SMB_VFS_UNLINK(conn,fname) == 0)
2082 DEBUG(3,("unlink_internals: succesful unlink [%s]\n",fname));
2088 if (count == 0 && NT_STATUS_IS_OK(error)) {
2089 error = map_nt_error_from_unix(errno);
2095 /****************************************************************************
2097 ****************************************************************************/
2099 int reply_unlink(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
2106 BOOL path_contains_wcard = False;
2108 START_PROFILE(SMBunlink);
2110 dirtype = SVAL(inbuf,smb_vwv0);
2112 srvstr_get_path_wcard(inbuf, name, smb_buf(inbuf) + 1, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
2113 if (!NT_STATUS_IS_OK(status)) {
2114 END_PROFILE(SMBunlink);
2115 return ERROR_NT(status);
2118 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
2120 DEBUG(3,("reply_unlink : %s\n",name));
2122 status = unlink_internals(conn, dirtype, name, path_contains_wcard);
2123 if (!NT_STATUS_IS_OK(status)) {
2124 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
2125 /* We have re-scheduled this call. */
2128 return ERROR_NT(status);
2132 * Win2k needs a changenotify request response before it will
2133 * update after a rename..
2135 process_pending_change_notify_queue((time_t)0);
2137 outsize = set_message(outbuf,0,0,False);
2139 END_PROFILE(SMBunlink);
2143 /****************************************************************************
2145 ****************************************************************************/
2147 static void fail_readraw(void)
2150 slprintf(errstr, sizeof(errstr)-1, "FAIL ! reply_readbraw: socket write fail (%s)",
2152 exit_server(errstr);
2155 #if defined(WITH_SENDFILE)
2156 /****************************************************************************
2157 Fake (read/write) sendfile. Returns -1 on read or write fail.
2158 ****************************************************************************/
2160 static ssize_t fake_sendfile(files_struct *fsp, SMB_OFF_T startpos, size_t nread, char *buf, int bufsize)
2164 /* Paranioa check... */
2165 if (nread > bufsize) {
2170 ret = read_file(fsp,buf,startpos,nread);
2176 /* If we had a short read, fill with zeros. */
2178 memset(buf, '\0', nread - ret);
2181 if (write_data(smbd_server_fd(),buf,nread) != nread) {
2185 return (ssize_t)nread;
2189 /****************************************************************************
2190 Use sendfile in readbraw.
2191 ****************************************************************************/
2193 void send_file_readbraw(connection_struct *conn, files_struct *fsp, SMB_OFF_T startpos, size_t nread,
2194 ssize_t mincount, char *outbuf, int out_buffsize)
2198 #if defined(WITH_SENDFILE)
2200 * We can only use sendfile on a non-chained packet
2201 * but we can use on a non-oplocked file. tridge proved this
2202 * on a train in Germany :-). JRA.
2203 * reply_readbraw has already checked the length.
2206 if ( (chain_size == 0) && (nread > 0) &&
2207 (fsp->wcp == NULL) && lp_use_sendfile(SNUM(conn)) ) {
2210 _smb_setlen(outbuf,nread);
2211 header.data = (uint8 *)outbuf;
2215 if ( SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, nread) == -1) {
2216 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2217 if (errno == ENOSYS) {
2218 goto normal_readbraw;
2222 * Special hack for broken Linux with no working sendfile. If we
2223 * return EINTR we sent the header but not the rest of the data.
2224 * Fake this up by doing read/write calls.
2226 if (errno == EINTR) {
2227 /* Ensure we don't do this again. */
2228 set_use_sendfile(SNUM(conn), False);
2229 DEBUG(0,("send_file_readbraw: sendfile not available. Faking..\n"));
2231 if (fake_sendfile(fsp, startpos, nread, outbuf + 4, out_buffsize - 4) == -1) {
2232 DEBUG(0,("send_file_readbraw: fake_sendfile failed for file %s (%s).\n",
2233 fsp->fsp_name, strerror(errno) ));
2234 exit_server("send_file_readbraw fake_sendfile failed");
2239 DEBUG(0,("send_file_readbraw: sendfile failed for file %s (%s). Terminating\n",
2240 fsp->fsp_name, strerror(errno) ));
2241 exit_server("send_file_readbraw sendfile failed");
2251 ret = read_file(fsp,outbuf+4,startpos,nread);
2252 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2261 _smb_setlen(outbuf,ret);
2262 if (write_data(smbd_server_fd(),outbuf,4+ret) != 4+ret)
2266 /****************************************************************************
2267 Reply to a readbraw (core+ protocol).
2268 ****************************************************************************/
2270 int reply_readbraw(connection_struct *conn, char *inbuf, char *outbuf, int dum_size, int out_buffsize)
2272 ssize_t maxcount,mincount;
2275 char *header = outbuf;
2277 START_PROFILE(SMBreadbraw);
2279 if (srv_is_signing_active()) {
2280 exit_server("reply_readbraw: SMB signing is active - raw reads/writes are disallowed.");
2284 * Special check if an oplock break has been issued
2285 * and the readraw request croses on the wire, we must
2286 * return a zero length response here.
2289 fsp = file_fsp(inbuf,smb_vwv0);
2291 if (!FNUM_OK(fsp,conn) || !fsp->can_read) {
2293 * fsp could be NULL here so use the value from the packet. JRA.
2295 DEBUG(3,("fnum %d not open in readbraw - cache prime?\n",(int)SVAL(inbuf,smb_vwv0)));
2296 _smb_setlen(header,0);
2297 if (write_data(smbd_server_fd(),header,4) != 4)
2299 END_PROFILE(SMBreadbraw);
2303 CHECK_FSP(fsp,conn);
2305 flush_write_cache(fsp, READRAW_FLUSH);
2307 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
2308 if(CVAL(inbuf,smb_wct) == 10) {
2310 * This is a large offset (64 bit) read.
2312 #ifdef LARGE_SMB_OFF_T
2314 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv8)) << 32);
2316 #else /* !LARGE_SMB_OFF_T */
2319 * Ensure we haven't been sent a >32 bit offset.
2322 if(IVAL(inbuf,smb_vwv8) != 0) {
2323 DEBUG(0,("readbraw - large offset (%x << 32) used and we don't support \
2324 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv8) ));
2325 _smb_setlen(header,0);
2326 if (write_data(smbd_server_fd(),header,4) != 4)
2328 END_PROFILE(SMBreadbraw);
2332 #endif /* LARGE_SMB_OFF_T */
2335 DEBUG(0,("readbraw - negative 64 bit readraw offset (%.0f) !\n", (double)startpos ));
2336 _smb_setlen(header,0);
2337 if (write_data(smbd_server_fd(),header,4) != 4)
2339 END_PROFILE(SMBreadbraw);
2343 maxcount = (SVAL(inbuf,smb_vwv3) & 0xFFFF);
2344 mincount = (SVAL(inbuf,smb_vwv4) & 0xFFFF);
2346 /* ensure we don't overrun the packet size */
2347 maxcount = MIN(65535,maxcount);
2349 if (!is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2353 if (SMB_VFS_FSTAT(fsp,fsp->fh->fd,&st) == 0) {
2357 if (startpos >= size) {
2360 nread = MIN(maxcount,(size - startpos));
2364 #if 0 /* mincount appears to be ignored in a W2K server. JRA. */
2365 if (nread < mincount)
2369 DEBUG( 3, ( "readbraw fnum=%d start=%.0f max=%lu min=%lu nread=%lu\n", fsp->fnum, (double)startpos,
2370 (unsigned long)maxcount, (unsigned long)mincount, (unsigned long)nread ) );
2372 send_file_readbraw(conn, fsp, startpos, nread, mincount, outbuf, out_buffsize);
2374 DEBUG(5,("readbraw finished\n"));
2375 END_PROFILE(SMBreadbraw);
2380 #define DBGC_CLASS DBGC_LOCKING
2382 /****************************************************************************
2383 Reply to a lockread (core+ protocol).
2384 ****************************************************************************/
2386 int reply_lockread(connection_struct *conn, char *inbuf,char *outbuf, int length, int dum_buffsiz)
2394 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2395 struct byte_range_lock *br_lck = NULL;
2396 START_PROFILE(SMBlockread);
2398 CHECK_FSP(fsp,conn);
2399 if (!CHECK_READ(fsp,inbuf)) {
2400 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2403 release_level_2_oplocks_on_change(fsp);
2405 numtoread = SVAL(inbuf,smb_vwv1);
2406 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2408 outsize = set_message(outbuf,5,3,True);
2409 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2410 data = smb_buf(outbuf) + 3;
2413 * NB. Discovered by Menny Hamburger at Mainsoft. This is a core+
2414 * protocol request that predates the read/write lock concept.
2415 * Thus instead of asking for a read lock here we need to ask
2416 * for a write lock. JRA.
2417 * Note that the requested lock size is unaffected by max_recv.
2420 br_lck = do_lock(fsp,
2421 (uint32)SVAL(inbuf,smb_pid),
2422 (SMB_BIG_UINT)numtoread,
2423 (SMB_BIG_UINT)startpos,
2426 False, /* Non-blocking lock. */
2428 TALLOC_FREE(br_lck);
2430 if (NT_STATUS_V(status)) {
2431 END_PROFILE(SMBlockread);
2432 return ERROR_NT(status);
2436 * However the requested READ size IS affected by max_recv. Insanity.... JRA.
2439 if (numtoread > max_recv) {
2440 DEBUG(0,("reply_lockread: requested read size (%u) is greater than maximum allowed (%u). \
2441 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2442 (unsigned int)numtoread, (unsigned int)max_recv ));
2443 numtoread = MIN(numtoread,max_recv);
2445 nread = read_file(fsp,data,startpos,numtoread);
2448 END_PROFILE(SMBlockread);
2449 return(UNIXERROR(ERRDOS,ERRnoaccess));
2453 SSVAL(outbuf,smb_vwv0,nread);
2454 SSVAL(outbuf,smb_vwv5,nread+3);
2455 SSVAL(smb_buf(outbuf),1,nread);
2457 DEBUG(3,("lockread fnum=%d num=%d nread=%d\n",
2458 fsp->fnum, (int)numtoread, (int)nread));
2460 END_PROFILE(SMBlockread);
2465 #define DBGC_CLASS DBGC_ALL
2467 /****************************************************************************
2469 ****************************************************************************/
2471 int reply_read(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2478 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2479 START_PROFILE(SMBread);
2481 CHECK_FSP(fsp,conn);
2482 if (!CHECK_READ(fsp,inbuf)) {
2483 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2486 numtoread = SVAL(inbuf,smb_vwv1);
2487 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2489 outsize = set_message(outbuf,5,3,True);
2490 numtoread = MIN(BUFFER_SIZE-outsize,numtoread);
2492 * The requested read size cannot be greater than max_recv. JRA.
2494 if (numtoread > max_recv) {
2495 DEBUG(0,("reply_read: requested read size (%u) is greater than maximum allowed (%u). \
2496 Returning short read of maximum allowed for compatibility with Windows 2000.\n",
2497 (unsigned int)numtoread, (unsigned int)max_recv ));
2498 numtoread = MIN(numtoread,max_recv);
2501 data = smb_buf(outbuf) + 3;
2503 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtoread,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2504 END_PROFILE(SMBread);
2505 return ERROR_DOS(ERRDOS,ERRlock);
2509 nread = read_file(fsp,data,startpos,numtoread);
2512 END_PROFILE(SMBread);
2513 return(UNIXERROR(ERRDOS,ERRnoaccess));
2517 SSVAL(outbuf,smb_vwv0,nread);
2518 SSVAL(outbuf,smb_vwv5,nread+3);
2519 SCVAL(smb_buf(outbuf),0,1);
2520 SSVAL(smb_buf(outbuf),1,nread);
2522 DEBUG( 3, ( "read fnum=%d num=%d nread=%d\n",
2523 fsp->fnum, (int)numtoread, (int)nread ) );
2525 END_PROFILE(SMBread);
2529 /****************************************************************************
2530 Reply to a read and X - possibly using sendfile.
2531 ****************************************************************************/
2533 int send_file_readX(connection_struct *conn, char *inbuf,char *outbuf,int length, int len_outbuf,
2534 files_struct *fsp, SMB_OFF_T startpos, size_t smb_maxcnt)
2538 char *data = smb_buf(outbuf);
2540 #if defined(WITH_SENDFILE)
2542 * We can only use sendfile on a non-chained packet
2543 * but we can use on a non-oplocked file. tridge proved this
2544 * on a train in Germany :-). JRA.
2547 if ((chain_size == 0) && (CVAL(inbuf,smb_vwv0) == 0xFF) &&
2548 lp_use_sendfile(SNUM(conn)) && (fsp->wcp == NULL) ) {
2549 SMB_STRUCT_STAT sbuf;
2552 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1)
2553 return(UNIXERROR(ERRDOS,ERRnoaccess));
2555 if (startpos > sbuf.st_size)
2558 if (smb_maxcnt > (sbuf.st_size - startpos))
2559 smb_maxcnt = (sbuf.st_size - startpos);
2561 if (smb_maxcnt == 0)
2565 * Set up the packet header before send. We
2566 * assume here the sendfile will work (get the
2567 * correct amount of data).
2570 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2571 SSVAL(outbuf,smb_vwv5,smb_maxcnt);
2572 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2573 SSVAL(outbuf,smb_vwv7,((smb_maxcnt >> 16) & 1));
2574 SSVAL(smb_buf(outbuf),-2,smb_maxcnt);
2575 SCVAL(outbuf,smb_vwv0,0xFF);
2576 set_message(outbuf,12,smb_maxcnt,False);
2577 header.data = (uint8 *)outbuf;
2578 header.length = data - outbuf;
2581 if ((nread = SMB_VFS_SENDFILE( smbd_server_fd(), fsp, fsp->fh->fd, &header, startpos, smb_maxcnt)) == -1) {
2582 /* Returning ENOSYS means no data at all was sent. Do this as a normal read. */
2583 if (errno == ENOSYS) {
2588 * Special hack for broken Linux with no working sendfile. If we
2589 * return EINTR we sent the header but not the rest of the data.
