2 Unix SMB/CIFS implementation.
5 Copyright (C) Stefan Metzmacher 2009
6 Copyright (C) Jeremy Allison 2010
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
24 #include "smbd/smbd.h"
25 #include "smbd/globals.h"
26 #include "../libcli/smb/smb_common.h"
27 #include "../librpc/gen_ndr/ndr_security.h"
28 #include "../lib/util/tevent_ntstatus.h"
31 int map_smb2_oplock_levels_to_samba(uint8_t in_oplock_level)
33 switch(in_oplock_level) {
34 case SMB2_OPLOCK_LEVEL_NONE:
36 case SMB2_OPLOCK_LEVEL_II:
37 return LEVEL_II_OPLOCK;
38 case SMB2_OPLOCK_LEVEL_EXCLUSIVE:
39 return EXCLUSIVE_OPLOCK;
40 case SMB2_OPLOCK_LEVEL_BATCH:
42 case SMB2_OPLOCK_LEVEL_LEASE:
43 DEBUG(2,("map_smb2_oplock_levels_to_samba: "
44 "LEASE_OPLOCK_REQUESTED\n"));
47 DEBUG(2,("map_smb2_oplock_levels_to_samba: "
49 (unsigned int)in_oplock_level));
54 static uint8_t map_samba_oplock_levels_to_smb2(int oplock_type)
56 if (BATCH_OPLOCK_TYPE(oplock_type)) {
57 return SMB2_OPLOCK_LEVEL_BATCH;
58 } else if (EXCLUSIVE_OPLOCK_TYPE(oplock_type)) {
59 return SMB2_OPLOCK_LEVEL_EXCLUSIVE;
60 } else if (oplock_type == LEVEL_II_OPLOCK) {
61 return SMB2_OPLOCK_LEVEL_II;
63 return SMB2_OPLOCK_LEVEL_NONE;
67 static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
68 struct tevent_context *ev,
69 struct smbd_smb2_request *smb2req,
70 uint8_t in_oplock_level,
71 uint32_t in_impersonation_level,
72 uint32_t in_desired_access,
73 uint32_t in_file_attributes,
74 uint32_t in_share_access,
75 uint32_t in_create_disposition,
76 uint32_t in_create_options,
78 struct smb2_create_blobs in_context_blobs);
79 static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
81 uint8_t *out_oplock_level,
82 uint32_t *out_create_action,
83 NTTIME *out_creation_time,
84 NTTIME *out_last_access_time,
85 NTTIME *out_last_write_time,
86 NTTIME *out_change_time,
87 uint64_t *out_allocation_size,
88 uint64_t *out_end_of_file,
89 uint32_t *out_file_attributes,
90 uint64_t *out_file_id_persistent,
91 uint64_t *out_file_id_volatile,
92 struct smb2_create_blobs *out_context_blobs);
94 static void smbd_smb2_request_create_done(struct tevent_req *tsubreq);
95 NTSTATUS smbd_smb2_request_process_create(struct smbd_smb2_request *smb2req)
97 const uint8_t *inbody;
98 const struct iovec *indyniov;
99 uint8_t in_oplock_level;
100 uint32_t in_impersonation_level;
101 uint32_t in_desired_access;
102 uint32_t in_file_attributes;
103 uint32_t in_share_access;
104 uint32_t in_create_disposition;
105 uint32_t in_create_options;
106 uint16_t in_name_offset;
107 uint16_t in_name_length;
108 DATA_BLOB in_name_buffer;
109 char *in_name_string;
110 size_t in_name_string_size;
111 uint32_t name_offset = 0;
112 uint32_t name_available_length = 0;
113 uint32_t in_context_offset;
114 uint32_t in_context_length;
115 DATA_BLOB in_context_buffer;
116 struct smb2_create_blobs in_context_blobs;
117 uint32_t context_offset = 0;
118 uint32_t context_available_length = 0;
122 struct tevent_req *tsubreq;
124 status = smbd_smb2_request_verify_sizes(smb2req, 0x39);
125 if (!NT_STATUS_IS_OK(status)) {
126 return smbd_smb2_request_error(smb2req, status);
128 inbody = SMBD_SMB2_IN_BODY_PTR(smb2req);
130 in_oplock_level = CVAL(inbody, 0x03);
131 in_impersonation_level = IVAL(inbody, 0x04);
132 in_desired_access = IVAL(inbody, 0x18);
133 in_file_attributes = IVAL(inbody, 0x1C);
134 in_share_access = IVAL(inbody, 0x20);
135 in_create_disposition = IVAL(inbody, 0x24);
136 in_create_options = IVAL(inbody, 0x28);
137 in_name_offset = SVAL(inbody, 0x2C);
138 in_name_length = SVAL(inbody, 0x2E);
139 in_context_offset = IVAL(inbody, 0x30);
140 in_context_length = IVAL(inbody, 0x34);
143 * First check if the dynamic name and context buffers
144 * are correctly specified.
146 * Note: That we don't check if the name and context buffers
150 dyn_offset = SMB2_HDR_BODY + SMBD_SMB2_IN_BODY_LEN(smb2req);
152 if (in_name_offset == 0 && in_name_length == 0) {
155 } else if (in_name_offset < dyn_offset) {
156 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
158 name_offset = in_name_offset - dyn_offset;
161 indyniov = SMBD_SMB2_IN_DYN_IOV(smb2req);
163 if (name_offset > indyniov->iov_len) {
164 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
167 name_available_length = indyniov->iov_len - name_offset;
169 if (in_name_length > name_available_length) {
170 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
173 in_name_buffer.data = (uint8_t *)indyniov->iov_base + name_offset;
174 in_name_buffer.length = in_name_length;
176 if (in_context_offset == 0 && in_context_length == 0) {
179 } else if (in_context_offset < dyn_offset) {
180 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
182 context_offset = in_context_offset - dyn_offset;
185 if (context_offset > indyniov->iov_len) {
186 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
189 context_available_length = indyniov->iov_len - context_offset;
191 if (in_context_length > context_available_length) {
192 return smbd_smb2_request_error(smb2req, NT_STATUS_INVALID_PARAMETER);
195 in_context_buffer.data = (uint8_t *)indyniov->iov_base +
197 in_context_buffer.length = in_context_length;
200 * Now interpret the name and context buffers
203 ok = convert_string_talloc(smb2req, CH_UTF16, CH_UNIX,
205 in_name_buffer.length,
207 &in_name_string_size);
209 return smbd_smb2_request_error(smb2req, NT_STATUS_ILLEGAL_CHARACTER);
212 if (in_name_buffer.length == 0) {
213 in_name_string_size = 0;
216 if (strlen(in_name_string) != in_name_string_size) {
217 return smbd_smb2_request_error(smb2req, NT_STATUS_OBJECT_NAME_INVALID);
220 ZERO_STRUCT(in_context_blobs);
221 status = smb2_create_blob_parse(smb2req, in_context_buffer, &in_context_blobs);
222 if (!NT_STATUS_IS_OK(status)) {
223 return smbd_smb2_request_error(smb2req, status);
226 tsubreq = smbd_smb2_create_send(smb2req,
227 smb2req->sconn->ev_ctx,
230 in_impersonation_level,
234 in_create_disposition,
238 if (tsubreq == NULL) {
239 smb2req->subreq = NULL;
240 return smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
242 tevent_req_set_callback(tsubreq, smbd_smb2_request_create_done, smb2req);
245 * For now we keep the logic that we do not send STATUS_PENDING
246 * for sharing violations, so we just wait 2 seconds.
248 * TODO: we need more tests for this.
250 return smbd_smb2_request_pending_queue(smb2req, tsubreq, 2000000);
253 static uint64_t get_mid_from_smb2req(struct smbd_smb2_request *smb2req)
255 uint8_t *reqhdr = SMBD_SMB2_OUT_HDR_PTR(smb2req);
256 return BVAL(reqhdr, SMB2_HDR_MESSAGE_ID);
259 static void smbd_smb2_request_create_done(struct tevent_req *tsubreq)
261 struct smbd_smb2_request *smb2req = tevent_req_callback_data(tsubreq,
262 struct smbd_smb2_request);
265 uint8_t out_oplock_level = 0;
266 uint32_t out_create_action = 0;
267 NTTIME out_creation_time = 0;
268 NTTIME out_last_access_time = 0;
269 NTTIME out_last_write_time = 0;
270 NTTIME out_change_time = 0;
271 uint64_t out_allocation_size = 0;
272 uint64_t out_end_of_file = 0;
273 uint32_t out_file_attributes = 0;
274 uint64_t out_file_id_persistent = 0;
275 uint64_t out_file_id_volatile = 0;
276 struct smb2_create_blobs out_context_blobs;
277 DATA_BLOB out_context_buffer;
278 uint16_t out_context_buffer_offset = 0;
280 NTSTATUS error; /* transport error */
282 status = smbd_smb2_create_recv(tsubreq,
287 &out_last_access_time,
288 &out_last_write_time,
290 &out_allocation_size,
292 &out_file_attributes,
293 &out_file_id_persistent,
294 &out_file_id_volatile,
296 if (!NT_STATUS_IS_OK(status)) {
297 error = smbd_smb2_request_error(smb2req, status);
298 if (!NT_STATUS_IS_OK(error)) {
299 smbd_server_connection_terminate(smb2req->sconn,
306 status = smb2_create_blob_push(smb2req, &out_context_buffer, out_context_blobs);
307 if (!NT_STATUS_IS_OK(status)) {
308 error = smbd_smb2_request_error(smb2req, status);
309 if (!NT_STATUS_IS_OK(error)) {
310 smbd_server_connection_terminate(smb2req->sconn,
317 if (out_context_buffer.length > 0) {
318 out_context_buffer_offset = SMB2_HDR_BODY + 0x58;
321 outbody = data_blob_talloc(smb2req->out.vector, NULL, 0x58);
322 if (outbody.data == NULL) {
323 error = smbd_smb2_request_error(smb2req, NT_STATUS_NO_MEMORY);
324 if (!NT_STATUS_IS_OK(error)) {
325 smbd_server_connection_terminate(smb2req->sconn,
332 SSVAL(outbody.data, 0x00, 0x58 + 1); /* struct size */
333 SCVAL(outbody.data, 0x02,