2590 * Fake this up by doing read/write calls.
2593 if (errno == EINTR) {
2594 /* Ensure we don't do this again. */
2595 set_use_sendfile(SNUM(conn), False);
2596 DEBUG(0,("send_file_readX: sendfile not available. Faking..\n"));
2598 if ((nread = fake_sendfile(fsp, startpos, smb_maxcnt, data,
2599 len_outbuf - (data-outbuf))) == -1) {
2600 DEBUG(0,("send_file_readX: fake_sendfile failed for file %s (%s).\n",
2601 fsp->fsp_name, strerror(errno) ));
2602 exit_server("send_file_readX: fake_sendfile failed");
2604 DEBUG( 3, ( "send_file_readX: fake_sendfile fnum=%d max=%d nread=%d\n",
2605 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2606 /* Returning -1 here means successful sendfile. */
2610 DEBUG(0,("send_file_readX: sendfile failed for file %s (%s). Terminating\n",
2611 fsp->fsp_name, strerror(errno) ));
2612 exit_server("send_file_readX sendfile failed");
2615 DEBUG( 3, ( "send_file_readX: sendfile fnum=%d max=%d nread=%d\n",
2616 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2617 /* Returning -1 here means successful sendfile. */
2625 nread = read_file(fsp,data,startpos,smb_maxcnt);
2628 return(UNIXERROR(ERRDOS,ERRnoaccess));
2631 outsize = set_message(outbuf,12,nread,False);
2632 SSVAL(outbuf,smb_vwv2,0xFFFF); /* Remaining - must be -1. */
2633 SSVAL(outbuf,smb_vwv5,nread);
2634 SSVAL(outbuf,smb_vwv6,smb_offset(data,outbuf));
2635 SSVAL(outbuf,smb_vwv7,((nread >> 16) & 1));
2636 SSVAL(smb_buf(outbuf),-2,nread);
2638 DEBUG( 3, ( "send_file_readX fnum=%d max=%d nread=%d\n",
2639 fsp->fnum, (int)smb_maxcnt, (int)nread ) );
2641 /* Returning the number of bytes we want to send back - including header. */
2645 /****************************************************************************
2646 Reply to a read and X.
2647 ****************************************************************************/
2649 int reply_read_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
2651 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
2652 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2654 size_t smb_maxcnt = SVAL(inbuf,smb_vwv5);
2656 size_t smb_mincnt = SVAL(inbuf,smb_vwv6);
2659 START_PROFILE(SMBreadX);
2661 /* If it's an IPC, pass off the pipe handler. */
2663 END_PROFILE(SMBreadX);
2664 return reply_pipe_read_and_X(inbuf,outbuf,length,bufsize);
2667 CHECK_FSP(fsp,conn);
2668 if (!CHECK_READ(fsp,inbuf)) {
2669 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2672 set_message(outbuf,12,0,True);
2674 if (global_client_caps & CAP_LARGE_READX) {
2675 if (SVAL(inbuf,smb_vwv7) == 1) {
2676 smb_maxcnt |= (1<<16);
2678 if (smb_maxcnt > BUFFER_SIZE) {
2679 DEBUG(0,("reply_read_and_X - read too large (%u) for reply buffer %u\n",
2680 (unsigned int)smb_maxcnt, (unsigned int)BUFFER_SIZE));
2681 END_PROFILE(SMBreadX);
2682 return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
2686 if(CVAL(inbuf,smb_wct) == 12) {
2687 #ifdef LARGE_SMB_OFF_T
2689 * This is a large offset (64 bit) read.
2691 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv10)) << 32);
2693 #else /* !LARGE_SMB_OFF_T */
2696 * Ensure we haven't been sent a >32 bit offset.
2699 if(IVAL(inbuf,smb_vwv10) != 0) {
2700 DEBUG(0,("reply_read_and_X - large offset (%x << 32) used and we don't support \
2701 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv10) ));
2702 END_PROFILE(SMBreadX);
2703 return ERROR_DOS(ERRDOS,ERRbadaccess);
2706 #endif /* LARGE_SMB_OFF_T */
2710 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)smb_maxcnt,(SMB_BIG_UINT)startpos, READ_LOCK)) {
2711 END_PROFILE(SMBreadX);
2712 return ERROR_DOS(ERRDOS,ERRlock);
2715 if (schedule_aio_read_and_X(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt)) {
2716 END_PROFILE(SMBreadX);
2720 nread = send_file_readX(conn, inbuf, outbuf, length, bufsize, fsp, startpos, smb_maxcnt);
2722 nread = chain_reply(inbuf,outbuf,length,bufsize);
2724 END_PROFILE(SMBreadX);
2728 /****************************************************************************
2729 Reply to a writebraw (core+ or LANMAN1.0 protocol).
2730 ****************************************************************************/
2732 int reply_writebraw(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
2735 ssize_t total_written=0;
2736 size_t numtowrite=0;
2741 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2743 START_PROFILE(SMBwritebraw);
2745 if (srv_is_signing_active()) {
2746 exit_server("reply_writebraw: SMB signing is active - raw reads/writes are disallowed.");
2749 CHECK_FSP(fsp,conn);
2750 if (!CHECK_WRITE(fsp)) {
2751 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2754 tcount = IVAL(inbuf,smb_vwv1);
2755 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
2756 write_through = BITSETW(inbuf+smb_vwv7,0);
2758 /* We have to deal with slightly different formats depending
2759 on whether we are using the core+ or lanman1.0 protocol */
2761 if(Protocol <= PROTOCOL_COREPLUS) {
2762 numtowrite = SVAL(smb_buf(inbuf),-2);
2763 data = smb_buf(inbuf);
2765 numtowrite = SVAL(inbuf,smb_vwv10);
2766 data = smb_base(inbuf) + SVAL(inbuf, smb_vwv11);
2769 /* force the error type */
2770 SCVAL(inbuf,smb_com,SMBwritec);
2771 SCVAL(outbuf,smb_com,SMBwritec);
2773 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2774 END_PROFILE(SMBwritebraw);
2775 return(ERROR_DOS(ERRDOS,ERRlock));
2779 nwritten = write_file(fsp,data,startpos,numtowrite);
2781 DEBUG(3,("writebraw1 fnum=%d start=%.0f num=%d wrote=%d sync=%d\n",
2782 fsp->fnum, (double)startpos, (int)numtowrite, (int)nwritten, (int)write_through));
2784 if (nwritten < (ssize_t)numtowrite) {
2785 END_PROFILE(SMBwritebraw);
2786 return(UNIXERROR(ERRHRD,ERRdiskfull));
2789 total_written = nwritten;
2791 /* Return a message to the redirector to tell it to send more bytes */
2792 SCVAL(outbuf,smb_com,SMBwritebraw);
2793 SSVALS(outbuf,smb_vwv0,-1);
2794 outsize = set_message(outbuf,Protocol>PROTOCOL_COREPLUS?1:0,0,True);
2796 if (!send_smb(smbd_server_fd(),outbuf))
2797 exit_server("reply_writebraw: send_smb failed.");
2799 /* Now read the raw data into the buffer and write it */
2800 if (read_smb_length(smbd_server_fd(),inbuf,SMB_SECONDARY_WAIT) == -1) {
2801 exit_server("secondary writebraw failed");
2804 /* Even though this is not an smb message, smb_len returns the generic length of an smb message */
2805 numtowrite = smb_len(inbuf);
2807 /* Set up outbuf to return the correct return */
2808 outsize = set_message(outbuf,1,0,True);
2809 SCVAL(outbuf,smb_com,SMBwritec);
2811 if (numtowrite != 0) {
2813 if (numtowrite > BUFFER_SIZE) {
2814 DEBUG(0,("reply_writebraw: Oversize secondary write raw requested (%u). Terminating\n",
2815 (unsigned int)numtowrite ));
2816 exit_server("secondary writebraw failed");
2819 if (tcount > nwritten+numtowrite) {
2820 DEBUG(3,("Client overestimated the write %d %d %d\n",
2821 (int)tcount,(int)nwritten,(int)numtowrite));
2824 if (read_data( smbd_server_fd(), inbuf+4, numtowrite) != numtowrite ) {
2825 DEBUG(0,("reply_writebraw: Oversize secondary write raw read failed (%s). Terminating\n",
2827 exit_server("secondary writebraw failed");
2830 nwritten = write_file(fsp,inbuf+4,startpos+nwritten,numtowrite);
2831 if (nwritten == -1) {
2832 END_PROFILE(SMBwritebraw);
2833 return(UNIXERROR(ERRHRD,ERRdiskfull));
2836 if (nwritten < (ssize_t)numtowrite) {
2837 SCVAL(outbuf,smb_rcls,ERRHRD);
2838 SSVAL(outbuf,smb_err,ERRdiskfull);
2842 total_written += nwritten;
2845 SSVAL(outbuf,smb_vwv0,total_written);
2847 sync_file(conn, fsp, write_through);
2849 DEBUG(3,("writebraw2 fnum=%d start=%.0f num=%d wrote=%d\n",
2850 fsp->fnum, (double)startpos, (int)numtowrite,(int)total_written));
2852 /* we won't return a status if write through is not selected - this follows what WfWg does */
2853 END_PROFILE(SMBwritebraw);
2854 if (!write_through && total_written==tcount) {
2856 #if RABBIT_PELLET_FIX
2858 * Fix for "rabbit pellet" mode, trigger an early TCP ack by
2859 * sending a SMBkeepalive. Thanks to DaveCB at Sun for this. JRA.
2861 if (!send_keepalive(smbd_server_fd()))
2862 exit_server("reply_writebraw: send of keepalive failed");
2871 #define DBGC_CLASS DBGC_LOCKING
2873 /****************************************************************************
2874 Reply to a writeunlock (core+).
2875 ****************************************************************************/
2877 int reply_writeunlock(connection_struct *conn, char *inbuf,char *outbuf,
2878 int size, int dum_buffsize)
2880 ssize_t nwritten = -1;
2884 NTSTATUS status = NT_STATUS_OK;
2885 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2887 START_PROFILE(SMBwriteunlock);
2889 CHECK_FSP(fsp,conn);
2890 if (!CHECK_WRITE(fsp)) {
2891 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2894 numtowrite = SVAL(inbuf,smb_vwv1);
2895 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2896 data = smb_buf(inbuf) + 3;
2898 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2899 END_PROFILE(SMBwriteunlock);
2900 return ERROR_DOS(ERRDOS,ERRlock);
2903 /* The special X/Open SMB protocol handling of
2904 zero length writes is *NOT* done for
2906 if(numtowrite == 0) {
2909 nwritten = write_file(fsp,data,startpos,numtowrite);
2912 sync_file(conn, fsp, False /* write through */);
2914 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
2915 END_PROFILE(SMBwriteunlock);
2916 return(UNIXERROR(ERRHRD,ERRdiskfull));
2920 status = do_unlock(fsp,
2921 (uint32)SVAL(inbuf,smb_pid),
2922 (SMB_BIG_UINT)numtowrite,
2923 (SMB_BIG_UINT)startpos,
2926 if (NT_STATUS_V(status)) {
2927 END_PROFILE(SMBwriteunlock);
2928 return ERROR_NT(status);
2932 outsize = set_message(outbuf,1,0,True);
2934 SSVAL(outbuf,smb_vwv0,nwritten);
2936 DEBUG(3,("writeunlock fnum=%d num=%d wrote=%d\n",
2937 fsp->fnum, (int)numtowrite, (int)nwritten));
2939 END_PROFILE(SMBwriteunlock);
2944 #define DBGC_CLASS DBGC_ALL
2946 /****************************************************************************
2948 ****************************************************************************/
2950 int reply_write(connection_struct *conn, char *inbuf,char *outbuf,int size,int dum_buffsize)
2953 ssize_t nwritten = -1;
2956 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
2958 START_PROFILE(SMBwrite);
2960 /* If it's an IPC, pass off the pipe handler. */
2962 END_PROFILE(SMBwrite);
2963 return reply_pipe_write(inbuf,outbuf,size,dum_buffsize);
2966 CHECK_FSP(fsp,conn);
2967 if (!CHECK_WRITE(fsp)) {
2968 return(ERROR_DOS(ERRDOS,ERRbadaccess));
2971 numtowrite = SVAL(inbuf,smb_vwv1);
2972 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
2973 data = smb_buf(inbuf) + 3;
2975 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
2976 END_PROFILE(SMBwrite);
2977 return ERROR_DOS(ERRDOS,ERRlock);
2981 * X/Open SMB protocol says that if smb_vwv1 is
2982 * zero then the file size should be extended or
2983 * truncated to the size given in smb_vwv[2-3].
2986 if(numtowrite == 0) {
2988 * This is actually an allocate call, and set EOF. JRA.