334 out_oplock_level); /* oplock level */
335 SCVAL(outbody.data, 0x03, 0); /* reserved */
336 SIVAL(outbody.data, 0x04,
337 out_create_action); /* create action */
338 SBVAL(outbody.data, 0x08,
339 out_creation_time); /* creation time */
340 SBVAL(outbody.data, 0x10,
341 out_last_access_time); /* last access time */
342 SBVAL(outbody.data, 0x18,
343 out_last_write_time); /* last write time */
344 SBVAL(outbody.data, 0x20,
345 out_change_time); /* change time */
346 SBVAL(outbody.data, 0x28,
347 out_allocation_size); /* allocation size */
348 SBVAL(outbody.data, 0x30,
349 out_end_of_file); /* end of file */
350 SIVAL(outbody.data, 0x38,
351 out_file_attributes); /* file attributes */
352 SIVAL(outbody.data, 0x3C, 0); /* reserved */
353 SBVAL(outbody.data, 0x40,
354 out_file_id_persistent); /* file id (persistent) */
355 SBVAL(outbody.data, 0x48,
356 out_file_id_volatile); /* file id (volatile) */
357 SIVAL(outbody.data, 0x50,
358 out_context_buffer_offset); /* create contexts offset */
359 SIVAL(outbody.data, 0x54,
360 out_context_buffer.length); /* create contexts length */
362 outdyn = out_context_buffer;
364 error = smbd_smb2_request_done(smb2req, outbody, &outdyn);
365 if (!NT_STATUS_IS_OK(error)) {
366 smbd_server_connection_terminate(smb2req->sconn,
372 struct smbd_smb2_create_state {
373 struct smbd_smb2_request *smb2req;
374 struct smb_request *smb1req;
375 bool open_was_deferred;
376 struct tevent_timer *te;
377 struct tevent_immediate *im;
378 struct timeval request_time;
380 DATA_BLOB private_data;
381 uint8_t out_oplock_level;
382 uint32_t out_create_action;
383 NTTIME out_creation_time;
384 NTTIME out_last_access_time;
385 NTTIME out_last_write_time;
386 NTTIME out_change_time;
387 uint64_t out_allocation_size;
388 uint64_t out_end_of_file;
389 uint32_t out_file_attributes;
390 uint64_t out_file_id_persistent;
391 uint64_t out_file_id_volatile;
392 struct smb2_create_blobs out_context_blobs;
395 static struct tevent_req *smbd_smb2_create_send(TALLOC_CTX *mem_ctx,
396 struct tevent_context *ev,
397 struct smbd_smb2_request *smb2req,
398 uint8_t in_oplock_level,
399 uint32_t in_impersonation_level,
400 uint32_t in_desired_access,
401 uint32_t in_file_attributes,
402 uint32_t in_share_access,
403 uint32_t in_create_disposition,
404 uint32_t in_create_options,
406 struct smb2_create_blobs in_context_blobs)
408 struct tevent_req *req = NULL;
409 struct smbd_smb2_create_state *state = NULL;
411 struct smb_request *smb1req = NULL;
412 files_struct *result = NULL;
414 struct timespec write_time_ts;
415 struct smb2_create_blobs out_context_blobs;
416 int requested_oplock_level;
417 struct smb2_create_blob *dhnc = NULL;
418 struct smb2_create_blob *dh2c = NULL;
419 struct smb2_create_blob *dhnq = NULL;
420 struct smb2_create_blob *dh2q = NULL;
421 struct smbXsrv_open *op = NULL;
423 ZERO_STRUCT(out_context_blobs);
425 if(lp_fake_oplocks(SNUM(smb2req->tcon->compat))) {
426 requested_oplock_level = SMB2_OPLOCK_LEVEL_NONE;
428 requested_oplock_level = in_oplock_level;
432 if (smb2req->subreq == NULL) {
433 /* New create call. */
434 req = tevent_req_create(mem_ctx, &state,
435 struct smbd_smb2_create_state);
439 state->smb2req = smb2req;
441 smb1req = smbd_smb2_fake_smb_request(smb2req);
442 if (tevent_req_nomem(smb1req, req)) {
443 return tevent_req_post(req, ev);
445 state->smb1req = smb1req;
446 smb2req->subreq = req;
447 DEBUG(10,("smbd_smb2_create: name[%s]\n",
450 /* Re-entrant create call. */
451 req = smb2req->subreq;
452 state = tevent_req_data(req,
453 struct smbd_smb2_create_state);
454 smb1req = state->smb1req;
455 DEBUG(10,("smbd_smb2_create_send: reentrant for file %s\n",
459 dhnq = smb2_create_blob_find(&in_context_blobs,
460 SMB2_CREATE_TAG_DHNQ);
461 dhnc = smb2_create_blob_find(&in_context_blobs,
462 SMB2_CREATE_TAG_DHNC);
463 dh2q = smb2_create_blob_find(&in_context_blobs,
464 SMB2_CREATE_TAG_DH2Q);
465 dh2c = smb2_create_blob_find(&in_context_blobs,
466 SMB2_CREATE_TAG_DH2C);
468 if ((dhnc && dh2c) || (dhnc && dh2q) || (dh2c && dhnq) ||
471 /* not both are allowed at the same time */
472 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
473 return tevent_req_post(req, ev);
477 uint32_t num_blobs_allowed;
479 if (dhnc->data.length != 16) {
480 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
481 return tevent_req_post(req, ev);
485 * According to MS-SMB2: 3.3.5.9.7, "Handling the
486 * SMB2_CREATE_DURABLE_HANDLE_RECONNECT Create Context",
487 * we should ignore an additional dhnq blob, but fail
488 * the request (with status OBJECT_NAME_NOT_FOUND) if
489 * any other extra create blob has been provided.
491 * (Note that the cases of an additional dh2q or dh2c blob
492 * which require a different error code, have been treated
496 * This is only true for the oplock case:
497 * For leases, lease request is required additionally.
501 num_blobs_allowed = 2;
503 num_blobs_allowed = 1;
506 if (in_context_blobs.num_blobs != num_blobs_allowed) {
507 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
508 return tevent_req_post(req, ev);
513 uint32_t num_blobs_allowed;
515 if (dh2c->data.length != 36) {
516 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
517 return tevent_req_post(req, ev);
521 * According to MS-SMB2: 3.3.5.9.12, "Handling the
522 * SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 Create Context",
523 * we should fail the request with status
524 * OBJECT_NAME_NOT_FOUND if any other create blob has been
527 * (Note that the cases of an additional dhnq, dhnc or dh2q
528 * blob which require a different error code, have been
532 * This is only true for the oplock case:
533 * For leases, lease request is required additionally!
536 num_blobs_allowed = 1;
538 if (in_context_blobs.num_blobs != num_blobs_allowed) {
539 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
540 return tevent_req_post(req, ev);
544 if (IS_IPC(smb1req->conn)) {
545 const char *pipe_name = in_name;
548 /* durable handles are not supported on IPC$ */
549 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
550 return tevent_req_post(req, ev);
553 if (!lp_nt_pipe_support()) {
554 tevent_req_nterror(req, NT_STATUS_ACCESS_DENIED);
555 return tevent_req_post(req, ev);
558 status = open_np_file(smb1req, pipe_name, &result);
559 if (!NT_STATUS_IS_OK(status)) {
560 tevent_req_nterror(req, status);
561 return tevent_req_post(req, ev);
563 info = FILE_WAS_OPENED;
564 } else if (CAN_PRINT(smb1req->conn)) {
566 /* durable handles are not supported on printers */
567 tevent_req_nterror(req, NT_STATUS_OBJECT_NAME_NOT_FOUND);
568 return tevent_req_post(req, ev);
571 status = file_new(smb1req, smb1req->conn, &result);
572 if(!NT_STATUS_IS_OK(status)) {
573 tevent_req_nterror(req, status);
574 return tevent_req_post(req, ev);
577 status = print_spool_open(result, in_name,
579 if (!NT_STATUS_IS_OK(status)) {
580 file_free(smb1req, result);
581 tevent_req_nterror(req, status);
582 return tevent_req_post(req, ev);
584 info = FILE_WAS_CREATED;
587 struct smb2_create_blob *exta = NULL;
588 struct ea_list *ea_list = NULL;
589 struct smb2_create_blob *mxac = NULL;
590 NTTIME max_access_time = 0;
591 struct smb2_create_blob *secd = NULL;
592 struct security_descriptor *sec_desc = NULL;
593 struct smb2_create_blob *alsi = NULL;
594 uint64_t allocation_size = 0;
595 struct smb2_create_blob *twrp = NULL;
596 struct smb2_create_blob *qfid = NULL;
597 struct GUID _create_guid = GUID_zero();
598 struct GUID *create_guid = NULL;
599 bool update_open = false;
600 bool durable_requested = false;
601 uint32_t durable_timeout_msec = 0;
602 bool do_durable_reconnect = false;
603 uint64_t persistent_id = 0;
605 exta = smb2_create_blob_find(&in_context_blobs,
606 SMB2_CREATE_TAG_EXTA);
607 mxac = smb2_create_blob_find(&in_context_blobs,
608 SMB2_CREATE_TAG_MXAC);
609 secd = smb2_create_blob_find(&in_context_blobs,
610 SMB2_CREATE_TAG_SECD);
611 alsi = smb2_create_blob_find(&in_context_blobs,
612 SMB2_CREATE_TAG_ALSI);
613 twrp = smb2_create_blob_find(&in_context_blobs,
614 SMB2_CREATE_TAG_TWRP);
615 qfid = smb2_create_blob_find(&in_context_blobs,
616 SMB2_CREATE_TAG_QFID);
618 fname = talloc_strdup(state, in_name);
619 if (tevent_req_nomem(fname, req)) {
620 return tevent_req_post(req, ev);
624 ea_list = read_nttrans_ea_list(mem_ctx,
625 (const char *)exta->data.data, exta->data.length);
627 DEBUG(10,("smbd_smb2_create_send: read_ea_name_list failed.\n"));
628 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
629 return tevent_req_post(req, ev);
632 if (ea_list_has_invalid_name(ea_list)) {
633 tevent_req_nterror(req, STATUS_INVALID_EA_NAME);
634 return tevent_req_post(req, ev);
639 if (mxac->data.length == 0) {
641 } else if (mxac->data.length == 8) {
642 max_access_time = BVAL(mxac->data.data, 0);
644 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
645 return tevent_req_post(req, ev);
650 enum ndr_err_code ndr_err;
652 sec_desc = talloc_zero(state, struct security_descriptor);
653 if (tevent_req_nomem(sec_desc, req)) {
654 return tevent_req_post(req, ev);
657 ndr_err = ndr_pull_struct_blob(&secd->data,
659 (ndr_pull_flags_fn_t)ndr_pull_security_descriptor);
660 if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
661 DEBUG(2,("ndr_pull_security_descriptor failed: %s\n",
662 ndr_errstr(ndr_err)));
663 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
664 return tevent_req_post(req, ev);
669 if (dhnq->data.length != 16) {
670 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
671 return tevent_req_post(req, ev);
675 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
676 return tevent_req_post(req, ev);
680 * durable handle request is processed below.