2990 nwritten = vfs_allocate_file_space(fsp, (SMB_OFF_T)startpos);
2992 END_PROFILE(SMBwrite);
2993 return ERROR_NT(NT_STATUS_DISK_FULL);
2995 nwritten = vfs_set_filelen(fsp, (SMB_OFF_T)startpos);
2997 END_PROFILE(SMBwrite);
2998 return ERROR_NT(NT_STATUS_DISK_FULL);
3001 nwritten = write_file(fsp,data,startpos,numtowrite);
3003 sync_file(conn, fsp, False);
3005 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3006 END_PROFILE(SMBwrite);
3007 return(UNIXERROR(ERRHRD,ERRdiskfull));
3010 outsize = set_message(outbuf,1,0,True);
3012 SSVAL(outbuf,smb_vwv0,nwritten);
3014 if (nwritten < (ssize_t)numtowrite) {
3015 SCVAL(outbuf,smb_rcls,ERRHRD);
3016 SSVAL(outbuf,smb_err,ERRdiskfull);
3019 DEBUG(3,("write fnum=%d num=%d wrote=%d\n", fsp->fnum, (int)numtowrite, (int)nwritten));
3021 END_PROFILE(SMBwrite);
3025 /****************************************************************************
3026 Reply to a write and X.
3027 ****************************************************************************/
3029 int reply_write_and_X(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
3031 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
3032 SMB_OFF_T startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
3033 size_t numtowrite = SVAL(inbuf,smb_vwv10);
3034 BOOL write_through = BITSETW(inbuf+smb_vwv7,0);
3035 ssize_t nwritten = -1;
3036 unsigned int smb_doff = SVAL(inbuf,smb_vwv11);
3037 unsigned int smblen = smb_len(inbuf);
3039 BOOL large_writeX = ((CVAL(inbuf,smb_wct) == 14) && (smblen > 0xFFFF));
3040 START_PROFILE(SMBwriteX);
3042 /* If it's an IPC, pass off the pipe handler. */
3044 END_PROFILE(SMBwriteX);
3045 return reply_pipe_write_and_X(inbuf,outbuf,length,bufsize);
3048 CHECK_FSP(fsp,conn);
3049 if (!CHECK_WRITE(fsp)) {
3050 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3053 set_message(outbuf,6,0,True);
3055 /* Deal with possible LARGE_WRITEX */
3057 numtowrite |= ((((size_t)SVAL(inbuf,smb_vwv9)) & 1 )<<16);
3060 if(smb_doff > smblen || (smb_doff + numtowrite > smblen)) {
3061 END_PROFILE(SMBwriteX);
3062 return ERROR_DOS(ERRDOS,ERRbadmem);
3065 data = smb_base(inbuf) + smb_doff;
3067 if(CVAL(inbuf,smb_wct) == 14) {
3068 #ifdef LARGE_SMB_OFF_T
3070 * This is a large offset (64 bit) write.
3072 startpos |= (((SMB_OFF_T)IVAL(inbuf,smb_vwv12)) << 32);
3074 #else /* !LARGE_SMB_OFF_T */
3077 * Ensure we haven't been sent a >32 bit offset.
3080 if(IVAL(inbuf,smb_vwv12) != 0) {
3081 DEBUG(0,("reply_write_and_X - large offset (%x << 32) used and we don't support \
3082 64 bit offsets.\n", (unsigned int)IVAL(inbuf,smb_vwv12) ));
3083 END_PROFILE(SMBwriteX);
3084 return ERROR_DOS(ERRDOS,ERRbadaccess);
3087 #endif /* LARGE_SMB_OFF_T */
3090 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3091 END_PROFILE(SMBwriteX);
3092 return ERROR_DOS(ERRDOS,ERRlock);
3095 /* X/Open SMB protocol says that, unlike SMBwrite
3096 if the length is zero then NO truncation is
3097 done, just a write of zero. To truncate a file,
3100 if(numtowrite == 0) {
3104 if (schedule_aio_write_and_X(conn, inbuf, outbuf, length, bufsize,
3105 fsp,data,startpos,numtowrite)) {
3106 END_PROFILE(SMBwriteX);
3110 nwritten = write_file(fsp,data,startpos,numtowrite);
3113 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3114 END_PROFILE(SMBwriteX);
3115 return(UNIXERROR(ERRHRD,ERRdiskfull));
3118 SSVAL(outbuf,smb_vwv2,nwritten);
3120 SSVAL(outbuf,smb_vwv4,(nwritten>>16)&1);
3122 if (nwritten < (ssize_t)numtowrite) {
3123 SCVAL(outbuf,smb_rcls,ERRHRD);
3124 SSVAL(outbuf,smb_err,ERRdiskfull);
3127 DEBUG(3,("writeX fnum=%d num=%d wrote=%d\n",
3128 fsp->fnum, (int)numtowrite, (int)nwritten));
3130 sync_file(conn, fsp, write_through);
3132 END_PROFILE(SMBwriteX);
3133 return chain_reply(inbuf,outbuf,length,bufsize);
3136 /****************************************************************************
3138 ****************************************************************************/
3140 int reply_lseek(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3146 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3147 START_PROFILE(SMBlseek);
3149 CHECK_FSP(fsp,conn);
3151 flush_write_cache(fsp, SEEK_FLUSH);
3153 mode = SVAL(inbuf,smb_vwv1) & 3;
3154 /* NB. This doesn't use IVAL_TO_SMB_OFF_T as startpos can be signed in this case. */
3155 startpos = (SMB_OFF_T)IVALS(inbuf,smb_vwv2);
3164 res = fsp->fh->pos + startpos;
3175 if (umode == SEEK_END) {
3176 if((res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,startpos,umode)) == -1) {
3177 if(errno == EINVAL) {
3178 SMB_OFF_T current_pos = startpos;
3179 SMB_STRUCT_STAT sbuf;
3181 if(SMB_VFS_FSTAT(fsp,fsp->fh->fd, &sbuf) == -1) {
3182 END_PROFILE(SMBlseek);
3183 return(UNIXERROR(ERRDOS,ERRnoaccess));
3186 current_pos += sbuf.st_size;
3188 res = SMB_VFS_LSEEK(fsp,fsp->fh->fd,0,SEEK_SET);
3193 END_PROFILE(SMBlseek);
3194 return(UNIXERROR(ERRDOS,ERRnoaccess));
3200 outsize = set_message(outbuf,2,0,True);
3201 SIVAL(outbuf,smb_vwv0,res);
3203 DEBUG(3,("lseek fnum=%d ofs=%.0f newpos = %.0f mode=%d\n",
3204 fsp->fnum, (double)startpos, (double)res, mode));
3206 END_PROFILE(SMBlseek);
3210 /****************************************************************************
3212 ****************************************************************************/
3214 int reply_flush(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
3216 int outsize = set_message(outbuf,0,0,False);
3217 uint16 fnum = SVAL(inbuf,smb_vwv0);
3218 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3219 START_PROFILE(SMBflush);
3222 CHECK_FSP(fsp,conn);
3225 file_sync_all(conn);
3227 sync_file(conn,fsp, True);
3230 DEBUG(3,("flush\n"));
3231 END_PROFILE(SMBflush);
3235 /****************************************************************************
3237 conn POINTER CAN BE NULL HERE !
3238 ****************************************************************************/
3240 int reply_exit(connection_struct *conn,
3241 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3244 START_PROFILE(SMBexit);
3246 file_close_pid(SVAL(inbuf,smb_pid),SVAL(inbuf,smb_uid));
3248 outsize = set_message(outbuf,0,0,False);
3250 DEBUG(3,("exit\n"));
3252 END_PROFILE(SMBexit);
3256 /****************************************************************************
3257 Reply to a close - has to deal with closing a directory opened by NT SMB's.
3258 ****************************************************************************/
3260 int reply_close(connection_struct *conn, char *inbuf,char *outbuf, int size,
3265 int32 eclass = 0, err = 0;
3266 files_struct *fsp = NULL;
3267 START_PROFILE(SMBclose);
3269 outsize = set_message(outbuf,0,0,False);
3271 /* If it's an IPC, pass off to the pipe handler. */
3273 END_PROFILE(SMBclose);
3274 return reply_pipe_close(conn, inbuf,outbuf);
3277 fsp = file_fsp(inbuf,smb_vwv0);
3280 * We can only use CHECK_FSP if we know it's not a directory.
3283 if(!fsp || (fsp->conn != conn) || (fsp->vuid != current_user.vuid)) {
3284 END_PROFILE(SMBclose);
3285 return ERROR_DOS(ERRDOS,ERRbadfid);
3288 if(fsp->is_directory) {
3290 * Special case - close NT SMB directory handle.
3292 DEBUG(3,("close %s fnum=%d\n", fsp->is_directory ? "directory" : "stat file open", fsp->fnum));
3293 close_file(fsp,NORMAL_CLOSE);
3296 * Close ordinary file.
3301 /* Save the name for time set in close. */
3302 pstrcpy( file_name, fsp->fsp_name);
3304 DEBUG(3,("close fd=%d fnum=%d (numopen=%d)\n",
3305 fsp->fh->fd, fsp->fnum,
3306 conn->num_files_open));
3309 * Take care of any time sent in the close.
3312 mtime = srv_make_unix_date3(inbuf+smb_vwv1);
3313 fsp_set_pending_modtime(fsp, mtime);
3316 * close_file() returns the unix errno if an error
3317 * was detected on close - normally this is due to
3318 * a disk full error. If not then it was probably an I/O error.
3321 if((close_err = close_file(fsp,NORMAL_CLOSE)) != 0) {
3323 END_PROFILE(SMBclose);
3324 return (UNIXERROR(ERRHRD,ERRgeneral));
3328 /* We have a cached error */
3330 END_PROFILE(SMBclose);
3331 return ERROR_DOS(eclass,err);
3334 END_PROFILE(SMBclose);
3338 /****************************************************************************
3339 Reply to a writeclose (Core+ protocol).
3340 ****************************************************************************/
3342 int reply_writeclose(connection_struct *conn,
3343 char *inbuf,char *outbuf, int size, int dum_buffsize)
3346 ssize_t nwritten = -1;
3352 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3353 START_PROFILE(SMBwriteclose);
3355 CHECK_FSP(fsp,conn);
3356 if (!CHECK_WRITE(fsp)) {
3357 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3360 numtowrite = SVAL(inbuf,smb_vwv1);
3361 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
3362 mtime = srv_make_unix_date3(inbuf+smb_vwv4);
3363 data = smb_buf(inbuf) + 1;
3365 if (numtowrite && is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)numtowrite,(SMB_BIG_UINT)startpos, WRITE_LOCK)) {
3366 END_PROFILE(SMBwriteclose);
3367 return ERROR_DOS(ERRDOS,ERRlock);
3370 nwritten = write_file(fsp,data,startpos,numtowrite);
3372 set_filetime(conn, fsp->fsp_name,mtime);
3375 * More insanity. W2K only closes the file if writelen > 0.
3380 DEBUG(3,("reply_writeclose: zero length write doesn't close file %s\n",
3382 close_err = close_file(fsp,NORMAL_CLOSE);
3385 DEBUG(3,("writeclose fnum=%d num=%d wrote=%d (numopen=%d)\n",
3386 fsp->fnum, (int)numtowrite, (int)nwritten,
3387 conn->num_files_open));
3389 if(((nwritten == 0) && (numtowrite != 0))||(nwritten < 0)) {
3390 END_PROFILE(SMBwriteclose);
3391 return(UNIXERROR(ERRHRD,ERRdiskfull));
3394 if(close_err != 0) {
3396 END_PROFILE(SMBwriteclose);
3397 return(UNIXERROR(ERRHRD,ERRgeneral));
3400 outsize = set_message(outbuf,1,0,True);
3402 SSVAL(outbuf,smb_vwv0,nwritten);
3403 END_PROFILE(SMBwriteclose);
3408 #define DBGC_CLASS DBGC_LOCKING
3410 /****************************************************************************
3412 ****************************************************************************/
3414 int reply_lock(connection_struct *conn,
3415 char *inbuf,char *outbuf, int length, int dum_buffsize)
3417 int outsize = set_message(outbuf,0,0,False);
3418 SMB_BIG_UINT count,offset;
3420 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3421 struct byte_range_lock *br_lck = NULL;
3423 START_PROFILE(SMBlock);
3425 CHECK_FSP(fsp,conn);
3427 release_level_2_oplocks_on_change(fsp);
3429 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3430 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3432 DEBUG(3,("lock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3433 fsp->fh->fd, fsp->fnum, (double)offset, (double)count));
3435 br_lck = do_lock(fsp,
3436 (uint32)SVAL(inbuf,smb_pid),
3441 False, /* Non-blocking lock. */
3444 TALLOC_FREE(br_lck);
3446 if (NT_STATUS_V(status)) {
3447 END_PROFILE(SMBlock);
3448 return ERROR_NT(status);
3451 END_PROFILE(SMBlock);
3455 /****************************************************************************
3457 ****************************************************************************/
3459 int reply_unlock(connection_struct *conn, char *inbuf,char *outbuf, int size,
3462 int outsize = set_message(outbuf,0,0,False);
3463 SMB_BIG_UINT count,offset;
3465 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3466 START_PROFILE(SMBunlock);
3468 CHECK_FSP(fsp,conn);
3470 count = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv1);
3471 offset = (SMB_BIG_UINT)IVAL(inbuf,smb_vwv3);
3473 status = do_unlock(fsp,
3474 (uint32)SVAL(inbuf,smb_pid),
3479 if (NT_STATUS_V(status)) {
3480 END_PROFILE(SMBunlock);
3481 return ERROR_NT(status);
3484 DEBUG( 3, ( "unlock fd=%d fnum=%d offset=%.0f count=%.0f\n",
3485 fsp->fh->fd, fsp->fnum, (double)offset, (double)count ) );
3487 END_PROFILE(SMBunlock);
3492 #define DBGC_CLASS DBGC_ALL
3494 /****************************************************************************
3496 conn POINTER CAN BE NULL HERE !
3497 ****************************************************************************/
3499 int reply_tdis(connection_struct *conn,
3500 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3502 int outsize = set_message(outbuf,0,0,False);
3504 START_PROFILE(SMBtdis);
3506 vuid = SVAL(inbuf,smb_uid);
3509 DEBUG(4,("Invalid connection in tdis\n"));
3510 END_PROFILE(SMBtdis);
3511 return ERROR_DOS(ERRSRV,ERRinvnid);
3516 close_cnum(conn,vuid);
3518 END_PROFILE(SMBtdis);
3522 /****************************************************************************
3524 conn POINTER CAN BE NULL HERE !
3525 ****************************************************************************/
3527 int reply_echo(connection_struct *conn,
3528 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3530 int smb_reverb = SVAL(inbuf,smb_vwv0);
3532 unsigned int data_len = smb_buflen(inbuf);
3533 int outsize = set_message(outbuf,1,data_len,True);
3534 START_PROFILE(SMBecho);
3536 if (data_len > BUFFER_SIZE) {
3537 DEBUG(0,("reply_echo: data_len too large.\n"));
3538 END_PROFILE(SMBecho);
3542 /* copy any incoming data back out */
3544 memcpy(smb_buf(outbuf),smb_buf(inbuf),data_len);
3546 if (smb_reverb > 100) {
3547 DEBUG(0,("large reverb (%d)?? Setting to 100\n",smb_reverb));
3551 for (seq_num =1 ; seq_num <= smb_reverb ; seq_num++) {
3552 SSVAL(outbuf,smb_vwv0,seq_num);
3554 smb_setlen(outbuf,outsize - 4);
3557 if (!send_smb(smbd_server_fd(),outbuf))
3558 exit_server("reply_echo: send_smb failed.");
3561 DEBUG(3,("echo %d times\n", smb_reverb));
3565 END_PROFILE(SMBecho);
3569 /****************************************************************************
3570 Reply to a printopen.
3571 ****************************************************************************/
3573 int reply_printopen(connection_struct *conn,
3574 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3580 START_PROFILE(SMBsplopen);
3582 if (!CAN_PRINT(conn)) {
3583 END_PROFILE(SMBsplopen);
3584 return ERROR_DOS(ERRDOS,ERRnoaccess);
3587 /* Open for exclusive use, write only. */
3588 status = print_fsp_open(conn, NULL, &fsp);
3590 if (!NT_STATUS_IS_OK(status)) {
3591 END_PROFILE(SMBsplopen);
3592 return(ERROR_NT(status));
3595 outsize = set_message(outbuf,1,0,True);
3596 SSVAL(outbuf,smb_vwv0,fsp->fnum);
3598 DEBUG(3,("openprint fd=%d fnum=%d\n",
3599 fsp->fh->fd, fsp->fnum));
3601 END_PROFILE(SMBsplopen);
3605 /****************************************************************************
3606 Reply to a printclose.
3607 ****************************************************************************/
3609 int reply_printclose(connection_struct *conn,
3610 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3612 int outsize = set_message(outbuf,0,0,False);
3613 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3615 START_PROFILE(SMBsplclose);
3617 CHECK_FSP(fsp,conn);
3619 if (!CAN_PRINT(conn)) {
3620 END_PROFILE(SMBsplclose);
3621 return ERROR_NT(NT_STATUS_UNSUCCESSFUL);
3624 DEBUG(3,("printclose fd=%d fnum=%d\n",
3625 fsp->fh->fd,fsp->fnum));
3627 close_err = close_file(fsp,NORMAL_CLOSE);
3629 if(close_err != 0) {
3631 END_PROFILE(SMBsplclose);
3632 return(UNIXERROR(ERRHRD,ERRgeneral));
3635 END_PROFILE(SMBsplclose);
3639 /****************************************************************************
3640 Reply to a printqueue.
3641 ****************************************************************************/
3643 int reply_printqueue(connection_struct *conn,
3644 char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3646 int outsize = set_message(outbuf,2,3,True);
3647 int max_count = SVAL(inbuf,smb_vwv0);
3648 int start_index = SVAL(inbuf,smb_vwv1);
3649 START_PROFILE(SMBsplretq);
3651 /* we used to allow the client to get the cnum wrong, but that
3652 is really quite gross and only worked when there was only
3653 one printer - I think we should now only accept it if they
3654 get it right (tridge) */
3655 if (!CAN_PRINT(conn)) {
3656 END_PROFILE(SMBsplretq);
3657 return ERROR_DOS(ERRDOS,ERRnoaccess);
3660 SSVAL(outbuf,smb_vwv0,0);
3661 SSVAL(outbuf,smb_vwv1,0);
3662 SCVAL(smb_buf(outbuf),0,1);
3663 SSVAL(smb_buf(outbuf),1,0);
3665 DEBUG(3,("printqueue start_index=%d max_count=%d\n",
3666 start_index, max_count));
3669 print_queue_struct *queue = NULL;
3670 print_status_struct status;
3671 char *p = smb_buf(outbuf) + 3;
3672 int count = print_queue_status(SNUM(conn), &queue, &status);
3673 int num_to_get = ABS(max_count);
3674 int first = (max_count>0?start_index:start_index+max_count+1);
3680 num_to_get = MIN(num_to_get,count-first);
3683 for (i=first;i<first+num_to_get;i++) {
3684 srv_put_dos_date2(p,0,queue[i].time);
3685 SCVAL(p,4,(queue[i].status==LPQ_PRINTING?2:3));
3686 SSVAL(p,5, queue[i].job);
3687 SIVAL(p,7,queue[i].size);
3689 srvstr_push(outbuf, p+12, queue[i].fs_user, 16, STR_ASCII);
3694 outsize = set_message(outbuf,2,28*count+3,False);
3695 SSVAL(outbuf,smb_vwv0,count);
3696 SSVAL(outbuf,smb_vwv1,(max_count>0?first+count:first-1));
3697 SCVAL(smb_buf(outbuf),0,1);
3698 SSVAL(smb_buf(outbuf),1,28*count);
3703 DEBUG(3,("%d entries returned in queue\n",count));
3706 END_PROFILE(SMBsplretq);
3710 /****************************************************************************
3711 Reply to a printwrite.
3712 ****************************************************************************/
3714 int reply_printwrite(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3717 int outsize = set_message(outbuf,0,0,False);
3719 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
3721 START_PROFILE(SMBsplwr);
3723 if (!CAN_PRINT(conn)) {
3724 END_PROFILE(SMBsplwr);
3725 return ERROR_DOS(ERRDOS,ERRnoaccess);
3728 CHECK_FSP(fsp,conn);
3729 if (!CHECK_WRITE(fsp)) {
3730 return(ERROR_DOS(ERRDOS,ERRbadaccess));
3733 numtowrite = SVAL(smb_buf(inbuf),1);
3734 data = smb_buf(inbuf) + 3;
3736 if (write_file(fsp,data,-1,numtowrite) != numtowrite) {
3737 END_PROFILE(SMBsplwr);
3738 return(UNIXERROR(ERRHRD,ERRdiskfull));
3741 DEBUG( 3, ( "printwrite fnum=%d num=%d\n", fsp->fnum, numtowrite ) );
3743 END_PROFILE(SMBsplwr);
3747 /****************************************************************************
3748 The guts of the mkdir command, split out so it may be called by the NT SMB
3750 ****************************************************************************/
3752 NTSTATUS mkdir_internal(connection_struct *conn, const pstring directory, BOOL bad_path)
3756 if(!CAN_WRITE(conn)) {
3757 DEBUG(5,("mkdir_internal: failing create on read-only share %s\n", lp_servicename(SNUM(conn))));
3759 return map_nt_error_from_unix(errno);
3763 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3766 if (!check_name(directory, conn)) {
3767 if(errno == ENOENT) {
3769 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
3771 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
3774 return map_nt_error_from_unix(errno);
3777 ret = vfs_MkDir(conn,directory,unix_mode(conn,aDIR,directory,True));
3779 if(errno == ENOENT) {
3780 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
3782 return map_nt_error_from_unix(errno);
3785 return NT_STATUS_OK;
3788 /****************************************************************************
3790 ****************************************************************************/
3792 int reply_mkdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
3797 BOOL bad_path = False;
3798 SMB_STRUCT_STAT sbuf;
3800 START_PROFILE(SMBmkdir);
3802 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
3803 if (!NT_STATUS_IS_OK(status)) {
3804 END_PROFILE(SMBmkdir);
3805 return ERROR_NT(status);
3808 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf);
3810 unix_convert(directory,conn,0,&bad_path,&sbuf);
3812 if( is_ntfs_stream_name(directory)) {
3813 DEBUG(5,("reply_mkdir: failing create on filename %s with colon in name\n", directory));
3814 END_PROFILE(SMBmkdir);
3815 return ERROR_NT(NT_STATUS_NOT_A_DIRECTORY);
3818 status = mkdir_internal(conn, directory,bad_path);
3819 if (!NT_STATUS_IS_OK(status)) {
3821 if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION) &&
3824 * Yes, in the DOS error code case we get a
3825 * ERRDOS:ERRnoaccess here. See BASE-SAMBA3ERROR
3826 * samba4 torture test.
3828 status = NT_STATUS_DOS(ERRDOS, ERRnoaccess);
3831 END_PROFILE(SMBmkdir);
3832 return ERROR_NT(status);
3835 if (lp_inherit_owner(SNUM(conn))) {
3836 /* Ensure we're checking for a symlink here.... */
3837 /* We don't want to get caught by a symlink racer. */
3839 if(SMB_VFS_LSTAT(conn,directory, &sbuf) != 0) {
3840 END_PROFILE(SMBmkdir);
3841 return(UNIXERROR(ERRDOS,ERRnoaccess));
3844 if(!S_ISDIR(sbuf.st_mode)) {
3845 DEBUG(0,("reply_mkdir: %s is not a directory !\n", directory ));
3846 END_PROFILE(SMBmkdir);
3847 return(UNIXERROR(ERRDOS,ERRnoaccess));
3850 change_owner_to_parent(conn, NULL, directory, &sbuf);
3853 outsize = set_message(outbuf,0,0,False);
3855 DEBUG( 3, ( "mkdir %s ret=%d\n", directory, outsize ) );
3857 END_PROFILE(SMBmkdir);
3861 /****************************************************************************
3862 Static function used by reply_rmdir to delete an entire directory
3863 tree recursively. Return False on ok, True on fail.
3864 ****************************************************************************/
3866 static BOOL recursive_rmdir(connection_struct *conn, char *directory)
3868 const char *dname = NULL;
3871 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3876 while((dname = ReadDirName(dir_hnd, &offset))) {
3880 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3883 if (!is_visible_file(conn, directory, dname, &st, False))
3886 /* Construct the full name. */
3887 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3893 pstrcpy(fullname, directory);
3894 pstrcat(fullname, "/");
3895 pstrcat(fullname, dname);
3897 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0) {
3902 if(st.st_mode & S_IFDIR) {
3903 if(recursive_rmdir(conn, fullname)!=0) {
3907 if(SMB_VFS_RMDIR(conn,fullname) != 0) {
3911 } else if(SMB_VFS_UNLINK(conn,fullname) != 0) {
3920 /****************************************************************************
3921 The internals of the rmdir code - called elsewhere.
3922 ****************************************************************************/
3924 BOOL rmdir_internals(connection_struct *conn, char *directory)
3929 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3930 if(!ok && ((errno == ENOTEMPTY)||(errno == EEXIST)) && lp_veto_files(SNUM(conn))) {
3932 * Check to see if the only thing in this directory are
3933 * vetoed files/directories. If so then delete them and
3934 * retry. If we fail to delete any of them (and we *don't*
3935 * do a recursive delete) then fail the rmdir.
3937 BOOL all_veto_files = True;
3939 struct smb_Dir *dir_hnd = OpenDir(conn, directory, NULL, 0);
3941 if(dir_hnd != NULL) {
3943 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3944 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3946 if (!is_visible_file(conn, directory, dname, &st, False))
3948 if(!IS_VETO_PATH(conn, dname)) {
3949 all_veto_files = False;
3954 if(all_veto_files) {
3955 RewindDir(dir_hnd,&dirpos);
3956 while ((dname = ReadDirName(dir_hnd,&dirpos))) {
3959 if((strcmp(dname, ".") == 0) || (strcmp(dname, "..")==0))
3961 if (!is_visible_file(conn, directory, dname, &st, False))
3964 /* Construct the full name. */
3965 if(strlen(directory) + strlen(dname) + 1 >= sizeof(fullname)) {
3970 pstrcpy(fullname, directory);
3971 pstrcat(fullname, "/");
3972 pstrcat(fullname, dname);
3974 if(SMB_VFS_LSTAT(conn,fullname, &st) != 0)
3976 if(st.st_mode & S_IFDIR) {
3977 if(lp_recursive_veto_delete(SNUM(conn))) {
3978 if(recursive_rmdir(conn, fullname) != 0)
3981 if(SMB_VFS_RMDIR(conn,fullname) != 0)
3983 } else if(SMB_VFS_UNLINK(conn,fullname) != 0)
3987 /* Retry the rmdir */
3988 ok = (SMB_VFS_RMDIR(conn,directory) == 0);
3998 DEBUG(3,("rmdir_internals: couldn't remove directory %s : %s\n", directory,strerror(errno)));
4003 /****************************************************************************
4005 ****************************************************************************/
4007 int reply_rmdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4012 BOOL bad_path = False;
4013 SMB_STRUCT_STAT sbuf;
4015 START_PROFILE(SMBrmdir);
4017 srvstr_get_path(inbuf, directory, smb_buf(inbuf) + 1, sizeof(directory), 0, STR_TERMINATE, &status);
4018 if (!NT_STATUS_IS_OK(status)) {
4019 END_PROFILE(SMBrmdir);
4020 return ERROR_NT(status);
4023 RESOLVE_DFSPATH(directory, conn, inbuf, outbuf)
4025 unix_convert(directory,conn, NULL,&bad_path,&sbuf);
4027 END_PROFILE(SMBrmdir);
4028 return ERROR_NT(NT_STATUS_OBJECT_PATH_NOT_FOUND);
4031 if (check_name(directory,conn)) {
4032 dptr_closepath(directory,SVAL(inbuf,smb_pid));
4033 ok = rmdir_internals(conn, directory);
4037 END_PROFILE(SMBrmdir);
4038 return set_bad_path_error(errno, bad_path, outbuf, ERRDOS, ERRbadpath);
4041 outsize = set_message(outbuf,0,0,False);
4043 DEBUG( 3, ( "rmdir %s\n", directory ) );
4045 END_PROFILE(SMBrmdir);
4049 /*******************************************************************
4050 Resolve wildcards in a filename rename.
4051 Note that name is in UNIX charset and thus potentially can be more
4052 than fstring buffer (255 bytes) especially in default UTF-8 case.