682 durable_requested = true;
684 * Set the timeout to 16 mins.
686 * TODO: test this against Windows 2012
687 * as the default for durable v2 is 1 min.
689 durable_timeout_msec = (16*60*1000);
693 const uint8_t *p = dh2q->data.data;
694 uint32_t durable_v2_timeout = 0;
695 DATA_BLOB create_guid_blob;
697 if (dh2q->data.length != 32) {
698 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
699 return tevent_req_post(req, ev);
703 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
704 return tevent_req_post(req, ev);
707 durable_v2_timeout = IVAL(p, 0);
708 create_guid_blob = data_blob_const(p + 16, 16);
710 status = GUID_from_ndr_blob(&create_guid_blob,
712 if (tevent_req_nterror(req, status)) {
713 return tevent_req_post(req, ev);
715 create_guid = &_create_guid;
717 * we need to store the create_guid later
722 * durable handle v2 request processed below
724 durable_requested = true;
725 durable_timeout_msec = durable_v2_timeout;
726 if (durable_timeout_msec == 0) {
728 * Set the timeout to 1 min as default.
730 * This matches Windows 2012.
732 durable_timeout_msec = (60*1000);
737 persistent_id = BVAL(dhnc->data.data, 0);
739 do_durable_reconnect = true;
743 const uint8_t *p = dh2c->data.data;
744 DATA_BLOB create_guid_blob;
746 persistent_id = BVAL(p, 0);
747 create_guid_blob = data_blob_const(p + 16, 16);
749 status = GUID_from_ndr_blob(&create_guid_blob,
751 if (tevent_req_nterror(req, status)) {
752 return tevent_req_post(req, ev);
754 create_guid = &_create_guid;
756 do_durable_reconnect = true;
760 if (alsi->data.length != 8) {
761 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
762 return tevent_req_post(req, ev);
764 allocation_size = BVAL(alsi->data.data, 0);
772 if (twrp->data.length != 8) {
773 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
774 return tevent_req_post(req, ev);
777 nttime = BVAL(twrp->data.data, 0);
778 t = nt_time_to_unix(nttime);
782 fname = talloc_asprintf(state,
783 "@GMT-%04u.%02u.%02u-%02u.%02u.%02u\\%s",
791 if (tevent_req_nomem(fname, req)) {
792 return tevent_req_post(req, ev);
797 if (qfid->data.length != 0) {
798 tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER);
799 return tevent_req_post(req, ev);
803 /* these are ignored for SMB2 */
804 in_create_options &= ~(0x10);/* NTCREATEX_OPTIONS_SYNC_ALERT */
805 in_create_options &= ~(0x20);/* NTCREATEX_OPTIONS_ASYNC_ALERT */
807 in_file_attributes &= ~FILE_FLAG_POSIX_SEMANTICS;
809 DEBUG(10, ("smbd_smb2_create_send: open execution phase\n"));
812 * For the backend file open procedure, there are
813 * two possible modes: durable_reconnect or not.
815 if (do_durable_reconnect) {
816 DATA_BLOB new_cookie = data_blob_null;
817 NTTIME now = timeval_to_nttime(&smb2req->request_time);
819 status = smb2srv_open_recreate(smb2req->sconn->conn,
820 smb1req->conn->session_info,
821 persistent_id, create_guid,
823 if (!NT_STATUS_IS_OK(status)) {
824 DEBUG(3, ("smbd_smb2_create_send: "
825 "smb2srv_open_recreate failed: %s\n",
827 tevent_req_nterror(req, status);
828 return tevent_req_post(req, ev);
831 DEBUG(10, ("smb2_create_send: %s to recreate the "
832 "smb2srv_open struct for a durable handle.\n",
833 op->global->durable ? "succeded" : "failed"));
835 if (!op->global->durable) {
837 tevent_req_nterror(req,
838 NT_STATUS_OBJECT_NAME_NOT_FOUND);
839 return tevent_req_post(req, ev);
842 status = SMB_VFS_DURABLE_RECONNECT(smb1req->conn,
844 op, /* smbXsrv_open input */
845 op->global->backend_cookie,
847 &result, &new_cookie);
848 if (!NT_STATUS_IS_OK(status)) {
849 NTSTATUS return_status;
851 return_status = NT_STATUS_OBJECT_NAME_NOT_FOUND;
853 DEBUG(3, ("smbd_smb2_create_send: "
854 "durable_reconnect failed: %s => %s\n",
856 nt_errstr(return_status)));
858 tevent_req_nterror(req, return_status);
859 return tevent_req_post(req, ev);
862 data_blob_free(&op->global->backend_cookie);
863 op->global->backend_cookie = new_cookie;
865 op->status = NT_STATUS_OK;
866 op->global->disconnect_time = 0;
868 /* save the timout for later update */
869 durable_timeout_msec = op->global->durable_timeout_msec;
873 info = FILE_WAS_OPENED;
875 struct smb_filename *smb_fname = NULL;
878 * For a DFS path the function parse_dfs_path()
879 * will do the path processing.