4053 Therefore, we use pstring inside and all calls should ensure that
4054 name2 is at least pstring-long (they do already)
4055 ********************************************************************/
4057 static BOOL resolve_wildcards(const char *name1, char *name2)
4059 pstring root1,root2;
4061 char *p,*p2, *pname1, *pname2;
4062 int available_space, actual_space;
4065 pname1 = strrchr_m(name1,'/');
4066 pname2 = strrchr_m(name2,'/');
4068 if (!pname1 || !pname2)
4071 pstrcpy(root1,pname1);
4072 pstrcpy(root2,pname2);
4073 p = strrchr_m(root1,'.');
4080 p = strrchr_m(root2,'.');
4094 } else if (*p2 == '*') {
4110 } else if (*p2 == '*') {
4120 available_space = sizeof(pstring) - PTR_DIFF(pname2, name2);
4123 actual_space = snprintf(pname2, available_space - 1, "%s.%s", root2, ext2);
4124 if (actual_space >= available_space - 1) {
4125 DEBUG(1,("resolve_wildcards: can't fit resolved name into specified buffer (overrun by %d bytes)\n",
4126 actual_space - available_space));
4129 pstrcpy_base(pname2, root2, name2);
4135 /****************************************************************************
4136 Ensure open files have their names updated. Updated to notify other smbd's
4138 ****************************************************************************/
4140 static void rename_open_files(connection_struct *conn, struct share_mode_lock *lck,
4141 SMB_DEV_T dev, SMB_INO_T inode, const char *newname)
4144 BOOL did_rename = False;
4146 for(fsp = file_find_di_first(dev, inode); fsp; fsp = file_find_di_next(fsp)) {
4147 /* fsp_name is a relative path under the fsp. To change this for other
4148 sharepaths we need to manipulate relative paths. */
4149 /* TODO - create the absolute path and manipulate the newname
4150 relative to the sharepath. */
4151 if (fsp->conn != conn) {
4154 DEBUG(10,("rename_open_files: renaming file fnum %d (dev = %x, inode = %.0f) from %s -> %s\n",
4155 fsp->fnum, (unsigned int)fsp->dev, (double)fsp->inode,
4156 fsp->fsp_name, newname ));
4157 string_set(&fsp->fsp_name, newname);
4162 DEBUG(10,("rename_open_files: no open files on dev %x, inode %.0f for %s\n",
4163 (unsigned int)dev, (double)inode, newname ));
4166 /* Send messages to all smbd's (not ourself) that the name has changed. */
4167 rename_share_filename(lck, conn->connectpath, newname);
4170 /****************************************************************************
4171 We need to check if the source path is a parent directory of the destination
4172 (ie. a rename of /foo/bar/baz -> /foo/bar/baz/bibble/bobble. If so we must
4173 refuse the rename with a sharing violation. Under UNIX the above call can
4174 *succeed* if /foo/bar/baz is a symlink to another area in the share. We
4175 probably need to check that the client is a Windows one before disallowing
4176 this as a UNIX client (one with UNIX extensions) can know the source is a
4177 symlink and make this decision intelligently. Found by an excellent bug
4178 report from <AndyLiebman@aol.com>.
4179 ****************************************************************************/
4181 static BOOL rename_path_prefix_equal(const char *src, const char *dest)
4183 const char *psrc = src;
4184 const char *pdst = dest;
4187 if (psrc[0] == '.' && psrc[1] == '/') {
4190 if (pdst[0] == '.' && pdst[1] == '/') {
4193 if ((slen = strlen(psrc)) > strlen(pdst)) {
4196 return ((memcmp(psrc, pdst, slen) == 0) && pdst[slen] == '/');
4199 /****************************************************************************
4200 Rename an open file - given an fsp.
4201 ****************************************************************************/
4203 NTSTATUS rename_internals_fsp(connection_struct *conn, files_struct *fsp, char *newname, uint32 attrs, BOOL replace_if_exists)
4205 SMB_STRUCT_STAT sbuf;
4206 BOOL bad_path = False;
4207 pstring newname_last_component;
4208 NTSTATUS error = NT_STATUS_OK;
4211 struct share_mode_lock *lck = NULL;
4214 rcdest = unix_convert(newname,conn,newname_last_component,&bad_path,&sbuf);
4216 /* Quick check for "." and ".." */
4217 if (!bad_path && newname_last_component[0] == '.') {
4218 if (!newname_last_component[1] || (newname_last_component[1] == '.' && !newname_last_component[2])) {
4219 return NT_STATUS_ACCESS_DENIED;
4222 if (!rcdest && bad_path) {
4223 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4226 /* Ensure newname contains a '/' */
4227 if(strrchr_m(newname,'/') == 0) {
4230 pstrcpy(tmpstr, "./");
4231 pstrcat(tmpstr, newname);
4232 pstrcpy(newname, tmpstr);
4236 * Check for special case with case preserving and not
4237 * case sensitive. If the old last component differs from the original
4238 * last component only by case, then we should allow
4239 * the rename (user is trying to change the case of the
4243 if((conn->case_sensitive == False) && (conn->case_preserve == True) &&
4244 strequal(newname, fsp->fsp_name)) {
4246 pstring newname_modified_last_component;
4249 * Get the last component of the modified name.
4250 * Note that we guarantee that newname contains a '/'
4253 p = strrchr_m(newname,'/');
4254 pstrcpy(newname_modified_last_component,p+1);
4256 if(strcsequal(newname_modified_last_component,
4257 newname_last_component) == False) {
4259 * Replace the modified last component with
4262 pstrcpy(p+1, newname_last_component);
4267 * If the src and dest names are identical - including case,
4268 * don't do the rename, just return success.
4271 if (strcsequal(fsp->fsp_name, newname)) {
4272 DEBUG(3,("rename_internals_fsp: identical names in rename %s - returning success\n",
4274 return NT_STATUS_OK;
4277 dest_exists = vfs_object_exist(conn,newname,NULL);
4279 if(!replace_if_exists && dest_exists) {
4280 DEBUG(3,("rename_internals_fsp: dest exists doing rename %s -> %s\n",
4281 fsp->fsp_name,newname));
4282 return NT_STATUS_OBJECT_NAME_COLLISION;
4285 error = can_rename(conn,newname,attrs,&sbuf);
4287 if (dest_exists && !NT_STATUS_IS_OK(error)) {
4288 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4289 nt_errstr(error), fsp->fsp_name,newname));
4290 if (NT_STATUS_EQUAL(error,NT_STATUS_SHARING_VIOLATION))
4291 error = NT_STATUS_ACCESS_DENIED;
4295 if (rename_path_prefix_equal(fsp->fsp_name, newname)) {
4296 return NT_STATUS_ACCESS_DENIED;
4299 lck = get_share_mode_lock(NULL, fsp->dev, fsp->inode, NULL, NULL);
4301 if(SMB_VFS_RENAME(conn,fsp->fsp_name, newname) == 0) {
4302 DEBUG(3,("rename_internals_fsp: succeeded doing rename on %s -> %s\n",
4303 fsp->fsp_name,newname));
4304 rename_open_files(conn, lck, fsp->dev, fsp->inode, newname);
4306 return NT_STATUS_OK;
4311 if (errno == ENOTDIR || errno == EISDIR) {
4312 error = NT_STATUS_OBJECT_NAME_COLLISION;
4314 error = map_nt_error_from_unix(errno);
4317 DEBUG(3,("rename_internals_fsp: Error %s rename %s -> %s\n",
4318 nt_errstr(error), fsp->fsp_name,newname));
4323 /****************************************************************************
4324 The guts of the rename command, split out so it may be called by the NT SMB
4326 ****************************************************************************/
4328 NTSTATUS rename_internals(connection_struct *conn, char *name, char *newname, uint32 attrs, BOOL replace_if_exists, BOOL has_wild)
4332 pstring last_component_src;
4333 pstring last_component_dest;
4335 BOOL bad_path_src = False;
4336 BOOL bad_path_dest = False;
4338 NTSTATUS error = NT_STATUS_OK;
4341 SMB_STRUCT_STAT sbuf1, sbuf2;
4342 struct share_mode_lock *lck = NULL;
4344 *directory = *mask = 0;
4349 rc = unix_convert(name,conn,last_component_src,&bad_path_src,&sbuf1);
4350 if (!rc && bad_path_src) {
4351 if (ms_has_wild(last_component_src))
4352 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4353 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4356 /* Quick check for "." and ".." */
4357 if (last_component_src[0] == '.') {
4358 if (!last_component_src[1] || (last_component_src[1] == '.' && !last_component_src[2])) {
4359 return NT_STATUS_OBJECT_NAME_INVALID;
4363 rcdest = unix_convert(newname,conn,last_component_dest,&bad_path_dest,&sbuf2);
4365 /* Quick check for "." and ".." */
4366 if (last_component_dest[0] == '.') {
4367 if (!last_component_dest[1] || (last_component_dest[1] == '.' && !last_component_dest[2])) {
4368 return NT_STATUS_OBJECT_NAME_INVALID;
4373 * Split the old name into directory and last component
4374 * strings. Note that unix_convert may have stripped off a
4375 * leading ./ from both name and newname if the rename is
4376 * at the root of the share. We need to make sure either both
4377 * name and newname contain a / character or neither of them do
4378 * as this is checked in resolve_wildcards().
4381 p = strrchr_m(name,'/');
4383 pstrcpy(directory,".");
4387 pstrcpy(directory,name);
4389 *p = '/'; /* Replace needed for exceptional test below. */
4393 * We should only check the mangled cache
4394 * here if unix_convert failed. This means
4395 * that the path in 'mask' doesn't exist
4396 * on the file system and so we need to look
4397 * for a possible mangle. This patch from
4398 * Tine Smukavec <valentin.smukavec@hermes.si>.
4401 if (!rc && mangle_is_mangled(mask, conn->params))
4402 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4406 * No wildcards - just process the one file.
4408 BOOL is_short_name = mangle_is_8_3(name, True, conn->params);
4410 /* Add a terminating '/' to the directory name. */
4411 pstrcat(directory,"/");
4412 pstrcat(directory,mask);
4414 /* Ensure newname contains a '/' also */
4415 if(strrchr_m(newname,'/') == 0) {
4418 pstrcpy(tmpstr, "./");
4419 pstrcat(tmpstr, newname);
4420 pstrcpy(newname, tmpstr);
4423 DEBUG(3,("rename_internals: case_sensitive = %d, case_preserve = %d, short case preserve = %d, \
4424 directory = %s, newname = %s, last_component_dest = %s, is_8_3 = %d\n",
4425 conn->case_sensitive, conn->case_preserve, conn->short_case_preserve, directory,
4426 newname, last_component_dest, is_short_name));
4429 * Check for special case with case preserving and not
4430 * case sensitive, if directory and newname are identical,
4431 * and the old last component differs from the original
4432 * last component only by case, then we should allow
4433 * the rename (user is trying to change the case of the
4436 if((conn->case_sensitive == False) &&
4437 (((conn->case_preserve == True) &&
4438 (is_short_name == False)) ||
4439 ((conn->short_case_preserve == True) &&
4440 (is_short_name == True))) &&
4441 strcsequal(directory, newname)) {
4442 pstring modified_last_component;
4445 * Get the last component of the modified name.
4446 * Note that we guarantee that newname contains a '/'
4449 p = strrchr_m(newname,'/');
4450 pstrcpy(modified_last_component,p+1);
4452 if(strcsequal(modified_last_component,
4453 last_component_dest) == False) {
4455 * Replace the modified last component with
4458 pstrcpy(p+1, last_component_dest);
4462 resolve_wildcards(directory,newname);
4465 * The source object must exist.
4468 if (!vfs_object_exist(conn, directory, &sbuf1)) {
4469 DEBUG(3,("rename_internals: source doesn't exist doing rename %s -> %s\n",
4470 directory,newname));
4472 if (errno == ENOTDIR || errno == EISDIR || errno == ENOENT) {
4474 * Must return different errors depending on whether the parent
4475 * directory existed or not.
4478 p = strrchr_m(directory, '/');
4480 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4482 if (vfs_object_exist(conn, directory, NULL))
4483 return NT_STATUS_OBJECT_NAME_NOT_FOUND;
4484 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4486 error = map_nt_error_from_unix(errno);
4487 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4488 nt_errstr(error), directory,newname));
4493 if (!rcdest && bad_path_dest) {
4494 if (ms_has_wild(last_component_dest))
4495 return NT_STATUS_OBJECT_NAME_INVALID;
4496 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4499 error = can_rename(conn,directory,attrs,&sbuf1);
4501 if (!NT_STATUS_IS_OK(error)) {
4502 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4503 nt_errstr(error), directory,newname));
4508 * If the src and dest names are identical - including case,
4509 * don't do the rename, just return success.
4512 if (strcsequal(directory, newname)) {
4513 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4514 DEBUG(3,("rename_internals: identical names in rename %s - returning success\n", directory));
4515 return NT_STATUS_OK;
4518 if(!replace_if_exists && vfs_object_exist(conn,newname,NULL)) {
4519 DEBUG(3,("rename_internals: dest exists doing rename %s -> %s\n",
4520 directory,newname));
4521 return NT_STATUS_OBJECT_NAME_COLLISION;
4524 if (rename_path_prefix_equal(directory, newname)) {
4525 return NT_STATUS_SHARING_VIOLATION;
4528 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4530 if(SMB_VFS_RENAME(conn,directory, newname) == 0) {
4531 DEBUG(3,("rename_internals: succeeded doing rename on %s -> %s\n",
4532 directory,newname));
4533 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4535 return NT_STATUS_OK;
4539 if (errno == ENOTDIR || errno == EISDIR)
4540 error = NT_STATUS_OBJECT_NAME_COLLISION;
4542 error = map_nt_error_from_unix(errno);
4544 DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
4545 nt_errstr(error), directory,newname));
4550 * Wildcards - process each file that matches.
4552 struct smb_Dir *dir_hnd = NULL;
4556 if (strequal(mask,"????????.???"))
4559 if (check_name(directory,conn))
4560 dir_hnd = OpenDir(conn, directory, mask, attrs);
4564 error = NT_STATUS_NO_SUCH_FILE;
4565 /* Was error = NT_STATUS_OBJECT_NAME_NOT_FOUND; - gentest fix. JRA */
4567 while ((dname = ReadDirName(dir_hnd, &offset))) {
4569 BOOL sysdir_entry = False;
4571 pstrcpy(fname,dname);
4573 /* Quick check for "." and ".." */
4574 if (fname[0] == '.') {
4575 if (!fname[1] || (fname[1] == '.' && !fname[2])) {
4577 sysdir_entry = True;
4584 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4587 if(!mask_match(fname, mask, conn->case_sensitive))
4591 error = NT_STATUS_OBJECT_NAME_INVALID;
4595 error = NT_STATUS_ACCESS_DENIED;
4596 slprintf(fname,sizeof(fname)-1,"%s/%s",directory,dname);
4597 if (!vfs_object_exist(conn, fname, &sbuf1)) {
4598 error = NT_STATUS_OBJECT_NAME_NOT_FOUND;
4599 DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error)));
4602 error = can_rename(conn,fname,attrs,&sbuf1);
4603 if (!NT_STATUS_IS_OK(error)) {
4604 DEBUG(6,("rename %s refused\n", fname));
4607 pstrcpy(destname,newname);
4609 if (!resolve_wildcards(fname,destname)) {
4610 DEBUG(6,("resolve_wildcards %s %s failed\n",
4615 if (strcsequal(fname,destname)) {
4616 rename_open_files(conn, NULL, sbuf1.st_dev, sbuf1.st_ino, newname);
4617 DEBUG(3,("rename_internals: identical names in wildcard rename %s - success\n", fname));
4619 error = NT_STATUS_OK;
4623 if (!replace_if_exists &&
4624 vfs_file_exist(conn,destname, NULL)) {
4625 DEBUG(6,("file_exist %s\n", destname));
4626 error = NT_STATUS_OBJECT_NAME_COLLISION;
4630 if (rename_path_prefix_equal(fname, destname)) {
4631 return NT_STATUS_SHARING_VIOLATION;
4634 lck = get_share_mode_lock(NULL, sbuf1.st_dev, sbuf1.st_ino, NULL, NULL);
4636 if (!SMB_VFS_RENAME(conn,fname,destname)) {
4637 rename_open_files(conn, lck, sbuf1.st_dev, sbuf1.st_ino, newname);
4639 error = NT_STATUS_OK;
4642 DEBUG(3,("rename_internals: doing rename on %s -> %s\n",fname,destname));
4647 if (!NT_STATUS_EQUAL(error,NT_STATUS_NO_SUCH_FILE)) {
4648 if (!rcdest && bad_path_dest) {
4649 if (ms_has_wild(last_component_dest))
4650 return NT_STATUS_OBJECT_NAME_INVALID;
4651 return NT_STATUS_OBJECT_PATH_NOT_FOUND;
4656 if (count == 0 && NT_STATUS_IS_OK(error)) {
4657 error = map_nt_error_from_unix(errno);
4663 /****************************************************************************
4665 ****************************************************************************/
4667 int reply_mv(connection_struct *conn, char *inbuf,char *outbuf, int dum_size,
4674 uint32 attrs = SVAL(inbuf,smb_vwv0);
4676 BOOL path_contains_wcard = False;
4678 START_PROFILE(SMBmv);
4680 p = smb_buf(inbuf) + 1;
4681 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard);
4682 if (!NT_STATUS_IS_OK(status)) {
4684 return ERROR_NT(status);
4687 p += srvstr_get_path(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status);
4688 if (!NT_STATUS_IS_OK(status)) {
4690 return ERROR_NT(status);
4693 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4694 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4696 DEBUG(3,("reply_mv : %s -> %s\n",name,newname));
4698 status = rename_internals(conn, name, newname, attrs, False, path_contains_wcard);
4699 if (!NT_STATUS_IS_OK(status)) {
4701 if (open_was_deferred(SVAL(inbuf,smb_mid))) {
4702 /* We have re-scheduled this call. */
4705 return ERROR_NT(status);
4709 * Win2k needs a changenotify request response before it will
4710 * update after a rename..
4712 process_pending_change_notify_queue((time_t)0);
4713 outsize = set_message(outbuf,0,0,False);
4719 /*******************************************************************
4720 Copy a file as part of a reply_copy.
4721 ******************************************************************/
4723 BOOL copy_file(char *src,char *dest1,connection_struct *conn, int ofun,
4724 int count,BOOL target_is_directory, int *err_ret)
4726 SMB_STRUCT_STAT src_sbuf, sbuf2;
4728 files_struct *fsp1,*fsp2;
4731 uint32 new_create_disposition;
4736 pstrcpy(dest,dest1);
4737 if (target_is_directory) {
4738 char *p = strrchr_m(src,'/');
4748 if (!vfs_file_exist(conn,src,&src_sbuf)) {
4752 if (!target_is_directory && count) {
4753 new_create_disposition = FILE_OPEN;
4755 if (!map_open_params_to_ntcreate(dest1,0,ofun,
4756 NULL, NULL, &new_create_disposition, NULL)) {
4761 status = open_file_ntcreate(conn,src,&src_sbuf,
4763 FILE_SHARE_READ|FILE_SHARE_WRITE,
4766 FILE_ATTRIBUTE_NORMAL,
4770 if (!NT_STATUS_IS_OK(status)) {
4774 dosattrs = dos_mode(conn, src, &src_sbuf);
4775 if (SMB_VFS_STAT(conn,dest,&sbuf2) == -1) {
4776 ZERO_STRUCTP(&sbuf2);
4779 status = open_file_ntcreate(conn,dest,&sbuf2,
4781 FILE_SHARE_READ|FILE_SHARE_WRITE,
4782 new_create_disposition,
4788 if (!NT_STATUS_IS_OK(status)) {
4789 close_file(fsp1,ERROR_CLOSE);
4793 if ((ofun&3) == 1) {
4794 if(SMB_VFS_LSEEK(fsp2,fsp2->fh->fd,0,SEEK_END) == -1) {
4795 DEBUG(0,("copy_file: error - vfs lseek returned error %s\n", strerror(errno) ));
4797 * Stop the copy from occurring.
4800 src_sbuf.st_size = 0;
4804 if (src_sbuf.st_size) {
4805 ret = vfs_transfer_file(fsp1, fsp2, src_sbuf.st_size);
4808 close_file(fsp1,NORMAL_CLOSE);
4810 /* Ensure the modtime is set correctly on the destination file. */
4811 fsp_set_pending_modtime( fsp2, src_sbuf.st_mtime);
4814 * As we are opening fsp1 read-only we only expect
4815 * an error on close on fsp2 if we are out of space.
4816 * Thus we don't look at the error return from the
4819 *err_ret = close_file(fsp2,NORMAL_CLOSE);
4821 return(ret == (SMB_OFF_T)src_sbuf.st_size);
4824 /****************************************************************************
4825 Reply to a file copy.
4826 ****************************************************************************/
4828 int reply_copy(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
4833 pstring mask,newname;
4836 int error = ERRnoaccess;
4840 int tid2 = SVAL(inbuf,smb_vwv0);
4841 int ofun = SVAL(inbuf,smb_vwv1);
4842 int flags = SVAL(inbuf,smb_vwv2);
4843 BOOL target_is_directory=False;
4844 BOOL bad_path1 = False;
4845 BOOL bad_path2 = False;
4846 BOOL path_contains_wcard1 = False;
4847 BOOL path_contains_wcard2 = False;
4849 SMB_STRUCT_STAT sbuf1, sbuf2;
4851 START_PROFILE(SMBcopy);
4853 *directory = *mask = 0;
4856 p += srvstr_get_path_wcard(inbuf, name, p, sizeof(name), 0, STR_TERMINATE, &status, &path_contains_wcard1);
4857 if (!NT_STATUS_IS_OK(status)) {
4858 END_PROFILE(SMBcopy);
4859 return ERROR_NT(status);
4861 p += srvstr_get_path_wcard(inbuf, newname, p, sizeof(newname), 0, STR_TERMINATE, &status, &path_contains_wcard2);
4862 if (!NT_STATUS_IS_OK(status)) {
4863 END_PROFILE(SMBcopy);
4864 return ERROR_NT(status);
4867 DEBUG(3,("reply_copy : %s -> %s\n",name,newname));
4869 if (tid2 != conn->cnum) {
4870 /* can't currently handle inter share copies XXXX */
4871 DEBUG(3,("Rejecting inter-share copy\n"));
4872 END_PROFILE(SMBcopy);
4873 return ERROR_DOS(ERRSRV,ERRinvdevice);
4876 RESOLVE_DFSPATH_WCARD(name, conn, inbuf, outbuf);
4877 RESOLVE_DFSPATH_WCARD(newname, conn, inbuf, outbuf);
4879 rc = unix_convert(name,conn,0,&bad_path1,&sbuf1);
4880 unix_convert(newname,conn,0,&bad_path2,&sbuf2);
4882 target_is_directory = VALID_STAT_OF_DIR(sbuf2);
4884 if ((flags&1) && target_is_directory) {
4885 END_PROFILE(SMBcopy);
4886 return ERROR_DOS(ERRDOS,ERRbadfile);
4889 if ((flags&2) && !target_is_directory) {
4890 END_PROFILE(SMBcopy);
4891 return ERROR_DOS(ERRDOS,ERRbadpath);
4894 if ((flags&(1<<5)) && VALID_STAT_OF_DIR(sbuf1)) {
4895 /* wants a tree copy! XXXX */
4896 DEBUG(3,("Rejecting tree copy\n"));
4897 END_PROFILE(SMBcopy);
4898 return ERROR_DOS(ERRSRV,ERRerror);
4901 p = strrchr_m(name,'/');
4903 pstrcpy(directory,"./");
4907 pstrcpy(directory,name);
4912 * We should only check the mangled cache
4913 * here if unix_convert failed. This means
4914 * that the path in 'mask' doesn't exist
4915 * on the file system and so we need to look
4916 * for a possible mangle. This patch from
4917 * Tine Smukavec <valentin.smukavec@hermes.si>.
4920 if (!rc && mangle_is_mangled(mask, conn->params))
4921 mangle_check_cache( mask, sizeof(pstring)-1, conn->params );
4923 has_wild = path_contains_wcard1;
4926 pstrcat(directory,"/");
4927 pstrcat(directory,mask);
4928 if (resolve_wildcards(directory,newname) &&
4929 copy_file(directory,newname,conn,ofun, count,target_is_directory,&err))
4933 END_PROFILE(SMBcopy);
4934 return(UNIXERROR(ERRHRD,ERRgeneral));
4937 exists = vfs_file_exist(conn,directory,NULL);
4940 struct smb_Dir *dir_hnd = NULL;
4944 if (strequal(mask,"????????.???"))