882 if (!(smb1req->flags2 & FLAGS2_DFS_PATHNAMES)) {
883 /* convert '\\' into '/' */
884 status = check_path_syntax(fname);
885 if (!NT_STATUS_IS_OK(status)) {
886 tevent_req_nterror(req, status);
887 return tevent_req_post(req, ev);
891 status = filename_convert(req,
893 smb1req->flags2 & FLAGS2_DFS_PATHNAMES,
895 (in_create_disposition == FILE_CREATE) ?
896 UCF_CREATING_FILE : 0,
897 NULL, /* ppath_contains_wcards */
899 if (!NT_STATUS_IS_OK(status)) {
900 tevent_req_nterror(req, status);
901 return tevent_req_post(req, ev);
904 status = SMB_VFS_CREATE_FILE(smb1req->conn,
906 0, /* root_dir_fid */
910 in_create_disposition,
913 map_smb2_oplock_levels_to_samba(requested_oplock_level),
915 0, /* private_flags */
920 if (!NT_STATUS_IS_OK(status)) {
921 if (open_was_deferred(smb1req->sconn, smb1req->mid)) {
924 tevent_req_nterror(req, status);
925 return tevent_req_post(req, ev);
931 * here we have op == result->op
934 DEBUG(10, ("smbd_smb2_create_send: "
935 "response construction phase\n"));
938 NTTIME last_write_time;
940 unix_timespec_to_nt_time(&last_write_time,
941 result->fsp_name->st.st_ex_mtime);
942 if (last_write_time != max_access_time) {
944 uint32_t max_access_granted;
945 DATA_BLOB blob = data_blob_const(p, sizeof(p));
947 status = smbd_calculate_access_mask(smb1req->conn,
950 SEC_FLAG_MAXIMUM_ALLOWED,
951 &max_access_granted);
953 SIVAL(p, 0, NT_STATUS_V(status));
954 SIVAL(p, 4, max_access_granted);
956 status = smb2_create_blob_add(state,
958 SMB2_CREATE_TAG_MXAC,
960 if (!NT_STATUS_IS_OK(status)) {
961 tevent_req_nterror(req, status);
962 return tevent_req_post(req, ev);
967 if (durable_requested &&
968 BATCH_OPLOCK_TYPE(result->oplock_type))
970 status = SMB_VFS_DURABLE_COOKIE(result,
972 &op->global->backend_cookie);
973 if (!NT_STATUS_IS_OK(status)) {
974 op->global->backend_cookie = data_blob_null;
977 if (op->global->backend_cookie.length > 0) {
980 op->global->durable = true;
981 op->global->durable_timeout_msec = durable_timeout_msec;
985 op->global->create_guid = _create_guid;
987 status = smbXsrv_open_update(op);
988 DEBUG(10, ("smb2_create_send: smbXsrv_open_update "
991 if (!NT_STATUS_IS_OK(status)) {
992 tevent_req_nterror(req, status);
993 return tevent_req_post(req, ev);
997 if (dhnq && op->global->durable) {
998 uint8_t p[8] = { 0, };
999 DATA_BLOB blob = data_blob_const(p, sizeof(p));
1001 status = smb2_create_blob_add(state,
1003 SMB2_CREATE_TAG_DHNQ,
1005 if (!NT_STATUS_IS_OK(status)) {
1006 tevent_req_nterror(req, status);
1007 return tevent_req_post(req, ev);
1011 if (dh2q && op->global->durable) {
1012 uint8_t p[8] = { 0, };
1013 DATA_BLOB blob = data_blob_const(p, sizeof(p));
1014 uint32_t durable_v2_response_flags = 0;
1016 SIVAL(p, 0, op->global->durable_timeout_msec);
1017 SIVAL(p, 4, durable_v2_response_flags);
1019 status = smb2_create_blob_add(state, &out_context_blobs,
1020 SMB2_CREATE_TAG_DH2Q,
1022 if (!NT_STATUS_IS_OK(status)) {
1023 tevent_req_nterror(req, status);
1024 return tevent_req_post(req, ev);
1030 uint64_t file_index = get_FileIndex(result->conn,
1031 &result->fsp_name->st);
1032 DATA_BLOB blob = data_blob_const(p, sizeof(p));
1036 /* From conversations with Microsoft engineers at
1037 the MS plugfest. The first 8 bytes are the "volume index"
1038 == inode, the second 8 bytes are the "volume id",
1039 == dev. This will be updated in the SMB2 doc. */
1040 SBVAL(p, 0, file_index);
1041 SIVAL(p, 8, result->fsp_name->st.st_ex_dev);/* FileIndexHigh */
1043 status = smb2_create_blob_add(state, &out_context_blobs,
1044 SMB2_CREATE_TAG_QFID,
1046 if (!NT_STATUS_IS_OK(status)) {
1047 tevent_req_nterror(req, status);
1048 return tevent_req_post(req, ev);
1053 smb2req->compat_chain_fsp = smb1req->chain_fsp;
1055 if(lp_fake_oplocks(SNUM(smb2req->tcon->compat))) {
1056 state->out_oplock_level = in_oplock_level;
1058 state->out_oplock_level = map_samba_oplock_levels_to_smb2(result->oplock_type);
1061 if ((in_create_disposition == FILE_SUPERSEDE)
1062 && (info == FILE_WAS_OVERWRITTEN)) {
1063 state->out_create_action = FILE_WAS_SUPERSEDED;
1065 state->out_create_action = info;
1067 state->out_file_attributes = dos_mode(result->conn,
1069 /* Deal with other possible opens having a modified
1071 ZERO_STRUCT(write_time_ts);
1072 get_file_infos(result->file_id, 0, NULL, &write_time_ts);
1073 if (!null_timespec(write_time_ts)) {
1074 update_stat_ex_mtime(&result->fsp_name->st, write_time_ts);
1077 unix_timespec_to_nt_time(&state->out_creation_time,