4947 if (check_name(directory,conn))
4948 dir_hnd = OpenDir(conn, directory, mask, 0);
4954 while ((dname = ReadDirName(dir_hnd, &offset))) {
4956 pstrcpy(fname,dname);
4958 if (!is_visible_file(conn, directory, dname, &sbuf1, False))
4961 if(!mask_match(fname, mask, conn->case_sensitive))
4964 error = ERRnoaccess;
4965 slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
4966 pstrcpy(destname,newname);
4967 if (resolve_wildcards(fname,destname) &&
4968 copy_file(fname,destname,conn,ofun,
4969 count,target_is_directory,&err))
4971 DEBUG(3,("reply_copy : doing copy on %s -> %s\n",fname,destname));
4979 /* Error on close... */
4981 END_PROFILE(SMBcopy);
4982 return(UNIXERROR(ERRHRD,ERRgeneral));
4986 END_PROFILE(SMBcopy);
4987 return ERROR_DOS(ERRDOS,error);
4989 if((errno == ENOENT) && (bad_path1 || bad_path2) &&
4991 /* Samba 3.0.22 has ERRDOS/ERRbadpath in the
4992 * DOS error code case
4994 return ERROR_DOS(ERRDOS, ERRbadpath);
4996 END_PROFILE(SMBcopy);
4997 return(UNIXERROR(ERRDOS,error));
5001 outsize = set_message(outbuf,1,0,True);
5002 SSVAL(outbuf,smb_vwv0,count);
5004 END_PROFILE(SMBcopy);
5008 /****************************************************************************
5010 ****************************************************************************/
5012 int reply_setdir(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5020 START_PROFILE(pathworks_setdir);
5023 if (!CAN_SETDIR(snum)) {
5024 END_PROFILE(pathworks_setdir);
5025 return ERROR_DOS(ERRDOS,ERRnoaccess);
5028 srvstr_get_path(inbuf, newdir, smb_buf(inbuf) + 1, sizeof(newdir), 0, STR_TERMINATE, &status);
5029 if (!NT_STATUS_IS_OK(status)) {
5030 END_PROFILE(pathworks_setdir);
5031 return ERROR_NT(status);
5034 RESOLVE_DFSPATH(newdir, conn, inbuf, outbuf);
5036 if (strlen(newdir) == 0) {
5039 ok = vfs_directory_exist(conn,newdir,NULL);
5041 set_conn_connectpath(conn,newdir);
5045 END_PROFILE(pathworks_setdir);
5046 return ERROR_DOS(ERRDOS,ERRbadpath);
5049 outsize = set_message(outbuf,0,0,False);
5050 SCVAL(outbuf,smb_reh,CVAL(inbuf,smb_reh));
5052 DEBUG(3,("setdir %s\n", newdir));
5054 END_PROFILE(pathworks_setdir);
5059 #define DBGC_CLASS DBGC_LOCKING
5061 /****************************************************************************
5062 Get a lock pid, dealing with large count requests.
5063 ****************************************************************************/
5065 uint32 get_lock_pid( char *data, int data_offset, BOOL large_file_format)
5067 if(!large_file_format)
5068 return (uint32)SVAL(data,SMB_LPID_OFFSET(data_offset));
5070 return (uint32)SVAL(data,SMB_LARGE_LPID_OFFSET(data_offset));
5073 /****************************************************************************
5074 Get a lock count, dealing with large count requests.
5075 ****************************************************************************/
5077 SMB_BIG_UINT get_lock_count( char *data, int data_offset, BOOL large_file_format)
5079 SMB_BIG_UINT count = 0;
5081 if(!large_file_format) {
5082 count = (SMB_BIG_UINT)IVAL(data,SMB_LKLEN_OFFSET(data_offset));
5085 #if defined(HAVE_LONGLONG)
5086 count = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset))) << 32) |
5087 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)));
5088 #else /* HAVE_LONGLONG */
5091 * NT4.x seems to be broken in that it sends large file (64 bit)
5092 * lockingX calls even if the CAP_LARGE_FILES was *not*
5093 * negotiated. For boxes without large unsigned ints truncate the
5094 * lock count by dropping the top 32 bits.
5097 if(IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)) != 0) {
5098 DEBUG(3,("get_lock_count: truncating lock count (high)0x%x (low)0x%x to just low count.\n",
5099 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset)),
5100 (unsigned int)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset)) ));
5101 SIVAL(data,SMB_LARGE_LKLEN_OFFSET_HIGH(data_offset),0);
5104 count = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKLEN_OFFSET_LOW(data_offset));
5105 #endif /* HAVE_LONGLONG */
5111 #if !defined(HAVE_LONGLONG)
5112 /****************************************************************************
5113 Pathetically try and map a 64 bit lock offset into 31 bits. I hate Windows :-).
5114 ****************************************************************************/
5116 static uint32 map_lock_offset(uint32 high, uint32 low)
5120 uint32 highcopy = high;
5123 * Try and find out how many significant bits there are in high.
5126 for(i = 0; highcopy; i++)
5130 * We use 31 bits not 32 here as POSIX
5131 * lock offsets may not be negative.
5134 mask = (~0) << (31 - i);
5137 return 0; /* Fail. */
5143 #endif /* !defined(HAVE_LONGLONG) */
5145 /****************************************************************************
5146 Get a lock offset, dealing with large offset requests.
5147 ****************************************************************************/
5149 SMB_BIG_UINT get_lock_offset( char *data, int data_offset, BOOL large_file_format, BOOL *err)
5151 SMB_BIG_UINT offset = 0;
5155 if(!large_file_format) {
5156 offset = (SMB_BIG_UINT)IVAL(data,SMB_LKOFF_OFFSET(data_offset));
5159 #if defined(HAVE_LONGLONG)
5160 offset = (((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset))) << 32) |
5161 ((SMB_BIG_UINT) IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset)));
5162 #else /* HAVE_LONGLONG */
5165 * NT4.x seems to be broken in that it sends large file (64 bit)
5166 * lockingX calls even if the CAP_LARGE_FILES was *not*
5167 * negotiated. For boxes without large unsigned ints mangle the
5168 * lock offset by mapping the top 32 bits onto the lower 32.
5171 if(IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset)) != 0) {
5172 uint32 low = IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5173 uint32 high = IVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset));
5176 if((new_low = map_lock_offset(high, low)) == 0) {
5178 return (SMB_BIG_UINT)-1;
5181 DEBUG(3,("get_lock_offset: truncating lock offset (high)0x%x (low)0x%x to offset 0x%x.\n",
5182 (unsigned int)high, (unsigned int)low, (unsigned int)new_low ));
5183 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_HIGH(data_offset),0);
5184 SIVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset),new_low);
5187 offset = (SMB_BIG_UINT)IVAL(data,SMB_LARGE_LKOFF_OFFSET_LOW(data_offset));
5188 #endif /* HAVE_LONGLONG */
5194 /****************************************************************************
5195 Reply to a lockingX request.
5196 ****************************************************************************/
5198 int reply_lockingX(connection_struct *conn, char *inbuf, char *outbuf,
5199 int length, int bufsize)
5201 files_struct *fsp = file_fsp(inbuf,smb_vwv2);
5202 unsigned char locktype = CVAL(inbuf,smb_vwv3);
5203 unsigned char oplocklevel = CVAL(inbuf,smb_vwv3+1);
5204 uint16 num_ulocks = SVAL(inbuf,smb_vwv6);
5205 uint16 num_locks = SVAL(inbuf,smb_vwv7);
5206 SMB_BIG_UINT count = 0, offset = 0;
5208 int32 lock_timeout = IVAL(inbuf,smb_vwv4);
5211 BOOL large_file_format =
5212 (locktype & LOCKING_ANDX_LARGE_FILES)?True:False;
5214 NTSTATUS status = NT_STATUS_UNSUCCESSFUL;
5216 START_PROFILE(SMBlockingX);
5218 CHECK_FSP(fsp,conn);
5220 data = smb_buf(inbuf);
5222 if (locktype & LOCKING_ANDX_CHANGE_LOCKTYPE) {
5223 /* we don't support these - and CANCEL_LOCK makes w2k
5224 and XP reboot so I don't really want to be
5225 compatible! (tridge) */
5226 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRnoatomiclocks));
5229 /* Check if this is an oplock break on a file
5230 we have granted an oplock on.
5232 if ((locktype & LOCKING_ANDX_OPLOCK_RELEASE)) {
5233 /* Client can insist on breaking to none. */
5234 BOOL break_to_none = (oplocklevel == 0);
5237 DEBUG(5,("reply_lockingX: oplock break reply (%u) from client "
5238 "for fnum = %d\n", (unsigned int)oplocklevel,
5242 * Make sure we have granted an exclusive or batch oplock on
5246 if (fsp->oplock_type == 0) {
5248 /* The Samba4 nbench simulator doesn't understand
5249 the difference between break to level2 and break
5250 to none from level2 - it sends oplock break
5251 replies in both cases. Don't keep logging an error
5252 message here - just ignore it. JRA. */
5254 DEBUG(5,("reply_lockingX: Error : oplock break from "
5255 "client for fnum = %d (oplock=%d) and no "
5256 "oplock granted on this file (%s).\n",
5257 fsp->fnum, fsp->oplock_type, fsp->fsp_name));
5259 /* if this is a pure oplock break request then don't
5261 if (num_locks == 0 && num_ulocks == 0) {
5262 END_PROFILE(SMBlockingX);
5265 END_PROFILE(SMBlockingX);
5266 return ERROR_DOS(ERRDOS,ERRlock);
5270 if ((fsp->sent_oplock_break == BREAK_TO_NONE_SENT) ||
5272 result = remove_oplock(fsp);
5274 result = downgrade_oplock(fsp);
5278 DEBUG(0, ("reply_lockingX: error in removing "
5279 "oplock on file %s\n", fsp->fsp_name));
5280 /* Hmmm. Is this panic justified? */
5281 smb_panic("internal tdb error");
5284 reply_to_oplock_break_requests(fsp);
5286 /* if this is a pure oplock break request then don't send a
5288 if (num_locks == 0 && num_ulocks == 0) {
5289 /* Sanity check - ensure a pure oplock break is not a
5291 if(CVAL(inbuf,smb_vwv0) != 0xff)
5292 DEBUG(0,("reply_lockingX: Error : pure oplock "
5293 "break is a chained %d request !\n",
5294 (unsigned int)CVAL(inbuf,smb_vwv0) ));
5295 END_PROFILE(SMBlockingX);
5301 * We do this check *after* we have checked this is not a oplock break
5302 * response message. JRA.
5305 release_level_2_oplocks_on_change(fsp);
5307 /* Data now points at the beginning of the list
5308 of smb_unlkrng structs */
5309 for(i = 0; i < (int)num_ulocks; i++) {
5310 lock_pid = get_lock_pid( data, i, large_file_format);
5311 count = get_lock_count( data, i, large_file_format);
5312 offset = get_lock_offset( data, i, large_file_format, &err);
5315 * There is no error code marked "stupid client bug".... :-).
5318 END_PROFILE(SMBlockingX);
5319 return ERROR_DOS(ERRDOS,ERRnoaccess);
5322 DEBUG(10,("reply_lockingX: unlock start=%.0f, len=%.0f for "
5323 "pid %u, file %s\n", (double)offset, (double)count,
5324 (unsigned int)lock_pid, fsp->fsp_name ));
5326 status = do_unlock(fsp,
5332 if (NT_STATUS_V(status)) {
5333 END_PROFILE(SMBlockingX);
5334 return ERROR_NT(status);
5338 /* Setup the timeout in seconds. */
5340 if (!lp_blocking_locks(SNUM(conn))) {
5344 /* Now do any requested locks */
5345 data += ((large_file_format ? 20 : 10)*num_ulocks);
5347 /* Data now points at the beginning of the list
5348 of smb_lkrng structs */
5350 for(i = 0; i < (int)num_locks; i++) {
5351 enum brl_type lock_type = ((locktype & LOCKING_ANDX_SHARED_LOCK) ?
5352 READ_LOCK:WRITE_LOCK);
5353 lock_pid = get_lock_pid( data, i, large_file_format);
5354 count = get_lock_count( data, i, large_file_format);
5355 offset = get_lock_offset( data, i, large_file_format, &err);
5358 * There is no error code marked "stupid client bug".... :-).
5361 END_PROFILE(SMBlockingX);
5362 return ERROR_DOS(ERRDOS,ERRnoaccess);
5365 DEBUG(10,("reply_lockingX: lock start=%.0f, len=%.0f for pid "
5366 "%u, file %s timeout = %d\n", (double)offset,
5367 (double)count, (unsigned int)lock_pid,
5368 fsp->fsp_name, (int)lock_timeout ));
5370 if (locktype & LOCKING_ANDX_CANCEL_LOCK) {
5371 if (lp_blocking_locks(SNUM(conn))) {
5373 /* Schedule a message to ourselves to
5374 remove the blocking lock record and
5375 return the right error. */
5377 if (!blocking_lock_cancel(fsp,
5383 NT_STATUS_FILE_LOCK_CONFLICT)) {
5384 END_PROFILE(SMBlockingX);
5385 return ERROR_NT(NT_STATUS_DOS(ERRDOS, ERRcancelviolation));
5388 /* Remove a matching pending lock. */
5389 status = do_lock_cancel(fsp,
5395 BOOL blocking_lock = lock_timeout ? True : False;
5396 BOOL defer_lock = False;
5397 struct byte_range_lock *br_lck;
5399 br_lck = do_lock(fsp,
5408 if (br_lck && blocking_lock && ERROR_WAS_LOCK_DENIED(status)) {
5409 /* Windows internal resolution for blocking locks seems
5410 to be about 200ms... Don't wait for less than that. JRA. */
5411 if (lock_timeout != -1 && lock_timeout < lp_lock_spin_time()) {
5412 lock_timeout = lp_lock_spin_time();
5417 /* This heuristic seems to match W2K3 very well. If a
5418 lock sent with timeout of zero would fail with NT_STATUS_FILE_LOCK_CONFLICT
5419 it pretends we asked for a timeout of between 150 - 300 milliseconds as
5420 far as I can tell. Replacement for do_lock_spin(). JRA. */
5422 if (br_lck && lp_blocking_locks(SNUM(conn)) && !blocking_lock &&
5423 NT_STATUS_EQUAL((status), NT_STATUS_FILE_LOCK_CONFLICT)) {
5425 lock_timeout = lp_lock_spin_time();
5428 if (br_lck && defer_lock) {
5430 * A blocking lock was requested. Package up
5431 * this smb into a queued request and push it
5432 * onto the blocking lock queue.
5434 if(push_blocking_lock_request(br_lck,
5444 TALLOC_FREE(br_lck);
5445 END_PROFILE(SMBlockingX);
5450 TALLOC_FREE(br_lck);
5453 if (NT_STATUS_V(status)) {
5454 END_PROFILE(SMBlockingX);
5455 return ERROR_NT(status);
5459 /* If any of the above locks failed, then we must unlock
5460 all of the previous locks (X/Open spec). */
5462 if (!(locktype & LOCKING_ANDX_CANCEL_LOCK) &&
5466 * Ensure we don't do a remove on the lock that just failed,
5467 * as under POSIX rules, if we have a lock already there, we
5468 * will delete it (and we shouldn't) .....
5470 for(i--; i >= 0; i--) {
5471 lock_pid = get_lock_pid( data, i, large_file_format);
5472 count = get_lock_count( data, i, large_file_format);
5473 offset = get_lock_offset( data, i, large_file_format,
5477 * There is no error code marked "stupid client
5481 END_PROFILE(SMBlockingX);
5482 return ERROR_DOS(ERRDOS,ERRnoaccess);
5491 END_PROFILE(SMBlockingX);
5492 return ERROR_NT(status);
5495 set_message(outbuf,2,0,True);
5497 DEBUG(3, ("lockingX fnum=%d type=%d num_locks=%d num_ulocks=%d\n",
5498 fsp->fnum, (unsigned int)locktype, num_locks, num_ulocks));
5500 END_PROFILE(SMBlockingX);
5501 return chain_reply(inbuf,outbuf,length,bufsize);
5505 #define DBGC_CLASS DBGC_ALL
5507 /****************************************************************************
5508 Reply to a SMBreadbmpx (read block multiplex) request.
5509 ****************************************************************************/
5511 int reply_readbmpx(connection_struct *conn, char *inbuf,char *outbuf,int length,int bufsize)
5522 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5523 START_PROFILE(SMBreadBmpx);
5525 /* this function doesn't seem to work - disable by default */
5526 if (!lp_readbmpx()) {
5527 END_PROFILE(SMBreadBmpx);
5528 return ERROR_DOS(ERRSRV,ERRuseSTD);
5531 outsize = set_message(outbuf,8,0,True);
5533 CHECK_FSP(fsp,conn);
5534 if (!CHECK_READ(fsp,inbuf)) {
5535 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5538 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv1);
5539 maxcount = SVAL(inbuf,smb_vwv3);
5541 data = smb_buf(outbuf);
5542 pad = ((long)data)%4;
5547 max_per_packet = bufsize-(outsize+pad);
5551 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)maxcount,(SMB_BIG_UINT)startpos, READ_LOCK)) {
5552 END_PROFILE(SMBreadBmpx);
5553 return ERROR_DOS(ERRDOS,ERRlock);
5557 size_t N = MIN(max_per_packet,tcount-total_read);
5559 nread = read_file(fsp,data,startpos,N);
5564 if (nread < (ssize_t)N)
5565 tcount = total_read + nread;
5567 set_message(outbuf,8,nread+pad,False);
5568 SIVAL(outbuf,smb_vwv0,startpos);
5569 SSVAL(outbuf,smb_vwv2,tcount);
5570 SSVAL(outbuf,smb_vwv6,nread);
5571 SSVAL(outbuf,smb_vwv7,smb_offset(data,outbuf));
5574 if (!send_smb(smbd_server_fd(),outbuf))
5575 exit_server("reply_readbmpx: send_smb failed.");
5577 total_read += nread;
5579 } while (total_read < (ssize_t)tcount);
5581 END_PROFILE(SMBreadBmpx);
5585 /****************************************************************************
5586 Reply to a SMBsetattrE.
5587 ****************************************************************************/
5589 int reply_setattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5591 struct utimbuf unix_times;
5593 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5594 START_PROFILE(SMBsetattrE);
5596 outsize = set_message(outbuf,0,0,False);
5598 if(!fsp || (fsp->conn != conn)) {
5599 END_PROFILE(SMBsetattrE);
5600 return ERROR_DOS(ERRDOS,ERRbadfid);
5604 * Convert the DOS times into unix times. Ignore create
5605 * time as UNIX can't set this.
5608 unix_times.actime = srv_make_unix_date2(inbuf+smb_vwv3);
5609 unix_times.modtime = srv_make_unix_date2(inbuf+smb_vwv5);
5612 * Patch from Ray Frush <frush@engr.colostate.edu>
5613 * Sometimes times are sent as zero - ignore them.
5616 if (null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5617 /* Ignore request */
5618 if( DEBUGLVL( 3 ) ) {
5619 dbgtext( "reply_setattrE fnum=%d ", fsp->fnum);
5620 dbgtext( "ignoring zero request - not setting timestamps of 0\n" );
5622 END_PROFILE(SMBsetattrE);
5624 } else if (!null_mtime(unix_times.actime) && null_mtime(unix_times.modtime)) {
5625 /* set modify time = to access time if modify time was unset */
5626 unix_times.modtime = unix_times.actime;
5629 /* Set the date on this file */
5630 /* Should we set pending modtime here ? JRA */
5631 if(file_utime(conn, fsp->fsp_name, &unix_times)) {
5632 END_PROFILE(SMBsetattrE);
5633 return ERROR_DOS(ERRDOS,ERRnoaccess);
5636 DEBUG( 3, ( "reply_setattrE fnum=%d actime=%d modtime=%d\n",
5637 fsp->fnum, (int)unix_times.actime, (int)unix_times.modtime ) );
5639 END_PROFILE(SMBsetattrE);
5644 /* Back from the dead for OS/2..... JRA. */
5646 /****************************************************************************
5647 Reply to a SMBwritebmpx (write block multiplex primary) request.
5648 ****************************************************************************/
5650 int reply_writebmpx(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5653 ssize_t nwritten = -1;
5660 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5661 START_PROFILE(SMBwriteBmpx);
5663 CHECK_FSP(fsp,conn);
5664 if (!CHECK_WRITE(fsp)) {
5665 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5667 if (HAS_CACHED_ERROR(fsp)) {
5668 return(CACHED_ERROR(fsp));
5671 tcount = SVAL(inbuf,smb_vwv1);
5672 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv3);
5673 write_through = BITSETW(inbuf+smb_vwv7,0);
5674 numtowrite = SVAL(inbuf,smb_vwv10);
5675 smb_doff = SVAL(inbuf,smb_vwv11);
5677 data = smb_base(inbuf) + smb_doff;
5679 /* If this fails we need to send an SMBwriteC response,
5680 not an SMBwritebmpx - set this up now so we don't forget */
5681 SCVAL(outbuf,smb_com,SMBwritec);
5683 if (is_locked(fsp,(uint32)SVAL(inbuf,smb_pid),(SMB_BIG_UINT)tcount,(SMB_BIG_UINT)startpos,WRITE_LOCK)) {
5684 END_PROFILE(SMBwriteBmpx);
5685 return(ERROR_DOS(ERRDOS,ERRlock));
5688 nwritten = write_file(fsp,data,startpos,numtowrite);
5690 sync_file(conn, fsp, write_through);
5692 if(nwritten < (ssize_t)numtowrite) {
5693 END_PROFILE(SMBwriteBmpx);
5694 return(UNIXERROR(ERRHRD,ERRdiskfull));
5697 /* If the maximum to be written to this file
5698 is greater than what we just wrote then set
5699 up a secondary struct to be attached to this
5700 fd, we will use this to cache error messages etc. */
5702 if((ssize_t)tcount > nwritten) {
5703 write_bmpx_struct *wbms;
5704 if(fsp->wbmpx_ptr != NULL)
5705 wbms = fsp->wbmpx_ptr; /* Use an existing struct */
5707 wbms = SMB_MALLOC_P(write_bmpx_struct);
5709 DEBUG(0,("Out of memory in reply_readmpx\n"));
5710 END_PROFILE(SMBwriteBmpx);
5711 return(ERROR_DOS(ERRSRV,ERRnoresource));
5713 wbms->wr_mode = write_through;
5714 wbms->wr_discard = False; /* No errors yet */
5715 wbms->wr_total_written = nwritten;
5716 wbms->wr_errclass = 0;
5718 fsp->wbmpx_ptr = wbms;
5721 /* We are returning successfully, set the message type back to
5723 SCVAL(outbuf,smb_com,SMBwriteBmpx);
5725 outsize = set_message(outbuf,1,0,True);
5727 SSVALS(outbuf,smb_vwv0,-1); /* We don't support smb_remaining */
5729 DEBUG( 3, ( "writebmpx fnum=%d num=%d wrote=%d\n",
5730 fsp->fnum, (int)numtowrite, (int)nwritten ) );
5732 if (write_through && tcount==nwritten) {
5733 /* We need to send both a primary and a secondary response */
5734 smb_setlen(outbuf,outsize - 4);
5736 if (!send_smb(smbd_server_fd(),outbuf))
5737 exit_server("reply_writebmpx: send_smb failed.");
5739 /* Now the secondary */
5740 outsize = set_message(outbuf,1,0,True);
5741 SCVAL(outbuf,smb_com,SMBwritec);
5742 SSVAL(outbuf,smb_vwv0,nwritten);
5745 END_PROFILE(SMBwriteBmpx);
5749 /****************************************************************************
5750 Reply to a SMBwritebs (write block multiplex secondary) request.
5751 ****************************************************************************/
5753 int reply_writebs(connection_struct *conn, char *inbuf,char *outbuf, int dum_size, int dum_buffsize)
5756 ssize_t nwritten = -1;
5763 write_bmpx_struct *wbms;
5764 BOOL send_response = False;
5765 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5766 START_PROFILE(SMBwriteBs);
5768 CHECK_FSP(fsp,conn);
5769 if (!CHECK_WRITE(fsp)) {
5770 return(ERROR_DOS(ERRDOS,ERRbadaccess));
5773 tcount = SVAL(inbuf,smb_vwv1);
5774 startpos = IVAL_TO_SMB_OFF_T(inbuf,smb_vwv2);
5775 numtowrite = SVAL(inbuf,smb_vwv6);
5776 smb_doff = SVAL(inbuf,smb_vwv7);
5778 data = smb_base(inbuf) + smb_doff;
5780 /* We need to send an SMBwriteC response, not an SMBwritebs */
5781 SCVAL(outbuf,smb_com,SMBwritec);
5783 /* This fd should have an auxiliary struct attached,
5784 check that it does */
5785 wbms = fsp->wbmpx_ptr;
5787 END_PROFILE(SMBwriteBs);
5791 /* If write through is set we can return errors, else we must cache them */
5792 write_through = wbms->wr_mode;
5794 /* Check for an earlier error */
5795 if(wbms->wr_discard) {
5796 END_PROFILE(SMBwriteBs);
5797 return -1; /* Just discard the packet */
5800 nwritten = write_file(fsp,data,startpos,numtowrite);
5802 sync_file(conn, fsp, write_through);
5804 if (nwritten < (ssize_t)numtowrite) {
5806 /* We are returning an error - we can delete the aux struct */
5809 fsp->wbmpx_ptr = NULL;
5810 END_PROFILE(SMBwriteBs);
5811 return(ERROR_DOS(ERRHRD,ERRdiskfull));
5813 wbms->wr_errclass = ERRHRD;
5814 wbms->wr_error = ERRdiskfull;
5815 wbms->wr_status = NT_STATUS_DISK_FULL;
5816 wbms->wr_discard = True;
5817 END_PROFILE(SMBwriteBs);
5821 /* Increment the total written, if this matches tcount
5822 we can discard the auxiliary struct (hurrah !) and return a writeC */
5823 wbms->wr_total_written += nwritten;
5824 if(wbms->wr_total_written >= tcount) {
5825 if (write_through) {
5826 outsize = set_message(outbuf,1,0,True);
5827 SSVAL(outbuf,smb_vwv0,wbms->wr_total_written);
5828 send_response = True;
5832 fsp->wbmpx_ptr = NULL;
5836 END_PROFILE(SMBwriteBs);
5840 END_PROFILE(SMBwriteBs);
5844 /****************************************************************************
5845 Reply to a SMBgetattrE.
5846 ****************************************************************************/
5848 int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int dum_buffsize)
5850 SMB_STRUCT_STAT sbuf;
5853 files_struct *fsp = file_fsp(inbuf,smb_vwv0);
5854 START_PROFILE(SMBgetattrE);
5856 outsize = set_message(outbuf,11,0,True);
5858 if(!fsp || (fsp->conn != conn)) {
5859 END_PROFILE(SMBgetattrE);
5860 return ERROR_DOS(ERRDOS,ERRbadfid);
5863 /* Do an fstat on this file */
5864 if(fsp_stat(fsp, &sbuf)) {
5865 END_PROFILE(SMBgetattrE);
5866 return(UNIXERROR(ERRDOS,ERRnoaccess));
5869 mode = dos_mode(conn,fsp->fsp_name,&sbuf);
5872 * Convert the times into dos times. Set create
5873 * date to be last modify date as UNIX doesn't save
5877 srv_put_dos_date2(outbuf,smb_vwv0,get_create_time(&sbuf,lp_fake_dir_create_times(SNUM(conn))));
5878 srv_put_dos_date2(outbuf,smb_vwv2,sbuf.st_atime);
5879 /* Should we check pending modtime here ? JRA */
5880 srv_put_dos_date2(outbuf,smb_vwv4,sbuf.st_mtime);
5883 SIVAL(outbuf,smb_vwv6,0);
5884 SIVAL(outbuf,smb_vwv8,0);
5886 uint32 allocation_size = get_allocation_size(conn,fsp, &sbuf);
5887 SIVAL(outbuf,smb_vwv6,(uint32)sbuf.st_size);
5888 SIVAL(outbuf,smb_vwv8,allocation_size);
5890 SSVAL(outbuf,smb_vwv10, mode);
5892 DEBUG( 3, ( "reply_getattrE fnum=%d\n", fsp->fnum));
5894 END_PROFILE(SMBgetattrE);
git.samba.org / jpeach / samba.git / blob