1078 get_create_timespec(smb1req->conn, result,
1080 unix_timespec_to_nt_time(&state->out_last_access_time,
1081 result->fsp_name->st.st_ex_atime);
1082 unix_timespec_to_nt_time(&state->out_last_write_time,
1083 result->fsp_name->st.st_ex_mtime);
1084 unix_timespec_to_nt_time(&state->out_change_time,
1085 get_change_timespec(smb1req->conn, result,
1087 state->out_allocation_size =
1088 SMB_VFS_GET_ALLOC_SIZE(smb1req->conn, result,
1089 &(result->fsp_name->st));
1090 state->out_end_of_file = result->fsp_name->st.st_ex_size;
1091 if (state->out_file_attributes == 0) {
1092 state->out_file_attributes = FILE_ATTRIBUTE_NORMAL;
1094 state->out_file_id_persistent = result->op->global->open_persistent_id;
1095 state->out_file_id_volatile = result->op->global->open_volatile_id;
1096 state->out_context_blobs = out_context_blobs;
1098 DEBUG(10,("smbd_smb2_create_send: %s - %s\n",
1099 fsp_str_dbg(result), fsp_fnum_dbg(result)));
1101 tevent_req_done(req);
1102 return tevent_req_post(req, ev);
1105 static NTSTATUS smbd_smb2_create_recv(struct tevent_req *req,
1106 TALLOC_CTX *mem_ctx,
1107 uint8_t *out_oplock_level,
1108 uint32_t *out_create_action,
1109 NTTIME *out_creation_time,
1110 NTTIME *out_last_access_time,
1111 NTTIME *out_last_write_time,
1112 NTTIME *out_change_time,
1113 uint64_t *out_allocation_size,
1114 uint64_t *out_end_of_file,
1115 uint32_t *out_file_attributes,
1116 uint64_t *out_file_id_persistent,
1117 uint64_t *out_file_id_volatile,
1118 struct smb2_create_blobs *out_context_blobs)
1121 struct smbd_smb2_create_state *state = tevent_req_data(req,
1122 struct smbd_smb2_create_state);
1124 if (tevent_req_is_nterror(req, &status)) {
1125 tevent_req_received(req);
1129 *out_oplock_level = state->out_oplock_level;
1130 *out_create_action = state->out_create_action;
1131 *out_creation_time = state->out_creation_time;
1132 *out_last_access_time = state->out_last_access_time;
1133 *out_last_write_time = state->out_last_write_time;
1134 *out_change_time = state->out_change_time;
1135 *out_allocation_size = state->out_allocation_size;
1136 *out_end_of_file = state->out_end_of_file;
1137 *out_file_attributes = state->out_file_attributes;
1138 *out_file_id_persistent = state->out_file_id_persistent;
1139 *out_file_id_volatile = state->out_file_id_volatile;
1140 *out_context_blobs = state->out_context_blobs;
1142 talloc_steal(mem_ctx, state->out_context_blobs.blobs);
1144 tevent_req_received(req);
1145 return NT_STATUS_OK;
1148 /*********************************************************
1149 Code for dealing with deferred opens.
1150 *********************************************************/
1152 bool get_deferred_open_message_state_smb2(struct smbd_smb2_request *smb2req,
1153 struct timeval *p_request_time,
1156 struct smbd_smb2_create_state *state = NULL;
1157 struct tevent_req *req = NULL;
1162 req = smb2req->subreq;
1166 state = tevent_req_data(req, struct smbd_smb2_create_state);
1170 if (!state->open_was_deferred) {
1173 if (p_request_time) {
1174 *p_request_time = state->request_time;
1177 *pp_state = (void *)state->private_data.data;
1182 /*********************************************************
1183 Re-process this call early - requested by message or
1185 *********************************************************/
1187 static struct smbd_smb2_request *find_open_smb2req(
1188 struct smbd_server_connection *sconn, uint64_t mid)
1190 struct smbd_smb2_request *smb2req;
1192 for (smb2req = sconn->smb2.requests; smb2req; smb2req = smb2req->next) {
1193 uint64_t message_id;
1194 if (smb2req->subreq == NULL) {
1195 /* This message has been processed. */
1198 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1199 /* This message has been processed. */
1202 message_id = get_mid_from_smb2req(smb2req);
1203 if (message_id == mid) {
1210 bool open_was_deferred_smb2(struct smbd_server_connection *sconn, uint64_t mid)
1212 struct smbd_smb2_create_state *state = NULL;
1213 struct smbd_smb2_request *smb2req;
1215 smb2req = find_open_smb2req(sconn, mid);
1218 DEBUG(10,("open_was_deferred_smb2: mid %llu smb2req == NULL\n",
1219 (unsigned long long)mid));
1222 if (!smb2req->subreq) {
1225 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1228 state = tevent_req_data(smb2req->subreq,
1229 struct smbd_smb2_create_state);
1233 /* It's not in progress if there's no timeout event. */
1234 if (!state->open_was_deferred) {
1238 DEBUG(10,("open_was_deferred_smb2: mid = %llu\n",
1239 (unsigned long long)mid));
1244 static void remove_deferred_open_message_smb2_internal(struct smbd_smb2_request *smb2req,
1247 struct smbd_smb2_create_state *state = NULL;
1249 if (!smb2req->subreq) {
1252 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1255 state = tevent_req_data(smb2req->subreq,
1256 struct smbd_smb2_create_state);
1261 DEBUG(10,("remove_deferred_open_message_smb2_internal: "
1263 (unsigned long long)mid ));
1265 state->open_was_deferred = false;
1266 /* Ensure we don't have any outstanding timer event. */
1267 TALLOC_FREE(state->te);
1268 /* Ensure we don't have any outstanding immediate event. */
1269 TALLOC_FREE(state->im);
1272 void remove_deferred_open_message_smb2(
1273 struct smbd_server_connection *sconn, uint64_t mid)
1275 struct smbd_smb2_request *smb2req;
1277 smb2req = find_open_smb2req(sconn, mid);
1280 DEBUG(10,("remove_deferred_open_message_smb2: "
1281 "can't find mid %llu\n",
1282 (unsigned long long)mid ));
1285 remove_deferred_open_message_smb2_internal(smb2req, mid);
1288 static void smbd_smb2_create_request_dispatch_immediate(struct tevent_context *ctx,
1289 struct tevent_immediate *im,
1292 struct smbd_smb2_request *smb2req = talloc_get_type_abort(private_data,
1293 struct smbd_smb2_request);
1294 struct smbd_server_connection *sconn = smb2req->sconn;
1295 uint64_t mid = get_mid_from_smb2req(smb2req);
1298 DEBUG(10,("smbd_smb2_create_request_dispatch_immediate: "
1299 "re-dispatching mid %llu\n",
1300 (unsigned long long)mid ));
1302 status = smbd_smb2_request_dispatch(smb2req);
1303 if (!NT_STATUS_IS_OK(status)) {
1304 smbd_server_connection_terminate(sconn, nt_errstr(status));
1309 bool schedule_deferred_open_message_smb2(
1310 struct smbd_server_connection *sconn, uint64_t mid)
1312 struct smbd_smb2_create_state *state = NULL;
1313 struct smbd_smb2_request *smb2req;
1315 smb2req = find_open_smb2req(sconn, mid);
1318 DEBUG(10,("schedule_deferred_open_message_smb2: "
1319 "can't find mid %llu\n",
1320 (unsigned long long)mid ));
1323 if (!smb2req->subreq) {
1326 if (!tevent_req_is_in_progress(smb2req->subreq)) {
1329 state = tevent_req_data(smb2req->subreq,
1330 struct smbd_smb2_create_state);
1335 /* Ensure we don't have any outstanding timer event. */
1336 TALLOC_FREE(state->te);
1337 /* Ensure we don't have any outstanding immediate event. */
1338 TALLOC_FREE(state->im);
1341 * This is subtle. We must null out the callback
1342 * before rescheduling, else the first call to
1343 * tevent_req_nterror() causes the _receive()
1344 * function to be called, this causing tevent_req_post()
1347 tevent_req_set_callback(smb2req->subreq, NULL, NULL);
1349 state->im = tevent_create_immediate(smb2req);
1351 smbd_server_connection_terminate(smb2req->sconn,
1352 nt_errstr(NT_STATUS_NO_MEMORY));
1356 DEBUG(10,("schedule_deferred_open_message_smb2: "
1357 "re-processing mid %llu\n",
1358 (unsigned long long)mid ));
1360 tevent_schedule_immediate(state->im,
1361 smb2req->sconn->ev_ctx,
1362 smbd_smb2_create_request_dispatch_immediate,
1368 static bool smbd_smb2_create_cancel(struct tevent_req *req)
1370 struct smbd_smb2_request *smb2req = NULL;
1371 struct smbd_smb2_create_state *state = tevent_req_data(req,
1372 struct smbd_smb2_create_state);
1379 if (!state->smb2req) {
1383 smb2req = state->smb2req;
1384 mid = get_mid_from_smb2req(smb2req);
1386 if (is_deferred_open_async(state->private_data.data)) {
1387 /* Can't cancel an async create. */
1391 remove_deferred_open_message_smb2_internal(smb2req, mid);
1393 tevent_req_defer_callback(req, smb2req->sconn->ev_ctx);
1394 tevent_req_nterror(req, NT_STATUS_CANCELLED);
1398 bool push_deferred_open_message_smb2(struct smbd_smb2_request *smb2req,
1399 struct timeval request_time,
1400 struct timeval timeout,
1405 struct tevent_req *req = NULL;
1406 struct smbd_smb2_create_state *state = NULL;
1407 struct timeval end_time;
1412 req = smb2req->subreq;
1416 state = tevent_req_data(req, struct smbd_smb2_create_state);
1421 state->request_time = request_time;
1422 state->private_data = data_blob_talloc(state, private_data,
1424 if (!state->private_data.data) {
1428 /* Re-schedule us to retry on timer expiry. */
1429 end_time = timeval_sum(&request_time, &timeout);
1431 DEBUG(10,("push_deferred_open_message_smb2: "
1433 timeval_string(talloc_tos(),
1437 state->open_was_deferred = true;
1439 /* allow this request to be canceled */
1440 tevent_req_set_cancel_fn(req, smbd_smb2_create_cancel);
git.samba.org / mat / samba.git / blob